github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-20 17:49:10 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #2864 from deitch/fix-metadata-label

Browse Source 
Add /run to binds and use newer yml label format
This commit is contained in:
Avi Deitcher 2018-01-16 11:36:49 +02:00 committed by GitHub
commit c0ff9cf6f0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/metadata/Dockerfile
View File

@ -6,7 +6,7 @@ ENV GOPATH=/go PATH=$PATH:/go/bin
COPY . /go/src/metadata/
RUN go-compile.sh /go/src/metadata
RUN mkdir -p out/tmp out/var out/dev out/etc out/etc/ssl/certs
RUN mkdir -p out/tmp out/var out/run out/dev out/etc out/etc/ssl/certs
FROM scratch
ENTRYPOINT []
@ -15,4 +15,3 @@ WORKDIR /
COPY --from=mirror /go/bin/metadata /usr/bin/metadata
COPY --from=mirror /out/ /
CMD ["/usr/bin/metadata"]
LABEL org.mobyproject.config='{"binds": ["/dev:/dev", "/var:/var", "/sys:/sys", "/etc/resolv.conf:/etc/resolv.conf", "/etc/ssl/certs:/etc/ssl/certs"], "tmpfs": ["/tmp"], "readonly": true, "capabilities": ["CAP_SYS_ADMIN", "CAP_NET_ADMIN"]}'

14
pkg/metadata/build.yml
View File

@ -1 +1,15 @@
image: metadata
config:
binds:
- /dev:/dev
- /var:/var
- /run:/run
- /sys:/sys
- /etc/resolv.conf:/etc/resolv.conf
- /etc/ssl/certs:/etc/ssl/certs
tmpfs:
- /tmp
readonly: true
capabilities:
- CAP_SYS_ADMIN
- CAP_NET_ADMIN