This repository has been archived by the owner on May 12, 2021. It is now read-only.
# Kata Containers 1.13.0-alpha0 #3119
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- blk-dev: hotplug read only if applicable - virtcontainers: Append max_ports to virtio-serial device - qemu: no state to save if QEMU isn't running - enable -pflash in kata - github: Add github actions - versions: Update firecracker to 0.21.3 - build: Remove default hypervisor message from build - shimv2: Add tracing - cli: make check subcommand more tolerant to failures - versions: Bump the newest-version of OpenShift - version: add new docker version entry for agent test on arm - virtcontainers: Don't set CTTY - runtime: sleep 1 second after GetOOMEvent failed - [backport] runtime: clh: disable virtiofs DAX when FS cache size is 0 - release: Fix release candidate to major version upgrade check - Validate annotations that refer to binaries - Call s.newStore.Destroy if globalSandboxList.addSandbox failed - clh: let clh config build for arm64 - Backport mount fixes to stable-1.12 - annotations: Improve asset annotation handling - readonly volume should be bind mounted readonly on the host - versions: Update cloud-hypervisor to release v0.11.0 - runtime: Ignore ENOENT in kill/delete - clh: Consolidate the code path for device unplug - Fix some error reporting in listInterfaces() and listRoutes() - gitignore: Ignore cli/containerd-shim-kata-v2/config-generated.go - Handle PCI paths more consistently - arm64: correct bridge type for QEMUVIRT machine b2956f3 blk-dev: hotplug read only if applicable 8b74066 volumes: cleanup, minimal refactoring cf32518 govmm: revendor to get latest changes 188424a vendor: update govmm from intel to kata-containers 0fb409d github: Add github actions 664f1b2 ACPI: enable acpi for arm64 on qemu cafd967 Gopkg: update govmm to involve pflash in 7b1d678 qemu: no state to save if QEMU isn't running 11c8c19 versions: Update firecracker to 0.21.3 a91deab virtcontainers: Append max_ports to virtio-serial device 0279c81 shimv2: Add tracing to shimv2 bcf29ba build: Remove default hypervisor message from build c963777 cli: check modules and permissions before loading a module f2ff670 cli: don't fail if rate limit is exceeded c56af73 virtcontainers: Don't set Ctty ba5ca59 versions: Bump the newest-version of OpenShift e4a68a7 runtime: clh: update cloud-hypervisor 02af5c9 runtime: clh: disable virtiofs DAX when FS cache size is 0 fc6beea release: Fix release candidate to major version upgrade check 8fbf9aa tests: Ensure semver build metadata is ignored df99deb release: Make error format string consistent 559ba41 runtime: sleep 1 second after GetOOMEvent failed 27c558e version: add new docker version entry for agent test on arm 38fc74c tests: Update assets test to adapt to recent changes fc412ad makefile: Enable hypervisor annotations by default f89fac9 config: Rename 'runtime' to 'runtimeConfig' cf3a7eb config: Improve comments in configuration file templates 31f0ed5 config: Make configuration file comments consistent 1a7eeb6 annotations: Correct unit tests to validate new protections 2235d5d annotations: Split addHypervisorOverrides to reduce complexity 151e6fc annotations: Add unit test for checkPathIsInGlobs ad9ce3f annotations: Add unit test for regexpContains function 90ff89e runtime: Fix firecracker config 612fb2c makefile: Add missing generated vars to `USER_VARS` 979e630 makefile: Improve names of config entries for annotation checks d412a7f annotations: Give better names to local variabes in search functions 58de2c5 annotations: Rename checkPathIsInGlobList with checkPathIsInGlobs 849f17c config: Add better comments in the template files bce2528 config: Whitelist hypervisor annotations by name 2417d0b config: Use glob instead of regexp to match paths in annotations 1e036c8 annotations: Fix typo in comment 5ee9b20 config: Add makefile variables for path lists ed56c9d config: Protect file_mem_backend against annotation attacks 2f0360b config: Protect vhost_user_store_path against annotation attacks fba4619 config: Add security warning on configuration examples 92065d8 config: Protect ctlpath from annotation attack 0d5273a config: Protect jailer_path annotation b588faf config: Add examples for path_list configuration b2d64b6 annotations: Simplify negative logic d823b3d config: Add hypervisor path override through annotations e2a4015 config: Fix typo in function name 22e89f6 config: Protect virtio_fs_daemon annotation 11e737d config: Add 'List' alternates for hypervisor configuration paths 7739905 runtime: mount shared mountpoint readonly 509eb6f runtime: readonly mounts should be readonly bindmount on the host 4ce09fb hypervisor: Remove unused methods 6a5eb0d annotations: Improve asset annotation handling 2696323 runtime: mount shared mountpoint readonly bc1d883 versions: Update cloud-hypervisor to release v0.11.0 ec26e48 clh: Consolidate the code path for device unplug 750419c runtime: readonly mounts should be readonly bindmount on the host 5069ea4 gitignore: Ignore cli/containerd-shim-kata-v2/config-generated.go 7d9860d annotations: Add missing hypervisor control annotation f53406f asset: Formatting, grammar and whitespace 0ffaeeb network: Fix error reporting in listRoutes() b86e904 network: Correct error reporting in listInterfaces() 3596058 vhost-user-blk: Use PciPath type for vhost user devices 64751f3 block: Use PciPath type through block code 3e58971 network: Use PciPath type through network handling bfbfab3 network: Allow convertToInterface to fail 185b3ab device: Introduce PciSlot and PciPath types 1c0dccb vendor: Update vendored agent code fac58a7 clh: let clh config build for arm64 141de5c arm64: correct bridge type for QEMUVIRT machine 120e616 runtime: Ignore ENOENT in kill/delete b44b1ba runtime: Add s.newStore.Destroy before defer Signed-off-by: Eric Ernst <eric_ernst@apple.com>
|
/test |
devimc
approved these changes
Jan 13, 2021
fidencio
approved these changes
Jan 13, 2021
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
b2956f3 blk-dev: hotplug read only if applicable
8b74066 volumes: cleanup, minimal refactoring
cf32518 govmm: revendor to get latest changes
188424a vendor: update govmm from intel to kata-containers
0fb409d github: Add github actions
664f1b2 ACPI: enable acpi for arm64 on qemu
cafd967 Gopkg: update govmm to involve pflash in
7b1d678 qemu: no state to save if QEMU isn't running
11c8c19 versions: Update firecracker to 0.21.3
a91deab virtcontainers: Append max_ports to virtio-serial device
0279c81 shimv2: Add tracing to shimv2
bcf29ba build: Remove default hypervisor message from build
c963777 cli: check modules and permissions before loading a module
f2ff670 cli: don't fail if rate limit is exceeded
c56af73 virtcontainers: Don't set Ctty
ba5ca59 versions: Bump the newest-version of OpenShift
e4a68a7 runtime: clh: update cloud-hypervisor
02af5c9 runtime: clh: disable virtiofs DAX when FS cache size is 0
fc6beea release: Fix release candidate to major version upgrade check
8fbf9aa tests: Ensure semver build metadata is ignored
df99deb release: Make error format string consistent
559ba41 runtime: sleep 1 second after GetOOMEvent failed
27c558e version: add new docker version entry for agent test on arm
38fc74c tests: Update assets test to adapt to recent changes
fc412ad makefile: Enable hypervisor annotations by default
f89fac9 config: Rename 'runtime' to 'runtimeConfig'
cf3a7eb config: Improve comments in configuration file templates
31f0ed5 config: Make configuration file comments consistent
1a7eeb6 annotations: Correct unit tests to validate new protections
2235d5d annotations: Split addHypervisorOverrides to reduce complexity
151e6fc annotations: Add unit test for checkPathIsInGlobs
ad9ce3f annotations: Add unit test for regexpContains function
90ff89e runtime: Fix firecracker config
612fb2c makefile: Add missing generated vars to
USER_VARS979e630 makefile: Improve names of config entries for annotation checks
d412a7f annotations: Give better names to local variabes in search functions
58de2c5 annotations: Rename checkPathIsInGlobList with checkPathIsInGlobs
849f17c config: Add better comments in the template files
bce2528 config: Whitelist hypervisor annotations by name
2417d0b config: Use glob instead of regexp to match paths in annotations
1e036c8 annotations: Fix typo in comment
5ee9b20 config: Add makefile variables for path lists
ed56c9d config: Protect file_mem_backend against annotation attacks
2f0360b config: Protect vhost_user_store_path against annotation attacks
fba4619 config: Add security warning on configuration examples
92065d8 config: Protect ctlpath from annotation attack
0d5273a config: Protect jailer_path annotation
b588faf config: Add examples for path_list configuration
b2d64b6 annotations: Simplify negative logic
d823b3d config: Add hypervisor path override through annotations
e2a4015 config: Fix typo in function name
22e89f6 config: Protect virtio_fs_daemon annotation
11e737d config: Add 'List' alternates for hypervisor configuration paths
7739905 runtime: mount shared mountpoint readonly
509eb6f runtime: readonly mounts should be readonly bindmount on the host
4ce09fb hypervisor: Remove unused methods
6a5eb0d annotations: Improve asset annotation handling
2696323 runtime: mount shared mountpoint readonly
bc1d883 versions: Update cloud-hypervisor to release v0.11.0
ec26e48 clh: Consolidate the code path for device unplug
750419c runtime: readonly mounts should be readonly bindmount on the host
5069ea4 gitignore: Ignore cli/containerd-shim-kata-v2/config-generated.go
7d9860d annotations: Add missing hypervisor control annotation
f53406f asset: Formatting, grammar and whitespace
0ffaeeb network: Fix error reporting in listRoutes()
b86e904 network: Correct error reporting in listInterfaces()
3596058 vhost-user-blk: Use PciPath type for vhost user devices
64751f3 block: Use PciPath type through block code
3e58971 network: Use PciPath type through network handling
bfbfab3 network: Allow convertToInterface to fail
185b3ab device: Introduce PciSlot and PciPath types
1c0dccb vendor: Update vendored agent code
fac58a7 clh: let clh config build for arm64
141de5c arm64: correct bridge type for QEMUVIRT machine
120e616 runtime: Ignore ENOENT in kill/delete
b44b1ba runtime: Add s.newStore.Destroy before defer