The 'go run' command in manpage build stage currently doesn't know about
build tags yet. This could lead to strange effects when eg. optional deps
are switched off.
Therefore also pass the tags to the 'go run' calls.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
In the current implementation, the build tags arguments can catch up an
extra trailing whitespace. Since this parameter is passed in quotes, the
shell won't strip it, leading to the wrong tags passed.
Therefore just strip it explicitly.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
FHS mandates manpages should go to /usr/share/man (or /usr/local/share/man,
for site local installations) -- /usr/man was an fallout of some ancient
Unices that haven't been fully FHS conformant and usually just a symlink to
/usr/share/man, if existing at all.
Distros sometimes need to override this (eg. MVCC installs), therefore go
the 30+ years common practise way and introduce MANDIR environment variable.
Since it's a subdir under the prefix for general constant and machine
architecture independ data -- which in turn also sometimes wants to be
overridden by distros, it shall be derived from DATADIR variable.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
The DESTDIR environment variable is used in the wrong way: since 30+ years
it's common practise using it for specifying *temporary* target *root*
(where eg. packaging infrastructure picks up the install image), instead
of the installation *prefix* on the final target.
Fixing this by introducing PREFIX variable (with default /usr/local) and
using both variables according to the 30 years matured common practise.
That way, distro packagers and other standardized build/installation
systems can easily do correct deployments w/o individual hacks.
changes v2: removed variables not used yet
added documentation
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Make rules can be formulated more generic by using the $@ symbol, instead
of duplicating the target file name.
Just a little cleanup for better maintainability.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Currently, the cri-integration tests do not work on Windows due to various reasons.
One of the reasons is because all the tests are using Linux-specific images.
Previous commits refactored the image pulling / usage in the cri-integration tests,
making it easier to update, and easier to configure a custom registry to pull images
with Windows support.
For Windows runs, custom registries can be created, which will also contain Windows
images, and the cri-integration tests can be configured to use those registries by
specifying the "--repo-list" argument, a YAML file which will contain an alternative
mapping of the default registries. This is similar to how E2E tests are handled for
Windows runs in Kubernetes.
Some of the tests are Skipped, as they do not pass yet on Windows.
Windows does not collect inodes used stats, thus, the tests that were expecting non-zero
inodes stats were failing.
Signed-off-by: Claudiu Belu <cbelu@cloudbasesolutions.com>
Packaging systems often want to override the install(1) command via INSTALL
environment variable, in order to do distro specific fixups (eg. splitting
out debug symbols from binaries to separate files).
Also use it for creating install target directories.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Let install-man depend on man, so manpages are really built before
trying to install them.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
This is required for environments/build systems where a specific
go version / command needs to be used.
Signed-off-by: Enrico Weigelt, metux IT consult <info@metux.net>
Currently, the cri-integration tests do not work on Windows due to various reasons.
One of the reasons is because all the tests are using Linux-specific images. This
commit refactors the image pulling / usage in the cri-integration tests, making it
easier to update, and easier to configure the a custom registry to pull those images
from.
For Windows runs, custom registries can be created, which will also contain Windows
images, and the cri-integration tests can be configured to use those registries by
specifying the "--image-list" argument, a TOML file which will contain an alternative
mapping of the default images.
Signed-off-by: Claudiu Belu <cbelu@cloudbasesolutions.com>
This allows us to dig more details out of test runs and maintain a
better history.
For this we can use `gotestsum`, which is a utility that wraps `go test`
so that it outputs test2json (go's format) and output junit (a format
more easily imported into other systems).
The PR makes it possible to override the Makefile's use of `go test` to
use any other command tto executet the test. For CI we'll use `gotestsum
--`, where `gotestsum` expects everything after the `--` to be flags for
`go test`.
We then use environment variables to configure `gotestsum` (e.g.
`GOTESTSUM_JUNITFILE` is an env var accepted by `gotestsum`).
For cri tests, the test suite supports outputing test results to a
directory, these are in junit format already. The file is not named
properly just because the code that creates it (in ginkgo) is not
configured well. We can fix that upstream to give us a better name...
until then I'm keeping those results in a separate dir.
A second workflow is also added so the test results can be summed up and
a report added to the workflow run. The 2nd workflow is required for
this since PR runs do not have access to do some of this due to safety
reasons
(https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
`make vendor` did not do a `go mod tidy` after vendoring, whereas
CI does this as part of the vendor validation, causing CI to fail
if `make vendor` was used to update vendoring, without doing a
`go mod tidy` as well.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The build tag was removed in go-selinux v1.8.0: opencontainers/selinux#132
Related: remove "apparmor" build tag: 0a9147f3aa
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
The "apparmor" build tag does not have any cgo dependency and can be removed safely.
Related: https://github.com/opencontainers/runc/issues/2704
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
This prevents packages with no Go included files due to build constraints
being included in the package list. These packages cause the test command
to fail with "can't load package build constraints exclude all Go files".
Signed-off-by: Derek McGowan <derek@mcg.dev>
The cgo dependency on libseccomp was removed in containerd/cri#1548.
The `seccomp` build tag is now ignored (and the seccomp support is always built-in).
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
A simple `grep selinux_stub bin/containerd` shows that we are not using
selinux tag when building containerd. The CRI plugin pulls in a bunch of
selinux related code, so we need to enable this tag as well.
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
I missed this in my previous change: the ctr man page is also
in Section 8, because it's considered an administrative tool,
and containerd-config is related to containerd so updating these
as well.
This commit also fixes naming of the generated files, which was
hard-coded to .1.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The generated file was incorrectly named containerd.1 and should
be in section 8 (see [MAN-PAGES(7)]: Sections of the manual pages)
This patch fixes the filename and updates references to containerd(1)
to refer to containerd(8).
The generated file itself already had the correct section set in its
header, so didn't need updating.
[MAN-PAGES(7)]: http://man7.org/linux/man-pages/man7/man-pages.7.html
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Temporarily disable criu tests until the 5.0.0 CI kernel issue is
resolved. Also update criu to v3.13
Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
Seems to be that docs/man/ctr.1.md and docs/man/containerd.1.md were
removed in #3637 and were not updated correctly in the Makefile, leading
to build failures like:
+ make man
make: *** No rule to make target `man/ctr.1', needed by `man'. Stop.
Changes the gen-manpages command to be specific on which manpages are to
be generated.
Signed-off-by: Eli Uriegas <eli.uriegas@docker.com>
The climan package has a command that can be registered with any urfav
cli app to generate man pages.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
When tests fail they could leave debris behind such as
- overlay mounts
- cgroups
- metadata
These debris can cause subsequent tests to fail
Co-authored-by: Danail Branekov <danailster@gmail.com>
Signed-off-by: Georgi Sabev <georgethebeatle@gmail.com>
With this patch applied, the package-name in the `--version` output can be overridden;
make PACKAGE=containerd.io binaries
./bin/containerd --version
containerd containerd.io v1.2.0-329-ga15b6e20.m a15b6e2097c48b632dbdc63254bad4c62b69e709.m
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Attempt to fix CI is failing due to a regression in Go 1.10.6 / 1.11.3 (see https://github.com/golang/go/issues/29241)
```
package github.com/containernetworking/plugins/...: github.com/containernetworking/plugins/...: invalid import path: malformed import path "github.com/containernetworking/plugins/...": double dot
```
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The man page namespace is global, so in order to avoid colliding with
other man pages named "config.toml" rename ours to be more descriptive.
This also helps with discoverability (now tab-completion of 'man
containerd<tab>' will return the config man page), as well as making it
much cleaner from the perspective of distributions that want to package
containerd.
Signed-off-by: Aleksa Sarai <asarai@suse.de>
Adds initial manpages for ctr, containerd, and containerd config
commands, as well as the config.toml configuration file.
Adds targets to Makefile for generating and installing manpages.
Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
Adds capability to build the manpages via the go-md2man utility to the
make framework for containerd
Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
Added -trimpath flag in -gcflags to reduce codepath in stack trace.
Fixes#2000
In case of multiple GOPATH, it will trimpath of first one
Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>
The DCO check is primarily only relevant as part of CI, so it
doesn't need to be in the Makefile. A contributor looking to
validate their commits can run script/validate/dco.
Signed-off-by: Daniel Nephin <dnephin@gmail.com>
This compiles the shim without cgo and statically which ends up to have
lower memory usage and binary size. buildmode=pie cannot be used
without cgo.
ref: https://github.com/golang/go/issues/17789#issuecomment-258542220
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
gometalinter runs linters in parallel for faster linting
it provides a uniform way of whitelisting lines using // nolint or the exclude
field in the config
Signed-off-by: Daniel Nephin <dnephin@gmail.com>
This tool makes our standard release template easy to generate. It also
adds a few features like marking changed dependnencies for packages and
others to know what updated from the last release.
usage:
`containerd-release -n releases/v1.0.0-beta.2.toml`
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
After several requests for information about platform support,
configuration introspection and feature switches, we now have a solution
that should work in all these use cases. The Introspection API hooks
into the plugin subsystem registration process. During registration,
plugins declare several pieces of information, allowing clients to
discover the cababilities and support that a containerd instance
provides, including whether or not it loaded with an error.
To allow symmetrical error reporting, the `google/rpc.Status` protobuf
definitions have been brought in from the googleapis project.
Unfortunately, we had to generate these in place to match our protobuf
system.
Once we like this design, we can add an implementation to integrate it
directly with the plugin system.
Enjoy!
Signed-off-by: Stephen J Day <stephen.day@docker.com>
