• CRI-O v1.27.1
• Downloads
• Changelog since v1.27.0
  • Changes by Kind
  • Feature
  • Uncategorized
• Dependencies
  • Added
  • Changed
  • Removed

CRI-O v1.27.1

The release notes have been generated for the commit range
v1.27.0...v1.27.1 on Wed, 12 Jul 2023 20:22:08 UTC.

Downloads

Download one of our static release bundles via our Google Cloud Bucket:

• cri-o.amd64.v1.27.1.tar.gz
• cri-o.amd64.v1.27.1.tar.gz.sha256sum
• cri-o.amd64.v1.27.1.tar.gz.sig
• cri-o.amd64.v1.27.1.tar.gz.cert
• cri-o.amd64.v1.27.1.tar.gz.spdx
• cri-o.amd64.v1.27.1.tar.gz.spdx.sig
• cri-o.amd64.v1.27.1.tar.gz.spdx.cert
• cri-o.arm64.v1.27.1.tar.gz
• cri-o.arm64.v1.27.1.tar.gz.sha256sum
• cri-o.arm64.v1.27.1.tar.gz.sig
• cri-o.arm64.v1.27.1.tar.gz.cert
• cri-o.arm64.v1.27.1.tar.gz.spdx
• cri-o.arm64.v1.27.1.tar.gz.spdx.sig
• cri-o.arm64.v1.27.1.tar.gz.spdx.cert

To verify the artifact signatures via cosign, run:

> export COSIGN_EXPERIMENTAL=1
> cosign verify-blob cri-o.amd64.v1.27.1.tar.gz \
    --certificate-identity https://github.com/cri-o/cri-o/.github/workflows/test.yml@refs/tags/v1.27.1 \
    --certificate-oidc-issuer https://token.actions.githubusercontent.com \
    --certificate-github-workflow-repository cri-o/cri-o \
    --certificate-github-workflow-ref refs/tags/v1.27.1 \
    --signature cri-o.amd64.v1.27.1.tar.gz.sig \
    --certificate cri-o.amd64.v1.27.1.tar.gz.cert

To verify the bill of materials (SBOM) in SPDX format using the bom tool, run:

> tar xfz cri-o.amd64.v1.27.1.tar.gz
> bom validate -e cri-o.amd64.v1.27.1.tar.gz.spdx -d cri-o

Changelog since v1.27.0

Changes by Kind

Feature

• Add support for io.kubernetes.cri-o.LinkLogs annotation, which allows a pod's logs to be mounted into a specified empty-dir for inspection by a log aggregator (#7043, @haircommander)
• Added support for namespaced signature policies via --signature-policy-dir / signature_policy_dir. See crio.conf.5.md for more details. (#7082, @saschagrunert)

Uncategorized

• Adds debug log to identify when a relabel was not requested (#6961, @openshift-cherrypick-robot)
• Failure in a PostStop hook does not prevent proper termination of a container anymore. (#7037, @openshift-cherrypick-robot)
• Fix a bug where network metrics collection is broken with systemd cgroup driver and dropped infra containers. (#6873, @openshift-cherrypick-robot)
• Fix a bug where sending information to cadvisor is stalled on taking the container's state lock (#7034, @openshift-cherrypick-robot)
• Fix a bug where the PostStop runtime handler hooks weren't being called when a container exited gracefully (#7085, @openshift-cherrypick-robot)
• Fix a bug where the cpu-quota.crio.io annotation was not propagated to the pod cgroup, meaning cpu quota was not disabled for the container (#6937, @openshift-cherrypick-robot)
• Fix a bug with cpu quota annotation that manifests like:
  pod with cpu-quota.crio.io: disable fails with error: set CPU CFS quota: invalid slice name: /kubepods.slice
  Fix a bug where stopped containers break cpu load balancing being disabled (#7012, @openshift-cherrypick-robot)
• Fixed bug where CRI-O runs with umask of 0. (#6851, @openshift-cherrypick-robot)
• Updating pause image to 3.9 (#6987, @sohankunkerkar)

Dependencies

Added

• github.com/checkpoint-restore/go-criu/v4: v4.1.0

Changed

• cloud.google.com/go/accesscontextmanager: v1.6.0 → v1.7.0
• cloud.google.com/go/aiplatform: v1.35.0 → v1.36.1
• cloud.google.com/go/analytics: v0.18.0 → v0.19.0
• cloud.google.com/go/apigeeregistry: v0.5.0 → v0.6.0
• cloud.google.com/go/apikeys: v0.5.0 → v0.6.0
• cloud.google.com/go/appengine: v1.6.0 → v1.7.0
• cloud.google.com/go/artifactregistry: v1.11.2 → v1.12.0
• cloud.google.com/go/asset: v1.11.1 → v1.12.0
• cloud.google.com/go/beyondcorp: v0.4.0 → v0.5.0
• cloud.google.com/go/bigquery: v1.48.0 → v1.49.0
• cloud.google.com/go/billing: v1.12.0 → v1.13.0
• cloud.google.com/go/channel: v1.11.0 → v1.12.0
• cloud.google.com/go/cloudbuild: v1.7.0 → v1.9.0
• cloud.google.com/go/cloudtasks: v1.9.0 → v1.10.0
• cloud.google.com/go/compute: v1.18.0 → v1.19.0
• cloud.google.com/go/container: v1.13.1 → v1.14.0
• cloud.google.com/go/containeranalysis: v0.7.0 → v0.9.0
• cloud.google.com/go/datacatalog: v1.12.0 → v1.13.0
• cloud.google.com/go/dataform: v0.6.0 → v0.7.0
• cloud.google.com/go/dataplex: v1.5.2 → v1.6.0
• cloud.google.com/go/datastream: v1.6.0 → v1.7.0
• cloud.google.com/go/deploy: v1.6.0 → v1.8.0
• cloud.google.com/go/dialogflow: v1.31.0 → v1.32.0
• cloud.google.com/go/documentai: v1.16.0 → v1.18.0
• cloud.google.com/go/edgecontainer: v0.3.0 → v1.0.0
• cloud.google.com/go/eventarc: v1.10.0 → v1.11.0
• cloud.google.com/go/filestore: v1.5.0 → v1.6.0
• cloud.google.com/go/functions: v1.10.0 → v1.12.0
• cloud.google.com/go/gkehub: v0.11.0 → v0.12.0
• cloud.google.com/go/iam: v0.12.0 → v0.13.0
• cloud.google.com/go/iap: v1.6.0 → v1.7.0
• cloud.google.com/go/iot: v1.5.0 → v1.6.0
• cloud.google.com/go/maps: v0.6.0 → v0.7.0
• cloud.google.com/go/monitoring: v1.12.0 → v1.13.0
• cloud.google.com/go/networkconnectivity: v1.10.0 → v1.11.0
• cloud.google.com/go/networksecurity: v0.7.0 → v0.8.0
• cloud.google.com/go/notebooks: v1.7.0 → v1.8.0
• cloud.google.com/go/policytroubleshooter: v1.5.0 → v1.6.0
• cloud.google.com/go/privatecatalog: v0.7.0 → v0.8.0
• cloud.google.com/go/pubsub: v1.28.0 → v1.30.0
• cloud.google.com/go/pubsublite: v1.6.0 → v1.7.0
• cloud.google.com/go/recaptchaenterprise/v2: v2.6.0 → v2.7.0
• cloud.google.com/go/resourcemanager: v1.5.0 → v1.6.0
• cloud.google.com/go/run: v0.8.0 → v0.9.0
• cloud.google.com/go/scheduler: v1.8.0 → v1.9.0
• cloud.google.com/go/securitycenter: v1.18.1 → v1.19.0
• cloud.google.com/go/servicecontrol: v1.11.0 → v1.11.1
• cloud.google.com/go/servicedirectory: v1.8.0 → v1.9.0
• cloud.google.com/go/servicemanagement: v1.6.0 → v1.8.0
• cloud.google.com/go/serviceusage: v1.5.0 → v1.6.0
• cloud.google.com/go/speech: v1.14.1 → v1.15.0
• cloud.google.com/go/storagetransfer: v1.7.0 → v1.8.0
• cloud.google.com/go/trace: v1.8.0 → v1.9.0
• cloud.google.com/go/translate: v1.6.0 → v1.7.0
• cloud.google.com/go/video: v1.13.0 → v1.14.0
• cloud.google.com/go/vision/v2: v2.6.0 → v2.7.0
• cloud.google.com/go/vmmigration: v1.5.0 → v1.6.0
• cloud.google.com/go/vmwareengine: v0.2.2 → v0.3.0
• github.com/armon/go-metrics: v0.4.1 → f0300d1
• github.com/armon/go-radix: v1.0.0 → 7fddfc3
• github.com/containerd/nri: v0.3.0 → 9418541
• github.com/containers/common: v0.52.0 → v0.53.0
• github.com/containers/podman/v4: v4.5.0 → 813f1b5
• github.com/docker/docker: v23.0.3+incompatible → v23.0.4+incompatible
• github.com/evanphx/json-patch: v5.6.0+incompatible → v4.12.0+incompatible
• github.com/frankban/quicktest: v1.14.4 → v1.14.0
• github.com/go-ini/ini: v1.67.0 → v1.25.4
• github.com/google/martian/v3: v3.3.2 → v3.2.1
• github.com/gopherjs/gopherjs: fce0ec3 → 0766667
• github.com/gregjones/httpcache: 901d907 → 9cad4c3
• github.com/hashicorp/consul/api: v1.18.0 → v1.1.0
• github.com/hashicorp/go-immutable-radix: v1.3.1 → v1.0.0
• github.com/hashicorp/go-uuid: v1.0.3 → v1.0.1
• github.com/hashicorp/serf: v0.10.1 → v0.8.2
• github.com/jhump/protoreflect: v1.14.0 → v1.13.0
• github.com/mattn/go-isatty: v0.0.17 → v0.0.16
• github.com/mitchellh/go-testing-interface: v1.14.1 → v1.0.0
• github.com/opencontainers/runc: 8b9452f → v1.1.6
• github.com/opencontainers/runtime-spec: v1.1.0-rc.1 → v1.1.0-rc.2
• github.com/smartystreets/assertions: v1.1.0 → b2de0cb
• github.com/yuin/goldmark: v1.5.3 → v1.4.13
• github.com/zeebo/errs: v1.3.0 → v1.2.2
• golang.org/x/oauth2: v0.6.0 → v0.7.0
• golang.org/x/time: v0.2.0 → v0.3.0
• google.golang.org/genproto: 7f2fa6f → dcfb400
• google.golang.org/grpc/cmd/protoc-gen-go-grpc: v1.2.0 → v1.1.0
• honnef.co/go/tools: v0.0.1-2020.1.5 → v0.0.1-2020.1.4

Removed

• cloud.google.com/go/grafeas: v0.2.0
• contrib.go.opencensus.io/exporter/stackdriver: v0.13.12
• github.com/GoogleCloudPlatform/testgrid: v0.0.38
• github.com/Masterminds/goutils: v1.1.1
• github.com/Masterminds/semver: v1.5.0
• github.com/Masterminds/sprig: v2.22.0+incompatible
• github.com/alibabacloud-go/darabonba-string: v1.0.0
• github.com/andreyvit/diff: c7f18ee
• github.com/apache/beam/sdks/v2: ef43645
• github.com/arbovm/levenshtein: 48b4e1c
• github.com/bytecodealliance/wasmtime-go: v1.0.0
• github.com/cheggaaa/pb/v3: v3.1.0
• github.com/cockroachdb/apd: v1.1.0
• github.com/cockroachdb/cockroach-go/v2: v2.2.19
• github.com/codahale/rfc6979: 6a90f24
• github.com/depcheck-test/depcheck-test: 199033a
• github.com/dgraph-io/badger/v3: v3.2103.2
• github.com/dgraph-io/ristretto: v0.1.0
• github.com/dgryski/go-farm: a6ae236
• github.com/dgryski/trifles: dd97f9a
• github.com/form3tech-oss/jwt-go: v3.2.5+incompatible
• github.com/fortytw2/leaktest: v1.3.0
• github.com/foxcpp/go-mockdns: fb145fc
• github.com/go-playground/assert/v2: v2.2.0
• github.com/go-redis/redis: v6.15.9+incompatible
• github.com/goark/errs: v1.1.0
• github.com/goark/go-cvss: v1.3.0
• github.com/gofrs/flock: v0.8.1
• github.com/gomarkdown/markdown: 3b9f472
• github.com/google/flatbuffers: v1.12.1
• github.com/google/go-github/v47: v47.1.0
• github.com/google/go-github/v48: v48.2.0
• github.com/google/go-licenses: ce1d916
• github.com/google/licenseclassifier/v2: v2.0.0
• github.com/google/licenseclassifier: bb04aff
• github.com/google/renameio/v2: v2.0.0
• github.com/googleapis/gnostic: v0.5.5
• github.com/googleapis/google-cloud-go-testing: bcd43fb
• github.com/hashicorp/go-plugin: v1.4.5
• github.com/hashicorp/go-secure-stdlib/mlock: v0.1.2
• github.com/hashicorp/go-version: v1.6.0
• github.com/hashicorp/vault/sdk: v0.6.0
• github.com/hashicorp/yamux: v0.1.1
• github.com/huandu/xstrings: v1.2.0
• github.com/jackc/chunkreader/v2: v2.0.1
• github.com/jackc/pgconn: v1.12.1
• github.com/jackc/pgio: v1.0.0
• github.com/jackc/pgpassfile: v1.0.0
• github.com/jackc/pgproto3/v2: v2.3.0
• github.com/jackc/pgservicefile: 2b9c447
• github.com/jackc/pgtype: v1.11.0
• github.com/jackc/pgx/v4: v4.16.1
• github.com/kelseyhightower/envconfig: v1.4.0
• github.com/lib/pq: v1.10.7
• github.com/lufia/plan9stats: 39d0f17
• github.com/mitchellh/copystructure: v1.2.0
• github.com/mitchellh/reflectwalk: v1.0.2
• github.com/mmarkdown/mmark: v2.0.40+incompatible
• github.com/mwitkow/go-proto-validators: v0.2.0
• github.com/oklog/run: v1.1.0
• github.com/otiai10/copy: v1.2.0
• github.com/package-url/packageurl-go: d704593
• github.com/peterh/liner: bf27d3b
• github.com/pierrec/lz4: v2.6.1+incompatible
• github.com/power-devops/perfstat: 5aafc22
• github.com/prometheus/prometheus: v2.5.0+incompatible
• github.com/psampaz/go-mod-outdated: v0.9.0
• github.com/pseudomuto/protoc-gen-doc: v1.5.1
• github.com/pseudomuto/protokit: v0.2.0
• github.com/rwtodd/Go.Sed: 5546468
• github.com/sagikazarmark/crypt: v0.9.0
• github.com/saschagrunert/ccli: b68f755
• github.com/saschagrunert/go-modiff: v1.3.1
• github.com/sendgrid/rest: v2.6.9+incompatible
• github.com/sendgrid/sendgrid-go: v3.12.0+incompatible
• github.com/shirou/gopsutil/v3: v3.22.12
• github.com/shurcooL/githubv4: a14260e
• github.com/shurcooL/graphql: 18c5c31
• github.com/src-d/gcfg: v1.4.0
• github.com/tj/go-spin: v1.1.0
• github.com/tklauser/go-sysconf: v0.3.11
• github.com/tklauser/numcpus: v0.6.0
• github.com/tomasen/realip: f0c99a9
• github.com/withfig/autocomplete-tools/integrations/cobra: v1.2.1
• github.com/yusufpapurcu/wmi: v1.2.2
• go.uber.org/automaxprocs: v1.5.1
• golang.org/dl: 82a15e2
• google.golang.org/grpc/examples: 3775f63
• gopkg.in/src-d/go-billy.v4: v4.3.2
• gopkg.in/src-d/go-git.v4: v4.13.1
• helm.sh/helm/v3: v3.10.3
• k8s.io/release: v0.15.0
• mvdan.cc/editorconfig: v0.2.0
• mvdan.cc/sh/v3: v3.6.0
• oras.land/oras-go: v1.2.0
• sigs.k8s.io/bom: v0.4.1
• sigs.k8s.io/mdtoc: v1.1.0
• sigs.k8s.io/promo-tools/v3: v3.4.11
• sigs.k8s.io/zeitgeist: v0.3.5