Containerd Versions Save

An open and reliable container runtime

v1.7.8

6 months ago

Welcome to the v1.7.8 release of containerd!

The eighth patch release for containerd 1.7 contains various fixes and updates.

Notable Updates

  • Fix ambiguous TLS fallback (#9299)
  • Update Go to 1.20.10 (#9265)
  • Add a new image label on converted schema 1 images (#9252)
  • Fix handling for missing basic auth credentials (#9235)
  • Fix potential deadlock in create handler for containerd-shim-runc-v2 (#9209)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Sebastiaan van Stijn
  • Derek McGowan
  • Phil Estes
  • Chen Yiyang
  • Wei Fu
  • Akihiro Suda
  • Maksym Pavlenko
  • Marat Radchenko
  • Milas Bowman
  • Qiutong Song
  • Samuel Karp

Changes

27 commits

  • [release/1.7] Prepare release notes for v1.7.8 (#9278)
  • [release/1.7] Fix ambiguous tls fallback (#9299)
    • 68abc543b Check scheme and host of request on push redirect
    • 35c7634e3 Avoid TLS fallback when protocol is not ambiguous
  • [release/1.7] vendor: google.golang.org/grpc v1.58.3 (#9281)
  • [release/1.7 backport] vendor: golang.org/x/net v0.17.0 (#9276)
  • [release/1.7] vendor: google.golang.org/grpc v1.56.3 (#9248)
    • 26736d6e1 vendor: google.golang.org/grpc v1.56.3
    • 54a69a6e4 vendor: golang.org/x/oauth2 v0.7.0
    • ac15a7f5b vendor: google.golang.org/protobuf v1.30.0
  • [release/1.7] update to go1.20.10, test go1.21.3 (#9265)
    • 2479c3321 [release/1.7] update to go1.20.10, test go1.21.3
    • 11f40e9d8 [release/1.7] update to go1.20.9, test go1.21.2
  • [release/1.7] Add a new image label if it is docker schema 1 (#9252)
    • cac1bab79 Add a new image label if it is docker schema 1
  • [release/1.7] remotes: add handling for missing basic auth credentials (#9235)
    • 6cd2cc4a8 remotes: add handling for missing basic auth credentials
  • [release/1.7 backport] containerd-shim-runc-v2: avoid potential deadlock in create handler (#9209)
    • d0a1fedb5 *: add runc-fp as runc wrapper to inject failpoint
    • 04491240a containerd-shim-runc-v2: avoid potential deadlock in create handler
    • 6982a0df5 containerd-shim-runc-v2: remove unnecessary s.getContainer()
    • 0e2320398 Uncopypaste parsing of OCI Bundle spec file

Dependency Changes

  • golang.org/x/crypto v0.11.0 -> v0.14.0
  • golang.org/x/mod v0.9.0 -> v0.11.0
  • golang.org/x/net v0.13.0 -> v0.17.0
  • golang.org/x/oauth2 v0.4.0 -> v0.10.0
  • golang.org/x/sync v0.1.0 -> v0.3.0
  • golang.org/x/sys v0.10.0 -> v0.13.0
  • golang.org/x/term v0.10.0 -> v0.13.0
  • golang.org/x/text v0.11.0 -> v0.13.0
  • golang.org/x/tools v0.7.0 -> v0.10.0
  • google.golang.org/genproto 7f2fa6fef1f4 -> 782d3b101e98
  • google.golang.org/genproto/googleapis/api 782d3b101e98 new
  • google.golang.org/genproto/googleapis/rpc 782d3b101e98 new
  • google.golang.org/grpc v1.53.0 -> v1.58.3
  • google.golang.org/protobuf v1.29.1 -> v1.31.0

Previous release can be found at v1.7.7

v1.7.7

7 months ago

Welcome to the v1.7.7 release of containerd!

The seventh patch release for containerd 1.7 contains various fixes and updates.

Notable Updates

  • Require plugins to succeed after registering readiness (#9165)
  • Handle unexpected shim kill events (#9132)
  • Build binaries with Go 1.21.1 (#9167)
  • cri: Stop recommending disable_cgroup (#9168)
  • remotes/docker: Fix MountedFrom prefixed with target repository (#9193)
  • remotes: always try to establish tls connection when tls configured (#9188)
  • NRI: Add support for rlimits (#48)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Samuel Karp
  • Krisztian Litkey
  • Wei Fu
  • Phil Estes
  • Sebastiaan van Stijn
  • Iceber Gu
  • Mike Brown
  • Akihiro Suda
  • Paweł Gronowski
  • Steve Griffith
  • Aditya Ramani
  • Austin Vazquez
  • Danny Canter
  • James Sturtevant
  • Kern Walster
  • ZP-AlwaysWin

Changes

31 commits

  • [release/1.7] Prepare release notes for v1.7.7 (#9194)
  • [release/1.7] Allow for images with artifacts to pull (#9149)
    • 6ca0aebf0 Allow for images with artifacts to pull
  • [release 1.7] remotes/docker: Fix MountedFrom prefixed with target repository (#9193)
    • 7df492a95 remotes/docker: Fix MountedFrom prefixed with target repository
  • [release/1.7] Update x/net to 0.13 (#9134)
  • [release/1.7] remotes: always try to establish tls connection when tls configured (#9188)
    • 7779ce64e remotes: always try to establish tls connection when tls configured
  • [release/1.7] cri: stop recommending disable_cgroup (#9168)
    • 6013b5e03 cri: stop recommending disable_cgroup
  • [release/1.7] Require plugins to succeed after registering readiness (#9165)
    • a83c66813 Require plugins to succeed after registering readiness
    • 171d76849 cri: call RegisterReadiness after NewCRIService
  • [release/1.7] Handle unexpected shim kill events (#9132)
    • 3d27bc738 Handle unexpected shim kill events
  • [release/1.7] Build binaries with 1.21.1 (#9167)
  • [release/1.7] vendor: github.com/Microsoft/hcsshim v0.11.1 (#9127)
    • 5756f6064 [release/1.7] vendor: github.com/Microsoft/hcsshim v0.11.1
  • [release/1.7 backport] alias log package to github.com/containerd/log v0.1.0 (#9106)
    • 09633b539 deprecate logs package, but disable linter (for transitioning)
    • cb201519f alias log package to github.com/containerd/log v0.1.0
    • a5024e6dd vendor: github.com/stretchr/testify v1.8.4
    • 7bd976af3 vendor: github.com/sirupsen/logrus v1.9.3
  • [release/1.7] remotes/docker: Add MountedFrom and Exists push status (#9097)
    • 8cd2d33c2 [release/1.7] remotes/docker: Add MountedFrom and Exists push status
  • [release/1.7] vendor: update github.com/containerd/[email protected] (#9099)

Changes from containerd/log

9 commits

Changes from containerd/nri

35 commits

  • releases: update note about 0.4.0 (#50)
    • 5f13915 releases: update note about 0.4.0
  • Add support for rlimits (#48)
    • 5ecea04 ulimit-adjuster: add validation for hard limits
    • db3de10 test: exclude ulimit-adjuster from ginkgo
    • f0deb59 ulimit-adjuster: new sample plugin
    • d2dd708 Add support for rlimits
    • efaf36e api: add POSIXRlimit type
  • .github: add test build to CI workflow. (#47)
    • 3f092c2 .github: add test build to CI workflow.
  • stub: pass context to plugins, pass updated resources to UpdateContainers. (#40)
    • 01d5f14 Add a note about NRI API stability and release notes.
    • ea9976d adaptation: add UpdateContainer tests.
    • d042d24 stub: fix plugin UpdateContainerInterface.
    • f5d0f51 plugins: update plugins for stub changes.
    • b4bd301 adaptation: update tests with stub changes.
    • 9d86150 stub: pass context to plugin event handlers.
  • Updated the OCI Hook Injector README to resovle broken links to the p… (#34)
    • 5eee915 removed link
    • c783fc7 Resolves broken podman links and adds details to help better guide people in testing.
  • Fix ParseEventMask to produce proper masks for 'pod' and 'container' shorthand event notations. (#39)
    • da291a6 Fix ParseEventMask to produce proper masks
  • fix the NRI_PLUGIN_NAME env value when launching a pre-installed plugin (#42)
    • 4a4cea6 fix the NRI_PLUGIN_NAME env value when launching a pre-installed plugin
    • a67478e stub: update setIdentify to ensureIdentify
  • update module name of the logger plugin (#41)
    • 841f5ed update module name of the logger plugin
  • Add gitignore for build artifacts (#32)
    • 8d9c64d Add gitignore for build artifacts
  • Makefile: fix 'install-*' targets. (#38)
    • c03d1be Makefile: fix 'install-*' targets.
  • docs: add a chapter about security considerations. (#36)
    • ab28e71 docs: add a chapter about security considerations.
  • api: initialize OCI LinuxMemory resources to empty. (#37)
    • 2862d98 api: initialize OCI LinuxMemory resources to empty.

Dependency Changes

  • github.com/Microsoft/hcsshim v0.11.0 -> v0.11.1
  • github.com/containerd/log v0.1.0 new
  • github.com/containerd/nri v0.3.0 -> v0.4.0
  • github.com/sirupsen/logrus v1.9.0 -> v1.9.3
  • github.com/stretchr/testify v1.8.2 -> v1.8.4
  • golang.org/x/crypto v0.1.0 -> v0.11.0
  • golang.org/x/net v0.8.0 -> v0.13.0
  • golang.org/x/sys v0.7.0 -> v0.10.0
  • golang.org/x/term v0.6.0 -> v0.10.0
  • golang.org/x/text v0.8.0 -> v0.11.0

Previous release can be found at v1.7.6

Which file should I download?

  • containerd-<VERSION>-<OS>-<ARCH>.tar.gz: ✅Recommended. Dynamically linked with glibc 2.31 (Ubuntu 20.04).
  • containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz: Statically linked. Expected to be used on non-glibc Linux distributions. Not position-independent.
  • cri-containerd-<VERSION>-<OS>-<ARCH>.tar.gz: (Deprecated)
  • cri-containerd-cni-<VERSION>-<OS>-<ARCH>.tar.gz: (Deprecated)

In addition to containerd, typically you will have to install runc and CNI plugins from their official sites too.

See also the Getting Started documentation.

v1.6.24

8 months ago

Welcome to the v1.6.24 release of containerd!

The twenty-fourth patch release for containerd 1.6 contains various fixes and updates.

Notable Updates

  • CRI: fix leaked shim caused by high IO pressure (#9004)
  • Update to go1.20.8 (#9073)
  • Update runc to v1.1.9 (#8966)
  • Backport: add configurable mount options to overlay snapshotter (#8961)
  • log: cleanups and improvements to decouple more from logrus (#9002)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Sebastiaan van Stijn
  • Akihiro Suda
  • Wei Fu
  • Derek McGowan
  • Akhil Mohan
  • Cardy.Tang
  • Danny Canter
  • Kazuyoshi Kato
  • Mike Brown
  • Phil Estes
  • Samuel Karp

Changes

45 commits

  • [release/1.6] Prepare release notes for v1.6.24 (#9087)
    • cdd59290d Prepare release notes for v1.6.24
  • [release/1.6 backport] log: cleanups and improvements to decouple more from logrus (#9002)
    • 33c2d88e7 Revert "log: define G() as a function instead of a variable"
    • 0a7f2975e log: swap logrus functions with their equivalent on default logger
    • 9d175a19b log: add package documentation and summary of package's purpose
    • 96fb65529 log: make Fields type a generic map[string]any
    • bace17e2e log: add log.Entry type
    • dd127885f log: define OutputFormat type
    • 5b4cf2329 log: define G() as a function instead of a variable
    • ee1b4a1e2 log: add all log-levels that are accepted
    • d563a411f log: group "enum" consts and touch-up docs
    • 6e8f4555b log: WithLogger: remove redundant intermediate var
    • c19325559 log: SetFormat: include returns in switch
    • c3c22f8cb log: remove gotest.tools dependency
  • [release/1.6] update to go1.20.8 (#9073)
  • [release/1.6 backport] make repositories of install dependencies configurable (#9024)
    • 0da8dcaa7 make repositories of install dependencies configurable
  • [release/1.6 backport] update Golang to go1.20.7, minimum version go1.19 (#9020)
    • 8e6a9de5b update to go1.20.7, go1.19.12
    • 8b2eb371f Update Go to 1.20.6,1.19.11
    • cff669c7a update go to go1.20.5, go1.19.10
    • f34a22de9 update go to go1.20.4, go1.19.9
    • e8e73065e update go to go1.20.3, go1.19.8
    • 9b3f950d6 Go 1.20.2
    • 17d03ac68 Go 1.20.1
    • 861f65447 go.mod: go 1.19
    • 81fa93784 Stop using math/rand.Read and rand.Seed (deprecated in Go 1.20)
    • 70dc11a6c lint: remove //nolint:dupword that are no longer needed
    • fec784a06 lint: silence "SA1019: tar.TypeRegA has been deprecated... (staticheck)"
    • 6648df1ad lint: silence "type HostFileConfig is unused (unused)"
    • e6b268bc7 golangci-lint v1.51.1
    • c552ccf67 go.mod: golang.org/x/sync v0.1.0
  • [releases/1.6] *: fix leaked shim caused by high IO pressure (#9004)
    • d00af5c3e integration: issue7496 case should work for runc.v2 only
    • 583696e4e Vagrantfile: add strace tool
    • ab21d60d2 pkg/cri/server: add criService as argument when handle exit event
    • a229883cb pkg/cri/server: fix leaked shim issue
    • d8f824200 integration: add case to reproduce #7496
  • [release/1.6] Cherry-pick: [overlay] add configurable mount options to overlay snapshotter (#8961)
    • 8cd40e1d0 Add configurable mount options to overlay
    • 453fa397a feat: make overlay sync removal configurable
  • [release/1.6 backport] update runc binary to v1.1.9 (#8966)

Dependency Changes

  • golang.org/x/sync 036812b2e83c -> v0.1.0

Previous release can be found at v1.6.23

v1.7.6

8 months ago

Welcome to the v1.7.6 release of containerd!

The sixth patch release for containerd 1.7 contains various fixes and updates.

Notable Updates

  • Fix log package for clients overwriting the global logger (#9032)
  • Fix blockfile snapshotter copy on Darwin (#9047)
  • Add support for Linux usernames on non-Linux platforms (#9015)
  • Update Windows platform matcher to invoke stable ABI compability function (#9069)
  • Update Golang to 1.20.8 (#9074)
  • Update push to inherit distribution sources from parent (#9084)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Kirtana Ashok
  • Phil Estes
  • Akihiro Suda
  • Danny Canter
  • Sebastiaan van Stijn
  • Akhil Mohan
  • Maksym Pavlenko
  • Samuel Karp
  • Wei Fu

Changes

20 commits

  • [release/1.7] Prepare release notes for 1.7.6 (#9085)
  • [release/1.7] Invoke Stable ABI compatibility function in windows platform matcher (#9069)
    • c7a35ccdc Fix transfer service dependencies:
    • 38d4e506d Invoke Stable ABI compatibility function in windows platform matcher
  • [release/1.7] push: inherit distribution sources from parent (#9084)
    • 5ebf05d97 push: inherit distribution sources from parent
    • d206896dd content: add InfoProvider interface
  • [release/1.7] update to go1.20.8 (#9074)
  • [release/1.7] Update hcsshim tag to v0.11.0 (#9063)
  • [release/1.7] CRI: Support Linux usernames for !linux platforms (#9015)
    • b449440a4 CRI: Support Linux usernames for !linux platforms
  • [release/1.7] Blockfile: Enlighten blockfile copy on Darwin (#9047)
    • ed4bac11e Blockfile: Enlighten blockfile copy on Darwin
  • [release/1.7 backport] Revert "log: define G() as a function instead of a variable" (#9032)
    • 4d1cfbbdd Revert "log: define G() as a function instead of a variable"
  • [release/1.7 backport] make repositories of install dependencies configurable (#9025)
    • a34e93241 make repositories of install dependencies configurable

Dependency Changes

  • github.com/Microsoft/hcsshim v0.10.0-rc.8 -> v0.11.0

Previous release can be found at v1.7.5

v1.7.5

8 months ago

Welcome to the v1.7.5 release of containerd!

The fifth patch release for containerd 1.7 fixes a versioning issue from the previous release and includes some internal logging API changes.

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Sebastiaan van Stijn
  • Derek McGowan
  • Akihiro Suda
  • Antonio Huete Jimenez
  • Phil Estes
  • Samuel Karp

Changes

18 commits

  • [release/1.7] Prepare release notes for 1.7.5 (#9010)
  • [release/1.7 backport] go.mod: github.com/containerd/continuity v0.4.2 (#9012)
    • 503ab21bf go.mod: github.com/containerd/continuity v0.4.2
  • [release/1.7 backport] log: cleanups and improvements to decouple more from logrus (#9001)
    • 2a9ae3c51 log: swap logrus functions with their equivalent on default logger
    • 01445bb73 log: add package documentation and summary of package's purpose
    • 932795f45 log: make Fields type a generic map[string]any
    • 707ca94d8 log: add log.Entry type
    • 0a79e67e4 log: define OutputFormat type
    • dbbe28b7d log: define G() as a function instead of a variable
    • 93b6cb784 log: add all log-levels that are accepted
    • e8e086e02 log: group "enum" consts and touch-up docs
    • 7aa4f8fdc log: WithLogger: remove redundant intermediate var
    • bfdce4ce4 log: SetFormat: include returns in switch
    • 6621e0888 log: remove testify dependency
    • df76aaede removes/docker: remove unnecessary conversion (unconvert)

Changes from containerd/continuity

2 commits

  • Add initial DragonFly BSD support (#230)
    • bcc6e25 dragonfly: Initial porting work

Dependency Changes

  • github.com/containerd/continuity 1e0d26eb2381 -> v0.4.2

Previous release can be found at v1.7.4

v1.7.4

8 months ago

Welcome to the v1.7.4 release of containerd!

The fourth patch release for containerd 1.7 contains remote differ plugin support, a new block file based snapshotter, and various fixes and updates.

Notable Updates

  • Add blockfile snapshotter (#8986)
  • Add remote/proxy differ (#8985)
  • Update runc binary to v1.1.9 (#8965)
  • Cri: Don't use rel path for image volumes (#8926)
  • Allow attaching to any combination of stdin/out/err (#8910)
  • Fix ro mount option being passed (#8887)
  • Fix leaked shim caused by high IO pressure (#9003)
  • Add configurable mount options to overlay snapshotter (#9005)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Wei Fu
  • Derek McGowan
  • Akihiro Suda
  • Kazuyoshi Kato
  • Cardy.Tang
  • Phil Estes
  • Ben Foster
  • Danny Canter
  • Hsing-Yu (David) Chen
  • James Jenkins
  • James Sturtevant
  • Maksym Pavlenko
  • Rodrigo Campos
  • Sebastiaan van Stijn
  • rongfu.leng

Changes

43 commits

  • [release/1.7] Prepare release notes for v1.7.4 (#9000)
    • 7a0cae3ca [release/1.7] Prepare release notes for v1.7.4
  • [releases/1.7] *: fix leaked shim caused by high IO pressure (#9003)
    • 537d7526e integration: issue7496 case should work for runc.v2 only
    • 5add172be Vagrantfile: add strace tool
    • 207e28f36 integration: add ShouldRetryShutdown case based on #7496
    • b4f480fb3 pkg/cri/sbserver: fix leaked shim issue for podsandbox mode
    • 88ff575c5 pkg/cri/server: fix leaked shim issue
    • 9f61dfb7c integration: add case to reproduce #7496
  • [release/1.7] Cherry-pick: [overlay] add configurable mount options to overlay snapshotter (#9005)
    • 0f4885c16 Add configurable mount options to overlay
    • 8804a27d7 feat: make overlay sync removal configurable
  • [release/1.7] Remove temporary replace (#8997)
  • [release/1.7] Add blockfile snapshotter (#8986)
    • 2bf6bd143 vendor: update github.com/containerd/continuity
    • 30a163086 snapshots|pkg: umount without DETACH and nosync after umount
    • c9eebe3d1 mount: support direct-io for loopback device
    • 1c2977db0 Modify loopback size
    • cf9c78d2d snapshots/blockfile: fix lint issue
    • b823b4f54 snapshots/blockfile: deflaky the testsuite
    • 6daeceb11 snapshots/blockfile: use passed in dst in scratchGenerator
    • 99b61aee3 snapshots/blockfile: use loop if options is empty
    • fd39769ac Add mount options to blockfile snapshotter
    • 8d732c6c2 Add sync before unmount on snapshotter layer test
    • 8472a407e Add blockfile snapshotter to snapshotters doc
    • 6740d77ca Add blockfile as a builtin
    • 07cc24b32 Add blockfile snapshotter
  • [release/1.7] Backport remote/proxy differ (#8985)
  • [release/1.7 backport] update runc binary to v1.1.9 (#8965)
  • [release/1.7] Port fix for Linux Integration test failure (#8950)
    • c0b1c8f74 fix ci Linux Integration test fail
  • [release/1.7] cri: Don't use rel path for image volumes (#8926)
    • 4e97a115f cri: Don't use rel path for image volumes
  • [release/1.7] fix: allow attaching to any combination of stdin/stdout/stderr (#8910)
    • 34a5d0330 fix: allow attaching to any combination of stdin/stdout/stderr
  • [release/1.7 backport] update to go1.20.7, go1.19.12 (#8906)
  • [release/1.7] cherry-pick: Fix ro mount option being passed (#8887)

Changes from containerd/continuity

4 commits

  • fs: use io.Copy because go supports CopyFileRange (#227)
    • 4b8bec5 fs: use io.Copy because go supports CopyFileRange
  • fs/fstest: CreateFile should use sync (#228)
    • 3fa7d7a fs/fstest: CreateFile should use sync

Dependency Changes

  • github.com/AdaLogics/go-fuzz-headers 1f10f66a31bf -> ced1acdcaa24
  • github.com/AdamKorcz/go-118-fuzz-build 5330a85ea652 -> 8075edf89bb0
  • github.com/containerd/continuity v0.4.1 -> 1e0d26eb2381

Previous release can be found at v1.7.3

v1.6.23

9 months ago

Welcome to the v1.6.23 release of containerd!

The twenty-third patch release for containerd 1.6 contains various fixes and updates.

Notable Updates

  • **Add stable ABI support in windows platform matcher + update hcsshim tag (#8854)
  • **cri: Don't use rel path for image volumes (#8927)
  • **Upgrade GitHub actions packages in release workflow (#8908)
  • **update to go1.19.12 (#8905)
  • **backport: ro option for userxattr mount check + cherry-pick: Fix ro mount option being passed (#8888)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Kirtana Ashok
  • Maksym Pavlenko
  • Austin Vazquez
  • Ben Foster
  • Derek McGowan
  • Mike Brown
  • Phil Estes
  • Rodrigo Campos
  • Sebastiaan van Stijn
  • Wei Fu

Changes

13 commits

  • [release/1.6] Add release notes for v1.6.23 (#8939)
  • [release/1.6] Add stable ABI support in windows platform matcher + update hcsshim tag (#8854)
    • f51bf1960 Add support for stable ABI windows versions
    • 43a02c0b2 Update hcsshim tag to v0.9.10
  • [release/1.6] cri: Don't use rel path for image volumes (#8927)
  • cc5b0a21b cri: Don't use rel path for image volumes
  • [release/1.6 backport] Upgrade GitHub actions packages in release workflow (#8908)
    • 4238cff1c Upgrade GitHub actions packages in release workflow
  • [release/1.6] update to go1.19.12 (#8905)
  • [release/1.6] backport: ro option for userxattr mount check + cherry-pick: Fix ro mount option being passed (#8888)

Dependency Changes

  • github.com/Microsoft/hcsshim v0.9.8 -> v0.9.10

Previous release can be found at v1.6.22

v1.7.3

9 months ago

Welcome to the v1.7.3 release of containerd!

The third patch release for containerd 1.7 contains various fixes and updates.

Notable Updates

  • RunC: Update runc binary to v1.1.8 (#8843)
  • CRI: Fix additionalGids: it should fallback to imageConfig.User when securityContext.RunAsUser,RunAsUsername are empty (#8824)
  • CRI: write generated CNI config atomically (#8825)
  • Port-Forward: Correctly handle known errors (#8806)
  • Resolve docker.NewResolver race condition (#8799)
  • Fix net.ipv4.ping_group_range with userns (#8786)
  • Runtime/V2/RunC: handle early exits w/o big locks (#8712)
  • SecComp: always allow name_to_handle_at (#8753)
  • CRI: Windows Pod Stats: Add a check to skip stats for containers that are not running (#8654)
  • Task: don't close() io before cancel() (#8658)
  • Remove CNI conf_template deprecation (#8638)
  • Fix issue for HPC pod metrics (#8634)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Akihiro Suda
  • Phil Estes
  • Sebastiaan van Stijn
  • Wei Fu
  • Derek McGowan
  • Kazuyoshi Kato
  • Austin Vazquez
  • Samuel Karp
  • Shingo Omura
  • Jin Dong
  • Maksym Pavlenko
  • Aditi Sharma
  • Danny Canter
  • James Sturtevant
  • Laura Brehm
  • Rodrigo Campos
  • Akhil Mohan
  • Andrey Epifanov
  • Bjorn Neergaard
  • Cory Snider
  • Madhav Jivrajani
  • Mahamed Ali
  • Priyanka Saggu
  • Qasim Sarfraz
  • wangxiang
  • zounengren

Changes

63 commits

  • [release/1.7] Prepare release notes for v1.7.3 (#8871)
    • 4cb2f1515 [release/1.7] Add release notes for v1.7.3
  • [release/1.7] cri: memory.memsw.limit_in_bytes: no such file or directory (#8869)
    • b461ecacf cri: memory.memsw.limit_in_bytes: no such file or directory
  • [release/1.7] migrate to community owned bucket for node e2e tests (#8875)
    • 14328ae03 migrate to community owned bucket
  • [release/1.7 backport] update runc binary to v1.1.8 (#8843)
  • [release/1.7 backport] [CRI] fix additionalGids: it should fallback to imageConfig.User when securityContext.RunAsUser,RunAsUsername are empty (#8824)
    • 083f57160 capture desc variable in range variable just in case that it run in parallel mode
    • a9440ce6b Use t.TempDir instead of os.MkdirTemp
    • eea3440d8 use strings.Cut instead of strings.Split for parsing imageConfig.User
    • eace67180 fix userstr for dditionalGids on Linux
  • [release/1.7 backport] cri: write generated CNI config atomically (#8825)
    • 7353c0286 ctr: update WritePidFile to use atomicfile
    • ae7021300 shim: WritePidFile & WriteAddress use atomicfile
    • 186eb64b7 cri: write generated CNI config atomically on Unix
    • 64c3dcd8e atomicfile: new package for atomic file writes
  • [release/1.7 backport] Move logrus setup code to log package (#8831)
    • f7a20e17c Move logrus setup code to log package
  • [release/1.7 backport] Cirrus CI: configure apt-get to wait for locks (#8814)
    • 60a6db9c2 Cirrus CI: configure apt-get to wait for locks
  • [release/1.7 backport] Update Go to 1.20.6,1.19.11 (#8815)
  • [release/1.7 backport] update go to go1.20.5, go1.19.10 (#8716)
  • [release/1.7 backport] bugfix(port-forward): Correctly handle known errors (#8806)
    • 6b6b0c828 bugfix(port-forward): Correctly handle known errors
  • [release/1.7] Resolve docker.NewResolver race condition (#8799)
    • 898eca21e Change http.Header copy to builtin Clone
    • fa2efc406 Resolve docker.NewResolver race condition
  • [release/1.7] Fix net.ipv4.ping_group_range with userns (#8786)
    • 241514815 pkg/cri/server: Test net.ipv4.ping_group_range works with userns
    • 801e8c806 pkg/cri/server: Fix net.ipv4.ping_group_range with userns
  • [release/1.7 backport] vendor: github.com/containerd/zfs v1.1.0 (#8782)
    • d5639a5a8 vendor: github.com/containerd/zfs v1.1.0
  • [release/1.7 backport] ci: remove libseccomp-dev installation for nightly (#8772)
    • 15d65709e ci: remove libseccomp-dev installation for nightly
  • [release/1.7] go.mod: Update cgroups to 3.0.2 (#8769)
    • a08ae718c [release/1.7] go.mod: Update cgroups to 3.0.2
  • [release/1.7 backport] runtime/v2/runc: handle early exits w/o big locks (#8712)
    • 18c6503d9 runtime/v2/runc: handle early exits w/o big locks
  • [release/1.7 backport] integration/client: add timeout to TestShimOOMScore (#8750)
    • 3bf3996d9 integration/client: add timeout to TestShimOOMScore
  • [release/1.7 backport] Update ginkgo to match cri-tools' version (#8760)
    • c2c54af9d Update ginkgo to match cri-tools' version
  • [release/1.7 backport] seccomp: always allow name_to_handle_at (#8753)
    • 6281d46df seccomp: always allow name_to_handle_at
  • [release/1.7] Pinned image support (#8718)
  • [release/1.7] cherry-pick: No more nondistributable layers in MS registry (#8690)
    • dafbeb5b1 No more nondistributable layers in MS registry
  • [release/1.7] [cri] Windows Pod Stats: Add a check to skip stats for containers that are not running (#8654)
    • 58b6b99cd Add a check to skip stats for containers that are not running
  • [release/1.7 backport] task: don't close() io before cancel() (#8658)
    • e5b2a0131 task: don't close() io before cancel()
  • [release/1.7 backport] move to CRI-TOOLS v1.27.0 (#8656)
  • [release/1.7] Remove cni conf_template deprecation (#8638)
    • 0b2b96479 RELEASES.md: de-deprecation of CNI conf_template will be v1.7.3
    • a24267b28 Remove cni conf_template deprecation
  • [release/1.7] Fix issue for HPC pod metrics (#8634)

Changes from containerd/zfs

49 commits

  • gofumpt and update status badges (#75)
  • go.mod: github.com/mistifyio/go-zfs/v3 v3.0.1 (#73)
    • d3485b9 go.mod: github.com/mistifyio/go-zfs/v3 v3.0.1
  • gha: fix golangci-lint, and upgrade to v1.52.2 (#74)
    • 23c831a remove pre-go1.17 build-tags, and fix missing build-tags in plugin
    • e5acd95 gha: fix golangci-lint, upgrade to v1.52.2
  • Bump github.com/containerd/containerd from 1.6.12 to 1.6.18 (#72)
    • 00b96c2 Bump github.com/containerd/containerd from 1.6.12 to 1.6.18
  • Bump github.com/containerd/containerd from 1.6.9 to 1.6.12 (#69)
    • a099def Bump github.com/containerd/containerd from 1.6.9 to 1.6.12
  • Add CodeQL analysis workflow (#67)
    • fee1db7 Add CodeQL analysis workflow
  • Update GitHub actions CI workflow (#66)
    • b8b7ab2 Update GitHub actions CI workflow
  • Upgrade compiler to Go 1.19 and update dependencies (#68)
  • Remove references to io/ioutil package (#65)
    • d700762 Remove references to io/ioutil package
  • Update go.mod and move to supported Go version (#62)
    • f52906e Update Go version to supported version
    • 79ca2cb Update containerd depedency to latest
  • go.mod: github.com/mistifyio/go-zfs v3.0.0 (#59)
    • 2e3db29 go.mod: github.com/mistifyio/go-zfs v3.0.0
  • go.mod: github.com/mistifyio/go-zfs/v3 v3.0.0-20220217145925-d014733a5309 (#58)
    • d904e63 go.mod: github.com/mistifyio/go-zfs/v3 v3.0.0-20220217145925-d014733a5309
  • Update vendoring to containerd 1.6.x (#57)
    • e021180 Update vendoring to containerd 1.6.x
  • Bump github.com/containerd/containerd from 1.5.8 to 1.5.9 (#55)
    • fc0c9a9 Bump github.com/containerd/containerd from 1.5.8 to 1.5.9
  • Bump github.com/containerd/containerd from 1.5.5 to 1.5.8 (#54)
    • 5d2f28c Bump github.com/containerd/containerd from 1.5.5 to 1.5.8
  • follow-up-#52: fix the order of cause in fmt.Errorf (#53)
    • b3f193d follow-up-#52: fix the order of cause in fmt.Errorf
  • replace pkg/errors (#52)
  • Bump github.com/containerd/containerd from 1.5.2 to 1.5.4 (#51)
    • fd6afa5 Bump github.com/containerd/containerd from 1.5.2 to 1.5.4
  • Bump containerd to 1.5.2 (#50)
  • Rename branches from master to main (#49)
    • 35c6af7 Rename branches from master to main
  • sync up with containerd 1.5 GA (#47)
    • 3d5efef vendor sync up with containerd 1.5 ga
  • README.md: fix CI badge (#46)

Dependency Changes

  • github.com/containerd/cgroups/v3 v3.0.1 -> v3.0.2
  • github.com/containerd/zfs v1.0.0 -> v1.1.0
  • github.com/mistifyio/go-zfs/v3 v3.0.1 new

Previous release can be found at v1.7.2

v1.6.22

9 months ago

Welcome to the v1.6.22 release of containerd!

The twenty-second patch release for containerd 1.6 contains various fixes and updates.

Notable Updates

  • RunC: Update runc binary to v1.1.8 (#8842)
  • CRI: Fix additionalGids: it should fallback to imageConfig.User when securityContext.RunAsUser,RunAsUsername are empty (#8823)
  • CRI: Write generated CNI config atomically (#8826)
  • Fix concurrent writes for UpdateContainerStats (#8819)
  • Make checkContainerTimestamps less strict on Windows (#8827)
  • Port-Forward: Correctly handle known errors (#8805)
  • Resolve docker.NewResolver race condition (#8800)
  • SecComp: Always allow name_to_handle_at (#8754)
  • Adding support to run hcsshim from local clone (#8713)
  • Pinned image support (#8720)
  • Runtime/V2/RunC: Handle early exits w/o big locks (#8695)
  • CRITool: Move up to CRI-TOOLS v1.27.0 (#7997)
  • Fix cpu architecture detection issue on emulated ARM platform (#8533)
  • Task: Don't close() io before cancel() (#8659)
  • Fix panic when remote differ returns empty result (#8640)
  • Plugins: Notify readiness when registered plugins are ready (#8583)
  • Unwrap io errors in server connection receive error handling (ttrpc#143)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Akihiro Suda
  • Phil Estes
  • Sebastiaan van Stijn
  • Derek McGowan
  • Wei Fu
  • Kazuyoshi Kato
  • Austin Vazquez
  • Samuel Karp
  • dependabot[bot]
  • Jin Dong
  • Maksym Pavlenko
  • Mike Brown
  • Shingo Omura
  • Akhil Mohan
  • Bjorn Neergaard
  • Laura Brehm
  • Tony Fang
  • Aditi Sharma
  • Andrey Epifanov
  • Benjamin Wang
  • Brian Goff
  • Cory Snider
  • Daniel Canter
  • Daniel Lenar
  • Henry Wang
  • Luca Comellini
  • Madhav Jivrajani
  • Mahamed Ali
  • Mohit Sharma
  • Oliver Radwell
  • Priyanka Saggu
  • Qasim Sarfraz
  • Takumasa Sakao
  • wangxiang
  • zounengren

Changes

95 commits

  • [release/1.6] Prepare release notes for v1.6.22 (#8863)
    • 0770a4601 [release/1.6] Add release notes for v1.6.22
  • [release/1.6] migrate to community owned bucket for node e2e tests (#8876)
    • 512a672af migrate to community owned bucket
  • [release/1.6] cri: memory.memsw.limit_in_bytes: no such file or directory (#8870)
    • b585ff155 cri: memory.memsw.limit_in_bytes: no such file or directory
  • [release/1.6] Update go-restful to v3.10.1 (#8412)
    • a322077bf go.mod: github.com/emicklei/go-restful/v3 v3.10.1
  • [release/1.6 backport] update runc binary to v1.1.8 (#8842)
  • [release/1.6 backport] ci: remove libseccomp-dev installation for nightly (#8773)
    • 6e2bcb6dd ci: remove libseccomp-dev installation for nightly
  • [release/1.6 backport] [CRI] fix additionalGids: it should fallback to imageConfig.User when securityContext.RunAsUser,RunAsUsername are empty (#8823)
    • cd06f23af capture desc variable in range variable just in case that it run in parallel mode
    • 30f5c6a1f Use t.TempDir instead of os.MkdirTemp
    • 59d8363ef fix userstr for dditionalGids on Linux
  • [release/1.6 backport] cri: write generated CNI config atomically (#8826)
    • d75bf78c2 ctr: update WritePidFile to use atomicfile
    • 5f70b23c1 shim: WritePidFile & WriteAddress use atomicfile
    • 505d444b0 cri: write generated CNI config atomically on Unix
    • b2d2d3829 atomicfile: new package for atomic file writes
  • [release/1.6 backport] Fix concurrent writes for UpdateContainerStats (#8819)
    • 9f650143f Fix concurrent writes for UpdateContainerStats
  • [release/1.6 backport] Make checkContainerTimestamps less strict on Windows (#8827)
    • 568ce91ca Make checkContainerTimestamps less strict on Windows
  • [release/1.6 backport] dependency: bump go.etcd.io/bbolt to v1.3.7 (#8817)
    • d2f47192a dependency: bump go.etcd.io/bbolt to v1.3.7
    • fb56dc245 [release/1.6] vendor: github.com/stretchr/testify v1.8.1
  • [release/1.6 backport] Move logrus setup code to log package (#8832)
    • 7fbd5dc89 Move logrus setup code to log package
  • [release/1.6 backport] release: Add "cri-containerd.DEPRECATED.txt" in the deprecated cri-containerd-* bundles (#8820)
    • 59a143670 release: Add "cri-containerd.DEPRECATED.txt" in the deprecated cri-containerd-* bundles
  • [release/1.6 backport] Use version 2 configuration format in docs (#8821)
    • 5b51b79e2 [release/1.6] fix remaining "v1 config" plugin IDs
    • b7cf26d8d docs: Fix sample config.toml syntax
    • fcdaf0966 docs: migrate config v1 to v2
    • 728d5c5f0 Use version 2 config and mention containerd config command
  • [release/1.6] update go to go1.19.11 (#8816)
    • 81aa14718 [release/1.6] update go to go1.19.11
  • [release/1.6] update go to go1.19.10 (#8715)
    • 17cd86629 [release/1.6] update go to go1.19.10
  • [release/1.6 backport] bugfix(port-forward): Correctly handle known errors (#8805)
    • fdb65f214 bugfix(port-forward): Correctly handle known errors
  • [release/1.6] Resolve docker.NewResolver race condition (#8800)
    • b5784af66 Change http.Header copy to builtin Clone
    • 31c466f82 Resolve docker.NewResolver race condition
  • [release/1.6 backport] vendor: github.com/containerd/zfs v1.1.0 (#8781)
    • be6406ca6 vendor: github.com/containerd/zfs v1.1.0
    • 9f1260074 [release/1.6] vendor gotest.tools/v3 v3.5.0
    • 526e9e0ce Bump grpc to v1.50.1
    • 0e7d2d121 go.mod: github.com/sirupsen/logrus v1.9.0
    • 5b153c621 go.mod: github.com/moby/sys/mountinfo v0.6.2
    • 9dee60960 go.mod: github.com/moby/sys/mountinfo v0.6.0
  • [release/1.6 backport] seccomp: always allow name_to_handle_at (#8754)
    • 07ea7b9e7 seccomp: always allow name_to_handle_at
  • [release/1.6 backport] Update ginkgo to match cri-tools' version (#8759)
    • 1dae51fed Update ginkgo to match cri-tools' version
  • [release/1.6 backport] integration/client: add timeout to TestShimOOMScore (#8749)
    • bd76ab978 integration/client: add timeout to TestShimOOMScore
  • [release/1.6 backport] Adding support to run hcsshim from local clone (#8713)
    • 8e14eccb2 Adding support to run hcsshim from local clone
  • [1.6] Add Fields type alias to log package (#8739)
    • 9f2cdd589 Add Fields type alias to log package
  • [release/1.6] Pinned image support (#8720)
  • [release/1.6 backport] runtime/v2/runc: handle early exits w/o big locks (#8695)
    • dbeec47b4 runtime/v2/runc: handle early exits w/o big locks
  • [release/1.6 backport] move up to CRI-TOOLS v1.27.0 (#7997)
    • a8e01e40a move to CRI-TOOLS v1.27.0
    • 755f80698 move up to CRI-TOOLS v1.26.0
    • b29cc035f bump critools into ca1571e6edd116b2c95f52e3dfa0b4779b74223a
    • 9138999f5 Upgrade critools from 1.24.1 to 1.25.0
  • [release/1.6] cherry-pick: No more nondistributable layers in MS registry (#8691)
    • 712ff8eb3 No more nondistributable layers in MS registry
  • [release/1.6] Fix cpu architecture detection issue on emulated ARM platform (#8533)
    • 2b16e4bfa Add unit test to function GetCPUVariantFromArch
    • 106e36ec3 Use uname machine field to get CPU variant if fails at /proc/cpuinfo
  • [release/1.6] Update lint timeout (#8679)
    • 287fdfea6 Update linter timeout to match main branch
  • [release/1.6 backport] task: don't close() io before cancel() (#8659)
    • b27f7daa5 task: don't close() io before cancel()
  • [release/1.6] update test box to fedora 37 (#8660)
  • [release/1.6] Revert "Downgrade MinGW to version 10.2.0" (#8668)
    • 81d6085af Revert "Downgrade MinGW to version 10.2.0"
  • [release/1.6 backport] Fix panic when remote differ returns empty result (#8640)
    • f98122378 Fix panic when remote differ returns empty result
  • [1.6] Bump x/net to 0.8 (#8642)
  • [release/1.6 backport] remotes/docker: ResolverOptions: fix deprecation comments (#8620)
    • 56ff20839 remotes/docker: ResolverOptions: fix deprecation comments
  • [release/1.6] notify readiness when registered plugins are ready (#8583)
    • bccaf68b7 notify readiness when registered plugins are ready
  • [release/1.6] Update ttrpc to 1.1.2 (#8528)

Changes from containerd/ttrpc

2 commits

  • [release/1.1] Unwrap io errors in server connection receive error handling (#143)
    • d5f7eed Unwrap io errors in server connection receive error handling

Changes from containerd/zfs

49 commits

  • gofumpt and update status badges (#75)
  • go.mod: github.com/mistifyio/go-zfs/v3 v3.0.1 (#73)
    • d3485b9 go.mod: github.com/mistifyio/go-zfs/v3 v3.0.1
  • gha: fix golangci-lint, and upgrade to v1.52.2 (#74)
    • 23c831a remove pre-go1.17 build-tags, and fix missing build-tags in plugin
    • e5acd95 gha: fix golangci-lint, upgrade to v1.52.2
  • Bump github.com/containerd/containerd from 1.6.12 to 1.6.18 (#72)
    • 00b96c2 Bump github.com/containerd/containerd from 1.6.12 to 1.6.18
  • Bump github.com/containerd/containerd from 1.6.9 to 1.6.12 (#69)
    • a099def Bump github.com/containerd/containerd from 1.6.9 to 1.6.12
  • Add CodeQL analysis workflow (#67)
    • fee1db7 Add CodeQL analysis workflow
  • Update GitHub actions CI workflow (#66)
    • b8b7ab2 Update GitHub actions CI workflow
  • Upgrade compiler to Go 1.19 and update dependencies (#68)
  • Remove references to io/ioutil package (#65)
    • d700762 Remove references to io/ioutil package
  • Update go.mod and move to supported Go version (#62)
    • f52906e Update Go version to supported version
    • 79ca2cb Update containerd depedency to latest
  • go.mod: github.com/mistifyio/go-zfs v3.0.0 (#59)
    • 2e3db29 go.mod: github.com/mistifyio/go-zfs v3.0.0
  • go.mod: github.com/mistifyio/go-zfs/v3 v3.0.0-20220217145925-d014733a5309 (#58)
    • d904e63 go.mod: github.com/mistifyio/go-zfs/v3 v3.0.0-20220217145925-d014733a5309
  • Update vendoring to containerd 1.6.x (#57)
    • e021180 Update vendoring to containerd 1.6.x
  • Bump github.com/containerd/containerd from 1.5.8 to 1.5.9 (#55)
    • fc0c9a9 Bump github.com/containerd/containerd from 1.5.8 to 1.5.9
  • Bump github.com/containerd/containerd from 1.5.5 to 1.5.8 (#54)
    • 5d2f28c Bump github.com/containerd/containerd from 1.5.5 to 1.5.8
  • follow-up-#52: fix the order of cause in fmt.Errorf (#53)
    • b3f193d follow-up-#52: fix the order of cause in fmt.Errorf
  • replace pkg/errors (#52)
  • Bump github.com/containerd/containerd from 1.5.2 to 1.5.4 (#51)
    • fd6afa5 Bump github.com/containerd/containerd from 1.5.2 to 1.5.4
  • Bump containerd to 1.5.2 (#50)
  • Rename branches from master to main (#49)
    • 35c6af7 Rename branches from master to main
  • sync up with containerd 1.5 GA (#47)
    • 3d5efef vendor sync up with containerd 1.5 ga
  • README.md: fix CI badge (#46)

Dependency Changes

  • github.com/containerd/ttrpc v1.1.1 -> v1.1.2
  • github.com/containerd/zfs v1.0.0 -> v1.1.0
  • github.com/emicklei/go-restful/v3 v3.7.3 -> v3.10.1
  • github.com/google/go-cmp v0.5.6 -> v0.5.9
  • github.com/google/uuid v1.2.0 -> v1.3.0
  • github.com/mistifyio/go-zfs/v3 v3.0.1 new
  • github.com/moby/sys/mountinfo v0.5.0 -> v0.6.2
  • github.com/sirupsen/logrus v1.8.1 -> v1.9.0
  • github.com/stretchr/testify v1.7.0 -> v1.8.1
  • go.etcd.io/bbolt v1.3.6 -> v1.3.7
  • golang.org/x/net a158d28d115b -> v0.8.0
  • golang.org/x/sys 8c9f86f7a55f -> v0.6.0
  • golang.org/x/term 03fcf44c2211 -> v0.6.0
  • golang.org/x/text v0.3.7 -> v0.8.0
  • google.golang.org/grpc v1.47.0 -> v1.50.1
  • google.golang.org/protobuf v1.28.0 -> v1.28.1
  • gotest.tools/v3 v3.0.3 -> v3.5.0

Previous release can be found at v1.6.21

v1.7.2

11 months ago

Welcome to the v1.7.2 release of containerd!

The second patch release for containerd 1.7 includes enhancements to CRI sandbox mode, Windows snapshot mounting support, and CRI and container IO bug fixes.

CRI/Sandbox Updates

  • Publish sandbox events (#8613)
  • Make stats respect sandbox's platform (#8604)

Other Notable Updates

  • Mount snapshots on Windows (#8616)
  • Notify readiness when registered plugins are ready (#8584)
  • Fix cio.Cancel() should close pipes (#8624)
  • CDI: Use CRI Config.CDIDevices field for CDI injection (#8519)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Gabriel Adrian Samfira
  • Derek McGowan
  • Paul "TBBle" Hampson
  • Maksym Pavlenko
  • Phil Estes
  • Austin Vazquez
  • Akihiro Suda
  • Kazuyoshi Kato
  • Danny Canter
  • Samuel Karp
  • Sebastiaan van Stijn
  • Ed Bartosh
  • Henry Wang
  • Hsing-Yu (David) Chen
  • Jan Dubois
  • Mike Brown
  • Wei Fu
  • helen

Changes

59 commits

  • [release/1.7] Prepare release notes for v1.7.2 (#8629)
    • 0e41daaea [release/1.7] Prepare release notes for v1.7.2
  • [1.7 backport] Fix panic when remote differ returns empty result (#8631)
    • e134b6393 Fix panic when remote differ returns empty result
  • [release/1.7 backport] Mount snapshots on Windows (#8616)
    • 313c226b8 Update continuity to a tagged version
    • 8dd16285a UnmountAll is a no-op for missing mount points
    • acff3eefa Improve error messages and remove check
    • b4dd3bf4e Make ReadOnly() available on all platforms
    • 08d8baf3f Increase integration test tmieout to 20m
    • 1f0dbd011 Remove bind code path in mount()
    • 8f37b1c63 Remove "bind" code path from diff
    • 9139208b3 Properly mount base layers
    • e61e7b312 Skip parent layer options on bind mounts
    • e4307926f Add ReadOnly() function
    • 0277b9b01 Remove escalated privileges
    • d5c18dfb7 Use DefaultSnapshotter
    • 853179366 use t.Fatal if we cannot enable process privileges
    • 5b3ee413f Update continuity
    • 375172604 Fix go.mod, simplify boolean logic, add logging
    • 600abd137 Ignore ERROR_NOT_FOUND error when removing mount
    • df7295dcd Update continuity, go-winio and hcsshim
    • 0db78c482 Remove unused function
    • 219058766 Grant needed privileges for snapshotter tests
    • 96fbe5bc8 Fix layer comparison and enable read-only checks
    • 279e0d3c9 Use bind filer for mounts
    • 93e94da40 Enable TestSnapshotterClient on Windows
    • 3a3da693a Run Windows snapshotter through the test suite
    • e7b62322f Fix misspelling of 'Native' as 'Naive'
    • e1f999a18 Add paired 'mount' log for 'unmount'
    • 5788d6e52 Don't use all-upper-case filenames in snapshot tests
    • 3cdcb2f10 Skip tests that do not apply to WCOW on Windows
    • b0968b8bb Ensure mounts are unmounted before leaving the test
    • b57424851 Unify testutil.Unmount on Windows and Unix
    • b9a8aad45 Implement Windows mounting for bind and windows-layer mounts
    • 1a64ee183 Implement WCOW parentless active snapshots and view snapshots
  • [release/1.7] fix: cio.Cancel() should close the pipes (#8624)
    • 99582fb1a fix: cio.Cancel() should close the pipes
  • [release/1.7 backport] remotes/docker: ResolverOptions: fix deprecation comments (#8621)
    • eeda70fb0 remotes/docker: ResolverOptions: fix deprecation comments
  • [release/1.7] Publish sandbox events (#8613)
  • [release/1.7] notify readiness when registered plugins are ready (#8584)
    • 2c38cad77 notify readiness when registered plugins are ready
  • [release/1.7] Backport CRI sandbox server stats changes (#8604)
    • 7851b0a9f CRI: Make stats respect sandbox's platform
    • 8d7c340ca [sbserver] handle missing cpu stats
    • d08b2a088 [sbserver] Refactor usageNanoCores be to used for all OSes
  • [release/1.7] Cherry-pick: Update volume-ownership image with latest hashes (#8574)
    • 08de6e7b8 Update volume-ownership image with latest hashes
  • [release/1.7] CDI: Use CRI Config.CDIDevices field for CDI injection (#8519)
    • 6a5e54c15 Get CDI devices from CRI Config.CDIDevices field
  • [release/1.7 backport] snapshots/testsuite: Rename: fix fuse-overlayfs incompatibility (#8510)
    • 9e60300ea snapshots/testsuite: Rename: fix fuse-overlayfs incompatibility

Changes from containerd/continuity

31 commits

  • Fall back to Copyfile when Clonefile detects a cross-device request (#225)
    • 7df79f5 Fall back to Copyfile when Clonefile detects a cross-device request
  • Support darwin clonefile (#223)
  • Update golang.org/x/sys to v0.1.0 (#222)
    • 2db84b9 Update golang.org/x/sys to v0.1.0
  • Enable tests for all platforms (#220)
  • Add more Windows metadata files (#219)
    • cdfbe61 Add more Windows metadata files
  • atomicWriteFile: file defer close (#213)
    • 9eb2a49 atomicWriteFile: file defer close
  • Update GitHub Actions runner images (#216)
    • ad9c903 Update GitHub Actions runner images
  • Add CodeQL security scan workflow (#215)
    • c8de034 Add CodeQL security scan workflow
  • Add Go 1.20 support to CI (#214)
    • be62cc1 Add Go 1.20 support to CI
  • Add paths to windows metadataFiles (#212)
    • 68f7b34 Add paths to windows metadataFiles
  • Remove references to io/ioutil package (#211)
    • e22f001 Remove references to io/ioutil package
  • Update GitHub actions CI workflow (#210)
    • 1c3fa33 Update GitHub actions CI workflow
  • format code with gofumpt (#209)
  • Correctly ignore error wrapping ErrNotSupported (#207)
    • 1ee38b5 Correctly ignore error wrapping ErrNotSupported

Dependency Changes

  • github.com/containerd/continuity v0.3.0 -> v0.4.1

Previous release can be found at v1.7.1