Akhil Mohan
e5ad0d0a0e
update build to go1.23.7, test go1.24.1
...
- go1.23.7 (released 2025-03-04) includes security fixes to the net/http
package, as well as bug fixes to cgo, the compiler, and the reflect,
runtime, and syscall packages. See the Go 1.23.7 milestone on our issue
tracker for details
- go1.24.1 (released 2025-03-04) includes security fixes to the net/http
package, as well as bug fixes to cgo, the compiler, the go command, and
the reflect, runtime, and syscall packages. See the Go 1.24.1 milestone
on our issue tracker for details.
Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
2025-03-09 19:06:40 +05:30
dependabot[bot]
7215a7d2ca
build(deps): bump containerd/project-checks from 1.1.0 to 1.2.1
...
Bumps [containerd/project-checks](https://github.com/containerd/project-checks ) from 1.1.0 to 1.2.1.
- [Commits](434a071576...800740a80e
)
---
updated-dependencies:
- dependency-name: containerd/project-checks
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 69c0d7f60f74210d6e41515e9064bb96362683c7)
Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
2025-03-06 14:43:05 +05:30
Akihiro Suda
f3284aa68f
CI: arm64-8core-32gb -> ubuntu-24.04-arm
...
GHA now provides ARM runners for free
https://github.blog/changelog/2025-01-16-linux-arm64-hosted-runners-now-available-for-free-in-public-repositories-public-preview/
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
(cherry picked from commit 4e7484d3f40a8ec07126eb16fae614aedafe630a)
> Conflicts:
> .github/workflows/ci.yml
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2025-02-26 10:15:20 +09:00
Akhil Mohan
4d19a6adfe
update build to go1.23.6, test go1.24.0
...
Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
2025-02-19 20:40:03 +05:30
dependabot[bot]
c738c3aabc
build(deps): bump actions/cache from 4.1.2 to 4.2.0
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.1.2 to 4.2.0.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](6849a64899...1bd1e32a3b
)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 9270122437f5a0105c74b49089fddc1a2c2648af)
Signed-off-by: Jin Dong <djdongjin95@gmail.com>
2025-02-18 20:26:38 +00:00
Akhil Mohan
1f4e5688ef
update to go1.23.5 / go1.22.11
...
- go1.23.5 (released 2025-01-16) includes security fixes to the
crypto/x509 and net/http packages, as well as bug fixes to the compiler,
the runtime, and the net package. See the Go 1.23.5 milestone on our
issue tracker for details.
- go1.22.11 (released 2025-01-16) includes security fixes to the
crypto/x509 and net/http packages, as well as bug fixes to the runtime.
See the Go 1.22.11 milestone on our issue tracker for details.
Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
2025-01-22 05:12:48 +00:00
Derek McGowan
5942b3fcba
Update golangci to 1.60.3
...
Signed-off-by: Derek McGowan <derek@mcg.dev>
2024-12-20 19:27:06 +00:00
Maksym Pavlenko
e206c07edc
Merge pull request #11154 from k8s-infra-cherrypick-robot/cherry-pick-11122-to-release/2.0
...
[release/2.0] build(deps): bump actions/attest-build-provenance from 1.4.4 to 2.1.0
2024-12-13 11:41:59 -08:00
dependabot[bot]
fe69570849
build(deps): bump actions/attest-build-provenance from 1.4.4 to 2.1.0
...
Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance ) from 1.4.4 to 2.1.0.
- [Release notes](https://github.com/actions/attest-build-provenance/releases )
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md )
- [Commits](ef244123eb...7668571508
)
Signed-off-by: Derek McGowan <derek@mcg.dev>
2024-12-13 10:09:20 -08:00
Sebastiaan van Stijn
eb2ce68829
update xx to v1.6.1 for compatibility with alpine 3.21 and file 5.46+
...
This fixes compatibility with alpine 3.21 and file 5.46+
- Fix additional possible `xx-cc`/`xx-cargo` compatibility issue with Alpine 3.21
- Support for Alpine 3.21
- Fix `xx-verify` with `file` 5.46+
- Fix possible error taking lock in `xx-apk` in latest Alpine without `coreutils`
full diff: https://github.com/tonistiigi/xx/compare/v1.2.1...v1.6.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-12-12 19:12:49 +00:00
Derek McGowan
154b692b2b
Merge pull request #11109 from k8s-infra-cherrypick-robot/cherry-pick-11102-to-release/2.0
...
[release/2.0] update to go1.23.4 / go1.22.10
2024-12-06 06:07:41 -08:00
Akihiro Suda
62b790bfac
CI: update Fedora to 41
...
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2024-12-06 03:17:32 +00:00
Akhil Mohan
290e8bc704
update to go1.23.4 / go1.22.10
...
- go1.23.4 (released 2024-12-03) includes fixes to the compiler, the runtime,
the trace command, and the syscall package. See the Go 1.23.4 milestone on
our issue tracker for details.
https://github.com/golang/go/issues?q=milestone%3AGo1.23.4+label%3ACherryPickApproved
- go1.22.10 (released 2024-12-03) includes fixes to the runtime and the
syscall package. See the Go 1.22.10 milestone on our issue tracker for details.
https://github.com/golang/go/issues?q=milestone%3AGo1.22.10+label%3ACherryPickApproved
Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
2024-12-06 02:48:11 +00:00
Austin Vazquez
34a45cab2a
Publish attestation as release artifact
...
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
(cherry picked from commit 3961dc9c8cb0e31925e45a2273bbdc06412be262)
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
2024-11-26 19:47:08 -07:00
Jin Dong
7dec6b4607
move rocky 9.4 to almalinux/9 in CI
...
Signed-off-by: Jin Dong <djdongjin95@gmail.com>
(cherry picked from commit 288001f68c5fd34cfbdc7284f14375a3762b8ff4)
Signed-off-by: Jin Dong <djdongjin95@gmail.com>
2024-11-25 13:16:08 +00:00
Akhil Mohan
6399c936fa
Revert "Disable vagrant strict dependency checking"
...
This reverts commit ae73e30130
.
Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
2024-11-15 03:41:44 +00:00
Akhil Mohan
5b879f30c0
update to go1.23.3 / go1.22.9
...
- go1.23.3 (released 2024-11-06) includes fixes to the linker, the
runtime, and the net/http, os, and syscall packages. See the
Go 1.23.3 milestone on our issue tracker for details.
- go1.22.9 (released 2024-11-06) includes fixes to the linker. See
the Go 1.22.9 milestone on our issue tracker for details
Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
2024-11-08 09:04:33 +00:00
Austin Vazquez
458215f6cf
ci: enable marking 2.0 releases as latest
...
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
2024-11-07 15:09:45 +00:00
Derek McGowan
18caa33fdc
Merge pull request #10944 from containerd/dependabot/github_actions/softprops/action-gh-release-2.0.9
...
build(deps): bump softprops/action-gh-release from 2.0.8 to 2.0.9
2024-11-04 21:12:32 -08:00
Derek McGowan
545605d5b4
Merge pull request #10945 from containerd/dependabot/github_actions/google-github-actions/auth-2.1.7
...
build(deps): bump google-github-actions/auth from 2.1.6 to 2.1.7
2024-11-04 21:12:07 -08:00
dependabot[bot]
a43e7c1e2c
build(deps): bump softprops/action-gh-release from 2.0.8 to 2.0.9
...
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.0.8 to 2.0.9.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](c062e08bd5...e7a8f85e1c
)
---
updated-dependencies:
- dependency-name: softprops/action-gh-release
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-11-05 03:20:13 +00:00
dependabot[bot]
1edc2147fa
build(deps): bump google-github-actions/auth from 2.1.6 to 2.1.7
...
Bumps [google-github-actions/auth](https://github.com/google-github-actions/auth ) from 2.1.6 to 2.1.7.
- [Release notes](https://github.com/google-github-actions/auth/releases )
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md )
- [Commits](8254fb75a3...6fc4af4b14
)
---
updated-dependencies:
- dependency-name: google-github-actions/auth
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-11-05 01:26:56 +00:00
dependabot[bot]
bef201fe6b
build(deps): bump google-github-actions/upload-cloud-storage
...
Bumps [google-github-actions/upload-cloud-storage](https://github.com/google-github-actions/upload-cloud-storage ) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/google-github-actions/upload-cloud-storage/releases )
- [Changelog](https://github.com/google-github-actions/upload-cloud-storage/blob/main/CHANGELOG.md )
- [Commits](e485962f2b...386ab77f37
)
---
updated-dependencies:
- dependency-name: google-github-actions/upload-cloud-storage
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-11-05 00:55:30 +00:00
Derek McGowan
ae73e30130
Disable vagrant strict dependency checking
...
Fixes broken vagrant builds
Signed-off-by: Derek McGowan <derek@mcg.dev>
2024-11-04 16:18:51 -08:00
Maksym Pavlenko
3358f57a77
Merge pull request #10911 from containerd/dependabot/github_actions/github/codeql-action-3.27.0
...
build(deps): bump github/codeql-action from 3.26.13 to 3.27.0
2024-10-30 00:21:44 +00:00
dependabot[bot]
79089232b4
build(deps): bump actions/checkout from 4.2.1 to 4.2.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](eef61447b9...11bd71901b
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-10-29 17:05:49 +00:00
dependabot[bot]
2789ba30ee
build(deps): bump actions/cache from 4.1.1 to 4.1.2
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](3624ceb22c...6849a64899
)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-10-28 23:51:06 +00:00
dependabot[bot]
6b655d0931
build(deps): bump github/codeql-action from 3.26.13 to 3.27.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.13 to 3.27.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f779452ac5...662472033e
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-10-28 23:51:01 +00:00
Akihiro Suda
d3ff3e2ff5
CI: move crun from Ubuntu to Fedora
...
crun is usually used on Fedora, RHEL, and similar distros.
So it makes more sense to run crun tests on Fedora.
Ubuntu jobs are removed, because inflating the number of the jobs will result
in making the flakiness rate much worse.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2024-10-24 17:56:08 +09:00
Akihiro Suda
1d98bad427
Merge pull request #10872 from containerd/dependabot/github_actions/azure/CLI-2.1.0
...
build(deps): bump azure/CLI from 1.0.9 to 2.1.0
2024-10-23 01:09:18 +09:00
Akihiro Suda
1992917779
Merge pull request #10870 from containerd/dependabot/github_actions/actions/upload-artifact-4.4.3
...
build(deps): bump actions/upload-artifact from 4.1.0 to 4.4.3
2024-10-22 14:54:58 +00:00
Derek McGowan
7663dba25f
Merge pull request #10869 from containerd/dependabot/github_actions/github/codeql-action-3.26.13
...
build(deps): bump github/codeql-action from 3.24.0 to 3.26.13
2024-10-22 13:52:09 +00:00
dependabot[bot]
03860c208e
build(deps): bump azure/CLI from 1.0.9 to 2.1.0
...
Bumps [azure/CLI](https://github.com/azure/cli ) from 1.0.9 to 2.1.0.
- [Release notes](https://github.com/azure/cli/releases )
- [Changelog](https://github.com/Azure/cli/blob/master/ReleaseProcess.md )
- [Commits](4db43908b9...089eac9d8c
)
---
updated-dependencies:
- dependency-name: azure/CLI
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-10-21 23:08:08 +00:00
dependabot[bot]
cf7218fb07
build(deps): bump actions/checkout from 4.1.1 to 4.2.1
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.1 to 4.2.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4.1.1...eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-10-21 23:08:00 +00:00
dependabot[bot]
78ec6ef026
build(deps): bump actions/upload-artifact from 4.1.0 to 4.4.3
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.1.0 to 4.4.3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v4.1.0...b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-10-21 23:07:56 +00:00
dependabot[bot]
bfe8fa3309
build(deps): bump github/codeql-action from 3.24.0 to 3.26.13
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.0 to 3.26.13.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v3.24.0...f779452ac5af1c261dce0346a8f964149f49322b )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-10-21 23:07:51 +00:00
dependabot[bot]
4f2bc1580b
build(deps): bump lycheeverse/lychee-action from 1.10.0 to 2.0.2
...
Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action ) from 1.10.0 to 2.0.2.
- [Release notes](https://github.com/lycheeverse/lychee-action/releases )
- [Commits](https://github.com/lycheeverse/lychee-action/compare/v1.10.0...v2.0.2 )
---
updated-dependencies:
- dependency-name: lycheeverse/lychee-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-10-16 07:55:51 +00:00
StepSecurity Bot
bff82e1968
[StepSecurity] ci: Harden GitHub Actions
...
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-10-16 05:53:03 +00:00
Akihiro Suda
1db0064c6a
CI: install OVMF for Vagrant
...
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2024-10-12 05:19:09 +09:00
Akihiro Suda
4d02217b5e
CI: fix "Unable to find a source package for vagrant" error
...
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2024-10-12 05:19:08 +09:00
Akihiro Suda
38beeb359a
Revert "use vagrant from jammy in noble"
...
This reverts commit 1bfdccee09
.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2024-10-12 05:19:08 +09:00
Akihiro Suda
e2daa20ed5
Revert "use older version of OVMF package"
...
This reverts commit c25183ff19
.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2024-10-12 05:19:08 +09:00
Phil Estes
ee921689f7
Switch from actuated.dev to GH Action runners for arm64
...
Signed-off-by: Phil Estes <estesp@amazon.com>
2024-10-11 13:30:43 -04:00
Austin Vazquez
46f5a0d939
update to go1.23.2,go1.22.8
...
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
2024-10-07 15:09:53 +00:00
Austin Vazquez
7b18098513
Update runner images to macOS13
...
This change upgrades the runner images in CI to macOS 13. macOS 12
runners are being deprecated.
See https://github.com/actions/runner-images/issues/10721 for more
information.
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
2024-10-07 01:31:05 +00:00
lengrongfu
095131abf9
add use systemd cgroup e2e
...
Signed-off-by: lengrongfu <lenronfu@gmail.com>
Signed-off-by: rongfu.leng <lenronfu@gmail.com>
2024-10-03 00:37:29 +08:00
Sebastiaan van Stijn
9037069da8
update to go1.23.1, go1.22.7
...
- https://github.com/golang/go/issues?q=milestone%3AGo1.23.1+label%3ACherryPickApproved
- full diff: https://github.com/golang/go/compare/go1.23.0...go1.23.1
These minor releases include 3 security fixes following the security policy:
- go/parser: stack exhaustion in all Parse* functions
Calling any of the Parse functions on Go source code which contains
deeply nested literals can cause a panic due to stack exhaustion.
This is CVE-2024-34155 and Go issue https://go.dev/issue/69138 .
- encoding/gob: stack exhaustion in Decoder.Decode
Calling Decoder.Decode on a message which contains deeply nested
structures can cause a panic due to stack exhaustion.
This is a follow-up to CVE-2022-30635.
Thanks to Md Sakib Anwar of The Ohio State University for reporting
this issue.
This is CVE-2024-34156 and Go issue https://go.dev/issue/69139 .
- go/build/constraint: stack exhaustion in Parse
Calling Parse on a "// +build" build tag line with deeply nested
expressions can cause a panic due to stack exhaustion.
This is CVE-2024-34158 and Go issue https://go.dev/issue/69141 .
View the release notes for more information:
https://go.dev/doc/devel/release#go1.23.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-06 16:12:28 +02:00
Akihiro Suda
ef1316efc1
Merge pull request #10642 from containerd/dependabot/github_actions/google-github-actions/upload-cloud-storage-2.2.0
...
build(deps): bump google-github-actions/upload-cloud-storage from 2.1.3 to 2.2.0
2024-09-03 16:24:15 +00:00
dependabot[bot]
bf5fc240b1
build(deps): bump google-github-actions/upload-cloud-storage
...
Bumps [google-github-actions/upload-cloud-storage](https://github.com/google-github-actions/upload-cloud-storage ) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/google-github-actions/upload-cloud-storage/releases )
- [Changelog](https://github.com/google-github-actions/upload-cloud-storage/blob/main/CHANGELOG.md )
- [Commits](https://github.com/google-github-actions/upload-cloud-storage/compare/v2.1.3...v2.2.0 )
---
updated-dependencies:
- dependency-name: google-github-actions/upload-cloud-storage
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-27 00:02:05 +00:00
Derek McGowan
a26a33c3d9
Merge pull request #10543 from vishalRGurrala/feature/generate-attestation-for-artifacts
...
Generate attestation for artifacts during release CI job
2024-08-26 23:36:04 +00:00