containerd

Author	SHA1	Message	Date
Bjorn Neergaard	79acce4621	integration: use mediatype helpers Signed-off-by: Bjorn Neergaard <bjorn.neergaard@docker.com>	2023-09-27 13:12:54 -06:00
Sebastiaan van Stijn	4b1bb1293e	remove github.com/opencontainers/runc dependency This migrates uses of github.com/opencontainers/runc/libcontainer/user to the new github.com/moby/sys/user module, which was extracted from runc at commit [opencontainers/runc@a3a0ec48c4]. This is the initial release of the module, which is a straight copy, but some changes may be made in the next release (such as fixing camel-casing in some fields and functions (Uid -> UID). [opencontainers/runc@a3a0ec48c4]: `a3a0ec48c4` Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2023-09-27 17:34:28 +02:00
Derek McGowan	4c344f2fa5	Add warning for plugin configs with unknown fields Signed-off-by: Derek McGowan <derek@mcg.dev>	2023-09-25 16:09:15 -07:00
Derek McGowan	650148313c	Add warning log for unknown config fields Add error log for failure to parse toml Signed-off-by: Derek McGowan <derek@mcg.dev>	2023-09-24 20:50:54 -07:00
Derek McGowan	b5615caf11	Update go-toml to v2 Updates host file parsing to use new v2 method rather than the removed toml.Tree. Signed-off-by: Derek McGowan <derek@mcg.dev>	2023-09-22 15:35:12 -07:00
Derek McGowan	2f1b92710a	Update zfs library to use new log repository Signed-off-by: Derek McGowan <derek@mcg.dev>	2023-09-22 07:53:23 -07:00
Derek McGowan	508aa3a1ef	Move to use github.com/containerd/log Add github.com/containerd/log to go.mod Signed-off-by: Derek McGowan <derek@mcg.dev>	2023-09-22 07:53:23 -07:00
Sebastiaan van Stijn	d69ae811d6	alias log package to github.com/containerd/log v0.1.0 This "soft" deprecates the package, but keeps the local uses of the package, which can make backporting this to release-branches easier (we can still move all uses in those branches as well though). Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2023-09-19 08:44:10 +02:00
Sebastiaan van Stijn	8cbb4ea5d3	vendor: github.com/containerd/nri v0.5.0 This version no longer has a dependency on containerd, cutting down the number of circular dependencies. full diff: https://github.com/containerd/nri/compare/v0.4.0...v0.5.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2023-09-16 10:40:21 +02:00
Fu Wei	fe17f65159	Merge pull request #8287 from kinvolk/rata/userns-stateless-idmap Add support for userns in stateless and stateful pods with idmap mounts (KEP-127, k8s >= 1.27)	2023-09-14 18:14:02 +08:00
Rodrigo Campos	2e13d39546	pkg/process: Only use idmap mounts if runc supports it runc, as mandated by the runtime-spec, ignores unknown fields in the config.json. This is unfortunate for cases where we _must_ enable that feature or fail. For example, if we want to start a container with user namespaces and volumes, using the uidMappings/gidMappings field is needed so the UID/GIDs in the volume don't end up with garbage. However, if we don't fail when runc will ignore these fields (because they are unknown to runc), we will just start a container without using the mappings and the UID/GIDs the container will persist to volumes the hostUID/GID, that can change if the container is re-scheduled by Kubernetes. This will end up in volumes having "garbage" and unmapped UIDs that the container can no longer change. So, let's avoid this entirely by just checking that runc supports idmap mounts if the container we are about to create needs them. Please note that the "runc features" subcommand is only run when we are using idmap mounts. If idmap mounts are not used, the subcommand is not run and therefore this should not affect containers that don't use idmap mounts in any way. Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>	2023-09-13 16:44:54 +02:00
Rodrigo Campos	fce1b95076	go.mod: Update runtime spec to include features.MountExtensions Future patches will use that field. Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>	2023-09-13 16:44:54 +02:00
Rodrigo Campos	e832605a80	integration: Simplify WithVolumeMount() Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>	2023-09-13 16:44:54 +02:00
Rodrigo Campos	24aa808fe2	integration: Add userns test with volumes Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>	2023-09-13 16:44:54 +02:00
Phil Estes	0f52935a53	Merge pull request #9088 from samuelkarp/nri vendor: update github.com/containerd/nri@v0.4.0	2023-09-13 10:26:02 -04:00
Samuel Karp	39804bc3f0	Merge pull request #8909 from liggitt/fieldmask	2023-09-13 00:33:44 -07:00
Samuel Karp	9656b8c0d0	nri: update mock plugin handlers Signed-off-by: Samuel Karp <samuelkarp@google.com>	2023-09-12 17:51:27 -07:00
Samuel Karp	6f9de91efc	vendor: update github.com/containerd/nri@v0.4.0 Signed-off-by: Samuel Karp <samuelkarp@google.com>	2023-09-12 16:41:05 -07:00
Sebastiaan van Stijn	05093d7c07	vendor: github.com/cncf-tags/container-device-interface v0.6.1 Removes uses of the github.com/opencontainers/runc/libcontainer/devices package. full diff: https://github.com/cncf-tags/container-device-interface/compare/v0.6.0...v0.6.1 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2023-09-08 13:53:43 +02:00
Jordan Liggitt	55b2df560f	go.mod: github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.2 Signed-off-by: Jordan Liggitt <liggitt@google.com>	2023-09-07 16:53:10 -04:00
Derek McGowan	b11439fc4b	Merge pull request #9034 from thaJeztah/replace_reference replace reference/docker for github.com/distribution/reference v0.5.0	2023-09-05 06:52:29 -07:00
Akihiro Suda	0ee2433c94	Merge pull request #5890 from artqzn/idmapped_mounts RFC: Initial support of idmapped mount points	2023-09-05 20:41:05 +09:00
Akihiro Suda	e30a40eb65	Merge pull request #9016 from djdongjin/remove-most-logrus Remove most logrus import	2023-09-05 16:09:12 +09:00
Ilya Hanov	9d01ed1c32	integration: add test for idmapped mounts Signed-off-by: Alexey Perevalov <alexey.perevalov@huawei.com> Signed-off-by: Ilya Hanov <ilya.hanov@huawei-partners.com>	2023-09-05 01:23:30 +03:00
Sebastiaan van Stijn	9bc6441c21	vendor: github.com/google/uuid v1.3.1 Contains some performance improvements: full diff: https://github.com/google/uuid/compare/v1.3.0...v1.3.1 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2023-09-01 11:49:50 +02:00
Sebastiaan van Stijn	4923470902	replace reference/docker for github.com/distribution/reference v0.5.0 The reference/docker package was a fork of github.com/distribution/distribution, which could not easily be used as a direct dependency, as it brought many other dependencies with it. The "reference' package has now moved to a separate repository, which means we can replace the local fork, and use the upstream implementation again. The new module was extracted from the distribution repository at commit: `b9b19409cf` Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2023-08-31 15:54:50 +02:00
Kirtana Ashok	fd5d92a7f5	Update hcsshim tag versioning to v0.12.0-rc.0 hcsshim tags v0.10.* is deprecated, so using the new v0.12.0-rc.* versioning for hcsshim tags on containerd/main Signed-off-by: Kirtana Ashok <kiashok@microsoft.com>	2023-08-29 17:41:20 -07:00
Jin Dong	fc45365fa1	Remove most logrus Signed-off-by: Jin Dong <jin.dong@databricks.com>	2023-08-26 14:31:53 -04:00
Akihiro Suda	490905be6f	go.mod: github.com/containerd/continuity v0.4.2 https://github.com/containerd/continuity/compare/1e0d26eb2381...v0.4.2 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-08-25 16:39:55 +09:00
Akihiro Suda	f48bbef193	Merge pull request #8994 from mxpv/cri Use sandboxed CRI by default	2023-08-24 13:42:58 +09:00
Maksym Pavlenko	c3f3cad287	Use sandboxed CRI by default Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2023-08-23 08:50:40 -07:00
Sebastiaan van Stijn	b76cd4d9fd	replace some fmt.Sprintfs with strconv Teeny-tiny optimizations: BenchmarkSprintf-10 37735996 32.31 ns/op 0 B/op 0 allocs/op BenchmarkItoa-10 591945836 2.031 ns/op 0 B/op 0 allocs/op BenchmarkFormatUint-10 593701444 2.014 ns/op 0 B/op 0 allocs/op Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2023-08-23 16:43:02 +02:00
James Sturtevant	8399a4ee71	Remove temporary replace Signed-off-by: James Sturtevant <jstur@microsoft.com>	2023-08-21 16:29:18 +00:00
Derek McGowan	465c04c289	Merge pull request #8946 from lengrongfu/feat/bump-client-go bump client-go v0.26.4	2023-08-18 16:35:24 -07:00
Samuel Karp	3b32d3c6f2	Merge pull request #8922 from lengrongfu/feat/sync-image-action feat: replace mcr.microsoft.com registry to ghcr.io/containerd registry	2023-08-17 00:59:46 -07:00
Fu Wei	ba852faf41	Merge pull request #8954 from fuweid/fix-shim-leak	2023-08-17 08:16:20 +08:00
Akihiro Suda	f35d1f08ec	go.mod: github.com/opencontainers/runc v1.1.9 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-08-11 21:25:29 +09:00
Wei Fu	601699a184	integration: add ShouldRetryShutdown case based on #7496 Since the moby/moby can't handle duplicate exit event well, it's hard for containerd to retry shutdown if there is error, like context canceled. In order to prevent from regression like #4769, I add skipped integration case as TODO item and we should rethink about how to handle the task/shim lifecycle. Signed-off-by: Wei Fu <fuweid89@gmail.com>	2023-08-11 17:43:51 +08:00
Wei Fu	5bdd9ca938	integration: add case to reproduce #7496 Signed-off-by: Wei Fu <fuweid89@gmail.com>	2023-08-11 17:41:04 +08:00
rongfu.leng	b451fa96a6	bump client-go v0.26.4 Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>	2023-08-11 00:30:03 +08:00
Kirtana Ashok	e7e5619fed	Update hcsshim tag to v0.10.0 Signed-off-by: Kirtana Ashok <kiashok@microsoft.com>	2023-08-09 11:55:54 -07:00
rongfu.leng	4f3c8c4687	replace mcr.microsoft.com registry to ghcr.io/containerd registry Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>	2023-08-06 21:14:07 +08:00
Fu Wei	2b2195c36b	Merge pull request #8722 from marquiz/devel/cgroup-driver-autoconfig cri: implement RuntimeConfig rpc	2023-08-04 16:09:34 +08:00
Rodrigo Campos	2d64ab8d79	cri: Don't use rel path for image volumes Runc 1.1 throws a warning when using rel destination paths, and runc 1.2 is planning to thow an error (i.e. won't start the container). Let's just make this an abs path in the only place it might not be: the mounts created due to `VOLUME` directives in the Dockerfile. Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>	2023-07-31 12:33:54 +02:00
Iceber Gu	7f7ba31b64	cri: fix using the pinned label to pin image Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>	2023-07-26 12:26:00 +08:00
Markus Lehtonen	850b2e1bf3	go.mod: update cri-api to v1.28.0-beta.0 Required to support upcoming Kubernetes (v1.28) features. Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com>	2023-07-24 14:49:14 +03:00
Akihiro Suda	bc96b9039a	go.mod: github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0 `5330a85ea6...8075edf89b` Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-07-23 03:08:01 +09:00
Akihiro Suda	da27408854	go.mod: google.golang.org/genproto v0.0.0-20230720185612-659f7aaaa771 `ccb25ca9f1...659f7aaaa7` Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-07-23 03:08:01 +09:00
Akihiro Suda	73dc13ad62	go.mod: github.com/urfave/cli/compare v1.22.14 https://github.com/urfave/cli/compare/v1.22.13...v1.22.14 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-07-23 03:08:00 +09:00
Akihiro Suda	1c4fc568b1	go.mod: github.com/prometheus/client_golang/compare v1.16.0 https://github.com/prometheus/client_golang/compare/v1.14.0...v1.16.0 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-07-23 03:08:00 +09:00
Akihiro Suda	68abb525a5	go.mod: github.com/minio/sha256-simd v1.0.1 https://github.com/minio/sha256-simd/compare/v1.0.0...v1.0.1 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-07-23 03:08:00 +09:00
Akihiro Suda	1f2216cc78	go.mod: github.com/klauspost/compress v1.16.7 https://github.com/imdario/mergo/compare/v0.3.13...v1.0.0 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-07-23 03:08:00 +09:00
Akihiro Suda	3c6ab04203	go.mod: dario.cat/mergo v1.0.0 https://github.com/imdario/mergo/compare/v0.3.13...v1.0.0 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-07-23 03:08:00 +09:00
Akihiro Suda	4bda0a69e2	go.mod: github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 https://github.com/grpc-ecosystem/go-grpc-middleware/compare/v1.3.0...v1.4.0 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-07-23 03:07:59 +09:00
Akihiro Suda	0f033b6125	go.mod: github.com/emicklei/go-restful/v3 v3.10.2 https://github.com/emicklei/go-restful/compare/v3.10.1...v3.10.2 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-07-23 03:07:59 +09:00
Akihiro Suda	90e050298c	go.mod: github.com/containernetworking/plugin v1.3.0 https://github.com/containernetworking/plugins/compare/v1.2.0...v1.3.0 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-07-23 03:07:59 +09:00
Akihiro Suda	0498acefb9	go.mod: github.com/.../container-device-interface v0.6.0 https://github.com/container-orchestrated-devices/container-device-interface/compare/v0.5.4...v0.6.0 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-07-23 03:07:59 +09:00
Akihiro Suda	74b8cb850a	go.mod: github.com/opencontainers/runc v1.1.8 https://github.com/opencontainers/runc/compare/v1.1.7...v1.1.8 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-07-23 03:07:59 +09:00
Akihiro Suda	895dd2e93b	go.mod: github.com/opencontainers/image-spec v1.1.0-rc4 https://github.com/opencontainers/image-spec/compare/v1.1.0-rc3...v1.1.0-rc4 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-07-23 03:07:58 +09:00
Akihiro Suda	235a4452df	go.mod: github.com/opencontainers/runtime-spec v1.1.0 https://github.com/opencontainers/runtime-spec/compare/v1.1.0-rc.2...v1.1.0 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-07-23 03:07:58 +09:00
Maksym Pavlenko	8dcc06d14a	Merge pull request #8747 from Iceber/shim_ttrpc_service shim: change ttrpcService and ttrpcServerOptioner to exported interfaces	2023-07-18 17:12:22 -07:00
Kirtana Ashok	56d80f81a2	Update hcsshim tag to v0.10.0-rc.9 Signed-off-by: Kirtana Ashok <kiashok@microsoft.com>	2023-07-17 10:28:47 -07:00
Phil Estes	a94918b591	Merge pull request #8803 from kinvolk/rata/userns-sbserver cri/sbserver: Add support for user namespaces (KEP-127)	2023-07-17 10:57:01 -04:00
Phil Estes	34b1653e95	Merge pull request #8780 from slonopotamus/uncopypaste-read-spec Uncopypaste parsing of OCI Bundle spec file	2023-07-11 09:53:00 -04:00
Rodrigo Campos	48cdf1fe2c	integration: Enable userns tests for sbserver Now we ported support to sbserver, let's enable the e2e tests there too. Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>	2023-07-11 15:15:25 +02:00
Marat Radchenko	9e34b8b441	Uncopypaste parsing of OCI Bundle spec file Signed-off-by: Marat Radchenko <marat@slonopotamus.org>	2023-07-11 14:41:15 +03:00
Sebastiaan van Stijn	05fef52b68	vendor: github.com/containerd/zfs v1.1.0 - update github.com/mistifyio/go-zfs dependency to github.com/mistifyio/go-zfs/v3, which contains various bugfixes, and adds go module support (which required a major version update): https://github.com/mistifyio/go-zfs/compare/f784269be439...v3.0.1 - remove github.com/pkg/errors dependency - various minor cleanups/fixes Full diff: https://github.com/containerd/zfs/compare/v1.0.0...v1.1.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2023-07-06 11:56:07 +02:00
Iceber Gu	00e5ae2118	shim: change ttrpcService and ttrpcServerOptioner to exported interfaces Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>	2023-07-06 00:36:43 +08:00
Fu Wei	fec3191abc	Merge pull request #8755 from dcantah/withbytesbuffers-chg integration/client: Rework withBytesBuffers	2023-07-04 10:04:10 +08:00
Danny Canter	d6dbc4040b	go.mod: Update cgroups to 3.0.2 This brings in a ton of great improvements, most notably for the containerd daemon is performance improvements for cgroups1 and 2 for gathering stats, as well as some fixes for enabling controllers and deleting v1 cgroups. Signed-off-by: Danny Canter <danny@dcantah.dev>	2023-06-29 12:14:59 -07:00
Danny Canter	e85352183e	integration/client: Rework withBytesBuffers All of the tests using this didn't need stdin/err (one of them not even stdout), so we can just leave them "empty" and change to a withStdout naming to make it more obvious. Signed-off-by: Danny Canter <danny@dcantah.dev>	2023-06-27 23:47:14 -07:00
Kazuyoshi Kato	9b4ed8acc2	Merge pull request #8696 from fuweid/deflaky-blockfile chore: deflake the blockfile testsuite	2023-06-26 09:54:33 -07:00
Danny Canter	f82d9b7991	Integration: Align empty IO func on Windows I think NullIO is fine on Windows now. We have it as an option in ctr and it's used for the pod sandbox container in CRI. Lets see if CI agrees.. Signed-off-by: Danny Canter <danny@dcantah.dev>	2023-06-22 20:05:34 -07:00
Wei Fu	59b0b39af0	vendor: update github.com/containerd/continuity Pin it with 1e0d26eb2381594984ee80989c9c229dbd930d9f Signed-off-by: Wei Fu <fuweid89@gmail.com>	2023-06-17 08:36:45 +08:00
Phil Estes	38b0f970f0	No more nondistributable layers in MS registry Microsoft announced the removal of nondistributable layers from their images today. This makes the convert test fail since it assumes the first layer is nondistributable on Windows during the test. Signed-off-by: Phil Estes <estesp@amazon.com>	2023-06-13 16:34:44 -04:00
Derek McGowan	dd5e9f6538	Merge pull request #7944 from adisky/new-pinned-image CRI Pinned image support	2023-06-10 22:29:34 -07:00
Derek McGowan	98b7dfb870	Merge pull request #8673 from thaJeztah/no_any avoid "any" as variable name	2023-06-10 20:44:30 -07:00
Sebastiaan van Stijn	4bb709c018	avoid "any" as variable name Avoid shadowing / confusion with Go's "any" built-in type. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2023-06-10 13:49:06 +02:00
Sebastiaan van Stijn	577696f608	replace some basic uses of fmt.Sprintf() Really tiny gains here, and doesn't significantly impact readability: BenchmarkSprintf BenchmarkSprintf-10 11528700 91.59 ns/op 32 B/op 1 allocs/op BenchmarkConcat BenchmarkConcat-10 100000000 11.76 ns/op 0 B/op 0 allocs/op Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2023-06-10 13:24:43 +02:00
Derek McGowan	ee2c8b79bf	Merge pull request #8664 from laurazard/timeout-integration-test-shim-oomscore integration/client: add timeout to `TestShimOOMScore`	2023-06-09 11:49:48 -07:00
Laura Brehm	df280942a7	integration/client: add timeout to `TestShimOOMScore` Signed-off-by: Laura Brehm <laurabrehm@hey.com>	2023-06-09 10:10:42 +01:00
Kazuyoshi Kato	326cd0623e	Merge pull request #8362 from gabriel-samfira/fix-non-c-volume Fix non C volumes on Windows	2023-06-08 21:07:23 -07:00
Brian Goff	104b9ef9eb	Update x/sys to 0.8.0 Signed-off-by: Brian Goff <cpuguy83@gmail.com>	2023-06-03 16:14:38 +00:00
Aditi Sharma	fe4f8bd884	Pinned image support Signed-off-by: Aditi Sharma <adi.sky17@gmail.com>	2023-06-02 09:57:22 +05:30
Kazuyoshi Kato	73645b1dfe	Merge pull request #8588 from lengrongfu/feat/cleanup_config_tls Cleanup DEPRECATED TLS config	2023-05-31 18:50:54 -07:00
Derek McGowan	2a60fe5a60	Remove events from init context Events from the init context have been replaced by the events plugin Signed-off-by: Derek McGowan <derek@mcg.dev>	2023-05-31 09:35:03 -07:00
Evan Lezar	d3887b2e62	Support CDI devices in ctr --device flag This change adds support for CDI devices to the ctr --device flag. If a fully-qualified CDI device name is specified, this is injected into the OCI specification before creating the container. Note that the CDI specifications and the devices that they represent are local and mirror the behaviour of linux devices in the ctr command. Signed-off-by: Evan Lezar <elezar@nvidia.com>	2023-05-31 16:14:01 +02:00
rongfu.leng	d2b7a1e293	cleanup DEPRECATED TLS config Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>	2023-05-31 09:37:41 +08:00
rongfu.leng	9287711b7a	upgrade registry.k8s.io/pause version Signed-off-by: rongfu.leng <rongfu.leng@daocloud.io>	2023-05-28 07:59:10 +08:00
Gabriel Adrian Samfira	b9dfd29b73	Update tests to use volume-copy-up:2.2 Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>	2023-05-26 07:33:06 +00:00
Phil Estes	579b5596c5	Update volume-ownership image with latest hashes Fixes test which requires static content to match a GHCR-located image which was recently updated. Signed-off-by: Phil Estes <estesp@amazon.com>	2023-05-25 11:13:57 -04:00
Gabriel Adrian Samfira	79709a2058	disable provenance Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>	2023-05-19 00:01:05 +03:00
Derek McGowan	44eb8f3466	Merge pull request #8524 from gabriel-samfira/update-volume-copy-up Update volume-copy-up	2023-05-17 09:28:40 -07:00
Gabriel Adrian Samfira	f8907ab872	Update volume-copy-up Add new test cases for volumes on both Linux and Windows. These new volumes will be used to test that we don't accidentally mangle volume paths on Linux and that non-C volume mounts work properly when defined in an image on Windows. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>	2023-05-17 14:20:37 +03:00
Akihiro Suda	811456b314	go.mod: github.com/containerd/continuity v0.4.0 https://github.com/containerd/continuity/compare/72c70feb3081...v0.4.0 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-05-17 19:50:20 +09:00
Akihiro Suda	6f715ab101	go.mod: github.com/containerd/go-runc v1.1.0 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-05-17 13:45:37 +09:00
Samuel Karp	c60ba138b6	Merge pull request #8502 from mstmdev/fix-typos	2023-05-16 08:41:02 -07:00
mstmdev	cdaa4025e9	Fix some typos Signed-off-by: Pan Yibo <mstmdev@gmail.com>	2023-05-16 10:12:50 +08:00
Akihiro Suda	2eeb4b6238	Merge pull request #8373 from Iceber/shim_run runtime/shim: rename RunManager to Run and remove `runc/v2/services` package	2023-05-12 00:46:46 +09:00
Phil Estes	43bbffba37	Merge pull request #8500 from AkihiroSuda/runtime-spec-v1.1.0-rc.2 go.mod: github.com/opencontainers/runtime-spec v1.1.0-rc.2	2023-05-09 10:42:53 -07:00
Akihiro Suda	4347fc8bc2	go.mod: github.com/opencontainers/image-spec v1.1.0-rc3 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-05-09 23:35:58 +09:00
Derek McGowan	718250b6ba	Update ttrpc to v1.2.2 Signed-off-by: Derek McGowan <derek@mcg.dev>	2023-05-09 13:08:46 -07:00
Akihiro Suda	5e054ee631	go.mod: github.com/opencontainers/runtime-spec v1.1.0-rc.2 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-05-09 22:26:37 +09:00
Iceber Gu	ecb693ec74	bump typeurl to v2.1.1 Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>	2023-05-09 13:23:02 +08:00
Sebastiaan van Stijn	0ba0664742	vendor: github.com/opencontainers/runc v1.1.7 release notes: https://github.com/opencontainers/runc/releases/tag/v1.1.7 full diff: https://github.com/opencontainers/runc/compare/v1.1.6...v1.1.7 This is the seventh patch release in the 1.1.z release of runc, and is the last planned release of the 1.1.z series. It contains a fix for cgroup device rules with systemd when handling device rules for devices that don't exist (though for devices whose drivers don't correctly register themselves in the kernel -- such as the NVIDIA devices -- the full fix only works with systemd v240+). - When used with systemd v240+, systemd cgroup drivers no longer skip DeviceAllow rules if the device does not exist (a regression introduced in runc 1.1.3). This fix also reverts the workaround added in runc 1.1.5, removing an extra warning emitted by runc run/start. - The source code now has a new file, runc.keyring, which contains the keys used to sign runc releases. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2023-04-27 12:00:23 +02:00
Sebastiaan van Stijn	cbd10e41a6	vendor: github.com/opencontainers/runc v1.1.6 release notes: https://github.com/opencontainers/runc/releases/tag/v1.1.6 full diff: opencontainers/runc@v1.1.5...v1.1.6 This is the sixth patch release in the 1.1.z series of runc, which fixes a series of cgroup-related issues. Note that this release can no longer be built from sources using Go 1.16. Using a latest maintained Go 1.20.x or Go 1.19.x release is recommended. Go 1.17 can still be used. - systemd cgroup v1 and v2 drivers were deliberately ignoring UnitExist error from systemd while trying to create a systemd unit, which in some scenarios may result in a container not being added to the proper systemd unit and cgroup. - systemd cgroup v2 driver was incorrectly translating cpuset range from spec's resources.cpu.cpus to systemd unit property (AllowedCPUs) in case of more than 8 CPUs, resulting in the wrong AllowedCPUs setting. - systemd cgroup v1 driver was prefixing container's cgroup path with the path of PID 1 cgroup, resulting in inability to place PID 1 in a non-root cgroup. - runc run/start may return "permission denied" error when starting a rootless container when the file to be executed does not have executable bit set for the user, not taking the CAP_DAC_OVERRIDE capability into account. This is a regression in runc 1.1.4, as well as in Go 1.20 and 1.20.1 - cgroup v1 drivers are now aware of misc controller. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2023-04-27 11:59:14 +02:00
Rodrigo Campos	92b93e376a	cri: Vendor v0.27.1 As requested by Akihiro Suda here: https://github.com/containerd/containerd/pull/8211#discussion_r1171041922 This just bumps the tag name to the k8s final release. There are no changes other than the tag name, though. Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>	2023-04-24 16:11:42 +02:00
Sebastiaan van Stijn	f238167408	go.mod: add comment explaining go-fuzz-headers replace rule Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2023-04-15 13:03:12 +02:00
Sebastiaan van Stijn	ec9e74ed92	go.mod: remove replace for github.com/opencontainers/runtime-tools The replace rule was actually downgrading the package by one commit; `946c877fa8...2e043c6bd6` Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2023-04-15 13:01:24 +02:00
Sebastiaan van Stijn	6c40cf3051	go.mod: integration: use non-pre-release of containerd The actual version is replaced, so only "optics" Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2023-04-15 12:50:51 +02:00
Sebastiaan van Stijn	92d1e9bee0	go.mod: integration: move indirect dependencies to the right group Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2023-04-15 12:45:06 +02:00
Kazuyoshi Kato	ffc70c45c4	Merge pull request #8359 from kiashok/argsEscapedTestFix Fix argsEscaped tests	2023-04-14 13:08:51 -07:00
Iceber Gu	b71f4b7518	runtime/shim: rename RunManager to Run Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>	2023-04-14 11:42:21 +08:00
Rodrigo Campos	85afda6f52	cri: Vendor v0.27.0-beta.0 for mounts uid/gid mappings We will use this in future commits to see if the kubelet requested idmap mounts for volumes, that we don't yet support. Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>	2023-04-11 17:31:27 +02:00
Kirtana Ashok	e0b817ec15	Fix argsEscaped tests - Rename test name - Add a tag to the container image used in the tests instead of the latest tag - Add a 5 second delay between container start and stop to ensure that the container is fully initialized Signed-off-by: Kirtana Ashok <Kirtana.Ashok@microsoft.com>	2023-04-07 13:25:03 -07:00
Gabriel Adrian Samfira	4012c1b853	Remove escalated privileges Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>	2023-03-31 06:17:35 -07:00
Gabriel Adrian Samfira	54f8abe553	Use DefaultSnapshotter Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>	2023-03-31 06:17:35 -07:00
Gabriel Adrian Samfira	47dd3dcffb	use t.Fatal if we cannot enable process privileges Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>	2023-03-31 06:17:35 -07:00
Gabriel Adrian Samfira	e31bef15fa	Update continuity Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>	2023-03-31 06:17:32 -07:00
Gabriel Adrian Samfira	95687a9324	Fix go.mod, simplify boolean logic, add logging Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>	2023-03-31 06:16:56 -07:00
Gabriel Adrian Samfira	db32798592	Update continuity, go-winio and hcsshim Update dependencies and remove the local bindfilter files. Those have been moved to go-winio. Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>	2023-03-31 06:16:52 -07:00
Gabriel Adrian Samfira	dc980b14a0	Grant needed privileges for snapshotter tests Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>	2023-03-31 06:15:19 -07:00
Paul "TBBle" Hampson	d591bb0421	Enable TestSnapshotterClient on Windows Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>	2023-03-31 06:15:18 -07:00
Fu Wei	988ee8ffef	Merge pull request #8208 from Iceber/fix_runtime_path fix the task setting the runtime path	2023-03-31 12:38:08 +08:00
Akihiro Suda	b55dad06aa	go.mod: github.com/opencontainers/runc v1.1.5 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-03-29 17:16:57 +09:00
Iceber Gu	c89438e834	integration: add container start test using abs runtime path Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>	2023-03-29 11:54:52 +08:00
Fu Wei	e735405c15	Merge pull request #7951 from Iceber/fix_restart_monitor	2023-03-16 08:58:20 +08:00
Maksym Pavlenko	07c2ae12e1	Remove v1 runctypes Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2023-03-15 09:18:16 -07:00
Maksym Pavlenko	ef516a1507	Remove runtime v1 Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>	2023-03-15 09:18:14 -07:00
Iceber Gu	76778aee64	integration: add restart monitor test for paused task Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>	2023-03-15 14:32:17 +08:00
Kazuyoshi Kato	a570c8184a	Merge pull request #8213 from jedevc/export-skip-docker-manifest archive: consistently respect value of WithSkipDockerManifest	2023-03-14 15:01:08 -07:00
Akihiro Suda	86fc1ccab4	Remove `aufs` snapshotter (deprecated since v1.5) Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-03-14 14:37:13 +09:00
Justin Chadwell	d3e856da7f	export: add test for WithSkipDockerManifest Signed-off-by: Justin Chadwell <me@jedevc.com>	2023-03-13 09:02:53 +00:00
Derek McGowan	56354c7de5	Update ttrpc to v1.2.1 Signed-off-by: Derek McGowan <derek@mcg.dev>	2023-03-08 10:29:44 -08:00
Paweł Gronowski	dd3eedf3c3	labels: Add LabelDistributionSource Add a public const for "containerd.io/distribution.source" in `labels` package and replace hardcoded usages. Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>	2023-03-08 10:01:58 +01:00
Akihiro Suda	6d46bb410b	go.mod: go.opentelemetry.io/otel/* v1.14.0 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-03-08 02:06:41 +09:00
Akihiro Suda	535ef5054d	go.mod: github.com/stretchr/testify v1.8.2 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-03-07 22:06:39 +09:00
Akihiro Suda	2b4f830ede	go.mod: github.com/opencontainers/selinux v1.11.0 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-03-07 22:06:39 +09:00
Akihiro Suda	6bfc82dafe	go.mod: github.com/opencontainers/runtime-spec v1.1.0-rc.1 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-03-07 22:06:39 +09:00
Akihiro Suda	7c70185ae9	go.mod: github.com/klauspost/compress v1.16.0 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-03-07 22:06:39 +09:00
Akihiro Suda	8e67b27315	go.mod: github.com/imdario/mergo v0.3.13 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-03-07 22:06:38 +09:00
Akihiro Suda	6afec55581	go.mod: github.com/emicklei/go-restful/v3 v3.10.1 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-03-07 22:06:38 +09:00
Akihiro Suda	c4f928f88c	go.mod: github.com/containerd/ttrpc v1.2.0 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-03-07 22:06:38 +09:00
Akihiro Suda	5630d6a840	go.mod: github.com/containerd/fifo v1.1.0 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-03-07 22:06:38 +09:00
Akihiro Suda	6d95132313	go.mod: github.com/containerd/cgroups/v3 v3.0.1 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-03-07 22:06:38 +09:00
Akihiro Suda	da1ffdd757	go.mod: github.com/Microsoft/hcsshim v0.10.0-rc.7 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-03-07 21:48:06 +09:00
Akihiro Suda	c77ddf5381	Merge pull request #8131 from lucacome/bump-k8s.io-deps Bump k8s.io deps	2023-03-07 21:44:13 +09:00
Akihiro Suda	56f629fd9c	Merge pull request #8217 from dmcgowan/update-imgcrypt Update imgcrypt to v1.1.7	2023-03-07 21:40:10 +09:00
Fu Wei	5ae3a7f417	Merge pull request #8198 from kiashok/argsEscapedSupportInCri Add ArgsEscaped support for CRI	2023-03-07 16:12:24 +08:00
Derek McGowan	60738e31d2	Update imgcrypt to v1.1.7 Signed-off-by: Derek McGowan <derek@mcg.dev>	2023-03-06 22:22:26 -08:00

1 2 3 4 5 ...

844 Commits