-
Notifications
You must be signed in to change notification settings - Fork 3.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
platforms.Normalize(): do not reset OSVersion and OSFeatures #6497
platforms.Normalize(): do not reset OSVersion and OSFeatures #6497
Conversation
Commit fb06883 implemented the Normalize() function, but marked these fields as deprecated. It's unclear what the motivation was for this, as the fields are part of the OCI Image spec. On Windows, the OSVersion field specifically is important when matching images (as kernel versions may not be compatible). This patch updates platforms.Normalize() to preserve the OSVersion and OSFeatures fields. As a follow-up, we should look at defining an appropriate string-representation for these fields (possibly as part of the OCI Spec), and update platforms.Parse() accordingly. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
@tonistiigi @crazy-max @kevpar ptal |
Oh, arf... I just now see that #6491 is also being reviewed (but only preserves OSVersion |
@thaJeztah It seems to be a bit more complicated than just preserving these values. see #6491 (comment). I pushed a commit that demonstrates those and about to push a commit that proposes a fix. |
@dmcgowan do you have any idea about what is the proper change for this? |
I think this part of the change "should be" correct, but the other ticket is about |
I agree this looks correct to me, I need this patch for everything to work properly as mentioned in #6491 (comment) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
This change as well as #6491 make sense to me |
@@ -364,3 +365,7 @@ func TestParseSelectorInvalid(t *testing.T) { | |||
}) | |||
} | |||
} | |||
|
|||
func TestNormalize(t *testing.T) { | |||
require.Equal(t, DefaultSpec(), Normalize(DefaultSpec())) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This test does not pass on all platforms
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
oh! I took this from @crazy-max 's example from the ticket (and it passed in CI); do you know in what cases it fails?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
At least on arm64 but may be more.
@@ -257,10 +257,5 @@ func Format(platform specs.Platform) string { | |||
func Normalize(platform specs.Platform) specs.Platform { | |||
platform.OS = normalizeOS(platform.OS) | |||
platform.Architecture, platform.Variant = normalizeArch(platform.Architecture, platform.Variant) | |||
|
|||
// these fields are deprecated, remove them |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess the point of not using these fields was that in order to actually make platforms containing these fields work containerd should define how they are serialized when Format()
and Parse()
of this package are called.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We were discussing Parse this a bit here: #6491 (comment)
containerd 1.6.0 Welcome to the v1.6.0 release of containerd! The seventh major release of containerd includes many improvements and added support to increase overall compatibility and stability. * **Add runtime label to metrics** ([#5744](https://github.com/containerd/containerd/pull/5744)) * **Cleanup task delete logic in v2 shim** ([#5813](https://github.com/containerd/containerd/pull/5813)) * **Add support for shim plugins** ([#5817](https://github.com/containerd/containerd/pull/5817)) * **Handle sigint and sigterm in shimv2** ([#5828](https://github.com/containerd/containerd/pull/5828)) * **Decouple shim and task manager** ([#5918](https://github.com/containerd/containerd/pull/5918)) * **Add runc shim support for core scheduling** ([#6011](https://github.com/containerd/containerd/pull/6011)) * **Update shim client connect attempt to fail fast when shim errors** ([#6031](https://github.com/containerd/containerd/pull/6031)) * **Add support for absolute path to shim binaries** ([#6206](https://github.com/containerd/containerd/pull/6206)) * **Update runc to v1.1.0** ([#6375](https://github.com/containerd/containerd/pull/6375)) * **Add support for Windows HostProcess containers** ([#5131](https://github.com/containerd/containerd/pull/5131)) * **Add support for Windows resource limits** ([#5778](https://github.com/containerd/containerd/pull/5778)) * **Add CNI configuration based on runtime class** ([#4695](https://github.com/containerd/containerd/pull/4695)) * **Add support for Intel RDT** ([#5439](https://github.com/containerd/containerd/pull/5439)) * **Add support for CRI v1 and v1alpha in parallel** ([#5619](https://github.com/containerd/containerd/pull/5619)) * **Add support for unified resources field for cgroups v2** ([#5627](https://github.com/containerd/containerd/pull/5627)) * **Add IP preference configuration for reporting pod IP** ([#5964](https://github.com/containerd/containerd/pull/5964)) * **Implement new CRI pod sandbox stats API** ([#6113](https://github.com/containerd/containerd/pull/6113)) * **Add sandbox and container latency metrics** ([#6111](https://github.com/containerd/containerd/pull/6111)) * **Add namespace to ttrpc and grpc plugin connections** ([#6130](https://github.com/containerd/containerd/pull/6130)) * **Add option to allow ping sockets and privileged ports with no capabilities** ([#6170](https://github.com/containerd/containerd/pull/6170)) * **Add support for configuring swap** ([#6320](https://github.com/containerd/containerd/pull/6320)) * **Add support for client TLS Auth for grpc** ([#5606](https://github.com/containerd/containerd/pull/5606)) * **Add xfs support for devicemapper snapshotter** ([#5610](https://github.com/containerd/containerd/pull/5610)) * **Add metric exposing build version and revision** ([#5965](https://github.com/containerd/containerd/pull/5965)) * **Add support for custom fs options in devmapper snapshotter** ([#6122](https://github.com/containerd/containerd/pull/6122)) * **Update introspection service to show GRPC plugins** ([#6432](https://github.com/containerd/containerd/pull/6432)) * **Allow WithServices to use custom implementations** ([#5709](https://github.com/containerd/containerd/pull/5709)) * **Support custom compressor for walking differ** ([#5735](https://github.com/containerd/containerd/pull/5735)) The tar bundles released as `cri-containerd-*.tar.gz` contain a build of runc linked with a newer version of libseccomp. This dynamically-linked build of runc was built on Ubuntu 18.04 and will not work on some other distributions, such as RHEL 7 and Debian 10. Users of such distributions may get a statically-linked runc binary from https://github.com/opencontainers/runc/releases or build runc for their own environment. > **_Deprecation_** These tar bundles are now deprecated and will be removed or > replaced in containerd 2.0. Projects relying on these tar bundles should use > the `containerd-*.tar.gz` bundles or work with the containerd community on a > suitable replacement in containerd 2.0. See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. * Derek McGowan * Phil Estes * Akihiro Suda * Wei Fu * Maksym Pavlenko * Sebastiaan van Stijn * Michael Crosby * Kazuyoshi Kato * Mike Brown * Claudiu Belu * Daniel Canter * Gabriel Adrian Samfira * haoyun * Brian Goff * Stefan Berger * zounengren * AdamKorcz * Adelina Tuvenie * Kohei Tokunaga * Davanum Srinivas * Nashwan Azhari * Samuel Karp * Shiming Zhang * Markus Lehtonen * Enrico Weigelt, metux IT consult * Alakesh Haloi * Hajime Tazaki * Iceber Gu * Kevin Parsons * Aditi Sharma * David Porter * Jeremi Piotrowski * Gijs Peskens * ningmingxiao * Brandon Lum * Cody Roseborough * Danielle Lancashire * Eric Ernst * Jacob MacElroy * Tõnis Tiigi * dependabot[bot] * wanglei * Alexandre Peixoto Ferreira * Fabiano Fidêncio * Furkan Türkal * Jiaming Xu * Kir Kolyshkin * Miao Wang * Neil Johnson * Paul "TBBle" Hampson * Priyanka Saggu * Romain Aviolat * Samuel Ortiz * Sunghoon Kang * Takumasa Sakao * Tobias Klauser * Zhiyu Li * ye.sijun * Alexander Minbaev * Alexey Ivanov * Andrey Smirnov * Artem Khramov * Aurelien Lun-Sin * Ben Hutchings * Cory Bennett * Da McGrady * Dan Williams * Eng Zer Jun * Ethan Chen * Fupan Li * Gaurav Gahlot * Gunju Kim * Henry Wang * Jacob Blain Christen * James Gordon * James Sturtevant * Jan Klippel * Jayme Howard * Jiajun Jiang * Jintao Zhang * Justin Terry * Kaijie Chen * Kante * Kern Walster * Kitt Hsu * Lantao Liu * Ma Xinjian * Manabu Sugimoto * Manuel Alejandro de Brito Fontes * Mark Rossetti * Markus Lippert * Mete Durlu * Michael Zappa * Mikko Ylinen * Ng Yang * Nicolas Chariglione * Ning Li * Olli Janatuinen * Peri Thompson * Quan Tian * Radostin Stoyanov * Rui Lopes * Sambhav Kothari * Sebastian Hasler * Sergey Kanzhelev * Shuntaro Azuma * Sören Tempel * Yang Yang * Yifan Yuan * Zilong Wang * Zufar Dhiyaulhaq * botieking98 * chenxiaoyu * jayonlau * jerryzhuang * linrunlong * scuzhanglei * wangzhan * Étienne Guesnet <details><summary>1059 commits</summary> <p> * Prepare release notes for v1.6.0 ([#6531](https://github.com/containerd/containerd/pull/6531)) * Prepare release notes for v1.6.0 * Update Go to 1.16.14, 1.17.7 ([#6555](https://github.com/containerd/containerd/pull/6555)) * Update Go to 1.16.14, 1.17.7 * Change the context to avoid misunderstandings in architecture.md. ([#6533](https://github.com/containerd/containerd/pull/6533)) * Change the context to avoid misunderstandings * Update go-cni to v1.1.3 ([#6543](https://github.com/containerd/containerd/pull/6543)) * Update go-cni to v1.1.3 * Update go-cni to v1.1.2 * Wait for containerd installation in GCE scripts ([#6544](https://github.com/containerd/containerd/pull/6544)) * Wait for containerd installation in GCE scripts * Enable TestContainerPTY and TestContainerUsername ([#6540](https://github.com/containerd/containerd/pull/6540)) * Enable TestContainerPTY and TestContainerUsername * Update BUILDING.md ([#6500](https://github.com/containerd/containerd/pull/6500)) * Add instructions on using go with admin perms * Prepare release notes for v1.6.0-rc.4 ([#6537](https://github.com/containerd/containerd/pull/6537)) * Prepare release notes for v1.6.0-rc.4 * Change file name for shim binary path ([#6536](https://github.com/containerd/containerd/pull/6536)) * Change file name for shim binary path * containerd-stress: introduce option for specifying image ([#6532](https://github.com/containerd/containerd/pull/6532)) * containerd-stress: introduce option for specifying image * Prepare release notes for v1.6.0-rc.3 ([#6524](https://github.com/containerd/containerd/pull/6524)) * Prepare release notes for v1.6.0-rc.3 * Use white logo in github dark mode ([#6529](https://github.com/containerd/containerd/pull/6529)) * Use white logo in github dark mode * cri: fix handling of ignore_rdt_not_enabled_errors config option ([#6514](https://github.com/containerd/containerd/pull/6514)) * cri: fix handling of ignore_rdt_not_enabled_errors config option * pkg/oom/v2: handle EventChan routine shutdown quietly ([#6504](https://github.com/containerd/containerd/pull/6504)) * pkg/oom/v2: handle EventChan routine shutdown quietly * fix: .dockerignore make git working tree dirty ([#6523](https://github.com/containerd/containerd/pull/6523)) * fix: .dockerignore makes git working tree dirty * containerd-stress: start task ctr before starting execs ([#6518](https://github.com/containerd/containerd/pull/6518)) * containerd-stress: start task ctr before starting execs * Document fs_type and fs_options in snapshots/devmapper/README.md ([#6501](https://github.com/containerd/containerd/pull/6501)) * Document fs_type and fs_options in snapshots/devmapper/README.md * docs: add Talos Linux to the list of adopters ([#6510](https://github.com/containerd/containerd/pull/6510)) * docs: add Talos Linux to the list of adopters * Prepare 1.6.0-rc.2 ([#6502](https://github.com/containerd/containerd/pull/6502)) * Prepare release notes for v1.6.0-rc.2 * Update releases document * platforms.Normalize(): do not reset OSVersion and OSFeatures ([#6497](https://github.com/containerd/containerd/pull/6497)) * platforms.Normalize(): do not reset OSVersion and OSFeatures * tracing: use OTLP/HTTP in addition to OTLP/gRPC ([#6457](https://github.com/containerd/containerd/pull/6457)) * tracing: return (ctx, span) from StartSpan * tracing: support OTLP/HTTP in addition to gRPC * Update cgroups to v1.0.3 ([#6498](https://github.com/containerd/containerd/pull/6498)) * Update cgroups to v1.0.3 * seccomp: kernel 5.11 -> 5.16 ([#6494](https://github.com/containerd/containerd/pull/6494)) * seccomp: kernel 5.16 (futex_waitv) * seccomp: kernel 5.15 (process_mrelease) * seccomp: kernel 5.14 (quotactl_fd, memfd_secret) * seccomp: kernel 5.13 (landlock_{add_rule,create_ruleset,restrict_self}) * seccomp: kernel 5.12 (mount_setattr) * remotes: fix dockerPusher to handle abort correctly ([#6243](https://github.com/containerd/containerd/pull/6243)) * remotes: fix dockerPusher to handle abort correctly * seccomp: add support for "swapcontext" syscall in default policy ([#6411](https://github.com/containerd/containerd/pull/6411)) * seccomp: add support for "swapcontext" syscall in default policy * oci: use readonly mount to read user/group info ([#6478](https://github.com/containerd/containerd/pull/6478)) * oci: use readonly mount to read user/group info * Fix possibly incorrect media type default on import ([#6475](https://github.com/containerd/containerd/pull/6475)) * Fix possibly incorrect media type default on import * shimv2: handle sigint/sigterm ([#5828](https://github.com/containerd/containerd/pull/5828)) * shimv2: handle sigint/sigterm * Fix acr fetch token 400 ([#6481](https://github.com/containerd/containerd/pull/6481)) * fix acr fetch token 400 * platforms: add support for matching amd64 variants ([#6455](https://github.com/containerd/containerd/pull/6455)) * platforms: add support for matching amd64 variants * Fix windows periodic workflow ([#6476](https://github.com/containerd/containerd/pull/6476)) * Fix windows periodic workflow * docs: add doc-comments on GC-related methods ([#6473](https://github.com/containerd/containerd/pull/6473)) * docs: add doc-comments on GC-related methods * fix: should not send 137 code event if cmd is notfound ([#6465](https://github.com/containerd/containerd/pull/6465)) * fix: should not send 137 code event if cmd is notfound * Fix empty scopes return ([#6463](https://github.com/containerd/containerd/pull/6463)) * fix empty scopes return * Prepare release notes for v1.6.0-rc.1 ([#6462](https://github.com/containerd/containerd/pull/6462)) * Prepare release notes for v1.6.0-rc.1 * Add support for skipping non-dist blob push ([#6424](https://github.com/containerd/containerd/pull/6424)) * ctr: flag to toggle non-distributable blob push * Add image handler to skip non-distributable blobs. * Compile binaries for go1.16 and go1.17 in CI ([#6461](https://github.com/containerd/containerd/pull/6461)) * Compile binaries for go1.16 and go1.17 in CI * services/introspection: fix plugin caching to show grpc plugins ([#6432](https://github.com/containerd/containerd/pull/6432)) * Update caching logic to avoid map access * services/introspection: support to show introspection grpc service * Integration: Change to Windows Server 2022 build number constant ([#6458](https://github.com/containerd/containerd/pull/6458)) * Integration: Change to Windows Server 2022 build number constant * Update kubernetes vendor to 0.22.5 ([#6460](https://github.com/containerd/containerd/pull/6460)) * Update kubernetes vendor to 0.22.5 * Fix rdt build tags for go 1.16 ([#6459](https://github.com/containerd/containerd/pull/6459)) * Fix rdt build tags for go 1.16 * Remove submodule go mod ([#6439](https://github.com/containerd/containerd/pull/6439)) * Remove api go submodule * Update makefile to remove API submodule * go.mod: Update hcsshim to v0.9.2 ([#6453](https://github.com/containerd/containerd/pull/6453)) * go.mod: Update hcsshim to v0.9.2 * update runc to v1.1.0 ([#6375](https://github.com/containerd/containerd/pull/6375)) * go.mod: github.com/opencontainers/runc v1.1.0 * update runc binary to v1.1.0 * tracing: fix OTLP tracer's initialization ([#6443](https://github.com/containerd/containerd/pull/6443)) * tracing: fix OTLP tracer's initialization * gha: run CodeQL scan on pull requests ([#6386](https://github.com/containerd/containerd/pull/6386)) * gha: run CodeQL scan on pull requests * Do not automatically inject client traces ([#6445](https://github.com/containerd/containerd/pull/6445)) * Do not automatically inject client traces * [containerd-stress] delete useless code ([#6451](https://github.com/containerd/containerd/pull/6451)) * delete useless code * Revert "Add shared content label to namespaces" ([#6440](https://github.com/containerd/containerd/pull/6440)) * Revert "Add shared content label to namespaces" * Add ppc64 support for test images ([#6435](https://github.com/containerd/containerd/pull/6435)) * Add ppc64 support for test images * ctr: Unify the delete subcommand alias ([#6427](https://github.com/containerd/containerd/pull/6427)) * ctr: Unify the delete subcommand alias * Prepare release notes for v1.6.0-rc.0 ([#6431](https://github.com/containerd/containerd/pull/6431)) * Prepare release notes for v1.6.0-rc.0 * Integration: Switch to using `auth` Gcloud action in Windows workflow. ([#6397](https://github.com/containerd/containerd/pull/6397)) * Integration: Switch to `upload-cloud-storage` Gcloud action. * Integration: Switch to using `auth` Gcloud action in Windows workflow. * remove io/ioutil ([#6426](https://github.com/containerd/containerd/pull/6426)) * remove io/ioutil * test: e2e node COS cgroupv2 script ([#6418](https://github.com/containerd/containerd/pull/6418)) * test: e2e node COS cgroupv2 script * Integration: Enable CRITest on Windows 2022. ([#6378](https://github.com/containerd/containerd/pull/6378)) * Enable critest tests on Windows Server 2022. * Parametrize CRITest test images in Windows Periodic workflow. * Update error message for apparmor parser ([#6415](https://github.com/containerd/containerd/pull/6415)) * Update error message for apparmor parser * Fix wrong log message ([#6419](https://github.com/containerd/containerd/pull/6419)) * Fix wrong log message * Followup errors change ([#6414](https://github.com/containerd/containerd/pull/6414)) * Fix incorrect error wrapped when closing ingest file * Fix seek error used without nil check * Fix followup items from errors replacement * Updates CRI API & Kubernetes to 1.23 ([#6351](https://github.com/containerd/containerd/pull/6351)) * Update k/k to 1.23.0 * Updating adoption of containerd for AKS ([#6416](https://github.com/containerd/containerd/pull/6416)) * Updating adoption of containerd for AKS * update the adoption status of containerd in GKE ([#6413](https://github.com/containerd/containerd/pull/6413)) * update the adoption status of containerd in GKE * go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt} ([#6410](https://github.com/containerd/containerd/pull/6410)) * go.mod: update github.com/containerd/{continuity,go-cni,imgcrypt} * replace github.com/pkg/errors with native errors ([#6366](https://github.com/containerd/containerd/pull/6366)) * feat: replace github.com/pkg/errors to errors * corrected link in cri architecture documentation ([#6412](https://github.com/containerd/containerd/pull/6412)) * corrected link in cri architecture documentation * remotes/docker: allow fetching "refresh token" (aka "identity token", "offline token") ([#6396](https://github.com/containerd/containerd/pull/6396)) * remotes/docker: allow fetching "refresh token" (aka "identity token") * remotes/docker/config: allow setting custom AuthorizerOpts * Prepare release notes for v1.6.0-beta.5 ([#6407](https://github.com/containerd/containerd/pull/6407)) * Prepare release notes for v1.6.0-beta.5 * Integration: Check GCP secrets on Windows CI artifact upload. ([#6292](https://github.com/containerd/containerd/pull/6292)) * Integration: Check GCP secrets on Windows CI artifact upload. * Github Security Advisory [GHSA-mvff-h3cj-wj9c](https://github.com/containerd/containerd/security/advisories/GHSA-mvff-h3cj-wj9c) * only relabel cri managed host mounts * Add support for Intel RDT ([#5439](https://github.com/containerd/containerd/pull/5439)) * cri: add ignore_rdt_not_enabled_errors config option * Update dependencies * cri: annotations for controlling RDT class * tasks: add Linux rdt support * cmd: add --rdt-class command line option * oci: implement WithRdt * fix: use _ for consistency ([#6391](https://github.com/containerd/containerd/pull/6391)) * fix: use _ for consistency * content/local: use syscall.Timespec.Unix ([#6403](https://github.com/containerd/containerd/pull/6403)) * content/local: use syscall.Timespec.Unix * docs: improve plugin documentation ([#6207](https://github.com/containerd/containerd/pull/6207)) * docs: document the runtime shim plugin config options * docs: use proper markdown lists in containerd-config.toml.5.md * fix(ctr): enable networking for Windows containers ([#6304](https://github.com/containerd/containerd/pull/6304)) * fix(ctr): enable networking for Windows containers * Fix $(PWD) issue for Windows makefile ([#6394](https://github.com/containerd/containerd/pull/6394)) * Fix $(PWD) issue for Windows makefile * only test abstract uds on linux ([#6395](https://github.com/containerd/containerd/pull/6395)) * fix: only test abstract unix socket on linux * Fix restart container test ([#6390](https://github.com/containerd/containerd/pull/6390)) * Expect ErrorNotFound on Windows after Kill() * Replace tskill with taskkill * fix when kernel version < 4.13rc1 by using index=off cause test error ([#6291](https://github.com/containerd/containerd/pull/6291)) * fix when kernel version < 4.13rc1 by using index=off cause overlay test error * Fix no-daemon flag for integration/client tests ([#6384](https://github.com/containerd/containerd/pull/6384)) * Fix no-daemon flag for integration/client tests * Enable lazy init for ext4 with devicemapper ([#6122](https://github.com/containerd/containerd/pull/6122)) * Enable lazy init for ext4 with devicemapper * Fix flakiness on Windows for list stats ([#6385](https://github.com/containerd/containerd/pull/6385)) * Fix flakiness on Windows for list stats * cri-integration: Add Windows defaults and fix spaces issue ([#6347](https://github.com/containerd/containerd/pull/6347)) * cri-integration: Add Windows default paths * Upgrade OpenTelemetry dependencies ([#6383](https://github.com/containerd/containerd/pull/6383)) * Upgrade k8s.io/klog/v2 from 2.9.0 to 2.20.0 * Use insecure.NewCredentials instead of grpc.WithInsecure * Upgrade OpenTelemetry dependencies * Fix default makefile target for windows ([#6322](https://github.com/containerd/containerd/pull/6322)) * Fix default makefile target for windows * Disable TestContainerHook on Windows ([#6379](https://github.com/containerd/containerd/pull/6379)) * Disable TestContainerHook on Windows * seutil: Fix setting the "container_kvm_t" label ([#6372](https://github.com/containerd/containerd/pull/6372)) * seutil: Fix setting the "container_kvm_t" label * Remove Windows integration testing for 2004. ([#6350](https://github.com/containerd/containerd/pull/6350)) * Remove Windows integration testing for 2004. * OCI: Mount (accessible) host devices in privileged rootless containers ([#6308](https://github.com/containerd/containerd/pull/6308)) * OCI: Mount (accessible) host devices in privileged rootless containers * oci.getDevices(): move "non-dir, non '/dev/console'" case into switch * cri: add support for configuring swap ([#6320](https://github.com/containerd/containerd/pull/6320)) * fixup: check for swap accounting * fixup: handle diff between cgroupsv1 and v2 * cri: add support for configuring swap * Integration: Enable TestVolumeOwnership on Windows ([#6275](https://github.com/containerd/containerd/pull/6275)) * Replace find with native Go code * Enable TestVolumeOwnership on Windows * Prepare release notes for v1.6.0-beta.4 ([#6296](https://github.com/containerd/containerd/pull/6296)) * Prepare release notes for v1.6.0-beta.4 * refactor: functions for error log and error return ([#6358](https://github.com/containerd/containerd/pull/6358)) * feat: Errorf usage * Split apart runc shim into plugin components ([#6021](https://github.com/containerd/containerd/pull/6021)) * Use task plugin for runc shim * Seperate shim manager and task service * Split runc shim into plugin components * Add shutdown package * CRI update for sandbox sizing ([#6155](https://github.com/containerd/containerd/pull/6155)) * cri, sandbox: pass sandbox resource details if available, applicable * medatada: make namespaces' deletion error less cryptic ([#6354](https://github.com/containerd/containerd/pull/6354)) * medatada: make namespaces' deletion error less cryptic * ListContainerStats to return stats response if ContainerStatsFilter is nil ([#6373](https://github.com/containerd/containerd/pull/6373)) * add-list-stat: return container list if filter is nil * integration: deflake TestContainerdRestart ([#6369](https://github.com/containerd/containerd/pull/6369)) * integration: deflake TestContainerdRestart * feat: add timeout for bolt open ([#6225](https://github.com/containerd/containerd/pull/6225)) * feat: support custom timeout for blot open * Update Go to 1.17.5 ([#6333](https://github.com/containerd/containerd/pull/6333)) * Update Go to 1.17.5 * cri/server: use consistent alias for pkg/ioutil ([#6332](https://github.com/containerd/containerd/pull/6332)) * cri/server: use consistent alias for pkg/ioutil * Disable restart monitor test in Windows ([#6364](https://github.com/containerd/containerd/pull/6364)) * Disable restart monitor test in Windows * Don't fail-fast on Windows integration tests ([#6338](https://github.com/containerd/containerd/pull/6338)) * Don't fail-fast on Windows integration tests * Update restart monitor test to output daemon logs on failure ([#6355](https://github.com/containerd/containerd/pull/6355)) * Run windows parallel integration test as short * Update restart monitor test to output daemon logs on failure * go.mod: update image-spec to latest (v1.0.3-dev) ([#6263](https://github.com/containerd/containerd/pull/6263)) * images/converter: remove deprecated types * go.mod: update image-spec to latest (v1.0.3-dev) * Skip WithAdditionalGIDs on Darwin ([#6353](https://github.com/containerd/containerd/pull/6353)) * Skip WithAdditionalGIDs on Darwin * Use RFC3339 format on Windows periodic resource group creation so cleanup works ([#6303](https://github.com/containerd/containerd/pull/6303)) * Use RFC3339 format so rg cleanup works * update runc to v1.0.3 ([#6330](https://github.com/containerd/containerd/pull/6330)) * go.mod: github.com/opencontainers/runc v1.0.3 * update runc binary to v1.0.3 * Unblock native snapshotter on Darwin ([#6329](https://github.com/containerd/containerd/pull/6329)) * Allow native snapshotter on Darwin * Do not use `go get` to install executables ([#6328](https://github.com/containerd/containerd/pull/6328)) * Do not use `go get` to install executables * Include runtime v2 in default builtins ([#6326](https://github.com/containerd/containerd/pull/6326)) * Include runtime v2 in default builtins * Add Windows Server 2022 CI runs ([#6314](https://github.com/containerd/containerd/pull/6314)) * Add Windows Server 2022 CI runs * Set explicit ACL on test files ([#6324](https://github.com/containerd/containerd/pull/6324)) * Use a single RUN command * Set explicit ACL on test files * integration: align tags of test images ([#6311](https://github.com/containerd/containerd/pull/6311)) * integration: align tags of test images * Set CONTAINERD_ROOT in Windows cri-integration ([#6325](https://github.com/containerd/containerd/pull/6325)) * Set CONTAINERD_ROOT in Windows cri-integration * export oci.DeviceFromPath() ([#6312](https://github.com/containerd/containerd/pull/6312)) * export oci.DeviceFromPath() * Update volume test images ([#6321](https://github.com/containerd/containerd/pull/6321)) * Update continuity dependency * Update volume test images * Update TestRestartMonitor expected time check ([#6201](https://github.com/containerd/containerd/pull/6201)) * Add error logging on cleanup * Update TestRestartMonitor expected time check * Move test volume images from gcr to ghcr ([#6319](https://github.com/containerd/containerd/pull/6319)) * Move volume images from gcr to ghcr * Revert shim service plugin migration ([#6301](https://github.com/containerd/containerd/pull/6301)) * Revert shim plugin migration * Authenticate against ghcr.io ([#6317](https://github.com/containerd/containerd/pull/6317)) * Add permissions * Authenticate against ghcr.io * oci/deviceFromPath(): correctly check device types ([#6306](https://github.com/containerd/containerd/pull/6306)) * oci/deviceFromPath(): correctly check device types * Skip TestExportAndImportMultiLayer on Windows ([#6315](https://github.com/containerd/containerd/pull/6315)) * Skip TestExportAndImportMultiLayer on Windows * Integration: Add image build workflow ([#6290](https://github.com/containerd/containerd/pull/6290)) * Add image build workflow * Integration: Separate Windows Periodic Tests workflow trigger. ([#6286](https://github.com/containerd/containerd/pull/6286)) * Integration: Separate Windows Periodic Tests workflow trigger. * Build volume test images on Windows ([#6274](https://github.com/containerd/containerd/pull/6274)) * Build volume test images on Windows * Add VMware TKG & TCE to Containerd adopters ([#6297](https://github.com/containerd/containerd/pull/6297)) * Add VMware TKG & TCE to Containerd adopters * Vagrantfile: update to Fedora 35 ([#6293](https://github.com/containerd/containerd/pull/6293)) * Vagrantfile: update to Fedora 35 * Update README.md repo->org ([#6269](https://github.com/containerd/containerd/pull/6269)) * Update README.md repo->org * Fix executable file not found when restoring shims ([#6278](https://github.com/containerd/containerd/pull/6278)) * Fix executable file not found when restoring shims * ctr/snapshots/diff: show media-type in stderr ([#6271](https://github.com/containerd/containerd/pull/6271)) * ctr/snapshots/diff: don't show the media-type in output * ctr: Add Linux Capabilities control flags ([#6289](https://github.com/containerd/containerd/pull/6289)) * ctr: Add Linux Capabilities control flags * integration: add stats result in error message ([#6270](https://github.com/containerd/containerd/pull/6270)) * integration: add stats result in error message * releases: mark 1.4 as Extended ([#6287](https://github.com/containerd/containerd/pull/6287)) * docs: mark 1.4 as Extended * docs: fix RELEASES.md gRPC API anchor * feat: skip ci for fork ([#6284](https://github.com/containerd/containerd/pull/6284)) * feat: skip ci for fork * content/local: Close the file if Seek fails ([#6280](https://github.com/containerd/containerd/pull/6280)) * content/local: Close the file if Seek fails * Integration: Remove explicit version passing to `azure/CLI`. ([#6268](https://github.com/containerd/containerd/pull/6268)) * Integration: Remove explicit version passing to `azure/CLI`. * Fix wrong make target on documentation ([#6276](https://github.com/containerd/containerd/pull/6276)) * Fix wrong make target on documentation * fix: server error return ([#6272](https://github.com/containerd/containerd/pull/6272)) * fix: server error return * Prepare release notes for v1.6.0-beta.3 ([#6267](https://github.com/containerd/containerd/pull/6267)) * Prepare release notes for v1.6.0-beta.3 * Update API version in go.mod * Update release name to use consistent format * feat:support custom callopts on client side ([#6254](https://github.com/containerd/containerd/pull/6254)) * fix: make max recv/send msg size setting default * feat:support custom callopts on client side * [CRI] Fix panic when registry.mirrors use localhost ([#6258](https://github.com/containerd/containerd/pull/6258)) * [CRI] Fix panic when registry.mirrors use localhost * Add support for TMP override on toml ([#6241](https://github.com/containerd/containerd/pull/6241)) * Add support for TMP override on toml * CRI: Support enable_unprivileged_icmp and enable_unprivileged_ports options ([#6170](https://github.com/containerd/containerd/pull/6170)) * CRI: Support enable_unprivileged_icmp and enable_unprivileged_ports options * Github Security Advisory [GHSA-5j5w-g665-5m35](https://github.com/containerd/containerd/security/advisories/GHSA-5j5w-g665-5m35) * schema1: reject ambiguous documents * images: validate document type before unmarshal * [cri] add sandbox and container latency metrics ([#6111](https://github.com/containerd/containerd/pull/6111)) * [cri] add sandbox and container latency metrics * Integration: Generalize Windows CI setup scripts for any username. ([#6255](https://github.com/containerd/containerd/pull/6255)) * Generalize Windows CI setup script for any user. * Standardize cmdlet capitalization in Windows CI scripts. * feat: use rwmutex instead ([#6253](https://github.com/containerd/containerd/pull/6253)) * feat: use rwmutex instead * Allow absolute path to shim binaries ([#6206](https://github.com/containerd/containerd/pull/6206)) * Fix package alias * Support custom runtime path when launching tasks * Add runtime path in CreateTaskRequest * Close file if permission modification fails ([#6246](https://github.com/containerd/containerd/pull/6246)) * Close file if permission modification fails * release: change tar name to match prior releases ([#6250](https://github.com/containerd/containerd/pull/6250)) * release: change tar name to match prior releases * Fix wrong error returned for image index lookup ([#6237](https://github.com/containerd/containerd/pull/6237)) * Fix wrong error returned for image index lookup * Fix containerd fails to pull OCI image with non-`http(s)://` urls ([#6221](https://github.com/containerd/containerd/pull/6221)) * Fix containerd fails to pull OCI image with non-`http(s)://` urls * Prepare release notes for v1.6.0-beta.2 ([#6223](https://github.com/containerd/containerd/pull/6223)) * Prepare release notes for v1.6.0-beta.2 * Add arm64 to releases ([#6196](https://github.com/containerd/containerd/pull/6196)) * Rename release dockerfile to omit distro name * release: improve dockerfile * Add arm64 to releases * use write lock when updating container stats ([#6236](https://github.com/containerd/containerd/pull/6236)) * use write lock when updating container stats * go.mod: Bump hcsshim to v0.9.1 ([#6230](https://github.com/containerd/containerd/pull/6230)) * go.mod: Bump hcsshim to v0.9.1 * go.mod: Bump ttrpc to 1.1.0 ([#6228](https://github.com/containerd/containerd/pull/6228)) * go.mod: Bump ttrpc to 1.1.0 * go.mod: bump moby/sys/symlink v0.2.0, moby/sys/signal v0.6.0, moby/sys/mountinfo v0.5.0 ([#6213](https://github.com/containerd/containerd/pull/6213)) * go.mod: github.com/moby/sys/mountinfo v0.5.0 * go.mod: github.com/moby/sys/signal v0.6.0 * go.mod: github.com/moby/sys/symlink v0.2.0 * go.mod: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359 * cleanup: add more description on comment ([#6222](https://github.com/containerd/containerd/pull/6222)) * cleanup: add more description on comment * Update Go to 1.17.3 ([#6211](https://github.com/containerd/containerd/pull/6211)) * Update Go to 1.17.3 * CI: bump up crun: 1.0 -> 1.3 ([#6214](https://github.com/containerd/containerd/pull/6214)) * CI: bump up crun: 1.0 -> 1.3 * Pin az CLI version in windows-periodic workflow ([#6205](https://github.com/containerd/containerd/pull/6205)) * Pin az CLI version * Decouple task manager ([#5918](https://github.com/containerd/containerd/pull/5918)) * Address PR comments * Fix build after rebase * Migrate task directory * Expose shim process interface * Fix after rebase * Cleanup shim loading * Move shim restore to a separate file * Fix backward compatibility with old task shims * Add plugin dependency between shim and shim services * Rework task create and cleanup flow * Add task manager * Rename task manager to shim manager * [cri] Implement k8s 1.23 CRI Pod Sandbox and Container Stats ([#6113](https://github.com/containerd/containerd/pull/6113)) * Implement CRI container and pods stats * Vendor latest k8s.io/cri-api and netlink * test: Add grace period for restart monitor test ([#6200](https://github.com/containerd/containerd/pull/6200)) * test: Add grace period for restart monitor test * integration: Enables TestRuntimeHandler for Windows ([#6179](https://github.com/containerd/containerd/pull/6179)) * integration: Enables TestRuntimeHandler for Windows * Add mkdir on Dockerfile ([#6171](https://github.com/containerd/containerd/pull/6171)) * Add mkdir on Dockerfile * sys/reaper: avoid leaky goroutine when exec timeout ([#6189](https://github.com/containerd/containerd/pull/6189)) * sys/reaper: avoid leaky goroutine when exec timeout * adds additional debug out to timebox cni setup ([#6184](https://github.com/containerd/containerd/pull/6184)) * adds additional debug out to timebox cni setup * converter: Allow hooks during image conversion ([#6176](https://github.com/containerd/containerd/pull/6176)) * converter: Allow hooks during image conversion * compression: support zstd with skippable frame ([#6177](https://github.com/containerd/containerd/pull/6177)) * compression: support zstd with skippable frame * integration: Enables TestVolumeCopyUp for Windows ([#6182](https://github.com/containerd/containerd/pull/6182)) * integration: Enables TestVolumeCopyUp for Windows * integration: Enable some tests for Windows (part 2) ([#6121](https://github.com/containerd/containerd/pull/6121)) * integration: Enable some tests for Windows (part 2) * integration: Enable some tests for Windows ([#6085](https://github.com/containerd/containerd/pull/6085)) * integration: Enable some tests for Windows * Update doc to version 2 syntax ([#6125](https://github.com/containerd/containerd/pull/6125)) * feat(doc): update to version 2 syntax * fix shim reaper wait command execute blocked ([#6166](https://github.com/containerd/containerd/pull/6166)) * fix shim reaper wait command execute blocked * content: close stream after commit request ([#6145](https://github.com/containerd/containerd/pull/6145)) * content: close stream after commit request * Generating token options with each scope as a separate string. ([#6165](https://github.com/containerd/containerd/pull/6165)) * Adding scope tests for ParseAuthHeader * Adding tests for GenerateTokenOptions * Generate token options with each scope as a separate string. * vendor: Updates go-cni ([#6167](https://github.com/containerd/containerd/pull/6167)) * vendor: Updates go-cni * commands: Enables task metrics for Windows ([#6159](https://github.com/containerd/containerd/pull/6159)) * commands: Enables task metrics for Windows * vendor: update moby/sys for darwin support ([#6149](https://github.com/containerd/containerd/pull/6149)) * vendor: update moby/sys for darwin support * Prepare v1.6.0-beta.1 ([#6144](https://github.com/containerd/containerd/pull/6144)) * Prepare release notes for v1.6.0-beta.1 * Update mailmap * Update api vendor * bump cni to spec v1.0.0 ([#6136](https://github.com/containerd/containerd/pull/6136)) * bump CNI to spec v1.0.0 * Inject otel traces to grpc client. ([#5992](https://github.com/containerd/containerd/pull/5992)) * Inject otel traces to grpc client. * client: expose (*image).platform ([#6142](https://github.com/containerd/containerd/pull/6142)) * client: expose (*image).platform * Adding documentation for Core Scheduling ([#6128](https://github.com/containerd/containerd/pull/6128)) * feat(doc): add Core Scheduling documentation * Ensure namespace is proxied to grpc/ttrpc plugins ([#6130](https://github.com/containerd/containerd/pull/6130)) * Ensure namespace is proxied to grpc/ttrpc plugins * fix #6054 MaxConcurrentDownloads is not effect when Unpack is true ([#6109](https://github.com/containerd/containerd/pull/6109)) * fix #6054 MaxConcurrentDownloads is not effect when Unpack is true * Output a warning for label image labels instead of erroring ([#6124](https://github.com/containerd/containerd/pull/6124)) * Output a warning for label image labels instead of erroring * Fix spelling mistake in Windows snapshotter ([#6132](https://github.com/containerd/containerd/pull/6132)) * Fix spelling mistake in Windows snapshotter * Windows: Cleanup rm- prefixed layers ([#6126](https://github.com/containerd/containerd/pull/6126)) * Windows: Cleanup rm- prefixed layers * cleanup deprecated package `io/ioutil ` ([#6118](https://github.com/containerd/containerd/pull/6118)) * io/ioutil package has been deprecated in Go 1.16 that replaces io/ioutil functions * close Writer after use which may memory leak ([#6115](https://github.com/containerd/containerd/pull/6115)) * close Writer after use which may leak mem * Adds Windows resource limits support ([#5778](https://github.com/containerd/containerd/pull/5778)) * Adds Windows resource limits support * Prepare release notes for v1.6.0-beta.0 ([#6098](https://github.com/containerd/containerd/pull/6098)) * Prepare release notes for v1.6.0-beta.0 * Add error message to in TestContainerdRestart integration test ([#6105](https://github.com/containerd/containerd/pull/6105)) * Add error message to in TestContainerdRestart integration test * Fix typo in the NewContainer function documentation ([#6110](https://github.com/containerd/containerd/pull/6110)) * Fix typo in the NewContainer function documentation * Update cgroups to v1.0.2 ([#6104](https://github.com/containerd/containerd/pull/6104)) * Update cgroups to v1.0.2 * btrfs: verify file content after mount ([#6100](https://github.com/containerd/containerd/pull/6100)) * test: check file content after mount * Update test timeout based on recent cancellations ([#6107](https://github.com/containerd/containerd/pull/6107)) * Update test timeout based on recent cancellations * Check the pid in cri test teardown ([#6106](https://github.com/containerd/containerd/pull/6106)) * Remove extra test_teardown * Check the pid in cri test teardown * add runc shim support for sched core ([#6011](https://github.com/containerd/containerd/pull/6011)) * fix integration client vendor * add runc shim support for sched core * integration: Enables Windows containerd restart test ([#5579](https://github.com/containerd/containerd/pull/5579)) * integration: Enables Windows containerd restart test * vendor: Bump hcsshim to 0.9.0 ([#6099](https://github.com/containerd/containerd/pull/6099)) * vendor: Bump hcsshim to 0.9.0 * [cri] Add CNI conf based on runtime class ([#4695](https://github.com/containerd/containerd/pull/4695)) * Add CNI conf based on runtime class * Update Go to 1.17.2 ([#6102](https://github.com/containerd/containerd/pull/6102)) * Update Go to 1.17.2 * integration: Adds test for multilayer image import ([#5933](https://github.com/containerd/containerd/pull/5933)) * integration: Adds test for multilayer image import * runtime: should fail fast if dial error on shim ([#6031](https://github.com/containerd/containerd/pull/6031)) * runtime: should fail fast if dial error on shim * Fixes Windows containers with image volumes ([#6034](https://github.com/containerd/containerd/pull/6034)) * Windows: Fixes Windows containers with image volumes * run `gofmt` with GO 1.17 ([#6094](https://github.com/containerd/containerd/pull/6094)) * run `gofmt` with Go 1.17 * pkg/cap: remove an outdated comment ([#6088](https://github.com/containerd/containerd/pull/6088)) * pkg/cap: remove an outdated comment * Update go otel 1.0.1 ([#6066](https://github.com/containerd/containerd/pull/6066)) * Update go otel 1.0.1 * Update ADOPTERS.md with additional uses ([#6086](https://github.com/containerd/containerd/pull/6086)) * Update ADOPTERS.md with additional uses * modify the way for checking cos ([#6082](https://github.com/containerd/containerd/pull/6082)) * modify the way for checking cos * Fuzzing: Add fuzzers + small modifications ([#5915](https://github.com/containerd/containerd/pull/5915)) * Fuzzing: Add 4 fuzzers + small modifications * Fixes for Windows CI ([#6081](https://github.com/containerd/containerd/pull/6081)) * Pin mingw to version 10.2.0 * Update to golang 1.17.1 * Install nssm * Github Security Advisory [GHSA-c2h3-6mxw-7mvq](https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq) * btrfs: reduce permissions on plugin directories * v1 runtime: reduce permissions for bundle dir * v2 runtime: reduce permissions for bundle dir * task service: return known error type ([#6079](https://github.com/containerd/containerd/pull/6079)) * task service: return known error type * refactor: move from io/ioutil to io and os package ([#5973](https://github.com/containerd/containerd/pull/5973)) * refactor: move from io/ioutil to io and os package * fix: import from k8s.io/utils/clock instead ([#6076](https://github.com/containerd/containerd/pull/6076)) * fix: update vendor * cleanup: import from k8s.io/utils/clock/testing instead * cleanup: import from k8s.io/utils/clock instead * feat: enable integration cri remote client to call with grpc calloptions ([#6069](https://github.com/containerd/containerd/pull/6069)) * feat: enable cri remote client to call with grpc calloptions * cleanup k8s ansible yaml (carry for #5713) ([#6074](https://github.com/containerd/containerd/pull/6074)) * cleanup k8s ansible yaml (carry for https://github.com/jayonlau <jayonlau@gmail.com>) * feat: support import image for specific platform ([#6070](https://github.com/containerd/containerd/pull/6070)) * fix: wrong flag type * feat: support import image for specific platform * Update mirror images to take target image name ([#6065](https://github.com/containerd/containerd/pull/6065)) * Update mirror images to take target image name * fix: make exec-id flag required in exec command ([#6059](https://github.com/containerd/containerd/pull/6059)) * fix: make exec-id flag required in exec command * images: enable converter to uncompress zstd ([#6052](https://github.com/containerd/containerd/pull/6052)) * images: enable converter to uncompress zstd * replace deprecated function with Domain and Path ([#5922](https://github.com/containerd/containerd/pull/5922)) * replace deprecated function * integration: Adds Windows HostProcess tests ([#5853](https://github.com/containerd/containerd/pull/5853)) * integration: Adds Windows HostProcess tests * Fix main branch build is broken ([#6047](https://github.com/containerd/containerd/pull/6047)) * Fix main branch build is broken * Add open telemetry logging hook for logrus ([#6003](https://github.com/containerd/containerd/pull/6003)) * Add open telemetry logging hook for logrus * Change `oci.WithUser` behavior for LCOW ([#6023](https://github.com/containerd/containerd/pull/6023)) * Change oci.WithUser behavior for LCOW * switch usage directly to errdefs.(ErrAlreadyExists and ErrNotFound) ([#5946](https://github.com/containerd/containerd/pull/5946)) * switch usage directly to errdefs.(ErrAlreadyExists and ErrNotFound) * import: Raise error if the imported image is filtered out ([#5926](https://github.com/containerd/containerd/pull/5926)) * import: Raise error if the imported image is filtered out * Fix panic in metadata content writer on copy error ([#6043](https://github.com/containerd/containerd/pull/6043)) * Fix panic in metadata content writer on copy error * Move tracing to plugin ([#6001](https://github.com/containerd/containerd/pull/6001)) * Move tracing to plugin * ctr: Fixes Windows image import ([#5916](https://github.com/containerd/containerd/pull/5916)) * ctr: Fixes Windows image import * update open go.opentelemetry.io v1.0.0 to fix import path ([#6017](https://github.com/containerd/containerd/pull/6017)) * go.mod: update opentelemetry modules to v1.0.0 * fix error string format ([#5979](https://github.com/containerd/containerd/pull/5979)) * fix error string format * Add github action to mirror image ([#6036](https://github.com/containerd/containerd/pull/6036)) * Add github action to mirror image * add current process state to the error message ([#6027](https://github.com/containerd/containerd/pull/6027)) * add current process state to the error message * FreeBSD: fix tar headers & the nil check on getxattr ([#5991](https://github.com/containerd/containerd/pull/5991)) * FreeBSD: fix tar headers & the nil check on getxattr * gha: collect VMs' IP addresses ([#6035](https://github.com/containerd/containerd/pull/6035)) * gha: collect Vagrant VMs' IP addresses * bump continuity and console version that remove pkg/errors ([#6033](https://github.com/containerd/containerd/pull/6033)) * bump continuity and console version that remove pkg/errors * import: Add option to prevent duplicated digest image ([#5997](https://github.com/containerd/containerd/pull/5997)) * import: Add option to skip creating digest image * ctr namespaces: improve usage string ([#5998](https://github.com/containerd/containerd/pull/5998)) * ctr namespaces: improve usage string * bump console version to v1.0.3 that remove pkg/errors ([#6028](https://github.com/containerd/containerd/pull/6028)) * bump console version to v1.0.3 that remove pkg/errors * Use github images for integration tests ([#6032](https://github.com/containerd/containerd/pull/6032)) * Use github images for integration tests * Fix typo ([#5995](https://github.com/containerd/containerd/pull/5995)) * Fix typo * Enable image config labels in ctr and CRI container creation ([#6012](https://github.com/containerd/containerd/pull/6012)) * Enable image config labels in ctr and CRI container creation * Make sure exit signals trigger an exit during init ([#5970](https://github.com/containerd/containerd/pull/5970)) * Make sure exit signals trigger an exit during init * task delete: Closes task IO before waiting ([#5974](https://github.com/containerd/containerd/pull/5974)) * task delete: Closes task IO before waiting * CI: bump up crun to 1.0 ([#5985](https://github.com/containerd/containerd/pull/5985)) * CI: bump up crun to 1.0 * seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted) ([#5982](https://github.com/containerd/containerd/pull/5982)) * seccomp: support "clone3" (return ENOSYS unless SYS_ADMIN is granted) * Update to Go 1.17.1 ([#5990](https://github.com/containerd/containerd/pull/5990)) * Update to Go 1.17.1 * CI: Switch to available latest images ([#5987](https://github.com/containerd/containerd/pull/5987)) * CI: Switch to available latest images * add xfs support to devicemapper snapshotter ([#5610](https://github.com/containerd/containerd/pull/5610)) * add xfs support to devicemapper snapshotter * Fixes task kill --force on Windows ([#5956](https://github.com/containerd/containerd/pull/5956)) * Fixes task kill --force on Windows * Add support for shim plugins ([#5817](https://github.com/containerd/containerd/pull/5817)) * Add support for shim plugins * vendor: update continuity for darwin support ([#5976](https://github.com/containerd/containerd/pull/5976)) * vendor: update continuity for darwin support * replace uses of os/exec with golang.org/x/sys/execabs ([#5906](https://github.com/containerd/containerd/pull/5906)) * replace uses of os/exec with golang.org/x/sys/execabs * complete integration test for pulling image with labels ([#5972](https://github.com/containerd/containerd/pull/5972)) * Additional integration tests for pulling image with labels * Fix content copy to not ignore unexpected EOF ([#5966](https://github.com/containerd/containerd/pull/5966)) * Fix content copy to not ignore unexpected EOF * add ip_pref CNI options for primary pod ip ([#5964](https://github.com/containerd/containerd/pull/5964)) * add ip_pref CNI options for primary pod ip * cri: add devices for privileged container ([#5939](https://github.com/containerd/containerd/pull/5939)) * cri: add devices for privileged container * sandbox: Allows the sandbox to be deleted in NotReady state ([#5954](https://github.com/containerd/containerd/pull/5954)) * sandbox: Allows the sandbox to be deleted in NotReady state * pin protobuild version to tag ([#5969](https://github.com/containerd/containerd/pull/5969)) * pin protobuild version to tag * Add metric exposing build version&revision ([#5965](https://github.com/containerd/containerd/pull/5965)) * use a const metric for build_info * Add metric exposing build version&revision * Feature: containerd-cri support LinuxContainerResources.Unified ([#5627](https://github.com/containerd/containerd/pull/5627)) * add cri test case * feature: add field LinuxContainerResources.Unified on cri * integration: investigate TestRestartMonitor's failure ([#5861](https://github.com/containerd/containerd/pull/5861)) * integration: investigate TestRestartMonitor's failure * Use issue forms for bug reporting ([#5917](https://github.com/containerd/containerd/pull/5917)) * Address issue forms feedback * Use issue forms for bug reporting * cri: patch update image labels ([#5945](https://github.com/containerd/containerd/pull/5945)) * cri: patch update image labels * darwin: runtime support ([#5936](https://github.com/containerd/containerd/pull/5936)) * darwin: runtime support * darwin: use the default values for socketRoot variable * Update RELEASES.md ([#5858](https://github.com/containerd/containerd/pull/5858)) * Update RELEASES.md * archive: Add WriteDiff error logs ([#5949](https://github.com/containerd/containerd/pull/5949)) * archive: Add WriteDiff error logs * replace deprecated Dialer with ContextDialer ([#5958](https://github.com/containerd/containerd/pull/5958)) * replace deprecated Dail with DailContext * Add WS2022 support in Windows Periodic tests ([#5951](https://github.com/containerd/containerd/pull/5951)) * Add WS2022 support in Windows Periodic tests * Content fuzzer: Clean up temp store dir ([#5943](https://github.com/containerd/containerd/pull/5943)) * content fuzzer: Clean up tempdir * using Hosts replace deprecated field ([#5944](https://github.com/containerd/containerd/pull/5944)) * using Hosts replace deprecated field * fix document non-synchronous ([#5947](https://github.com/containerd/containerd/pull/5947)) * fix document non-synchronous in crictl.md * go.mod: Update hcsshim to v0.8.21 ([#5929](https://github.com/containerd/containerd/pull/5929)) * go.mod: Update hcsshim to v0.8.21 * Makefile.linux: build on RISC-V with PIE ([#5937](https://github.com/containerd/containerd/pull/5937)) * Makefile.linux: build on riscv with PIE * Fix cwd flag for `ctr tasks exec` ([#5932](https://github.com/containerd/containerd/pull/5932)) * Fix cwd flag for `ctr tasks exec` * Update Pause image in tests & config ([#5927](https://github.com/containerd/containerd/pull/5927)) * Update Pause image in tests & config * cri: Devices ownership from SecurityContext ([#5122](https://github.com/containerd/containerd/pull/5122)) * cri: Devices ownership from SecurityContext * Fix pull fails on unexpected EOF ([#5921](https://github.com/containerd/containerd/pull/5921)) * Fix pull fails on unexpected EOF * Fix dir support for devices ([#5845](https://github.com/containerd/containerd/pull/5845)) * Adding testing of two devices * Fix dir support for devices V3 (#4847) * windows: The DefaultSpec platform should match the Default matcher ([#5914](https://github.com/containerd/containerd/pull/5914)) * windows: The DefaultSpec platform should match the Default matcher * Add RunAsUserName functionality for the Windows pod sandbox container ([#5865](https://github.com/containerd/containerd/pull/5865)) * Add RunAsUserName functionality for the Windows Pod Sandbox Container * bump up runc v1.0.2 ([#5899](https://github.com/containerd/containerd/pull/5899)) * go.mod: update runc to v1.0.2 * update runc binary to v1.0.2 * Run `go fmt` with Go 1.17 ([#5903](https://github.com/containerd/containerd/pull/5903)) * Run `go fmt` with Go 1.17 * go.mod: github.com/pelletier/go-toml v1.9.3 ([#5905](https://github.com/containerd/containerd/pull/5905)) * go.mod: github.com/pelletier/go-toml v1.9.3 * cri: filter selinux xattr for image volumes ([#5902](https://github.com/containerd/containerd/pull/5902)) * cri: filter selinux xattr for image volumes * Add Windows HostProcess Support ([#5131](https://github.com/containerd/containerd/pull/5131)) * Added windows hostProcess cni skip * script: update golangci-lint from v1.38.0 and v1.36.0 to v1.42.0 ([#5897](https://github.com/containerd/containerd/pull/5897)) * script: update golangci-lint from v1.38.0 and v1.36.0 to v1.42.0 * Update to Go 1.17 ([#5889](https://github.com/containerd/containerd/pull/5889)) * Bump integration timeout to 35 min * Update to Go 1.17 * integration: fix TestContainerPids ([#5896](https://github.com/containerd/containerd/pull/5896)) * integration: fix TestContainerPids * [ctr] add HOSTNAME env for host network ([#5891](https://github.com/containerd/containerd/pull/5891)) * [ctr] add HOSTNAME env for host network * Fuzzing: Add fuzzer ([#5886](https://github.com/containerd/containerd/pull/5886)) * Fuzzing: Add fuzzer * Make Cgroup driver configurable in gce configure script ([#5884](https://github.com/containerd/containerd/pull/5884)) * Add env for SystemdCgroup driver * Allow expanded DNS configuration ([#5878](https://github.com/containerd/containerd/pull/5878)) * Allow expanded DNS configuration * Fuzzing: Add 4 fuzzers ([#5863](https://github.com/containerd/containerd/pull/5863)) * Fuzzing: Add 4 fuzzers * Cleanup v2 shim ([#5813](https://github.com/containerd/containerd/pull/5813)) * Cleanup v2 shim * Fuzzing: Add experimental version of container fuzzer ([#5840](https://github.com/containerd/containerd/pull/5840)) * Use http.Get to download binaries instead of exec.Command * Fuzzing: Add experimental version of container fuzzer * add cpu-shares to ctr ([#5846](https://github.com/containerd/containerd/pull/5846)) * add cpu-shares to ctr * docs: rename master to main (it was opposite on the actual commit) ([#5847](https://github.com/containerd/containerd/pull/5847)) * docs: rename main to master * content: return the error with its timestamp ([#5849](https://github.com/containerd/containerd/pull/5849)) * content: return the error with its timestamp * Fix bad `make protos` failure ([#5857](https://github.com/containerd/containerd/pull/5857)) * Fix bad `make protos` failure * replace cri and point to new location ([#5851](https://github.com/containerd/containerd/pull/5851)) * archive docs and point to new location fix #https://github.com/containerd/cri/issues/1624 * docs: remove FOSSA's badge ([#5856](https://github.com/containerd/containerd/pull/5856)) * docs: remove FOSSA's badge * BUILDING.md: remove some bits about building runc ([#5850](https://github.com/containerd/containerd/pull/5850)) * BUILDING.md: remove some bits about building runc * BUILDING.md: markdown fixes * go.mod: update k8s deps to v1.22.0 ([#5836](https://github.com/containerd/containerd/pull/5836)) * go.mod: update kubernetes to v1.22.0 * [Scripts] Add trap to cri-integration test script ([#5852](https://github.com/containerd/containerd/pull/5852)) * Add trap to cri-integration test script * docs: list all snapshotter-related build flags ([#5848](https://github.com/containerd/containerd/pull/5848)) * docs: list all snapshotter-related build flags * Move plugin context events into separate plugin ([#5835](https://github.com/containerd/containerd/pull/5835)) * Move plugin context events into separate plugin * Fix Linux CI Linter using Go 1.15.14 ([#5839](https://github.com/containerd/containerd/pull/5839)) * Fix Linux CI Linter using go 1.15.14 * Update Go to 1.16.7 ([#5842](https://github.com/containerd/containerd/pull/5842)) * Update Go to 1.16.7 * Cleanup CI ([#5838](https://github.com/containerd/containerd/pull/5838)) * Cleanup CI * Remove redundant build tags ([#5834](https://github.com/containerd/containerd/pull/5834)) * Remove redundant build tags * Change default directories on Darwin ([#5830](https://github.com/containerd/containerd/pull/5830)) * Change default directories on Darwin * [otel-tracing] Initial opentelemetry support ([#5731](https://github.com/containerd/containerd/pull/5731)) * [otel-tracing] vendor and go modules changes * [otel-tracing] Initial opentelemetry support * remove go 1.13 from containerd * Fuzzing: Fix for OSS-fuzz issue 36825 ([#5829](https://github.com/containerd/containerd/pull/5829)) * Fuzzing: Fix for OSS-fuzz issue 36825 * Fuzzing: Add two fuzzers ([#5825](https://github.com/containerd/containerd/pull/5825)) * Fuzzing: Add two more fuzzers * scripts: linting fixes, and remove support for Debian Jessie (as it's EOL) ([#5760](https://github.com/containerd/containerd/pull/5760)) * scripts: declare ROOT closer to where it's used, and some DRY changes * scripts: add missing quotes, and minor linting issues * test/build-utils.sh: remove support for Debian Jessie * platforms: Format(): use path.Join() instead of joinNotEmpty() ([#5821](https://github.com/containerd/containerd/pull/5821)) * platforms: Format(): use path.Join() instead of joinNotEmpty() * Fuzzing: Remove panics of container_fuzzer ([#5823](https://github.com/containerd/containerd/pull/5823)) * Fuzzing: Remove panics of container_fuzzer * Fuzzing: Add container fuzzer ([#5785](https://github.com/containerd/containerd/pull/5785)) * Change protoc link * Split fuzzer to two fuzzers * Fuzzing: Add container fuzzer * runtime: fix the issue of create new socket with abstract address ([#5746](https://github.com/containerd/containerd/pull/5746)) * runtime: fix the issue of create new socket with abstract address * mergo: Upgrade to 0.3.12 to fix panic ([#5809](https://github.com/containerd/containerd/pull/5809)) * mergo: Upgrade to 0.3.12 to fix panic * ci: install criu from PPA ([#5802](https://github.com/containerd/containerd/pull/5802)) * ci: install criu from PPA * Update release workflow to upload binary without CNI ([#5144](https://github.com/containerd/containerd/pull/5144)) * Split release steps into multiple tasks * Update release workflow to upload binary without CNI * Enable critest on Windows Periodic Jobs ([#5725](https://github.com/containerd/containerd/pull/5725)) * Enable critest on Windows * Script to check if entries in go.mod files are in sync ([#5792](https://github.com/containerd/containerd/pull/5792)) * Script to check if entries in go.mod files are in sync * Add a sharedNamespace label ([#5043](https://github.com/containerd/containerd/pull/5043)) * Add shared content label to namespaces * platforms: add "ios" as known OS, "loong64" as known ARCH ([#5784](https://github.com/containerd/containerd/pull/5784)) * platforms: add "ios" as known OS, "loong64" as known ARCH * Updates the location of protobuf downloads ([#5804](https://github.com/containerd/containerd/pull/5804)) * Updates the location of protobuf downloads in docs * Update protobuf install to use correct repository ([#5803](https://github.com/containerd/containerd/pull/5803)) * Update protobuf install to use correct repository * overlay: expose upperdir location of each snapshot via an optional label ([#5624](https://github.com/containerd/containerd/pull/5624)) * overlay: add an optional label of upperdir location of each snapshot * Support SIGRTMIN+n signals ([#5693](https://github.com/containerd/containerd/pull/5693)) * Support SIGRTMIN+n signals * respect context timeout in shim binary call ([#5800](https://github.com/containerd/containerd/pull/5800)) * respect context timeout in shim binary call * Introduce a new go module - containerd/api for use in standalone clients ([#5716](https://github.com/containerd/containerd/pull/5716)) * Introduce a new go module - containerd/api for use in standalone clients * grpc config add options tcp_client_ca_cert ([#5606](https://github.com/containerd/containerd/pull/5606)) * grpc config add options tcp_tls_ca * integration: Windows volume-copy-up images ([#5162](https://github.com/containerd/containerd/pull/5162)) * integration: Windows volume-copy-up images * add CRI support matrix to RELEASES.md ([#5795](https://github.com/containerd/containerd/pull/5795)) * add CRI support matrix to RELEASES.md * adding a little more clarity ([#5794](https://github.com/containerd/containerd/pull/5794)) * adding a little more clarity * update gotestsum to v1.7.0 ([#5793](https://github.com/containerd/containerd/pull/5793)) * update gotestsum to v1.7.0 * Discard blocks when removing a thin device ([#5756](https://github.com/containerd/containerd/pull/5756)) * Discard blocks when removing a thin device * Makefile: fix passing build tags ([#5590](https://github.com/containerd/containerd/pull/5590)) * Makefile: pass build tags to manpage build process * Makefile: fix tags parameter computation * Add runtime label to metrics ([#5744](https://github.com/containerd/containerd/pull/5744)) * Add runtime label to metrics * interface about shim build check ([#5745](https://github.com/containerd/containerd/pull/5745)) * interface about shim build check * integration: log all processes to investigate the test failure ([#5775](https://github.com/containerd/containerd/pull/5775)) * integration: log all processes to investigate the test failure * Fuzzing: Add archive fuzzer ([#5779](https://github.com/containerd/containerd/pull/5779)) * Fuzzing: Add archive fuzzer * Add docker.Fetch fuzzer ([#5687](https://github.com/containerd/containerd/pull/5687)) * Add docker fetch fuzzer * Support custom compressor for walking differ ([#5735](https://github.com/containerd/containerd/pull/5735)) * Support custom compressor for walking differ * remotes/docker/pusher.go: Fix missing Close() on push to docker remote ([#5770](https://github.com/containerd/containerd/pull/5770)) * remotes/docker/pusher.go: Fix missing Close() * remotes/docker/fetcher.go: Fix missing Close() on fetch from docker remote ([#5769](https://github.com/containerd/containerd/pull/5769)) * remotes/docker/fetcher.go: Fix missing Close() * Update cpuguy83/go-md2man binary to v2.0.1 ([#5771](https://github.com/containerd/containerd/pull/5771)) * Update cpuguy83/go-md2man binary to v2.0.1 * Refactor / optimize contrib/Dockerfile.test ([#5750](https://github.com/containerd/containerd/pull/5750)) * Dockerfile.test: build containerd in separate stage * Dockerfile.test: add GOLANG_IMAGE build arg to allow overriding * Dockerfile.test: clean up apt indexes after installing * Dockerfile.test: build critools in a separate stage * Dockerfile.test: build cni in a separate stage * Dockerfile.test: standard directory to collect build aftifacts * Dockerfile.test: split dev stage, and optimize order * Dockerfile.test: skip curl, gcc, git and make install * install-critools: make sure DESTDIR exists * update gotestsum to current master ([#5754](https://github.com/containerd/containerd/pull/5754)) * update gotestsum to current master * Github Security Advisory [GHSA-c72p-9xmj-rx3w](https://github.com/containerd/containerd/security/advisories/GHSA-c72p-9xmj-rx3w) * Add test for archive breakout test for lchmod * Use systemd cgroup driver for Kubernetes e2e tests with cgroupsv2 ([#5755](https://github.com/containerd/containerd/pull/5755)) * Use systemd cgroup driver for cgroupv2 tests * update runc to v1.0.1 ([#5751](https://github.com/con…
fixes #6168
Commit fb06883 (#1403) implemented the
Normalize()
function, but marked these fields as deprecated.It's unclear what the motivation was for this (#1403 (comment)), as the fields are part of the OCI Image spec. On Windows, the OSVersion field specifically is important when matching images (as kernel versions may not be compatible).
This patch updates platforms.Normalize() to preserve the OSVersion and OSFeatures fields.
As a follow-up, we should look at defining an appropriate string-representation for these fields (possibly as part of the OCI Spec), and update platforms.Parse() accordingly.