github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
11,055 Commits 3 Branches 2 Tags 112 MiB
34d078e99f
Commit Graph

11055 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Samuel Karp
34d078e99f
Merge pull request #7192 from cpuguy83/test_summary 2022-09-26 15:28:33 -07:00
Maksym Pavlenko
5018b6aa01
Merge pull request #7430 from my-git9/benchmark-test 
Fix missing close
 2022-09-26 10:34:55 -07:00
xin.li
396b6d670f fix missing close 
Signed-off-by: xin.li <xin.li@daocloud.io>
 2022-09-24 20:54:21 +08:00
Samuel Karp
4bd8b5be44
Merge pull request #7424 from cpuguy83/skip_shimcgroup 2022-09-23 15:06:44 -07:00
Brian Goff
b4558bedc6 Add test flag for skipping shim cgroup test 
For some shims (namely github.com/cpuguy83/containerd-shim-systemd-v1),
the shim cgroup test doesn't make sense since there is only a single
shim process for the entire node.

I use these integration tests to make sure the shim is compatible with
the runc shims and generally works as expected. This will let me skip
the shim cgroup test as there is no process for the shim to stick into
the cgroup... mostly.
There is a bootstrap process as well as a PTY copier proces which do use
the shim cgroup if provided, but the test is not able to check for
those (unless we enable tty on the test, which is a bit arbitrary and
not useful).

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2022-09-23 17:39:04 +00:00
Maksym Pavlenko
39f7cd73e7
Merge pull request #7405 from kzys/cri-fuzz 
Refactor CRI fuzzers
 2022-09-22 16:55:27 -07:00
Maksym Pavlenko
12b447606a
Merge pull request #7351 from kzys/log-windows 
Fix LogURIGenerator on Windows
 2022-09-22 12:15:42 -07:00
Maksym Pavlenko
23b545232c
Merge pull request #7417 from ruiwen-zhao/grpc_code 
Set grpc code for unimplemented cri-api methods
 2022-09-22 12:12:34 -07:00
Phil Estes
de2164158e
Merge pull request #7414 from dmcgowan/optimize-content-copy 
Add reader option to local content reader at
 2022-09-22 14:35:54 -04:00
Phil Estes
8f95bac049
Merge pull request #7401 from wllenyj/sandbox_stop 
Sandbox API: implement Controller.Wait and Controller.Stop
 2022-09-22 14:33:52 -04:00
ruiwen-zhao
c6f571fc7d Set grpc code for unimplemented cri-api methods 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-09-22 07:24:48 +00:00
wanglei01
82890dd290 CRI: implement Controller.Stop for SandboxAPI 
Signed-off-by: WangLei <wllenyj@linux.alibaba.com>
 2022-09-22 14:38:52 +08:00
wanglei01
927906992f CRI: implement Controller.Wait for SandboxAPI 
Rework sandbox monitoring, we should rely on Controller.Wait instead of
CRIService.StartSandboxExitMonitor

Signed-off-by: WangLei <wllenyj@linux.alibaba.com>
 2022-09-22 14:38:45 +08:00
Derek McGowan
1ff8df57a5
Merge pull request #7416 from BenTheElder/no-zuul 
remove stray .zuul.yaml
 2022-09-21 21:58:52 -07:00
Derek McGowan
97b8b152cb
Merge pull request #7408 from bart0sh/PR004-refer-CDI-configuration-doc 
reference CDI configuration details
 2022-09-21 21:57:57 -07:00
Benjamin Elder
dcb0d8f9ea remove stray .zuul.yaml 
previously PR 7369 removed .zuul jobs directory as zuul jobs are deprecated in openlab

Signed-off-by: Benjamin Elder <bentheelder@google.com>
 2022-09-21 20:22:36 -07:00
Ed Bartosh
e22a7a3833 reference CDI configuration details 
Signed-off-by: Ed Bartosh <eduard.bartosh@intel.com>
 2022-09-21 11:25:28 +03:00
Derek McGowan
bc01f8fc05
Add reader option to local content reader at 
Allows optimized copying from a local content file into another file.

Signed-off-by: Derek McGowan <derek@mcg.dev>
 2022-09-20 20:50:04 -07:00
Maksym Pavlenko
e14dca4a40
Merge pull request #7413 from samuelkarp/cri-integration-sandboxed 
cri-integration: propagate ENABLE_CRI_SANDBOXES
 2022-09-20 19:52:20 -07:00
Samuel Karp
c8010b9cbe
sbserver: return resources in ContainerStatus 
Port of b7b1200dd3 to sbserver

Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2022-09-20 18:38:09 -07:00
Samuel Karp
b92f3160a7
cri-integration: propagate ENABLE_CRI_SANDBOXES 
sudo(8) strips environment variables by default.  Explicitly set
ENABLE_CRI_SANDBOXES so we can ensure we test the sbserver CRI
implementation.

Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2022-09-20 18:38:09 -07:00
Derek McGowan
25f4cf398a
Merge pull request #7404 from joycebrum/main 
Enable OpenSSF Scorecard Github Action
 2022-09-20 12:25:32 -07:00
Joyce Brum
b79dcabd67 chore: enable Scorecard Github Action 
Signed-off-by: Joyce Brum <joycebrumu.u@gmail.com>
 2022-09-20 14:36:40 -03:00
Kazuyoshi Kato
a37c64b20c Refactor CRI fuzzers 
pkg/cri/sbserver/cri_fuzzer.go and pkg/cri/server/cri_fuzzer.go were
mostly the same.

This commit merges them together and move the unified fuzzer to
contrib/fuzz again to sort out dependencies. pkg/cri/ shouldn't consume
cmd/.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-09-19 22:14:11 +00:00
Derek McGowan
58701f87c7
Merge pull request #7402 from nubificus/snapshotter/feat_add_ext2 
Add ext2 fs support to devmapper snapshotter
 2022-09-19 10:37:08 -07:00
Kazuyoshi Kato
bf26140d94 Fix LogURIGenerator on Windows 
Checking / is not the right way to distinguish an absolute path in
Windows.

Fixes #5786.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-09-19 10:00:18 -07:00
Fu Wei
333698a34d
Merge pull request #7396 from AdamKorcz/fuzz3 
Fuzzing: Instrument with new sanitizers
 2022-09-19 23:15:20 +08:00
Fu Wei
e94e5b7fb4
Merge pull request #7397 from kzys/remove-deps 
Upgrade fuzzing-related packages to reduce dependencies
 2022-09-19 23:13:44 +08:00
Phil Estes
a1e4a94694
Merge pull request #7393 from Iceber/skip_verify 
remotes/docker/config: Skipping TLS verification for localhost
 2022-09-19 10:53:56 -04:00
Anastassios Nanos
adfbda464b Add ext2 fs support to devmapper snapshotter 
Signed-off-by: Anastassios Nanos <ananos@nubificus.co.uk>
 2022-09-19 09:21:26 +00:00
Kazuyoshi Kato
f0fbc8dfdc Upgrade fuzzing-related packages to reduce dependencies 
github.com/AdaLogics/go-fuzz-headers and
github.com/AdamKorcz/go-118-fuzz-build have less dependencies in
the last versions.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-09-15 23:25:03 +00:00
AdamKorcz
e7c593edd0 Fuzzing: Instrument with new sanitizers 
Signed-off-by: AdamKorcz <adam@adalogics.com>
 2022-09-15 23:59:13 +01:00
Kazuyoshi Kato
290ef2b43f
Merge pull request #7395 from kaovilai/SNYK-GOLANG-GITHUBCOMEMICKLEIGORESTFUL-2435653 
Replace github.com/emicklei/go-restful package, versions <2.16.0
 2022-09-15 15:05:18 -07:00
Brian Goff
9cdf9f6c6c Use jq and only show failed tests on summary 
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2022-09-14 23:31:32 +00:00
Brian Goff
34ad96babd CI: Output a summary using GITHUB_SUMMARY 
Uses teststat to parse the go test json and output markdown which will
be posted as a summary to the github action run.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2022-09-14 23:30:47 +00:00
Tiger Kaovilai
524d3aca80 github.com/emicklei/go-restful CWE-285: Improper Authorization 
https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMEMICKLEIGORESTFUL-2435653
Signed-off-by: Tiger Kaovilai <tkaovila@redhat.com>
 2022-09-14 14:38:00 -04:00
Iceber Gu
3cfde732e1 remotes/docker/config: Skipping TLS verification for localhost 
Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>
 2022-09-13 17:40:23 +08:00
Samuel Karp
f4095a6876
Merge pull request #7386 from mxpv/no-same-owner 2022-09-09 21:52:41 -07:00
Derek McGowan
5bedf3fca3
Merge pull request #7328 from liubin/add-privileged-without-host-devices 
ctr: add privileged-without-host-devices for run command
 2022-09-09 20:58:16 -07:00
Derek McGowan
3f3db4021a
Merge pull request #7341 from my-git9/imagepull2 
chore: matching the casing of other flags for ctr's pull command
 2022-09-09 20:52:36 -07:00
Maksym Pavlenko
0f51aa874d Add NoSameOwner option when unpacking tars 
When unpacking a TAR archive, containerd preserves file's owner:
https://github.com/containerd/containerd/blob/main/archive/tar.go#L384

In some cases this behavior is not desired. In current implementation we
avoid `Lchown` on Windows. Another case when this should be skipped is
when using native snapshotter on darwin and running as non-root user.

This PR extracts a generic option - `WithNoSameOwner` (same as
`tar --no-same-owner`) to skip `Lchown` when its not required.

Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-09-09 17:07:26 -07:00
Kevin Parsons
de509c0682
Merge pull request #6901 from dcantah/add-wcowhyp-runtime 
windows: Add runhcs-wcow-hypervisor runtimeclass to the default config
 2022-09-08 10:53:12 -07:00
xin.li
b2a7183a83 matching the casing of other flags for ctr's pull command. 
Signed-off-by: xin.li <xin.li@daocloud.io>
 2022-09-08 22:07:35 +08:00
Derek McGowan
dbd3c8c5b8
Merge pull request #7370 from wzshiming/fix/missing-close 2022-09-07 08:19:41 -07:00
Fu Wei
99ee82d0b6
Merge pull request #7374 from soulseen/update-cdi-version 2022-09-07 13:37:41 +08:00
Davanum Srinivas
4a6d8d319b
Merge pull request #7372 from thaJeztah/bump_golang_1.19.1 
Update to go 1.19.1, 1.18.6 to address CVE-2022-27664, CVE-2022-32190
 2022-09-06 22:08:47 -04:00
xiaoyang zhu
829dd2145f update cdi version to v0.5.1 
Signed-off-by: xiaoyang zhu <zhuxiaoyang1996@gmail.com>
 2022-09-07 09:34:55 +08:00
Fu Wei
e8dd962bb4
Merge pull request #7373 from thaJeztah/bump_x_net 2022-09-07 08:00:54 +08:00
Kazuyoshi Kato
db28354cb5
Merge pull request #7371 from estesp/remove-unused 
Remove unused variable from images action
 2022-09-06 15:22:31 -07:00
Sebastiaan van Stijn
0f743ce4ff
vendor: golang.org/x/net v0.0.0-20220906165146-f3363e06e74c 
Update to the latest version that contains a fix for CVE-2022-27664;
f3363e06e7

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-09-06 22:46:21 +02:00