github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
12,181 Commits 3 Branches 2 Tags 112 MiB
master
Commit Graph

639 Commits

Author SHA1 Message Date
Derek McGowan
a5a4c9ce04
Merge pull request #8173 from fuweid/update-go-cni-ver 
bump go-cni to v1.1.9
 2023-02-27 23:22:44 -08:00
Akihiro Suda
e0a05b56e5
Merge pull request #8152 from bart0sh/PR007-upgrade-CDI-to-0.5.4 
update CDI version to v0.5.4
 2023-02-28 09:22:30 +09:00
Wei Fu
36ae2f6b9e bump go-cni to v1.1.9 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-02-28 07:30:59 +08:00
Krisztian Litkey
310be5ce6e pkg/nri: update NRI configuration. 
Update NRI plugin configuration to match that of NRI. Remove
option for the eliminated NRI configuration file. Add option
to disable connections from externally launched plugins. Add
options to override default plugin registration and request
timeouts.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2023-02-26 19:56:31 +02:00
Ed Bartosh
30e4a14092 update CDI version to v0.5.4 
Signed-off-by: Ed Bartosh <eduard.bartosh@intel.com>
 2023-02-22 16:38:37 +02:00
Fu Wei
8cb00f45c9
Merge pull request #8143 from mxpv/log 
Add Fields type alias to log package
 2023-02-21 10:22:23 +08:00
Maksym Pavlenko
06e085c8b5 Add Fields type alias to log package 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-02-20 17:29:08 -08:00
Benjamin Wang
2716fd041a dependency: bump go.etcd.io/bbolt to v1.3.7 
Please refer to link below to get more detailed info on bbolt@v1.3.7,
- https://github.com/etcd-io/bbolt/blob/master/CHANGELOG/CHANGELOG-1.3.md#v1372023-01-31

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-02-17 16:34:53 +08:00
Maksym Pavlenko
24cf85f5a3
Merge pull request #8103 from AkihiroSuda/go-1.20 
Go 1.20.1
 2023-02-15 20:09:28 -08:00
Derek McGowan
f885e07456
Merge pull request #8044 from fish98/main 
docs: fix function names in fuzzing test documentation
 2023-02-15 15:23:15 -08:00
Derek McGowan
aa6418fadd
Merge pull request from GHSA-hmfx-3pcx-653p 
oci: fix additional GIDs
 2023-02-15 13:45:14 -08:00
Akihiro Suda
281f89a9dc
go.mod: go 1.19 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-02-16 03:50:23 +09:00
Zechun Chen
39bac0dbef error strings should not be capitalized 
Signed-off-by: Zechun Chen <zechun.chen@daocloud.io>
 2023-02-15 14:30:36 +08:00
Casey Callendrello
d14758b605 go.mod: bump to go-cni main 
Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2023-02-14 16:49:17 +01:00
Akihiro Suda
4e2eb8ba4e
Merge pull request #7964 from dmcgowan/transfer-image-store-references 
[transfer] update imagestore interface to support multiple references
 2023-02-14 11:22:27 +09:00
Derek McGowan
081601f521
Update imagestore interface to support multiple references 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-02-13 13:58:33 -08:00
Derek McGowan
edb8ebaf07
Merge pull request #8047 from ruiwen-zhao/send_nil 
Send container events with nil PodSandboxStatus
 2023-02-13 11:38:14 -08:00
Akihiro Suda
b61988670c
go.mod: github.com/containerd/typeurl/v2 v2.1.0 
Changes: https://github.com/containerd/typeurl/compare/7f6e6d160d67...v2.1.0

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-02-11 23:39:52 +09:00
ruiwen-zhao
27c8f4085c Move PLEG event generation back to sbserver to avoid missing pod sandbox status 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2023-02-11 01:34:33 +00:00
Akihiro Suda
3eda46af12
oci: fix additional GIDs 
Test suite:
```yaml

---
apiVersion: v1
kind: Pod
metadata:
  name: test-no-option
  annotations:
    description: "Equivalent of `docker run` (no option)"
spec:
  restartPolicy: Never
  containers:
    - name: main
      image: ghcr.io/containerd/busybox:1.28
      args: ['sh', '-euxc',
             '[ "$(id)" = "uid=0(root) gid=0(root) groups=0(root),10(wheel)" ]']
---
apiVersion: v1
kind: Pod
metadata:
  name: test-group-add-1-group-add-1234
  annotations:
    description: "Equivalent of `docker run --group-add 1 --group-add 1234`"
spec:
  restartPolicy: Never
  containers:
    - name: main
      image: ghcr.io/containerd/busybox:1.28
      args: ['sh', '-euxc',
             '[ "$(id)" = "uid=0(root) gid=0(root) groups=0(root),1(daemon),10(wheel),1234" ]']
  securityContext:
    supplementalGroups: [1, 1234]
---
apiVersion: v1
kind: Pod
metadata:
  name: test-user-1234
  annotations:
    description: "Equivalent of `docker run --user 1234`"
spec:
  restartPolicy: Never
  containers:
    - name: main
      image: ghcr.io/containerd/busybox:1.28
      args: ['sh', '-euxc',
             '[ "$(id)" = "uid=1234 gid=0(root) groups=0(root)" ]']
  securityContext:
    runAsUser: 1234
---
apiVersion: v1
kind: Pod
metadata:
  name: test-user-1234-1234
  annotations:
    description: "Equivalent of `docker run --user 1234:1234`"
spec:
  restartPolicy: Never
  containers:
    - name: main
      image: ghcr.io/containerd/busybox:1.28
      args: ['sh', '-euxc',
             '[ "$(id)" = "uid=1234 gid=1234 groups=1234" ]']
  securityContext:
    runAsUser: 1234
    runAsGroup: 1234
---
apiVersion: v1
kind: Pod
metadata:
  name: test-user-1234-group-add-1234
  annotations:
    description: "Equivalent of `docker run --user 1234 --group-add 1234`"
spec:
  restartPolicy: Never
  containers:
    - name: main
      image: ghcr.io/containerd/busybox:1.28
      args: ['sh', '-euxc',
             '[ "$(id)" = "uid=1234 gid=0(root) groups=0(root),1234" ]']
  securityContext:
    runAsUser: 1234
    supplementalGroups: [1234]
```

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-02-10 15:53:00 +09:00
Akihiro Suda
52f82acb7b
btrfs: depend on kernel UAPI instead of libbtrfs 
See containerd/btrfs PR 40 and moby/moby PR 44761. (Thanks to [@]neersighted.)

The containerd/btrfs library now requires headers from kernel 4.12 or newer:
- https://github.com/torvalds/linux/blob/master/include/uapi/linux/btrfs.h
- https://github.com/torvalds/linux/blob/master/include/uapi/linux/btrfs_tree.h

These files are licensed under the GPL-2.0 WITH Linux-syscall-note, so it should be compatible with the Apache License 2.0.
https://spdx.org/licenses/Linux-syscall-note.html

The dependency on the kernel headers only affects users building from source.
Users on older kernels may opt to not compile this library (`BUILDTAGS=no_btfs`),
or to provide headers from a newer kernel.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-02-10 10:07:34 +09:00
TTFISH
5bc3fea621 update fuzz function names in docs with golang naming convention 
Signed-off-by: Jiongchi Yu <jcyu.2022@phdcs.smu.edu.sg>
 2023-02-06 17:59:07 +08:00
Kirtana Ashok
e5c57f2422 update hcsshim tag to v0.10.0-rc.5 and revendor 
Signed-off-by: Kirtana Ashok <Kirtana.Ashok@microsoft.com>
 2023-02-03 10:50:56 -08:00
TTFISH
904a87d26d docs: fix function names in fuzzing test documentation 
Signed-off-by: Jiongchi Yu <jcyu.2022@phdcs.smu.edu.sg>
 2023-02-03 23:19:00 +08:00
Maksym Pavlenko
99580e0aad Update TTRPC and Protobuild dependencies 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-02-02 09:58:43 -08:00
Sebastiaan van Stijn
d6070f8a74
go.mod: github.com/urfave/cli v1.22.12 
full diff: https://github.com/urfave/cli/compare/v1.22.10...v1.22.12

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-02-01 12:42:03 +01:00
Krisztian Litkey
58bd5a0940 go.mod: update github.com/containerd/nri. 
Point NRI dependency to latest HEAD, commit b3cabdec0657. That
pulls in the necessary NRI fix for a recently discovered panic
and crash.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2023-01-31 15:03:45 +02:00
Tony Fang
c46aaa8df4 Add integration test for tracing on image pull 
Create an in-memory exporter and global tracer provider
Pull image with client which should create spans
Validate spans in the exporter

Signed-off-by: Tony Fang <nhfang@amazon.com>
 2023-01-31 05:45:26 +00:00
Akihiro Suda
b5bdd6c7f2
Merge pull request #8027 from AkihiroSuda/containerd-cgroups-v3 
go.mod: github.com/containerd/cgroups/v3 v3.0.0
 2023-01-30 23:06:47 +09:00
Aditi
7ec75b1207 Update CNI to 1.2.0 
Signed-off-by: Aditi <sharmaad@vmware.com>
 2023-01-30 10:25:37 +00:00
Akihiro Suda
306db3e707
go.mod: github.com/containerd/cgroups/v3 v3.0.0 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-01-30 11:57:46 +09:00
Akihiro Suda
5082fb3958
go.mod: go.opentelemetry.io/otel v1.12.0 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-01-30 08:40:46 +09:00
Wei Fu
8886b05dc3 integration: use sleep inf with busybox:1.36 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-01-29 18:02:18 +08:00
Wei Fu
005d30e849 deflake: TestContainerPids 
It is kind of race because `sleep 1s` is short live process.

See: https://github.com/containerd/containerd/issues/7965#issuecomment-1383218025
Fixes: #7965

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-01-29 16:51:52 +08:00
Kazuyoshi Kato
753bfd6575
Merge pull request #7959 from Jenkins-J/fix-mem-limit-test 
Fix Memory Limit test
 2023-01-26 10:33:35 -08:00
Markus Lehtonen
d845b2a9c2 go.mod: update goresctrl to v0.3.0 
Update github.com/intel/goresctrl to v0.3.0 which ontains multiple
bugfixes to rdt support.

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2023-01-24 11:34:33 +02:00
James Jenkins
b1c5c57be0 Fix Memory Limit test 
Modify the memory limit test, allowing the test to pass when swap is not
enabled.

Signed-off-by: James Jenkins <James.Jenkins@ibm.com>
 2023-01-17 13:07:28 -05:00
Kirtana Ashok
66eeee0439 Update hcsshim tag to v0.10.0-rc.4 
Signed-off-by: Kirtana Ashok <Kirtana.Ashok@microsoft.com>
 2023-01-12 11:29:01 -08:00
AdamKorcz
802c6c5c0d fuzzing: improve archive fuzzer 
Signed-off-by: AdamKorcz <adam@adalogics.com>
 2023-01-11 23:32:45 +00:00
Tony Fang
82d6c2f931 Revert container_stats_test.go change which caused Windows CRI integration test failure 
PR #7892 which supposed to fix issue on Linux introduced random failure
on Windows, this commit is to revert that change for Windows platform

Signed-off-by: Tony Fang <nenghui.fang@gmail.com>
 2023-01-09 05:22:25 +00:00
Samuel Karp
6f9936e305
mod: update github.com/pelletier/go-toml@v1.9.5 
Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2023-01-06 13:11:07 -08:00
Akihiro Suda
7b1f08bf50
nri_test.go: skip if SELinux is enabled 
SELinux relabeling is not implemented for NRI yet

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-01-04 02:20:42 +09:00
Akihiro Suda
dcbb32d6fb
cri-integration: set SelinuxRelabel 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-01-04 02:20:42 +09:00
Akihiro Suda
0f163d6960
TestVolumeOwnership: compare GID, not group name 
The name of the GID 65534 differs across distros.
("nogroup" on Debian derivatives, "nobody" on Red Hat derivatives)

Fix the following test failure:
```
=== RUN   TestVolumeOwnership
    volume_copy_up_test.go:103: Create a sandbox
    main_test.go:667: Pull test image "ghcr.io/containerd/volume-ownership:2.1"
    volume_copy_up_test.go:108: Create a container with volume-ownership test image
    volume_copy_up_test.go:117: Start the container
    volume_copy_up_test.go:125: Check ownership of test directory inside container
    volume_copy_up_test.go:146: Check ownership of test directory on the host
    volume_copy_up_test.go:153:
        	Error Trace:	/root/go/src/github.com/containerd/containerd/volume_copy_up_test.go:153
        	Error:      	Not equal:
        	            	expected: "nobody:nogroup\n"
        	            	actual  : "nobody:nobody\n"

        	            	Diff:
        	            	--- Expected
        	            	+++ Actual
        	            	@@ -1,2 +1,2 @@
        	            	-nobody:nogroup
        	            	+nobody:nobody

        	Test:       	TestVolumeOwnership
--- FAIL: TestVolumeOwnership (3.45s)
```

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-01-04 02:20:42 +09:00
Akihiro Suda
76d68b080e
container_stats_test.go: avoid checking snapshot size 
On Linux, the snapshot size differs depending on the backing filesystem.
See issue 7909.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-01-04 02:20:41 +09:00
Akihiro Suda
24a255ce96
Merge pull request #7850 from dmcgowan/sandbox-store-local-plugin 
[sandbox] Add sandbox store plugin type
 2023-01-04 00:21:06 +09:00
Akihiro Suda
88c8480a38
Merge pull request #7893 from AkihiroSuda/fix-7890 
Fix TestUpdateContainerResources_Memory* on cgroup v2 hosts
 2023-01-03 19:52:50 +09:00
Akihiro Suda
5a00d28a6f
Fix TestUpdateContainerResources_Memory* on cgroup v2 hosts 
Fix issue 7890

Tested on Ubuntu 22.10, with swapon and swapoff:
```
$ GITHUB_WORKSPACE="" ENABLE_CRI_SANDBOXES="" CONTAINERD_RUNTIME=io.containerd.runc.v2 FOCUS=TestUpdateContainerResources_Memory make cri-integration
...
=== RUN   TestUpdateContainerResources_MemorySwap
    container_update_resources_test.go:161: Create a sandbox
INFO[0000] Using the following image list: {Alpine:docker.io/library/alpine:latest BusyBox:docker.io/library/busybox:latest Pause:registry.k8s.io/pause:3.8 ResourceConsumer:registry.k8s.io/e2e-test-images/resource-consumer:1.10 VolumeCopyUp:ghcr.io/containerd/volume-copy-up:2.1 VolumeOwnership:ghcr.io/containerd/volume-ownership:2.1}
    main_test.go:663: Image "registry.k8s.io/pause:3.8" already exists, not pulling.
    container_update_resources_test.go:174: Create a container with memory limit but no swap
    container_update_resources_test.go:186: Check memory limit in container OCI spec
    container_update_resources_test.go:194: Check memory limit in container OCI spec
    container_update_resources_test.go:200: Start the container
    container_update_resources_test.go:205: Check memory limit in cgroup
    container_update_resources_test.go:211: Update container memory limit after started
    container_update_resources_test.go:217: Check memory limit in container OCI spec
    container_update_resources_test.go:222: Check memory limit in cgroup
--- PASS: TestUpdateContainerResources_MemorySwap (0.88s)
=== RUN   TestUpdateContainerResources_MemoryLimit
    container_update_resources_test.go:228: Create a sandbox
    main_test.go:663: Image "registry.k8s.io/pause:3.8" already exists, not pulling.
    container_update_resources_test.go:238: Create a container with memory limit
    container_update_resources_test.go:249: Check memory limit in container OCI spec
    container_update_resources_test.go:257: Update container memory limit after created
    container_update_resources_test.go:263: Check memory limit in container OCI spec
    container_update_resources_test.go:269: Start the container
    container_update_resources_test.go:274: Check memory limit in cgroup
    container_update_resources_test.go:280: Update container memory limit after started
    container_update_resources_test.go:286: Check memory limit in container OCI spec
    container_update_resources_test.go:292: Check memory limit in cgroup
--- PASS: TestUpdateContainerResources_MemoryLimit (0.91s)
PASS
```

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-01-02 13:15:38 +09:00
Akihiro Suda
a5ea5935b7
integration/images: switch away from Docker Hub to avoid rate limit 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-01-02 05:49:30 +09:00
Samuel Karp
b0b28f1d8e
Merge pull request #7879 from fuweid/clean-build-tags 2022-12-30 00:22:03 -08:00
Wei Fu
6b7e237fc7 chore: use go fix to cleanup old +build buildtag 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-12-29 14:25:14 +08:00
Rodrigo Campos
ca69ae2656 Add integration tests for CRI userns 
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-12-27 22:01:12 -03:00
Derek McGowan
47fee791f6
Add sandbox store plugin type 
Moves the sandbox store plugin under the plugins packages and adds a
unique plugin type for other plugins to depend on it.
Updates the sandbox controller plugin to depend on the sandbox store
plugin.

Signed-off-by: Derek McGowan <derek@mcg.dev>
 2022-12-20 23:05:14 -08:00
Samuel Karp
3233d5d6f5
Merge pull request #7845 from dcantah/fix-noip-onrestart 
Fixes https://github.com/containerd/containerd/issues/7843
 2022-12-20 14:28:54 -08:00
Danny Canter
3ee6dd5c1b CRI: Fix no CNI info for pod sandbox on restart 
Due to when we were updating the pod sandboxes underlying container
object, the pointer to the sandbox would have the right info, but
the on-disk representation of the data was behind. This would cause
the data returned from loading any sandboxes after a restart to have
no CNI result or IP information for the pod.

This change does an additional update to the on-disk container info
right after we invoke the CNI plugin so the metadata for the CNI result
and other networking information is properly flushed to disk.

Signed-off-by: Danny Canter <danny@dcantah.dev>
 2022-12-20 13:20:27 -08:00
Kazuyoshi Kato
d5dd11dcdc Enable checkRename test 
One of the cases wouldn't work on overlayfs, but other cases and/or
snapshotters should be tested.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-12-19 22:06:07 +00:00
Sebastiaan van Stijn
ce4ea26953
go.mod: update fuzz-headers and fuzz-build 
Slowly chipping away non-tagged golang.org/x/ packages

diffs:

- b2031950a3...5330a85ea6
- 3345c89a7c...d395f97c48

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-12-15 17:36:05 +01:00
Maksym Pavlenko
373c26d585
Merge pull request #7709 from lucacome/bump-grpc 
Bump grpc to v1.51.0
 2022-12-13 22:21:00 -08:00
Phil Estes
ecf00ffe84
Merge pull request #7783 from inspektor-gadget/qasim/cri-disable-swap 
cri: make swapping disabled with memory limit
 2022-12-13 15:21:51 -05:00
Luca Comellini
d7507c3c13
Bump grpc to v1.51.0 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2022-12-12 09:16:53 -08:00
Mike Brown
4f4fa9b497
Merge pull request #7791 from fuweid/follow-up-7073 
integration: increase timeout in container_event_test.go
 2022-12-09 12:43:05 -06:00
Phil Estes
a7428f4473
Merge pull request #7732 from AkihiroSuda/sha256-simd 
digest: use github.com/minio/sha256-simd
 2022-12-09 09:37:37 -05:00
Wei Fu
423f4388b4 integration: increase timeout in container_event_test.go 
Follow-up: https://github.com/containerd/containerd/pull/7073#discussion_r1044142416

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-12-09 15:26:49 +08:00
Fu Wei
f2cf411b79
Merge pull request #7073 from ruiwen-zhao/event 
Add container event support to containerd
 2022-12-09 15:24:23 +08:00
ruiwen-zhao
a338abc902 Add container event support to containerd 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-12-08 19:30:39 +00:00
Maksym Pavlenko
3bc8fc4d30 Cleanup build constraints 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-12-08 09:36:20 -08:00
Qasim Sarfraz
69975b92bb cri: make swapping disabled with memory limit 
OCI runtime spec defines memory.swap as 'limit of memory+Swap usage'
so setting them to equal should disable the swap. Also, this change
should make containerd behaviour same as other runtimes e.g
'cri-dockerd/dockershim' and won't be impacted when user turn on
'NodeSwap' (https://github.com/kubernetes/enhancements/issues/2400) feature.

Signed-off-by: Qasim Sarfraz <qasimsarfraz@microsoft.com>
 2022-12-08 13:54:55 +01:00
Akihiro Suda
cde9490779
digest: use github.com/minio/sha256-simd 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2022-12-08 18:50:00 +09:00
Sebastiaan van Stijn
662d8a085e
vendor: golang.org/x/net v0.4.0 
golang.org/x/net contains a fix for CVE-2022-41717, which was addressed
in stdlib in go1.19.4 and go1.18.9;

> net/http: limit canonical header cache by bytes, not entries
>
> An attacker can cause excessive memory growth in a Go server accepting
> HTTP/2 requests.
>
> HTTP/2 server connections contain a cache of HTTP header keys sent by
> the client. While the total number of entries in this cache is capped,
> an attacker sending very large keys can cause the server to allocate
> approximately 64 MiB per open connection.
>
> This issue is also fixed in golang.org/x/net/http2 v0.4.0,
> for users manually configuring HTTP/2.

full diff: https://github.com/golang/net/compare/c63010009c80...v0.4.0

other dependency updates (due to (circular) dependencies between them):

- golang.org/x/sys v0.3.0: https://github.com/golang/sys/compare/v0.2.0...v0.3.0
- golang.org/x/term v0.3.0: https://github.com/golang/term/compare/v0.1.0...v0.3.0
- golang.org/x/text v0.5.0: https://github.com/golang/text/compare/v0.4.0...v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-12-07 22:20:44 +01:00
Krisztian Litkey
740e90177a go.mod: re-vendor NRI from the official repo. 
Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2022-12-02 19:07:30 +02:00
Derek McGowan
51195ad099
Merge pull request #7731 from mxpv/cri 
[Sandbox API] CRI status cleanup
 2022-12-01 13:43:13 -08:00
Derek McGowan
0762a3a759
Add media type to export stream 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2022-11-30 12:56:57 -08:00
Derek McGowan
11c1c8e6f4
Update import logic 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2022-11-30 12:56:56 -08:00
Derek McGowan
cd67a98ec7
Add transfer integration test 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2022-11-30 12:56:54 -08:00
Derek McGowan
c469f67a2b
Merge pull request #6019 from klihub/pr/proto/nri 
NRI: add support for NRI with extended scope.
 2022-11-30 10:42:17 -08:00
Kirtana Ashok
08d5879f32 Added nullptr checks to pkg/cri/server and sbserver 
Signed-off-by: Kirtana Ashok <Kirtana.Ashok@microsoft.com>
 2022-11-29 13:25:49 -08:00
Maksym Pavlenko
cc111eef61 [sandbox] Move sandbox info to podsandbox controller 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-11-28 12:06:41 -08:00
Krisztian Litkey
ca84aba6cc integration: add first NRI integration tests. 
Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2022-11-28 21:51:25 +02:00
Krisztian Litkey
43704ca888 nri: add experimental NRI plugin. 
Add a common NRI 'service' plugin. It takes care of relaying
requests and respones to and from NRI (external NRI plugins)
and the high-level containerd namespace-independent logic of
applying NRI container adjustments and updates to actual CRI
and other containers.

The namespace-dependent details of the necessary container
manipulation operations are to be implemented by namespace-
specific adaptations. This NRI plugin defines the API which
such adaptations need to implement.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2022-11-28 21:51:06 +02:00
Phil Estes
e0be97ccee
Merge pull request #7721 from thaJeztah/protobuf_extensions_fix 
go.mod: golang_protobuf_extensions v1.0.4 - prevent incompatible versions
 2022-11-28 12:22:50 -05:00
Sebastiaan van Stijn
2136736f52
go.mod: golang_protobuf_extensions v1.0.4 - prevent incompatible versions 
This module made a whoopsie, and updated to `google.golang.org/protobuf`
in a patch release, but `google.golang.org/protobuf` is not backward
compatible with `github.com/golang/protobuf`.

Updating the minimum version to v1.0.4 which corrects this, to prevent
users of containerd as a module from accidentally pulling in the wrong
version:

- v1.0.3 switched to use `google.golang.org/protobuf`; https://github.com/matttproud/golang_protobuf_extensions/compare/v1.0.2..v1.0.3
- This was reverted in v1.0.4 (which is the same as v1.0.2); https://github.com/matttproud/golang_protobuf_extensions/compare/v1.0.3..v1.0.4
- And a `v2` was created instead; https://github.com/matttproud/golang_protobuf_extensions/releases/tag/v2.0.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-25 15:06:58 +01:00
Sebastiaan van Stijn
63c6c55ab4
go.mod: roll back github.com/containerd/cgroups to v1.0.4 release 
This was updated in 470d3ee057, but we
only needed the ebpf update. As nothing depends on this module anymore,
other than for the stats package (which didn't change in between), we
can (for now) roll it back to v1.0.4, and just force the newer ebpf
package.

Things rolled back (doesn't affect vendored code);

https://github.com/containerd/cgroups/compare/7083cd60b721..v1.0.4

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-25 10:00:37 +01:00
Sebastiaan van Stijn
3c1c0878e3
integration/client: update containerd version to v1.7.0-beta.0 
While the version isn't used (as it's replaced), let's keep it somewhat
in line with reality :)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-25 09:29:03 +01:00
Sebastiaan van Stijn
ebd63adac2
integration/client: fix go.mod grouping 
go.mod doesn't always do a great job on keeping the dependencies grouped in the
right block; 2b60770c4b added an extra "require"
block, after which things went downward.

This patch is grouping them back in the right block to nudge it in the right
direction.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-25 09:22:36 +01:00
Samuel Karp
7d3ca170fd
Merge pull request #7426 from samuelkarp/port-pr-5904-to-sbserver 2022-11-22 16:02:15 -08:00
AdamKorcz
ed3a49c0e6 fix for OSS-Fuzz infra changes 
Signed-off-by: AdamKorcz <adam@adalogics.com>
 2022-11-22 10:18:28 +00:00
Samuel Karp
ac4af4df89
integration: enable CNI slow test for sbserver 
Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2022-11-21 16:45:37 -08:00
Samuel Karp
085d8e6334
integration: enable tests for sbserver 
Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2022-11-21 16:45:37 -08:00
Sebastiaan van Stijn
bd912bbee0
go.mod: github.com/matttproud/golang_protobuf_extensions v1.0.2 
Same commit, but now tagged

diff: https://github.com/matttproud/golang_protobuf_extensions/compare/c182affec369...v1.0.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-20 22:21:42 +01:00
Sebastiaan van Stijn
5f23daeb26
go.mod: github.com/moby/sys/sequential v0.5.0 
Same commit, but now tagged

diff: https://github.com/moby/sys/compare/b22ba8a69b30...sequential/v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-20 22:20:47 +01:00
Sebastiaan van Stijn
763ec7c862
go.mod: github.com/cpuguy83/go-md2man/v2 v2.0.2 
it's an indirect dependency, but updating allows us to drop another
dependency.

full diff: https://github.com/cpuguy83/go-md2man/compare/v2.0.0...v2.0.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-20 22:19:43 +01:00
Sebastiaan van Stijn
0f616e3549
go.mod: github.com/AdaLogics/go-fuzz-headers v0.0.0-20221118232415-3345c89a7c72 
full diff: 443f56ff4b...3345c89a7c

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-20 21:59:44 +01:00
Sebastiaan van Stijn
df4d07352d
go.mod: golang.org/x/sys v0.2.0 
full diff: https://github.com/golang/sys/compare/v0.1.0...v0.2.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-20 21:58:02 +01:00
Sebastiaan van Stijn
4e68634ef0
go.mod: github.com/sirupsen/logrus v1.9.0 
full diff: https://github.com/sirupsen/logrus/compare/v1.8.1...v1.9.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-20 21:53:29 +01:00
Akihiro Suda
b9f79d3018
Merge pull request #7703 from yanggangtony/fsnotify 
Fsnotify bump and change code
 2022-11-20 19:50:54 +09:00
yanggang
2cea525eee
Bump fsnotify to v1.6.0 
Signed-off-by: yanggang <gang.yang@daocloud.io>
 2022-11-20 09:37:37 +08:00
yanggang
73c6db881b
Bump urfave-cli to v1.22.10 
Signed-off-by: yanggang <gang.yang@daocloud.io>
 2022-11-19 15:13:27 +08:00
ruiwen-zhao
792294ce06 Update to cri-api v0.26.0-beta.0 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-11-18 21:13:34 +00:00
Derek McGowan
223f67ccdb
Merge pull request #7601 from kzys/cgroups-upgrade 
Upgrade github.com/containerd/cgroups from v1 to v3
 2022-11-17 21:55:03 -08:00
Kazuyoshi Kato
6596a70861 Use github.com/containerd/cgroups/v3 to remove gogo 
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-11-14 21:07:48 +00:00