github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
14,629 Commits 3 Branches 2 Tags 112 MiB
td-v2.0.4
Commit Graph

671 Commits

Author SHA1 Message Date
Evan Lezar
9dd29b3cf7 Update container-device-interface to v0.6.2 
This includes migrating from the github.com/container-orchestrated-devices
repo to tags.cncf.io.

Signed-off-by: Evan Lezar <elezar@nvidia.com>
 2024-01-23 11:36:34 +01:00
dependabot[bot]
dfb1753800
build(deps): bump the golang-x group with 2 updates 
Bumps the golang-x group with 2 updates: [golang.org/x/sync](https://github.com/golang/sync) and [golang.org/x/sys](https://github.com/golang/sys).


Updates `golang.org/x/sync` from 0.5.0 to 0.6.0
- [Commits](https://github.com/golang/sync/compare/v0.5.0...v0.6.0)

Updates `golang.org/x/sys` from 0.15.0 to 0.16.0
- [Commits](https://github.com/golang/sys/compare/v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang-x
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang-x
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-08 23:48:26 +00:00
dependabot[bot]
5387747e92
build(deps): bump github.com/containerd/cgroups/v3 from 3.0.2 to 3.0.3 
Bumps [github.com/containerd/cgroups/v3](https://github.com/containerd/cgroups) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/containerd/cgroups/releases)
- [Commits](https://github.com/containerd/cgroups/compare/v3.0.2...v3.0.3)

---
updated-dependencies:
- dependency-name: github.com/containerd/cgroups/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-29 11:45:53 +00:00
Bryant Biggs
a1e0601e03 fix: Update go.opentelemetry.io/otel/sdk/trace to satisfy traceProvider interface 
Signed-off-by: Bryant Biggs <bryantbiggs@gmail.com>
 2023-12-28 09:56:54 -05:00
Bryant Biggs
78421616e0 deps: Update otelgrpc 
Signed-off-by: Bryant Biggs <bryantbiggs@gmail.com>
 2023-12-28 09:47:05 -05:00
Akihiro Suda
b23a75b611
Merge pull request #9579 from containerd/dependabot/go_modules/github.com/fsnotify/fsnotify-1.7.0 
build(deps): bump github.com/fsnotify/fsnotify from 1.6.0 to 1.7.0
 2023-12-28 02:10:55 +00:00
Akihiro Suda
ee9638dbba
Merge pull request #9577 from containerd/dependabot/go_modules/github.com/intel/goresctrl-0.6.0 
build(deps): bump github.com/intel/goresctrl from 0.5.0 to 0.6.0
 2023-12-28 00:29:05 +00:00
dependabot[bot]
bd4c281c56
build(deps): bump github.com/fsnotify/fsnotify from 1.6.0 to 1.7.0 
Bumps [github.com/fsnotify/fsnotify](https://github.com/fsnotify/fsnotify) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/fsnotify/fsnotify/releases)
- [Changelog](https://github.com/fsnotify/fsnotify/blob/main/CHANGELOG.md)
- [Commits](https://github.com/fsnotify/fsnotify/compare/v1.6.0...v1.7.0)

---
updated-dependencies:
- dependency-name: github.com/fsnotify/fsnotify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-28 00:05:31 +00:00
dependabot[bot]
62a824a4bd
build(deps): bump github.com/intel/goresctrl from 0.5.0 to 0.6.0 
Bumps [github.com/intel/goresctrl](https://github.com/intel/goresctrl) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/intel/goresctrl/releases)
- [Commits](https://github.com/intel/goresctrl/compare/v0.5.0...v0.6.0)

---
updated-dependencies:
- dependency-name: github.com/intel/goresctrl
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-27 22:45:39 +00:00
Derek McGowan
fdc187bfb4
Merge pull request #9578 from containerd/dependabot/go_modules/google.golang.org/protobuf-1.32.0 
build(deps): bump google.golang.org/protobuf from 1.31.0 to 1.32.0
 2023-12-27 22:09:14 +00:00
dependabot[bot]
7fe038e4a5
build(deps): bump google.golang.org/protobuf from 1.31.0 to 1.32.0 
Bumps google.golang.org/protobuf from 1.31.0 to 1.32.0.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-25 23:16:57 +00:00
dependabot[bot]
81bb669428
build(deps): bump github.com/google/uuid from 1.3.1 to 1.5.0 
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.1 to 1.5.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/uuid/compare/v1.3.1...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-25 23:16:38 +00:00
Amit Barve
daa1ea522b Add cimfs differ and snapshotter 
Details about CimFs project are discussed in #8346

Signed-off-by: Amit Barve <ambarve@microsoft.com>
 2023-12-20 09:29:08 -08:00
Fu Wei
643fa70a7d
Merge pull request #9561 from containerd/dependabot/go_modules/google.golang.org/grpc-1.60.1 
build(deps): bump google.golang.org/grpc from 1.58.3 to 1.60.1
 2023-12-20 15:45:21 +00:00
Fu Wei
83e09cc9e5
Merge pull request #9519 from containerd/dependabot/go_modules/github.com/google/uuid-1.5.0 
build(deps): bump github.com/google/uuid from 1.3.1 to 1.5.0
 2023-12-20 14:24:21 +00:00
dependabot[bot]
1f9151af60
build(deps): bump google.golang.org/grpc from 1.58.3 to 1.60.1 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.58.3 to 1.60.1.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.58.3...v1.60.1)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-18 23:59:35 +00:00
Akihiro Suda
23978a158f
Merge pull request #9537 from containerd/dependabot/go_modules/github.com/prometheus/client_golang-1.17.0 
build(deps): bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0
 2023-12-15 11:24:24 +00:00
dependabot[bot]
e10c82e4cc
build(deps): bump github.com/google/uuid from 1.3.1 to 1.5.0 
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.1 to 1.5.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/uuid/compare/v1.3.1...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-15 01:55:50 +00:00
Akihiro Suda
1da783894b
Merge pull request #9540 from containerd/dependabot/go_modules/github.com/intel/goresctrl-0.5.0 
build(deps): bump github.com/intel/goresctrl from 0.3.0 to 0.5.0
 2023-12-15 01:14:35 +00:00
dependabot[bot]
fc4b78c05c
build(deps): bump github.com/intel/goresctrl from 0.3.0 to 0.5.0 
Bumps [github.com/intel/goresctrl](https://github.com/intel/goresctrl) from 0.3.0 to 0.5.0.
- [Release notes](https://github.com/intel/goresctrl/releases)
- [Commits](https://github.com/intel/goresctrl/compare/v0.3.0...v0.5.0)

---
updated-dependencies:
- dependency-name: github.com/intel/goresctrl
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 03:37:26 +00:00
dependabot[bot]
1c96087ce7
build(deps): bump github.com/Microsoft/hcsshim 
Bumps [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim) from 0.12.0-rc.0 to 0.12.0-rc.1.
- [Release notes](https://github.com/Microsoft/hcsshim/releases)
- [Commits](https://github.com/Microsoft/hcsshim/compare/v0.12.0-rc.0...v0.12.0-rc.1)

---
updated-dependencies:
- dependency-name: github.com/Microsoft/hcsshim
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 03:37:06 +00:00
dependabot[bot]
7e3c8af520
build(deps): bump github.com/prometheus/client_golang 
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.16.0...v1.17.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 03:36:55 +00:00
Akihiro Suda
98796a4da8
Merge pull request #9526 from containerd/dependabot/go_modules/github.com/moby/sys/mountinfo-0.7.1 
build(deps): bump github.com/moby/sys/mountinfo from 0.6.2 to 0.7.1
 2023-12-14 00:52:13 +00:00
Akihiro Suda
2196327f55
Merge pull request #9525 from containerd/dependabot/go_modules/k8s.io/component-base-0.28.4 
build(deps): bump k8s.io/component-base from 0.28.2 to 0.28.4
 2023-12-13 22:59:43 +00:00
dependabot[bot]
4a71a93604
build(deps): bump github.com/moby/sys/mountinfo from 0.6.2 to 0.7.1 
Bumps [github.com/moby/sys/mountinfo](https://github.com/moby/sys) from 0.6.2 to 0.7.1.
- [Release notes](https://github.com/moby/sys/releases)
- [Commits](https://github.com/moby/sys/compare/mountinfo/v0.6.2...mountinfo/v0.7.1)

---
updated-dependencies:
- dependency-name: github.com/moby/sys/mountinfo
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 17:40:31 +00:00
Akihiro Suda
ff6324c953
Merge pull request #9527 from containerd/dependabot/go_modules/golang.org/x/mod-0.14.0 
build(deps): bump golang.org/x/mod from 0.13.0 to 0.14.0
 2023-12-13 16:50:40 +00:00
Phil Estes
73167c07a7
Merge pull request #9523 from containerd/dependabot/go_modules/github.com/klauspost/compress-1.17.4 
build(deps): bump github.com/klauspost/compress from 1.17.2 to 1.17.4
 2023-12-13 16:42:38 +00:00
dependabot[bot]
344fe957f4
build(deps): bump golang.org/x/mod from 0.13.0 to 0.14.0 
Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.13.0 to 0.14.0.
- [Commits](https://github.com/golang/mod/compare/v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 16:14:48 +00:00
Akihiro Suda
308839d23a
Merge pull request #9521 from containerd/dependabot/go_modules/golang.org/x/sync-0.5.0 
build(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0
 2023-12-13 15:07:04 +00:00
dependabot[bot]
6726a2aebf
build(deps): bump k8s.io/component-base from 0.28.2 to 0.28.4 
Bumps [k8s.io/component-base](https://github.com/kubernetes/component-base) from 0.28.2 to 0.28.4.
- [Commits](https://github.com/kubernetes/component-base/compare/v0.28.2...v0.28.4)

---
updated-dependencies:
- dependency-name: k8s.io/component-base
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:26:34 +00:00
dependabot[bot]
0c98f10631
build(deps): bump github.com/klauspost/compress from 1.17.2 to 1.17.4 
Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.2 to 1.17.4.
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](https://github.com/klauspost/compress/compare/v1.17.2...v1.17.4)

---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:25:20 +00:00
dependabot[bot]
39ba0347ee
build(deps): bump go.etcd.io/bbolt from 1.3.7 to 1.3.8 
Bumps [go.etcd.io/bbolt](https://github.com/etcd-io/bbolt) from 1.3.7 to 1.3.8.
- [Release notes](https://github.com/etcd-io/bbolt/releases)
- [Commits](https://github.com/etcd-io/bbolt/compare/v1.3.7...v1.3.8)

---
updated-dependencies:
- dependency-name: go.etcd.io/bbolt
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:24:42 +00:00
dependabot[bot]
db43e3d1f7
build(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0 
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.4.0 to 0.5.0.
- [Commits](https://github.com/golang/sync/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:24:20 +00:00
Kohei Tokunaga
c1197995b9
go.mod: Bump up github.com/pelletier/go-toml to v2.1.1 
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-12-12 14:28:55 +09:00
Milas Bowman
ad3b806a4f
fix(tracing): use latest version of semconv 
All components need to use a consistent `semconv` version or OTel
will emit errors about "cannot merge resource due to conflicting Schema URL".

Switch to the appropriate semconv version, which requires dropping
usage of `httpconv`. Instead, the upstream HTTP client hooks are
used directly. (The lower-level functions are no longer exported by
OTel.)

Signed-off-by: Milas Bowman <milas.bowman@docker.com>
 2023-12-06 11:09:40 -08:00
Kohei Tokunaga
9937909693
go.mod: Bump up github.com/containernetworking/plugins to v1.4.0 
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-12-06 10:29:44 +09:00
Maksym Pavlenko
40ec4b9bce
Merge pull request #9410 from ktock/continuity-0.4.3 
go.mod: github.com/containerd/continuity v0.4.3
 2023-12-01 22:41:30 +00:00
Kohei Tokunaga
a813097dcc
Bump up github.com/fsnotify/fsnotify to v1.7.0 
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-11-28 17:07:23 +09:00
Kohei Tokunaga
6da015284c
go.mod: github.com/containerd/continuity v0.4.3 
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-11-22 12:26:35 +09:00
Milas Bowman
e7390d4edc vendor: upgrade OpenTelemetry to v1.19.0 / v0.45.0 
Upgrade OpenTelemetry core libs to v1.19.0 and contrib (for gRPC
tracing) to v0.45.0.

The OpenTelemetry internal module structure/dependency graph is
rather complex, and recently some parts (e.g. metrics) have
graduated to "stable" from "unstable", so this upgrade is important
to unblock downstream projects to be able to use newer versions of
the OpenTelemetry libraries, as they can cause compatibility issues
due to internal/peer dependency changes otherwise.

Hopefully, future updates won't be as problematic, such that projects
using containerd as a dependency will be able to use newer versions
of the libraries in a compatible fashion.

Signed-off-by: Milas Bowman <milas.bowman@docker.com>
 2023-11-15 09:24:36 -05:00
Wei Fu
2fab240f21 integration: init release upgrade test 
The TestUpgrade downloads the latest of previous release's binary and
use them to setup pods and then use current release to recover the
existing pods.

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-11-05 17:51:28 +08:00
Derek McGowan
9db21401c4
Switch to github.com/containerd/plugin 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-11-01 23:01:42 -07:00
Derek McGowan
5fdf55e493
Update go module to github.com/containerd/containerd/v2 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-10-29 20:52:21 -07:00
Derek McGowan
638b474c81
Temporarily remove imgcrypt in CRI to fix circular dependency 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-10-27 15:36:47 -07:00
Derek McGowan
192168038e
Temporarily remove integration/client submodule 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-10-27 11:11:20 -07:00
Akihiro Suda
82d7a69605
Merge pull request #9286 from thaJeztah/bump_copress 
vendor: github.com/klauspost/compress v1.17.2
 2023-10-26 03:26:44 +00:00
Sebastiaan van Stijn
4e3fbd36e7
vendor: github.com/klauspost/compress v1.17.2 
fixes data corruption with zstd output in "best"

full diff: https://github.com/klauspost/compress/compare/v1.17.1...v1.17.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-10-25 23:55:07 +02:00
Milas Bowman
856d1053f4 vendor: google.golang.org/grpc v1.58.3 
Upgrade google.golang.org/grpc to v1.58.3 in preparation for
upgrading OTel, which has a dependency on the latest version.

See also: containerd/containerd#9281.

Signed-off-by: Milas Bowman <milas.bowman@docker.com>
 2023-10-25 16:47:11 -04:00
Maksym Pavlenko
f90f80d9b3
Merge pull request #9254 from adisky/cri-streaming-from-k8s 
Use staging k8s.io/kubelet/cri/streaming package
 2023-10-19 12:32:12 -07:00
Aditi Sharma
03d81f595f Use cri streaming pkg from k8s staging 
Use staging k8s.io/kubelet/cri/streaming package

Signed-off-by: Aditi Sharma <adi.sky17@gmail.com>
 2023-10-18 09:14:28 +05:30
Kohei Tokunaga
3986f80c35
go.mod: bump up github.com/opencontainers/image-spec to v1.1.0-rc5 
Release note: https://github.com/opencontainers/image-spec/releases/tag/v1.1.0-rc5

Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-10-17 10:19:55 +09:00
Derek McGowan
aef2ebc76a
Merge pull request #9250 from thaJeztah/bump_x_net 
vendor: golang.org/x/net v0.17.0
 2023-10-16 15:42:53 -07:00
Sebastiaan van Stijn
f7c9e99422
vendor: golang.org/x/net v0.17.0 
full diff: https://github.com/golang/text/compare/v0.13.0...v0.17.0

This fixes the same CVE as go1.21.3 and go1.20.10;

- net/http: rapid stream resets can cause excessive work

  A malicious HTTP/2 client which rapidly creates requests and
  immediately resets them can cause excessive server resource consumption.
  While the total number of requests is bounded to the
  http2.Server.MaxConcurrentStreams setting, resetting an in-progress
  request allows the attacker to create a new request while the existing
  one is still executing.

  HTTP/2 servers now bound the number of simultaneously executing
  handler goroutines to the stream concurrency limit. New requests
  arriving when at the limit (which can only happen after the client
  has reset an existing, in-flight request) will be queued until a
  handler exits. If the request queue grows too large, the server
  will terminate the connection.

  This issue is also fixed in golang.org/x/net/http2 v0.17.0,
  for users manually configuring HTTP/2.

  The default stream concurrency limit is 250 streams (requests)
  per HTTP/2 connection. This value may be adjusted using the
  golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams
  setting and the ConfigureServer function.

  This is CVE-2023-39325 and Go issue https://go.dev/issue/63417.
  This is also tracked by CVE-2023-44487.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-10-16 21:50:24 +02:00
Sebastiaan van Stijn
c3652540c7
vendor: golang.org/x/text v0.13.0 
full diff: https://github.com/golang/text/compare/v0.11.0...v0.13.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-10-16 21:48:18 +02:00
Sebastiaan van Stijn
ff602c2133
vendor: golang.org/x/sys v0.13.0 
full diff: https://github.com/golang/sys/compare/v0.10.0...v0.13.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-10-16 21:47:15 +02:00
Sebastiaan van Stijn
39b168cdb7
vendor: google.golang.org/grpc v1.57.1 
server: prohibit more than MaxConcurrentStreams handlers from running at once
(CVE-2023-44487).

In addition to this change, applications should ensure they do not leave running
tasks behind related to the RPC before returning from method handlers, or should
enforce appropriate limits on any such work.

- https://github.com/grpc/grpc-go/compare/v1.57.0...v1.57.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-10-16 20:50:18 +02:00
Kohei Tokunaga
41b2b2a7b8
go.mod: bump up github.com/klauspost/compress from v1.17.0 to v1.17.1 
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-10-16 10:38:00 +09:00
Derek McGowan
cb969085f5
Temporarily remove zfs as built in plugin 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-10-12 20:39:22 -07:00
Phil Estes
3bb46b62c4
Merge pull request #9191 from ktock/compress-v1.17.0 
go.mod: Bump up github.com/klauspost/compress v1.16.7 to v1.17.0
 2023-10-04 08:52:49 -04:00
Kohei Tokunaga
39478eeec4
go.mod: Bump up github.com/klauspost/compress v1.16.7 to v1.17.0 
- release: https://github.com/klauspost/compress/releases/tag/v1.17.0
- diff: https://github.com/klauspost/compress/compare/v1.16.7...v1.17.0

Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-10-04 10:01:50 +09:00
Kern Walster
42dc8faba8 Bump x/net to 0.13 
This silences govulncheck detecting
https://pkg.go.dev/vuln/GO-2023-1988.

containerd does not directly use x/net

Signed-off-by: Kern Walster <walster@amazon.com>
 2023-10-03 04:41:35 +00:00
Sebastiaan van Stijn
4b1bb1293e
remove github.com/opencontainers/runc dependency 
This migrates uses of github.com/opencontainers/runc/libcontainer/user
to the new github.com/moby/sys/user module, which was extracted from
runc at commit [opencontainers/runc@a3a0ec48c4].

This is the initial release of the module, which is a straight copy, but
some changes may be made in the next release (such as fixing camel-casing
in some fields and functions (Uid -> UID).

[opencontainers/runc@a3a0ec48c4]: a3a0ec48c4

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-09-27 17:34:28 +02:00
Derek McGowan
b5615caf11
Update go-toml to v2 
Updates host file parsing to use new v2 method rather than the removed
toml.Tree.

Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-09-22 15:35:12 -07:00
Derek McGowan
2f1b92710a
Update zfs library to use new log repository 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-09-22 07:53:23 -07:00
Sebastiaan van Stijn
d69ae811d6
alias log package to github.com/containerd/log v0.1.0 
This "soft" deprecates the package, but keeps the local uses of the package,
which can make backporting this to release-branches easier (we can
still move all uses in those branches as well though).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-09-19 08:44:10 +02:00
Sebastiaan van Stijn
8cbb4ea5d3
vendor: github.com/containerd/nri v0.5.0 
This version no longer has a dependency on containerd, cutting
down the number of circular dependencies.

full diff: https://github.com/containerd/nri/compare/v0.4.0...v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-09-16 10:40:21 +02:00
Fu Wei
fe17f65159
Merge pull request #8287 from kinvolk/rata/userns-stateless-idmap 
Add support for userns in stateless and stateful pods with idmap mounts (KEP-127, k8s >= 1.27)
 2023-09-14 18:14:02 +08:00
Rodrigo Campos
fce1b95076 go.mod: Update runtime spec to include features.MountExtensions 
Future patches will use that field.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2023-09-13 16:44:54 +02:00
Phil Estes
0f52935a53
Merge pull request #9088 from samuelkarp/nri 
vendor: update github.com/containerd/nri@v0.4.0
 2023-09-13 10:26:02 -04:00
Samuel Karp
39804bc3f0
Merge pull request #8909 from liggitt/fieldmask 2023-09-13 00:33:44 -07:00
Samuel Karp
6f9de91efc
vendor: update github.com/containerd/nri@v0.4.0 
Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2023-09-12 16:41:05 -07:00
Sebastiaan van Stijn
05093d7c07
vendor: github.com/cncf-tags/container-device-interface v0.6.1 
Removes uses of the github.com/opencontainers/runc/libcontainer/devices
package.

full diff: https://github.com/cncf-tags/container-device-interface/compare/v0.6.0...v0.6.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-09-08 13:53:43 +02:00
Jordan Liggitt
55b2df560f
go.mod: github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.2 
Signed-off-by: Jordan Liggitt <liggitt@google.com>
 2023-09-07 16:53:10 -04:00
Derek McGowan
b11439fc4b
Merge pull request #9034 from thaJeztah/replace_reference 
replace reference/docker for github.com/distribution/reference v0.5.0
 2023-09-05 06:52:29 -07:00
Derek McGowan
817391989f
Merge pull request #9044 from thaJeztah/update_uuid 
vendor: github.com/google/uuid v1.3.1
 2023-09-04 14:30:46 -07:00
Sebastiaan van Stijn
7d0ab4fc2c
remove uses of github.com/runc/libcontainer/cgroups 
runc considers libcontainer to be "unstable" (not for external use),
so we try not to use it. Commit ed47d6ba76
brought back the dependency on other parts of libcontainer, but looks to
be only depending on a single utility, which in itself was borrowed from
github.com/coreos/go-systemd to not introduce CGO code in the same package.

This patch copies the version from github.com/coreos/go-systemd (adding
proper attribution, although the function is pretty trivial).

runc is in process of moving the libcontainer/user package to an external
module, which means we can remove the dependency on libcontainer entirely
in the near future. There is one more use of `libcontainer` in our vendor
tree; it looks like CDI is depending on one utility (devices.DeviceFromPath);
a943033a8b/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/container-edits_unix.go (L38)

We should remove the dependency on that utility, and add a CI check to
prevent bringing it back.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-09-01 12:10:55 +02:00
Sebastiaan van Stijn
9bc6441c21
vendor: github.com/google/uuid v1.3.1 
Contains some performance improvements:

full diff: https://github.com/google/uuid/compare/v1.3.0...v1.3.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-09-01 11:49:50 +02:00
Sebastiaan van Stijn
4923470902
replace reference/docker for github.com/distribution/reference v0.5.0 
The reference/docker package was a fork of github.com/distribution/distribution,
which could not easily be used as a direct dependency, as it brought many other
dependencies with it.

The "reference' package has now moved to a separate repository, which means
we can replace the local fork, and use the upstream implementation again.

The new module was extracted from the distribution repository at commit:
b9b19409cf

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-08-31 15:54:50 +02:00
Kirtana Ashok
fd5d92a7f5 Update hcsshim tag versioning to v0.12.0-rc.0 
hcsshim tags v0.10.* is deprecated, so using the new
v0.12.0-rc.* versioning for hcsshim tags on containerd/main

Signed-off-by: Kirtana Ashok <kiashok@microsoft.com>
 2023-08-29 17:41:20 -07:00
Akihiro Suda
490905be6f
go.mod: github.com/containerd/continuity v0.4.2 
https://github.com/containerd/continuity/compare/1e0d26eb2381...v0.4.2

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-08-25 16:39:55 +09:00
Fu Wei
738c153573
Merge pull request #8992 from djdongjin/remove-hashicorp-multierror 
Remove hashicorp/go-multierror dependency
 2023-08-23 13:13:51 +08:00
James Sturtevant
8399a4ee71 Remove temporary replace 
Signed-off-by: James Sturtevant <jstur@microsoft.com>
 2023-08-21 16:29:18 +00:00
Jin Dong
cd8c8ae4bc Remove hashicorp/go-multierror 
Signed-off-by: Jin Dong <jin.dong@databricks.com>
 2023-08-20 17:59:45 -07:00
Derek McGowan
465c04c289
Merge pull request #8946 from lengrongfu/feat/bump-client-go 
bump client-go v0.26.4
 2023-08-18 16:35:24 -07:00
Akihiro Suda
eacd74c2b0
Go 1.21.0 
https://go.dev/doc/go1.21

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-08-17 16:54:01 +09:00
Akihiro Suda
f35d1f08ec
go.mod: github.com/opencontainers/runc v1.1.9 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-08-11 21:25:29 +09:00
rongfu.leng
b451fa96a6 bump client-go v0.26.4 
Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>
 2023-08-11 00:30:03 +08:00
Kirtana Ashok
e7e5619fed Update hcsshim tag to v0.10.0 
Signed-off-by: Kirtana Ashok <kiashok@microsoft.com>
 2023-08-09 11:55:54 -07:00
Markus Lehtonen
850b2e1bf3 go.mod: update cri-api to v1.28.0-beta.0 
Required to support upcoming Kubernetes (v1.28) features.

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2023-07-24 14:49:14 +03:00
Akihiro Suda
bc96b9039a
go.mod: github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0 
5330a85ea6...8075edf89b

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-07-23 03:08:01 +09:00
Akihiro Suda
da27408854
go.mod: google.golang.org/genproto v0.0.0-20230720185612-659f7aaaa771 
ccb25ca9f1...659f7aaaa7

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-07-23 03:08:01 +09:00
Akihiro Suda
73dc13ad62
go.mod: github.com/urfave/cli/compare v1.22.14 
https://github.com/urfave/cli/compare/v1.22.13...v1.22.14

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-07-23 03:08:00 +09:00
Akihiro Suda
1c4fc568b1
go.mod: github.com/prometheus/client_golang/compare v1.16.0 
https://github.com/prometheus/client_golang/compare/v1.14.0...v1.16.0

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-07-23 03:08:00 +09:00
Akihiro Suda
68abb525a5
go.mod: github.com/minio/sha256-simd v1.0.1 
https://github.com/minio/sha256-simd/compare/v1.0.0...v1.0.1

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-07-23 03:08:00 +09:00
Akihiro Suda
1f2216cc78
go.mod: github.com/klauspost/compress v1.16.7 
https://github.com/imdario/mergo/compare/v0.3.13...v1.0.0

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-07-23 03:08:00 +09:00
Akihiro Suda
3c6ab04203
go.mod: dario.cat/mergo v1.0.0 
https://github.com/imdario/mergo/compare/v0.3.13...v1.0.0

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-07-23 03:08:00 +09:00
Akihiro Suda
4bda0a69e2
go.mod: github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 
https://github.com/grpc-ecosystem/go-grpc-middleware/compare/v1.3.0...v1.4.0

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-07-23 03:07:59 +09:00
Akihiro Suda
0f033b6125
go.mod: github.com/emicklei/go-restful/v3 v3.10.2 
https://github.com/emicklei/go-restful/compare/v3.10.1...v3.10.2

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-07-23 03:07:59 +09:00
Akihiro Suda
90e050298c
go.mod: github.com/containernetworking/plugin v1.3.0 
https://github.com/containernetworking/plugins/compare/v1.2.0...v1.3.0

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-07-23 03:07:59 +09:00
Akihiro Suda
0498acefb9
go.mod: github.com/.../container-device-interface v0.6.0 
https://github.com/container-orchestrated-devices/container-device-interface/compare/v0.5.4...v0.6.0

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-07-23 03:07:59 +09:00
Akihiro Suda
74b8cb850a
go.mod: github.com/opencontainers/runc v1.1.8 
https://github.com/opencontainers/runc/compare/v1.1.7...v1.1.8

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-07-23 03:07:59 +09:00
Akihiro Suda
895dd2e93b
go.mod: github.com/opencontainers/image-spec v1.1.0-rc4 
https://github.com/opencontainers/image-spec/compare/v1.1.0-rc3...v1.1.0-rc4

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-07-23 03:07:58 +09:00
Akihiro Suda
235a4452df
go.mod: github.com/opencontainers/runtime-spec v1.1.0 
https://github.com/opencontainers/runtime-spec/compare/v1.1.0-rc.2...v1.1.0

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-07-23 03:07:58 +09:00
Kirtana Ashok
56d80f81a2 Update hcsshim tag to v0.10.0-rc.9 
Signed-off-by: Kirtana Ashok <kiashok@microsoft.com>
 2023-07-17 10:28:47 -07:00
Sebastiaan van Stijn
05fef52b68
vendor: github.com/containerd/zfs v1.1.0 
- update github.com/mistifyio/go-zfs dependency to github.com/mistifyio/go-zfs/v3,
  which contains various bugfixes, and adds go module support (which required a major
  version update): https://github.com/mistifyio/go-zfs/compare/f784269be439...v3.0.1
- remove github.com/pkg/errors dependency
- various minor cleanups/fixes

Full diff: https://github.com/containerd/zfs/compare/v1.0.0...v1.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-07-06 11:56:07 +02:00
Danny Canter
d6dbc4040b go.mod: Update cgroups to 3.0.2 
This brings in a ton of great improvements, most notably for the containerd
daemon is performance improvements for cgroups1 and 2 for gathering stats,
as well as some fixes for enabling controllers and deleting v1 cgroups.

Signed-off-by: Danny Canter <danny@dcantah.dev>
 2023-06-29 12:14:59 -07:00
Wei Fu
59b0b39af0 vendor: update github.com/containerd/continuity 
Pin it with 1e0d26eb2381594984ee80989c9c229dbd930d9f

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-06-17 08:36:45 +08:00
Brian Goff
104b9ef9eb Update x/sys to 0.8.0 
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2023-06-03 16:14:38 +00:00
Akihiro Suda
811456b314
go.mod: github.com/containerd/continuity v0.4.0 
https://github.com/containerd/continuity/compare/72c70feb3081...v0.4.0

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-05-17 19:50:20 +09:00
Akihiro Suda
6f715ab101
go.mod: github.com/containerd/go-runc v1.1.0 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-05-17 13:45:37 +09:00
Akihiro Suda
4347fc8bc2
go.mod: github.com/opencontainers/image-spec v1.1.0-rc3 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-05-09 23:35:58 +09:00
Derek McGowan
718250b6ba
Update ttrpc to v1.2.2 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-05-09 13:08:46 -07:00
Phil Estes
43bbffba37
Merge pull request #8500 from AkihiroSuda/runtime-spec-v1.1.0-rc.2 
go.mod: github.com/opencontainers/runtime-spec v1.1.0-rc.2
 2023-05-09 10:42:53 -07:00
Akihiro Suda
5e054ee631
go.mod: github.com/opencontainers/runtime-spec v1.1.0-rc.2 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-05-09 22:26:37 +09:00
Iceber Gu
ecb693ec74 bump typeurl to v2.1.1 
Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>
 2023-05-09 13:23:02 +08:00
Sebastiaan van Stijn
0ba0664742
vendor: github.com/opencontainers/runc v1.1.7 
release notes: https://github.com/opencontainers/runc/releases/tag/v1.1.7
full diff: https://github.com/opencontainers/runc/compare/v1.1.6...v1.1.7

This is the seventh patch release in the 1.1.z release of runc, and is
the last planned release of the 1.1.z series. It contains a fix for
cgroup device rules with systemd when handling device rules for devices
that don't exist (though for devices whose drivers don't correctly
register themselves in the kernel -- such as the NVIDIA devices -- the
full fix only works with systemd v240+).

- When used with systemd v240+, systemd cgroup drivers no longer skip
  DeviceAllow rules if the device does not exist (a regression introduced
  in runc 1.1.3). This fix also reverts the workaround added in runc 1.1.5,
  removing an extra warning emitted by runc run/start.
- The source code now has a new file, runc.keyring, which contains the keys
  used to sign runc releases.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-04-27 12:00:23 +02:00
Sebastiaan van Stijn
cbd10e41a6
vendor: github.com/opencontainers/runc v1.1.6 
release notes: https://github.com/opencontainers/runc/releases/tag/v1.1.6
full diff: opencontainers/runc@v1.1.5...v1.1.6

This is the sixth patch release in the 1.1.z series of runc, which fixes
a series of cgroup-related issues.

Note that this release can no longer be built from sources using Go
1.16. Using a latest maintained Go 1.20.x or Go 1.19.x release is
recommended. Go 1.17 can still be used.

- systemd cgroup v1 and v2 drivers were deliberately ignoring UnitExist error
  from systemd while trying to create a systemd unit, which in some scenarios
  may result in a container not being added to the proper systemd unit and
  cgroup.
- systemd cgroup v2 driver was incorrectly translating cpuset range from spec's
  resources.cpu.cpus to systemd unit property (AllowedCPUs) in case of more
  than 8 CPUs, resulting in the wrong AllowedCPUs setting.
- systemd cgroup v1 driver was prefixing container's cgroup path with the path
  of PID 1 cgroup, resulting in inability to place PID 1 in a non-root cgroup.
- runc run/start may return "permission denied" error when starting a rootless
  container when the file to be executed does not have executable bit set for
  the user, not taking the CAP_DAC_OVERRIDE capability into account. This is
  a regression in runc 1.1.4, as well as in Go 1.20 and 1.20.1
- cgroup v1 drivers are now aware of misc controller.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-04-27 11:59:14 +02:00
Rodrigo Campos
92b93e376a cri: Vendor v0.27.1 
As requested by Akihiro Suda here:
	https://github.com/containerd/containerd/pull/8211#discussion_r1171041922

This just bumps the tag name to the k8s final release. There are no
changes other than the tag name, though.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2023-04-24 16:11:42 +02:00
Sebastiaan van Stijn
f238167408
go.mod: add comment explaining go-fuzz-headers replace rule 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-04-15 13:03:12 +02:00
Sebastiaan van Stijn
ec9e74ed92
go.mod: remove replace for github.com/opencontainers/runtime-tools 
The replace rule was actually downgrading the package by one commit;
946c877fa8...2e043c6bd6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-04-15 13:01:24 +02:00
Rodrigo Campos
85afda6f52 cri: Vendor v0.27.0-beta.0 for mounts uid/gid mappings 
We will use this in future commits to see if the kubelet requested idmap
mounts for volumes, that we don't yet support.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2023-04-11 17:31:27 +02:00
Gabriel Adrian Samfira
e31bef15fa Update continuity 
Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
 2023-03-31 06:17:32 -07:00
Gabriel Adrian Samfira
db32798592 Update continuity, go-winio and hcsshim 
Update dependencies and remove the local bindfilter files. Those have
been moved to go-winio.

Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
 2023-03-31 06:16:52 -07:00
Akihiro Suda
b55dad06aa
go.mod: github.com/opencontainers/runc v1.1.5 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-03-29 17:16:57 +09:00
Akihiro Suda
86fc1ccab4
Remove aufs snapshotter (deprecated since v1.5) 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-03-14 14:37:13 +09:00
Derek McGowan
56354c7de5
Update ttrpc to v1.2.1 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-03-08 10:29:44 -08:00
Akihiro Suda
6d46bb410b
go.mod: go.opentelemetry.io/otel/* v1.14.0 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-03-08 02:06:41 +09:00
Akihiro Suda
535ef5054d
go.mod: github.com/stretchr/testify v1.8.2 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-03-07 22:06:39 +09:00
Akihiro Suda
2b4f830ede
go.mod: github.com/opencontainers/selinux v1.11.0 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-03-07 22:06:39 +09:00
Akihiro Suda
6bfc82dafe
go.mod: github.com/opencontainers/runtime-spec v1.1.0-rc.1 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-03-07 22:06:39 +09:00
Akihiro Suda
7c70185ae9
go.mod: github.com/klauspost/compress v1.16.0 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-03-07 22:06:39 +09:00
Akihiro Suda
8e67b27315
go.mod: github.com/imdario/mergo v0.3.13 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-03-07 22:06:38 +09:00
Akihiro Suda
6afec55581
go.mod: github.com/emicklei/go-restful/v3 v3.10.1 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-03-07 22:06:38 +09:00
Akihiro Suda
c4f928f88c
go.mod: github.com/containerd/ttrpc v1.2.0 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-03-07 22:06:38 +09:00
Akihiro Suda
5630d6a840
go.mod: github.com/containerd/fifo v1.1.0 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-03-07 22:06:38 +09:00
Akihiro Suda
6d95132313
go.mod: github.com/containerd/cgroups/v3 v3.0.1 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-03-07 22:06:38 +09:00
Akihiro Suda
da1ffdd757
go.mod: github.com/Microsoft/hcsshim v0.10.0-rc.7 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-03-07 21:48:06 +09:00
Akihiro Suda
c77ddf5381
Merge pull request #8131 from lucacome/bump-k8s.io-deps 
Bump k8s.io deps
 2023-03-07 21:44:13 +09:00
Derek McGowan
60738e31d2
Update imgcrypt to v1.1.7 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-03-06 22:22:26 -08:00
Luca Comellini
8145b15f08
Bump k8s.io deps 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2023-03-01 21:37:21 -08:00
Derek McGowan
a5a4c9ce04
Merge pull request #8173 from fuweid/update-go-cni-ver 
bump go-cni to v1.1.9
 2023-02-27 23:22:44 -08:00
Akihiro Suda
e0a05b56e5
Merge pull request #8152 from bart0sh/PR007-upgrade-CDI-to-0.5.4 
update CDI version to v0.5.4
 2023-02-28 09:22:30 +09:00
Wei Fu
36ae2f6b9e bump go-cni to v1.1.9 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-02-28 07:30:59 +08:00
Krisztian Litkey
310be5ce6e pkg/nri: update NRI configuration. 
Update NRI plugin configuration to match that of NRI. Remove
option for the eliminated NRI configuration file. Add option
to disable connections from externally launched plugins. Add
options to override default plugin registration and request
timeouts.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2023-02-26 19:56:31 +02:00
Ed Bartosh
30e4a14092 update CDI version to v0.5.4 
Signed-off-by: Ed Bartosh <eduard.bartosh@intel.com>
 2023-02-22 16:38:37 +02:00
Benjamin Wang
2716fd041a dependency: bump go.etcd.io/bbolt to v1.3.7 
Please refer to link below to get more detailed info on bbolt@v1.3.7,
- https://github.com/etcd-io/bbolt/blob/master/CHANGELOG/CHANGELOG-1.3.md#v1372023-01-31

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-02-17 16:34:53 +08:00
Akihiro Suda
281f89a9dc
go.mod: go 1.19 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-02-16 03:50:23 +09:00
Casey Callendrello
d14758b605 go.mod: bump to go-cni main 
Signed-off-by: Casey Callendrello <c1@caseyc.net>
 2023-02-14 16:49:17 +01:00
Akihiro Suda
b61988670c
go.mod: github.com/containerd/typeurl/v2 v2.1.0 
Changes: https://github.com/containerd/typeurl/compare/7f6e6d160d67...v2.1.0

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-02-11 23:39:52 +09:00
Akihiro Suda
52f82acb7b
btrfs: depend on kernel UAPI instead of libbtrfs 
See containerd/btrfs PR 40 and moby/moby PR 44761. (Thanks to [@]neersighted.)

The containerd/btrfs library now requires headers from kernel 4.12 or newer:
- https://github.com/torvalds/linux/blob/master/include/uapi/linux/btrfs.h
- https://github.com/torvalds/linux/blob/master/include/uapi/linux/btrfs_tree.h

These files are licensed under the GPL-2.0 WITH Linux-syscall-note, so it should be compatible with the Apache License 2.0.
https://spdx.org/licenses/Linux-syscall-note.html

The dependency on the kernel headers only affects users building from source.
Users on older kernels may opt to not compile this library (`BUILDTAGS=no_btfs`),
or to provide headers from a newer kernel.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-02-10 10:07:34 +09:00
Kirtana Ashok
e5c57f2422 update hcsshim tag to v0.10.0-rc.5 and revendor 
Signed-off-by: Kirtana Ashok <Kirtana.Ashok@microsoft.com>
 2023-02-03 10:50:56 -08:00
Maksym Pavlenko
99580e0aad Update TTRPC and Protobuild dependencies 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-02-02 09:58:43 -08:00
Sebastiaan van Stijn
d6070f8a74
go.mod: github.com/urfave/cli v1.22.12 
full diff: https://github.com/urfave/cli/compare/v1.22.10...v1.22.12

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-02-01 12:42:03 +01:00
Krisztian Litkey
58bd5a0940 go.mod: update github.com/containerd/nri. 
Point NRI dependency to latest HEAD, commit b3cabdec0657. That
pulls in the necessary NRI fix for a recently discovered panic
and crash.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2023-01-31 15:03:45 +02:00
Akihiro Suda
b5bdd6c7f2
Merge pull request #8027 from AkihiroSuda/containerd-cgroups-v3 
go.mod: github.com/containerd/cgroups/v3 v3.0.0
 2023-01-30 23:06:47 +09:00
Aditi
7ec75b1207 Update CNI to 1.2.0 
Signed-off-by: Aditi <sharmaad@vmware.com>
 2023-01-30 10:25:37 +00:00
Akihiro Suda
306db3e707
go.mod: github.com/containerd/cgroups/v3 v3.0.0 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-01-30 11:57:46 +09:00
Akihiro Suda
5082fb3958
go.mod: go.opentelemetry.io/otel v1.12.0 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-01-30 08:40:46 +09:00
Markus Lehtonen
d845b2a9c2 go.mod: update goresctrl to v0.3.0 
Update github.com/intel/goresctrl to v0.3.0 which ontains multiple
bugfixes to rdt support.

Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2023-01-24 11:34:33 +02:00
Kirtana Ashok
66eeee0439 Update hcsshim tag to v0.10.0-rc.4 
Signed-off-by: Kirtana Ashok <Kirtana.Ashok@microsoft.com>
 2023-01-12 11:29:01 -08:00
AdamKorcz
802c6c5c0d fuzzing: improve archive fuzzer 
Signed-off-by: AdamKorcz <adam@adalogics.com>
 2023-01-11 23:32:45 +00:00
Samuel Karp
6f9936e305
mod: update github.com/pelletier/go-toml@v1.9.5 
Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2023-01-06 13:11:07 -08:00
Phil Estes
544e31c426
Merge pull request #7824 from thaJeztah/bump_fuzz_dep 
go.mod: update fuzz-headers and fuzz-build
 2022-12-16 12:15:41 -05:00
Kazuyoshi Kato
52a7480399 Remove github.com/gogo/protobuf again 
While we need to support CRI v1alpha2, the implementation doesn't have
to be tied to gogo/protobuf.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-12-15 22:54:15 +00:00
Sebastiaan van Stijn
ce4ea26953
go.mod: update fuzz-headers and fuzz-build 
Slowly chipping away non-tagged golang.org/x/ packages

diffs:

- b2031950a3...5330a85ea6
- 3345c89a7c...d395f97c48

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-12-15 17:36:05 +01:00
Luca Comellini
d7507c3c13
Bump grpc to v1.51.0 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2022-12-12 09:16:53 -08:00
Akihiro Suda
cde9490779
digest: use github.com/minio/sha256-simd 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2022-12-08 18:50:00 +09:00
Sebastiaan van Stijn
662d8a085e
vendor: golang.org/x/net v0.4.0 
golang.org/x/net contains a fix for CVE-2022-41717, which was addressed
in stdlib in go1.19.4 and go1.18.9;

> net/http: limit canonical header cache by bytes, not entries
>
> An attacker can cause excessive memory growth in a Go server accepting
> HTTP/2 requests.
>
> HTTP/2 server connections contain a cache of HTTP header keys sent by
> the client. While the total number of entries in this cache is capped,
> an attacker sending very large keys can cause the server to allocate
> approximately 64 MiB per open connection.
>
> This issue is also fixed in golang.org/x/net/http2 v0.4.0,
> for users manually configuring HTTP/2.

full diff: https://github.com/golang/net/compare/c63010009c80...v0.4.0

other dependency updates (due to (circular) dependencies between them):

- golang.org/x/sys v0.3.0: https://github.com/golang/sys/compare/v0.2.0...v0.3.0
- golang.org/x/term v0.3.0: https://github.com/golang/term/compare/v0.1.0...v0.3.0
- golang.org/x/text v0.5.0: https://github.com/golang/text/compare/v0.4.0...v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-12-07 22:20:44 +01:00
Krisztian Litkey
740e90177a go.mod: re-vendor NRI from the official repo. 
Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2022-12-02 19:07:30 +02:00
Krisztian Litkey
b27ef6f169 pkg/cri/server: experimental NRI integration for CRI. 
Implement the adaptation interface required by the NRI
service plugin to handle CRI sandboxes and containers.
Hook the NRI service plugin into CRI request processing.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2022-11-28 21:51:08 +02:00
Krisztian Litkey
43704ca888 nri: add experimental NRI plugin. 
Add a common NRI 'service' plugin. It takes care of relaying
requests and respones to and from NRI (external NRI plugins)
and the high-level containerd namespace-independent logic of
applying NRI container adjustments and updates to actual CRI
and other containers.

The namespace-dependent details of the necessary container
manipulation operations are to be implemented by namespace-
specific adaptations. This NRI plugin defines the API which
such adaptations need to implement.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2022-11-28 21:51:06 +02:00
Phil Estes
e0be97ccee
Merge pull request #7721 from thaJeztah/protobuf_extensions_fix 
go.mod: golang_protobuf_extensions v1.0.4 - prevent incompatible versions
 2022-11-28 12:22:50 -05:00
Sebastiaan van Stijn
2136736f52
go.mod: golang_protobuf_extensions v1.0.4 - prevent incompatible versions 
This module made a whoopsie, and updated to `google.golang.org/protobuf`
in a patch release, but `google.golang.org/protobuf` is not backward
compatible with `github.com/golang/protobuf`.

Updating the minimum version to v1.0.4 which corrects this, to prevent
users of containerd as a module from accidentally pulling in the wrong
version:

- v1.0.3 switched to use `google.golang.org/protobuf`; https://github.com/matttproud/golang_protobuf_extensions/compare/v1.0.2..v1.0.3
- This was reverted in v1.0.4 (which is the same as v1.0.2); https://github.com/matttproud/golang_protobuf_extensions/compare/v1.0.3..v1.0.4
- And a `v2` was created instead; https://github.com/matttproud/golang_protobuf_extensions/releases/tag/v2.0.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-25 15:06:58 +01:00
Sebastiaan van Stijn
63c6c55ab4
go.mod: roll back github.com/containerd/cgroups to v1.0.4 release 
This was updated in 470d3ee057, but we
only needed the ebpf update. As nothing depends on this module anymore,
other than for the stats package (which didn't change in between), we
can (for now) roll it back to v1.0.4, and just force the newer ebpf
package.

Things rolled back (doesn't affect vendored code);

https://github.com/containerd/cgroups/compare/7083cd60b721..v1.0.4

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-25 10:00:37 +01:00
AdamKorcz
ed3a49c0e6 fix for OSS-Fuzz infra changes 
Signed-off-by: AdamKorcz <adam@adalogics.com>
 2022-11-22 10:18:28 +00:00
Sebastiaan van Stijn
bd912bbee0
go.mod: github.com/matttproud/golang_protobuf_extensions v1.0.2 
Same commit, but now tagged

diff: https://github.com/matttproud/golang_protobuf_extensions/compare/c182affec369...v1.0.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-20 22:21:42 +01:00
Sebastiaan van Stijn
5f23daeb26
go.mod: github.com/moby/sys/sequential v0.5.0 
Same commit, but now tagged

diff: https://github.com/moby/sys/compare/b22ba8a69b30...sequential/v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-20 22:20:47 +01:00
Sebastiaan van Stijn
763ec7c862
go.mod: github.com/cpuguy83/go-md2man/v2 v2.0.2 
it's an indirect dependency, but updating allows us to drop another
dependency.

full diff: https://github.com/cpuguy83/go-md2man/compare/v2.0.0...v2.0.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-20 22:19:43 +01:00
Sebastiaan van Stijn
0f616e3549
go.mod: github.com/AdaLogics/go-fuzz-headers v0.0.0-20221118232415-3345c89a7c72 
full diff: 443f56ff4b...3345c89a7c

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-20 21:59:44 +01:00
Sebastiaan van Stijn
df4d07352d
go.mod: golang.org/x/sys v0.2.0 
full diff: https://github.com/golang/sys/compare/v0.1.0...v0.2.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-20 21:58:02 +01:00
Sebastiaan van Stijn
4e68634ef0
go.mod: github.com/sirupsen/logrus v1.9.0 
full diff: https://github.com/sirupsen/logrus/compare/v1.8.1...v1.9.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-20 21:53:29 +01:00
Akihiro Suda
b9f79d3018
Merge pull request #7703 from yanggangtony/fsnotify 
Fsnotify bump and change code
 2022-11-20 19:50:54 +09:00
yanggang
2cea525eee
Bump fsnotify to v1.6.0 
Signed-off-by: yanggang <gang.yang@daocloud.io>
 2022-11-20 09:37:37 +08:00
yanggang
73c6db881b
Bump urfave-cli to v1.22.10 
Signed-off-by: yanggang <gang.yang@daocloud.io>
 2022-11-19 15:13:27 +08:00
ruiwen-zhao
792294ce06 Update to cri-api v0.26.0-beta.0 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-11-18 21:13:34 +00:00
ruiwen-zhao
234bf990dc Copy cri-api v1alpha2 from v0.25.4 to containerd internal directory 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-11-18 21:09:43 +00:00
Derek McGowan
223f67ccdb
Merge pull request #7601 from kzys/cgroups-upgrade 
Upgrade github.com/containerd/cgroups from v1 to v3
 2022-11-17 21:55:03 -08:00
Kazuyoshi Kato
6596a70861 Use github.com/containerd/cgroups/v3 to remove gogo 
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-11-14 21:07:48 +00:00
Kazuyoshi Kato
f1162b77a3
Merge pull request #7663 from lucacome/bump-k8s-deps 
Bump k8s.io deps to v0.25.4
 2022-11-14 12:09:56 -08:00
Luca Comellini
38ad785cef
Bump k8s.io deps to v0.25.4 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2022-11-11 15:13:35 -08:00
Luca Comellini
bd66f588bf
Bump OpenTelemetry contrib to v0.36.4 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2022-11-11 15:10:38 -08:00
Luca Comellini
b829e6f2d3
Bump OpenTelemetry to v1.11.1 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2022-11-10 22:15:10 -08:00
Luca Comellini
ab194e65f9
Bump grpc to v1.50.1 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2022-11-09 18:30:31 -08:00
AdamKorcz
b742aa2e77 fuzzing: bump go-fuzz-headers 
Signed-off-by: AdamKorcz <adam@adalogics.com>
 2022-11-09 14:30:30 +00:00
Luca Comellini
202abf8fc1
Bump k8s.io deps to v0.25.3 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2022-11-07 15:30:06 -08:00
Akihiro Suda
30c3078ae4
go.mod: golang.org/x/*: use tagged versions 
golang.org/x/oauth2 is not updated due to its complex dependencies

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2022-11-03 10:18:31 +09:00
AdamKorcz
9a8611d635 bump go-fuzz-headers 
Signed-off-by: AdamKorcz <adam@adalogics.com>
 2022-10-19 00:13:07 +01:00
Sebastiaan van Stijn
6a07a1c070
go.mod: matttproud/golang_protobuf_extensions v1.0.2 (use tag) 
it's the same commit: https://github.com/matttproud/golang_protobuf_extensions/compare/v1.0.2...c182affec369

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-10-17 00:56:34 +02:00
Kevin Parsons
e6b5311508
Merge pull request #7483 from jterry75/jterry75/update_image_config_argsescaped 
Updates oci image config to support upstream ArgsEscaped
 2022-10-11 16:32:31 -07:00
Justin Terry
d4b9dade13 Updates oci image config to support upstream ArgsEscaped 
ArgsEscaped has now been merged into upstream OCI image spec.
This change removes the workaround we were doing in containerd
to deserialize the extra json outside of the spec and instead
just uses the formal spec types.

Signed-off-by: Justin Terry <jlterry@amazon.com>
 2022-10-11 13:29:56 -07:00
Sebastiaan van Stijn
e2d8f3859a
vendor: github.com/opencontainers/selinux v1.10.2 
full diff: https://github.com/opencontainers/selinux/compare/v1.10.1...v1.10.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-10-05 22:33:35 +02:00
Daniel Canter
acb2964d65 go.mod: Bump go-winio to v0.6.0 
Some minor improvements, but biggest for here is ErrPipeListenerClosed
is no longer an errors.New where the string matches the text of the now
exported net.ErrClosed in the stdlib, but is just assigned to net.ErrClosed
directly. This should allow us to get rid of the string check for "use of closed
network connection" here now..

Signed-off-by: Daniel Canter <dcanter@microsoft.com>
 2022-09-28 10:30:38 -07:00
Fu Wei
e94e5b7fb4
Merge pull request #7397 from kzys/remove-deps 
Upgrade fuzzing-related packages to reduce dependencies
 2022-09-19 23:13:44 +08:00
Kazuyoshi Kato
f0fbc8dfdc Upgrade fuzzing-related packages to reduce dependencies 
github.com/AdaLogics/go-fuzz-headers and
github.com/AdamKorcz/go-118-fuzz-build have less dependencies in
the last versions.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-09-15 23:25:03 +00:00
Tiger Kaovilai
524d3aca80 github.com/emicklei/go-restful CWE-285: Improper Authorization 
https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMEMICKLEIGORESTFUL-2435653
Signed-off-by: Tiger Kaovilai <tkaovila@redhat.com>
 2022-09-14 14:38:00 -04:00
Fu Wei
99ee82d0b6
Merge pull request #7374 from soulseen/update-cdi-version 2022-09-07 13:37:41 +08:00
xiaoyang zhu
829dd2145f update cdi version to v0.5.1 
Signed-off-by: xiaoyang zhu <zhuxiaoyang1996@gmail.com>
 2022-09-07 09:34:55 +08:00
Sebastiaan van Stijn
0f743ce4ff
vendor: golang.org/x/net v0.0.0-20220906165146-f3363e06e74c 
Update to the latest version that contains a fix for CVE-2022-27664;
f3363e06e7

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-09-06 22:46:21 +02:00
Samuel Karp
1bb39b833e
Merge pull request #7346 from kzys/fuzz-enable 2022-08-30 22:33:43 -07:00
Kazuyoshi Kato
17e436c20c Pin github.com/AdamKorcz/go-118-fuzz-build 
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-08-30 17:39:45 +00:00
Phil Estes
455127859b
Merge pull request #7342 from tklauser/losetup-unix 
Use ioctl helpers from x/sys/unix
 2022-08-30 12:32:20 -04:00
Tobias Klauser
0c6553bfda
go.mod, vendor: bump golang.org/x/sys to latest version 
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
 2022-08-30 10:38:20 +02:00
Sebastiaan van Stijn
93342d637c
replace sys Sequential funcs with moby/sys/sequential 
These functions were originally copied from the docker / moby repository in
4a7a8efc2d. Migrating these functions to use the
github.com/moby/sys/sequential module allows them being shared between moby,
docker/cli, and containerd, and to allow using them without importing all of sys
which also depends on hcsshim and more.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-08-29 18:36:34 +02:00
Phil Estes
91b9e5a00d
Merge pull request #7315 from AkihiroSuda/runc-1.1.4 
update runc binary to v1.1.4
 2022-08-26 09:39:59 -04:00
Fu Wei
0e7ff59098
Merge pull request #7325 from kzys/upgrade-compress 2022-08-26 21:23:00 +08:00
Kazuyoshi Kato
d063597e80 Upgrade github.com/klauspost/compress from v1.11.13 to v1.15.9 
The package has multiple improvements and bug fixes.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-08-25 22:58:16 +00:00
Akihiro Suda
eb664aed0c
go.mod: github.com/opencontainers/runc v1.1.4 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2022-08-26 07:51:16 +09:00
zounengren
49e2fe2abb bump cri-api 
Signed-off-by: zounengren <zouyee1989@gmail.com>
 2022-08-25 21:03:55 +08:00
Samuel Karp
36d0cfd0fd
Merge pull request #6517 from ruiwen-zhao/return-resource 2022-08-24 14:01:30 -07:00
Kazuyoshi Kato
470d3ee057 Upgrade containerd/cgroups to remove github.com/cilium/ebpf's fuzzer 
The fuzzer is broken and it breaks OSS-Fuzz according to #7288.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-08-17 21:43:45 +00:00
Daniel Canter
1f8db2467b go.mod: Bump hcsshim to v0.10.0-rc.1 
This contains quite a bit (also bumps google/uuid to 1.3.0). Some HostProcess
container improvements to get ready for whenever it goes to stable in
Kubernetes, Hyper-V (windows) container support for CRI, and a plethora of
other small additions and fixes.

Signed-off-by: Daniel Canter <dcanter@microsoft.com>
 2022-08-15 17:03:45 -07:00
ruiwen-zhao
6e4b6830f1 Update CRI-API 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-08-10 03:55:51 +00:00
Derek McGowan
6acde90772
Merge pull request #7069 from fuweid/failpoint-in-runc-shimv2 
test: introduce failpoint control to runc-shimv2 and cni
 2022-07-26 23:12:20 -07:00
Daniel Canter
14003683f0 go.mod: Bump hcsshim to v0.9.4 
This tag contains some fixes for hostprocess containers, mainly around
fixing task stats which regressed from a change in v0.9.3.

https://github.com/microsoft/hcsshim/releases/tag/v0.9.4

Signed-off-by: Daniel Canter <dcanter@microsoft.com>
 2022-07-25 13:24:34 -07:00
Daniel Canter
c15d8e1560 go.mod: Bump hcsshim to 0.9.3 
This tag brings in a new field to fix an HNS issue in ws2019 as well as
an optimization for collecting Windows stats (memory, cpu, iops).

Signed-off-by: Daniel Canter <dcanter@microsoft.com>
 2022-07-25 13:03:39 -07:00
Wei Fu
e6a2c07902 integration: simplify CNI-fp and add README.md 
* Use delegated plugin call to simplify cni-bridge-cni
* Add README.md for cni-bridge-cni

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-07-24 11:45:45 +08:00
Derek McGowan
1455926416
Merge pull request #7114 from kinvolk/rata/userns-cri 
Update k8s.io/cri-api to v0.25.0-alpha2
 2022-07-20 13:06:58 -07:00
Akihiro Suda
f6bc986dc1
go.mod: github.com/stretchr/testify v1.8.0 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2022-07-20 08:36:10 +09:00
Kazuyoshi Kato
b316318596 Upgrade github.com/AdaLogics/go-fuzz-headers 
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-07-06 15:21:45 +00:00
Rodrigo Campos
b8403d2e15 Update k8s.io/cri-api to v0.25.0-alpha2 
This version contains the CRI changes for user namespaces support.
Future patches will use the new fields in the CRI.

Updating the module without using the new fields doesn't cause any
behaviour change.

Updates: #7063

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2022-06-30 12:09:08 +02:00
Phil Estes
a44cabf517
Update go-restful/v3 to latest release 
Signed-off-by: Phil Estes <estesp@amazon.com>
 2022-06-29 15:23:10 -04:00
Akihiro Suda
c3fb7dfa7f
go.mod: github.com/moby/sys/mountinfo v0.6.2 
https://github.com/moby/sys/compare/mountinfo/v0.6.0...mountinfo/v0.6.2

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2022-06-08 13:25:08 +09:00
Kazuyoshi Kato
0532f666f6
Merge pull request #7027 from AkihiroSuda/containerd-cgroup-1.0.4 
go.mod: github.com/containerd/cgroups v1.0.4
 2022-06-07 20:10:33 -07:00
Akihiro Suda
5a6e4144ac
go.mod: github.com/containerd/cgroups v1.0.4 
https://github.com/containerd/cgroups/compare/v1.0.3...v1.0.4

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2022-06-07 17:15:21 +09:00
Akihiro Suda
088c8df3ac
go.mod: github.com/containerd/continuity v0.3.0 
https://github.com/containerd/continuity/compare/v0.2.2...v0.3.0

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2022-06-07 17:14:08 +09:00
Kazuyoshi Kato
8bf5995e12
Merge pull request #7018 from lucacome/bump-grpc 
Bump grpc to v1.47.0
 2022-06-06 10:04:10 -07:00
Luca Comellini
8bc6ccc073
Bump k8s.io deps to v0.24.1 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2022-06-02 15:26:54 -07:00
Luca Comellini
5fcde823dd
Bump grpc to v1.47.0 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2022-06-02 15:25:37 -07:00
Mike Brown
e3b4d750db update go-cni/for cni update fixing plugins that don't respond with version 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2022-06-01 17:20:18 -05:00
Sebastiaan van Stijn
5bb47fb956
vendor: github.com/urfave/cli v1.22.9 
The regression in v1.22.2 has been resolved, so we can drop the
replace rule and use the latest v1.22.x version.

full diff: https://github.com/urfave/cli/compare/v1.22.1...v1.22.9

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-05-27 13:05:54 +02:00
Derek McGowan
c4e29027d4
Merge pull request #6937 from mythi/sandbox-errors 
sandbox: replace github.com/pkg/errors with native errors
 2022-05-26 10:44:15 -07:00
Phil Estes
133978f893
Merge pull request #6932 from lucacome/bump-otel-deps 
Bump OpenTelemetry dependencies
 2022-05-12 19:28:35 +01:00
Mikko Ylinen
523d069a25 sandbox: replace github.com/pkg/errors with native errors 
PR #6366 implemented a tree-wide change to replace github.com/pkg/errors
to errors. The new sandbox API PR #6703 had few errors.Wrap*() leftovers
and pulled github.com/pkg/errors back. This commit replaces those
leftovers by following the pattern in #6366.

Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
 2022-05-12 17:09:45 +03:00
Sebastiaan van Stijn
c4ce13a282
vendor: github.com/opencontainers/runc v1.1.2 
no changes in vendored code

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-05-12 13:40:43 +02:00
Luca Comellini
c1140aef65
Bump OpenTelemetry dependencies 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2022-05-11 18:03:09 -07:00
Daniel Canter
d1c49781ed go.mod: Bump k8s deps to v0.24.0 
This ends up bumping the prometheus client as well.

Signed-off-by: Daniel Canter <dcanter@microsoft.com>
 2022-05-06 13:37:15 -07:00
Phil Estes
0f5d4ff0ff
Merge pull request #6867 from kzys/remove-gogo 
Remove github.com/gogo/protobuf and github.com/golang/protobuf from containerd's direct dependencies
 2022-04-28 15:34:11 +01:00
Michael Zappa
5d0730370d Update go-cni to v1.1.5 
Signed-off-by: Michael Zappa <Michael.Zappa@stateless.net>
 2022-04-27 16:27:10 -06:00
Kazuyoshi Kato
cb84b5a1d2
Merge pull request #6865 from log1cb0mb/bump-opencontainers/selinux-to-v1.10.1 
Bump opencontainers/selinux from 1.10.0 to 1.10.1
 2022-04-27 14:46:21 -07:00
Kazuyoshi Kato
2c6760005c go mod tidy & go mod vendor 
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-04-27 21:31:21 +00:00
log1cb0mb
ae29594d0b Bump opencontainers/selinux from 1.10.0 to 1.10.1 
Signed-off-by: Nabeel Rana <nabeelnrana@gmail.com>
 2022-04-27 22:55:25 +03:00
Kazuyoshi Kato
7f23296b99 Upgrade google.golang.org/grpc and google.golang.org/protobuf 
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-04-27 17:25:02 +00:00
Kazuyoshi Kato
aefd1849b6 go mod tidy and go mod vendor 
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-04-22 15:41:05 +00:00
Kazuyoshi Kato
f616dd471e Upgrade containerd/typeurl 
https://github.com/containerd/typeurl/pull/35 is needed to handle
types generated by protoc-gen-go.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-04-22 15:40:56 +00:00
Kazuyoshi Kato
e044759ebd Upgrade containerd/ttrpc 
protoc-gen-go-ttrpc's generated Go code doesn't work with ttrpc v1.1.0.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-04-22 15:31:52 +00:00
Kazuyoshi Kato
dfa6e8763e diff: hide types.Any from clients 
This commit hides types.Any from the diff package's interface. Clients
(incl. imgcrypt) shouldn't aware about gogo/protobuf.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-04-21 13:43:20 +00:00
Maksym Pavlenko
de49745723 [sandbox] Fix CI 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:34:48 -07:00
Maksym Pavlenko
a433beb79f [sandbox] Update vendor 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-08 13:33:47 -07:00
Ed Bartosh
825c1c58a9 CDI: update go.mod and vendor deps 
Signed-off-by: Ed Bartosh <eduard.bartosh@intel.com>
 2022-04-06 13:10:59 +03:00
Akihiro Suda
9f4e13973d
Merge pull request #6765 from thaJeztah/move_indirects 
go.mod: move indirects, and update integration go.mod to 1.18
 2022-04-03 07:09:20 +09:00
Sebastiaan van Stijn
99c194e033
go.mod: move indirects, and update integration go.mod to 1.18 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-04-02 12:02:13 +02:00
Maksym Pavlenko
6ccec53d3e Remove gotest.tools 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-04-01 18:18:04 -07:00
Kazuyoshi Kato
999cbc4049
Merge pull request #6709 from BooleanCat/main 
Upgrade to Go 1.18
 2022-04-01 14:26:01 -07:00
Akihiro Suda
11a31320bb
go.mod: github.com/opencontainers/runc v1.1.1 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2022-04-01 15:16:08 +09:00
Phil Estes
3633cae64b
Merge pull request #6706 from kzys/typeurl-upgrade 
Use typeurl.Any instead of github.com/gogo/protobuf/types.Any
 2022-03-25 10:38:46 -04:00
Kazuyoshi Kato
96b16b447d Use typeurl.Any instead of github.com/gogo/protobuf/types.Any 
This commit upgrades github.com/containerd/typeurl to use typeurl.Any.
The interface hides gogo/protobuf/types.Any from containerd's Go client.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-03-24 20:50:07 +00:00
Mike Brown
a51da91c1d moving up to go-cni v1.1.4 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2022-03-23 22:16:51 +00:00
Sebastiaan van Stijn
36612d692f
go.mod: remove replace and update github.com/gogo/googleapis v1.4.1 
gogo/googleapis has a single dependency (github.com/gogo/protobuf), which is
currently the same version as we use, and we have a separate replace for that
dependency, so removing this override should not make a difference there.

gogo/googleapis v1.4.1 Includes updated protos with the gogo/protobuf fixes for
[CVE-2021-3121](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3121)

Change logs and diffs for each release:

- v1.3.3
  generate grpc service for google/longrunning/operations.proto
  full diff: https://github.com/gogo/googleapis/compare/v1.3.2...v1.3.3
- v1.4.0
  Add google geo type
  full diff: https://github.com/gogo/googleapis/compare/v1.3.3...v1.4.0
- v1.4.1
  This release contains sources generated with the version of gogo/protobuf
  containing a fix for the "skippy peanut butter" issue.
  full diff: https://github.com/gogo/googleapis/compare/v1.4.0...v1.4.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-03-23 16:56:30 +01:00
Kazuyoshi Kato
388ee880d2 Upgrade containerd/imgcrypt and opencontainers/image-spec 
- Upgrade github.com/containerd/imgcrypt to prepare for typeurl upgrade
  (see https://github.com/containerd/imgcrypt/pull/72)
- Upgrade github.com/opencontainers/image-spec since imgcrypto needs at
  least 1.0.2.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-03-22 21:17:18 +00:00
Tom Godkin
70a06d0c84 Upgrade to Go 1.18 
By taking advantage of smarter traversal of dependencies, a
`go mod tidy` using Go 1.18 remove some items from go.sum.

Signed-off-by: Tom Godkin <tomgodkin@pm.me>
 2022-03-21 22:36:18 +00:00
Kazuyoshi Kato
040babe003 Vendor dependencies with module graph pruning 
The empty-mod hack no longer works with Go 1.18.

This commit fixes #6586.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-03-18 16:49:09 +00:00
Michael Crosby
0c701654a1
Merge pull request #6690 from estesp/update-prom-dep 
Update prometheus client vendor
 2022-03-18 12:40:57 -04:00
Phil Estes
c568752335
Update prometheus client vendor 
Signed-off-by: Phil Estes <estesp@amazon.com>
 2022-03-17 13:33:07 -04:00
Sebastiaan van Stijn
9aadef1bee
vendor: golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd 
full diff: 32db794688...3147a52a75

This version contains a fix for CVE-2022-27191 (not sure if it affects us).

From the golang mailing list:

    Hello gophers,

    Version v0.0.0-20220315160706-3147a52a75dd of golang.org/x/crypto/ssh implements
    client authentication support for signature algorithms based on SHA-2 for use with
    existing RSA keys.

    Previously, a client would fail to authenticate with RSA keys to servers that
    reject signature algorithms based on SHA-1. This includes OpenSSH 8.8 by default
    and—starting today March 15, 2022 for recently uploaded keys.

    We are providing this announcement as the error (“ssh: unable to authenticate”)
    might otherwise be difficult to troubleshoot.

    Version v0.0.0-20220314234659-1baeb1ce4c0b (included in the version above) also
    fixes a potential security issue where an attacker could cause a crash in a
    golang.org/x/crypto/ssh server under these conditions:

    - The server has been configured by passing a Signer to ServerConfig.AddHostKey.
    - The Signer passed to AddHostKey does not also implement AlgorithmSigner.
    - The Signer passed to AddHostKey does return a key of type “ssh-rsa” from its PublicKey method.

    Servers that only use Signer implementations provided by the ssh package are
    unaffected. This is CVE-2022-27191.

    Alla prossima,

    Filippo for the Go Security team

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-03-17 14:13:41 +01:00
Shengjing Zhu
ea3d2e6433 go.mod: update to github.com/tchap/go-patricia/v2 v2.3.1 
Signed-off-by: Shengjing Zhu <zhsj@debian.org>
 2022-02-26 05:04:55 +08:00
Phil Estes
2b2372d43e
Merge pull request #6337 from thaJeztah/bump_go_restful 
go.mod: update to github.com/emicklei/go-restful/v3 v3.7.3
 2022-02-22 17:33:37 -05:00
Shengjing Zhu
f4f41296c2 Replace golang.org/x/net/context with std library 
Signed-off-by: Shengjing Zhu <zhsj@debian.org>
 2022-02-22 02:27:05 +08:00
Sebastiaan van Stijn
481fb923c5
go.mod: update to github.com/emicklei/go-restful/v3 v3.7.3 
full diff: https://github.com/emicklei/go-restful/compare/v2.9.5...v3.7.3

- Switch to using go modules
- Add check for wildcard to fix CORS filter
- Add check on writer to prevent compression of response twice
- Add OPTIONS shortcut WebService receiver
- Add Route metadata to request attributes or allow adding attributes to routes
- Add wroteHeader set
- Enable content encoding on Handle and ServeHTTP
- Feat: support google custom verb
- Feature: override list of method allowed without content-type
- Fix Allow header not set on '405: Method Not Allowed' responses
- Fix Go 1.15: conversion from int to string yields a string of one rune
- Fix WriteError return value
- Fix: use request/response resulting from filter chain
- handle path params with prefixes and suffixes
- HTTP response body was broken, if struct to be converted to JSON has boolean value
- List available representations in 406 body
- Support describing response headers
- Unwrap function in filter chain + remove unused dispatchWithFilters

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-02-18 21:54:27 +01:00
Sebastiaan van Stijn
1a31772a7a
go.mod: github.com/moby/sys/signal v0.7.0 
full diff: https://github.com/moby/sys/compare/signal/v0.6.0...signal/v0.7.0

- add LCOW supported signals to windows signal map

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-02-15 14:17:17 +01:00
Sebastiaan van Stijn
b1881bdc04
go.mod: github.com/moby/sys/mountinfo v0.6.0 
full diff: https://github.com/moby/sys/compare/mountinfo/v0.5.0...mountinfo/v0.6.0

- Add MountedFast (Note: most users should keep using Mounted, which already
  incorporates all optimizations from MountedFast)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-02-15 14:15:32 +01:00
Sebastiaan van Stijn
b6a6757c11
go.mod: github.com/fsnotify/fsnotify v1.5.1 
full diff: https://github.com/fsnotify/fsnotify/compare/v1.4.9...v1.5.1

Relevant changes:

- Fix unsafe pointer conversion
- Drop support/testing for Go 1.11 and earlier
- Update x/sys to latest
- add //go:build lines
- add go 1.17 to test matrix

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-02-15 14:11:18 +01:00
Derek McGowan
fa19714db9
Update go-cni to v1.1.3 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2022-02-14 10:37:31 -08:00
Derek McGowan
c0f8188469
Update go-cni to v1.1.2 
Fixes panic when exec is nil

Signed-off-by: Derek McGowan <derek@mcg.dev>
 2022-02-10 12:40:51 -08:00
Michael Crosby
9a08d6fcde
Merge pull request #6457 from kzys/otel-http 
tracing: use OTLP/HTTP in addition to OTLP/gRPC
 2022-02-02 14:24:15 -05:00
Derek McGowan
8d69c041c5
Update cgroups to v1.0.3 
Pull in latest cgroups to pick up leak fixes

Signed-off-by: Derek McGowan <derek@mcg.dev>
 2022-02-01 16:57:51 -08:00
Kazuyoshi Kato
e751f1f44f tracing: support OTLP/HTTP in addition to gRPC 
This change adds OTLP/HTTP, specifically http/protobuf support.

http/protobuf is recommended in
https://github.com/open-telemetry/opentelemetry-specification/blob/v1.8.0/specification/protocol/exporter.md.

However kube-apiserver and CRI-O use gRPC, kubelet may support
gRPC in future. So we should support gRPC as well.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-01-29 00:41:18 +00:00
Derek McGowan
2898004a5b
Update kubernetes vendor to 0.22.5 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2022-01-19 11:24:12 -08:00
Derek McGowan
5089b12100
Merge pull request #6439 from dmcgowan/remove-submodule-go-mod 
Remove submodule go mod
 2022-01-19 11:20:04 -08:00
Phil Estes
778da8bae9
Merge pull request #6453 from dcantah/bump-hcsshim-0.9.2 
go.mod: Update hcsshim to v0.9.2
 2022-01-19 08:34:46 -05:00
Daniel Canter
af39d2ad71 go.mod: Update hcsshim to v0.9.2 
This tag brings in some bug fixes related to waiting for containers to terminate and
trying to kill an already terminated process, as well as tty support (exec -it) for
Windows Host Process Containers.

Signed-off-by: Daniel Canter <dcanter@microsoft.com>
 2022-01-18 17:34:52 -08:00
Derek McGowan
fcb7bd6997
Remove api go submodule 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2022-01-18 14:48:33 -08:00
Akihiro Suda
21a748e381
go.mod: github.com/opencontainers/runc v1.1.0 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2022-01-18 13:35:22 +09:00
Derek McGowan
468513820d
Merge pull request #6351 from adisky/update-k/k-1.23 
Updates CRI API & Kubernetes to 1.23
 2022-01-07 15:26:44 -08:00
Derek McGowan
647308bc47
Merge pull request #6410 from AkihiroSuda/update-go-mod-20220107 
go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt}
 2022-01-07 12:34:44 -08:00
Akihiro Suda
d3724a6c17
go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt} 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2022-01-07 18:54:15 +09:00
haoyun
bbe46b8c43 feat: replace github.com/pkg/errors to errors 
Signed-off-by: haoyun <yun.hao@daocloud.io>
Co-authored-by: zounengren <zouyee1989@gmail.com>
 2022-01-07 10:27:03 +08:00
Aditi Sharma
e43d4206af Update k/k to 1.23.0 
Signed-off-by: Aditi Sharma <adi.sky17@gmail.com>
 2022-01-06 11:18:23 +05:30
Markus Lehtonen
eba1048163 Update dependencies 
Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>
 2022-01-04 09:27:54 +02:00
Kazuyoshi Kato
5c2edeffbc Upgrade k8s.io/klog/v2 from 2.9.0 to 2.20.0 
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2021-12-16 23:10:06 +00:00
Kazuyoshi Kato
2fb739aa21 Upgrade OpenTelemetry dependencies 
This commit upgrades the packages under go.opentelemetry.io/.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2021-12-16 22:35:57 +00:00