Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

experimenting: fix Mariner CI with CH v39 #9588

Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

experimenting: fix Mariner CI with CH v39 #9588

wants to merge 3 commits into from
+2,524 −248

Conversation

sprt
Copy link
Contributor

@sprt sprt commented May 2, 2024

Experimenting

@likebreath
versions: Upgrade to Cloud Hypervisor v39.0
8ccc36f 
This patch upgrades Cloud Hypervisor to v39.0 from v36.0, which contains
fixes of several security advisories from dependencies. Details can be
found from kata-containers#9574.

Fixes: kata-containers#8694, kata-containers#9574

Signed-off-by: Bo Chen <chen.bo@intel.com>
@likebreath
runtime: clh: Re-generate the client code
12492b4 
This patch re-generates the client code for Cloud Hypervisor v39.0.
Note: The client code of cloud-hypervisor's OpenAPI is automatically
generated by openapi-generator.

Fixes: kata-containers#8694, kata-containers#9574

Signed-off-by: Bo Chen <chen.bo@intel.com>
@sprt sprt added the ok-to-test label May 2, 2024
@katacontainersbot katacontainersbot added the size/huge Largest and most complex task (probably needs breaking into small pieces) label May 2, 2024
@sprt sprt changed the title Clh39 mariner experimenting: fix Mariner CI with CH v39 May 2, 2024
@danmihai1 danmihai1 mentioned this pull request May 2, 2024
Open
@sprt sprt added the do-not-merge PR has problems or depends on another label May 3, 2024
sprt added a commit to sprt/kata-containers that referenced this pull request May 3, 2024
@sprt
tests: adapt Mariner CI to unblock CH v39 upgrade
0cc2b07 
The CH v39 upgrade in kata-containers#9575 is currently blocked because of a bug in the
Mariner host kernel. To address this, we temporarily tweak the Mariner
CI to use an Ubuntu host and the Kata guest kernel, while retaining the
Mariner initrd. This is tracked in kata-containers#9594.

Importantly, this allows us to preserve CI for genpolicy. We had to
tweak the default rules.rego however, as the OCI version is now
different in the Ubuntu host. This is tracked in kata-containers#9593.

This change has been tested together with CH v39 in kata-containers#9588.

Signed-off-by: Aurélien Bombo <abombo@microsoft.com>
@sprt sprt mentioned this pull request May 3, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
do-not-merge PR has problems or depends on another ok-to-test size/huge Largest and most complex task (probably needs breaking into small pieces)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@sprt @katacontainersbot @likebreath