From a588140bc617cd000ff00aa5859f50b61c5f38b8 Mon Sep 17 00:00:00 2001 From: Nitesh Konkar Date: Tue, 25 Sep 2018 01:39:43 +0530 Subject: [PATCH 1/2] ci: Improve debugging info on travis CI run Fixes: #174 Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com --- .ci/run.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ci/run.sh b/.ci/run.sh index fb0b70e073..ed87a4edfa 100755 --- a/.ci/run.sh +++ b/.ci/run.sh @@ -12,4 +12,4 @@ export GOPATH="${GOPATH:-/tmp/go}" script_dir="$(dirname $(readlink -f $0))" -sudo -E PATH="$PATH" bash "${script_dir}/../tests/test_images.sh" +sudo -E PATH="$PATH" bash -x "${script_dir}/../tests/test_images.sh" From 7f2371858c062c020507e7b5b331da677ce70ecf Mon Sep 17 00:00:00 2001 From: Nitesh Konkar Date: Fri, 9 Nov 2018 00:27:44 +0530 Subject: [PATCH 2/2] rootfs: Conditionally add libseccomp support in rootfs image If the rootfs is built with SECCOMP=yes environment variable then include libseccomp package inside the rootfs image. Else do not include it. Fixes: #155 Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com --- rootfs-builder/alpine/config.sh | 2 ++ rootfs-builder/centos/config.sh | 2 ++ rootfs-builder/clearlinux/config.sh | 2 ++ rootfs-builder/euleros/config.sh | 2 ++ rootfs-builder/fedora/config.sh | 2 ++ rootfs-builder/rootfs.sh | 3 ++- rootfs-builder/ubuntu/config.sh | 2 ++ 7 files changed, 14 insertions(+), 1 deletion(-) diff --git a/rootfs-builder/alpine/config.sh b/rootfs-builder/alpine/config.sh index 117669baa1..2b8d69a174 100644 --- a/rootfs-builder/alpine/config.sh +++ b/rootfs-builder/alpine/config.sh @@ -22,3 +22,5 @@ INIT_PROCESS=kata-agent # List of zero or more architectures to exclude from build, # as reported by `uname -m` ARCH_EXCLUDE_LIST=() + +[ "$SECCOMP" = "yes" ] && PACKAGES+=" libseccomp" || true diff --git a/rootfs-builder/centos/config.sh b/rootfs-builder/centos/config.sh index 75f6cc1bd4..07637a9611 100644 --- a/rootfs-builder/centos/config.sh +++ b/rootfs-builder/centos/config.sh @@ -34,3 +34,5 @@ INIT_PROCESS=systemd # List of zero or more architectures to exclude from build, # as reported by `uname -m` ARCH_EXCLUDE_LIST=() + +[ "$SECCOMP" = "yes" ] && PACKAGES+=" libseccomp" || true diff --git a/rootfs-builder/clearlinux/config.sh b/rootfs-builder/clearlinux/config.sh index 5deab3783d..9f534c9a35 100644 --- a/rootfs-builder/clearlinux/config.sh +++ b/rootfs-builder/clearlinux/config.sh @@ -27,3 +27,5 @@ INIT_PROCESS=systemd # List of zero or more architectures to exclude from build, # as reported by `uname -m` ARCH_EXCLUDE_LIST=(ppc64le) + +[ "$SECCOMP" = "yes" ] && PACKAGES+=" libseccomp" || true diff --git a/rootfs-builder/euleros/config.sh b/rootfs-builder/euleros/config.sh index d6f849dc28..d6b412317d 100644 --- a/rootfs-builder/euleros/config.sh +++ b/rootfs-builder/euleros/config.sh @@ -25,3 +25,5 @@ ARCH_EXCLUDE_LIST=() # Allow the build to fail without generating an error. # For more info see: https://github.com/kata-containers/osbuilder/issues/190 BUILD_CAN_FAIL=1 + +[ "$SECCOMP" = "yes" ] && PACKAGES+=" libseccomp" || true diff --git a/rootfs-builder/fedora/config.sh b/rootfs-builder/fedora/config.sh index 6bb6bd5614..10315c48a7 100644 --- a/rootfs-builder/fedora/config.sh +++ b/rootfs-builder/fedora/config.sh @@ -19,3 +19,5 @@ PACKAGES="iptables" # Init process must be one of {systemd,kata-agent} INIT_PROCESS=systemd ARCH_EXCLUDE_LIST=() + +[ "$SECCOMP" = "yes" ] && PACKAGES+=" libseccomp" || true diff --git a/rootfs-builder/rootfs.sh b/rootfs-builder/rootfs.sh index 978221d0b8..dffc0b4a80 100755 --- a/rootfs-builder/rootfs.sh +++ b/rootfs-builder/rootfs.sh @@ -326,6 +326,7 @@ if [ -n "${USE_DOCKER}" ] ; then --env EXTRA_PKGS="${EXTRA_PKGS}" \ --env OSBUILDER_VERSION="${OSBUILDER_VERSION}" \ --env INSIDE_CONTAINER=1 \ + --env SECCOMP="${SECCOMP}" \ -v "${script_dir}":"/osbuilder" \ -v "${ROOTFS_DIR}":"/rootfs" \ -v "${script_dir}/../scripts":"/scripts" \ @@ -352,7 +353,7 @@ pushd "${GOPATH_LOCAL}/src/${GO_AGENT_PKG}" [ -n "${AGENT_VERSION}" ] && git checkout "${AGENT_VERSION}" && OK "git checkout successful" make clean make INIT=${AGENT_INIT} -make install DESTDIR="${ROOTFS_DIR}" INIT=${AGENT_INIT} +make install DESTDIR="${ROOTFS_DIR}" INIT=${AGENT_INIT} SECCOMP=${SECCOMP} popd AGENT_DIR="${ROOTFS_DIR}/usr/bin" diff --git a/rootfs-builder/ubuntu/config.sh b/rootfs-builder/ubuntu/config.sh index ed8ef7c2b7..4c9c081a7e 100644 --- a/rootfs-builder/ubuntu/config.sh +++ b/rootfs-builder/ubuntu/config.sh @@ -28,3 +28,5 @@ INIT_PROCESS=systemd # List of zero or more architectures to exclude from build, # as reported by `uname -m` ARCH_EXCLUDE_LIST=() + +[ "$SECCOMP" = "yes" ] && PACKAGES+=" libseccomp2" || true