Open
Conversation
Skip the OOMKilled test when running with systemd cgroups, regardless of the user-provided ginkgo skip list, to avoid this known issue. ``` critest '--ginkgo.skip=should prefer new apparmor field|should support apparmor field|should support deprecated apparmor_profile field|should support unsafe sysctls|should support safe sysctls|should allow privilege escalation when false' Jan 23 08:55:25 c48dfdc00254 bash[130]: Summarizing 1 Failure: Jan 23 08:55:25 c48dfdc00254 bash[130]: [FAIL] [k8s.io] Container OOM runtime should output OOMKilled reason [It] should terminate with exitCode 137 and reason OOMKilled Jan 23 08:55:25 c48dfdc00254 bash[130]: sigs.k8s.io/cri-tools/pkg/validate/container_linux.go:165 ``` REF: https://github.com/containerd/containerd/actions/runs/21280114724/job/61248062856 Signed-off-by: Wei Fu <fuweid89@gmail.com>
Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
ci: bump go 1.24.12, 1.25.6
When a container image has a volumes attribute, currently the mount manager is not used here. This leads to issues with the EROFS snapshotter, notably that rwlayer.img is not present when the snapshotter is configured to create a writable block volume. This change implements mount manager as part of the image volumes processing, so that mount manager mounts are correctly processes before calling mount.All Fixes: #12834 Signed-off-by: Champ-Goblem <cameron@northflank.com>
image volume e2e tests in k/k uses containerd version to trigger tests for some features. ref: https://github.com/kubernetes/kubernetes/blob/bfafa32d90958a8fe7a2ce09ed553fdfef4edd98/test/e2e_node/image_volume.go#L64 The current CI builds have only the SHA as the version since the tags are not present. setting fetch-depth makes sure the tags are present and will be used while testing. Signed-off-by: Akhil Mohan <akhilerm@gmail.com>
ci: set fetch-depth for containerd to 0 for version parsing
The Fedora mirror can be flaky, causing 'Connection reset by peer' errors during the Vagrant box download. This change downloads the box file using curl with retry options before adding it to Vagrant: - --retry 5: Retry up to 5 times on transient failures - --retry-delay 5: Wait 5 seconds between retries - --retry-all-errors: Retry on all errors including connection resets - --connect-timeout 30: Fail if can't connect within 30 seconds - --max-time 600: 10 minute max for the entire download Signed-off-by: Aadhar Agarwal <aadagarwal@microsoft.com>
Bumps [github.com/coreos/go-systemd/v22](https://github.com/coreos/go-systemd) from 22.6.0 to 22.7.0. - [Release notes](https://github.com/coreos/go-systemd/releases) - [Commits](coreos/go-systemd@v22.6.0...v22.7.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-systemd/v22 dependency-version: 22.7.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
…integration ci: add retry logic for Fedora Vagrant box download
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.6.0 to 3.7.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@5e57cd1...c94ce9f) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 3.7.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.10 to 4.32.1. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@cdefb33...6bc82e0) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/cache](https://github.com/actions/cache) from 5.0.2 to 5.0.3. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@8b402f5...cdf6c1f) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 5.0.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
…s-container-host-user pkg/sys: Create user namespace as the container's initial user namesp…
…b.com/coreos/go-systemd/v22-22.7.0 build(deps): bump github.com/coreos/go-systemd/v22 from 22.6.0 to 22.7.0
…ctions/cache-5.0.3 build(deps): bump actions/cache from 5.0.2 to 5.0.3
…ithub/codeql-action-4.32.1 build(deps): bump github/codeql-action from 4.31.10 to 4.32.1
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This code would produce "info" logs on failures, but the logs did only
include the host and HTTP-status, but not which URL was tried, which
limited their functionality when debugging issues;
INFO[0000] fetch failed after status: 404 Not Found host=registry-1.docker.io spanID=30cdc3d09e370346 traceID=851a780f994f420f657e18fa6b8d0a77
INFO[0001] fetch failed after status: 404 Not Found host=registry-1.docker.io spanID=30cdc3d09e370346 traceID=851a780f994f420f657e18fa6b8d0a77
INFO[0002] fetch failed after status: 404 Not Found host=registry-1.docker.io spanID=30cdc3d09e370346 traceID=851a780f994f420f657e18fa6b8d0a77
With this patch, both the "url" and "method" are included. The existing
"host" field is kept for now, but duplicated in the URL (note that the
existing "host" path only includes the hostname, but not custom paths
used);
INFO[0001] fetch failed after status: 404 Not Found host=registry-1.docker.io method=HEAD url="https://registry-1.docker.io/v2/dockersamples/labspace-content-dev/manifests/sha256:512d98f1e4e60663a36123f91254db63d0acadf323f81588379fb52ee1da2fa0" spanID=5d7d1f4c83ef8ee4 traceID=584a3a9b5bee402f90b76281a3fc2176
INFO[0003] fetch failed after status: 404 Not Found host=registry-1.docker.io method=HEAD url="https://registry-1.docker.io/v2/dockersamples/labspace-content-dev/manifests/sha256:708aa78a398943ba8c5917de90bc8d07afd7de9de174ff77f55d20d15e8987bb" spanID=5d7d1f4c83ef8ee4 traceID=584a3a9b5bee402f90b76281a3fc2176
INFO[0004] fetch failed after status: 404 Not Found host=registry-1.docker.io method=HEAD url="https://registry-1.docker.io/v2/dockersamples/labspace-content-dev/manifests/sha256:593c44044ef21eda81ff7150a0466539875c0315a1606538a15e30c593f025ea" spanID=5d7d1f4c83ef8ee4 traceID=584a3a9b5bee402f90b76281a3fc2176
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
…ocker/login-action-3.7.0 build(deps): bump docker/login-action from 3.6.0 to 3.7.0
Signed-off-by: qiuxue <liuyutao36@gmail.com>
script/critest.sh: always skip OOMKilled on systemd cgroup
…unt-manager cri: use mount manager when image has volumes
Use buf to format proto files
edb3e08 removed `script/setup/install-protobuf` and the tools are now installed through `script/setup/install-dev-tools` Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Remove the confusing `(default: false)` that's printed.
Before this:
ctr --help | tail -n2
--help, -h Show help (default: false)
--version, -v Print the version (default: false)
After this:
ctr --help | tail -n2
--help, -h Show help
--version, -v Print the version
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
…oftprops/action-gh-release-2.6.1 build(deps): bump softprops/action-gh-release from 2.5.0 to 2.6.1
…ithub/codeql-action-4.33.0 build(deps): bump github/codeql-action from 4.32.6 to 4.33.0
internal/cri/setutils: remove unused, deprecated utils
…g-x-20a1e670f2 build(deps): bump golang.org/x/mod from 0.33.0 to 0.34.0 in the golang-x group
…ctions/download-artifact-8.0.1 build(deps): bump actions/download-artifact from 8.0.0 to 8.0.1
golangci-lint: enable modernize linter, and fix modernize for other GOOS
…s_rootless Permission denied when attempting os.Chmod the config.Root during server startup
Prepare release notes for api/v1.11.0-beta.0
…b.com/intel/goresctrl-0.12.0 build(deps): bump github.com/intel/goresctrl from 0.11.0 to 0.12.0
…b.com/containernetworking/plugins-1.9.1 build(deps): bump github.com/containernetworking/plugins from 1.9.0 to 1.9.1
Signed-off-by: Derek McGowan <derek@mcg.dev>
Signed-off-by: Derek McGowan <derek@mcg.dev>
Signed-off-by: Derek McGowan <derek@mcg.dev>
pkg/shim: Fix NewSocket directory permissions
Prepare release notes for v2.3.0-beta.0
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Fix vagrant on CI
release notes: https://github.com/opencontainers/runc/releases/tag/v1.4.1 full diff: opencontainers/runc@v1.4.0...v1.4.1 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
1.7 transitioned to being supported by Sam and Chris on March 10. This clarifies the maintainer responsibilities and focus of the provided support. Signed-off-by: Samuel Karp <samuelkarp@google.com>
update runc binary to v1.4.1
releases: clarify extended support for 1.7
Signed-off-by: Samuel Karp <me@samuelkarp.com>
readme: remove announcement for 2.0
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )