d1099a6cc5
When the integration test image is run on a system with apparmor enabled, it needs binaries from the 'apparmor' package, so ensure that it's always there. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
83 lines
2.6 KiB
Docker
83 lines
2.6 KiB
Docker
FROM golang:1.7
|
|
|
|
# libseccomp in jessie is not _quite_ new enough -- need backports version
|
|
RUN echo 'deb http://httpredir.debian.org/debian jessie-backports main' > /etc/apt/sources.list.d/backports.list
|
|
|
|
RUN apt-get update && apt-get install -y \
|
|
apparmor \
|
|
build-essential \
|
|
curl \
|
|
gawk \
|
|
iptables \
|
|
pkg-config \
|
|
libaio-dev \
|
|
libcap-dev \
|
|
libprotobuf-dev \
|
|
libprotobuf-c0-dev \
|
|
libseccomp2/jessie-backports \
|
|
libseccomp-dev/jessie-backports \
|
|
protobuf-c-compiler \
|
|
protobuf-compiler \
|
|
python-minimal \
|
|
libglib2.0-dev \
|
|
libapparmor-dev \
|
|
btrfs-tools \
|
|
libdevmapper1.02.1 \
|
|
libdevmapper-dev \
|
|
libgpgme11-dev \
|
|
netcat \
|
|
--no-install-recommends \
|
|
&& apt-get clean
|
|
|
|
# install bats
|
|
RUN cd /tmp \
|
|
&& git clone https://github.com/sstephenson/bats.git \
|
|
&& cd bats \
|
|
&& git reset --hard 03608115df2071fff4eaaff1605768c275e5f81f \
|
|
&& ./install.sh /usr/local
|
|
|
|
# install criu
|
|
ENV CRIU_VERSION 1.7
|
|
RUN mkdir -p /usr/src/criu \
|
|
&& curl -sSL https://github.com/xemul/criu/archive/v${CRIU_VERSION}.tar.gz | tar -v -C /usr/src/criu/ -xz --strip-components=1 \
|
|
&& cd /usr/src/criu \
|
|
&& make install-criu \
|
|
&& rm -rf /usr/src/criu
|
|
|
|
# Install runc
|
|
ENV RUNC_COMMIT c5ec25487693612aed95673800863e134785f946
|
|
RUN set -x \
|
|
&& export GOPATH="$(mktemp -d)" \
|
|
&& git clone https://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" \
|
|
&& cd "$GOPATH/src/github.com/opencontainers/runc" \
|
|
&& git fetch origin --tags \
|
|
&& git checkout -q "$RUNC_COMMIT" \
|
|
&& make static BUILDTAGS="seccomp selinux" \
|
|
&& cp runc /usr/local/bin/runc \
|
|
&& rm -rf "$GOPATH"
|
|
|
|
# Install CNI plugins
|
|
ENV CNI_COMMIT dcf7368eeab15e2affc6256f0bb1e84dd46a34de
|
|
RUN set -x \
|
|
&& export GOPATH="$(mktemp -d)" \
|
|
&& git clone https://github.com/containernetworking/plugins.git "$GOPATH/src/github.com/containernetworking/plugins" \
|
|
&& cd "$GOPATH/src/github.com/containernetworking/plugins" \
|
|
&& git checkout -q "$CNI_COMMIT" \
|
|
&& ./build.sh \
|
|
&& mkdir -p /opt/cni/bin \
|
|
&& cp bin/* /opt/cni/bin/ \
|
|
&& rm -rf "$GOPATH"
|
|
|
|
COPY test/plugin_test_args.bash /opt/cni/bin/plugin_test_args.bash
|
|
|
|
# Make sure we have some policy for pulling images
|
|
RUN mkdir -p /etc/containers
|
|
COPY test/policy.json /etc/containers/policy.json
|
|
|
|
WORKDIR /go/src/github.com/kubernetes-incubator/cri-o
|
|
|
|
ADD . /go/src/github.com/kubernetes-incubator/cri-o
|
|
|
|
RUN make copyimg \
|
|
&& mkdir -p .artifacts/redis-image \
|
|
&& ./test/copyimg/copyimg --import-from=docker://redis --export-to=dir:.artifacts/redis-image --signature-policy ./test/policy.json
|