diff options
Diffstat (limited to 'contrib')
25 files changed, 375 insertions, 26 deletions
diff --git a/contrib/cirrus/README.md b/contrib/cirrus/README.md index 18ef3e7f7..ada362d95 100644 --- a/contrib/cirrus/README.md +++ b/contrib/cirrus/README.md @@ -69,6 +69,13 @@ Confirm that cross-compile of podman-remote functions for both `windows` and `darwin` targets. +### ``special_testing_cgroupv2`` Task + +Use the latest Fedora release with the required kernel options pre-set for +exercising cgroups v2 with podman integration tests. Also depends on +having `SPECIALMODE` set to 'cgroupv2` + + ### ``test_build_cache_images_task`` Task Modifying the contents of cache-images is tested by making changes to @@ -266,5 +273,6 @@ values follows: and utilized for testing. * `in_podman`: Causes testing to occur within a container executed by podman on the host. +* `cgroupv2`: The kernel on this VM was prepared with options to enable v2 cgroups * `windows`: See **darwin** * `darwin`: Signals the ``special_testing_cross`` task to cross-compile the remote client. diff --git a/contrib/cirrus/add_second_partition.sh b/contrib/cirrus/add_second_partition.sh new file mode 100644 index 000000000..73db192c5 --- /dev/null +++ b/contrib/cirrus/add_second_partition.sh @@ -0,0 +1,62 @@ +#!/bin/bash + +# N/B: This script could mega f*!@up your disks if run by mistake. +# it is left without the execute-bit on purpose! + +# $SLASH_DEVICE is the disk device to be f*xtuP +SLASH_DEVICE="/dev/sda" # Always the case on GCP + +# The unallocated space results from the difference in disk-size between VM Image +# and runtime request. The check_image.sh test includes a minimum-space check, +# with the Image size set initially lower by contrib/cirrus/packer/libpod_images.yml +NEW_PART_START="50%" +NEW_PART_END="100%" + +set -eo pipefail + +source $(dirname $0)/lib.sh + +if [[ ! -r "/root" ]] || [[ -r "/root/second_partition_ready" ]] +then + echo "Warning: Ignoring attempted execution of $(basename $0)" + exit 0 +fi + +[[ -n "type -P parted" ]] || \ + die 2 "The parted command is required." + +[[ ! -b ${SLASH_DEVICE}2 ]] || \ + die 5 "Found unexpected block device ${SLASH_DEVICE}2" + +PPRINTCMD="parted --script ${SLASH_DEVICE} print" +FINDMNTCMD="findmnt --source=${SLASH_DEVICE}1 --mountpoint=/ --canonicalize --evaluate --first-only --noheadings" +TMPF=$(mktemp -p '' $(basename $0)_XXXX) +trap "rm -f $TMPF" EXIT + +if $FINDMNTCMD | tee $TMPF | egrep -q "^/\s+${SLASH_DEVICE}1" +then + echo "Repartitioning original partition table:" + $PPRINTCMD +else + die 6 "Unexpected output from '$FINDMNTCMD': $(<$TMPF)" +fi + +echo "Adding partition offset within unpartitioned space." +parted --script --align optimal /dev/sda unit % mkpart primary "" "" "$NEW_PART_START" "$NEW_PART_END" + +echo "New partition table:" +$PPRINTCMD + +echo "Growing ${SLASH_DEVICE}1 meet start of ${SLASH_DEVICE}2" +growpart ${SLASH_DEVICE} 1 + +FSTYPE=$(findmnt --first-only --noheadings --output FSTYPE ${SLASH_DEVICE}1) +echo "Expanding $FSTYPE filesystem on ${SLASH_DEVICE}1" +case $FSTYPE in + ext*) resize2fs ${SLASH_DEVICE}1 ;; + *) die 11 "Script $(basename $0) doesn't know how to resize a $FSTYPE filesystem." ;; +esac + +# Must happen last - signals completion to other tooling +echo "Recording newly available disk partition device into /root/second_partition_ready" +echo "${SLASH_DEVICE}2" > /root/second_partition_ready diff --git a/contrib/cirrus/build_vm_images.sh b/contrib/cirrus/build_vm_images.sh index dd5182c37..6230610cb 100755 --- a/contrib/cirrus/build_vm_images.sh +++ b/contrib/cirrus/build_vm_images.sh @@ -62,6 +62,6 @@ URI="gs://packer-import${POST_MERGE_BUCKET_SUFFIX}/manifest${BUILT_IMAGE_SUFFIX} gsutil cp packer-manifest.json "$URI" # Ensure any background 'gcloud compute images update' processes finish -wait # CentOS has no -n option :( +wait # No -n option in CentOS, this is the best that can be done :( echo "Finished. A JSON manifest of produced images is available at $URI" diff --git a/contrib/cirrus/check_image.sh b/contrib/cirrus/check_image.sh index 22ed1ddc4..ad9a12f49 100755 --- a/contrib/cirrus/check_image.sh +++ b/contrib/cirrus/check_image.sh @@ -4,10 +4,12 @@ set -eo pipefail source $(dirname $0)/lib.sh +req_env_var PACKER_BUILDER_NAME TEST_REMOTE_CLIENT EVIL_UNITS OS_RELEASE_ID + NFAILS=0 echo "Validating VM image" -MIN_SLASH_GIGS=50 +MIN_SLASH_GIGS=30 read SLASH_DEVICE SLASH_FSTYPE SLASH_SIZE JUNK <<<$(findmnt --df --first-only --noheadings / | cut -d '.' -f 1) SLASH_SIZE_GIGS=$(echo "$SLASH_SIZE" | sed -r -e 's/G|g//') item_test "Minimum available disk space" $SLASH_SIZE_GIGS -gt $MIN_SLASH_GIGS || let "NFAILS+=1" @@ -20,6 +22,9 @@ item_test 'Minimum available memory' $MEM_FREE -ge $MIN_MEM_MB || let "NFAILS+=1 # binary anywhere; that could potentially taint our results. item_test "remove_packaged_podman_files() did it's job" -z "$(type -P podman)" || let "NFAILS+=1" +# Integration Tests require varlink in Fedora +item_test "The varlink executable is present" -x "$(type -P varlink)" || let "NFAILS+=1" + MIN_ZIP_VER='3.0' VER_RE='.+([[:digit:]]+\.[[:digit:]]+).+' ACTUAL_VER=$(zip --version 2>&1 | egrep -m 1 "Zip$VER_RE" | sed -r -e "s/$VER_RE/\\1/") @@ -49,5 +54,16 @@ then item_test "On ubuntu /usr/bin/runc is /usr/lib/cri-o-runc/sbin/runc" "$SAMESAME" -eq "0" || let "NFAILS+=1" fi +echo "Checking items specific to ${PACKER_BUILDER_NAME}${BUILT_IMAGE_SUFFIX}" +case "$PACKER_BUILDER_NAME" in + xfedora*) + echo "Kernel Command-line: $(cat /proc/cmdline)" + item_test \ + "On ${PACKER_BUILDER_NAME} images, the /sys/fs/cgroup/unified directory does NOT exist" \ + "!" "-d" "/sys/fs/cgroup/unified" || let "NFAILS+=1" + ;; + *) echo "No vm-image specific items to check" +esac + echo "Total failed tests: $NFAILS" exit $NFAILS diff --git a/contrib/cirrus/integration_test.sh b/contrib/cirrus/integration_test.sh index cfaf33b85..e5de518fa 100755 --- a/contrib/cirrus/integration_test.sh +++ b/contrib/cirrus/integration_test.sh @@ -36,6 +36,18 @@ case "$SPECIALMODE" in -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no \ -o CheckHostIP=no $GOSRC/$SCRIPT_BASE/rootless_test.sh ${TESTSUITE} ;; + cgroupv2) + # FIXME: use the package once all the fixes are in a release + # yum install -y crun + setenforce 0 + yum builddep -y crun + (git clone --depth=1 https://github.com/containers/crun && cd crun && ./autogen.sh && ./configure --prefix=/usr && make -j4 && make install) + export OCI_RUNTIME=/usr/bin/crun + make + make install PREFIX=/usr ETCDIR=/etc + make test-binaries + make local${TESTSUITE} + ;; none) make make install PREFIX=/usr ETCDIR=/etc @@ -52,5 +64,5 @@ case "$SPECIALMODE" in warn '' "No $SPECIALMODE remote client integration tests configured" ;; *) - die 110 "Unsupported \$SPECIAL_MODE: $SPECIALMODE" + die 110 "Unsupported \$SPECIALMODE: $SPECIALMODE" esac diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh index 737ca3c01..a20ee5a62 100644 --- a/contrib/cirrus/lib.sh +++ b/contrib/cirrus/lib.sh @@ -55,9 +55,9 @@ PACKER_VER="1.3.5" # CSV of cache-image names to build (see $PACKER_BASE/libpod_images.json) # Base-images rarely change, define them here so they're out of the way. -export PACKER_BUILDS="${PACKER_BUILDS:-ubuntu-18,fedora-30,fedora-29}" +export PACKER_BUILDS="${PACKER_BUILDS:-ubuntu-18,fedora-30,xfedora-30,fedora-29}" # Google-maintained base-image names -export UBUNTU_BASE_IMAGE="ubuntu-1804-bionic-v20181203a" +export UBUNTU_BASE_IMAGE="ubuntu-1804-bionic-v20190722a" # Manually produced base-image names (see $SCRIPT_BASE/README.md) export FEDORA_BASE_IMAGE="fedora-cloud-base-30-1-2-1559164849" export PRIOR_FEDORA_BASE_IMAGE="fedora-cloud-base-29-1-2-1559164849" @@ -100,6 +100,9 @@ OS_RELEASE_VER="$(source /etc/os-release; echo $VERSION_ID | cut -d '.' -f 1)" # Combined to ease soe usage OS_REL_VER="${OS_RELEASE_ID}-${OS_RELEASE_VER}" +# Installed into cache-images, supports overrides +# by user-data in case of breakage or for debugging. +CUSTOM_CLOUD_CONFIG_DEFAULTS="$GOSRC/$PACKER_BASE/cloud-init/$OS_RELEASE_ID/cloud.cfg.d" # Pass in a list of one or more envariable names; exit non-zero with # helpful error message if any value is empty req_env_var() { @@ -354,7 +357,7 @@ remove_packaged_podman_files(){ } systemd_banish(){ - echo "Disabling periodic services that could destabilize testing:" + echo "Disabling periodic services that could destabilize testing (ignoring errors):" set +e # Not all of these exist on every platform for unit in $EVIL_UNITS do @@ -372,11 +375,20 @@ systemd_banish(){ _finalize(){ set +e # Don't fail at the very end - set +e # make errors non-fatal - echo "Removing leftover giblets from cloud-init" + if [[ -d "$CUSTOM_CLOUD_CONFIG_DEFAULTS" ]] + then + echo "Installing custom cloud-init defaults" + sudo cp -v "$CUSTOM_CLOUD_CONFIG_DEFAULTS"/* /etc/cloud/cloud.cfg.d/ + else + echo "Could not find any files in $CUSTOM_CLOUD_CONFIG_DEFAULTS" + fi + echo "Re-initializing so next boot does 'first-boot' setup again." + sudo history -c cd / sudo rm -rf /var/lib/cloud/instanc* sudo rm -rf /root/.ssh/* + sudo rm -rf /etc/ssh/*key* + sudo rm -rf /etc/ssh/moduli sudo rm -rf /home/* sudo rm -rf /tmp/* sudo rm -rf /tmp/.??* @@ -386,11 +398,6 @@ _finalize(){ rh_finalize(){ set +e # Don't fail at the very end - # Allow root ssh-logins - if [[ -r /etc/cloud/cloud.cfg ]] - then - sudo sed -re 's/^disable_root:.*/disable_root: 0/g' -i /etc/cloud/cloud.cfg - fi echo "Resetting to fresh-state for usage as cloud-image." PKG=$(type -P dnf || type -P yum || echo "") sudo $PKG clean all diff --git a/contrib/cirrus/networking.sh b/contrib/cirrus/networking.sh new file mode 100755 index 000000000..aeaf74035 --- /dev/null +++ b/contrib/cirrus/networking.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +# This script attempts basic confirmation of functional networking +# by connecting to a set of essential external servers and failing +# if any cannot be reached. + +source $(dirname $0)/lib.sh + +while read host port +do + if [[ "$port" -eq "443" ]] + then + item_test "SSL/TLS to $host:$port" "$(echo -n '' | openssl s_client -quiet -no_ign_eof -connect $host:$port &> /dev/null; echo $?)" -eq "0" + else + item_test "Connect to $host:$port" "$(nc -zv -w 13 $host $port &> /dev/null; echo $?)" -eq 0 + fi +done < ${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/required_host_ports.txt diff --git a/contrib/cirrus/packer/cloud-init/fedora/cloud.cfg.d/40_enable_root.cfg b/contrib/cirrus/packer/cloud-init/fedora/cloud.cfg.d/40_enable_root.cfg new file mode 100644 index 000000000..672d1907b --- /dev/null +++ b/contrib/cirrus/packer/cloud-init/fedora/cloud.cfg.d/40_enable_root.cfg @@ -0,0 +1 @@ +disable_root: 0 diff --git a/contrib/cirrus/packer/cloud-init/fedora/cloud.cfg.d/50_custom_disk_setup.cfg b/contrib/cirrus/packer/cloud-init/fedora/cloud.cfg.d/50_custom_disk_setup.cfg new file mode 100644 index 000000000..c0fdf0e23 --- /dev/null +++ b/contrib/cirrus/packer/cloud-init/fedora/cloud.cfg.d/50_custom_disk_setup.cfg @@ -0,0 +1,4 @@ +#cloud-config +growpart: + mode: false +resize_rootfs: false diff --git a/contrib/cirrus/packer/cloud-init/ubuntu/cloud.cfg.d/40_enable_root.cfg b/contrib/cirrus/packer/cloud-init/ubuntu/cloud.cfg.d/40_enable_root.cfg new file mode 120000 index 000000000..98a0e3918 --- /dev/null +++ b/contrib/cirrus/packer/cloud-init/ubuntu/cloud.cfg.d/40_enable_root.cfg @@ -0,0 +1 @@ +../../fedora/cloud.cfg.d/40_enable_root.cfg
\ No newline at end of file diff --git a/contrib/cirrus/packer/fedora_setup.sh b/contrib/cirrus/packer/fedora_setup.sh index 1e25a1a3c..0e1a82cc0 100644 --- a/contrib/cirrus/packer/fedora_setup.sh +++ b/contrib/cirrus/packer/fedora_setup.sh @@ -8,7 +8,7 @@ set -e # Load in library (copied by packer, before this script was run) source /tmp/libpod/$SCRIPT_BASE/lib.sh -req_env_var SCRIPT_BASE +req_env_var SCRIPT_BASE PACKER_BUILDER_NAME GOSRC install_ooe @@ -17,6 +17,10 @@ trap "sudo rm -rf $GOPATH" EXIT ooe.sh sudo dnf update -y +echo "Enabling updates-testing repository" +ooe.sh sudo dnf install -y 'dnf-command(config-manager)' +ooe.sh sudo dnf config-manager --set-enabled updates-testing + echo "Installing general build/test dependencies" ooe.sh sudo dnf install -y \ atomic-registries \ @@ -49,6 +53,7 @@ ooe.sh sudo dnf install -y \ libseccomp \ libseccomp-devel \ libselinux-devel \ + libvarlink-util \ lsof \ make \ nmap-ncat \ @@ -81,6 +86,17 @@ systemd_banish sudo /tmp/libpod/hack/install_catatonit.sh +# Same script is used for several related contexts +case "$PACKER_BUILDER_NAME" in + xfedora*) + echo "Configuring CGroups v2 enabled on next boot" + sudo grubby --update-kernel=ALL --args="systemd.unified_cgroup_hierarchy=1" + ;& # continue to next matching item + *) + echo "Finalizing $PACKER_BUILDER_NAME VM image" + ;; +esac + rh_finalize echo "SUCCESS!" diff --git a/contrib/cirrus/packer/libpod_images.yml b/contrib/cirrus/packer/libpod_images.yml index 91ed3b474..cae5d4138 100644 --- a/contrib/cirrus/packer/libpod_images.yml +++ b/contrib/cirrus/packer/libpod_images.yml @@ -33,7 +33,7 @@ builders: image_name: '{{build_name}}{{user `BUILT_IMAGE_SUFFIX`}}' image_family: '{{build_name}}-libpod' source_image: '{{user `UBUNTU_BASE_IMAGE`}}' - disk_size: 20 + disk_size: 20 # REQUIRED: Runtime allocation > this value project_id: '{{user `GCP_PROJECT_ID`}}' service_account_email: '{{user `SERVICE_ACCOUNT`}}' communicator: 'ssh' @@ -48,6 +48,10 @@ builders: source_image: '{{user `FEDORA_BASE_IMAGE`}}' - <<: *gce_hosted_image + name: 'xfedora-30' + source_image: '{{user `FEDORA_BASE_IMAGE`}}' + + - <<: *gce_hosted_image name: 'fedora-29' source_image: '{{user `PRIOR_FEDORA_BASE_IMAGE`}}' @@ -60,6 +64,7 @@ provisioners: - type: 'shell' script: '{{user `GOSRC`}}/{{user `PACKER_BASE`}}/{{split build_name "-" 0}}_setup.sh' environment_vars: + - 'PACKER_BUILDER_NAME={{build_name}}' - 'GOSRC=/tmp/libpod' - 'SCRIPT_BASE={{user `SCRIPT_BASE`}}' diff --git a/contrib/cirrus/packer/ubuntu_setup.sh b/contrib/cirrus/packer/ubuntu_setup.sh index dba191ad2..00d92570f 100644 --- a/contrib/cirrus/packer/ubuntu_setup.sh +++ b/contrib/cirrus/packer/ubuntu_setup.sh @@ -15,6 +15,9 @@ install_ooe export GOPATH="$(mktemp -d)" trap "sudo rm -rf $GOPATH" EXIT +# Ensure there are no disruptive periodic services enabled by default in image +systemd_banish + echo "Updating/configuring package repositories." $LILTO $SUDOAPTGET update $LILTO $SUDOAPTGET install software-properties-common @@ -62,6 +65,7 @@ $BIGTO $SUDOAPTGET install \ libnet1-dev \ libnl-3-dev \ libostree-dev \ + libvarlink \ libprotobuf-c0-dev \ libprotobuf-dev \ libseccomp-dev \ @@ -100,9 +104,6 @@ ooe.sh sudo update-grub sudo /tmp/libpod/hack/install_catatonit.sh ooe.sh sudo make -C /tmp/libpod install.libseccomp.sudo -# Ensure there are no disruptive periodic services enabled by default in image -systemd_banish - ubuntu_finalize echo "SUCCESS!" diff --git a/contrib/cirrus/packer/xfedora_setup.sh b/contrib/cirrus/packer/xfedora_setup.sh new file mode 120000 index 000000000..5e9f1ec77 --- /dev/null +++ b/contrib/cirrus/packer/xfedora_setup.sh @@ -0,0 +1 @@ +fedora_setup.sh
\ No newline at end of file diff --git a/contrib/cirrus/required_host_ports.txt b/contrib/cirrus/required_host_ports.txt index 9248e497a..85a6c26be 100644 --- a/contrib/cirrus/required_host_ports.txt +++ b/contrib/cirrus/required_host_ports.txt @@ -2,3 +2,14 @@ github.com 22 docker.io 443 quay.io 443 registry.fedoraproject.org 443 +mirrors.fedoraproject.org 443 +dl.fedoraproject.org 443 +ewr.edge.kernel.org 443 +mirror.chpc.utah.edu 443 +mirror.clarkson.edu 443 +mirror.umd.edu 443 +mirror.vcu.edu 443 +mirrors.cat.pdx.edu 443 +pubmirror1.math.uh.edu 443 +pubmirror2.math.uh.edu 443 +sjc.edge.kernel.org 443 diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh index 2230684ac..7b6765f8a 100755 --- a/contrib/cirrus/setup_environment.sh +++ b/contrib/cirrus/setup_environment.sh @@ -42,8 +42,11 @@ case "${OS_REL_VER}" in ln -f "$CRIO_RUNC_PATH" "/usr/bin/runc" fi ;; - fedora-30) ;; - fedora-29) ;; + fedora-30) ;& # continue to next item + fedora-29) + if [[ "$ADD_SECOND_PARTITION" == "true" ]]; then + bash "$SCRIPT_BASE/add_second_partition.sh"; fi + ;; centos-7) # Current VM is an image-builder-image no local podman/testing echo "No further setup required for VM image building" exit 0 @@ -59,9 +62,12 @@ install_test_configs make install.tools case "$SPECIALMODE" in - none) + cgroupv2) remove_packaged_podman_files # we're building from source ;; + none) + remove_packaged_podman_files + ;; rootless) # Only do this once, even if ROOTLESS_USER (somehow) changes if ! grep -q 'ROOTLESS_USER' /etc/environment @@ -82,5 +88,5 @@ case "$SPECIALMODE" in windows) ;& # for podman-remote building only darwin) ;; *) - die 111 "Unsupported \$SPECIAL_MODE: $SPECIALMODE" + die 111 "Unsupported \$SPECIALMODE: $SPECIALMODE" esac diff --git a/contrib/imgprune/Dockerfile b/contrib/imgprune/Dockerfile index 26329e828..b0dc77da5 100644 --- a/contrib/imgprune/Dockerfile +++ b/contrib/imgprune/Dockerfile @@ -1,4 +1,4 @@ -FROM libpod/imgts:latest +FROM quay.io/libpod/imgts:latest RUN yum -y update && \ yum clean all diff --git a/contrib/snapcraft/.editorconfig b/contrib/snapcraft/.editorconfig new file mode 100644 index 000000000..1749b2d4c --- /dev/null +++ b/contrib/snapcraft/.editorconfig @@ -0,0 +1,17 @@ +root = true + +[*] +indent_style = space +indent_size = 4 +end_of_line = lf +charset = utf-8 +trim_trailing_whitespace = false +insert_final_newline = false + +[*.yaml] +indent_style = space +indent_size = 2 +end_of_line = lf +charset = utf-8 +trim_trailing_whitespace = true +insert_final_newline = true
\ No newline at end of file diff --git a/contrib/snapcraft/.gitignore b/contrib/snapcraft/.gitignore new file mode 100644 index 000000000..59894f50f --- /dev/null +++ b/contrib/snapcraft/.gitignore @@ -0,0 +1,12 @@ +#snapcraft specifics +/parts/ +/stage/ +/prime/ + +*.snap + +.snapcraft +__pycache__ +*.pyc +*_source.tar.bz2 +snap/.snapcraft diff --git a/contrib/snapcraft/LICENSE b/contrib/snapcraft/LICENSE new file mode 100644 index 000000000..81802d619 --- /dev/null +++ b/contrib/snapcraft/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2017 Snapcrafters + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/contrib/snapcraft/README.md b/contrib/snapcraft/README.md new file mode 100644 index 000000000..f543c61a7 --- /dev/null +++ b/contrib/snapcraft/README.md @@ -0,0 +1,82 @@ +<h1 align="center"> + <img src="https://raw.githubusercontent.com/containers/podman.io/master/images/podman.svg?sanitize=true" alt="podman"> + <br /> +</h1> + +<p align="center"><b>This is the snap for <a href="https://podman.io/">podman</a></b>, <i>“Managing Pods, Containers, and Container Images in Multiple Formats (Docker, OCI, ...).”</i>. It works on Ubuntu, Fedora, Debian, RHEL, SUSE, and other major Linux +distributions.</p> + +<!-- Uncomment and modify this when you are provided a build status badge +<p align="center"> +<a href="https://build.snapcraft.io/user/snapcrafters/fork-and-rename-me"><img src="https://build.snapcraft.io/badge/snapcrafters/fork-and-rename-me.svg" alt="Snap Status"></a> +</p> +--> + +<!-- Uncomment and modify this when you have a screenshot + +--> + +<p align="center">Published for <img src="https://raw.githubusercontent.com/anythingcodes/slack-emoji-for-techies/gh-pages/emoji/tux.png" align="top" width="24" /> with 💝 by Snapcrafters</p> + +## Install + + sudo snap install podman + +([Don't have snapd installed?](https://snapcraft.io/docs/core/install)) + +## Remaining tasks +<!-- Uncomment and modify this when you have a screenshot + +--> + +Snapcrafters ([join us](https://forum.snapcraft.io/t/join-snapcrafters/1325)) +are working to land snap install documentation and +the [snapcraft.yaml](https://github.com/snapcrafters/podman/blob/master/snap/snapcraft.yaml) +upstream so `podman` can authoritatively publish future releases. + + - [x] Fork the [Snapcrafters template](https://github.com/snapcrafters/fork-and-rename-me) repository to your own GitHub account. + - If you have already forked the Snapcrafter template to your account and want to create another snap, you'll need to use GitHub's [Import repository](https://github.com/new/import) feature because you can only fork a repository once. + - [x] Rename the forked Snapcrafters template repository + - [x] Update the description of the repository + - [x] Update logos and references to `podman` and `[podman]` + - [ ] Create a snap that runs in `devmode` + - [x] Register the snap in the store, **using the preferred upstream name** + - [ ] Add a screenshot to this `README.md` + - [ ] Publish the `devmode` snap in the Snap store edge channel + - [ ] Add install instructions to this `README.md` + - [ ] Update snap store metadata, icons and screenshots + - [ ] Convert the snap to `strict` confinement, or `classic` confinement if it qualifies + - [ ] Publish the confined snap in the Snap store beta channel + - [ ] Update the install instructions in this `README.md` + - [ ] Post a call for testing on the [Snapcraft Forum](https://forum.snapcraft.io) - [link]() + - [ ] Make a post in the [Snapcraft Forum](https://forum.snapcraft.io) asking for a transfer of the snap name from you to snapcrafters - [link]() + - [ ] Ask a [Snapcrafters admin](https://github.com/orgs/snapcrafters/people?query=%20role%3Aowner) to fork your repo into github.com/snapcrafters, and configure the repo for automatic publishing into edge on commit + - [ ] Add the provided Snapcraft build badge to this `README.md` + - [ ] Publish the snap in the Snap store stable channel + - [ ] Update the install instructions in this `README.md` + - [ ] Post an announcement in the [Snapcraft Forum](https://forum.snapcraft.io) - [link]() + - [ ] Submit a pull request or patch upstream that adds snap install documentation - [link]() + - [ ] Submit a pull request or patch upstream that adds the `snapcraft.yaml` and any required assets/launchers - [link]() + - [ ] Add upstream contact information to the `README.md` + - If upstream accept the PR: + - [ ] Request upstream create a Snap store account + - [ ] Contact the Snap Advocacy team to request the snap be transferred to upstream + - [ ] Ask the Snap Advocacy team to celebrate the snap - [link]() + +If you have any questions, [post in the Snapcraft forum](https://forum.snapcraft.io). + +<!-- +## The Snapcrafters + +| [](https://github.com/yourname/) | +| :---: | +| [Your Name](https://github.com/yourname/) | +--> + +<!-- Uncomment and modify this when you have upstream contacts +## Upstream + +| [](https://github.com/upstreamname) | +| :---: | +| [Upstream Name](https://github.com/upstreamname) | +--> diff --git a/contrib/snapcraft/snap/snapcraft.yaml b/contrib/snapcraft/snap/snapcraft.yaml new file mode 100644 index 000000000..7ff0df03b --- /dev/null +++ b/contrib/snapcraft/snap/snapcraft.yaml @@ -0,0 +1,45 @@ +name: podman # you probably want to 'snapcraft register <name>' +version: '0.11.1.1' # just for humans, typically '1.2+git' or '1.3.2' +summary: Manage pods, containers and container images +description: | + `podman` is a tool for managing Pods, Containers, and Container Images + in multiple formats including Docker/OSI images. It exposes the same + command line interface as Docker, but runs containers unprivileged by + default. + +confinement: devmode # use 'strict' once you have the right plugs and slots + +base: core18 + +parts: + podman: + plugin: go + source: https://github.com/containers/libpod/archive/v0.11.1.1.tar.gz + go-importpath: github.com/containers/libpod + build-packages: + # https://github.com/containers/libpod/blob/master/install.md#build-and-run-dependencies + - btrfs-tools + - git + - golang-go + - go-md2man + - iptables + - libassuan-dev + - libdevmapper-dev + - libglib2.0-dev + - libc6-dev + - libgpgme11-dev + - libgpg-error-dev + - libostree-dev + - libprotobuf-dev + - libprotobuf-c0-dev + - libseccomp-dev + - libselinux1-dev + - pkg-config + stage-packages: + - libarchive13 + - libassuan0 + - libgpgme11 + - libicu60 + - libostree-1-1 + - libsoup2.4-1 + - libxml2 diff --git a/contrib/spec/podman.spec.in b/contrib/spec/podman.spec.in index 7e361d757..934f785db 100644 --- a/contrib/spec/podman.spec.in +++ b/contrib/spec/podman.spec.in @@ -39,7 +39,7 @@ %global shortcommit_conmon %(c=%{commit_conmon}; echo ${c:0:7}) Name: podman -Version: 1.4.5 +Version: 1.5.2 Release: #COMMITDATE#.git%{shortcommit0}%{?dist} Summary: Manage Pods, Containers and Container Images License: ASL 2.0 @@ -389,6 +389,7 @@ popd %install install -dp %{buildroot}%{_unitdir} +install -dp %{buildroot}%{_usr}/lib/systemd/user PODMAN_VERSION=%{version} %{__make} PREFIX=%{buildroot}%{_prefix} ETCDIR=%{buildroot}%{_sysconfdir} \ install.bin \ install.remote \ @@ -487,6 +488,8 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath} %{_datadir}/containers/%{repo}.conf %{_unitdir}/io.podman.service %{_unitdir}/io.podman.socket +%{_usr}/lib/systemd/user/io.podman.service +%{_usr}/lib/systemd/user/io.podman.socket %{_usr}/lib/tmpfiles.d/%{name}.conf %if 0%{?with_devel} diff --git a/contrib/varlink/io.podman.service b/contrib/varlink/io.podman.service index c524ce815..725198e79 100644 --- a/contrib/varlink/io.podman.service +++ b/contrib/varlink/io.podman.service @@ -6,7 +6,8 @@ Documentation=man:podman-varlink(1) [Service] Type=simple -ExecStart=/usr/bin/podman varlink unix:/run/podman/io.podman +ExecStart=/usr/bin/podman varlink unix:%t/podman/io.podman +KillMode=none [Install] WantedBy=multi-user.target diff --git a/contrib/varlink/io.podman.socket b/contrib/varlink/io.podman.socket index 0f09fe3ef..f6a3ddc49 100644 --- a/contrib/varlink/io.podman.socket +++ b/contrib/varlink/io.podman.socket @@ -3,7 +3,7 @@ Description=Podman Remote API Socket Documentation=man:podman-varlink(1) [Socket] -ListenStream=/run/podman/io.podman +ListenStream=%t/podman/io.podman SocketMode=0600 [Install] |