containerd

Author	SHA1	Message	Date
Derek McGowan	79a3b20a63	Merge pull request #9764 from Fish-pro/patch-1 Clean up repeated package import	2024-02-07 05:53:38 +00:00
Fu Wei	2f807b606a	Merge pull request #9750 from jiusanzhou/bugfix/integration-fix-strace-inject Support inject delay running with the old version (4.x) of strace for test case	2024-02-06 05:30:42 +00:00
Maksym Pavlenko	d297fbee39	Merge pull request #9753 from kiashok/updateHcsshimMain Update hcsshim to v0.12.0-rc.3	2024-02-06 03:45:22 +00:00
Fu Wei	e5a8e6ebcd	Merge pull request #9763 from mxpv/stale Treat PRs that require rebase > 90 days as stale	2024-02-06 03:36:54 +00:00
Zechun Chen	5cbe92e88e	Clean up repeated package import Signed-off-by: Zechun Chen <zechun.chen@daocloud.io>	2024-02-06 11:06:33 +08:00
Maksym Pavlenko	72950c00b8	Treat PRs that require rebase > 90 days as stale Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2024-02-05 18:23:20 -08:00
Maksym Pavlenko	c78d526825	Merge pull request #9757 from containerd/dependabot/go_modules/github.com/klauspost/compress-1.17.6 build(deps): bump github.com/klauspost/compress from 1.17.5 to 1.17.6	2024-02-06 02:13:35 +00:00
Maksym Pavlenko	56e026bf70	Merge pull request #9760 from containerd/dependabot/go_modules/github.com/opencontainers/image-spec-1.1.0-rc6 build(deps): bump github.com/opencontainers/image-spec from 1.1.0-rc5 to 1.1.0-rc6	2024-02-06 02:12:55 +00:00
Maksym Pavlenko	a4ff0b3139	Merge pull request #9754 from mxpv/ttrpc_update Update TTRPC	2024-02-06 02:02:16 +00:00
dependabot[bot]	db437580bc	build(deps): bump github.com/opencontainers/image-spec Bumps [github.com/opencontainers/image-spec](https://github.com/opencontainers/image-spec) from 1.1.0-rc5 to 1.1.0-rc6. - [Release notes](https://github.com/opencontainers/image-spec/releases) - [Changelog](https://github.com/opencontainers/image-spec/blob/main/RELEASES.md) - [Commits](https://github.com/opencontainers/image-spec/compare/v1.1.0-rc5...v1.1.0-rc6) --- updated-dependencies: - dependency-name: github.com/opencontainers/image-spec dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-02-05 23:31:58 +00:00
dependabot[bot]	2c7d69530d	build(deps): bump github.com/klauspost/compress from 1.17.5 to 1.17.6 Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.5 to 1.17.6. - [Release notes](https://github.com/klauspost/compress/releases) - [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml) - [Commits](https://github.com/klauspost/compress/compare/v1.17.5...v1.17.6) --- updated-dependencies: - dependency-name: github.com/klauspost/compress dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-02-05 23:30:39 +00:00
Maksym Pavlenko	da1673f55d	Update vendor Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2024-02-05 11:48:16 -08:00
Maksym Pavlenko	047d42e901	Update ttrpc to v1.2.3 Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2024-02-05 11:48:04 -08:00
Kirtana Ashok	64e96c7d47	Update hcsshim to v0.12.0-rc.3 Signed-off-by: Kirtana Ashok <kiashok@microsoft.com>	2024-02-05 10:42:36 -08:00
Zoe	a9060cda4a	Support inject delay running with the old version (4.x) of strace for test case. Only the newer version of strace can support `--detach-on` options and set time duration with human readable string. In the 4.x version of strace, using `-b` to replace `--detach-on`, and injecting a delay with int usecs. Signed-off-by: Zoe <hi@zoe.im>	2024-02-05 21:27:41 +08:00
Fu Wei	f5e7fe0cb6	Merge pull request #9644 from abel-von/fix-sandbox-status sandbox: fix podsandbox recover status issue	2024-02-05 07:50:34 +00:00
Samuel Karp	0125a42fb5	Merge pull request #9729 from mxpv/duration Remove duplicated TOML duration parsers	2024-02-05 07:43:51 +00:00
Abel Feng	e230ed939c	sandbox: add sandbox recover ut and e2e test Signed-off-by: Abel Feng <fshb1988@gmail.com>	2024-02-04 11:55:46 +08:00
Abel Feng	3124964743	sandbox: fix recover status set issue We can't set the status to Ready before task.Wait succeed. Signed-off-by: Abel Feng <fshb1988@gmail.com>	2024-02-04 11:52:37 +08:00
Samuel Karp	96bf529cbf	Merge pull request #9742 from mxpv/envelope Move Message proto to types	2024-02-03 06:32:01 +00:00
Derek McGowan	a896610da1	Merge pull request #9718 from jsturtevant/transfer-service-windows Add a default differ for Windows that matches the snapshotter when using transfer service	2024-02-02 20:38:26 +00:00
Samuel Karp	1a39b91819	Merge pull request #9741 from mxpv/internal_cri Move CRI from pkg/ to internal/	2024-02-02 19:38:44 +00:00
Maksym Pavlenko	0facc85925	Fix proto formatting Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2024-02-02 10:35:23 -08:00
Maksym Pavlenko	7f2d2c4f44	Move Message proto to types Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2024-02-02 10:35:23 -08:00
Maksym Pavlenko	2875247338	Fix formatting after moving CRI Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2024-02-02 10:12:08 -08:00
Maksym Pavlenko	bbac058cf3	Move CRI from pkg/ to internal/ Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2024-02-02 10:12:08 -08:00
Derek McGowan	db1e16da34	Merge pull request #9730 from thockin/main CRI: An empty DNSConfig != unspecified	2024-02-02 17:32:45 +00:00
Tim Hockin	6e365e9250	CRI: An empty DNSConfig != unspecified If we find that DNSConfig is provided and empty (not nil), we should not replace it with the host's resolv.conf. Also adds tests. Signed-off-by: Tim Hockin <thockin@google.com>	2024-02-01 13:37:22 -08:00
Maksym Pavlenko	9340be717f	Remove duplicated TOML duration parsers Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2024-02-01 11:48:33 -08:00
Maksym Pavlenko	ac54047344	Merge pull request #9713 from AkihiroSuda/cri-rro cri: make read-only mounts recursively read-only	2024-02-01 18:30:25 +00:00
Akihiro Suda	b2f254fff0	cri: make read-only mounts recursively read-only Prior to this commit, `readOnly` volumes were not recursively read-only and could result in compromise of data; e.g., even if `/mnt` was mounted as read-only, its submounts such as `/mnt/usbstorage` were not read-only. This commit utilizes runc's "rro" bind mount option to make read-only bind mounts literally read-only. The "rro" bind mount options is implemented by calling `mount_setattr(2)` with `MOUNT_ATTR_RDONLY` and `AT_RECURSIVE`. The "rro" bind mount options requires kernel >= 5.12, with runc >= 1.1 or a compatible runtime such as crun >= 1.4. When the "rro" bind mount options is not available, containerd falls back to the legacy non-recursive read-only mounts by default. The behavior is configurable via `/etc/containerd/config.toml`: ```toml version = 2 [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] # treat_ro_mounts_as_rro ("Enabled"\|"IfPossible"\|"Disabled") # treats read-only mounts as recursive read-only mounts. # An empty string means "IfPossible". # "Enabled" requires Linux kernel v5.12 or later. # This configuration does not apply to non-volume mounts such as "/sys/fs/cgroup". treat_ro_mounts_as_rro = "" ``` Replaces: - kubernetes/enhancements issue 3857 - kubernetes/enhancements PR 3858 Note: this change does not affect non-CRI clients such as ctr, nerdctl, and Docker/Moby. RRO mounts have been supported since nerdctl v0.14 (containerd/nerdctl PR 511) and Docker v25 (moby/moby PR 45278). Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2024-02-01 09:39:36 +09:00
Akihiro Suda	0dbe758833	Merge pull request #9716 from AkihiroSuda/rocky8.9 CI: update Rocky Linux to 8.9	2024-01-31 21:28:05 +00:00
Akihiro Suda	cde08a4ff8	Merge pull request #9715 from AkihiroSuda/crun-1.14 CI: bump up crun to 1.14	2024-01-31 21:11:28 +00:00
Akihiro Suda	7ab553369f	Merge pull request #9722 from dmcgowan/update-runc-1.1.12 Update runc binary to v1.1.12	2024-01-31 21:10:57 +00:00
Akihiro Suda	27706ca4dc	Merge pull request #9721 from imba-tjd/patch-1 docs: fix typo	2024-01-31 21:10:36 +00:00
James Sturtevant	f74e5ce7e6	Move differ default to its own file Signed-off-by: James Sturtevant <jsturtevant@gmail.com>	2024-01-31 09:54:27 -08:00
Derek McGowan	82fb589ffb	Update runc binary to v1.1.12 Update the runc binary, which includes a fix for [CVE-2024-21626]. - release notes: https://github.com/opencontainers/runc/releases/tag/v1.1.12 - full diff: https://github.com/opencontainers/runc/compare/v1.1.11...v1.1.12 [CVE-2024-21626]: https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv Signed-off-by: Derek McGowan <derek@mcg.dev>	2024-01-31 09:31:59 -08:00
谭九鼎	87a9835f16	docs: fix typo Signed-off-by: 谭九鼎 <109224573@qq.com>	2024-01-31 21:37:48 +08:00
James Sturtevant	81409e9373	Add a default differ that matches the snapshotter Signed-off-by: James Sturtevant <jsturtevant@gmail.com>	2024-01-30 14:34:58 -08:00
Akihiro Suda	93573f5cf3	Merge pull request #9714 from AkihiroSuda/rm-docs-cri-installation.md rm docs/cri/installation.md	2024-01-30 20:57:37 +00:00
Akihiro Suda	2369185aac	CI: update Rocky Linux to 8.9 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2024-01-31 05:56:46 +09:00
Akihiro Suda	d8460a702a	CI: bump up crun to 1.14 Changes: - https://github.com/containers/crun/releases/tag/1.13 - https://github.com/containers/crun/releases/tag/1.14 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2024-01-31 05:16:16 +09:00
Akihiro Suda	ebbce74230	rm docs/cri/installation.md The file was replaced with the "Please update your bookmark" page on Apr 1, 2022 (PR 6758). Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2024-01-31 05:04:54 +09:00
Akihiro Suda	d58ec0b1ef	Merge pull request #9710 from containerd/dependabot/go_modules/github.com/google/uuid-1.6.0 build(deps): bump github.com/google/uuid from 1.5.0 to 1.6.0	2024-01-30 19:51:39 +00:00
Akihiro Suda	4e34612df7	Merge pull request #9709 from containerd/dependabot/go_modules/google.golang.org/grpc-1.61.0 build(deps): bump google.golang.org/grpc from 1.60.1 to 1.61.0	2024-01-30 19:51:21 +00:00
Phil Estes	b537ed7436	Merge pull request #9711 from containerd/dependabot/go_modules/github.com/klauspost/compress-1.17.5 build(deps): bump github.com/klauspost/compress from 1.17.4 to 1.17.5	2024-01-30 14:19:32 +00:00
Akihiro Suda	728b45d5c2	Merge pull request #9708 from containerd/dependabot/go_modules/github.com/containerd/plugin-0.1.0 build(deps): bump github.com/containerd/plugin from 0.0.0-20231101173250-7ec69893e1e7 to 0.1.0	2024-01-30 13:23:14 +00:00
Maksym Pavlenko	d558f889ca	Merge pull request #9706 from containerd/dependabot/github_actions/lycheeverse/lychee-action-1.9.3 build(deps): bump lycheeverse/lychee-action from 1.9.1 to 1.9.3	2024-01-30 04:26:37 +00:00
dependabot[bot]	49d5cc7f96	build(deps): bump github.com/klauspost/compress from 1.17.4 to 1.17.5 Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.4 to 1.17.5. - [Release notes](https://github.com/klauspost/compress/releases) - [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml) - [Commits](https://github.com/klauspost/compress/compare/v1.17.4...v1.17.5) --- updated-dependencies: - dependency-name: github.com/klauspost/compress dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-29 23:48:00 +00:00
dependabot[bot]	4d33170ea8	build(deps): bump github.com/google/uuid from 1.5.0 to 1.6.0 Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.5.0 to 1.6.0. - [Release notes](https://github.com/google/uuid/releases) - [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md) - [Commits](https://github.com/google/uuid/compare/v1.5.0...v1.6.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-29 23:47:01 +00:00

1 2 3 4 5 ...

13443 Commits