2346 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Carlos Eduardo Arango Gutierrez	cf3b9317ef	Refactor the way we create CDI Hooks ... Signed-off-by: Carlos Eduardo Arango Gutierrez <eduardoa@nvidia.com>	2025-05-21 10:19:47 +02:00
Evan Lezar	ac8f190c99	Merge commit from fork ... Run update-ldcache in isolated namespaces	2025-05-16 15:15:21 +02:00
Evan Lezar	3c1f1a6519	Merge pull request #1086 from NVIDIA/dependabot/submodules/main/third_party/libnvidia-container-51a7f20 ... Bump third_party/libnvidia-container from `d26524a` to `51a7f20`	2025-05-16 14:18:17 +02:00
dependabot[bot]	3ee5ff0aa2	Bump third_party/libnvidia-container from d26524a to 51a7f20 ... Bumps [third_party/libnvidia-container](https://github.com/NVIDIA/libnvidia-container) from `d26524a` to `51a7f20`. - [Release notes](https://github.com/NVIDIA/libnvidia-container/releases) - [Commits](d26524ab5d...51a7f20088) --- updated-dependencies: - dependency-name: third_party/libnvidia-container dependency-version: 51a7f20088dc0c3e7ddbb67629bf8e63b9130339 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2025-05-16 08:27:41 +00:00
Evan Lezar	6dfd63f4a8	Merge pull request #980 from elezar/add-rprivate-to-mount-options ... Add rprivate to CDI mount options	2025-05-16 07:53:39 +02:00
Evan Lezar	35e583b623	Merge pull request #1000 from elezar/ignore-unknown-hooks ... Issue warning on unsupported CDI hook	2025-05-16 07:52:25 +02:00
Evan Lezar	7d71932d2a	Merge pull request #1085 from elezar/add-security-md ... [no-relnote] Add SECURITY.md to repo	2025-05-16 07:51:27 +02:00
Evan Lezar	d3ea72c440	[no-relnote] Add SECURITY.md to repo ... Signed-off-by: Evan Lezar <elezar@nvidia.com>	2025-05-15 16:38:43 +02:00
Evan Lezar	c0dda358a3	Issue warning on unsupported CDI hook ... To allow for CDI hooks to be added gradually we provide a generic no-op hook for unrecognised subcommands. This will log a warning instead of erroring out. An unsupported hook could be the result of a CDI specification referring to a new hook that is not yet supported by an older NVIDIA Container Toolkit version or a hook that has been removed in newer version. Signed-off-by: Evan Lezar <elezar@nvidia.com>	2025-05-15 14:05:19 +02:00
Evan Lezar	ec29b602c3	Run update-ldcache in isolated namespaces ... This change uses the reexec package to run the update of the ldcache in a container in a process with isolated namespaces. Since the hook is invoked as a createContainer hook, these namespaces are cloned from the container's namespaces. In the reexec handler, we further isolate the proc filesystem, mount the host ldconfig to a tmpfs, and pivot into the containers root. Signed-off-by: Evan Lezar <elezar@nvidia.com>	2025-05-15 12:45:49 +02:00
Carlos Eduardo Arango Gutierrez	241881f12f	Merge pull request #1048 from ArangoGutierrez/updated_e2e ... [no-relnote] Update E2E test suite	2025-05-14 12:27:01 +02:00
Carlos Eduardo Arango Gutierrez	eb40f240ac	[no-relnote] Update E2E suite ... Signed-off-by: Carlos Eduardo Arango Gutierrez <eduardoa@nvidia.com> Signed-off-by: Evan Lezar <elezar@nvidia.com>	2025-05-14 11:22:14 +02:00
Evan Lezar	72b2ee9ce0	Merge pull request #1055 from elezar/add-cuda-compat-mode ... Add nvidia-container-cli.compat-mode config option	2025-05-13 21:56:18 +02:00
Evan Lezar	f4981f0876	Add cuda-compat-mode config option ... This change adds an nvidia-container-runtime.modes.legacy.cuda-compat-mode config option. This can be set to one of four values: * ldconfig (default): the --cuda-compat-mode=ldconfig flag is passed to the nvidia-container-cli * mount: the --cuda-compat-mode=mount flag is passed to the nvidia-conainer-cli * disabled: the --cuda-compat-mode=disabled flag is passed to the nvidia-container-cli * hook: the --cuda-compat-mode=disabled flag is passed to the nvidia-container-cli AND the enable-cuda-compat hook is used to provide forward compatibility. Note that the disable-cuda-compat-lib-hook feature flag will prevent the enable-cuda-compat hook from being used. This change also means that the allow-cuda-compat-libs-from-container feature flag no longer has any effect. Signed-off-by: Evan Lezar <elezar@nvidia.com>	2025-05-13 21:49:53 +02:00
Evan Lezar	2ec67033c0	Merge pull request #1081 from NVIDIA/dependabot/submodules/main/third_party/libnvidia-container-d26524a ... Bump third_party/libnvidia-container from `a198166` to `d26524a`	2025-05-13 21:49:21 +02:00
dependabot[bot]	f8eda79aaf	Bump third_party/libnvidia-container from a198166 to d26524a ... Bumps [third_party/libnvidia-container](https://github.com/NVIDIA/libnvidia-container) from `a198166` to `d26524a`. - [Release notes](https://github.com/NVIDIA/libnvidia-container/releases) - [Commits](a198166e1c...d26524ab5d) --- updated-dependencies: - dependency-name: third_party/libnvidia-container dependency-version: d26524ab5db96a55ae86033f53de50d3794fb547 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2025-05-13 19:48:20 +00:00
Evan Lezar	51504097d8	Merge pull request #1078 from elezar/add-thor-support ... Fix mode detection on Thor-based systems	2025-05-13 21:33:25 +02:00
Evan Lezar	a4dc28bb3f	Fix mode detection on Thor-based systems ... This change updates github.com/NVIDIA/go-nvlib from v0.7.1 to v0.7.2 to allow Thor systems to be detected as Tegra-based. This allows fixes automatic mode detection to work on these systems. Signed-off-by: Evan Lezar <elezar@nvidia.com>	2025-05-13 21:25:11 +02:00
Evan Lezar	d0103aa6a3	Add rprivate to CDI mount options ... This ensures that mount propagation is set to rprivate for mounts from the host into the container. This aligns with the default in docker. Signed-off-by: Evan Lezar <elezar@nvidia.com>	2025-05-09 15:16:13 +02:00
Evan Lezar	adb5e6719d	Merge pull request #1046 from elezar/resolve-ldcache-libs-on-arm64 ... Fix resolution of libs in LDCache on ARM	2025-05-09 15:04:00 +02:00
Evan Lezar	0c254711e7	Merge pull request #1066 from NVIDIA/dependabot/docker/deployments/container/main/nvidia/cuda-12.9.0-base-ubuntu20.04 ... Bump nvidia/cuda from 12.8.1-base-ubuntu20.04 to 12.9.0-base-ubuntu20.04 in /deployments/container	2025-05-09 13:51:10 +02:00
Evan Lezar	27adebaa44	Merge pull request #1065 from elezar/skip-nill-discoverers ... Skip nil discoverers in merge	2025-05-09 13:50:44 +02:00
dependabot[bot]	496cdb5463	Bump nvidia/cuda in /deployments/container ... Bumps nvidia/cuda from 12.8.1-base-ubuntu20.04 to 12.9.0-base-ubuntu20.04. --- updated-dependencies: - dependency-name: nvidia/cuda dependency-version: 12.9.0-base-ubuntu20.04 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2025-05-08 08:38:12 +00:00
Evan Lezar	132c9afb6c	Merge pull request #1063 from NVIDIA/dependabot/github_actions/main/slackapi/slack-github-action-2.1.0 ... Bump slackapi/slack-github-action from 2.0.0 to 2.1.0	2025-05-07 17:19:08 +02:00
Evan Lezar	c879fb59c1	Merge pull request #1058 from NVIDIA/dependabot/github_actions/main/golangci/golangci-lint-action-8 ... Bump golangci/golangci-lint-action from 7 to 8	2025-05-07 16:54:45 +02:00
Evan Lezar	fbff2c4943	Merge pull request #1064 from NVIDIA/dependabot/docker/deployments/devel/main/golang-1.24.3 ... Bump golang from 1.24.2 to 1.24.3 in /deployments/devel	2025-05-07 16:54:18 +02:00
Evan Lezar	0c765c6536	Skip nil discoverers in merge ... When constructing a list of discoverers using discover.Merge we explicitly skip `nil` discoverers to simplify usage as we don't have to explicitly check validity when processing the discoverers in the list. Signed-off-by: Evan Lezar <elezar@nvidia.com>	2025-05-07 12:51:38 +02:00
dependabot[bot]	0863749de3	Bump golang from 1.24.2 to 1.24.3 in /deployments/devel ... Bumps golang from 1.24.2 to 1.24.3. --- updated-dependencies: - dependency-name: golang dependency-version: 1.24.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-05-07 08:53:04 +00:00
dependabot[bot]	a8ca8e91f2	Bump slackapi/slack-github-action from 2.0.0 to 2.1.0 ... Bumps [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) from 2.0.0 to 2.1.0. - [Release notes](https://github.com/slackapi/slack-github-action/releases) - [Commits](https://github.com/slackapi/slack-github-action/compare/v2.0.0...v2.1.0) --- updated-dependencies: - dependency-name: slackapi/slack-github-action dependency-version: 2.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2025-05-07 08:29:10 +00:00
Evan Lezar	cf395e765a	Merge pull request #1061 from NVIDIA/dependabot/go_modules/main/golang.org/x/sys-0.33.0 ... Bump golang.org/x/sys from 0.32.0 to 0.33.0	2025-05-06 14:32:35 +02:00
dependabot[bot]	f859c9a671	Bump golang.org/x/sys from 0.32.0 to 0.33.0 ... Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.32.0 to 0.33.0. - [Commits](https://github.com/golang/sys/compare/v0.32.0...v0.33.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-version: 0.33.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2025-05-06 09:31:22 +00:00
Carlos Eduardo Arango Gutierrez	f50e815837	Merge pull request #1062 from NVIDIA/dependabot/go_modules/tests/main/golang.org/x/crypto-0.38.0 ... Bump golang.org/x/crypto from 0.37.0 to 0.38.0 in /tests	2025-05-06 11:30:11 +02:00
dependabot[bot]	ffcef4f9a8	Bump golang.org/x/crypto from 0.37.0 to 0.38.0 in /tests ... Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.37.0 to 0.38.0. - [Commits](https://github.com/golang/crypto/compare/v0.37.0...v0.38.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.38.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2025-05-06 08:42:33 +00:00
dependabot[bot]	194a1663ab	Bump golangci/golangci-lint-action from 7 to 8 ... Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 7 to 8. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](https://github.com/golangci/golangci-lint-action/compare/v7...v8) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-05-05 09:11:37 +00:00
Evan Lezar	51d603aec6	Merge pull request #1024 from NVIDIA/dependabot/go_modules/tests/main/golang.org/x/crypto-0.37.0 ... Bump golang.org/x/crypto from 0.36.0 to 0.37.0 in /tests	2025-05-02 13:14:34 +02:00
Evan Lezar	3f9359eba2	Merge pull request #1056 from tariq1890/bump-runc-dep ... Bump github.com/opencontainers/runc from v1.2.6 to v1.3.0	2025-05-02 13:14:13 +02:00
dependabot[bot]	574d204953	Bump golang.org/x/crypto from 0.36.0 to 0.37.0 in /tests ... Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.36.0 to 0.37.0. - [Commits](https://github.com/golang/crypto/compare/v0.36.0...v0.37.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.37.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2025-04-30 13:52:05 +00:00
Evan Lezar	ca061bb4f0	Merge pull request #1026 from NVIDIA/dependabot/go_modules/tests/main/github.com/onsi/ginkgo/v2-2.23.4 ... Bump github.com/onsi/ginkgo/v2 from 2.23.3 to 2.23.4 in /tests	2025-04-30 15:50:42 +02:00
Tariq Ibrahim	f7a415f480	bump runc go dep to v1.3.0 ... Signed-off-by: Tariq Ibrahim <tibrahim@nvidia.com>	2025-04-29 19:01:38 -07:00
Evan Lezar	e6cd7a3b53	Fix resolution of libs in LDCache on ARM ... Since we explicitly check for the architecture of the libraries in the ldcache, we need to also check the architecture flag against the ARM constants. Signed-off-by: Evan Lezar <elezar@nvidia.com>	2025-04-23 14:28:28 +02:00
dependabot[bot]	9f6b45817b	Bump github.com/onsi/ginkgo/v2 from 2.23.3 to 2.23.4 in /tests ... Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.23.3 to 2.23.4. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/ginkgo/compare/v2.23.3...v2.23.4) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-version: 2.23.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-04-22 08:27:11 +00:00
Evan Lezar	de3d736663	Merge pull request #1035 from NVIDIA/dependabot/go_modules/tests/golang.org/x/net-0.38.0 ... Bump golang.org/x/net from 0.37.0 to 0.38.0 in /tests	2025-04-22 10:25:58 +02:00
Evan Lezar	e4e7c5d857	Merge pull request #1039 from NVIDIA/dependabot/submodules/main/third_party/libnvidia-container-a198166 ... Bump third_party/libnvidia-container from `95d3e86` to `a198166`	2025-04-22 09:34:29 +02:00
dependabot[bot]	0620dfa6f9	Bump third_party/libnvidia-container from 95d3e86 to a198166 ... Bumps [third_party/libnvidia-container](https://github.com/NVIDIA/libnvidia-container) from `95d3e86` to `a198166`. - [Release notes](https://github.com/NVIDIA/libnvidia-container/releases) - [Commits](95d3e86522...a198166e1c) --- updated-dependencies: - dependency-name: third_party/libnvidia-container dependency-version: a198166e1c1166f4847598438115ea97dacc7a92 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2025-04-18 08:16:29 +00:00
Evan Lezar	6394e9e9e7	Merge pull request #1033 from JunAr7112/migrate_ngc_changes ... Updated .release:staging to stage images in nvstaging	2025-04-17 15:13:43 +02:00
Evan Lezar	a2e2a44516	Merge pull request #990 from elezar/refactor-toolkit-installer ... Refactor toolkit installer	2025-04-17 15:08:39 +02:00
Arjun	6605bfb5fa	Updated .release:staging to stage images in nvstaging ... Signed-off-by: Arjun <arjun.gadiyar@gmail.com> Signed-off-by: Evan Lezar <elezar@nvidia.com>	2025-04-17 14:02:33 +02:00
Evan Lezar	14806f019b	Refactor toolkit installer ... Signed-off-by: Evan Lezar <elezar@nvidia.com>	2025-04-17 13:56:58 +02:00
Evan Lezar	2437630421	[no-relnote] Explicitly use blank config ... Since this is running in a contianer the contents of the /etc/nvidia-container-runtime/config.toml file is equivalent to the default config. This change makes it explicit. Signed-off-by: Evan Lezar <elezar@nvidia.com>	2025-04-17 13:56:58 +02:00
Evan Lezar	cdad158f0f	[no-relnote] Move toolkit installer package ... Signed-off-by: Evan Lezar <elezar@nvidia.com>	2025-04-17 13:56:56 +02:00