[pull] main from containerd:main#307
Open
pull[bot] wants to merge 938 commits intofahedouch:mainfrom
Open
Conversation
….com/klauspost/compress-1.18.3 build(deps): bump github.com/klauspost/compress from 1.18.2 to 1.18.3
Signed-off-by: Joonsoo Won <wonjs0116@gmail.com>
Bumps [github.com/compose-spec/compose-go/v2](https://github.com/compose-spec/compose-go) from 2.10.0 to 2.10.1. - [Release notes](https://github.com/compose-spec/compose-go/releases) - [Commits](compose-spec/compose-go@v2.10.0...v2.10.1) --- updated-dependencies: - dependency-name: github.com/compose-spec/compose-go/v2 dependency-version: 2.10.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
….com/compose-spec/compose-go/v2-2.10.1 build(deps): bump github.com/compose-spec/compose-go/v2 from 2.10.0 to 2.10.1
Signed-off-by: Joonsoo Won <wonjs0116@gmail.com>
…stemd_linux_test.go test: refactor container_run_systemd_linux_test.go to use Tigron
…_linux_test.go test: refactor container_update_linux_test.go to use Tigron
Add support for BuildKit source policies via `nerdctl build --source-policy-file`. This enables reproducible and policy-driven builds (pin base images to digests, deny/allow sources, enforce HTTP checksums) without modifying Dockerfiles. The implementation: - Adds --source-policy-file flag that passes through to buildctl - Supports EXPERIMENTAL_BUILDKIT_SOURCE_POLICY env var for Docker Buildx compatibility - Flag takes precedence over env var when both are set This is a minimal passthrough to BuildKit - nerdctl does not validate the policy file; BuildKit handles all validation and error messages. See: https://github.com/moby/buildkit/blob/master/docs/build-repro.md Signed-off-by: Konstantin Vyatkin <tino@vtkn.io> Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Signed-off-by: David Son <davbson@amazon.com>
consolidate subtests into sequential commands to prevent runc exec conflicts. Signed-off-by: ChengyuZhu6 <hudson@cyzhu.com>
tests: fix race condition in TestRunWithSystemdTrueEnabled
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.1 to 6.0.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@8e8c483...de0fac2) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github.com/coreos/go-systemd/v22](https://github.com/coreos/go-systemd) from 22.6.0 to 22.7.0. - [Release notes](https://github.com/coreos/go-systemd/releases) - [Commits](coreos/go-systemd@v22.6.0...v22.7.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-systemd/v22 dependency-version: 22.7.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github.com/containerd/nydus-snapshotter](https://github.com/containerd/nydus-snapshotter) from 0.15.10 to 0.15.11. - [Release notes](https://github.com/containerd/nydus-snapshotter/releases) - [Commits](containerd/nydus-snapshotter@v0.15.10...v0.15.11) --- updated-dependencies: - dependency-name: github.com/containerd/nydus-snapshotter dependency-version: 0.15.11 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.6.0 to 3.7.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@5e57cd1...c94ce9f) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 3.7.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/cache](https://github.com/actions/cache) from 5.0.2 to 5.0.3. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@8b402f5...cdf6c1f) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 5.0.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](actions/attest-build-provenance@00014ed...96278af) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-version: 3.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…tions/checkout-6.0.2 build(deps): bump actions/checkout from 6.0.1 to 6.0.2
….com/containerd/nydus-snapshotter-0.15.11 build(deps): bump github.com/containerd/nydus-snapshotter from 0.15.10 to 0.15.11
….com/coreos/go-systemd/v22-22.7.0 build(deps): bump github.com/coreos/go-systemd/v22 from 22.6.0 to 22.7.0
…tions/cache-5.0.3 build(deps): bump actions/cache from 5.0.2 to 5.0.3
…cker/login-action-3.7.0 build(deps): bump docker/login-action from 3.6.0 to 3.7.0
…tions/attest-build-provenance-3.2.0 build(deps): bump actions/attest-build-provenance from 3.1.0 to 3.2.0
Signed-off-by: Hajime Ogi <robertcal900@gmail.com>
Signed-off-by: Hajime Ogi <robertcal900@gmail.com>
The docs already documented `--ipc=(host|private|shareable|container:<container>)`. - https://github.com/containerd/nerdctl/blob/main/docs/command-reference.md#whale-nerdctl-run However, the implementation only had `host` and `private` in help text and completion. This adds the missing options and smart completion for `container:<name>` Signed-off-by: Hayato Kiwata <dev@haytok.jp>
Signed-off-by: Joonsoo Won <wonjs0116@gmail.com>
Signed-off-by: Joonsoo Won <wonjs0116@gmail.com>
Signed-off-by: Joonsoo Won <wonjs0116@gmail.com>
…readable fix: support human-readable sizes for fluentd-buffer-limit log option
Bumps the docker group with 3 updates in the / directory: [github.com/docker/cli](https://github.com/docker/cli), [github.com/moby/moby/client](https://github.com/moby/moby) and [github.com/moby/moby/v2](https://github.com/moby/moby). Updates `github.com/docker/cli` from 29.4.0+incompatible to 29.4.1+incompatible - [Commits](docker/cli@v29.4.0...v29.4.1) Updates `github.com/moby/moby/client` from 0.4.0 to 0.4.1 - [Release notes](https://github.com/moby/moby/releases) - [Changelog](https://github.com/moby/moby/blob/v0.4.1/CHANGELOG.md) - [Commits](moby/moby@v0.4.0...v0.4.1) Updates `github.com/moby/moby/v2` from 2.0.0-beta.9 to 2.0.0-beta.11 - [Release notes](https://github.com/moby/moby/releases) - [Commits](moby/moby@v2.0.0-beta.9...v2.0.0-beta.11) --- updated-dependencies: - dependency-name: github.com/docker/cli dependency-version: 29.4.1+incompatible dependency-type: direct:production update-type: version-update:semver-patch dependency-group: docker - dependency-name: github.com/moby/moby/client dependency-version: 0.4.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: docker - dependency-name: github.com/moby/moby/v2 dependency-version: 2.0.0-beta.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: docker ... Signed-off-by: dependabot[bot] <support@github.com>
…-16da30efe8 build(deps): bump the docker group across 1 directory with 3 updates
…d-containers fix: wait for logger to finish before reading logs of stopped containers
fix: free reserved ports in rootful mode
rootlessutil: remove dead -r/ from nsenter args
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Split the `containerd-version` workflow input into `windows-containerd-version` and `linux-containerd-version` so the two platforms can be pinned independently. The accompanying SHA inputs follow the same split: `containerd-sha` becomes `linux-containerd-sha`, `containerd-service-sha` becomes `linux-containerd-service-sha`, and a new `windows-containerd-sha` is introduced. The Windows containerd provisioning script now verifies the tarball SHA256 (skipped under the canary sentinel, matching the linux behavior). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Workaround for containerd/containerd issue 13254 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Workaround for containerd/containerd issue 13254 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
feature: support selinux
CI: Windows: downgrade containerd to v2.2
update runc (1.4.2), BuildKit (0.29.0), stargz-snapshotter (0.18.2), etc.
Signed-off-by: ChengyuZhu6 <hudson@cyzhu.com>
MAINTAINERS: update ChengyuZhu6's gpg key
Bumps [github.com/containerd/continuity](https://github.com/containerd/continuity) from 0.4.5 to 0.5.0. - [Release notes](https://github.com/containerd/continuity/releases) - [Commits](containerd/continuity@v0.4.5...v0.5.0) --- updated-dependencies: - dependency-name: github.com/containerd/continuity dependency-version: 0.5.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: ChengyuZhu6 <hudson@cyzhu.com>
….com/containerd/continuity-0.5.0 build(deps): bump github.com/containerd/continuity from 0.4.5 to 0.5.0
Bumps [github.com/containerd/containerd/v2](https://github.com/containerd/containerd) from 2.3.0-beta.2 to 2.3.0. - [Release notes](https://github.com/containerd/containerd/releases) - [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md) - [Commits](containerd/containerd@v2.3.0-beta.2...v2.3.0) --- updated-dependencies: - dependency-name: github.com/containerd/containerd/v2 dependency-version: 2.3.0 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
hack: update release note
….com/containerd/containerd/v2-2.3.0 build(deps): bump github.com/containerd/containerd/v2 from 2.3.0-beta.2 to 2.3.0
…bel-formatting docs: fix missing list prefix for --security-opt label entry
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.1)
Can you help keep this open source service alive? 💖 Please sponsor : )