github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
14,254 Commits 3 Branches 2 Tags 112 MiB
490e45a08a
Commit Graph

14254 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Avi Deitcher
76049170b8 document runtime and shim configuration and selection 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2023-11-06 08:59:36 +02:00
Wei Fu
2fab240f21 integration: init release upgrade test 
The TestUpgrade downloads the latest of previous release's binary and
use them to setup pods and then use current release to recover the
existing pods.

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2023-11-05 17:51:28 +08:00
Samuel Karp
bd2db42464
Merge pull request #9287 from lengrongfu/feat/add-warning-use-inheritable 
add warning use inheritable Capabilities
 2023-11-04 00:33:18 +00:00
Akihiro Suda
33fab02dce
Merge pull request #7647 from thaJeztah/no_execabs 
switch back from golang.org/x/sys/execabs to os/exec (go1.19)
 2023-11-03 07:40:22 +00:00
Samuel Karp
edbd387236
Merge pull request #9319 from samuelkarp/config-deprecation-warnings 
cri: add deprecation warnings for mirrors, auths, and configs
 2023-11-02 20:19:04 +00:00
Sebastiaan van Stijn
2af6db672e
switch back from golang.org/x/sys/execabs to os/exec (go1.19) 
This is effectively a revert of 2ac9968401, which
switched from os/exec to the golang.org/x/sys/execabs package to mitigate
security issues (mainly on Windows) with lookups resolving to binaries in the
current directory.

from the go1.19 release notes https://go.dev/doc/go1.19#os-exec-path

> ## PATH lookups
>
> Command and LookPath no longer allow results from a PATH search to be found
> relative to the current directory. This removes a common source of security
> problems but may also break existing programs that depend on using, say,
> exec.Command("prog") to run a binary named prog (or, on Windows, prog.exe) in
> the current directory. See the os/exec package documentation for information
> about how best to update such programs.
>
> On Windows, Command and LookPath now respect the NoDefaultCurrentDirectoryInExePath
> environment variable, making it possible to disable the default implicit search
> of “.” in PATH lookups on Windows systems.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-11-02 21:15:40 +01:00
Samuel Karp
a596d09ec9
cri: add deprecation warning for configs 
Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2023-11-02 11:17:32 -07:00
Samuel Karp
35924bccc0
cri: add deprecation warning for auths 
Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2023-11-02 11:17:32 -07:00
Samuel Karp
d7cb25d770
cri: add deprecation warning for mirrors 
Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2023-11-02 11:17:31 -07:00
Samuel Karp
58cc275eb8
cri: add ability to emit deprecation warnings 
Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2023-11-02 11:17:31 -07:00
Samuel Karp
6cd0e8e405
Merge pull request #9321 from dmcgowan/switch-to-plugin-repo 
Switch to plugin repo
 2023-11-02 16:50:49 +00:00
Phil Estes
740717673f
Merge pull request #9317 from jsturtevant/fix-sbserver-windows 
CRI: Handle ArgsEscaped for new Sb Server by clearing commandline in spec
 2023-11-02 14:45:39 +00:00
Phil Estes
3d6c5ea487
Merge pull request #9308 from ZhangShuaiyi/fix/TestRwLoop 
test: remove /dev/loopX in TestRwLoop
 2023-11-02 14:44:59 +00:00
Phil Estes
cb742b5dff
Merge pull request #9320 from vinayakankugoyal/io_uring 
Don't allow io_uring related syscalls in the RuntimeDefault seccomp profile.
 2023-11-02 14:43:35 +00:00
Sebastiaan van Stijn
68cac3f62f
client: remove obsolete ErrCheckpointRWUnsupported 
runtime v1 is deprecated, and this error appears to be unused.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-11-02 09:49:14 +01:00
rongfu.leng
df19888f83 add warning use inheritable Capabilities 
Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>
 2023-11-02 16:14:59 +08:00
Derek McGowan
411e2bce49
Remove plugins package 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-11-01 23:01:42 -07:00
Derek McGowan
9db21401c4
Switch to github.com/containerd/plugin 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-11-01 23:01:42 -07:00
Akihiro Suda
a72adffa65
Merge pull request #9316 from dmcgowan/rename-client-package 
Move client to subpackage
 2023-11-02 02:16:08 +00:00
Vinayak Goyal
a48ddf4a20 Don't allow io_uring related syscalls in the RuntimeDefault seccomp profile. 
Signed-off-by: Vinayak Goyal <vinaygo@google.com>
 2023-11-02 01:23:58 +00:00
Derek McGowan
2dfae4c4b6
Prepare release notes for v2.0.0-beta.0 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-11-01 17:23:18 -07:00
Derek McGowan
6ca4b52605
Update mailmap 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-11-01 17:10:26 -07:00
James Sturtevant
a67efe88db
Add tests cases 
Signed-off-by: James Sturtevant <jsturtevant@gmail.com>
 2023-11-01 15:32:43 -07:00
Derek McGowan
f1d659dc50
Update package name in Makefile 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-11-01 14:28:24 -07:00
James Sturtevant
0ffc3e9873
Handle ArgsEscaped for new Sb Server 
The PR https://github.com/containerd/containerd/pull/8198 fixed this for CRI but missed clearing the commandline in the forked SB server. This simply adds that back in

Signed-off-by: James Sturtevant <jsturtevant@gmail.com>
 2023-11-01 12:06:07 -07:00
Derek McGowan
b85df264ef
Rename opt to avoid stutter 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-11-01 10:39:54 -07:00
Derek McGowan
261e01c2ac
Move client to subpackage 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-11-01 10:37:00 -07:00
Akihiro Suda
19ff94b701
Merge pull request #9306 from dmcgowan/containerd-v2-module 
Containerd v2 module
 2023-11-01 15:20:35 +00:00
Shuaiyi Zhang
b6adf43d4a test: use 'Autoclear: ture' in TestRwLoop and add Autoclear test 
Signed-off-by: Shuaiyi Zhang <zhang_syi@qq.com>
 2023-11-01 11:49:12 +08:00
Samuel Karp
d8d2b79e1d
Merge pull request #9305 from AlexRod34/doc-ops-update 
Update cli --help output for consistency
 2023-10-30 20:23:00 +00:00
Alex Rodriguez
124d3a20a6
Sync ops.md, update CLI --help output to be consistent in descriptions 
Signed-off-by: Alex Rodriguez <alexrodriguez@ibm.com>
 2023-10-30 08:54:29 -07:00
Derek McGowan
6021103e1f
Merge pull request #9274 from yyb196/fix-invalid-token 
fix bug that using invalid token to retry fetching layer
 2023-10-30 13:53:22 +00:00
Derek McGowan
5fdf55e493
Update go module to github.com/containerd/containerd/v2 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-10-29 20:52:21 -07:00
Derek McGowan
abfc8be530
Fix lint in integration/client 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-10-27 22:32:44 -07:00
Derek McGowan
ddd73ad300
Move protofiles generated into v2 directory 
Protobuf will automatically put the files generated for a v2 module into
a v2 directory. Move them to their correct location after running the
protobuild.

Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-10-27 15:44:23 -07:00
Derek McGowan
638b474c81
Temporarily remove imgcrypt in CRI to fix circular dependency 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-10-27 15:36:47 -07:00
Derek McGowan
192168038e
Temporarily remove integration/client submodule 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-10-27 11:11:20 -07:00
Samuel Karp
332fbd907e
Merge pull request #9258 from samuelkarp/introspection-deprecation-warning 
Expose usage of deprecated features
 2023-10-26 22:49:37 +00:00
Akihiro Suda
82d7a69605
Merge pull request #9286 from thaJeztah/bump_copress 
vendor: github.com/klauspost/compress v1.17.2
 2023-10-26 03:26:44 +00:00
Akihiro Suda
c5bd5cbeda
Merge pull request #9297 from milas/grpc-1.58.3-main 
vendor: google.golang.org/grpc v1.58.3
 2023-10-25 23:35:19 +00:00
Samuel Karp
90f1638e72
Merge pull request #9294 from dmcgowan/push-match-request-scheme 
Check scheme and host of request on push redirect
 2023-10-25 22:13:48 +00:00
Sebastiaan van Stijn
4e3fbd36e7
vendor: github.com/klauspost/compress v1.17.2 
fixes data corruption with zstd output in "best"

full diff: https://github.com/klauspost/compress/compare/v1.17.1...v1.17.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-10-25 23:55:07 +02:00
Mike Brown
43d3cb9eb7
Merge pull request #9283 from dmcgowan/tls-default-behavior 
Avoid TLS fallback when protocol is not ambiguous
 2023-10-25 21:09:37 +00:00
Milas Bowman
856d1053f4 vendor: google.golang.org/grpc v1.58.3 
Upgrade google.golang.org/grpc to v1.58.3 in preparation for
upgrading OTel, which has a dependency on the latest version.

See also: containerd/containerd#9281.

Signed-off-by: Milas Bowman <milas.bowman@docker.com>
 2023-10-25 16:47:11 -04:00
Samuel Karp
8b153152af
Merge pull request #9289 from dmcgowan/fuzz-daemon-cleanup 
fuzz: update go fuzz to directly instantiate server
 2023-10-25 17:54:44 +00:00
Derek McGowan
466ee870d5
Check scheme and host of request on push redirect 
When the HTTP fallback is used, the scheme changes from HTTPS to HTTP
which can cause a mismatch on redirect, causing the authorizer to get
stripped out. Since the redirect host must match the redirect host in
this case, credentials are only sent to the same origin host that
returned the redirect.

This fixes an issue for a push getting a 401 unauthorized on the PUT
request even though credentials are available.

Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-10-25 08:47:22 -07:00
Samuel Karp
3fff8b4f62
ctr: new deprecations command 
Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2023-10-24 22:38:33 -07:00
Samuel Karp
079383dbec
dynamic: record deprecation for dynamic plugins 
Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2023-10-24 22:38:32 -07:00
Samuel Karp
260e71abc4
server: add ability to record config deprecations 
Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2023-10-24 22:38:32 -07:00
Samuel Karp
bc861b66f9
pull: record deprecation warning for schema 1 
Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2023-10-24 22:38:32 -07:00