tetragon icon indicating copy to clipboard operation
tetragon copied to clipboard
verified publisher icon cilium

Avoid `runtime-spec` upgrade until containerd supports it

Open FedeDP opened this issue 3 months ago • 2 comments

Bumping github.com/opencontainers/runtime-spec to v1.3.0 means that any project using tetragon packages, and having a dep on containerd would fail to build, since containerd still uses github.com/opencontainers/[email protected]. The new runtime-spec uses a pointer for LinuxPids::Limit : https://github.com/opencontainers/runtime-spec/commit/869b2d5b0c9fbb9db559ab53cf1fa61a170835e9#diff-9790b3b8b39fc583eab8f6d97ac27ae3f35dbe339000c746faf64615125a8ec7L435-L438, while containerd still uses a non-pointer type: https://github.com/containerd/containerd/blob/main/pkg/oci/spec_opts.go#L1604

We will be able to finally bump it once containerd will be ported to v.1.3.0.

See https://github.com/cilium/tetragon/pull/4335.

FedeDP avatar Nov 13 '25 08:11 FedeDP

https://github.com/containerd/containerd/pull/12465 will eventually allow us to bump the deps.

FedeDP avatar Nov 18 '25 08:11 FedeDP

Update: the aforementioned PR has been merged. We just need to wait for a containerd tag now. Hopefully it will come soon.

FedeDP avatar Nov 20 '25 08:11 FedeDP