From 3783aa50511af21a13f175ace7de6dc3c6cf93cb Mon Sep 17 00:00:00 2001 From: Naadir Jeewa Date: Wed, 3 Jul 2019 13:28:20 +0100 Subject: [PATCH] etcd: Allow Makefile to be used on SELinux systems Adds check for SELinux and then adds the :z parameter to the volume mounts in order to work on SELinux enabled systems such as Fedora. Signed-off-by: Naadir Jeewa --- cluster/images/etcd/Makefile | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/cluster/images/etcd/Makefile b/cluster/images/etcd/Makefile index 874f3a86bd1..86ca41ca408 100644 --- a/cluster/images/etcd/Makefile +++ b/cluster/images/etcd/Makefile @@ -49,6 +49,12 @@ PUSH_REGISTRY?=staging-k8s.gcr.io MANIFEST_IMAGE := $(PUSH_REGISTRY)/etcd +SELINUX_ENABLED := $(shell cat /sys/fs/selinux/enforce 2> /dev/null || echo 0) + +ifeq ($(SELINUX_ENABLED),1) + DOCKER_VOL_OPTS?=:z +endif + # This option is for running docker manifest command export DOCKER_CLI_EXPERIMENTAL := enabled # golang version should match the golang version from https://github.com/coreos/etcd/releases for the current ETCD_VERSION. @@ -78,7 +84,7 @@ build: find ./ -maxdepth 1 -type f | xargs -I {} cp {} $(TEMP_DIR) # Compile migrate - docker run --interactive -v $(shell pwd)/../../../:/go/src/k8s.io/kubernetes -v $(TEMP_DIR):/build -e GOARCH=$(ARCH) golang:$(GOLANG_VERSION) \ + docker run --interactive -v $(shell pwd)/../../../:/go/src/k8s.io/kubernetes$(DOCKER_VOL_OPTS) -v $(TEMP_DIR):/build$(DOCKER_VOL_OPTS) -e GOARCH=$(ARCH) golang:$(GOLANG_VERSION) \ /bin/bash -c "CGO_ENABLED=0 go build -o /build/migrate k8s.io/kubernetes/cluster/images/etcd/migrate" @@ -99,7 +105,7 @@ else # For each release create a tmp dir 'etcd_release_tmp_dir' and unpack the release tar there. for version in $(BUNDLED_ETCD_VERSIONS); do \ etcd_release_tmp_dir=$(shell mktemp -d); \ - docker run --interactive -v $${etcd_release_tmp_dir}:/etcdbin golang:$(GOLANG_VERSION) /bin/bash -c \ + docker run --interactive -v $${etcd_release_tmp_dir}:/etcdbin golang:$(GOLANG_VERSION)$(DOCKER_VOL_OPTS) /bin/bash -c \ "git clone https://github.com/coreos/etcd /go/src/github.com/coreos/etcd \ && cd /go/src/github.com/coreos/etcd \ && git checkout v$${version} \ @@ -145,7 +151,7 @@ push-manifest: docker manifest push --purge ${MANIFEST_IMAGE}:${IMAGE_TAG} unit-test: - docker run --interactive -v $(shell pwd)/../../../:/go/src/k8s.io/kubernetes -e GOARCH=$(ARCH) golang:$(GOLANG_VERSION) \ + docker run --interactive -v $(shell pwd)/../../../:/go/src/k8s.io/kubernetes$(DOCKER_VOL_OPTS) -e GOARCH=$(ARCH) golang:$(GOLANG_VERSION) \ /bin/bash -c "CGO_ENABLED=0 go test -v k8s.io/kubernetes/cluster/images/etcd/migrate" # Integration tests require both a golang build environment and all the etcd binaries from a `k8s.gcr.io/etcd` image (`/usr/local/bin/etcd-`, ...). @@ -158,7 +164,7 @@ build-integration-test-image: build docker build --pull -t etcd-integration-test $(TEMP_DIR)_integration_test integration-test: - docker run --interactive -v $(shell pwd)/../../../:/go/src/k8s.io/kubernetes -e GOARCH=$(ARCH) etcd-integration-test \ + docker run --interactive -v $(shell pwd)/../../../:/go/src/k8s.io/kubernetes$(DOCKER_VOL_OPTS) -e GOARCH=$(ARCH) etcd-integration-test \ /bin/bash -c "CGO_ENABLED=0 go test -tags=integration k8s.io/kubernetes/cluster/images/etcd/migrate -args -v 10 -logtostderr true" integration-build-test: build-integration-test-image integration-test