Skip to content

Commit

Permalink
Loading
Loading status checks…
Merge pull request #3422 from Shubhranshu153/prepare-1.7.x
Browse files Browse the repository at this point in the history 
Prepare 1.7.x
@AkihiroSuda
AkihiroSuda authored Sep 10, 2024

Verified

This commit was signed with the committer’s verified signature. The key has expired.
jeff-mccoy Megamind
GPG key ID: A4B2B580401428AE
Expired
Verified
Learn about vigilant mode
2 parents 845e989 + a803e60 commit 5882c72
Showing 89 changed files with 1,290 additions and 244 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/ghcr-image-build-and-publish.yml
View file
Original file line number Diff line number Diff line change
@@ -23,7 +23,7 @@ env:
jobs:
build:

runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
permissions:
contents: read
packages: write
4 changes: 2 additions & 2 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
@@ -9,13 +9,13 @@ env:
GO111MODULE: on
jobs:
release:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
timeout-minutes: 40
steps:
- uses: actions/[email protected]
- uses: actions/setup-go@v5
with:
go-version: 1.21.x
go-version: 1.23.x
- name: "Compile binaries"
run: make artifacts
- name: "SHA256SUMS"
114 changes: 79 additions & 35 deletions .github/workflows/test.yml
View file
Original file line number Diff line number Diff line change
@@ -8,12 +8,12 @@ on:
pull_request:

env:
GO_VERSION: 1.21.x
GO_VERSION: 1.23.x

jobs:
project:
name: Project Checks
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
timeout-minutes: 20
steps:
- uses: actions/[email protected]
@@ -34,7 +34,7 @@ jobs:
working-directory: src/github.com/containerd/nerdctl

lint:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
timeout-minutes: 20
steps:
- uses: actions/[email protected]
@@ -46,15 +46,15 @@ jobs:
check-latest: true
cache: true
- name: golangci-lint
uses: golangci/golangci-lint-action@v3.7.0
uses: golangci/golangci-lint-action@v6.1.0
with:
version: v1.55.2
version: v1.60.1
args: --verbose
- name: yamllint-lint
run: yamllint .

test-unit:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
timeout-minutes: 20
steps:
- uses: actions/[email protected]
@@ -74,16 +74,20 @@ jobs:
strategy:
fail-fast: false
matrix:
# ubuntu-20.04: cgroup v1, ubuntu-22.04: cgroup v2
# ubuntu-20.04: cgroup v1, ubuntu-22.04 and later: cgroup v2
include:
- ubuntu: 20.04
containerd: v1.6.31
- ubuntu: 20.04
containerd: v1.7.16
containerd: v1.7.22
- ubuntu: 22.04
containerd: v1.7.16
containerd: v1.7.22
- ubuntu: 22.04
containerd: main
- ubuntu: 24.04
containerd: v1.7.22
- ubuntu: 24.04
containerd: main
env:
UBUNTU_VERSION: "${{ matrix.ubuntu }}"
CONTAINERD_VERSION: "${{ matrix.containerd }}"
@@ -110,10 +114,10 @@ jobs:
strategy:
fail-fast: false
matrix:
# ubuntu-20.04: cgroup v1, ubuntu-22.04: cgroup v2
# ubuntu-20.04: cgroup v1, ubuntu-22.04 and later: cgroup v2
include:
- ubuntu: 22.04
containerd: v1.7.16
- ubuntu: 24.04
containerd: v1.7.22
env:
UBUNTU_VERSION: "${{ matrix.ubuntu }}"
CONTAINERD_VERSION: "${{ matrix.containerd }}"
@@ -154,47 +158,78 @@ jobs:
strategy:
fail-fast: false
matrix:
# ubuntu-22.04: cgroup v1, ubuntu-22.04: cgroup v2
# ubuntu-20.04: cgroup v1, ubuntu-22.04 and later: cgroup v2
include:
- ubuntu: 20.04
containerd: v1.6.31
rootlesskit: v1.1.1
target: test-integration-rootless
- ubuntu: 20.04
containerd: v1.7.16
rootlesskit: v2.0.2
containerd: v1.7.22
rootlesskit: v2.3.1
target: test-integration-rootless
- ubuntu: 22.04
containerd: v1.7.16
containerd: v1.7.22
rootlesskit: v1.1.1
target: test-integration-rootless
- ubuntu: 22.04
containerd: main
rootlesskit: v2.0.2
containerd: main # v2.0.0-rc.X
rootlesskit: v2.3.1
target: test-integration-rootless
- ubuntu: 24.04
containerd: v1.7.22
rootlesskit: v1.1.1
target: test-integration-rootless
- ubuntu: 24.04
containerd: main # v2.0.0-rc.X
rootlesskit: v2.3.1
target: test-integration-rootless
- ubuntu: 20.04
containerd: v1.6.31
rootlesskit: v1.1.1
target: test-integration-rootless-port-slirp4netns
- ubuntu: 20.04
containerd: v1.7.16
rootlesskit: v2.0.2
containerd: v1.7.22
rootlesskit: v2.3.1
target: test-integration-rootless-port-slirp4netns
- ubuntu: 22.04
containerd: v1.7.16
containerd: v1.7.22
rootlesskit: v1.1.1
target: test-integration-rootless-port-slirp4netns
- ubuntu: 22.04
containerd: main
rootlesskit: v2.0.2
containerd: main # v2.0.0-rc.X
rootlesskit: v2.3.1
target: test-integration-rootless-port-slirp4netns
- ubuntu: 24.04
containerd: v1.7.22
rootlesskit: v1.1.1
target: test-integration-rootless-port-slirp4netns
- ubuntu: 24.04
containerd: main # v2.0.0-rc.X
rootlesskit: v2.3.1
target: test-integration-rootless-port-slirp4netns
env:
UBUNTU_VERSION: "${{ matrix.ubuntu }}"
CONTAINERD_VERSION: "${{ matrix.containerd }}"
ROOTLESSKIT_VERSION: "${{ matrix.rootlesskit }}"
TEST_TARGET: "${{ matrix.target }}"
steps:
- uses: actions/[email protected]
- name: "Set up AppArmor"
if: matrix.ubuntu == '24.04'
run: |
cat <<EOT | sudo tee "/etc/apparmor.d/usr.local.bin.rootlesskit"
abi <abi/4.0>,
include <tunables/global>
/usr/local/bin/rootlesskit flags=(unconfined) {
userns,
# Site-specific additions and overrides. See local/README for details.
include if exists <local/usr.local.bin.rootlesskit>
}
EOT
sudo systemctl restart apparmor.service
- uses: actions/[email protected]
with:
fetch-depth: 1
- name: "Register QEMU (tonistiigi/binfmt)"
@@ -205,11 +240,11 @@ jobs:
run: docker run -t --rm --privileged -e WORKAROUND_ISSUE_622=1 ${TEST_TARGET}

cross:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
timeout-minutes: 40
strategy:
matrix:
go-version: ["1.21.x", "1.22.x"]
go-version: ["1.22.x", "1.23.x"]
steps:
- uses: actions/[email protected]
with:
@@ -223,8 +258,8 @@ jobs:
run: GO_VERSION="$(echo ${{ matrix.go-version }} | sed -e s/.x//)" make artifacts

test-integration-docker-compatibility:
runs-on: ubuntu-22.04
timeout-minutes: 30
runs-on: ubuntu-22.04 # TODO: ubuntu-24.04
timeout-minutes: 45
steps:
- uses: actions/[email protected]
with:
@@ -234,15 +269,25 @@ jobs:
go-version: ${{ env.GO_VERSION }}
cache: true
check-latest: true
- name: "Enable BuildKit"
- name: "Install Docker v24"
run: |
set -eux -o pipefail
# Uninstall the preinstalled Docker
sudo apt-get remove docker-* containerd.io
# Enable BuildKit explicitly
sudo apt-get install -y moreutils
cat /etc/docker/daemon.json
jq '.features.buildkit = true' </etc/docker/daemon.json | sudo sponge /etc/docker/daemon.json
cat /etc/docker/daemon.json
sudo systemctl restart docker
# Download Docker packages
curl -OSL https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/containerd.io_1.6.33-1_amd64.deb
curl -OSL https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/docker-ce_24.0.9-1~ubuntu.22.04~jammy_amd64.deb
curl -OSL https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/docker-ce-cli_24.0.9-1~ubuntu.22.04~jammy_amd64.deb
curl -OSL https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/docker-buildx-plugin_0.13.1-1~ubuntu.22.04~jammy_amd64.deb
curl -OSL https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/docker-compose-plugin_2.25.0-1~ubuntu.22.04~jammy_amd64.deb
# Install Docker
sudo apt-get install -y ./*.deb
rm -f ./*.deb
# Print docker info
docker info
docker version
@@ -276,25 +321,24 @@ jobs:
- uses: actions/[email protected]
with:
repository: containerd/containerd
ref: v1.7.16
ref: v1.7.22
path: containerd
fetch-depth: 1
- name: "Set up CNI"
working-directory: containerd
run: GOPATH=$(go env GOPATH) script/setup/install-cni-windows
- name: "Set up containerd"
env:
ctrdVersion: 1.7.16
ctrdVersion: 1.7.22
run: powershell hack/configure-windows-ci.ps1
# TODO: Run unit tests
- name: "Run integration tests"
run: go test -v ./cmd/...

test-integration-freebsd:
name: FreeBSD
# "Larger" runner is needed for nested virtualization
# https://github.com/organizations/containerd/settings/actions/runners
runs-on: ubuntu-latest-4-cores
# ubuntu-24.04 lacks the vagrant package
runs-on: ubuntu-22.04
timeout-minutes: 20

steps:
36 changes: 18 additions & 18 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -18,43 +18,43 @@
# TODO: verify commit hash

# Basic deps
ARG CONTAINERD_VERSION=v1.7.16
ARG RUNC_VERSION=v1.1.12
ARG CNI_PLUGINS_VERSION=v1.4.1
ARG CONTAINERD_VERSION=v1.7.22
ARG RUNC_VERSION=v1.1.14
ARG CNI_PLUGINS_VERSION=v1.5.1

# Extra deps: Build
ARG BUILDKIT_VERSION=v0.12.5
ARG BUILDKIT_VERSION=v0.15.2
# Extra deps: Lazy-pulling
ARG STARGZ_SNAPSHOTTER_VERSION=v0.15.1
# Extra deps: Encryption
ARG IMGCRYPT_VERSION=v1.1.10
ARG IMGCRYPT_VERSION=v1.1.11
# Extra deps: Rootless
ARG ROOTLESSKIT_VERSION=v2.0.2
ARG SLIRP4NETNS_VERSION=v1.2.3
ARG ROOTLESSKIT_VERSION=v2.3.1
ARG SLIRP4NETNS_VERSION=v1.3.1
# Extra deps: bypass4netns
ARG BYPASS4NETNS_VERSION=v0.4.0
ARG BYPASS4NETNS_VERSION=v0.4.1
# Extra deps: FUSE-OverlayFS
ARG FUSE_OVERLAYFS_VERSION=v1.13
ARG CONTAINERD_FUSE_OVERLAYFS_VERSION=v1.0.8
# Extra deps: IPFS
ARG KUBO_VERSION=v0.27.0
ARG KUBO_VERSION=v0.29.0
# Extra deps: Init
ARG TINI_VERSION=v0.19.0
# Extra deps: Debug
ARG BUILDG_VERSION=v0.4.1

# Test deps
ARG GO_VERSION=1.21
ARG UBUNTU_VERSION=22.04
ARG GO_VERSION=1.23
ARG UBUNTU_VERSION=24.04
ARG CONTAINERIZED_SYSTEMD_VERSION=v0.1.1
ARG GOTESTSUM_VERSION=v1.11.0
ARG NYDUS_VERSION=v2.2.4
ARG SOCI_SNAPSHOTTER_VERSION=0.4.0
ARG GOTESTSUM_VERSION=v1.12.0
ARG NYDUS_VERSION=v2.2.5
ARG SOCI_SNAPSHOTTER_VERSION=0.7.0

FROM --platform=$BUILDPLATFORM tonistiigi/xx:1.3.0 AS xx
FROM --platform=$BUILDPLATFORM tonistiigi/xx:1.5.0 AS xx


FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-bullseye AS build-base-debian
FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-bookworm AS build-base-debian
COPY --from=xx / /
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && \
@@ -63,7 +63,7 @@ ARG TARGETARCH
# libbtrfs: for containerd
# libseccomp: for runc and bypass4netns
RUN xx-apt-get update && \
xx-apt-get install -y binutils gcc libc6-dev libbtrfs-dev libseccomp-dev
xx-apt-get install -y binutils gcc libc6-dev libbtrfs-dev libseccomp-dev pkg-config

FROM build-base-debian AS build-containerd
ARG TARGETARCH
@@ -323,7 +323,7 @@ RUN apt-get update && \
apt-get install -qq -y \
uidmap \
openssh-server openssh-client
# TODO: update containerized-systemd to enable sshd by default, or allow `systemctl wants <TARGET> sshd` here
# TODO: update containerized-systemd to enable sshd by default, or allow `systemctl wants <TARGET> ssh` here
RUN ssh-keygen -q -t rsa -f /root/.ssh/id_rsa -N '' && \
useradd -m -s /bin/bash rootless && \
mkdir -p -m 0700 /home/rootless/.ssh && \
2 changes: 2 additions & 0 deletions Dockerfile.d/SHA256SUMS.d/buildkit-v0.15.2
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
59279df5853bef19a03ec15c5c31b772e59d91d079ab0221e1bafa023cf41c35 buildkit-v0.15.2.linux-amd64.tar.gz
15329adaa5e5b2bea0580f3e5e33765f84504075710bb791e362c3b160ca7e61 buildkit-v0.15.2.linux-arm64.tar.gz
2 changes: 2 additions & 0 deletions Dockerfile.d/SHA256SUMS.d/cni-plugins-v1.5.1
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
77baa2f669980a82255ffa2f2717de823992480271ee778aa51a9c60ae89ff9b cni-plugins-linux-amd64-v1.5.1.tgz
c2a292714d0fad98a3491ae43df8ad58354b3c0bdf5d5a3e281777967c70fcff cni-plugins-linux-arm64-v1.5.1.tgz
6 changes: 6 additions & 0 deletions Dockerfile.d/SHA256SUMS.d/rootlesskit-v2.3.1
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
57bc67f71b8043961417325be13528d4f1e8ec90876cd34c38064431f457070f rootlesskit-aarch64.tar.gz
5154542509736957738478e3624b53865a875c396f978db5adea513d7507dee6 rootlesskit-armv7l.tar.gz
983642556dd3dcbe2c9b764d577882016ad1ca960815ffa13ca76d7da518504f rootlesskit-ppc64le.tar.gz
83c40bb8938828eb15837a4900ba825a1f52227631195c22df85f2e8f7f73546 rootlesskit-riscv64.tar.gz
dd6c8bc7e1c9b5d8c775efcf40854ef1d25205060294f0654a77d996a7f4e172 rootlesskit-s390x.tar.gz
caafdce18e0959f078b4b478d4f352ebf3d556e373265fc7831f1a6d70219ee0 rootlesskit-x86_64.tar.gz
6 changes: 6 additions & 0 deletions Dockerfile.d/SHA256SUMS.d/slirp4netns-v1.3.1
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
2dd9aac6c2e3203e53cb7b6e4b9fc7123e4e4a9716c8bb1d95951853059a6af5 slirp4netns-aarch64
ed618c0f2c74014bb736e9e427e18c8791ad9d68311872a41b06fac0d7cb9ef2 slirp4netns-armv7l
a10f70209cee0dd0532fea0e8b6bfde5d16dec5206fd4b3387d861721456de66 slirp4netns-ppc64le
38209015c2f3f4619d9fc46610852887910f33c7a0b96f7d2aa835a7bbc73f31 slirp4netns-riscv64
9f42718455b1f9cf4b6f0efee314b78e860b8c36dbbb6290f09c8fbedda9ff8a slirp4netns-s390x
4bc5d6c311f9fa7ae00ce54aefe10c2afaf0800fe9e99f32616a964ed804a9e1 slirp4netns-x86_64
4 changes: 2 additions & 2 deletions Dockerfile.d/test-integration-rootless.sh
View file
Original file line number Diff line number Diff line change
@@ -27,7 +27,7 @@ if [[ "$(id -u)" = "0" ]]; then
fi

# Switch to the rootless user via SSH
systemctl start sshd
systemctl start ssh
exec ssh -o StrictHostKeyChecking=no rootless@localhost "$0" "$@"
else
containerd-rootless-setuptool.sh install
@@ -48,7 +48,7 @@ else
[proxy_plugins]
[proxy_plugins."stargz"]
type = "snapshot"
address = "/run/user/1000/containerd-stargz-grpc/containerd-stargz-grpc.sock"
address = "/run/user/$(id -u)/containerd-stargz-grpc/containerd-stargz-grpc.sock"
EOF
systemctl --user restart containerd.service
containerd-rootless-setuptool.sh -- install-ipfs --init --offline # offline ipfs daemon for testing
Loading

0 comments on commit 5882c72

Please sign in to comment.