Hello community, here is the log from the commit of package podman for openSUSE:Factory checked in at 2019-06-30 10:16:57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/podman (Old) and /work/SRC/openSUSE:Factory/.podman.new.4615 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "podman" Sun Jun 30 10:16:57 2019 rev:44 rq:712138 version:1.4.2 Changes: -------- --- /work/SRC/openSUSE:Factory/podman/podman.changes 2019-06-12 13:05:58.137191900 +0200 +++ /work/SRC/openSUSE:Factory/.podman.new.4615/podman.changes 2019-06-30 10:16:58.903198912 +0200 @@ -1,0 +2,47 @@ +Wed Jun 26 11:24:32 UTC 2019 - Robert Frohl <[email protected]> + +- Update podman to v1.4.2 + - Fixed a bug where Podman could not run containers using an older version of + Systemd as init + - Updated vendored Buildah to v1.9.0 to resolve a critical bug with + Dockerfile RUN instructions + - The error message for running podman kill on containers that are not + running has been improved + - Podman remote client can now log to a file if syslog is not available + - The podman exec command now sets its error code differently based on + whether the container does not exist, and the command in the container does + not exist + - The podman inspect command on containers now outputs Mounts JSON that matches + that of docker inspect, only including user-specified volumes and + differentiating bind mounts and named volumes + - The podman inspect command now reports the path to a container's OCI spec + with the OCIConfigPath key (only included when the container is initialized + or running) + - The podman run --mount command now supports the bind-nonrecursive option for + bind mounts + - Fixed a bug where podman play kube would fail to create containers due to an + unspecified log driver + - Fixed a bug where Podman would fail to build with musl libc + - Fixed a bug where rootless Podman using slirp4netns networking in an + environment with no nameservers on the host other than localhost would + result in nonfunctional networking + - Fixed a bug where podman import would not properly set environment + variables, discarding their values and retaining only keys + - Fixed a bug where Podman would fail to run when built with Apparmor support + but run on systems without the Apparmor kernel module loaded + - Remote Podman will now default the username it uses to log in to remote + systems to the username of the current user + - Podman now uses JSON logging with OCI runtimes that support it, allowing for + better error reporting + - Updated vendored containers/image to v2.0 +- Update conmon to v0.3.0 + - Support OOM Monitor under cgroup V2 + - Add config binary and make target for configuring conmon with a go library + for importing values + +------------------------------------------------------------------- +Mon Jun 24 09:36:12 UTC 2019 - Robert Frohl <[email protected]> + +- update dependency for slirp4netns to 0.3.0 or newer + +------------------------------------------------------------------- Old: ---- conmon-0.2.0.tar.xz podman-1.4.0.tar.xz New: ---- conmon-0.3.0.tar.xz podman-1.4.2.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ podman.spec ++++++ --- /var/tmp/diff_new_pack.iO2tEh/_old 2019-06-30 10:16:59.495199832 +0200 +++ /var/tmp/diff_new_pack.iO2tEh/_new 2019-06-30 10:16:59.495199832 +0200 @@ -18,13 +18,13 @@ %define project github.com/containers/libpod %define conmon_project conmon -%define conmonver 0.2.0 +%define conmonver 0.3.0 # Build with libostree-devel in Tumbleweed, Leap 15 and SLES 15 %if 0%{?suse_version} >= 1500 %define with_libostree 1 %endif Name: podman -Version: 1.4.0 +Version: 1.4.2 Release: 0 Summary: Daemon-less container engine for managing containers, pods and images License: Apache-2.0 @@ -65,7 +65,7 @@ Requires: libcontainers-image Requires: libcontainers-storage Requires: runc >= 1.0.0~rc4 -Requires: slirp4netns +Requires: slirp4netns >= 0.3.0 Requires: catatonit Requires: fuse-overlayfs Recommends: %{name}-cni-config = %{version} ++++++ _service ++++++ --- /var/tmp/diff_new_pack.iO2tEh/_old 2019-06-30 10:16:59.519199869 +0200 +++ /var/tmp/diff_new_pack.iO2tEh/_new 2019-06-30 10:16:59.519199869 +0200 @@ -4,8 +4,8 @@ <param name="url">https://github.com/containers/libpod.git</param> <param name="scm">git</param> <param name="filename">podman</param> -<param name="versionformat">1.4.0</param> -<param name="revision">v1.4.0</param> +<param name="versionformat">1.4.2</param> +<param name="revision">v1.4.2</param> </service> <service name="set_version" mode="disabled"> @@ -16,8 +16,8 @@ <param name="url">https://github.com/containers/conmon.git</param> <param name="scm">git</param> <param name="filename">conmon</param> -<param name="versionformat">0.2.0</param> -<param name="revision">v0.2.0</param> +<param name="versionformat">0.3.0</param> +<param name="revision">v0.3.0</param> </service> <service name="recompress" mode="disabled"> ++++++ conmon-0.2.0.tar.xz -> conmon-0.3.0.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/.cirrus.yml new/conmon-0.3.0/.cirrus.yml --- old/conmon-0.2.0/.cirrus.yml 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/.cirrus.yml 2019-06-13 17:14:13.000000000 +0200 @@ -16,39 +16,32 @@ PACKER_BASE: "./contrib/cirrus/packer" CRIO_REPO: "https://github.com/cri-o/cri-o.git"; CRIO_SLUG: "github.com/cri-o/cri-o" + # Spoof self as travis, as cirrus has the same test issues as travis does + TRAVIS: "true" #### - #### Cache-image names to test with + #### Image names to test with ### - # Note rhel tests are disabled because crio rpms haven't been found for them - # PRIOR_RHEL_CACHE_IMAGE_NAME: 'rhel-7-conmon-75ea13be' FEDORA_CACHE_IMAGE_NAME: 'fedora-29-conmon-75ea13be' - #PRIOR_FEDORA_CACHE_IMAGE_NAME: "fedora-28-notready" - #RHEL_CACHE_IMAGE_NAME: "rhel-8-notready" - #CENTOS_CACHE_IMAGE_NAME: "centos-7-notready" + FEDORA_CONTAINER_FQIN: 'registry.fedoraproject.org/fedora:29' + PRIOR_FEDORA_CONTAINER_FQIN: 'registry.fedoraproject.org/fedora:28' #### #### Variables for composing new cache-images (used in PR testing) from #### base-images (pre-existing in GCE) #### # CSV of cache-image names to build (see $PACKER_BASE/libpod_images.json) - PACKER_BUILDS: "fedora-29" # ,rhel-7" + PACKER_BUILDS: "fedora-29" # Version of packer to use PACKER_VER: "1.3.5" - # RHEL images require special access to cri-o and cri-tools packages - # RHEL_CRIO_BASEURL: "https://cbs.centos.org/repos/paas7-crio-311-candidate/x86_64/os/"; # Manually produced base-image names (see $SCRIPT_BASE/README.md) FEDORA_BASE_IMAGE: "fedora-cloud-base-29-1-2-1547237869" - # RHEL image must be imported, google bills extra for their native image. - # RHEL_BASE_IMAGE: "rhel-guest-image-7-6-210-1547237869" # Special image w/ nested-libvirt + tools for creating new cache and base images IMAGE_BUILDER_CACHE_IMAGE_NAME: "image-builder-image-1547237869" #### #### Credentials and other secret-sauces, decrypted at runtime when authorized. #### - # Command to register a RHEL VM to install/update packages - RHSM_COMMAND: ENCRYPTED[fb73fe0b1f8cf1608ba614c6e0861c89d86513e8b0bdbb9038d99916bcd69dece90507462d623989f9e3340c029d0fd3] # Needed to build GCE images, within a GCE VM SERVICE_ACCOUNT: ENCRYPTED[0aad0b5961402c8b8e4abd48fc4d4ac762f608f32e9169381b911d19699990df1a1441897ffa94def46ff73a19ba7577] # User ID for cirrus to ssh into VMs @@ -72,12 +65,14 @@ # testing for every platform integration_task: + depends_on: + - 'config' + gce_instance: # Generate multiple parallel tasks, covering all possible # 'matrix' combinations. matrix: # Images are generated separetly, from build_images_task (below) - # image_name: "${PRIOR_RHEL_CACHE_IMAGE_NAME}" image_name: "${FEDORA_CACHE_IMAGE_NAME}" env: @@ -95,8 +90,8 @@ # Runs within Cirrus's "community cluster" container: matrix: - image: "registry.fedoraproject.org/fedora:28" - image: "registry.fedoraproject.org/fedora:29" + image: "${FEDORA_CONTAINER_FQIN}" + image: "${PRIOR_FEDORA_CONTAINER_FQIN}" cpu: 4 memory: 12 @@ -107,10 +102,30 @@ - make -f .rpmbuild/Makefile - rpmbuild --rebuild conmon-*.src.rpm - dnf -y install ~/rpmbuild/RPMS/x86_64/conmon*.x86_64.rpm - - ls -l /usr/libexec/crio/conmon + - ls -l /usr/bin/conmon timeout_in: '20m' +# Verify calls to bin/config were saved +config_task: + env: + GOSRC: $CIRRUS_WORKING_DIR + # Runs within Cirrus's "community cluster" + container: + matrix: + # fedora:28 doesn't have go mod by default + # and we should only need one check to make sure + # config changes were synced + image: "${FEDORA_CONTAINER_FQIN}" + cpu: 4 + memory: 12 + + script: + - dnf install -y make glib2-devel git gcc rpm-build golang + - cd $CIRRUS_WORKING_DIR + - GO111MODULE=on go mod init github.com/containers/conmon + - make config + - ./hack/tree_status.sh # Test building of new cache-images for future PR testing, in this PR. # Output images will be stored only for a very short time, then automaticly deleted. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/.clang-format new/conmon-0.3.0/.clang-format --- old/conmon-0.2.0/.clang-format 1970-01-01 01:00:00.000000000 +0100 +++ new/conmon-0.3.0/.clang-format 2019-06-13 17:14:13.000000000 +0200 @@ -0,0 +1,116 @@ +--- +Language: Cpp +# BasedOnStyle: LLVM +AccessModifierOffset: -2 +AlignAfterOpenBracket: Align +AlignConsecutiveAssignments: false +AlignConsecutiveDeclarations: false +AlignEscapedNewlines: DontAlign +AlignOperands: true +AlignTrailingComments: true +AllowAllParametersOfDeclarationOnNextLine: false +AllowShortBlocksOnASingleLine: false +AllowShortCaseLabelsOnASingleLine: false +AllowShortFunctionsOnASingleLine: false +AllowShortIfStatementsOnASingleLine: false +AllowShortLoopsOnASingleLine: false +AlwaysBreakAfterDefinitionReturnType: None +AlwaysBreakAfterReturnType: None +AlwaysBreakBeforeMultilineStrings: true +AlwaysBreakTemplateDeclarations: MultiLine +BinPackArguments: true +BinPackParameters: true +BraceWrapping: + AfterClass: false + AfterControlStatement: false + AfterEnum: false + AfterFunction: false + AfterNamespace: false + AfterObjCDeclaration: false + AfterStruct: false + AfterUnion: false + AfterExternBlock: false + BeforeCatch: false + BeforeElse: false + IndentBraces: false + SplitEmptyFunction: true + SplitEmptyRecord: true + SplitEmptyNamespace: true +BreakBeforeBinaryOperators: NonAssignment +BreakBeforeBraces: Linux +BreakBeforeInheritanceComma: false +BreakInheritanceList: BeforeColon +BreakBeforeTernaryOperators: true +BreakConstructorInitializersBeforeComma: false +BreakConstructorInitializers: BeforeColon +BreakAfterJavaFieldAnnotations: false +BreakStringLiterals: false +ColumnLimit: 140 +CommentPragmas: '^ IWYU pragma:' +CompactNamespaces: false +ConstructorInitializerAllOnOneLineOrOnePerLine: false +ConstructorInitializerIndentWidth: 4 +ContinuationIndentWidth: 8 +Cpp11BracedListStyle: true +DerivePointerAlignment: false +DisableFormat: false +ExperimentalAutoDetectBinPacking: false +FixNamespaceComments: true +ForEachMacros: + - foreach + - Q_FOREACH + - BOOST_FOREACH +IncludeBlocks: Preserve +IncludeCategories: + - Regex: '^"(llvm|llvm-c|clang|clang-c)/' + Priority: 2 + - Regex: '^(<|"(gtest|gmock|isl|json)/)' + Priority: 3 + - Regex: '.*' + Priority: 1 +IncludeIsMainRegex: '(Test)?$' +IndentCaseLabels: false +IndentPPDirectives: None +IndentWidth: 8 +IndentWrappedFunctionNames: false +JavaScriptQuotes: Leave +JavaScriptWrapImports: true +KeepEmptyLinesAtTheStartOfBlocks: true +MacroBlockBegin: '' +MacroBlockEnd: '' +MaxEmptyLinesToKeep: 2 +NamespaceIndentation: None +ObjCBinPackProtocolList: Auto +ObjCBlockIndentWidth: 2 +ObjCSpaceAfterProperty: false +ObjCSpaceBeforeProtocolList: true +PenaltyBreakAssignment: 2 +PenaltyBreakBeforeFirstCallParameter: 19 +PenaltyBreakComment: 300 +PenaltyBreakFirstLessLess: 120 +PenaltyBreakString: 1000 +PenaltyBreakTemplateDeclaration: 10 +PenaltyExcessCharacter: 1000000 +PenaltyReturnTypeOnItsOwnLine: 60 +PointerAlignment: Right +ReflowComments: true +SortIncludes: false +SortUsingDeclarations: true +SpaceAfterCStyleCast: false +SpaceAfterTemplateKeyword: true +SpaceBeforeAssignmentOperators: true +SpaceBeforeCpp11BracedList: false +SpaceBeforeCtorInitializerColon: true +SpaceBeforeInheritanceColon: true +SpaceBeforeParens: ControlStatements +SpaceBeforeRangeBasedForLoopColon: true +SpaceInEmptyParentheses: false +SpacesBeforeTrailingComments: 1 +SpacesInAngles: false +SpacesInContainerLiterals: true +SpacesInCStyleCastParentheses: false +SpacesInParentheses: false +SpacesInSquareBrackets: false +Standard: Cpp11 +TabWidth: 8 +UseTab: Always diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/LICENSE new/conmon-0.3.0/LICENSE --- old/conmon-0.2.0/LICENSE 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/LICENSE 2019-06-13 17:14:13.000000000 +0200 @@ -186,7 +186,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright {yyyy} {name of copyright owner} + Copyright 2018-2019 github.com/containers authors Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/Makefile new/conmon-0.3.0/Makefile --- old/conmon-0.2.0/Makefile 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/Makefile 2019-06-13 17:14:13.000000000 +0200 @@ -1,20 +1,31 @@ -include Makefile.inc - -GIT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD 2>/dev/null) -GIT_BRANCH_CLEAN := $(shell echo $(GIT_BRANCH) | sed -e "s/[^[:alnum:]]/-/g") VERSION := $(shell cat VERSION) -PREFIX ?= ${DESTDIR}/usr/local +PREFIX ?= /usr/local BINDIR ?= ${PREFIX}/bin LIBEXECDIR ?= ${PREFIX}/libexec -MANDIR ?= ${PREFIX}/share/man -ETCDIR ?= ${DESTDIR}/etc +GO ?= go +PROJECT := github.com/containers/conmon + + -.PHONY: all -all: bin bin/conmon +.PHONY: all git-vars +all: git-vars bin bin/conmon + +git-vars: +ifneq ($(wildcard .git),) + $(eval COMMIT_NO :=$(shell git rev-parse HEAD 2> /dev/null || true)) + $(eval GIT_COMMIT := $(if $(shell git status --porcelain --untracked-files=no),"${COMMIT_NO}-dirty","${COMMIT_NO}")) + $(eval GIT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD 2>/dev/null)) + $(eval GIT_BRANCH_CLEAN := $(shell echo $(GIT_BRANCH) | sed -e "s/[^[:alnum:]]/-/g")) +else + $(eval COMMIT_NO := unknown) + $(eval GIT_COMMIT := unknown) + $(eval GIT_BRANCH := unknown) + $(eval GIT_BRANCH_CLEAN := unknown) +endif override LIBS += $(shell pkg-config --libs glib-2.0) -CFLAGS ?= -std=c99 -Os -Wall -Wextra +CFLAGS ?= -std=c99 -Os -Wall -Wextra -Werror override CFLAGS += $(shell pkg-config --cflags glib-2.0) -DVERSION=\"$(VERSION)\" -DGIT_COMMIT=\"$(GIT_COMMIT)\" # Conditionally compile journald logging code if the libraries can be found @@ -37,6 +48,10 @@ %.o: %.c $(CC) $(CFLAGS) -o $@ -c $< +config: git-vars cmd/conmon-config/conmon-config.go runner/config/config.go runner/config/config_unix.go runner/config/config_windows.go + $(GO) build $(LDFLAGS) -tags "$(BUILDTAGS)" -o bin/config $(PROJECT)/cmd/conmon-config + ( cd src && $(CURDIR)/bin/config ) + src/cmsg.o: src/cmsg.c src/cmsg.h src/utils.o: src/utils.c src/utils.h @@ -53,8 +68,23 @@ rm -f bin/conmon src/*.o rmdir bin -.PHONY: install install.bin +.PHONY: install install.bin install.crio install.podman podman crio install: install.bin +podman: install.podman + +crio: install.crio + install.bin: bin/conmon - install ${SELINUXOPT} -D -m 755 bin/conmon $(LIBEXECDIR)/crio/conmon + install ${SELINUXOPT} -D -m 755 bin/conmon $(DESTDIR)$(BINDIR)/conmon + +install.crio: bin/conmon + install ${SELINUXOPT} -D -m 755 bin/conmon $(DESTDIR)$(LIBEXECDIR)/crio/conmon + +install.podman: bin/conmon + install ${SELINUXOPT} -D -m 755 bin/conmon $(DESTDIR)$(LIBEXECDIR)/podman/conmon + +.PHONY: fmt +fmt: + find . '(' -name '*.h' -o -name '*.c' ')' -exec clang-format -i {} \+ + git diff --exit-code diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/Makefile.inc new/conmon-0.3.0/Makefile.inc --- old/conmon-0.2.0/Makefile.inc 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/Makefile.inc 1970-01-01 01:00:00.000000000 +0100 @@ -1,2 +0,0 @@ -COMMIT_NO := $(shell git rev-parse HEAD 2> /dev/null || true) -GIT_COMMIT := $(if $(shell git status --porcelain --untracked-files=no),"${COMMIT_NO}-dirty","${COMMIT_NO}") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/VERSION new/conmon-0.3.0/VERSION --- old/conmon-0.2.0/VERSION 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/VERSION 2019-06-13 17:14:13.000000000 +0200 @@ -1 +1 @@ -0.2.0 +0.3.0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/cmd/conmon-config/conmon-config.go new/conmon-0.3.0/cmd/conmon-config/conmon-config.go --- old/conmon-0.2.0/cmd/conmon-config/conmon-config.go 1970-01-01 01:00:00.000000000 +0100 +++ new/conmon-0.3.0/cmd/conmon-config/conmon-config.go 2019-06-13 17:14:13.000000000 +0200 @@ -0,0 +1,24 @@ +package main + +import ( + "fmt" + "io/ioutil" + + "github.com/containers/conmon/runner/config" +) + +func main() { + output := ` +#if !defined(CONFIG_H) +#define CONFIG_H + +#define BUF_SIZE %d +#define STDIO_BUF_SIZE %d +#define DEFAULT_SOCKET_PATH "%s" + +#endif // CONFIG_H +` + if err := ioutil.WriteFile("config.h", []byte(fmt.Sprintf(output, config.BufSize, config.BufSize, config.ContainerAttachSocketDir)), 0644); err != nil { + fmt.Errorf(err.Error()) + } +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/contrib/cirrus/README.md new/conmon-0.3.0/contrib/cirrus/README.md --- old/conmon-0.2.0/contrib/cirrus/README.md 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/contrib/cirrus/README.md 2019-06-13 17:14:13.000000000 +0200 @@ -101,15 +101,6 @@ or [end-user credentials](https://cloud.google.com/docs/authentication/end-user#creating_your_client_credentials] - * ``RHEL_IMAGE_FILE`` and ``RHEL_CSUM_FILE`` complete paths - to a `rhel-server*.qcow2` and it's cooresponding - checksum file. These must be supplied manually because - they're not available directly via URL like other images. - - * ``RHSM_COMMAND`` contains the complete string needed to register - the VM for installing package dependencies. The VM will be de-registered - upon completion. - * CSV's of builders to use must be specified to ``PACKER_BUILDS`` to limit the base-images produced. For example, ``PACKER_BUILDS=fedora,image-builder-image``. @@ -144,8 +135,6 @@ ``` $ make conmon_base_images GCP_PROJECT_ID=<VALUE> \ GOOGLE_APPLICATION_CREDENTIALS=<VALUE> \ - RHEL_IMAGE_FILE=<VALUE> \ - RHEL_CSUM_FILE=<VALUE> \ PACKER_BUILDS=<OPTIONAL> ``` diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/contrib/cirrus/build_vm_images.sh new/conmon-0.3.0/contrib/cirrus/build_vm_images.sh --- old/conmon-0.2.0/contrib/cirrus/build_vm_images.sh 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/contrib/cirrus/build_vm_images.sh 2019-06-13 17:14:13.000000000 +0200 @@ -15,16 +15,13 @@ PACKER_BASE $PACKER_BASE PACKER_VER $PACKER_VER PACKER_BUILDS $PACKER_BUILDS -RHEL_CRIO_BASEURL $RHEL_CRIO_BASEURL BUILT_IMAGE_SUFFIX $BUILT_IMAGE_SUFFIX CRIO_REPO $CRIO_REPO CRIO_SLUG $CRIO_SLUG FEDORA_BASE_IMAGE $FEDORA_BASE_IMAGE -RHEL_BASE_IMAGE $RHEL_BASE_IMAGE -RHSM_COMMAND $RHSM_COMMAND SERVICE_ACCOUNT $SERVICE_ACCOUNT GCE_SSH_USERNAME $GCE_SSH_USERNAME GCP_PROJECT_ID $GCP_PROJECT_ID @@ -58,11 +55,9 @@ PACKER_BASE=$PACKER_BASE \ PACKER_VER=$PACKER_VER \ PACKER_BUILDS=$PACKER_BUILDS \ - RHEL_CRIO_BASEURL=$RHEL_CRIO_BASEURL \ BUILT_IMAGE_SUFFIX=$BUILT_IMAGE_SUFFIX \ CRIO_REPO=$CRIO_REPO \ CRIO_SLUG=$CRIO_SLUG \ - RHEL_BASE_IMAGE=$RHEL_BASE_IMAGE \ FEDORA_BASE_IMAGE=$FEDORA_BASE_IMAGE \ POST_MERGE_BUCKET_SUFFIX=$POST_MERGE_BUCKET_SUFFIX diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/contrib/cirrus/integration_test.sh new/conmon-0.3.0/contrib/cirrus/integration_test.sh --- old/conmon-0.2.0/contrib/cirrus/integration_test.sh 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/contrib/cirrus/integration_test.sh 2019-06-13 17:14:13.000000000 +0200 @@ -12,15 +12,11 @@ cd "$GOSRC" case "$OS_REL_VER" in - fedora-29) ;& - rhel-7) - PATCH1="$SRC/$SCRIPT_BASE/network_bats.patch" - PATCH2="$SRC/$SCRIPT_BASE/spoof_travis.patch" + fedora-29) + PATCH="$SRC/$SCRIPT_BASE/network_bats.patch" cd "$GOSRC" - echo "WARNING: Applying $PATCH1" - git apply --index --apply --ignore-space-change --recount "$PATCH1" - echo "WARNING: Applying $PATCH2" - git apply --index --apply --ignore-space-change --recount "$PATCH2" + echo "WARNING: Applying $PATCH" + git apply --index --apply --ignore-space-change --recount "$PATCH" ;; *) bad_os_id_ver ;; esac @@ -34,4 +30,4 @@ echo "Executing cri-o integration tests (typical 10 - 20 min)" cd "$GOSRC" -timeout --foreground --kill-after=90m 60m ./test/test_runner.sh +timeout --foreground --kill-after=5m 60m ./test/test_runner.sh diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/contrib/cirrus/lib.sh new/conmon-0.3.0/contrib/cirrus/lib.sh --- old/conmon-0.2.0/contrib/cirrus/lib.sh 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/contrib/cirrus/lib.sh 2019-06-13 17:14:13.000000000 +0200 @@ -162,38 +162,13 @@ _finalize } -rhel_exit_handler() { - set +ex - req_env_var " - RHSMCMD $RHSMCMD - " - cd / - sudo rm -rf "$RHSMCMD" - sudo subscription-manager unsubscribe --all - sudo subscription-manager remove --all - sudo subscription-manager unregister - sudo subscription-manager clean -} - -rhsm_enable() { - req_env_var " - RHSM_COMMAND $RHSM_COMMAND - " - export RHSMCMD="$(mktemp)" - trap "rhel_exit_handler" EXIT - # Avoid logging sensitive details - echo "$RHSM_COMMAND" > "$RHSMCMD" - ooe.sh sudo bash "$RHSMCMD" - sudo rm -rf "$RHSMCMD" -} - setup_gopath() { req_env_var " CRIO_REPO $CRIO_REPO CRIO_SLUG $CRIO_SLUG " echo "Configuring persistent Go environment for all users" - sudo mkdir -p /var/tmp/go/src # Works with atomic + sudo mkdir -p /var/tmp/go/src sudo chown -R $USER:$USER /var/tmp/go sudo chmod g=rws /var/tmp/go ENVLIB=/etc/profile.d/go.sh @@ -284,7 +259,7 @@ NEWNAME=.original_packaged_conmon echo "Renaming conmon binaries from RPMs" - find /usr/libexec -type f -name conmon | + find /usr -type f -name conmon | while read CONMON_FILEPATH do NEWPATH="$(dirname $CONMON_FILEPATH)/$NEWNAME" @@ -296,8 +271,8 @@ ooe.sh make echo "Installing conmon" - ooe.sh sudo make install PREFIX=/usr + ooe.sh sudo make crio PREFIX=/usr # Use same version for podman in case ever needed ooe.sh sudo ln -fv /usr/libexec/crio/conmon /usr/libexec/podman/conmon - ooe.sh sudo restorecon -R /usr/libexec + ooe.sh sudo restorecon -R /usr/bin } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/contrib/cirrus/packer/Makefile new/conmon-0.3.0/contrib/cirrus/packer/Makefile --- old/conmon-0.2.0/contrib/cirrus/packer/Makefile 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/contrib/cirrus/packer/Makefile 2019-06-13 17:14:13.000000000 +0200 @@ -62,18 +62,12 @@ ifndef GCE_SSH_USERNAME $(error GCE_SSH_USERNAME is undefined, expected user with ssh access to base-image.) endif -ifndef RHSM_COMMAND - $(error RHSM_COMMAND is undefined, expected complete command-line to register/subscribe RHEL VM.) -endif ifndef SERVICE_ACCOUNT $(error SERVICE_ACCOUNT is undefined, expected GCE service account name for managing VMs.) endif ifndef BUILT_IMAGE_SUFFIX $(error BUILT_IMAGE_SUFFIX is undefined, expected suffix string to make produced image names unique.) endif -ifndef RHEL_CRIO_BASEURL - $(error RHEL_CRIO_BASEURL is undefined, expected yum repository baseurl for cri-o and cri-tools packages.) -endif ifndef CRIO_REPO $(error CRIO_REPO is undefined, expected URL to CRI-O repository to use) endif @@ -83,9 +77,6 @@ ifndef FEDORA_BASE_IMAGE $(error FEDORA_BASE_IMAGE is undefined, expected name of existing base-image.) endif -ifndef RHEL_BASE_IMAGE - $(error RHEL_BASE_IMAGE is undefined, expected name of existing base-image.) -endif .PHONY: base_image_checkenv base_image_checkenv: check_common_env @@ -95,32 +86,19 @@ ifndef GOOGLE_APPLICATION_CREDENTIALS $(error GOOGLE_APPLICATION_CREDENTIALS is undefined, expected path to JSON file. See https://cloud.google.com/docs/authentication/end-user#creating_your_client_credentials) endif -ifndef RHEL_IMAGE_FILE - $(error RHEL_IMAGE_FILE is undefined, expected full path to a rhel-server-ec2-*.raw.xz file) -endif -ifndef RHEL_CSUM_FILE - $(error RHEL_CSUM_FILE is undefined, expected full path to a rhel-server-ec2-*.raw.xz.SHA256SUM file) -endif -ifndef RHSM_COMMAND - $(error RHSM_COMMAND is undefined, expected string required for temporarily registering VM) -endif - .PHONY: conmon_images conmon_images: cache_image_checkenv conmon_images.json packer @GCE_SSH_USERNAME=${GCE_SSH_USERNAME} \ GCP_PROJECT_ID=${GCP_PROJECT_ID} \ - RHSM_COMMAND="${RHSM_COMMAND}" \ SERVICE_ACCOUNT="${SERVICE_ACCOUNT}" \ ./packer build -only=${PACKER_BUILDS} \ -var SRC=${SRC} \ -var SCRIPT_BASE=${SCRIPT_BASE} \ -var PACKER_BASE=${PACKER_BASE} \ - -var RHEL_CRIO_BASEURL=${RHEL_CRIO_BASEURL} \ -var BUILT_IMAGE_SUFFIX=${BUILT_IMAGE_SUFFIX} \ -var CRIO_REPO=${CRIO_REPO} \ -var CRIO_SLUG=${CRIO_SLUG} \ - -var RHEL_BASE_IMAGE=${RHEL_BASE_IMAGE} \ -var FEDORA_BASE_IMAGE=${FEDORA_BASE_IMAGE} \ conmon_images.json @echo "" @@ -150,7 +128,6 @@ conmon_base_images: base_image_checkenv conmon_base_images.json cidata.iso cidata.ssh packer @PACKER_CACHE_DIR=/tmp \ GOOGLE_APPLICATION_CREDENTIALS="${GOOGLE_APPLICATION_CREDENTIALS}" \ - RHSM_COMMAND="${RHSM_COMMAND}" \ GCP_PROJECT_ID=${GCP_PROJECT_ID} \ ./packer build \ -var TIMESTAMP=${TIMESTAMP} \ @@ -158,9 +135,6 @@ -var SRC=${SRC} \ -var PACKER_BASE=${PACKER_BASE} \ -var SCRIPT_BASE=${SCRIPT_BASE} \ - -var RHEL_BASE_IMAGE_NAME=$(shell basename ${RHEL_IMAGE_FILE} | tr -d '[[:space:]]' | sed -r -e 's/\.x86_64\.qcow2//' | tr '[[:upper:]]' '[[:lower:]]' | tr '[[:punct:]]' '-') \ - -var RHEL_IMAGE_FILE=${RHEL_IMAGE_FILE} \ - -var RHEL_CSUM_FILE=${RHEL_CSUM_FILE} \ -only ${PACKER_BUILDS} \ conmon_base_images.json @echo "" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/contrib/cirrus/packer/conmon_base_images.yml new/conmon-0.3.0/contrib/cirrus/packer/conmon_base_images.yml --- old/conmon-0.2.0/contrib/cirrus/packer/conmon_base_images.yml 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/contrib/cirrus/packer/conmon_base_images.yml 2019-06-13 17:14:13.000000000 +0200 @@ -11,14 +11,8 @@ TIMESTAMP: # Required for output from qemu builders TTYDEV: - # RHEL images require click-through agreements to obtain (required) - RHEL_BASE_IMAGE_NAME: - RHEL_IMAGE_FILE: - RHEL_CSUM_FILE: # These are also required, but come in via env-vars to protect contents - # RHEL requires a subscription to install/update packages - RHSM_COMMAND: '{{env `RHSM_COMMAND`}}' # Path to json file (required, likely ~/.config/gcloud/legacy_credentials/*/adc.json) GOOGLE_APPLICATION_CREDENTIALS: '{{env `GOOGLE_APPLICATION_CREDENTIALS`}}' # The complete project ID (required, not the short name) @@ -38,7 +32,6 @@ sensitive-variables: - 'GOOGLE_APPLICATION_CREDENTIALS' - 'GCP_PROJECT_ID' - - 'RHSM_COMMAND' # What images to produce in which cloud builders: @@ -97,12 +90,6 @@ ssh_private_key_file: 'cidata.ssh' ssh_username: 'root' - - <<: *nested_virt - name: 'rhel' - iso_url: 'file://{{user `RHEL_IMAGE_FILE`}}' - iso_checksum_url: 'file://{{user `RHEL_CSUM_FILE`}}' - disk_size: 10240 - provisioners: - type: 'shell' inline: @@ -132,7 +119,6 @@ - 'SRC=/tmp/conmon' - 'SCRIPT_BASE={{user `SCRIPT_BASE`}}' - 'PACKER_BASE={{user `PACKER_BASE`}}' - - 'RHSM_COMMAND={{user `RHSM_COMMAND`}}' - <<: *shell_script inline: ['{{user `SRC`}}/{{user `PACKER_BASE`}}/{{build_name}}_base-setup.sh'] @@ -143,7 +129,7 @@ post-processors: - - type: "compress" - only: ['fedora', 'rhel'] + only: ['fedora'] output: '/tmp/{{build_name}}/disk.raw.tar.gz' format: '.tar.gz' compression_level: 9 @@ -157,9 +143,4 @@ image_name: "{{user `FEDORA_BASE_IMAGE_NAME`}}-{{user `TIMESTAMP`}}" image_description: 'Based on {{user `FEDORA_IMAGE_URL`}}' image_family: '{{user `FEDORA_BASE_IMAGE_NAME`}}' - - <<: *gcp_import - only: ['rhel'] - image_name: "{{user `RHEL_BASE_IMAGE_NAME`}}-{{user `TIMESTAMP`}}" - image_description: 'Based on {{user `RHEL_IMAGE_FILE`}}' - image_family: '{{user `RHEL_BASE_IMAGE_NAME`}}' - type: 'manifest' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/contrib/cirrus/packer/conmon_images.yml new/conmon-0.3.0/contrib/cirrus/packer/conmon_images.yml --- old/conmon-0.2.0/contrib/cirrus/packer/conmon_images.yml 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/contrib/cirrus/packer/conmon_images.yml 2019-06-13 17:14:13.000000000 +0200 @@ -6,16 +6,13 @@ SRC: SCRIPT_BASE: PACKER_BASE: - RHEL_CRIO_BASEURL: BUILT_IMAGE_SUFFIX: CRIO_REPO: CRIO_SLUG: FEDORA_BASE_IMAGE: - RHEL_BASE_IMAGE: # Protected credentials, decrypted by Cirrus at runtime GCE_SSH_USERNAME: '{{env `GCE_SSH_USERNAME`}}' GCP_PROJECT_ID: '{{env `GCP_PROJECT_ID`}}' - RHSM_COMMAND: '{{env `RHSM_COMMAND`}}' SERVICE_ACCOUNT: '{{env `SERVICE_ACCOUNT`}}' # Used to separate images produced during PR testing from those # produced from post-merge testing. Must be empty for PR testing. @@ -25,18 +22,15 @@ sensitive-variables: - 'GCE_SSH_USERNAME' - 'GCP_PROJECT_ID' - - 'RHSM_COMMAND' - 'SERVICE_ACCOUNT' # What images to produce in which cloud builders: - # v----- is a YAML anchor, allows referencing this object by name (below) - - &gce_hosted_image - name: 'rhel-7' + - name: 'fedora-29' type: 'googlecompute' image_name: '{{build_name}}{{user `BUILT_IMAGE_SUFFIX`}}' image_family: '{{build_name}}-conmon' - source_image: '{{user `RHEL_BASE_IMAGE`}}' + source_image: '{{user `FEDORA_BASE_IMAGE`}}' disk_size: 20 project_id: '{{user `GCP_PROJECT_ID`}}' service_account_email: '{{user `SERVICE_ACCOUNT`}}' @@ -46,11 +40,6 @@ # The only supported zone in Cirrus-CI, as of addition of this comment zone: 'us-central1-f' - # v----- is a YAML alias, allows partial re-use of the anchor object - - <<: *gce_hosted_image - name: 'fedora-29' - source_image: '{{user `FEDORA_BASE_IMAGE`}}' - # The brains of the operation, making actual modifications to the base-image. provisioners: - type: 'file' @@ -63,8 +52,6 @@ - 'SRC=/tmp/conmon' - 'SCRIPT_BASE={{user `SCRIPT_BASE`}}' - 'PACKER_BASE={{user `PACKER_BASE`}}' - - 'RHEL_CRIO_BASEURL={{user `RHEL_CRIO_BASEURL`}}' - - 'RHSM_COMMAND={{user `RHSM_COMMAND`}}' - 'BUILT_IMAGE_SUFFIX={{user `BUILT_IMAGE_SUFFIX`}}' - 'CRIO_REPO={{user `CRIO_REPO`}}' - 'CRIO_SLUG={{user `CRIO_SLUG`}}' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/contrib/cirrus/packer/rhel_base-setup.sh new/conmon-0.3.0/contrib/cirrus/packer/rhel_base-setup.sh --- old/conmon-0.2.0/contrib/cirrus/packer/rhel_base-setup.sh 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/contrib/cirrus/packer/rhel_base-setup.sh 1970-01-01 01:00:00.000000000 +0100 @@ -1,59 +0,0 @@ -#!/bin/bash - -# N/B: This script is not intended to be run by humans. It is used to configure the -# rhel base image for importing, so that it will boot in GCE - -set -e - -[[ "$1" == "post" ]] || exit 0 # pre stage is not needed - -# Load in library (copied by packer, before this script was run) -source $SRC/$SCRIPT_BASE/lib.sh - -req_env_var " - SRC $SRC - RHSM_COMMAND $RHSM_COMMAND -" - -install_ooe - -rhsm_enable - -echo "Setting up repos" -ooe.sh sudo yum -y update -# Frequently needed -ooe.sh sudo yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm - -# Required for google to manage ssh keys -ooe.sh sudo tee /etc/yum.repos.d/google-cloud-sdk.repo << EOM -[google-cloud-compute] -name=google-cloud-compute -baseurl=https://packages.cloud.google.com/yum/repos/google-cloud-compute-el7-x86_64 -enabled=1 -gpgcheck=1 -repo_gpgcheck=1 -gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg - https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg -EOM - -echo "Installing/removing packages" -ooe.sh sudo yum -y install google-compute-engine google-compute-engine-oslogin rng-tools -ooe.sh sudo yum -y erase "cloud-init" "rh-amazon-rhui-client*" || true - -echo "Enabling google services and rngd" -for service in google-accounts-daemon \ - google-clock-skew-daemon \ - google-instance-setup \ - google-network-daemon \ - google-shutdown-scripts \ - google-startup-scripts \ - rngd; -do - sudo systemctl enable $service -done - -rhel_exit_handler # release subscription! - -rh_finalize - -echo "SUCCESS!" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/contrib/cirrus/packer/rhel_setup.sh new/conmon-0.3.0/contrib/cirrus/packer/rhel_setup.sh --- old/conmon-0.2.0/contrib/cirrus/packer/rhel_setup.sh 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/contrib/cirrus/packer/rhel_setup.sh 1970-01-01 01:00:00.000000000 +0100 @@ -1,139 +0,0 @@ -#!/bin/bash - -# This script is called by packer on the subject CentOS VM, to setup the conmon -# build/test environment. It's not intended to be used outside of this context. - -set -e - -# Load in library (copied by packer, before this script was run) -source $SRC/$SCRIPT_BASE/lib.sh - -req_env_var " - SRC $SRC - SCRIPT_BASE $SCRIPT_BASE - PACKER_BASE $PACKER_BASE - RHEL_CRIO_BASEURL $RHEL_CRIO_BASEURL - BUILT_IMAGE_SUFFIX $BUILT_IMAGE_SUFFIX - CRIO_REPO $CRIO_REPO - CRIO_SLUG $CRIO_SLUG -" - -install_ooe - -rhsm_enable - -echo "Enabling OpenShift 3.11" -ooe.sh sudo subscription-manager refresh -ooe.sh sudo subscription-manager attach --pool=8a85f98960dbf6510160df23e3367451 - -echo "Isolating repositories" - -ooe.sh sudo subscription-manager repos "--disable=*" -ooe.sh sudo subscription-manager repos \ - --enable=rhel-7-server-rpms \ - --enable=rhel-7-server-optional-rpms \ - --enable=rhel-7-server-extras-rpms \ - --enable=rhel-server-rhscl-7-rpms \ - --enable=rhel-7-server-ose-3.11-rpms - -echo "Updating packages" - -ooe.sh sudo yum -y update - -echo "Installing dependencies" - -ooe.sh sudo yum -y install \ - PyYAML \ - atomic-registries \ - buildah \ - container-selinux \ - containernetworking-plugins \ - cri-o \ - cri-tools \ - curl \ - device-mapper-devel \ - e2fsprogs-devel \ - expect \ - findutils \ - gcc \ - glib2-devel \ - glibc-devel \ - glibc-static \ - golang \ - gpgme \ - gpgme-devel \ - grubby \ - hostname \ - iproute \ - iptables \ - krb5-workstation \ - kubernetes \ - libassuan \ - libassuan-devel \ - libblkid-devel \ - libffi-devel \ - libgpg-error-devel \ - libguestfs-tools \ - libseccomp-devel \ - libselinux-devel \ - libselinux-python \ - libsemanage-python \ - libvirt-client \ - libvirt-python \ - libxml2-devel \ - libxslt-devel \ - make \ - mlocate \ - nfs-utils \ - nmap-ncat \ - oci-register-machine \ - oci-systemd-hook \ - oci-umount \ - openssl \ - openssl-devel \ - ostree-devel \ - pkgconfig \ - podman \ - policycoreutils \ - python \ - python-devel \ - python-rhsm-certificates \ - python-virtualenv \ - python2-crypto \ - python34 \ - python34-PyYAML \ - redhat-rpm-config \ - rpcbind \ - rsync \ - runc \ - sed \ - skopeo-containeras \ - socat \ - tar \ - vim \ - wget \ - zlib-devel - -setup_gopath - -install_scl_git - -install_crio_repo # git-repo for test-content - -match_crio_tag # git repo to cri-o rpm version - -# Include quota support kernel command line option -echo "Adding rootflags=pquota kernel argument" -ooe.sh sudo grubby --update-kernel=ALL --args="rootflags=pquota" - -echo "Enabling localnet routing" -echo "net.ipv4.conf.all.route_localnet = 1" | sudo tee /etc/sysctl.d/route_localnet.conf - -echo "Enabling container management of cgroups" -ooe.sh sudo setsebool -P container_manage_cgroup 1 - -rhel_exit_handler - -rh_finalize - -echo "SUCCESS!" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/contrib/cirrus/setup_environment.sh new/conmon-0.3.0/contrib/cirrus/setup_environment.sh --- old/conmon-0.2.0/contrib/cirrus/setup_environment.sh 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/contrib/cirrus/setup_environment.sh 2019-06-13 17:14:13.000000000 +0200 @@ -64,8 +64,7 @@ setup_gopath case "$OS_REL_VER" in - fedora-29) ;& # Continue to the next item - rhel-7) + fedora-29) match_crio_tag # in case it changed and to display version install_testing_deps build_and_replace_conmon diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/contrib/cirrus/spoof_travis.patch new/conmon-0.3.0/contrib/cirrus/spoof_travis.patch --- old/conmon-0.2.0/contrib/cirrus/spoof_travis.patch 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/contrib/cirrus/spoof_travis.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,13 +0,0 @@ -diff --git a/test/ctr.bats b/test/ctr.bats -index d2945c3da..bc8f39a91 100644 ---- a/test/ctr.bats -+++ b/test/ctr.bats -@@ -1075,7 +1075,7 @@ function teardown() { - } - - @test "ctr oom" { -- if [[ "$TRAVIS" == "true" ]]; then -+ if [[ "true" == "true" ]]; then - skip "travis container tests don't support testing OOM" - fi - start_crio diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/contrib/spec/conmon.spec.in new/conmon-0.3.0/contrib/spec/conmon.spec.in --- old/conmon-0.2.0/contrib/spec/conmon.spec.in 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/contrib/spec/conmon.spec.in 2019-06-13 17:14:13.000000000 +0200 @@ -45,7 +45,7 @@ %files %license LICENSE %doc README.md -%{_libexecdir}/crio/%{name} +%{_usr}/bin/%{name} %changelog * Mon Oct 01 2018 Lokesh Mandvekar <[email protected]> - 0-0.1.gite7805e2 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/hack/tree_status.sh new/conmon-0.3.0/hack/tree_status.sh --- old/conmon-0.2.0/hack/tree_status.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/conmon-0.3.0/hack/tree_status.sh 2019-06-13 17:14:13.000000000 +0200 @@ -0,0 +1,17 @@ +#!/bin/bash +# this script is based off of the similarly named in github.com/containers/libpod/hack/tree_status.sh + +set -e + +SUGGESTION="${SUGGESTION:-call 'make config' and commit all changes.}" + +STATUS=$(git status --porcelain) +if [[ -z $STATUS ]] +then + echo "tree is clean" +else + echo "tree is dirty, please $SUGGESTION" + echo "" + echo "$STATUS" + exit 1 +fi diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/runner/config/config.go new/conmon-0.3.0/runner/config/config.go --- old/conmon-0.2.0/runner/config/config.go 1970-01-01 01:00:00.000000000 +0100 +++ new/conmon-0.3.0/runner/config/config.go 2019-06-13 17:14:13.000000000 +0200 @@ -0,0 +1,6 @@ +package config + +const ( + // BufSize is the size of buffers passed in to sockets + BufSize = 8192 +) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/runner/config/config_unix.go new/conmon-0.3.0/runner/config/config_unix.go --- old/conmon-0.2.0/runner/config/config_unix.go 1970-01-01 01:00:00.000000000 +0100 +++ new/conmon-0.3.0/runner/config/config_unix.go 2019-06-13 17:14:13.000000000 +0200 @@ -0,0 +1,7 @@ +// +build !windows + +package config + +const ( + ContainerAttachSocketDir = "/var/run/crio" +) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/runner/config/config_windows.go new/conmon-0.3.0/runner/config/config_windows.go --- old/conmon-0.2.0/runner/config/config_windows.go 1970-01-01 01:00:00.000000000 +0100 +++ new/conmon-0.3.0/runner/config/config_windows.go 2019-06-13 17:14:13.000000000 +0200 @@ -0,0 +1,7 @@ +// +build windows + +package config + +const ( + ContainerAttachSocketDir = "C:\\crio\\run\\" +) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/src/cmsg.c new/conmon-0.3.0/src/cmsg.c --- old/conmon-0.2.0/src/cmsg.c 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/src/cmsg.c 2019-06-13 17:14:13.000000000 +0200 @@ -66,7 +66,7 @@ /* * We need to send some other data along with the ancillary data, - * otherwise the other side won't recieve any data. This is very + * otherwise the other side won't receive any data. This is very * well-hidden in the documentation (and only applies to * SOCK_STREAM). See the bottom part of unix(7). */ @@ -119,7 +119,7 @@ error("recvfd: failed to allocate file.tag buffer"); /* - * We need to "recieve" the non-ancillary data even though we don't + * We need to "receive" the non-ancillary data even though we don't * plan to use it at all. Otherwise, things won't work as expected. * See unix(7) and other well-hidden documentation. */ @@ -149,7 +149,7 @@ fdptr = (int *)CMSG_DATA(cmsg); if (!fdptr || *fdptr < 0) - error("recvfd: recieved invalid pointer"); + error("recvfd: received invalid pointer"); file.fd = *fdptr; return file; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-0.2.0/src/conmon.c new/conmon-0.3.0/src/conmon.c --- old/conmon-0.2.0/src/conmon.c 2019-05-21 17:59:48.000000000 +0200 +++ new/conmon-0.3.0/src/conmon.c 2019-06-13 17:14:13.000000000 +0200 @@ -24,6 +24,7 @@ #include <inttypes.h> #include <sys/statfs.h> #include <linux/magic.h> +#include <sys/inotify.h> #if __STDC_VERSION__ >= 199901L /* C99 or later */ @@ -48,6 +49,8 @@ static gboolean opt_stdin = FALSE; static gboolean opt_leave_stdin_open = FALSE; static gboolean opt_syslog = FALSE; +static gboolean is_cgroup_v2 = FALSE; +static char *cgroup2_path = NULL; static char *opt_cid = NULL; static char *opt_cuuid = NULL; static char *opt_name = NULL; @@ -138,7 +141,7 @@ * Returns the path for specified controller name for a pid. * Returns NULL on error. */ -static char *process_cgroup_subsystem_path(int pid, const char *subsystem) +static char *process_cgroup_subsystem_path(int pid, bool cgroup2, const char *subsystem) { _cleanup_free_ char *cgroups_file_path = g_strdup_printf("/proc/%d/cgroup", pid); _cleanup_fclose_ FILE *fp = NULL; @@ -169,6 +172,11 @@ } *path = 0; path++; + if (cgroup2) { + subsystem_path = g_strdup_printf("%s%s", CGROUP_ROOT, path); + subsystem_path[strlen(subsystem_path) - 1] = '\0'; + return subsystem_path; + } subsystems = g_strsplit(ptr, ",", -1); for (i = 0; subsystems[i] != NULL; i++) { if (strcmp(subsystems[i], subsystem) == 0) { @@ -274,6 +282,7 @@ static int attach_socket_fd = -1; static int console_socket_fd = -1; static int terminal_ctrl_fd = -1; +static int inotify_fd = -1; static gboolean timed_out = FALSE; @@ -479,7 +488,7 @@ return G_SOURCE_REMOVE; } -static gboolean oom_cb(int fd, GIOCondition condition, G_GNUC_UNUSED gpointer user_data) +static gboolean oom_cb_cgroup_v1(int fd, GIOCondition condition, G_GNUC_UNUSED gpointer user_data) { uint64_t oom_event; ssize_t num_read = 0; @@ -510,6 +519,77 @@ return G_SOURCE_REMOVE; } + +static gboolean check_cgroup2_oom() +{ + _cleanup_free_ char *memory_events_file_path = NULL; + _cleanup_free_ char *line = NULL; + _cleanup_fclose_ FILE *fp = NULL; + static long int last_counter = 0; + size_t len = 0; + ssize_t read; + + if (!is_cgroup_v2) + return G_SOURCE_REMOVE; + + memory_events_file_path = g_build_filename(cgroup2_path, "memory.events", NULL); + + fp = fopen(memory_events_file_path, "re"); + if (fp == NULL) { + nwarnf("Failed to open cgroups file: %s", memory_events_file_path); + return G_SOURCE_CONTINUE; + } + while ((read = getline(&line, &len, fp)) != -1) { + long int counter; + + if (read < 6 || memcmp(line, "oom ", 4)) + continue; + + counter = strtol(&line[4], NULL, 10); + if (counter == LONG_MAX) { + nwarnf("Failed to parse %s", &line[4]); + } + + if (counter != last_counter) { + _cleanup_close_ int oom_fd = -1; + + ninfo("OOM received"); + oom_fd = open("oom", O_CREAT, 0666); + if (oom_fd < 0) { + nwarn("Failed to write oom file"); + } else { + last_counter = counter; + } + } + return G_SOURCE_CONTINUE; + } + return G_SOURCE_REMOVE; +} + +static gboolean oom_cb_cgroup_v2(int fd, GIOCondition condition, G_GNUC_UNUSED gpointer user_data) +{ + struct inotify_event events[10]; + gboolean ret = G_SOURCE_REMOVE; + + /* Drop the inotify events. */ + ssize_t num_read = read(fd, &events, sizeof(events)); + if (num_read < 0) { + pwarn("Failed to read events"); + } + + if ((condition & G_IO_IN) != 0) { + ret = check_cgroup2_oom(); + } + + if (ret == G_SOURCE_REMOVE) { + /* End of input */ + close(fd); + inotify_fd = -1; + } + + return ret; +} + #define CONN_SOCK_BUF_SIZE 32 * 1024 /* Match the write size in CopyDetachable */ static gboolean conn_sock_cb(int fd, GIOCondition condition, gpointer user_data) { @@ -883,20 +963,44 @@ return dummyfd; } -static void setup_oom_handling(int container_pid) +static void setup_oom_handling_cgroup_v2(int container_pid) +{ + _cleanup_close_ int ifd = -1; + int wd; + + cgroup2_path = process_cgroup_subsystem_path(container_pid, true, ""); + if (!cgroup2_path) { + nwarn("Failed to get cgroup path. Container may have exited"); + return; + } + + _cleanup_free_ char *memory_events_file_path = g_build_filename(cgroup2_path, "memory.events", NULL); + + if ((ifd = inotify_init()) < 0) { + nwarnf("Failed to create inotify fd"); + return; + } + + if ((wd = inotify_add_watch(ifd, memory_events_file_path, IN_MODIFY)) < 0) { + nwarnf("Failed to add inotify watch for %s", memory_events_file_path); + return; + } + + /* Move ownership to inotify_fd. */ + inotify_fd = ifd; + ifd = -1; + + g_unix_fd_add(inotify_fd, G_IO_IN, oom_cb_cgroup_v2, NULL); +} + +static void setup_oom_handling_cgroup_v1(int container_pid) { /* Setup OOM notification for container process */ _cleanup_free_ char *memory_cgroup_path = NULL; _cleanup_close_ int cfd = -1; - struct statfs sfs; int ofd = -1; /* Not closed */ - if (statfs("/sys/fs/cgroup", &sfs) == 0 && sfs.f_type == CGROUP2_SUPER_MAGIC) { - nwarnf("cgroup v2 unified mode detected. Skipping OOM handling"); - return; - } - - memory_cgroup_path = process_cgroup_subsystem_path(container_pid, "memory"); + memory_cgroup_path = process_cgroup_subsystem_path(container_pid, false, "memory"); if (!memory_cgroup_path) { nexit("Failed to get memory cgroup path"); } @@ -919,7 +1023,19 @@ if (write_all(cfd, data, strlen(data)) < 0) pexit("Failed to write to cgroup.event_control"); - g_unix_fd_add(oom_event_fd, G_IO_IN, oom_cb, NULL); + g_unix_fd_add(oom_event_fd, G_IO_IN, oom_cb_cgroup_v1, NULL); +} + +static void setup_oom_handling(int container_pid) +{ + struct statfs sfs; + + if (statfs("/sys/fs/cgroup", &sfs) == 0 && sfs.f_type == CGROUP2_SUPER_MAGIC) { + is_cgroup_v2 = TRUE; + setup_oom_handling_cgroup_v2(container_pid); + return; + } + setup_oom_handling_cgroup_v1(container_pid); } static void do_exit_command() @@ -1388,6 +1504,8 @@ g_main_loop_run(main_loop); + check_cgroup2_oom(); + /* Drain stdout and stderr only if a timeout doesn't occur */ if (masterfd_stdout != -1 && !timed_out) { g_unix_set_fd_nonblocking(masterfd_stdout, TRUE, NULL); ++++++ podman-1.4.0.tar.xz -> podman-1.4.2.tar.xz ++++++ ++++ 11693 lines of diff (skipped)
