meta-virtualization

mirror of git://git.yoctoproject.org/meta-virtualization.git synced 2026-01-27 10:41:26 +01:00

History

Bruce Ashfield 4c0f2dbe12 cri-o: update to 1.24.1 Bumping cri-o to version v1.24.1 We refresh one patch, add add textrel to our QA check skip list. Which imports the following commits: 489819e33 bump to v1.24.1 8acadd3f4 conmonmgr: query help text to see if it supports log-global-size-max fc852b402 add support for conmon log-global-size-max 77f0429d9 oci: cap exec sync length 9441b6700 Fix review issues ee1a8519f Fix it case failed 027ab3f50 Fix review issues db4a4aa51 Add integration test for remove paused ctr 76d1a929e 1.When in paused state, stop contianer should unpause it 2.We should treat paused state as running, or kubelet will delete it and restart one 3b25e48e4 fix review issues eff3af248 Try to force delete ctr when in paused state 62d81d722 vendor: bump crypto package 3d516c53b oci: Move exec probe process to container cgroup, if enabled 8294126fa config: Add monitor_exec_cgroup config option 9a2723cb4 Reenable pod runtime in package spec ae024bd0a dependencies: Upversion conmon dependency to v2.0.27 1737a4702 Sanitize conmonrs log level and print used version 5658fd35a Wrap runtime pod errors b4bbd4d94 openshift test: use go 1.18 aa13dfb7b openshift test: add skip_pod_runtime to cri-o spec d6aff5b63 Bump nixpkgs and use go1.18 4864ffc60 Fix golangci-lint errors d0664581d add runtime pod c33e14fc1 vendor conmon-rs 3b80d009b oci: add IsInfra method 0f601939e oci: lock for runtime creation 1376307fb test: use go 1.18 for lint b98f15851 Move WillRunSystemd call after iterating the mounts 2a75c8307 Add sha256sum bundle files to uploaded artifacts 9f6a6724d crio:fix a bug about log container 901310bdd oci: use runtime handler level monitor fields 12758b2b3 config: assume default conmon cgroup if it's not specified 240de5f3f template: add comment to runtimes table 5a8223c75 config: replace Conmon specific fields with runtime handler versions de2105a17 main(): don't treat reexec.Init() == true as an error 1de3e5ed2 crio:try fix integration test failed, because unpause not on time 6dfc68de4 config: increase pids limit to unlimited and deprecate it and logSizeMax 9ff165b4e bump ocicni to 0.3.1 b447dff77 bump containernetworking cni to 1.1.0 3fa33fe48 crio: unpause ctr after test 8e9ddee87 crio:fix golint check warning 019c578fa fix(stats): incorrect id on zfs driver 153bb668c crio:fix crun it failed 87f7f00f3 crio:update status after pause/unpause container 54912d7c8 oci: cleanup log path if the container failed to create 7a65dc340 utils: remove unused io related packages 9b111b532 runtime_vm: use containerd deps for container io directly 2da7482db remove the external dependency on the conntrack binary 1955cc167 go.{mod,sum}: update CDI deps to v0.3.2. a8687861c server: no longer use hardcoded timeouts 64270ef91 fix builds by passing -buildvcs=false on 386 48230e006 test: bump to go 1.18.1 d41e3cbe6 Disable systemd-mode cgroup detection conditionally e10376810 crio: Fix review issues and make format shell file 78308acd4 Add bats test to ensure namespaces are cleaned up on pod stop ec1414424 pinns: Check calloc return value adfe57b5d bump to 4.11 image 5e72b4133 crio: Fix code style 270d195ec crio: implement extended interface for pause/unpause container 31c278301 seccomp: drop unshare syscall from default profile 1098cc9b9 Retry to set CPU load balancing before return the error 7ccafd559 build(deps): bump github.com/BurntSushi/toml from 0.4.1 to 1.1.0 9b735153b Fix integration tests 862b27b8c Switch to registry.k8s.io for the sandbox Image: 9ebdeef1e Change the mcs order in selinux.bats to test the canonization of selinux label 1a9a3fdae Canonize selinux label for comparison with filesystem label b106fcd71 oci: fix segfault in pod stop code 3e9d77257 capabilities: drop inheritable afe738b18 Bump ocicni to v0.3.0 7b5a67f51 Switch to ginkgo/v2 1999baa2f Add bats test for infra_ctr_cpuset taskset 9fada28f7 Add bats test for zombie conmon cleanup 15afd20ee Update golangci-lint and config 13d7b9738 Bump golang to 1.18.x 1af1f8af2 pinns: Pass sysctls as repeated '-s' arguments eb8715d30 Fix shell format c3095bf20 README: Update EOL & Version Skew links 05c443b06 config/sysctl: fail if there is a + in the value ea39e74f2 Fix critest 739379b0c Enable `--seccomp-use-default-when-empty` by default 98c18d1cb test: update to new runc behavior 4cb2407a2 Automatically chcon and restorecon on get script bef94e1f8 Pin `github.com/u-root/u-root` 3be4dba79 Switch to `main` for `get` script 09399e41f Bump nixpkgs 51a800af0 Pin nixos/nix version 97df87f71 test: allow state of failing tests to be kept intact. 32d682800 factory: take capabilities setup a643dad27 Add dedicated security information d65414758 test/crio-wipe.bats: don't nuke $TESTDIR too early. ff36ee6e0 test/cgroups.bats: fix incorrect setup order. 128165130 test/cdi.bat: add CDI integration tests. a0d3fd8aa config,cli: add configuration for CDI. f35fba448 pkg/container: implement CDI device injection. 572616137 go.{mod,sum}: update deps, vendor. 683baa221 contrib/test: force BATS symlink in place. 0be4d0611 contrib/test: always install BATS for integration. 2426bdb4c openshift e2e: bump cri-o version e337fa364 bump to 1.24.0 5cad5f287 test: avoid concurrent crictl config writes. bc240fd4c server: stop deleting pod from idIndex if already gone a4b5f0c15 CI: use kubernetes from git tip 03064f4ca test/e2e: update skipped test list 65f93912d contrib/test/int/build/kubernetes: rm deprecated RunAsGroup 2e7a4d375 server: use syncfs instead of fsync d9102e748 config/sysctls: validate against invalid spaces 230409570 [gitpod] use latest workspace full 6c3144af2 hack/build-rpms.sh: fix yum-builddep failures 52adfe025 ci: bump shellcheck to 0.8.0 92edea6dd test/apparmor: suppress bogus SC2031/2031 ca10da055 test/cni_plugin_helper: suppress shellcheck warning 0655dd213 test/test_runner: rm eval, fix comment 1acde4379 OWNERS: move rhatdan to emeritus approvers d280c71ce OWNERS: move runcom to emeritus approvers 4041adc55 utils: Sync: use f.Sync 14d742672 Deny empty `localhost/` AppArmor profiles bd02dac92 OWNERS: add first round of reviewers 626446e5c OWNERS: Move @sboeuf to emeritus approver 8aab1e8f2 int/storage: getReferences: fix gocritic warning f1ca25bc5 server: fix (rather than ignore) gocritic warning bc839156e server/streaming: specify the linter fa2fd247f ci: bump golangci-lint to 1.44.0 cc6ed292b scripts/release-notes: fix printf args f0e70901e scripts: fix a typo b1705dc28 int/version: fix forcetypeassert linter warning 851916f0d server/container_create_linux: fix forcetypeassert warning a2760072b utils: fix forcetypeassert linter warnings d295f8b24 server/streaming: fix nolintlint warning dd70c87ab int/storage: fix gosimple warning f26fafdc5 int/config/cgmgr: fix stylecheck warnings bc91cdb57 Format code using gofumpt 0.2.1 98d945cc9 Makefile: fix a comment bb96cd907 test/crio-wipe: fixups 107fe3853 ISSUE_TEMPLATE: fix grammatical error 1affa13d9 OWNERS: move @sameo to emeritus_approvers 4dc761f9f ISSUE_TEMPLATES: update membership form to be reviewer form 592aa5159 ISSUE_TEMPLATES: add a couple of more 238e4d009 image: use imageCache value for ImageStatus() 411e15058 contrib/bundle: remove deprecated kubelet option. 15048929c minor edit: removed dead link from TOC 0dd5d2d00 oci: drop WaitContainerStateStopped 6449ff0d3 oci: fix a leaked goroutine 40165cb5b internal/factory/container: initialize from pkg/container 0dabb91b3 internal/factory/sandbox: initialize from pkg/sandbox 6e2472c92 README: update branches a0f88d3a5 Updated format a53f1d221 Generate checksum files for artifacts 728731808 test: add test for skipped sysctls 1667b5a66 server: skip sysctls that would affect the host a7ac4683c deep copy List{PodSandbox,Container} structs 183ac018f GOVERNANCE: fix links 18dfcd273 oci: always have conmon log to syslog c424e85e7 README: add reference to governance 008b3541a add GOVERNANCE.md 33063001c issue templates: add membership request form aa8130f62 Add Debian_11 OS variable on installation instructions of Debian Signed-off-by: Wang Kai <persistence201306@gmail.com> e5dad09ee criocli: produce diff-friendlier zsh completions. b299c80c5 ci: use main branch for conmon bcf069b12 server: fix race with kubelet 0769411bb Fix runtime panic on pod sandbox stats retrieval ef1746095 update go to 1.17 in go.mod acde72556 Reuse createContainerIO in CreateContainer 0731a9b57 Fix vm containers couldn't restore after CRI-O restart 386d4a447 ci: use main version of runc 28585442e openshift e2e: bump ci image 35c02b56e server: fix a potential NULL-pointer dereference. 20370fa95 Documentation: expand on CNI CIDRs in the kubeadm tutorial 143a623ad test: update tests for allowed_devices 56929cdb9 config: add AllowedDevices option 2aceed0f0 pass the main mount point to fix crypto profiles binding 6b887e9c3 Add Nestybox to the CRI-O adopters list. 33e25b47b server: drop duplicate log message 25a2eec40 pkg/container: fix container device GID fallback. a68b239af bump crio commit for upstream k8s CI d7da8b2b0 adds config template linting 86e43fc28 adds comments to default values ff2a04e8b server: don't set memory swap when it's not enabled 5ebc4a407 Inherits storage configurations from storage.conf if crio config does not set d0d8fb3a7 use cmdrunner singleton 2237f2658 conmonmgr: refactor for new CommandRunner 878040d10 cmdrunner: update mocks and add target to makefile b3bb86659 config: prepend commands with taskset if InfraCtrCPUSet is configured e9f0bb6c8 cmdrunner: add tests for prepended commands 04e9c61e3 cmdrunner: create singleton fd2e2aeec Use timeout for conmon cgroup move 9af5e3363 build(deps): bump google.golang.org/grpc from 1.42.0 to 1.43.0 9a051dede Fixed a problem where metricImagePullsBytesTotal was getting updated twice and on second call getting incorrect labels 347f04161 test: add test ensuring a stopped pod is restored 86fd03b81 sandbox stop: remove namespaces e02d5bf15 restore: handle removed namespaces 334e925ac Partially revert "restore: restore stop before managing namespace" 948b92bd7 restore: ensure containers are wiped on reboot c3f75859b build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc 78e1c80af build(deps): bump github.com/opencontainers/runc from 1.0.2 to 1.0.3 d8ea9f6ca vendor: bump c/image to 5.17.0 11c127f3d pinns: Add LDFLAGS to Makefile Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>	2022-06-07 22:02:15 -04:00
..
0001-Makefile-force-symlinks.patch	cri-o: update to 1.24.1	2022-06-07 22:02:15 -04:00
crio.conf	cri-o: uprev from 1.15 to 1.17	2020-03-13 21:53:26 -04:00

Bruce Ashfield 4c0f2dbe12 cri-o: update to 1.24.1

Bumping cri-o to version v1.24.1

We refresh one patch, add add textrel to our QA check skip list.

Which imports the following commits:

    489819e33 bump to v1.24.1
    8acadd3f4 conmonmgr: query help text to see if it supports log-global-size-max
    fc852b402 add support for conmon log-global-size-max
    77f0429d9 oci: cap exec sync length
    9441b6700 Fix review issues
    ee1a8519f Fix it case failed
    027ab3f50 Fix review issues
    db4a4aa51 Add integration test for remove paused ctr
    76d1a929e 1.When in paused state, stop contianer should unpause it 2.We should treat paused state as running, or kubelet will delete it and restart one
    3b25e48e4 fix review issues
    eff3af248 Try to force delete ctr when in paused state
    62d81d722 vendor: bump crypto package
    3d516c53b oci: Move exec probe process to container cgroup, if enabled
    8294126fa config: Add monitor_exec_cgroup config option
    9a2723cb4 Reenable pod runtime in package spec
    ae024bd0a dependencies: Upversion conmon dependency to v2.0.27
    1737a4702 Sanitize conmonrs log level and print used version
    5658fd35a Wrap runtime pod errors
    b4bbd4d94 openshift test: use go 1.18
    aa13dfb7b openshift test: add skip_pod_runtime to cri-o spec
    d6aff5b63 Bump nixpkgs and use go1.18
    4864ffc60 Fix golangci-lint errors
    d0664581d add runtime pod
    c33e14fc1 vendor conmon-rs
    3b80d009b oci: add IsInfra method
    0f601939e oci: lock for runtime creation
    1376307fb test: use go 1.18 for lint
    b98f15851 Move WillRunSystemd call after iterating the mounts
    2a75c8307 Add sha256sum bundle files to uploaded artifacts
    9f6a6724d crio:fix a bug about log container
    901310bdd oci: use runtime handler level monitor fields
    12758b2b3 config: assume default conmon cgroup if it's not specified
    240de5f3f template: add comment to runtimes table
    5a8223c75 config: replace Conmon specific fields with runtime handler versions
    de2105a17 main(): don't treat reexec.Init() == true as an error
    1de3e5ed2 crio:try fix integration test failed, because unpause not on time
    6dfc68de4 config: increase pids limit to unlimited and deprecate it and logSizeMax
    9ff165b4e bump ocicni to 0.3.1
    b447dff77 bump containernetworking cni to 1.1.0
    3fa33fe48 crio: unpause ctr after test
    8e9ddee87 crio:fix golint check warning
    019c578fa fix(stats): incorrect id on zfs driver
    153bb668c crio:fix crun it failed
    87f7f00f3 crio:update status after pause/unpause container
    54912d7c8 oci: cleanup log path if the container failed to create
    7a65dc340 utils: remove unused io related packages
    9b111b532 runtime_vm: use containerd deps for container io directly
    2da7482db remove the external dependency on the conntrack binary
    1955cc167 go.{mod,sum}: update CDI deps to v0.3.2.
    a8687861c server: no longer use hardcoded timeouts
    64270ef91 fix builds by passing -buildvcs=false on 386
    48230e006 test: bump to go 1.18.1
    d41e3cbe6 Disable systemd-mode cgroup detection conditionally
    e10376810 crio: Fix review issues and make format shell file
    78308acd4 Add bats test to ensure namespaces are cleaned up on pod stop
    ec1414424 pinns: Check calloc return value
    adfe57b5d bump to 4.11 image
    5e72b4133 crio: Fix code style
    270d195ec crio: implement extended interface for pause/unpause container
    31c278301 seccomp: drop unshare syscall from default profile
    1098cc9b9 Retry to set CPU load balancing before return the error
    7ccafd559 build(deps): bump github.com/BurntSushi/toml from 0.4.1 to 1.1.0
    9b735153b Fix integration tests
    862b27b8c Switch to registry.k8s.io for the sandbox Image:
    9ebdeef1e Change the mcs order in selinux.bats to test the canonization of selinux label
    1a9a3fdae Canonize selinux label for comparison with filesystem label
    b106fcd71 oci: fix segfault in pod stop code
    3e9d77257 capabilities: drop inheritable
    afe738b18 Bump ocicni to v0.3.0
    7b5a67f51 Switch to ginkgo/v2
    1999baa2f Add bats test for infra_ctr_cpuset taskset
    9fada28f7 Add bats test for zombie conmon cleanup
    15afd20ee Update golangci-lint and config
    13d7b9738 Bump golang to 1.18.x
    1af1f8af2 pinns: Pass sysctls as repeated '-s' arguments
    eb8715d30 Fix shell format
    c3095bf20 README: Update EOL & Version Skew links
    05c443b06 config/sysctl: fail if there is a + in the value
    ea39e74f2 Fix critest
    739379b0c Enable `--seccomp-use-default-when-empty` by default
    98c18d1cb test: update to new runc behavior
    4cb2407a2 Automatically chcon and restorecon on get script
    bef94e1f8 Pin `github.com/u-root/u-root`
    3be4dba79 Switch to `main` for `get` script
    09399e41f Bump nixpkgs
    51a800af0 Pin nixos/nix version
    97df87f71 test: allow state of failing tests to be kept intact.
    32d682800 factory: take capabilities setup
    a643dad27 Add dedicated security information
    d65414758 test/crio-wipe.bats: don't nuke $TESTDIR too early.
    ff36ee6e0 test/cgroups.bats: fix incorrect setup order.
    128165130 test/cdi.bat: add CDI integration tests.
    a0d3fd8aa config,cli: add configuration for CDI.
    f35fba448 pkg/container: implement CDI device injection.
    572616137 go.{mod,sum}: update deps, vendor.
    683baa221 contrib/test: force BATS symlink in place.
    0be4d0611 contrib/test: always install BATS for integration.
    2426bdb4c openshift e2e: bump cri-o version
    e337fa364 bump to 1.24.0
    5cad5f287 test: avoid concurrent crictl config writes.
    bc240fd4c server: stop deleting pod from idIndex if already gone
    a4b5f0c15 CI: use kubernetes from git tip
    03064f4ca test/e2e: update skipped test list
    65f93912d contrib/test/int/build/kubernetes: rm deprecated RunAsGroup
    2e7a4d375 server: use syncfs instead of fsync
    d9102e748 config/sysctls: validate against invalid spaces
    230409570 [gitpod] use latest workspace full
    6c3144af2 hack/build-rpms.sh: fix yum-builddep failures
    52adfe025 ci: bump shellcheck to 0.8.0
    92edea6dd test/apparmor: suppress bogus SC2031/2031
    ca10da055 test/cni_plugin_helper: suppress shellcheck warning
    0655dd213 test/test_runner: rm eval, fix comment
    1acde4379 OWNERS: move rhatdan to emeritus approvers
    d280c71ce OWNERS: move runcom to emeritus approvers
    4041adc55 utils: Sync: use f.Sync
    14d742672 Deny empty `localhost/` AppArmor profiles
    bd02dac92 OWNERS: add first round of reviewers
    626446e5c OWNERS: Move @sboeuf to emeritus approver
    8aab1e8f2 int/storage: getReferences: fix gocritic warning
    f1ca25bc5 server: fix (rather than ignore) gocritic warning
    bc839156e server/streaming: specify the linter
    fa2fd247f ci: bump golangci-lint to 1.44.0
    cc6ed292b scripts/release-notes: fix printf args
    f0e70901e scripts: fix a typo
    b1705dc28 int/version: fix forcetypeassert linter warning
    851916f0d server/container_create_linux: fix forcetypeassert warning
    a2760072b utils: fix forcetypeassert linter warnings
    d295f8b24 server/streaming: fix nolintlint warning
    dd70c87ab int/storage: fix gosimple warning
    f26fafdc5 int/config/cgmgr: fix stylecheck warnings
    bc91cdb57 Format code using gofumpt 0.2.1
    98d945cc9 Makefile: fix a comment
    bb96cd907 test/crio-wipe: fixups
    107fe3853 ISSUE_TEMPLATE: fix grammatical error
    1affa13d9 OWNERS: move @sameo to emeritus_approvers
    4dc761f9f ISSUE_TEMPLATES: update membership form to be reviewer form
    592aa5159 ISSUE_TEMPLATES: add a couple of more
    238e4d009 image: use imageCache value for ImageStatus()
    411e15058 contrib/bundle: remove deprecated kubelet option.
    15048929c minor edit: removed dead link from TOC
    0dd5d2d00 oci: drop WaitContainerStateStopped
    6449ff0d3 oci: fix a leaked goroutine
    40165cb5b internal/factory/container: initialize from pkg/container
    0dabb91b3 internal/factory/sandbox: initialize from pkg/sandbox
    6e2472c92 README: update branches
    a0f88d3a5 Updated format
    a53f1d221 Generate checksum files for artifacts
    728731808 test: add test for skipped sysctls
    1667b5a66 server: skip sysctls that would affect the host
    a7ac4683c deep copy List{PodSandbox,Container} structs
    183ac018f GOVERNANCE: fix links
    18dfcd273 oci: always have conmon log to syslog
    c424e85e7 README: add reference to governance
    008b3541a add GOVERNANCE.md
    33063001c issue templates: add membership request form
    aa8130f62 Add Debian_11 OS variable on installation instructions of Debian Signed-off-by: Wang Kai <persistence201306@gmail.com>
    e5dad09ee criocli: produce diff-friendlier zsh completions.
    b299c80c5 ci: use main branch for conmon
    bcf069b12 server: fix race with kubelet
    0769411bb Fix runtime panic on pod sandbox stats retrieval
    ef1746095 update go to 1.17 in go.mod
    acde72556 Reuse createContainerIO in CreateContainer
    0731a9b57 Fix vm containers couldn't restore after CRI-O restart
    386d4a447 ci: use main version of runc
    28585442e openshift e2e: bump ci image
    35c02b56e server: fix a potential NULL-pointer dereference.
    20370fa95 Documentation: expand on CNI CIDRs in the kubeadm tutorial
    143a623ad test: update tests for allowed_devices
    56929cdb9 config: add AllowedDevices option
    2aceed0f0 pass the main mount point to fix crypto profiles binding
    6b887e9c3 Add Nestybox to the CRI-O adopters list.
    33e25b47b server: drop duplicate log message
    25a2eec40 pkg/container: fix container device GID fallback.
    a68b239af bump crio commit for upstream k8s CI
    d7da8b2b0 adds config template linting
    86e43fc28 adds comments to default values
    ff2a04e8b server: don't set memory swap when it's not enabled
    5ebc4a407 Inherits storage configurations from storage.conf if crio config does not set
    d0d8fb3a7 use cmdrunner singleton
    2237f2658 conmonmgr: refactor for new CommandRunner
    878040d10 cmdrunner: update mocks and add target to makefile
    b3bb86659 config: prepend commands with taskset if InfraCtrCPUSet is configured
    e9f0bb6c8 cmdrunner: add tests for prepended commands
    04e9c61e3 cmdrunner: create singleton
    fd2e2aeec Use timeout for conmon cgroup move
    9af5e3363 build(deps): bump google.golang.org/grpc from 1.42.0 to 1.43.0
    9a051dede Fixed a problem where metricImagePullsBytesTotal was getting updated twice and on second call getting incorrect labels
    347f04161 test: add test ensuring a stopped pod is restored
    86fd03b81 sandbox stop: remove namespaces
    e02d5bf15 restore: handle removed namespaces
    334e925ac Partially revert "restore: restore stop before managing namespace"
    948b92bd7 restore: ensure containers are wiped on reboot
    c3f75859b build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
    78e1c80af build(deps): bump github.com/opencontainers/runc from 1.0.2 to 1.0.3
    d8ea9f6ca vendor: bump c/image to 5.17.0
    11c127f3d pinns: Add LDFLAGS to Makefile

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>

2022-06-07 22:02:15 -04:00

0001-Makefile-force-symlinks.patch

cri-o: update to 1.24.1

2022-06-07 22:02:15 -04:00

crio.conf

cri-o: uprev from 1.15 to 1.17

2020-03-13 21:53:26 -04:00