diff options
Diffstat (limited to 'images')
26 files changed, 0 insertions, 413 deletions
diff --git a/images/BUILD b/images/BUILD deleted file mode 100644 index a50f388e9..000000000 --- a/images/BUILD +++ /dev/null @@ -1,11 +0,0 @@ -package(licenses = ["notice"]) - -# The images filegroup is definitely not a hermetic target, and requires Make -# to do anything meaningful with. However, this will be slurped up and used by -# the tools/installer/images.sh installer, which will ensure that all required -# images are available locally when running vm_tests. -filegroup( - name = "images", - srcs = glob(["**"]), - visibility = ["//tools/installers:__pkg__"], -) diff --git a/images/Makefile b/images/Makefile deleted file mode 100644 index 1485607bd..000000000 --- a/images/Makefile +++ /dev/null @@ -1,93 +0,0 @@ -#!/usr/bin/make -f - -# Copyright 2018 The gVisor Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# ARCH is the architecture used for the build. This may be overriden at the -# command line in order to perform a cross-build (in a limited capacity). -ARCH := $(shell uname -m) - -# Note that the image prefixes used here must match the image mangling in -# runsc/testutil.MangleImage. Names are mangled in this way to ensure that all -# tests are using locally-defined images (that are consistent and idempotent). -REMOTE_IMAGE_PREFIX ?= gcr.io/gvisor-presubmit -LOCAL_IMAGE_PREFIX ?= gvisor.dev/images -ALL_IMAGES := $(subst /,_,$(subst ./,,$(shell find . -name Dockerfile -exec dirname {} \;))) -ifneq ($(ARCH),$(shell uname -m)) -DOCKER_PLATFORM_ARGS := --platform=$(ARCH) -else -DOCKER_PLATFORM_ARGS := -endif - -list-all-images: - @for image in $(ALL_IMAGES); do echo $${image}; done -.PHONY: list-build-images - -%-all-images: - @$(MAKE) $(patsubst %,$*-%,$(ALL_IMAGES)) - -# tag is a function that returns the tag name, given an image. -# -# The tag constructed is used to memoize the image generated (see README.md). -# This scheme is used to enable aggressive caching in a central repository, but -# ensuring that images will always be sourced using the local files if there -# are changes. -path = $(subst _,/,$(1)) -tag = $(shell find $(call path,$(1)) -type f -print | sort | xargs -n 1 sha256sum | sha256sum - | cut -c 1-16) -remote_image = $(REMOTE_IMAGE_PREFIX)/$(subst _,/,$(1))_$(ARCH):$(call tag,$(1)) -local_image = $(LOCAL_IMAGE_PREFIX)/$(subst _,/,$(1)) - -# rebuild builds the image locally. Only the "remote" tag will be applied. Note -# we need to explicitly repull the base layer in order to ensure that the -# architecture is correct. Note that we use the term "rebuild" here to avoid -# conflicting with the bazel "build" terminology, which is used elsewhere. -rebuild-%: register-cross - FROM=$(shell grep FROM $(call path,$*)/Dockerfile | cut -d' ' -f2-) && \ - docker pull $(DOCKER_PLATFORM_ARGS) $$FROM - T=$$(mktemp -d) && cp -a $(call path,$*)/* $$T && \ - docker build $(DOCKER_PLATFORM_ARGS) -t $(call remote_image,$*) $$T && \ - rm -rf $$T - -# pull will check the "remote" image and pull if necessary. If the remote image -# must be pulled, then it will tag with the latest local target. Note that pull -# may fail if the remote image is not available. -pull-%: - docker pull $(DOCKER_PLATFORM_ARGS) $(call remote_image,$*) - -# load will either pull the "remote" or build it locally. This is the preferred -# entrypoint, as it should never file. The local tag should always be set after -# this returns (either by the pull or the build). -load-%: - docker inspect $(call remote_image,$*) >/dev/null 2>&1 || $(MAKE) pull-$* || $(MAKE) rebuild-$* - docker tag $(call remote_image,$*) $(call local_image,$*) - -# push pushes the remote image, after either pulling (to validate that the tag -# already exists) or building manually. -push-%: load-% - docker push $(call remote_image,$*) - -# register-cross registers the necessary qemu binaries for cross-compilation. -# This may be used by any target that may execute containers that are not the -# native format. -register-cross: -ifneq ($(ARCH),$(shell uname -m)) -ifeq (,$(wildcard /proc/sys/fs/binfmt_misc/qemu-*)) - docker run --rm --privileged multiarch/qemu-user-static --reset --persistent yes -else - @true # Already registered. -endif -else - @true # No cross required. -endif -.PHONY: register-cross diff --git a/images/README.md b/images/README.md deleted file mode 100644 index d2efb5db4..000000000 --- a/images/README.md +++ /dev/null @@ -1,61 +0,0 @@ -# Container Images - -This directory contains all images used by tests. - -Note that all these images must be pushed to the testing project hosted on -[Google Container Registry][gcr]. This will happen automatically as part of -continuous integration. This will speed up loading as images will not need to be -built from scratch for each test run. - -Image tooling is accessible via `make`, specifically via `tools/images.mk`. - -## Why make? - -Make is used because it can bootstrap the `default` image, which contains -`bazel` and all other parts of the toolchain. - -## Listing images - -To list all images, use `make list-all-images` from the top-level directory. - -## Loading and referencing images - -To build a specific image, use `make load-<image>` from the top-level directory. -This will ensure that an image `gvisor.dev/images/<image>:latest` is available. - -Images should always be referred to via the `gvisor.dev/images` canonical path. -This tag exists only locally, but serves to decouple tests from the underlying -image infrastructure. - -The continuous integration system can either take fine-grained dependencies on -single images via individual `load` targets, or pull all images via a single -`load-all-images` invocation. - -## Adding new images - -To add a new image, create a new directory under `images` containing a -Dockerfile and any other files that the image requires. You may choose to add to -an existing subdirectory if applicable, or create a new one. - -All images will be tagged and memoized using a hash of the directory contents. -As a result, every image should be made completely reproducible if possible. -This means using fixed tags and fixed versions whenever feasible. - -Notes that images should also be made architecture-independent if possible. The -build scripts will handling loading the appropriate architecture onto the -machine and tagging it with the single canonical tag. - -Add a `load-<image>` dependency in the Makefile if the image is required for a -particular set of tests. This target will pull the tag from the image repository -if available. - -## Building and pushing images - -All images can be built manually by running `build-<image>` and pushed using -`push-<image>`. Note that you can also use `build-all-images` and -`push-all-images`. Note that pushing will require appropriate permissions in the -project. - -The continuous integration system can either take fine-grained dependencies on -individual `push` targets, or ensure all images are up-to-date with a single -`push-all-images` invocation. diff --git a/images/basic/alpine/Dockerfile b/images/basic/alpine/Dockerfile deleted file mode 100644 index 12b26040a..000000000 --- a/images/basic/alpine/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM alpine:3.11.5 diff --git a/images/basic/busybox/Dockerfile b/images/basic/busybox/Dockerfile deleted file mode 100644 index 79b3f683a..000000000 --- a/images/basic/busybox/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM busybox:1.31.1 diff --git a/images/basic/httpd/Dockerfile b/images/basic/httpd/Dockerfile deleted file mode 100644 index 83bc0ed88..000000000 --- a/images/basic/httpd/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM httpd:2.4.43 diff --git a/images/basic/mysql/Dockerfile b/images/basic/mysql/Dockerfile deleted file mode 100644 index 95da9c48d..000000000 --- a/images/basic/mysql/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM mysql:8.0.19 diff --git a/images/basic/nginx/Dockerfile b/images/basic/nginx/Dockerfile deleted file mode 100644 index af2e62526..000000000 --- a/images/basic/nginx/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM nginx:1.17.9 diff --git a/images/basic/python/Dockerfile b/images/basic/python/Dockerfile deleted file mode 100644 index acf07cca9..000000000 --- a/images/basic/python/Dockerfile +++ /dev/null @@ -1,2 +0,0 @@ -FROM python:3 -ENTRYPOINT ["python", "-m", "http.server", "8080"] diff --git a/images/basic/resolv/Dockerfile b/images/basic/resolv/Dockerfile deleted file mode 100644 index 13665bdaf..000000000 --- a/images/basic/resolv/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM k8s.gcr.io/busybox:latest diff --git a/images/basic/ruby/Dockerfile b/images/basic/ruby/Dockerfile deleted file mode 100644 index d290418fb..000000000 --- a/images/basic/ruby/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM ruby:2.7.1 diff --git a/images/basic/tomcat/Dockerfile b/images/basic/tomcat/Dockerfile deleted file mode 100644 index c7db39a36..000000000 --- a/images/basic/tomcat/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM tomcat:8.0 diff --git a/images/basic/ubuntu/Dockerfile b/images/basic/ubuntu/Dockerfile deleted file mode 100644 index 331b71343..000000000 --- a/images/basic/ubuntu/Dockerfile +++ /dev/null @@ -1 +0,0 @@ -FROM ubuntu:trusty diff --git a/images/default/Dockerfile b/images/default/Dockerfile deleted file mode 100644 index 397082b02..000000000 --- a/images/default/Dockerfile +++ /dev/null @@ -1,16 +0,0 @@ -FROM fedora:31 -# Install bazel. -RUN dnf install -y dnf-plugins-core && dnf copr enable -y vbatts/bazel -RUN dnf install -y git gcc make golang gcc-c++ glibc-devel python3 which python3-pip python3-devel libffi-devel openssl-devel pkg-config glibc-static libstdc++-static patch -RUN pip install pycparser -RUN dnf install -y bazel3 -# Install gcloud. -RUN curl https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-289.0.0-linux-x86_64.tar.gz | \ - tar zxvf - google-cloud-sdk && \ - google-cloud-sdk/install.sh && \ - ln -s /google-cloud-sdk/bin/gcloud /usr/bin/gcloud -# Install Docker client for the website build. -RUN dnf config-manager --add-repo https://download.docker.com/linux/fedora/docker-ce.repo -RUN dnf install -y docker-ce-cli -WORKDIR /workspace -ENTRYPOINT ["/usr/bin/bazel"] diff --git a/images/hostoverlaytest/Dockerfile b/images/hostoverlaytest/Dockerfile deleted file mode 100644 index d83439e9c..000000000 --- a/images/hostoverlaytest/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -FROM ubuntu:bionic - -WORKDIR /root -COPY . . - -RUN apt-get update && apt-get install -y gcc -RUN gcc -O2 -o test test.c diff --git a/images/hostoverlaytest/test.c b/images/hostoverlaytest/test.c deleted file mode 100644 index 088f90746..000000000 --- a/images/hostoverlaytest/test.c +++ /dev/null @@ -1,88 +0,0 @@ -#include <err.h> -#include <fcntl.h> -#include <stdio.h> -#include <string.h> -#include <sys/mman.h> -#include <unistd.h> - -int main(int argc, char** argv) { - const char kTestFilePath[] = "testfile.txt"; - const char kOldFileData[] = "old data\n"; - const char kNewFileData[] = "new data\n"; - const size_t kPageSize = sysconf(_SC_PAGE_SIZE); - - // Open a file that already exists in a host overlayfs lower layer. - const int fd_rdonly = open(kTestFilePath, O_RDONLY); - if (fd_rdonly < 0) { - err(1, "open(%s, O_RDONLY)", kTestFilePath); - } - - // Check that the file's initial contents are what we expect when read via - // syscall. - char oldbuf[sizeof(kOldFileData)] = {}; - ssize_t n = pread(fd_rdonly, oldbuf, sizeof(oldbuf), 0); - if (n < 0) { - err(1, "initial pread"); - } - if (n != strlen(kOldFileData)) { - errx(1, "short initial pread (%ld/%lu bytes)", n, strlen(kOldFileData)); - } - if (strcmp(oldbuf, kOldFileData) != 0) { - errx(1, "initial pread returned wrong data: %s", oldbuf); - } - - // Check that the file's initial contents are what we expect when read via - // memory mapping. - void* page = mmap(NULL, kPageSize, PROT_READ, MAP_SHARED, fd_rdonly, 0); - if (page == MAP_FAILED) { - err(1, "mmap"); - } - if (strcmp(page, kOldFileData) != 0) { - errx(1, "mapping contains wrong initial data: %s", (const char*)page); - } - - // Open the same file writably, causing host overlayfs to copy it up, and - // replace its contents. - const int fd_rdwr = open(kTestFilePath, O_RDWR); - if (fd_rdwr < 0) { - err(1, "open(%s, O_RDWR)", kTestFilePath); - } - n = write(fd_rdwr, kNewFileData, strlen(kNewFileData)); - if (n < 0) { - err(1, "write"); - } - if (n != strlen(kNewFileData)) { - errx(1, "short write (%ld/%lu bytes)", n, strlen(kNewFileData)); - } - if (ftruncate(fd_rdwr, strlen(kNewFileData)) < 0) { - err(1, "truncate"); - } - - int failed = 0; - - // Check that syscalls on the old FD return updated contents. (Before Linux - // 4.18, this requires that runsc use a post-copy-up FD to service the read.) - char newbuf[sizeof(kNewFileData)] = {}; - n = pread(fd_rdonly, newbuf, sizeof(newbuf), 0); - if (n < 0) { - err(1, "final pread"); - } - if (n != strlen(kNewFileData)) { - warnx("short final pread (%ld/%lu bytes)", n, strlen(kNewFileData)); - failed = 1; - } else if (strcmp(newbuf, kNewFileData) != 0) { - warnx("final pread returned wrong data: %s", newbuf); - failed = 1; - } - - // Check that the memory mapping of the old FD has been updated. (Linux - // overlayfs does not do this, so regardless of kernel version this requires - // that runsc replace existing memory mappings with mappings of a - // post-copy-up FD.) - if (strcmp(page, kNewFileData) != 0) { - warnx("mapping contains wrong final data: %s", (const char*)page); - failed = 1; - } - - return failed; -} diff --git a/images/hostoverlaytest/testfile.txt b/images/hostoverlaytest/testfile.txt deleted file mode 100644 index e4188c841..000000000 --- a/images/hostoverlaytest/testfile.txt +++ /dev/null @@ -1 +0,0 @@ -old data diff --git a/images/iptables/Dockerfile b/images/iptables/Dockerfile deleted file mode 100644 index efd91cb80..000000000 --- a/images/iptables/Dockerfile +++ /dev/null @@ -1,2 +0,0 @@ -FROM ubuntu -RUN apt update && apt install -y iptables diff --git a/images/jekyll/Dockerfile b/images/jekyll/Dockerfile deleted file mode 100644 index cefd949a6..000000000 --- a/images/jekyll/Dockerfile +++ /dev/null @@ -1,12 +0,0 @@ -FROM jekyll/jekyll:4.0.0 -USER root -RUN gem install \ - html-proofer:3.10.2 \ - nokogiri:1.10.1 \ - jekyll-autoprefixer:1.0.2 \ - jekyll-inline-svg:1.1.4 \ - jekyll-paginate:1.1.0 \ - kramdown-parser-gfm:1.1.0 \ - jekyll-relative-links:0.6.1 \ - jekyll-feed:0.13.0 -CMD ["/usr/gem/gems/jekyll-4.0.0/exe/jekyll", "build", "-t", "-s", "/input", "-d", "/output"] diff --git a/images/packetdrill/Dockerfile b/images/packetdrill/Dockerfile deleted file mode 100644 index 7a006c85f..000000000 --- a/images/packetdrill/Dockerfile +++ /dev/null @@ -1,8 +0,0 @@ -FROM ubuntu:bionic -RUN apt-get update && apt-get install -y net-tools git iptables iputils-ping \ - netcat tcpdump jq tar bison flex make -RUN hash -r -RUN git clone --branch packetdrill-v2.0 \ - https://github.com/google/packetdrill.git -RUN cd packetdrill/gtests/net/packetdrill && ./configure && make -CMD /bin/bash diff --git a/images/packetimpact/Dockerfile b/images/packetimpact/Dockerfile deleted file mode 100644 index 87aa99ef2..000000000 --- a/images/packetimpact/Dockerfile +++ /dev/null @@ -1,16 +0,0 @@ -FROM ubuntu:bionic -RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \ - # iptables to disable OS native packet processing. - iptables \ - # nc to check that the posix_server is running. - netcat \ - # tcpdump to log brief packet sniffing. - tcpdump \ - # ip link show to display MAC addresses. - iproute2 \ - # tshark to log verbose packet sniffing. - tshark \ - # killall for cleanup. - psmisc -RUN hash -r -CMD /bin/bash diff --git a/images/runtimes/go1.12/Dockerfile b/images/runtimes/go1.12/Dockerfile deleted file mode 100644 index cb2944062..000000000 --- a/images/runtimes/go1.12/Dockerfile +++ /dev/null @@ -1,4 +0,0 @@ -# Go is easy, since we already have everything we need to compile the proctor -# binary and run the tests in the golang Docker image. -FROM golang:1.12 -RUN ["go", "tool", "dist", "test", "-compile-only"] diff --git a/images/runtimes/java11/Dockerfile b/images/runtimes/java11/Dockerfile deleted file mode 100644 index 03bc8aaf1..000000000 --- a/images/runtimes/java11/Dockerfile +++ /dev/null @@ -1,22 +0,0 @@ -FROM ubuntu:bionic -RUN apt-get update && apt-get install -y \ - autoconf \ - build-essential \ - curl \ - make \ - openjdk-11-jdk \ - unzip \ - zip - -# Download the JDK test library. -WORKDIR /root -RUN set -ex \ - && curl -fsSL --retry 10 -o /tmp/jdktests.tar.gz http://hg.openjdk.java.net/jdk/jdk11/archive/76072a077ee1.tar.gz/test \ - && tar -xzf /tmp/jdktests.tar.gz \ - && mv jdk11-76072a077ee1/test test \ - && rm -f /tmp/jdktests.tar.gz - -# Install jtreg and add to PATH. -RUN curl -o jtreg.tar.gz https://ci.adoptopenjdk.net/view/Dependencies/job/jtreg/lastSuccessfulBuild/artifact/jtreg-4.2.0-tip.tar.gz -RUN tar -xzf jtreg.tar.gz -ENV PATH="/root/jtreg/bin:$PATH" diff --git a/images/runtimes/nodejs12.4.0/Dockerfile b/images/runtimes/nodejs12.4.0/Dockerfile deleted file mode 100644 index d17924b62..000000000 --- a/images/runtimes/nodejs12.4.0/Dockerfile +++ /dev/null @@ -1,21 +0,0 @@ -FROM ubuntu:bionic -RUN apt-get update && apt-get install -y \ - curl \ - dumb-init \ - g++ \ - make \ - python - -WORKDIR /root -ARG VERSION=v12.4.0 -RUN curl -o node-${VERSION}.tar.gz https://nodejs.org/dist/${VERSION}/node-${VERSION}.tar.gz -RUN tar -zxf node-${VERSION}.tar.gz - -WORKDIR /root/node-${VERSION} -RUN ./configure -RUN make -RUN make test-build - -# Including dumb-init emulates the Linux "init" process, preventing the failure -# of tests involving worker processes. -ENTRYPOINT ["/usr/bin/dumb-init"] diff --git a/images/runtimes/php7.3.6/Dockerfile b/images/runtimes/php7.3.6/Dockerfile deleted file mode 100644 index e5f67f79c..000000000 --- a/images/runtimes/php7.3.6/Dockerfile +++ /dev/null @@ -1,19 +0,0 @@ -FROM ubuntu:bionic -RUN apt-get update && apt-get install -y \ - autoconf \ - automake \ - bison \ - build-essential \ - curl \ - libtool \ - libxml2-dev \ - re2c - -WORKDIR /root -ARG VERSION=7.3.6 -RUN curl -o php-${VERSION}.tar.gz https://www.php.net/distributions/php-${VERSION}.tar.gz -RUN tar -zxf php-${VERSION}.tar.gz - -WORKDIR /root/php-${VERSION} -RUN ./configure -RUN make diff --git a/images/runtimes/python3.7.3/Dockerfile b/images/runtimes/python3.7.3/Dockerfile deleted file mode 100644 index 4d1e1e221..000000000 --- a/images/runtimes/python3.7.3/Dockerfile +++ /dev/null @@ -1,21 +0,0 @@ -FROM ubuntu:bionic -RUN apt-get update && apt-get install -y \ - curl \ - gcc \ - libbz2-dev \ - libffi-dev \ - liblzma-dev \ - libreadline-dev \ - libssl-dev \ - make \ - zlib1g-dev - -# Use flags -LJO to follow the html redirect and download .tar.gz. -WORKDIR /root -ARG VERSION=3.7.3 -RUN curl -LJO https://github.com/python/cpython/archive/v${VERSION}.tar.gz -RUN tar -zxf cpython-${VERSION}.tar.gz - -WORKDIR /root/cpython-${VERSION} -RUN ./configure --with-pydebug -RUN make -s -j2 |