cleanup

Signed-off-by: Jess Frazelle <acidburn@microsoft.com>

.gitignore

@@ -52,6 +52,5 @@ profile.out
 *.tar
 rootfs
 config.json
-bin
-rootfs.go
+image/data.go
 .ip

Makefile

@@ -1,17 +1,18 @@
 # Set an output prefix, which is the local directory if not specified
 PREFIX?=$(shell pwd)
-BUILDTAGS=seccomp apparmor
 
 # Setup name variables for the package/tool
 NAME := binctr
 PKG := github.com/genuinetools/$(NAME)
 
 # Set any default go build tags
-BUILDTAGS :=
+BUILDTAGS := seccomp apparmor
 
 # Set the build dir, where built cross-compiled binaries will be output
 BUILDDIR := ${PREFIX}/cross
 
+IMAGE := alpine
+
 # Populate version variables
 # Add to compile time flags
 VERSION := $(shell cat VERSION.txt)
@@ -20,28 +21,26 @@ GITUNTRACKEDCHANGES := $(shell git status --porcelain --untracked-files=no)
 ifneq ($(GITUNTRACKEDCHANGES),)
 	GITCOMMIT := $(GITCOMMIT)-dirty
 endif
-CTIMEVAR=-X $(PKG)/version.GITCOMMIT=$(GITCOMMIT) -X $(PKG)/version.VERSION=$(VERSION)
+CTIMEVAR=-X $(PKG)/version.GITCOMMIT=$(GITCOMMIT) -X $(PKG)/version.VERSION=$(VERSION) \
+		 -X main.IMAGE=$(notdir $(IMAGE)) \
+		 -X main.IMAGESHA=$(shell docker inspect --format "{{.Id}}" $(IMAGE))
 GO_LDFLAGS=-ldflags "-w $(CTIMEVAR)"
 GO_LDFLAGS_STATIC=-ldflags "-w $(CTIMEVAR) -extldflags -static"
 
-# List the GOOS and GOARCH to build
-GOOSARCHES = darwin/amd64 darwin/386 freebsd/amd64 freebsd/386 linux/arm linux/arm64 linux/amd64 linux/386 solaris/amd64 windows/amd64 windows/386
-
-all: clean build fmt lint test staticcheck vet install ## Runs a clean, build, fmt, lint, test, staticcheck, vet and install
+all: clean build fmt lint test staticcheck vet ## Runs a clean, build, fmt, lint, test, staticcheck, and vet
 
 .PHONY: build
-build: $(NAME) ## Builds a dynamic executable or package
+build: $(BUILDDIR)/$(notdir $(IMAGE)) ## Builds a static executable or package
 
-$(NAME): *.go VERSION.txt
-	@echo "+ $@"
-	go build -tags "$(BUILDTAGS)" ${GO_LDFLAGS} -o $(NAME) .
+$(BUILDDIR):
+	@mkdir -p $@
 
-.PHONY: static
-static: ## Builds a static executable
+$(BUILDDIR)/$(notdir $(IMAGE)): $(BUILDDIR) image/data.go *.go VERSION.txt
 	@echo "+ $@"
-	CGO_ENABLED=0 go build \
+	CGO_ENABLED=1 go build \
 				-tags "$(BUILDTAGS) static_build" \
-				${GO_LDFLAGS_STATIC} -o $(NAME) .
+				${GO_LDFLAGS_STATIC} -o $@ .
+	@echo "Static container for $(IMAGE) created at: $@"
 
 .PHONY: fmt
 fmt: ## Verifies all files have men `gofmt`ed
@@ -79,40 +78,6 @@ cover: ## Runs go test with coverage
 		fi; \
 	done;
 
-.PHONY: install
-install: ## Installs the executable or package
-	@echo "+ $@"
-	go install -a -tags "$(BUILDTAGS)" ${GO_LDFLAGS} .
-
-define buildpretty
-mkdir -p $(BUILDDIR)/$(1)/$(2);
-GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 go build \
-	 -o $(BUILDDIR)/$(1)/$(2)/$(NAME) \
-	 -a -tags "$(BUILDTAGS) static_build netgo" \
-	 -installsuffix netgo ${GO_LDFLAGS_STATIC} .;
-md5sum $(BUILDDIR)/$(1)/$(2)/$(NAME) > $(BUILDDIR)/$(1)/$(2)/$(NAME).md5;
-sha256sum $(BUILDDIR)/$(1)/$(2)/$(NAME) > $(BUILDDIR)/$(1)/$(2)/$(NAME).sha256;
-endef
-
-.PHONY: cross
-cross: *.go VERSION.txt ## Builds the cross-compiled binaries, creating a clean directory structure (eg. GOOS/GOARCH/binary)
-	@echo "+ $@"
-	$(foreach GOOSARCH,$(GOOSARCHES), $(call buildpretty,$(subst /,,$(dir $(GOOSARCH))),$(notdir $(GOOSARCH))))
-
-define buildrelease
-GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 go build \
-	 -o $(BUILDDIR)/$(NAME)-$(1)-$(2) \
-	 -a -tags "$(BUILDTAGS) static_build netgo" \
-	 -installsuffix netgo ${GO_LDFLAGS_STATIC} .;
-md5sum $(BUILDDIR)/$(NAME)-$(1)-$(2) > $(BUILDDIR)/$(NAME)-$(1)-$(2).md5;
-sha256sum $(BUILDDIR)/$(NAME)-$(1)-$(2) > $(BUILDDIR)/$(NAME)-$(1)-$(2).sha256;
-endef
-
-.PHONY: release
-release: *.go VERSION.txt ## Builds the cross-compiled binaries, naming them in such a way for release (eg. binary-GOOS-GOARCH)
-	@echo "+ $@"
-	$(foreach GOOSARCH,$(GOOSARCHES), $(call buildrelease,$(subst /,,$(dir $(GOOSARCH))),$(notdir $(GOOSARCH))))
-
 .PHONY: bump-version
 BUMP := patch
 bump-version: ## Bump the version in the version file. Set BUMP to [ patch | major | minor ]
@@ -131,11 +96,24 @@ tag: ## Create a new git tag to prepare to build a release
 	git tag -sa $(VERSION) -m "$(VERSION)"
 	@echo "Run git push origin $(VERSION) to push your new tag to GitHub and trigger a travis build."
 
+.PHONY: image.tar
+image.tar:
+	docker pull --disable-content-trust=false $(IMAGE)
+	docker export $(shell docker create $(IMAGE) sh) > $@
+
+.PHONY: image/data.go
+image/data.go: image.tar
+	GOMAXPROCS=1 go generate
+
 .PHONY: clean
 clean: ## Cleanup any build binaries or packages
 	@echo "+ $@"
 	$(RM) $(NAME)
 	$(RM) -r $(BUILDDIR)
+	@sudo $(RM) -r rootfs
+	$(RM) *.tar
+	$(RM) image/data.go
+	-@docker rm $(shell docker ps -aq) /dev/null 2>&1
 
 .PHONY: help
 help:

generate.go

@@ -9,19 +9,23 @@ import (
 	"path/filepath"
 )
 
-// Reads static/index.html and saves as a constant in static.go
+// Reads image.tar and saves as a constant in rootfs.go
 func main() {
 	wd, err := os.Getwd()
 	if err != nil {
 		panic(err)
 	}
-	out, err := os.Create(filepath.Join(wd, "rootfs.go"))
+	out, err := os.Create(filepath.Join(wd, "image", "data.go"))
 	if err != nil {
 		panic(err)
 	}
 	tarPath := filepath.Join(wd, "image.tar")
 
-	out.Write([]byte("// This file is autogenerated; DO NOT EDIT DIRECTLY\n// See generate.go for more info\npackage main\n\nconst (\n"))
+	out.Write([]byte("// Package image is autogenerated; DO NOT EDIT DIRECTLY\n"))
+	out.Write([]byte("// See generate.go for more info\n"))
+	out.Write([]byte("package image\n\n"))
+	out.Write([]byte("const (\n"))
+	out.Write([]byte("\t// DATA is the image data that is embessed at compile time.\n"))
 	out.Write([]byte("\tDATA = `"))
 	f, err := ioutil.ReadFile(tarPath)
 	if err != nil {

image/image.go

@@ -0,0 +1,7 @@
+package image
+
+// NAME is the name of the image that is embedded at compile time.
+var NAME string
+
+// SHA is the sha digest of the image that is embedded at compile time.
+var SHA string

main.go

@@ -10,6 +10,7 @@ import (
 	"strings"
 
 	aaprofile "github.com/docker/docker/profiles/apparmor"
+	"github.com/genuinetools/binctr/image"
 	"github.com/genuinetools/binctr/version"
 	"github.com/opencontainers/runc/libcontainer"
 	"github.com/opencontainers/runc/libcontainer/apparmor"
@@ -56,11 +57,6 @@ var (
 
 	debug bool
 	vrsn  bool
-
-	// IMAGE is the name of the image that is embedded at compile time.
-	IMAGE = "alpine"
-	// IMAGESHA is the sha digest of the image that is embedded at compile time.
-	IMAGESHA = "sha256:70c557e50ed630deed07cbb0dc4d28aa0f2a485cf7af124cc48f06bce83f784b"
 )
 
 // stringSlice is a slice of strings
@@ -107,7 +103,7 @@ func (s stringSlice) ParseHooks() (hooks specs.Hooks, err error) {
 
 func init() {
 	// Parse flags
-	flag.StringVar(&containerID, "id", IMAGE, "container ID")
+	flag.StringVar(&containerID, "id", image.NAME, "container ID")
 	flag.StringVar(&pidFile, "pid-file", "", "specify the file to write the process id to")
 	flag.StringVar(&root, "root", defaultRoot, "root directory of container state, should be tmpfs")
 
@@ -123,14 +119,14 @@ func init() {
 	flag.BoolVar(&debug, "D", false, "run in debug mode")
 
 	flag.Usage = func() {
-		fmt.Fprint(os.Stderr, fmt.Sprintf(BANNER, IMAGE, IMAGESHA, version.VERSION, version.GITCOMMIT))
+		fmt.Fprint(os.Stderr, fmt.Sprintf(BANNER, image.NAME, image.SHA, version.VERSION, version.GITCOMMIT))
 		flag.PrintDefaults()
 	}
 
 	flag.Parse()
 
 	if vrsn {
-		fmt.Printf("%s, commit: %s, image: %s, image digest: %s", version.VERSION, version.GITCOMMIT, IMAGE, IMAGESHA)
+		fmt.Printf("%s, commit: %s, image: %s, image digest: %s", version.VERSION, version.GITCOMMIT, image.NAME, image.SHA)
 		os.Exit(0)
 	}
 

notify_socket.go

@@ -63,16 +63,16 @@ func (s *notifySocket) setupSocket() error {
 
 // pid1 must be set only with -d, as it is used to set the new process as the main process
 // for the service in butts
-func (notifySocket *notifySocket) run(pid1 int) {
+func (s *notifySocket) run(pid1 int) {
 	buf := make([]byte, 512)
-	notifySocketHostAddr := net.UnixAddr{Name: notifySocket.host, Net: "unixgram"}
+	notifySocketHostAddr := net.UnixAddr{Name: s.host, Net: "unixgram"}
 	client, err := net.DialUnix("unixgram", nil, &notifySocketHostAddr)
 	if err != nil {
 		logrus.Error(err)
 		return
 	}
 	for {
-		r, err := notifySocket.socket.Read(buf)
+		r, err := s.socket.Read(buf)
 		if err != nil {
 			break
 		}

rlimit_linux.go

@@ -3,41 +3,41 @@ package main
 import "fmt"
 
 const (
-	RLIMIT_CPU        = iota // CPU time in sec
-	RLIMIT_FSIZE             // Maximum filesize
-	RLIMIT_DATA              // max data size
-	RLIMIT_STACK             // max stack size
-	RLIMIT_CORE              // max core file size
-	RLIMIT_RSS               // max resident set size
-	RLIMIT_NPROC             // max number of processes
-	RLIMIT_NOFILE            // max number of open files
-	RLIMIT_MEMLOCK           // max locked-in-memory address space
-	RLIMIT_AS                // address space limit
-	RLIMIT_LOCKS             // maximum file locks held
-	RLIMIT_SIGPENDING        // max number of pending signals
-	RLIMIT_MSGQUEUE          // maximum bytes in POSIX mqueues
-	RLIMIT_NICE              // max nice prio allowed to raise to
-	RLIMIT_RTPRIO            // maximum realtime priority
-	RLIMIT_RTTIME            // timeout for RT tasks in us
+	rLimitCPU        = iota // CPU time in sec
+	rLimitFsize             // Maximum filesize
+	rLimitData              // max data size
+	rLimitStack             // max stack size
+	rLimitCore              // max core file size
+	rLimitRss               // max resident set size
+	rLimitNproc             // max number of processes
+	rLimitNofile            // max number of open files
+	rLimitMemlock           // max locked-in-memory address space
+	rLimitAs                // address space limit
+	rLimitLocks             // maximum file locks held
+	rLimitSigpending        // max number of pending signals
+	rLimitMsgqueue          // maximum bytes in POSIX mqueues
+	rLimitNice              // max nice prio allowed to raise to
+	rLimitRtprio            // maximum realtime priority
+	rLimitRttime            // timeout for RT tasks in us
 )
 
 var rlimitMap = map[string]int{
-	"RLIMIT_CPU":        RLIMIT_CPU,
-	"RLIMIT_FSIZE":      RLIMIT_FSIZE,
-	"RLIMIT_DATA":       RLIMIT_DATA,
-	"RLIMIT_STACK":      RLIMIT_STACK,
-	"RLIMIT_CORE":       RLIMIT_CORE,
-	"RLIMIT_RSS":        RLIMIT_RSS,
-	"RLIMIT_NPROC":      RLIMIT_NPROC,
-	"RLIMIT_NOFILE":     RLIMIT_NOFILE,
-	"RLIMIT_MEMLOCK":    RLIMIT_MEMLOCK,
-	"RLIMIT_AS":         RLIMIT_AS,
-	"RLIMIT_LOCKS":      RLIMIT_LOCKS,
-	"RLIMIT_SIGPENDING": RLIMIT_SIGPENDING,
-	"RLIMIT_MSGQUEUE":   RLIMIT_MSGQUEUE,
-	"RLIMIT_NICE":       RLIMIT_NICE,
-	"RLIMIT_RTPRIO":     RLIMIT_RTPRIO,
-	"RLIMIT_RTTIME":     RLIMIT_RTTIME,
+	"RLIMIT_CPU":        rLimitCPU,
+	"RLIMIT_FSIZE":      rLimitFsize,
+	"RLIMIT_DATA":       rLimitData,
+	"RLIMIT_STACK":      rLimitStack,
+	"RLIMIT_CORE":       rLimitCore,
+	"RLIMIT_RSS":        rLimitRss,
+	"RLIMIT_NPROC":      rLimitNproc,
+	"RLIMIT_NOFILE":     rLimitNofile,
+	"RLIMIT_MEMLOCK":    rLimitMemlock,
+	"RLIMIT_AS":         rLimitAs,
+	"RLIMIT_LOCKS":      rLimitLocks,
+	"RLIMIT_SIGPENDING": rLimitSigpending,
+	"RLIMIT_MSGQUEUE":   rLimitMsgqueue,
+	"RLIMIT_NICE":       rLimitNice,
+	"RLIMIT_RTPRIO":     rLimitRtprio,
+	"RLIMIT_RTTIME":     rLimitRttime,
 }
 
 func strToRlimit(key string) (int, error) {

rootfs.go

@@ -8,13 +8,12 @@ import (
 	"path/filepath"
 
 	"github.com/docker/docker/pkg/archive"
+	"github.com/genuinetools/binctr/image"
 	"github.com/opencontainers/runtime-spec/specs-go"
 )
 
-const DATA = ""
-
 func unpackRootfs(spec *specs.Spec) error {
-	data, err := base64.StdEncoding.DecodeString(DATA)
+	data, err := base64.StdEncoding.DecodeString(image.DATA)
 	if err != nil {
 		return err
 	}

signals.go

@@ -67,9 +67,9 @@ func (h *signalHandler) forward(process *libcontainer.Process, tty *tty, detach
 		if detach {
 			h.notifySocket.run(pid1)
 			return 0, nil
-		} else {
-			go h.notifySocket.run(0)
 		}
+
+		go h.notifySocket.run(0)
 	}
 
 	// Perform the initial tty resize. Always ignore errors resizing because