summaryrefslogtreecommitdiffhomepage
path: root/tools
AgeCommit message (Collapse)Author
2020-07-23Marshallable socket opitons.Ayush Ranjan
Socket option values are now required to implement marshal.Marshallable. Co-authored-by: Rahat Mahmood <rahat@google.com> PiperOrigin-RevId: 322831612
2020-07-23Internal changeMichael Pratt
PiperOrigin-RevId: 322788791
2020-07-23Fix kokoro presubmits!Ayush Ranjan
Fixed the following error: tools/bazel.mk:119: *** Destination not provided.. Stop. The issue was that we were running all make commands in a subshell so variables like $T were not passed on. The other issue was related to credentials. The test passed locally but not on kokoro, the only difference in the workflow was the credentials bit. Also fixed up some other tiny issues I came across, were not blockers. PiperOrigin-RevId: 322782457
2020-07-20Add standard entrypoints for test targets.Adin Scannell
PiperOrigin-RevId: 322265513
2020-07-17Clean up html on the website.Ian Lewis
- Fixes some html validation issues. - Fixes links on security basics blog post. - Adds rel=noopener to links with target=_blank and adds a check to htmlproofer. - Add favicon check to htmlproofer. Fixes #3286 Fixes #3284 PiperOrigin-RevId: 321892602
2020-07-15Fix errors not getting caught when building vm image.Ting-Yu Wang
`set -e` does not catch errors in bash command substituions like `echo $(bad cmd)` so bazel thinks it succeeded and cached the result. PiperOrigin-RevId: 321412327
2020-07-14remove IPv6 dockerKevin Krakauer
Will re-submit when ICMP dest unreachable is handled correctly and it can be turned back on. PiperOrigin-RevId: 321227330
2020-07-13Enable experimental features in docker.Ting-Yu Wang
PiperOrigin-RevId: 321062975
2020-07-13Merge pull request #2672 from amscanne:shim-integratedgVisor bot
PiperOrigin-RevId: 321053634
2020-07-13iptables: remove useless ip6tables VM rulesKevin Krakauer
This rule isn't restored when the Kokoro VM is restarted, so it's not doing anything. And the problem it was meant to solved is instead addressed by https://github.com/google/gvisor/pull/3207. PiperOrigin-RevId: 321026846
2020-07-13Automated rollback of changelist 320972241Adin Scannell
PiperOrigin-RevId: 320999851
2020-07-13Use host networking for build container.Adin Scannell
This will allow the use of default credentials. PiperOrigin-RevId: 320972241
2020-07-09Update shim to build using bazel.Adin Scannell
The go.mod dependency tree for the shim was somehow contradictory. After resolving these issues (e.g. explicitly imported k8s 1.14, pulling a specific dbus version), and adding all dependencies, the shim can now be build as part of the regular bazel tree. As part of this process, minor cleanup was done in all the source files: headers were standardized (and include "The gVisor Authors" in addition to the "The containerd Authors" if originally derived from containerd sources), and comments were cleaned up to meet coding standards. This change makes the containerd installation dynamic, so that multiple versions can be tested, and drops the static installer for the VM image itself. This change also updates test/root/crictl_test.go and related utilities, so that the containerd tests can be run on any version (and in cases where it applies, they can be run on both v1 and v2 as parameterized tests).
2020-07-09Allow arbitrary Go commands for go_mod.sh.Adin Scannell
2020-06-26Enable docker IPv6 in kokoroKevin Krakauer
We need docker IPv6 for ip6tables tests. Docker has spotty IPv6 support, so just enabling IPv6 in daemon.json breaks the Ruby image test (AFAICT it breaks anything that tries to use IPv6 to reach the internet). An ip6tables NAT rule is added to handle this. We could make these changes as part of scripts/, but these would overwrite global values and possibly break users' systems. PiperOrigin-RevId: 318508209
2020-06-23Support for saving pointers to fields in the state package.Adin Scannell
Previously, it was not possible to encode/decode an object graph which contained a pointer to a field within another type. This was because the encoder was previously unable to disambiguate a pointer to an object and a pointer within the object. This CL remedies this by constructing an address map tracking the full memory range object occupy. The encoded Refvalue message has been extended to allow references to children objects within another object. Because the encoding process may learn about object structure over time, we cannot encode any objects under the entire graph has been generated. This CL also updates the state package to use standard interfaces intead of reflection-based dispatch in order to improve performance overall. This includes a custom wire protocol to significantly reduce the number of allocations and take advantage of structure packing. As part of these changes, there are a small number of minor changes in other places of the code base: * The lists used during encoding are changed to use intrusive lists with the objectEncodeState directly, which required that the ilist Len() method is updated to work properly with the ElementMapper mechanism. * A bug is fixed in the list code wherein Remove() called on an element that is already removed can corrupt the list (removing the element if there's only a single element). Now the behavior is correct. * Standard error wrapping is introduced. * Compressio was updated to implement the new wire.Reader and wire.Writer inteface methods directly. The lack of a ReadByte and WriteByte caused issues not due to interface dispatch, but because underlying slices for a Read or Write call through an interface would always escape to the heap! * Statify has been updated to support the new APIs. See README.md for a description of how the new mechanism works. PiperOrigin-RevId: 318010298
2020-06-18Remove various uses of 'whitelist'Michael Pratt
Updates #2972 PiperOrigin-RevId: 317113059
2020-06-17Remove various uses of 'blacklist'Michael Pratt
Updates #2972 PiperOrigin-RevId: 316942245
2020-06-11Enable nogo againFabricio Voznika
PiperOrigin-RevId: 316011323
2020-06-11Add nogo TODO.Michael Pratt
PiperOrigin-RevId: 315911025
2020-06-08Merge pull request #1875 from zhiqiangxu:fix_scope_addgVisor bot
PiperOrigin-RevId: 315341669
2020-06-02make: Allow to specify bazel startup options.Andrei Vagin
And don't parse binary paths for the build target. Signed-off-by: Andrei Vagin <avagin@gmail.com>
2020-06-01Move to make for tag release workflow.Adin Scannell
This will make tag & release workflows idempotent. PiperOrigin-RevId: 314154888
2020-05-29Fix the APT repository structure.Adin Scannell
This change fixes the apt repository structure to avoid emiting warnings on Ubuntu 18.04 (and potentially other versions). This requires a slight refactor of the repository generation scripts, since we can no longer copy the same release files for different "suites". This should avoid the warning by setting the suite to the distribution: https://github.com/Debian/apt/blob/master/apt-pkg/metaindex.cc#L75 This change also moves over to the standardized Makefile entrypoint, which makes settings clearer and enables local testing. PiperOrigin-RevId: 313817017
2020-05-28Merge pull request #2771 from amscanne:fix_buildgVisor bot
PiperOrigin-RevId: 313652557
2020-05-27Merge pull request #2748 from amscanne:go_branchgVisor bot
PiperOrigin-RevId: 313404235
2020-05-25Ensure docker group exists in the container.Adin Scannell
The --groups command will fail if the group is not defined in /etc/groups, even though it is specified by GID. By coincidence, the group happens to be there for many installations of Ubuntu 18.04 (which uses 999 for the Docker group), but it is strangely absent in others (which use 130). Fixes #2765
2020-05-20Normalize permissions in the go branch.Adin Scannell
Fixes #2722
2020-05-20Implement gap tracking in the segment set.Reapor-Yurnero
This change was derived from a change by: Reapor-Yurnero <reapor.yurnero@gmail.com> And has been modified by: Adin Scannell <ascannell@google.com> (The original change author is preserved for the commit.) This change implements gap tracking in the segment set by adding additional information in each node, and using that information to speed up gap finding from a linear scan to a O(log(n)) walk of the tree. This gap tracking is optional, and will default to off except for segment instances that set gapTracking equal to 1 in their const lists. PiperOrigin-RevId: 312621607
2020-05-20Automated rollback of changelist 312522097Nicolas Lacasse
PiperOrigin-RevId: 312529859
2020-05-20Upgrade to Bazel 3.1.0.Nicolas Lacasse
This upgrades the Kokoro images, bazel toolchains used by RBE runners, and rules_go, gazelle, and go toolchain versions. PiperOrigin-RevId: 312522097
2020-05-18Implement Go branch updater with GitHub actions.Adin Scannell
PiperOrigin-RevId: 312155686
2020-05-15Update vm scripts to handle existing kbuilder user.Adin Scannell
PiperOrigin-RevId: 311751972
2020-05-14Update Kokoro images to include newer gcloud.Adin Scannell
PiperOrigin-RevId: 311658774
2020-05-14Run issue_reviver via GitHub.Adin Scannell
PiperOrigin-RevId: 311600872
2020-05-12Merge pull request #2513 from amscanne:website-integratedgVisor bot
PiperOrigin-RevId: 311184385
2020-05-07make: exit with non-zero code if "bazel build" failedAndrei Vagin
Without this fix, make exits with zero code when bazel build failed: $ make run TARGETS="--abra --kadabra" ERROR: Unrecognized option: --abra $ echo $? 0 Signed-off-by: Andrei Vagin <avagin@gmail.com>
2020-05-07make: bazel docker container should clean itself up.Adin Scannell
This change two does things: 1) Name the container based on the canonical directory path. 2) Allow the container to exit after bazel itself has exited. The first is necessary to support multiple working directories, while the second one allows these instances to clean up properly. PiperOrigin-RevId: 310460748
2020-05-07Fix tags used for determining file sets.Adin Scannell
Updates #2569 Updates #2298 PiperOrigin-RevId: 310423629
2020-05-06Adapt website to use g3doc sources and bazel.Adin Scannell
This adapts the merged website repository to use the image and bazel build framework. It explicitly avoids the container_image rules provided by bazel, opting instead to build with direct docker commands when necessary. The relevant build commands are incorporated into the top-level Makefile.
2020-05-04Internal change.gVisor bot
PiperOrigin-RevId: 309801320
2020-04-30Allow to run kvm syscall tests on the RBE clusterAndrei Vagin
PiperOrigin-RevId: 309265978
2020-04-30make_repository.sh has to print only the repo path on stdoutAndrei Vagin
PiperOrigin-RevId: 309176385
2020-04-28Use existing bazeldefs with top-level BUILD file.Adin Scannell
PiperOrigin-RevId: 308901116
2020-04-24Standardize all Docker images.Adin Scannell
This change moves all Docker images to a standard location, and abstracts the build process so that they can be maintained in an automated fashion. This also allows the images to be architecture-independent. All images will now be referred to by the test framework via the canonical `gvisor.dev/images/<name>`, where `<name>` is a function of the path within the source tree. In a subsequent change, continuous integration will be added so that the images will always be correct and available locally. In the end, using `bazel` for Docker containers is simply not possible. Given that we already have the need to use `make` with the base container (for Docker), we extend this approach to get more flexibility. This change also adds a self-documenting and powerful Makefile that is intended to replace the collection of scripts in scripts. Canonical (self-documenting) targets can be added here for targets that understand which images need to be loaded and/or built. PiperOrigin-RevId: 308322438
2020-04-23Simplify Docker test infrastructure.Adin Scannell
This change adds a layer of abstraction around the internal Docker APIs, and eliminates all direct dependencies on Dockerfiles in the infrastructure. A subsequent change will automated the generation of local images (with efficient caching). Note that this change drops the use of bazel container rules, as that experiment does not seem to be viable. PiperOrigin-RevId: 308095430
2020-04-23Disable nogo because it breaks Go 1.13Fabricio Voznika
Even though the default build option is to use 1.14, we want to be want to keep the ability to target different Go versions for testing and in case the new release has bugs. PiperOrigin-RevId: 308078876
2020-04-22Specify a memory file in platform.New().Andrei Vagin
PiperOrigin-RevId: 307941984
2020-04-20Add internal nogo analysis & checkescape tool.Adin Scannell
See tools/nogo/README.md. The checkescape tool is able to perform recursive escape analysis, using the actual generated binary to confirm the results produced by the compiler itself. As an initial use case, this replaces the manual escape analysis tests used for go_marshal, and validates that the CopyIn and CopyOut paths will not require any allocation or stack splits. Updates #2243 PiperOrigin-RevId: 307532986
2020-04-20Add a functional vm_test for root_test.Adin Scannell
This change renames the tools/images directory to tools/vm for clarity, and adds a functional vm_test. Sharding is also added to the same test, and some documentation added around key flags & variables to describe how they work. Subsequent changes will add vm_tests for other cases, such as the runtime tests. PiperOrigin-RevId: 307492245