CRI-O v1.29.0
The release notes have been generated for the commit range
v1.28.0…94c0704 on Thu, 11 Jan 2024 21:36:55 UTC.
Downloads
Download one of our static release bundles via our Google Cloud Bucket:
To verify the artifact signatures via cosign, run:
> export COSIGN_EXPERIMENTAL=1
> cosign verify-blob cri-o.amd64.94c0704abe46255b169a8dae736ff7f86836ec74.tar.gz \
--certificate-identity https://github.com/cri-o/cri-o/.github/workflows/test.yml@refs/tags/94c0704abe46255b169a8dae736ff7f86836ec74 \
--certificate-oidc-issuer https://token.actions.githubusercontent.com \
--certificate-github-workflow-repository cri-o/cri-o \
--certificate-github-workflow-ref refs/tags/94c0704abe46255b169a8dae736ff7f86836ec74 \
--signature cri-o.amd64.94c0704abe46255b169a8dae736ff7f86836ec74.tar.gz.sig \
--certificate cri-o.amd64.94c0704abe46255b169a8dae736ff7f86836ec74.tar.gz.cert
To verify the bill of materials (SBOM) in SPDX format using the bom tool, run:
> tar xfz cri-o.amd64.94c0704abe46255b169a8dae736ff7f86836ec74.tar.gz
> bom validate -e cri-o.amd64.94c0704abe46255b169a8dae736ff7f86836ec74.tar.gz.spdx -d cri-o
Changelog since v1.28.0
Changes by Kind
Dependency-Change
- Update the golang.org/x/net package from 0.13.0 to 0.17.0 to fix vulnerabilities CVE-2023-39325 and CVE-2023-4448. (#7386, @kwilczynski)
- Update the google.golang.org/grpc package from 1.57.0 to 1.58.3 to fix vulnerabilities CVE-2023-39325 and CVE-2023-4448. (#7381, @kwilczynski)
Feature
- Added registries.conf to CRI-O bundle (#7312, @saschagrunert)
- Check the runtime supports IDMap support before specifying it (#7297, @rata)
Uncategorized
- Add support for cpu load balancing annotation for cgroupv2 (#7539, @openshift-cherrypick-robot)
- Allow the
io.kubernetes.cri-o.Devices annotation in the default runtime class, which along with AllowedDevices containing /dev/fuse by default, gives containers in the default runtime class optional access to /dev/fuse (#7535, @openshift-cherrypick-robot)
- Fix a bug in cpuset load balancing where cpusets flip between load balanced and not due to an ordering issue. (#7290, @openshift-cherrypick-robot)
- Fix a bug where CRI-O would override a Bidirectional mount in favor of a HostToContainer if the mount contained the host’s container storage (#7456, @openshift-cherrypick-robot)
- Fix a bug where the cgroup crun configures is different than that CRI-O sets load balancing/cpu quota on (#7442, @haircommander)
- Go get github.com/containers/common@v0.55.5-0.20231119144331-165b7a4dd43c (#7498, @hswong3i)
Dependencies
Added
- cloud.google.com/go/dataproc/v2: v2.3.0
Changed
- cloud.google.com/go/accessapproval: v1.6.0 → v1.7.4
- cloud.google.com/go/accesscontextmanager: v1.7.0 → v1.8.4
- cloud.google.com/go/aiplatform: v1.37.0 → v1.54.0
- cloud.google.com/go/analytics: v0.19.0 → v0.21.6
- cloud.google.com/go/apigateway: v1.5.0 → v1.6.4
- cloud.google.com/go/apigeeconnect: v1.5.0 → v1.6.4
- cloud.google.com/go/apigeeregistry: v0.6.0 → v0.8.2
- cloud.google.com/go/appengine: v1.7.1 → v1.8.4
- cloud.google.com/go/area120: v0.7.1 → v0.8.4
- cloud.google.com/go/artifactregistry: v1.13.0 → v1.14.6
- cloud.google.com/go/asset: v1.13.0 → v1.15.3
- cloud.google.com/go/assuredworkloads: v1.10.0 → v1.11.4
- cloud.google.com/go/automl: v1.12.0 → v1.13.4
- cloud.google.com/go/baremetalsolution: v0.5.0 → v1.2.3
- cloud.google.com/go/batch: v0.7.0 → v1.6.3
- cloud.google.com/go/beyondcorp: v0.5.0 → v1.0.3
- cloud.google.com/go/bigquery: v1.50.0 → v1.57.1
- cloud.google.com/go/billing: v1.13.0 → v1.17.4
- cloud.google.com/go/binaryauthorization: v1.5.0 → v1.7.3
- cloud.google.com/go/certificatemanager: v1.6.0 → v1.7.4
- cloud.google.com/go/channel: v1.12.0 → v1.17.3
- cloud.google.com/go/cloudbuild: v1.9.0 → v1.15.0
- cloud.google.com/go/clouddms: v1.5.0 → v1.7.3
- cloud.google.com/go/cloudtasks: v1.10.0 → v1.12.4
- cloud.google.com/go/compute: v1.20.1 → v1.23.3
- cloud.google.com/go/contactcenterinsights: v1.6.0 → v1.12.0
- cloud.google.com/go/container: v1.15.0 → v1.28.0
- cloud.google.com/go/containeranalysis: v0.9.0 → v0.11.3
- cloud.google.com/go/datacatalog: v1.13.0 → v1.19.0
- cloud.google.com/go/dataflow: v0.8.0 → v0.9.4
- cloud.google.com/go/dataform: v0.7.0 → v0.9.1
- cloud.google.com/go/datafusion: v1.6.0 → v1.7.4
- cloud.google.com/go/datalabeling: v0.7.0 → v0.8.4
- cloud.google.com/go/dataplex: v1.6.0 → v1.11.2
- cloud.google.com/go/dataqna: v0.7.0 → v0.8.4
- cloud.google.com/go/datastore: v1.11.0 → v1.15.0
- cloud.google.com/go/datastream: v1.7.0 → v1.10.3
- cloud.google.com/go/deploy: v1.8.0 → v1.15.0
- cloud.google.com/go/dialogflow: v1.32.0 → v1.44.3
- cloud.google.com/go/dlp: v1.9.0 → v1.11.1
- cloud.google.com/go/documentai: v1.18.0 → v1.23.5
- cloud.google.com/go/domains: v0.8.0 → v0.9.4
- cloud.google.com/go/edgecontainer: v1.0.0 → v1.1.4
- cloud.google.com/go/essentialcontacts: v1.5.0 → v1.6.5
- cloud.google.com/go/eventarc: v1.11.0 → v1.13.3
- cloud.google.com/go/filestore: v1.6.0 → v1.8.0
- cloud.google.com/go/firestore: v1.9.0 → v1.14.0
- cloud.google.com/go/functions: v1.13.0 → v1.15.4
- cloud.google.com/go/gkebackup: v0.4.0 → v1.3.4
- cloud.google.com/go/gkeconnect: v0.7.0 → v0.8.4
- cloud.google.com/go/gkehub: v0.12.0 → v0.14.4
- cloud.google.com/go/gkemulticloud: v0.5.0 → v1.0.3
- cloud.google.com/go/gsuiteaddons: v1.5.0 → v1.6.4
- cloud.google.com/go/iam: v1.1.0 → v1.1.5
- cloud.google.com/go/iap: v1.7.1 → v1.9.3
- cloud.google.com/go/ids: v1.3.0 → v1.4.4
- cloud.google.com/go/iot: v1.6.0 → v1.7.4
- cloud.google.com/go/kms: v1.12.1 → v1.15.5
- cloud.google.com/go/language: v1.9.0 → v1.12.2
- cloud.google.com/go/lifesciences: v0.8.0 → v0.9.4
- cloud.google.com/go/logging: v1.7.0 → v1.8.1
- cloud.google.com/go/longrunning: v0.4.1 → v0.5.4
- cloud.google.com/go/managedidentities: v1.5.0 → v1.6.4
- cloud.google.com/go/maps: v0.7.0 → v1.6.1
- cloud.google.com/go/mediatranslation: v0.7.0 → v0.8.4
- cloud.google.com/go/memcache: v1.9.0 → v1.10.4
- cloud.google.com/go/metastore: v1.10.0 → v1.13.3
- cloud.google.com/go/monitoring: v1.13.0 → v1.16.3
- cloud.google.com/go/networkconnectivity: v1.11.0 → v1.14.3
- cloud.google.com/go/networkmanagement: v1.6.0 → v1.9.3
- cloud.google.com/go/networksecurity: v0.8.0 → v0.9.4
- cloud.google.com/go/notebooks: v1.8.0 → v1.11.2
- cloud.google.com/go/optimization: v1.3.1 → v1.6.2
- cloud.google.com/go/orchestration: v1.6.0 → v1.8.4
- cloud.google.com/go/orgpolicy: v1.10.0 → v1.11.4
- cloud.google.com/go/osconfig: v1.11.0 → v1.12.4
- cloud.google.com/go/oslogin: v1.9.0 → v1.12.2
- cloud.google.com/go/phishingprotection: v0.7.0 → v0.8.4
- cloud.google.com/go/policytroubleshooter: v1.6.0 → v1.10.2
- cloud.google.com/go/privatecatalog: v0.8.0 → v0.9.4
- cloud.google.com/go/pubsub: v1.30.0 → v1.33.0
- cloud.google.com/go/pubsublite: v1.7.0 → v1.8.1
- cloud.google.com/go/recaptchaenterprise/v2: v2.7.0 → v2.8.4
- cloud.google.com/go/recommendationengine: v0.7.0 → v0.8.4
- cloud.google.com/go/recommender: v1.9.0 → v1.11.3
- cloud.google.com/go/redis: v1.11.0 → v1.14.1
- cloud.google.com/go/resourcemanager: v1.7.0 → v1.9.4
- cloud.google.com/go/resourcesettings: v1.5.0 → v1.6.4
- cloud.google.com/go/retail: v1.12.0 → v1.14.4
- cloud.google.com/go/run: v0.9.0 → v1.3.3
- cloud.google.com/go/scheduler: v1.9.0 → v1.10.5
- cloud.google.com/go/secretmanager: v1.10.0 → v1.11.4
- cloud.google.com/go/security: v1.14.0 → v1.15.4
- cloud.google.com/go/securitycenter: v1.19.0 → v1.24.2
- cloud.google.com/go/servicedirectory: v1.9.0 → v1.11.3
- cloud.google.com/go/shell: v1.6.0 → v1.7.4
- cloud.google.com/go/spanner: v1.45.0 → v1.53.0
- cloud.google.com/go/speech: v1.15.0 → v1.21.0
- cloud.google.com/go/storagetransfer: v1.8.0 → v1.10.3
- cloud.google.com/go/talent: v1.5.0 → v1.6.5
- cloud.google.com/go/texttospeech: v1.6.0 → v1.7.4
- cloud.google.com/go/tpu: v1.5.0 → v1.6.4
- cloud.google.com/go/trace: v1.9.0 → v1.10.4
- cloud.google.com/go/translate: v1.7.0 → v1.9.3
- cloud.google.com/go/video: v1.15.0 → v1.20.3
- cloud.google.com/go/videointelligence: v1.10.0 → v1.11.4
- cloud.google.com/go/vision/v2: v2.7.0 → v2.7.5
- cloud.google.com/go/vmmigration: v1.6.0 → v1.7.4
- cloud.google.com/go/vmwareengine: v0.3.0 → v1.0.3
- cloud.google.com/go/vpcaccess: v1.6.0 → v1.7.4
- cloud.google.com/go/webrisk: v1.8.0 → v1.9.4
- cloud.google.com/go/websecurityscanner: v1.5.0 → v1.6.4
- cloud.google.com/go/workflows: v1.10.0 → v1.12.3
- cloud.google.com/go: v0.110.2 → v0.110.10
- github.com/containers/common: v0.55.3 → 8fedf2e
- github.com/envoyproxy/go-control-plane: 9239064 → v0.11.1
- github.com/envoyproxy/protoc-gen-validate: v0.10.1 → v1.0.2
- github.com/go-jose/go-jose/v3: v3.0.0 → v3.0.1
- github.com/go-logr/logr: v1.2.4 → v1.3.0
- github.com/golang/glog: v1.1.0 → v1.1.2
- github.com/google/go-cmp: v0.5.9 → v0.6.0
- github.com/google/uuid: v1.3.0 → v1.3.1
- github.com/grpc-ecosystem/grpc-gateway/v2: v2.15.2 → v2.18.1
- github.com/opencontainers/runtime-spec: v1.1.0 → 4fec88f
- go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc: v0.42.0 → v0.46.1
- go.opentelemetry.io/otel/exporters/otlp/internal/retry: v1.16.0 → v1.15.0
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.16.0 → v1.21.0
- go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.16.0 → v1.21.0
- go.opentelemetry.io/otel/metric: v1.16.0 → v1.21.0
- go.opentelemetry.io/otel/sdk: v1.16.0 → v1.21.0
- go.opentelemetry.io/otel/trace: v1.16.0 → v1.21.0
- go.opentelemetry.io/otel: v1.16.0 → v1.21.0
- go.opentelemetry.io/proto/otlp: v0.19.0 → v1.0.0
- go.uber.org/goleak: v1.2.1 → v1.3.0
- golang.org/x/crypto: v0.11.0 → v0.16.0
- golang.org/x/net: v0.13.0 → v0.19.0
- golang.org/x/oauth2: v0.10.0 → v0.13.0
- golang.org/x/sys: v0.11.0 → v0.15.0
- golang.org/x/term: v0.10.0 → v0.15.0
- golang.org/x/text: v0.11.0 → v0.14.0
- google.golang.org/genproto/googleapis/api: e85fd2c → 3a041ad
- google.golang.org/genproto/googleapis/rpc: e449d1e → 3a041ad
- google.golang.org/genproto: e85fd2c → 83a465c
- google.golang.org/grpc: v1.57.0 → v1.59.0
Removed
Nothing has changed.