I've actually skipped this update on purpose for now, I'm going to update a few packages again once the current master-next is stabilized, and this was one of them .. but I'm trying to time a dot release, as it will be the last updates before release.
On Thu, Mar 21, 2024 at 3:54 PM Patrick Wicki <[email protected]> wrote: > > From: Patrick Wicki <[email protected]> > > An important change is the deprecation of the CNI network backend. So > far the backend was configurable and CNI was still the default in the > layer through 'VIRTUAL-RUNTIME_container_networking'. It's apparently > still possible to use it by setting the 'cni' build tag. I attempted > this, but despite CNI being installed and podman built with 'cni' in > BUILDTAGS, I still got: > > root@qemux86-64:~# podman version > Error: could not find "netavark" in one of {[/usr/local/libexec/podman > /usr/local/lib/podman /usr/libexec/podman /usr/lib/podman] {<nil>}}. To > resolve this error, set the helper_binaries_dir key in the `[engine]` section > of containers.conf to the directory containing your helper binaries. > root@qemux86-64:~# > > But it seems like the CNI backend is hanging by a thread anyway and is > likely going to disappear entirely once netavark is supported on > FreeBSD. So I think at this point it makes sense to remove the choice > and just use netavark. > > Version bump comprises the following commits: > > f32338dfc bump version to v5.0.1-dev > e71ec6f1d New release: v5.0.0 > 6b93d9e11 Update RELEASE_NOTES.md with CVE-2024-1753 > eb2b16d6d [v5.0] Bump Buildah to v1.35.1 > 43b9ea8b9 Adjust to the standard location of gvforwarder used in new > images > 4a84f39b3 Switch to 5.x WSL machine os stream using new automation > a03de4c14 rpm: use macro supported vendoring > 069439820 Bump to v5.0.0-dev > f8888a13b Bump to v5.0.0-RC7 > 2e387df07 Add release notes for v5.0.0-rc7 > d36ce9c2b fix invalid HTTP header values when hijacking a connection > 8891d592b Use faster gzip for compression for 3x speedup for sending > large contexts to remote > 59512272b pkg/machine: make checkExclusiveActiveVM race free > 51eee609c pkg/machine/wsl: remove unused CheckExclusiveActiveVM() > 412648207 pkg/machine: CheckExclusiveActiveVM should also check for > starting > 1ca93f3fb pkg/machine: refresh config after we hold lock > 71320df8e rpm: update containers-common dep on f40+ > e58cb97de Change API socket to be machine name isolated > dbf38779b Makefile: drop tests-included from validate target > 0fdd83173 Add release notes for v5.0.0 > d7bc7b7b4 do not require policy.json > 82597144b Machine decompress.go refactoring follow-up > abaa179aa Add target win-gvproxy in winmake.ps1 > 4c5d26f6f Add final machine endpoint > 068ddfd19 update API doc version to 5.0.0 > f2af295e4 Bump to 5.0.0-dev > d26113ca8 Bump to 5.0.0-rc6 > 52ed774c2 docs: generate-systemd: add clarification statement > 3d6758a61 docs: quadlet: improve docs on root/rootless dirs > 885dd2add [CI:DOCS] performance: fix URL and kernel version requirement > e6ac569a1 [CI:DOCS] Remove outdated references > 364813da6 Add note for RHEL 8.5 > e220d1ce6 Update module gopkg.in/go-jose/go-jose.v2 to v2.6.3 [SECURITY] > f91b8e77b Update module github.com/go-jose/go-jose/v3 to v3.0.3 [SECURITY] > 9b21a5b79 Bump to v5.0.0-dev > bbad09bb0 Bump to v5.0.0-rc5 > 432f4fbf9 Fix Mac CI > d54a37399 Complete policy.json inclusion > b234bb55e Bump Buildah to v1.35.0 > 5d3a19f8d podman compose: enable machine socket connection > 6f4ee16d9 [CI:DOCS] Add farm command to commands list > 25f3a8ce7 podman machine start/stop do not write config unlocked > 75fa38d52 [CI:BUILD] Build universal Podman binary for Mac installer > 7a7591492 podman machine init: do not write config unlocked > 7bfe5e700 Fail on failures to close the file descriptors, and especially > the SparseWriter > 5e0b7e54c Avoid reliance on fs.ErrClosed in SparseWriter users > 4c6505be5 Fix the logic for detecting an unexpected close error > 81906081e vendor libhvee-0.7.0 > 3c9c5be7d podman machine set: change options only locked > a65b546c6 Remove copySparseFile > 2ba3a2d56 pkg/machine: fix relative DefaultPolicyJSONPath > 724c5a06b Don't read full VM File before decompressing > ff81cf7c7 [CI:DOCS] Fix windows installer action > 4d2fc293c machine: make more use of strongunits > 92b67a69a Fix wrong units size return > 79012795a fix(deps): update github.com/containers/libhvee digest to > 7cee23c > d6d260174 [CI:DOCS] Migrate podman container image > a349f8d10 fix(deps): update module google.golang.org/protobuf to v1.33.0 > 39851a0b9 CI: try to fix more flakes > 835cfbc05 [CI:BUILD] rpm: Put the podmansh(1) manual in the podmansh > sub-package > 945995be1 e2e: fix potential race in file-locks test > 02403c2e6 Makefile: podman should have correct selinux label > 9ee96a956 properly implement pull-error event status > 155cd463d fix(deps): update module golang.org/x/tools to v0.19.0 > 6272abbbb Resurrect auto-port reassignment, but for all providers > ef7727238 Refactor env dir and port functions into new leaf pkgs > eabf0acfa fix(deps): update module golang.org/x/net to v0.22.0 > 3b72f9178 Revert "Expose as-tested Mac/Windows repository state" > 24516f3ef fix(deps): update module golang.org/x/term to v0.18.0 > e8bf9a323 Update podman-for-windows.md > 8c9222848 fix(deps): update github.com/containers/libhvee digest to > 0ff33af > e09444327 machine init: print output to improve UX > 530782e11 logformatter: fixes for Macintosh > ebce0e71d test/e2e: check for stderr errors in cleanup() > ef6d38752 Bump to FreeBSD 13.3 (13.2 vanished) > bce14b1e6 fix(deps): update module github.com/stretchr/testify to v1.9.0 > 185981fa5 Copy past golang/expansion form ks8.io/kubernetes > > Signed-off-by: Patrick Wicki <[email protected]> > --- > recipes-containers/podman/podman_git.bb | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) > > diff --git a/recipes-containers/podman/podman_git.bb > b/recipes-containers/podman/podman_git.bb > index fc532d6a..8dc836c3 100644 > --- a/recipes-containers/podman/podman_git.bb > +++ b/recipes-containers/podman/podman_git.bb > @@ -17,9 +17,9 @@ DEPENDS = " \ > gettext-native \ > " > > -SRCREV = "460fc4d65f3681c3b0dbd78d6521ddd905578b6d" > +SRCREV = "0bf85ac730600a45d0df5b259c072a7bc0742f4b" > SRC_URI = " \ > - git://github.com/containers/libpod.git;branch=main;protocol=https \ > + git://github.com/containers/libpod.git;branch=v5.0;protocol=https \ > ${@bb.utils.contains('PACKAGECONFIG', 'rootless', > 'file://50-podman-rootless.conf', '', d)} \ > file://run-ptest \ > " > @@ -31,7 +31,7 @@ GO_IMPORT = "import" > > S = "${WORKDIR}/git" > > -PV = "5.0.0-rc4+git" > +PV = "5.0.0+git" > > CVE_STATUS[CVE-2022-2989] = "fixed-version: fixed since v4.3.0" > CVE_STATUS[CVE-2023-0778] = "fixed-version: fixed since v4.5.0" > @@ -147,7 +147,7 @@ VIRTUAL-RUNTIME_base-utils-nsenter ?= "util-linux-nsenter" > COMPATIBLE_HOST = "^(?!mips).*" > > RDEPENDS:${PN} += "\ > - conmon ${VIRTUAL-RUNTIME_container_runtime} iptables > ${VIRTUAL-RUNTIME_container_networking} skopeo > ${VIRTUAL-RUNTIME_base-utils-nsenter} \ > + conmon ${VIRTUAL-RUNTIME_container_runtime} iptables netavark skopeo > ${VIRTUAL-RUNTIME_base-utils-nsenter} \ I realize that looking at the layer, you might think that the variable is mainly (only) used by podman, but I know of several other layers that are using the variable to coordinate networking between different packages. So this will indeed stay as a variable, since we will switch all packages at the same time if it is used, as there's no plans to support mixed cni / other networking solutions .. we can change the default of course, but making it a variable is still important so it can be used for coordination. Either way, I'll revisit this in a few weeks, once I'm doing that last sweep for updates before the release. Thanks for the patch, I've staged it in my "to-revisit" queue. Bruce > ${@bb.utils.contains('PACKAGECONFIG', 'rootless', 'fuse-overlayfs > slirp4netns', '', d)} \ > " > RRECOMMENDS:${PN} += "slirp4netns kernel-module-xt-masquerade > kernel-module-xt-comment" > -- > 2.44.0 > > > > -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#8652): https://lists.yoctoproject.org/g/meta-virtualization/message/8652 Mute This Topic: https://lists.yoctoproject.org/mt/105072782/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
