登录
注册
开源
企业版
高校版
搜索
帮助中心
使用条款
关于我们
开源
企业版
高校版
私有云
Gitee AI
NEW
我知道了
查看详情
登录
注册
代码拉取完成,页面将自动刷新
捐赠
捐赠前请先登录
取消
前往登录
扫描微信二维码支付
取消
支付完成
支付提示
将跳转至支付宝完成支付
确定
取消
Watch
不关注
关注所有动态
仅关注版本发行动态
关注但不提醒动态
2
Star
2
Fork
0
bison-fork
/
containerd
代码
统计
流水线
服务
Gitee Pages
质量分析
Jenkins for Gitee
腾讯云托管
腾讯云 Serverless
悬镜安全
阿里云 SAE
Codeblitz
我知道了,不再自动展开
标签
标签名
描述
提交信息
操作
v1.6.10
containerd 1.6.10 Welcome to the v1.6.10 release of containerd! The tenth patch release for containerd 1.6 contains various fixes, including a CVE fix for Windows platforms. ### Notable Updates * **Always check userxattr for overlay on kernels >= 5.11** ([#7646](https://github.com/containerd/containerd/pull/7646)) * **Bump hcsshim to 0.9.5 to fix container shutdown bug on Windows** ([#7610](https://github.com/containerd/containerd/pull/7610) * **Bump Go version to 1.18.8 to address CVE-2022-41716** ([#7634](https://github.com/containerd/containerd/pull/7634)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Akihiro Suda * Danny Canter * Kazuyoshi Kato * Austin Vazquez * Derek McGowan * Gavin Inglis * Kathryn Baldauf * Kevin Parsons * Phil Estes * Sebastiaan van Stijn * Yasin Turan ### Changes <details><summary>14 commits</summary> <p> * [release/1.6] Prepare release notes for v1.6.10 ([#7664](https://github.com/containerd/containerd/pull/7664)) * Prepare release notes for v1.6.10 * [release/1.6] overlayutils: Add fastpath for userxattr check ([#7646](https://github.com/containerd/containerd/pull/7646)) * overlayutils: Add fastpath for userxattr check * [release/1.6] update to Go 1.18.8 to address CVE-2022-41716 ([#7634](https://github.com/containerd/containerd/pull/7634)) * [release/1.6] update to Go 1.18.8 to address CVE-2022-41716 * [release/1.6] ctr export strictly match default platform ([#7627](https://github.com/containerd/containerd/pull/7627)) * ctr export strictly match default platform * [release/1.6] go.mod: Bump hcsshim to v0.9.5 ([#7610](https://github.com/containerd/containerd/pull/7610)) * [release/1.6] go.mod: Bump hcsshim to v0.9.5 * [release/1.6] ctr import: strictly match platform ([#7594](https://github.com/containerd/containerd/pull/7594)) * ctr import: strictly match platform * [release/1.6] cherry-pick: Migrate away from GitHub actions set-output ([#7582](https://github.com/containerd/containerd/pull/7582)) * Migrate away from GitHub actions set-output </p> </details> ### Dependency Changes * **github.com/Microsoft/hcsshim** v0.9.4 -> v0.9.5 Previous release can be found at [v1.6.9](https://github.com/containerd/containerd/releases/tag/v1.6.9)
770bd01
2022-11-15 02:04
下载
v1.7.0-beta.0
containerd 1.7.0-beta.0 Welcome to the v1.7.0-beta.0 release of containerd! *This is a pre-release of containerd* The eighth major release of containerd includes new functionality alongside many improvements. This release is intended to be the last major release of containerd 1.x before 2.0. Some functionality in this release may be considered experimental or unstable, but will become stable or default in 2.0. This release still adheres to our backwards compability guarantees and users who do not use or enable new functionality should use this release with the same stability expectations. The previous 1.6 release has also become a long term stable release for users who prefer releases with mostly stability improvements and wish to wait a few releases for new functionality. _This is a beta release and includes some functionality which is not yet complete. While most APIs are finalized before merge, they are subject to change until the official release._ ### Highlights #### Sandbox API _(experimental)_ The sandbox API provides a new way of managing containerd's shim, providing more flexibility and functionality for multi-container environments such as Pods and VMs. This API makes it easier to manage these groups of containers at a higher level and offers new extension points for shim implementations and clients. * **Sandbox API** ([#6703](https://github.com/containerd/containerd/pull/6703)) * **CRI Sandbox API Implementation** ([#7228](https://github.com/containerd/containerd/pull/7228)) #### Transfer Service _(in progress)_ * **Transfer Service** ([#7320](https://github.com/containerd/containerd/pull/7320)) #### NRI _(in progress)_ * **Extend NRI scope** ([nri#16](https://github.com/containerd/nri/pull/16)) * **Support for updated NRI** ([#6019](https://github.com/containerd/containerd/pull/6019)) #### Platform Support * **Linux containers on FreeBSD** ([#7000](https://github.com/containerd/containerd/pull/7000)) #### Runtime Features * **Add support for CDI device injection** ([#6654](https://github.com/containerd/containerd/pull/6654)) * **Support for cgroups blockio** ([#5490](https://github.com/containerd/containerd/pull/5490)) * **Add restart policy for enhanced restart manager** ([#6744](https://github.com/containerd/containerd/pull/6744)) #### Road to 2.0 ##### Refactoring There are multiple places in the code today which are being targeted for refactoring to make long term support easier and to provide more extension points. The CRI plugin is the most complex containerd plugin with a wide range of functionality. A major effort in this release and before 2.0 involves moving functionality out of the single CRI plugin into smaller-scoped containerd plugins, such that they can be used and tested independenty. The new sandbox and distribution interfaces provide one example of this, but it also being done for image and network management. The version of ttrpc has been updated this release to support streaming, allowing existing grpc services to use ttrpc. Services are being refactored to allow ttrpc implementations, which can be served via shim and accessed using the new sandbox management capability. * **Remove gogoproto.customtype** ([#6699](https://github.com/containerd/containerd/pull/6699)) * **Remove enumvalue_customname, goproto_enum_prefix and enum_customname** ([#6708](https://github.com/containerd/containerd/pull/6708)) * **Remove all gogoproto extensions** ([#6829](https://github.com/containerd/containerd/pull/6829)) * **Migrate off from github.com/gogo/protobuf** ([#6841](https://github.com/containerd/containerd/pull/6841)) * **ttrpc streaming** ([ttrpc#107](https://github.com/containerd/ttrpc/pull/107)) * **Add unpack interface for client** ([#6749](https://github.com/containerd/containerd/pull/6749)) * **Add collectible resources to metadata gc** ([#6804](https://github.com/containerd/containerd/pull/6804)) ##### Configuration Existing CRI configurations will be supported until 2.0. Any functionality split out of CRI will have their configuration migrated to new plugins. Deprecated configuration versions and configurations for deprecated features will be removed in 2.0. ##### Deprecation The 2.0 release will remove any feature deprecated in 1.x. Features deprecated in this release include. * **Docker Schema 1 Image Deprecation** ([#6884](https://github.com/containerd/containerd/pull/6884)) #### CRI Updates * **Support image pull progress timeout** ([#6150](https://github.com/containerd/containerd/pull/6150)) * **Fix CRI plugin to setup pod network after creating the sandbox container** ([#5904](https://github.com/containerd/containerd/pull/5904)) #### Other * **Support shallow content copy by adding reader option to local content reader at** ([#7414](https://github.com/containerd/containerd/pull/7414)) * **Add NoSameOwner option when unpacking tars** ([#7386](https://github.com/containerd/containerd/pull/7386)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Kazuyoshi Kato * Phil Estes * Derek McGowan * Maksym Pavlenko * Wei Fu * Akihiro Suda * Sebastiaan van Stijn * Samuel Karp * Mike Brown * Daniel Canter * Ye Sijun * Ed Bartosh * Stefan Berger * Paul "TBBle" Hampson * Gabriel Adrian Samfira * Nashwan Azhari * xin.li * Shengjing Zhu * Adam Korcz * Henry Wang * Justin Terry * wanglei * zounengren * Iceber Gu * Kevin Parsons * Brian Goff * Gavin Inglis * Michael Crosby * Qiutong Song * lengrongfu * ruiwen-zhao * Cameron Sparr * James Jenkins * Luca Comellini * Michael Zappa * Paco Xu * Tobias Klauser * pigletfly * Akhil Mohan * Amit Barve * Eng Zer Jun * Eric Lin * James Sturtevant * Jonny Stoten * Kang.Zhang * Mikko Ylinen * Paul S. Schweigert * Shiming Zhang * Swagat Bora * Vincent Batts * cosmoer * dependabot[bot] * yaoyinnan * Abirdcfly * Anastassios Nanos * Andrew G. Morgan * Andrey Klimentyev * Antonio Ojea * Antti Kervinen * Austin Vazquez * Baoshuo * Benjamin Elder * Chao Dai * Claudiu Belu * Cory Snider * Danielle Lancashire * Danny Canter * Dat Nguyen * Davanum Srinivas * David Porter * Dmitry Shurupov * Eric Ernst * Ethan Lowman * Fabian Hoffman * Fabian Hoffmann * Fahed Dorgaa * Gabriela Cervantes * Gijs Peskens * Hamza El-Saawy * Ikko Ashimine * Jeff Widman * Jeff Zvier * Jeremi Piotrowski * Jordan Karaze * Joseph Sheng * Joyce Brum * Kathryn Baldauf * Kohei Tokunaga * Kyle L Frisbie * Marc Schwind * Mark Rossetti * Marvin Giessing * Nabeel Rana * Nguyen Phan Huy * Nobel Barakat * Oleg Atamanenko * Oleg Zhurakivskyy * Oliver Radwell * Quan Tian * Rodrigo Campos * Roy Yang * Serge Logvinov * Shane Jennings * Shaun Lawrie * Shinichi Morimoto * SilverSoldier * Sophie Liu * Taeho Nam * Takumasa Sakao * Tiger Kaovilai * Tom Godkin * Tomoya.Fujita * Tõnis Tiigi * Xinlin Ma * Yakul Garg * Zhongming Chang * Zhuchen Wang * austinvazquez * bin liu * cardy.tang * cathaysia * dabaooline * guiyong.ou * jianfei.zhang * ningmingxiao * shi yixue * shuaichang * songjiang han * wusong * xiaoyang zhu * yanghesong * zhang he ### Changes <details><summary>950 commits</summary> <p> * Add release notes for v1.7.0-beta.0 ([#7575](https://github.com/containerd/containerd/pull/7575)) * Add release notes for v1.7.0-beta.0 * Update mailmap * Cleanup sandbox interfaces ([#7576](https://github.com/containerd/containerd/pull/7576)) * Cleanup sandbox interfaces * Update GitHub actions release workflow set output ([#7581](https://github.com/containerd/containerd/pull/7581)) * Migrate away from GitHub actions set-output * Fix LogURI generation-related tests on Windows. ([#7569](https://github.com/containerd/containerd/pull/7569)) * Fix LogURI generation-related tests on Windows. * maintenance: Remove WithWindowsNetworkNamespace from pkg/cri ([#7577](https://github.com/containerd/containerd/pull/7577)) * maintenance: Remove WithWindowsNetworkNamespace from pkg/cri * CRI: implement Controller.Delete for SandboxAPI ([#7457](https://github.com/containerd/containerd/pull/7457)) * CRI: implement Controller.Delete for SandboxAPI * Configure CDI registry only on start ([#7419](https://github.com/containerd/containerd/pull/7419)) * update go.mod and go.sum * improve CDI logging * CDI: configure registry on start * move WithCDI to pkg/cri/opts * update codeql-action to v2 ([#7568](https://github.com/containerd/containerd/pull/7568)) * update codeql-action to v2 * Add logging related metrics to Containerd CRI plugin ([#7546](https://github.com/containerd/containerd/pull/7546)) * Add logging volume metrics to Containerd CRI plugin * sys: optimize and refactor MkdirAllWithACL() ([#7531](https://github.com/containerd/containerd/pull/7531)) * sys: synchronize mkdirall() with latest os.MkDirAll() * sys: create SecurityAttribute only once (Windows) * sys: update volumePath regex to allow returning earlier * sys: compile volume-path regex once, and update GoDoc * fix install cni script ([#7484](https://github.com/containerd/containerd/pull/7484)) * fix install cni script * Update 1.5 release support timeframe ([#7560](https://github.com/containerd/containerd/pull/7560)) * Update 1.5 release support timeframe * bump go-fuzz-headers ([#7503](https://github.com/containerd/containerd/pull/7503)) * bump go-fuzz-headers * Add long term stable release branches ([#7454](https://github.com/containerd/containerd/pull/7454)) * Add long term stable release branches * fix pusher concurrent close channel ([#7473](https://github.com/containerd/containerd/pull/7473)) * fix pusher concurrent close channel * Make tests on GitHub less noisy ([#7530](https://github.com/containerd/containerd/pull/7530)) * Use logtest if possible to clean up logs * Separate containerd logs in GitHub Actions' console * Upgrade critools from 1.24.1 to 1.25.0 * Upgrade actions/upload-artifact from v2 to v3 * containerd should not print error log that failed to init a tracing processor while the tracing plugin is not loaded ([#7541](https://github.com/containerd/containerd/pull/7541)) * not init a tracing processor when not loaded * Update required Go version in BUILDING.md ([#7544](https://github.com/containerd/containerd/pull/7544)) * Update required Go version in BUILDING.md * go.mod: matttproud/golang_protobuf_extensions v1.0.2 (use tag) ([#7522](https://github.com/containerd/containerd/pull/7522)) * go.mod: matttproud/golang_protobuf_extensions v1.0.2 (use tag) * Use `go env` to determine GOPATH in Makefile. ([#7542](https://github.com/containerd/containerd/pull/7542)) * Use `go env` to determine GOPATH in Makefile. * clean-up "nolint" comments, remove unused ones, update golangci-lint ([#7349](https://github.com/containerd/containerd/pull/7349)) * update golangci-lint to v1.49.0 * remove unneeded nolint-comments (nolintlint), disable deprecated linters * clean-up "nolint" comments, remove unused ones * pkg/cri/(server|sbserver): criService.getTLSConfig() add TODO to verify nolint * golangci-lint: sort linters in config file * linting: address gosec G112/G114 * Don't unmount on Darwin when deleting bundle ([#7534](https://github.com/containerd/containerd/pull/7534)) * Don't unmount on Darwin when deleting bundle * Add timeouts to all CI jobs ([#7538](https://github.com/containerd/containerd/pull/7538)) * Add timeouts to all CI jobs * Vagrantfile: explicitly specify rsync as the shared folder driver ([#7539](https://github.com/containerd/containerd/pull/7539)) * Vagrantfile: explicitly specify rsync as the shared folder driver * sys: remove unused IsAbs() (windows) ([#7527](https://github.com/containerd/containerd/pull/7527)) * sys: remove unused IsAbs() (windows) * cri: PodSandboxStatus should tolerate missing task ([#7535](https://github.com/containerd/containerd/pull/7535)) * cri: PodSandboxStatus should tolerate missing task * CI: update GHA instances from Ubuntu 18.04 to 20.04 ([#7489](https://github.com/containerd/containerd/pull/7489)) * CI: update GHA instances from Ubuntu 18.04 to 20.04 * fix the --no-pivot flag being ignored by `ctr tasks start` ([#7519](https://github.com/containerd/containerd/pull/7519)) * fix the --no-pivot flag being ignored by `ctr tasks start` * Update the default seccomp to block socket calls to AF_VSOCK ([#7510](https://github.com/containerd/containerd/pull/7510)) * Update the default seccomp to block socket calls to AF_VSOCK * cmd/containerd: use golang.org/x/sys/windows.SetStdHandle() ([#7511](https://github.com/containerd/containerd/pull/7511)) * cmd/containerd: use golang.org/x/sys/windows.SetStdHandle() * Stats() shouldn't assume s.container is non-nil ([#7517](https://github.com/containerd/containerd/pull/7517)) * Stats() shouldn't assume s.container is non-nil * Move up actions versions to prep for NodeJS 12 deprecation ([#7516](https://github.com/containerd/containerd/pull/7516)) * Move up actions versions to prep for deprecation * cmd/containerd: use golang.org/x/sys Service.SetRecoveryActions() ([#7512](https://github.com/containerd/containerd/pull/7512)) * cmd/containerd: use golang.org/x/sys Service.SetRecoveryActions() * Updates oci image config to support upstream ArgsEscaped ([#7483](https://github.com/containerd/containerd/pull/7483)) * Updates oci image config to support upstream ArgsEscaped * cmd/containerd: replace deprecated windows.IsAnInteractiveSession() ([#7497](https://github.com/containerd/containerd/pull/7497)) * cmd/containerd: replace deprecated windows.IsAnInteractiveSession() * Update container with sandbox metadata after NetNS is created ([#7481](https://github.com/containerd/containerd/pull/7481)) * Update container with sandbox metadata after NetNS is created * archive: add WithSourceDateEpoch() for whiteouts ([#7478](https://github.com/containerd/containerd/pull/7478)) * archive: add WithSourceDateEpoch() for whiteouts * TestTaskResize must use a terminal ([#7492](https://github.com/containerd/containerd/pull/7492)) * TestTaskResize must use a terminal * diff/apply.readCounter: check negative size ([#7494](https://github.com/containerd/containerd/pull/7494)) * diff/apply.readCounter: check negative size * Add new ctr option for discarding unpacked layers ([#7425](https://github.com/containerd/containerd/pull/7425)) * Modify WithDiscardUnpackedLayers * Add new ctr option for discarding unpacked layers * archive: windows: chtimes(): remove redundant conversion ([#7491](https://github.com/containerd/containerd/pull/7491)) * archive: windows: chtimes(): remove redundant conversion * archive: validate digests before use ([#7488](https://github.com/containerd/containerd/pull/7488)) * archive: validate digests before use * vendor: github.com/opencontainers/selinux v1.10.2 ([#7482](https://github.com/containerd/containerd/pull/7482)) * vendor: github.com/opencontainers/selinux v1.10.2 * fuzzing: create structured tar bytes in archive fuzzer ([#7477](https://github.com/containerd/containerd/pull/7477)) * fuzzing: create structured tar bytes in archive fuzzer * Update to go 1.19.2 to address CVE-2022-2879, CVE-2022-2880, CVE-2022-41715 ([#7474](https://github.com/containerd/containerd/pull/7474)) * Update to go 1.19.2 to address CVE-2022-2879, CVE-2022-2880, CVE-2022-41715 * use raw link to containerd.service config ([#7463](https://github.com/containerd/containerd/pull/7463)) * use raw link to containerd.servic config * cri doc: Update kata containers reference ([#7466](https://github.com/containerd/containerd/pull/7466)) * cri doc: Update kata containers reference * Setup pod network after creating the sandbox container ([#5904](https://github.com/containerd/containerd/pull/5904)) * Add integration tests with failpoint * Persist container and sandbox if resource cleanup fails, like teardownPodNetwork * cri-integration: pass ENABLE_CRI_SANDBOXES to test * Swap to net.ErrClosed checks for services ([#7446](https://github.com/containerd/containerd/pull/7446)) * Swap to net.ErrClosed checks for services * go.mod: Bump go-winio to v0.6.0 ([#7443](https://github.com/containerd/containerd/pull/7443)) * go.mod: Bump go-winio to v0.6.0 * fix retry when writer is reset on push ([#6995](https://github.com/containerd/containerd/pull/6995)) * retry request on writer reset * CI: Output a summary using GITHUB_SUMMARY ([#7192](https://github.com/containerd/containerd/pull/7192)) * Use jq and only show failed tests on summary * CI: Output a summary using GITHUB_SUMMARY * Fix missing close ([#7430](https://github.com/containerd/containerd/pull/7430)) * fix missing close * Add test flag for skipping shim cgroup test ([#7424](https://github.com/containerd/containerd/pull/7424)) * Add test flag for skipping shim cgroup test * Refactor CRI fuzzers ([#7405](https://github.com/containerd/containerd/pull/7405)) * Refactor CRI fuzzers * Fix LogURIGenerator on Windows ([#7351](https://github.com/containerd/containerd/pull/7351)) * Fix LogURIGenerator on Windows * Set grpc code for unimplemented cri-api methods ([#7417](https://github.com/containerd/containerd/pull/7417)) * Set grpc code for unimplemented cri-api methods * Add reader option to local content reader at ([#7414](https://github.com/containerd/containerd/pull/7414)) * Add reader option to local content reader at * Sandbox API: implement Controller.Wait and Controller.Stop ([#7401](https://github.com/containerd/containerd/pull/7401)) * CRI: implement Controller.Stop for SandboxAPI * CRI: implement Controller.Wait for SandboxAPI * remove stray .zuul.yaml ([#7416](https://github.com/containerd/containerd/pull/7416)) * remove stray .zuul.yaml * reference CDI configuration details ([#7408](https://github.com/containerd/containerd/pull/7408)) * reference CDI configuration details * cri-integration: propagate ENABLE_CRI_SANDBOXES ([#7413](https://github.com/containerd/containerd/pull/7413)) * sbserver: return resources in ContainerStatus * cri-integration: propagate ENABLE_CRI_SANDBOXES * Enable OpenSSF Scorecard Github Action ([#7404](https://github.com/containerd/containerd/pull/7404)) * chore: enable Scorecard Github Action * Add ext2 fs support to devmapper snapshotter ([#7402](https://github.com/containerd/containerd/pull/7402)) * Add ext2 fs support to devmapper snapshotter * Fuzzing: Instrument with new sanitizers ([#7396](https://github.com/containerd/containerd/pull/7396)) * Fuzzing: Instrument with new sanitizers * Upgrade fuzzing-related packages to reduce dependencies ([#7397](https://github.com/containerd/containerd/pull/7397)) * Upgrade fuzzing-related packages to reduce dependencies * remotes/docker/config: Skipping TLS verification for localhost ([#7393](https://github.com/containerd/containerd/pull/7393)) * remotes/docker/config: Skipping TLS verification for localhost * Replace github.com/emicklei/go-restful package, versions <2.16.0 ([#7395](https://github.com/containerd/containerd/pull/7395)) * github.com/emicklei/go-restful CWE-285: Improper Authorization * Add NoSameOwner option when unpacking tars ([#7386](https://github.com/containerd/containerd/pull/7386)) * Add NoSameOwner option when unpacking tars * ctr: add privileged-without-host-devices for run command ([#7328](https://github.com/containerd/containerd/pull/7328)) * ctr: add privileged-without-host-devices for run command * chore: matching the casing of other flags for ctr's pull command ([#7341](https://github.com/containerd/containerd/pull/7341)) * matching the casing of other flags for ctr's pull command. * windows: Add runhcs-wcow-hypervisor runtimeclass to the default config ([#6901](https://github.com/containerd/containerd/pull/6901)) * windows: Add runhcs-wcow-hypervisor runtimeclass to the default config * Fix missing close ([#7370](https://github.com/containerd/containerd/pull/7370)) * Fix missing close * CRI: update cdi version to v0.5.1 ([#7374](https://github.com/containerd/containerd/pull/7374)) * update cdi version to v0.5.1 * Update to go 1.19.1, 1.18.6 to address CVE-2022-27664, CVE-2022-32190 ([#7372](https://github.com/containerd/containerd/pull/7372)) * Update to go 1.19.1, 1.18.6 to address CVE-2022-27664, CVE-2022-32190 * vendor: golang.org/x/net v0.0.0-20220906165146-f3363e06e74c ([#7373](https://github.com/containerd/containerd/pull/7373)) * vendor: golang.org/x/net v0.0.0-20220906165146-f3363e06e74c * Remove unused variable from images action ([#7371](https://github.com/containerd/containerd/pull/7371)) * Remove unused variable from images action * feature: use client default namespace ([#7291](https://github.com/containerd/containerd/pull/7291)) * feature: use client default namespace * integration: TestUpdateContainerResources_MemoryLimit: remove TODO comment ([#7367](https://github.com/containerd/containerd/pull/7367)) * integration: TestUpdateContainerResources_MemoryLimit: remove TODO comment * feature: upgrade registry.k8s.io/pause version ([#7359](https://github.com/containerd/containerd/pull/7359)) * feat: upgrade registry.k8s.io/pause version * metrics/cgroups/v1: Remove unused event parameter ([#7361](https://github.com/containerd/containerd/pull/7361)) * metrics/cgroups/v1: Remove unused event parameter * .zuul: remove the zuul because it is offline ([#7369](https://github.com/containerd/containerd/pull/7369)) * .zuul: remove the zuul because it is offline * Update golangci-lint timeout to match config ([#7356](https://github.com/containerd/containerd/pull/7356)) * Update golangci-lint timeout to match config * delete redundent import alias and and type conversion ([#7345](https://github.com/containerd/containerd/pull/7345)) * delete redundent import alias and and type conversion * Make checkContainerTimestamps less strict on Windows ([#7350](https://github.com/containerd/containerd/pull/7350)) * Make checkContainerTimestamps less strict on Windows * Make oss-fuzz mandatory ([#7346](https://github.com/containerd/containerd/pull/7346)) * Pin github.com/AdamKorcz/go-118-fuzz-build * Make oss-fuzz mandatory * Add kubernetes v1.25 supported version as v1.24 ([#7326](https://github.com/containerd/containerd/pull/7326)) * Add Kubernetes v1.25 supported version as v1.24 * sys: move ForceRemoveAll to integration/client ([#7335](https://github.com/containerd/containerd/pull/7335)) * sys: move ForceRemoveAll to integration/client * chore: remove duplicate word in comments ([#7338](https://github.com/containerd/containerd/pull/7338)) * chore: remove duplicate word in comments * Use ioctl helpers from x/sys/unix ([#7342](https://github.com/containerd/containerd/pull/7342)) * mount: use ioctl helpers from x/sys/unix * go.mod, vendor: bump golang.org/x/sys to latest version * archive: replace tarName() with filepath.ToSlash() ([#7344](https://github.com/containerd/containerd/pull/7344)) * archive: replace tarName() with filepath.ToSlash() * mount: remove unused ErrNotImplementOnWindows ([#7339](https://github.com/containerd/containerd/pull/7339)) * mount: remove unused ErrNotImplementOnWindows * replace sys Sequential funcs with moby/sys/sequential ([#7334](https://github.com/containerd/containerd/pull/7334)) * replace sys Sequential funcs with moby/sys/sequential * Clarify containerd 1.5.0+ for k8s 1.20,1.21 ([#7324](https://github.com/containerd/containerd/pull/7324)) * Clarify containerd 1.5.0+ for k8s 1.20,1.21 * update runc binary to v1.1.4 ([#7315](https://github.com/containerd/containerd/pull/7315)) * go.mod: github.com/opencontainers/runc v1.1.4 * update runc binary to v1.1.4 * Upgrade github.com/klauspost/compress from v1.11.13 to v1.15.9 ([#7325](https://github.com/containerd/containerd/pull/7325)) * Upgrade github.com/klauspost/compress from v1.11.13 to v1.15.9 * Update k8s.io/cri-api to v0.25.0 ([#7287](https://github.com/containerd/containerd/pull/7287)) * update intergration * bump cri-api * script/setup: handle cnidir with SUDO ([#7322](https://github.com/containerd/containerd/pull/7322)) * script/setup: handle cnidir with SUDO * ContainerStatus to return container resources ([#6517](https://github.com/containerd/containerd/pull/6517)) * ContainerStatus to return container resources * Update CRI-API * migrate from k8s.gcr.io to registry.k8s.io ([#7038](https://github.com/containerd/containerd/pull/7038)) * migrate from k8s.gcr.io to registry.k8s.io * Do not rename test files on-the-fly to share functions ([#7309](https://github.com/containerd/containerd/pull/7309)) * Do not rename test files on-the-fly to share functions * ctr import: strictly match platform ([#6906](https://github.com/containerd/containerd/pull/6906)) * ctr import: strictly match platform * Revert "Downgrade MinGW to version 10.2.0" ([#7308](https://github.com/containerd/containerd/pull/7308)) * Revert "Downgrade MinGW to version 10.2.0" * Follow up #7254 (Switch to Go 1.19) ([#7286](https://github.com/containerd/containerd/pull/7286)) * contrib/fuzz/daemon.go: reformat the fileheader * pkg/cri/streaming: increase ReadHeaderTimeout * Upgrade containerd/cgroups to remove github.com/cilium/ebpf's fuzzer ([#7304](https://github.com/containerd/containerd/pull/7304)) * crypto/sha256 must be imported * Don't patch github.com/cilium/ebpf * Upgrade containerd/cgroups to remove github.com/cilium/ebpf's fuzzer * Adding support of CAP_BPF and CAP_PERFMON ([#7301](https://github.com/containerd/containerd/pull/7301)) * adding support of CAP_BPF and CAP_PERFMON * go.mod: Bump hcsshim to v0.10.0-rc.1 ([#7284](https://github.com/containerd/containerd/pull/7284)) * Remove Windows special case in TestContainerdRestart * go.mod: Bump hcsshim to v0.10.0-rc.1 * Don't fail test when GOOGLE_APPLICATION_CREDENTIALS is unset ([#7306](https://github.com/containerd/containerd/pull/7306)) * Don't fail test when GOOGLE_APPLICATION_CREDENTIALS is unset * ci: remove GOPROXY environment variable due to https://github.com/go-yaml/yaml/issues/887 ([#7293](https://github.com/containerd/containerd/pull/7293)) * ci: remove GOPROXY environment variable due to https://github.com/go-yaml/yaml/issues/887 * Runtime cleanup (Shim manager and task service) ([#7280](https://github.com/containerd/containerd/pull/7280)) * Cleanup shim manager * Make TaskList generic * containerd-stress: add support for running through CRI ([#6931](https://github.com/containerd/containerd/pull/6931)) * containerd-stress: add support for running through CRI * Switch to Go 1.19 ([#7254](https://github.com/containerd/containerd/pull/7254)) * Fix contrib/ header * Rework permission handling in scripts * Update protobuf definitions * Run gofmt 1.19 * Update golangci-lint to 1.48 with Go 1.19 support * Switch to Go 1.19 * Vagrantfile: dump containerd log after critest ([#7265](https://github.com/containerd/containerd/pull/7265)) * Vagrantfile: dump containerd log after critest * oci: skip checking group id for WithAppendAdditionalGroups ([#7257](https://github.com/containerd/containerd/pull/7257)) * oci: skip checking gid for WithAppendAdditionalGroups * release workflow: increase timeout to 30 minutes & remove Go setup action ([#7259](https://github.com/containerd/containerd/pull/7259)) * release workflow: remove Go setup action * release workflow: increase timeout to 30 minutes * release: rollback Ubuntu to 18.04 (except for riscv64) ([#7258](https://github.com/containerd/containerd/pull/7258)) * release: rollback Ubuntu to 18.04 (except for riscv64) * Initial sandbox API CRI integration (implement Controller.Start) ([#7228](https://github.com/containerd/containerd/pull/7228)) * Add TODOs for the remaining work * Update sandbox protobuf to match CRI * Update controller's start response to incldue pid and labels * Cleanup CRI files * Move sandbox start behind controller * Add sandbox to in memory services * Add sandbox store helpers * Use environment variable to specify Go version on CI ([#7251](https://github.com/containerd/containerd/pull/7251)) * Use global env variable to specify Go version on CI * Update golang to 1.18.5, 1.17.13 ([#7243](https://github.com/containerd/containerd/pull/7243)) * Update golang to 1.18.5, 1.17.13 * Change os.Stderr reassign for Windows service ([#7023](https://github.com/containerd/containerd/pull/7023)) * Change os.Stderr reassign for Windows service * script/setup: fix protobuf for aarch64 ([#7237](https://github.com/containerd/containerd/pull/7237)) * fix protobuf aarch64 * Fix cleanup in critest ([#7232](https://github.com/containerd/containerd/pull/7232)) * Fix cleanup in critest * fix: support simultaneous create diff for same parent snapshot ([#7204](https://github.com/containerd/containerd/pull/7204)) * fix: support simultaneous create diff for same parent snapshot * Windows HostProcess container CRI stats test ([#7223](https://github.com/containerd/containerd/pull/7223)) * Windows HostProcess container CRI stats test * Regenerate protos with updated protoc-gen-go ([#7226](https://github.com/containerd/containerd/pull/7226)) * Regenerate protos with updated protoc-gen-go * test: error strings should not be capitalized ([#7195](https://github.com/containerd/containerd/pull/7195)) * test: error strings should not be capitalized * Add extra context to error when push unauthorized ([#7220](https://github.com/containerd/containerd/pull/7220)) * Add extra context to error when push unauthorized * replace with selinux label ([#7207](https://github.com/containerd/containerd/pull/7207)) * replace with selinux label * Use `httputil.DumpRequestOut` for dumping client req ([#7221](https://github.com/containerd/containerd/pull/7221)) * Use httputil.DumpRequestOut for dumping client req * Fix CRI image pull timeout test for ppc64le ([#7215](https://github.com/containerd/containerd/pull/7215)) * Fix CRI image pull timeout test for ppc64le * test: introduce failpoint control to runc-shimv2 and cni ([#7069](https://github.com/containerd/containerd/pull/7069)) * integration: simplify CNI-fp and add README.md * pkg/failpoint: add FreeBSD link and update pkg doc * integration: Add injected failpoint testing for RunPodSandbox * integration: CNI bridge wrapper with failpoint * pkg/failpoint: add DelegatedEval API * runtime/v2/shim: return if error in load plugin * bin/ctr,integration: new runc-shim with failpoint * runtime/v2: manager supports server interceptor * pkg/failpoint: init failpoint package * chore: bump macos runner version ([#7206](https://github.com/containerd/containerd/pull/7206)) * chore: bump macos runner version * Use image lists form integration/client tests ([#7210](https://github.com/containerd/containerd/pull/7210)) * Fix command line parsing for image list * Update image references for Windows tests * Use image lists instead of hardcoded images * Use image lists in client tests * go.mod: Bump hcsshim to v0.9.4 ([#7212](https://github.com/containerd/containerd/pull/7212)) * go.mod: Bump hcsshim to v0.9.4 * go.mod: Bump hcsshim to 0.9.3 * Drop deprecated `ioutil` ([#7203](https://github.com/containerd/containerd/pull/7203)) * Drop deprecated `ioutil` * Make getServicesOpts a helper ([#7201](https://github.com/containerd/containerd/pull/7201)) * Make getServicesOpts a helper * adds an env var commented out for sandboxed mode ([#7183](https://github.com/containerd/containerd/pull/7183)) * adds an env var commented out for sandboxed mode * cri_stats: handle missing cpu stats ([#7198](https://github.com/containerd/containerd/pull/7198)) * cri_stats: handle missing cpu stats * using ContextDialer instead ([#7189](https://github.com/containerd/containerd/pull/7189)) * using ContextDialer instead * test: Add ability to switch between cgroupv1 or cgroupv2 for node e2e ([#7173](https://github.com/containerd/containerd/pull/7173)) * test: Add ability to switch between cgroupv1 or cgroupv2 * code cleanup ([#7182](https://github.com/containerd/containerd/pull/7182)) * code cleanup * Update k8s.io/cri-api to v0.25.0-alpha2 ([#7114](https://github.com/containerd/containerd/pull/7114)) * Update k8s.io/cri-api to v0.25.0-alpha2 * Refactor usageNanoCores be to used for all OSes ([#7186](https://github.com/containerd/containerd/pull/7186)) * Refactor usageNanoCores be to used for all OSes * adds support for using env file for systemd boot ([#7191](https://github.com/containerd/containerd/pull/7191)) * adds support for using env file for systemd boot * go.mod: github.com/stretchr/testify v1.8.0 ([#7185](https://github.com/containerd/containerd/pull/7185)) * go.mod: github.com/stretchr/testify v1.8.0 * ctr: support --user for run/create ([#7145](https://github.com/containerd/containerd/pull/7145)) * ctr: support --user for run/create * docs: Fix sample config.toml syntax ([#7174](https://github.com/containerd/containerd/pull/7174)) * docs: Fix sample config.toml syntax * seccomp: seccomp: add syscalls related to PKU in default policy ([#7163](https://github.com/containerd/containerd/pull/7163)) * seccomp: seccomp: add syscalls related to PKU in default policy * Update and align golangci-lint version ([#7168](https://github.com/containerd/containerd/pull/7168)) * Fix linter warnings * Update and align golangci-lint version * adds a comment explaining how to disable experimental sbserver ([#7169](https://github.com/containerd/containerd/pull/7169)) * adds a comment explaining how to disable experimental sbserver * ci: workaround Cirrus CI's INVALID_ARGUMENT ([#7177](https://github.com/containerd/containerd/pull/7177)) * ci: workaround Cirrus CI's INVALID_ARGUMENT * Update install-protobuf script to install protobuf on Darwin ([#7153](https://github.com/containerd/containerd/pull/7153)) * Fix protobuf script to install protobuf on darwin * Fork CRI server for Sandbox API integration work ([#7164](https://github.com/containerd/containerd/pull/7164)) * Add log messages when choosing CRI server * Change metrics namespace for sandboxed CRI to prevent panic * Enable integration tests against sandboxed CRI * Fork CRI server package * seccomp: add get_mempolicy, mbind, set_mempolicy, with CAP_SYS_NICE ([#7167](https://github.com/containerd/containerd/pull/7167)) * seccomp: add get_mempolicy, mbind, set_mempolicy, with CAP_SYS_NICE * cri doc: fix formatting for CDI options ([#7158](https://github.com/containerd/containerd/pull/7158)) * cri doc: fix formatting for CDI options * update golang to 1.18.4, 1.17.12 ([#7159](https://github.com/containerd/containerd/pull/7159)) * update golang to 1.18.4, 1.17.12 * Fix out of date comments for CRI store packages ([#7152](https://github.com/containerd/containerd/pull/7152)) * Fix out of date comments for CRI store packages * update some devmapper docs ([#7124](https://github.com/containerd/containerd/pull/7124)) * update some devmapper docs * seccomp: allow clock_settime64 when CAP_SYS_TIME is added ([#7149](https://github.com/containerd/containerd/pull/7149)) * seccomp: allow clock_settime64 when CAP_SYS_TIME is added * Copy fuzzers from github.com/cncf/cncf-fuzzing ([#7123](https://github.com/containerd/containerd/pull/7123)) * Copy fuzzers from github.com/cncf/cncf-fuzzing * Upgrade github.com/AdaLogics/go-fuzz-headers * fix can't edit object by using ctr content edit command ([#6847](https://github.com/containerd/containerd/pull/6847)) * fix can't edit object by using ctr content edit command * integration/client: fix typo in export_test.go ([#7130](https://github.com/containerd/containerd/pull/7130)) * integration/client: fix typo in export_test.go * Fix WWW-Authenticate parsing ([#7126](https://github.com/containerd/containerd/pull/7126)) * Fix WWW-Authenticate parsing * LCOW differ return ErrNotImplemented for wrong mount type ([#7112](https://github.com/containerd/containerd/pull/7112)) * LCOW differ return ErrNotImplemented for wrong mount type * Update go-restful/v3 to latest release ([#7117](https://github.com/containerd/containerd/pull/7117)) * Update go-restful/v3 to latest release * pkg/cri: use marshal wrapper for version convertor ([#7108](https://github.com/containerd/containerd/pull/7108)) * pkg/cri: use marshal wrapper for version convertor * Remove hacks around contrib/fuzz ([#7087](https://github.com/containerd/containerd/pull/7087)) * Do not hardcode fuzzers * Move container_fuzzer.go under integration/client/ * Copy FuzzCRI from cncf/cncf-fuzzing * Remove mainfuzz package and StartDaemonForFuzzing * Move builtins_*.go to cmd/containerd/builtins to make the files reusable * Fix missing closed HTTP Body ([#7107](https://github.com/containerd/containerd/pull/7107)) * Fix missing closed HTTP Body * Cleanup metadata tests ([#7105](https://github.com/containerd/containerd/pull/7105)) * Cleanup metadata tests * Downgrade MinGW to version 10.2.0 ([#7106](https://github.com/containerd/containerd/pull/7106)) * Downgrade MinGW to version 10.2.0 * ctr: Fix `ctr c create` fails to parse arguments ([#7098](https://github.com/containerd/containerd/pull/7098)) * ctr: Fix `ctr c create` fails to parse arguments * Fix Documentation Issue ([#7103](https://github.com/containerd/containerd/pull/7103)) * Fix Doc: * refactor: reduce duplicate code ([#7100](https://github.com/containerd/containerd/pull/7100)) * refactor: reduce duplicate code * make xattr EPERM non-fatal in createTarFile ([#7094](https://github.com/containerd/containerd/pull/7094)) * make xattr EPERM non-fatal in createTarFile * Move metadata plugin registration to seperate package ([#7096](https://github.com/containerd/containerd/pull/7096)) * Move metadata plugin registration to seperate package * fix: missing sudo for devmapper doc ([#7092](https://github.com/containerd/containerd/pull/7092)) * fix: missing sudo for devmapper doc * Ensure Windows Periodic workflow errors out while still uploading results. ([#7085](https://github.com/containerd/containerd/pull/7085)) * Ensure Windows Periodic workflow errors out while still uploading results. * Revert MinGW to oldest known working version in Windows setup script. * Add snapshotter key to snapshot events ([#7084](https://github.com/containerd/containerd/pull/7084)) * Add snapshotter key to snapshot events * add WithAdditionalGIDs test ([#7072](https://github.com/containerd/containerd/pull/7072)) * add WithAdditionalGIDs test * Forward ctr snapshotter flags on Windows ([#7086](https://github.com/containerd/containerd/pull/7086)) * Forward ctr snapshotter flags on Windows * add WithAppendAdditionalGroups helper ([#7070](https://github.com/containerd/containerd/pull/7070)) * add WithAppendAdditionalGroups helper * Make CI Fuzz less noisy ([#7065](https://github.com/containerd/containerd/pull/7065)) * Move contrib/fuzz/docker_fuzzer.go to remotes/docker * Copy FuzzConvertManifest from cncf/cncf-fuzzing * Do not hardcode fuzzing targets * Don't log "ignored xattr ..." warnings * Make oss_fuzz_build.sh quiet * ctr: add --hostname flag to create, run ([#7082](https://github.com/containerd/containerd/pull/7082)) * ctr: add --hostname flag to create, run * improve content-flow ([#7077](https://github.com/containerd/containerd/pull/7077)) * improve content-flow * Make CI Fuzz optional ([#7067](https://github.com/containerd/containerd/pull/7067)) * Make CI Fuzz optional * Use Go 1.18's testing.F on simple fuzzers ([#7056](https://github.com/containerd/containerd/pull/7056)) * Run fuzzing tests with go test -fuzz * Use testing.F on FuzzPlatformsParse * Use testing.F on FuzzParseProcPIDStatus * Downgrade MinGW in Windows setup scripts. ([#7062](https://github.com/containerd/containerd/pull/7062)) * Downgrade MinGW in Windows setup scripts. * Make test path a constant ([#7057](https://github.com/containerd/containerd/pull/7057)) * Make test path a constant * Run fuzzers in CI ([#7052](https://github.com/containerd/containerd/pull/7052)) * Run fuzzers in CI * CRI: Improve the /dev/shm mount options in Sandbox. ([#6913](https://github.com/containerd/containerd/pull/6913)) * CRI: change the /dev/shm mount options in Sandbox. * CRI: remove default /dev/shm mount in Sandbox. * fix:userattr-unmount unexpected timeout ([#7008](https://github.com/containerd/containerd/pull/7008)) * fix add ro mount for userattr-unmount unexpected timeout * Port (some) unit tests to FreeBSD ([#7042](https://github.com/containerd/containerd/pull/7042)) * archive: Explicitly specify stdio for tar(1) * platforms: Run goimports for FreeBSD * cri/server: Disable tests on FreeBSD * oci: Remove empty mount option slice for FreeBSD * oci: FreeBSD devices may have major number 0 * archive: use Linkat on FreeBSD for hardlinks * Bump Golang and MinGW versions in Windows setup script. ([#6888](https://github.com/containerd/containerd/pull/6888)) * Bump Golang and MinGW versions in Windows setup script. * Windows snapshotter touch ups and new functionality ([#6918](https://github.com/containerd/containerd/pull/6918)) * Windows snapshotter touch ups and new functionality * Improve naming consistencies in comments in snapshotter.go ([#7032](https://github.com/containerd/containerd/pull/7032)) * Improve naming consistencies in comments in snapshotter.go * Make building static binaries simpler ([#7022](https://github.com/containerd/containerd/pull/7022)) * Make building static binaries simpler * Allow CRI on Darwin ([#7033](https://github.com/containerd/containerd/pull/7033)) * Allow CRI on Darwin * update runc binary to v1.1.3 ([#7034](https://github.com/containerd/containerd/pull/7034)) * update runc binary to v1.1.3 * Linux containers on FreeBSD ([#7000](https://github.com/containerd/containerd/pull/7000)) * Linux containers on FreeBSD * go.mod: github.com/moby/sys/mountinfo v0.6.2 ([#7026](https://github.com/containerd/containerd/pull/7026)) * go.mod: github.com/moby/sys/mountinfo v0.6.2 * fix minor spelling mistake: lablel -> label ([#7031](https://github.com/containerd/containerd/pull/7031)) * fix minor spelling mistake: lablel -> label * go.mod: github.com/containerd/cgroups v1.0.4 ([#7027](https://github.com/containerd/containerd/pull/7027)) * go.mod: github.com/containerd/cgroups v1.0.4 * go.mod: github.com/containerd/continuity v0.3.0 ([#7028](https://github.com/containerd/containerd/pull/7028)) * go.mod: github.com/containerd/continuity v0.3.0 * Correct spelling mistake ("sanbdox" to "sandbox") ([#7029](https://github.com/containerd/containerd/pull/7029)) * Correct spelling mistake ("sanbdox" to "sandbox") * Github Security Advisory [GHSA-5ffw-gxpp-mxpf](https://github.com/containerd/containerd/security/advisories/GHSA-5ffw-gxpp-mxpf) * Implicitly discard the input to drain the reader * Limit the response size of ExecSync * Bump grpc to v1.47.0 ([#7018](https://github.com/containerd/containerd/pull/7018)) * Bump grpc to v1.47.0 * Bump k8s.io deps to v0.24.1 ([#7017](https://github.com/containerd/containerd/pull/7017)) * Bump k8s.io deps to v0.24.1 * Support runtime level snapshotter for issue 6657 ([#6899](https://github.com/containerd/containerd/pull/6899)) * Added support for runtime level snapshotter, issue 6657 * update golang to 1.18.3, 1.17.11 ([#7012](https://github.com/containerd/containerd/pull/7012)) * update golang to 1.18.3, 1.17.11 * Fix containerd-stress duration flag ([#7004](https://github.com/containerd/containerd/pull/7004)) * Fix containerd-stress duration flag * update go-cni/for cni update fixing plugins that don't respond with version ([#7009](https://github.com/containerd/containerd/pull/7009)) * update go-cni/for cni update fixing plugins that don't respond with version * Add validations for Windows HostProcess CRI configs ([#6996](https://github.com/containerd/containerd/pull/6996)) * Add validations for Windows HostProcess CRI configs * Move docker reference logic to reference/docker package ([#7007](https://github.com/containerd/containerd/pull/7007)) * Move docker reference logic to reference/docker package * promote pause image to 3.7 (sync with kube v1.24) ([#7003](https://github.com/containerd/containerd/pull/7003)) * promote pause image to 3.7 * Makefile: use urfave_cli_no_docs for binaries that don't need it ([#6998](https://github.com/containerd/containerd/pull/6998)) * Makefile: use urfave_cli_no_docs for binaries that don't need it * CRI: cleanup cri/store package ([#6993](https://github.com/containerd/containerd/pull/6993)) * CRI: Remove deprecated error types and update error msg * CRI: Move truncindex to pkg * CRI: Move reference sorting to reference package * CRI: Retrieve image spec on client * Use t.Run for /pkg/cri tests ([#7001](https://github.com/containerd/containerd/pull/7001)) * Use t.Run for /pkg/cri tests * vendor: github.com/urfave/cli v1.22.9 and fix "verify-vendor" script ([#6997](https://github.com/containerd/containerd/pull/6997)) * vendor: github.com/urfave/cli v1.22.9 * fix verify-vendor if go.mod does not contain replace rules * sandbox: replace github.com/pkg/errors with native errors ([#6937](https://github.com/containerd/containerd/pull/6937)) * sandbox: replace github.com/pkg/errors with native errors * build: Fix references to check-protos target in Makefile ([#6983](https://github.com/containerd/containerd/pull/6983)) * build: Fix references to check-protos target in Makefile * ctr: fix label args used in NewContainer ([#6954](https://github.com/containerd/containerd/pull/6954)) * ctr: fix label args used in NewContainer * ctr sandbox: handle sandbox config ([#6959](https://github.com/containerd/containerd/pull/6959)) * ctr sandbox: handle sandbox config * Fix broken oss-fuzz build ([#6975](https://github.com/containerd/containerd/pull/6975)) * Fix broken oss-fuzz build * archive: add human-readable hint to Lchown error ([#6982](https://github.com/containerd/containerd/pull/6982)) * archive: add human-readable hint to Lchown error * Fix tx closed error when upperdirlabel specified ([#6978](https://github.com/containerd/containerd/pull/6978)) * Fix tx closed error when upperdirlabel specified * config: improve config v1 deprecation message ([#6972](https://github.com/containerd/containerd/pull/6972)) * config: improve config v1 deprecation message * Fix Windows install powershell script ([#6969](https://github.com/containerd/containerd/pull/6969)) * Fix Windows install powershell script * fix comments on metadata schema and update namespace doc ([#6955](https://github.com/containerd/containerd/pull/6955)) * add note that a namespace cannot be named "version" * fix comments on metadata schema * adjust format in comment ([#6956](https://github.com/containerd/containerd/pull/6956)) * adjust format in comment * Restore decompression benchmarks ([#6957](https://github.com/containerd/containerd/pull/6957)) * Restore decompression benchmarks * cmd/ctr/commands/content: fix typo in fetch command usage ([#6960](https://github.com/containerd/containerd/pull/6960)) * adjust format * fix some confusing typos ([#6950](https://github.com/containerd/containerd/pull/6950)) * fix some confusing typos * update doc url about k8s ([#6952](https://github.com/containerd/containerd/pull/6952)) * update doc url * Separate windows-2019 and windows-2022 test results ([#6946](https://github.com/containerd/containerd/pull/6946)) * Separate windows-2019 and windows-2022 test results * shim: fix debug flag not working ([#6910](https://github.com/containerd/containerd/pull/6910)) * shim: fix debug flag not working * Reverts removal of parallel run from critest ([#6938](https://github.com/containerd/containerd/pull/6938)) * reverts removal of parallel run from critest * Bump OpenTelemetry dependencies ([#6932](https://github.com/containerd/containerd/pull/6932)) * Bump OpenTelemetry dependencies * update runc binary and vendor to v1.1.2 ([#6934](https://github.com/containerd/containerd/pull/6934)) * vendor: github.com/opencontainers/runc v1.1.2 * update runc binary to v1.1.2 * oci: WithDefaultUnixDevices(): remove tun/tap from the default devices ([#6923](https://github.com/containerd/containerd/pull/6923)) * oci: WithDefaultUnixDevices(): remove tun/tap from the default devices * update golang to 1.18.2, 1.17.10 ([#6926](https://github.com/containerd/containerd/pull/6926)) * update golang to 1.18.2, 1.17.10 * CI: update Fedora to 36 ([#6925](https://github.com/containerd/containerd/pull/6925)) * CI: update Fedora to 36 * Add `Wait` to `binaryProcessor` ([#6916](https://github.com/containerd/containerd/pull/6916)) * Add `Wait` to `binaryProcessor` * go.mod: Bump k8s deps to v0.24.0 ([#6905](https://github.com/containerd/containerd/pull/6905)) * go.mod: Bump k8s deps to v0.24.0 * (Vagrant CI) Enable git commands due to git CVE fix ([#6915](https://github.com/containerd/containerd/pull/6915)) * Enable git commands due to git CVE fix * Pass explicit JUnit outfile to critest.exe in Windows workflow. ([#6912](https://github.com/containerd/containerd/pull/6912)) * Pass explicit JUnit outfile to critest.exe in Windows workflow. * Update critools to v1.24 ([#6894](https://github.com/containerd/containerd/pull/6894)) * update critools to v1.24 * devmapper docs: small fixes ([#6904](https://github.com/containerd/containerd/pull/6904)) * devmapper docs: small fixes * move report dir option to end of line for vagrant cri tests ([#6900](https://github.com/containerd/containerd/pull/6900)) * move report dir option to eol * Update Kubernetes version matrix in release docs ([#6892](https://github.com/containerd/containerd/pull/6892)) * Update Kubernetes version matrix in release docs * Share container images between TestRestartMonitor and TestRestartMonitorWithOnFailurePolicy ([#6889](https://github.com/containerd/containerd/pull/6889)) * Share images between TestRestartMonitor and TestRestartMonitorWithOnFailurePolicy * containerd 1.6.4 k8s 1.24 readme announce ([#6890](https://github.com/containerd/containerd/pull/6890)) * containerd 1.6.4 k8s 1.24 readme announce * Cleanup leaked shim process ([#6866](https://github.com/containerd/containerd/pull/6866)) * Cleanup leaked shim process * Add collectible resources to metadata gc ([#6804](https://github.com/containerd/containerd/pull/6804)) * metadata: use resource max and end on registration * Add collectible resources to metadata gc * Update k8 docurl in file ([#6881](https://github.com/containerd/containerd/pull/6881)) * Update k8 docurl in file * Support RISC-V 64 ([#6882](https://github.com/containerd/containerd/pull/6882)) * CI: add riscv64 builds * release/Dockerfile: update Ubuntu to 22.04 for supporting riscv64 * seccomp: support riscv64 * docs: minor fixes in snapshots.Snapshotter comments ([#6885](https://github.com/containerd/containerd/pull/6885)) * docs: minor fixes in snapshots.Snapshotter comments * Officially deprecate Schema 1 ([#6884](https://github.com/containerd/containerd/pull/6884)) * Officially deprecate Schema 1 * Make Cirrus CI tests more stable ([#6880](https://github.com/containerd/containerd/pull/6880)) * Reduce the number of the concurrent HTTP requests in TestUserNamespaces * Skip TestImagePullWithConcurrencyLimit on Cirrus CI * docs: Adding windows installation steps to getting-started.md ([#6875](https://github.com/containerd/containerd/pull/6875)) * docs: Adding windows installation steps to getting-started.md * Add ctr support for CPUMax and CPUShares ([#6809](https://github.com/containerd/containerd/pull/6809)) * Add ctr support for CPUMax and CPUShares * Support for cgroups blockio ([#5490](https://github.com/containerd/containerd/pull/5490)) * cri: support blockio class in pod and container annotations * Fix comment for metadata/db.go ([#6871](https://github.com/containerd/containerd/pull/6871)) * Fix comment for metadata/db.go * Remove github.com/gogo/protobuf and github.com/golang/protobuf from containerd's direct dependencies ([#6867](https://github.com/containerd/containerd/pull/6867)) * Upgrade protoc, protoc-gen-go and protoc-gen-go-grpc * go mod tidy & go mod vendor * make protos * Remove gogo from .proto files * Update go-cni to v1.1.5 ([#6868](https://github.com/containerd/containerd/pull/6868)) * Update go-cni to v1.1.5 * Bump opencontainers/selinux from 1.10.0 to 1.10.1 ([#6865](https://github.com/containerd/containerd/pull/6865)) * Bump opencontainers/selinux from 1.10.0 to 1.10.1 * Upgrade google.golang.org/grpc and google.golang.org/protobuf ([#6864](https://github.com/containerd/containerd/pull/6864)) * Upgrade google.golang.org/grpc and google.golang.org/protobuf * Remove kzys/typeurl * Don't use "uname -a" as Cirrus CI's cache key ([#6863](https://github.com/containerd/containerd/pull/6863)) * Don't use "uname -a" as Cirrus CI's cache key * remove duplicate ([#6856](https://github.com/containerd/containerd/pull/6856)) * remove duplicate * Create ppc64le release ([#6858](https://github.com/containerd/containerd/pull/6858)) * Create ppc64le release * Move Vagrant-based tests from GitHub Actions to Cirrus CI ([#6854](https://github.com/containerd/containerd/pull/6854)) * Move Vagrant-based tests from GitHub Actions to Cirrus CI * feature: support image pull progress timeout ([#6150](https://github.com/containerd/containerd/pull/6150)) * feature: support image pull progress timeout * Add unpack interface to be used by client ([#6749](https://github.com/containerd/containerd/pull/6749)) * unpack: return error when no platforms defined * Add unpack interface to be used by client * Fix undefined error in use of errors package ([#6855](https://github.com/containerd/containerd/pull/6855)) * Fix undefined error in use of errors package * Migrate off from github.com/gogo/protobuf ([#6841](https://github.com/containerd/containerd/pull/6841)) * Fix tests * go mod tidy and go mod vendor * Upgrade containerd/typeurl * make protos * Rename Size_ to Size * Remove gogo/protobuf and adjust types * Use protoc-gen-go instead of protoc-gen-gogoctrd * Upgrade containerd/ttrpc * images/image.go: typo ([#6851](https://github.com/containerd/containerd/pull/6851)) * images/image.go: typo * Add flag to allow oci.WithAllDevicesAllowed on PrivilegedWithoutHostDevices ([#5686](https://github.com/containerd/containerd/pull/5686)) * add oci.WithAllDevicesAllowed flag for privileged_without_host_devices * integration: Adds Windows equivalent for TestSandboxRemoveWithoutIPLeakage ([#6180](https://github.com/containerd/containerd/pull/6180)) * integration: Adds Windows equivalent for TestSandboxRemoveWithoutIPLeakage * fix incorrect syntax in comments ([#6845](https://github.com/containerd/containerd/pull/6845)) * fix incorrect syntax in comments * cri: close fifos when container is deleted ([#6842](https://github.com/containerd/containerd/pull/6842)) * cri: close fifos when container is deleted * diff: hide types.Any from clients ([#6832](https://github.com/containerd/containerd/pull/6832)) * diff: hide types.Any from clients * Add Container-Optimized OS into Adopters ([#6838](https://github.com/containerd/containerd/pull/6838)) * Add Container-Optimized OS into Adopters * Prepare for google.golang.org/protobuf ([#6835](https://github.com/containerd/containerd/pull/6835)) * Add go_package on all proto files * Use proto.Marshal instead of calling Marshal() on objects * Embed "Unimplemented" structs as proto recommended * fix the restart desired to running when task not found ([#6833](https://github.com/containerd/containerd/pull/6833)) * fix monitor restart * Remove all gogoproto extensions ([#6829](https://github.com/containerd/containerd/pull/6829)) * Remove all gogoproto extensions * fix nil pointer panic for monitor ([#6830](https://github.com/containerd/containerd/pull/6830)) * fix nil pointer panic for monitor * remotes/docker: log registry URLs as info instead of debug ([#5681](https://github.com/containerd/containerd/pull/5681)) * remotes/docker: log registry URLs as info instead of debug * Rename runtime/v2/task to api/runtime ([#6827](https://github.com/containerd/containerd/pull/6827)) * Keep shim API backward compatible * Move runtime v2 proto Move runtime v2 protos to api/runtime package. * Fix protoc-gen-go-fieldpath ([#6828](https://github.com/containerd/containerd/pull/6828)) * Don't generate a Go file, if that would be empty * Fix protoc-gen-go-fieldpath * Consolidate gogo/protobuf dependencies under our own protobuf package ([#6826](https://github.com/containerd/containerd/pull/6826)) * Consolidate gogo/protobuf dependencies under our own protobuf package * Add restart policy for enhanced restart manager ([#6744](https://github.com/containerd/containerd/pull/6744)) * add restart policy for enhanced restart manager * Remove gogoproto.stdtime ([#6821](https://github.com/containerd/containerd/pull/6821)) * Remove gogoproto.stdtime * Set timeout when collecting metrics from shim's Stat ([#6781](https://github.com/containerd/containerd/pull/6781)) * Set timeout when collecting metrics from shim's Stat * Fuzz filter package with Go 1.18's fuzzer ([#6819](https://github.com/containerd/containerd/pull/6819)) * Fuzz filter package with Go 1.18's fuzzer * allow ptrace(2) by default for kernel >= 4.8 ([#6810](https://github.com/containerd/containerd/pull/6810)) * allow ptrace(2) by default for kernel >= 4.8 * Build bin/gen-manpages instead of using "go run" ([#6820](https://github.com/containerd/containerd/pull/6820)) * Build bin/gen-manpages instead of using "go run" * update golang to 1.18.1, 1.17.9 ([#6822](https://github.com/containerd/containerd/pull/6822)) * update golang to 1.18.1, 1.17.9 * Sandbox API ([#6703](https://github.com/containerd/containerd/pull/6703)) * [Sandbox] Remove outdated documentation * [sandbox] Migrate from gogo to Any * [sandbox] Cleanup interfaces * [sandbox] Fix CI * [Sandbox] Add Wait and PID * Restore sandboxes on daemon restart * Fix protobuf after rebase * [sandbox] Add sandbox shim skeleton * [sandbox] Register shim plugin after #6301 * [sandbox] Add ctr support * Launch sandboxed containers from task service * [sandbox] Address PR review comments * [sandbox] Implement sandbox controller * [sandbox] Add clients * [sandbox] Add controller service * [sandbox] Update vendor * [sandbox] Implement store service * [sandbox] Revendor API changes * [sandbox] Save sandbox ID to container's store * [sandbox] Implement metadata store * [sandbox] Add basic sandbox structures and interfaces * [sandbox] Add protobuf definitions * Move lease manager plugin to separate package ([#6811](https://github.com/containerd/containerd/pull/6811)) * Move lease manager plugin to separate package * fix pool_device_test ([#6807](https://github.com/containerd/containerd/pull/6807)) * fix pool_device_test.go * check for duplicate nspath possibilities ([#6806](https://github.com/containerd/containerd/pull/6806)) * check for duplicate nspath possibilities * Do not append []string{""} to command to preserve Docker compatibility ([#6805](https://github.com/containerd/containerd/pull/6805)) * Do not append []string{""} to command to preserve Docker compatibility * tracing: fix panic on startup when configured ([#6789](https://github.com/containerd/containerd/pull/6789)) * tracing: fix panic on startup when configured * Optimize loading performance for cri recover ([#6680](https://github.com/containerd/containerd/pull/6680)) * cri: load sandboxes/containers/images in parallel * Change architecture path in README.md ([#6798](https://github.com/containerd/containerd/pull/6798)) * Change architecture path in README.md * make consistent for checkpoint path ([#6792](https://github.com/containerd/containerd/pull/6792)) * make consistent for checkpoint path * metrics/cgroups: fix deadlock issue in Add during Collect ([#6788](https://github.com/containerd/containerd/pull/6788)) * metrics/cgroups: fix deadlock issue in Add during Collect * ADOPTERS: Update AKS Info ([#6794](https://github.com/containerd/containerd/pull/6794)) * ADOPTERS: Update AKS Info * Pin upload-cloud-storage action to 0.8.0 in Windows workflow. ([#6790](https://github.com/containerd/containerd/pull/6790)) * Pin upload-cloud-storage action to 0.8.0 in Windows workflow. * docs: add Deckhouse to the list of adopters ([#6785](https://github.com/containerd/containerd/pull/6785)) * docs: add Deckhouse to the list of adopters * Add `docs/snapshotters`; simplify `docs/cri` ([#6778](https://github.com/containerd/containerd/pull/6778)) * docs/cri: simplify * Add docs/snapshots * Turn paths from cmdline into absolute paths ([#6672](https://github.com/containerd/containerd/pull/6672)) * Turn paths from cmdline into absolute paths * CRI: add support for CDI device injection ([#6654](https://github.com/containerd/containerd/pull/6654)) * CDI: update go.mod and vendor deps * move CDI calls to the linux-only code * add configuration for CDI * cri: implement CDI device injection * Disable writing freelist to make the file robust against data corruptions ([#6761](https://github.com/containerd/containerd/pull/6761)) * Disable writing freelist to make the file robust against data corruptions * mv design docs/historical/design ([#6777](https://github.com/containerd/containerd/pull/6777)) * mv design docs/historical/design * CRI: improve image pulling performance ([#6702](https://github.com/containerd/containerd/pull/6702)) * CRI: improve image pulling performance * docs: remove runtime v1; migrate config v1 to v2 ([#6776](https://github.com/containerd/containerd/pull/6776)) * docs: migrate config v1 to v2 * docs: remove deprecated `io.containerd.runtime.v1.linux` * Skip flaky test on Windows ([#6779](https://github.com/containerd/containerd/pull/6779)) * Skip flaky test on Windows * docs/getting-started.md: typo ([#6775](https://github.com/containerd/containerd/pull/6775)) * docs/getting-started.md: typo * Add no_tracing tag ([#6750](https://github.com/containerd/containerd/pull/6750)) * Add no_tracing tag * Move historical docs to `docs/historical` ([#6754](https://github.com/containerd/containerd/pull/6754)) * Move historical docs to `docs/historical` * Run go mod tidy in integration tests ([#6768](https://github.com/containerd/containerd/pull/6768)) * Run go mod tidy in integration tests * go.mod: move indirects, and update integration go.mod to 1.18 ([#6765](https://github.com/containerd/containerd/pull/6765)) * go.mod: move indirects, and update integration go.mod to 1.18 * Drop gotest.tools ([#6762](https://github.com/containerd/containerd/pull/6762)) * Remove gotest.tools * Use testify * Use t.Setenv instead of os.Setenv ([#6760](https://github.com/containerd/containerd/pull/6760)) * Update linters to use t.Setenv * Use t.Setenv instead of os.Setenv * Upgrade to Go 1.18 ([#6709](https://github.com/containerd/containerd/pull/6709)) * Upgrade to Go 1.18 * Adding multi-arch support for the configure.sh script ([#6751](https://github.com/containerd/containerd/pull/6751)) * Adding multi-arch support for the configure.sh script * docs/getting-started.md: massive update ([#6758](https://github.com/containerd/containerd/pull/6758)) * docs/getting-started.md: massive update * Remove unmaintained contrib/linuxkit ([#6755](https://github.com/containerd/containerd/pull/6755)) * Remove unmaintained contrib/linuxkit * [Windows CI] Address some timeout issues ([#6757](https://github.com/containerd/containerd/pull/6757)) * Address some timeout issues in the Windows CI * BUILDING.md: update supported Go versions ([#6756](https://github.com/containerd/containerd/pull/6756)) * BUILDING.md: update supported Go versions * update runc to 1.1.1 ([#6753](https://github.com/containerd/containerd/pull/6753)) * update runc binary to v1.1.1 * go.mod: github.com/opencontainers/runc v1.1.1 * CI: add Rocky Linux 8 ([#6747](https://github.com/containerd/containerd/pull/6747)) * CI: add Rocky Linux 8 * CI: bump up crun to 1.4.4 ([#6748](https://github.com/containerd/containerd/pull/6748)) * CI: bump up crun to 1.4.4 * added make help for cri integration ([#6743](https://github.com/containerd/containerd/pull/6743)) * added make help for cri integration * Update README.md cncf landscape url ([#6740](https://github.com/containerd/containerd/pull/6740)) * Update README.md * Fix error message in TestNewBinaryIO ([#6738](https://github.com/containerd/containerd/pull/6738)) * Fix error message in TestNewBinaryIO * Use typeurl.Any instead of github.com/gogo/protobuf/types.Any ([#6706](https://github.com/containerd/containerd/pull/6706)) * Use typeurl.Any instead of github.com/gogo/protobuf/types.Any * Use cgroups.AddProc() for cgroups v1 ([#5738](https://github.com/containerd/containerd/pull/5738)) * Use cgroups.AddProc() for cgroups v1 * fix: ctr images mount with snapshotter option can't get snapshotter ([#6713](https://github.com/containerd/containerd/pull/6713)) * fix: ctr images mount with snapshotter option can't get snapshotter * cgroup2: monitor OOMKill instead of OOM to prevent missing container events ([#6323](https://github.com/containerd/containerd/pull/6323)) * cgroup2: monitor OOMKill instead of OOM to prevent missing container OOM events * moving up to go-cni v1.1.4 ([#6721](https://github.com/containerd/containerd/pull/6721)) * moving up to go-cni v1.1.4 * native: fix deadlock from leaving transactions open ([#6722](https://github.com/containerd/containerd/pull/6722)) * native: fix deadlock from leaving transactions open * go.mod: remove replace, and update github.com/gogo/googleapis v1.4.1 ([#5390](https://github.com/containerd/containerd/pull/5390)) * go.mod: remove replace and update github.com/gogo/googleapis v1.4.1 * Github Security Advisory [GHSA-c9cp-9c75-9v8c](https://github.com/containerd/containerd/security/advisories/GHSA-c9cp-9c75-9v8c) * Fix the Inheritable capability defaults. * runtime: deprecate runc --criu / -criu-path option ([#6496](https://github.com/containerd/containerd/pull/6496)) * runtime: deprecate runc --criu / -criu-path option * Bug fix for mount path handling ([#6651](https://github.com/containerd/containerd/pull/6651)) * Bug fix for mount path handling * Upgrade containerd/imgcrypt and opencontainers/image-spec ([#6711](https://github.com/containerd/containerd/pull/6711)) * Upgrade containerd/imgcrypt and opencontainers/image-spec * Remove enumvalue_customname, goproto_enum_prefix and enum_customname ([#6708](https://github.com/containerd/containerd/pull/6708)) * Remove enumvalue_customname, goproto_enum_prefix and enum_customname * Remove gogoproto.customtype ([#6699](https://github.com/containerd/containerd/pull/6699)) * Remove gogoproto.customtype * Skip tty critest testcase on Windows Server 2022 ([#6698](https://github.com/containerd/containerd/pull/6698)) * Skip tty critest testcase on Windows Server 2022 * Build with Go 1.18 ([#6605](https://github.com/containerd/containerd/pull/6605)) * Vendor dependencies with module graph pruning * Use Go 1.18 to build and test containerd * Update prometheus client vendor ([#6690](https://github.com/containerd/containerd/pull/6690)) * Test turning off golang CI lint cache * Add nolint:staticcheck to platform-specific calls * Update prometheus client vendor * vendor: golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd ([#6687](https://github.com/containerd/containerd/pull/6687)) * vendor: golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd * Make the temp mount as ready only in container WithVolumes ([#6593](https://github.com/containerd/containerd/pull/6593)) * Make the temp mount as ready only in container WithVolumes * fix: `ctr run --cni` get failed ([#6670](https://github.com/containerd/containerd/pull/6670)) * fix: ctr run --cni get failed * test: use `T.TempDir` to create temporary test directory ([#6681](https://github.com/containerd/containerd/pull/6681)) * test: remove redundant `mountPoint` * test: use `T.TempDir` to create temporary test directory * Make OpenLab's CI jobs blocking ([#6679](https://github.com/containerd/containerd/pull/6679)) * Make OpenLab's CI jobs blocking * document log level and format ([#6683](https://github.com/containerd/containerd/pull/6683)) * document log level and format * Add shared content label to namespaces ([#6660](https://github.com/containerd/containerd/pull/6660)) * Add shared content label to namespaces * Add protoc-gen-go-fieldpath ([#6562](https://github.com/containerd/containerd/pull/6562)) * Add protoc-gen-go-fieldpath * Enable gosec linter for golangci-lint ([#6669](https://github.com/containerd/containerd/pull/6669)) * Enable gosec linter for golangci-lint * Make mkfs.xfs available on OpenLab's CI environment ([#6668](https://github.com/containerd/containerd/pull/6668)) * Make mkfs.xfs available on OpenLab's CI environment * ctr: improve error relative shim path error msg ([#6519](https://github.com/containerd/containerd/pull/6519)) * ctr: improve error relative shim path error msg * typo fixes under cmd. ([#6674](https://github.com/containerd/containerd/pull/6674)) * typo fixes under cmd. * Handle CRI Device.HostPath on Windows ([#6618](https://github.com/containerd/containerd/pull/6618)) * Implement `--device idType://id` for `ctr run` on Windows * Plumb CRI Devices through to OCI WindowsDevices * CRI integration test for Windows Device mounts * Upgrade golangci-lint and its GitHub Action ([#6666](https://github.com/containerd/containerd/pull/6666)) * Upgrade golangci-lint and its GitHub Action * Don't build a second copy of containerd-shim-runhcs-v1.exe ([#6661](https://github.com/containerd/containerd/pull/6661)) * Don't build a second copy of containerd-shim-runhcs-v1.exe * Update TestNormalize to only test Windows platform ([#6569](https://github.com/containerd/containerd/pull/6569)) * Update TestNormalize to only test Windows * Fix link in getting-started.md ([#6663](https://github.com/containerd/containerd/pull/6663)) * Fix link in getting-started.md * Fuzzing: refactor metadata fuzzers ([#6423](https://github.com/containerd/containerd/pull/6423)) * Fuzzing: refactor metadata fuzzers * Two xfs file systems with same UUID can not be mounted on the same sy… ([#6650](https://github.com/containerd/containerd/pull/6650)) * Mount devmapper xfs file system with "nouuid" option. * [Windows] Fix deadline exceeded in daemon restart ([#6635](https://github.com/containerd/containerd/pull/6635)) * Increase wait timeout for TestDaemonRestart * Use temp file for export/import test ([#6658](https://github.com/containerd/containerd/pull/6658)) * Use temp file for export/import test * strip path-info from `-v` (version) output, and implement -v flag for containerd-shim ([#6495](https://github.com/containerd/containerd/pull/6495)) * cmd/containerd-shim: add -v (version) flag * integration/images/volume-ownership: strip path information from usage output * runtime/v2/shim: strip path information from version output * Improve unexpected response error handling in resolver ([#6617](https://github.com/containerd/containerd/pull/6617)) * Improve ErrUnexpectedStatus default string * Add ErrUnexpectedStatus to resolver * Use the latest tag for azure images ([#6601](https://github.com/containerd/containerd/pull/6601)) * Use the latest image for Windows test workers * Run CRI integration tests in GitHub Actions (Windows) ([#6626](https://github.com/containerd/containerd/pull/6626)) * Skip most of script/setup/prepare_env_windows.ps1 * Enable cri-tools critest on Windows * Enable CRI Integration tests on Windows * Remove hardcoded /tmp in tempfile paths * cri: fix integration test on cgroupsv2 system ([#6595](https://github.com/containerd/containerd/pull/6595)) * cri: fix integration test on cgroupsv2 system * Use version 2 configuration format in docs/PLUGINS.md ([#6613](https://github.com/containerd/containerd/pull/6613)) * Use version 2 config and mention containerd config command * update to go 1.16.15, 1.17.8 to address CVE-2022-24921 ([#6619](https://github.com/containerd/containerd/pull/6619)) * update to go 1.16.15, 1.17.8 to address CVE-2022-24921 * Update status of 1.4 release ([#6614](https://github.com/containerd/containerd/pull/6614)) * Update status of 1.4 release * Update TestContainerSymlinkVolumes to use windows path ([#6568](https://github.com/containerd/containerd/pull/6568)) * Update TestContainerSymlinkVolumes to use windows path * Add --user support for ctr run Windows ([#6603](https://github.com/containerd/containerd/pull/6603)) * Add --user support for ctr run Windows * Update releases ([#6608](https://github.com/containerd/containerd/pull/6608)) * Update latest release versions * Update release process to include Kubernetes test infrastructure * Github Security Advisory [GHSA-crp2-qrr5-8pq7](https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7) * Use fs.RootPath when mounting volumes * Adds support for Windows ArgsEscaped images ([#6479](https://github.com/containerd/containerd/pull/6479)) * Adds support for Windows ArgsEscaped images * Do not use weak import ([#6558](https://github.com/containerd/containerd/pull/6558)) * Do not use weak import * cri: relax test for system without hugetlb ([#6596](https://github.com/containerd/containerd/pull/6596)) * cri: relax test for system without hugetlb * Use containerd/protobuild instead of stevvooe/protobuild ([#6578](https://github.com/containerd/containerd/pull/6578)) * Use containerd/protobuild instead of stevvooe/protobuild * integration: remove duplicated util pkg ([#6597](https://github.com/containerd/containerd/pull/6597)) * integration: remove duplicated util pkg * go.mod: update to github.com/tchap/go-patricia/v2 v2.3.1 ([#6591](https://github.com/containerd/containerd/pull/6591)) * go.mod: update to github.com/tchap/go-patricia/v2 v2.3.1 * Update Go version recommendation in getting started ([#6585](https://github.com/containerd/containerd/pull/6585)) * Update Go version recommendation in getting started * go.mod: update to github.com/emicklei/go-restful/v3 v3.7.3 ([#6337](https://github.com/containerd/containerd/pull/6337)) * go.mod: update to github.com/emicklei/go-restful/v3 v3.7.3 * fix Implicit memory aliasing in for loop ([#6331](https://github.com/containerd/containerd/pull/6331)) * fix Implicit memory aliasing in for loop * Fix build with gccgo ([#6579](https://github.com/containerd/containerd/pull/6579)) * Fix build with gccgo * Replace golang.org/x/net/context with std library ([#6580](https://github.com/containerd/containerd/pull/6580)) * Replace golang.org/x/net/context with std library * containerd-shim-runc-v1: return init pid when clean dead shim ([#6571](https://github.com/containerd/containerd/pull/6571)) * containerd-shim-runc-v1: return init pid when clean dead shim * Use Windows matcher when on Windows platform in all code paths ([#6491](https://github.com/containerd/containerd/pull/6491)) * Initialize platform matchers for current platform * containerd-shim-runc-v2: return init pid when clean dead shim ([#6452](https://github.com/containerd/containerd/pull/6452)) * containerd-shim-runc-v2: return init pid when clean dead shim * [Windows][Integration] Enable TestRestartMonitor ([#6515](https://github.com/containerd/containerd/pull/6515)) * [Windows][Integration] Enable TestRestartMonitor * go.mod: fsnotify v1.5.1, moby/sys/mountinfo v0.6.0, moby/sys/signal v0.7.0 ([#6554](https://github.com/containerd/containerd/pull/6554)) * go.mod: github.com/moby/sys/signal v0.7.0 * go.mod: github.com/moby/sys/mountinfo v0.6.0 * go.mod: github.com/fsnotify/fsnotify v1.5.1 </p> </details> ### Changes from containerd/cgroups <details><summary>32 commits</summary> <p> * Upgrade github.com/cilium/ebpf from v0.4.0 to v0.9.1 ([#241](https://github.com/containerd/cgroups/pull/241)) * Upgrade github.com/cilium/ebpf from v0.4.0 to v0.9.1 * go.mod: github.com/stretchr/testify v1.8.0 ([#240](https://github.com/containerd/cgroups/pull/240)) * go.mod: github.com/stretchr/testify v1.8.0 * .github: use ubuntu-22.04 to test cgroupv2 ([#237](https://github.com/containerd/cgroups/pull/237)) * .github: use ubuntu-22.04 to test cgroupv2 * feat(v2): Support cgroup.MoveTo in cgroupv2 manager ([#235](https://github.com/containerd/cgroups/pull/235)) * Cgroup v2: Add unit test TestMoveTo * Cgroup v2: Support cgroup.MoveTo in cgroupv2 manager * Update README to include usage examples of v2 client ([#233](https://github.com/containerd/cgroups/pull/233)) * Update README to include usage examples of v2 client * ParseCgroupFile: fix wrong comment about unified hierarchy ; add ParseCgroupFileUnified to get the unified path ([#232](https://github.com/containerd/cgroups/pull/232)) * add ParseCgroupFileUnified to get the unified path * ParseCgroupFile: fix wrong comment about unified hierarchy * Bump go version to 1.17 in go.mod ([#230](https://github.com/containerd/cgroups/pull/230)) * Bump go version to 1.17 in go.mod * make cmd/ a separate module (as it's only for testing) ([#226](https://github.com/containerd/cgroups/pull/226)) * make cmd/ a separate module (as it's only for testing) * feat(v2): add Update method for v2.Manager ([#225](https://github.com/containerd/cgroups/pull/225)) * feat(v2): add Update method for v2.Manager * feat: add memory.min param ([#211](https://github.com/containerd/cgroups/pull/211)) * feat: add memory.min param * modified the dereference null pointer value. ([#218](https://github.com/containerd/cgroups/pull/218)) * modified the dereference null pointer value. * update readme for cpu cgroup demo ([#217](https://github.com/containerd/cgroups/pull/217)) * update readme for cpu cgroup demo * Fix systemd full path ([#221](https://github.com/containerd/cgroups/pull/221)) * Fix systemd full path * Update Go version and fedora base ([#223](https://github.com/containerd/cgroups/pull/223)) * Update Go version and fedora base * Fix panic in NewSystemd on nil values ([#219](https://github.com/containerd/cgroups/pull/219)) * Fix panic in NewSystemd on nil values </p> </details> ### Changes from containerd/continuity <details><summary>28 commits</summary> <p> * go.mod: update dependencies (take 2) ([#204](https://github.com/containerd/continuity/pull/204)) * go.mod: update dependencies (take 2) * Revert "go.mod: update dependencies" ([#205](https://github.com/containerd/continuity/pull/205)) * Revert "go.mod: update dependencies" * go.mod: update dependencies * cmd/continuity: remove FUSE for macOS * Various small fix-ups ([#202](https://github.com/containerd/continuity/pull/202)) * README: update badges and links * golangci-lint: replace "golint" with "revive" * sysx: remove unused sysx/generate.sh script * fs: fix minor linting and gofmt issue * update authors and mailmap ([#201](https://github.com/containerd/continuity/pull/201)) * update authors and mailmap * move cmd/continuity to its own go module ([#200](https://github.com/containerd/continuity/pull/200)) * move cmd/continuity to its own go module * remove version package * move continuityfs -> cmd/continuity/continuityfs * move commands -> cmd/continuity/commands * go.mod: update logrus to v1.8.1 * CI: resolve Go path before sudoing ; Remove deprecated io/ioutil (except ioutil.ReadDir) ([#198](https://github.com/containerd/continuity/pull/198)) * CI: resolve Go path before sudoing * CI: modernize Go setup * Remove deprecated io/ioutil (except ioutil.ReadDir) * fs.CopyDir: support sockets and pipes ([#197](https://github.com/containerd/continuity/pull/197)) * fs.CopyDir: support sockets and pipes * Fix wrapping errors ([#196](https://github.com/containerd/continuity/pull/196)) * fs: fix wrapping nil err * fmt.Errorf: use %w, not %v to wrap errors </p> </details> ### Changes from containerd/go-cni <details><summary>22 commits</summary> <p> * go.mod: update libcni to v1.1.1 ([#101](https://github.com/containerd/go-cni/pull/101)) * go.mod: update libcni to v1.1.1 * add in some serial setup tests; a little make cleanup ([#100](https://github.com/containerd/go-cni/pull/100)) * add in some serial setup tests; a little make cleanup * Re-introduce serial network setup ([#99](https://github.com/containerd/go-cni/pull/99)) * Re-introduce serial network setup * bump github.com/containernetworking/cni v1.1.0 ([#98](https://github.com/containerd/go-cni/pull/98)) * bump github.com/containernetworking/cni v1.1.0 * Revert "Update loopback version to support check" ([#96](https://github.com/containerd/go-cni/pull/96)) * Revert "Update loopback version to support check" * Use revive instead of golint ([#92](https://github.com/containerd/go-cni/pull/92)) * Use revive instead of golint * Bump go verion to 1.17 ([#91](https://github.com/containerd/go-cni/pull/91)) * Bump go verion to 1.17 * moving up to latest CNI plugin release ([#90](https://github.com/containerd/go-cni/pull/90)) * moving up to latest CNI plugin release * Fix Loopback Version ([#88](https://github.com/containerd/go-cni/pull/88)) * Update loopback version to support check * Update comment for capabilities ([#89](https://github.com/containerd/go-cni/pull/89)) * update comment for capabilities * Add integration test for linux and update go version from 1.16 to 1.17 ([#84](https://github.com/containerd/go-cni/pull/84)) * Add integration test and update go version </p> </details> ### Changes from containerd/imgcrypt <details><summary>18 commits</summary> <p> * Use reflect to support diff.ApplyConfig with/without gogo's types.Any ([#75](https://github.com/containerd/imgcrypt/pull/75)) * Use reflect to support diff.ApplyConfig with/without gogo's types.Any * Upgrade golangci-lint-action and golangci-lint ([#76](https://github.com/containerd/imgcrypt/pull/76)) * Add build tags to make gofmt happy * Upgrade golangci-lint-action and golangci-lint * CHANGES: Updated CHANGES document for 1.1.4 release ([#74](https://github.com/containerd/imgcrypt/pull/74)) * CHANGES: Updated CHANGES document for 1.1.4 release * Bump github.com/containerd/containerd from 1.5.10 to 1.6.1 ([#73](https://github.com/containerd/imgcrypt/pull/73)) * Bump github.com/containerd/containerd from 1.5.10 to 1.6.1 * images: prepare for typeurl.Any ([#72](https://github.com/containerd/imgcrypt/pull/72)) * images: prepare for typeurl.Any * images: Add list of Platforms to CheckAuthorization() * test: Test running of encrypted image only pulled for local platform * Bump ocicrypt to 1.1.3 ([#71](https://github.com/containerd/imgcrypt/pull/71)) * Bump ocicrypt to 1.1.3 * Bump github.com/containerd/containerd from 1.5.9 to 1.5.10 * Bump github.com/containerd/containerd from 1.5.8 to 1.5.9 ([#67](https://github.com/containerd/imgcrypt/pull/67)) * Bump github.com/containerd/containerd from 1.5.8 to 1.5.9 </p> </details> ### Changes from containerd/ttrpc <details><summary>37 commits</summary> <p> * Only generate a Go file if the file has some services ([#112](https://github.com/containerd/ttrpc/pull/112)) * Only generate a Go file if the file has some services * *.go: organize errors to one spot ([#113](https://github.com/containerd/ttrpc/pull/113)) * *.go: organize errors to one spot * PROTOCOL: slight markdown touchup ([#111](https://github.com/containerd/ttrpc/pull/111)) * PROTOCOL: slight markdown touchup * Introduce streaming ([#107](https://github.com/containerd/ttrpc/pull/107)) * Remove unnecessary ttrpc plugin configuration in Protobuild.toml * Unwrap syscall error and check * Update protocol for closed data messages * Add integration test to github actions * Add integration test package * Add streaming support to go-ttrpc generator * Add stream tests * Introduce streaming to client and server * Update checkout and lint actions ([#109](https://github.com/containerd/ttrpc/pull/109)) * Update checkout and lint actions * Add Makefile and update protobuf ([#106](https://github.com/containerd/ttrpc/pull/106)) * Server test show sys error * Update github actions ci to use Makefile * Add makefile and update protoc version * Add ttrpc protocol definition ([#102](https://github.com/containerd/ttrpc/pull/102)) * Add ttrpc protocol definition * Enable Codecov again ([#105](https://github.com/containerd/ttrpc/pull/105)) * Enable Codecov again * Use CR+LF instead of LF regardless of OS ([#103](https://github.com/containerd/ttrpc/pull/103)) * Use CR+LF instead of LF regardless of OS * Log the error's underyling errno if there is ([#104](https://github.com/containerd/ttrpc/pull/104)) * Log the error's underyling errno if there is * Use google.golang.org/protobuf instead of github.com/gogo/protobuf ([#99](https://github.com/containerd/ttrpc/pull/99)) * Use google.golang.org/protobuf instead of github.com/gogo/protobuf * Wrap correct error on unix.GetsockoptUcred failure ([#100](https://github.com/containerd/ttrpc/pull/100)) * Wrap correct error on unix.GetsockoptUcred failure * Update CI project checks to use containerd project action ([#101](https://github.com/containerd/ttrpc/pull/101)) * Update to latest os for build and test * Fix lint issues * Update CI project checks to use containerd project action </p> </details> ### Changes from containerd/typeurl <details><summary>14 commits</summary> <p> * Fallback to google.golang.org/protobuf ([#35](https://github.com/containerd/typeurl/pull/35)) * Fallback to google.golang.org/protobuf * Build with Go 1.17 and Go 1.18 ([#34](https://github.com/containerd/typeurl/pull/34)) * Build with Go 1.17.x and Go 1.18.x * Make nil handling easier ([#33](https://github.com/containerd/typeurl/pull/33)) * Make nil handling easier * Make Any type an interface ([#32](https://github.com/containerd/typeurl/pull/32)) * Make Any type an interface * Add Any type and remove gogo protobuf from interfaces ([#31](https://github.com/containerd/typeurl/pull/31)) * Add Any type and remove gogo protobuf from interfaces * replace pkg/errors ([#29](https://github.com/containerd/typeurl/pull/29)) * replace pkg/errors * Update branch name in GH Actions ([#28](https://github.com/containerd/typeurl/pull/28)) * Update branch name in GH Actions </p> </details> ### Dependency Changes * **github.com/AdaLogics/go-fuzz-headers** 6c3934b029d8 -> 37f5449ff7df * **github.com/AdamKorcz/go-118-fuzz-build** e1f97a00006b **_new_** * **github.com/Microsoft/go-winio** v0.5.1 -> v0.6.0 * **github.com/Microsoft/hcsshim** v0.9.2 -> v0.10.0-rc.1 * **github.com/blang/semver/v4** v4.0.0 **_new_** * **github.com/cenkalti/backoff/v4** v4.1.2 -> v4.1.3 * **github.com/cilium/ebpf** v0.7.0 -> v0.9.1 * **github.com/container-orchestrated-devices/container-device-interface** v0.5.1 **_new_** * **github.com/containerd/cgroups** v1.0.3 -> 7083cd60b721 * **github.com/containerd/continuity** v0.2.2 -> v0.3.0 * **github.com/containerd/go-cni** v1.1.3 -> v1.1.6 * **github.com/containerd/imgcrypt** v1.1.3 -> 8ba028dca028 * **github.com/containerd/ttrpc** v1.1.0 -> 944ef4a40df3 * **github.com/containerd/typeurl** v1.0.2 -> 7f6e6d160d67 * **github.com/containernetworking/cni** v1.0.1 -> v1.1.1 * **github.com/containernetworking/plugins** v1.0.1 -> v1.1.1 * **github.com/containers/ocicrypt** v1.1.2 -> v1.1.3 * **github.com/cpuguy83/go-md2man/v2** v2.0.0 -> v2.0.1 * **github.com/cyphar/filepath-securejoin** v0.2.3 **_new_** * **github.com/emicklei/go-restful** v2.9.5 -> v2.16.0 * **github.com/emicklei/go-restful/v3** v3.8.0 **_new_** * **github.com/fsnotify/fsnotify** v1.4.9 -> v1.5.1 * **github.com/go-logr/logr** v1.2.2 -> v1.2.3 * **github.com/google/go-cmp** v0.5.6 -> v0.5.8 * **github.com/google/uuid** v1.2.0 -> v1.3.0 * **github.com/grpc-ecosystem/grpc-gateway/v2** v2.7.0 **_new_** * **github.com/klauspost/compress** v1.11.13 -> v1.15.9 * **github.com/miekg/pkcs11** v1.0.3 -> v1.1.1 * **github.com/moby/sys/mountinfo** v0.5.0 -> v0.6.2 * **github.com/moby/sys/sequential** b22ba8a69b30 **_new_** * **github.com/moby/sys/signal** v0.6.0 -> v0.7.0 * **github.com/opencontainers/image-spec** 693428a734f5 -> 3a7f492d3f1b * **github.com/opencontainers/runc** v1.1.0 -> v1.1.4 * **github.com/opencontainers/runtime-tools** cd1349b7c47e **_new_** * **github.com/opencontainers/selinux** v1.10.0 -> v1.10.2 * **github.com/prometheus/client_golang** v1.11.0 -> v1.12.1 * **github.com/prometheus/common** v0.30.0 -> v0.32.1 * **github.com/russross/blackfriday/v2** v2.0.1 -> v2.1.0 * **github.com/stretchr/testify** v1.7.0 -> v1.8.0 * **github.com/syndtr/gocapability** 42c35b437635 **_new_** * **github.com/tchap/go-patricia/v2** v2.3.1 **_new_** * **github.com/urfave/cli** v1.22.1 -> v1.22.9 * **github.com/xeipuuv/gojsonpointer** 4e3ac2762d5f **_new_** * **github.com/xeipuuv/gojsonreference** bd5ef7bd5415 **_new_** * **github.com/xeipuuv/gojsonschema** v1.2.0 **_new_** * **go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc** v0.28.0 -> v0.32.0 * **go.opentelemetry.io/otel** v1.3.0 -> v1.7.0 * **go.opentelemetry.io/otel/exporters/otlp/internal/retry** v1.3.0 -> v1.7.0 * **go.opentelemetry.io/otel/exporters/otlp/otlptrace** v1.3.0 -> v1.7.0 * **go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc** v1.3.0 -> v1.7.0 * **go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp** v1.3.0 -> v1.7.0 * **go.opentelemetry.io/otel/sdk** v1.3.0 -> v1.7.0 * **go.opentelemetry.io/otel/trace** v1.3.0 -> v1.7.0 * **go.opentelemetry.io/proto/otlp** v0.11.0 -> v0.16.0 * **golang.org/x/crypto** 32db794688a5 -> 3147a52a75dd * **golang.org/x/mod** 86c51ed26bb4 **_new_** * **golang.org/x/net** fe4d6282115f -> f3363e06e74c * **golang.org/x/oauth2** 2bc19b11175f -> d3ed0bb246c8 * **golang.org/x/sync** 036812b2e83c -> 886fb9371eb4 * **golang.org/x/sys** 1d35b9e2eb4e -> 7b5979e65e41 * **golang.org/x/term** 6886f2dfbf5b -> 03fcf44c2211 * **golang.org/x/time** 1f47c861a9ac -> 90d013bbcef8 * **golang.org/x/tools** v0.1.12 **_new_** * **google.golang.org/genproto** e50cd9704f63 -> c8bf987b8c21 * **google.golang.org/grpc** v1.43.0 -> v1.47.0 * **google.golang.org/protobuf** v1.27.1 -> v1.28.0 * **gopkg.in/yaml.v3** 496545a6307b -> v3.0.1 * **k8s.io/api** v0.22.5 -> v0.24.1 * **k8s.io/apimachinery** v0.22.5 -> v0.24.1 * **k8s.io/apiserver** v0.22.5 -> v0.24.1 * **k8s.io/client-go** v0.22.5 -> v0.24.1 * **k8s.io/component-base** v0.22.5 -> v0.24.1 * **k8s.io/cri-api** v0.23.1 -> v0.25.0 * **k8s.io/klog/v2** v2.30.0 -> v2.60.1 * **k8s.io/utils** cb0fa318a74b -> 3a6ce19ff2f9 * **sigs.k8s.io/json** 9f7c6b3444d2 **_new_** * **sigs.k8s.io/structured-merge-diff/v4** v4.1.2 -> v4.2.1 * **sigs.k8s.io/yaml** v1.2.0 -> v1.3.0 Previous release can be found at [v1.6.0](https://github.com/containerd/containerd/releases/tag/v1.6.0)
d878d7d
2022-10-26 07:29
下载
v1.6.9
containerd 1.6.9 Welcome to the v1.6.9 release of containerd! The ninth patch release for containerd 1.6 contains various fixes, reorders the pod setup workflow in the CRI plugin to prevent CNI resource leaks, and includes a new version of runc. ### Notable Updates * **Update oci.WithDefaultUnixDevices(): remove tun/tap from the default devices** ([#7268](https://github.com/containerd/containerd/pull/7268)) * **Fix CRI: Do not append []string{""} to command to preserve Docker compatibility** ([#7298](https://github.com/containerd/containerd/pull/7298)) * **Enhance CRI: ContainerStatus to return container resources** ([#7410](https://github.com/containerd/containerd/pull/7410)) * **Fix OCI resolver to skip TLS verification for localhost** ([#7438](https://github.com/containerd/containerd/pull/7438) * **Fix createTarFile: make xattr EPERM non-fatal** ([#7447](https://github.com/containerd/containerd/pull/7447)) * **Fix CRI plugin to setup pod network after creating the sandbox container** ([#7456](https://github.com/containerd/containerd/pull/7456)) * **Fix OCI pusher to retry request on writer reset** ([#7461](https://github.com/containerd/containerd/pull/7461)) * **Fix archive to validate digests before use** ([#7490](https://github.com/containerd/containerd/pull/7490)) * **Migrate from k8s.gcr.io to registry.k8s.io** ([#7549](https://github.com/containerd/containerd/pull/7549)) * **Fix CRI: PodSandboxStatus should tolerate missing task** ([#7551](https://github.com/containerd/containerd/pull/7551)) * **Fix io.containerd.runc.v1: Stats() shouldn't assume s.container is non-nil** ([#7557](https://github.com/containerd/containerd/pull/7557)) * **Enhance CRI plugin to add logging volume metrics** ([#7571](https://github.com/containerd/containerd/pull/7571)) * **Add support for CAP_BPF and CAP_PERFMON** ([#7574](https://github.com/containerd/containerd/pull/7574)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Sebastiaan van Stijn * Akihiro Suda * Wei Fu * Samuel Karp * Kazuyoshi Kato * Maksym Pavlenko * Derek McGowan * Phil Estes * Qiutong Song * ruiwen-zhao * zounengren * Akhil Mohan * Andrey Klimentyev * Benjamin Elder * Henry Wang * Iceber Gu * Paco Xu * Sophie Liu * Ye Sijun * rongfu.leng ### Changes <details><summary>68 commits</summary> <p> * [release/1.6] Prepare release notes for v1.6.9 ([#7573](https://github.com/containerd/containerd/pull/7573)) * [`f1493f665`](https://github.com/containerd/containerd/commit/f1493f6651bd1955217c6ae444761c73e49726f2) Prepare release notes for v1.6.9 * [`99578d1fc`](https://github.com/containerd/containerd/commit/99578d1fc794fb36f58f0cbaf54aea56a95c3c60) Update mailmap * [release/1.6] adding support of CAP_BPF and CAP_PERFMON ([#7574](https://github.com/containerd/containerd/pull/7574)) * [`346412f5a`](https://github.com/containerd/containerd/commit/346412f5aefdcec30908562716de70ffe4824b67) adding support of CAP_BPF and CAP_PERFMON * [release/1.6] Add logging volume metrics to Containerd CRI plugin ([#7571](https://github.com/containerd/containerd/pull/7571)) * [`a956d8415`](https://github.com/containerd/containerd/commit/a956d84158580c91253b4c54b879b1f2b3e98e0f) Add logging volume metrics to Containerd CRI plugin * [release/1.6] fix pusher concurrent close channel ([#7562](https://github.com/containerd/containerd/pull/7562)) * [`29e2dea50`](https://github.com/containerd/containerd/commit/29e2dea5083e9b257471db5380a1b8ff32ae9219) fix pusher concurrent close channel * [release/1.6] Stats() shouldn't assume s.container is non-nil ([#7557](https://github.com/containerd/containerd/pull/7557)) * [`8a9d69385`](https://github.com/containerd/containerd/commit/8a9d69385024854321ba806ea09cc0bbe1af87c3) [release/1.6] Stats() shouldn't assume s.container is non-nil * [release/1.6] cri: PodSandboxStatus should tolerate missing task ([#7551](https://github.com/containerd/containerd/pull/7551)) * [`a9adc7938`](https://github.com/containerd/containerd/commit/a9adc7938d98d292d7c2b598b1458551e275a507) cri: PodSandboxStatus should tolerate missing task * [release/1.6] migrate from k8s.gcr.io to registry.k8s.io ([#7549](https://github.com/containerd/containerd/pull/7549)) * [`b66eb726a`](https://github.com/containerd/containerd/commit/b66eb726a5bf968ac64f24de98f4065f19ede7f0) migrate from k8s.gcr.io to registry.k8s.io * [release/1.6] upgrade containerd/continuity from v0.2.2 to v0.3.0 ([#7518](https://github.com/containerd/containerd/pull/7518)) * [`5b40993a5`](https://github.com/containerd/containerd/commit/5b40993a5e525012b1e97121cdacccce6ced4d06) [release/1.6] upgrade containerd/continuity from v0.2.2 to v0.3.0 * [release/1.6] Update container with sandbox metadata after NetNS is created ([#7505](https://github.com/containerd/containerd/pull/7505)) * [`f2376e659`](https://github.com/containerd/containerd/commit/f2376e659ffa55e4ff2578baf4e4c7aab54042e4) Update container with sandbox metadata after NetNS is created * [release/1.6] archive: validate digests before use ([#7490](https://github.com/containerd/containerd/pull/7490)) * [`06f82efef`](https://github.com/containerd/containerd/commit/06f82efef4be5975e7e9a8c8f8d13480065aab9f) archive: validate digests before use * [release/1.6] Update go 1.18.7, addresses CVE-2022-2879, CVE-2022-2880, CVE-2022-41715 ([#7475](https://github.com/containerd/containerd/pull/7475)) * [`28324c529`](https://github.com/containerd/containerd/commit/28324c529fad2285d44ae5348377496cdf9c4926) [release/1.6] Update go 1.18.7, addresses CVE-2022-2879, CVE-2022-2880, CVE-2022-41715 * [`0aeeb62cb`](https://github.com/containerd/containerd/commit/0aeeb62cba15e383b9387424be5ae4758650afae) [release/1.6] update golangci-lint to v1.19.0 * [`7db9d1f76`](https://github.com/containerd/containerd/commit/7db9d1f76ffc16f970b6179a493caa008aeefef2) Fix linter warnings * [`4dc932e62`](https://github.com/containerd/containerd/commit/4dc932e620bd2931c57715dce8cc4ac9f9e1c2d0) [release/1.6] gofmt with go1.19 * [`7b8d679ad`](https://github.com/containerd/containerd/commit/7b8d679ad169fa1a0d1127bc49dff231087ac544) [release/1.6] integration: remove use of deprecated io/ioutil * [release/1.6] retry request on writer reset ([#7461](https://github.com/containerd/containerd/pull/7461)) * [`926b9c72f`](https://github.com/containerd/containerd/commit/926b9c72f61b5be6bf8d952512f1d0932fbaf898) retry request on writer reset * [release/1.6] Setup pod network after creating the sandbox container ([#7456](https://github.com/containerd/containerd/pull/7456)) * [`b9a35c6af`](https://github.com/containerd/containerd/commit/b9a35c6af9519630179b745e48bd29fd4d067c83) Add integration tests with failpoint * [`1f29fac48`](https://github.com/containerd/containerd/commit/1f29fac48ee356918663a4aa1f9880de3e2d6f1a) Persist container and sandbox if resource cleanup fails, like teardownPodNetwork * [release/1.6] test: introduce failpoint control to runc-shimv2 and cni ([#7455](https://github.com/containerd/containerd/pull/7455)) * [`a85709c6c`](https://github.com/containerd/containerd/commit/a85709c6c446b7a6fc49545b01d063473cf09432) integration: simplify CNI-fp and add README.md * [`d89a8d223`](https://github.com/containerd/containerd/commit/d89a8d22379f41adae7fd5e1d524c806a011deff) pkg/failpoint: add FreeBSD link and update pkg doc * [`b0ce2965a`](https://github.com/containerd/containerd/commit/b0ce2965aea5785f8f2930e358be84b86969a5e7) integration: Add injected failpoint testing for RunPodSandbox * [`a7f956d86`](https://github.com/containerd/containerd/commit/a7f956d86498c6066c1934215e64877602ac69f4) integration: CNI bridge wrapper with failpoint * [`07c479471`](https://github.com/containerd/containerd/commit/07c4794714db6af21f0bc5fdcd6fad89bd1f967c) pkg/failpoint: add DelegatedEval API * [`4a5bc05aa`](https://github.com/containerd/containerd/commit/4a5bc05aa00acd1c197f7547aec8f90f20c9a98f) runtime/v2/shim: return if error in load plugin * [`71ee7de24`](https://github.com/containerd/containerd/commit/71ee7de24818907dab4cdac39ba760008331f4a8) bin/ctr,integration: new runc-shim with failpoint * [`3e2e77849`](https://github.com/containerd/containerd/commit/3e2e7784907a9dba4af9de5fd81e2674b0a8cfee) runtime/v2: manager supports server interceptor * [`cb935bf49`](https://github.com/containerd/containerd/commit/cb935bf49a413c6624638ccc640146527bb05edb) pkg/failpoint: init failpoint package * [release/1.6] cherry-pick: make xattr EPERM non-fatal in createTarFile ([#7447](https://github.com/containerd/containerd/pull/7447)) * [`2fdfd564c`](https://github.com/containerd/containerd/commit/2fdfd564c180e01abe40463b6b6107f9ee2e1cf9) make xattr EPERM non-fatal in createTarFile * [release/1.6] remotes/docker/config: Skipping TLS verification for localhost ([#7438](https://github.com/containerd/containerd/pull/7438)) * [`89e49609d`](https://github.com/containerd/containerd/commit/89e49609d361f618aa1308e75e2fec57485697cc) remotes/docker/config: Skipping TLS verification for localhost * [release/1.6] .zuul: remove the zull because it is offline ([#7427](https://github.com/containerd/containerd/pull/7427)) * [`b720be2ce`](https://github.com/containerd/containerd/commit/b720be2ce3fa088b744dbfd185e615799b8e7bee) remove stray .zuul.yaml * [`6b30bc4b4`](https://github.com/containerd/containerd/commit/6b30bc4b4a8d0857e61e8324305c2ba97eba0716) .zuul: remove the zuul because it is offline * [release/1.6] cherry-pick: Set grpc code for unimplemented cri-api methods ([#7421](https://github.com/containerd/containerd/pull/7421)) * [`0f7e258ee`](https://github.com/containerd/containerd/commit/0f7e258eebbf1ebbc3b7fa87618547d1547df3cf) Set grpc code for unimplemented cri-api methods * [release/1.6] cherry-pick: ContainerStatus to return container resources ([#7410](https://github.com/containerd/containerd/pull/7410)) * [`fb753e5cd`](https://github.com/containerd/containerd/commit/fb753e5cd5a907710de673adf3dd5e5721a11fa9) update intergration * [`6ee5bb7ea`](https://github.com/containerd/containerd/commit/6ee5bb7eaad1420d6e57438b7a15853a7167e5b5) bump cri-api * [`ae8598615`](https://github.com/containerd/containerd/commit/ae85986151295afd08aeb7dcd1a30ca329682b11) ContainerStatus to return container resources * [`d3c7e31c8`](https://github.com/containerd/containerd/commit/d3c7e31c8a8f7dc3f0ef0d189fda5a7caca42ce2) Update CRI-API * [release/1.6] backport: vendor: golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd ([#7340](https://github.com/containerd/containerd/pull/7340)) * [`5b44c5271`](https://github.com/containerd/containerd/commit/5b44c5271136c5f1c4b6df4275c6ff3b124d731d) vendor: golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd * [release/1.6 backport] update runc binary to v1.1.4 ([#7333](https://github.com/containerd/containerd/pull/7333)) * [`3507d600b`](https://github.com/containerd/containerd/commit/3507d600b6f5db11f865b96d1ff319708656002d) update runc binary to v1.1.4 * [release/1.6] ci: remove GOPROXY environment variable due to https://github.com/go-… ([#7299](https://github.com/containerd/containerd/pull/7299)) * [`1efd8b947`](https://github.com/containerd/containerd/commit/1efd8b947393ce6911c13898ace01dd673e26633) ci: remove GOPROXY environment variable due to https://github.com/go-yaml/yaml/issues/887 * [release/1.6] Do not append []string{""} to command to preserve Docker compatibility ([#7298](https://github.com/containerd/containerd/pull/7298)) * [`0448673af`](https://github.com/containerd/containerd/commit/0448673af283588654f0197fefc33025cf371b6e) Do not append []string{""} to command to preserve Docker compatibility * [release 1.6 backport] Fix cleanup in critest ([#7274](https://github.com/containerd/containerd/pull/7274)) * [`5c230ece0`](https://github.com/containerd/containerd/commit/5c230ece0fa985fbc973d1e6dea743439ca2c527) Fix cleanup in critest * [release/1.6 backport] oci: WithDefaultUnixDevices(): remove tun/tap from the default devices ([#7268](https://github.com/containerd/containerd/pull/7268)) * [`ed9d3dc37`](https://github.com/containerd/containerd/commit/ed9d3dc37c7d1f3f4975faa6918d0d3d3056e753) oci: WithDefaultUnixDevices(): remove tun/tap from the default devices </p> </details> ### Changes from containerd/continuity <details><summary>28 commits</summary> <p> * go.mod: update dependencies (take 2) ([#204](https://github.com/containerd/continuity/pull/204)) * [`74a0169`](https://github.com/containerd/continuity/commit/74a016961cad4d635aeb6d4efb1bcc2268700d7a) go.mod: update dependencies (take 2) * Revert "go.mod: update dependencies" ([#205](https://github.com/containerd/continuity/pull/205)) * [`4ef02a2`](https://github.com/containerd/continuity/commit/4ef02a2f72d4ed5539010211e85cbe303eb192bd) Revert "go.mod: update dependencies" * [`e364868`](https://github.com/containerd/continuity/commit/e3648687add4203d03811191b4e5692f516d355b) go.mod: update dependencies * [`5df4731`](https://github.com/containerd/continuity/commit/5df4731d45253217b8fe4ebf823fffda8da5a7ae) cmd/continuity: remove FUSE for macOS * Various small fix-ups ([#202](https://github.com/containerd/continuity/pull/202)) * [`7fa1569`](https://github.com/containerd/continuity/commit/7fa1569efc4aa48f382a1c9ea565bcb62817f1b2) README: update badges and links * [`7917549`](https://github.com/containerd/continuity/commit/791754940833264651ac315318beb6998722731d) golangci-lint: replace "golint" with "revive" * [`de7fd6b`](https://github.com/containerd/continuity/commit/de7fd6b43f553b9b106ee818597404c2f408efc7) sysx: remove unused sysx/generate.sh script * [`e9ca807`](https://github.com/containerd/continuity/commit/e9ca807ed63bd76c91f56007883b62eea7d13dd0) fs: fix minor linting and gofmt issue * update authors and mailmap ([#201](https://github.com/containerd/continuity/pull/201)) * [`3df990d`](https://github.com/containerd/continuity/commit/3df990de70e9fdc47d0f27c38414bf0ee63ce9fa) update authors and mailmap * move cmd/continuity to its own go module ([#200](https://github.com/containerd/continuity/pull/200)) * [`9d49199`](https://github.com/containerd/continuity/commit/9d49199bde798d374a44dc1e522443c7ec7eb56e) move cmd/continuity to its own go module * [`5b38337`](https://github.com/containerd/continuity/commit/5b383371446465527de52c6880d4f5432327dcfb) remove version package * [`480f3bb`](https://github.com/containerd/continuity/commit/480f3bb0db8f1414e5190df5c30fcb94273e5dc7) move continuityfs -> cmd/continuity/continuityfs * [`071eff3`](https://github.com/containerd/continuity/commit/071eff3ae0a91e87e3985a862aa2f3445dd47314) move commands -> cmd/continuity/commands * [`840357f`](https://github.com/containerd/continuity/commit/840357fbaab4d0c486ce9656606d165d4d1c8839) go.mod: update logrus to v1.8.1 * CI: resolve Go path before sudoing ; Remove deprecated io/ioutil (except ioutil.ReadDir) ([#198](https://github.com/containerd/continuity/pull/198)) * [`9b78cc9`](https://github.com/containerd/continuity/commit/9b78cc9d2f5c55558269dfd6595a68c5ed383043) CI: resolve Go path before sudoing * [`d67721d`](https://github.com/containerd/continuity/commit/d67721dd765a1d31239c4a6459d3dfbeed088e5f) CI: modernize Go setup * [`5bf078f`](https://github.com/containerd/continuity/commit/5bf078f2f986072b65b2b1641f5abff8968c516f) Remove deprecated io/ioutil (except ioutil.ReadDir) * fs.CopyDir: support sockets and pipes ([#197](https://github.com/containerd/continuity/pull/197)) * [`ca52b93`](https://github.com/containerd/continuity/commit/ca52b934dd01ca5e16244bbe3643a5019360d11c) fs.CopyDir: support sockets and pipes * Fix wrapping errors ([#196](https://github.com/containerd/continuity/pull/196)) * [`def6729`](https://github.com/containerd/continuity/commit/def67296172f65f5827e5355efac79e0c1331a48) fs: fix wrapping nil err * [`b17bab4`](https://github.com/containerd/continuity/commit/b17bab433315a4936debf5c0c150d9f4e36d7088) fmt.Errorf: use %w, not %v to wrap errors </p> </details> ### Dependency Changes * **github.com/Microsoft/go-winio** v0.5.1 -> v0.5.2 * **github.com/containerd/continuity** v0.2.2 -> v0.3.0 * **golang.org/x/crypto** 32db794688a5 -> 3147a52a75dd * **golang.org/x/net** fe4d6282115f -> a158d28d115b * **golang.org/x/sys** 33da011f77ad -> 8c9f86f7a55f * **golang.org/x/term** 6886f2dfbf5b -> 03fcf44c2211 * **google.golang.org/grpc** v1.43.0 -> v1.47.0 * **google.golang.org/protobuf** v1.27.1 -> v1.28.0 * **gopkg.in/yaml.v3** 496545a6307b -> v3.0.1 * **k8s.io/cri-api** v0.23.1 -> v0.25.0 Previous release can be found at [v1.6.8](https://github.com/containerd/containerd/releases/tag/v1.6.8)
1c90a44
2022-10-25 01:30
下载
v1.5.14
containerd 1.5.14 Welcome to the v1.5.14 release of containerd! The fourteenth patch release for containerd 1.5 includes various fixes and updates along with an updated version of runc. ### Notable Updates * **Fix WWW-Authenticate parsing to allow empty quoted string** ([#7132](https://github.com/containerd/containerd/pull/7132)) * **Update oci.WithDefaultUnixDevices(): remove tun/tap from the default devices** ([#7267](https://github.com/containerd/containerd/pull/7267)) * **Fix createTarFile: make xattr EPERM non-fatal** ([#7449](https://github.com/containerd/containerd/pull/7449)) * **Fix dockerPusher to handle abort correctly** ([#7467](https://github.com/containerd/containerd/pull/7467)) * **Migrate from k8s.gcr.io to registry.k8s.io** ([#7550](https://github.com/containerd/containerd/pull/7550)) * **Fix CRI: PodSandboxStatus should tolerate missing task** ([#7552](https://github.com/containerd/containerd/pull/7552)) * **Fix io.containerd.runc.v1: Stats() shouldn't assume s.container is non-nil** ([#7556](https://github.com/containerd/containerd/pull/7556)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Kazuyoshi Kato * Sebastiaan van Stijn * Samuel Karp * Phil Estes * Maksym Pavlenko * Akihiro Suda * Derek McGowan * Wei Fu * Baoshuo * Benjamin Elder * Brian Goff * Daniel Canter * Gabriel Adrian Samfira * Iceber Gu * Kohei Tokunaga * Mike Brown * Paco Xu * Ye Sijun * rongfu.leng ### Changes <details><summary>56 commits</summary> <p> * [release/1.5] Prepare release notes for 1.5.14 ([#7572](https://github.com/containerd/containerd/pull/7572)) * [`ed672fe1c`](https://github.com/containerd/containerd/commit/ed672fe1c1579b7a7ed0b762262c88c8ed10541a) Prepare release notes for 1.5.14 * [`5150b97dd`](https://github.com/containerd/containerd/commit/5150b97dd61da8da4a8e0aec9e94dc3a0f6e095f) Update mailmap * [release/1.5] Update go 1.18.7, addresses CVE-2022-2879, CVE-2022-2880, CVE-2022-41715 ([#7476](https://github.com/containerd/containerd/pull/7476)) * [`f109930d5`](https://github.com/containerd/containerd/commit/f109930d54c7abc76907497661d9e285fb3ea694) fix install cni script * [`1fea434b7`](https://github.com/containerd/containerd/commit/1fea434b700fb74bd55c02ecbba1c91477a6e4d5) [release/1.5] sync gha with release/1.6 branch * [`a6672294a`](https://github.com/containerd/containerd/commit/a6672294a5fb12bbab45beaab6d5f963c88cf5ed) [release/1.5] Update go 1.18.7, addresses CVE-2022-2879, CVE-2022-2880, CVE-2022-41715 * [`1c1045d79`](https://github.com/containerd/containerd/commit/1c1045d799b8254319ef59b0ad6f7fce49ea161b) [release/1.5] update golangci-lint to v1.49.0 * [`03d7e8e49`](https://github.com/containerd/containerd/commit/03d7e8e49b9d935f7999ac0a1cb7eb1b6afc217b) Fix linter warnings * [`e6de4d6ef`](https://github.com/containerd/containerd/commit/e6de4d6efeac456b5a7e1947650362662508bf82) [release/1.5] gofmt with go1.19 * [`699a1f90e`](https://github.com/containerd/containerd/commit/699a1f90e25aa6ccde8ba2fefd23633043507576) Do not use `go get` to install executables * [`c24d508c9`](https://github.com/containerd/containerd/commit/c24d508c93710261add241810e2d10a421a2f526) update gotestsum to v1.7.0 * [`79f119b43`](https://github.com/containerd/containerd/commit/79f119b4391892ec34cf14dc7ac4eaedee70b456) update gotestsum to current master * [`4806c2400`](https://github.com/containerd/containerd/commit/4806c2400eca618ec89228746b7395d4789b5c38) Update gotestsum to add timestamps to junit output * [release/1.5] cri: PodSandboxStatus should tolerate missing task ([#7552](https://github.com/containerd/containerd/pull/7552)) * [`60dec1391`](https://github.com/containerd/containerd/commit/60dec13912618d9159befd4a368b541fafcd02d4) cri: PodSandboxStatus should tolerate missing task * [release/1.5] Stats() shouldn't assume s.container is non-nil ([#7556](https://github.com/containerd/containerd/pull/7556)) * [`208615ca7`](https://github.com/containerd/containerd/commit/208615ca79125f56dd6e2c1e88030780e7795eb7) [release/1.5] Stats() shouldn't assume s.container is non-nil * [release/1.5] migrate from k8s.gcr.io to registry.k8s.io ([#7550](https://github.com/containerd/containerd/pull/7550)) * [`a34a30b52`](https://github.com/containerd/containerd/commit/a34a30b5251ceb89ee37ec1b80a305b670e26f82) migrate from k8s.gcr.io to registry.k8s.io * [release/1.5] vendor: golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f ([#7515](https://github.com/containerd/containerd/pull/7515)) * [`ac382a74d`](https://github.com/containerd/containerd/commit/ac382a74d25d3d2cb972db507e76ac0cf1226681) [release/1.5] vendor: golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f * [release/1.5] cherry-pick: remotes: fix dockerPusher to handle abort correctly ([#7467](https://github.com/containerd/containerd/pull/7467)) * [`2fe813d36`](https://github.com/containerd/containerd/commit/2fe813d368ffc5e1224e0748b30d6d240b858250) remotes: fix dockerPusher to handle abort correctly * [release/1.5] cherry-pick: make xattr EPERM non-fatal in createTarFile ([#7449](https://github.com/containerd/containerd/pull/7449)) * [`f94332ee5`](https://github.com/containerd/containerd/commit/f94332ee54296dbfaf236743fd5cfb9cb05662ac) make xattr EPERM non-fatal in createTarFile * [release/1.5] .zuul: remove the zuul because it is offline ([#7428](https://github.com/containerd/containerd/pull/7428)) * [`0e11ab933`](https://github.com/containerd/containerd/commit/0e11ab9339622680f1d69efb8d4803f18e53e0ff) remove stray .zuul.yaml * [`83ea10446`](https://github.com/containerd/containerd/commit/83ea10446abfa139fd40d31239726275d40fcd3d) .zuul: remove the zuul because it is offline * [release/1.5 backport] update runc binary to v1.1.4 ([#7332](https://github.com/containerd/containerd/pull/7332)) * [`4593d187a`](https://github.com/containerd/containerd/commit/4593d187a718dc0228222195e94312043346831b) update runc binary to v1.1.4 * [release/1.5] ci: remove GOPROXY environment variable due to https://github.com/go-… ([#7300](https://github.com/containerd/containerd/pull/7300)) * [`d3d97cce3`](https://github.com/containerd/containerd/commit/d3d97cce31f42da18c381c2c6c7a5ccbc70fa5f8) ci: remove GOPROXY environment variable due to https://github.com/go-yaml/yaml/issues/887 * [release 1.5 backport] Fix cleanup in critest ([#7275](https://github.com/containerd/containerd/pull/7275)) * [`c2ace6ebc`](https://github.com/containerd/containerd/commit/c2ace6ebc8bf3cda5faee1c4861670257f238bed) Fix cleanup in critest * [release/1.5 backport] oci: WithDefaultUnixDevices(): remove tun/tap from the default devices ([#7267](https://github.com/containerd/containerd/pull/7267)) * [`9bdd52b3a`](https://github.com/containerd/containerd/commit/9bdd52b3a43acebc52ee257546c312adc2c81390) oci: WithDefaultUnixDevices(): remove tun/tap from the default devices * [release/1.5] release workflow: increase timeout to 30 minutes ([#7262](https://github.com/containerd/containerd/pull/7262)) * [`401af14ea`](https://github.com/containerd/containerd/commit/401af14eaf187a90b6ea028b26f5acd637701268) release workflow: increase timeout to 30 minutes * [release/1.5] backport: update GitHub Actions runners to macos-12 ([#7248](https://github.com/containerd/containerd/pull/7248)) * [`792ead0cf`](https://github.com/containerd/containerd/commit/792ead0cf7c524f860b1df7ff4e3a37261aaeb48) Update Vagrant CI to macos-12 * [`07e037f09`](https://github.com/containerd/containerd/commit/07e037f09a0fb5acb3aa91fb332a5184357fb726) chore: bump macos runner version * [release/1.5] gha: make release workflow work in forks ([#7239](https://github.com/containerd/containerd/pull/7239)) * [`7e7eb6793`](https://github.com/containerd/containerd/commit/7e7eb6793385a4febfe00bf88abfc8cfcd55a403) gha: make release workflow work in forks * [release/1.5] Update golang to 1.17.13 ([#7245](https://github.com/containerd/containerd/pull/7245)) * [`9a116ee4f`](https://github.com/containerd/containerd/commit/9a116ee4f74349909c53c8b05722365db66b508d) Update golang to 1.17.13 * [release/1.5] update golang to 1.17.12 ([#7161](https://github.com/containerd/containerd/pull/7161)) * [`e91e39347`](https://github.com/containerd/containerd/commit/e91e39347a8f15e1061df79b2c063817711bff0e) [release/1.5] update golang to 1.17.12 * [release/1.5] Downgrade MinGW to version 10.2.0 ([#7134](https://github.com/containerd/containerd/pull/7134)) * [`46933650b`](https://github.com/containerd/containerd/commit/46933650b5afbbfdbdae687619175656c730d2d9) [release/1.5] Downgrade MinGW to version 10.2.0 * [release/1.5] Fix WWW-Authenticate parsing ([#7132](https://github.com/containerd/containerd/pull/7132)) * [`8ae864ae9`](https://github.com/containerd/containerd/commit/8ae864ae9871d8f7d16c5f21cd9d54e5fcaabd97) [release/1.5] Fix WWW-Authenticate parsing * [release/1.5] ctr: fix label args used in NewContainer ([#7071](https://github.com/containerd/containerd/pull/7071)) * [`febb0e82d`](https://github.com/containerd/containerd/commit/febb0e82d6c6a8974fc2b3bdfa80a92895106fa6) ctr: fix label args used in NewContainer * [release/1.5] update runc binary to v1.1.3 ([#7035](https://github.com/containerd/containerd/pull/7035)) * [`e549139d3`](https://github.com/containerd/containerd/commit/e549139d3c1f3a8b95272d7498928dd4941ab4cd) update runc binary to v1.1.3 </p> </details> ### Dependency Changes * **golang.org/x/sys** 33da011f77ad -> 8c9f86f7a55f Previous release can be found at [v1.5.13](https://github.com/containerd/containerd/releases/tag/v1.5.13)
b84d0b1
2022-10-25 00:05
下载
v1.6.8
containerd 1.6.8 Welcome to the v1.6.8 release of containerd! The eighth patch release for containerd 1.6 fixes a regression in the release build binaries which limited the environments they could be run in. See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Akihiro Suda * Derek McGowan * Samuel Karp * Phil Estes ### Changes <details><summary>7 commits</summary> <p> * [release/1.6] Prepare release notes for v1.6.8 ([#7263](https://github.com/containerd/containerd/pull/7263)) * [`3364f411e`](https://github.com/containerd/containerd/commit/3364f411eb1503bac9d1ea09eab45660298845fc) Prepare release notes for v1.6.8 * [release/1.6] release workflow: increase timeout to 30 minutes & remove Go setup action ([#7261](https://github.com/containerd/containerd/pull/7261)) * [`390920429`](https://github.com/containerd/containerd/commit/390920429580f4d36361ea7f395d062c31e3b49a) release workflow: remove Go setup action * [`cf48ba6e8`](https://github.com/containerd/containerd/commit/cf48ba6e8b4be7036bde1e1963594436e8d1cc0c) release workflow: increase timeout to 30 minutes * [release/1.6] release: rollback Ubuntu to 18.04 (except for riscv64) ([#7260](https://github.com/containerd/containerd/pull/7260)) * [`57873e652`](https://github.com/containerd/containerd/commit/57873e652f495d1644a7cc99498cb9d60fce2a9e) release: rollback Ubuntu to 18.04 (except for riscv64) </p> </details> ### Dependency Changes This release has no dependency changes Previous release can be found at [v1.6.7](https://github.com/containerd/containerd/releases/tag/v1.6.7)
9cd3357
2022-08-09 00:51
下载
v1.6.7
containerd 1.6.7 Welcome to the v1.6.7 release of containerd! The seventh patch release for containerd 1.6 contains various fixes, includes a new version of runc and adds support for ppc64le and riscv64 (requires unreleased runc 1.2) builds. ### Notable Updates * **Update runc to v1.1.3** ([#7036](https://github.com/containerd/containerd/pull/7036)) * **Seccomp: Allow clock_settime64 with CAP_SYS_TIME** ([#7172](https://github.com/containerd/containerd/pull/7172)) * **Fix WWW-Authenticate parsing** ([#7131](https://github.com/containerd/containerd/pull/7131)) * **Support RISC-V 64 and ppc64le builds** ([#7170](https://github.com/containerd/containerd/pull/7170)) * **Windows: Update hcsshim to v0.9.4 to fix regression with HostProcess stats** ([#7200](https://github.com/containerd/containerd/pull/7200)) * **Windows: Fix shim logs going to panic.log file** ([#7242](https://github.com/containerd/containerd/pull/7242)) * **Allow ptrace(2) by default for kernels >= 4.8** ([#7171](https://github.com/containerd/containerd/pull/7171)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Phil Estes * Daniel Canter * Derek McGowan * Akihiro Suda * Kazuyoshi Kato * Mike Brown * Sebastiaan van Stijn * Wei Fu * Baoshuo * Gabriel Adrian Samfira * Henry Wang * Iceber Gu * Marvin Giessing ### Changes <details><summary>40 commits</summary> <p> * [release/1.6] Update release build timeout ([#7250](https://github.com/containerd/containerd/pull/7250)) * [`eccb82f6d`](https://github.com/containerd/containerd/commit/eccb82f6d6211ac7958abb10b2105e8d7d3fb80f) Update release build timeout to 20 minutes * Prepare releases notes for 1.6.7 ([#7225](https://github.com/containerd/containerd/pull/7225)) * [`6a854d4b5`](https://github.com/containerd/containerd/commit/6a854d4b59761698134a89080fe005243af4c0ec) Update mailmap * [`61612e1a2`](https://github.com/containerd/containerd/commit/61612e1a2cd63feea45b533ca29524018edbc320) Prepare release notes for 1.6.7 * [release/1.6] Update golang to 1.17.13 ([#7244](https://github.com/containerd/containerd/pull/7244)) * [`d199ee462`](https://github.com/containerd/containerd/commit/d199ee462b8a592277ed910d655b5c9b16295f66) Update golang to 1.17.13 * [release/1.6] Backport: Change os.Stderr reassign for Windows service ([#7242](https://github.com/containerd/containerd/pull/7242)) * [`0578d20c5`](https://github.com/containerd/containerd/commit/0578d20c5db1fd84db42ed35e6e4ee637976b895) Change os.Stderr reassign for Windows service * [release/1.6] Backport: bump macos runner version ([#7230](https://github.com/containerd/containerd/pull/7230)) * [`12cae4961`](https://github.com/containerd/containerd/commit/12cae49615eedcc678d80e1f90e31d1a1315fdcc) Update Vagrant CI to macos-12 * [`bc4091aae`](https://github.com/containerd/containerd/commit/bc4091aaebb1e7419f8ff82135fbc1efc0d7ecd6) chore: bump macos runner version * [release/1.6] Backport Windows HostProcess test improvements ([#7227](https://github.com/containerd/containerd/pull/7227)) * [`cb73bd050`](https://github.com/containerd/containerd/commit/cb73bd0501dd7bdeb7fac66776df49e41eeaba6e) Windows HostProcess container CRI stats test * [`ac388525a`](https://github.com/containerd/containerd/commit/ac388525aeb2826607d80dff2280cc6ce7faac5a) Add validations for Windows HostProcess CRI configs * [release/1.6] go.mod: Bump hcsshim to v0.9.4 ([#7200](https://github.com/containerd/containerd/pull/7200)) * [`0007f40fe`](https://github.com/containerd/containerd/commit/0007f40fe21a89527961e743af259df312a14823) [release/1.6] go.mod: Bump hcsshim to v0.9.4 * [release/1.6] Update Fedora version to 36 ([#7217](https://github.com/containerd/containerd/pull/7217)) * [`c9607e78c`](https://github.com/containerd/containerd/commit/c9607e78c98315b2dab55b8d4c73b7b84e146f52) Update Fedora version to 36 * [release/1.6] Support RISC-V 64 ([#7170](https://github.com/containerd/containerd/pull/7170)) * [`2952b66c0`](https://github.com/containerd/containerd/commit/2952b66c0110e634c10925cce4093c5417d09ad6) CI: add riscv64 builds * [`6b2dc9a37`](https://github.com/containerd/containerd/commit/6b2dc9a37ae27e4e4785dc07ae464cbc921d00ad) release/Dockerfile: update Ubuntu to 22.04 for supporting riscv64 * [`745dc07c4`](https://github.com/containerd/containerd/commit/745dc07c45487217c1cf7bf62987a7bfe0e1f6f9) seccomp: support riscv64 * [`c2f841f21`](https://github.com/containerd/containerd/commit/c2f841f218a823ad24127f74e25ae6e90ceea887) Create ppc64le release * [release/1.6] allow ptrace(2) by default for kernel >= 4.8 ([#7171](https://github.com/containerd/containerd/pull/7171)) * [`f3da3e51f`](https://github.com/containerd/containerd/commit/f3da3e51f5f1b3b6b50586c9962b112b26aba672) allow ptrace(2) by default for kernel >= 4.8 * [release/1.6] seccomp: allow clock_settime64 when CAP_SYS_TIME is added ([#7172](https://github.com/containerd/containerd/pull/7172)) * [`86b55bd8d`](https://github.com/containerd/containerd/commit/86b55bd8dbb90b84d2b46d8726e3a993f2a75ed4) seccomp: allow clock_settime64 when CAP_SYS_TIME is added * [release/1.6] update golang to 1.17.12 ([#7160](https://github.com/containerd/containerd/pull/7160)) * [`aa1101068`](https://github.com/containerd/containerd/commit/aa110106835c55217c5f10ff23e927bf8b50f307) [release/1.6] update golang to 1.17.12 * [release/1.6] Fix WWW-Authenticate parsing ([#7131](https://github.com/containerd/containerd/pull/7131)) * [`37dfc5c9d`](https://github.com/containerd/containerd/commit/37dfc5c9db66afcfa47b6f40b7797763ac3fde76) [release/1.6] Fix WWW-Authenticate parsing * [release/1.6] Downgrade MinGW to version 10.2.0 ([#7133](https://github.com/containerd/containerd/pull/7133)) * [`fa2016d58`](https://github.com/containerd/containerd/commit/fa2016d58ada2438d0af51a522b528dc228cb4ba) [release/1.6] Downgrade MinGW to version 10.2.0 * [release/1.6] ctr: fix label args used in NewContainer ([#7051](https://github.com/containerd/containerd/pull/7051)) * [`99c56d217`](https://github.com/containerd/containerd/commit/99c56d2175bc02f0fc4db58014b9b483021051a0) ctr: fix label args used in NewContainer * [release/1.6] Make building static binaries simpler ([#7045](https://github.com/containerd/containerd/pull/7045)) * [`51de785f8`](https://github.com/containerd/containerd/commit/51de785f85cb23bc31ea9f85938cc043ded7fdf1) [release/1.6] Make building static binaries simpler * [release/1.6] update runc binary to v1.1.3 ([#7036](https://github.com/containerd/containerd/pull/7036)) * [`2ea4e6348`](https://github.com/containerd/containerd/commit/2ea4e63483e7799f2fd971cf06d7d0472e9e47d0) update runc binary to v1.1.3 </p> </details> ### Dependency Changes * **github.com/Microsoft/hcsshim** v0.9.3 -> v0.9.4 Previous release can be found at [v1.6.6](https://github.com/containerd/containerd/releases/tag/v1.6.6)
0197261
2022-08-05 05:38
下载
v1.6.6
containerd 1.6.6 Welcome to the v1.6.6 release of containerd! The sixth patch release for containerd 1.6 includes a fix for [GHSA-5ffw-gxpp-mxpf](https://github.com/containerd/containerd/security/advisories/GHSA-5ffw-gxpp-mxpf). ### Notable Updates * **Fix ExecSync handler to cap console output size** ([GHSA-5ffw-gxpp-mxpf](https://github.com/containerd/containerd/security/advisories/GHSA-5ffw-gxpp-mxpf)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Kazuyoshi Kato ### Changes <details><summary>4 commits</summary> <p> * Github Security Advisory [GHSA-5ffw-gxpp-mxpf](https://github.com/containerd/containerd/security/advisories/GHSA-5ffw-gxpp-mxpf) * [`61213742a`](https://github.com/containerd/containerd/commit/61213742a8e57458cd6432c46eee9dd35e0584c7) Prepare release notes for v1.6.6 * [`f92068350`](https://github.com/containerd/containerd/commit/f92068350f189040a3bc41f9aa65994c8aba796a) Implicitly discard the input to drain the reader * [`2eb67213b`](https://github.com/containerd/containerd/commit/2eb67213b8ec38f5d7233cf0098763d9364e2a17) [release/1.6] Limit the response size of ExecSync </p> </details> ### Dependency Changes This release has no dependency changes Previous release can be found at [v1.6.5](https://github.com/containerd/containerd/releases/tag/v1.6.5)
10c1295
2022-06-07 01:19
下载
v1.5.13
containerd 1.5.13 Welcome to the v1.5.13 release of containerd! The thirteenth patch release for containerd 1.5 includes a fix for [GHSA-5ffw-gxpp-mxpf](https://github.com/containerd/containerd/security/advisories/GHSA-5ffw-gxpp-mxpf). ### Notable Updates * **Fix ExecSync handler to cap console output size** ([GHSA-5ffw-gxpp-mxpf](https://github.com/containerd/containerd/security/advisories/GHSA-5ffw-gxpp-mxpf)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Kazuyoshi Kato ### Changes <details><summary>4 commits</summary> <p> * Github Security Advisory [GHSA-5ffw-gxpp-mxpf](https://github.com/containerd/containerd/security/advisories/GHSA-5ffw-gxpp-mxpf) * [`1ab043141`](https://github.com/containerd/containerd/commit/1ab043141f77a733cbb2437b857d6385feda368c) Prepare release notes for v1.5.13 * [`b40a356cf`](https://github.com/containerd/containerd/commit/b40a356cfd9f0e5202da130f448f6c35b886ad04) Implicitly discard the input to drain the reader * [`943588b54`](https://github.com/containerd/containerd/commit/943588b54807f48ca545f7560a3def20501993de) [release/1.5] Limit the response size of ExecSync </p> </details> ### Dependency Changes This release has no dependency changes Previous release can be found at [v1.5.12](https://github.com/containerd/containerd/releases/tag/v1.5.12)
a17ec49
2022-06-07 01:19
下载
v1.6.5
containerd 1.6.5 Welcome to the v1.6.5 release of containerd! The fifth patch release for containerd 1.6 includes a few fixes and updated version of runc. ### Notable Updates * **Fix for older CNI plugins not reporting version** ([#7011](https://github.com/containerd/containerd/pull/7011)) * **Fix mount path handling for CRI plugin on Windows** ([#6929](https://github.com/containerd/containerd/pull/6929)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Mike Brown * Sebastiaan van Stijn * Kazuyoshi Kato * Phil Estes * Wei Fu * Akihiro Suda * Derek McGowan * Paul S. Schweigert * Amit Barve * Daniel Canter * Kevin Parsons * Marc Schwind ### Changes <details><summary>26 commits</summary> <p> * Prepare release notes for v1.6.5 ([#7021](https://github.com/containerd/containerd/pull/7021)) * [`185e87275`](https://github.com/containerd/containerd/commit/185e87275cce838776f91abaf34c4ad4af3bfa69) Prepare release notes for v1.6.5 * [release/1.6] update golang to 1.17.11 ([#7013](https://github.com/containerd/containerd/pull/7013)) * [`5c9c83d3e`](https://github.com/containerd/containerd/commit/5c9c83d3e0f03d86644c448d23dc67c7433a2410) [release/1.6] update golang to 1.17.11 * [release/1.6] update go-cni/for cni update fixing plugins that don't respond with version ([#7011](https://github.com/containerd/containerd/pull/7011)) * [`fdcdc27bc`](https://github.com/containerd/containerd/commit/fdcdc27bce9b6105b4afa70759498fed6efed97a) update go-cni/for cni update fixing plugins that don't respond with version * [release/1.6] archive: add human-readable hint to Lchown error ([#6985](https://github.com/containerd/containerd/pull/6985)) * [`e33b9e709`](https://github.com/containerd/containerd/commit/e33b9e7091792c8f4db042f4d196b130ac412ec1) archive: add human-readable hint to Lchown error * [release/1.6] go.mod: Bump hcsshim to 0.9.3 ([#6968](https://github.com/containerd/containerd/pull/6968)) * [`6eff5b6c0`](https://github.com/containerd/containerd/commit/6eff5b6c0e03bf792b232e3bf2603a2445e57bcf) [release/1.6] go.mod: Bump hcsshim to 0.9.3 * [release/1.6] config: improve config v1 deprecation message ([#6980](https://github.com/containerd/containerd/pull/6980)) * [`3bb5a9d19`](https://github.com/containerd/containerd/commit/3bb5a9d19f42b58bde83585a1cc7faa3e1d2e9b9) config: improve config v1 deprecation message * [release/1.6] update golang to 1.17.10, golang.org/x/sys v0.0.0-20220412211240-33da011f77ad ([#6927](https://github.com/containerd/containerd/pull/6927)) * [`f1d2d9260`](https://github.com/containerd/containerd/commit/f1d2d9260a5d5e8ac46b803757007cb138383206) [release/1.6] vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad * [`9f99be51b`](https://github.com/containerd/containerd/commit/9f99be51ba3282f4ac90c574c926e81494973225) [release/1.6] update golang to 1.17.10 * [release/1.6] Bug fix for mount path handling ([#6929](https://github.com/containerd/containerd/pull/6929)) * [`70839a344`](https://github.com/containerd/containerd/commit/70839a344033dbb86ae152b30a747f9258527c9e) Bug fix for mount path handling * [release/1.6] Reverts removal of parallel run from critest ([#6942](https://github.com/containerd/containerd/pull/6942)) * [`82a77be2d`](https://github.com/containerd/containerd/commit/82a77be2dd20790a14a1c96f21be41b8d597cc2e) reverts removal of parallel run from critest * [release/1.6 backport] update runc binary and vendor to v1.1.2 ([#6936](https://github.com/containerd/containerd/pull/6936)) * [`246a1b42e`](https://github.com/containerd/containerd/commit/246a1b42e64337656992335bf9e81738cbec89cb) vendor: github.com/opencontainers/runc v1.1.2 * [`43717e03a`](https://github.com/containerd/containerd/commit/43717e03aa5266702871b2ac3584bf949642443c) update runc binary to v1.1.2 * [release/1.6] Allow git commands in Vagrantfile ([#6941](https://github.com/containerd/containerd/pull/6941)) * [`06bdfeb67`](https://github.com/containerd/containerd/commit/06bdfeb675297ebd7406b7de94107b2dc74017ad) Allow git commands in Vagrantfile * [release/1.6] Update critools to v1.24 ([#6895](https://github.com/containerd/containerd/pull/6895)) * [`1520bae0f`](https://github.com/containerd/containerd/commit/1520bae0f44e1a47f68807bd61065135f1560256) update critools to v1.24 </p> </details> ### Changes from containerd/go-cni <details><summary>6 commits</summary> <p> * go.mod: update libcni to v1.1.1 ([#101](https://github.com/containerd/go-cni/pull/101)) * [`cb645ef`](https://github.com/containerd/go-cni/commit/cb645efd5a911122fa150704930c1205b31c2308) go.mod: update libcni to v1.1.1 * add in some serial setup tests; a little make cleanup ([#100](https://github.com/containerd/go-cni/pull/100)) * [`42cfe0f`](https://github.com/containerd/go-cni/commit/42cfe0f8dcae8919832c955502b1e9de32282f94) add in some serial setup tests; a little make cleanup * Re-introduce serial network setup ([#99](https://github.com/containerd/go-cni/pull/99)) * [`ee1a707`](https://github.com/containerd/go-cni/commit/ee1a707cb4d9c2a1a11e901fddd954ac7bc23494) Re-introduce serial network setup </p> </details> ### Dependency Changes * **github.com/Microsoft/hcsshim** v0.9.2 -> v0.9.3 * **github.com/containerd/go-cni** v1.1.5 -> v1.1.6 * **github.com/containernetworking/cni** v1.1.0 -> v1.1.1 * **github.com/opencontainers/runc** v1.1.1 -> v1.1.2 * **golang.org/x/sys** 1d35b9e2eb4e -> 33da011f77ad Previous release can be found at [v1.6.4](https://github.com/containerd/containerd/releases/tag/v1.6.4)
96df099
2022-06-04 06:51
下载
v1.5.12
containerd 1.5.12 Welcome to the v1.5.12 release of containerd! The twelfth patch release for containerd 1.5 includes various fixes and updates along with an updated version of runc. ### Notable Updates * **Fix inotify fd leak when cgroup is deleted** ([#6961](https://github.com/containerd/containerd/pull/6961)) * **Close fifos when container is deleted in CRI plugin** ([#6857](https://github.com/containerd/containerd/pull/6857)) * **Update unpack to to respect MaxConcurrentDownloads** ([#6774](https://github.com/containerd/containerd/pull/6774)) * **Monitor OOMKill instead of OOM in cgroupv2** ([#6735](https://github.com/containerd/containerd/pull/6735)) * **Make the temp mount as ready only in container WithVolumes** ([#6729](https://github.com/containerd/containerd/pull/6729)) * **Fix deadlock from abandoned transactions in native snapshotter** ([#6726](https://github.com/containerd/containerd/pull/6726)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Sebastiaan van Stijn * Phil Estes * Akihiro Suda * Derek McGowan * Wei Fu * Jeremi Piotrowski * Kazuyoshi Kato * Maksym Pavlenko * Miao Wang * Mike Brown * Alexey Ivanov * Brian Goff * Henry Wang * Michael Crosby * Qiutong Song * Samuel Ortiz * Tõnis Tiigi * chenxiaoyu * linrunlong * ningmingxiao * zounengren ### Changes <details><summary>34 commits</summary> <p> * Prepare release notes for v1.5.12 ([#7019](https://github.com/containerd/containerd/pull/7019)) * [`5a55f1efc`](https://github.com/containerd/containerd/commit/5a55f1efcfb3f8775399f960e7b6bb5921b5699a) Prepare release notes for v1.5.12 * [release/1.5] update golang to 1.17.11 ([#7014](https://github.com/containerd/containerd/pull/7014)) * [`3f61d5ed4`](https://github.com/containerd/containerd/commit/3f61d5ed4fe148e506db79aabad08106cf12290d) [release/1.5] update golang to 1.17.11 * [release/1.5] archive: add human-readable hint to Lchown error ([#6986](https://github.com/containerd/containerd/pull/6986)) * [`f67de000d`](https://github.com/containerd/containerd/commit/f67de000dc26f34ae088d8db7c5d936375c6ba61) archive: add human-readable hint to Lchown error * [release/1.5] config: improve config v1 deprecation message ([#6981](https://github.com/containerd/containerd/pull/6981)) * [`4c98768bd`](https://github.com/containerd/containerd/commit/4c98768bd4c6299c111eac04adf32597824a05f4) config: improve config v1 deprecation message * [release/1.5] upgrade containerd/cgroups to v1.0.3 ([#6961](https://github.com/containerd/containerd/pull/6961)) * [`f890c79fd`](https://github.com/containerd/containerd/commit/f890c79fd4b0826fec2ff92c40d6107ddc2311ff) [release/1.5] upgrade containerd/cgroups to v1.0.3 * [release/1.5] update golang to 1.17.10, golang.org/x/sys v0.0.0-20220412211240-33da011f77ad ([#6928](https://github.com/containerd/containerd/pull/6928)) * [`9f6e1864c`](https://github.com/containerd/containerd/commit/9f6e1864cd367b6ea50280943637da665772603f) [release/1.5] vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad * [`c00476595`](https://github.com/containerd/containerd/commit/c00476595fb5f5ec65f4c6e2e943aea9ea15fd74) [release/1.5] update golang to 1.17.10 * [release/1.5 backport] update runc binary to v1.1.2 ([#6935](https://github.com/containerd/containerd/pull/6935)) * [`c2f793349`](https://github.com/containerd/containerd/commit/c2f7933497a06ddc407b1cd189cfeac49388f332) update runc binary to v1.1.2 * [release/1.5] cherry-pick: Allow git commands in Vagrantfile ([#6943](https://github.com/containerd/containerd/pull/6943)) * [`1f9900830`](https://github.com/containerd/containerd/commit/1f9900830a7f886c73cb50db6a8bb941b1b0b949) Allow git commands in Vagrantfile * [release/1.5] cri: close fifos when container is deleted ([#6857](https://github.com/containerd/containerd/pull/6857)) * [`689b342c1`](https://github.com/containerd/containerd/commit/689b342c1d6a5388f149721a5afb55d03837b41d) cri: close fifos when container is deleted * [release/1.5] update golang to 1.17.9 ([#6824](https://github.com/containerd/containerd/pull/6824)) * [`65aad9d93`](https://github.com/containerd/containerd/commit/65aad9d9326882909bb7fe4a19f6ec9bc1e0a079) [release/1.5] update golang to 1.17.9 * [release/1.5] check for duplicate nspath possibilities ([#6814](https://github.com/containerd/containerd/pull/6814)) * [`283058cd6`](https://github.com/containerd/containerd/commit/283058cd6973a51e0acb48557e03312887d9ba72) check for duplicate nspath possibilities * [release/1.5] fix #6054 MaxConcurrentDownloads is not effect when Unpack is true ([#6774](https://github.com/containerd/containerd/pull/6774)) * [`4dbd0c851`](https://github.com/containerd/containerd/commit/4dbd0c851b9b0cb0d8b02c44d72c311a25a2512a) fix #6054 MaxConcurrentDownloads is not effect when Unpack is true * [release/1.5 backport] update runc binary to v1.1.1 ([#6770](https://github.com/containerd/containerd/pull/6770)) * [`ef56dcafc`](https://github.com/containerd/containerd/commit/ef56dcafc32d67e750b89fdb5ee24d0c7ffa9608) update runc binary to v1.1.1 * [`b8ab8dd3f`](https://github.com/containerd/containerd/commit/b8ab8dd3fbd5b7020fe29d6d26d8d6a987215f5a) update runc binary to v1.1.0 * [release/1.5 backport] Make the temp mount as ready only in container WithVolumes ([#6729](https://github.com/containerd/containerd/pull/6729)) * [`05b04a1a3`](https://github.com/containerd/containerd/commit/05b04a1a36da8c94bb6a7af639a3059d01bea5e4) Make the temp mount as ready only in container WithVolumes * [release/1.5 backport] native: fix deadlock from leaving transactions open ([#6726](https://github.com/containerd/containerd/pull/6726)) * [`603ef55e0`](https://github.com/containerd/containerd/commit/603ef55e0e696b382ad08d83168d608f54f1b6e2) native: fix deadlock from leaving transactions open * [release/1.5 backport] cgroup2: monitor OOMKill instead of OOM to prevent missing container events ([#6735](https://github.com/containerd/containerd/pull/6735)) * [`1c68f5037`](https://github.com/containerd/containerd/commit/1c68f50378b3562e7497d42973ba610945c4bc66) cgroup2: monitor OOMKill instead of OOM to prevent missing container OOM events </p> </details> ### Changes from containerd/cgroups <details><summary>33 commits</summary> <p> * v2: Fix inotify fd leak when cgroup is deleted ([#212](https://github.com/containerd/cgroups/pull/212)) * [`a7d6888`](https://github.com/containerd/cgroups/commit/a7d6888aa30218c8aff15d979eb3f6aec0b7979c) v2: add test case for Manager.EventChan() behavior * [`cf1f978`](https://github.com/containerd/cgroups/commit/cf1f978b93bf784118d3ab7dec6a47b8204918c2) v2: flip error handling for readKVStat("memory.events") to reduce indentation * [`6a46df2`](https://github.com/containerd/cgroups/commit/6a46df25065d551a8d998495c34263354c84f2c1) v2: manager: factor out memory.events parsing * [`35b5b55`](https://github.com/containerd/cgroups/commit/35b5b55c686080de64facf127d6d6a5ca9a0fe6b) v2: Fix inotify leak when cgroup is deleted * fix Implicit memory aliasing in for loop ([#214](https://github.com/containerd/cgroups/pull/214)) * [`182c3af`](https://github.com/containerd/cgroups/commit/182c3afa53b8cccce0611cca9dee46410c4f82f7) fix Implicit memory aliasing in for loop * Fix potential dirfd leak. ([#210](https://github.com/containerd/cgroups/pull/210)) * [`17fece8`](https://github.com/containerd/cgroups/commit/17fece81870ef8aa1a31f05210b8f425e37038a0) Fix potential dirfd leak. * cgroup: Optionally add process and task to a subsystems subset ([#203](https://github.com/containerd/cgroups/pull/203)) * [`80a7821`](https://github.com/containerd/cgroups/commit/80a7821536fc82757f390f8d65693074bd3ef8e4) cgroup: Optionally add process and task to a subsystems subset * replace pkg/errors from vendor ([#208](https://github.com/containerd/cgroups/pull/208)) * [`0072297`](https://github.com/containerd/cgroups/commit/0072297e4547d623094fc68b0df41eef364d1747) replace pkg/errors from vendor * cgroup.go: avoid panic on nil interface ([#207](https://github.com/containerd/cgroups/pull/207)) * [`d55de5d`](https://github.com/containerd/cgroups/commit/d55de5d2af9a3616eb758e393a2170a1421155c1) cgroup.go: avoid panic on nil interface * Improvements on cgroup v2 support ([#204](https://github.com/containerd/cgroups/pull/204)) * [`73a8516`](https://github.com/containerd/cgroups/commit/73a8516e7f0f45fe9931d02cc57ff6059202f553) cgroupv2: reset lastErr to nil when subtree control is successfully written * [`2ca92c5`](https://github.com/containerd/cgroups/commit/2ca92c515038c7a30c1998dbe29a87873b98a3b3) cgroupv2: enable controllers before setting resources in NewChild() * v2: remove unimplemented errors and ErrorHandler, IgnoreNotExist ([#201](https://github.com/containerd/cgroups/pull/201)) * [`db173a8`](https://github.com/containerd/cgroups/commit/db173a86bea843700360e7061c6f8d3869d13363) v2: remove ErrorHandler and IgnoreNotExist as they are not implemented * [`b19a60d`](https://github.com/containerd/cgroups/commit/b19a60d64d89b858b3c2bee4a04fb7f70642ffce) v2: remove errors that are never returned * v1: reduce duplicated code ([#202](https://github.com/containerd/cgroups/pull/202)) * [`4fe70f3`](https://github.com/containerd/cgroups/commit/4fe70f3edc256fc2345d5f8f8a54e2f4e96f271e) v1: reduce duplicated code * cgroup v1: implement AddProc() ([#200](https://github.com/containerd/cgroups/pull/200)) * [`6659093`](https://github.com/containerd/cgroups/commit/66590933215fb7b0c9f9ffd39e9946ab510d7679) cgroup v1: implement AddProc() * Rename branch from master to main ([#199](https://github.com/containerd/cgroups/pull/199)) * [`7254c12`](https://github.com/containerd/cgroups/commit/7254c1242cee46d1c37bf3da2151eed571879b5c) Rename branch from master to main * utils: export ParseCgroupFile() ([#197](https://github.com/containerd/cgroups/pull/197)) * [`23b5120`](https://github.com/containerd/cgroups/commit/23b51209bf7bd11941d5613119309b11029e8373) utils: export ParseCgroupFile() * go.mod: coreos/go-systemd/v22 v22.3.2 to prepare for deprecations ([#194](https://github.com/containerd/cgroups/pull/194)) * [`f8918cf`](https://github.com/containerd/cgroups/commit/f8918cf2d923b7003970ce99bb29545f2f34b531) go.mod: coreos/go-systemd/v22 v22.3.2 to prepare for deprecations * Use /proc/partitions to get device names ([#195](https://github.com/containerd/cgroups/pull/195)) * [`1a4509d`](https://github.com/containerd/cgroups/commit/1a4509dd06454dc765aed7f62cb26531416ffce3) Use /proc/partitions to get device names </p> </details> ### Dependency Changes * **github.com/containerd/cgroups** v1.0.1 -> v1.0.3 * **github.com/stretchr/testify** v1.6.1 -> v1.7.0 * **golang.org/x/net** e18ecbb05110 -> a5a99cb37ef4 * **golang.org/x/sync** 09787c993a3a -> 036812b2e83c * **golang.org/x/sys** d19ff857e887 -> 33da011f77ad Previous release can be found at [v1.5.11](https://github.com/containerd/containerd/releases/tag/v1.5.11)
a4014bc
2022-06-04 01:54
下载
v1.6.4
containerd 1.6.4 Welcome to the v1.6.4 release of containerd! The fourth patch release for containerd 1.6 includes two fixes for CNI and SELinux. ### Notable Updates * **Update go-cni to fix teardown regression** ([#6877](https://github.com/containerd/containerd/pull/6877)) * **Fix broken SELinux relabeling for Kubernetes volume mounts** ([#6878](https://github.com/containerd/containerd/pull/6878)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Mike Brown * Kazuyoshi Kato * Michael Zappa * Wang Bing * Wei Fu * Antonio Ojea * Derek McGowan * Henry Wang * Nabeel Rana * Phil Estes ### Changes <details><summary>8 commits</summary> <p> * Prepare release notes for 1.6.4 ([#6887](https://github.com/containerd/containerd/pull/6887)) * [`0d1d2953b`](https://github.com/containerd/containerd/commit/0d1d2953bfec64910f7e11b5cc0049e4fdafbb0c) Prepare release notes for 1.6.4 * [release/1.6 backport] Bump opencontainers/selinux from 1.10.0 to 1.10.1 ([#6878](https://github.com/containerd/containerd/pull/6878)) * [`42d691fe6`](https://github.com/containerd/containerd/commit/42d691fe6bb18f523b643e8e960f9fa3abb13bc6) Bump opencontainers/selinux from 1.10.0 to 1.10.1 * [release/1.6] Update go-cni to v1.1.5 backported due to conflict in go.mod ([#6877](https://github.com/containerd/containerd/pull/6877)) * [`e9f22e008`](https://github.com/containerd/containerd/commit/e9f22e008b18a383cb440d86c8fd3a93e364f3f4) Update go-cni to v1.1.5 * [release/1.6] cri: close fifos when container is deleted ([#6859](https://github.com/containerd/containerd/pull/6859)) * [`be4909e95`](https://github.com/containerd/containerd/commit/be4909e950da484ceb7bf11ebd858a8757677d8f) cri: close fifos when container is deleted </p> </details> ### Changes from containerd/go-cni <details><summary>8 commits</summary> <p> * bump github.com/containernetworking/cni v1.1.0 ([#98](https://github.com/containerd/go-cni/pull/98)) * [`e24193e`](https://github.com/containerd/go-cni/commit/e24193e4e5ade8070f9c0a73918f7e3fd782b0cc) bump github.com/containernetworking/cni v1.1.0 * Revert "Update loopback version to support check" ([#96](https://github.com/containerd/go-cni/pull/96)) * [`186662c`](https://github.com/containerd/go-cni/commit/186662cf27eee1f357c5f71b3a373d78c1e69988) Revert "Update loopback version to support check" * Use revive instead of golint ([#92](https://github.com/containerd/go-cni/pull/92)) * [`322e8bf`](https://github.com/containerd/go-cni/commit/322e8bfbe6917a4343bc355f5a7f0525e0007099) Use revive instead of golint * Bump go verion to 1.17 ([#91](https://github.com/containerd/go-cni/pull/91)) * [`9b78de4`](https://github.com/containerd/go-cni/commit/9b78de41083664e4ea005986ed39fa81cbb77cf5) Bump go verion to 1.17 </p> </details> ### Dependency Changes * **github.com/containerd/go-cni** v1.1.4 -> v1.1.5 * **github.com/containernetworking/cni** v1.0.1 -> v1.1.0 * **github.com/opencontainers/selinux** v1.10.0 -> v1.10.1 Previous release can be found at [v1.6.3](https://github.com/containerd/containerd/releases/tag/v1.6.3)
212e8b6
2022-05-03 09:50
下载
v1.6.3
containerd 1.6.3 Welcome to the v1.6.3 release of containerd! The third patch release for containerd 1.6 includes various fixes and updates. ### Notable Updates * **Fix panic when configuring tracing plugin** ([#6853](https://github.com/containerd/containerd/pull/6853)) * **Improve image pull performance in CRI plugin** ([#6816](https://github.com/containerd/containerd/pull/6816)) * **Check for duplicate nspath** ([#6813](https://github.com/containerd/containerd/pull/6813)) * **Fix deadlock in cgroup metrics collector** ([#6801](https://github.com/containerd/containerd/pull/6801)) * **Mount devmapper xfs file system with "nouuid" option** ([#6731](https://github.com/containerd/containerd/pull/6731)) * **Make the temp mount as ready only in container WithVolumes** ([#6730](https://github.com/containerd/containerd/pull/6730)) * **Fix deadlock from leaving transaction open in native snapshotter** ([#6727](https://github.com/containerd/containerd/pull/6727)) * **Monitor OOMKill events to prevent missing container events** ([#6734](https://github.com/containerd/containerd/pull/6734)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Stefan Berger * Wei Fu * Akihiro Suda * Derek McGowan * Phil Estes * Kazuyoshi Kato * Mike Brown * Sebastiaan van Stijn * Maksym Pavlenko * dependabot[bot] * Cory Snider * Henry Wang * Jeremi Piotrowski * Michael Zappa * Qiutong Song * Tõnis Tiigi * Ye Sijun ### Changes <details><summary>35 commits</summary> <p> * Prepare release notes for v1.6.3 ([#6844](https://github.com/containerd/containerd/pull/6844)) * [`baa386dc0`](https://github.com/containerd/containerd/commit/baa386dc04afe1c8475be8c7c22a0d632482ff41) Prepare release notes for v1.6.3 * [release/1.6] tracing: fix panic on startup when configured ([#6853](https://github.com/containerd/containerd/pull/6853)) * [`e8da82adc`](https://github.com/containerd/containerd/commit/e8da82adcdc667d8247bd27a8b2c835d0872066b) tracing: fix panic on startup when configured * [release/1.6] CRI: improve image pulling performance ([#6816](https://github.com/containerd/containerd/pull/6816)) * [`1764ea9a2`](https://github.com/containerd/containerd/commit/1764ea9a2815ddbd0cde777b557f97171b84cd02) CRI: improve image pulling performance * [release/1.6] update golang to 1.17.9 ([#6823](https://github.com/containerd/containerd/pull/6823)) * [`9cd76d465`](https://github.com/containerd/containerd/commit/9cd76d465576ec766fc6385f14e27ca3cf536bc5) [release/1.6] update golang to 1.17.9 * [release/1.6] check for duplicate nspath possibilities ([#6813](https://github.com/containerd/containerd/pull/6813)) * [`c09cc1242`](https://github.com/containerd/containerd/commit/c09cc12421b3317ac83aa4412e7a174c8174e916) check for duplicate nspath possibilities * [release/1.6] metrics/cgroups: fix deadlock issue in Add during Collect ([#6801](https://github.com/containerd/containerd/pull/6801)) * [`fe6ba62ce`](https://github.com/containerd/containerd/commit/fe6ba62ceae6c4b692d4a8feb5655f59351abd05) metrics/cgroups: fix deadlock issue in Add during Collect * [release/1.6] go.mod: update image-spec to merge-commit of v1 into main ([#6766](https://github.com/containerd/containerd/pull/6766)) * [`8b81a7843`](https://github.com/containerd/containerd/commit/8b81a78434e9431771fd2bc0e2b226facc3f32f9) [release/1.6] go.mod: update image-spec to merge-commit of v1 into main * [release/1.6 backport] update runc to 1.1.1 ([#6759](https://github.com/containerd/containerd/pull/6759)) * [`f2ba2041b`](https://github.com/containerd/containerd/commit/f2ba2041be70b2c61dfd3151e2d91c74a917c4bf) update runc binary to v1.1.1 * [`b736b4dab`](https://github.com/containerd/containerd/commit/b736b4dab097bb79d11cc72c2ab3a19615613060) go.mod: github.com/opencontainers/runc v1.1.1 * [release/1.6] CI: add Rocky Linux 8 ([#6752](https://github.com/containerd/containerd/pull/6752)) * [`72f1e58c7`](https://github.com/containerd/containerd/commit/72f1e58c703db70b10486635c56c31b6758de29e) CI: add Rocky Linux 8 * [release/1.6] vendor: github.com/containerd/imgcrypt v1.1.4 ([#6739](https://github.com/containerd/containerd/pull/6739)) * [`7ede40c5c`](https://github.com/containerd/containerd/commit/7ede40c5ca3c8d0565798fa653402357b8c088a0) [release/1.6] vendor: github.com/containerd/imgcrypt v1.1.4 * [release/1.6 backport] moving up to go-cni v1.1.4 ([#6728](https://github.com/containerd/containerd/pull/6728)) * [`82a12edf2`](https://github.com/containerd/containerd/commit/82a12edf250b8df03c1dcfc6f18928fba6610250) moving up to go-cni v1.1.4 * [release/1.6 backport] Update prometheus client vendor ([#6732](https://github.com/containerd/containerd/pull/6732)) * [`da35c19da`](https://github.com/containerd/containerd/commit/da35c19dad1a39ad49341635e098a258af0d9566) Test turning off golang CI lint cache * [`a0213573b`](https://github.com/containerd/containerd/commit/a0213573b2179224fa9c0c876bf14e26416de2da) Add nolint:staticcheck to platform-specific calls * [`ad0036ed6`](https://github.com/containerd/containerd/commit/ad0036ed62be304b72bddcf01f1cfa5acf5c0a17) Update prometheus client vendor * [release/1.6 backport] Mount devmapper xfs file system with "nouuid" option. ([#6731](https://github.com/containerd/containerd/pull/6731)) * [`c7bbf316f`](https://github.com/containerd/containerd/commit/c7bbf316f4f0f86355a87a82294d60119d7fe5e8) Mount devmapper xfs file system with "nouuid" option. * [release/1.6 backport] Make the temp mount as ready only in container WithVolumes ([#6730](https://github.com/containerd/containerd/pull/6730)) * [`a1de89c3e`](https://github.com/containerd/containerd/commit/a1de89c3e8ed4e6918875bda626f6b2932b4e95c) Make the temp mount as ready only in container WithVolumes * [release/1.6 backport] native: fix deadlock from leaving transactions open ([#6727](https://github.com/containerd/containerd/pull/6727)) * [`28b44826b`](https://github.com/containerd/containerd/commit/28b44826b004cb04a3d53820c1ba4f845d351963) native: fix deadlock from leaving transactions open * [release/1.6 backport] cgroup2: monitor OOMKill instead of OOM to prevent missing container events ([#6734](https://github.com/containerd/containerd/pull/6734)) * [`5538be6cf`](https://github.com/containerd/containerd/commit/5538be6cf2f52ee09a1e9c217dcc031669ecc7c4) cgroup2: monitor OOMKill instead of OOM to prevent missing container OOM events </p> </details> ### Changes from containerd/go-cni <details><summary>8 commits</summary> <p> * moving up to latest CNI plugin release ([#90](https://github.com/containerd/go-cni/pull/90)) * [`689fcd9`](https://github.com/containerd/go-cni/commit/689fcd968353e729ac9b5454087accf118472f57) moving up to latest CNI plugin release * Fix Loopback Version ([#88](https://github.com/containerd/go-cni/pull/88)) * [`9ebcec1`](https://github.com/containerd/go-cni/commit/9ebcec1f5aae75ddd28394898d310212bc87c478) Update loopback version to support check * Update comment for capabilities ([#89](https://github.com/containerd/go-cni/pull/89)) * [`a4d8d38`](https://github.com/containerd/go-cni/commit/a4d8d386ca3b4fd71850ab58769e5b5d4cc5ecdc) update comment for capabilities * Add integration test for linux and update go version from 1.16 to 1.17 ([#84](https://github.com/containerd/go-cni/pull/84)) * [`49aa5ab`](https://github.com/containerd/go-cni/commit/49aa5ab910ad9812d2688764ff67dfdd42f77351) Add integration test and update go version </p> </details> ### Changes from containerd/imgcrypt <details><summary>13 commits</summary> <p> * CHANGES: Updated CHANGES document for 1.1.4 release ([#74](https://github.com/containerd/imgcrypt/pull/74)) * [`f576654`](https://github.com/containerd/imgcrypt/commit/f5766549f0d7ff396aeef807f93701d5c5bd1954) CHANGES: Updated CHANGES document for 1.1.4 release * Bump github.com/containerd/containerd from 1.5.10 to 1.6.1 ([#73](https://github.com/containerd/imgcrypt/pull/73)) * [`2efa871`](https://github.com/containerd/imgcrypt/commit/2efa871163e1bae96d137356abf6cb4cb70b8a21) Bump github.com/containerd/containerd from 1.5.10 to 1.6.1 * images: prepare for typeurl.Any ([#72](https://github.com/containerd/imgcrypt/pull/72)) * [`f842da4`](https://github.com/containerd/imgcrypt/commit/f842da460337d2d54f7f48af3b7234bbc3cfaa4e) images: prepare for typeurl.Any * [`6fdd981`](https://github.com/containerd/imgcrypt/commit/6fdd9818a4d8142107b7ecd767d839c9707700d9) images: Add list of Platforms to CheckAuthorization() * [`f440058`](https://github.com/containerd/imgcrypt/commit/f4400580b658c1fcb3cacc52dfb6104ea3c3aa82) test: Test running of encrypted image only pulled for local platform * Bump ocicrypt to 1.1.3 ([#71](https://github.com/containerd/imgcrypt/pull/71)) * [`d4d4684`](https://github.com/containerd/imgcrypt/commit/d4d468487cecbd1ccf2f2eb1c05c8d3439471922) Bump ocicrypt to 1.1.3 * [`727850f`](https://github.com/containerd/imgcrypt/commit/727850ffb1438cf9dd6a46c7ad4ec162984f7bb2) Bump github.com/containerd/containerd from 1.5.9 to 1.5.10 * Bump github.com/containerd/containerd from 1.5.8 to 1.5.9 ([#67](https://github.com/containerd/imgcrypt/pull/67)) * [`3c7db10`](https://github.com/containerd/imgcrypt/commit/3c7db10f6482b7771f14b7503ae69164f3fe793d) Bump github.com/containerd/containerd from 1.5.8 to 1.5.9 </p> </details> ### Dependency Changes * **github.com/containerd/go-cni** v1.1.3 -> v1.1.4 * **github.com/containerd/imgcrypt** v1.1.3 -> v1.1.4 * **github.com/containernetworking/plugins** v1.0.1 -> v1.1.1 * **github.com/containers/ocicrypt** v1.1.2 -> v1.1.3 * **github.com/miekg/pkcs11** v1.0.3 -> v1.1.1 * **github.com/opencontainers/image-spec** 693428a734f5 -> c5a74bcca799 * **github.com/opencontainers/runc** v1.1.0 -> v1.1.1 * **github.com/prometheus/client_golang** v1.11.0 -> v1.11.1 Previous release can be found at [v1.6.2](https://github.com/containerd/containerd/releases/tag/v1.6.2)
f830866
2022-04-26 07:28
下载
v1.6.2
containerd 1.6.2 Welcome to the v1.6.2 release of containerd! The second patch release for containerd 1.6 includes a fix for [CVE-2022-24769](https://github.com/containerd/containerd/security/advisories/GHSA-c9cp-9c75-9v8c). ### Notable Updates * **Fix the inheritable capability defaults** ([GHSA-c9cp-9c75-9v8c](https://github.com/containerd/containerd/security/advisories/GHSA-c9cp-9c75-9v8c)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Kazuyoshi Kato * Sebastiaan van Stijn * Akihiro Suda * Andrew G. Morgan * Phil Estes * Shengjing Zhu * Wei Fu ### Changes <details><summary>17 commits</summary> <p> * Prepare release notes for v1.6.2 ([#6725](https://github.com/containerd/containerd/pull/6725)) * Prepare release notes for v1.6.2 * Add static checks to shim for Windows * [release/1.6] update go.mod go version ([#6724](https://github.com/containerd/containerd/pull/6724)) * Update go.mod go version * [release/1.6] remove empty go mod to allow building for go 1.18 ([#6717](https://github.com/containerd/containerd/pull/6717)) * [release/1.6] remove empty go mod to allow building for go 1.18 * Github Security Advisory [GHSA-c9cp-9c75-9v8c](https://github.com/containerd/containerd/security/advisories/GHSA-c9cp-9c75-9v8c) * Fix the Inheritable capability defaults. * [release/1.6] cherry-pick: Update TestNormalize to only test Windows ([#6673](https://github.com/containerd/containerd/pull/6673)) * Update TestNormalize to only test Windows * [release/1.6] cherry-pick: Upgrade golangci-lint and its GitHub Action ([#6675](https://github.com/containerd/containerd/pull/6675)) * Upgrade golangci-lint and its GitHub Action * [release/1.6] cri: relax test for system without hugetlb ([#6623](https://github.com/containerd/containerd/pull/6623)) * cri: relax test for system without hugetlb * [release/1.6] update to go 1.16.15, 1.17.8 to address CVE-2022-24921 ([#6620](https://github.com/containerd/containerd/pull/6620)) * update to go 1.16.15, 1.17.8 to address CVE-2022-24921 </p> </details> ### Dependency Changes This release has no dependency changes Previous release can be found at [v1.6.1](https://github.com/containerd/containerd/releases/tag/v1.6.1)
de8046a
2022-03-24 10:25
下载
v1.5.11
containerd 1.5.11 Welcome to the v1.5.11 release of containerd! The eleventh patch release for containerd 1.5 includes a fix for [CVE-2022-24769](https://github.com/containerd/containerd/security/advisories/GHSA-c9cp-9c75-9v8c). ### Notable Updates * **Fix the inheritable capability defaults** ([GHSA-c9cp-9c75-9v8c](https://github.com/containerd/containerd/security/advisories/GHSA-c9cp-9c75-9v8c)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Sebastiaan van Stijn * Akihiro Suda * Andrew G. Morgan * Daniel Canter * Kazuyoshi Kato * Phil Estes ### Changes <details><summary>18 commits</summary> <p> * Prepare release notes for v1.5.11 ([#6723](https://github.com/containerd/containerd/pull/6723)) * Prepare release notes for v1.5.11 * [release/1.5] Upgrade Go to 1.17 and golangci-lint ([#6719](https://github.com/containerd/containerd/pull/6719)) * Update go version to 1.17 * Update linter errors * Run gofmt * Upgrade golangci-lint and its GitHub Action * [release/1.5] fix critools installation ([#6718](https://github.com/containerd/containerd/pull/6718)) * Update get to install for cri tools * [release/1.5] remove empty go mod to allow building for go 1.18 ([#6716](https://github.com/containerd/containerd/pull/6716)) * install-dev-tools: use go install, and pin by version * [release/1.5] remove empty go mod to allow building for go 1.18 * Github Security Advisory [GHSA-c9cp-9c75-9v8c](https://github.com/containerd/containerd/security/advisories/GHSA-c9cp-9c75-9v8c) * Fix the Inheritable capability defaults. * [release/1.5] update to go 1.16.15 to address CVE-2022-24921 ([#6621](https://github.com/containerd/containerd/pull/6621)) * [release/1.5] update to go 1.16.15 to address CVE-2022-24921 * [release/1.5] go.mod: Bump hcsshim to v0.8.24 ([#6588](https://github.com/containerd/containerd/pull/6588)) * go.mod: Bump hcsshim to v0.8.24 </p> </details> ### Dependency Changes * **github.com/Microsoft/hcsshim** v0.8.23 -> v0.8.24 Previous release can be found at [v1.5.10](https://github.com/containerd/containerd/releases/tag/v1.5.10)
3df54a8
2022-03-24 08:09
下载
v1.6.1
containerd 1.6.1 Welcome to the v1.6.1 release of containerd! The first patch release for containerd 1.6 includes a fix for [CVE-2022-23648](https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7) and other issues. ### Notable Updates * **Use fs.RootPath when mounting volumes** ([GHSA-crp2-qrr5-8pq7](https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7)) * **Return init pid when clean dead shim in runc.v1/v2 shims** ([#6572](https://github.com/containerd/containerd/pull/6572)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Jeff Zvier * Maksym Pavlenko * Wei Fu * ruiwen-zhao ### Changes <details><summary>7 commits</summary> <p> * [release/1.6] Prepare release notes for v1.6.1 ([#6607](https://github.com/containerd/containerd/pull/6607)) * Prepare release notes for v1.6.1 * Github Security Advisory [GHSA-crp2-qrr5-8pq7](https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7) * Use fs.RootPath when mounting volumes * [release/1.6] runc.v1/v2: return init pid when clean dead shim ([#6572](https://github.com/containerd/containerd/pull/6572)) * containerd-shim-runc-v1: return init pid when clean dead shim * containerd-shim-runc-v2: return init pid when clean dead shim </p> </details> ### Dependency Changes This release has no dependency changes Previous release can be found at [v1.6.0](https://github.com/containerd/containerd/releases/tag/v1.6.0)
10f428d
2022-03-03 02:52
下载
v1.5.10
containerd 1.5.10 Welcome to the v1.5.10 release of containerd! The tenth patch release for containerd 1.5 includes a fix for [CVE-2022-23648](https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7) and other issues. ### Notable Updates * **Use fs.RootPath when mounting volumes** ([GHSA-crp2-qrr5-8pq7](https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7)) * **Return init pid when clean dead shim in runc.v1/v2 shims** ([#6570](https://github.com/containerd/containerd/pull/6570)) * **Handle sigint/sigterm in shimv2** ([#6509](https://github.com/containerd/containerd/pull/6509)) * **Use readonly mount to read user/group info** ([#6503](https://github.com/containerd/containerd/pull/6503)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Wei Fu * Sebastiaan van Stijn * Phil Estes * Alexander Minbaev * Brian Goff * Daniel Canter * David Porter * Kazuyoshi Kato * Maksym Pavlenko * ruiwen-zhao ### Changes <details><summary>22 commits</summary> <p> * [release/1.5] Prepare release notes for v1.5.10 ([#6606](https://github.com/containerd/containerd/pull/6606)) * Prepare release notes for v1.5.10 * Github Security Advisory [GHSA-crp2-qrr5-8pq7](https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7) * Use fs.RootPath when mounting volumes * [release/1.5] runc.v1/v2: return init pid when clean dead shim ([#6570](https://github.com/containerd/containerd/pull/6570)) * runc.v1/v2: return init pid when clean dead shim * [release/1.5] Update Go to 1.16.14 ([#6556](https://github.com/containerd/containerd/pull/6556)) * [release/1.5] Update Go to 1.16.14 * Wait for containerd installation in GCE scripts [1.5 backport] ([#6552](https://github.com/containerd/containerd/pull/6552)) * Wait for containerd installation in GCE scripts * [release/1.5] shimv2: handle sigint/sigterm ([#6509](https://github.com/containerd/containerd/pull/6509)) * shimv2: handle sigint/sigterm * [release/1.5] Update Go to 1.16.13 ([#6526](https://github.com/containerd/containerd/pull/6526)) * [release/1.5] Update Go to 1.16.13 * [release/1.5 backport] GHA fixes, update GolangCI-Lint v1.42.0, and go-mdman v2.0.1 ([#6511](https://github.com/containerd/containerd/pull/6511)) * script: update golangci-lint from v1.38.0 and v1.36.0 to v1.42.0 * Fix Linux CI Linter using go 1.15.14 * Update cpuguy83/go-md2man binary to v2.0.1 * [release/1.5] oci: use readonly mount to read user/group info ([#6503](https://github.com/containerd/containerd/pull/6503)) * oci: use readonly mount to read user/group info * [release/1.5] add-list-stat: return container list if filter is nil ([#6466](https://github.com/containerd/containerd/pull/6466)) * add-list-stat: return container list if filter is nil </p> </details> ### Dependency Changes This release has no dependency changes Previous release can be found at [v1.5.9](https://github.com/containerd/containerd/releases/tag/v1.5.9)
2a1d4db
2022-03-03 02:35
下载
v1.4.13
containerd 1.4.13 Welcome to the v1.4.13 release of containerd! The thirteenth patch release for containerd 1.4 is a security release to address [CVE-2022-23648](https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7). ### Notable Updates * **Use fs.RootPath when mounting volumes** ([GHSA-crp2-qrr5-8pq7](https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Sebastiaan van Stijn * Phil Estes * Akihiro Suda * David Porter * Kazuyoshi Kato * Michael Crosby ### Changes <details><summary>17 commits</summary> <p> * Github Security Advisory [GHSA-crp2-qrr5-8pq7](https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7) * Prepare release notes for v1.4.13 * Use fs.RootPath when mounting volumes * [release/1.4] backport: Wait for containerd installation in GCE scripts ([#6553](https://github.com/containerd/containerd/pull/6553)) * Wait for containerd installation in GCE scripts * [release/1.4] Update Go to 1.16.14 ([#6527](https://github.com/containerd/containerd/pull/6527)) * Do not use `go get` to install executables * [release/1.4] update Go to 1.16.14 * [release/1.4] Update Go to 1.16.13 * [release/1.4] vendor: github.com/opencontainers/image-spec v1.0.2 ([#6265](https://github.com/containerd/containerd/pull/6265)) * [release/1.4] vendor: github.com/opencontainers/image-spec v1.0.2 * [release/1.4] Update Go to 1.16.12 ([#6368](https://github.com/containerd/containerd/pull/6368)) * [release/1.4] Update Go to 1.16.12 * [release/1.4] update runc binary to v1.0.3 ([#6344](https://github.com/containerd/containerd/pull/6344)) * update runc binary to v1.0.3 * [release/1.4] Update Go to 1.16.11 ([#6335](https://github.com/containerd/containerd/pull/6335)) * [release/1.4] Update Go to 1.16.11 </p> </details> ### Changes from containerd/cri <details><summary>4 commits</summary> <p> * [release/1.4] Use fs.RootPath when mounting volumes ([#1655](https://github.com/containerd/cri/pull/1655)) * Use fs.RootPath when mounting volumes * [release/1.4] update Go 1.15.14 (to match containerd) ([#1645](https://github.com/containerd/cri/pull/1645)) * [release/1.4] update Go 1.15.14 (to match containerd) </p> </details> ### Dependency Changes * **github.com/containerd/cri** 3b02bec16031 -> 8f1a8a1fb9eb * **github.com/opencontainers/image-spec** v1.0.1 -> v1.0.2 Previous release can be found at [v1.4.12](https://github.com/containerd/containerd/releases/tag/v1.4.12)
9cc6152
2022-03-03 02:03
下载
v1.6.0
containerd 1.6.0 Welcome to the v1.6.0 release of containerd! The seventh major release of containerd includes many improvements and added support to increase overall compatibility and stability. ### Highlights #### Runtime * **Add runtime label to metrics** ([#5744](https://github.com/containerd/containerd/pull/5744)) * **Cleanup task delete logic in v2 shim** ([#5813](https://github.com/containerd/containerd/pull/5813)) * **Add support for shim plugins** ([#5817](https://github.com/containerd/containerd/pull/5817)) * **Handle sigint and sigterm in shimv2** ([#5828](https://github.com/containerd/containerd/pull/5828)) * **Decouple shim and task manager** ([#5918](https://github.com/containerd/containerd/pull/5918)) * **Add runc shim support for core scheduling** ([#6011](https://github.com/containerd/containerd/pull/6011)) * **Update shim client connect attempt to fail fast when shim errors** ([#6031](https://github.com/containerd/containerd/pull/6031)) * **Add support for absolute path to shim binaries** ([#6206](https://github.com/containerd/containerd/pull/6206)) * **Update runc to v1.1.0** ([#6375](https://github.com/containerd/containerd/pull/6375)) #### Windows * **Add support for Windows HostProcess containers** ([#5131](https://github.com/containerd/containerd/pull/5131)) * **Add support for Windows resource limits** ([#5778](https://github.com/containerd/containerd/pull/5778)) #### CRI * **Add CNI configuration based on runtime class** ([#4695](https://github.com/containerd/containerd/pull/4695)) * **Add support for Intel RDT** ([#5439](https://github.com/containerd/containerd/pull/5439)) * **Add support for CRI v1 and v1alpha in parallel** ([#5619](https://github.com/containerd/containerd/pull/5619)) * **Add support for unified resources field for cgroups v2** ([#5627](https://github.com/containerd/containerd/pull/5627)) * **Add IP preference configuration for reporting pod IP** ([#5964](https://github.com/containerd/containerd/pull/5964)) * **Implement new CRI pod sandbox stats API** ([#6113](https://github.com/containerd/containerd/pull/6113)) * **Add sandbox and container latency metrics** ([#6111](https://github.com/containerd/containerd/pull/6111)) * **Add namespace to ttrpc and grpc plugin connections** ([#6130](https://github.com/containerd/containerd/pull/6130)) * **Add option to allow ping sockets and privileged ports with no capabilities** ([#6170](https://github.com/containerd/containerd/pull/6170)) * **Add support for configuring swap** ([#6320](https://github.com/containerd/containerd/pull/6320)) #### Other * **Add support for client TLS Auth for grpc** ([#5606](https://github.com/containerd/containerd/pull/5606)) * **Add xfs support for devicemapper snapshotter** ([#5610](https://github.com/containerd/containerd/pull/5610)) * **Add metric exposing build version and revision** ([#5965](https://github.com/containerd/containerd/pull/5965)) * **Add support for custom fs options in devmapper snapshotter** ([#6122](https://github.com/containerd/containerd/pull/6122)) * **Update introspection service to show GRPC plugins** ([#6432](https://github.com/containerd/containerd/pull/6432)) #### Client * **Allow WithServices to use custom implementations** ([#5709](https://github.com/containerd/containerd/pull/5709)) * **Support custom compressor for walking differ** ([#5735](https://github.com/containerd/containerd/pull/5735)) ### Release Updates #### containerd/CNI/runc/critools tar bundle The tar bundles released as `cri-containerd-*.tar.gz` contain a build of runc linked with a newer version of libseccomp. This dynamically-linked build of runc was built on Ubuntu 18.04 and will not work on some other distributions, such as RHEL 7 and Debian 10. Users of such distributions may get a statically-linked runc binary from https://github.com/opencontainers/runc/releases or build runc for their own environment. > **_Deprecation_** These tar bundles are now deprecated and will be removed or > replaced in containerd 2.0. Projects relying on these tar bundles should use > the `containerd-*.tar.gz` bundles or work with the containerd community on a > suitable replacement in containerd 2.0. See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Phil Estes * Akihiro Suda * Wei Fu * Maksym Pavlenko * Sebastiaan van Stijn * Michael Crosby * Kazuyoshi Kato * Mike Brown * Claudiu Belu * Daniel Canter * Gabriel Adrian Samfira * haoyun * Brian Goff * Stefan Berger * zounengren * AdamKorcz * Adelina Tuvenie * Kohei Tokunaga * Davanum Srinivas * Nashwan Azhari * Samuel Karp * Shiming Zhang * Markus Lehtonen * Enrico Weigelt, metux IT consult * Alakesh Haloi * Hajime Tazaki * Iceber Gu * Kevin Parsons * Aditi Sharma * David Porter * Jeremi Piotrowski * Gijs Peskens * ningmingxiao * Brandon Lum * Cody Roseborough * Danielle Lancashire * Eric Ernst * Jacob MacElroy * Tõnis Tiigi * dependabot[bot] * wanglei * Alexandre Peixoto Ferreira * Fabiano Fidêncio * Furkan Türkal * Jiaming Xu * Kir Kolyshkin * Miao Wang * Neil Johnson * Paul "TBBle" Hampson * Priyanka Saggu * Romain Aviolat * Samuel Ortiz * Sunghoon Kang * Takumasa Sakao * Tobias Klauser * Zhiyu Li * ye.sijun * Alexander Minbaev * Alexey Ivanov * Andrey Smirnov * Artem Khramov * Aurelien Lun-Sin * Ben Hutchings * Cory Bennett * Da McGrady * Dan Williams * Eng Zer Jun * Ethan Chen * Fupan Li * Gaurav Gahlot * Gunju Kim * Henry Wang * Jacob Blain Christen * James Gordon * James Sturtevant * Jan Klippel * Jayme Howard * Jiajun Jiang * Jintao Zhang * Justin Terry * Kaijie Chen * Kante * Kern Walster * Kitt Hsu * Lantao Liu * Ma Xinjian * Manabu Sugimoto * Manuel Alejandro de Brito Fontes * Mark Rossetti * Markus Lippert * Mete Durlu * Michael Zappa * Mikko Ylinen * Ng Yang * Nicolas Chariglione * Ning Li * Olli Janatuinen * Peri Thompson * Quan Tian * Radostin Stoyanov * Rui Lopes * Sambhav Kothari * Sebastian Hasler * Sergey Kanzhelev * Shuntaro Azuma * Sören Tempel * Yang Yang * Yifan Yuan * Zilong Wang * Zufar Dhiyaulhaq * botieking98 * chenxiaoyu * jayonlau * jerryzhuang * linrunlong * scuzhanglei * wangzhan * Étienne Guesnet ### Changes <details><summary>1059 commits</summary> <p> * Prepare release notes for v1.6.0 ([#6531](https://github.com/containerd/containerd/pull/6531)) * Prepare release notes for v1.6.0 * Update Go to 1.16.14, 1.17.7 ([#6555](https://github.com/containerd/containerd/pull/6555)) * Update Go to 1.16.14, 1.17.7 * Change the context to avoid misunderstandings in architecture.md. ([#6533](https://github.com/containerd/containerd/pull/6533)) * Change the context to avoid misunderstandings * Update go-cni to v1.1.3 ([#6543](https://github.com/containerd/containerd/pull/6543)) * Update go-cni to v1.1.3 * Update go-cni to v1.1.2 * Wait for containerd installation in GCE scripts ([#6544](https://github.com/containerd/containerd/pull/6544)) * Wait for containerd installation in GCE scripts * Enable TestContainerPTY and TestContainerUsername ([#6540](https://github.com/containerd/containerd/pull/6540)) * Enable TestContainerPTY and TestContainerUsername * Update BUILDING.md ([#6500](https://github.com/containerd/containerd/pull/6500)) * Add instructions on using go with admin perms * Prepare release notes for v1.6.0-rc.4 ([#6537](https://github.com/containerd/containerd/pull/6537)) * Prepare release notes for v1.6.0-rc.4 * Change file name for shim binary path ([#6536](https://github.com/containerd/containerd/pull/6536)) * Change file name for shim binary path * containerd-stress: introduce option for specifying image ([#6532](https://github.com/containerd/containerd/pull/6532)) * containerd-stress: introduce option for specifying image * Prepare release notes for v1.6.0-rc.3 ([#6524](https://github.com/containerd/containerd/pull/6524)) * Prepare release notes for v1.6.0-rc.3 * Use white logo in github dark mode ([#6529](https://github.com/containerd/containerd/pull/6529)) * Use white logo in github dark mode * cri: fix handling of ignore_rdt_not_enabled_errors config option ([#6514](https://github.com/containerd/containerd/pull/6514)) * cri: fix handling of ignore_rdt_not_enabled_errors config option * pkg/oom/v2: handle EventChan routine shutdown quietly ([#6504](https://github.com/containerd/containerd/pull/6504)) * pkg/oom/v2: handle EventChan routine shutdown quietly * fix: .dockerignore make git working tree dirty ([#6523](https://github.com/containerd/containerd/pull/6523)) * fix: .dockerignore makes git working tree dirty * containerd-stress: start task ctr before starting execs ([#6518](https://github.com/containerd/containerd/pull/6518)) * containerd-stress: start task ctr before starting execs * Document fs_type and fs_options in snapshots/devmapper/README.md ([#6501](https://github.com/containerd/containerd/pull/6501)) * Document fs_type and fs_options in snapshots/devmapper/README.md * docs: add Talos Linux to the list of adopters ([#6510](https://github.com/containerd/containerd/pull/6510)) * docs: add Talos Linux to the list of adopters * Prepare 1.6.0-rc.2 ([#6502](https://github.com/containerd/containerd/pull/6502)) * Prepare release notes for v1.6.0-rc.2 * Update releases document * platforms.Normalize(): do not reset OSVersion and OSFeatures ([#6497](https://github.com/containerd/containerd/pull/6497)) * platforms.Normalize(): do not reset OSVersion and OSFeatures * tracing: use OTLP/HTTP in addition to OTLP/gRPC ([#6457](https://github.com/containerd/containerd/pull/6457)) * tracing: return (ctx, span) from StartSpan * tracing: support OTLP/HTTP in addition to gRPC * Update cgroups to v1.0.3 ([#6498](https://github.com/containerd/containerd/pull/6498)) * Update cgroups to v1.0.3 * seccomp: kernel 5.11 -> 5.16 ([#6494](https://github.com/containerd/containerd/pull/6494)) * seccomp: kernel 5.16 (futex_waitv) * seccomp: kernel 5.15 (process_mrelease) * seccomp: kernel 5.14 (quotactl_fd, memfd_secret) * seccomp: kernel 5.13 (landlock_{add_rule,create_ruleset,restrict_self}) * seccomp: kernel 5.12 (mount_setattr) * remotes: fix dockerPusher to handle abort correctly ([#6243](https://github.com/containerd/containerd/pull/6243)) * remotes: fix dockerPusher to handle abort correctly * seccomp: add support for "swapcontext" syscall in default policy ([#6411](https://github.com/containerd/containerd/pull/6411)) * seccomp: add support for "swapcontext" syscall in default policy * oci: use readonly mount to read user/group info ([#6478](https://github.com/containerd/containerd/pull/6478)) * oci: use readonly mount to read user/group info * Fix possibly incorrect media type default on import ([#6475](https://github.com/containerd/containerd/pull/6475)) * Fix possibly incorrect media type default on import * shimv2: handle sigint/sigterm ([#5828](https://github.com/containerd/containerd/pull/5828)) * shimv2: handle sigint/sigterm * Fix acr fetch token 400 ([#6481](https://github.com/containerd/containerd/pull/6481)) * fix acr fetch token 400 * platforms: add support for matching amd64 variants ([#6455](https://github.com/containerd/containerd/pull/6455)) * platforms: add support for matching amd64 variants * Fix windows periodic workflow ([#6476](https://github.com/containerd/containerd/pull/6476)) * Fix windows periodic workflow * docs: add doc-comments on GC-related methods ([#6473](https://github.com/containerd/containerd/pull/6473)) * docs: add doc-comments on GC-related methods * fix: should not send 137 code event if cmd is notfound ([#6465](https://github.com/containerd/containerd/pull/6465)) * fix: should not send 137 code event if cmd is notfound * Fix empty scopes return ([#6463](https://github.com/containerd/containerd/pull/6463)) * fix empty scopes return * Prepare release notes for v1.6.0-rc.1 ([#6462](https://github.com/containerd/containerd/pull/6462)) * Prepare release notes for v1.6.0-rc.1 * Add support for skipping non-dist blob push ([#6424](https://github.com/containerd/containerd/pull/6424)) * ctr: flag to toggle non-distributable blob push * Add image handler to skip non-distributable blobs. * Compile binaries for go1.16 and go1.17 in CI ([#6461](https://github.com/containerd/containerd/pull/6461)) * Compile binaries for go1.16 and go1.17 in CI * services/introspection: fix plugin caching to show grpc plugins ([#6432](https://github.com/containerd/containerd/pull/6432)) * Update caching logic to avoid map access * services/introspection: support to show introspection grpc service * Integration: Change to Windows Server 2022 build number constant ([#6458](https://github.com/containerd/containerd/pull/6458)) * Integration: Change to Windows Server 2022 build number constant * Update kubernetes vendor to 0.22.5 ([#6460](https://github.com/containerd/containerd/pull/6460)) * Update kubernetes vendor to 0.22.5 * Fix rdt build tags for go 1.16 ([#6459](https://github.com/containerd/containerd/pull/6459)) * Fix rdt build tags for go 1.16 * Remove submodule go mod ([#6439](https://github.com/containerd/containerd/pull/6439)) * Remove api go submodule * Update makefile to remove API submodule * go.mod: Update hcsshim to v0.9.2 ([#6453](https://github.com/containerd/containerd/pull/6453)) * go.mod: Update hcsshim to v0.9.2 * update runc to v1.1.0 ([#6375](https://github.com/containerd/containerd/pull/6375)) * go.mod: github.com/opencontainers/runc v1.1.0 * update runc binary to v1.1.0 * tracing: fix OTLP tracer's initialization ([#6443](https://github.com/containerd/containerd/pull/6443)) * tracing: fix OTLP tracer's initialization * gha: run CodeQL scan on pull requests ([#6386](https://github.com/containerd/containerd/pull/6386)) * gha: run CodeQL scan on pull requests * Do not automatically inject client traces ([#6445](https://github.com/containerd/containerd/pull/6445)) * Do not automatically inject client traces * [containerd-stress] delete useless code ([#6451](https://github.com/containerd/containerd/pull/6451)) * delete useless code * Revert "Add shared content label to namespaces" ([#6440](https://github.com/containerd/containerd/pull/6440)) * Revert "Add shared content label to namespaces" * Add ppc64 support for test images ([#6435](https://github.com/containerd/containerd/pull/6435)) * Add ppc64 support for test images * ctr: Unify the delete subcommand alias ([#6427](https://github.com/containerd/containerd/pull/6427)) * ctr: Unify the delete subcommand alias * Prepare release notes for v1.6.0-rc.0 ([#6431](https://github.com/containerd/containerd/pull/6431)) * Prepare release notes for v1.6.0-rc.0 * Integration: Switch to using `auth` Gcloud action in Windows workflow. ([#6397](https://github.com/containerd/containerd/pull/6397)) * Integration: Switch to `upload-cloud-storage` Gcloud action. * Integration: Switch to using `auth` Gcloud action in Windows workflow. * remove io/ioutil ([#6426](https://github.com/containerd/containerd/pull/6426)) * remove io/ioutil * test: e2e node COS cgroupv2 script ([#6418](https://github.com/containerd/containerd/pull/6418)) * test: e2e node COS cgroupv2 script * Integration: Enable CRITest on Windows 2022. ([#6378](https://github.com/containerd/containerd/pull/6378)) * Enable critest tests on Windows Server 2022. * Parametrize CRITest test images in Windows Periodic workflow. * Update error message for apparmor parser ([#6415](https://github.com/containerd/containerd/pull/6415)) * Update error message for apparmor parser * Fix wrong log message ([#6419](https://github.com/containerd/containerd/pull/6419)) * Fix wrong log message * Followup errors change ([#6414](https://github.com/containerd/containerd/pull/6414)) * Fix incorrect error wrapped when closing ingest file * Fix seek error used without nil check * Fix followup items from errors replacement * Updates CRI API & Kubernetes to 1.23 ([#6351](https://github.com/containerd/containerd/pull/6351)) * Update k/k to 1.23.0 * Updating adoption of containerd for AKS ([#6416](https://github.com/containerd/containerd/pull/6416)) * Updating adoption of containerd for AKS * update the adoption status of containerd in GKE ([#6413](https://github.com/containerd/containerd/pull/6413)) * update the adoption status of containerd in GKE * go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt} ([#6410](https://github.com/containerd/containerd/pull/6410)) * go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt} * replace github.com/pkg/errors with native errors ([#6366](https://github.com/containerd/containerd/pull/6366)) * feat: replace github.com/pkg/errors to errors * corrected link in cri architecture documentation ([#6412](https://github.com/containerd/containerd/pull/6412)) * corrected link in cri architecture documentation * remotes/docker: allow fetching "refresh token" (aka "identity token", "offline token") ([#6396](https://github.com/containerd/containerd/pull/6396)) * remotes/docker: allow fetching "refresh token" (aka "identity token") * remotes/docker/config: allow setting custom AuthorizerOpts * Prepare release notes for v1.6.0-beta.5 ([#6407](https://github.com/containerd/containerd/pull/6407)) * Prepare release notes for v1.6.0-beta.5 * Integration: Check GCP secrets on Windows CI artifact upload. ([#6292](https://github.com/containerd/containerd/pull/6292)) * Integration: Check GCP secrets on Windows CI artifact upload. * Github Security Advisory [GHSA-mvff-h3cj-wj9c](https://github.com/containerd/containerd/security/advisories/GHSA-mvff-h3cj-wj9c) * only relabel cri managed host mounts * Add support for Intel RDT ([#5439](https://github.com/containerd/containerd/pull/5439)) * cri: add ignore_rdt_not_enabled_errors config option * Update dependencies * cri: annotations for controlling RDT class * tasks: add Linux rdt support * cmd: add --rdt-class command line option * oci: implement WithRdt * fix: use _ for consistency ([#6391](https://github.com/containerd/containerd/pull/6391)) * fix: use _ for consistency * content/local: use syscall.Timespec.Unix ([#6403](https://github.com/containerd/containerd/pull/6403)) * content/local: use syscall.Timespec.Unix * docs: improve plugin documentation ([#6207](https://github.com/containerd/containerd/pull/6207)) * docs: document the runtime shim plugin config options * docs: use proper markdown lists in containerd-config.toml.5.md * fix(ctr): enable networking for Windows containers ([#6304](https://github.com/containerd/containerd/pull/6304)) * fix(ctr): enable networking for Windows containers * Fix $(PWD) issue for Windows makefile ([#6394](https://github.com/containerd/containerd/pull/6394)) * Fix $(PWD) issue for Windows makefile * only test abstract uds on linux ([#6395](https://github.com/containerd/containerd/pull/6395)) * fix: only test abstract unix socket on linux * Fix restart container test ([#6390](https://github.com/containerd/containerd/pull/6390)) * Expect ErrorNotFound on Windows after Kill() * Replace tskill with taskkill * fix when kernel version < 4.13rc1 by using index=off cause test error ([#6291](https://github.com/containerd/containerd/pull/6291)) * fix when kernel version < 4.13rc1 by using index=off cause overlay test error * Fix no-daemon flag for integration/client tests ([#6384](https://github.com/containerd/containerd/pull/6384)) * Fix no-daemon flag for integration/client tests * Enable lazy init for ext4 with devicemapper ([#6122](https://github.com/containerd/containerd/pull/6122)) * Enable lazy init for ext4 with devicemapper * Fix flakiness on Windows for list stats ([#6385](https://github.com/containerd/containerd/pull/6385)) * Fix flakiness on Windows for list stats * cri-integration: Add Windows defaults and fix spaces issue ([#6347](https://github.com/containerd/containerd/pull/6347)) * cri-integration: Add Windows default paths * Upgrade OpenTelemetry dependencies ([#6383](https://github.com/containerd/containerd/pull/6383)) * Upgrade k8s.io/klog/v2 from 2.9.0 to 2.20.0 * Use insecure.NewCredentials instead of grpc.WithInsecure * Upgrade OpenTelemetry dependencies * Fix default makefile target for windows ([#6322](https://github.com/containerd/containerd/pull/6322)) * Fix default makefile target for windows * Disable TestContainerHook on Windows ([#6379](https://github.com/containerd/containerd/pull/6379)) * Disable TestContainerHook on Windows * seutil: Fix setting the "container_kvm_t" label ([#6372](https://github.com/containerd/containerd/pull/6372)) * seutil: Fix setting the "container_kvm_t" label * Remove Windows integration testing for 2004. ([#6350](https://github.com/containerd/containerd/pull/6350)) * Remove Windows integration testing for 2004. * OCI: Mount (accessible) host devices in privileged rootless containers ([#6308](https://github.com/containerd/containerd/pull/6308)) * OCI: Mount (accessible) host devices in privileged rootless containers * oci.getDevices(): move "non-dir, non '/dev/console'" case into switch * cri: add support for configuring swap ([#6320](https://github.com/containerd/containerd/pull/6320)) * fixup: check for swap accounting * fixup: handle diff between cgroupsv1 and v2 * cri: add support for configuring swap * Integration: Enable TestVolumeOwnership on Windows ([#6275](https://github.com/containerd/containerd/pull/6275)) * Replace find with native Go code * Enable TestVolumeOwnership on Windows * Prepare release notes for v1.6.0-beta.4 ([#6296](https://github.com/containerd/containerd/pull/6296)) * Prepare release notes for v1.6.0-beta.4 * refactor: functions for error log and error return ([#6358](https://github.com/containerd/containerd/pull/6358)) * feat: Errorf usage * Split apart runc shim into plugin components ([#6021](https://github.com/containerd/containerd/pull/6021)) * Use task plugin for runc shim * Seperate shim manager and task service * Split runc shim into plugin components * Add shutdown package * CRI update for sandbox sizing ([#6155](https://github.com/containerd/containerd/pull/6155)) * cri, sandbox: pass sandbox resource details if available, applicable * medatada: make namespaces' deletion error less cryptic ([#6354](https://github.com/containerd/containerd/pull/6354)) * medatada: make namespaces' deletion error less cryptic * ListContainerStats to return stats response if ContainerStatsFilter is nil ([#6373](https://github.com/containerd/containerd/pull/6373)) * add-list-stat: return container list if filter is nil * integration: deflake TestContainerdRestart ([#6369](https://github.com/containerd/containerd/pull/6369)) * integration: deflake TestContainerdRestart * feat: add timeout for bolt open ([#6225](https://github.com/containerd/containerd/pull/6225)) * feat: support custom timeout for blot open * Update Go to 1.17.5 ([#6333](https://github.com/containerd/containerd/pull/6333)) * Update Go to 1.17.5 * cri/server: use consistent alias for pkg/ioutil ([#6332](https://github.com/containerd/containerd/pull/6332)) * cri/server: use consistent alias for pkg/ioutil * Disable restart monitor test in Windows ([#6364](https://github.com/containerd/containerd/pull/6364)) * Disable restart monitor test in Windows * Don't fail-fast on Windows integration tests ([#6338](https://github.com/containerd/containerd/pull/6338)) * Don't fail-fast on Windows integration tests * Update restart monitor test to output daemon logs on failure ([#6355](https://github.com/containerd/containerd/pull/6355)) * Run windows parallel integration test as short * Update restart monitor test to output daemon logs on failure * go.mod: update image-spec to latest (v1.0.3-dev) ([#6263](https://github.com/containerd/containerd/pull/6263)) * images/converter: remove deprecated types * go.mod: update image-spec to latest (v1.0.3-dev) * Skip WithAdditionalGIDs on Darwin ([#6353](https://github.com/containerd/containerd/pull/6353)) * Skip WithAdditionalGIDs on Darwin * Use RFC3339 format on Windows periodic resource group creation so cleanup works ([#6303](https://github.com/containerd/containerd/pull/6303)) * Use RFC3339 format so rg cleanup works * update runc to v1.0.3 ([#6330](https://github.com/containerd/containerd/pull/6330)) * go.mod: github.com/opencontainers/runc v1.0.3 * update runc binary to v1.0.3 * Unblock native snapshotter on Darwin ([#6329](https://github.com/containerd/containerd/pull/6329)) * Allow native snapshotter on Darwin * Do not use `go get` to install executables ([#6328](https://github.com/containerd/containerd/pull/6328)) * Do not use `go get` to install executables * Include runtime v2 in default builtins ([#6326](https://github.com/containerd/containerd/pull/6326)) * Include runtime v2 in default builtins * Add Windows Server 2022 CI runs ([#6314](https://github.com/containerd/containerd/pull/6314)) * Add Windows Server 2022 CI runs * Set explicit ACL on test files ([#6324](https://github.com/containerd/containerd/pull/6324)) * Use a single RUN command * Set explicit ACL on test files * integration: align tags of test images ([#6311](https://github.com/containerd/containerd/pull/6311)) * integration: align tags of test images * Set CONTAINERD_ROOT in Windows cri-integration ([#6325](https://github.com/containerd/containerd/pull/6325)) * Set CONTAINERD_ROOT in Windows cri-integration * export oci.DeviceFromPath() ([#6312](https://github.com/containerd/containerd/pull/6312)) * export oci.DeviceFromPath() * Update volume test images ([#6321](https://github.com/containerd/containerd/pull/6321)) * Update continuity dependency * Update volume test images * Update TestRestartMonitor expected time check ([#6201](https://github.com/containerd/containerd/pull/6201)) * Add error logging on cleanup * Update TestRestartMonitor expected time check * Move test volume images from gcr to ghcr ([#6319](https://github.com/containerd/containerd/pull/6319)) * Move volume images from gcr to ghcr * Revert shim service plugin migration ([#6301](https://github.com/containerd/containerd/pull/6301)) * Revert shim plugin migration * Authenticate against ghcr.io ([#6317](https://github.com/containerd/containerd/pull/6317)) * Add permissions * Authenticate against ghcr.io * oci/deviceFromPath(): correctly check device types ([#6306](https://github.com/containerd/containerd/pull/6306)) * oci/deviceFromPath(): correctly check device types * Skip TestExportAndImportMultiLayer on Windows ([#6315](https://github.com/containerd/containerd/pull/6315)) * Skip TestExportAndImportMultiLayer on Windows * Integration: Add image build workflow ([#6290](https://github.com/containerd/containerd/pull/6290)) * Add image build workflow * Integration: Separate Windows Periodic Tests workflow trigger. ([#6286](https://github.com/containerd/containerd/pull/6286)) * Integration: Separate Windows Periodic Tests workflow trigger. * Build volume test images on Windows ([#6274](https://github.com/containerd/containerd/pull/6274)) * Build volume test images on Windows * Add VMware TKG & TCE to Containerd adopters ([#6297](https://github.com/containerd/containerd/pull/6297)) * Add VMware TKG & TCE to Containerd adopters * Vagrantfile: update to Fedora 35 ([#6293](https://github.com/containerd/containerd/pull/6293)) * Vagrantfile: update to Fedora 35 * Update README.md repo->org ([#6269](https://github.com/containerd/containerd/pull/6269)) * Update README.md repo->org * Fix executable file not found when restoring shims ([#6278](https://github.com/containerd/containerd/pull/6278)) * Fix executable file not found when restoring shims * ctr/snapshots/diff: show media-type in stderr ([#6271](https://github.com/containerd/containerd/pull/6271)) * ctr/snapshots/diff: don't show the media-type in output * ctr: Add Linux Capabilities control flags ([#6289](https://github.com/containerd/containerd/pull/6289)) * ctr: Add Linux Capabilities control flags * integration: add stats result in error message ([#6270](https://github.com/containerd/containerd/pull/6270)) * integration: add stats result in error message * releases: mark 1.4 as Extended ([#6287](https://github.com/containerd/containerd/pull/6287)) * docs: mark 1.4 as Extended * docs: fix RELEASES.md gRPC API anchor * feat: skip ci for fork ([#6284](https://github.com/containerd/containerd/pull/6284)) * feat: skip ci for fork * content/local: Close the file if Seek fails ([#6280](https://github.com/containerd/containerd/pull/6280)) * content/local: Close the file if Seek fails * Integration: Remove explicit version passing to `azure/CLI`. ([#6268](https://github.com/containerd/containerd/pull/6268)) * Integration: Remove explicit version passing to `azure/CLI`. * Fix wrong make target on documentation ([#6276](https://github.com/containerd/containerd/pull/6276)) * Fix wrong make target on documentation * fix: server error return ([#6272](https://github.com/containerd/containerd/pull/6272)) * fix: server error return * Prepare release notes for v1.6.0-beta.3 ([#6267](https://github.com/containerd/containerd/pull/6267)) * Prepare release notes for v1.6.0-beta.3 * Update API version in go.mod * Update release name to use consistent format * feat:support custom callopts on client side ([#6254](https://github.com/containerd/containerd/pull/6254)) * fix: make max recv/send msg size setting default * feat:support custom callopts on client side * [CRI] Fix panic when registry.mirrors use localhost ([#6258](https://github.com/containerd/containerd/pull/6258)) * [CRI] Fix panic when registry.mirrors use localhost * Add support for TMP override on toml ([#6241](https://github.com/containerd/containerd/pull/6241)) * Add support for TMP override on toml * CRI: Support enable_unprivileged_icmp and enable_unprivileged_ports options ([#6170](https://github.com/containerd/containerd/pull/6170)) * CRI: Support enable_unprivileged_icmp and enable_unprivileged_ports options * Github Security Advisory [GHSA-5j5w-g665-5m35](https://github.com/containerd/containerd/security/advisories/GHSA-5j5w-g665-5m35) * schema1: reject ambiguous documents * images: validate document type before unmarshal * [cri] add sandbox and container latency metrics ([#6111](https://github.com/containerd/containerd/pull/6111)) * [cri] add sandbox and container latency metrics * Integration: Generalize Windows CI setup scripts for any username. ([#6255](https://github.com/containerd/containerd/pull/6255)) * Generalize Windows CI setup script for any user. * Standardize cmdlet capitalization in Windows CI scripts. * feat: use rwmutex instead ([#6253](https://github.com/containerd/containerd/pull/6253)) * feat: use rwmutex instead * Allow absolute path to shim binaries ([#6206](https://github.com/containerd/containerd/pull/6206)) * Fix package alias * Support custom runtime path when launching tasks * Add runtime path in CreateTaskRequest * Close file if permission modification fails ([#6246](https://github.com/containerd/containerd/pull/6246)) * Close file if permission modification fails * release: change tar name to match prior releases ([#6250](https://github.com/containerd/containerd/pull/6250)) * release: change tar name to match prior releases * Fix wrong error returned for image index lookup ([#6237](https://github.com/containerd/containerd/pull/6237)) * Fix wrong error returned for image index lookup * Fix containerd fails to pull OCI image with non-`http(s)://` urls ([#6221](https://github.com/containerd/containerd/pull/6221)) * Fix containerd fails to pull OCI image with non-`http(s)://` urls * Prepare release notes for v1.6.0-beta.2 ([#6223](https://github.com/containerd/containerd/pull/6223)) * Prepare release notes for v1.6.0-beta.2 * Add arm64 to releases ([#6196](https://github.com/containerd/containerd/pull/6196)) * Rename release dockerfile to omit distro name * release: improve dockerfile * Add arm64 to releases * use write lock when updating container stats ([#6236](https://github.com/containerd/containerd/pull/6236)) * use write lock when updating container stats * go.mod: Bump hcsshim to v0.9.1 ([#6230](https://github.com/containerd/containerd/pull/6230)) * go.mod: Bump hcsshim to v0.9.1 * go.mod: Bump ttrpc to 1.1.0 ([#6228](https://github.com/containerd/containerd/pull/6228)) * go.mod: Bump ttrpc to 1.1.0 * go.mod: bump moby/sys/symlink v0.2.0, moby/sys/signal v0.6.0, moby/sys/mountinfo v0.5.0 ([#6213](https://github.com/containerd/containerd/pull/6213)) * go.mod: github.com/moby/sys/mountinfo v0.5.0 * go.mod: github.com/moby/sys/signal v0.6.0 * go.mod: github.com/moby/sys/symlink v0.2.0 * go.mod: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359 * cleanup: add more description on comment ([#6222](https://github.com/containerd/containerd/pull/6222)) * cleanup: add more description on comment * Update Go to 1.17.3 ([#6211](https://github.com/containerd/containerd/pull/6211)) * Update Go to 1.17.3 * CI: bump up crun: 1.0 -> 1.3 ([#6214](https://github.com/containerd/containerd/pull/6214)) * CI: bump up crun: 1.0 -> 1.3 * Pin az CLI version in windows-periodic workflow ([#6205](https://github.com/containerd/containerd/pull/6205)) * Pin az CLI version * Decouple task manager ([#5918](https://github.com/containerd/containerd/pull/5918)) * Address PR comments * Fix build after rebase * Migrate task directory * Expose shim process interface * Fix after rebase * Cleanup shim loading * Move shim restore to a separate file * Fix backward compatibility with old task shims * Add plugin dependency between shim and shim services * Rework task create and cleanup flow * Add task manager * Rename task manager to shim manager * [cri] Implement k8s 1.23 CRI Pod Sandbox and Container Stats ([#6113](https://github.com/containerd/containerd/pull/6113)) * Implement CRI container and pods stats * Vendor latest k8s.io/cri-api and netlink * test: Add grace period for restart monitor test ([#6200](https://github.com/containerd/containerd/pull/6200)) * test: Add grace period for restart monitor test * integration: Enables TestRuntimeHandler for Windows ([#6179](https://github.com/containerd/containerd/pull/6179)) * integration: Enables TestRuntimeHandler for Windows * Add mkdir on Dockerfile ([#6171](https://github.com/containerd/containerd/pull/6171)) * Add mkdir on Dockerfile * sys/reaper: avoid leaky goroutine when exec timeout ([#6189](https://github.com/containerd/containerd/pull/6189)) * sys/reaper: avoid leaky goroutine when exec timeout * adds additional debug out to timebox cni setup ([#6184](https://github.com/containerd/containerd/pull/6184)) * adds additional debug out to timebox cni setup * converter: Allow hooks during image conversion ([#6176](https://github.com/containerd/containerd/pull/6176)) * converter: Allow hooks during image conversion * compression: support zstd with skippable frame ([#6177](https://github.com/containerd/containerd/pull/6177)) * compression: support zstd with skippable frame * integration: Enables TestVolumeCopyUp for Windows ([#6182](https://github.com/containerd/containerd/pull/6182)) * integration: Enables TestVolumeCopyUp for Windows * integration: Enable some tests for Windows (part 2) ([#6121](https://github.com/containerd/containerd/pull/6121)) * integration: Enable some tests for Windows (part 2) * integration: Enable some tests for Windows ([#6085](https://github.com/containerd/containerd/pull/6085)) * integration: Enable some tests for Windows * Update doc to version 2 syntax ([#6125](https://github.com/containerd/containerd/pull/6125)) * feat(doc): update to version 2 syntax * fix shim reaper wait command execute blocked ([#6166](https://github.com/containerd/containerd/pull/6166)) * fix shim reaper wait command execute blocked * content: close stream after commit request ([#6145](https://github.com/containerd/containerd/pull/6145)) * content: close stream after commit request * Generating token options with each scope as a separate string. ([#6165](https://github.com/containerd/containerd/pull/6165)) * Adding scope tests for ParseAuthHeader * Adding tests for GenerateTokenOptions * Generate token options with each scope as a separate string. * vendor: Updates go-cni ([#6167](https://github.com/containerd/containerd/pull/6167)) * vendor: Updates go-cni * commands: Enables task metrics for Windows ([#6159](https://github.com/containerd/containerd/pull/6159)) * commands: Enables task metrics for Windows * vendor: update moby/sys for darwin support ([#6149](https://github.com/containerd/containerd/pull/6149)) * vendor: update moby/sys for darwin support * Prepare v1.6.0-beta.1 ([#6144](https://github.com/containerd/containerd/pull/6144)) * Prepare release notes for v1.6.0-beta.1 * Update mailmap * Update api vendor * bump cni to spec v1.0.0 ([#6136](https://github.com/containerd/containerd/pull/6136)) * bump CNI to spec v1.0.0 * Inject otel traces to grpc client. ([#5992](https://github.com/containerd/containerd/pull/5992)) * Inject otel traces to grpc client. * client: expose (*image).platform ([#6142](https://github.com/containerd/containerd/pull/6142)) * client: expose (*image).platform * Adding documentation for Core Scheduling ([#6128](https://github.com/containerd/containerd/pull/6128)) * feat(doc): add Core Scheduling documentation * Ensure namespace is proxied to grpc/ttrpc plugins ([#6130](https://github.com/containerd/containerd/pull/6130)) * Ensure namespace is proxied to grpc/ttrpc plugins * fix #6054 MaxConcurrentDownloads is not effect when Unpack is true ([#6109](https://github.com/containerd/containerd/pull/6109)) * fix #6054 MaxConcurrentDownloads is not effect when Unpack is true * Output a warning for label image labels instead of erroring ([#6124](https://github.com/containerd/containerd/pull/6124)) * Output a warning for label image labels instead of erroring * Fix spelling mistake in Windows snapshotter ([#6132](https://github.com/containerd/containerd/pull/6132)) * Fix spelling mistake in Windows snapshotter * Windows: Cleanup rm- prefixed layers ([#6126](https://github.com/containerd/containerd/pull/6126)) * Windows: Cleanup rm- prefixed layers * cleanup deprecated package `io/ioutil ` ([#6118](https://github.com/containerd/containerd/pull/6118)) * io/ioutil package has been deprecated in Go 1.16 that replaces io/ioutil functions * close Writer after use which may memory leak ([#6115](https://github.com/containerd/containerd/pull/6115)) * close Writer after use which may leak mem * Adds Windows resource limits support ([#5778](https://github.com/containerd/containerd/pull/5778)) * Adds Windows resource limits support * Prepare release notes for v1.6.0-beta.0 ([#6098](https://github.com/containerd/containerd/pull/6098)) * Prepare release notes for v1.6.0-beta.0 * Add error message to in TestContainerdRestart integration test ([#6105](https://github.com/containerd/containerd/pull/6105)) * Add error message to in TestContainerdRestart integration test * Fix typo in the NewContainer function documentation ([#6110](https://github.com/containerd/containerd/pull/6110)) * Fix typo in the NewContainer function documentation * Update cgroups to v1.0.2 ([#6104](https://github.com/containerd/containerd/pull/6104)) * Update cgroups to v1.0.2 * btrfs: verify file content after mount ([#6100](https://github.com/containerd/containerd/pull/6100)) * test: check file content after mount * Update test timeout based on recent cancellations ([#6107](https://github.com/containerd/containerd/pull/6107)) * Update test timeout based on recent cancellations * Check the pid in cri test teardown ([#6106](https://github.com/containerd/containerd/pull/6106)) * Remove extra test_teardown * Check the pid in cri test teardown * add runc shim support for sched core ([#6011](https://github.com/containerd/containerd/pull/6011)) * fix integration client vendor * add runc shim support for sched core * integration: Enables Windows containerd restart test ([#5579](https://github.com/containerd/containerd/pull/5579)) * integration: Enables Windows containerd restart test * vendor: Bump hcsshim to 0.9.0 ([#6099](https://github.com/containerd/containerd/pull/6099)) * vendor: Bump hcsshim to 0.9.0 * [cri] Add CNI conf based on runtime class ([#4695](https://github.com/containerd/containerd/pull/4695)) * Add CNI conf based on runtime class * Update Go to 1.17.2 ([#6102](https://github.com/containerd/containerd/pull/6102)) * Update Go to 1.17.2 * integration: Adds test for multilayer image import ([#5933](https://github.com/containerd/containerd/pull/5933)) * integration: Adds test for multilayer image import * runtime: should fail fast if dial error on shim ([#6031](https://github.com/containerd/containerd/pull/6031)) * runtime: should fail fast if dial error on shim * Fixes Windows containers with image volumes ([#6034](https://github.com/containerd/containerd/pull/6034)) * Windows: Fixes Windows containers with image volumes * run `gofmt` with GO 1.17 ([#6094](https://github.com/containerd/containerd/pull/6094)) * run `gofmt` with Go 1.17 * pkg/cap: remove an outdated comment ([#6088](https://github.com/containerd/containerd/pull/6088)) * pkg/cap: remove an outdated comment * Update go otel 1.0.1 ([#6066](https://github.com/containerd/containerd/pull/6066)) * Update go otel 1.0.1 * Update ADOPTERS.md with additional uses ([#6086](https://github.com/containerd/containerd/pull/6086)) * Update ADOPTERS.md with additional uses * modify the way for checking cos ([#6082](https://github.com/containerd/containerd/pull/6082)) * modify the way for checking cos * Fuzzing: Add fuzzers + small modifications ([#5915](https://github.com/containerd/containerd/pull/5915)) * Fuzzing: Add 4 fuzzers + small modifications * Fixes for Windows CI ([#6081](https://github.com/containerd/containerd/pull/6081)) * Pin mingw to version 10.2.0 * Update to golang 1.17.1 * Install nssm * Github Security Advisory [GHSA-c2h3-6mxw-7mvq](https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq) * btrfs: reduce permissions on plugin directories * v1 runtime: reduce permissions for bundle dir * v2 runtime: reduce permissions for bundle dir * task service: return known error type ([#6079](https://github.com/containerd/containerd/pull/6079)) * task service: return known error type * refactor: move from io/ioutil to io and os package ([#5973](https://github.com/containerd/containerd/pull/5973)) * refactor: move from io/ioutil to io and os package * fix: import from k8s.io/utils/clock instead ([#6076](https://github.com/containerd/containerd/pull/6076)) * fix: update vendor * cleanup: import from k8s.io/utils/clock/testing instead * cleanup: import from k8s.io/utils/clock instead * feat: enable integration cri remote client to call with grpc calloptions ([#6069](https://github.com/containerd/containerd/pull/6069)) * feat: enable cri remote client to call with grpc calloptions * cleanup k8s ansible yaml (carry for #5713) ([#6074](https://github.com/containerd/containerd/pull/6074)) * cleanup k8s ansible yaml (carry for https://github.com/jayonlau <jayonlau@gmail.com>) * feat: support import image for specific platform ([#6070](https://github.com/containerd/containerd/pull/6070)) * fix: wrong flag type * feat: support import image for specific platform * Update mirror images to take target image name ([#6065](https://github.com/containerd/containerd/pull/6065)) * Update mirror images to take target image name * fix: make exec-id flag required in exec command ([#6059](https://github.com/containerd/containerd/pull/6059)) * fix: make exec-id flag required in exec command * images: enable converter to uncompress zstd ([#6052](https://github.com/containerd/containerd/pull/6052)) * images: enable converter to uncompress zstd * replace deprecated function with Domain and Path ([#5922](https://github.com/containerd/containerd/pull/5922)) * replace deprecated function * integration: Adds Windows HostProcess tests ([#5853](https://github.com/containerd/containerd/pull/5853)) * integration: Adds Windows HostProcess tests * Fix main branch build is broken ([#6047](https://github.com/containerd/containerd/pull/6047)) * Fix main branch build is broken * Add open telemetry logging hook for logrus ([#6003](https://github.com/containerd/containerd/pull/6003)) * Add open telemetry logging hook for logrus * Change `oci.WithUser` behavior for LCOW ([#6023](https://github.com/containerd/containerd/pull/6023)) * Change oci.WithUser behavior for LCOW * switch usage directly to errdefs.(ErrAlreadyExists and ErrNotFound) ([#5946](https://github.com/containerd/containerd/pull/5946)) * switch usage directly to errdefs.(ErrAlreadyExists and ErrNotFound) * import: Raise error if the imported image is filtered out ([#5926](https://github.com/containerd/containerd/pull/5926)) * import: Raise error if the imported image is filtered out * Fix panic in metadata content writer on copy error ([#6043](https://github.com/containerd/containerd/pull/6043)) * Fix panic in metadata content writer on copy error * Move tracing to plugin ([#6001](https://github.com/containerd/containerd/pull/6001)) * Move tracing to plugin * ctr: Fixes Windows image import ([#5916](https://github.com/containerd/containerd/pull/5916)) * ctr: Fixes Windows image import * update open go.opentelemetry.io v1.0.0 to fix import path ([#6017](https://github.com/containerd/containerd/pull/6017)) * go.mod: update opentelemetry modules to v1.0.0 * fix error string format ([#5979](https://github.com/containerd/containerd/pull/5979)) * fix error string format * Add github action to mirror image ([#6036](https://github.com/containerd/containerd/pull/6036)) * Add github action to mirror image * add current process state to the error message ([#6027](https://github.com/containerd/containerd/pull/6027)) * add current process state to the error message * FreeBSD: fix tar headers & the nil check on getxattr ([#5991](https://github.com/containerd/containerd/pull/5991)) * FreeBSD: fix tar headers & the nil check on getxattr * gha: collect VMs' IP addresses ([#6035](https://github.com/containerd/containerd/pull/6035)) * gha: collect Vagrant VMs' IP addresses * bump continuity and console version that remove pkg/errors ([#6033](https://github.com/containerd/containerd/pull/6033)) * bump continuity and console version that remove pkg/errors * import: Add option to prevent duplicated digest image ([#5997](https://github.com/containerd/containerd/pull/5997)) * import: Add option to skip creating digest image * ctr namespaces: improve usage string ([#5998](https://github.com/containerd/containerd/pull/5998)) * ctr namespaces: improve usage string * bump console version to v1.0.3 that remove pkg/errors ([#6028](https://github.com/containerd/containerd/pull/6028)) * bump console version to v1.0.3 that remove pkg/errors * Use github images for integration tests ([#6032](https://github.com/containerd/containerd/pull/6032)) * Use github images for integration tests * Fix typo ([#5995](https://github.com/containerd/containerd/pull/5995)) * Fix typo * Enable image config labels in ctr and CRI container creation ([#6012](https://github.com/containerd/containerd/pull/6012)) * Enable image config labels in ctr and CRI container creation * Make sure exit signals trigger an exit during init ([#5970](https://github.com/containerd/containerd/pull/5970)) * Make sure exit signals trigger an exit during init * task delete: Closes task IO before waiting ([#5974](https://github.com/containerd/containerd/pull/5974)) * task delete: Closes task IO before waiting * CI: bump up crun to 1.0 ([#5985](https://github.com/containerd/containerd/pull/5985)) * CI: bump up crun to 1.0 * seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted) ([#5982](https://github.com/containerd/containerd/pull/5982)) * seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted) * Update to Go 1.17.1 ([#5990](https://github.com/containerd/containerd/pull/5990)) * Update to Go 1.17.1 * CI: Switch to available latest images ([#5987](https://github.com/containerd/containerd/pull/5987)) * CI: Switch to available latest images * add xfs support to devicemapper snapshotter ([#5610](https://github.com/containerd/containerd/pull/5610)) * add xfs support to devicemapper snapshotter * Fixes task kill --force on Windows ([#5956](https://github.com/containerd/containerd/pull/5956)) * Fixes task kill --force on Windows * Add support for shim plugins ([#5817](https://github.com/containerd/containerd/pull/5817)) * Add support for shim plugins * vendor: update continuity for darwin support ([#5976](https://github.com/containerd/containerd/pull/5976)) * vendor: update continuity for darwin support * replace uses of os/exec with golang.org/x/sys/execabs ([#5906](https://github.com/containerd/containerd/pull/5906)) * replace uses of os/exec with golang.org/x/sys/execabs * complete integration test for pulling image with labels ([#5972](https://github.com/containerd/containerd/pull/5972)) * Additional integration tests for pulling image with labels * Fix content copy to not ignore unexpected EOF ([#5966](https://github.com/containerd/containerd/pull/5966)) * Fix content copy to not ignore unexpected EOF * add ip_pref CNI options for primary pod ip ([#5964](https://github.com/containerd/containerd/pull/5964)) * add ip_pref CNI options for primary pod ip * cri: add devices for privileged container ([#5939](https://github.com/containerd/containerd/pull/5939)) * cri: add devices for privileged container * sandbox: Allows the sandbox to be deleted in NotReady state ([#5954](https://github.com/containerd/containerd/pull/5954)) * sandbox: Allows the sandbox to be deleted in NotReady state * pin protobuild version to tag ([#5969](https://github.com/containerd/containerd/pull/5969)) * pin protobuild version to tag * Add metric exposing build version&revision ([#5965](https://github.com/containerd/containerd/pull/5965)) * use a const metric for build_info * Add metric exposing build version&revision * Feature: containerd-cri support LinuxContainerResources.Unified ([#5627](https://github.com/containerd/containerd/pull/5627)) * add cri test case * feature: add field LinuxContainerResources.Unified on cri * integration: investigate TestRestartMonitor's failure ([#5861](https://github.com/containerd/containerd/pull/5861)) * integration: investigate TestRestartMonitor's failure * Use issue forms for bug reporting ([#5917](https://github.com/containerd/containerd/pull/5917)) * Address issue forms feedback * Use issue forms for bug reporting * cri: patch update image labels ([#5945](https://github.com/containerd/containerd/pull/5945)) * cri: patch update image labels * darwin: runtime support ([#5936](https://github.com/containerd/containerd/pull/5936)) * darwin: runtime support * darwin: use the default values for socketRoot variable * Update RELEASES.md ([#5858](https://github.com/containerd/containerd/pull/5858)) * Update RELEASES.md * archive: Add WriteDiff error logs ([#5949](https://github.com/containerd/containerd/pull/5949)) * archive: Add WriteDiff error logs * replace deprecated Dialer with ContextDialer ([#5958](https://github.com/containerd/containerd/pull/5958)) * replace deprecated Dail with DailContext * Add WS2022 support in Windows Periodic tests ([#5951](https://github.com/containerd/containerd/pull/5951)) * Add WS2022 support in Windows Periodic tests * Content fuzzer: Clean up temp store dir ([#5943](https://github.com/containerd/containerd/pull/5943)) * content fuzzer: Clean up tempdir * using Hosts replace deprecated field ([#5944](https://github.com/containerd/containerd/pull/5944)) * using Hosts replace deprecated field * fix document non-synchronous ([#5947](https://github.com/containerd/containerd/pull/5947)) * fix document non-synchronous in crictl.md * go.mod: Update hcsshim to v0.8.21 ([#5929](https://github.com/containerd/containerd/pull/5929)) * go.mod: Update hcsshim to v0.8.21 * Makefile.linux: build on RISC-V with PIE ([#5937](https://github.com/containerd/containerd/pull/5937)) * Makefile.linux: build on riscv with PIE * Fix cwd flag for `ctr tasks exec` ([#5932](https://github.com/containerd/containerd/pull/5932)) * Fix cwd flag for `ctr tasks exec` * Update Pause image in tests & config ([#5927](https://github.com/containerd/containerd/pull/5927)) * Update Pause image in tests & config * cri: Devices ownership from SecurityContext ([#5122](https://github.com/containerd/containerd/pull/5122)) * cri: Devices ownership from SecurityContext * Fix pull fails on unexpected EOF ([#5921](https://github.com/containerd/containerd/pull/5921)) * Fix pull fails on unexpected EOF * Fix dir support for devices ([#5845](https://github.com/containerd/containerd/pull/5845)) * Adding testing of two devices * Fix dir support for devices V3 (#4847) * windows: The DefaultSpec platform should match the Default matcher ([#5914](https://github.com/containerd/containerd/pull/5914)) * windows: The DefaultSpec platform should match the Default matcher * Add RunAsUserName functionality for the Windows pod sandbox container ([#5865](https://github.com/containerd/containerd/pull/5865)) * Add RunAsUserName functionality for the Windows Pod Sandbox Container * bump up runc v1.0.2 ([#5899](https://github.com/containerd/containerd/pull/5899)) * go.mod: update runc to v1.0.2 * update runc binary to v1.0.2 * Run `go fmt` with Go 1.17 ([#5903](https://github.com/containerd/containerd/pull/5903)) * Run `go fmt` with Go 1.17 * go.mod: github.com/pelletier/go-toml v1.9.3 ([#5905](https://github.com/containerd/containerd/pull/5905)) * go.mod: github.com/pelletier/go-toml v1.9.3 * cri: filter selinux xattr for image volumes ([#5902](https://github.com/containerd/containerd/pull/5902)) * cri: filter selinux xattr for image volumes * Add Windows HostProcess Support ([#5131](https://github.com/containerd/containerd/pull/5131)) * Added windows hostProcess cni skip * script: update golangci-lint from v1.38.0 and v1.36.0 to v1.42.0 ([#5897](https://github.com/containerd/containerd/pull/5897)) * script: update golangci-lint from v1.38.0 and v1.36.0 to v1.42.0 * Update to Go 1.17 ([#5889](https://github.com/containerd/containerd/pull/5889)) * Bump integration timeout to 35 min * Update to Go 1.17 * integration: fix TestContainerPids ([#5896](https://github.com/containerd/containerd/pull/5896)) * integration: fix TestContainerPids * [ctr] add HOSTNAME env for host network ([#5891](https://github.com/containerd/containerd/pull/5891)) * [ctr] add HOSTNAME env for host network * Fuzzing: Add fuzzer ([#5886](https://github.com/containerd/containerd/pull/5886)) * Fuzzing: Add fuzzer * Make Cgroup driver configurable in gce configure script ([#5884](https://github.com/containerd/containerd/pull/5884)) * Add env for SystemdCgroup driver * Allow expanded DNS configuration ([#5878](https://github.com/containerd/containerd/pull/5878)) * Allow expanded DNS configuration * Fuzzing: Add 4 fuzzers ([#5863](https://github.com/containerd/containerd/pull/5863)) * Fuzzing: Add 4 fuzzers * Cleanup v2 shim ([#5813](https://github.com/containerd/containerd/pull/5813)) * Cleanup v2 shim * Fuzzing: Add experimental version of container fuzzer ([#5840](https://github.com/containerd/containerd/pull/5840)) * Use http.Get to download binaries instead of exec.Command * Fuzzing: Add experimental version of container fuzzer * add cpu-shares to ctr ([#5846](https://github.com/containerd/containerd/pull/5846)) * add cpu-shares to ctr * docs: rename master to main (it was opposite on the actual commit) ([#5847](https://github.com/containerd/containerd/pull/5847)) * docs: rename main to master * content: return the error with its timestamp ([#5849](https://github.com/containerd/containerd/pull/5849)) * content: return the error with its timestamp * Fix bad `make protos` failure ([#5857](https://github.com/containerd/containerd/pull/5857)) * Fix bad `make protos` failure * replace cri and point to new location ([#5851](https://github.com/containerd/containerd/pull/5851)) * archive docs and point to new location fix #https://github.com/containerd/cri/issues/1624 * docs: remove FOSSA's badge ([#5856](https://github.com/containerd/containerd/pull/5856)) * docs: remove FOSSA's badge * BUILDING.md: remove some bits about building runc ([#5850](https://github.com/containerd/containerd/pull/5850)) * BUILDING.md: remove some bits about building runc * BUILDING.md: markdown fixes * go.mod: update k8s deps to v1.22.0 ([#5836](https://github.com/containerd/containerd/pull/5836)) * go.mod: update kubernetes to v1.22.0 * [Scripts] Add trap to cri-integration test script ([#5852](https://github.com/containerd/containerd/pull/5852)) * Add trap to cri-integration test script * docs: list all snapshotter-related build flags ([#5848](https://github.com/containerd/containerd/pull/5848)) * docs: list all snapshotter-related build flags * Move plugin context events into separate plugin ([#5835](https://github.com/containerd/containerd/pull/5835)) * Move plugin context events into separate plugin * Fix Linux CI Linter using Go 1.15.14 ([#5839](https://github.com/containerd/containerd/pull/5839)) * Fix Linux CI Linter using go 1.15.14 * Update Go to 1.16.7 ([#5842](https://github.com/containerd/containerd/pull/5842)) * Update Go to 1.16.7 * Cleanup CI ([#5838](https://github.com/containerd/containerd/pull/5838)) * Cleanup CI * Remove redundant build tags ([#5834](https://github.com/containerd/containerd/pull/5834)) * Remove redundant build tags * Change default directories on Darwin ([#5830](https://github.com/containerd/containerd/pull/5830)) * Change default directories on Darwin * [otel-tracing] Initial opentelemetry support ([#5731](https://github.com/containerd/containerd/pull/5731)) * [otel-tracing] vendor and go modules changes * [otel-tracing] Initial opentelemetry support * remove go 1.13 from containerd * Fuzzing: Fix for OSS-fuzz issue 36825 ([#5829](https://github.com/containerd/containerd/pull/5829)) * Fuzzing: Fix for OSS-fuzz issue 36825 * Fuzzing: Add two fuzzers ([#5825](https://github.com/containerd/containerd/pull/5825)) * Fuzzing: Add two more fuzzers * scripts: linting fixes, and remove support for Debian Jessie (as it's EOL) ([#5760](https://github.com/containerd/containerd/pull/5760)) * scripts: declare ROOT closer to where it's used, and some DRY changes * scripts: add missing quotes, and minor linting issues * test/build-utils.sh: remove support for Debian Jessie * platforms: Format(): use path.Join() instead of joinNotEmpty() ([#5821](https://github.com/containerd/containerd/pull/5821)) * platforms: Format(): use path.Join() instead of joinNotEmpty() * Fuzzing: Remove panics of container_fuzzer ([#5823](https://github.com/containerd/containerd/pull/5823)) * Fuzzing: Remove panics of container_fuzzer * Fuzzing: Add container fuzzer ([#5785](https://github.com/containerd/containerd/pull/5785)) * Change protoc link * Split fuzzer to two fuzzers * Fuzzing: Add container fuzzer * runtime: fix the issue of create new socket with abstract address ([#5746](https://github.com/containerd/containerd/pull/5746)) * runtime: fix the issue of create new socket with abstract address * mergo: Upgrade to 0.3.12 to fix panic ([#5809](https://github.com/containerd/containerd/pull/5809)) * mergo: Upgrade to 0.3.12 to fix panic * ci: install criu from PPA ([#5802](https://github.com/containerd/containerd/pull/5802)) * ci: install criu from PPA * Update release workflow to upload binary without CNI ([#5144](https://github.com/containerd/containerd/pull/5144)) * Split release steps into multiple tasks * Update release workflow to upload binary without CNI * Enable critest on Windows Periodic Jobs ([#5725](https://github.com/containerd/containerd/pull/5725)) * Enable critest on Windows * Script to check if entries in go.mod files are in sync ([#5792](https://github.com/containerd/containerd/pull/5792)) * Script to check if entries in go.mod files are in sync * Add a sharedNamespace label ([#5043](https://github.com/containerd/containerd/pull/5043)) * Add shared content label to namespaces * platforms: add "ios" as known OS, "loong64" as known ARCH ([#5784](https://github.com/containerd/containerd/pull/5784)) * platforms: add "ios" as known OS, "loong64" as known ARCH * Updates the location of protobuf downloads ([#5804](https://github.com/containerd/containerd/pull/5804)) * Updates the location of protobuf downloads in docs * Update protobuf install to use correct repository ([#5803](https://github.com/containerd/containerd/pull/5803)) * Update protobuf install to use correct repository * overlay: expose upperdir location of each snapshot via an optional label ([#5624](https://github.com/containerd/containerd/pull/5624)) * overlay: add an optional label of upperdir location of each snapshot * Support SIGRTMIN+n signals ([#5693](https://github.com/containerd/containerd/pull/5693)) * Support SIGRTMIN+n signals * respect context timeout in shim binary call ([#5800](https://github.com/containerd/containerd/pull/5800)) * respect context timeout in shim binary call * Introduce a new go module - containerd/api for use in standalone clients ([#5716](https://github.com/containerd/containerd/pull/5716)) * Introduce a new go module - containerd/api for use in standalone clients * grpc config add options tcp_client_ca_cert ([#5606](https://github.com/containerd/containerd/pull/5606)) * grpc config add options tcp_tls_ca * integration: Windows volume-copy-up images ([#5162](https://github.com/containerd/containerd/pull/5162)) * integration: Windows volume-copy-up images * add CRI support matrix to RELEASES.md ([#5795](https://github.com/containerd/containerd/pull/5795)) * add CRI support matrix to RELEASES.md * adding a little more clarity ([#5794](https://github.com/containerd/containerd/pull/5794)) * adding a little more clarity * update gotestsum to v1.7.0 ([#5793](https://github.com/containerd/containerd/pull/5793)) * update gotestsum to v1.7.0 * Discard blocks when removing a thin device ([#5756](https://github.com/containerd/containerd/pull/5756)) * Discard blocks when removing a thin device * Makefile: fix passing build tags ([#5590](https://github.com/containerd/containerd/pull/5590)) * Makefile: pass build tags to manpage build process * Makefile: fix tags parameter computation * Add runtime label to metrics ([#5744](https://github.com/containerd/containerd/pull/5744)) * Add runtime label to metrics * interface about shim build check ([#5745](https://github.com/containerd/containerd/pull/5745)) * interface about shim build check * integration: log all processes to investigate the test failure ([#5775](https://github.com/containerd/containerd/pull/5775)) * integration: log all processes to investigate the test failure * Fuzzing: Add archive fuzzer ([#5779](https://github.com/containerd/containerd/pull/5779)) * Fuzzing: Add archive fuzzer * Add docker.Fetch fuzzer ([#5687](https://github.com/containerd/containerd/pull/5687)) * Add docker fetch fuzzer * Support custom compressor for walking differ ([#5735](https://github.com/containerd/containerd/pull/5735)) * Support custom compressor for walking differ * remotes/docker/pusher.go: Fix missing Close() on push to docker remote ([#5770](https://github.com/containerd/containerd/pull/5770)) * remotes/docker/pusher.go: Fix missing Close() * remotes/docker/fetcher.go: Fix missing Close() on fetch from docker remote ([#5769](https://github.com/containerd/containerd/pull/5769)) * remotes/docker/fetcher.go: Fix missing Close() * Update cpuguy83/go-md2man binary to v2.0.1 ([#5771](https://github.com/containerd/containerd/pull/5771)) * Update cpuguy83/go-md2man binary to v2.0.1 * Refactor / optimize contrib/Dockerfile.test ([#5750](https://github.com/containerd/containerd/pull/5750)) * Dockerfile.test: build containerd in separate stage * Dockerfile.test: add GOLANG_IMAGE build arg to allow overriding * Dockerfile.test: clean up apt indexes after installing * Dockerfile.test: build critools in a separate stage * Dockerfile.test: build cni in a separate stage * Dockerfile.test: standard directory to collect build aftifacts * Dockerfile.test: split dev stage, and optimize order * Dockerfile.test: skip curl, gcc, git and make install * install-critools: make sure DESTDIR exists * update gotestsum to current master ([#5754](https://github.com/containerd/containerd/pull/5754)) * update gotestsum to current master * Github Security Advisory [GHSA-c72p-9xmj-rx3w](https://github.com/containerd/containerd/security/advisories/GHSA-c72p-9xmj-rx3w) * Add test for archive breakout test for lchmod * Use systemd cgroup driver for Kubernetes e2e tests with cgroupsv2 ([#5755](https://github.com/containerd/containerd/pull/5755)) * Use systemd cgroup driver for cgroupv2 tests * update runc to v1.0.1 ([#5751](https://github.com/containerd/containerd/pull/5751)) * go.mod: runc v1.0.1 * update runc binary to v1.0.1 * runtime: runc v2: remove redundant validation ([#5737](https://github.com/containerd/containerd/pull/5737)) * runtime: runc v2: remove redundant validation * Add timestamp to flaky restart monitor test ([#5727](https://github.com/containerd/containerd/pull/5727)) * Move loop check to before sleep * Add timestamp to flaky restart monitor test * Update Go to 1.16.6 ([#5722](https://github.com/containerd/containerd/pull/5722)) * integration/client: go mod tidy * Update Go to 1.16.6 * client: surface a connection error more clearly ([#4447](https://github.com/containerd/containerd/pull/4447)) * client: surface a connection error more clearly * Fix missing Body.Close() calls on push to docker remote ([#5712](https://github.com/containerd/containerd/pull/5712)) * Fix missing Body.Close() calls on push to docker remote * remove pkg/cri/platforms package ([#5710](https://github.com/containerd/containerd/pull/5710)) * remove pkg/cri/platforms package * Allow WithServices to use custom implementations ([#5709](https://github.com/containerd/containerd/pull/5709)) * Allow WithServices to use custom implementations * [Vendor] Update hcsshim to 0.8.18 ([#5673](https://github.com/containerd/containerd/pull/5673)) * [Vendor] Update hcsshim to 0.8.18 * test integration: Adds a test that restarts a failed container ([#5578](https://github.com/containerd/containerd/pull/5578)) * test integration: Adds a test that restarts a failed container * [CRI] move up to CRI v1 and support v1alpha in parallel ([#5619](https://github.com/containerd/containerd/pull/5619)) * use fu wei's suggeted interface pick for marshaling * add alpha version * move up to CRI v1 and support v1alpha in parallel * gha: make release workflow work in forks ([#5682](https://github.com/containerd/containerd/pull/5682)) * gha: make release workflow work in forks * Add unit test for plugin ([#5666](https://github.com/containerd/containerd/pull/5666)) * Add unit test for plugin * Dockerfile.test: add "cri-in-userns" (aka rootless) test stage ([#5700](https://github.com/containerd/containerd/pull/5700)) * Dockerfile.test: add "cri-in-userns" (aka rootless) test stage * Update for distribution spec 1.0 ([#5676](https://github.com/containerd/containerd/pull/5676)) * Add support for registry host path override * Update documenation for OCI distribution 1.0 * archive: cleanup lchmod logic ([#5702](https://github.com/containerd/containerd/pull/5702)) * Cleanup lchmod logic in archive * Install specific golang version in Windows CI. ([#5571](https://github.com/containerd/containerd/pull/5571)) * Install specific golang version in Windows CI. * Add ctr command label in NewContainerOpts ([#5660](https://github.com/containerd/containerd/pull/5660)) * feat: Add snapshotter label to the new snapshot for container. * snapshot/devmapper: log exported methods correctly ([#5655](https://github.com/containerd/containerd/pull/5655)) * snapshot/devmapper: log exported methods correctly * Makefile: fix DESTDIR and PREFIX concatenation ([#5662](https://github.com/containerd/containerd/pull/5662)) * Makefile: fix DESTDIR and PREFIX concatenation * Cri integration cleanup ([#5287](https://github.com/containerd/containerd/pull/5287)) * tests: Use EnsureImageExists for image pulling * tests: Refactors PodSandbox creation * move sys.FMountat() into mount package and un-export ([#5641](https://github.com/containerd/containerd/pull/5641)) * un-export mount.FMountat * move sys.FMountat() into mount package * sandbox: send pod UID to CNI plugins as K8S_POD_UID ([#5640](https://github.com/containerd/containerd/pull/5640)) * sandbox: send pod UID to CNI plugins as K8S_POD_UID * sys: remove StatAtime(), StatCtime(), StatMtime() and StatATimeAsTime() utils ([#5639](https://github.com/containerd/containerd/pull/5639)) * sys: remove StatAtime(), StatCtime(), StatMtime() and StatATimeAsTime() utils * content/local: inline sys.StatATimeAsTime() ([#5633](https://github.com/containerd/containerd/pull/5633)) * content/local: inline sys.StatATimeAsTime() * allow multi gpu to be specified via ctr ([#5636](https://github.com/containerd/containerd/pull/5636)) * allow multi gpu to be specified via ctr * go.mod: runc v1.0.0 * update runc binary to v1.0.0 GA * fixing some doc links ([#5629](https://github.com/containerd/containerd/pull/5629)) * fixing some doc links * Sync integration/go.mod with root go.mod ([#5623](https://github.com/containerd/containerd/pull/5623)) * Sync integration/go.mod with root go.mod * archive: Expose ChangeWriter to allow customized diff computing ([#5615](https://github.com/containerd/containerd/pull/5615)) * archive: Expose ChangeWriter to allow customized diff computing * CI: Switch to the available latest images ([#5625](https://github.com/containerd/containerd/pull/5625)) * CI: Switch to available latest images * fix deprecation config for default runtime * Re-enable criu in main integration runs ([#5614](https://github.com/containerd/containerd/pull/5614)) * Re-enable criu in main integration runs * runtime,v2: Enable debug when containerd is on debug+ log level ([#5617](https://github.com/containerd/containerd/pull/5617)) * runtime,v2: Enable debug when containerd is on debug+ log level * github.com/golang/protobuf/proto is deprecated * Update github.com/golang/protobuf from v1.3.5 to v1.4.3 * Update google.golang.org/grpc from v1.27.1 to v1.38.0 * Increase golangci-lint timeout * ctr flags of container rootfs propagation ([#5611](https://github.com/containerd/containerd/pull/5611)) * command line flags of setting container rootfs propagation * add cgroupv2 setup for cos with a flag * Update gotestsum to add timestamps to junit output ([#5612](https://github.com/containerd/containerd/pull/5612)) * Update gotestsum to add timestamps to junit output * Allow to pass --no-cgroups option to nvidia-container-cli ([#5604](https://github.com/containerd/containerd/pull/5604)) * Allow to pass --no-cgroup option to nvidia-container-cli * Makefile: FHS conformant manpage installation pathes ([#5577](https://github.com/containerd/containerd/pull/5577)) * Makefile: FHS conformant manpage installation pathes * Add proper Go version before project checks ([#5594](https://github.com/containerd/containerd/pull/5594)) * Add proper Go version before project checks * Enable cri-integration in Windows Periodic Tests ([#5580](https://github.com/containerd/containerd/pull/5580)) * Enable cri-integration in Windows Periodic Tests * adds explanation for seccomp unset/unconfined default vs runtime default ([#5573](https://github.com/containerd/containerd/pull/5573)) * adds explanation for seccomp unset/unconfined default vs runtime default * Fix cleanup context of teardownPodNetwork ([#5569](https://github.com/containerd/containerd/pull/5569)) * Fix cleanup context of teardownPodNetwork * update integration/client go.sum ([#5572](https://github.com/containerd/containerd/pull/5572)) * update integration/client go.sum * Revert diff/walking error change ([#5566](https://github.com/containerd/containerd/pull/5566)) * Revert diff/walking error change * Update opencontainers/selinux to v1.8.2 ([#5562](https://github.com/containerd/containerd/pull/5562)) * Update opencontainers/selinux to v1.8.2 * fix invalid validation error checking ([#5565](https://github.com/containerd/containerd/pull/5565)) * fix invalid validation error checking * diff/walking: fix defer cleanup ([#5551](https://github.com/containerd/containerd/pull/5551)) * diff/walking: fix defer cleanup * Windows periodic job: Add creation timestamp to RG ([#5559](https://github.com/containerd/containerd/pull/5559)) * Add creation timestamp to RG * Fix error case in Windows layer cleanup ([#5328](https://github.com/containerd/containerd/pull/5328)) * Fix error case in Windows layer cleanup * Use DeactivateLayer to unlock layers that we cannot rename ([#5422](https://github.com/containerd/containerd/pull/5422)) * Small typo fix "reimporst" * Use DeactivateLayer to recover layers that we cannot rename * tests: Symlink volume tests ([#5284](https://github.com/containerd/containerd/pull/5284)) * tests: Symlink volume tests * Makefile: fix DESTDIR environment variable behaviour ([#5535](https://github.com/containerd/containerd/pull/5535)) * Makefile: fix DESTDIR environment variable behaviour * Change Wrapf of non-error to an actual error ([#5560](https://github.com/containerd/containerd/pull/5560)) * Change Wrapf of non-error to an actual error * Install apparmor parser for arm64 environment * scrub the stale TODO ([#5536](https://github.com/containerd/containerd/pull/5536)) * scrub the stale TODO * docs: explicitly mention containerd's Prometheus path ([#5554](https://github.com/containerd/containerd/pull/5554)) * docs: explicitly mention containerd's Prometheus path * integration: Cleanup containerd on test teardown ([#5553](https://github.com/containerd/containerd/pull/5553)) * integration: Cleanup containerd on test teardown * docs/cri: update links ([#5548](https://github.com/containerd/containerd/pull/5548)) * docs/cri: update ocicrypt link * docs/cri: fix broken links * Update Windows periodic tests ([#5544](https://github.com/containerd/containerd/pull/5544)) * Update Windows periodic tests * Add CI periodic Windows Jobs. ([#5165](https://github.com/containerd/containerd/pull/5165)) * Schedule Windows job daily after midnight. * Update windows-periodic.yml * Add CI periodic Windows Jobs. * Rename atomicWrite to writeToCompletion ([#5273](https://github.com/containerd/containerd/pull/5273)) * Rename atomicWrite to writeToCompletion * Do not run btrfs tests if btrfs kernel module is not loaded ([#5539](https://github.com/containerd/containerd/pull/5539)) * Do not run btrfs tests if btrfs kernel module is not loaded * Fix incorrect UA used for registry authentication ([#5533](https://github.com/containerd/containerd/pull/5533)) * Fix incorrect UA used for registry authentication * ctr: parse mount options with embedded = character ([#5531](https://github.com/containerd/containerd/pull/5531)) * ctr: parse mount options with embedded = character * Fix mounts for FreeBSD ([#5472](https://github.com/containerd/containerd/pull/5472)) * Add ruleset=4 option * Remove mountpoints not commonly mounted on FreeBSD * Add copyright header & make sure compilation succeeds on all platforms * Fix mounts for FreeBSD * ctr: make exec pty behavior consistent with run ([#5527](https://github.com/containerd/containerd/pull/5527)) * ctr: exec handle pty resize after Start * ctr: exec setup IO with console * Makefile: use $@ for target file names ([#5534](https://github.com/containerd/containerd/pull/5534)) * Makefile: use $@ for target file names * Fix small typo ([#5528](https://github.com/containerd/containerd/pull/5528)) * Fix small typo * Don't check for apparmor_parser to be present ([#5519](https://github.com/containerd/containerd/pull/5519)) * update the link * Don't check for apparmor_parser to be present * Remove useless lines ([#5520](https://github.com/containerd/containerd/pull/5520)) * Remove useless lines * Fixed typos in docs ([#5509](https://github.com/containerd/containerd/pull/5509)) * fixed typos * Try next mirror in case of non-404 errors, too ([#5275](https://github.com/containerd/containerd/pull/5275)) * Try next mirror in case of non-404 errors, too * bump runc version to v1.0.0-rc95 ([#5514](https://github.com/containerd/containerd/pull/5514)) * bump runc version to v1.0.0-rc95 * update runc binary to v1.0.0-rc95 ([#5511](https://github.com/containerd/containerd/pull/5511)) * update runc binary to v1.0.0-rc95 * Bump github.com/Microsoft/go-winio from 0.4.15 to 0.5.0 ([#5508](https://github.com/containerd/containerd/pull/5508)) * Bump github.com/Microsoft/go-winio from 0.4.15 to 0.5.0 * Bump github.com/opencontainers/selinux from 1.8.0 to 1.8.1 ([#5507](https://github.com/containerd/containerd/pull/5507)) * Bump github.com/opencontainers/selinux from 1.8.0 to 1.8.1 * Makefile: allow overriding install command via environment ([#5493](https://github.com/containerd/containerd/pull/5493)) * Makefile: allow overriding install command via environment * tests: Adds support for Windows cri-integration tests ([#5163](https://github.com/containerd/containerd/pull/5163)) * tests: Adds support for Windows cri-integration tests * Update docker resolver to authorize redirects ([#5504](https://github.com/containerd/containerd/pull/5504)) * Update docker resolver to authorize redirects * bump hcsshim version to v0.8.17 ([#5505](https://github.com/containerd/containerd/pull/5505)) * bump hcsshim version to v0.8.17 * Release binary update for imgcrypt ([#5498](https://github.com/containerd/containerd/pull/5498)) * just release ctd-decoder not ctr-enc * Merge remote-tracking branch 'upstream/master' * Pin integration test image for alpine * cri-integration tests: Pull images once ([#5313](https://github.com/containerd/containerd/pull/5313)) * tests: Prepull images used in tests * plugin: optimize the check for the last registration ([#5440](https://github.com/containerd/containerd/pull/5440)) * plugin: optimize the check for the last registration * metadata: modify NewLeaseManager to return leases.Manager ([#5465](https://github.com/containerd/containerd/pull/5465)) * metadata: modify NewLeaseManager to return leases.Manager * Skip TLS verification for localhost ([#5100](https://github.com/containerd/containerd/pull/5100)) * Skip TLS verification for localhost * Merge remote-tracking branch 'upstream/master' * Makefile: make sure manpages are built before install-man ([#5492](https://github.com/containerd/containerd/pull/5492)) * Makefile: make sure manpages are built before install-man * adds description for hosts.toml ([#5309](https://github.com/containerd/containerd/pull/5309)) * adds credentials description * adds description for hosts.toml * Prepare default branch rename ([#5459](https://github.com/containerd/containerd/pull/5459)) * Prepare default branch rename * Merge remote-tracking branch 'upstream/master' * Update runc to rc94 ([#5473](https://github.com/containerd/containerd/pull/5473)) * Update vendored runc to v1.0.0.0-rc94 * Update the runc binary used with containerd to runc v1.0.0-rc94 * Fix `content.ReaderAt` close ([#5468](https://github.com/containerd/containerd/pull/5468)) * Fix content.ReaderAt close * Update releases doc with updated support timeline ([#5466](https://github.com/containerd/containerd/pull/5466)) * Update releases doc with updated support timeline * tests: add test for adaptor ([#5452](https://github.com/containerd/containerd/pull/5452)) * tests: add test for adaptor * Makefile: allow overriding go command by environment ([#5450](https://github.com/containerd/containerd/pull/5450)) * Makefile: allow overriding go command by environment * update to new cri-tools make install ([#5462](https://github.com/containerd/containerd/pull/5462)) * update to new cri-tools make install * Update Go to 1.16.4 ([#5461](https://github.com/containerd/containerd/pull/5461)) * Update Go to 1.16.4 * Merge remote-tracking branch 'upstream/release/1.5' * [release/1.5] go.mod: cut circular dependency on github.com/containerd/containerd ([#5457](https://github.com/containerd/containerd/pull/5457)) * go.mod: cut circular dependency on github.com/containerd/containerd * integration/client: go mod tidy * oci: fix WithDevShmSize ([#5063](https://github.com/containerd/containerd/pull/5063)) * oci: fix WithDevShmSize * [release/1.5] cherry-pick: windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink ([#5454](https://github.com/containerd/containerd/pull/5454)) * windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink * windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink ([#5411](https://github.com/containerd/containerd/pull/5411)) * windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink * doc: add missing namespaces package ([#5448](https://github.com/containerd/containerd/pull/5448)) * doc: add missing namespaces package * update seccomp version ([#5445](https://github.com/containerd/containerd/pull/5445)) * update seccomp version * Update golang.org/x/sys to add linux/ppc support ([#5436](https://github.com/containerd/containerd/pull/5436)) * Update golang.org/x/sys to add linux/ppc support * go.mod: cut circular dependency on github.com/containerd/containerd ([#5441](https://github.com/containerd/containerd/pull/5441)) * go.mod: cut circular dependency on github.com/containerd/containerd * integration/client: go mod tidy * Fix different registry hosts referencing the same auth config. ([#5446](https://github.com/containerd/containerd/pull/5446)) * Fix different registry hosts referencing the same auth config. </p> </details> ### Changes from containerd/cgroups <details><summary>33 commits</summary> <p> * v2: Fix inotify fd leak when cgroup is deleted ([#212](https://github.com/containerd/cgroups/pull/212)) * v2: add test case for Manager.EventChan() behavior * v2: flip error handling for readKVStat("memory.events") to reduce indentation * v2: manager: factor out memory.events parsing * v2: Fix inotify leak when cgroup is deleted * fix Implicit memory aliasing in for loop ([#214](https://github.com/containerd/cgroups/pull/214)) * fix Implicit memory aliasing in for loop * Fix potential dirfd leak. ([#210](https://github.com/containerd/cgroups/pull/210)) * Fix potential dirfd leak. * cgroup: Optionally add process and task to a subsystems subset ([#203](https://github.com/containerd/cgroups/pull/203)) * cgroup: Optionally add process and task to a subsystems subset * replace pkg/errors from vendor ([#208](https://github.com/containerd/cgroups/pull/208)) * replace pkg/errors from vendor * cgroup.go: avoid panic on nil interface ([#207](https://github.com/containerd/cgroups/pull/207)) * cgroup.go: avoid panic on nil interface * Improvements on cgroup v2 support ([#204](https://github.com/containerd/cgroups/pull/204)) * cgroupv2: reset lastErr to nil when subtree control is successfully written * cgroupv2: enable controllers before setting resources in NewChild() * v2: remove unimplemented errors and ErrorHandler, IgnoreNotExist ([#201](https://github.com/containerd/cgroups/pull/201)) * v2: remove ErrorHandler and IgnoreNotExist as they are not implemented * v2: remove errors that are never returned * v1: reduce duplicated code ([#202](https://github.com/containerd/cgroups/pull/202)) * v1: reduce duplicated code * cgroup v1: implement AddProc() ([#200](https://github.com/containerd/cgroups/pull/200)) * cgroup v1: implement AddProc() * Rename branch from master to main ([#199](https://github.com/containerd/cgroups/pull/199)) * Rename branch from master to main * utils: export ParseCgroupFile() ([#197](https://github.com/containerd/cgroups/pull/197)) * utils: export ParseCgroupFile() * go.mod: coreos/go-systemd/v22 v22.3.2 to prepare for deprecations ([#194](https://github.com/containerd/cgroups/pull/194)) * go.mod: coreos/go-systemd/v22 v22.3.2 to prepare for deprecations * Use /proc/partitions to get device names ([#195](https://github.com/containerd/cgroups/pull/195)) * Use /proc/partitions to get device names </p> </details> ### Changes from containerd/console <details><summary>6 commits</summary> <p> * Fix CI ([#55](https://github.com/containerd/console/pull/55)) * Fix CI * Stop using pkg/errors * Add support for z/OS ([#46](https://github.com/containerd/console/pull/46)) * Console test on z/OS * Add support for z/OS </p> </details> ### Changes from containerd/continuity <details><summary>28 commits</summary> <p> * fs: use syscall.Timespec.Unix ([#193](https://github.com/containerd/continuity/pull/193)) * fs: use syscall.Timespec.Unix * Update CI Go version to 1.17 ([#192](https://github.com/containerd/continuity/pull/192)) * Update CI Go version to 1.17 * Build containerd/continuity on multiple Unix OSes ([#190](https://github.com/containerd/continuity/pull/190)) * Build containerd/continuity on multiple Unix OSes * Do not log errors before returning them ([#191](https://github.com/containerd/continuity/pull/191)) * Do not log errors before returning them * Copy Windows file metadata ([#188](https://github.com/containerd/continuity/pull/188)) * Copy Windows file metadata * fix fmt.Errorf("%w", err) on err == nil ([#187](https://github.com/containerd/continuity/pull/187)) * fix fmt.Errorf("%w", err) on err == nil * Remove direct dependency on github.com/pkg/errors ([#185](https://github.com/containerd/continuity/pull/185)) * run gofmt with Go 1.17 * remove direct dependency on github.com/pkg/errors * Fix darwin issues ([#186](https://github.com/containerd/continuity/pull/186)) * update AUTHORS * darwin: use utimensat syscall instead of utimes * fix darwin usage of du command * go.mod: bazil.org/fuse v0.0.0-20200407214033-5883e5a4b5125 ([#161](https://github.com/containerd/continuity/pull/161)) * go.mod: bazil.org/fuse v0.0.0-20200407214033-5883e5a4b5125 * fs/stat: add FreeBSD, and cleanup some nolint-comments ([#184](https://github.com/containerd/continuity/pull/184)) * reformat nolint comments * fs/stat: add FreeBSD * Rename branch from master to main ([#182](https://github.com/containerd/continuity/pull/182)) * Rename branch from master to main * testutil/loopback: print more debug info ([#180](https://github.com/containerd/continuity/pull/180)) * testutil/loopback: print more debug info </p> </details> ### Changes from containerd/go-cni <details><summary>24 commits</summary> <p> * init exec when create CNIConfig ([#83](https://github.com/containerd/go-cni/pull/83)) * init exec when create CNIConfig * cni: fix data-race on lazy init by ensureExec(). ([#82](https://github.com/containerd/go-cni/pull/82)) * cni: fix data-race on lazy init by ensureExec(). * Implement CNI CHECK command ([#80](https://github.com/containerd/go-cni/pull/80)) * Implement CNI CHECK command * run setup on networks in parallel ([#76](https://github.com/containerd/go-cni/pull/76)) * switch to direct index * run setup on networks in parallel * remove: Continue on "not found" errors ([#74](https://github.com/containerd/go-cni/pull/74)) * remove: Continue on "not found" errors * go.mod: github.com/containernetworking/cni v1.0.1 ([#72](https://github.com/containerd/go-cni/pull/72)) * go.mod: github.com/containernetworking/cni v1.0.1 * remove direct dependency on github.com/pkg/errors ([#71](https://github.com/containerd/go-cni/pull/71)) * remove direct dependency on github.com/pkg/errors * update CNI to v1.0.0 ([#70](https://github.com/containerd/go-cni/pull/70)) * test: add TestLibCNIType100 * update CNI to v1.0.0 * Rename branch from master to main ([#69](https://github.com/containerd/go-cni/pull/69)) * Rename branch from master to main * result: change Raw from a struct field to a method ([#68](https://github.com/containerd/go-cni/pull/68)) * result: change Raw from a struct field to a method * result: expose raw result ([#67](https://github.com/containerd/go-cni/pull/67)) * result: expose raw result </p> </details> ### Changes from containerd/imgcrypt <details><summary>32 commits</summary> <p> * CHANGES: Updated CHANGES document for 1.1.3 release ([#64](https://github.com/containerd/imgcrypt/pull/64)) * CHANGES: Updated CHANGES document for 1.1.3 release * docs: update project branch to main ([#63](https://github.com/containerd/imgcrypt/pull/63)) * docs: update project branch to main * Update linter to match containerd repo ([#61](https://github.com/containerd/imgcrypt/pull/61)) * Update linter to match containerd repo * update CI golang version * Bump github.com/containerd/containerd from 1.5.7 to 1.5.8 ([#59](https://github.com/containerd/imgcrypt/pull/59)) * Bump github.com/containerd/containerd from 1.5.7 to 1.5.8 * maint: Update to ocicrypt v1.1.2 ([#57](https://github.com/containerd/imgcrypt/pull/57)) * maint: Update to ocicrypt v1.1.2 * Decouple CreateCryptoConfig() from github.com/urfave/cli ([#56](https://github.com/containerd/imgcrypt/pull/56)) * Decouple CreateCryptoConfig() from github.com/urfave/cli * Bump github.com/containerd/containerd from 1.5.5 to 1.5.7 ([#55](https://github.com/containerd/imgcrypt/pull/55)) * Bump github.com/containerd/containerd from 1.5.5 to 1.5.7 * replace pkg/errors and bump related library * README: Fix CRI decryption document URL ([#53](https://github.com/containerd/imgcrypt/pull/53)) * README: Fix CRI decryption document URL * Bump github.com/containerd/containerd from 1.5.2 to 1.5.4 ([#52](https://github.com/containerd/imgcrypt/pull/52)) * Bump github.com/containerd/containerd from 1.5.2 to 1.5.4 * Bump containerd to 1.5.2 ([#51](https://github.com/containerd/imgcrypt/pull/51)) * Bump containerd to 1.5.2 * images: Implement ConvertFunc for image en- and decryption ([#49](https://github.com/containerd/imgcrypt/pull/49)) * images: Implement ConvertFunc for image en- and decryption * Add containerd-release to makefile ([#48](https://github.com/containerd/imgcrypt/pull/48)) * Remove ctr-enc from installation * vendor sync up with containerd 1.5 ga, and runc94 ([#47](https://github.com/containerd/imgcrypt/pull/47)) * sync up with containerd 1.5 ga, and runc94 * Sync ctr-enc with containerd's ctr v1.5.0-rc.3 ([#46](https://github.com/containerd/imgcrypt/pull/46)) * CICD: Run 'apt update' before pulling packages * ctr-enc: Set the version for ctr-enc when linking * Sync ctr-enc with containerd's ctr v1.5.0-rc.3 </p> </details> ### Changes from containerd/ttrpc <details><summary>34 commits</summary> <p> * Add protoc-gen-go-ttrpc ([#96](https://github.com/containerd/ttrpc/pull/96)) * Add protoc-gen-go-ttrpc * client: Handle sending/receiving in separate goroutines ([#94](https://github.com/containerd/ttrpc/pull/94)) * client: Handle sending/receiving in separate goroutines * Run Protobuild in GitHub Actions ([#95](https://github.com/containerd/ttrpc/pull/95)) * Run Protobuild in GitHub Actions * Re-generate example.pb.go * replace pkg/errors ([#93](https://github.com/containerd/ttrpc/pull/93)) * replace pkg/errors from vendor * Rename branch from master to main ([#86](https://github.com/containerd/ttrpc/pull/86)) * Rename branch from master to main * Make "go test" and "go build" work on macOS ([#85](https://github.com/containerd/ttrpc/pull/85)) * Make the example command buildable on macOS * Run GitHub Actions on macOS * Make "go test" work on macOS * Return Unimplemented when services or methods are not implemented ([#83](https://github.com/containerd/ttrpc/pull/83)) * Return Unimplemented when services or methods are not implemented * Remove "Very new" and checked TODO items ([#84](https://github.com/containerd/ttrpc/pull/84)) * Remove "Very new" and checked TODO items * removing glide from ignore ([#82](https://github.com/containerd/ttrpc/pull/82)) * removing glide from ignore * go.mod: update dependencies ([#79](https://github.com/containerd/ttrpc/pull/79)) * go.mod: github.com/prometheus/procfs v0.6.0 * go.mod: google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63 * go.mod: google.golang.org/grpc v1.27.1 * go.mod: github.com/gogo/protobuf v1.3.2 * remove travis, add codecov badge ([#78](https://github.com/containerd/ttrpc/pull/78)) * CI: add codecov badge to readme * CI: remove travis * Use GitHub Actions for CI ([#77](https://github.com/containerd/ttrpc/pull/77)) * Use GitHub Actions for CI * go.mod: sirupsen/logrus v1.7.0 ([#76](https://github.com/containerd/ttrpc/pull/76)) * go.mod: sirupsen/logrus v1.7.0 * go mod tidy </p> </details> ### Dependency Changes * **cloud.google.com/go** v0.81.0 **_new_** * **github.com/AdaLogics/go-fuzz-headers** 6c3934b029d8 **_new_** * **github.com/Microsoft/go-winio** v0.4.17 -> v0.5.1 * **github.com/Microsoft/hcsshim** v0.8.16 -> v0.9.2 * **github.com/blang/semver** v3.5.1 **_new_** * **github.com/cenkalti/backoff/v4** v4.1.2 **_new_** * **github.com/cespare/xxhash/v2** v2.1.1 -> v2.1.2 * **github.com/cilium/ebpf** v0.4.0 -> v0.7.0 * **github.com/containerd/cgroups** v1.0.1 -> v1.0.3 * **github.com/containerd/console** v1.0.2 -> v1.0.3 * **github.com/containerd/continuity** v0.1.0 -> v0.2.2 * **github.com/containerd/go-cni** v1.0.2 -> v1.1.3 * **github.com/containerd/imgcrypt** v1.1.1 -> v1.1.3 * **github.com/containerd/ttrpc** v1.0.2 -> v1.1.0 * **github.com/containernetworking/cni** v0.8.1 -> v1.0.1 * **github.com/containernetworking/plugins** v0.9.1 -> v1.0.1 * **github.com/containers/ocicrypt** v1.1.1 -> v1.1.2 * **github.com/coreos/go-systemd/v22** v22.1.0 -> v22.3.2 * **github.com/go-logr/logr** v0.2.0 -> v1.2.2 * **github.com/go-logr/stdr** v1.2.2 **_new_** * **github.com/godbus/dbus/v5** v5.0.3 -> v5.0.6 * **github.com/golang/groupcache** 8c9f03a8e57e -> 41bb18bfe9da * **github.com/golang/protobuf** v1.3.5 -> v1.5.2 * **github.com/google/go-cmp** v0.5.4 -> v0.5.6 * **github.com/google/gofuzz** v1.1.0 -> v1.2.0 * **github.com/grpc-ecosystem/go-grpc-middleware** v1.3.0 **_new_** * **github.com/grpc-ecosystem/grpc-gateway** v1.16.0 **_new_** * **github.com/hashicorp/errwrap** v1.0.0 -> v1.1.0 * **github.com/hashicorp/go-multierror** v1.0.0 -> v1.1.1 * **github.com/imdario/mergo** v0.3.11 -> v0.3.12 * **github.com/intel/goresctrl** v0.2.0 **_new_** * **github.com/json-iterator/go** v1.1.10 -> v1.1.12 * **github.com/moby/spdystream** v0.2.0 **_new_** * **github.com/moby/sys/mountinfo** v0.4.1 -> v0.5.0 * **github.com/moby/sys/signal** v0.6.0 **_new_** * **github.com/moby/sys/symlink** v0.1.0 -> v0.2.0 * **github.com/modern-go/reflect2** v1.0.1 -> v1.0.2 * **github.com/opencontainers/image-spec** v1.0.1 -> 693428a734f5 * **github.com/opencontainers/runc** v1.0.0-rc93 -> v1.1.0 * **github.com/opencontainers/runtime-spec** e6143ca7d51d -> 1c3f411f0417 * **github.com/opencontainers/selinux** v1.8.0 -> v1.10.0 * **github.com/pelletier/go-toml** v1.8.1 -> v1.9.3 * **github.com/prometheus/client_golang** v1.7.1 -> v1.11.0 * **github.com/prometheus/common** v0.10.0 -> v0.30.0 * **github.com/prometheus/procfs** v0.6.0 -> v0.7.3 * **github.com/satori/go.uuid** v1.2.0 **_new_** * **github.com/sirupsen/logrus** v1.7.0 -> v1.8.1 * **github.com/spf13/pflag** v1.0.5 **_new_** * **github.com/stretchr/testify** v1.6.1 -> v1.7.0 * **github.com/vishvananda/netlink** f5de75959ad5 **_new_** * **github.com/vishvananda/netns** 2eb08e3e575f **_new_** * **go.etcd.io/bbolt** v1.3.5 -> v1.3.6 * **go.opencensus.io** v0.22.3 -> v0.23.0 * **go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc** v0.28.0 **_new_** * **go.opentelemetry.io/otel** v1.3.0 **_new_** * **go.opentelemetry.io/otel/exporters/otlp/internal/retry** v1.3.0 **_new_** * **go.opentelemetry.io/otel/exporters/otlp/otlptrace** v1.3.0 **_new_** * **go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc** v1.3.0 **_new_** * **go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp** v1.3.0 **_new_** * **go.opentelemetry.io/otel/sdk** v1.3.0 **_new_** * **go.opentelemetry.io/otel/trace** v1.3.0 **_new_** * **go.opentelemetry.io/proto/otlp** v0.11.0 **_new_** * **golang.org/x/crypto** 0c34fe9e7dc2 -> 32db794688a5 * **golang.org/x/net** e18ecbb05110 -> fe4d6282115f * **golang.org/x/oauth2** bf48bf16ab8d -> 2bc19b11175f * **golang.org/x/sync** 09787c993a3a -> 036812b2e83c * **golang.org/x/sys** 47abb6519492 -> 1d35b9e2eb4e * **golang.org/x/term** 7de9c90e9dd1 -> 6886f2dfbf5b * **golang.org/x/text** v0.3.4 -> v0.3.7 * **golang.org/x/time** 3af7569d3a1e -> 1f47c861a9ac * **google.golang.org/appengine** v1.6.5 -> v1.6.7 * **google.golang.org/grpc** v1.27.1 -> v1.43.0 * **google.golang.org/protobuf** v1.27.1 **_new_** * **gopkg.in/yaml.v3** 9f266ea9e77c -> 496545a6307b * **k8s.io/api** v0.20.6 -> v0.22.5 * **k8s.io/apimachinery** v0.20.6 -> v0.22.5 * **k8s.io/apiserver** v0.20.6 -> v0.22.5 * **k8s.io/client-go** v0.20.6 -> v0.22.5 * **k8s.io/component-base** v0.20.6 -> v0.22.5 * **k8s.io/cri-api** v0.20.6 -> v0.23.1 * **k8s.io/klog/v2** v2.4.0 -> v2.30.0 * **k8s.io/utils** 67b214c5f920 -> cb0fa318a74b * **sigs.k8s.io/structured-merge-diff/v4** v4.0.3 -> v4.1.2 Previous release can be found at [v1.5.0](https://github.com/containerd/containerd/releases/tag/v1.5.0)
39259a8
2022-02-16 09:48
下载
v1.6.0-rc.4
containerd 1.6.0-rc.4 Welcome to the v1.6.0-rc.4 release of containerd! *This is a pre-release of containerd* The seventh major release of containerd includes many improvements and added support to increase overall compatibility and stability. ### Highlights #### Runtime * **Add runtime label to metrics** ([#5744](https://github.com/containerd/containerd/pull/5744)) * **Cleanup task delete logic in v2 shim** ([#5813](https://github.com/containerd/containerd/pull/5813)) * **Add support for shim plugins** ([#5817](https://github.com/containerd/containerd/pull/5817)) * **Handle sigint and sigterm in shimv2** ([#5828](https://github.com/containerd/containerd/pull/5828)) * **Decouple shim and task manager** ([#5918](https://github.com/containerd/containerd/pull/5918)) * **Add runc shim support for core scheduling** ([#6011](https://github.com/containerd/containerd/pull/6011)) * **Update shim client connect attempt to fail fast when shim errors** ([#6031](https://github.com/containerd/containerd/pull/6031)) * **Add support for absolute path to shim binaries** ([#6206](https://github.com/containerd/containerd/pull/6206)) * **Update runc to v1.1.0** ([#6375](https://github.com/containerd/containerd/pull/6375)) #### Windows * **Add support for Windows HostProcess containers** ([#5131](https://github.com/containerd/containerd/pull/5131)) * **Add support for Windows resource limits** ([#5778](https://github.com/containerd/containerd/pull/5778)) #### CRI * **Add CNI configuration based on runtime class** ([#4695](https://github.com/containerd/containerd/pull/4695)) * **Add support for Intel RDT** ([#5439](https://github.com/containerd/containerd/pull/5439)) * **Add support for CRI v1 and v1alpha in parallel** ([#5619](https://github.com/containerd/containerd/pull/5619)) * **Add support for unified resources field for cgroups v2** ([#5627](https://github.com/containerd/containerd/pull/5627)) * **Add IP preference configuration for reporting pod IP** ([#5964](https://github.com/containerd/containerd/pull/5964)) * **Implement new CRI pod sandbox stats API** ([#6113](https://github.com/containerd/containerd/pull/6113)) * **Add sandbox and container latency metrics** ([#6111](https://github.com/containerd/containerd/pull/6111)) * **Add namespace to ttrpc and grpc plugin connections** ([#6130](https://github.com/containerd/containerd/pull/6130)) * **Add option to allow ping sockets and privileged ports with no capabilities** ([#6170](https://github.com/containerd/containerd/pull/6170)) * **Add support for configuring swap** ([#6320](https://github.com/containerd/containerd/pull/6320)) #### Other * **Add support for client TLS Auth for grpc** ([#5606](https://github.com/containerd/containerd/pull/5606)) * **Add xfs support for devicemapper snapshotter** ([#5610](https://github.com/containerd/containerd/pull/5610)) * **Add metric exposing build version and revision** ([#5965](https://github.com/containerd/containerd/pull/5965)) * **Add support for custom fs options in devmapper snapshotter** ([#6122](https://github.com/containerd/containerd/pull/6122)) * **Update introspection service to show GRPC plugins** ([#6432](https://github.com/containerd/containerd/pull/6432)) #### Client * **Allow WithServices to use custom implementations** ([#5709](https://github.com/containerd/containerd/pull/5709)) * **Support custom compressor for walking differ** ([#5735](https://github.com/containerd/containerd/pull/5735)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Phil Estes * Akihiro Suda * Wei Fu * Maksym Pavlenko * Sebastiaan van Stijn * Michael Crosby * Kazuyoshi Kato * Mike Brown * Claudiu Belu * Daniel Canter * haoyun * Brian Goff * Gabriel Adrian Samfira * Stefan Berger * zounengren * AdamKorcz * Adelina Tuvenie * Kohei Tokunaga * Davanum Srinivas * Nashwan Azhari * Samuel Karp * Shiming Zhang * Markus Lehtonen * Enrico Weigelt, metux IT consult * Alakesh Haloi * Hajime Tazaki * Iceber Gu * Kevin Parsons * Aditi Sharma * Jeremi Piotrowski * David Porter * Gijs Peskens * ningmingxiao * Brandon Lum * Cody Roseborough * Danielle Lancashire * Eric Ernst * Jacob MacElroy * Tõnis Tiigi * dependabot[bot] * wanglei * Alexandre Peixoto Ferreira * Fabiano Fidêncio * Furkan Türkal * Jiaming Xu * Kir Kolyshkin * Miao Wang * Neil Johnson * Paul "TBBle" Hampson * Priyanka Saggu * Romain Aviolat * Samuel Ortiz * Sunghoon Kang * Takumasa Sakao * Tobias Klauser * Zhiyu Li * ye.sijun * Alexander Minbaev * Alexey Ivanov * Andrey Smirnov * Artem Khramov * Aurelien Lun-Sin * Ben Hutchings * Cory Bennett * Da McGrady * Dan Williams * Eng Zer Jun * Ethan Chen * Fupan Li * Gaurav Gahlot * Gunju Kim * Henry Wang * Jacob Blain Christen * James Gordon * James Sturtevant * Jan Klippel * Jayme Howard * Jiajun Jiang * Jintao Zhang * Justin Terry * Kaijie Chen * Kante * Kern Walster * Kitt Hsu * Lantao Liu * Ma Xinjian * Manabu Sugimoto * Manuel Alejandro de Brito Fontes * Mark Rossetti * Markus Lippert * Mikko Ylinen * Ng Yang * Nicolas Chariglione * Ning Li * Olli Janatuinen * Peri Thompson * Quan Tian * Radostin Stoyanov * Rui Lopes * Sambhav Kothari * Sebastian Hasler * Sergey Kanzhelev * Sören Tempel * Yang Yang * Yifan Yuan * Zilong Wang * Zufar Dhiyaulhaq * botieking98 * chenxiaoyu * jayonlau * jerryzhuang * linrunlong * scuzhanglei * wangzhan * Étienne Guesnet ### Changes <details><summary>1044 commits</summary> <p> * Prepare release notes for v1.6.0-rc.4 ([#6537](https://github.com/containerd/containerd/pull/6537)) * Prepare release notes for v1.6.0-rc.4 * Change file name for shim binary path ([#6536](https://github.com/containerd/containerd/pull/6536)) * Change file name for shim binary path * containerd-stress: introduce option for specifying image ([#6532](https://github.com/containerd/containerd/pull/6532)) * containerd-stress: introduce option for specifying image * Prepare release notes for v1.6.0-rc.3 ([#6524](https://github.com/containerd/containerd/pull/6524)) * Prepare release notes for v1.6.0-rc.3 * Use white logo in github dark mode ([#6529](https://github.com/containerd/containerd/pull/6529)) * Use white logo in github dark mode * cri: fix handling of ignore_rdt_not_enabled_errors config option ([#6514](https://github.com/containerd/containerd/pull/6514)) * cri: fix handling of ignore_rdt_not_enabled_errors config option * pkg/oom/v2: handle EventChan routine shutdown quietly ([#6504](https://github.com/containerd/containerd/pull/6504)) * pkg/oom/v2: handle EventChan routine shutdown quietly * fix: .dockerignore make git working tree dirty ([#6523](https://github.com/containerd/containerd/pull/6523)) * fix: .dockerignore makes git working tree dirty * containerd-stress: start task ctr before starting execs ([#6518](https://github.com/containerd/containerd/pull/6518)) * containerd-stress: start task ctr before starting execs * Document fs_type and fs_options in snapshots/devmapper/README.md ([#6501](https://github.com/containerd/containerd/pull/6501)) * Document fs_type and fs_options in snapshots/devmapper/README.md * docs: add Talos Linux to the list of adopters ([#6510](https://github.com/containerd/containerd/pull/6510)) * docs: add Talos Linux to the list of adopters * Prepare 1.6.0-rc.2 ([#6502](https://github.com/containerd/containerd/pull/6502)) * Prepare release notes for v1.6.0-rc.2 * Update releases document * platforms.Normalize(): do not reset OSVersion and OSFeatures ([#6497](https://github.com/containerd/containerd/pull/6497)) * platforms.Normalize(): do not reset OSVersion and OSFeatures * tracing: use OTLP/HTTP in addition to OTLP/gRPC ([#6457](https://github.com/containerd/containerd/pull/6457)) * tracing: return (ctx, span) from StartSpan * tracing: support OTLP/HTTP in addition to gRPC * Update cgroups to v1.0.3 ([#6498](https://github.com/containerd/containerd/pull/6498)) * Update cgroups to v1.0.3 * seccomp: kernel 5.11 -> 5.16 ([#6494](https://github.com/containerd/containerd/pull/6494)) * seccomp: kernel 5.16 (futex_waitv) * seccomp: kernel 5.15 (process_mrelease) * seccomp: kernel 5.14 (quotactl_fd, memfd_secret) * seccomp: kernel 5.13 (landlock_{add_rule,create_ruleset,restrict_self}) * seccomp: kernel 5.12 (mount_setattr) * remotes: fix dockerPusher to handle abort correctly ([#6243](https://github.com/containerd/containerd/pull/6243)) * remotes: fix dockerPusher to handle abort correctly * seccomp: add support for "swapcontext" syscall in default policy ([#6411](https://github.com/containerd/containerd/pull/6411)) * seccomp: add support for "swapcontext" syscall in default policy * oci: use readonly mount to read user/group info ([#6478](https://github.com/containerd/containerd/pull/6478)) * oci: use readonly mount to read user/group info * Fix possibly incorrect media type default on import ([#6475](https://github.com/containerd/containerd/pull/6475)) * Fix possibly incorrect media type default on import * shimv2: handle sigint/sigterm ([#5828](https://github.com/containerd/containerd/pull/5828)) * shimv2: handle sigint/sigterm * Fix acr fetch token 400 ([#6481](https://github.com/containerd/containerd/pull/6481)) * fix acr fetch token 400 * platforms: add support for matching amd64 variants ([#6455](https://github.com/containerd/containerd/pull/6455)) * platforms: add support for matching amd64 variants * Fix windows periodic workflow ([#6476](https://github.com/containerd/containerd/pull/6476)) * Fix windows periodic workflow * docs: add doc-comments on GC-related methods ([#6473](https://github.com/containerd/containerd/pull/6473)) * docs: add doc-comments on GC-related methods * fix: should not send 137 code event if cmd is notfound ([#6465](https://github.com/containerd/containerd/pull/6465)) * fix: should not send 137 code event if cmd is notfound * Fix empty scopes return ([#6463](https://github.com/containerd/containerd/pull/6463)) * fix empty scopes return * Prepare release notes for v1.6.0-rc.1 ([#6462](https://github.com/containerd/containerd/pull/6462)) * Prepare release notes for v1.6.0-rc.1 * Add support for skipping non-dist blob push ([#6424](https://github.com/containerd/containerd/pull/6424)) * ctr: flag to toggle non-distributable blob push * Add image handler to skip non-distributable blobs. * Compile binaries for go1.16 and go1.17 in CI ([#6461](https://github.com/containerd/containerd/pull/6461)) * Compile binaries for go1.16 and go1.17 in CI * services/introspection: fix plugin caching to show grpc plugins ([#6432](https://github.com/containerd/containerd/pull/6432)) * Update caching logic to avoid map access * services/introspection: support to show introspection grpc service * Integration: Change to Windows Server 2022 build number constant ([#6458](https://github.com/containerd/containerd/pull/6458)) * Integration: Change to Windows Server 2022 build number constant * Update kubernetes vendor to 0.22.5 ([#6460](https://github.com/containerd/containerd/pull/6460)) * Update kubernetes vendor to 0.22.5 * Fix rdt build tags for go 1.16 ([#6459](https://github.com/containerd/containerd/pull/6459)) * Fix rdt build tags for go 1.16 * Remove submodule go mod ([#6439](https://github.com/containerd/containerd/pull/6439)) * Remove api go submodule * Update makefile to remove API submodule * go.mod: Update hcsshim to v0.9.2 ([#6453](https://github.com/containerd/containerd/pull/6453)) * go.mod: Update hcsshim to v0.9.2 * update runc to v1.1.0 ([#6375](https://github.com/containerd/containerd/pull/6375)) * go.mod: github.com/opencontainers/runc v1.1.0 * update runc binary to v1.1.0 * tracing: fix OTLP tracer's initialization ([#6443](https://github.com/containerd/containerd/pull/6443)) * tracing: fix OTLP tracer's initialization * gha: run CodeQL scan on pull requests ([#6386](https://github.com/containerd/containerd/pull/6386)) * gha: run CodeQL scan on pull requests * Do not automatically inject client traces ([#6445](https://github.com/containerd/containerd/pull/6445)) * Do not automatically inject client traces * [containerd-stress] delete useless code ([#6451](https://github.com/containerd/containerd/pull/6451)) * delete useless code * Revert "Add shared content label to namespaces" ([#6440](https://github.com/containerd/containerd/pull/6440)) * Revert "Add shared content label to namespaces" * Add ppc64 support for test images ([#6435](https://github.com/containerd/containerd/pull/6435)) * Add ppc64 support for test images * ctr: Unify the delete subcommand alias ([#6427](https://github.com/containerd/containerd/pull/6427)) * ctr: Unify the delete subcommand alias * Prepare release notes for v1.6.0-rc.0 ([#6431](https://github.com/containerd/containerd/pull/6431)) * Prepare release notes for v1.6.0-rc.0 * Integration: Switch to using `auth` Gcloud action in Windows workflow. ([#6397](https://github.com/containerd/containerd/pull/6397)) * Integration: Switch to `upload-cloud-storage` Gcloud action. * Integration: Switch to using `auth` Gcloud action in Windows workflow. * remove io/ioutil ([#6426](https://github.com/containerd/containerd/pull/6426)) * remove io/ioutil * test: e2e node COS cgroupv2 script ([#6418](https://github.com/containerd/containerd/pull/6418)) * test: e2e node COS cgroupv2 script * Integration: Enable CRITest on Windows 2022. ([#6378](https://github.com/containerd/containerd/pull/6378)) * Enable critest tests on Windows Server 2022. * Parametrize CRITest test images in Windows Periodic workflow. * Update error message for apparmor parser ([#6415](https://github.com/containerd/containerd/pull/6415)) * Update error message for apparmor parser * Fix wrong log message ([#6419](https://github.com/containerd/containerd/pull/6419)) * Fix wrong log message * Followup errors change ([#6414](https://github.com/containerd/containerd/pull/6414)) * Fix incorrect error wrapped when closing ingest file * Fix seek error used without nil check * Fix followup items from errors replacement * Updates CRI API & Kubernetes to 1.23 ([#6351](https://github.com/containerd/containerd/pull/6351)) * Update k/k to 1.23.0 * Updating adoption of containerd for AKS ([#6416](https://github.com/containerd/containerd/pull/6416)) * Updating adoption of containerd for AKS * update the adoption status of containerd in GKE ([#6413](https://github.com/containerd/containerd/pull/6413)) * update the adoption status of containerd in GKE * go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt} ([#6410](https://github.com/containerd/containerd/pull/6410)) * go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt} * replace github.com/pkg/errors with native errors ([#6366](https://github.com/containerd/containerd/pull/6366)) * feat: replace github.com/pkg/errors to errors * corrected link in cri architecture documentation ([#6412](https://github.com/containerd/containerd/pull/6412)) * corrected link in cri architecture documentation * remotes/docker: allow fetching "refresh token" (aka "identity token", "offline token") ([#6396](https://github.com/containerd/containerd/pull/6396)) * remotes/docker: allow fetching "refresh token" (aka "identity token") * remotes/docker/config: allow setting custom AuthorizerOpts * Prepare release notes for v1.6.0-beta.5 ([#6407](https://github.com/containerd/containerd/pull/6407)) * Prepare release notes for v1.6.0-beta.5 * Integration: Check GCP secrets on Windows CI artifact upload. ([#6292](https://github.com/containerd/containerd/pull/6292)) * Integration: Check GCP secrets on Windows CI artifact upload. * Github Security Advisory [GHSA-mvff-h3cj-wj9c](https://github.com/containerd/containerd/security/advisories/GHSA-mvff-h3cj-wj9c) * only relabel cri managed host mounts * Add support for Intel RDT ([#5439](https://github.com/containerd/containerd/pull/5439)) * cri: add ignore_rdt_not_enabled_errors config option * Update dependencies * cri: annotations for controlling RDT class * tasks: add Linux rdt support * cmd: add --rdt-class command line option * oci: implement WithRdt * fix: use _ for consistency ([#6391](https://github.com/containerd/containerd/pull/6391)) * fix: use _ for consistency * content/local: use syscall.Timespec.Unix ([#6403](https://github.com/containerd/containerd/pull/6403)) * content/local: use syscall.Timespec.Unix * docs: improve plugin documentation ([#6207](https://github.com/containerd/containerd/pull/6207)) * docs: document the runtime shim plugin config options * docs: use proper markdown lists in containerd-config.toml.5.md * fix(ctr): enable networking for Windows containers ([#6304](https://github.com/containerd/containerd/pull/6304)) * fix(ctr): enable networking for Windows containers * Fix $(PWD) issue for Windows makefile ([#6394](https://github.com/containerd/containerd/pull/6394)) * Fix $(PWD) issue for Windows makefile * only test abstract uds on linux ([#6395](https://github.com/containerd/containerd/pull/6395)) * fix: only test abstract unix socket on linux * Fix restart container test ([#6390](https://github.com/containerd/containerd/pull/6390)) * Expect ErrorNotFound on Windows after Kill() * Replace tskill with taskkill * fix when kernel version < 4.13rc1 by using index=off cause test error ([#6291](https://github.com/containerd/containerd/pull/6291)) * fix when kernel version < 4.13rc1 by using index=off cause overlay test error * Fix no-daemon flag for integration/client tests ([#6384](https://github.com/containerd/containerd/pull/6384)) * Fix no-daemon flag for integration/client tests * Enable lazy init for ext4 with devicemapper ([#6122](https://github.com/containerd/containerd/pull/6122)) * Enable lazy init for ext4 with devicemapper * Fix flakiness on Windows for list stats ([#6385](https://github.com/containerd/containerd/pull/6385)) * Fix flakiness on Windows for list stats * cri-integration: Add Windows defaults and fix spaces issue ([#6347](https://github.com/containerd/containerd/pull/6347)) * cri-integration: Add Windows default paths * Upgrade OpenTelemetry dependencies ([#6383](https://github.com/containerd/containerd/pull/6383)) * Upgrade k8s.io/klog/v2 from 2.9.0 to 2.20.0 * Use insecure.NewCredentials instead of grpc.WithInsecure * Upgrade OpenTelemetry dependencies * Fix default makefile target for windows ([#6322](https://github.com/containerd/containerd/pull/6322)) * Fix default makefile target for windows * Disable TestContainerHook on Windows ([#6379](https://github.com/containerd/containerd/pull/6379)) * Disable TestContainerHook on Windows * seutil: Fix setting the "container_kvm_t" label ([#6372](https://github.com/containerd/containerd/pull/6372)) * seutil: Fix setting the "container_kvm_t" label * Remove Windows integration testing for 2004. ([#6350](https://github.com/containerd/containerd/pull/6350)) * Remove Windows integration testing for 2004. * OCI: Mount (accessible) host devices in privileged rootless containers ([#6308](https://github.com/containerd/containerd/pull/6308)) * OCI: Mount (accessible) host devices in privileged rootless containers * oci.getDevices(): move "non-dir, non '/dev/console'" case into switch * cri: add support for configuring swap ([#6320](https://github.com/containerd/containerd/pull/6320)) * fixup: check for swap accounting * fixup: handle diff between cgroupsv1 and v2 * cri: add support for configuring swap * Integration: Enable TestVolumeOwnership on Windows ([#6275](https://github.com/containerd/containerd/pull/6275)) * Replace find with native Go code * Enable TestVolumeOwnership on Windows * Prepare release notes for v1.6.0-beta.4 ([#6296](https://github.com/containerd/containerd/pull/6296)) * Prepare release notes for v1.6.0-beta.4 * refactor: functions for error log and error return ([#6358](https://github.com/containerd/containerd/pull/6358)) * feat: Errorf usage * Split apart runc shim into plugin components ([#6021](https://github.com/containerd/containerd/pull/6021)) * Use task plugin for runc shim * Seperate shim manager and task service * Split runc shim into plugin components * Add shutdown package * CRI update for sandbox sizing ([#6155](https://github.com/containerd/containerd/pull/6155)) * cri, sandbox: pass sandbox resource details if available, applicable * medatada: make namespaces' deletion error less cryptic ([#6354](https://github.com/containerd/containerd/pull/6354)) * medatada: make namespaces' deletion error less cryptic * ListContainerStats to return stats response if ContainerStatsFilter is nil ([#6373](https://github.com/containerd/containerd/pull/6373)) * add-list-stat: return container list if filter is nil * integration: deflake TestContainerdRestart ([#6369](https://github.com/containerd/containerd/pull/6369)) * integration: deflake TestContainerdRestart * feat: add timeout for bolt open ([#6225](https://github.com/containerd/containerd/pull/6225)) * feat: support custom timeout for blot open * Update Go to 1.17.5 ([#6333](https://github.com/containerd/containerd/pull/6333)) * Update Go to 1.17.5 * cri/server: use consistent alias for pkg/ioutil ([#6332](https://github.com/containerd/containerd/pull/6332)) * cri/server: use consistent alias for pkg/ioutil * Disable restart monitor test in Windows ([#6364](https://github.com/containerd/containerd/pull/6364)) * Disable restart monitor test in Windows * Don't fail-fast on Windows integration tests ([#6338](https://github.com/containerd/containerd/pull/6338)) * Don't fail-fast on Windows integration tests * Update restart monitor test to output daemon logs on failure ([#6355](https://github.com/containerd/containerd/pull/6355)) * Run windows parallel integration test as short * Update restart monitor test to output daemon logs on failure * go.mod: update image-spec to latest (v1.0.3-dev) ([#6263](https://github.com/containerd/containerd/pull/6263)) * images/converter: remove deprecated types * go.mod: update image-spec to latest (v1.0.3-dev) * Skip WithAdditionalGIDs on Darwin ([#6353](https://github.com/containerd/containerd/pull/6353)) * Skip WithAdditionalGIDs on Darwin * Use RFC3339 format on Windows periodic resource group creation so cleanup works ([#6303](https://github.com/containerd/containerd/pull/6303)) * Use RFC3339 format so rg cleanup works * update runc to v1.0.3 ([#6330](https://github.com/containerd/containerd/pull/6330)) * go.mod: github.com/opencontainers/runc v1.0.3 * update runc binary to v1.0.3 * Unblock native snapshotter on Darwin ([#6329](https://github.com/containerd/containerd/pull/6329)) * Allow native snapshotter on Darwin * Do not use `go get` to install executables ([#6328](https://github.com/containerd/containerd/pull/6328)) * Do not use `go get` to install executables * Include runtime v2 in default builtins ([#6326](https://github.com/containerd/containerd/pull/6326)) * Include runtime v2 in default builtins * Add Windows Server 2022 CI runs ([#6314](https://github.com/containerd/containerd/pull/6314)) * Add Windows Server 2022 CI runs * Set explicit ACL on test files ([#6324](https://github.com/containerd/containerd/pull/6324)) * Use a single RUN command * Set explicit ACL on test files * integration: align tags of test images ([#6311](https://github.com/containerd/containerd/pull/6311)) * integration: align tags of test images * Set CONTAINERD_ROOT in Windows cri-integration ([#6325](https://github.com/containerd/containerd/pull/6325)) * Set CONTAINERD_ROOT in Windows cri-integration * export oci.DeviceFromPath() ([#6312](https://github.com/containerd/containerd/pull/6312)) * export oci.DeviceFromPath() * Update volume test images ([#6321](https://github.com/containerd/containerd/pull/6321)) * Update continuity dependency * Update volume test images * Update TestRestartMonitor expected time check ([#6201](https://github.com/containerd/containerd/pull/6201)) * Add error logging on cleanup * Update TestRestartMonitor expected time check * Move test volume images from gcr to ghcr ([#6319](https://github.com/containerd/containerd/pull/6319)) * Move volume images from gcr to ghcr * Revert shim service plugin migration ([#6301](https://github.com/containerd/containerd/pull/6301)) * Revert shim plugin migration * Authenticate against ghcr.io ([#6317](https://github.com/containerd/containerd/pull/6317)) * Add permissions * Authenticate against ghcr.io * oci/deviceFromPath(): correctly check device types ([#6306](https://github.com/containerd/containerd/pull/6306)) * oci/deviceFromPath(): correctly check device types * Skip TestExportAndImportMultiLayer on Windows ([#6315](https://github.com/containerd/containerd/pull/6315)) * Skip TestExportAndImportMultiLayer on Windows * Integration: Add image build workflow ([#6290](https://github.com/containerd/containerd/pull/6290)) * Add image build workflow * Integration: Separate Windows Periodic Tests workflow trigger. ([#6286](https://github.com/containerd/containerd/pull/6286)) * Integration: Separate Windows Periodic Tests workflow trigger. * Build volume test images on Windows ([#6274](https://github.com/containerd/containerd/pull/6274)) * Build volume test images on Windows * Add VMware TKG & TCE to Containerd adopters ([#6297](https://github.com/containerd/containerd/pull/6297)) * Add VMware TKG & TCE to Containerd adopters * Vagrantfile: update to Fedora 35 ([#6293](https://github.com/containerd/containerd/pull/6293)) * Vagrantfile: update to Fedora 35 * Update README.md repo->org ([#6269](https://github.com/containerd/containerd/pull/6269)) * Update README.md repo->org * Fix executable file not found when restoring shims ([#6278](https://github.com/containerd/containerd/pull/6278)) * Fix executable file not found when restoring shims * ctr/snapshots/diff: show media-type in stderr ([#6271](https://github.com/containerd/containerd/pull/6271)) * ctr/snapshots/diff: don't show the media-type in output * ctr: Add Linux Capabilities control flags ([#6289](https://github.com/containerd/containerd/pull/6289)) * ctr: Add Linux Capabilities control flags * integration: add stats result in error message ([#6270](https://github.com/containerd/containerd/pull/6270)) * integration: add stats result in error message * releases: mark 1.4 as Extended ([#6287](https://github.com/containerd/containerd/pull/6287)) * docs: mark 1.4 as Extended * docs: fix RELEASES.md gRPC API anchor * feat: skip ci for fork ([#6284](https://github.com/containerd/containerd/pull/6284)) * feat: skip ci for fork * content/local: Close the file if Seek fails ([#6280](https://github.com/containerd/containerd/pull/6280)) * content/local: Close the file if Seek fails * Integration: Remove explicit version passing to `azure/CLI`. ([#6268](https://github.com/containerd/containerd/pull/6268)) * Integration: Remove explicit version passing to `azure/CLI`. * Fix wrong make target on documentation ([#6276](https://github.com/containerd/containerd/pull/6276)) * Fix wrong make target on documentation * fix: server error return ([#6272](https://github.com/containerd/containerd/pull/6272)) * fix: server error return * Prepare release notes for v1.6.0-beta.3 ([#6267](https://github.com/containerd/containerd/pull/6267)) * Prepare release notes for v1.6.0-beta.3 * Update API version in go.mod * Update release name to use consistent format * feat:support custom callopts on client side ([#6254](https://github.com/containerd/containerd/pull/6254)) * fix: make max recv/send msg size setting default * feat:support custom callopts on client side * [CRI] Fix panic when registry.mirrors use localhost ([#6258](https://github.com/containerd/containerd/pull/6258)) * [CRI] Fix panic when registry.mirrors use localhost * Add support for TMP override on toml ([#6241](https://github.com/containerd/containerd/pull/6241)) * Add support for TMP override on toml * CRI: Support enable_unprivileged_icmp and enable_unprivileged_ports options ([#6170](https://github.com/containerd/containerd/pull/6170)) * CRI: Support enable_unprivileged_icmp and enable_unprivileged_ports options * Github Security Advisory [GHSA-5j5w-g665-5m35](https://github.com/containerd/containerd/security/advisories/GHSA-5j5w-g665-5m35) * schema1: reject ambiguous documents * images: validate document type before unmarshal * [cri] add sandbox and container latency metrics ([#6111](https://github.com/containerd/containerd/pull/6111)) * [cri] add sandbox and container latency metrics * Integration: Generalize Windows CI setup scripts for any username. ([#6255](https://github.com/containerd/containerd/pull/6255)) * Generalize Windows CI setup script for any user. * Standardize cmdlet capitalization in Windows CI scripts. * feat: use rwmutex instead ([#6253](https://github.com/containerd/containerd/pull/6253)) * feat: use rwmutex instead * Allow absolute path to shim binaries ([#6206](https://github.com/containerd/containerd/pull/6206)) * Fix package alias * Support custom runtime path when launching tasks * Add runtime path in CreateTaskRequest * Close file if permission modification fails ([#6246](https://github.com/containerd/containerd/pull/6246)) * Close file if permission modification fails * release: change tar name to match prior releases ([#6250](https://github.com/containerd/containerd/pull/6250)) * release: change tar name to match prior releases * Fix wrong error returned for image index lookup ([#6237](https://github.com/containerd/containerd/pull/6237)) * Fix wrong error returned for image index lookup * Fix containerd fails to pull OCI image with non-`http(s)://` urls ([#6221](https://github.com/containerd/containerd/pull/6221)) * Fix containerd fails to pull OCI image with non-`http(s)://` urls * Prepare release notes for v1.6.0-beta.2 ([#6223](https://github.com/containerd/containerd/pull/6223)) * Prepare release notes for v1.6.0-beta.2 * Add arm64 to releases ([#6196](https://github.com/containerd/containerd/pull/6196)) * Rename release dockerfile to omit distro name * release: improve dockerfile * Add arm64 to releases * use write lock when updating container stats ([#6236](https://github.com/containerd/containerd/pull/6236)) * use write lock when updating container stats * go.mod: Bump hcsshim to v0.9.1 ([#6230](https://github.com/containerd/containerd/pull/6230)) * go.mod: Bump hcsshim to v0.9.1 * go.mod: Bump ttrpc to 1.1.0 ([#6228](https://github.com/containerd/containerd/pull/6228)) * go.mod: Bump ttrpc to 1.1.0 * go.mod: bump moby/sys/symlink v0.2.0, moby/sys/signal v0.6.0, moby/sys/mountinfo v0.5.0 ([#6213](https://github.com/containerd/containerd/pull/6213)) * go.mod: github.com/moby/sys/mountinfo v0.5.0 * go.mod: github.com/moby/sys/signal v0.6.0 * go.mod: github.com/moby/sys/symlink v0.2.0 * go.mod: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359 * cleanup: add more description on comment ([#6222](https://github.com/containerd/containerd/pull/6222)) * cleanup: add more description on comment * Update Go to 1.17.3 ([#6211](https://github.com/containerd/containerd/pull/6211)) * Update Go to 1.17.3 * CI: bump up crun: 1.0 -> 1.3 ([#6214](https://github.com/containerd/containerd/pull/6214)) * CI: bump up crun: 1.0 -> 1.3 * Pin az CLI version in windows-periodic workflow ([#6205](https://github.com/containerd/containerd/pull/6205)) * Pin az CLI version * Decouple task manager ([#5918](https://github.com/containerd/containerd/pull/5918)) * Address PR comments * Fix build after rebase * Migrate task directory * Expose shim process interface * Fix after rebase * Cleanup shim loading * Move shim restore to a separate file * Fix backward compatibility with old task shims * Add plugin dependency between shim and shim services * Rework task create and cleanup flow * Add task manager * Rename task manager to shim manager * [cri] Implement k8s 1.23 CRI Pod Sandbox and Container Stats ([#6113](https://github.com/containerd/containerd/pull/6113)) * Implement CRI container and pods stats * Vendor latest k8s.io/cri-api and netlink * test: Add grace period for restart monitor test ([#6200](https://github.com/containerd/containerd/pull/6200)) * test: Add grace period for restart monitor test * integration: Enables TestRuntimeHandler for Windows ([#6179](https://github.com/containerd/containerd/pull/6179)) * integration: Enables TestRuntimeHandler for Windows * Add mkdir on Dockerfile ([#6171](https://github.com/containerd/containerd/pull/6171)) * Add mkdir on Dockerfile * sys/reaper: avoid leaky goroutine when exec timeout ([#6189](https://github.com/containerd/containerd/pull/6189)) * sys/reaper: avoid leaky goroutine when exec timeout * adds additional debug out to timebox cni setup ([#6184](https://github.com/containerd/containerd/pull/6184)) * adds additional debug out to timebox cni setup * converter: Allow hooks during image conversion ([#6176](https://github.com/containerd/containerd/pull/6176)) * converter: Allow hooks during image conversion * compression: support zstd with skippable frame ([#6177](https://github.com/containerd/containerd/pull/6177)) * compression: support zstd with skippable frame * integration: Enables TestVolumeCopyUp for Windows ([#6182](https://github.com/containerd/containerd/pull/6182)) * integration: Enables TestVolumeCopyUp for Windows * integration: Enable some tests for Windows (part 2) ([#6121](https://github.com/containerd/containerd/pull/6121)) * integration: Enable some tests for Windows (part 2) * integration: Enable some tests for Windows ([#6085](https://github.com/containerd/containerd/pull/6085)) * integration: Enable some tests for Windows * Update doc to version 2 syntax ([#6125](https://github.com/containerd/containerd/pull/6125)) * feat(doc): update to version 2 syntax * fix shim reaper wait command execute blocked ([#6166](https://github.com/containerd/containerd/pull/6166)) * fix shim reaper wait command execute blocked * content: close stream after commit request ([#6145](https://github.com/containerd/containerd/pull/6145)) * content: close stream after commit request * Generating token options with each scope as a separate string. ([#6165](https://github.com/containerd/containerd/pull/6165)) * Adding scope tests for ParseAuthHeader * Adding tests for GenerateTokenOptions * Generate token options with each scope as a separate string. * vendor: Updates go-cni ([#6167](https://github.com/containerd/containerd/pull/6167)) * vendor: Updates go-cni * commands: Enables task metrics for Windows ([#6159](https://github.com/containerd/containerd/pull/6159)) * commands: Enables task metrics for Windows * vendor: update moby/sys for darwin support ([#6149](https://github.com/containerd/containerd/pull/6149)) * vendor: update moby/sys for darwin support * Prepare v1.6.0-beta.1 ([#6144](https://github.com/containerd/containerd/pull/6144)) * Prepare release notes for v1.6.0-beta.1 * Update mailmap * Update api vendor * bump cni to spec v1.0.0 ([#6136](https://github.com/containerd/containerd/pull/6136)) * bump CNI to spec v1.0.0 * Inject otel traces to grpc client. ([#5992](https://github.com/containerd/containerd/pull/5992)) * Inject otel traces to grpc client. * client: expose (*image).platform ([#6142](https://github.com/containerd/containerd/pull/6142)) * client: expose (*image).platform * Adding documentation for Core Scheduling ([#6128](https://github.com/containerd/containerd/pull/6128)) * feat(doc): add Core Scheduling documentation * Ensure namespace is proxied to grpc/ttrpc plugins ([#6130](https://github.com/containerd/containerd/pull/6130)) * Ensure namespace is proxied to grpc/ttrpc plugins * fix #6054 MaxConcurrentDownloads is not effect when Unpack is true ([#6109](https://github.com/containerd/containerd/pull/6109)) * fix #6054 MaxConcurrentDownloads is not effect when Unpack is true * Output a warning for label image labels instead of erroring ([#6124](https://github.com/containerd/containerd/pull/6124)) * Output a warning for label image labels instead of erroring * Fix spelling mistake in Windows snapshotter ([#6132](https://github.com/containerd/containerd/pull/6132)) * Fix spelling mistake in Windows snapshotter * Windows: Cleanup rm- prefixed layers ([#6126](https://github.com/containerd/containerd/pull/6126)) * Windows: Cleanup rm- prefixed layers * cleanup deprecated package `io/ioutil ` ([#6118](https://github.com/containerd/containerd/pull/6118)) * io/ioutil package has been deprecated in Go 1.16 that replaces io/ioutil functions * close Writer after use which may memory leak ([#6115](https://github.com/containerd/containerd/pull/6115)) * close Writer after use which may leak mem * Adds Windows resource limits support ([#5778](https://github.com/containerd/containerd/pull/5778)) * Adds Windows resource limits support * Prepare release notes for v1.6.0-beta.0 ([#6098](https://github.com/containerd/containerd/pull/6098)) * Prepare release notes for v1.6.0-beta.0 * Add error message to in TestContainerdRestart integration test ([#6105](https://github.com/containerd/containerd/pull/6105)) * Add error message to in TestContainerdRestart integration test * Fix typo in the NewContainer function documentation ([#6110](https://github.com/containerd/containerd/pull/6110)) * Fix typo in the NewContainer function documentation * Update cgroups to v1.0.2 ([#6104](https://github.com/containerd/containerd/pull/6104)) * Update cgroups to v1.0.2 * btrfs: verify file content after mount ([#6100](https://github.com/containerd/containerd/pull/6100)) * test: check file content after mount * Update test timeout based on recent cancellations ([#6107](https://github.com/containerd/containerd/pull/6107)) * Update test timeout based on recent cancellations * Check the pid in cri test teardown ([#6106](https://github.com/containerd/containerd/pull/6106)) * Remove extra test_teardown * Check the pid in cri test teardown * add runc shim support for sched core ([#6011](https://github.com/containerd/containerd/pull/6011)) * fix integration client vendor * add runc shim support for sched core * integration: Enables Windows containerd restart test ([#5579](https://github.com/containerd/containerd/pull/5579)) * integration: Enables Windows containerd restart test * vendor: Bump hcsshim to 0.9.0 ([#6099](https://github.com/containerd/containerd/pull/6099)) * vendor: Bump hcsshim to 0.9.0 * [cri] Add CNI conf based on runtime class ([#4695](https://github.com/containerd/containerd/pull/4695)) * Add CNI conf based on runtime class * Update Go to 1.17.2 ([#6102](https://github.com/containerd/containerd/pull/6102)) * Update Go to 1.17.2 * integration: Adds test for multilayer image import ([#5933](https://github.com/containerd/containerd/pull/5933)) * integration: Adds test for multilayer image import * runtime: should fail fast if dial error on shim ([#6031](https://github.com/containerd/containerd/pull/6031)) * runtime: should fail fast if dial error on shim * Fixes Windows containers with image volumes ([#6034](https://github.com/containerd/containerd/pull/6034)) * Windows: Fixes Windows containers with image volumes * run `gofmt` with GO 1.17 ([#6094](https://github.com/containerd/containerd/pull/6094)) * run `gofmt` with Go 1.17 * pkg/cap: remove an outdated comment ([#6088](https://github.com/containerd/containerd/pull/6088)) * pkg/cap: remove an outdated comment * Update go otel 1.0.1 ([#6066](https://github.com/containerd/containerd/pull/6066)) * Update go otel 1.0.1 * Update ADOPTERS.md with additional uses ([#6086](https://github.com/containerd/containerd/pull/6086)) * Update ADOPTERS.md with additional uses * modify the way for checking cos ([#6082](https://github.com/containerd/containerd/pull/6082)) * modify the way for checking cos * Fuzzing: Add fuzzers + small modifications ([#5915](https://github.com/containerd/containerd/pull/5915)) * Fuzzing: Add 4 fuzzers + small modifications * Fixes for Windows CI ([#6081](https://github.com/containerd/containerd/pull/6081)) * Pin mingw to version 10.2.0 * Update to golang 1.17.1 * Install nssm * Github Security Advisory [GHSA-c2h3-6mxw-7mvq](https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq) * btrfs: reduce permissions on plugin directories * v1 runtime: reduce permissions for bundle dir * v2 runtime: reduce permissions for bundle dir * task service: return known error type ([#6079](https://github.com/containerd/containerd/pull/6079)) * task service: return known error type * refactor: move from io/ioutil to io and os package ([#5973](https://github.com/containerd/containerd/pull/5973)) * refactor: move from io/ioutil to io and os package * fix: import from k8s.io/utils/clock instead ([#6076](https://github.com/containerd/containerd/pull/6076)) * fix: update vendor * cleanup: import from k8s.io/utils/clock/testing instead * cleanup: import from k8s.io/utils/clock instead * feat: enable integration cri remote client to call with grpc calloptions ([#6069](https://github.com/containerd/containerd/pull/6069)) * feat: enable cri remote client to call with grpc calloptions * cleanup k8s ansible yaml (carry for #5713) ([#6074](https://github.com/containerd/containerd/pull/6074)) * cleanup k8s ansible yaml (carry for https://github.com/jayonlau <jayonlau@gmail.com>) * feat: support import image for specific platform ([#6070](https://github.com/containerd/containerd/pull/6070)) * fix: wrong flag type * feat: support import image for specific platform * Update mirror images to take target image name ([#6065](https://github.com/containerd/containerd/pull/6065)) * Update mirror images to take target image name * fix: make exec-id flag required in exec command ([#6059](https://github.com/containerd/containerd/pull/6059)) * fix: make exec-id flag required in exec command * images: enable converter to uncompress zstd ([#6052](https://github.com/containerd/containerd/pull/6052)) * images: enable converter to uncompress zstd * replace deprecated function with Domain and Path ([#5922](https://github.com/containerd/containerd/pull/5922)) * replace deprecated function * integration: Adds Windows HostProcess tests ([#5853](https://github.com/containerd/containerd/pull/5853)) * integration: Adds Windows HostProcess tests * Fix main branch build is broken ([#6047](https://github.com/containerd/containerd/pull/6047)) * Fix main branch build is broken * Add open telemetry logging hook for logrus ([#6003](https://github.com/containerd/containerd/pull/6003)) * Add open telemetry logging hook for logrus * Change `oci.WithUser` behavior for LCOW ([#6023](https://github.com/containerd/containerd/pull/6023)) * Change oci.WithUser behavior for LCOW * switch usage directly to errdefs.(ErrAlreadyExists and ErrNotFound) ([#5946](https://github.com/containerd/containerd/pull/5946)) * switch usage directly to errdefs.(ErrAlreadyExists and ErrNotFound) * import: Raise error if the imported image is filtered out ([#5926](https://github.com/containerd/containerd/pull/5926)) * import: Raise error if the imported image is filtered out * Fix panic in metadata content writer on copy error ([#6043](https://github.com/containerd/containerd/pull/6043)) * Fix panic in metadata content writer on copy error * Move tracing to plugin ([#6001](https://github.com/containerd/containerd/pull/6001)) * Move tracing to plugin * ctr: Fixes Windows image import ([#5916](https://github.com/containerd/containerd/pull/5916)) * ctr: Fixes Windows image import * update open go.opentelemetry.io v1.0.0 to fix import path ([#6017](https://github.com/containerd/containerd/pull/6017)) * go.mod: update opentelemetry modules to v1.0.0 * fix error string format ([#5979](https://github.com/containerd/containerd/pull/5979)) * fix error string format * Add github action to mirror image ([#6036](https://github.com/containerd/containerd/pull/6036)) * Add github action to mirror image * add current process state to the error message ([#6027](https://github.com/containerd/containerd/pull/6027)) * add current process state to the error message * FreeBSD: fix tar headers & the nil check on getxattr ([#5991](https://github.com/containerd/containerd/pull/5991)) * FreeBSD: fix tar headers & the nil check on getxattr * gha: collect VMs' IP addresses ([#6035](https://github.com/containerd/containerd/pull/6035)) * gha: collect Vagrant VMs' IP addresses * bump continuity and console version that remove pkg/errors ([#6033](https://github.com/containerd/containerd/pull/6033)) * bump continuity and console version that remove pkg/errors * import: Add option to prevent duplicated digest image ([#5997](https://github.com/containerd/containerd/pull/5997)) * import: Add option to skip creating digest image * ctr namespaces: improve usage string ([#5998](https://github.com/containerd/containerd/pull/5998)) * ctr namespaces: improve usage string * bump console version to v1.0.3 that remove pkg/errors ([#6028](https://github.com/containerd/containerd/pull/6028)) * bump console version to v1.0.3 that remove pkg/errors * Use github images for integration tests ([#6032](https://github.com/containerd/containerd/pull/6032)) * Use github images for integration tests * Fix typo ([#5995](https://github.com/containerd/containerd/pull/5995)) * Fix typo * Enable image config labels in ctr and CRI container creation ([#6012](https://github.com/containerd/containerd/pull/6012)) * Enable image config labels in ctr and CRI container creation * Make sure exit signals trigger an exit during init ([#5970](https://github.com/containerd/containerd/pull/5970)) * Make sure exit signals trigger an exit during init * task delete: Closes task IO before waiting ([#5974](https://github.com/containerd/containerd/pull/5974)) * task delete: Closes task IO before waiting * CI: bump up crun to 1.0 ([#5985](https://github.com/containerd/containerd/pull/5985)) * CI: bump up crun to 1.0 * seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted) ([#5982](https://github.com/containerd/containerd/pull/5982)) * seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted) * Update to Go 1.17.1 ([#5990](https://github.com/containerd/containerd/pull/5990)) * Update to Go 1.17.1 * CI: Switch to available latest images ([#5987](https://github.com/containerd/containerd/pull/5987)) * CI: Switch to available latest images * add xfs support to devicemapper snapshotter ([#5610](https://github.com/containerd/containerd/pull/5610)) * add xfs support to devicemapper snapshotter * Fixes task kill --force on Windows ([#5956](https://github.com/containerd/containerd/pull/5956)) * Fixes task kill --force on Windows * Add support for shim plugins ([#5817](https://github.com/containerd/containerd/pull/5817)) * Add support for shim plugins * vendor: update continuity for darwin support ([#5976](https://github.com/containerd/containerd/pull/5976)) * vendor: update continuity for darwin support * replace uses of os/exec with golang.org/x/sys/execabs ([#5906](https://github.com/containerd/containerd/pull/5906)) * replace uses of os/exec with golang.org/x/sys/execabs * complete integration test for pulling image with labels ([#5972](https://github.com/containerd/containerd/pull/5972)) * Additional integration tests for pulling image with labels * Fix content copy to not ignore unexpected EOF ([#5966](https://github.com/containerd/containerd/pull/5966)) * Fix content copy to not ignore unexpected EOF * add ip_pref CNI options for primary pod ip ([#5964](https://github.com/containerd/containerd/pull/5964)) * add ip_pref CNI options for primary pod ip * cri: add devices for privileged container ([#5939](https://github.com/containerd/containerd/pull/5939)) * cri: add devices for privileged container * sandbox: Allows the sandbox to be deleted in NotReady state ([#5954](https://github.com/containerd/containerd/pull/5954)) * sandbox: Allows the sandbox to be deleted in NotReady state * pin protobuild version to tag ([#5969](https://github.com/containerd/containerd/pull/5969)) * pin protobuild version to tag * Add metric exposing build version&revision ([#5965](https://github.com/containerd/containerd/pull/5965)) * use a const metric for build_info * Add metric exposing build version&revision * Feature: containerd-cri support LinuxContainerResources.Unified ([#5627](https://github.com/containerd/containerd/pull/5627)) * add cri test case * feature: add field LinuxContainerResources.Unified on cri * integration: investigate TestRestartMonitor's failure ([#5861](https://github.com/containerd/containerd/pull/5861)) * integration: investigate TestRestartMonitor's failure * Use issue forms for bug reporting ([#5917](https://github.com/containerd/containerd/pull/5917)) * Address issue forms feedback * Use issue forms for bug reporting * cri: patch update image labels ([#5945](https://github.com/containerd/containerd/pull/5945)) * cri: patch update image labels * darwin: runtime support ([#5936](https://github.com/containerd/containerd/pull/5936)) * darwin: runtime support * darwin: use the default values for socketRoot variable * Update RELEASES.md ([#5858](https://github.com/containerd/containerd/pull/5858)) * Update RELEASES.md * archive: Add WriteDiff error logs ([#5949](https://github.com/containerd/containerd/pull/5949)) * archive: Add WriteDiff error logs * replace deprecated Dialer with ContextDialer ([#5958](https://github.com/containerd/containerd/pull/5958)) * replace deprecated Dail with DailContext * Add WS2022 support in Windows Periodic tests ([#5951](https://github.com/containerd/containerd/pull/5951)) * Add WS2022 support in Windows Periodic tests * Content fuzzer: Clean up temp store dir ([#5943](https://github.com/containerd/containerd/pull/5943)) * content fuzzer: Clean up tempdir * using Hosts replace deprecated field ([#5944](https://github.com/containerd/containerd/pull/5944)) * using Hosts replace deprecated field * fix document non-synchronous ([#5947](https://github.com/containerd/containerd/pull/5947)) * fix document non-synchronous in crictl.md * go.mod: Update hcsshim to v0.8.21 ([#5929](https://github.com/containerd/containerd/pull/5929)) * go.mod: Update hcsshim to v0.8.21 * Makefile.linux: build on RISC-V with PIE ([#5937](https://github.com/containerd/containerd/pull/5937)) * Makefile.linux: build on riscv with PIE * Fix cwd flag for `ctr tasks exec` ([#5932](https://github.com/containerd/containerd/pull/5932)) * Fix cwd flag for `ctr tasks exec` * Update Pause image in tests & config ([#5927](https://github.com/containerd/containerd/pull/5927)) * Update Pause image in tests & config * cri: Devices ownership from SecurityContext ([#5122](https://github.com/containerd/containerd/pull/5122)) * cri: Devices ownership from SecurityContext * Fix pull fails on unexpected EOF ([#5921](https://github.com/containerd/containerd/pull/5921)) * Fix pull fails on unexpected EOF * Fix dir support for devices ([#5845](https://github.com/containerd/containerd/pull/5845)) * Adding testing of two devices * Fix dir support for devices V3 (#4847) * windows: The DefaultSpec platform should match the Default matcher ([#5914](https://github.com/containerd/containerd/pull/5914)) * windows: The DefaultSpec platform should match the Default matcher * Add RunAsUserName functionality for the Windows pod sandbox container ([#5865](https://github.com/containerd/containerd/pull/5865)) * Add RunAsUserName functionality for the Windows Pod Sandbox Container * bump up runc v1.0.2 ([#5899](https://github.com/containerd/containerd/pull/5899)) * go.mod: update runc to v1.0.2 * update runc binary to v1.0.2 * Run `go fmt` with Go 1.17 ([#5903](https://github.com/containerd/containerd/pull/5903)) * Run `go fmt` with Go 1.17 * go.mod: github.com/pelletier/go-toml v1.9.3 ([#5905](https://github.com/containerd/containerd/pull/5905)) * go.mod: github.com/pelletier/go-toml v1.9.3 * cri: filter selinux xattr for image volumes ([#5902](https://github.com/containerd/containerd/pull/5902)) * cri: filter selinux xattr for image volumes * Add Windows HostProcess Support ([#5131](https://github.com/containerd/containerd/pull/5131)) * Added windows hostProcess cni skip * script: update golangci-lint from v1.38.0 and v1.36.0 to v1.42.0 ([#5897](https://github.com/containerd/containerd/pull/5897)) * script: update golangci-lint from v1.38.0 and v1.36.0 to v1.42.0 * Update to Go 1.17 ([#5889](https://github.com/containerd/containerd/pull/5889)) * Bump integration timeout to 35 min * Update to Go 1.17 * integration: fix TestContainerPids ([#5896](https://github.com/containerd/containerd/pull/5896)) * integration: fix TestContainerPids * [ctr] add HOSTNAME env for host network ([#5891](https://github.com/containerd/containerd/pull/5891)) * [ctr] add HOSTNAME env for host network * Fuzzing: Add fuzzer ([#5886](https://github.com/containerd/containerd/pull/5886)) * Fuzzing: Add fuzzer * Make Cgroup driver configurable in gce configure script ([#5884](https://github.com/containerd/containerd/pull/5884)) * Add env for SystemdCgroup driver * Allow expanded DNS configuration ([#5878](https://github.com/containerd/containerd/pull/5878)) * Allow expanded DNS configuration * Fuzzing: Add 4 fuzzers ([#5863](https://github.com/containerd/containerd/pull/5863)) * Fuzzing: Add 4 fuzzers * Cleanup v2 shim ([#5813](https://github.com/containerd/containerd/pull/5813)) * Cleanup v2 shim * Fuzzing: Add experimental version of container fuzzer ([#5840](https://github.com/containerd/containerd/pull/5840)) * Use http.Get to download binaries instead of exec.Command * Fuzzing: Add experimental version of container fuzzer * add cpu-shares to ctr ([#5846](https://github.com/containerd/containerd/pull/5846)) * add cpu-shares to ctr * docs: rename master to main (it was opposite on the actual commit) ([#5847](https://github.com/containerd/containerd/pull/5847)) * docs: rename main to master * content: return the error with its timestamp ([#5849](https://github.com/containerd/containerd/pull/5849)) * content: return the error with its timestamp * Fix bad `make protos` failure ([#5857](https://github.com/containerd/containerd/pull/5857)) * Fix bad `make protos` failure * replace cri and point to new location ([#5851](https://github.com/containerd/containerd/pull/5851)) * archive docs and point to new location fix #https://github.com/containerd/cri/issues/1624 * docs: remove FOSSA's badge ([#5856](https://github.com/containerd/containerd/pull/5856)) * docs: remove FOSSA's badge * BUILDING.md: remove some bits about building runc ([#5850](https://github.com/containerd/containerd/pull/5850)) * BUILDING.md: remove some bits about building runc * BUILDING.md: markdown fixes * go.mod: update k8s deps to v1.22.0 ([#5836](https://github.com/containerd/containerd/pull/5836)) * go.mod: update kubernetes to v1.22.0 * [Scripts] Add trap to cri-integration test script ([#5852](https://github.com/containerd/containerd/pull/5852)) * Add trap to cri-integration test script * docs: list all snapshotter-related build flags ([#5848](https://github.com/containerd/containerd/pull/5848)) * docs: list all snapshotter-related build flags * Move plugin context events into separate plugin ([#5835](https://github.com/containerd/containerd/pull/5835)) * Move plugin context events into separate plugin * Fix Linux CI Linter using Go 1.15.14 ([#5839](https://github.com/containerd/containerd/pull/5839)) * Fix Linux CI Linter using go 1.15.14 * Update Go to 1.16.7 ([#5842](https://github.com/containerd/containerd/pull/5842)) * Update Go to 1.16.7 * Cleanup CI ([#5838](https://github.com/containerd/containerd/pull/5838)) * Cleanup CI * Remove redundant build tags ([#5834](https://github.com/containerd/containerd/pull/5834)) * Remove redundant build tags * Change default directories on Darwin ([#5830](https://github.com/containerd/containerd/pull/5830)) * Change default directories on Darwin * [otel-tracing] Initial opentelemetry support ([#5731](https://github.com/containerd/containerd/pull/5731)) * [otel-tracing] vendor and go modules changes * [otel-tracing] Initial opentelemetry support * remove go 1.13 from containerd * Fuzzing: Fix for OSS-fuzz issue 36825 ([#5829](https://github.com/containerd/containerd/pull/5829)) * Fuzzing: Fix for OSS-fuzz issue 36825 * Fuzzing: Add two fuzzers ([#5825](https://github.com/containerd/containerd/pull/5825)) * Fuzzing: Add two more fuzzers * scripts: linting fixes, and remove support for Debian Jessie (as it's EOL) ([#5760](https://github.com/containerd/containerd/pull/5760)) * scripts: declare ROOT closer to where it's used, and some DRY changes * scripts: add missing quotes, and minor linting issues * test/build-utils.sh: remove support for Debian Jessie * platforms: Format(): use path.Join() instead of joinNotEmpty() ([#5821](https://github.com/containerd/containerd/pull/5821)) * platforms: Format(): use path.Join() instead of joinNotEmpty() * Fuzzing: Remove panics of container_fuzzer ([#5823](https://github.com/containerd/containerd/pull/5823)) * Fuzzing: Remove panics of container_fuzzer * Fuzzing: Add container fuzzer ([#5785](https://github.com/containerd/containerd/pull/5785)) * Change protoc link * Split fuzzer to two fuzzers * Fuzzing: Add container fuzzer * runtime: fix the issue of create new socket with abstract address ([#5746](https://github.com/containerd/containerd/pull/5746)) * runtime: fix the issue of create new socket with abstract address * mergo: Upgrade to 0.3.12 to fix panic ([#5809](https://github.com/containerd/containerd/pull/5809)) * mergo: Upgrade to 0.3.12 to fix panic * ci: install criu from PPA ([#5802](https://github.com/containerd/containerd/pull/5802)) * ci: install criu from PPA * Update release workflow to upload binary without CNI ([#5144](https://github.com/containerd/containerd/pull/5144)) * Split release steps into multiple tasks * Update release workflow to upload binary without CNI * Enable critest on Windows Periodic Jobs ([#5725](https://github.com/containerd/containerd/pull/5725)) * Enable critest on Windows * Script to check if entries in go.mod files are in sync ([#5792](https://github.com/containerd/containerd/pull/5792)) * Script to check if entries in go.mod files are in sync * Add a sharedNamespace label ([#5043](https://github.com/containerd/containerd/pull/5043)) * Add shared content label to namespaces * platforms: add "ios" as known OS, "loong64" as known ARCH ([#5784](https://github.com/containerd/containerd/pull/5784)) * platforms: add "ios" as known OS, "loong64" as known ARCH * Updates the location of protobuf downloads ([#5804](https://github.com/containerd/containerd/pull/5804)) * Updates the location of protobuf downloads in docs * Update protobuf install to use correct repository ([#5803](https://github.com/containerd/containerd/pull/5803)) * Update protobuf install to use correct repository * overlay: expose upperdir location of each snapshot via an optional label ([#5624](https://github.com/containerd/containerd/pull/5624)) * overlay: add an optional label of upperdir location of each snapshot * Support SIGRTMIN+n signals ([#5693](https://github.com/containerd/containerd/pull/5693)) * Support SIGRTMIN+n signals * respect context timeout in shim binary call ([#5800](https://github.com/containerd/containerd/pull/5800)) * respect context timeout in shim binary call * Introduce a new go module - containerd/api for use in standalone clients ([#5716](https://github.com/containerd/containerd/pull/5716)) * Introduce a new go module - containerd/api for use in standalone clients * grpc config add options tcp_client_ca_cert ([#5606](https://github.com/containerd/containerd/pull/5606)) * grpc config add options tcp_tls_ca * integration: Windows volume-copy-up images ([#5162](https://github.com/containerd/containerd/pull/5162)) * integration: Windows volume-copy-up images * add CRI support matrix to RELEASES.md ([#5795](https://github.com/containerd/containerd/pull/5795)) * add CRI support matrix to RELEASES.md * adding a little more clarity ([#5794](https://github.com/containerd/containerd/pull/5794)) * adding a little more clarity * update gotestsum to v1.7.0 ([#5793](https://github.com/containerd/containerd/pull/5793)) * update gotestsum to v1.7.0 * Discard blocks when removing a thin device ([#5756](https://github.com/containerd/containerd/pull/5756)) * Discard blocks when removing a thin device * Makefile: fix passing build tags ([#5590](https://github.com/containerd/containerd/pull/5590)) * Makefile: pass build tags to manpage build process * Makefile: fix tags parameter computation * Add runtime label to metrics ([#5744](https://github.com/containerd/containerd/pull/5744)) * Add runtime label to metrics * interface about shim build check ([#5745](https://github.com/containerd/containerd/pull/5745)) * interface about shim build check * integration: log all processes to investigate the test failure ([#5775](https://github.com/containerd/containerd/pull/5775)) * integration: log all processes to investigate the test failure * Fuzzing: Add archive fuzzer ([#5779](https://github.com/containerd/containerd/pull/5779)) * Fuzzing: Add archive fuzzer * Add docker.Fetch fuzzer ([#5687](https://github.com/containerd/containerd/pull/5687)) * Add docker fetch fuzzer * Support custom compressor for walking differ ([#5735](https://github.com/containerd/containerd/pull/5735)) * Support custom compressor for walking differ * remotes/docker/pusher.go: Fix missing Close() on push to docker remote ([#5770](https://github.com/containerd/containerd/pull/5770)) * remotes/docker/pusher.go: Fix missing Close() * remotes/docker/fetcher.go: Fix missing Close() on fetch from docker remote ([#5769](https://github.com/containerd/containerd/pull/5769)) * remotes/docker/fetcher.go: Fix missing Close() * Update cpuguy83/go-md2man binary to v2.0.1 ([#5771](https://github.com/containerd/containerd/pull/5771)) * Update cpuguy83/go-md2man binary to v2.0.1 * Refactor / optimize contrib/Dockerfile.test ([#5750](https://github.com/containerd/containerd/pull/5750)) * Dockerfile.test: build containerd in separate stage * Dockerfile.test: add GOLANG_IMAGE build arg to allow overriding * Dockerfile.test: clean up apt indexes after installing * Dockerfile.test: build critools in a separate stage * Dockerfile.test: build cni in a separate stage * Dockerfile.test: standard directory to collect build aftifacts * Dockerfile.test: split dev stage, and optimize order * Dockerfile.test: skip curl, gcc, git and make install * install-critools: make sure DESTDIR exists * update gotestsum to current master ([#5754](https://github.com/containerd/containerd/pull/5754)) * update gotestsum to current master * Github Security Advisory [GHSA-c72p-9xmj-rx3w](https://github.com/containerd/containerd/security/advisories/GHSA-c72p-9xmj-rx3w) * Add test for archive breakout test for lchmod * Use systemd cgroup driver for Kubernetes e2e tests with cgroupsv2 ([#5755](https://github.com/containerd/containerd/pull/5755)) * Use systemd cgroup driver for cgroupv2 tests * update runc to v1.0.1 ([#5751](https://github.com/containerd/containerd/pull/5751)) * go.mod: runc v1.0.1 * update runc binary to v1.0.1 * runtime: runc v2: remove redundant validation ([#5737](https://github.com/containerd/containerd/pull/5737)) * runtime: runc v2: remove redundant validation * Add timestamp to flaky restart monitor test ([#5727](https://github.com/containerd/containerd/pull/5727)) * Move loop check to before sleep * Add timestamp to flaky restart monitor test * Update Go to 1.16.6 ([#5722](https://github.com/containerd/containerd/pull/5722)) * integration/client: go mod tidy * Update Go to 1.16.6 * client: surface a connection error more clearly ([#4447](https://github.com/containerd/containerd/pull/4447)) * client: surface a connection error more clearly * Fix missing Body.Close() calls on push to docker remote ([#5712](https://github.com/containerd/containerd/pull/5712)) * Fix missing Body.Close() calls on push to docker remote * remove pkg/cri/platforms package ([#5710](https://github.com/containerd/containerd/pull/5710)) * remove pkg/cri/platforms package * Allow WithServices to use custom implementations ([#5709](https://github.com/containerd/containerd/pull/5709)) * Allow WithServices to use custom implementations * [Vendor] Update hcsshim to 0.8.18 ([#5673](https://github.com/containerd/containerd/pull/5673)) * [Vendor] Update hcsshim to 0.8.18 * test integration: Adds a test that restarts a failed container ([#5578](https://github.com/containerd/containerd/pull/5578)) * test integration: Adds a test that restarts a failed container * [CRI] move up to CRI v1 and support v1alpha in parallel ([#5619](https://github.com/containerd/containerd/pull/5619)) * use fu wei's suggeted interface pick for marshaling * add alpha version * move up to CRI v1 and support v1alpha in parallel * gha: make release workflow work in forks ([#5682](https://github.com/containerd/containerd/pull/5682)) * gha: make release workflow work in forks * Add unit test for plugin ([#5666](https://github.com/containerd/containerd/pull/5666)) * Add unit test for plugin * Dockerfile.test: add "cri-in-userns" (aka rootless) test stage ([#5700](https://github.com/containerd/containerd/pull/5700)) * Dockerfile.test: add "cri-in-userns" (aka rootless) test stage * Update for distribution spec 1.0 ([#5676](https://github.com/containerd/containerd/pull/5676)) * Add support for registry host path override * Update documenation for OCI distribution 1.0 * archive: cleanup lchmod logic ([#5702](https://github.com/containerd/containerd/pull/5702)) * Cleanup lchmod logic in archive * Install specific golang version in Windows CI. ([#5571](https://github.com/containerd/containerd/pull/5571)) * Install specific golang version in Windows CI. * Add ctr command label in NewContainerOpts ([#5660](https://github.com/containerd/containerd/pull/5660)) * feat: Add snapshotter label to the new snapshot for container. * snapshot/devmapper: log exported methods correctly ([#5655](https://github.com/containerd/containerd/pull/5655)) * snapshot/devmapper: log exported methods correctly * Makefile: fix DESTDIR and PREFIX concatenation ([#5662](https://github.com/containerd/containerd/pull/5662)) * Makefile: fix DESTDIR and PREFIX concatenation * Cri integration cleanup ([#5287](https://github.com/containerd/containerd/pull/5287)) * tests: Use EnsureImageExists for image pulling * tests: Refactors PodSandbox creation * move sys.FMountat() into mount package and un-export ([#5641](https://github.com/containerd/containerd/pull/5641)) * un-export mount.FMountat * move sys.FMountat() into mount package * sandbox: send pod UID to CNI plugins as K8S_POD_UID ([#5640](https://github.com/containerd/containerd/pull/5640)) * sandbox: send pod UID to CNI plugins as K8S_POD_UID * sys: remove StatAtime(), StatCtime(), StatMtime() and StatATimeAsTime() utils ([#5639](https://github.com/containerd/containerd/pull/5639)) * sys: remove StatAtime(), StatCtime(), StatMtime() and StatATimeAsTime() utils * content/local: inline sys.StatATimeAsTime() ([#5633](https://github.com/containerd/containerd/pull/5633)) * content/local: inline sys.StatATimeAsTime() * allow multi gpu to be specified via ctr ([#5636](https://github.com/containerd/containerd/pull/5636)) * allow multi gpu to be specified via ctr * go.mod: runc v1.0.0 * update runc binary to v1.0.0 GA * fixing some doc links ([#5629](https://github.com/containerd/containerd/pull/5629)) * fixing some doc links * Sync integration/go.mod with root go.mod ([#5623](https://github.com/containerd/containerd/pull/5623)) * Sync integration/go.mod with root go.mod * archive: Expose ChangeWriter to allow customized diff computing ([#5615](https://github.com/containerd/containerd/pull/5615)) * archive: Expose ChangeWriter to allow customized diff computing * CI: Switch to the available latest images ([#5625](https://github.com/containerd/containerd/pull/5625)) * CI: Switch to available latest images * fix deprecation config for default runtime * Re-enable criu in main integration runs ([#5614](https://github.com/containerd/containerd/pull/5614)) * Re-enable criu in main integration runs * runtime,v2: Enable debug when containerd is on debug+ log level ([#5617](https://github.com/containerd/containerd/pull/5617)) * runtime,v2: Enable debug when containerd is on debug+ log level * github.com/golang/protobuf/proto is deprecated * Update github.com/golang/protobuf from v1.3.5 to v1.4.3 * Update google.golang.org/grpc from v1.27.1 to v1.38.0 * Increase golangci-lint timeout * ctr flags of container rootfs propagation ([#5611](https://github.com/containerd/containerd/pull/5611)) * command line flags of setting container rootfs propagation * add cgroupv2 setup for cos with a flag * Update gotestsum to add timestamps to junit output ([#5612](https://github.com/containerd/containerd/pull/5612)) * Update gotestsum to add timestamps to junit output * Allow to pass --no-cgroups option to nvidia-container-cli ([#5604](https://github.com/containerd/containerd/pull/5604)) * Allow to pass --no-cgroup option to nvidia-container-cli * Makefile: FHS conformant manpage installation pathes ([#5577](https://github.com/containerd/containerd/pull/5577)) * Makefile: FHS conformant manpage installation pathes * Add proper Go version before project checks ([#5594](https://github.com/containerd/containerd/pull/5594)) * Add proper Go version before project checks * Enable cri-integration in Windows Periodic Tests ([#5580](https://github.com/containerd/containerd/pull/5580)) * Enable cri-integration in Windows Periodic Tests * adds explanation for seccomp unset/unconfined default vs runtime default ([#5573](https://github.com/containerd/containerd/pull/5573)) * adds explanation for seccomp unset/unconfined default vs runtime default * Fix cleanup context of teardownPodNetwork ([#5569](https://github.com/containerd/containerd/pull/5569)) * Fix cleanup context of teardownPodNetwork * update integration/client go.sum ([#5572](https://github.com/containerd/containerd/pull/5572)) * update integration/client go.sum * Revert diff/walking error change ([#5566](https://github.com/containerd/containerd/pull/5566)) * Revert diff/walking error change * Update opencontainers/selinux to v1.8.2 ([#5562](https://github.com/containerd/containerd/pull/5562)) * Update opencontainers/selinux to v1.8.2 * fix invalid validation error checking ([#5565](https://github.com/containerd/containerd/pull/5565)) * fix invalid validation error checking * diff/walking: fix defer cleanup ([#5551](https://github.com/containerd/containerd/pull/5551)) * diff/walking: fix defer cleanup * Windows periodic job: Add creation timestamp to RG ([#5559](https://github.com/containerd/containerd/pull/5559)) * Add creation timestamp to RG * Fix error case in Windows layer cleanup ([#5328](https://github.com/containerd/containerd/pull/5328)) * Fix error case in Windows layer cleanup * Use DeactivateLayer to unlock layers that we cannot rename ([#5422](https://github.com/containerd/containerd/pull/5422)) * Small typo fix "reimporst" * Use DeactivateLayer to recover layers that we cannot rename * tests: Symlink volume tests ([#5284](https://github.com/containerd/containerd/pull/5284)) * tests: Symlink volume tests * Makefile: fix DESTDIR environment variable behaviour ([#5535](https://github.com/containerd/containerd/pull/5535)) * Makefile: fix DESTDIR environment variable behaviour * Change Wrapf of non-error to an actual error ([#5560](https://github.com/containerd/containerd/pull/5560)) * Change Wrapf of non-error to an actual error * Install apparmor parser for arm64 environment * scrub the stale TODO ([#5536](https://github.com/containerd/containerd/pull/5536)) * scrub the stale TODO * docs: explicitly mention containerd's Prometheus path ([#5554](https://github.com/containerd/containerd/pull/5554)) * docs: explicitly mention containerd's Prometheus path * integration: Cleanup containerd on test teardown ([#5553](https://github.com/containerd/containerd/pull/5553)) * integration: Cleanup containerd on test teardown * docs/cri: update links ([#5548](https://github.com/containerd/containerd/pull/5548)) * docs/cri: update ocicrypt link * docs/cri: fix broken links * Update Windows periodic tests ([#5544](https://github.com/containerd/containerd/pull/5544)) * Update Windows periodic tests * Add CI periodic Windows Jobs. ([#5165](https://github.com/containerd/containerd/pull/5165)) * Schedule Windows job daily after midnight. * Update windows-periodic.yml * Add CI periodic Windows Jobs. * Rename atomicWrite to writeToCompletion ([#5273](https://github.com/containerd/containerd/pull/5273)) * Rename atomicWrite to writeToCompletion * Do not run btrfs tests if btrfs kernel module is not loaded ([#5539](https://github.com/containerd/containerd/pull/5539)) * Do not run btrfs tests if btrfs kernel module is not loaded * Fix incorrect UA used for registry authentication ([#5533](https://github.com/containerd/containerd/pull/5533)) * Fix incorrect UA used for registry authentication * ctr: parse mount options with embedded = character ([#5531](https://github.com/containerd/containerd/pull/5531)) * ctr: parse mount options with embedded = character * Fix mounts for FreeBSD ([#5472](https://github.com/containerd/containerd/pull/5472)) * Add ruleset=4 option * Remove mountpoints not commonly mounted on FreeBSD * Add copyright header & make sure compilation succeeds on all platforms * Fix mounts for FreeBSD * ctr: make exec pty behavior consistent with run ([#5527](https://github.com/containerd/containerd/pull/5527)) * ctr: exec handle pty resize after Start * ctr: exec setup IO with console * Makefile: use $@ for target file names ([#5534](https://github.com/containerd/containerd/pull/5534)) * Makefile: use $@ for target file names * Fix small typo ([#5528](https://github.com/containerd/containerd/pull/5528)) * Fix small typo * Don't check for apparmor_parser to be present ([#5519](https://github.com/containerd/containerd/pull/5519)) * update the link * Don't check for apparmor_parser to be present * Remove useless lines ([#5520](https://github.com/containerd/containerd/pull/5520)) * Remove useless lines * Fixed typos in docs ([#5509](https://github.com/containerd/containerd/pull/5509)) * fixed typos * Try next mirror in case of non-404 errors, too ([#5275](https://github.com/containerd/containerd/pull/5275)) * Try next mirror in case of non-404 errors, too * bump runc version to v1.0.0-rc95 ([#5514](https://github.com/containerd/containerd/pull/5514)) * bump runc version to v1.0.0-rc95 * update runc binary to v1.0.0-rc95 ([#5511](https://github.com/containerd/containerd/pull/5511)) * update runc binary to v1.0.0-rc95 * Bump github.com/Microsoft/go-winio from 0.4.15 to 0.5.0 ([#5508](https://github.com/containerd/containerd/pull/5508)) * Bump github.com/Microsoft/go-winio from 0.4.15 to 0.5.0 * Bump github.com/opencontainers/selinux from 1.8.0 to 1.8.1 ([#5507](https://github.com/containerd/containerd/pull/5507)) * Bump github.com/opencontainers/selinux from 1.8.0 to 1.8.1 * Makefile: allow overriding install command via environment ([#5493](https://github.com/containerd/containerd/pull/5493)) * Makefile: allow overriding install command via environment * tests: Adds support for Windows cri-integration tests ([#5163](https://github.com/containerd/containerd/pull/5163)) * tests: Adds support for Windows cri-integration tests * Update docker resolver to authorize redirects ([#5504](https://github.com/containerd/containerd/pull/5504)) * Update docker resolver to authorize redirects * bump hcsshim version to v0.8.17 ([#5505](https://github.com/containerd/containerd/pull/5505)) * bump hcsshim version to v0.8.17 * Release binary update for imgcrypt ([#5498](https://github.com/containerd/containerd/pull/5498)) * just release ctd-decoder not ctr-enc * Merge remote-tracking branch 'upstream/master' * Pin integration test image for alpine * cri-integration tests: Pull images once ([#5313](https://github.com/containerd/containerd/pull/5313)) * tests: Prepull images used in tests * plugin: optimize the check for the last registration ([#5440](https://github.com/containerd/containerd/pull/5440)) * plugin: optimize the check for the last registration * metadata: modify NewLeaseManager to return leases.Manager ([#5465](https://github.com/containerd/containerd/pull/5465)) * metadata: modify NewLeaseManager to return leases.Manager * Skip TLS verification for localhost ([#5100](https://github.com/containerd/containerd/pull/5100)) * Skip TLS verification for localhost * Merge remote-tracking branch 'upstream/master' * Makefile: make sure manpages are built before install-man ([#5492](https://github.com/containerd/containerd/pull/5492)) * Makefile: make sure manpages are built before install-man * adds description for hosts.toml ([#5309](https://github.com/containerd/containerd/pull/5309)) * adds credentials description * adds description for hosts.toml * Prepare default branch rename ([#5459](https://github.com/containerd/containerd/pull/5459)) * Prepare default branch rename * Merge remote-tracking branch 'upstream/master' * Update runc to rc94 ([#5473](https://github.com/containerd/containerd/pull/5473)) * Update vendored runc to v1.0.0.0-rc94 * Update the runc binary used with containerd to runc v1.0.0-rc94 * Fix `content.ReaderAt` close ([#5468](https://github.com/containerd/containerd/pull/5468)) * Fix content.ReaderAt close * Update releases doc with updated support timeline ([#5466](https://github.com/containerd/containerd/pull/5466)) * Update releases doc with updated support timeline * tests: add test for adaptor ([#5452](https://github.com/containerd/containerd/pull/5452)) * tests: add test for adaptor * Makefile: allow overriding go command by environment ([#5450](https://github.com/containerd/containerd/pull/5450)) * Makefile: allow overriding go command by environment * update to new cri-tools make install ([#5462](https://github.com/containerd/containerd/pull/5462)) * update to new cri-tools make install * Update Go to 1.16.4 ([#5461](https://github.com/containerd/containerd/pull/5461)) * Update Go to 1.16.4 * Merge remote-tracking branch 'upstream/release/1.5' * [release/1.5] go.mod: cut circular dependency on github.com/containerd/containerd ([#5457](https://github.com/containerd/containerd/pull/5457)) * go.mod: cut circular dependency on github.com/containerd/containerd * integration/client: go mod tidy * oci: fix WithDevShmSize ([#5063](https://github.com/containerd/containerd/pull/5063)) * oci: fix WithDevShmSize * [release/1.5] cherry-pick: windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink ([#5454](https://github.com/containerd/containerd/pull/5454)) * windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink * windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink ([#5411](https://github.com/containerd/containerd/pull/5411)) * windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink * doc: add missing namespaces package ([#5448](https://github.com/containerd/containerd/pull/5448)) * doc: add missing namespaces package * update seccomp version ([#5445](https://github.com/containerd/containerd/pull/5445)) * update seccomp version * Update golang.org/x/sys to add linux/ppc support ([#5436](https://github.com/containerd/containerd/pull/5436)) * Update golang.org/x/sys to add linux/ppc support * go.mod: cut circular dependency on github.com/containerd/containerd ([#5441](https://github.com/containerd/containerd/pull/5441)) * go.mod: cut circular dependency on github.com/containerd/containerd * integration/client: go mod tidy * Fix different registry hosts referencing the same auth config. ([#5446](https://github.com/containerd/containerd/pull/5446)) * Fix different registry hosts referencing the same auth config. </p> </details> ### Changes from containerd/cgroups <details><summary>33 commits</summary> <p> * v2: Fix inotify fd leak when cgroup is deleted ([#212](https://github.com/containerd/cgroups/pull/212)) * v2: add test case for Manager.EventChan() behavior * v2: flip error handling for readKVStat("memory.events") to reduce indentation * v2: manager: factor out memory.events parsing * v2: Fix inotify leak when cgroup is deleted * fix Implicit memory aliasing in for loop ([#214](https://github.com/containerd/cgroups/pull/214)) * fix Implicit memory aliasing in for loop * Fix potential dirfd leak. ([#210](https://github.com/containerd/cgroups/pull/210)) * Fix potential dirfd leak. * cgroup: Optionally add process and task to a subsystems subset ([#203](https://github.com/containerd/cgroups/pull/203)) * cgroup: Optionally add process and task to a subsystems subset * replace pkg/errors from vendor ([#208](https://github.com/containerd/cgroups/pull/208)) * replace pkg/errors from vendor * cgroup.go: avoid panic on nil interface ([#207](https://github.com/containerd/cgroups/pull/207)) * cgroup.go: avoid panic on nil interface * Improvements on cgroup v2 support ([#204](https://github.com/containerd/cgroups/pull/204)) * cgroupv2: reset lastErr to nil when subtree control is successfully written * cgroupv2: enable controllers before setting resources in NewChild() * v2: remove unimplemented errors and ErrorHandler, IgnoreNotExist ([#201](https://github.com/containerd/cgroups/pull/201)) * v2: remove ErrorHandler and IgnoreNotExist as they are not implemented * v2: remove errors that are never returned * v1: reduce duplicated code ([#202](https://github.com/containerd/cgroups/pull/202)) * v1: reduce duplicated code * cgroup v1: implement AddProc() ([#200](https://github.com/containerd/cgroups/pull/200)) * cgroup v1: implement AddProc() * Rename branch from master to main ([#199](https://github.com/containerd/cgroups/pull/199)) * Rename branch from master to main * utils: export ParseCgroupFile() ([#197](https://github.com/containerd/cgroups/pull/197)) * utils: export ParseCgroupFile() * go.mod: coreos/go-systemd/v22 v22.3.2 to prepare for deprecations ([#194](https://github.com/containerd/cgroups/pull/194)) * go.mod: coreos/go-systemd/v22 v22.3.2 to prepare for deprecations * Use /proc/partitions to get device names ([#195](https://github.com/containerd/cgroups/pull/195)) * Use /proc/partitions to get device names </p> </details> ### Changes from containerd/console <details><summary>6 commits</summary> <p> * Fix CI ([#55](https://github.com/containerd/console/pull/55)) * Fix CI * Stop using pkg/errors * Add support for z/OS ([#46](https://github.com/containerd/console/pull/46)) * Console test on z/OS * Add support for z/OS </p> </details> ### Changes from containerd/continuity <details><summary>28 commits</summary> <p> * fs: use syscall.Timespec.Unix ([#193](https://github.com/containerd/continuity/pull/193)) * fs: use syscall.Timespec.Unix * Update CI Go version to 1.17 ([#192](https://github.com/containerd/continuity/pull/192)) * Update CI Go version to 1.17 * Build containerd/continuity on multiple Unix OSes ([#190](https://github.com/containerd/continuity/pull/190)) * Build containerd/continuity on multiple Unix OSes * Do not log errors before returning them ([#191](https://github.com/containerd/continuity/pull/191)) * Do not log errors before returning them * Copy Windows file metadata ([#188](https://github.com/containerd/continuity/pull/188)) * Copy Windows file metadata * fix fmt.Errorf("%w", err) on err == nil ([#187](https://github.com/containerd/continuity/pull/187)) * fix fmt.Errorf("%w", err) on err == nil * Remove direct dependency on github.com/pkg/errors ([#185](https://github.com/containerd/continuity/pull/185)) * run gofmt with Go 1.17 * remove direct dependency on github.com/pkg/errors * Fix darwin issues ([#186](https://github.com/containerd/continuity/pull/186)) * update AUTHORS * darwin: use utimensat syscall instead of utimes * fix darwin usage of du command * go.mod: bazil.org/fuse v0.0.0-20200407214033-5883e5a4b5125 ([#161](https://github.com/containerd/continuity/pull/161)) * go.mod: bazil.org/fuse v0.0.0-20200407214033-5883e5a4b5125 * fs/stat: add FreeBSD, and cleanup some nolint-comments ([#184](https://github.com/containerd/continuity/pull/184)) * reformat nolint comments * fs/stat: add FreeBSD * Rename branch from master to main ([#182](https://github.com/containerd/continuity/pull/182)) * Rename branch from master to main * testutil/loopback: print more debug info ([#180](https://github.com/containerd/continuity/pull/180)) * testutil/loopback: print more debug info </p> </details> ### Changes from containerd/go-cni <details><summary>18 commits</summary> <p> * run setup on networks in parallel ([#76](https://github.com/containerd/go-cni/pull/76)) * switch to direct index * run setup on networks in parallel * remove: Continue on "not found" errors ([#74](https://github.com/containerd/go-cni/pull/74)) * remove: Continue on "not found" errors * go.mod: github.com/containernetworking/cni v1.0.1 ([#72](https://github.com/containerd/go-cni/pull/72)) * go.mod: github.com/containernetworking/cni v1.0.1 * remove direct dependency on github.com/pkg/errors ([#71](https://github.com/containerd/go-cni/pull/71)) * remove direct dependency on github.com/pkg/errors * update CNI to v1.0.0 ([#70](https://github.com/containerd/go-cni/pull/70)) * test: add TestLibCNIType100 * update CNI to v1.0.0 * Rename branch from master to main ([#69](https://github.com/containerd/go-cni/pull/69)) * Rename branch from master to main * result: change Raw from a struct field to a method ([#68](https://github.com/containerd/go-cni/pull/68)) * result: change Raw from a struct field to a method * result: expose raw result ([#67](https://github.com/containerd/go-cni/pull/67)) * result: expose raw result </p> </details> ### Changes from containerd/imgcrypt <details><summary>32 commits</summary> <p> * CHANGES: Updated CHANGES document for 1.1.3 release ([#64](https://github.com/containerd/imgcrypt/pull/64)) * CHANGES: Updated CHANGES document for 1.1.3 release * docs: update project branch to main ([#63](https://github.com/containerd/imgcrypt/pull/63)) * docs: update project branch to main * Update linter to match containerd repo ([#61](https://github.com/containerd/imgcrypt/pull/61)) * Update linter to match containerd repo * update CI golang version * Bump github.com/containerd/containerd from 1.5.7 to 1.5.8 ([#59](https://github.com/containerd/imgcrypt/pull/59)) * Bump github.com/containerd/containerd from 1.5.7 to 1.5.8 * maint: Update to ocicrypt v1.1.2 ([#57](https://github.com/containerd/imgcrypt/pull/57)) * maint: Update to ocicrypt v1.1.2 * Decouple CreateCryptoConfig() from github.com/urfave/cli ([#56](https://github.com/containerd/imgcrypt/pull/56)) * Decouple CreateCryptoConfig() from github.com/urfave/cli * Bump github.com/containerd/containerd from 1.5.5 to 1.5.7 ([#55](https://github.com/containerd/imgcrypt/pull/55)) * Bump github.com/containerd/containerd from 1.5.5 to 1.5.7 * replace pkg/errors and bump related library * README: Fix CRI decryption document URL ([#53](https://github.com/containerd/imgcrypt/pull/53)) * README: Fix CRI decryption document URL * Bump github.com/containerd/containerd from 1.5.2 to 1.5.4 ([#52](https://github.com/containerd/imgcrypt/pull/52)) * Bump github.com/containerd/containerd from 1.5.2 to 1.5.4 * Bump containerd to 1.5.2 ([#51](https://github.com/containerd/imgcrypt/pull/51)) * Bump containerd to 1.5.2 * images: Implement ConvertFunc for image en- and decryption ([#49](https://github.com/containerd/imgcrypt/pull/49)) * images: Implement ConvertFunc for image en- and decryption * Add containerd-release to makefile ([#48](https://github.com/containerd/imgcrypt/pull/48)) * Remove ctr-enc from installation * vendor sync up with containerd 1.5 ga, and runc94 ([#47](https://github.com/containerd/imgcrypt/pull/47)) * sync up with containerd 1.5 ga, and runc94 * Sync ctr-enc with containerd's ctr v1.5.0-rc.3 ([#46](https://github.com/containerd/imgcrypt/pull/46)) * CICD: Run 'apt update' before pulling packages * ctr-enc: Set the version for ctr-enc when linking * Sync ctr-enc with containerd's ctr v1.5.0-rc.3 </p> </details> ### Changes from containerd/ttrpc <details><summary>34 commits</summary> <p> * Add protoc-gen-go-ttrpc ([#96](https://github.com/containerd/ttrpc/pull/96)) * Add protoc-gen-go-ttrpc * client: Handle sending/receiving in separate goroutines ([#94](https://github.com/containerd/ttrpc/pull/94)) * client: Handle sending/receiving in separate goroutines * Run Protobuild in GitHub Actions ([#95](https://github.com/containerd/ttrpc/pull/95)) * Run Protobuild in GitHub Actions * Re-generate example.pb.go * replace pkg/errors ([#93](https://github.com/containerd/ttrpc/pull/93)) * replace pkg/errors from vendor * Rename branch from master to main ([#86](https://github.com/containerd/ttrpc/pull/86)) * Rename branch from master to main * Make "go test" and "go build" work on macOS ([#85](https://github.com/containerd/ttrpc/pull/85)) * Make the example command buildable on macOS * Run GitHub Actions on macOS * Make "go test" work on macOS * Return Unimplemented when services or methods are not implemented ([#83](https://github.com/containerd/ttrpc/pull/83)) * Return Unimplemented when services or methods are not implemented * Remove "Very new" and checked TODO items ([#84](https://github.com/containerd/ttrpc/pull/84)) * Remove "Very new" and checked TODO items * removing glide from ignore ([#82](https://github.com/containerd/ttrpc/pull/82)) * removing glide from ignore * go.mod: update dependencies ([#79](https://github.com/containerd/ttrpc/pull/79)) * go.mod: github.com/prometheus/procfs v0.6.0 * go.mod: google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63 * go.mod: google.golang.org/grpc v1.27.1 * go.mod: github.com/gogo/protobuf v1.3.2 * remove travis, add codecov badge ([#78](https://github.com/containerd/ttrpc/pull/78)) * CI: add codecov badge to readme * CI: remove travis * Use GitHub Actions for CI ([#77](https://github.com/containerd/ttrpc/pull/77)) * Use GitHub Actions for CI * go.mod: sirupsen/logrus v1.7.0 ([#76](https://github.com/containerd/ttrpc/pull/76)) * go.mod: sirupsen/logrus v1.7.0 * go mod tidy </p> </details> ### Dependency Changes * **cloud.google.com/go** v0.81.0 **_new_** * **github.com/AdaLogics/go-fuzz-headers** 6c3934b029d8 **_new_** * **github.com/Microsoft/go-winio** v0.4.17 -> v0.5.1 * **github.com/Microsoft/hcsshim** v0.8.16 -> v0.9.2 * **github.com/blang/semver** v3.5.1 **_new_** * **github.com/cenkalti/backoff/v4** v4.1.2 **_new_** * **github.com/cespare/xxhash/v2** v2.1.1 -> v2.1.2 * **github.com/cilium/ebpf** v0.4.0 -> v0.7.0 * **github.com/containerd/cgroups** v1.0.1 -> v1.0.3 * **github.com/containerd/console** v1.0.2 -> v1.0.3 * **github.com/containerd/continuity** v0.1.0 -> v0.2.2 * **github.com/containerd/go-cni** v1.0.2 -> v1.1.1 * **github.com/containerd/imgcrypt** v1.1.1 -> v1.1.3 * **github.com/containerd/ttrpc** v1.0.2 -> v1.1.0 * **github.com/containernetworking/cni** v0.8.1 -> v1.0.1 * **github.com/containernetworking/plugins** v0.9.1 -> v1.0.1 * **github.com/containers/ocicrypt** v1.1.1 -> v1.1.2 * **github.com/coreos/go-systemd/v22** v22.1.0 -> v22.3.2 * **github.com/go-logr/logr** v0.2.0 -> v1.2.2 * **github.com/go-logr/stdr** v1.2.2 **_new_** * **github.com/godbus/dbus/v5** v5.0.3 -> v5.0.6 * **github.com/golang/groupcache** 8c9f03a8e57e -> 41bb18bfe9da * **github.com/golang/protobuf** v1.3.5 -> v1.5.2 * **github.com/google/go-cmp** v0.5.4 -> v0.5.6 * **github.com/google/gofuzz** v1.1.0 -> v1.2.0 * **github.com/grpc-ecosystem/go-grpc-middleware** v1.3.0 **_new_** * **github.com/grpc-ecosystem/grpc-gateway** v1.16.0 **_new_** * **github.com/hashicorp/errwrap** v1.0.0 -> v1.1.0 * **github.com/hashicorp/go-multierror** v1.0.0 -> v1.1.1 * **github.com/imdario/mergo** v0.3.11 -> v0.3.12 * **github.com/intel/goresctrl** v0.2.0 **_new_** * **github.com/json-iterator/go** v1.1.10 -> v1.1.12 * **github.com/moby/spdystream** v0.2.0 **_new_** * **github.com/moby/sys/mountinfo** v0.4.1 -> v0.5.0 * **github.com/moby/sys/signal** v0.6.0 **_new_** * **github.com/moby/sys/symlink** v0.1.0 -> v0.2.0 * **github.com/modern-go/reflect2** v1.0.1 -> v1.0.2 * **github.com/opencontainers/image-spec** v1.0.1 -> 693428a734f5 * **github.com/opencontainers/runc** v1.0.0-rc93 -> v1.1.0 * **github.com/opencontainers/runtime-spec** e6143ca7d51d -> 1c3f411f0417 * **github.com/opencontainers/selinux** v1.8.0 -> v1.10.0 * **github.com/pelletier/go-toml** v1.8.1 -> v1.9.3 * **github.com/prometheus/client_golang** v1.7.1 -> v1.11.0 * **github.com/prometheus/common** v0.10.0 -> v0.30.0 * **github.com/prometheus/procfs** v0.6.0 -> v0.7.3 * **github.com/satori/go.uuid** v1.2.0 **_new_** * **github.com/sirupsen/logrus** v1.7.0 -> v1.8.1 * **github.com/spf13/pflag** v1.0.5 **_new_** * **github.com/stretchr/testify** v1.6.1 -> v1.7.0 * **github.com/vishvananda/netlink** f5de75959ad5 **_new_** * **github.com/vishvananda/netns** 2eb08e3e575f **_new_** * **go.etcd.io/bbolt** v1.3.5 -> v1.3.6 * **go.opencensus.io** v0.22.3 -> v0.23.0 * **go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc** v0.28.0 **_new_** * **go.opentelemetry.io/otel** v1.3.0 **_new_** * **go.opentelemetry.io/otel/exporters/otlp/internal/retry** v1.3.0 **_new_** * **go.opentelemetry.io/otel/exporters/otlp/otlptrace** v1.3.0 **_new_** * **go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc** v1.3.0 **_new_** * **go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp** v1.3.0 **_new_** * **go.opentelemetry.io/otel/sdk** v1.3.0 **_new_** * **go.opentelemetry.io/otel/trace** v1.3.0 **_new_** * **go.opentelemetry.io/proto/otlp** v0.11.0 **_new_** * **golang.org/x/crypto** 0c34fe9e7dc2 -> 32db794688a5 * **golang.org/x/net** e18ecbb05110 -> fe4d6282115f * **golang.org/x/oauth2** bf48bf16ab8d -> 2bc19b11175f * **golang.org/x/sync** 09787c993a3a -> 036812b2e83c * **golang.org/x/sys** 47abb6519492 -> 1d35b9e2eb4e * **golang.org/x/term** 7de9c90e9dd1 -> 6886f2dfbf5b * **golang.org/x/text** v0.3.4 -> v0.3.7 * **golang.org/x/time** 3af7569d3a1e -> 1f47c861a9ac * **google.golang.org/appengine** v1.6.5 -> v1.6.7 * **google.golang.org/grpc** v1.27.1 -> v1.43.0 * **google.golang.org/protobuf** v1.27.1 **_new_** * **gopkg.in/yaml.v3** 9f266ea9e77c -> 496545a6307b * **k8s.io/api** v0.20.6 -> v0.22.5 * **k8s.io/apimachinery** v0.20.6 -> v0.22.5 * **k8s.io/apiserver** v0.20.6 -> v0.22.5 * **k8s.io/client-go** v0.20.6 -> v0.22.5 * **k8s.io/component-base** v0.20.6 -> v0.22.5 * **k8s.io/cri-api** v0.20.6 -> v0.23.1 * **k8s.io/klog/v2** v2.4.0 -> v2.30.0 * **k8s.io/utils** 67b214c5f920 -> cb0fa318a74b * **sigs.k8s.io/structured-merge-diff/v4** v4.0.3 -> v4.1.2 Previous release can be found at [v1.5.0](https://github.com/containerd/containerd/releases/tag/v1.5.0)
0340e84
2022-02-10 14:21
下载
v1.6.0-rc.3
containerd 1.6.0-rc.3 Welcome to the v1.6.0-rc.3 release of containerd! The seventh major release of containerd includes many improvements and added support to increase overall compatibility and stability. ### Highlights #### Runtime * **Add runtime label to metrics** ([#5744](https://github.com/containerd/containerd/pull/5744)) * **Cleanup task delete logic in v2 shim** ([#5813](https://github.com/containerd/containerd/pull/5813)) * **Add support for shim plugins** ([#5817](https://github.com/containerd/containerd/pull/5817)) * **Handle sigint and sigterm in shimv2** ([#5828](https://github.com/containerd/containerd/pull/5828)) * **Decouple shim and task manager** ([#5918](https://github.com/containerd/containerd/pull/5918)) * **Add runc shim support for core scheduling** ([#6011](https://github.com/containerd/containerd/pull/6011)) * **Update shim client connect attempt to fail fast when shim errors** ([#6031](https://github.com/containerd/containerd/pull/6031)) * **Add support for absolute path to shim binaries** ([#6206](https://github.com/containerd/containerd/pull/6206)) * **Update runc to v1.1.0** ([#6375](https://github.com/containerd/containerd/pull/6375)) #### Windows * **Add support for Windows HostProcess containers** ([#5131](https://github.com/containerd/containerd/pull/5131)) * **Add support for Windows resource limits** ([#5778](https://github.com/containerd/containerd/pull/5778)) #### CRI * **Add CNI configuration based on runtime class** ([#4695](https://github.com/containerd/containerd/pull/4695)) * **Add support for Intel RDT** ([#5439](https://github.com/containerd/containerd/pull/5439)) * **Add support for CRI v1 and v1alpha in parallel** ([#5619](https://github.com/containerd/containerd/pull/5619)) * **Add support for unified resources field for cgroups v2** ([#5627](https://github.com/containerd/containerd/pull/5627)) * **Add IP preference configuration for reporting pod IP** ([#5964](https://github.com/containerd/containerd/pull/5964)) * **Implement new CRI pod sandbox stats API** ([#6113](https://github.com/containerd/containerd/pull/6113)) * **Add sandbox and container latency metrics** ([#6111](https://github.com/containerd/containerd/pull/6111)) * **Add namespace to ttrpc and grpc plugin connections** ([#6130](https://github.com/containerd/containerd/pull/6130)) * **Add option to allow ping sockets and privileged ports with no capabilities** ([#6170](https://github.com/containerd/containerd/pull/6170)) * **Add support for configuring swap** ([#6320](https://github.com/containerd/containerd/pull/6320)) #### Other * **Add support for client TLS Auth for grpc** ([#5606](https://github.com/containerd/containerd/pull/5606)) * **Add xfs support for devicemapper snapshotter** ([#5610](https://github.com/containerd/containerd/pull/5610)) * **Add metric exposing build version and revision** ([#5965](https://github.com/containerd/containerd/pull/5965)) * **Add support for custom fs options in devmapper snapshotter** ([#6122](https://github.com/containerd/containerd/pull/6122)) * **Update introspection service to show GRPC plugins** ([#6432](https://github.com/containerd/containerd/pull/6432)) #### Client * **Allow WithServices to use custom implementations** ([#5709](https://github.com/containerd/containerd/pull/5709)) * **Support custom compressor for walking differ** ([#5735](https://github.com/containerd/containerd/pull/5735)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ### Contributors * Derek McGowan * Phil Estes * Akihiro Suda * Wei Fu * Maksym Pavlenko * Sebastiaan van Stijn * Michael Crosby * Kazuyoshi Kato * Mike Brown * Claudiu Belu * Daniel Canter * haoyun * Brian Goff * Gabriel Adrian Samfira * Stefan Berger * zounengren * AdamKorcz * Adelina Tuvenie * Kohei Tokunaga * Davanum Srinivas * Nashwan Azhari * Samuel Karp * Shiming Zhang * Markus Lehtonen * Enrico Weigelt, metux IT consult * Alakesh Haloi * Hajime Tazaki * Iceber Gu * Kevin Parsons * Aditi Sharma * Jeremi Piotrowski * David Porter * Gijs Peskens * ningmingxiao * Brandon Lum * Cody Roseborough * Danielle Lancashire * Jacob MacElroy * Tõnis Tiigi * dependabot[bot] * wanglei * Alexandre Peixoto Ferreira * Eric Ernst * Fabiano Fidêncio * Furkan Türkal * Jiaming Xu * Kir Kolyshkin * Miao Wang * Neil Johnson * Paul "TBBle" Hampson * Priyanka Saggu * Romain Aviolat * Samuel Ortiz * Sunghoon Kang * Takumasa Sakao * Tobias Klauser * Zhiyu Li * ye.sijun * Alexander Minbaev * Alexey Ivanov * Andrey Smirnov * Artem Khramov * Aurelien Lun-Sin * Ben Hutchings * Cory Bennett * Da McGrady * Dan Williams * Eng Zer Jun * Ethan Chen * Fupan Li * Gaurav Gahlot * Gunju Kim * Henry Wang * Jacob Blain Christen * James Gordon * James Sturtevant * Jan Klippel * Jayme Howard * Jiajun Jiang * Jintao Zhang * Justin Terry * Kaijie Chen * Kante * Kern Walster * Kitt Hsu * Lantao Liu * Ma Xinjian * Manabu Sugimoto * Manuel Alejandro de Brito Fontes * Mark Rossetti * Markus Lippert * Mikko Ylinen * Ng Yang * Nicolas Chariglione * Ning Li * Olli Janatuinen * Peri Thompson * Quan Tian * Radostin Stoyanov * Rui Lopes * Sambhav Kothari * Sebastian Hasler * Sergey Kanzhelev * Sören Tempel * Yang Yang * Yifan Yuan * Zilong Wang * Zufar Dhiyaulhaq * botieking98 * chenxiaoyu * jayonlau * jerryzhuang * linrunlong * scuzhanglei * wangzhan * Étienne Guesnet ### Changes <details><summary>1038 commits</summary> <p> * Prepare release notes for v1.6.0-rc.3 ([#6524](https://github.com/containerd/containerd/pull/6524)) * Prepare release notes for v1.6.0-rc.3 * Use white logo in github dark mode ([#6529](https://github.com/containerd/containerd/pull/6529)) * Use white logo in github dark mode * cri: fix handling of ignore_rdt_not_enabled_errors config option ([#6514](https://github.com/containerd/containerd/pull/6514)) * cri: fix handling of ignore_rdt_not_enabled_errors config option * pkg/oom/v2: handle EventChan routine shutdown quietly ([#6504](https://github.com/containerd/containerd/pull/6504)) * pkg/oom/v2: handle EventChan routine shutdown quietly * fix: .dockerignore make git working tree dirty ([#6523](https://github.com/containerd/containerd/pull/6523)) * fix: .dockerignore makes git working tree dirty * containerd-stress: start task ctr before starting execs ([#6518](https://github.com/containerd/containerd/pull/6518)) * containerd-stress: start task ctr before starting execs * Document fs_type and fs_options in snapshots/devmapper/README.md ([#6501](https://github.com/containerd/containerd/pull/6501)) * Document fs_type and fs_options in snapshots/devmapper/README.md * docs: add Talos Linux to the list of adopters ([#6510](https://github.com/containerd/containerd/pull/6510)) * docs: add Talos Linux to the list of adopters * Prepare 1.6.0-rc.2 ([#6502](https://github.com/containerd/containerd/pull/6502)) * Prepare release notes for v1.6.0-rc.2 * Update releases document * platforms.Normalize(): do not reset OSVersion and OSFeatures ([#6497](https://github.com/containerd/containerd/pull/6497)) * platforms.Normalize(): do not reset OSVersion and OSFeatures * tracing: use OTLP/HTTP in addition to OTLP/gRPC ([#6457](https://github.com/containerd/containerd/pull/6457)) * tracing: return (ctx, span) from StartSpan * tracing: support OTLP/HTTP in addition to gRPC * Update cgroups to v1.0.3 ([#6498](https://github.com/containerd/containerd/pull/6498)) * Update cgroups to v1.0.3 * seccomp: kernel 5.11 -> 5.16 ([#6494](https://github.com/containerd/containerd/pull/6494)) * seccomp: kernel 5.16 (futex_waitv) * seccomp: kernel 5.15 (process_mrelease) * seccomp: kernel 5.14 (quotactl_fd, memfd_secret) * seccomp: kernel 5.13 (landlock_{add_rule,create_ruleset,restrict_self}) * seccomp: kernel 5.12 (mount_setattr) * remotes: fix dockerPusher to handle abort correctly ([#6243](https://github.com/containerd/containerd/pull/6243)) * remotes: fix dockerPusher to handle abort correctly * seccomp: add support for "swapcontext" syscall in default policy ([#6411](https://github.com/containerd/containerd/pull/6411)) * seccomp: add support for "swapcontext" syscall in default policy * oci: use readonly mount to read user/group info ([#6478](https://github.com/containerd/containerd/pull/6478)) * oci: use readonly mount to read user/group info * Fix possibly incorrect media type default on import ([#6475](https://github.com/containerd/containerd/pull/6475)) * Fix possibly incorrect media type default on import * shimv2: handle sigint/sigterm ([#5828](https://github.com/containerd/containerd/pull/5828)) * shimv2: handle sigint/sigterm * Fix acr fetch token 400 ([#6481](https://github.com/containerd/containerd/pull/6481)) * fix acr fetch token 400 * platforms: add support for matching amd64 variants ([#6455](https://github.com/containerd/containerd/pull/6455)) * platforms: add support for matching amd64 variants * Fix windows periodic workflow ([#6476](https://github.com/containerd/containerd/pull/6476)) * Fix windows periodic workflow * docs: add doc-comments on GC-related methods ([#6473](https://github.com/containerd/containerd/pull/6473)) * docs: add doc-comments on GC-related methods * fix: should not send 137 code event if cmd is notfound ([#6465](https://github.com/containerd/containerd/pull/6465)) * fix: should not send 137 code event if cmd is notfound * Fix empty scopes return ([#6463](https://github.com/containerd/containerd/pull/6463)) * fix empty scopes return * Prepare release notes for v1.6.0-rc.1 ([#6462](https://github.com/containerd/containerd/pull/6462)) * Prepare release notes for v1.6.0-rc.1 * Add support for skipping non-dist blob push ([#6424](https://github.com/containerd/containerd/pull/6424)) * ctr: flag to toggle non-distributable blob push * Add image handler to skip non-distributable blobs. * Compile binaries for go1.16 and go1.17 in CI ([#6461](https://github.com/containerd/containerd/pull/6461)) * Compile binaries for go1.16 and go1.17 in CI * services/introspection: fix plugin caching to show grpc plugins ([#6432](https://github.com/containerd/containerd/pull/6432)) * Update caching logic to avoid map access * services/introspection: support to show introspection grpc service * Integration: Change to Windows Server 2022 build number constant ([#6458](https://github.com/containerd/containerd/pull/6458)) * Integration: Change to Windows Server 2022 build number constant * Update kubernetes vendor to 0.22.5 ([#6460](https://github.com/containerd/containerd/pull/6460)) * Update kubernetes vendor to 0.22.5 * Fix rdt build tags for go 1.16 ([#6459](https://github.com/containerd/containerd/pull/6459)) * Fix rdt build tags for go 1.16 * Remove submodule go mod ([#6439](https://github.com/containerd/containerd/pull/6439)) * Remove api go submodule * Update makefile to remove API submodule * go.mod: Update hcsshim to v0.9.2 ([#6453](https://github.com/containerd/containerd/pull/6453)) * go.mod: Update hcsshim to v0.9.2 * update runc to v1.1.0 ([#6375](https://github.com/containerd/containerd/pull/6375)) * go.mod: github.com/opencontainers/runc v1.1.0 * update runc binary to v1.1.0 * tracing: fix OTLP tracer's initialization ([#6443](https://github.com/containerd/containerd/pull/6443)) * tracing: fix OTLP tracer's initialization * gha: run CodeQL scan on pull requests ([#6386](https://github.com/containerd/containerd/pull/6386)) * gha: run CodeQL scan on pull requests * Do not automatically inject client traces ([#6445](https://github.com/containerd/containerd/pull/6445)) * Do not automatically inject client traces * [containerd-stress] delete useless code ([#6451](https://github.com/containerd/containerd/pull/6451)) * delete useless code * Revert "Add shared content label to namespaces" ([#6440](https://github.com/containerd/containerd/pull/6440)) * Revert "Add shared content label to namespaces" * Add ppc64 support for test images ([#6435](https://github.com/containerd/containerd/pull/6435)) * Add ppc64 support for test images * ctr: Unify the delete subcommand alias ([#6427](https://github.com/containerd/containerd/pull/6427)) * ctr: Unify the delete subcommand alias * Prepare release notes for v1.6.0-rc.0 ([#6431](https://github.com/containerd/containerd/pull/6431)) * Prepare release notes for v1.6.0-rc.0 * Integration: Switch to using `auth` Gcloud action in Windows workflow. ([#6397](https://github.com/containerd/containerd/pull/6397)) * Integration: Switch to `upload-cloud-storage` Gcloud action. * Integration: Switch to using `auth` Gcloud action in Windows workflow. * remove io/ioutil ([#6426](https://github.com/containerd/containerd/pull/6426)) * remove io/ioutil * test: e2e node COS cgroupv2 script ([#6418](https://github.com/containerd/containerd/pull/6418)) * test: e2e node COS cgroupv2 script * Integration: Enable CRITest on Windows 2022. ([#6378](https://github.com/containerd/containerd/pull/6378)) * Enable critest tests on Windows Server 2022. * Parametrize CRITest test images in Windows Periodic workflow. * Update error message for apparmor parser ([#6415](https://github.com/containerd/containerd/pull/6415)) * Update error message for apparmor parser * Fix wrong log message ([#6419](https://github.com/containerd/containerd/pull/6419)) * Fix wrong log message * Followup errors change ([#6414](https://github.com/containerd/containerd/pull/6414)) * Fix incorrect error wrapped when closing ingest file * Fix seek error used without nil check * Fix followup items from errors replacement * Updates CRI API & Kubernetes to 1.23 ([#6351](https://github.com/containerd/containerd/pull/6351)) * Update k/k to 1.23.0 * Updating adoption of containerd for AKS ([#6416](https://github.com/containerd/containerd/pull/6416)) * Updating adoption of containerd for AKS * update the adoption status of containerd in GKE ([#6413](https://github.com/containerd/containerd/pull/6413)) * update the adoption status of containerd in GKE * go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt} ([#6410](https://github.com/containerd/containerd/pull/6410)) * go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt} * replace github.com/pkg/errors with native errors ([#6366](https://github.com/containerd/containerd/pull/6366)) * feat: replace github.com/pkg/errors to errors * corrected link in cri architecture documentation ([#6412](https://github.com/containerd/containerd/pull/6412)) * corrected link in cri architecture documentation * remotes/docker: allow fetching "refresh token" (aka "identity token", "offline token") ([#6396](https://github.com/containerd/containerd/pull/6396)) * remotes/docker: allow fetching "refresh token" (aka "identity token") * remotes/docker/config: allow setting custom AuthorizerOpts * Prepare release notes for v1.6.0-beta.5 ([#6407](https://github.com/containerd/containerd/pull/6407)) * Prepare release notes for v1.6.0-beta.5 * Integration: Check GCP secrets on Windows CI artifact upload. ([#6292](https://github.com/containerd/containerd/pull/6292)) * Integration: Check GCP secrets on Windows CI artifact upload. * Github Security Advisory [GHSA-mvff-h3cj-wj9c](https://github.com/containerd/containerd/security/advisories/GHSA-mvff-h3cj-wj9c) * only relabel cri managed host mounts * Add support for Intel RDT ([#5439](https://github.com/containerd/containerd/pull/5439)) * cri: add ignore_rdt_not_enabled_errors config option * Update dependencies * cri: annotations for controlling RDT class * tasks: add Linux rdt support * cmd: add --rdt-class command line option * oci: implement WithRdt * fix: use _ for consistency ([#6391](https://github.com/containerd/containerd/pull/6391)) * fix: use _ for consistency * content/local: use syscall.Timespec.Unix ([#6403](https://github.com/containerd/containerd/pull/6403)) * content/local: use syscall.Timespec.Unix * docs: improve plugin documentation ([#6207](https://github.com/containerd/containerd/pull/6207)) * docs: document the runtime shim plugin config options * docs: use proper markdown lists in containerd-config.toml.5.md * fix(ctr): enable networking for Windows containers ([#6304](https://github.com/containerd/containerd/pull/6304)) * fix(ctr): enable networking for Windows containers * Fix $(PWD) issue for Windows makefile ([#6394](https://github.com/containerd/containerd/pull/6394)) * Fix $(PWD) issue for Windows makefile * only test abstract uds on linux ([#6395](https://github.com/containerd/containerd/pull/6395)) * fix: only test abstract unix socket on linux * Fix restart container test ([#6390](https://github.com/containerd/containerd/pull/6390)) * Expect ErrorNotFound on Windows after Kill() * Replace tskill with taskkill * fix when kernel version < 4.13rc1 by using index=off cause test error ([#6291](https://github.com/containerd/containerd/pull/6291)) * fix when kernel version < 4.13rc1 by using index=off cause overlay test error * Fix no-daemon flag for integration/client tests ([#6384](https://github.com/containerd/containerd/pull/6384)) * Fix no-daemon flag for integration/client tests * Enable lazy init for ext4 with devicemapper ([#6122](https://github.com/containerd/containerd/pull/6122)) * Enable lazy init for ext4 with devicemapper * Fix flakiness on Windows for list stats ([#6385](https://github.com/containerd/containerd/pull/6385)) * Fix flakiness on Windows for list stats * cri-integration: Add Windows defaults and fix spaces issue ([#6347](https://github.com/containerd/containerd/pull/6347)) * cri-integration: Add Windows default paths * Upgrade OpenTelemetry dependencies ([#6383](https://github.com/containerd/containerd/pull/6383)) * Upgrade k8s.io/klog/v2 from 2.9.0 to 2.20.0 * Use insecure.NewCredentials instead of grpc.WithInsecure * Upgrade OpenTelemetry dependencies * Fix default makefile target for windows ([#6322](https://github.com/containerd/containerd/pull/6322)) * Fix default makefile target for windows * Disable TestContainerHook on Windows ([#6379](https://github.com/containerd/containerd/pull/6379)) * Disable TestContainerHook on Windows * seutil: Fix setting the "container_kvm_t" label ([#6372](https://github.com/containerd/containerd/pull/6372)) * seutil: Fix setting the "container_kvm_t" label * Remove Windows integration testing for 2004. ([#6350](https://github.com/containerd/containerd/pull/6350)) * Remove Windows integration testing for 2004. * OCI: Mount (accessible) host devices in privileged rootless containers ([#6308](https://github.com/containerd/containerd/pull/6308)) * OCI: Mount (accessible) host devices in privileged rootless containers * oci.getDevices(): move "non-dir, non '/dev/console'" case into switch * cri: add support for configuring swap ([#6320](https://github.com/containerd/containerd/pull/6320)) * fixup: check for swap accounting * fixup: handle diff between cgroupsv1 and v2 * cri: add support for configuring swap * Integration: Enable TestVolumeOwnership on Windows ([#6275](https://github.com/containerd/containerd/pull/6275)) * Replace find with native Go code * Enable TestVolumeOwnership on Windows * Prepare release notes for v1.6.0-beta.4 ([#6296](https://github.com/containerd/containerd/pull/6296)) * Prepare release notes for v1.6.0-beta.4 * refactor: functions for error log and error return ([#6358](https://github.com/containerd/containerd/pull/6358)) * feat: Errorf usage * Split apart runc shim into plugin components ([#6021](https://github.com/containerd/containerd/pull/6021)) * Use task plugin for runc shim * Seperate shim manager and task service * Split runc shim into plugin components * Add shutdown package * CRI update for sandbox sizing ([#6155](https://github.com/containerd/containerd/pull/6155)) * cri, sandbox: pass sandbox resource details if available, applicable * medatada: make namespaces' deletion error less cryptic ([#6354](https://github.com/containerd/containerd/pull/6354)) * medatada: make namespaces' deletion error less cryptic * ListContainerStats to return stats response if ContainerStatsFilter is nil ([#6373](https://github.com/containerd/containerd/pull/6373)) * add-list-stat: return container list if filter is nil * integration: deflake TestContainerdRestart ([#6369](https://github.com/containerd/containerd/pull/6369)) * integration: deflake TestContainerdRestart * feat: add timeout for bolt open ([#6225](https://github.com/containerd/containerd/pull/6225)) * feat: support custom timeout for blot open * Update Go to 1.17.5 ([#6333](https://github.com/containerd/containerd/pull/6333)) * Update Go to 1.17.5 * cri/server: use consistent alias for pkg/ioutil ([#6332](https://github.com/containerd/containerd/pull/6332)) * cri/server: use consistent alias for pkg/ioutil * Disable restart monitor test in Windows ([#6364](https://github.com/containerd/containerd/pull/6364)) * Disable restart monitor test in Windows * Don't fail-fast on Windows integration tests ([#6338](https://github.com/containerd/containerd/pull/6338)) * Don't fail-fast on Windows integration tests * Update restart monitor test to output daemon logs on failure ([#6355](https://github.com/containerd/containerd/pull/6355)) * Run windows parallel integration test as short * Update restart monitor test to output daemon logs on failure * go.mod: update image-spec to latest (v1.0.3-dev) ([#6263](https://github.com/containerd/containerd/pull/6263)) * images/converter: remove deprecated types * go.mod: update image-spec to latest (v1.0.3-dev) * Skip WithAdditionalGIDs on Darwin ([#6353](https://github.com/containerd/containerd/pull/6353)) * Skip WithAdditionalGIDs on Darwin * Use RFC3339 format on Windows periodic resource group creation so cleanup works ([#6303](https://github.com/containerd/containerd/pull/6303)) * Use RFC3339 format so rg cleanup works * update runc to v1.0.3 ([#6330](https://github.com/containerd/containerd/pull/6330)) * go.mod: github.com/opencontainers/runc v1.0.3 * update runc binary to v1.0.3 * Unblock native snapshotter on Darwin ([#6329](https://github.com/containerd/containerd/pull/6329)) * Allow native snapshotter on Darwin * Do not use `go get` to install executables ([#6328](https://github.com/containerd/containerd/pull/6328)) * Do not use `go get` to install executables * Include runtime v2 in default builtins ([#6326](https://github.com/containerd/containerd/pull/6326)) * Include runtime v2 in default builtins * Add Windows Server 2022 CI runs ([#6314](https://github.com/containerd/containerd/pull/6314)) * Add Windows Server 2022 CI runs * Set explicit ACL on test files ([#6324](https://github.com/containerd/containerd/pull/6324)) * Use a single RUN command * Set explicit ACL on test files * integration: align tags of test images ([#6311](https://github.com/containerd/containerd/pull/6311)) * integration: align tags of test images * Set CONTAINERD_ROOT in Windows cri-integration ([#6325](https://github.com/containerd/containerd/pull/6325)) * Set CONTAINERD_ROOT in Windows cri-integration * export oci.DeviceFromPath() ([#6312](https://github.com/containerd/containerd/pull/6312)) * export oci.DeviceFromPath() * Update volume test images ([#6321](https://github.com/containerd/containerd/pull/6321)) * Update continuity dependency * Update volume test images * Update TestRestartMonitor expected time check ([#6201](https://github.com/containerd/containerd/pull/6201)) * Add error logging on cleanup * Update TestRestartMonitor expected time check * Move test volume images from gcr to ghcr ([#6319](https://github.com/containerd/containerd/pull/6319)) * Move volume images from gcr to ghcr * Revert shim service plugin migration ([#6301](https://github.com/containerd/containerd/pull/6301)) * Revert shim plugin migration * Authenticate against ghcr.io ([#6317](https://github.com/containerd/containerd/pull/6317)) * Add permissions * Authenticate against ghcr.io * oci/deviceFromPath(): correctly check device types ([#6306](https://github.com/containerd/containerd/pull/6306)) * oci/deviceFromPath(): correctly check device types * Skip TestExportAndImportMultiLayer on Windows ([#6315](https://github.com/containerd/containerd/pull/6315)) * Skip TestExportAndImportMultiLayer on Windows * Integration: Add image build workflow ([#6290](https://github.com/containerd/containerd/pull/6290)) * Add image build workflow * Integration: Separate Windows Periodic Tests workflow trigger. ([#6286](https://github.com/containerd/containerd/pull/6286)) * Integration: Separate Windows Periodic Tests workflow trigger. * Build volume test images on Windows ([#6274](https://github.com/containerd/containerd/pull/6274)) * Build volume test images on Windows * Add VMware TKG & TCE to Containerd adopters ([#6297](https://github.com/containerd/containerd/pull/6297)) * Add VMware TKG & TCE to Containerd adopters * Vagrantfile: update to Fedora 35 ([#6293](https://github.com/containerd/containerd/pull/6293)) * Vagrantfile: update to Fedora 35 * Update README.md repo->org ([#6269](https://github.com/containerd/containerd/pull/6269)) * Update README.md repo->org * Fix executable file not found when restoring shims ([#6278](https://github.com/containerd/containerd/pull/6278)) * Fix executable file not found when restoring shims * ctr/snapshots/diff: show media-type in stderr ([#6271](https://github.com/containerd/containerd/pull/6271)) * ctr/snapshots/diff: don't show the media-type in output * ctr: Add Linux Capabilities control flags ([#6289](https://github.com/containerd/containerd/pull/6289)) * ctr: Add Linux Capabilities control flags * integration: add stats result in error message ([#6270](https://github.com/containerd/containerd/pull/6270)) * integration: add stats result in error message * releases: mark 1.4 as Extended ([#6287](https://github.com/containerd/containerd/pull/6287)) * docs: mark 1.4 as Extended * docs: fix RELEASES.md gRPC API anchor * feat: skip ci for fork ([#6284](https://github.com/containerd/containerd/pull/6284)) * feat: skip ci for fork * content/local: Close the file if Seek fails ([#6280](https://github.com/containerd/containerd/pull/6280)) * content/local: Close the file if Seek fails * Integration: Remove explicit version passing to `azure/CLI`. ([#6268](https://github.com/containerd/containerd/pull/6268)) * Integration: Remove explicit version passing to `azure/CLI`. * Fix wrong make target on documentation ([#6276](https://github.com/containerd/containerd/pull/6276)) * Fix wrong make target on documentation * fix: server error return ([#6272](https://github.com/containerd/containerd/pull/6272)) * fix: server error return * Prepare release notes for v1.6.0-beta.3 ([#6267](https://github.com/containerd/containerd/pull/6267)) * Prepare release notes for v1.6.0-beta.3 * Update API version in go.mod * Update release name to use consistent format * feat:support custom callopts on client side ([#6254](https://github.com/containerd/containerd/pull/6254)) * fix: make max recv/send msg size setting default * feat:support custom callopts on client side * [CRI] Fix panic when registry.mirrors use localhost ([#6258](https://github.com/containerd/containerd/pull/6258)) * [CRI] Fix panic when registry.mirrors use localhost * Add support for TMP override on toml ([#6241](https://github.com/containerd/containerd/pull/6241)) * Add support for TMP override on toml * CRI: Support enable_unprivileged_icmp and enable_unprivileged_ports options ([#6170](https://github.com/containerd/containerd/pull/6170)) * CRI: Support enable_unprivileged_icmp and enable_unprivileged_ports options * Github Security Advisory [GHSA-5j5w-g665-5m35](https://github.com/containerd/containerd/security/advisories/GHSA-5j5w-g665-5m35) * schema1: reject ambiguous documents * images: validate document type before unmarshal * [cri] add sandbox and container latency metrics ([#6111](https://github.com/containerd/containerd/pull/6111)) * [cri] add sandbox and container latency metrics * Integration: Generalize Windows CI setup scripts for any username. ([#6255](https://github.com/containerd/containerd/pull/6255)) * Generalize Windows CI setup script for any user. * Standardize cmdlet capitalization in Windows CI scripts. * feat: use rwmutex instead ([#6253](https://github.com/containerd/containerd/pull/6253)) * feat: use rwmutex instead * Allow absolute path to shim binaries ([#6206](https://github.com/containerd/containerd/pull/6206)) * Fix package alias * Support custom runtime path when launching tasks * Add runtime path in CreateTaskRequest * Close file if permission modification fails ([#6246](https://github.com/containerd/containerd/pull/6246)) * Close file if permission modification fails * release: change tar name to match prior releases ([#6250](https://github.com/containerd/containerd/pull/6250)) * release: change tar name to match prior releases * Fix wrong error returned for image index lookup ([#6237](https://github.com/containerd/containerd/pull/6237)) * Fix wrong error returned for image index lookup * Fix containerd fails to pull OCI image with non-`http(s)://` urls ([#6221](https://github.com/containerd/containerd/pull/6221)) * Fix containerd fails to pull OCI image with non-`http(s)://` urls * Prepare release notes for v1.6.0-beta.2 ([#6223](https://github.com/containerd/containerd/pull/6223)) * Prepare release notes for v1.6.0-beta.2 * Add arm64 to releases ([#6196](https://github.com/containerd/containerd/pull/6196)) * Rename release dockerfile to omit distro name * release: improve dockerfile * Add arm64 to releases * use write lock when updating container stats ([#6236](https://github.com/containerd/containerd/pull/6236)) * use write lock when updating container stats * go.mod: Bump hcsshim to v0.9.1 ([#6230](https://github.com/containerd/containerd/pull/6230)) * go.mod: Bump hcsshim to v0.9.1 * go.mod: Bump ttrpc to 1.1.0 ([#6228](https://github.com/containerd/containerd/pull/6228)) * go.mod: Bump ttrpc to 1.1.0 * go.mod: bump moby/sys/symlink v0.2.0, moby/sys/signal v0.6.0, moby/sys/mountinfo v0.5.0 ([#6213](https://github.com/containerd/containerd/pull/6213)) * go.mod: github.com/moby/sys/mountinfo v0.5.0 * go.mod: github.com/moby/sys/signal v0.6.0 * go.mod: github.com/moby/sys/symlink v0.2.0 * go.mod: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359 * cleanup: add more description on comment ([#6222](https://github.com/containerd/containerd/pull/6222)) * cleanup: add more description on comment * Update Go to 1.17.3 ([#6211](https://github.com/containerd/containerd/pull/6211)) * Update Go to 1.17.3 * CI: bump up crun: 1.0 -> 1.3 ([#6214](https://github.com/containerd/containerd/pull/6214)) * CI: bump up crun: 1.0 -> 1.3 * Pin az CLI version in windows-periodic workflow ([#6205](https://github.com/containerd/containerd/pull/6205)) * Pin az CLI version * Decouple task manager ([#5918](https://github.com/containerd/containerd/pull/5918)) * Address PR comments * Fix build after rebase * Migrate task directory * Expose shim process interface * Fix after rebase * Cleanup shim loading * Move shim restore to a separate file * Fix backward compatibility with old task shims * Add plugin dependency between shim and shim services * Rework task create and cleanup flow * Add task manager * Rename task manager to shim manager * [cri] Implement k8s 1.23 CRI Pod Sandbox and Container Stats ([#6113](https://github.com/containerd/containerd/pull/6113)) * Implement CRI container and pods stats * Vendor latest k8s.io/cri-api and netlink * test: Add grace period for restart monitor test ([#6200](https://github.com/containerd/containerd/pull/6200)) * test: Add grace period for restart monitor test * integration: Enables TestRuntimeHandler for Windows ([#6179](https://github.com/containerd/containerd/pull/6179)) * integration: Enables TestRuntimeHandler for Windows * Add mkdir on Dockerfile ([#6171](https://github.com/containerd/containerd/pull/6171)) * Add mkdir on Dockerfile * sys/reaper: avoid leaky goroutine when exec timeout ([#6189](https://github.com/containerd/containerd/pull/6189)) * sys/reaper: avoid leaky goroutine when exec timeout * adds additional debug out to timebox cni setup ([#6184](https://github.com/containerd/containerd/pull/6184)) * adds additional debug out to timebox cni setup * converter: Allow hooks during image conversion ([#6176](https://github.com/containerd/containerd/pull/6176)) * converter: Allow hooks during image conversion * compression: support zstd with skippable frame ([#6177](https://github.com/containerd/containerd/pull/6177)) * compression: support zstd with skippable frame * integration: Enables TestVolumeCopyUp for Windows ([#6182](https://github.com/containerd/containerd/pull/6182)) * integration: Enables TestVolumeCopyUp for Windows * integration: Enable some tests for Windows (part 2) ([#6121](https://github.com/containerd/containerd/pull/6121)) * integration: Enable some tests for Windows (part 2) * integration: Enable some tests for Windows ([#6085](https://github.com/containerd/containerd/pull/6085)) * integration: Enable some tests for Windows * Update doc to version 2 syntax ([#6125](https://github.com/containerd/containerd/pull/6125)) * feat(doc): update to version 2 syntax * fix shim reaper wait command execute blocked ([#6166](https://github.com/containerd/containerd/pull/6166)) * fix shim reaper wait command execute blocked * content: close stream after commit request ([#6145](https://github.com/containerd/containerd/pull/6145)) * content: close stream after commit request * Generating token options with each scope as a separate string. ([#6165](https://github.com/containerd/containerd/pull/6165)) * Adding scope tests for ParseAuthHeader * Adding tests for GenerateTokenOptions * Generate token options with each scope as a separate string. * vendor: Updates go-cni ([#6167](https://github.com/containerd/containerd/pull/6167)) * vendor: Updates go-cni * commands: Enables task metrics for Windows ([#6159](https://github.com/containerd/containerd/pull/6159)) * commands: Enables task metrics for Windows * vendor: update moby/sys for darwin support ([#6149](https://github.com/containerd/containerd/pull/6149)) * vendor: update moby/sys for darwin support * Prepare v1.6.0-beta.1 ([#6144](https://github.com/containerd/containerd/pull/6144)) * Prepare release notes for v1.6.0-beta.1 * Update mailmap * Update api vendor * bump cni to spec v1.0.0 ([#6136](https://github.com/containerd/containerd/pull/6136)) * bump CNI to spec v1.0.0 * Inject otel traces to grpc client. ([#5992](https://github.com/containerd/containerd/pull/5992)) * Inject otel traces to grpc client. * client: expose (*image).platform ([#6142](https://github.com/containerd/containerd/pull/6142)) * client: expose (*image).platform * Adding documentation for Core Scheduling ([#6128](https://github.com/containerd/containerd/pull/6128)) * feat(doc): add Core Scheduling documentation * Ensure namespace is proxied to grpc/ttrpc plugins ([#6130](https://github.com/containerd/containerd/pull/6130)) * Ensure namespace is proxied to grpc/ttrpc plugins * fix #6054 MaxConcurrentDownloads is not effect when Unpack is true ([#6109](https://github.com/containerd/containerd/pull/6109)) * fix #6054 MaxConcurrentDownloads is not effect when Unpack is true * Output a warning for label image labels instead of erroring ([#6124](https://github.com/containerd/containerd/pull/6124)) * Output a warning for label image labels instead of erroring * Fix spelling mistake in Windows snapshotter ([#6132](https://github.com/containerd/containerd/pull/6132)) * Fix spelling mistake in Windows snapshotter * Windows: Cleanup rm- prefixed layers ([#6126](https://github.com/containerd/containerd/pull/6126)) * Windows: Cleanup rm- prefixed layers * cleanup deprecated package `io/ioutil ` ([#6118](https://github.com/containerd/containerd/pull/6118)) * io/ioutil package has been deprecated in Go 1.16 that replaces io/ioutil functions * close Writer after use which may memory leak ([#6115](https://github.com/containerd/containerd/pull/6115)) * close Writer after use which may leak mem * Adds Windows resource limits support ([#5778](https://github.com/containerd/containerd/pull/5778)) * Adds Windows resource limits support * Prepare release notes for v1.6.0-beta.0 ([#6098](https://github.com/containerd/containerd/pull/6098)) * Prepare release notes for v1.6.0-beta.0 * Add error message to in TestContainerdRestart integration test ([#6105](https://github.com/containerd/containerd/pull/6105)) * Add error message to in TestContainerdRestart integration test * Fix typo in the NewContainer function documentation ([#6110](https://github.com/containerd/containerd/pull/6110)) * Fix typo in the NewContainer function documentation * Update cgroups to v1.0.2 ([#6104](https://github.com/containerd/containerd/pull/6104)) * Update cgroups to v1.0.2 * btrfs: verify file content after mount ([#6100](https://github.com/containerd/containerd/pull/6100)) * test: check file content after mount * Update test timeout based on recent cancellations ([#6107](https://github.com/containerd/containerd/pull/6107)) * Update test timeout based on recent cancellations * Check the pid in cri test teardown ([#6106](https://github.com/containerd/containerd/pull/6106)) * Remove extra test_teardown * Check the pid in cri test teardown * add runc shim support for sched core ([#6011](https://github.com/containerd/containerd/pull/6011)) * fix integration client vendor * add runc shim support for sched core * integration: Enables Windows containerd restart test ([#5579](https://github.com/containerd/containerd/pull/5579)) * integration: Enables Windows containerd restart test * vendor: Bump hcsshim to 0.9.0 ([#6099](https://github.com/containerd/containerd/pull/6099)) * vendor: Bump hcsshim to 0.9.0 * [cri] Add CNI conf based on runtime class ([#4695](https://github.com/containerd/containerd/pull/4695)) * Add CNI conf based on runtime class * Update Go to 1.17.2 ([#6102](https://github.com/containerd/containerd/pull/6102)) * Update Go to 1.17.2 * integration: Adds test for multilayer image import ([#5933](https://github.com/containerd/containerd/pull/5933)) * integration: Adds test for multilayer image import * runtime: should fail fast if dial error on shim ([#6031](https://github.com/containerd/containerd/pull/6031)) * runtime: should fail fast if dial error on shim * Fixes Windows containers with image volumes ([#6034](https://github.com/containerd/containerd/pull/6034)) * Windows: Fixes Windows containers with image volumes * run `gofmt` with GO 1.17 ([#6094](https://github.com/containerd/containerd/pull/6094)) * run `gofmt` with Go 1.17 * pkg/cap: remove an outdated comment ([#6088](https://github.com/containerd/containerd/pull/6088)) * pkg/cap: remove an outdated comment * Update go otel 1.0.1 ([#6066](https://github.com/containerd/containerd/pull/6066)) * Update go otel 1.0.1 * Update ADOPTERS.md with additional uses ([#6086](https://github.com/containerd/containerd/pull/6086)) * Update ADOPTERS.md with additional uses * modify the way for checking cos ([#6082](https://github.com/containerd/containerd/pull/6082)) * modify the way for checking cos * Fuzzing: Add fuzzers + small modifications ([#5915](https://github.com/containerd/containerd/pull/5915)) * Fuzzing: Add 4 fuzzers + small modifications * Fixes for Windows CI ([#6081](https://github.com/containerd/containerd/pull/6081)) * Pin mingw to version 10.2.0 * Update to golang 1.17.1 * Install nssm * Github Security Advisory [GHSA-c2h3-6mxw-7mvq](https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq) * btrfs: reduce permissions on plugin directories * v1 runtime: reduce permissions for bundle dir * v2 runtime: reduce permissions for bundle dir * task service: return known error type ([#6079](https://github.com/containerd/containerd/pull/6079)) * task service: return known error type * refactor: move from io/ioutil to io and os package ([#5973](https://github.com/containerd/containerd/pull/5973)) * refactor: move from io/ioutil to io and os package * fix: import from k8s.io/utils/clock instead ([#6076](https://github.com/containerd/containerd/pull/6076)) * fix: update vendor * cleanup: import from k8s.io/utils/clock/testing instead * cleanup: import from k8s.io/utils/clock instead * feat: enable integration cri remote client to call with grpc calloptions ([#6069](https://github.com/containerd/containerd/pull/6069)) * feat: enable cri remote client to call with grpc calloptions * cleanup k8s ansible yaml (carry for #5713) ([#6074](https://github.com/containerd/containerd/pull/6074)) * cleanup k8s ansible yaml (carry for https://github.com/jayonlau <jayonlau@gmail.com>) * feat: support import image for specific platform ([#6070](https://github.com/containerd/containerd/pull/6070)) * fix: wrong flag type * feat: support import image for specific platform * Update mirror images to take target image name ([#6065](https://github.com/containerd/containerd/pull/6065)) * Update mirror images to take target image name * fix: make exec-id flag required in exec command ([#6059](https://github.com/containerd/containerd/pull/6059)) * fix: make exec-id flag required in exec command * images: enable converter to uncompress zstd ([#6052](https://github.com/containerd/containerd/pull/6052)) * images: enable converter to uncompress zstd * replace deprecated function with Domain and Path ([#5922](https://github.com/containerd/containerd/pull/5922)) * replace deprecated function * integration: Adds Windows HostProcess tests ([#5853](https://github.com/containerd/containerd/pull/5853)) * integration: Adds Windows HostProcess tests * Fix main branch build is broken ([#6047](https://github.com/containerd/containerd/pull/6047)) * Fix main branch build is broken * Add open telemetry logging hook for logrus ([#6003](https://github.com/containerd/containerd/pull/6003)) * Add open telemetry logging hook for logrus * Change `oci.WithUser` behavior for LCOW ([#6023](https://github.com/containerd/containerd/pull/6023)) * Change oci.WithUser behavior for LCOW * switch usage directly to errdefs.(ErrAlreadyExists and ErrNotFound) ([#5946](https://github.com/containerd/containerd/pull/5946)) * switch usage directly to errdefs.(ErrAlreadyExists and ErrNotFound) * import: Raise error if the imported image is filtered out ([#5926](https://github.com/containerd/containerd/pull/5926)) * import: Raise error if the imported image is filtered out * Fix panic in metadata content writer on copy error ([#6043](https://github.com/containerd/containerd/pull/6043)) * Fix panic in metadata content writer on copy error * Move tracing to plugin ([#6001](https://github.com/containerd/containerd/pull/6001)) * Move tracing to plugin * ctr: Fixes Windows image import ([#5916](https://github.com/containerd/containerd/pull/5916)) * ctr: Fixes Windows image import * update open go.opentelemetry.io v1.0.0 to fix import path ([#6017](https://github.com/containerd/containerd/pull/6017)) * go.mod: update opentelemetry modules to v1.0.0 * fix error string format ([#5979](https://github.com/containerd/containerd/pull/5979)) * fix error string format * Add github action to mirror image ([#6036](https://github.com/containerd/containerd/pull/6036)) * Add github action to mirror image * add current process state to the error message ([#6027](https://github.com/containerd/containerd/pull/6027)) * add current process state to the error message * FreeBSD: fix tar headers & the nil check on getxattr ([#5991](https://github.com/containerd/containerd/pull/5991)) * FreeBSD: fix tar headers & the nil check on getxattr * gha: collect VMs' IP addresses ([#6035](https://github.com/containerd/containerd/pull/6035)) * gha: collect Vagrant VMs' IP addresses * bump continuity and console version that remove pkg/errors ([#6033](https://github.com/containerd/containerd/pull/6033)) * bump continuity and console version that remove pkg/errors * import: Add option to prevent duplicated digest image ([#5997](https://github.com/containerd/containerd/pull/5997)) * import: Add option to skip creating digest image * ctr namespaces: improve usage string ([#5998](https://github.com/containerd/containerd/pull/5998)) * ctr namespaces: improve usage string * bump console version to v1.0.3 that remove pkg/errors ([#6028](https://github.com/containerd/containerd/pull/6028)) * bump console version to v1.0.3 that remove pkg/errors * Use github images for integration tests ([#6032](https://github.com/containerd/containerd/pull/6032)) * Use github images for integration tests * Fix typo ([#5995](https://github.com/containerd/containerd/pull/5995)) * Fix typo * Enable image config labels in ctr and CRI container creation ([#6012](https://github.com/containerd/containerd/pull/6012)) * Enable image config labels in ctr and CRI container creation * Make sure exit signals trigger an exit during init ([#5970](https://github.com/containerd/containerd/pull/5970)) * Make sure exit signals trigger an exit during init * task delete: Closes task IO before waiting ([#5974](https://github.com/containerd/containerd/pull/5974)) * task delete: Closes task IO before waiting * CI: bump up crun to 1.0 ([#5985](https://github.com/containerd/containerd/pull/5985)) * CI: bump up crun to 1.0 * seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted) ([#5982](https://github.com/containerd/containerd/pull/5982)) * seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted) * Update to Go 1.17.1 ([#5990](https://github.com/containerd/containerd/pull/5990)) * Update to Go 1.17.1 * CI: Switch to available latest images ([#5987](https://github.com/containerd/containerd/pull/5987)) * CI: Switch to available latest images * add xfs support to devicemapper snapshotter ([#5610](https://github.com/containerd/containerd/pull/5610)) * add xfs support to devicemapper snapshotter * Fixes task kill --force on Windows ([#5956](https://github.com/containerd/containerd/pull/5956)) * Fixes task kill --force on Windows * Add support for shim plugins ([#5817](https://github.com/containerd/containerd/pull/5817)) * Add support for shim plugins * vendor: update continuity for darwin support ([#5976](https://github.com/containerd/containerd/pull/5976)) * vendor: update continuity for darwin support * replace uses of os/exec with golang.org/x/sys/execabs ([#5906](https://github.com/containerd/containerd/pull/5906)) * replace uses of os/exec with golang.org/x/sys/execabs * complete integration test for pulling image with labels ([#5972](https://github.com/containerd/containerd/pull/5972)) * Additional integration tests for pulling image with labels * Fix content copy to not ignore unexpected EOF ([#5966](https://github.com/containerd/containerd/pull/5966)) * Fix content copy to not ignore unexpected EOF * add ip_pref CNI options for primary pod ip ([#5964](https://github.com/containerd/containerd/pull/5964)) * add ip_pref CNI options for primary pod ip * cri: add devices for privileged container ([#5939](https://github.com/containerd/containerd/pull/5939)) * cri: add devices for privileged container * sandbox: Allows the sandbox to be deleted in NotReady state ([#5954](https://github.com/containerd/containerd/pull/5954)) * sandbox: Allows the sandbox to be deleted in NotReady state * pin protobuild version to tag ([#5969](https://github.com/containerd/containerd/pull/5969)) * pin protobuild version to tag * Add metric exposing build version&revision ([#5965](https://github.com/containerd/containerd/pull/5965)) * use a const metric for build_info * Add metric exposing build version&revision * Feature: containerd-cri support LinuxContainerResources.Unified ([#5627](https://github.com/containerd/containerd/pull/5627)) * add cri test case * feature: add field LinuxContainerResources.Unified on cri * integration: investigate TestRestartMonitor's failure ([#5861](https://github.com/containerd/containerd/pull/5861)) * integration: investigate TestRestartMonitor's failure * Use issue forms for bug reporting ([#5917](https://github.com/containerd/containerd/pull/5917)) * Address issue forms feedback * Use issue forms for bug reporting * cri: patch update image labels ([#5945](https://github.com/containerd/containerd/pull/5945)) * cri: patch update image labels * darwin: runtime support ([#5936](https://github.com/containerd/containerd/pull/5936)) * darwin: runtime support * darwin: use the default values for socketRoot variable * Update RELEASES.md ([#5858](https://github.com/containerd/containerd/pull/5858)) * Update RELEASES.md * archive: Add WriteDiff error logs ([#5949](https://github.com/containerd/containerd/pull/5949)) * archive: Add WriteDiff error logs * replace deprecated Dialer with ContextDialer ([#5958](https://github.com/containerd/containerd/pull/5958)) * replace deprecated Dail with DailContext * Add WS2022 support in Windows Periodic tests ([#5951](https://github.com/containerd/containerd/pull/5951)) * Add WS2022 support in Windows Periodic tests * Content fuzzer: Clean up temp store dir ([#5943](https://github.com/containerd/containerd/pull/5943)) * content fuzzer: Clean up tempdir * using Hosts replace deprecated field ([#5944](https://github.com/containerd/containerd/pull/5944)) * using Hosts replace deprecated field * fix document non-synchronous ([#5947](https://github.com/containerd/containerd/pull/5947)) * fix document non-synchronous in crictl.md * go.mod: Update hcsshim to v0.8.21 ([#5929](https://github.com/containerd/containerd/pull/5929)) * go.mod: Update hcsshim to v0.8.21 * Makefile.linux: build on RISC-V with PIE ([#5937](https://github.com/containerd/containerd/pull/5937)) * Makefile.linux: build on riscv with PIE * Fix cwd flag for `ctr tasks exec` ([#5932](https://github.com/containerd/containerd/pull/5932)) * Fix cwd flag for `ctr tasks exec` * Update Pause image in tests & config ([#5927](https://github.com/containerd/containerd/pull/5927)) * Update Pause image in tests & config * cri: Devices ownership from SecurityContext ([#5122](https://github.com/containerd/containerd/pull/5122)) * cri: Devices ownership from SecurityContext * Fix pull fails on unexpected EOF ([#5921](https://github.com/containerd/containerd/pull/5921)) * Fix pull fails on unexpected EOF * Fix dir support for devices ([#5845](https://github.com/containerd/containerd/pull/5845)) * Adding testing of two devices * Fix dir support for devices V3 (#4847) * windows: The DefaultSpec platform should match the Default matcher ([#5914](https://github.com/containerd/containerd/pull/5914)) * windows: The DefaultSpec platform should match the Default matcher * Add RunAsUserName functionality for the Windows pod sandbox container ([#5865](https://github.com/containerd/containerd/pull/5865)) * Add RunAsUserName functionality for the Windows Pod Sandbox Container * bump up runc v1.0.2 ([#5899](https://github.com/containerd/containerd/pull/5899)) * go.mod: update runc to v1.0.2 * update runc binary to v1.0.2 * Run `go fmt` with Go 1.17 ([#5903](https://github.com/containerd/containerd/pull/5903)) * Run `go fmt` with Go 1.17 * go.mod: github.com/pelletier/go-toml v1.9.3 ([#5905](https://github.com/containerd/containerd/pull/5905)) * go.mod: github.com/pelletier/go-toml v1.9.3 * cri: filter selinux xattr for image volumes ([#5902](https://github.com/containerd/containerd/pull/5902)) * cri: filter selinux xattr for image volumes * Add Windows HostProcess Support ([#5131](https://github.com/containerd/containerd/pull/5131)) * Added windows hostProcess cni skip * script: update golangci-lint from v1.38.0 and v1.36.0 to v1.42.0 ([#5897](https://github.com/containerd/containerd/pull/5897)) * script: update golangci-lint from v1.38.0 and v1.36.0 to v1.42.0 * Update to Go 1.17 ([#5889](https://github.com/containerd/containerd/pull/5889)) * Bump integration timeout to 35 min * Update to Go 1.17 * integration: fix TestContainerPids ([#5896](https://github.com/containerd/containerd/pull/5896)) * integration: fix TestContainerPids * [ctr] add HOSTNAME env for host network ([#5891](https://github.com/containerd/containerd/pull/5891)) * [ctr] add HOSTNAME env for host network * Fuzzing: Add fuzzer ([#5886](https://github.com/containerd/containerd/pull/5886)) * Fuzzing: Add fuzzer * Make Cgroup driver configurable in gce configure script ([#5884](https://github.com/containerd/containerd/pull/5884)) * Add env for SystemdCgroup driver * Allow expanded DNS configuration ([#5878](https://github.com/containerd/containerd/pull/5878)) * Allow expanded DNS configuration * Fuzzing: Add 4 fuzzers ([#5863](https://github.com/containerd/containerd/pull/5863)) * Fuzzing: Add 4 fuzzers * Cleanup v2 shim ([#5813](https://github.com/containerd/containerd/pull/5813)) * Cleanup v2 shim * Fuzzing: Add experimental version of container fuzzer ([#5840](https://github.com/containerd/containerd/pull/5840)) * Use http.Get to download binaries instead of exec.Command * Fuzzing: Add experimental version of container fuzzer * add cpu-shares to ctr ([#5846](https://github.com/containerd/containerd/pull/5846)) * add cpu-shares to ctr * docs: rename master to main (it was opposite on the actual commit) ([#5847](https://github.com/containerd/containerd/pull/5847)) * docs: rename main to master * content: return the error with its timestamp ([#5849](https://github.com/containerd/containerd/pull/5849)) * content: return the error with its timestamp * Fix bad `make protos` failure ([#5857](https://github.com/containerd/containerd/pull/5857)) * Fix bad `make protos` failure * replace cri and point to new location ([#5851](https://github.com/containerd/containerd/pull/5851)) * archive docs and point to new location fix #https://github.com/containerd/cri/issues/1624 * docs: remove FOSSA's badge ([#5856](https://github.com/containerd/containerd/pull/5856)) * docs: remove FOSSA's badge * BUILDING.md: remove some bits about building runc ([#5850](https://github.com/containerd/containerd/pull/5850)) * BUILDING.md: remove some bits about building runc * BUILDING.md: markdown fixes * go.mod: update k8s deps to v1.22.0 ([#5836](https://github.com/containerd/containerd/pull/5836)) * go.mod: update kubernetes to v1.22.0 * [Scripts] Add trap to cri-integration test script ([#5852](https://github.com/containerd/containerd/pull/5852)) * Add trap to cri-integration test script * docs: list all snapshotter-related build flags ([#5848](https://github.com/containerd/containerd/pull/5848)) * docs: list all snapshotter-related build flags * Move plugin context events into separate plugin ([#5835](https://github.com/containerd/containerd/pull/5835)) * Move plugin context events into separate plugin * Fix Linux CI Linter using Go 1.15.14 ([#5839](https://github.com/containerd/containerd/pull/5839)) * Fix Linux CI Linter using go 1.15.14 * Update Go to 1.16.7 ([#5842](https://github.com/containerd/containerd/pull/5842)) * Update Go to 1.16.7 * Cleanup CI ([#5838](https://github.com/containerd/containerd/pull/5838)) * Cleanup CI * Remove redundant build tags ([#5834](https://github.com/containerd/containerd/pull/5834)) * Remove redundant build tags * Change default directories on Darwin ([#5830](https://github.com/containerd/containerd/pull/5830)) * Change default directories on Darwin * [otel-tracing] Initial opentelemetry support ([#5731](https://github.com/containerd/containerd/pull/5731)) * [otel-tracing] vendor and go modules changes * [otel-tracing] Initial opentelemetry support * remove go 1.13 from containerd * Fuzzing: Fix for OSS-fuzz issue 36825 ([#5829](https://github.com/containerd/containerd/pull/5829)) * Fuzzing: Fix for OSS-fuzz issue 36825 * Fuzzing: Add two fuzzers ([#5825](https://github.com/containerd/containerd/pull/5825)) * Fuzzing: Add two more fuzzers * scripts: linting fixes, and remove support for Debian Jessie (as it's EOL) ([#5760](https://github.com/containerd/containerd/pull/5760)) * scripts: declare ROOT closer to where it's used, and some DRY changes * scripts: add missing quotes, and minor linting issues * test/build-utils.sh: remove support for Debian Jessie * platforms: Format(): use path.Join() instead of joinNotEmpty() ([#5821](https://github.com/containerd/containerd/pull/5821)) * platforms: Format(): use path.Join() instead of joinNotEmpty() * Fuzzing: Remove panics of container_fuzzer ([#5823](https://github.com/containerd/containerd/pull/5823)) * Fuzzing: Remove panics of container_fuzzer * Fuzzing: Add container fuzzer ([#5785](https://github.com/containerd/containerd/pull/5785)) * Change protoc link * Split fuzzer to two fuzzers * Fuzzing: Add container fuzzer * runtime: fix the issue of create new socket with abstract address ([#5746](https://github.com/containerd/containerd/pull/5746)) * runtime: fix the issue of create new socket with abstract address * mergo: Upgrade to 0.3.12 to fix panic ([#5809](https://github.com/containerd/containerd/pull/5809)) * mergo: Upgrade to 0.3.12 to fix panic * ci: install criu from PPA ([#5802](https://github.com/containerd/containerd/pull/5802)) * ci: install criu from PPA * Update release workflow to upload binary without CNI ([#5144](https://github.com/containerd/containerd/pull/5144)) * Split release steps into multiple tasks * Update release workflow to upload binary without CNI * Enable critest on Windows Periodic Jobs ([#5725](https://github.com/containerd/containerd/pull/5725)) * Enable critest on Windows * Script to check if entries in go.mod files are in sync ([#5792](https://github.com/containerd/containerd/pull/5792)) * Script to check if entries in go.mod files are in sync * Add a sharedNamespace label ([#5043](https://github.com/containerd/containerd/pull/5043)) * Add shared content label to namespaces * platforms: add "ios" as known OS, "loong64" as known ARCH ([#5784](https://github.com/containerd/containerd/pull/5784)) * platforms: add "ios" as known OS, "loong64" as known ARCH * Updates the location of protobuf downloads ([#5804](https://github.com/containerd/containerd/pull/5804)) * Updates the location of protobuf downloads in docs * Update protobuf install to use correct repository ([#5803](https://github.com/containerd/containerd/pull/5803)) * Update protobuf install to use correct repository * overlay: expose upperdir location of each snapshot via an optional label ([#5624](https://github.com/containerd/containerd/pull/5624)) * overlay: add an optional label of upperdir location of each snapshot * Support SIGRTMIN+n signals ([#5693](https://github.com/containerd/containerd/pull/5693)) * Support SIGRTMIN+n signals * respect context timeout in shim binary call ([#5800](https://github.com/containerd/containerd/pull/5800)) * respect context timeout in shim binary call * Introduce a new go module - containerd/api for use in standalone clients ([#5716](https://github.com/containerd/containerd/pull/5716)) * Introduce a new go module - containerd/api for use in standalone clients * grpc config add options tcp_client_ca_cert ([#5606](https://github.com/containerd/containerd/pull/5606)) * grpc config add options tcp_tls_ca * integration: Windows volume-copy-up images ([#5162](https://github.com/containerd/containerd/pull/5162)) * integration: Windows volume-copy-up images * add CRI support matrix to RELEASES.md ([#5795](https://github.com/containerd/containerd/pull/5795)) * add CRI support matrix to RELEASES.md * adding a little more clarity ([#5794](https://github.com/containerd/containerd/pull/5794)) * adding a little more clarity * update gotestsum to v1.7.0 ([#5793](https://github.com/containerd/containerd/pull/5793)) * update gotestsum to v1.7.0 * Discard blocks when removing a thin device ([#5756](https://github.com/containerd/containerd/pull/5756)) * Discard blocks when removing a thin device * Makefile: fix passing build tags ([#5590](https://github.com/containerd/containerd/pull/5590)) * Makefile: pass build tags to manpage build process * Makefile: fix tags parameter computation * Add runtime label to metrics ([#5744](https://github.com/containerd/containerd/pull/5744)) * Add runtime label to metrics * interface about shim build check ([#5745](https://github.com/containerd/containerd/pull/5745)) * interface about shim build check * integration: log all processes to investigate the test failure ([#5775](https://github.com/containerd/containerd/pull/5775)) * integration: log all processes to investigate the test failure * Fuzzing: Add archive fuzzer ([#5779](https://github.com/containerd/containerd/pull/5779)) * Fuzzing: Add archive fuzzer * Add docker.Fetch fuzzer ([#5687](https://github.com/containerd/containerd/pull/5687)) * Add docker fetch fuzzer * Support custom compressor for walking differ ([#5735](https://github.com/containerd/containerd/pull/5735)) * Support custom compressor for walking differ * remotes/docker/pusher.go: Fix missing Close() on push to docker remote ([#5770](https://github.com/containerd/containerd/pull/5770)) * remotes/docker/pusher.go: Fix missing Close() * remotes/docker/fetcher.go: Fix missing Close() on fetch from docker remote ([#5769](https://github.com/containerd/containerd/pull/5769)) * remotes/docker/fetcher.go: Fix missing Close() * Update cpuguy83/go-md2man binary to v2.0.1 ([#5771](https://github.com/containerd/containerd/pull/5771)) * Update cpuguy83/go-md2man binary to v2.0.1 * Refactor / optimize contrib/Dockerfile.test ([#5750](https://github.com/containerd/containerd/pull/5750)) * Dockerfile.test: build containerd in separate stage * Dockerfile.test: add GOLANG_IMAGE build arg to allow overriding * Dockerfile.test: clean up apt indexes after installing * Dockerfile.test: build critools in a separate stage * Dockerfile.test: build cni in a separate stage * Dockerfile.test: standard directory to collect build aftifacts * Dockerfile.test: split dev stage, and optimize order * Dockerfile.test: skip curl, gcc, git and make install * install-critools: make sure DESTDIR exists * update gotestsum to current master ([#5754](https://github.com/containerd/containerd/pull/5754)) * update gotestsum to current master * Github Security Advisory [GHSA-c72p-9xmj-rx3w](https://github.com/containerd/containerd/security/advisories/GHSA-c72p-9xmj-rx3w) * Add test for archive breakout test for lchmod * Use systemd cgroup driver for Kubernetes e2e tests with cgroupsv2 ([#5755](https://github.com/containerd/containerd/pull/5755)) * Use systemd cgroup driver for cgroupv2 tests * update runc to v1.0.1 ([#5751](https://github.com/containerd/containerd/pull/5751)) * go.mod: runc v1.0.1 * update runc binary to v1.0.1 * runtime: runc v2: remove redundant validation ([#5737](https://github.com/containerd/containerd/pull/5737)) * runtime: runc v2: remove redundant validation * Add timestamp to flaky restart monitor test ([#5727](https://github.com/containerd/containerd/pull/5727)) * Move loop check to before sleep * Add timestamp to flaky restart monitor test * Update Go to 1.16.6 ([#5722](https://github.com/containerd/containerd/pull/5722)) * integration/client: go mod tidy * Update Go to 1.16.6 * client: surface a connection error more clearly ([#4447](https://github.com/containerd/containerd/pull/4447)) * client: surface a connection error more clearly * Fix missing Body.Close() calls on push to docker remote ([#5712](https://github.com/containerd/containerd/pull/5712)) * Fix missing Body.Close() calls on push to docker remote * remove pkg/cri/platforms package ([#5710](https://github.com/containerd/containerd/pull/5710)) * remove pkg/cri/platforms package * Allow WithServices to use custom implementations ([#5709](https://github.com/containerd/containerd/pull/5709)) * Allow WithServices to use custom implementations * [Vendor] Update hcsshim to 0.8.18 ([#5673](https://github.com/containerd/containerd/pull/5673)) * [Vendor] Update hcsshim to 0.8.18 * test integration: Adds a test that restarts a failed container ([#5578](https://github.com/containerd/containerd/pull/5578)) * test integration: Adds a test that restarts a failed container * [CRI] move up to CRI v1 and support v1alpha in parallel ([#5619](https://github.com/containerd/containerd/pull/5619)) * use fu wei's suggeted interface pick for marshaling * add alpha version * move up to CRI v1 and support v1alpha in parallel * gha: make release workflow work in forks ([#5682](https://github.com/containerd/containerd/pull/5682)) * gha: make release workflow work in forks * Add unit test for plugin ([#5666](https://github.com/containerd/containerd/pull/5666)) * Add unit test for plugin * Dockerfile.test: add "cri-in-userns" (aka rootless) test stage ([#5700](https://github.com/containerd/containerd/pull/5700)) * Dockerfile.test: add "cri-in-userns" (aka rootless) test stage * Update for distribution spec 1.0 ([#5676](https://github.com/containerd/containerd/pull/5676)) * Add support for registry host path override * Update documenation for OCI distribution 1.0 * archive: cleanup lchmod logic ([#5702](https://github.com/containerd/containerd/pull/5702)) * Cleanup lchmod logic in archive * Install specific golang version in Windows CI. ([#5571](https://github.com/containerd/containerd/pull/5571)) * Install specific golang version in Windows CI. * Add ctr command label in NewContainerOpts ([#5660](https://github.com/containerd/containerd/pull/5660)) * feat: Add snapshotter label to the new snapshot for container. * snapshot/devmapper: log exported methods correctly ([#5655](https://github.com/containerd/containerd/pull/5655)) * snapshot/devmapper: log exported methods correctly * Makefile: fix DESTDIR and PREFIX concatenation ([#5662](https://github.com/containerd/containerd/pull/5662)) * Makefile: fix DESTDIR and PREFIX concatenation * Cri integration cleanup ([#5287](https://github.com/containerd/containerd/pull/5287)) * tests: Use EnsureImageExists for image pulling * tests: Refactors PodSandbox creation * move sys.FMountat() into mount package and un-export ([#5641](https://github.com/containerd/containerd/pull/5641)) * un-export mount.FMountat * move sys.FMountat() into mount package * sandbox: send pod UID to CNI plugins as K8S_POD_UID ([#5640](https://github.com/containerd/containerd/pull/5640)) * sandbox: send pod UID to CNI plugins as K8S_POD_UID * sys: remove StatAtime(), StatCtime(), StatMtime() and StatATimeAsTime() utils ([#5639](https://github.com/containerd/containerd/pull/5639)) * sys: remove StatAtime(), StatCtime(), StatMtime() and StatATimeAsTime() utils * content/local: inline sys.StatATimeAsTime() ([#5633](https://github.com/containerd/containerd/pull/5633)) * content/local: inline sys.StatATimeAsTime() * allow multi gpu to be specified via ctr ([#5636](https://github.com/containerd/containerd/pull/5636)) * allow multi gpu to be specified via ctr * go.mod: runc v1.0.0 * update runc binary to v1.0.0 GA * fixing some doc links ([#5629](https://github.com/containerd/containerd/pull/5629)) * fixing some doc links * Sync integration/go.mod with root go.mod ([#5623](https://github.com/containerd/containerd/pull/5623)) * Sync integration/go.mod with root go.mod * archive: Expose ChangeWriter to allow customized diff computing ([#5615](https://github.com/containerd/containerd/pull/5615)) * archive: Expose ChangeWriter to allow customized diff computing * CI: Switch to the available latest images ([#5625](https://github.com/containerd/containerd/pull/5625)) * CI: Switch to available latest images * fix deprecation config for default runtime * Re-enable criu in main integration runs ([#5614](https://github.com/containerd/containerd/pull/5614)) * Re-enable criu in main integration runs * runtime,v2: Enable debug when containerd is on debug+ log level ([#5617](https://github.com/containerd/containerd/pull/5617)) * runtime,v2: Enable debug when containerd is on debug+ log level * github.com/golang/protobuf/proto is deprecated * Update github.com/golang/protobuf from v1.3.5 to v1.4.3 * Update google.golang.org/grpc from v1.27.1 to v1.38.0 * Increase golangci-lint timeout * ctr flags of container rootfs propagation ([#5611](https://github.com/containerd/containerd/pull/5611)) * command line flags of setting container rootfs propagation * add cgroupv2 setup for cos with a flag * Update gotestsum to add timestamps to junit output ([#5612](https://github.com/containerd/containerd/pull/5612)) * Update gotestsum to add timestamps to junit output * Allow to pass --no-cgroups option to nvidia-container-cli ([#5604](https://github.com/containerd/containerd/pull/5604)) * Allow to pass --no-cgroup option to nvidia-container-cli * Makefile: FHS conformant manpage installation pathes ([#5577](https://github.com/containerd/containerd/pull/5577)) * Makefile: FHS conformant manpage installation pathes * Add proper Go version before project checks ([#5594](https://github.com/containerd/containerd/pull/5594)) * Add proper Go version before project checks * Enable cri-integration in Windows Periodic Tests ([#5580](https://github.com/containerd/containerd/pull/5580)) * Enable cri-integration in Windows Periodic Tests * adds explanation for seccomp unset/unconfined default vs runtime default ([#5573](https://github.com/containerd/containerd/pull/5573)) * adds explanation for seccomp unset/unconfined default vs runtime default * Fix cleanup context of teardownPodNetwork ([#5569](https://github.com/containerd/containerd/pull/5569)) * Fix cleanup context of teardownPodNetwork * update integration/client go.sum ([#5572](https://github.com/containerd/containerd/pull/5572)) * update integration/client go.sum * Revert diff/walking error change ([#5566](https://github.com/containerd/containerd/pull/5566)) * Revert diff/walking error change * Update opencontainers/selinux to v1.8.2 ([#5562](https://github.com/containerd/containerd/pull/5562)) * Update opencontainers/selinux to v1.8.2 * fix invalid validation error checking ([#5565](https://github.com/containerd/containerd/pull/5565)) * fix invalid validation error checking * diff/walking: fix defer cleanup ([#5551](https://github.com/containerd/containerd/pull/5551)) * diff/walking: fix defer cleanup * Windows periodic job: Add creation timestamp to RG ([#5559](https://github.com/containerd/containerd/pull/5559)) * Add creation timestamp to RG * Fix error case in Windows layer cleanup ([#5328](https://github.com/containerd/containerd/pull/5328)) * Fix error case in Windows layer cleanup * Use DeactivateLayer to unlock layers that we cannot rename ([#5422](https://github.com/containerd/containerd/pull/5422)) * Small typo fix "reimporst" * Use DeactivateLayer to recover layers that we cannot rename * tests: Symlink volume tests ([#5284](https://github.com/containerd/containerd/pull/5284)) * tests: Symlink volume tests * Makefile: fix DESTDIR environment variable behaviour ([#5535](https://github.com/containerd/containerd/pull/5535)) * Makefile: fix DESTDIR environment variable behaviour * Change Wrapf of non-error to an actual error ([#5560](https://github.com/containerd/containerd/pull/5560)) * Change Wrapf of non-error to an actual error * Install apparmor parser for arm64 environment * scrub the stale TODO ([#5536](https://github.com/containerd/containerd/pull/5536)) * scrub the stale TODO * docs: explicitly mention containerd's Prometheus path ([#5554](https://github.com/containerd/containerd/pull/5554)) * docs: explicitly mention containerd's Prometheus path * integration: Cleanup containerd on test teardown ([#5553](https://github.com/containerd/containerd/pull/5553)) * integration: Cleanup containerd on test teardown * docs/cri: update links ([#5548](https://github.com/containerd/containerd/pull/5548)) * docs/cri: update ocicrypt link * docs/cri: fix broken links * Update Windows periodic tests ([#5544](https://github.com/containerd/containerd/pull/5544)) * Update Windows periodic tests * Add CI periodic Windows Jobs. ([#5165](https://github.com/containerd/containerd/pull/5165)) * Schedule Windows job daily after midnight. * Update windows-periodic.yml * Add CI periodic Windows Jobs. * Rename atomicWrite to writeToCompletion ([#5273](https://github.com/containerd/containerd/pull/5273)) * Rename atomicWrite to writeToCompletion * Do not run btrfs tests if btrfs kernel module is not loaded ([#5539](https://github.com/containerd/containerd/pull/5539)) * Do not run btrfs tests if btrfs kernel module is not loaded * Fix incorrect UA used for registry authentication ([#5533](https://github.com/containerd/containerd/pull/5533)) * Fix incorrect UA used for registry authentication * ctr: parse mount options with embedded = character ([#5531](https://github.com/containerd/containerd/pull/5531)) * ctr: parse mount options with embedded = character * Fix mounts for FreeBSD ([#5472](https://github.com/containerd/containerd/pull/5472)) * Add ruleset=4 option * Remove mountpoints not commonly mounted on FreeBSD * Add copyright header & make sure compilation succeeds on all platforms * Fix mounts for FreeBSD * ctr: make exec pty behavior consistent with run ([#5527](https://github.com/containerd/containerd/pull/5527)) * ctr: exec handle pty resize after Start * ctr: exec setup IO with console * Makefile: use $@ for target file names ([#5534](https://github.com/containerd/containerd/pull/5534)) * Makefile: use $@ for target file names * Fix small typo ([#5528](https://github.com/containerd/containerd/pull/5528)) * Fix small typo * Don't check for apparmor_parser to be present ([#5519](https://github.com/containerd/containerd/pull/5519)) * update the link * Don't check for apparmor_parser to be present * Remove useless lines ([#5520](https://github.com/containerd/containerd/pull/5520)) * Remove useless lines * Fixed typos in docs ([#5509](https://github.com/containerd/containerd/pull/5509)) * fixed typos * Try next mirror in case of non-404 errors, too ([#5275](https://github.com/containerd/containerd/pull/5275)) * Try next mirror in case of non-404 errors, too * bump runc version to v1.0.0-rc95 ([#5514](https://github.com/containerd/containerd/pull/5514)) * bump runc version to v1.0.0-rc95 * update runc binary to v1.0.0-rc95 ([#5511](https://github.com/containerd/containerd/pull/5511)) * update runc binary to v1.0.0-rc95 * Bump github.com/Microsoft/go-winio from 0.4.15 to 0.5.0 ([#5508](https://github.com/containerd/containerd/pull/5508)) * Bump github.com/Microsoft/go-winio from 0.4.15 to 0.5.0 * Bump github.com/opencontainers/selinux from 1.8.0 to 1.8.1 ([#5507](https://github.com/containerd/containerd/pull/5507)) * Bump github.com/opencontainers/selinux from 1.8.0 to 1.8.1 * Makefile: allow overriding install command via environment ([#5493](https://github.com/containerd/containerd/pull/5493)) * Makefile: allow overriding install command via environment * tests: Adds support for Windows cri-integration tests ([#5163](https://github.com/containerd/containerd/pull/5163)) * tests: Adds support for Windows cri-integration tests * Update docker resolver to authorize redirects ([#5504](https://github.com/containerd/containerd/pull/5504)) * Update docker resolver to authorize redirects * bump hcsshim version to v0.8.17 ([#5505](https://github.com/containerd/containerd/pull/5505)) * bump hcsshim version to v0.8.17 * Release binary update for imgcrypt ([#5498](https://github.com/containerd/containerd/pull/5498)) * just release ctd-decoder not ctr-enc * Merge remote-tracking branch 'upstream/master' * Pin integration test image for alpine * cri-integration tests: Pull images once ([#5313](https://github.com/containerd/containerd/pull/5313)) * tests: Prepull images used in tests * plugin: optimize the check for the last registration ([#5440](https://github.com/containerd/containerd/pull/5440)) * plugin: optimize the check for the last registration * metadata: modify NewLeaseManager to return leases.Manager ([#5465](https://github.com/containerd/containerd/pull/5465)) * metadata: modify NewLeaseManager to return leases.Manager * Skip TLS verification for localhost ([#5100](https://github.com/containerd/containerd/pull/5100)) * Skip TLS verification for localhost * Merge remote-tracking branch 'upstream/master' * Makefile: make sure manpages are built before install-man ([#5492](https://github.com/containerd/containerd/pull/5492)) * Makefile: make sure manpages are built before install-man * adds description for hosts.toml ([#5309](https://github.com/containerd/containerd/pull/5309)) * adds credentials description * adds description for hosts.toml * Prepare default branch rename ([#5459](https://github.com/containerd/containerd/pull/5459)) * Prepare default branch rename * Merge remote-tracking branch 'upstream/master' * Update runc to rc94 ([#5473](https://github.com/containerd/containerd/pull/5473)) * Update vendored runc to v1.0.0.0-rc94 * Update the runc binary used with containerd to runc v1.0.0-rc94 * Fix `content.ReaderAt` close ([#5468](https://github.com/containerd/containerd/pull/5468)) * Fix content.ReaderAt close * Update releases doc with updated support timeline ([#5466](https://github.com/containerd/containerd/pull/5466)) * Update releases doc with updated support timeline * tests: add test for adaptor ([#5452](https://github.com/containerd/containerd/pull/5452)) * tests: add test for adaptor * Makefile: allow overriding go command by environment ([#5450](https://github.com/containerd/containerd/pull/5450)) * Makefile: allow overriding go command by environment * update to new cri-tools make install ([#5462](https://github.com/containerd/containerd/pull/5462)) * update to new cri-tools make install * Update Go to 1.16.4 ([#5461](https://github.com/containerd/containerd/pull/5461)) * Update Go to 1.16.4 * Merge remote-tracking branch 'upstream/release/1.5' * [release/1.5] go.mod: cut circular dependency on github.com/containerd/containerd ([#5457](https://github.com/containerd/containerd/pull/5457)) * go.mod: cut circular dependency on github.com/containerd/containerd * integration/client: go mod tidy * oci: fix WithDevShmSize ([#5063](https://github.com/containerd/containerd/pull/5063)) * oci: fix WithDevShmSize * [release/1.5] cherry-pick: windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink ([#5454](https://github.com/containerd/containerd/pull/5454)) * windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink * windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink ([#5411](https://github.com/containerd/containerd/pull/5411)) * windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink * doc: add missing namespaces package ([#5448](https://github.com/containerd/containerd/pull/5448)) * doc: add missing namespaces package * update seccomp version ([#5445](https://github.com/containerd/containerd/pull/5445)) * update seccomp version * Update golang.org/x/sys to add linux/ppc support ([#5436](https://github.com/containerd/containerd/pull/5436)) * Update golang.org/x/sys to add linux/ppc support * go.mod: cut circular dependency on github.com/containerd/containerd ([#5441](https://github.com/containerd/containerd/pull/5441)) * go.mod: cut circular dependency on github.com/containerd/containerd * integration/client: go mod tidy * Fix different registry hosts referencing the same auth config. ([#5446](https://github.com/containerd/containerd/pull/5446)) * Fix different registry hosts referencing the same auth config. </p> </details> ### Changes from containerd/cgroups <details><summary>33 commits</summary> <p> * v2: Fix inotify fd leak when cgroup is deleted ([#212](https://github.com/containerd/cgroups/pull/212)) * v2: add test case for Manager.EventChan() behavior * v2: flip error handling for readKVStat("memory.events") to reduce indentation * v2: manager: factor out memory.events parsing * v2: Fix inotify leak when cgroup is deleted * fix Implicit memory aliasing in for loop ([#214](https://github.com/containerd/cgroups/pull/214)) * fix Implicit memory aliasing in for loop * Fix potential dirfd leak. ([#210](https://github.com/containerd/cgroups/pull/210)) * Fix potential dirfd leak. * cgroup: Optionally add process and task to a subsystems subset ([#203](https://github.com/containerd/cgroups/pull/203)) * cgroup: Optionally add process and task to a subsystems subset * replace pkg/errors from vendor ([#208](https://github.com/containerd/cgroups/pull/208)) * replace pkg/errors from vendor * cgroup.go: avoid panic on nil interface ([#207](https://github.com/containerd/cgroups/pull/207)) * cgroup.go: avoid panic on nil interface * Improvements on cgroup v2 support ([#204](https://github.com/containerd/cgroups/pull/204)) * cgroupv2: reset lastErr to nil when subtree control is successfully written * cgroupv2: enable controllers before setting resources in NewChild() * v2: remove unimplemented errors and ErrorHandler, IgnoreNotExist ([#201](https://github.com/containerd/cgroups/pull/201)) * v2: remove ErrorHandler and IgnoreNotExist as they are not implemented * v2: remove errors that are never returned * v1: reduce duplicated code ([#202](https://github.com/containerd/cgroups/pull/202)) * v1: reduce duplicated code * cgroup v1: implement AddProc() ([#200](https://github.com/containerd/cgroups/pull/200)) * cgroup v1: implement AddProc() * Rename branch from master to main ([#199](https://github.com/containerd/cgroups/pull/199)) * Rename branch from master to main * utils: export ParseCgroupFile() ([#197](https://github.com/containerd/cgroups/pull/197)) * utils: export ParseCgroupFile() * go.mod: coreos/go-systemd/v22 v22.3.2 to prepare for deprecations ([#194](https://github.com/containerd/cgroups/pull/194)) * go.mod: coreos/go-systemd/v22 v22.3.2 to prepare for deprecations * Use /proc/partitions to get device names ([#195](https://github.com/containerd/cgroups/pull/195)) * Use /proc/partitions to get device names </p> </details> ### Changes from containerd/console <details><summary>6 commits</summary> <p> * Fix CI ([#55](https://github.com/containerd/console/pull/55)) * Fix CI * Stop using pkg/errors * Add support for z/OS ([#46](https://github.com/containerd/console/pull/46)) * Console test on z/OS * Add support for z/OS </p> </details> ### Changes from containerd/continuity <details><summary>28 commits</summary> <p> * fs: use syscall.Timespec.Unix ([#193](https://github.com/containerd/continuity/pull/193)) * fs: use syscall.Timespec.Unix * Update CI Go version to 1.17 ([#192](https://github.com/containerd/continuity/pull/192)) * Update CI Go version to 1.17 * Build containerd/continuity on multiple Unix OSes ([#190](https://github.com/containerd/continuity/pull/190)) * Build containerd/continuity on multiple Unix OSes * Do not log errors before returning them ([#191](https://github.com/containerd/continuity/pull/191)) * Do not log errors before returning them * Copy Windows file metadata ([#188](https://github.com/containerd/continuity/pull/188)) * Copy Windows file metadata * fix fmt.Errorf("%w", err) on err == nil ([#187](https://github.com/containerd/continuity/pull/187)) * fix fmt.Errorf("%w", err) on err == nil * Remove direct dependency on github.com/pkg/errors ([#185](https://github.com/containerd/continuity/pull/185)) * run gofmt with Go 1.17 * remove direct dependency on github.com/pkg/errors * Fix darwin issues ([#186](https://github.com/containerd/continuity/pull/186)) * update AUTHORS * darwin: use utimensat syscall instead of utimes * fix darwin usage of du command * go.mod: bazil.org/fuse v0.0.0-20200407214033-5883e5a4b5125 ([#161](https://github.com/containerd/continuity/pull/161)) * go.mod: bazil.org/fuse v0.0.0-20200407214033-5883e5a4b5125 * fs/stat: add FreeBSD, and cleanup some nolint-comments ([#184](https://github.com/containerd/continuity/pull/184)) * reformat nolint comments * fs/stat: add FreeBSD * Rename branch from master to main ([#182](https://github.com/containerd/continuity/pull/182)) * Rename branch from master to main * testutil/loopback: print more debug info ([#180](https://github.com/containerd/continuity/pull/180)) * testutil/loopback: print more debug info </p> </details> ### Changes from containerd/go-cni <details><summary>18 commits</summary> <p> * run setup on networks in parallel ([#76](https://github.com/containerd/go-cni/pull/76)) * switch to direct index * run setup on networks in parallel * remove: Continue on "not found" errors ([#74](https://github.com/containerd/go-cni/pull/74)) * remove: Continue on "not found" errors * go.mod: github.com/containernetworking/cni v1.0.1 ([#72](https://github.com/containerd/go-cni/pull/72)) * go.mod: github.com/containernetworking/cni v1.0.1 * remove direct dependency on github.com/pkg/errors ([#71](https://github.com/containerd/go-cni/pull/71)) * remove direct dependency on github.com/pkg/errors * update CNI to v1.0.0 ([#70](https://github.com/containerd/go-cni/pull/70)) * test: add TestLibCNIType100 * update CNI to v1.0.0 * Rename branch from master to main ([#69](https://github.com/containerd/go-cni/pull/69)) * Rename branch from master to main * result: change Raw from a struct field to a method ([#68](https://github.com/containerd/go-cni/pull/68)) * result: change Raw from a struct field to a method * result: expose raw result ([#67](https://github.com/containerd/go-cni/pull/67)) * result: expose raw result </p> </details> ### Changes from containerd/imgcrypt <details><summary>32 commits</summary> <p> * CHANGES: Updated CHANGES document for 1.1.3 release ([#64](https://github.com/containerd/imgcrypt/pull/64)) * CHANGES: Updated CHANGES document for 1.1.3 release * docs: update project branch to main ([#63](https://github.com/containerd/imgcrypt/pull/63)) * docs: update project branch to main * Update linter to match containerd repo ([#61](https://github.com/containerd/imgcrypt/pull/61)) * Update linter to match containerd repo * update CI golang version * Bump github.com/containerd/containerd from 1.5.7 to 1.5.8 ([#59](https://github.com/containerd/imgcrypt/pull/59)) * Bump github.com/containerd/containerd from 1.5.7 to 1.5.8 * maint: Update to ocicrypt v1.1.2 ([#57](https://github.com/containerd/imgcrypt/pull/57)) * maint: Update to ocicrypt v1.1.2 * Decouple CreateCryptoConfig() from github.com/urfave/cli ([#56](https://github.com/containerd/imgcrypt/pull/56)) * Decouple CreateCryptoConfig() from github.com/urfave/cli * Bump github.com/containerd/containerd from 1.5.5 to 1.5.7 ([#55](https://github.com/containerd/imgcrypt/pull/55)) * Bump github.com/containerd/containerd from 1.5.5 to 1.5.7 * replace pkg/errors and bump related library * README: Fix CRI decryption document URL ([#53](https://github.com/containerd/imgcrypt/pull/53)) * README: Fix CRI decryption document URL * Bump github.com/containerd/containerd from 1.5.2 to 1.5.4 ([#52](https://github.com/containerd/imgcrypt/pull/52)) * Bump github.com/containerd/containerd from 1.5.2 to 1.5.4 * Bump containerd to 1.5.2 ([#51](https://github.com/containerd/imgcrypt/pull/51)) * Bump containerd to 1.5.2 * images: Implement ConvertFunc for image en- and decryption ([#49](https://github.com/containerd/imgcrypt/pull/49)) * images: Implement ConvertFunc for image en- and decryption * Add containerd-release to makefile ([#48](https://github.com/containerd/imgcrypt/pull/48)) * Remove ctr-enc from installation * vendor sync up with containerd 1.5 ga, and runc94 ([#47](https://github.com/containerd/imgcrypt/pull/47)) * sync up with containerd 1.5 ga, and runc94 * Sync ctr-enc with containerd's ctr v1.5.0-rc.3 ([#46](https://github.com/containerd/imgcrypt/pull/46)) * CICD: Run 'apt update' before pulling packages * ctr-enc: Set the version for ctr-enc when linking * Sync ctr-enc with containerd's ctr v1.5.0-rc.3 </p> </details> ### Changes from containerd/ttrpc <details><summary>34 commits</summary> <p> * Add protoc-gen-go-ttrpc ([#96](https://github.com/containerd/ttrpc/pull/96)) * Add protoc-gen-go-ttrpc * client: Handle sending/receiving in separate goroutines ([#94](https://github.com/containerd/ttrpc/pull/94)) * client: Handle sending/receiving in separate goroutines * Run Protobuild in GitHub Actions ([#95](https://github.com/containerd/ttrpc/pull/95)) * Run Protobuild in GitHub Actions * Re-generate example.pb.go * replace pkg/errors ([#93](https://github.com/containerd/ttrpc/pull/93)) * replace pkg/errors from vendor * Rename branch from master to main ([#86](https://github.com/containerd/ttrpc/pull/86)) * Rename branch from master to main * Make "go test" and "go build" work on macOS ([#85](https://github.com/containerd/ttrpc/pull/85)) * Make the example command buildable on macOS * Run GitHub Actions on macOS * Make "go test" work on macOS * Return Unimplemented when services or methods are not implemented ([#83](https://github.com/containerd/ttrpc/pull/83)) * Return Unimplemented when services or methods are not implemented * Remove "Very new" and checked TODO items ([#84](https://github.com/containerd/ttrpc/pull/84)) * Remove "Very new" and checked TODO items * removing glide from ignore ([#82](https://github.com/containerd/ttrpc/pull/82)) * removing glide from ignore * go.mod: update dependencies ([#79](https://github.com/containerd/ttrpc/pull/79)) * go.mod: github.com/prometheus/procfs v0.6.0 * go.mod: google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63 * go.mod: google.golang.org/grpc v1.27.1 * go.mod: github.com/gogo/protobuf v1.3.2 * remove travis, add codecov badge ([#78](https://github.com/containerd/ttrpc/pull/78)) * CI: add codecov badge to readme * CI: remove travis * Use GitHub Actions for CI ([#77](https://github.com/containerd/ttrpc/pull/77)) * Use GitHub Actions for CI * go.mod: sirupsen/logrus v1.7.0 ([#76](https://github.com/containerd/ttrpc/pull/76)) * go.mod: sirupsen/logrus v1.7.0 * go mod tidy </p> </details> ### Dependency Changes * **cloud.google.com/go** v0.81.0 **_new_** * **github.com/AdaLogics/go-fuzz-headers** 6c3934b029d8 **_new_** * **github.com/Microsoft/go-winio** v0.4.17 -> v0.5.1 * **github.com/Microsoft/hcsshim** v0.8.16 -> v0.9.2 * **github.com/blang/semver** v3.5.1 **_new_** * **github.com/cenkalti/backoff/v4** v4.1.2 **_new_** * **github.com/cespare/xxhash/v2** v2.1.1 -> v2.1.2 * **github.com/cilium/ebpf** v0.4.0 -> v0.7.0 * **github.com/containerd/cgroups** v1.0.1 -> v1.0.3 * **github.com/containerd/console** v1.0.2 -> v1.0.3 * **github.com/containerd/continuity** v0.1.0 -> v0.2.2 * **github.com/containerd/go-cni** v1.0.2 -> v1.1.1 * **github.com/containerd/imgcrypt** v1.1.1 -> v1.1.3 * **github.com/containerd/ttrpc** v1.0.2 -> v1.1.0 * **github.com/containernetworking/cni** v0.8.1 -> v1.0.1 * **github.com/containernetworking/plugins** v0.9.1 -> v1.0.1 * **github.com/containers/ocicrypt** v1.1.1 -> v1.1.2 * **github.com/coreos/go-systemd/v22** v22.1.0 -> v22.3.2 * **github.com/go-logr/logr** v0.2.0 -> v1.2.2 * **github.com/go-logr/stdr** v1.2.2 **_new_** * **github.com/godbus/dbus/v5** v5.0.3 -> v5.0.6 * **github.com/golang/groupcache** 8c9f03a8e57e -> 41bb18bfe9da * **github.com/golang/protobuf** v1.3.5 -> v1.5.2 * **github.com/google/go-cmp** v0.5.4 -> v0.5.6 * **github.com/google/gofuzz** v1.1.0 -> v1.2.0 * **github.com/grpc-ecosystem/go-grpc-middleware** v1.3.0 **_new_** * **github.com/grpc-ecosystem/grpc-gateway** v1.16.0 **_new_** * **github.com/hashicorp/errwrap** v1.0.0 -> v1.1.0 * **github.com/hashicorp/go-multierror** v1.0.0 -> v1.1.1 * **github.com/imdario/mergo** v0.3.11 -> v0.3.12 * **github.com/intel/goresctrl** v0.2.0 **_new_** * **github.com/json-iterator/go** v1.1.10 -> v1.1.12 * **github.com/moby/spdystream** v0.2.0 **_new_** * **github.com/moby/sys/mountinfo** v0.4.1 -> v0.5.0 * **github.com/moby/sys/signal** v0.6.0 **_new_** * **github.com/moby/sys/symlink** v0.1.0 -> v0.2.0 * **github.com/modern-go/reflect2** v1.0.1 -> v1.0.2 * **github.com/opencontainers/image-spec** v1.0.1 -> 693428a734f5 * **github.com/opencontainers/runc** v1.0.0-rc93 -> v1.1.0 * **github.com/opencontainers/runtime-spec** e6143ca7d51d -> 1c3f411f0417 * **github.com/opencontainers/selinux** v1.8.0 -> v1.10.0 * **github.com/pelletier/go-toml** v1.8.1 -> v1.9.3 * **github.com/prometheus/client_golang** v1.7.1 -> v1.11.0 * **github.com/prometheus/common** v0.10.0 -> v0.30.0 * **github.com/prometheus/procfs** v0.6.0 -> v0.7.3 * **github.com/satori/go.uuid** v1.2.0 **_new_** * **github.com/sirupsen/logrus** v1.7.0 -> v1.8.1 * **github.com/spf13/pflag** v1.0.5 **_new_** * **github.com/stretchr/testify** v1.6.1 -> v1.7.0 * **github.com/vishvananda/netlink** f5de75959ad5 **_new_** * **github.com/vishvananda/netns** 2eb08e3e575f **_new_** * **go.etcd.io/bbolt** v1.3.5 -> v1.3.6 * **go.opencensus.io** v0.22.3 -> v0.23.0 * **go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc** v0.28.0 **_new_** * **go.opentelemetry.io/otel** v1.3.0 **_new_** * **go.opentelemetry.io/otel/exporters/otlp/internal/retry** v1.3.0 **_new_** * **go.opentelemetry.io/otel/exporters/otlp/otlptrace** v1.3.0 **_new_** * **go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc** v1.3.0 **_new_** * **go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp** v1.3.0 **_new_** * **go.opentelemetry.io/otel/sdk** v1.3.0 **_new_** * **go.opentelemetry.io/otel/trace** v1.3.0 **_new_** * **go.opentelemetry.io/proto/otlp** v0.11.0 **_new_** * **golang.org/x/crypto** 0c34fe9e7dc2 -> 32db794688a5 * **golang.org/x/net** e18ecbb05110 -> fe4d6282115f * **golang.org/x/oauth2** bf48bf16ab8d -> 2bc19b11175f * **golang.org/x/sync** 09787c993a3a -> 036812b2e83c * **golang.org/x/sys** 47abb6519492 -> 1d35b9e2eb4e * **golang.org/x/term** 7de9c90e9dd1 -> 6886f2dfbf5b * **golang.org/x/text** v0.3.4 -> v0.3.7 * **golang.org/x/time** 3af7569d3a1e -> 1f47c861a9ac * **google.golang.org/appengine** v1.6.5 -> v1.6.7 * **google.golang.org/grpc** v1.27.1 -> v1.43.0 * **google.golang.org/protobuf** v1.27.1 **_new_** * **gopkg.in/yaml.v3** 9f266ea9e77c -> 496545a6307b * **k8s.io/api** v0.20.6 -> v0.22.5 * **k8s.io/apimachinery** v0.20.6 -> v0.22.5 * **k8s.io/apiserver** v0.20.6 -> v0.22.5 * **k8s.io/client-go** v0.20.6 -> v0.22.5 * **k8s.io/component-base** v0.20.6 -> v0.22.5 * **k8s.io/cri-api** v0.20.6 -> v0.23.1 * **k8s.io/klog/v2** v2.4.0 -> v2.30.0 * **k8s.io/utils** 67b214c5f920 -> cb0fa318a74b * **sigs.k8s.io/structured-merge-diff/v4** v4.0.3 -> v4.1.2 Previous release can be found at [v1.5.0](https://github.com/containerd/containerd/releases/tag/v1.5.0)
a9f61ba
2022-02-09 00:42
下载
下载
请输入验证码,防止盗链导致资源被占用
取消
下载
Go
1
https://gitee.com/bison-fork/containerd.git
git@gitee.com:bison-fork/containerd.git
bison-fork
containerd
containerd
点此查找更多帮助
搜索帮助
Git 命令在线学习
如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
仓库举报
回到顶部
登录提示
该操作需登录 Gitee 帐号,请先登录后再操作。
立即登录
没有帐号,去注册
