apitech/loki - loki - Gitea: Git with a cup of tea

Commit Graph

Author	SHA1	Message	Date
renovate[bot]	25473e8587	fix(deps): update module github.com/docker/docker to v28.2.2+incompatible (main) (#17923 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	1 year ago
renovate[bot]	3ee4ccb0bd	fix(deps): update module github.com/docker/docker to v28.1.1+incompatible (main) (#17319 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	1 year ago
renovate[bot]	bc86a9d30a	fix(deps): update module github.com/docker/docker to v28.1.0+incompatible (main) (#17285 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	1 year ago
renovate[bot]	a96da525ac	fix(deps): update module github.com/docker/docker to v28.0.4+incompatible (main) (#16900 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	1 year ago
renovate[bot]	fd0389f153	fix(deps): update module github.com/docker/docker to v28.0.2+incompatible (main) (#16837 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	1 year ago
renovate[bot]	722ce05f25	fix(deps): update module github.com/docker/docker to v28 (main) (#16520 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Paul Rogers <paul.rogers@grafana.com>	1 year ago
renovate[bot]	e58665dedf	fix(deps): update module github.com/docker/docker to v27.5.0+incompatible (#15738 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Paul Rogers <paul.rogers@grafana.com>	1 year ago
renovate[bot]	0ad17ebcf4	fix(deps): update module github.com/influxdata/telegraf to v1.33.0 (#15456 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Paul Rogers <paul.rogers@grafana.com> Co-authored-by: Trevor Whitney <trevorjwhitney@gmail.com>	1 year ago
renovate[bot]	b4a926c406	fix(deps): update module github.com/docker/docker to v27.3.1+incompatible (#14753 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2 years ago
renovate[bot]	8ab4c20572	fix(deps): update module github.com/docker/docker to v27.1.2+incompatible (#13872 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2 years ago
renovate[bot]	e5a3994fba	fix(deps): update github.com/docker/go-plugins-helpers digest to 45e2431 (#13808 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2 years ago
renovate[bot]	f8bf3bb378	fix(deps): update module github.com/docker/docker to v27.1.1+incompatible [security] (main) (#13762 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2 years ago
Marco Pracucci	b88583da7d	feat: upgrade prometheus (#13671 ) Signed-off-by: Marco Pracucci <marco@pracucci.com> Signed-off-by: Vladyslav Diachenko <vlad.diachenko@grafana.com> Co-authored-by: Vladyslav Diachenko <vlad.diachenko@grafana.com>	2 years ago
renovate[bot]	960c034384	fix(deps): update module github.com/docker/docker to v25.0.5+incompatible [security] (main) (#12279 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Paul Rogers <129207811+paul1r@users.noreply.github.com> Co-authored-by: Paul Rogers <paul.rogers@grafana.com>	2 years ago
Paulin Todev	d54e0871d4	chore(deps): Update Prometheus in Loki and Promtail (#12245 ) This PR updates the Prometheus dependency in Loki and Promtail. The PR is required so that we can also update Grafana Agent to the latest Prometheus. Unfortunately, Promtail and Loki share the same go.mod file.	2 years ago
renovate[bot]	e65a3cce43	Update module github.com/docker/docker to v24.0.7+incompatible [SECURITY] (main) (#11084 ) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: \| Package \| Type \| Update \| Change \| \|---\|---\|---\|---\| \| [github.com/docker/docker](https://togithub.com/docker/docker) \| require \| patch \| `v24.0.4+incompatible` -> `v24.0.7+incompatible` \| ### GitHub Vulnerability Alerts #### [GHSA-jq35-85cj-fj4p](https://togithub.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p) Intel's RAPL (Running Average Power Limit) feature, introduced by the Sandy Bridge microarchitecture, provides software insights into hardware energy consumption. To facilitate this, Intel introduced the powercap framework in Linux kernel 3.13, which reads values via relevant MSRs (model specific registers) and provides unprivileged userspace access via `sysfs`. As RAPL is an interface to access a hardware feature, it is only available when running on bare metal with the module compiled into the kernel. By 2019, it was realized that in some cases unprivileged access to RAPL readings could be exploited as a power-based side-channel against security features including AES-NI (potentially inside a SGX enclave) and KASLR (kernel address space layout randomization). Also known as the [PLATYPUS attack](https://platypusattack.com/), Intel assigned [CVE-2020-8694](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8694) and [CVE-2020-8695](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8695), and AMD assigned [CVE-2020-12912](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12912). Several mitigations were applied; Intel reduced the sampling resolution via a microcode update, and the Linux kernel [prevents access by non-root users](https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=949dd0104c496fa7c14991a23c03c62e44637e71) since 5.10. However, this kernel-based mitigation does not apply to many container-based scenarios: * Unless using user namespaces, root inside a container has the same level of privilege as root outside the container, but with a slightly more narrow view of the system * `sysfs` is mounted inside containers read-only; however only read access is needed to carry out this attack on an unpatched CPU While this is not a direct vulnerability in container runtimes, defense in depth and safe defaults are valuable and preferred, especially as this poses a risk to multi-tenant container environments running directly on affected hardware. This is provided by masking `/sys/devices/virtual/powercap` in the default mount configuration, and adding an additional set of rules to deny it in the default AppArmor profile. While `sysfs` is not the only way to read from the RAPL subsystem, other ways of accessing it require additional capabilities such as `CAP_SYS_RAWIO` which is not available to containers by default, or `perf` paranoia level less than 1, which is a non-default kernel tunable. ## References * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8694 * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8695 * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12912 * https://platypusattack.com/ * https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=949dd0104c496fa7c14991a23c03c62e44637e71 * https://web.eece.maine.edu/~vweaver/projects/rapl/ --- ### Release Notes <details> <summary>docker/docker (github.com/docker/docker)</summary> ### [`v24.0.7+incompatible`](https://togithub.com/docker/docker/compare/v24.0.6...v24.0.7) [Compare Source](https://togithub.com/docker/docker/compare/v24.0.6...v24.0.7) ### [`v24.0.6+incompatible`](https://togithub.com/docker/docker/compare/v24.0.5...v24.0.6) [Compare Source](https://togithub.com/docker/docker/compare/v24.0.5...v24.0.6) ### [`v24.0.5+incompatible`](https://togithub.com/docker/docker/compare/v24.0.4...v24.0.5) [Compare Source](https://togithub.com/docker/docker/compare/v24.0.4...v24.0.5) </details> --- ### Configuration 📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied. ♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/grafana/loki). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMS41IiwidXBkYXRlZEluVmVyIjoiMzcuMzEuNSIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	3 years ago
Shantanu Alsi	586b9042c6	Upgrade Thanos objstore, dskit and other modules (#10366 ) What this PR does / why we need it: Upgrades various common modules including dskit, thanos objstore, prometheus, etc. Fixes errors/ changes resulting due to module upgrades. This is required in order to eventually upgrade BEL dependency in GEL to point to master. Which issue(s) this PR fixes: None Special notes for your reviewer: Checklist - [x] Reviewed the [`CONTRIBUTING.md`](https://github.com/grafana/loki/blob/main/CONTRIBUTING.md) guide (required) - [ ] Documentation added - [ ] Tests updated - [x] `CHANGELOG.md` updated - [ ] If the change is worth mentioning in the release notes, add `add-to-release-notes` label - [ ] Changes that require user attention or interaction to upgrade are documented in `docs/sources/setup/upgrade/_index.md` - [ ] For Helm chart changes bump the Helm chart version in `production/helm/loki/Chart.yaml` and update `production/helm/loki/CHANGELOG.md` and `production/helm/loki/README.md`. [Example PR](`d10549e3ec`)	3 years ago
dependabot[bot]	d43c0bb23b	Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible (#9450 ) Bumps [github.com/docker/distribution](https://github.com/docker/distribution) from 2.8.1+incompatible to 2.8.2+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/distribution/releases">github.com/docker/distribution's releases</a>.</em></p> <blockquote> <h2>v2.8.2</h2> <h2>What's Changed</h2> <ul> <li>Revert registry/client: set <code>Accept: identity</code> header when getting layers by <a href="https://github.com/ndeloof"><code>@ndeloof</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3783">distribution/distribution#3783</a></li> <li>Parse <code>http</code> forbidden as denied by <a href="https://github.com/vvoland"><code>@vvoland</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3914">distribution/distribution#3914</a></li> <li>Fix <a href="https://www.cve.org/CVERecord?id=CVE-2022-28391">CVE-2022-28391</a> by bumping alpine from 3.14 to 3.16 by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> (<a href="https://redirect.github.com/distribution/distribution/pull/3650">#3650</a>)</li> <li>Fix <a href="https://www.cve.org/CVERecord?id=CVE-2023-2253">CVE-2023-2253</a> runaway allocation on /v2/_catalog by <a href="https://github.com/josegomezr"><code>@josegomezr</code></a> <a href="`521ea3d973`"><code>521ea3d9</code></a></li> <li>Fix panic in inmemory driver by <a href="https://github.com/wy65701436"><code>@wy65701436</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3815">distribution/distribution#3815</a></li> <li>bump up golang version (alternative) by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3903">distribution/distribution#3903</a></li> <li>Dockerfile: update xx to v1.2.1 by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3907">distribution/distribution#3907</a></li> <li>update to go1.19.9 by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3908">distribution/distribution#3908</a></li> <li>Add code to handle pagination of parts. Fixes max layer size of 10GB bug by <a href="https://github.com/DavidSpek"><code>@DavidSpek</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3893">distribution/distribution#3893</a></li> <li>Dockerfile: fix filenames of artifacts by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3911">distribution/distribution#3911</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/distribution/distribution/compare/v2.8.1...v2.8.2">https://github.com/distribution/distribution/compare/v2.8.1...v2.8.2</a></p> <h2>v2.8.2-beta.2</h2> <h2>What's Changed</h2> <ul> <li>Fix <a href="https://www.cve.org/CVERecord?id=CVE-2022-28391">CVE-2022-28391</a> by bumping alpine from 3.14 to 3.16 by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> (<a href="https://redirect.github.com/distribution/distribution/pull/3650">#3650</a>)</li> <li>Fix <a href="https://www.cve.org/CVERecord?id=CVE-2023-2253">CVE-2023-2253</a> runaway allocation on /v2/_catalog by <a href="https://github.com/josegomezr"><code>@josegomezr</code></a> <a href="`521ea3d973`"><code>521ea3d9</code></a></li> <li>Fix panic in inmemory driver by <a href="https://github.com/wy65701436"><code>@wy65701436</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3815">distribution/distribution#3815</a></li> <li>bump up golang version (alternative) by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3903">distribution/distribution#3903</a></li> <li>Dockerfile: update xx to v1.2.1 by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3907">distribution/distribution#3907</a></li> <li>update to go1.19.9 by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3908">distribution/distribution#3908</a></li> <li>Add code to handle pagination of parts. Fixes max layer size of 10GB bug by <a href="https://github.com/DavidSpek"><code>@DavidSpek</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3893">distribution/distribution#3893</a></li> <li>Dockerfile: fix filenames of artifacts by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3911">distribution/distribution#3911</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/distribution/distribution/compare/v2.8.1...v2.8.2-beta.2">https://github.com/distribution/distribution/compare/v2.8.1...v2.8.2-beta.2</a></p> <h2>v2.8.2-beta.1</h2> <h3><strong>NOTE: This is a pre-release that does not contain any artifacts!</strong></h3> <h2>What's Changed</h2> <ul> <li>Fix runaway allocation on /v2/_catalog by <a href="https://github.com/josegomezr"><code>@josegomezr</code></a> <a href="`521ea3d973`"><code>521ea3d9</code></a></li> <li>Fix CVE-2022-28391 by bumping alpine from 3.14 to 3.16 by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3650">distribution/distribution#3650</a></li> <li>Fix panic in inmemory driver by <a href="https://github.com/wy65701436"><code>@wy65701436</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3815">distribution/distribution#3815</a></li> <li>bump up golang version (alternative) by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3903">distribution/distribution#3903</a></li> <li>Dockerfile: update xx to v1.2.1 by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3907">distribution/distribution#3907</a></li> <li>update to go1.19.9 by <a href="https://github.com/thaJeztah"><code>@thaJeztah</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3908">distribution/distribution#3908</a></li> <li>Add code to handle pagination of parts. Fixes max layer size of 10GB bug by <a href="https://github.com/DavidSpek"><code>@DavidSpek</code></a> in <a href="https://redirect.github.com/distribution/distribution/pull/3893">distribution/distribution#3893</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/distribution/distribution/compare/v2.8.1...v2.8.2-beta.1">https://github.com/distribution/distribution/compare/v2.8.1...v2.8.2-beta.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="`7c354a4b40`"><code>7c354a4</code></a> Merge pull request <a href="https://redirect.github.com/docker/distribution/issues/3915">#3915</a> from distribution/2.8.2-release-notes</li> <li><a href="`a173a9c625`"><code>a173a9c</code></a> Add v2.8.2 release notes</li> <li><a href="`4894d35ecc`"><code>4894d35</code></a> Merge pull request <a href="https://redirect.github.com/docker/distribution/issues/3914">#3914</a> from vvoland/handle-forbidden-28</li> <li><a href="`f067f66d3d`"><code>f067f66</code></a> Merge pull request <a href="https://redirect.github.com/docker/distribution/issues/3783">#3783</a> from ndeloof/accept-encoding-28</li> <li><a href="`483ad69da3`"><code>483ad69</code></a> registry/errors: Parse http forbidden as denied</li> <li><a href="`2b0f84df21`"><code>2b0f84d</code></a> Revert "registry/client: set Accept: identity header when getting layers"</li> <li><a href="`320d6a141f`"><code>320d6a1</code></a> Merge pull request <a href="https://redirect.github.com/docker/distribution/issues/3912">#3912</a> from distribution/2.8.2-beta.2-release-notes</li> <li><a href="`5f3ca1b2fb`"><code>5f3ca1b</code></a> Add release notes for 2.8.2-beta.2 release</li> <li><a href="`cb840f63b3`"><code>cb840f6</code></a> Merge pull request <a href="https://redirect.github.com/docker/distribution/issues/3911">#3911</a> from thaJeztah/2.8_backport_fix_releaser_filenames</li> <li><a href="`e884644fff`"><code>e884644</code></a> Dockerfile: fix filenames of artifacts</li> <li>Additional commits viewable in <a href="https://github.com/docker/distribution/compare/v2.8.1...v2.8.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/docker/distribution&package-manager=go_modules&previous-version=2.8.1+incompatible&new-version=2.8.2+incompatible)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/grafana/loki/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	3 years ago
dependabot[bot]	e9bc461c63	Bump github.com/docker/docker from 20.10.23+incompatible to 23.0.3+incompatible (#9035 ) Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.23+incompatible to 23.0.3+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/docker/releases">github.com/docker/docker's releases</a>.</em></p> <blockquote> <h2>v23.0.3</h2> <h2>23.0.3</h2> <blockquote> <p><strong>Note</strong></p> <p>Due to an issue with CentOS 9 Stream's package repositories, packages for CentOS 9 are currently unavailable. Packages for CentOS 9 may be added later, or as part of the next (23.0.4) patch release.</p> </blockquote> <h3>Bug fixes and enhancements</h3> <ul> <li>Fixed a number of issues that can cause Swarm encrypted overlay networks to fail to uphold their guarantees, addressing <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28841">CVE-2023-28841</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28840">CVE-2023-28840</a>, and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28842">CVE-2023-28842</a>. <ul> <li>A lack of kernel support for encrypted overlay networks now reports as an error.</li> <li>Encrypted overlay networks are eagerly set up, rather than waiting for multiple nodes to attach.</li> <li>Encrypted overlay networks are now usable on Red Hat Enterprise Linux 9 through the use of the <code>xt_bpf</code> kernel module.</li> <li>Users of Swarm overlay networks should review <a href="https://github.com/moby/moby/security/advisories/GHSA-vwm3-crmr-xfxw">GHSA-vwm3-crmr-xfxw</a> to ensure that unintentional exposure has not occurred.</li> </ul> </li> </ul> <h3>Packaging Updates</h3> <ul> <li>Update containerd to <a href="https://github.com/containerd/containerd/releases/tag/v1.6.20">v1.6.20</a>.</li> <li>Update runc to <a href="https://github.com/opencontainers/runc/releases/tag/v1.1.5">v1.1.5</a>.</li> </ul> <h2>v23.0.2</h2> <h2>23.0.2</h2> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/milestone/75?closed=1">docker/cli, 23.0.2 milestone</a></li> <li><a href="https://github.com/moby/moby/milestone/114?closed=1">moby/moby, 23.0.2 milestone</a></li> </ul> <h3>Bug fixes and enhancements</h3> <ul> <li>Fully resolve missing checks for <code>apparmor_parser</code> when an AppArmor enabled kernel is detected. <a href="https://redirect.github.com/containerd/containerd/pull/8087">containerd/containerd#8087</a>, <a href="https://redirect.github.com/moby/moby/pull/45043">moby/moby#45043</a></li> <li>Ensure that credentials are redacted from Git URLs when generating BuildKit buildinfo. Fixes <a href="https://github.com/moby/buildkit/security/advisories/GHSA-gc89-7gcr-jxqc">CVE-2023-26054</a>. <a href="https://redirect.github.com/moby/moby/pull/45110">moby/moby#45110</a></li> <li>Fix anonymous volumes created by a <code>VOLUME</code> line in a Dockerfile being excluded from volume prune. <a href="https://redirect.github.com/moby/moby/pull/45159">moby/moby#45159</a></li> <li>Fix a failure to properly propagate errors during removal of volumes on a Swarm node. <a href="https://redirect.github.com/moby/moby/pull/45155">moby/moby#45155</a></li> <li>Temporarily work around a bug in BuildKit <code>COPY --link</code> by disabling mergeop/diffop optimization. <a href="https://redirect.github.com/moby/moby/pull/45112">moby/moby#45112</a></li> <li>Properly clean up child tasks when a parent Swarm job is removed. <a href="https://redirect.github.com/moby/swarmkit/pull/3112">moby/swarmkit#3112</a>, <a href="https://redirect.github.com/moby/moby/pull/45107">moby/moby#45107</a></li> <li>Fix Swarm service creation logic so that both a GenericResource and a non-default network can be used together. <a href="https://redirect.github.com/moby/swarmkit/pull/3082">moby/swarmkit#3082</a>, <a href="https://redirect.github.com/moby/moby/pull/45107">moby/moby#45107</a></li> <li>Fix Swarm CSI support requiring the CSI plugin to offer staging endpoints in order to publish a volume. <a href="https://redirect.github.com/moby/swarmkit/pull/3116">moby/swarmkit#3116</a>, <a href="https://redirect.github.com/moby/moby/pull/45107">moby/moby#45107</a></li> <li>Fix a panic caused by log buffering in some configurations. <a href="https://redirect.github.com/containerd/fifo/pull/47">containerd/fifo#47</a>, <a href="https://redirect.github.com/moby/moby/pull/45051">moby/moby#45051</a></li> <li>Log errors in the REST to Swarm gRPC API translation layer at the debug level to reduce redundancy and noise. <a href="https://redirect.github.com/moby/moby/pull/45016">moby/moby#45016</a></li> <li>Fix a DNS resolution issue affecting containers created with <code>--dns-opt</code> or <code>--dns-search</code> when <code>systemd-resolved</code> is used outside the container. <a href="https://redirect.github.com/moby/moby/pull/45000">moby/moby#45000</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="`59118bff50`"><code>59118bf</code></a> Merge pull request from GHSA-232p-vwff-86mp</li> <li><a href="`219f21bf07`"><code>219f21b</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/45196">#45196</a> from vvoland/integration-restart-race-23</li> <li><a href="`b87f7f18b8`"><code>b87f7f1</code></a> libnet/d/overlay: insert the input-drop rule</li> <li><a href="`c6bf3071fe`"><code>c6bf307</code></a> StartWithLogFile: Fix d.cmd race</li> <li><a href="`7f49ca259b`"><code>7f49ca2</code></a> TestDaemonRestartKillContainers: Fix loop capture</li> <li><a href="`98cbcb8003`"><code>98cbcb8</code></a> libnet/d/overlay: add BPF-powered VNI matcher</li> <li><a href="`5c5fac2374`"><code>5c5fac2</code></a> libnet/d/overlay: extract VNI match rule builder</li> <li><a href="`c492a22287`"><code>c492a22</code></a> libn/d/overlay: enforce encryption on sandbox init</li> <li><a href="`018edb0284`"><code>018edb0</code></a> libnet/d/overlay: document some encryption code</li> <li><a href="`a1fd2f22f6`"><code>a1fd2f2</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/45157">#45157</a> from thaJeztah/23.0_backport_update_shfmt</li> <li>Additional commits viewable in <a href="https://github.com/docker/docker/compare/v20.10.23...v23.0.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/docker/docker&package-manager=go_modules&previous-version=20.10.23+incompatible&new-version=23.0.3+incompatible)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Michel Hollands <42814411+MichelHollands@users.noreply.github.com>	3 years ago
Bryan Boreham	6fd4b5e89b	Update prometheus/prometheus from 2.41 to 2.42 (#8571 ) What this PR does / why we need it: Brings in the latest updates from upstream. These open up some opportunities for optimisations in TSDB indexing. Dependencies updated: * github.com/Azure/go-autorest/autorest/adal v0.9.21 -> v0.9.22 (comment-only change) * github.com/docker/docker v20.10.21 -> v20.10.23 (fixing filters bug) * golang.org/x/exp fae10dda9338 -> d38c7dcee874 (optimisations in `BinarySearch` function) Indirect dependencies also updated: * github.com/digitalocean/godo v1.91.1 -> v1.95.0 (nothing alarming in [release notes](https://github.com/digitalocean/godo/releases)) * github.com/google/pprof aee1124e3a93 -> 76d1ae5aea2b (no changes pulled into vendor) * golang.org/x/tools v0.4.0 -> v0.5.0 (relating to Go compiler utilities) * google.golang.org/genproto 76db0878b65f -> 31e0e69b6fc2 * k8s.io/api v0.26.0 -> v0.26.1 (comment-only change) * k8s.io/apimachinery v0.26.0 -> v0.26.1 (no changes pulled into vendor) * k8s.io/client-go v0.26.0 -> v0.26.1 (small fixes) Special notes for your reviewer: A couple of interfaces changed; these have required matching changes in Loki code. Those changes are split into separate commits. I also note that most calls to `relabel` ignore when the rule says "drop". Maybe this is wrong?	3 years ago
Bryan Boreham	560440a58d	Update Prometheus to v2.41, plus dependencies (#8290 )	3 years ago
Robert Fratto	85392a9728	Update Prometheus dependency to latest release (v2.40.4) (#7826 ) Closes #7811, which is needed for Grafana Agent to update to v2.40 and add support for native histograms. I did not add support for native histograms to Loki, sorry :)	4 years ago
Robert Fratto	2208ea7147	Update Prometheus dependency to latest release (v2.39.1) (#7425 )	4 years ago
Fabian Kulmann	96a3e77901	Bump github.com/docker/docker to v20.10.17 (#6975 ) <!-- Thanks for sending a pull request! Before submitting: 1. Read our CONTRIBUTING.md guide 2. Name your PR as `<Feature Area>: Describe your change`. a. Do not end the title with punctuation. It will be added in the changelog. b. Start with an imperative verb. Example: Fix the latency between System A and System B. c. Use sentence case, not title case. d. Use a complete phrase or sentence. The PR title will appear in a changelog, so help other people understand what your change will be. 3. Rebase your PR if it gets out of sync with main --> What this PR does / why we need it: The `v20.10.17` release of moby (`github.com/docker/docker` in go.mod) fixed several CVEs described in their [release notes](https://github.com/moby/moby/releases/tag/v20.10.17). This PR upgrades the dependency to that version. Which issue(s) this PR fixes: N/A Special notes for your reviewer: N/A <!-- Note about CHANGELOG entries, if a change adds: * an important feature * fixes an issue present in a previous release, * causes a change in operation that would be useful for an operator of Loki to know then please add a CHANGELOG entry. For documentation changes, build changes, simple fixes etc please skip this step. We are attempting to curate a changelog of the most relevant and important changes to be easier to ingest by end users of Loki. Note about the upgrade guide, if this changes: * default configuration values * metric names or label names * changes existing log lines such as the metrics.go query output line * configuration parameters * anything to do with any API * any other change that would require special attention or extra steps to upgrade Please document clearly what changed AND what needs to be done in the upgrade guide. --> Checklist - [ ] Documentation added - [ ] Tests updated - [ ] Is this an important fix or new feature? Add an entry in the `CHANGELOG.md`. - [ ] Changes that require user attention or interaction to upgrade are documented in `docs/sources/upgrading/_index.md`	4 years ago
Jesus Vazquez	db9dbe8e1d	Bump prometheus dependency (#6403 ) * Bump prometheus dependency We had to add a replace of prometheus in go mod because thanos is importing an older version and then replacing it. * Undo textparser.New variable mismatch * modtimevfs path update * Fix labels withlabels and withoutlabels usages WithoutLabels and WithLabels methods have dissappeared. Now labels.NewBuilder has to be used. * Fix RuleManager interface for Update() Update now accepts a new param called ruleGroupPostProcessFunc which is an optional function to be executed after rule group processing. In this case I've set it to nil in the usages i've found. * NewQueryRange now accepts QueryOpts The NewQueryRange function now accepts QueryOptions so I had to update all the calls. I've set the opts to nil since we're not using them. * gofmt	4 years ago
Karsten Jeschkies	4716eea0db	Provide Docker target and discovery in Promtail. (#4911 ) What this PR does / why we need it: This patch adds support to fetch Docker container logs through the Docker daemon API. This should be more robust than the Loki Docker driver or scraping the logs files. The new Docker target will also collect meta information of the scraped containers. Which issue(s) this PR fixes: Addresses #2361 Closes #4703 Special notes for your reviewer: Checklist - [x] Documentation added - [x] Tests updated - [x] Add an entry in the `CHANGELOG.md` about the changes.	4 years ago
Callum Styan	6da518c728	Update to go 1.17; go mod vendor required (#4487 ) Signed-off-by: Callum Styan <callumstyan@gmail.com>	5 years ago
Mauro Stettler	4b59556342	Update cortex to newer version (#4478 ) * update cortex and thanos to newer version * pin k8s.io/apimachinery * fixes for newer libs * add missing method to mock wal data collector * fixing test by using different gokit level pkg * make check-mod	5 years ago
Arve Knudsen	3e385464c6	Chore: Upgrade Prometheus and Cortex (#4017 ) * Chore: Upgrade Prometheus Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Upgrade Cortex Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Upgrade Cortex Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Fix build errors Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Fix build errors Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Fix build errors Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Undo unnecessary changes Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	5 years ago
Sandeep Sukhani	d765921735	revendor cortex to latest master (#3771 )	5 years ago
Michel Hollands	9137ef921b	Update cortex to 1.8 (#3627 ) * Update Cortex to 1.8.1 Signed-off-by: Michel Hollands <michel.hollands@grafana.com> * Tidy up Signed-off-by: Michel Hollands <michel.hollands@grafana.com> * Update changelog Signed-off-by: Michel Hollands <michel.hollands@grafana.com>	5 years ago
Jacob Lisi	c3d1937eab	update vendored cortex and add new replace overrides (#3256 ) * update vendored cortex and add new replace overrides Signed-off-by: Jacob Lisi <jacob.t.lisi@gmail.com> * update upstream function to new package Signed-off-by: Jacob Lisi <jacob.t.lisi@gmail.com> * update all moved functions Signed-off-by: Jacob Lisi <jacob.t.lisi@gmail.com> * update math to util_math Signed-off-by: Jacob Lisi <jacob.t.lisi@gmail.com>	5 years ago
Owen Diehl	607ccc4d77	Service discovery refactor (#2761 ) * promtail sd loading refactor + tests * flippin bools like flipper * adds back base scrapeconfig test * passes all service discovery variants	6 years ago
Owen Diehl	54c0c5febb	Revendor Cortex (#2755 ) * replaces prometheus & revendors cortex * compat * compat * sd refactor * updates docker * removes prom replace * adds delimiters back to object addrs in boltdb	6 years ago
Aditya C S	0885a49370	configuration doc improvements (#2318 )	6 years ago
Periklis Tsirakidis	bc4f1f5833	Add support for memberlist dns-based discovery (#2288 ) * Bump cortex to 0ea5a8b5 to enable memberlist dns-based discovery * Update docs for memberlist config DNS-based discovery support * Fix mock chunk store client DeleteChunk signature	6 years ago
Cyril Tovena	4153740a12	Loki Query Frontend (#1442 ) * Adds frontend to Loki. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Improves tests. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Fixes sneaky bug in entries sorting. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Fixes the split by interval. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Tweak jsonnet deployments and add a way to lint/fmt. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * lint. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * fix timezone issue. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Improve tests and rollback change in loghttp package. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Fixes a flaky test that might run one more goroutine. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Fixes windows build. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Improve tracing in the split by interval. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Add test stream to proto conversion. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Fixes flappy retry test. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Remove err shadowing in stopQueryFrontend as it was confusing. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Refactor grpc message size in the libsonnet config file. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Don't check auth header for GRPC TransferChunks. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Query frontend (#3) * frontend codec merging optimizations * codec benchmarks * removes unused bounds code in queryrange ordering * [wip] splitby uses channels instead of sub batching intervals * splitBy channel limit test * single allocation for merging entries from a single stream * skip merging loki responses when limit is already hit * removes checks for unlimited queries in queryrange * removes splitByInterval{,.interval} spans * removes interval_batch_size from jsonnet lib * moves benchmark utils to own file * renames markers -> entries * priority queue comments * Removes unused logRequest. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Sets the cache interval to the same split interval. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Missing import libsonnet for the frontend. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> * Frontend should not be a cluster IP. Signed-off-by: Cyril Tovena <cyril.tovena@gmail.com> Co-authored-by: Owen Diehl <ow.diehl@gmail.com>	6 years ago
Joe Elliott	fc6c5c063f	dep => go mod (#1062 ) * go mod files added. dep removed Signed-off-by: Joe Elliott <number101010@gmail.com> * Magically got prometheus version to stick Signed-off-by: Joe Elliott <number101010@gmail.com> * Cortex updated and prometheus updated Signed-off-by: Joe Elliott <number101010@gmail.com> * Updated prometheus dependency Signed-off-by: Joe Elliott <number101010@gmail.com> * Added additional deps Signed-off-by: Joe Elliott <number101010@gmail.com> * Added two replaces from Gopkg.toml. Tests passing Signed-off-by: Joe Elliott <number101010@gmail.com> * Added deps Signed-off-by: Joe Elliott <number101010@gmail.com> * Updated build image to 1.12 Signed-off-by: Joe Elliott <number101010@gmail.com> * Updated golangci-lint to use vendored dependencies Signed-off-by: Joe Elliott <number101010@gmail.com> * Added check-mod makefile step and referenced in drone and circle ci configs Signed-off-by: Joe Elliott <number101010@gmail.com> * Updated loki-build-image to 1.12 Signed-off-by: Joe Elliott <number101010@gmail.com> * Fixed linting error. Force go111module on for linting Signed-off-by: Joe Elliott <number101010@gmail.com> * go mod vendor Signed-off-by: Joe Elliott <number101010@gmail.com> * Forced the inclusion of modtimevfs Signed-off-by: Joe Elliott <number101010@gmail.com> * Pin client-go due to issue with v12 go.mod Signed-off-by: Joe Elliott <number101010@gmail.com> * go mod tidy Signed-off-by: Joe Elliott <number101010@gmail.com> * Added check-mod to drone Signed-off-by: Joe Elliott <number101010@gmail.com> * Re-readded correct golang client Signed-off-by: Joe Elliott <number101010@gmail.com> * go mod tidy Signed-off-by: Joe Elliott <number101010@gmail.com> * Pinned golang/x/net to avoid proxy errors Signed-off-by: Joe Elliott <number101010@gmail.com> * Removed check-mod from all. Not necessary for tests Signed-off-by: Joe Elliott <number101010@gmail.com> * Updated go.sum to match new pin Signed-off-by: Joe Elliott <number101010@gmail.com> * Upgraded proto to match build image Signed-off-by: Joe Elliott <number101010@gmail.com> * Force check-mod to wait til after test and lint are successful Signed-off-by: Joe Elliott <number101010@gmail.com> * Added mod vendor to go builds to force usage of vendored dependencies Signed-off-by: Joe Elliott <number101010@gmail.com> * Turn on gomodules on all builds Signed-off-by: Joe Elliott <number101010@gmail.com> * Revert "Added mod vendor to go builds to force usage of vendored dependencies" This reverts commit 65865a24c9a23133e0fa52942f2828ead7c22147. * Moved builds out of the gopath to enforce vendor usage Signed-off-by: Joe Elliott <number101010@gmail.com> * Revert "Turn on gomodules on all builds" This reverts commit b5847f0158e928e935e0b3c1b1d4eaba840ca3dc. * Explicitly choose build image for docker driver Signed-off-by: Joe Elliott <number101010@gmail.com> * Updated golang.org/x/sys to match prometheus's version to fix promtail windows compilation Signed-off-by: Joe Elliott <number101010@gmail.com> * Added fluentbit dependency Signed-off-by: Joe Elliott <number101010@gmail.com> * Added dependency management clause Signed-off-by: Joe Elliott <number101010@gmail.com> * Updated go version in contributing Signed-off-by: Joe Elliott <number101010@gmail.com> * Added phony makefile targets Signed-off-by: Joe Elliott <number101010@gmail.com> * Circle CI is increasingly failing linting Signed-off-by: Joe Elliott <number101010@gmail.com> * Force vendored deps on builds Signed-off-by: Joe Elliott <number101010@gmail.com> * Added logcli to gitignore Signed-off-by: Joe Elliott <number101010@gmail.com> * Reduced concurrency to help CircleCI Signed-off-by: Joe Elliott <number101010@gmail.com> * Moved drone builds out of GOPATH to force use of go module Signed-off-by: Joe Elliott <number101010@gmail.com> * Added mod vendor to prevent go clean from redownloading all packages Signed-off-by: Joe Elliott <number101010@gmail.com> * Added to test as well Signed-off-by: Joe Elliott <number101010@gmail.com> * Added mod-vendor to final go commands Signed-off-by: Joe Elliott <number101010@gmail.com> * Moved fluent-bit out of GO_PATH to force go modules Signed-off-by: Joe Elliott <number101010@gmail.com> * Pass mod vendor to the last holdout: go generate Signed-off-by: Joe Elliott <number101010@gmail.com> * Updated ugorji/go to 1.17 to avoid version regression Signed-off-by: Joe Elliott <number101010@gmail.com> * go mod tidy and go mod vendor for ugorji/go Signed-off-by: Joe Elliott <number101010@gmail.com>	7 years ago
Cyril Tovena	2909fe54e1	Docker Logging Driver (#663 ) * adds first version of docker driver * without logrus and fixes some linter issue * fix the driver and start a build system * adds swarm label discovery * Add documentation and more targets * make the linter happy ❤️ * indent config.json * with circleci steps for master and branch * Review Feebacks	7 years ago
Tom Wilkie	ae488b4d1b	Update vendor Signed-off-by: Tom Wilkie <tom.wilkie@gmail.com>	8 years ago
Tom Wilkie	aa44de07bb	Move promtail from kausalco/public, update it for prometheus changes. Signed-off-by: Tom Wilkie <tom.wilkie@gmail.com>	8 years ago

41 Commits (c8a15f451ce4d892abfebba854d6bc9c748e8b8a)