The fifteenth patch release for containerd 1.7 contains various fixes; one for a
regression introduced in v1.7.14 in the way process exits were handled.
Highlights
Adds mediatype to OCI index record on export (#9990)
Runtime
Fix runc shim to only defer init process exits (#10037)
Native Windows containers are configured with an internal DNS server for container name resolution, and external DNS servers for other lookups. Not all resolvers, including nslookup, fall back to the external resolvers when they get a SERVFAIL answer from the internal server. So, the internal DNS server can now be configured to forward requests to the external resolvers, by setting "features": {"windows-dns-proxy": true } in the daemon.json file. moby/moby#47584
[!NOTE]
This will be the new default behavior in Docker Engine 27.0.
[!WARNING]
The windows-dns-proxy feature flag will be removed in a future release.
Swarm: Fix Subpath not being passed to the container config. moby/moby#47711
Classic builder: Fix cache miss on WORKDIR <directory>/ build step (directory with a trailing slash). moby/moby#47723
containerd image store: Fix docker images failing when any image in the store has unexpected target. moby/moby#47738
v26.0.2
26.0.2
For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the go-dependencies group with 4 updates in the / directory: github.com/GoogleContainerTools/kaniko, github.com/containerd/containerd, github.com/docker/docker and golang.org/x/sys.
Updates
github.com/GoogleContainerTools/kaniko
from 1.21.1 to 1.22.0Release notes
Sourced from github.com/GoogleContainerTools/kaniko's releases.
Changelog
Sourced from github.com/GoogleContainerTools/kaniko's changelog.
Commits
02860ef
chore(release): release v1.22.0 (#3086)a798fc9
chore(deps): bump github.com/docker/docker from 25.0.4+incompatible to 26.0.0...279053e
chore(deps): bump google.golang.org/api from 0.167.0 to 0.171.0 (#3082)1619608
chore(deps): bump github.com/aws/aws-sdk-go-v2 from 1.25.3 to 1.26.0 (#3083)a952b1b
chore(deps): bump github.com/containerd/containerd from 1.7.13 to 1.7.14 (#3084)4ef48fe
chore(deps): bump docker/build-push-action from 5.2.0 to 5.3.0 (#3070)02f488a
Fix #3032: Remove query parameters in ADD command when the destinatio… (#3053)9095b45
Kaniko/add path regmaps [possible in registry maps and/or mirror] (#3051)cca3742
chore(deps): bump docker/setup-buildx-action from 3.1.0 to 3.2.0 (#3071)fcc800f
chore(deps): bump github.com/moby/buildkit from 0.12.5 to 0.13.0 (#3072)Updates
github.com/containerd/containerd
from 1.7.14 to 1.7.15Release notes
Sourced from github.com/containerd/containerd's releases.
... (truncated)
Commits
926c958
Merge pull request #10039 from estesp/prep-1.7.154d4759b
Prep v1.7.15 release52fc8ab
Merge pull request #10037 from laurazard/backport-1.7-exec-fix21df467
runc-shim: only defer init process exits0dcf21c
Merge pull request #10012 from austinvazquez/release-1.7-fix-offline-compilation2a05421
Fix compile from version control system (source) use caseec5222f
Merge pull request #9990 from daghack/oci-add-mediatype-1.76605c47
adds mediatype to oci index recordbe5ec97
Merge pull request #9975 from thaJeztah/1.7_bump_protobufe6d91d8
vendor: github.com/golang/protobuf v1.5.4Updates
github.com/docker/docker
from 26.0.1+incompatible to 26.1.0+incompatibleRelease notes
Sourced from github.com/docker/docker's releases.
Commits
c8af8eb
Merge pull request #47738 from vvoland/c8d-walk-image-badimagetarget7d95fe8
c8d/list: Ignore unexpected image target801fd16
Merge pull request #47735 from cpuguy83/better_walk_error6667e96
Include more details in errnotManifestOrIndexee8b788
Merge pull request #47734 from krissetto/image-history-timestamp-dereference96c9353
Merge pull request #47723 from vvoland/builder-fix-workdir-slashab570ab
nil dereference fix on image history Created value7532420
container/SetupWorkingDirectory: Don't mutate configa4d5b6b
builder/normalizeWorkdir: Always return cleaned pathe829cca
Merge pull request #47584 from robmry/upstream_dns_windowsUpdates
golang.org/x/sys
from 0.18.0 to 0.19.0Commits
cabba82
windows: use uint32 for serial comm flags for consistency1a50d97
windows: add serial comm functions95f07ec
x/sys/windows: add func windows.DisconnectNamedPipe(handle Handle) (err error)4be02d3
unix: expose mmap calls on z/OSDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show