From 2ac8b11f48a00fb0eb9b4ec7d187135345fd5180 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 Feb 2024 04:07:38 +0000 Subject: [PATCH 01/16] build(deps): bump golangci/golangci-lint-action from 3 to 4 Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 3 to 4. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](https://github.com/golangci/golangci-lint-action/compare/v3...v4) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] (cherry picked from commit 27cbabd00dfaf4126c2e5d0731e48f8443697dfc) Signed-off-by: Kir Kolyshkin --- .github/workflows/validate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index f190d021279..5208d04d822 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -32,7 +32,7 @@ jobs: run: | sudo apt -q update sudo apt -q install libseccomp-dev - - uses: golangci/golangci-lint-action@v3 + - uses: golangci/golangci-lint-action@v4 with: version: v1.53 # Extra linters, only checking new code from a pull request. From 25e27d7eef281ce2495ac72cf21c39d4c7b65a89 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Dec 2023 04:57:18 +0000 Subject: [PATCH 02/16] build(deps): bump actions/upload-artifact from 3 to 4 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] (cherry picked from commit 7b655782bf5ca1069261a3225161bf322fd1d13e) Signed-off-by: Kir Kolyshkin --- .github/workflows/validate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 5208d04d822..9132acdf878 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -169,7 +169,7 @@ jobs: - name: make releaseall run: make releaseall - name: upload artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: release-${{ github.run_id }} path: release/* From cb2d85dcde5f3a5375681cc1355c1d6c1c89aefb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Aug 2023 04:21:42 +0000 Subject: [PATCH 03/16] build(deps): bump tim-actions/commit-message-checker-with-regex Bumps [tim-actions/commit-message-checker-with-regex](https://github.com/tim-actions/commit-message-checker-with-regex) from 0.3.1 to 0.3.2. - [Release notes](https://github.com/tim-actions/commit-message-checker-with-regex/releases) - [Commits](https://github.com/tim-actions/commit-message-checker-with-regex/compare/v0.3.1...v0.3.2) --- updated-dependencies: - dependency-name: tim-actions/commit-message-checker-with-regex dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] (cherry picked from commit fe6f33b2c0e298554ea620db7bf7f20e6da2e3e9) Signed-off-by: Kir Kolyshkin --- .github/workflows/validate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 9132acdf878..34a14fa1446 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -121,7 +121,7 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} - name: check subject line length - uses: tim-actions/commit-message-checker-with-regex@v0.3.1 + uses: tim-actions/commit-message-checker-with-regex@v0.3.2 with: commits: ${{ steps.get-pr-commits.outputs.commits }} pattern: '^.{0,72}(\n.*)*$' From b36844518a36b74c9e52418ca8eb4fea19f5089a Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Fri, 7 Jun 2024 11:00:19 -0700 Subject: [PATCH 04/16] build(deps): bump actions/checkout from 3 to 4 Same as commit 2d0cd0b3 in main branch. Signed-off-by: Kir Kolyshkin --- .github/workflows/test.yml | 4 ++-- .github/workflows/validate.yml | 18 +++++++++--------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 88f3a572af3..634d28dee09 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -35,7 +35,7 @@ jobs: steps: - name: checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: install deps if: matrix.criu == '' @@ -104,7 +104,7 @@ jobs: steps: - name: checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: install deps run: | diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 34a14fa1446..df6d89eb4a0 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -14,14 +14,14 @@ jobs: keyring: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: check runc.keyring run: make validate-keyring lint: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 2 - uses: actions/setup-go@v4 @@ -47,7 +47,7 @@ jobs: # Don't ignore C warnings. Note that the output of "go env CGO_CFLAGS" by default is "-g -O2", so we keep them. CGO_CFLAGS: -g -O2 -Werror steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: install go uses: actions/setup-go@v4 with: @@ -58,7 +58,7 @@ jobs: codespell: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: install deps # Version of codespell bundled with Ubuntu is way old, so use pip. run: pip install codespell==v2.3.0 @@ -68,14 +68,14 @@ jobs: shfmt: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: shfmt run: make shfmt shellcheck: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: vars run: | echo 'VERSION=v0.8.0' >> $GITHUB_ENV @@ -100,7 +100,7 @@ jobs: deps: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: install go uses: actions/setup-go@v4 with: @@ -131,7 +131,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: install deps @@ -148,7 +148,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 From 0d19e78b847a8c088c8a98e6fef27f5045abb3bf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 7 Dec 2023 04:18:24 +0000 Subject: [PATCH 05/16] build(deps): bump actions/setup-go from 4 to 5 Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] (cherry picked from commit e66ba70f509e936fdfe2aa26e283c309cd22313e) Signed-off-by: Kir Kolyshkin --- .github/workflows/test.yml | 4 ++-- .github/workflows/validate.yml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 634d28dee09..ea81bd536c0 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -60,7 +60,7 @@ jobs: rm -rf ~/criu - name: install go ${{ matrix.go-version }} - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version: ${{ matrix.go-version }} @@ -119,7 +119,7 @@ jobs: sudo apt -q install libseccomp-dev libseccomp-dev:i386 gcc-multilib criu - name: install go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version: 1.21 diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index df6d89eb4a0..a89168ad93c 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -24,7 +24,7 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 2 - - uses: actions/setup-go@v4 + - uses: actions/setup-go@v5 with: go-version: "${{ env.GO_VERSION }}" cache: false # golangci-lint-action does its own caching @@ -49,7 +49,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: install go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version: "${{ env.GO_VERSION }}" - name: compile with no build tags @@ -102,7 +102,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: install go - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version: "${{ env.GO_VERSION }}" - name: verify deps From e546ddeec8695becb0f4aa391ef0bb61e7c295bb Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Fri, 7 Jun 2024 11:11:11 -0700 Subject: [PATCH 06/16] ci/gha: switch some jobs to ubuntu-22.04 This is a partial backport of commits 953e1cc48 and b32655d2 from the main branch. Signed-off-by: Kir Kolyshkin --- .github/workflows/test.yml | 5 +---- .github/workflows/validate.yml | 18 +++++++++--------- 2 files changed, 10 insertions(+), 13 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index ea81bd536c0..6e1831a4345 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -99,7 +99,7 @@ jobs: # However, we do not have 32-bit ARM CI, so we use i386 for testing 32bit stuff. # We are not interested in providing official support for i386. cross-i386: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: @@ -113,9 +113,6 @@ jobs: sudo add-apt-repository -y ppa:criu/ppa # apt-add-repository runs apt update so we don't have to. - # Due to a bug in apt, we have to update it first - # (see https://bugs.launchpad.net/ubuntu-cdimage/+bug/1871268) - sudo apt -q install apt sudo apt -q install libseccomp-dev libseccomp-dev:i386 gcc-multilib criu - name: install go diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index a89168ad93c..0654233a109 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -19,7 +19,7 @@ jobs: run: make validate-keyring lint: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 with: @@ -42,7 +42,7 @@ jobs: golangci-lint run --config .golangci-extra.yml --new-from-rev=HEAD~1 --out-format=github-actions compile-buildtags: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 env: # Don't ignore C warnings. Note that the output of "go env CGO_CFLAGS" by default is "-g -O2", so we keep them. CGO_CFLAGS: -g -O2 -Werror @@ -56,7 +56,7 @@ jobs: run: make BUILDTAGS="" codespell: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 - name: install deps @@ -66,14 +66,14 @@ jobs: run: codespell shfmt: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 - name: shfmt run: make shfmt shellcheck: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 - name: vars @@ -98,7 +98,7 @@ jobs: run : ./script/check-config.sh deps: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 - name: install go @@ -110,7 +110,7 @@ jobs: commit: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 # Only check commits on pull requests. if: github.event_name == 'pull_request' steps: @@ -128,7 +128,7 @@ jobs: error: 'Subject too long (max 72)' cfmt: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - name: checkout uses: actions/checkout@v4 @@ -145,7 +145,7 @@ jobs: release: - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 steps: - name: checkout uses: actions/checkout@v4 From 8bfc75a25d2bf6af83901ff08749b3c66cd1091f Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Fri, 15 Dec 2023 10:32:27 +0900 Subject: [PATCH 07/16] CI: run apt with -y Signed-off-by: Akihiro Suda (cherry picked from commit 30dc98f5770c2179bce6d3d34d168a95262338aa) Signed-off-by: Kir Kolyshkin --- .github/workflows/test.yml | 6 +++--- .github/workflows/validate.yml | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 6e1831a4345..dbaa46abf7e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -46,13 +46,13 @@ jobs: curl -fSsLl $REPO/Release.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_tools_criu.gpg > /dev/null echo "deb $REPO/ /" | sudo tee /etc/apt/sources.list.d/criu.list sudo apt update - sudo apt install libseccomp-dev criu sshfs + sudo apt -y install libseccomp-dev criu sshfs - name: install deps (criu ${{ matrix.criu }}) if: matrix.criu != '' run: | sudo apt -q update - sudo apt -q install libseccomp-dev sshfs \ + sudo apt -qy install libseccomp-dev sshfs \ libcap-dev libnet1-dev libnl-3-dev \ libprotobuf-c-dev libprotobuf-dev protobuf-c-compiler protobuf-compiler git clone https://github.com/checkpoint-restore/criu.git ~/criu @@ -113,7 +113,7 @@ jobs: sudo add-apt-repository -y ppa:criu/ppa # apt-add-repository runs apt update so we don't have to. - sudo apt -q install libseccomp-dev libseccomp-dev:i386 gcc-multilib criu + sudo apt -qy install libseccomp-dev libseccomp-dev:i386 gcc-multilib criu - name: install go uses: actions/setup-go@v5 diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 0654233a109..c26c3de0c6b 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -31,7 +31,7 @@ jobs: - name: install deps run: | sudo apt -q update - sudo apt -q install libseccomp-dev + sudo apt -qy install libseccomp-dev - uses: golangci/golangci-lint-action@v4 with: version: v1.53 @@ -137,7 +137,7 @@ jobs: - name: install deps run: | sudo apt -qq update - sudo apt -qq install indent + sudo apt -qqy install indent - name: cfmt run: | make cfmt From fb236084374b87c3ee3dafeff17f4adfa40142ae Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Thu, 25 Apr 2024 08:25:02 -0700 Subject: [PATCH 08/16] ci/gha: bump golangci/golangci-lint-action to v5 Since v5 removes caching [1], re-enable setup-go cache. [1] https://github.com/golangci/golangci-lint-action/pull/1024 Signed-off-by: Kir Kolyshkin (cherry picked from commit 6bcc73612281bcceac892375fdd68ed298cedd15) Signed-off-by: Kir Kolyshkin --- .github/workflows/validate.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index c26c3de0c6b..c7bbaf24693 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -27,12 +27,11 @@ jobs: - uses: actions/setup-go@v5 with: go-version: "${{ env.GO_VERSION }}" - cache: false # golangci-lint-action does its own caching - name: install deps run: | sudo apt -q update sudo apt -qy install libseccomp-dev - - uses: golangci/golangci-lint-action@v4 + - uses: golangci/golangci-lint-action@v5 with: version: v1.53 # Extra linters, only checking new code from a pull request. From 4d097af534a07ac992d0ca34e242573d03031946 Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Tue, 7 May 2024 14:22:59 -0700 Subject: [PATCH 09/16] ci/gha: bump golangci-lint-action from 5 to 6 Note that github-actions output format is deprecated and no longer supported, and it is also no longer needed since setup-go problem matcher already handles default golangci-lint output format ("colored-line-number"). Signed-off-by: Kir Kolyshkin (cherry picked from commit f452f667c0861ba19460dbaea47e8f81e63262e1) Signed-off-by: Kir Kolyshkin --- .github/workflows/validate.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index c7bbaf24693..8a814c185d4 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -31,14 +31,14 @@ jobs: run: | sudo apt -q update sudo apt -qy install libseccomp-dev - - uses: golangci/golangci-lint-action@v5 + - uses: golangci/golangci-lint-action@v6 with: version: v1.53 # Extra linters, only checking new code from a pull request. - name: lint-extra if: github.event_name == 'pull_request' run: | - golangci-lint run --config .golangci-extra.yml --new-from-rev=HEAD~1 --out-format=github-actions + golangci-lint run --config .golangci-extra.yml --new-from-rev=HEAD~1 compile-buildtags: runs-on: ubuntu-22.04 From 65bdf604ddb989e281f6ea97f1f2fc503f8655ca Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Fri, 7 Jun 2024 11:32:50 -0700 Subject: [PATCH 10/16] libct/user: gofumpt -w Signed-off-by: Kir Kolyshkin --- libcontainer/user/user.go | 1 - 1 file changed, 1 deletion(-) diff --git a/libcontainer/user/user.go b/libcontainer/user/user.go index 984466d1ab5..198c4936795 100644 --- a/libcontainer/user/user.go +++ b/libcontainer/user/user.go @@ -197,7 +197,6 @@ func ParseGroupFilter(r io.Reader, filter func(Group) bool) ([]Group, error) { for { var line []byte line, isPrefix, err = rd.ReadLine() - if err != nil { // We should return no error if EOF is reached // without a match. From 327e07e968144e390273c452a81e73d561316c29 Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Thu, 24 Aug 2023 17:22:23 -0700 Subject: [PATCH 11/16] ci/gha: bump golangci-lint to v1.54 Currently, it is at v1.54.2. Signed-off-by: Kir Kolyshkin (cherry picked from commit 17e7e230bd52b6f6c0167be8aedb940ac7160820) Signed-off-by: Kir Kolyshkin --- .github/workflows/validate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 8a814c185d4..6ac26ba3c39 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -33,7 +33,7 @@ jobs: sudo apt -qy install libseccomp-dev - uses: golangci/golangci-lint-action@v6 with: - version: v1.53 + version: v1.54 # Extra linters, only checking new code from a pull request. - name: lint-extra if: github.event_name == 'pull_request' From ae85f058ccff18ab200d4a53841648b46c466850 Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Thu, 25 Apr 2024 08:28:45 -0700 Subject: [PATCH 12/16] ci/gha: bump golangci-lint to v1.57 Signed-off-by: Kir Kolyshkin (cherry picked from commit d63018c2524e1767b6f3b55046f6e748139e0cc2) Signed-off-by: Kir Kolyshkin --- .github/workflows/validate.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 6ac26ba3c39..ee41c6fd09f 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -33,7 +33,7 @@ jobs: sudo apt -qy install libseccomp-dev - uses: golangci/golangci-lint-action@v6 with: - version: v1.54 + version: v1.57 # Extra linters, only checking new code from a pull request. - name: lint-extra if: github.event_name == 'pull_request' From c488d13a5331868e5b9d762217b40524e7997375 Mon Sep 17 00:00:00 2001 From: lifubang Date: Sat, 30 Mar 2024 23:34:56 +0800 Subject: [PATCH 13/16] use go mod instead of go get in spec.bats Signed-off-by: lifubang (cherry picked from commit 75e02193c24db0c14c4bebafec7c47a3a24147e7) Signed-off-by: Kir Kolyshkin --- tests/integration/spec.bats | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/integration/spec.bats b/tests/integration/spec.bats index 8091ba339a5..999e3b8c940 100644 --- a/tests/integration/spec.bats +++ b/tests/integration/spec.bats @@ -31,11 +31,11 @@ function teardown() { git clone https://github.com/opencontainers/runtime-spec.git (cd runtime-spec && git reset --hard "$SPEC_REF") - SCHEMA='runtime-spec/schema/config-schema.json' - [ -e "$SCHEMA" ] - GO111MODULE=auto go get github.com/xeipuuv/gojsonschema - GO111MODULE=auto go build runtime-spec/schema/validate.go + cd runtime-spec/schema + go mod init runtime-spec + go mod tidy + go build ./validate.go - ./validate "$SCHEMA" config.json + ./validate config-schema.json ../../config.json } From 4578c6c5dbdbad740fc8f6666c6c211220e6b999 Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Fri, 7 Jun 2024 09:04:16 -0700 Subject: [PATCH 14/16] libct/nsenter: stop blacklisting go 1.22+ Go 1.23 includes a fix (https://go.dev/cl/587919) so go1.23.x can be used. This fix is also backported to 1.22.4, so go1.22.x can also be used (when x >= 4). Finally, for glibc >= 2.32 it doesn't really matter. Add a note about Go 1.22.x > 1.22.4 to README as well. Signed-off-by: Kir Kolyshkin (cherry picked from commit e660ef61a5f8677e22fb50e51cd4368d8f24d319) Signed-off-by: Kir Kolyshkin --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index d428c686ea2..3b159978fa3 100644 --- a/README.md +++ b/README.md @@ -28,6 +28,10 @@ A third party security audit was performed by Cure53, you can see the full repor `runc` only supports Linux. It must be built with Go version 1.17 or higher. +NOTE: if building with Go 1.22.x, make sure to use 1.22.4 or a later version +(see [issue #4233](https://github.com/opencontainers/runc/issues/4233) for +more details). + In order to enable seccomp support you will need to install `libseccomp` on your platform. > e.g. `libseccomp-devel` for CentOS, or `libseccomp-dev` for Ubuntu From c9beabc8d8d5c34b7d215cd4fc7c3b9e159c7db9 Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Fri, 24 May 2024 16:55:03 -0700 Subject: [PATCH 15/16] ci: switch to go 1.22 as main version Now when Go 1.22.4 is out it should no longer be a problem. Leave Go 1.21 for CentOS testing (CentOS 7 and 8 have older glibc) and Dockerfile (Debian 11 have older glibc). Signed-off-by: Kir Kolyshkin (cherry picked from commit a3302f20548c6f7b3443985c8dccccf2f4889bd9) Signed-off-by: Kir Kolyshkin --- .github/workflows/test.yml | 6 ++++-- .github/workflows/validate.yml | 3 ++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index dbaa46abf7e..a3cf78bd302 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -21,7 +21,7 @@ jobs: strategy: fail-fast: false matrix: - go-version: [1.17.x, 1.20.x, 1.21.x] + go-version: [1.17.x, 1.21.x, 1.22.x] rootless: ["rootless", ""] race: ["-race", ""] criu: [""] @@ -63,6 +63,7 @@ jobs: uses: actions/setup-go@v5 with: go-version: ${{ matrix.go-version }} + check-latest: true - name: build run: sudo -E PATH="$PATH" make EXTRA_FLAGS="${{ matrix.race }}" all @@ -118,7 +119,8 @@ jobs: - name: install go uses: actions/setup-go@v5 with: - go-version: 1.21 + go-version: 1.x # Latest stable + check-latest: true - name: unit test run: sudo -E PATH="$PATH" -- make GOARCH=386 localunittest diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index ee41c6fd09f..f90a3613283 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -8,7 +8,7 @@ on: - release-* pull_request: env: - GO_VERSION: 1.20.x + GO_VERSION: 1.22.x jobs: keyring: @@ -104,6 +104,7 @@ jobs: uses: actions/setup-go@v5 with: go-version: "${{ env.GO_VERSION }}" + check-latest: true - name: verify deps run: make verify-dependencies From 7219e0afffcdfc7732fdb9c7790837fee246b6f9 Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Thu, 30 May 2024 11:23:03 -0700 Subject: [PATCH 16/16] Dockerfile: bump Debian to 12, Go to 1.21 Signed-off-by: Kir Kolyshkin (cherry picked from commit b74b33c43967d1a7be872998d79f951bdd6f1f32) Signed-off-by: Kir Kolyshkin --- Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 240ca180f28..6337332f8db 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,10 +1,10 @@ -ARG GO_VERSION=1.20 +ARG GO_VERSION=1.21 ARG BATS_VERSION=v1.9.0 ARG LIBSECCOMP_VERSION=2.5.5 -FROM golang:${GO_VERSION}-bullseye +FROM golang:${GO_VERSION}-bookworm ARG DEBIAN_FRONTEND=noninteractive -ARG CRIU_REPO=https://download.opensuse.org/repositories/devel:/tools:/criu/Debian_11 +ARG CRIU_REPO=https://download.opensuse.org/repositories/devel:/tools:/criu/Debian_12 RUN KEYFILE=/usr/share/keyrings/criu-repo-keyring.gpg; \ wget -nv $CRIU_REPO/Release.key -O- | gpg --dearmor > "$KEYFILE" \