github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
5,930 Commits 3 Branches 2 Tags 112 MiB
852587cd18
Commit Graph

5930 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gaurav Singh
852587cd18 [events/exchange_test] Fix deadlock in TestExchangeFilters 
Signed-off-by: Gaurav Singh <gaurav1086@gmail.com>

Remove sync

Signed-off-by: Gaurav Singh <gaurav1086@gmail.com>
 2020-07-10 10:27:42 -04:00
Phil Estes
4f979f0655
Merge pull request #4364 from AkihiroSuda/ci-v1-v2-clarity 
CI: {v1, v2} -> io.containerd.runc.{v1,v2}
 2020-07-08 08:49:04 -04:00
Akihiro Suda
09f4533941
CI: {v1, v2} -> io.containerd.runc.{v1,v2} 
The previous names were confusing because v1 may look like shim API v1 (io.containerd.runtime.v1.linux").
Also, v2 may look like cgroup v2.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2020-07-08 14:12:56 +09:00
Derek McGowan
68b9b8f896
Merge pull request #4259 from estesp/fuse-overlayfs 
Support helpers for label-based userns remapping
 2020-07-06 11:22:34 -07:00
Wei Fu
fa0f7cbb41
Merge pull request #4355 from fuweid/fix4342 
cio: should not open fifo for stderr if terminal
 2020-07-06 20:13:03 +08:00
Akihiro Suda
422c401a48
Merge pull request #4353 from gaurav1086/TestExchangeBasic_fix_deadlock 
[events] Fix deadlock in TestExchangeBasic
 2020-07-06 18:03:07 +09:00
Mike Brown
5c695da77b
Merge pull request #4362 from mikebrow/update-cri-enable-force-remove 
update to latest containerd/cri
 2020-07-05 18:42:35 -05:00
Mike Brown
d7e59b141c enable removecontainer to forcibly remove containers 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2020-07-05 12:47:43 -05:00
Akihiro Suda
3919dbcba2
Merge pull request #4357 from dims/update-runc-to-v1.0.0-rc91 
Update runc to v1.0.0-rc91 and pickup latest containerd/cri
 2020-07-05 12:04:28 +09:00
Davanum Srinivas
963625d7bc
Update runc to v1.0.0-rc91 
https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc91

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-07-04 14:46:03 -04:00
Akihiro Suda
5e7751b1d3
Merge pull request #4360 from AkihiroSuda/crun-014 
update crun to v0.14
 2020-07-03 20:05:09 +09:00
Wei Fu
f821b77151
Merge pull request #4272 from dmcgowan/update-registry-host-config 
Registry config header support and fixes
 2020-07-03 18:47:46 +08:00
Akihiro Suda
c041970e99
update crun to v0.14 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2020-07-03 12:59:04 +09:00
Wei Fu
c91c72c867
Merge pull request #4239 from thaJeztah/md2manv2_urfave_bump 
update urfave/cli v1.22.1, go-md2man v2.0.0, blackfriday v2.0.1
 2020-07-02 17:16:56 +08:00
Sebastiaan van Stijn
a6dd1f27d9
update urfave/cli v1.22.1, go-md2man v2.0.0, blackfriday v2.0.1 
This updates urfave/cli and its dependencies to v1.22.1:

- diff for urfave/cli: https://github.com/urfave/cli/compare/v1.22.0...v1.22.1
- diff for go-md2man: https://github.com/cpuguy83/go-md2man/compare/v1.0.10...v2.0.0
- diff for blackfriday: https://github.com/russross/blackfriday/compare/v1.5.2...v2.0.1

Also adds github.com/shurcooL/sanitized_anchor_name as a new dependency, which is
used by russross/blackfriday, but will be removed again in a future update (dependency
is already removed on the v2 branch through russross/blackfriday@919b1f5b9b

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-07-02 10:48:45 +02:00
Wei Fu
68b736ddfc cio: should not open fifo for stderr if terminal 
fix: #4342

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2020-07-02 11:49:31 +08:00
Akihiro Suda
468d4e1ccf
Merge pull request #4356 from estesp/actions-fixes 
Minor actions fixes/updates
 2020-07-02 12:25:53 +09:00
Phil Estes
57a9f0b50d
Minor actions fixes/updates 
- always apt-get update before installing packages
- move to tagged official create_release action

The official GH create_release action now has support for body text from
file.

Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
 2020-07-01 14:27:10 -04:00
Gaurav Singh
148cc8f713 [events] Fix deadlock in TestExchangeBasic 
Signed-off-by: Gaurav Singh <gaurav1086@gmail.com>
 2020-06-29 23:28:00 -04:00
Phil Estes
97a3f52c63
Merge pull request #4351 from cpuguy83/pull_mediatype_debug 
Change log for unknown mt to debug
 2020-06-29 16:05:19 -04:00
Brian Goff
aa191deff1 Change log for unknown mt to debug 
This log message shows up in the client's logs. For any media type that
the client doesn't know about it will wind up with a warning log.
Downgrade this to debug since it is more of a development concern.

We encountered this trying to fetch Docker plugins which has a media
type for plugin configs.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2020-06-29 11:21:21 -07:00
Phil Estes
45c28f56b2
Add ability to use remapper labels versus remapping snapshot helper 
A simple starting point for testing the remapper labels with
fuse-overlayfs snapshotter

Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
 2020-06-29 10:21:55 -04:00
Phil Estes
01a53c24b3
Merge pull request #4347 from Flowdalic/allow-rseq-seccomp 
seccomp: allow 'rseq' syscall in default seccomp profile
 2020-06-26 13:42:48 -04:00
Phil Estes
c76bf55047
Make unique snapshotter opt for label-assisted remapping 
Provide a snapshotter opt to add labels used by any supporting
snapshotter to handle user namespace filesystem remapping. Currently
supported by the fuse-overlayfs snapshotter, and others can use this
information as well.

Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
 2020-06-26 13:14:28 -04:00
Jie Hao Liao
331793118f
allow user namespace remapping using snapshotters 
Signed-off-by: Jie Hao Liao <liaojh1998@gmail.com>
 2020-06-26 12:44:43 -04:00
Florian Schmaus
e977564a8b seccomp: allow 'rseq' syscall in default seccomp profile 
Restartable Sequences (rseq) are a kernel-based mechanism for fast
update operations on per-core data in user-space. Some libraries, like
the newest version of Google's TCMalloc, depend on it [1].

This also makes dockers default seccomp profile on par with systemd's,
which enabled 'rseq' in early 2019 [2].

1: https://google.github.io/tcmalloc/design.html
2: systemd/systemd@6fee3be

Signed-off-by: Florian Schmaus <flo@geekplace.eu>
 2020-06-26 17:10:05 +02:00
Michael Crosby
c751807409
Merge pull request #4325 from c445/mountinfo-linux-double-quotes 
Cope with double quotes in Linux Mountinfo
 2020-06-24 15:47:39 -04:00
Michael Crosby
492c014136
Merge pull request #4340 from AkihiroSuda/fix-4312 
decrease log level of cgroup2 ToggleController error when running in UserNS
 2020-06-24 15:45:37 -04:00
Derek McGowan
1127ffc740
Merge pull request #4207 from deitch/doc-content 
describe content flow and dependencies
 2020-06-24 11:46:20 -07:00
Avi Deitcher
e7f069e2c3 describe content flow and dependencies 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2020-06-24 21:20:42 +03:00
Phil Estes
f85375bbbd
Merge pull request #4341 from thaJeztah/fix_cri_warnings 
Fix deprecation warnings in CRI tests due to missing unix:// scheme
 2020-06-24 10:31:40 -04:00
Sebastiaan van Stijn
b96f5f4b52
Fix deprecation warnings in CRI tests due to missing unix:// scheme 
[BeforeEach] [k8s.io] Security Context
      /home/runner/work/containerd/containerd/src/github.com/kubernetes-sigs/cri-tools/pkg/framework/framework.go:50
    W0624 12:26:28.532644   30569 util_unix.go:103] Using "/var/run/containerd/containerd.sock" as endpoint is deprecated, please consider using full url format "unix:///var/run/containerd/containerd.sock".
    W0624 12:26:28.532700   30569 util_unix.go:103] Using "/var/run/containerd/containerd.sock" as endpoint is deprecated, please consider using full url format "unix:///var/run/containerd/containerd.sock".

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-06-24 14:55:13 +02:00
Akihiro Suda
fd99b6566b
decrease log level of cgroup2 ToggleController error when running in UserNS 
Fix #4312

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2020-06-24 18:15:16 +09:00
Michael Crosby
c2f8011ff8
Merge pull request #4334 from AkihiroSuda/bbolt-1.3.5 
vendor: update bbolt to v1.3.5
 2020-06-23 13:23:43 -04:00
Wei Fu
e89500bcb0
Merge pull request #4333 from AkihiroSuda/golang-1.13.12 
Bump Golang 1.13.12
 2020-06-23 08:54:05 +08:00
Akihiro Suda
20b0e5b9d0
Merge pull request #4336 from dims/explicitly-fail-apparmor-when-not-running-on-linux 
Explicitly fail apparmor when not running on linux
 2020-06-23 02:59:00 +09:00
Davanum Srinivas
2b0a994ccc
explicitly fail apparmor when !linux 
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2020-06-22 12:54:09 -04:00
Akihiro Suda
bebfbab031
vendor: update bbolt to v1.3.5 
We had once updated bbolt from v1.3.3 to v1.3.4 in #4134,
but reverted to v1.3.3 in #4156 due to "fatal error: sweep increased
allocation count" (etcd-io/bbolt#214).

The issue was fixed in bbolt v1.3.5 (etcd-io/bbolt#220).

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2020-06-22 16:54:15 +09:00
Akihiro Suda
1a83f9a638
Bump Golang 1.13.12 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2020-06-22 16:49:31 +09:00
Johannes Frey
ee734e867a
Add test case with backticks 
Signed-off-by: Johannes Frey <me@johannes-frey.de>
 2020-06-18 08:37:31 +02:00
Akihiro Suda
bf672cccee
Merge pull request #4328 from thaJeztah/bump_x_text 
vendor: golang.org/x/text v0.3.3 (CVE-2020-14040)
 2020-06-18 00:14:24 +09:00
Phil Estes
fb80a49ec1
Merge pull request #4327 from AkihiroSuda/fix-4326 
shim v2 runc: propagate options.Root to Cleanup
 2020-06-17 09:23:53 -04:00
Sebastiaan van Stijn
ea06877696
vendor: golang.org/x/text v0.3.3 
full diff: 19e51611da...v0.3.3

includes a fix for [CVE-2020-14040][1]

[1]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14040

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-06-17 13:15:11 +02:00
Akihiro Suda
f1a469a035
shim v2 runc: propagate options.Root to Cleanup 
Previously shim v2 (`io.containerd.runc.{v1,v2}`) always used `/run/containerd/runc` as the runc root.

Fix #4326

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2020-06-17 19:06:36 +09:00
Phil Estes
49b0743c1c
Merge pull request #4324 from AkihiroSuda/fix-get-runtimeversion 
integration: assume TEST_RUNTIME to be io.containerd.runc.v2 by default
 2020-06-16 08:44:22 -04:00
Johannes Frey
8897e15203
Add more test cases with single quotes 
Signed-off-by: Johannes Frey <me@johannes-frey.de>
 2020-06-16 13:06:54 +02:00
Johannes Frey
cb91b1724d
Add testcase containing mountpoint with escaped backslash 
Signed-off-by: Johannes Frey <me@johannes-frey.de>
 2020-06-16 13:06:54 +02:00
Johannes Frey
87f9fdb065
Cope with double quotes in Linux Mountinfo 
Signed-off-by: Johannes Frey <me@johannes-frey.de>
 2020-06-16 13:06:36 +02:00
Akihiro Suda
4c49ff88c5
integration: assume TEST_RUNTIME to be io.containerd.runc.v2 by default 
containerd 1.4 uses io.containerd.runc.v2 as the default runtime for
both CRI and non-CRI. The test is updated to assume v2 shim by default.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2020-06-16 14:41:25 +09:00
Phil Estes
705b8527d4
Merge pull request #4323 from crosbymichael/cri-bump1.4x 
Bump CRI for 1.4x release
 2020-06-15 16:28:35 -04:00