Open
Conversation
This PR adds opt-in tracing spans/attributes in CRI image pull and selected sandbox-related paths to improve debugging and correlation (e.g., sandbox.id/pod metadata). If maintainers prefer a smaller diff, I’m happy to split this into a pull-only PR plus follow-ups. • follow-up after pull-only PR • focuses on task/metadata/sandbox/cni setup spans Signed-off-by: Cindy Li <cindyli@pinterest.com>
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Tracing: add spans in task/metadata and sandbox paths
Add erofs idmap support
Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
Signed-off-by: ningmingxiao <ning.mingxiao@zte.com.cn>
Migrate from protobuild to buf
Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
This line was missed in the PR to switch to `buf` Signed-off-by: Phil Estes <estesp@amazon.com>
cri,nri: pass linux sysctl to plugins.
cri,nri: pass injected CDI devices to plugins.
Remove protoc dependency from BUILDING.md
Pass more complete container status information to NRI, including exit code, and timestamps for container creation, start, and exit events. Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
…extra-status cri,nri: pass extended container status to NRI.
Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
…store container Signed-off-by: ningmingxiao <ning.mingxiao@zte.com.cn>
cri: fix checkpoint failed with short id
cri,nri: pass any POSIX rlimits to plugins.
Currently, fs-verity support detection fails on fresh containerd installations because the content store root directory (io.containerd.content.v1.content) doesn't exist yet. This directory is only created when pulling images, causing checker to always be false on new hosts. The IsSupported() function attempts to create a temporary directory within rootPath to test fs-verity support, but fails when rootPath doesn't exist, returning an error that is silently ignored. Fix this by ensuring the root directory exists before performing the fs-verity support check in NewLabeledStore(). Signed-off-by: ningmingxiao <ning.mingxiao@zte.com.cn>
Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
…licy cri,nri: pass seccomp policy to plugins.
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Bumps the golang-x group with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/sys](https://github.com/golang/sys). Updates `golang.org/x/mod` from 0.31.0 to 0.32.0 - [Commits](golang/mod@v0.31.0...v0.32.0) Updates `golang.org/x/sys` from 0.39.0 to 0.40.0 - [Commits](golang/sys@v0.39.0...v0.40.0) --- updated-dependencies: - dependency-name: golang.org/x/mod dependency-version: 0.32.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x - dependency-name: golang.org/x/sys dependency-version: 0.40.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.9 to 4.31.10. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@5d4e8d1...cdefb33) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.10 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: ningmingxiao <ning.mingxiao@zte.com.cn>
Update ttrpc to v1.2.8
move setting the config_path from default image config to plugin init. only set the default value when both mirrors and config_path are empty, in all other cases retain the existing behaviour Co-authored-by: Samuel Karp <samuelkarp@google.com> Signed-off-by: Akhil Mohan <akhilerm@gmail.com> Signed-off-by: Samuel Karp <samuelkarp@google.com>
fix migrated cri image config when using registry
Signed-off-by: Abel Feng <fshb1988@gmail.com>
streaming io: fix connection residual after stream closed
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.12.0 to 4.0.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@8d2750c...4d04d5d) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.7.0 to 4.0.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@c94ce9f...b45d80f) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.32.5 to 4.32.6. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c793b71...0d579ff) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps the golang-x group with 3 updates: [golang.org/x/sync](https://github.com/golang/sync), [golang.org/x/sys](https://github.com/golang/sys) and [golang.org/x/time](https://github.com/golang/time). Updates `golang.org/x/sync` from 0.19.0 to 0.20.0 - [Commits](golang/sync@v0.19.0...v0.20.0) Updates `golang.org/x/sys` from 0.41.0 to 0.42.0 - [Commits](golang/sys@v0.41.0...v0.42.0) Updates `golang.org/x/time` from 0.14.0 to 0.15.0 - [Commits](golang/time@v0.14.0...v0.15.0) --- updated-dependencies: - dependency-name: golang.org/x/sync dependency-version: 0.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x - dependency-name: golang.org/x/sys dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x - dependency-name: golang.org/x/time dependency-version: 0.15.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang-x ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps the k8s group with 4 updates in the / directory: [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery), [k8s.io/client-go](https://github.com/kubernetes/client-go), [k8s.io/cri-api](https://github.com/kubernetes/cri-api) and [k8s.io/klog/v2](https://github.com/kubernetes/klog). Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.2 - [Commits](kubernetes/apimachinery@v0.34.3...v0.35.2) Updates `k8s.io/client-go` from 0.34.3 to 0.35.2 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.34.3...v0.35.2) Updates `k8s.io/cri-api` from 0.34.3 to 0.35.2 - [Commits](kubernetes/cri-api@v0.34.3...v0.35.2) Updates `k8s.io/klog/v2` from 2.130.1 to 2.140.0 - [Release notes](https://github.com/kubernetes/klog/releases) - [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md) - [Commits](kubernetes/klog@v2.130.1...2.140.0) --- updated-dependencies: - dependency-name: k8s.io/apimachinery dependency-version: 0.35.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: k8s - dependency-name: k8s.io/client-go dependency-version: 0.35.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: k8s - dependency-name: k8s.io/cri-api dependency-version: 0.35.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: k8s - dependency-name: k8s.io/klog/v2 dependency-version: 2.140.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: k8s ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.79.1 to 1.79.2. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.79.1...v1.79.2) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-version: 1.79.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Samuel Karp <samuelkarp@google.com>
…ocker/setup-buildx-action-4.0.0 build(deps): bump docker/setup-buildx-action from 3.12.0 to 4.0.0
update to go1.25.8, test go1.26.1
The 'content fetch' command description has been unchanged since it was first added over 8 years ago. It described the feature as "experimental" with "few leaps to make this work", which no longer reflects reality. Update the help text to accurately describe what the command does: it pulls image content into the content store without unpacking, and can be used to pre-fetch images. Fixes #11754 Signed-off-by: Crawford Ma <crawfordxx@users.noreply.github.com>
docs: update outdated content fetch help text
deprecations: delay to 2.4 per Upgrade Path rules
…e.golang.org/grpc-1.79.2 build(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.2
…ocker/login-action-4.0.0 build(deps): bump docker/login-action from 3.7.0 to 4.0.0
…g-x-ae34bde3bc build(deps): bump the golang-x group with 3 updates
…ithub/codeql-action-4.32.6 build(deps): bump github/codeql-action from 4.32.5 to 4.32.6
…360508ae0 build(deps): bump the k8s group across 1 directory with 4 updates
…-to-groups fix(oci): apply absolute symlink resolution to /etc/group
Update plugin config migration to run on load
…razy-max/ghaction-github-runtime-4.0.0 build(deps): bump crazy-max/ghaction-github-runtime from 3.1.0 to 4.0.0
… block mode In block mode, host permissions are not relevant Signed-off-by: Derek McGowan <derek@mcg.dev>
core/remotes/docker: include "method" and "url" in logs, and sanitize URLs in logs/errors
Avoid ineffective chown on create snapshot when in erofs snapshotter
- The latest benchmark result is now added:
https://github.com/erofs/erofs-openbenchmark/actions/runs/23042376560
- Add some useful highlights of EROFS filesystem itself.
Signed-off-by: Gao Xiang <hsiangkao@linux.alibaba.com>
Update EROFS snapshotter documentation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )