Commit Graph

87 Commits

Author SHA1 Message Date
Avi Deitcher
a05f612aa4 update-component-sha --pkg option
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2021-10-31 05:38:32 -04:00
Dave Tucker
561ce6f4be Remove Notary and Content Trust
This commit removes Notary and Content Trust.
Notary v1 is due to be replaced with Notary v2 soon.
There is no clean migration path from one to the other.
For now, this removes all signing from LinuxKit.
We will look to add this back once a new Notary alternative
becomes available.

Signed-off-by: Dave Tucker <dave@dtucker.co.uk>
2021-03-30 14:51:11 +01:00
Ian Campbell
e78b25062c scripts: support credentials helpers on Linux
On Linux a key in `~/.docker/config.json` indicates if a credentials helper is
in use (and which), if one is then the method is identical to the Darwin case
so refactor to support that.

Signed-off-by: Ian Campbell <ijc@docker.com>
2018-10-30 09:29:19 +00:00
Ian Campbell
6c1ba442b4 update-component-sha.sh: ignore changes in directories named "vendor"
src/cmd/linuxkit/vendor/github.com/moby/tool/src/moby/linuxkit.go embeds a yaml
fragement with some hashes in it, so avoid updating that since that would make
the vendoring unclean.

Signed-off-by: Ian Campbell <ijc@docker.com>
2018-04-25 10:52:09 +01:00
Ian Campbell
4320c3928f update-component-sha.sh: support update of image with tagged release.
This updates to support updating things like `linuxkit/runc:v0.3` to a new hash
(or tag).

Running:

    ./scripts/update-component-sha.sh --image linuxkit/runc 100d0d046c

Still DTRT and updates runc to that (bogus) sha.

Furthermore, running:

    ./scripts/update-component-sha.sh --image linuxkit/runc v0.4

Updates runc to that (bogus) release (this worked before) but now running:

    ./scripts/update-component-sha.sh --image linuxkit/runc acba8886e4

Inverts things and puts them back.

(this is not quote a nop because
src/cmd/linuxkit/vendor/github.com/moby/tool/src/moby/linuxkit.go has a
different sha in it which is not put back)

Signed-off-by: Ian Campbell <ijc@docker.com>
2018-04-25 10:50:26 +01:00
Ian Campbell
3ebd1769e2 update-component-sha.sh: use extended/modern regex for a complex case.
Right now the difference is rather minor, but I'm about to make this case more
complicated.

Running:

    ./scripts/update-component-sha.sh --image linuxkit/runc 100d0d046c

Still DTRT and updates runc to that (bogus) sha.

Signed-off-by: Ian Campbell <ijc@docker.com>
2018-04-25 10:41:39 +01:00
Ian Campbell
411698c16e update-component-sha.sh: simplify the quoting on sed expression
I think the intention was to use "" for bits with substititions and '' for bits
without, but that makes it hard to read and the bits in '' are safe in the ""
context anyway.

Running:

    ./scripts/update-component-sha.sh --image linuxkit/runc 100d0d046c

Still DTRT and updates runc to that (bogus) sha.

Signed-off-by: Ian Campbell <ijc@docker.com>
2018-04-25 10:40:00 +01:00
Rolf Neugebauer
2de53a8962 script: Update push-manifest.sh to use NOTARY_AUTH
Prior to notary 0.6.0, notary expected a terminal and only accepted
username/password interactively. With notary 0.6.0 this can now be
passed as en environment variable 'NOTARY_AUTH' in the form of
a base64 encoded 'username:password'.

This commit removes the ugly 'expect' hack in favour of the much
cleaner use of an environment variable.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-04-03 16:02:42 +01:00
Rolf Neugebauer
bc35b3c1c9 scripts: Rename the script to rename the rt patches
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-03-15 11:22:10 +00:00
Rolf Neugebauer
02e695e925 scripts: Update push-manifest.sh with new location of key chain utility
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-02-28 16:36:19 +00:00
Alice Frosi
d6b44f7881 Add s390x support for Linuxkit binary
This PR adds the basic support for s390 architecture on linuxkit
command.

Signed-off-by: Alice Frosi <alice@linux.vnet.ibm.com>
2018-02-27 12:23:47 +00:00
Tiejun Chen
2cffa7b455 Add one script to get patches prefixed by the term of number
Signed-off-by: Tiejun Chen <tiejun.china@gmail.com>
2018-02-24 08:07:10 -08:00
Rolf Neugebauer
aefb66b5b0 scripts: Rename ./scripts/signing ./scripts/certs
Also remove the init-signing.sh script. We now use something else.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-19 15:21:02 +00:00
Rolf Neugebauer
113ff13f58 contrib: Move Vagrantfile to contrib
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-19 15:21:02 +00:00
Rolf Neugebauer
f43b62a35b contrib: Move scripts for foreign kernels to contrib
Also adjust the kernel docs to point to the new location.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-19 15:21:02 +00:00
Rolf Neugebauer
bad114476a Merge pull request #2837 from rn/clean
Remove some stale files/projects
2018-01-05 18:40:52 +00:00
Rolf Neugebauer
07c2f49edc scripts: Remove LinuxKit.ps1
This existed before 'linuxkit run hyperv' and is no longer
needed/maintained.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-05 15:18:45 +00:00
Rolf Neugebauer
b1b8b1e6c2 foreign-kernels: Add README
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-05 14:58:02 +00:00
Rolf Neugebauer
c67d249410 foreign-kernels: Rewrite scripts to only build one local image
The scripts used to scrape the various repositories to build
and push package for all foreign kernels. They were designed
to be run periodically and provide "official" foreign kernel
packages. Needless to say we did not run them periodically
and the linuxkit packages became out-dated quickly.

Now, we just provide users who are interested in using foreign
kernels the means to build their own package from specific
vendor kernels.

Each script uses slightly different command line arguments
as the location and naming of the kernel packages differ
wildly. The help message provide a working example which
has been tested with a minimal LinuxKit YAML file.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-05 14:58:02 +00:00
Rolf Neugebauer
f696c5a253 foreign-kernels: Switch to 3.7 and use FROM scratch
We don't use toybox-media anymore as the base for kernel
images.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2018-01-05 14:58:02 +00:00
David Manouchehri
50ac887fb9 As requested.. Again.
Signed-off-by: David Manouchehri <david.manouchehri@riseup.net>
2017-12-12 20:13:00 -05:00
David Manouchehri
c693e50f82 As requested by @ijc (https://github.com/linuxkit/linuxkit/pull/2784#discussion_r154895971).
Signed-off-by: David Manouchehri <david.manouchehri@riseup.net>
2017-12-05 19:08:43 -05:00
David Manouchehri
e9bc7353e6 As requested by @justincormack (https://github.com/linuxkit/linuxkit/pull/2784#issuecomment-349064467).
Signed-off-by: David Manouchehri <david.manouchehri@riseup.net>
2017-12-04 13:55:17 -05:00
Riyaz Faizullabhoy
057e59d0dc signing: add init script and public certificate fixtures
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2017-11-20 15:06:28 -08:00
Ian Campbell
5380c7a18d update-component-sha: Accept easier to cut-n-paste --image arguments.
Signed-off-by: Ian Campbell <ijc@docker.com>
2017-10-13 10:46:57 +01:00
Ian Campbell
29e49155f3 scripts: Correct help output
Using --image is mandatory if you want that mode.

Signed-off-by: Ian Campbell <ijc@docker.com>
2017-08-29 01:05:50 +01:00
Rolf Neugebauer
c3b9972b32 scripts: Add script to split kernel config files
This script is slightly modified from the ChromiumOS splitconfig

It takes a number of kernel config files and prints the common
on specific kernel config options to seperate files.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-21 20:43:30 +01:00
Avi Deitcher
2df3826291 Add script to clean ip older images
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2017-08-06 12:52:59 +03:00
Rolf Neugebauer
6d4162343a scripts: Add a script to push and sign manifests
Also adjust the 'linuxkit/alpine' script to follow the
same pattern.

The new version of the script extract username/password from
the credential helper (or docker) and build and 'expect'
script to feed the info to 'notary'.

They can be invoked by:
DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE="phrase" ./push-manifest.sh ...

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-03 17:36:21 +01:00
Avi Deitcher
c732584e77 Remove bashism in script
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2017-07-25 12:47:10 +03:00
Avi Deitcher
fcb3dd0694 Add options to update-component-sh.sh to modify by image name or by tag
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2017-07-24 18:17:11 +03:00
Ian Campbell
0c6af4b3be Add a helper script for bulk updating component sha's
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-07-13 10:37:24 +01:00
Rolf Neugebauer
008edbb438 scripts: Rename named pipe for the serial port on Hyper-V
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-05-10 13:36:27 +01:00
Rolf Neugebauer
f0e289439f kernel: Update to use new toybox image
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-05-08 16:46:47 +01:00
Rolf Neugebauer
83201bacbe kernels: Add script to convert Fedora kernels
We only convert kernels from Fedora 2* as they have 4.x kernels.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-30 12:01:54 +01:00
Rolf Neugebauer
4defc9f134 kernels: Clean after creating an image
Remove the image and the intermediate images. Otherwise, especially
for the initial runs, the disk fills up quickly.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-30 11:18:53 +01:00
Rolf Neugebauer
f145a3cee7 kernels: Run depmod on modules before packaging
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-30 11:16:14 +01:00
Rolf Neugebauer
eeb8ee058c kernels: Add script to convert CentOS kernels
We only convert CentOS 7 kernels for now. CentOS 6 is too
old for most of our purposes.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-30 11:16:14 +01:00
Rolf Neugebauer
4ff7be375e kernels: Tweak the ubuntu script a little
No actual source change, just make it easier to enable
kernel headers should they be needed.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-29 13:11:52 +01:00
Rolf Neugebauer
31d84a6380 kernels: Add System.map to kernel hub image
Also, don't fail if the headers are not installed

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-29 13:11:52 +01:00
Rolf Neugebauer
47ed84ee68 kernels: Don't pull to check if image exists on hub
Doing a "docker pull" to check if an image exist on hub
takes a long time for the number of images, in particular
in the linuxkit/kernel-mainline repo.

Instead, get a list of tags on Hub and check that way. This
does not check if the image was signed, but should be good
enough.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-29 11:24:01 +01:00
Rolf Neugebauer
835a3d2e4d kernels: Fix annoying error in shell scripts
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-28 17:51:36 +01:00
Rolf Neugebauer
4f5c5aca7a kernels: Add support for creating Debian kernel packages
This only pulls in 4.x kernels and does not include the
headers to build modules against.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-28 17:07:28 +01:00
Rolf Neugebauer
5b28cfafb2 kernels: Add support for creating ubuntu kernel packages
This only covers the 4.x Ubuntu kernels and for now does
not include the headers to build modules against.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-28 17:07:24 +01:00
Rolf Neugebauer
82c7118de9 kernels: Create LinuKit kernel images from Ubuntu mainline
The Ubuntu mainline PPA has kernel.org based kernels for many
kernel releaseis.  This commit adds suport for downloading and
converting the 3.16.x long long term support kernel as well
as the current 4.x series.  The "mainline.sh" script only
downloads/processes kernels which have not yet been put on
Hub.

The kernels are stored under "linuxkit/kernel-mainline" and are
tagged with the kernel version.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-28 17:07:24 +01:00
Rolf Neugebauer
b432b9c8ca scripts: Add simple Powershell script to manage Hyper-V VMs
This script can create/start/stop/remove Hyper-V VMs. The
VMs are configured as Gen2 VMs which boot from EFI ISOs.

Network and Disk configuration is optional.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-27 14:41:07 +01:00
Dave Tucker
11fcf087ca makefile: Use moby run qemu
This deprectes scripts/qemu.sh as moby run qemu can now safely be run in
CI, where we currently used the qemu container

Signed-off-by: Dave Tucker <dt@docker.com>
2017-04-24 15:17:01 +01:00
Sebastiaan van Stijn
19a3123f09 Add AUTHORS file and script
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-04-17 10:30:28 -05:00
Rolf Neugebauer
fcd407787b scripts: Use qemu from linuxkit hub org
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-04-12 21:28:17 +01:00
Justin Cormack
c3031e22a3 Remove some obsolete scripts
- one was old for installing in d4m no longer relevant
- the other is relaced by `docker run hyperkit`

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-04-06 17:57:16 +01:00