Ensure the image used on the guest does include libseccomp,
otherwise when a seccomp profile is passed by the runtime, it
will end up with boot failure on the guest.
Fixes: #153
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
RemoveContainer is called right after SignalProcess(SIGKILL), the container
process might be still running and container Destroy() will fail, thus it's better
to wait on this process exited before to issue RemoveContainer.
Fixes: #690
Signed-off-by: fupan <lifupan@gmail.com>
Make sure we checkout the new_version tag before grabbing version
information from the runtime repository.
Fixes: #174.
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Add script to generate release notes template
for runtime.
Will get the range of changes from two tags.
Get assets information from versions.yaml file.
Fixes: #169
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Fixes#635
When container rootfs is block based in devicemapper use case, we can re-use
sandbox device manager to manage rootfs block plug/unplug, we don't detailed
description of block in container state file, instead we only need a Block index
referencing sandbox device.
Remove `HotpluggedDrive` and `RootfsPCIAddr` from state file because it's not
necessary any more.
Signed-off-by: Wei Zhang <zhangwei555@huawei.com>
For vm factory, we also need netns to be set otherwise we fail to
create new VMs in `s.network.run`.
Fixes: #681
Signed-off-by: Peng Tao <bergwolf@gmail.com>
When tries to get release number from a new repo, the
specfile wont exist. Dont do grep in this case.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Clean target tries to remove files multiples times.
Limit find max depth to not try to remove files more than once.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Fix image generation.
Instead of use agent code from the host checkout to the
agent source code in a clean GOPATH env.
Make sure that the agent `commit id` is the correct before
push to github or OBS.
Fixes: #166
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Fixes#635
`ContainerPath` isn't meaningful in sandbox's `devices.json`, because
device is sandbox level which can be referenced by many containers, and
`ContainerPath` is per container which means nothing to a sandbox level
resource.
Signed-off-by: Wei Zhang <zhangwei555@huawei.com>
Fixes#635
Remove `Hotplugged bool` field from device and add two new fields
instead:
* `RefCount`: how many references to this device. One device can be
referenced(`NewDevice()`) many times by same/different container(s),
two devices are regarded identical if they have same hostPath
* `AttachCount`: how many times this device has been attached. A device
can only be hotplugged once to the qemu, every new Attach command will
add the AttachCount, and real `Detach` will be done only when
`AttachCount == 0`
Signed-off-by: Wei Zhang <zhangwei555@huawei.com>
We need to update the network docs to reflect CNM
and CNI are handled much the same way. Start off
by removing the incorrect CNI docs first.
Fixes#678
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
We need to update the way CNI is handled which is
mostly how CNM is taken care of. Start of by removing
the incorrect steps documented for CNI.
Fixes#236
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Fix nasty bug which resulted in `kata-env` showing
`VMContainerCapable = true` even on amd64 systems without virtualisation
support (thankfully `kata-check` still showed the correct results).
Added arch-specific tests to avoid any possibility of regression.
Fixes#660.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
golang version 1.8.3 is old and the runtime cannot even be built with
it now it seems.
Since it is no longer considered a stable version [1], move to the
oldest official stable version (version 1.9.7).
Fixes#642.
[1] - https://golang.org/dl/
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Checkout to a target branch before create a tag.
We dont checkout for repos that does not have stable branches.
We want to do is just push the tags to master branch
since we don't maintain a seperate one.
The repos are:
osbuilder
packaging
ksm-throttler
Fixes: #163
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Now that we support multiple branches, we changed how
static-checks.sh compares branches. We now need a
variable called $target_branch to make the correct
comparison when testing a PR.
Fixes: #663.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
Lets point to qemu repository instead of kata fork
for qemu-vanilla.
Fixes: #161
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
The osbuilder version file wont be the same if
we tag a stable branch. But we still want to tag
the HEAD of osbuilder to do reproducible builds of
a Kata branch.
Fixes: #158
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
When we get changes from one version to a newer this
is empty because we dont get the current version.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
We need to create the osc file before enter the container.
If build_all.sh is executed without a container and osc
is intalled osc will ask for setup but in the container
fails do to a missing tty.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
