github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
11,956 Commits 3 Branches 2 Tags 112 MiB
13bd93847d
Commit Graph

11956 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Akihiro Suda
3eda46af12
oci: fix additional GIDs 
Test suite:
```yaml

---
apiVersion: v1
kind: Pod
metadata:
  name: test-no-option
  annotations:
    description: "Equivalent of `docker run` (no option)"
spec:
  restartPolicy: Never
  containers:
    - name: main
      image: ghcr.io/containerd/busybox:1.28
      args: ['sh', '-euxc',
             '[ "$(id)" = "uid=0(root) gid=0(root) groups=0(root),10(wheel)" ]']
---
apiVersion: v1
kind: Pod
metadata:
  name: test-group-add-1-group-add-1234
  annotations:
    description: "Equivalent of `docker run --group-add 1 --group-add 1234`"
spec:
  restartPolicy: Never
  containers:
    - name: main
      image: ghcr.io/containerd/busybox:1.28
      args: ['sh', '-euxc',
             '[ "$(id)" = "uid=0(root) gid=0(root) groups=0(root),1(daemon),10(wheel),1234" ]']
  securityContext:
    supplementalGroups: [1, 1234]
---
apiVersion: v1
kind: Pod
metadata:
  name: test-user-1234
  annotations:
    description: "Equivalent of `docker run --user 1234`"
spec:
  restartPolicy: Never
  containers:
    - name: main
      image: ghcr.io/containerd/busybox:1.28
      args: ['sh', '-euxc',
             '[ "$(id)" = "uid=1234 gid=0(root) groups=0(root)" ]']
  securityContext:
    runAsUser: 1234
---
apiVersion: v1
kind: Pod
metadata:
  name: test-user-1234-1234
  annotations:
    description: "Equivalent of `docker run --user 1234:1234`"
spec:
  restartPolicy: Never
  containers:
    - name: main
      image: ghcr.io/containerd/busybox:1.28
      args: ['sh', '-euxc',
             '[ "$(id)" = "uid=1234 gid=1234 groups=1234" ]']
  securityContext:
    runAsUser: 1234
    runAsGroup: 1234
---
apiVersion: v1
kind: Pod
metadata:
  name: test-user-1234-group-add-1234
  annotations:
    description: "Equivalent of `docker run --user 1234 --group-add 1234`"
spec:
  restartPolicy: Never
  containers:
    - name: main
      image: ghcr.io/containerd/busybox:1.28
      args: ['sh', '-euxc',
             '[ "$(id)" = "uid=1234 gid=0(root) groups=0(root),1234" ]']
  securityContext:
    runAsUser: 1234
    supplementalGroups: [1234]
```

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-02-10 15:53:00 +09:00
Akihiro Suda
ef2560d166
oci: fix loop iterator aliasing 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-02-10 15:53:00 +09:00
Derek McGowan
676b942fef
Merge pull request #8075 from swagatbora90/removeIntermediate 
Fix retry logic within devmapper device deactivation
 2023-02-09 22:21:49 -08:00
Fish-pro
76a62e52ae Use http constants instead of string 
Signed-off-by: Fish-pro <zechun.chen@daocloud.io>
 2023-02-10 14:01:48 +08:00
Akihiro Suda
a6f3cbe0ad
Merge pull request #8071 from mxpv/cleanup 
Clean CI yaml
 2023-02-10 11:34:18 +09:00
Brian Goff
13652e081e fetch: Use data from descriptor when available. 
OCI added support for a `data` field in a descriptor.
This field is expected to contain the content being pointed to by the
descriptor.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2023-02-10 01:12:40 +00:00
Akihiro Suda
52f82acb7b
btrfs: depend on kernel UAPI instead of libbtrfs 
See containerd/btrfs PR 40 and moby/moby PR 44761. (Thanks to [@]neersighted.)

The containerd/btrfs library now requires headers from kernel 4.12 or newer:
- https://github.com/torvalds/linux/blob/master/include/uapi/linux/btrfs.h
- https://github.com/torvalds/linux/blob/master/include/uapi/linux/btrfs_tree.h

These files are licensed under the GPL-2.0 WITH Linux-syscall-note, so it should be compatible with the Apache License 2.0.
https://spdx.org/licenses/Linux-syscall-note.html

The dependency on the kernel headers only affects users building from source.
Users on older kernels may opt to not compile this library (`BUILDTAGS=no_btfs`),
or to provide headers from a newer kernel.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-02-10 10:07:34 +09:00
Wei Fu
62df35df66 *: introduce wrapper pkgs for blockio and rdt 
Before this patch, both the RdtEnabled and BlockIOEnabled are provided
by services/tasks pkg. Since the services/tasks can be pkg plugin which
can be initialized multiple times or concurrently. It will fire data-race
issue as there is no mutex to protect `enable`.

This patch is aimed to provide wrapper pkgs to use intel/{blockio,rdt}
safely.

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-02-10 08:21:34 +08:00
Swagat Bora
6ae3e5df6a Fix retry logic within devmapper device deactivation 
Signed-off-by: Swagat Bora <sbora@amazon.com>
 2023-02-09 23:40:18 +00:00
Maksym Pavlenko
6adb6a727e Rename release CI job 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-02-09 15:30:52 -08:00
Maksym Pavlenko
aed3b0a70b Clean CI file 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-02-09 15:30:52 -08:00
Samuel Karp
26509fa765
Merge pull request #8074 from kzys/fix-8073 
Fixes https://github.com/containerd/containerd/issues/8073
 2023-02-09 15:28:32 -08:00
Kazuyoshi Kato
617c66dcc7 Add critest.exe in $PATH 
The binary location was moved since
https://github.com/kubernetes-sigs/cri-tools/pull/1085.

Fixes #8073.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2023-02-09 22:23:01 +00:00
yulng
6cdc221f59 'go routine' should be 'goroutine' 
Signed-off-by: yulng <wei.yang@daocloud.io>
 2023-02-08 14:10:34 +08:00
Derek McGowan
b0e97c0f9b
Use multierror for cleanup error 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-02-07 11:06:14 -08:00
Phil Estes
97480afdac
Merge pull request #7976 from yulng/lowercase 
keep the uppercase letter for flag info
 2023-02-07 09:54:38 +00:00
Derek McGowan
34314717b0
Remove sandox store and controller service type 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-02-06 22:05:26 -08:00
Derek McGowan
a788f6c799
Move local sandbox controller under plugins package 
Add options to sandbox controller interface.
Update sandbox controller interface to fully utilize sandbox controller
interface.
Move grpc error conversion to service.

Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-02-06 22:04:45 -08:00
Derek McGowan
2717685dad
Refactor sandbox controller interface 
Update the sandbox controller interface to use local types rather than
using the API types.

Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-02-06 21:39:30 -08:00
Kay Yan
0b33a45fad cri: fix Mirrors deprecation comment 
Signed-off-by: Kay Yan <kay.yan@daocloud.io>
 2023-02-07 09:53:57 +08:00
Fu Wei
20de989afc
Merge pull request #8049 from kiashok/updateShimTag 
go.mod: Bump hcsshim to v0.10.0-rc.5
 2023-02-06 22:24:33 +08:00
TTFISH
5bc3fea621 update fuzz function names in docs with golang naming convention 
Signed-off-by: Jiongchi Yu <jcyu.2022@phdcs.smu.edu.sg>
 2023-02-06 17:59:07 +08:00
yulng
757b8f702b
keep the uppercase letter for flag info 
Signed-off-by: yulng <wei.yang@daocloud.io>
 2023-02-06 16:37:24 +08:00
Maksym Pavlenko
94934e1a47
Merge pull request #8045 from mxpv/sb 
Fix sandbox exit monitor
 2023-02-03 11:31:43 -08:00
Kirtana Ashok
e5c57f2422 update hcsshim tag to v0.10.0-rc.5 and revendor 
Signed-off-by: Kirtana Ashok <Kirtana.Ashok@microsoft.com>
 2023-02-03 10:50:56 -08:00
TTFISH
904a87d26d docs: fix function names in fuzzing test documentation 
Signed-off-by: Jiongchi Yu <jcyu.2022@phdcs.smu.edu.sg>
 2023-02-03 23:19:00 +08:00
Maksym Pavlenko
1f35b03369 Fix sandbox exit monitor 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-02-02 14:02:52 -08:00
Maksym Pavlenko
3d32da8f60
Merge pull request #7979 from mxpv/grpc 
Generate GRPC contracts for runtime APIs
 2023-02-02 11:49:32 -08:00
Maksym Pavlenko
d1cd9757eb Generate GRPC for runtime task service 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-02-02 09:58:43 -08:00
Maksym Pavlenko
86c238c873 Generate GRPC for runtime sandbox API 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-02-02 09:58:43 -08:00
Maksym Pavlenko
99580e0aad Update TTRPC and Protobuild dependencies 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2023-02-02 09:58:43 -08:00
Phil Estes
60363db5bc
Merge pull request #8035 from ktock/fixunmount 
Make argument validation of `mount.UnmountRecursive` compatible to `mount.UnmountAll`
 2023-02-02 11:55:24 -05:00
Phil Estes
6116820aeb
Merge pull request #8036 from ktock/remotesnlabel 
Export remote snapshotter label handler
 2023-02-02 11:53:43 -05:00
Fu Wei
6ed24c88ed
Merge pull request #7989 from mohitsharma-in/topic/directory-install-runhcs-shim 
Adding support to run install hcsshim from local clone
 2023-02-02 10:38:43 +08:00
Akihiro Suda
e6b515d463
Merge pull request #8040 from thaJeztah/update_urfave_cli 
go.mod: github.com/urfave/cli v1.22.12
 2023-02-02 08:26:05 +09:00
Phil Estes
eda079259d
Merge pull request #8039 from yankay/cleanup-useless-IntToInt32Array-func 
cmd/ctr/commands: clean up the func IntToInt32Array in utils.go
 2023-02-01 11:19:17 -05:00
Mohit Sharma
b9b44ed5c5 Removing end of line for last line 
Signed-off-by: Mohit Sharma <mohit94614@gmail.com>
 2023-02-01 20:44:23 +05:30
Kohei Tokunaga
dbf384a5a8 Export remote snapshotter label handler 
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-02-01 23:03:23 +09:00
Sebastiaan van Stijn
d6070f8a74
go.mod: github.com/urfave/cli v1.22.12 
full diff: https://github.com/urfave/cli/compare/v1.22.10...v1.22.12

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-02-01 12:42:03 +01:00
Kay Yan
2f1aad03af
cleanup useless IntToInt32Array func 
Signed-off-by: Kay Yan <kay.yan@daocloud.io>
 2023-02-01 12:14:46 +08:00
Phil Estes
0181b103ea
Merge pull request #8037 from AkihiroSuda/epoch-drop-timezone 
pkg/epoch: drop timezone
 2023-01-31 17:04:50 -05:00
Phil Estes
58ad67caee
Merge pull request #8034 from klihub/deps/update-nri 
go.mod: update github.com/containerd/nri.
 2023-01-31 17:03:57 -05:00
Phil Estes
d9d74c14b4
Merge pull request #8013 from profnandaa/patch-2 
fix(docs): minor fix on the windows installation steps
 2023-01-31 17:03:35 -05:00
Akihiro Suda
e551d734fb
pkg/epoch: drop timezone 
For determinism of human-readable string representation.
e.g., "2023-01-10T12:34:56Z" vs "2023-01-10T21:34:56+09:00"

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-01-31 23:26:02 +09:00
Kohei Tokunaga
eeab052425 Make mount.UnmountRecursive compatible to mount.UnmountAll 
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-01-31 22:07:44 +09:00
Krisztian Litkey
58bd5a0940 go.mod: update github.com/containerd/nri. 
Point NRI dependency to latest HEAD, commit b3cabdec0657. That
pulls in the necessary NRI fix for a recently discovered panic
and crash.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2023-01-31 15:03:45 +02:00
Samuel Karp
e307f87971
Merge pull request #7847 from fangn2/adding-integration-test-to-opentelemetry 2023-01-30 23:45:57 -08:00
Tony Fang
c46aaa8df4 Add integration test for tracing on image pull 
Create an in-memory exporter and global tracer provider
Pull image with client which should create spans
Validate spans in the exporter

Signed-off-by: Tony Fang <nhfang@amazon.com>
 2023-01-31 05:45:26 +00:00
Derek McGowan
287320d4de
Merge pull request #7840 from hinshun/feature/mount-subdirectory 
Use mount.Target to specify subdirectory of rootfs mount
 2023-01-30 21:35:34 -08:00
Derek McGowan
ee0e22f01c
Merge pull request #8020 from AkihiroSuda/mkdir-etc-cni-0755 
cri: mkdir /etc/cni with 0755, not 0700
 2023-01-30 10:21:30 -08:00