Containerd - v1.6.0
Welcome to the v1.6.0 release of containerd!
The seventh major release of containerd includes many improvements and added
support to increase overall compatibility and stability.
Highlights
Runtime
- Add runtime label to metrics (#5744)
- Cleanup task delete logic in v2 shim (#5813)
- Add support for shim plugins (#5817)
- Handle sigint and sigterm in shimv2 (#5828)
- Decouple shim and task manager (#5918)
- Add runc shim support for core scheduling (#6011)
- Update shim client connect attempt to fail fast when shim errors (#6031)
- Add support for absolute path to shim binaries (#6206)
- Update runc to v1.1.0 (#6375)
Windows
- Add support for Windows HostProcess containers (#5131)
- Add support for Windows resource limits (#5778)
CRI
- Add CNI configuration based on runtime class (#4695)
- Add support for Intel RDT (#5439)
- Add support for CRI v1 and v1alpha in parallel (#5619)
- Add support for unified resources field for cgroups v2 (#5627)
- Add IP preference configuration for reporting pod IP (#5964)
- Implement new CRI pod sandbox stats API (#6113)
- Add sandbox and container latency metrics (#6111)
- Add namespace to ttrpc and grpc plugin connections (#6130)
- Add option to allow ping sockets and privileged ports with no capabilities (#6170)
- Add support for configuring swap (#6320)
Other
- Add support for client TLS Auth for grpc (#5606)
- Add xfs support for devicemapper snapshotter (#5610)
- Add metric exposing build version and revision (#5965)
- Add support for custom fs options in devmapper snapshotter (#6122)
- Update introspection service to show GRPC plugins (#6432)
Client
- Allow WithServices to use custom implementations (#5709)
- Support custom compressor for walking differ (#5735)
Release Updates
containerd/CNI/runc/critools tar bundle
The tar bundles released as cri-containerd-*.tar.gz contain a build of runc
linked with a newer version of libseccomp. This dynamically-linked build of runc
was built on Ubuntu 18.04 and will not work on some other distributions, such as
RHEL 7 and Debian 10. Users of such distributions may get a statically-linked
runc binary from https://github.com/opencontainers/runc/releases or build runc
for their own environment.
Deprecation These tar bundles are now deprecated and will be removed or
replaced in containerd 2.0. Projects relying on these tar bundles should use
thecontainerd-*.tar.gzbundles or work with the containerd community on a
suitable replacement in containerd 2.0.
See the changelog for complete list of changes
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Derek McGowan
- Phil Estes
- Akihiro Suda
- Wei Fu
- Maksym Pavlenko
- Sebastiaan van Stijn
- Michael Crosby
- Kazuyoshi Kato
- Mike Brown
- Claudiu Belu
- Daniel Canter
- Gabriel Adrian Samfira
- haoyun
- Brian Goff
- Stefan Berger
- zounengren
- AdamKorcz
- Adelina Tuvenie
- Kohei Tokunaga
- Davanum Srinivas
- Nashwan Azhari
- Samuel Karp
- Shiming Zhang
- Markus Lehtonen
- Enrico Weigelt, metux IT consult
- Alakesh Haloi
- Hajime Tazaki
- Iceber Gu
- Kevin Parsons
- Aditi Sharma
- David Porter
- Jeremi Piotrowski
- Gijs Peskens
- ningmingxiao
- Brandon Lum
- Cody Roseborough
- Danielle Lancashire
- Eric Ernst
- Jacob MacElroy
- Tõnis Tiigi
- dependabot[bot]
- wanglei
- Alexandre Peixoto Ferreira
- Fabiano Fidêncio
- Furkan Türkal
- Jiaming Xu
- Kir Kolyshkin
- Miao Wang
- Neil Johnson
- Paul "TBBle" Hampson
- Priyanka Saggu
- Romain Aviolat
- Samuel Ortiz
- Sunghoon Kang
- Takumasa Sakao
- Tobias Klauser
- Zhiyu Li
- ye.sijun
- Alexander Minbaev
- Alexey Ivanov
- Andrey Smirnov
- Artem Khramov
- Aurelien Lun-Sin
- Ben Hutchings
- Cory Bennett
- Da McGrady
- Dan Williams
- Eng Zer Jun
- Ethan Chen
- Fupan Li
- Gaurav Gahlot
- Gunju Kim
- Henry Wang
- Jacob Blain Christen
- James Gordon
- James Sturtevant
- Jan Klippel
- Jayme Howard
- Jiajun Jiang
- Jintao Zhang
- Justin Terry
- Kaijie Chen
- Kante
- Kern Walster
- Kitt Hsu
- Lantao Liu
- Ma Xinjian
- Manabu Sugimoto
- Manuel Alejandro de Brito Fontes
- Mark Rossetti
- Markus Lippert
- Mete Durlu
- Michael Zappa
- Mikko Ylinen
- Ng Yang
- Nicolas Chariglione
- Ning Li
- Olli Janatuinen
- Peri Thompson
- Quan Tian
- Radostin Stoyanov
- Rui Lopes
- Sambhav Kothari
- Sebastian Hasler
- Sergey Kanzhelev
- Shuntaro Azuma
- Sören Tempel
- Yang Yang
- Yifan Yuan
- Zilong Wang
- Zufar Dhiyaulhaq
- botieking98
- chenxiaoyu
- jayonlau
- jerryzhuang
- linrunlong
- scuzhanglei
- wangzhan
- Étienne Guesnet
Changes
1059 commits
* Prepare release notes for v1.6.0 ([#6531](https://github.com/containerd/containerd/pull/6531))
* Prepare release notes for v1.6.0
* Update Go to 1.16.14, 1.17.7 ([#6555](https://github.com/containerd/containerd/pull/6555))
* Update Go to 1.16.14, 1.17.7
* Change the context to avoid misunderstandings in architecture.md. ([#6533](https://github.com/containerd/containerd/pull/6533))
* Change the context to avoid misunderstandings
* Update go-cni to v1.1.3 ([#6543](https://github.com/containerd/containerd/pull/6543))
* Update go-cni to v1.1.3
* Update go-cni to v1.1.2
* Wait for containerd installation in GCE scripts ([#6544](https://github.com/containerd/containerd/pull/6544))
* Wait for containerd installation in GCE scripts
* Enable TestContainerPTY and TestContainerUsername ([#6540](https://github.com/containerd/containerd/pull/6540))
* Enable TestContainerPTY and TestContainerUsername
* Update BUILDING.md ([#6500](https://github.com/containerd/containerd/pull/6500))
* Add instructions on using go with admin perms
* Prepare release notes for v1.6.0-rc.4 ([#6537](https://github.com/containerd/containerd/pull/6537))
* Prepare release notes for v1.6.0-rc.4
* Change file name for shim binary path ([#6536](https://github.com/containerd/containerd/pull/6536))
* Change file name for shim binary path
* containerd-stress: introduce option for specifying image ([#6532](https://github.com/containerd/containerd/pull/6532))
* containerd-stress: introduce option for specifying image
* Prepare release notes for v1.6.0-rc.3 ([#6524](https://github.com/containerd/containerd/pull/6524))
* Prepare release notes for v1.6.0-rc.3
* Use white logo in github dark mode ([#6529](https://github.com/containerd/containerd/pull/6529))
* Use white logo in github dark mode
* cri: fix handling of ignore_rdt_not_enabled_errors config option ([#6514](https://github.com/containerd/containerd/pull/6514))
* cri: fix handling of ignore_rdt_not_enabled_errors config option
* pkg/oom/v2: handle EventChan routine shutdown quietly ([#6504](https://github.com/containerd/containerd/pull/6504))
* pkg/oom/v2: handle EventChan routine shutdown quietly
* fix: .dockerignore make git working tree dirty ([#6523](https://github.com/containerd/containerd/pull/6523))
* fix: .dockerignore makes git working tree dirty
* containerd-stress: start task ctr before starting execs ([#6518](https://github.com/containerd/containerd/pull/6518))
* containerd-stress: start task ctr before starting execs
* Document fs_type and fs_options in snapshots/devmapper/README.md ([#6501](https://github.com/containerd/containerd/pull/6501))
* Document fs_type and fs_options in snapshots/devmapper/README.md
* docs: add Talos Linux to the list of adopters ([#6510](https://github.com/containerd/containerd/pull/6510))
* docs: add Talos Linux to the list of adopters
* Prepare 1.6.0-rc.2 ([#6502](https://github.com/containerd/containerd/pull/6502))
* Prepare release notes for v1.6.0-rc.2
* Update releases document
* platforms.Normalize(): do not reset OSVersion and OSFeatures ([#6497](https://github.com/containerd/containerd/pull/6497))
* platforms.Normalize(): do not reset OSVersion and OSFeatures
* tracing: use OTLP/HTTP in addition to OTLP/gRPC ([#6457](https://github.com/containerd/containerd/pull/6457))
* tracing: return (ctx, span) from StartSpan
* tracing: support OTLP/HTTP in addition to gRPC
* Update cgroups to v1.0.3 ([#6498](https://github.com/containerd/containerd/pull/6498))
* Update cgroups to v1.0.3
* seccomp: kernel 5.11 -> 5.16 ([#6494](https://github.com/containerd/containerd/pull/6494))
* seccomp: kernel 5.16 (futex_waitv)
* seccomp: kernel 5.15 (process_mrelease)
* seccomp: kernel 5.14 (quotactl_fd, memfd_secret)
* seccomp: kernel 5.13 (landlock_{add_rule,create_ruleset,restrict_self})
* seccomp: kernel 5.12 (mount_setattr)
* remotes: fix dockerPusher to handle abort correctly ([#6243](https://github.com/containerd/containerd/pull/6243))
* remotes: fix dockerPusher to handle abort correctly
* seccomp: add support for "swapcontext" syscall in default policy ([#6411](https://github.com/containerd/containerd/pull/6411))
* seccomp: add support for "swapcontext" syscall in default policy
* oci: use readonly mount to read user/group info ([#6478](https://github.com/containerd/containerd/pull/6478))
* oci: use readonly mount to read user/group info
* Fix possibly incorrect media type default on import ([#6475](https://github.com/containerd/containerd/pull/6475))
* Fix possibly incorrect media type default on import
* shimv2: handle sigint/sigterm ([#5828](https://github.com/containerd/containerd/pull/5828))
* shimv2: handle sigint/sigterm
* Fix acr fetch token 400 ([#6481](https://github.com/containerd/containerd/pull/6481))
* fix acr fetch token 400
* platforms: add support for matching amd64 variants ([#6455](https://github.com/containerd/containerd/pull/6455))
* platforms: add support for matching amd64 variants
* Fix windows periodic workflow ([#6476](https://github.com/containerd/containerd/pull/6476))
* Fix windows periodic workflow
* docs: add doc-comments on GC-related methods ([#6473](https://github.com/containerd/containerd/pull/6473))
* docs: add doc-comments on GC-related methods
* fix: should not send 137 code event if cmd is notfound ([#6465](https://github.com/containerd/containerd/pull/6465))
* fix: should not send 137 code event if cmd is notfound
* Fix empty scopes return ([#6463](https://github.com/containerd/containerd/pull/6463))
* fix empty scopes return
* Prepare release notes for v1.6.0-rc.1 ([#6462](https://github.com/containerd/containerd/pull/6462))
* Prepare release notes for v1.6.0-rc.1
* Add support for skipping non-dist blob push ([#6424](https://github.com/containerd/containerd/pull/6424))
* ctr: flag to toggle non-distributable blob push
* Add image handler to skip non-distributable blobs.
* Compile binaries for go1.16 and go1.17 in CI ([#6461](https://github.com/containerd/containerd/pull/6461))
* Compile binaries for go1.16 and go1.17 in CI
* services/introspection: fix plugin caching to show grpc plugins ([#6432](https://github.com/containerd/containerd/pull/6432))
* Update caching logic to avoid map access
* services/introspection: support to show introspection grpc service
* Integration: Change to Windows Server 2022 build number constant ([#6458](https://github.com/containerd/containerd/pull/6458))
* Integration: Change to Windows Server 2022 build number constant
* Update kubernetes vendor to 0.22.5 ([#6460](https://github.com/containerd/containerd/pull/6460))
* Update kubernetes vendor to 0.22.5
* Fix rdt build tags for go 1.16 ([#6459](https://github.com/containerd/containerd/pull/6459))
* Fix rdt build tags for go 1.16
* Remove submodule go mod ([#6439](https://github.com/containerd/containerd/pull/6439))
* Remove api go submodule
* Update makefile to remove API submodule
* go.mod: Update hcsshim to v0.9.2 ([#6453](https://github.com/containerd/containerd/pull/6453))
* go.mod: Update hcsshim to v0.9.2
* update runc to v1.1.0 ([#6375](https://github.com/containerd/containerd/pull/6375))
* go.mod: github.com/opencontainers/runc v1.1.0
* update runc binary to v1.1.0
* tracing: fix OTLP tracer's initialization ([#6443](https://github.com/containerd/containerd/pull/6443))
* tracing: fix OTLP tracer's initialization
* gha: run CodeQL scan on pull requests ([#6386](https://github.com/containerd/containerd/pull/6386))
* gha: run CodeQL scan on pull requests
* Do not automatically inject client traces ([#6445](https://github.com/containerd/containerd/pull/6445))
* Do not automatically inject client traces
* [containerd-stress] delete useless code ([#6451](https://github.com/containerd/containerd/pull/6451))
* delete useless code
* Revert "Add shared content label to namespaces" ([#6440](https://github.com/containerd/containerd/pull/6440))
* Revert "Add shared content label to namespaces"
* Add ppc64 support for test images ([#6435](https://github.com/containerd/containerd/pull/6435))
* Add ppc64 support for test images
* ctr: Unify the delete subcommand alias ([#6427](https://github.com/containerd/containerd/pull/6427))
* ctr: Unify the delete subcommand alias
* Prepare release notes for v1.6.0-rc.0 ([#6431](https://github.com/containerd/containerd/pull/6431))
* Prepare release notes for v1.6.0-rc.0
* Integration: Switch to using `auth` Gcloud action in Windows workflow. ([#6397](https://github.com/containerd/containerd/pull/6397))
* Integration: Switch to `upload-cloud-storage` Gcloud action.
* Integration: Switch to using `auth` Gcloud action in Windows workflow.
* remove io/ioutil ([#6426](https://github.com/containerd/containerd/pull/6426))
* remove io/ioutil
* test: e2e node COS cgroupv2 script ([#6418](https://github.com/containerd/containerd/pull/6418))
* test: e2e node COS cgroupv2 script
* Integration: Enable CRITest on Windows 2022. ([#6378](https://github.com/containerd/containerd/pull/6378))
* Enable critest tests on Windows Server 2022.
* Parametrize CRITest test images in Windows Periodic workflow.
* Update error message for apparmor parser ([#6415](https://github.com/containerd/containerd/pull/6415))
* Update error message for apparmor parser
* Fix wrong log message ([#6419](https://github.com/containerd/containerd/pull/6419))
* Fix wrong log message
* Followup errors change ([#6414](https://github.com/containerd/containerd/pull/6414))
* Fix incorrect error wrapped when closing ingest file
* Fix seek error used without nil check
* Fix followup items from errors replacement
* Updates CRI API & Kubernetes to 1.23 ([#6351](https://github.com/containerd/containerd/pull/6351))
* Update k/k to 1.23.0
* Updating adoption of containerd for AKS ([#6416](https://github.com/containerd/containerd/pull/6416))
* Updating adoption of containerd for AKS
* update the adoption status of containerd in GKE ([#6413](https://github.com/containerd/containerd/pull/6413))
* update the adoption status of containerd in GKE
* go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt} ([#6410](https://github.com/containerd/containerd/pull/6410))
* go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt}
* replace github.com/pkg/errors with native errors ([#6366](https://github.com/containerd/containerd/pull/6366))
* feat: replace github.com/pkg/errors to errors
* corrected link in cri architecture documentation ([#6412](https://github.com/containerd/containerd/pull/6412))
* corrected link in cri architecture documentation
* remotes/docker: allow fetching "refresh token" (aka "identity token", "offline token") ([#6396](https://github.com/containerd/containerd/pull/6396))
* remotes/docker: allow fetching "refresh token" (aka "identity token")
* remotes/docker/config: allow setting custom AuthorizerOpts
* Prepare release notes for v1.6.0-beta.5 ([#6407](https://github.com/containerd/containerd/pull/6407))
* Prepare release notes for v1.6.0-beta.5
* Integration: Check GCP secrets on Windows CI artifact upload. ([#6292](https://github.com/containerd/containerd/pull/6292))
* Integration: Check GCP secrets on Windows CI artifact upload.
* Github Security Advisory [GHSA-mvff-h3cj-wj9c](https://github.com/containerd/containerd/security/advisories/GHSA-mvff-h3cj-wj9c)
* only relabel cri managed host mounts
* Add support for Intel RDT ([#5439](https://github.com/containerd/containerd/pull/5439))
* cri: add ignore_rdt_not_enabled_errors config option
* Update dependencies
* cri: annotations for controlling RDT class
* tasks: add Linux rdt support
* cmd: add --rdt-class command line option
* oci: implement WithRdt
* fix: use _ for consistency ([#6391](https://github.com/containerd/containerd/pull/6391))
* fix: use _ for consistency
* content/local: use syscall.Timespec.Unix ([#6403](https://github.com/containerd/containerd/pull/6403))
* content/local: use syscall.Timespec.Unix
* docs: improve plugin documentation ([#6207](https://github.com/containerd/containerd/pull/6207))
* docs: document the runtime shim plugin config options
* docs: use proper markdown lists in containerd-config.toml.5.md
* fix(ctr): enable networking for Windows containers ([#6304](https://github.com/containerd/containerd/pull/6304))
* fix(ctr): enable networking for Windows containers
* Fix $(PWD) issue for Windows makefile ([#6394](https://github.com/containerd/containerd/pull/6394))
* Fix $(PWD) issue for Windows makefile
* only test abstract uds on linux ([#6395](https://github.com/containerd/containerd/pull/6395))
* fix: only test abstract unix socket on linux
* Fix restart container test ([#6390](https://github.com/containerd/containerd/pull/6390))
* Expect ErrorNotFound on Windows after Kill()
* Replace tskill with taskkill
* fix when kernel version < 4.13rc1 by using index=off cause test error ([#6291](https://github.com/containerd/containerd/pull/6291))
* fix when kernel version < 4.13rc1 by using index=off cause overlay test error
* Fix no-daemon flag for integration/client tests ([#6384](https://github.com/containerd/containerd/pull/6384))
* Fix no-daemon flag for integration/client tests
* Enable lazy init for ext4 with devicemapper ([#6122](https://github.com/containerd/containerd/pull/6122))
* Enable lazy init for ext4 with devicemapper
* Fix flakiness on Windows for list stats ([#6385](https://github.com/containerd/containerd/pull/6385))
* Fix flakiness on Windows for list stats
* cri-integration: Add Windows defaults and fix spaces issue ([#6347](https://github.com/containerd/containerd/pull/6347))
* cri-integration: Add Windows default paths
* Upgrade OpenTelemetry dependencies ([#6383](https://github.com/containerd/containerd/pull/6383))
* Upgrade k8s.io/klog/v2 from 2.9.0 to 2.20.0
* Use insecure.NewCredentials instead of grpc.WithInsecure
* Upgrade OpenTelemetry dependencies
* Fix default makefile target for windows ([#6322](https://github.com/containerd/containerd/pull/6322))
* Fix default makefile target for windows
* Disable TestContainerHook on Windows ([#6379](https://github.com/containerd/containerd/pull/6379))
* Disable TestContainerHook on Windows
* seutil: Fix setting the "container_kvm_t" label ([#6372](https://github.com/containerd/containerd/pull/6372))
* seutil: Fix setting the "container_kvm_t" label
* Remove Windows integration testing for 2004. ([#6350](https://github.com/containerd/containerd/pull/6350))
* Remove Windows integration testing for 2004.
* OCI: Mount (accessible) host devices in privileged rootless containers ([#6308](https://github.com/containerd/containerd/pull/6308))
* OCI: Mount (accessible) host devices in privileged rootless containers
* oci.getDevices(): move "non-dir, non '/dev/console'" case into switch
* cri: add support for configuring swap ([#6320](https://github.com/containerd/containerd/pull/6320))
* fixup: check for swap accounting
* fixup: handle diff between cgroupsv1 and v2
* cri: add support for configuring swap
* Integration: Enable TestVolumeOwnership on Windows ([#6275](https://github.com/containerd/containerd/pull/6275))
* Replace find with native Go code
* Enable TestVolumeOwnership on Windows
* Prepare release notes for v1.6.0-beta.4 ([#6296](https://github.com/containerd/containerd/pull/6296))
* Prepare release notes for v1.6.0-beta.4
* refactor: functions for error log and error return ([#6358](https://github.com/containerd/containerd/pull/6358))
* feat: Errorf usage
* Split apart runc shim into plugin components ([#6021](https://github.com/containerd/containerd/pull/6021))
* Use task plugin for runc shim
* Seperate shim manager and task service
* Split runc shim into plugin components
* Add shutdown package
* CRI update for sandbox sizing ([#6155](https://github.com/containerd/containerd/pull/6155))
* cri, sandbox: pass sandbox resource details if available, applicable
* medatada: make namespaces' deletion error less cryptic ([#6354](https://github.com/containerd/containerd/pull/6354))
* medatada: make namespaces' deletion error less cryptic
* ListContainerStats to return stats response if ContainerStatsFilter is nil ([#6373](https://github.com/containerd/containerd/pull/6373))
* add-list-stat: return container list if filter is nil
* integration: deflake TestContainerdRestart ([#6369](https://github.com/containerd/containerd/pull/6369))
* integration: deflake TestContainerdRestart
* feat: add timeout for bolt open ([#6225](https://github.com/containerd/containerd/pull/6225))
* feat: support custom timeout for blot open
* Update Go to 1.17.5 ([#6333](https://github.com/containerd/containerd/pull/6333))
* Update Go to 1.17.5
* cri/server: use consistent alias for pkg/ioutil ([#6332](https://github.com/containerd/containerd/pull/6332))
* cri/server: use consistent alias for pkg/ioutil
* Disable restart monitor test in Windows ([#6364](https://github.com/containerd/containerd/pull/6364))
* Disable restart monitor test in Windows
* Don't fail-fast on Windows integration tests ([#6338](https://github.com/containerd/containerd/pull/6338))
* Don't fail-fast on Windows integration tests
* Update restart monitor test to output daemon logs on failure ([#6355](https://github.com/containerd/containerd/pull/6355))
* Run windows parallel integration test as short
* Update restart monitor test to output daemon logs on failure
* go.mod: update image-spec to latest (v1.0.3-dev) ([#6263](https://github.com/containerd/containerd/pull/6263))
* images/converter: remove deprecated types
* go.mod: update image-spec to latest (v1.0.3-dev)
* Skip WithAdditionalGIDs on Darwin ([#6353](https://github.com/containerd/containerd/pull/6353))
* Skip WithAdditionalGIDs on Darwin
* Use RFC3339 format on Windows periodic resource group creation so cleanup works ([#6303](https://github.com/containerd/containerd/pull/6303))
* Use RFC3339 format so rg cleanup works
* update runc to v1.0.3 ([#6330](https://github.com/containerd/containerd/pull/6330))
* go.mod: github.com/opencontainers/runc v1.0.3
* update runc binary to v1.0.3
* Unblock native snapshotter on Darwin ([#6329](https://github.com/containerd/containerd/pull/6329))
* Allow native snapshotter on Darwin
* Do not use `go get` to install executables ([#6328](https://github.com/containerd/containerd/pull/6328))
* Do not use `go get` to install executables
* Include runtime v2 in default builtins ([#6326](https://github.com/containerd/containerd/pull/6326))
* Include runtime v2 in default builtins
* Add Windows Server 2022 CI runs ([#6314](https://github.com/containerd/containerd/pull/6314))
* Add Windows Server 2022 CI runs
* Set explicit ACL on test files ([#6324](https://github.com/containerd/containerd/pull/6324))
* Use a single RUN command
* Set explicit ACL on test files
* integration: align tags of test images ([#6311](https://github.com/containerd/containerd/pull/6311))
* integration: align tags of test images
* Set CONTAINERD_ROOT in Windows cri-integration ([#6325](https://github.com/containerd/containerd/pull/6325))
* Set CONTAINERD_ROOT in Windows cri-integration
* export oci.DeviceFromPath() ([#6312](https://github.com/containerd/containerd/pull/6312))
* export oci.DeviceFromPath()
* Update volume test images ([#6321](https://github.com/containerd/containerd/pull/6321))
* Update continuity dependency
* Update volume test images
* Update TestRestartMonitor expected time check ([#6201](https://github.com/containerd/containerd/pull/6201))
* Add error logging on cleanup
* Update TestRestartMonitor expected time check
* Move test volume images from gcr to ghcr ([#6319](https://github.com/containerd/containerd/pull/6319))
* Move volume images from gcr to ghcr
* Revert shim service plugin migration ([#6301](https://github.com/containerd/containerd/pull/6301))
* Revert shim plugin migration
* Authenticate against ghcr.io ([#6317](https://github.com/containerd/containerd/pull/6317))
* Add permissions
* Authenticate against ghcr.io
* oci/deviceFromPath(): correctly check device types ([#6306](https://github.com/containerd/containerd/pull/6306))
* oci/deviceFromPath(): correctly check device types
* Skip TestExportAndImportMultiLayer on Windows ([#6315](https://github.com/containerd/containerd/pull/6315))
* Skip TestExportAndImportMultiLayer on Windows
* Integration: Add image build workflow ([#6290](https://github.com/containerd/containerd/pull/6290))
* Add image build workflow
* Integration: Separate Windows Periodic Tests workflow trigger. ([#6286](https://github.com/containerd/containerd/pull/6286))
* Integration: Separate Windows Periodic Tests workflow trigger.
* Build volume test images on Windows ([#6274](https://github.com/containerd/containerd/pull/6274))
* Build volume test images on Windows
* Add VMware TKG & TCE to Containerd adopters ([#6297](https://github.com/containerd/containerd/pull/6297))
* Add VMware TKG & TCE to Containerd adopters
* Vagrantfile: update to Fedora 35 ([#6293](https://github.com/containerd/containerd/pull/6293))
* Vagrantfile: update to Fedora 35
* Update README.md repo->org ([#6269](https://github.com/containerd/containerd/pull/6269))
* Update README.md repo->org
* Fix executable file not found when restoring shims ([#6278](https://github.com/containerd/containerd/pull/6278))
* Fix executable file not found when restoring shims
* ctr/snapshots/diff: show media-type in stderr ([#6271](https://github.com/containerd/containerd/pull/6271))
* ctr/snapshots/diff: don't show the media-type in output
* ctr: Add Linux Capabilities control flags ([#6289](https://github.com/containerd/containerd/pull/6289))
* ctr: Add Linux Capabilities control flags
* integration: add stats result in error message ([#6270](https://github.com/containerd/containerd/pull/6270))
* integration: add stats result in error message
* releases: mark 1.4 as Extended ([#6287](https://github.com/containerd/containerd/pull/6287))
* docs: mark 1.4 as Extended
* docs: fix RELEASES.md gRPC API anchor
* feat: skip ci for fork ([#6284](https://github.com/containerd/containerd/pull/6284))
* feat: skip ci for fork
* content/local: Close the file if Seek fails ([#6280](https://github.com/containerd/containerd/pull/6280))
* content/local: Close the file if Seek fails
* Integration: Remove explicit version passing to `azure/CLI`. ([#6268](https://github.com/containerd/containerd/pull/6268))
* Integration: Remove explicit version passing to `azure/CLI`.
* Fix wrong make target on documentation ([#6276](https://github.com/containerd/containerd/pull/6276))
* Fix wrong make target on documentation
* fix: server error return ([#6272](https://github.com/containerd/containerd/pull/6272))
* fix: server error return
* Prepare release notes for v1.6.0-beta.3 ([#6267](https://github.com/containerd/containerd/pull/6267))
* Prepare release notes for v1.6.0-beta.3
* Update API version in go.mod
* Update release name to use consistent format
* feat:support custom callopts on client side ([#6254](https://github.com/containerd/containerd/pull/6254))
* fix: make max recv/send msg size setting default
* feat:support custom callopts on client side
* [CRI] Fix panic when registry.mirrors use localhost ([#6258](https://github.com/containerd/containerd/pull/6258))
* [CRI] Fix panic when registry.mirrors use localhost
* Add support for TMP override on toml ([#6241](https://github.com/containerd/containerd/pull/6241))
* Add support for TMP override on toml
* CRI: Support enable_unprivileged_icmp and enable_unprivileged_ports options ([#6170](https://github.com/containerd/containerd/pull/6170))
* CRI: Support enable_unprivileged_icmp and enable_unprivileged_ports options
* Github Security Advisory [GHSA-5j5w-g665-5m35](https://github.com/containerd/containerd/security/advisories/GHSA-5j5w-g665-5m35)
* schema1: reject ambiguous documents
* images: validate document type before unmarshal
* [cri] add sandbox and container latency metrics ([#6111](https://github.com/containerd/containerd/pull/6111))
* [cri] add sandbox and container latency metrics
* Integration: Generalize Windows CI setup scripts for any username. ([#6255](https://github.com/containerd/containerd/pull/6255))
* Generalize Windows CI setup script for any user.
* Standardize cmdlet capitalization in Windows CI scripts.
* feat: use rwmutex instead ([#6253](https://github.com/containerd/containerd/pull/6253))
* feat: use rwmutex instead
* Allow absolute path to shim binaries ([#6206](https://github.com/containerd/containerd/pull/6206))
* Fix package alias
* Support custom runtime path when launching tasks
* Add runtime path in CreateTaskRequest
* Close file if permission modification fails ([#6246](https://github.com/containerd/containerd/pull/6246))
* Close file if permission modification fails
* release: change tar name to match prior releases ([#6250](https://github.com/containerd/containerd/pull/6250))
* release: change tar name to match prior releases
* Fix wrong error returned for image index lookup ([#6237](https://github.com/containerd/containerd/pull/6237))
* Fix wrong error returned for image index lookup
* Fix containerd fails to pull OCI image with non-`http(s)://` urls ([#6221](https://github.com/containerd/containerd/pull/6221))
* Fix containerd fails to pull OCI image with non-`http(s)://` urls
* Prepare release notes for v1.6.0-beta.2 ([#6223](https://github.com/containerd/containerd/pull/6223))
* Prepare release notes for v1.6.0-beta.2
* Add arm64 to releases ([#6196](https://github.com/containerd/containerd/pull/6196))
* Rename release dockerfile to omit distro name
* release: improve dockerfile
* Add arm64 to releases
* use write lock when updating container stats ([#6236](https://github.com/containerd/containerd/pull/6236))
* use write lock when updating container stats
* go.mod: Bump hcsshim to v0.9.1 ([#6230](https://github.com/containerd/containerd/pull/6230))
* go.mod: Bump hcsshim to v0.9.1
* go.mod: Bump ttrpc to 1.1.0 ([#6228](https://github.com/containerd/containerd/pull/6228))
* go.mod: Bump ttrpc to 1.1.0
* go.mod: bump moby/sys/symlink v0.2.0, moby/sys/signal v0.6.0, moby/sys/mountinfo v0.5.0 ([#6213](https://github.com/containerd/containerd/pull/6213))
* go.mod: github.com/moby/sys/mountinfo v0.5.0
* go.mod: github.com/moby/sys/signal v0.6.0
* go.mod: github.com/moby/sys/symlink v0.2.0
* go.mod: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359
* cleanup: add more description on comment ([#6222](https://github.com/containerd/containerd/pull/6222))
* cleanup: add more description on comment
* Update Go to 1.17.3 ([#6211](https://github.com/containerd/containerd/pull/6211))
* Update Go to 1.17.3
* CI: bump up crun: 1.0 -> 1.3 ([#6214](https://github.com/containerd/containerd/pull/6214))
* CI: bump up crun: 1.0 -> 1.3
* Pin az CLI version in windows-periodic workflow ([#6205](https://github.com/containerd/containerd/pull/6205))
* Pin az CLI version
* Decouple task manager ([#5918](https://github.com/containerd/containerd/pull/5918))
* Address PR comments
* Fix build after rebase
* Migrate task directory
* Expose shim process interface
* Fix after rebase
* Cleanup shim loading
* Move shim restore to a separate file
* Fix backward compatibility with old task shims
* Add plugin dependency between shim and shim services
* Rework task create and cleanup flow
* Add task manager
* Rename task manager to shim manager
* [cri] Implement k8s 1.23 CRI Pod Sandbox and Container Stats ([#6113](https://github.com/containerd/containerd/pull/6113))
* Implement CRI container and pods stats
* Vendor latest k8s.io/cri-api and netlink
* test: Add grace period for restart monitor test ([#6200](https://github.com/containerd/containerd/pull/6200))
* test: Add grace period for restart monitor test
* integration: Enables TestRuntimeHandler for Windows ([#6179](https://github.com/containerd/containerd/pull/6179))
* integration: Enables TestRuntimeHandler for Windows
* Add mkdir on Dockerfile ([#6171](https://github.com/containerd/containerd/pull/6171))
* Add mkdir on Dockerfile
* sys/reaper: avoid leaky goroutine when exec timeout ([#6189](https://github.com/containerd/containerd/pull/6189))
* sys/reaper: avoid leaky goroutine when exec timeout
* adds additional debug out to timebox cni setup ([#6184](https://github.com/containerd/containerd/pull/6184))
* adds additional debug out to timebox cni setup
* converter: Allow hooks during image conversion ([#6176](https://github.com/containerd/containerd/pull/6176))
* converter: Allow hooks during image conversion
* compression: support zstd with skippable frame ([#6177](https://github.com/containerd/containerd/pull/6177))
* compression: support zstd with skippable frame
* integration: Enables TestVolumeCopyUp for Windows ([#6182](https://github.com/containerd/containerd/pull/6182))
* integration: Enables TestVolumeCopyUp for Windows
* integration: Enable some tests for Windows (part 2) ([#6121](https://github.com/containerd/containerd/pull/6121))
* integration: Enable some tests for Windows (part 2)
* integration: Enable some tests for Windows ([#6085](https://github.com/containerd/containerd/pull/6085))
* integration: Enable some tests for Windows
* Update doc to version 2 syntax ([#6125](https://github.com/containerd/containerd/pull/6125))
* feat(doc): update to version 2 syntax
* fix shim reaper wait command execute blocked ([#6166](https://github.com/containerd/containerd/pull/6166))
* fix shim reaper wait command execute blocked
* content: close stream after commit request ([#6145](https://github.com/containerd/containerd/pull/6145))
* content: close stream after commit request
* Generating token options with each scope as a separate string. ([#6165](https://github.com/containerd/containerd/pull/6165))
* Adding scope tests for ParseAuthHeader
* Adding tests for GenerateTokenOptions
* Generate token options with each scope as a separate string.
* vendor: Updates go-cni ([#6167](https://github.com/containerd/containerd/pull/6167))
* vendor: Updates go-cni
* commands: Enables task metrics for Windows ([#6159](https://github.com/containerd/containerd/pull/6159))
* commands: Enables task metrics for Windows
* vendor: update moby/sys for darwin support ([#6149](https://github.com/containerd/containerd/pull/6149))
* vendor: update moby/sys for darwin support
* Prepare v1.6.0-beta.1 ([#6144](https://github.com/containerd/containerd/pull/6144))
* Prepare release notes for v1.6.0-beta.1
* Update mailmap
* Update api vendor
* bump cni to spec v1.0.0 ([#6136](https://github.com/containerd/containerd/pull/6136))
* bump CNI to spec v1.0.0
* Inject otel traces to grpc client. ([#5992](https://github.com/containerd/containerd/pull/5992))
* Inject otel traces to grpc client.
* client: expose (*image).platform ([#6142](https://github.com/containerd/containerd/pull/6142))
* client: expose (*image).platform
* Adding documentation for Core Scheduling ([#6128](https://github.com/containerd/containerd/pull/6128))
* feat(doc): add Core Scheduling documentation
* Ensure namespace is proxied to grpc/ttrpc plugins ([#6130](https://github.com/containerd/containerd/pull/6130))
* Ensure namespace is proxied to grpc/ttrpc plugins
* fix #6054 MaxConcurrentDownloads is not effect when Unpack is true ([#6109](https://github.com/containerd/containerd/pull/6109))
* fix #6054 MaxConcurrentDownloads is not effect when Unpack is true
* Output a warning for label image labels instead of erroring ([#6124](https://github.com/containerd/containerd/pull/6124))
* Output a warning for label image labels instead of erroring
* Fix spelling mistake in Windows snapshotter ([#6132](https://github.com/containerd/containerd/pull/6132))
* Fix spelling mistake in Windows snapshotter
* Windows: Cleanup rm- prefixed layers ([#6126](https://github.com/containerd/containerd/pull/6126))
* Windows: Cleanup rm- prefixed layers
* cleanup deprecated package `io/ioutil ` ([#6118](https://github.com/containerd/containerd/pull/6118))
* io/ioutil package has been deprecated in Go 1.16 that replaces io/ioutil functions
* close Writer after use which may memory leak ([#6115](https://github.com/containerd/containerd/pull/6115))
* close Writer after use which may leak mem
* Adds Windows resource limits support ([#5778](https://github.com/containerd/containerd/pull/5778))
* Adds Windows resource limits support
* Prepare release notes for v1.6.0-beta.0 ([#6098](https://github.com/containerd/containerd/pull/6098))
* Prepare release notes for v1.6.0-beta.0
* Add error message to in TestContainerdRestart integration test ([#6105](https://github.com/containerd/containerd/pull/6105))
* Add error message to in TestContainerdRestart integration test
* Fix typo in the NewContainer function documentation ([#6110](https://github.com/containerd/containerd/pull/6110))
* Fix typo in the NewContainer function documentation
* Update cgroups to v1.0.2 ([#6104](https://github.com/containerd/containerd/pull/6104))
* Update cgroups to v1.0.2
* btrfs: verify file content after mount ([#6100](https://github.com/containerd/containerd/pull/6100))
* test: check file content after mount
* Update test timeout based on recent cancellations ([#6107](https://github.com/containerd/containerd/pull/6107))
* Update test timeout based on recent cancellations
* Check the pid in cri test teardown ([#6106](https://github.com/containerd/containerd/pull/6106))
* Remove extra test_teardown
* Check the pid in cri test teardown
* add runc shim support for sched core ([#6011](https://github.com/containerd/containerd/pull/6011))
* fix integration client vendor
* add runc shim support for sched core
* integration: Enables Windows containerd restart test ([#5579](https://github.com/containerd/containerd/pull/5579))
* integration: Enables Windows containerd restart test
* vendor: Bump hcsshim to 0.9.0 ([#6099](https://github.com/containerd/containerd/pull/6099))
* vendor: Bump hcsshim to 0.9.0
* [cri] Add CNI conf based on runtime class ([#4695](https://github.com/containerd/containerd/pull/4695))
* Add CNI conf based on runtime class
* Update Go to 1.17.2 ([#6102](https://github.com/containerd/containerd/pull/6102))
* Update Go to 1.17.2
* integration: Adds test for multilayer image import ([#5933](https://github.com/containerd/containerd/pull/5933))
* integration: Adds test for multilayer image import
* runtime: should fail fast if dial error on shim ([#6031](https://github.com/containerd/containerd/pull/6031))
* runtime: should fail fast if dial error on shim
* Fixes Windows containers with image volumes ([#6034](https://github.com/containerd/containerd/pull/6034))
* Windows: Fixes Windows containers with image volumes
* run `gofmt` with GO 1.17 ([#6094](https://github.com/containerd/containerd/pull/6094))
* run `gofmt` with Go 1.17
* pkg/cap: remove an outdated comment ([#6088](https://github.com/containerd/containerd/pull/6088))
* pkg/cap: remove an outdated comment
* Update go otel 1.0.1 ([#6066](https://github.com/containerd/containerd/pull/6066))
* Update go otel 1.0.1
* Update ADOPTERS.md with additional uses ([#6086](https://github.com/containerd/containerd/pull/6086))
* Update ADOPTERS.md with additional uses
* modify the way for checking cos ([#6082](https://github.com/containerd/containerd/pull/6082))
* modify the way for checking cos
* Fuzzing: Add fuzzers + small modifications ([#5915](https://github.com/containerd/containerd/pull/5915))
* Fuzzing: Add 4 fuzzers + small modifications
* Fixes for Windows CI ([#6081](https://github.com/containerd/containerd/pull/6081))
* Pin mingw to version 10.2.0
* Update to golang 1.17.1
* Install nssm
* Github Security Advisory [GHSA-c2h3-6mxw-7mvq](https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq)
* btrfs: reduce permissions on plugin directories
* v1 runtime: reduce permissions for bundle dir
* v2 runtime: reduce permissions for bundle dir
* task service: return known error type ([#6079](https://github.com/containerd/containerd/pull/6079))
* task service: return known error type
* refactor: move from io/ioutil to io and os package ([#5973](https://github.com/containerd/containerd/pull/5973))
* refactor: move from io/ioutil to io and os package
* fix: import from k8s.io/utils/clock instead ([#6076](https://github.com/containerd/containerd/pull/6076))
* fix: update vendor
* cleanup: import from k8s.io/utils/clock/testing instead
* cleanup: import from k8s.io/utils/clock instead
* feat: enable integration cri remote client to call with grpc calloptions ([#6069](https://github.com/containerd/containerd/pull/6069))
* feat: enable cri remote client to call with grpc calloptions
* cleanup k8s ansible yaml (carry for #5713) ([#6074](https://github.com/containerd/containerd/pull/6074))
* cleanup k8s ansible yaml (carry for https://github.com/jayonlau
Changes from containerd/cgroups
33 commits
* v2: Fix inotify fd leak when cgroup is deleted ([#212](https://github.com/containerd/cgroups/pull/212)) * v2: add test case for Manager.EventChan() behavior * v2: flip error handling for readKVStat("memory.events") to reduce indentation * v2: manager: factor out memory.events parsing * v2: Fix inotify leak when cgroup is deleted * fix Implicit memory aliasing in for loop ([#214](https://github.com/containerd/cgroups/pull/214)) * fix Implicit memory aliasing in for loop * Fix potential dirfd leak. ([#210](https://github.com/containerd/cgroups/pull/210)) * Fix potential dirfd leak. * cgroup: Optionally add process and task to a subsystems subset ([#203](https://github.com/containerd/cgroups/pull/203)) * cgroup: Optionally add process and task to a subsystems subset * replace pkg/errors from vendor ([#208](https://github.com/containerd/cgroups/pull/208)) * replace pkg/errors from vendor * cgroup.go: avoid panic on nil interface ([#207](https://github.com/containerd/cgroups/pull/207)) * cgroup.go: avoid panic on nil interface * Improvements on cgroup v2 support ([#204](https://github.com/containerd/cgroups/pull/204)) * cgroupv2: reset lastErr to nil when subtree control is successfully written * cgroupv2: enable controllers before setting resources in NewChild() * v2: remove unimplemented errors and ErrorHandler, IgnoreNotExist ([#201](https://github.com/containerd/cgroups/pull/201)) * v2: remove ErrorHandler and IgnoreNotExist as they are not implemented * v2: remove errors that are never returned * v1: reduce duplicated code ([#202](https://github.com/containerd/cgroups/pull/202)) * v1: reduce duplicated code * cgroup v1: implement AddProc() ([#200](https://github.com/containerd/cgroups/pull/200)) * cgroup v1: implement AddProc() * Rename branch from master to main ([#199](https://github.com/containerd/cgroups/pull/199)) * Rename branch from master to main * utils: export ParseCgroupFile() ([#197](https://github.com/containerd/cgroups/pull/197)) * utils: export ParseCgroupFile() * go.mod: coreos/go-systemd/v22 v22.3.2 to prepare for deprecations ([#194](https://github.com/containerd/cgroups/pull/194)) * go.mod: coreos/go-systemd/v22 v22.3.2 to prepare for deprecations * Use /proc/partitions to get device names ([#195](https://github.com/containerd/cgroups/pull/195)) * Use /proc/partitions to get device names
Changes from containerd/console
6 commits
* Fix CI ([#55](https://github.com/containerd/console/pull/55)) * Fix CI * Stop using pkg/errors * Add support for z/OS ([#46](https://github.com/containerd/console/pull/46)) * Console test on z/OS * Add support for z/OS
Changes from containerd/continuity
28 commits
* fs: use syscall.Timespec.Unix ([#193](https://github.com/containerd/continuity/pull/193)) * fs: use syscall.Timespec.Unix * Update CI Go version to 1.17 ([#192](https://github.com/containerd/continuity/pull/192)) * Update CI Go version to 1.17 * Build containerd/continuity on multiple Unix OSes ([#190](https://github.com/containerd/continuity/pull/190)) * Build containerd/continuity on multiple Unix OSes * Do not log errors before returning them ([#191](https://github.com/containerd/continuity/pull/191)) * Do not log errors before returning them * Copy Windows file metadata ([#188](https://github.com/containerd/continuity/pull/188)) * Copy Windows file metadata * fix fmt.Errorf("%w", err) on err == nil ([#187](https://github.com/containerd/continuity/pull/187)) * fix fmt.Errorf("%w", err) on err == nil * Remove direct dependency on github.com/pkg/errors ([#185](https://github.com/containerd/continuity/pull/185)) * run gofmt with Go 1.17 * remove direct dependency on github.com/pkg/errors * Fix darwin issues ([#186](https://github.com/containerd/continuity/pull/186)) * update AUTHORS * darwin: use utimensat syscall instead of utimes * fix darwin usage of du command * go.mod: bazil.org/fuse v0.0.0-20200407214033-5883e5a4b5125 ([#161](https://github.com/containerd/continuity/pull/161)) * go.mod: bazil.org/fuse v0.0.0-20200407214033-5883e5a4b5125 * fs/stat: add FreeBSD, and cleanup some nolint-comments ([#184](https://github.com/containerd/continuity/pull/184)) * reformat nolint comments * fs/stat: add FreeBSD * Rename branch from master to main ([#182](https://github.com/containerd/continuity/pull/182)) * Rename branch from master to main * testutil/loopback: print more debug info ([#180](https://github.com/containerd/continuity/pull/180)) * testutil/loopback: print more debug info
Changes from containerd/go-cni
24 commits
* init exec when create CNIConfig ([#83](https://github.com/containerd/go-cni/pull/83)) * init exec when create CNIConfig * cni: fix data-race on lazy init by ensureExec(). ([#82](https://github.com/containerd/go-cni/pull/82)) * cni: fix data-race on lazy init by ensureExec(). * Implement CNI CHECK command ([#80](https://github.com/containerd/go-cni/pull/80)) * Implement CNI CHECK command * run setup on networks in parallel ([#76](https://github.com/containerd/go-cni/pull/76)) * switch to direct index * run setup on networks in parallel * remove: Continue on "not found" errors ([#74](https://github.com/containerd/go-cni/pull/74)) * remove: Continue on "not found" errors * go.mod: github.com/containernetworking/cni v1.0.1 ([#72](https://github.com/containerd/go-cni/pull/72)) * go.mod: github.com/containernetworking/cni v1.0.1 * remove direct dependency on github.com/pkg/errors ([#71](https://github.com/containerd/go-cni/pull/71)) * remove direct dependency on github.com/pkg/errors * update CNI to v1.0.0 ([#70](https://github.com/containerd/go-cni/pull/70)) * test: add TestLibCNIType100 * update CNI to v1.0.0 * Rename branch from master to main ([#69](https://github.com/containerd/go-cni/pull/69)) * Rename branch from master to main * result: change Raw from a struct field to a method ([#68](https://github.com/containerd/go-cni/pull/68)) * result: change Raw from a struct field to a method * result: expose raw result ([#67](https://github.com/containerd/go-cni/pull/67)) * result: expose raw result
Changes from containerd/imgcrypt
32 commits
* CHANGES: Updated CHANGES document for 1.1.3 release ([#64](https://github.com/containerd/imgcrypt/pull/64)) * CHANGES: Updated CHANGES document for 1.1.3 release * docs: update project branch to main ([#63](https://github.com/containerd/imgcrypt/pull/63)) * docs: update project branch to main * Update linter to match containerd repo ([#61](https://github.com/containerd/imgcrypt/pull/61)) * Update linter to match containerd repo * update CI golang version * Bump github.com/containerd/containerd from 1.5.7 to 1.5.8 ([#59](https://github.com/containerd/imgcrypt/pull/59)) * Bump github.com/containerd/containerd from 1.5.7 to 1.5.8 * maint: Update to ocicrypt v1.1.2 ([#57](https://github.com/containerd/imgcrypt/pull/57)) * maint: Update to ocicrypt v1.1.2 * Decouple CreateCryptoConfig() from github.com/urfave/cli ([#56](https://github.com/containerd/imgcrypt/pull/56)) * Decouple CreateCryptoConfig() from github.com/urfave/cli * Bump github.com/containerd/containerd from 1.5.5 to 1.5.7 ([#55](https://github.com/containerd/imgcrypt/pull/55)) * Bump github.com/containerd/containerd from 1.5.5 to 1.5.7 * replace pkg/errors and bump related library * README: Fix CRI decryption document URL ([#53](https://github.com/containerd/imgcrypt/pull/53)) * README: Fix CRI decryption document URL * Bump github.com/containerd/containerd from 1.5.2 to 1.5.4 ([#52](https://github.com/containerd/imgcrypt/pull/52)) * Bump github.com/containerd/containerd from 1.5.2 to 1.5.4 * Bump containerd to 1.5.2 ([#51](https://github.com/containerd/imgcrypt/pull/51)) * Bump containerd to 1.5.2 * images: Implement ConvertFunc for image en- and decryption ([#49](https://github.com/containerd/imgcrypt/pull/49)) * images: Implement ConvertFunc for image en- and decryption * Add containerd-release to makefile ([#48](https://github.com/containerd/imgcrypt/pull/48)) * Remove ctr-enc from installation * vendor sync up with containerd 1.5 ga, and runc94 ([#47](https://github.com/containerd/imgcrypt/pull/47)) * sync up with containerd 1.5 ga, and runc94 * Sync ctr-enc with containerd's ctr v1.5.0-rc.3 ([#46](https://github.com/containerd/imgcrypt/pull/46)) * CICD: Run 'apt update' before pulling packages * ctr-enc: Set the version for ctr-enc when linking * Sync ctr-enc with containerd's ctr v1.5.0-rc.3
Changes from containerd/ttrpc
34 commits
* Add protoc-gen-go-ttrpc ([#96](https://github.com/containerd/ttrpc/pull/96)) * Add protoc-gen-go-ttrpc * client: Handle sending/receiving in separate goroutines ([#94](https://github.com/containerd/ttrpc/pull/94)) * client: Handle sending/receiving in separate goroutines * Run Protobuild in GitHub Actions ([#95](https://github.com/containerd/ttrpc/pull/95)) * Run Protobuild in GitHub Actions * Re-generate example.pb.go * replace pkg/errors ([#93](https://github.com/containerd/ttrpc/pull/93)) * replace pkg/errors from vendor * Rename branch from master to main ([#86](https://github.com/containerd/ttrpc/pull/86)) * Rename branch from master to main * Make "go test" and "go build" work on macOS ([#85](https://github.com/containerd/ttrpc/pull/85)) * Make the example command buildable on macOS * Run GitHub Actions on macOS * Make "go test" work on macOS * Return Unimplemented when services or methods are not implemented ([#83](https://github.com/containerd/ttrpc/pull/83)) * Return Unimplemented when services or methods are not implemented * Remove "Very new" and checked TODO items ([#84](https://github.com/containerd/ttrpc/pull/84)) * Remove "Very new" and checked TODO items * removing glide from ignore ([#82](https://github.com/containerd/ttrpc/pull/82)) * removing glide from ignore * go.mod: update dependencies ([#79](https://github.com/containerd/ttrpc/pull/79)) * go.mod: github.com/prometheus/procfs v0.6.0 * go.mod: google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63 * go.mod: google.golang.org/grpc v1.27.1 * go.mod: github.com/gogo/protobuf v1.3.2 * remove travis, add codecov badge ([#78](https://github.com/containerd/ttrpc/pull/78)) * CI: add codecov badge to readme * CI: remove travis * Use GitHub Actions for CI ([#77](https://github.com/containerd/ttrpc/pull/77)) * Use GitHub Actions for CI * go.mod: sirupsen/logrus v1.7.0 ([#76](https://github.com/containerd/ttrpc/pull/76)) * go.mod: sirupsen/logrus v1.7.0 * go mod tidy
Dependency Changes
- cloud.google.com/go v0.81.0 new
- github.com/AdaLogics/go-fuzz-headers 6c3934b029d8 new
- github.com/Microsoft/go-winio v0.4.17 -> v0.5.1
- github.com/Microsoft/hcsshim v0.8.16 -> v0.9.2
- github.com/blang/semver v3.5.1 new
- github.com/cenkalti/backoff/v4 v4.1.2 new
- github.com/cespare/xxhash/v2 v2.1.1 -> v2.1.2
- github.com/cilium/ebpf v0.4.0 -> v0.7.0
- github.com/containerd/cgroups v1.0.1 -> v1.0.3
- github.com/containerd/console v1.0.2 -> v1.0.3
- github.com/containerd/continuity v0.1.0 -> v0.2.2
- github.com/containerd/go-cni v1.0.2 -> v1.1.3
- github.com/containerd/imgcrypt v1.1.1 -> v1.1.3
- github.com/containerd/ttrpc v1.0.2 -> v1.1.0
- github.com/containernetworking/cni v0.8.1 -> v1.0.1
- github.com/containernetworking/plugins v0.9.1 -> v1.0.1
- github.com/containers/ocicrypt v1.1.1 -> v1.1.2
- github.com/coreos/go-systemd/v22 v22.1.0 -> v22.3.2
- github.com/go-logr/logr v0.2.0 -> v1.2.2
- github.com/go-logr/stdr v1.2.2 new
- github.com/godbus/dbus/v5 v5.0.3 -> v5.0.6
- github.com/golang/groupcache 8c9f03a8e57e -> 41bb18bfe9da
- github.com/golang/protobuf v1.3.5 -> v1.5.2
- github.com/google/go-cmp v0.5.4 -> v0.5.6
- github.com/google/gofuzz v1.1.0 -> v1.2.0
- github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 new
- github.com/grpc-ecosystem/grpc-gateway v1.16.0 new
- github.com/hashicorp/errwrap v1.0.0 -> v1.1.0
- github.com/hashicorp/go-multierror v1.0.0 -> v1.1.1
- github.com/imdario/mergo v0.3.11 -> v0.3.12
- github.com/intel/goresctrl v0.2.0 new
- github.com/json-iterator/go v1.1.10 -> v1.1.12
- github.com/moby/spdystream v0.2.0 new
- github.com/moby/sys/mountinfo v0.4.1 -> v0.5.0
- github.com/moby/sys/signal v0.6.0 new
- github.com/moby/sys/symlink v0.1.0 -> v0.2.0
- github.com/modern-go/reflect2 v1.0.1 -> v1.0.2
- github.com/opencontainers/image-spec v1.0.1 -> 693428a734f5
- github.com/opencontainers/runc v1.0.0-rc93 -> v1.1.0
- github.com/opencontainers/runtime-spec e6143ca7d51d -> 1c3f411f0417
- github.com/opencontainers/selinux v1.8.0 -> v1.10.0
- github.com/pelletier/go-toml v1.8.1 -> v1.9.3
- github.com/prometheus/client_golang v1.7.1 -> v1.11.0
- github.com/prometheus/common v0.10.0 -> v0.30.0
- github.com/prometheus/procfs v0.6.0 -> v0.7.3
- github.com/satori/go.uuid v1.2.0 new
- github.com/sirupsen/logrus v1.7.0 -> v1.8.1
- github.com/spf13/pflag v1.0.5 new
- github.com/stretchr/testify v1.6.1 -> v1.7.0
- github.com/vishvananda/netlink f5de75959ad5 new
- github.com/vishvananda/netns 2eb08e3e575f new
- go.etcd.io/bbolt v1.3.5 -> v1.3.6
- go.opencensus.io v0.22.3 -> v0.23.0
- go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.28.0 new
- go.opentelemetry.io/otel v1.3.0 new
- go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.3.0 new
- go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.3.0 new
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.3.0 new
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.3.0 new
- go.opentelemetry.io/otel/sdk v1.3.0 new
- go.opentelemetry.io/otel/trace v1.3.0 new
- go.opentelemetry.io/proto/otlp v0.11.0 new
- golang.org/x/crypto 0c34fe9e7dc2 -> 32db794688a5
- golang.org/x/net e18ecbb05110 -> fe4d6282115f
- golang.org/x/oauth2 bf48bf16ab8d -> 2bc19b11175f
- golang.org/x/sync 09787c993a3a -> 036812b2e83c
- golang.org/x/sys 47abb6519492 -> 1d35b9e2eb4e
- golang.org/x/term 7de9c90e9dd1 -> 6886f2dfbf5b
- golang.org/x/text v0.3.4 -> v0.3.7
- golang.org/x/time 3af7569d3a1e -> 1f47c861a9ac
- google.golang.org/appengine v1.6.5 -> v1.6.7
- google.golang.org/grpc v1.27.1 -> v1.43.0
- google.golang.org/protobuf v1.27.1 new
- gopkg.in/yaml.v3 9f266ea9e77c -> 496545a6307b
- k8s.io/api v0.20.6 -> v0.22.5
- k8s.io/apimachinery v0.20.6 -> v0.22.5
- k8s.io/apiserver v0.20.6 -> v0.22.5
- k8s.io/client-go v0.20.6 -> v0.22.5
- k8s.io/component-base v0.20.6 -> v0.22.5
- k8s.io/cri-api v0.20.6 -> v0.23.1
- k8s.io/klog/v2 v2.4.0 -> v2.30.0
- k8s.io/utils 67b214c5f920 -> cb0fa318a74b
- sigs.k8s.io/structured-merge-diff/v4 v4.0.3 -> v4.1.2
Previous release can be found at v1.5.0
Security
Security wording was detected, but no CVEs were found.
Details
- 🔍View and search all Containerd releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!