)]}'
{
  "log": [
    {
      "commit": "8b0431a9d22b1f2bb8ab3e6eb66ffda5ca4a2ea9",
      "tree": "9ce1dd78a249056144e83e0884eb19b6febcda18",
      "parents": [
        "b682ba55d4a51babad2beebb470b0fef0e6067ca"
      ],
      "author": {
        "name": "Lorenz Brun",
        "email": "lorenz@nexantic.com",
        "time": "Mon Jul 13 16:56:36 2020 +0200"
      },
      "committer": {
        "name": "Lorenz Brun",
        "email": "lorenz@nexantic.com",
        "time": "Mon Jul 13 16:56:36 2020 +0200"
      },
      "message": "Implement image preseeding\n\nThis pulls in the infrastructure to build OCI bundles with Bazel and adds a loader to\nload them into containerd at runtime.\n\nTest Plan: New E2E test using a simple hello world Go image.\n\nBug: T793\n\nX-Origin-Diff: phab/D585\nGitOrigin-RevId: 3bc5e35a89a80a9683778ced72cc79e2d0b684ed\n"
    },
    {
      "commit": "c2c7ad97b50194a550e77b875570ece90259f4ea",
      "tree": "cc0d43c49c5d1cb787adf5c548c589fa50e9e72e",
      "parents": [
        "efdb6e9da9ed4d575afe72fde02a27817eca37c4"
      ],
      "author": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Mon Jul 13 17:20:09 2020 +0200"
      },
      "committer": {
        "name": "Serge Bazanski",
        "email": "serge@nexantic.com",
        "time": "Mon Jul 13 17:20:09 2020 +0200"
      },
      "message": "core/internal: move containerd and kubernetes to localstorage\n\nThis moves the last users of the old \u0027storage\u0027 library onto \u0027localstorage\u0027. We move a lot of \u0027runtime\u0027 directories to a single `/ephemeral` root. This could be called `/run`, but that might imply FHS compliance - which we don\u0027t have, nor want to have.\n\nWe also slightly refactor Kubernetes services to be a bit nicer to spawn. But generally, this is a pure refactor, with no functional changes.\n\nTest Plan: this should fail. part of a larger stack. D590 is the first tip of the stack that should work.\n\nX-Origin-Diff: phab/D589\nGitOrigin-RevId: d2a7c0bb52c2a7c753199221c609e03474936c22\n"
    },
    {
      "commit": "f042e6f95bb7dc771bf79f309dbdf0b34da933da",
      "tree": "f18c60fb92202ce2d5ec7041c85579865a81509d",
      "parents": [
        "b876fc31f12628562a51c70668b318b9fc50478b"
      ],
      "author": {
        "name": "Lorenz Brun",
        "email": "lorenz@nexantic.com",
        "time": "Wed Jun 24 16:46:09 2020 +0200"
      },
      "committer": {
        "name": "Lorenz Brun",
        "email": "lorenz@nexantic.com",
        "time": "Wed Jun 24 16:46:09 2020 +0200"
      },
      "message": "Add Wireguard-based K8s pod networking\n\nThis adds a pod networking runnable based on Wireguard which watches all nodes\nand adds their K8s IPAM allocations as routes into the kernel \u0026 WireGuard. It only depends\non K8s and only performs direct routing.\n\nTest Plan: Manually tested by spinning up a two-node cluster and running two Alpine pods pinging eachother. Can be covered by E2E tests once we can do image preseeding for the test infra (T793).\n\nBug: T487\n\nX-Origin-Diff: phab/D573\nGitOrigin-RevId: ba3fc36f421fd75002f6cf8bea25ed6f1eb457b0\n"
    },
    {
      "commit": "b876fc31f12628562a51c70668b318b9fc50478b",
      "tree": "b7f4001c6ab56712dd26473b216e74222b1903f0",
      "parents": [
        "78fd97294dbc8bbf5ef1a490b2d7b7ad96fddcae"
      ],
      "author": {
        "name": "Lorenz Brun",
        "email": "lorenz@nexantic.com",
        "time": "Tue Jul 14 13:54:01 2020 +0200"
      },
      "committer": {
        "name": "Lorenz Brun",
        "email": "lorenz@nexantic.com",
        "time": "Tue Jul 14 13:54:01 2020 +0200"
      },
      "message": "Update containerd to 1.4.0-beta.2 and K8s to 1.19.0-rc.0\n\nThis unbreaks bbolt (as part of containerd) on 1.14+ (see https://github.com/etcd-io/bbolt/pull/201 and\nhttps://github.com/etcd-io/bbolt/pull/220), pulls in my patch to ignore image-defined volumes\n(https://github.com/containerd/cri/pull/1504) and gets us some robustness fixes in containerd CNI/CRI integration\n(https://github.com/containerd/cri/pull/1405). This also updates K8s at the same time since they share a lot of\ndependencies and only updating one is very annoying. On the K8s side we mostly get the standard stream of fixes\nplus some patches that are no longer necessary.\n\nOne annoying on the K8s side (but with no impact to the functionality) are these messages in the logs of various\ncomponents:\n```\nW0714 11:51:26.323590       1 warnings.go:67] policy/v1beta1 PodSecurityPolicy is deprecated in v1.22+, unavailable in v1.25+\n```\nThey are caused by KEP-1635, but there\u0027s not explanation why this gets logged so aggressively considering the operators\ncannot do anything about it. There\u0027s no newer version of PodSecurityPolicy and you are pretty much required to use it if\nyou use RBAC.\n\nTest Plan: Covered by existing tests\n\nBug: T753\n\nX-Origin-Diff: phab/D597\nGitOrigin-RevId: f6c447da1de037c27646f9ec9f45ebd5d6660ab0\n"
    },
    {
      "commit": "6acfc323aa74a424220907218cfa7f303b6992cc",
      "tree": "abb236a6ff03f48907c3feb398a1fac70212cf64",
      "parents": [
        "878f5f9e5f9de93b09d354db7d116fd3d558dbfa"
      ],
      "author": {
        "name": "Lorenz Brun",
        "email": "lorenz@nexantic.com",
        "time": "Wed May 13 17:01:26 2020 +0200"
      },
      "committer": {
        "name": "Lorenz Brun",
        "email": "lorenz@nexantic.com",
        "time": "Wed May 13 17:01:26 2020 +0200"
      },
      "message": "Add support for gVisor logging\n\nTest Plan: Started Container using `bazel run //core/cmd/dbg -- kubectl run -i busybox --image\u003dbusybox test`, then observed logs using `bazel run //core/cmd/dbg logs containerd.runsc`\n\nX-Origin-Diff: phab/D527\nGitOrigin-RevId: 10dfa1704cbc18becc2005e7b38cc881e6ec50b5\n"
    },
    {
      "commit": "878f5f9e5f9de93b09d354db7d116fd3d558dbfa",
      "tree": "994b67ea5264f7e38bb67e9043a369454eaab75d",
      "parents": [
        "9a741a861a4cb5c52b0251a4abf3a2c606b06198"
      ],
      "author": {
        "name": "Lorenz Brun",
        "email": "lorenz@nexantic.com",
        "time": "Tue May 12 16:15:39 2020 +0200"
      },
      "committer": {
        "name": "Lorenz Brun",
        "email": "lorenz@nexantic.com",
        "time": "Tue May 12 16:15:39 2020 +0200"
      },
      "message": "Add Kubernetes Worker and infrastructure\n\nAdds Kubernetes Kubelet with patches for syscall-based mounting and\nsyscall-based (and much faster) metrics. fsquota patches have been\ndeferred to a further revision (for robust emptyDir capacity isolation).\n\nChanges encoding of the node ID to hex since Base64-URL is not supported\nas a character set for K8s names. Also adds `/etc/machine-id` and\n`/etc/os-release` since Kubernetes wants them. `os-release` is generated\nby stamping, `machine-id` is the hex-encoded node ID derived from the\npublic key.\n\nAlso includes a primitive reconciler which automatically ensures a set of\nbuilt-in Kubernetes objects are always present. Currently this includes\na PSP and some basic RBAC policies that are elementary to proper cluster\noperations.\n\nAdds an additional gRPC service (NodeDebugService) to cleanly\ncommunicate with external debug and test tooling. It supports reading\nfrom logbuffers for all externally-run components, checking conditions\n(for replacing log matching in testing and debugging) and getting\ndebug credentials for the Kubernetes cluster.\n\nA small utility (dbg) is provided that interfaces with NodeDebugService\nand provides access to its functions from the CLI. It also incorporates\na kubectl wrapper which directly grabs credentials from the Debug API\nand passes them to kubectl\n(e.g. `bazel run //core/cmd/dbg -- kubectl describe node`).\n\nTest Plan:\nManually tested.\nKubernetes:\n`bazel run //core/cmd/dbg -- kubectl create -f test.yml`\n\nChecked that pods run, logs are accessible and exec works.\n\nReading buffers:\n`bazel run //core/cmd/dbg -- logs containerd`\n\nOutputs containerd logs in the right order.\n\nAutomated testing is in the works, but has been deferred to a future\nrevision because this one is already too big again.\n\nX-Origin-Diff: phab/D525\nGitOrigin-RevId: 0fbfa0c433de405526c7f09ef10c466896331328\n"
    },
    {
      "commit": "c88c82db8b1a7f8a07782c970e1d0dfb453f9f66",
      "tree": "22072c4f18e4aaa855577ff0b42a86ef77a9c4cb",
      "parents": [
        "60febd9db40970a31a2f49bdb969897a37c11cc6"
      ],
      "author": {
        "name": "Lorenz Brun",
        "email": "lorenz@nexantic.com",
        "time": "Fri May 08 14:35:04 2020 +0200"
      },
      "committer": {
        "name": "Lorenz Brun",
        "email": "lorenz@nexantic.com",
        "time": "Fri May 08 14:35:04 2020 +0200"
      },
      "message": "Add containerd \u0026 gVisor support\n\nThis adds containerd, CNI, gVisor and all the necessary shims\nand supporting infrastructure. It also enables all relevant features in\nthe Linux kernel. containerd is designed as a simple supervisor.Runnable.\nIt is not being started yet, this will happen in D497.\n\nSplit out from feature/kubelet.\n\nTest Plan:\nHas been tested in conjunction with the rest of D497, will be\ncovered by a K8s E2E test there.\n\nX-Origin-Diff: phab/D509\nGitOrigin-RevId: 92523516b7e361a30da330eb187787e6045bfd17\n"
    }
  ]
}