Welcome to the v1.6.0-rc.2 release of containerd!
The seventh major release of containerd includes many improvements and added
support to increase overall compatibility and stability.
Highlights
Runtime
- Add runtime label to metrics (#5744)
- Cleanup task delete logic in v2 shim (#5813)
- Add support for shim plugins (#5817)
- Handle sigint and sigterm in shimv2 (#5828)
- Decouple shim and task manager (#5918)
- Add runc shim support for core scheduling (#6011)
- Update shim client connect attempt to fail fast when shim errors (#6031)
- Add support for absolute path to shim binaries (#6206)
- Update runc to v1.1.0 (#6375)
Windows
- Add support for Windows HostProcess containers (#5131)
- Add support for Windows resource limits (#5778)
CRI
- Add CNI configuration based on runtime class (#4695)
- Add support for Intel RDT (#5439)
- Add support for CRI v1 and v1alpha in parallel (#5619)
- Add support for unified resources field for cgroups v2 (#5627)
- Add IP preference configuration for reporting pod IP (#5964)
- Implement new CRI pod sandbox stats API (#6113)
- Add sandbox and container latency metrics (#6111)
- Add namespace to ttrpc and grpc plugin connections (#6130)
- Add option to allow ping sockets and privileged ports with no capabilities (#6170)
- Add support for configuring swap (#6320)
Other
- Add support for client TLS Auth for grpc (#5606)
- Add xfs support for devicemapper snapshotter (#5610)
- Add metric exposing build version and revision (#5965)
- Add support for custom fs options in devmapper snapshotter (#6122)
- Update introspection service to show GRPC plugins (#6432)
Client
- Allow WithServices to use custom implementations (#5709)
- Support custom compressor for walking differ (#5735)
See the changelog for complete list of changes
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Derek McGowan
- Phil Estes
- Akihiro Suda
- Wei Fu
- Maksym Pavlenko
- Sebastiaan van Stijn
- Michael Crosby
- Kazuyoshi Kato
- Mike Brown
- Claudiu Belu
- Daniel Canter
- haoyun
- Brian Goff
- Gabriel Adrian Samfira
- Stefan Berger
- zounengren
- AdamKorcz
- Adelina Tuvenie
- Kohei Tokunaga
- Davanum Srinivas
- Nashwan Azhari
- Samuel Karp
- Shiming Zhang
- Enrico Weigelt, metux IT consult
- Markus Lehtonen
- Alakesh Haloi
- Hajime Tazaki
- Iceber Gu
- Kevin Parsons
- Aditi Sharma
- David Porter
- Gijs Peskens
- Jeremi Piotrowski
- ningmingxiao
- Brandon Lum
- Cody Roseborough
- Danielle Lancashire
- Jacob MacElroy
- Tõnis Tiigi
- dependabot[bot]
- wanglei
- Alexandre Peixoto Ferreira
- Fabiano Fidêncio
- Furkan Türkal
- Jiaming Xu
- Kir Kolyshkin
- Miao Wang
- Neil Johnson
- Paul "TBBle" Hampson
- Priyanka Saggu
- Romain Aviolat
- Samuel Ortiz
- Sunghoon Kang
- Takumasa Sakao
- Tobias Klauser
- Zhiyu Li
- ye.sijun
- Alexander Minbaev
- Alexey Ivanov
- Artem Khramov
- Aurelien Lun-Sin
- Ben Hutchings
- Cory Bennett
- Da McGrady
- Dan Williams
- Eng Zer Jun
- Eric Ernst
- Ethan Chen
- Fupan Li
- Gaurav Gahlot
- Gunju Kim
- Jacob Blain Christen
- James Sturtevant
- Jan Klippel
- Jayme Howard
- Jiajun Jiang
- Jintao Zhang
- Justin Terry
- Kaijie Chen
- Kante
- Kern Walster
- Kitt Hsu
- Lantao Liu
- Ma Xinjian
- Manabu Sugimoto
- Manuel Alejandro de Brito Fontes
- Mark Rossetti
- Markus Lippert
- Mikko Ylinen
- Ng Yang
- Nicolas Chariglione
- Ning Li
- Olli Janatuinen
- Peri Thompson
- Quan Tian
- Radostin Stoyanov
- Rui Lopes
- Sambhav Kothari
- Sebastian Hasler
- Sergey Kanzhelev
- Sören Tempel
- Yang Yang
- Yifan Yuan
- Zilong Wang
- Zufar Dhiyaulhaq
- botieking98
- chenxiaoyu
- jayonlau
- jerryzhuang
- linrunlong
- scuzhanglei
- wangzhan
- Étienne Guesnet
Changes
1022 commits
- Prepare 1.6.0-rc.2 (#6502)
- Prepare release notes for v1.6.0-rc.2
- Update releases document
- platforms.Normalize(): do not reset OSVersion and OSFeatures (#6497)
- platforms.Normalize(): do not reset OSVersion and OSFeatures
- tracing: use OTLP/HTTP in addition to OTLP/gRPC (#6457)
- tracing: return (ctx, span) from StartSpan
- tracing: support OTLP/HTTP in addition to gRPC
- Update cgroups to v1.0.3 (#6498)
- Update cgroups to v1.0.3
- seccomp: kernel 5.11 -> 5.16 (#6494)
- seccomp: kernel 5.16 (futex_waitv)
- seccomp: kernel 5.15 (process_mrelease)
- seccomp: kernel 5.14 (quotactl_fd, memfd_secret)
- seccomp: kernel 5.13 (landlock_{add_rule,create_ruleset,restrict_self})
- seccomp: kernel 5.12 (mount_setattr)
- remotes: fix dockerPusher to handle abort correctly (#6243)
- remotes: fix dockerPusher to handle abort correctly
- seccomp: add support for "swapcontext" syscall in default policy (#6411)
- seccomp: add support for "swapcontext" syscall in default policy
- oci: use readonly mount to read user/group info (#6478)
- oci: use readonly mount to read user/group info
- Fix possibly incorrect media type default on import (#6475)
- Fix possibly incorrect media type default on import
- shimv2: handle sigint/sigterm (#5828)
- shimv2: handle sigint/sigterm
- Fix acr fetch token 400 (#6481)
- fix acr fetch token 400
- platforms: add support for matching amd64 variants (#6455)
- platforms: add support for matching amd64 variants
- Fix windows periodic workflow (#6476)
- Fix windows periodic workflow
- docs: add doc-comments on GC-related methods (#6473)
- docs: add doc-comments on GC-related methods
- fix: should not send 137 code event if cmd is notfound (#6465)
- fix: should not send 137 code event if cmd is notfound
- Fix empty scopes return (#6463)
- fix empty scopes return
- Prepare release notes for v1.6.0-rc.1 (#6462)
- Prepare release notes for v1.6.0-rc.1
- Add support for skipping non-dist blob push (#6424)
- ctr: flag to toggle non-distributable blob push
- Add image handler to skip non-distributable blobs.
- Compile binaries for go1.16 and go1.17 in CI (#6461)
- Compile binaries for go1.16 and go1.17 in CI
- services/introspection: fix plugin caching to show grpc plugins (#6432)
- Update caching logic to avoid map access
- services/introspection: support to show introspection grpc service
- Integration: Change to Windows Server 2022 build number constant (#6458)
- Integration: Change to Windows Server 2022 build number constant
- Update kubernetes vendor to 0.22.5 (#6460)
- Update kubernetes vendor to 0.22.5
- Fix rdt build tags for go 1.16 (#6459)
- Fix rdt build tags for go 1.16
- Remove submodule go mod (#6439)
- Remove api go submodule
- Update makefile to remove API submodule
- go.mod: Update hcsshim to v0.9.2 (#6453)
- go.mod: Update hcsshim to v0.9.2
- update runc to v1.1.0 (#6375)
- go.mod: github.com/opencontainers/runc v1.1.0
- update runc binary to v1.1.0
- tracing: fix OTLP tracer's initialization (#6443)
- tracing: fix OTLP tracer's initialization
- gha: run CodeQL scan on pull requests (#6386)
- gha: run CodeQL scan on pull requests
- Do not automatically inject client traces (#6445)
- Do not automatically inject client traces
- [containerd-stress] delete useless code (#6451)
- delete useless code
- Revert "Add shared content label to namespaces" (#6440)
- Revert "Add shared content label to namespaces"
- Add ppc64 support for test images (#6435)
- Add ppc64 support for test images
- ctr: Unify the delete subcommand alias (#6427)
- ctr: Unify the delete subcommand alias
- Prepare release notes for v1.6.0-rc.0 (#6431)
- Prepare release notes for v1.6.0-rc.0
- Integration: Switch to using
auth
Gcloud action in Windows workflow. (#6397)- Integration: Switch to
upload-cloud-storage
Gcloud action. - Integration: Switch to using
auth
Gcloud action in Windows workflow.
- Integration: Switch to
- remove io/ioutil (#6426)
- remove io/ioutil
- test: e2e node COS cgroupv2 script (#6418)
- test: e2e node COS cgroupv2 script
- Integration: Enable CRITest on Windows 2022. (#6378)
- Enable critest tests on Windows Server 2022.
- Parametrize CRITest test images in Windows Periodic workflow.
- Update error message for apparmor parser (#6415)
- Update error message for apparmor parser
- Fix wrong log message (#6419)
- Fix wrong log message
- Followup errors change (#6414)
- Fix incorrect error wrapped when closing ingest file
- Fix seek error used without nil check
- Fix followup items from errors replacement
- Updates CRI API & Kubernetes to 1.23 (#6351)
- Update k/k to 1.23.0
- Updating adoption of containerd for AKS (#6416)
- Updating adoption of containerd for AKS
- update the adoption status of containerd in GKE (#6413)
- update the adoption status of containerd in GKE
- go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt} (#6410)
- go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt}
- replace github.com/pkg/errors with native errors (#6366)
- feat: replace github.com/pkg/errors to errors
- corrected link in cri architecture documentation (#6412)
- corrected link in cri architecture documentation
- remotes/docker: allow fetching "refresh token" (aka "identity token", "offline token") (#6396)
- remotes/docker: allow fetching "refresh token" (aka "identity token")
- remotes/docker/config: allow setting custom AuthorizerOpts
- Prepare release notes for v1.6.0-beta.5 (#6407)
- Prepare release notes for v1.6.0-beta.5
- Integration: Check GCP secrets on Windows CI artifact upload. (#6292)
- Integration: Check GCP secrets on Windows CI artifact upload.
- Github Security Advisory GHSA-mvff-h3cj-wj9c
- only relabel cri managed host mounts
- Add support for Intel RDT (#5439)
- cri: add ignore_rdt_not_enabled_errors config option
- Update dependencies
- cri: annotations for controlling RDT class
- tasks: add Linux rdt support
- cmd: add --rdt-class command line option
- oci: implement WithRdt
- fix: use _ for consistency (#6391)
- fix: use _ for consistency
- content/local: use syscall.Timespec.Unix (#6403)
- content/local: use syscall.Timespec.Unix
- docs: improve plugin documentation (#6207)
- docs: document the runtime shim plugin config options
- docs: use proper markdown lists in containerd-config.toml.5.md
- fix(ctr): enable networking for Windows containers (#6304)
- fix(ctr): enable networking for Windows containers
- Fix $(PWD) issue for Windows makefile (#6394)
- Fix $(PWD) issue for Windows makefile
- only test abstract uds on linux (#6395)
- fix: only test abstract unix socket on linux
- Fix restart container test (#6390)
- Expect ErrorNotFound on Windows after Kill()
- Replace tskill with taskkill
- fix when kernel version < 4.13rc1 by using index=off cause test error (#6291)
- fix when kernel version < 4.13rc1 by using index=off cause overlay test error
- Fix no-daemon flag for integration/client tests (#6384)
- Fix no-daemon flag for integration/client tests
- Enable lazy init for ext4 with devicemapper (#6122)
- Enable lazy init for ext4 with devicemapper
- Fix flakiness on Windows for list stats (#6385)
- Fix flakiness on Windows for list stats
- cri-integration: Add Windows defaults and fix spaces issue (#6347)
- cri-integration: Add Windows default paths
- Upgrade OpenTelemetry dependencies (#6383)
- Upgrade k8s.io/klog/v2 from 2.9.0 to 2.20.0
- Use insecure.NewCredentials instead of grpc.WithInsecure
- Upgrade OpenTelemetry dependencies
- Fix default makefile target for windows (#6322)
- Fix default makefile target for windows
- Disable TestContainerHook on Windows (#6379)
- Disable TestContainerHook on Windows
- seutil: Fix setting the "container_kvm_t" label (#6372)
- seutil: Fix setting the "container_kvm_t" label
- Remove Windows integration testing for 2004. (#6350)
- Remove Windows integration testing for 2004.
- OCI: Mount (accessible) host devices in privileged rootless containers (#6308)
- OCI: Mount (accessible) host devices in privileged rootless containers
- oci.getDevices(): move "non-dir, non '/dev/console'" case into switch
- cri: add support for configuring swap (#6320)
- fixup: check for swap accounting
- fixup: handle diff between cgroupsv1 and v2
- cri: add support for configuring swap
- Integration: Enable TestVolumeOwnership on Windows (#6275)
- Replace find with native Go code
- Enable TestVolumeOwnership on Windows
- Prepare release notes for v1.6.0-beta.4 (#6296)
- Prepare release notes for v1.6.0-beta.4
- refactor: functions for error log and error return (#6358)
- feat: Errorf usage
- Split apart runc shim into plugin components (#6021)
- Use task plugin for runc shim
- Seperate shim manager and task service
- Split runc shim into plugin components
- Add shutdown package
- CRI update for sandbox sizing (#6155)
- cri, sandbox: pass sandbox resource details if available, applicable
- medatada: make namespaces' deletion error less cryptic (#6354)
- medatada: make namespaces' deletion error less cryptic
- ListContainerStats to return stats response if ContainerStatsFilter is nil (#6373)
- add-list-stat: return container list if filter is nil
- integration: deflake TestContainerdRestart (#6369)
- integration: deflake TestContainerdRestart
- feat: add timeout for bolt open (#6225)
- feat: support custom timeout for blot open
- Update Go to 1.17.5 (#6333)
- Update Go to 1.17.5
- cri/server: use consistent alias for pkg/ioutil (#6332)
- cri/server: use consistent alias for pkg/ioutil
- Disable restart monitor test in Windows (#6364)
- Disable restart monitor test in Windows
- Don't fail-fast on Windows integration tests (#6338)
- Don't fail-fast on Windows integration tests
- Update restart monitor test to output daemon logs on failure (#6355)
- Run windows parallel integration test as short
- Update restart monitor test to output daemon logs on failure
- go.mod: update image-spec to latest (v1.0.3-dev) (#6263)
- images/converter: remove deprecated types
- go.mod: update image-spec to latest (v1.0.3-dev)
- Skip WithAdditionalGIDs on Darwin (#6353)
- Skip WithAdditionalGIDs on Darwin
- Use RFC3339 format on Windows periodic resource group creation so cleanup works (#6303)
- Use RFC3339 format so rg cleanup works
- update runc to v1.0.3 (#6330)
- go.mod: github.com/opencontainers/runc v1.0.3
- update runc binary to v1.0.3
- Unblock native snapshotter on Darwin (#6329)
- Allow native snapshotter on Darwin
- Do not use
go get
to install executables (#6328)- Do not use
go get
to install executables
- Do not use
- Include runtime v2 in default builtins (#6326)
- Include runtime v2 in default builtins
- Add Windows Server 2022 CI runs (#6314)
- Add Windows Server 2022 CI runs
- Set explicit ACL on test files (#6324)
- Use a single RUN command
- Set explicit ACL on test files
- integration: align tags of test images (#6311)
- integration: align tags of test images
- Set CONTAINERD_ROOT in Windows cri-integration (#6325)
- Set CONTAINERD_ROOT in Windows cri-integration
- export oci.DeviceFromPath() (#6312)
- export oci.DeviceFromPath()
- Update volume test images (#6321)
- Update continuity dependency
- Update volume test images
- Update TestRestartMonitor expected time check (#6201)
- Add error logging on cleanup
- Update TestRestartMonitor expected time check
- Move test volume images from gcr to ghcr (#6319)
- Move volume images from gcr to ghcr
- Revert shim service plugin migration (#6301)
- Revert shim plugin migration
- Authenticate against ghcr.io (#6317)
- Add permissions
- Authenticate against ghcr.io
- oci/deviceFromPath(): correctly check device types (#6306)
- oci/deviceFromPath(): correctly check device types
- Skip TestExportAndImportMultiLayer on Windows (#6315)
- Skip TestExportAndImportMultiLayer on Windows
- Integration: Add image build workflow (#6290)
- Add image build workflow
- Integration: Separate Windows Periodic Tests workflow trigger. (#6286)
- Integration: Separate Windows Periodic Tests workflow trigger.
- Build volume test images on Windows (#6274)
- Build volume test images on Windows
- Add VMware TKG & TCE to Containerd adopters (#6297)
- Add VMware TKG & TCE to Containerd adopters
- Vagrantfile: update to Fedora 35 (#6293)
- Vagrantfile: update to Fedora 35
- Update README.md repo->org (#6269)
- Update README.md repo->org
- Fix executable file not found when restoring shims (#6278)
- Fix executable file not found when restoring shims
- ctr/snapshots/diff: show media-type in stderr (#6271)
- ctr/snapshots/diff: don't show the media-type in output
- ctr: Add Linux Capabilities control flags (#6289)
- ctr: Add Linux Capabilities control flags
- integration: add stats result in error message (#6270)
- integration: add stats result in error message
- releases: mark 1.4 as Extended (#6287)
- docs: mark 1.4 as Extended
- docs: fix RELEASES.md gRPC API anchor
- feat: skip ci for fork (#6284)
- feat: skip ci for fork
- content/local: Close the file if Seek fails (#6280)
- content/local: Close the file if Seek fails
- Integration: Remove explicit version passing to
azure/CLI
. (#6268)- Integration: Remove explicit version passing to
azure/CLI
.
- Integration: Remove explicit version passing to
- Fix wrong make target on documentation (#6276)
- Fix wrong make target on documentation
- fix: server error return (#6272)
- fix: server error return
- Prepare release notes for v1.6.0-beta.3 (#6267)
- Prepare release notes for v1.6.0-beta.3
- Update API version in go.mod
- Update release name to use consistent format
- feat:support custom callopts on client side (#6254)
- fix: make max recv/send msg size setting default
- feat:support custom callopts on client side
- [CRI] Fix panic when registry.mirrors use localhost (#6258)
- [CRI] Fix panic when registry.mirrors use localhost
- Add support for TMP override on toml (#6241)
- Add support for TMP override on toml
- CRI: Support enable_unprivileged_icmp and enable_unprivileged_ports options (#6170)
- CRI: Support enable_unprivileged_icmp and enable_unprivileged_ports options
- Github Security Advisory GHSA-5j5w-g665-5m35
- schema1: reject ambiguous documents
- images: validate document type before unmarshal
- [cri] add sandbox and container latency metrics (#6111)
- [cri] add sandbox and container latency metrics
- Integration: Generalize Windows CI setup scripts for any username. (#6255)
- Generalize Windows CI setup script for any user.
- Standardize cmdlet capitalization in Windows CI scripts.
- feat: use rwmutex instead (#6253)
- feat: use rwmutex instead
- Allow absolute path to shim binaries (#6206)
- Fix package alias
- Support custom runtime path when launching tasks
- Add runtime path in CreateTaskRequest
- Close file if permission modification fails (#6246)
- Close file if permission modification fails
- release: change tar name to match prior releases (#6250)
- release: change tar name to match prior releases
- Fix wrong error returned for image index lookup (#6237)
- Fix wrong error returned for image index lookup
- Fix containerd fails to pull OCI image with non-
http(s)://
urls (#6221)- Fix containerd fails to pull OCI image with non-
http(s)://
urls
- Fix containerd fails to pull OCI image with non-
- Prepare release notes for v1.6.0-beta.2 (#6223)
- Prepare release notes for v1.6.0-beta.2
- Add arm64 to releases (#6196)
- Rename release dockerfile to omit distro name
- release: improve dockerfile
- Add arm64 to releases
- use write lock when updating container stats (#6236)
- use write lock when updating container stats
- go.mod: Bump hcsshim to v0.9.1 (#6230)
- go.mod: Bump hcsshim to v0.9.1
- go.mod: Bump ttrpc to 1.1.0 (#6228)
- go.mod: Bump ttrpc to 1.1.0
- go.mod: bump moby/sys/symlink v0.2.0, moby/sys/signal v0.6.0, moby/sys/mountinfo v0.5.0 (#6213)
- go.mod: github.com/moby/sys/mountinfo v0.5.0
- go.mod: github.com/moby/sys/signal v0.6.0
- go.mod: github.com/moby/sys/symlink v0.2.0
- go.mod: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359
- cleanup: add more description on comment (#6222)
- cleanup: add more description on comment
- Update Go to 1.17.3 (#6211)
- Update Go to 1.17.3
- CI: bump up crun: 1.0 -> 1.3 (#6214)
- CI: bump up crun: 1.0 -> 1.3
- Pin az CLI version in windows-periodic workflow (#6205)
- Pin az CLI version
- Decouple task manager (#5918)
- Address PR comments
- Fix build after rebase
- Migrate task directory
- Expose shim process interface
- Fix after rebase
- Cleanup shim loading
- Move shim restore to a separate file
- Fix backward compatibility with old task shims
- Add plugin dependency between shim and shim services
- Rework task create and cleanup flow
- Add task manager
- Rename task manager to shim manager
- [cri] Implement k8s 1.23 CRI Pod Sandbox and Container Stats (#6113)
- Implement CRI container and pods stats
- Vendor latest k8s.io/cri-api and netlink
- test: Add grace period for restart monitor test (#6200)
- test: Add grace period for restart monitor test
- integration: Enables TestRuntimeHandler for Windows (#6179)
- integration: Enables TestRuntimeHandler for Windows
- Add mkdir on Dockerfile (#6171)
- Add mkdir on Dockerfile
- sys/reaper: avoid leaky goroutine when exec timeout (#6189)
- sys/reaper: avoid leaky goroutine when exec timeout
- adds additional debug out to timebox cni setup (#6184)
- adds additional debug out to timebox cni setup
- converter: Allow hooks during image conversion (#6176)
- converter: Allow hooks during image conversion
- compression: support zstd with skippable frame (#6177)
- compression: support zstd with skippable frame
- integration: Enables TestVolumeCopyUp for Windows (#6182)
- integration: Enables TestVolumeCopyUp for Windows
- integration: Enable some tests for Windows (part 2) (#6121)
- integration: Enable some tests for Windows (part 2)
- integration: Enable some tests for Windows (#6085)
- integration: Enable some tests for Windows
- Update doc to version 2 syntax (#6125)
- feat(doc): update to version 2 syntax
- fix shim reaper wait command execute blocked (#6166)
- fix shim reaper wait command execute blocked
- content: close stream after commit request (#6145)
- content: close stream after commit request
- Generating token options with each scope as a separate string. (#6165)
- Adding scope tests for ParseAuthHeader
- Adding tests for GenerateTokenOptions
- Generate token options with each scope as a separate string.
- vendor: Updates go-cni (#6167)
- vendor: Updates go-cni
- commands: Enables task metrics for Windows (#6159)
- commands: Enables task metrics for Windows
- vendor: update moby/sys for darwin support (#6149)
- vendor: update moby/sys for darwin support
- Prepare v1.6.0-beta.1 (#6144)
- Prepare release notes for v1.6.0-beta.1
- Update mailmap
- Update api vendor
- bump cni to spec v1.0.0 (#6136)
- bump CNI to spec v1.0.0
- Inject otel traces to grpc client. (#5992)
- Inject otel traces to grpc client.
- client: expose (*image).platform (#6142)
- client: expose (*image).platform
- Adding documentation for Core Scheduling (#6128)
- feat(doc): add Core Scheduling documentation
- Ensure namespace is proxied to grpc/ttrpc plugins (#6130)
- Ensure namespace is proxied to grpc/ttrpc plugins
- fix #6054 MaxConcurrentDownloads is not effect when Unpack is true (#6109)
- fix #6054 MaxConcurrentDownloads is not effect when Unpack is true
- Output a warning for label image labels instead of erroring (#6124)
- Output a warning for label image labels instead of erroring
- Fix spelling mistake in Windows snapshotter (#6132)
- Fix spelling mistake in Windows snapshotter
- Windows: Cleanup rm- prefixed layers (#6126)
- Windows: Cleanup rm- prefixed layers
- cleanup deprecated package
io/ioutil
(#6118)- io/ioutil package has been deprecated in Go 1.16 that replaces io/ioutil functions
- close Writer after use which may memory leak (#6115)
- close Writer after use which may leak mem
- Adds Windows resource limits support (#5778)
- Adds Windows resource limits support
- Prepare release notes for v1.6.0-beta.0 (#6098)
- Prepare release notes for v1.6.0-beta.0
- Add error message to in TestContainerdRestart integration test (#6105)
- Add error message to in TestContainerdRestart integration test
- Fix typo in the NewContainer function documentation (#6110)
- Fix typo in the NewContainer function documentation
- Update cgroups to v1.0.2 (#6104)
- Update cgroups to v1.0.2
- btrfs: verify file content after mount (#6100)
- test: check file content after mount
- Update test timeout based on recent cancellations (#6107)
- Update test timeout based on recent cancellations
- Check the pid in cri test teardown (#6106)
- Remove extra test_teardown
- Check the pid in cri test teardown
- add runc shim support for sched core (#6011)
- fix integration client vendor
- add runc shim support for sched core
- integration: Enables Windows containerd restart test (#5579)
- integration: Enables Windows containerd restart test
- vendor: Bump hcsshim to 0.9.0 (#6099)
- vendor: Bump hcsshim to 0.9.0
- [cri] Add CNI conf based on runtime class (#4695)
- Add CNI conf based on runtime class
- Update Go to 1.17.2 (#6102)
- Update Go to 1.17.2
- integration: Adds test for multilayer image import (#5933)
- integration: Adds test for multilayer image import
- runtime: should fail fast if dial error on shim (#6031)
- runtime: should fail fast if dial error on shim
- Fixes Windows containers with image volumes (#6034)
- Windows: Fixes Windows containers with image volumes
- run
gofmt
with GO 1.17 (#6094)- run
gofmt
with Go 1.17
- run
- pkg/cap: remove an outdated comment (#6088)
- pkg/cap: remove an outdated comment
- Update go otel 1.0.1 (#6066)
- Update go otel 1.0.1
- Update ADOPTERS.md with additional uses (#6086)
- Update ADOPTERS.md with additional uses
- modify the way for checking cos (#6082)
- modify the way for checking cos
- Fuzzing: Add fuzzers + small modifications (#5915)
- Fuzzing: Add 4 fuzzers + small modifications
- Fixes for Windows CI (#6081)
- Pin mingw to version 10.2.0
- Update to golang 1.17.1
- Install nssm
- Github Security Advisory GHSA-c2h3-6mxw-7mvq
- btrfs: reduce permissions on plugin directories
- v1 runtime: reduce permissions for bundle dir
- v2 runtime: reduce permissions for bundle dir
- task service: return known error type (#6079)
- task service: return known error type
- refactor: move from io/ioutil to io and os package (#5973)
- refactor: move from io/ioutil to io and os package
- fix: import from k8s.io/utils/clock instead (#6076)
- fix: update vendor
- cleanup: import from k8s.io/utils/clock/testing instead
- cleanup: import from k8s.io/utils/clock instead
- feat: enable integration cri remote client to call with grpc calloptions (#6069)
- feat: enable cri remote client to call with grpc calloptions
- cleanup k8s ansible yaml (carry for #5713) (#6074)
- cleanup k8s ansible yaml (carry for https://github.com/jayonlau jayonlau@gmail.com)
- feat: support import image for specific platform (#6070)
- fix: wrong flag type
- feat: support import image for specific platform
- Update mirror images to take target image name (#6065)
- Update mirror images to take target image name
- fix: make exec-id flag required in exec command (#6059)
- fix: make exec-id flag required in exec command
- images: enable converter to uncompress zstd (#6052)
- images: enable converter to uncompress zstd
- replace deprecated function with Domain and Path (#5922)
- replace deprecated function
- integration: Adds Windows HostProcess tests (#5853)
- integration: Adds Windows HostProcess tests
- Fix main branch build is broken (#6047)
- Fix main branch build is broken
- Add open telemetry logging hook for logrus (#6003)
- Add open telemetry logging hook for logrus
- Change
oci.WithUser
behavior for LCOW (#6023)- Change oci.WithUser behavior for LCOW
- switch usage directly to errdefs.(ErrAlreadyExists and ErrNotFound) (#5946)
- switch usage directly to errdefs.(ErrAlreadyExists and ErrNotFound)
- import: Raise error if the imported image is filtered out (#5926)
- import: Raise error if the imported image is filtered out
- Fix panic in metadata content writer on copy error (#6043)
- Fix panic in metadata content writer on copy error
- Move tracing to plugin (#6001)
- Move tracing to plugin
- ctr: Fixes Windows image import (#5916)
- ctr: Fixes Windows image import
- update open go.opentelemetry.io v1.0.0 to fix import path (#6017)
- go.mod: update opentelemetry modules to v1.0.0
- fix error string format (#5979)
- fix error string format
- Add github action to mirror image (#6036)
- Add github action to mirror image
- add current process state to the error message (#6027)
- add current process state to the error message
- FreeBSD: fix tar headers & the nil check on getxattr (#5991)
- FreeBSD: fix tar headers & the nil check on getxattr
- gha: collect VMs' IP addresses (#6035)
- gha: collect Vagrant VMs' IP addresses
- bump continuity and console version that remove pkg/errors (#6033)
- bump continuity and console version that remove pkg/errors
- import: Add option to prevent duplicated digest image (#5997)
- import: Add option to skip creating digest image
- ctr namespaces: improve usage string (#5998)
- ctr namespaces: improve usage string
- bump console version to v1.0.3 that remove pkg/errors (#6028)
- bump console version to v1.0.3 that remove pkg/errors
- Use github images for integration tests (#6032)
- Use github images for integration tests
- Fix typo (#5995)
- Fix typo
- Enable image config labels in ctr and CRI container creation (#6012)
- Enable image config labels in ctr and CRI container creation
- Make sure exit signals trigger an exit during init (#5970)
- Make sure exit signals trigger an exit during init
- task delete: Closes task IO before waiting (#5974)
- task delete: Closes task IO before waiting
- CI: bump up crun to 1.0 (#5985)
- CI: bump up crun to 1.0
- seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted) (#5982)
- seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted)
- Update to Go 1.17.1 (#5990)
- Update to Go 1.17.1
- CI: Switch to available latest images (#5987)
- CI: Switch to available latest images
- add xfs support to devicemapper snapshotter (#5610)
- add xfs support to devicemapper snapshotter
- Fixes task kill --force on Windows (#5956)
- Fixes task kill --force on Windows
- Add support for shim plugins (#5817)
- Add support for shim plugins
- vendor: update continuity for darwin support (#5976)
- vendor: update continuity for darwin support
- replace uses of os/exec with golang.org/x/sys/execabs (#5906)
- replace uses of os/exec with golang.org/x/sys/execabs
- complete integration test for pulling image with labels (#5972)
- Additional integration tests for pulling image with labels
- Fix content copy to not ignore unexpected EOF (#5966)
- Fix content copy to not ignore unexpected EOF
- add ip_pref CNI options for primary pod ip (#5964)
- add ip_pref CNI options for primary pod ip
- cri: add devices for privileged container (#5939)
- cri: add devices for privileged container
- sandbox: Allows the sandbox to be deleted in NotReady state (#5954)
- sandbox: Allows the sandbox to be deleted in NotReady state
- pin protobuild version to tag (#5969)
- pin protobuild version to tag
- Add metric exposing build version&revision (#5965)
- use a const metric for build_info
- Add metric exposing build version&revision
- Feature: containerd-cri support LinuxContainerResources.Unified (#5627)
- add cri test case
- feature: add field LinuxContainerResources.Unified on cri
- integration: investigate TestRestartMonitor's failure (#5861)
- integration: investigate TestRestartMonitor's failure
- Use issue forms for bug reporting (#5917)
- Address issue forms feedback
- Use issue forms for bug reporting
- cri: patch update image labels (#5945)
- cri: patch update image labels
- darwin: runtime support (#5936)
- darwin: runtime support
- darwin: use the default values for socketRoot variable
- Update RELEASES.md (#5858)
- Update RELEASES.md
- archive: Add WriteDiff error logs (#5949)
- archive: Add WriteDiff error logs
- replace deprecated Dialer with ContextDialer (#5958)
- replace deprecated Dail with DailContext
- Add WS2022 support in Windows Periodic tests (#5951)
- Add WS2022 support in Windows Periodic tests
- Content fuzzer: Clean up temp store dir (#5943)
- content fuzzer: Clean up tempdir
- using Hosts replace deprecated field (#5944)
- using Hosts replace deprecated field
- fix document non-synchronous (#5947)
- fix document non-synchronous in crictl.md
- go.mod: Update hcsshim to v0.8.21 (#5929)
- go.mod: Update hcsshim to v0.8.21
- Makefile.linux: build on RISC-V with PIE (#5937)
- Makefile.linux: build on riscv with PIE
- Fix cwd flag for
ctr tasks exec
(#5932)- Fix cwd flag for
ctr tasks exec
- Fix cwd flag for
- Update Pause image in tests & config (#5927)
- Update Pause image in tests & config
- cri: Devices ownership from SecurityContext (#5122)
- cri: Devices ownership from SecurityContext
- Fix pull fails on unexpected EOF (#5921)
- Fix pull fails on unexpected EOF
- Fix dir support for devices (#5845)
- Adding testing of two devices
- Fix dir support for devices V3 (#4847)
- windows: The DefaultSpec platform should match the Default matcher (#5914)
- windows: The DefaultSpec platform should match the Default matcher
- Add RunAsUserName functionality for the Windows pod sandbox container (#5865)
- Add RunAsUserName functionality for the Windows Pod Sandbox Container
- bump up runc v1.0.2 (#5899)
- go.mod: update runc to v1.0.2
- update runc binary to v1.0.2
- Run
go fmt
with Go 1.17 (#5903)- Run
go fmt
with Go 1.17
- Run
- go.mod: github.com/pelletier/go-toml v1.9.3 (#5905)
- go.mod: github.com/pelletier/go-toml v1.9.3
- cri: filter selinux xattr for image volumes (#5902)
- cri: filter selinux xattr for image volumes
- Add Windows HostProcess Support (#5131)
- Added windows hostProcess cni skip
- script: update golangci-lint from v1.38.0 and v1.36.0 to v1.42.0 (#5897)
- script: update golangci-lint from v1.38.0 and v1.36.0 to v1.42.0
- Update to Go 1.17 (#5889)
- Bump integration timeout to 35 min
- Update to Go 1.17
- integration: fix TestContainerPids (#5896)
- integration: fix TestContainerPids
- [ctr] add HOSTNAME env for host network (#5891)
- [ctr] add HOSTNAME env for host network
- Fuzzing: Add fuzzer (#5886)
- Fuzzing: Add fuzzer
- Make Cgroup driver configurable in gce configure script (#5884)
- Add env for SystemdCgroup driver
- Allow expanded DNS configuration (#5878)
- Allow expanded DNS configuration
- Fuzzing: Add 4 fuzzers (#5863)
- Fuzzing: Add 4 fuzzers
- Cleanup v2 shim (#5813)
- Cleanup v2 shim
- Fuzzing: Add experimental version of container fuzzer (#5840)
- Use http.Get to download binaries instead of exec.Command
- Fuzzing: Add experimental version of container fuzzer
- add cpu-shares to ctr (#5846)
- add cpu-shares to ctr
- docs: rename master to main (it was opposite on the actual commit) (#5847)
- docs: rename main to master
- content: return the error with its timestamp (#5849)
- content: return the error with its timestamp
- Fix bad
make protos
failure (#5857)- Fix bad
make protos
failure
- Fix bad
- replace cri and point to new location (#5851)
- archive docs and point to new location fix #containerd/cri#1624
- docs: remove FOSSA's badge (#5856)
- docs: remove FOSSA's badge
- BUILDING.md: remove some bits about building runc (#5850)
- BUILDING.md: remove some bits about building runc
- BUILDING.md: markdown fixes
- go.mod: update k8s deps to v1.22.0 (#5836)
- go.mod: update kubernetes to v1.22.0
- [Scripts] Add trap to cri-integration test script (#5852)
- Add trap to cri-integration test script
- docs: list all snapshotter-related build flags (#5848)
- docs: list all snapshotter-related build flags
- Move plugin context events into separate plugin (#5835)
- Move plugin context events into separate plugin
- Fix Linux CI Linter using Go 1.15.14 (#5839)
- Fix Linux CI Linter using go 1.15.14
- Update Go to 1.16.7 (#5842)
- Update Go to 1.16.7
- Cleanup CI (#5838)
- Cleanup CI
- Remove redundant build tags (#5834)
- Remove redundant build tags
- Change default directories on Darwin (#5830)
- Change default directories on Darwin
- [otel-tracing] Initial opentelemetry support (#5731)
- [otel-tracing] vendor and go modules changes
- [otel-tracing] Initial opentelemetry support
- remove go 1.13 from containerd
- Fuzzing: Fix for OSS-fuzz issue 36825 (#5829)
- Fuzzing: Fix for OSS-fuzz issue 36825
- Fuzzing: Add two fuzzers (#5825)
- Fuzzing: Add two more fuzzers
- scripts: linting fixes, and remove support for Debian Jessie (as it's EOL) (#5760)
- scripts: declare ROOT closer to where it's used, and some DRY changes
- scripts: add missing quotes, and minor linting issues
- test/build-utils.sh: remove support for Debian Jessie
- platforms: Format(): use path.Join() instead of joinNotEmpty() (#5821)
- platforms: Format(): use path.Join() instead of joinNotEmpty()
- Fuzzing: Remove panics of container_fuzzer (#5823)
- Fuzzing: Remove panics of container_fuzzer
- Fuzzing: Add container fuzzer (#5785)
- Change protoc link
- Split fuzzer to two fuzzers
- Fuzzing: Add container fuzzer
- runtime: fix the issue of create new socket with abstract address (#5746)
- runtime: fix the issue of create new socket with abstract address
- mergo: Upgrade to 0.3.12 to fix panic (#5809)
- mergo: Upgrade to 0.3.12 to fix panic
- ci: install criu from PPA (#5802)
- ci: install criu from PPA
- Update release workflow to upload binary without CNI (#5144)
- Split release steps into multiple tasks
- Update release workflow to upload binary without CNI
- Enable critest on Windows Periodic Jobs (#5725)
- Enable critest on Windows
- Script to check if entries in go.mod files are in sync (#5792)
- Script to check if entries in go.mod files are in sync
- Add a sharedNamespace label (#5043)
- Add shared content label to namespaces
- platforms: add "ios" as known OS, "loong64" as known ARCH (#5784)
- platforms: add "ios" as known OS, "loong64" as known ARCH
- Updates the location of protobuf downloads (#5804)
- Updates the location of protobuf downloads in docs
- Update protobuf install to use correct repository (#5803)
- Update protobuf install to use correct repository
- overlay: expose upperdir location of each snapshot via an optional label (#5624)
- overlay: add an optional label of upperdir location of each snapshot
- Support SIGRTMIN+n signals (#5693)
- Support SIGRTMIN+n signals
- respect context timeout in shim binary call (#5800)
- respect context timeout in shim binary call
- Introduce a new go module - containerd/api for use in standalone clients (#5716)
- Introduce a new go module - containerd/api for use in standalone clients
- grpc config add options tcp_client_ca_cert (#5606)
- grpc config add options tcp_tls_ca
- integration: Windows volume-copy-up images (#5162)
- integration: Windows volume-copy-up images
- add CRI support matrix to RELEASES.md (#5795)
- add CRI support matrix to RELEASES.md
- adding a little more clarity (#5794)
- adding a little more clarity
- update gotestsum to v1.7.0 (#5793)
- update gotestsum to v1.7.0
- Discard blocks when removing a thin device (#5756)
- Discard blocks when removing a thin device
- Makefile: fix passing build tags (#5590)
- Makefile: pass build tags to manpage build process
- Makefile: fix tags parameter computation
- Add runtime label to metrics (#5744)
- Add runtime label to metrics
- interface about shim build check (#5745)
- interface about shim build check
- integration: log all processes to investigate the test failure (#5775)
- integration: log all processes to investigate the test failure
- Fuzzing: Add archive fuzzer (#5779)
- Fuzzing: Add archive fuzzer
- Add docker.Fetch fuzzer (#5687)
- Add docker fetch fuzzer
- Support custom compressor for walking differ (#5735)
- Support custom compressor for walking differ
- remotes/docker/pusher.go: Fix missing Close() on push to docker remote (#5770)
- remotes/docker/pusher.go: Fix missing Close()
- remotes/docker/fetcher.go: Fix missing Close() on fetch from docker remote (#5769)
- remotes/docker/fetcher.go: Fix missing Close()
- Update cpuguy83/go-md2man binary to v2.0.1 (#5771)
- Update cpuguy83/go-md2man binary to v2.0.1
- Refactor / optimize contrib/Dockerfile.test (#5750)
- Dockerfile.test: build containerd in separate stage
- Dockerfile.test: add GOLANG_IMAGE build arg to allow overriding
- Dockerfile.test: clean up apt indexes after installing
- Dockerfile.test: build critools in a separate stage
- Dockerfile.test: build cni in a separate stage
- Dockerfile.test: standard directory to collect build aftifacts
- Dockerfile.test: split dev stage, and optimize order
- Dockerfile.test: skip curl, gcc, git and make install
- install-critools: make sure DESTDIR exists
- update gotestsum to current master (#5754)
- update gotestsum to current master
- Github Security Advisory GHSA-c72p-9xmj-rx3w
- Add test for archive breakout test for lchmod
- Use systemd cgroup driver for Kubernetes e2e tests with cgroupsv2 (#5755)
- Use systemd cgroup driver for cgroupv2 tests
- update runc to v1.0.1 (#5751)
- go.mod: runc v1.0.1
- update runc binary to v1.0.1
- runtime: runc v2: remove redundant validation (#5737)
- runtime: runc v2: remove redundant validation
- Add timestamp to flaky restart monitor test (#5727)
- Move loop check to before sleep
- Add timestamp to flaky restart monitor test
- Update Go to 1.16.6 (#5722)
- integration/client: go mod tidy
- Update Go to 1.16.6
- client: surface a connection error more clearly (#4447)
- client: surface a connection error more clearly
- Fix missing Body.Close() calls on push to docker remote (#5712)
- Fix missing Body.Close() calls on push to docker remote
- remove pkg/cri/platforms package (#5710)
- remove pkg/cri/platforms package
- Allow WithServices to use custom implementations (#5709)
- Allow WithServices to use custom implementations
- [Vendor] Update hcsshim to 0.8.18 (#5673)
- [Vendor] Update hcsshim to 0.8.18
- test integration: Adds a test that restarts a failed container (#5578)
- test integration: Adds a test that restarts a failed container
- [CRI] move up to CRI v1 and support v1alpha in parallel (#5619)
- use fu wei's suggeted interface pick for marshaling
- add alpha version
- move up to CRI v1 and support v1alpha in parallel
- gha: make release workflow work in forks (#5682)
- gha: make release workflow work in forks
- Add unit test for plugin (#5666)
- Add unit test for plugin
- Dockerfile.test: add "cri-in-userns" (aka rootless) test stage (#5700)
- Dockerfile.test: add "cri-in-userns" (aka rootless) test stage
- Update for distribution spec 1.0 (#5676)
- Add support for registry host path override
- Update documenation for OCI distribution 1.0
- archive: cleanup lchmod logic (#5702)
- Cleanup lchmod logic in archive
- Install specific golang version in Windows CI. (#5571)
- Install specific golang version in Windows CI.
- Add ctr command label in NewContainerOpts (#5660)
- feat: Add snapshotter label to the new snapshot for container.
- snapshot/devmapper: log exported methods correctly (#5655)
- snapshot/devmapper: log exported methods correctly
- Makefile: fix DESTDIR and PREFIX concatenation (#5662)
- Makefile: fix DESTDIR and PREFIX concatenation
- Cri integration cleanup (#5287)
- tests: Use EnsureImageExists for image pulling
- tests: Refactors PodSandbox creation
- move sys.FMountat() into mount package and un-export (#5641)
- un-export mount.FMountat
- move sys.FMountat() into mount package
- sandbox: send pod UID to CNI plugins as K8S_POD_UID (#5640)
- sandbox: send pod UID to CNI plugins as K8S_POD_UID
- sys: remove StatAtime(), StatCtime(), StatMtime() and StatATimeAsTime() utils (#5639)
- sys: remove StatAtime(), StatCtime(), StatMtime() and StatATimeAsTime() utils
- content/local: inline sys.StatATimeAsTime() (#5633)
- content/local: inline sys.StatATimeAsTime()
- allow multi gpu to be specified via ctr (#5636)
- allow multi gpu to be specified via ctr
- go.mod: runc v1.0.0
- update runc binary to v1.0.0 GA
- fixing some doc links (#5629)
- fixing some doc links
- Sync integration/go.mod with root go.mod (#5623)
- Sync integration/go.mod with root go.mod
- archive: Expose ChangeWriter to allow customized diff computing (#5615)
- archive: Expose ChangeWriter to allow customized diff computing
- CI: Switch to the available latest images (#5625)
- CI: Switch to available latest images
- fix deprecation config for default runtime
- Re-enable criu in main integration runs (#5614)
- Re-enable criu in main integration runs
- runtime,v2: Enable debug when containerd is on debug+ log level (#5617)
- runtime,v2: Enable debug when containerd is on debug+ log level
- github.com/golang/protobuf/proto is deprecated
- Update github.com/golang/protobuf from v1.3.5 to v1.4.3
- Update google.golang.org/grpc from v1.27.1 to v1.38.0
- Increase golangci-lint timeout
- ctr flags of container rootfs propagation (#5611)
- command line flags of setting container rootfs propagation
- add cgroupv2 setup for cos with a flag
- Update gotestsum to add timestamps to junit output (#5612)
- Update gotestsum to add timestamps to junit output
- Allow to pass --no-cgroups option to nvidia-container-cli (#5604)
- Allow to pass --no-cgroup option to nvidia-container-cli
- Makefile: FHS conformant manpage installation pathes (#5577)
- Makefile: FHS conformant manpage installation pathes
- Add proper Go version before project checks (#5594)
- Add proper Go version before project checks
- Enable cri-integration in Windows Periodic Tests (#5580)
- Enable cri-integration in Windows Periodic Tests
- adds explanation for seccomp unset/unconfined default vs runtime default (#5573)
- adds explanation for seccomp unset/unconfined default vs runtime default
- Fix cleanup context of teardownPodNetwork (#5569)
- Fix cleanup context of teardownPodNetwork
- update integration/client go.sum (#5572)
- update integration/client go.sum
- Revert diff/walking error change (#5566)
- Revert diff/walking error change
- Update opencontainers/selinux to v1.8.2 (#5562)
- Update opencontainers/selinux to v1.8.2
- fix invalid validation error checking (#5565)
- fix invalid validation error checking
- diff/walking: fix defer cleanup (#5551)
- diff/walking: fix defer cleanup
- Windows periodic job: Add creation timestamp to RG (#5559)
- Add creation timestamp to RG
- Fix error case in Windows layer cleanup (#5328)
- Fix error case in Windows layer cleanup
- Use DeactivateLayer to unlock layers that we cannot rename (#5422)
- Small typo fix "reimporst"
- Use DeactivateLayer to recover layers that we cannot rename
- tests: Symlink volume tests (#5284)
- tests: Symlink volume tests
- Makefile: fix DESTDIR environment variable behaviour (#5535)
- Makefile: fix DESTDIR environment variable behaviour
- Change Wrapf of non-error to an actual error (#5560)
- Change Wrapf of non-error to an actual error
- Install apparmor parser for arm64 environment
- scrub the stale TODO (#5536)
- scrub the stale TODO
- docs: explicitly mention containerd's Prometheus path (#5554)
- docs: explicitly mention containerd's Prometheus path
- integration: Cleanup containerd on test teardown (#5553)
- integration: Cleanup containerd on test teardown
- docs/cri: update links (#5548)
- docs/cri: update ocicrypt link
- docs/cri: fix broken links
- Update Windows periodic tests (#5544)
- Update Windows periodic tests
- Add CI periodic Windows Jobs. (#5165)
- Schedule Windows job daily after midnight.
- Update windows-periodic.yml
- Add CI periodic Windows Jobs.
- Rename atomicWrite to writeToCompletion (#5273)
- Rename atomicWrite to writeToCompletion
- Do not run btrfs tests if btrfs kernel module is not loaded (#5539)
- Do not run btrfs tests if btrfs kernel module is not loaded
- Fix incorrect UA used for registry authentication (#5533)
- Fix incorrect UA used for registry authentication
- ctr: parse mount options with embedded = character (#5531)
- ctr: parse mount options with embedded = character
- Fix mounts for FreeBSD (#5472)
- Add ruleset=4 option
- Remove mountpoints not commonly mounted on FreeBSD
- Add copyright header & make sure compilation succeeds on all platforms
- Fix mounts for FreeBSD
- ctr: make exec pty behavior consistent with run (#5527)
- ctr: exec handle pty resize after Start
- ctr: exec setup IO with console
- Makefile: use $@ for target file names (#5534)
- Makefile: use $@ for target file names
- Fix small typo (#5528)
- Fix small typo
- Don't check for apparmor_parser to be present (#5519)
- update the link
- Don't check for apparmor_parser to be present
- Remove useless lines (#5520)
- Remove useless lines
- Fixed typos in docs (#5509)
- fixed typos
- Try next mirror in case of non-404 errors, too (#5275)
- Try next mirror in case of non-404 errors, too
- bump runc version to v1.0.0-rc95 (#5514)
- bump runc version to v1.0.0-rc95
- update runc binary to v1.0.0-rc95 (#5511)
- update runc binary to v1.0.0-rc95
- Bump github.com/Microsoft/go-winio from 0.4.15 to 0.5.0 (#5508)
- Bump github.com/Microsoft/go-winio from 0.4.15 to 0.5.0
- Bump github.com/opencontainers/selinux from 1.8.0 to 1.8.1 (#5507)
- Bump github.com/opencontainers/selinux from 1.8.0 to 1.8.1
- Makefile: allow overriding install command via environment (#5493)
- Makefile: allow overriding install command via environment
- tests: Adds support for Windows cri-integration tests (#5163)
- tests: Adds support for Windows cri-integration tests
- Update docker resolver to authorize redirects (#5504)
- Update docker resolver to authorize redirects
- bump hcsshim version to v0.8.17 (#5505)
- bump hcsshim version to v0.8.17
- Release binary update for imgcrypt (#5498)
- just release ctd-decoder not ctr-enc
- Merge remote-tracking branch 'upstream/master'
- Pin integration test image for alpine
- cri-integration tests: Pull images once (#5313)
- tests: Prepull images used in tests
- plugin: optimize the check for the last registration (#5440)
- plugin: optimize the check for the last registration
- metadata: modify NewLeaseManager to return leases.Manager (#5465)
- metadata: modify NewLeaseManager to return leases.Manager
- Skip TLS verification for localhost (#5100)
- Skip TLS verification for localhost
- Merge remote-tracking branch 'upstream/master'
- Makefile: make sure manpages are built before install-man (#5492)
- Makefile: make sure manpages are built before install-man
- adds description for hosts.toml (#5309)
- adds credentials description
- adds description for hosts.toml
- Prepare default branch rename (#5459)
- Prepare default branch rename
- Merge remote-tracking branch 'upstream/master'
- Update runc to rc94 (#5473)
- Update vendored runc to v1.0.0.0-rc94
- Update the runc binary used with containerd to runc v1.0.0-rc94
- Fix
content.ReaderAt
close (#5468)- Fix content.ReaderAt close
- Update releases doc with updated support timeline (#5466)
- Update releases doc with updated support timeline
- tests: add test for adaptor (#5452)
- tests: add test for adaptor
- Makefile: allow overriding go command by environment (#5450)
- Makefile: allow overriding go command by environment
- update to new cri-tools make install (#5462)
- update to new cri-tools make install
- Update Go to 1.16.4 (#5461)
- Update Go to 1.16.4
- Merge remote-tracking branch 'upstream/release/1.5'
- [release/1.5] go.mod: cut circular dependency on github.com/containerd/containerd (#5457)
- go.mod: cut circular dependency on github.com/containerd/containerd
- integration/client: go mod tidy
- oci: fix WithDevShmSize (#5063)
- oci: fix WithDevShmSize
- [release/1.5] cherry-pick: windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink (#5454)
- windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink
- windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink (#5411)
- windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink
- doc: add missing namespaces package (#5448)
- doc: add missing namespaces package
- update seccomp version (#5445)
- update seccomp version
- Update golang.org/x/sys to add linux/ppc support (#5436)
- Update golang.org/x/sys to add linux/ppc support
- go.mod: cut circular dependency on github.com/containerd/containerd (#5441)
- go.mod: cut circular dependency on github.com/containerd/containerd
- integration/client: go mod tidy
- Fix different registry hosts referencing the same auth config. (#5446)
- Fix different registry hosts referencing the same auth config.
Changes from containerd/cgroups
33 commits
- v2: Fix inotify fd leak when cgroup is deleted (#212)
- v2: add test case for Manager.EventChan() behavior
- v2: flip error handling for readKVStat("memory.events") to reduce indentation
- v2: manager: factor out memory.events parsing
- v2: Fix inotify leak when cgroup is deleted
- fix Implicit memory aliasing in for loop (#214)
- fix Implicit memory aliasing in for loop
- Fix potential dirfd leak. (#210)
- Fix potential dirfd leak.
- cgroup: Optionally add process and task to a subsystems subset (#203)
- cgroup: Optionally add process and task to a subsystems subset
- replace pkg/errors from vendor (#208)
- replace pkg/errors from vendor
- cgroup.go: avoid panic on nil interface (#207)
- cgroup.go: avoid panic on nil interface
- Improvements on cgroup v2 support (#204)
- cgroupv2: reset lastErr to nil when subtree control is successfully written
- cgroupv2: enable controllers before setting resources in NewChild()
- v2: remove unimplemented errors and ErrorHandler, IgnoreNotExist (#201)
- v2: remove ErrorHandler and IgnoreNotExist as they are not implemented
- v2: remove errors that are never returned
- v1: reduce duplicated code (#202)
- v1: reduce duplicated code
- cgroup v1: implement AddProc() (#200)
- cgroup v1: implement AddProc()
- Rename branch from master to main (#199)
- Rename branch from master to main
- utils: export ParseCgroupFile() (#197)
- utils: export ParseCgroupFile()
- go.mod: coreos/go-systemd/v22 v22.3.2 to prepare for deprecations (#194)
- go.mod: coreos/go-systemd/v22 v22.3.2 to prepare for deprecations
- Use /proc/partitions to get device names (#195)
- Use /proc/partitions to get device names
Changes from containerd/console
6 commits
- Fix CI (#55)
- Fix CI
- Stop using pkg/errors
- Add support for z/OS (#46)
- Console test on z/OS
- Add support for z/OS
Changes from containerd/continuity
28 commits
- fs: use syscall.Timespec.Unix (#193)
- fs: use syscall.Timespec.Unix
- Update CI Go version to 1.17 (#192)
- Update CI Go version to 1.17
- Build containerd/continuity on multiple Unix OSes (#190)
- Build containerd/continuity on multiple Unix OSes
- Do not log errors before returning them (#191)
- Do not log errors before returning them
- Copy Windows file metadata (#188)
- Copy Windows file metadata
- fix fmt.Errorf("%w", err) on err == nil (#187)
- fix fmt.Errorf("%w", err) on err == nil
- Remove direct dependency on github.com/pkg/errors (#185)
- run gofmt with Go 1.17
- remove direct dependency on github.com/pkg/errors
- Fix darwin issues (#186)
- update AUTHORS
- darwin: use utimensat syscall instead of utimes
- fix darwin usage of du command
- go.mod: bazil.org/fuse v0.0.0-20200407214033-5883e5a4b5125 (#161)
- go.mod: bazil.org/fuse v0.0.0-20200407214033-5883e5a4b5125
- fs/stat: add FreeBSD, and cleanup some nolint-comments (#184)
- reformat nolint comments
- fs/stat: add FreeBSD
- Rename branch from master to main (#182)
- Rename branch from master to main
- testutil/loopback: print more debug info (#180)
- testutil/loopback: print more debug info
Changes from containerd/go-cni
18 commits
- run setup on networks in parallel (#76)
- switch to direct index
- run setup on networks in parallel
- remove: Continue on "not found" errors (#74)
- remove: Continue on "not found" errors
- go.mod: github.com/containernetworking/cni v1.0.1 (#72)
- go.mod: github.com/containernetworking/cni v1.0.1
- remove direct dependency on github.com/pkg/errors (#71)
- remove direct dependency on github.com/pkg/errors
- update CNI to v1.0.0 (#70)
- test: add TestLibCNIType100
- update CNI to v1.0.0
- Rename branch from master to main (#69)
- Rename branch from master to main
- result: change Raw from a struct field to a method (#68)
- result: change Raw from a struct field to a method
- result: expose raw result (#67)
- result: expose raw result
Changes from containerd/imgcrypt
32 commits
- CHANGES: Updated CHANGES document for 1.1.3 release (#64)
- CHANGES: Updated CHANGES document for 1.1.3 release
- docs: update project branch to main (#63)
- docs: update project branch to main
- Update linter to match containerd repo (#61)
- Update linter to match containerd repo
- update CI golang version
- Bump github.com/containerd/containerd from 1.5.7 to 1.5.8 (#59)
- Bump github.com/containerd/containerd from 1.5.7 to 1.5.8
- maint: Update to ocicrypt v1.1.2 (#57)
- maint: Update to ocicrypt v1.1.2
- Decouple CreateCryptoConfig() from github.com/urfave/cli (#56)
- Decouple CreateCryptoConfig() from github.com/urfave/cli
- Bump github.com/containerd/containerd from 1.5.5 to 1.5.7 (#55)
- Bump github.com/containerd/containerd from 1.5.5 to 1.5.7
- replace pkg/errors and bump related library
- README: Fix CRI decryption document URL (#53)
- README: Fix CRI decryption document URL
- Bump github.com/containerd/containerd from 1.5.2 to 1.5.4 (#52)
- Bump github.com/containerd/containerd from 1.5.2 to 1.5.4
- Bump containerd to 1.5.2 (#51)
- Bump containerd to 1.5.2
- images: Implement ConvertFunc for image en- and decryption (#49)
- images: Implement ConvertFunc for image en- and decryption
- Add containerd-release to makefile (#48)
- Remove ctr-enc from installation
- vendor sync up with containerd 1.5 ga, and runc94 (#47)
- sync up with containerd 1.5 ga, and runc94
- Sync ctr-enc with containerd's ctr v1.5.0-rc.3 (#46)
- CICD: Run 'apt update' before pulling packages
- ctr-enc: Set the version for ctr-enc when linking
- Sync ctr-enc with containerd's ctr v1.5.0-rc.3
Changes from containerd/ttrpc
34 commits
- Add protoc-gen-go-ttrpc (#96)
- Add protoc-gen-go-ttrpc
- client: Handle sending/receiving in separate goroutines (#94)
- client: Handle sending/receiving in separate goroutines
- Run Protobuild in GitHub Actions (#95)
- Run Protobuild in GitHub Actions
- Re-generate example.pb.go
- replace pkg/errors (#93)
- replace pkg/errors from vendor
- Rename branch from master to main (#86)
- Rename branch from master to main
- Make "go test" and "go build" work on macOS (#85)
- Make the example command buildable on macOS
- Run GitHub Actions on macOS
- Make "go test" work on macOS
- Return Unimplemented when services or methods are not implemented (#83)
- Return Unimplemented when services or methods are not implemented
- Remove "Very new" and checked TODO items (#84)
- Remove "Very new" and checked TODO items
- removing glide from ignore (#82)
- removing glide from ignore
- go.mod: update dependencies (#79)
- go.mod: github.com/prometheus/procfs v0.6.0
- go.mod: google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63
- go.mod: google.golang.org/grpc v1.27.1
- go.mod: github.com/gogo/protobuf v1.3.2
- remove travis, add codecov badge (#78)
- CI: add codecov badge to readme
- CI: remove travis
- Use GitHub Actions for CI (#77)
- Use GitHub Actions for CI
- go.mod: sirupsen/logrus v1.7.0 (#76)
- go.mod: sirupsen/logrus v1.7.0
- go mod tidy
Dependency Changes
- cloud.google.com/go v0.81.0 new
- github.com/AdaLogics/go-fuzz-headers 6c3934b029d8 new
- github.com/Microsoft/go-winio v0.4.17 -> v0.5.1
- github.com/Microsoft/hcsshim v0.8.16 -> v0.9.2
- github.com/blang/semver v3.5.1 new
- github.com/cenkalti/backoff/v4 v4.1.2 new
- github.com/cespare/xxhash/v2 v2.1.1 -> v2.1.2
- github.com/cilium/ebpf v0.4.0 -> v0.7.0
- github.com/containerd/cgroups v1.0.1 -> v1.0.3
- github.com/containerd/console v1.0.2 -> v1.0.3
- github.com/containerd/continuity v0.1.0 -> v0.2.2
- github.com/containerd/go-cni v1.0.2 -> v1.1.1
- github.com/containerd/imgcrypt v1.1.1 -> v1.1.3
- github.com/containerd/ttrpc v1.0.2 -> v1.1.0
- github.com/containernetworking/cni v0.8.1 -> v1.0.1
- github.com/containernetworking/plugins v0.9.1 -> v1.0.1
- github.com/containers/ocicrypt v1.1.1 -> v1.1.2
- github.com/coreos/go-systemd/v22 v22.1.0 -> v22.3.2
- github.com/go-logr/logr v0.2.0 -> v1.2.2
- github.com/go-logr/stdr v1.2.2 new
- github.com/godbus/dbus/v5 v5.0.3 -> v5.0.6
- github.com/golang/groupcache 8c9f03a8e57e -> 41bb18bfe9da
- github.com/golang/protobuf v1.3.5 -> v1.5.2
- github.com/google/go-cmp v0.5.4 -> v0.5.6
- github.com/google/gofuzz v1.1.0 -> v1.2.0
- github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 new
- github.com/grpc-ecosystem/grpc-gateway v1.16.0 new
- github.com/hashicorp/errwrap v1.0.0 -> v1.1.0
- github.com/hashicorp/go-multierror v1.0.0 -> v1.1.1
- github.com/imdario/mergo v0.3.11 -> v0.3.12
- github.com/intel/goresctrl v0.2.0 new
- github.com/json-iterator/go v1.1.10 -> v1.1.12
- github.com/moby/spdystream v0.2.0 new
- github.com/moby/sys/mountinfo v0.4.1 -> v0.5.0
- github.com/moby/sys/signal v0.6.0 new
- github.com/moby/sys/symlink v0.1.0 -> v0.2.0
- github.com/modern-go/reflect2 v1.0.1 -> v1.0.2
- github.com/opencontainers/image-spec v1.0.1 -> 693428a734f5
- github.com/opencontainers/runc v1.0.0-rc93 -> v1.1.0
- github.com/opencontainers/runtime-spec e6143ca7d51d -> 1c3f411f0417
- github.com/opencontainers/selinux v1.8.0 -> v1.10.0
- github.com/pelletier/go-toml v1.8.1 -> v1.9.3
- github.com/prometheus/client_golang v1.7.1 -> v1.11.0
- github.com/prometheus/common v0.10.0 -> v0.30.0
- github.com/prometheus/procfs v0.6.0 -> v0.7.3
- github.com/satori/go.uuid v1.2.0 new
- github.com/sirupsen/logrus v1.7.0 -> v1.8.1
- github.com/spf13/pflag v1.0.5 new
- github.com/stretchr/testify v1.6.1 -> v1.7.0
- github.com/vishvananda/netlink f5de75959ad5 new
- github.com/vishvananda/netns 2eb08e3e575f new
- go.etcd.io/bbolt v1.3.5 -> v1.3.6
- go.opencensus.io v0.22.3 -> v0.23.0
- go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.28.0 new
- go.opentelemetry.io/otel v1.3.0 new
- go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.3.0 new
- go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.3.0 new
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.3.0 new
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.3.0 new
- go.opentelemetry.io/otel/sdk v1.3.0 new
- go.opentelemetry.io/otel/trace v1.3.0 new
- go.opentelemetry.io/proto/otlp v0.11.0 new
- golang.org/x/crypto 0c34fe9e7dc2 -> 32db794688a5
- golang.org/x/net e18ecbb05110 -> fe4d6282115f
- golang.org/x/oauth2 bf48bf16ab8d -> 2bc19b11175f
- golang.org/x/sync 09787c993a3a -> 036812b2e83c
- golang.org/x/sys 47abb6519492 -> 1d35b9e2eb4e
- golang.org/x/term 7de9c90e9dd1 -> 6886f2dfbf5b
- golang.org/x/text v0.3.4 -> v0.3.7
- golang.org/x/time 3af7569d3a1e -> 1f47c861a9ac
- google.golang.org/appengine v1.6.5 -> v1.6.7
- google.golang.org/grpc v1.27.1 -> v1.43.0
- google.golang.org/protobuf v1.27.1 new
- gopkg.in/yaml.v3 9f266ea9e77c -> 496545a6307b
- k8s.io/api v0.20.6 -> v0.22.5
- k8s.io/apimachinery v0.20.6 -> v0.22.5
- k8s.io/apiserver v0.20.6 -> v0.22.5
- k8s.io/client-go v0.20.6 -> v0.22.5
- k8s.io/component-base v0.20.6 -> v0.22.5
- k8s.io/cri-api v0.20.6 -> v0.23.1
- k8s.io/klog/v2 v2.4.0 -> v2.30.0
- k8s.io/utils 67b214c5f920 -> cb0fa318a74b
- sigs.k8s.io/structured-merge-diff/v4 v4.0.3 -> v4.1.2
Previous release can be found at v1.5.0