Build containerd containers from Docker containers

Simplifies the build process, and makes testing easier as there is a
Docker container you can run to test things.

Replaces #994

Signed-off-by: Justin Cormack <justin.cormack@docker.com>

alpine/base/binfmt/.gitignore

@@ -0,0 +1,4 @@
+dev
+proc
+sys
+usr

alpine/base/binfmt/Dockerfile

@@ -0,0 +1,3 @@
+FROM scratch
+COPY . ./
+CMD ["/usr/bin/binfmt", "-dir", "/etc/binfmt.d/", "-mount", "/binfmt_misc"]

alpine/base/binfmt/Makefile

@@ -0,0 +1,54 @@
+# Tag 7a07de557d7f6ae3d72873c32bfb4c51c7687d03
+QEMU_IMAGE=mobylinux/qemu-user-static@sha256:cbeba25809c7c3feebc9e20522145e33d8abe5956674afa52814fc57c6644497
+QEMU_FILES=qemu-arm-static qemu-aarch64-static qemu-ppc64le-static
+QEMU_BINARIES=$(addprefix usr/bin/,$(QEMU_FILES))
+
+# Tag: 6075d4b9c5fe30e19581f1b7ef1813f3041cca32
+GO_COMPILE=mobylinux/go-compile@sha256:badfd8a1730ab6e640682d0f95a8f9c51f3cd4b2e8db261fe1a1fd8c6f60bd6e
+BINFMT_BINARY=usr/bin/binfmt
+
+SHA_IMAGE=alpine:3.5
+
+IMAGE=binfmt
+
+.PHONY: tag push clean container
+default: push
+
+$(QEMU_BINARIES):
+	mkdir -p $(dir $@)
+	docker run --rm --net=none $(QEMU_IMAGE) tar cf - $@ | tar xf -
+
+$(BINFMT_BINARY): main.go
+	mkdir -p $(dir $@)
+	tar cf - $^ | docker run --rm --net=none --log-driver=none -i $(GO_COMPILE) -o $@ | tar xf -
+	
+DIRS=dev proc sys
+$(DIRS):
+	mkdir -p $@
+
+DEPS=$(DIRS) $(QEMU_BINARIES) $(BINFMT_BINARY) etc/binfmt.d/00_moby.conf
+
+container: Dockerfile $(DEPS)
+	tar cf - $^ | docker build --no-cache -t $(IMAGE):build -
+
+hash: Dockerfile $(DEPS)
+	DOCKER_CONTENT_TRUST=1 docker pull $(SHA_IMAGE)
+	tar cf - $^ | docker run --rm -i $(SHA_IMAGE) sha1sum - | sed 's/ .*//' > hash
+
+push: hash container
+	docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
+		(docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash) && \
+		 docker push mobylinux/$(IMAGE):$(shell cat hash))
+	docker rmi $(IMAGE):build
+	rm -f hash
+
+tag: hash container
+	docker pull mobylinux/$(IMAGE):$(shell cat hash) || \
+		docker tag $(IMAGE):build mobylinux/$(IMAGE):$(shell cat hash)
+	docker rmi $(IMAGE):build
+	rm -f hash
+
+clean:
+	rm -rf hash $(DIRS) usr
+
+.DELETE_ON_ERROR:

alpine/base/binfmt/etc/binfmt.d/00_moby.conf

@@ -0,0 +1,3 @@
+:qemu-aarch64:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff:/usr/bin/qemu-aarch64-static:CF
+:qemu-arm:M:0:\x7f\x45\x4c\x46\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-arm-static:CF
+:qemu-ppc64le:M:0:\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x15\x00:\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\x00:/usr/bin/qemu-ppc64le-static:CF

alpine/base/binfmt/main.go

@@ -0,0 +1,93 @@
+package main
+
+import (
+	"bytes"
+	"flag"
+	"fmt"
+	"io/ioutil"
+	"log"
+	"os"
+	"path/filepath"
+	"syscall"
+)
+
+var (
+	dir   string
+	mount string
+)
+
+func init() {
+	flag.StringVar(&dir, "dir", "/etc/binfmt.d", "directory with config files")
+	flag.StringVar(&mount, "mount", "/proc/sys/fs/binfmt_misc", "binfmt_misc mount point")
+}
+
+func binfmt(line []byte) error {
+	register := filepath.Join(mount, "register")
+	file, err := os.OpenFile(register, os.O_WRONLY, 0)
+	if err != nil {
+		e, ok := err.(*os.PathError)
+		if ok && e.Err == syscall.ENOENT {
+			return fmt.Errorf("ENOENT opening %s is it mounted?", register)
+		}
+		if ok && e.Err == syscall.EPERM {
+			return fmt.Errorf("EPERM opening %s check permissions?", register)
+		}
+		return fmt.Errorf("Cannot open %s: %s", register, err)
+	}
+	defer file.Close()
+	// short writes should not occur on sysfs, cannot usefully recover
+	_, err = file.Write(line)
+	if err != nil {
+		e, ok := err.(*os.PathError)
+		if ok && e.Err == syscall.EEXIST {
+			// clear existing entry
+			split := bytes.SplitN(line[1:], []byte(":"), 2)
+			if len(split) == 0 {
+				return fmt.Errorf("Cannot determine arch from: %s", line)
+			}
+			arch := filepath.Join(mount, string(split[0]))
+			clear, err := os.OpenFile(arch, os.O_WRONLY, 0)
+			if err != nil {
+				return fmt.Errorf("Cannot open %s: %s", arch, err)
+			}
+			defer clear.Close()
+			_, err = clear.Write([]byte("-1"))
+			if err != nil {
+				return fmt.Errorf("Cannot write to %s: %s", arch, err)
+			}
+			_, err = file.Write(line)
+			if err != nil {
+				return fmt.Errorf("Cannot write to %s: %s", register, err)
+			}
+			return nil
+		}
+		return fmt.Errorf("Cannot write to %s: %s", register, err)
+	}
+	return nil
+}
+
+func main() {
+	flag.Parse()
+
+	files, err := ioutil.ReadDir(dir)
+	if err != nil {
+		log.Fatalf("Cannot read directory %s: %s", dir, err)
+	}
+
+	for _, file := range files {
+		contents, err := ioutil.ReadFile(filepath.Join(dir, file.Name()))
+		if err != nil {
+			log.Fatalf("Cannot read file %s: %s", file.Name(), err)
+		}
+		lines := bytes.Split(contents, []byte("\n"))
+		for _, line := range lines {
+			if len(line) == 0 {
+				continue
+			}
+			err = binfmt(line)
+			if err != nil {
+				log.Fatal(err)
+			}
+		}
+	}
+}