From 508e25b6d6e9a81edb6ddf8738450b79898b446a Mon Sep 17 00:00:00 2001 From: Adin Scannell Date: Mon, 27 Apr 2020 22:24:58 -0700 Subject: Adapt website to use g3doc sources and bazel. This adapts the merged website repository to use the image and bazel build framework. It explicitly avoids the container_image rules provided by bazel, opting instead to build with direct docker commands when necessary. The relevant build commands are incorporated into the top-level Makefile. --- images/jekyll/Dockerfile | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 images/jekyll/Dockerfile (limited to 'images/jekyll') diff --git a/images/jekyll/Dockerfile b/images/jekyll/Dockerfile new file mode 100644 index 000000000..d0ec7f933 --- /dev/null +++ b/images/jekyll/Dockerfile @@ -0,0 +1,11 @@ +FROM jekyll/jekyll:4.0.0 +USER root +RUN gem install \ + html-proofer:3.10.2 \ + nokogiri:1.10.1 \ + jekyll-autoprefixer:1.0.2 \ + jekyll-inline-svg:1.1.4 \ + jekyll-paginate:1.1.0 \ + kramdown-parser-gfm:1.1.0 \ + jekyll-relative-links:0.6.1 +CMD ["/usr/gem/gems/jekyll-4.0.0/exe/jekyll", "build", "-t", "-s", "/input", "-d", "/output"] -- cgit v1.2.3 From a10d5ed9691d341c60dc8590d19302332120d365 Mon Sep 17 00:00:00 2001 From: Adin Scannell Date: Wed, 29 Apr 2020 18:00:21 -0700 Subject: Add atom feed (at previous URL). --- images/jekyll/Dockerfile | 3 ++- website/_config.yml | 3 +++ website/_layouts/blog.html | 5 ++++- website/_sass/front.scss | 8 -------- website/_sass/style.scss | 8 +++++++- website/blog/index.html | 1 + 6 files changed, 17 insertions(+), 11 deletions(-) (limited to 'images/jekyll') diff --git a/images/jekyll/Dockerfile b/images/jekyll/Dockerfile index d0ec7f933..db8fec95c 100644 --- a/images/jekyll/Dockerfile +++ b/images/jekyll/Dockerfile @@ -7,5 +7,6 @@ RUN gem install \ jekyll-inline-svg:1.1.4 \ jekyll-paginate:1.1.0 \ kramdown-parser-gfm:1.1.0 \ - jekyll-relative-links:0.6.1 + jekyll-relative-links:0.6.1 \ + jekyll-feed:0.13.0 CMD ["/usr/gem/gems/jekyll-4.0.0/exe/jekyll", "build", "-t", "-s", "/input", "-d", "/output"] diff --git a/website/_config.yml b/website/_config.yml index bcbc94eda..3241e458c 100644 --- a/website/_config.yml +++ b/website/_config.yml @@ -11,7 +11,10 @@ plugins: - jekyll-autoprefixer - jekyll-inline-svg - jekyll-relative-links + - jekyll-feed site_url: https://gvisor.dev +feed: + path: blog/index.xml svg: optimize: true defaults: diff --git a/website/_layouts/blog.html b/website/_layouts/blog.html index e6b880225..6c371ab50 100644 --- a/website/_layouts/blog.html +++ b/website/_layouts/blog.html @@ -6,7 +6,10 @@ layout: base
-

{{ page.title }}

+

{{ page.title }}

+ {% if page.feed %} + Feed  + {% endif %} {{ content }}
diff --git a/website/_sass/front.scss b/website/_sass/front.scss index 1c7f58ecb..3cd87ce40 100644 --- a/website/_sass/front.scss +++ b/website/_sass/front.scss @@ -13,12 +13,4 @@ margin-bottom: 0; font-weight: 300; } - .btn { - color: $text-color; - background-color: $inverse-link-color; - } - .btn-inverse { - color: $text-color; - background-color: #ffffff; - } } diff --git a/website/_sass/style.scss b/website/_sass/style.scss index e9cc54d24..e34e21448 100644 --- a/website/_sass/style.scss +++ b/website/_sass/style.scss @@ -104,7 +104,13 @@ code { } .btn { - background-color: $primary; + color: $text-color; + background-color: $inverse-link-color; +} + +.btn-inverse { + color: $text-color; + background-color: #ffffff; } .well { diff --git a/website/blog/index.html b/website/blog/index.html index 57051c6fe..5c67c95fc 100644 --- a/website/blog/index.html +++ b/website/blog/index.html @@ -1,6 +1,7 @@ --- title: Blog layout: blog +feed: true pagination: enabled: true --- -- cgit v1.2.3 From 26bbecf00f51e8dca60ce8b1d33f7ebbbf92d268 Mon Sep 17 00:00:00 2001 From: Adin Scannell Date: Wed, 27 May 2020 15:46:07 -0700 Subject: Ensure sitemap is generated. PiperOrigin-RevId: 313478820 --- images/jekyll/Dockerfile | 3 ++- website/_config.yml | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) (limited to 'images/jekyll') diff --git a/images/jekyll/Dockerfile b/images/jekyll/Dockerfile index cefd949a6..4860dd750 100644 --- a/images/jekyll/Dockerfile +++ b/images/jekyll/Dockerfile @@ -8,5 +8,6 @@ RUN gem install \ jekyll-paginate:1.1.0 \ kramdown-parser-gfm:1.1.0 \ jekyll-relative-links:0.6.1 \ - jekyll-feed:0.13.0 + jekyll-feed:0.13.0 \ + jekyll-sitemap:1.4.0 CMD ["/usr/gem/gems/jekyll-4.0.0/exe/jekyll", "build", "-t", "-s", "/input", "-d", "/output"] diff --git a/website/_config.yml b/website/_config.yml index 3241e458c..b08602970 100644 --- a/website/_config.yml +++ b/website/_config.yml @@ -12,6 +12,7 @@ plugins: - jekyll-inline-svg - jekyll-relative-links - jekyll-feed + - jekyll-sitemap site_url: https://gvisor.dev feed: path: blog/index.xml -- cgit v1.2.3 From feb1d3d5a7d9c26ab1533b350a9d6088148641aa Mon Sep 17 00:00:00 2001 From: Ian Lewis Date: Fri, 17 Jul 2020 18:26:08 -0700 Subject: Clean up html on the website. - Fixes some html validation issues. - Fixes links on security basics blog post. - Adds rel=noopener to links with target=_blank and adds a check to htmlproofer. - Add favicon check to htmlproofer. Fixes #3286 Fixes #3284 PiperOrigin-RevId: 321892602 --- g3doc/README.md | 10 +++------ images/jekyll/Dockerfile | 1 + images/jekyll/checks.rb | 36 ++++++++++++++++++++++++++++++ tools/bazeldefs/defs.bzl | 3 +++ tools/defs.bzl | 3 ++- website/BUILD | 4 +--- website/_includes/footer.html | 2 +- website/_includes/graph.html | 2 +- website/_includes/header-links.html | 2 +- website/_layouts/docs.html | 4 ++-- website/blog/2019-11-18-security-basics.md | 23 ++++++++++++------- website/defs.bzl | 4 +++- 12 files changed, 69 insertions(+), 25 deletions(-) create mode 100644 images/jekyll/checks.rb (limited to 'images/jekyll') diff --git a/g3doc/README.md b/g3doc/README.md index 7956fe739..22bfb15f7 100644 --- a/g3doc/README.md +++ b/g3doc/README.md @@ -117,9 +117,7 @@ for more information on filesystem bundles. `runsc` implements multiple commands that perform various functions such as starting, stopping, listing, and querying the status of containers. -### Sentry - - +### Sentry {#sentry} The Sentry is the largest component of gVisor. It can be thought of as a application kernel. The Sentry implements all the kernel functionality needed by @@ -136,9 +134,7 @@ calls it makes. For example, the Sentry is not able to open files directly; file system operations that extend beyond the sandbox (not internal `/proc` files, pipes, etc) are sent to the Gofer, described below. -### Gofer - - +### Gofer {#gofer} The Gofer is a standard host process which is started with each container and communicates with the Sentry via the [9P protocol][9p] over a socket or shared @@ -146,7 +142,7 @@ memory channel. The Sentry process is started in a restricted seccomp container without access to file system resources. The Gofer mediates all access to the these resources, providing an additional level of isolation. -### Application +### Application {#application} The application is a normal Linux binary provided to gVisor in an OCI runtime bundle. gVisor aims to provide an environment equivalent to Linux v4.4, so diff --git a/images/jekyll/Dockerfile b/images/jekyll/Dockerfile index 4860dd750..ba039ba15 100644 --- a/images/jekyll/Dockerfile +++ b/images/jekyll/Dockerfile @@ -10,4 +10,5 @@ RUN gem install \ jekyll-relative-links:0.6.1 \ jekyll-feed:0.13.0 \ jekyll-sitemap:1.4.0 +COPY checks.rb /checks.rb CMD ["/usr/gem/gems/jekyll-4.0.0/exe/jekyll", "build", "-t", "-s", "/input", "-d", "/output"] diff --git a/images/jekyll/checks.rb b/images/jekyll/checks.rb new file mode 100644 index 000000000..fc7e6b5a8 --- /dev/null +++ b/images/jekyll/checks.rb @@ -0,0 +1,36 @@ +#!/usr/local/bin/ruby +# +# HTMLProofer checks for the gVisor website. +# +require 'html-proofer' + +# NoOpenerCheck checks to make sure links with target=_blank include the +# rel=noopener attribute. +class NoOpenerCheck < ::HTMLProofer::Check + def run + @html.css('a').each do |node| + link = create_element(node) + line = node.line + + rel = link.respond_to?(:rel) ? link.rel.split(' ') : [] + + if link.respond_to?(:target) && link.target == "_blank" && !rel.include?("noopener") + return add_issue("You should set rel=noopener for links with target=_blank", line: line) + end + end + end +end + +def main() + options = { + :check_html => true, + :check_favicon => true, + :disable_external => true, + } + + HTMLProofer.check_directories(ARGV, options).run +end + +if __FILE__ == $0 + main +end diff --git a/tools/bazeldefs/defs.bzl b/tools/bazeldefs/defs.bzl index 620c460de..3db8e13d0 100644 --- a/tools/bazeldefs/defs.bzl +++ b/tools/bazeldefs/defs.bzl @@ -32,6 +32,9 @@ rbe_platform = native.platform rbe_toolchain = native.toolchain vdso_linker_option = "-fuse-ld=gold " +def short_path(path): + return path + def proto_library(name, has_services = None, **kwargs): native.proto_library( name = name, diff --git a/tools/defs.bzl b/tools/defs.bzl index 40afcdb79..e35e29634 100644 --- a/tools/defs.bzl +++ b/tools/defs.bzl @@ -7,7 +7,7 @@ change for Google-internal and bazel-compatible rules. load("//tools/go_stateify:defs.bzl", "go_stateify") load("//tools/go_marshal:defs.bzl", "go_marshal", "marshal_deps", "marshal_test_deps") -load("//tools/bazeldefs:defs.bzl", _build_test = "build_test", _cc_binary = "cc_binary", _cc_flags_supplier = "cc_flags_supplier", _cc_grpc_library = "cc_grpc_library", _cc_library = "cc_library", _cc_proto_library = "cc_proto_library", _cc_test = "cc_test", _cc_toolchain = "cc_toolchain", _default_installer = "default_installer", _default_net_util = "default_net_util", _gazelle = "gazelle", _gbenchmark = "gbenchmark", _go_binary = "go_binary", _go_embed_data = "go_embed_data", _go_grpc_and_proto_libraries = "go_grpc_and_proto_libraries", _go_library = "go_library", _go_path = "go_path", _go_proto_library = "go_proto_library", _go_test = "go_test", _grpcpp = "grpcpp", _gtest = "gtest", _loopback = "loopback", _pkg_deb = "pkg_deb", _pkg_tar = "pkg_tar", _proto_library = "proto_library", _py_binary = "py_binary", _py_library = "py_library", _py_requirement = "py_requirement", _py_test = "py_test", _rbe_platform = "rbe_platform", _rbe_toolchain = "rbe_toolchain", _select_arch = "select_arch", _select_system = "select_system", _vdso_linker_option = "vdso_linker_option") +load("//tools/bazeldefs:defs.bzl", _build_test = "build_test", _cc_binary = "cc_binary", _cc_flags_supplier = "cc_flags_supplier", _cc_grpc_library = "cc_grpc_library", _cc_library = "cc_library", _cc_proto_library = "cc_proto_library", _cc_test = "cc_test", _cc_toolchain = "cc_toolchain", _default_installer = "default_installer", _default_net_util = "default_net_util", _gazelle = "gazelle", _gbenchmark = "gbenchmark", _go_binary = "go_binary", _go_embed_data = "go_embed_data", _go_grpc_and_proto_libraries = "go_grpc_and_proto_libraries", _go_library = "go_library", _go_path = "go_path", _go_proto_library = "go_proto_library", _go_test = "go_test", _grpcpp = "grpcpp", _gtest = "gtest", _loopback = "loopback", _pkg_deb = "pkg_deb", _pkg_tar = "pkg_tar", _proto_library = "proto_library", _py_binary = "py_binary", _py_library = "py_library", _py_requirement = "py_requirement", _py_test = "py_test", _rbe_platform = "rbe_platform", _rbe_toolchain = "rbe_toolchain", _select_arch = "select_arch", _select_system = "select_system", _short_path = "short_path", _vdso_linker_option = "vdso_linker_option") load("//tools/bazeldefs:platforms.bzl", _default_platform = "default_platform", _platforms = "platforms") load("//tools/bazeldefs:tags.bzl", "go_suffixes") load("//tools/nogo:defs.bzl", "nogo_test") @@ -38,6 +38,7 @@ py_requirement = _py_requirement py_test = _py_test select_arch = _select_arch select_system = _select_system +short_path = _short_path rbe_platform = _rbe_platform rbe_toolchain = _rbe_toolchain vdso_linker_option = _vdso_linker_option diff --git a/website/BUILD b/website/BUILD index 4488cb543..10e0299ae 100644 --- a/website/BUILD +++ b/website/BUILD @@ -55,9 +55,7 @@ genrule( "docker run -i --user $$(id -u):$$(id -g) " + "-v $$(readlink -m $$T/output/_site):/output " + "gvisor.dev/images/jekyll " + - "/usr/gem/bin/htmlproofer " + - "--disable-external " + - "--check-html " + + "ruby /checks.rb " + "/output && " + "cp $(location //website/cmd/server) $$T/output/server && " + "tar -zcf $@ -C $$T/output . && " + diff --git a/website/_includes/footer.html b/website/_includes/footer.html index 9cc8176f7..c1a373329 100644 --- a/website/_includes/footer.html +++ b/website/_includes/footer.html @@ -8,7 +8,7 @@ {% if site.analytics %} -