Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Update hcsshim v0.8.7 and containerd v1.3.2 #86975
What type of PR is this?
Need reviews for/from:
Which issue(s) this PR fixes:
Special notes for your reviewer:
Does this PR introduce a user-facing change?:
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:
@dims @dashpole since the last time we updated cadvisor, it added a go.mod file, which exposes all its transitive dependency version opinions, whether we make use of them or not. That means that all the container runtime (containerd, crio, docker, libcontainer, mesos, systemd) and storage integrations (bigquery, elasticsearch, influxdb, kafka, redis, statsd) that cadvisor has affect our dependency tree, even if we don't actually vendor the code in and link to it.
Unless there is an urgent reason to pull this in (e.g. fixing critical bugs), I'd like to see if we can isolate the cadvisor dependencies needed for the cadvisor cmd so downstream projects don't have to pull in the world like this. I'm experimenting with an approach locally in the cadvisor component and can sync up with you and @dashpole on it.
It looks like github.com/Microsoftemail@example.com also has a declared dependency on firstname.lastname@example.org, which is problematic
That is depending on cri-api, which is published to a staging module now. https://github.com/liggitt/hcsshim/commits/bump-k8s easily updates hcsshim to use the staging module, but that would mean we could not depend on that version of hcsshim (we do not allow k8s.io/kubernetes -> vendor -> staging cycles). The only way I see to unblock that is for k8s.io/cri-api to graduate from staging and be a standalone repo.