Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(core/containerd): refactor containerd interaction to v2 APIs #1906

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

feat(core/containerd): refactor containerd interaction to v2 APIs #1906

wants to merge 2 commits into from

Conversation

daemon1024
Copy link
Member

  • Move from v1 to v2 APIs
  • Use Event Driven Approach
  • Watch for tasks instead of container events, this will prevent mismanagement of events and policies on KubeArmor end incase of reuse of PIDNS/MNTNS by contaienr runtime, since we delete container information as soon as the root task exits

Purpose of PR?:

Fixes #1674

Does this PR introduce a breaking change?

If the changes in this PR are manually verified, list down the scenarios covered::

Additional information for reviewer? :
Mention if this PR is part of any design or a continuation of previous PRs

Checklist:

  • Bug fix. Fixes #
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update
  • PR Title follows the convention of <type>(<scope>): <subject>
  • Commit has unit tests
  • Commit has integration tests

@rksharma95 rksharma95 force-pushed the containerd-revamp branch 3 times, most recently from c588c14 to 73aefe6 Compare December 13, 2024 09:30
@rksharma95
Copy link
Collaborator

snyk failure couldn't be handled completely, as one of the failure is due to a medium severity vulnerability is Introduced through: github.com/Microsoft/hcsshim@v0.12.9 › github.com/lestrrat-go/jwx@v1.2.29 exists in github.com/containerd/containerd/v2 v2.0.0 which is latest version available.

daemon1024 and others added 2 commits December 19, 2024 11:23
@daemon1024
feat(core/containerd): refactor containerd interaction to v2 APIs
5b5b3ec 
* Move from v1 to v2 APIs
* Use Event Driven Approach
* Watch for tasks instead of container events, this will prevent mismanagement of events and policies on KubeArmor end incase of reuse of PIDNS/MNTNS by contaienr runtime, since we delete container information as soon as the root task exits

Signed-off-by: daemon1024 <barun1024@gmail.com>
@rksharma95 @daemon1024
use go1.22 with operator and controller
3cb740c 
Signed-off-by: rksharma95 <ramakant@accuknox.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
Release Pending PRs/Items
Status: P0 - PR Ready for review
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@daemon1024 @rksharma95