Jaroslav Jindrak
9d328410a5
shim: Create pid-file with 0644 permissions
...
Fixes ae7021300
In ae7021300 the WritePidFile and WriteAddress functions were
changed to use AtomicFile instead of os.CreateFile. However,
AtomicFile creates a temporary file and then changes its permissions
with os.Chmod which alters the previously observed behavior of
os.CreateFile which takes the system's umask into account.
This means that on Linux-based systems these files suddenly
became world writable (#9363 ). The address file has since been
removed, but pid-file was still created as world writable. This
commit explicitly requests 0644 permissions as even on systems
without default umask of 0022 there is no reason to have these
two files world writable.
Signed-off-by: Jaroslav Jindrak <dzejrou@gmail.com>
2023-12-23 21:42:51 +01:00
Phil Estes
e5e7f613cf
Merge pull request #9514 from containerd/dependabot/github_actions/actions/upload-artifact-3
...
build(deps): bump actions/upload-artifact from 1 to 3
2023-12-14 14:56:55 +00:00
Phil Estes
aaf41a827a
Merge pull request #9533 from containerd/dependabot/github_actions/docker/setup-buildx-action-3
...
build(deps): bump docker/setup-buildx-action from 2 to 3
2023-12-14 14:56:23 +00:00
Phil Estes
ee881146f0
Merge pull request #9534 from containerd/dependabot/github_actions/github/codeql-action-3
...
build(deps): bump github/codeql-action from 2 to 3
2023-12-14 14:55:52 +00:00
Phil Estes
14e851ecc7
Merge pull request #9538 from containerd/dependabot/go_modules/github.com/Microsoft/hcsshim-0.12.0-rc.1
...
build(deps): bump github.com/Microsoft/hcsshim from 0.12.0-rc.0 to 0.12.0-rc.1
2023-12-14 14:55:21 +00:00
dependabot[bot]
1c96087ce7
build(deps): bump github.com/Microsoft/hcsshim
...
Bumps [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim ) from 0.12.0-rc.0 to 0.12.0-rc.1.
- [Release notes](https://github.com/Microsoft/hcsshim/releases )
- [Commits](https://github.com/Microsoft/hcsshim/compare/v0.12.0-rc.0...v0.12.0-rc.1 )
---
updated-dependencies:
- dependency-name: github.com/Microsoft/hcsshim
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-14 03:37:06 +00:00
dependabot[bot]
f9303d04de
build(deps): bump github/codeql-action from 2 to 3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-14 03:34:30 +00:00
dependabot[bot]
4c1ebe33bd
build(deps): bump docker/setup-buildx-action from 2 to 3
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 2 to 3.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-14 03:34:15 +00:00
Fu Wei
a901236bf0
Merge pull request #9532 from AkihiroSuda/dependabot
...
dependabot: enable groups
2023-12-14 02:58:39 +00:00
Akihiro Suda
98796a4da8
Merge pull request #9526 from containerd/dependabot/go_modules/github.com/moby/sys/mountinfo-0.7.1
...
build(deps): bump github.com/moby/sys/mountinfo from 0.6.2 to 0.7.1
2023-12-14 00:52:13 +00:00
Akihiro Suda
51fd1d47e6
dependabot: enable groups
...
See https://github.blog/changelog/2023-06-30-grouped-version-updates-for-dependabot-public-beta/
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2023-12-14 09:38:44 +09:00
Akihiro Suda
2196327f55
Merge pull request #9525 from containerd/dependabot/go_modules/k8s.io/component-base-0.28.4
...
build(deps): bump k8s.io/component-base from 0.28.2 to 0.28.4
2023-12-13 22:59:43 +00:00
dependabot[bot]
4a71a93604
build(deps): bump github.com/moby/sys/mountinfo from 0.6.2 to 0.7.1
...
Bumps [github.com/moby/sys/mountinfo](https://github.com/moby/sys ) from 0.6.2 to 0.7.1.
- [Release notes](https://github.com/moby/sys/releases )
- [Commits](https://github.com/moby/sys/compare/mountinfo/v0.6.2...mountinfo/v0.7.1 )
---
updated-dependencies:
- dependency-name: github.com/moby/sys/mountinfo
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 17:40:31 +00:00
Akihiro Suda
ff6324c953
Merge pull request #9527 from containerd/dependabot/go_modules/golang.org/x/mod-0.14.0
...
build(deps): bump golang.org/x/mod from 0.13.0 to 0.14.0
2023-12-13 16:50:40 +00:00
Phil Estes
73167c07a7
Merge pull request #9523 from containerd/dependabot/go_modules/github.com/klauspost/compress-1.17.4
...
build(deps): bump github.com/klauspost/compress from 1.17.2 to 1.17.4
2023-12-13 16:42:38 +00:00
dependabot[bot]
344fe957f4
build(deps): bump golang.org/x/mod from 0.13.0 to 0.14.0
...
Bumps [golang.org/x/mod](https://github.com/golang/mod ) from 0.13.0 to 0.14.0.
- [Commits](https://github.com/golang/mod/compare/v0.13.0...v0.14.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/mod
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 16:14:48 +00:00
Akihiro Suda
308839d23a
Merge pull request #9521 from containerd/dependabot/go_modules/golang.org/x/sync-0.5.0
...
build(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0
2023-12-13 15:07:04 +00:00
Phil Estes
565cc91657
Merge pull request #9494 from rumpl/fix-append-additonal-groups
...
WithAppendAdditionalGroups: better /etc/group handling
2023-12-13 14:59:58 +00:00
Fu Wei
9f17ed6771
Merge pull request #9522 from containerd/dependabot/go_modules/go.etcd.io/bbolt-1.3.8
...
build(deps): bump go.etcd.io/bbolt from 1.3.7 to 1.3.8
2023-12-13 13:50:01 +00:00
Akihiro Suda
614395ce65
Merge pull request #9513 from containerd/dependabot/github_actions/ossf/scorecard-action-2.3.1
...
build(deps): bump ossf/scorecard-action from 2.0.3 to 2.3.1
2023-12-13 12:33:03 +00:00
Akihiro Suda
93e3a50420
Merge pull request #9511 from containerd/dependabot/github_actions/google-github-actions/auth-2
...
build(deps): bump google-github-actions/auth from 0 to 2
2023-12-13 05:52:48 +00:00
Akihiro Suda
47b18765b2
Merge pull request #9509 from containerd/dependabot/github_actions/google-github-actions/upload-cloud-storage-1.0.3
...
build(deps): bump google-github-actions/upload-cloud-storage from 0.10.4 to 1.0.3
2023-12-13 05:12:31 +00:00
Akihiro Suda
e66b912048
Merge pull request #9517 from containerd/dependabot/github_actions/actions/stale-9
...
build(deps): bump actions/stale from 8 to 9
2023-12-13 05:11:26 +00:00
Akihiro Suda
fd163893bc
Merge pull request #9512 from containerd/dependabot/github_actions/crazy-max/ghaction-github-runtime-3
...
build(deps): bump crazy-max/ghaction-github-runtime from 2 to 3
2023-12-13 05:01:40 +00:00
Akihiro Suda
43bcea89a7
Merge pull request #9515 from containerd/dependabot/github_actions/actions/github-script-7
...
build(deps): bump actions/github-script from 6 to 7
2023-12-13 04:46:10 +00:00
Akihiro Suda
d9eeec3bd0
Merge pull request #9516 from containerd/dependabot/github_actions/docker/login-action-3
...
build(deps): bump docker/login-action from 2 to 3
2023-12-13 04:45:49 +00:00
Akihiro Suda
32ad372706
Merge pull request #9510 from containerd/dependabot/github_actions/actions/setup-go-5
...
build(deps): bump actions/setup-go from 3 to 5
2023-12-13 04:14:25 +00:00
Akihiro Suda
5f38d64f2a
Merge pull request #9508 from containerd/dependabot/github_actions/actions/checkout-4
...
build(deps): bump actions/checkout from 3 to 4
2023-12-13 03:52:59 +00:00
dependabot[bot]
6726a2aebf
build(deps): bump k8s.io/component-base from 0.28.2 to 0.28.4
...
Bumps [k8s.io/component-base](https://github.com/kubernetes/component-base ) from 0.28.2 to 0.28.4.
- [Commits](https://github.com/kubernetes/component-base/compare/v0.28.2...v0.28.4 )
---
updated-dependencies:
- dependency-name: k8s.io/component-base
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 00:26:34 +00:00
dependabot[bot]
0c98f10631
build(deps): bump github.com/klauspost/compress from 1.17.2 to 1.17.4
...
Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress ) from 1.17.2 to 1.17.4.
- [Release notes](https://github.com/klauspost/compress/releases )
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml )
- [Commits](https://github.com/klauspost/compress/compare/v1.17.2...v1.17.4 )
---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 00:25:20 +00:00
dependabot[bot]
39ba0347ee
build(deps): bump go.etcd.io/bbolt from 1.3.7 to 1.3.8
...
Bumps [go.etcd.io/bbolt](https://github.com/etcd-io/bbolt ) from 1.3.7 to 1.3.8.
- [Release notes](https://github.com/etcd-io/bbolt/releases )
- [Commits](https://github.com/etcd-io/bbolt/compare/v1.3.7...v1.3.8 )
---
updated-dependencies:
- dependency-name: go.etcd.io/bbolt
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 00:24:42 +00:00
dependabot[bot]
db43e3d1f7
build(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0
...
Bumps [golang.org/x/sync](https://github.com/golang/sync ) from 0.4.0 to 0.5.0.
- [Commits](https://github.com/golang/sync/compare/v0.4.0...v0.5.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/sync
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 00:24:20 +00:00
dependabot[bot]
4660090baf
build(deps): bump actions/stale from 8 to 9
...
Bumps [actions/stale](https://github.com/actions/stale ) from 8 to 9.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v8...v9 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 00:21:03 +00:00
dependabot[bot]
ace8ab1bd6
build(deps): bump docker/login-action from 2 to 3
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 00:21:01 +00:00
dependabot[bot]
0b94716e82
build(deps): bump actions/github-script from 6 to 7
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6 to 7.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 00:20:55 +00:00
dependabot[bot]
9133ad811d
build(deps): bump actions/upload-artifact from 1 to 3
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 1 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v1...v3 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 00:20:47 +00:00
dependabot[bot]
c1823a7c6b
build(deps): bump ossf/scorecard-action from 2.0.3 to 2.3.1
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.0.3 to 2.3.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](865b409285...0864cf1902
)
---
updated-dependencies:
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 00:20:41 +00:00
dependabot[bot]
36b12cbcbb
build(deps): bump crazy-max/ghaction-github-runtime from 2 to 3
...
Bumps [crazy-max/ghaction-github-runtime](https://github.com/crazy-max/ghaction-github-runtime ) from 2 to 3.
- [Release notes](https://github.com/crazy-max/ghaction-github-runtime/releases )
- [Commits](https://github.com/crazy-max/ghaction-github-runtime/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: crazy-max/ghaction-github-runtime
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 00:20:36 +00:00
dependabot[bot]
dc5a6cfaef
build(deps): bump google-github-actions/auth from 0 to 2
...
Bumps [google-github-actions/auth](https://github.com/google-github-actions/auth ) from 0 to 2.
- [Release notes](https://github.com/google-github-actions/auth/releases )
- [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md )
- [Commits](https://github.com/google-github-actions/auth/compare/v0...v2 )
---
updated-dependencies:
- dependency-name: google-github-actions/auth
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 00:20:31 +00:00
dependabot[bot]
f6a9c69665
build(deps): bump actions/setup-go from 3 to 5
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3 to 5.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v3...v5 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 00:20:26 +00:00
dependabot[bot]
e27ea7d1ad
build(deps): bump google-github-actions/upload-cloud-storage
...
Bumps [google-github-actions/upload-cloud-storage](https://github.com/google-github-actions/upload-cloud-storage ) from 0.10.4 to 1.0.3.
- [Release notes](https://github.com/google-github-actions/upload-cloud-storage/releases )
- [Changelog](https://github.com/google-github-actions/upload-cloud-storage/blob/main/CHANGELOG.md )
- [Commits](https://github.com/google-github-actions/upload-cloud-storage/compare/v0.10.4...v1.0.3 )
---
updated-dependencies:
- dependency-name: google-github-actions/upload-cloud-storage
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 00:20:20 +00:00
dependabot[bot]
3ca95282ea
build(deps): bump actions/checkout from 3 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-13 00:20:14 +00:00
Derek McGowan
c0e94bc9a8
Merge pull request #9492 from kiashok/moveCriConfig
...
Move GenerateRuntimeOptions() to pkg/cri/config
2023-12-13 00:13:46 +00:00
Maksym Pavlenko
8f1479132f
Merge pull request #9504 from AkihiroSuda/dependabot
...
CI: enable dependabot
2023-12-12 23:41:52 +00:00
Samuel Karp
edcbc508b6
Merge pull request #9496 from mxpv/links
...
Add nighly job to verify doc links (and fix broken links)
2023-12-12 23:04:50 +00:00
Phil Estes
35c125b2dd
Merge pull request #9503 from ktock/go-toml-2.1.1
...
go.mod: Bump up github.com/pelletier/go-toml to v2.1.1
2023-12-12 21:25:14 +00:00
Derek McGowan
1feb23465f
Merge pull request #9401 from fuweid/v2-mode
...
*: introduce image_pull_with_sync_fs in CRI
2023-12-12 14:34:44 +00:00
Djordje Lukic
1398186ca7
WithAppendAdditionalGroups: better /etc/group handling
...
Scratch images don't necessarily have the /etc/group file, so we shouldn't
fail if opening/parsing it is not needed: if all the group to add are numeric.
Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
2023-12-12 15:24:41 +01:00
Akihiro Suda
5a140dca5e
CI: enable dependabot
...
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2023-12-12 18:46:07 +09:00
Kohei Tokunaga
c1197995b9
go.mod: Bump up github.com/pelletier/go-toml to v2.1.1
...
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
2023-12-12 14:28:55 +09:00