diff --git a/.fmf/version b/.fmf/version deleted file mode 100644 index d00491f..0000000 --- a/.fmf/version +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/.gitignore b/.gitignore index 62eb9bc..2c8b361 100644 --- a/.gitignore +++ b/.gitignore @@ -29,25 +29,9 @@ crun-0.1.1.tar.gz /f642968ec5ae05b33f2545da6edf135c338b34d1.patch /crun-0.19.tar.gz /crun-0.19.1.tar.gz -/crun-0.19.1.7-3886.tar.xz -/crun-0.19.1.11-1dea.tar.xz -/crun-0.19.1.17-3f6a.tar.xz -/crun-0.19.1.19-b6c3.tar.xz -/crun-0.19.1.22-4e96.tar.xz -/crun-0.19.1.26-029e.tar.xz -/crun-0.19.1.31-b83e.tar.xz -/crun-0.19.1.36-2bad.tar.xz -/crun-0.19.1.41-f9c4.tar.xz -/crun-0.19.1.45-4cc7.tar.xz -/crun-0.19.1.50-1942.tar.xz -/crun-0.20.1-ffb7.tar.xz -/crun-0.20.3-8d6a.tar.xz -/crun-0.20.1.1-7adf.tar.xz -/crun-0.20.1.3-9dec.tar.xz -/crun-0.19.1.13-6340.tar.xz -/crun-0.20.1.7-7ef7.tar.xz -/crun-0.20.1.9-60de.tar.xz -/crun-0.21-dirty.tar.xz +/crun-0.19.1.tar.xz +/crun-0.20.tar.xz +/crun-0.20.1.tar.xz /crun-0.21.tar.xz /crun-1.0.tar.xz /crun-1.1.tar.xz @@ -56,49 +40,4 @@ crun-0.1.1.tar.gz /crun-1.4.tar.xz /crun-1.4.1.tar.xz /crun-1.4.2.tar.xz -/crun-1.4.3.tar.xz /crun-1.4.4.tar.xz -/crun-1.4.5.tar.xz -/crun-1.5.tar.xz -/crun-1.6.tar.xz -/crun-1.7.tar.xz -/crun-1.7.1.tar.xz -/crun-1.7.2.tar.xz -/crun-1.8.tar.xz -/crun-1.8.1.tar.xz -/crun-1.8.2.tar.xz -/crun-1.8.3.tar.xz -/crun-1.8.4.tar.xz -/crun-1.8.5.tar.xz -/crun-1.8.6.tar.xz -/crun-1.8.7.tar.xz -/crun-1.9.tar.xz -/crun-1.9.1.tar.xz -/crun-1.9.2.tar.xz -/crun-1.10.tar.xz -/crun-1.11.tar.xz -/crun-1.11.1.tar.xz -/crun-1.11.2.tar.xz -/crun-1.12.tar.xz -/crun-1.13.tar.xz -/crun-1.14.tar.xz -/crun-1.14.1.tar.xz -/crun-1.14.2.tar.xz -/crun-1.14.3.tar.xz -/crun-1.14.4.tar.xz -/crun-1.15.tar.zst -/crun-1.17.tar.zst -/crun-1.18.tar.zst -/crun-1.18.1.tar.zst -/crun-1.18.2.tar.zst -/crun-1.19.tar.zst -/crun-1.19.1.tar.zst -/crun-1.20.tar.zst -/crun-1.21.tar.zst -/crun-1.22.tar.zst -/crun-1.23.tar.zst -/crun-1.23.1.tar.zst -/crun-1.24.tar.zst -/crun-1.25.tar.zst -/crun-1.25.1.tar.zst -/crun-1.26.tar.zst diff --git a/.packit.yaml b/.packit.yaml deleted file mode 100644 index b7dc6ae..0000000 --- a/.packit.yaml +++ /dev/null @@ -1,140 +0,0 @@ ---- -# See the documentation for more information: -# https://packit.dev/docs/configuration/ - -downstream_package_name: crun - -# Ref: https://packit.dev/docs/configuration#files_to_sync -files_to_sync: - - src: rpm/gating.yaml - dest: gating.yaml - - src: plans/ - dest: plans/ - delete: true - mkpath: true - - src: tests/tmt/ - dest: tests/tmt/ - delete: true - mkpath: true - - src: .fmf/ - dest: .fmf/ - delete: true - mkpath: true - - .packit.yaml - -packages: - crun-fedora: - pkg_tool: fedpkg - specfile_path: rpm/crun.spec - crun-centos: - pkg_tool: centpkg - specfile_path: rpm/crun.spec - crun-eln: - specfile_path: rpm/crun.spec - -srpm_build_deps: - - git-archive-all - - make - -actions: - # This action runs only on copr build jobs - create-archive: - - "git-archive-all -v --force-submodules rpm/crun-HEAD.tar.xz" - - bash -c "ls -1 rpm/crun-HEAD.tar.xz" - -jobs: - - job: copr_build - trigger: pull_request - packages: [crun-fedora] - notifications: &copr_build_failure_notification - failure_comment: - message: "Ephemeral COPR build failed. @containers/packit-build please check." - targets: &fedora_copr_targets - - fedora-all-x86_64 - - fedora-all-aarch64 - - - job: copr_build - trigger: pull_request - packages: [crun-eln] - notifications: *copr_build_failure_notification - targets: - - fedora-eln-x86_64 - - fedora-eln-aarch64 - - - job: copr_build - trigger: pull_request - packages: [crun-centos] - notifications: *copr_build_failure_notification - targets: ¢os_copr_targets - - centos-stream-9-x86_64 - - centos-stream-9-aarch64 - - centos-stream-10-x86_64 - - centos-stream-10-aarch64 - - # Run on commit to main branch - - job: copr_build - trigger: commit - packages: [crun-fedora] - notifications: - failure_comment: - message: "podman-next COPR build failed. @containers/packit-build please check." - branch: main - owner: rhcontainerbot - project: podman-next - - # Podman system tests for Fedora and CentOS Stream - - job: tests - trigger: pull_request - packages: [crun-fedora] - notifications: &test_failure_notification - failure_comment: - message: "TMT tests failed. @containers/packit-build please check." - targets: *fedora_copr_targets - tf_extra_params: - environments: - - artifacts: - - type: repository-file - id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/fedora-$releasever/rhcontainerbot-podman-next-fedora-$releasever.repo - - # Podman system tests for CentOS Stream - - job: tests - trigger: pull_request - packages: [crun-centos] - notifications: *test_failure_notification - # TODO: Re-enable centos-stream-10-x86_64 once criu issues are solved - # Ref: https://github.com/containers/crun/pull/1758#issuecomment-2901772392 - # Issue filed: https://github.com/containers/crun/issues/1759 - #targets: *centos_copr_targets - targets: - - centos-stream-9-x86_64 - - centos-stream-9-aarch64 - - centos-stream-10-aarch64 - tf_extra_params: - environments: - - artifacts: - - type: repository-file - id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/centos-stream-$releasever/rhcontainerbot-podman-next-centos-stream-$releasever.repo - - - job: propose_downstream - trigger: release - packages: [crun-fedora] - dist_git_branches: &fedora_targets - - fedora-all - - # Disabled until we're switching to Packit for CentOS Stream - - job: propose_downstream - trigger: ignore - packages: [crun-centos] - dist_git_branches: - - c10s - - - job: koji_build - trigger: commit - packages: [crun-fedora] - dist_git_branches: *fedora_targets - - - job: bodhi_update - trigger: commit - packages: [crun-fedora] - dist_git_branches: - - fedora-branched # rawhide updates are created automatically diff --git a/README.packit b/README.packit deleted file mode 100644 index 9bb65f0..0000000 --- a/README.packit +++ /dev/null @@ -1,3 +0,0 @@ -This repository is maintained by packit. -https://packit.dev/ -The file was generated using packit 1.13.0.post1.dev2+g84134016c. diff --git a/crun.spec b/crun.spec index 5cfc631..98c72dc 100644 --- a/crun.spec +++ b/crun.spec @@ -1,142 +1,247 @@ -%global krun_opts %{nil} -%global wasmedge_opts %{nil} -%global yajl_opts %{nil} +%global git0 https://github.com/containers/%{name} -%if %{defined copr_username} -%define copr_build 1 -%endif - -# krun and wasm support only on aarch64 and x86_64 -%ifarch aarch64 || x86_64 - -%if %{defined fedora} -# krun only exists on fedora -%global krun_support 1 -%global krun_opts --with-libkrun - -# Keep wasmedge enabled only on Fedora. It breaks a lot on EPEL. -%global wasm_support 1 -%global wasmedge_support 1 -%global wasmedge_opts --with-wasmedge -%endif - -%endif - -%if %{defined fedora} || (%{defined rhel} && 0%{?rhel} < 10) -%global system_yajl 1 -%else -%global yajl_opts --enable-embedded-yajl -%endif +# Used for comparing with latest upstream tag +# to decide whether to autobuild and set download_url (non-rawhide only) +%global built_tag 1.4.4 Summary: OCI runtime written in C Name: crun -%if %{defined copr_build} -Epoch: 102 -%endif -# DO NOT TOUCH the Version string! -# The TRUE source of this specfile is: -# https://github.com/containers/crun/blob/main/rpm/crun.spec -# If that's what you're reading, Version must be 0, and will be updated by Packit for -# copr and koji builds. -# If you're reading this on dist-git, the version is automatically filled in by Packit. -Version: 1.26 -Release: %autorelease -URL: https://github.com/containers/%{name} -Source0: %{url}/releases/download/%{version}/%{name}-%{version}.tar.zst -License: GPL-2.0-only -%if %{defined golang_arches_future} -ExclusiveArch: %{golang_arches_future} -%else -ExclusiveArch: aarch64 ppc64le riscv64 s390x x86_64 -%endif +Version: 1.4.4 +Release: 1%{?dist} +URL: %{git0} +Source0: %{url}/releases/download/%{version}/%{name}-%{version}.tar.xz +License: GPLv2+ + +# We always run autogen.sh BuildRequires: autoconf BuildRequires: automake BuildRequires: gcc +BuildRequires: python BuildRequires: git-core -BuildRequires: gperf BuildRequires: libcap-devel -%if %{defined krun_support} -BuildRequires: libkrun-devel -%endif BuildRequires: systemd-devel -%if %{defined system_yajl} BuildRequires: yajl-devel -%endif BuildRequires: libseccomp-devel +BuildRequires: libselinux-devel BuildRequires: python3-libmount BuildRequires: libtool -BuildRequires: protobuf-c-devel -BuildRequires: criu-devel >= 3.17.1-2 -Recommends: criu >= 3.17.1 -Recommends: criu-libs -%if %{defined wasmedge_support} -BuildRequires: wasmedge-devel -%endif -BuildRequires: python +BuildRequires: go-md2man +BuildRequires: make BuildRequires: glibc-static +BuildRequires: protobuf-c-devel +%ifnarch %ix86 +BuildRequires: criu-devel >= 3.15 +%endif Provides: oci-runtime %description -%{name} is a OCI runtime - -%if %{defined krun_support} -%package krun -Summary: %{name} with libkrun support -Requires: libkrun -Requires: %{name} = %{?epoch:%{epoch}:}%{version}-%{release} -Provides: krun = %{?epoch:%{epoch}:}%{version}-%{release} - -%description krun -krun is a symlink to the %{name} binary, with libkrun as an additional dependency. -%endif - -%if %{defined wasm_support} -%package wasm -Summary: %{name} with wasm support -Requires: %{name} = %{?epoch:%{epoch}:}%{version}-%{release} -# wasm packages are not present on RHEL yet and are currently a PITA to test -# Best to only include wasmedge as weak dep on rhel -%if %{defined fedora} -Requires: wasm-library -%endif -Recommends: wasmedge - -%description wasm -%{name}-wasm is a symlink to the %{name} binary, with wasm as an additional dependency. -%endif +crun is a runtime for running OCI containers %prep -%autosetup -Sgit -n %{name}-%{version} +%autosetup -p1 -n %{name}-%{version} %build ./autogen.sh -./configure --disable-silent-rules %{krun_opts} %{wasmedge_opts} %{yajl_opts} +%configure --disable-silent-rules + %make_build %install -%make_install prefix=%{_prefix} -rm -rf %{buildroot}%{_prefix}/lib* - -# Placeholder check to silence rpmlint -%check +%make_install +rm -rf %{buildroot}%{_usr}/lib* %files %license COPYING %{_bindir}/%{name} -%{_mandir}/man1/%{name}.1.gz - -%if %{defined krun_support} -%files krun -%license COPYING -%{_bindir}/krun -%{_mandir}/man1/krun.1.gz -%endif - -%if %{defined wasm_support} -%files wasm -%license COPYING -%{_bindir}/%{name}-wasm -%endif +%{_mandir}/man1/* %changelog -%autochangelog +* Thu Mar 31 2022 Lokesh Mandvekar - 1.4.4-1 +- Resolves: #2066845, #2070116 - Security fix for CVE-2022-27650 +- bump to v1.4.4 + +* Wed Jan 26 2022 RH Container Bot - 1.4.2-1 +- autobuilt 1.4.2 + +* Fri Jan 14 2022 RH Container Bot - 1.4.1-1 +- autobuilt 1.4.1 + +* Wed Dec 22 2021 RH Container Bot - 1.4-1 +- autobuilt 1.4 + +* Fri Nov 05 2021 RH Container Bot - 1.3-1 +- autobuilt 1.3 + +* Fri Oct 08 2021 RH Container Bot - 1.2-1 +- autobuilt 1.2 + +* Mon Sep 27 2021 RH Container Bot - 1.1-1 +- autobuilt 1.1 + +* Wed Aug 25 2021 RH Container Bot - 1.0-1 +- autobuilt 1.0 + +* Tue Aug 10 2021 RH Container Bot - 0.21-1 +- autobuilt 0.21 + +* Wed Jun 09 2021 Lokesh Mandvekar - 0.20.1-1 +- Fixes: https://github.com/containers/crun/issues/687 + +* Wed Jun 02 2021 Lokesh Mandvekar - 0.20-1 +- bump to 0.20 + +* Mon May 17 2021 Lokesh Mandvekar - 0.19.1-3 +- rebuild to fix prior build downgrades + +* Fri May 07 2021 RH Container Bot - 0.19.1-1 +- autobuilt 0.19.1 + +* Thu Apr 22 2021 Lokesh Mandvekar - 0.19.1-2 +- rebuild for new bodhi + +* Thu Apr 22 2021 Giuseppe Scrivano - 0.19.1-1 +- built version 0.19.1 + +* Tue Apr 13 2021 Lokesh Mandvekar - 0.19-2 +- unversioned Provides: oci-runtime +- runc package will also provide an unversioned Provides: oci-runtime. +- user should pull in runc separately or else it will install crun by default + (alphabetical order) +- similar situation as caddy, httpd, lighttpd and nginx having Provides: +webserver + +* Tue Apr 06 2021 Giuseppe Scrivano - 0.19-1 +- built version 0.19 + +* Wed Mar 31 2021 Lokesh Mandvekar - 0.18-5 +- linux: always remount bind mounts ghpr#640 + +* Thu Mar 25 2021 Lokesh Mandvekar - 0.18-4 +- bump release tag to stay ahead of older fedora + +* Thu Mar 25 2021 Lokesh Mandvekar - 0.18-2 +- Requires: libcap >= 2.48 + +* Fri Feb 19 2021 Giuseppe Scrivano - 0.18-1 +- built version 0.18 + +* Tue Jan 26 2021 Fedora Release Engineering - 0.17-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Thu Jan 21 2021 Giuseppe Scrivano - 0.17-1 +- built version 0.17 + +* Thu Dec 17 2020 Giuseppe Scrivano - 0.16-3 +- build with CRIU + +* Wed Nov 25 2020 Jindrich Novy - 0.16-2 +- fix license + +* Tue Nov 24 2020 Giuseppe Scrivano - 0.16-1 +- built version 0.16 + +* Wed Nov 04 2020 Giuseppe Scrivano - 0.15.1-1 +- built version 0.15.1 + +* Wed Sep 30 2020 Lokesh Mandvekar - 0.15-5 +- rebuild to bump release tag ahead of older fedoras + +* Wed Sep 30 2020 Giuseppe Scrivano - 0.15-3 +- backport "exec: check read bytes from sync" + +* Wed Sep 23 2020 Giuseppe Scrivano - 0.15-2 +- rebuild + +* Wed Sep 23 2020 Giuseppe Scrivano - 0.15-1 +- build version 0.15 + +* Mon Sep 14 2020 Giuseppe Scrivano - 0.14.1-5 +- backport 4453af4c060e380051552ee589af5cad37f2ae82 + +* Mon Aug 31 2020 Lokesh Mandvekar - 0.14.1-4 +- rebuild + +* Thu Aug 27 2020 Giuseppe Scrivano - 0.14.1-3 +- backport ed9c3e6f466dfb6d2e79802060fabd5f4b66f78e + +* Mon Jul 27 2020 Fedora Release Engineering - 0.14.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Wed Jul 08 2020 Giuseppe Scrivano - 0.14.1-1 +- built version 0.14.1 + +* Thu Jul 02 2020 Giuseppe Scrivano - 0.14-1 +- built version 0.14 + +* Wed Apr 15 2020 Lokesh Mandvekar - 0.13-2 +- release bump for correct upgrade path + +* Thu Mar 05 2020 Giuseppe Scrivano - 0.13-1 +- built version 0.13 + +* Mon Feb 17 2020 Giuseppe Scrivano - 0.12.2.1-1 +- built version 0.12.2.1 + +* Mon Feb 17 2020 Giuseppe Scrivano - 0.12.2-1 +- built version 0.12.2 + +* Thu Feb 6 2020 Giuseppe Scrivano - 0.12.1-1 +- built version 0.12.1 + +* Mon Feb 3 2020 Giuseppe Scrivano - 0.12-1 +- built version 0.12 + +* Tue Jan 28 2020 Fedora Release Engineering - 0.11-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Mon Dec 23 2019 Giuseppe Scrivano - 0.11-1 +- built version 0.11 + +* Mon Nov 18 2019 Giuseppe Scrivano - 0.10.6-1 +- built version 0.10.6 + +* Sun Nov 10 2019 Giuseppe Scrivano - 0.10.5-2 +- built version 0.10.5 +- fix CVE-2019-18837 + +* Sun Nov 10 2019 Giuseppe Scrivano - 0.10.5-1 +- built version 0.10.5 + +* Thu Oct 31 2019 Giuseppe Scrivano - 0.10.4-1 +- built version 0.10.4 + +* Tue Oct 29 2019 Giuseppe Scrivano - 0.10.3-1 +- built version 0.10.3 + +* Mon Oct 7 2019 Giuseppe Scrivano - 0.10.2-1 +- built version 0.10.2 + +* Fri Oct 4 2019 Giuseppe Scrivano - 0.10.1-1 +- built version 0.10.1 + +* Tue Oct 1 2019 Giuseppe Scrivano - 0.10-1 +- built version 0.10 + +* Fri Sep 13 2019 Giuseppe Scrivano - 0.9.1-1 +- built version 0.9.1 + +* Wed Sep 11 2019 Giuseppe Scrivano - 0.9-1 +- built version 0.9 + +* Tue Sep 10 2019 Jindrich Novy - 0.8-3 +- Add versioned oci-runtime provide. + +* Mon Sep 9 2019 Dan Walsh - 0.8-2 +- Add provides oci-runtime + +* Mon Aug 19 2019 Giuseppe Scrivano - 0.8-1 +- built version 0.8 + +* Wed Jul 24 2019 Fedora Release Engineering - 0.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Thu Jul 18 2019 Giuseppe Scrivano - 0.7-1 +- built version 0.7 + +* Tue Jun 18 2019 Giuseppe Scrivano - 0.6-1 +- built version 0.6 diff --git a/gating.yaml b/gating.yaml deleted file mode 100644 index f86de09..0000000 --- a/gating.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- !Policy -product_versions: - - fedora-* -decision_contexts: - - bodhi_update_push_stable - - bodhi_update_push_testing -rules: - - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} - ---- !Policy -product_versions: - - rhel-* -decision_context: osci_compose_gate -rules: - - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional} diff --git a/plans/main.fmf b/plans/main.fmf deleted file mode 100644 index 7a4ae15..0000000 --- a/plans/main.fmf +++ /dev/null @@ -1,40 +0,0 @@ -discover: - how: fmf -execute: - how: tmt -prepare: - - when: distro == centos-stream or distro == rhel - how: shell - script: | - dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-$(rpm --eval '%{?rhel}').noarch.rpm - dnf -y config-manager --set-enabled epel - order: 10 - - when: initiator == packit - how: shell - script: | - COPR_REPO_FILE="/etc/yum.repos.d/*podman-next*.repo" - if compgen -G $COPR_REPO_FILE > /dev/null; then - sed -i -n '/^priority=/!p;$apriority=1' $COPR_REPO_FILE - fi - dnf -y upgrade --allowerasing - order: 20 - - how: install - package: - - bats - - crun - - podman-tests - -/shellcheck: - discover+: - filter: 'tag:shellcheck' - enabled: true - adjust: - enabled: false - when: distro == centos-stream-10 or distro == rhel-10 - prepare+: - - how: install - package: ShellCheck - -/tests: - discover+: - filter: 'tag:podman | tag:sanity' diff --git a/plans/tmt.fmf b/plans/tmt.fmf deleted file mode 100644 index 1941978..0000000 --- a/plans/tmt.fmf +++ /dev/null @@ -1,9 +0,0 @@ -/: - inherit: false - -summary: Run tmt's integration tests -plan: - import: - url: https://github.com/teemtee/tmt - path: /plans/friends - name: /podman diff --git a/sources b/sources index 233ea40..8d8b8bd 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (crun-1.26.tar.zst) = 0785af6095a26290f433c5739bea5d98a029c3f0e8efbeed420481849ebddd70acde6c1105133c392abf26bca90d232cced5e5994da7506d66a020a02c129fb3 +SHA512 (crun-1.4.4.tar.xz) = 1756dccf6509457a5dc114d43c4f4e99258a20c3437dfe06016d080989c5d3035f5735d62d18ab537b660ec36de04df369a2582745baf4ab680af367a19830fd diff --git a/tests/tmt/podman/system-test.fmf b/tests/tmt/podman/system-test.fmf deleted file mode 100644 index 8df55c2..0000000 --- a/tests/tmt/podman/system-test.fmf +++ /dev/null @@ -1,7 +0,0 @@ -adjust: - duration: 10m - when: arch == aarch64 - -summary: Run crun specific Podman tests -test: bash ./system-test.sh -tag: [ podman ] diff --git a/tests/tmt/podman/system-test.sh b/tests/tmt/podman/system-test.sh deleted file mode 100644 index 974f829..0000000 --- a/tests/tmt/podman/system-test.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/usr/bin/env bash - -set -exo pipefail - -if [[ "$(id -u)" -ne 0 ]];then - echo "Please run this script as superuser" - exit 1 -fi - -cat /etc/redhat-release -rpm -q conmon containers-common crun podman podman-tests - -# Run crun specific podman tests -bats -t /usr/share/podman/test/system/030-run.bats -bats -t /usr/share/podman/test/system/075-exec.bats -bats -t /usr/share/podman/test/system/280-update.bats -bats -t /usr/share/podman/test/system/520-checkpoint.bats diff --git a/tests/tmt/sanity/config.json b/tests/tmt/sanity/config.json deleted file mode 100644 index 3a1f225..0000000 --- a/tests/tmt/sanity/config.json +++ /dev/null @@ -1,180 +0,0 @@ -{ - "ociVersion": "1.0.0", - "process": { - "terminal": false, - "user": { - "uid": 0, - "gid": 0 - }, - "args": [ - "sleep", "10" - ], - "env": [ - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", - "TERM=xterm" - ], - "cwd": "/", - "capabilities": { - "bounding": [ - "CAP_AUDIT_WRITE", - "CAP_KILL", - "CAP_NET_BIND_SERVICE" - ], - "effective": [ - "CAP_AUDIT_WRITE", - "CAP_KILL", - "CAP_NET_BIND_SERVICE" - ], - "inheritable": [ - ], - "permitted": [ - "CAP_AUDIT_WRITE", - "CAP_KILL", - "CAP_NET_BIND_SERVICE" - ], - "ambient": [ - "CAP_AUDIT_WRITE", - "CAP_KILL", - "CAP_NET_BIND_SERVICE" - ] - }, - "rlimits": [ - { - "type": "RLIMIT_NOFILE", - "hard": 1024, - "soft": 1024 - } - ], - "noNewPrivileges": true - }, - "root": { - "path": "rootfs", - "readonly": true - }, - "hostname": "crun", - "mounts": [ - { - "destination": "/proc", - "type": "proc", - "source": "proc" - }, - { - "destination": "/dev", - "type": "tmpfs", - "source": "tmpfs", - "options": [ - "nosuid", - "strictatime", - "mode=755", - "size=65536k" - ] - }, - { - "destination": "/dev/pts", - "type": "devpts", - "source": "devpts", - "options": [ - "nosuid", - "noexec", - "newinstance", - "ptmxmode=0666", - "mode=0620", - "gid=5" - ] - }, - { - "destination": "/dev/shm", - "type": "tmpfs", - "source": "shm", - "options": [ - "nosuid", - "noexec", - "nodev", - "mode=1777", - "size=65536k" - ] - }, - { - "destination": "/dev/mqueue", - "type": "mqueue", - "source": "mqueue", - "options": [ - "nosuid", - "noexec", - "nodev" - ] - }, - { - "destination": "/sys", - "type": "sysfs", - "source": "sysfs", - "options": [ - "nosuid", - "noexec", - "nodev", - "ro" - ] - }, - { - "destination": "/sys/fs/cgroup", - "type": "cgroup", - "source": "cgroup", - "options": [ - "nosuid", - "noexec", - "nodev", - "relatime", - "ro" - ] - } - ], - "linux": { - "resources": { - "devices": [ - { - "allow": false, - "access": "rwm" - } - ] - }, - "namespaces": [ - { - "type": "pid" - }, - { - "type": "network" - }, - { - "type": "ipc" - }, - { - "type": "uts" - }, - { - "type": "cgroup" - }, - { - "type": "mount" - } - ], - "maskedPaths": [ - "/proc/acpi", - "/proc/asound", - "/proc/kcore", - "/proc/keys", - "/proc/latency_stats", - "/proc/timer_list", - "/proc/timer_stats", - "/proc/sched_debug", - "/sys/firmware", - "/proc/scsi" - ], - "readonlyPaths": [ - "/proc/bus", - "/proc/fs", - "/proc/irq", - "/proc/sys", - "/proc/sysrq-trigger" - ] - } -} diff --git a/tests/tmt/sanity/main.fmf b/tests/tmt/sanity/main.fmf deleted file mode 100644 index ccfa4ca..0000000 --- a/tests/tmt/sanity/main.fmf +++ /dev/null @@ -1,4 +0,0 @@ -summary: Sanity test for crun -test: bash ./runtest.sh -duration: 10m -tag: [ sanity ] diff --git a/tests/tmt/sanity/runtest.sh b/tests/tmt/sanity/runtest.sh deleted file mode 100644 index 3e13986..0000000 --- a/tests/tmt/sanity/runtest.sh +++ /dev/null @@ -1,113 +0,0 @@ -#!/usr/bin/env bash - -set -exo pipefail - -TEMPDIR=$(mktemp -d) -TESTIMG="quay.io/libpod/busybox" -CNAME="mycont-$RANDOM" - -cat /etc/redhat-release -uname -r -rpm -q crun criu - -if ! crun --version; then - exit 1 -fi - -if ! crun features; then - exit 1 -fi - -if ! crun list; then - exit 1 -fi - -# create the top most bundle and rootfs directory -mkdir -p "$TEMPDIR"/rootfs - -# export busybox via podman into the rootfs directory -if ! (podman export "$(podman create $TESTIMG)" | tar -C "$TEMPDIR"/rootfs -xvf -); then - exit 1 -fi - -# use existing spec -cp ./config.json "$TEMPDIR" -ls "$TEMPDIR" -cd "$TEMPDIR" - -if ! crun create $CNAME; then - exit 1 -fi - -if ! crun list; then - exit 1 -fi - -if ! crun start $CNAME; then - exit 1 -fi - -if ! crun list; then - exit 1 -fi - -if ! crun state $CNAME; then - exit 1 -fi - -if ! crun ps $CNAME; then - exit 1 -fi - -if ! ret=$(crun exec $CNAME pwd) || [[ "$ret" != '/' ]]; then - exit 1 -fi - -if ! crun pause $CNAME; then - exit 1 -fi - -if ! crun state $CNAME; then - exit 1 -fi - -if ! crun resume $CNAME; then - exit 1 -fi - -if ! crun state $CNAME; then - exit 1 -fi - -if ! ret=$(crun exec $CNAME pwd) || [[ "$ret" != '/' ]]; then - exit 1 -fi - -if ! crun delete --force $CNAME; then - exit 1 -fi - -if ! crun list; then - exit 1 -fi - -if ! (crun run $CNAME &); then - exit 1 -fi - -if ! crun list; then - exit 1 -fi - -# make sure the container is running state -sleep 2 - -if ! ret=$(crun exec $CNAME echo 'ok') || [[ "$ret" != 'ok' ]]; then - exit 1 -fi - -if ! crun kill $CNAME; then - exit 1 -fi - -exit 0 diff --git a/tests/tmt/shellcheck/main.fmf b/tests/tmt/shellcheck/main.fmf deleted file mode 100644 index 7d220b4..0000000 --- a/tests/tmt/shellcheck/main.fmf +++ /dev/null @@ -1,4 +0,0 @@ -summary: Shellcheck tests -test: find ../ -type f -name "*.sh" -exec shellcheck {} + -duration: 10m -tag: [ shellcheck ]