Skip to content

Commit

Permalink
Merge pull request #3422 from Shubhranshu153/prepare-1.7.x
Browse files Browse the repository at this point in the history
Prepare 1.7.x
AkihiroSuda authored Sep 10, 2024

Verified

This commit was signed with the committer’s verified signature. The key has expired.
jeff-mccoy Megamind
2 parents 845e989 + a803e60 commit 5882c72
Showing 89 changed files with 1,290 additions and 244 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/ghcr-image-build-and-publish.yml
Original file line number Diff line number Diff line change
@@ -23,7 +23,7 @@ env:
jobs:
build:

runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
contents: read
packages: write
4 changes: 2 additions & 2 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -9,13 +9,13 @@ env:
GO111MODULE: on
jobs:
release:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
timeout-minutes: 40
steps:
- uses: actions/[email protected]
- uses: actions/setup-go@v5
with:
go-version: 1.21.x
go-version: 1.23.x
- name: "Compile binaries"
run: make artifacts
- name: "SHA256SUMS"
114 changes: 79 additions & 35 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
@@ -8,12 +8,12 @@ on:
pull_request:

env:
GO_VERSION: 1.21.x
GO_VERSION: 1.23.x

jobs:
project:
name: Project Checks
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
timeout-minutes: 20
steps:
- uses: actions/[email protected]
@@ -34,7 +34,7 @@ jobs:
working-directory: src/github.com/containerd/nerdctl

lint:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
timeout-minutes: 20
steps:
- uses: actions/[email protected]
@@ -46,15 +46,15 @@ jobs:
check-latest: true
cache: true
- name: golangci-lint
uses: golangci/golangci-lint-action@v3.7.0
uses: golangci/golangci-lint-action@v6.1.0
with:
version: v1.55.2
version: v1.60.1
args: --verbose
- name: yamllint-lint
run: yamllint .

test-unit:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
timeout-minutes: 20
steps:
- uses: actions/[email protected]
@@ -74,16 +74,20 @@ jobs:
strategy:
fail-fast: false
matrix:
# ubuntu-20.04: cgroup v1, ubuntu-22.04: cgroup v2
# ubuntu-20.04: cgroup v1, ubuntu-22.04 and later: cgroup v2
include:
- ubuntu: 20.04
containerd: v1.6.31
- ubuntu: 20.04
containerd: v1.7.16
containerd: v1.7.22
- ubuntu: 22.04
containerd: v1.7.16
containerd: v1.7.22
- ubuntu: 22.04
containerd: main
- ubuntu: 24.04
containerd: v1.7.22
- ubuntu: 24.04
containerd: main
env:
UBUNTU_VERSION: "${{ matrix.ubuntu }}"
CONTAINERD_VERSION: "${{ matrix.containerd }}"
@@ -110,10 +114,10 @@ jobs:
strategy:
fail-fast: false
matrix:
# ubuntu-20.04: cgroup v1, ubuntu-22.04: cgroup v2
# ubuntu-20.04: cgroup v1, ubuntu-22.04 and later: cgroup v2
include:
- ubuntu: 22.04
containerd: v1.7.16
- ubuntu: 24.04
containerd: v1.7.22
env:
UBUNTU_VERSION: "${{ matrix.ubuntu }}"
CONTAINERD_VERSION: "${{ matrix.containerd }}"
@@ -154,47 +158,78 @@ jobs:
strategy:
fail-fast: false
matrix:
# ubuntu-22.04: cgroup v1, ubuntu-22.04: cgroup v2
# ubuntu-20.04: cgroup v1, ubuntu-22.04 and later: cgroup v2
include:
- ubuntu: 20.04
containerd: v1.6.31
rootlesskit: v1.1.1
target: test-integration-rootless
- ubuntu: 20.04
containerd: v1.7.16
rootlesskit: v2.0.2
containerd: v1.7.22
rootlesskit: v2.3.1
target: test-integration-rootless
- ubuntu: 22.04
containerd: v1.7.16
containerd: v1.7.22
rootlesskit: v1.1.1
target: test-integration-rootless
- ubuntu: 22.04
containerd: main
rootlesskit: v2.0.2
containerd: main # v2.0.0-rc.X
rootlesskit: v2.3.1
target: test-integration-rootless
- ubuntu: 24.04
containerd: v1.7.22
rootlesskit: v1.1.1
target: test-integration-rootless
- ubuntu: 24.04
containerd: main # v2.0.0-rc.X
rootlesskit: v2.3.1
target: test-integration-rootless
- ubuntu: 20.04
containerd: v1.6.31
rootlesskit: v1.1.1
target: test-integration-rootless-port-slirp4netns
- ubuntu: 20.04
containerd: v1.7.16
rootlesskit: v2.0.2
containerd: v1.7.22
rootlesskit: v2.3.1
target: test-integration-rootless-port-slirp4netns
- ubuntu: 22.04
containerd: v1.7.16
containerd: v1.7.22
rootlesskit: v1.1.1
target: test-integration-rootless-port-slirp4netns
- ubuntu: 22.04
containerd: main
rootlesskit: v2.0.2
containerd: main # v2.0.0-rc.X
rootlesskit: v2.3.1
target: test-integration-rootless-port-slirp4netns
- ubuntu: 24.04
containerd: v1.7.22
rootlesskit: v1.1.1
target: test-integration-rootless-port-slirp4netns
- ubuntu: 24.04
containerd: main # v2.0.0-rc.X
rootlesskit: v2.3.1
target: test-integration-rootless-port-slirp4netns
env:
UBUNTU_VERSION: "${{ matrix.ubuntu }}"
CONTAINERD_VERSION: "${{ matrix.containerd }}"
ROOTLESSKIT_VERSION: "${{ matrix.rootlesskit }}"
TEST_TARGET: "${{ matrix.target }}"
steps:
- uses: actions/[email protected]
- name: "Set up AppArmor"
if: matrix.ubuntu == '24.04'
run: |
cat <<EOT | sudo tee "/etc/apparmor.d/usr.local.bin.rootlesskit"
abi <abi/4.0>,
include <tunables/global>
/usr/local/bin/rootlesskit flags=(unconfined) {
userns,
# Site-specific additions and overrides. See local/README for details.
include if exists <local/usr.local.bin.rootlesskit>
}
EOT
sudo systemctl restart apparmor.service
- uses: actions/[email protected]
with:
fetch-depth: 1
- name: "Register QEMU (tonistiigi/binfmt)"
@@ -205,11 +240,11 @@ jobs:
run: docker run -t --rm --privileged -e WORKAROUND_ISSUE_622=1 ${TEST_TARGET}

cross:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
timeout-minutes: 40
strategy:
matrix:
go-version: ["1.21.x", "1.22.x"]
go-version: ["1.22.x", "1.23.x"]
steps:
- uses: actions/[email protected]
with:
@@ -223,8 +258,8 @@ jobs:
run: GO_VERSION="$(echo ${{ matrix.go-version }} | sed -e s/.x//)" make artifacts

test-integration-docker-compatibility:
runs-on: ubuntu-22.04
timeout-minutes: 30
runs-on: ubuntu-22.04 # TODO: ubuntu-24.04
timeout-minutes: 45
steps:
- uses: actions/[email protected]
with:
@@ -234,15 +269,25 @@ jobs:
go-version: ${{ env.GO_VERSION }}
cache: true
check-latest: true
- name: "Enable BuildKit"
- name: "Install Docker v24"
run: |
set -eux -o pipefail
# Uninstall the preinstalled Docker
sudo apt-get remove docker-* containerd.io
# Enable BuildKit explicitly
sudo apt-get install -y moreutils
cat /etc/docker/daemon.json
jq '.features.buildkit = true' </etc/docker/daemon.json | sudo sponge /etc/docker/daemon.json
cat /etc/docker/daemon.json
sudo systemctl restart docker
# Download Docker packages
curl -OSL https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/containerd.io_1.6.33-1_amd64.deb
curl -OSL https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/docker-ce_24.0.9-1~ubuntu.22.04~jammy_amd64.deb
curl -OSL https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/docker-ce-cli_24.0.9-1~ubuntu.22.04~jammy_amd64.deb
curl -OSL https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/docker-buildx-plugin_0.13.1-1~ubuntu.22.04~jammy_amd64.deb
curl -OSL https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/docker-compose-plugin_2.25.0-1~ubuntu.22.04~jammy_amd64.deb
# Install Docker
sudo apt-get install -y ./*.deb
rm -f ./*.deb
# Print docker info
docker info
docker version
@@ -276,25 +321,24 @@ jobs:
- uses: actions/[email protected]
with:
repository: containerd/containerd
ref: v1.7.16
ref: v1.7.22
path: containerd
fetch-depth: 1
- name: "Set up CNI"
working-directory: containerd
run: GOPATH=$(go env GOPATH) script/setup/install-cni-windows
- name: "Set up containerd"
env:
ctrdVersion: 1.7.16
ctrdVersion: 1.7.22
run: powershell hack/configure-windows-ci.ps1
# TODO: Run unit tests
- name: "Run integration tests"
run: go test -v ./cmd/...

test-integration-freebsd:
name: FreeBSD
# "Larger" runner is needed for nested virtualization
# https://github.com/organizations/containerd/settings/actions/runners
runs-on: ubuntu-latest-4-cores
# ubuntu-24.04 lacks the vagrant package
runs-on: ubuntu-22.04
timeout-minutes: 20

steps:
36 changes: 18 additions & 18 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -18,43 +18,43 @@
# TODO: verify commit hash

# Basic deps
ARG CONTAINERD_VERSION=v1.7.16
ARG RUNC_VERSION=v1.1.12
ARG CNI_PLUGINS_VERSION=v1.4.1
ARG CONTAINERD_VERSION=v1.7.22
ARG RUNC_VERSION=v1.1.14
ARG CNI_PLUGINS_VERSION=v1.5.1

# Extra deps: Build
ARG BUILDKIT_VERSION=v0.12.5
ARG BUILDKIT_VERSION=v0.15.2
# Extra deps: Lazy-pulling
ARG STARGZ_SNAPSHOTTER_VERSION=v0.15.1
# Extra deps: Encryption
ARG IMGCRYPT_VERSION=v1.1.10
ARG IMGCRYPT_VERSION=v1.1.11
# Extra deps: Rootless
ARG ROOTLESSKIT_VERSION=v2.0.2
ARG SLIRP4NETNS_VERSION=v1.2.3
ARG ROOTLESSKIT_VERSION=v2.3.1
ARG SLIRP4NETNS_VERSION=v1.3.1
# Extra deps: bypass4netns
ARG BYPASS4NETNS_VERSION=v0.4.0
ARG BYPASS4NETNS_VERSION=v0.4.1
# Extra deps: FUSE-OverlayFS
ARG FUSE_OVERLAYFS_VERSION=v1.13
ARG CONTAINERD_FUSE_OVERLAYFS_VERSION=v1.0.8
# Extra deps: IPFS
ARG KUBO_VERSION=v0.27.0
ARG KUBO_VERSION=v0.29.0
# Extra deps: Init
ARG TINI_VERSION=v0.19.0
# Extra deps: Debug
ARG BUILDG_VERSION=v0.4.1

# Test deps
ARG GO_VERSION=1.21
ARG UBUNTU_VERSION=22.04
ARG GO_VERSION=1.23
ARG UBUNTU_VERSION=24.04
ARG CONTAINERIZED_SYSTEMD_VERSION=v0.1.1
ARG GOTESTSUM_VERSION=v1.11.0
ARG NYDUS_VERSION=v2.2.4
ARG SOCI_SNAPSHOTTER_VERSION=0.4.0
ARG GOTESTSUM_VERSION=v1.12.0
ARG NYDUS_VERSION=v2.2.5
ARG SOCI_SNAPSHOTTER_VERSION=0.7.0

FROM --platform=$BUILDPLATFORM tonistiigi/xx:1.3.0 AS xx
FROM --platform=$BUILDPLATFORM tonistiigi/xx:1.5.0 AS xx


FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-bullseye AS build-base-debian
FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-bookworm AS build-base-debian
COPY --from=xx / /
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && \
@@ -63,7 +63,7 @@ ARG TARGETARCH
# libbtrfs: for containerd
# libseccomp: for runc and bypass4netns
RUN xx-apt-get update && \
xx-apt-get install -y binutils gcc libc6-dev libbtrfs-dev libseccomp-dev
xx-apt-get install -y binutils gcc libc6-dev libbtrfs-dev libseccomp-dev pkg-config

FROM build-base-debian AS build-containerd
ARG TARGETARCH
@@ -323,7 +323,7 @@ RUN apt-get update && \
apt-get install -qq -y \
uidmap \
openssh-server openssh-client
# TODO: update containerized-systemd to enable sshd by default, or allow `systemctl wants <TARGET> sshd` here
# TODO: update containerized-systemd to enable sshd by default, or allow `systemctl wants <TARGET> ssh` here
RUN ssh-keygen -q -t rsa -f /root/.ssh/id_rsa -N '' && \
useradd -m -s /bin/bash rootless && \
mkdir -p -m 0700 /home/rootless/.ssh && \
2 changes: 2 additions & 0 deletions Dockerfile.d/SHA256SUMS.d/buildkit-v0.15.2
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
59279df5853bef19a03ec15c5c31b772e59d91d079ab0221e1bafa023cf41c35 buildkit-v0.15.2.linux-amd64.tar.gz
15329adaa5e5b2bea0580f3e5e33765f84504075710bb791e362c3b160ca7e61 buildkit-v0.15.2.linux-arm64.tar.gz
2 changes: 2 additions & 0 deletions Dockerfile.d/SHA256SUMS.d/cni-plugins-v1.5.1
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
77baa2f669980a82255ffa2f2717de823992480271ee778aa51a9c60ae89ff9b cni-plugins-linux-amd64-v1.5.1.tgz
c2a292714d0fad98a3491ae43df8ad58354b3c0bdf5d5a3e281777967c70fcff cni-plugins-linux-arm64-v1.5.1.tgz
6 changes: 6 additions & 0 deletions Dockerfile.d/SHA256SUMS.d/rootlesskit-v2.3.1
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
57bc67f71b8043961417325be13528d4f1e8ec90876cd34c38064431f457070f rootlesskit-aarch64.tar.gz
5154542509736957738478e3624b53865a875c396f978db5adea513d7507dee6 rootlesskit-armv7l.tar.gz
983642556dd3dcbe2c9b764d577882016ad1ca960815ffa13ca76d7da518504f rootlesskit-ppc64le.tar.gz
83c40bb8938828eb15837a4900ba825a1f52227631195c22df85f2e8f7f73546 rootlesskit-riscv64.tar.gz
dd6c8bc7e1c9b5d8c775efcf40854ef1d25205060294f0654a77d996a7f4e172 rootlesskit-s390x.tar.gz
caafdce18e0959f078b4b478d4f352ebf3d556e373265fc7831f1a6d70219ee0 rootlesskit-x86_64.tar.gz
6 changes: 6 additions & 0 deletions Dockerfile.d/SHA256SUMS.d/slirp4netns-v1.3.1
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
2dd9aac6c2e3203e53cb7b6e4b9fc7123e4e4a9716c8bb1d95951853059a6af5 slirp4netns-aarch64
ed618c0f2c74014bb736e9e427e18c8791ad9d68311872a41b06fac0d7cb9ef2 slirp4netns-armv7l
a10f70209cee0dd0532fea0e8b6bfde5d16dec5206fd4b3387d861721456de66 slirp4netns-ppc64le
38209015c2f3f4619d9fc46610852887910f33c7a0b96f7d2aa835a7bbc73f31 slirp4netns-riscv64
9f42718455b1f9cf4b6f0efee314b78e860b8c36dbbb6290f09c8fbedda9ff8a slirp4netns-s390x
4bc5d6c311f9fa7ae00ce54aefe10c2afaf0800fe9e99f32616a964ed804a9e1 slirp4netns-x86_64
4 changes: 2 additions & 2 deletions Dockerfile.d/test-integration-rootless.sh
Original file line number Diff line number Diff line change
@@ -27,7 +27,7 @@ if [[ "$(id -u)" = "0" ]]; then
fi

# Switch to the rootless user via SSH
systemctl start sshd
systemctl start ssh
exec ssh -o StrictHostKeyChecking=no rootless@localhost "$0" "$@"
else
containerd-rootless-setuptool.sh install
@@ -48,7 +48,7 @@ else
[proxy_plugins]
[proxy_plugins."stargz"]
type = "snapshot"
address = "/run/user/1000/containerd-stargz-grpc/containerd-stargz-grpc.sock"
address = "/run/user/$(id -u)/containerd-stargz-grpc/containerd-stargz-grpc.sock"
EOF
systemctl --user restart containerd.service
containerd-rootless-setuptool.sh -- install-ipfs --init --offline # offline ipfs daemon for testing
Loading

0 comments on commit 5882c72

Please sign in to comment.