Skip to content

Update runc binary to v1.2.5#11388

Merged
samuelkarp merged 1 commit intocontainerd:mainfrom
austinvazquez:update-runc-1.2.5
Feb 14, 2025
Merged

Update runc binary to v1.2.5#11388
samuelkarp merged 1 commit intocontainerd:mainfrom
austinvazquez:update-runc-1.2.5

Conversation

@austinvazquez
Copy link
Copy Markdown
Member

@austinvazquez austinvazquez commented Feb 14, 2025
edited
Loading

This is the fifth patch release in the 1.2.z series of runc. It primarily fixes an issue caused by an upstream systemd bug.

  • There was a regression in systemd v230 which made the way we define device rule restrictions require a systemctl daemon-reload for our transient units. This caused issues for workloads using NVIDIA GPUs. Workaround the upstream regression by re-arranging how the unit properties are defined.
  • Dependency github.com/cyphar/filepath-securejoin is updated to v0.4.1, to allow projects that vendor runc to bump it as well.
  • CI: fixed criu-dev compilation.
  • Dependency golang.org/x/net is updated to 0.33.0.

diff: opencontainers/[email protected]

@austinvazquez
Update runc binary to v1.2.5
9387758 
This is the fifth patch release in the 1.2.z series of runc. It
primarily fixes an issue caused by an upstream systemd bug.

There was a regression in systemd v230 which made the way we define device
rule restrictions require a systemctl daemon-reload for our transient
units. This caused issues for workloads using NVIDIA GPUs. Workaround the
upstream regression by re-arranging how the unit properties are defined.
Dependency github.com/cyphar/filepath-securejoin is updated to v0.4.1,
to allow projects that vendor runc to bump it as well.
CI: fixed criu-dev compilation.
Dependency golang.org/x/net is updated to 0.33.0.

diff: opencontainers/[email protected]

Signed-off-by: Austin Vazquez <[email protected]>
@k8s-ci-robot
Copy link
Copy Markdown

k8s-ci-robot commented Feb 14, 2025

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@austinvazquez austinvazquez marked this pull request as ready for review February 14, 2025 04:03
thaJeztah
thaJeztah approved these changes Feb 14, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@thaJeztah thaJeztah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

this probably needs cherry-picks for the active release branches

@thaJeztah thaJeztah added cherry-pick/1.6.x cherry-pick/1.7.x Change to be cherry picked to release/1.7 branch cherry-pick/2.0.x Change to be cherry picked to release/2.0 branch labels Feb 14, 2025
@estesp estesp added this pull request to the merge queue Feb 14, 2025
@github-merge-queue github-merge-queue Bot removed this pull request from the merge queue due to failed status checks Feb 14, 2025
@samuelkarp samuelkarp added this pull request to the merge queue Feb 14, 2025
Merged via the queue into containerd:main with commit d305214 Feb 14, 2025
@austinvazquez austinvazquez deleted the update-runc-1.2.5 branch February 14, 2025 21:12
@thaJeztah
Copy link
Copy Markdown
Member

thaJeztah commented Feb 17, 2025

/cherry-pick release/2.0 release/1.7 release/1.6

@k8s-infra-cherrypick-robot
Copy link
Copy Markdown

k8s-infra-cherrypick-robot commented Feb 17, 2025

@thaJeztah: new pull request created: #11394

Details

In response to this:

/cherry-pick release/2.0 release/1.7 release/1.6

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-infra-cherrypick-robot k8s-infra-cherrypick-robot mentioned this pull request Feb 17, 2025
Merged
@thaJeztah
Copy link
Copy Markdown
Member

thaJeztah commented Feb 17, 2025

/cherrypick release/1.7

@thaJeztah
Copy link
Copy Markdown
Member

thaJeztah commented Feb 17, 2025

/cherrypick release/1.6

@k8s-infra-cherrypick-robot
Copy link
Copy Markdown

k8s-infra-cherrypick-robot commented Feb 17, 2025

@thaJeztah: new pull request created: #11395

Details

In response to this:

/cherrypick release/1.7

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-infra-cherrypick-robot k8s-infra-cherrypick-robot mentioned this pull request Feb 17, 2025
Merged
@k8s-infra-cherrypick-robot
Copy link
Copy Markdown

k8s-infra-cherrypick-robot commented Feb 17, 2025

@thaJeztah: new pull request created: #11396

Details

In response to this:

/cherrypick release/1.6

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-infra-cherrypick-robot k8s-infra-cherrypick-robot mentioned this pull request Feb 17, 2025
Merged
@thaJeztah thaJeztah removed cherry-pick/1.6.x cherry-pick/1.7.x Change to be cherry picked to release/1.7 branch cherry-pick/2.0.x Change to be cherry picked to release/2.0 branch labels Feb 17, 2025
@thaJeztah thaJeztah added cherry-picked/1.6.x PR commits are cherry-picked into release/1.6 branch cherry-picked/1.7.x PR commits are cherry-picked into release/1.7 branch cherry-picked/2.0.x PR commits are cherry picked into the release/2.0 branch labels Feb 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@samuelkarp samuelkarp samuelkarp approved these changes

@estesp estesp estesp approved these changes

@thaJeztah thaJeztah thaJeztah approved these changes

Assignees

No one assigned

Labels

cherry-picked/1.6.x PR commits are cherry-picked into release/1.6 branch cherry-picked/1.7.x PR commits are cherry-picked into release/1.7 branch cherry-picked/2.0.x PR commits are cherry picked into the release/2.0 branch size/XS

Projects

Pull Request Review
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@austinvazquez @k8s-ci-robot @thaJeztah @k8s-infra-cherrypick-robot @samuelkarp @estesp