search

giantswarm / azure-operator

Manages Kubernetes clusters running in in a Giant Swarm installation on Microsoft Azure
https://giantswarm.io/
Apache License 2.0
30 stars 7 forks source link

Update misc modules #1699

Closed renovate[bot] closed 1 year ago

renovate[bot] commented 1 year ago

Mend Renovate

This PR contains the following updates:

Package Type Update Change
alpine final minor 3.16.2 -> 3.18.0
github.com/Azure/go-autorest/autorest require patch v0.11.28 -> v0.11.29
github.com/Azure/go-autorest/autorest/azure/auth require patch v0.5.11 -> v0.5.12
github.com/containerd/containerd replace minor v1.6.8 -> v1.7.1
github.com/containerd/imgcrypt replace patch v1.1.6 -> v1.1.7
github.com/coredns/coredns replace minor v1.9.3 -> v1.10.1
github.com/coreos/go-semver require patch v0.3.0 -> v0.3.1
github.com/docker/distribution replace patch v2.8.1+incompatible -> v2.8.2+incompatible
github.com/gofiber/fiber/v2 replace minor v2.36.0 -> v2.45.0
github.com/google/go-cmp require patch v0.5.8 -> v0.5.9
github.com/microcosm-cc/bluemonday replace patch v1.0.19 -> v1.0.23
github.com/nats-io/jwt/v2 replace minor v2.3.0 -> v2.4.1
github.com/nats-io/nats-server/v2 replace minor v2.8.4 -> v2.9.16
github.com/opencontainers/runc replace patch v1.1.3 -> v1.1.7
github.com/prometheus/client_golang require minor v1.13.0 -> v1.15.1
github.com/spf13/viper require minor v1.12.0 -> v1.15.0
github.com/valyala/fasthttp replace minor v1.39.0 -> v1.47.0
go.mongodb.org/mongo-driver replace minor v1.10.1 -> v1.11.6
golang.org/x/sync require minor v0.0.0-20220819030929-7fc1605a5dde -> v0.2.0

Release Notes

containerd/containerd ### [`v1.7.1`](https://togithub.com/containerd/containerd/releases/tag/v1.7.1): containerd 1.7.1 [Compare Source](https://togithub.com/containerd/containerd/compare/v1.7.0...v1.7.1) Welcome to the v1.7.1 release of containerd! The first patch release for containerd 1.7 includes many fixes to CRI sandbox mode, various other fixes, runc update, and important fixes in core dependencies such as ttrpc and typeurl. ##### CRI/Sandbox Updates - **Throw not supported error when UID or GID mappings provided** ([#​8211](https://togithub.com/containerd/containerd/pull/8211)) - **Cleanup shim on start failure** ([#​8282](https://togithub.com/containerd/containerd/pull/8282)) - **Fix premature close of CRI service when there are no CNI configuration monitors** ([#​8282](https://togithub.com/containerd/containerd/pull/8282)) - **Avoid UID lookup from mount on Darwin** ([#​8314](https://togithub.com/containerd/containerd/pull/8314)) - **Keep Linux mounts for Linux sandboxes on non-Linux hosts** ([#​8331](https://togithub.com/containerd/containerd/pull/8331)) - **Add `noexec`,`nodev`,`nosuid` to `/etc/resolv.conf` bind mount** ([#​8336](https://togithub.com/containerd/containerd/pull/8336)) - **Remove entry for container from container store on error** ([#​8457](https://togithub.com/containerd/containerd/pull/8457)) - **Fix unmarshal in container metrics** ([#​8472](https://togithub.com/containerd/containerd/pull/8472)) ##### Other Notable Updates - **Use readonly for temporary mounts** ([#​8300](https://togithub.com/containerd/containerd/pull/8300) [#​8358](https://togithub.com/containerd/containerd/pull/8358)) - **Fix skip docker manifest option on image exporter** ([#​8344](https://togithub.com/containerd/containerd/pull/8344)) - **Update runc binary to v1.1.7** ([#​8451](https://togithub.com/containerd/containerd/pull/8451)) - **Fix runtime path task option** ([#​8453](https://togithub.com/containerd/containerd/pull/8453)) - **Fix panic from nil checkpoint options** ([#​8475](https://togithub.com/containerd/containerd/pull/8475)) - **Fix transfer service configuration options** ([#​8491](https://togithub.com/containerd/containerd/pull/8491)) - **Fix server-side goroutine leak on receive message error** ([ttrpc#​141](https://togithub.com/containerd/ttrpc/pull/141)) - **Fix panic caused by race to close send channel** ([ttrpc#​140](https://togithub.com/containerd/ttrpc/pull/140)) - **Fix unmarshal to return non-nil object when nil value** ([ttrpc#​140](https://togithub.com/containerd/typeurl/pull/41)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ##### Contributors - Derek McGowan - Sebastiaan van Stijn - Akihiro Suda - Iceber Gu - Phil Estes - Maksym Pavlenko - Wei Fu - Danny Canter - Kirtana Ashok - Rodrigo Campos - Samuel Karp - Vinayak Goyal - Austin Vazquez - Justin Chadwell - Kazuyoshi Kato - Brad Davidson - Djordje Lukic - Ethan Lowman - Laura Brehm - Michael Crosby ##### Changes
68 commits

- \[release/1.7] Prepare release notes for v1.7.1 ([#​8501](https://togithub.com/containerd/containerd/pull/8501)) - [`27a0d957b`](https://togithub.com/containerd/containerd/commit/27a0d957be722eaaf34cdcc9c9a5b47d843b7a9c) Prepare release notes for v1.7.1 - \[release/1.7] Update ttrpc v1.2.2 ([#​8499](https://togithub.com/containerd/containerd/pull/8499)) - [`7b288e2d7`](https://togithub.com/containerd/containerd/commit/7b288e2d77d323cf07a210a9ed02f62235e6f41e) Update ttrpc to v1.2.2 - \[release/1.7] runtime/shim: fix the nil checkpoint options ([#​8475](https://togithub.com/containerd/containerd/pull/8475)) - [`3ef5b689a`](https://togithub.com/containerd/containerd/commit/3ef5b689a7b7f6bb670ad59345c290114e5e29ef) runtime/shim: fix the nil checkpoint options - \[release/1.7] bump typeurl to v2.1.1 ([#​8495](https://togithub.com/containerd/containerd/pull/8495)) - [`0e0532eb2`](https://togithub.com/containerd/containerd/commit/0e0532eb28eb8a1f5d34e89f6ba94eba684c8be1) bump typeurl to v2.1.1 - \[release/1.7] Transfer service backports ([#​8491](https://togithub.com/containerd/containerd/pull/8491)) - [`35e86f96c`](https://togithub.com/containerd/containerd/commit/35e86f96c24da795b3977f181b16a493a7400fdb) \[transfer] avoid setting limiters when max is 0 - [`f7233811f`](https://togithub.com/containerd/containerd/commit/f7233811f6fb2d521e65ecf5b156f82a1aba2f91) Update transfer configuration - [`4510eac00`](https://togithub.com/containerd/containerd/commit/4510eac009eb066501761a1dae05d4e126ef88e0) Fix image pulling with Transfer service - \[release/1.7]Update hcsshim tag to v0.10.0-rc.8 ([#​8480](https://togithub.com/containerd/containerd/pull/8480)) - [`aaa65e8c1`](https://togithub.com/containerd/containerd/commit/aaa65e8c1461ae7187357ea6b7f2807667eada6e) Update hcsshim tag to v0.10.0-rc.8 - \[release/1.7] cri: Fix umarshal metrics ([#​8472](https://togithub.com/containerd/containerd/pull/8472)) - [`95ef67e19`](https://togithub.com/containerd/containerd/commit/95ef67e19552aaec3618cdfa06d6d3ffb57d085b) Fix umarshal metrics for CRI server - \[release/1.7 backport] update go to go1.20.4, go1.19.9 ([#​8471](https://togithub.com/containerd/containerd/pull/8471)) - [`021bba28b`](https://togithub.com/containerd/containerd/commit/021bba28b50e445c4a0a8e79b458db7116dc50e7) update go to go1.20.4, go1.19.9 - \[release/1.7] fix the task setting the runtime path ([#​8453](https://togithub.com/containerd/containerd/pull/8453)) - [`c0e128624`](https://togithub.com/containerd/containerd/commit/c0e128624a8d6a02bb7d2ab3d29369f54791b68e) skip TestContainerStartWithAbsRuntimePath if the runtime is v1 - [`aa3c63c15`](https://togithub.com/containerd/containerd/commit/aa3c63c15f379eec906cb89f7e1204a42a5d1317) integration: add container start test using abs runtime path - [`d2d9eedb1`](https://togithub.com/containerd/containerd/commit/d2d9eedb1d1b2d047fbdd847ce7c67724f27bde4) WithRuntimePath uses the TaskInfo.RuntimePath field - \[release/1.7] Remove entry for container from container store on error ([#​8457](https://togithub.com/containerd/containerd/pull/8457)) - [`6b3ae0129`](https://togithub.com/containerd/containerd/commit/6b3ae01297d2cb39c8018fc783751baba513b390) Remove entry for container from container store on error - \[release/1.7 backport] update runc binary to v1.1.7 ([#​8451](https://togithub.com/containerd/containerd/pull/8451)) - [`fae4b6223`](https://togithub.com/containerd/containerd/commit/fae4b6223a597cf456b63c4272ed85f625eef9f0) update runc binary to v1.1.7 - \[release/1.7] cri: Vendor v0.27.1 ([#​8444](https://togithub.com/containerd/containerd/pull/8444)) - [`571715a9d`](https://togithub.com/containerd/containerd/commit/571715a9df043d0f75d16dcc17fd0c2c41999290) cri: Vendor v0.27.1 - \[release/1.7 backport] oci: partially restore comment on read-only mounts for uid/gid uses ([#​8404](https://togithub.com/containerd/containerd/pull/8404)) - [`1bbf98e53`](https://togithub.com/containerd/containerd/commit/1bbf98e53ec77bad5dabc2a762f4407e99f527c9) oci: partially restore comment on read-only mounts for uid/gid uses - \[release/1.7] Fix argsEscaped tests ([#​8405](https://togithub.com/containerd/containerd/pull/8405)) - [`a6d336c1f`](https://togithub.com/containerd/containerd/commit/a6d336c1f6674c2b342d65ca78fba7fac955eaf1) Fix argsEscaped tests - \[release/1.7] Throw an error if the kubelet requests mounts with uid/gid mappings ([#​8211](https://togithub.com/containerd/containerd/pull/8211)) - [`7de8629be`](https://togithub.com/containerd/containerd/commit/7de8629be0e62c4d8164cd873baf14b64bcbb90b) cri: Throw an error if idmap mounts is requested - [`75ac7e0d8`](https://togithub.com/containerd/containerd/commit/75ac7e0d8200539ff444b952bc060ffa23582a87) cri: Vendor v0.27.0-beta.0 for mounts uid/gid mappings - \[release/1.7] go.mod: remove redundant replace, and some cleaning-up ([#​8396](https://togithub.com/containerd/containerd/pull/8396)) - [`8f6e86fec`](https://togithub.com/containerd/containerd/commit/8f6e86fecad5c11871df20e516ae181d7abf4a7c) go.mod: add comment explaining go-fuzz-headers replace rule - [`1ece0cb50`](https://togithub.com/containerd/containerd/commit/1ece0cb50f7f2f6fc9c59a76ae49227a84a92f1e) go.mod: remove replace for github.com/opencontainers/runtime-tools - [`e9f962187`](https://togithub.com/containerd/containerd/commit/e9f96218795ef6a527fc8cac550ae90b9b09fe5c) go.mod: integration: use non-pre-release of containerd - [`84393b005`](https://togithub.com/containerd/containerd/commit/84393b005f76c085ad62c62dff980dc13d13b131) go.mod: integration: move indirect dependencies to the right group - \[release/1.7 backport] update runc binary to v1.1.6 ([#​8386](https://togithub.com/containerd/containerd/pull/8386)) - [`dec2595af`](https://togithub.com/containerd/containerd/commit/dec2595afe92800fbf8e4e506398b00ff532332f) update runc binary to v1.1.6 - \[release/1.7 backport] oci: Use WithReadonlyTempMount when adding users/groups ([#​8358](https://togithub.com/containerd/containerd/pull/8358)) - [`54d12b872`](https://togithub.com/containerd/containerd/commit/54d12b872132d56feca792051abdce87a2077988) oci: Use WithReadonlyTempMount when adding users/groups - \[release/1.7 backport] update go to go1.20.3, go1.19.8 ([#​8354](https://togithub.com/containerd/containerd/pull/8354)) - [`624327651`](https://togithub.com/containerd/containerd/commit/6243276515454617f58eafaa85352b6e6fcac96e) update go to go1.20.3, go1.19.8 - \[release/1.7] archive: consistently respect value of WithSkipDockerManifest ([#​8344](https://togithub.com/containerd/containerd/pull/8344)) - [`1d6641b7c`](https://togithub.com/containerd/containerd/commit/1d6641b7c92d8854548c7a07bdaa07979ad0eb68) export: add test for WithSkipDockerManifest - [`0e0d84f6b`](https://togithub.com/containerd/containerd/commit/0e0d84f6bb7a0226480dd5ead7c894175d2edcc8) archive: consistently respect value of WithSkipDockerManifest - \[release/1.7] Add noexec nodev and nosuid to sandbox /etc/resolv.conf mount bind. ([#​8336](https://togithub.com/containerd/containerd/pull/8336)) - [`9b4935d86`](https://togithub.com/containerd/containerd/commit/9b4935d86436419670febe9695787a3aaf5ceeb7) Update sbserver to add noexec nodev and nosuid to /etc/resolv.conf mount bind. - [`5e953cfa6`](https://togithub.com/containerd/containerd/commit/5e953cfa62abb90b2c4dc775907cbb276637bfe8) Test to ensure nosuid,nodev,noexec are set on /etc/reolv.conf mount. - [`0aad93f08`](https://togithub.com/containerd/containerd/commit/0aad93f08ca4da8f33ad709dbe49593f6ff5c59c) Add noexec nodev and nosuid to sandbox /etc/resolv.conf mount bind. - \[release/1.7] ctr/tasks: fix unmarshal the task metrics for cgroups v1 ([#​8335](https://togithub.com/containerd/containerd/pull/8335)) - [`1a64f1b43`](https://togithub.com/containerd/containerd/commit/1a64f1b4341ebda4b8f8cf67cac543394a10a4c3) ctr/tasks: fix unmarshal the task metrics for cgroups v1 - \[release/1.7] Keep linux mounts for linux sandboxes on Windows/Darwin ([#​8331](https://togithub.com/containerd/containerd/pull/8331)) - [`17c52a26d`](https://togithub.com/containerd/containerd/commit/17c52a26d63d6105e9918fb2d90ff346e4e4c463) Keep linux mounts for linux sandboxes on Windows/Darwin - \[release/1.7] update runc binary to v1.1.5 ([#​8325](https://togithub.com/containerd/containerd/pull/8325)) - [`d81fc15af`](https://togithub.com/containerd/containerd/commit/d81fc15affe09dbb621be16bda805801a98cab4b) update runc binary to v1.1.5 - [`755efbe64`](https://togithub.com/containerd/containerd/commit/755efbe6402acdaf5832e36b7c6f4e15cc2a406d) go.mod: github.com/opencontainers/runc v1.1.5 - \[backport 1.7] Defer uid lookups on Darwin ([#​8314](https://togithub.com/containerd/containerd/pull/8314)) - [`90591db47`](https://togithub.com/containerd/containerd/commit/90591db47c70db29386b8d9e58ffa1005b560dc0) Defer uid lookups on Darwin - \[release/1.7 backport] Add `WithReadonlyTempMount` to create readonly temporary mounts ([#​8300](https://togithub.com/containerd/containerd/pull/8300)) - [`b7d87b190`](https://togithub.com/containerd/containerd/commit/b7d87b190d013929377bb85df8301fade73b0298) Add `WithReadonlyTempMount` to create readonly temporary mounts - \[release/1.7] Backport Sandbox/CRI fixes ([#​8282](https://togithub.com/containerd/containerd/pull/8282)) - [`1c1b6bcb2`](https://togithub.com/containerd/containerd/commit/1c1b6bcb2b4a47053855bd7adaed5d9bfdf2a5f5) CRI: Don't always close netConfMonitor channel - [`cf2e454bf`](https://togithub.com/containerd/containerd/commit/cf2e454bf052bee63c0582552566c96357bd2250) Sandbox: Correct/add some fields to Status() - [`ce68e8e0d`](https://togithub.com/containerd/containerd/commit/ce68e8e0db47174580fc74ecdeb66c26695ecd0b) Sandbox: Cleanup shim on Start failure

##### Changes from containerd/ttrpc
8 commits

- First process the pending messages in recv channel ([#​144](https://togithub.com/containerd/ttrpc/pull/144)) - [`c51165f`](https://togithub.com/containerd/ttrpc/commit/c51165f20d52c5b19c76cd8a1d16ead701146e89) First process the pending messages in recv channel - Add recvClose channel to stream ([#​140](https://togithub.com/containerd/ttrpc/pull/140)) - [`471297e`](https://togithub.com/containerd/ttrpc/commit/471297eed95365134cb1a15defdf42334fd4c85a) Add recvClose channel to stream - Unwrap IO errors in server connection error handling ([#​141](https://togithub.com/containerd/ttrpc/pull/141)) - [`9599fad`](https://togithub.com/containerd/ttrpc/commit/9599fadcd66ef7b6a3aec840be59a3a38203bc2c) Unwrap io errors in server connection receive error handling - Update GitHub actions CI workflow ([#​124](https://togithub.com/containerd/ttrpc/pull/124)) - [`c7b5a32`](https://togithub.com/containerd/ttrpc/commit/c7b5a322eda63419e2dafa8dd215b08739ebe9f5) Update GitHub actions CI workflow

##### Dependency Changes - **github.com/Microsoft/go-winio** v0.6.0 -> v0.6.1 - **github.com/Microsoft/hcsshim** v0.10.0-rc.7 -> v0.10.0-rc.8 - **github.com/containerd/ttrpc** v1.2.1 -> v1.2.2 - **github.com/containerd/typeurl/v2** v2.1.0 -> v2.1.1 - **github.com/golang/protobuf** v1.5.2 -> v1.5.3 - **github.com/opencontainers/runc** v1.1.4 -> v1.1.5 - **github.com/opencontainers/runtime-tools** [`946c877`](https://togithub.com/containerd/containerd/commit/946c877fa809) -> [`2e043c6`](https://togithub.com/containerd/containerd/commit/2e043c6bd626) - **golang.org/x/mod** v0.7.0 -> v0.9.0 - **golang.org/x/net** v0.7.0 -> v0.8.0 - **golang.org/x/sys** v0.6.0 -> v0.7.0 - **golang.org/x/term** v0.5.0 -> v0.6.0 - **golang.org/x/text** v0.7.0 -> v0.8.0 - **golang.org/x/tools** v0.5.0 -> v0.7.0 - **google.golang.org/protobuf** v1.28.1 -> v1.29.1 - **k8s.io/cri-api** v0.26.2 -> v0.27.1 Previous release can be found at [v1.7.0](https://togithub.com/containerd/containerd/releases/tag/v1.7.0) ### [`v1.7.0`](https://togithub.com/containerd/containerd/releases/tag/v1.7.0): containerd 1.7.0 [Compare Source](https://togithub.com/containerd/containerd/compare/v1.6.21...v1.7.0) Welcome to the v1.7.0 release of containerd! The eighth major release of containerd includes new functionality alongside many improvements. This release is the last major release of containerd 1.x before 2.0. Some functionality in this release may be considered experimental or unstable, but will become stable or default in 2.0. This release still adheres to our backwards compatibility guarantees and users who do not use or enable new functionality should use this release with the same stability expectations. The previous 1.6 release has also become a long term stable release for users who prefer releases with mostly stability improvements and wish to wait a few releases for new functionality. ##### Highlights ##### Sandbox API *(experimental)* The sandbox API provides a new way of managing containerd's shim, providing more flexibility and functionality for multi-container environments such as Pods and VMs. This API makes it easier to manage these groups of containers at a higher level and offers new extension points for shim implementations and clients. - **Sandbox API** ([#​6703](https://togithub.com/containerd/containerd/pull/6703)) - **CRI Sandbox API Implementation** ([#​7228](https://togithub.com/containerd/containerd/pull/7228)) ##### Transfer Service *(experimental)* - **Transfer Service** ([#​7320](https://togithub.com/containerd/containerd/pull/7320)) The transfer service provides a simple interface to transfer artifact objects between any source and destination. This allows for pull and push operations to be done in containerd whether requested from clients or plugins. It is experimental in this release to allow for further plugin development and integration into existing plugins. See the [Transfer Docs](https://togithub.com/containerd/containerd/blob/main/docs/transfer.md) ##### NRI *(experimental)* - **Extend NRI scope** ([nri#​16](https://togithub.com/containerd/nri/pull/16)) - **Support for updated NRI** ([#​6019](https://togithub.com/containerd/containerd/pull/6019)) The Node Resource Interface is a common framework for plugging extensions into OCI-compatible container runtimes. It provides basic mechanisms for plugins to track the state of containers and to make limited changes to their configuration. This release introduces NRI v0.3.0 with an updated plugin interface to cover a wide range of use cases. See the [NRI Docs](https://togithub.com/containerd/containerd/blob/main/docs/NRI.md) ##### Platform Support - **Linux containers on FreeBSD** ([#​7000](https://togithub.com/containerd/containerd/pull/7000)) ##### Runtime Features - **Add support for CDI device injection** ([#​6654](https://togithub.com/containerd/containerd/pull/6654)) - **Support for cgroups blockio** ([#​5490](https://togithub.com/containerd/containerd/pull/5490)) - **Add restart policy for enhanced restart manager** ([#​6744](https://togithub.com/containerd/containerd/pull/6744)) ##### gRPC Shim Support *(experimental)* - **Initial gRPC shim support** ([#​8052](https://togithub.com/containerd/containerd/pull/8052)) Adds support for shims to use gRPC in addition to ttrpc. Existing ttrpc shim support is not going away and will continue to be recommended for the best performance and lowest shim memory overhead. The gRPC support allows implementation of a wider range of shim implementations which may not have access to a stable ttrpc library in the implementation language. The shim protocol is also updated to allow the shims to specify the protocol which is supported. ##### Road to 2.0 ##### Refactoring There are multiple places in the code today which are being targeted for refactoring to make long term support easier and to provide more extension points. The CRI plugin is the most complex containerd plugin with a wide range of functionality. A major effort in this release and before 2.0 involves moving functionality out of the single CRI plugin into smaller-scoped containerd plugins, such that they can be used and tested independently. The new sandbox and distribution interfaces provide one example of this, but it also being done for image and network management. The version of ttrpc has been updated this release to support streaming, allowing existing grpc services to use ttrpc. Services are being refactored to allow ttrpc implementations, which can be served via shim and accessed using the new sandbox management capability. - **Remove gogoproto.customtype** ([#​6699](https://togithub.com/containerd/containerd/pull/6699)) - **Remove enumvalue_customname, goproto_enum_prefix and enum_customname** ([#​6708](https://togithub.com/containerd/containerd/pull/6708)) - **Remove all gogoproto extensions** ([#​6829](https://togithub.com/containerd/containerd/pull/6829)) - **Migrate off from github.com/gogo/protobuf** ([#​6841](https://togithub.com/containerd/containerd/pull/6841)) - **ttrpc streaming** ([ttrpc#​107](https://togithub.com/containerd/ttrpc/pull/107)) - **Add unpack interface for client** ([#​6749](https://togithub.com/containerd/containerd/pull/6749)) - **Add collectible resources to metadata gc** ([#​6804](https://togithub.com/containerd/containerd/pull/6804)) - **Add version to shim protocol** ([#​8177](https://togithub.com/containerd/containerd/pull/8177)) ##### Configuration Existing CRI configurations will be supported until 2.0. Any functionality split out of CRI will have their configuration migrated to new plugins. Deprecated configuration versions and configurations for deprecated features will be removed in 2.0. ##### Deprecation The 2.0 release will remove any feature deprecated in 1.x. Features deprecated in this release include. - **Docker Schema 1 Image Deprecation** ([#​6884](https://togithub.com/containerd/containerd/pull/6884)) ##### CRI Updates - **Fix CRI plugin to setup pod network after creating the sandbox container** ([#​5904](https://togithub.com/containerd/containerd/pull/5904)) - **Support image pull progress timeout** ([#​6150](https://togithub.com/containerd/containerd/pull/6150)) - **Add experimental support for runtime specific snapshotters** ([#​6899](https://togithub.com/containerd/containerd/pull/6899)) - **Pass all TOML runtime configuration options from CRI to the runtime** ([#​7764](https://togithub.com/containerd/containerd/pull/7764)) - **Support for user namespaces in stateless pods ([KEP-127](https://togithub.com/kubernetes/enhancements/tree/master/keps/sig-node/127-user-namespaces)) *(experimental)*** ([#​7679](https://togithub.com/containerd/containerd/pull/7679)) - **Add timeout option for drain exec io** ([#​7832](https://togithub.com/containerd/containerd/pull/7832)) - **Add network plugin metrics** ([#​7858](https://togithub.com/containerd/containerd/pull/7858)) - **CRI v1alpha2 is deprecated and will be removed from containerd in containerd v2.0; if you are using the CRI API please move up to CRI v1; Kubernetes supports CRI v1 since Kubernetes 1.23** ([#​7863](https://togithub.com/containerd/containerd/pull/7863)) ##### Other - **Support shallow content copy by adding reader option to local content reader at** ([#​7414](https://togithub.com/containerd/containerd/pull/7414)) - **Add NoSameOwner option when unpacking tars** ([#​7386](https://togithub.com/containerd/containerd/pull/7386)) - **Add `FetcherByDigest` for fetching blobs without fetching a manifest** ([#​7460](https://togithub.com/containerd/containerd/pull/7460)) - **Update default seccomp profile to block socket calls to AF_VSOCK** ([#​7510](https://togithub.com/containerd/containerd/pull/7510)) - **Replace fork on mount logic with CLONE_FS** ([#​7513](https://togithub.com/containerd/containerd/pull/7513)) - **Add support for default registry host configuration** ([#​7607](https://togithub.com/containerd/containerd/pull/7607)) - **Use github.com/minio/sha256-simd for more efficient sha256 calculation** ([#​7732](https://togithub.com/containerd/containerd/pull/7732)) - **Make OCI options cross-platform** ([#​7928](https://togithub.com/containerd/containerd/pull/7928)) - **Update release builds to build from Ubuntu 20.04 with glibc 2.31** ([#​8021](https://togithub.com/containerd/containerd/pull/8021)) - **Use data field from OCI descriptor when provided for fetch** ([#​8076](https://togithub.com/containerd/containerd/pull/8076)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. ##### Contributors - Derek McGowan - Kazuyoshi Kato - Maksym Pavlenko - Wei Fu - Phil Estes - Akihiro Suda - Sebastiaan van Stijn - Samuel Karp - Krisztian Litkey - Mike Brown - Stefan Berger - Danny Canter - Austin Vazquez - Daniel Canter - yanggang - Iceber Gu - Ye Sijun - Ed Bartosh - Luca Comellini - Adam Korcz - Nashwan Azhari - Tony Fang - ruiwen-zhao - xin.li - Brian Goff - Gabriel Adrian Samfira - Paul "TBBle" Hampson - Henry Wang - Kevin Parsons - Rodrigo Campos - zounengren - Justin Terry - Paco Xu - Shengjing Zhu - Swagat Bora - wanglei - Gavin Inglis - Akhil Mohan - Hsing-Yu (David) Chen - Zechun Chen - guodong - lengrongfu - James Jenkins - James Sturtevant - Kirtana Ashok - Michael Crosby - Qiutong Song - Shiming Zhang - Vincent Batts - Antonio Ojea - Cameron Sparr - Casey Callendrello - Changwei Ge - Jian Zeng - Josh Seba - Junyu Liu - Kohei Tokunaga - Michael Zappa - Qasim Sarfraz - Tobias Klauser - Zhang Tianyang - pigletfly - yaoyinnan - Abirdcfly - Aditi Sharma - Amit Barve - Bennett-White - Bjorn Neergaard - Cory Snider - Craig Ingram - Eng Zer Jun - Eric Lin - Ethan Lowman - Fabian Hoffmann - Jess - Jiongchi Yu - Jonny Stoten - Juan Hoyos - Kang.Zhang - Kay Yan - Markus Lehtonen - Mikko Ylinen - Mohit Sharma - Paul Cacheux - Paul S. Schweigert - Qian Zhang - Tõnis Tiigi - Yasin Turan - bin liu - helen - yulng - Aman Sharma - Anastassios Nanos - Andrew G. Morgan - Andrey Klimentyev - Aniruddha Basak - Anthony Nandaa - Antti Kervinen - Aviral Takkar - Baoshuo - Benjamin Elder - Benjamin Wang - Brandon Lum - Chao Dai - Chuanying Du - Claudiu Belu - Daniel Lenar - Danielle Lancashire - Dat Nguyen - Davanum Srinivas - Dave - David Leadbeater - David Porter - Dmitry Shurupov - Edgar Lee - Eric Ernst - Fahed Dorgaa - Gabriela Cervantes - Gijs Peskens - Hamza El-Saawy - Ikko Ashimine - Jeff Widman - Jeff Zvier - Jeremi Piotrowski - Jimmy Hsiao - Jin Dong - Jordan Karaze - Joseph Sheng - Joyce Brum - Jukka Rissanen - Justin Chadwell - Kate - Kathryn Baldauf - Kyle L Frisbie - LongtaoZhang - Manuel Alejandro de Brito Fontes - Marc Schwind - Mark Rossetti - Mark Zhang - Marvin Giessing - Mathis Michel - Merlin Ran - Nabeel Rana - Nathan - Nguyen Phan Huy - Nikita Rybak - Nobel Barakat - Oleg Atamanenko - Oleg Zhurakivskyy - Oliver Radwell - Paweł Gronowski - Quan Tian - Roy Yang - Samuel Ortiz - Serge Logvinov - Shane Jennings - Shaun Lawrie - Shinichi Morimoto - SilverSoldier - Sophie Liu - Su Fei - Taeho Nam - Takumasa Sakao - Tiger Kaovilai - Tom Godkin - Tomoya.Fujita - Xinlin Ma - Yakul Garg - Zhongming Chang - Zhuchen Wang - austinvazquez - cardy.tang - chaunceyjiang - dabaooline - guiyong.ou - huoqifeng - jianfei.zhang - liyuxuan.darfux - ningmingxiao - panguicai008 - shi yixue - shuaichang - songjiang han - wen chen - wusong - xiaoyang zhu - yanghesong - yaozhenxiu - zhang he ##### Changes
1753 commits

- Prepare release notes for v1.7.0 ([#​8242](https://togithub.com/containerd/containerd/pull/8242)) - RELEASES.md: describe the deprecated config properties ([#​8241](https://togithub.com/containerd/containerd/pull/8241)) - Flag usage uses uppercase letters ([#​8232](https://togithub.com/containerd/containerd/pull/8232)) - docs: link docs/managed-opt.md to client.Install ([#​8240](https://togithub.com/containerd/containerd/pull/8240)) - Prepare release notes for v1.7.0-rc.3 ([#​8233](https://togithub.com/containerd/containerd/pull/8233)) - Go 1.20.2 ([#​8237](https://togithub.com/containerd/containerd/pull/8237)) - Update ttrpc to v1.2.1 ([#​8236](https://togithub.com/containerd/containerd/pull/8236)) - sandbox: create sandbox with network namespace path ([#​8149](https://togithub.com/containerd/containerd/pull/8149)) - labels: Add LabelDistributionSource ([#​8224](https://togithub.com/containerd/containerd/pull/8224)) - archive: disable looking up usernames and groupnames on the host ([#​8220](https://togithub.com/containerd/containerd/pull/8220)) - go.mod: go.opentelemetry.io/otel/\* v1.14.0 ([#​8222](https://togithub.com/containerd/containerd/pull/8222)) - metadata: add comments about `Image.CreatedAt` ([#​8225](https://togithub.com/containerd/containerd/pull/8225)) - Add release notes for v1.7.0-rc.2 ([#​8216](https://togithub.com/containerd/containerd/pull/8216)) - go.mod: {hcsshim, containerd/*, go-restful/v3, mergo, klauspost/compress, opencontainers/*} latest ([#​8221](https://togithub.com/containerd/containerd/pull/8221)) - Bump k8s.io deps ([#​8131](https://togithub.com/containerd/containerd/pull/8131)) - Update imgcrypt to v1.1.7 ([#​8217](https://togithub.com/containerd/containerd/pull/8217)) - Add ArgsEscaped support for CRI ([#​8198](https://togithub.com/containerd/containerd/pull/8198)) - Sandbox: Delete shim+shutdown sandbox on create failure ([#​8204](https://togithub.com/containerd/containerd/pull/8204)) - \[Feature] Transfer tag image ([#​8205](https://togithub.com/containerd/containerd/pull/8205)) - docs: fix typo of shim.RunManager's function comment ([#​8214](https://togithub.com/containerd/containerd/pull/8214)) - \[cri] Implement CRI Pod and Container stats for Windows ([#​7099](https://togithub.com/containerd/containerd/pull/7099)) - Sandbox: Fix/enhance error messages for Create ([#​8203](https://togithub.com/containerd/containerd/pull/8203)) - epoch: fix unit test when SOURCE_DATE_EPOCH is set ([#​8202](https://togithub.com/containerd/containerd/pull/8202)) - pkg/cri: add timeout to drain exec io ([#​7832](https://togithub.com/containerd/containerd/pull/7832)) - Prepare release notes for v1.7.0-rc.1 ([#​8192](https://togithub.com/containerd/containerd/pull/8192)) - Transfer export image ([#​8191](https://togithub.com/containerd/containerd/pull/8191)) - Create config struct to take user input ([#​8193](https://togithub.com/containerd/containerd/pull/8193)) - ctr/tasks: support remapped UID/GID ([#​7864](https://togithub.com/containerd/containerd/pull/7864)) - Add experimental section to RELEASES.md ([#​8119](https://togithub.com/containerd/containerd/pull/8119)) - Fix streaming manager deadlock on collection ([#​8188](https://togithub.com/containerd/containerd/pull/8188)) - Update CRI guide link ([#​8190](https://togithub.com/containerd/containerd/pull/8190)) - Add max shim version environment variable ([#​8189](https://togithub.com/containerd/containerd/pull/8189)) - Update README with location of security audits ([#​8187](https://togithub.com/containerd/containerd/pull/8187)) - docs: fix typos in historical/design/data-flow.md ([#​8181](https://togithub.com/containerd/containerd/pull/8181)) - Increase CI workflow timeout on Windows. ([#​8183](https://togithub.com/containerd/containerd/pull/8183)) - releases: mark 1.5 as EOL ([#​8178](https://togithub.com/containerd/containerd/pull/8178)) - Add version to shim protocol ([#​8177](https://togithub.com/containerd/containerd/pull/8177)) - Rework install-protobuf script and add new targets ([#​8164](https://togithub.com/containerd/containerd/pull/8164)) - bump go-cni to v1.1.9 ([#​8173](https://togithub.com/containerd/containerd/pull/8173)) - Treat sandboxes as root gc resources and scan referenced objects ([#​8172](https://togithub.com/containerd/containerd/pull/8172)) - update CDI version to v0.5.4 ([#​8152](https://togithub.com/containerd/containerd/pull/8152)) - Prepare release notes for v1.7.0-rc.0 ([#​8162](https://togithub.com/containerd/containerd/pull/8162)) - pkg/nri: pull in latest NRI, update NRI configuration. ([#​8140](https://togithub.com/containerd/containerd/pull/8140)) - \[transfer]Config options followup ([#​8165](https://togithub.com/containerd/containerd/pull/8165)) - Add configuration options to local transfer service ([#​8062](https://togithub.com/containerd/containerd/pull/8062)) - docs: Show how to select GRPC for shims ([#​8134](https://togithub.com/containerd/containerd/pull/8134)) - CRI: remove duplicated snapshotters code ([#​8154](https://togithub.com/containerd/containerd/pull/8154)) - docs: add more comment to logging.LoggerFunc ([#​8142](https://togithub.com/containerd/containerd/pull/8142)) - contrib/apparmor: remove code related to apparmor_parser version ([#​8069](https://togithub.com/containerd/containerd/pull/8069)) - runtime/v2: Call onCloseWithShimLog for grpc shims ([#​8120](https://togithub.com/containerd/containerd/pull/8120)) - Add Fields type alias to log package ([#​8143](https://togithub.com/containerd/containerd/pull/8143)) - Migrate from k8s.gcr.io to registry.k8s.io ([#​8125](https://togithub.com/containerd/containerd/pull/8125)) - sandbox: start sandbox with options ([#​8129](https://togithub.com/containerd/containerd/pull/8129)) - Add macOS build note ([#​8115](https://togithub.com/containerd/containerd/pull/8115)) - Fix concurrent writes for UpdateContainerStats ([#​8130](https://togithub.com/containerd/containerd/pull/8130)) - dependency: bump go.etcd.io/bbolt to v1.3.7 ([#​8128](https://togithub.com/containerd/containerd/pull/8128)) - runtime/v2: Log BootstrapParams ([#​8124](https://togithub.com/containerd/containerd/pull/8124)) - Prepare release notes for v1.7.0 beta.4 ([#​8110](https://togithub.com/containerd/containerd/pull/8110)) - Go 1.20.1 ([#​8103](https://togithub.com/containerd/containerd/pull/8103)) - ctr version: add args check ([#​8096](https://togithub.com/containerd/containerd/pull/8096)) - pkg/cri/config: fix Mirrors deprecation comment ([#​8041](https://togithub.com/containerd/containerd/pull/8041)) - docs: fix function names in fuzzing test documentation ([#​8044](https://togithub.com/containerd/containerd/pull/8044)) - fix: 'go routine' should be 'goroutine' ([#​8051](https://togithub.com/containerd/containerd/pull/8051)) - Github Security Advisory [GHSA-hmfx-3pcx-653p](https://togithub.com/containerd/containerd/security/advisories/GHSA-hmfx-3pcx-653p) - Github Security Advisory [GHSA-259w-8hf6-59c2](https://togithub.com/containerd/containerd/security/advisories/GHSA-259w-8hf6-59c2) - pkg/cri/sbserver: experimental NRI integration for CRI. ([#​7954](https://togithub.com/containerd/containerd/pull/7954)) - Clean up error strings that start with uppercase ([#​8114](https://togithub.com/containerd/containerd/pull/8114)) - Clean up repeated package import ([#​8113](https://togithub.com/containerd/containerd/pull/8113)) - Go 1.19.6 ([#​8109](https://togithub.com/containerd/containerd/pull/8109)) - Initial GRPC shims support ([#​8052](https://togithub.com/containerd/containerd/pull/8052)) - CRI: Pass sandbox annotations to \_other platforms ([#​8060](https://togithub.com/containerd/containerd/pull/8060)) - cmd/ctr/commands/images: support usage subcommand ([#​8105](https://togithub.com/containerd/containerd/pull/8105)) - cni: pass in the cgroupPath capability argument ([#​8067](https://togithub.com/containerd/containerd/pull/8067)) - Add fallback for windows platforms without osversion ([#​8101](https://togithub.com/containerd/containerd/pull/8101)) - release: xx v1.2.1 ([#​8104](https://togithub.com/containerd/containerd/pull/8104)) - \[transfer] update imagestore interface to support multiple references ([#​7964](https://togithub.com/containerd/containerd/pull/7964)) - \[sandbox] Use options to pass PodSandboxConfig to shims ([#​8100](https://togithub.com/containerd/containerd/pull/8100)) - Send container events with nil PodSandboxStatus ([#​8047](https://togithub.com/containerd/containerd/pull/8047)) - test: add hostNetwork tests for both windows and linux ([#​7984](https://togithub.com/containerd/containerd/pull/7984)) - loadConfig pre-inspection in advance ([#​8097](https://togithub.com/containerd/containerd/pull/8097)) - contrib/apparmor: remove version-dependent rules ([#​8068](https://togithub.com/containerd/containerd/pull/8068)) - \*: introduce wrapper pkgs for blockio and rdt ([#​8066](https://togithub.com/containerd/containerd/pull/8066)) - Extract CRI instrument into separate package ([#​8093](https://togithub.com/containerd/containerd/pull/8093)) - CRI: Mirror generic toml runtime config under server ([#​8091](https://togithub.com/containerd/containerd/pull/8091)) - go.mod: github.com/containerd/typeurl/v2 v2.1.0 ([#​8092](https://togithub.com/containerd/containerd/pull/8092)) - Revert `apparmor_parser` regression ([#​8086](https://togithub.com/containerd/containerd/pull/8086)) - \[sandbox] refactor controller interface ([#​7981](https://togithub.com/containerd/containerd/pull/7981)) - btrfs: depend on kernel UAPI instead of libbtrfs ([#​7933](https://togithub.com/containerd/containerd/pull/7933)) - CI: skip some jobs when `repo != containerd/containerd` ([#​8082](https://togithub.com/containerd/containerd/pull/8082)) - chore: clean up repeated package import ([#​8078](https://togithub.com/containerd/containerd/pull/8078)) - fetch: Use data from descriptor when available. ([#​8076](https://togithub.com/containerd/containerd/pull/8076)) - chore: use http constants instead of string ([#​8077](https://togithub.com/containerd/containerd/pull/8077)) - Fix retry logic within devmapper device deactivation ([#​8075](https://togithub.com/containerd/containerd/pull/8075)) - Clean CI yaml ([#​8071](https://togithub.com/containerd/containerd/pull/8071)) - Add critest.exe in $PATH ([#​8074](https://togithub.com/containerd/containerd/pull/8074)) - keep the uppercase letter for flag info ([#​7976](https://togithub.com/containerd/containerd/pull/7976)) - go.mod: Bump hcsshim to v0.10.0-rc.5 ([#​8049](https://togithub.com/containerd/containerd/pull/8049)) - Fix sandbox exit monitor ([#​8045](https://togithub.com/containerd/containerd/pull/8045)) - Generate GRPC contracts for runtime APIs ([#​7979](https://togithub.com/containerd/containerd/pull/7979)) - Make argument validation of `mount.UnmountRecursive` compatible to `mount.UnmountAll` ([#​8035](https://togithub.com/containerd/containerd/pull/8035)) - Export remote snapshotter label handler ([#​8036](https://togithub.com/containerd/containerd/pull/8036)) - Adding support to run install hcsshim from local clone ([#​7989](https://togithub.com/containerd/containerd/pull/7989)) - go.mod: github.com/urfave/cli v1.22.12 ([#​8040](https://togithub.com/containerd/containerd/pull/8040)) - cmd/ctr/commands: clean up the func IntToInt32Array in utils.go ([#​8039](https://togithub.com/containerd/containerd/pull/8039)) - pkg/epoch: drop timezone ([#​8037](https://togithub.com/containerd/containerd/pull/8037)) - go.mod: update github.com/containerd/nri. ([#​8034](https://togithub.com/containerd/containerd/pull/8034)) - fix(docs): minor fix on the windows installation steps ([#​8013](https://togithub.com/containerd/containerd/pull/8013)) - Add integration test to opentelemetry tracing on image pull ([#​7847](https://togithub.com/containerd/containerd/pull/7847)) - Use mount.Target to specify subdirectory of rootfs mount ([#​7840](https://togithub.com/containerd/containerd/pull/7840)) - cri: mkdir /etc/cni with 0755, not 0700 ([#​8020](https://togithub.com/containerd/containerd/pull/8020)) - log/logtest: add `testcase` as debug field ([#​8025](https://togithub.com/containerd/containerd/pull/8025)) - go.mod: github.com/containerd/cgroups/v3 v3.0.0 ([#​8027](https://togithub.com/containerd/containerd/pull/8027)) - Update CNI plugins to 1.2.0 ([#​7977](https://togithub.com/containerd/containerd/pull/7977)) - go.mod: go.opentelemetry.io/otel v1.12.0 ([#​8026](https://togithub.com/containerd/containerd/pull/8026)) - Move PLEG events for pause container under podsandbox package ([#​8007](https://togithub.com/containerd/containerd/pull/8007)) - runtime docs: Clarify delete cwd behavior ([#​8012](https://togithub.com/containerd/containerd/pull/8012)) - release: Add "cri-containerd.DEPRECATED.txt" in the deprecated cri-containerd-\* bundles ([#​8019](https://togithub.com/containerd/containerd/pull/8019)) - RELEASES.md: update release status ([#​8022](https://togithub.com/containerd/containerd/pull/8022)) - deflake: TestContainerPids ([#​8023](https://togithub.com/containerd/containerd/pull/8023)) - release: Ubuntu 18.04 -> 20.04 (glibc 2.27 -> 2.31) ([#​8021](https://togithub.com/containerd/containerd/pull/8021)) - Update the EOL date for 1.5 release ([#​8015](https://togithub.com/containerd/containerd/pull/8015)) - Prepare release notes for v1.7.0-beta.3 ([#​8014](https://togithub.com/containerd/containerd/pull/8014)) - Fix Memory Limit test ([#​7959](https://togithub.com/containerd/containerd/pull/7959)) - Reused package errdefs for not supported error ([#​8005](https://togithub.com/containerd/containerd/pull/8005)) - pkg/cri: optimize slice initialization ([#​7994](https://togithub.com/containerd/containerd/pull/7994)) - go.mod: update goresctrl to v0.3.0 ([#​7987](https://togithub.com/containerd/containerd/pull/7987)) - pushWriter: correctly propagate errors ([#​7985](https://togithub.com/containerd/containerd/pull/7985)) - CI: test release.yml on every PR ([#​7968](https://togithub.com/containerd/containerd/pull/7968)) - fix incorrect namespace of event when create/update namespace ([#​7129](https://togithub.com/containerd/containerd/pull/7129)) - Backport changes to sandboxed CRI ([#​7973](https://togithub.com/containerd/containerd/pull/7973)) - Fix syntax errors in the document ([#​7970](https://togithub.com/containerd/containerd/pull/7970)) - release/Dockerfile: set DEBIAN_FRONTEND=noninteractive ([#​7969](https://togithub.com/containerd/containerd/pull/7969)) - use local variable for rt when iterating collectors ([#​7963](https://togithub.com/containerd/containerd/pull/7963)) - Add basic spec and mounts for Darwin ([#​7960](https://togithub.com/containerd/containerd/pull/7960)) - go.mod: Bump hcsshim to v0.10.0-rc.4 ([#​7810](https://togithub.com/containerd/containerd/pull/7810)) - Use specs Platform instead of generated API ([#​7958](https://togithub.com/containerd/containerd/pull/7958)) - Make OCI options cross-platform ([#​7928](https://togithub.com/containerd/containerd/pull/7928)) - update to go1.19.5, go1.18.10 ([#​7948](https://togithub.com/containerd/containerd/pull/7948)) - fuzzing: improve archive fuzzer ([#​7957](https://togithub.com/containerd/containerd/pull/7957)) - shim: enable debug logging for delete ([#​7943](https://togithub.com/containerd/containerd/pull/7943)) - cri: Fix TestUpdateOCILinuxResource for host w/o swap controller ([#​7946](https://togithub.com/containerd/containerd/pull/7946)) - ctr/run: flags --detach and --rm cannot be specified together ([#​7929](https://togithub.com/containerd/containerd/pull/7929)) - Fix Flaky Windows CRI Integration test on TestContainerConsumedStats ([#​7935](https://togithub.com/containerd/containerd/pull/7935)) - Refactor snapshotters metastore transaction ([#​7917](https://togithub.com/containerd/containerd/pull/7917)) - mod: update github.com/pelletier/go-toml@v1.9.5 ([#​7932](https://togithub.com/containerd/containerd/pull/7932)) - archive: improve TestSourceDateEpoch ([#​7927](https://togithub.com/containerd/containerd/pull/7927)) - Add tracing plugin test ([#​7883](https://togithub.com/containerd/containerd/pull/7883)) - docs/content-flow: update the description of the content labels ([#​7925](https://togithub.com/containerd/containerd/pull/7925)) - Add cleanup package for context management during cleanup ([#​7861](https://togithub.com/containerd/containerd/pull/7861)) - Fix race between stream registration and use ([#​7886](https://togithub.com/containerd/containerd/pull/7886)) - Prepare release notes for v1.7.0-beta.2 ([#​7903](https://togithub.com/containerd/containerd/pull/7903)) - Cirrus CI (Fedora 37, Rocky 8): enable cri-integration ([#​7892](https://togithub.com/containerd/containerd/pull/7892)) - contrib/Dockerfile.test: add "integration", "cri-integration", "critest" stages ([#​7891](https://togithub.com/containerd/containerd/pull/7891)) - docs: fix a typo in tracing documentation ([#​7914](https://togithub.com/containerd/containerd/pull/7914)) - CI: Pass GITHUB_TOKEN to containerd/project-checks ([#​7913](https://togithub.com/containerd/containerd/pull/7913)) - Enable dupword linter ([#​7911](https://togithub.com/containerd/containerd/pull/7911)) - ctr: Add platform flag to 'oci spec' command ([#​7905](https://togithub.com/containerd/containerd/pull/7905)) - Vagrantfile: fix disk resize error with VirtualBox ([#​7907](https://togithub.com/containerd/containerd/pull/7907)) - Vagrantfile: fix comments about SELinux ([#​7908](https://togithub.com/containerd/containerd/pull/7908)) - Use the const labels.LabelUncompressed ([#​7906](https://togithub.com/containerd/containerd/pull/7906)) - \[sandbox] Add sandbox store plugin type ([#​7850](https://togithub.com/containerd/containerd/pull/7850)) - Fix TestUpdateContainerResources_Memory\* on cgroup v2 hosts ([#​7893](https://togithub.com/containerd/containerd/pull/7893)) - CRI: Comment cleanup/misc fixes ([#​7904](https://togithub.com/containerd/containerd/pull/7904)) - Move snapshot event publishing into metadata store ([#​5674](https://togithub.com/containerd/containerd/pull/5674)) - Vagrantfile: install-rootless-podman: remove `setenforce 0` ([#​7887](https://togithub.com/containerd/containerd/pull/7887)) - reused package errdefs for error ([#​7894](https://togithub.com/containerd/containerd/pull/7894)) - integration/images: switch away from Docker Hub to avoid rate limit ([#​7888](https://togithub.com/containerd/containerd/pull/7888)) - Validate userns container config is consistent with sandbox userns config ([#​7882](https://togithub.com/containerd/containerd/pull/7882)) - `ctr contents ls` sorts the labels of the content ([#​7881](https://togithub.com/containerd/containerd/pull/7881)) - chore: use `go fix` to cleanup old +build buildtag ([#​7879](https://togithub.com/containerd/containerd/pull/7879)) - cri: Shadow variables to avoid t.Parallel() issues ([#​7880](https://togithub.com/containerd/containerd/pull/7880)) - Add support for user namespaces in stateless pods (KEP-127) ([#​7679](https://togithub.com/containerd/containerd/pull/7679)) - Refactor metastore transaction ([#​7529](https://togithub.com/containerd/containerd/pull/7529)) - oci: appendOSMounts(): remove unused error, and move ([#​7874](https://togithub.com/containerd/containerd/pull/7874)) - add kube v1.26: remove v1alph2 cri support ([#​7863](https://togithub.com/containerd/containerd/pull/7863)) - make runc 1.1 for oss_fuzz_build.sh ([#​7875](https://togithub.com/containerd/containerd/pull/7875)) - CRI sbserver: Prevent server reuse after Shutdown ([#​7872](https://togithub.com/containerd/containerd/pull/7872)) - Fix incorrect defer usage and refactor judgement ([#​7521](https://togithub.com/containerd/containerd/pull/7521)) - oci: Add WithDomainname ([#​7869](https://togithub.com/containerd/containerd/pull/7869)) - Reused errdefs define error ([#​7871](https://togithub.com/containerd/containerd/pull/7871)) - fix `ctr tasks kill` does not remove cni network under windows ([#​7866](https://togithub.com/containerd/containerd/pull/7866)) - add network plugin metrics ([#​7858](https://togithub.com/containerd/containerd/pull/7858)) - Avoid using canceled context in unpacker cleanup ([#​7859](https://togithub.com/containerd/containerd/pull/7859)) - image/label: print more characters of label keys ([#​7618](https://togithub.com/containerd/containerd/pull/7618)) - prevent Server reuse after a Shutdown ([#​7165](https://togithub.com/containerd/containerd/pull/7165)) - Check containerd's readiness before calling critest ([#​7851](https://togithub.com/containerd/containerd/pull/7851)) - Fix grammatical errors in Readme ([#​7837](https://togithub.com/containerd/containerd/pull/7837)) - Fix cpu architecture detection issue on linux/arm ([#​7636](https://togithub.com/containerd/containerd/pull/7636)) - CRI: Fix no CNI info for pod sandbox on restart ([#​7845](https://togithub.com/containerd/containerd/pull/7845)) - Enable checkRename test ([#​7081](https://togithub.com/containerd/containerd/pull/7081)) - metastore: Add WithTransaction convenience method ([#​7781](https://togithub.com/containerd/containerd/pull/7781)) - Prevent a race condition in testHook ([#​7831](https://togithub.com/containerd/containerd/pull/7831)) - cri: fix `memory.memsw.limit_in_bytes: no such file or directory` ([#​7836](https://togithub.com/containerd/containerd/pull/7836)) - go.mod: update fuzz-headers and fuzz-build ([#​7824](https://togithub.com/containerd/containerd/pull/7824)) - Remove github.com/gogo/protobuf again ([#​7825](https://togithub.com/containerd/containerd/pull/7825)) - CRI: Add host networking helper ([#​7814](https://togithub.com/containerd/containerd/pull/7814)) - Support sandbox shutdown in shim runtimes ([#​7792](https://togithub.com/containerd/containerd/pull/7792)) - move up to CRI-TOOLS v1.26.0 ([#​7818](https://togithub.com/containerd/containerd/pull/7818)) - Minor fix when querying pod sandbox status ([#​7812](https://togithub.com/containerd/containerd/pull/7812)) - nil check to avoid panic on upgrade ([#​7809](https://togithub.com/containerd/containerd/pull/7809)) - Bump grpc to v1.51.0 ([#​7709](https://togithub.com/containerd/containerd/pull/7709)) - fatal error: concurrent map iteration and map write ([#​7805](https://togithub.com/containerd/containerd/pull/7805)) - Bump golangci-lint to v1.50.1 ([#​7804](https://togithub.com/containerd/containerd/pull/7804)) - cri: make swapping disabled with memory limit ([#​7783](https://togithub.com/containerd/containerd/pull/7783)) - add metrics for image pulling: error; in progress count; thoughput ([#​7313](https://togithub.com/containerd/containerd/pull/7313)) - Prepare release notes for v1.7.0-beta.1 ([#​7793](https://togithub.com/containerd/containerd/pull/7793)) - support fetching containerd from non public GCS buckets ([#​7771](https://togithub.com/containerd/containerd/pull/7771)) - images: support specifying SourceDateEpoch via ctx ([#​7651](https://togithub.com/containerd/containerd/pull/7651)) - fuzzing: improve archive fuzzer ([#​7718](https://togithub.com/containerd/containerd/pull/7718)) - fix sdNotify func when debug level ([#​7798](https://togithub.com/containerd/containerd/pull/7798)) - Upgrade GitHub actions packages in release workflow ([#​7794](https://togithub.com/containerd/containerd/pull/7794)) - Enable GitHub Actions local Linux CI runs ([#​7796](https://togithub.com/containerd/containerd/pull/7796)) - integration: increase timeout in container_event_test.go ([#​7791](https://togithub.com/containerd/containerd/pull/7791)) - digest: use github.com/minio/sha256-simd ([#​7732](https://togithub.com/containerd/containerd/pull/7732)) - allow client to remove created tasks with PID 0 ([#​7787](https://togithub.com/containerd/containerd/pull/7787)) - Add container event support to containerd ([#​7073](https://togithub.com/containerd/containerd/pull/7073)) - docs: Authorizer.Authorize could return ErrUnexpectedStatus ([#​7786](https://togithub.com/containerd/containerd/pull/7786)) - fix: check for tmpfs when evaluating if userxattr is needed ([#​7772](https://togithub.com/containerd/containerd/pull/7772)) - Pass TOML configuration options for runtimes CRI is not aware of ([#​7764](https://togithub.com/containerd/containerd/pull/7764)) - Cleanup build constraints ([#​7776](https://togithub.com/containerd/containerd/pull/7776)) - There is no way to disable debug endpoint on Darwin ([#​7775](https://togithub.com/containerd/containerd/pull/7775)) - CI: Vagrant: pin rockylinux/8 to v5.0.0 ([#​7777](https://togithub.com/containerd/containerd/pull/7777)) - vendor: golang.org/x/net v0.4.0 ([#​7774](https://togithub.com/containerd/containerd/pull/7774)) - Fix context when waiting sandbox ([#​7773](https://togithub.com/containerd/containerd/pull/7773)) - Github Security Advisory [GHSA-2qjp-425j-52j9](https://togithub.com/containerd/containerd/security/advisories/GHSA-2qjp-425j-52j9) - update to go1.19.4, go1.18.9 ([#​7765](https://togithub.com/containerd/containerd/pull/7765)) - Change PushContent to require only Provider ([#​7763](https://togithub.com/containerd/containerd/pull/7763)) - sbserver bug fixing ([#​7768](https://togithub.com/containerd/containerd/pull/7768)) - Add unit test to Opentelemetry tracing ([#​7671](https://togithub.com/containerd/containerd/pull/7671)) - remove some (aliases for) deprecated functions ([#​7525](https://togithub.com/containerd/containerd/pull/7525)) - Refactor ctr restore to allow for tty allocation ([#​7673](https://togithub.com/containerd/containerd/pull/7673)) - fix panic when containerd-stress density --count 0 ([#​7748](https://togithub.com/containerd/containerd/pull/7748)) - Unwrap proto errors in streaming client ([#​7753](https://togithub.com/containerd/containerd/pull/7753)) - Fix process_vm_\* syscall names in seccomp ([#​7755](https://togithub.com/containerd/containerd/pull/7755)) - upgrade the ops.md output for current 1.7 version . ([#​7747](https://togithub.com/containerd/containerd/pull/7747)) - docs: Add extra security instructions ([#​7743](https://togithub.com/containerd/containerd/pull/7743)) - go.mod: re-vendor NRI from the official repo. ([#​7744](https://togithub.com/containerd/containerd/pull/7744)) - \[Sandbox API] CRI status cleanup ([#​7731](https://togithub.com/containerd/containerd/pull/7731)) - Transfer service ([#​7320](https://togithub.com/containerd/containerd/pull/7320)) - NRI: add support for NRI with extended scope. ([#​6019](https://togithub.com/containerd/containerd/pull/6019)) - archive: set WithModTimeUpperBound when WithSourceDateEpoch is set ([#​7710](https://togithub.com/containerd/containerd/pull/7710)) - Fix order of operations when setting lease labels ([#​7702](https://togithub.com/containerd/containerd/pull/7702)) - Add ctr image prune command ([#​7730](https://togithub.com/containerd/containerd/pull/7730)) - Check for nullptr before dereferencing ([#​7708](https://togithub.com/containerd/containerd/pull/7708)) - use MaxConcurrentDownloads instead of MaxConcurrentUploadedLayers ([#​7736](https://togithub.com/containerd/containerd/pull/7736)) - introspection: expose the daemon's PID and PIDNS ([#​7694](https://togithub.com/containerd/containerd/pull/7694)) - reference/docker: synchronize fork with upstream distribution/distribution ([#​7635](https://togithub.com/containerd/containerd/pull/7635)) - go.

renovate[bot] commented 1 year ago

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

The artifact failure details are included below:

File name: go.sum
Command failed: docker run --rm --name=renovate_sidecar --label=renovate_child -v "/mnt/renovate/gh/giantswarm/azure-operator":"/mnt/renovate/gh/giantswarm/azure-operator" -v "/tmp/renovate-cache":"/tmp/renovate-cache" -v "/tmp/containerbase":"/tmp/containerbase" -e GOPATH -e GOPROXY -e GOFLAGS -e CGO_ENABLED -e GIT_CONFIG_KEY_0 -e GIT_CONFIG_VALUE_0 -e GIT_CONFIG_KEY_1 -e GIT_CONFIG_VALUE_1 -e GIT_CONFIG_KEY_2 -e GIT_CONFIG_VALUE_2 -e GIT_CONFIG_COUNT -e BUILDPACK_CACHE_DIR -e CONTAINERBASE_CACHE_DIR -w "/mnt/renovate/gh/giantswarm/azure-operator" ghcr.io/containerbase/sidecar bash -l -c "install-tool golang 1.20.4 && go get -d -t ./... && go mod tidy && go mod tidy"
go: downloading github.com/spf13/viper v1.15.0
go: downloading github.com/Azure/go-autorest/autorest v0.11.29
go: downloading github.com/Azure/go-autorest/autorest/azure/auth v0.5.12
go: downloading github.com/giantswarm/apiextensions/v6 v6.0.0
go: downloading github.com/giantswarm/k8smetadata v0.9.3
go: downloading k8s.io/api v0.26.2
go: downloading k8s.io/apimachinery v0.26.2
go: downloading github.com/google/go-cmp v0.5.9
go: downloading github.com/prometheus/client_golang v1.15.1
go: downloading github.com/giantswarm/operatorkit/v7 v7.0.1
go: downloading sigs.k8s.io/cluster-api-provider-azure v1.0.2
go: downloading golang.org/x/sync v0.2.0
go: downloading k8s.io/client-go v0.26.2
go: downloading github.com/coreos/go-semver v0.3.1
go: downloading k8s.io/apiextensions-apiserver v0.22.2
go: downloading github.com/spf13/cobra v1.6.1
go: downloading github.com/go-kit/log v0.2.1
go: downloading github.com/fsnotify/fsnotify v1.6.0
go: downloading github.com/spf13/afero v1.9.3
go: downloading github.com/Azure/go-autorest/autorest/adal v0.9.22
go: downloading github.com/evanphx/json-patch v4.12.0+incompatible
go: downloading github.com/cespare/xxhash/v2 v2.2.0
go: downloading github.com/prometheus/client_model v0.3.0
go: downloading github.com/prometheus/common v0.42.0
go: downloading github.com/prometheus/procfs v0.9.0
go: downloading golang.org/x/sys v0.7.0
go: downloading google.golang.org/protobuf v1.30.0
go: downloading sigs.k8s.io/structured-merge-diff/v4 v4.2.3
go: downloading golang.org/x/crypto v0.8.0
go: downloading k8s.io/utils v0.0.0-20230220204549-a5ecb0141aa5
go: downloading github.com/onsi/gomega v1.24.2
go: downloading github.com/gobuffalo/flect v0.2.3
go: downloading golang.org/x/net v0.9.0
go: downloading github.com/inconshreveable/mousetrap v1.1.0
go: downloading golang.org/x/text v0.9.0
go: downloading github.com/subosito/gotenv v1.4.2
go: downloading gopkg.in/ini.v1 v1.67.0
go: downloading github.com/magiconair/properties v1.8.7
go: downloading github.com/golang-jwt/jwt/v4 v4.5.0
go: downloading sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2
go: downloading golang.org/x/time v0.3.0
go: downloading github.com/golang/protobuf v1.5.3
go: downloading github.com/matttproud/golang_protobuf_extensions v1.0.4
go: downloading k8s.io/component-base v0.26.2
go: downloading github.com/cenkalti/backoff/v4 v4.2.0
go: downloading golang.org/x/term v0.7.0
go: downloading golang.org/x/oauth2 v0.6.0
go: downloading github.com/google/gnostic v0.5.7-v3refs
go: downloading go.opentelemetry.io/otel v1.14.0
go: downloading go.opentelemetry.io/otel/trace v1.14.0
go: downloading k8s.io/apiserver v0.26.2
go: downloading github.com/blang/semver/v4 v4.0.0
go: github.com/nats-io/jwt/v2@v2.4.1 used for two different module paths (github.com/nats-io/jwt and github.com/nats-io/jwt/v2)