containerd 1.5.12
Welcome to the v1.5.12 release of containerd!
The twelfth patch release for containerd 1.5 includes various fixes and updates
along with an updated version of runc.
### Notable Updates
* **Fix inotify fd leak when cgroup is deleted** ([#6961](https://github.com/containerd/containerd/pull/6961))
* **Close fifos when container is deleted in CRI plugin** ([#6857](https://github.com/containerd/containerd/pull/6857))
* **Update unpack to to respect MaxConcurrentDownloads** ([#6774](https://github.com/containerd/containerd/pull/6774))
* **Monitor OOMKill instead of OOM in cgroupv2** ([#6735](https://github.com/containerd/containerd/pull/6735))
* **Make the temp mount as ready only in container WithVolumes** ([#6729](https://github.com/containerd/containerd/pull/6729))
* **Fix deadlock from abandoned transactions in native snapshotter** ([#6726](https://github.com/containerd/containerd/pull/6726))
See the changelog for complete list of changes
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
### Contributors
* Sebastiaan van Stijn
* Phil Estes
* Akihiro Suda
* Derek McGowan
* Wei Fu
* Jeremi Piotrowski
* Kazuyoshi Kato
* Maksym Pavlenko
* Miao Wang
* Mike Brown
* Alexey Ivanov
* Brian Goff
* Henry Wang
* Michael Crosby
* Qiutong Song
* Samuel Ortiz
* Tõnis Tiigi
* chenxiaoyu
* linrunlong
* ningmingxiao
* zounengren
### Changes
<details><summary>34 commits</summary>
<p>
* Prepare release notes for v1.5.12 ([#7019](https://github.com/containerd/containerd/pull/7019))
* [`5a55f1efc`](https://github.com/containerd/containerd/commit/5a55f1efcfb3f8775399f960e7b6bb5921b5699a) Prepare release notes for v1.5.12
* [release/1.5] update golang to 1.17.11 ([#7014](https://github.com/containerd/containerd/pull/7014))
* [`3f61d5ed4`](https://github.com/containerd/containerd/commit/3f61d5ed4fe148e506db79aabad08106cf12290d) [release/1.5] update golang to 1.17.11
* [release/1.5] archive: add human-readable hint to Lchown error ([#6986](https://github.com/containerd/containerd/pull/6986))
* [`f67de000d`](https://github.com/containerd/containerd/commit/f67de000dc26f34ae088d8db7c5d936375c6ba61) archive: add human-readable hint to Lchown error
* [release/1.5] config: improve config v1 deprecation message ([#6981](https://github.com/containerd/containerd/pull/6981))
* [`4c98768bd`](https://github.com/containerd/containerd/commit/4c98768bd4c6299c111eac04adf32597824a05f4) config: improve config v1 deprecation message
* [release/1.5] upgrade containerd/cgroups to v1.0.3 ([#6961](https://github.com/containerd/containerd/pull/6961))
* [`f890c79fd`](https://github.com/containerd/containerd/commit/f890c79fd4b0826fec2ff92c40d6107ddc2311ff) [release/1.5] upgrade containerd/cgroups to v1.0.3
* [release/1.5] update golang to 1.17.10, golang.org/x/sys v0.0.0-20220412211240-33da011f77ad ([#6928](https://github.com/containerd/containerd/pull/6928))
* [`9f6e1864c`](https://github.com/containerd/containerd/commit/9f6e1864cd367b6ea50280943637da665772603f) [release/1.5] vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad
* [`c00476595`](https://github.com/containerd/containerd/commit/c00476595fb5f5ec65f4c6e2e943aea9ea15fd74) [release/1.5] update golang to 1.17.10
* [release/1.5 backport] update runc binary to v1.1.2 ([#6935](https://github.com/containerd/containerd/pull/6935))
* [`c2f793349`](https://github.com/containerd/containerd/commit/c2f7933497a06ddc407b1cd189cfeac49388f332) update runc binary to v1.1.2
* [release/1.5] cherry-pick: Allow git commands in Vagrantfile ([#6943](https://github.com/containerd/containerd/pull/6943))
* [`1f9900830`](https://github.com/containerd/containerd/commit/1f9900830a7f886c73cb50db6a8bb941b1b0b949) Allow git commands in Vagrantfile
* [release/1.5] cri: close fifos when container is deleted ([#6857](https://github.com/containerd/containerd/pull/6857))
* [`689b342c1`](https://github.com/containerd/containerd/commit/689b342c1d6a5388f149721a5afb55d03837b41d) cri: close fifos when container is deleted
* [release/1.5] update golang to 1.17.9 ([#6824](https://github.com/containerd/containerd/pull/6824))
* [`65aad9d93`](https://github.com/containerd/containerd/commit/65aad9d9326882909bb7fe4a19f6ec9bc1e0a079) [release/1.5] update golang to 1.17.9
* [release/1.5] check for duplicate nspath possibilities ([#6814](https://github.com/containerd/containerd/pull/6814))
* [`283058cd6`](https://github.com/containerd/containerd/commit/283058cd6973a51e0acb48557e03312887d9ba72) check for duplicate nspath possibilities
* [release/1.5] fix #6054 MaxConcurrentDownloads is not effect when Unpack is true ([#6774](https://github.com/containerd/containerd/pull/6774))
* [`4dbd0c851`](https://github.com/containerd/containerd/commit/4dbd0c851b9b0cb0d8b02c44d72c311a25a2512a) fix #6054 MaxConcurrentDownloads is not effect when Unpack is true
* [release/1.5 backport] update runc binary to v1.1.1 ([#6770](https://github.com/containerd/containerd/pull/6770))
* [`ef56dcafc`](https://github.com/containerd/containerd/commit/ef56dcafc32d67e750b89fdb5ee24d0c7ffa9608) update runc binary to v1.1.1
* [`b8ab8dd3f`](https://github.com/containerd/containerd/commit/b8ab8dd3fbd5b7020fe29d6d26d8d6a987215f5a) update runc binary to v1.1.0
* [release/1.5 backport] Make the temp mount as ready only in container WithVolumes ([#6729](https://github.com/containerd/containerd/pull/6729))
* [`05b04a1a3`](https://github.com/containerd/containerd/commit/05b04a1a36da8c94bb6a7af639a3059d01bea5e4) Make the temp mount as ready only in container WithVolumes
* [release/1.5 backport] native: fix deadlock from leaving transactions open ([#6726](https://github.com/containerd/containerd/pull/6726))
* [`603ef55e0`](https://github.com/containerd/containerd/commit/603ef55e0e696b382ad08d83168d608f54f1b6e2) native: fix deadlock from leaving transactions open
* [release/1.5 backport] cgroup2: monitor OOMKill instead of OOM to prevent missing container events ([#6735](https://github.com/containerd/containerd/pull/6735))
* [`1c68f5037`](https://github.com/containerd/containerd/commit/1c68f50378b3562e7497d42973ba610945c4bc66) cgroup2: monitor OOMKill instead of OOM to prevent missing container OOM events
</p>
</details>
### Changes from containerd/cgroups
<details><summary>33 commits</summary>
<p>
* v2: Fix inotify fd leak when cgroup is deleted ([#212](https://github.com/containerd/cgroups/pull/212))
* [`a7d6888`](https://github.com/containerd/cgroups/commit/a7d6888aa30218c8aff15d979eb3f6aec0b7979c) v2: add test case for Manager.EventChan() behavior
* [`cf1f978`](https://github.com/containerd/cgroups/commit/cf1f978b93bf784118d3ab7dec6a47b8204918c2) v2: flip error handling for readKVStat("memory.events") to reduce indentation
* [`6a46df2`](https://github.com/containerd/cgroups/commit/6a46df25065d551a8d998495c34263354c84f2c1) v2: manager: factor out memory.events parsing
* [`35b5b55`](https://github.com/containerd/cgroups/commit/35b5b55c686080de64facf127d6d6a5ca9a0fe6b) v2: Fix inotify leak when cgroup is deleted
* fix Implicit memory aliasing in for loop ([#214](https://github.com/containerd/cgroups/pull/214))
* [`182c3af`](https://github.com/containerd/cgroups/commit/182c3afa53b8cccce0611cca9dee46410c4f82f7) fix Implicit memory aliasing in for loop
* Fix potential dirfd leak. ([#210](https://github.com/containerd/cgroups/pull/210))
* [`17fece8`](https://github.com/containerd/cgroups/commit/17fece81870ef8aa1a31f05210b8f425e37038a0) Fix potential dirfd leak.
* cgroup: Optionally add process and task to a subsystems subset ([#203](https://github.com/containerd/cgroups/pull/203))
* [`80a7821`](https://github.com/containerd/cgroups/commit/80a7821536fc82757f390f8d65693074bd3ef8e4) cgroup: Optionally add process and task to a subsystems subset
* replace pkg/errors from vendor ([#208](https://github.com/containerd/cgroups/pull/208))
* [`0072297`](https://github.com/containerd/cgroups/commit/0072297e4547d623094fc68b0df41eef364d1747) replace pkg/errors from vendor
* cgroup.go: avoid panic on nil interface ([#207](https://github.com/containerd/cgroups/pull/207))
* [`d55de5d`](https://github.com/containerd/cgroups/commit/d55de5d2af9a3616eb758e393a2170a1421155c1) cgroup.go: avoid panic on nil interface
* Improvements on cgroup v2 support ([#204](https://github.com/containerd/cgroups/pull/204))
* [`73a8516`](https://github.com/containerd/cgroups/commit/73a8516e7f0f45fe9931d02cc57ff6059202f553) cgroupv2: reset lastErr to nil when subtree control is successfully written
* [`2ca92c5`](https://github.com/containerd/cgroups/commit/2ca92c515038c7a30c1998dbe29a87873b98a3b3) cgroupv2: enable controllers before setting resources in NewChild()
* v2: remove unimplemented errors and ErrorHandler, IgnoreNotExist ([#201](https://github.com/containerd/cgroups/pull/201))
* [`db173a8`](https://github.com/containerd/cgroups/commit/db173a86bea843700360e7061c6f8d3869d13363) v2: remove ErrorHandler and IgnoreNotExist as they are not implemented
* [`b19a60d`](https://github.com/containerd/cgroups/commit/b19a60d64d89b858b3c2bee4a04fb7f70642ffce) v2: remove errors that are never returned
* v1: reduce duplicated code ([#202](https://github.com/containerd/cgroups/pull/202))
* [`4fe70f3`](https://github.com/containerd/cgroups/commit/4fe70f3edc256fc2345d5f8f8a54e2f4e96f271e) v1: reduce duplicated code
* cgroup v1: implement AddProc() ([#200](https://github.com/containerd/cgroups/pull/200))
* [`6659093`](https://github.com/containerd/cgroups/commit/66590933215fb7b0c9f9ffd39e9946ab510d7679) cgroup v1: implement AddProc()
* Rename branch from master to main ([#199](https://github.com/containerd/cgroups/pull/199))
* [`7254c12`](https://github.com/containerd/cgroups/commit/7254c1242cee46d1c37bf3da2151eed571879b5c) Rename branch from master to main
* utils: export ParseCgroupFile() ([#197](https://github.com/containerd/cgroups/pull/197))
* [`23b5120`](https://github.com/containerd/cgroups/commit/23b51209bf7bd11941d5613119309b11029e8373) utils: export ParseCgroupFile()
* go.mod: coreos/go-systemd/v22 v22.3.2 to prepare for deprecations ([#194](https://github.com/containerd/cgroups/pull/194))
* [`f8918cf`](https://github.com/containerd/cgroups/commit/f8918cf2d923b7003970ce99bb29545f2f34b531) go.mod: coreos/go-systemd/v22 v22.3.2 to prepare for deprecations
* Use /proc/partitions to get device names ([#195](https://github.com/containerd/cgroups/pull/195))
* [`1a4509d`](https://github.com/containerd/cgroups/commit/1a4509dd06454dc765aed7f62cb26531416ffce3) Use /proc/partitions to get device names
</p>
</details>
### Dependency Changes
* **github.com/containerd/cgroups** v1.0.1 -> v1.0.3
* **github.com/stretchr/testify** v1.6.1 -> v1.7.0
* **golang.org/x/net** e18ecbb05110 -> a5a99cb37ef4
* **golang.org/x/sync** 09787c993a3a -> 036812b2e83c
* **golang.org/x/sys** d19ff857e887 -> 33da011f77ad
Previous release can be found at [v1.5.11](https://github.com/containerd/containerd/releases/tag/v1.5.11)