containerd

Author	SHA1	Message	Date
Maksym Pavlenko	c78d526825	Merge pull request #9757 from containerd/dependabot/go_modules/github.com/klauspost/compress-1.17.6 build(deps): bump github.com/klauspost/compress from 1.17.5 to 1.17.6	2024-02-06 02:13:35 +00:00
Maksym Pavlenko	56e026bf70	Merge pull request #9760 from containerd/dependabot/go_modules/github.com/opencontainers/image-spec-1.1.0-rc6 build(deps): bump github.com/opencontainers/image-spec from 1.1.0-rc5 to 1.1.0-rc6	2024-02-06 02:12:55 +00:00
Maksym Pavlenko	a4ff0b3139	Merge pull request #9754 from mxpv/ttrpc_update Update TTRPC	2024-02-06 02:02:16 +00:00
dependabot[bot]	db437580bc	build(deps): bump github.com/opencontainers/image-spec Bumps [github.com/opencontainers/image-spec](https://github.com/opencontainers/image-spec) from 1.1.0-rc5 to 1.1.0-rc6. - [Release notes](https://github.com/opencontainers/image-spec/releases) - [Changelog](https://github.com/opencontainers/image-spec/blob/main/RELEASES.md) - [Commits](https://github.com/opencontainers/image-spec/compare/v1.1.0-rc5...v1.1.0-rc6) --- updated-dependencies: - dependency-name: github.com/opencontainers/image-spec dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-02-05 23:31:58 +00:00
dependabot[bot]	2c7d69530d	build(deps): bump github.com/klauspost/compress from 1.17.5 to 1.17.6 Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.5 to 1.17.6. - [Release notes](https://github.com/klauspost/compress/releases) - [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml) - [Commits](https://github.com/klauspost/compress/compare/v1.17.5...v1.17.6) --- updated-dependencies: - dependency-name: github.com/klauspost/compress dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-02-05 23:30:39 +00:00
Maksym Pavlenko	da1673f55d	Update vendor Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2024-02-05 11:48:16 -08:00
Maksym Pavlenko	047d42e901	Update ttrpc to v1.2.3 Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2024-02-05 11:48:04 -08:00
Kirtana Ashok	64e96c7d47	Update hcsshim to v0.12.0-rc.3 Signed-off-by: Kirtana Ashok <kiashok@microsoft.com>	2024-02-05 10:42:36 -08:00
Zoe	a9060cda4a	Support inject delay running with the old version (4.x) of strace for test case. Only the newer version of strace can support `--detach-on` options and set time duration with human readable string. In the 4.x version of strace, using `-b` to replace `--detach-on`, and injecting a delay with int usecs. Signed-off-by: Zoe <hi@zoe.im>	2024-02-05 21:27:41 +08:00
Anthony Nandaa	9ef94fe528	fix(docs): fix cp and add step to include binaries in the $env:Path This commit adds an extra (optional) step for the Windows installation/set-up to include the containerd binaries in the $env:Path so that later executions especially for `ctr.exe` if needed, do not require to specify the full path. It also further fixes the previous steps to be absolute and also work with re-installations and upgrades. Signed-off-by: Anthony Nandaa <profnandaa@gmail.com>	2024-02-05 11:41:45 +03:00
Fu Wei	f5e7fe0cb6	Merge pull request #9644 from abel-von/fix-sandbox-status sandbox: fix podsandbox recover status issue	2024-02-05 07:50:34 +00:00
Samuel Karp	0125a42fb5	Merge pull request #9729 from mxpv/duration Remove duplicated TOML duration parsers	2024-02-05 07:43:51 +00:00
Krisztian Litkey	fe24b918f6	pkg/nri, docs: enable NRI by default. Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>	2024-02-04 11:41:56 +02:00
Abel Feng	e230ed939c	sandbox: add sandbox recover ut and e2e test Signed-off-by: Abel Feng <fshb1988@gmail.com>	2024-02-04 11:55:46 +08:00
Abel Feng	3124964743	sandbox: fix recover status set issue We can't set the status to Ready before task.Wait succeed. Signed-off-by: Abel Feng <fshb1988@gmail.com>	2024-02-04 11:52:37 +08:00
Angelos Kolaitis	256637249b	Fix config import relative path glob Previously, resolveImports would apply a glob filter if the path contained any '*', or otherwise convert relative paths to absolute. This meant that it was impossible to specify globs with paths relative to the main config file. This commit first resolves relative to absolute paths, then applies the glob filter (if any). A test case is added to ensure that this now works as expected. Signed-off-by: Angelos Kolaitis <neoaggelos@gmail.com>	2024-02-03 21:03:11 +02:00
Akihiro Suda	6670695836	Revert "cri: make read-only mounts recursively read-only" Revert PR 9713, as it appeared to break the compatibility too much https://github.com/kubernetes/enhancements/pull/3858#issuecomment-1925441072 This reverts commit `b2f254fff0`. > Conflicts: > internal/cri/opts/spec_linux_opts.go Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2024-02-04 01:17:14 +09:00
Samuel Karp	96bf529cbf	Merge pull request #9742 from mxpv/envelope Move Message proto to types	2024-02-03 06:32:01 +00:00
Derek McGowan	a896610da1	Merge pull request #9718 from jsturtevant/transfer-service-windows Add a default differ for Windows that matches the snapshotter when using transfer service	2024-02-02 20:38:26 +00:00
Samuel Karp	1a39b91819	Merge pull request #9741 from mxpv/internal_cri Move CRI from pkg/ to internal/	2024-02-02 19:38:44 +00:00
Maksym Pavlenko	0facc85925	Fix proto formatting Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2024-02-02 10:35:23 -08:00
Maksym Pavlenko	7f2d2c4f44	Move Message proto to types Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2024-02-02 10:35:23 -08:00
Maksym Pavlenko	2875247338	Fix formatting after moving CRI Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2024-02-02 10:12:08 -08:00
Maksym Pavlenko	bbac058cf3	Move CRI from pkg/ to internal/ Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2024-02-02 10:12:08 -08:00
Derek McGowan	db1e16da34	Merge pull request #9730 from thockin/main CRI: An empty DNSConfig != unspecified	2024-02-02 17:32:45 +00:00
Tim Hockin	6e365e9250	CRI: An empty DNSConfig != unspecified If we find that DNSConfig is provided and empty (not nil), we should not replace it with the host's resolv.conf. Also adds tests. Signed-off-by: Tim Hockin <thockin@google.com>	2024-02-01 13:37:22 -08:00
Maksym Pavlenko	9340be717f	Remove duplicated TOML duration parsers Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2024-02-01 11:48:33 -08:00
Maksym Pavlenko	ac54047344	Merge pull request #9713 from AkihiroSuda/cri-rro cri: make read-only mounts recursively read-only	2024-02-01 18:30:25 +00:00
Akihiro Suda	b2f254fff0	cri: make read-only mounts recursively read-only Prior to this commit, `readOnly` volumes were not recursively read-only and could result in compromise of data; e.g., even if `/mnt` was mounted as read-only, its submounts such as `/mnt/usbstorage` were not read-only. This commit utilizes runc's "rro" bind mount option to make read-only bind mounts literally read-only. The "rro" bind mount options is implemented by calling `mount_setattr(2)` with `MOUNT_ATTR_RDONLY` and `AT_RECURSIVE`. The "rro" bind mount options requires kernel >= 5.12, with runc >= 1.1 or a compatible runtime such as crun >= 1.4. When the "rro" bind mount options is not available, containerd falls back to the legacy non-recursive read-only mounts by default. The behavior is configurable via `/etc/containerd/config.toml`: ```toml version = 2 [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] # treat_ro_mounts_as_rro ("Enabled"\|"IfPossible"\|"Disabled") # treats read-only mounts as recursive read-only mounts. # An empty string means "IfPossible". # "Enabled" requires Linux kernel v5.12 or later. # This configuration does not apply to non-volume mounts such as "/sys/fs/cgroup". treat_ro_mounts_as_rro = "" ``` Replaces: - kubernetes/enhancements issue 3857 - kubernetes/enhancements PR 3858 Note: this change does not affect non-CRI clients such as ctr, nerdctl, and Docker/Moby. RRO mounts have been supported since nerdctl v0.14 (containerd/nerdctl PR 511) and Docker v25 (moby/moby PR 45278). Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2024-02-01 09:39:36 +09:00
Akihiro Suda	0dbe758833	Merge pull request #9716 from AkihiroSuda/rocky8.9 CI: update Rocky Linux to 8.9	2024-01-31 21:28:05 +00:00
Akihiro Suda	cde08a4ff8	Merge pull request #9715 from AkihiroSuda/crun-1.14 CI: bump up crun to 1.14	2024-01-31 21:11:28 +00:00
Akihiro Suda	7ab553369f	Merge pull request #9722 from dmcgowan/update-runc-1.1.12 Update runc binary to v1.1.12	2024-01-31 21:10:57 +00:00
Akihiro Suda	27706ca4dc	Merge pull request #9721 from imba-tjd/patch-1 docs: fix typo	2024-01-31 21:10:36 +00:00
James Sturtevant	f74e5ce7e6	Move differ default to its own file Signed-off-by: James Sturtevant <jsturtevant@gmail.com>	2024-01-31 09:54:27 -08:00
Derek McGowan	82fb589ffb	Update runc binary to v1.1.12 Update the runc binary, which includes a fix for [CVE-2024-21626]. - release notes: https://github.com/opencontainers/runc/releases/tag/v1.1.12 - full diff: https://github.com/opencontainers/runc/compare/v1.1.11...v1.1.12 [CVE-2024-21626]: https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv Signed-off-by: Derek McGowan <derek@mcg.dev>	2024-01-31 09:31:59 -08:00
谭九鼎	87a9835f16	docs: fix typo Signed-off-by: 谭九鼎 <109224573@qq.com>	2024-01-31 21:37:48 +08:00
James Sturtevant	81409e9373	Add a default differ that matches the snapshotter Signed-off-by: James Sturtevant <jsturtevant@gmail.com>	2024-01-30 14:34:58 -08:00
Akihiro Suda	93573f5cf3	Merge pull request #9714 from AkihiroSuda/rm-docs-cri-installation.md rm docs/cri/installation.md	2024-01-30 20:57:37 +00:00
Akihiro Suda	2369185aac	CI: update Rocky Linux to 8.9 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2024-01-31 05:56:46 +09:00
Akihiro Suda	d8460a702a	CI: bump up crun to 1.14 Changes: - https://github.com/containers/crun/releases/tag/1.13 - https://github.com/containers/crun/releases/tag/1.14 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2024-01-31 05:16:16 +09:00
Akihiro Suda	ebbce74230	rm docs/cri/installation.md The file was replaced with the "Please update your bookmark" page on Apr 1, 2022 (PR 6758). Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2024-01-31 05:04:54 +09:00
Akihiro Suda	d58ec0b1ef	Merge pull request #9710 from containerd/dependabot/go_modules/github.com/google/uuid-1.6.0 build(deps): bump github.com/google/uuid from 1.5.0 to 1.6.0	2024-01-30 19:51:39 +00:00
Akihiro Suda	4e34612df7	Merge pull request #9709 from containerd/dependabot/go_modules/google.golang.org/grpc-1.61.0 build(deps): bump google.golang.org/grpc from 1.60.1 to 1.61.0	2024-01-30 19:51:21 +00:00
Phil Estes	b537ed7436	Merge pull request #9711 from containerd/dependabot/go_modules/github.com/klauspost/compress-1.17.5 build(deps): bump github.com/klauspost/compress from 1.17.4 to 1.17.5	2024-01-30 14:19:32 +00:00
Akihiro Suda	728b45d5c2	Merge pull request #9708 from containerd/dependabot/go_modules/github.com/containerd/plugin-0.1.0 build(deps): bump github.com/containerd/plugin from 0.0.0-20231101173250-7ec69893e1e7 to 0.1.0	2024-01-30 13:23:14 +00:00
Maksym Pavlenko	d558f889ca	Merge pull request #9706 from containerd/dependabot/github_actions/lycheeverse/lychee-action-1.9.3 build(deps): bump lycheeverse/lychee-action from 1.9.1 to 1.9.3	2024-01-30 04:26:37 +00:00
dependabot[bot]	49d5cc7f96	build(deps): bump github.com/klauspost/compress from 1.17.4 to 1.17.5 Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.4 to 1.17.5. - [Release notes](https://github.com/klauspost/compress/releases) - [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml) - [Commits](https://github.com/klauspost/compress/compare/v1.17.4...v1.17.5) --- updated-dependencies: - dependency-name: github.com/klauspost/compress dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-29 23:48:00 +00:00
dependabot[bot]	4d33170ea8	build(deps): bump github.com/google/uuid from 1.5.0 to 1.6.0 Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.5.0 to 1.6.0. - [Release notes](https://github.com/google/uuid/releases) - [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md) - [Commits](https://github.com/google/uuid/compare/v1.5.0...v1.6.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-29 23:47:01 +00:00
dependabot[bot]	3a5b47d736	build(deps): bump google.golang.org/grpc from 1.60.1 to 1.61.0 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.60.1 to 1.61.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.60.1...v1.61.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-29 23:46:49 +00:00
dependabot[bot]	9a983caad1	build(deps): bump github.com/containerd/plugin Bumps [github.com/containerd/plugin](https://github.com/containerd/plugin) from 0.0.0-20231101173250-7ec69893e1e7 to 0.1.0. - [Release notes](https://github.com/containerd/plugin/releases) - [Commits](https://github.com/containerd/plugin/commits/v0.1.0) --- updated-dependencies: - dependency-name: github.com/containerd/plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-29 23:46:33 +00:00

1 2 3 4 5 ...

13542 Commits