[pull] main from containerd:main #56
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
fix: ci TestContainerListStatsWithIdSandboxIdFilter
Update Darwin defaults to useable values
Signed-off-by: Gao Xiang <hsiangkao@linux.alibaba.com>
update EROFS snapshotter documentation
[Carry #1] fix goroutine leak of container Attach
Fix directory permissions
Signed-off-by: Derek McGowan <derek@mcg.dev>
Signed-off-by: Derek McGowan <derek@mcg.dev>
Signed-off-by: Derek McGowan <derek@mcg.dev>
Signed-off-by: Derek McGowan <derek@mcg.dev>
Signed-off-by: Derek McGowan <derek@mcg.dev>
Prepare release notes for v2.2.0
Add nil checks for Memory.Limit, Memory.Reservation, and Memory.Swap before dereferencing them in extractContainerSpecMetrics. These fields are optional pointers in OCI runtime spec and can be nil when not set. - Memory.Limit: Set from Pod resources.limits.memory - Memory.Reservation: Only set via NRI plugins (rarely used) - Memory.Swap: Set from memory_swap_limit_in_bytes (optional) This prevents potential panic when collecting metrics from containers that don't have all memory limits configured, and makes the code consistent with CPU resource handling and helpers.go. Signed-off-by: You Binhao <ymichaelson.0713@gmail.com>
Fix nil pointer dereference in container spec memory metrics
Bumps [github.com/containerd/imgcrypt/v2](https://github.com/containerd/imgcrypt) from 2.0.1 to 2.0.2. - [Release notes](https://github.com/containerd/imgcrypt/releases) - [Changelog](https://github.com/containerd/imgcrypt/blob/main/CHANGES) - [Commits](containerd/imgcrypt@v2.0.1...v2.0.2) --- updated-dependencies: - dependency-name: github.com/containerd/imgcrypt/v2 dependency-version: 2.0.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 8.0.0 to 9.0.0. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@4afd733...0a35821) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Phil Estes <estesp@amazon.com>
As the same instance of a map is used in context and mutated directly, this leads to a situation where: - Calling WithMediaTypeKeyPrefix from parallel goroutines where the context was based on the same base context can trigger a panic. - A subcontext calling WithMediaTypeKeyPrefix changes the value for another context when they both originate from the same base context. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
remotes: fix possible panic from WithMediaTypeKeyPrefix
Update RELEASES.md to set 2.0 to EOL
…olangci/golangci-lint-action-9.0.0 build(deps): bump golangci/golangci-lint-action from 8.0.0 to 9.0.0
…b.com/containerd/imgcrypt/v2-2.0.2 build(deps): bump github.com/containerd/imgcrypt/v2 from 2.0.1 to 2.0.2
Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.0 to 5.0.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@08c6903...93cb6ef) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.2 to 4.31.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@0499de3...014f16e) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.76.0 to 1.77.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.76.0...v1.77.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-version: 1.77.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Samuel Karp <samuelkarp@google.com>
This reverts commit 4bf1705. This caused issues for downstream clients who were wrapping the type contingent on it implementing io.ReaderAt. Consequently this is causing headaches due to increased round trips with the remote. Meanwhile I only added this as a convenience for implementing content.Provider in the remote which can done even without the original change, just... less conveniently. In hindsight, this was just a bad change as it has a rather wide impact and the actual implementation isn't an optimized ReaderAt. Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Use the Linux default rather than the block size from the local macOS system. The local macOS block size is not relevant as the erofs file will not be mounted directly on macOS. Signed-off-by: Derek McGowan <derek@mcg.dev>
Signed-off-by: Samuel Karp <samuelkarp@google.com>
Non-Linux hosts are not expected to be able to directly mount erofs snapshotters on the host system. Non-Linux hosts should use block mode by default with a reasonably set default block size. Signed-off-by: Derek McGowan <derek@mcg.dev>
Migrate from protobuild to buf
Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
This line was missed in the PR to switch to `buf` Signed-off-by: Phil Estes <estesp@amazon.com>
cri,nri: pass linux sysctl to plugins.
cri,nri: pass injected CDI devices to plugins.
Remove protoc dependency from BUILDING.md
Pass more complete container status information to NRI, including exit code, and timestamps for container creation, start, and exit events. Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
…extra-status cri,nri: pass extended container status to NRI.
Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
…store container Signed-off-by: ningmingxiao <ning.mingxiao@zte.com.cn>
cri: fix checkpoint failed with short id
cri,nri: pass any POSIX rlimits to plugins.
Currently, fs-verity support detection fails on fresh containerd installations because the content store root directory (io.containerd.content.v1.content) doesn't exist yet. This directory is only created when pulling images, causing checker to always be false on new hosts. The IsSupported() function attempts to create a temporary directory within rootPath to test fs-verity support, but fails when rootPath doesn't exist, returning an error that is silently ignored. Fix this by ensuring the root directory exists before performing the fs-verity support check in NewLabeledStore(). Signed-off-by: ningmingxiao <ning.mingxiao@zte.com.cn>
Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
…licy cri,nri: pass seccomp policy to plugins.
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Bumps the golang-x group with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/sys](https://github.com/golang/sys). Updates `golang.org/x/mod` from 0.31.0 to 0.32.0 - [Commits](golang/mod@v0.31.0...v0.32.0) Updates `golang.org/x/sys` from 0.39.0 to 0.40.0 - [Commits](golang/sys@v0.39.0...v0.40.0) --- updated-dependencies: - dependency-name: golang.org/x/mod dependency-version: 0.32.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x - dependency-name: golang.org/x/sys dependency-version: 0.40.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.9 to 4.31.10. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@5d4e8d1...cdefb33) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.10 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: ningmingxiao <ning.mingxiao@zte.com.cn>
…ithub/codeql-action-4.31.10 build(deps): bump github/codeql-action from 4.31.9 to 4.31.10
…g-x-c601d64063 build(deps): bump the golang-x group with 2 updates
Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
Detect breaking API changes in proto files
cri: fix create container panic if originalAnnotations is nil
…user cri,nri: pass container user (uid, gids) to plugins.
snapshotservice: add WithParent handling for Commit + tests
content: ensure root directory exists before checking fs-verity support
Signed-off-by: Paulo Oliveira <paulo.hco47@gmail.com>
command: show help and exit on unknown positional arguments
…olution fix(oci): handle absolute symlinks in rootfs user lookup
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )