mirror of
git://git.yoctoproject.org/meta-virtualization.git
synced 2025-07-19 20:59:41 +02:00
f13ced4d8d
34 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Bruce Ashfield
|
6499f37793 |
containerd: update to v1.6.9
Bumping containerd to version v1.6.9-12-g6c41694da, which comprises the following commits:
5af8d89ce overlayutils: Add fastpath for userxattr check
303f608dd [release/1.6] update to Go 1.18.8 to address CVE-2022-41716
3f9f9508d ctr export strictly match default platform
df73acad5 [release/1.6] go.mod: Bump hcsshim to v0.9.5
658490b78 ctr import: strictly match platform
4907b4d72 Migrate away from GitHub actions set-output
f1493f665 Prepare release notes for v1.6.9
346412f5a adding support of CAP_BPF and CAP_PERFMON
99578d1fc Update mailmap
a956d8415 Add logging volume metrics to Containerd CRI plugin
29e2dea50 fix pusher concurrent close channel
8a9d69385 [release/1.6] Stats() shouldn't assume s.container is non-nil
a9adc7938 cri: PodSandboxStatus should tolerate missing task
b66eb726a migrate from k8s.gcr.io to registry.k8s.io
5b40993a5 [release/1.6] upgrade containerd/continuity from v0.2.2 to v0.3.0
f2376e659 Update container with sandbox metadata after NetNS is created
06f82efef archive: validate digests before use
28324c529 [release/1.6] Update go 1.18.7, addresses CVE-2022-2879, CVE-2022-2880, CVE-2022-41715
0aeeb62cb [release/1.6] update golangci-lint to v1.19.0
7db9d1f76 Fix linter warnings
4dc932e62 [release/1.6] gofmt with go1.19
7b8d679ad [release/1.6] integration: remove use of deprecated io/ioutil
926b9c72f retry request on writer reset
b9a35c6af Add integration tests with failpoint
1f29fac48 Persist container and sandbox if resource cleanup fails, like teardownPodNetwork
a85709c6c integration: simplify CNI-fp and add README.md
d89a8d223 pkg/failpoint: add FreeBSD link and update pkg doc
b0ce2965a integration: Add injected failpoint testing for RunPodSandbox
a7f956d86 integration: CNI bridge wrapper with failpoint
07c479471 pkg/failpoint: add DelegatedEval API
4a5bc05aa runtime/v2/shim: return if error in load plugin
71ee7de24 bin/ctr,integration: new runc-shim with failpoint
3e2e77849 runtime/v2: manager supports server interceptor
cb935bf49 pkg/failpoint: init failpoint package
2fdfd564c make xattr EPERM non-fatal in createTarFile
89e49609d remotes/docker/config: Skipping TLS verification for localhost
b720be2ce remove stray .zuul.yaml
6b30bc4b4 .zuul: remove the zuul because it is offline
0f7e258ee Set grpc code for unimplemented cri-api methods
fb753e5cd update intergration
6ee5bb7ea bump cri-api
ae8598615 ContainerStatus to return container resources
d3c7e31c8 Update CRI-API
5b44c5271 vendor: golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd
3507d600b update runc binary to v1.1.4
1efd8b947 ci: remove GOPROXY environment variable due to https://github.com/go-yaml/yaml/issues/887
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
a61f6ea090 |
containerd: fix final TMDIR references
restructure the containerd source layout to avoid symlinking vendor dependencies. This avoid go recording paths in the final binaries. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
9ef3fa52d0 |
containerd: improve reproducibility
We get the following QA warning on build: WARNING: containerd-opencontainers-v1.6.8+gitAUTOINC+579a6380ec-r0 do_package_qa: QA Issue: File /usr/bin/containerd-shim-runc-v2 in package containerd-opencontainers contains reference to TMPDIR File /usr/bin/containerd-ctr in package containerd-opencontainers contains reference to TMPDIR File /usr/bin/containerd-shim-runc-v1 in package containerd-opencontainers contains reference to TMPDIR File /usr/bin/containerd in package containerd-opencontainers contains reference to TMPDIR File /usr/bin/containerd-shim in package containerd-opencontainers contains reference to TMPDIR [buildpaths] This is the first step in fixing the QA warning, by dropping our debug patch, passing -trimpath and not defining GO_DEBUG. This leaves a final reference similar to: path _/opt/poky/build/tmp/work/core2-64-poky-linux/containerd-opencontainers/v1.6.8+gitAUTOINC+579a6380ec-r0/git/src/import/cmd/ctr That is being stored in the .rodata of the binaries. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
19045acf78 |
containerd: update to 1.6.8
Bumping containerd to version v1.6.8-8-g579a6380e, which comprises the following commits:
1efd8b947 ci: remove GOPROXY environment variable due to https://github.com/go-yaml/yaml/issues/887
0448673af Do not append []string{""} to command to preserve Docker compatibility
5c230ece0 Fix cleanup in critest
ed9d3dc37 oci: WithDefaultUnixDevices(): remove tun/tap from the default devices
3364f411e Prepare release notes for v1.6.8
390920429 release workflow: remove Go setup action
cf48ba6e8 release workflow: increase timeout to 30 minutes
57873e652 release: rollback Ubuntu to 18.04 (except for riscv64)
eccb82f6d Update release build timeout to 20 minutes
6a854d4b5 Update mailmap
61612e1a2 Prepare release notes for 1.6.7
d199ee462 Update golang to 1.17.13
0578d20c5 Change os.Stderr reassign for Windows service
12cae4961 Update Vagrant CI to macos-12
bc4091aae chore: bump macos runner version
cb73bd050 Windows HostProcess container CRI stats test
ac388525a Add validations for Windows HostProcess CRI configs
0007f40fe [release/1.6] go.mod: Bump hcsshim to v0.9.4
c9607e78c Update Fedora version to 36
2952b66c0 CI: add riscv64 builds
6b2dc9a37 release/Dockerfile: update Ubuntu to 22.04 for supporting riscv64
745dc07c4 seccomp: support riscv64
c2f841f21 Create ppc64le release
86b55bd8d seccomp: allow clock_settime64 when CAP_SYS_TIME is added
f3da3e51f allow ptrace(2) by default for kernel >= 4.8
aa1101068 [release/1.6] update golang to 1.17.12
37dfc5c9d [release/1.6] Fix WWW-Authenticate parsing
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
52ec02f96d |
containerd: update to 1.6.6
Bumping containerd to version v1.6.6-10-g4e92d8e7e, which comprises the following commits:
37dfc5c9d [release/1.6] Fix WWW-Authenticate parsing
fa2016d58 [release/1.6] Downgrade MinGW to version 10.2.0
99c56d217 ctr: fix label args used in NewContainer
51de785f8 [release/1.6] Make building static binaries simpler
2ea4e6348 update runc binary to v1.1.3
61213742a Prepare release notes for v1.6.6
f92068350 Implicitly discard the input to drain the reader
2eb67213b [release/1.6] Limit the response size of ExecSync
185e87275 Prepare release notes for v1.6.5
5c9c83d3e [release/1.6] update golang to 1.17.11
fdcdc27bc update go-cni/for cni update fixing plugins that don't respond with version
e33b9e709 archive: add human-readable hint to Lchown error
3bb5a9d19 config: improve config v1 deprecation message
6eff5b6c0 [release/1.6] go.mod: Bump hcsshim to 0.9.3
f1d2d9260 [release/1.6] vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad
9f99be51b [release/1.6] update golang to 1.17.10
246a1b42e vendor: github.com/opencontainers/runc v1.1.2
43717e03a update runc binary to v1.1.2
82a77be2d reverts removal of parallel run from critest
06bdfeb67 Allow git commands in Vagrantfile
70839a344 Bug fix for mount path handling
1520bae0f update critools to v1.24
0d1d2953b Prepare release notes for 1.6.4
42d691fe6 Bump opencontainers/selinux from 1.10.0 to 1.10.1
e9f22e008 Update go-cni to v1.1.5
be4909e95 cri: close fifos when container is deleted
baa386dc0 Prepare release notes for v1.6.3
e8da82adc tracing: fix panic on startup when configured
1764ea9a2 CRI: improve image pulling performance
9cd76d465 [release/1.6] update golang to 1.17.9
c09cc1242 check for duplicate nspath possibilities
fe6ba62ce metrics/cgroups: fix deadlock issue in Add during Collect
8b81a7843 [release/1.6] go.mod: update image-spec to merge-commit of v1 into main
f2ba2041b update runc binary to v1.1.1
b736b4dab go.mod: github.com/opencontainers/runc v1.1.1
72f1e58c7 CI: add Rocky Linux 8
7ede40c5c [release/1.6] vendor: github.com/containerd/imgcrypt v1.1.4
5538be6cf cgroup2: monitor OOMKill instead of OOM to prevent missing container OOM events
da35c19da Test turning off golang CI lint cache
a0213573b Add nolint:staticcheck to platform-specific calls
ad0036ed6 Update prometheus client vendor
c7bbf316f Mount devmapper xfs file system with "nouuid" option.
a1de89c3e Make the temp mount as ready only in container WithVolumes
82a12edf2 moving up to go-cni v1.1.4
28b44826b native: fix deadlock from leaving transactions open
8461dd6e5 Prepare release notes for v1.6.2
91800c4e9 Add static checks to shim for Windows
ca51d7f85 Update go.mod go version
765df6609 [release/1.6] remove empty go mod to allow building for go 1.18
e9af80859 Fix the Inheritable capability defaults.
7c929318a Update TestNormalize to only test Windows
06985e7d0 Upgrade golangci-lint and its GitHub Action
b13d3e05c cri: relax test for system without hugetlb
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Chen Qi
|
63b026b624 |
containerd-opencontainers: add CVE_VERSION setting
The NVD database uses version without a prefixing 'v' for containerd. e.g. https://nvd.nist.gov/vuln/detail/CVE-2022-23648 So we need to explictly set CVE_VERSION. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
9c35224e1c |
containerd: update to v1.6.1
Bumping containerd to version v1.6.1-4-gd12516713, which comprises the following commits:
b13d3e05c cri: relax test for system without hugetlb
b325d5647 update to go 1.16.15, 1.17.8 to address CVE-2022-24921
787b4671d Prepare release notes for v1.6.1
444eba43d containerd-shim-runc-v1: return init pid when clean dead shim
37bb915c6 containerd-shim-runc-v2: return init pid when clean dead shim
9f316fa4b Use fs.RootPath when mounting volumes
8713c0472 Prepare release notes for v1.6.0
f261498e0 Update Go to 1.16.14, 1.17.7
fa19714db Update go-cni to v1.1.3
6e3cc28a6 Wait for containerd installation in GCE scripts
c0f818846 Update go-cni to v1.1.2
dea7ae27a Add instructions on using go with admin perms
4f0d5f0ee Enable TestContainerPTY and TestContainerUsername
732103271 Change the context to avoid misunderstandings
6827eec7a Prepare release notes for v1.6.0-rc.4
b0623a06e Change file name for shim binary path
daaf031e2 Use white logo in github dark mode
efc6ca4c4 Prepare release notes for v1.6.0-rc.3
7e821fb61 fix: .dockerignore makes git working tree dirty
ac2692d30 containerd-stress: introduce option for specifying image
8b9571e34 containerd-stress: start task ctr before starting execs
9b1fb8258 cri: fix handling of ignore_rdt_not_enabled_errors config option
dcbe3e471 docs: add Talos Linux to the list of adopters
821c961c8 pkg/oom/v2: handle EventChan routine shutdown quietly
2d9d5fddb Document fs_type and fs_options in snapshots/devmapper/README.md
a31e28e2c Prepare release notes for v1.6.0-rc.2
8944c12f5 Update releases document
8d69c041c Update cgroups to v1.0.3
bec6e4dd6 platforms.Normalize(): do not reset OSVersion and OSFeatures
34f717349 seccomp: kernel 5.16 (futex_waitv)
8632bdcb7 seccomp: kernel 5.15 (process_mrelease)
c013db696 seccomp: kernel 5.14 (quotactl_fd, memfd_secret)
17a2831f7 seccomp: kernel 5.13 (landlock_{add_rule,create_ruleset,restrict_self})
1329ea371 seccomp: kernel 5.12 (mount_setattr)
cc59ae4d9 tracing: return (ctx, span) from StartSpan
e751f1f44 tracing: support OTLP/HTTP in addition to gRPC
813a061fe oci: use readonly mount to read user/group info
c0e00f19a fix acr fetch token 400
4cd9f37f5 Fix windows periodic workflow
4aff7431f Fix possibly incorrect media type default on import
3ffb6a611 shimv2: handle sigint/sigterm
f048a2593 docs: add doc-comments on GC-related methods
31a710c49 fix: should not send 137 code event if cmd is notfound
936faf9c9 fix empty scopes return
c1e17d8ba Prepare release notes for v1.6.0-rc.1
4f552b077 Compile binaries for go1.16 and go1.17 in CI
7d7064e6b Integration: Change to Windows Server 2022 build number constant
2898004a5 Update kubernetes vendor to 0.22.5
4e9e14c2b Fix rdt build tags for go 1.16
af83e9af1 platforms: add support for matching amd64 variants
af39d2ad7 go.mod: Update hcsshim to v0.9.2
fcb7bd699 Remove api go submodule
46312f4a1 Update makefile to remove API submodule
ed0828bb6 delete useless code
21a748e38 go.mod: github.com/opencontainers/runc v1.1.0
dba897c35 update runc binary to v1.1.0
d5e8edf2d Do not automatically inject client traces
69ae95531 tracing: fix OTLP tracer's initialization
8dd36423b Revert "Add shared content label to namespaces"
a1ba38056 Update caching logic to avoid map access
ce3871966 services/introspection: support to show introspection grpc service
a018ae3f6 Prepare release notes for v1.6.0-rc.0
919797163 Integration: Switch to `upload-cloud-storage` Gcloud action.
8a2b61356 Integration: Switch to using `auth` Gcloud action in Windows workflow.
c0a31a7a4 Add ppc64 support for test images
a303d552a ctr: Unify the delete subcommand alias
b35fb7d44 remove io/ioutil
d05194f0a ctr: flag to toggle non-distributable blob push
f77989036 Add image handler to skip non-distributable blobs.
8c194d8f3 gha: run CodeQL scan on pull requests
f99e92359 Enable critest tests on Windows Server 2022.
55b89eabf Parametrize CRITest test images in Windows Periodic workflow.
18592b2f5 Fix wrong log message
bdc852190 test: e2e node COS cgroupv2 script
e38946d86 Updating adoption of containerd for AKS
8aca314dd Update error message for apparmor parser
48c7529de Fix incorrect error wrapped when closing ingest file
0c2c289d4 Fix seek error used without nil check
8816006d1 Fix followup items from errors replacement
a94f32ce0 update the adoption status of containerd in GKE
adee2c797 seccomp: add support for "swapcontext" syscall in default policy
4f0f36350 corrected link in cri architecture documentation
d3724a6c1 go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt}
bbe46b8c4 feat: replace github.com/pkg/errors to errors
e43d4206a Update k/k to 1.23.0
8d5af6be8 Prepare release notes for v1.6.0-beta.5
9c2e3835f cri: add ignore_rdt_not_enabled_errors config option
eba104816 Update dependencies
f4a191917 cri: annotations for controlling RDT class
eae14688c tasks: add Linux rdt support
9e755d12e cmd: add --rdt-class command line option
2946db890 oci: implement WithRdt
df21828d2 content/local: use syscall.Timespec.Unix
85326d76f fix: only test abstract unix socket on linux
90426378e Integration: Check GCP secrets on Windows CI artifact upload.
97623ab0c remotes/docker: allow fetching "refresh token" (aka "identity token")
8094f50dd remotes/docker/config: allow setting custom AuthorizerOpts
8e6afaa20 Fix $(PWD) issue for Windows makefile
653b8b02a Expect ErrorNotFound on Windows after Kill()
ac8129706 fix: use _ for consistency
f39b3ac7e fix(ctr): enable networking for Windows containers
0ff87a892 Replace tskill with taskkill
aadae6d50 Fix flakiness on Windows for list stats
d53c43133 Fix no-daemon flag for integration/client tests
5c2edeffb Upgrade k8s.io/klog/v2 from 2.9.0 to 2.20.0
2ee3ce510 Use insecure.NewCredentials instead of grpc.WithInsecure
2fb739aa2 Upgrade OpenTelemetry dependencies
34c4abc34 Fix default makefile target for windows
78ad7a2d3 cri-integration: Add Windows default paths
abcf7c2f6 Disable TestContainerHook on Windows
f1c799331 seutil: Fix setting the "container_kvm_t" label
c8a009d18 add-list-stat: return container list if filter is nil
f83ab813d Use task plugin for runc shim
04e57d71b Seperate shim manager and task service
44b28b61f medatada: make namespaces' deletion error less cryptic
20419feaa cri, sandbox: pass sandbox resource details if available, applicable
9e9ee66bf integration: deflake TestContainerdRestart
dd26d3d09 feat: support custom timeout for blot open
c0d07094b feat: Errorf usage
0e472420b Update Go to 1.17.5
569042e6d Prepare release notes for v1.6.0-beta.4
552a27081 Disable restart monitor test in Windows
b7f673790 OCI: Mount (accessible) host devices in privileged rootless containers
7f70ff967 oci.getDevices(): move "non-dir, non '/dev/console'" case into switch
2c96d5b06 Run windows parallel integration test as short
807213fd3 Update restart monitor test to output daemon logs on failure
9b0303913 only relabel cri managed host mounts
90cdc6c9a images/converter: remove deprecated types
fc8138468 go.mod: update image-spec to latest (v1.0.3-dev)
2d3009038 cri/server: use consistent alias for pkg/ioutil
dc13bcd51 Enable lazy init for ext4 with devicemapper
68dabdcc6 Use RFC3339 format so rg cleanup works
6f9d80907 Remove Windows integration testing for 2004.
77a321a07 Replace find with native Go code
22dc60e05 Enable TestVolumeOwnership on Windows
441bcb56d Skip WithAdditionalGIDs on Darwin
4c1e26cd5 Don't fail-fast on Windows integration tests
c9d1e155c go.mod: github.com/opencontainers/runc v1.0.3
44995d483 update runc binary to v1.0.3
416899fc8 Allow native snapshotter on Darwin
6b0e2414c Do not use `go get` to install executables
d2f1dda0f Include runtime v2 in default builtins
392f604eb Use a single RUN command
533dd1c0e fixup: check for swap accounting
f33d38c7c integration: align tags of test images
c5b0a18b6 fixup: handle diff between cgroupsv1 and v2
9cc0d1f07 Set explicit ACL on test files
4ccf287da Set CONTAINERD_ROOT in Windows cri-integration
ff77dd112 Add Windows Server 2022 CI runs
fd0850e9e Update continuity dependency
ff9d7aef3 Update volume test images
2fa4e9c0e cri: add support for configuring swap
bae0d88ae Add error logging on cleanup
6bccd67e8 Revert shim plugin migration
665877a5b Move volume images from gcr to ghcr
323a62d7b Add permissions
f3195b3b5 export oci.DeviceFromPath()
c6d26f0d3 Authenticate against ghcr.io
2a6857d06 Skip TestExportAndImportMultiLayer on Windows
6ff1a5934 fix when kernel version < 4.13rc1 by using index=off cause overlay test error
94462d8f5 oci/deviceFromPath(): correctly check device types
7a4415dd5 Add VMware TKG & TCE to Containerd adopters
46892d340 Vagrantfile: update to Fedora 35
8de1117c9 integration: add stats result in error message
6681cc4b9 ctr/snapshots/diff: don't show the media-type in output
a97564411 remotes: fix dockerPusher to handle abort correctly
1698d061c Build volume test images on Windows
7ccd733d2 Add image build workflow
95b3ab2a4 ctr: Add Linux Capabilities control flags
3d318b3bb docs: mark 1.4 as Extended
9a994877c docs: fix RELEASES.md gRPC API anchor
0a25bc1aa Integration: Separate Windows Periodic Tests workflow trigger.
507bfc91b feat: skip ci for fork
9dfbcbbc4 content/local: Close the file if Seek fails
5015130f7 Fix executable file not found when restoring shims
2b28dd363 Fix wrong make target on documentation
cb1359fa8 Integration: Remove explicit version passing to `azure/CLI`.
fa6759ae5 fix: server error return
5e4b033ec Update README.md repo->org
5f293d9ac [CRI] Fix panic when registry.mirrors use localhost
674b94c42 Prepare release notes for v1.6.0-beta.3
f5863e22f Update API version in go.mod
5df9ec366 Update release name to use consistent format
f8d734e40 fix: make max recv/send msg size setting default
63895de45 Add support for TMP override on toml
444ef2f6d Generalize Windows CI setup script for any user.
3d6bfa3f5 Standardize cmdlet capitalization in Windows CI scripts.
6835a9470 Split runc shim into plugin components
6eea8f3f6 Add shutdown package
547040cd5 feat:support custom callopts on client side
bef792b96 feat: use rwmutex instead
2f31dcda7 release: change tar name to match prior releases
70c88f507 schema1: reject ambiguous documents
eb9ba7ed8 images: validate document type before unmarshal
2a81c9f67 CRI: Support enable_unprivileged_icmp and enable_unprivileged_ports options
db124c560 Close file if permission modification fails
526defb57 Fix containerd fails to pull OCI image with non-`http(s)://` urls
89eebc4c0 Fix wrong error returned for image index lookup
be84932e1 Rename release dockerfile to omit distro name
28126fd60 release: improve dockerfile
27d7c5038 Add arm64 to releases
6765524b7 use write lock when updating container stats
b103bee4c go.mod: Bump hcsshim to v0.9.1
e17fe37e0 Fix package alias
920b24793 go.mod: Bump ttrpc to 1.1.0
6870f3b1b Support custom runtime path when launching tasks
91bbaf679 [cri] add sandbox and container latency metrics
a3b756ce1 Prepare release notes for v1.6.0-beta.2
574800633 cleanup: add more description on comment
a22346622 CI: bump up crun: 1.0 -> 1.3
97073c943 go.mod: github.com/moby/sys/mountinfo v0.5.0
19d9d0d2a go.mod: github.com/moby/sys/signal v0.6.0
9c455ded6 go.mod: github.com/moby/sys/symlink v0.2.0
fa12f4e69 go.mod: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359
869ccc01c Update Go to 1.17.3
3196e65f5 docs: document the runtime shim plugin config options
0d8e07681 docs: use proper markdown lists in containerd-config.toml.5.md
54c0cdae6 Update TestRestartMonitor expected time check
d4f4c1380 Add runtime path in CreateTaskRequest
548579d0e Pin az CLI version
2e6d5709e Implement CRI container and pods stats
b69bbe25a Vendor latest k8s.io/cri-api and netlink
9bfec3980 test: Add grace period for restart monitor test
d022fbe78 Address PR comments
82cb0a63e Add mkdir on Dockerfile
6fa1bb4a5 Fix build after rebase
2cec3a34b Migrate task directory
8b788d9df Expose shim process interface
733519677 Fix after rebase
df8c206a9 Cleanup shim loading
b554b577b Move shim restore to a separate file
a3d298193 Fix backward compatibility with old task shims
33786ee4d Add plugin dependency between shim and shim services
fb5f6ce3c Rework task create and cleanup flow
7c4ead285 Add task manager
2d5d3541e Rename task manager to shim manager
ea8978810 adds additional debug out to timebox cni setup
6fa9f22fa compression: support zstd with skippable frame
f0d3ea96c converter: Allow hooks during image conversion
6ee8577e5 sys/reaper: avoid leaky goroutine when exec timeout
88fc5cf2d Adding scope tests for ParseAuthHeader
3e51312a6 fix shim reaper wait command execute blocked
7438edc7e Adding tests for GenerateTokenOptions
9b4a6f129 Generate token options with each scope as a separate string.
b8f3ebb03 vendor: update moby/sys for darwin support
0ccc386c8 Prepare release notes for v1.6.0-beta.1
e5fc3b38e Update mailmap
37720fc6f Update api vendor
a217b5ac8 bump CNI to spec v1.0.0
010a9e2bc content: close stream after commit request
ebc5cf19a feat(doc): update to version 2 syntax
294143bf3 Inject otel traces to grpc client.
cd2f2b0af client: expose (*image).platform
535191abf fix #6054 MaxConcurrentDownloads is not effect when Unpack is true
3b73922fb feat(doc): add Core Scheduling documentation
c18c2e735 Fix spelling mistake in Windows snapshotter
130a9c7dd Ensure namespace is proxied to grpc/ttrpc plugins
2a8dac12a Output a warning for label image labels instead of erroring
602018900 integration: Enable some tests for Windows
1f1cad391 io/ioutil package has been deprecated in Go 1.16 that replaces io/ioutil functions
46be06937 close Writer after use which may leak mem
1abe50512 Prepare release notes for v1.6.0-beta.0
c5947557d Add error message to in TestContainerdRestart integration test
072a7074b Fix typo in the NewContainer function documentation
ac2df3ba9 test: check file content after mount
18d483b23 Update cgroups to v1.0.2
4ed3c524c Update test timeout based on recent cancellations
d252a293d Remove extra test_teardown
4a569c889 Check the pid in cri test teardown
f1054dbbd fix integration client vendor
e48bbe839 add runc shim support for sched core
de1a39bf3 Update Go to 1.17.2
46b152f81 vendor: Bump hcsshim to 0.9.0
fb4432c24 integration: Enables TestVolumeCopyUp for Windows
0ba3532f5 integration: Enables TestRuntimeHandler for Windows
830b3c26e integration: Enable some tests for Windows (part 2)
3a713811b run `gofmt` with Go 1.17
96018b7db vendor: Updates go-cni
703b86533 pkg/cap: remove an outdated comment
1ee2bff0e Update go otel 1.0.1
b9a0c5080 modify the way for checking cos
c528d2c39 Update ADOPTERS.md with additional uses
5b222d54a commands: Enables task metrics for Windows
9734b4039 Pin mingw to version 10.2.0
d19af5afb Update to golang 1.17.1
3cb0ec01e Install nssm
02e77bcdc task service: return known error type
791e175c7 Windows: Fixes Windows containers with image volumes
049042382 fix: update vendor
5c2426a7b cleanup: import from k8s.io/utils/clock/testing instead
6484fab1e cleanup: import from k8s.io/utils/clock instead
d16942cf1 feat: enable cri remote client to call with grpc calloptions
ca35f4e82 Windows: Cleanup rm- prefixed layers
f6b7e07fd cleanup k8s ansible yaml (carry for https://github.com/jayonlau <jayonlau@gmail.com>)
933ddaa6f fix: wrong flag type
da16d492c feat: support import image for specific platform
67b883146 Update mirror images to take target image name
e6ddffc2a fix: make exec-id flag required in exec command
09c9270fe images: enable converter to uncompress zstd
694a00754 replace deprecated function
2bc77b8a2 Adds Windows resource limits support
224454062 Fix main branch build is broken
7c621e1fc btrfs: reduce permissions on plugin directories
fcffe0c83 switch usage directly to errdefs.(ErrAlreadyExists and ErrNotFound)
b9cf0d75a Fix panic in metadata content writer on copy error
6886c6a2e v1 runtime: reduce permissions for bundle dir
7d56b24f1 v2 runtime: reduce permissions for bundle dir
7a7a9a282 integration: Adds test for multilayer image import
f7658e37d runtime: should fail fast if dial error on shim
483d2e947 go.mod: update opentelemetry modules to v1.0.0
084387e0b Move tracing to plugin
45c3453a7 Add open telemetry logging hook for logrus
16f3d67b5 add current process state to the error message
407d60694 Add github action to mirror image
97df73004 gha: collect Vagrant VMs' IP addresses
2bffb5f9b FreeBSD: fix tar headers & the nil check on getxattr
7854e0bff bump continuity and console version that remove pkg/errors
16d3f48a2 ctr namespaces: improve usage string
50da67359 refactor: move from io/ioutil to io and os package
a68fb7add bump console version to v1.0.3 that remove pkg/errors
3e72e335f Use github images for integration tests
55893b9be Add CNI conf based on runtime class
50a568595 Change oci.WithUser behavior for LCOW
65f6a896c Fuzzing: Add 4 fuzzers + small modifications
2fecf5b02 Make sure exit signals trigger an exit during init
f40df3d72 Enable image config labels in ctr and CRI container creation
6875aa5d3 import: Add option to skip creating digest image
f700ae873 CI: bump up crun to 1.0
55923daa9 seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted)
8596d1188 Fix typo
73dbbf5bf Update to Go 1.17.1
498e5b27f fix error string format
6d961f967 CI: Switch to available latest images
e087b47e9 import: Raise error if the imported image is filtered out
91b64c58b add xfs support to devicemapper snapshotter
8ff8b1b82 vendor: update continuity for darwin support
1efed4309 add ip_pref CNI options for primary pod ip
16cd6ed13 Additional integration tests for pulling image with labels
756f4a314 cri: add devices for privileged container
9954147c0 pin protobuild version to tag
2458afeb1 Fix content copy to not ignore unexpected EOF
6bec0d39b use a const metric for build_info
ae27a6b05 Add metric exposing build version&revision
8e850bc0f replace deprecated Dail with DailContext
aeea697d8 Add WS2022 support in Windows Periodic tests
55faa5e93 task delete: Closes task IO before waiting
f42513112 integration: Adds Windows HostProcess tests
ccc5ee303 archive: Add WriteDiff error logs
820bd9269 fix document non-synchronous in crictl.md
2bcd6a4e8 cri: patch update image labels
789abc936 using Hosts replace deprecated field
57e10439d Fixes task kill --force on Windows
abf4de498 integration: Enables Windows containerd restart test
96ec0b6f3 content fuzzer: Clean up tempdir
eb2530be8 Makefile.linux: build on riscv with PIE
6b0b64a51 ctr: Fixes Windows image import
a43fa9f28 darwin: runtime support
5dd38792a darwin: use the default values for socketRoot variable
27046a9e0 Fix cwd flag for `ctr tasks exec`
24cec9be5 sandbox: Allows the sandbox to be deleted in NotReady state
1dd0d59b7 go.mod: Update hcsshim to v0.8.21
6d3d34b85 Update Pause image in tests & config
278176db1 Address issue forms feedback
838afd211 Adding testing of two devices
e0f8c04da cri: Devices ownership from SecurityContext
7bc5aa74c Fix pull fails on unexpected EOF
11ab3cba0 Use issue forms for bug reporting
e2c769d6f windows: The DefaultSpec platform should match the Default matcher
7826a21ac Update RELEASES.md
2ac996840 replace uses of os/exec with golang.org/x/sys/execabs
25644b461 Add RunAsUserName functionality for the Windows Pod Sandbox Container
e18516767 go.mod: update runc to v1.0.2
3f8ea1b6a update runc binary to v1.0.2
429296910 go.mod: github.com/pelletier/go-toml v1.9.3
f8dfbee17 add cri test case
9a8bf1315 feature: add field LinuxContainerResources.Unified on cri
d3aa7ee9f Run `go fmt` with Go 1.17
c3609ff4c cri: filter selinux xattr for image volumes
4dd5ca70f script: update golangci-lint from v1.38.0 and v1.36.0 to v1.42.0
f7b1ceb9f integration: investigate TestRestartMonitor's failure
acb81bbda integration: fix TestContainerPids
9fe7bc938 Bump integration timeout to 35 min
7fba86264 Fix dir support for devices V3 (#4847)
6f60b3016 [ctr] add HOSTNAME env for host network
8d135d284 Add support for shim plugins
f8602c372 Update to Go 1.17
c9b1b2fd5 Fuzzing: Add fuzzer
9e1b57ca0 Add env for SystemdCgroup driver
1224060f8 Allow expanded DNS configuration
538d93d2f Fuzzing: Add 4 fuzzers
79b369a0b Added windows hostProcess cni skip
82fe0db9a Fix bad `make protos` failure
1c47fb17f docs: remove FOSSA's badge
bc4cea4e4 docs: rename main to master
5e49ec27d Use http.Get to download binaries instead of exec.Command
e6538b8bc Add trap to cri-integration test script
d2f3b7146 add cpu-shares to ctr
30b832e49 archive docs and point to new location fix #https://github.com/containerd/cri/issues/1624
9cc179aa7 BUILDING.md: remove some bits about building runc
42b57cc73 BUILDING.md: markdown fixes
a3d6edc0e content: return the error with its timestamp
a5468852f docs: list all snapshotter-related build flags
e634f04d8 go.mod: update kubernetes to v1.22.0
11a90c7ff Fuzzing: Add experimental version of container fuzzer
42a28ad2c Update Go to 1.16.7
534685f95 Fix Linux CI Linter using go 1.15.14
10eab21a4 Cleanup CI
0a0621bb4 Move plugin context events into separate plugin
6f027e38a Remove redundant build tags
3c5424454 [otel-tracing] vendor and go modules changes
3597ac859 [otel-tracing] Initial opentelemetry support
7917da764 Change default directories on Darwin
10824eaf2 remove go 1.13 from containerd
d30d897ef Cleanup v2 shim
c3c276ae1 Fuzzing: Fix for OSS-fuzz issue 36825
6c257552a scripts: declare ROOT closer to where it's used, and some DRY changes
dba0ef4eb scripts: add missing quotes, and minor linting issues
0cb656860 test/build-utils.sh: remove support for Debian Jessie
41a04246f Fuzzing: Add two more fuzzers
2c699cc35 Fuzzing: Remove panics of container_fuzzer
f2c3122e9 platforms: Format(): use path.Join() instead of joinNotEmpty()
acecd6603 Change protoc link
ce437864b mergo: Upgrade to 0.3.12 to fix panic
d1e868c83 ci: install criu from PPA
e692a0192 Add shared content label to namespaces
3a8622e30 Updates the location of protobuf downloads in docs
0d9393650 Update protobuf install to use correct repository
d62d6c11d Split release steps into multiple tasks
b4807122d Update release workflow to upload binary without CNI
67406b373 overlay: add an optional label of upperdir location of each snapshot
43117cf91 Script to check if entries in go.mod files are in sync
4ab3e7a53 runtime: fix the issue of create new socket with abstract address
cc88f8e0a Split fuzzer to two fuzzers
7a10fd4fc respect context timeout in shim binary call
23bc3db91 Enable critest on Windows
494b940f1 Introduce a new go module - containerd/api for use in standalone clients
4fdb88464 add CRI support matrix to RELEASES.md
b5fc7846c adding a little more clarity
1d3d08026 Support SIGRTMIN+n signals
18d6cc1b0 update gotestsum to v1.7.0
efa8ab715 Add runtime label to metrics
6294235d8 Fuzzing: Add container fuzzer
2405671d4 platforms: add "ios" as known OS, "loong64" as known ARCH
2556aac67 Fuzzing: Add archive fuzzer
0d45ac14e interface about shim build check
00d52bb15 integration: log all processes to investigate the test failure
f1d79d33b Discard blocks when removing a thin device
d2b6d192d Update cpuguy83/go-md2man binary to v2.0.1
53ec1abec remotes/docker/pusher.go: Fix missing Close()
67d07fe5c remotes/docker/fetcher.go: Fix missing Close()
0789a0c02 Add docker fetch fuzzer
b483177ee Support custom compressor for walking differ
150e07b64 Use systemd cgroup driver for cgroupv2 tests
603962bc8 update gotestsum to current master
a12c7bd1c go.mod: runc v1.0.1
43e0594ae update runc binary to v1.0.1
9537bc265 Dockerfile.test: build containerd in separate stage
36be5ef3a Dockerfile.test: add GOLANG_IMAGE build arg to allow overriding
8faacfca1 Dockerfile.test: clean up apt indexes after installing
9f7e6335c Dockerfile.test: build critools in a separate stage
7ec8e2d36 Dockerfile.test: build cni in a separate stage
f9f423c07 Dockerfile.test: standard directory to collect build aftifacts
e9f26eb87 Dockerfile.test: split dev stage, and optimize order
25fada0cc Dockerfile.test: skip curl, gcc, git and make install
546538971 install-critools: make sure DESTDIR exists
dbef1d56d runtime: runc v2: remove redundant validation
18321f539 Move loop check to before sleep
2e8a572df Add timestamp to flaky restart monitor test
55fd2ab5d integration/client: go mod tidy
e72046f86 Update Go to 1.16.6
bc4e416c8 Add test for archive breakout test for lchmod
894b6ae39 Fix missing Body.Close() calls on push to docker remote
ac75071b4 remove pkg/cri/platforms package
0a8802df6 Allow WithServices to use custom implementations
aefabe546 Dockerfile.test: add "cri-in-userns" (aka rootless) test stage
53835221f Cleanup lchmod logic in archive
d1c105192 use fu wei's suggeted interface pick for marshaling
14962dcbd add alpha version
4c6e4a06f gha: make release workflow work in forks
73d28ddeb client: surface a connection error more clearly
a7ad6b3be Add support for registry host path override
3a0b9ec6b Add unit test for plugin
95c708572 Update documenation for OCI distribution 1.0
a81f05f36 [Vendor] Update hcsshim to 0.8.18
16deba098 integration: Windows volume-copy-up images
63fe34add grpc config add options tcp_tls_ca
a5c417ac0 move up to CRI v1 and support v1alpha in parallel
bda7b5866 feat: Add snapshotter label to the new snapshot for container.
2019a1e68 Makefile: fix DESTDIR and PREFIX concatenation
04ab4418f test integration: Adds a test that restarts a failed container
03ee45006 snapshot/devmapper: log exported methods correctly
a964cf0cc un-export mount.FMountat
21f532d51 move sys.FMountat() into mount package
dac2543a0 sandbox: send pod UID to CNI plugins as K8S_POD_UID
5a0beaefb sys: remove StatAtime(), StatCtime(), StatMtime() and StatATimeAsTime() utils
f913a4275 go.mod: runc v1.0.0
28bb59c08 update runc binary to v1.0.0 GA
63c185da9 content/local: inline sys.StatATimeAsTime()
09d78bb6b allow multi gpu to be specified via ctr
560e7d479 fixing some doc links
d9694b297 Sync integration/go.mod with root go.mod
4a46ea2f4 archive: Expose ChangeWriter to allow customized diff computing
cd33c007c CI: Switch to available latest images
75b4c83f0 fix deprecation config for default runtime
1bbee573a github.com/golang/protobuf/proto is deprecated
91c8fa452 Update github.com/golang/protobuf from v1.3.5 to v1.4.3
b7e79dc5a Update google.golang.org/grpc from v1.27.1 to v1.38.0
8d2e156dd Increase golangci-lint timeout
87a2e0b2a runtime,v2: Enable debug when containerd is on debug+ log level
05e51539a command line flags of setting container rootfs propagation
394f86475 Re-enable criu in main integration runs
1dada3fc2 add cgroupv2 setup for cos with a flag
bfbebf02b Update gotestsum to add timestamps to junit output
2bb8ad7c9 Makefile: pass build tags to manpage build process
f60d447c1 Makefile: fix tags parameter computation
9c01fe20d Allow to pass --no-cgroup option to nvidia-container-cli
77374e8b3 Makefile: FHS conformant manpage installation pathes
3ab974433 Add proper Go version before project checks
af5a130bc Enable cri-integration in Windows Periodic Tests
7a2b04758 adds explanation for seccomp unset/unconfined default vs runtime default
01585595a update integration/client go.sum
419d616fe Install specific golang version in Windows CI.
69f43d458 Revert diff/walking error change
728743eb2 Fix cleanup context of teardownPodNetwork
014748bc0 fix invalid validation error checking
cabe67736 tests: Use EnsureImageExists for image pulling
a78bdf22d tests: Refactors PodSandbox creation
9a451d103 Update opencontainers/selinux to v1.8.2
93e268f62 tests: Symlink volume tests
edfd8d599 Change Wrapf of non-error to an actual error
a93b5cbc2 Install apparmor parser for arm64 environment
5f0fc4893 Add creation timestamp to RG
75daf45be docs: explicitly mention containerd's Prometheus path
2f870aa89 integration: Cleanup containerd on test teardown
558fdc680 diff/walking: fix defer cleanup
b5f530a15 Makefile: fix DESTDIR environment variable behaviour
498bb36f6 scrub the stale TODO
93d4541a2 docs/cri: update ocicrypt link
792466495 docs/cri: fix broken links
05c03de94 Update Windows periodic tests
9fcea1d3f Rename atomicWrite to writeToCompletion
b996e49c5 Do not run btrfs tests if btrfs kernel module is not loaded
50ad4b96c Fix incorrect UA used for registry authentication
923ab5b7c Makefile: use $@ for target file names
535d9cc59 ctr: parse mount options with embedded = character
a4f97d45d Add ruleset=4 option
5dec27b6f ctr: exec handle pty resize after Start
e1c845df5 Fix small typo
b9378b452 ctr: exec setup IO with console
869375a41 Remove useless lines
79e345221 update the link
1acca8bba Don't check for apparmor_parser to be present
ec28288f4 bump runc version to v1.0.0-rc95
599127f4d update runc binary to v1.0.0-rc95
a5b1740bb fixed typos
77285e311 Schedule Windows job daily after midnight.
2b58782df Update windows-periodic.yml
5dbae87c5 Bump github.com/Microsoft/go-winio from 0.4.15 to 0.5.0
1093f05ab Bump github.com/opencontainers/selinux from 1.8.0 to 1.8.1
b6a251749 bump hcsshim version to v0.8.17
b1d4140a2 Update docker resolver to authorize redirects
09a0c9471 tests: Adds support for Windows cri-integration tests
315739251 just release ctd-decoder not ctr-enc
1442fee22 Remove mountpoints not commonly mounted on FreeBSD
fc4da9728 Pin integration test image for alpine
9643c9965 Makefile: allow overriding install command via environment
4b1b8346b Makefile: make sure manpages are built before install-man
6e249b1ae adds credentials description
de04b3243 Add copyright header & make sure compilation succeeds on all platforms
e1fd6be7e Fix mounts for FreeBSD
de6db4038 Update vendored runc to v1.0.0.0-rc94
5c99f150a Update the runc binary used with containerd to runc v1.0.0-rc94
b890f056e Fix content.ReaderAt close
c5797c8fc Update releases doc with updated support timeline
c74a6c419 update to new cri-tools make install
e37ddafab metadata: modify NewLeaseManager to return leases.Manager
79d800b9b Update Go to 1.16.4
0ba7303ee Prepare default branch rename
7d70992d3 tests: add test for adaptor
e120261ee windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink
0b786908c doc: add missing namespaces package
b0d3b35b2 windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink
9ea25634b Makefile: allow overriding go command by environment
81402e475 Fix different registry hosts referencing the same auth config.
b56527cb7 update seccomp version
8014d9fee Skip TLS verification for localhost
b538d8f1a Update golang.org/x/sys to add linux/ppc support
b59e29773 adds description for hosts.toml
e26fc8472 go.mod: cut circular dependency on github.com/containerd/containerd
15e0bd513 integration/client: go mod tidy
98f5922b5 plugin: optimize the check for the last registration
273c2bb16 tests: Prepull images used in tests
402acd7c1 Small typo fix "reimporst"
f21627059 Use DeactivateLayer to recover layers that we cannot rename
421fc6ea7 Add CI periodic Windows Jobs.
c0e2f4b5d Try next mirror in case of non-404 errors, too
f8538b5e1 Fix error case in Windows layer cleanup
b592a4c1e oci: fix WithDevShmSize
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
81e445d1bc |
containerd: update to 1.5.8
Bumping containerd to version v1.5.8, which comprises the following commits:
ef071b07b mailmap: Add Kevin Parsons
2385fd14d Prepare release notes for v1.5.8
15d8c03e3 schema1: reject ambiguous documents
833407fbf images: validate document type before unmarshal
01428ec40 Fix containerd fails to pull OCI image with non-`http(s)://` urls
2bd3f18d9 [release/1.5] go.mod: Bump hcsshim to v0.8.23
047ea15d2 [release/1.5] go.mod: Bump ttrpc to 1.1.0
7b20299bc [release/1.5] update Go to 1.16.10
641976bea [release/1.5] update Go to 1.16.9
b988fc918 Output a warning for label image labels instead of erroring
3109820f5 Update test timeout based on recent cancellations
16762f3e5 Fix spelling mistake in Windows snapshotter
6094bc770 Use DeactivateLayer to recover layers that we cannot rename
bf02a8330 task delete: Closes task IO before waiting
aa7c9d9da Fix pull fails on unexpected EOF
bc2f973ff Prepare release notes for v1.5.7
f95fca079 btrfs: reduce permissions on plugin directories
68119b417 v1 runtime: reduce permissions for bundle dir
97db45e83 v2 runtime: reduce permissions for bundle dir
bc8fdf832 Update release notes and mailmap
77dafa20c Prepare release notes for v1.5.6
a4b51d119 Fix panic in metadata content writer on copy error
147705920 Use github images for integration tests
514137aa0 cri: add devices for privileged container
6bfd09f7c Enable image config labels in ctr and CRI container creation
923088852 seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted)
4133c775c go.mod: update runc to v1.0.2
011fb4c0b update runc binary to v1.0.2
210d3bc15 Fix content copy to not ignore unexpected EOF
a863339c5 [release/1.5] update Go to 1.16.8
f3d46f828 CI: Switch to available latest images
c7ed09d55 Adding testing of two devices in a directory
0ca2e2751 Fix dir support for devices V3 (#4847)
0fd19511e go.mod: Update hcsshim to v0.8.21
c0534c168 [release/1.5 backport] cri: filter selinux xattr for image volumes
27e164648 Allow expanded DNS configuration
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
0a7ae8bc50 |
global: convert github SRC_URIs to use https protocol
github is removing git:// access, and fetches will start experiencing interruptions in service, and eventually will fail completely. bitbake will also begin to warn on github src_uri's that don't use https. So we convert the meta-virt instances to use protocol=https (done using the oe-core contrib conversion script) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
7b46286b34 |
virtual/containerd: don't rprovide virtual/
Similar to the oe-core commit:
commit 93ac180d8c389f16964bce8bd5538d9389e970e6
Author: Michael Opdenacker <michael.opdenacker@bootlin.com>
Date: Wed Sep 1 11:20:20 2021 +0200
meta: stop using "virtual/" in RPROVIDES and RDEPENDS
Fixes [YOCTO #14538]
Recipes shouldn't use the "virtual/" string in RPROVIDES and RDEPENDS.
That's confusing because "virtual/" has no special meaning in
RPROVIDES and RDEPENDS (unlike in PROVIDES and DEPENDS).
Instead, using "virtual-" instead of "virtual/"
as already done in the glibc recipe.
We stop rproviding virtual/containerd to keep the namespace clean.
There aren't many users of this virtual provides, but we keep
it around (for now) to maintain compatibility.
At the same time we convert the RPROVIDES to virtual-containerd, to keep
it available and consistent with oe-core use virtual-libc, etc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
263e4d3d4e |
virtual/runc: don't rprovide virtual/
Similar to the oe-core commit:
commit 93ac180d8c389f16964bce8bd5538d9389e970e6
Author: Michael Opdenacker <michael.opdenacker@bootlin.com>
Date: Wed Sep 1 11:20:20 2021 +0200
meta: stop using "virtual/" in RPROVIDES and RDEPENDS
Fixes [YOCTO #14538]
Recipes shouldn't use the "virtual/" string in RPROVIDES and RDEPENDS.
That's confusing because "virtual/" has no special meaning in
RPROVIDES and RDEPENDS (unlike in PROVIDES and DEPENDS).
Instead, using "virtual-" instead of "virtual/"
as already done in the glibc recipe.
We stop rproviding virtual/runc to keep the namespace clean.
There aren't many users of this virtual provides, but we keep
it around (for now) to maintain compatibility.
At the same time we convert the RPROVIDES to virtual-runc, to keep
it available and consistent with oe-core use virtual-libc, etc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
b361531767 |
containerd: update to v1.5.5
Bumping containerd to version v1.5.5-11-g69e5db821, which comprises the following commits:
27e164648 Allow expanded DNS configuration
8cfab161f CI: Switch to available latest images
b9d5cff5d Update Go to 1.16.7
fe195c343 mergo: Upgrade to 0.3.12 to fix panic
677fade0f Prepare release notes for v1.5.5
166a81f88 snapshot/devmapper: log exported methods correctly
eb4ba99fe Install apparmor parser for arm64 environment
0bc1e1d8a update seccomp version
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
d876cfc5bf |
global: overrides syntax conversion
OEcore/bitbake are moving to use the clearer ":" as an overrides
separator.
This is pass one of updating the meta-virt recipes to use that
syntax.
This has only been minimally build/runtime tested, more changes
will be required for missed overrides, or incorrect conversions
Note: A recent bitbake is required:
commit 75fad23fc06c008a03414a1fc288a8614c6af9ca
Author: Richard Purdie <richard.purdie@linuxfoundation.org>
Date: Sun Jul 18 12:59:15 2021 +0100
bitbake: data_smart/parse: Allow ':' characters in variable/function names
It is becomming increasingly clear we need to find a way to show what
is/is not an override in our syntax. We need to do this in a way which
is clear to users, readable and in a way we can transition to.
The most effective way I've found to this is to use the ":" charater
to directly replace "_" where an override is being specified. This
includes "append", "prepend" and "remove" which are effectively special
override directives.
This patch simply adds the character to the parser so bitbake accepts
the value but maps it back to "_" internally so there is no behaviour
change.
This change is simple enough it could potentially be backported to older
version of bitbake meaning layers using the new syntax/markup could
work with older releases. Even if other no other changes are accepted
at this time and we don't backport, it does set us on a path where at
some point in future we could
require a more explict syntax.
I've tested this patch by converting oe-core/meta-yocto to the new
syntax for overrides (9000+ changes) and then seeing that builds
continue to work with this patch.
(Bitbake rev: 0dbbb4547cb2570d2ce607e9a53459df3c0ac284)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
0b31c44e0d |
containerd: update to 1.5.4
Bumping containerd to version v1.5.4-12-g1c13c54ca, which comprises the following commits:
7b17268fd remotes/docker/pusher.go: Fix missing Close()
2f11d5855 remotes/docker/fetcher.go: Fix missing Close()
4c1722e2b Update docker resolver to authorize redirects
166a81f88 snapshot/devmapper: log exported methods correctly
d2cb9949b go.mod: runc v1.0.1
6807d070e update runc binary to v1.0.1
81cfab8f5 Prepare release notes for v1.5.4
d9b284bfd Try next mirror in case of non-404 errors, too
48d7a5c5c Prepare release notes for 1.5.3
defaec610 Update mailmap
43d089233 integration/client: go mod tidy
ac7bd5483 Update Go to 1.16.6 (cont.)
385d9ed00 Update Go to 1.16.6
a695a0704 [Vendor] Update hcsshim to 0.8.18
0515f9d2d Fix missing Body.Close() calls on push to docker remote
f5c7cb6e0 Add test for archive breakout test for lchmod
37a44de17 Cleanup lchmod logic in archive
78b95dff2 update runc binary to v1.0.0 GA
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
99058cb9e0 |
containerd: update to v1.5.2 latest
Bumping containerd to version v1.5.2-18-g9be04c276, which comprises the following commits:
78b95dff2 update runc binary to v1.0.0 GA
a2dc682f1 sandbox: send pod UID to CNI plugins as K8S_POD_UID
9d8880816 content/local: inline sys.StatATimeAsTime()
3735a7dfe Fix incorrect UA used for registry authentication
31ecdf77d Fix cleanup context of teardownPodNetwork
b441ec19f Add proper Go version before project checks
d31f5e6b6 fix invalid validation error checking
3fd01c4ea Change Wrapf of non-error to an actual error
cba7b44b6 windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink
354f729a4 Prepare release notes for v1.5.2
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Bruce Ashfield
|
87460f34d7 |
containerd-opencontainers: update to 1.5.2
Updating to the released 1.5.x containerd.
We also add a patch to fix the following:
Since our oe-core go infrastructure insists on both -pie and static
builds (for the most part), and that is not recommended by many
packages, we end up with errors like:
cannot find package runtime/cgo (using -importcfg)
...
recipe-sysroot-native/usr/lib/aarch64-poky-linux/go/pkg/tool/linux_amd64/link:
cannot open file : open : no such file or directory
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Ralph Siemsen
|
96b765ff84 |
containerd: add CVE_PRODUCT to recipe
Allows the yocto cve-checker to flag CVEs, which would otherwise go unreported due to the package name not matching NIST NVD data. Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
c1da485cc9 |
containerd: update to 1.5-rc -latest
Adding the following commits into our containerd build: 3187b6dc8 tests: Adds consumed memory stats test 969ec8949 Specify seccomp target arch for CC c19b7b64d RELEASES.md: recommend alternatives for deprecated features 8a62aa1c3 Deprecate built-in aufs snapshotter 4e7915f80 CI: allow Go 1.13 for Docker/Moby compatibility 8e589e873 Vagrantfile: update to Fedora 34 5847340a7 tests: Refactors container image usage 9f43eade6 Prepare v1.5.0-rc.3 release notes 4c7b960cb prow needs some additional setup for docker buildx 2e4c1d4b7 Use the multi-arch version of the test images 4e00c4b65 integration tests needs lsof 177273680 Add script to build test images 1b5d59dfe Add multi-arch support for test images 78e529727 add integration tests 2b0e6cdd4 Separate jobs for build and test for openlab/arm64 cdd075853 Release artifacts for Linux ARM64 efcb18742 Add unit tests for PID NamespaceMode_TARGET validation b48f27df6 Support PID NamespaceMode_TARGET 909660ea9 process: use the unbuffered channel as the done signal 0f332dadd Update cgroups for regenerated protos 391b123a5 adds quiet option for ref ab1654d0e Fix PushHandler cannot push image that contains duplicated blobs 00f8d32ef add not found debug out for check cmd; update usage 55734b1c5 Prepare 1.5.0-rc.2 release notes 3ef337ae3 Update containerd vendors to tags fbe1e140f Update Go to 1.16.3 c1d1edbad gha: use sudo -E in some places to prevent dropping env-vars 7966a6652 Cleanup code 5d79d3adb go.mod: update kubernetes to v1.20.6 1c03c377e go.mod: github.com/containerd/fifo v1.0.0 12a2a2108 go.mod: github.com/google/uuid v1.2.0 3292ea586 pkg/seccomp: use sync.Once to speed up IsEnabled 00b5c99b1 pkg/seccomp: simplify IsEnabled, update doc 6dd29c25f go.mod: github.com/containerd/aufs 330a2a809 go.mod: github.com/containerd/zfs 34780d67a runtime/shim: check the namespace flag first c3dde8c4b freebsd: add zfs to the default plugins b431fe4fc freebsd: don't run shim delete in deleted dir 1f4192daf freebsd: exclude v1 runtimes cb1580937 metadata: improve deleting a non-empty namespace's error message 5bf84034d Remove junit test result processor b83d04f91 Add variable names to runtime's interface definitions 993b86399 Add shim start opts 8a4cbabc6 Reimport windows layers when comitting snapshots af1e2af72 ci: upload junit formatted test results Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
47cb6b4e18 |
containerd: update to v1.5.x series
Bumping containerd to the 1.5.x development series. We refresh patches and add new build dependencies, but otherwise the overall structure is the same. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
15016704d3 |
containerd: add runc runtime dependency
containerd is rarely used without runc, so we add the runtime dependency to make installation and image construction easier. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
8597d4e3a9 |
containerd: export GO111MODULE=off
With the latest go version bump in oe-core export GO111MODULE is on by default. Our build is not setup to use go modules, so we disable it and avoid configuration errors: no required module provides package ... : working directory is not part of a module Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
24df561414 |
containerd: use service file from source tree
We no longer need to support both the docker and opencontainer variants, so we can just grab the service file from the source tree. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
ec73ce93c9 |
containerd: fix service file to not reference containerd-docker
We are not building containerd-docker anymore, so the containerd service file should not be changing it in as the binary. It is confusing when you see 'containerd-docker' in the process list, when you've built and installed containerd-opencontainers. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
e0cd8599f1 |
containerd: remove container-docker and consolidate .inc files
There has been a warning in the containerd-docker recipe for quite some time, which indicates that it will be removed in the future. That time has come and we delete that recipe. It is no longer updated and everyone should be using the opencontainers variant. Now that we don't need the .inc, we delete it and consolidate in the single recipe. We also enable the systemd service by default, since docker is no longer in the picture and starting the daemon/service. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
cd6feb72b8 |
containerd/opencontainers: update to latest 1.4.x SRCREV
This includes the following commits: 232cee448 Update to go 1.15.8 f087d7849 runtime: fix shutdown runc v2 service edffc830b change flag from RDONLY to RDWR and close the fifo correct e7cd2030e pusher: add missing authentication support for requests ec752e8ba docker: avoid concurrent map access panic b73052d34 runtime/v2: should use defer ctx to cleanup 8cff6b375 [release/1.4 backport] Return GRPC not found error instead of plain one a6f6eb00c Add bounds on max oom_score_adj value for AdjustOOMScore Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
8c5314725d |
containerd: bump to v1.4.3
This version bump incorporates the following fixes: 727e1728d Prepare 1.4.3 release notes ae3a64aa1 containerd-shim: use path-based unix socket 428f10fd2 Use path based unix socket for shims f2e4291b6 Prepare 1.4.2 release 76f3d1955 Update mailmap for 1.4.2 release ca9950755 Update cri version to pickup unknown state fix 0b97c6204 Update cri plugin c0f1add3c Fix Windows service panic file to not be read-only fbe18caa1 Update btrfs vendor for chkptr fix for Go >= 1.14 cbbf257ab Add Go test runs to GitHub Actions CI 19776b75b Adjust overlay tests to expect "index=off" 7eb852214 Allow oom adj test to run in environments with a score 036ede698 Import crypto for all snapshotters during testsuite 5618423a0 Add comments clarifying copyWithBuffer implementation a2ebee357 replicate io.Copy optimizations 9b2156aa8 Improve image pull performance from http 1.1 container registries 56291a221 bug fix:#3448 16e51fc31 Fix integer overflow on windows 6ebd9a94a Update other actions for env/path CVE fix 0a3488c71 Fix GH Actions CI deprecations cc3be9ae3 Bump Golang 1.15.5 ebffce3ad seccomp: add pidfd_getfd syscall (gated by CAP_SYS_PTRACE) 229f5ea4e seccomp: add pidfd_open and pidfd_send_signal e45f41e3a update to golang 1.15.2 695516287 Remove setuid gosu in favor of "sudo -E PATH=$PATH ..." 77931f801 ci: run critest target for all runtimes c745d237e Revendor CRI to get disabled annotation config default 88e7f23bc Read trailing data from tar reader 856a12fca Update github.com/Microsoft/hcsshim to v0.8.10 cc6f72a00 Check if a process exists before returning it 9a44af11d Windows CNI install script using lowercase "destdir" Runtime testing completed on arm64 and x86-64, as well as with orchestration engines. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
d3207bbd6f |
containerd: upgrade to 1.4.x
Updating containerd to the 1.4.x release series, which contains the
following changes:
97d690d20 Prepare v1.4.1 release
42f387186 Always consume shim logs
f247618a3 Report correct stats for windows containers
cc5d1518f Update go list to respect build tags
086e859d2 BUILDING.md: fix description about static builds
16712ae49 bump cni version to v0.8.0
1575c88cc seccomp: add `faccessat2` syscall.
8bd2becea seccomp: add `openat2` syscall.
4e3397e05 shimv1: downgrade poroccess missing log to debug
d118c90d3 Ignore SIGURG signals in signal forwarder
3ee6189fe Exit signal forward if process not found
a1289d6b8 tasks: Monitor v2 tasks in initFunc as well
1f823f76d seccomp: allow io-uring related system calls
3d28944be seccomp: allow clock_settime when CAP_SYS_TIME is added
e5cc7d527 seccomp: allow quotactl with CAP_SYS_ADMIN
20273a803 seccomp: allow sync_file_range2 on supported architectures.
357d10021 seccomp: allow personality with UNAME26 bit set
0c9de6629 seccomp: allow syscall membarrier
caa461167 seccomp: allow adjtimex get time operation
2b80b7dc4 seccomp: allow add preadv2 and pwritev2 syscalls
e71eccbca seccomp: move the syslog syscall to be gated by CAP_SYS_ADMIN or CAP_SYSLOG
feff914af runtime: ignore ErrNotExist when remove rootfs
23e0ea27b snapshots/devmapper: fix rollback
d68ddb0c0 Prepare v1.4.0
6be2eccd7 Update releases page for v1.4.0
d469bffcd CI: disable crun on Vagrant to decrease flakiness
77a33e3db systemd: add license header to systemd unit
8d39722fe Vagrantfile: increase memory
41469ed72 Update version for 1.4.0-rc.1
60fa35f11 Fix DCO commit limit
d2472ecc5 Add CRI release build
1c7312e5d Update containerd systemd unit file
ccda53760 Create etcd user in cloud init.
e973719cc use containerd/project header test
cb7ffd4b0 Fix indent in cni.template.
3e03ba7aa Update deployment and integration test
9c5451792 Add TaskMax=infinity
523b0b3c6 Remove `noSnat`
231d291b2 Use v2 config.
1e1688d21 Use per-pod shim.
87bd84a7b Add DefaultRuntimeName option.
cfab98a5f Use ctr images import.
5e3ac16cc Add `cri` as required plugin.
5b9d8476e Use runc.v1 for now for debugging.
e6e272e74 Enable runc.v2 as the default runtime in test.
d19aa0fd2 Use local env to avoid writing to passed-in readonly env.
ee6d69bbc Set default "" to extra runtime handler.
474c79bd5 Expose vars to configure an additional runtime handler
ce12477f4 Support docker 18.09 in the test script.
146712101 Remove the unused `health-monitor.sh`.
201ad4d3c Support netd in GCE bootstrap.
5ce705750 Serve streaming on localhost by default to match k8s 1.11 default.
b553fdaf3 Remove crictl on GCE for all cases.
d8ce08fd9 Set stream server to serve on localhost on GCE.
1629bab7f Make max container log line size configurable through cloud init.
042378dcf Disable TLS streaming to work with new kubelet streaming proxy.
37f2ecad9 Update cni.template
b58b6fef8 Disable restart plugin on GCE.
f938a166c Fix kube-container-runtime-monitor.
91f8e61bd Use crictl installed in kube-up.sh
5161f663e Add `unix://` prefix for socket addresses used by CRI remote client.
1b995fcaf Add KUBE_CONTAINER_RUNTIME_NAME to fix fluentd support.
48457a254 Try using preloaded containerd if no version is specified.
c67a38b0b Add log level support.
4453aac00 Improve gce bootstrapping in various ways.
1bd3cdc57 Add cni config template support.
d520fac50 Enable TLS streaming in all the setup.
cdb4aec93 Use systemd service cgroup and oom score adj.
af8bd8068 Fix for kube-up.sh and update several documments.
005da4a9b Replace `ctrcri` with `ctr cri`.
0e2bd216c Update GCE cluster bootstrapping and e2e test
59e65e1f3 Enable container log rotation.
85b4e69c9 Do not block on stream server close.
2ea6584ca Add initial wait for health-monitor and use pkill -x.
56b7ef2c4 The ENV is finalized as KUBE_KUBELET_EXTRA_ARGS.
24a3a0a06 change crictl sandboxes to pods; other references to sandboxes
8bc30e7a2 Update ocicni to main stream.
a01071558 Add a separate CLI for cri-containerd `ctrcri`.
a843a3064 Use registry-1.docker.io as backup
ec649079a Put version into metadata so that version won't be changed across restart.
7cbc1c8dc Set registry mirror.
9f0816ac4 Configure container runtime cgroups for cgroup.
be72f47ec Add runtime cgroup and fix a cli panic.
680e21c43 Update all glog flags to `log-level`.
d50b9dd64 Update containerd to 6c7abf7c76c1973d4fb4b0bad51691de84869a51.
869ea6b0c Add document for kube-up.sh
30cbfb62e Add OS and arch in release tarball.
0512d1e0b Add `cluster` directory and health-monitor.sh.
a1736f98a vendor: containerd/cri 4e6644c8cf7fb825f62e0007421b7d83dfeab5a1
15fa7f378 vendor: update kubernetes v1.19.0-rc.4
4a0ac319c vendor: golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4
f80b4dc58 vendor: golang.org/x/net v0.0.0-20200707034311-ab3426394381
5a9a6a145 vendor: golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
aa40ebb41 vendor: json-iterator/go v1.1.10
b4376e986 Update Vagrantfile for testing SELinux
55c9eade3 Bump Golang 1.13.15
e3e2c3946 update docs/rootless.md
843360298 update runc to v1.0.0-rc92
e20a5079e Add --cpu-quota, --cpu-period flag to ctr
3cc2be2a8 Update cri-tools to v1.18.0-100-g2bf7674 for Go 1.15 compatibility
628855923 Prepare 1.4.0-rc.0 release
74e9aa7ab snapshots/devmapper: don't hardcord the platform strings
adeba792f Add namespace query parameter for registry proxying
5a190c707 Remove seccomp/Linux deps steps in GH Actions
6988b4d64 remove `seccomp` buildtag
362b7167a vendor: update cri (no more libseccomp cgo dependency)
03b5a053e remotes: mark GetTokenScopes public
b43a01a22 Change nodeset to `ubuntu-xenial-arm64-openlab`
04b98bb0e Deprecate legacy shims
b87023185 vendor runc library to v1.0.0-rc91-48-g67169a9d
02afa9425 Add --cpus flag to ctr
aa56cfc0a Import Windows manifest into test build, rather than copying by script
5b1627410 vendor: update containerd/continuity efbc4488d8fe1bdc16bde3b2d2990d9b3a899165
1ec1e9eab Add Windows 10/Windows Server 2004 for integration tests
faa4ff56e Usefully fail tests with unknown or bad Windows Build version
3795dd41a Always report server log from verbose integration test runs
4318f93f9 Add Spec() method to task
3611efdce update cri to 8448b92d237e877bed1e4aa7a0baf0dee234
1b320bcc2 update for cni config
c2081369c Add doc about remote snapshotter
403dc83a2 mount: retry executing the helper binary on ECHILD
06fb93e0f Reject host-mode networking on Windows
ca15cb0d8 Fix incorrect (cut-and-paste) method comment
c8b14ae4c Set content labels based on content type
d7b9cb001 shim: move event context timeout to publsher
b97c660e1 cgroup2 CI: add RUNC_FLAVOR=runc
1a7bbd1f7 vendor: update containerd/cri
96099550b parseIDMapping: accept 32-bit IDs
089672fff Bump Golang 1.13.14
c383436af snapshots/devmapper: suspend a device to avoid data corruption
71f11db8a Annotate bare ErrNotImplemented returns
061d338ec CI: run CRI tests on Fedora 32
decbb0499 RELEASES.md: fix a dead link
b2ee43206 CI: add back shim v1 test
c4418bb3a CI: remove an unreferenced variable
212c29833 Updates to go-systemd and selinux
b47c7ec27 Update to later version of critools with timing fix.
7af3d7e17 Don't clash with GH Actions runner's containerd
c520f819a Bump Go 1.13.13
7119a2a15 platforms: don’t log arm variant error on darwin
fc0448518 Update version to 1.4.0-beta.2
cc493eba3 vendor: containerd/cgroups 318312a373405e5e91134d8063d04d59768a1bff
7855b0a78 Make title similar with other CI workflow jobs
852587cd1 [events/exchange_test] Fix deadlock in TestExchangeFilters
d47c0392d Updating build doc to require Go 1.13
09f453394 CI: {v1, v2} -> io.containerd.runc.{v1,v2}
d7e59b141 enable removecontainer to forcibly remove containers
963625d7b Update runc to v1.0.0-rc91
c041970e9 update crun to v0.14
a6dd1f27d update urfave/cli v1.22.1, go-md2man v2.0.0, blackfriday v2.0.1
68b736ddf cio: should not open fifo for stderr if terminal
57a9f0b50 Minor actions fixes/updates
148cc8f71 [events] Fix deadlock in TestExchangeBasic
aa191deff Change log for unknown mt to debug
45c28f56b Add ability to use remapper labels versus remapping snapshot helper
c76bf5504 Make unique snapshotter opt for label-assisted remapping
331793118 allow user namespace remapping using snapshotters
e977564a8 seccomp: allow 'rseq' syscall in default seccomp profile
e7f069e2c describe content flow and dependencies
b96f5f4b5 Fix deprecation warnings in CRI tests due to missing unix:// scheme
fd99b6566 decrease log level of cgroup2 ToggleController error when running in UserNS
2b0a994cc explicitly fail apparmor when !linux
bebfbab03 vendor: update bbolt to v1.3.5
1a83f9a63 Bump Golang 1.13.12
03ab1b2ca Add config for allowing GC to clean unpacked layers up
ee734e867 Add test case with backticks
ea0687769 vendor: golang.org/x/text v0.3.3
f1a469a03 shim v2 runc: propagate options.Root to Cleanup
8897e1520 Add more test cases with single quotes
cb91b1724 Add testcase containing mountpoint with escaped backslash
87f9fdb06 Cope with double quotes in Linux Mountinfo
4c49ff88c integration: assume TEST_RUNTIME to be io.containerd.runc.v2 by default
785f4c5cd Bump CRI for 1.4x release
730b7a932 Change the type of PdeathSignal
d656fa38c restart plugin: support binary log uri
0f831093c Update usage of whitelist in project
d36810d66 overlay: use index=off to fix EBUSY on mount
7213cd89d Process I/O: Fix goroutine leak
ae08491bf waitForPid: fix goroutine leak
8fcd5a1f2 Streamline hcs shim release flow
ef0cf1264 Match version used in CRI project
2be80f999 Add windows hcsshim to release pipeline
3e95727f3 Make killing shims more resilient
e64b14820 Revendor CRI to 62c91260d2f43b57fff408a9263a800b7a06a647
3dd8242a6 Add host specific headers
2f601013e cgroup2: implement `containerd.events.TaskOOM` event
62fd1750e Revendor CRI to 8898550e348932e406049e937d98fb7564ac4e7a
2bc4e90f6 Don't inadvertently clip release notes
636c533d9 Add ctr subcommand to print default OCI spec
230cf6ded Add unit test for func in remotes/docker/handler.go
bb2b2825b Add release GH Action triggered by signed tag
8f1ddb142 Update release for 1.4.0-beta.1
c376f4f76 Move Windows testing to GH Actions
322628347 Fix client tests to work on Windows.
b8ccdcb07 Add `ctr` flags for configuring default TLS credentials.
c5273930b Update CRI to 52c2c6b5df15790b671ebd6cbbc6039a4d30
af131d725 cgroup2 CI
e34bf08e5 riscv64 arch does not support -buildmode=pie
0c9b05fa6 Fix image usage calculation error
84619ee99 Fix configurations with no server provided
06b0cd45b Fix nil pointer errors
03755821d seccomp: remove the unused query_module(2)
5765991f2 seccomp: Whitelist `clock_adjtime`
db74d3115 unpacker: Fix data race and possible data corruption
232518252 docker: fix data race on err
d07a71b97 Bump Golang 1.13.11
0207b7ff0 Enable running CodeQL on PRs that modify Action
1a06884f1 Add CodeQL Analysis workflow
563964e9d Trigger nightly builds on pull reuqest events
77ab0104e Add release notes for 1.4 beta
6eeed18cb vendor: opencontainers/go-digest v1.0.0
7cdacdda8 Set codecov to not comment on PRs
3e7bbb8a4 vendor: update containerd/cri, remove "docker/distribution" dependency
9898dc2a6 Code about `task` in "README.md" is out of date
f09e99909 vendor: containerd/go-runc 7016d3ce2328dd2cb1192b2076ebd565c4e8df0c
d9d1d5b62 vendor: containerd/fifo f15a3290365b9d2627d189e619ab4008e0069caf
c5078a5b7 vendor: containerd/continuity d3ef23f19fbb106bb73ffde425d07a9187e30745
b437938d2 Transfer error to ErrNotFound when kill a not exist container, also add test case.
2c77dc63a vendor: update containerd/cri to current master
a4f8be1d4 vendor: kubernetes v1.18.2
0d198fd09 vendor: roll docker/distribution back to latest (v2.7.1) release
1b9640496 ConfigureHosts: remove deprecated DualStack option
e9e765d6e Use tagged versions in vendor file
bd3210d29 remove releases/*-beta.toml
ed261720c Update ttrpc/typeurl to v1.0.1
dc92ad652 Replace errors.Cause() with errors.Is()
f212e7d1f vendor: github.com/pkg/errors v0.9.1
63b7587cd snapshots/devmapper: fix race windown causing IO hangup
24b331ad1 omit sudo when EUID eqto 0
0088c2de8 sys: RunningInUserNS(): use sync.Once
76c62f272 sys: simplify RunningInUserNS to original implementation
6a9b94927 Remove remaining uses of libcontainer/system package
37c839e59 sys/proc: remove GetSystemCPUUsage as it is unused
1b66fecad Integrate sys.SetSubreaper, sys.GetSubreaper in sys/reaper package
fffea312a move sys.Reap() into sys/reaper package
295e74008 sys: remove custom setChildSubreaper const
ec12d3042 vendor: sirupsen/logrus v1.6.0
23aab35fd Remove libcontainer from containerd-shim
ae7cdc814 vendor: update containerd/cri
c1096864a Update to latest hcsshim - 0.8.9
ea182aec8 vendor: sirupsen/logrus v1.5.0
68f151593 vendor konsorten/go-windows-terminal-sequences v1.0.3
046a520c9 vendor: update containerd/cri dc7afe8fbe53db06c3f883f6f8c9895a9dfb2314
8e76d18ef remove if condition because it is handled by the sdNotify daemon func
1a10211e3 WithLease: always return context and done fn
98b30f469 Add commands to mount/unmount image from ref
cd0e62f5c Allow more time for containerd to start for integration
9687ba631 test: TestRuntimeWithEmptyMaxEnvProcs should cleanup
b566859ac .zuul: update go version to 1.13.10
32649fe30 Fix retrieval of golangci-lint specific version
126e497e6 vendor: update ttrpc with 6e416eafd26e6e738df716b21d421d5b59702bb4
0116352e1 runtime: ignore ttrpc.ErrClosed when delete task
917e7646a Add binary IO tests
9175401b2 Cleanup binary IO resources on error
0dc7c8595 Don't use timeout package when stopping shim logger
857408315 This config no longer exists, so remove from docs.
e79d666cd vendor: update containerd/cri 61b7af7564602234662562a9d37e772f5a54facb
61597b431 Disable Travis CI on master
74ceb35f5 Small fixes to our Actions CI workflow
7a252f3ca Build runc with selinux support
041545cd6 Fix protobuild and CI check protos
e3bc5c487 Use GH Actions CI status for badge
49200a1dd CRI plugin needs selinux tag as well
d97cca47e RELEASES.md: update release1.2 status
4615111ba content/local: validate digest before calculating path
a6828e8c3 CI: Some Go 1.13.10 updates that were missed
7da1e13b5 Bump Golang 1.13.10
35c14c6b5 sys/mount_linux: use pipe for communicating mount result
f328f61b8 Update to selinux 1.5.1
f7c2bf544 Migrate functions to actions
d7c2513ff Update integration test timeout
0caa23315 Rework shim logger shutdown process
067aba732 Add test for default setup for host configuration
d9a1c3f9e bugfix: add default host config if not set
6d4429edd Setup dependencies between jobs
e598e5e0c Add CRI tests
4175ebf23 Move integration tests to Github Actions
599547d9c Make binaries with Github Actions
3968fb0a4 Revert "vendor: update go.etcd.io/bbolt v1.3.4"
056d60224 vendor: update go-events to fix alignment for 32bit systems
4fb3410f6 vendor: cilium/ebbf 4032b1d8aae306b7bb94a2a11002932caf88c644
e822296fc vendor: runtime-spec v1.0.2
3261fb5c4 vendor: containerd/cgroups b4448137398923af7f4918b8b2ad8249172ca7a6
aa76d9537 Bump Golang 1.13.9
ad090e67e man: move ctr.1, containerd-config to section 8, and fix generation
356782cb4 Makefile: man page: rename containerd.1 to containerd.8
547301cb0 Update ctr resolver to use new config package
17b6050d2 Add Docker resolver configuration package
dc131aa86 support loading certs from a directory
c263c5b14 Add unit test for func in remotes/docker/handler.go
c8d9c6f2a Add unit test for func in remotes/docker/handler.go
fb9e3d9f2 vendor: update go.etcd.io/bbolt v1.3.4
e4cbbc78b Move checks to Github actions
c1a218195 Add docs for build tags used by cri.
d654dbafa Allow the id for cgroup metrics to be changed
78ab1d13d Correct logic of FIFO cleanup
92a36dc10 Add version numbers for newly tagged repos
0c78dacbc Move isFifo from process/io to sys/ and make public
9529c69b8 seccomp: add 64-bit time_t syscalls
ebd745f91 ctr: do not assume runc options by default
e2269f2ae archive: skip chmod IsNotExist error
bd2265300 Add devmapper configuration examples
5ef66e48f ParseSignal: drop add'l check for numeric signals
649f2aac6 add -v to shim binaries
4ff9d6996 Increase golangci-lint timeout
c00cf9a67 vendor: containerd/cri 92cb4ed9786a6cd271152ba1f862183d84701003
488d6194f fix dial error when clean up a dead shim
6e638ad27 Nit: fix use of bufio.Scanner.Err
4326fc624 Update Golangci-lint v1.23.8
4756258fa service_windows.go: remove unused "service" variable
a9bd451ab Avoid duplicate imports of github.com/gogo/protobuf/types
cad67b73f Update btrfs dependencies in docs for debian buster and ubuntu 19.10 * Fixes: #4090
632023698 Partial revert of sys: windows: use golang.org/x/sys/windows
0a7fd55f3 sys: deprecate EpollCreate1, EpollCtl, EpollWait
7b06192f6 sys: windows: use golang.org/x/sys/windows
1b7d1e81b vendor: golang.org/x/sys 5c8b2ff67527cb88b770f693cebf3799036d8bc0
ddae905b8 Support NOTIFY_SOCKET
b78dfbdfb vendor: golang.org/x/sys 52ab431487773bc9dd1b0766228b1cf3944126bf
ba6796abd vendor: update kubernetes v1.18.0-beta.1
f3d062423 vendor: sigs.k8s.io/yaml v1.2.0
04c805e63 vendor: github.com/google/gofuzz v1.1.0
12c7d6976 vendor: update containerd/cri 1a00c068864a59835ff442e0dddfa5a254be6bb3
5607b23b0 vendor.conf: move some imports to match position with containerd/cri
e3ab8bda6 Avoid allocating slice for finding Process
1239f5403 export cgroups collectors
8c9e84174 RELEASES.md: update release status
e0a8fe7cb vendor: bump golang.org/x/crypto bac4c82f6975
a687d3a36 Check error return from json.Unmarshal
a3ca8a0df Add linux resource oci.SpecOpts
00e6be9f4 Add ctr c info --spec flag to output spec
3be12fe1c Do not loose snapshotter options
8cddb5f91 Pass snapshotter opts during Pull
a3685262f snapshots/devmapper: do not stop snapshot GC when one snapshot removing fails
b6bf7b97c devmapper: async remove device using Cleanup
c7eec0c17 Fix file header in builtins_cri.go
f2edc6f16 vendor: update gotest.tools v3.0.2
026e43806 Update to a released version of opencontainers/selinux (1.3.3)
f8ade8deb Use named error return for service#StartShim
985b26f2f AppVeyor: disable download progress on choco installs
4105135e3 fix killall when use pidnamespace
4dd75be2b Unify dialer implementations
8e448bb27 vendor protobuf & grpc
c134a9bef Use spec's mountLabel when mounting the rootfs
1d888ad6a cleanup the image synchronously for Usage case
18e581dd9 bugfix: cleanup dangling shim by brand new context
fed8890e9 Enable CRI plugin for Windows builds as well
84464b801 v2: Cancel shim log ctx when ttrpc is closed
f3652d068 vendor: golang.org/x/crypto 1d94cc7ab1c630336ab82ccb9c9cda72a875c382
773adf7ab Remove the executable bit for api/*.txt files
8e685f78c support building with BUILDTAGS="no_zfs no_aufs"
61596169b Update .mailmap
f44d36099 Update .mailmap with changes from release-branches
499ab8a99 Update Golang 1.13.8
246a560ed script: use github.com/kubernetes-sigs/cri-tools directly
75d0c5f2e Fix incorrect comment from copy/paste of starting script
0dd6d24d2 Fix reference to LICENSE in README.md
89de113de Support 32-bit userspace on 64-bit ARM cores
d8a0d29c2 Set octet-stream content-type on put request
348e683ce Fix zsh autocomplete script
263ab7014 vendor: bump gopkg.in/yaml.v2 v2.2.8
4c3827889 vendor: update containerd/cri c0294ebfe0b4342db85c0faf7727ceb8d8c3afce
f0652e143 Make tests less flaky
bb8af922b Add support for custom wcow and lcow sandbox scratch sizes
5e6d56ee2 Fix startup_delay within default configuration
833701165 ctr events: do not exit on an error
200241163 vendor: update golang.org/x/crypto 69ecbb4d6d5dab05e49161c6e77ea40a030884e1
32ba75f0f Update Golang 1.13.7 (CVE-2020-0601, CVE-2020-7919)
e42110f32 Fix broken link to release-tool
e2e07c9bc RELEASES.md update links to latest v1.2.11 and v1.3.2
0dc69620b update dependencies of containerd/cri
53ced5ffe update to latest containerd/cri (master)
faf03c3d2 Pick up fix for CVE-2019-16884 in opencontainers/selinux
923c05bed Bump to opencontainers/runc new version - v1.0.0-rc10
e44d00865 Appveyor on_success field should be an array.
a224937d2 Disable CGO for AppVeyor build steps
75af17946 Pull: create image record after blobs download
45a17cffb Vendor Microsoft/hcsshim with CGO removal
94964b36d Update Golang 1.13.6
22b73a9a7 vendor: bump containerd/btrfs to 153935315f4ab9be5bf03650a1341454b05efa5d
1189cc40f snapshots: fix flaky TestMetastore
35a8e6e58 sys: clean up process after test
3eb57b01b Added IO metrics
e859b8a92 gc: increase sleep time in test
486d33631 test runtime v2 CPU settings
66508589d fix: eventfd leak for v2 runtime with v1 cgroups
9456040ac fix: eventfd leak
2f0db8e2a vendor: bump prometheus/client_golang v1.3.0
e10c91187 vendor: bump prometheus/client_golang v1.1.0
845b91d6b vendor: bump prometheus/client_golang v0.9.4
04506b87d vendor: bump docker/go-metrics v0.0.1:
99911ea66 vendor: bump prometheus/procfs v0.0.8
ed6ae8186 vendor: bump prometheus/common v0.7.0
c02dc24ec vendor: bump prometheus/client_model v0.1.0
77a3780c2 vendor: bump beorn7/perks v1.0.1
e1221e69a revendor containerd/cgroups
4d62d8795 bump microsoft/hcsshim to 0.8.7
95fbf3dc2 Fix unpacker to pass use apply options
3af3a7602 Fix filter errors
7b52bc506 Add unit test for func in filter.go
cd1cad9d5 Support disk usage in windows-lcow snapshot
f3090ce80 ci: set pipefail in zuul script
90cd777a6 platforms: fill default arm variant when parse platform specifier
b553bc14a update docs/rootless.md
94d499843 Add Makefile variable to skip test packages
123af61c0 Add Cleanup to snapshot API
465c11dc8 Fix build with gccgo
52e477f94 Fix outdated comments
b127b666a ctr: support $CONTAINERD_ADDRESS env var
a4b423b19 overlay: test actual Opts
067a66b90 .travis.yml: run test with crun
1fb1d9321 v2: Fix missing ns when openShimLog on windows
a18f77bea create local version of introspection service
e739314ed mount: support FUSE helper
87e2a9595 Fix a typo in task.go
d82fa4319 v2: Call shim.Delete at first when create is failed
493a36de9 Move label filter to snapshots package
06f6ea099 switch nighly builds to Go 1.13.5
c07e356d2 Update Golang 1.13.5
072dfbaf3 Support pushing a specific platform of a multi-architecture docker image to a registry
4ccb7aa22 Enable to propagate necessary information to snapshotter during unpack
496836c09 Update containerd/console vendor for fix
a057bfbd7 Add more adopters to ADOPTERS.md
facedf898 Remove an empty line
05d192929 Update checkImages to accept images.MediaTypeDockerSchema2Manifest
c4ed3ff1e Replace ocispec.MediaTypeImageManifest with manifest.MediaType
fbd46d709 runtime v2: Close platform in runc shim's Shutdown method.
02dcf384b Disable criu tests in Travis CI
62adc516d sys: mkdirAs: do chown if dir already exists
49e7039a8 cpu metrics consistency
b9d9bdf1f make cpu metrics consistent with v2 docs
929ab521c fix system usage naming
659c971ca task metrics fix
23dbae3e7 Schema name fix
17d61d6b7 Units fix
f287bc229 Schema names fix
6bfb24824 Fix prometheus metrics units
b98cc7918 Added memory and cpu metrics for cgroupv2
75efbaf67 Attempt to make device mapper snapshotter tests less flaky
9eef69e3a Update after review comments
43fca9eba metrics: rename pids_v2 to pids
a022c2181 Improve host fallback behaviour in docker remote
fa62b6d23 Use logrus instead of printf for warning
08517e586 Allow empty scope authorization
499fbb033 Improve install scripts
e0011978f start.go: Improve help text
9862cb8f8 support user remapping in ctr
b02e20f12 cgroup2: enable controllers automatically
8f870c233 support cgroup2
caeacfce3 Correct grammar/typo in BUILDING.MD
51a6813c0 Split uid and gid user ns remapping in oci
30d92eff1 Defer layer download until unpack
9d5a095b0 Bump containerd console for os.File changes
cd23ad244 Bump go-runc for buffer race fix
6a22a8fc9 Return the underlying images metadata
787be0efe Modify ctr run to search for read-only flag instead of readonly
cfb4f734d Make sure for next release branch appveyor runs
f92470b3e Fix dependency in BUILDING.md
a6b6097c9 Fix container pid.
726dcaea5 update cpuinfo to make variant matches aarch64 and so on
6fa9a42ea vendor.conf: sort imports alphabetically
a44189d2f vendor.conf: pin all dependencies by git-sha
55ea3dc9b vendor.conf: reformat to use columns
8da434668 Fix cleanup error on content client test
252d6550f Update cri and docker vendors
8a66dc6ed bump containerd/go-runc a2952bc25f5116103a8b78f3817f6df759aa7def
526c0db69 Support target snapshot references on prepare
d1261b508 Update snapshot parent filter property to always exist
11ef041ff Update golang.org/x/sys to recent commit
afd33bce8 test add tests to spec_opts
731e144a4 devmapper: update example base image size in README
19f7f3ccc test: Do SynchronousDelete cleanup before testing ImageIsUnpacked
0bb48aef0 Add `--log-file` flag for windows service.
c56059162 Avoid deadlock in unpacker.
32ef2e630 Update README
82651d386 Cross build nightly builds (arm64, s390x, ppc64el)
c479156b8 Add Github workflow for nightly builds
856ea3055 Add client unpack opts
3db1c3b8f Better support windows binaries.
843423ec3 snapshots: return error if readSnapshot fails
5bf2c6fc2 Fix panic on reference.Spec.Hostname()
fda652be5 Update name for btrfs headers package
a647407ca Fix dependency in BUILDING.md
608791bfc Update to Golang 1.13.4
cfb425fc1 Update .mailmap to reduce duplicates
15669a1d3 Update to Golang 1.12.13
8f74de9e9 ctr: allow specifying --runc-systemd-cgroup
7f5d90076 ctr: allow specifying --runc-binary
0f4374169 Add proto path /usr/include to Protobuild
4c99c8132 mips: -buildmode=pie is not supported for the mips arch
fdf7a795b Clarify requirements for identifiers validation
76aa4e546 Use common identifiers package with less restrictive regex
84879b7c4 Add CGO makefile flag
7c016b655 add tests to server_test
8f9eff4fe Support disk usage in windows snapshot.
d21f0f116 windows process shim installer
a2688b972 bring back aufs and zfs
78be73662 Return not found error if no platform matched.
d12b53a07 ppc64: -buildmode=pie is not supported
5e5584196 Makefile: Drop vndr whitelist
20e844a22 Use logrus trace support.
66aa1d3ef Add snapshot walk implementations
e8c14c07c Added filters to snapshots API
f593efdf0 RELEASES.md: 1.1 EOL
aaccfcbe2 Fix `containerd config dump`.
c224edc5c apply: use naive applier when running in UserNS
37b56cafc Add ctr metrics support for Windows/LCOW containers
178469e2a Update Microsoft/hcsshim vendor
3bf461ae8 Move autocomplete files to contrib/
885232b72 bump google.golang.org/grpc v1.23.1
6356e55be Update Golang 1.12.12 (CVE-2019-17596)
074b453ac vendor: call vndr to remove useless pkgs and update vendor
7177af84a Allow 202 response code for commit
d52cbc19b snapshots/native: ignore xattr errors during CopyDir
f8cca26f3 Handle large output in v2 shim with TTY
d5b7bf51a Move flag.Parse in tests to TestMain
54257bb5e Add local-fs.target to service file
a6d3f4d30 Add device opts to ctr --privileged
ffcb1cc9b Fix delete error code on the containerd daemon side.
036db34f3 build: Fix manpage generation
06be794cb Fix shim delete error code.
901bcb223 Add distribution subpkgs to core
eaef634ef version: use runtime.Version() directly
25947db04 Add support for spec generation with host devices
c0984941e adding go version to client description
fe947e83d bump runc v1.0.0-rc9
772032598 Fix flaky btrfs test
e4e7e554d Make client's WithLease more flexible.
18be6e371 Use cached state instead of `runc state`.
f277665ed Bump runc to 1b8a1eeec3f337ab5d94f28980
e33f70385 Add more detail on releases
8ff5827e9 Update cri and cgroup packages
b5fa55b0c ctr: Enable shell autocompletion
45ce73567 Limit travis release script to a single build
0cb7e4d5f Perfect documentations
b172b7f9d Update release docs for 1.3.0
394db03f1 Fix all media types in Accept header to match RFC
90735a5d1 Update cri to 5d49e7e51b43e36a6b9c4386257c7d08c602237f.
1b1b862eb Get CRI dependency versions from containerd vendor.conf.
35d3bae1e AppVeyor: bump golang 1.12.10 (CVE-2019-16276)
95dbbdc8c Bump runc for CVE-2019-16884
62c2eea78 fix-up typo
c5821baa4 Sync and stat btrfs loopback in tests
5ea936362 Perfect documentation
a0ae24b98 Word spelling correction
85eac2550 Add release note for gc fix
cbbb6a229 Update release note.
fc31fa176 Update cri to 4ea022f82a55c449bf15bfc62ac8b0de968d81be.
0b224ac7d Update metadata interfaces for containers and leases
2a636f8c3 gen-manpages: Create man directory if it does not exist
0a2129222 Check for more kill error types
dd5122809 Don't search for state.json path
6f31417d4 Generalize media types
f3148d0b9 Add metrics type alias
57b51b948 Move golangci-lint deadline to config file
e84a84a5a Add function to set custom auth scope in context
bca374aa1 Get media type key from context
20d3fae3d Add Opt for modifying shm size
83a72858f Makefile: increase deadline to 2m for golangci-lint
b4211d94e fail on file not found for shim reconnect on containerd restart
fd6299be9 Fix density spec generation
3bc99755d Try set GOGC for golint
19ecd49ed implement ctr -connect-timeout
58892a3ba Skip darwin deploy
5bb0281d1 Fix missing vendor packages
5a656cacb Move manpage gen to separate binary
6ed809168 Publish cri release to gs://cri-containerd-release.
f997c30ec Skip cleanup in travis deploy and avoid gcs race condition.
36c543a72 Remove extra CI testing on older Ubuntu
4e8a49948 Encrypt the secret file in containerd/containerd.
f3a5b8c0a Add command to generate man pages
d1a12823b Update gcs cri release.
424d33c5b Update go-runc to e029b79d8cda8374981c64eba71f28e
3db5a5ad2 Fix darwin build for cri release
1b4cec979 Update cri test to fix image reference test and fix gcs deploy.
e3abd03ae Fix CRI release build.
61f113e60 Automate CRI tarball release.
c1fc21e92 ctr: use NewDockerAuthorizer instead of deprecated NewAuthorizer
fa11147e5 Add --env-file to ctr
5c576b026 Update and simplify mailmap
c8cb864ce platforms: update known OS and arch values
3d1fdaccc config_test: sort result before check
8788af7f8 modify-document-duplicate-word
d6a6e0b8b Support foreign and encrypted layers in the unpacker.
a4482d9a6 Fix proxy plugin config validation
01f726589 Support v1 configurations for config dump
cd79e0edf travis: fix Xenial tests not being run on master
555cb31fd Support configurable default platform in the client.
c410f0eae Fix potential panic for task in unknown state.
dd24d76a1 Fix potential containerd panic during graceful shutdown.
fa546dc3e travis: don't run old Xenial LTS on pull requests
94e4b6879 travis.yml: add TRAVIS_DISTRO env-var for easier identification
214b8328d travis: add Bionic (Ubuntu 18.04 LTS) to test matrix
b6c811b7a Update cri to 0165d516161e25e52b4ab52a404a00823f8f0ef6
db3a71173 Add 'containerd config dump' subcommand
779701b29 Add --seccomp flag to ctr
86f8be86e Add sigprocmask to default profile
f4927a298 fix mis-spelling in nvidia.go
bc692cc59 Use default UNIX env when image has no environment
a292bf0f2 bump containerd/zfs 2ceb2dbb8154202ed1b8fd32e4ea25b491d7b251
97962976a Update ttrpc to 92c8520ef9f86600c650dd540266a00
92a5b08a6 fix-grammar-mistake
372472b5f archive: truncate modification time
2d8a65b1b Export shim publisher functions
6624a70d9 runtime/opts: move WithNamespaceCgroupDeletion from containerd to its own package
8266a3c5e fix-up spelling mistake
09b184c15 rootfs: use new ctx to cleanup instead of canceled one
2f54a7cb6 bump containerd/ttrpc 9abb3e268010ea188f4e4051f77eb5aca49315fb
eb7a6bf02 bump google.golang.org/grpc v1.23.0
56bcc7767 Handle layers with the same digest in unpacker.
6f8fb9ee5 add WithImageName container opt
a40c3830d Add option to pull all metadata
55f737bd3 bump hashicorp/golang-lru v0.5.3
ed1df65c2 bump hashicorp/go-multierror v1.0.0
cbb3a3790 bump hashicorp/errwrap v1.0.0
5cab0d3f3 update the max if cur will be greater than max for setting the limit
24b9e2c1a Merge configs section by section
8ebffecbc Use map for stream processors
aae2d0d75 delete unnecessary checks and fix a test
9e183f5e5 add cli option to download all manifests
ea6c749e3 Update config doc
19cd0a4f1 Append slices when importing config files
b5f03eacd Pin to libseccomp 2.3.3
4d11bb36a devmapper: activate dm device if snap device marked as activated
bca085753 Fix toml plugin decoding
a1e3779ca Support config imports #3289
6e2228df7 Vendor github.com/imdario/mergo
6cf031e1e Pass ttrpc address to shim via env
89eae6429 Cleanup: fix some typos in code comment
d7e1b2538 Allow explicit configuration of TTRPC address
03aafaa1c Update the integration test.
60f73b6cf Support simultaneous image unpack.
550518ab8 Read trailing data on apply
348e9f7c3 Update release notes and mailmap
8acf5a142 Update release note for CRI plugin for 1.3.
041e9debb Revendor github.com/Microsoft/hcsshim
21174cb49 Change bufferSize back to 32
1073868e5 runtime: only check killall for init process
64a0b2eb2 Revendor to remove unused dependencies
7379fa663 Remove the process default ENV
5023d96ad Remove Windows EventLog logging hook
276363938 Try to preserve exit event order
04caf1fc4 Ignore fifo error when using v2 multi-container shim
9cbd18ac7 Update cri to f1d492b0cdd14e76476ee4dd024696ce3634e501.
bcc4a146e Support applying with parent directories
5a0ff41c8 Update continuity vendor
80d31d15b Update fifo for typed errors
6d0e355c6 cleanup code typos in leases.go
bee4c1a8a Add retry and non-blocking send for exit events
0d27d8f4f Unifi reaper logic into package
bb4c92c77 Fix shim hung
1c30d4d04 bugfix: override image.Env with process.Env, rather than be contrary
7682acb9e AppVeyor: update to go 1.12.9
81386df91 Add direct unpack support for overlay and aufs
1b389b362 AppVeyor: update to go 1.12.8 (CVE-2019-9512, CVE-2019-9514)
2e8ea9fd6 Allow timeouts to be configured in config
a80db38c3 blkio.go: correct help message word spells.
3ef26cd87 bump x/sys to fix riscv64 epoll
2ff7183cc AppVeyor: update to go 1.12.7
c017e0efe Use a child context for errgroup in dispatch
75771c463 Add usage function to client
b6fca48fe bump go.etcd.io/bbolt v1.3.3
0dadef19c Add docs for stream processors
d085d9b46 Remove encryption code from containerd core
282b19efd remotes: remove useless line
a3a30635e namespace: Copy ttrpc metadata before setting header
04b7f1b59 Remove ppc64le from travis
2fac3ee27 Add release notes for stream processor
116140977 Limit multiple platform manifests to one for size check
fe3638e88 Add UnpackOpts to RemoteContext
d8322e38c cast Rdev of Stat_t to uint64 for mips
af7b7cdb0 Save default namespace in the client.
552a0b1be Handle stderr in stream processors
3fded74bc Add unpack opts
26b90619e Pass apply opts through rootfs/* code
e1489f93c Use named pipes for windows processors
134d3c815 Add windows apply code
f867401c6 Use fds and pass Payloads over diff api
366823727 Add server config for stream processors
97a98773c Add StreamProcessor for apply
0bc5df035 Clarify text on `ctr` support/inclusion
0a3769eec pusher.go: error message typo correction
635ccc067 Add cri release notes
4667ee47a Update Microsoft/go-winio v0.4.14
7792c23b1 Limit default matrix to runc v2 runtime
9f0bc2b53 Add UUID and server info to introspection
08483d18a v2: Close ttrpc connection when `Delete()`
4b5dfaee1 Completely remove Windows v2 in-tree shim
2398421d5 Fix travis matrix
a5940da62 Remove `ctr cri load` and update cri-tools to v1.15.0
0a4bf1bd1 Mark faulty devices
c99961c6c Update cri to b213648c5bd0a1d2ee42709c10dff63fbfee3ad7
4b4ce4a26 remotes: remove unnecessary string formatting
d1b9ee543 travis: Enable travis CI for ppc64le arch
bb9968891 Fix containerd on windows.
3e52e2902 Fix bug in export named manifest option
594f42319 protobuf: Bump Protobuf version to 3.7.0
c965a6c4d Prevent push by tag for sub-manifests
5cf79913e gpg: Use a Pipe() rather than a file
6a2512879 gpg: Pass the passphrase to the gpg2 tool using a file
3741fd859 Remove deferred flag when removing devmapper device
b16e7c5de Update pkg/ttrpcutil with improved pipe dial logic
daf12cd19 Improve error return from AnonDialer on Windows
4d5a0e19e Mark faulty device in one transaction
878a3205c Better error recovery in devmapper
578216950 Add note about pb.txt files
f68186e10 Improve custom cgroup test
8a6190856 Add 1.3 beta release note
612628c2f fix wrong spells in compression.go
98ead46d1 Call Update of snapshotter plugin
f543f2fbc Call CloseIO when stdin closes in ctr
eb4b3e877 Fast path getting pid from task
8cd480c23 Specify protocols in ctr encrypt recipients
e3cc9c20c bug fix:#3448
c27e48d66 fix mis-spelling in client.go
22f44c44d Add garbage collection doc
02826345c Add option to compress blobs on import
9da7d3036 archive: return chtimes error with path information
3d1fa6969 Implemented constructors for both encryption and decryption
392668d00 ctr:Support deleting multiple tasks at a time
05a2b63e8 Create CryptoConfig constructors in place of dcparameters
1c7eab197 Allocate a conhost during Windows service startup
364de4c35 Wrap creation of CryptoConfig in constructors
51bc61533 Update releases doc for 1.1 release
101d4b78e Add timeout to task state calls
e097ab8bb Disable windows integration tests
f055bdb0a Remove windows v1 runtime
d531e7849 Modified image_enc_test to use a different image from other tests
5e5ae23d8 test: Check manifest.Platform before dereferencing
1945e26ac Add concurrent execs in stress tests
ffa86b25f Add new shims for checking binary sizes
c118c45f8 Change image_enc_test so that it more reliably delete images
c6d437fd7 Corrected lease implementation
c00517a94 Made fixes and optimizations to encryption GC
725d3ad8c Add --device flag to ctr
518be1cb0 Fix bug in setting request body
dd0a45dfe Add flat GC label for leases
dca17853d Add WithLinuxDevices Opt
804ae89be errors: use errdefs errors in client and commands
dde436e65 Crypto library movement and changes to content helper interfaces
bf8804c74 Implemented image encryption/decryption libraries and ctr commands
30c344394 Add crypto dependencies/vendoring
a1f3ebaec Update cgroups to c4b9ac5c7601384c965b9646fc51588
b72673fdc Makefile: allow custom base path to install
fab016c7a runtime/v1/linux: ignore ErrCgroupDeleted in Task.Start
ce0d2489a Fix regiression from #3403 with snapshot cmd
0b29c9c37 Update resolver to handle endpoint configuration
63ceaf877 Add testing log context
f63eab32e Add testing log hook to context
61d930ad5 Move specific errors to their respective packages
82826df9b Small refactor due to CI linter changes
ef7f46eb7 Fix linter errors
2b521e25a Switch to golangci-lint
abc152d14 fix name in containers file
70b00a0fa fix variable name
4988424fc * fix: view snapshot is deleted before diff
db95af43f centralize harded-code message
d643f1dc8 images: only fetch the best matched manifest info
550a6f1d7 Fix integration tests
1918ee4d1 Respect default snapshotter label
47d2ac090 Improve default label handling
4e2fc81ed Add aliases to namespaces subcommand
2a92c2741 Bump travis to criu 3.12
5ed1a3ce0 Add RELEASE note about config versioning
6601b406b Refactor runtime code for code sharing
7d2117245 Fix metadata content store to call writer digest after commit
af93e4009 ctr: Add images tag subcommand
ec8d9d3d7 shimv2: remove the dead task from runtime task list
d3e1a51f8 vendor: bump go-runc
46af8ccd2 Check exec log flags compatibility
9fda4a5fe Bumps the version of go-winio.
6b59b425e Support --log-uri for exec subcommand
844c58102 Add cgroup delete opt for ns deletion
3d3dbc8fb Handle RequestTimeout and TooManyRequests
7dfc605fc Set shim OOM scores to +1 containerd daemon score
719a2c594 Robust pid locking for shim processes
2d0379115 docs: remove shim_no_newns in ops.md
0886e4f1b No need to keep 2017 DockerCon doc
650a7e5c1 Add hashsum for release archives
cb4a8f51a bump runc v1.0.0-rc8-32-gf4982d86
bb41ef87f bump libseccomp-golang v0.9.1
174c4907d Fix shim's file IO logging
1a8df3f23 Reserve exec id to prevent race
245052243 Add timeout for I/O waitgroups
12a14c442 fix: polish log to make more clear
ec78305c4 Close the inherited socket fd
fbf96d302 Fix path in LogFile creator
63a8dee60 Switch to GitHub's new issue templates.
341c7c144 Update dependency containerd/cgroups
5e0d79380 Fix bugs in BinaryIO creator
75f183887 Allow opts to flow to the backend snapshotter during snapshot creation.
95f9bbf18 Add timeout in load shim v2
62e9e1169 switch to a working link
41e1bb832 Fix snapshotter getter in client code
052551573 Ensure labels is not nil in differ
67cf9f7f0 AppVeyor: Bump golang 1.12.6
0b7abc02b ttrpc updates for interceptors, close, and metadata
d15a06b19 docs: Fix typo to some markdown files in /docs.
dd7c0aabc remotes: support cross-repo-push
bca566736 Make newBinaryIO public
31afff294 Fix backwards compat with v2 containerd configs
bb0087280 Add user agent header to all requests
9547d269a Add v2 server config support with plugin URIs
9e0cd529d fix shim std logs not close after shim exit
fb6b0ae4c Update x/sys, x/net and bbolt modules to support Risc-V
ed308ea1e Unmount rootfs with separate Remove() in bundle
cf7fb14ef Update timestamp atomic write
4f6ba8286 Ensure close in content test
faf925ba2 Handle EOF from ReadAt in content.ReadBlob
fa6a9f063 Add ttrpc namespace support
42f24b57e Update ttrpc to a5bd8ce9e40bc7c065a11c6936f4d032ce
7531c66d5 Ensure that the rootfs dir is created in the bundle
bf24fb0ca Close file r.log after used to release resources.
5b9a43d2e Fix seccomp contributed profile for clone syscall
cee19d1e6 Change restart delay for Windows service to 15s
8a388d623 leases: support resource management
ac4485c76 Add support to gRPC errdefs for context cancel/deadline exceeded
bbe45e446 add Restart=always to unit file
a274dbe82 Fix run with specified platform
48b81e872 Do not return error when rootfs already exists.
e0c4fe411 Forcibly sync writes on lcow layer.vhd after write
5e2d7efd8 Use a single custom annotation for export
41b7b0e0d Ensure namespaced writer commit has correct namespace
7f79fbb24 Move ttrpc client to pkg/ttrpcutil
5b7a327c4 Improve atomic delete
fe6a2b03e Add shim cgroup support for v2 runtimes
62609d66d Fix typo in description comment
90c6c1af4 Pass options on shim create for v2
690706286 ctr: make ctr shim command easy to use
7b06c9a1c Add TTRPC client
5e962dd8b Remove unused Resize method from initState
66036d920 v1: Respect the `shim_debug` flag when load tasks
a6a888cb5 Bump ttrpc
fbb80b951 containerd-shim: redirect output into stdout fifo
543d1e807 Add travis_wait to prevent vndr timing out
00bc2f5cf Update to Golang 1.12, and prepare for ppc64le
67b45aef4 Add WithoutRefreshed metadata
ad25c1a9c Improve ARM platform matching
bd27bef4a Move checkpoint and restore commands to new files
cf6e00854 Fix fd leak of shim log
6f463d350 test/snapshots: umount before committing snapshot
388705317 snapshots/devmapper: deactivate thin device after committed
bdd7dce31 Add OpenLab CI configuration
660554d67 Fix error handling for task deletion.
2ed8e60fa bump google.golang.org/grpc v1.20.1
d1c59513d bump google.golang.org/grpc v1.12.2
2f22d8e67 Fix broken link to containerd logo
cb7c780af ctr images import: add --no-unpack option
ee902afa5 Compute manifest metadata when not provided.
5c9811ded Cleanup dead v2 shim.
cfc36388b Remove redundant error checks
38e369657 Use cancel on errors
eded188f4 Fix misspells
969035bcb Stop logging error on v2 multi shim log failure
c7f067f27 Update vendor/ with new required vndr go.mod files
8c5779c32 bump containerd/ttrpc 699c4e40d1e7416e08bf7019c7ce2e9beced4636
dff745680 Return NotFound error for kill and delete in deleted state.
5d17ed230 Update cri to 2fc62db8146ce66f27b37306ad5fda34207835f3.
e5aab17a0 bump opencontainers/selinux v1.2.2
dd85aea62 bump runc v1.0.0-rc8
5b9bd993a differ: fix deadlock on commit error
48f46516a Support disabling default setup of shim logger.
c79c7921c bump docker/go-units v0.4.0
dfa51c927 runtime-v1: kill shim in cleanupAfterDeadShim
0376dd460 Don't write dumped stacks to file for ETW capture state
e6fc0ed22 Convert Windows CI to use Microsoft MCR image urls
06a3a480c bump containerd/console 0650fd9eeb50bab4fc99dceb9f2e14cf58f36e7f
a333dbcfb Update x/crypto to 88737f569e3a9c7ab309cdc09a07fe7fc87233c3
0fd02564a bump gocapability
7718d060e Write stack dump to `os.TempDir()` as well
a4942ca4f Fix error on pull hang in CI
6bcf463b0 Move to sha-specified test image for nanoserver
cfb8b5573 .mailmap: update Akihiro Suda's email address
be2cbd0b2 Access to client's GRPC connection object
78f3dc433 Allow dumping stacks via ETW capture state
05dd66b2e Update go-winio in vendor.conf
c9059c767 bump mistifyio/go-zfs f784269be439d704d3dfa1906f45dd848fed2beb
63c7a879b Requeue events in the shim publisher
fc167f957 Correct PusherFunc helper to match Pusher intf
a7af3c13a Correct import path in services/server package
9cc58781f Check task list to avoid unnecessary cleanup.
97d247cd0 Rename `hrpc` to `tcpServer`
047348e19 Add dialer for events service
ae87730ad Improve shim shutdown logic
a12f836d5 Use $TEST_RUNTIME for cri test.
4b3b99ea1 Add support for required plugins.
4ba756edd Fix API forward events for shims
1a1f8f11a Set nofile to 1048576
b911ae342 Add tcp service for grpc listeners
a6f587e4c Use ttrpc to publish runtime v2 events
a8a805cad Add ttrpc server to containerd
c93d64543 Add GetOOMScore function
ae5ca8177 Refactor mount path check and add comments
7045801fd delete the ingest when any errors happen during resuming status
dcf6023c4 Extend release timeline
d5b770aa8 Introduce 'clean-test' target in Makefile
2583d9e42 update gogo/googleapis v1.2.0
a98df70da update containerd/btrfs af5082808c833de0e79c1e72eea9fea239364877
aa8dccd22 update containerd/aufs f894a800659b6e11c1a13084abd1712f346e349c
ed61d7f68 bump containerd/zfs and dependencies
d667628ca bump github.com/pkg/errors v0.8.1
68ef17835 bump github.com/BurntSushi/toml v0.3.1
1978c0b74 bump gotest.tools v2.3.0, google/go-cmp v0.2.0
2741dbe2c contrib: Dockerfile: bump go 1.12
a84f87d84 contrib: Dockerfile: add a base stage
a07e12cde contrib: Dockerfile: reformat, and use --no-install-recommends
ba9e1ea23 contrib: Dockerfile: use build-arg for go-version
4754d2aee Update image export to support Docker format
74eb0dc81 Return event publish errors.
10cf21dcf Export ExitStatus init func
a73358749 Update cri to 6d353571e64417d80c9478ffaea793714dd539d0.
de1da8be3 Update handling of registry errors
8d1ae237e Always add compressed blobs to Docker import manifest
c0f0b2131 Apply PR feedback
2a5e4c4be Skip rootfs unmount when no mounts are provided
abfc89ce0 Update CRI to master
4730088cb Update runc to resolve selinux issues
2d11f5e6d Regenerate protobufs
830b0294c Update protobuf v1.2.0
7c1365b46 bump sirupsen/logrus v1.4.1
01310eaeb do not use unkeyed fields in compose literals
90085a7ac Add empty file to prevent build from failing
baf340343 Extend Applier's Apply() method with an optional options parameter
8784eb630 Move snapshotters benchmark to a separate package
adc4fa217 Use pkg/errors for all errors
c22effb16 fix parseInfoFile does not handle spaces in filenames
559dfa59a Add configurable plugin path
d9526f5c4 Move CloudFormation template to contrib
ae04c1660 runtime: guard Close() until both streams are complete
e96ac2040 runtime: log IO error when copying output streams
515be73c8 Add snapshotters benchmark
872296642 fix shouldKillAllOnExit check for v2
fa5f744a7 fix shouldKillAllOnExit check
f7f6dd7b4 test: add custom cgroup test
2b8df8309 bump containerd/cgroups 4994991857f9b0ae8dc439551e8bebdbb4bf66c1
bc6ac0878 update opencontainers/runc v1.0.0-rc7
808b22353 Fix race and panic.
87289a0c6 devmapper: implement Usage
010b4da36 devmapper: implement dmsetup status
871094016 Windows: Build shim binary from Microsoft/hcsshim
e16e99593 Vendor Microsoft/hcsshim@8abdbb82
5d50b9c2b Extend adaptImage function with annotations case
388c8a176 Fastpath opt and ExecProcess loading
a84966451 Windows:ProgramFiles to ProgramData
6034c1950 Windows:Create root/state with ACL
7361b1987 Update Windows lcow differ to set NT VIRTUAL MACHINE\Virtual Machines SID
4c9b5ef8e Update vendor github.com/Microsoft/go-winio
d15832a4c Address review comments
8f8fd3c3a seccomp: whitelist statx syscall
908b77108 Add code to return message field of returned registry errors
9a8727cf0 Allow to import an image for the default platform only.
4506eb45b seccomp: whitelist io_pgetevents
f3ff95ab7 decouple api.ContentServer implementation package from bbolt dependency
14a050688 ctr: fix image cmd ArgsUsage
bdd84abf0 Add additional capability handling opts
a631796fd horten the unix socket path for shim
b858cfb41 Makefile: allow overriding package name
7ca2c3d68 contrib/nvidia: export helper binary path and list of Nvidia capabilities
a7aeffc22 Update mailmap for cgroup authors
e6ae9cc64 Shim pluggable logging
506b81548 remotes: add distribution labels to blob data
b8d40b353 update runc to 2b18fe1d885ee5083ef9f0838fee39b62d653e30
09cf2a629 Extend metadata images test with fieldpaths for Annotations
5124f9ee5 Write the Annotations map into the bolt db
02cc1485d Prepare boltutil for reading and writing another map
1e893b19c devmapper: add no_devmapper build tag
79248fea2 Add test for ocispec.Descriptor Annotations
34f377295 Allow WithNewSnapshot and WithNewSnapshotView to take in snapshotter options.
aaae81189 Update checkpoint opts with runtime handling
160737d2c Fix no pivot and keyring opts
0b711d616 Copy annotations around where necessary
4d2a26d75 BUILDING.md: update testing section
6424a3603 ctr/commands/images/push: don't show progress if it is debug mode
7cfb99ab9 Add content gc ref labels from containers, images, and snapshots
f0d5dd3c8 Use unix.SignalNum in ParseSignal on unix platform
1745951ba Vendor golang.org/x/sys d455e41777fca6e8a5a79e34a14b8368bc11d9ba
e13a4b67e Update the snapshotter docs to refer to the snapshots package for WithLabels.
277147135 Fix issue with NewFIFOSetInDir with Terminal true
828f6eb84 Fix a bug in shim log on Windows that can cause 100% CPU utilization
c6703d4c7 Add missing annotations map to Descriptor for gRPC transfer
d2bec5422 Bump cgroups to dbea6f2bd41658b84b00417ceefa416b97
208957ba3 devmapper: proper cleanup in pool device test
734989c2a Update README
fb8048371 docs: Add NAME section in all manpages
95f0a4903 devmapper: rollback thin devices on error
adf5c640f devmapper: don't create or reload thin-pool from snapshotter
7efda48c5 devmapper: more precise way of checking if device is activated
37cdedc61 devmapper: add linux tags, fix build
0c6d194cc devmapper: add README and minor fixes
2218275ec devmapper: register plugin
cec72efc2 devmapper: add snapshotter
3a7588252 devmapper: add pool device manager
6e0ae68e1 devmapper: add snapshotter config
fcd9dc274 devmapper: add pool metadata
809e5fd3b devmapper: add dmsetup
fe05e4d1a devmapper: add losetup
d83e4e9b3 Vendor Microsoft/go-winio@v0.4.12
e0d7ed12a Windows: Enable ETW logging
cbc032ed3 Update go.etcd.io/bbolt to v1.3.2
5e8406984 Update travis to xenial worker
84a24711e Add runc.v2 multi-shim
6bcbf88f8 Move runc shim code into common package
fd6ac5d02 Vendor sirupsen/logrus@1.3.0
b553a12be runtime: allow specifying supported platforms with config
f6ac73d71 fixing typo and added a missing comment.
4b3e0a8aa metadata: merge snapshot labels with metadata's labels
88f19a90a Windows: Update stackdump event name
14f7e5272 Unpack should set 0755 when the parent directory doesn't exist.
a6f43b549 Add website update to release process
17b2c8498 Update supported versions
b87e9eef3 Add ExecID for StateResponse
bfb266ab5 Fix some misspells in helpers_test.go
dc09ed1e1 Add image handler wrapper
a4f7b3758 Add support for TaskDelete event on exec in RuntimeV2
00895670e Stop sending stderr with TTY on Windows
6a21728fb Use defaults package for listing namespace labels
14eaad0cd Update runc to 6635b4f0c6af3810594d2770f662f34ddc15b40d (CVE-2019-5736)
98766e863 Vendor opencontainers/runtime-spec 29686dbc
225d9b120 Fix LCOW layer ordering
0190e5f39 Removes the oci.test.exe binary.
525802f9c Use distribution's reference.ParseDockerRef
3538174e6 Bump github.com/docker/distribution to 0d3efadf0154c2b8a4e7b6621fff9809655cc580
2dacef07c Add shim skeleton code
59ea134ce OCI Modifiers for Windows
d25007e54 Add structure documentation for metadata
823b7a8a0 Cleanup releases directory
7bd8dcd0d Fix potential containerd panic.
41f540621 Add release documentation
f014adfa1 readme: fix example for checkpoint
dfcc5942f Fix deadlock in Windows runhcs shim exec
da2ab865e Add documentation for using namespace labels for configuring defaults.
952d58297 Add a separate lock for pid.
9777d7689 Revert "use state machine management for exec.Pid()"
34323985a Use labels only when default namespace is provided and prefer given options.
59432aaec Take default runtime and snapshotter from namespace labels
6629f853a BUILDING: update BUILDING.md
d7ed40307 Add image pull concurrency limit.
7f5d7ff6b Update snapshots docs with garbage collector label
34672d483 metadata/gc: remove the noop-loop for snapshot reference
6ed293ba9 Fix bug in shim path lookup
d63099c4a Allow matching shim path side by side with containerd
764afa0d1 Include extension for shim binary format on Windows
dfebb404c remove excessive []byte(s) conversion
85aa8ad36 Move task events to runc v2 shim
28f8a90bd Update cri plugin to 4dd6735020f5596dd41738f8c4f5cb07fa804c5e.
bb32c0f61 Revendor github.com/Microsoft/hcsshim v0.8.4
f44469698 Return out of windows signal handler
26ab393e7 Use context.Background for `O_NONBLOCK` `OpenFifo`.
7db569771 unix.UtimesNanoAt now supported on Darwin
132ee9b82 fix: linter issue
6468619d7 Implement the Runtime v2 Shim async task model for runhcs
b444d7d50 Handle additional cleanups from prior PR
4ef9bf5c8 Windows: Publish exit status correctly in TaskExit
90caf6f6a Windows:NewDirectIOFromFIFOSet
3aec9e7be bump up runc
0befa457d Update ttrpc to support context timeout.
946e40266 Update releases files
c5a8c9fc1 Fix issue in runhcs shim CloseIO
31616e794 Fix runhcs shim bug in Create with "len(Rootfs) == 0"
bcd4cc51c Fixes a bug in runhcs shim Exec.Pid
bc76e01a8 Update runhcs options to include CRI Sandbox support
a79879e9d Add security audit report to README
dee0945e1 Fix spurious ttrpc client shutdown error log on success
64a004641 Update cri-tools to v1.13.0.
b55c9c6c3 Update cri to 4b4b2abb2eb19ad6913a6c5d2a6869a0a43a3fc1.
17b77aeb0 Fix annotation typo errors
5137fc6f1 bugfix: support application/octet-stream during pull
568b5be93 runtime: add Add/Delete method in PlatformRuntime interface
7faaa64cf fix: miss remove temp file in createSnapshot
4247f2684 metadata: define content sharing policy
1be86af10 add test for WithImageConfigArgs
36e4dc603 Ensure bundle removal is atomic
723797d32 docs: remove website leftovers
d4ecb00f6 checkpoint: return empty image if checkpointPath exist
f2344db40 do not mutate defaults in replaceOrAppendEnvValues
da9471fb1 fix oci.WithImageConfigArgs for windows
897afeaf3 Revert "Fix CI due to Golang 1.10.6 / 1.11.3 regressions (workaround)"
0ec6526fd Update the delete docs for Runtime V2 on Windows
e20ba5fa5 test: add test for c/r without image
40267382c fix ctr image export not found error
8be05eb23 Fix freebsd build
7b1e6f323 fix: use func args instead of build new one
9baecf66b fix: fix defer in loop
903abf33c Fix annotation typo error
52de37170 Fix CI due to Golang 1.10.6 / 1.11.3 regressions (workaround)
2d96aad77 bugfix: unpack should always set the snapshot gc label
a2a424197 Add timeout and cancel to shim fifo open
6f944e419 fix: SCHILY.xattrs should be SCHILY.xattr
6ccb0d062 fix: remove dead code
2db0c6c26 Explicitly stating utf-8 when fetching oauth token
603e97a9e ctr/content: make editor flag is required
7ac221e8d Adding ctr memory and cpu flags
822ae18b1 Update cgroups to 1152b960fcee041f50df15cdc67c29db
3ae8e8a30 Add shim config for shim binary options
66c20f2b7 Update runc to 96ec2177ae841256168fcf76954f7177af
79499980e Kill should still work in stopped state.
27ba2db10 Revendor github.com/Microsoft/hcsshim to v0.8.3
2d3a4f99e should no defer when detach
70084ea6c Add /proc/asound to masked paths
6daf8b778 Eliminate misuses of errors.Wrapf
a404f27a0 Add more adopters
6593399e9 cr: support checkpoint/restore without image
996c60616 fix: fix error info start capitalized
b4a642f6a Add dumpStacks support for containerd on Windows
40d898a82 Windows: Allow running as a service
97dd5df66 Update runc to v1.0.0-rc6
09bf314bf Cache shim v2 exec.LookPath results
fd16bf6d4 runtimev2: add image-path and work-path for c/r
83ebcf999 runtimev1: add image-path and work-path for c/r
f90e5d564 Move ctr run --isolation to Windows only
bbc2a995f use state machine management for exec.Pid()
461222dba fix: should get runtime name from container info
2101b1362 add ctr delete --exec-id to debug DeleteProcess
a2e8ab9ff remotes: avoid panic with default resolver conf
7d91d631e Lock `KillAll`.
9639db552 refactor: no need defer in closeAll
e76a8879e fix pipe in broken may cause shim lock forever for runtime v1
b3438f7a6 fix pipe in broken may cause shim lock forever for runtime v2
956e49a36 Revert v2 dropped events
1d4105cac Use named pipes for shim logs
581a63ce4 Add build requirement doc on fedora/centos
01f5aa387 add flag -d for ctr t exec to run a service in container
51ad4d302 change args usage for ctr c create
bd2a21985 fix container cmd args may parsed as ctr args
90880078b Adding a --load-kmods flag to the NVIDIA OCI hook
e1a59ba0f Update runc to 10d38b660a77168360df3522881e2dc2be
8e25ca6bf Revendor github.com/sirupsen/logrus to v1.0.3
0e7a70dbf skip already exists content
6f2f4e434 checkpoint: add copts to checkpoint; save snapshotter to annotation
40caece8d update tests
4fdf720b8 move rw to opt; make snapshot opt; move to NewContainerOpts
147208061 add image name and runtime name media types; remove task operation on checkpoint
ce0673fd7 Restore take image
0e4d9da75 remove task handling from Restore
2d3db08da refactor spec and snapshot restore into opts
45c700a95 refactor checkpoint and restore to client
555ea3fb4 Ignore modprobe failures in ExecStartPre (systemd unit)
abd971cfb Revendor github.com/Microsoft/hcsshim
831a41b95 Fix process locking and state management
c4feaa75c fix: fix failed to get container-shim relation with io.containerd.runc.v1
c524b9ce4 Partially revert the event discard change in #2748.
38d7d59e8 enhance: update v1/v2 runtime
ce6d4c9a9 add docs/rootless.md
dd0539b09 ctr: add --cgroup for oci.WithCgroup
18363d0c9 Add ADOPTERS.md file
354dab0ca Forward ctr.exe --debug as io.containerd.runhcs.v1 options
a33ad4024 Implement io.containerd.runhcs.v1 shim log opts
ec3dbd155 Add io.containerd.runhcs.v1 shim proto options
7d70d2b78 Fix Makefile to run protobuild on paths with spaces
83f4ab885 makefile: remove emoji on Linux
8329a491b Build Windows V1 and V2 runtimes always
124194b98 check task existence before new task
a02f7cea8 bugfix: use skip-verify flag in ctr instead of insecure
2bb7da843 Fix mingw version back to working version with Golang
068880ff1 Add custom headers option to dockerResolver
fa912a79b update link for slack invite
7c85d873a fix typo in ResolverOptions.Credentials documentation
232a06349 Increase reaper buffer size and non-blocking send
00ba92364 bugfix: CloseIO should return correct status code
1cc93460d Bump aufs for unsupported errors
1301813f7 Update ZFS for unsupported warnings
16aaf6c06 Change unsupported snapshot warnings to INFO
07237e34e Bump to Go 1.11.x
c206da795 optimize shim lock in runtime v1
c5a0c7f49 Add build option "GODEBUG=1"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|
Hongxu Jia
|
4846ff50ea |
containerd-opencontainers: building unstripped binaries
It defaults to "-s -w" [1] which strips debug information, refresh a backported patch to build unstripped binaries https://golang.org/cmd/link/ Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
2ffb3332c4 |
containerd: update to 0.2.7
Updating to the latest containerd 0.2.x release. No build changes were required, and runtime behaviour is the same. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
8c1284f921 |
containerd: update to v1.2.4
Updating containerd to 1.2.4 (and switching to the release branch for our git hash). The following commits are in this update: e6b3f563 Merge pull request #3002 from estesp/prepare-1.2.4-release 5d1443dc Prepare v1.2.4 release 2095626c Merge pull request #3014 from thaJeztah/1.2_bump_cri 78286104 Merge pull request #3013 from thaJeztah/1.2_backport_windows_changes 3cbdf9e4 [release/1.2] update containerd/cri to da0c016c830b2ea97fd1d737c49a568a816bf964 dfa19e59 Windows:NewDirectIOFromFIFOSet 84a14ae0 Update runhcs options to include CRI Sandbox support 6a8198b0 Forward ctr.exe --debug as io.containerd.runhcs.v1 options d40cc95f Implement io.containerd.runhcs.v1 shim log opts 30ca1c55 Add io.containerd.runhcs.v1 shim proto options 7908802c Fix Makefile to run protobuild on paths with spaces 583472f6 Merge pull request #2998 from thaJeztah/1.2_backport_bump_runc_cve_2019-5736 b4bf3e34 Update runc to 6635b4f0c6af3810594d2770f662f34ddc15b40d (CVE-2019-5736) 74133fa4 Merge pull request #2995 from thaJeztah/1.2_backport_remove_normalize_image_ref ed756ffd Use distribution's reference.ParseDockerRef 2fb38236 Bump github.com/docker/distribution to 0d3efadf0154c2b8a4e7b6621fff9809655cc580 7f5f1176 Merge pull request #2974 from ehazlett/release-v1.2.3 7216861d Update for 1.2.3 release 5de147d9 Merge pull request #2984 from Random-Liu/update-cri-release-1.2 f7ac34e3 Update cri plugin to c3cf754321fc38c6af5dfd2552fdde0ad192b31d. 0137339c Merge pull request #2977 from crosbymichael/io-panic 7daf0804 Fix potential containerd panic. 2fd20f11 Merge pull request #2972 from crosbymichael/exec-lock 5730c500 Add a separate lock for pid. b9b7ef32 Revert "use state machine management for exec.Pid()" dba2e5e5 Merge pull request #2965 from fuweid/remove-noop 9b6a318a metadata/gc: remove the noop-loop for snapshot reference d86a73a4 Merge pull request #2946 from fuweid/platformruntime dd29d5c3 Merge pull request #2947 from fuweid/pull-oct a0b4da71 bugfix: support application/octet-stream during pull b4d38c0f runtime: add Add/Delete method in PlatformRuntime interface af900154 Merge pull request #2955 from Random-Liu/cherrypick-#2944-release-1.2 ab2cf013 Use context.Background for `O_NONBLOCK` `OpenFifo`. fa60b5be Merge pull request #2953 from thaJeztah/1.2_backport_fix_xattr 2244a20c fix: SCHILY.xattrs should be SCHILY.xattr 8c9ede4f Merge pull request #2950 from crosbymichael/lint-release bf3c932a [release 1.2] fix: linter issue 5c38d942 Merge pull request #2932 from AkihiroSuda/runc20190115-1.2 32f10c77 bump up runc 97548718 Merge pull request #2917 from dmcgowan/release-1.2.2 ef637041 Update for 1.2.2 release 4bb2b0c3 Merge pull request #2912 from Random-Liu/update-cri-release-1.2 f30fd023 Update cri to 0d5cabd006cb5319dc965046067b8432d9fa5ef8 (branch release/1.2). 46e63338 Merge pull request #2893 from thaJeztah/1.2_revert_temp_golang_fix e71a191f Revert "Fix CI due to Golang 1.10.6 / 1.11.3 regressions (workaround)" aa5e000c Merge pull request #2878 from andrewhsu/backport-1.2-fifo-timeout 31be8649 Merge pull request #2881 from thaJeztah/1.2_backport_fix_ci_golang_1.11 27c6449c Fix CI due to Golang 1.10.6 / 1.11.3 regressions (workaround) 18f57e20 Add timeout and cancel to shim fifo open 9b32062d Merge pull request #2852 from dmcgowan/prepare-1.2.1 51134077 Update version to 1.2.1 dcc47ddd Merge pull request #2861 from dmcgowan/cherrypick-1.2-2857 4c327b8e Update runc to 96ec2177ae841256168fcf76954f7177af b65a1137 Merge pull request #2860 from Random-Liu/update-cri-release-1.2 18e453e4 Update release note. 586807a8 Update cri plugin to 0ca1e3c2b73b5c38e72f29bb76338d0078b23d6c. 4b284fa3 Merge pull request #2856 from Random-Liu/cherrypick-#2854-release-1.2 b413e843 Kill should still work in stopped state. a06cddc2 Merge pull request #2845 from nnttmm/backport_2826 176a5621 Merge pull request #2842 from thaJeztah/1.2_backport_update_runc_1.0-rc6 8dc87dd8 Merge pull request #2847 from thaJeztah/1.2_backport_mask_asound 703786c5 Add /proc/asound to masked paths c42c8952 use state machine management for exec.Pid() 93d5b4b0 Update runc to v1.0.0-rc6 de1f167a Merge pull request #2819 from dmcgowan/prepare-1.2.1-rc 27d72ba7 Update version e3840cce Add 1.2.1 release notes 940c0c06 Merge pull request #2817 from Random-Liu/cherrypick-2811-release-1.2 4598ec21 Lock `KillAll`. e429785c Merge pull request #2815 from thaJeztah/1.2_backport_shimlockwhenstdinclose 9be591e4 Merge pull request #2803 from crosbymichael/cherry-proc-lock 309973ed Merge pull request #2801 from crosbymichael/cherry-runc e4c49d70 Update runc to 10d38b660a77168360df3522881e2dc2be cd83a4e0 fix pipe in broken may cause shim lock forever for runtime v1 275f99fe fix pipe in broken may cause shim lock forever for runtime v2 39cd8634 Merge pull request #2795 from estesp/cherrypick-optimize-shim-lock 3afc3f14 Merge pull request #2796 from estesp/cherrypick-exit-ch-buffers f9323ca9 Revert v2 dropped events 4c72befe Fix process locking and state management 14dc3078 Partially revert the event discard change in #2748. 417d6941 Increase reaper buffer size and non-blocking send 7ef5285b optimize shim lock in runtime v1 040e73fd Merge pull request #2792 from estesp/cherrypick-update-hcsshim-vendor c4a256d3 Merge pull request #2790 from estesp/cherrypick-v1v2-runtime-fix 73758765 Temp: add appveyor enablement for release/1.2 branch 090e3e98 Revendor github.com/Microsoft/hcsshim 046b6c6d enhance: update v1/v2 runtime 7ff9f681 Merge pull request #2784 from Random-Liu/update-cri-release-1.2 54895c0b Update cri to 2bb57d27203d82fc79c496aea724aec593b2705a. cd0ecb78 Merge pull request #2779 from thaJeztah/1.2_backport_ignore_modprobe_failures c4acd17e Ignore modprobe failures in ExecStartPre (systemd unit) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
f4853222b5 |
containerd: update to v1.2.0
refreshing the containerd support to 1.2.x. We have to tweak the package linking and update the go compile patch, but otherwise, the build is unchanged. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> |
||
|
Bruce Ashfield
|
fcc09c8c36 |
runc/containerd: fix build with go 1.9.x
go 1.9.x was triggering linkage errors on some build hosts due to missing symbols. | tmp/work/core2-64-poky-linux/runc-docker/1.0.0-rc5+gitAUTOINC+4fc53a81fb-r0/recipe-sysroot/usr/lib/../lib/libc.a(dl-reloc-static-pie.o): In function `elf_mac: | /usr/src/debug/glibc/2.27-r0/git/sysdeps/x86_64/dl-machine.h:59: undefined reference to `_DYNAMIC' | tmp/work/core2-64-poky-linux/runc-docker/1.0.0-rc5+gitAUTOINC+4fc53a81fb-r0/recipe-sysroot/usr/lib/../lib/libc.a(dl-reloc-static-pie.o): In function `elf_get: | /usr/src/debug/glibc/2.27-r0/git/elf/get-dynamic-info.h:48: undefined reference to `_DYNAMIC' By ensuring that our sysroot provided go binary and build flags make it into the build enviroment we can build properly with 1.9 and 1.10 Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> |
||
|
Bruce Ashfield
|
935e3d969e |
containerd: uprev to v1.0.2
Uprev containerd to v1.0.2 for compatibility with recent docker (18.04+) builds. With this uprev we also significantly restructure the build to use more of the latest oe-core go build infrastructure, but non-standard parts of the build remain. We also allow containerd to be build with CGO enabled to avoid linkage errors with the oe provided go build infrastructure. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> |
||
|
Bruce Ashfield
|
7d6284a079 |
runc/containerd: create virtual/runc and virtual/containerd
Since there are two implementations of runc and containerd that may not always be in sync, the docker variant, and the opencontainers variable, we create a virtual/* namespace for these components. Anything requiring runc or containerd should set a preferred provider to get the desired/tested variant. We set the default provider to the docker variants, since they are the primary use case for these components. Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> |