diff options
Diffstat (limited to 'contrib')
| -rwxr-xr-x | contrib/dependabot-dance | 114 | ||||
| -rw-r--r-- | contrib/rootless-cni-infra/Containerfile | 2 | ||||
| -rwxr-xr-x | contrib/rootless-cni-infra/rootless-cni-infra | 18 | ||||
| -rw-r--r-- | contrib/spec/podman.spec.in | 2 |
4 files changed, 134 insertions, 2 deletions
diff --git a/contrib/dependabot-dance b/contrib/dependabot-dance new file mode 100755 index 000000000..3cf740753 --- /dev/null +++ b/contrib/dependabot-dance @@ -0,0 +1,114 @@ +#! /usr/bin/env bash +# +# dependabot-dance - invoked to perform manual steps on podman dependabot PRs +# +# As best I can tell (please correct me if mistaken), dependabot's job is +# to submit PRs with a change only in 'go.mod' but without actually +# running 'make vendor' to update the source files under vendor. This +# requires a human to run those steps. +# +# This script automates that, with a few safety checks. +# +ME=$(basename $0) +missing=" argument is missing; see $ME --help for details" +usage="Usage: $ME [--help] [-v|--verbose] + +$ME performs a series of magical steps to get dependabot PRs +ready for merge. The important one is 'make vendor-in-container', +everything else is scaffolding to check out the PR and push it back. + +Flags: + --help display usage message + -v, --verbose verbose output +" + +verbose= +for i +do + value=$(expr "$i" : '[^=]*=\(.*\)') + case "$i" in + -h*|--help) echo "$usage"; exit 0;; + -v|--verbose) verbose=$i; shift;; + -*) echo "$ME: unrecognized option $i" >&2 + echo "$usage" >&2 + exit 1;; + *) break;; + esac +done + +die () { + echo "$ME: $*" >&2 + exit 1 +} + +function branch_dance() { + local branch="$1" + + # User will appreciate seeing 'git' and 'make' commands, but nothing else + set -x + git checkout -t $branch + set +x + + # Commit must be from dependabot + author=$(git show --no-patch --format='format:%an' HEAD) + if ! [[ $author =~ dependabot ]]; then + echo + echo "Commit author is '$author' (expected 'dependabot')" + echo -n "Continue? [y/N] " + read ans + case "$ans" in + [yY]*) ;; + *) exit 1;; + esac + fi + + # This is what does all the work + set -x + make vendor-in-container + set +x + + # Now make sure at least *something* changed under vendor + modified=$(git ls-files -m vendor) + if [[ -z "$modified" ]]; then + echo "No files changed under 'vendor' -- nothing to do!" + return + fi + + # Okay, here we go + set -x + git add vendor + git commit -a --amend -s --no-edit + git push --force + set +x + + # Try to leave things in relatively clean state; remove local branch copy + local tracking_branch=$(git branch --show-current) + git checkout master + git branch -d $tracking_branch +} + + + + +# Make sure we're cd'ed to the top level of a podman repo +test -d .git || die "No .git subdirectory (please cd to top level)" + +# Clear all dependabot remote branches +git branch -r | grep /dependabot/go_modules/ \ + | xargs --no-run-if-empty git branch -r -d + +# ...and pull new ones +git pull --all + +# Abort on any error from here on +set -e + +# We cannot have any git-modified files +modified=$(git ls-files -m) +test -z "$modified" || die "Modified files exist: $modified" + +for branch in $(git branch -r | grep /dependabot/go_modules/); do + echo + echo ">>>>> $branch" + branch_dance $branch +done diff --git a/contrib/rootless-cni-infra/Containerfile b/contrib/rootless-cni-infra/Containerfile index 5be30ccc9..6bf70d644 100644 --- a/contrib/rootless-cni-infra/Containerfile +++ b/contrib/rootless-cni-infra/Containerfile @@ -34,4 +34,4 @@ COPY rootless-cni-infra /usr/local/bin ENV CNI_PATH=/opt/cni/bin CMD ["sleep", "infinity"] -ENV ROOTLESS_CNI_INFRA_VERSION=1 +ENV ROOTLESS_CNI_INFRA_VERSION=2 diff --git a/contrib/rootless-cni-infra/rootless-cni-infra b/contrib/rootless-cni-infra/rootless-cni-infra index f6622b23c..5cb43621d 100755 --- a/contrib/rootless-cni-infra/rootless-cni-infra +++ b/contrib/rootless-cni-infra/rootless-cni-infra @@ -4,6 +4,23 @@ set -eu ARG0="$0" BASE="/run/rootless-cni-infra" +wait_unshare_net() { + pid="$1" + # NOTE: busybox shell doesn't support the `for ((i=0; i < $MAX; i++)); do foo; done` statement + i=0 + while :; do + if [ "$(readlink /proc/self/ns/net)" != "$(readlink /proc/${pid}/ns/net)" ]; then + break + fi + sleep 0.1 + if [ $i -ge 10 ]; then + echo >&2 "/proc/${pid}/ns/net cannot be unshared" + exit 1 + fi + i=$((i + 1)) + done +} + # CLI subcommand: "alloc $CONTAINER_ID $NETWORK_NAME $POD_NAME" cmd_entrypoint_alloc() { if [ "$#" -ne 3 ]; then @@ -24,6 +41,7 @@ cmd_entrypoint_alloc() { else unshare -n sleep infinity & pid="$!" + wait_unshare_net "${pid}" echo "${pid}" >"${dir}/pid" nsenter -t "${pid}" -n ip link set lo up fi diff --git a/contrib/spec/podman.spec.in b/contrib/spec/podman.spec.in index 363aa60d7..2e266b59f 100644 --- a/contrib/spec/podman.spec.in +++ b/contrib/spec/podman.spec.in @@ -42,7 +42,7 @@ Epoch: 99 %else Epoch: 0 %endif -Version: 2.1.0 +Version: 2.2.0 Release: #COMMITDATE#.git%{shortcommit0}%{?dist} Summary: Manage Pods, Containers and Container Images License: ASL 2.0 |