vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
cri-o/vendor/github.com/opencontainers/runtime-tools
History
Antonio Murdaca af0a494251
container_create: handle cap add/drop ALL 
Kubelet can send cap add/drop ALL. Handle that in CRI-O as well.
Also, this PR is re-vendoring runtime-tools to fix capabilities add to
add caps to _all_ caps set **and** fix a shared memory issue (caps set
were initialized with the same slice, if one modifies one slice, it's
reflected on the other slices, the vendoring fixes this as well)

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-09-07 16:43:33 +02:00
..
error container_create: handle cap add/drop ALL 2017-09-07 16:43:33 +02:00
generate container_create: handle cap add/drop ALL 2017-09-07 16:43:33 +02:00
specerror container_create: handle cap add/drop ALL 2017-09-07 16:43:33 +02:00
validate container_create: handle cap add/drop ALL 2017-09-07 16:43:33 +02:00
LICENSE Build and install from GOPATH 2017-01-17 12:09:09 -08:00
README.md Bump up runtime-spec dependency to v1.0.0 2017-07-19 21:38:05 -07:00

README.md

oci-runtime-tool Build Status Go Report Card

oci-runtime-tool is a collection of tools for working with the OCI runtime specification. To build from source code, runtime-tools requires Go 1.7.x or above.

Generating an OCI runtime spec configuration files

oci-runtime-tool generate generates configuration JSON for an OCI bundle. OCI-compatible runtimes like runC expect to read the configuration from config.json.

$ oci-runtime-tool generate --output config.json
$ cat config.json
{
        "ociVersion": "0.5.0",
        …
}

Validating an OCI bundle

oci-runtime-tool validate validates an OCI bundle. The error message will be printed if the OCI bundle failed the validation procedure.

$ oci-runtime-tool generate
$ oci-runtime-tool validate
INFO[0000] Bundle validation succeeded.

Testing OCI runtimes

$ sudo make RUNTIME=runc localvalidation
RUNTIME=runc go test -tags ""  -v github.com/opencontainers/runtime-tools/validation
=== RUN   TestValidateBasic
TAP version 13
ok 1 - root filesystem
ok 2 - hostname
ok 3 - mounts
ok 4 - capabilities
ok 5 - default symlinks
ok 6 - default devices
ok 7 - linux devices
ok 8 - linux process
ok 9 - masked paths
ok 10 - oom score adj
ok 11 - read only paths
ok 12 - rlimits
ok 13 - sysctls
ok 14 - uid mappings
ok 15 - gid mappings
1..15
--- PASS: TestValidateBasic (0.08s)
=== RUN   TestValidateSysctls
TAP version 13
ok 1 - root filesystem
ok 2 - hostname
ok 3 - mounts
ok 4 - capabilities
ok 5 - default symlinks
ok 6 - default devices
ok 7 - linux devices
ok 8 - linux process
ok 9 - masked paths
ok 10 - oom score adj
ok 11 - read only paths
ok 12 - rlimits
ok 13 - sysctls
ok 14 - uid mappings
ok 15 - gid mappings
1..15
--- PASS: TestValidateSysctls (0.20s)
PASS
ok      github.com/opencontainers/runtime-tools/validation      0.281s