- 10 Dec, 2021 4 commits
-
-
Bruce Ashfield authored
Signed-off-by:Bruce Ashfield <bruce.ashfield@gmail.com>
-
Bruce Ashfield authored
Bumping runc to version v1.0.3-2-ge0124d56, which comprises the following commits: 31f7b334 VERSION: back to development f46b6ba2 VERSION: release v1.0.3 b8dbe466 runc init: avoid netlink message length overflows e73ff667 [1.0] ci: add Go 1.17, drop Go 1.15 2c30069c libct/cg/sd/v2: Destroy: remove cgroups recursively 42bfc63b script/release.sh: fix for opensuse 8e96a96f libct/cg/fs2: fix GetStats for unsupported hugetlb e84e7f93 [1.0] Fix failure with rw bind mount of a ro fuse cbb23675 runc run: fix ro /dev e802cfae test/int/mount.bats: refer to github issue 3640499a libct/rootfs: consolidate utils imports aa1d1ca5 tests/int/dev: add CAP_SYSLOG to /dev/kmsg tests fdee8658 libct/int/checkpoint_test: fix ParentImage cbb5ef5c improve error message when dbus-user-session is not installed 86d83333 VERSION: back to development Signed-off-by: -
Bruce Ashfield authored
Bumping runc to version v1.0.3-2-ge0124d56, which comprises the following commits: 31f7b334 VERSION: back to development f46b6ba2 VERSION: release v1.0.3 b8dbe466 runc init: avoid netlink message length overflows e73ff667 [1.0] ci: add Go 1.17, drop Go 1.15 2c30069c libct/cg/sd/v2: Destroy: remove cgroups recursively 42bfc63b script/release.sh: fix for opensuse 8e96a96f libct/cg/fs2: fix GetStats for unsupported hugetlb e84e7f93 [1.0] Fix failure with rw bind mount of a ro fuse cbb23675 runc run: fix ro /dev e802cfae test/int/mount.bats: refer to github issue 3640499a libct/rootfs: consolidate utils imports aa1d1ca5 tests/int/dev: add CAP_SYSLOG to /dev/kmsg tests fdee8658 libct/int/checkpoint_test: fix ParentImage cbb5ef5c improve error message when dbus-user-session is not installed 86d83333 VERSION: back to development Signed-off-by: -
Bruce Ashfield authored
Bumbing kubernetes to the latest release branch (now that our go compiler meets the minium standards). We also add a networking configuration similar to the k3s one, but named appropriately so that CNI will read and do basic configuration. We also add some missing rdepends that were preventing the controller node from fully initializing. Signed-off-by:
-
- 02 Dec, 2021 1 commit
-
-
Peter Kjellerstedt authored
Signed-off-by:
Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by:
-
- 30 Nov, 2021 6 commits
-
-
Bruce Ashfield authored
Bumping skopeo to version v1.5.2-3-g1d24e657, which comprises the following commits: 4dcd28df Use a dynamic temp dir for test 789ee8be Bump to 1.5.3-dev 8a88191c Release 1.5.2 69728fdf Update to c/image v5.17.0 47066f2d Cirrus: Bump Fedora to release 35 & Ubuntu to 21.10 adfa1d4e Bump github.com/docker/docker 05a2ed49 proxy: Uncapitalize all errors e9535f86 tests: Add new "procutils" that exposes PDEATHSIG fa86297c proxy_test: Test `GetConfig` 2bb6f27d proxy_test: Add helper to read all from a reply f90725d8 proxy_test: Add a helper method to call without fd 644074cb proxy: Add support for manifest lists 83416068 tests/integration/proxy_test: New test that exercises `proxy.go` a3adf36d proxy: Use float → int helper for pipeid 6510f101 proxy: Add a helper to return a byte array e7b7be57 proxy: Add an API to fetch the config upconverted to OCI 942cd6ec Fix bug that prevented useful diagnostics on registry fail 41de7f2f use fedora:latest in contrib/skopeoimage/*/Dockerfile c264cec3 Move to v1.5.2-dev 2b357d82 Bump to v1.5.1 4acc9f0d main: Error out if an unrecognized subcommand is provided 7885162a move optional-flag code to c/common/pkg/flag 36d860eb Add --dest-precompute-digests option for docker c8777f3b bump containers/image to 2541165 985d4c09 Add instructions to generate static binaries 11b59898 Add new `experimental-image-proxy` hidden command 2144a37c issue#785 inspect command - introduce a way to skip querying available tags for an image 60c98cac Document container images as an alternative to installing packages 89ecd5a4 Introduce --username and --password to pass credentials 119eeb83 Move to v1.5.1-dev 209a9931 Bump to v1.5.0 3e4d4a48 Bump github.com/containers/image/v5 from 5.16.0 to 5.16.1 3a97a0c0 Bump github.com/docker/docker ff88d3fc Remove leftover Nix packaging files e19b57c3 Update github.com/containerd/containerd to v1.5.7 b950f83c issue#1466 - Introduce a --keep-going option to allow "sync" command to continue syncing even after a particular image sync fails 12d01037 Bump github.com/containers/storage from 1.36.0 to 1.37.0 e0c53dfd Update installation doc with latest steps aba57a88 Makefile: drop nix support 93c42bcd Bump github.com/containers/common from 0.45.0 to 0.46.0 c0f07d3d Bump github.com/containers/common from 0.44.1 to 0.45.0 0ce7081e Bump github.com/containers/common from 0.44.0 to 0.44.1 52dafe8f Update to github.com/vbauerster/mpb v7.1.5 ee8b8e77 Explain the usage of DISABLE_DOCS in the installation doc 1d204fb1 Update VM Images + Drop prior-ubuntu references 61310777 issue#1411 Introduce DISABLE_DOCS to skip doc generation while building from source ed96bf04 Bump github.com/containers/common from 0.43.2 to 0.44.0 a837fbe2 Bump github.com/containers/storage from 1.35.0 to 1.36.0 9edeb69f Remove the extra (defaults to true) help msg a2d083ca Bump github.com/containers/image/v5 from 5.15.2 to 5.16.0 0e87d4d1 Run (gofmt -s -w) c399909f Update non-module dependencies 102e2143 Bump github.com/containers/image/v5 from 5.15.1 to 5.15.2 7d5ef9d9 Bump github.com/containers/common from 0.43.1 to 0.43.2 70eaf171 Add OWNERS file 61969472 Bump github.com/containers/image/v5 from 5.15.0 to 5.15.1 ec1ac5d0 Bump github.com/containers/storage from 1.34.0 to 1.34.1 082db20f Bump github.com/containers/common from 0.43.0 to 0.43.1 8dce403b Add codespell fixes f6ae7865 systemtests: if registry times out, show container logs 9acb8b6a Bump github.com/containers/common from 0.42.1 to 0.43.0 a23b9f53 Bump github.com/containers/storage from 1.33.2 to 1.34.0 be821b4f Bump github.com/containers/storage from 1.33.1 to 1.33.2 ab87b15f Cirrus: Run checks directly on the host 1aa98bab Github: Add workflow to monitor Cirrus-Cron builds fbf96998 Bump github.com/docker/docker a3bb1cc5 Bump github.com/containers/common from 0.42.0 to 0.42.1 0667a1e0 Bump to 1.4.1-dev Signed-off-by: -
Martin Jansa authored
* undo the unnecessary and incomplete changes from 0001-vm-support-fix-build-for-kernel-s-5.4.patch because with 5.15 it was still failing with: ERROR: modpost: missing MODULE_LICENSE() in uxen-guest-tools/4.1.8-r0/uxen-4.1.8-72a4af9/vm-support/linux/uxenhc/uxenhc.o fix it properly in 0004-uxenhc-fix-DMODULE-not-working-on-module-build-comma.patch Signed-off-by:
Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by:
-
Martin Jansa authored
This is a compile only fix to update the uxen kernel modules to work against newer kernels. Signed-off-by:
-
Martin Jansa authored
* use something more reasonable than default 'git' from filename * there wasn't a new tag for a long time, so this is quite far from 0.3.0 as git describe shows: v0.3.0-231-g6b23764a but 0.3.0 is still the closest release I've found and matches PROJECT_VERSION in Makefile: https://github.com/avpatel/xvisor-next/blob/6b23764a1439f9d08b2ed2f363da522460d8a22b/Makefile#L29 Signed-off-by:
-
Martin Jansa authored
Signed-off-by:
-
Bruce Ashfield authored
This is a compile only fix to update the uxen kernel modules to work against newer kernels. Signed-off-by:
-
- 29 Nov, 2021 1 commit
-
-
Bruce Ashfield authored
Bumping to the latest xvisor tip. We drop one patch that is now part of the upstream, and we add another to remove /usr/bin/python from scripts called during build, since it breaks the build on hosts without /usr/bin/python. Signed-off-by:
-
- 24 Nov, 2021 1 commit
-
-
Xu, Yanfei authored
Backport a fix for CVE-2021-3667. The CVE discription: An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. Refer to: https://bugzilla.redhat.com/show_bug.cgi?id=1986094 Signed-off-by:
Yanfei Xu <yanfei.xu@windriver.com> Signed-off-by:
-
- 22 Nov, 2021 8 commits
-
-
Bruce Ashfield authored
Bumping podman-compose to version 0.1.8-2-g1555417, which comprises the following commits: 1555417 FIXES #361: key error _service 1f989ed FIXES #356: respect pull_policy 66ce2a3 release 0.1.8 d8e11d5 FIXES #312: run starts dependencies 72c3572 #289: exit code and test for that c187e88 up and down specific containers 31b8bb4 simpler passing of env f177712 Fix `up` arguments parsing ae3deb1 #355: fix dry run 117b7fb command list of strings 5acb997 command list of strings 02b2f65 Update issue templates a36b6f1 Update issue templates e3be6dd Update issue templates 4b75678 Update issue templates dcb038e remove tabs a2fef56 FIXES #353: down in reverse order c753b8e FIXES #167: support ContainerFile c9486c9 #115: handle string entrypoint f2aeaba #348: conditional --infra-name 2d80e43 remove print d1a77de external name c49f070 volumes with names 6d69b7c Add support external volumes ab13503 add support for long port publishing format 069018c #342: set infra container name b33c42b Readability fix for missing commands 785f7ad Get version info with setup.cfg b6a9f8e #335: report version with -v 4a5fd23 #275 make pipx happy dc0ac0d docs: added the transform_policy default and description 502d7cc #327: accept ports as string e85d79d added cpu_shares flag for v2 bfb57b9 added cpu_shares flag for v2 2d0aad6 Also pull images with a build section ff5b9f1 Support for logging 62aa337 feat(secrets):
-
Bruce Ashfield authored
Bumping libpod to version v3.4.2-4-g72031783c, which comprises the following commits: 25f35ac9e Use CGO_ENABLED=1 when building natively on darwin 7c98d542b Bump to v3.4.3-dev 2ad1fd355 Bump to v3.4.2 1d6397e5c Add release notes for v3.4.2 6d9b1e4b8 Fix partial log line handling with journald log driver 8b368b5e1 Fix Zsh completion command documentation c2fb170b8 Fix flake in upgrade tests 6770fede7 VOLUME must be declared after RUN chown command cedf1a3d4 podman-generate-kube - remove empty structs from YAML e456873c0 Exclude already built sources for static build e9f6e5194 Match .c files in Makefile de852ebd0 shm_lock: Handle ENOSPC better in AllocateSemaphore fc1707dfe Minor test tweaks c8b7ca2ba pod/container create: resolve conflicts of generated names 2dc8db773 Add some information about disabling SELinux when using system volumes 93a3e720d Log Apache access_log-like entries at Info level [NO NEW TESTS NEEDED] b1ac02dcb tweak a couple of flag descriptions in help output 718de67f3 Fix bindings container log test dd6551055 test: run --cgroups=split in new cgroup df9e0fdcb Fix tests of podman image trust --raw and --json df736396e Tighten the expected output of the "podman image trust show" test 18c322d1c Use INTEGRATION_ROOT instead of current directory 3bd80ac9a Handle HTTP 409 error messages properly for Pod actions a8332f694 Fix swagger definitions 5889c2c24 Cirrus: Authorize rootless user self-ssh 2a0aad6be Add information on how podman machine is updated 0ded340e6 Fix help message case for `podman version` fa29ca710 Fix pause usage example 6bf6d7237 Set Checkpointed state to false after restore 2d6252b98 runtime: change PID existence check a208bc24d Set DOCKER_HOST in the VM 246782133 runtime: check for pause pid existence 0519e7ef8 utils: do not overwrite the err variable 2b85684ad Fix systemd PID1 test 0e1f67b72 cgroups: use SessionBusPrivateNoAutoStartup 9707ff5d4 vendor: update godbus to v5.0.6 a67bf0f92 Slirp4netns with ipv6 set net.ipv6.conf.default.accept_dad=0 47afa6d96 Fix a few problems in 'podman logs --tail' with journald driver 729310a85 If Dockerfile exists in same directory as service, we should not use it. 7275d389b Document to not set K8S envars for CNI 955d01f5a [NO NEW TESTS NEEDED] Fix off-by-one index comparision (reported by LGTM) 2ff511798 Fix some typos in documentation and comments (found by codespell) eead06b9d [CI:DOCS] Fix typo keep_id -> keep-id 8887cc7e4 podman run --memory=0 ... should not set memory limit 6f779b230 systemd: compatible with rootless mode 465e27cf1 Use exponential backoff when waiting for a journal entry 3b67336b6 Pod Rm Infra Improvements f8ede7c5e System tests: confirm that -a and -l clash c3f3e6d3b Remove infra ID from DB before removing containers b3eaa08c5 Generate Kube should not print default structs d489abf26 fuse-overlay probably means fuse-overlayfs. 34739f441 Replace 'an user' => 'a user' 9c94530bb network reload without ports should not reload ports eca1b6c0b pod create: read network mode from config 9e78185e3 volumes: be more tolerant and fix infinite loop 5c2d17e1c [backport] tag: Support tagging manifest list instead of resolving to images 46f7d2af1 Bump to v3.4.2-dev a6493ae69 Bump to v3.4.1 56a4372c2 Update release notes for v3.4.1 f05e206bd Fix test failures from backports 437ec951d system tests: socket activation: clean up 5aa89c88f Checkpoint/Restore test fixes d39e41283 Set targetPort to the port value in the kube yaml 7923bfcb0 Test-hang fix: Wait for ready + timeout on connect. c135ff76d Don't include ctr.log if not using file logging 9168db8bc Do not add TCP to protocol in generated kube yaml b5dd62f31 Don't use docker/pkg/archive, use containers/storage/pkg/archive a213661ae Fix panic in container create compat api 92ed439d2 Don't add image entrypoint to the generate kube yaml 16fb4161a Kube Gen run as user/group issues 3082ba8b7 No space in kube annotations for bind mounts b470de05b cgroups: use cgroup.controllers to read controllers 8b87793d4 Use SplitN(2) when copying env variables d458bc304 [CI:DOCS] Include manifest example usage fbe94088f podman stats: move cgroup validation to server 338e01f04 [CI:DOCS] oci-hooks.5.md: fixup section in header de6a4af5a Change podman.1 man page to show corret log-level default 326eae3b7 Add podman-plugins to upstream image ca33df146 Ensure `podman ps --sync` functions 7bbf774e8 Allow `podman stop` to be run on Stopping containers 2cd206d0f libpod: fix race when closing STDIN 37347c321 It really should be no **NEW** tests needed 62d12a2ad Add guard for BuildOptions.CommonBuildOpts c6be71486 machine: silently cleanup dangling sockets before rm if possible 835d74ac6 sdnotify test: accept MAINPID anywhere 14509a92b Allow a value of -1 to set unlimited pids limit deb7517cc Gating tests: fix permissions error cd4e10fdf [v3.4] bump c/common to v0.44.3 91f9682c7 Bump to v3.4.1-dev 6e8de00bb Bump to v3.4.0 Signed-off-by: -
Bruce Ashfield authored
Bumping docker-distribution to version v2.7.1-38-gf7365390, which comprises the following commits: 97f6dace [release/2.7] vendor: github.com/opencontainers/image-spec v1.0.2 9a3ff113 fix go check issues 19b573a6 Change should to must in v2 spec d836b23f [release/2.7] update to go1.16 Signed-off-by: -
Bruce Ashfield authored
Bumping cri-tools to version v1.22.0-64-ga9898388, which comprises the following commits: 794d57a4 Bump github.com/onsi/gomega from 1.16.0 to 1.17.0 0f2d4138 Refactor fish completion c52d97b1 Rename bash and zsh completion functions cad0736a Add zsh compinit tag 569d1769 Bump google.golang.org/grpc from 1.41.0 to 1.42.0 082da7c6 Bump github.com/docker/docker 0aade2a4 Bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5 4e03be78 Add release publishing workflow 5c0c14e2 Bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1 b4e1615c Add SHA512 sum for release files 22bdc0b9 Bump github.com/docker/docker 06422104 Bump google.golang.org/grpc from 1.40.0 to 1.41.0 b153327c Bump sigs.k8s.io/yaml from 1.2.0 to 1.3.0 c5fac65f Bump k8s.io/api from 0.22.1 to 0.22.2 36c9ae70 Bump k8s.io/cri-api from 0.22.1 to 0.22.2 c104c3a7 Bump k8s.io/apimachinery from 0.22.1 to 0.22.2 65509de9 Bump k8s.io/client-go from 0.22.1 to 0.22.2 59cf0fb9 Bump k8s.io/kubectl from 0.22.1 to 0.22.2 8d019343 Updates E2E test images registry 6824a581 Bump github.com/opencontainers/selinux from 1.8.4 to 1.8.5 057a0a48 Switch to go1.17 for CI d9fe19b8 Bump github.com/opencontainers/runc from 1.0.1 to 1.0.2 56a2c456 Added dropping/adding `ALL` capabilities case to critest 1817da64 Bump github.com/onsi/gomega from 1.15.0 to 1.16.0 9c01f4d5 Bump k8s.io/cri-api from 0.22.0 to 0.22.1 e3ca48ad Bump k8s.io/client-go from 0.22.0 to 0.22.1 1e108dfb Bump k8s.io/api from 0.22.0 to 0.22.1 79ff09e9 Bump k8s.io/apimachinery from 0.22.0 to 0.22.1 f3863189 Bump k8s.io/kubectl from 0.22.0 to 0.22.1 32d96cbe Bump google.golang.org/grpc from 1.39.1 to 1.40.0 de44545a Bump github.com/onsi/gomega from 1.14.0 to 1.15.0 44385679 Bump github.com/opencontainers/selinux from 1.8.3 to 1.8.4 dd011a46 Bump google.golang.org/grpc from 1.39.0 to 1.39.1 3db8a88c Bump Kubernetes to v1.22.0 231cf44f Bump k8s.io/api from 0.21.3 to 0.22.0 032832ec Bump k8s.io/cri-api from 0.21.3 to 0.22.0 64e1ad02 Bump k8s.io/kubectl from 0.21.3 to 0.22.0 918e5c77 Bump k8s.io/apimachinery from 0.21.3 to 0.22.0 6ccbb79b Bump github.com/docker/docker a2e29a4c Bump github.com/opencontainers/selinux from 1.8.2 to 1.8.3 0cfc8b32 crictl: Adds support for updating resource limits for Windows Containers d6c95411 Bump k8s.io/api from 0.21.2 to 0.21.3 a9dc7558 Bump k8s.io/kubectl from 0.21.2 to 0.21.3 88e4d31b Bump k8s.io/apimachinery from 0.21.2 to 0.21.3 d7f79299 Bump k8s.io/cri-api from 0.21.2 to 0.21.3 5a43f6cd Bump github.com/onsi/gomega from 1.13.0 to 1.14.0 e89ffa50 Update GitHub actions to go 1.16 and remove .travis.yml e5045b08 Bump google.golang.org/grpc from 1.38.0 to 1.39.0 31e70ff9 Update critest Windows tests. 03fa217f chore: switch containerd branch to main aef70e40 Bump k8s.io/cri-api from 0.21.1 to 0.21.2 f6f6a393 Bump k8s.io/api from 0.21.1 to 0.21.2 b90eefd5 Bump k8s.io/kubectl from 0.21.1 to 0.21.2 85fa1307 Bump k8s.io/apimachinery from 0.21.1 to 0.21.2 bb845cfd rm_force_while_container_running_fix e866f8ff Bump github.com/opencontainers/selinux from 1.8.1 to 1.8.2 a8e055d2 Bump github.com/onsi/ginkgo from 1.16.3 to 1.16.4 9de2a5e4 Bump github.com/docker/docker c83bed06 Bump github.com/onsi/ginkgo from 1.16.2 to 1.16.3 c9cb3790 Bump github.com/onsi/gomega from 1.12.0 to 1.13.0 1d34ea0c Add global handler for Interrupt signal Signed-off-by: -
Bruce Ashfield authored
Bumping cri-o to version v1.22.1-5-ge3dfe61ca, which comprises the following commits: d89a55e91 gh-actions: add sed for kube e2e b1ac0896f release-notes: update to main a90fcad56 test: add label for openshift e2e in dockerfile 1495b80e8 bump to 1.22.1 4ce3396b9 Skip volume relabel for super privileged containers 66e3210e0 test: skip certificate check for downloading parallel 91acfb2e7 test: fix shmft 325ec64d5 vendor: update to selinux 1.9.1 8bacf3132 test: fix selinux test failures 116eff337 server: FilterDisallowedAnnotations of containers earlier e595eeb06 server: conditionally relabel volumes given annotation 69dfc4bc4 test: refactor allowed_annotation tests 92810c137 server: reduce args in addOCIBindMounts 54f343719 server: mount cgroup if hostNetwork b40d9220b server: use container level host network setting 53755727a server: don't recalculate hostnet a220ddf71 server: set spec when dropping infra 85043dab6 server: don't wait forever on conmon cgroup move fail 764e83f44 Do not log if Intel RDT is not supported 4542e5166 call cmd.Wait() in all cases we call Start() 2bd8e315b oci: call wait on conmon if cgroup move fails d45f1f112 Fix missing quantile in `latency_microseconds_total` metrics 6a8cb41cd oci: use conmon for exec again ddef4d063 install dependency in test step f74d274fa blockio: apply annotations and blockio classes to Linux.Resources 7b3f68fa8 blockio: handle class configuration file if set d7444c86d blockio: enable setting blockio class configuration file 5aacbedb2 fix checking in openpgp_tag.sh 2bfcfb6fb config: set internal_wipe to true by default, and deprecate the option Signed-off-by: -
Bruce Ashfield authored
cri-o has joined the projects switching their default branch to main (and removing the old one). We update our recipe to avoid fetcher errors. Signed-off-by: -
Bruce Ashfield authored
Bumping containerd to version v1.5.8, which comprises the following commits: ef071b07b mailmap: Add Kevin Parsons 2385fd14d Prepare release notes for v1.5.8 15d8c03e3 schema1: reject ambiguous documents 833407fbf images: validate document type before unmarshal 01428ec40 Fix containerd fails to pull OCI image with non-`http(s)://` urls 2bd3f18d9 [release/1.5] go.mod: Bump hcsshim to v0.8.23 047ea15d2 [release/1.5] go.mod: Bump ttrpc to 1.1.0 7b20299bc [release/1.5] update Go to 1.16.10 641976bea [release/1.5] update Go to 1.16.9 b988fc918 Output a warning for label image labels instead of erroring 3109820f5 Update test timeout based on recent cancellations 16762f3e5 Fix spelling mistake in Windows snapshotter 6094bc770 Use DeactivateLayer to recover layers that we cannot rename bf02a8330 task delete: Closes task IO before waiting aa7c9d9da Fix pull fails on unexpected EOF bc2f973ff Prepare release notes for v1.5.7 f95fca079 btrfs: reduce permissions on plugin directories 68119b417 v1 runtime: reduce permissions for bundle dir 97db45e83 v2 runtime: reduce permissions for bundle dir bc8fdf832 Update release notes and mailmap 77dafa20c Prepare release notes for v1.5.6 a4b51d119 Fix panic in metadata content writer on copy error 147705920 Use github images for integration tests 514137aa0 cri: add devices for privileged container 6bfd09f7c Enable image config labels in ctr and CRI container creation 923088852 seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted) 4133c775c go.mod: update runc to v1.0.2 011fb4c0b update runc binary to v1.0.2 210d3bc15 Fix content copy to not ignore unexpected EOF a863339c5 [release/1.5] update Go to 1.16.8 f3d46f828 CI: Switch to available latest images c7ed09d55 Adding testing of two devices in a directory 0ca2e2751 Fix dir support for devices V3 (#4847) 0fd19511e go.mod: Update hcsshim to v0.8.21 c0534c168 [release/1.5 backport] cri: filter selinux xattr for image volumes 27e164648 Allow expanded DNS configuration Signed-off-by: -
Bruce Ashfield authored
Bumping conmon to version v2.0.1-288-ge67bb4d, which comprises the following commits: a854c52 conmon: fix error message 5d5b853 logging: set SYSLOG_IDENTIFIER= with --log-tag ed0b60c conmon: free userdata files before exec cleanup 42cecdf Cirrus: Remove disused scripts 1c7b233 test: drop seccomp tests eb808d2 fix gh action yaml e7a5e0c ctr_logs: use container name or ID as SYSLOG_IDENTIFIER for journald f263cf4 logging: new mode -l passthrough f231c7f ctrl: delete the fifo if it exists 7cfb1ac conmon_test: fix race condition on os.RemoveAll c657db7 integration: use the built binary fa1fa36 bump to v2.0.31-dev 2792c16 bump to v2.0.30 fec62f1 bump go version for podman tests 89072ea Update VM Images + Drop prior-ubuntu references 53c9f75 Remove unreachable code path 9e54dda exit: report if the exit command was killed 4d3dba9 exit: fix race zombie reaper c834521 conn_sock: allow watchdog messages through the notify socket proxy 423c391 Add seccomp to build dependency 9c23760 Update nixpkgs 3a8c913 make: only define use_seccomp if we're using it 1d67d9e Makefile: correctly check seccomp notify support e796a80 Makefile: make conditional-compilation variable setting uniform e83c392 Makefile: unify condition checking 7381063 Cirrus: Remove outdated/wrong documentation 4a8762d Cirrus: Fix references to 'master' branch 1ef2468 Fix docs links due to branch rename Signed-off-by:
-
- 19 Nov, 2021 1 commit
-
-
Chen Qi authored
When enabling 'dpdk' PACKAGECONFIG, the following error appears. | configure: error: Could not find DPDK library in default search path Fix the error by tweaking the configure option regarding dpdk. Add pkgconfig to 'inherit' because pkgconfig is required at do_configure when dpdk is enabled. Signed-off-by:
Chen Qi <Qi.Chen@windriver.com> Signed-off-by:
-
- 16 Nov, 2021 2 commits
-
-
Bruce Ashfield authored
During the conversion to the new : override syntax, once instance was missed. We fix it here. Signed-off-by: -
Bruce Ashfield authored
Bumping moby to version v20.10.10-9-g7bd682c48c, which comprises the following commits: 7677aeafd7 TestBuildUserNamespaceValidateCapabilitiesAreV2: cleanup daemon storage 34eb6fbe60 testutil: daemon.Cleanup(): cleanup more directories c7edd308ad [20.10] Update Go to 1.16.10 6611c72b65 cmd/dockerd: create panic.log file without readonly flag 4b9a3dac46 Fix race in TestCreateServiceSecretFileMode, TestCreateServiceConfigFileMode acb4f263b3 Fix racey TestHealthKillContainer 59d2a2c397 dockerd-rootless.sh: Fix variable not double quotes cause unexpected behavior 2c6aa5aad9 Remove needless check 3285c27503 Fix log statement 'failed to exit' timeout accuracy a4bcd4c64f docker daemon container stop refactor bed624fdc9 docker kill: fix bug where failed kills didnt fallback to unix kill 80b7e8b5d7 buildkit: normalize build target and local platform c2b9a32875 vendor: Update go-winio to v0.4.20 c580a02873 [20.10] Update Go to 1.16.9 129a2000cf [20.10] update containerd binary to v1.4.11 6835d15f55 [20.10] update containerd binary to v1.4.10 5730c139f7 Bump swarmkit to get fix for rollback 59f10e3435 quota: adjust build-tags to allow build without CGO fa78afebcf Update Go to 1.16.8 567c01f6d1 seccomp: add support for "clone3" syscall in default policy 07728cd2bd update runc binary to v1.0.2 964768f200 cmd/dockerd: add the link of "the documentation" 80f1169eca chrootarchive: don't create parent dirs outside of chroot 93ac040bf0 Lock down docker root dir perms. b0c0b73798 bump up rootlesskit to v0.14.4 decb56ac89 Update Go to 1.16.7 Bumping docker-cli to version v20.10.10, which comprises the following commits: 9989fdbc4 Update most links in docs to use https by default 0e20c1fd2 Update Go to 1.16.9 1c0927a04 Dockerfile: update tonistiigi/xx to 1.0.0-rc.2, add XX_VERSION arg 82f9d5921 info: skip client-side warning about seccomp profile on API >= 1.42 adb01ca79 docs: some minor touch-ups in checkpoint reference 8260476a0 docs: remove trailing space to fix generated YAML format bce2e1f95 docs: create.md: typo fix 44064f51c Fix typo in documentation - build.md 292779add Add doc for BUILDKIT_PROGRESS env var f2e79b826 docs: use "console" code-hint for shell examples fa46b9236 docs: rewrite reference docs for --stop-signal and --stop-timeout 400f81089 experimental: fix broken link to "checkpoint and restore" page c72057c8d docs: move checkpoint/restore doc from experimental into reference 77db97d59 Use private network address for default-address-pools setting in daemon.json example cbf0d2b7b docs: fix some broken anchors d0014a86b docs: fix description of restart-delay to mention max (1 minute) 6c1c8b55a docs: fix search results by filterd is-official 44fdac11f Update Go to 1.16.8 061051c24 docs: add missing redirect, and remove /go/experimental redirect 2012fbf11 Update Go to 1.16.7 42d1c0275 registry: ensure default auth config has address Signed-off-by:
-
- 12 Nov, 2021 1 commit
-
-
Bruce Ashfield authored
OEcore has recently added a QA check for directories that should be empty. libvirt (via meson) creates some localsstate directories for the various components. These trigger the QA check and break the build. We still have some non-volatile localstate (/var) scenarios, and not seeing a distro feature that controls the QA check, and/or to coordinate the removal of the populated directories, we inhibit the QA check. In a boot with a volatile /var, the directories will be overlayed and no harm will come, in a non-volatile scenario, they'll be visible and no harm will come. Signed-off-by:
-
- 11 Nov, 2021 2 commits
-
-
Ross Burton authored
Signed-off-by:
Ross Burton <ross.burton@arm.com> Signed-off-by:
-
Bruce Ashfield authored
Bumping kubernetes to version v1.22.4-rc.0-26-ga82c1e72259, which comprises the following commits: a1bc265ce68 Fixed unit test SELinux support 9286d722d5e Add shortcut for SELinux detection 8ddc2963808 Don't guess SELinux support on error 24b725f29f1 Use separate pathSpec for local and remote to properly handle cleaning paths 3bf2248bda7 [go1.16] Update to go1.16.10 bd146ab0e1b Automated cherry pick of #105122: added keys for structured logging (#105137) 98ad7ac4ef4 Update debian, debian-iptables, setcap images to pick up CVE-2021-33910 fixes b9236d7cd4a Fixing how EndpointSlice Mirroring handles Service selector transitions 9e778cb6ede Fix race condition in logging when request times out dee25f4db12 Remove nodes with Cluster Autoscaler taint from LB backends. e565102bce7 Support cgroupv2 in node problem detector test 33b5f0f1eaf Update CHANGELOG/CHANGELOG-1.22.md for v1.22.3 39f5a506c81 Release commit for Kubernetes v1.22.4-rc.0 c9203682049 Release commit for Kubernetes v1.22.3 6765a52acd9 Free APF seats for watches handled by an aggregated apiserver. dd8563b0184 Run storage hostpath e2e test client pod as privileged fc580a41252 support more than 100 disk mounts on Windows 176ba1d5236 [go1.16] Update to go1.16.9 cdfd8141855 Clear initial UDP conntrack entries for loadBalancerIPs b30f24e2579 Verifying the auth headers are set for upgraded aggregated API requests 0dfe8e33143 apiserver aggregator upgrade unit test 36a9689ce81 Aggregator uses the regular transport even if the request requires upgrades 5fb05afd9f8 Fix PreferNominatedNode test 410c0413757 Remove Error Message Check Dynamic PV Tests fcb66167905 go fmt 82cd11e646e Add e2e test to verify kubelet restart behaviour 8fa5ff3712c kubelet: set terminated podWorker status for terminated pods bc392586f01 Fix quota controller hotloop in integration tests af46778d58d remove StartedPodsErrorsTotal metrice message 13d852c73dc Copy VolumeSnapshotContent annotations in snapshottable.go test ae10967d23f Fix bugs in e2e pod test 60e425c9009 Ensure terminal pods maintain terminal status c44db53f2c2 Do not sync Waiting statuses for Terminated pods 4ca2cee155c Adds CancelRequest function to CommandHeadersRoundTripper cd94fec74c9 Fixes kubectl command headers which hangs on kubectl run 60ee69c79bb Revert "Build non-static binaries with PIE buildmode" e989925e232 Ignore VMs in vmss delete backend pools 407cc91f95a Fix CSR test to accept certs shorter than the requested duration 6bf5db2e3f7 fix: skip not found nodes when reconciling LB backend address pools 3ceb7b87649 fix: consolidate logs for instance not found error e15dcbe404c Remove a duplicate StorageClass creation call 6763300949a Update Containerd version - GCE Windows a135518af00 e2e scheduling priorities: do not reference control loop variable cc1eb760389 storege e2etest: Delete restored PVC/Pod in snapshottable 614988c6626 pkg/kubelet/cm/memorymanager: Fix ErrorS key/value pair 2f850d636e8 v1.22: Fix test flake in old svc registry 20fa03d60ea 'New' Event namespace validate failed 2ff2780dcc5 kubelet: Handle UID reuse in pod worker a6539a662cd Add test for recreating a static pod 2d9957274a4 Update CHANGELOG/CHANGELOG-1.22.md for v1.22.2 9f314ed137d Release commit for Kubernetes v1.22.3-rc.0 8b5a1914753 Release commit for Kubernetes v1.22.2 4fa7cdfa93c Refine locking in API Priority and Fairness config controller b23fffb83ed kube-controller-manager: properly check generic ephemeral volume feature 38c7182897c Fix null JSON round tripping aeff924339a Propagate conversion errors a69920a9588 integration test b7854d5f1c9 fix 104329: check for headless before trying to release the ClusterIPs d8ead0e1c7b fix detach disk issue on deleting node c948d8cc53b kubelet: fix sandbox creation error suppression when pods are quickly deleted Signed-off-by:
-
- 09 Nov, 2021 2 commits
-
-
Bruce Ashfield authored
5.15 is tested as a kernel now, so we add the .inc to enable fragments. Signed-off-by: -
Bruce Ashfield authored
Switching to lopper 1.0 brings us a more standard setuptools based project for install and packaging. This update also fixes the experimental update to master-next, which was incomplete and broken. The only signficant user visible change with this update is that lopper.py is now 'lopper' and any calling recipes need to be updated accordingly. Signed-off-by:
-
- 08 Nov, 2021 4 commits
-
-
Bruce Ashfield authored
Bumping k3s to version v1.22.3+k3s1, which comprises the following commits: 61a2aab25e Upgrade containerd e1883d0537 Bump klipper-lb image for arm fix 5eb13b6ba6 Fix log/reap reexec 259ceb452c Fix other uses of NewForConfigOrDie in contexts where we could return err cc23fce0a7 Watch the local Node object instead of get/sleep looping 6349aed8e8 Block scheduler startup on untainted node when using embedded CCM db8f54e6af Update to v1.22.3 (#4348) 46eea2f10a Revert "Add ability to reconcile bootstrap data between datastore and disk (#3398)" 9a4ca5978b reset buffer after use (#4279) (#4329) c9f6fa0be0 remove integration test 07f844cf95 Copy old bootstrap buffer data for use during migration (#4215) 48355dce10 Add ability to reconcile bootstrap data between datastore and disk (#3398) 84e9b829e0 Update peer address when running cluster-reset 06b8639068 Bump klipper-helm version f98934980d Added configuration input to etcd-snapshot (#4280) (#4281) 7ede7d2e7c Update to the newest flannel 971854c15b Refactor log and reaper exec to omit MAINPID 3988edef25 Add containerd ready channel to delay etcd node join b65bcdf963 Bump klog fork version 7c78e1c802 [Release-1.22] - Add etcd s3 timeout (#4207) (#4230) c10a0a2163 Fix race condition in cloud provider 6193b1af97 Display cluster tls error only in debug mode (#4200) 737f722315 set transport to skip verify if se skip flag passed (#4102) (#4103) Signed-off-by: -
Richard Neill authored
Adds the following kernel modules for k3s: * xt-physdev * xt-nflog * xt-limit * nfnetlink-log Without them, the k3s network-policy-controller reports failures in the log related to iptables-restore. Signed-off-by:
Richard Neill <richard.neill@arm.com> Signed-off-by:
-
Martin Jansa authored
Signed-off-by:
-
Martin Jansa authored
* remove the incorrect comment about SRCREV being 1.7.0 * and add +git because the old SRCREV wasn't matching with 1.8.0 tag as well * add -Wno-error=format-security to work around build failures with newer ncurses-6.3 like: | ../git/ui/ui.c:45:32: error: format not a string literal and no format arguments [-Werror=format-security] | 45 | mvprintw(LINES - 1, 0, footer); | | ^~~~~~ Signed-off-by:
-
- 07 Nov, 2021 2 commits
-
-
Martin Jansa authored
* fixes: KERNEL_FEATURES:append += is not a recommended operator combination, please replace it. Signed-off-by:
-
Martin Jansa authored
Signed-off-by:
-
- 05 Nov, 2021 1 commit
-
-
Bruce Ashfield authored
Signed-off-by:
-
- 04 Nov, 2021 1 commit
-
-
Bruce Ashfield authored
bitbake is going to start warning about the combination of += and :append, which is rarely correct. We can use use :append and add the space. Signed-off-by:
-
- 03 Nov, 2021 3 commits
-
-
Bruce Ashfield authored
Signed-off-by: -
Bruce Ashfield authored
Signed-off-by: -
Martin Jansa authored
* apply the same also for recipes using PKG_NAME starting with github.com which the conversion script doesn't update automatically Signed-off-by:
-
