Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

VERSION: release runc 1.0.0 #2971

Merged
merged 2 commits into from
Jun 22, 2021
Merged

VERSION: release runc 1.0.0 #2971

merged 2 commits into from
Jun 22, 2021

Conversation

cyphar
Copy link
Member

@cyphar cyphar commented Jun 1, 2021

This PR needs 5 votes to pass:

v1.0.0 -- "A wizard is never late, nor is he early, he arrives precisely when he means to."

This release fixes a few bugs found (almost all related to cgroupv2
handling), and is the first non-rc release of runc in 5 years
(v1.0.0-rc1 was released in 2016). It's been a very long road, and we
thank the many contributors and maintainers that helped us get to this
point (approximately 422 people in total).

As runc follows Semantic Versioning, we will endeavor to not make any
breaking changes without bumping the major version number of runc.

However, it should be noted that Go API usage of runc's internal
implementation (libcontainer) is *not* covered by this policy -- for
historical reasons, this code was not moved into an "internal" package
(this feature did not exist in Go at the time) and because certain
projects currently depend on this, we have not yet moved this code into
an internal package. Despite this, we reserve the right to make breaking
changes in our Go APIs (though we will note such changes in our
changelog, and will try to avoid needless disruption if possible).

Breaking changes:

 * Removed libcontainer/configs.Device* identifiers (deprecated since rc94,
   use libcontainer/devices) (#2999)
 * Removed libcontainer/system.RunningInUserNS function (deprecated since
   rc94, use libcontainer/userns) (#2999)

Deprecations:

 * The usage of relative paths for mountpoints will now produce a warning
   (such configurations are outside of the spec, and in future runc will
   produce an error when given such configurations). (#2917, #3004)

Bugfixes:

 * cgroupv2: devices: rework the filter generation to produce consistent
   results with cgroupv1, and always clobber any existing eBPF
   program(s) to fix `runc update` and avoid leaking eBPF programs
   (resulting in errors when managing containers).  (#2951)
 * cgroupv2: correctly convert "number of IOs" statistics in a
   cgroupv1-compatible way. (#2965, #2967, #2968, #2964)
 * cgroupv2: support larger than 32-bit IO statistics on 32-bit architectures.
 * cgroupv2: wait for freeze to finish before returning from the freezing
   code, optimize the method for checking whether a cgroup is frozen. (#2955)
 * cgroups/systemd: fixed "retry on dbus disconnect" logic introduced in rc94
 * cgroups/systemd: fixed returning "unit already exists" error from a systemd
   cgroup manager (regression in rc94) (#2997, #2996)

Improvements:

 * cgroupv2: support SkipDevices with systemd driver (#2958, #3019)
 * cgroup/systemd: return, not ignore, stop unit error from Destroy (#2946)
 * Fix all golangci-lint failures. (#2781, #2962)
 * Make "runc --version" output sane even when built with `go get` or
   otherwise outside of our build scripts. (#2962)
 * cgroups: set SkipDevices during runc update (so we don't modify
   cgroups at all during `runc update`). (#2994)
 * cgroup1: blkio: support BFQ weights. (#3010)
 * cgroupv2: set per-device io weights if BFQ IO scheduler is available.
   (#3022)

Thanks to the following people who made this release possible:

 * Adrian Reber <[email protected]>
 * Akihiro Suda <[email protected]>
 * Aleksa Sarai <[email protected]>
 * Antti Kervinen <[email protected]>
 * Daniel, Dao Quang Minh <[email protected]>
 * Enrico Weigelt <[email protected]>
 * Kir Kolyshkin <[email protected]>
 * Michael Crosby <[email protected]>
 * Mrunal Patel <[email protected]>
 * Peter Hunt <[email protected]>
 * Qiang Huang <[email protected]>
 * Sebastiaan van Stijn <[email protected]>
 * Shiming Zhang <[email protected]>
 * Yashpal Choudhary <[email protected]>

Signed-off-by: Aleksa Sarai <[email protected]>

Signed-off-by: Aleksa Sarai [email protected]

@cyphar cyphar added this to the 1.0.0 milestone Jun 1, 2021
dqminh
dqminh previously approved these changes Jun 1, 2021
@AkihiroSuda
Copy link
Member

@AkihiroSuda
Copy link
Member

Can we have an official announcement on https://opencontainers.org/posts/announcements/ ? 🎉

VERSION Show resolved Hide resolved
@cyphar cyphar removed the request for review from dqminh June 1, 2021 09:53
@h-vetinari
Copy link

h-vetinari commented Jun 1, 2021

Can we have an official announcement on https://opencontainers.org/posts/announcements/ ? 🎉

I think that would be a great idea, and deserve a longer victory lap than the proposed release notes in the OP. There's a lot of history contained across:

  • 7+ years since 6415e8b
  • 2 repo changes (incl. founding opencontainers?)
  • 95 15 release candidates over 5 years
  • various CVEs
  • the hook drama
  • cgroups v2, rootless, etc. etc.

and concluding this epic journey would IMO really deserve some celebratory commemoration.

@cyphar
Copy link
Member Author

cyphar commented Jun 1, 2021

Yeah I expect we're going to have a proper celebration of some kind.

95 15 release candidates

Please stop rubbing it in. 😅 😅 😅

I promise I've actually read the SemVer spec now.

@dims

This comment has been minimized.

@cyphar

This comment has been minimized.

@dims

This comment has been minimized.

Copy link
Member

@AkihiroSuda AkihiroSuda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Moby CI is failing 😭

moby/moby#42450 (comment)

=== RUN TestBuildMultiStageCopy/copy_to_newdir
--- FAIL: TestBuildMultiStageCopy/copy_to_newdir (0.42s)
build_test.go:182: {"stream":"Step 1/8 : FROM busybox AS base"}
{"stream":"\n"}
{"stream":" ---\u003e 1c35c4412082\n"}
{"stream":"Step 2/8 : RUN mkdir existingdir"}
{"stream":"\n"}
{"stream":" ---\u003e Running in a65f6cb4628e\n"}
{"stream":"Removing intermediate container a65f6cb4628e\n"}
{"errorDetail":{"message":"failed to create shim: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: process_linux.go:508: setting cgroup config for procHooks process caused: failed to call BPF_PROG_ATTACH (BPF_CGROUP_DEVICE, BPF_F_ALLOW_MULTI): can't attach program: invalid argument: unknown"},"error":"failed to create shim: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: process_linux.go:508: setting cgroup config for procHooks process caused: failed to call BPF_PROG_ATTACH (BPF_CGROUP_DEVICE, BPF_F_ALLOW_MULTI): can't attach program: invalid argument: unknown"}

@AkihiroSuda

This comment has been minimized.

@cyphar

This comment has been minimized.

@cyphar

This comment has been minimized.

crosbymichael
crosbymichael previously approved these changes Jun 1, 2021
@cyphar cyphar marked this pull request as draft June 1, 2021 15:49
@kolyshkin

This comment has been minimized.

mrunalp
mrunalp previously approved these changes Jun 1, 2021
@kolyshkin

This comment has been minimized.

@cyphar
Copy link
Member Author

cyphar commented Jun 17, 2021

@opencontainers/runc-maintainers I've rebased this on top of the all the necessary fixes we've merged in the past few weeks, so we need to re-do the vote.

@cyphar cyphar marked this pull request as ready for review June 17, 2021 08:17
@cyphar cyphar dismissed AkihiroSuda’s stale review June 17, 2021 08:18

Moby CI passes now.

@hqhq
Copy link
Contributor

hqhq commented Jun 17, 2021

LGTM

@cyphar
Copy link
Member Author

cyphar commented Jun 17, 2021

LGTM.

Copy link
Member

@AkihiroSuda AkihiroSuda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Copy link
Contributor

@kolyshkin kolyshkin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mrunalp
Copy link
Contributor

mrunalp commented Jun 18, 2021

LGTM

Copy link
Member

@thaJeztah thaJeztah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM (nb)

@cyphar
Copy link
Member Author

cyphar commented Jun 19, 2021

That's 5. I'll do the release on Monday.

Copy link

@tao12345666333 tao12345666333 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM (nb)

@kolyshkin
Copy link
Contributor

I took a liberty to remove

line from the release notes, as it's already described above (i.e. a duplicate).

@cyphar cyphar closed this in 2fc269d Jun 22, 2021
@cyphar cyphar merged commit 2fc269d into opencontainers:master Jun 22, 2021
@h-vetinari
Copy link

This could still use an announcement on https://opencontainers.org/, the mailing list, etc... Not sure that's worth an issue, but can open one of course.

@cyphar
Copy link
Member Author

cyphar commented Jul 2, 2021

While the opencontainers website is deployed from https://github.com/opencontainers/opencontainers.org, I'll ping @caniszczyk since usually someone else drafts the blog announcements.

@cyphar cyphar deleted the release-1.0 branch July 2, 2021 13:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.