github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
13,174 Commits 3 Branches 4 Tags
0d3c3efe3b2bde4a0d38b3e22bc341ea7dcede99
Commit Graph

910 Commits

Author SHA1 Message Date
Akihiro Suda
1da783894b Merge pull request #9540 from containerd/dependabot/go_modules/github.com/intel/goresctrl-0.5.0 
build(deps): bump github.com/intel/goresctrl from 0.3.0 to 0.5.0
 2023-12-15 01:14:35 +00:00
dependabot[bot]
fc4b78c05c build(deps): bump github.com/intel/goresctrl from 0.3.0 to 0.5.0 
Bumps [github.com/intel/goresctrl](https://github.com/intel/goresctrl) from 0.3.0 to 0.5.0.
- [Release notes](https://github.com/intel/goresctrl/releases)
- [Commits](https://github.com/intel/goresctrl/compare/v0.3.0...v0.5.0)

---
updated-dependencies:
- dependency-name: github.com/intel/goresctrl
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 03:37:26 +00:00
dependabot[bot]
1c96087ce7 build(deps): bump github.com/Microsoft/hcsshim 
Bumps [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim) from 0.12.0-rc.0 to 0.12.0-rc.1.
- [Release notes](https://github.com/Microsoft/hcsshim/releases)
- [Commits](https://github.com/Microsoft/hcsshim/compare/v0.12.0-rc.0...v0.12.0-rc.1)

---
updated-dependencies:
- dependency-name: github.com/Microsoft/hcsshim
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-14 03:37:06 +00:00
Akihiro Suda
98796a4da8 Merge pull request #9526 from containerd/dependabot/go_modules/github.com/moby/sys/mountinfo-0.7.1 
build(deps): bump github.com/moby/sys/mountinfo from 0.6.2 to 0.7.1
 2023-12-14 00:52:13 +00:00
Akihiro Suda
2196327f55 Merge pull request #9525 from containerd/dependabot/go_modules/k8s.io/component-base-0.28.4 
build(deps): bump k8s.io/component-base from 0.28.2 to 0.28.4
 2023-12-13 22:59:43 +00:00
dependabot[bot]
4a71a93604 build(deps): bump github.com/moby/sys/mountinfo from 0.6.2 to 0.7.1 
Bumps [github.com/moby/sys/mountinfo](https://github.com/moby/sys) from 0.6.2 to 0.7.1.
- [Release notes](https://github.com/moby/sys/releases)
- [Commits](https://github.com/moby/sys/compare/mountinfo/v0.6.2...mountinfo/v0.7.1)

---
updated-dependencies:
- dependency-name: github.com/moby/sys/mountinfo
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 17:40:31 +00:00
Akihiro Suda
ff6324c953 Merge pull request #9527 from containerd/dependabot/go_modules/golang.org/x/mod-0.14.0 
build(deps): bump golang.org/x/mod from 0.13.0 to 0.14.0
 2023-12-13 16:50:40 +00:00
Phil Estes
73167c07a7 Merge pull request #9523 from containerd/dependabot/go_modules/github.com/klauspost/compress-1.17.4 
build(deps): bump github.com/klauspost/compress from 1.17.2 to 1.17.4
 2023-12-13 16:42:38 +00:00
dependabot[bot]
344fe957f4 build(deps): bump golang.org/x/mod from 0.13.0 to 0.14.0 
Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.13.0 to 0.14.0.
- [Commits](https://github.com/golang/mod/compare/v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 16:14:48 +00:00
Akihiro Suda
308839d23a Merge pull request #9521 from containerd/dependabot/go_modules/golang.org/x/sync-0.5.0 
build(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0
 2023-12-13 15:07:04 +00:00
dependabot[bot]
6726a2aebf build(deps): bump k8s.io/component-base from 0.28.2 to 0.28.4 
Bumps [k8s.io/component-base](https://github.com/kubernetes/component-base) from 0.28.2 to 0.28.4.
- [Commits](https://github.com/kubernetes/component-base/compare/v0.28.2...v0.28.4)

---
updated-dependencies:
- dependency-name: k8s.io/component-base
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:26:34 +00:00
dependabot[bot]
0c98f10631 build(deps): bump github.com/klauspost/compress from 1.17.2 to 1.17.4 
Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.2 to 1.17.4.
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](https://github.com/klauspost/compress/compare/v1.17.2...v1.17.4)

---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:25:20 +00:00
dependabot[bot]
39ba0347ee build(deps): bump go.etcd.io/bbolt from 1.3.7 to 1.3.8 
Bumps [go.etcd.io/bbolt](https://github.com/etcd-io/bbolt) from 1.3.7 to 1.3.8.
- [Release notes](https://github.com/etcd-io/bbolt/releases)
- [Commits](https://github.com/etcd-io/bbolt/compare/v1.3.7...v1.3.8)

---
updated-dependencies:
- dependency-name: go.etcd.io/bbolt
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:24:42 +00:00
dependabot[bot]
db43e3d1f7 build(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0 
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.4.0 to 0.5.0.
- [Commits](https://github.com/golang/sync/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:24:20 +00:00
Kohei Tokunaga
c1197995b9 go.mod: Bump up github.com/pelletier/go-toml to v2.1.1 
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-12-12 14:28:55 +09:00
Milas Bowman
ad3b806a4f fix(tracing): use latest version of semconv 
All components need to use a consistent `semconv` version or OTel
will emit errors about "cannot merge resource due to conflicting Schema URL".

Switch to the appropriate semconv version, which requires dropping
usage of `httpconv`. Instead, the upstream HTTP client hooks are
used directly. (The lower-level functions are no longer exported by
OTel.)

Signed-off-by: Milas Bowman <milas.bowman@docker.com>
 2023-12-06 11:09:40 -08:00
Kohei Tokunaga
9937909693 go.mod: Bump up github.com/containernetworking/plugins to v1.4.0 
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-12-06 10:29:44 +09:00
Maksym Pavlenko
40ec4b9bce Merge pull request #9410 from ktock/continuity-0.4.3 
go.mod: github.com/containerd/continuity v0.4.3
 2023-12-01 22:41:30 +00:00
Kohei Tokunaga
a813097dcc Bump up github.com/fsnotify/fsnotify to v1.7.0 
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-11-28 17:07:23 +09:00
Kohei Tokunaga
6da015284c go.mod: github.com/containerd/continuity v0.4.3 
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-11-22 12:26:35 +09:00
Milas Bowman
e7390d4edc vendor: upgrade OpenTelemetry to v1.19.0 / v0.45.0 
Upgrade OpenTelemetry core libs to v1.19.0 and contrib (for gRPC
tracing) to v0.45.0.

The OpenTelemetry internal module structure/dependency graph is
rather complex, and recently some parts (e.g. metrics) have
graduated to "stable" from "unstable", so this upgrade is important
to unblock downstream projects to be able to use newer versions of
the OpenTelemetry libraries, as they can cause compatibility issues
due to internal/peer dependency changes otherwise.

Hopefully, future updates won't be as problematic, such that projects
using containerd as a dependency will be able to use newer versions
of the libraries in a compatible fashion.

Signed-off-by: Milas Bowman <milas.bowman@docker.com>
 2023-11-15 09:24:36 -05:00
Derek McGowan
9db21401c4 Switch to github.com/containerd/plugin 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-11-01 23:01:42 -07:00
Derek McGowan
5fdf55e493 Update go module to github.com/containerd/containerd/v2 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-10-29 20:52:21 -07:00
Derek McGowan
638b474c81 Temporarily remove imgcrypt in CRI to fix circular dependency 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-10-27 15:36:47 -07:00
Derek McGowan
192168038e Temporarily remove integration/client submodule 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-10-27 11:11:20 -07:00
Akihiro Suda
82d7a69605 Merge pull request #9286 from thaJeztah/bump_copress 
vendor: github.com/klauspost/compress v1.17.2
 2023-10-26 03:26:44 +00:00
Sebastiaan van Stijn
4e3fbd36e7 vendor: github.com/klauspost/compress v1.17.2 
fixes data corruption with zstd output in "best"

full diff: https://github.com/klauspost/compress/compare/v1.17.1...v1.17.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-10-25 23:55:07 +02:00
Milas Bowman
856d1053f4 vendor: google.golang.org/grpc v1.58.3 
Upgrade google.golang.org/grpc to v1.58.3 in preparation for
upgrading OTel, which has a dependency on the latest version.

See also: containerd/containerd#9281.

Signed-off-by: Milas Bowman <milas.bowman@docker.com>
 2023-10-25 16:47:11 -04:00
Maksym Pavlenko
f90f80d9b3 Merge pull request #9254 from adisky/cri-streaming-from-k8s 
Use staging k8s.io/kubelet/cri/streaming package
 2023-10-19 12:32:12 -07:00
Aditi Sharma
03d81f595f Use cri streaming pkg from k8s staging 
Use staging k8s.io/kubelet/cri/streaming package

Signed-off-by: Aditi Sharma <adi.sky17@gmail.com>
 2023-10-18 09:14:28 +05:30
Kohei Tokunaga
3986f80c35 go.mod: bump up github.com/opencontainers/image-spec to v1.1.0-rc5 
Release note: https://github.com/opencontainers/image-spec/releases/tag/v1.1.0-rc5

Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-10-17 10:19:55 +09:00
Derek McGowan
aef2ebc76a Merge pull request #9250 from thaJeztah/bump_x_net 
vendor: golang.org/x/net v0.17.0
 2023-10-16 15:42:53 -07:00
Sebastiaan van Stijn
f7c9e99422 vendor: golang.org/x/net v0.17.0 
full diff: https://github.com/golang/text/compare/v0.13.0...v0.17.0

This fixes the same CVE as go1.21.3 and go1.20.10;

- net/http: rapid stream resets can cause excessive work

  A malicious HTTP/2 client which rapidly creates requests and
  immediately resets them can cause excessive server resource consumption.
  While the total number of requests is bounded to the
  http2.Server.MaxConcurrentStreams setting, resetting an in-progress
  request allows the attacker to create a new request while the existing
  one is still executing.

  HTTP/2 servers now bound the number of simultaneously executing
  handler goroutines to the stream concurrency limit. New requests
  arriving when at the limit (which can only happen after the client
  has reset an existing, in-flight request) will be queued until a
  handler exits. If the request queue grows too large, the server
  will terminate the connection.

  This issue is also fixed in golang.org/x/net/http2 v0.17.0,
  for users manually configuring HTTP/2.

  The default stream concurrency limit is 250 streams (requests)
  per HTTP/2 connection. This value may be adjusted using the
  golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams
  setting and the ConfigureServer function.

  This is CVE-2023-39325 and Go issue https://go.dev/issue/63417.
  This is also tracked by CVE-2023-44487.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-10-16 21:50:24 +02:00
Sebastiaan van Stijn
c3652540c7 vendor: golang.org/x/text v0.13.0 
full diff: https://github.com/golang/text/compare/v0.11.0...v0.13.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-10-16 21:48:18 +02:00
Sebastiaan van Stijn
ff602c2133 vendor: golang.org/x/sys v0.13.0 
full diff: https://github.com/golang/sys/compare/v0.10.0...v0.13.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-10-16 21:47:15 +02:00
Sebastiaan van Stijn
39b168cdb7 vendor: google.golang.org/grpc v1.57.1 
server: prohibit more than MaxConcurrentStreams handlers from running at once
(CVE-2023-44487).

In addition to this change, applications should ensure they do not leave running
tasks behind related to the RPC before returning from method handlers, or should
enforce appropriate limits on any such work.

- https://github.com/grpc/grpc-go/compare/v1.57.0...v1.57.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-10-16 20:50:18 +02:00
Kohei Tokunaga
41b2b2a7b8 go.mod: bump up github.com/klauspost/compress from v1.17.0 to v1.17.1 
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-10-16 10:38:00 +09:00
Derek McGowan
cb969085f5 Temporarily remove zfs as built in plugin 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-10-12 20:39:22 -07:00
Phil Estes
3bb46b62c4 Merge pull request #9191 from ktock/compress-v1.17.0 
go.mod: Bump up github.com/klauspost/compress v1.16.7 to v1.17.0
 2023-10-04 08:52:49 -04:00
Kohei Tokunaga
39478eeec4 go.mod: Bump up github.com/klauspost/compress v1.16.7 to v1.17.0 
- release: https://github.com/klauspost/compress/releases/tag/v1.17.0
- diff: https://github.com/klauspost/compress/compare/v1.16.7...v1.17.0

Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-10-04 10:01:50 +09:00
Kern Walster
42dc8faba8 Bump x/net to 0.13 
This silences govulncheck detecting
https://pkg.go.dev/vuln/GO-2023-1988.

containerd does not directly use x/net

Signed-off-by: Kern Walster <walster@amazon.com>
 2023-10-03 04:41:35 +00:00
Sebastiaan van Stijn
4b1bb1293e remove github.com/opencontainers/runc dependency 
This migrates uses of github.com/opencontainers/runc/libcontainer/user
to the new github.com/moby/sys/user module, which was extracted from
runc at commit [opencontainers/runc@a3a0ec48c4].

This is the initial release of the module, which is a straight copy, but
some changes may be made in the next release (such as fixing camel-casing
in some fields and functions (Uid -> UID).

[opencontainers/runc@a3a0ec48c4]: a3a0ec48c4

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-09-27 17:34:28 +02:00
Derek McGowan
b5615caf11 Update go-toml to v2 
Updates host file parsing to use new v2 method rather than the removed
toml.Tree.

Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-09-22 15:35:12 -07:00
Derek McGowan
2f1b92710a Update zfs library to use new log repository 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-09-22 07:53:23 -07:00
Sebastiaan van Stijn
d69ae811d6 alias log package to github.com/containerd/log v0.1.0 
This "soft" deprecates the package, but keeps the local uses of the package,
which can make backporting this to release-branches easier (we can
still move all uses in those branches as well though).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-09-19 08:44:10 +02:00
Sebastiaan van Stijn
8cbb4ea5d3 vendor: github.com/containerd/nri v0.5.0 
This version no longer has a dependency on containerd, cutting
down the number of circular dependencies.

full diff: https://github.com/containerd/nri/compare/v0.4.0...v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-09-16 10:40:21 +02:00
Fu Wei
fe17f65159 Merge pull request #8287 from kinvolk/rata/userns-stateless-idmap 
Add support for userns in stateless and stateful pods with idmap mounts (KEP-127, k8s >= 1.27)
 2023-09-14 18:14:02 +08:00
Rodrigo Campos
fce1b95076 go.mod: Update runtime spec to include features.MountExtensions 
Future patches will use that field.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2023-09-13 16:44:54 +02:00
Phil Estes
0f52935a53 Merge pull request #9088 from samuelkarp/nri 
vendor: update github.com/containerd/nri@v0.4.0
 2023-09-13 10:26:02 -04:00
Samuel Karp
39804bc3f0 Merge pull request #8909 from liggitt/fieldmask 2023-09-13 00:33:44 -07:00