Open
Conversation
…ctions/stale-10.1.1 build(deps): bump actions/stale from 10.1.0 to 10.1.1
…olangci/golangci-lint-action-9.2.0 build(deps): bump golangci/golangci-lint-action from 9.0.0 to 9.2.0
…ithub/codeql-action-4.31.7 build(deps): bump github/codeql-action from 4.31.6 to 4.31.7
[CI] Prevents triggering of an inactive issue/PR check for forked repository.
…g-x-af915a047a build(deps): bump the golang-x group with 3 updates
Bumps the otel group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.63.0` | `0.64.0` | | [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.63.0` | `0.64.0` | | [go.opentelemetry.io/otel/exporters/otlp/otlptrace](https://github.com/open-telemetry/opentelemetry-go) | `1.38.0` | `1.39.0` | | [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go) | `1.38.0` | `1.39.0` | | [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) | `1.38.0` | `1.39.0` | Updates `go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc` from 0.63.0 to 0.64.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go-contrib@zpages/v0.63.0...zpages/v0.64.0) Updates `go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp` from 0.63.0 to 0.64.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go-contrib@zpages/v0.63.0...zpages/v0.64.0) Updates `go.opentelemetry.io/otel` from 1.38.0 to 1.39.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.38.0...v1.39.0) Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace` from 1.38.0 to 1.39.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.38.0...v1.39.0) Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc` from 1.38.0 to 1.39.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.38.0...v1.39.0) Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp` from 1.38.0 to 1.39.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.38.0...v1.39.0) Updates `go.opentelemetry.io/otel/sdk` from 1.38.0 to 1.39.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.38.0...v1.39.0) Updates `go.opentelemetry.io/otel/trace` from 1.38.0 to 1.39.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.38.0...v1.39.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc dependency-version: 0.64.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp dependency-version: 0.64.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/otel dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/otel/sdk dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel - dependency-name: go.opentelemetry.io/otel/trace dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: otel ... Signed-off-by: dependabot[bot] <support@github.com>
…24da917005 build(deps): bump the otel group across 1 directory with 8 updates
…etrics cri: Add background stats collector to calculate UsageNanoCores
Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 1.8.0 to 1.9.0. - [Release notes](https://github.com/containernetworking/plugins/releases) - [Commits](containernetworking/plugins@v1.8.0...v1.9.0) --- updated-dependencies: - dependency-name: github.com/containernetworking/plugins dependency-version: 1.9.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github.com/intel/goresctrl](https://github.com/intel/goresctrl) from 0.10.0 to 0.11.0. - [Release notes](https://github.com/intel/goresctrl/releases) - [Commits](intel/goresctrl@v0.10.0...v0.11.0) --- updated-dependencies: - dependency-name: github.com/intel/goresctrl dependency-version: 0.11.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…b.com/containernetworking/plugins-1.9.0 build(deps): bump github.com/containernetworking/plugins from 1.8.0 to 1.9.0
…b.com/intel/goresctrl-0.11.0 build(deps): bump github.com/intel/goresctrl from 0.10.0 to 0.11.0
Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
go.{mod,sum}: bump CDI deps to v1.1.0.
…nv const The "http.status_code" attribute was deprecated in [SemConv v1.21] in favor of "http.response.status_code", and the `HTTPStatusCodeKey` const was deprecated in [SemConv v1.22]. The `HTTPStatusCodeAttributes` utility doesn't appear to be used currently, but let's update it to use both the old and new variants in case someone still uses it. [SemConv v1.21]: https://github.com/open-telemetry/opentelemetry-go/blob/v1.38.0/semconv/v1.21.0/attribute_group.go#L106-L114 [SemConv v1.22]: https://github.com/open-telemetry/opentelemetry-go/blob/v1.38.0/semconv/v1.22.0/attribute_group.go#L1444-L1452 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Bumps [actions/cache](https://github.com/actions/cache) from 4.3.0 to 5.0.1. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@0057852...9255dc7) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 5.0.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps the k8s group with 3 updates: [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery), [k8s.io/client-go](https://github.com/kubernetes/client-go) and [k8s.io/cri-api](https://github.com/kubernetes/cri-api). Updates `k8s.io/apimachinery` from 0.34.2 to 0.34.3 - [Commits](kubernetes/apimachinery@v0.34.2...v0.34.3) Updates `k8s.io/client-go` from 0.34.2 to 0.34.3 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.34.2...v0.34.3) Updates `k8s.io/cri-api` from 0.34.2 to 0.34.3 - [Commits](kubernetes/cri-api@v0.34.2...v0.34.3) --- updated-dependencies: - dependency-name: k8s.io/apimachinery dependency-version: 0.34.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s - dependency-name: k8s.io/client-go dependency-version: 0.34.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s - dependency-name: k8s.io/cri-api dependency-version: 0.34.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.7 to 4.31.8. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@cf1bb45...1b168cd) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.8 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5.0.0 to 6.0.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@330a01c...b7c566a) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 6.0.0 to 7.0.0. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@018cc2c...37930b1) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
…ctions/cache-5.0.1 build(deps): bump actions/cache from 4.3.0 to 5.0.1
…ctions/upload-artifact-6.0.0 build(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0
…4d19b51d3 build(deps): bump the k8s group with 3 updates
…ctions/download-artifact-7.0.0 build(deps): bump actions/download-artifact from 6.0.0 to 7.0.0
Bumps google.golang.org/protobuf from 1.36.10 to 1.36.11. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-version: 1.36.11 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Kal <119035751+Kaleab-Ayenew@users.noreply.github.com>
…ithub/codeql-action-4.31.8 build(deps): bump github/codeql-action from 4.31.7 to 4.31.8
…e.golang.org/protobuf-1.36.11 build(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11
pkg/tracing: HTTPStatusCodeAttributes: remove use of deprecated SemConv const
We have existing detection for concurrent CreateContainer requests, but the error message is unclear and there is no warning in containerd logs. This change adds a warning and clarifies the error message. Signed-off-by: Samuel Karp <samuelkarp@google.com>
add go1.26.0 into test matrix and remove go1.24 Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
go 1.26 removes support for windows/arm (NOT windows/arm64) ref: https://tip.golang.org/doc/go1.26#windows Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
If docker in the host is configured to use the containerd image format,
then the docker pull/save commands above download the multi-platform
image. IOW, the index.json has references to the other platforms SHAs.
This references to things that are not present (the artifacts for other
platforms) is what make `ctr` fail. However, if we specify a platform,
then ctr ignores the other platforms and the import works just fine.
To try this locally, you can:
$ docker pull ghcr.io/containerd/busybox:1.36
$ docker save ghcr.io/containerd/busybox:1.36 -o image.tar
$ ctr images import --local=true image.tar
The last command will fail if you are using the containerd image store
in docker. If you specify the platform with --platform, it works fine.
With docker overlayfs2 storage driver, if you untar the image you get only
things relevant for your platform:
```
$ cat index.json | jq
{
"schemaVersion": 2,
"mediaType": "application/vnd.oci.image.index.v1+json",
"manifests": [
{
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"digest": "sha256:4d6b13f2ddbe87da8d9dee3719df1723a6d768e511802e70d42ab15370c6eb24",
"size": 401,
"annotations": {
"io.containerd.image.name": "ghcr.io/containerd/busybox:1.36",
"org.opencontainers.image.ref.name": "1.36"
}
}
]
}
$ cat blobs/sha256/4d6b13f2ddbe87da8d9dee3719df1723a6d768e511802e70d42ab15370c6eb24 | jq
{
"schemaVersion": 2,
"mediaType": "application/vnd.oci.image.manifest.v1+json",
"config": {
"mediaType": "application/vnd.oci.image.config.v1+json",
"digest": "sha256:66ba00ad3de8677a3fa4bc4ea0fc46ebca0f14db46ca365e7f60833068dd0148",
"size": 1457
},
"layers": [
{
"mediaType": "application/vnd.oci.image.layer.v1.tar",
"digest": "sha256:b64792c17e4ad443d16b218afb3a8f5d03ca0f4ec49b11c1a7aebe17f6c3c1d2",
"size": 5096448
}
]
}
```
But with the other you get for lot of other platforms too:
```
$ cat index.json | jq
{
"schemaVersion": 2,
"mediaType": "application/vnd.oci.image.index.v1+json",
"manifests": [
{
"mediaType": "application/vnd.docker.distribution.manifest.list.v2+json",
"digest": "sha256:7b3ccabffc97de872a30dfd234fd972a66d247c8cfc69b0550f276481852627c",
"size": 2295,
"annotations": {
"containerd.io/distribution.source.ghcr.io": "containerd/busybox",
"io.containerd.image.name": "ghcr.io/containerd/busybox:1.36",
"org.opencontainers.image.ref.name": "1.36"
}
}
]
}
$ cat blobs/sha256/7b3ccabffc97de872a30dfd234fd972a66d247c8cfc69b0550f276481852627c | jq
{
"manifests": [
{
"digest": "sha256:907ca53d7e2947e849b839b1cd258c98fd3916c60f2e6e70c30edbf741ab6754",
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"platform": {
"architecture": "amd64",
"os": "linux"
},
"size": 528
},
{
"digest": "sha256:dde8e930c7b6a490f728e66292bc9bce42efc9bbb5278bae40e4f30f6e00fe8c",
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"platform": {
"architecture": "arm",
"os": "linux",
"variant": "v5"
},
"size": 528
},
{
...
```
You can switch to the containerd snapshotter in docker by adding this to the daemon.json:
```
{
"features": {
"containerd-snapshotter": true
}
}
```
Signed-off-by: Rodrigo Campos <rodrigo@amutable.com>
integration: Fix TestImageLoad() failure on CI
This downstreams the patch from [moby@b4a6ccb]: > drop useless apparmor denies > These files don't exist under proc so this rule does nothing. > > They are protected against by docker's default cgroup devices since they're > both character devices and not explicitly allowed. [moby@b4a6ccb]: moby/moby@b4a6ccb Co-authored-by: Tycho Andersen <tycho@tycho.pizza> Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Fix dupwords
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.32.2 to 4.32.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@45cbd0c...9e907b5) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github.com/containerd/cgroups/v3](https://github.com/containerd/cgroups) from 3.1.2 to 3.1.3. - [Release notes](https://github.com/containerd/cgroups/releases) - [Commits](containerd/cgroups@v3.1.2...v3.1.3) --- updated-dependencies: - dependency-name: github.com/containerd/cgroups/v3 dependency-version: 3.1.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.78.0 to 1.79.1. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.78.0...v1.79.1) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-version: 1.79.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Align with the version of ttrpc used. full diff: containerd/ttrpc@v1.2.5...v1.2.7 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The current AppArmor profile intends to block write access to everything
in `/proc`, except for `/proc/<pid>` and `/proc/sys/kernel/shm*`.
Currently the rules block access to everything in `/proc/sys`, and do
not successfully allow access to `/proc/sys/kernel/shm*`. Specifically,
a path like /proc/sys/kernel/shmmax matches this part of the pattern:
deny @{PROC}/{[^1-9][^0-9][^0-9][^0-9]* }/** w,
/proc / s y s / kernel /shmmax
This downstreams the patch from [moby@66f14e4] to the containerd profile,
and updates the rule so that it works as intended.
[moby@66f14e4]: moby/moby@66f14e4
Co-authored-by: Phil Sphicas <phil.sphicas@att.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
generating protos produced a warning:
WARN plugin "protoc-gen-go-fieldpath" does not support required features. Feature "proto3 optional" is required by 1 file(s): services/images/v1/images.proto
Implement handling for optional fields (nillable / pointer)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
install-dev-tools: update protoc-gen-go-ttrpc to v1.2.7
…b.com/containerd/cgroups/v3-3.1.3 build(deps): bump github.com/containerd/cgroups/v3 from 3.1.2 to 3.1.3
…e.golang.org/grpc-1.79.1 build(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.1
…ithub/codeql-action-4.32.3 build(deps): bump github/codeql-action from 4.32.2 to 4.32.3
contrib/apparmor: remove non-matching rules for /proc/mem, /proc/kmem
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
ci: add build/test go1.26.0, drop go1.24
Remove Container field from sandbox metadata
contrib/apparmor: fix /proc/sys rule
cmd/protoc-gen-go-fieldpath: add support for optional fields
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )