Select Git revision
Search by author
- Any Author
- authors
-
autociadmin
autociadmin
-
chenzeyuan
chenzeyuan
-
余良海 yulianghai
-
兰梦
lanmeng
-
冯春林 fengchunlin
-
刘华 liuhua
-
刘壮 liuzhuang
-
刘杨 liuyang
-
刘涛 liutao
-
刘涛 liutao02
-
刘潇航 liuxiaohang
-
刘硕 liushuo
-
刘祖强
liuzuqiang
-
刘福涛 liufutao
-
刘震宇 liuzhenyu
-
唐鲁严
tangluyan
-
夏凯旋
xiakaixuan
-
奚云飞 xiyunfei
-
孙檬
sunmeng
-
季炜 jiwei
- Jul 23, 2021
-
-
Bruce Ashfield authored
Signed-off-by:Bruce Ashfield <bruce.ashfield@gmail.com>
-
Martin Jansa authored
* fixes: ERROR: uxen-guest-tools-4.1.7-r0 do_patch: Command Error: 'quilt --quiltrc /OE/build/oe-core/tmp-glibc/work/qemux86_64-oe-linux/uxen-guest-tools/4.1.7-r0/recipe-sysroot-native/etc/quiltrc push' exited with 0 Output: stdout: Applying patch fix-Makefile-for-OE-kernel-build.patch patching file Makefile Hunk #1 FAILED at 1 (different line endings). Hunk #2 FAILED at 19 (different line endings). 2 out of 2 hunks FAILED -- rejects in file Makefile Patch fix-Makefile-for-OE-kernel-build.patch does not apply (enforce with -f) Signed-off-by:
Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by:
-
Bruce Ashfield authored
To help enforce/guide consistent configuration and to avoid duplicating configuration fragments into the meta-virt layer, we leverage a native provider of the yocto-kernel-cache fragment repository. To allow support for kernels that support fragments, but don't have the yocto-kernel-cache in the kernel's SRC_URI, we create two conditional parts of the virtualization configuration. If virtualization is enabled in the distro features, the kernel version matches one of our supported ones, and the kernel inherits kernel-yocto, we add a depedency on the yocto-cfg-fragments-native recipe. That recipe will install the fragment collection to the kernel recipe's native sysroot. We can then check for the kernel-cache on the SRC_URI. If it is present, we use the feature at the standard location. If it is not present, we add the fragment from the native sysroot. While we could always use the native sysroot variant, we want to allow a kernel with a kernel-cache to be the first choice, and provide their own fragments. Signed-off-by: -
Bruce Ashfield authored
Signed-off-by:
-
- Jul 21, 2021
-
-
Leon Anavi authored
Upgrade to release 1.29.2: - Remove prompt to use docker compose in the up command - Bump py to 1.10.0 in requirements-indirect.txt Signed-off-by:
Leon Anavi <leon.anavi@konsulko.com> Signed-off-by:
-
Leon Anavi authored
Upgrade to release 4.1.0: - Add support for breadcrumbs. These are short log statements that are attached to error reports to help diagnose what events led to the error. - Apply filtering with params_filters to bytes, not just strings Signed-off-by:
-
Leon Anavi authored
Fix for rare legacy systems which still use simultaneously both sysvinit and systemd in DISTRO_FEATURES. This fix avoids issues during do_rootfs with postinstall scriptlets of ['docker-ce']. Signed-off-by:
-
- Jul 20, 2021
-
-
Bruce Ashfield authored
Bumping libpod to version v3.2.3-2-g09e8afe3a, which comprises the following commits: 1e6fd46e9 Bump to v3.2.3 1d7ddf511 Update release notes for v3.2.3 e4c45e759 vendor containers/common@v0.38.16 cb7016224 vendor containers/buildah@v1.21.3 1a8b2a037 Fix race conditions in rootless cni setup e54a513b9 CNI-in-slirp4netns: fix bind-mount for /run/systemd/resolve/stub-resolv.conf 1469af265 Make rootless-cni setup more robust 6f9d9636a Support uid,gid,mode options for secrets bed195bf8 vendor containers/common@v0.38.15 75431a455 [CI:DOCS] podman search: clarify that results depend on implementation 37570b7b7 vendor containers/common@v0.38.14 6ecedc161 vendor containers/common@v0.38.13 8a41bf3ee [3.2] vendor containers/common@v0.38.12 2c003d978 Bump README to v3.2.2 bb2cbf0d5 Bump to v3.2.3-dev d577c44e3 Bump to v3.2.2 9f4afa1ea fix systemcontext to use correct TMPDIR 5dabff27d Scrub podman commands to use report package 647c2024e Fix volumes with uid and gid options c2dcb3ee2 Vendor in c/common v0.38.11 ba70363f6 Initial release notes for v3.2.2 a9fd54775 Fix restoring of privileged containers d5f0729b2 Fix handling of podman-remote build --device 90805fa39 Add support for podman remote build -f - . 854c27c0a Fix panic condition in cgroups.getAvailableControllers b0dc157af Fix permissions on initially created named volumes f5cdb95ee Fix building static podman-remote 1c04cfe83 add correct slirp ip to /etc/hosts 6c4ee8535 disable tty-size exec checks in system tests 6ba9617be Fix resize race with podman exec -it eb6d4b0cf Fix documentation of the --format option of podman push e5c939183 Fix systemd-resolved detection. 613f427a0 Health Check is not handled in the compat LibpodToContainerJSON 949573c5a Do not use inotify for OCICNI ab5e770c4 getContainerNetworkInfo: lock netNsCtr before sync b957bff8b [NO TESTS NEEDED] Create /etc/mtab with the correct ownership 6d394f0e4 Create the /etc/mtab file if does not exists 879d66e7d [v3.2] cp: do not allow dir->file copying 6f769bc0e create: support images with invalid platform 19a89db66 vendor containers/common@v0.38.10 e5c070baf logs: k8s-file: restore poll sleep 4d9a9149d logs: k8s-file: fix spurious error logs dac2d31a2 utils: move message from warning to debug 60752b320 Bump to v3.2.2-dev Signed-off-by: -
Bruce Ashfield authored
Bumping containerd to version v1.5.2-18-g9be04c276, which comprises the following commits: 78b95dff2 update runc binary to v1.0.0 GA a2dc682f1 sandbox: send pod UID to CNI plugins as K8S_POD_UID 9d8880816 content/local: inline sys.StatATimeAsTime() 3735a7dfe Fix incorrect UA used for registry authentication 31ecdf77d Fix cleanup context of teardownPodNetwork b441ec19f Add proper Go version before project checks d31f5e6b6 fix invalid validation error checking 3fd01c4ea Change Wrapf of non-error to an actual error cba7b44b6 windows: Use GetFinalPathNameByHandle for ResolveSymbolicLink 354f729a4 Prepare release notes for v1.5.2 Signed-off-by:
-
- Jul 19, 2021
-
-
Bruce Ashfield authored
As part of allowing different types of oci images to be created, we split our IMG_cmd into .inc files that can then be specific to the selected type. For the umoci backend: We can take the same options as sloci expects and use umoci to create images. The resulting OCI image is similar, but by using umoci, we set the stage to do multi-tag, or multi-layer images in the future. But for now, we are functionally equivalent to the sloci backend. Signed-off-by:
-
- Jul 14, 2021
-
-
Christopher Clark authored
The SECURITY_FLAGS are already passed into the tools build in HOST_CC_ARCH so this separate case override is not needed. Signed-off-by:
Christopher Clark <christopher.w.clark@gmail.com> Signed-off-by:
-
Christopher Clark authored
Newer XTF revision works around GCC 11.1 issue 99578 and supplying the correct linker to use fixes the build. Signed-off-by:
Bertrand Marquis <bertrand.marquis@arm.com> Signed-off-by:
-
Christopher Clark authored
Ensure that the Xen build system variables EXTRA_CFLAGS_XEN_CORE and EXTRA_CFLAGS_XEN_TOOLS are passed into the compile steps. Update the hypervisor compilation to avoid passing in most compile flags from the build environment via EXTRA_CFLAGS_XEN_CORE -- prefer the compiler defaults and the flags set by the Xen build system, so only the debug prefix flags are provided. Observeration derived from the prior commit e99974aa , so: Reported-by:
Diego Sueiro <diego.sueiro@arm.com> Signed-off-by:
-
Christopher Clark authored
Apply patches for the tools and hypervisor to Xen 4.15 and the git recipe and uprev Xen 4.14 to latest stable revision. Retire the previous -Wno-vla-parameter workaround. Signed-off-by:
-
Bruce Ashfield authored
We need to change our branch to avoid parse errors. Signed-off-by:
-
- Jul 12, 2021
-
-
Bruce Ashfield authored
Bumping lxc to a newer 4.0 -stable release. We drop two patches that have been integrated to the upstream repo, but otherwise, things are the same. Signed-off-by: -
Bruce Ashfield authored
Switching to the release 1.31 branch, and picking up two minor version bump commits. This isn't much different than our previous build from master/main, but it is worth following the release branch for now. Signed-off-by: -
Bruce Ashfield authored
Skopeo has migrated from master to main, so we adjust our branch accordingly. Signed-off-by:
-
- Jul 08, 2021
-
-
Bruce Ashfield authored
Bumping k3s to version v1.21.2+k3s1-6-g0c2d8376d0, which comprises the following commits: 0c2d8376d0 Changes local storage pods to have 700 permissions (#3537) (#3548) 65e521140a [Backport 1.21] Move cloud-controller-manager into an embedded executor (#3530) 3224f6b56d fix possible race where bootstrap data might not save 5a67e8dc47 Update to v1.21.2 (#3479) c35761d169 Renamed client-cloud-controller crt and key (#3472) 8651d6af5f Send systemd notifications for both server and agent (#3430) (#3460) 32b02d1baf Send systemd notifications for both server and agent (#3430) c012e6ec6f Changed iptables version check for fail if version is between 1.8.0 and 1.8.3 and using nf_tables mode (#3454) eac48f69bc Add kubernetes.default.svc to serving certs Signed-off-by: -
Bruce Ashfield authored
Updating to 1.22-beta. We drop our bindata patch, since the generated bindata is no longer used. The following commits are part of this update: 9e87082b85f [Pod Security] Baseline + restricted policy checks for seccomp (#103341) a7469cf6804 sort and filter exposed Pod IPs cf6ba6096f9 Move pod-security-admission to an external Attributes interface 6bfaeaf9165 Deprecate azure and gcp in-tree auth plugins 55847256058 Explicitly set LimitedSwap case with fallthrough 0ecc7ba311a Update the logic to pick the best queue in P&F 4c9c761bbb2 instantiates scheduler ComponentConfig after parsing feature gates 74f5ed6b172 This introduces an Impersonate-Uid header to server side code. 2220fc61496 PodSecurity: clean up unnecessary passing fixtures ea54b1b152c PodSecurity: Make check-specific passing fixtures optional 9a5237ca63a Custom plugin config should take precedence over default plugin config 823a0f101ac Don't return in api validation 4b9230ed27f Promote LogarithmicScaleDown to beta 24e19229101 apf: add additional latency into width 20e1c4d7548 exec credential provider: update tests+metadata for v1 04d59ff2df3 test/e2e/network: add Service internalTrafficPolicy test for pod (w/ host network) -> pod (w/ host network) 9977ea371b1 test/e2e/network: add Service internalTrafficPolicy test for pod -> pod (w/ host network) 025c95a778b test/e2e/network: add Service internalTrafficPolicy test pod (w/ host network) -> pod f6bc5d01402 test/e2e/network: add Service internalTrafficPolicy test pod to pod 28f3f365057 Promote the ServiceInternalTrafficPolicy field to Beta and on by default (#103462) d0c422fd9c8 Hide long and multiline strings when printing edbaf9d5d36 test/integration/quota: poll for ResourceQuota used status in TestQuotaLimitService caf42fde430 test/integration/quota: refactor Service forbidden check into helper function 54bc1babe16 test/integration/quota: update TestQuotaLimitService to explicitly check for Forbidden status when quota limit is exceeded 87cef2ca736 test/integration/quota: deflake TestQuotaLimitService by collapsing test cases and adding a short delay for resource quota to propagate a85f3e4cce6 Fix(test/integration/util): fix typo on logging message a2c1b284da2 update url 1002b0d163d apiserver: add callback to get notified of object count b6b1674f560 Switch to the version instead of the `latest` 194ed1408dd update translations 66dbfbce105 update-translations.sh: add fix translations option (-k) 079d8aeb1e4 fix update-translations.sh 06124c1d1c6 Add backwards compatibility for kubectl debug f01d251e38c kubeadm: statically default ImagePullPolicy in v1beta3 bb6d5b1f95a memory manager: provide unittests for init containers re-use 960da7895cc memory manager: remove init containers once app container started b965502c495 memory manager: re-use the memory allocated for init containers 94414bea475 kubeadm: fix godoc formatting for v1beta3 61d88af9e40 Revert "Update runc to 1.0.0" 5ea9460234a Readable error message on the plugin configs of the removed plugins 2069ff9efcd fix compatibiltiy_test failures 1f24a198e76 reduce cpu usage of kube-proxy with iptables mode 29814890f6a fix compatibiltiy test f1f0183d2bb refactored extenders from scheduler/core to scheduler 570365178a8 merge packages of scheduler/core and scheduler 26f223fa6ed Bump `distroless/base` image to latest version 772344aef22 kubeadm: fix nil pointer in Cfg() feature gate checking c2a8cd359f1 re-order the imports in kubeadm c50b3074fe8 Moved VOLUME_MOUNT_GROUP capability check from NodeStageVolume to MountDevice; added log message in SetupAt to indicate FSGroup is delegated to driver 794a925a85f Pass FsGroup to NodeStageVolume 0e315355dfc Pass FsGroup to MountDevice ae5668edefd Pass FsGroup to NodePublishVolume 65db13a3a5f Combine capability check implementations 99700f7faff feature gate c24dfe528a0 cluster,hack: Use community infra GCS bucket for retrieving CI builds 1ae9b8f04dc Update kernel components to run as non-root in kubeadm. 83ee392ed42 implement EnqueueExtensions interface in volumebinding c96c809539f Add integration test for LB node port control c8bc4202454 Fix the beta release version. 79b6df96fc6 Add tests for LB type service 24592ca9890 Update the related tests 05c6eaf0d16 promote ServiceLBNodePortControl to beta 8972efc65fe change tracing service from kube-apiserver to apiserver 58b91ffca9e adds HasBeenReady signal that fires when the readyz endpoint succeeds ca108d109d5 readyz signals when the handler succeeds for the first time. 968185e1f7c Warn user for runtime support of debug targeting 6d6d200c3a7 dry-run can work when using an external ca 6c88a62cb4c remove logging from the Signal method dae08bc3a73 rename terminationSignals to lifecycleSignals c91496dda04 cluster: enable debug handlers on GCE master nodes 2b84b49ea98 Service REST test: Remove pointless cleanup ca708fa9ac3 Service REST test: Fix some names 54b6a416fba Service REST test: better IP and port alloc checks 8d49502fcd4 csr: update e2e conformance test with expirationSeconds usage 29b3fa78263 Generated cd91e59f7c3 csr: add expirationSeconds field to control cert lifetime 0a38b2804d9 add deprecated message for igonre-errors flag, and fix unsafety http link 43b13840db5 Service REST test: remove obscure const 44eb475b101 Service REST test: remove unused return value d6208606f33 Service REST test: remove pointless scaffolding 48e591eba23 Service REST test: remove obsolete setup param a3b05033f66 Move endpoints test-helper funcs to a package 012bfaf98d3 Service REST test: remove last use of "inner" 22ed090e734 Service REST test: mostly remove tests of "inner" 7e8882d189f Service REST test: Remove pointless scaffolding 175f4f33873 Move service test-helper funcs to a package b1fcbab8014 Service REST test: helper funcs for ports, too 5f65ba7d766 Service REST test: Use helper funcs to streamline d64bb1b29ed Service REST test: always check errors d3a0332b6cd Service REST test: remove unused fields 292b1444ebf Remove bad test for AllocateLoadBalancerNodePorts 0bb280044ec Fix typo in IP allocator error 5970c4671cc Add an IPFamily() method to ipallocator 89b633d3532 Fix doc comment 13a1804a5f5 podsecurity: add restricted volume type check 622f69bf8d4 kubeadm: update v1beta3's godoc changelog 11d444b00e0 kubeadm: remove versioned copies of the bootstrap token API and utils 14fa296bb38 kubeadm: use the bootstraptoken/v1 API across the code base 5b7bda90c03 kubeadm: introduce apis/bootstraptoken/v1 1cfbb0aa25b remove webhook.go to revert changes to conformance test ac4bb885be8 hostProcess test fixture data 49d31c45b12 PodSecurity: baseline hostProcess check 80494481135 [PodSecurity] baseline - apparmor Implement the "AppArmor" check from https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline b0ffaa93f5c move tracing instantiation further up, and check for nil f0ffba75ad5 Add baseline check for procMount type 210c610d662 make sure to split NPD hashes by architecture when upgrading to 0.8.9 db3534dd648 master too main cleanup e2e1c94f063 use native error instead of github.com/pkg/errors 2cab85a4034 Mark net.ipv4.ip_unprivileged_port_start as a safe sysctl ba6b4c5a18c PodSecurity: test GA-only cases and alpha/beta fields separately e87016cf941 PodSecurity: add ability to skip failure cases if relevant features are disabled b522e95aaeb Prioritizing nodes based on volume capacity: API changes 03b7a699c24 Kubeproxy uses V1 EndpointSlice ab5b77944ec kubelet/cm: don't set Devices 4e7cf5413d5 vendor: bump runc to 1.0.0 pre 67bc23411b6 [storage] [test] Ensure proper resource creation 5bd3334ad69 [PodSecurity] Add privileged containers baseline check b790cf388ce Bump SMD to v4.1.2 to pick up #102749 fix 1c39cf23652 Fix incorrect user and group for kube-scheduler when it is running as non-root. 7ad44d04fce Enforce ReadWriteOncePod access mode during scheduling d57e143277e [PodSecurity] Implement host ports check 9c150b0f22f Error string should not be capitalized or end with punctuation. 584eb5e947f Update local-cluster-up.sh to auto-detect darwin and skip kubelet and kube-proxy 1ac0e018d5b [PodSecurity] Implement sysctls check 4a2aef00d6d adds metrics for authorization webhook 6c86c34457e kube-scheduler: ensure the default config output of --write-to-config is usable 1441a330300 hostPath baseline check for Pod Security Standards 1fa673c15c9 Extent the `NodeResourcesBalancedAllocation` plugin to cover more resources 71cb2d71a87 podsecurity: add baseline hostNamespace check da4aaf81cdd Error should be checked first, then go to other steps. c1d5a3a99e1 Update golang.org/x/net to v0.0.0-20210520170846-37e1c6afe023 03f85e9ade8 Update NPD release version and include windows defender config 5c00024c70b kubeadm: fix wrong check for keys/certs during "download-certs" f0d917a3caa add fuzzer patch to fix tests 39f32d7286a Ensure MemorySwapConfig can't be set without feature flag d4041cb80f9 Add generated files for swap API changes d3fd1362ca1 Rename NoSwap to LimitedSwap as workloads may still swap 0deef4610e8 Set MemorySwapLimitInBytes for CRI when NodeSwapEnabled 7342acb0b83 Add validation for KubeletConfig MemorySwap 7d50271d217 Update CRI with memory_swap_limit_in_bytes bda03b4818d API change: add MemorySwap to KubeletConfiguration 9eeec68d67e Update local-up-cluster.sh swap warning 0dd4ce40adc Add NodeSwapEnabled feature flag ac41e565822 docs: add documentation on adding files to the embedded data deb14b995ac Add score plugin for NodeResourcesFit ebc3fdb2936 Store PVC reference counts in NodeInfo cache c65b80a6378 [storage] [test] Remove extra zone test 0ab03d3d5bb dependencies: remove go-bindata bbccf2ecb43 e2e-node: move to embedded test manifests d98b2dd2d62 generated: remove usage of go-bindata 68b334d02bf test: setup embedded file sources for manifests ceb42d09389 Update github.com/pkg/errors with go native errors pkg 8e4212c01a7 test/integration: rename package and files name from master to controlplane in test/integration 903d76f558e apiextension: fix typo and test case in conversion integration test 3af6329caf2 e2e-framework: add an EmbeddedFileSource to sources 7546e5d6dc9 vendor: update manifest 43c2e454a05 hack: remove bindata generation logic for translations eb75b343949 kubectl: use embedded translations instead of generated bindata 5ece28b77a2 kubectl: move translations to i18n package to kubectl staging directory 322c18c147d adds metrics for authentication webhook b7d732d3d6f Map PV access modes to CSI access modes 8db83c89aab CSI client helpers for NodeGetCapabilities 5f98f6cfa47 Update helper methods to print and parse ReadWriteOncePod access mode 2b98f8edc77 Enforce ReadWriteOncePod access mode during mount 7491d016519 Validate use of the ReadWriteOncePod access mode 48ba5020a28 ReadWriteOncePod PV access mode and feature gate 358d2e0bd1f Export contains access mode helper method 83e3ee780ad Rename access mode contains helper method dba8ee229ea Add validation options for PersistentVolumeClaims 9ba0eed7c50 Add validation options for PersistentVolumes 477aef192f5 fix loadbalancerclass integration test funcation name ffdf3f50073 update node-problem-detector npd to v0.8.8 f80f9eeb6d0 Destroy the created runtimeclass resources at the end of the test case. ab4918b6bc0 remove redundant clause in string_slice_flag f59523ab4c8 Update dns-horizontal-autoscaler to use the wqmulti-arch image c21f9cb59d2 Fix grammar 6f9011a4ae4 PodSecurity: vendor: generated files b8bdcf64419 PodSecurity: update dependencies 724fbfbb69b PodSecurity: test: generate fixture data 93c6f8969a8 PodSecurity: check: addCapabilities 3733e209c91 PodSecurity: check: allowPrivilegeEscalation a8206ef58be PodSecurity: check: runAsNonRoot 12ea930aae3 PodSecurity: check: selinux 42dc070b476 PodSecurity: kube-apiserver integration test f39bddd7677 PodSecurity: kube-apiserver: admission wiring 65a42a483cd PodSecurity: pkg/features: feature gate 02a61877576 PodSecurity: admission: admission library 29f5ebf1fe8 PodSecurity: test: framework 1436d35779f PodSecurity: policy: registry 5183ea0bf03 PodSecurity: metrics: stub interface a3ba921b168 PodSecurity: admission/api: configuration API 9ce17c87738 PodSecurity: api: runtime API 79d400c4416 add tracing to the apiserver's client-go requests 48dfa2a5542 generate scheduler merge patches on the pod status instead of the full pod def93317b48 Kubelet Credential Provider 30a6812aa13 promote client.authentication.k8s.io to v1 889dcb5b54d e2e: node: fix npd test failures bumping image 669fb501368 upgrade staticcheck to v0.2.0 and update the static failure packages 39a373b162f correct example command of kubeadm help a8d4cfac933 Allow delete with grace period 1s even if metadata period is negative 45ce2dfacc8 Treat negative as 1s in delete path 40593fa4d36 spec.terminationGracePeriodSeconds allow it to be set to 1s if it was previously negative 1b73a0040a4 Promote Stateful Status e2e test to Conformance 405e9a5172a Promote Deployment Status e2e test to Conformance d3ad1d77f36 Promote Statefulset list and deleteCollection e2e test to Conformance 266ffa85266 bug fix in sctp test 4add8ed9106 kubectl command headers as default in beta aeccadda4ff Update setcap image to buster-v2.0.3 1721be087d0 nodeport tests: node addresses must match the service IP family 0a8a9188c98 Update debian-iptables image to buster-v1.6.5 42f9333e7fa Update debian-base image to buster-v1.8.0 70124846fa4 control plane typo in node role path 21fd224ebdb Updated to use konnectivity client v0.0.21, and implemented placeholder context 2eb50ee2fd5 fix comment on dual-stack integration test 80171465b35 Renamed variable containing master to control plane fa7b5d86e63 remove duplicate validation on services 20f84b12a16 Optimize scheduler res scorer on non-requested extended res 0cdd8c1c109 Removing ServiceAppProtocol feature gate 913c449a42f add unit test to verify graceful termination behavior a84c1b71005 apiserver: NonBlockingRun should return a listener stopped channel d85619030e3 apiserver: refactor graceful termination logic 79550ed40c6 Add distributed tracing to the apiserver using OpenTelemetry 916dbc335c9 nodeport tests: node addresses must match the service IP family 02a3caba9c4 refactor default IP family cluster detection 9accb994dff tests: Wait for the network connectivity first 16b7d473f23 Narrow the scope of the json/register test case usage checking 179e48c4bec Add missing comments in APF API types fe161579e20 Add integration test to promote serviceloadbalancerclass feature to beta. ecc53182475 Remove MPL-licensed dep from lruexpirecache 1e250610b20 Fix panic in pkg/volume/csi tests 7f893f6bd62 Split documentation according to both mechanisms available for migration b6a317aeafc add a function that returns default scheduler configuration 5feff280e1a remove fakefs to drop spf13/afero dependency af825b43577 Remove default JSON logging format registration from component-base/logs package d3dfe124dac Update mounter interface in volume manager 4233056f804 Move HPA v2beta2 deprecation to 1.23. 538e7777c39 kubeadm:remove deprecated flags CSROnly and CSRDir 8f08db9164b Change log level to Debug 7cf30d56906 fix/remove-errors-pkg 89a4d4b0717 kubelet: modify the function of getCgroupSubsystemsV2 to use libcontainer API 23ce7977b75 Loadbalancer IngressIP policy should be configured as non-DSR to enable routing mesh by default cf07d42337b removes unused libraries 7e891e5d6cf csr: correctly handle backdating of short lived certs 70a524659aa kubeadm: add {Init|Join}Configuration.Patches.Directory to v1beta3 a4402122b4f kubeadm: add the --patches flag and deprecate --experimental-patches 70c0fdda0c6 Add lilic as Instrumentation reviewer b259686b367 tests for statefulset PersistentVolumeClaimDeletePolicy api change 43f8f58895d add containers starttime metrics for metrics/resource endpoint 0762f492c5b Add config checking for inflight limits e4e735cd1cf statefulset PersistentVolumeClaimDeletePolicy api change 0feba0c4eec Add StatefulSetAutoDeletePVC feature gate 5d461adb3b8 Apply suggestions from code review 93365919b50 Fix staticcheck failures 674802147c8 update to remove github.com/pkg/errors 730c21d386a Drop etcd tests dependency 01760927b82 Simplify running embedded etcd server in tests cf9510751d5 StatefulSet minReadySeconds e2e 47615c20207 e2e: node: remove obsolete AlphaFeature tag e7a240395e9 uses native errors instead of github.com/pkg/errors 12dcd2f84d4 Remove usage of github.com/pkg/errors 8b7003aff4c Add SeccompDefault feature 4b140218747 update github.com/pkg/errors to go native errors pkg in staging 3b36e6bcea4 kubeadm: fix image pull policy integration b4dddbafa2f CHANGELOG: Update directory for v1.22.0-beta.0 release c5498744c9e Making a run test. cd318aec0ba Disable deprecated volume limits test when migration enabled and replace with CSI-specific test 6583b05f07b replace more powershell commands with /bin/sh in volume/fixtures.go 7aa8a497df0 replaced usage of powershell commands with linux commands f0d7e9c9d1d undo windows compatibility changes because the linux commands work 9a146bc3e99 Remove [LinuxOnly] string from ginkgo tests 54070a66284 Enable another test in windows, use a /bin/sh command instead of a PS one ee34cd640ac enable gcpdcsi multivolume tests with windows nodes 58a83ecbdb3 integeration tests 2c6bba29360 fix auto upgraded preferDualStack services (in cluster upgrade) d4767ed5ebe memory manager: move to beta b6c75bee15e Remove balanced attached node volumes 63a23f1ed7a Transitive dependency: high CVE fix 681905706d4 e2e node: provide tests for memory manager pod resources metrics 03830db82de Implement all necessary methods to provide memory manager data under pod resources metrics 24023f9fcc7 Extend pod resource API response to return the memory manager information 0f922b200f3 Simplify the formula used in the RequestedToCapacityRatio plugin 3daef0a5343 Allows manual restart of dbus to work in Ubuntu. ec93b3b0be4 Stop using github.com/pkg/errors 0dd1624ec8e update cri-api v1 25f479c2ac7 fix'--log-file only works if --logtostderr=false' d95f677dd86 Fix OWNERS 249db7ceb39 wait for endpoints to be available 44360b315ca GCE Windows: Upgrade to flb-exporter v0.17.0 which reduces log spam. 459fe7d08ad add support of imagePullPolicy to kubeadm 8231a3e9210 CSIServiceAccountToken ga e2061cfcd81 Expose envvar CSI_PROXY_VERSION 518844fd25f use GA topology labels for vsphere 1e949fa9280 updating github.com/pkg/errors with native errors pkg 4d11c3cd8cb deflake TestClientReceivedGOAWAY test 6cb448c10e2 Specify etcdctl version for livenessProbe 676958c2bd0 Fix NodeAuthenticator tests in dual stack b22d0b13cc4 Fix verify staticcheck flake in cluster/images/etcd ea419eaf339 Add shu-mutou to dashboard approvers 6203d4fc6af apf: calculation of dR/dt should use seats in use 6d3fd8353c3 don't panic if nodeIPs are not found 1f9d448283a Use errors.Errorf instead of errors.Wrapf when the err is nil afea48d23f0 test/e2e/network: remove dependency to google.com for in-cluster networking tests 292f2a67bd6 Update logging example with caller e37d6d6c6dc Simplify zap logger initialization a2a8080169a Fix: typo with hack/update-codegen.sh fc38aeed6f8 Fix: typo on ExtractHoge b9d5d5536ed Add log sanitization klog integration tests cff40a7bcc1 Add info about source code location in JSON logging e371b27e6cb Fix frameworkImpl.extenders being not set 875f1ffe2bc chore: clean up the tests that have external dependencies 72a53288a5b Remove gcepd unmanaged zone test. 35e9d97f3e0 update Azure/go-ansiterm to v0.0.0-20210617225240-d185dfc1b5a1 8942cba24d4 log if we're running with -race 68d8bcb64fb remove redundant bits from test-dockerized.sh 4ee729ce5f2 disable race detector in test-cmd.sh 55d2868e9d8 don't redundantly set KUBE_RACE in test-integration.sh 3c44b86ad65 enable race detector by default in make test 6c0463bd2b6 fix: properly wrap errors when reading response body in the client 3930629e130 Track generalization for width 676f0450ed3 Add APF metrics about R(t) e72effbf12e Remove omitempty from PathType 774d228637d remove the path if it exists before writing pki data. 5d15ed02b56 Extract columnPrinter interface for printing the values behind additional columns 1c2ba3162db update internal modules e977740ae63 Rename master to apiserver in test/integration 9571b1f8844 update vendor 4eab19ae7d9 Clean up the master term in test/integration comments 54fde5d119f Make logged verbs match metric-reported verbs 762eeb0988c Use the hostprocess feature flag and assign a user ff716cef508 apf: take seats into account when dispatching request 47171077bf3 CHANGELOG: Update directory for v1.21.2 release 0ccf53dd200 CHANGELOG: Update directory for v1.20.8 release 780872223f2 CHANGELOG: Update directory for v1.19.12 release 6ae7b551143 update internal modules 97031da5e29 Correct comment block from openapi_v2.NewDocument to openapi_v2.ParseDocument c691386fef7 Update github.com/googleapis/gnostic to v0.5.5 and updating transitive dependencies go-cmp, protobuf,, to adapt the latest gnostic release which cosists of [Update protos for Go protoc plugin compatibility] edd0cd79eb0 Updating non-vendor specific code to support/use AWS-SDK-GO v1.38.49 1b27430b506 Updating AWS-SDK-Go to version 1.38.49 c673e166383 Fix ServerGroupsAndResources docs typo 1a4b0ee09bb remove excess error handling 45d18acbcc1 add info for possible failed listAndWatch grpc call c789898f793 when new manager failed should return err da35add03f7 Rename master to apiserver in test/integration eed37fa47d3 fix: cleanup outdated routes 5a0756c5f4f Update etcd in kubeadm to run as non-root. 9e694a45f94 test/e2e/network: mark tests in test/e2e/network/netpol/network_legacy.go with NetworkPolicyLegacy 3c59e742f3b Create List, Patch & DeleteCollection StatefulSet Test 63d12371021 Fix Node Resources plugins score when there are pods with no requests 584503d2ed3 Speed up unit tests in -race detection mode d41249f7803 CHANGELOG: Update directory for v1.18.20 release d5da73032f7 Add unit test for DSWP with uncertain volume f795b02f4f8 Refactor dswp unit tests 2fcb5e9cf79 Add PodRemovedFromVolume ca934b8f5cb Add GetPossiblyMountedVolumesForPod to let kubelet know all volumes were unmounted f4b41c0a171 Fix UnmountDevice error cases 54ad7e40f1a Add e2e test for NodeUnstage error cases a47afdded0e cmd/kubelet: replace KEP link with the documentation one as it is available now 0bfd1cb7c71 Update gomock to 1.4.4, removing a few extra dependencies. 7fcdbbef06d Switch to github.com/coreos/go-systemd/v22 and drop older package 265ef1741f9 Move scheduler plugin set and configuration defaulting to component config 057422504ab Run volume cloning tests in the same topology segment abf65843227 update string_slice_flag add nil judgment cf2a3c32309 Kube proxy for windows userspace, remove dns Mangling, vendor updates b98824c55d9 Update Azure Go SDK to v55.0.0 480093bd1f4 test/e2e/network: mark network_tiers.go tests with GCE tag f298a658aed e2e metrics: remove redundant checks around metrics tests a4c7e91b591 e2e metrics: skip tests when metrics grabbing is disabled 1d3420ca72f e2e metrics: check whether debug handlers are available 5e9076da93c e2e: grab controller and scheduler metrics via port forwarding 3e0269ce6e1 Move common code to ensureTopologyRequirements 4ee38f33d21 update etcd makefile to build v3.5.0 image 6448181d95c Update to etcd v3.5.0 client 207f9e8b714 switch go-flow-levee to tagged version 84112d36900 refactor cmd/kubeadm/app/preflight/checks_test.go() 5ca47deb0aa Promote DaemonSet Status e2e test to Conformance f7d02f4d25a Promote ReplicaSet Status e2e test to Conformance 503f5e1b528 Quiet grpc info logs in apiserver dd5f67d23c0 Kube proxy for windows userspace, remove dns Mangling 8fb909291fb Skip migrated metrics for Windows CSI tests f02948e7766 Use container-storage-interface spec v1.5.0 6ba7b3d26b3 allow enabling Leader Migration without config flag. bade96ed78f implement wildcard component. eadfe46e036 Do not throw error when we can't get canonical path 14085c50d3c bump KUBE_TIMEOUT to 180s 2f7456076e0 apf: always include seats in virtual time 9469756b6cb Ensure kubelet statuses can handle loss of container runtime state 211485c23d3 last-applied-config annotation no longer mirrored to endpoint slices ceb1dbd2f1f statefulsets: MinReadySeconds implementation 01bb0f86b02 update comments and owners file for pkg/util/removeall f1de598233e Improve terminated pod message when node is shutting down f9343f837dc Use LoggingConfig within LogOptions 5cfc39ef5e9 Update protobuf,grpc,etcd dependencies bc86d12dd9c Update generated files for endPort promotion to Beta a26c392de17 Fix etcd egress dialer addr parsing 19db126d76e Exercise egress configuration in local-up-cluster f283deee6b6 Quiet embedded etcd logs 068e4c55a8a Eliminate parallel and unnecessary embedded etcd instances 52b629efbc8 Drop use of deprecated clientv3.SetLogger 2979c3325e3 Switch to go.etcd.io/etcd/client/v3 ff2c6142459 Switch to non-deprecated timestamppb.Now() 1134456c89c Fix CSI mock driver to get marshaleable grpc error 77ab4bdbbcc Drop etcd v2 support from test util 5f1983d8710 Drop etcd v2 support from etcd migration image 1e1a60e310d publishing: Use go1.15.13 for 1.20 and 1.19 release branches 9f18ddf03ce Promote endPort field in netpolicies to beta e427d2f22a7 test/cmd: kubectl and exec plugins don't fight for stdin 60246f69cc0 kubectl: don't fight for stdin with exec plugins cd83d89ac94 exec credential provider: InteractiveMode support ca254e978b5 feature: add unified on cri to support cgroup v2 be48f1d272d Add test cases to the addAllocatableThresholds function in pkg/kubelet/eviction/helpers.go 8fe00a7e484 Start deprecation of --record flag 5ea3dd531c7 Update certs.go 83ee5da75e9 Fix:slow memory leak may be in kubelet podworkers.isWorking 74feb075948 kubeadm: CoreDNS permissions for endpointslices 188193e1c0b kubeadm: upgrade coredns 1.8.4 and corefile-migration to v1.0.12 a3e464490a5 Fix some typos and omissions in kubeadm APIs ff0f83b4b2d skipping more tests in case when ExecProbeTimeout set to false 4b36a5cbe95 Switch to github.com/robfig/cron/v3 f042b4968d3 Fix broken KEP link for issue #101008 c329202ee8e update comments to reflect wildcard component. 44cb4a63f61 Allow write on events to edit role 7560f33e27d kube-scheduler: stop using insecure serving bits 59b4b124df0 Update kubeadm control-plane to run as non-root. de2f9f17093 Remove error wrap from logs 2e06066bab8 Migrate kube-proxy to use v1 Event API 8748f3105bb Update corefile-migration to v1.0.12. 60ab908119f Fix - Winterm issue on Windows 8.1 in kubectl exec 9f7d61c520f Upgrade ANP components to v0.0.20. 106f416873c Upgraded konnectivity-client to v0.0.20 9109d928cd0 test(proxy::config): deflake TestInitialSync 44b396ae0e6 owners: update puerco/cpanato and clean up old members c13c3ebc793 Remove deprecated scheduler CLI flags hard-pod-affinity-symmetric-weight and scheduler-name c710f99ef73 apf: add a gauge for the number of seats currently in use 9d514b2de42 Konnectivity: tune flags for larger clusters (5k nodes). 36eaa11d50b cleanup usage of NewPodNominator fd972934e49 client-go: reduce log level of reflector again 369416b7636 cm: handle nil cpumanager avoiding segfault 29aa4c0ee81 Check content of volumes in snapshot/clone multivolume tests 89284a1ba7f run_remote: improve error reporting 654ec0866a9 kubeadm: use a suggested example in v1beta2/3 docs 9255f2ccf38 Fix kubelet cpuset typo 68f139548b3 Remove unused parameters from TestConcurrentAccessToRelatedVolumes 77c04d22844 Increase KUBE_TIMEOUT default to a passing default 110c39ef60c unroll extenders dae335c1150 Fix test failure in some envs. 90df026709d JSON log format registration for kube-controller-manager 170c93bf05e JSON log format registration for kube-apiserver 52f5ba3a58d Remove SchedulerAlgorithmSource from scheduler's internal CC API a5825d68365 JSON log format registration for kube-scheduler e6bf19bcf69 Update CreateInitStaticPodManifestFiles, CreateStaticPodFiles and CreateLocalEtcdStaticPodManifestFile to take into account if the command was run as dry-run. 183bc3cece7 Allow scheduler maintainers to approve changes in the internal apis pkg 46f3e4dfdd4 Define in-tree scheduler plugin names in separate pkg to break a cyclic depednecy when moving plugin defaulting to CC a84b91f08c1 fix net-tiers e2e test 6d7c83f2cd1 the last upperbound of kms latency metric is too small 9b72eb1929a apf: add plumbing to estimate width" of a request 12447bc8038 Upgrade etcd server version to 3.5.0-rc.0 c98306a09e9 test: adjust summary test for cgroup v2 c0c9f1f318c Ignore first SIGINT in node-e2e tests bd80603c9e5 JSON log format registration for kubelet 386036d23d0 Add k8s.io/component-base/logs/json/register to vendor dc5626cc183 Upgrade debian-base to buster v1.7.1 897f8012fdd kubeadm:Run preflight checks for diff to check that the manifests already exist 484eb018222 kubelet: do not call RemoveAll on volumes directory for orphaned pods 528baa09f6d e2e storage: disable health-monitor controller in hostpath deployment 1932536ebe3 CHANGELOG: Update directory for v1.22.0-alpha.3 release a94aa0ea9a3 Update version of go-flow-levee for verify-govet-levee check. de7e56bf374 apiserver: close handler chain right after shutdown delay duration 652e056e61f Add dims as approver in build/ directory 3968ee532d9 CSI e2e: stop leaking pvs in CSI mock snapshot test 1524526991c [go1.16] Update to go1.16.5 1eb8060dd61 Add test for CSI mounter 0fcd3c951c5 test/integration: Rename master to controlplane or apiserver 257b494478a test/integration: Rename masterConfig to instanceConfig ac5535c9491 test/integration: Rename MasterConfigOptions to ControlPlaneConfigOptions 3ac8d8c9cee endpointslicemirroring controller mirror address status 8d0936b7436 Check empty zone after the validation of providers aea2e33175b gendocs: using bytes.NewReader(nil)/ioutil.Discard instead of os input/output to generate command c065d7c7b3b Fix NPE for CSI mounter f22b07d8b42 add e2e test for immutable label selector in netpol ff164f90130 feat: remove ephemeral-storage etcd requirement bb6151906f1 Add utils to set file/directory owners and permissions. 95c8b02096b Add explicit capability for online volume expansion 28511e82ad9 Add e2e test for a volume + its clone used on the same node 7a63dff88bb Update konnectivity default 3c8e56bef95 scheduler: graduate CC to v1beta2, deprecate plugins 2067b69b922 storage e2e: extend timeouts for subpath restart tests 3a830aacb0e Trivial: fixed typo in logs requrested --> requested 64946cd50d6 fix flake integration rotation via informer 7ced405de5a Create a new modele component-base/logs/json/register for optional json register 92b52a4fb56 populate last successful time to cronjob status 77bb053102c Use native zsh completion 7b0fbb72929 add audit log test cases for cross-group subresource 46aa6045e4c Add tests for completion utility functions 1babceac650 Revert "Add Go tests for custom completions" 9625872d1e4 Join common functions for completion 9d03185d3c1 Update staging/src/k8s.io/kubectl/pkg/cmd/config/config.go c0b3a698fa1 Add Go tests for custom completions 879cdc5fa9e Move all completion bash code to Go code 663b13e8149 refactor: implement custom completions for some flags using Go c5d70e9db1e Fix staticcheck in cluster & k8s.io/{apimachinery,apiserver} aa9321f534b Add example showing impact on log output 8e85a2b0c23 sched: fix a bug that a preemptor pod exists as a phantom c15fd76ee90 e2e storage: enable health-check controller in hostpath deployment 88174fc3f2c Add klog integration tests c9414c2bbaf fix bug where string slice flag is not assigned 2e167a1399b Disable zap sampling and cleanup config a9a2346e194 Cleanup json logging benchmarks d8e91ab7275 Fix test order in /pkg/probe/http/http_test.go 1010e6a9d98 proxier/ipvs: fix test cases where ready endpoints were not used cc2e9394be3 kubelet: Fix test order in verifyContainerStatuses 91e5d98b572 Fix audit unit test file location 4ebc0c94a4e Remove legacy metrics client from podautoscaler 3175dbd8554 Update owners for structured logging library f5739a15d1b The test was not very useful and required elevated access 8eb7e81bc94 proxy/ipvs: add unit test Test_HealthCheckNodePortWhenTerminating for ensuring health check node port fails when all local endpoints are terminating ed4fe073755 proxy/iptables: add unit test Test_HealthCheckNodePortWhenTerminating for ensuring health check node port fails when all local endpoints are terminating 14cc201b58b proxy: add test case in TestGetLocalEndpointIPs for when all endpoints are terminating 3e459997c83 proxy/ipvs: add a unit tests for when the ProxyTerminatingEndpoint feature gate is disabled 68ebd16a2ca proxier/iptables: refactor terminating endpoints unit tests with test table and test for feature gate f92265f6543 proxier/ipvs: check feature gate ProxyTerminatingEndpoints 8c514cb2329 proxier/iptables: check feature gate ProxyTerminatingEndpoints 25e2c92733c add feature gate ProxyTerminatingEndpoints cf9ccf5a8e2 proxier/ipvs: unit tests should specify Service ports d82d851d89a proxier/iptables: include Service port in unit tests 4c8b190372a proxier/iptables: reuse the same variable for endpointchains for better memory consumption 55881093d8a proxier/ipvs: add ipvs unit tests for falling back to terminating endpoints 9d4e24aa32d proxier/ipvs: fall back to ready terminating if no ready endpoint exists b54c0568d8c proxier/iptables: add unit tests for falling back to terminating endpoints 732635fd4b2 proxier/iptables: fallback to terminating endpoints if there are no ready endpoints be92fc83e2e proxier: simplify toplogy FilterLocalEndpoint function e797a5a1989 client-go: fix flake in test TestRequestWatchWithRetry 892d4fabb84 Revert "Merge pull request #102581 from liggitt/revert-watch-retry" fbf2d2df268 only delete forwardingrule and address when net tier annotation is specified d9f82f7eba4 Drop viper stuff in test/ 558bdd18aa2 Update cronjob integration test to batch/v1 6871b2b3c73 Rename masterConfig to controlPlaneConfig 812a04539cc remove redundant code 45179bb989a update debian-iptables to v1.6.2 c26c423b1ca storage e2e: disable health check containers 82be7aad262 Update etcd makefile to build v3.5.0-rc.0 image ceaf9b9d16a add ut for preventing dropping null from arrays ca279bbcc18 Fix race in attachdetach tests 6e0650e3e13 upgrade gopkg.in/evanphx/json-patch to v4.11.0 e35af41a123 Revert "client-go: add retry logic for Watch and Stream" 58833d652d5 Support subresource match 38d3ae1a060 api: update API compatibility tests to remove topologyKeys from Service e9c7fa49d95 core/v1: add unit tests to ensure deprecated protobuf field numbers are not re-used d96af5f2761 kube-proxy: remove ServiceTopology implementation f119b8df5f2 apis: update generated code after removing Service topologyKeys 4d38d21880a apis: remove Service topologyKeys 8c376426f3e features: remove alpha ServiceTopology feature gate 0b8dc56408f fix volume failing test a2a4b50bc15 fixed deadlock ae603a38bc2 remove -ssh-user from cluster scripts for GCE f94391789f1 Add doc.go for client-go apply support 5bf7bb52fe4 Remove -k from toCurl output ba708e5fc9e graduate SuspendJob to beta 8aba8e2a2cd remove the ssh tunneler implementation from kube-apiserver 6449416a3d7 Add scalability label to kubemark OWNERS 84590fe27cd remove --ssh- options, deprecated 13 releases, that only work on GCE ab45d5e4963 part of master to controlplane in test/integration SetMaster -> SetAPIServer 51717256f97 fix(timezone): the timezone is standardized to UTC 1331c76aa3d Added field-selector option for kubectl top pod 08ad7114d3f make lint-dependencies happy! 29def9ff6ab Updating to prometheus/common v0.26.0 77b5ad2fb02 Part of master to controlplane in test/integration(1.22) 2c9f02c3290 Add test 506fabc9ab9 Close the used modules file b87ad95fec3 Close the used file 918246d7a16 update error info with the new limit in #98753 387154f1a9a Part3: master to controlplane in test/integration Rename RunAMaster to RunAControlPlane f6d015be7a0 kubeadm: add utilities to manage users and groups dfd67c7d79e Add unit test coverage for init container phases 47a7fcb17b4 GCE Windows: Only create NPD kubeconfig when the file path is defined. b8edcd3bb33 add loadbalancer name to ESIPP tests so regex pick them 8e2eeffa792 PokeHTTP default timeout to avoid hanging connections 21073e3b347 loadbalancer outer poll loops should have a longer timeout that inner loop 27e20e226eb e2e lb use same variable for endpoint path bd2d63dd57e Fix closing of decorated watcher channel on timeout 8847a250267 apf: fix flake in test 5d4c1162b94 hotfix(staging_apiserver_pkg_httplog): restore depth to log calls 53af0027420 storage e2e: capture driver pod changes, including all events 9eea445bcce Update test cases for 'RESTARTS' column in 'kubectl get pods' ec4182d0032 Add last restart time to 'RESTARTS' column to 'kubectl get pods' output ce08fd59767 Add test cases to the LoadClientConfig function 211e9747224 Clarify and split up the "not actually SCTP" SCTP NetworkPolicy test 4b0d0d6fc7d Fix spurious Feature tags on some NetworkPolicy tests c3a9c7da160 Promote CronJobControllerV2 flag to GA 1619e8eb953 Clean apply's prune and kube addons with batch/v1 CronJob 1bf8edfdd44 remove GAed feature gates group: LegacyNodeRoleBehavior/ServiceNodeExclusion/NodeDisruptionExclusion 8054b0f808d Fix watch rejections in P&F filter 15c4d579f08 Use objGV instead of gvk.GroupVersion eac1d23825b nit: Update comment to match headers change. b049e1b9ab4 Cleanup redundant failure reason in InterPodAffinity plugin 95ac461a290 serviceOwnsFrontendIP shouldn't report error when the public IP doesn't match 58d7bf67d46 Simplify objGV construction b9b01a0f901 Simplify objGV construction 19c72a6cd05 Simplify objGV construction 0ae6a7bac6b Simplify objGV construction 86d68effc21 clean code 355be993906 Default GCE testing to using konnectivity 673352dbd25 Cleanup Framework interface 97ba90cbfb4 use subpath for coredns only for default repository 9880ceceb94 Add KEP links to sig-net feature gates 9d2135f703f reuse fake topology manager 8b3162d67b2 clean code f3f59d420a6 remove LinuxOnly tags for subset of dual-stack tests 39d45fcceff Add user and group name constants for kubeadm rootless control-plane. 3cb4f3e1bf0 GCE Windows: Upgrade to fluent-bit 1.7.7, 1.7.6 had a major regression. 8d9dd7b6eae Avoid warning on seccomp field usage f2ca9c17946 Fix regression for timed-out stream cleanups 452e2eaf1ba Fix RollingUpdateDaemonSet godoc regarding rounding e3841e91c81 fix watch_cache_capacity metrics 5b0bafabf6b vendor: upgrade cadvisor to 0.39.2 4567a431010 Return UnschedulableAndUnresolvable when looking up volume-related resources returns NotFound error e105611d3a7 Azure auth forwarding adal refresh error to tokenSource, fixes error when token refresh fails. d9d51541a87 Address watch panics in P&F handler and extend testing. 582b492cc09 Pre-allocated memory 341f6e42673 Refactor logs options 607d3819498 client-go: add retry logic for Watch and Stream f9249061737 Bump golang.org/x/text to v0.3.6 6a374b50f92 Add tests to logs eb114115fdb Improve func ToSelectableFields performance for event 1431eab36d3 Remove Godeps 329f7d55d13 Fix auditing failed of request: encoding failed ade167e53af Delete AvailableResources judgment for GA features c7111515c5b Enable protocol-buffers by default 3c899f9b54d sched: fix Dump's doc comment 24a1f9d817c kubeadm: use "SkipPhases" from configuration for "init" and "join" ac161866aa7 kubeadm: add SkipPhases in {Init|Join}Configuration for v1beta3 39d74049615 Uniform output string. 47c8c48e2cf Remove Redundant alias 2787e8c18ce Kill container runtime with SIGKILL 1b6cf83cf40 Error message should not be capitalized. d3f92af74f1 Part of master to controlplane in test/integration NewMasterConfig -> NewControlPlaneConfig cd3709232f8 Fix VolumeAttachment garbage collection for migrated PVs 02bade46443 Fix a grammar error in doc c9fe8ddf68d bump calico to v3.19.1 816a069d543 Add a test for verifying compute basepath. 36cdb72eb6f (scheduler e2e) Create balanced pods in parallel 3813ed1ef71 fix prometheus-to-sd image for fluentbit 12fe4dee2b0 Update setcap to buster-v2.0.1 and add setcap to dependencies.yaml f9a04f3bc4a Move error reporting to volume plugins 0ed0714f8c0 Simplify kube-cross dependency handling 39d9e98a6f9 Build non-static binaries with PIE buildmode ac17d03e76c Remove set errexit from etcd manifest ae4db677f41 Update kube-cross to v1.16.4-2 c694b9f7619 CronJob: switch storage version to batch/v1 in 1.22 781c65a40c2 fix: skip pods with empty ip 580b557592c Log spelling formatting and a redundant conversion 5c2841c8cd4 Forbid the use of --config and --cri-socket at the same time 6738380a80c cleanup tempDir after fsstore_test.go d9681d72669 AllowExpandedDNSConfig if haveSameExpandedDNSConfig(newPod, oldPod) 6317ce63c6a Add feature gate ExpandedDNSConfig 819059f641d kubelet: Validate the length of the DNS search path a95842095ec Retry reading /proc/mounts indifinetly in FC and iSCSI volume reconstruction 82cfe9f14f8 ConsistentRead tries 10 times 1d16f934b94 Bump k8s.io/utils 64e8396e300 Retry detaching FibreChannel volume few times faae926d15d Changes headers to IETF standard d7a67a3b8e5 change log line to print actual pod uid instead of address of the pod uid 876174125bc upgrade klog to v2.9.0 27044f48552 depracate ValidateProxyRedirects as it is with StreamingProxyRedirects 363b78fe883 Promote cronjob to batch/v1: kubectl sparse_test prune 90e215dfd29 add api e2e test for port ranges of netpolices 9cfbf062256 cleanup PodPreset testdata 0cc217647ca Implement support for watch initialization in P&F 507710b50f8 Update CNI plugins v0.9.1 4acb6a865c9 storage e2e: use csi-driver-host-path v1.7.2 in single pod d98a83bb01b kubeadm:return error info normally 80a5b004451 Removing utils/mount dependencies from vendor 2769e99dba2 remove scheduler deprecated algorithm-provider flag and clean up algorithmprovider pkg e89d2a77795 Promote Daemonset list and deleteCollection e2e test to Conformance 5e4c59ba991 Promote Replicaset list and deleteCollection e2e test to Conformance e43e9696cc6 Fixed sort-by not sorting Resources as expected 8651fcb25a7 Implement a windows Netpol NewModel 4c95bc8830b testdata: StatefulSet f3ab9550180 validation: Handle presence of api introduced d11cc95376c feature: Add minReadySeconds featuregate 5464b649812 generated: Changes for api introduced 49af8358522 api: Introduce minReadySeconds,AvailableReplicas in Statefulset df4c34e771c Update pd csi driver images to use v1 images (CSINode, CSIDriver, etc) 17551f291d0 Return UnschedulableAndUnresolvable instead of Error when failing to lookup pvc or storageclass in VolumeZone plugin f871475a5e5 Grant PSP permissions to all serviceaccounts in e2e, not just default 80fa50e0d74 Update etcd image revision 33fe4bb0764 Update debian-base to buster-v1.7.0 3bcc15e19dd Update debian-iptables to buster-v1.6.1 6c0976814ca use ownerReference to build default spreading contraints in the scheduler 2e771b8e745 Make a public ValidateAnnotationsSize 8e5a9824425 kubeadm: remove the cgroup driver detection code for Docker a013c6a2db5 Adding IPV6 (Dual Stack) support to handle IPV6 pod cidrs 93f79103e54 kubeadm: add "+optional" to fields with "omitempty" in v1beta3 2c79f52de90 Local PV e2e: fix leaked local volumes 38c56883f1c e2e: hugepages: delete test pod after the test e862421c2bc Update etcd makefile to build v3.5.0-beta.3 image 383ce85649c [scheduler] avoid comparing function pointers in unit tests c9ec4862872 Part of master to controlplane in test/integration Rename NewIntegrationTestMasterConfig to NewIntegrationTestControlPlaneConfig 1b6895c11fb Fix: remove framework.ScoreExtensions interface check 5908cd0d90d simplify returning boolean expression in /pkg/volume 9e257ec194f Optimization logging format for pkg/kubelet 55ff9630179 Make validation totalAnnotationSizeLimitB public. 69019a03d3a Add netpol tests for windows 2d361d43063 e2e: Flag questionable durations in container status on termination f9cb68a2b13 Fix EndpointSliceCache::getEndpointsMap for different endpoints with same IP f1aee7e0496 kubelet/cm: GetResourceStats -> MemoryUsage 517feed45b5 Add: interface check 202a0120937 Add restart unit test b344d4d4422 api link is missing 20c02357cad Add hint to fake topology manager. c299b8fc9a0 kubelet/cm: rm propagateControllers fadf3e15316 Graduate prefer nominated node to beta e8f69398c35 simplify return boolean value expression in cmd/kube-controller-manager/app/certificates.go c24b87b1336 Fixed a possible nil pointer dereference caused by variable `plug` c201a78dff9 Remove etcd connection apiserver preflight check 3c1576ae573 Create e2e Deployment status lifecycle test bcfa3604a28 Create e2e test for Statefulset Status endpoints 990d0949c4e Add test, after restart dbus, should be able to gracefully shutdown 9c59e6c85fa After dbus restarts, make GracefulNodeShutdown work again ae90e6b9a1f Retain the test coverage of TestObserveWebhookRejection. fb23e449ab6 Add attr to the argument list of ObserveWebhookRejection, and remove operation, as it is included in attr. f40b10e3aa0 Prevent data race condition in vsphere unit tests f9ee64007ee apf: always create missing bootstrap configuration object(s) 32c14da9025 fix(metrics-proxy): wait for enough component pods to show up first 6c63ef147cc extract same code of es and esm to pkg 72fe1b722ce Make the service account error more apparent 88b31814f4a BoundServiceAccountTokenVolume ga 619fff10eac handle Unmarshal error 074f25523b2 scheduler_perf: correct error handling 55be51a2dbe Issue [2683](https://github.com/kubernetes/org/issues/2683) was closed with PR [2690](https://github.com/kubernetes/org/pull/2690O ) sSimran should now be part of kubernetes ORG 330fee13506 remove the RunAsGroup feature-gate 5ea01629066 e2e: deflake test by not relying on events 3916c009551 fix manual trigger of readinessProbe on startupProbe success fa1a4100c6c Remove CSIMigrationVSphereComplete flag baa88b26cdc Remove feature gate to GA the setHostnameAsFQDN feature 60377ba1a37 graduate IngressClassNamespacedParams to beta 2eb90f9b809 Default StreamingProxyRedirects to disabled afe28c6fc83 kubelet_pods.go: clean makeEnvironmentVariables 1df3a735d3b go-to-protobuf: small fixes to improve debuggability 2335547a9cf cleanup: delete tempDir after flexvloume_test is executed 650666406e1 update kubelet_running_pods metrics comments: pods that have a running pod sandbox a3b2e35d700 Making a run test. 125fb04dbf2 Relax node_id length limit to 256 2dbdfd0902e Extend the max of admission latency buckets to 10s. e7db88b0b65 Add a namespace label to admission metrics. 3bad31b531e Add allowAutoIOPSPerGBIncrease to translated AWS EBS StorageClasses 4272ac92a76 Document the NodeAddressType values b9d9cc38b52 fix: inaccurate miss schedule times of cronjob v2. 78323910db5 Fix typo: Use uniform format of structured klog 8725c960149 Fix csi_client_test.go metrics nil pointer dereference 79126376f02 Add test for counting inodes correct with hardlinks d45ba645a8f Get inodes and disk usage via pure go 6e54f067e9d Support dynamically set log level for kube-proxy 1d764952dad Fix incorrect test code in pkg/volume/csi/csi_attacher_test.go file 64fca6bda7d doc: remove the description `socat` is required 80b4277bff4 Optimize the structured Logging migration. 0eb40b3ded6 e2e: reduce pods used in shared local pv test dea89e549fc Fix use nil err 086cdfb3601 Use docker buildx for the build-image. 2d3073c5917 Tweak kubelet config comments for consistency and readability fdcbb54febd Improve kubelet config type documentation bc3e7b5dca3 nit: use %v for error as it is already quoted 04f091790ee e2e: TM: wait for SRIOV devices in pod scope tests 8e7b5ff480b staging/src/k8s.io/apiserver/pkg/registry:migrate logs to structured logs 3ec63238c53 fix kubectl alpha debug node does not work on tainted nodes 88fbd370407 Fix the url 'version's comparation of github.com/Azure/go-autorest/' lost 1995f28c64a Simply modify the Kubectl logs information 385b7d7ff07 fix --event-qps and --event-burst 620c23473fb fix Spelling error for klog 00da68dbc25 Adding restart kubelet flag on e2e test 07002e41bbe Update Calico to use a non-conflicting route table range ad156aff59e ignore "vmdk not found" vsphere errors during unmount (assume success) Signed-off-by:
-
- Jul 07, 2021
-
-
hongxu authored
If host does not install libdevmapper.so.1.02, run native skopeo failed: ... $ tmp-glibc/sysroots/x86_64/usr/sbin/skopeo -h |tmp-glibc/sysroots/x86_64/usr/sbin/skopeo.real: error while loading shared libraries: libdevmapper.so.1.02: cannot open shared object file: No such file or directory ... Create wrapper to set LD_LIBRARY_PATH which using native libdevmapper.so.1.02 Signed-off-by:
Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by:
-
hongxu authored
The libmcrypt build issue has been fixed by oe This reverts commit e7a0ea3e . Signed-off-by:
-
- Jul 04, 2021
-
-
Martin Jansa authored
* now when pypi uses SRC_URI_prepend since: https://git.openembedded.org/openembedded-core/commit/?id=8f17b8bce85efb0e9a7e15d0b98a5cf7b6bd9750 both entries end in SRC_URI (because of delayed nature of prepend): https://files.pythonhosted.org/packages/source/p/podman-compose/podman-compose-0.1.5.tar.gz git://github.com/containers/podman-compose.git causing: ERROR: podman-compose-0.1.5-r0 do_fetch: No checksum specified for '/OE/build/oe-core/downloads/podman-compose-0.1.5.tar.gz', please add at least one to the recipe: SRC_URI[sha256sum] = "fb229362f188980ea3fbdee2a25d0a2dd6a0b886d925d5213e22e09f1062ebe9" ERROR: podman-compose-0.1.5-r0 do_fetch: Fetcher failure for URL: 'https://files.pythonhosted.org/packages/source/p/podman-compose/podman-compose-0.1.5.tar.gz '. Missing SRC_URI checksum ERROR: Logfile of failure stored in: /OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/podman-compose/0.1.5-r0/temp/log.do_fetch.55855 drop pypi inherit to restore the previous SRC_URI with just the git:// entry. Signed-off-by:
-
- Jun 30, 2021
-
-
Bruce Ashfield authored
Since seccomp depends on libseccomp, and seccomp is only available when the distro feature is enabled, we add the same dependency and distro feature check to this recipe. Signed-off-by: -
Bruce Ashfield authored
Since seccomp depends on libseccomp, and seccomp is only available when the distro feature is enabled, we add the same dependency and distro feature check to this recipe. Signed-off-by: -
Diego Sueiro authored
Signed-off-by:
-
Diego Sueiro authored
The libseccomp package is only available if seccomp is in DISTRO_FEATURES. Signed-off-by:
-
Diego Sueiro authored
The libseccomp package is only available if seccomp is in DISTRO_FEATURES. Signed-off-by:
-
Ross Burton authored
Instead of installing binaries and patching the makefiles to run external commands, simply build ifdef using BUILD_CC instead of CC. This patch is now upstreamable, the recipe is less complicated, and nativesdk works. Signed-off-by:
Ross Burton <ross.burton@arm.com> Signed-off-by:
-
Ross Burton authored
Remove COMPATIBLE_HOST, whilst this is an x86 assembler there's nothing to stop you building it on or for arm64 and assembling x86 code. Override INEXE so that binaries are not stripped and remove INSANE_SKIP. Signed-off-by:
-
- Jun 24, 2021
-
-
Martin Jansa authored
* added with to v2.0.29 commit: 106cad5 seccomp: add support for seccomp notify * fixes: | src/seccomp_notify.c:9:10: fatal error: seccomp.h: No such file or directory | 9 | #include <seccomp.h> | | ^~~~~~~~~~~ Signed-off-by:
-
Xu, Yanfei authored
1.Add native and nativesdk support. 2.Replace "multipath-tools" with "libdevmapper" and "lvm2". Because the really direct DEPENDS package is "libdevmapper" and "lvm2". Log of do_comopile as below: -----------------[cut here]--------------------- DEBUG: Executing shell function do_compile NOTE: make -j 40 BUILDTAGS= bin/skopeo CGO_CFLAGS="-I/...../usr/include" CGO_LDFLAGS="-L/...../usr/lib -lgpgme -lgpg-error -lassuan" GO111MODULE=on go build -mod=vendor "-buildmode=pie" -ldflags '-X main.gitCommit=8efffce8befc2de87670ba75d6c86ada61e869fd ' -gcflags "" -tags "" -o bin/skopeo ./cmd/skopeo Package devmapper was not found in the pkg-config search path. Perhaps you should add the directory containing `devmapper.pc' to the PKG_CONFIG_PATH environment variable No package 'devmapper' found pkg-config: exit status 1 make: *** [Makefile:134: bin/skopeo] Error 2 Signed-off-by:
Yanfei Xu <yanfei.xu@windriver.com> Signed-off-by:
-
- Jun 21, 2021
-
-
Xu, Yanfei authored
add nativesdk to BBCLASSEXTEND Signed-off-by:
-
Bruce Ashfield authored
Bumping conmon to version v2.0.1-250-g1ef2468, which comprises the following commits: 1ef2468 Fix docs links due to branch rename 24c73c2 seccomp: fix for unsupported versions fc7830d bump to v2.0.30-dev 7e6de66 bump to v2.0.29 b033cb5 Reset OOM score back to 0 for container runtime 106cad5 seccomp: add support for seccomp notify 77dfb4b .cirrus.yml: raise the timeout to 60m 87330dc call functions registered with atexit on SIGTERM Signed-off-by: -
Bruce Ashfield authored
The upstream project switched from master to main, so we add an explicit branch specification to avoid fetch errors (as the deafult of master no longer works). Signed-off-by: -
Bruce Ashfield authored
Bumping crun to version 0.20.1-7-g7ef74c9, which comprises the following commits: b07c389 criu: fix error check 09401bb linux: fix unitialized variable b222968 cgroup: fix a memory leak 1182975 cgroup: honor memory swappiness set to 0 38271d1 NEWS: tag 0.20.1 923447b container: ignore resetting keyring SELinux label b26493f Dockerfile: install required python3-jinja2 package 0d42f11 NEWS: tag 0.20 9042ac5 seccomp: drop SECCOMP_FILTER_FLAG_LOG by default 0f4156f cgroup: Refactor libcrun-cgroup-destory to support picking subsystems dynamically and clean custom controllers. d6be344 cgroup: ignore devices errors in a userns 6e187fb cgroup: do not join empty controller badb23d seccomp: report correct action in error message 5201956 container: apply SELinux label to keyring 4b664e9 linux: attempt to open existing dev file first dd1c419 libocispec: sync from upstream 5f74e2a Makefile.am: make sure libocispec uses main branch f0c76e1 utils: close_range fallbacks to close on EPERM 1596ab1 Update crun manual with recently added flags 1d84d62 Fix type for LinuxDeviceCgroup.linux.resources.devices.allow in default Spec 62d251d container: call prestart hooks before rootfs is RO 48bc33d Exec: Add --process-label and --apparmor to allow modifying selinux_label and apparmor_profile 0e53e87 Exec: Add --no-new-privs to and adhere if noNewPriviledges is false in basespec config 2de8b43 Fix SIGSEGV for rootless container caused by case when def->linux is defined but def->linux->cgroups_path is NULL 54e77c2 Add support for spec --bundle ae11886 cgroup: fix regression in mode detection 194b72d kill: fix race condition with pidfd_open 2910d9b cgroup: add custom annotation run.oci.delegate-cgroup 407eef9 cgroup: drop argument from function 0485de6 cgroup: report error if the cgroup path was set bf5020a cgroup: improve error message a131715 cgroup: fix recursive cleanup 6e95060 cgroup: kill procs in cgroup on EBUSY 0274d6f tests: disable go modules 1272eaf tests: skip podman create --pull 04f1a6a container: read the error from the init process 29afcd6 Update README.md 9863a8e Update README.md 55f5ed5 utils: use /proc/self/fd to open unix socket fa40930 contrib: fix warning from the rust compiler 1535fed NEWS: tag 0.19.1 227e0be spec: add cgroup ns if on cgroup v2 3fbe777 libcrun: add const to spec_file eb34661 libcrun: annotate cgroup_mode < 0 checks 92bcc81 tests: add fuzzing tests af3509d cgroup: support array of strings 9effaeb On exec, honor additional_gids from the process spec, not the container definition Signed-off-by: -
Bruce Ashfield authored
The upstream project has moved from master to main, so we adjust our recipe accordingly. Signed-off-by:
-
- Jun 15, 2021
-
-
Bruce Ashfield authored
The cni plugins already have mod=vendor, but we also need to ensure that the main CNI build is not using go module based builds. To avoid inconsistent vendoring messages, we switch all plugins to no module builds as well. Signed-off-by: -
Bruce Ashfield authored
Bumping libpod to version v3.2.1-2-gab4d0cf90, which comprises the following commits: 60752b320 Bump to v3.2.2-dev 152952fe6 Bump to v3.2.1 c5d9c0a6f Updated release notes for v3.2.1 4f56f7f13 Fix network connect race with docker-compose e42d727a9 Revert "Ensure minimum API version is set correctly in tests" f69789155 Fall back to string for dockerfile parameter 5a158563c remote events: fix --stream=false 38fbd2cb9 [CI:DOCS] fix incorrect network remove api doc 26eae3bf8 remote: always send resize before the container starts c751544fa remote events: support labels c28f442b2 remote pull: cancel pull when connection is closed 2993bdf1e Fix network prune api docs 8ba0c92e6 Improve systemd-resolved detection c3f6ef63a logs: k8s-file: fix race f1e7a0747 Fix image prune --filter cmd behavior 5ddd76edd Several shell completion fixes 2afb5eeab podman-remote build should handle -f option properly 6beae86f0 System tests: deal with crun 0.20.1 80362b34c Fix build tags for pkg/machine... c85b6b3fe Fix pre-checkpointing b61701acb container: ignore named hierarchies e0dcffa8d [v3.2] vendor containers/common@v0.38.9 d46deca8c rootless: fix fast join userns path f2b3da502 [v3.2] vendor containers/common@v0.38.7 78430ee1d [v3.2] vendor containers/common@v0.38.6 b6ef7cf21 Correct qemu options for Intel macs 9647d8844 Ensure minimum API version is set correctly in tests 72455ece4 Bump to v3.2.1-dev 0281ef262 Bump to v3.2.0 cff73766f Fix network create macvlan with subnet option 8688f54ea Final release notes updates for v3.2.0 f62c6bf6e add ipv6 nameservers only when the container has ipv6 enabled 4b8ca6303 Use request context instead of background ce5c3b554 [v.3.2] events: support disjunctive filters dd83f5c0c System tests: add :Z to volume mounts 32927f5d6 generate systemd: make mounts portable abb57e5cf vendor containers/storage@v1.31.3 1e4563182 vendor containers/common@v0.38.5 fbf8b78a3 Bump to v3.2.0-dev 684729482 Bump to v3.2.0-RC3 f49023031 Update release notes for v3.2.0-RC3 ee5dd0603 Fix race on podman start --all 6c9de9382 Fix race condition in running ls container in a pod 69bae4774 docs: --cert-dir: point to containers-certs.d(5) 934f36df5 Handle hard links in different directories 5eecc2761 Improve OCI Runtime error ba884865c Handle hard links in remote builds c53638e9f Podman info add support for status of cgroup controllers ac8b7ddd8 Drop container does not exist on removal to debugf 18e917cdc Downgrade API service routing table logging efa15b96c add libimage events a9108ab25 docs: generate systemd: XDG_RUNTIME_DIR bb589bec2 Fix problem copying files when container is in host pid namespace Signed-off-by: -
Bruce Ashfield authored
Synchronize the 'runc-docker' with the opencontainers variant. This allows the common patch to be used once again, and we refresh our docker specific patch to the new content. Bumping runc to version v1.0.0-rc95-28-gbfcbc947, which comprises the following commits: 37767c05 ci: lint: show all errors in PRs 07ca0be0 *: clean up remaining golangci-lint failures 00119c85 integration: add repeated "runc update" test d0f2c25f cgroup2: devices: replace all existing filters when attaching 98a3c0e4 cgroup2: devices: switch to emulator for cgroupv1 parity dcc1cf7c devices: add emulator.Rules shorthand 54904516 libcontainer: fix integration failure in "make test" c7c70ce8 *: clean t.Skip messages a95237f8 libctr/cg/systemd: export rangeToBits df0206a6 errcheck: utils 0c65f833 errcheck: signals 3b31e3ea errcheck: tty b45fbd43 errcheck: libcontainer 463ee5e1 errcheck: libcontainer/nsenter 7e7ff872 errcheck: libcontainer/configs a8995053 errcheck: libcontainer/integration b93666eb libct/cg/fs2: setFreezer: wait until frozen 1069e4e9 libct/cg/fs2: optimize setFreezer more 5d193188 libct/cg/fs2: optimize setFreezer 8a7a374f VERSION: back to development b9ee9c63 VERSION: release v1.0.0-rc95 0ca91f44 rootfs: add mount destination validation c61f6062 libcontainer: honor seccomp defaultErrnoRet d519da5e Dockerfile, Vagrantfile.centos7, .github: bats 1.3.0 bdad2859 Dockerfile, Vagrantfile.centos7: use go 1.16 f96530f2 EMERITUS: recognise previous maintainers c73a6626 VERSION: back to development 2c7861bc VERSION: release v1.0.0-rc94 12e9cac9 Vagrantfile.fedora: set Delegate=yes ac70a9a1 tests/int: run rootless_cgroup tests for v2+systemd 601cf582 tests/int/cgroups: don't check for hugetlb 40b97919 tests/int: enable/use requires cgroups_<ctrl> 44fcbfd6 tests/int/helpers: generalize require cgroups_freezer 353f2ad1 tests/int/update.bats: don't set cpuset in setup 4f8ccc5f libct/cg/sd/v2: call initPath from Path 0ed1f802 tests/int/helpers: rm old code af2e03c5 ci/gha: bump shellcheck 0.7.1 -> 0.7.2 2d1bb91d ci/gha: bump shfmt 3.2.0 -> 3.2.4 a7feb423 libct/int: add TestFdLeaksSystemd c7f847ed libct/cg/sd: use global dbus connection 99c5c504 libct/cg/sd: introduce and use getManagerProperty 0fabed76 libct/int/checkpoint_test: use kill(0) for pid check 7eb1405b libct/int/checkpoint_test: use waitProcess helper 72d7a824 libct/int/checkpoint_test: use t.Helper bcca7968 libct/int: simplify/fix showing errors 524abc59 freezer: add delay after freeze e1d842cf libct/intelrdt: fix unit test 541fc19e Makefile: allow overriding go command by environment 06a9ea36 script/release.sh: add -a to force rebuild 91b01682 Update golang.org/x/sys to add linux/ppc support ee4612bc CI: enable Go 1.13 again e2dd9220 go.mod: demote to Go 1.13 45f49e8f libcontainer: avoid using t.Cleanup 1a659bc6 Revert "Makefile: rm go 1.13 workaround" abf12ce0 libc/cg: improve Manager docs 3f659467 libct/cg: make Set accept configs.Resources af0710a0 libct/cg/sd/v2: fix Set argument 850b2c47 libct/cg/fscommon.OpenFile: speed up ro case 71a8aee8 cgroups/systemd: replace deprecated dbus functions 47ef9a10 libct/cg/sd: retry on dbus disconnect 6122bc8b Privatize NewUserSystemDbus 15fee989 libct/cg/sd: add renew dbus connection bacfc2c2 libct/cg/sd: add isDbusError cdbed6f0 libct/cg/sd: add dbus manager 9efd8466 libct/cg/fscommon.OpenFile: reverse checks order 0bee5e0b libct/cg/fs: add GetStats benchmark 7e7eb1c3 CI: update Fedora to 34 d3cee12a cloned_binary: switch from #error to #warning for SYS_memfd_create 23e3794d checkpoint: validate parent path fcd7fe85 libct/cg/fs/freezer: make sure to thaw on failure 0216716c tests/int: add a case for cgroupv2 mount 5ffcc568 tests/int: use bfq test with rootless ff692f28 Fix cgroup2 mount for rootless case 3826db19 libct/rootfs/mountCgroupV2: minor refactor 1e476578 libct/rootfs: introduce and use mountConfig deb8a8dd libct/newInitConfig: nit 2192670a libct/configs/validate: validate mounts 1f1e91b1 libct/specconv: check mount destination is absolute 73f22e7f libcontainer/cgroups/systemd: replace use of deprecated dbus.New() aa622723 tiny fix iterative checkpoint test case ee3b563d Add cfs throttle stats to cgroup v2 6faed0e4 libct/int: use ok(t, err) af3c5699 libct/int: remove unused code 7b802a7d libct/int: better test container names 9f3d7534 logging: enable file/line info if --debug is set ef9922c2 libct/cg: don't return OOMKillCount error when rootless 5cdd9022 libct/cg/fs[2]: fix comments about m.rootless 31dd1e49 tests/int: add rootless + host pidns test case a2050ea4 runc run: fix start for rootless + host pidns 2f1a3ed3 Fix vendored dependencies d15c7bb0 go.mod: github.com/cilium/ebpf v0.5.0 f28a8cc2 ebpf: replace deprecated prog.Attach/prog.Detach 928ef7af libct/nsenter: add json msg escaping 52390d68 Ignore kernel memory settings b7c315ad vendor: bump containerd/console to 1.0.2 b6cdb8ae fix a typo 64bb59f5 nsenter: improve debug logging 6ce2d63a libct/init_linux: retry chdir to fix EPERM c5029c00 tests: fix hello-world tarball name in testdata for arm64 289a3045 go.mod: github.com/moby/sys/mountinfo v0.4.1 4316df8b libcontainer/system: move userns utilities to separate package e7fd383b libcontainer/system: un-export UIDMapInUserNS() 249356a1 libcontainer/system: remove unused GetParentNSeuid() dc52ed25 libcontainer/user: remove outdated MAINTAINERS file 72ecf59c libcontainer/user: fix windows compile error 2515b0c2 libct/user: rm windows code 0596f6e1 libcontainer/devices/device_windows.go: rm b1deba8c libcontainer/configs/config_windows_test.go: rm f1586dbd libcontainer/configs/validate: make Validate() less DRY 4126b807 libcontainer/configs: add missing type for hooknames 48125179 go.mod: github.com/cilium/ebpf v0.4.0 44611630 docs/systemd: add 27bb1bd5 libct/specconv/CreateCgroupConfig: don't set c.Parent default d748280a make release: build/include libseccomp aa6da82c script/release.sh: fix shellcheck warnings 3eb46d89 ci: make static built binary available f0dec0b4 libct/specconv/CreateCgroupConfig: nit 36fe3cc2 tests/int/cpt: fix lazy-pages flakiness 2dd62b3d libct/checkCriuFeatures: rm excessive debug 0e089002 tests/int/checkpoint: close lazy_r fd b09030a5 tests/int/checkpoint: close fds in check_pipes e63df1e6 tests/int: really randomize cgroup/unit names 6e4c5b6e tests/int/cgroups: don't use BUSYBOX_BUNDLE adf733fa vendor: update go-systemd and godbus f09a3e1b tests/int: don't set/use CGROUP_XXX variables 4ecff8d9 start: don't kill runc init too early b1184302 libct/configs/validator: add some cgroup support 0f8d2b6b libct/cg/fs2.Stat: don't look for available controllers 85416b87 libct/cg/fs2.statPids: fall back directly 10f9a982 libct/cg/fs2/getPidsWithoutController: optimize 6121f8b6 libct/cg/fs2.Stat: always call statCpu 9455395b libct/cg/fs2/memory.Stat: add usage for root cgroup a9c47fe7 libct/cg/fs[2]/getMemoryData[V2]: optimize b99ca25a libct/cg/fs2/memory: fix swap reporting 79a8647b libct/int: add TestFdLeaks b3be2b0b libct: close execFifo after start 08b52797 Make test specific to disassembleFilter function 7b3e0bcf Ensure the scratch pipe is read during ExportBPF 62f1f0e4 tests/int/checkpoint: check all logs for errors 346cb359 Revert "tests/checkpoint: show full log lazy pages cpt" c9b3787b script/check-config.sh: add SELinux and AppArmor 5fb831a0 capabilities: WARN, not ERROR, for unknown / unavailable capabilities e49d5da2 go.mod: OCI runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 2726146b runc --debug: more tests 201d60c5 runc run/start/exec: fix init log forwarding race c06f999b libct/logs/test: refactor 688ea99e runc init: fix double call to ConfigureLogs dd6c8d76 main: cast Chmod argument to os.FileMode 69ec21a1 libct/logs.ForwardLogs: use bufio.Scanner 0300299a tests/int/debug.bats: fixups d38d1f9f libcontainer/logs: use int for Config.LogPipeFd ac93746c libct/seccomp: rm IsEnabled 9b2f1e6f runc version: don't use seccomp.IsEnabled c8e0486f Fix oss-fuzz build d76309f9 script/check-config.sh: add CONFIG_SECCOMP_FILTER 997e8942 capabilities.Caps: use a map for capability-types 41f466d8 nsexec.c: fix formatting for netlink defines 522bd641 Fix checking C code formatting 1948b4ce cloned_binary.c: rm redundant comments b67deb56 nsexec.c: rm a block 513d89ee capabilities: use BOUNDING/AMBIENT instead of their alias dd2caace go.mod: runtime-spec v1.0.3-0.20210316141917-a8c4a9ee0f6b a608b7e7 libcontainer/apparmor: use sync.Once for AppArmor detection d6e89248 Fix build-tags in libcontainer/devices f585cec7 libct/cg/v2: always enable TasksAccounting 8c7ece1e fs2: fallback to setting io.weight if io.bfq.weight 74299a1c CI: cache ~/.vagrant.d/boxes 97f2e351 go.mod, libct: bump go-criu to v5, use google.golang.org/protobuf db025aba libct: criuSwrk: only iterate over CriuOpts if debug is set 051646a3 tests: test nested bind mount restore 705b6cc7 Re-create mountpoints during restore Signed-off-by:
-
