containerd
diff --git a/‎.github/workflows/ghcr-image-build-and-publish.yml
Lines changed: 5 additions & 3 deletions b/‎.github/workflows/ghcr-image-build-and-publish.yml
Lines changed: 5 additions & 3 deletions
diff --git a/‎.github/workflows/release.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/release.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/test.yml
Lines changed: 42 additions & 30 deletions b/‎.github/workflows/test.yml
Lines changed: 42 additions & 30 deletions
diff --git a/‎.golangci.yml
Lines changed: 0 additions & 1 deletion b/‎.golangci.yml
Lines changed: 0 additions & 1 deletion
diff --git a/‎Dockerfile
Lines changed: 11 additions & 25 deletions b/‎Dockerfile
Lines changed: 11 additions & 25 deletions
diff --git a/‎Dockerfile.d/SHA256SUMS.d/buildkit-v0.13.2
Lines changed: 0 additions & 2 deletions b/‎Dockerfile.d/SHA256SUMS.d/buildkit-v0.13.2
Lines changed: 0 additions & 2 deletions
diff --git a/‎Dockerfile.d/SHA256SUMS.d/buildkit-v0.14.1
Lines changed: 2 additions & 0 deletions b/‎Dockerfile.d/SHA256SUMS.d/buildkit-v0.14.1
Lines changed: 2 additions & 0 deletions
diff --git a/‎Dockerfile.d/SHA256SUMS.d/cni-plugins-v1.4.1
Lines changed: 0 additions & 2 deletions b/‎Dockerfile.d/SHA256SUMS.d/cni-plugins-v1.4.1
Lines changed: 0 additions & 2 deletions
diff --git a/‎Dockerfile.d/SHA256SUMS.d/cni-plugins-v1.5.0
Lines changed: 2 additions & 0 deletions b/‎Dockerfile.d/SHA256SUMS.d/cni-plugins-v1.5.0
Lines changed: 2 additions & 0 deletions
diff --git a/‎Dockerfile.d/SHA256SUMS.d/cni-plugins-v1.5.1
Lines changed: 2 additions & 0 deletions b/‎Dockerfile.d/SHA256SUMS.d/cni-plugins-v1.5.1
Lines changed: 2 additions & 0 deletions
diff --git a/‎Dockerfile.d/SHA256SUMS.d/slirp4netns-v1.3.0
Lines changed: 0 additions & 7 deletions b/‎Dockerfile.d/SHA256SUMS.d/slirp4netns-v1.3.0
Lines changed: 0 additions & 7 deletions
diff --git a/‎Dockerfile.d/SHA256SUMS.d/slirp4netns-v1.3.1
Lines changed: 6 additions & 0 deletions b/‎Dockerfile.d/SHA256SUMS.d/slirp4netns-v1.3.1
Lines changed: 6 additions & 0 deletions
@@ -12,6 +12,8 @@ on:
     tags: ['v*.*.*']
   pull_request:
     branches: [main]
+    paths-ignore:
+      - '**.md'
 
 env:
   # Use docker.io for Docker Hub if empty
@@ -30,7 +32,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/[email protected].6
+        uses: actions/[email protected].7
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
@@ -42,7 +44,7 @@ jobs:
       # https://github.com/docker/login-action
       - name: Log into registry ${{ env.REGISTRY }}
         if: github.event_name != 'pull_request'
-        uses: docker/login-action@v3.1.0
+        uses: docker/login-action@v3.2.0
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
@@ -59,7 +61,7 @@ jobs:
       # Build and push Docker image with Buildx (don't push on PR)
       # https://github.com/docker/build-push-action
       - name: Build and push Docker image
-        uses: docker/build-push-action@v5.3.0
+        uses: docker/build-push-action@v6.1.0
         with:
           context: .
           platforms: linux/amd64,linux/arm64
 
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-22.04
     timeout-minutes: 40
     steps:
-    - uses: actions/[email protected].6
+    - uses: actions/[email protected].7
     - uses: actions/setup-go@v5
       with:
         go-version: 1.22.x
 
@@ -6,6 +6,8 @@ on:
       - main
       - 'release/**'
   pull_request:
+    paths-ignore:
+      - '**.md'
 
 env:
   GO_VERSION: 1.22.x
@@ -16,7 +18,7 @@ jobs:
     runs-on: ubuntu-22.04
     timeout-minutes: 20
     steps:
-      - uses: actions/[email protected].6
+      - uses: actions/[email protected].7
         with:
           path: src/github.com/containerd/nerdctl
           fetch-depth: 100
@@ -37,7 +39,7 @@ jobs:
     runs-on: ubuntu-22.04
     timeout-minutes: 20
     steps:
-      - uses: actions/[email protected].6
+      - uses: actions/[email protected].7
         with:
           fetch-depth: 1
       - uses: actions/setup-go@v5
@@ -48,7 +50,7 @@ jobs:
       - name: golangci-lint
         uses: golangci/[email protected]
         with:
-          version: v1.55.2
+          version: v1.59.1
           args: --verbose
       - name: yamllint-lint
         run: yamllint .
@@ -57,7 +59,7 @@ jobs:
     runs-on: ubuntu-22.04
     timeout-minutes: 20
     steps:
-      - uses: actions/[email protected].6
+      - uses: actions/[email protected].7
         with:
           fetch-depth: 1
       - uses: actions/setup-go@v5
@@ -77,18 +79,18 @@ jobs:
         # ubuntu-20.04: cgroup v1, ubuntu-22.04: cgroup v2
         include:
           - ubuntu: 20.04
-            containerd: v1.6.31
+            containerd: v1.6.33
           - ubuntu: 20.04
-            containerd: v1.7.16
+            containerd: v1.7.18
           - ubuntu: 22.04
-            containerd: v1.7.16
+            containerd: v1.7.18
           - ubuntu: 22.04
-            containerd: main
+            containerd: main # v2.0.0-rc.X
     env:
       UBUNTU_VERSION: "${{ matrix.ubuntu }}"
       CONTAINERD_VERSION: "${{ matrix.containerd }}"
     steps:
-      - uses: actions/[email protected].6
+      - uses: actions/[email protected].7
         with:
           fetch-depth: 1
       - name: "Prepare integration test environment"
@@ -118,12 +120,12 @@ jobs:
         # ubuntu-20.04: cgroup v1, ubuntu-22.04: cgroup v2
         include:
           - ubuntu: 22.04
-            containerd: v1.7.16
+            containerd: v1.7.18
     env:
       UBUNTU_VERSION: "${{ matrix.ubuntu }}"
       CONTAINERD_VERSION: "${{ matrix.containerd }}"
     steps:
-      - uses: actions/[email protected].6
+      - uses: actions/[email protected].7
         with:
           fetch-depth: 1
       - name: Enable ipv4 and ipv6 forwarding
@@ -167,35 +169,35 @@ jobs:
         # ubuntu-22.04: cgroup v1, ubuntu-22.04: cgroup v2
         include:
           - ubuntu: 20.04
-            containerd: v1.6.31
+            containerd: v1.6.33
             rootlesskit: v1.1.1
             target: test-integration-rootless
           - ubuntu: 20.04
-            containerd: v1.7.16
+            containerd: v1.7.18
             rootlesskit: v2.1.0
             target: test-integration-rootless
           - ubuntu: 22.04
-            containerd: v1.7.16
+            containerd: v1.7.18
             rootlesskit: v1.1.1
             target: test-integration-rootless
           - ubuntu: 22.04
-            containerd: main
+            containerd: main # v2.0.0-rc.X
             rootlesskit: v2.1.0
             target: test-integration-rootless
           - ubuntu: 20.04
-            containerd: v1.6.31
+            containerd: v1.6.33
             rootlesskit: v1.1.1
             target: test-integration-rootless-port-slirp4netns
           - ubuntu: 20.04
-            containerd: v1.7.16
+            containerd: v1.7.18
             rootlesskit: v2.1.0
             target: test-integration-rootless-port-slirp4netns
           - ubuntu: 22.04
-            containerd: v1.7.16
+            containerd: v1.7.18
             rootlesskit: v1.1.1
             target: test-integration-rootless-port-slirp4netns
           - ubuntu: 22.04
-            containerd: main
+            containerd: main # v2.0.0-rc.X
             rootlesskit: v2.1.0
             target: test-integration-rootless-port-slirp4netns
     env:
@@ -204,7 +206,7 @@ jobs:
       ROOTLESSKIT_VERSION: "${{ matrix.rootlesskit }}"
       TEST_TARGET: "${{ matrix.target }}"
     steps:
-      - uses: actions/[email protected].6
+      - uses: actions/[email protected].7
         with:
           fetch-depth: 1
       - name: "Register QEMU (tonistiigi/binfmt)"
@@ -226,7 +228,7 @@ jobs:
       matrix:
         go-version: ["1.21.x", "1.22.x"]
     steps:
-      - uses: actions/[email protected].6
+      - uses: actions/[email protected].7
         with:
           fetch-depth: 1
       - uses: actions/setup-go@v5
@@ -235,29 +237,39 @@ jobs:
           cache: true
           check-latest: true
       - name: "Cross"
-        run: GO_VERSION="$(echo ${{ matrix.go-version }} | sed -e s/.x//)" make artifacts
+        run: GO_VERSION="$(echo ${{ matrix.go-version }} | sed -e s/.x//)" make binaries
 
   test-integration-docker-compatibility:
     runs-on: ubuntu-22.04
     timeout-minutes: 45
     steps:
-      - uses: actions/[email protected].6
+      - uses: actions/[email protected].7
         with:
           fetch-depth: 1
       - uses: actions/setup-go@v5
         with:
           go-version: ${{ env.GO_VERSION }}
           cache: true
           check-latest: true
-      - name: "Enable BuildKit"
+      - name: "Install Docker v26"
         run: |
           set -eux -o pipefail
+          # Uninstall the preinstalled Docker
+          sudo apt-get remove docker-* containerd.io
           # Enable BuildKit explicitly
           sudo apt-get install -y moreutils
           cat /etc/docker/daemon.json
           jq '.features.buildkit = true' </etc/docker/daemon.json  | sudo sponge /etc/docker/daemon.json
           cat /etc/docker/daemon.json
-          sudo systemctl restart docker
+          # Download Docker packages
+          curl -OSL https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/containerd.io_1.6.33-1_amd64.deb
+          curl -OSL https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/docker-ce_26.1.4-1~ubuntu.22.04~jammy_amd64.deb
+          curl -OSl https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/docker-ce-cli_26.1.4-1~ubuntu.22.04~jammy_amd64.deb
+          curl -OSL https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/docker-buildx-plugin_0.14.1-1~ubuntu.22.04~jammy_amd64.deb
+          curl -OSL https://download.docker.com/linux/ubuntu/dists/jammy/pool/stable/amd64/docker-compose-plugin_2.27.1-1~ubuntu.22.04~jammy_amd64.deb
+          # Install Docker
+          sudo apt-get install -y ./*.deb
+          rm -f ./*.deb
           # Print docker info
           docker info
           docker version
@@ -288,7 +300,7 @@ jobs:
       run:
         shell: bash
     steps:
-      - uses: actions/[email protected].6
+      - uses: actions/[email protected].7
         with:
           fetch-depth: 1
       - uses: actions/setup-go@v5
@@ -297,18 +309,18 @@ jobs:
           cache: true
           check-latest: true
       - run: go install ./cmd/nerdctl
-      - uses: actions/[email protected].6
+      - uses: actions/[email protected].7
         with:
           repository: containerd/containerd
-          ref: v1.7.16
+          ref: v1.7.18
           path: containerd
           fetch-depth: 1
       - name: "Set up CNI"
         working-directory: containerd
         run: GOPATH=$(go env GOPATH) script/setup/install-cni-windows
       - name: "Set up containerd"
         env:
-          ctrdVersion: 1.7.16
+          ctrdVersion: 1.7.18
         run: powershell hack/configure-windows-ci.ps1
       # TODO: Run unit tests
       - name: "Run integration tests"
@@ -320,7 +332,7 @@ jobs:
     timeout-minutes: 20
 
     steps:
-      - uses: actions/[email protected].6
+      - uses: actions/[email protected].7
       - uses: actions/cache@v4
         with:
           path: /root/.vagrant.d
 
@@ -1,7 +1,6 @@
 ---
 run:
   concurrency: 6
-  deadline: 5m
 linters:
   disable-all: true
   enable:
 
@@ -18,26 +18,26 @@
 # TODO: verify commit hash
 
 # Basic deps
-ARG CONTAINERD_VERSION=v1.7.16
-ARG RUNC_VERSION=v1.1.12
-ARG CNI_PLUGINS_VERSION=v1.4.1
+ARG CONTAINERD_VERSION=v2.0.0-rc.3
+ARG RUNC_VERSION=v1.1.13
+ARG CNI_PLUGINS_VERSION=v1.5.1
 
 # Extra deps: Build
-ARG BUILDKIT_VERSION=v0.13.2
+ARG BUILDKIT_VERSION=v0.14.1
 # Extra deps: Lazy-pulling
 ARG STARGZ_SNAPSHOTTER_VERSION=v0.15.1
 # Extra deps: Encryption
-ARG IMGCRYPT_VERSION=v1.1.10
+ARG IMGCRYPT_VERSION=v1.1.11
 # Extra deps: Rootless
 ARG ROOTLESSKIT_VERSION=v2.1.0
-ARG SLIRP4NETNS_VERSION=v1.3.0
+ARG SLIRP4NETNS_VERSION=v1.3.1
 # Extra deps: bypass4netns
 ARG BYPASS4NETNS_VERSION=v0.4.1
 # Extra deps: FUSE-OverlayFS
 ARG FUSE_OVERLAYFS_VERSION=v1.13
 ARG CONTAINERD_FUSE_OVERLAYFS_VERSION=v1.0.8
 # Extra deps: IPFS
-ARG KUBO_VERSION=v0.27.0
+ARG KUBO_VERSION=v0.29.0
 # Extra deps: Init
 ARG TINI_VERSION=v0.19.0
 # Extra deps: Debug
@@ -47,9 +47,9 @@ ARG BUILDG_VERSION=v0.4.1
 ARG GO_VERSION=1.22
 ARG UBUNTU_VERSION=22.04
 ARG CONTAINERIZED_SYSTEMD_VERSION=v0.1.1
-ARG GOTESTSUM_VERSION=v1.11.0
-ARG NYDUS_VERSION=v2.2.4
-ARG SOCI_SNAPSHOTTER_VERSION=0.4.0
+ARG GOTESTSUM_VERSION=v1.12.0
+ARG NYDUS_VERSION=v2.2.5
+ARG SOCI_SNAPSHOTTER_VERSION=0.6.1
 
 FROM --platform=$BUILDPLATFORM tonistiigi/xx:1.4.0 AS xx
 
@@ -65,18 +65,6 @@ ARG TARGETARCH
 RUN xx-apt-get update && \
   xx-apt-get install -y binutils gcc libc6-dev libbtrfs-dev libseccomp-dev
 
-# runc still requires Go 1.21
-# https://github.com/opencontainers/runc/issues/4233
-FROM --platform=$BUILDPLATFORM golang:1.21-bullseye AS build-base-debian-go121
-COPY --from=xx / /
-ENV DEBIAN_FRONTEND=noninteractive
-RUN apt-get update && \
-  apt-get install -y git pkg-config dpkg-dev
-ARG TARGETARCH
-# libseccomp: for runc
-RUN xx-apt-get update && \
-  xx-apt-get install -y binutils gcc libc6-dev libseccomp-dev
-
 FROM build-base-debian AS build-containerd
 ARG TARGETARCH
 ARG CONTAINERD_VERSION
@@ -88,9 +76,7 @@ RUN git checkout ${CONTAINERD_VERSION} && \
 RUN GO=xx-go make STATIC=1 && \
   cp -a bin/containerd bin/containerd-shim-runc-v2 bin/ctr /out/$TARGETARCH
 
-# runc still requires Go 1.21
-# https://github.com/opencontainers/runc/issues/4233
-FROM build-base-debian-go121 AS build-runc
+FROM build-base-debian AS build-runc
 ARG RUNC_VERSION
 ARG TARGETARCH
 RUN git clone https://github.com/opencontainers/runc.git /go/src/github.com/opencontainers/runc
 
@@ -0,0 +1,2 @@
+836208f50ab8856a91aa5bba455b8451bbe261318cbc92e9c0ca3e786135756c  buildkit-v0.14.1.linux-amd64.tar.gz
+e1caad39f0bc5848a5687d7a0e8e344d20724133365596e5d881d8fbe5594b32  buildkit-v0.14.1.linux-arm64.tar.gz
@@ -0,0 +1,2 @@
+57a18478422cb321370e30a5ee6ce026321289cd9c94353ca697dddd7714f1a5  cni-plugins-linux-amd64-v1.5.0.tgz
+ab38507efe50c34bc2242a25c5783c19fdfe0376c65a2a91d48174d4f39f1fc2  cni-plugins-linux-arm64-v1.5.0.tgz
@@ -0,0 +1,2 @@
+77baa2f669980a82255ffa2f2717de823992480271ee778aa51a9c60ae89ff9b  cni-plugins-linux-amd64-v1.5.1.tgz
+c2a292714d0fad98a3491ae43df8ad58354b3c0bdf5d5a3e281777967c70fcff  cni-plugins-linux-arm64-v1.5.1.tgz
@@ -0,0 +1,6 @@
+2dd9aac6c2e3203e53cb7b6e4b9fc7123e4e4a9716c8bb1d95951853059a6af5  slirp4netns-aarch64
+ed618c0f2c74014bb736e9e427e18c8791ad9d68311872a41b06fac0d7cb9ef2  slirp4netns-armv7l
+a10f70209cee0dd0532fea0e8b6bfde5d16dec5206fd4b3387d861721456de66  slirp4netns-ppc64le
+38209015c2f3f4619d9fc46610852887910f33c7a0b96f7d2aa835a7bbc73f31  slirp4netns-riscv64
+9f42718455b1f9cf4b6f0efee314b78e860b8c36dbbb6290f09c8fbedda9ff8a  slirp4netns-s390x
+4bc5d6c311f9fa7ae00ce54aefe10c2afaf0800fe9e99f32616a964ed804a9e1  slirp4netns-x86_64
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+836208f50ab8856a91aa5bba455b8451bbe261318cbc92e9c0ca3e786135756c buildkit-v0.14.1.linux-amd64.tar.gz`
	`2`	`+e1caad39f0bc5848a5687d7a0e8e344d20724133365596e5d881d8fbe5594b32 buildkit-v0.14.1.linux-arm64.tar.gz`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+57a18478422cb321370e30a5ee6ce026321289cd9c94353ca697dddd7714f1a5 cni-plugins-linux-amd64-v1.5.0.tgz`
	`2`	`+ab38507efe50c34bc2242a25c5783c19fdfe0376c65a2a91d48174d4f39f1fc2 cni-plugins-linux-arm64-v1.5.0.tgz`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+77baa2f669980a82255ffa2f2717de823992480271ee778aa51a9c60ae89ff9b cni-plugins-linux-amd64-v1.5.1.tgz`
	`2`	`+c2a292714d0fad98a3491ae43df8ad58354b3c0bdf5d5a3e281777967c70fcff cni-plugins-linux-arm64-v1.5.1.tgz`