mirror of
git://git.yoctoproject.org/meta-virtualization.git
synced 2025-07-19 20:59:41 +02:00
eb1f9b1e1f
1898 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Bruce Ashfield
|
773fd5a023 |
podman: update to 3.x release series
Bumping to the 3.x release series, to pickup new functionality for the release. As part of this update we drop the build of iopodman.go, since varlink support has been dropped in favour of a ReST API. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
e2bba8633e |
runc/config: add seccomp distro feature
When using podman (or other seccomp enabled container runtimes), you will get an OCI container startup error if runc hasn't been built with seccomp. Adding a distro feature to runc and to the README to make it easier to coordinate the support. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
da32b79488 |
cni: update to 0.8.0
The following CNI commits are part of this update:
e32b586 remove build badges from homepage
296290a Switch from Travis to GH Actions
a199e6a go fmt
ada6726 tighten up plugin-finding logic
eec3755 Add "alias" to conventions
867451c Fix typo in pkg/types/internal/convert.go
679ed9d Fix typo in CONVENTIONS.md
6d8228e maintainers: fix typo
e781c94 types: remove SupportedVersions
7555ca3 spec: bump to 1.0.0-pre-release and remove 'version' from Result addresses
6823eba tests: small cleanup and removal of one useless testcase
3805b13 types: add 1.0.0
0050bfa types: implement convert module and make types use it
90311ea Bump release build Go version to 1.14
f9b5c9b Add security reporting info
e5c65a5 Revert formatting of error codes
65bf688 Travis: bump go versions
a7cceb9 add go.mod
93a7425 testhelpers: clean up how we build against old libcni targets
c78d465 Replace 2019 conference announcement with links to the recordings
fc1de42 Sync contact methods in README and CONTRIBUTING
c815aca Update the SPEC, CODE-OF-CONDUCT, CONTRIBUTING, RELEASING with minor formatting changes and linting updates.
17a6379 Update README.md
956c943 adding OVN4NFV-K8s-Plugin as 3rd party plugin
e2a7366 Retry exec commands on text file busy
76b18ea Typo fixes for infiniband GUID
44dabed invoke: capture and return stderr if plugin exits unexpectedly
279bc6c Add DeviceID attribute to RuntimeConfig
fdcc7b1 test: allow specific package testing with PKGS=<x> ./test.sh
ca0082f Add Infiniband GUID to well known Capabilities
38353fa Remove extra ',' chars which makes conflist examples invalid.
134f603 maintainers: remove Stefan per personal request
1435c6b Add Michael Cambria as a CNI maintainer
6b46a03 Update link freenode.org to freenode.net
075e303 Update roadmap for 1.0 plans
0b1c649 Change language identifier to jsonc for json with comments
704c56d Update tests
f208f19 Remove Result.String
cc6e8af pkg/utils: utility package should use black-box testing
025e32f pkg/utils: add utils_test
6f29b01 intercept netplugin std error
777584f Add Kube-OVN to CNI list
e00fa53 appending antrea to the cni list
7815be7 Add Project Antrea in CNI list
f2fa4a3 Add table of contents
b36de6e DOCUMENTATION: Address incomplete instructions in CONTRIBUTING.md
c35ac21 Adding Cisco ACI to CNI plugin list
3eb88ac Add Bruce Ma and Piotr Skarmuk as maintainers
6c6a315 Update README to sunset slack and call out kubecon presentations
b89eff5 Add a note to README about where to find the binaries
4eec648 When the CNI version isn't supplied in config, use default.
eefc069 SPEC: update validation rules for interface name in docs and address some comments
b5188cf spec: fix some typo in docs
c94fcd7 Perfect annotation: Correct word spelling mistakes
7be1ac9 add interface name validation to libcni and skel
9f4a623 utils: add validation function for interface name
2a82881 Bump golang
c0f784d Update cnitool docs
94399d5 add err handling in plugins/test/noop/
d8dfb56 validate containerID and networkName ensure they contain only letters and numbers
e4a11ba libcni: cache file operations require full uniqueness tuple in RuntimeConf
a83f3cb libcni: also cache IfName, network name, and container ID
894863c libcni: fix cache file 'result' key name
f3654f3 skel: remove needless functions and types
3e79703 modify some well-known errors
1318d7c libcni: find plugin in exec
9af40ed libcni: add config caching
722a488 docs: add ips and mac to well-known capabilities and fix some typo
227c438 SPEC: add some well-known error codes
ba034ef testcases: make testcase use suitable error code
4b29940 skel: clean up typed Errors in skel
50192c0 types : add NewError method
0af0477 readme: add Alibaba Cloud CNI plugin 'Terway' to the list
b92d83c bump linux to Bionic 18.04 in Travis and Vagrant
a48337a add missing commas, fix syntax error
5077b14 Add stringifyArgs and parseArgs functions to utils.go
80ad241 libcni: add InitCNIConfigWithCacheDir() and deprecate RuntimeConfig.CacheDir
5dbeae8 clean up : remove useless variable
a03dc28 clean up : fix staticcheck warnings
cbca752 Docs: Small typo fixes in main README.md
As well as the following plugin commits:
fa48f75 ipam/dhcp: Add broadcast flag
74a6b28 vendor: bump libcni
8feef71 add flannel to support dual stack ip
343d233 bandwidth: fix panic in tests
d41acb8 host-device: Add support for DPDK device (#490)
075c5a0 [main/vlan] Fix error handling for delegate IPAM plugin
a8d1f5c dhcp: default dhcp clien timeout is 10s
354def7 vlan: fix error message text by removing ptp references
25fc741 dhcp: daemon dhcp client timeout is configurable
3161bb5 dhcp: timeout value is set in DHCP daemon
ebce6d0 remove unused function
691238c deps: go mod tidy coreos/go-iptables
23a1d90 deps: bump coreos/go-iptables
e13bab9 tuning: revert values on delete (#540)
680c6dd go mod tidy
be19d78 bump to go 1.15
8d52c42 Add ability to trigger retests via comments
3ae85c1 pkg/ns: fix test case to tolerate pids going away.
25704f9 Add github build & test actions
eb31403 bridge: fix testcase to check addresses we care about
336ba52 Remove travis.
b47d178 vendor: bump ginkgo, gover
108c2ae portmap plugin should flush previous udp connections
cccf539 Updating plugin README.md files (#549)
c41c78b update netlink dependencies
50a3aa6 Xdhcp: fix example configuration
98c621a VRF: extend supported version to 0.3.1 too.
b34402a VRF CNI: Add an optional table parameter.
5fc309a Add more tests for the vrf cni plugin.
362f5d6 Update github.com/vishvananda/netlink to v1.1.0
8d0d8a9 Introduce a new VRF CNI meta plugin.
1a7f1bd Travis: run tests on arm64
8a6e96b Replace nc with the local echo client.
3227902 Add an echo client to be used instead of nc.
59baaa1 Bump up the ubuntu version used in CI to bionic.
9ce99d3 flannel: allow input ipam parameters as basis for delegate
08ff3b6 ipvlan: make master config as optional
1ea19f9 Remove extraneous test file in Windows plugin
799d3cb Fix race condition in GetCurrentNS
839d918 lo: CNI_IFNAME is no longer ignored
c50490e cni: bump to 0.8.0
01a8de9 Bump Go version to 1.13 and 1.14
2b6cd54 Add contact info
0214625 Update firewall README.md CNI-ADMIN
813f541 firewall: fix some typos in docs
051452c Update firewall README.md
877602d portmap DEL noop if no portMappings present
2bd04cb firewall: fix generate of admin chain comment
d4775ec Fix handling of delay in acquiring lease with stp turned on
68a80bc Update README.md
5cb3a5e portmap: don't use unspecified address as destination
b9560fd macvlan: set mac address from CNI_ARGS
79192cb host-device: Bring interfaces down before moving.
219eb9e ptp, bridge: disable accept_ra on the host-side interface
02bfece plugins/meta/sbr: Adjusted ipv6 address mask to /128
5e0fbd8 portmap: Apply the DNAT hairpin to the whole subnet
a78853f Support device id in host device plugin (#471)
2d2583e win-bridge: add support for portMappings capability
30776ff check bridge's port state
2a48d68 Reset the route flag before moving the rule
486ef96 [DO NOT REVIEW] vendor upate to remove useless dependencies
8a0e3fe build error utility package to replace juju/errors
112288e Unlock OS thread after netns is restored
c7e2cf7 owners: updates for maintainer changes
53854dd flannel: remove net conf file after DEL succeed
a9b4e04 Make host-device to work with virtio net device
45fd949 ptp: remove some redundant lines
2ff84a4 pkg/ip: use type cast instead of untrusty error message
37207f0 pkg/utils: sysctl package should use black-box testing
d1360b8 loopback: Fix ipv6 address checks
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
5834c7eb11 |
kubernetes: update to latest 1.20-release
Integrating the following k8s commits: 62b808f34d7 Update region_pd e2e test to support PV have GA topology 85fd25ef54c Recover CSI volumes from dangling attachments b81c612b12b IsVolumeAttachedToNode() renamed to GetAttachState(), and returns 3 states instead of combining "uncertain" and "detached" into "false" 5a957b08153 Fixes Attach Detach Controller reconciler race reading ActualStateOfWorld and operation pending states; fixes reconciler_test mock detach to account for multiple attaches on a node 3a83880d442 Fix translation of Cinder storage classess to CSI e1ee8ed5f41 Resolve IP addresses of host-only in filtered dialer a73b4122b3c Deflake ingress updates 570e423af0e ignore cgroup driver check in windows node upgrade c0fc4d4dc38 aggregate errors when putting vmss c8cc26f1523 fix azure file migration issue 8ba5a06139d kubeadm: change the default image repository for CI images from gcr.io/kubernetes-ci-images to gcr.io/k8s-staging-ci-images baa6b2bd066 reduce buckets for etcd_request_duration_seconds 745bdd0016e cleanup subnet in frontend ip configs 3a5c02dbf51 conformance changes b241e6882c0 make hostPort match test linuxonly 20b66e4ec1e Clean up namespaced children of missing virtual parents with incorrectly cluster-scoped nodes 4c1bc2d6b06 Add unit test for child scope mismatch with missing parent 87344c8d52c vendor: update cAdvisor to v0.38.7 8ae140db2b9 Use volumeHandle as PV name when translating EBS inline volume a525ddc8521 Update CHANGELOG/CHANGELOG-1.20.md for v1.20.2 112e823d906 Release commit for Kubernetes v1.20.3-rc.0 faecb196815 Release commit for Kubernetes v1.20.2 7394cae9159 kubectl-convert import known versions 8e44c89eefe Revert "Merge pull request #92817 from kmala/kubelet" 1fc106ac183 fixes nil panic for nil delegated auth options d65732141da Lower the frequency of volume plugin deprecation warning d8a1dfb21f1 move all variables in sampleAndWaterMarkHistograms::innerSet ffed9c3a48c handle webhook authenticator and authorizer error c3e150fada2 use default unkown sock for kubeadm cmd if cri detect is not needed 2d0ffc16769 cherry-pick part of #97451: fix nodeport quota check failure during creating clusterip d0dfecaf038 fix the panic when kubelet registers if a node object already exists with no Status.Capacity or Status.Allocatable 287ca883635 Release reserved GCE IP address after ensure completes. 37e3feac7cb Ensure reproducible builds when build through docker 4d8ac66fce1 Fix cadvisor machine metrics 3c67a0a760b Create OWNERS for most of the API Priority and Fairness impl a1ac5f4894b fix the deadlock in priority and fairness config controller 16559f765ea Cherry pick 443 and 448 from cloud provider azure d8ba4e4af42 Fix bug in CPUManager with race on map acccess 0f764ea81e6 clean up executing request on panic a79db17be1a fix azure file secret not found issue 98dffa75232 fix: azure file latency issue for metadata-heavy workload 0c0d4fea8dd Update CHANGELOG/CHANGELOG-1.20.md for v1.20.1 764cafccc4e Release commit for Kubernetes v1.20.2-rc.0 c4d752765b3 Release commit for Kubernetes v1.20.1 afaa0c6e621 Avoid checking the entire backend service URL for FR equality. 6666afa3317 Revert "Use host IP instead of localhost for control plane component kubeconfig files." 787e3a62cab Add more logging for Mount error 8a224b526c3 etcd version for 1.19 is 3.4.13 for cve fixes 5483a7230d7 Use non privileged ports 0c1a53829dd Flush FibreChannel devices before deleting 34077eedb6c Fix FibreChannel volume plugin corrupting filesystem on detach 416165a0cc6 vendor: update cAdvisor to v0.38.6 2e6a0a0a126 Update CHANGELOG/CHANGELOG-1.20.md for v1.20.0 49eb3a86d5b Revert "iAdd host IP to etcd listen client URLs." f674d4e84d5 fix migration logic d1e54b9922b APF e2e: disable drown-out tests temporarily 7d6ffe0b1a4 Add AcceleratorStats to cri_stats_provider 3321f00ed14 Release commit for Kubernetes v1.20.0-rc.0 Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
e0cd8599f1 |
containerd: remove container-docker and consolidate .inc files
There has been a warning in the containerd-docker recipe for quite some time, which indicates that it will be removed in the future. That time has come and we delete that recipe. It is no longer updated and everyone should be using the opencontainers variant. Now that we don't need the .inc, we delete it and consolidate in the single recipe. We also enable the systemd service by default, since docker is no longer in the picture and starting the daemon/service. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
cd6feb72b8 |
containerd/opencontainers: update to latest 1.4.x SRCREV
This includes the following commits: 232cee448 Update to go 1.15.8 f087d7849 runtime: fix shutdown runc v2 service edffc830b change flag from RDONLY to RDWR and close the fifo correct e7cd2030e pusher: add missing authentication support for requests ec752e8ba docker: avoid concurrent map access panic b73052d34 runtime/v2: should use defer ctx to cleanup 8cff6b375 [release/1.4 backport] Return GRPC not found error instead of plain one a6f6eb00c Add bounds on max oom_score_adj value for AdjustOOMScore Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
1ce10e184f |
runc-docker: update to 1.0.0-rc93
Bumping to the next -rc, which comprises the following commits: 1e0016cf Show error stack trace if --debug is set 5c0342ba libcontainer: fix bad conversion from syscall.Errno to error a9e99b6d ci/gha/fedora: retry vagrant up f26768a8 VERSION: back to development 12644e61 VERSION: release 1.0.0~rc93 c348b982 tests/rootless.sh: fix/ignore shellcheck warnings 11437593 tests/rootless.sh: use set -e -u -o pipefail 5ab05884 ci: untangle getting test images bc175ba4 tests/helpers.bash: rm GOPATH dc025792 ci/gha: bump golangci-lint to v1.36 4d3a8d5e .golangci.yml: add 76ae1f5c libct/cg/fs/freezer: fix freezing race c4bc3b08 Remove "PatchAndLoad" stub as it's not used without seccomp enabled 6ddfaa5e cgroupfs: cpuset: fix broken build ca422896 Makefile: add -trimpath go build flag d89c9629 Fix typo in README b1195b76 ci: test with golang 1.16-rc1 164e0adb tests/int/spec.bats: fix for go 1.16 4160d743 seccomp: add enosys unit tests 8bd19cd5 tests: add seccomp -ENOSYS integration test 7a8d7162 seccomp: prepend -ENOSYS stub to all filters 2be806d1 libcontainer/configs: improve CommandHook unit tests f4d153b0 Fix int overflow in test on 32 bit system 4e98eec1 libct/cg: demote "systemd is too old" to debug c7357aad libct/cg/ebpf/testDeviceFilter: rm verbose logging 6a9f5ac9 libct/cg/fs: fix a linter warning 63c44e27 libct/cg/fs: getPageUsageByNUMA: rewrite/optimize e9248dd5 cgroup: fix panic in parse memory.numa_stat 426aa416 libct/int/TestExecInTTY: skip c30cd3cd libct/int/TestExecInTTY: fix error reporting dac0c1e3 console.ClearONLCR: move it back ab27e12c Implement GetStat for cpuset cgroup. 867ba38e events: simplify some conversion functions 8ce51611 GHA: tune timeouts for VM jobs 510e404e make shfmt: run for all script/* files 90d02ecc Vagrantfile.centos7: clean up after bats install a91210f4 gha: use ssh -tt to have a tty 1f4a3b1e gha: don't check commits on push 4a30ada4 gha: cache docker layers to speed up make runcimage 58c31003 README: rm travis badge a21e57d7 tests/int/hooks.bats: skip earlier 657a24ce libct/cg/TestGetHugePageSizeImpl: only log errors 3394e374 libct/cg/sd/TestRangeToBits: be less verbose 230a46b7 systemd: fix rootful-in-userns regression c751ba3f systemd: show more helpful error a35cad3b libct/cg/sd/v2: warn about old systemd 03b512e5 libc/cg: convert r.CPU.Cpus/Mems to systemd props eee425f5 libct/cg/sd/systemdVersion: don't return error 5de00ad9 tests/int/multi-arch.bash: fix for busybox b3cf4831 script/check-config.sh: fix IOSCHED_CFQ CFQ_GROUP_IOSCHED 1a00cd8f script/check-config.sh: fix MEMCG_SWAP_ENABLED ecb9d73c script/check-config.sh: fix NF_NAT_NEEDED 483abaac script/check-config.sh: fix NF_NAT_IPV4 91eba84a script/check-config.sh: support for cgroupv2 25987d03 libcontainer/intelrdt: adjust the file mode c8e89b8d Remove script/install-vagrant.sh 06a684d6 libct/int/TestExecInTTY: repeat the test 300 times fedaa2ab TestExecInTTY: simplify, improve error reporting 719d70d2 setupIO: simplify code 24c05b71 tty: fix ClearONLCR race 039c47ab libcontainer: signalAllProcesses(): log warning when failing to thaw 18972177 libcontainer: move capabilities to separate package 692fab09 libct/checkProcMounts: optimize 72f46389 libct: add TODO about os.ErrProcessDone d7df3018 libct: suppress bogus "unable to terminate" warnings 637f82d6 runc run: resolve tmpfs mount dest in container scope d64c3afe tests/int/mount.bats: reformat a2c9866e tests/int/mounts.bats: cleanup 9f2153c6 libct/cgroups/fs/cpuset: don't use MkdirAll c85cd2b3 libct/cg/fs/cpuset: don't parse mountinfo c0e14b8b libct/cg/fs.getCgroupRoot: reuse (cached) cgroup mountinfo ed70dfa7 libct/cgroups/v1_utils: implement mountinfo cache 17a0dc31 README: add note about not using runc directly 4bc2aab9 README: add links to misc docs 2dc1bf91 ci: move Fedora 33 and CentOS 7 tests to gha e431fe60 ci: move misc validate tasks from travis to gha 7ecba232 ci: move cross compile check from travis to gha 8ccd39a9 ci: move commit length check from travis to gha 1125ae78 tests/events.bats: unify duplicated code 27268b1a tests/int/cwd: add test case for cwd not owned by runc d869d05a libctr/init_linux: reorder chdir 8bd3b878 test: add case for GH #2086 cb3dd9d8 libct/configs/validate: test for bind-mounted netns 8e8661e1 libct/configs/validate/sysctl: fix repeated netns checks 2dce0699 libct/configs/validate: fix host netns check 2143b368 libct/int/execin_tty: do help debug a flake e709b8ab libctl/cgroups/fscommon: close fd 325a74dd libcontainer/intelrdt: rm init() from intelrdt.go cb269306 remove "selinux" build tag (Always compile SELinux support) 552a1c7b remove "apparmor" build tag (Always compile AppArmor support) 48b8eb09 checkProcMount: add /proc/slabinfo to whitelist 1909051b libct/int/execin_tty: help debug a flake 97929295 libct/intelrdt: fix a staticcheck warning 6437086e libct/addCriu*Mount: fix gosimple warning d0b59548 libct/checkCriuFeatures: fix gosimple linter warning 3de5c514 libct/int: don't hardcode CAP_NET_ADMIN 3387422b libct/int: fix "simple" linter warnings 11680cd2 libct: fix "unused" linter warning a99ecc9e libct/cg/utils: silence a linter warning 3c9b03fd libct/cg/fscommon: log openat2 init failures 6bda4600 libcontainer/cgroups/fscommon: add openat2 support 31b0151f move blkio stat gathering to loop 990a6c57 cgroups: update blkio GetStats be56333f bats: update to 1.2.1 f15c4cca Update umoci to 0.4.6 4344bd8f Dockerfile: use binary criu release 3aead32e nsenter: hard-code memfd_create(2) syscall numbers 5d1b0268 .github/workflows/validate: nits 7cd062d7 libct/cgroup/utils: fix GetCgroupMounts(all=true) 4fc2de77 libcontainer/devices: remove "Device" prefix from types 677baf22 libcontainer: isolate libcontainer/devices de80aae4 recvtty: fix errcheck linter warnings 6b41b463 recvtty: fix waiting for both goroutines 4bbfd2e1 recvtty: use ioutil.Discard c1ef0cf6 ci: add integration+unit tests to github actions fce8dd4d tests/int/tty.bats: increase timeout c6ed1854 ci: add shellcheck to github actions 27835a9e Makefile: move shellcheck out of validate 33bda24a ci: move verify-deps from travis to github actions c60f23b3 ci: add shfmt to github actions 717a73b3 ci: renamed golangci-lint to validate 06b204e5 Makefile: move shfmt out of validate, add -w 7856c340 Dockerfile: bump criu to 3.15 ee1bdb80 vendor: github.com/cilium/ebpf v0.2.0 f0d5e839 Dockefile: fix path to skopeo repo d9010b0e integration: update README to link to bats-core 3f2f06df Move cgroup v2 out of experimental f62ad4a0 libcontainer/intelrdt: rename CAT and MBA enabled flags 620f4c5c libcontainer/intelrdt: fix CMT feature check 896da0b9 docs: terminals: modify the example of Pass-Through mode. 4690064f update vendor 9403afd7 CI: Fedora 33: print kernel version, systemd version, and rootfs type 0a097615 CI: update Fedora to 33 41aa7640 linux: drop MS_REC for readonly remount a4e6955e linux: fix remount readonly in a user namespace 2e968a83 libct/cg/sd/v2: "support" (ignore) memory.oom.group c013be56 libct/cg/sd/v2: support memory.* / Memory* unified 13afa58d libct/cg/sd/v2: support cpuset.* / Allowed* 5be8b97a libct/cg/sd/v2: support cpu.weight / CPUWeight 390a98f3 runc update: support unified resources ab80eb32 libct/cg/sd/v2: support cpu.max unified resource 7f24098d tests/int: move check_cpu* to helpers fd5226d0 libct/cg/sd: add defCPUQuotaPeriod 0cb8bf67 Initial v2 resources.unified systemd support ed548376 tests/int/update.bats: add checks for runc status d0991db2 tests/int/cgroups.bats: reformatting a66a8238 ci: pin shfmt to v3.2.0 2ceb9719 tests/integration: rm excessive run use e32716d3 tests/int: simplify teardown_running_container c114919f tests/int: fix "runc exec --preserve-fds" 7b8c4e98 shfmt mounts.bats to pass `make validate` ac5ec5e3 libcontainer/integration: fix unit test f5c345c3 test: add "runc run --no-pivot must not expose bare /proc" 17de6f80 vendor: bump mountinfo to v0.4.0 70538b39 Update bash completion to support systemd-cgroup 933c4d31 libcontainer/intelrdt: privatize IntelRdtManager and its fields 2c004a10 libcontainer/intelrdt: introduce NewManager() abcc1aae fix some typos about libcontainer 939ad4e3 don't panic when /sys/fs/cgroup is missing for rootless 7613c718 Update bash completion to support new capabilities b8bf5728 rootfs: handle nested procfs mounts for MS_MOVE 5903b0ce libcontainer/intelrdt: remove 'omitempty' property from CMT and MBM counters 0253a08d CI: add shfmt for sh files ff9852c4 *.sh: use shfmt 069fddfa CI: add shfmt for bats fc8c7797 tests/integration/*.bats: reformat with shfmt 0aa0fae3 Kill all processes in cgroup even if init process Wait fails 978fa6e9 Fixing some lint issues f0fdde79 libct/cg/systemd/v1: fix err check in enableKmem c1bba720 libct/cg/systemd/v1: do not use c.Path fa47f958 libct/int/newTemplateConfig: add systemd support 9135d99c libct/int/newTemplateConfig: add userns param 73d93eeb libct/int: make newTemplateConfig argument a struct fb4c27c4 Fix mount error when chmod RO tmpfs 002c92f1 libct/cg.WriteCgroupProc: use fscommon.OpenFile c95e6900 libct/cg/fs*: use fscommon.OpenFile d55729f1 libct/cg/fs/blkio: use fscommon.OpenFile 0228226e libcontainer/cgroups/fscommon: introduce OpenFile b4483305 Add error message e25b8cfc libct/cg/utils: use fscommon.ReadFile 6bae53f5 libct/cg/fs2: use fscommon.ReadFile 2588e6f1 libct/cg/fs/cpuset: use fscommon.ReadFile 1d20cf49 libct/cg/fs/cpuacct: use fscommon.ReadFile 9e78b66e libct/cg/systemd/v1.enableKmem: use fscommon.ReadFile 31634436 libct/cg/fs2.CreateCgroupPath: use fscommon.*File b7092d84 libct/cg/fs.setKernelMemory: use fscommon.WriteFile 619de977 libct/cg/fscommon_test: rm cgroups dependency ede8a86e Convert root path to absolute path on create command e8eb8000 fix some linting issues fcf210d6 Fix goreport warnings of ineffassign and misspell 644c107e libcontainer/intelrdt: modify the incorrect file mode 87412ee4 vendor: bump mountinfo v0.3.1 28b452bf libcontainer: unconvert b3a8b074 libcontainer: prefer bytes.TrimSpace() over strings.TrimSpace() 3d5dec2f libcontainer: remove the unused variable from spec b76652fb libcontainer: remove `removePath` from cgroups faaecac7 libcontainer: remove loadConfig which is the unused function c6ac3c4b libcontainer/system: remove deprecated GetProcessStartTime 3eb469b0 libcontainer: remove redundant strings.Join() bc9a7bda setFreezer: explicitly return nil 2a644a7d CI: add golangci-lint via github actions 360981ae libct/cgroups: rewrite getHugePageSizeFromFilenames 819fd683 go.mod: sirupsen/logrus v1.7.0 0eb66c95 go.mod: github.com/containerd/console v1.0.1 8bf21672 use string-concatenation instead of sprintf for simple cases a4d5e8a2 libcontainer/ignoreTerminateError: ignore SIGKILL dc424591 libct/(*initProcess).start: fix removing cgroups on error 8699596d libct/(*setnsProcess).Start: use retErr 38447895 libct/cgroups/systemd: eliminate runc/systemd race 6c83d23f libcontainer/cgroups/fscommon: improve doc 31f0f5b7 libct/cg/fscommon.GetCgroupParamUint: improve e76ac1c0 libct/cg/fscommon.GetCgroupParamString: use ReadFile aac4d1f5 libct/cg/fscommon/GetCgroupParamKeyValue: nits d167be29 libct/cgroups/fs2/statHugeTlb: error message nits 2c70d238 libct/intelrdt: add TestFindIntelRdtMountpointDir ab2b5dfa libcontainer/cgroups: use const for templates b7c446b3 checkpoint: setPageServer: use net.SplitHostPort instead of strings.Split f1c1fdf9 libcontainer/intelrdt: use moby/sys/mountinfo 4929c05a tests/int: add cgroupv2 unified resources tests 6e2159be tests/int/cgroups: make sure to rm containers b006f4a1 libct/cgroups: support Cgroups.Resources.Unified 8ceae9f7 libct/cgroups/GetHugePageSize: use Readdirnames 9aff7aae libct/utils: add GetHugePageSize benchmark 30601efa tests/int/spec.bats: simplify 6c21de38 tests/int/spec: only run once for rootless 186a38ba tests/int: whitespace cleanup 792d2c3b tests/int/cgroups.bats: rm unused code 908b7076 tests/int/*.bats: make sure to delete containers 1c3af275 libcontainer: newContainerCapList() refactor to reduce duplicated code 8820a145 libcontainer: initialize slices with length f5c96b74 libcontainer: remove unneeded sprintf and intermediate variable b9e26ad8 libcontainer: remove workaround for RHEL6 kernels 373811ba libcontainer: rename cap variable as it collides with built-in 074e67ad Makefile: fix vendor and verify-dependencies 2ccefa63 restore: tell CRIU to use existing namespaces 71c10e3c vendor: github.com/moby/sys/mountinfo v0.2.0 ba8687fc tests/int/helpers: fix indentation fdb0590c tests/int/helpers: simplify set_cgroup_mount_writable 74b57fea fscommon.WriteFile: simplify error message a3f91b98 vendor: bump runtime-spec b682e8cf vendor: bump fileutils to v0.5.0 d1d13d9a tests/int/checkpoint: don't hide stderr 627074d0 tests/int/checkpoint: rm useless code bca5f24c tests/int/checkpoint.bats: fix showing logs on fail ce24d603 Add integration tests for cgroup devices 8297ae45 Makefile: fix DESTDIR handling dd3e0da3 tests/int/dev.bats: fixes for new busybox bcd30954 tests/int: fix runc exec --preserve-fds ba0246da libcontainer: Store state.json before sync procRun cbb0a793 Make sure signalAllProcesses is invoked in the function of destroy 940e1547 cgroupv1/systemd: (re)use m.paths f075084a cgroupv1/systemd: rework Apply/joinCgroups fad92bbf cgroupv1/Apply: do not overuse d.path/getSubsystemPath 0445fd60 Since no kernels support direct labeling of /dev/mqueue remove label bfb4ea1b Remove check for apparmor_parser in apparmor.IsEnabled() a63f99fc Add support for umask 42d9a6b4 tty.bats: add test cases when stdin is not a tty b79cb048 runc run/exec: fix terminal wrt stdin redirection b8efb020 tests/int/delete.bats: fix shellcheck warnings 28204ce7 tests/int/delete: rm useless code 34b4b106 tests/int: alt fix for shellcheck SC2034 d34f1c81 CI: add shellcheck of bats files f36fb46b tests/int/*bats: ignore SC2016 598d8b73 tests/int/checkpoint.bats: ignore SC2206 08766b98 tests/int/*bats: fix/ignore shellcheck SC2046 4ba4baea tests/int/*bats: fix shellcheck SC2086, SC2006 b02ca2dc tests/int: fix shellcheck warning SC2002 3b80850e tests/int/update.bats: fix a shellcheck warning 612d0790 tests/int/update.bats: fix a shellcheck warning 82836d24 tests/int/cgroups.bats: fix a shellcheck warning 4b8ff6a1 tests/int/checkpoint.bats: ignore some shellcheck warnings ce50e1da test/int/spec.bats: simplify setup/teardown 699fdf89 tests/int/mount.bats: fix a check 85a30698 test/int/hooks.bats: fix here-doc 9a699e1a Skip redundant setup for /dev/ptmx when specified explicitly in the OCI spec. 0709202d Remove runc default devices that overlap with spec devices. 6249136a add libseccomp version to `runc --version` 1d85333a add runtime.Version() to `runc --version` 1e9f8059 cleancode: adjust and make it more readability 335f0806 tests/int/delete: cgroupv1 with sub-cgroups removal case 19be8e5b libct/cgroups.RemovePaths: speedup 3f14242e libct/cgroups: move RemovePath from fs2 254d23b9 libc/cgroups: empty map in RemovePaths bf8bb477 Modify from space to tab Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
a84fa54160 |
runc: update to 1.0.0-rc93
Bumping to the next rc of runc, which comprises the following commits: 1e0016cf Show error stack trace if --debug is set 5c0342ba libcontainer: fix bad conversion from syscall.Errno to error a9e99b6d ci/gha/fedora: retry vagrant up f26768a8 VERSION: back to development 12644e61 VERSION: release 1.0.0~rc93 c348b982 tests/rootless.sh: fix/ignore shellcheck warnings 11437593 tests/rootless.sh: use set -e -u -o pipefail 5ab05884 ci: untangle getting test images bc175ba4 tests/helpers.bash: rm GOPATH dc025792 ci/gha: bump golangci-lint to v1.36 4d3a8d5e .golangci.yml: add 76ae1f5c libct/cg/fs/freezer: fix freezing race c4bc3b08 Remove "PatchAndLoad" stub as it's not used without seccomp enabled 6ddfaa5e cgroupfs: cpuset: fix broken build ca422896 Makefile: add -trimpath go build flag d89c9629 Fix typo in README b1195b76 ci: test with golang 1.16-rc1 164e0adb tests/int/spec.bats: fix for go 1.16 4160d743 seccomp: add enosys unit tests 8bd19cd5 tests: add seccomp -ENOSYS integration test 7a8d7162 seccomp: prepend -ENOSYS stub to all filters 2be806d1 libcontainer/configs: improve CommandHook unit tests f4d153b0 Fix int overflow in test on 32 bit system 4e98eec1 libct/cg: demote "systemd is too old" to debug c7357aad libct/cg/ebpf/testDeviceFilter: rm verbose logging 6a9f5ac9 libct/cg/fs: fix a linter warning 63c44e27 libct/cg/fs: getPageUsageByNUMA: rewrite/optimize e9248dd5 cgroup: fix panic in parse memory.numa_stat 426aa416 libct/int/TestExecInTTY: skip c30cd3cd libct/int/TestExecInTTY: fix error reporting dac0c1e3 console.ClearONLCR: move it back ab27e12c Implement GetStat for cpuset cgroup. 867ba38e events: simplify some conversion functions 8ce51611 GHA: tune timeouts for VM jobs 510e404e make shfmt: run for all script/* files 90d02ecc Vagrantfile.centos7: clean up after bats install a91210f4 gha: use ssh -tt to have a tty 1f4a3b1e gha: don't check commits on push 4a30ada4 gha: cache docker layers to speed up make runcimage 58c31003 README: rm travis badge a21e57d7 tests/int/hooks.bats: skip earlier 657a24ce libct/cg/TestGetHugePageSizeImpl: only log errors 3394e374 libct/cg/sd/TestRangeToBits: be less verbose 230a46b7 systemd: fix rootful-in-userns regression c751ba3f systemd: show more helpful error a35cad3b libct/cg/sd/v2: warn about old systemd 03b512e5 libc/cg: convert r.CPU.Cpus/Mems to systemd props eee425f5 libct/cg/sd/systemdVersion: don't return error 5de00ad9 tests/int/multi-arch.bash: fix for busybox b3cf4831 script/check-config.sh: fix IOSCHED_CFQ CFQ_GROUP_IOSCHED 1a00cd8f script/check-config.sh: fix MEMCG_SWAP_ENABLED ecb9d73c script/check-config.sh: fix NF_NAT_NEEDED 483abaac script/check-config.sh: fix NF_NAT_IPV4 91eba84a script/check-config.sh: support for cgroupv2 25987d03 libcontainer/intelrdt: adjust the file mode c8e89b8d Remove script/install-vagrant.sh 06a684d6 libct/int/TestExecInTTY: repeat the test 300 times fedaa2ab TestExecInTTY: simplify, improve error reporting 719d70d2 setupIO: simplify code 24c05b71 tty: fix ClearONLCR race 039c47ab libcontainer: signalAllProcesses(): log warning when failing to thaw 18972177 libcontainer: move capabilities to separate package 692fab09 libct/checkProcMounts: optimize 72f46389 libct: add TODO about os.ErrProcessDone d7df3018 libct: suppress bogus "unable to terminate" warnings 637f82d6 runc run: resolve tmpfs mount dest in container scope d64c3afe tests/int/mount.bats: reformat a2c9866e tests/int/mounts.bats: cleanup 9f2153c6 libct/cgroups/fs/cpuset: don't use MkdirAll c85cd2b3 libct/cg/fs/cpuset: don't parse mountinfo c0e14b8b libct/cg/fs.getCgroupRoot: reuse (cached) cgroup mountinfo ed70dfa7 libct/cgroups/v1_utils: implement mountinfo cache 17a0dc31 README: add note about not using runc directly 4bc2aab9 README: add links to misc docs 2dc1bf91 ci: move Fedora 33 and CentOS 7 tests to gha e431fe60 ci: move misc validate tasks from travis to gha 7ecba232 ci: move cross compile check from travis to gha 8ccd39a9 ci: move commit length check from travis to gha 1125ae78 tests/events.bats: unify duplicated code 27268b1a tests/int/cwd: add test case for cwd not owned by runc d869d05a libctr/init_linux: reorder chdir 8bd3b878 test: add case for GH #2086 cb3dd9d8 libct/configs/validate: test for bind-mounted netns 8e8661e1 libct/configs/validate/sysctl: fix repeated netns checks 2dce0699 libct/configs/validate: fix host netns check 2143b368 libct/int/execin_tty: do help debug a flake e709b8ab libctl/cgroups/fscommon: close fd 325a74dd libcontainer/intelrdt: rm init() from intelrdt.go cb269306 remove "selinux" build tag (Always compile SELinux support) 552a1c7b remove "apparmor" build tag (Always compile AppArmor support) 48b8eb09 checkProcMount: add /proc/slabinfo to whitelist 1909051b libct/int/execin_tty: help debug a flake 97929295 libct/intelrdt: fix a staticcheck warning 6437086e libct/addCriu*Mount: fix gosimple warning d0b59548 libct/checkCriuFeatures: fix gosimple linter warning 3de5c514 libct/int: don't hardcode CAP_NET_ADMIN 3387422b libct/int: fix "simple" linter warnings 11680cd2 libct: fix "unused" linter warning a99ecc9e libct/cg/utils: silence a linter warning 3c9b03fd libct/cg/fscommon: log openat2 init failures 6bda4600 libcontainer/cgroups/fscommon: add openat2 support 31b0151f move blkio stat gathering to loop 990a6c57 cgroups: update blkio GetStats be56333f bats: update to 1.2.1 f15c4cca Update umoci to 0.4.6 4344bd8f Dockerfile: use binary criu release 3aead32e nsenter: hard-code memfd_create(2) syscall numbers 5d1b0268 .github/workflows/validate: nits 7cd062d7 libct/cgroup/utils: fix GetCgroupMounts(all=true) 4fc2de77 libcontainer/devices: remove "Device" prefix from types 677baf22 libcontainer: isolate libcontainer/devices de80aae4 recvtty: fix errcheck linter warnings 6b41b463 recvtty: fix waiting for both goroutines 4bbfd2e1 recvtty: use ioutil.Discard c1ef0cf6 ci: add integration+unit tests to github actions fce8dd4d tests/int/tty.bats: increase timeout c6ed1854 ci: add shellcheck to github actions 27835a9e Makefile: move shellcheck out of validate 33bda24a ci: move verify-deps from travis to github actions c60f23b3 ci: add shfmt to github actions 717a73b3 ci: renamed golangci-lint to validate 06b204e5 Makefile: move shfmt out of validate, add -w 7856c340 Dockerfile: bump criu to 3.15 ee1bdb80 vendor: github.com/cilium/ebpf v0.2.0 f0d5e839 Dockefile: fix path to skopeo repo d9010b0e integration: update README to link to bats-core 3f2f06df Move cgroup v2 out of experimental f62ad4a0 libcontainer/intelrdt: rename CAT and MBA enabled flags 620f4c5c libcontainer/intelrdt: fix CMT feature check 896da0b9 docs: terminals: modify the example of Pass-Through mode. 4690064f update vendor 9403afd7 CI: Fedora 33: print kernel version, systemd version, and rootfs type 0a097615 CI: update Fedora to 33 41aa7640 linux: drop MS_REC for readonly remount a4e6955e linux: fix remount readonly in a user namespace 2e968a83 libct/cg/sd/v2: "support" (ignore) memory.oom.group c013be56 libct/cg/sd/v2: support memory.* / Memory* unified 13afa58d libct/cg/sd/v2: support cpuset.* / Allowed* 5be8b97a libct/cg/sd/v2: support cpu.weight / CPUWeight 390a98f3 runc update: support unified resources ab80eb32 libct/cg/sd/v2: support cpu.max unified resource 7f24098d tests/int: move check_cpu* to helpers fd5226d0 libct/cg/sd: add defCPUQuotaPeriod 0cb8bf67 Initial v2 resources.unified systemd support ed548376 tests/int/update.bats: add checks for runc status d0991db2 tests/int/cgroups.bats: reformatting a66a8238 ci: pin shfmt to v3.2.0 2ceb9719 tests/integration: rm excessive run use e32716d3 tests/int: simplify teardown_running_container c114919f tests/int: fix "runc exec --preserve-fds" 7b8c4e98 shfmt mounts.bats to pass `make validate` ac5ec5e3 libcontainer/integration: fix unit test f5c345c3 test: add "runc run --no-pivot must not expose bare /proc" 17de6f80 vendor: bump mountinfo to v0.4.0 70538b39 Update bash completion to support systemd-cgroup 933c4d31 libcontainer/intelrdt: privatize IntelRdtManager and its fields 2c004a10 libcontainer/intelrdt: introduce NewManager() abcc1aae fix some typos about libcontainer 939ad4e3 don't panic when /sys/fs/cgroup is missing for rootless 7613c718 Update bash completion to support new capabilities b8bf5728 rootfs: handle nested procfs mounts for MS_MOVE 5903b0ce libcontainer/intelrdt: remove 'omitempty' property from CMT and MBM counters 0253a08d CI: add shfmt for sh files ff9852c4 *.sh: use shfmt 069fddfa CI: add shfmt for bats fc8c7797 tests/integration/*.bats: reformat with shfmt 0aa0fae3 Kill all processes in cgroup even if init process Wait fails 978fa6e9 Fixing some lint issues f0fdde79 libct/cg/systemd/v1: fix err check in enableKmem c1bba720 libct/cg/systemd/v1: do not use c.Path fa47f958 libct/int/newTemplateConfig: add systemd support 9135d99c libct/int/newTemplateConfig: add userns param 73d93eeb libct/int: make newTemplateConfig argument a struct fb4c27c4 Fix mount error when chmod RO tmpfs 002c92f1 libct/cg.WriteCgroupProc: use fscommon.OpenFile c95e6900 libct/cg/fs*: use fscommon.OpenFile d55729f1 libct/cg/fs/blkio: use fscommon.OpenFile 0228226e libcontainer/cgroups/fscommon: introduce OpenFile b4483305 Add error message e25b8cfc libct/cg/utils: use fscommon.ReadFile 6bae53f5 libct/cg/fs2: use fscommon.ReadFile 2588e6f1 libct/cg/fs/cpuset: use fscommon.ReadFile 1d20cf49 libct/cg/fs/cpuacct: use fscommon.ReadFile 9e78b66e libct/cg/systemd/v1.enableKmem: use fscommon.ReadFile 31634436 libct/cg/fs2.CreateCgroupPath: use fscommon.*File b7092d84 libct/cg/fs.setKernelMemory: use fscommon.WriteFile 619de977 libct/cg/fscommon_test: rm cgroups dependency ede8a86e Convert root path to absolute path on create command e8eb8000 fix some linting issues fcf210d6 Fix goreport warnings of ineffassign and misspell 644c107e libcontainer/intelrdt: modify the incorrect file mode 87412ee4 vendor: bump mountinfo v0.3.1 28b452bf libcontainer: unconvert b3a8b074 libcontainer: prefer bytes.TrimSpace() over strings.TrimSpace() 3d5dec2f libcontainer: remove the unused variable from spec b76652fb libcontainer: remove `removePath` from cgroups faaecac7 libcontainer: remove loadConfig which is the unused function c6ac3c4b libcontainer/system: remove deprecated GetProcessStartTime 3eb469b0 libcontainer: remove redundant strings.Join() bc9a7bda setFreezer: explicitly return nil 2a644a7d CI: add golangci-lint via github actions 360981ae libct/cgroups: rewrite getHugePageSizeFromFilenames 819fd683 go.mod: sirupsen/logrus v1.7.0 0eb66c95 go.mod: github.com/containerd/console v1.0.1 8bf21672 use string-concatenation instead of sprintf for simple cases a4d5e8a2 libcontainer/ignoreTerminateError: ignore SIGKILL dc424591 libct/(*initProcess).start: fix removing cgroups on error 8699596d libct/(*setnsProcess).Start: use retErr 38447895 libct/cgroups/systemd: eliminate runc/systemd race 6c83d23f libcontainer/cgroups/fscommon: improve doc 31f0f5b7 libct/cg/fscommon.GetCgroupParamUint: improve e76ac1c0 libct/cg/fscommon.GetCgroupParamString: use ReadFile aac4d1f5 libct/cg/fscommon/GetCgroupParamKeyValue: nits d167be29 libct/cgroups/fs2/statHugeTlb: error message nits 2c70d238 libct/intelrdt: add TestFindIntelRdtMountpointDir ab2b5dfa libcontainer/cgroups: use const for templates b7c446b3 checkpoint: setPageServer: use net.SplitHostPort instead of strings.Split f1c1fdf9 libcontainer/intelrdt: use moby/sys/mountinfo 4929c05a tests/int: add cgroupv2 unified resources tests 6e2159be tests/int/cgroups: make sure to rm containers b006f4a1 libct/cgroups: support Cgroups.Resources.Unified 8ceae9f7 libct/cgroups/GetHugePageSize: use Readdirnames 9aff7aae libct/utils: add GetHugePageSize benchmark 30601efa tests/int/spec.bats: simplify 6c21de38 tests/int/spec: only run once for rootless 186a38ba tests/int: whitespace cleanup 792d2c3b tests/int/cgroups.bats: rm unused code 908b7076 tests/int/*.bats: make sure to delete containers 1c3af275 libcontainer: newContainerCapList() refactor to reduce duplicated code 8820a145 libcontainer: initialize slices with length f5c96b74 libcontainer: remove unneeded sprintf and intermediate variable b9e26ad8 libcontainer: remove workaround for RHEL6 kernels 373811ba libcontainer: rename cap variable as it collides with built-in 074e67ad Makefile: fix vendor and verify-dependencies 2ccefa63 restore: tell CRIU to use existing namespaces 71c10e3c vendor: github.com/moby/sys/mountinfo v0.2.0 ba8687fc tests/int/helpers: fix indentation fdb0590c tests/int/helpers: simplify set_cgroup_mount_writable 74b57fea fscommon.WriteFile: simplify error message a3f91b98 vendor: bump runtime-spec b682e8cf vendor: bump fileutils to v0.5.0 d1d13d9a tests/int/checkpoint: don't hide stderr 627074d0 tests/int/checkpoint: rm useless code bca5f24c tests/int/checkpoint.bats: fix showing logs on fail ce24d603 Add integration tests for cgroup devices 8297ae45 Makefile: fix DESTDIR handling dd3e0da3 tests/int/dev.bats: fixes for new busybox bcd30954 tests/int: fix runc exec --preserve-fds ba0246da libcontainer: Store state.json before sync procRun cbb0a793 Make sure signalAllProcesses is invoked in the function of destroy 940e1547 cgroupv1/systemd: (re)use m.paths f075084a cgroupv1/systemd: rework Apply/joinCgroups fad92bbf cgroupv1/Apply: do not overuse d.path/getSubsystemPath 0445fd60 Since no kernels support direct labeling of /dev/mqueue remove label bfb4ea1b Remove check for apparmor_parser in apparmor.IsEnabled() a63f99fc Add support for umask 42d9a6b4 tty.bats: add test cases when stdin is not a tty b79cb048 runc run/exec: fix terminal wrt stdin redirection b8efb020 tests/int/delete.bats: fix shellcheck warnings 28204ce7 tests/int/delete: rm useless code 34b4b106 tests/int: alt fix for shellcheck SC2034 d34f1c81 CI: add shellcheck of bats files f36fb46b tests/int/*bats: ignore SC2016 598d8b73 tests/int/checkpoint.bats: ignore SC2206 08766b98 tests/int/*bats: fix/ignore shellcheck SC2046 4ba4baea tests/int/*bats: fix shellcheck SC2086, SC2006 b02ca2dc tests/int: fix shellcheck warning SC2002 3b80850e tests/int/update.bats: fix a shellcheck warning 612d0790 tests/int/update.bats: fix a shellcheck warning 82836d24 tests/int/cgroups.bats: fix a shellcheck warning 4b8ff6a1 tests/int/checkpoint.bats: ignore some shellcheck warnings ce50e1da test/int/spec.bats: simplify setup/teardown 699fdf89 tests/int/mount.bats: fix a check 85a30698 test/int/hooks.bats: fix here-doc 9a699e1a Skip redundant setup for /dev/ptmx when specified explicitly in the OCI spec. 0709202d Remove runc default devices that overlap with spec devices. 6249136a add libseccomp version to `runc --version` 1d85333a add runtime.Version() to `runc --version` 1e9f8059 cleancode: adjust and make it more readability 335f0806 tests/int/delete: cgroupv1 with sub-cgroups removal case 19be8e5b libct/cgroups.RemovePaths: speedup 3f14242e libct/cgroups: move RemovePath from fs2 254d23b9 libc/cgroups: empty map in RemovePaths bf8bb477 Modify from space to tab Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
d2081b09b8 |
docker/moby: update to 20.10.3
Updating to the 20.x series for moby. The following moby commits: 519a55f491 TestCgroupNamespacesRunOlderClient: support cgroup v2 b6a6a35684 docker info: adjust warning strings for cgroup v2 25bd941ae4 docker info: silence unhandleable warnings 58283298d7 rootless: set systemd KillMode to mixed 46229ca1d8 Use golang.org/x/sys/execabs a7d4af84bd pull: Validate layer digest format 611eb6ffb3 buildkit: Apply apparmor profile 4afe620fac vendor buildkit 68bb095353c65bc3993fd534c26cf77fe05e61b1 e908cc3901 Use real root with 0701 perms bfedd27259 Do not set DOCKER_TMP to be owned by remapped root edb62a3ace Ensure MkdirAllAndChown also sets perms 1c0af18c6c vendor: opencontainers/selinux v1.8.0, and remove selinux build-tag and stubs 4a175fd050 Cleanup container shutdown check and add test ab06bb3ec0 vendor: opencontainers/selinux v1.7.0 f3d0f7054d cmd/dockerd: sd_notify STOPPING=1 when shutting down c923f6ac3b Fix off-by-one bug 1c5806cf57 Move use of debian:buster frozen image to debian:bullseye af0665861b Fix a potential hang when starting after a non-clean shutdown 7ba1af38b8 TESTING.md: note that integration-cli is deprecated a0fc7a4b46 TESTING.md: Fix path the test environment conditions f2f5106c92 Add a test for #41723 b314e901d8 Add IsUserNamespaceInKernel() test environment condition 58a4c03fed Add debian:bullseye to frozen images 188a691db7 fuse-overlayfs: fix godoc 295fb1c35e Fix jobs mode filter spelling 78eafdd947 Vendor in Libnetwork changes 7e600eaae0 daemon: improve log messages during startup / shutdown e8648fa19f plugin/manager_linux_test: Skip privileged tests when non-root c7e7426796 pkg/chrootarchive: Skip privileged tests when non-root 6349b32e1b daemon/oci_linux_test: Skip privileged tests when non-root a02553670e vendor buildkit to v0.8.1 5fd8d701ce Vendor in libnetwork changes 9122cd1a75 docs: add API v1.41 5458b0e435 Revert "Add multi-user.target to After=" 495d623ae5 Add fallback for pull by tag 34682e536e vendor: BuildKit 950603da215ae03b843f3f66fbe86c4876a6f5a1 15accb8376 vendor: remove vendored golang.org/x/tools, as it's not needed cd63cc846e mark ip6tables as experimental feature dd752ec87a Fix jobs-related bug in task conversion 0a8c769268 update containerd binary to v1.4.3 (CVE-2020-15257) 2680a0fe2c Networking: add regression test for networks endpoint with trailing slash f9b2989e97 Fix permissions on oci fixtures files 703951197c update containerd binary to v1.4.2 22e31dbd9a vendor libnetwork to fix mix up between IPv4 and IPv6 ab09458e21 dockerd-rootless-setuptool.sh: show more helpful error messages 776cadc7db vendor: gotest.tools v3.0.3 aeddf93de0 Implement Unwrap to errors 73571e4689 vendor: github.com/moby/buildkit v0.8.0-rc2 1f88736871 vendor: github.com/containerd/containerd 0edc412565dcc6e3d6125ff9e4b009ad4b89c638 8eebe32f5c vendor: github.com/containerd/cgroups 0b889c03f102012f1d93a97ddd3ef71cd6f4f510 ba475d44a7 vendor: github.com/containerd/fifo 0724c46b320cf96bb172a0550c19a4b1fca4dacb 37da117aba vendor: github.com/containerd/ttrpc v1.0.2 1725a1493e vendor github.com/tonistiigi/fsutil 0834f99b7b85462efb69b4f571a4fa3ca7da5ac9 fa592fa7b2 vendor: golang.org/x/crypto c1f2f97bffc9c53fc40a1a28a5b460094c0050d9 c7f0b509cf vendor: github.com/moby/term bea5bbe245bf407372d477f1361d2ff042d2f556 2630994b35 Bump libnetwork dbffbe8f9b builder-next: fix platform-specific behavior f4214ec847 vendor: github.com/Microsoft/go-winio v0.4.15 was tagged 05c20a6e1c handleContainerExit: put a timeout on containerd DeleteTask beff0a5f2c integration-cli: remove TestBuildContChar 39f9c1b5d1 builder-next: fix --cache-from panic 8f464ae2ab builder-next: refactor to use flighcontrol and remove resolveOnce 1b1eb094cc builder-next: simple refactor 3756668adb builder-next: Refactor using buildkit's resolver pool de56a90929 vendor buildkit 6861f17f15364de0fe1fd1e6e8da07598a485123 f7bcb02f67 seccomp: Add pidfd_getfd syscall 5e3ffe6464 seccomp: Add pidfd_open and pidfd_send_signal 2b41e84719 pkg/system: fix compile on darwin (macOS) b4b902b88f Jenkinsfile: remove e2e image stage 6d243cdf27 testutil: remove remaining use of deprecated pkg/mount 43d61d2bcf [DEL] remove useless assert 6458f750e1 use containerd/cgroups to detect cgroups v2 7ba05f2b2b Rewrite VolumesMountedAsShared/Slave as Integration tests 7bb729e928 Break out non-Windows sys/mount usage into helper 3e3f3d7168 Move tests using sys/mount to not build on Windows a158b53d86 Separate non-Windows mount code from common code 080d9df63e Don't clear the exit code from the Finally block 1bb3491601 builder: fix detection of experimental --stream option (deprecated) 51f5b1279d Don't set image on containerd container. d99e8d2c3b Unhide containerd-namespace flags 9ca3bb632e Store image manifests in containerd content store 66459cc623 Added ip6tables config option c6accc67f2 bump up rootlesskit to v0.11.0 dfc2d770e4 Update iptable.Exists API in integration-cli 53727ce2f0 vendor: github.com/creack/pty v1.1.11 dc3c382b34 replace pkg/symlink with github.com/moby/sys/symlink c208f03fbd pkg/devicemapper: fix invalid usage of reflect.SliceHeader 6a5393636e opts: unify host-options, and use consts 80a5df9c49 Added container ID to containerd task delete event messages 053962af92 Move HostGatewayName const to opts, and change vars to consts e4cf1c7336 pull: use tag service for pulling tagged reference e766361271 pkg/mount: update deprecated wrappers 32d506b394 vendor: moby/sys mountinfo/v0.4.0 182795cff6 Do not call mount.RecursiveUnmount() on Windows 1623e6b222 Vendor in Libnetwork changes ac84f1b55f registry.loginV2(): minor cleanup b102d4637c Fix windows log file rotation with readers bcc993b494 Fix logfile to open all files with custom openFile 56ba96b6c1 Clean up some logfile implementation 3148a46657 Fix various race conditions in loggerutils 93bd2c1336 contrib: remove download-frozen-image-v1 script b90ef1237e registry: minor cleanup in search code 3f7c62f6f6 registry: remove v1 code not related to searching 0ba2d7c625 registry: remove TestSameAuthDataPostSave 32eaf4690a registry: DefaultService.Auth(): skip parsing default registry 7782d04141 registry: remove v1 authentication ab47fd2f72 registry: use consts for default registry 1a1f5cc37b Pass through GOCACHE to test_env 8cc0fd811e docs: fix builder-version swagger 1b8826beee docker stats: fix 'panic: close of closed channel' 6f0709e033 vendor: golang.org/x/sys eeed37f84f13f52d35e095e8023ba65671ff86a1 4680836f80 vendor: github.com/containerd/console v1.0.1 88c0271605 Don't set default platform on container create 80c3199c18 vendor: github.com/spf13/cobra v1.1.1 561b8014c0 testutil: set -500 OOM score for test daemons 2b8e68ef06 dockerd: remove default -500 oom-score-adjust a6129c57e6 Bump vndr v0.1.2 a38b96b8cd Temporarily disable CAP_PERFMON, CAP_BPF, and CAP_CHECKPOINT_RESTORE 5338478546 Dockerfile: fix golang-ci-lint installer f14aea63c9 "Fix" checkpoint on v2 runtime 654cad4d9d Also trim "~..." from AppArmor versions f6f294bd83 testing: Init plugin config when for tests 4539e7f0eb seccomp: implement marshal/unmarshall for MinVersion 6b538ffbca vendor: github.com/gofrs/flock v0.7.3 cf7a5be0f2 daemon: don't adjust oom-score if score is 0 8c31e4536a volume/local: add tests for size quota 2e05db981b quota: move test helper functions to extra file 6d593fe6cc volume/local: decouple presence of options from mounting c677e4cc87 quota: move quota package out of graphdriver 6f1553625d projectquota: build types and unsupported stubs everywhere 31ed121cb8 projectquota: sync next projectID across Control instances 963e5afc04 Update documentation to reflect deprecation of "NewEnvClient" a692823413 seccomp: add test for unmarshal default profile 97535c6c2b seccomp: remove dependency on pkg/parsers/kernel ee079e4692 pkg/aaparser: support parsing version like "3.0.0-beta1" a3256d2dd8 bump google.golang.org/api v0.8.0 2971204e43 bump go.opencensus.io v0.22.3 bbde240ce0 bump cloud.google.com/go v-0.44.3 ef553e14a4 Fix gcplogs memory/connection leak c9bbf37f85 vendor: sirupsen/logrus v1.7.0 2036b277a5 Add TARGETARCH var to frozen images stage c9c7756301 oci: add tests for loading seccomp profiles 56e7bc4b78 seccomp: remove dependency on oci package dedf8528a5 Allow download-frozen-images to work without `go` b8aec34680 seccomp: add test for loading old JSON format 5f5285a6e2 Sterner warnings for unathenticated tcp 7afef854ed api: clarify "v" option behavior in the container remove endpoint 7335167340 Remove redundant "os.IsNotExist" checks on os.RemoveAll() 5a7b75f889 daemon/graphdriver/copy: use IoctlFileClone from golang.org/x/sys/unix 6267800783 vendor: golang.org/x/sys aee5d888a86055dc6ab0342f9cdc7b53aaeaec62 2502db66d0 pkg/system: make EnsureRemoveAll unix-specific 88126e84a5 Force Download-File function to use TLS 1.2 66a37b460c Windows: Enable more integration tests 35c531db1a Revendor Microsoft/go-winio for 8gB file fix 2dd9faaa16 Enable TestBuildWithHugeFile on Windows 0d75b63987 seccomp: replace types with runtime-spec types 0efee50b95 seccomp: move seccomp types from api into seccomp profile 968133c86c vendor: opencontainers/go-digest v1.0.0 7cdced6f4b vendor.conf: fix tar-split version comment 9fb324f00b vendor: docker/libnetwork d0951081b35fa4216fc4f0064bf065beeb55a74b 89bec2e267 Fix collecting the daemon under test logs 82b5ff8026 Windows CI: Make sure that CI fails on any error 1ed6589e39 vendor: github.com/syndtr/gocapability 42c35b4376354fd554efc7ad35e0b7f94e3a0ffb af3220884e vendor: github.com/containerd/containerd v1.4.1 1371a629d5 update containerd binary to v1.4.1 4ab96db4ab vendor: github.com/moby/term 7f0af18e79f2784809e9cef63d0df5aa2c79d76e 2344b3a9e1 fix integration test case TestExternalGraphDriver failed in mips arch 3d9120f744 Unify same fromStatT() implementation for FreeBSD and NetBSD 41be7293f5 daemon/listeners: use pkg/errors 6efa9e0575 Add support for NetBSD df7031b669 Memoize seccomp value for SysInfo b83dc8e5a2 Remove libseccomp-golang from vendor ccbb00c815 Remove dependency in dockerd on libseccomp dc72890470 Remove "mkimage.sh" and associated scripts 5ca758199d replace pkg/locker with github.com/moby/locker 13e0ba700a swagger: fix MemTotal units in SystemInfo endpoint 16eb522928 vendor: containerd v1.4.0 a8e7115fca Simplify seccomp logic 65a33d02f6 Simplify getUser() to use libcontainer built-in functionality 322c9e6866 add partial metadata to journald logs 245f2d922a vendor: github.com/opencontainers/selinux v1.6.0 fdd22e5628 vendor: github.com/gorilla/mux v1.8.0 d1c2f953c5 Test: Add buffer to two channels to avoid blocking goroutine ea9886cec4 pkg/idtools: refactor to avoid string-splitting 15292d7abf update containerd binary to v1.4.0 a18139111d Add faccessat2 to default seccomp profile. 010adeec55 Builder: print relative path if COPY/ADD source path was not found b8988c8475 Add openat2 to default seccomp profile. c255404a25 opts: simplify ValidateEnv to use os.LookupEnv c353c7cc71 vendor runc library to v1.0.0-rc92 7ab5b00a9c vendor golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4 2ee753a28f vendor golang.org/x/net v0.0.0-20200707034311-ab3426394381 5eccaaceb5 vendor golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 15d38650ee vendor containerd library to v1.4.0-rc.1 cf169b45bb daemon.setupPathsAndSandboxOptions() skip resolving symlinks 3ee1ab87b7 Update docker-py to 4.3.0 906007f6c1 libcontainerd: use cancellable context for events 60d7265803 Use IsServing to determine if c8d client is ready e3ab236309 Add solaris support to lstat 7fd23345c9 Wait for container exit before forcing handler 31d83961e9 Update tini v0.19.0 afd9a6c2b2 builder/remotecontext: use lowercase for error 725eced4e0 apparmor: permit signals from unconfined programs a7c279f203 Add more error message for ops when container limit use an device which not exist 2a6325e310 Bump Golang 1.13.15 2c7b48decd Update runc binary to v1.0.0-rc92 a6b00ed9b9 Update authors and mailmap 0f0c1c04c8 fix TestDaemonNoSpaceLeftOnDeviceError for mips64le 43d13054c5 update containerd to v1.3.7 8ccb46a521 Check for context error that is wrapped in url.Error ad30ef9113 Supplement the omission of pr#41145 6302dbbf46 Disable manifest v2 schema 1 push 9f28837c1d vendor protobuf v1.3.5 c00d4907da vendor prometheus dependency. e58a00211d vendor bbolt v1.3.5 9ad35b7e69 vendor runc 67169a9d43456ff0d5ae12b967acb8e366e2f181 9424eccfcd vendor containerd 779ef60231a555f7eb9ba82b052d59b69ca2ef10 51e3cd4761 statsV2: implement Failcnt 0592aac95c vendor: update containerd/cgroups 0ca7456e52 Add multi-user.target to After= bd0c2b3581 oci/deviceCgroup(): remove redundant variable 3108ae6226 oci: correctly use user.GetExecUser interface c76f380bea Add ulimits support to services 2b22a2e792 fix buildkit pull nil panic 1fdb1033c4 Bump swarmkit to d6592ddefd8a5319aadff74c558b816b1a0b2590 818bad6ef2 vendor: vishvananda/netns db3c7e526aae966c4ccfa6c8189b693d6ac5d202 36b1920e56 vendor: docker/swarmkit 293aa2e66279a930999044cbf6d0e590baac16ff c458bca6dc Handle missing c8d task on stop afdf5483c9 vendor: update containerd/continuity efbc4488d8fe1bdc16bde3b2d2990d9b3a899165 51c7992928 API: add "prune" events 5bc41368d9 bump up rootlesskit to v0.10.0 aa225972df Remove apt.dockerproject.org from test f2cc755f66 docs: API v1.39: move system version response to definitions e221931ccd docs: API v1.40: move system version response to definitions d4c4323e54 swagger: move system version response to definitions 24f173a003 Replace service "Capabilities" w/ add/drop API 9a6402d761 docs: API v1.39: fix type for BuildCache CreatedAt and LastUsedAt a305abb1d1 docs: API v1.40: fix type for BuildCache CreatedAt and LastUsedAt 61b770a63d swagger: fix type for BuildCache CreatedAt and LastUsedAt b8ca7de823 Deprecate KernelMemory a8b2272ab3 swagger: sync updates to v1.39 1e89ca40ba swagger: sync updates to v1.40 baa321293f Revendor swarmkit 441211986c docs: add example calculations to container stats API c8008bfbe9 fix address pool flags merge #40388 8774804ca7 vendor: update buildkit to 4d1f260e8 c161d6564d api/types: omit empty DefaultAddressPools d4b3e786ed docs: add mention of DefaultAddressPools to API history 9c66a2f4e1 Bump Golang 1.13.14 bf4a5982f0 testing: bump docker-py 4.2.2 c6d860ace6 Fix log file rotation test. bf7fd015f7 Remove unused useShimV2() bc4f242e79 Bump Go 1.13.13 0b14c2b67a cgroup v1: change the default runtime to io.containerd.runc.v2 c9c9e0ab90 pkg/parsers: remove uses of mattn/go-shellwords 818e0b2fcf pkg/parsers: add unit test for Darwin c88a830507 distribution/xfer: use "main" instead of "master" for progress channel 3895dd585f Replace uses of blacklist/whitelist f63f73a4a8 Configure shims from runtime config 6fd94aa933 Fix lint error on sprintf call for runtime string 219e7e7ddc vendor: libnetwork 9e99af28df21367340c95a3863e31808d689c92a b42ac8d370 daemon/stats: use const for clockTicksPerSecond 840a12ac90 Add DefaultAddressPools to docker info #40388 2865478487 Revendor hcsshim to fix image import bug 63382e5f3b docs: sync API v1.39 swagger formatting with current version 01244e85e7 docs: sync API v1.40 swagger formatting with current version d4d62b658d swagger: add DeviceRequests to container create, inspect example 89876e8165 swagger: move NetworkingConfig to definitions 91ca3e7a8d update runc binary to v1.0.0-rc91 85e3dddccd update containerd to v1.3.6 d2e23405be Set minimum memory limit to 6M, to account for higher startup memory use 228d74842f Upgrading the versions of images in Dockerfile. 97708281eb info: improve "WARNING: Running in rootless-mode without cgroup" 3258d565cf Fix status code for missing --volumes-from container 0e915e5413 update containerd to v1.3.5 3b80af727a fix typos and grammar in docs e3cff19dd1 Untangle CPU RT controller init afbeaf6f29 pkg/sysinfo: rm duplicates a9d22cad93 hack/install: build gotestsum without -buildmode=pie 20570d91c8 Dockerfile.windows: fix gotestsum.installer installing wrong version 441aff3a17 fix gotestsum.installer installing wrong version d0d99b04cf seccomp: allow 'rseq' syscall in default seccomp profile 794aa20983 dockerd-rootless.sh: support containerd v1.4 shim socket path convention ab6b92b6b2 chrootarchive: fix "conversion from int to string yields a string of one rune" 671459a989 Switch all Dockerfiles to use "buster" variant a8ae48d94f project: remove obviously outdated docs c66c5f4904 contrib: remove docker-machine-install-bundle.sh 32b4590b23 contrib: remove REVIEWERS files 45eb4e0d80 contrib: remove outdated vagrant docs 6b6af2abd9 contrib: remove outdated "desktop-integration" examples 6743320a12 dockerd-rootless.sh: allow specifying DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER c3acd082c7 TestUserNoEffectiveCapabilitiesNetBindService: conditionally set net.ipv4.ip_unprivileged_port_start ed89041433 test-integration: support cgroup2 87a7fc1ced Enable client on netbsd and dragonfly 87b8947580 TestDaemonDNSFallback: increase timeout to reduce flakiness 3e2965831f vendor: golang.org/x/text v0.3.3 5d97de47ec dockerd-rootless-setuptool.sh: use safer XRD on non-systemd hosts e07a88c95f fix code note when push all tags 9b28939345 vendor: update buildkit to df35e9818 66bb1c4644 pkg/sysinfo: use containerd/sys to detect UserNamespaces 9ff990a2b9 pkg/chrootarchive: use containerd/sys to detect UserNamespaces f7d5d70e44 pkg/archive: use containerd/sys to detect UserNamespaces 4534a7afc3 daemon: use containerd/sys to detect UserNamespaces 79cfcba76c cgroup2: unshare cgroupns by default regardless to API version 6fabb93f73 Make script pass shellcheck 56de0489fc int-cli/TestRunInvalidCPUShares: fix for newer runc d378625554 info: add warnings about missing blkio cgroup support 004fd7be92 Bump Golang 1.13.12 96556854a7 Fixes #41010 skip empty lines 687bdc7c71 API: swarm: move PidsLimit to TaskTemplate.Resources 2befe194af hack: remove useless constants 9b77370213 int/build/TestBuildWithEmptyLayers: prevent panic dae652e2e5 Add default sysctls to allow ping sockets and privileged ports with no capabilities a1afad3aab api/types: remove errdefs dependency f758d598c5 make install: install containerd-shim-runc-v2 7ad0da7051 remove group name from identity mapping 8cc8e26835 testing: bump docker-py 4.2.1 9a78e916ad integration: Add TestDaemonDNSFallback 83199187ef vendor libnetwork to 2e24aed516bd5c836e11378bb457dd612aa868ed b280ea114f hack: add more debugging to understand exit codepath a9569f5243 vendor: opencontainers/selinux v1.5.2 a366fe41cb fix "stat.Rdev" invalid operation mismatched types on mips64el compile error the "stat.Rdev" variable and "s.Rdev" mismatched types on mips64el convert "stat.Rdev" type to uint64 explicitly a5324d6950 Better selection of DNS server 288ed93dc5 daemon.allocateNetwork: include original error in logs 84ef60cba2 allocateNetwork: don't assign unneeded variables b98b8df886 allocateNetwork: fix network sandbox not cleaned up on failure d5da7e5330 pkg/sysinfo/sysinfo_linux.go: fix some comments f02a53d6b9 pkg/sysinfo.applyPIDSCgroupInfo: optimize 0c350e87a0 ldmode=pie is not supported for the mips arch reference: https://github.com/docker/cli/pull/2507 |
||
|
Bruce Ashfield
|
0441042812 |
docker-ce: update to v19.03.15-ce
The following docker-ce commits are in this bump: 8ba93ae231 centos-8: work around CentOS repo bug preventing to enable PowerTools b61c54e644 CentOS 8: manually import GPG key 7c5dfa21ab Bump VERSION to 19.03.15 c48e2f23e4 context: Add tarball e2e tests 51b4c45634 context: Ensure context name is valid on import 6a4daa87e5 context: Ensure import paths are valid 736dcbb76c pull: Validate layer digest format e0b182f9fd buildkit: Apply apparmor profile e2fc17e3cd vendor buildkit 396bfe20b590914cd77945ef0d70d976a0ed093c 77ef9e3963 Use real root with 0701 perms bb9d1ea5f7 Do not set DOCKER_TMP to be owned by remapped root 65f17f139b Ensure MkdirAllAndChown also sets perms bc73c89f8b docs: un-wrap line to prevent YAML docs from using "compact" formatting 6cfdb61f0a Bump VERSION to 19.03.14 Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
eabacfd248 |
kernel: drop 5.8 configs
The 5.8 kernel is being dropped in oe-core, which means we don't test the 5.8 integration any more .. so we drop the .inc for the configs. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Daniel Dragomir
|
33ebe1ac39 |
lxc: Fix postinstall script for read-only rootfs
Ensure postinstall script for lxc-networking package can run at build time for a read-only rootfs (with sysvinit). Signed-off-by: Daniel Dragomir <Daniel.Dragomir@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
29a8122f47 |
kernel: add 5.10 include file
oe-core now has a 5.10 reference kernel, so we need a 5.10 include file to pick up our configurations. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
sakib.sajal@windriver.com
|
b8aa31c8c9 |
ceph: uprev v15.2.0 -> v15.2.8
Removed patches that are contained in newer version. Contains fixes to CVES: CVE-2020-27781 CVE 2020-25660 CVE-2020-10753 CVE-2020-10736 CVE-2020-1759 CVE-2020-1760 Built and run tested. Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Christopher Clark
|
1ebde9be9a |
xen, linux-yocto-dev, RPi4: weaker assign for KBRANCH and KMACHINE
Switch to use ?= to set KBRANCH_raspberrypi4-64 to make it easier to override elsewhere when needed for switching to a different kernel branch. Also make the same change for KMACHINE_raspberrypi4-64 to match how it is assigned in the meta-yocto-bsp layer. Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
cf5a9a95cc |
moby: update to v19.03.14
Incorporating the following moby commits: d3c5506330 update containerd binary to v1.3.9 (address CVE-2020-15257) 1babdf81e7 update containerd binary to v1.3.8 f80f6304e2 Bump libnetwork 4b181db52b bump up rootlesskit to v0.11.0 7487dca8a5 docs: fix builder-version swagger c7253a0e1a dockerd-rootless.sh: support containerd v1.4 shim socket path convention 88eec2e811 Also trim "~..." from AppArmor versions ecd3baca25 pkg/aaparser: support parsing version like "3.0.0-beta1" 74c0c5b7f1 Fix gcplogs memory/connection leak 5f32bd9ced awslogs: Update aws-sdk-go to support IMDSv2 8cf9d50fc0 [19.03] vendor: buildkit v0.6.4-32-gdf89d4dc a4e96a486f swagger: fix MemTotal units in SystemInfo endpoint 9fe291827a Bump Golang 1.13.15 a15a770e1b update containerd to v1.3.7 9380ec7397 update containerd to v1.3.6 80cef48453 update containerd to v1.3.5 fc8f88dc14 update containerd to v1.3.4 89a4208757 update containerd binary to v1.3.3 490c45b756 Update containerd to v1.3.2 56d897347d Update containerd to v1.3.1 d4c63720e9 update containerd binary v1.3.0 ec14dc44d1 Fix log file rotation test. a958fc3e65 Fix flakey test for log file rotate. 89da709cb7 Check for context error that is wrapped in url.Error 83baeafc3c oci: correctly use user.GetExecUser interface dae08c333e vendor: vishvananda/netns db3c7e526aae966c4ccfa6c8189b693d6ac5d202 93cb737687 [19.03] vendor: vishvananda/netns 0a2b9b5464df8343199164a0321edf3313202f7e and the following libnetwork commits: 90990763 service_linux: Fix null dereference in findLBEndpointSandbox 8565f0b1 log error instead if disabling IPv6 router advertisement failed and finally, the following cli commits: 01fc5a1ec3 Replace deprecated instruction 3b3e295c4b docs: update 20.03 -> 20.10 in deprecated.md d1b44aa298 docs: fix broken links in build reference 20bc15f618 docs/deprecated: remove minor versions 3172219932 docs: deprecate CLI options for experimental CLI features f132c8ad4a docs: add /go/experimental/ vanity URL df5ca0c950 docs: fix generated YAML due to trailing whitespace 5057d34272 docs: update URL for security landing page 278f30b82b Add test-case for env with, and without = f526bcdb53 builder: add note about alternative syntax 10973d6ddf builder: rephrase ENV section, remove examples for ENV key value without '=' 8c8fb03f15 docs: fix "docker logs" example missing container name c9a03ab5f4 Bash-completion: add CAP_AUDIT_READ ffa0e1d36e docs: document CAP_AUDIT_READ 3d74f7ab48 docs: document optional "CAP_" prefix for capabilities 0a207d5095 docs: sort list of capabilities alphabetically 75411a2233 Complete capabilites with and without "CAP_" prefix. 896eb7123a [19.03] vendor: stop using docker/engine fork for vendoring aebe8b0660 [19.03] vendor: buildkit v0.6.4-32-gdf89d4dc d6b05747dd [19.03] vendor: tonistiigi/fsutil v0.0.0-20191018213012-0f039a052ca1 9a65c1c861 docs/build: add note about git subdirectories with BuildKit a6c15a5e60 Replace vbom.ml/util with fvbommel/sortorder 36cdb166dc Bump Golang 1.13.15 5c5486d910 Replaces ADD with COPY in the COPY section 9152bf265e docs: remove docs for —-from=index e5e227672b Bump Golang 1.13.14 Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
35b9016006 |
docker-ce: update to v19.03.14
Incorporating the following docker-ce commits: 6cfdb61f0a Bump VERSION to 19.03.14 d62f3a4335 update containerd binary to v1.3.9 (address CVE-2020-15257) 223df488a1 update containerd binary to v1.3.8 f1d658df7c Bump libnetwork b42dd308b7 bump up rootlesskit to v0.11.0 ddd056dcd3 docs: fix builder-version swagger 406cc5ef47 Replace deprecated instruction a48b2a414f dockerd-rootless.sh: support containerd v1.4 shim socket path convention de76075442 docs: update 20.03 -> 20.10 in deprecated.md d8fa7ac2c1 Also trim "~..." from AppArmor versions 0a1553c648 pkg/aaparser: support parsing version like "3.0.0-beta1" caae6f925a static: add containerd-shim-runc-v2 94ab0479b0 To allow build for selective distros from top directory. e.g.- for rpm- RHEL_RELEASES= CENTOS_RELEASES= FEDORA_RELEASES=centos-8 make rpm for deb- RASPBIAN_VERSIONS= UBUNTU_VERSIONS= DEBIAN_VERSIONS=ubuntu-xenial make deb 5b7be532be docs: fix broken links in build reference 4afdfee131 Fix gcplogs memory/connection leak f9159f95b9 docs/deprecated: remove minor versions a7d8e5b15e docs: deprecate CLI options for experimental CLI features 265d2d874b docs: add /go/experimental/ vanity URL 45fe9c589c docs: fix generated YAML due to trailing whitespace d54dee5350 docs: update URL for security landing page 8b51565ec3 Add test-case for env with, and without = 4e0e5427b2 builder: add note about alternative syntax fb91a7f7e0 builder: rephrase ENV section, remove examples for ENV key value without '=' 4c5ada19a3 docs: fix "docker logs" example missing container name 5fd841f066 awslogs: Update aws-sdk-go to support IMDSv2 8ff047ef9d Bash-completion: add CAP_AUDIT_READ 12b5d3b4cb docs: document CAP_AUDIT_READ 532ea20102 docs: document optional "CAP_" prefix for capabilities a240747846 docs: sort list of capabilities alphabetically 19498650c3 Bump VERSION to 19.03.13 da428b1aec Complete capabilites with and without "CAP_" prefix. 4056693640 [19.03] vendor: stop using docker/engine fork for vendoring f6cc6fa133 [19.03] vendor: buildkit v0.6.4-32-gdf89d4dc d61bf277b8 [19.03] vendor: tonistiigi/fsutil v0.0.0-20191018213012-0f039a052ca1 4024535260 [19.03] vendor: buildkit v0.6.4-32-gdf89d4dc 9a44f43fb9 swagger: fix MemTotal units in SystemInfo endpoint a75083ebf0 docs/build: add note about git subdirectories with BuildKit 112d03e8ea plugins: update buildx to v0.4.2 ef44b94189 buildx: use v0.4.1 8a18415110 Bump buildx to master to check if it builds on the CI 0100e1c0be Replace vbom.ml/util with fvbommel/sortorder 53c69c574e Bump Golang 1.13.15 87867aff90 Bump Golang 1.13.15 76060cc4a0 Bump Golang 1.13.15 8a905386a1 update containerd to v1.3.7 0ffc8f1e55 update containerd to v1.3.6 aff3f55db8 update containerd to v1.3.5 61f6fac7a1 update containerd to v1.3.4 c938231789 update containerd binary to v1.3.3 ba94dd5a0d Update containerd to v1.3.2 13106ca34e Update containerd to v1.3.1 c5ad02b467 update containerd binary v1.3.0 a0edb6a8cb Fix log file rotation test. b17b2f05b6 Fix flakey test for log file rotate. efe3cf2163 Replaces ADD with COPY in the COPY section 5a861b676c Check for context error that is wrapped in url.Error a438db9875 docs: remove docs for —-from=index 475484e351 Bump VERSION to 19.03.13-beta2 3f7bf34392 oci: correctly use user.GetExecUser interface And the following libnetwork commits: 90990763 service_linux: Fix null dereference in findLBEndpointSandbox 8565f0b1 log error instead if disabling IPv6 router advertisement failed Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
8c5314725d |
containerd: bump to v1.4.3
This version bump incorporates the following fixes: 727e1728d Prepare 1.4.3 release notes ae3a64aa1 containerd-shim: use path-based unix socket 428f10fd2 Use path based unix socket for shims f2e4291b6 Prepare 1.4.2 release 76f3d1955 Update mailmap for 1.4.2 release ca9950755 Update cri version to pickup unknown state fix 0b97c6204 Update cri plugin c0f1add3c Fix Windows service panic file to not be read-only fbe18caa1 Update btrfs vendor for chkptr fix for Go >= 1.14 cbbf257ab Add Go test runs to GitHub Actions CI 19776b75b Adjust overlay tests to expect "index=off" 7eb852214 Allow oom adj test to run in environments with a score 036ede698 Import crypto for all snapshotters during testsuite 5618423a0 Add comments clarifying copyWithBuffer implementation a2ebee357 replicate io.Copy optimizations 9b2156aa8 Improve image pull performance from http 1.1 container registries 56291a221 bug fix:#3448 16e51fc31 Fix integer overflow on windows 6ebd9a94a Update other actions for env/path CVE fix 0a3488c71 Fix GH Actions CI deprecations cc3be9ae3 Bump Golang 1.15.5 ebffce3ad seccomp: add pidfd_getfd syscall (gated by CAP_SYS_PTRACE) 229f5ea4e seccomp: add pidfd_open and pidfd_send_signal e45f41e3a update to golang 1.15.2 695516287 Remove setuid gosu in favor of "sudo -E PATH=$PATH ..." 77931f801 ci: run critest target for all runtimes c745d237e Revendor CRI to get disabled annotation config default 88e7f23bc Read trailing data from tar reader 856a12fca Update github.com/Microsoft/hcsshim to v0.8.10 cc6f72a00 Check if a process exists before returning it 9a44af11d Windows CNI install script using lowercase "destdir" Runtime testing completed on arm64 and x86-64, as well as with orchestration engines. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
6049f9abf8 |
k8s: update to 1.20 release candidate
As part of this update:
- we refresh our CC patch to apply cleanly
- adjust the host side GO_LDFLAGS to drop linker flags that cgo
doesn't like when building generated_files.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Tim Orling
|
fbfced367d |
linux-yocto: add cgroup-hugetlb config
Add kernel config fragment for CONFIG_CGROUP_HUGETLB This is a recommended config for Kubernetes and k8s will throw a warning if it is not present. Signed-off-by: Tim Orling <ticotimo@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Naveen Saini
|
08b5de42f9 |
libvirt: fix host gcc can't recognized option -fmacro-prefix-map
libvirt-python picks host gcc (instead of cross gcc) to build shared library in absense of LD*SHARED flags. Instead of inherit distutils3-base.class, taking SHARED flags to create libvirt-python package. Ref: https://git.yoctoproject.org/cgit/cgit.cgi/poky/tree/meta/classes/distutils-common-base.bbclass Signed-off-by: Naveen Saini <naveen.kumar.saini@intel.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
sakib.sajal@windriver.com
|
968e4116a8 |
nagios-core: fix do_install during cross builds
Upstream started stripping built binaries by default, using HOSTTOOLS install to strip binaries that are different in architecture from the host, raising errors: strip: Unable to recognise the format of the input file TOPDIR/tmp-glibc/hosttools/install: strip process terminated abnormally Hence, build unstripped binaries and let oe build system strip the binaries during do_package. Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Yanfei Xu
|
9fe997733d |
ceph: add support for python3.9
Add support for python3.9, or it will do_configure failed. Signed-off-by: Yanfei Xu <yanfei.xu@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
sakib.sajal@windriver.com
|
6687be2233 |
ceph: add missing include for atomic<bool>
ceph do_compile failed with error: src/tools/rbd/action/Bench.cc:20:26: error: aggregate 'std::atomic<bool> terminating' has incomplete type and cannot be defined Add missing include to fix it. Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bertrand Marquis
|
f7687c8b22 |
xen: Fix xenpmd compilation error on arm32
Add patch merged in current Xen master to solve compilation errors on xenmpd when Xen is compiled for arm32. Signed-off-by: Bertrand Marquis <bertrand.marquis@arm.com> Change-Id: Ifd94aa30e1b3a1016156ead395688f594ad2711d Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bertrand Marquis
|
17660b5e8f |
xen: Fix python libraries installation on multilib
Fix install path for xen python libraries when multilib configuration is activated (which is mandatory to compile xen for x86_64). Depending on the version of Xen, the libraries are installed on lib or on the nonarch lib directory so add both. Signed-off-by: Bertrand Marquis <bertrand.marquis@arm.com> Change-Id: I1f7f81a4e9e1420bce55d1e4bfe03d98ac2c93a3 Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Martin Jansa
|
82bca23d6a |
xvisor: fix build with gcc-10
* with gcc-10 (which doesn't include -fcommon by default) it fails like this: aarch64-oe-linux-ld: error: TOPDIR/BUILD/work/raspberrypi3_64-oe-linux/xvisor/git-r0/git/build/drivers/mmc/core/mmc.o: multiple definition of 'sdio_func_type' aarch64-oe-linux-ld: error: TOPDIR/BUILD/work/raspberrypi3_64-oe-linux/xvisor/git-r0/git/build/drivers/mmc/core/sdio_bus.o: multiple definition of 'sdio_func_type' aarch64-oe-linux-ld: error: TOPDIR/BUILD/work/raspberrypi3_64-oe-linux/xvisor/git-r0/git/build/drivers/mmc/core/sdio_io.o: multiple definition of 'sdio_func_type' aarch64-oe-linux-ld: error: TOPDIR/BUILD/work/raspberrypi3_64-oe-linux/xvisor/git-r0/git/build/drivers/mmc/core/sdio.o: multiple definition of 'sdio_func_type' aarch64-oe-linux-ld: TOPDIR/BUILD/work/raspberrypi3_64-oe-linux/xvisor/git-r0/git/build/drivers/mmc/core/core.o: previous definition here Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Martin Jansa
|
8e4b1e39a2 |
xvisor: skip QA checks ldflags and textrel
* feel free to fix it properly, I don't use xvisor at all it just shown these 2 errors in my aarch64 world builds and this recipe needs more love than just these 2 issues like setting PV to something better than "git" Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Martin Jansa
|
8afc0b32da |
cloud-init: fix usrmerge QA error:
* respect udevdir variable * with usrmerge cloud-init triggers QA error: ERROR: cloud-init-20.3-r0 do_package_qa: QA Issue: cloud-init package is not obeying usrmerge distro feature. /lib should be relocated to /usr. [usrmerge] ERROR: cloud-init-20.3-r0 do_package_qa: QA run found fatal errors. Please consider fixing them. because of: /lib/udev/rules.d/66-azure-ephemeral.rules Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Martin Jansa
|
19c3d8bab4 |
cloud-init: add dependency on systemd to fix installed-vs-shipped QA issue
* without systemd in RSS, setup.py will fail to call:
"pkg-config systemd --variable=systemdsystemunitdir"
and then clound-init might fail with:
ERROR: cloud-init-20.3-r0 do_package: QA Issue: cloud-init: Files/directories were installed but not shipped in any package:
/lib/systemd
/lib/systemd/system-generators
/lib/systemd/system
/lib/systemd/system-generators/cloud-init-generator
/lib/systemd/system/cloud-final.service
/lib/systemd/system/cloud-init.service
/lib/systemd/system/cloud-config.target
/lib/systemd/system/cloud-init.target
/lib/systemd/system/cloud-init-local.service
/lib/systemd/system/cloud-config.service
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
cloud-init: 10 installed and not shipped files. [installed-vs-shipped]
when systemd on host or in the systemd fallback uses
different systemdsystemunitdir value than what OE packages with:
FILES_${PN}-systemd += "${systemd_unitdir}/*"
setup.py fallback:
def pkg_config_read(library, var):
fallbacks = {
'systemd': {
'systemdsystemunitdir': '/lib/systemd/system',
'systemdsystemgeneratordir': '/lib/systemd/system-generators',
}
}
..
ubuntu:
meta-virtualization$ pkg-config systemd --variable=systemdsystemunitdir
/lib/systemd/system
OE (with usrmerge in DISTRO_FEATURES):
cloud-init/20.3-r0$ pkg-config systemd --variable=systemdsystemunitdir
/usr/lib/systemd/system
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
515f39e453 |
guest: import cloud-init from meta-openstack
Bringing cloud-init from meta-openstack into meta-virtualization to make it more visible/obvious for use with Xen and k*s images. Not only is this an import, it is a significant update to the package and the way it is built. Out of the box, it installs either systemd or sysvinit startup services, templates and the main script/binary. It is not expected that this will be useful out of the box, but will need to be bbappended and have variables added to the main recipe to make it flexible for more use cases. But we can't gather those use cases, without the package being available, so we integrate this as a starting point. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
afef7f0635 |
container-base: make CONTAINER_SHELL a conditional image install
In some scenarios (and package managers), packages post install
scripts may have references to /bin/sh.
The package manager doesn't know if the scripts will run on the
build host or target, so we get a calculated redepnds on /bin/sh
base-files and base-passwd fall into this category of having
post installs, but no need for /bin/sh on the target.
If you know what you are installing, and want the smallest
container possible, this package will satisfy the dependency when
assembling the rootfs.
To enable it, put the following in a configuration file (local.conf
or otherwise):
PACKAGE_EXTRA_ARCHS_append = " container-dummy-provides"
This image will detect if the dummy provides arch is set, and will
automatically install the providing recipe, otherwise, busybox is
installed.
If you have a custom shell or want a different behaviour, the
CONTAINER_SHELL variable can be overriden.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
e9a8756758 |
containers: add a dummy provider for /bin/sh and /bin/env
In some scenarios (and package managers), packages post install scripts may have references to /bin/sh. The package manager doesn't know if the scripts will run on the build host or target, so we get a calculated redepnds on /bin/sh base-files and base-passwd fall into this category of having post installs, but no need for /bin/sh on the target. If you know what you are installing, and want the smallest container possible, this package will satisfy the dependency when assembling the rootfs. To enable it, put the following in a configuration file (local.conf or otherwise): PACKAGE_EXTRA_ARCHS_append = " container-dummy-provides" Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Ricardo Salveti
|
74e0b8d2ac |
python3-docker-compose: upgrade 1.26.0 to 1.27.4
Release notes for 1.27.4:
- Bugs
- Remove path checks for bind mounts
- Fix port rendering to output long form syntax for non-v1
- Add protocol to the docker socket address
Release notes for 1.27.3:
- Bugs
- Merged max_replicas_per_node on docker-compose config.
- Fixed depends_on serialization on docker-compose config.
- Fixed scaling when some containers are not running on docker-compose
up.
- Enabled relative paths for driver_opts.device for local driver.
- Allowed strings for cpus fields.
Release notes for 1.27.2:
- Bugs
- Fix bug on docker-compose run container attach
Release notes for 1.27.1:
- Bugs
- Fix compose run when service.scale is specified
- Allow driver property for external networks as temporary workaround
for swarm network propagation issue
- Pin new internal schema version to 3.9 as the default
- Preserve the version when configured in the compose file
Release notes for 1.27.0:
- Features
- Merge 2.x and 3.x compose formats and align with COMPOSE_SPEC schema
- Implement service mode for ipc
- Pass COMPOSE_PROJECT_NAME environment variable in container mode
- Make run behave in the same way as up
- Use docker build on docker-compose run when COMPOSE_DOCKER_CLI_BUILD
environment variable is set
- Use docker-py default API version for engine queries (auto)
- Parse network_mode on build
- Bugs
- Ignore build context path validation when building is not required
- Fix float to bytes conversion via docker-py bump to 4.3.1
- Fix scale bug when deploy section is set
- Fix docker-py bump in setup.py
- Fix experimental build failure detection
- Fix context propagation to docker cli
- Miscellaneous
- Drop support for Python 2.7
- Add script for docs syncronization
- Bump docker-py to 4.3.1
- Bump tox to 3.19.0
- Bump virtualenv to 20.0.30
Release notes for 1.26.2:
- Bugs
- Enforce docker-py 4.2.2 as minimum version when installing with pip
Release notes for 1.26.1:
- Features
- Bump docker-py from 4.2.1 to 4.2.2
- Bugs
- Enforce docker-py 4.2.1 as minimum version when installing with pip
- Fix context load for non-docker endpoints
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Ricardo Salveti
|
2f83558f46 |
python3-docker: upgrade 4.2.1 to 4.3.1
Release notes for 4.3.1: - Miscellaneous - Set default API version to auto - Fix conversion to bytes for float - Support OpenSSH identityfile option Release notes for 4.3.0: - Features - Add DeviceRequest type to expose host resources such as GPUs - Add support for DriverOpts in EndpointConfig - Disable compression by default when using container.get_archive method - Miscellaneous - Update default API version to v1.39 - Update test engine version to 19.03.12 Signed-off-by: Ricardo Salveti <ricardo@foundries.io> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
sakib.sajal@windriver.com
|
af5ed18c97 |
nagios-core: uprev v4.4.3 -> v4.4.6
Minor upgrade including bug and CVE fixes namely CVE-2020-13977 Testing: Built, booted and started nagios-core service without any errors. Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Diego Sueiro
|
cc99031c0b |
xen: extend SYSROOT_DIRS to include installed binaries
If a recipe DEPENDS on xen we should include its binaries in the sysroot. The do_install task also ships files to /boot and /usr/lib64. Hence, extend SYSROOT_DIRS to include these paths. Signed-off-by: Diego Sueiro <diego.sueiro@arm.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Diego Sueiro
|
3620511fad |
xen: run do_deploy after do_compile and do_populate_sysroot
When having rm_work and bitbake needs to re-run do_deploy, we need to ensure
that the ${B} is re-generated, otherwise the deploy-xen will be empty.
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Chen Qi
|
d47e7143e0 |
nagios-core: use /run instead of /var/run in systemd service file
/var/run has been deprecated by systemd, so use /run instead, as suggested by systemd. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Chen Qi
|
3f8f47e31e |
nagios-nsca: use /run instead of /var/run in systemd service file
/var/run has been deprecated by systemd, so use /run instead, as suggested by systemd. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Chen Qi
|
28cca9a78e |
openvswitch: use /run instead of /var/run in systemd service file
/var/run has been deprecated by systemd, so use /run instead, as suggested by systemd. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
9d5d904f8a |
containerd: provide 'ctr' along with 'containerd-ctr'
Historically we copied ctr into the install as containerd-ctr, but many different guides expect 'ctr' to be present. So we make the copy and then create a symlink to make both variants available. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bertrand Marquis
|
7a8167fa82 |
xen: Fix x86_64 xen-tools installation
Python related things are installed in /usr/lib and not /usr/lib64 even if xen-tools is built for x86_64 with multilib activated. Use nonarch_libdir variable for all python related files. Change-Id: I24e4336aaac4477efc5dc7426a6d9e909c98a6af Signed-off-by: Bertrand Marquis <bertrand.marquis@arm.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Robert Yang
|
28fda6d848 |
kubernetes: Fix race issue for installing go2make
The src/import/build/root/Makefile.generated_files are called several times during the build, so the following target which installs go2make will also run several times: $(META_DIR)/$(GO_PKGDEPS_FILE): FORCE It runs automatically when the Makefile is called because of: sinclude $(META_DIR)/$(GO_PKGDEPS_FILE) So there is a race issue of go2make when parallel build: hack/run-in-gopath.sh: line 34: build/tmp-glibc/work/corei7-64-wrs-linux/kubernetes/1.18.8-r0/git/src/import/_output/local/go/bin/go2make: No suc h file or directory Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
80d83eacda |
containerd: fix x86-64 build
Since our oe-core go infrastructure insists on both -pie and static
builds (for the most part), and that is not recommended by many
packages, we end up with errors like:
containerd-opencontainers/v1.4.1+gitAUTOINC+e44e8ebeaa-r0/git/src/import/cmd/containerd-shim
cannot find package runtime/cgo (using -importcfg)
containerd-opencontainers/v1.4.1+gitAUTOINC+e44e8ebeaa-r0/recipe-sysroot-native/usr/lib/x86_64-overc-linux/go/pkg/tool/linux_amd64/link:
cannot open file : open : no such file or directory
In a similar manner to:
https://www.yoctoproject.org/pipermail/meta-virtualization/2019-March/004084.html
We introduce '-a -pkgdir dontusecurrentpkgs' to mask/fix the problem,
and continue to work towards non-static builds.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
f59d55ec57 |
conf: add gatesgarth to compat, drop zeus
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bertrand Marquis
|
1d86197846 |
ipxe: Fix gcc10 compilation
Add ipxe patch to pass -fcommon flag to gcc during compilation. This patch is required to have ipxe compiling properly with gcc10. Without it the following error occur (and multiple others of the same kind: bin/blib.a(epic100.o):(.bss+0x0): multiple definition of `_shared_bss'; bin/blib.a(davicom.o):(.bss+0x0): first defined here Change-Id: Id9aed4cfe6bec9c0cbdb0b99271ddff472f1f0c3 Signed-off-by: Bertrand Marquis <bertrand.marquis@arm.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
ef00e949b7 |
containerd: package runc shims
With the newer containerd, we need the runc shims in order to properly start a container. So we add the v1 and v2 variants to our install and packaging. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
68a9860fdc |
containerd: depreciate containerd-docker
The containerd-docker fork has been abandoned for a while now. We take the first step in removing it, but making it generate a warning if someone attempts to use it. Next release, we'll consolodate the .inc and remove the recipe. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
d3207bbd6f |
containerd: upgrade to 1.4.x
Updating containerd to the 1.4.x release series, which contains the
following changes:
97d690d20 Prepare v1.4.1 release
42f387186 Always consume shim logs
f247618a3 Report correct stats for windows containers
cc5d1518f Update go list to respect build tags
086e859d2 BUILDING.md: fix description about static builds
16712ae49 bump cni version to v0.8.0
1575c88cc seccomp: add `faccessat2` syscall.
8bd2becea seccomp: add `openat2` syscall.
4e3397e05 shimv1: downgrade poroccess missing log to debug
d118c90d3 Ignore SIGURG signals in signal forwarder
3ee6189fe Exit signal forward if process not found
a1289d6b8 tasks: Monitor v2 tasks in initFunc as well
1f823f76d seccomp: allow io-uring related system calls
3d28944be seccomp: allow clock_settime when CAP_SYS_TIME is added
e5cc7d527 seccomp: allow quotactl with CAP_SYS_ADMIN
20273a803 seccomp: allow sync_file_range2 on supported architectures.
357d10021 seccomp: allow personality with UNAME26 bit set
0c9de6629 seccomp: allow syscall membarrier
caa461167 seccomp: allow adjtimex get time operation
2b80b7dc4 seccomp: allow add preadv2 and pwritev2 syscalls
e71eccbca seccomp: move the syslog syscall to be gated by CAP_SYS_ADMIN or CAP_SYSLOG
feff914af runtime: ignore ErrNotExist when remove rootfs
23e0ea27b snapshots/devmapper: fix rollback
d68ddb0c0 Prepare v1.4.0
6be2eccd7 Update releases page for v1.4.0
d469bffcd CI: disable crun on Vagrant to decrease flakiness
77a33e3db systemd: add license header to systemd unit
8d39722fe Vagrantfile: increase memory
41469ed72 Update version for 1.4.0-rc.1
60fa35f11 Fix DCO commit limit
d2472ecc5 Add CRI release build
1c7312e5d Update containerd systemd unit file
ccda53760 Create etcd user in cloud init.
e973719cc use containerd/project header test
cb7ffd4b0 Fix indent in cni.template.
3e03ba7aa Update deployment and integration test
9c5451792 Add TaskMax=infinity
523b0b3c6 Remove `noSnat`
231d291b2 Use v2 config.
1e1688d21 Use per-pod shim.
87bd84a7b Add DefaultRuntimeName option.
cfab98a5f Use ctr images import.
5e3ac16cc Add `cri` as required plugin.
5b9d8476e Use runc.v1 for now for debugging.
e6e272e74 Enable runc.v2 as the default runtime in test.
d19aa0fd2 Use local env to avoid writing to passed-in readonly env.
ee6d69bbc Set default "" to extra runtime handler.
474c79bd5 Expose vars to configure an additional runtime handler
ce12477f4 Support docker 18.09 in the test script.
146712101 Remove the unused `health-monitor.sh`.
201ad4d3c Support netd in GCE bootstrap.
5ce705750 Serve streaming on localhost by default to match k8s 1.11 default.
b553fdaf3 Remove crictl on GCE for all cases.
d8ce08fd9 Set stream server to serve on localhost on GCE.
1629bab7f Make max container log line size configurable through cloud init.
042378dcf Disable TLS streaming to work with new kubelet streaming proxy.
37f2ecad9 Update cni.template
b58b6fef8 Disable restart plugin on GCE.
f938a166c Fix kube-container-runtime-monitor.
91f8e61bd Use crictl installed in kube-up.sh
5161f663e Add `unix://` prefix for socket addresses used by CRI remote client.
1b995fcaf Add KUBE_CONTAINER_RUNTIME_NAME to fix fluentd support.
48457a254 Try using preloaded containerd if no version is specified.
c67a38b0b Add log level support.
4453aac00 Improve gce bootstrapping in various ways.
1bd3cdc57 Add cni config template support.
d520fac50 Enable TLS streaming in all the setup.
cdb4aec93 Use systemd service cgroup and oom score adj.
af8bd8068 Fix for kube-up.sh and update several documments.
005da4a9b Replace `ctrcri` with `ctr cri`.
0e2bd216c Update GCE cluster bootstrapping and e2e test
59e65e1f3 Enable container log rotation.
85b4e69c9 Do not block on stream server close.
2ea6584ca Add initial wait for health-monitor and use pkill -x.
56b7ef2c4 The ENV is finalized as KUBE_KUBELET_EXTRA_ARGS.
24a3a0a06 change crictl sandboxes to pods; other references to sandboxes
8bc30e7a2 Update ocicni to main stream.
a01071558 Add a separate CLI for cri-containerd `ctrcri`.
a843a3064 Use registry-1.docker.io as backup
ec649079a Put version into metadata so that version won't be changed across restart.
7cbc1c8dc Set registry mirror.
9f0816ac4 Configure container runtime cgroups for cgroup.
be72f47ec Add runtime cgroup and fix a cli panic.
680e21c43 Update all glog flags to `log-level`.
d50b9dd64 Update containerd to 6c7abf7c76c1973d4fb4b0bad51691de84869a51.
869ea6b0c Add document for kube-up.sh
30cbfb62e Add OS and arch in release tarball.
0512d1e0b Add `cluster` directory and health-monitor.sh.
a1736f98a vendor: containerd/cri 4e6644c8cf7fb825f62e0007421b7d83dfeab5a1
15fa7f378 vendor: update kubernetes v1.19.0-rc.4
4a0ac319c vendor: golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4
f80b4dc58 vendor: golang.org/x/net v0.0.0-20200707034311-ab3426394381
5a9a6a145 vendor: golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
aa40ebb41 vendor: json-iterator/go v1.1.10
b4376e986 Update Vagrantfile for testing SELinux
55c9eade3 Bump Golang 1.13.15
e3e2c3946 update docs/rootless.md
843360298 update runc to v1.0.0-rc92
e20a5079e Add --cpu-quota, --cpu-period flag to ctr
3cc2be2a8 Update cri-tools to v1.18.0-100-g2bf7674 for Go 1.15 compatibility
628855923 Prepare 1.4.0-rc.0 release
74e9aa7ab snapshots/devmapper: don't hardcord the platform strings
adeba792f Add namespace query parameter for registry proxying
5a190c707 Remove seccomp/Linux deps steps in GH Actions
6988b4d64 remove `seccomp` buildtag
362b7167a vendor: update cri (no more libseccomp cgo dependency)
03b5a053e remotes: mark GetTokenScopes public
b43a01a22 Change nodeset to `ubuntu-xenial-arm64-openlab`
04b98bb0e Deprecate legacy shims
b87023185 vendor runc library to v1.0.0-rc91-48-g67169a9d
02afa9425 Add --cpus flag to ctr
aa56cfc0a Import Windows manifest into test build, rather than copying by script
5b1627410 vendor: update containerd/continuity efbc4488d8fe1bdc16bde3b2d2990d9b3a899165
1ec1e9eab Add Windows 10/Windows Server 2004 for integration tests
faa4ff56e Usefully fail tests with unknown or bad Windows Build version
3795dd41a Always report server log from verbose integration test runs
4318f93f9 Add Spec() method to task
3611efdce update cri to 8448b92d237e877bed1e4aa7a0baf0dee234
1b320bcc2 update for cni config
c2081369c Add doc about remote snapshotter
403dc83a2 mount: retry executing the helper binary on ECHILD
06fb93e0f Reject host-mode networking on Windows
ca15cb0d8 Fix incorrect (cut-and-paste) method comment
c8b14ae4c Set content labels based on content type
d7b9cb001 shim: move event context timeout to publsher
b97c660e1 cgroup2 CI: add RUNC_FLAVOR=runc
1a7bbd1f7 vendor: update containerd/cri
96099550b parseIDMapping: accept 32-bit IDs
089672fff Bump Golang 1.13.14
c383436af snapshots/devmapper: suspend a device to avoid data corruption
71f11db8a Annotate bare ErrNotImplemented returns
061d338ec CI: run CRI tests on Fedora 32
decbb0499 RELEASES.md: fix a dead link
b2ee43206 CI: add back shim v1 test
c4418bb3a CI: remove an unreferenced variable
212c29833 Updates to go-systemd and selinux
b47c7ec27 Update to later version of critools with timing fix.
7af3d7e17 Don't clash with GH Actions runner's containerd
c520f819a Bump Go 1.13.13
7119a2a15 platforms: don’t log arm variant error on darwin
fc0448518 Update version to 1.4.0-beta.2
cc493eba3 vendor: containerd/cgroups 318312a373405e5e91134d8063d04d59768a1bff
7855b0a78 Make title similar with other CI workflow jobs
852587cd1 [events/exchange_test] Fix deadlock in TestExchangeFilters
d47c0392d Updating build doc to require Go 1.13
09f453394 CI: {v1, v2} -> io.containerd.runc.{v1,v2}
d7e59b141 enable removecontainer to forcibly remove containers
963625d7b Update runc to v1.0.0-rc91
c041970e9 update crun to v0.14
a6dd1f27d update urfave/cli v1.22.1, go-md2man v2.0.0, blackfriday v2.0.1
68b736ddf cio: should not open fifo for stderr if terminal
57a9f0b50 Minor actions fixes/updates
148cc8f71 [events] Fix deadlock in TestExchangeBasic
aa191deff Change log for unknown mt to debug
45c28f56b Add ability to use remapper labels versus remapping snapshot helper
c76bf5504 Make unique snapshotter opt for label-assisted remapping
331793118 allow user namespace remapping using snapshotters
e977564a8 seccomp: allow 'rseq' syscall in default seccomp profile
e7f069e2c describe content flow and dependencies
b96f5f4b5 Fix deprecation warnings in CRI tests due to missing unix:// scheme
fd99b6566 decrease log level of cgroup2 ToggleController error when running in UserNS
2b0a994cc explicitly fail apparmor when !linux
bebfbab03 vendor: update bbolt to v1.3.5
1a83f9a63 Bump Golang 1.13.12
03ab1b2ca Add config for allowing GC to clean unpacked layers up
ee734e867 Add test case with backticks
ea0687769 vendor: golang.org/x/text v0.3.3
f1a469a03 shim v2 runc: propagate options.Root to Cleanup
8897e1520 Add more test cases with single quotes
cb91b1724 Add testcase containing mountpoint with escaped backslash
87f9fdb06 Cope with double quotes in Linux Mountinfo
4c49ff88c integration: assume TEST_RUNTIME to be io.containerd.runc.v2 by default
785f4c5cd Bump CRI for 1.4x release
730b7a932 Change the type of PdeathSignal
d656fa38c restart plugin: support binary log uri
0f831093c Update usage of whitelist in project
d36810d66 overlay: use index=off to fix EBUSY on mount
7213cd89d Process I/O: Fix goroutine leak
ae08491bf waitForPid: fix goroutine leak
8fcd5a1f2 Streamline hcs shim release flow
ef0cf1264 Match version used in CRI project
2be80f999 Add windows hcsshim to release pipeline
3e95727f3 Make killing shims more resilient
e64b14820 Revendor CRI to 62c91260d2f43b57fff408a9263a800b7a06a647
3dd8242a6 Add host specific headers
2f601013e cgroup2: implement `containerd.events.TaskOOM` event
62fd1750e Revendor CRI to 8898550e348932e406049e937d98fb7564ac4e7a
2bc4e90f6 Don't inadvertently clip release notes
636c533d9 Add ctr subcommand to print default OCI spec
230cf6ded Add unit test for func in remotes/docker/handler.go
bb2b2825b Add release GH Action triggered by signed tag
8f1ddb142 Update release for 1.4.0-beta.1
c376f4f76 Move Windows testing to GH Actions
322628347 Fix client tests to work on Windows.
b8ccdcb07 Add `ctr` flags for configuring default TLS credentials.
c5273930b Update CRI to 52c2c6b5df15790b671ebd6cbbc6039a4d30
af131d725 cgroup2 CI
e34bf08e5 riscv64 arch does not support -buildmode=pie
0c9b05fa6 Fix image usage calculation error
84619ee99 Fix configurations with no server provided
06b0cd45b Fix nil pointer errors
03755821d seccomp: remove the unused query_module(2)
5765991f2 seccomp: Whitelist `clock_adjtime`
db74d3115 unpacker: Fix data race and possible data corruption
232518252 docker: fix data race on err
d07a71b97 Bump Golang 1.13.11
0207b7ff0 Enable running CodeQL on PRs that modify Action
1a06884f1 Add CodeQL Analysis workflow
563964e9d Trigger nightly builds on pull reuqest events
77ab0104e Add release notes for 1.4 beta
6eeed18cb vendor: opencontainers/go-digest v1.0.0
7cdacdda8 Set codecov to not comment on PRs
3e7bbb8a4 vendor: update containerd/cri, remove "docker/distribution" dependency
9898dc2a6 Code about `task` in "README.md" is out of date
f09e99909 vendor: containerd/go-runc 7016d3ce2328dd2cb1192b2076ebd565c4e8df0c
d9d1d5b62 vendor: containerd/fifo f15a3290365b9d2627d189e619ab4008e0069caf
c5078a5b7 vendor: containerd/continuity d3ef23f19fbb106bb73ffde425d07a9187e30745
b437938d2 Transfer error to ErrNotFound when kill a not exist container, also add test case.
2c77dc63a vendor: update containerd/cri to current master
a4f8be1d4 vendor: kubernetes v1.18.2
0d198fd09 vendor: roll docker/distribution back to latest (v2.7.1) release
1b9640496 ConfigureHosts: remove deprecated DualStack option
e9e765d6e Use tagged versions in vendor file
bd3210d29 remove releases/*-beta.toml
ed261720c Update ttrpc/typeurl to v1.0.1
dc92ad652 Replace errors.Cause() with errors.Is()
f212e7d1f vendor: github.com/pkg/errors v0.9.1
63b7587cd snapshots/devmapper: fix race windown causing IO hangup
24b331ad1 omit sudo when EUID eqto 0
0088c2de8 sys: RunningInUserNS(): use sync.Once
76c62f272 sys: simplify RunningInUserNS to original implementation
6a9b94927 Remove remaining uses of libcontainer/system package
37c839e59 sys/proc: remove GetSystemCPUUsage as it is unused
1b66fecad Integrate sys.SetSubreaper, sys.GetSubreaper in sys/reaper package
fffea312a move sys.Reap() into sys/reaper package
295e74008 sys: remove custom setChildSubreaper const
ec12d3042 vendor: sirupsen/logrus v1.6.0
23aab35fd Remove libcontainer from containerd-shim
ae7cdc814 vendor: update containerd/cri
c1096864a Update to latest hcsshim - 0.8.9
ea182aec8 vendor: sirupsen/logrus v1.5.0
68f151593 vendor konsorten/go-windows-terminal-sequences v1.0.3
046a520c9 vendor: update containerd/cri dc7afe8fbe53db06c3f883f6f8c9895a9dfb2314
8e76d18ef remove if condition because it is handled by the sdNotify daemon func
1a10211e3 WithLease: always return context and done fn
98b30f469 Add commands to mount/unmount image from ref
cd0e62f5c Allow more time for containerd to start for integration
9687ba631 test: TestRuntimeWithEmptyMaxEnvProcs should cleanup
b566859ac .zuul: update go version to 1.13.10
32649fe30 Fix retrieval of golangci-lint specific version
126e497e6 vendor: update ttrpc with 6e416eafd26e6e738df716b21d421d5b59702bb4
0116352e1 runtime: ignore ttrpc.ErrClosed when delete task
917e7646a Add binary IO tests
9175401b2 Cleanup binary IO resources on error
0dc7c8595 Don't use timeout package when stopping shim logger
857408315 This config no longer exists, so remove from docs.
e79d666cd vendor: update containerd/cri 61b7af7564602234662562a9d37e772f5a54facb
61597b431 Disable Travis CI on master
74ceb35f5 Small fixes to our Actions CI workflow
7a252f3ca Build runc with selinux support
041545cd6 Fix protobuild and CI check protos
e3bc5c487 Use GH Actions CI status for badge
49200a1dd CRI plugin needs selinux tag as well
d97cca47e RELEASES.md: update release1.2 status
4615111ba content/local: validate digest before calculating path
a6828e8c3 CI: Some Go 1.13.10 updates that were missed
7da1e13b5 Bump Golang 1.13.10
35c14c6b5 sys/mount_linux: use pipe for communicating mount result
f328f61b8 Update to selinux 1.5.1
f7c2bf544 Migrate functions to actions
d7c2513ff Update integration test timeout
0caa23315 Rework shim logger shutdown process
067aba732 Add test for default setup for host configuration
d9a1c3f9e bugfix: add default host config if not set
6d4429edd Setup dependencies between jobs
e598e5e0c Add CRI tests
4175ebf23 Move integration tests to Github Actions
599547d9c Make binaries with Github Actions
3968fb0a4 Revert "vendor: update go.etcd.io/bbolt v1.3.4"
056d60224 vendor: update go-events to fix alignment for 32bit systems
4fb3410f6 vendor: cilium/ebbf 4032b1d8aae306b7bb94a2a11002932caf88c644
e822296fc vendor: runtime-spec v1.0.2
3261fb5c4 vendor: containerd/cgroups b4448137398923af7f4918b8b2ad8249172ca7a6
aa76d9537 Bump Golang 1.13.9
ad090e67e man: move ctr.1, containerd-config to section 8, and fix generation
356782cb4 Makefile: man page: rename containerd.1 to containerd.8
547301cb0 Update ctr resolver to use new config package
17b6050d2 Add Docker resolver configuration package
dc131aa86 support loading certs from a directory
c263c5b14 Add unit test for func in remotes/docker/handler.go
c8d9c6f2a Add unit test for func in remotes/docker/handler.go
fb9e3d9f2 vendor: update go.etcd.io/bbolt v1.3.4
e4cbbc78b Move checks to Github actions
c1a218195 Add docs for build tags used by cri.
d654dbafa Allow the id for cgroup metrics to be changed
78ab1d13d Correct logic of FIFO cleanup
92a36dc10 Add version numbers for newly tagged repos
0c78dacbc Move isFifo from process/io to sys/ and make public
9529c69b8 seccomp: add 64-bit time_t syscalls
ebd745f91 ctr: do not assume runc options by default
e2269f2ae archive: skip chmod IsNotExist error
bd2265300 Add devmapper configuration examples
5ef66e48f ParseSignal: drop add'l check for numeric signals
649f2aac6 add -v to shim binaries
4ff9d6996 Increase golangci-lint timeout
c00cf9a67 vendor: containerd/cri 92cb4ed9786a6cd271152ba1f862183d84701003
488d6194f fix dial error when clean up a dead shim
6e638ad27 Nit: fix use of bufio.Scanner.Err
4326fc624 Update Golangci-lint v1.23.8
4756258fa service_windows.go: remove unused "service" variable
a9bd451ab Avoid duplicate imports of github.com/gogo/protobuf/types
cad67b73f Update btrfs dependencies in docs for debian buster and ubuntu 19.10 * Fixes: #4090
632023698 Partial revert of sys: windows: use golang.org/x/sys/windows
0a7fd55f3 sys: deprecate EpollCreate1, EpollCtl, EpollWait
7b06192f6 sys: windows: use golang.org/x/sys/windows
1b7d1e81b vendor: golang.org/x/sys 5c8b2ff67527cb88b770f693cebf3799036d8bc0
ddae905b8 Support NOTIFY_SOCKET
b78dfbdfb vendor: golang.org/x/sys 52ab431487773bc9dd1b0766228b1cf3944126bf
ba6796abd vendor: update kubernetes v1.18.0-beta.1
f3d062423 vendor: sigs.k8s.io/yaml v1.2.0
04c805e63 vendor: github.com/google/gofuzz v1.1.0
12c7d6976 vendor: update containerd/cri 1a00c068864a59835ff442e0dddfa5a254be6bb3
5607b23b0 vendor.conf: move some imports to match position with containerd/cri
e3ab8bda6 Avoid allocating slice for finding Process
1239f5403 export cgroups collectors
8c9e84174 RELEASES.md: update release status
e0a8fe7cb vendor: bump golang.org/x/crypto bac4c82f6975
a687d3a36 Check error return from json.Unmarshal
a3ca8a0df Add linux resource oci.SpecOpts
00e6be9f4 Add ctr c info --spec flag to output spec
3be12fe1c Do not loose snapshotter options
8cddb5f91 Pass snapshotter opts during Pull
a3685262f snapshots/devmapper: do not stop snapshot GC when one snapshot removing fails
b6bf7b97c devmapper: async remove device using Cleanup
c7eec0c17 Fix file header in builtins_cri.go
f2edc6f16 vendor: update gotest.tools v3.0.2
026e43806 Update to a released version of opencontainers/selinux (1.3.3)
f8ade8deb Use named error return for service#StartShim
985b26f2f AppVeyor: disable download progress on choco installs
4105135e3 fix killall when use pidnamespace
4dd75be2b Unify dialer implementations
8e448bb27 vendor protobuf & grpc
c134a9bef Use spec's mountLabel when mounting the rootfs
1d888ad6a cleanup the image synchronously for Usage case
18e581dd9 bugfix: cleanup dangling shim by brand new context
fed8890e9 Enable CRI plugin for Windows builds as well
84464b801 v2: Cancel shim log ctx when ttrpc is closed
f3652d068 vendor: golang.org/x/crypto 1d94cc7ab1c630336ab82ccb9c9cda72a875c382
773adf7ab Remove the executable bit for api/*.txt files
8e685f78c support building with BUILDTAGS="no_zfs no_aufs"
61596169b Update .mailmap
f44d36099 Update .mailmap with changes from release-branches
499ab8a99 Update Golang 1.13.8
246a560ed script: use github.com/kubernetes-sigs/cri-tools directly
75d0c5f2e Fix incorrect comment from copy/paste of starting script
0dd6d24d2 Fix reference to LICENSE in README.md
89de113de Support 32-bit userspace on 64-bit ARM cores
d8a0d29c2 Set octet-stream content-type on put request
348e683ce Fix zsh autocomplete script
263ab7014 vendor: bump gopkg.in/yaml.v2 v2.2.8
4c3827889 vendor: update containerd/cri c0294ebfe0b4342db85c0faf7727ceb8d8c3afce
f0652e143 Make tests less flaky
bb8af922b Add support for custom wcow and lcow sandbox scratch sizes
5e6d56ee2 Fix startup_delay within default configuration
833701165 ctr events: do not exit on an error
200241163 vendor: update golang.org/x/crypto 69ecbb4d6d5dab05e49161c6e77ea40a030884e1
32ba75f0f Update Golang 1.13.7 (CVE-2020-0601, CVE-2020-7919)
e42110f32 Fix broken link to release-tool
e2e07c9bc RELEASES.md update links to latest v1.2.11 and v1.3.2
0dc69620b update dependencies of containerd/cri
53ced5ffe update to latest containerd/cri (master)
faf03c3d2 Pick up fix for CVE-2019-16884 in opencontainers/selinux
923c05bed Bump to opencontainers/runc new version - v1.0.0-rc10
e44d00865 Appveyor on_success field should be an array.
a224937d2 Disable CGO for AppVeyor build steps
75af17946 Pull: create image record after blobs download
45a17cffb Vendor Microsoft/hcsshim with CGO removal
94964b36d Update Golang 1.13.6
22b73a9a7 vendor: bump containerd/btrfs to 153935315f4ab9be5bf03650a1341454b05efa5d
1189cc40f snapshots: fix flaky TestMetastore
35a8e6e58 sys: clean up process after test
3eb57b01b Added IO metrics
e859b8a92 gc: increase sleep time in test
486d33631 test runtime v2 CPU settings
66508589d fix: eventfd leak for v2 runtime with v1 cgroups
9456040ac fix: eventfd leak
2f0db8e2a vendor: bump prometheus/client_golang v1.3.0
e10c91187 vendor: bump prometheus/client_golang v1.1.0
845b91d6b vendor: bump prometheus/client_golang v0.9.4
04506b87d vendor: bump docker/go-metrics v0.0.1:
99911ea66 vendor: bump prometheus/procfs v0.0.8
ed6ae8186 vendor: bump prometheus/common v0.7.0
c02dc24ec vendor: bump prometheus/client_model v0.1.0
77a3780c2 vendor: bump beorn7/perks v1.0.1
e1221e69a revendor containerd/cgroups
4d62d8795 bump microsoft/hcsshim to 0.8.7
95fbf3dc2 Fix unpacker to pass use apply options
3af3a7602 Fix filter errors
7b52bc506 Add unit test for func in filter.go
cd1cad9d5 Support disk usage in windows-lcow snapshot
f3090ce80 ci: set pipefail in zuul script
90cd777a6 platforms: fill default arm variant when parse platform specifier
b553bc14a update docs/rootless.md
94d499843 Add Makefile variable to skip test packages
123af61c0 Add Cleanup to snapshot API
465c11dc8 Fix build with gccgo
52e477f94 Fix outdated comments
b127b666a ctr: support $CONTAINERD_ADDRESS env var
a4b423b19 overlay: test actual Opts
067a66b90 .travis.yml: run test with crun
1fb1d9321 v2: Fix missing ns when openShimLog on windows
a18f77bea create local version of introspection service
e739314ed mount: support FUSE helper
87e2a9595 Fix a typo in task.go
d82fa4319 v2: Call shim.Delete at first when create is failed
493a36de9 Move label filter to snapshots package
06f6ea099 switch nighly builds to Go 1.13.5
c07e356d2 Update Golang 1.13.5
072dfbaf3 Support pushing a specific platform of a multi-architecture docker image to a registry
4ccb7aa22 Enable to propagate necessary information to snapshotter during unpack
496836c09 Update containerd/console vendor for fix
a057bfbd7 Add more adopters to ADOPTERS.md
facedf898 Remove an empty line
05d192929 Update checkImages to accept images.MediaTypeDockerSchema2Manifest
c4ed3ff1e Replace ocispec.MediaTypeImageManifest with manifest.MediaType
fbd46d709 runtime v2: Close platform in runc shim's Shutdown method.
02dcf384b Disable criu tests in Travis CI
62adc516d sys: mkdirAs: do chown if dir already exists
49e7039a8 cpu metrics consistency
b9d9bdf1f make cpu metrics consistent with v2 docs
929ab521c fix system usage naming
659c971ca task metrics fix
23dbae3e7 Schema name fix
17d61d6b7 Units fix
f287bc229 Schema names fix
6bfb24824 Fix prometheus metrics units
b98cc7918 Added memory and cpu metrics for cgroupv2
75efbaf67 Attempt to make device mapper snapshotter tests less flaky
9eef69e3a Update after review comments
43fca9eba metrics: rename pids_v2 to pids
a022c2181 Improve host fallback behaviour in docker remote
fa62b6d23 Use logrus instead of printf for warning
08517e586 Allow empty scope authorization
499fbb033 Improve install scripts
e0011978f start.go: Improve help text
9862cb8f8 support user remapping in ctr
b02e20f12 cgroup2: enable controllers automatically
8f870c233 support cgroup2
caeacfce3 Correct grammar/typo in BUILDING.MD
51a6813c0 Split uid and gid user ns remapping in oci
30d92eff1 Defer layer download until unpack
9d5a095b0 Bump containerd console for os.File changes
cd23ad244 Bump go-runc for buffer race fix
6a22a8fc9 Return the underlying images metadata
787be0efe Modify ctr run to search for read-only flag instead of readonly
cfb4f734d Make sure for next release branch appveyor runs
f92470b3e Fix dependency in BUILDING.md
a6b6097c9 Fix container pid.
726dcaea5 update cpuinfo to make variant matches aarch64 and so on
6fa9a42ea vendor.conf: sort imports alphabetically
a44189d2f vendor.conf: pin all dependencies by git-sha
55ea3dc9b vendor.conf: reformat to use columns
8da434668 Fix cleanup error on content client test
252d6550f Update cri and docker vendors
8a66dc6ed bump containerd/go-runc a2952bc25f5116103a8b78f3817f6df759aa7def
526c0db69 Support target snapshot references on prepare
d1261b508 Update snapshot parent filter property to always exist
11ef041ff Update golang.org/x/sys to recent commit
afd33bce8 test add tests to spec_opts
731e144a4 devmapper: update example base image size in README
19f7f3ccc test: Do SynchronousDelete cleanup before testing ImageIsUnpacked
0bb48aef0 Add `--log-file` flag for windows service.
c56059162 Avoid deadlock in unpacker.
32ef2e630 Update README
82651d386 Cross build nightly builds (arm64, s390x, ppc64el)
c479156b8 Add Github workflow for nightly builds
856ea3055 Add client unpack opts
3db1c3b8f Better support windows binaries.
843423ec3 snapshots: return error if readSnapshot fails
5bf2c6fc2 Fix panic on reference.Spec.Hostname()
fda652be5 Update name for btrfs headers package
a647407ca Fix dependency in BUILDING.md
608791bfc Update to Golang 1.13.4
cfb425fc1 Update .mailmap to reduce duplicates
15669a1d3 Update to Golang 1.12.13
8f74de9e9 ctr: allow specifying --runc-systemd-cgroup
7f5d90076 ctr: allow specifying --runc-binary
0f4374169 Add proto path /usr/include to Protobuild
4c99c8132 mips: -buildmode=pie is not supported for the mips arch
fdf7a795b Clarify requirements for identifiers validation
76aa4e546 Use common identifiers package with less restrictive regex
84879b7c4 Add CGO makefile flag
7c016b655 add tests to server_test
8f9eff4fe Support disk usage in windows snapshot.
d21f0f116 windows process shim installer
a2688b972 bring back aufs and zfs
78be73662 Return not found error if no platform matched.
d12b53a07 ppc64: -buildmode=pie is not supported
5e5584196 Makefile: Drop vndr whitelist
20e844a22 Use logrus trace support.
66aa1d3ef Add snapshot walk implementations
e8c14c07c Added filters to snapshots API
f593efdf0 RELEASES.md: 1.1 EOL
aaccfcbe2 Fix `containerd config dump`.
c224edc5c apply: use naive applier when running in UserNS
37b56cafc Add ctr metrics support for Windows/LCOW containers
178469e2a Update Microsoft/hcsshim vendor
3bf461ae8 Move autocomplete files to contrib/
885232b72 bump google.golang.org/grpc v1.23.1
6356e55be Update Golang 1.12.12 (CVE-2019-17596)
074b453ac vendor: call vndr to remove useless pkgs and update vendor
7177af84a Allow 202 response code for commit
d52cbc19b snapshots/native: ignore xattr errors during CopyDir
f8cca26f3 Handle large output in v2 shim with TTY
d5b7bf51a Move flag.Parse in tests to TestMain
54257bb5e Add local-fs.target to service file
a6d3f4d30 Add device opts to ctr --privileged
ffcb1cc9b Fix delete error code on the containerd daemon side.
036db34f3 build: Fix manpage generation
06be794cb Fix shim delete error code.
901bcb223 Add distribution subpkgs to core
eaef634ef version: use runtime.Version() directly
25947db04 Add support for spec generation with host devices
c0984941e adding go version to client description
fe947e83d bump runc v1.0.0-rc9
772032598 Fix flaky btrfs test
e4e7e554d Make client's WithLease more flexible.
18be6e371 Use cached state instead of `runc state`.
f277665ed Bump runc to 1b8a1eeec3f337ab5d94f28980
e33f70385 Add more detail on releases
8ff5827e9 Update cri and cgroup packages
b5fa55b0c ctr: Enable shell autocompletion
45ce73567 Limit travis release script to a single build
0cb7e4d5f Perfect documentations
b172b7f9d Update release docs for 1.3.0
394db03f1 Fix all media types in Accept header to match RFC
90735a5d1 Update cri to 5d49e7e51b43e36a6b9c4386257c7d08c602237f.
1b1b862eb Get CRI dependency versions from containerd vendor.conf.
35d3bae1e AppVeyor: bump golang 1.12.10 (CVE-2019-16276)
95dbbdc8c Bump runc for CVE-2019-16884
62c2eea78 fix-up typo
c5821baa4 Sync and stat btrfs loopback in tests
5ea936362 Perfect documentation
a0ae24b98 Word spelling correction
85eac2550 Add release note for gc fix
cbbb6a229 Update release note.
fc31fa176 Update cri to 4ea022f82a55c449bf15bfc62ac8b0de968d81be.
0b224ac7d Update metadata interfaces for containers and leases
2a636f8c3 gen-manpages: Create man directory if it does not exist
0a2129222 Check for more kill error types
dd5122809 Don't search for state.json path
6f31417d4 Generalize media types
f3148d0b9 Add metrics type alias
57b51b948 Move golangci-lint deadline to config file
e84a84a5a Add function to set custom auth scope in context
bca374aa1 Get media type key from context
20d3fae3d Add Opt for modifying shm size
83a72858f Makefile: increase deadline to 2m for golangci-lint
b4211d94e fail on file not found for shim reconnect on containerd restart
fd6299be9 Fix density spec generation
3bc99755d Try set GOGC for golint
19ecd49ed implement ctr -connect-timeout
58892a3ba Skip darwin deploy
5bb0281d1 Fix missing vendor packages
5a656cacb Move manpage gen to separate binary
6ed809168 Publish cri release to gs://cri-containerd-release.
f997c30ec Skip cleanup in travis deploy and avoid gcs race condition.
36c543a72 Remove extra CI testing on older Ubuntu
4e8a49948 Encrypt the secret file in containerd/containerd.
f3a5b8c0a Add command to generate man pages
d1a12823b Update gcs cri release.
424d33c5b Update go-runc to e029b79d8cda8374981c64eba71f28e
3db5a5ad2 Fix darwin build for cri release
1b4cec979 Update cri test to fix image reference test and fix gcs deploy.
e3abd03ae Fix CRI release build.
61f113e60 Automate CRI tarball release.
c1fc21e92 ctr: use NewDockerAuthorizer instead of deprecated NewAuthorizer
fa11147e5 Add --env-file to ctr
5c576b026 Update and simplify mailmap
c8cb864ce platforms: update known OS and arch values
3d1fdaccc config_test: sort result before check
8788af7f8 modify-document-duplicate-word
d6a6e0b8b Support foreign and encrypted layers in the unpacker.
a4482d9a6 Fix proxy plugin config validation
01f726589 Support v1 configurations for config dump
cd79e0edf travis: fix Xenial tests not being run on master
555cb31fd Support configurable default platform in the client.
c410f0eae Fix potential panic for task in unknown state.
dd24d76a1 Fix potential containerd panic during graceful shutdown.
fa546dc3e travis: don't run old Xenial LTS on pull requests
94e4b6879 travis.yml: add TRAVIS_DISTRO env-var for easier identification
214b8328d travis: add Bionic (Ubuntu 18.04 LTS) to test matrix
b6c811b7a Update cri to 0165d516161e25e52b4ab52a404a00823f8f0ef6
db3a71173 Add 'containerd config dump' subcommand
779701b29 Add --seccomp flag to ctr
86f8be86e Add sigprocmask to default profile
f4927a298 fix mis-spelling in nvidia.go
bc692cc59 Use default UNIX env when image has no environment
a292bf0f2 bump containerd/zfs 2ceb2dbb8154202ed1b8fd32e4ea25b491d7b251
97962976a Update ttrpc to 92c8520ef9f86600c650dd540266a00
92a5b08a6 fix-grammar-mistake
372472b5f archive: truncate modification time
2d8a65b1b Export shim publisher functions
6624a70d9 runtime/opts: move WithNamespaceCgroupDeletion from containerd to its own package
8266a3c5e fix-up spelling mistake
09b184c15 rootfs: use new ctx to cleanup instead of canceled one
2f54a7cb6 bump containerd/ttrpc 9abb3e268010ea188f4e4051f77eb5aca49315fb
eb7a6bf02 bump google.golang.org/grpc v1.23.0
56bcc7767 Handle layers with the same digest in unpacker.
6f8fb9ee5 add WithImageName container opt
a40c3830d Add option to pull all metadata
55f737bd3 bump hashicorp/golang-lru v0.5.3
ed1df65c2 bump hashicorp/go-multierror v1.0.0
cbb3a3790 bump hashicorp/errwrap v1.0.0
5cab0d3f3 update the max if cur will be greater than max for setting the limit
24b9e2c1a Merge configs section by section
8ebffecbc Use map for stream processors
aae2d0d75 delete unnecessary checks and fix a test
9e183f5e5 add cli option to download all manifests
ea6c749e3 Update config doc
19cd0a4f1 Append slices when importing config files
b5f03eacd Pin to libseccomp 2.3.3
4d11bb36a devmapper: activate dm device if snap device marked as activated
bca085753 Fix toml plugin decoding
a1e3779ca Support config imports #3289
6e2228df7 Vendor github.com/imdario/mergo
6cf031e1e Pass ttrpc address to shim via env
89eae6429 Cleanup: fix some typos in code comment
d7e1b2538 Allow explicit configuration of TTRPC address
03aafaa1c Update the integration test.
60f73b6cf Support simultaneous image unpack.
550518ab8 Read trailing data on apply
348e9f7c3 Update release notes and mailmap
8acf5a142 Update release note for CRI plugin for 1.3.
041e9debb Revendor github.com/Microsoft/hcsshim
21174cb49 Change bufferSize back to 32
1073868e5 runtime: only check killall for init process
64a0b2eb2 Revendor to remove unused dependencies
7379fa663 Remove the process default ENV
5023d96ad Remove Windows EventLog logging hook
276363938 Try to preserve exit event order
04caf1fc4 Ignore fifo error when using v2 multi-container shim
9cbd18ac7 Update cri to f1d492b0cdd14e76476ee4dd024696ce3634e501.
bcc4a146e Support applying with parent directories
5a0ff41c8 Update continuity vendor
80d31d15b Update fifo for typed errors
6d0e355c6 cleanup code typos in leases.go
bee4c1a8a Add retry and non-blocking send for exit events
0d27d8f4f Unifi reaper logic into package
bb4c92c77 Fix shim hung
1c30d4d04 bugfix: override image.Env with process.Env, rather than be contrary
7682acb9e AppVeyor: update to go 1.12.9
81386df91 Add direct unpack support for overlay and aufs
1b389b362 AppVeyor: update to go 1.12.8 (CVE-2019-9512, CVE-2019-9514)
2e8ea9fd6 Allow timeouts to be configured in config
a80db38c3 blkio.go: correct help message word spells.
3ef26cd87 bump x/sys to fix riscv64 epoll
2ff7183cc AppVeyor: update to go 1.12.7
c017e0efe Use a child context for errgroup in dispatch
75771c463 Add usage function to client
b6fca48fe bump go.etcd.io/bbolt v1.3.3
0dadef19c Add docs for stream processors
d085d9b46 Remove encryption code from containerd core
282b19efd remotes: remove useless line
a3a30635e namespace: Copy ttrpc metadata before setting header
04b7f1b59 Remove ppc64le from travis
2fac3ee27 Add release notes for stream processor
116140977 Limit multiple platform manifests to one for size check
fe3638e88 Add UnpackOpts to RemoteContext
d8322e38c cast Rdev of Stat_t to uint64 for mips
af7b7cdb0 Save default namespace in the client.
552a0b1be Handle stderr in stream processors
3fded74bc Add unpack opts
26b90619e Pass apply opts through rootfs/* code
e1489f93c Use named pipes for windows processors
134d3c815 Add windows apply code
f867401c6 Use fds and pass Payloads over diff api
366823727 Add server config for stream processors
97a98773c Add StreamProcessor for apply
0bc5df035 Clarify text on `ctr` support/inclusion
0a3769eec pusher.go: error message typo correction
635ccc067 Add cri release notes
4667ee47a Update Microsoft/go-winio v0.4.14
7792c23b1 Limit default matrix to runc v2 runtime
9f0bc2b53 Add UUID and server info to introspection
08483d18a v2: Close ttrpc connection when `Delete()`
4b5dfaee1 Completely remove Windows v2 in-tree shim
2398421d5 Fix travis matrix
a5940da62 Remove `ctr cri load` and update cri-tools to v1.15.0
0a4bf1bd1 Mark faulty devices
c99961c6c Update cri to b213648c5bd0a1d2ee42709c10dff63fbfee3ad7
4b4ce4a26 remotes: remove unnecessary string formatting
d1b9ee543 travis: Enable travis CI for ppc64le arch
bb9968891 Fix containerd on windows.
3e52e2902 Fix bug in export named manifest option
594f42319 protobuf: Bump Protobuf version to 3.7.0
c965a6c4d Prevent push by tag for sub-manifests
5cf79913e gpg: Use a Pipe() rather than a file
6a2512879 gpg: Pass the passphrase to the gpg2 tool using a file
3741fd859 Remove deferred flag when removing devmapper device
b16e7c5de Update pkg/ttrpcutil with improved pipe dial logic
daf12cd19 Improve error return from AnonDialer on Windows
4d5a0e19e Mark faulty device in one transaction
878a3205c Better error recovery in devmapper
578216950 Add note about pb.txt files
f68186e10 Improve custom cgroup test
8a6190856 Add 1.3 beta release note
612628c2f fix wrong spells in compression.go
98ead46d1 Call Update of snapshotter plugin
f543f2fbc Call CloseIO when stdin closes in ctr
eb4b3e877 Fast path getting pid from task
8cd480c23 Specify protocols in ctr encrypt recipients
e3cc9c20c bug fix:#3448
c27e48d66 fix mis-spelling in client.go
22f44c44d Add garbage collection doc
02826345c Add option to compress blobs on import
9da7d3036 archive: return chtimes error with path information
3d1fa6969 Implemented constructors for both encryption and decryption
392668d00 ctr:Support deleting multiple tasks at a time
05a2b63e8 Create CryptoConfig constructors in place of dcparameters
1c7eab197 Allocate a conhost during Windows service startup
364de4c35 Wrap creation of CryptoConfig in constructors
51bc61533 Update releases doc for 1.1 release
101d4b78e Add timeout to task state calls
e097ab8bb Disable windows integration tests
f055bdb0a Remove windows v1 runtime
d531e7849 Modified image_enc_test to use a different image from other tests
5e5ae23d8 test: Check manifest.Platform before dereferencing
1945e26ac Add concurrent execs in stress tests
ffa86b25f Add new shims for checking binary sizes
c118c45f8 Change image_enc_test so that it more reliably delete images
c6d437fd7 Corrected lease implementation
c00517a94 Made fixes and optimizations to encryption GC
725d3ad8c Add --device flag to ctr
518be1cb0 Fix bug in setting request body
dd0a45dfe Add flat GC label for leases
dca17853d Add WithLinuxDevices Opt
804ae89be errors: use errdefs errors in client and commands
dde436e65 Crypto library movement and changes to content helper interfaces
bf8804c74 Implemented image encryption/decryption libraries and ctr commands
30c344394 Add crypto dependencies/vendoring
a1f3ebaec Update cgroups to c4b9ac5c7601384c965b9646fc51588
b72673fdc Makefile: allow custom base path to install
fab016c7a runtime/v1/linux: ignore ErrCgroupDeleted in Task.Start
ce0d2489a Fix regiression from #3403 with snapshot cmd
0b29c9c37 Update resolver to handle endpoint configuration
63ceaf877 Add testing log context
f63eab32e Add testing log hook to context
61d930ad5 Move specific errors to their respective packages
82826df9b Small refactor due to CI linter changes
ef7f46eb7 Fix linter errors
2b521e25a Switch to golangci-lint
abc152d14 fix name in containers file
70b00a0fa fix variable name
4988424fc * fix: view snapshot is deleted before diff
db95af43f centralize harded-code message
d643f1dc8 images: only fetch the best matched manifest info
550a6f1d7 Fix integration tests
1918ee4d1 Respect default snapshotter label
47d2ac090 Improve default label handling
4e2fc81ed Add aliases to namespaces subcommand
2a92c2741 Bump travis to criu 3.12
5ed1a3ce0 Add RELEASE note about config versioning
6601b406b Refactor runtime code for code sharing
7d2117245 Fix metadata content store to call writer digest after commit
af93e4009 ctr: Add images tag subcommand
ec8d9d3d7 shimv2: remove the dead task from runtime task list
d3e1a51f8 vendor: bump go-runc
46af8ccd2 Check exec log flags compatibility
9fda4a5fe Bumps the version of go-winio.
6b59b425e Support --log-uri for exec subcommand
844c58102 Add cgroup delete opt for ns deletion
3d3dbc8fb Handle RequestTimeout and TooManyRequests
7dfc605fc Set shim OOM scores to +1 containerd daemon score
719a2c594 Robust pid locking for shim processes
2d0379115 docs: remove shim_no_newns in ops.md
0886e4f1b No need to keep 2017 DockerCon doc
650a7e5c1 Add hashsum for release archives
cb4a8f51a bump runc v1.0.0-rc8-32-gf4982d86
bb41ef87f bump libseccomp-golang v0.9.1
174c4907d Fix shim's file IO logging
1a8df3f23 Reserve exec id to prevent race
245052243 Add timeout for I/O waitgroups
12a14c442 fix: polish log to make more clear
ec78305c4 Close the inherited socket fd
fbf96d302 Fix path in LogFile creator
63a8dee60 Switch to GitHub's new issue templates.
341c7c144 Update dependency containerd/cgroups
5e0d79380 Fix bugs in BinaryIO creator
75f183887 Allow opts to flow to the backend snapshotter during snapshot creation.
95f9bbf18 Add timeout in load shim v2
62e9e1169 switch to a working link
41e1bb832 Fix snapshotter getter in client code
052551573 Ensure labels is not nil in differ
67cf9f7f0 AppVeyor: Bump golang 1.12.6
0b7abc02b ttrpc updates for interceptors, close, and metadata
d15a06b19 docs: Fix typo to some markdown files in /docs.
dd7c0aabc remotes: support cross-repo-push
bca566736 Make newBinaryIO public
31afff294 Fix backwards compat with v2 containerd configs
bb0087280 Add user agent header to all requests
9547d269a Add v2 server config support with plugin URIs
9e0cd529d fix shim std logs not close after shim exit
fb6b0ae4c Update x/sys, x/net and bbolt modules to support Risc-V
ed308ea1e Unmount rootfs with separate Remove() in bundle
cf7fb14ef Update timestamp atomic write
4f6ba8286 Ensure close in content test
faf925ba2 Handle EOF from ReadAt in content.ReadBlob
fa6a9f063 Add ttrpc namespace support
42f24b57e Update ttrpc to a5bd8ce9e40bc7c065a11c6936f4d032ce
7531c66d5 Ensure that the rootfs dir is created in the bundle
bf24fb0ca Close file r.log after used to release resources.
5b9a43d2e Fix seccomp contributed profile for clone syscall
cee19d1e6 Change restart delay for Windows service to 15s
8a388d623 leases: support resource management
ac4485c76 Add support to gRPC errdefs for context cancel/deadline exceeded
bbe45e446 add Restart=always to unit file
a274dbe82 Fix run with specified platform
48b81e872 Do not return error when rootfs already exists.
e0c4fe411 Forcibly sync writes on lcow layer.vhd after write
5e2d7efd8 Use a single custom annotation for export
41b7b0e0d Ensure namespaced writer commit has correct namespace
7f79fbb24 Move ttrpc client to pkg/ttrpcutil
5b7a327c4 Improve atomic delete
fe6a2b03e Add shim cgroup support for v2 runtimes
62609d66d Fix typo in description comment
90c6c1af4 Pass options on shim create for v2
690706286 ctr: make ctr shim command easy to use
7b06c9a1c Add TTRPC client
5e962dd8b Remove unused Resize method from initState
66036d920 v1: Respect the `shim_debug` flag when load tasks
a6a888cb5 Bump ttrpc
fbb80b951 containerd-shim: redirect output into stdout fifo
543d1e807 Add travis_wait to prevent vndr timing out
00bc2f5cf Update to Golang 1.12, and prepare for ppc64le
67b45aef4 Add WithoutRefreshed metadata
ad25c1a9c Improve ARM platform matching
bd27bef4a Move checkpoint and restore commands to new files
cf6e00854 Fix fd leak of shim log
6f463d350 test/snapshots: umount before committing snapshot
388705317 snapshots/devmapper: deactivate thin device after committed
bdd7dce31 Add OpenLab CI configuration
660554d67 Fix error handling for task deletion.
2ed8e60fa bump google.golang.org/grpc v1.20.1
d1c59513d bump google.golang.org/grpc v1.12.2
2f22d8e67 Fix broken link to containerd logo
cb7c780af ctr images import: add --no-unpack option
ee902afa5 Compute manifest metadata when not provided.
5c9811ded Cleanup dead v2 shim.
cfc36388b Remove redundant error checks
38e369657 Use cancel on errors
eded188f4 Fix misspells
969035bcb Stop logging error on v2 multi shim log failure
c7f067f27 Update vendor/ with new required vndr go.mod files
8c5779c32 bump containerd/ttrpc 699c4e40d1e7416e08bf7019c7ce2e9beced4636
dff745680 Return NotFound error for kill and delete in deleted state.
5d17ed230 Update cri to 2fc62db8146ce66f27b37306ad5fda34207835f3.
e5aab17a0 bump opencontainers/selinux v1.2.2
dd85aea62 bump runc v1.0.0-rc8
5b9bd993a differ: fix deadlock on commit error
48f46516a Support disabling default setup of shim logger.
c79c7921c bump docker/go-units v0.4.0
dfa51c927 runtime-v1: kill shim in cleanupAfterDeadShim
0376dd460 Don't write dumped stacks to file for ETW capture state
e6fc0ed22 Convert Windows CI to use Microsoft MCR image urls
06a3a480c bump containerd/console 0650fd9eeb50bab4fc99dceb9f2e14cf58f36e7f
a333dbcfb Update x/crypto to 88737f569e3a9c7ab309cdc09a07fe7fc87233c3
0fd02564a bump gocapability
7718d060e Write stack dump to `os.TempDir()` as well
a4942ca4f Fix error on pull hang in CI
6bcf463b0 Move to sha-specified test image for nanoserver
cfb8b5573 .mailmap: update Akihiro Suda's email address
be2cbd0b2 Access to client's GRPC connection object
78f3dc433 Allow dumping stacks via ETW capture state
05dd66b2e Update go-winio in vendor.conf
c9059c767 bump mistifyio/go-zfs f784269be439d704d3dfa1906f45dd848fed2beb
63c7a879b Requeue events in the shim publisher
fc167f957 Correct PusherFunc helper to match Pusher intf
a7af3c13a Correct import path in services/server package
9cc58781f Check task list to avoid unnecessary cleanup.
97d247cd0 Rename `hrpc` to `tcpServer`
047348e19 Add dialer for events service
ae87730ad Improve shim shutdown logic
a12f836d5 Use $TEST_RUNTIME for cri test.
4b3b99ea1 Add support for required plugins.
4ba756edd Fix API forward events for shims
1a1f8f11a Set nofile to 1048576
b911ae342 Add tcp service for grpc listeners
a6f587e4c Use ttrpc to publish runtime v2 events
a8a805cad Add ttrpc server to containerd
c93d64543 Add GetOOMScore function
ae5ca8177 Refactor mount path check and add comments
7045801fd delete the ingest when any errors happen during resuming status
dcf6023c4 Extend release timeline
d5b770aa8 Introduce 'clean-test' target in Makefile
2583d9e42 update gogo/googleapis v1.2.0
a98df70da update containerd/btrfs af5082808c833de0e79c1e72eea9fea239364877
aa8dccd22 update containerd/aufs f894a800659b6e11c1a13084abd1712f346e349c
ed61d7f68 bump containerd/zfs and dependencies
d667628ca bump github.com/pkg/errors v0.8.1
68ef17835 bump github.com/BurntSushi/toml v0.3.1
1978c0b74 bump gotest.tools v2.3.0, google/go-cmp v0.2.0
2741dbe2c contrib: Dockerfile: bump go 1.12
a84f87d84 contrib: Dockerfile: add a base stage
a07e12cde contrib: Dockerfile: reformat, and use --no-install-recommends
ba9e1ea23 contrib: Dockerfile: use build-arg for go-version
4754d2aee Update image export to support Docker format
74eb0dc81 Return event publish errors.
10cf21dcf Export ExitStatus init func
a73358749 Update cri to 6d353571e64417d80c9478ffaea793714dd539d0.
de1da8be3 Update handling of registry errors
8d1ae237e Always add compressed blobs to Docker import manifest
c0f0b2131 Apply PR feedback
2a5e4c4be Skip rootfs unmount when no mounts are provided
abfc89ce0 Update CRI to master
4730088cb Update runc to resolve selinux issues
2d11f5e6d Regenerate protobufs
830b0294c Update protobuf v1.2.0
7c1365b46 bump sirupsen/logrus v1.4.1
01310eaeb do not use unkeyed fields in compose literals
90085a7ac Add empty file to prevent build from failing
baf340343 Extend Applier's Apply() method with an optional options parameter
8784eb630 Move snapshotters benchmark to a separate package
adc4fa217 Use pkg/errors for all errors
c22effb16 fix parseInfoFile does not handle spaces in filenames
559dfa59a Add configurable plugin path
d9526f5c4 Move CloudFormation template to contrib
ae04c1660 runtime: guard Close() until both streams are complete
e96ac2040 runtime: log IO error when copying output streams
515be73c8 Add snapshotters benchmark
872296642 fix shouldKillAllOnExit check for v2
fa5f744a7 fix shouldKillAllOnExit check
f7f6dd7b4 test: add custom cgroup test
2b8df8309 bump containerd/cgroups 4994991857f9b0ae8dc439551e8bebdbb4bf66c1
bc6ac0878 update opencontainers/runc v1.0.0-rc7
808b22353 Fix race and panic.
87289a0c6 devmapper: implement Usage
010b4da36 devmapper: implement dmsetup status
871094016 Windows: Build shim binary from Microsoft/hcsshim
e16e99593 Vendor Microsoft/hcsshim@8abdbb82
5d50b9c2b Extend adaptImage function with annotations case
388c8a176 Fastpath opt and ExecProcess loading
a84966451 Windows:ProgramFiles to ProgramData
6034c1950 Windows:Create root/state with ACL
7361b1987 Update Windows lcow differ to set NT VIRTUAL MACHINE\Virtual Machines SID
4c9b5ef8e Update vendor github.com/Microsoft/go-winio
d15832a4c Address review comments
8f8fd3c3a seccomp: whitelist statx syscall
908b77108 Add code to return message field of returned registry errors
9a8727cf0 Allow to import an image for the default platform only.
4506eb45b seccomp: whitelist io_pgetevents
f3ff95ab7 decouple api.ContentServer implementation package from bbolt dependency
14a050688 ctr: fix image cmd ArgsUsage
bdd84abf0 Add additional capability handling opts
a631796fd horten the unix socket path for shim
b858cfb41 Makefile: allow overriding package name
7ca2c3d68 contrib/nvidia: export helper binary path and list of Nvidia capabilities
a7aeffc22 Update mailmap for cgroup authors
e6ae9cc64 Shim pluggable logging
506b81548 remotes: add distribution labels to blob data
b8d40b353 update runc to 2b18fe1d885ee5083ef9f0838fee39b62d653e30
09cf2a629 Extend metadata images test with fieldpaths for Annotations
5124f9ee5 Write the Annotations map into the bolt db
02cc1485d Prepare boltutil for reading and writing another map
1e893b19c devmapper: add no_devmapper build tag
79248fea2 Add test for ocispec.Descriptor Annotations
34f377295 Allow WithNewSnapshot and WithNewSnapshotView to take in snapshotter options.
aaae81189 Update checkpoint opts with runtime handling
160737d2c Fix no pivot and keyring opts
0b711d616 Copy annotations around where necessary
4d2a26d75 BUILDING.md: update testing section
6424a3603 ctr/commands/images/push: don't show progress if it is debug mode
7cfb99ab9 Add content gc ref labels from containers, images, and snapshots
f0d5dd3c8 Use unix.SignalNum in ParseSignal on unix platform
1745951ba Vendor golang.org/x/sys d455e41777fca6e8a5a79e34a14b8368bc11d9ba
e13a4b67e Update the snapshotter docs to refer to the snapshots package for WithLabels.
277147135 Fix issue with NewFIFOSetInDir with Terminal true
828f6eb84 Fix a bug in shim log on Windows that can cause 100% CPU utilization
c6703d4c7 Add missing annotations map to Descriptor for gRPC transfer
d2bec5422 Bump cgroups to dbea6f2bd41658b84b00417ceefa416b97
208957ba3 devmapper: proper cleanup in pool device test
734989c2a Update README
fb8048371 docs: Add NAME section in all manpages
95f0a4903 devmapper: rollback thin devices on error
adf5c640f devmapper: don't create or reload thin-pool from snapshotter
7efda48c5 devmapper: more precise way of checking if device is activated
37cdedc61 devmapper: add linux tags, fix build
0c6d194cc devmapper: add README and minor fixes
2218275ec devmapper: register plugin
cec72efc2 devmapper: add snapshotter
3a7588252 devmapper: add pool device manager
6e0ae68e1 devmapper: add snapshotter config
fcd9dc274 devmapper: add pool metadata
809e5fd3b devmapper: add dmsetup
fe05e4d1a devmapper: add losetup
d83e4e9b3 Vendor Microsoft/go-winio@v0.4.12
e0d7ed12a Windows: Enable ETW logging
cbc032ed3 Update go.etcd.io/bbolt to v1.3.2
5e8406984 Update travis to xenial worker
84a24711e Add runc.v2 multi-shim
6bcbf88f8 Move runc shim code into common package
fd6ac5d02 Vendor sirupsen/logrus@1.3.0
b553a12be runtime: allow specifying supported platforms with config
f6ac73d71 fixing typo and added a missing comment.
4b3e0a8aa metadata: merge snapshot labels with metadata's labels
88f19a90a Windows: Update stackdump event name
14f7e5272 Unpack should set 0755 when the parent directory doesn't exist.
a6f43b549 Add website update to release process
17b2c8498 Update supported versions
b87e9eef3 Add ExecID for StateResponse
bfb266ab5 Fix some misspells in helpers_test.go
dc09ed1e1 Add image handler wrapper
a4f7b3758 Add support for TaskDelete event on exec in RuntimeV2
00895670e Stop sending stderr with TTY on Windows
6a21728fb Use defaults package for listing namespace labels
14eaad0cd Update runc to 6635b4f0c6af3810594d2770f662f34ddc15b40d (CVE-2019-5736)
98766e863 Vendor opencontainers/runtime-spec 29686dbc
225d9b120 Fix LCOW layer ordering
0190e5f39 Removes the oci.test.exe binary.
525802f9c Use distribution's reference.ParseDockerRef
3538174e6 Bump github.com/docker/distribution to 0d3efadf0154c2b8a4e7b6621fff9809655cc580
2dacef07c Add shim skeleton code
59ea134ce OCI Modifiers for Windows
d25007e54 Add structure documentation for metadata
823b7a8a0 Cleanup releases directory
7bd8dcd0d Fix potential containerd panic.
41f540621 Add release documentation
f014adfa1 readme: fix example for checkpoint
dfcc5942f Fix deadlock in Windows runhcs shim exec
da2ab865e Add documentation for using namespace labels for configuring defaults.
952d58297 Add a separate lock for pid.
9777d7689 Revert "use state machine management for exec.Pid()"
34323985a Use labels only when default namespace is provided and prefer given options.
59432aaec Take default runtime and snapshotter from namespace labels
6629f853a BUILDING: update BUILDING.md
d7ed40307 Add image pull concurrency limit.
7f5d7ff6b Update snapshots docs with garbage collector label
34672d483 metadata/gc: remove the noop-loop for snapshot reference
6ed293ba9 Fix bug in shim path lookup
d63099c4a Allow matching shim path side by side with containerd
764afa0d1 Include extension for shim binary format on Windows
dfebb404c remove excessive []byte(s) conversion
85aa8ad36 Move task events to runc v2 shim
28f8a90bd Update cri plugin to 4dd6735020f5596dd41738f8c4f5cb07fa804c5e.
bb32c0f61 Revendor github.com/Microsoft/hcsshim v0.8.4
f44469698 Return out of windows signal handler
26ab393e7 Use context.Background for `O_NONBLOCK` `OpenFifo`.
7db569771 unix.UtimesNanoAt now supported on Darwin
132ee9b82 fix: linter issue
6468619d7 Implement the Runtime v2 Shim async task model for runhcs
b444d7d50 Handle additional cleanups from prior PR
4ef9bf5c8 Windows: Publish exit status correctly in TaskExit
90caf6f6a Windows:NewDirectIOFromFIFOSet
3aec9e7be bump up runc
0befa457d Update ttrpc to support context timeout.
946e40266 Update releases files
c5a8c9fc1 Fix issue in runhcs shim CloseIO
31616e794 Fix runhcs shim bug in Create with "len(Rootfs) == 0"
bcd4cc51c Fixes a bug in runhcs shim Exec.Pid
bc76e01a8 Update runhcs options to include CRI Sandbox support
a79879e9d Add security audit report to README
dee0945e1 Fix spurious ttrpc client shutdown error log on success
64a004641 Update cri-tools to v1.13.0.
b55c9c6c3 Update cri to 4b4b2abb2eb19ad6913a6c5d2a6869a0a43a3fc1.
17b77aeb0 Fix annotation typo errors
5137fc6f1 bugfix: support application/octet-stream during pull
568b5be93 runtime: add Add/Delete method in PlatformRuntime interface
7faaa64cf fix: miss remove temp file in createSnapshot
4247f2684 metadata: define content sharing policy
1be86af10 add test for WithImageConfigArgs
36e4dc603 Ensure bundle removal is atomic
723797d32 docs: remove website leftovers
d4ecb00f6 checkpoint: return empty image if checkpointPath exist
f2344db40 do not mutate defaults in replaceOrAppendEnvValues
da9471fb1 fix oci.WithImageConfigArgs for windows
897afeaf3 Revert "Fix CI due to Golang 1.10.6 / 1.11.3 regressions (workaround)"
0ec6526fd Update the delete docs for Runtime V2 on Windows
e20ba5fa5 test: add test for c/r without image
40267382c fix ctr image export not found error
8be05eb23 Fix freebsd build
7b1e6f323 fix: use func args instead of build new one
9baecf66b fix: fix defer in loop
903abf33c Fix annotation typo error
52de37170 Fix CI due to Golang 1.10.6 / 1.11.3 regressions (workaround)
2d96aad77 bugfix: unpack should always set the snapshot gc label
a2a424197 Add timeout and cancel to shim fifo open
6f944e419 fix: SCHILY.xattrs should be SCHILY.xattr
6ccb0d062 fix: remove dead code
2db0c6c26 Explicitly stating utf-8 when fetching oauth token
603e97a9e ctr/content: make editor flag is required
7ac221e8d Adding ctr memory and cpu flags
822ae18b1 Update cgroups to 1152b960fcee041f50df15cdc67c29db
3ae8e8a30 Add shim config for shim binary options
66c20f2b7 Update runc to 96ec2177ae841256168fcf76954f7177af
79499980e Kill should still work in stopped state.
27ba2db10 Revendor github.com/Microsoft/hcsshim to v0.8.3
2d3a4f99e should no defer when detach
70084ea6c Add /proc/asound to masked paths
6daf8b778 Eliminate misuses of errors.Wrapf
a404f27a0 Add more adopters
6593399e9 cr: support checkpoint/restore without image
996c60616 fix: fix error info start capitalized
b4a642f6a Add dumpStacks support for containerd on Windows
40d898a82 Windows: Allow running as a service
97dd5df66 Update runc to v1.0.0-rc6
09bf314bf Cache shim v2 exec.LookPath results
fd16bf6d4 runtimev2: add image-path and work-path for c/r
83ebcf999 runtimev1: add image-path and work-path for c/r
f90e5d564 Move ctr run --isolation to Windows only
bbc2a995f use state machine management for exec.Pid()
461222dba fix: should get runtime name from container info
2101b1362 add ctr delete --exec-id to debug DeleteProcess
a2e8ab9ff remotes: avoid panic with default resolver conf
7d91d631e Lock `KillAll`.
9639db552 refactor: no need defer in closeAll
e76a8879e fix pipe in broken may cause shim lock forever for runtime v1
b3438f7a6 fix pipe in broken may cause shim lock forever for runtime v2
956e49a36 Revert v2 dropped events
1d4105cac Use named pipes for shim logs
581a63ce4 Add build requirement doc on fedora/centos
01f5aa387 add flag -d for ctr t exec to run a service in container
51ad4d302 change args usage for ctr c create
bd2a21985 fix container cmd args may parsed as ctr args
90880078b Adding a --load-kmods flag to the NVIDIA OCI hook
e1a59ba0f Update runc to 10d38b660a77168360df3522881e2dc2be
8e25ca6bf Revendor github.com/sirupsen/logrus to v1.0.3
0e7a70dbf skip already exists content
6f2f4e434 checkpoint: add copts to checkpoint; save snapshotter to annotation
40caece8d update tests
4fdf720b8 move rw to opt; make snapshot opt; move to NewContainerOpts
147208061 add image name and runtime name media types; remove task operation on checkpoint
ce0673fd7 Restore take image
0e4d9da75 remove task handling from Restore
2d3db08da refactor spec and snapshot restore into opts
45c700a95 refactor checkpoint and restore to client
555ea3fb4 Ignore modprobe failures in ExecStartPre (systemd unit)
abd971cfb Revendor github.com/Microsoft/hcsshim
831a41b95 Fix process locking and state management
c4feaa75c fix: fix failed to get container-shim relation with io.containerd.runc.v1
c524b9ce4 Partially revert the event discard change in #2748.
38d7d59e8 enhance: update v1/v2 runtime
ce6d4c9a9 add docs/rootless.md
dd0539b09 ctr: add --cgroup for oci.WithCgroup
18363d0c9 Add ADOPTERS.md file
354dab0ca Forward ctr.exe --debug as io.containerd.runhcs.v1 options
a33ad4024 Implement io.containerd.runhcs.v1 shim log opts
ec3dbd155 Add io.containerd.runhcs.v1 shim proto options
7d70d2b78 Fix Makefile to run protobuild on paths with spaces
83f4ab885 makefile: remove emoji on Linux
8329a491b Build Windows V1 and V2 runtimes always
124194b98 check task existence before new task
a02f7cea8 bugfix: use skip-verify flag in ctr instead of insecure
2bb7da843 Fix mingw version back to working version with Golang
068880ff1 Add custom headers option to dockerResolver
fa912a79b update link for slack invite
7c85d873a fix typo in ResolverOptions.Credentials documentation
232a06349 Increase reaper buffer size and non-blocking send
00ba92364 bugfix: CloseIO should return correct status code
1cc93460d Bump aufs for unsupported errors
1301813f7 Update ZFS for unsupported warnings
16aaf6c06 Change unsupported snapshot warnings to INFO
07237e34e Bump to Go 1.11.x
c206da795 optimize shim lock in runtime v1
c5a0c7f49 Add build option "GODEBUG=1"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|