Currently we will always create a temp tar file even the 'docker run'
failed for some reason,e.g, the docker daemon doesn't run. As a result,
we'll get the 2nd error even we've fixed 'docker run' failure.
Signed-off-by: Dennis Chen <dennis.chen@arm.com>
Implements https://github.com/moby/tool/pull/181
Design for things like Kubernetes setup that requires some cgroups to
exist when the service starts but it is not running in these, other
services are, so there would be a race if they are not created in each.
Essentially it is just a sugared `mkdir` in all the cgroup dirs.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
On Linux enable pie too.
Lastly, give the user control over the target name (e.g. to allow them to build
with a GOOS+GOARCH suffix).
Signed-off-by: Ian Campbell <ijc@docker.com>
Done as follows:
find -name build.yml | xargs dirname | while read d ; do
t=$(linuxkit pkg show-tag $d)
./scripts/update-component-sha.sh --image ${t%:*} ${t#*:}
done
git commit -s test pkg tools blueprints examples projects/kubernetes projects/swarmd docs linuxkit.yml Makefile src
This explicitly excludes projects/* which I did not know whether to update.
Then:
git reset --hard
for i in init runc containerd ca-certificates sysctl dhcpcd getty rngd ; do
o=$(git grep -h "\(image:\|-\) *linuxkit/$i:[0-9a-f]\{40\}" origin/master:linuxkit.yml | awk '// { print $2 }')
n=$(linuxkit pkg show-tag pkg/$i)
./scripts/update-component-sha.sh "$o" "$n"
done
git commit --amend projects
This updates any projects which were using components with the same hash as the
top-level linuxkit.yml.
Signed-off-by: Ian Campbell <ijc@docker.com>
This is a bit gross, but hopefully this script will be written in go sooner
rather than later and in the meantime this avoids the need to install yet
another tool on user's systems (and get it into brew etc).
Checkin the result of `go:generate` for now. Once there are no more users of
push-manifest.sh it can be moved alongside the go code (if it hasn't been
rewritten in go along the way).
Signed-off-by: Ian Campbell <ijc@docker.com>
This implements the proposal in #2564 and converts a handful of representative
or especially interesting (from a build PoV) packages to use it.
For now those pkg/* affected get a stub-`Makefile`, once all packages are
converted then `pkg/Makefile` can be adjusted and those stubs can be removed.
For now only `pkg/package.mk`'s functionality is implemented. In particular:
- `push-manifest.sh` remains a separate script, to enable calling it on systems
with just the LinuxKit tools installed arrange to install it under a less
generic name.
- `kernel` and `tools/alpine` do not use `pkg/package.mk` and those cases are
not yet fully considered/covered.
I have updated the documentation assuming that the existing uses of
`pkg/package.mk` will be removed quite soon in a follow up PR rather than
trying to document the situation which results after just this commit.
Due to `cmd/linuxkit` now gaining a library the build needs adjusting slightly to
allow both `make bin/linuxkit` and `go build` to work.
`go vet` has forced me to write some rather asinine comments for things that
are rather obvious from the name.
Signed-off-by: Ian Campbell <ijc@docker.com>
The PR to enable notary signing has been merged. Also update
documentation as `got get` should now also work.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
This now completes the steps to bootstrap the other
packages with multi-arch as we now have the tools both
on arm64 and amd64.
Also update vendoring doc with new hash
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
The manifest-tool will be used to build multi-arch hub
images and currently needs a patched version to print
out the size/length of the manifest pushed to hub to
enable signing with notary.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
I noticed that running the runes in docs/vendoring.md made a bunch of files
which are omitted by modern vndr come back, presumably due to the old version
of vndr referenced there. So update the go-compile package to the current
version everywhere.
Also correct the use of `make` variable syntax (`$(PWD)`) where shell syntax
command substitution for `pwd` was desired.
Signed-off-by: Ian Campbell <ijc@docker.com>
This update brings in linuxkit/rtf#24 that fixes panics in cases where
there are concurrent reads/writes of the logging backends.
Signed-off-by: Dave Tucker <dt@docker.com>
Add the yaml config to the default `linuxkit.yml`. You can check
this with `cat /proc/1/root/etc/linuxkit-config`.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
$ git log --no-merges --oneline d8cc1b3f08df..51b4e201544f
6c6499b Update docker/docker vendor to 6978a6e25a2e6063f280ec842bd0f3eae99426e1
3ee4fdc Error if there are duplicate service names
3c5fad4 Remove dependency on docker/docker/cli
5e75f8c Only run `go test` and `go vet` if not cross building (i.e. ${GOOS} unset)
48f1dd0 Build for Darwin and Windows in CI
c3edfec revendor runc + runtime-spec to match containerd 8e1a04ff9ee3
a73c3d3 Add partial user namespace support
0acaaa7 Assign each container a uid and gid it can use
c5070df Add docs for ambient capabilities
66b4aed Add support for ambient capabilities
c2e460f check that caps are valid
b605e61 Adding dynamic-vhd Output Format
e7ebabd Split out into a small stub command line and a library
4401e7d Rename the docker run function
c5cccad Return errors from build internal function
618dc42 Allow creation of empty files
ad3de8f Add support for rlimits
13da5e0 Use hyperkit to make raw disks
Signed-off-by: Ian Campbell <ian.campbell@docker.com>
Latest `vndr` has changed its algorithm a bit. It also pointed out that we were missing
some things.
Move the `vendor` directory up to the `linuxkit` command, else it gets confused by packages
that have Go code in.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
- clean up incorrect lines such as `tar xf tmp_linuxkit_bin.tar > $@`
- split out targets to make tarballs and to untar
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
