Initial package

2022-06-01 13:43:29 +03:00 · 2022-06-01 13:43:29 +03:00 · d9ff1acbc8
commit d9ff1acbc8
5 changed files with 517 additions and 0 deletions
--- a/.containerd.metadata
+++ b/.containerd.metadata
@ -0,0 +1 @@
+7fd5360e934e834c7b57e123b9b5d18b7414606f SOURCES/containerd-1.6.4.tar
--- a/SOURCES/0001-Revert-commit-for-Windows-metrics.patch
+++ b/SOURCES/0001-Revert-commit-for-Windows-metrics.patch
@ -0,0 +1,157 @@
+From beb23ffb0624b40b2ee1bc56730e54943bd3020f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Robert-Andr=C3=A9=20Mauchin?= <zebob.m@gmail.com>
+Date: Thu, 1 Oct 2020 07:19:45 +0200
+Subject: [PATCH] Revert commit for Windows metrics
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Signed-off-by: Robert-André Mauchin <zebob.m@gmail.com>
+---
+ cmd/ctr/commands/tasks/metrics.go | 113 ------------------------------
+ 1 file changed, 113 deletions(-)
+
+diff --git a/cmd/ctr/commands/tasks/metrics.go b/cmd/ctr/commands/tasks/metrics.go
+index a83e45ef..f8371401 100644
+--- a/cmd/ctr/commands/tasks/metrics.go
+++ b/cmd/ctr/commands/tasks/metrics.go
+@@ -23,9 +23,6 @@ import (
+ 	"os"
+ 	"text/tabwriter"
+ 
+-	wstats "github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/stats"
+-	v1 "github.com/containerd/cgroups/stats/v1"
+-	v2 "github.com/containerd/cgroups/v2/stats"
+ 	"github.com/containerd/containerd/cmd/ctr/commands"
+ 	"github.com/containerd/typeurl"
+ 	"github.com/urfave/cli"
+@@ -77,42 +74,12 @@ var metricsCommand = cli.Command{
+ 		if err != nil {
+ 			return err
+ 		}
+-		var (
+-			data         *v1.Metrics
+-			data2        *v2.Metrics
+-			windowsStats *wstats.Statistics
+-		)
+-		switch v := anydata.(type) {
+-		case *v1.Metrics:
+-			data = v
+-		case *v2.Metrics:
+-			data2 = v
+-		case *wstats.Statistics:
+-			windowsStats = v
+-		default:
+-			return errors.New("cannot convert metric data to cgroups.Metrics or windows.Statistics")
+-		}
+ 
+ 		switch context.String(formatFlag) {
+ 		case formatTable:
+ 			w := tabwriter.NewWriter(os.Stdout, 1, 8, 4, ' ', 0)
+ 			fmt.Fprintf(w, "ID\tTIMESTAMP\t\n")
+ 			fmt.Fprintf(w, "%s\t%s\t\n\n", metric.ID, metric.Timestamp)
+-			if data != nil {
+-				printCgroupMetricsTable(w, data)
+-			} else if data2 != nil {
+-				printCgroup2MetricsTable(w, data2)
+-			} else {
+-				if windowsStats.GetLinux() != nil {
+-					printCgroupMetricsTable(w, windowsStats.GetLinux())
+-				} else if windowsStats.GetWindows() != nil {
+-					printWindowsContainerStatistics(w, windowsStats.GetWindows())
+-				}
+-				// Print VM stats if its isolated
+-				if windowsStats.VM != nil {
+-					printWindowsVMStatistics(w, windowsStats.VM)
+-				}
+-			}
+ 			return w.Flush()
+ 		case formatJSON:
+ 			marshaledJSON, err := json.MarshalIndent(anydata, "", "  ")
+@@ -126,83 +93,3 @@ var metricsCommand = cli.Command{
+ 		}
+ 	},
+ }
+-
+-func printCgroupMetricsTable(w *tabwriter.Writer, data *v1.Metrics) {
+-	fmt.Fprintf(w, "METRIC\tVALUE\t\n")
+-	if data.Memory != nil {
+-		fmt.Fprintf(w, "memory.usage_in_bytes\t%d\t\n", data.Memory.Usage.Usage)
+-		fmt.Fprintf(w, "memory.limit_in_bytes\t%d\t\n", data.Memory.Usage.Limit)
+-		fmt.Fprintf(w, "memory.stat.cache\t%d\t\n", data.Memory.TotalCache)
+-	}
+-	if data.CPU != nil {
+-		fmt.Fprintf(w, "cpuacct.usage\t%d\t\n", data.CPU.Usage.Total)
+-		fmt.Fprintf(w, "cpuacct.usage_percpu\t%v\t\n", data.CPU.Usage.PerCPU)
+-	}
+-	if data.Pids != nil {
+-		fmt.Fprintf(w, "pids.current\t%v\t\n", data.Pids.Current)
+-		fmt.Fprintf(w, "pids.limit\t%v\t\n", data.Pids.Limit)
+-	}
+-}
+-
+-func printCgroup2MetricsTable(w *tabwriter.Writer, data *v2.Metrics) {
+-	fmt.Fprintf(w, "METRIC\tVALUE\t\n")
+-	if data.Pids != nil {
+-		fmt.Fprintf(w, "pids.current\t%v\t\n", data.Pids.Current)
+-		fmt.Fprintf(w, "pids.limit\t%v\t\n", data.Pids.Limit)
+-	}
+-	if data.CPU != nil {
+-		fmt.Fprintf(w, "cpu.usage_usec\t%v\t\n", data.CPU.UsageUsec)
+-		fmt.Fprintf(w, "cpu.user_usec\t%v\t\n", data.CPU.UserUsec)
+-		fmt.Fprintf(w, "cpu.system_usec\t%v\t\n", data.CPU.SystemUsec)
+-		fmt.Fprintf(w, "cpu.nr_periods\t%v\t\n", data.CPU.NrPeriods)
+-		fmt.Fprintf(w, "cpu.nr_throttled\t%v\t\n", data.CPU.NrThrottled)
+-		fmt.Fprintf(w, "cpu.throttled_usec\t%v\t\n", data.CPU.ThrottledUsec)
+-	}
+-	if data.Memory != nil {
+-		fmt.Fprintf(w, "memory.usage\t%v\t\n", data.Memory.Usage)
+-		fmt.Fprintf(w, "memory.usage_limit\t%v\t\n", data.Memory.UsageLimit)
+-		fmt.Fprintf(w, "memory.swap_usage\t%v\t\n", data.Memory.SwapUsage)
+-		fmt.Fprintf(w, "memory.swap_limit\t%v\t\n", data.Memory.SwapLimit)
+-	}
+-}
+-
+-func printWindowsContainerStatistics(w *tabwriter.Writer, stats *wstats.WindowsContainerStatistics) {
+-	fmt.Fprintf(w, "METRIC\tVALUE\t\n")
+-	fmt.Fprintf(w, "timestamp\t%s\t\n", stats.Timestamp)
+-	fmt.Fprintf(w, "start_time\t%s\t\n", stats.ContainerStartTime)
+-	fmt.Fprintf(w, "uptime_ns\t%d\t\n", stats.UptimeNS)
+-	if stats.Processor != nil {
+-		fmt.Fprintf(w, "cpu.total_runtime_ns\t%d\t\n", stats.Processor.TotalRuntimeNS)
+-		fmt.Fprintf(w, "cpu.runtime_user_ns\t%d\t\n", stats.Processor.RuntimeUserNS)
+-		fmt.Fprintf(w, "cpu.runtime_kernel_ns\t%d\t\n", stats.Processor.RuntimeKernelNS)
+-	}
+-	if stats.Memory != nil {
+-		fmt.Fprintf(w, "memory.commit_bytes\t%d\t\n", stats.Memory.MemoryUsageCommitBytes)
+-		fmt.Fprintf(w, "memory.commit_peak_bytes\t%d\t\n", stats.Memory.MemoryUsageCommitPeakBytes)
+-		fmt.Fprintf(w, "memory.private_working_set_bytes\t%d\t\n", stats.Memory.MemoryUsagePrivateWorkingSetBytes)
+-	}
+-	if stats.Storage != nil {
+-		fmt.Fprintf(w, "storage.read_count_normalized\t%d\t\n", stats.Storage.ReadCountNormalized)
+-		fmt.Fprintf(w, "storage.read_size_bytes\t%d\t\n", stats.Storage.ReadSizeBytes)
+-		fmt.Fprintf(w, "storage.write_count_normalized\t%d\t\n", stats.Storage.WriteCountNormalized)
+-		fmt.Fprintf(w, "storage.write_size_bytes\t%d\t\n", stats.Storage.WriteSizeBytes)
+-	}
+-}
+-
+-func printWindowsVMStatistics(w *tabwriter.Writer, stats *wstats.VirtualMachineStatistics) {
+-	fmt.Fprintf(w, "METRIC\tVALUE\t\n")
+-	if stats.Processor != nil {
+-		fmt.Fprintf(w, "vm.cpu.total_runtime_ns\t%d\t\n", stats.Processor.TotalRuntimeNS)
+-	}
+-	if stats.Memory != nil {
+-		fmt.Fprintf(w, "vm.memory.working_set_bytes\t%d\t\n", stats.Memory.WorkingSetBytes)
+-		fmt.Fprintf(w, "vm.memory.virtual_node_count\t%d\t\n", stats.Memory.VirtualNodeCount)
+-		fmt.Fprintf(w, "vm.memory.available\t%d\t\n", stats.Memory.VmMemory.AvailableMemory)
+-		fmt.Fprintf(w, "vm.memory.available_buffer\t%d\t\n", stats.Memory.VmMemory.AvailableMemoryBuffer)
+-		fmt.Fprintf(w, "vm.memory.reserved\t%d\t\n", stats.Memory.VmMemory.ReservedMemory)
+-		fmt.Fprintf(w, "vm.memory.assigned\t%d\t\n", stats.Memory.VmMemory.AssignedMemory)
+-		fmt.Fprintf(w, "vm.memory.slp_active\t%t\t\n", stats.Memory.VmMemory.SlpActive)
+-		fmt.Fprintf(w, "vm.memory.balancing_enabled\t%t\t\n", stats.Memory.VmMemory.BalancingEnabled)
+-		fmt.Fprintf(w, "vm.memory.dm_operation_in_progress\t%t\t\n", stats.Memory.VmMemory.DmOperationInProgress)
+-	}
+-}
+-- 
+2.28.0
+
--- a/SOURCES/0002-Remove-windows-only-dep.patch
+++ b/SOURCES/0002-Remove-windows-only-dep.patch
@ -0,0 +1,23 @@
+diff --color -Naur a/pkg/cri/server/helpers.go b/pkg/cri/server/helpers.go
+--- a/pkg/cri/server/helpers.go	2021-11-17 21:04:57.000000000 +0100
+++ b/pkg/cri/server/helpers.go	2021-11-22 22:39:01.743745977 +0100
+@@ -39,7 +39,7 @@ import (
+ 	"github.com/containerd/typeurl"
+ 	"github.com/sirupsen/logrus"
+ 
+-	runhcsoptions "github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/options"
+	// runhcsoptions "github.com/Microsoft/hcsshim/cmd/containerd-shim-runhcs-v1/options"
+ 	imagedigest "github.com/opencontainers/go-digest"
+ 	"github.com/pelletier/go-toml"
+ 	"golang.org/x/net/context"
+@@ -365,8 +365,8 @@ func getRuntimeOptionsType(t string) int
+ 		return &runcoptions.Options{}
+ 	case plugin.RuntimeLinuxV1:
+ 		return &runctypes.RuncOptions{}
+-	case runtimeRunhcsV1:
+-		return &runhcsoptions.Options{}
+	// case runtimeRunhcsV1:
+	//	return &runhcsoptions.Options{}
+ 	default:
+ 		return &runtimeoptions.Options{}
+ 	}
--- a/SOURCES/containerd.toml
+++ b/SOURCES/containerd.toml
@ -0,0 +1,9 @@
+version = 2
+
+[plugins]
+  [plugins."io.containerd.grpc.v1.cri"]
+    [plugins."io.containerd.grpc.v1.cri".cni]
+      bin_dir = "/usr/libexec/cni/"
+      conf_dir = "/etc/cni/net.d"
+  [plugins."io.containerd.internal.v1.opt"]
+    path = "/var/lib/containerd/opt"
--- a/SPECS/containerd.spec
+++ b/SPECS/containerd.spec
@ -0,0 +1,327 @@
+%define _build_id_links none
+%bcond_without ctr
+%bcond_with debug
+
+%if %{with debug}
+%global _dwz_low_mem_die_limit 0
+%else
+%global debug_package %{nil}
+%endif
+
+%define SHA256SUM0 08f057ece7e518b14cce2e9737228a5a899a7b58b78248a03e02f4a6c079eeaf
+%global import_path github.com/containerd/containerd
+%global runc_nokmem %{getenv:RUNC_NOKMEM}
+
+Name: containerd
+Provides: containerd
+
+# Conflicting packages
+
+Version: 1.6.4
+Release: 3.1%{?dist}
+Summary: An industry-standard container runtime
+License: ASL 2.0
+URL: https://containerd.io
+Source0: containerd-1.6.4.tar.gz
+Source2: containerd.toml
+# Source3: runc
+# container-selinux isn't a thing in suse flavors
+%if %{undefined suse_version}
+# amazonlinux2 doesn't have container-selinux either
+%if "%{?dist}" != ".amzn2"
+Requires: container-selinux >= 2:2.74
+%endif
+Requires: libseccomp
+%else
+# SUSE flavors do not have container-selinux,
+# and libseccomp is named libseccomp2
+Requires: libseccomp2
+Requires: runc
+%endif
+BuildRequires: make
+BuildRequires: gcc
+BuildRequires: systemd
+BuildRequires: libseccomp-devel
+BuildRequires: golang
+BuildRequires: go-md2man
+BuildRequires: runc
+
+%if %{undefined rhel} || 0%{?rhel} < 8
+%if %{defined suse_version}
+# SUSE flavors
+BuildRequires: libbtrfs-devel
+%else
+# Fedora / others, and CentOS/RHEL < 8
+BuildRequires: btrfs-progs-devel
+%endif
+%endif
+
+%{?systemd_requires}
+
+%description
+containerd is an industry-standard container runtime with an emphasis on
+simplicity, robustness and portability. It is available as a daemon for Linux
+and Windows, which can manage the complete container lifecycle of its host
+system: image transfer and storage, container execution and supervision,
+low-level storage and network attachments, etc.
+
+
+%prep
+%setup -q
+# symlink the go source path to our build directory
+mkdir -p ${RPM_BUILD_DIR}/go/src/github.com/containerd/
+ln -s %{_topdir}/BUILD/containerd-1.6.4 ${RPM_BUILD_DIR}/go/src/%{import_path} 
+
+%build
+GO111MODULE=auto make man
+
+BUILDTAGS="seccomp selinux"
+%if %{defined rhel} && 0%{?rhel} >= 8
+# btrfs support was removed in CentOS/RHEL 8
+BUILDTAGS="${BUILDTAGS} no_btrfs"
+%endif
+
+GO111MODULE=auto make -C ${RPM_BUILD_DIR}/go/src/%{import_path} VERSION=%{version} REVISION=%{release} PACKAGE=%{name} BUILDTAGS="${BUILDTAGS}"
+
+# Remove containerd-stress, as we're not shipping it as part of the packages
+rm -f bin/containerd-stress
+bin/containerd --version
+bin/ctr --version
+
+%install
+cd %{_topdir}/BUILD/containerd-1.6.4
+mkdir -p %{buildroot}%{_bindir}
+install -D -m 0755 bin/* %{buildroot}%{_bindir}
+install -D -m 0644 containerd.service %{buildroot}%{_unitdir}/containerd.service
+install -D -m 0644 %{S:2} %{buildroot}%{_sysconfdir}/containerd/config.toml
+
+# install manpages, taking into account that not all sections may be present
+for i in $(seq 1 8); do
+    if ls man/*.${i} 1> /dev/null 2>&1; then
+        install -d %{buildroot}%{_mandir}/man${i};
+        install -p -m 644 man/*.${i} %{buildroot}%{_mandir}/man${i};
+    fi
+done
+
+%post
+%systemd_post containerd.service
+
+
+%preun
+%systemd_preun containerd.service
+
+
+%postun
+%systemd_postun_with_restart containerd.service
+
+
+%files
+%license LICENSE
+%doc README.md
+%{_bindir}/*
+%{_unitdir}/containerd.service
+%{_sysconfdir}/containerd
+%{_mandir}/man*/*
+%config(noreplace) %{_sysconfdir}/containerd/config.toml
+
+
+%changelog
+* Wed May 04 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.6.4-3.1
+- Update containerd to v1.6.4
+
+* Thu Apr 28 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.6.3-3.1
+- Update containerd to v1.6.3
+- Update runc to v1.1.1
+- Update Golang runtime to 1.17.9
+
+* Sun Mar 27 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.6.2-3.1
+- Update containerd to v1.6.2
+- Update runc to v1.1.0
+
+* Wed Mar 23 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.5.11-3.1
+- Update containerd to v1.5.11 to address CVE-2022-24769
+
+* Fri Mar 04 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.5.10-3.1
+- Update containerd to v1.5.10
+- Update Golang runtime to 1.17.8
+
+* Thu Mar 03 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.13-3.1
+- Update containerd to v1.4.13 to address CVE-2022-23648
+- Update runc to v1.0.3
+- Update Golang runtime to 1.16.15
+
+* Wed Nov 17 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.12-3.1
+- Update containerd to v1.4.12 to address CVE-2021-41190
+- Update Golang runtime to 1.16.10
+
+* Mon Oct 04 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.11-3.1
+- Update to containerd 1.4.11 to address CVE-2021-41103
+
+* Thu Sep 30 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.10-3.1
+- Update to containerd 1.4.10
+- Update runc to v1.0.2
+- Update Golang runtime to 1.16.8
+
+* Thu Jul 29 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.9-3.1
+- Update to containerd 1.4.9
+- Update runc to v1.0.1
+
+* Mon Jul 19 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.8-3.1
+- Update to containerd 1.4.8 to address CVE-2021-32760
+
+* Mon Jul 19 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.7-3.1
+- Update to containerd 1.4.7
+- Update runc to v1.0.0
+- Update Golang runtime to 1.15.14
+
+* Fri May 21 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.6-3.1
+- Update to containerd 1.4.6
+- Update runc to v1.0.0-rc95 to address CVE-2021-30465.
+
+* Wed May 12 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.5-3.1
+- Update to containerd 1.4.5
+- Update runc to v1.0.0-rc94
+
+* Mon Mar 08 2021 Wei Fu <fuweid89@gmail.com> - 1.4.4-3.1
+- Update to containerd 1.4.4 to address CVE-2021-21334.
+
+* Wed Mar 03 2021 Tibor Vass <tibor@docker.com> - 1.4.3-3.2
+- Update runc to v1.0.0-rc93
+
+* Wed Dec 02 2020 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.3-3.1
+- Update to containerd 1.4.3 to address CVE-2020-15257.
+
+* Thu Nov 26 2020 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.2-3.1
+- Update to containerd 1.4.2
+
+* Tue Oct 06 2020 Tibor Vass <tibor@docker.com> - 1.4.1-3.1
+- Update to containerd 1.4.1
+- Update Golang runtime to 1.13.15
+
+* Wed Sep 09 2020 Sebastiaan van Stijn <github@gone.nl> - 1.3.7-3.1
+- Update to containerd 1.3.7
+- Update Golang runtime to 1.13.12.
+
+* Fri May 01 2020 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.13-3.2
+- Build packages for RHEL-7 on s390x, CentOS 8, and Fedora 32
+- Add libseccomp as required dependency
+
+* Mon Feb 17 2020 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.13-3.1
+- Update to containerd 1.2.13, which fixes a regression introduced in v1.2.12
+  that caused container/shim to hang on single core machines, and fixes an issue
+  with blkio.
+- Update Golang runtime to 1.12.17.
+
+* Tue Feb 04 2020 Derek McGowan <derek@docker.com> - 1.2.12-3.1
+- Update the runc vendor to v1.0.0-rc10 which includes a mitigation for
+  CVE-2019-19921.
+- Update the opencontainers/selinux which includes a mitigation for
+  CVE-2019-16884.
+- Update Golang runtime to 1.12.16, mitigating the CVE-2020-0601
+  certificate verification bypass on Windows, and CVE-2020-7919,
+  which only affects 32-bit architectures.
+- A fix to prevent SIGSEGV when starting containerd-shim
+- Fix to prevent high system load/CPU utilization with liveness and readiness
+  probes
+- Fix to prevent docker exec hanging if an earlier docker exec left a zombie
+  process
+- CRI: Update the gopkg.in/yaml.v2 vendor to v2.2.8 with a mitigation for
+  CVE-2019-11253
+
+* Fri Jan 24 2020 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.11-3.2
+- Update Golang runtime to 1.12.15, which includes fixes in the net/http package
+  and the runtime on ARM64
+
+* Thu Jan 09 2020 Evan Hazlett <evan@docker.com> - 1.2.11-3.1
+- Update the runc vendor to v1.0.0-rc9 which includes an additional
+  mitigation for CVE-2019-16884
+- Add local-fs.target to service file to fix corrupt image after unexpected
+  host reboot
+- Update Golang runtime to 1.12.13, which includes security fixes to the
+  crypto/dsa package made in Go 1.12.11 (CVE-2019-17596), and fixes to the
+  go command, runtime, syscall and net packages (Go 1.12.12)
+- CRI: Fix shim delete error code to avoid unnecessary retries in the CRI plugin
+
+* Mon Oct 07 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.10-3.2
+- build with Go 1.12.10
+
+* Thu Sep 26 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.10-3.1
+- containerd 1.2.10 release
+- Addresses CVE-2019-16884 (AppArmor bypass)
+- Bump runc to 3e425f80a8c931f88e6d94a8c831b9d5aa481657 (1.0.0-rc8 + CVE-2019-16884)
+
+* Fri Sep 06 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.9-3.1
+- containerd 1.2.9 release
+- Addresses CVE-2019-9512 (Ping Flood), CVE-2019-9514 (Reset Flood), and CVE-2019-9515 (Settings Flood).
+
+* Tue Aug 27 2019 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.8-3.1
+- containerd 1.2.8 release
+- build with Go 1.12.9
+
+* Thu Aug 15 2019 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.6-3.5
+- build with Go 1.11.13 (CVE-2019-9512, CVE-2019-9514)
+
+* Tue Aug 13 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.6-3.4
+- Do not "Provides: runc" for RHEL 8
+
+* Tue Jun 11 2019 Kir Kolyshkin <kolyshkin@gmail.com> - 1.2.6-3.3
+- add requirement for container-selinux
+- move runc binary to %_bindir
+
+* Fri Apr 26 2019 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.6-3.2
+- update runc to v1.0.0-rc8
+
+* Tue Apr 09 2019 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.6-3.1
+- containerd 1.2.6 release
+- update runc to 029124da7af7360afa781a0234d1b083550f797c
+- build with Go 1.11.8
+
+* Thu Mar 14 2019  Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.5-3.1
+- containerd 1.2.5 release
+- update runc to 2b18fe1d885ee5083ef9f0838fee39b62d653e30
+- build with Go 1.11.5
+
+* Fri Feb 15 2019 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.4-3.1
+- containerd 1.2.4 release
+- update runc to 6635b4f0c6af3810594d2770f662f34ddc15b40d
+
+* Thu Jan 31 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.2-3.3
+- [runc -> 09c8266] nsenter: clone /proc/self/exe to avoid exposing
+  host binary to container (CVE-2019-5736)
+
+* Fri Jan 18 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.2-3.2
+- update runc to f7491ef134a6c41f3a99b0b539835d2472d17012
+
+* Tue Jan 08 2019 Andrew Hsu <andrewhsu@docker.com> - 1.2.2-3.1
+- containerd 1.2.2 release
+
+* Thu Dec 06 2018 Andrew Hsu <andrewhsu@docker.com> - 1.2.1-3.1
+- containerd 1.2.1 release
+- update runc to 96ec2177ae841256168fcf76954f7177af9446eb
+
+* Tue Nov 27 2018  Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.1-2.0.rc.0.1
+- containerd 1.2.1-rc.0 release
+- update runc to 10d38b660a77168360df3522881e2dc2be5056bd
+
+* Mon Nov 05 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-3.1
+- containerd 1.2.0 release
+
+* Tue Oct 16 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-2.2.rc.2.1
+- containerd 1.2.0-rc.2 release
+
+* Fri Oct 05 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-2.1.rc.1.1
+- containerd 1.2.0-rc.1 release
+- Set Tasks=infinity in the systemd service file
+
+* Tue Sep 25 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-2.0.rc.0.1
+- containerd 1.2.0-rc.0 release
+
+* Wed Sep 05 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-1.2.beta.2.2
+- Hardcoded paths for libexec and var lib considering the macros are different on SUSE based distributions
+- Removed offline installer for runc, package as a binary instead
+
+* Tue Aug 28 2018 Andrew Hsu <andrewhsu@docker.com> - 1.2.0-1.2.beta.2.1
+- containerd 1.2.0 beta.2
+
+* Thu Aug 16 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-1.0.beta.0-1
+- Intial release
				`@ -0,0 +1 @@`
				`7fd5360e934e834c7b57e123b9b5d18b7414606f SOURCES/containerd-1.6.4.tar`