Skip to content

[release/1.3 backport] Update to Golang 1.13.8 #4069

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
estesp merged 9 commits into from
Feb 27, 2020
Merged

[release/1.3 backport] Update to Golang 1.13.8 #4069

estesp merged 9 commits into from
Feb 27, 2020

Conversation

@thaJeztah
Copy link
Member

@thaJeztah thaJeztah commented Feb 27, 2020

Go 1.14 has been released, which means that Go 1.12 reached EOL, so updating supported branches to Go 1.13

This pull request backports updates to Golang 1.13 and related changes.

I first reverted the intermediate 1.12.x updates in the branch, then cherry-picked
each bump from master; doing so to preserve the commit message from those, and
to make sure we didn't miss changes associated with each Go update.

Updates to .github/workflows/nightly.yml, were ignored, because that file is not
not in the 1.3 branch.

backports of:

No conflicts, other than the missing .github/workflows/nightly.yml mentioned above.

Cherry-picks done;

Details 
# revert https://github.com/containerd/containerd/pull/4030 [release/1.3] Update Golang 1.12.17
git revert -s -S 6a3416449ee8dbc1ccc01887108465435c38b6bb

# revert golang bump from https://github.com/containerd/containerd/pull/3989 [release/1.3] Update Golang 1.12.16, x/crypto (CVE-2020-0601, CVE-2020-7919)
git revert -s -S d1e31f9f2deadc1816da1bfcdf0dbff85818a28d

# revert https://github.com/containerd/containerd/pull/3967 [release/1.3] Update Golang 1.12.15
git revert -s -S 72d9dd9bb42d2fbe7d49197a9ef4737ddd47d223

# revert https://github.com/containerd/containerd/pull/3917 [release/1.3] Update Golang 1.12.14
git revert -s -S f4824d5a6109362dad8abff552193f7ff08d9e2e

# https://github.com/containerd/containerd/pull/3620 Update to Golang 1.13.4
git cherry-pick -s -S -x 608791bfc34ead497cdae9851a572fc78552a864

# https://github.com/containerd/containerd/pull/3916 Bump golang 1.13.5
git cherry-pick -s -S -x c07e356d293895fa52f7dd215922861291d3d799

# https://github.com/containerd/containerd/pull/3969 Update Golang 1.13.6
git cherry-pick -s -S -x 94964b36d0248257743615a5e3bff0bea301d55c

# https://github.com/containerd/containerd/pull/3987 Update Golang 1.13.7, x/crypto (CVE-2020-0601, CVE-2020-7919)
git cherry-pick -s -S -x 32ba75f0fbfe47ad94e7c7daccc9f31efd0b2db2

# https://github.com/containerd/containerd/pull/4032 Update Golang 1.13.8
git cherry-pick -s -S -x 499ab8a99ad489fb911557f4ea7ffd33173ed65b

@thaJeztah
Revert "Update Golang 1.12.17"
b9254dd 
This reverts commit 6a34164.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
@thaJeztah
Revert "Update Golang 1.12.16 (CVE-2020-0601, CVE-2020-7919)"
dde0ab6 
This reverts commit d1e31f9.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
@thaJeztah
Revert "Update Golang 1.12.15"
0dbc3d1 
This reverts commit 72d9dd9.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
@thaJeztah
Revert "Update Golang 1.12.14"
bde860b 
This reverts commit f4824d5.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
@thaJeztah
Update to Golang 1.13.4
d8b28e8 
go1.13.4 (released 2019/10/31) includes fixes to the net/http and syscall
packages. It also fixes an issue on macOS 10.15 Catalina where the non-
notarized installer and binaries were being rejected by Gatekeeper.
See the Go 1.13.4 milestone on the issue tracker for details:
https://github.com/golang/go/issues?q=milestone%3AGo1.13.4

Update to Golang 1.13.3:

go1.13.3 (released 2019/10/17) includes fixes to the go command, the toolchain,
the runtime, syscall, net, net/http, and crypto/ecdsa packages. See the Go
1.13.3 milestone on the issue tracker for details:
https://github.com/golang/go/issues?q=milestone%3AGo1.13.3

Update to Golang 1.13.2:

go1.13.2 (released 2019/10/17) includes security fixes to the crypto/dsa
package and the compiler. See the Go 1.13.2 milestone on the issue tracker
for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.13.2

Update to Golang 1.13.1:

go1.13.1 (released 2019/09/25) includes security fixes to the
net/http and net/textproto packages. See the Go 1.13.1 milestone
on the issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.13.1

Update to Golang 1.13.0:

Full diff: golang/go@go1.12.9...go1.13
Milestone: https://github.com/golang/go/milestone/83?closed=1

Today the Go team is very happy to announce the release of Go 1.13. You can get it
from the download page.

Some of the highlights include:

- The go command now downloads and authenticates modules using the Go module
  mirror and Go checksum database by default (https://golang.org/doc/go1.13#introduction)
- Improvements to number literals (https://golang.org/doc/go1.13#language)
- Error wrapping (https://golang.org/doc/go1.13#error_wrapping)
- TLS 1.3 on by default (https://golang.org/doc/go1.13#tls_1_3)
- Improved modules support (https://golang.org/doc/go1.13#modules)

For the complete list of changes and more information about the improvements above,
see the Go 1.13 release notes: https://golang.org/doc/go1.13

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 608791b)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
@thaJeztah
Update Golang 1.13.5
60596e5 
go1.13.5 (released 2019/12/04) includes fixes to the go command, the runtime, the
linker, and the net/http package. See the Go 1.13.5 milestone on our issue tracker
for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.13.5+label%3ACherryPickApproved

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit c07e356)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
@thaJeztah
Update Golang 1.13.6
420a25f 
full diff: golang/go@go1.13.5...go1.13.6

go1.13.6 (released 2020/01/09) includes fixes to the runtime and the net/http
package. See the Go 1.13.6 milestone on the issue tracker for details.

https://github.com/golang/go/issues?q=milestone%3AGo1.13.6+label%3ACherryPickApproved

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 94964b3)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
@thaJeztah
Update Golang 1.13.7 (CVE-2020-0601, CVE-2020-7919)
b512c23 
full diff: golang/go@go1.13.6...go1.13.7

go1.13.7 (released 2020/01/28) includes two security fixes. One mitigates
the CVE-2020-0601 certificate verification bypass on Windows. The other affects
only 32-bit architectures.

https://github.com/golang/go/issues?q=milestone%3AGo1.13.7+label%3ACherryPickApproved

- X.509 certificate validation bypass on Windows 10
  A Windows vulnerability allows attackers to spoof valid certificate chains when
  the system root store is in use. These releases include a mitigation for Go
  applications, but it’s strongly recommended that affected users install the
  Windows security update to protect their system.
  This issue is CVE-2020-0601 and Go issue golang.org/issue/36834.
- Panic in crypto/x509 certificate parsing and golang.org/x/crypto/cryptobyte
  On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1 parsing
  functions of golang.org/x/crypto/cryptobyte can lead to a panic.
  The malformed certificate can be delivered via a crypto/tls connection to a
  client, or to a server that accepts client certificates. net/http clients can
  be made to crash by an HTTPS server, while net/http servers that accept client
  certificates will recover the panic and are unaffected.
  Thanks to Project Wycheproof for providing the test cases that led to the
  discovery of this issue. The issue is CVE-2020-7919 and Go issue golang.org/issue/36837.
  This is also fixed in version v0.0.0-20200124225646-8b5121be2f68 of golang.org/x/crypto/cryptobyte.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 32ba75f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
@thaJeztah
Update Golang 1.13.8
59e7ae1 
full diff: golang/go@go1.13.7...go1.13.8

go1.13.8 (released 2020/02/12) includes fixes to the runtime, the crypto/x509,
and net/http packages. See the Go 1.13.8 milestone on the issue tracker for details.

https://github.com/golang/go/issues?q=milestone%3AGo1.13.8+label%3ACherryPickApproved

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 499ab8a)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
@theopenlab-ci
Copy link

theopenlab-ci bot commented Feb 27, 2020

Build succeeded.

@thaJeztah thaJeztah marked this pull request as ready for review February 27, 2020 13:35
@codecov-io
Copy link

codecov-io commented Feb 27, 2020

Codecov Report

Merging #4069 into release/1.3 will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@             Coverage Diff              @@
##           release/1.3    #4069   +/-   ##
============================================
  Coverage        42.46%   42.46%           
============================================
  Files              129      129           
  Lines            14355    14355           
============================================
  Hits              6096     6096           
  Misses            7364     7364           
  Partials           895      895
Flag Coverage Δ
#linux 45.97% <ø> (ø) ⬆️
#windows 37.5% <ø> (ø) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 449e926...59e7ae1. Read the comment docs.

estesp
estesp approved these changes Feb 27, 2020
View reviewed changes
Copy link
Member

@estesp estesp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@estesp estesp merged commit b955b14 into containerd:release/1.3 Feb 27, 2020
@thaJeztah thaJeztah deleted the 1.3_backport_bump_golang_1.13 branch February 27, 2020 18:50
kevpar added a commit to kevpar/containerd that referenced this pull request Oct 26, 2020
@kevpar
Merge tag 'v1.3.4' into fork/release/1.3
158c4c0 
containerd 1.3.4

Welcome to the v1.3.4 release of containerd!

The fourth patch release for `containerd` 1.3 adds `NOTIFY_SOCKET` support, improves shim loggers shutdown
behavior and includes a few bug fixes related to incorrect FIFO clean up and dangling shims.

* Improve host fallback behaviour in docker remote [containerd#4007](containerd#4007)
* Cleanup dangling shim by brand new context [containerd#4054](containerd#4054)
* Support notify socket [containerd#4104](containerd#4104)
* Correct logic of FIFO cleanup [containerd#4150](containerd#4150)
* Rework shim logger shutdown process [containerd#4166](containerd#4166)
* Man page fixes [containerd#4144](containerd#4144)
* Bump Golang 1.13.10 [containerd#4170](containerd#4170)
* sys/mount_linux: use pipe for communicating mount result [containerd#4171](containerd#4171)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

* Sebastiaan van Stijn
* Phil Estes
* Maksym Pavlenko
* Wei Fu
* Michael Crosby
* Derek McGowan
* Davanum Srinivas
* Alex Price
* Chris C
* Erik Sipsma
* Haitao Li
* Josh Dolitsky
* Lantao Liu
* Mike Brown
* Salvador Fuentes
* Ted Yu
* Ulysses Souza

* [`814b7956fa`](containerd@814b795) Merge pull request  [containerd#4167](containerd#4167) from mxpv/prepare-1.3.4
* [`1f0a4fd60d`](containerd@1f0a4fd) Prepare release 1.3.4
* [`3801f2f1f3`](containerd@3801f2f) Merge pull request  [containerd#4187](containerd#4187) from mxpv/release/1.3
* [`910dfcd727`](containerd@910dfcd) Vendor containerd/cgroups 9f1c62dddf4bc7cc72822ebe353bae7006141b1b
* [`60bc128245`](containerd@60bc128) Merge pull request  [containerd#4190](containerd#4190) from mxpv/ci-fix
* [`7a57e50778`](containerd@7a57e50) Fix protobuild
* [`b3b3ea60ac`](containerd@b3b3ea6) Merge pull request  [containerd#4181](containerd#4181) from dmcgowan/1.3-revert-git-sha-pin
* [`e9836d9539`](containerd@e9836d9) Revert pin vendors by git sha
* [`0e625fc987`](containerd@0e625fc) Merge pull request  [containerd#4171](containerd#4171) from thaJeztah/1.3_backport_forkmount_use_pipe_instead_wait4
* [`d3d7a0d57f`](containerd@d3d7a0d) Merge pull request  [containerd#4172](containerd#4172) from thaJeztah/1.3_backport_update_go_events
* [`76c6afbe23`](containerd@76c6afb) Merge pull request  [containerd#4170](containerd#4170) from thaJeztah/1.3_backport_bump_golang_1.13
* [`7d41344804`](containerd@7d41344) vendor: update go-events to fix alignment for 32bit systems
* [`d70d0f1a99`](containerd@d70d0f1) sys/mount_linux: use pipe for communicating mount result
* [`ec5e25d065`](containerd@ec5e25d) Bump Golang 1.13.10
* [`8b79d600f8`](containerd@8b79d60) Bump Golang 1.13.9
* [`13ac9e74c4`](containerd@13ac9e7) Merge pull request  [containerd#4166](containerd#4166) from mxpv/release/1.3
* [`c95854caca`](containerd@c95854c) Rework shim logger shutdown process
* [`7665b4d7fd`](containerd@7665b4d) Merge pull request  [containerd#4158](containerd#4158) from thaJeztah/1.3_revert_bump_bolt
* [`782a4619ce`](containerd@782a461) Revert "vendor: update go.etcd.io/bbolt v1.3.4"
* [`0b27d9364c`](containerd@0b27d93) Merge pull request  [containerd#4150](containerd#4150) from thaJeztah/1.3_backport_no_del_rootdir_ios
* [`114bbed34e`](containerd@114bbed) Merge pull request  [containerd#4148](containerd#4148) from thaJeztah/1.3_backport_bump_console
* [`064ace5914`](containerd@064ace5) Merge pull request  [containerd#4147](containerd#4147) from thaJeztah/1.3_backport_bump_bbolt
* [`fd2c9e381d`](containerd@fd2c9e3) Correct logic of FIFO cleanup
* [`ab89e63c6d`](containerd@ab89e63) Move isFifo from process/io to sys/ and make public
* [`5e9289d4e5`](containerd@5e9289d) Add version numbers for newly tagged repos
* [`4584e7188d`](containerd@4584e71) Update containerd/console vendor for fix
* [`af94dd5f2f`](containerd@af94dd5) Bump containerd console for os.File changes
* [`f74d8a02dd`](containerd@f74d8a0) vendor: update go.etcd.io/bbolt v1.3.4
* [`62b6623a7a`](containerd@62b6623) Merge pull request  [containerd#4143](containerd#4143) from thaJeztah/1.3_reformat_vendor
* [`eac9dc265c`](containerd@eac9dc2) Merge pull request  [containerd#4144](containerd#4144) from thaJeztah/1.3_backport_fix_manpages
* [`57f41a2aad`](containerd@57f41a2) man: move ctr.1, containerd-config to section 8, and fix generation
* [`d1c534916b`](containerd@d1c5349) Makefile: man page: rename containerd.1 to containerd.8
* [`359470201d`](containerd@3594702) vendor.conf: reformat to use columns, and pin by git-commit
* [`001eb3f9af`](containerd@001eb3f) vendor: sort and group vendor.conf
* [`3a4acfbc99`](containerd@3a4acfb) Merge pull request  [containerd#4126](containerd#4126) from chavafg/topic/vendor-cri-1.3
* [`52ca69eb14`](containerd@52ca69e) vendor containerd/cri f864905c93b97db15503c217dc9a43eb65670b53
* [`be54fd9f08`](containerd@be54fd9) Merge pull request  [containerd#4104](containerd#4104) from dims/backport-notify-socket-support
* [`3dc58c824f`](containerd@3dc58c8) avoiding bumping go-systemd dependency
* [`f714035202`](containerd@f714035) Support NOTIFY_SOCKET
* [`b955b149f6`](containerd@b955b14) Merge pull request  [containerd#4069](containerd#4069) from thaJeztah/1.3_backport_bump_golang_1.13
* [`50e5e156ca`](containerd@50e5e15) Merge pull request  [containerd#4065](containerd#4065) from thaJeztah/1.3_backport_namespace_path
* [`59e7ae1993`](containerd@59e7ae1) Update Golang 1.13.8
* [`b512c23a47`](containerd@b512c23) Update Golang 1.13.7 (CVE-2020-0601, CVE-2020-7919)
* [`420a25f120`](containerd@420a25f) Update Golang 1.13.6
* [`60596e52eb`](containerd@60596e5) Update Golang 1.13.5
* [`d8b28e86bc`](containerd@d8b28e8) Update to Golang 1.13.4
* [`bde860b04e`](containerd@bde860b) Revert "Update Golang 1.12.14"
* [`0dbc3d1fcf`](containerd@0dbc3d1) Revert "Update Golang 1.12.15"
* [`dde0ab66c5`](containerd@dde0ab6) Revert "Update Golang 1.12.16 (CVE-2020-0601, CVE-2020-7919)"
* [`b9254dd4cd`](containerd@b9254dd) Revert "Update Golang 1.12.17"
* [`c090014b44`](containerd@c090014) fix killall when use pidnamespace
* [`449e926990`](containerd@449e926) Merge pull request  [containerd#4054](containerd#4054) from fuweid/cp13-4048
* [`e71c7d0d27`](containerd@e71c7d0) bugfix: cleanup dangling shim by brand new context
* [`2d8cc40512`](containerd@2d8cc40) Merge pull request  [containerd#4038](containerd#4038) from thaJeztah/1.3_update_mailmap
* [`a2d1cbf627`](containerd@a2d1cbf) Update .mailmap with changes from master
* [`5811bc9702`](containerd@5811bc9) Merge pull request  [containerd#4036](containerd#4036) from fuweid/cp13-246a560e
* [`de5b1b83ba`](containerd@de5b1b8) script: use github.com/kubernetes-sigs/cri-tools directly
* [`2bd094daec`](containerd@2bd094d) Merge pull request  [containerd#4030](containerd#4030) from thaJeztah/1.3_bump_golang_1.12.17
* [`6a3416449e`](containerd@6a34164) Update Golang 1.12.17
* [`9fcd35a786`](containerd@9fcd35a) Merge pull request  [containerd#4029](containerd#4029) from estesp/cp-1.3-4022
* [`571a231e07`](containerd@571a231) Merge pull request  [containerd#4027](containerd#4027) from estesp/cp-1.3-4017
* [`9a428a3c9e`](containerd@9a428a3) Fix incorrect comment from copy/paste of starting script
* [`09b3b4fcc8`](containerd@09b3b4f) Set octet-stream content-type on put request
* [`c4697a803e`](containerd@c4697a8) Merge pull request  [containerd#4007](containerd#4007) from awprice/issue-3868-backport
* [`37b9a347a2`](containerd@37b9a34) Improve host fallback behaviour in docker remote

* [`9f1c62d`](containerd/cgroups@9f1c62d) Merge pull request  [containerd#156](containerd/cgroups#156) from mxpv/bug-fix
* [`6725ffd`](containerd/cgroups@6725ffd) [release/1.1 backport] throttle.* metrics must be kept for non-CFQ schedulers

* [`8375c34`](containerd/console@8375c34) Merge pull request  [#34](containerd/console#34) from sipsma/close-once
* [`38c5469`](containerd/console@38c5469) Only close epoller FD at most once.
* [`02ecf6a`](containerd/console@02ecf6a) Merge pull request  [#33](containerd/console#33) from ulyssessouza/add-file-interface
* [`f652dc3`](containerd/console@f652dc3) Add File interface instead of using os.File
* [`53a0f1d`](containerd/console@53a0f1d) Merge pull request  [#32](containerd/console#32) from estesp/check-vendor
* [`6214f20`](containerd/console@6214f20) Add vendor check now that content is vendored
* [`4b1ac2b`](containerd/console@4b1ac2b) Merge pull request  [#31](containerd/console#31) from TwinProduction/master
* [`55928bd`](containerd/console@55928bd) Enable vendoring

* [`f864905c`](containerd/cri@f864905) Merge pull request  [containerd#1420](containerd/cri#1420) from chavafg/topic/fix-tests-go1.13
* [`98a694ed`](containerd/cri@98a694e) Fix integration test for golang 1.13

* **github.com/containerd/cgroups**  c4b9ac5 -> 9f1c62dddf4b
* **github.com/containerd/console**  0650fd9eeb50 -> v1.0.0
* **github.com/containerd/cri**      50b9e10ea54a -> f864905c93b9
* **github.com/docker/go-events**    9461782956ad -> e31b211e4f1c

Previous release can be found at [v1.3.3](https://github.com/containerd/containerd/releases/tag/v1.3.3)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@estesp estesp estesp approved these changes

@AkihiroSuda AkihiroSuda AkihiroSuda approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@thaJeztah @codecov-io @estesp @AkihiroSuda