aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--[-rwxr-xr-x].papr.sh0
-rw-r--r--.papr_prepare.sh2
-rw-r--r--Dockerfile4
-rw-r--r--Dockerfile.CentOS4
-rw-r--r--Dockerfile.Fedora4
-rw-r--r--Makefile12
-rwxr-xr-xhack/dind33
7 files changed, 6 insertions, 53 deletions
diff --git a/.papr.sh b/.papr.sh
index 120b3d94b..120b3d94b 100755..100644
--- a/.papr.sh
+++ b/.papr.sh
diff --git a/.papr_prepare.sh b/.papr_prepare.sh
index 30561bf26..0f06af00d 100644
--- a/.papr_prepare.sh
+++ b/.papr_prepare.sh
@@ -14,4 +14,4 @@ fi
${CONTAINER_RUNTIME} build -t ${IMAGE} -f Dockerfile.${DIST} . 2>build.log
# Run the tests
-${CONTAINER_RUNTIME} run --rm --privileged --net=host -v $PWD:/go/src/github.com/containers/libpod --workdir /go/src/github.com/containers/libpod -e CGROUP_MANAGER=cgroupfs -e PYTHON=$PYTHON -e STORAGE_OPTIONS="--storage-driver=vfs" -e CRIO_ROOT="/go/src/github.com/containers/libpod" -e PODMAN_BINARY="/usr/bin/podman" -e CONMON_BINARY="/usr/libexec/podman/conmon" -e DIST=$DIST -e CONTAINER_RUNTIME=$CONTAINER_RUNTIME $IMAGE sh .papr.sh
+${CONTAINER_RUNTIME} run --rm --privileged --net=host -v $PWD:/go/src/github.com/containers/libpod --workdir /go/src/github.com/containers/libpod -e CGROUP_MANAGER=cgroupfs -e PYTHON=$PYTHON -e STORAGE_OPTIONS="--storage-driver=vfs" -e CRIO_ROOT="/go/src/github.com/containers/libpod" -e PODMAN_BINARY="/usr/bin/podman" -e CONMON_BINARY="/usr/libexec/podman/conmon" -e DIST=$DIST -e CONTAINER_RUNTIME=$CONTAINER_RUNTIME $IMAGE bash -c sh ./.papr.sh -b -i -t
diff --git a/Dockerfile b/Dockerfile
index 2c43cb046..62be638f2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -137,7 +137,3 @@ COPY test/policy.json /etc/containers/policy.json
COPY test/redhat_sigstore.yaml /etc/containers/registries.d/registry.access.redhat.com.yaml
WORKDIR /go/src/github.com/containers/libpod
-
-# Wrap all commands in the "docker-in-docker" script to allow nested containers,
-# and allow testing of apparmor.
-ENTRYPOINT ["./hack/dind"]
diff --git a/Dockerfile.CentOS b/Dockerfile.CentOS
index 9c752ca39..67b7ddce1 100644
--- a/Dockerfile.CentOS
+++ b/Dockerfile.CentOS
@@ -91,7 +91,3 @@ COPY test/policy.json /etc/containers/policy.json
COPY test/redhat_sigstore.yaml /etc/containers/registries.d/registry.access.redhat.com.yaml
WORKDIR /go/src/github.com/containers/libpod
-
-# Wrap all commands in the "docker-in-docker" script to allow nested containers,
-# and allow testing of apparmor.
-ENTRYPOINT ["./hack/dind"]
diff --git a/Dockerfile.Fedora b/Dockerfile.Fedora
index e246cfba1..30653d06b 100644
--- a/Dockerfile.Fedora
+++ b/Dockerfile.Fedora
@@ -97,7 +97,3 @@ COPY test/redhat_sigstore.yaml /etc/containers/registries.d/registry.access.redh
RUN pip3 install varlink
WORKDIR /go/src/github.com/containers/libpod
-
-# Wrap all commands in the "docker-in-docker" script to allow nested containers,
-# and allow testing of apparmor.
-ENTRYPOINT ["./hack/dind"]
diff --git a/Makefile b/Makefile
index f219b4f05..3939b369f 100644
--- a/Makefile
+++ b/Makefile
@@ -38,8 +38,6 @@ BUILD_INFO ?= $(shell date +%s)
LDFLAGS_PODMAN ?= $(LDFLAGS) -X main.gitCommit=$(GIT_COMMIT) -X main.buildInfo=$(BUILD_INFO)
ISODATE ?= $(shell date --iso-8601)
LIBSECCOMP_COMMIT := release-2.3
-# Wrapper to setup mounts required by AppArmor
-ENTRYPOINT := ./hack/dind
# If GOPATH not specified, use one in the local directory
ifeq ($(GOPATH),)
@@ -146,13 +144,13 @@ libpodimage:
docker build -t ${LIBPOD_IMAGE} .
dbuild: libpodimage
- docker run --name=${LIBPOD_INSTANCE} --privileged -v ${PWD}:/go/src/${PROJECT} --rm ${LIBPOD_IMAGE} ${ENTRYPOINT} make all
+ docker run --name=${LIBPOD_INSTANCE} --privileged -v ${PWD}:/go/src/${PROJECT} --rm ${LIBPOD_IMAGE} make all
test: libpodimage
- docker run -e STORAGE_OPTIONS="--storage-driver=vfs" -e TESTFLAGS -e CGROUP_MANAGER=cgroupfs -e TRAVIS -t --privileged --rm -v ${CURDIR}:/go/src/${PROJECT} ${LIBPOD_IMAGE} ${ENTRYPOINT} make clean all localunit localintegration
+ docker run -e STORAGE_OPTIONS="--storage-driver=vfs" -e TESTFLAGS -e CGROUP_MANAGER=cgroupfs -e TRAVIS -t --privileged --rm -v ${CURDIR}:/go/src/${PROJECT} ${LIBPOD_IMAGE} make clean all localunit localintegration
integration: libpodimage
- docker run -e STORAGE_OPTIONS="--storage-driver=vfs" -e TESTFLAGS -e CGROUP_MANAGER=cgroupfs -e TRAVIS -t --privileged --rm -v ${CURDIR}:/go/src/${PROJECT} ${LIBPOD_IMAGE} ${ENTRYPOINT} make clean all localintegration
+ docker run -e STORAGE_OPTIONS="--storage-driver=vfs" -e TESTFLAGS -e CGROUP_MANAGER=cgroupfs -e TRAVIS -t --privileged --rm -v ${CURDIR}:/go/src/${PROJECT} ${LIBPOD_IMAGE} make clean all localintegration
integration.fedora:
DIST=Fedora sh .papr_prepare.sh
@@ -161,10 +159,10 @@ integration.centos:
DIST=CentOS sh .papr_prepare.sh
shell: libpodimage
- docker run --tmpfs -e STORAGE_OPTIONS="--storage-driver=vfs" -e CGROUP_MANAGER=cgroupfs -e TESTFLAGS -e TRAVIS -it --privileged --rm -v ${CURDIR}:/go/src/${PROJECT} ${LIBPOD_IMAGE} ${ENTRYPOINT} sh
+ docker run --tmpfs -e STORAGE_OPTIONS="--storage-driver=vfs" -e CGROUP_MANAGER=cgroupfs -e TESTFLAGS -e TRAVIS -it --privileged --rm -v ${CURDIR}:/go/src/${PROJECT} ${LIBPOD_IMAGE} sh
testunit: libpodimage
- docker run -e STORAGE_OPTIONS="--storage-driver=vfs" -e TESTFLAGS -e CGROUP_MANAGER=cgroupfs -e TRAVIS -t --privileged --rm -v ${CURDIR}:/go/src/${PROJECT} ${LIBPOD_IMAGE} ${ENTRYPOINT} make localunit
+ docker run -e STORAGE_OPTIONS="--storage-driver=vfs" -e TESTFLAGS -e CGROUP_MANAGER=cgroupfs -e TRAVIS -t --privileged --rm -v ${CURDIR}:/go/src/${PROJECT} ${LIBPOD_IMAGE} make localunit
localunit: varlink_generate
$(GO) test -tags "$(BUILDTAGS)" -cover $(PACKAGES)
diff --git a/hack/dind b/hack/dind
deleted file mode 100755
index 3254f9dbe..000000000
--- a/hack/dind
+++ /dev/null
@@ -1,33 +0,0 @@
-#!/usr/bin/env bash
-set -e
-
-# DinD: a wrapper script which allows docker to be run inside a docker container.
-# Original version by Jerome Petazzoni <jerome@docker.com>
-# See the blog post: https://blog.docker.com/2013/09/docker-can-now-run-within-docker/
-#
-# This script should be executed inside a docker container in privileged mode
-# ('docker run --privileged', introduced in docker 0.6).
-
-# Usage: dind CMD [ARG...]
-
-# apparmor sucks and Docker needs to know that it's in a container (c) @tianon
-export container=docker
-
-if [ -d /sys/kernel/security ] && ! mountpoint -q /sys/kernel/security; then
- mount -t securityfs none /sys/kernel/security || {
- echo >&2 'Could not mount /sys/kernel/security.'
- echo >&2 'AppArmor detection and --privileged mode might break.'
- }
-fi
-
-# Mount /tmp (conditionally)
-if ! mountpoint -q /tmp; then
- mount -t tmpfs none /tmp
-fi
-
-if [ $# -gt 0 ]; then
- exec "$@"
-fi
-
-echo >&2 'ERROR: No command specified.'
-echo >&2 'You probably want to run hack/make.sh, or maybe a shell?'