Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v0.17] Dependency updates #5462

Merged
merged 10 commits into from
Oct 28, 2024
Merged

[v0.17] Dependency updates #5462

merged 10 commits into from
Oct 28, 2024

Conversation

tonistiigi
Copy link
Member

@tonistiigi tonistiigi commented Oct 28, 2024
edited
Loading 

- Containerd v1.7.22
- Runc v1.1.15
- docker/docker v27.3.1
- docker/cli v27.3.1
- OTEL 1.21.0
- grpc v1.66.2
- compose-go v2.4.1
- hcsshim v0.12.5
  • some patch release bumps

@tonistiigi
Dockerfile: update containerd to v1.7.23
e335b3d 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
@tonistiigi
vendor: update containerd to v1.7.23
1fa8448 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
@tonistiigi
Dockerfile: update runc to v1.1.15
5052d90 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
@tonistiigi
vendor: update hcsshim to v0.12.5
6179153 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
@tonistiigi
vendor: update azidentity to v1.6.0
f01d41c 
Brings fix for CVE-2024-35255

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
@tonistiigi
vendor: update cli to v1.22.16
2c5c4a3 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
@tonistiigi
vendor: update compress to v1.17.11
b5c4155 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
@github-actions github-actions bot added area/project area/dependencies Pull requests that update a dependency file labels Oct 28, 2024
@tonistiigi
Copy link
Member Author

hcsshim v0.12.5 and containerd 1.7.23 are incompatible :rage1: :

@tonistiigi
Copy link
Member Author 

    sandbox.go:138: buildkitd: plugin type="loopback" failed (add): interrupted system call
    sandbox.go:138: CNI setup error

@AkihiroSuda Any ideas?

@tonistiigi
Dockerfile: update xx to v1.5.0
22d8eba 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
@tonistiigi
vendor: revert containerd 1.7.23 because errdefs changes incompatible
3220d67 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
@tonistiigi
pb: regenerate protobuf
c9a25c4 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
@AkihiroSuda
Copy link
Member

failed (add): interrupted system call

Perhaps https://github.com/containernetworking/plugins lacks an EINTR retry loop?

crazy-max
crazy-max approved these changes Oct 28, 2024
View reviewed changes
Copy link
Member

@crazy-max crazy-max left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

  • compose-go v2.4.1

This one is buildx only right?

@tonistiigi
Copy link
Member Author

Reverted the CNI bump as well. Not great as this will mean that CVE scanners will mark the release for all the old Go issues. Nothing too obvious in CNI changelog.

crazy-max
crazy-max reviewed Oct 28, 2024
View reviewed changes
Dockerfile
ARG RUNC_VERSION=v1.1.14
ARG CONTAINERD_VERSION=v1.7.22
ARG RUNC_VERSION=v1.1.15
ARG CONTAINERD_VERSION=v1.7.23
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we keep 1.7.22 if we can't vendor the go module?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

They don't need to be the same. We are still compatible with v1.7.23 daemon.

@tonistiigi tonistiigi merged commit d09c1e2 into moby:master Oct 28, 2024
92 checks passed
@thaJeztah thaJeztah mentioned this pull request Oct 29, 2024
Merged
@thaJeztah
Copy link
Member

hcsshim v0.12.5 and containerd 1.7.23 are incompatible :rage1: :

For containerd 1.7.23 you either need to stay on 0.11 or you need to update to hcsshim v0.12.8, but that comes with a whole lot of dependency updates; see the PRs linked from this one;

go modules won't do that update, because v0.12.x (any v0.12.x version) is higher than v0.11 (what containerd v1.7.23 uses), so it considers it high enough.

In moby we wanted to stay on v0.11 for the 27.x branch, and only updated hcsshim to v0.12 for master.

So BuildKit can decide to either revert to v0.11, and keep v0.12 for the next release (together with moby v28.0), or do all the other updates as well.

@crazy-max crazy-max mentioned this pull request Oct 30, 2024
Closed
@crazy-max crazy-max mentioned this pull request Nov 7, 2024
Merged
@tonistiigi tonistiigi mentioned this pull request Nov 19, 2024
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@crazy-max crazy-max crazy-max approved these changes

@jsternberg jsternberg Awaiting requested review from jsternberg

Assignees
No one assigned
Labels
area/api area/dependencies Pull requests that update a dependency file area/frontend area/project area/session area/solver area/sourcepolicy area/storage area/util
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@tonistiigi @AkihiroSuda @thaJeztah @crazy-max