Samuel Karp
34d078e99f
Merge pull request #7192 from cpuguy83/test_summary
2022-09-26 15:28:33 -07:00
Maksym Pavlenko
5018b6aa01
Merge pull request #7430 from my-git9/benchmark-test
...
Fix missing close
2022-09-26 10:34:55 -07:00
xin.li
396b6d670f
fix missing close
...
Signed-off-by: xin.li <xin.li@daocloud.io>
2022-09-24 20:54:21 +08:00
Samuel Karp
4bd8b5be44
Merge pull request #7424 from cpuguy83/skip_shimcgroup
2022-09-23 15:06:44 -07:00
Brian Goff
b4558bedc6
Add test flag for skipping shim cgroup test
...
For some shims (namely github.com/cpuguy83/containerd-shim-systemd-v1),
the shim cgroup test doesn't make sense since there is only a single
shim process for the entire node.
I use these integration tests to make sure the shim is compatible with
the runc shims and generally works as expected. This will let me skip
the shim cgroup test as there is no process for the shim to stick into
the cgroup... mostly.
There is a bootstrap process as well as a PTY copier proces which do use
the shim cgroup if provided, but the test is not able to check for
those (unless we enable tty on the test, which is a bit arbitrary and
not useful).
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2022-09-23 17:39:04 +00:00
Maksym Pavlenko
39f7cd73e7
Merge pull request #7405 from kzys/cri-fuzz
...
Refactor CRI fuzzers
2022-09-22 16:55:27 -07:00
Maksym Pavlenko
12b447606a
Merge pull request #7351 from kzys/log-windows
...
Fix LogURIGenerator on Windows
2022-09-22 12:15:42 -07:00
Maksym Pavlenko
23b545232c
Merge pull request #7417 from ruiwen-zhao/grpc_code
...
Set grpc code for unimplemented cri-api methods
2022-09-22 12:12:34 -07:00
Phil Estes
de2164158e
Merge pull request #7414 from dmcgowan/optimize-content-copy
...
Add reader option to local content reader at
2022-09-22 14:35:54 -04:00
Phil Estes
8f95bac049
Merge pull request #7401 from wllenyj/sandbox_stop
...
Sandbox API: implement Controller.Wait and Controller.Stop
2022-09-22 14:33:52 -04:00
ruiwen-zhao
c6f571fc7d
Set grpc code for unimplemented cri-api methods
...
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
2022-09-22 07:24:48 +00:00
wanglei01
82890dd290
CRI: implement Controller.Stop for SandboxAPI
...
Signed-off-by: WangLei <wllenyj@linux.alibaba.com>
2022-09-22 14:38:52 +08:00
wanglei01
927906992f
CRI: implement Controller.Wait for SandboxAPI
...
Rework sandbox monitoring, we should rely on Controller.Wait instead of
CRIService.StartSandboxExitMonitor
Signed-off-by: WangLei <wllenyj@linux.alibaba.com>
2022-09-22 14:38:45 +08:00
Derek McGowan
1ff8df57a5
Merge pull request #7416 from BenTheElder/no-zuul
...
remove stray .zuul.yaml
2022-09-21 21:58:52 -07:00
Derek McGowan
97b8b152cb
Merge pull request #7408 from bart0sh/PR004-refer-CDI-configuration-doc
...
reference CDI configuration details
2022-09-21 21:57:57 -07:00
Benjamin Elder
dcb0d8f9ea
remove stray .zuul.yaml
...
previously PR 7369 removed .zuul jobs directory as zuul jobs are deprecated in openlab
Signed-off-by: Benjamin Elder <bentheelder@google.com>
2022-09-21 20:22:36 -07:00
Ed Bartosh
e22a7a3833
reference CDI configuration details
...
Signed-off-by: Ed Bartosh <eduard.bartosh@intel.com>
2022-09-21 11:25:28 +03:00
Derek McGowan
bc01f8fc05
Add reader option to local content reader at
...
Allows optimized copying from a local content file into another file.
Signed-off-by: Derek McGowan <derek@mcg.dev>
2022-09-20 20:50:04 -07:00
Maksym Pavlenko
e14dca4a40
Merge pull request #7413 from samuelkarp/cri-integration-sandboxed
...
cri-integration: propagate ENABLE_CRI_SANDBOXES
2022-09-20 19:52:20 -07:00
Samuel Karp
c8010b9cbe
sbserver: return resources in ContainerStatus
...
Port of b7b1200dd3
to sbserver
Signed-off-by: Samuel Karp <samuelkarp@google.com>
2022-09-20 18:38:09 -07:00
Samuel Karp
b92f3160a7
cri-integration: propagate ENABLE_CRI_SANDBOXES
...
sudo(8) strips environment variables by default. Explicitly set
ENABLE_CRI_SANDBOXES so we can ensure we test the sbserver CRI
implementation.
Signed-off-by: Samuel Karp <samuelkarp@google.com>
2022-09-20 18:38:09 -07:00
Derek McGowan
25f4cf398a
Merge pull request #7404 from joycebrum/main
...
Enable OpenSSF Scorecard Github Action
2022-09-20 12:25:32 -07:00
Joyce Brum
b79dcabd67
chore: enable Scorecard Github Action
...
Signed-off-by: Joyce Brum <joycebrumu.u@gmail.com>
2022-09-20 14:36:40 -03:00
Kazuyoshi Kato
a37c64b20c
Refactor CRI fuzzers
...
pkg/cri/sbserver/cri_fuzzer.go and pkg/cri/server/cri_fuzzer.go were
mostly the same.
This commit merges them together and move the unified fuzzer to
contrib/fuzz again to sort out dependencies. pkg/cri/ shouldn't consume
cmd/.
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
2022-09-19 22:14:11 +00:00
Derek McGowan
58701f87c7
Merge pull request #7402 from nubificus/snapshotter/feat_add_ext2
...
Add ext2 fs support to devmapper snapshotter
2022-09-19 10:37:08 -07:00
Kazuyoshi Kato
bf26140d94
Fix LogURIGenerator on Windows
...
Checking / is not the right way to distinguish an absolute path in
Windows.
Fixes #5786 .
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
2022-09-19 10:00:18 -07:00
Fu Wei
333698a34d
Merge pull request #7396 from AdamKorcz/fuzz3
...
Fuzzing: Instrument with new sanitizers
2022-09-19 23:15:20 +08:00
Fu Wei
e94e5b7fb4
Merge pull request #7397 from kzys/remove-deps
...
Upgrade fuzzing-related packages to reduce dependencies
2022-09-19 23:13:44 +08:00
Phil Estes
a1e4a94694
Merge pull request #7393 from Iceber/skip_verify
...
remotes/docker/config: Skipping TLS verification for localhost
2022-09-19 10:53:56 -04:00
Anastassios Nanos
adfbda464b
Add ext2 fs support to devmapper snapshotter
...
Signed-off-by: Anastassios Nanos <ananos@nubificus.co.uk>
2022-09-19 09:21:26 +00:00
Kazuyoshi Kato
f0fbc8dfdc
Upgrade fuzzing-related packages to reduce dependencies
...
github.com/AdaLogics/go-fuzz-headers and
github.com/AdamKorcz/go-118-fuzz-build have less dependencies in
the last versions.
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
2022-09-15 23:25:03 +00:00
AdamKorcz
e7c593edd0
Fuzzing: Instrument with new sanitizers
...
Signed-off-by: AdamKorcz <adam@adalogics.com>
2022-09-15 23:59:13 +01:00
Kazuyoshi Kato
290ef2b43f
Merge pull request #7395 from kaovilai/SNYK-GOLANG-GITHUBCOMEMICKLEIGORESTFUL-2435653
...
Replace github.com/emicklei/go-restful package, versions <2.16.0
2022-09-15 15:05:18 -07:00
Brian Goff
9cdf9f6c6c
Use jq and only show failed tests on summary
...
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2022-09-14 23:31:32 +00:00
Brian Goff
34ad96babd
CI: Output a summary using GITHUB_SUMMARY
...
Uses teststat to parse the go test json and output markdown which will
be posted as a summary to the github action run.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2022-09-14 23:30:47 +00:00
Tiger Kaovilai
524d3aca80
github.com/emicklei/go-restful CWE-285: Improper Authorization
...
https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMEMICKLEIGORESTFUL-2435653
Signed-off-by: Tiger Kaovilai <tkaovila@redhat.com>
2022-09-14 14:38:00 -04:00
Iceber Gu
3cfde732e1
remotes/docker/config: Skipping TLS verification for localhost
...
Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>
2022-09-13 17:40:23 +08:00
Samuel Karp
f4095a6876
Merge pull request #7386 from mxpv/no-same-owner
2022-09-09 21:52:41 -07:00
Derek McGowan
5bedf3fca3
Merge pull request #7328 from liubin/add-privileged-without-host-devices
...
ctr: add privileged-without-host-devices for run command
2022-09-09 20:58:16 -07:00
Derek McGowan
3f3db4021a
Merge pull request #7341 from my-git9/imagepull2
...
chore: matching the casing of other flags for ctr's pull command
2022-09-09 20:52:36 -07:00
Maksym Pavlenko
0f51aa874d
Add NoSameOwner option when unpacking tars
...
When unpacking a TAR archive, containerd preserves file's owner:
https://github.com/containerd/containerd/blob/main/archive/tar.go#L384
In some cases this behavior is not desired. In current implementation we
avoid `Lchown` on Windows. Another case when this should be skipped is
when using native snapshotter on darwin and running as non-root user.
This PR extracts a generic option - `WithNoSameOwner` (same as
`tar --no-same-owner`) to skip `Lchown` when its not required.
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2022-09-09 17:07:26 -07:00
Kevin Parsons
de509c0682
Merge pull request #6901 from dcantah/add-wcowhyp-runtime
...
windows: Add runhcs-wcow-hypervisor runtimeclass to the default config
2022-09-08 10:53:12 -07:00
xin.li
b2a7183a83
matching the casing of other flags for ctr's pull command.
...
Signed-off-by: xin.li <xin.li@daocloud.io>
2022-09-08 22:07:35 +08:00
Derek McGowan
dbd3c8c5b8
Merge pull request #7370 from wzshiming/fix/missing-close
2022-09-07 08:19:41 -07:00
Fu Wei
99ee82d0b6
Merge pull request #7374 from soulseen/update-cdi-version
2022-09-07 13:37:41 +08:00
Davanum Srinivas
4a6d8d319b
Merge pull request #7372 from thaJeztah/bump_golang_1.19.1
...
Update to go 1.19.1, 1.18.6 to address CVE-2022-27664, CVE-2022-32190
2022-09-06 22:08:47 -04:00
xiaoyang zhu
829dd2145f
update cdi version to v0.5.1
...
Signed-off-by: xiaoyang zhu <zhuxiaoyang1996@gmail.com>
2022-09-07 09:34:55 +08:00
Fu Wei
e8dd962bb4
Merge pull request #7373 from thaJeztah/bump_x_net
2022-09-07 08:00:54 +08:00
Kazuyoshi Kato
db28354cb5
Merge pull request #7371 from estesp/remove-unused
...
Remove unused variable from images action
2022-09-06 15:22:31 -07:00
Sebastiaan van Stijn
0f743ce4ff
vendor: golang.org/x/net v0.0.0-20220906165146-f3363e06e74c
...
Update to the latest version that contains a fix for CVE-2022-27664;
f3363e06e7
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-06 22:46:21 +02:00