3dcd679bb1
Bumping cri-o to version v1.31.4, which comprises the following commits:
8aa8c7e42 server: fix panic when default annotations are specified
88939baf2 version: bump to 1.31.4
284eb9327 config: add default_annotations
26bb3c96a Allow to remove pod sandbox on netns removal
cf112c696 Disable actuated runners
0b449cebc version: bump to 1.31.3
ee2d73252 Fix container restore lint report
6aa6cbcb4 Only restore container if all bind mounts are defined
165504928 Add `--pull-progress-timeout` / `pull_progress_timeout` option
d3f39eaa9 RuntimeHandler inheritance bug-fix
c65eb63b1 RuntimeHandler inheritance
c918a52d1 nix: don't build gpgme with `--enable-fixed-path`
677d91db3 version: bump to 1.31.2
f334f80c3 config: fix validation of allowed annotations
e0fe09609 Cherry-pick changes from containers/storage/pull#2134
cae8a3ab5 Cherry-pick changes from containers/common/pull#2185
e9deb6cde version: bump to 1.31.1
b6226b8a3 config: pass down PullOptions from the storage configuration
a673a7ca4 test: fix empty pinned_images test
7d4f035b5 tests: improve wait_for_log to allow multiple calls for the same message
2d27da0f3 image: serialize RegistryImageReferences when checking signatures
4b55a1107 Pin govulncheck to specific version to match Go version requirements
abb6a439d Use nanosecond timestamp for evented pleg pod status
fbd73b339 test: fix CR test by unsetting SIGNATURE_POLICY
a379923f5 server/restore: mark signature validation incompatible with restore
1a9d36494 server: document difference between userRequestedImage/userSpecifiedImage
50075247a server: use imageID instead of a random digest
0dd7eaffe server: only check signatures if namespaced policy is defined
ec8545d2d server: use cached restore value instead of recomputing
7a67eb72b store canonical ref differently
1444e69d9 test: fix crun-wasm test to handle requirement of user_specified_image
6edecf30e Image verificaiton for namespaced policies
9d3da707d Revert "contrib: temporarily move to crun 1.15 to fix CI"
e54ea3407 Fix invalid syntax in test workflow
fc262592f ci: run setup commands for e2e because they weren't done for some reason
d24529f7d build(deps): bump the actions group with 2 updates
efa1690c0 test: setup runtimes correctly so drop-ins work
bfc509cd7 test: comment out ARM image digest as it's unused
45ee51d01 test: update memory limit tests to not be in image.bats
29803ef24 test: fix config test
fe5bdeb3b gh actions: set crun instead of runc
f174d5a3d oci: allow double delete
624b15b9c gh actions: spoof crun for unit tests on arm64
afe78eb68 config: refactor min memory handling a bit
d2cb4e4ae config: update min memory to account for crun
5e21d495c config: default to crun
c32f7b02a build(deps): bump crate-ci/typos in the actions group
2b8dfdf48 build(deps): bump github.com/opencontainers/runc in the gomod group
3fe3b4e81 build(deps): bump peter-evans/create-pull-request in the actions group
d23951276 refactor seccomp
f81fea25f Modify test case to verify blocking of clone
7d0d6ad49 Filter namespace creation args to clone in default seccomp policy
cc8b071b1 build(deps): bump the gomod group across 1 directory with 3 updates
f7fee64a7 build(deps): bump the actions group with 2 updates
dd0cb08d8 Update golangci-lint to v1.60.3 for better go 1.23 compatibility
1f212dc7b Add Makefile help
9ad5c5aed Add additional bind mount to image volumes
ff73a7a0b Fix Makefile `$PWD` when running using `sudo`
2c37d262f Make `prettier` target run in a privileged container
33fb00528 Fix lint
b1bf40749 build(deps): bump google-github-actions/upload-cloud-storage
1beb59cb8 build(deps): bump the gomod group across 1 directory with 8 updates
ba846966f config: add /dev/net/tun to default allowed devices
3ef7f9de4 build(deps): bump crate-ci/typos in the actions group
f7e8682ef Add `{verify-}prettier` makefile targets
53d958fa3 Change default tracing endpoint to 127.0.0.1
9d1a5f437 build(deps): bump crate-ci/typos in the actions group
13e701563 build(deps): bump github.com/onsi/ginkgo/v2 in the gomod group
e83973d7d Run prettier on supported files
8269859fd Make static build a GitHub action matrix
09bb40438 Change profile endpoint to 127.0.0.1
5f95cb5ce build(deps): bump the gomod group across 1 directory with 3 updates
aa1ca0d47 build(deps): bump google-github-actions/auth in the actions group
f83861120 build(deps): bump google-github-actions/upload-cloud-storage
a8950ce30 Pass around more contexts in hooks and metrics
7472e56e9 Trigger `test` workflow after release branch fast forward
6fb6e8d16 Run the runtime RuntimeType validation first
dff5305bb Avoid potential reallocs by pre-sizing some slices
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|---|---|---|
| classes | ||
| conf | ||
| docs | ||
| dynamic-layers | ||
| files | ||
| lib/oeqa/runtime/cases | ||
| recipes-containers | ||
| recipes-core | ||
| recipes-demo | ||
| recipes-devtools | ||
| recipes-extended | ||
| recipes-graphics/xorg-xserver | ||
| recipes-kernel | ||
| recipes-networking | ||
| scripts | ||
| wic | ||
| .gitignore | ||
| COPYING.MIT | ||
| MAINTAINERS | ||
| meta-virt-roadmap.txt | ||
| README.md | ||
| SECURITY.md | ||
meta-virtualization
This layer provides support for building Xen, KVM, Libvirt, and associated packages necessary for constructing OE-based virtualized solutions.
The bbappend files for some recipes (e.g. linux-yocto) in this layer need to have 'virtualization' in DISTRO_FEATURES to have effect. To enable them, add in configuration file the following line.
DISTRO_FEATURES:append = " virtualization"
If meta-virtualization is included, but virtualization is not enabled as a distro feature a warning is printed at parse time:
You have included the meta-virtualization layer, but
'virtualization' has not been enabled in your DISTRO_FEATURES. Some bbappend files
may not take effect. See the meta-virtualization README for details on enabling
virtualization support.
If you know what you are doing, this warning can be disabled by setting the following variable in your configuration:
SKIP_META_VIRT_SANITY_CHECK = 1
Depending on your use case, there are other distro features in meta-virtualization that may also be enabled:
- xen: enables xen functionality in various packages (kernel, libvirt, etc)
- kvm: enables KVM configurations in the kernel and autoloads modules
- k8s: enables kubernets configurations in the kernel, tools and configuration
- aufs: enables aufs support in docker and linux-yocto
- x11: enable xen and libvirt functionality related to x11
- selinux: enables functionality in libvirt and lxc
- systemd: enable systemd services and unit files (for recipes for support)
- sysvinit: enable sysvinit scripts (for recipes with support)
- seccomp: enable seccomp support for packages that have the capability.
Dependencies
This layer depends on:
URI: git://github.com/openembedded/openembedded-core.git branch: master revision: HEAD prio: default
URI: git://github.com/openembedded/meta-openembedded.git branch: master revision: HEAD layers: meta-oe meta-networking meta-filesystems meta-python
Required for Xen XSM policy: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Required for Ceph: URI: git://git.yoctoproject.org/meta-cloud-services branch: master revision: HEAD prio: default
Required for cri-o: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Community / Colaboration
Repository: https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/ Mailing list: https://lists.yoctoproject.org/g/meta-virtualization IRC: libera.chat #meta-virt channel
Maintenance
Send pull requests, patches, comments or questions to meta-virtualization@lists.yoctoproject.org
Maintainer: Bruce Ashfield bruce.ashfield@gmail.com see MAINTAINERS for more specific information
When sending single patches, please using something like: $ git send-email -1 -M --to meta-virtualization@lists.yoctoproject.org --subject-prefix='meta-virtualization][PATCH'
License
All metadata is MIT licensed unless otherwise stated. Source code included in tree for individual recipes is under the LICENSE stated in each recipe (.bb file) unless otherwise stated.