chore(deps): bump containerd to v2#495
Conversation
|
I'd really like to pull this in, but this could break Syft and Grype API users (at the same time this may have prevented users from adopting Syft/Grype if there was already a need to use containerd v2 in their application already). I put my thoughts onto opencontainers/runtime-spec#1305 (comment) . I want to see where the conversation goes first before trying to merge this (let this simmer for just a little bit). |
In case it helps deciding; containerd v2 client should be API compatible with v1 containerd binaries (both use the same API). The v1 containerd module should be mostly considered in "maintenance" mode, and most codebases migrated to v2 already (and should migrate); v1 will reach EOL in September; https://github.com/containerd/containerd/blob/9d247a7993798707cf03edd8aefa77fa22ad3e18/RELEASES.md#current-state-of-containerd-releases
|
This patch bumps containerd to v2. Containerd is a well behaved go
module, and so needs to be bumped explicitly in code since there are
some breaking changes (mostly code just being moved around). However,
AFAIK there are no wire-procotol changes.
This is needed since containerd v1 isn't really as actively updated. A
while back github.com/opencontainers/runtime-spec made a breaking change
in a minor update - the ecosystem is updating to the latest
runtime-spec. But containerd v1 uses the old version :( This means that
when a dependency updates to a new version of containerd v2 (which does
use the new version), then the old version can't also be included.
Super roundabout way of saying - if we move off of containerd v1 here,
then this helps here at least.
Before:
$ go mod why github.com/containerd/containerd
# github.com/containerd/containerd
github.com/anchore/stereoscope/internal/containerd
github.com/containerd/containerd
After:
$ go mod why github.com/containerd/containerd
# github.com/containerd/containerd
(main module does not need package github.com/containerd/containerd)
Signed-off-by: Justin Chadwell <justin@unikraft.com>
|
Coincidentally yesterday we decided that the only way forward is to merge -- thanks for the additional input @thaJeztah 👍 |
|
Fun to get to see y'all again, even if it's for something as boring as go dependency resolution issues 😆 |
|
Right!? Long time! Don't be a stranger 😊 |
3 participants
This patch bumps containerd to v2. Containerd is a well behaved go module, and so needs to be bumped explicitly in code since there are some breaking changes (mostly code just being moved around). However, AFAIK there are no wire-procotol changes.
This is needed since containerd v1 isn't really as actively updated. A while back github.com/opencontainers/runtime-spec made a breaking change in a minor update - the ecosystem is updating to the latest runtime-spec. But containerd v1 uses the old version :( This means that when a dependency updates to a new version of containerd v2 (which does use the new version), then the old version can't also be included.
Super roundabout way of saying - if we move off of containerd v1 here, then this helps here at least.
Before:
After:
This is an attempt to fix the issue for users who are already on containerd v2. If users are containerd v1 still, this will break them 😢