summaryrefslogtreecommitdiffhomepage
path: root/runsc
diff options
context:
space:
mode:
Diffstat (limited to 'runsc')
-rw-r--r--runsc/boot/fs.go13
-rw-r--r--runsc/boot/loader.go1
-rw-r--r--runsc/test/runtimes/BUILD27
-rw-r--r--runsc/test/runtimes/README.md40
-rw-r--r--runsc/test/runtimes/go/BUILD8
-rw-r--r--runsc/test/runtimes/go/Dockerfile31
-rw-r--r--runsc/test/runtimes/go/proctor-go.go (renamed from runsc/test/runtimes/proctor-go.go)0
-rw-r--r--runsc/test/runtimes/java/BUILD8
-rw-r--r--runsc/test/runtimes/java/Dockerfile52
-rw-r--r--runsc/test/runtimes/java/proctor-java.go (renamed from runsc/test/runtimes/proctor-java.go)0
-rw-r--r--runsc/test/runtimes/nodejs/BUILD8
-rw-r--r--runsc/test/runtimes/nodejs/Dockerfile29
-rw-r--r--runsc/test/runtimes/nodejs/proctor-nodejs.go (renamed from runsc/test/runtimes/proctor-nodejs.go)0
-rw-r--r--runsc/test/runtimes/php/BUILD8
-rw-r--r--runsc/test/runtimes/php/Dockerfile29
-rw-r--r--runsc/test/runtimes/php/proctor-php.go (renamed from runsc/test/runtimes/proctor-php.go)0
-rw-r--r--runsc/test/runtimes/python/BUILD8
-rw-r--r--runsc/test/runtimes/python/Dockerfile31
-rw-r--r--runsc/test/runtimes/python/proctor-python.go (renamed from runsc/test/runtimes/proctor-python.go)0
19 files changed, 267 insertions, 26 deletions
diff --git a/runsc/boot/fs.go b/runsc/boot/fs.go
index 4bff0d034..7e95e1f41 100644
--- a/runsc/boot/fs.go
+++ b/runsc/boot/fs.go
@@ -81,6 +81,19 @@ func addOverlay(ctx context.Context, conf *Config, lower *fs.Inode, name string,
if err != nil {
return nil, fmt.Errorf("creating tmpfs overlay: %v", err)
}
+
+ // Replicate permissions and owner from lower to upper mount point.
+ attr, err := lower.UnstableAttr(ctx)
+ if err != nil {
+ return nil, fmt.Errorf("reading attributes from lower mount point: %v", err)
+ }
+ if !upper.InodeOperations.SetPermissions(ctx, upper, attr.Perms) {
+ return nil, fmt.Errorf("error setting permission to upper mount point")
+ }
+ if err := upper.InodeOperations.SetOwner(ctx, upper, attr.Owner); err != nil {
+ return nil, fmt.Errorf("setting owner to upper mount point: %v", err)
+ }
+
return fs.NewOverlayRoot(ctx, upper, lower, upperFlags)
}
diff --git a/runsc/boot/loader.go b/runsc/boot/loader.go
index b91553c4c..50cac0433 100644
--- a/runsc/boot/loader.go
+++ b/runsc/boot/loader.go
@@ -281,6 +281,7 @@ func New(args Args) (*Loader, error) {
RootUTSNamespace: kernel.NewUTSNamespace(args.Spec.Hostname, args.Spec.Hostname, creds.UserNamespace),
RootIPCNamespace: kernel.NewIPCNamespace(creds.UserNamespace),
RootAbstractSocketNamespace: kernel.NewAbstractSocketNamespace(),
+ PIDNamespace: kernel.NewRootPIDNamespace(creds.UserNamespace),
}); err != nil {
return nil, fmt.Errorf("initializing kernel: %v", err)
}
diff --git a/runsc/test/runtimes/BUILD b/runsc/test/runtimes/BUILD
index 36d0a761e..ea87029dd 100644
--- a/runsc/test/runtimes/BUILD
+++ b/runsc/test/runtimes/BUILD
@@ -1,6 +1,6 @@
# These packages are used to run language runtime tests inside gVisor sandboxes.
-load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
load("//runsc/test:build_defs.bzl", "runtime_test")
package(licenses = ["notice"])
@@ -23,28 +23,3 @@ runtime_test(
],
deps = ["//runsc/test/testutil"],
)
-
-go_binary(
- name = "proctor-go",
- srcs = ["proctor-go.go"],
-)
-
-go_binary(
- name = "proctor-java",
- srcs = ["proctor-java.go"],
-)
-
-go_binary(
- name = "proctor-nodejs",
- srcs = ["proctor-nodejs.go"],
-)
-
-go_binary(
- name = "proctor-php",
- srcs = ["proctor-php.go"],
-)
-
-go_binary(
- name = "proctor-python",
- srcs = ["proctor-python.go"],
-)
diff --git a/runsc/test/runtimes/README.md b/runsc/test/runtimes/README.md
new file mode 100644
index 000000000..4e5a950bc
--- /dev/null
+++ b/runsc/test/runtimes/README.md
@@ -0,0 +1,40 @@
+# Runtimes Tests Dockerfiles
+
+The Dockerfiles defined under this path are configured to host the execution of
+the runtimes language tests. Each Dockerfile can support the language indicated
+by its directory.
+
+The following runtimes are currently supported:
+
+- Go 1.12
+- Java 11
+- Node.js 12
+- PHP 7.3
+- Python 3.7
+
+#### Prerequisites:
+
+1) [Install and configure Docker](https://docs.docker.com/install/)
+
+2) Build each Docker container:
+
+```bash
+$ docker build -f $LANG/Dockerfile [-t $NAME] .
+```
+
+### Testing:
+
+If the prerequisites have been fulfilled, you can run the tests with the
+following command:
+
+```bash
+$ docker run --rm -it $NAME [FLAG]
+```
+
+Running the command with no flags will cause all the available tests to execute.
+
+Flags can be added for additional functionality:
+
+- --list: Print a list of all available tests
+- --test <name>: Run a single test from the list of available tests
+- --v: Print the language version
diff --git a/runsc/test/runtimes/go/BUILD b/runsc/test/runtimes/go/BUILD
new file mode 100644
index 000000000..c34f49ea6
--- /dev/null
+++ b/runsc/test/runtimes/go/BUILD
@@ -0,0 +1,8 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_binary")
+
+package(licenses = ["notice"])
+
+go_binary(
+ name = "proctor-go",
+ srcs = ["proctor-go.go"],
+)
diff --git a/runsc/test/runtimes/go/Dockerfile b/runsc/test/runtimes/go/Dockerfile
new file mode 100644
index 000000000..cd55608cd
--- /dev/null
+++ b/runsc/test/runtimes/go/Dockerfile
@@ -0,0 +1,31 @@
+FROM ubuntu:bionic
+ENV LANG_VER=1.12.5
+ENV LANG_NAME=Go
+
+RUN apt-get update && apt-get install -y \
+ curl \
+ gcc \
+ git
+
+WORKDIR /root
+
+# Download Go 1.4 to use as a bootstrap for building Go from the source.
+RUN curl -o go1.4.linux-amd64.tar.gz https://dl.google.com/go/go1.4.linux-amd64.tar.gz
+RUN curl -LJO https://github.com/golang/go/archive/go${LANG_VER}.tar.gz
+RUN mkdir bootstr
+RUN tar -C bootstr -xzf go1.4.linux-amd64.tar.gz
+RUN tar -xzf go-go${LANG_VER}.tar.gz
+RUN mv go-go${LANG_VER} go
+
+ENV GOROOT=/root/go
+ENV GOROOT_BOOTSTRAP=/root/bootstr/go
+ENV LANG_DIR=${GOROOT}
+
+WORKDIR ${LANG_DIR}/src
+RUN ./make.bash
+
+WORKDIR ${LANG_DIR}
+
+COPY proctor-go.go ${LANG_DIR}
+
+ENTRYPOINT ["/root/go/bin/go", "run", "proctor-go.go"]
diff --git a/runsc/test/runtimes/proctor-go.go b/runsc/test/runtimes/go/proctor-go.go
index c5387e21d..c5387e21d 100644
--- a/runsc/test/runtimes/proctor-go.go
+++ b/runsc/test/runtimes/go/proctor-go.go
diff --git a/runsc/test/runtimes/java/BUILD b/runsc/test/runtimes/java/BUILD
new file mode 100644
index 000000000..7e2808ece
--- /dev/null
+++ b/runsc/test/runtimes/java/BUILD
@@ -0,0 +1,8 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_binary")
+
+package(licenses = ["notice"])
+
+go_binary(
+ name = "proctor-java",
+ srcs = ["proctor-java.go"],
+)
diff --git a/runsc/test/runtimes/java/Dockerfile b/runsc/test/runtimes/java/Dockerfile
new file mode 100644
index 000000000..e162d7218
--- /dev/null
+++ b/runsc/test/runtimes/java/Dockerfile
@@ -0,0 +1,52 @@
+FROM ubuntu:bionic
+# This hash is associated with a specific JDK release and needed for ensuring
+# the same version is downloaded every time.
+ENV LANG_HASH=af47e0398606
+ENV LANG_VER=11u-dev
+ENV LANG_NAME=Java
+
+RUN apt-get update && apt-get install -y \
+ autoconf \
+ build-essential \
+ curl\
+ file \
+ libasound2-dev \
+ libcups2-dev \
+ libfontconfig1-dev \
+ libx11-dev \
+ libxext-dev \
+ libxrandr-dev \
+ libxrender-dev \
+ libxt-dev \
+ libxtst-dev \
+ make \
+ unzip \
+ zip
+
+WORKDIR /root
+RUN curl -o go.tar.gz https://dl.google.com/go/go1.12.6.linux-amd64.tar.gz
+RUN tar -zxf go.tar.gz
+
+# Use curl instead of ADD to prevent redownload every time.
+RUN curl -o jdk.tar.gz http://hg.openjdk.java.net/jdk-updates/jdk${LANG_VER}/archive/${LANG_HASH}.tar.gz
+# Download Java version N-1 to be used as the Boot JDK to build Java version N.
+RUN curl -o bootjdk.tar.gz https://download.java.net/openjdk/jdk10/ri/openjdk-10+44_linux-x64_bin_ri.tar.gz
+
+RUN tar -zxf jdk.tar.gz
+RUN tar -zxf bootjdk.tar.gz
+
+# Specify the JDK to be used by jtreg.
+ENV JT_JAVA=/root/jdk${LANG_VER}-${LANG_HASH}/build/linux-x86_64-normal-server-release/jdk
+ENV LANG_DIR=/root/jdk${LANG_VER}-${LANG_HASH}
+
+WORKDIR ${LANG_DIR}
+
+RUN curl -o jtreg.tar.gz https://ci.adoptopenjdk.net/view/Dependencies/job/jtreg/lastSuccessfulBuild/artifact/jtreg-4.2.0-tip.tar.gz
+RUN tar -xzf jtreg.tar.gz
+RUN bash configure --with-boot-jdk=/root/jdk-10 --with-jtreg=${LANG_DIR}/jtreg
+RUN make clean
+RUN make images
+
+COPY proctor-java.go ${LANG_DIR}
+
+ENTRYPOINT ["/root/go/bin/go", "run", "proctor-java.go"]
diff --git a/runsc/test/runtimes/proctor-java.go b/runsc/test/runtimes/java/proctor-java.go
index 0177f421d..0177f421d 100644
--- a/runsc/test/runtimes/proctor-java.go
+++ b/runsc/test/runtimes/java/proctor-java.go
diff --git a/runsc/test/runtimes/nodejs/BUILD b/runsc/test/runtimes/nodejs/BUILD
new file mode 100644
index 000000000..0fe5ff83e
--- /dev/null
+++ b/runsc/test/runtimes/nodejs/BUILD
@@ -0,0 +1,8 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_binary")
+
+package(licenses = ["notice"])
+
+go_binary(
+ name = "proctor-nodejs",
+ srcs = ["proctor-nodejs.go"],
+)
diff --git a/runsc/test/runtimes/nodejs/Dockerfile b/runsc/test/runtimes/nodejs/Dockerfile
new file mode 100644
index 000000000..b2416cce8
--- /dev/null
+++ b/runsc/test/runtimes/nodejs/Dockerfile
@@ -0,0 +1,29 @@
+FROM ubuntu:bionic
+ENV LANG_VER=12.4.0
+ENV LANG_NAME=Node
+
+RUN apt-get update && apt-get install -y \
+ curl \
+ dumb-init \
+ g++ \
+ make \
+ python
+
+WORKDIR /root
+RUN curl -o go.tar.gz https://dl.google.com/go/go1.12.6.linux-amd64.tar.gz
+RUN tar -zxf go.tar.gz
+
+RUN curl -o node-v${LANG_VER}.tar.gz https://nodejs.org/dist/v${LANG_VER}/node-v${LANG_VER}.tar.gz
+RUN tar -zxf node-v${LANG_VER}.tar.gz
+ENV LANG_DIR=/root/node-v${LANG_VER}
+
+WORKDIR ${LANG_DIR}
+RUN ./configure
+RUN make
+RUN make test-build
+
+COPY proctor-nodejs.go ${LANG_DIR}
+
+# Including dumb-init emulates the Linux "init" process, preventing the failure
+# of tests involving worker processes.
+ENTRYPOINT ["/usr/bin/dumb-init", "/root/go/bin/go", "run", "proctor-nodejs.go"]
diff --git a/runsc/test/runtimes/proctor-nodejs.go b/runsc/test/runtimes/nodejs/proctor-nodejs.go
index 8ddfb67fe..8ddfb67fe 100644
--- a/runsc/test/runtimes/proctor-nodejs.go
+++ b/runsc/test/runtimes/nodejs/proctor-nodejs.go
diff --git a/runsc/test/runtimes/php/BUILD b/runsc/test/runtimes/php/BUILD
new file mode 100644
index 000000000..22aef7ba4
--- /dev/null
+++ b/runsc/test/runtimes/php/BUILD
@@ -0,0 +1,8 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_binary")
+
+package(licenses = ["notice"])
+
+go_binary(
+ name = "proctor-php",
+ srcs = ["proctor-php.go"],
+)
diff --git a/runsc/test/runtimes/php/Dockerfile b/runsc/test/runtimes/php/Dockerfile
new file mode 100644
index 000000000..1f8959b50
--- /dev/null
+++ b/runsc/test/runtimes/php/Dockerfile
@@ -0,0 +1,29 @@
+FROM ubuntu:bionic
+ENV LANG_VER=7.3.6
+ENV LANG_NAME=PHP
+
+RUN apt-get update && apt-get install -y \
+ autoconf \
+ automake \
+ bison \
+ build-essential \
+ curl \
+ libtool \
+ libxml2-dev \
+ re2c
+
+WORKDIR /root
+RUN curl -o go.tar.gz https://dl.google.com/go/go1.12.6.linux-amd64.tar.gz
+RUN tar -zxf go.tar.gz
+
+RUN curl -o php-${LANG_VER}.tar.gz https://www.php.net/distributions/php-${LANG_VER}.tar.gz
+RUN tar -zxf php-${LANG_VER}.tar.gz
+ENV LANG_DIR=/root/php-${LANG_VER}
+
+WORKDIR ${LANG_DIR}
+RUN ./configure
+RUN make
+
+COPY proctor-php.go ${LANG_DIR}
+
+ENTRYPOINT ["/root/go/bin/go", "run", "proctor-php.go"]
diff --git a/runsc/test/runtimes/proctor-php.go b/runsc/test/runtimes/php/proctor-php.go
index 9dfb33b04..9dfb33b04 100644
--- a/runsc/test/runtimes/proctor-php.go
+++ b/runsc/test/runtimes/php/proctor-php.go
diff --git a/runsc/test/runtimes/python/BUILD b/runsc/test/runtimes/python/BUILD
new file mode 100644
index 000000000..501f77d63
--- /dev/null
+++ b/runsc/test/runtimes/python/BUILD
@@ -0,0 +1,8 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_binary")
+
+package(licenses = ["notice"])
+
+go_binary(
+ name = "proctor-python",
+ srcs = ["proctor-python.go"],
+)
diff --git a/runsc/test/runtimes/python/Dockerfile b/runsc/test/runtimes/python/Dockerfile
new file mode 100644
index 000000000..811f48f8a
--- /dev/null
+++ b/runsc/test/runtimes/python/Dockerfile
@@ -0,0 +1,31 @@
+FROM ubuntu:bionic
+ENV LANG_VER=3.7.3
+ENV LANG_NAME=Python
+
+RUN apt-get update && apt-get install -y \
+ curl \
+ gcc \
+ libbz2-dev \
+ libffi-dev \
+ liblzma-dev \
+ libreadline-dev \
+ libssl-dev \
+ make \
+ zlib1g-dev
+
+WORKDIR /root
+RUN curl -o go.tar.gz https://dl.google.com/go/go1.12.6.linux-amd64.tar.gz
+RUN tar -zxf go.tar.gz
+
+# Use flags -LJO to follow the html redirect and download .tar.gz.
+RUN curl -LJO https://github.com/python/cpython/archive/v${LANG_VER}.tar.gz
+RUN tar -zxf cpython-${LANG_VER}.tar.gz
+ENV LANG_DIR=/root/cpython-${LANG_VER}
+
+WORKDIR ${LANG_DIR}
+RUN ./configure --with-pydebug
+RUN make -s -j2
+
+COPY proctor-python.go ${LANG_DIR}
+
+ENTRYPOINT ["/root/go/bin/go", "run", "proctor-python.go"]
diff --git a/runsc/test/runtimes/proctor-python.go b/runsc/test/runtimes/python/proctor-python.go
index 73c8deb49..73c8deb49 100644
--- a/runsc/test/runtimes/proctor-python.go
+++ b/runsc/test/runtimes/python/proctor-python.go