github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
14,423 Commits 3 Branches 2 Tags 112 MiB
3b45a44ccc
Commit Graph

14423 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mike Baynton
347423a114 Request 'allow' setgroups when spawning new userns 
Signed-off-by: Mike Baynton <mike@mbaynton.com>
 2024-10-17 15:37:36 -05:00
Derek McGowan
ce265ff955
Merge pull request #10798 from benjaminp/patch-1 
Add After=dbus.service to containerd.service
 2024-10-17 18:23:17 +00:00
Derek McGowan
ec30475b2f
Merge pull request #10849 from austinvazquez/align-containerd-2.0-doc-links 
Format link text in containerd 2.0 doc for readability
 2024-10-17 11:54:49 -07:00
Austin Vazquez
249dd74744
Format link text in containerd 2.0 doc for readability 
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
 2024-10-17 17:11:13 +00:00
Benjamin Peterson
18e4ea9a6c Add After=dbus.service to containerd.service 
containerd launches runc, which communicates via dbus with systemd to start transient units. Thus, containerd should have an `After` dependency on `dbus.service` to prevent dbus from being shut down concurrently with containerd.

Signed-off-by: Benjamin Peterson <benjamin@engflow.com>
 2024-10-17 07:47:55 -07:00
Phil Estes
baf4a98631
Merge pull request #10845 from AkihiroSuda/docs-2.0-2 
Update `docs/containerd-2.0.md`
 2024-10-17 13:53:13 +00:00
Akihiro Suda
7c7c3cfce0
Merge pull request #10833 from containerd/dependabot/go_modules/github.com/klauspost/compress-1.17.11 
build(deps): bump github.com/klauspost/compress from 1.17.10 to 1.17.11
 2024-10-17 12:09:07 +00:00
Akihiro Suda
72e4db74d6
Merge pull request #9882 from abel-von/sandbox-controller-v2 
sandbox: make podsandbox controller plugin type of PodSandboxPlugin
 2024-10-17 10:34:38 +00:00
Akihiro Suda
3eea3536f1
docs/containerd-2.0.md: mention the removal of cri-containerd-*.tar.gz 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-10-17 19:17:34 +09:00
Akihiro Suda
f8d50f6e81
README.md: put a link to docs/containerd-2.0.md 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-10-17 19:13:20 +09:00
Akihiro Suda
6c386c343d
Merge pull request #10656 from djdongjin/remove-cri-SandboxInfo-RuntimeHandler 
Remove deprecated cri SandboxInfo RuntimeHandler
 2024-10-17 05:23:12 +00:00
Akihiro Suda
3a6e5fcb11
Merge pull request #10832 from containerd/dependabot/go_modules/github.com/urfave/cli/v2-2.27.5 
build(deps): bump github.com/urfave/cli/v2 from 2.27.4 to 2.27.5
 2024-10-17 01:30:17 +00:00
Derek McGowan
fff2236f49
Merge pull request #10769 from klihub/devel/update-nri 
Update NRI to latest.
 2024-10-16 23:38:34 +00:00
Samuel Karp
3bc51c43c0
Merge pull request #10696 from austinvazquez/add-containerd-2.0-doc 
Add containerd 2.0 doc
 2024-10-16 22:33:15 +00:00
Austin Vazquez
b724b9f231
Add containerd 2.0 doc 
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
 2024-10-16 17:53:38 +00:00
Phil Estes
0abada6251
Merge pull request #10839 from matteopulcini6/sandbox-deferring-teardown-main 
Handle teardown failure to avoid blocking cleanup
 2024-10-16 15:54:56 +00:00
Phil Estes
d1245c6faf
Merge pull request #10815 from Iceber/unmarshal-metrics-to-type 
metrics: Use UnmarshalTo instead of UnmarshalAny
 2024-10-16 13:50:24 +00:00
Phil Estes
dac94198b1
Merge pull request #10829 from containerd/dependabot/github_actions/lycheeverse/lychee-action-2.0.2 
build(deps): bump lycheeverse/lychee-action from 1.10.0 to 2.0.2
 2024-10-16 13:48:06 +00:00
Abel Feng
fc5086a74d cri: remove sandbox controller from client 
cri will call sandbox controller from the sandboxService, remove the
dependency of client.

Signed-off-by: Abel Feng <fshb1988@gmail.com>
 2024-10-16 17:37:07 +08:00
Abel Feng
e4df672ab8 sandbox: add sandbox controller v2 
Signed-off-by: Abel Feng <fshb1988@gmail.com>
 2024-10-16 17:37:05 +08:00
dependabot[bot]
4f2bc1580b
build(deps): bump lycheeverse/lychee-action from 1.10.0 to 2.0.2 
Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) from 1.10.0 to 2.0.2.
- [Release notes](https://github.com/lycheeverse/lychee-action/releases)
- [Commits](https://github.com/lycheeverse/lychee-action/compare/v1.10.0...v2.0.2)

---
updated-dependencies:
- dependency-name: lycheeverse/lychee-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-16 07:55:51 +00:00
Krisztian Litkey
4bd3a71dd6
go.{mod,sum}: update NRI deps and re-vendor. 
Update NRI dependencies to point to the latest main/HEAD.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2024-10-16 10:27:57 +03:00
Samuel Karp
37943cf6e4
Merge pull request #10840 from step-security-bot/stepsecurity_remediation_1729057981 
[StepSecurity] ci: Harden GitHub Actions
 2024-10-16 07:15:54 +00:00
StepSecurity Bot
bff82e1968
[StepSecurity] ci: Harden GitHub Actions 
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
 2024-10-16 05:53:03 +00:00
dependabot[bot]
5eb0be9941
build(deps): bump github.com/urfave/cli/v2 from 2.27.4 to 2.27.5 
Bumps [github.com/urfave/cli/v2](https://github.com/urfave/cli) from 2.27.4 to 2.27.5.
- [Release notes](https://github.com/urfave/cli/releases)
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md)
- [Commits](https://github.com/urfave/cli/compare/v2.27.4...v2.27.5)

---
updated-dependencies:
- dependency-name: github.com/urfave/cli/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-16 01:28:56 +00:00
Akihiro Suda
8b41368e7b
Merge pull request #10830 from containerd/dependabot/go_modules/otel-11b303cab5 
build(deps): bump the otel group with 8 updates
 2024-10-16 00:50:56 +00:00
Matteo Pulcini
0742238cd6 Handle teardown failure to avoid blocking cleanup 
Signed-off-by: Matteo Pulcini <Matteo.Pulcini@ibm.com>
 2024-10-15 15:35:20 -07:00
dependabot[bot]
c3d84a87fb
build(deps): bump the otel group with 8 updates 
Bumps the otel group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.55.0` | `0.56.0` |
| [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.55.0` | `0.56.0` |
| [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) | `1.30.0` | `1.31.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlptrace](https://github.com/open-telemetry/opentelemetry-go) | `1.30.0` | `1.31.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go) | `1.30.0` | `1.31.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) | `1.30.0` | `1.31.0` |
| [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) | `1.30.0` | `1.31.0` |
| [go.opentelemetry.io/otel/trace](https://github.com/open-telemetry/opentelemetry-go) | `1.30.0` | `1.31.0` |


Updates `go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc` from 0.55.0 to 0.56.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.55.0...zpages/v0.56.0)

Updates `go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp` from 0.55.0 to 0.56.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.55.0...zpages/v0.56.0)

Updates `go.opentelemetry.io/otel` from 1.30.0 to 1.31.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.30.0...v1.31.0)

Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace` from 1.30.0 to 1.31.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.30.0...v1.31.0)

Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc` from 1.30.0 to 1.31.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.30.0...v1.31.0)

Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp` from 1.30.0 to 1.31.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.30.0...v1.31.0)

Updates `go.opentelemetry.io/otel/sdk` from 1.30.0 to 1.31.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.30.0...v1.31.0)

Updates `go.opentelemetry.io/otel/trace` from 1.30.0 to 1.31.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.30.0...v1.31.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/trace
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-15 22:17:42 +00:00
dependabot[bot]
bfe59daae8
build(deps): bump github.com/klauspost/compress from 1.17.10 to 1.17.11 
Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.10 to 1.17.11.
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](https://github.com/klauspost/compress/compare/v1.17.10...v1.17.11)

---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-15 22:16:11 +00:00
Fu Wei
5d49f2e3ae
Merge pull request #10838 from samuelkarp/revert-runc-1.1.15 
Revert "update runc binary to 1.1.15"
 2024-10-15 20:45:12 +00:00
Fu Wei
36ae5f94b9
Merge pull request #10721 from rata/issue-10704 
Fix data loss in rootfs overlayfs when unmount of tmp dirs fail with idmap mounts
 2024-10-15 20:44:46 +00:00
Samuel Karp
b7c333ce24
Revert "update runc binary to 1.1.15" 
This reverts commit f0f1bfca07.

runc 1.1.15 appears to have incresed chances for causing OOMs for
containers with small memory limits.  Revert the change in containerd
to unblock CI while the upstream runc issue is resolved.

Dependency-issue: https://github.com/opencontainers/runc/issues/4427
Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2024-10-15 09:28:04 -07:00
Iceber Gu
c6d089090c metrics: Use UnmarshalTo instead of UnmarshalAny 
Co-authored-by: Sam Lockart <sam.lockart@zendesk.com>
Signed-off-by: Iceber Gu <caiwei95@hotmail.com>
 2024-10-12 15:55:27 +08:00
Akihiro Suda
61f91b963e
Merge pull request #10817 from AkihiroSuda/fix-10816 
CI: fix vagrant
 2024-10-12 13:57:42 +09:00
Akihiro Suda
1db0064c6a
CI: install OVMF for Vagrant 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-10-12 05:19:09 +09:00
Akihiro Suda
4d02217b5e
CI: fix "Unable to find a source package for vagrant" error 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-10-12 05:19:08 +09:00
Akihiro Suda
38beeb359a
Revert "use vagrant from jammy in noble" 
This reverts commit 1bfdccee09.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-10-12 05:19:08 +09:00
Akihiro Suda
e2daa20ed5
Revert "use older version of OVMF package" 
This reverts commit c25183ff19.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2024-10-12 05:19:08 +09:00
Akihiro Suda
08037e7624
Merge pull request #10821 from estesp/switch-arm-runners 
Switch from actuated.dev to GH Action runners for arm64
 2024-10-12 05:18:59 +09:00
Phil Estes
ee921689f7
Switch from actuated.dev to GH Action runners for arm64 
Signed-off-by: Phil Estes <estesp@amazon.com>
 2024-10-11 13:30:43 -04:00
Akihiro Suda
ce7c473ccc
Merge pull request #10788 from containerd/dependabot/go_modules/golang-x-fce5e8e0ff 
build(deps): bump golang.org/x/sys from 0.25.0 to 0.26.0 in the golang-x group
 2024-10-09 04:58:35 +00:00
dependabot[bot]
f89ed3c628
build(deps): bump golang.org/x/sys in the golang-x group 
Bumps the golang-x group with 1 update: [golang.org/x/sys](https://github.com/golang/sys).


Updates `golang.org/x/sys` from 0.25.0 to 0.26.0
- [Commits](https://github.com/golang/sys/compare/v0.25.0...v0.26.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang-x
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-09 03:54:23 +00:00
Akihiro Suda
2483108676
Merge pull request #10791 from containerd/dependabot/go_modules/google.golang.org/grpc-1.67.1 
build(deps): bump google.golang.org/grpc from 1.67.0 to 1.67.1
 2024-10-09 03:19:53 +00:00
dependabot[bot]
428df99db2
build(deps): bump google.golang.org/grpc from 1.67.0 to 1.67.1 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.67.0 to 1.67.1.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.67.0...v1.67.1)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-08 09:24:24 +00:00
Akihiro Suda
6c4102f944
Merge pull request #10790 from containerd/dependabot/go_modules/google.golang.org/protobuf-1.35.1 
build(deps): bump google.golang.org/protobuf from 1.34.2 to 1.35.1
 2024-10-08 08:42:38 +00:00
Akihiro Suda
179b8d9b3c
Merge pull request #10772 from austinvazquez/update-golang-1.23.2 
update to go1.23.2,go1.22.8
 2024-10-08 06:41:34 +00:00
Samuel Karp
ce648b5c89
Merge pull request #10787 from samuelkarp/runc-1.1.15 
update runc binary to 1.1.15
 2024-10-08 03:45:13 +00:00
Arkin Modi
72126a984c update sample go test commands 
Signed-off-by: Arkin Modi <Arkin.Modi@ibm.com>
 2024-10-07 20:41:24 -04:00
dependabot[bot]
9c42dd959a
build(deps): bump google.golang.org/protobuf from 1.34.2 to 1.35.1 
Bumps google.golang.org/protobuf from 1.34.2 to 1.35.1.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-07 23:32:15 +00:00
Samuel Karp
f0f1bfca07
update runc binary to 1.1.15 
diff: https://github.com/opencontainers/runc/compare/v1.1.14...v1.1.15

Release notes:

- The -ENOSYS seccomp stub is now always generated for the native
  architecture that runc is running on. This is needed to work around some
  arguably specification-incompliant behaviour from Docker on architectures
  such as ppc64le, where the allowed architecture list is set to null. This
  ensures that we always generate at least one -ENOSYS stub for the native
  architecture even with these weird configs. (#4391)
- On a system with older kernel, reading /proc/self/mountinfo may skip some
  entries, as a consequence runc may not properly set mount propagation,
  causing container mounts leak onto the host mount namespace. (#2404, #4425)
- In order to fix performance issues in the "lightweight" bindfd protection
  against [CVE-2019-5736], the temporary ro bind-mount of /proc/self/exe
  has been removed. runc now creates a binary copy in all cases. (#4392, #2532)

Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2024-10-07 15:41:26 -07:00