ff3bcb3eda
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker-stable?expand=0&rev=12
115 lines
5.3 KiB
Plaintext
115 lines
5.3 KiB
Plaintext
-------------------------------------------------------------------
|
|
Wed Dec 11 10:14:56 UTC 2024 - Aleksa Sarai <asarai@suse.com>
|
|
|
|
- Update docker-buildx to v0.19.2. See upstream changelog online at
|
|
<https://github.com/docker/buildx/releases/tag/v0.19.2>.
|
|
|
|
Some notable changelogs from the last update:
|
|
* <https://github.com/docker/buildx/releases/tag/v0.19.0>
|
|
* <https://github.com/docker/buildx/releases/tag/v0.18.0>
|
|
- Update to Go 1.22.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 11 05:39:42 UTC 2024 - Aleksa Sarai <asarai@suse.com>
|
|
|
|
- Add a new toggle file /etc/docker/suse-secrets-enable which allows users to
|
|
disable the SUSEConnect integration with Docker (which creates special mounts
|
|
in /run/secrets to allow container-suseconnect to authenticate containers
|
|
with registries on registered hosts). bsc#1231348 bsc#1232999
|
|
|
|
In order to disable these mounts, just do
|
|
|
|
echo 0 > /etc/docker/suse-secrets-enable
|
|
|
|
and restart Docker. In order to re-enable them, just do
|
|
|
|
echo 1 > /etc/docker/suse-secrets-enable
|
|
|
|
and restart Docker. Docker will output information on startup to tell you
|
|
whether the SUSE secrets feature is enabled or not.
|
|
|
|
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 27 12:10:42 UTC 2024 - Aleksa Sarai <asarai@suse.com>
|
|
|
|
- Disable docker-buildx builds for SLES. It turns out that build containers
|
|
with docker-buildx don't currently get the SUSE secrets mounts applied,
|
|
meaning that container-suseconnect doesn't work when building images.
|
|
bsc#1233819
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 20 05:34:38 UTC 2024 - Aleksa Sarai <asarai@suse.com>
|
|
|
|
- Add docker-integration-tests-devel subpackage for building and running the
|
|
upstream Docker integration tests on machines to test that Docker works
|
|
properly. Users should not install this package.
|
|
- docker-rpmlintrc updated to include allow-list for all of the integration
|
|
tests package, since it contains a bunch of stuff that wouldn't normally be
|
|
allowed.
|
|
- Rebased patches:
|
|
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
|
|
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
|
|
* 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
|
|
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
|
|
* 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch
|
|
* 0006-CVE-2024-23653-update-buildkit-to-include-CVE-patche.patch
|
|
* 0007-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
|
|
* 0008-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch
|
|
* 0009-CVE-2024-41110-AuthZ-plugin-securty-fixes.patch
|
|
- Added patches:
|
|
+ 0010-TESTS-backport-fixes-for-integration-tests.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 12 06:34:28 UTC 2024 - Aleksa Sarai <asarai@suse.com>
|
|
|
|
- Remove DOCKER_NETWORK_OPTS from docker.service. This was removed from
|
|
sysconfig a long time ago, and apparently this causes issues with systemd in
|
|
some cases.
|
|
- Update --add-runtime to point to correct binary path.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 16 22:24:52 UTC 2024 - Aleksa Sarai <asarai@suse.com>
|
|
|
|
- Further merge docker and docker-stable specfiles to minimise the differences.
|
|
The main thing is that we now include both halves of the
|
|
Conflicts/Provides/Obsoletes dance in both specfiles.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 16 05:37:14 UTC 2024 - Aleksa Sarai <asarai@suse.com>
|
|
|
|
- Update to docker-buildx v0.17.1 to match standalone docker-buildx package we
|
|
are replacing. See upstream changelog online at
|
|
<https://github.com/docker/buildx/releases/tag/v0.17.1>
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Sep 7 13:10:30 UTC 2024 - Aleksa Sarai <asarai@suse.com>
|
|
|
|
- Import specfile changes for docker-buildx as well as the changes to help
|
|
reduce specfile differences between docker-stable and docker. bsc#1230331
|
|
bsc#1230333
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 14 03:21:00 UTC 2024 - Aleksa Sarai <asarai@suse.com>
|
|
|
|
- Backport patch for CVE-2024-41110. bsc#1228324
|
|
+ 0009-CVE-2024-41110-AuthZ-plugin-securty-fixes.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jun 16 04:18:11 UTC 2024 - Aleksa Sarai <asarai@suse.com>
|
|
|
|
- Initial docker-stable release, forked from Docker 24.0.6-ce release
|
|
(packaged on 2023-10-11).
|
|
- Update to Docker 24.0.9-ce, which is the latest version of the 24.0.x branch.
|
|
It seems likely this will be the last upstream version of the 24.0.x branch
|
|
(it seems Mirantis is going to do LTS for 23.0.x, not 24.0.x).
|
|
<https://docs.docker.com/engine/release-notes/24.0/#2409>
|
|
- Fix BuildKit's symlink resolution logic to correctly handle non-lexical
|
|
symlinks. Backport of <https://github.com/moby/buildkit/pull/4896> and
|
|
<https://github.com/moby/buildkit/pull/5060>. bsc#1221916
|
|
+ 0007-bsc1221916-update-to-patched-buildkit-version-to-fix.patch
|
|
- Write volume options atomically so sudden system crashes won't result in
|
|
future Docker starts failing due to empty files. Backport of
|
|
<https://github.com/moby/moby/pull/48034>. bsc#1214855
|
|
+ 0008-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch
|