MIRRORS/meta-virtualization
1
0
Fork 0
mirror of git://git.yoctoproject.org/meta-virtualization.git synced 2025-07-19 20:59:41 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
2,021 Commits 38 Branches 0 Tags 9.2 MiB
f13ced4d8d
Commit Graph

2021 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Bruce Ashfield
3110725635 cri-o: update to 1.23.1 
Bumping cri-o to version v1.23.1-16-g1607c6ec2, which comprises the following commits:

    f2d8f69e3 config/sysctls: validate against invalid spaces
    b1932286d server: stop deleting pod from idIndex if already gone
    bccfd5110 [1.23] ci: use kubernetes 1.23, cri-tools 1.23
    2630e0f88 contrib/test/int/build/kubernetes: rm deprecated RunAsGroup
    e50405e5a hack/build-rpms.sh: fix yum-builddep failures
    574393461 image: use imageCache value for ImageStatus()
    4559c3328 oci: fix a leaked goroutine
    e19f812f9 Reuse createContainerIO in CreateContainer
    c9b4eb84e Fix vm containers couldn't restore after CRI-O restart
    3899601f9 release-notes: add args for checksum fields
    abe57a58b Updated format
    b2fba4cf7 Generate checksum files for artifacts
    0c619fc21 bump to v1.23.1
    24092dd77 test: add test for skipped sysctls
    b2ac1b7ca server: skip sysctls that would affect the host
    8d512cbac server: don't set memory swap when it's not enabled
    ac75b6cf0 deep copy List{PodSandbox,Container} structs
    76e9feca0 ci: use main branch for conmon
    54b6b7932 server: fix race with kubelet
    987bd1366 Fix runtime panic on pod sandbox stats retrieval
    a8513868c ci: use main version of runc
    a6d6d3dde openshift e2e: bump ci image
    8520be5fc server: fix a potential NULL-pointer dereference.
    bc38aa734 pass the main mount point to fix crypto profiles binding
    dc4bea916 test: update tests for allowed_devices
    0f57bf75c config: add AllowedDevices option
    dc224daf3 server: drop duplicate log message
    11ffa6cbe test: add test ensuring a stopped pod is restored
    a1ada429a sandbox stop: remove namespaces
    89eccb5fc restore: handle removed namespaces
    873414dbf Partially revert "restore: restore stop before managing namespace"
    fe0e69dc8 restore: ensure containers are wiped on reboot
    b905626d9 use cmdrunner singleton
    228f82dbb conmonmgr: refactor for new CommandRunner
    97bbe0637 cmdrunner: update mocks and add target to makefile
    8ec9ce138 config: prepend commands with taskset if InfraCtrCPUSet is configured
    81761eb2e cmdrunner: add tests for prepended commands
    9c915e269 cmdrunner: create singleton
    499540011 Use timeout for conmon cgroup move
    04e8e4081 Fixed a problem where metricImagePullsBytesTotal was getting updated twice and on second call getting incorrect labels
    021b5ba00 vendor: bump c/image to 5.17.0
    dba27ab7e Add new metrics that match Prometheus best practices and reduce cardinality * add metrics with new names that match naming best practices   * use _total for all counters   * use base unit seconds, bytes * metrics that do not follow best practices have been marked deprecated,   these can be removed in a future release, it is to ensure non-breaking change   for couple of releases
    e7aa30fdc unit test: fix relative log test
    acc746e52 unit tests: update pinns path in case it isn't found in PATH
    9f584ca4c test: skip target tests for userns
    972c29c2d test: add test for target namespace
    0176d5f92 add support for target PID namespaces
    da0de5373 test: give testunit sudo
    4b0d40ad4 oci: add managed pidns to container object
    1fa69c707 pkg/container: take container namespace configuration
    546732eed nsmgrtest: take some namespace related test code
    440ba9feb nsmgr: add function to pin existing namespace
    e122cb4f0 nsmgr: take (and rename) NamespacePathFromProc
    8db9a89a5 pkg/sandbox: take config initialization
    6f4e7bf8c Bump Kubernetes to v1.23.0
    da8f9a07e set user.max_user_namespaces in case it's not
    b8a766213 lint: bump cyclo complexity
    0864aed84 gh-actions/contrib: setup sub{g,u}id
    067551101 docs: add tutorial for setting up user namespaces
    5d3c5a67f oci: put conmon in infra ctr cpuset if it is in the pod cgroup
    231a358d2 test: add tests for user namespace annotations
    ce3699969 test: move workload creation function to helpers
    87aede8d5 cni manager: catch server shutdown
    f3d2c601e server: notify user when network isn't ready yet
    99e93ee58 stop using hardcoded "pod" const
    9f81e4a00 oci: always reap conmon zombies
    ab1b1aaaa clarify some error messages
    96679844e Drop intermediate CRI types
    3162e0552 Relabel containerenv files
    f154c7c3c Add minimum_mappable_(u|g)id settings
    bbc944cf6 Fix runtime panic on stats server shutdown
    efcf8afe6 restore: restore stop before managing namespace
    dec3bf5c9 server: add {,List}SandboxStats
    5ba5cb0be server: refactor sandbox list
    64870e3d8 server: use stats server to get container stats
    b17b7dfd9 container server: use stats server
    7f136833c stats: add stats server
    43db34fb6 config: add StatsCollectionPeriod field
    2569255c9 cgmgr: move most of stats handling to cgmgr
    c6efa96ee oci: make changes in preparation for moving stats functionality:
    536c08423 server: stub {List,}PodSandboxStats
    542eb5580 server/cri: add PodSandboxStats support
    ad71bd9ff vendor: bump cri-api
    c5dd30dd1 server/cri: refactor to make stats processing unified
    a598debac pkg/config: use iota
    40dcd6da9 Add go 1.17+ go:build tags
    6fbd6773f Remove redundant build tags
    3064a9d7a Add containerenv file to containers This file indicates that the current environment is inside a container environment. The same technique is used by podman and docker. The same file name/path as podman was used, as it is vendor agnostic.
    86538358a build(deps): bump github.com/containerd/containerd from 1.5.7 to 1.5.8
    5fb7618d5 config: merge runtime and workload allowed annotations
    28b01dad2 Updates kubeadm.md: The cgroup property is removed in [kubeadm-config.v1beta3](https://kubernetes.io/docs/reference/config-api/kubeadm-config.v1beta3/)
    5a510ad7f build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
    99027c321 Specify runtime table format in  the error message
    1f7b886d7 build(deps): bump github.com/containerd/ttrpc from 1.0.2 to 1.1.0
    cbfab09d5 server: fix segfault when using cgroupv2
    0f99f3348 gh-actions: add sed for kube e2e
    880744562 release-notes: update to main
    60615f0a3 build(deps): bump github.com/onsi/gomega from 1.16.0 to 1.17.0
    8530f0a38 build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
    8daa9039a Bug 2012838: fix override storage options from storage.conf
    0ce45a372 oci: fix deadlock in container stop code
    cf7f6f5af build(deps): bump google.golang.org/grpc from 1.41.0 to 1.42.0
    a216d3d24 oci: always close chControl
    1e8e40aaa oci: make some channels buffered
    3036101b0 build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
    cf3524471 build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
    2e1048422 build(deps): bump github.com/godbus/dbus/v5 from 5.0.5 to 5.0.6
    10f8f17c4 Add annotation that makes /sys/fs/cgroup writable
    7f747dde0 Add support for CNI plugins v1.0.1
    ec6305762 bump(deps-opentelemetry)
    37418e122 pin go.opentelemetry grpc/otelgrpc v0.25.0
    c16429eb1 opentelemetry: add gRPC tracing
    2a5623a2e build(deps): bump k8s.io/klog/v2 from 2.20.0 to 2.30.0
    3571d9c74 build(deps): bump github.com/go-logr/logr from 1.1.0 to 1.2.0
    ca38caa74 version: bump to 1.23.0
    808681227 build(deps): bump github.com/containers/podman/v3 from 3.3.1 to 3.4.1
    0b1b2061f build(deps): bump github.com/containers/common from 0.43.2 to 0.46.0
    8f1daefc6 test: drop swap disable playbook
    f253acb15 server: add support for CRI unified field
    cd8bc4c1f server: implement swap support
    9ab385d44 server/cri: add support for 1.22 features
    aca331db3 test: bump cri-tools version
    518fceb63 scripts: pin cri-tools version
    97773983e server: reduce needless copying for sb.NamespaceOptions
    b8b2f308d oci: refactor internal structure to use CRI type
    9c813715d oci: use server CRI metadata type for containers
    91289b929 sandbox: refactor internal structure to use CRI type
    e45403022 sandbox: save createdAt as a int64
    99cb4a362 build(deps): bump github.com/containerd/cgroups from 1.0.1 to 1.0.2
    c119e253d build(deps): bump github.com/creack/pty from 1.1.16 to 1.1.17
    6845b4233 build(deps): bump github.com/Microsoft/go-winio from 0.5.0 to 0.5.1
    f61a4e097 Bump Kubernetes to v1.22.2
    2cf307d2e sandbox: use server CRI metadata type
    01ee37390 docs: emphasize deprecation notice
    b7a80f137 update documentation for workloads
    83518f098 add allowed annotations to workloads
    b6b3f4cbb Log HTTP response writer message instead an error
    20ad4f609 oci: use c/common signal parsing function
    13182e64b Skip volume relabel for super privileged containers
    cd2b0028a oci: chown stdin pipe to user in the container
    c0a8f339c test: fix selinux test failures
    f27efb28a build(deps): bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5
    cd7f7cb46 Fix runtime handler docs
    63d69d2a7 build(deps): bump github.com/containers/image/v5 from 5.15.2 to 5.16.1
    b753b04a2 scripts: fix release branch forward script
    87b8e5d05 server: FilterDisallowedAnnotations of containers earlier
    0e02798d6 server: conditionally relabel volumes given annotation
    99dac5fb8 build(deps): bump github.com/containers/storage from 1.36.0 to 1.37.0
    6ec1ec47c test: refactor allowed_annotation tests
    e70542f26 server: reduce args in addOCIBindMounts
    f3106693c build(deps): bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1
    74177a645 test: add label for openshift e2e in dockerfile
    b2e665754 build(deps): bump github.com/containerd/containerd from 1.5.5 to 1.5.7
    28043f5a9 test: skip certificate check for downloading parallel
    086386bb1 Remove usge of deprecated apt-key in Ubuntu install
    7ca329409 Fix install.md links
    0f455e285 build(deps): bump google.golang.org/grpc from 1.40.0 to 1.41.0
    245a88040 use a more appropriate console with code block
    8c088319f build(deps): bump k8s.io/api from 0.22.1 to 0.22.2
    ef861e8c7 build(deps): bump k8s.io/cri-api from 0.22.1 to 0.22.2
    c7e8c26f5 build(deps): bump sigs.k8s.io/yaml from 1.2.0 to 1.3.0
    757c863d5 build(deps): bump github.com/creack/pty from 1.1.15 to 1.1.16
    5dd999e05 build(deps): bump k8s.io/apimachinery from 0.22.1 to 0.22.2
    683428d75 fix node e2e
    756543ec8 build(deps): bump github.com/intel/goresctrl from 0.1.0 to 0.2.0
    d56449c4c bump crio commit used by node e2e installer
    615ba94fd server: mount cgroup if hostNetwork
    77b1a6e62 server: use container level host network setting
    45366c8c7 server: don't recalculate hostnet
    6493d8640 Fix typo in install.md
    7071e5b3d Remove one of the explanations for `bind_mount_prefix` because it is duplicated.
    7fe435d7d node e2e: keep infra container
    c6f1ed4d5 add unit test for the `server/sandbox_remove`.
    ce96d93c2 test: fix journald test for new conmon
    9ada36be0 fix shfmt
    19fb1db10 update `install.md` for debian and ubuntu
    5b1c43bbb build(deps): bump github.com/json-iterator/go from 1.1.11 to 1.1.12
    0833f62f3 build(deps): bump k8s.io/client-go from 0.22.1 to 0.22.2
    f5ebb6c23 fix shfmt
    61e08418a server: set spec when dropping infra
    68c8989f8 Update 'master' branch links to 'main'
    7fc2f88ce bumps pause image to 3.6
    3fd1cd226 server: don't wait forever on conmon cgroup move fail
    a9add6909 build(deps): bump github.com/containers/storage from 1.34.1 to 1.36.0
    d7cc66fe8 Remove bashism in sh script
    15f7f7e4e Do not log if Intel RDT is not supported
    b9ad2de69 build(deps): bump github.com/godbus/dbus/v5 from 5.0.4 to 5.0.5
    eb45b4891 Fix cluster.yaml for kubectl create
    69e88512a call cmd.Wait() in all cases we call Start()
    07328622a oci: call wait on conmon if cgroup move fails
    a377aec52 build(deps): bump github.com/go-logr/logr from 1.0.0 to 1.1.0
    38f41c16a Fix `crio_image_pulls_layer_size_` metrics docs
    9195a3417 Adapt to klog incompatible changes
    a5716420b build(deps): bump k8s.io/klog/v2 from 2.10.0 to 2.20.0
    6b96358ef Add `--profile-cpu` and `--profile-mem` options
    ed0eca0f1 build(deps): bump github.com/containers/podman/v3 from 3.3.0 to 3.3.1
    88f5e154d server: remove ineffective `updateLock`.
    05e662469 Fix missing quantile in `latency_microseconds_total` metrics
    681aa32ed Update crio commit for node e2e
    94b9b8688 build(deps): bump github.com/fsnotify/fsnotify from 1.4.9 to 1.5.1
    c8ecab3da Bump runc binary to 1.0.2
    0d640e6f9 Switch to go1.17 for CI
    8bbbbf2b5 fix debian 10 build doc
    639d494cd test/testdata/sandbox_config.json: fix the dns_config
    af555c038 adds updating instructions to install.md

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-03-21 17:31:28 -04:00
Bruce Ashfield
9c35224e1c containerd: update to v1.6.1 
Bumping containerd to version v1.6.1-4-gd12516713, which comprises the following commits:

    b13d3e05c cri: relax test for system without hugetlb
    b325d5647 update to go 1.16.15, 1.17.8 to address CVE-2022-24921
    787b4671d Prepare release notes for v1.6.1
    444eba43d containerd-shim-runc-v1: return init pid when clean dead shim
    37bb915c6 containerd-shim-runc-v2: return init pid when clean dead shim
    9f316fa4b Use fs.RootPath when mounting volumes
    8713c0472 Prepare release notes for v1.6.0
    f261498e0 Update Go to 1.16.14, 1.17.7
    fa19714db Update go-cni to v1.1.3
    6e3cc28a6 Wait for containerd installation in GCE scripts
    c0f818846 Update go-cni to v1.1.2
    dea7ae27a Add instructions on using go with admin perms
    4f0d5f0ee Enable TestContainerPTY and TestContainerUsername
    732103271 Change the context to avoid misunderstandings
    6827eec7a Prepare release notes for v1.6.0-rc.4
    b0623a06e Change file name for shim binary path
    daaf031e2 Use white logo in github dark mode
    efc6ca4c4 Prepare release notes for v1.6.0-rc.3
    7e821fb61 fix: .dockerignore makes git working tree dirty
    ac2692d30 containerd-stress: introduce option for specifying image
    8b9571e34 containerd-stress: start task ctr before starting execs
    9b1fb8258 cri: fix handling of ignore_rdt_not_enabled_errors config option
    dcbe3e471 docs: add Talos Linux to the list of adopters
    821c961c8 pkg/oom/v2: handle EventChan routine shutdown quietly
    2d9d5fddb Document fs_type and fs_options in snapshots/devmapper/README.md
    a31e28e2c Prepare release notes for v1.6.0-rc.2
    8944c12f5 Update releases document
    8d69c041c Update cgroups to v1.0.3
    bec6e4dd6 platforms.Normalize(): do not reset OSVersion and OSFeatures
    34f717349 seccomp: kernel 5.16 (futex_waitv)
    8632bdcb7 seccomp: kernel 5.15 (process_mrelease)
    c013db696 seccomp: kernel 5.14 (quotactl_fd, memfd_secret)
    17a2831f7 seccomp: kernel 5.13 (landlock_{add_rule,create_ruleset,restrict_self})
    1329ea371 seccomp: kernel 5.12 (mount_setattr)
    cc59ae4d9 tracing: return (ctx, span) from StartSpan
    e751f1f44 tracing: support OTLP/HTTP in addition to gRPC
    813a061fe oci: use readonly mount to read user/group info
    c0e00f19a fix acr fetch token 400
    4cd9f37f5 Fix windows periodic workflow
    4aff7431f Fix possibly incorrect media type default on import
    3ffb6a611 shimv2: handle sigint/sigterm
    f048a2593 docs: add doc-comments on GC-related methods
    31a710c49 fix: should not send 137 code event if cmd is notfound
    936faf9c9 fix empty scopes return
    c1e17d8ba Prepare release notes for v1.6.0-rc.1
    4f552b077 Compile binaries for go1.16 and go1.17 in CI
    7d7064e6b Integration: Change to Windows Server 2022 build number constant
    2898004a5 Update kubernetes vendor to 0.22.5
    4e9e14c2b Fix rdt build tags for go 1.16
    af83e9af1 platforms: add support for matching amd64 variants
    af39d2ad7 go.mod: Update hcsshim to v0.9.2
    fcb7bd699 Remove api go submodule
    46312f4a1 Update makefile to remove API submodule
    ed0828bb6 delete useless code
    21a748e38 go.mod: github.com/opencontainers/runc v1.1.0
    dba897c35 update runc binary to v1.1.0
    d5e8edf2d Do not automatically inject client traces
    69ae95531 tracing: fix OTLP tracer's initialization
    8dd36423b Revert "Add shared content label to namespaces"
    a1ba38056 Update caching logic to avoid map access
    ce3871966 services/introspection: support to show introspection grpc service
    a018ae3f6 Prepare release notes for v1.6.0-rc.0
    919797163 Integration: Switch to `upload-cloud-storage` Gcloud action.
    8a2b61356 Integration: Switch to using `auth` Gcloud action in Windows workflow.
    c0a31a7a4 Add ppc64 support for test images
    a303d552a ctr: Unify the delete subcommand alias
    b35fb7d44 remove io/ioutil
    d05194f0a ctr: flag to toggle non-distributable blob push
    f77989036 Add image handler to skip non-distributable blobs.
    8c194d8f3 gha: run CodeQL scan on pull requests
    f99e92359 Enable critest tests on Windows Server 2022.
    55b89eabf Parametrize CRITest test images in Windows Periodic workflow.
    18592b2f5 Fix wrong log message
    bdc852190 test: e2e node COS cgroupv2 script
    e38946d86 Updating adoption of containerd for AKS
    8aca314dd Update error message for apparmor parser
    48c7529de Fix incorrect error wrapped when closing ingest file
    0c2c289d4 Fix seek error used without nil check
    8816006d1 Fix followup items from errors replacement
    a94f32ce0 update the adoption status of containerd in GKE
    adee2c797 seccomp: add support for "swapcontext" syscall in default policy
    4f0f36350 corrected link in cri architecture documentation
    d3724a6c1 go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt}
    bbe46b8c4 feat: replace github.com/pkg/errors to errors
    e43d4206a Update k/k to 1.23.0
    8d5af6be8 Prepare release notes for v1.6.0-beta.5
    9c2e3835f cri: add ignore_rdt_not_enabled_errors config option
    eba104816 Update dependencies
    f4a191917 cri: annotations for controlling RDT class
    eae14688c tasks: add Linux rdt support
    9e755d12e cmd: add --rdt-class command line option
    2946db890 oci: implement WithRdt
    df21828d2 content/local: use syscall.Timespec.Unix
    85326d76f fix: only test abstract unix socket on linux
    90426378e Integration: Check GCP secrets on Windows CI artifact upload.
    97623ab0c remotes/docker: allow fetching "refresh token" (aka "identity token")
    8094f50dd remotes/docker/config: allow setting custom AuthorizerOpts
    8e6afaa20 Fix $(PWD) issue for Windows makefile
    653b8b02a Expect ErrorNotFound on Windows after Kill()
    ac8129706 fix: use _ for consistency
    f39b3ac7e fix(ctr): enable networking for Windows containers
    0ff87a892 Replace tskill with taskkill
    aadae6d50 Fix flakiness on Windows for list stats
    d53c43133 Fix no-daemon flag for integration/client tests
    5c2edeffb Upgrade k8s.io/klog/v2 from 2.9.0 to 2.20.0
    2ee3ce510 Use insecure.NewCredentials instead of grpc.WithInsecure
    2fb739aa2 Upgrade OpenTelemetry dependencies
    34c4abc34 Fix default makefile target for windows
    78ad7a2d3 cri-integration: Add Windows default paths
    abcf7c2f6 Disable TestContainerHook on Windows
    f1c799331 seutil: Fix setting the "container_kvm_t" label
    c8a009d18 add-list-stat: return container list if filter is nil
    f83ab813d Use task plugin for runc shim
    04e57d71b Seperate shim manager and task service
    44b28b61f medatada: make namespaces' deletion error less cryptic
    20419feaa cri, sandbox: pass sandbox resource details if available, applicable
    9e9ee66bf integration: deflake TestContainerdRestart
    dd26d3d09 feat: support custom timeout for blot open
    c0d07094b feat: Errorf usage
    0e472420b Update Go to 1.17.5
    569042e6d Prepare release notes for v1.6.0-beta.4
    552a27081 Disable restart monitor test in Windows
    b7f673790 OCI: Mount (accessible) host devices in privileged rootless containers
    7f70ff967 oci.getDevices(): move "non-dir, non '/dev/console'" case into switch
    2c96d5b06 Run windows parallel integration test as short
    807213fd3 Update restart monitor test to output daemon logs on failure
    9b0303913 only relabel cri managed host mounts
    90cdc6c9a images/converter: remove deprecated types
    fc8138468 go.mod: update image-spec to latest (v1.0.3-dev)
    2d3009038 cri/server: use consistent alias for pkg/ioutil
    dc13bcd51 Enable lazy init for ext4 with devicemapper
    68dabdcc6 Use RFC3339 format so rg cleanup works
    6f9d80907 Remove Windows integration testing for 2004.
    77a321a07 Replace find with native Go code
    22dc60e05 Enable TestVolumeOwnership on Windows
    441bcb56d Skip WithAdditionalGIDs on Darwin
    4c1e26cd5 Don't fail-fast on Windows integration tests
    c9d1e155c go.mod: github.com/opencontainers/runc v1.0.3
    44995d483 update runc binary to v1.0.3
    416899fc8 Allow native snapshotter on Darwin
    6b0e2414c Do not use `go get` to install executables
    d2f1dda0f Include runtime v2 in default builtins
    392f604eb Use a single RUN command
    533dd1c0e fixup: check for swap accounting
    f33d38c7c integration: align tags of test images
    c5b0a18b6 fixup: handle diff between cgroupsv1 and v2
    9cc0d1f07 Set explicit ACL on test files
    4ccf287da Set CONTAINERD_ROOT in Windows cri-integration
    ff77dd112 Add Windows Server 2022 CI runs
    fd0850e9e Update continuity dependency
    ff9d7aef3 Update volume test images
    2fa4e9c0e cri: add support for configuring swap
    bae0d88ae Add error logging on cleanup
    6bccd67e8 Revert shim plugin migration
    665877a5b Move volume images from gcr to ghcr
    323a62d7b Add permissions
    f3195b3b5 export oci.DeviceFromPath()
    c6d26f0d3 Authenticate against ghcr.io
    2a6857d06 Skip TestExportAndImportMultiLayer on Windows
    6ff1a5934 fix when kernel version < 4.13rc1 by using index=off cause overlay test error
    94462d8f5 oci/deviceFromPath(): correctly check device types
    7a4415dd5 Add VMware TKG & TCE to Containerd adopters
    46892d340 Vagrantfile: update to Fedora 35
    8de1117c9 integration: add stats result in error message
    6681cc4b9 ctr/snapshots/diff: don't show the media-type in output
    a97564411 remotes: fix dockerPusher to handle abort correctly
    1698d061c Build volume test images on Windows
    7ccd733d2 Add image build workflow
    95b3ab2a4 ctr: Add Linux Capabilities control flags
    3d318b3bb docs: mark 1.4 as Extended
    9a994877c docs: fix RELEASES.md gRPC API anchor
    0a25bc1aa Integration: Separate Windows Periodic Tests workflow trigger.
    507bfc91b feat: skip ci for fork
    9dfbcbbc4 content/local: Close the file if Seek fails
    5015130f7 Fix executable file not found when restoring shims
    2b28dd363 Fix wrong make target on documentation
    cb1359fa8 Integration: Remove explicit version passing to `azure/CLI`.
    fa6759ae5 fix: server error return
    5e4b033ec Update README.md repo->org
    5f293d9ac [CRI] Fix panic when registry.mirrors use localhost
    674b94c42 Prepare release notes for v1.6.0-beta.3
    f5863e22f Update API version in go.mod
    5df9ec366 Update release name to use consistent format
    f8d734e40 fix: make max recv/send msg size setting default
    63895de45 Add support for TMP override on toml
    444ef2f6d Generalize Windows CI setup script for any user.
    3d6bfa3f5 Standardize cmdlet capitalization in Windows CI scripts.
    6835a9470 Split runc shim into plugin components
    6eea8f3f6 Add shutdown package
    547040cd5 feat:support custom callopts on client side
    bef792b96 feat: use rwmutex instead
    2f31dcda7 release: change tar name to match prior releases
    70c88f507 schema1: reject ambiguous documents
    eb9ba7ed8 images: validate document type before unmarshal
    2a81c9f67 CRI: Support enable_unprivileged_icmp and enable_unprivileged_ports options
    db124c560 Close file if permission modification fails
    526defb57 Fix containerd fails to pull OCI image with non-`http(s)://` urls
    89eebc4c0 Fix wrong error returned for image index lookup
    be84932e1 Rename release dockerfile to omit distro name
    28126fd60 release: improve dockerfile
    27d7c5038 Add arm64 to releases
    6765524b7 use write lock when updating container stats
    b103bee4c go.mod: Bump hcsshim to v0.9.1
    e17fe37e0 Fix package alias
    920b24793 go.mod: Bump ttrpc to 1.1.0
    6870f3b1b Support custom runtime path when launching tasks
    91bbaf679 [cri] add sandbox and container latency metrics
    a3b756ce1 Prepare release notes for v1.6.0-beta.2
    574800633 cleanup: add more description on comment
    a22346622 CI: bump up crun: 1.0 -> 1.3
    97073c943 go.mod: github.com/moby/sys/mountinfo v0.5.0
    19d9d0d2a go.mod: github.com/moby/sys/signal v0.6.0
    9c455ded6 go.mod: github.com/moby/sys/symlink v0.2.0
    fa12f4e69 go.mod: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359
    869ccc01c Update Go to 1.17.3
    3196e65f5 docs: document the runtime shim plugin config options
    0d8e07681 docs: use proper markdown lists in containerd-config.toml.5.md
    54c0cdae6 Update TestRestartMonitor expected time check
    d4f4c1380 Add runtime path in CreateTaskRequest
    548579d0e Pin az CLI version
    2e6d5709e Implement CRI container and pods stats
    b69bbe25a Vendor latest k8s.io/cri-api and netlink
    9bfec3980 test: Add grace period for restart monitor test
    d022fbe78 Address PR comments
    82cb0a63e Add mkdir on Dockerfile
    6fa1bb4a5 Fix build after rebase
    2cec3a34b Migrate task directory
    8b788d9df Expose shim process interface
    733519677 Fix after rebase
    df8c206a9 Cleanup shim loading
    b554b577b Move shim restore to a separate file
    a3d298193 Fix backward compatibility with old task shims
    33786ee4d Add plugin dependency between shim and shim services
    fb5f6ce3c Rework task create and cleanup flow
    7c4ead285 Add task manager
    2d5d3541e Rename task manager to shim manager
    ea8978810 adds additional debug out to timebox cni setup
    6fa9f22fa compression: support zstd with skippable frame
    f0d3ea96c converter: Allow hooks during image conversion
    6ee8577e5 sys/reaper: avoid leaky goroutine when exec timeout
    88fc5cf2d Adding scope tests for ParseAuthHeader
    3e51312a6 fix shim reaper wait command execute blocked
    7438edc7e Adding tests for GenerateTokenOptions
    9b4a6f129 Generate token options with each scope as a separate string.
    b8f3ebb03 vendor: update moby/sys for darwin support
    0ccc386c8 Prepare release notes for v1.6.0-beta.1
    e5fc3b38e Update mailmap
    37720fc6f Update api vendor
    a217b5ac8 bump CNI to spec v1.0.0
    010a9e2bc content: close stream after commit request
    ebc5cf19a feat(doc): update to version 2 syntax
    294143bf3 Inject otel traces to grpc client.
    cd2f2b0af client: expose (*image).platform
    535191abf fix #6054  MaxConcurrentDownloads is not effect when Unpack is true
    3b73922fb feat(doc): add Core Scheduling documentation
    c18c2e735 Fix spelling mistake in Windows snapshotter
    130a9c7dd Ensure namespace is proxied to grpc/ttrpc plugins
    2a8dac12a Output a warning for label image labels instead of erroring
    602018900 integration: Enable some tests for Windows
    1f1cad391 io/ioutil package has been deprecated in Go 1.16 that replaces io/ioutil functions
    46be06937 close Writer after use which may leak mem
    1abe50512 Prepare release notes for v1.6.0-beta.0
    c5947557d Add error message to in TestContainerdRestart integration test
    072a7074b Fix typo in the NewContainer function documentation
    ac2df3ba9 test: check file content after mount
    18d483b23 Update cgroups to v1.0.2
    4ed3c524c Update test timeout based on recent cancellations
    d252a293d Remove extra test_teardown
    4a569c889 Check the pid in cri test teardown
    f1054dbbd fix integration client vendor
    e48bbe839 add runc shim support for sched core
    de1a39bf3 Update Go to 1.17.2
    46b152f81 vendor: Bump hcsshim to 0.9.0
    fb4432c24 integration: Enables TestVolumeCopyUp for Windows
    0ba3532f5 integration: Enables TestRuntimeHandler for Windows
    830b3c26e integration: Enable some tests for Windows (part 2)
    3a713811b run `gofmt` with Go 1.17
    96018b7db vendor: Updates go-cni
    703b86533 pkg/cap: remove an outdated comment
    1ee2bff0e Update go otel 1.0.1
    b9a0c5080 modify the way for checking cos
    c528d2c39 Update ADOPTERS.md with additional uses
    5b222d54a commands: Enables task metrics for Windows
    9734b4039 Pin mingw to version 10.2.0
    d19af5afb Update to golang 1.17.1
    3cb0ec01e Install nssm
    02e77bcdc task service: return known error type
    791e175c7 Windows: Fixes Windows containers with image volumes
    049042382 fix: update vendor
    5c2426a7b cleanup: import from k8s.io/utils/clock/testing instead
    6484fab1e cleanup: import from k8s.io/utils/clock instead
    d16942cf1 feat: enable cri remote client to call with grpc calloptions
    ca35f4e82 Windows: Cleanup rm- prefixed layers
    f6b7e07fd cleanup k8s ansible yaml (carry for https://github.com/jayonlau <jayonlau@gmail.com>)
    933ddaa6f fix: wrong flag type
    da16d492c feat: support import image for specific platform
    67b883146 Update mirror images to take target image name
    e6ddffc2a fix: make exec-id flag required in exec command
    09c9270fe images: enable converter to uncompress zstd
    694a00754 replace deprecated function
    2bc77b8a2 Adds Windows resource limits support
    224454062 Fix main branch build is broken
    7c621e1fc btrfs: reduce permissions on plugin directories
    fcffe0c83 switch usage directly to errdefs.(ErrAlreadyExists and ErrNotFound)
    b9cf0d75a Fix panic in metadata content writer on copy error
    6886c6a2e v1 runtime: reduce permissions for bundle dir
    7d56b24f1 v2 runtime: reduce permissions for bundle dir
    7a7a9a282 integration: Adds test for multilayer image import
    f7658e37d runtime: should fail fast if dial error on shim
    483d2e947 go.mod: update opentelemetry modules to v1.0.0
    084387e0b Move tracing to plugin
    45c3453a7 Add open telemetry logging hook for logrus
    16f3d67b5 add current process state to the error message
    407d60694 Add github action to mirror image
    97df73004 gha: collect Vagrant VMs' IP addresses
    2bffb5f9b FreeBSD: fix tar headers & the nil check on getxattr
    7854e0bff bump continuity and console version that remove pkg/errors
    16d3f48a2 ctr namespaces: improve usage string
    50da67359 refactor: move from io/ioutil to io and os package
    a68fb7add bump console version to v1.0.3 that remove pkg/errors
    3e72e335f Use github images for integration tests
    55893b9be Add CNI conf based on runtime class
    50a568595 Change oci.WithUser behavior for LCOW
    65f6a896c Fuzzing: Add 4 fuzzers + small modifications
    2fecf5b02 Make sure exit signals trigger an exit during init
    f40df3d72 Enable image config labels in ctr and CRI container creation
    6875aa5d3 import: Add option to skip creating digest image
    f700ae873 CI: bump up crun to 1.0
    55923daa9 seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted)
    8596d1188 Fix typo
    73dbbf5bf Update to Go 1.17.1
    498e5b27f fix error string format
    6d961f967 CI: Switch to available latest images
    e087b47e9 import: Raise error if the imported image is filtered out
    91b64c58b add xfs support to devicemapper snapshotter
    8ff8b1b82 vendor: update continuity for darwin support
    1efed4309 add ip_pref CNI options for primary pod ip
    16cd6ed13 Additional integration tests for pulling image with labels
    756f4a314 cri: add devices for privileged container
    9954147c0 pin protobuild version to tag
    2458afeb1 Fix content copy to not ignore unexpected EOF
    6bec0d39b use a const metric for build_info
    ae27a6b05 Add metric exposing build version&revision
    8e850bc0f replace deprecated Dail with DailContext
    aeea697d8 Add WS2022 support in Windows Periodic tests
    55faa5e93 task delete: Closes task IO before waiting
    f42513112 integration: Adds Windows HostProcess tests
    ccc5ee303 archive: Add WriteDiff error logs
    820bd9269 fix document non-synchronous in crictl.md
    2bcd6a4e8 cri: patch update image labels
    789abc936 using Hosts replace deprecated field
    57e10439d Fixes task kill --force on Windows
    abf4de498 integration: Enables Windows containerd restart test
    96ec0b6f3 content fuzzer: Clean up tempdir
    eb2530be8 Makefile.linux: build on riscv with PIE
    6b0b64a51 ctr: Fixes Windows image import
    a43fa9f28 darwin: runtime support
    5dd38792a darwin: use the default values for socketRoot variable
    27046a9e0 Fix cwd flag for `ctr tasks exec`
    24cec9be5 sandbox: Allows the sandbox to be deleted in NotReady state
    1dd0d59b7 go.mod: Update hcsshim to v0.8.21
    6d3d34b85 Update Pause image in tests & config
    278176db1 Address issue forms feedback
    838afd211 Adding testing of two devices
    e0f8c04da cri: Devices ownership from SecurityContext
    7bc5aa74c Fix pull fails on unexpected EOF
    11ab3cba0 Use issue forms for bug reporting
    e2c769d6f windows: The DefaultSpec platform should match the Default matcher
    7826a21ac Update RELEASES.md
    2ac996840 replace uses of os/exec with golang.org/x/sys/execabs
    25644b461 Add RunAsUserName functionality for the Windows Pod Sandbox Container
    e18516767 go.mod: update runc to v1.0.2
    3f8ea1b6a update runc binary to v1.0.2
    429296910 go.mod: github.com/pelletier/go-toml v1.9.3
    f8dfbee17 add cri test case
    9a8bf1315 feature: add field LinuxContainerResources.Unified on cri
    d3aa7ee9f Run `go fmt` with Go 1.17
    c3609ff4c cri: filter selinux xattr for image volumes
    4dd5ca70f script: update golangci-lint from v1.38.0 and v1.36.0 to v1.42.0
    f7b1ceb9f integration: investigate TestRestartMonitor's failure
    acb81bbda integration: fix TestContainerPids
    9fe7bc938 Bump integration timeout to 35 min
    7fba86264 Fix dir support for devices V3 (#4847)
    6f60b3016 [ctr] add HOSTNAME env for host network
    8d135d284 Add support for shim plugins
    f8602c372 Update to Go 1.17
    c9b1b2fd5 Fuzzing: Add fuzzer
    9e1b57ca0 Add env for SystemdCgroup driver
    1224060f8 Allow expanded DNS configuration
    538d93d2f Fuzzing: Add 4 fuzzers
    79b369a0b Added windows hostProcess cni skip
    82fe0db9a Fix bad `make protos` failure
    1c47fb17f docs: remove FOSSA's badge
    bc4cea4e4 docs: rename main to master
    5e49ec27d Use http.Get to download binaries instead of exec.Command
    e6538b8bc Add trap to cri-integration test script
    d2f3b7146 add cpu-shares to ctr
    30b832e49 archive docs and point to new location fix #https://github.com/containerd/cri/issues/1624
    9cc179aa7 BUILDING.md: remove some bits about building runc
    42b57cc73 BUILDING.md: markdown fixes
    a3d6edc0e content: return the error with its timestamp
    a5468852f docs: list all snapshotter-related build flags
    e634f04d8 go.mod: update kubernetes to v1.22.0
    11a90c7ff Fuzzing: Add experimental version of container fuzzer
    42a28ad2c Update Go to 1.16.7
    534685f95 Fix Linux CI Linter using go 1.15.14
    10eab21a4 Cleanup CI
    0a0621bb4 Move plugin context events into separate plugin
    6f027e38a Remove redundant build tags
    3c5424454 [otel-tracing] vendor and go modules changes
    3597ac859 [otel-tracing] Initial opentelemetry support
    7917da764 Change default directories on Darwin
    10824eaf2 remove go 1.13 from containerd
    d30d897ef Cleanup v2 shim
    c3c276ae1 Fuzzing: Fix for OSS-fuzz issue 36825
    6c257552a scripts: declare ROOT closer to where it's used, and some DRY changes
    dba0ef4eb scripts: add missing quotes, and minor linting issues
    0cb656860 test/build-utils.sh: remove support for Debian Jessie
    41a04246f Fuzzing: Add two more fuzzers
    2c699cc35 Fuzzing: Remove panics of container_fuzzer
    f2c3122e9 platforms: Format(): use path.Join() instead of joinNotEmpty()
    acecd6603 Change protoc link
    ce437864b mergo: Upgrade to 0.3.12 to fix panic
    d1e868c83 ci: install criu from PPA
    e692a0192 Add shared content label to namespaces
    3a8622e30 Updates the location of protobuf downloads in docs
    0d9393650 Update protobuf install to use correct repository
    d62d6c11d Split release steps into multiple tasks
    b4807122d Update release workflow to upload binary without CNI
    67406b373 overlay: add an optional label of upperdir location of each snapshot
    43117cf91 Script to check if entries in go.mod files are in sync
    4ab3e7a53 runtime: fix the issue of create new socket with abstract address
    cc88f8e0a Split fuzzer to two fuzzers
    7a10fd4fc respect context timeout in shim binary call
    23bc3db91 Enable critest on Windows
    494b940f1 Introduce a new go module - containerd/api for use in standalone clients
    4fdb88464 add CRI support matrix to RELEASES.md
    b5fc7846c adding a little more clarity
    1d3d08026 Support SIGRTMIN+n signals
    18d6cc1b0 update gotestsum to v1.7.0
    efa8ab715 Add runtime label to metrics
    6294235d8 Fuzzing: Add container fuzzer
    2405671d4 platforms: add "ios" as known OS, "loong64" as known ARCH
    2556aac67 Fuzzing: Add archive fuzzer
    0d45ac14e interface about shim build check
    00d52bb15 integration: log all processes to investigate the test failure
    f1d79d33b Discard blocks when removing a thin device
    d2b6d192d Update cpuguy83/go-md2man binary to v2.0.1
    53ec1abec remotes/docker/pusher.go: Fix missing Close()
    67d07fe5c remotes/docker/fetcher.go: Fix missing Close()
    0789a0c02 Add docker fetch fuzzer
    b483177ee Support custom compressor for walking differ
    150e07b64 Use systemd cgroup driver for cgroupv2 tests
    603962bc8 update gotestsum to current master
    a12c7bd1c go.mod: runc v1.0.1
    43e0594ae update runc binary to v1.0.1
    9537bc265 Dockerfile.test: build containerd in separate stage
    36be5ef3a Dockerfile.test: add GOLANG_IMAGE build arg to allow overriding
    8faacfca1 Dockerfile.test: clean up apt indexes after installing
    9f7e6335c Dockerfile.test: build critools in a separate stage
    7ec8e2d36 Dockerfile.test: build cni in a separate stage
    f9f423c07 Dockerfile.test: standard directory to collect build aftifacts
    e9f26eb87 Dockerfile.test: split dev stage, and optimize order
    25fada0cc Dockerfile.test: skip curl, gcc, git and make install
    546538971 install-critools: make sure DESTDIR exists
    dbef1d56d runtime: runc v2: remove redundant validation
    18321f539 Move loop check to before sleep
    2e8a572df Add timestamp to flaky restart monitor test
    55fd2ab5d integration/client: go mod tidy
    e72046f86 Update Go to 1.16.6
    bc4e416c8 Add test for archive breakout test for lchmod
    894b6ae39 Fix missing Body.Close() calls on push to docker remote
    ac75071b4 remove pkg/cri/platforms package
    0a8802df6 Allow WithServices to use custom implementations
    aefabe546 Dockerfile.test: add "cri-in-userns" (aka rootless) test stage
    53835221f Cleanup lchmod logic in archive
    d1c105192 use fu wei's suggeted interface pick for marshaling
    14962dcbd add alpha version
    4c6e4a06f gha: make release workflow work in forks
    73d28ddeb client: surface a connection error more clearly
    a7ad6b3be Add support for registry host path override
    3a0b9ec6b Add unit test for plugin
    95c708572 Update documenation for OCI distribution 1.0
    a81f05f36 [Vendor] Update hcsshim to 0.8.18
    16deba098 integration: Windows volume-copy-up images
    63fe34add grpc config add options tcp_tls_ca
    a5c417ac0 move up to CRI v1 and support v1alpha in parallel
    bda7b5866 feat: Add snapshotter label to the new snapshot for container.
    2019a1e68 Makefile: fix DESTDIR and PREFIX concatenation
    04ab4418f test integration: Adds a test that restarts a failed container
    03ee45006 snapshot/devmapper: log exported methods correctly
    a964cf0cc un-export mount.FMountat
    21f532d51 move sys.FMountat() into mount package
    dac2543a0 sandbox: send pod UID to CNI plugins as K8S_POD_UID
    5a0beaefb sys: remove StatAtime(), StatCtime(), StatMtime() and StatATimeAsTime() utils
    f913a4275 go.mod: runc v1.0.0
    28bb59c08 update runc binary to v1.0.0 GA
    63c185da9 content/local: inline sys.StatATimeAsTime()
    09d78bb6b allow multi gpu to be specified via ctr
    560e7d479 fixing some doc links
    d9694b297 Sync integration/go.mod with root go.mod
    4a46ea2f4 archive: Expose ChangeWriter to allow customized diff computing
    cd33c007c CI: Switch to available latest images
    75b4c83f0 fix deprecation config for default runtime
    1bbee573a github.com/golang/protobuf/proto is deprecated
    91c8fa452 Update github.com/golang/protobuf from v1.3.5 to v1.4.3
    b7e79dc5a Update google.golang.org/grpc from v1.27.1 to v1.38.0
    8d2e156dd Increase golangci-lint timeout
    87a2e0b2a runtime,v2: Enable debug when containerd is on debug+ log level
    05e51539a command line flags of setting container rootfs propagation
    394f86475 Re-enable criu in main integration runs
    1dada3fc2 add cgroupv2 setup for cos with a flag
    bfbebf02b Update gotestsum to add timestamps to junit output
    2bb8ad7c9 Makefile: pass build tags to manpage build process
    f60d447c1 Makefile: fix tags parameter computation
    9c01fe20d Allow to pass --no-cgroup option to nvidia-container-cli
    77374e8b3 Makefile: FHS conformant manpage installation pathes
    3ab974433 Add proper Go version before project checks
    af5a130bc Enable cri-integration in Windows Periodic Tests
    7a2b04758 adds explanation for seccomp unset/unconfined default vs runtime default
    01585595a update integration/client go.sum
    419d616fe Install specific golang version in Windows CI.
    69f43d458 Revert diff/walking error change
    728743eb2 Fix cleanup context of teardownPodNetwork
    014748bc0 fix invalid validation error checking
    cabe67736 tests: Use EnsureImageExists for image pulling
    a78bdf22d tests: Refactors PodSandbox creation
    9a451d103 Update opencontainers/selinux to v1.8.2
    93e268f62 tests: Symlink volume tests
    edfd8d599 Change Wrapf of non-error to an actual error
    a93b5cbc2 Install apparmor parser for arm64 environment
    5f0fc4893 Add creation timestamp to RG
    75daf45be docs: explicitly mention containerd's Prometheus path
    2f870aa89 integration: Cleanup containerd on test teardown
    558fdc680 diff/walking: fix defer cleanup
    b5f530a15 Makefile: fix DESTDIR environment variable behaviour
    498bb36f6 scrub the stale TODO
    93d4541a2 docs/cri: update ocicrypt link
    792466495 docs/cri: fix broken links
    05c03de94 Update Windows periodic tests
    9fcea1d3f Rename atomicWrite to writeToCompletion
    b996e49c5 Do not run btrfs tests if btrfs kernel module is not loaded
    50ad4b96c Fix incorrect UA used for registry authentication
    923ab5b7c Makefile: use $@ for target file names
    535d9cc59 ctr: parse mount options with embedded = character
    a4f97d45d Add ruleset=4 option
    5dec27b6f ctr: exec handle pty resize after Start
    e1c845df5 Fix small typo
    b9378b452 ctr: exec setup IO with console
    869375a41 Remove useless lines
    79e345221 update the link
    1acca8bba Don't check for apparmor_parser to be present
    ec28288f4 bump runc version to v1.0.0-rc95
    599127f4d update runc binary to v1.0.0-rc95
    a5b1740bb fixed typos
    77285e311 Schedule Windows job daily after midnight.
    2b58782df Update windows-periodic.yml
    5dbae87c5 Bump github.com/Microsoft/go-winio from 0.4.15 to 0.5.0
    1093f05ab Bump github.com/opencontainers/selinux from 1.8.0 to 1.8.1
    b6a251749 bump hcsshim version to v0.8.17
    b1d4140a2 Update docker resolver to authorize redirects
    09a0c9471 tests: Adds support for Windows cri-integration tests
    315739251 just release ctd-decoder not ctr-enc
    1442fee22 Remove mountpoints not commonly mounted on FreeBSD
    fc4da9728 Pin integration test image for alpine
    9643c9965 Makefile: allow overriding install command via environment
    4b1b8346b Makefile: make sure manpages are built before install-man
    6e249b1ae adds credentials description
    de04b3243 Add copyright header & make sure compilation succeeds on all platforms
    e1fd6be7e Fix mounts for FreeBSD
    de6db4038 Update vendored runc to v1.0.0.0-rc94
    5c99f150a Update the runc binary used with containerd to runc v1.0.0-rc94
    b890f056e Fix content.ReaderAt close
    c5797c8fc Update releases doc with updated support timeline
    c74a6c419 update to new cri-tools make install
    e37ddafab metadata: modify NewLeaseManager to return leases.Manager
    79d800b9b Update Go to 1.16.4
    0ba7303ee Prepare default branch rename
    7d70992d3 tests: add test for adaptor
    e120261ee windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink
    0b786908c doc: add missing namespaces package
    b0d3b35b2 windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink
    9ea25634b Makefile: allow overriding go command by environment
    81402e475 Fix different registry hosts referencing the same auth config.
    b56527cb7 update seccomp version
    8014d9fee Skip TLS verification for localhost
    b538d8f1a Update golang.org/x/sys to add linux/ppc support
    b59e29773 adds description for hosts.toml
    e26fc8472 go.mod: cut circular dependency on github.com/containerd/containerd
    15e0bd513 integration/client: go mod tidy
    98f5922b5 plugin: optimize the check for the last registration
    273c2bb16 tests: Prepull images used in tests
    402acd7c1 Small typo fix "reimporst"
    f21627059 Use DeactivateLayer to recover layers that we cannot rename
    421fc6ea7 Add CI periodic Windows Jobs.
    c0e2f4b5d Try next mirror in case of non-404 errors, too
    f8538b5e1 Fix error case in Windows layer cleanup
    b592a4c1e oci: fix WithDevShmSize

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-03-21 17:31:28 -04:00
Bruce Ashfield
db45737c35 conmon: update to v2.1.0 
Bumping conmon to version v2.1.0-316-g4c41ec2, which comprises the following commits:

    4c41ec2 meson: Handle journald
    d1565ee bump to v2.1.0
    96b8688 logging: buffer partial messages to journald
    f20bbbe ci: add podman system to different cache
    bde1b3c ci: install rootlessport right
    2b10f9a ci: install go correctly
    4f0b7f8 ci: add subid ranges for crio tests
    e827355 ci: install all binaries for podman-system
    ad092b1 ci: run vendor on podman job
    b6025be ci: set host IP
    ca12794 ci: give conmon job sudo
    d6bdb97 ci: bump to go 1.17
    e2215a1 exit: close all fds >= 3
    830e644 fix: cgroup: Free memory_cgroup_file_path if open fails. Call g_free instead of free.
    5a2cf98 Make libdl optional in meson definition
    4edfc92 bump to v2.0.33-dev
    436b460 bump to v2.0.32
    f1fee3a Avoid mainfd_std{in,out} sharing the same file descriptor.
    7c784a0 exit_command: unset subreaper attribute before running exit command
    dc197c9 bump to 2.0.32-dev
    7e7eb74 bump to 2.0.31
    a854c52 conmon: fix error message

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-03-21 17:31:28 -04:00
Bruce Ashfield
51013405c2 nerdctl: introduce recipe 
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-03-21 17:31:28 -04:00
Tim Orling
0ffb6e56b6 cloud-init: inherit setuptools3_legacy 
cloud-init still requires legacy setup.py behavior.

Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-03-11 06:02:13 -05:00
Michal Orzel
ca4601a54a xen: Override CC and CPP in make command line 
After 4.16 release, Xen build system has been changed significantly.
When building latest status of Xen it was observed that commit
317c98cb91 broke the hypervisor build on arm32 due to the change in
handling Rules.mk that xen.inc modifies to override CC and CPP.

In order to fix the issue this patch moves overriding CC and CPP from
Rules.mk to make command line by adding them to EXTRA_OEMAKE:arm.

Take the opportunity to bump SRCREV of xen_git.bb and xen-tools_git.bb
to the current status of master.

Signed-off-by: Michal Orzel <michal.orzel@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-03-10 14:42:22 -05:00
Kai Kang
2dc502a269 libvirt: backport patch to fix compile error 
Backport patch to fix compile error of libvirt:

| runtime error: file ../libvirt-7.2.0/docs/page.xsl line 217 element element
| xsl:element: The effective name '' is not a valid QName.

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-03-10 14:42:10 -05:00
Kamil Dziezyk
4369415b91 xen-*image-minimal: Install *xen-acpi-processor package only for x86* machines 
Kernel module xen_acpi_processor is built only for x86* architectures,
therefore 'kernel-module-xen-acpi-processor' package is compatible only with
x86* machines.

Issue-Id: SCM-3892
Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com>
Change-Id: I8dde00e3c78a1f9eea50b19fbc1981f5e26df133
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-03-02 15:47:55 -05:00
Ross Burton
26017da9d8 python3-dtc: fix missing files in sysroot 
There is a bug in SWIG/setuptools where 'pip install' doesn't build
libfdt.py unless the build tree is already dirty, which makes using
the library impossible.

Bump the SRCREV to incorporate the upstream workaround for this issue.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-03-02 15:46:04 -05:00
Tim Orling
0f3da01452 lopper: fix wheel build 
The wheel that is built is:
lopper-1.0-py3-none-any.whl

Set BASEVERSION to 1.0 and use this to set PV and the value for PYPA_WHEEL
(the path to the wheel filename).

Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-03-02 15:44:59 -05:00
Tim Orling
35f34844ff python3-dtc: fix wheel build 
The wheel that is built is ${S}/dist/libfdt-1.6.2.dev39+g4048aed.d20220103-cp310-cp310-linux_x86_64.whl
Set PYPA_WHEEL to match this.

Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-03-02 15:44:58 -05:00
Kasper Revsbech
e6f165dcec xvisor: Remove bb.error when builing for non-supported arch 
Change bb.error to bb.note when getting config and arch of target/host
as it is not an error if arch is not supported that should flag when
parsing the recipe.
It is an error if trying to include in image and that is already handled
in COMPATIBLE_HOST

Signed-off-by: Kasper Revsbech <kasper.revsbech.ext@siemensgamesa.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-02-24 10:47:31 -05:00
Bruce Ashfield
ef08aac3dd conf: drop honister from compatibility 
The variable renames in OE core are parse errors, not warnings, so
maintaining compatibility for both honister and kirkstone in the
same branch isn't feasible. So we drop honister in preparation for
release.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-02-21 19:31:32 -05:00
Bruce Ashfield
108e089f7e global: update licence values to SPDX values 
These changes are the result of running the convert-spdx-licenses.py
oe-core script.

There's no impact to the build, but we will avoid issues when
interacting with core QA by the alignment.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-02-18 13:07:10 -05:00
Bruce Ashfield
c113c0936a conf: add kirkstone to layer compatibility 
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-02-18 08:59:50 -05:00
Bruce Ashfield
f895d152d2 cri-o: update to use SKIP_RECIPE 
oe-core has remove PNBLACKLIST in favour of SKIP_RECIPE, so we update
our recipe accordingly to avoid warnings.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-02-04 12:21:32 -05:00
Bruce Ashfield
48c9b9a891 nagios: update to use SKIP_RECIPE 
oe-core has remove PNBLACKLIST in favour of SKIP_RECIPE, so we update
our recipe accordingly to avoid warnings.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-02-04 12:21:32 -05:00
He Zhe
44e95d9471 openvswitch: uprev from v2.15.1 to v2.15.3 
commits short logs:
e4d2df62e (tag: v2.15.3) Set release date for 2.15.3.
b8baa1141 python: Add cooperative_yield() API method to Idl.
7834abc66 ofproto-dpif-xlate: Snoop ingress packets and update neigh cache if needed.
833c02daa tnl-neigh-cache: Do not refresh the entry while revalidating.
e2182eca8 tnl-neigh-cache: Include expected array sizes in prototypes.
566fe4372 tnl-neigh-cache: Read/write expires atomically.
d477f6000 compat: handle NF_REPEAT error on nf_conntrack_in.
0590e8838 flow: Consider dataofs when parsing TCP packets.
7266042d8 tests/flowgen: Fix packet data endianness.
d2e0632db ofproto: Fix resource usage explosion due to removal of large number of flows.
0a7e66e37 ofproto: Fix resource usage explosion while processing bundled FLOW_MOD.
68466efed tests/flowgen: Fix length field of 802.2 data link header.
2a2185f9e ovs-lib: Backup and remove existing DB when joining cluster.
fcbc29c6f docs/dpdk: Fix install doc.
a5d97d420 ovs-save: Save igmp flows in ofp_parse syntax.
1cbd1f0f5 faq: Update OVS/DPDK version table for OVS 2.13/2.14.
01bc910e5 ofproto-dpif-xlate: Fix check_pkt_larger incomplete translation.
08a270dda datapath-windows: Reset flow key after Ipv4 fragments are reassembled
eca2d50d4 datapath-windows:Reset PseudoChecksum value only for TX direction offload case
031cf67e0 netdev-offload-tc: Verify the flower rule installed.
952e85150 ci: Make linux-prepare trust system installs.
2cf63851a Prepare for 2.15.3.
63f9a7c5d (tag: v2.15.2) Set release date for 2.15.2.
b7d9c491e datapath-windows: add layers when adding the deferred actions
3f718857e ofproto-dpif-xlate: Fix zone set from non-frozen-metadata fields.
ea2ca0af1 dpif-netdev: Fix use-after-free on PACKET_OUT of IP fragments.
9f964354e tunnel-push-pop.at: Mask source port in tunnel header.
58397f222 dpdk-stub: Change the ERR log to DBG.
2a963fc31 python: idl: Avoid sending transactions when the DB is not synced up.
9efa2ea61 ipf: release unhandled packets from the batch
f8274b78c datapath-windows:adjust Offset when processing packet in POP_VLAN action
a2f860aa2 cirrus: Reduce memory requirements for FreeBSD VMs.
7788f1579 netdev-linux: Fix a null pointer dereference in netdev_linux_notify_sock().
dd32deba6 pcap-file: Fix memory leak in ovs_pcap_open().
9f2f66c8e odp-util: Fix a null pointer dereference in odp_flow_format().
02b0c265c odp-util: Fix a null pointer dereference in odp_nsh_key_from_attr__().
031eff456 netdev-dpdk: Fix RSS configuration for virtio.
09cd9570d ipf: Fix only nat the first fragment in the reass process.
ef8ca3e19 dpif-netdev: Fix crash when PACKET_OUT is metered.
d3ff41d60 tc: Set action flags for tunnel_key release.
079a4de72 netlink-socket: Replace error with txn->error when logging nacked transactions.
f8cc5aa35 dynamic-string: Fix a crash in ds_clone().
64d1bba91 dpif-netdev: fix memory leak in dpcls subtable set command
90b219275 dpif-netdev: Do not flush PMD offloads on reload.
b29b04f85 dpif-netdev: Fix offloads of modified flows.
1d0b89ea7 dpif-netdev: Fix flow modification after failure.
8d84a4b16 netdev-offload-dpdk: Fix IPv6 rewrite cast-align warning.
f3f7849cb daemon-unix: Fix leak of a fork error message.
8aa0f0374 ovsdb-cs: Perform forced reconnects without a backoff.
ee4e034dc datapath-windows:Correct checksum for DNAT action
72132a940 bond: Fix broken rebalancing after link state changes.
aa84cfe25 dpif-netlink: Fix report_loss() message.
aec05f7cd ovsdb-server: Fix memleak when failing to read storage.
05bdf11fc conntrack: Init hash basis first at creation.
94e3b9d9c netdev-linux: Ignore TSO packets when TSO is not enabled for userspace.
842bfb899 conntrack: Handle already natted packets.
ab873c1af conntrack: Document all-zero IP SNAT behavior and add a test case.
86d6a9ee1 python: Fix Idl.run change_seqno update.
1ba0c8365 bridge: Use correct (legacy) role names in database.
7e5293ea5 Prepare for 2.15.2.

The ptest results BEFORE uprev:
ERROR: 2231 tests were run,
27 failed unexpectedly.
62 tests were skipped.

Failed tests:
checkpatch - sign-offs
checkpatch - parenthesized constructs
checkpatch - parenthesized constructs - for
checkpatch - comments
checkpatch - whitespace around operator
checkpatch - whitespace around cast
ovs-ofctl snoop
tunnel - table version
tunnel_push_pop - erspan
tunnel_push_pop - action
tunnel_push_pop - packet_out
tunnel_push_pop_ipv6 - ip6gre
tunnel_push_pop_ipv6 - ip6erspan
tunnel_push_pop_ipv6 - action
PMD - non pmd device
ofproto-dpif - recirculation after resubmit
ofproto-dpif - sFlow packet sampling - IPv4 collector
ofproto-dpif - sFlow packet sampling - IPv6 collector
ofproto-dpif - sFlow packet sampling - LACP structures
ofproto-dpif - sFlow packet sampling - tunnel set
ofproto-dpif - sFlow packet sampling - tunnel push
ofproto-dpif - sFlow packet sampling - MPLS
bridge - multiple bridges share a controller
bridge - add port after stopping controller
mcast - check multicasts to trunk ports are not duplicated
ptap - triangle bridge setup with L2 and L3 GRE tunnels
ptap - L3 over patch port

The ptest results AFTER uprev:
ERROR: 2266 tests were run,
27 failed unexpectedly.
65 tests were skipped.

Failed tests:
checkpatch - sign-offs
checkpatch - parenthesized constructs
checkpatch - parenthesized constructs - for
checkpatch - comments
checkpatch - whitespace around operator
checkpatch - whitespace around cast
ovs-ofctl snoop
tunnel - table version
tunnel_push_pop - erspan
tunnel_push_pop - action
tunnel_push_pop - packet_out
tunnel_push_pop - packet_out debug_slow
tunnel_push_pop_ipv6 - ip6gre
tunnel_push_pop_ipv6 - ip6erspan
tunnel_push_pop_ipv6 - action
PMD - non pmd device
ofproto-dpif - sFlow packet sampling - IPv4 collector
ofproto-dpif - sFlow packet sampling - IPv6 collector
ofproto-dpif - sFlow packet sampling - LACP structures
ofproto-dpif - sFlow packet sampling - tunnel set
ofproto-dpif - sFlow packet sampling - tunnel push
ofproto-dpif - sFlow packet sampling - MPLS
bridge - multiple bridges share a controller
bridge - add port after stopping controller
mcast - check multicasts to trunk ports are not duplicated
ptap - triangle bridge setup with L2 and L3 GRE tunnels
ptap - L3 over patch port

Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-02-04 12:19:07 -05:00
Ross Burton
ce8f2e0df4 libibverbs: update LICENSE 
As per COPYING, this is BSD-2-Clause or GPLv2.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-02-04 12:18:53 -05:00
Bruce Ashfield
cf1c2ed8eb runc-docker: update to v1.1.0 
Bumping runc to version v1.1.0-1-gd7f7b22a, which comprises the following commits:

    d7f7b22a VERSION: back to development
    067aaf85 VERSION: release runc v1.1.0
    c0e300f1 Refuse to build runc without nsenter
    e155b332 build(deps): bump github.com/checkpoint-restore/go-criu/v5
    5c7e8981 libct/cg: rm go 1.15 compatibility
    4773769c VERSION: back to development
    55df1fc4 VERSION: release v1.1.0-rc.1
    a8f9d5de CHANGELOG: add an in-repo changelog file
    6d2067a4 script/seccomp.sh: fix argc check
    457ca62f script/release_*.sh: fix usage
    c729594c deps: update libseccomp to 2.5.3
    5d779620 tests/int: use update_config in hooks test
    9e798e26 tests/int: ability to specify binary
    97688ddf types/features: clarify MountOptions
    deb0a5f2 Mark `runc features` experimental
    382eba43 Support recursive mount attrs ("rro", "rnosuid", "rnodev", ...)
    ba935a51 Support nosymfollow mount option (kernel 5.10)
    f8c48e46 go.mod: golang.org/x/sys v0.0.0-20211116061358-0a5406a5449c
    acd8f12f release: correctly handle binary signing for "make releaseall"
    d72d057b runc init: avoid netlink message length overflows
    25112dd1 libct/intelrdt: remove unused type
    c4a61aa9 ci: enable extra linters for new code
    520702da Add `runc features` command
    02475d9c .golangci.lint: add unparam linter
    953e56c5 libct/int: runContainer: drop console arg
    6c0bfcb1 libct/cg/fs/blkio_test: ignore unparam warning
    06b3fd9d libct/cg/ebpf: drop finalize return value
    86733013 notify_socket: setupSpec: drop ctx arg and return value
    741568eb libct/cg/devices: addRule: ignore unparam warning
    fc44e3f6 tty: Close: rm return value
    36483465 tty: ClosePostStart: rm return value
    f3f4b6d1 tty: recvtty: rm process arg
    e6318635 tty: rm inheritStdio return value
    d23b8109 checkpoint: rm getDefaultImagePath arg
    dd140401 libct: fixStdioPermissions: rm config arg
    b357bc13 libct/factory: rm id param from loadState
    b950b778 libct/utils: ResolveRootfs: remove
    35d20c4e chown cgroup to process uid in container namespace
    ec0f35bc libct/system/xattrs: remove
    e9ed2000 build(deps): bump github.com/opencontainers/selinux from 1.9.1 to 1.10.0
    e3dd80fa Vagrantfile.fedora: revert excluding systemd
    1da84d1a libct/cg: TestGetHugePageSizeImpl: use t.Run
    1362291a Avoid non-op when the list of `Hooks` is empty
    f13a9325 libct/cg: HugePageSizes: simplify code and test
    39d4c8d5 libct/cg: lazy init for HugePageSizes
    a4d4c4dd libct/cg: GetHugePageSize -> HugePageSizes
    dde509df specconv: do not permit null bytes in mount fields
    50105de1 Fix failure with rw bind mount of a ro fuse
    982b9a1d libct/standard_init: fix linter warning
    643f8a2b libct/specconv: nits
    b247cd39 runc run: fix ro /dev
    029b73c1 libct/spec: replace isValidName regex with a function
    6907beca libct/specconv: remove isSecSuffix regex
    37c5fd55 libct/specconv: make parseMountOptions return Mount
    2c3792ba libct/specconv: make mountFlags and extensionFlags global
    81586e19 libct/specconv: reuse mountPropagationMapping in parseMountOptions
    8fe1e8bf libct/specconv: rm some init allocations
    712157f6 Revert "ci: temporarily disable criu repo gpg check"
    f252eb54 test/int/mount.bats: refer to github issue
    7563a8f0 libct: wrap more unix errors
    db4ad6a7 libcontainer/system: rm Prlimit
    0880c001 .cirrus.yml: silence vagrant up
    b028ecb3 Vagrantfile.fedora: exclude systemd from upgrade
    12a36265 ci/cirrus: update to Go 1.17.3
    02d527d2 go.mod: github.com/moby/sys/mountinfo v0.5.0
    0e21d56e go.mod: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359
    b2d64fed build(deps): bump github.com/checkpoint-restore/go-criu/v5
    a9bb11ec Fix the conversion of sysctl variable dots and slashes
    0f933d54 Rename package validate_test to package validate
    68c2b6a7 runc run: refuse a frozen cgroup
    d08bc0c1 runc run: warn on non-empty cgroup
    dd696235 runc exec: reject paused container unless --ignore-paused
    4b25a4e8 CI: update Fedora to 35
    7324496f tests/int: fix userns for Fedora 35
    05272718 tests/int/cgroups: fix for misc controller
    fc658fb6 build(deps): bump github.com/godbus/dbus/v5 from 5.0.5 to 5.0.6
    972aea3a libct/configs/validate: allow / in sysctl names
    95f8ecdd fix `libcontainer/integration/exec_test.go:1859:8: undefined: ioutil`
    dc473cad build(deps): bump github.com/cilium/ebpf from 0.6.2 to 0.7.0
    8542322d libcontainer: Add unit tests with userns and mounts
    55162941 Remove io/ioutil use
    6a4f4a6a libcontainer/ignoreTerminateErrors: simplify for Go 1.16+
    12e99a0f Require Go >= 1.16
    3d986766 ci/gha: install latest stable Go version
    c5ca778f ci: temporarily disable criu repo gpg check
    81fdc8ce New integration tests for user namespaces bind sources
    9c444070 Open bind mount sources from the host userns
    a80e1217 libct/intelrdt: add Root()
    794cd66d libct/system: Exec: wrap the error
    6eba68de build(deps): bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1
    e395d2dc libct: Init: remove LockOSThread
    916c6a15 libct/cg/fs2: fix GetStats for unsupported hugetlb
    f9667e63 Make DevicesGroup's "TestingSkipFinalCheck" attribute public
    2e0ceaa9 fix createDevices when no Linux section
    fae5d8b5 release: add s390x
    f95063ed Dockerfile: fix for seccomp
    7758d3fb libct/cg/sd/v2: Destroy: remove cgroups recursively
    580e43ec contrib: rm init from bash completion
    0202c398 runc exec: implement --cgroup
    cc15b887 tests: add integration test for cgroups hybrid
    a8435007 cgroups: join cgroup v2 when using hybrid mode
    39914db6 runc exec: don't skip non-existing cgroups
    7d446c63 libct/cg.WriteCgroupProcs: improve errors
    cc1d7466 exec.go: nit
    0d297b71 ci/gha: test criu-dev with latest go
    16aedc31 ci/gha: remove debug info
    3fd1851c CI/GHA: switch to OBS criu repo
    81dc5599 Dockerfile: fix apt-key warning
    2bf560fb Dockerfile: use Debian_11 repo for criu
    99ddc1be libct/cg/fs: rm m.config == nil checks
    57edce46 libct/cg: add Resources=nil unit test
    1af4ed11 libct/cg/sd/v2: move fsMgr init to NewUnifiedManager
    9a2146fa libct/cg/sd/v2: move path init to NewUnifiedManager
    39be6e97 libct/cg/fs2: minor optimization
    b14a6cf9 libct/cg/sd/v1: move path init to NewLegacyManager
    fcc48168 libct/cg/fs: document path removal
    6c5441e5 libct/cg/fs: move paths init to NewManager
    097c6d74 libct/cg: simplify getting cgroup manager
    3c8db638 script/release.sh: update libseccomp to 2.5.2
    f30244ee make release: add cross-build
    23d79aae Makefile: only build runc for static target
    d2b6899e Makefile: fixes for seccompagent
    43b36dc4 Support changing of lsm mount context on restore
    412d68d1 Vendor in go-criu v5.1.0
    163e2523 libct/cg: replace bitset with std math/big library
    6806b2c1 runc delete -f: fix for cg v1 + paused container
    e6928865 libct/cg/fs: refactor
    7d1cb320 libct/cg/fs: rename join to apply
    5c7cb837 libct/cg/fs: micro optimization
    19b542a5 libct/cg/fs: move internal code out of fs.go
    eb09df74 libct/cg/sd/v1: initPaths: minor optimization
    63c84917 libct/cg/sd/v1: optimize initPaths
    c7e0864d libct/cg/sd/v1: factor out initPaths
    dc907e8d libct/cg/sd/v*.go: nit
    d974b22a create, run: amend final errors
    9ba2f65d startContainer: minor refactor
    1545ea69 delete, start: remove newline from errors
    af641cd5 seccomp: Add test using the seccomp agent example
    08659080 build(deps): bump github.com/bits-and-blooms/bitset from 1.2.0 to 1.2.1
    622acd24 build(deps): bump github.com/opencontainers/selinux from 1.8.4 to 1.8.5
    47abdcee ci/gha: update golangci-lint to 1.42.1
    704a1878 contrib/cmd/seccompagent: fix build tags
    49137c2a ci/gha: bump shfmt to 3.3.1
    f1b703fc libct/nsenter/nsexec.c: honor _LIBCONTAINER_LOGLEVEL
    d5ffe83f libct/nsenter/nsexec.c: factor out getenv_int
    d2f49d45 libct/nsenter/nsexec.c: improve bail
    6c4a3b13 runc init: pass _LIBCONTAINER_LOGLEVEL as int
    0a3577c6 utils_linux: simplify newProcess
    51cd519e seccomp agent: Return non-zero on failures
    8b790e4f seccomp agent: Use arch SCMP_ARCH_X86_64
    4a4d4f10 Add support for seccomp actions ActKillThread and ActKillProcess
    4a751b05 seccomp: drop unnecessary const SCMP_ACT_* defines
    72b5c3ca build(deps): bump github.com/godbus/dbus/v5 from 5.0.4 to 5.0.5
    00772cae tests: add functional tests for seccomp notify
    5ae831d9 tests: add functional tests for seccomp
    e21a9ee8 contrib: add sample seccomp agent
    c64aaf0e libcontainer/specconv: extend SetupSeccomp tests
    2b025c01 Implement Seccomp Notify
    4e7aeff6 libcontainer/utils: introduce SendFds
    c55530be vendoring: Use libseccomp with notify support
    64358c4d optimize log: move WriteJSON defer as early as possible
    39d0ee18 script/release.sh: fix for opensuse
    a20c8b29 runc --debug: shorter caller info
    b55b3081 libct/logs: do not show caller in nsexec logs
    c3910e73 libct/logs: parse log level implicitly
    c4826905 libct/logs: test: make more robust
    33dcb994 libct/nsenter/nsenter_test.go: logging nits
    78b27155 libct/nsenter: test: rm misleading comments
    2c46455c libct/nsenter: test: improve TestNsenterChildLogging
    feb1fe11 libct/nsenter: test: fix TestNsenterValidPaths
    3df6a02f libct/nsenter: test: improve newPipe
    347c371b CI: Mark CGO warnings as errors
    d8da0035  *: add go-1.17+ go:build tags
    1b17ec95 libct/cg: rm "unsupported.go" files
    dbb9fc03 libct/*: remove linux build tag from some pkgs
    c5b0be78 Rm build tags from main pkg
    9ff64c3d *: rm redundant linux build tag
    895e0a5c nsenter: fix typo in bail message
    1f5798f7 improve error message when dbus-user-session is not installed
    63944578 tests/int: add a "update cpu period with pod limit set" test
    1b2adcfe libct/cg/v1: workaround CPU quota period set failure
    09b80811 Revert "libct/devices: change devices.Type to be a string"
    538ba846 libct/error.go: rm ConfigError
    6145628f configs/validate: audit all returned errors
    bbcf96f9 libct/cg/devices: stop using regex
    fb629db6 tests/int/helpers: fix shellcheck warnings
    f65276db tests/int/helpers: rm $bundle handling
    b3d14488 Add support for rdma cgroup introduced in Linux Kernel 4.11
    8d8415ee libct/logs: remove ConfigureLogging
    f77fb7a3 init.go, main.go: don't use logs.ConfigureLogging
    93937000 libcontainer/intelrdt: update code comments
    a37a89f4 libct/system: add I and P process states
    f90008ae libct/system.Stat: fix/improve/speedup
    412c6f06 libct/system/proc_test: fix, improve, add benchmark
    74ae9e0f checkpoint: resolve symlink for external bind mount(fix ci broken)
    24d318b8 Dockerfile: switch to bullseye
    9a095e44 libct/cg/sd/v1: add SkipFreezeOnSet knob
    fec49f2a libct/cg/sd/v1: add freezeBeforeSet unit test
    41043673 libct/cg/sd/v1: Fix unnecessary freeze/thaw
    a5871801 ci: add go1.17
    75761bcc Fix codespell warnings, add codespell to ci
    db8330c9 libct/nsenter: fix unused-result warning
    844d6774 CI: Validate compilation without buildtags
    51508210 libct/nsenter: nullify pointer on asprintf error
    2ab6484f libct/nsenter: no need to check size_t less than 0
    f0dbefac .cirrus.yum: retry yum if failed
    814f3ae1 libct/devices: change devices.Type to be a string
    74b5c34e .cirrus.yml: simplify
    77fb9aff build(deps): bump github.com/containerd/console from 1.0.2 to 1.0.3
    bd50e7c4 libct/cg/OpenFile: check cgroupFd on error
    ab577f6f MAINTAINERS: add Sebastiaan van Stijn
    2bab4a56 libct/nsenter: fix logging race in nsexec
    bda1bd7a build(deps): bump github.com/opencontainers/selinux from 1.8.3 to 1.8.4
    c2d9668c libct/cg/OpenFile: fix openat2 vs top cgroup dir
    1b4c30fd libcontainer/intelrdt: always run unit tests
    79d292b9 libcontainer/intelrdt: verify ClosID existence
    17e3b41d libcontainer/intelrdt: support ClosID parameter
    7296dc17 libcontainer/intelrdt: refactor clos path handling
    1cbfe234 libct/cg: rm dead code
    d0c3bc44 libct/cg: GetAllPids: optimize for go 1.16+
    363468d0 libct/cg: improve GetAllPids and readProcsFile
    504271a3 libct/cg: move GetAllPids out of utils.go
    fc99ab7e build(deps): bump github.com/opencontainers/selinux from 1.8.2 to 1.8.3
    0f94799e man/runc-run.8: document --keep option
    cb824629 proposal: add --keep to runc run
    e06465ac ci/cirrus: remove unused code
    120f7406 ci/gha: add latest criu-dev test run
    60e02b4b runc exec: fail with exit code of 255
    18f434e1 script/release.sh: make builds reproducible
    61e201ab makefile: update ldflags and add strip for static builds
    5110bd2f nsenter: remove cgroupns sync mechanism
    7a0302f0 runc init: simplify
    a91ce306 libct/*_test.go: use t.TempDir
    3bc606e9 libct/int: adapt to Go 1.15
    1eeaf113 libct/intelrdt/*_test.go: use t.TempDir
    f6a56f60 libct/cg/fs/*_test.go: use t.TempDir
    2d1645d2 libct/cg/fscommon: drop go 1.13 compatibility
    6215b2f3 ci/gha: drop Go 1.13
    a952b5aa README, go.mod: require go 1.15+
    12a1dccb Revert "libcontainer: avoid using t.Cleanup"
    015fa29a Revert "Revert "Makefile: rm go 1.13 workaround""
    5dd92fd9 libct/seccomp: skip redundant rules
    e44bee10 libct/seccomp: warn about unknown syscalls
    073e085c libct/seccomp: ConvertStringToAction: fix doc
    9f656dbb Do not use Vagrant for CentOS 7/8
    d4480164 tests/rootless.sh: fixup for "update rt" test
    86af5248 tests/int: fix "update rt period and runtime" for rootless
    cc0b1644 README.md: remove abandoned versioning policy
    87bfd20f Evaluate Cirrus CI for Vagrant tests
    a7110262 libct/cg/sd: add TestPodSkipDevicesUpdate
    52dd96db libct/cg/sd: TestFreezePodCgroup: rm explicit freeze
    f2db8798 libct/cg/sd/v1: Set: avoid unnecessary freeze/thaw
    5dc32604 libct/int/TestFreeze: test freeze/thaw via Set
    af1688a5 libct/int: allow subtests
    67cfd3d4 libct/cg/sd/v1: Set: don't overwrite r.Freezer
    d02b0061 ci/gha: run on release-* branches after a push
    57e3c541 cgroupv2: ebpf: ignore inaccessible existing programs
    fe518a06 vendor: update github.com/cilium/ebpf
    3e5c1997 libct/cg/sd: Add freezer tests
    294c4866 libct/cg/fs/freezer.GetState: report current cgroup state
    f33be7cc libct/cg/sd: Don't freeze cgroup on cgroup v2 Set
    d41a273d Update device update tests
    be1d5f83 ci: enable unconvert linter, fix its warnings
    6be088d6 tests/int/dev: add CAP_SYSLOG to /dev/kmsg tests
    9f2a1f4d deps: update to github.com/cyphar/filepath-securejoin@v0.2.3
    24d5daf5 libct/user: fix parsing long /etc/group lines
    226dfab0 libct/user: ParseGroupFilter: use TrimSpace
    120e3a77 libct/user: use []byte more, avoid allocations
    83776dd8 libcontainer: Bail on close(2) failures
    7d479e6b libcontainer: Don't close fds already closed
    e39ad650 retry unix.EINTR for container init process
    c508a7bc libct/rootfs: consolidate utils imports
    1bbeadae tests/int/no_pivot: fix for new kernels
    0229a77a libcontainer/intelrdt: privatize some ids
    8f8dfc49 libcontainer/intelrdt: move NewLastCmdError down
    00d15629 libct/intelrdt: simplify NewLastCmdError
    e0ce428b libct/intelrdt: remove NotFoundError type
    feff2c45 libct/intelrdt: fix potential nil dereference
    82498e3d libct/specconf: remove unneeded checks
    bc96a59d build(deps): bump google.golang.org/protobuf from 1.26.0 to 1.27.1
    70fdc057 Revert "checkpoint: resolve symlink for external bind mount"
    e618c02d libct/stacktrace: remove
    e918d021 libcontainer: rm own error system
    60c647a7 libct/error: rm ConsoleExists
    a7cfb23b *: stop using pkg/errors
    b60e2edf libct/cg: stop using pkg/errors
    a6cc36a8 libct/cg/ebpf: stop using pkg/errors
    f137aaa2 libct/cg/devices: stop using pkg/errors
    ebb08128 .golangci.yml: enable errorlint
    56e47804 *: ignore errorlint warnings about unix.* errors
    f6a0899b *: use errors.As and errors.Is
    5d2a11ad tty.go: don't use pkg/errors, use errors.Is
    c6fed264 libct/keys: stop using pkg/errors
    adbac31d libct: fix errorlint warning about strconv.NumError
    7be93a66 *: fmt.Errorf: use %w when appropriate
    d8ba4128 libct/rootfs: improve some errors
    36aefad4 libct: wrap unix.Mount/Unmount errors
    825335b2 libct/cg/fs2: fix/unify parsing errors
    5a186d39 libct/cg/fs: fix/unify parsing errors
    f813174d libct/cg/fscommon: introduce and use ParseError
    adcd3b44 libct/cg/fs[2]: simplify getting pid stats
    4e330942 libct/cg/fs/stats_util_test: fix errors
    563225d5 libct/StartInitialization: fix errors
    3fee59f9 libct/cg/fs/*_test: simplify errors
    fdf4e90e libct/cg/fscommon.ParseKeyValue: no need to wrap err
    627a06ad Replace fmt.Errorf w/o %-style to errors.New
    242b3283 libct/cg/fscommon: rm unused var
    92e8d9b9 libct/intelrdt: error message nits
    041caf10 VERSION: back to development
    dfc0f069 man/*: revamp
    85aabe23 C/R: let criu use its default if --work-path is not set
    e8bd33ae runc --help: improve log options description
    cf4ecaed runc update: hide --kernel* options
    4065c394 exec: rm --no-subreaper flag
    da22625f checkpoint: resolve symlink for external bind mount

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-02-02 22:45:37 -05:00
Bruce Ashfield
1af45b1490 runc: update to v1.1.0 
Bumping runc to version v1.1.0-1-gd7f7b22a, which comprises the following commits:

    d7f7b22a VERSION: back to development
    067aaf85 VERSION: release runc v1.1.0
    c0e300f1 Refuse to build runc without nsenter
    e155b332 build(deps): bump github.com/checkpoint-restore/go-criu/v5
    5c7e8981 libct/cg: rm go 1.15 compatibility
    4773769c VERSION: back to development
    55df1fc4 VERSION: release v1.1.0-rc.1
    a8f9d5de CHANGELOG: add an in-repo changelog file
    6d2067a4 script/seccomp.sh: fix argc check
    457ca62f script/release_*.sh: fix usage
    c729594c deps: update libseccomp to 2.5.3
    5d779620 tests/int: use update_config in hooks test
    9e798e26 tests/int: ability to specify binary
    97688ddf types/features: clarify MountOptions
    deb0a5f2 Mark `runc features` experimental
    382eba43 Support recursive mount attrs ("rro", "rnosuid", "rnodev", ...)
    ba935a51 Support nosymfollow mount option (kernel 5.10)
    f8c48e46 go.mod: golang.org/x/sys v0.0.0-20211116061358-0a5406a5449c
    acd8f12f release: correctly handle binary signing for "make releaseall"
    d72d057b runc init: avoid netlink message length overflows
    25112dd1 libct/intelrdt: remove unused type
    c4a61aa9 ci: enable extra linters for new code
    520702da Add `runc features` command
    02475d9c .golangci.lint: add unparam linter
    953e56c5 libct/int: runContainer: drop console arg
    6c0bfcb1 libct/cg/fs/blkio_test: ignore unparam warning
    06b3fd9d libct/cg/ebpf: drop finalize return value
    86733013 notify_socket: setupSpec: drop ctx arg and return value
    741568eb libct/cg/devices: addRule: ignore unparam warning
    fc44e3f6 tty: Close: rm return value
    36483465 tty: ClosePostStart: rm return value
    f3f4b6d1 tty: recvtty: rm process arg
    e6318635 tty: rm inheritStdio return value
    d23b8109 checkpoint: rm getDefaultImagePath arg
    dd140401 libct: fixStdioPermissions: rm config arg
    b357bc13 libct/factory: rm id param from loadState
    b950b778 libct/utils: ResolveRootfs: remove
    35d20c4e chown cgroup to process uid in container namespace
    ec0f35bc libct/system/xattrs: remove
    e9ed2000 build(deps): bump github.com/opencontainers/selinux from 1.9.1 to 1.10.0
    e3dd80fa Vagrantfile.fedora: revert excluding systemd
    1da84d1a libct/cg: TestGetHugePageSizeImpl: use t.Run
    1362291a Avoid non-op when the list of `Hooks` is empty
    f13a9325 libct/cg: HugePageSizes: simplify code and test
    39d4c8d5 libct/cg: lazy init for HugePageSizes
    a4d4c4dd libct/cg: GetHugePageSize -> HugePageSizes
    dde509df specconv: do not permit null bytes in mount fields
    50105de1 Fix failure with rw bind mount of a ro fuse
    982b9a1d libct/standard_init: fix linter warning
    643f8a2b libct/specconv: nits
    b247cd39 runc run: fix ro /dev
    029b73c1 libct/spec: replace isValidName regex with a function
    6907beca libct/specconv: remove isSecSuffix regex
    37c5fd55 libct/specconv: make parseMountOptions return Mount
    2c3792ba libct/specconv: make mountFlags and extensionFlags global
    81586e19 libct/specconv: reuse mountPropagationMapping in parseMountOptions
    8fe1e8bf libct/specconv: rm some init allocations
    712157f6 Revert "ci: temporarily disable criu repo gpg check"
    f252eb54 test/int/mount.bats: refer to github issue
    7563a8f0 libct: wrap more unix errors
    db4ad6a7 libcontainer/system: rm Prlimit
    0880c001 .cirrus.yml: silence vagrant up
    b028ecb3 Vagrantfile.fedora: exclude systemd from upgrade
    12a36265 ci/cirrus: update to Go 1.17.3
    02d527d2 go.mod: github.com/moby/sys/mountinfo v0.5.0
    0e21d56e go.mod: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359
    b2d64fed build(deps): bump github.com/checkpoint-restore/go-criu/v5
    a9bb11ec Fix the conversion of sysctl variable dots and slashes
    0f933d54 Rename package validate_test to package validate
    68c2b6a7 runc run: refuse a frozen cgroup
    d08bc0c1 runc run: warn on non-empty cgroup
    dd696235 runc exec: reject paused container unless --ignore-paused
    4b25a4e8 CI: update Fedora to 35
    7324496f tests/int: fix userns for Fedora 35
    05272718 tests/int/cgroups: fix for misc controller
    fc658fb6 build(deps): bump github.com/godbus/dbus/v5 from 5.0.5 to 5.0.6
    972aea3a libct/configs/validate: allow / in sysctl names
    95f8ecdd fix `libcontainer/integration/exec_test.go:1859:8: undefined: ioutil`
    dc473cad build(deps): bump github.com/cilium/ebpf from 0.6.2 to 0.7.0
    8542322d libcontainer: Add unit tests with userns and mounts
    55162941 Remove io/ioutil use
    6a4f4a6a libcontainer/ignoreTerminateErrors: simplify for Go 1.16+
    12e99a0f Require Go >= 1.16
    3d986766 ci/gha: install latest stable Go version
    c5ca778f ci: temporarily disable criu repo gpg check
    81fdc8ce New integration tests for user namespaces bind sources
    9c444070 Open bind mount sources from the host userns
    a80e1217 libct/intelrdt: add Root()
    794cd66d libct/system: Exec: wrap the error
    6eba68de build(deps): bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1
    e395d2dc libct: Init: remove LockOSThread
    916c6a15 libct/cg/fs2: fix GetStats for unsupported hugetlb
    f9667e63 Make DevicesGroup's "TestingSkipFinalCheck" attribute public
    2e0ceaa9 fix createDevices when no Linux section
    fae5d8b5 release: add s390x
    f95063ed Dockerfile: fix for seccomp
    7758d3fb libct/cg/sd/v2: Destroy: remove cgroups recursively
    580e43ec contrib: rm init from bash completion
    0202c398 runc exec: implement --cgroup
    cc15b887 tests: add integration test for cgroups hybrid
    a8435007 cgroups: join cgroup v2 when using hybrid mode
    39914db6 runc exec: don't skip non-existing cgroups
    7d446c63 libct/cg.WriteCgroupProcs: improve errors
    cc1d7466 exec.go: nit
    0d297b71 ci/gha: test criu-dev with latest go
    16aedc31 ci/gha: remove debug info
    3fd1851c CI/GHA: switch to OBS criu repo
    81dc5599 Dockerfile: fix apt-key warning
    2bf560fb Dockerfile: use Debian_11 repo for criu
    99ddc1be libct/cg/fs: rm m.config == nil checks
    57edce46 libct/cg: add Resources=nil unit test
    1af4ed11 libct/cg/sd/v2: move fsMgr init to NewUnifiedManager
    9a2146fa libct/cg/sd/v2: move path init to NewUnifiedManager
    39be6e97 libct/cg/fs2: minor optimization
    b14a6cf9 libct/cg/sd/v1: move path init to NewLegacyManager
    fcc48168 libct/cg/fs: document path removal
    6c5441e5 libct/cg/fs: move paths init to NewManager
    097c6d74 libct/cg: simplify getting cgroup manager
    3c8db638 script/release.sh: update libseccomp to 2.5.2
    f30244ee make release: add cross-build
    23d79aae Makefile: only build runc for static target
    d2b6899e Makefile: fixes for seccompagent
    43b36dc4 Support changing of lsm mount context on restore
    412d68d1 Vendor in go-criu v5.1.0
    163e2523 libct/cg: replace bitset with std math/big library
    6806b2c1 runc delete -f: fix for cg v1 + paused container
    e6928865 libct/cg/fs: refactor
    7d1cb320 libct/cg/fs: rename join to apply
    5c7cb837 libct/cg/fs: micro optimization
    19b542a5 libct/cg/fs: move internal code out of fs.go
    eb09df74 libct/cg/sd/v1: initPaths: minor optimization
    63c84917 libct/cg/sd/v1: optimize initPaths
    c7e0864d libct/cg/sd/v1: factor out initPaths
    dc907e8d libct/cg/sd/v*.go: nit
    d974b22a create, run: amend final errors
    9ba2f65d startContainer: minor refactor
    1545ea69 delete, start: remove newline from errors
    af641cd5 seccomp: Add test using the seccomp agent example
    08659080 build(deps): bump github.com/bits-and-blooms/bitset from 1.2.0 to 1.2.1
    622acd24 build(deps): bump github.com/opencontainers/selinux from 1.8.4 to 1.8.5
    47abdcee ci/gha: update golangci-lint to 1.42.1
    704a1878 contrib/cmd/seccompagent: fix build tags
    49137c2a ci/gha: bump shfmt to 3.3.1
    f1b703fc libct/nsenter/nsexec.c: honor _LIBCONTAINER_LOGLEVEL
    d5ffe83f libct/nsenter/nsexec.c: factor out getenv_int
    d2f49d45 libct/nsenter/nsexec.c: improve bail
    6c4a3b13 runc init: pass _LIBCONTAINER_LOGLEVEL as int
    0a3577c6 utils_linux: simplify newProcess
    51cd519e seccomp agent: Return non-zero on failures
    8b790e4f seccomp agent: Use arch SCMP_ARCH_X86_64
    4a4d4f10 Add support for seccomp actions ActKillThread and ActKillProcess
    4a751b05 seccomp: drop unnecessary const SCMP_ACT_* defines
    72b5c3ca build(deps): bump github.com/godbus/dbus/v5 from 5.0.4 to 5.0.5
    00772cae tests: add functional tests for seccomp notify
    5ae831d9 tests: add functional tests for seccomp
    e21a9ee8 contrib: add sample seccomp agent
    c64aaf0e libcontainer/specconv: extend SetupSeccomp tests
    2b025c01 Implement Seccomp Notify
    4e7aeff6 libcontainer/utils: introduce SendFds
    c55530be vendoring: Use libseccomp with notify support
    64358c4d optimize log: move WriteJSON defer as early as possible
    39d0ee18 script/release.sh: fix for opensuse
    a20c8b29 runc --debug: shorter caller info
    b55b3081 libct/logs: do not show caller in nsexec logs
    c3910e73 libct/logs: parse log level implicitly
    c4826905 libct/logs: test: make more robust
    33dcb994 libct/nsenter/nsenter_test.go: logging nits
    78b27155 libct/nsenter: test: rm misleading comments
    2c46455c libct/nsenter: test: improve TestNsenterChildLogging
    feb1fe11 libct/nsenter: test: fix TestNsenterValidPaths
    3df6a02f libct/nsenter: test: improve newPipe
    347c371b CI: Mark CGO warnings as errors
    d8da0035  *: add go-1.17+ go:build tags
    1b17ec95 libct/cg: rm "unsupported.go" files
    dbb9fc03 libct/*: remove linux build tag from some pkgs
    c5b0be78 Rm build tags from main pkg
    9ff64c3d *: rm redundant linux build tag
    895e0a5c nsenter: fix typo in bail message
    1f5798f7 improve error message when dbus-user-session is not installed
    63944578 tests/int: add a "update cpu period with pod limit set" test
    1b2adcfe libct/cg/v1: workaround CPU quota period set failure
    09b80811 Revert "libct/devices: change devices.Type to be a string"
    538ba846 libct/error.go: rm ConfigError
    6145628f configs/validate: audit all returned errors
    bbcf96f9 libct/cg/devices: stop using regex
    fb629db6 tests/int/helpers: fix shellcheck warnings
    f65276db tests/int/helpers: rm $bundle handling
    b3d14488 Add support for rdma cgroup introduced in Linux Kernel 4.11
    8d8415ee libct/logs: remove ConfigureLogging
    f77fb7a3 init.go, main.go: don't use logs.ConfigureLogging
    93937000 libcontainer/intelrdt: update code comments
    a37a89f4 libct/system: add I and P process states
    f90008ae libct/system.Stat: fix/improve/speedup
    412c6f06 libct/system/proc_test: fix, improve, add benchmark
    74ae9e0f checkpoint: resolve symlink for external bind mount(fix ci broken)
    24d318b8 Dockerfile: switch to bullseye
    9a095e44 libct/cg/sd/v1: add SkipFreezeOnSet knob
    fec49f2a libct/cg/sd/v1: add freezeBeforeSet unit test
    41043673 libct/cg/sd/v1: Fix unnecessary freeze/thaw
    a5871801 ci: add go1.17
    75761bcc Fix codespell warnings, add codespell to ci
    db8330c9 libct/nsenter: fix unused-result warning
    844d6774 CI: Validate compilation without buildtags
    51508210 libct/nsenter: nullify pointer on asprintf error
    2ab6484f libct/nsenter: no need to check size_t less than 0
    f0dbefac .cirrus.yum: retry yum if failed
    814f3ae1 libct/devices: change devices.Type to be a string
    74b5c34e .cirrus.yml: simplify
    77fb9aff build(deps): bump github.com/containerd/console from 1.0.2 to 1.0.3
    bd50e7c4 libct/cg/OpenFile: check cgroupFd on error
    ab577f6f MAINTAINERS: add Sebastiaan van Stijn
    2bab4a56 libct/nsenter: fix logging race in nsexec
    bda1bd7a build(deps): bump github.com/opencontainers/selinux from 1.8.3 to 1.8.4
    c2d9668c libct/cg/OpenFile: fix openat2 vs top cgroup dir
    1b4c30fd libcontainer/intelrdt: always run unit tests
    79d292b9 libcontainer/intelrdt: verify ClosID existence
    17e3b41d libcontainer/intelrdt: support ClosID parameter
    7296dc17 libcontainer/intelrdt: refactor clos path handling
    1cbfe234 libct/cg: rm dead code
    d0c3bc44 libct/cg: GetAllPids: optimize for go 1.16+
    363468d0 libct/cg: improve GetAllPids and readProcsFile
    504271a3 libct/cg: move GetAllPids out of utils.go
    fc99ab7e build(deps): bump github.com/opencontainers/selinux from 1.8.2 to 1.8.3
    0f94799e man/runc-run.8: document --keep option
    cb824629 proposal: add --keep to runc run
    e06465ac ci/cirrus: remove unused code
    120f7406 ci/gha: add latest criu-dev test run
    60e02b4b runc exec: fail with exit code of 255
    18f434e1 script/release.sh: make builds reproducible
    61e201ab makefile: update ldflags and add strip for static builds
    5110bd2f nsenter: remove cgroupns sync mechanism
    7a0302f0 runc init: simplify
    a91ce306 libct/*_test.go: use t.TempDir
    3bc606e9 libct/int: adapt to Go 1.15
    1eeaf113 libct/intelrdt/*_test.go: use t.TempDir
    f6a56f60 libct/cg/fs/*_test.go: use t.TempDir
    2d1645d2 libct/cg/fscommon: drop go 1.13 compatibility
    6215b2f3 ci/gha: drop Go 1.13
    a952b5aa README, go.mod: require go 1.15+
    12a1dccb Revert "libcontainer: avoid using t.Cleanup"
    015fa29a Revert "Revert "Makefile: rm go 1.13 workaround""
    5dd92fd9 libct/seccomp: skip redundant rules
    e44bee10 libct/seccomp: warn about unknown syscalls
    073e085c libct/seccomp: ConvertStringToAction: fix doc
    9f656dbb Do not use Vagrant for CentOS 7/8
    d4480164 tests/rootless.sh: fixup for "update rt" test
    86af5248 tests/int: fix "update rt period and runtime" for rootless
    cc0b1644 README.md: remove abandoned versioning policy
    87bfd20f Evaluate Cirrus CI for Vagrant tests
    a7110262 libct/cg/sd: add TestPodSkipDevicesUpdate
    52dd96db libct/cg/sd: TestFreezePodCgroup: rm explicit freeze
    f2db8798 libct/cg/sd/v1: Set: avoid unnecessary freeze/thaw
    5dc32604 libct/int/TestFreeze: test freeze/thaw via Set
    af1688a5 libct/int: allow subtests
    67cfd3d4 libct/cg/sd/v1: Set: don't overwrite r.Freezer
    d02b0061 ci/gha: run on release-* branches after a push
    57e3c541 cgroupv2: ebpf: ignore inaccessible existing programs
    fe518a06 vendor: update github.com/cilium/ebpf
    3e5c1997 libct/cg/sd: Add freezer tests
    294c4866 libct/cg/fs/freezer.GetState: report current cgroup state
    f33be7cc libct/cg/sd: Don't freeze cgroup on cgroup v2 Set
    d41a273d Update device update tests
    be1d5f83 ci: enable unconvert linter, fix its warnings
    6be088d6 tests/int/dev: add CAP_SYSLOG to /dev/kmsg tests
    9f2a1f4d deps: update to github.com/cyphar/filepath-securejoin@v0.2.3
    24d5daf5 libct/user: fix parsing long /etc/group lines
    226dfab0 libct/user: ParseGroupFilter: use TrimSpace
    120e3a77 libct/user: use []byte more, avoid allocations
    83776dd8 libcontainer: Bail on close(2) failures
    7d479e6b libcontainer: Don't close fds already closed
    e39ad650 retry unix.EINTR for container init process
    c508a7bc libct/rootfs: consolidate utils imports
    1bbeadae tests/int/no_pivot: fix for new kernels
    0229a77a libcontainer/intelrdt: privatize some ids
    8f8dfc49 libcontainer/intelrdt: move NewLastCmdError down
    00d15629 libct/intelrdt: simplify NewLastCmdError
    e0ce428b libct/intelrdt: remove NotFoundError type
    feff2c45 libct/intelrdt: fix potential nil dereference
    82498e3d libct/specconf: remove unneeded checks
    bc96a59d build(deps): bump google.golang.org/protobuf from 1.26.0 to 1.27.1
    70fdc057 Revert "checkpoint: resolve symlink for external bind mount"
    e618c02d libct/stacktrace: remove
    e918d021 libcontainer: rm own error system
    60c647a7 libct/error: rm ConsoleExists
    a7cfb23b *: stop using pkg/errors
    b60e2edf libct/cg: stop using pkg/errors
    a6cc36a8 libct/cg/ebpf: stop using pkg/errors
    f137aaa2 libct/cg/devices: stop using pkg/errors
    ebb08128 .golangci.yml: enable errorlint
    56e47804 *: ignore errorlint warnings about unix.* errors
    f6a0899b *: use errors.As and errors.Is
    5d2a11ad tty.go: don't use pkg/errors, use errors.Is
    c6fed264 libct/keys: stop using pkg/errors
    adbac31d libct: fix errorlint warning about strconv.NumError
    7be93a66 *: fmt.Errorf: use %w when appropriate
    d8ba4128 libct/rootfs: improve some errors
    36aefad4 libct: wrap unix.Mount/Unmount errors
    825335b2 libct/cg/fs2: fix/unify parsing errors
    5a186d39 libct/cg/fs: fix/unify parsing errors
    f813174d libct/cg/fscommon: introduce and use ParseError
    adcd3b44 libct/cg/fs[2]: simplify getting pid stats
    4e330942 libct/cg/fs/stats_util_test: fix errors
    563225d5 libct/StartInitialization: fix errors
    3fee59f9 libct/cg/fs/*_test: simplify errors
    fdf4e90e libct/cg/fscommon.ParseKeyValue: no need to wrap err
    627a06ad Replace fmt.Errorf w/o %-style to errors.New
    242b3283 libct/cg/fscommon: rm unused var
    92e8d9b9 libct/intelrdt: error message nits
    041caf10 VERSION: back to development
    dfc0f069 man/*: revamp
    85aabe23 C/R: let criu use its default if --work-path is not set
    e8bd33ae runc --help: improve log options description
    cf4ecaed runc update: hide --kernel* options
    4065c394 exec: rm --no-subreaper flag
    da22625f checkpoint: resolve symlink for external bind mount

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-02-02 22:45:37 -05:00
Bruce Ashfield
198eb61ae3 python3-dtc: add SRCPV and fix missing symbol 
We need some of the latest dtc functionality for lopper, but that
puts us out of sync with the main dtc recipe in oe-core master.

To show that we are running ahead, bumping the PV to include SRCPV.

To fix the following missing symbol:

| ImportError: qemuarm64-poky-linux/xen-image-minimal/1.0-r0/recipe-sysroot-native/usr/lib/python3.10/site-packages/_libfdt.cpython-310-x86_64-linux-gnu.so: undefined symbol: fdt_overlay_target_offset

We revert the commit that introduces it (since we don't need that
functionality), and will drop our revert when oe-core updates to
a similar version.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-01-19 13:18:15 -05:00
Kamil Dziezyk
b0c10d29cb xen: Clear TUNE_CCARGS for Xen build for aarch64 machines 
Xen build may fail for arm machines that have enabled extra flags,
that can be enabled only for specific architecture version, e.g. armv8-2a.

Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Acked-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-01-18 22:43:28 -05:00
Kamil Dziezyk
44dad5105d xen-tools: Load xen related kernel modules during system boot 
This patch changes the location of xen.conf file, that contains list of kernel
modules to be loaded during system boot, to "${nonarch_libdir}". This is done
by removing '--with-systemd-modules-load=' flag from EXTRA_OECONF variable.

Previous path based on "${systemd_unitdir}" was not considered by default by
systemd-modules-load.service.

Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
Acked-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-01-18 22:43:28 -05:00
Bruce Ashfield
cb0884d16e python3-dtc: update to version v1.6.1-39-g4048aed 
As part of this update:

  - we drop our backported patches
  - simplify the recipe to use setuptools-scm
  - remove the need to generate version_gen.h
  - adapt to setup.py at ${S}
  - and include following commits:

    4048aed setup.py: fix out of tree build
    ff5afb9 Handle integer overflow in check_property_phandle_args()
    ca72944 README: Explain how to add a new API function
    c0c2e11 Fix a UB when fdt_get_string return null
    cd5f69c tests: setprop_inplace: use xstrdup instead of unchecked strdup
    a04f690 pylibfdt: add Property.as_*int*_array()
    8310271 pylibfdt: add Property.as_stringlist()
    d152126 Fix Python crash on getprop deallocation
    17739b7 Support 'r' format for printing raw bytes with fdtget
    45f3d1a libfdt: overlay: make overlay_get_target() public
    c19a4ba libfdt: fix an incorrect integer promotion
    1cc41b1 pylibfdt: Add packaging metadata
    db72398 README: Update pylibfdt install instructions
    383e148 pylibfdt: fix with Python 3.10
    23b56cb pylibfdt: Move setup.py to the top level
    69a7607 pylibfdt: Split setup.py author name and email
    0b106a7 pylibfdt: Use setuptools_scm for the version
    c691776 pylibfdt: Use setuptools instead of distutils
    5216f3f libfdt: Add static lib to meson build
    4eda259 CI: Cirrus: bump used FreeBSD from 12.1 to 13.0
    0a3a9d3 checks: Add an interrupt-map check
    8fd2474 checks: Ensure '#interrupt-cells' only exists in interrupt providers
    d8d1a9a checks: Drop interrupt provider '#address-cells' check
    52a16fd checks: Make interrupt_provider check dependent on interrupts_extended_is_cell
    37fd700 treesource: Maintain phandle label/path on output
    e33ce1d flattree: Use '\n', not ';' to separate asm pseudo-ops
    d24cc18 asm: Use assembler macros instead of cpp macros
    ff3a30c asm: Use .asciz and .ascii instead of .string
    5eb5927 fdtdump: fix -Werror=int-to-pointer-cast
    0869f82 libfdt: Add ALIGNMENT error string
    69595a1 checks: Fix bus-range check
    72d09e2 Makefile: add -Wsign-compare to warning options
    b587787 checks: Fix signedness comparisons warnings
    69bed6c dtc: Wrap phandle validity check
    9102211 fdtget: Fix signedness comparisons warnings
    d966f08 tests: Fix signedness comparisons warnings
    ecfb438 dtc: Fix signedness comparisons warnings: pointer diff
    5bec74a dtc: Fix signedness comparisons warnings: reservednum
    24e7f51 fdtdump: Fix signedness comparisons warnings
    b6910be Bump version to v1.6.1

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-01-18 08:36:55 -05:00
Ross Burton
34c2f32ec1 python3-dtc: fix packaging by using setuptools 
Inheriting setuptools3-base doesn't actually define any tasks, so commit
1ef6050 to drop distutils3 had the side-effect of not building any code.

Backport a commit from upstream to switch to setuptools, inherit
setuptool3, and change DISTUTILS_SETUP_PATH to SETUPTOOLS_SETUP_PATH.

Signed-off-by: Ross Burton <ross.burton@arm.com>
 2022-01-17 13:05:06 -05:00
Changqing Li
4667e968df openvswitch: systemd: add option -p for mkir command 
To avoid "cannot create directory '/var/log/openvswitch': File exists"
when service is restart

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-01-16 22:59:09 -05:00
Bruce Ashfield
9437f7060b go-fsnotify: update to v1.5.1 
Bumping fsnotify to version v1.5.1-7-gaf855d7

We update the license checksum, due to new copyright dates, and include
the following commits:

    af855d7 Final Notice: Maintainers Wanted
    62a598a maintainers wanted
    d696f5c revise contributing
    6e1d4e4 update readme
    83f9fe6 Test on Go 1.18 and two most recent versions (#411)
    0aba082 Update issue templates (#410)
    3eb7fa4 Removed dead link
    466b39d prepare 1.5.1, retract 1.5.0
    b98ede5 Revert "Add AddRaw to not follow symlinks + Fix link folloing on Windows (#289)"
    dfdb645 revise pull request template
    08848a0 v1.5.0 preparation (#380)
    e2e9517 Add AddRaw to not follow symlinks + Fix link folloing on Windows (#289)
    82ee6f3 Update test matrix for go 1.17 stable release (#385)
    16f0d42 add //go:build lines + add 1.17.0-rc2 to test matrix (#377)
    cc8365b Update x/sys to latest (#379)
    2fb15b1 Drop support/testing for Go 1.11 and earlier (#381)
    5ce1ba4 Remove Travis CI and references
    ed6d2f5 Add lint+vet+old versions to GitHub Action
    42e9219 introduce GitHub Actions
    7f4cf4d Fix unsafe pointer conversion (#325)
    45d7d09 Move example usage to the readme
    4bf2d1f Updating the FAQ section for supportability with NFS & FUSE filesystems.
    dc27d96 drop 1.8.x from Travis CI
    fce5a44 2019
    ecf2c4d revise editor config
    0a05407 Add Go modules
    ab058b4 readme: plan to support fanotify
    924410f Open files with CLOEXEC
    1485a34 Also create epoll and pipe fds with close-on-exec (#155) (#219)
    11844c0 readme: remove AppVeyor badge
    85de84f Add windows to travis matrix
    2216558 Fix lint issue with error doc string
    9152fb1 only run golint on latest version of go
    ccc981b Check if channels are closed in the example (#244)
    1f285c6 darwin tests: Exchangedata is deprecated on 10.13
    7b866c9 travis: less verbose tests
    8ba2b19 [#234] t.Fatalf -> t.Errorf in go routines (#266)
    70cc4a1 Fix TestInotifyOverflow (#265)
    1d13583 TravisCI: updating test versions
    c282820 v1.4.7
    a6f391c travis: test on Go 1.9.x
    ea33dcb Fix missing verb on format string (#228)
    3d33f50 Fix possible deadlock on closing the watcher on kqueue (#230)
    4da3e2c Fix deadlock in Remove (linux/inotify)
    ff7bc41 Watch.Add improvements (avoid race, fix consistency, reduce garbage) (#189)
    7d7316e travis: update for Go 1.8
    a904159 Moved FAQ into the README
    fd9ec7d Properly handle inotify's IN_Q_OVERFLOW event (#149)
    bd2828f replace references to OS X with macOS
    629574c v1.4.2
    abf5e85 pull request and issue template (#179)
    11054bc Create inotify fd with close-on-exec (#178)
    944cff2 v1.4.1
    5c1390e deflake inotify stress test (#177)
    b4f2a68 rm go1.5.4 from travis config since the linter doesn't build in 1.5 (#175)
    c07fd86 readme: remove gocover.io badge
    b3baf18 update link to contributing to external git repos
    26b17cd v1.4.0
    c3181d8 add @oozie to AUTHORS
    55579be Add a String() func to Event.Op (#165)
    f12c623 Bump Travis to Go 1.6.3 (#156)
    a8a77c9 v1.3.1
    51d3cc5 Use filepath.Join() (#153)
    30411db global: switch to x/sys/unix
    836bfd9 Update Travis config to Go 1.5.4 and 1.6.1

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-01-14 13:31:32 -05:00
Bruce Ashfield
82f9025ab2 go-fsnotify: switch to main branch 
The upstream project has changed from master -> main, so we update
our branch to match .. otherwise, we fail the fetch!

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-01-14 13:31:32 -05:00
Bruce Ashfield
1ef60507d1 python3-dtc: drop distutils3 usage 
distutils is depreciated, so we switch to setuptools3-base to avoid
the OE core warning.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-01-13 12:20:25 -05:00
Bruce Ashfield
88d6fa982a Revert "Revert "kernel: drop 5.14 .inc"" 
5.14 has been removed from core, we can now go ahead with this
removal.

This reverts commit 22628b76c9.
 2022-01-13 08:46:34 -05:00
Bruce Ashfield
22628b76c9 Revert "kernel: drop 5.14 .inc" 
The removal of the .inc was pushed prematurely. We'll remove it
again, once 5.14 is removed from core and 5.15 is the default.

This reverts commit 79e0e4598c.
 2022-01-12 08:42:43 -05:00
Bruce Ashfield
091d654875 busybox-initrd: update to 1.35.0 
OE core commit a7d5150b621c2ab4e4 has bumped busybox to 1.35.0, so
we update our initrd recipe accordingly.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-01-11 08:20:26 -05:00
Bruce Ashfield
79e0e4598c kernel: drop 5.14 .inc 
5.14 has been removed from core, and is EOL upstream. We drop our 5.15
.inc file to match that status.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-01-10 13:34:44 -05:00
Bruce Ashfield
db7647c53e kubernetes: update to v1.23.2 
Bumping kubernetes to version v1.23.2-rc.0-26-gfa546d8cc76, which comprises the following commits:

    cce0b96068c fix nil pointer in create secret commands
    27a66989d0f Fix order of commands in the snapshot tests for persistent volumes
    cc6c36f286d client-go: Clear the ResourceVersionMatch on paged list calls
    271a9f0e58d Improving performance of EndpointSlice controller metrics cache
    98cc4f9e96a fix the error when cleaning up jobs for cronjob
    6ca361089db Update CHANGELOG to add missing release notes.
    40d718778d4 apf: ensure exempt request notes the classification
    77b0a633575 Update CHANGELOG/CHANGELOG-1.23.md for v1.23.1
    aef116487af Release commit for Kubernetes v1.23.2-rc.0
    86ec240af8c Release commit for Kubernetes v1.23.1
    1292aee8707 add gce loadbalancer no-op finalizer and existingFwdRule tests
    40c6f562eb3 disable gce service handling if has rbs forwarding rule
    41b00595137 add ELBRbsFinalizer
    036fd24b91c add gce elb rbs opt-in annotation
    78e8cb0743c cherry pick of knp 0.0.27
    0072226ca87 Re-introduce removed kubectl --dry-run values.
    c237c5c78fc Point flowcontrol users at v1beta2
    c836ebae52f [go1.17] Update to go1.17.5
    d065f7ffe77 dependencies: Update golang.org/x/net to v0.0.0-20211209124913-491a49abca63
    ea103cb23a9 mount-utils: Detect potential stale file handle
    1346242fd57 Skip creating HNS loadbalancer with empty endpoints
    38a678fccfb Add regression test for CPUManager distribute NUMA algorithm
    6d437c7e827 Add unit test for CPUManager distribute NUMA algorithm verifying fixes
    53fd9db1629 Fix accounting bug in CPUManager distribute NUMA policy
    9cb973ac5ee Fix error handling in CPUManager distribute NUMA tests
    462f3c90b05 Add a sum() helper to the CPUManager cpuassignment logic
    03666ecf4fc Allow the map.Values() function in the CPUManager to take a set of keys
    22b6be8c2cb Fix CPUManager algo to calculate min NUMA nodes needed for distribution
    471dd78f5ea Fix unit tests following bug fix in CPUManager for map functions (2/2)
    1db0c5136e7 Fix unit tests following bug fix in CPUManager for map functions (1/2)
    18392c0c4ca Fix bug in CPUManager map.Keys() and map.Values() implementations
    4c7bcbddd62 Ensure we balance across *all* NUMA nodes in NUMA distribution algo
    d1248480b20 Short-circuit CPUManager distribute NUMA algo for unusable cpuGroupSize
    3a9b3072612 Round the CPUManager mean and stddev calculations to the nearest 1000th
    5fc309181ab updated deprecation messages from 1.23 to 1.24
    f94a022c1bb kubelet: set failed phase during graceful shutdown
    b63d5a805b3 kubeadm: avoid requiring a CA key during kubeconfig expiration checks
    a18dbc12a46 kubeadm: print the CA of kubeconfig files in "check expiration"
    880e0ac50f7 kubeadm: validate local etcd certficates during expiration checks
    f9c8af54ccb publishing-bot/doc: add component-helpers to the readme
    3245fe216f2 publishing-bot/rules: remove non existing component-helpers branch 1.19 from the rules
    57f88ec404e Changelog: mention kube-scheduler bits deprication
    f42cbbbff43 rbd: initialize ceph monitors slice with an empty value.
    0a1d2914614 Direct v2betaX users to migrate to HPA v2
    064a272ee03 DelegateFSGroupToCSIDriver e2e: skip tests with chgrp
    dd1b0a12471 Update CHANGELOG/CHANGELOG-1.23.md for v1.23.0
    8aef834386e [go1.17] Update to go1.17.4

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2022-01-06 21:20:15 -05:00
Bruce Ashfield
3638a8848a cloud-init: update to 21.4 
Bumping cloud-init to version 21.4-47-ga97fd062

 - patch refresh
 - add bash to RDPENDS

Commit summary:

    a97fd062 Add .git-blame-ignore-revs (#1161)
    bae9b11d Adopt Black and isort (SC-700) (#1157)
    2bcf4fa9 Include dpkg frontend lock in APT_LOCK_FILES (#1153)
    3da3bdae tests/cmd/query: fix test run as root and add coverage for defaults (#1156)
    9a6e65a2 Schema processing changes (SC-676) (#1144)
    35711700 Add dependency workaround for impish in bddeb (#1148)
    3303b704 netbsd: install new dep packages (#1151)
    f4692c5d find_devs_with_openbsd: ensure we return the last entry (#1149)
    e9634266 sources/azure: remove unnecessary hostname bounce (#1143)
    24739592 find_devs/openbsd: accept ISO on disk (#1132)
    b591e9db Improve error log message when mount failed (#1140)
    8df8f43a add KsenijaS as a contributor (#1145)
    6760bf14 travis - don't run integration tests if no deb (#1139)
    65c2cfd7 factor out function for getting top level directory of cloudinit (#1136)
    b21afb0a testing: Add deterministic test id (#1138)
    2969ceaa mock sleep() in azure test (#1137)
    0ed00ad9 Add miraclelinux support (#1128)
    cd40789a docs: Make MACs lowercase in network config (#1135)
    bedac77e Add Strict Metaschema Validation (#1101)
    f428ed16 update dead link (#1133)
    0e25076b cloudinit/net: handle two different routes for the same ip (#1124)
    6e39613d docs: pin mistune dependency (#1134)
    039c40f9 Reorganize unit test locations under tests/unittests (#1126)
    ffa6fc88 Fix exception when no activator found (#1129)
    0fe96a44 jinja: provide and document jinja-safe key aliases in instance-data (SC-622) (#1123)
    ff10fc09 testing: Remove date from final_message test (SC-638) (#1127)
    cf38c2cb Move GCE metadata fetch to init-local (SC-502) (#1122)
    a1cf55e5 Fix missing metadata routes for vultr (#1125)
    c39d4f45 cc_ssh_authkey_fingerprints.py: prevent duplicate messages on console (#1081)
    4bf4de25 sources/azure: remove unused remnants related to agent command (#1119)
    32860627 github: update PR template's contributing URL (#1120)
    b36b4e2f docs: Rename HACKING.rst to CONTRIBUTING.rst (#1118)
    31daf667 testing: monkeypatch system_info call in unit tests (SC-533) (#1117)
    1343584d Fix Vultr timeout and wait values (#1113)
    7ebf04e3 lxd: add preference for LXD cloud-init.* config keys over user keys (#1108)
    3c6b594b VMware: source /etc/network/interfaces.d/* on Debian
    62721ae7 Add cjp256 as contributor (#1109)
    36adb6da integration_tests: Ensure log directory exists before symlinking to it (#1110)
    7f03da35 testing: add growpart integration test (#1104)
    8c52bb3f integration_test: Speed up CI run time (#1111)
    f0af9f78 Some miscellaneous integration test fixes (SC-606) (#1103)
    918d69a0 tests: specialize lxd_discovery test for lxd_vm vendordata (#1106)
    22150a20 Add convenience symlink to integration test output (#1105)
    fff6de4a Fix for set-name bug in networkd renderer (#1100)
    3d150688 Wait for apt lock (#1034)
    6421a202 testing: stop chef test from running on openstack (#1102)
    820e3d1c alpine.py: add options to the apk upgrade command (#1089)
    db6084bd Release 21.4 (#1091)
    ff415cad Azure: fallback nic needs to be reevaluated during reprovisioning (#1094)
    48467aa3 azure: pps imds (#1093)
    d54e23bf testing: Remove calls to 'install_new_cloud_init' (#1092)
    77376534 Add LXD datasource (#1040)
    b1beb538 Fix unhandled apt_configure case. (#1065)
    a90d8338 Allow libexec for hotplug (#1088)
    0f8428f6 Add necessary mocks to test_ovf unit tests (#1087)
    28581988 Remove (deprecated) apt-key (#1068)
    d4fe4bf5 distros: Remove a completed "TODO" comment (#1086)
    d77d6bf1 cc_ssh.py: Add configuration for controlling ssh-keygen output (#1083)
    1d01da5d Add "install hotplug" module (SC-476) (#1069)
    75b26b0a hosts.alpine.tmpl: rearrange the order of short and long hostnames (#1084)
    994339ae Add max version to docutils
    e6f15ae5 cloudinit/dmi.py: Change warning to debug to prevent console display (#1082)
    a8380a12 remove unnecessary EOF string in disable-sshd-keygen-if-cloud-init-active.conf (#1075)
    a4236c37 Add module 'write-files-deferred' executed in stage 'final' (#916)
    81f6aa16 Bump pycloudlib to fix CI (#1080)
    2db71334 Remove pin in dependencies for jsonschema (#1078)
    6cf9dc87 Add "Google" as possible system-product-name (#1077)
    2107ad01 Update Debian security suite for bullseye (#1076)
    8c89009e Leave the details of service management to the distro (#1074)
    3a6bee59 Fix typos in setup.py (#1059)
    150fd30e Update Azure _unpickle (SC-500) (#1067)
    ee296ced cc_ssh.py: fix private key group owner and permissions (#1070)
    a0a68a24 VMware: read network-config from ISO (#1066)
    70f0ee78 testing: mock sleep in gce unit tests (#1072)
    62c2a56e CloudStack: fix data-server DNS resolution (#1004)
    125dcb28 Fix unit test broken by pyyaml upgrade (#1071)
    a9501251 testing: add get_cloud function (SC-461) (#1038)
    b3e31ba2 Inhibit sshd-keygen@.service if cloud-init is active (#1028)
    76166caf VMWARE: search the deployPkg plugin in multiarch dir (#1061)
    ca0da042 Fix set-name/interface DNS bug (#1058)
    1ee2f3c3 Use specified tmp location for growpart (#1046)
    048a825c .gitignore: ignore tags file for ctags users (#1057)
    725a7f7f Allow comments in runcmd and report failed commands correctly (#1049)
    fd595774 tox integration: pass the *_proxy, GOOGLE_*, GCP_* env vars (#1050)
    9c147e83 Allow disabling of network activation (SC-307) (#1048)
    3d2bac8b renderer: convert relative imports to absolute (#1052)
    1bbb67ca Support ETHx_IP6_GATEWAY, SET_HOSTNAME on OpenNebula (#1045)
    de166ec3 integration-requirements: bump the pycloudlib commit (#1047)
    81a8f0a6 lp-to-git-users: adding vholer (#1044)
    591e97da Allow Vultr to set MTU and use as-is configs (#1037)
    392c3262 pin jsonschema in requirements.txt (#1043)
    ba083245 testing: remove cloud_tests (#1020)
    934c8d71 Add andgein as contributor (#1042)
    82d6f564 Make wording for module frequency consistent (#1039)
    2d67c1b9 Use ascii code for growpart (#1036)
    21aec00f Add jshen28 as contributor (#1035)
    c29c5b1d Skip test_cache_purged_on_version_change on Azure (#1033)
    8cebc449 Remove invalid ssh_import_id from examples (#1031)
    244af3f4 Cleanup Vultr support (#987)
    24a15e9c docs: update cc_disk_setup for fs to raw disk (#1017)
    a1e78b2e HACKING.rst: change contact info to James Falcon (#1030)
    089a307d tox: bump the pinned flake8 and pylint version (#1029)
    e27c3074 Add retries to DataSourceGCE.py when connecting to GCE (#1005)
    dc227869 Set Azure to apply networking config every BOOT (#1023)
    612e3908 Add connectivity_url to Oracle's EphemeralDHCPv4 (#988)
    cb82a450 docs: fix typo and include sudo for report bugs commands (#1022)
    5ea2c669 VMware: Fix typo introduced in #947 and add test (#1019)
    d4fe7bc4 Update IPv6 entries in /etc/hosts (#1021)
    023f97d4 Integration test upgrades for the 21.3-1 SRU (#1001)
    26a92b0d Add Jille to tools/.github-cla-signers (#1016)
    f3cc9494 Improve ug_util.py (#1013)
    f4c47e3e Support openEuler OS (#1012)
    2ce85724 ssh_utils.py: ignore when sshd_config options are not key/value pairs (#1007)
    e69a8874 Set Azure to only update metadata on BOOT_NEW_INSTANCE (#1006)
    7fe0f900 cc_update_etc_hosts: Use the distribution-defined path for the hosts file (#983)
    f6c71fd7 Add CloudLinux OS support (#1003)
    db72c841 puppet config: add the start_agent option (#1002)
    58c2de4c Fix `make style-check` errors (#1000)
    76cff793 Make cloud-id copyright year (#991)
    7fc3f08e Add support to accept-ra in networkd renderer (#999)
    de8931ed Update ds-identify to pass shellcheck (#979)
    28e56d99 Azure: Retry dhcp on timeouts when polling reprovisiondata (#998)
    6803368d testing: Fix ssh keys integration test (#992)
    03ee10cd Release 21.3 (#993)
    3ec8ddde Azure: During primary nic detection, check interface status continuously before rebinding again (#990)
    7d3f5d75 Fix home permissions modified by ssh module (SC-338) (#984)
    94679e17 Add integration test for sensitive jinja substitution (#986)
    776bd363 Ignore hotplug socket when collecting logs (#985)
    3e63025a testing: Add missing mocks to test_vmware.py (#982)
    0bf8d575 add Zadara Edge Cloud Platform to the supported clouds list (#963)
    b9c96b4f testing: skip upgrade tests on LXD VMs (#980)
    65607405 Only invoke hotplug socket when functionality is enabled (#952)
    f516a7d3 Revert unnecesary lcase in ds-identify (#978)
    04047438 cc_resolv_conf: fix typos (#969)
    1c3b10b5 Replace broken httpretty tests with mock (SC-324) (#973)
    e119cece Azure: Check if interface is up after sleep when trying to bring it up (#972)
    7781dec3 Update dscheck_VMware's rpctool check (#970)
    82a30e6d Azure: Logging the detected interfaces (#968)
    b9d308b4 Change netifaces dependency to 0.10.4 (#965)
    d3271217 Azure: Limit polling network metadata on connection errors (#961)
    c62cb3af Update inconsistent indentation (#962)
    9893dfcd cc_puppet: support AIO installations and more (#960)
    3c858591 Add Puppet contributors to CLA signers (#964)
    8b4a9bc7 Datasource for VMware (#953)
    049d62b6 photon: refactor hostname handling and add networkd activator (#958)
    00dbaf1e Stop copying ssh system keys and check folder permissions (#956)
    13b6a857 testing: port remaining cloud tests to integration testing framework (SC-191) (#955)
    8f42eb54 generate contents for ovf-env.xml when provisioning via IMDS (#959)
    3d9c862b Add support for EuroLinux 7 && EuroLinux 8 (#957)
    758acf97 Implementing device_aliases as described in docs (#945)
    824977bd testing: fix test_ssh_import_id.py (#954)
    6e7066ea Add ability to manage fallback network config on PhotonOS (#941)
    4257e30a Add VZLinux support (#951)
    f0ab1e64 VMware: add network-config support in ovf-env.xml (#947)
    ec6afadb Update pylint to v2.9.3 and fix the new issues it spots (#946)
    a984ee78 Azure: mount default provisioning iso before try device listing (#870)
    4fbe192a Document known hotplug limitations (#950)
    184c836a Initial hotplug support (#936)
    eacb0353 Fix MIME policy failure on python version upgrade (#934)
    881be6e7 run-container: fixup the centos repos baseurls when using http_proxy (#944)
    a185f319 tools: add support for building rpms on rocky linux (#940)
    9b52405c ssh-util: allow cloudinit to merge all ssh keys into a custom user file, defined in AuthorizedKeysFile (#937)
    108611ae VMware: new "allow_raw_data" switch (#939)
    7f5e6822 bump pycloudlib version (#935)
    894dd7c4 add renanrodrigo as a contributor (#938)
    36aeb49c testing: simplify test_upgrade.py (#932)
    db51b656 freebsd/net_v1 format: read MTU from root (#930)
    81299de5 Add new network activators to bring up interfaces (#919)
    78e89b03 - Detect a Python version change and clear the cache (#857)
    6e0aa175 cloud_tests: fix the Impish release name (#931)
    b5aecbe9 Removed distro specific network code from Photon (#929)
    35aa9db6 Add support for VMware PhotonOS (#909)
    f5a24496 cloud_tests: add impish release definition (#927)
    db23b1b1 docs: fix stale links rename master branch to main (#926)
    abd2da57 Fix DNS in NetworkState (SC-133) (#923)
    fbcb224b tests: Add 'adhoc' mark for integration tests (#925)
    1243c5a1 Fix the spelling of "DigitalOcean" (#924)
    c8d3f99b Small Doc Update for ReportEventStack and Test (#920)
    950c186a Replace deprecated collections.Iterable with abc replacement (#922)
    59a3d845 testing: OCI availability domain is now required (SC-59) (#910)
    59a848c5 add DragonFlyBSD support (#904)
    05b0e350 Use instance-data-sensitive.json in jinja templates (SC-117) (#917)
    b11632d1 doc: Update NoCloud docs stating required files (#918)
    9c400e46 build-on-netbsd: don't pin a specific py3 version (#913)
    29ac50f2 - Create the log file with 640 permissions (#858)
    503e2d39 Allow braces to appear in dhclient output (#911)
    63f72380 Docs: Replace all freenode references with libera (#912)
    fc161f8e openbsd/net: flush the route table on net restart (#908)
    7c1d27b8 Add Rocky Linux support to cloud-init (#906)
    c8db6032 Add "esposem" as contributor (#907)
    3611befb Add integration test for #868 (#901)
    1793b8b7 Added support for importing keys via primary/security mirror clauses (#882)
    21a0b120 [examples] config-user-groups expire in the future (#902)
    6fe19837 BSD: static network, set the mtu (#894)
    4c3c3629 Add integration test for lp-1920939 (#891)
    57964125 Fix unit tests breaking from new httpretty version (#903)
    86434699 Allow user control over update events (#834)
    899bfaa9 Update test characters in substitution unit test (#893)
    77320bfc cc_disk_setup.py: remove UDEVADM_CMD definition as not used (#886)
    8cf40a73 Add AlmaLinux OS support (#872)
    13877549 Release 21.2 (#890)
    f17f78fa Add \r\n check for SSH keys in Azure (#889)
    5f5fa5ee Revert "Add support to resize rootfs if using LVM (#721)" (#887)
    9ea643ff Add Vultaire as contributor (#881)
    ba82b3ef Azure: adding support for consuming userdata from IMDS (#884)
    5c740dcf test_upgrade: modify test_upgrade_package to run for more sources (#883)
    02db2c3e Fix chef module run failure when chef_license is set (#868)
    b2311664 Azure: Retry net metadata during nic attach for non-timeout errs (#878)
    431b3683 Azure: Retrieve username and hostname from IMDS (#865)
    d5cca27a Azure: eject the provisioning iso before reporting ready (#861)
    ced836e6 Use `partprobe` to re-read partition table if available (#856)
    d132356c fix error on upgrade caused by new vendordata2 attributes (#869)
    45db197c add prefer_fqdn_over_hostname config option (#859)
    0d90596b Emit dots on travis to avoid timeout (#867)
    cc16c922 doc: Replace remaining references to user-scripts as a config module (#866)
    9f9e154f azure: Removing ability to invoke walinuxagent (#799)
    0ae0b1d4 Add Vultr support (#827)
    83f6bbfb Fix unpickle for source paths missing run_dir (#863)
    fb38aa59 sysconfig: use BONDING_MODULE_OPTS on SUSE (#831)
    a9d3664c lp-to-git-users: adding B1Sandmann (#828)
    15dd3601 bringup_static_routes: fix gateway check (#850)
    fc5d5415 add hamalq user (#860)
    74fa008b Add support to resize rootfs if using LVM (#721)
    3b7e2e82 Fix mis-detecting network configuration in initramfs cmdline (#844)
    13606a12 tools/write-ssh-key-fingerprints: do not display empty header/footer (#817)
    6ae1145f Azure helper: Ensure Azure http handler sleeps between retries (#842)
    d4acc092 Fix chef apt source example (#826)
    bad84ad4 .travis.yml: generate an SSH key before running tests (#848)
    b794d426 write passwords only to serial console, lock down cloud-init-output.log (#847)
    c6726c2b Fix apt default integration test (#845)
    dae45c3b integration_tests: bump pycloudlib dependency (#846)
    f35181fa Fix stack trace if vendordata_raw contained an array (#837)
    3aeb14cd archlinux: Fix broken locale logic (#841)
    d95b448f Integration test for #783 (#832)
    74e1e50d integration_tests: mount more paths IN_PLACE (#838)
    9bd19645 Fix requiring device-number on EC2 derivatives (#836)
    6fe99157 Remove the vi comment from the part-handler example (#835)
    121bc04c net: exclude OVS internal interfaces in get_interfaces (#829)
    106c57d5 tox.ini: pass OS_* environment variables to integration tests (#830)
    3dd3de7c integration_tests: add OpenStack as a platform (#804)
    3be66630 Add flexibility to IMDS api-version (#793)
    62f7a8b1 Fix the TestApt tests using apt-key on Xenial and Hirsute (#823)
    a10838a6 doc: remove duplicate "it" from nocloud.rst (#825)
    2757333e archlinux: Use hostnamectl to set the transient hostname (#797)
    402d98ed cc_keys_to_console.py: Add documentation for recently added config key (#824)
    695c4f8f Update cc_set_hostname documentation (#818)
    d873b9dc Release 21.1 (#820)
    a64b7380 Azure: Support for VMs without ephemeral resource disks. (#800)
    e384a543 cc_keys_to_console: add option to disable key emission (#811)
    38aee6ee integration_tests: introduce lxd_use_exec mark (#802)
    66e2d42d azure: case-insensitive UUID to avoid new IID during kernel upgrade (#798)
    08d8902a stale.yml: don't ask submitters to reopen PRs (#816)
    33b6cf29 integration_tests: fix use of SSH agent within tox (#815)
    28d2d4b8 integration_tests: add UPGRADE CloudInitSource (#812)
    5a9008e5 integration_tests: use unique MAC addresses for tests (#813)
    6056ccd4 Update .gitignore (#814)
    7f1cefe9 Port apt cloud_tests to integration tests (#808)
    85e88af0 integration_tests: fix test_gh626 on LXD VMs (#809)
    84e56f84 Fix attempting to decode binary data in test_seed_random_data test (#806)
    09193e51 Remove wait argument from tests with session_cloud calls (#805)
    0497c7b1 Datasource for UpCloud (#743)
    3a0a5894 test_gh668: fix failure on LXD VMs (#801)
    3cebe0df openstack: read the dynamic metadata group vendor_data2.json (#777)
    36ddf1eb includedir in suoders can be prefixed by "arroba" (#783)
    6efe16d8 [VMware] change default max wait time to 15s (#774)
    e7e7b429 Revert integration test associated with reverted #586 (#784)
    5ccc8cba Add jordimassaguerpla as contributor (#787)
    a0fdd856 Add Rick Harding to CLA signers (#792)
    c343e8b3 HACKING.rst: add clarifying note to LP CLA process section (#789)
    5ec01a57 Stop linting cloud_tests (#791)
    4c190685 cloud-tests: update cryptography requirement (#790)
    a9c904dc Remove 'remove-raise-on-failure' calls from integration_tests (#788)
    1527efa7 Use more cloud defaults in integration tests (#757)
    2d0b6368 Adding self to cla signers (#776)
    e051d542 doc: avoid two warnings (#781)
    b3abcdc0 Use proper spelling for Red Hat (#778)
    ad23441d Add antonyc to .github-cla-signers (#747)
    c25118ac integration_tests: log image serial if available (#772)
    cdc5b81f Revert "ssh_util: handle non-default AuthorizedKeysFile config (#586)" (#775)
    9db8620b Release 20.4.1
    6fc9da99 Revert "ssh_util: handle non-default AuthorizedKeysFile config (#586)"
    11630044 [VMware] Support cloudinit raw data feature (#691)
    9a258eeb net: Fix static routes to host in eni renderer (#668)
    162fb839 .travis.yml: don't run cloud_tests in CI (#756)
    7b58982a test_upgrade: add some missing commas (#769)
    37abbc43 cc_seed_random: update documentation and fix integration test (#771)
    503435d1 Fix test gh-632 test to only run on NoCloud (#770)
    2b2c7f39 archlinux: fix package upgrade command handling (#768)
    2bfa461b integration_tests: add integration test for LP: #1910835 (#761)
    4f62ae8d Fix regression with handling of IMDS ssh keys (#760)
    88581e54 integration_tests: log cloud-init version in SUT (#758)
    83ba4d18 Add ajmyyra as contributor (#742)
    75eb007f net_convert: add some missing help text (#755)
    ea6fcc14 Missing IPV6_AUTOCONF=no to render sysconfig dhcp6 stateful on RHEL (#753)
    aa1014ca doc: document missing IPv6 subnet types (#744)
    30da21bd Add example configuration for datasource `AliYun` (#751)
    e5c67478 integration_tests: add SSH key selection settings (#754)
    48b2c5f1 fix a typo in man page cloud-init.1 (#752)
    b85e4a56 network-config-format-v2.rst: add Netplan Passthrough section (#750)
    c5f6c786 stale: re-enable post holidays (#749)
    aa72426b integration_tests: port ca_certs tests from cloud_tests (#732)
    80847b05 Azure: Add telemetry for poll IMDS (#741)
    5d017ab6 doc: move testing section from HACKING to its own doc (#739)
    b9a5da16 No longer allow integration test failures on travis (#738)
    e4f2d613 stale: fix error in definition (#740)
    b944cbe0 integration_tests: set log-cli-level to INFO by default (#737)
    3c076f4c PULL_REQUEST_TEMPLATE.md: use backticks around commit message (#736)
    fad919aa stale: disable check for holiday break (#735)
    f38ba3ca integration_tests: log the path we collect logs into (#733)
    ac17c6a2 .travis.yml: add (most) supported Python versions to CI (#734)
    0b932e55 integration_tests: fix IN_PLACE CLOUD_INIT_SOURCE (#731)
    a5484d02 cc_ca_certs: add RHEL support (#633)
    91381855 Azure: only generate config for NICs with addresses (#709)
    e5f74595 doc: fix CloudStack configuration example (#707)
    eadadaa1 integration_tests: restrict test_lxd_bridge appropriately (#730)
    9e89ca70 Add integration tests for CLI functionality (#729)
    2022bc72 Integration test for gh-626 (#728)
    ca49e27b Some test_upgrade fixes (#726)
    2af3f6d7 Ensure overriding test vars with env vars works for booleans (#727)
    3339a5a4 integration_tests: port lxd_bridge test from cloud_tests (#718)
    9ea845db Integration test for gh-632. (#725)
    8321f0c0 Integration test for gh-671 (#724)
    00dbc144 integration-requirements.txt: bump pycloudlib commit (#723)
    212b291d Drop unnecessary shebang from cmd/main.py (#722)
    97bfd21d Integration test for LP: #1813396 and #669 (#719)
    1d1649e5 integration_tests: include timestamp in log output (#720)
    05216aa3 integration_tests: add test for LP: #1898997 (#713)
    17ca02e1 Add integration test for power_state_change module (#717)
    7ec314a9 Update documentation for network-config-format-v2 (#701)
    b8df2547 sandbox CA Cert tests to not require ca-certificates (#715)
    54e202a6 Add upgrade integration test (#693)
    aa6350f6 Integration test for 570 (#712)
    974145d0 Add ability to keep snapshotted images in integration tests (#711)
    06f7b452 Integration test for pull #586 (#706)
    6c4e87bf integration_tests: introduce skipping of tests by OS (#702)
    ed9bd19c integration_tests: introduce IntegrationInstance.restart (#708)
    bd76d5cf Add lxd-vm to list of valid integration test platforms (#705)
    f550c876 Adding BOOTPROTO = dhcp to render sysconfig dhcp6 stateful on RHEL (#685)
    2bd34bda Delete image snapshots created for integration tests (#682)
    de3183c1 Parametrize ssh_keys_provided integration test (#700)
    53f2bfbb Drop use_sudo attribute on IntegrationInstance (#694)
    6ee01078 cc_apt_configure: add riscv64 as a ports arch (#687)
    4292a47b cla: add xnox (#692)
    bc9c6c22 Collect logs from integration test runs (#675)
    47f4229e Release 20.4 (#686)
    87df9d6c tox: avoid tox testenv subsvars for xenial support (#684)
    6e86d2a5 Ensure proper root permissions in integration tests (#664)
    8a493bf0 LXD VM support in integration tests (#678)
    e454dea5 Integration test for fallocate falling back to dd (#681)
    66a851ac .travis.yml: correctly integration test the built .deb (#683)
    a4d0feb0 Ability to hot-attach NICs to preprovisioned VMs before reprovisioning (#613)
    66b4be8b Support configuring SSH host certificates. (#660)
    5d4a9a4a add integration test for LP: #1900837 (#679)
    12ef7541 cc_resizefs on FreeBSD: Fix _can_skip_ufs_resize (#655)
    73e704e3 DataSourceAzure: push dmesg log to KVP (#670)
    9707a08a Make mount in place for tests work (#667)
    bfaee8cc integration_tests: restore emission of settings to log (#657)
    eea75449 DataSourceAzure: update password for defuser if exists (#671)
    49d5de92 tox.ini: only select "ci" marked tests for CI runs (#677)
    6df0230b Azure helper: Increase Azure Endpoint HTTP retries (#619)
    d807df28 DataSourceAzure: send failure signal on Azure datasource failure (#594)
    96d21dfb test_persistence: simplify VersionIsPoppedFromState (#674)
    cd752df6 only run a subset of integration tests in CI (#672)
    f6801144 cli: add --system param to allow validating system user-data on a machine (#575)
    e1bde919 test_persistence: add VersionIsPoppedFromState test (#673)
    4f2da1cc introduce an upgrade framework and related testing (#659)
    a925b5a0 add --no-tty option to gpg (#669)
    eeef783b Pin pycloudlib to a working commit (#666)
    8a9ee02d DataSourceOpenNebula: exclude SRANDOM from context output (#665)
    38ba6b30 cloud_tests: add hirsute release definition (#662)
    db2ff11d split integration and cloud_tests requirements (#652)
    39cf5c4e faq.rst: add warning to answer that suggests running `clean` (#661)
    2730521f Fix stacktrace in DataSourceRbxCloud if no metadata disk is found (#632)
    57349eb7 Make wakeonlan Network Config v2 setting actually work (#626)
    0dc2d030 HACKING.md: unify network-refactoring namespace (#658)
    d83c0bb4 replace usage of dmidecode with kenv on FreeBSD (#621)
    b542ce7a Prevent timeout on travis integration tests. (#651)
    c86283f0 azure: enable pushing the log to KVP from the last pushed byte  (#614)
    f4235974 Fix launch_kwargs bug in integration tests (#654)
    cf6c36a1 split read_fs_info into linux & freebsd parts (#625)
    d1c01c1d PULL_REQUEST_TEMPLATE.md: expand commit message section (#642)
    8dfd8801 Make some language improvements in growpart documentation (#649)
    0184e536 Revert ".travis.yml: use a known-working version of lxd (#643)" (#650)
    7978feb3 Fix not sourcing default 50-cloud-init ENI file on Debian (#598)
    2c450039 remove unnecessary reboot from gpart resize (#646)
    0af1ff1e cloudinit: move dmi functions out of util (#622)
    d619f517 integration_tests: various launch improvements (#638)
    2ea3121f test_lp1886531: don't assume /etc/fstab exists (#639)
    0ff34cfb Remove Ubuntu restriction from PR template (#648)
    34f8e221 util: fix mounting of vfat on *BSD (#637)
    815a790c conftest: improve docstring for disable_subp_usage (#644)
    8642e8bc doc: add example query commands to debug Jinja templates (#645)
    f8c84aee Correct documentation and testcase data for some user-data YAML (#618)
    0f8be879 Hetzner: Fix instance_id / SMBIOS serial comparison (#640)
    f72d0cb7 .travis.yml: use a known-working version of lxd (#643)
    a6afe9c5 tools/build-on-freebsd: fix comment explaining purpose of the script (#635)
    1431c8a1 Hetzner: initialize instance_id from system-serial-number (#630)

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2021-12-21 09:29:50 -05:00
Bruce Ashfield
d842978b65 cloud-init: switch branch to main 
Cloud-init has removed the master branch, and has switched
to using main.

So we adjust our recipe accordingly to avoid fetcher errors.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2021-12-21 09:10:08 -05:00
Christopher Clark
ce2a78aaa0 MAINTAINERS: add xtf and the raspberry pi dynamic layer for Xen 
Add the more recent Xen-related recipes to the list.

Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2021-12-16 21:45:00 -05:00
Christopher Clark
acdae1d76b xen-tools: upgrade RSUGGESTS to RRECOMMENDS for ifupdown 
Xen's networking for guests is typically configured using bridges and
the standalone ifupdown package, which contains a more capable version
of the tool than busybox, is needed to configure them, so:

Increase the recommendation strength from RSUGGESTS to RRECOMMENDS to
bring the package in by default, which fixes networking for images built
with packaging formats that follow RRECOMMENDS but not RSUGGESTS.

I should've paid closer attention to Corey's recommendation for this, so:
Suggested-by: Corey Minyard <cminyard@mvista.com>

Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2021-12-16 21:44:59 -05:00
Christopher Clark
1c3cc5b420 xen: drop patch to workaround prelink on aarch64 
prelink is no longer default enabled and has been recommended to be
disabled since OE-core f9719cc1.

Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2021-12-16 21:44:59 -05:00
Bruce Ashfield
d4415a1ff7 kubernetes: install kubeadm and misc for nodes 
To ensure nodes can join the cluster, and have the proper configuration
of some kernel options we add two more packages to the packagegroup

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2021-12-15 12:59:18 -05:00
Bruce Ashfield
14025b2ee5 kubernetes: add sysctl.d configuration 
The startup of kubernetes relies on some kernel/runtime configuration.
We create a sysctl.d snippet to ensure that critical ones are set when
installing our packages.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2021-12-15 12:59:12 -05:00
Bruce Ashfield
5b3b2599db cni: add README 
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2021-12-15 12:55:41 -05:00
Bruce Ashfield
308d31d026 kubernetes: add README 
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2021-12-15 12:55:28 -05:00
Bruce Ashfield
24b68f18af cni: don't provide kubernetes-cni by default 
The kubernetes recipes can inherit cni_networking and provide their
own PN-cni packages, so we no longer need to provide this by default.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2021-12-13 15:59:35 -05:00
Bruce Ashfield
491a385ca6 config: introduce hostname generation hooks 
Overriding hostname in a .conf file, via base-files:

  HOST_NAME="k3s-host"
  hostname_pn-base-files = "${HOST_NAME}"

Is always a valid option, but if it is not configured, we can easily
have two hosts with the same name on the network, confusing adddress
assignement, etc.

This commit introduces a way to generate a unique hostname based
on the uuid of the build host, and the machine being built.

If virt-unique-hostname is added to IMAGE_FEATURES, like the following:

  IMAGE_FEATURES += "virt-unique-hostname"
  IMAGE_FEATURES[validitems] += "virt-unique-hostname"

Then a rootfs postprocessing hook will override hostnae to something
unique.

Note: this means your image will be reproducible on a single builder,
but not between them.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2021-12-13 15:59:35 -05:00
Bruce Ashfield
6fe326b680 demo: add flask and k3s deployment files 
To enable demonstrations of application container builds, and deployment
to k*s clusters, we introduce a simple recipes-demo/ structure with a
sample flask application and deployment yaml.

i.e. ensure that "helloworld-flask-deploy" is installed on your image,
and then:

 % kubectl apply -f /etc/flask-app.yaml
 % kubectl label pods zeddii-pod new-label=yoctorule
 % kubectl expose pod zeddii-pod  --port=9000  --target-port=9000 --type=LoadBalancer --name=my-service

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2021-12-13 15:59:11 -05:00
Bruce Ashfield
fc5fdd79e0 k8s: add kubernetes to host packagegroup 
Install the core kubernetes package (and RDEPENDS) as part of the
host packagegroup.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2021-12-13 12:27:11 -05:00
Bruce Ashfield
4d0f0a5ca2 k8s: introduce host/controller initialization script 
Adding a simple helper to setup a host to the NodeReady state.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2021-12-13 12:20:43 -05:00
Bruce Ashfield
9c1f90d46b runc-docker: update to 1.0.3 
Bumping runc to version v1.0.3-2-ge0124d56, which comprises the following commits:

    31f7b334 VERSION: back to development
    f46b6ba2 VERSION: release v1.0.3
    b8dbe466 runc init: avoid netlink message length overflows
    e73ff667 [1.0] ci: add Go 1.17, drop Go 1.15
    2c30069c libct/cg/sd/v2: Destroy: remove cgroups recursively
    42bfc63b script/release.sh: fix for opensuse
    8e96a96f libct/cg/fs2: fix GetStats for unsupported hugetlb
    e84e7f93 [1.0] Fix failure with rw bind mount of a ro fuse
    cbb23675 runc run: fix ro /dev
    e802cfae test/int/mount.bats: refer to github issue
    3640499a libct/rootfs: consolidate utils imports
    aa1d1ca5 tests/int/dev: add CAP_SYSLOG to /dev/kmsg tests
    fdee8658 libct/int/checkpoint_test: fix ParentImage
    cbb5ef5c improve error message when dbus-user-session is not installed
    86d83333 VERSION: back to development

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
 2021-12-10 09:42:44 -05:00