cri-o
/
cri-o
mirror of https://github.com/cri-o/cri-o.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,206 Commits 33 Branches 261 Tags 233 MiB
Commit Graph

10206 Commits

Author SHA1 Message Date
openshift-merge-bot[bot] fe1c9ad5c8
Merge pull request #9303 from cri-o/nixpkgs 
Update nixpkgs
 2025-07-18 13:25:13 +00:00
openshift-merge-bot[bot] e197807115
Merge pull request #9342 from saschagrunert/jaeger 
Simplify and update tracing docs
 2025-07-16 11:09:36 +00:00
openshift-merge-bot[bot] da378e05d5
Merge pull request #9333 from bitoku/fix-noisy-alert 
Do nothing when the conmon is already confirmed dead.
 2025-07-16 10:10:47 +00:00
openshift-merge-bot[bot] 5a667f5b6a
Merge pull request #9335 from saschagrunert/golangci-lint 
Update golangci-lint and config
 2025-07-15 10:05:36 +00:00
Sascha Grunert 457194a8f0
Simplify and update tracing docs 
We can now utilize the most recent jaeger all in one image to simplify
the test setup.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2025-07-15 11:42:45 +02:00
openshift-merge-bot[bot] 92381ff98f
Merge pull request #9128 from klihub/fixes/nri-cdi-device-injection 
server/nri: allow NRI plugins to inject CDI devices.
 2025-07-14 15:33:23 +00:00
Krisztian Litkey 75247c92f5
server/nri: allow NRI plugins to inject CDI devices. 
Add missing option to handle CDI device injection by NRI
plugins.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2025-07-14 10:40:55 +03:00
Ayato Tokubi aaf7494aef Don't log errors or emit metrics when cri-o already confirmed conmon is dead. 
Signed-off-by: Ayato Tokubi <atokubi@redhat.com>
 2025-07-11 12:12:46 +00:00
openshift-merge-bot[bot] 9cdf516777
Merge pull request #9301 from sohankunkerkar/fix-cni-issue 
OCPBUGS-58229: server: handle missing network namespace gracefully during networkStop
 2025-07-11 07:15:40 +00:00
Sascha Grunert 740ea78286
Update golangci-lint and config 
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2025-07-11 09:06:54 +02:00
Sohan Kunkerkar faec3f5e9d contrib/test/ci: skip network recovery after reboot test for kata 
Kata VMs use real infra containers that persist in storage, unlike normal
containers that use spoofed infra containers. This fundamental architectural
difference means the 'Network recovery after reboot with destroyed netns'
test scenario doesn't apply to Kata VMs in the same way.

Signed-off-by: Sohan Kunkerkar <sohank2602@gmail.com>
 2025-07-10 10:21:16 -04:00
Sohan Kunkerkar 65395cbd91 test: use quay.io instead of registry.fedoraproject.org 
Signed-off-by: Sohan Kunkerkar <sohank2602@gmail.com>
 2025-07-10 10:21:16 -04:00
Sohan Kunkerkar 1ae665519d test: add coverage for network recovery after reboot with destroyed netns 
Signed-off-by: Sohan Kunkerkar <sohank2602@gmail.com>
 2025-07-10 10:21:16 -04:00
Sohan Kunkerkar d17990aff1 server: handle missing network namespace gracefully during networkStop 
After host reboot, network namespaces are destroyed but CRI-O attempts
to clean them up during pod sandbox destruction, causing CNI plugin
failures and preventing pods from restarting properly. The fix ensures
pods can restart normally after host reboots.

Signed-off-by: Sohan Kunkerkar <sohank2602@gmail.com>
 2025-07-10 10:21:12 -04:00
openshift-merge-bot[bot] c9266820ab
Merge pull request #9324 from saschagrunert/conmonrs-version 
Pre-check streaming websockets on config validation
 2025-07-09 16:58:52 +00:00
Sascha Grunert 898a9d07c2
Pre-check streaming websockets on config validation 
This change disallows streaming websockets for other runtimes than
"pod". If conmon-rs version API is available, then it will also print
the version. If the version API is not available, then the config
validation implicitly assumes that conmon-rs < 0.7.0 is being used,
which does not support the streaming server at all.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2025-07-09 15:11:56 +02:00
openshift-merge-bot[bot] 5e12be1810
Merge pull request #9289 from saschagrunert/streaming-server-exec-attach 
Add conmon-rs streaming server support for `Exec` and `Attach`
 2025-07-09 08:45:26 +00:00
Sascha Grunert 16a08ebc33
Add conmon-rs streaming server support for `Exec` and `Attach` 
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2025-07-08 16:12:12 +02:00
openshift-merge-bot[bot] 8c4e586731
Merge pull request #9325 from saschagrunert/probe-log-noise 
Reduce log noise from monitor prober
 2025-07-08 13:37:23 +00:00
Sascha Grunert 713e155c11
Reduce log noise from monitor prober 
The message is printed periodically to the logs which can be noisy. To
reduce the verbosity we now print it only when the log level is set to
trace.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2025-07-08 10:52:17 +02:00
openshift-merge-bot[bot] 9254d7b713
Merge pull request #9322 from bitoku/inplacepodverticalscaling 
Skip [FeatureGate:InPlacePodVerticalScaling]
 2025-07-07 13:09:07 +00:00
Ayato Tokubi 4d428c3c0e Skip [FeatureGate:InPlacePodVerticalScaling] 
Signed-off-by: Ayato Tokubi <atokubi@redhat.com>
 2025-07-07 10:17:48 +00:00
openshift-merge-bot[bot] 34b3e85c6e
Merge pull request #9316 from bitoku/addme 
Add @bitoku as reviewer
 2025-07-03 06:02:01 +00:00
Ayato Tokubi 8c59a804d2 add @bitoku as reviewer 
Signed-off-by: Ayato Tokubi <atokubi@redhat.com>
 2025-07-02 16:46:42 +00:00
openshift-merge-bot[bot] aa26b29bcb
Merge pull request #9278 from bitoku/insecure-registries-deprecation 
Deprecate insecure_registries config
 2025-07-01 14:35:22 +00:00
openshift-merge-bot[bot] 25069a9753
Merge pull request #9302 from bitoku/inherit-context 
Inherit context in StopLoopForContainer
 2025-07-01 11:50:10 +00:00
openshift-merge-bot 841dce699c Update nixpkgs 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-07-01 00:16:30 +00:00
Ayato Tokubi 760aeefd79 inherit context in StopLoopForContainer 
Signed-off-by: Ayato Tokubi <atokubi@redhat.com>
 2025-06-30 16:17:57 +00:00
openshift-merge-bot[bot] 2edb23fd54
Merge pull request #9299 from saschagrunert/typos 
Update typos action and fix reports
 2025-06-30 15:50:19 +00:00
openshift-merge-bot[bot] f3374adc5f
Merge pull request #9205 from bitoku/conmon-monitor3 
OCPNODE-3316: Track conmon process
 2025-06-30 11:47:18 +00:00
Ayato Tokubi 9d0dd61860 deprecate insecure-registires 
Signed-off-by: Ayato Tokubi <atokubi@redhat.com>
 2025-06-30 11:38:06 +00:00
Sascha Grunert 33c1eba9c2
Update typos action and fix reports 
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2025-06-30 11:06:57 +02:00
openshift-merge-bot[bot] 4caef2f874
Merge pull request #9292 from klihub/fixes/delay-cdi-device-injection 
server,factory/container: delay CDI device injection later.
 2025-06-30 06:28:38 +00:00
Krisztian Litkey 64a94f231f
server,factory/container: delay CDI device injection later. 
Currently CDI device injection is performed right after injecting
other devices into the container. This is problematic because CDI
device injection might alter, among other things, the environment.
However setting up the final environment happens only later during
container creation and it involves setting environment variables
from the image and the Pod Spec. If the same environment variable
is injected both from an image or a container, and from a CDI Spec,
now the former take precedence of the latter. This is unintentional
and wrong.

This patch moves CDI device injection much later during container
creation, between OCI Hook injection and *oci.Container creation.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2025-06-27 22:44:33 +03:00
Krisztian Litkey 1054cf6c42
test: add env. vars with default values for CDI tests. 
Use a few environment variables with default values to verify
that evironment variables from CDI injection take precedence
over ones in the Pod Spec.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2025-06-27 22:44:32 +03:00
openshift-merge-bot[bot] b25f4a806e
Merge pull request #9290 from saschagrunert/runtime-tools 
Update runtime-tools
 2025-06-27 17:27:59 +00:00
openshift-merge-bot[bot] db591b6397
Merge pull request #9209 from bitoku/refactor-artifact 
Fix error handling of mountArtifact
 2025-06-27 11:50:34 +00:00
Sascha Grunert a065ae9e01
Update runtime-tools 
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2025-06-27 10:57:52 +02:00
openshift-merge-bot[bot] 632435d441
Merge pull request #9285 from haircommander/fix-unmasked-proc 
server: only append default masked paths if any paths are specified
 2025-06-26 17:45:34 +00:00
openshift-merge-bot[bot] 6afa2dd3db
Merge pull request #9284 from cri-o/dependabot/go_modules/gomod-b6a2a96e79 
build(deps): bump the gomod group with 6 updates
 2025-06-26 13:11:50 +00:00
openshift-merge-bot[bot] 3dcc24c1d5
Merge pull request #9283 from cri-o/dependabot/go_modules/kubernetes-edb6009c13 
build(deps): bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0 in the kubernetes group
 2025-06-26 07:00:43 +00:00
Sascha Grunert 96ddba1c97
Downgrade otelgrpc 
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2025-06-26 08:56:57 +02:00
Peter Hunt 7f3fb9bcf3 server: only append default masked paths if any paths are specified 
otherwise, we break umasked proc mount type feature

Signed-off-by: Peter Hunt <pehunt@redhat.com>
 2025-06-25 16:34:07 -04:00
dependabot[bot] 8756de73dc
build(deps): bump the gomod group with 6 updates 
Bumps the gomod group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.60.0` | `0.61.0` |
| [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) | `1.36.0` | `1.37.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go) | `1.36.0` | `1.37.0` |
| [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) | `1.36.0` | `1.37.0` |
| [go.opentelemetry.io/otel/trace](https://github.com/open-telemetry/opentelemetry-go) | `1.36.0` | `1.37.0` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.72.1` | `1.73.0` |


Updates `go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc` from 0.60.0 to 0.61.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.60.0...zpages/v0.61.0)

Updates `go.opentelemetry.io/otel` from 1.36.0 to 1.37.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.36.0...v1.37.0)

Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc` from 1.36.0 to 1.37.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.36.0...v1.37.0)

Updates `go.opentelemetry.io/otel/sdk` from 1.36.0 to 1.37.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.36.0...v1.37.0)

Updates `go.opentelemetry.io/otel/trace` from 1.36.0 to 1.37.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.36.0...v1.37.0)

Updates `google.golang.org/grpc` from 1.72.1 to 1.73.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.72.1...v1.73.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
  dependency-version: 0.61.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: go.opentelemetry.io/otel
  dependency-version: 1.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
  dependency-version: 1.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-version: 1.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: go.opentelemetry.io/otel/trace
  dependency-version: 1.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: google.golang.org/grpc
  dependency-version: 1.73.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-25 14:50:37 +00:00
dependabot[bot] c7ecfedbd5
build(deps): bump sigs.k8s.io/yaml in the kubernetes group 
Bumps the kubernetes group with 1 update: [sigs.k8s.io/yaml](https://github.com/kubernetes-sigs/yaml).


Updates `sigs.k8s.io/yaml` from 1.4.0 to 1.5.0
- [Release notes](https://github.com/kubernetes-sigs/yaml/releases)
- [Changelog](https://github.com/kubernetes-sigs/yaml/blob/master/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/yaml/compare/v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/yaml
  dependency-version: 1.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: kubernetes
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-25 14:49:52 +00:00
openshift-merge-bot[bot] 87ce1c120d
Merge pull request #9281 from cri-o/dependabot/go_modules/gomod-5731e6d922 
build(deps): bump the gomod group across 1 directory with 20 updates
 2025-06-25 13:50:50 +00:00
Sascha Grunert b9bc2a2cd4
Upgrade netlink 
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2025-06-25 12:55:10 +02:00
Sascha Grunert 8d0965635f
Downgrade otelgrpc 
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
 2025-06-25 12:53:36 +02:00
openshift-merge-bot[bot] 39bf15c560
Merge pull request #9276 from rphillips/revert_debug 
Revert "temporarily enable debug symbols"
 2025-06-25 06:56:52 +00:00
Ayato Tokubi 1d392a18dd Fix some comments and refactor in probeMonitor 
Signed-off-by: Ayato Tokubi <atokubi@redhat.com>
 2025-06-25 02:23:18 +00:00