Hello community, here is the log from the commit of package runc for openSUSE:Factory checked in at 2017-08-17 11:44:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/runc (Old) and /work/SRC/openSUSE:Factory/.runc.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "runc" Thu Aug 17 11:44:20 2017 rev:14 rq:517265 version:1.0.0~rc4 Changes: -------- --- /work/SRC/openSUSE:Factory/runc/runc.changes 2017-07-30 11:23:00.606392464 +0200 +++ /work/SRC/openSUSE:Factory/.runc.new/runc.changes 2017-08-17 11:44:29.538583431 +0200 @@ -1,0 +2,56 @@ +Sun Aug 13 14:25:32 UTC 2017 - [email protected] + +- Use the upstream Makefile, to ensure that we always include the version + information in runc. This was confusing users (and Docker). bsc#1053532 +- Add a backported patch to fix a Makefile bug. + https://github.com/opencontainers/runc/pull/1555 + + bsc1053532-0001-makefile-drop-usage-of-install.patch + +------------------------------------------------------------------- +Thu Aug 10 17:14:02 UTC 2017 - [email protected] + +- Update to runc v1.0.0-rc4. Upstream changelog: + + runc now supports v1.0.0 of the OCI runtime specification. #1527 + + Rootless containers support has been released. The current state of + this feature is that it only supports single-{uid,gid} mappings as an + unprivileged user, and cgroups are completely unsupported. Work is + being done to improve this. #774 + + Rather than relying on CRIU version nnumbers, actually check if the + system supports pre-dumping. #1371 + + Allow the PIDs cgroup limit to be updated. #1423 + + Add support for checkpoint/restore of containers with orphaned PTYs + (which is effectively all containers with terminal=true). #1355 + + Permit prestart hooks to modify the cgroup configuration of a + container. #1239 + + Add support for a wide variety of mount options. #1460 + + Expose memory.use_hierarchy in MemoryStats. #1378 + * Fix incorrect handling of systems without the freezer cgroup. #1387 + * Many, many changes to switch away from Go's "syscall" stdlib to + "golang.org/x/sys/unix". #1394 #1398 #1442 #1464 #1467 #1470 #1474 + #1478 #1491 #1482 #1504 #1519 #1530 + * Set cgroup resources when restoring a container. #1399 + * Switch back to using /sbin as the installation directory. #1406 + * Remove the arbitrary container ID length restriction. #1435 + * Make container force deletion ignore non-existent containers. #1451 + * Improve handling of arbitrary cgroup mount locations when populating + cpuset. #1372 + * Make the SaneTerminal interface public. #1479 + * Fix cases where runc would report a container to be in a "Running" + state if the init was a zombie or dead. #1489 + * Do not set supplementary groups for numeric users. #1450 + * Fix various issues with the "owner" field in runc-list. #1516 + * Many other miscellaneous fixes, some of which were made by first-time + contributors. Thanks, and welcome to the project! #1406 #1400 #1365 + #1396 #1402 #1414 #1412 #1408 #1418 #1425 #1428 #1436 #1433 #1438 + #1410 #1447 #1388 #1484 #1481 #1496 #1245 #1524 #1534 #1526 #1533 + - Remove any semblance of non-Linux support. #1502 + - We no longer use shfmt for testing. #1510 + +------------------------------------------------------------------- +Wed Aug 2 13:51:43 UTC 2017 - [email protected] + +- Use -buildmode=pie for tests and binary build. bsc#1048046 bsc#1051429 +- Cleanup seccomp builds similar to bsc#1028638 +- Remove the usage of 'cp -r' to reduce noise in the build logs. + +------------------------------------------------------------------- Old: ---- runc-v1.0.0rc3+r133.tar.xz New: ---- bsc1053532-0001-makefile-drop-usage-of-install.patch runc-v1.0.0rc4.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ runc.spec ++++++ --- /var/tmp/diff_new_pack.zKq1Zp/_old 2017-08-17 11:44:31.090364418 +0200 +++ /var/tmp/diff_new_pack.zKq1Zp/_new 2017-08-17 11:44:31.102362725 +0200 @@ -14,13 +14,32 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # +# nodebuginfo +# We don't include a git_version in the "upstream" runc package, because we +# only package released versions (unlike docker-runc). +%define git_version %{nil} + %define go_tool go -%define _version 1.0.0rc3+r133 +%define _version 1.0.0rc4 +%define project github.com/opencontainers/runc + +# enable libseccomp for sle >= sle12sp2 +%if 0%{?sle_version} >= 120200 +%define with_libseccomp 1 +%endif +# enable libseccomp for leap >= 42.2 +%if 0%{?leap_version} >= 420200 +%define with_libseccomp 1 +%endif +# enable libseccomp for Factory +%if 0%{?suse_version} > 1320 +%define with_libseccomp 1 +%endif Name: runc -Version: 1.0.0~rc3+r133 +Version: 1.0.0~rc4 Release: 0 Summary: Tool for spawning and running OCI containers License: Apache-2.0 @@ -32,11 +51,12 @@ BuildRequires: go-go-md2man BuildRequires: libapparmor-devel BuildRequires: golang(API) = 1.7 -# Seccomp isn't supported on aarch64. -%ifnarch aarch64 +%if 0%{?with_libseccomp} BuildRequires: libseccomp-devel %endif BuildRequires: libselinux-devel +# SUSE-FIX-UPSTREAM: Backport of https://github.com/opencontainers/runc/pull/1555. bsc#1053532 +Patch100: bsc1053532-0001-makefile-drop-usage-of-install.patch Recommends: criu BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -53,9 +73,8 @@ BuildRequires: golang(API) = 1.7 Requires: go-go-md2man Requires: libapparmor-devel -# Seccomp isn't supported on aarch64. -%ifnarch aarch64 -Requires: libseccomp-devel +%if 0%{?with_libseccomp} +BuildRequires: libseccomp-devel %endif Requires: libselinux-devel Recommends: criu @@ -66,56 +85,74 @@ %prep %setup -q -n %{name}-v%{_version} +# bsc#1053532 +%patch100 -p1 %build # Do not use symlinks. If you want to run the unit tests for this package at # some point during the build and you need to directly use go list directly it # will get confused by symlinks. -export GOPATH=${HOME}/go:${HOME}/go/src/github.com/opencontainers/runc/Godeps/_workspace -mkdir -pv $HOME/go/src/github.com/opencontainers/runc -rm -rf $HOME/go/src/github.com/opencontainers/runc/* -cp -avr * $HOME/go/src/github.com/opencontainers/runc +export GOPATH=${HOME}/go +mkdir -pv $HOME/go/src/%project +rm -rf $HOME/go/src/%project/* +cp -av * $HOME/go/src/%project + +# Additionally enable seccomp. +%if 0%{?with_libseccomp} +export EXTRA_BUILDTAGS+="seccomp" +export EXTRA_GCCFLAGS+="-lseccomp" +%endif -export BUILDFLAGS="-gccgoflags=-Wl,--add-needed -Wl,--no-as-needed -static-libgo -ldl -lselinux -lapparmor" # Build all features. -export BUILDTAGS="apparmor selinux" +export BUILDTAGS="apparmor selinux $EXTRA_BUILDTAGS" +export BUILDFLAGS="-buildmode=pie -gccgoflags='-Wl,--add-needed -Wl,--no-as-needed -static-libgo -ldl -lselinux -lapparmor $EXTRA_GCCFLAGS'" -# Seccomp isn't supported on aarch64. -%ifnarch aarch64 -export BUILDTAGS="$BUILDTAGS seccomp" -export BUILDFLAGS="$BUILDFLAGS -lseccomp" -%endif +(cat <<EOF +export GOPATH="$GOPATH" +export BUILDTAGS="$BUILDTAGS" +export BUILDFLAGS="$BUILDFLAGS" +EOF +) >./.runc_build_env +source ./.runc_build_env # Build runc. -%go_tool build "$BUILDFLAGS" -tags "$BUILDTAGS" -x -o %{name}-%{version} github.com/opencontainers/%{name} +make -C "$HOME/go/src/%project" EXTRA_FLAGS="-x $BUILDFLAGS" BUILDTAGS="$BUILDTAGS" COMMIT_NO="%{git_version}" runc +mv "$HOME/go/src/%project/runc" %{name}-%{version} # Build man pages, this can only be done on arches where we can build go-md2man. man/md2man-all.sh %check -export GOPATH=$HOME/go/src/github.com/opencontainers/runc/Godeps/_workspace:$GOPATH -cd $HOME/go/src/github.com/opencontainers/runc +source ./.runc_build_env +cd $HOME/go/src/%project + PKG_LIST=$(go list ./... \ - | grep -v 'github.com/opencontainers/runc/libcontainer/cgroups/fs$' \ - | grep -v 'github.com/opencontainers/runc/libcontainer$' \ - | grep -v 'github.com/opencontainers/runc/libcontainer/integration$' \ - | grep -v 'github.com/opencontainers/runc/libcontainer/nsenter$' \ - | grep -v 'github.com/opencontainers/runc/libcontainer/user$' \ - | grep -v 'github.com/opencontainers/runc/libcontainer/xattr$') -go test -timeout 3m -tags "$BUILDTAGS" -v $PKG_LIST + | grep -v '%{project}/libcontainer/cgroups/fs$' \ + | grep -v '%{project}/libcontainer$' \ + | grep -v '%{project}/libcontainer/integration$' \ + | grep -v '%{project}/libcontainer/nsenter$' \ + | grep -v '%{project}/libcontainer/user$' \ + | grep -v '%{project}/libcontainer/xattr$' \ +%if ! 0%{?with_libseccomp} + | grep -v '%{project}/libcontainer/seccomp$' \ + | grep -v 'github.com/seccomp/libseccomp-golang$' \ +%endif + ) +%go_tool test -buildmode=pie -tags "$BUILDTAGS" -timeout 3m -v $PKG_LIST %install -install -D -m755 %{name}-%{version} %{buildroot}%{_sbindir}/%{name} -install -d -m755 %{buildroot}/usr/src/runc/ -cp -avr $HOME/go/src/github.com/opencontainers/runc/* %{buildroot}/usr/src/runc/ +source ./.runc_build_env -# symlink runc as docker-runc. bsc#1015661 -install -d -m755 %{buildroot}/%{_bindir} +# We install to /usr/sbin/runc as per upstream. +install -D -m755 %{name}-%{version} %{buildroot}%{_sbindir}/%{name} +install -d -m755 %{buildroot}/usr/src/%{name}/ +cp -av $HOME/go/src/%{project}/* %{buildroot}/usr/src/%{name}/ +# Man pages. install -d -m755 %{buildroot}%{_mandir}/man8 install -m644 man/man8/runc*.8 %{buildroot}%{_mandir}/man8 -%fdupes %{buildroot}/%{_prefix} +%fdupes %{buildroot} %post @@ -123,7 +160,6 @@ %defattr(-,root,root) %doc README.md LICENSE %{_sbindir}/%{name} - %{_mandir}/man8/runc*.8.gz %files test ++++++ bsc1053532-0001-makefile-drop-usage-of-install.patch ++++++ >From 6581d0f488b3bfa00760cc71c5f1fccfee302b0d Mon Sep 17 00:00:00 2001 From: Aleksa Sarai <[email protected]> Date: Mon, 14 Aug 2017 00:10:28 +1000 Subject: [PATCH] makefile: drop usage of --install The "go build -i" invocation may slightly help with incremental recompilation, but it will cause builds to fail if $GOROOT is not writeable by the current user. While this does appear to work sometimes, it's a concern for external build systems where "-i" causes build errors for no real gain. Given the size of the runc project, --install is not really giving us much anyway. SUSE-Bug: https://bugzilla.opensuse.org/show_bug.cgi?id=1053532 SUSE-Backport: https://github.com/opencontainers/runc/pull/1555 Signed-off-by: Aleksa Sarai <[email protected]> --- Makefile | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/Makefile b/Makefile index 6781ac74e8a0..dc13d2e5296e 100644 --- a/Makefile +++ b/Makefile @@ -2,6 +2,8 @@ localtest localunittest localintegration \ test unittest integration +GO := go + SOURCES := $(shell find . 2>&1 | grep -E '.*\.(c|h|go)$$') PREFIX := $(DESTDIR)/usr/local BINDIR := $(PREFIX)/sbin @@ -27,18 +29,18 @@ SHELL := $(shell command -v bash 2>/dev/null) .DEFAULT: runc runc: $(SOURCES) - go build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc . + $(GO) build $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc . all: runc recvtty recvtty: contrib/cmd/recvtty/recvtty contrib/cmd/recvtty/recvtty: $(SOURCES) - go build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty + $(GO) build $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty static: $(SOURCES) - CGO_ENABLED=1 go build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc . - CGO_ENABLED=1 go build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty + CGO_ENABLED=1 $(GO) build $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc . + CGO_ENABLED=1 $(GO) build $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty release: @flag_list=(seccomp selinux apparmor static); \ @@ -62,15 +64,15 @@ release: CGO_ENABLED=1; \ }; \ echo "Building target: $$output"; \ - go build -i $(EXTRA_FLAGS) -ldflags "$$ldflags $(EXTRA_LDFLAGS)" -tags "$$tags" -o "$$output" .; \ + $(GO) build $(EXTRA_FLAGS) -ldflags "$$ldflags $(EXTRA_LDFLAGS)" -tags "$$tags" -o "$$output" .; \ done dbuild: runcimage docker run --rm -v $(CURDIR):/go/src/$(PROJECT) --privileged $(RUNC_IMAGE) make clean all lint: - go vet $(allpackages) - go fmt $(allpackages) + $(GO) vet $(allpackages) + $(GO) fmt $(allpackages) man: man/md2man-all.sh @@ -88,7 +90,7 @@ unittest: runcimage docker run -e TESTFLAGS -t --privileged --rm -v $(CURDIR):/go/src/$(PROJECT) $(RUNC_IMAGE) make localunittest localunittest: all - go test -timeout 3m -tags "$(BUILDTAGS)" ${TESTFLAGS} -v $(allpackages) + $(GO) test -timeout 3m -tags "$(BUILDTAGS)" ${TESTFLAGS} -v $(allpackages) integration: runcimage docker run -e TESTFLAGS -t --privileged --rm -v $(CURDIR):/go/src/$(PROJECT) $(RUNC_IMAGE) make localintegration @@ -133,10 +135,10 @@ clean: validate: script/validate-gofmt - go vet $(allpackages) + $(GO) vet $(allpackages) ci: validate localtest # memoize allpackages, so that it's executed only once and only if used -_allpackages = $(shell go list ./... | grep -v vendor) +_allpackages = $(shell $(GO) list ./... | grep -v vendor) allpackages = $(if $(__allpackages),,$(eval __allpackages := $$(_allpackages)))$(__allpackages) -- 2.14.0 ++++++ runc-v1.0.0rc3+r133.tar.xz -> runc-v1.0.0rc4.tar.xz ++++++ ++++ 7338 lines of diff (skipped)
