Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package cri-o for openSUSE:Factory checked
in at 2021-09-07 21:13:35
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/cri-o (Old)
and /work/SRC/openSUSE:Factory/.cri-o.new.1899 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cri-o"
Tue Sep 7 21:13:35 2021 rev:62 rq:916129 version:1.22.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/cri-o/cri-o.changes 2021-08-24
10:54:09.540377675 +0200
+++ /work/SRC/openSUSE:Factory/.cri-o.new.1899/cri-o.changes 2021-09-07
21:13:38.132738327 +0200
@@ -1,0 +2,101 @@
+Thu Sep 02 14:57:14 UTC 2021 - alexandre.vice...@suse.com
+
+- Update to version 1.22.0:
+ Dependency-Change
+ * Update runc within static binary bundle to v1.0.1
+ * Update static binary bundle runc version to v1.0.0-rc94.
+ * Update static binary bundle runc version to v1.0.0-rc95.
+ * Updated crun in static binary bundle to v0.20.1
+ Deprecation
+ * The internal_wipe option is now true by default.
+ Further, it is being deprecated, and will be unconditionally true in
the future.
+ API Change
+ * Update how the resources for a workload is specified. Now, to override
a workload,
+ the pod must have the annotation $prefix/$ctr_name =
{"$resource_type": "$resource_value"}.
+ The workloads feature has also been marked as experimental, which
should have happened
+ from the beginning.
+ Feature
+ * Added --metrics-collectors/metrics_collectors configuration to enable
or disable certain metrics.
+ * All metrics collectors are enabled per default.
+ * Added crio_image_pulls_layer_size histogram metric to get insights
about all pulled layer sizes.
+ * Added build tags as well as AppArmor and seccomp status to crio
version output.
+ * Added generation of self-signed certificates for the secure metrics
endpoint
+ * if the provided cert and key paths are not available on disk.
+ * Added secure metrics endpoint configuration options
+ * Added structural logging of container ID, sandbox ID and process ID on
container start.
+ * Automatically reload metrics TLS certificate and key if any of those
specified files change.
+ * CNI plugins are now passed a K8S_POD_UID environment variable
containing the pod UID
+ this sandbox was started for.
+ * Changed the logging behavior of klog messages to be included in the
CRI-O logs.
+ * The klog info verbositry is converted to CRI-O debug to lower the log
verbosity.
+ * Cri-o now does not limit the DNS search paths.
+ * Enable the "volatile" option for the overlay drivers when it is
supported by the underlying kernel.
+ * Rootless: enable resource limit when cgroup v2 controllers are
delegated.
+ * Support io.kubernetes.cri.blockio-class container annotation for
specifying blockio class.
+ * Support blockio.resources.beta.kubernetes.io/pod pod annotation for
specifying the default blockio
+ class to all containers in the pod.
+ * Support blockio.resources.beta.kubernetes.io/container.NAME pod
annotation for specifying
+ the blockio class of the NAME container in the pod.
+ * Add blockio_config_file config file option (and corresponding
--blockio-config-file for command line)
+ for configuring blockio classes and their cgroups blockio controller
parameters.
+ * Support io.kubernetes.cri.rdt-class container annotation for
specifying RDT class.
+ * Add rdt_config_file config file option (and corresponding
--rdt-config-file for command line)
+ for configuring the resctrl pseudo-filesystem.
+ * The config field drop_infra_ctr is now true by default
+ * The runtime_config_path option, which allows to specify the path of
the runtime configuration file,
+ is now supported by CRI-O. This is specific to the VM runtime type.
+ * Validate certificate dates for TLS metrics endpoint
+ Design
+ * Drop support for the crio.shutdown.
+ * ExecSync requests now don't use conmon, instead calling the runtime
directly, which reduces overhead.
+ Bug or Regression
+ * Add support for absent_mount_sources_to_reject, which allows admins to
configure paths that,
+ when mounted into a container despite not existing on the host, causes
a container creation
+ request to fail. This is useful for paths like /etc/hostname, which
causes trouble as a directory,
+ but possibly shouldn't be created as a file either (in the case of a
dynamic hostname).
+ * Add symlink /proc/mounts on /etc/mtab to container
+ * Add the config field internal_wipe which moves the responsibility of
wiping containers after a reboot
+ and images after an upgrade from the external binary crio wipe to the
main crio server.
+ This has a handful of advantages, the main one being crio is now
better able to cleanup CNI resources after a reboot.
+ * Allow users to customize conmon's resources if a pod is in a workload.
+ * CRI-O now logs when it is using cgroupv2
+ * Fix a bug in internal_wipe that would mean CNI resources would be
leaked across reboots.
+ * Fix a bug where CRI-O can't work with runc 1.0.0-rc93 because of an
incorrectly specified list of capabilities
+ * Fix a bug where CRI-O would leak opened files for namespaces on a
server restore
+ * Fix a bug where crio config would print a string for
privileged_without_host_devices, not a boolean
+ * Fix a bug where a container exec process received a little less time
than the timeout provided
+ * Fix a bug where an exec sync timeout would fail to cleanup the runtime
exec process
+ * Fix a bug where cAdvisor couldn't read the disk usage of a pod with a
dropped infra container
+ * Fix a bug where duplicate requests would stall even if the pod or
container was already created
+ * Fix a bug where server startup was significantly slowed down by
attempting to clean up CNI resources after a reboot.
+ * Fix a performance regression with exec probes
+ * Fix a segfault when CRI-O has takes more than 8 minutes to create a
pod or container
+ * Fix an RSS regression with exec sync requests
+ * Fix an issue where a container started with a terminal fails on exec
sync calls
+ * Fix drop ALL and add back few caps behavior to not include the default
configured capabilities
+ * Fix potential panic when reopening a container's log
+ * Fixed bug where it was not possible to run containers using the
default or no seccomp profile on
+ * seccomp disabled builds/machines
+ * Fixed bug where runtime VM created containers never reach their
completed state.
+ * Fixed linkmode detection for on en_US systems crio version
+ * Fixed runtime panic for layers lockfile if its parent directory does
not exist.
+ * Added support for repositories in auth.json
+ * Re-attempt setting up conmon's cgroup if it fails on EAGAIN from dbus
+ * Reduce the permission on the listen socket to 0660
+ * Reuse connection when connecting to dbus, as well as reattempt the
connection if it fails temporarily
+ * The privileged_without_host_devices flag can now be given a an
additional parameter to configure a runtime
+ * Wait for CNI plugins to be ready before starting non-host-network
pods, to allow pods that may run CNI
+ plugins to start faster
+ Other (Cleanup or Flake)
+ * Add systemd After=crio.service to containers and conmon
+ * Switched build artifacts to be published via the cri-o bucket.
+ * Use build tag for linkmode detection on crio version.
+ Uncategorized
+ * Add Particule as adopters
+ * Add --device-ownership-from-security-context which allows an admin to
specify devices be configured
+ to be owned by the container user and group, rather than
unconditionally * being root.
+ * Added internal/process/defunct_processes.go and crio_processes_defunct
metric to collect
+ the total number of defunct/zombie processes in a node.
+ * Raise a warning when creating a bind mount on the container root
+
+-------------------------------------------------------------------
Old:
----
cri-o-1.21.2.tar.gz
New:
----
cri-o-1.22.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ cri-o.spec ++++++
--- /var/tmp/diff_new_pack.VqGjI6/_old 2021-09-07 21:13:39.396739855 +0200
+++ /var/tmp/diff_new_pack.VqGjI6/_new 2021-09-07 21:13:39.396739855 +0200
@@ -24,7 +24,7 @@
%define project github.com/cri-o/cri-o
# Define macros for further referenced sources
Name: cri-o
-Version: 1.21.2
+Version: 1.22.0
Release: 0
Summary: OCI-based implementation of Kubernetes Container Runtime
Interface
License: Apache-2.0
@@ -56,7 +56,7 @@
Requires: iproute2
Requires: iptables
Requires: libcontainers-common >= 0.0.1
-Requires: runc >= 1.0.0~rc6
+Requires: runc >= 1.0.2
Requires: conmon
Suggests: katacontainers
# Provide generic cri-runtime dependency (needed by kubernetes)
++++++ _service ++++++
--- /var/tmp/diff_new_pack.VqGjI6/_old 2021-09-07 21:13:39.440739907 +0200
+++ /var/tmp/diff_new_pack.VqGjI6/_new 2021-09-07 21:13:39.444739913 +0200
@@ -2,7 +2,7 @@
<service name="tar_scm" mode="disabled">
<param name="url">https://github.com/cri-o/cri-o.git</param>
<param name="scm">git</param>
- <param name="revision">v1.21.2</param>
+ <param name="revision">v1.22.0</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="versionrewrite-pattern">v(.*)</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.VqGjI6/_old 2021-09-07 21:13:39.460739932 +0200
+++ /var/tmp/diff_new_pack.VqGjI6/_new 2021-09-07 21:13:39.460739932 +0200
@@ -3,4 +3,4 @@
<param name="url">https://github.com/cri-o/cri-o</param>
<param
name="changesrevision">4e159cc8db813fb38e7429ba39ad2cf73b174446</param></service><service
name="tar_scm">
<param name="url">https://github.com/cri-o/cri-o.git</param>
- <param
name="changesrevision">aaefa6b173f79384c6a2a627e5074a7f5b02957f</param></service></servicedata>
\ No newline at end of file
+ <param
name="changesrevision">6becad23eadd7dfdd25fd8df386bf3b706cf7758</param></service></servicedata>
\ No newline at end of file
++++++ cri-o-1.21.2.tar.gz -> cri-o-1.22.0.tar.gz ++++++
/work/SRC/openSUSE:Factory/cri-o/cri-o-1.21.2.tar.gz
/work/SRC/openSUSE:Factory/.cri-o.new.1899/cri-o-1.22.0.tar.gz differ: char 11,
line 1
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/cri-o/vendor.tar.gz
/work/SRC/openSUSE:Factory/.cri-o.new.1899/vendor.tar.gz differ: char 5, line 1
