containerd 1.6.25

Welcome to the v1.6.25 release of containerd!

The twenty-fifth patch release for containerd 1.6 contains various fixes and updates.

Notable Updates

• Check whether content did not needs to be pushed to remote registry and cross-repo mounted or already existed (#9111)
• Soft deprecate log package (#9105)
• Always try to establish tls connection when tls configured (#9189)
• CRI: stop recommending disable_cgroup (#9169)
• Allow for images with artifacts layers to pull (#9150)
• Require plugins to succeed after registering readiness (#9166)
• Avoid potential deadlock in create handler in containerd-shim-runc-v2 (#9210)
• Add handling for missing basic auth credentials (#9236)
• Add a new image label if it is docker schema 1 (#9267)
• Fix ambiguous tls fallback (#9300)
• Expose usage of deprecated features (#9329)
• Fix shimv1 leak issue (#9345)
• Go version update to 1.20.10(#9264)
• Update runc to v1.1.10 (#9360)
• CRI: fix using the pinned label to pin image (#9382)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Samuel Karp
• Derek McGowan
• Sebastiaan van Stijn
• Phil Estes
• Wei Fu
• Kazuyoshi Kato
• Akhil Mohan
• Akihiro Suda
• Chen Yiyang
• Fabian Hoffmann
• Iceber Gu
• Mike Brown
• Paweł Gronowski
• Austin Vazquez
• Fahed Dorgaa
• James Sturtevant
• Kern Walster
• Marat Radchenko
• Qiutong Song
• Tony Fouchard
• ruiwen-zhao

Changes

82 commits

• [release/1.6] Prepare release notes for v1.6.25 (#9394)
  • 723d26ab2 Prepare release notes for v1.6.25
  • 1f865eba1 update mailmap
• [release/1.6] cri: fix using the pinned label to pin image (#9382)
  • b49815300 cri: fix update of pinned label for images
  • 751b0c186 cri: fix using the pinned label to pin image
• [Release/1.6] vendor: golang.org/x/net v0.17.0 (#9387)
  • fb5568608 vendor: golang.org/x/net v0.17.0
  • 61ad86f6f vendor: golang.org/x/text v0.13.0
  • 4b431c844 vendor: golang.org/x/sys v0.13.0
• [Release/1.6] CVE-2022-1996 fix for go-restful (#9385)
  • 62d402275 Remove CVE-2022-1996 from containerd binary upgrading go-restful to 2.16.0
• [release/1.6] Enhance container image unpack client logs (#9380)
  • 3e68bf65a Enhance container image unpack client logs
• [release/1.6] update github.com/containerd/nri v0.1.1 (#9107)
  • 0dd65c826 [release/1.6] update github.com/containerd/nri v0.1.1
• [release/1.6 backport] update runc binary to v1.1.10 (#9360)
  • c73be2446 update runc binary to v1.1.10
• [release/1.6] Expose usage of cri-api v1alpha2 (#9357)
  • 746bcf2eb Expose usage of cri-api v1alpha2
• [release/1.6] fix: shimv1 leak issue (#9345)
  • 8b51a95fb fix: shimv1 leak issue
• [release/1.6] update to go1.20.10, test go1.21.3 (#9264)
  • 6741f819b [release/1.6] update to go1.20.10, test go1.21.3
  • 49615a0e9 [release/1.6] update to go1.20.9, test go1.21.2
• [release/1.6] cri: add deprecation warnings for mirrors, auths, and configs (#9355)
  • b68204e53 cri: add deprecation warning for configs
  • ae8c58319 cri: add deprecation warning for auths
  • 455edcad2 cri: add deprecation warning for mirrors
  • 878823f4d cri: add ability to emit deprecation warnings
• [release/1.6] deprecation: new package for deprecations (#9329)
  • 477b7d6a1 ctr: new deprecations command
  • 24068b813 dynamic: record deprecation for dynamic plugins
  • 218c7a1df server: add ability to record config deprecations
  • dfb9e1deb pull: record deprecation warning for schema 1
  • 90b42da6f introspection: add support for deprecations
  • 0b6766b37 api/introspection: deprecation warnings in server
  • de3cb4c18 warning: new service for deprecations
  • da1b4419b deprecation: new package for deprecations
• [release/1.6] integration: deflake TestIssue9103 (#9353)
  • bca8a3f65 integration: deflake TestIssue9103
• [release/1.6] ci: Use Vagrant on ubuntu-latest-4-cores (#9332)
  • 0985f7a43 ci: Use Vagrant on ubuntu-latest-4-cores
• [release/1.6] Fix ambiguous tls fallback (#9300)
  • 5dd64301c Check scheme and host of request on push redirect
  • 51df21d09 Avoid TLS fallback when protocol is not ambiguous
• [release/1.6] Add a new image label if it is docker schema 1 (#9267)
  • 8108f0d03 Add a new image label if it is docker schema 1
• [release/1.6 backport] fix protobuf aarch64 (#9284)
  • 5376afb3d fix protobuf aarch64
• [release/1.6] remotes: add handling for missing basic auth credentials (#9236)
  • e529741d3 remotes: add handling for missing basic auth credentials
  • ca45b92f4 Add ErrUnexpectedStatus to resolver
  • 77c0175b4 Improve ErrUnexpectedStatus default string
• [release/1.6] Update x/net to 0.13 (#9130)
  *...

containerd 1.7.9

Welcome to the v1.7.9 release of containerd!

The ninth patch release for containerd 1.7 contains various fixes and updates.

Notable Updates

• update runc binary to v1.1.10:: (#9359)
• vendor: upgrade OpenTelemetry to v1.19.0 / v0.45.0 (#9301)
• Expose usage of cri-api v1alpha2 (#9336)
• integration: deflake TestIssue9103 (#9354)
• fix: shimv1 leak issue (#9344)
• cri: add deprecation warnings for mirrors, auths, and configs (#9327)
• Update hcsshim tag to v0.11.4 (#9326)
• Expose usage of deprecated features (#9315)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Samuel Karp
• Kazuyoshi Kato
• Wei Fu
• Kirtana Ashok
• Derek McGowan
• Milas Bowman
• Sebastiaan van Stijn
• ruiwen-zhao

Changes

28 commits

• [release/1.7] Add release notes for v1.7.9 (#9333)
  • 4b912af52 Add release notes for v1.7.9
• [release/1.7 backport] update runc binary to v1.1.10 (#9359)
  • eff291713 update runc binary to v1.1.10
• [release/1.7] vendor: upgrade OpenTelemetry to v1.19.0 / v0.45.0 (#9301)
  • bd9428ff7 vendor: upgrade OpenTelemetry to v1.19.0 / v0.45.0
• [release/1.7] Expose usage of cri-api v1alpha2 (#9336)
  • d62cba40c Expose usage of cri-api v1alpha2
• [release/1.7] integration: deflake TestIssue9103 (#9354)
  • 5dbc258a8 integration: deflake TestIssue9103
• [release/1.7] fix: shimv1 leak issue (#9344)
  • 449912857 fix: shimv1 leak issue
• [release/1.7] cri: add deprecation warnings for mirrors, auths, and configs (#9327)
  • 152c57e91 cri: add deprecation warning for configs
  • 689a1036d cri: add deprecation warning for auths
  • 8c38975bf cri: add deprecation warning for mirrors
  • 1fbce40c4 cri: add ability to emit deprecation warnings
• [release/1.7] Update hcsshim tag to v0.11.4 (#9326)
  • 73f15bdb6 Update hcsshim tag to v0.11.4
• [release/1.7] Expose usage of deprecated features (#9315)
  • 60d48ffea ctr: new deprecations command
  • 74a06671a plugin: record deprecation for dynamic plugins
  • fa5f3c91a server: add ability to record config deprecations
  • f7880e7f0 pull: record deprecation warning for schema 1
  • 1dd2f2c02 introspection: add support for deprecations
  • aaf000c18 api/introspection: deprecation warnings in server
  • 9b7ceee54 warning: new service for deprecations
  • b708f8bfa deprecation: new package for deprecations

Dependency Changes

• github.com/Microsoft/hcsshim v0.11.1 -> v0.11.4
• github.com/cenkalti/backoff/v4 v4.2.0 -> v4.2.1
• github.com/go-logr/logr v1.2.3 -> v1.2.4
• github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0 -> v2.16.0
• go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.40.0 -> v0.45.0
• go.opentelemetry.io/otel v1.14.0 -> v1.19.0
• go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.14.0 -> v1.19.0
• go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.14.0 -> v1.19.0
• go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.14.0 -> v1.19.0
• go.opentelemetry.io/otel/metric v0.37.0 -> v1.19.0
• go.opentelemetry.io/otel/sdk v1.14.0 -> v1.19.0
• go.opentelemetry.io/otel/trace v1.14.0 -> v1.19.0
• go.opentelemetry.io/proto/otlp v0.19.0 -> v1.0.0

Previous release can be found at v1.7.8

containerd 2.0.0-beta.0

Welcome to the v2.0.0-beta.0 release of containerd!
This is a pre-release of containerd

The first major release of containerd 2.x focuses on the continued stability of
containerd's core feature set with an easy upgrade from containerd 1.x. This
release includes the stabilization of new features added in the last 1.x release
as well as the removal of features which were deprecated in 1.x. The goal is to
support the vast community of containerd users well into the future along with
their ever increasing deployment footprints and variety of use cases.

Highlights

• Don't allow io_uring related syscalls in the RuntimeDefault seccomp profile. (#9320)
• Expose usage of deprecated features (#9258)
• Switch runc shim to task service v3 and fix restore (#9233)
• Add sandboxer configuration and move sandbox controllers to plugins (#8268)
• Use Intel ISA-L's igzip if available (#9200)
• Generalize plugin library (#9214)
• Introduce top level config migration (#9223)
• Add image delete target (#8989)
• Use github.com/containerd/log (#9086)
• Add support for image expiration during garbage collection (#9022)
• Reduce the contention between ref lock and boltdb lock in content store (#8792)
• Remove the CriuPath field from runc's options (#8279)
• Remove support for config.toml version = 1 (#8275)
• Remove "containerd.io/restart.logpath" label (#8264)
• Remove aufs snapshotter (#8263)

Container Runtime Interface (CRI)

• Remove non-sandboxed CRI implementation (#9228)
• Add image verifier transfer service plugin system based on a binary directory (#8493)
• Add support for userns in stateless and stateful pods with idmap mounts (KEP-127, k8s >= 1.27) (#8287)
• Use sandboxed CRI by default (#8994)
• Implement RuntimeConfig CRI call (#8722)
• Add support for user namespaces (KEP-127) (#8803)
• Remove CRI v1alpha2 (#8276)

Runtime

• Remove io.containerd.runtime.v1.linux and io.containerd.runc.v1 (#8262)

Breaking

• Don't allow io_uring related syscalls in the RuntimeDefault seccomp profile. (#9320)
• Move client to subpackage (#9316)
• Remove CRI v1alpha2 (#8276)
• Remove io.containerd.runtime.v1.linux and io.containerd.runc.v1 (#8262)
• Remove "containerd.io/restart.logpath" label (#8264)
• Remove aufs snapshotter (#8263)

Deprecations

• Deprecate go-plugin configuration option (#9238)
• CNI conf_template in CRI is no longer deprecated (#8637)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Derek McGowan
• Akihiro Suda
• Wei Fu
• Phil Estes
• Sebastiaan van Stijn
• Samuel Karp
• Maksym Pavlenko
• Kazuyoshi Kato
• Rodrigo Campos
• Danny Canter
• Gabriel Adrian Samfira
• Iceber Gu
• Jin Dong
• Bjorn Neergaard
• Austin Vazquez
• Mike Brown
• Paul "TBBle" Hampson
• Kirtana Ashok
• Krisztian Litkey
• rongfu.leng
• Abel Feng
• Enrico Weigelt
• Kohei Tokunaga
• James Sturtevant
• Ilya Hanov
• Marat Radchenko
• Akhil Mohan
• Cardy.Tang
• Hsing-Yu (David) Chen
• Justin Chadwell
• Markus Lehtonen
• Nashwan Azhari
• Shingo Omura
• Vinayak Goyal
• helen
• Aditi Sharma
• Brian Goff
• Charity Kathure
• Henry Wang
• Kay Yan
• Laura Brehm
• Artem Khramov
• Brad Davidson
• Bryant Biggs
• Chen Yiyang
• Cory Snider
• Davanum Srinivas
• Ed Bartosh
• Ethan Lowman
• James Jenkins
• Jiang Liu
• Jordan Liggitt
• June Rhodes
• Mahamed Ali
• Michael Crosby
• Paweł Gronowski
• Peteris Rudzusiks
• Sam Edwards
• Samruddhi Khandale
• Steve Griffith
• VERNOU Cédric
• hang.jiang
• jerryzhuang
• Aaron Lehmann
• Aditya Ramani
• Alex Couture-Beil
• Alex Ellis
• Alex Rodriguez
• Alexandru Matei
• Amir M. Ghazanfari
• Antonio Huete Jimenez
• Ben Foster
• Bin Xin
• BinBin He
• Brennan Kinney
• Craig Ingram
• Daisy Rong
• Djordje Lukic
• Edgar Lee
• Eng Zer Jun
• Etienne Champetier
• Evan Lezar
• Fahed Dorgaa
• Gary McDonald
• Jan Dubois
• Jiongchi Yu
• Kern Walster
• Maksim An
• Milas Bowman
• Pan Yibo
• Qasim Sarfraz
• Qiutong Song
• Robbie Buxton
• Robert-André Mauchin
• Shuaiyi Zhang
• Shukui Yang
• Tianon Gravi
• Tony Fang
• Tõnis Tiigi
• Wang Xinwen
• William Chen
• charles-chenzz
• chschumacher1994
• guangli.bao
• ningmingxiao
• pigletfly
• wangxiang
• zhangpeng
• zhaojizhuang
• zounengren
• 沈陵

Dependency Changes

• dario.cat/mergo v1.0.0 new
• github.com/AdaLogics/go-fuzz-headers 1f10f66a31bf -> ced1acdcaa24
• github.com/AdamKorcz/go-118-fuzz-build 5330a85ea652 -> 8075edf89bb0
• github.com/Microsoft/go-winio v0.6.0 -> v0.6.1
• github.com/Microsoft/hcsshim v0.10.0-rc.7 -> v0.12.0-rc.0
• github.com/Microsoft/hcsshim/test 43a75bb4edd3 new
• github.com/cenkalti/backoff/v4 v4.2.0 -> v4.2.1
• github.com/container-orchestrated-devices/container-device-interface v0.5.4 -> v0.6.1
• github.com/containerd/cgroups/v3 v3.0.1 -> v3.0.2
• github.com/containerd/continuity v0.3.0 -> v0.4.2
• github.com/containerd/go-runc v1.0.0 -> v1.1.0
• github.com/containerd/log v0.1.0 new
• github.com/containerd/nri v0.3.0 -> v0.5.0
• github.com/containerd/plugin 7ec69893e1e7 new
• github.com/containerd/ttrpc v1.2.1 -> v1.2.2
• github.com/containerd/typeurl/v2 v2.1.0 -> v2.1.1
• github.com/containernetworking/plugins v1.2.0 -> v1.3.0
• github.com/distribution/reference v0.5.0 new
• github.com/emicklei/go-restful/v3 v3.10.1 -> v3.10.2
• github.com/go-logr/logr v1.2.3 -> v1.2.4
• github.com/golang/protobuf v1.5.2 -> v1.5.3
• github.com/google/uuid v1.3.0 -> v1.3.1
• github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 -> v1.4.0
• github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0 -> v2.16.2
• github.com/klauspost/compress v1.16.0 -> v1.17.2
• github.com/klauspost/cpuid/v2 v2.0.4 -> v2.2.5
• github.com/minio/sha256-simd v1.0.0 -> v1.0.1
• github.com/moby/sys/user v0.1.0 new
• github.com/opencontainers/image-spec 3a7f492d3f1b -> v1.1.0-rc5
• github.com/opencontainers/runtime-spec v1.1.0-rc.1 -> 4fec88fd00a4
• github.com/opencontainers/runtime-tools 946c877fa809 -> 2e043c6bd626
• github.com/pelletier/go-toml/v2 v2.1.0 new
• github.com/prometheus/client_golang v1.14.0 -> v1.16.0
• github.com/prometheus/client_model v0.3.0 -> v0.4.0
• github.com/prometheus/common v0.37.0 -> v0.44.0
• github.com/prometheus/procfs v0.8.0 -> v0.10.1
• github.com/sirupsen/logrus v1.9.0 -> v1.9.3
• github.com/stretchr/testify v1.8.2 -> v1.8.4
• github.com/urfave/cli v1.22.12 -> v1.22.14
• github.com/vishvananda/netns 2eb08e3e575f -> v0.0.4
• golang.org/x/mod v0.7.0 -> v0.12.0
• golang.org/x/net v0.7.0 -> v0.17.0
• golang.org/x/oauth2 ...

containerd 1.7.8

Welcome to the v1.7.8 release of containerd!

The eighth patch release for containerd 1.7 contains various fixes and updates.

Notable Updates

• Fix ambiguous TLS fallback (#9299)
• Update Go to 1.20.10 (#9265)
• Add a new image label on converted schema 1 images (#9252)
• Fix handling for missing basic auth credentials (#9235)
• Fix potential deadlock in create handler for containerd-shim-runc-v2 (#9209)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Sebastiaan van Stijn
• Derek McGowan
• Phil Estes
• Chen Yiyang
• Wei Fu
• Akihiro Suda
• Maksym Pavlenko
• Marat Radchenko
• Milas Bowman
• Qiutong Song
• Samuel Karp

Changes

27 commits

• [release/1.7] Prepare release notes for v1.7.8 (#9278)
  • 48dbdf871 Prepare release notes for v1.7.8
• [release/1.7] Fix ambiguous tls fallback (#9299)
  • 68abc543b Check scheme and host of request on push redirect
  • 35c7634e3 Avoid TLS fallback when protocol is not ambiguous
• [release/1.7] vendor: google.golang.org/grpc v1.58.3 (#9281)
  • f36948cad vendor: gRPC v1.58.3
• [release/1.7 backport] vendor: golang.org/x/net v0.17.0 (#9276)
  • c67a53190 vendor: golang.org/x/net v0.17.0
  • 71f4b36ca vendor: golang.org/x/text v0.13.0
  • a7b3b7090 vendor: golang.org/x/sys v0.13.0
• [release/1.7] vendor: google.golang.org/grpc v1.56.3 (#9248)
  • 26736d6e1 vendor: google.golang.org/grpc v1.56.3
  • 54a69a6e4 vendor: golang.org/x/oauth2 v0.7.0
  • ac15a7f5b vendor: google.golang.org/protobuf v1.30.0
• [release/1.7] update to go1.20.10, test go1.21.3 (#9265)
  • 2479c3321 [release/1.7] update to go1.20.10, test go1.21.3
  • 11f40e9d8 [release/1.7] update to go1.20.9, test go1.21.2
• [release/1.7] Add a new image label if it is docker schema 1 (#9252)
  • cac1bab79 Add a new image label if it is docker schema 1
• [release/1.7] remotes: add handling for missing basic auth credentials (#9235)
  • 6cd2cc4a8 remotes: add handling for missing basic auth credentials
• [release/1.7 backport] containerd-shim-runc-v2: avoid potential deadlock in create handler (#9209)
  • d0a1fedb5 *: add runc-fp as runc wrapper to inject failpoint
  • 04491240a containerd-shim-runc-v2: avoid potential deadlock in create handler
  • 6982a0df5 containerd-shim-runc-v2: remove unnecessary s.getContainer()
  • 0e2320398 Uncopypaste parsing of OCI Bundle spec file

Dependency Changes

• golang.org/x/crypto v0.11.0 -> v0.14.0
• golang.org/x/mod v0.9.0 -> v0.11.0
• golang.org/x/net v0.13.0 -> v0.17.0
• golang.org/x/oauth2 v0.4.0 -> v0.10.0
• golang.org/x/sync v0.1.0 -> v0.3.0
• golang.org/x/sys v0.10.0 -> v0.13.0
• golang.org/x/term v0.10.0 -> v0.13.0
• golang.org/x/text v0.11.0 -> v0.13.0
• golang.org/x/tools v0.7.0 -> v0.10.0
• google.golang.org/genproto 7f2fa6fef1f4 -> 782d3b101e98
• google.golang.org/genproto/googleapis/api 782d3b101e98 new
• google.golang.org/genproto/googleapis/rpc 782d3b101e98 new
• google.golang.org/grpc v1.53.0 -> v1.58.3
• google.golang.org/protobuf v1.29.1 -> v1.31.0

Previous release can be found at v1.7.7

containerd 1.7.7

Welcome to the v1.7.7 release of containerd!

The seventh patch release for containerd 1.7 contains various fixes and updates.

Notable Updates

• Require plugins to succeed after registering readiness (#9165)
• Handle unexpected shim kill events (#9132)
• Build binaries with Go 1.21.1 (#9167)
• cri: Stop recommending disable_cgroup (#9168)
• remotes/docker: Fix MountedFrom prefixed with target repository (#9193)
• remotes: always try to establish tls connection when tls configured (#9188)
• NRI: Add support for rlimits (#48)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Derek McGowan
• Samuel Karp
• Krisztian Litkey
• Wei Fu
• Phil Estes
• Sebastiaan van Stijn
• Iceber Gu
• Mike Brown
• Akihiro Suda
• Paweł Gronowski
• Steve Griffith
• Aditya Ramani
• Austin Vazquez
• Danny Canter
• James Sturtevant
• Kern Walster
• ZP-AlwaysWin

Changes

31 commits

• [release/1.7] Prepare release notes for v1.7.7 (#9194)
  • a34fa5681 Prepare release notes for v1.7.7
• [release/1.7] Allow for images with artifacts to pull (#9149)
  • 6ca0aebf0 Allow for images with artifacts to pull
• [release 1.7] remotes/docker: Fix MountedFrom prefixed with target repository (#9193)
  • 7df492a95 remotes/docker: Fix MountedFrom prefixed with target repository
• [release/1.7] Update x/net to 0.13 (#9134)
  • b3db314a5 Bump x/net to 0.13
• [release/1.7] remotes: always try to establish tls connection when tls configured (#9188)
  • 7779ce64e remotes: always try to establish tls connection when tls configured
• [release/1.7] cri: stop recommending disable_cgroup (#9168)
  • 6013b5e03 cri: stop recommending disable_cgroup
• [release/1.7] Require plugins to succeed after registering readiness (#9165)
  • a83c66813 Require plugins to succeed after registering readiness
  • 171d76849 cri: call RegisterReadiness after NewCRIService
• [release/1.7] Handle unexpected shim kill events (#9132)
  • 3d27bc738 Handle unexpected shim kill events
• [release/1.7] Build binaries with 1.21.1 (#9167)
  • 4ffa3ed29 Build binaries with 1.21.1
• [release/1.7] vendor: github.com/Microsoft/hcsshim v0.11.1 (#9127)
  • 5756f6064 [release/1.7] vendor: github.com/Microsoft/hcsshim v0.11.1
• [release/1.7 backport] alias log package to github.com/containerd/log v0.1.0 (#9106)
  • 09633b539 deprecate logs package, but disable linter (for transitioning)
  • cb201519f alias log package to github.com/containerd/log v0.1.0
  • a5024e6dd vendor: github.com/stretchr/testify v1.8.4
  • 7bd976af3 vendor: github.com/sirupsen/logrus v1.9.3
• [release/1.7] remotes/docker: Add MountedFrom and Exists push status (#9097)
  • 8cd2d33c2 [release/1.7] remotes/docker: Add MountedFrom and Exists push status
• [release/1.7] vendor: update github.com/containerd/nri@v0.4.0 (#9099)
  • 3ca015e55 nri: update mock plugin handlers
  • 4cd208c1f vendor: update github.com/containerd/nri@v0.4.0

Changes from containerd/log

9 commits

• Update golangci to 1.49 (#1)
  • 89c9a54 Update golangci to 1.49
  • cf26711 Update description in README
  • f9f250c Add project details
  • fb7fe3d Add github CI flow
  • 7e13034 Add go module
  • 16a3c76 Rename log import from logtest
  • 698c398 Add README
  • 87c83c4 Add license file

Changes from containerd/nri

35 commits

• releases: update note about 0.4.0 (#50)
  • 5f13915 releases: update note about 0.4.0
• Add support for rlimits (#48)
  • 5ecea04 ulimit-adjuster: add validation for hard limits
  • db3de10 test: exclude ulimit-adjuster from ginkgo
  • f0deb59 ulimit-adjuster: new sample plugin
  • d2dd708 Add support for rlimits
  • efaf36e api: add POSIXRlimit type
• .github: add test build to CI workflow. (#47)
  • 3f092c2 .github: add test build to CI workflow.
• stub: pass context to plugins, pass updated resources to UpdateContainers. (#40)
  • 01d5f14 Add a note about NRI API stability and release notes.
  • ea9976d adaptation: add UpdateContainer tests.
  • d042d24 stub: fix plugin UpdateContainerInterface.
  • f5d0f51 plugins: update plugins for stub changes.
  • b4bd301 adaptation: update tests with stub changes.
  • 9d86150 stub: pass context to plugin event handlers.
• Updated the OCI Hook Injector README to resovle broken links to the p… (#34)
  • 5eee915 removed link
  • c783fc7 Resolves broken podman links and adds details to help better guide people in testing.
• Fix ParseEventMask to produce proper masks for 'pod' and 'container' shorthand event notations. (#39)
  • da291a6 Fix ParseEventMask to produce proper masks
• fix the NRI_PLUGIN_NAME env value when launching a pre...

containerd 1.6.24

Welcome to the v1.6.24 release of containerd!

The twenty-fourth patch release for containerd 1.6 contains various fixes and updates.

Notable Updates

• CRI: fix leaked shim caused by high IO pressure (#9004)
• Update to go1.20.8 (#9073)
• Update runc to v1.1.9 (#8966)
• Backport: add configurable mount options to overlay snapshotter (#8961)
• log: cleanups and improvements to decouple more from logrus (#9002)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Sebastiaan van Stijn
• Akihiro Suda
• Wei Fu
• Derek McGowan
• Akhil Mohan
• Cardy.Tang
• Danny Canter
• Kazuyoshi Kato
• Mike Brown
• Phil Estes
• Samuel Karp

Changes

45 commits

• [release/1.6] Prepare release notes for v1.6.24 (#9087)
  • cdd59290d Prepare release notes for v1.6.24
• [release/1.6 backport] log: cleanups and improvements to decouple more from logrus (#9002)
  • 33c2d88e7 Revert "log: define G() as a function instead of a variable"
  • 0a7f2975e log: swap logrus functions with their equivalent on default logger
  • 9d175a19b log: add package documentation and summary of package's purpose
  • 96fb65529 log: make Fields type a generic map[string]any
  • bace17e2e log: add log.Entry type
  • dd127885f log: define OutputFormat type
  • 5b4cf2329 log: define G() as a function instead of a variable
  • ee1b4a1e2 log: add all log-levels that are accepted
  • d563a411f log: group "enum" consts and touch-up docs
  • 6e8f4555b log: WithLogger: remove redundant intermediate var
  • c19325559 log: SetFormat: include returns in switch
  • c3c22f8cb log: remove gotest.tools dependency
• [release/1.6] update to go1.20.8 (#9073)
  • a2c294800 [release/1.6] update to go1.20.8
• [release/1.6 backport] make repositories of install dependencies configurable (#9024)
  • 0da8dcaa7 make repositories of install dependencies configurable
• [release/1.6 backport] update Golang to go1.20.7, minimum version go1.19 (#9020)
  • 8e6a9de5b update to go1.20.7, go1.19.12
  • 8b2eb371f Update Go to 1.20.6,1.19.11
  • cff669c7a update go to go1.20.5, go1.19.10
  • f34a22de9 update go to go1.20.4, go1.19.9
  • e8e73065e update go to go1.20.3, go1.19.8
  • 9b3f950d6 Go 1.20.2
  • 17d03ac68 Go 1.20.1
  • 861f65447 go.mod: go 1.19
  • 81fa93784 Stop using math/rand.Read and rand.Seed (deprecated in Go 1.20)
  • 70dc11a6c lint: remove //nolint:dupword that are no longer needed
  • fec784a06 lint: silence "SA1019: tar.TypeRegA has been deprecated... (staticheck)"
  • 6648df1ad lint: silence "type HostFileConfig is unused (unused)"
  • e6b268bc7 golangci-lint v1.51.1
  • c552ccf67 go.mod: golang.org/x/sync v0.1.0
• [releases/1.6] *: fix leaked shim caused by high IO pressure (#9004)
  • d00af5c3e integration: issue7496 case should work for runc.v2 only
  • 583696e4e Vagrantfile: add strace tool
  • ab21d60d2 pkg/cri/server: add criService as argument when handle exit event
  • a229883cb pkg/cri/server: fix leaked shim issue
  • d8f824200 integration: add case to reproduce #7496
• [release/1.6] Cherry-pick: [overlay] add configurable mount options to overlay snapshotter (#8961)
  • 8cd40e1d0 Add configurable mount options to overlay
  • 453fa397a feat: make overlay sync removal configurable
• [release/1.6 backport] update runc binary to v1.1.9 (#8966)
  • 4cb7764df update runc binary to v1.1.9

Dependency Changes

• golang.org/x/sync 036812b2e83c -> v0.1.0

Previous release can be found at v1.6.23

containerd 1.7.6

Welcome to the v1.7.6 release of containerd!

The sixth patch release for containerd 1.7 contains various fixes and updates.

Notable Updates

• Fix log package for clients overwriting the global logger (#9032)
• Fix blockfile snapshotter copy on Darwin (#9047)
• Add support for Linux usernames on non-Linux platforms (#9015)
• Update Windows platform matcher to invoke stable ABI compability function (#9069)
• Update Golang to 1.20.8 (#9074)
• Update push to inherit distribution sources from parent (#9084)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Derek McGowan
• Kirtana Ashok
• Phil Estes
• Akihiro Suda
• Danny Canter
• Sebastiaan van Stijn
• Akhil Mohan
• Maksym Pavlenko
• Samuel Karp
• Wei Fu

Changes

20 commits

• [release/1.7] Prepare release notes for 1.7.6 (#9085)
  • 3e09c65b2 Prepare release notes for v1.7.6
• [release/1.7] Invoke Stable ABI compatibility function in windows platform matcher (#9069)
  • c7a35ccdc Fix transfer service dependencies:
  • 38d4e506d Invoke Stable ABI compatibility function in windows platform matcher
• [release/1.7] push: inherit distribution sources from parent (#9084)
  • 5ebf05d97 push: inherit distribution sources from parent
  • d206896dd content: add InfoProvider interface
• [release/1.7] update to go1.20.8 (#9074)
  • 423693d7b [release/1.7] update to go1.20.8
• [release/1.7] Update hcsshim tag to v0.11.0 (#9063)
  • ddffc7c9a Update hcsshim tag to v0.11.0
• [release/1.7] CRI: Support Linux usernames for !linux platforms (#9015)
  • b449440a4 CRI: Support Linux usernames for !linux platforms
• [release/1.7] Blockfile: Enlighten blockfile copy on Darwin (#9047)
  • ed4bac11e Blockfile: Enlighten blockfile copy on Darwin
• [release/1.7 backport] Revert "log: define G() as a function instead of a variable" (#9032)
  • 4d1cfbbdd Revert "log: define G() as a function instead of a variable"
• [release/1.7 backport] make repositories of install dependencies configurable (#9025)
  • a34e93241 make repositories of install dependencies configurable

Dependency Changes

• github.com/Microsoft/hcsshim v0.10.0-rc.8 -> v0.11.0

Previous release can be found at v1.7.5

containerd 1.7.5

Welcome to the v1.7.5 release of containerd!

The fifth patch release for containerd 1.7 fixes a versioning issue from
the previous release and includes some internal logging API changes.

See the changelog for complete list of changes

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Sebastiaan van Stijn
• Derek McGowan
• Akihiro Suda
• Antonio Huete Jimenez
• Phil Estes
• Samuel Karp

Changes

18 commits

• [release/1.7] Prepare release notes for 1.7.5 (#9010)
  • 93b23eb10 Prepare release notes for v1.7.5
  • fb1292c8d Bump version to v1.7.4
• [release/1.7 backport] go.mod: github.com/containerd/continuity v0.4.2 (#9012)
  • 503ab21bf go.mod: github.com/containerd/continuity v0.4.2
• [release/1.7 backport] log: cleanups and improvements to decouple more from logrus (#9001)
  • 2a9ae3c51 log: swap logrus functions with their equivalent on default logger
  • 01445bb73 log: add package documentation and summary of package's purpose
  • 932795f45 log: make Fields type a generic map[string]any
  • 707ca94d8 log: add log.Entry type
  • 0a79e67e4 log: define OutputFormat type
  • dbbe28b7d log: define G() as a function instead of a variable
  • 93b6cb784 log: add all log-levels that are accepted
  • e8e086e02 log: group "enum" consts and touch-up docs
  • 7aa4f8fdc log: WithLogger: remove redundant intermediate var
  • bfdce4ce4 log: SetFormat: include returns in switch
  • 6621e0888 log: remove testify dependency
  • df76aaede removes/docker: remove unnecessary conversion (unconvert)

Changes from containerd/continuity

2 commits

• Add initial DragonFly BSD support (#230)
  • bcc6e25 dragonfly: Initial porting work

Dependency Changes

• github.com/containerd/continuity 1e0d26eb2381 -> v0.4.2

Previous release can be found at v1.7.4

containerd 1.7.4

Welcome to the v1.7.4 release of containerd!

The fourth patch release for containerd 1.7 contains remote differ plugin support,
a new block file based snapshotter, and various fixes and updates.

Notable Updates

• Add blockfile snapshotter (#8986)
• Add remote/proxy differ (#8985)
• Update runc binary to v1.1.9 (#8965)
• Cri: Don't use rel path for image volumes (#8926)
• Allow attaching to any combination of stdin/out/err (#8910)
• Fix ro mount option being passed (#8887)
• Fix leaked shim caused by high IO pressure (#9003)
• Add configurable mount options to overlay snapshotter (#9005)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Wei Fu
• Derek McGowan
• Akihiro Suda
• Kazuyoshi Kato
• Cardy.Tang
• Phil Estes
• Ben Foster
• Danny Canter
• Hsing-Yu (David) Chen
• James Jenkins
• James Sturtevant
• Maksym Pavlenko
• Rodrigo Campos
• Sebastiaan van Stijn
• rongfu.leng

Changes

43 commits

• [release/1.7] Prepare release notes for v1.7.4 (#9000)
  • 7a0cae3ca [release/1.7] Prepare release notes for v1.7.4
• [releases/1.7] *: fix leaked shim caused by high IO pressure (#9003)
  • 537d7526e integration: issue7496 case should work for runc.v2 only
  • 5add172be Vagrantfile: add strace tool
  • 207e28f36 integration: add ShouldRetryShutdown case based on #7496
  • b4f480fb3 pkg/cri/sbserver: fix leaked shim issue for podsandbox mode
  • 88ff575c5 pkg/cri/server: fix leaked shim issue
  • 9f61dfb7c integration: add case to reproduce #7496
• [release/1.7] Cherry-pick: [overlay] add configurable mount options to overlay snapshotter (#9005)
  • 0f4885c16 Add configurable mount options to overlay
  • 8804a27d7 feat: make overlay sync removal configurable
• [release/1.7] Remove temporary replace (#8997)
  • 1c2dd5198 Remove temporary replace
• [release/1.7] Add blockfile snapshotter (#8986)
  • 2bf6bd143 vendor: update github.com/containerd/continuity
  • 30a163086 snapshots|pkg: umount without DETACH and nosync after umount
  • c9eebe3d1 mount: support direct-io for loopback device
  • 1c2977db0 Modify loopback size
  • cf9c78d2d snapshots/blockfile: fix lint issue
  • b823b4f54 snapshots/blockfile: deflaky the testsuite
  • 6daeceb11 snapshots/blockfile: use passed in dst in scratchGenerator
  • 99b61aee3 snapshots/blockfile: use loop if options is empty
  • fd39769ac Add mount options to blockfile snapshotter
  • 8d732c6c2 Add sync before unmount on snapshotter layer test
  • 8472a407e Add blockfile snapshotter to snapshotters doc
  • 6740d77ca Add blockfile as a builtin
  • 07cc24b32 Add blockfile snapshotter
• [release/1.7] Backport remote/proxy differ (#8985)
  • 32e3b76ee Add diffservice to contrib
  • 661e505c8 Add proxy differ
• [release/1.7 backport] update runc binary to v1.1.9 (#8965)
  • af79c07fd update runc binary to v1.1.9
• [release/1.7] Port fix for Linux Integration test failure (#8950)
  • c0b1c8f74 fix ci Linux Integration test fail
• [release/1.7] cri: Don't use rel path for image volumes (#8926)
  • 4e97a115f cri: Don't use rel path for image volumes
• [release/1.7] fix: allow attaching to any combination of stdin/stdout/stderr (#8910)
  • 34a5d0330 fix: allow attaching to any combination of stdin/stdout/stderr
• [release/1.7 backport] update to go1.20.7, go1.19.12 (#8906)
  • c5e7b84c0 update to go1.20.7, go1.19.12
• [release/1.7] cherry-pick: Fix ro mount option being passed (#8887)
  • 2eaeb3205 Fix ro mount option being passed

Changes from containerd/continuity

4 commits

• fs: use io.Copy because go supports CopyFileRange (#227)
  • 4b8bec5 fs: use io.Copy because go supports CopyFileRange
• fs/fstest: CreateFile should use sync (#228)
  • 3fa7d7a fs/fstest: CreateFile should use sync

Dependency Changes

• github.com/AdaLogics/go-fuzz-headers 1f10f66a31bf -> ced1acdcaa24
• github.com/AdamKorcz/go-118-fuzz-build 5330a85ea652 -> 8075edf89bb0
• github.com/containerd/continuity v0.4.1 -> 1e0d26eb2381

Previous release can be found at v1.7.3

containerd 1.6.23

Welcome to the v1.6.23 release of containerd!

The twenty-third patch release for containerd 1.6 contains various fixes and updates.

Notable Updates

• **Add stable ABI support in windows platform matcher + update hcsshim tag (#8854)
• **cri: Don't use rel path for image volumes (#8927)
• **Upgrade GitHub actions packages in release workflow (#8908)
• **update to go1.19.12 (#8905)
• **backport: ro option for userxattr mount check + cherry-pick: Fix ro mount option being passed (#8888)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Kirtana Ashok
• Maksym Pavlenko
• Austin Vazquez
• Ben Foster
• Derek McGowan
• Mike Brown
• Phil Estes
• Rodrigo Campos
• Sebastiaan van Stijn
• Wei Fu

Changes

13 commits

• [release/1.6] Add release notes for v1.6.23 (#8939)
  • e297a668f Add release notes for v1.6.23
• [release/1.6] Add stable ABI support in windows platform matcher + update hcsshim tag (#8854)
  • f51bf1960 Add support for stable ABI windows versions
  • 43a02c0b2 Update hcsshim tag to v0.9.10
• [release/1.6] cri: Don't use rel path for image volumes (#8927)
• cc5b0a21b cri: Don't use rel path for image volumes
• [release/1.6 backport] Upgrade GitHub actions packages in release workflow (#8908)
  • 4238cff1c Upgrade GitHub actions packages in release workflow
• [release/1.6] update to go1.19.12 (#8905)
  • 00d1092b7 update to go1.19.12
• [release/1.6] backport: ro option for userxattr mount check + cherry-pick: Fix ro mount option being passed (#8888)
  • 47d73b2de Fix ro mount option being passed

Dependency Changes

• github.com/Microsoft/hcsshim v0.9.8 -> v0.9.10

Previous release can be found at v1.6.22