Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release-4.8] Bug 1998391: UPSTREAM: 104530: [1.21] bump runc to 1.0.2 #912

Merged
merged 4 commits into from
Sep 10, 2021
Merged

[release-4.8] Bug 1998391: UPSTREAM: 104530: [1.21] bump runc to 1.0.2 #912

merged 4 commits into from
Sep 10, 2021

Conversation

kolyshkin
Copy link

Manual port of kubernetes#104530 to release-4.8 branch. Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1993980.

Same as #910 but for 4.8.

@openshift-ci
Copy link

openshift-ci bot commented Aug 26, 2021

@kolyshkin: No Bugzilla bug is referenced in the title of this pull request.
To reference a bug, add 'Bug XXX:' to the title of this pull request and request another bug refresh with /bugzilla refresh.

In response to this:

UPSTREAM: 104530: [1.21] bump runc to 1.0.2

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci-robot openshift-ci-robot added the backports/unvalidated-commits Indicates that not all commits come to merged upstream PRs. label Aug 26, 2021
@openshift-ci-robot
Copy link

@kolyshkin: the contents of this pull request could not be automatically validated.

The following commits could not be validated and must be approved by a top-level approver:

@openshift-ci openshift-ci bot requested review from rphillips and sttts August 26, 2021 21:26
gnufied and others added 4 commits August 26, 2021 17:59
@gnufied @kolyshkin
UPSTREAM: 102969: Do not throw error when we can't get canonical path
e102c2e
@liggitt @kolyshkin
UPSTREAM: 104530: Switch to non-deprecated timestamppb.Now()
26a1a09 
(cherry picked from commit ff2c614)

[kolyshkin: run ./hack/update-vendor.sh]
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
@kolyshkin
UPSTREAM: 104530: [1.21] bump runc to 1.0.2
9c5b0b7 
Manual port of upstream commit 981b7fc. This is how I did it
(roughly):

	# 1. Check what part of lint-dependencies to ignore.
	hack/lint-dependencies.sh
	# Ignored this:
	# hack/pin-dependency.sh github.com/go-bindata/go-bindata v3.1.2+incompatible
	# hack/pin-dependency.sh github.com/google/cadvisor v0.39.0
	# hack/pin-dependency.sh github.com/imdario/mergo v0.3.7
	# hack/pin-dependency.sh github.com/mattn/go-colorable v0.1.2
	# hack/pin-dependency.sh github.com/openshift/build-machinery-go v0.0.0-20210423112049-9415d7ebd33e
	# hack/pin-dependency.sh github.com/openshift/client-go v0.0.0-20210521082421-73d9475a9142
	# hack/pin-dependency.sh github.com/openshift/library-go v0.0.0-20210521084623-7392ea9b02ca
	# hack/pin-dependency.sh github.com/robfig/cron v1.2.0
	# hack/pin-dependency.sh go.uber.org/multierr v1.1.1-0.20180122172545-ddea229ff1df
	# hack/pin-dependency.sh k8s.io/component-base v0.21.1

	# 2. Update runc and its deps.
	hack/pin-dependency.sh github.com/opencontainers/runc v1.0.1
	hack/pin-dependency.sh github.com/cilium/ebpf v0.6.2
	hack/pin-dependency.sh github.com/opencontainers/selinux v1.8.2
	hack/pin-dependency.sh github.com/sirupsen/logrus v1.8.1
        hack/pin-dependency.sh google.golang.org/protobuf v1.26.0
        hack/pin-dependency.sh github.com/golang/protobuf v1.5.0
        hack/pin-dependency.sh github.com/google/go-cmp v0.5.5
        GO111MODULE=on go mod edit -dropreplace github.com/checkpoint-restore/go-criu/v4
	GO111MODULE=on go mod edit -dropreplace github.com/willf/bitset

	# 3. Update vendor.
	hack/update-vendor.sh
	# 4. Recheck everything.
	hack/lint-dependencies.sh
	hack/update-internal-modules.sh
	# 5. Add everything.
	git add vendor staging

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
@kolyshkin
UPSTREAM: 104530: pkg/kubelet/cm: use SkipFreezeOnSet
d31ba0f 
This is a knob added by runc 1.0.2 specifically for kubernetes,
which tells runc/libcontainer/cgroups/systemd v1 manager to not
freeze the cgroup in Set().

We set this knob here because this code is only used for pods
(rather than containers) management, and in this place we create or
update the pod cgroup with no device limits set, so we can skip the
freeze.

If this knob is not set, libcontainer's cgroup v1 manager tries to
figure out whether the freeze is needed or not, but it's a somewhat
expensive check to perform, thus the knob is a shortcut.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
@openshift-ci-robot
Copy link

@kolyshkin: the contents of this pull request could not be automatically validated.

The following commits are valid:

The following commits could not be validated and must be approved by a top-level approver:

@nee1esh
Copy link

nee1esh commented Aug 27, 2021

/retitle [release-4.8] Bug 1998391: UPSTREAM: 104530: [1.21] bump runc to 1.0.2

@openshift-ci openshift-ci bot changed the title UPSTREAM: 104530: [1.21] bump runc to 1.0.2 [release-4.8] Bug 1998391: UPSTREAM: 104530: [1.21] bump runc to 1.0.2 Aug 27, 2021
@openshift-ci openshift-ci bot added bugzilla/severity-high Referenced Bugzilla bug's severity is high for the branch this PR is targeting. bugzilla/invalid-bug Indicates that a referenced Bugzilla bug is invalid for the branch this PR is targeting. labels Aug 27, 2021
@openshift-ci
Copy link

openshift-ci bot commented Aug 27, 2021

@kolyshkin: This pull request references Bugzilla bug 1998391, which is invalid:

  • expected dependent Bugzilla bug 1993980 to be in one of the following states: VERIFIED, RELEASE_PENDING, CLOSED (ERRATA), CLOSED (CURRENTRELEASE), but it is POST instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

[release-4.8] Bug 1998391: UPSTREAM: 104530: [1.21] bump runc to 1.0.2

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@nee1esh
Copy link

nee1esh commented Aug 27, 2021

/bugzilla refresh

@openshift-ci
Copy link

openshift-ci bot commented Aug 27, 2021

@nee1esh: This pull request references Bugzilla bug 1998391, which is invalid:

  • expected dependent Bugzilla bug 1993980 to be in one of the following states: VERIFIED, RELEASE_PENDING, CLOSED (ERRATA), CLOSED (CURRENTRELEASE), but it is POST instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@nee1esh
Copy link

nee1esh commented Sep 1, 2021

/bugzilla refresh

@openshift-ci
Copy link

openshift-ci bot commented Sep 1, 2021

@nee1esh: This pull request references Bugzilla bug 1998391, which is invalid:

  • expected dependent Bugzilla bug 1993980 to be in one of the following states: VERIFIED, RELEASE_PENDING, CLOSED (ERRATA), CLOSED (CURRENTRELEASE), but it is ON_QA instead
  • expected dependent Bugzilla bug 1999273 to be in one of the following states: VERIFIED, RELEASE_PENDING, CLOSED (ERRATA), CLOSED (CURRENTRELEASE), but it is CLOSED (DUPLICATE) instead
  • expected dependent Bugzilla bug 1999273 to target a release in 4.9.0, but it targets "4.8.z" instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@nee1esh
Copy link

nee1esh commented Sep 1, 2021

/retest-required

@kolyshkin
Copy link
Author

@kolyshkin: the contents of this pull request could not be automatically validated.

The following commits could not be validated and must be approved by a top-level approver:

This is now merged but I don't know how to ask the bot to re-validate it :-\

@kolyshkin
Copy link
Author

/retest

@kolyshkin
Copy link
Author

/bugzilla refresh

@openshift-ci
Copy link

openshift-ci bot commented Sep 2, 2021

@kolyshkin: This pull request references Bugzilla bug 1998391, which is invalid:

  • expected dependent Bugzilla bug 1993980 to be in one of the following states: VERIFIED, RELEASE_PENDING, CLOSED (ERRATA), CLOSED (CURRENTRELEASE), but it is ON_QA instead
  • expected dependent Bugzilla bug 1999273 to be in one of the following states: VERIFIED, RELEASE_PENDING, CLOSED (ERRATA), CLOSED (CURRENTRELEASE), but it is CLOSED (DUPLICATE) instead
  • expected dependent Bugzilla bug 1999273 to target a release in 4.9.0, but it targets "4.8.z" instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@nee1esh
Copy link

nee1esh commented Sep 2, 2021

/bugzilla refresh

@openshift-ci
Copy link

openshift-ci bot commented Sep 2, 2021

@nee1esh: This pull request references Bugzilla bug 1998391, which is invalid:

  • expected dependent Bugzilla bug 1993980 to be in one of the following states: VERIFIED, RELEASE_PENDING, CLOSED (ERRATA), CLOSED (CURRENTRELEASE), but it is ON_QA instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@nee1esh
Copy link

nee1esh commented Sep 8, 2021

/bugzilla refresh

@openshift-ci openshift-ci bot added bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. and removed bugzilla/invalid-bug Indicates that a referenced Bugzilla bug is invalid for the branch this PR is targeting. labels Sep 8, 2021
@openshift-ci
Copy link

openshift-ci bot commented Sep 8, 2021

@nee1esh: This pull request references Bugzilla bug 1998391, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker.

6 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target release (4.8.z) matches configured target release for branch (4.8.z)
  • bug is in the state NEW, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)
  • dependent bug Bugzilla bug 1993980 is in the state VERIFIED, which is one of the valid states (VERIFIED, RELEASE_PENDING, CLOSED (ERRATA), CLOSED (CURRENTRELEASE))
  • dependent Bugzilla bug 1993980 targets the "4.9.0" release, which is one of the valid target releases: 4.9.0
  • bug has dependents

No GitHub users were found matching the public email listed for the QA contact in Bugzilla (schoudha@redhat.com), skipping review request.

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@sttts sttts removed the backports/unvalidated-commits Indicates that not all commits come to merged upstream PRs. label Sep 8, 2021
@sttts
Copy link

sttts commented Sep 8, 2021

/approve

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 8, 2021
@rphillips
Copy link

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Sep 8, 2021
@openshift-ci
Copy link

openshift-ci bot commented Sep 8, 2021

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: kolyshkin, rphillips, sttts

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@mfojtik
Copy link

mfojtik commented Sep 10, 2021

[patch-manager] 🚀 Approved for z-stream by score: 1.00

adding cherry-pick approved

@mfojtik mfojtik added the cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. label Sep 10, 2021
@openshift-merge-robot openshift-merge-robot merged commit d8043e1 into openshift:release-4.8 Sep 10, 2021
@openshift-ci
Copy link

openshift-ci bot commented Sep 10, 2021

@kolyshkin: All pull requests linked via external trackers have merged:

Bugzilla bug 1998391 has been moved to the MODIFIED state.

In response to this:

[release-4.8] Bug 1998391: UPSTREAM: 104530: [1.21] bump runc to 1.0.2

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rphillips rphillips Awaiting requested review from rphillips

@sttts sttts Awaiting requested review from sttts

Assignees

@rphillips rphillips

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. bugzilla/severity-high Referenced Bugzilla bug's severity is high for the branch this PR is targeting. bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. lgtm Indicates that a PR is ready to be merged. vendor-update Touching vendor dir or related files
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@kolyshkin @openshift-ci-robot @nee1esh @sttts @rphillips @mfojtik @openshift-merge-robot @gnufied @liggitt