vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

vendor: remove dep and use vndr

Browse source 
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This commit is contained in:
Antonio Murdaca 2017-06-06 09:19:04 +02:00
parent 16f44674a4
commit 148e72d81e
No known key found for this signature in database
GPG key ID: B2BEAD150DE936B9
16131 changed files with 73815 additions and 4235138 deletions
Download patch file Download diff file Expand all files Collapse all files

11
vendor/github.com/opencontainers/selinux/.pullapprove.yml generated vendored
View file

@ -1,11 +0,0 @@
approve_by_comment: true
approve_regex: '^(Approved|lgtm|LGTM|:shipit:|:star:|:\+1:|:ship:)'
reject_regex: ^Rejected
reset_on_push: true
signed_off_by:
required: true
reviewers:
teams:
- go-selinux-maintainers
name: default
required: 2

17
vendor/github.com/opencontainers/selinux/.travis.yml generated vendored
View file

@ -1,17 +0,0 @@
language: go
go:
- 1.8
- tip
- master
env:
global:
- BUILDTAGS="selinux linux"
before_install:
- go get -u github.com/golang/lint/golint
- go get -u github.com/vbatts/git-validation
script:
- git-validation -run DCO,short-subject -v -range ${TRAVIS_COMMIT_RANGE}
- make BUILDTAGS="${BUILDTAGS}" lint test

119
vendor/github.com/opencontainers/selinux/CONTRIBUTING.md generated vendored
View file

@ -1,119 +0,0 @@
## Contribution Guidelines
### Security issues
If you are reporting a security issue, do not create an issue or file a pull
request on GitHub. Instead, disclose the issue responsibly by sending an email
to security@opencontainers.org (which is inhabited only by the maintainers of
the various OCI projects).
### Pull requests are always welcome
We are always thrilled to receive pull requests, and do our best to
process them as fast as possible. Not sure if that typo is worth a pull
request? Do it! We will appreciate it.
If your pull request is not accepted on the first try, don't be
discouraged! If there's a problem with the implementation, hopefully you
received feedback on what to improve.
We're trying very hard to keep the project lean and focused. We don't want it
to do everything for everybody. This means that we might decide against
incorporating a new feature.
### Conventions
Fork the repo and make changes on your fork in a feature branch.
For larger bugs and enhancements, consider filing a leader issue or mailing-list thread for discussion that is independent of the implementation.
Small changes or changes that have been discussed on the project mailing list may be submitted without a leader issue.
If the project has a test suite, submit unit tests for your changes. Take a
look at existing tests for inspiration. Run the full test suite on your branch
before submitting a pull request.
Update the documentation when creating or modifying features. Test
your documentation changes for clarity, concision, and correctness, as
well as a clean documentation build. See ``docs/README.md`` for more
information on building the docs and how docs get released.
Write clean code. Universally formatted code promotes ease of writing, reading,
and maintenance. Always run `gofmt -s -w file.go` on each changed file before
committing your changes. Most editors have plugins that do this automatically.
Pull requests descriptions should be as clear as possible and include a
reference to all the issues that they address.
Commit messages must start with a capitalized and short summary
written in the imperative, followed by an optional, more detailed
explanatory text which is separated from the summary by an empty line.
Code review comments may be added to your pull request. Discuss, then make the
suggested modifications and push additional commits to your feature branch. Be
sure to post a comment after pushing. The new commits will show up in the pull
request automatically, but the reviewers will not be notified unless you
comment.
Before the pull request is merged, make sure that you squash your commits into
logical units of work using `git rebase -i` and `git push -f`. After every
commit the test suite (if any) should be passing. Include documentation changes
in the same commit so that a revert would remove all traces of the feature or
fix.
Commits that fix or close an issue should include a reference like `Closes #XXX`
or `Fixes #XXX`, which will automatically close the issue when merged.
### Sign your work
The sign-off is a simple line at the end of the explanation for the
patch, which certifies that you wrote it or otherwise have the right to
pass it on as an open-source patch. The rules are pretty simple: if you
can certify the below (from
[developercertificate.org](http://developercertificate.org/)):
```
Developer Certificate of Origin
Version 1.1
Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
660 York Street, Suite 102,
San Francisco, CA 94110 USA
Everyone is permitted to copy and distribute verbatim copies of this
license document, but changing it is not allowed.
Developer's Certificate of Origin 1.1
By making a contribution to this project, I certify that:
(a) The contribution was created in whole or in part by me and I
have the right to submit it under the open source license
indicated in the file; or
(b) The contribution is based upon previous work that, to the best
of my knowledge, is covered under an appropriate open source
license and I have the right under that license to submit that
work with modifications, whether created in whole or in part
by me, under the same open source license (unless I am
permitted to submit under a different license), as indicated
in the file; or
(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.
(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including all
personal information I submit with it, including my sign-off) is
maintained indefinitely and may be redistributed consistent with
this project or the open source license(s) involved.
```
then you just add a line to every git commit message:
Signed-off-by: Joe Smith <joe@gmail.com>
using your real name (sorry, no pseudonyms or anonymous contributions.)
You can add the sign off when creating the git commit via `git commit -s`.

3
vendor/github.com/opencontainers/selinux/MAINTAINERS generated vendored
View file

@ -1,3 +0,0 @@
Antonio Murdaca <runcom@redhat.com> (@runcom)
Daniel J Walsh <dwalsh@redhat.com> (@rhatdan)
Mrunal Patel <mpatel@redhat.com> (@mrunalp)

14
vendor/github.com/opencontainers/selinux/Makefile generated vendored
View file

@ -1,14 +0,0 @@
BUILDTAGS := selinux
check-gopath:
ifndef GOPATH
$(error GOPATH is not set)
endif
.PHONY: test
test: check-gopath
go test -timeout 3m -tags "${BUILDTAGS}" ${TESTFLAGS} -v ./...
.PHONY:
lint:
golint go-selinux

146
vendor/github.com/opencontainers/selinux/go-selinux/label/label_selinux_test.go generated vendored
View file

@ -1,146 +0,0 @@
// +build selinux,linux
package label
import (
"os"
"strings"
"testing"
"github.com/opencontainers/selinux/go-selinux"
)
func TestInit(t *testing.T) {
if !selinux.GetEnabled() {
return
}
var testNull []string
plabel, mlabel, err := InitLabels(testNull)
if err != nil {
t.Log("InitLabels Failed")
t.Fatal(err)
}
testDisabled := []string{"disable"}
roMountLabel := ROMountLabel()
if roMountLabel == "" {
t.Errorf("ROMountLabel Failed")
}
plabel, mlabel, err = InitLabels(testDisabled)
if err != nil {
t.Log("InitLabels Disabled Failed")
t.Fatal(err)
}
if plabel != "" {
t.Log("InitLabels Disabled Failed")
t.FailNow()
}
testUser := []string{"user:user_u", "role:user_r", "type:user_t", "level:s0:c1,c15"}
plabel, mlabel, err = InitLabels(testUser)
if err != nil {
t.Log("InitLabels User Failed")
t.Fatal(err)
}
if plabel != "user_u:user_r:user_t:s0:c1,c15" || (mlabel != "user_u:object_r:container_file_t:s0:c1,c15" && mlabel != "user_u:object_r:svirt_sandbox_file_t:s0:c1,c15") {
t.Log("InitLabels User Match Failed")
t.Log(plabel, mlabel)
t.Fatal(err)
}
testBadData := []string{"user", "role:user_r", "type:user_t", "level:s0:c1,c15"}
if _, _, err = InitLabels(testBadData); err == nil {
t.Log("InitLabels Bad Failed")
t.Fatal(err)
}
}
func TestDuplicateLabel(t *testing.T) {
secopt := DupSecOpt("system_u:system_r:container_t:s0:c1,c2")
for _, opt := range secopt {
con := strings.SplitN(opt, ":", 2)
if con[0] == "user" {
if con[1] != "system_u" {
t.Errorf("DupSecOpt Failed user incorrect")
}
continue
}
if con[0] == "role" {
if con[1] != "system_r" {
t.Errorf("DupSecOpt Failed role incorrect")
}
continue
}
if con[0] == "type" {
if con[1] != "container_t" {
t.Errorf("DupSecOpt Failed type incorrect")
}
continue
}
if con[0] == "level" {
if con[1] != "s0:c1,c2" {
t.Errorf("DupSecOpt Failed level incorrect")
}
continue
}
t.Errorf("DupSecOpt Failed invalid field %q", con[0])
}
secopt = DisableSecOpt()
if secopt[0] != "disable" {
t.Errorf("DisableSecOpt Failed level incorrect %q", secopt[0])
}
}
func TestRelabel(t *testing.T) {
if !selinux.GetEnabled() {
return
}
testdir := "/tmp/test"
if err := os.Mkdir(testdir, 0755); err != nil {
t.Fatal(err)
}
defer os.RemoveAll(testdir)
label := "system_u:object_r:container_file_t:s0:c1,c2"
if err := Relabel(testdir, "", true); err != nil {
t.Fatalf("Relabel with no label failed: %v", err)
}
if err := Relabel(testdir, label, true); err != nil {
t.Fatalf("Relabel shared failed: %v", err)
}
if err := Relabel(testdir, label, false); err != nil {
t.Fatalf("Relabel unshared failed: %v", err)
}
if err := Relabel("/etc", label, false); err == nil {
t.Fatalf("Relabel /etc succeeded")
}
if err := Relabel("/", label, false); err == nil {
t.Fatalf("Relabel / succeeded")
}
if err := Relabel("/usr", label, false); err == nil {
t.Fatalf("Relabel /usr succeeded")
}
}
func TestValidate(t *testing.T) {
if err := Validate("zZ"); err != ErrIncompatibleLabel {
t.Fatalf("Expected incompatible error, got %v", err)
}
if err := Validate("Z"); err != nil {
t.Fatal(err)
}
if err := Validate("z"); err != nil {
t.Fatal(err)
}
if err := Validate(""); err != nil {
t.Fatal(err)
}
}
func TestIsShared(t *testing.T) {
if shared := IsShared("Z"); shared {
t.Fatalf("Expected label `Z` to not be shared, got %v", shared)
}
if shared := IsShared("z"); !shared {
t.Fatalf("Expected label `z` to be shared, got %v", shared)
}
if shared := IsShared("Zz"); !shared {
t.Fatalf("Expected label `Zz` to be shared, got %v", shared)
}
}

81
vendor/github.com/opencontainers/selinux/go-selinux/selinux_test.go generated vendored
View file

@ -1,81 +0,0 @@
// +build linux,selinux
package selinux
import (
"os"
"testing"
)
func TestSetFileLabel(t *testing.T) {
if GetEnabled() {
tmp := "selinux_test"
con := "system_u:object_r:bin_t:s0"
out, _ := os.OpenFile(tmp, os.O_WRONLY|os.O_CREATE, 0)
out.Close()
err := SetFileLabel(tmp, con)
if err != nil {
t.Log("Setfilecon failed")
t.Fatal(err)
}
filelabel, err := FileLabel(tmp)
if err != nil {
t.Log("FileLabel failed")
t.Fatal(err)
}
if con != filelabel {
t.Fatal("FileLabel failed, returned %s expected %s", filelabel, con)
}
os.Remove(tmp)
}
}
func TestSELinux(t *testing.T) {
var (
err error
plabel, flabel string
)
if GetEnabled() {
t.Log("Enabled")
plabel, flabel = ContainerLabels()
t.Log(plabel)
t.Log(flabel)
ReleaseLabel(plabel)
plabel, flabel = ContainerLabels()
t.Log(plabel)
t.Log(flabel)
ReleaseLabel(plabel)
t.Log("Enforcing Mode", EnforceMode())
mode := DefaultEnforceMode()
t.Log("Default Enforce Mode ", mode)
defer SetEnforceMode(mode)
if err := SetEnforceMode(Enforcing); err != nil {
t.Fatalf("enforcing selinux failed: %v", err)
}
if err := SetEnforceMode(Permissive); err != nil {
t.Fatalf("setting selinux mode to permissive failed: %v", err)
}
SetEnforceMode(mode)
pid := os.Getpid()
t.Logf("PID:%d MCS:%s\n", pid, intToMcs(pid, 1023))
err = SetFSCreateLabel("unconfined_u:unconfined_r:unconfined_t:s0")
if err == nil {
t.Log(FSCreateLabel())
} else {
t.Log("SetFSCreateLabel failed", err)
t.Fatal(err)
}
err = SetFSCreateLabel("")
if err == nil {
t.Log(FSCreateLabel())
} else {
t.Log("SetFSCreateLabel failed", err)
t.Fatal(err)
}
t.Log(PidLabel(1))
}
}