From 90e7232c8e15d740db0211317a198d70a73fcc5b Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 29 Oct 2025 14:38:17 +0100 Subject: [PATCH] Dockerfile: update runc binary to v1.3.2 Update the version used in CI and for the static binaries. - release notes: https://github.com/opencontainers/runc/releases/tag/v1.3.2 - full diff: https://github.com/opencontainers/runc/compare/v1.3.0...v1.3.2 Signed-off-by: Sebastiaan van Stijn --- Dockerfile | 5 +++-- hack/dockerfile/install/runc.installer | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index aabf2ff468..917ef9d095 100644 --- a/Dockerfile +++ b/Dockerfile @@ -250,10 +250,11 @@ RUN --mount=source=hack/dockerfile/cli.sh,target=/download-or-build-cli.sh \ FROM base AS runc-src WORKDIR /usr/src/runc RUN git init . && git remote add origin "https://github.com/opencontainers/runc.git" -# RUNC_VERSION should match the version that is used by the containerd version +# RUNC_VERSION sets the version of runc to install in the dev-container. +# This version should usually match the version that is used by the containerd version # that is used. If you need to update runc, open a pull request in the containerd # project first, and update both after that is merged. -ARG RUNC_VERSION=v1.3.0 +ARG RUNC_VERSION=v1.3.2 RUN git fetch -q --depth 1 origin "${RUNC_VERSION}" +refs/tags/*:refs/tags/* && git checkout -q FETCH_HEAD FROM base AS runc-build diff --git a/hack/dockerfile/install/runc.installer b/hack/dockerfile/install/runc.installer index 155637fd78..dac4f57452 100755 --- a/hack/dockerfile/install/runc.installer +++ b/hack/dockerfile/install/runc.installer @@ -7,7 +7,7 @@ set -e # The version of runc should match the version that is used by the containerd # version that is used. If you need to update runc, open a pull request in # the containerd project first, and update both after that is merged. -: "${RUNC_VERSION:=v1.3.0}" +: "${RUNC_VERSION:=v1.3.2}" install_runc() { RUNC_BUILDTAGS="${RUNC_BUILDTAGS:-"seccomp"}"