Since a recent contributor edited the synced version of this in the website (containerd.io) repo, we should just update the main repo and let the auto-sync PR get these 2 files back in sync with the latest releases.
Signed-off-by: Phil Estes <estesp@amazon.com>
Distros usually like to install docs, so add a rule for that, so
dist maintainers don't need to care about the details.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
This is a partial revert of "cri/sbserver: Use platform instead of GOOS
for userns detection".
While what that commit did is 100% the right thing to do, when the
sandbox_mode is "shim" all controller.XXX() calls are RPCs and the
controller.Create() call initializes the controller. Therefore, things
like "getSandboxController()" don't work in the case of "shim"
sandbox_mode until after the controller.Create().
Due to this asymmetry and the lack of tests for shim mode, we didn't
catch it before.
This patch just reverts that commit so that the Create() and
getSandboxController() calls remain where they were, and just relies on
the config Linux section as a hack to detect if the pod sandbox will use
user namespaces or not.
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
Make the rather obscure systemd notification build-time optional by
setting 'no_systemd' tag and so skip dependencies on around 9kLoC
vendor code.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
cgroupv1HasHugetlb() and cgroupv2HasHugetlb() may return errors, but nobody
(there's just one call site anyways) ever cares. So drop the unnecessary code.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
The default version of MinGW and GCC on the GitHub-hosted Windows 2019
runners compile fine but lead to linker errors during runtime.
Signed-off-by: Nashwan Azhari <nazhari@cloudbasesolutions.com>
Tests in pkg/cri/[sb]server/container_create_linux_test.go depends on go:noinline
since Go 1.21.
e.g.,
> ```
> === FAIL: pkg/cri/sbserver TestGenerateSeccompSecurityProfileSpecOpts/should_set_default_seccomp_when_seccomp_is_runtime/default (0.00s)
> container_create_linux_test.go:1013:
> Error Trace: /home/runner/work/containerd/containerd/pkg/cri/sbserver/container_create_linux_test.go:1013
> Error: Not equal:
> expected: 0x263d880
> actual : 0x263cbc0
> Test: TestGenerateSeccompSecurityProfileSpecOpts/should_set_default_seccomp_when_seccomp_is_runtime/default
> ```
See comments in PR 8957.
Thanks to Wei Fu for analyzing this.
Co-authored-by: Wei Fu <fuweid89@gmail.com>
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
- Fill OSVersion field of ocispec.Platform for windows OS in
transfer service plugin init()
- Do not return error from transfer service ReceiveStream if
stream.Recv() returned context.Canceled error
Signed-off-by: Kirtana Ashok <kiashok@microsoft.com>
@samuelkarp's https://github.com/samuelkarp/runj is a de facto default
FreeBSD runtime.
This change creates a set of defaults for FreeBSD setting
`wtf.sbk.runj.v1` as the default runtime.
Signed-off-by: Artem Khramov <akhramov@pm.me>
