Yocto 2.4
Move OpenBMC to Yocto 2.4(rocko)
Tested: Built and verified Witherspoon and Palmetto images
Change-Id: I12057b18610d6fb0e6903c60213690301e9b0c67
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/import-layers/meta-virtualization/recipes-containers/containerd/containerd-docker_git.bb b/import-layers/meta-virtualization/recipes-containers/containerd/containerd-docker_git.bb
index f6dcaec..b18a9bb 100644
--- a/import-layers/meta-virtualization/recipes-containers/containerd/containerd-docker_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/containerd/containerd-docker_git.bb
@@ -1,10 +1,14 @@
+SRCREV = "3addd840653146c90a254301d6c3a663c7fd6429"
+SRC_URI = "\
+ git://github.com/docker/containerd.git;branch=v0.2.x;destsuffix=git/src/github.com/containerd/containerd \
+ "
+
include containerd.inc
-SRCREV = "03e5862ec0d8d3b3f750e19fca3ee367e13c090e"
-SRC_URI = "\
- git://github.com/docker/containerd.git;branch=docker-1.13.x \
- "
-CONTAINERD_VERSION = "0.2.3"
+CONTAINERD_VERSION = "v0.2.x"
+S = "${WORKDIR}/git/src/github.com/containerd/containerd"
PROVIDES += "virtual/containerd"
RPROVIDES_${PN} = "virtual/containerd"
+
+DEPENDS += "btrfs-tools"
diff --git a/import-layers/meta-virtualization/recipes-containers/containerd/containerd.inc b/import-layers/meta-virtualization/recipes-containers/containerd/containerd.inc
index b143979..e7a3719 100644
--- a/import-layers/meta-virtualization/recipes-containers/containerd/containerd.inc
+++ b/import-layers/meta-virtualization/recipes-containers/containerd/containerd.inc
@@ -8,30 +8,23 @@
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE.code;md5=aadc30f9c14d876ded7bedc0afd2d3d7"
+SRC_URI += "file://containerd.service"
+
S = "${WORKDIR}/git"
PV = "${CONTAINERD_VERSION}+git${SRCREV}"
inherit go
+inherit goarch
RRECOMMENDS_${PN} = "lxc docker"
-CONTAINERD_PKG="github.com/docker/containerd"
+CONTAINERD_PKG="github.com/containerd/containerd"
+
+INSANE_SKIP_${PN} += "ldflags"
do_configure[noexec] = "1"
do_compile() {
- export GOARCH="${TARGET_ARCH}"
- # supported amd64, 386, arm arm64
- if [ "${TARGET_ARCH}" = "x86_64" ]; then
- export GOARCH="amd64"
- fi
- if [ "${TARGET_ARCH}" = "aarch64" ]; then
- export GOARCH="arm64"
- fi
- if [ "${TARGET_ARCH}" = "i586" ]; then
- export GOARCH="386"
- fi
-
# Set GOPATH. See 'PACKAGERS.md'. Don't rely on
# docker to download its dependencies but rather
# use dependencies packaged independently.
@@ -39,17 +32,19 @@
rm -rf .gopath
mkdir -p .gopath/src/"$(dirname "${CONTAINERD_PKG}")"
ln -sf ../../../.. .gopath/src/"${CONTAINERD_PKG}"
- export GOPATH="${S}/.gopath:${S}/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go"
- export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go"
- cd -
+
+ export GOPATH="${WORKDIR}/git/"
+ export GOROOT="${STAGING_LIBDIR_NATIVE}/${TARGET_SYS}/go"
# Pass the needed cflags/ldflags so that cgo
# can find the needed headers files and libraries
+ export GOARCH="${TARGET_GOARCH}"
export CGO_ENABLED="1"
export CFLAGS=""
export LDFLAGS=""
export CGO_CFLAGS="${BUILDSDK_CFLAGS} --sysroot=${STAGING_DIR_TARGET}"
export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+ export GO_GCFLAGS=""
export CC_FOR_TARGET="${TARGET_PREFIX}gcc ${TARGET_CC_ARCH} --sysroot=${STAGING_DIR_TARGET}"
export CXX_FOR_TARGET="${TARGET_PREFIX}g++ ${TARGET_CC_ARCH} --sysroot=${STAGING_DIR_TARGET}"
@@ -74,9 +69,9 @@
if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
install -d ${D}${systemd_unitdir}/system
- install -m 644 ${S}/hack/containerd.service ${D}/${systemd_unitdir}/system
+ install -m 644 ${WORKDIR}/containerd.service ${D}/${systemd_unitdir}/system
# adjust from /usr/local/bin to /usr/bin/
- sed -e "s:/usr/local/bin/containerd:${bindir}/docker-containerd -l \"unix\:///var/run/docker/libcontainerd/docker-containerd.sock\":g" -i ${D}/${systemd_unitdir}/system/containerd.service
+ sed -e "s:/usr/local/bin/containerd:${bindir}/docker-containerd:g" -i ${D}/${systemd_unitdir}/system/containerd.service
fi
}
diff --git a/import-layers/meta-virtualization/recipes-containers/containerd/files/containerd.service b/import-layers/meta-virtualization/recipes-containers/containerd/files/containerd.service
new file mode 100644
index 0000000..23633b0
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/containerd/files/containerd.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=containerd
+Documentation=https://containerd.tools
+After=network.target
+
+[Service]
+ExecStart=/usr/local/bin/containerd
+Delegate=yes
+
+[Install]
+WantedBy=multi-user.target
diff --git a/import-layers/meta-virtualization/recipes-containers/cri-o/cri-o_git.bb b/import-layers/meta-virtualization/recipes-containers/cri-o/cri-o_git.bb
new file mode 100644
index 0000000..c14d54d
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/cri-o/cri-o_git.bb
@@ -0,0 +1,130 @@
+HOMEPAGE = "https://github.com/kubernetes-incubator/cri-o"
+SUMMARY = "Open Container Initiative-based implementation of Kubernetes Container Runtime Interface"
+DESCRIPTION = "cri-o is meant to provide an integration path between OCI conformant \
+runtimes and the kubelet. Specifically, it implements the Kubelet Container Runtime \
+Interface (CRI) using OCI conformant runtimes. The scope of cri-o is tied to the scope of the CRI. \
+. \
+At a high level, we expect the scope of cri-o to be restricted to the following functionalities: \
+. \
+ - Support multiple image formats including the existing Docker image format \
+ - Support for multiple means to download images including trust & image verification \
+ - Container image management (managing image layers, overlay filesystems, etc) \
+ - Container process lifecycle management \
+ - Monitoring and logging required to satisfy the CRI \
+ - Resource isolation as required by the CRI \
+ "
+
+SRCREV_cri-o = "65faae67828fb3eb3eac05b582aae9f9d1dea51c"
+SRC_URI = "\
+ git://github.com/kubernetes-incubator/cri-o.git;nobranch=1;name=cri-o \
+ file://0001-Makefile-force-symlinks.patch \
+ file://crio.conf \
+ "
+
+# Apache-2.0 for docker
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=e3fc50a88d0a364313df4b21ef20c29e"
+
+GO_IMPORT = "import"
+
+PV = "1.0.0-rc3-dev+git${SRCREV_cri-o}"
+
+DEPENDS = " \
+ glib-2.0 \
+ btrfs-tools \
+ gpgme \
+ ostree \
+ libdevmapper \
+ "
+RDEPENDS_${PN} = " \
+ cni \
+ "
+
+PACKAGES =+ "${PN}-config"
+
+RDEPENDS_${PN} += " virtual/containerd virtual/runc"
+RDEPENDS_${PN} += " e2fsprogs-mke2fs"
+
+inherit systemd
+inherit go
+inherit goarch
+inherit pkgconfig
+
+EXTRA_OEMAKE="BUILDTAGS=''"
+
+do_compile() {
+ export GOARCH="${TARGET_GOARCH}"
+ export GOROOT="${STAGING_LIBDIR_NATIVE}/${TARGET_SYS}/go"
+ export GOPATH="${S}/src/import:${S}/src/import/vendor"
+
+ # Pass the needed cflags/ldflags so that cgo
+ # can find the needed headers files and libraries
+ export CGO_ENABLED="1"
+ export CFLAGS=""
+ export LDFLAGS=""
+ export CGO_CFLAGS="${BUILDSDK_CFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+ export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+
+ # link fixups for compilation
+ rm -f ${S}/src/import/vendor/src
+ ln -sf ./ ${S}/src/import/vendor/src
+
+ mkdir -p ${S}/src/import/vendor/github.com/kubernetes-incubator/cri-o
+ ln -sf ../../../../cmd ${S}/src/import/vendor/github.com/kubernetes-incubator/cri-o/cmd
+ ln -sf ../../../../test ${S}/src/import/vendor/github.com/kubernetes-incubator/cri-o/test
+ ln -sf ../../../../oci ${S}/src/import/vendor/github.com/kubernetes-incubator/cri-o/oci
+ ln -sf ../../../../server ${S}/src/import/vendor/github.com/kubernetes-incubator/cri-o/server
+ ln -sf ../../../../pkg ${S}/src/import/vendor/github.com/kubernetes-incubator/cri-o/pkg
+ ln -sf ../../../../libpod ${S}/src/import/vendor/github.com/kubernetes-incubator/cri-o/libpod
+ ln -sf ../../../../libkpod ${S}/src/import/vendor/github.com/kubernetes-incubator/cri-o/libkpod
+ ln -sf ../../../../utils ${S}/src/import/vendor/github.com/kubernetes-incubator/cri-o/utils
+
+ export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go"
+ export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go"
+
+ # Pass the needed cflags/ldflags so that cgo
+ # can find the needed headers files and libraries
+ export CGO_ENABLED="1"
+ export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+ export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+
+ cd ${S}/src/import
+
+ oe_runmake binaries
+}
+
+SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${PN}','',d)}"
+SYSTEMD_SERVICE_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','systemd','crio.service','',d)}"
+SYSTEMD_AUTO_ENABLE_${PN} = "enable"
+
+do_install() {
+ localbindir="/usr/local/bin"
+
+ install -d ${D}${localbindir}
+ install -d ${D}/${libexecdir}/crio
+ install -d ${D}/${sysconfdir}/crio
+ install -d ${D}${systemd_unitdir}/system/
+
+ install ${WORKDIR}/crio.conf ${D}/${sysconfdir}/crio/crio.conf
+
+ # sample config files, they'll go in the ${PN}-config below
+ install -d ${D}/${sysconfdir}/crio/config/
+ install -m 755 -D ${S}/src/import/test/testdata/* ${D}/${sysconfdir}/crio/config/
+
+ install ${S}/src/import/crio ${D}/${localbindir}
+ install ${S}/src/import/crioctl ${D}/${localbindir}
+ install ${S}/src/import/kpod ${D}/${localbindir}
+
+ install ${S}/src/import/conmon/conmon ${D}/${libexecdir}/crio
+ install ${S}/src/import/pause/pause ${D}/${libexecdir}/crio
+
+ install -m 0644 ${S}/src/import/contrib/systemd/crio.service ${D}${systemd_unitdir}/system/
+ install -m 0644 ${S}/src/import/contrib/systemd/crio-shutdown.service ${D}${systemd_unitdir}/system/
+}
+
+FILES_${PN}-config = "${sysconfdir}/crio/config/*"
+FILES_${PN} += "${systemd_unitdir}/system/*"
+FILES_${PN} += "/usr/local/bin/*"
+
+INHIBIT_PACKAGE_STRIP = "1"
+INSANE_SKIP_${PN} += "ldflags already-stripped"
diff --git a/import-layers/meta-virtualization/recipes-containers/cri-o/files/0001-Makefile-force-symlinks.patch b/import-layers/meta-virtualization/recipes-containers/cri-o/files/0001-Makefile-force-symlinks.patch
new file mode 100644
index 0000000..320eac8
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/cri-o/files/0001-Makefile-force-symlinks.patch
@@ -0,0 +1,26 @@
+From a4433978bf324525b4c260b0e9615ae27271fe55 Mon Sep 17 00:00:00 2001
+From: Bruce Ashfield <bruce.ashfield@windriver.com>
+Date: Wed, 20 Sep 2017 12:05:40 -0400
+Subject: [PATCH] Makefile: force symlinks
+
+Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
+---
+ Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/import/Makefile b/src/import/Makefile
+index e3e5050bb7f6..4ad3fb7ff0a9 100644
+--- a/src/import/Makefile
++++ b/src/import/Makefile
+@@ -53,7 +53,7 @@ help:
+ .gopathok:
+ ifeq ("$(wildcard $(GOPKGDIR))","")
+ mkdir -p "$(GOPKGBASEDIR)"
+- ln -s "$(CURDIR)" "$(GOPKGBASEDIR)"
++ ln -sf "$(CURDIR)" "$(GOPKGBASEDIR)"
+ endif
+ touch "$(GOPATH)/.gopathok"
+
+--
+2.4.0.53.g8440f74
+
diff --git a/import-layers/meta-virtualization/recipes-containers/cri-o/files/crio.conf b/import-layers/meta-virtualization/recipes-containers/cri-o/files/crio.conf
new file mode 100644
index 0000000..51d7f40
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/cri-o/files/crio.conf
@@ -0,0 +1,147 @@
+# generated via: crio --config="" config --default
+
+# The "crio" table contains all of the server options.
+[crio]
+
+# root is a path to the "root directory". CRIO stores all of its data,
+# including container images, in this directory.
+root = "/var/lib/containers/storage"
+
+# run is a path to the "run directory". CRIO stores all of its state
+# in this directory.
+runroot = "/var/run/containers/storage"
+
+# storage_driver select which storage driver is used to manage storage
+# of images and containers.
+storage_driver = ""
+
+# storage_option is used to pass an option to the storage driver.
+storage_option = [
+]
+
+# The "crio.api" table contains settings for the kubelet/gRPC
+# interface (which is also used by crioctl).
+[crio.api]
+
+# listen is the path to the AF_LOCAL socket on which crio will listen.
+listen = "/var/run/crio.sock"
+
+# stream_address is the IP address on which the stream server will listen
+stream_address = ""
+
+# stream_port is the port on which the stream server will listen
+stream_port = "10010"
+
+# file_locking is whether file-based locking will be used instead of
+# in-memory locking
+file_locking = true
+
+# The "crio.runtime" table contains settings pertaining to the OCI
+# runtime used and options for how to set up and manage the OCI runtime.
+[crio.runtime]
+
+# runtime is the OCI compatible runtime used for trusted container workloads.
+# This is a mandatory setting as this runtime will be the default one
+# and will also be used for untrusted container workloads if
+# runtime_untrusted_workload is not set.
+runtime = "/usr/bin/runc"
+
+# runtime_untrusted_workload is the OCI compatible runtime used for untrusted
+# container workloads. This is an optional setting, except if
+# default_container_trust is set to "untrusted".
+runtime_untrusted_workload = ""
+
+# default_workload_trust is the default level of trust crio puts in container
+# workloads. It can either be "trusted" or "untrusted", and the default
+# is "trusted".
+# Containers can be run through different container runtimes, depending on
+# the trust hints we receive from kubelet:
+# - If kubelet tags a container workload as untrusted, crio will try first to
+# run it through the untrusted container workload runtime. If it is not set,
+# crio will use the trusted runtime.
+# - If kubelet does not provide any information about the container workload trust
+# level, the selected runtime will depend on the default_container_trust setting.
+# If it is set to "untrusted", then all containers except for the host privileged
+# ones, will be run by the runtime_untrusted_workload runtime. Host privileged
+# containers are by definition trusted and will always use the trusted container
+# runtime. If default_container_trust is set to "trusted", crio will use the trusted
+# container runtime for all containers.
+default_workload_trust = "trusted"
+
+# conmon is the path to conmon binary, used for managing the runtime.
+conmon = "/usr/libexec/crio/conmon"
+
+# conmon_env is the environment variable list for conmon process,
+# used for passing necessary environment variable to conmon or runtime.
+conmon_env = [
+ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
+]
+
+# selinux indicates whether or not SELinux will be used for pod
+# separation on the host. If you enable this flag, SELinux must be running
+# on the host.
+selinux = false
+
+# seccomp_profile is the seccomp json profile path which is used as the
+# default for the runtime.
+seccomp_profile = "/etc/crio/seccomp.json"
+
+# apparmor_profile is the apparmor profile name which is used as the
+# default for the runtime.
+apparmor_profile = "crio-default"
+
+# cgroup_manager is the cgroup management implementation to be used
+# for the runtime.
+cgroup_manager = "cgroupfs"
+
+# hooks_dir_path is the oci hooks directory for automatically executed hooks
+hooks_dir_path = "/usr/share/containers/oci/hooks.d"
+
+# pids_limit is the number of processes allowed in a container
+pids_limit = 1024
+
+# The "crio.image" table contains settings pertaining to the
+# management of OCI images.
+[crio.image]
+
+# default_transport is the prefix we try prepending to an image name if the
+# image name as we receive it can't be parsed as a valid source reference
+default_transport = "docker://"
+
+# pause_image is the image which we use to instantiate infra containers.
+pause_image = "kubernetes/pause"
+
+# pause_command is the command to run in a pause_image to have a container just
+# sit there. If the image contains the necessary information, this value need
+# not be specified.
+pause_command = "/pause"
+
+# signature_policy is the name of the file which decides what sort of policy we
+# use when deciding whether or not to trust an image that we've pulled.
+# Outside of testing situations, it is strongly advised that this be left
+# unspecified so that the default system-wide policy will be used.
+signature_policy = ""
+
+# image_volumes controls how image volumes are handled.
+# The valid values are mkdir and ignore.
+image_volumes = "mkdir"
+
+# insecure_registries is used to skip TLS verification when pulling images.
+insecure_registries = [
+]
+
+# registries is used to specify a comma separated list of registries to be used
+# when pulling an unqualified image (e.g. fedora:rawhide).
+registries = [
+]
+
+# The "crio.network" table contains settings pertaining to the
+# management of CNI plugins.
+[crio.network]
+
+# network_dir is is where CNI network configuration
+# files are stored.
+network_dir = "/etc/cni/net.d/"
+
+# plugin_dir is is where CNI plugin binaries are stored.
+plugin_dir = "/opt/cni/bin/"
diff --git a/import-layers/meta-virtualization/recipes-containers/criu/criu_git.bb b/import-layers/meta-virtualization/recipes-containers/criu/criu_git.bb
index 21dee2b..3a02103 100644
--- a/import-layers/meta-virtualization/recipes-containers/criu/criu_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/criu/criu_git.bb
@@ -13,21 +13,20 @@
LIC_FILES_CHKSUM = "file://COPYING;md5=412de458544c1cb6a2b512cd399286e2"
-SRCREV = "c031417255f6a5c4409d15ff0b36af5f6e90c559"
-PR = "r0"
-PV = "2.5+git${SRCPV}"
+SRCREV = "a31c1854e10580a09621e539c3ec052b875a8e06"
+PV = "3.4+git${SRCPV}"
SRC_URI = "git://github.com/xemul/criu.git;protocol=git \
file://0001-criu-Fix-toolchain-hardcode.patch \
file://0002-criu-Skip-documentation-install.patch \
file://0001-criu-Change-libraries-install-directory.patch \
- ${@bb.utils.contains('PACKAGECONFIG', 'selinux', '', 'file://disable-selinux.patch', d)} \
file://lib-Makefile-overwrite-install-lib-to-allow-multiarc.patch \
"
COMPATIBLE_HOST = "(x86_64|arm|aarch64).*-linux"
-DEPENDS += "libnl libcap protobuf-c-native protobuf-c util-linux-native"
+DEPENDS += "libnl libcap protobuf-c-native protobuf-c util-linux-native libbsd libnet"
+RDEPENDS_${PN} = "bash"
S = "${WORKDIR}/git"
@@ -77,3 +76,8 @@
${libdir}/pycriu/ \
${libdir}/crit-0.0.1-py2.7.egg-info \
"
+
+FILES_${PN}-staticdev += " \
+ ${libexecdir}/compel/std.lib.a \
+ ${libexecdir}/compel/fds.lib.a \
+ "
diff --git a/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Change-libraries-install-directory.patch b/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Change-libraries-install-directory.patch
index a721405..4908e47 100644
--- a/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Change-libraries-install-directory.patch
+++ b/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Change-libraries-install-directory.patch
@@ -1,26 +1,26 @@
-From 7ebde06e00b591a88397dad74a1aa47fd562eb50 Mon Sep 17 00:00:00 2001
-From: Jianchuan Wang <jianchuan.wang@windriver.com>
-Date: Tue, 16 Aug 2016 09:48:08 +0800
-Subject: [PATCH 1/2] criu: Change libraries install directory
+From 78390305829316633acee2ca5607331b0e37a104 Mon Sep 17 00:00:00 2001
+From: Mark Asselstine <mark.asselstine@windriver.com>
+Date: Fri, 8 Sep 2017 15:11:31 -0400
+Subject: [PATCH] criu: Change libraries install directory
Install the libraries into /usr/lib(or /usr/lib64)
Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com>
+Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
---
Makefile.install | 13 -------------
1 file changed, 13 deletions(-)
diff --git a/Makefile.install b/Makefile.install
-index dbc22e1..a30dc96 100644
+index 3987bcc..73d98a4 100644
--- a/Makefile.install
+++ b/Makefile.install
-@@ -11,19 +11,6 @@ LIBDIR ?= $(PREFIX)/lib
- INCLUDEDIR ?= $(PREFIX)/include/criu
- LIBEXECDIR ?= $(PREFIX)/libexec
+@@ -9,19 +9,6 @@ LIBEXECDIR ?= $(PREFIX)/libexec
+ RUNDIR ?= /run
--#
+ #
-# For recent Debian/Ubuntu with multiarch support.
--DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null)
+-DEB_HOST_MULTIARCH := $(shell dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null)
-ifneq "$(DEB_HOST_MULTIARCH)" ""
- LIBDIR ?= $(PREFIX)/lib/$(DEB_HOST_MULTIARCH)
-else
@@ -31,8 +31,9 @@
- endif
-endif
-
- export BINDIR SBINDIR MANDIR SYSTEMDUNITDIR LOGROTATEDIR
- export INCLUDEDIR LIBDIR DESTDIR PREFIX LIBEXECDIR
+-#
+ # LIBDIR falls back to the standard path.
+ LIBDIR ?= $(PREFIX)/lib
--
2.7.4
diff --git a/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Fix-toolchain-hardcode.patch b/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Fix-toolchain-hardcode.patch
index d30f2ac..dc5b897 100644
--- a/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Fix-toolchain-hardcode.patch
+++ b/import-layers/meta-virtualization/recipes-containers/criu/files/0001-criu-Fix-toolchain-hardcode.patch
@@ -1,6 +1,6 @@
-From 057d30f15e81dcc4162d6fbee06f126564596397 Mon Sep 17 00:00:00 2001
-From: Jianchuan Wang <jianchuan.wang@windriver.com>
-Date: Wed, 7 Sep 2016 23:55:15 -0400
+From af679853a45fe63f680c99e70416c8ac620d23b8 Mon Sep 17 00:00:00 2001
+From: Mark Asselstine <mark.asselstine@windriver.com>
+Date: Fri, 8 Sep 2017 15:02:14 -0400
Subject: [PATCH] criu: Fix toolchain hardcode
Replace ":=" to "?=" so that the toolchain used by bitbake build system will
@@ -8,45 +8,32 @@
Signed-off-by: Yang Shi <yang.shi@windriver.com>
Signed-off-by: Jianchuan Wang <jianchuan.wang@windriver.com>
+Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
---
Makefile | 2 +-
- criu/pie/Makefile | 2 +-
scripts/nmk/scripts/include.mk | 2 +-
scripts/nmk/scripts/tools.mk | 40 ++++++++++++++++++++--------------------
- 4 files changed, 23 insertions(+), 23 deletions(-)
+ 3 files changed, 22 insertions(+), 22 deletions(-)
diff --git a/Makefile b/Makefile
-index 52cbd6a..f66279b 100644
+index f2583a2..d7f51e5 100644
--- a/Makefile
+++ b/Makefile
-@@ -60,7 +60,7 @@ LDARCH ?= $(SRCARCH)
-
- export SRCARCH LDARCH VDSO
+@@ -17,7 +17,7 @@ ifeq ($(origin HOSTCFLAGS), undefined)
+ HOSTCFLAGS := $(CFLAGS) $(USERCFLAGS)
+ endif
-UNAME-M := $(shell uname -m)
+UNAME-M ?= $(shell uname -m)
- export UNAME-M
- ifeq ($(ARCH),arm)
-diff --git a/criu/pie/Makefile b/criu/pie/Makefile
-index 125b02f..9975871 100644
---- a/criu/pie/Makefile
-+++ b/criu/pie/Makefile
-@@ -17,7 +17,7 @@ restorer-obj-e += ./$(ARCH_DIR)/syscalls.built-in.o
#
- CFLAGS := $(filter-out -pg $(CFLAGS-GCOV),$(CFLAGS))
- CFLAGS += -iquote $(SRC_DIR)/criu/pie/piegen
--CFLAGS += -iquote $(SRC_DIR)/criu/arch/$(ARCH)/include
-+CFLAGS += -iquote $(SRC_DIR)/criu/arch/$(SRCARCH)/include
- CFLAGS += -iquote $(SRC_DIR)/criu/include
- CFLAGS += -iquote $(SRC_DIR)
-
+ # Supported Architectures
diff --git a/scripts/nmk/scripts/include.mk b/scripts/nmk/scripts/include.mk
-index 4c496f7..a7250cd 100644
+index 04ccb3a..0d63bc7 100644
--- a/scripts/nmk/scripts/include.mk
+++ b/scripts/nmk/scripts/include.mk
@@ -20,7 +20,7 @@ SUBARCH := $(shell uname -m | sed \
- -e s/aarch64.*/arm64/)
+ -e s/aarch64.*/aarch64/)
ARCH ?= $(SUBARCH)
-SRCARCH := $(ARCH)
@@ -55,16 +42,20 @@
export SUBARCH ARCH SRCARCH
diff --git a/scripts/nmk/scripts/tools.mk b/scripts/nmk/scripts/tools.mk
-index 0538dde..e4af068 100644
+index 56dba84..1698821 100644
--- a/scripts/nmk/scripts/tools.mk
+++ b/scripts/nmk/scripts/tools.mk
-@@ -2,28 +2,28 @@ ifndef ____nmk_defined__tools
+@@ -2,30 +2,30 @@ ifndef ____nmk_defined__tools
#
# System tools shorthands
-RM := rm -f
--LD := $(CROSS_COMPILE)ld
--CC := $(CROSS_COMPILE)gcc
++RM ?= rm -f
+ HOSTLD ?= ld
+-LD := $(CROSS_COMPILE)$(HOSTLD)
++LD ?= $(CROSS_COMPILE)$(HOSTLD)
+ HOSTCC ?= gcc
+-CC := $(CROSS_COMPILE)$(HOSTCC)
-CPP := $(CC) -E
-AS := $(CROSS_COMPILE)as
-AR := $(CROSS_COMPILE)ar
@@ -79,9 +70,7 @@
-PYTHON := python
-FIND := find
-SH := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
-+RM ?= rm -f
-+LD ?= $(CROSS_COMPILE)ld
-+CC ?= $(CROSS_COMPILE)gcc
++CC ?= $(CROSS_COMPILE)$(HOSTCC)
+CPP ?= $(CC) -E
+AS ?= $(CROSS_COMPILE)as
+AR ?= $(CROSS_COMPILE)ar
@@ -105,8 +94,8 @@
+ETAGS ?= etags
+CTAGS ?= ctags
- export RM LD CC CPP AS AR STRIP OBJCOPY OBJDUMP
+ export RM HOSTLD LD HOSTCC CC CPP AS AR STRIP OBJCOPY OBJDUMP
export NM SH MAKE MKDIR AWK PERL PYTHON SH CSCOPE
--
-2.8.1
+2.7.4
diff --git a/import-layers/meta-virtualization/recipes-containers/criu/files/disable-selinux.patch b/import-layers/meta-virtualization/recipes-containers/criu/files/disable-selinux.patch
deleted file mode 100644
index 5d5d035..0000000
--- a/import-layers/meta-virtualization/recipes-containers/criu/files/disable-selinux.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From bd2eeaddfc1f12f87184d870cc9a1adde1cf0b10 Mon Sep 17 00:00:00 2001
-From: Mark Asselstine <mark.asselstine@windriver.com>
-Date: Mon, 24 Apr 2017 13:08:48 -0400
-Subject: [PATCH] criu/Makefile.config: explicitly remove selinux support
-
-Upstream-Status: Inappropriate [disable feature]
-
-It shows warning when build crius if libselinux has been built already:
-
- WARNING: QA Issue: criu rdepends on libselinux, but it isn't a build dependency? [build-deps]
-
-Apply this patch to disable selinux support when 'selinux' is not in PACKAGECONF.
-
-Signed-off-by: Kai Kang <kai.kang@windriver.com>
-[MA: Context updated to apply against criu v2.5]
-Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
----
- criu/Makefile.config | 5 -----
- 1 file changed, 5 deletions(-)
-
-diff --git a/criu/Makefile.config b/criu/Makefile.config
-index f531b3b..37216f8 100644
---- a/criu/Makefile.config
-+++ b/criu/Makefile.config
-@@ -7,11 +7,6 @@ ifeq ($(call try-cc,$(FEATURE_TEST_LIBBSD_DEV),-lbsd),true)
- FEATURE_DEFINES += -DCONFIG_HAS_LIBBSD
- endif
-
--ifeq ($(call pkg-config-check,libselinux),y)
-- LIBS += -lselinux
-- FEATURE_DEFINES += -DCONFIG_HAS_SELINUX
--endif
--
- export DEFINES += $(FEATURE_DEFINES)
- export CFLAGS += $(FEATURE_DEFINES)
-
---
-2.7.4
-
diff --git a/import-layers/meta-virtualization/recipes-containers/criu/files/lib-Makefile-overwrite-install-lib-to-allow-multiarc.patch b/import-layers/meta-virtualization/recipes-containers/criu/files/lib-Makefile-overwrite-install-lib-to-allow-multiarc.patch
index 8bda8c4..c2512a0 100644
--- a/import-layers/meta-virtualization/recipes-containers/criu/files/lib-Makefile-overwrite-install-lib-to-allow-multiarc.patch
+++ b/import-layers/meta-virtualization/recipes-containers/criu/files/lib-Makefile-overwrite-install-lib-to-allow-multiarc.patch
@@ -1,6 +1,6 @@
-From 2e0c5c66786016f6443da2c1ff15ad77f018ec9b Mon Sep 17 00:00:00 2001
+From 89f9b87904bd312b817ffaa7d83abfd5e84d723d Mon Sep 17 00:00:00 2001
From: Mark Asselstine <mark.asselstine@windriver.com>
-Date: Mon, 24 Apr 2017 16:12:05 -0400
+Date: Fri, 8 Sep 2017 15:40:49 -0400
Subject: [PATCH] lib/Makefile: overwrite install-lib, to allow multiarch
I am not sure why Yocto installs python modules in arch specific
@@ -13,15 +13,15 @@
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/Makefile b/lib/Makefile
-index f1c0821..c714d12 100644
+index b1bb057..06f5c5d 100644
--- a/lib/Makefile
+++ b/lib/Makefile
-@@ -56,7 +56,7 @@ install: lib-c lib-py ../crit/crit c/criu.pc.in
- $(Q) sed -e 's,@version@,$(CRIU_VERSION),' -e 's,@libdir@,$(LIBDIR),' -e 's,@includedir@,$(dir $(INCLUDEDIR)),' c/criu.pc.in > c/criu.pc
- $(Q) install -m 644 c/criu.pc $(DESTDIR)$(LIBDIR)/pkgconfig
+@@ -56,7 +56,7 @@ install: lib-c lib-py crit/crit lib/c/criu.pc.in
+ $(Q) sed -e 's,@version@,$(CRIU_VERSION),' -e 's,@libdir@,$(LIBDIR),' -e 's,@includedir@,$(dir $(INCLUDEDIR)/criu/),' lib/c/criu.pc.in > lib/c/criu.pc
+ $(Q) install -m 644 lib/c/criu.pc $(DESTDIR)$(LIBDIR)/pkgconfig
$(E) " INSTALL " crit
-- $(Q) python ../scripts/crit-setup.py install --root=$(DESTDIR) --prefix=$(PREFIX) --record $(CRIT_SETUP_FILES)
-+ $(Q) python ../scripts/crit-setup.py install --root=$(DESTDIR) --prefix=$(PREFIX) --record $(CRIT_SETUP_FILES) --install-lib=$(INSTALL_LIB)
+- $(Q) $(PYTHON_BIN) scripts/crit-setup.py install --prefix=$(DESTDIR)$(PREFIX) --record $(CRIT_SETUP_FILES)
++ $(Q) $(PYTHON_BIN) scripts/crit-setup.py install --prefix=$(DESTDIR)$(PREFIX) --record $(CRIT_SETUP_FILES) --install-lib=$(DESTDIR)$(INSTALL_LIB)
.PHONY: install
uninstall:
diff --git a/import-layers/meta-virtualization/recipes-containers/docker-compose/files/0001-Allow-newer-versions-of-requests.patch b/import-layers/meta-virtualization/recipes-containers/docker-compose/files/0001-Allow-newer-versions-of-requests.patch
new file mode 100644
index 0000000..6fc7bb4
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/docker-compose/files/0001-Allow-newer-versions-of-requests.patch
@@ -0,0 +1,32 @@
+From 15cf1a31f5af8f09531bb837b92bd6ea49bd1744 Mon Sep 17 00:00:00 2001
+From: Pascal Bach <pascal.bach@siemens.com>
+Date: Wed, 13 Sep 2017 08:41:21 +0200
+Subject: [PATCH] Allow newer versions of requests
+
+docker compose has strict requirements to use requests < 2.12
+
+However it works without issues with newer versions, so this patch removes the check.
+
+Upstream-Status: Pending
+
+Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
+---
+ setup.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/setup.py b/setup.py
+index 192a0f6..f444757 100644
+--- a/setup.py
++++ b/setup.py
+@@ -33,7 +33,7 @@ install_requires = [
+ 'cached-property >= 1.2.0, < 2',
+ 'docopt >= 0.6.1, < 0.7',
+ 'PyYAML >= 3.10, < 4',
+- 'requests >= 2.6.1, != 2.11.0, < 2.12',
++ 'requests >= 2.6.1, != 2.11.0',
+ 'texttable >= 0.9.0, < 0.10',
+ 'websocket-client >= 0.32.0, < 1.0',
+ 'docker >= 2.5.1, < 3.0',
+--
+2.1.4
+
diff --git a/import-layers/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.16.1.bb b/import-layers/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.16.1.bb
new file mode 100644
index 0000000..4e761d0
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/docker-compose/python3-docker-compose_1.16.1.bb
@@ -0,0 +1,32 @@
+SUMMARY = "Multi-container orchestration for Docker"
+HOMEPAGE = "https://www.docker.com/"
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=435b266b3899aa8a959f17d41c56def8"
+
+SRC_URI += "file://0001-Allow-newer-versions-of-requests.patch"
+
+inherit pypi setuptools3
+
+SRC_URI[md5sum] = "8dcadf09143600fcb573b43f446c8f9a"
+SRC_URI[sha256sum] = "fb46a6a2c4d193a3ff1e4d7208eea920b629c81dc92257c87f3f93095cfb0bdf"
+
+RDEPENDS_${PN} = "\
+ ${PYTHON_PN}-cached-property \
+ ${PYTHON_PN}-certifi \
+ ${PYTHON_PN}-chardet \
+ ${PYTHON_PN}-colorama \
+ ${PYTHON_PN}-docker \
+ ${PYTHON_PN}-docker-pycreds \
+ ${PYTHON_PN}-dockerpty \
+ ${PYTHON_PN}-docopt \
+ ${PYTHON_PN}-enum \
+ ${PYTHON_PN}-idna \
+ ${PYTHON_PN}-jsonschema \
+ ${PYTHON_PN}-pyyaml \
+ ${PYTHON_PN}-requests \
+ ${PYTHON_PN}-six \
+ ${PYTHON_PN}-terminal \
+ ${PYTHON_PN}-texttable \
+ ${PYTHON_PN}-urllib3 \
+ ${PYTHON_PN}-websocket-client \
+ "
diff --git a/import-layers/meta-virtualization/recipes-containers/docker-distribution/docker-distribution_git.bb b/import-layers/meta-virtualization/recipes-containers/docker-distribution/docker-distribution_git.bb
index 08b6d70..add5ce1 100644
--- a/import-layers/meta-virtualization/recipes-containers/docker-distribution/docker-distribution_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/docker-distribution/docker-distribution_git.bb
@@ -3,16 +3,18 @@
LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=d2794c0df5b907fdace235a619d80314"
-SRCREV_distribution="0810eba2adf048b77621472991211924d9ec31c5"
-SRC_URI = "git://github.com/docker/distribution.git;branch=master;name=distribution;destsuffix=git/src/github.com/docker/distribution \
+SRCREV_distribution="48294d928ced5dd9b378f7fd7c6f5da3ff3f2c89"
+SRC_URI = "git://github.com/docker/distribution.git;branch=release/2.6;name=distribution;destsuffix=git/src/github.com/docker/distribution \
file://docker-registry.service \
"
PACKAGES =+ "docker-registry"
-PV = "v2.6.0-rc+git${SRCPV}"
+PV = "v2.6.2"
S = "${WORKDIR}/git/src/github.com/docker/distribution"
+GO_IMPORT = "import"
+
inherit goarch
inherit go
@@ -33,6 +35,8 @@
export GO_GCFLAGS=""
export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+ cd ${S}
+
oe_runmake binaries
}
diff --git a/import-layers/meta-virtualization/recipes-containers/docker/docker_git.bb b/import-layers/meta-virtualization/recipes-containers/docker/docker_git.bb
index 74170cb..4ba5e81 100644
--- a/import-layers/meta-virtualization/recipes-containers/docker/docker_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/docker/docker_git.bb
@@ -18,11 +18,13 @@
subtle and/or glaring issues. \
"
-SRCREV_docker = "49bf474f9ed7ce7143a59d1964ff7b7fd9b52178"
-SRCREV_libnetwork="0f534354b813003a754606689722fe253101bc4e"
+SRCREV_docker = "e639a70fbe999d96354a5bcf560231b7b8aa935c"
+SRCREV_libnetwork = "26addf43a5d925ff79d262dbbdb5344bc2b6e198"
+SRCREV_cli = "a765218f1988e85b68aa3977f34893ec7b059a60"
SRC_URI = "\
- git://github.com/docker/docker.git;nobranch=1;name=docker \
+ git://github.com/moby/moby.git;nobranch=1;name=docker \
git://github.com/docker/libnetwork.git;branch=master;name=libnetwork;destsuffix=libnetwork \
+ git://github.com/docker/cli;branch=master;name=cli;destsuffix=cli \
file://docker.init \
file://hi.Dockerfile \
file://context-use-golang.org-x-net-pkg-until-we-move-to-go.patch \
@@ -30,11 +32,13 @@
# Apache-2.0 for docker
LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=aadc30f9c14d876ded7bedc0afd2d3d7"
+LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=9740d093a080530b5c5c6573df9af45a"
+
+GO_IMPORT = "import"
S = "${WORKDIR}/git"
-DOCKER_VERSION = "1.13.0"
+DOCKER_VERSION = "17.06.0"
PV = "${DOCKER_VERSION}+git${SRCREV_docker}"
DEPENDS = " \
@@ -43,7 +47,6 @@
go-context \
go-mux \
go-patricia \
- go-libtrust \
go-logrus \
go-fsnotify \
go-dbus \
@@ -80,20 +83,21 @@
# Set GOPATH. See 'PACKAGERS.md'. Don't rely on
# docker to download its dependencies but rather
# use dependencies packaged independently.
- cd ${S}
+ cd ${S}/src/import
rm -rf .gopath
mkdir -p .gopath/src/"$(dirname "${DOCKER_PKG}")"
ln -sf ../../../.. .gopath/src/"${DOCKER_PKG}"
mkdir -p .gopath/src/github.com/docker
- ln -sf ../../../../../libnetwork .gopath/src/github.com/docker/libnetwork
+ ln -sf ${WORKDIR}/libnetwork .gopath/src/github.com/docker/libnetwork
+ ln -sf ${WORKDIR}/cli .gopath/src/github.com/docker/cli
- export GOPATH="${S}/.gopath:${S}/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go"
+ export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go"
export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go"
- cd -
# Pass the needed cflags/ldflags so that cgo
# can find the needed headers files and libraries
+ export GOARCH=${TARGET_GOARCH}
export CGO_ENABLED="1"
export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}"
export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
@@ -107,7 +111,10 @@
./hack/make.sh dynbinary
# build the proxy
- go build -o ${S}/docker-proxy github.com/docker/libnetwork/cmd/proxy
+ go build -o ${S}/src/import/docker-proxy github.com/docker/libnetwork/cmd/proxy
+
+ # build the cli
+ go build -o ${S}/src/import/bundles/latest/dynbinary-client/docker github.com/docker/cli/cmd/docker
}
SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${PN}','',d)}"
@@ -117,19 +124,19 @@
INITSCRIPT_PACKAGES += "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','${PN}','',d)}"
INITSCRIPT_NAME_${PN} = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','docker.init','',d)}"
-INITSCRIPT_PARAMS_${PN} = "${OS_DEFAULT_INITSCRIPT_PARAMS}"
+INITSCRIPT_PARAMS_${PN} = "defaults"
do_install() {
mkdir -p ${D}/${bindir}
- cp ${S}/bundles/latest/dynbinary-client/docker ${D}/${bindir}/docker
- cp ${S}/bundles/latest/dynbinary-daemon/dockerd ${D}/${bindir}/dockerd
- cp ${S}/docker-proxy ${D}/${bindir}/docker-proxy
+ cp ${S}/src/import/bundles/latest/dynbinary-client/docker ${D}/${bindir}/docker
+ cp ${S}/src/import/bundles/latest/dynbinary-daemon/dockerd ${D}/${bindir}/dockerd
+ cp ${S}/src/import/docker-proxy ${D}/${bindir}/docker-proxy
if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
install -d ${D}${systemd_unitdir}/system
- install -m 644 ${S}/contrib/init/systemd/docker.* ${D}/${systemd_unitdir}/system
+ install -m 644 ${S}/src/import/contrib/init/systemd/docker.* ${D}/${systemd_unitdir}/system
# replaces one copied from above with one that uses the local registry for a mirror
- install -m 644 ${S}/contrib/init/systemd/docker.service ${D}/${systemd_unitdir}/system
+ install -m 644 ${S}/src/import/contrib/init/systemd/docker.service ${D}/${systemd_unitdir}/system
else
install -d ${D}${sysconfdir}/init.d
install -m 0755 ${WORKDIR}/docker.init ${D}${sysconfdir}/init.d/docker.init
@@ -137,7 +144,7 @@
mkdir -p ${D}${datadir}/docker/
cp ${WORKDIR}/hi.Dockerfile ${D}${datadir}/docker/
- install -m 0755 ${S}/contrib/check-config.sh ${D}${datadir}/docker/
+ install -m 0755 ${S}/src/import/contrib/check-config.sh ${D}${datadir}/docker/
}
inherit useradd
diff --git a/import-layers/meta-virtualization/recipes-containers/docker/files/context-use-golang.org-x-net-pkg-until-we-move-to-go.patch b/import-layers/meta-virtualization/recipes-containers/docker/files/context-use-golang.org-x-net-pkg-until-we-move-to-go.patch
index 240b744..7ed606f 100644
--- a/import-layers/meta-virtualization/recipes-containers/docker/files/context-use-golang.org-x-net-pkg-until-we-move-to-go.patch
+++ b/import-layers/meta-virtualization/recipes-containers/docker/files/context-use-golang.org-x-net-pkg-until-we-move-to-go.patch
@@ -11,20 +11,16 @@
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
---
- client/README.md | 2 +-
- client/client.go | 2 +-
- daemon/info_unix.go | 2 +-
- integration-cli/docker_api_attach_test.go | 2 +-
- integration-cli/docker_cli_save_load_unix_test.go | 2 +-
- vendor/github.com/docker/swarmkit/manager/logbroker/subscription.go | 2 +-
- vendor/github.com/docker/swarmkit/manager/state/raft/storage/walwrap.go | 2 +-
- 7 files changed, 7 insertions(+), 7 deletions(-)
+ client/README.md | 2 +-
+ client/client.go | 2 +-
+ daemon/info_unix.go | 2 +-
+ integration-cli/docker_api_attach_test.go | 2 +-
+ integration-cli/docker_cli_save_load_unix_test.go | 2 +-
+ 5 files changed, 5 insertions(+), 5 deletions(-)
-diff --git a/client/README.md b/client/README.md
-index 059dfb3..9de54aa 100644
---- a/client/README.md
-+++ b/client/README.md
-@@ -8,7 +8,7 @@ For example, to list running containers (the equivalent of `docker ps`):
+--- a/src/import/client/README.md
++++ b/src/import/client/README.md
+@@ -8,7 +8,7 @@ For example, to list running containers
package main
import (
@@ -33,11 +29,9 @@
"fmt"
"github.com/docker/docker/api/types"
-diff --git a/client/client.go b/client/client.go
-index a9bdab6..95933af 100644
---- a/client/client.go
-+++ b/client/client.go
-@@ -19,7 +19,7 @@ For example, to list running containers (the equivalent of "docker ps"):
+--- a/src/import/client/client.go
++++ b/src/import/client/client.go
+@@ -19,7 +19,7 @@ For example, to list running containers
package main
import (
@@ -46,10 +40,8 @@
"fmt"
"github.com/docker/docker/api/types"
-diff --git a/daemon/info_unix.go b/daemon/info_unix.go
-index 9c41c0e..57f8a7b 100644
---- a/daemon/info_unix.go
-+++ b/daemon/info_unix.go
+--- a/src/import/daemon/info_unix.go
++++ b/src/import/daemon/info_unix.go
@@ -3,7 +3,7 @@
package daemon
@@ -59,10 +51,8 @@
"os/exec"
"strings"
-diff --git a/integration-cli/docker_api_attach_test.go b/integration-cli/docker_api_attach_test.go
-index d43bf3a..e5802a7 100644
---- a/integration-cli/docker_api_attach_test.go
-+++ b/integration-cli/docker_api_attach_test.go
+--- a/src/import/integration-cli/docker_api_attach_test.go
++++ b/src/import/integration-cli/docker_api_attach_test.go
@@ -3,7 +3,7 @@ package main
import (
"bufio"
@@ -72,10 +62,8 @@
"io"
"net"
"net/http"
-diff --git a/integration-cli/docker_cli_save_load_unix_test.go b/integration-cli/docker_cli_save_load_unix_test.go
-index 22445e5..d0afc8c 100644
---- a/integration-cli/docker_cli_save_load_unix_test.go
-+++ b/integration-cli/docker_cli_save_load_unix_test.go
+--- a/src/import/integration-cli/docker_cli_save_load_unix_test.go
++++ b/src/import/integration-cli/docker_cli_save_load_unix_test.go
@@ -3,7 +3,7 @@
package main
@@ -85,32 +73,3 @@
"fmt"
"io/ioutil"
"os"
-diff --git a/vendor/github.com/docker/swarmkit/manager/logbroker/subscription.go b/vendor/github.com/docker/swarmkit/manager/logbroker/subscription.go
-index 6b3295a..cbfcf7e 100644
---- a/vendor/github.com/docker/swarmkit/manager/logbroker/subscription.go
-+++ b/vendor/github.com/docker/swarmkit/manager/logbroker/subscription.go
-@@ -1,7 +1,7 @@
- package logbroker
-
- import (
-- "context"
-+ "golang.org/x/net/context"
- "fmt"
- "strings"
- "sync"
-diff --git a/vendor/github.com/docker/swarmkit/manager/state/raft/storage/walwrap.go b/vendor/github.com/docker/swarmkit/manager/state/raft/storage/walwrap.go
-index 5a6c71a..efe5921 100644
---- a/vendor/github.com/docker/swarmkit/manager/state/raft/storage/walwrap.go
-+++ b/vendor/github.com/docker/swarmkit/manager/state/raft/storage/walwrap.go
-@@ -1,7 +1,7 @@
- package storage
-
- import (
-- "context"
-+ "golang.org/x/net/context"
- "io"
- "io/ioutil"
- "os"
---
-2.7.4
-
diff --git a/import-layers/meta-virtualization/recipes-containers/docker/files/docker.init b/import-layers/meta-virtualization/recipes-containers/docker/files/docker.init
index 9c01c75..2e8eb9e 100644
--- a/import-layers/meta-virtualization/recipes-containers/docker/files/docker.init
+++ b/import-layers/meta-virtualization/recipes-containers/docker/files/docker.init
@@ -28,6 +28,7 @@
pidfile="/var/run/$prog.pid"
lockfile="/var/lock/subsys/$prog"
logfile="/var/log/$prog"
+other_args="--registry-mirror=http://localhost:5000 --insecure-registry=http://localhost:5000 --raw-logs"
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
@@ -38,8 +39,8 @@
if ! [ -f $pidfile ]; then
printf "Starting $prog:\t"
- echo "\n$(date)\n" >> $logfile
- "$unshare" -m -- $exec -d $other_args &>> $logfile &
+ echo -e "\n$(date)\n" >> $logfile
+ "$unshare" -m -- $exec daemon $other_args &>> $logfile &
pid=$!
touch $lockfile
# wait up to 10 seconds for the pidfile to exist. see
diff --git a/import-layers/meta-virtualization/recipes-containers/kubernetes/kubernetes_git.bb b/import-layers/meta-virtualization/recipes-containers/kubernetes/kubernetes_git.bb
new file mode 100644
index 0000000..2c7161e
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/kubernetes/kubernetes_git.bb
@@ -0,0 +1,98 @@
+HOMEPAGE = "git://github.com/kubernetes/kubernetes"
+SUMMARY = "Production-Grade Container Scheduling and Management"
+DESCRIPTION = "Kubernetes is an open source system for managing containerized \
+applications across multiple hosts, providing basic mechanisms for deployment, \
+maintenance, and scaling of applications. \
+"
+
+SRCREV_kubernetes = "4b839465f84e7faf876c51703aaf49b37fd10d9c"
+SRC_URI = "git://github.com/kubernetes/kubernetes.git;nobranch=1;name=kubernetes \
+ "
+
+DEPENDS += "rsync-native \
+ coreutils-native \
+ "
+
+PACKAGES =+ "kubeadm"
+PACKAGES =+ "kubectl"
+PACKAGES =+ "kubelet"
+
+ALLOW_EMPTY_${PN} = "1"
+
+# Note: we are explicitly *not* adding docker to the rdepends, since we allow
+# backends like cri-o to be used.
+RDEPENDS_${PN} += "kubeadm \
+ kubectl \
+ kubelet \
+ cni"
+
+RDEPENDS_kubeadm = "kubelet kubectl"
+RDEPENDS_kubelet = "iptables socat util-linux ethtool iproute2 ebtables"
+
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
+
+GO_IMPORT = "import"
+
+PV = "1.9.0-alpha.1+git${SRCREV_kubernetes}"
+
+inherit systemd
+inherit go
+inherit goarch
+
+do_compile() {
+ export GOARCH="${TARGET_GOARCH}"
+ export GOROOT="${STAGING_LIBDIR_NATIVE}/${TARGET_SYS}/go"
+ export GOPATH="${S}/src/import:${S}/src/import/vendor"
+
+ # Pass the needed cflags/ldflags so that cgo
+ # can find the needed headers files and libraries
+ export CGO_ENABLED="1"
+ export CFLAGS=""
+ export LDFLAGS=""
+ export CGO_CFLAGS="${BUILDSDK_CFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+ export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+
+ # link fixups for compilation
+ rm -f ${S}/src/import/vendor/src
+ ln -sf ./ ${S}/src/import/vendor/src
+
+ export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go"
+ export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go"
+
+ # Pass the needed cflags/ldflags so that cgo
+ # can find the needed headers files and libraries
+ export CGO_ENABLED="1"
+ export CGO_CFLAGS="${CFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+ export CGO_LDFLAGS="${LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+
+ cd ${S}/src/import
+ # to limit what is built, use 'WHAT', i.e. make WHAT=cmd/kubelet
+ make all
+}
+
+do_install() {
+ install -d ${D}${bindir}
+ install -d ${D}${systemd_unitdir}/system/
+ install -d ${D}${systemd_unitdir}/system/kubelet.service.d/
+
+ install -d ${D}${sysconfdir}/kubernetes/manifests/
+
+ install -m 755 -D ${S}/src/import/_output/bin/kube* ${D}/${bindir}
+
+ install -m 0644 ${S}/src/import/build/debs/kubelet.service ${D}${systemd_unitdir}/system/
+ install -m 0644 ${S}/src/import/build/debs/10-kubeadm.conf ${D}${systemd_unitdir}/system/kubelet.service.d/
+}
+
+SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES','systemd','kubelet','',d)}"
+SYSTEMD_SERVICE_kubelet = "${@bb.utils.contains('DISTRO_FEATURES','systemd','kubelet.service','',d)}"
+SYSTEMD_AUTO_ENABLE_kubelet = "enable"
+
+FILES_kubeadm = "${bindir}/kubeadm ${systemd_unitdir}/system/kubelet.service.d/*"
+FILES_kubectl = "${bindir}/kubectl"
+FILES_kubelet = "${bindir}/kubelet ${systemd_unitdir}/system/kubelet.service ${sysconfdir}/kubernetes/manifests/"
+
+INHIBIT_PACKAGE_STRIP = "1"
+INSANE_SKIP_${PN} += "ldflags already-stripped"
+
+deltask compile_ptest_base
diff --git a/import-layers/meta-virtualization/recipes-containers/lxc/files/Generate-lxc-restore-net-properly.patch b/import-layers/meta-virtualization/recipes-containers/lxc/files/Generate-lxc-restore-net-properly.patch
deleted file mode 100644
index 5adb730..0000000
--- a/import-layers/meta-virtualization/recipes-containers/lxc/files/Generate-lxc-restore-net-properly.patch
+++ /dev/null
@@ -1,121 +0,0 @@
-From e08f3573b3561f1f0490624f7ca95b7ccd8157cb Mon Sep 17 00:00:00 2001
-Message-Id: <e08f3573b3561f1f0490624f7ca95b7ccd8157cb.1435177418.git.Jim.Somerville@windriver.com>
-From: Jim Somerville <Jim.Somerville@windriver.com>
-Date: Wed, 24 Jun 2015 16:16:38 -0400
-Subject: [PATCH 1/1] Generate lxc-restore-net properly
-
-It's a script that should be run through the configure
-mechanism the same as the others. We simply rename it
-to have a .in extension and add it to configure.ac .
-
-Also, by generating the script from a .in file, it gets
-placed into the build directory. This plays nice with
-build systems that keep the src separate from the build
-directory. Without this change, the install step won't
-find the lxc-restore-net script as it still just resides
-in the src directory and not in the build directory.
-
-Upstream-Status: Not applicable. This script has already
-been rearchitected out of existence by
-cba98d127bf490b018a016b792ae05fd2d29c5ee:
-"c/r: use criu option instead of lxc-restore-net
-
-As of criu 1.5, the --veth-pair argument supports an additional parameter that
-is the bridge name to attach to. This enables us to get rid of the goofy
-action-script hack that passed bridge names as environment variables.
-
-This patch is on top of the systemd/lxcfs mount rework patch, as we probably
-want to wait to use 1.5 options until it has been out for a while and is in
-distros.
-
-Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
-Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>"
-
-Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
----
- configure.ac | 1 +
- src/lxc/lxc-restore-net | 26 --------------------------
- src/lxc/lxc-restore-net.in | 26 ++++++++++++++++++++++++++
- 3 files changed, 27 insertions(+), 26 deletions(-)
- delete mode 100755 src/lxc/lxc-restore-net
- create mode 100755 src/lxc/lxc-restore-net.in
-
-diff --git a/configure.ac b/configure.ac
-index 574b2cd..4972803 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -768,6 +768,7 @@ AC_CONFIG_FILES([
- src/lxc/legacy/lxc-ls
- src/lxc/lxc.functions
- src/lxc/version.h
-+ src/lxc/lxc-restore-net
- src/python-lxc/Makefile
- src/python-lxc/setup.py
-
-diff --git a/src/lxc/lxc-restore-net b/src/lxc/lxc-restore-net
-deleted file mode 100755
-index 6ae3c19..0000000
---- a/src/lxc/lxc-restore-net
-+++ /dev/null
-@@ -1,26 +0,0 @@
--#!/bin/sh
--
--set -e
--
--i=0
--while true; do
-- eval "bridge=\$LXC_CRIU_BRIDGE$i"
-- eval "veth=\$LXC_CRIU_VETH$i"
--
-- if [ -z "$bridge" ] || [ -z "$veth" ]; then
-- exit 0
-- fi
--
-- if [ "$CRTOOLS_SCRIPT_ACTION" = "network-lock" ]; then
-- brctl delif $bridge $veth
-- fi
--
-- if [ "$CRTOOLS_SCRIPT_ACTION" = "network-unlock" ]; then
-- brctl addif $bridge $veth
-- ip link set dev $veth up
-- fi
--
-- i=$((i+1))
--done
--
--exit 1
-diff --git a/src/lxc/lxc-restore-net.in b/src/lxc/lxc-restore-net.in
-new file mode 100755
-index 0000000..6ae3c19
---- /dev/null
-+++ b/src/lxc/lxc-restore-net.in
-@@ -0,0 +1,26 @@
-+#!/bin/sh
-+
-+set -e
-+
-+i=0
-+while true; do
-+ eval "bridge=\$LXC_CRIU_BRIDGE$i"
-+ eval "veth=\$LXC_CRIU_VETH$i"
-+
-+ if [ -z "$bridge" ] || [ -z "$veth" ]; then
-+ exit 0
-+ fi
-+
-+ if [ "$CRTOOLS_SCRIPT_ACTION" = "network-lock" ]; then
-+ brctl delif $bridge $veth
-+ fi
-+
-+ if [ "$CRTOOLS_SCRIPT_ACTION" = "network-unlock" ]; then
-+ brctl addif $bridge $veth
-+ ip link set dev $veth up
-+ fi
-+
-+ i=$((i+1))
-+done
-+
-+exit 1
---
-1.8.3.2
-
diff --git a/import-layers/meta-virtualization/recipes-containers/lxc/files/Use-AC_HEADER_MAJOR-to-detect-major-minor-makedev.patch b/import-layers/meta-virtualization/recipes-containers/lxc/files/Use-AC_HEADER_MAJOR-to-detect-major-minor-makedev.patch
deleted file mode 100644
index f9cecc0..0000000
--- a/import-layers/meta-virtualization/recipes-containers/lxc/files/Use-AC_HEADER_MAJOR-to-detect-major-minor-makedev.patch
+++ /dev/null
@@ -1,119 +0,0 @@
-From 5c957671a511441b112b137b88bf0b1f31adac20 Mon Sep 17 00:00:00 2001
-From: Sergei Trofimovich <siarheit@google.com>
-Date: Sat, 21 Jan 2017 11:57:13 +0000
-Subject: [PATCH] Use AC_HEADER_MAJOR to detect major()/minor()/makedev()
-
-commit af6824fce9c9536fbcabef8d5547f6c486f55fdf from
-git://github.com/lxc/lxc.git
-
-Before the change build failed on Gentoo as:
-
- bdev/lxclvm.c: In function 'lvm_detect':
- bdev/lxclvm.c:140:4: error: implicit declaration of function 'major' [-Werror=implicit-function-declaration]
- major(statbuf.st_rdev), minor(statbuf.st_rdev));
- ^~~~~
- bdev/lxclvm.c:140:28: error: implicit declaration of function 'minor' [-Werror=implicit-function-declaration]
- major(statbuf.st_rdev), minor(statbuf.st_rdev));
- ^~~~~
-
-glibc plans to remove <sys/sysmacros.h> from glibc's <sys/types.h>:
- https://sourceware.org/ml/libc-alpha/2015-11/msg00253.html
-
-Gentoo already applied glibc patch to experimental glibc-2.24
-to start preparingfor the change.
-
-Autoconf has AC_HEADER_MAJOR to find out which header defines
-reqiured macros:
- https://www.gnu.org/software/autoconf/manual/autoconf-2.69/html_node/Particular-Headers.html
-
-This change should also increase portability across other libcs.
-
-Bug: https://bugs.gentoo.org/604360
-Signed-off-by: Sergei Trofimovich <siarheit@google.com>
-Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
----
- configure.ac | 3 +++
- src/lxc/bdev/lxclvm.c | 9 +++++++++
- src/lxc/conf.c | 8 ++++++++
- src/lxc/lxccontainer.c | 8 ++++++++
- 4 files changed, 28 insertions(+)
-
-diff --git a/configure.ac b/configure.ac
-index 8f31c29..924baa1 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -601,6 +601,9 @@ AC_CHECK_DECLS([PR_CAPBSET_DROP], [], [], [#include <sys/prctl.h>])
- # Check for some headers
- AC_CHECK_HEADERS([sys/signalfd.h pty.h ifaddrs.h sys/capability.h sys/personality.h utmpx.h sys/timerfd.h])
-
-+# lookup major()/minor()/makedev()
-+AC_HEADER_MAJOR
-+
- # Check for some syscalls functions
- AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat])
-
-diff --git a/src/lxc/bdev/lxclvm.c b/src/lxc/bdev/lxclvm.c
-index 3d41b10..419d1c2 100644
---- a/src/lxc/bdev/lxclvm.c
-+++ b/src/lxc/bdev/lxclvm.c
-@@ -32,10 +32,19 @@
- #include <sys/wait.h>
-
- #include "bdev.h"
-+#include "config.h"
- #include "log.h"
- #include "lxclvm.h"
- #include "utils.h"
-
-+/* major()/minor() */
-+#ifdef MAJOR_IN_MKDEV
-+# include <sys/mkdev.h>
-+#endif
-+#ifdef MAJOR_IN_SYSMACROS
-+# include <sys/sysmacros.h>
-+#endif
-+
- lxc_log_define(lxclvm, lxc);
-
- extern char *dir_new_path(char *src, const char *oldname, const char *name,
-diff --git a/src/lxc/conf.c b/src/lxc/conf.c
-index 3b023ef..53406ca 100644
---- a/src/lxc/conf.c
-+++ b/src/lxc/conf.c
-@@ -39,6 +39,14 @@
- #include <grp.h>
- #include <time.h>
-
-+/* makedev() */
-+#ifdef MAJOR_IN_MKDEV
-+# include <sys/mkdev.h>
-+#endif
-+#ifdef MAJOR_IN_SYSMACROS
-+# include <sys/sysmacros.h>
-+#endif
-+
- #ifdef HAVE_STATVFS
- #include <sys/statvfs.h>
- #endif
-diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c
-index 9f12ca2..aa02833 100644
---- a/src/lxc/lxccontainer.c
-+++ b/src/lxc/lxccontainer.c
-@@ -61,6 +61,14 @@
- #include "utils.h"
- #include "version.h"
-
-+/* major()/minor() */
-+#ifdef MAJOR_IN_MKDEV
-+# include <sys/mkdev.h>
-+#endif
-+#ifdef MAJOR_IN_SYSMACROS
-+# include <sys/sysmacros.h>
-+#endif
-+
- #if HAVE_IFADDRS_H
- #include <ifaddrs.h>
- #else
---
-2.7.4
-
diff --git a/import-layers/meta-virtualization/recipes-containers/lxc/files/automake-ensure-VPATH-builds-correctly.patch b/import-layers/meta-virtualization/recipes-containers/lxc/files/automake-ensure-VPATH-builds-correctly.patch
index 2b5c853..61c0e29 100644
--- a/import-layers/meta-virtualization/recipes-containers/lxc/files/automake-ensure-VPATH-builds-correctly.patch
+++ b/import-layers/meta-virtualization/recipes-containers/lxc/files/automake-ensure-VPATH-builds-correctly.patch
@@ -15,7 +15,7 @@
@@ -66,7 +66,7 @@ buildtest-TESTS: $(TESTS)
install-ptest:
install -d $(TEST_DIR)
- install -D ../lxc/liblxc.so $(TEST_DIR)/../lxc/liblxc.so
+ install -D ../lxc/.libs/liblxc.so $(TEST_DIR)/../lxc/liblxc.so
- install -D ../../config/test-driver $(TEST_DIR)/../../config/test-driver
+ install -D $(top_srcdir)/config/test-driver $(TEST_DIR)/../../config/test-driver
cp Makefile $(TEST_DIR)
diff --git a/import-layers/meta-virtualization/recipes-containers/lxc/files/cgroups-work-around-issue-in-gcc-7.patch b/import-layers/meta-virtualization/recipes-containers/lxc/files/cgroups-work-around-issue-in-gcc-7.patch
new file mode 100644
index 0000000..90740fb
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/lxc/files/cgroups-work-around-issue-in-gcc-7.patch
@@ -0,0 +1,34 @@
+From 58a2d817a82100d287c60c63315d81445cdba3f9 Mon Sep 17 00:00:00 2001
+From: Mark Asselstine <mark.asselstine@windriver.com>
+Date: Thu, 15 Jun 2017 15:12:08 -0400
+Subject: [PATCH] cgroups: work around issue in gcc 7
+
+This works around
+https://bugzilla.yoctoproject.org/show_bug.cgi?id=11672
+https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78969
+
+By removing a single cgroup entry. For the majority of usecases this
+loss of a single entry should not be an issue and once gcc 7 is fixed
+we can revert this.
+
+Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
+---
+ src/lxc/cgroups/cgfsng.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c
+index ebd548b..c520abd 100644
+--- a/src/lxc/cgroups/cgfsng.c
++++ b/src/lxc/cgroups/cgfsng.c
+@@ -1373,7 +1373,7 @@ static inline bool cgfsng_create(void *hdata)
+ offset = cgname + len - 5;
+
+ again:
+- if (idx == 1000) {
++ if (idx == 999) {
+ ERROR("Too many conflicting cgroup names");
+ goto out_free;
+ }
+--
+2.7.4
+
diff --git a/import-layers/meta-virtualization/recipes-containers/lxc/files/runtest.patch b/import-layers/meta-virtualization/recipes-containers/lxc/files/runtest.patch
index e4e034b..6572265 100644
--- a/import-layers/meta-virtualization/recipes-containers/lxc/files/runtest.patch
+++ b/import-layers/meta-virtualization/recipes-containers/lxc/files/runtest.patch
@@ -19,7 +19,7 @@
+
+install-ptest:
+ install -d $(TEST_DIR)
-+ install -D ../lxc/liblxc.so $(TEST_DIR)/../lxc/liblxc.so
++ install -D ../lxc/.libs/liblxc.so $(TEST_DIR)/../lxc/liblxc.so
+ install -D ../../config/test-driver $(TEST_DIR)/../../config/test-driver
+ cp Makefile $(TEST_DIR)
+ @(for file in $(TESTS); do install $$file $(TEST_DIR); done;)
diff --git a/import-layers/meta-virtualization/recipes-containers/lxc/lxc_2.0.0.bb b/import-layers/meta-virtualization/recipes-containers/lxc/lxc_2.0.8.bb
similarity index 86%
rename from import-layers/meta-virtualization/recipes-containers/lxc/lxc_2.0.0.bb
rename to import-layers/meta-virtualization/recipes-containers/lxc/lxc_2.0.8.bb
index c98d1a7..93d5a10 100644
--- a/import-layers/meta-virtualization/recipes-containers/lxc/lxc_2.0.0.bb
+++ b/import-layers/meta-virtualization/recipes-containers/lxc/lxc_2.0.8.bb
@@ -2,7 +2,6 @@
SECTION = "console/utils"
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c"
-PRIORITY = "optional"
DEPENDS = "libxml2 libcap"
RDEPENDS_${PN} = " \
rsync \
@@ -10,7 +9,6 @@
libcap-bin \
bridge-utils \
dnsmasq \
- initscripts \
perl-module-strict \
perl-module-getopt-long \
perl-module-vars \
@@ -19,12 +17,12 @@
perl-module-constant \
perl-module-overload \
perl-module-exporter-heavy \
+ gmp \
+ libidn \
+ gnutls \
+ nettle \
"
-RDEPENDS_${PN}_append_libc-glibc = "\
- glibc-utils \
-"
-
-RDEPENDS_${PN}-ptest += "file make"
+RDEPENDS_${PN}-ptest += "file make gmp nettle gnutls bash"
SRC_URI = "http://linuxcontainers.org/downloads/${BPN}-${PV}.tar.gz \
file://lxc-1.0.0-disable-udhcp-from-busybox-template.patch \
@@ -34,11 +32,11 @@
file://lxc-fix-B-S.patch \
file://lxc-doc-upgrade-to-use-docbook-3.1-DTD.patch \
file://logs-optionally-use-base-filenames-to-report-src-fil.patch \
- file://Use-AC_HEADER_MAJOR-to-detect-major-minor-makedev.patch \
+ file://cgroups-work-around-issue-in-gcc-7.patch \
"
-SRC_URI[md5sum] = "04a7245a614cd3296b0ae9ceeeb83fbb"
-SRC_URI[sha256sum] = "5b737e114d8ef1feb193fba936d77a5697a7c8a10199a068cdd90d1bd27c10e4"
+SRC_URI[md5sum] = "7bfd95280522d7936c0979dfea92cdb5"
+SRC_URI[sha256sum] = "0d8e34b302cfe4c40c6c9ae5097096aa5cc2c1dfceea3f0f22e3e16c4a4e8494"
S = "${WORKDIR}/${BPN}-${PV}"
@@ -81,25 +79,27 @@
INITSCRIPT_PACKAGES = "${PN}-setup"
INITSCRIPT_NAME_{PN}-setup = "lxc"
-INITSCRIPT_PARAMS_${PN}-setup = "${OS_DEFAULT_INITSCRIPT_PARAMS}"
+INITSCRIPT_PARAMS_${PN}-setup = "defaults"
FILES_${PN}-doc = "${mandir} ${infodir}"
# For LXC the docdir only contains example configuration files and should be included in the lxc package
FILES_${PN} += "${docdir}"
FILES_${PN} += "${libdir}/python3*"
-FILES_${PN} += "${datadir}/lua/*"
-FILES_${PN} += "${libdir}/lua/lxc/*"
-FILES_${PN}-dbg += "${libdir}/lua/lxc/.debug"
-FILES_${PN}-dbg += "${libexecdir}/lxc/.debug ${libexecdir}/lxc/hooks/.debug"
-PACKAGES =+ "${PN}-templates ${PN}-setup ${PN}-networking"
+FILES_${PN} += "${datadir}/bash-completion"
+FILES_${PN}-dbg += "${libexecdir}/lxc/.debug"
+FILES_${PN}-dbg += "${libexecdir}/lxc/hooks/.debug"
+PACKAGES =+ "${PN}-templates ${PN}-setup ${PN}-networking ${PN}-lua"
+FILES_lua-${PN} = "${datadir}/lua ${libdir}/lua"
+FILES_lua-${PN}-dbg += "${libdir}/lua/lxc/.debug"
FILES_${PN}-templates += "${datadir}/lxc/templates"
RDEPENDS_${PN}-templates += "bash"
ALLOW_EMPTY_${PN}-networking = "1"
-FILES_${PN}-setup += "${sysconfdir}/tmpfiles.d"
-FILES_${PN}-setup += "${systemd_system_unitdir}"
-FILES_${PN}-setup += "${sysconfdir}/init.d"
+FILES_${PN}-setup += "/etc/tmpfiles.d"
+FILES_${PN}-setup += "/lib/systemd/system"
+FILES_${PN}-setup += "/usr/lib/systemd/system"
+FILES_${PN}-setup += "/etc/init.d"
PRIVATE_LIBS_${PN}-ptest = "liblxc.so.1"
diff --git a/import-layers/meta-virtualization/recipes-containers/oci-image-tools/files/0001-image-manifest-Recursively-remove-pre-existing-entri.patch b/import-layers/meta-virtualization/recipes-containers/oci-image-tools/files/0001-image-manifest-Recursively-remove-pre-existing-entri.patch
new file mode 100644
index 0000000..5594f97
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/oci-image-tools/files/0001-image-manifest-Recursively-remove-pre-existing-entri.patch
@@ -0,0 +1,78 @@
+From 1f205c0aec5ea9e983d61a64e7ce871ae416bebd Mon Sep 17 00:00:00 2001
+From: "W. Trevor King" <wking@tremily.us>
+Date: Tue, 18 Oct 2016 02:16:46 -0700
+Subject: [PATCH 1/2] image/manifest: Recursively remove pre-existing entries
+ when unpacking
+
+Implementing the logic that is in-flight with [1], but using recursive
+removal [2]. GNU tar has a --recursive-unlink option that's not
+enabled by default, with the motivation being something like "folks
+would be mad if we blew away a full tree and replaced it with a broken
+symlink" [3]. That makes sense for working filesystems, but we're
+building the rootfs from scratch here so losing information is not a
+concern. This commit always uses recursive removal to get that old
+thing off the filesystem (whatever it takes ;).
+
+The exception to the removal is if both the tar entry and existing
+path occupant are directories. In this case we want to use GNU tar's
+default --overwrite-dir behavior, but unpackLayer's metadata handling
+is currently very weak so I've left it at "don't delete the old
+directory".
+
+The reworked directory case also fixes a minor bug from 44210d05
+(cmd/oci-image-tool: fix unpacking..., 2016-07-22, #177) where the:
+
+ if fi, err := os.Lstat(path); !(err == nil && fi.IsDir()) {
+
+block would not error out if the Lstat failed for a reason besides the
+acceptable IsNotExist. Instead, it would attempt to call MkdirAll,
+which would probably fail for the same reason that Lstat failed
+(e.g. ENOTDIR). But it's better to handle the Lstat errors directly.
+
+[1]: https://github.com/opencontainers/image-spec/pull/317
+[2]: https://github.com/opencontainers/image-spec/pull/317/files#r79214718
+[3]: https://www.gnu.org/software/tar/manual/html_node/Dealing-with-Old-Files.html
+
+Signed-off-by: W. Trevor King <wking@tremily.us>
+---
+ image/manifest.go | 22 +++++++++++++++++++---
+ 1 file changed, 19 insertions(+), 3 deletions(-)
+
+diff --git a/image/manifest.go b/image/manifest.go
+index 8834c1e5f2f0..144bd4f62219 100644
+--- a/src/import/image/manifest.go
++++ b/src/import/image/manifest.go
+@@ -253,11 +253,27 @@ loop:
+ continue loop
+ }
+
++ if hdr.Typeflag != tar.TypeDir {
++ err = os.RemoveAll(path)
++ if err != nil && !os.IsNotExist(err) {
++ return err
++ }
++ }
++
+ switch hdr.Typeflag {
+ case tar.TypeDir:
+- if fi, err := os.Lstat(path); !(err == nil && fi.IsDir()) {
+- if err2 := os.MkdirAll(path, info.Mode()); err2 != nil {
+- return errors.Wrap(err2, "error creating directory")
++ fi, err := os.Lstat(path)
++ if err != nil && !os.IsNotExist(err) {
++ return err
++ }
++ if os.IsNotExist(err) || !fi.IsDir() {
++ err = os.RemoveAll(path)
++ if err != nil && !os.IsNotExist(err) {
++ return err
++ }
++ err = os.MkdirAll(path, info.Mode())
++ if err != nil {
++ return err
+ }
+ }
+
+--
+2.4.0.53.g8440f74
+
diff --git a/import-layers/meta-virtualization/recipes-containers/oci-image-tools/files/0002-image-manifest-Split-unpackLayerEntry-into-its-own-f.patch b/import-layers/meta-virtualization/recipes-containers/oci-image-tools/files/0002-image-manifest-Split-unpackLayerEntry-into-its-own-f.patch
new file mode 100644
index 0000000..69bdcdb
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/oci-image-tools/files/0002-image-manifest-Split-unpackLayerEntry-into-its-own-f.patch
@@ -0,0 +1,242 @@
+From 1e55f2a83b1f644803b640b72171b4ae0d95217b Mon Sep 17 00:00:00 2001
+From: "W. Trevor King" <wking@tremily.us>
+Date: Thu, 20 Oct 2016 23:30:22 -0700
+Subject: [PATCH 2/2] image/manifest: Split unpackLayerEntry into its own
+ function
+
+To help address:
+
+ $ make lint
+ checking lint
+ image/manifest.go:140::warning: cyclomatic complexity 39 of function unpackLayer() is high (> 35) (gocyclo)
+ ...
+
+Signed-off-by: W. Trevor King <wking@tremily.us>
+---
+ image/manifest.go | 185 +++++++++++++++++++++++++++++-------------------------
+ 1 file changed, 100 insertions(+), 85 deletions(-)
+
+diff --git a/image/manifest.go b/image/manifest.go
+index 144bd4f62219..dfd5a83f70e4 100644
+--- a/src/import/image/manifest.go
++++ b/src/import/image/manifest.go
+@@ -218,116 +218,131 @@ loop:
+ return errors.Wrapf(err, "error advancing tar stream")
+ }
+
+- hdr.Name = filepath.Clean(hdr.Name)
+- if !strings.HasSuffix(hdr.Name, string(os.PathSeparator)) {
+- // Not the root directory, ensure that the parent directory exists
+- parent := filepath.Dir(hdr.Name)
+- parentPath := filepath.Join(dest, parent)
+- if _, err2 := os.Lstat(parentPath); err2 != nil && os.IsNotExist(err2) {
+- if err3 := os.MkdirAll(parentPath, 0755); err3 != nil {
+- return err3
+- }
+- }
+- }
+- path := filepath.Join(dest, hdr.Name)
+- if entries[path] {
+- return fmt.Errorf("duplicate entry for %s", path)
+- }
+- entries[path] = true
+- rel, err := filepath.Rel(dest, path)
++ var whiteout bool
++ whiteout, err = unpackLayerEntry(dest, hdr, tr, &entries)
+ if err != nil {
+ return err
+ }
+- info := hdr.FileInfo()
+- if strings.HasPrefix(rel, ".."+string(os.PathSeparator)) {
+- return fmt.Errorf("%q is outside of %q", hdr.Name, dest)
++ if whiteout {
++ continue loop
+ }
+
+- if strings.HasPrefix(info.Name(), ".wh.") {
+- path = strings.Replace(path, ".wh.", "", 1)
++ // Directory mtimes must be handled at the end to avoid further
++ // file creation in them to modify the directory mtime
++ if hdr.Typeflag == tar.TypeDir {
++ dirs = append(dirs, hdr)
++ }
++ }
++ for _, hdr := range dirs {
++ path := filepath.Join(dest, hdr.Name)
+
+- if err := os.RemoveAll(path); err != nil {
+- return errors.Wrap(err, "unable to delete whiteout path")
++ finfo := hdr.FileInfo()
++ // I believe the old version was using time.Now().UTC() to overcome an
++ // invalid error from chtimes.....but here we lose hdr.AccessTime like this...
++ if err := os.Chtimes(path, time.Now().UTC(), finfo.ModTime()); err != nil {
++ return errors.Wrap(err, "error changing time")
++ }
++ }
++ return nil
++}
++
++// unpackLayerEntry unpacks a single entry from a layer.
++func unpackLayerEntry(dest string, header *tar.Header, reader io.Reader, entries *map[string]bool) (whiteout bool, err error) {
++ header.Name = filepath.Clean(header.Name)
++ if !strings.HasSuffix(header.Name, string(os.PathSeparator)) {
++ // Not the root directory, ensure that the parent directory exists
++ parent := filepath.Dir(header.Name)
++ parentPath := filepath.Join(dest, parent)
++ if _, err2 := os.Lstat(parentPath); err2 != nil && os.IsNotExist(err2) {
++ if err3 := os.MkdirAll(parentPath, 0755); err3 != nil {
++ return false, err3
+ }
++ }
++ }
++ path := filepath.Join(dest, header.Name)
++ if (*entries)[path] {
++ return false, fmt.Errorf("duplicate entry for %s", path)
++ }
++ (*entries)[path] = true
++ rel, err := filepath.Rel(dest, path)
++ if err != nil {
++ return false, err
++ }
++ info := header.FileInfo()
++ if strings.HasPrefix(rel, ".."+string(os.PathSeparator)) {
++ return false, fmt.Errorf("%q is outside of %q", header.Name, dest)
++ }
+
+- continue loop
++ if strings.HasPrefix(info.Name(), ".wh.") {
++ path = strings.Replace(path, ".wh.", "", 1)
++
++ if err = os.RemoveAll(path); err != nil {
++ return true, errors.Wrap(err, "unable to delete whiteout path")
+ }
+
+- if hdr.Typeflag != tar.TypeDir {
+- err = os.RemoveAll(path)
+- if err != nil && !os.IsNotExist(err) {
+- return err
+- }
++ return true, nil
++ }
++
++ if header.Typeflag != tar.TypeDir {
++ err = os.RemoveAll(path)
++ if err != nil && !os.IsNotExist(err) {
++ return false, err
+ }
++ }
+
+- switch hdr.Typeflag {
+- case tar.TypeDir:
+- fi, err := os.Lstat(path)
++ switch header.Typeflag {
++ case tar.TypeDir:
++ fi, err := os.Lstat(path)
++ if err != nil && !os.IsNotExist(err) {
++ return false, err
++ }
++ if os.IsNotExist(err) || !fi.IsDir() {
++ err = os.RemoveAll(path)
+ if err != nil && !os.IsNotExist(err) {
+- return err
+- }
+- if os.IsNotExist(err) || !fi.IsDir() {
+- err = os.RemoveAll(path)
+- if err != nil && !os.IsNotExist(err) {
+- return err
+- }
+- err = os.MkdirAll(path, info.Mode())
+- if err != nil {
+- return err
+- }
++ return false, err
+ }
+-
+- case tar.TypeReg, tar.TypeRegA:
+- f, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY, info.Mode())
++ err = os.MkdirAll(path, info.Mode())
+ if err != nil {
+- return errors.Wrap(err, "unable to open file")
++ return false, err
+ }
++ }
+
+- if _, err := io.Copy(f, tr); err != nil {
+- f.Close()
+- return errors.Wrap(err, "unable to copy")
+- }
+- f.Close()
++ case tar.TypeReg, tar.TypeRegA:
++ f, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY, info.Mode())
++ if err != nil {
++ return false, errors.Wrap(err, "unable to open file")
++ }
+
+- case tar.TypeLink:
+- target := filepath.Join(dest, hdr.Linkname)
++ if _, err := io.Copy(f, reader); err != nil {
++ f.Close()
++ return false, errors.Wrap(err, "unable to copy")
++ }
++ f.Close()
+
+- if !strings.HasPrefix(target, dest) {
+- return fmt.Errorf("invalid hardlink %q -> %q", target, hdr.Linkname)
+- }
++ case tar.TypeLink:
++ target := filepath.Join(dest, header.Linkname)
+
+- if err := os.Link(target, path); err != nil {
+- return err
+- }
++ if !strings.HasPrefix(target, dest) {
++ return false, fmt.Errorf("invalid hardlink %q -> %q", target, header.Linkname)
++ }
+
+- case tar.TypeSymlink:
+- target := filepath.Join(filepath.Dir(path), hdr.Linkname)
++ if err := os.Link(target, path); err != nil {
++ return false, err
++ }
+
+- if !strings.HasPrefix(target, dest) {
+- return fmt.Errorf("invalid symlink %q -> %q", path, hdr.Linkname)
+- }
++ case tar.TypeSymlink:
++ target := filepath.Join(filepath.Dir(path), header.Linkname)
+
+- if err := os.Symlink(hdr.Linkname, path); err != nil {
+- return err
+- }
+- case tar.TypeXGlobalHeader:
+- return nil
++ if !strings.HasPrefix(target, dest) {
++ return false, fmt.Errorf("invalid symlink %q -> %q", path, header.Linkname)
+ }
+- // Directory mtimes must be handled at the end to avoid further
+- // file creation in them to modify the directory mtime
+- if hdr.Typeflag == tar.TypeDir {
+- dirs = append(dirs, hdr)
+- }
+- }
+- for _, hdr := range dirs {
+- path := filepath.Join(dest, hdr.Name)
+
+- finfo := hdr.FileInfo()
+- // I believe the old version was using time.Now().UTC() to overcome an
+- // invalid error from chtimes.....but here we lose hdr.AccessTime like this...
+- if err := os.Chtimes(path, time.Now().UTC(), finfo.ModTime()); err != nil {
+- return errors.Wrap(err, "error changing time")
++ if err := os.Symlink(header.Linkname, path); err != nil {
++ return false, err
+ }
++ case tar.TypeXGlobalHeader:
++ return false, nil
+ }
+- return nil
++
++ return false, nil
+ }
+--
+2.4.0.53.g8440f74
+
diff --git a/import-layers/meta-virtualization/recipes-containers/oci-image-tools/oci-image-tools_git.bb b/import-layers/meta-virtualization/recipes-containers/oci-image-tools/oci-image-tools_git.bb
index 29a8926..68d73c3 100644
--- a/import-layers/meta-virtualization/recipes-containers/oci-image-tools/oci-image-tools_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/oci-image-tools/oci-image-tools_git.bb
@@ -1,7 +1,7 @@
HOMEPAGE = "https://github.com/opencontainers/image-tools"
SUMMARY = "A collection of tools for working with the OCI image format specification"
LICENSE = "Apache-2"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=e3fc50a88d0a364313df4b21ef20c29e"
+LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=e3fc50a88d0a364313df4b21ef20c29e"
DEPENDS = "\
oci-image-spec \
@@ -12,11 +12,13 @@
spf13-pflag \
"
-SRC_URI = "git://github.com/opencontainers/image-tools.git"
-SRCREV = "a358e03fde4e3628bf9fb7656bf643b63f975636"
-PV = "0.1.0+git${SRCPV}"
+SRC_URI = "git://github.com/opencontainers/image-tools.git \
+ file://0001-image-manifest-Recursively-remove-pre-existing-entri.patch \
+ file://0002-image-manifest-Split-unpackLayerEntry-into-its-own-f.patch"
-S = "${WORKDIR}/git"
+SRCREV = "4abe1a166f9be97e8e71b1bb4d7599cc29323011"
+PV = "0.2.0-dev+git${SRCPV}"
+GO_IMPORT = "import"
inherit goarch
inherit go
@@ -35,10 +37,11 @@
#
# We also need to link in the ipallocator directory as that is not under
# a src directory.
- ln -sfn . "${S}/vendor/src"
- mkdir -p "${S}/vendor/src/github.com/opencontainers/image-tools/"
- ln -sfn "${S}/image" "${S}/vendor/src/github.com/opencontainers/image-tools/image"
- export GOPATH="${S}/vendor"
+ ln -sfn . "${S}/src/import/vendor/src"
+ mkdir -p "${S}/src/import/vendor/src/github.com/opencontainers/image-tools/"
+ ln -sfn "${S}/src/import/image" "${S}/src/import/vendor/src/github.com/opencontainers/image-tools/image"
+ ln -sfn "${S}/src/import/version" "${S}/src/import/vendor/src/github.com/opencontainers/image-tools/version"
+ export GOPATH="${S}/src/import/vendor"
# Pass the needed cflags/ldflags so that cgo
# can find the needed headers files and libraries
@@ -47,15 +50,14 @@
export LDFLAGS=""
export CGO_CFLAGS="${BUILDSDK_CFLAGS} --sysroot=${STAGING_DIR_TARGET}"
export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+ cd ${S}/src/import
- oe_runmake tools
+ oe_runmake tool
}
do_install() {
install -d ${D}/${sbindir}
- install ${S}/oci-create-runtime-bundle ${D}/${sbindir}/
- install ${S}/oci-image-validate ${D}/${sbindir}/
- install ${S}/oci-unpack ${D}/${sbindir}/
+ install ${S}/src/import/oci-image-tool ${D}/${sbindir}/
}
INSANE_SKIP_${PN} += "ldflags"
diff --git a/import-layers/meta-virtualization/recipes-containers/oci-runtime-spec/oci-runtime-spec_git.bb b/import-layers/meta-virtualization/recipes-containers/oci-runtime-spec/oci-runtime-spec_git.bb
index 82f852f..deba7b3 100644
--- a/import-layers/meta-virtualization/recipes-containers/oci-runtime-spec/oci-runtime-spec_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/oci-runtime-spec/oci-runtime-spec_git.bb
@@ -9,8 +9,8 @@
PKG_NAME = "github.com/opencontainers/${SRCNAME}"
SRC_URI = "git://${PKG_NAME}.git;destsuffix=git/src/${PKG_NAME}"
-SRCREV = "4af0c72f92aacf1b43618d7986197d8209fadf0b"
-PV = "v1.0.0-rc4+git${SRCPV}"
+SRCREV = "a39b1cd4fdf7743ab721cc9da58abbee2f8624d1"
+PV = "v1.0.0-rc6+git${SRCPV}"
S = "${WORKDIR}/git"
@@ -38,4 +38,4 @@
FILES_${PN} += "${prefix}/local/go/src/${PKG_NAME}/*"
-CLEANBROKEN = "1"
\ No newline at end of file
+CLEANBROKEN = "1"
diff --git a/import-layers/meta-virtualization/recipes-containers/oci-runtime-tools/files/0001-Revert-implement-add-set-function-for-hooks-items.patch b/import-layers/meta-virtualization/recipes-containers/oci-runtime-tools/files/0001-Revert-implement-add-set-function-for-hooks-items.patch
new file mode 100644
index 0000000..99a9310
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/oci-runtime-tools/files/0001-Revert-implement-add-set-function-for-hooks-items.patch
@@ -0,0 +1,202 @@
+From 2911eaabab92ec2cdea2b173c3429db4a52bee2f Mon Sep 17 00:00:00 2001
+From: Bruce Ashfield <bruce.ashfield@windriver.com>
+Date: Wed, 20 Sep 2017 23:28:52 -0400
+Subject: [PATCH] Revert "implement add/set function for hooks items"
+
+This reverts commit df3a46feb971386f922c7c2c2822b88301f87cb0.
+---
+ cmd/oci-runtime-tool/generate.go | 12 ++++++------
+ generate/generate.go | 42 ++++++----------------------------------
+ 2 files changed, 12 insertions(+), 42 deletions(-)
+
+diff --git a/src/import/cmd/oci-runtime-tool/generate.go b/src/import/cmd/oci-runtime-tool/generate.go
+index ed11fe8f3729..7121ce5fe07e 100644
+--- a/src/import/cmd/oci-runtime-tool/generate.go
++++ b/src/import/cmd/oci-runtime-tool/generate.go
+@@ -354,7 +354,7 @@ func setupSpec(g *generate.Generator, context *cli.Context) error {
+ for _, postStartEnv := range postStartEnvs {
+ path, env, err := parseHookEnv(postStartEnv)
+ if err != nil {
+- return err
++ return nil
+ }
+ g.AddPostStartHookEnv(path, env)
+ }
+@@ -387,7 +387,7 @@ func setupSpec(g *generate.Generator, context *cli.Context) error {
+ for _, postStopEnv := range postStopEnvs {
+ path, env, err := parseHookEnv(postStopEnv)
+ if err != nil {
+- return err
++ return nil
+ }
+ g.AddPostStopHookEnv(path, env)
+ }
+@@ -398,7 +398,7 @@ func setupSpec(g *generate.Generator, context *cli.Context) error {
+ for _, postStopTimeout := range postStopTimeouts {
+ path, timeout, err := parseHookTimeout(postStopTimeout)
+ if err != nil {
+- return err
++ return nil
+ }
+ g.AddPostStopHookTimeout(path, timeout)
+ }
+@@ -409,7 +409,7 @@ func setupSpec(g *generate.Generator, context *cli.Context) error {
+ for _, hook := range preStartHooks {
+ path, args, err := parseHook(hook)
+ if err != nil {
+- return err
++ return nil
+ }
+ g.AddPreStartHook(path, args)
+ }
+@@ -420,7 +420,7 @@ func setupSpec(g *generate.Generator, context *cli.Context) error {
+ for _, preStartEnv := range preStartEnvs {
+ path, env, err := parseHookEnv(preStartEnv)
+ if err != nil {
+- return err
++ return nil
+ }
+ g.AddPreStartHookEnv(path, env)
+ }
+@@ -431,7 +431,7 @@ func setupSpec(g *generate.Generator, context *cli.Context) error {
+ for _, preStartTimeout := range preStartTimeouts {
+ path, timeout, err := parseHookTimeout(preStartTimeout)
+ if err != nil {
+- return err
++ return nil
+ }
+ g.AddPreStartHookTimeout(path, timeout)
+ }
+diff --git a/src/import/generate/generate.go b/src/import/generate/generate.go
+index 84762c3cbd05..ef5d2cc95b3c 100644
+--- a/src/import/generate/generate.go
++++ b/src/import/generate/generate.go
+@@ -744,39 +744,29 @@ func (g *Generator) ClearPreStartHooks() {
+ func (g *Generator) AddPreStartHook(path string, args []string) {
+ g.initSpecHooks()
+ hook := rspec.Hook{Path: path, Args: args}
+- for i, hook := range g.spec.Hooks.Prestart {
+- if hook.Path == path {
+- g.spec.Hooks.Prestart[i] = hook
+- return
+- }
+- }
+ g.spec.Hooks.Prestart = append(g.spec.Hooks.Prestart, hook)
+ }
+
+ // AddPreStartHookEnv adds envs of a prestart hook into g.spec.Hooks.Prestart.
+ func (g *Generator) AddPreStartHookEnv(path string, envs []string) {
+- g.initSpecHooks()
++ g.initSpec()
+ for i, hook := range g.spec.Hooks.Prestart {
+ if hook.Path == path {
+ g.spec.Hooks.Prestart[i].Env = envs
+ return
+ }
+ }
+- hook := rspec.Hook{Path: path, Env: envs}
+- g.spec.Hooks.Prestart = append(g.spec.Hooks.Prestart, hook)
+ }
+
+ // AddPreStartHookTimeout adds timeout of a prestart hook into g.spec.Hooks.Prestart.
+ func (g *Generator) AddPreStartHookTimeout(path string, timeout int) {
+- g.initSpecHooks()
++ g.initSpec()
+ for i, hook := range g.spec.Hooks.Prestart {
+ if hook.Path == path {
+ g.spec.Hooks.Prestart[i].Timeout = &timeout
+ return
+ }
+ }
+- hook := rspec.Hook{Path: path, Timeout: &timeout}
+- g.spec.Hooks.Prestart = append(g.spec.Hooks.Prestart, hook)
+ }
+
+ // ClearPostStopHooks clear g.spec.Hooks.Poststop.
+@@ -794,39 +784,29 @@ func (g *Generator) ClearPostStopHooks() {
+ func (g *Generator) AddPostStopHook(path string, args []string) {
+ g.initSpecHooks()
+ hook := rspec.Hook{Path: path, Args: args}
+- for i, hook := range g.spec.Hooks.Poststop {
+- if hook.Path == path {
+- g.spec.Hooks.Poststop[i] = hook
+- return
+- }
+- }
+ g.spec.Hooks.Poststop = append(g.spec.Hooks.Poststop, hook)
+ }
+
+ // AddPostStopHookEnv adds envs of a poststop hook into g.spec.Hooks.Poststop.
+ func (g *Generator) AddPostStopHookEnv(path string, envs []string) {
+- g.initSpecHooks()
++ g.initSpec()
+ for i, hook := range g.spec.Hooks.Poststop {
+ if hook.Path == path {
+ g.spec.Hooks.Poststop[i].Env = envs
+ return
+ }
+ }
+- hook := rspec.Hook{Path: path, Env: envs}
+- g.spec.Hooks.Poststop = append(g.spec.Hooks.Poststop, hook)
+ }
+
+ // AddPostStopHookTimeout adds timeout of a poststop hook into g.spec.Hooks.Poststop.
+ func (g *Generator) AddPostStopHookTimeout(path string, timeout int) {
+- g.initSpecHooks()
++ g.initSpec()
+ for i, hook := range g.spec.Hooks.Poststop {
+ if hook.Path == path {
+ g.spec.Hooks.Poststop[i].Timeout = &timeout
+ return
+ }
+ }
+- hook := rspec.Hook{Path: path, Timeout: &timeout}
+- g.spec.Hooks.Poststop = append(g.spec.Hooks.Poststop, hook)
+ }
+
+ // ClearPostStartHooks clear g.spec.Hooks.Poststart.
+@@ -844,39 +824,29 @@ func (g *Generator) ClearPostStartHooks() {
+ func (g *Generator) AddPostStartHook(path string, args []string) {
+ g.initSpecHooks()
+ hook := rspec.Hook{Path: path, Args: args}
+- for i, hook := range g.spec.Hooks.Poststart {
+- if hook.Path == path {
+- g.spec.Hooks.Poststart[i] = hook
+- return
+- }
+- }
+ g.spec.Hooks.Poststart = append(g.spec.Hooks.Poststart, hook)
+ }
+
+ // AddPostStartHookEnv adds envs of a poststart hook into g.spec.Hooks.Poststart.
+ func (g *Generator) AddPostStartHookEnv(path string, envs []string) {
+- g.initSpecHooks()
++ g.initSpec()
+ for i, hook := range g.spec.Hooks.Poststart {
+ if hook.Path == path {
+ g.spec.Hooks.Poststart[i].Env = envs
+ return
+ }
+ }
+- hook := rspec.Hook{Path: path, Env: envs}
+- g.spec.Hooks.Poststart = append(g.spec.Hooks.Poststart, hook)
+ }
+
+ // AddPostStartHookTimeout adds timeout of a poststart hook into g.spec.Hooks.Poststart.
+ func (g *Generator) AddPostStartHookTimeout(path string, timeout int) {
+- g.initSpecHooks()
++ g.initSpec()
+ for i, hook := range g.spec.Hooks.Poststart {
+ if hook.Path == path {
+ g.spec.Hooks.Poststart[i].Timeout = &timeout
+ return
+ }
+ }
+- hook := rspec.Hook{Path: path, Timeout: &timeout}
+- g.spec.Hooks.Poststart = append(g.spec.Hooks.Poststart, hook)
+ }
+
+ // AddTmpfsMount adds a tmpfs mount into g.spec.Mounts.
+--
+2.4.0.53.g8440f74
+
diff --git a/import-layers/meta-virtualization/recipes-containers/oci-runtime-tools/oci-runtime-tools_git.bb b/import-layers/meta-virtualization/recipes-containers/oci-runtime-tools/oci-runtime-tools_git.bb
index 4f77dce..61b68b5 100644
--- a/import-layers/meta-virtualization/recipes-containers/oci-runtime-tools/oci-runtime-tools_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/oci-runtime-tools/oci-runtime-tools_git.bb
@@ -1,14 +1,17 @@
HOMEPAGE = "https://github.com/opencontainers/runtime-tools"
SUMMARY = "oci-runtime-tool is a collection of tools for working with the OCI runtime specification"
LICENSE = "GPLv2"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=b355a61a394a504dacde901c958f662c"
+LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=b355a61a394a504dacde901c958f662c"
-SRC_URI = "git://github.com/opencontainers/runtime-tools.git"
+SRC_URI = "git://github.com/opencontainers/runtime-tools.git \
+ file://0001-Revert-implement-add-set-function-for-hooks-items.patch \
+ "
-SRCREV = "038b0c99b82f3c08de31f6b09e693eb24644affd"
-PV = "0.0.1+git${SRCPV}"
+SRCREV = "6e7da8148f4de2c9e9c9d3b345576898d4f412cb"
+PV = "0.1.0+git${SRCPV}"
+GO_IMPORT = "import"
-S = "${WORKDIR}/git"
+INSANE_SKIP_${PN} += "ldflags"
inherit goarch
inherit go
@@ -16,7 +19,7 @@
do_compile() {
export GOARCH="${TARGET_GOARCH}"
export GOROOT="${STAGING_LIBDIR_NATIVE}/${TARGET_SYS}/go"
- export GOPATH="${S}"
+ export GOPATH="${S}/src/import:${S}/src/import/vendor"
# Pass the needed cflags/ldflags so that cgo
# can find the needed headers files and libraries
@@ -26,10 +29,24 @@
export CGO_CFLAGS="${BUILDSDK_CFLAGS} --sysroot=${STAGING_DIR_TARGET}"
export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+ # link fixups for compilation
+ rm -f ${S}/src/import/vendor/src
+ ln -sf ./ ${S}/src/import/vendor/src
+ mkdir -p ${S}/src/import/vendor/github.com/opencontainers/runtime-tools
+ ln -sf ../../../../generate ${S}/src/import/vendor/github.com/opencontainers/runtime-tools/generate
+ ln -sf ../../../../validate ${S}/src/import/vendor/github.com/opencontainers/runtime-tools/validate
+ ln -sf ../../../../cmd ${S}/src/import/vendor/github.com/opencontainers/runtime-tools/cmd
+ ln -sf ../../../../error ${S}/src/import/vendor/github.com/opencontainers/runtime-tools/error
+ ln -sf ../../../../specerror ${S}/src/import/vendor/github.com/opencontainers/runtime-tools/specerror
+ cd ${S}/src/import
+
oe_runmake
}
do_install() {
install -d ${D}/${sbindir}
- install ${S}/oci-runtime-tool ${D}/${sbindir}/oci-runtime-tool
+ install ${S}/src/import/oci-runtime-tool ${D}/${sbindir}/oci-runtime-tool
}
+
+deltask compile_ptest_base
+
diff --git a/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch b/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch
index 507cd08..5016f6e 100644
--- a/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch
+++ b/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook/0001-selinux-drop-selinux-support.patch
@@ -5,25 +5,34 @@
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
---
- src/systemdhook.c | 9 ---------
- 1 file changed, 9 deletions(-)
+ src/systemdhook.c | 12 ------------
+ 1 file changed, 12 deletions(-)
-diff --git a/src/systemdhook.c b/src/systemdhook.c
-index 274e5b910699..b9e8f1be376a 100644
--- a/src/systemdhook.c
+++ b/src/systemdhook.c
-@@ -14,7 +14,6 @@
+@@ -16,7 +16,6 @@
#include <errno.h>
#include <inttypes.h>
#include <linux/limits.h>
-#include <selinux/selinux.h>
#include <yajl/yajl_tree.h>
+ #include <stdbool.h>
- #include "config.h"
-@@ -538,14 +537,6 @@ static int prestart(const char *rootfs,
+@@ -129,9 +128,6 @@ static int chperm(const char *path, cons
+ closedir(dir);
+ return -1;
+ }
+- if (setfilecon (full_path, label) < 0) {
+- pr_perror("Failed to set context %s on %s", label, full_path);
+- }
+
+ if (doChown) {
+ /* Change uid and gid to something the container can handle */
+@@ -496,14 +492,6 @@ static int prestart(const char *rootfs,
+ return -1;
}
}
-
+-
- if (strcmp("", mount_label)) {
- rc = setfilecon(journal_dir, (security_context_t)mount_label);
- if (rc < 0) {
@@ -31,10 +40,6 @@
- return -1;
- }
- }
--
- if (makepath(cont_journal_dir, 0755) == -1) {
- if (errno != EEXIST) {
- pr_perror("Failed to mkdir container journal dir: %s", cont_journal_dir);
---
-2.4.0.53.g8440f74
-
+
+ /* Attempt to creare /var/log/journal inside of rootfs,
+ if successful, or directory exists, mount tmpfs on top of
diff --git a/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb b/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb
index 872872a..fc88905 100644
--- a/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/oci-systemd-hook/oci-systemd-hook_git.bb
@@ -6,7 +6,7 @@
DEPENDS = "yajl util-linux"
-SRCREV = "ca515c1f399bd0b16e94b7c34aa1ef20498beca6"
+SRCREV = "1ac958a4197a9ea52174812fc7d7d036af8140d3"
SRC_URI = "git://github.com/projectatomic/oci-systemd-hook \
file://0001-selinux-drop-selinux-support.patch \
file://0001-configure-drop-selinux-support.patch \
diff --git a/import-layers/meta-virtualization/recipes-containers/riddler/riddler_git.bb b/import-layers/meta-virtualization/recipes-containers/riddler/riddler_git.bb
index ae6c5ec..9f7fe6b 100644
--- a/import-layers/meta-virtualization/recipes-containers/riddler/riddler_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/riddler/riddler_git.bb
@@ -1,11 +1,12 @@
HOMEPAGE = "https://github.com/jfrazelle/riddler"
SUMMARY = "Convert `docker inspect` to opencontainers (OCI compatible) runc spec."
LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=20ce4c6a4f32d6ee4a68e3a7506db3f1"
+LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=20ce4c6a4f32d6ee4a68e3a7506db3f1"
SRC_URI = "git://github.com/jfrazelle/riddler;branch=master"
SRCREV = "23befa0b232877b5b502b828e24161d801bd67f6"
PV = "0.1.0+git${SRCPV}"
+GO_IMPORT = "import"
S = "${WORKDIR}/git"
@@ -26,10 +27,10 @@
#
# We also need to link in the ipallocator directory as that is not under
# a src directory.
- ln -sfn . "${S}/vendor/src"
- mkdir -p "${S}/vendor/src/github.com/jessfraz/riddler"
- ln -sfn "${S}/parse" "${S}/vendor/src/github.com/jessfraz/riddler/parse"
- export GOPATH="${S}/vendor"
+ ln -sfn . "${S}/src/import/vendor/src"
+ mkdir -p "${S}/src/import/vendor/src/github.com/jessfraz/riddler"
+ ln -sfn "${S}/src/import/parse" "${S}/src/import/vendor/src/github.com/jessfraz/riddler/parse"
+ export GOPATH="${S}/src/import/vendor"
# Pass the needed cflags/ldflags so that cgo
# can find the needed headers files and libraries
@@ -38,11 +39,12 @@
export LDFLAGS=""
export CGO_CFLAGS="${BUILDSDK_CFLAGS} --sysroot=${STAGING_DIR_TARGET}"
export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}"
+ cd ${S}/src/import
oe_runmake static
}
do_install() {
install -d ${D}/${sbindir}
- install ${S}/riddler ${D}/${sbindir}/riddler
+ install ${S}/src/import/riddler ${D}/${sbindir}/riddler
}
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Disable-building-recvtty.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Disable-building-recvtty.patch
new file mode 100644
index 0000000..fa1f695
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Disable-building-recvtty.patch
@@ -0,0 +1,26 @@
+From aa2fc7b0eacba61175f083cc8d8adc233bcd0575 Mon Sep 17 00:00:00 2001
+From: Paul Barker <pbarker@toganlabs.com>
+Date: Thu, 12 Oct 2017 11:34:24 +0000
+Subject: [PATCH] Disable building recvtty
+
+Signed-off-by: Paul Barker <pbarker@toganlabs.com>
+Upstream-status: Inappropriate
+---
+ Makefile | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/Makefile b/Makefile
+index 0fcf508..24f47dc 100644
+--- a/src/import/Makefile
++++ b/src/import/Makefile
+@@ -38,7 +38,6 @@ contrib/cmd/recvtty/recvtty: $(SOURCES)
+
+ static: $(SOURCES)
+ CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc .
+- CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
+
+ release:
+ @flag_list=(seccomp selinux apparmor static); \
+--
+2.7.4
+
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch
new file mode 100644
index 0000000..bcc76fc
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch
@@ -0,0 +1,89 @@
+From e8ef6025a4f48620baf91737cd37eb5e6a40f48c Mon Sep 17 00:00:00 2001
+From: Justin Cormack <justin.cormack@docker.com>
+Date: Fri, 23 Jun 2017 17:14:59 -0700
+Subject: [PATCH 1/3] Update to runtime spec
+ 198f23f827eea397d4331d7eb048d9d4c7ff7bee
+
+Updates memory limits to be int64, and removes Platform from spec.
+
+Signed-off-by: Justin Cormack <justin.cormack@docker.com>
+---
+ vendor.conf | 2 +-
+ .../opencontainers/runtime-spec/specs-go/config.go | 23 ++++++----------------
+ 2 files changed, 7 insertions(+), 18 deletions(-)
+
+diff --git a/vendor.conf b/vendor.conf
+index e23e7ea7..09a8a924 100644
+--- a/src/import/vendor.conf
++++ b/src/import/vendor.conf
+@@ -1,7 +1,7 @@
+ # OCI runtime-spec. When updating this, make sure you use a version tag rather
+ # than a commit ID so it's much more obvious what version of the spec we are
+ # using.
+-github.com/opencontainers/runtime-spec 239c4e44f2a612ed85f6db9c66247aa33f437e91
++github.com/opencontainers/runtime-spec 198f23f827eea397d4331d7eb048d9d4c7ff7bee
+ # Core libcontainer functionality.
+ github.com/mrunalp/fileutils ed869b029674c0e9ce4c0dfa781405c2d9946d08
+ github.com/opencontainers/selinux v1.0.0-rc1
+diff --git a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
+index 8bf8d924..68ab112e 100644
+--- a/src/import/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
++++ b/src/import/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go
+@@ -6,8 +6,6 @@ import "os"
+ type Spec struct {
+ // Version of the Open Container Runtime Specification with which the bundle complies.
+ Version string `json:"ociVersion"`
+- // Platform specifies the configuration's target platform.
+- Platform Platform `json:"platform"`
+ // Process configures the container process.
+ Process *Process `json:"process,omitempty"`
+ // Root configures the container's root filesystem.
+@@ -101,15 +99,6 @@ type Root struct {
+ Readonly bool `json:"readonly,omitempty"`
+ }
+
+-// Platform specifies OS and arch information for the host system that the container
+-// is created for.
+-type Platform struct {
+- // OS is the operating system.
+- OS string `json:"os"`
+- // Arch is the architecture
+- Arch string `json:"arch"`
+-}
+-
+ // Mount specifies a mount for a container.
+ type Mount struct {
+ // Destination is the absolute path where the mount will be placed in the container.
+@@ -284,15 +273,15 @@ type LinuxBlockIO struct {
+ // LinuxMemory for Linux cgroup 'memory' resource management
+ type LinuxMemory struct {
+ // Memory limit (in bytes).
+- Limit *uint64 `json:"limit,omitempty"`
++ Limit *int64 `json:"limit,omitempty"`
+ // Memory reservation or soft_limit (in bytes).
+- Reservation *uint64 `json:"reservation,omitempty"`
++ Reservation *int64 `json:"reservation,omitempty"`
+ // Total memory limit (memory + swap).
+- Swap *uint64 `json:"swap,omitempty"`
++ Swap *int64 `json:"swap,omitempty"`
+ // Kernel memory limit (in bytes).
+- Kernel *uint64 `json:"kernel,omitempty"`
++ Kernel *int64 `json:"kernel,omitempty"`
+ // Kernel memory limit for tcp (in bytes)
+- KernelTCP *uint64 `json:"kernelTCP,omitempty"`
++ KernelTCP *int64 `json:"kernelTCP,omitempty"`
+ // How aggressive the kernel will swap memory pages.
+ Swappiness *uint64 `json:"swappiness,omitempty"`
+ }
+@@ -486,7 +475,7 @@ type WindowsNetwork struct {
+ EndpointList []string `json:"endpointList,omitempty"`
+ // Specifies if unqualified DNS name resolution is allowed.
+ AllowUnqualifiedDNSQuery bool `json:"allowUnqualifiedDNSQuery,omitempty"`
+- // Comma seperated list of DNS suffixes to use for name resolution.
++ // Comma separated list of DNS suffixes to use for name resolution.
+ DNSSearchList []string `json:"DNSSearchList,omitempty"`
+ // Name (ID) of the container that we will share with the network stack.
+ NetworkSharedContainerName string `json:"networkSharedContainerName,omitempty"`
+--
+2.11.0
+
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Use-correct-go-cross-compiler.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Use-correct-go-cross-compiler.patch
new file mode 100644
index 0000000..8f5171a
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-Use-correct-go-cross-compiler.patch
@@ -0,0 +1,85 @@
+From 037c20b3b3ef5e9ead0282aa64f9b88c0c18934d Mon Sep 17 00:00:00 2001
+From: Paul Barker <pbarker@toganlabs.com>
+Date: Thu, 5 Oct 2017 13:14:40 +0000
+Subject: [PATCH] Use correct go cross-compiler
+
+We need to use '${GO}' as set by OpenEmbedded instead of just 'go'. Just using
+'go' will invoke go-native.
+
+Signed-off-by: Paul Barker <pbarker@toganlabs.com>
+Upstream-status: Inappropriate
+---
+ Makefile | 20 ++++++++++----------
+ 1 file changed, 10 insertions(+), 10 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index 8117892..0fcf508 100644
+--- a/src/import/Makefile
++++ b/src/import/Makefile
+@@ -27,18 +27,18 @@ SHELL := $(shell command -v bash 2>/dev/null)
+ .DEFAULT: runc
+
+ runc: $(SOURCES)
+- go build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc .
++ $(GO) build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc .
+
+ all: runc recvtty
+
+ recvtty: contrib/cmd/recvtty/recvtty
+
+ contrib/cmd/recvtty/recvtty: $(SOURCES)
+- go build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
++ $(GO) build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
+
+ static: $(SOURCES)
+- CGO_ENABLED=1 go build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc .
+- CGO_ENABLED=1 go build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
++ CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc .
++ CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
+
+ release:
+ @flag_list=(seccomp selinux apparmor static); \
+@@ -62,15 +62,15 @@ release:
+ CGO_ENABLED=1; \
+ }; \
+ echo "Building target: $$output"; \
+- go build -i $(EXTRA_FLAGS) -ldflags "$$ldflags $(EXTRA_LDFLAGS)" -tags "$$tags" -o "$$output" .; \
++ $(GO) build -i $(EXTRA_FLAGS) -ldflags "$$ldflags $(EXTRA_LDFLAGS)" -tags "$$tags" -o "$$output" .; \
+ done
+
+ dbuild: runcimage
+ docker run --rm -v $(CURDIR):/go/src/$(PROJECT) --privileged $(RUNC_IMAGE) make clean all
+
+ lint:
+- go vet $(allpackages)
+- go fmt $(allpackages)
++ $(GO) vet $(allpackages)
++ $(GO) fmt $(allpackages)
+
+ man:
+ man/md2man-all.sh
+@@ -88,7 +88,7 @@ unittest: runcimage
+ docker run -e TESTFLAGS -t --privileged --rm -v $(CURDIR):/go/src/$(PROJECT) $(RUNC_IMAGE) make localunittest
+
+ localunittest: all
+- go test -timeout 3m -tags "$(BUILDTAGS)" ${TESTFLAGS} -v $(allpackages)
++ $(GO) test -timeout 3m -tags "$(BUILDTAGS)" ${TESTFLAGS} -v $(allpackages)
+
+ integration: runcimage
+ docker run -e TESTFLAGS -t --privileged --rm -v $(CURDIR):/go/src/$(PROJECT) $(RUNC_IMAGE) make localintegration
+@@ -134,10 +134,10 @@ clean:
+ validate:
+ script/validate-gofmt
+ script/validate-shfmt
+- go vet $(allpackages)
++ $(GO) vet $(allpackages)
+
+ ci: validate localtest
+
+ # memoize allpackages, so that it's executed only once and only if used
+-_allpackages = $(shell go list ./... | grep -v vendor)
++_allpackages = $(shell $(GO) list ./... | grep -v vendor)
+ allpackages = $(if $(__allpackages),,$(eval __allpackages := $$(_allpackages)))$(__allpackages)
+--
+2.7.4
+
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-runc-Add-console-socket-dev-null.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-runc-Add-console-socket-dev-null.patch
new file mode 100644
index 0000000..48c1250
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0001-runc-Add-console-socket-dev-null.patch
@@ -0,0 +1,33 @@
+From 3fff2a3505fba1d1ff0074edff15708a77f6cfa9 Mon Sep 17 00:00:00 2001
+From: Jason Wessel <jason.wessel@windriver.com>
+Date: Wed, 12 Jul 2017 13:35:03 -0700
+Subject: [PATCH] runc: Add --console-socket=/dev/null
+
+This allows for setting up a detached session where you do not want to
+set the terminal to false in the config.json. More or less this is a
+runtime override.
+
+Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
+---
+ utils_linux.go | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/utils_linux.go b/utils_linux.go
+index 8085f7fe..e6d31b35 100644
+--- a/src/import/utils_linux.go
++++ b/src/import/utils_linux.go
+@@ -227,6 +227,11 @@ type runner struct {
+ }
+
+ func (r *runner) run(config *specs.Process) (int, error) {
++ if (r.consoleSocket == "/dev/null") {
++ r.detach = false
++ r.consoleSocket = ""
++ config.Terminal = false
++ }
+ if err := r.checkTerminal(config); err != nil {
+ r.destroy()
+ return -1, err
+--
+2.11.0
+
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0002-Remove-Platform-as-no-longer-in-OCI-spec.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0002-Remove-Platform-as-no-longer-in-OCI-spec.patch
new file mode 100644
index 0000000..7970dec
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0002-Remove-Platform-as-no-longer-in-OCI-spec.patch
@@ -0,0 +1,75 @@
+From e1146182a8cebb5a6133a9e298a5e4acf99652e9 Mon Sep 17 00:00:00 2001
+From: Justin Cormack <justin.cormack@docker.com>
+Date: Fri, 23 Jun 2017 17:16:08 -0700
+Subject: [PATCH 2/3] Remove Platform as no longer in OCI spec
+
+This was never used, just validated, so was removed from spec.
+
+Signed-off-by: Justin Cormack <justin.cormack@docker.com>
+---
+ libcontainer/specconv/example.go | 5 -----
+ spec.go | 14 --------------
+ 2 files changed, 19 deletions(-)
+
+diff --git a/libcontainer/specconv/example.go b/libcontainer/specconv/example.go
+index 33134116..d6621194 100644
+--- a/src/import/libcontainer/specconv/example.go
++++ b/src/import/libcontainer/specconv/example.go
+@@ -2,7 +2,6 @@ package specconv
+
+ import (
+ "os"
+- "runtime"
+ "strings"
+
+ "github.com/opencontainers/runtime-spec/specs-go"
+@@ -15,10 +14,6 @@ func sPtr(s string) *string { return &s }
+ func Example() *specs.Spec {
+ return &specs.Spec{
+ Version: specs.Version,
+- Platform: specs.Platform{
+- OS: runtime.GOOS,
+- Arch: runtime.GOARCH,
+- },
+ Root: specs.Root{
+ Path: "rootfs",
+ Readonly: true,
+diff --git a/spec.go b/spec.go
+index 92d38f57..876937d2 100644
+--- a/src/import/spec.go
++++ b/src/import/spec.go
+@@ -7,7 +7,6 @@ import (
+ "fmt"
+ "io/ioutil"
+ "os"
+- "runtime"
+
+ "github.com/opencontainers/runc/libcontainer/configs"
+ "github.com/opencontainers/runc/libcontainer/specconv"
+@@ -131,9 +130,6 @@ func loadSpec(cPath string) (spec *specs.Spec, err error) {
+ if err = json.NewDecoder(cf).Decode(&spec); err != nil {
+ return nil, err
+ }
+- if err = validatePlatform(&spec.Platform); err != nil {
+- return nil, err
+- }
+ return spec, validateProcessSpec(spec.Process)
+ }
+
+@@ -148,13 +144,3 @@ func createLibContainerRlimit(rlimit specs.LinuxRlimit) (configs.Rlimit, error)
+ Soft: rlimit.Soft,
+ }, nil
+ }
+-
+-func validatePlatform(platform *specs.Platform) error {
+- if platform.OS != runtime.GOOS {
+- return fmt.Errorf("target os %s mismatch with current os %s", platform.OS, runtime.GOOS)
+- }
+- if platform.Arch != runtime.GOARCH {
+- return fmt.Errorf("target arch %s mismatch with current arch %s", platform.Arch, runtime.GOARCH)
+- }
+- return nil
+-}
+--
+2.11.0
+
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0003-Update-memory-specs-to-use-int64-not-uint64.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0003-Update-memory-specs-to-use-int64-not-uint64.patch
new file mode 100644
index 0000000..50a9b7f
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker/0003-Update-memory-specs-to-use-int64-not-uint64.patch
@@ -0,0 +1,194 @@
+From 3d9074ead33a5c27dc20bb49457c69c6d2ae6b57 Mon Sep 17 00:00:00 2001
+From: Justin Cormack <justin.cormack@docker.com>
+Date: Fri, 23 Jun 2017 17:17:00 -0700
+Subject: [PATCH 3/3] Update memory specs to use int64 not uint64
+
+replace #1492 #1494
+fix #1422
+
+Since https://github.com/opencontainers/runtime-spec/pull/876 the memory
+specifications are now `int64`, as that better matches the visible interface where
+`-1` is a valid value. Otherwise finding the correct value was difficult as it
+was kernel dependent.
+
+Signed-off-by: Justin Cormack <justin.cormack@docker.com>
+---
+ libcontainer/cgroups/fs/memory.go | 36 +++++++++++++++++-------------------
+ libcontainer/configs/cgroup_linux.go | 10 +++++-----
+ update.go | 14 +++++++-------
+ 3 files changed, 29 insertions(+), 31 deletions(-)
+
+diff --git a/libcontainer/cgroups/fs/memory.go b/libcontainer/cgroups/fs/memory.go
+index da2cc9f8..b739c631 100644
+--- a/src/import/libcontainer/cgroups/fs/memory.go
++++ b/src/import/libcontainer/cgroups/fs/memory.go
+@@ -73,14 +73,14 @@ func EnableKernelMemoryAccounting(path string) error {
+ // until a limit is set on the cgroup and limit cannot be set once the
+ // cgroup has children, or if there are already tasks in the cgroup.
+ for _, i := range []int64{1, -1} {
+- if err := setKernelMemory(path, uint64(i)); err != nil {
++ if err := setKernelMemory(path, i); err != nil {
+ return err
+ }
+ }
+ return nil
+ }
+
+-func setKernelMemory(path string, kernelMemoryLimit uint64) error {
++func setKernelMemory(path string, kernelMemoryLimit int64) error {
+ if path == "" {
+ return fmt.Errorf("no such directory for %s", cgroupKernelMemoryLimit)
+ }
+@@ -88,7 +88,7 @@ func setKernelMemory(path string, kernelMemoryLimit uint64) error {
+ // kernel memory is not enabled on the system so we should do nothing
+ return nil
+ }
+- if err := ioutil.WriteFile(filepath.Join(path, cgroupKernelMemoryLimit), []byte(strconv.FormatUint(kernelMemoryLimit, 10)), 0700); err != nil {
++ if err := ioutil.WriteFile(filepath.Join(path, cgroupKernelMemoryLimit), []byte(strconv.FormatInt(kernelMemoryLimit, 10)), 0700); err != nil {
+ // Check if the error number returned by the syscall is "EBUSY"
+ // The EBUSY signal is returned on attempts to write to the
+ // memory.kmem.limit_in_bytes file if the cgroup has children or
+@@ -106,14 +106,12 @@ func setKernelMemory(path string, kernelMemoryLimit uint64) error {
+ }
+
+ func setMemoryAndSwap(path string, cgroup *configs.Cgroup) error {
+- ulimited := -1
+-
+- // If the memory update is set to uint64(-1) we should also
+- // set swap to uint64(-1), it means unlimited memory.
+- if cgroup.Resources.Memory == uint64(ulimited) {
+- // Only set swap if it's enbled in kernel
++ // If the memory update is set to -1 we should also
++ // set swap to -1, it means unlimited memory.
++ if cgroup.Resources.Memory == -1 {
++ // Only set swap if it's enabled in kernel
+ if cgroups.PathExists(filepath.Join(path, cgroupMemorySwapLimit)) {
+- cgroup.Resources.MemorySwap = uint64(ulimited)
++ cgroup.Resources.MemorySwap = -1
+ }
+ }
+
+@@ -128,29 +126,29 @@ func setMemoryAndSwap(path string, cgroup *configs.Cgroup) error {
+ // When update memory limit, we should adapt the write sequence
+ // for memory and swap memory, so it won't fail because the new
+ // value and the old value don't fit kernel's validation.
+- if cgroup.Resources.MemorySwap == uint64(ulimited) || memoryUsage.Limit < cgroup.Resources.MemorySwap {
+- if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatUint(cgroup.Resources.MemorySwap, 10)); err != nil {
++ if cgroup.Resources.MemorySwap == -1 || memoryUsage.Limit < uint64(cgroup.Resources.MemorySwap) {
++ if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatInt(cgroup.Resources.MemorySwap, 10)); err != nil {
+ return err
+ }
+- if err := writeFile(path, cgroupMemoryLimit, strconv.FormatUint(cgroup.Resources.Memory, 10)); err != nil {
++ if err := writeFile(path, cgroupMemoryLimit, strconv.FormatInt(cgroup.Resources.Memory, 10)); err != nil {
+ return err
+ }
+ } else {
+- if err := writeFile(path, cgroupMemoryLimit, strconv.FormatUint(cgroup.Resources.Memory, 10)); err != nil {
++ if err := writeFile(path, cgroupMemoryLimit, strconv.FormatInt(cgroup.Resources.Memory, 10)); err != nil {
+ return err
+ }
+- if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatUint(cgroup.Resources.MemorySwap, 10)); err != nil {
++ if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatInt(cgroup.Resources.MemorySwap, 10)); err != nil {
+ return err
+ }
+ }
+ } else {
+ if cgroup.Resources.Memory != 0 {
+- if err := writeFile(path, cgroupMemoryLimit, strconv.FormatUint(cgroup.Resources.Memory, 10)); err != nil {
++ if err := writeFile(path, cgroupMemoryLimit, strconv.FormatInt(cgroup.Resources.Memory, 10)); err != nil {
+ return err
+ }
+ }
+ if cgroup.Resources.MemorySwap != 0 {
+- if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatUint(cgroup.Resources.MemorySwap, 10)); err != nil {
++ if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatInt(cgroup.Resources.MemorySwap, 10)); err != nil {
+ return err
+ }
+ }
+@@ -171,13 +169,13 @@ func (s *MemoryGroup) Set(path string, cgroup *configs.Cgroup) error {
+ }
+
+ if cgroup.Resources.MemoryReservation != 0 {
+- if err := writeFile(path, "memory.soft_limit_in_bytes", strconv.FormatUint(cgroup.Resources.MemoryReservation, 10)); err != nil {
++ if err := writeFile(path, "memory.soft_limit_in_bytes", strconv.FormatInt(cgroup.Resources.MemoryReservation, 10)); err != nil {
+ return err
+ }
+ }
+
+ if cgroup.Resources.KernelMemoryTCP != 0 {
+- if err := writeFile(path, "memory.kmem.tcp.limit_in_bytes", strconv.FormatUint(cgroup.Resources.KernelMemoryTCP, 10)); err != nil {
++ if err := writeFile(path, "memory.kmem.tcp.limit_in_bytes", strconv.FormatInt(cgroup.Resources.KernelMemoryTCP, 10)); err != nil {
+ return err
+ }
+ }
+diff --git a/libcontainer/configs/cgroup_linux.go b/libcontainer/configs/cgroup_linux.go
+index 3e0509de..e15a662f 100644
+--- a/src/import/libcontainer/configs/cgroup_linux.go
++++ b/src/import/libcontainer/configs/cgroup_linux.go
+@@ -43,19 +43,19 @@ type Resources struct {
+ Devices []*Device `json:"devices"`
+
+ // Memory limit (in bytes)
+- Memory uint64 `json:"memory"`
++ Memory int64 `json:"memory"`
+
+ // Memory reservation or soft_limit (in bytes)
+- MemoryReservation uint64 `json:"memory_reservation"`
++ MemoryReservation int64 `json:"memory_reservation"`
+
+ // Total memory usage (memory + swap); set `-1` to enable unlimited swap
+- MemorySwap uint64 `json:"memory_swap"`
++ MemorySwap int64 `json:"memory_swap"`
+
+ // Kernel memory limit (in bytes)
+- KernelMemory uint64 `json:"kernel_memory"`
++ KernelMemory int64 `json:"kernel_memory"`
+
+ // Kernel memory limit for TCP use (in bytes)
+- KernelMemoryTCP uint64 `json:"kernel_memory_tcp"`
++ KernelMemoryTCP int64 `json:"kernel_memory_tcp"`
+
+ // CPU shares (relative weight vs. other containers)
+ CpuShares uint64 `json:"cpu_shares"`
+diff --git a/update.go b/update.go
+index 0ea90d60..133be999 100644
+--- a/src/import/update.go
++++ b/src/import/update.go
+@@ -124,11 +124,11 @@ other options are ignored.
+
+ r := specs.LinuxResources{
+ Memory: &specs.LinuxMemory{
+- Limit: u64Ptr(0),
+- Reservation: u64Ptr(0),
+- Swap: u64Ptr(0),
+- Kernel: u64Ptr(0),
+- KernelTCP: u64Ptr(0),
++ Limit: i64Ptr(0),
++ Reservation: i64Ptr(0),
++ Swap: i64Ptr(0),
++ Kernel: i64Ptr(0),
++ KernelTCP: i64Ptr(0),
+ },
+ CPU: &specs.LinuxCPU{
+ Shares: u64Ptr(0),
+@@ -213,7 +213,7 @@ other options are ignored.
+ }
+ for _, pair := range []struct {
+ opt string
+- dest *uint64
++ dest *int64
+ }{
+ {"memory", r.Memory.Limit},
+ {"memory-swap", r.Memory.Swap},
+@@ -232,7 +232,7 @@ other options are ignored.
+ } else {
+ v = -1
+ }
+- *pair.dest = uint64(v)
++ *pair.dest = v
+ }
+ }
+ r.Pids.Limit = int64(context.Int("pids-limit"))
+--
+2.11.0
+
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker_git.bb b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker_git.bb
index 96d48ca..9db48ee 100644
--- a/import-layers/meta-virtualization/recipes-containers/runc/runc-docker_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-docker_git.bb
@@ -2,10 +2,14 @@
# Note: this rev is before the required protocol field, update when all components
# have been updated to match.
-SRCREV = "2f7393a47307a16f8cee44a37b262e8b81021e3e"
-SRC_URI = "git://github.com/docker/runc.git;nobranch=1 \
+SRCREV_runc-docker = "9d6821d1b53908e249487741eccd567249ca1d99"
+SRC_URI = "git://github.com/docker/runc.git;nobranch=1;name=runc-docker \
+ file://0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch \
+ file://0002-Remove-Platform-as-no-longer-in-OCI-spec.patch \
+ file://0003-Update-memory-specs-to-use-int64-not-uint64.patch \
+ file://0001-runc-Add-console-socket-dev-null.patch \
+ file://0001-Use-correct-go-cross-compiler.patch \
+ file://0001-Disable-building-recvtty.patch \
"
-RUNC_VERSION = "1.0.0-rc2"
-PROVIDES += "virtual/runc"
-RPROVIDES_${PN} = "virtual/runc"
+RUNC_VERSION = "1.0.0-rc3"
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers/0001-Use-correct-go-cross-compiler.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers/0001-Use-correct-go-cross-compiler.patch
new file mode 100644
index 0000000..67d7014
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers/0001-Use-correct-go-cross-compiler.patch
@@ -0,0 +1,85 @@
+From 621e5e9a196daaaf5eb430a413fe51218cf42c89 Mon Sep 17 00:00:00 2001
+From: Paul Barker <pbarker@toganlabs.com>
+Date: Wed, 4 Oct 2017 15:45:27 +0000
+Subject: [PATCH] Use correct go cross-compiler
+
+We need to use '${GO}' as set by OpenEmbedded instead of just 'go'. Just using
+'go' will invoke go-native.
+
+Signed-off-by: Paul Barker <pbarker@toganlabs.com>
+Upstream-status: Inappropriate
+---
+ Makefile | 20 ++++++++++----------
+ 1 file changed, 10 insertions(+), 10 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index 6781ac7..74e551d 100644
+--- a/src/import/Makefile
++++ b/src/import/Makefile
+@@ -27,18 +27,18 @@ SHELL := $(shell command -v bash 2>/dev/null)
+ .DEFAULT: runc
+
+ runc: $(SOURCES)
+- go build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc .
++ $(GO) build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc .
+
+ all: runc recvtty
+
+ recvtty: contrib/cmd/recvtty/recvtty
+
+ contrib/cmd/recvtty/recvtty: $(SOURCES)
+- go build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
++ $(GO) build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
+
+ static: $(SOURCES)
+- CGO_ENABLED=1 go build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc .
+- CGO_ENABLED=1 go build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
++ CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc .
++ CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty
+
+ release:
+ @flag_list=(seccomp selinux apparmor static); \
+@@ -62,15 +62,15 @@ release:
+ CGO_ENABLED=1; \
+ }; \
+ echo "Building target: $$output"; \
+- go build -i $(EXTRA_FLAGS) -ldflags "$$ldflags $(EXTRA_LDFLAGS)" -tags "$$tags" -o "$$output" .; \
++ $(GO) build -i $(EXTRA_FLAGS) -ldflags "$$ldflags $(EXTRA_LDFLAGS)" -tags "$$tags" -o "$$output" .; \
+ done
+
+ dbuild: runcimage
+ docker run --rm -v $(CURDIR):/go/src/$(PROJECT) --privileged $(RUNC_IMAGE) make clean all
+
+ lint:
+- go vet $(allpackages)
+- go fmt $(allpackages)
++ $(GO) vet $(allpackages)
++ $(GO) fmt $(allpackages)
+
+ man:
+ man/md2man-all.sh
+@@ -88,7 +88,7 @@ unittest: runcimage
+ docker run -e TESTFLAGS -t --privileged --rm -v $(CURDIR):/go/src/$(PROJECT) $(RUNC_IMAGE) make localunittest
+
+ localunittest: all
+- go test -timeout 3m -tags "$(BUILDTAGS)" ${TESTFLAGS} -v $(allpackages)
++ $(GO) test -timeout 3m -tags "$(BUILDTAGS)" ${TESTFLAGS} -v $(allpackages)
+
+ integration: runcimage
+ docker run -e TESTFLAGS -t --privileged --rm -v $(CURDIR):/go/src/$(PROJECT) $(RUNC_IMAGE) make localintegration
+@@ -133,10 +133,10 @@ clean:
+
+ validate:
+ script/validate-gofmt
+- go vet $(allpackages)
++ $(GO) vet $(allpackages)
+
+ ci: validate localtest
+
+ # memoize allpackages, so that it's executed only once and only if used
+-_allpackages = $(shell go list ./... | grep -v vendor)
++_allpackages = $(shell $(GO) list ./... | grep -v vendor)
+ allpackages = $(if $(__allpackages),,$(eval __allpackages := $$(_allpackages)))$(__allpackages)
+--
+2.7.4
+
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers_git.bb b/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers_git.bb
index 4a6e8cd..a97676b 100644
--- a/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers_git.bb
+++ b/import-layers/meta-virtualization/recipes-containers/runc/runc-opencontainers_git.bb
@@ -1,15 +1,8 @@
include runc.inc
-SRCREV = "75f8da7c889acc4509a0cf6f0d3a8f9584778375"
-SRC_URI = "git://github.com/opencontainers/runc;branch=master \
- "
-RUNC_VERSION = "1.0.0-rc3"
-PROVIDES += "virtual/runc"
-RPROVIDES_${PN} = "virtual/runc"
-
-do_compile_prepend() {
- # Go looks in a src directory under any directory in GOPATH but
- # runc-opencontainers uses 'vendor' instead of 'vendor/src'. We can fix
- # this with a symlink.
- ln -sfn . "${S}/vendor/src"
-}
+SRCREV = "2e7cfe036e2c6dc51ccca6eb7fa3ee6b63976dcd"
+SRC_URI = " \
+ git://github.com/opencontainers/runc;branch=master \
+ file://0001-Use-correct-go-cross-compiler.patch \
+ "
+RUNC_VERSION = "1.0.0-rc4"
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc.inc b/import-layers/meta-virtualization/recipes-containers/runc/runc.inc
index 4808547..0179103 100644
--- a/import-layers/meta-virtualization/recipes-containers/runc/runc.inc
+++ b/import-layers/meta-virtualization/recipes-containers/runc/runc.inc
@@ -4,38 +4,40 @@
# Apache-2.0 for containerd
LICENSE = "Apache-2.0"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=435b266b3899aa8a959f17d41c56def8"
+LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=435b266b3899aa8a959f17d41c56def8"
S = "${WORKDIR}/git"
-PV = "${RUNC_VERSION}+git${SRCREV}"
+PV = "${RUNC_VERSION}+git${SRCPV}"
inherit go
RRECOMMENDS_${PN} = "lxc docker"
+PROVIDES += "virtual/runc"
+RPROVIDES_${PN} = "virtual/runc"
+
+GO_IMPORT = "import"
LIBCONTAINER_PACKAGE="github.com/opencontainers/runc/libcontainer"
do_configure[noexec] = "1"
EXTRA_OEMAKE="BUILDTAGS=''"
-inherit goarch
-
do_compile() {
- export GOARCH="${TARGET_GOARCH}"
- export GOROOT="${STAGING_LIBDIR_NATIVE}/${TARGET_SYS}/go"
# Set GOPATH. See 'PACKAGERS.md'. Don't rely on
# docker to download its dependencies but rather
# use dependencies packaged independently.
- cd ${S}
+ cd ${S}/src/import
rm -rf .gopath
dname=`dirname "${LIBCONTAINER_PACKAGE}"`
bname=`basename "${LIBCONTAINER_PACKAGE}"`
mkdir -p .gopath/src/${dname}
(cd .gopath/src/${dname}; ln -sf ../../../../../${bname} ${bname})
- export GOPATH="${S}/.gopath:${S}/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go"
- export GOROOT="${STAGING_DIR_NATIVE}/${nonarch_libdir}/${HOST_SYS}/go"
- cd -
+ export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go"
+
+ # Fix up symlink for go-cross compiler
+ rm -f ${S}/src/import/vendor/src
+ ln -sf ./ ${S}/src/import/vendor/src
# Pass the needed cflags/ldflags so that cgo
# can find the needed headers files and libraries
@@ -51,7 +53,7 @@
do_install() {
mkdir -p ${D}/${bindir}
- cp ${S}/runc ${D}/${bindir}/runc
+ cp ${S}/src/import/runc ${D}/${bindir}/runc
ln -sf runc ${D}/${bindir}/docker-runc
}
diff --git a/import-layers/meta-virtualization/recipes-containers/runc/runc/0001-nsexec-fix-build-against-musl-libc.patch b/import-layers/meta-virtualization/recipes-containers/runc/runc/0001-nsexec-fix-build-against-musl-libc.patch
deleted file mode 100644
index aa57636..0000000
--- a/import-layers/meta-virtualization/recipes-containers/runc/runc/0001-nsexec-fix-build-against-musl-libc.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From ac6bd953192fa6752a07be7501f69f7cffe33e8e Mon Sep 17 00:00:00 2001
-From: Natanael Copa <natanael.copa@docker.com>
-Date: Tue, 19 Apr 2016 10:43:00 +0200
-Subject: [PATCH] nsexec: fix build against musl libc
-
-Remove a wrongly added include which was added in commit 3c2e77ee (Add a
-compatibility header for CentOS/RHEL 6, 2016-01-29) apparently to
-fix this compile error on centos 6:
-
-> In file included from
-> Godeps/_workspace/src/github.com/opencontainers/runc/libcontainer/nsenter/nsexec.c:20:
-> /usr/include/linux/netlink.h:35: error: expected specifier-qualifier-list before 'sa_family_t'
-
-The glibc bits/sockaddr.h says that this header should never be included
-directly[1]. Instead, sys/socket.h should be used.
-
-The problem was correctly fixed later, in commit 394fb55 (Fix build
-error on centos6, 2016-03-02) so the incorrect bits/sockaddr.h can
-safely be removed.
-
-This is needed to build musl libc.
-
-Fixes #761
-
-[1]: https://github.molgen.mpg.de/git-mirror/glibc/blob/20003c49884422da7ffbc459cdeee768a6fee07b/bits/sockaddr.h#L20
-
-Signed-off-by: Natanael Copa <natanael.copa@docker.com>
-Signed-off-by: Paul Barker <paul@paulbarker.me.uk>
-Upstream-status: Backport
----
- libcontainer/nsenter/nsexec.c | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/libcontainer/nsenter/nsexec.c b/libcontainer/nsenter/nsexec.c
-index 8f37d6c..40a8f89 100644
---- a/libcontainer/nsenter/nsexec.c
-+++ b/libcontainer/nsenter/nsexec.c
-@@ -18,7 +18,6 @@
- #include <unistd.h>
- #include <grp.h>
-
--#include <bits/sockaddr.h>
- #include <linux/types.h>
-
- // All arguments should be above the stack because it grows down
---
-2.1.4
-
diff --git a/import-layers/meta-virtualization/recipes-containers/singularity/README b/import-layers/meta-virtualization/recipes-containers/singularity/README
new file mode 100644
index 0000000..582480f
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/singularity/README
@@ -0,0 +1,46 @@
+Singularity is a container platform based on the principle of mobility of
+compute, and it is designed for use within HPC clusters. For more info see
+singularity.lbl.gov.
+
+To test whether the software functions correctly, you can use `singularity
+selftest`. This is what you would expect to see:
+
+~# singularity selftest
+ + sh -c test -f /etc/singularity/singularity.conf (retval=0) OK
+ + test -u /usr/libexec/singularity/bin/action-suid (retval=0) OK
+ + test -u /usr/libexec/singularity/bin/create-suid (retval=0) OK
+ + test -u /usr/libexec/singularity/bin/expand-suid (retval=0) OK
+ + test -u /usr/libexec/singularity/bin/export-suid (retval=0) OK
+ + test -u /usr/libexec/singularity/bin/import-suid (retval=0) OK
+ + test -u /usr/libexec/singularity/bin/mount-suid (retval=0) OK
+
+You can also pull a container from Docker Hub to prove full functionality
+(Test was performed on a Raspberry Pi 3, hence the arm32v7 part of the Docker
+link. Make sure you pull an image which is compatible with your hardware.)
+For instance:
+
+~# singularity pull docker://arm32v7/debian:latest
+Initializing Singularity image subsystem
+Opening image file: debian-latest.img
+Creating 200MiB image
+Binding image to loop
+Creating file system within image
+Image is done: debian-latest.img
+Docker image path: index.docker.io/arm32v7/debian:latest
+Cache folder set to /home/root/.singularity/docker
+[1/1] |===================================| 100.0%
+Importing: base Singularity environment
+Importing: /home/root/.singularity/docker/sha256:ed4f1f0d0a0457e7f76ffb25a8d6a193007709dd312b7647cb44fc6979ec4a53.tar.gz
+Importing: /home/root/.singularity/metadata/sha256:89997b2c16b29c5a3a316e314172ef21b36f67cc3200b1c4d95927f716dbee83.tar.gz
+Done. Container is at: debian-latest.img
+~# singularity shell debian-latest.img
+Singularity: Invoking an interactive shell within container...
+
+Singularity debian-latest.img:~> echo "Hello from within the container!"
+Hello from within the container!
+Singularity debian-latest.img:~> ls /
+bin dev home lost+found mnt proc run singularity sys usr
+boot etc lib media opt root sbin srv tmp var
+Singularity debian-latest.img:~> exit
+exit
+~#
diff --git a/import-layers/meta-virtualization/recipes-containers/singularity/singularity_git.bb b/import-layers/meta-virtualization/recipes-containers/singularity/singularity_git.bb
new file mode 100644
index 0000000..6fee8f3
--- /dev/null
+++ b/import-layers/meta-virtualization/recipes-containers/singularity/singularity_git.bb
@@ -0,0 +1,35 @@
+# Skip QA check for library symbolic links (core issue is a packaging problem within
+# Singularity build / config: read up on the dev-so test for more info)
+INSANE_SKIP_${PN} += "dev-so"
+
+RDEPENDS_${PN} += "glibc python3 ca-certificates openssl bash e2fsprogs-mke2fs"
+# Singularity expects to find python3 under the name python, therefore both
+# cannot be installed at the same time.
+RCONFLICTS_${PN} = "python"
+
+LICENSE = "BSD"
+LIC_FILES_CHKSUM = "file://COPYRIGHT.md;md5=be78c34e483dd7d8439358b1e024b294 \
+ file://LICENSE-LBNL.md;md5=45a007b527e1a9507aa7fa869f8d7ede \
+ file://LICENSE.md;md5=df4326b473db6424033f1d98a5645e30 \
+ file://debian/copyright;md5=ed267cf386d9b75ab1f27f407e935b10"
+
+SRC_URI = "git://github.com/singularityware/singularity.git;protocol=https"
+PV = "2.3.1+git${SRCPV}"
+SRCREV = "e214d4ebf0a1274b1c63b095fd55ae61c7e92947"
+
+S = "${WORKDIR}/git"
+
+inherit pythonnative autotools-brokensep
+EXTRA_OECONF = "--prefix=/usr/local"
+
+pkg_postinst_${PN}() {
+ # Singularity requires "python" to resolve to "python3" within the commandline.
+ # This creates a symbolic link from python3 to python. A side-effect of this is
+ # that scripts which expect Python 2 may fail to run correctly.
+ ln -sr $D${bindir}/python3 $D${bindir}/python
+
+ # python3 expects CA certificates to be installed in a different place to where
+ # they are actually installed. These lines link the two locations.
+ rm -r $D${libdir}/ssl-1.1/certs
+ ln -sr $D${sysconfdir}/ssl/certs $D${libdir}/ssl-1.1
+}