Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump libseccomp #7657

Merged
merged 2 commits into from
Jan 18, 2022
Merged

Bump libseccomp #7657

merged 2 commits into from
Jan 18, 2022

Conversation

csweichel
Copy link
Contributor

@csweichel csweichel commented Jan 18, 2022
edited by kylos101
Loading

Description

This PR bumps the libseccomp-golang dependency which improves the stability of the seccomp-notify interface.
We stress-tested the mount syscall in a preview environment and were able to reproduce the the issue. Talking to IWS directly, we were unable to reproduce the issue.

Related Issue(s)

Fixes #5945

How to test

Put stress on the mount syscall, e.g. starting many containers in parallel.

Release Notes

Make proc mounts more reliable which affects parallel Docker container startup

@roboquat roboquat added release-note team: workspace Issue belongs to the Workspace team labels Jan 18, 2022
@codecov
Copy link

codecov bot commented Jan 18, 2022
edited
Loading

Codecov Report

Merging #7657 (1f0f301) into main (bb80946) will decrease coverage by 2.60%.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff            @@
##             main   #7657      +/-   ##
=========================================
- Coverage   11.63%   9.03%   -2.61%     
=========================================
  Files          20      22       +2     
  Lines        1160    1715     +555     
=========================================
+ Hits          135     155      +20     
- Misses       1022    1556     +534     
- Partials        3       4       +1
Flag Coverage Δ
components-gitpod-cli-app 10.38% <ø> (ø)
components-local-app-app-darwin-amd64 ?
components-local-app-app-darwin-arm64 ?
components-local-app-app-linux-amd64 ?
components-local-app-app-linux-arm64 ?
components-local-app-app-windows-386 ?
components-local-app-app-windows-amd64 ?
components-local-app-app-windows-arm64 ?
components-workspacekit-app 7.19% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
components/local-app/pkg/auth/auth.go
components/local-app/pkg/auth/pkce.go
components/workspacekit/cmd/rings.go 6.46% <0.00%> (ø)
components/workspacekit/cmd/lift.go 18.18% <0.00%> (ø)
components/workspacekit/cmd/nsenter.go 25.00% <0.00%> (ø)
components/workspacekit/cmd/root.go 0.00% <0.00%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update bb80946...1f0f301. Read the comment docs.

@csweichel
Bump libseccomp-golang
2aceee3
@csweichel
[ws-daemon] Tune down findHostPID errors
1f0f301 
because they're not really errors but rather a race between the proc
crawling during PID translation, and short-lived processes.
@aledbf
Copy link
Member

aledbf commented Jan 18, 2022

/lgtm

@roboquat roboquat added the lgtm label Jan 18, 2022
@roboquat
Copy link
Contributor

LGTM label has been added.

Git tree hash: 3162d6bc28052088b43c61be900cbf1dc2392bac

@roboquat
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: aledbf

Associated issue: #5954

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@roboquat roboquat merged commit d015560 into main Jan 18, 2022
@roboquat roboquat deleted the cw/fix-5954 branch January 18, 2022 14:07
This was referenced Jan 18, 2022
Closed
Closed
@kylos101 kylos101 linked an issue Jan 18, 2022 that may be closed by this pull request
random containers fails to start #7294
Closed
@kylos101 kylos101 mentioned this pull request Jan 18, 2022
Closed
@csweichel csweichel mentioned this pull request Jan 20, 2022
Merged
@aledbf aledbf mentioned this pull request Jan 20, 2022
Closed
@roboquat roboquat added deployed: workspace Workspace team change is running in production deployed Change is completely running in production labels Jan 20, 2022
@Furisto Furisto mentioned this pull request Jan 24, 2022
Closed
@jimmykarily jimmykarily mentioned this pull request Mar 12, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@aledbf aledbf

Labels
approved deployed: workspace Workspace team change is running in production deployed Change is completely running in production release-note size/XXL team: workspace Issue belongs to the Workspace team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

random containers fails to start sometime some docker services crash: OCI runtime failed: container_linux.go
3 participants
@csweichel @aledbf @roboquat