containerd/containerd v1.7.14 on GitHub

Welcome to the v1.7.14 release of containerd!

The fourteenth patch release for containerd 1.7 contains various fixes and updates.

Highlights

Update builds to use go 1.21.8 (#9933)
Fix various timing issues with docker pusher (#9921)
Register imagePullThroughput and count with MiB (#9855)
Move high volume event logs to Trace level (#9823)

Container Runtime Interface (CRI)

Handle pod transition states gracefully while listing pod stats (#9905)

Runtime

Update runc-shim to process exec exits before init (#9928)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

Wei Fu
Derek McGowan
Maksym Pavlenko
Krisztian Litkey
Akihiro Suda
Justin Chadwell
Sebastiaan van Stijn
Phil Estes
Kirtana Ashok
Akhil Mohan
Austin Vazquez
Etienne Champetier
Jordan Liggitt
Kohei Tokunaga
Mike Brown
Samuel Karp
Davanum Srinivas
Edgar Lee
Henry Wang
James Sturtevant
Laura Brehm
Nashwan Azhari
Robbie Buxton
Robert-André Mauchin
Shukui Yang

Changes

70 commits

Prepare release notes for v1.7.14 (#9953)
- 1babe6b58 Prepare release notes for v1.7.14
Backport use Go toolchain in CI matrix to build binaries (#9951)
- a9bbbefcf Use the Go toolchain in CI matrix to build binaries
Update builds to use go 1.21.8 (#9933)
- 1ca9a643a update to go 1.21.8, 1.22.1
Move inline PS scripts into files (#9938)
- 39caf532e Move inline PS scripts into files
Disable OOM set score unpriv test temporarily (#9944)
- 630226bb4 Disable OOM set score unpriv test temporarily
Update runc-shim to process exec exits before init (#9928)
- de7b6bae9 runc-shim: process exec exits before init
update to go 1.21.6, test 1.22.0 (#9860)
- 3b3e537ea Uninstall mingw before attempting upgrade
- 9e24388b2 CI: Explicitly upgrade MinGW on Windows 2019 GitHub runners.
- 5b23a4127 seccomp, apparmor: add go:noinline
- 753422ac1 Drop go 1.20 and build against 1.22
- a2d64218c Fix windows integration tests
- 6379dd6f4 Update workflow files to install Go via composite action
- a5c0d061c Extract a composite action to install Go
Fix various timing issues with docker pusher (#9921)
- 52a1402df copy: prevent potential deadlock if close before fully written
- 872746386 copy: setError should imply Close
- a8004007a copy: remove max number of ErrResets
- 0465472ed pushWriter: refactor reset pipe logic into separate function
- 2577207cc copy: improve error detection from closed pipes
- d081da86b copy: check if writer was closed before setting a pipe
- 2a25c085b copy: remove wrapping io.NopCloser from push writer pipe
Register imagePullThroughput and count with MiB (#9855)
- 711cebd48 Register imagePullThroughput and count with MiB
Update golangci-lint to v1.56.1 (#9900)
- 926ceb036 fix golangci-lint errors
- 4030ae235 Update golangci-lint to v1.56.1
- 6620d6bfd ci: bump up golangci-lint to v1.55.2
- b16ca72b2 Bump up golangci-lint to v1.54.2
Handle pod transition states gracefully while listing pod stats (#9905)
- 39db3f18b adjust test cases to run for windows
- 579d8b463 [cri] Handle Windows pod transitions gracefully
Backport GitHub actions package updates (#9876)
- 8d6f0f2ae build(deps): bump golangci/golangci-lint-action from 3 to 4
- 7929592b9 build(deps): bump actions/upload-artifact from 3 to 4
- e11de777d build(deps): bump crazy-max/ghaction-github-runtime from 2 to 3
- 2b40a4074 build(deps): bump actions/checkout from 3 to 4
- 22feefa57 build(deps): bump actions/setup-go from 3 to 5
- b96aa4012 build(deps): bump actions/upload-artifact from 1 to 3
- 97763f91d build(deps): bump docker/setup-buildx-action from 2 to 3
- 6875bb14f build(deps): bump github/codeql-action from 2 to 3
- 87f9adb6b build(deps): bump actions/download-artifact from 3 to 4
.github: windows should use fix critool version (#9874)
- d9c099a9a .github: windows should use fix critool version
ci: update crun version to 1.14.3 (#9850)
- dc594b01d ci: update crun version to 1.14.3
Add WithMetaStore to overlay snapshotter and missing unpacker.Wait for image import (#9837)
- 8fe0b26f1 Add missing unpacker.Wait for image import
- 31ea2d7d9 Add WithMetaStore to overlay snapshotter to allow bringing your own
Move high volume event logs to Trace level (#9823)
- 982e0cffb Move high volume event logs to Trace level
cri: propagate deprecation list to runtime status (#9818)
- c79ffa277 cri: propagate deprecation list to runtime status
ctr: print deprecation warnings on every invocation (#9820)
- eaebe23de ctr: print deprecation warnings on every invocation
bug fix: make sure cri image is pinned when it is pulled outside cri (#9784)
- 26c057423 bug fix: make sure cri image is pinned when it is pulled outside cri
go.{mod,sum}: update NRI dependency, fixing a potential fd double close error. (#9783)
- d3e997556 go.{mod,sum}: update NRI dependency, re-vendor.
Add option to perform syncfs after pull (#9769)
- ea0a92ec3 *: introduce image_pull_with_sync_fs in CRI
- 4caf44032 api: introduce sync_fs to diff.ApplyRequest
Move certain debug logs to trace logs (#9761)
- 3f75af7bf Move certain debug logs to trace logs

Changes from containerd/nri

23 commits

socketpair_windows: remove implementation for now (containerd/nri#69)
- e47f09b socketpair_windows: remove implementation for now
adaptation, stub: allow extra ttrpc client and server options. (containerd/nri#67)
- 45b9e3f plugins: update dependencies.
- f600cf6 go.{mod,sum}: update dependencies.
- 13ee978 pkg/stub: add support for extra ttrpc options.
- c4e2f81 pkg/adaptation: add support for extra ttrpc options.
socketpair_unix: avoid double close(), set FD_CLOEXEC (containerd/nri#66)
- 5d0b52b sockerpair_unix: avoid double close(), set FD_CLOEXEC
Task: fix typo in godoc (containerd/nri#61)
- ae7840b Task: fix typo in godoc
Take pkg/hooks from github.com/containers/common (carry 46) (containerd/nri#55)
- b4ac58c Take pkg/hooks from github.com/containers/common
gha: remove GOPATH and workingdir, update actions/setup-go@v4, actions/checkout@v4 (containerd/nri#53)
- ee96969 gha: update actions/checkout@v4
- 7b33fbf gha: update actions/setup-go@v4
- e33ac3e gha: remove working-dir and GOPATH
remove containerd as dependency (containerd/nri#51)
- da8a7e5 remove containerd as dependency
make plugins/ulimit-adjuster a separate module (containerd/nri#54)
- 934815e make plugins/ulimit-adjuster a separate module
scripts: fix protobuf URL on arm64 (containerd/nri#52)
- 9b43daa scripts: fix protobuf URL on arm64

Changes from containerd/ttrpc

21 commits

Fix streaming with empty payloads (containerd/ttrpc#157)
- 44ca009 Add comment
- 6615f15 Fix linter
- dea99e9 Fix handling of empty payloads
- 336fc1b Add integration test to reproduce issue with empty payloads
Bump google.golang.org/grpc from 1.57.0 to 1.57.1 (containerd/ttrpc#156)
- 1e51c46 Bump google.golang.org/grpc from 1.57.0 to 1.57.1
Bump golang.org/x/net from 0.10.0 to 0.17.0 (containerd/ttrpc#155)
- bea960d Bump golang.org/x/net from 0.10.0 to 0.17.0
Implement support for unary interceptor chaining. (containerd/ttrpc#152)
- 40f227d server: implement UnaryServerInterceptor chaining.
- f984c9b client: implement UnaryClientInterceptor chaining.
Fix grammar in comment for UserOnCloseWait. (containerd/ttrpc#153)
- 8ca4110 Fix comment for UserOnCloseWait.
Bump genproto dependency (containerd/ttrpc#154)
- a2fbc14 go.mod: google.golang.org/genproto/googleapis/rpc v0.0.0-20230731190214-cbb8c96f2d6d
- cf2b85d go.mod: bump to supported go version
server_test: wait for OnClose in TestClientEOF. (containerd/ttrpc#150)
- e0cd801 server_test: wait for OnClose in TestClientEOF.
.github: give more slack for build+tests. (containerd/ttrpc#151)
- 8d47846 .github: give more slack for build+tests.

Dependency Changes

github.com/containerd/nri v0.4.0 -> v0.6.0
github.com/containerd/ttrpc v1.2.2 -> v1.2.3
google.golang.org/genproto/googleapis/rpc 782d3b101e98 -> cbb8c96f2d6d

Previous release can be found at v1.7.13

containerd/containerd v1.7.14 containerd 1.7.14 on GitHub