[pull] main from containerd:main #56
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![pull[bot]](https://avatars.githubusercontent.com/in/12910?s=60&v=4){kind=small}
…2433053af build(deps): bump the k8s group with 4 updates
Signed-off-by: Shiming Zhang <wzshiming@hotmail.com>
Support multiple uid/gid mappings [1/2]
Enable the selinux on cri test
Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.9 to 1.17.10. - [Release notes](https://github.com/klauspost/compress/releases) - [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml) - [Commits](klauspost/compress@v1.17.9...v1.17.10) --- updated-dependencies: - dependency-name: github.com/klauspost/compress dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.66.2 to 1.67.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.66.2...v1.67.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.20.3 to 1.20.4. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.20.3...v1.20.4) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Overlayfs needs to do an idmap mount of each layer and the cleanup function just unmounts and deletes the directories. However, when the resource is busy, the umount fails. Let's make the unmount detached so the unmount will eventually be done when it's not busy anymore. Also, making it detached solves the issues with the unmount failing because it is busy. Big kudos to @mbaynton for reporting this issue with lot of details, nailing it down to containerd lines of code and showing all the log lines to understand the big picture. Fixes: #10704 Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
Using os.RemoveAll() is quite risky, as if the unmount failed and we can delete files from the container rootfs. In fact, we were doing just that. Let's use os.Remove() to make sure we only deleted empty dirs. Big kudos to @mbaynton for reporting this issue with lot of details, nailing it down to containerd lines of code and showing all the log lines to understand the big picture. Fixes: #10704 Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
The detached mount is less likely to fail in our case, but if we see any failure to unmount, we should just skip the removal of directories. Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
…b.com/prometheus/client_golang-1.20.4 build(deps): bump github.com/prometheus/client_golang from 1.20.3 to 1.20.4
…e.golang.org/grpc-1.67.0 build(deps): bump google.golang.org/grpc from 1.66.2 to 1.67.0
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
…b.com/klauspost/compress-1.17.10 build(deps): bump github.com/klauspost/compress from 1.17.9 to 1.17.10
Signed-off-by: zouyee <zouyee1989@gmail.com>
Move features section to a separate file
Signed-off-by: Sameer <sameer.saeed@live.ca>
Add timestamp to PodSandboxStatusResponse for kubernetes Evented PLEG
However, when an image has multiple tags, the image originally obtained may not be the one actually specified by the user. Starting from cri-api v0.28.0, a UserSpecifiedImage field is added to ImageSpec. It is more appropriate to use UserSpecifiedImage. Signed-off-by: jinda.ljd <jinda.ljd@alibaba-inc.com>
[cri] use 'UserSpecifiedImage' to set the image-name annotation
Signed-off-by: Derek McGowan <derek@mcg.dev>
Add check for CNI plugins before tearing down pod network
This adds trace context propagation over the grpc/ttrpc calls to a shim. It also adds the otlp plugin to the runc shim so that it will send traces to the configured tracer (which is inherited from containerd's config). It doesn't look like this is adding any real overhead to the runc shim's memory usage, however it does add 2MB to the binary size. As such this is gated by a build tag `shim_tracing` Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Propagate trace contexts to shims
Bumps [github.com/intel/goresctrl](https://github.com/intel/goresctrl) from 0.7.0 to 0.8.0. - [Release notes](https://github.com/intel/goresctrl/releases) - [Commits](intel/goresctrl@v0.7.0...v0.8.0) --- updated-dependencies: - dependency-name: github.com/intel/goresctrl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Kirtana Ashok <kiashok@microsoft.com>
Prepare release notes for v2.0.0-rc.5
pkg/oci is a general utility package with dependency chains that are uneccessary for the shim. The shim only actually used it for a convenience function for reading an oci spec file. Instead of pulling in those deps just re-implement that internally in the shim command. Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Core should not have a dependency on API types. This was causing a transative dependency on grpc when importing the core snapshots package. Signed-off-by: Brian Goff <cpuguy83@gmail.com>
This is needed so we can build the runc shim without grpc as a transative dependency. With this change the runc shim binary went from 14MB to 11MB. The RSS from an idle shim went from about 17MB to 14MB (back around where it was in in 1.7). Signed-off-by: Brian Goff <cpuguy83@gmail.com>
- go1.23.3 (released 2024-11-06) includes fixes to the linker, the runtime, and the net/http, os, and syscall packages. See the Go 1.23.3 milestone on our issue tracker for details. - go1.22.9 (released 2024-11-06) includes fixes to the linker. See the Go 1.22.9 milestone on our issue tracker for details Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
update to go1.23.3 / go1.22.9
Signed-off-by: Alexey Lunev <cheembox573@gmail.com>
Signed-off-by: Alexey Lunev <cheembox573@gmail.com>
fsverity_test.go: fix nil pointer derefence, fix test fail, fix minor/major device numbers resolving
Signed-off-by: Alexey Lunev <cheembox573@gmail.com>
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.0.9 to 2.1.0. - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@e7a8f85...01570a1) --- updated-dependencies: - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 1.4.3 to 1.4.4. - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](actions/attest-build-provenance@1c608d1...ef24412) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.0 to 3.27.1. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@6624720...4f3212b) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) from 2.0.2 to 2.1.0. - [Release notes](https://github.com/lycheeverse/lychee-action/releases) - [Commits](lycheeverse/lychee-action@7cd0af4...f81112d) --- updated-dependencies: - dependency-name: lycheeverse/lychee-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps the golang-x group with 3 updates: [golang.org/x/mod](https://github.com/golang/mod), [golang.org/x/sync](https://github.com/golang/sync) and [golang.org/x/sys](https://github.com/golang/sys). Updates `golang.org/x/mod` from 0.21.0 to 0.22.0 - [Commits](golang/mod@v0.21.0...v0.22.0) Updates `golang.org/x/sync` from 0.8.0 to 0.9.0 - [Commits](golang/sync@v0.8.0...v0.9.0) Updates `golang.org/x/sys` from 0.26.0 to 0.27.0 - [Commits](golang/sys@v0.26.0...v0.27.0) --- updated-dependencies: - dependency-name: golang.org/x/mod dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github.com/containerd/typeurl/v2](https://github.com/containerd/typeurl) from 2.2.2 to 2.2.3. - [Release notes](https://github.com/containerd/typeurl/releases) - [Commits](containerd/typeurl@v2.2.2...v2.2.3) --- updated-dependencies: - dependency-name: github.com/containerd/typeurl/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
…oftprops/action-gh-release-2.1.0 build(deps): bump softprops/action-gh-release from 2.0.9 to 2.1.0
…ctions/attest-build-provenance-1.4.4 build(deps): bump actions/attest-build-provenance from 1.4.3 to 1.4.4
…b.com/containerd/typeurl/v2-2.2.3 build(deps): bump github.com/containerd/typeurl/v2 from 2.2.2 to 2.2.3
…g-x-70d324b242 build(deps): bump the golang-x group with 3 updates
…ithub/codeql-action-3.27.1 build(deps): bump github/codeql-action from 3.27.0 to 3.27.1
…ycheeverse/lychee-action-2.1.0 build(deps): bump lycheeverse/lychee-action from 2.0.2 to 2.1.0
fsverity_linux.go: Fix fsverity.IsEnabled() for big endian systems
* Correctly reference the only schema 1 mediatype containerd supports. * Document that `--local` is required for `ctr` when pulling schema 1 images * Document CRI users more clearly Fixes #10998 Signed-off-by: Samuel Karp <samuelkarp@google.com>
docs: update schema 1 deprecation information
This reverts commit ae73e30. Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
Revert "Disable vagrant strict dependency checking"
Fix runtimeoptions location in v2 migration script
Signed-off-by: Marat Radchenko <marat@slonopotamus.org>
Add repo env similar to other install script Signed-off-by: Jing Xu <jinxu@google.com>
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
update runc binary to 1.2.2
Update install-imgcrypt to allow change install repo
[containerd-stress] Use platform-specific default address
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )