Hello community, here is the log from the commit of package conmon for openSUSE:Factory checked in at 2020-09-24 16:12:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/conmon (Old) and /work/SRC/openSUSE:Factory/.conmon.new.4249 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "conmon" Thu Sep 24 16:12:11 2020 rev:17 rq:835753 version:2.0.21 Changes: -------- --- /work/SRC/openSUSE:Factory/conmon/conmon.changes 2020-08-28 21:17:04.216199233 +0200 +++ /work/SRC/openSUSE:Factory/.conmon.new.4249/conmon.changes 2020-09-24 16:12:22.420786376 +0200 @@ -1,0 +2,15 @@ +Mon Sep 21 07:06:04 UTC 2020 - dmuel...@suse.com + +- Update to version 2.0.21: + * bump to v2.0.21 + * protect against kill(-1) + * Makefile: enable debuginfo generation + * Remove go.sum file and add go.mod + * Fail if conmon config could not be written + * nix: remove double definition for e2fsprogs + * Speedup static build by utilizing CI cache on `/nix` folder + * Fix nix build for failing e2fsprogs tests + * test: fix CI + * Use Podman for building + +------------------------------------------------------------------- Old: ---- conmon-2.0.20.tar.xz New: ---- _servicedata conmon-2.0.21.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ conmon.spec ++++++ --- /var/tmp/diff_new_pack.EGKAQl/_old 2020-09-24 16:12:24.104788060 +0200 +++ /var/tmp/diff_new_pack.EGKAQl/_new 2020-09-24 16:12:24.108788065 +0200 @@ -17,7 +17,7 @@ Name: conmon -Version: 2.0.20 +Version: 2.0.21 Release: 0 Summary: An OCI container runtime monitor License: Apache-2.0 ++++++ _service ++++++ --- /var/tmp/diff_new_pack.EGKAQl/_old 2020-09-24 16:12:24.132788088 +0200 +++ /var/tmp/diff_new_pack.EGKAQl/_new 2020-09-24 16:12:24.132788088 +0200 @@ -2,8 +2,10 @@ <service name="tar_scm" mode="disabled"> <param name="url">https://github.com/containers/conmon</param> <param name="scm">git</param> -<param name="versionformat">2.0.20</param> -<param name="revision">v2.0.20</param> +<param name="versionformat">@PARENT_TAG@</param> +<param name="versionrewrite-pattern">[v]?([^\+]+)(.*)</param> +<param name="revision">v2.0.21</param> +<param name="changesgenerate">enable</param> </service> <service name="recompress" mode="disabled"> <param name="file">conmon-*.tar</param> ++++++ _servicedata ++++++ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/containers/conmon</param> <param name="changesrevision">35a2fa83022e56e18af7e6a865ba5d7165fa2a4a</param></service></servicedata>++++++ conmon-2.0.20.tar.xz -> conmon-2.0.21.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/.cirrus.yml new/conmon-2.0.21/.cirrus.yml --- old/conmon-2.0.20/.cirrus.yml 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/.cirrus.yml 2020-09-08 22:33:37.000000000 +0200 @@ -9,6 +9,7 @@ ENVLIB: ".bash_profile" GOPATH: "/var/tmp/go" PATH: "${PATH}:${GOPATH}" + IMAGE_PROJECT: "libpod-218412" CRIO_REPO: "https://github.com/cri-o/cri-o.git" CRIO_SLUG: "github.com/cri-o/cri-o" CONMON_SLUG: "github.com/containers/conmon" @@ -19,29 +20,14 @@ CIRRUS_SHELL: "/bin/bash" # Save a little typing (path relative to $CIRRUS_WORKING_DIR) SCRIPT_BASE: "./contrib/cirrus" - PACKER_BASE: "./contrib/cirrus/packer" # Spoof self as travis, as cirrus has the same test issues as travis does TRAVIS: "true" + FEDORA_CONTAINER_FQIN: "registry.fedoraproject.org/fedora:32" + PRIOR_FEDORA_CONTAINER_FQIN: "registry.fedoraproject.org/fedora:31" - #### - #### Image names to test with - ### - FEDORA_CACHE_IMAGE_NAME: 'fedora-29-conmon-75ea13be' - FEDORA_CONTAINER_FQIN: 'registry.fedoraproject.org/fedora:29' - PRIOR_FEDORA_CONTAINER_FQIN: 'registry.fedoraproject.org/fedora:28' - - #### - #### Variables for composing new cache-images (used in PR testing) from - #### base-images (pre-existing in GCE) - #### - # CSV of cache-image names to build (see $PACKER_BASE/libpod_images.json) - PACKER_BUILDS: "fedora-29" - # Version of packer to use - PACKER_VER: "1.3.5" - # Manually produced base-image names (see $SCRIPT_BASE/README.md) - FEDORA_BASE_IMAGE: "fedora-cloud-base-29-1-2-1547237869" - # Special image w/ nested-libvirt + tools for creating new cache and base images - IMAGE_BUILDER_CACHE_IMAGE_NAME: "image-builder-image-1547237869" + # VM Images are maintained in the libpod repo. + _BUILT_IMAGE_SUFFIX: "podman-6530021898584064" + FEDORA_CACHE_IMAGE_NAME: "fedora-32-${_BUILT_IMAGE_SUFFIX}" #### #### Credentials and other secret-sauces, decrypted at runtime when authorized. @@ -58,36 +44,18 @@ # and storage. gcp_credentials: ENCRYPTED[13e51806369f650e6ccc326338deeb3c24052fc0a7be29beef2b96da551aed3200abbb6c6406a936bb4388fb2758405c] -# Default compute settings unless overridden within tasks (below) -gce_instance: {"image_project": "conmon-222014", "zone": "us-central1-f", "cpu": 4, "memory": "16Gb", "disk": 200, "image_name": "no-image-specified-in-task"} +# Default VM to use unless set or modified by task +gce_instance: + image_project: "${IMAGE_PROJECT}" + zone: "us-central1-c" # Required by Cirrus for the time being + cpu: 2 + memory: "4Gb" + disk: 200 # Required for performance reasons + image_name: "${FEDORA_CACHE_IMAGE_NAME}" # Default timeout for each task timeout_in: '120m' -# Every *_task runs in parallel in separate VMs. The name prefix only for reference -# in WebUI, and will be followed by matrix details. This task runs the integration -# testing for every platform -cri-o_integration_task: - - depends_on: - - 'config' - - 'fmt' - - gce_instance: - # Generate multiple parallel tasks, covering all possible - # 'matrix' combinations. - matrix: - # Images are generated separately, from build_images_task (below) - image_name: "${FEDORA_CACHE_IMAGE_NAME}" - - env: - matrix: - TEST_USERNS: 0 - TEST_USERNS: 1 - - setup_environment_script: '$SCRIPT_BASE/setup_environment.sh' - integration_test_script: '$SCRIPT_BASE/cri-o_test.sh' - # this task runs the conmon integration tests integration_task: @@ -140,7 +108,6 @@ script: - dnf install -y make glib2-devel git gcc golang - cd $CIRRUS_WORKING_DIR - - GO111MODULE=on go mod init github.com/containers/conmon - make config - ./hack/tree_status.sh @@ -162,86 +129,38 @@ - make fmt - ./hack/tree_status.sh -# Test building of new cache-images for future PR testing, in this PR. -# Output images will be stored only for a very short time, then automatically deleted. -test_cache_images_task: - - only_if: >- - $CIRRUS_BRANCH != 'master' && - $CIRRUS_CHANGE_MESSAGE =~ '.*\*\*\*\s*CIRRUS:\s*TEST\s*IMAGES\s*\*\*\*.*' - - # VMs created by packer are not cleaned up by cirrus, must allow task to complete - auto_cancellation: $CI != "true" - - gce_instance: - image_name: "${IMAGE_BUILDER_CACHE_IMAGE_NAME}" - cpu: 4 - memory: "4Gb" - disk: 200 - # Additional permissions for building GCE images, within a GCE VM - scopes: - - 'compute' - - 'devstorage.full_control' - - env: - IMAGE_BUILD: 1 - - setup_environment_script: '$SCRIPT_BASE/setup_environment.sh' - cache_images_script: '$SCRIPT_BASE/build_vm_images.sh' - - -# Build new cache-images for future PR testing, but only after a PR merge. -# The cache-images save install/setup time needed test every PR. The 'active' -# images are selected manually by updating the 'image_name' values above. -cache_images_task: - - # Only produce new cache-images after a PR merge, and if a magic string - # is present in the most recent commit-message. - only_if: >- - $CIRRUS_BRANCH == 'master' && - $CIRRUS_CHANGE_MESSAGE =~ '.*\*\*\*\s*CIRRUS:\s*REBUILD\s*IMAGES\s*\*\*\*.*' - - # Require tests to pass first. - depends_on: - - "integration" - - # VMs created by packer are not cleaned up by cirrus - auto_cancellation: $CI != "true" - - gce_instance: - image_name: "${IMAGE_BUILDER_CACHE_IMAGE_NAME}" - cpu: 4 - memory: "4Gb" - disk: 200 - # Additional permissions for building GCE images, within a GCE VM - scopes: - - 'compute' - - 'devstorage.full_control' - - env: - IMAGE_BUILD: 1 - - setup_environment_script: '$SCRIPT_BASE/setup_environment.sh' - cache_images_script: '$SCRIPT_BASE/build_vm_images.sh' - # Build the static binary static_binary_task: depends_on: - 'config' - 'fmt' + gce_instance: image_name: "${FEDORA_CACHE_IMAGE_NAME}" cpu: 8 memory: 12 disk: 200 - script: | + + init_script: | set -ex setenforce 0 growpart /dev/sda 1 || true resize2fs /dev/sda1 || true yum -y install podman - mkdir -p /nix - podman run --rm --privileged -ti -v /:/mnt nixos/nix cp -rfT /nix /mnt/nix + + nix_cache: + folder: '.cache' + fingerprint_script: | + echo "nix-v1-$(sha1sum nix/nixpkgs.json | head -c 40)" + + build_script: | + set -ex + mkdir -p .cache + mv .cache /nix + if [[ -z $(ls -A /nix) ]]; then podman run --rm --privileged -ti -v /:/mnt nixos/nix cp -rfT /nix /mnt/nix; fi podman run --rm --privileged -ti -v /nix:/nix -v ${PWD}:${PWD} -w ${PWD} nixos/nix nix --print-build-logs --option cores 8 --option max-jobs 8 build --file nix/ + mv /nix .cache + chown -Rf $(whoami) .cache + binaries_artifacts: path: "result/bin/conmon" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/Containerfile new/conmon-2.0.21/Containerfile --- old/conmon-2.0.20/Containerfile 1970-01-01 01:00:00.000000000 +0100 +++ new/conmon-2.0.21/Containerfile 2020-09-08 22:33:37.000000000 +0200 @@ -0,0 +1,20 @@ +FROM registry.fedoraproject.org/fedora:latest + +RUN sudo dnf install -y make automake gcc gcc-c++ kernel-devel glib2-devel && \ + sudo dnf clean all && \ + rm -rf /var/cache/dnf + +RUN sudo dnf update -y && \ + sudo dnf clean all && \ + rm -rf /var/cache/dnf + +# replaces the mktemp from the tutorial as everything is temporary in a +# container unless bind mounted out +RUN mkdir -p /tmp/gocache +ENV GOCACHE=/tmp/gocache + +RUN mkdir -p /devenv +ADD . /devenv +WORKDIR /devenv + +RUN make diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/Makefile new/conmon-2.0.21/Makefile --- old/conmon-2.0.20/Makefile 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/Makefile 2020-09-08 22:33:37.000000000 +0200 @@ -7,8 +7,12 @@ PKG_CONFIG ?= pkg-config HEADERS := $(wildcard src/*.h) OBJS := src/conmon.o src/cmsg.o src/ctr_logging.o src/utils.o src/cli.o src/globals.o src/cgroup.o src/conn_sock.o src/oom.o src/ctrl.o src/ctr_stdio.o src/parent_pipe_fd.o src/ctr_exit.o src/runtime_args.o - - +DEBUGTAG ?= +ifneq (,$(findstring enable_debug,$(DEBUGTAG))) + DEBUGFLAG=-g +else + DEBUGFLAG= +endif .PHONY: all git-vars all: git-vars bin bin/conmon @@ -59,10 +63,10 @@ cp -rfp ./result/bin/* ./bin/ bin/conmon: $(OBJS) | bin - $(CC) $(LDFLAGS) $(CFLAGS) -o $@ $^ $(LIBS) + $(CC) $(LDFLAGS) $(CFLAGS) $(DEBUGFLAG) -o $@ $^ $(LIBS) %.o: %.c $(HEADERS) - $(CC) $(CFLAGS) -o $@ -c $< + $(CC) $(CFLAGS) $(DEBUGFLAG) -o $@ -c $< config: git-vars cmd/conmon-config/conmon-config.go runner/config/config.go runner/config/config_unix.go runner/config/config_windows.go $(GO) build $(LDFLAGS) -tags "$(BUILDTAGS)" -o bin/config $(PROJECT)/cmd/conmon-config @@ -105,3 +109,13 @@ find . '(' -name '*.h' -o -name '*.c' ! -path './vendor/*' ')' -exec clang-format -i {} \+ find . -name '*.go' ! -path './vendor/*' -exec gofmt -s -w {} \+ git diff --exit-code + + +.PHONY: dbuild +dbuild: + -mkdir -p bin + -podman rm conmon-devenv + podman build -t conmon-devenv:latest . + podman create --name conmon-devenv conmon-devenv:latest + podman cp conmon-devenv:/devenv/bin/conmon bin/conmon + @echo "for installation move conmon file to /usr/local/libexec/podman/" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/VERSION new/conmon-2.0.21/VERSION --- old/conmon-2.0.20/VERSION 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/VERSION 2020-09-08 22:33:37.000000000 +0200 @@ -1 +1 @@ -2.0.20 +2.0.21 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/cmd/conmon-config/conmon-config.go new/conmon-2.0.21/cmd/conmon-config/conmon-config.go --- old/conmon-2.0.20/cmd/conmon-config/conmon-config.go 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/cmd/conmon-config/conmon-config.go 2020-09-08 22:33:37.000000000 +0200 @@ -3,6 +3,7 @@ import ( "fmt" "io/ioutil" + "log" "github.com/containers/conmon/runner/config" ) @@ -32,6 +33,6 @@ config.ReopenLogsEvent, config.TimedOutMessage)), 0644); err != nil { - fmt.Errorf(err.Error()) + log.Fatal(err) } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/contrib/cirrus/build_vm_images.sh new/conmon-2.0.21/contrib/cirrus/build_vm_images.sh --- old/conmon-2.0.20/contrib/cirrus/build_vm_images.sh 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/contrib/cirrus/build_vm_images.sh 1970-01-01 01:00:00.000000000 +0100 @@ -1,72 +0,0 @@ -#!/bin/bash - -# This is assumed to be executed through ssh, on an VM running from -# the 'image-builder-image', by Cirrus CI. Running manually requires -# setting all the 'req_env_var' items below, as well as -# $GOOGLE_APPLICATION_CREDENTIALS = JSON credentials file cooresponding -# to $SERVICE_ACCOUNT. - -set -e -source $(dirname $0)/lib.sh - -req_env_var " -SRC $SRC -SCRIPT_BASE $SCRIPT_BASE -PACKER_BASE $PACKER_BASE -PACKER_VER $PACKER_VER -PACKER_BUILDS $PACKER_BUILDS -BUILT_IMAGE_SUFFIX $BUILT_IMAGE_SUFFIX - -CRIO_REPO $CRIO_REPO -CRIO_SLUG $CRIO_SLUG - -FEDORA_BASE_IMAGE $FEDORA_BASE_IMAGE - -SERVICE_ACCOUNT $SERVICE_ACCOUNT -GCE_SSH_USERNAME $GCE_SSH_USERNAME -GCP_PROJECT_ID $GCP_PROJECT_ID -" - -show_env_vars - -# Everything here is running on the 'image-builder-image' GCE image -# Assume basic dependencies are all met, but there could be a newer version -# of the packer binary -PACKER_FILENAME="packer_${PACKER_VER}_linux_amd64.zip" -# image_builder_image has packer pre-installed, check if same version requested -if [[ -r "$HOME/packer/$PACKER_FILENAME" ]] -then - cp "$HOME/packer/$PACKER_FILENAME" "$SRC/$PACKER_BASE/" -fi - -cd "$SRC/$PACKER_BASE" - -# Separate PR-produced images from those produced on master. -if [[ "${CIRRUS_BRANCH:-}" == "master" ]] -then - POST_MERGE_BUCKET_SUFFIX="-master" -else - POST_MERGE_BUCKET_SUFFIX="" -fi - -make conmon_images \ - SRC=$SRC \ - SCRIPT_BASE=$SCRIPT_BASE \ - PACKER_BASE=$PACKER_BASE \ - PACKER_VER=$PACKER_VER \ - PACKER_BUILDS=$PACKER_BUILDS \ - BUILT_IMAGE_SUFFIX=$BUILT_IMAGE_SUFFIX \ - CRIO_REPO=$CRIO_REPO \ - CRIO_SLUG=$CRIO_SLUG \ - FEDORA_BASE_IMAGE=$FEDORA_BASE_IMAGE \ - POST_MERGE_BUCKET_SUFFIX=$POST_MERGE_BUCKET_SUFFIX - -# When successful, upload manifest of produced images using a filename unique -# to this build. -URI="gs://packer-import${POST_MERGE_BUCKET_SUFFIX}-temp/manifest${BUILT_IMAGE_SUFFIX}.json" -gsutil cp packer-manifest.json "$URI" - -echo "Finished." -echo "Any tarball URI's referenced above at at $URI" -echo "may be used to create VM images suitable for use in" -echo ".cirrus.yml as values for the 'image_name' keys." diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/contrib/cirrus/cri-o_test.sh new/conmon-2.0.21/contrib/cirrus/cri-o_test.sh --- old/conmon-2.0.20/contrib/cirrus/cri-o_test.sh 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/contrib/cirrus/cri-o_test.sh 2020-09-08 22:33:37.000000000 +0200 @@ -12,7 +12,7 @@ cd "$CRIO_SRC" case "$OS_REL_VER" in - fedora-29) + fedora-32) PATCH="$SRC/$SCRIPT_BASE/network_bats.patch" cd "$CRIO_SRC" echo "WARNING: Applying $PATCH" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/contrib/cirrus/integration_test.sh new/conmon-2.0.21/contrib/cirrus/integration_test.sh --- old/conmon-2.0.20/contrib/cirrus/integration_test.sh 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/contrib/cirrus/integration_test.sh 2020-09-08 22:33:37.000000000 +0200 @@ -14,7 +14,7 @@ dnf install -y make glib2-devel git gcc golang setup_gopath cd $CIRRUS_WORKING_DIR +GOCACHE=/tmp/go-build make vendor make make install PREFIX=/usr # currently, the conmon location is hardcoded to /usr/bin/conmon -GOCACHE=/tmp/go-build make vendor make test diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/contrib/cirrus/lib.sh new/conmon-2.0.21/contrib/cirrus/lib.sh --- old/conmon-2.0.20/contrib/cirrus/lib.sh 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/contrib/cirrus/lib.sh 2020-09-08 22:33:37.000000000 +0200 @@ -12,7 +12,6 @@ ENVLIB=${ENVLIB:-.bash_profile} CIRRUS_WORKING_DIR="${CIRRUS_WORKING_DIR:-/var/tmp/go/src/github.com/containers/libpod}" SCRIPT_BASE=${SCRIPT_BASE:-./contrib/cirrus} -PACKER_BASE=${PACKER_BASE:-./contrib/cirrus/packer} CIRRUS_REPO_NAME=${CIRRUS_REPO_NAME-$(dirname $0)} CIRRUS_BUILD_ID=${CIRRUS_BUILD_ID:-DEADBEEF} # a human CIRRUS_BASE_SHA=${CIRRUS_BASE_SHA:-HEAD} @@ -80,7 +79,6 @@ CIRRUS_WORKING_DIR $CIRRUS_WORKING_DIR CIRRUS_HTTP_CACHE_HOST $CIRRUS_HTTP_CACHE_HOST $(go env) -PACKER_BUILDS $PACKER_BUILDS " | while read NAME VALUE do [[ -z "$NAME" ]] || echo "export $NAME=\"$VALUE\"" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/contrib/cirrus/packer/Makefile new/conmon-2.0.21/contrib/cirrus/packer/Makefile --- old/conmon-2.0.20/contrib/cirrus/packer/Makefile 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/contrib/cirrus/packer/Makefile 1970-01-01 01:00:00.000000000 +0100 @@ -1,143 +0,0 @@ - -PACKER_VER ?= 1.3.5 -PACKER_DIST_FILENAME := packer_${PACKER_VER}_linux_amd64.zip - -# Only needed for conmon_base_images target -TIMESTAMP := $(shell date +%s) -SRC ?= $(shell realpath "./../../../") -PACKER_BASE ?= ./contrib/cirrus/packer -SCRIPT_BASE ?= ./contrib/cirrus - -# For debugging nested-virt, use -#TTYDEV := $(shell tty) -TTYDEV := /dev/null - -.PHONY: all -all: conmon_images - -%.json: %.yml - @python3 -c 'import json,yaml; json.dump( yaml.load(open("$<").read()), open("$@","w"), indent=2);' - -${PACKER_DIST_FILENAME}: - @curl -L --silent --show-error \ - -O https://releases.hashicorp.com/packer/${PACKER_VER}/${PACKER_DIST_FILENAME} - -packer: ${PACKER_DIST_FILENAME} - @curl -L --silent --show-error \ - https://releases.hashicorp.com/packer/${PACKER_VER}/packer_${PACKER_VER}_SHA256SUMS \ - | grep 'linux_amd64' > /tmp/packer_sha256sums - @sha256sum --check /tmp/packer_sha256sums - @unzip -o ${PACKER_DIST_FILENAME} - @touch --reference=Makefile ${PACKER_DIST_FILENAME} - -.PHONY: test -test: conmon_base_images.json conmon_images.json packer - ./packer inspect conmon_base_images.json > /dev/null - ./packer inspect conmon_images.json > /dev/null - @echo "All good" - -.PHONY: check_common_env -check_common_env: -ifndef SRC - $(error SRC is undefined, expected complete path to repository source directory.) -endif -ifndef SCRIPT_BASE - $(error SCRIPT_BASE is undefined, expected relative path to cirrus scripts directory.) -endif -ifndef PACKER_BASE - $(error PACKER_BASE is undefined, expected relative path to packer directory.) -endif -ifndef PACKER_VER - $(error PACKER_VER is undefined, expected string version number of packer to use.) -endif -ifndef PACKER_BUILDS - $(error PACKER_BUILDS is undefined, expected CSV of builders to utilize.) -endif -ifndef GCP_PROJECT_ID - $(error GCP_PROJECT_ID is undefined, expected complete GCP project ID string e.g. foobar-12345.) -endif - -.PHONY: cache_image_checkenv -cache_image_checkenv: check_common_env -ifndef GCE_SSH_USERNAME - $(error GCE_SSH_USERNAME is undefined, expected user with ssh access to base-image.) -endif -ifndef SERVICE_ACCOUNT - $(error SERVICE_ACCOUNT is undefined, expected GCE service account name for managing VMs.) -endif -ifndef BUILT_IMAGE_SUFFIX - $(error BUILT_IMAGE_SUFFIX is undefined, expected suffix string to make produced image names unique.) -endif -ifndef CRIO_REPO - $(error CRIO_REPO is undefined, expected URL to CRI-O repository to use) -endif -ifndef CRIO_SLUG - $(error CRIO_SLUG is undefined, expected GOPATH/src/ subdirectory to use for CRI-O.) -endif -ifndef FEDORA_BASE_IMAGE - $(error FEDORA_BASE_IMAGE is undefined, expected name of existing base-image.) -endif - -.PHONY: base_image_checkenv -base_image_checkenv: check_common_env -ifndef TIMESTAMP - $(error TIMESTAMP is undefined, expected unix epoch.) -endif -ifndef GOOGLE_APPLICATION_CREDENTIALS - $(error GOOGLE_APPLICATION_CREDENTIALS is undefined, expected path to JSON file. See https://cloud.google.com/docs/authentication/end-user#creating_your_client_credentials) -endif - -.PHONY: conmon_images -conmon_images: cache_image_checkenv conmon_images.json packer - @GCE_SSH_USERNAME=${GCE_SSH_USERNAME} \ - GCP_PROJECT_ID=${GCP_PROJECT_ID} \ - SERVICE_ACCOUNT="${SERVICE_ACCOUNT}" \ - ./packer build -only=${PACKER_BUILDS} \ - -var SRC=${SRC} \ - -var SCRIPT_BASE=${SCRIPT_BASE} \ - -var PACKER_BASE=${PACKER_BASE} \ - -var BUILT_IMAGE_SUFFIX=${BUILT_IMAGE_SUFFIX} \ - -var CRIO_REPO=${CRIO_REPO} \ - -var CRIO_SLUG=${CRIO_SLUG} \ - -var FEDORA_BASE_IMAGE=${FEDORA_BASE_IMAGE} \ - conmon_images.json - @echo "" - @echo "Finished. The images mentioned above, and in packer-manifest.json" - @echo "can be used in .cirrus.yml as values for the 'image_name' keys" - @echo "" - - - -cidata.ssh: - ssh-keygen -f $@ -P "" -q - -cidata.ssh.pub: cidata.ssh - touch $@ - -meta-data: - echo "local-hostname: localhost.localdomain" > $@ - -user-data: cidata.ssh.pub - bash make-user-data.sh - -cidata.iso: user-data meta-data - genisoimage -output cidata.iso -volid cidata -input-charset utf-8 -joliet -rock user-data meta-data - -# This is intended to be run by a human, with admin access to the conmon GCE project. -.PHONY: conmon_base_images -conmon_base_images: base_image_checkenv conmon_base_images.json cidata.iso cidata.ssh packer - @PACKER_CACHE_DIR=/tmp \ - GOOGLE_APPLICATION_CREDENTIALS="${GOOGLE_APPLICATION_CREDENTIALS}" \ - GCP_PROJECT_ID=${GCP_PROJECT_ID} \ - ./packer build \ - -var TIMESTAMP=${TIMESTAMP} \ - -var TTYDEV=${TTYDEV} \ - -var SRC=${SRC} \ - -var PACKER_BASE=${PACKER_BASE} \ - -var SCRIPT_BASE=${SCRIPT_BASE} \ - -only ${PACKER_BUILDS} \ - conmon_base_images.json - @echo "" - @echo "Finished. The images mentioned above, and in packer-manifest.json" - @echo "can be used in .cirrus.yml as values for the *_BASE_IMAGE keys." - @echo "" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/contrib/cirrus/packer/README.md new/conmon-2.0.21/contrib/cirrus/packer/README.md --- old/conmon-2.0.20/contrib/cirrus/packer/README.md 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/contrib/cirrus/packer/README.md 1970-01-01 01:00:00.000000000 +0100 @@ -1,3 +0,0 @@ -These are definitions and scripts consumed by packer to produce the -various distribution images used for CI testing. For more details -see the [Cirrus CI documentation](../README.md) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/contrib/cirrus/packer/conmon_base_images.yml new/conmon-2.0.21/contrib/cirrus/packer/conmon_base_images.yml --- old/conmon-2.0.20/contrib/cirrus/packer/conmon_base_images.yml 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/contrib/cirrus/packer/conmon_base_images.yml 1970-01-01 01:00:00.000000000 +0100 @@ -1,146 +0,0 @@ ---- - -variables: - # Complete local path to repository (Required) - SRC: - # Relative path to this (packer) subdirectory (Required) - PACKER_BASE: - # Relative path to cirrus scripts subdirectory (Required) - SCRIPT_BASE: - # Unique ID for naming new base-images (required) - TIMESTAMP: - # Required for output from qemu builders - TTYDEV: - - # These are also required, but come in via env-vars to protect contents - # Path to json file (required, likely ~/.config/gcloud/legacy_credentials/*/adc.json) - GOOGLE_APPLICATION_CREDENTIALS: '{{env `GOOGLE_APPLICATION_CREDENTIALS`}}' - # The complete project ID (required, not the short name) - GCP_PROJECT_ID: '{{env `GCP_PROJECT_ID`}}' - - # Pre-existing storage bucket w/ lifecycle-enabled - XFERBUCKET: "packer-import-temp" # pre-created, globally unique, lifecycle-enabled - # Fedora images are obtainable by direct download - FEDORA_IMAGE_URL: "https://dl.fedoraproject.org/pub/fedora/linux/releases/29/Cloud/x86_64/images/Fedora-Cloud-Base-29-1.2.x86_64.qcow2" - FEDORA_CSUM_URL: "https://dl.fedoraproject.org/pub/fedora/linux/releases/29/Cloud/x86_64/images/Fedora-Cloud-29-1.2-x86_64-CHECKSUM" - FEDORA_BASE_IMAGE_NAME: 'fedora-cloud-base-29-1-2' # Name to use in GCE - # The name of the image in GCE used for packer build conmon_images.yml - IBI_BASE_NAME: 'image-builder-image' - CIDATA_ISO: 'cidata.iso' # produced by Makefile - -# Don't leak sensitive values in error messages / output -sensitive-variables: - - 'GOOGLE_APPLICATION_CREDENTIALS' - - 'GCP_PROJECT_ID' - -# What images to produce in which cloud -builders: - - name: '{{user `IBI_BASE_NAME`}}' - type: 'googlecompute' - image_name: '{{user `IBI_BASE_NAME`}}-{{user `TIMESTAMP`}}' - image_family: '{{user `IBI_BASE_NAME`}}' - source_image_project_id: 'centos-cloud' - source_image_family: 'centos-7' - project_id: '{{user `GCP_PROJECT_ID`}}' - account_file: '{{user `GOOGLE_APPLICATION_CREDENTIALS`}}' - communicator: 'ssh' - ssh_username: 'centos' - ssh_pty: 'true' - # The only supported zone in Cirrus-CI, as of addition of this comment - zone: 'us-central1-f' - # Enable nested virtualization in case it's ever needed - image_licenses: - - 'https://www.googleapis.com/compute/v1/projects/vm-options/global/licenses/enable-vmx' - min_cpu_platform: "Intel Broadwell" # nested-virt requirement - - - &nested_virt - name: 'fedora' - type: 'qemu' - accelerator: "kvm" - iso_url: '{{user `FEDORA_IMAGE_URL`}}' - disk_image: true - format: "raw" - disk_size: 5120 - iso_checksum_url: '{{user `FEDORA_CSUM_URL`}}' - iso_checksum_type: "sha256" - output_directory: '/tmp/{{build_name}}' - vm_name: "disk.raw" # actually qcow2, name required for post-processing - boot_wait: '5s' - shutdown_command: 'shutdown -h now' - headless: true - qemu_binary: "/usr/libexec/qemu-kvm" - qemuargs: # List-of-list format required to override packer-generated args - - - "-m" - - "1024" - - - "-cpu" - - "host" - - - "-device" - - "virtio-rng-pci" - - - "-chardev" - - "tty,id=pts,path={{user `TTYDEV`}}" - - - "-device" - - "isa-serial,chardev=pts" - - - "-cdrom" - - "{{user `CIDATA_ISO`}}" - - - "-netdev" - - "user,id=net0,hostfwd=tcp::{{ .SSHHostPort }}-:22" - - - "-device" - - "virtio-net,netdev=net0" - communicator: 'ssh' - ssh_private_key_file: 'cidata.ssh' - ssh_username: 'root' - -provisioners: - - type: 'shell' - inline: - - 'mkdir -p /tmp/conmon/{{user `SCRIPT_BASE`}}' - - 'mkdir -p /tmp/conmon/{{user `PACKER_BASE`}}' - - - type: 'file' - source: '{{user `SRC`}}/.cirrus.yml' - destination: '/tmp/conmon/.cirrus.yml' - - - type: 'file' - source: '{{user `SRC`}}/{{user `SCRIPT_BASE`}}/' - destination: '/tmp/conmon/{{user `SCRIPT_BASE`}}/' - - - type: 'file' - source: '{{user `SRC`}}/{{user `PACKER_BASE`}}/' - destination: '/tmp/conmon/{{user `PACKER_BASE`}}/' - - - &shell_script - type: 'shell' - inline: - - 'chmod +x /tmp/conmon/{{user `PACKER_BASE`}}/{{build_name}}_base-setup.sh' - - '/tmp/conmon/{{user `PACKER_BASE`}}/{{build_name}}_base-setup.sh pre' - expect_disconnect: true # Allow this to reboot the VM - environment_vars: - - 'TIMESTAMP={{user `TIMESTAMP`}}' - - 'SRC=/tmp/conmon' - - 'SCRIPT_BASE={{user `SCRIPT_BASE`}}' - - 'PACKER_BASE={{user `PACKER_BASE`}}' - - - <<: *shell_script - inline: ['{{user `SRC`}}/{{user `PACKER_BASE`}}/{{build_name}}_base-setup.sh'] - expect_disconnect: false - pause_before: '10s' - inline: - - '/tmp/conmon/{{user `PACKER_BASE`}}/{{build_name}}_base-setup.sh post' - -post-processors: - - - type: "compress" - only: ['fedora'] - output: '/tmp/{{build_name}}/disk.raw.tar.gz' - format: '.tar.gz' - compression_level: 9 - - &gcp_import - only: ['fedora'] - type: "googlecompute-import" - project_id: '{{user `GCP_PROJECT_ID`}}' - account_file: '{{user `GOOGLE_APPLICATION_CREDENTIALS`}}' - bucket: '{{user `XFERBUCKET`}}' - gcs_object_name: '{{build_name}}-{{uuid}}.tar.gz' - image_name: "{{user `FEDORA_BASE_IMAGE_NAME`}}-{{user `TIMESTAMP`}}" - image_description: 'Based on {{user `FEDORA_IMAGE_URL`}}' - image_family: '{{user `FEDORA_BASE_IMAGE_NAME`}}' - - type: 'manifest' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/contrib/cirrus/packer/conmon_images.yml new/conmon-2.0.21/contrib/cirrus/packer/conmon_images.yml --- old/conmon-2.0.20/contrib/cirrus/packer/conmon_images.yml 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/contrib/cirrus/packer/conmon_images.yml 1970-01-01 01:00:00.000000000 +0100 @@ -1,64 +0,0 @@ ---- - -# All of these are required -variables: - # These are required - SRC: - SCRIPT_BASE: - PACKER_BASE: - BUILT_IMAGE_SUFFIX: - CRIO_REPO: - CRIO_SLUG: - FEDORA_BASE_IMAGE: - # Protected credentials, decrypted by Cirrus at runtime - GCE_SSH_USERNAME: '{{env `GCE_SSH_USERNAME`}}' - GCP_PROJECT_ID: '{{env `GCP_PROJECT_ID`}}' - SERVICE_ACCOUNT: '{{env `SERVICE_ACCOUNT`}}' - # Used to separate images produced during PR testing from those - # produced from post-merge testing. Must be empty for PR testing. - POST_MERGE_BUCKET_SUFFIX: '' - -# Don't leak sensitive values in error messages / output -sensitive-variables: - - 'GCE_SSH_USERNAME' - - 'GCP_PROJECT_ID' - - 'SERVICE_ACCOUNT' - -# What images to produce in which cloud -builders: - - name: 'fedora-29' - type: 'googlecompute' - image_name: '{{build_name}}{{user `BUILT_IMAGE_SUFFIX`}}' - image_family: '{{build_name}}-conmon' - source_image: '{{user `FEDORA_BASE_IMAGE`}}' - disk_size: 20 - project_id: '{{user `GCP_PROJECT_ID`}}' - service_account_email: '{{user `SERVICE_ACCOUNT`}}' - communicator: 'ssh' - ssh_username: '{{user `GCE_SSH_USERNAME`}}' - ssh_pty: 'true' - # The only supported zone in Cirrus-CI, as of addition of this comment - zone: 'us-central1-f' - -# The brains of the operation, making actual modifications to the base-image. -provisioners: - - type: 'file' - source: '{{user `SRC`}}' - destination: '/tmp/conmon' - - - type: 'shell' - script: '{{user `SRC`}}/{{user `PACKER_BASE`}}/{{split build_name "-" 0}}_setup.sh' - environment_vars: - - 'SRC=/tmp/conmon' - - 'SCRIPT_BASE={{user `SCRIPT_BASE`}}' - - 'PACKER_BASE={{user `PACKER_BASE`}}' - - 'BUILT_IMAGE_SUFFIX={{user `BUILT_IMAGE_SUFFIX`}}' - - 'CRIO_REPO={{user `CRIO_REPO`}}' - - 'CRIO_SLUG={{user `CRIO_SLUG`}}' - -post-processors: - # Store VM disk in GCP storage, where it will expire based on a defined - # lifecycle. This prevents GCE from filling with disused images. - - - type: 'googlecompute-export' - paths: ['gs://packer-import{{user `POST_MERGE_BUCKET_SUFFIX`}}-temp/{{build_name}}{{user `BUILT_IMAGE_SUFFIX`}}.tar.gz'] - - type: 'manifest' # writes packer-manifest.json diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/contrib/cirrus/packer/fedora_base-setup.sh new/conmon-2.0.21/contrib/cirrus/packer/fedora_base-setup.sh --- old/conmon-2.0.20/contrib/cirrus/packer/fedora_base-setup.sh 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/contrib/cirrus/packer/fedora_base-setup.sh 1970-01-01 01:00:00.000000000 +0100 @@ -1,31 +0,0 @@ -#!/bin/bash - -# N/B: This script is not intended to be run by humans. It is used to configure the -# fedora base image for importing, so that it will boot in GCE - -set -e - -# Load in library (copied by packer, before this script was run) -source $SRC/$SCRIPT_BASE/lib.sh - -req_env_var " - SRC $SRC -" - -[[ "$1" == "post" ]] || exit 0 # nothing to do - -install_ooe - -echo "Updating packages" -ooe.sh dnf -y update - -echo "Installing necessary packages and google services" -ooe.sh dnf -y copr enable ngompa/gce-oslogin -ooe.sh dnf -y install rng-tools google-compute-engine google-compute-engine-oslogin - -echo "Enabling services" -ooe.sh systemctl enable rngd - -rh_finalize - -echo "SUCCESS!" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/contrib/cirrus/packer/fedora_setup.sh new/conmon-2.0.21/contrib/cirrus/packer/fedora_setup.sh --- old/conmon-2.0.20/contrib/cirrus/packer/fedora_setup.sh 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/contrib/cirrus/packer/fedora_setup.sh 1970-01-01 01:00:00.000000000 +0100 @@ -1,108 +0,0 @@ -#!/bin/bash - -# This script is called by packer on the subject fedora VM, to setup the conmon -# build/test environment. It's not intended to be used outside of this context. - -set -e - -# Load in library (copied by packer, before this script was run) -source $SRC/$SCRIPT_BASE/lib.sh - -req_env_var " - SRC $SRC - SCRIPT_BASE $SCRIPT_BASE - PACKER_BASE $PACKER_BASE - BUILT_IMAGE_SUFFIX $BUILT_IMAGE_SUFFIX - CRIO_REPO $CRIO_REPO - CRIO_SLUG $CRIO_SLUG -" - -install_ooe - -echo "Updating packages" -ooe.sh sudo dnf update -y - -ooe.sh sudo dnf -y module install cri-o:1.13 - -echo "Installing dependencies" - -ooe.sh sudo dnf -y install \ - atomic-registries \ - btrfs-progs-devel \ - buildah \ - container-selinux \ - containernetworking-plugins \ - cri-o \ - cri-tools \ - curl \ - device-mapper-devel \ - e2fsprogs-devel \ - findutils \ - gcc \ - git \ - glib2-devel \ - glibc-devel \ - glibc-static \ - golang \ - gpgme \ - gpgme-devel \ - grubby \ - hostname \ - iproute \ - iptables \ - krb5-workstation \ - kubernetes \ - libassuan \ - libassuan-devel \ - libblkid-devel \ - libffi-devel \ - libgpg-error-devel \ - libguestfs-tools \ - libseccomp-devel \ - libselinux-devel \ - libselinux-python \ - libsemanage-python \ - libvirt-client \ - libvirt-python \ - libxml2-devel \ - libxslt-devel \ - make \ - mlocate \ - nfs-utils \ - nmap-ncat \ - oci-register-machine \ - oci-systemd-hook \ - oci-umount \ - openssl \ - openssl-devel \ - ostree-devel \ - pkgconfig \ - podman \ - policycoreutils \ - python2-devel \ - python3-PyYAML \ - redhat-rpm-config \ - rpcbind \ - rsync \ - runc \ - sed \ - skopeo \ - socat \ - tar \ - vim \ - wget \ - zlib-devel - -setup_gopath - -install_crio_repo # git-repo for test-content - -echo "Enabling localnet routing" -echo "net.ipv4.conf.all.route_localnet = 1" | sudo tee /etc/sysctl.d/route_localnet.conf - -echo "Enabling container management of cgroups" -ooe.sh sudo setsebool -P container_manage_cgroup 1 - -rh_finalize # N/B: Halts system! - -echo "SUCCESS!" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/contrib/cirrus/packer/image-builder-image_base-setup.sh new/conmon-2.0.21/contrib/cirrus/packer/image-builder-image_base-setup.sh --- old/conmon-2.0.20/contrib/cirrus/packer/image-builder-image_base-setup.sh 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/contrib/cirrus/packer/image-builder-image_base-setup.sh 1970-01-01 01:00:00.000000000 +0100 @@ -1,74 +0,0 @@ -#!/bin/bash - -# This script is called by packer on a vanilla CentOS VM, to setup the image -# used for building cache-images from base-images. It's not intended to be used -# outside of this context. - -set -e - -[[ "$1" == "post" ]] || exit 0 # pre stage not needed - -# Load in library (copied by packer, before this script was run) -source $SRC/$SCRIPT_BASE/lib.sh - -req_env_var " - TIMESTAMP $TIMESTAMP - SRC $SRC - SCRIPT_BASE $SCRIPT_BASE - PACKER_BASE $PACKER_BASE -" - -install_ooe - -echo "Updating packages" -ooe.sh sudo yum -y update - -echo "Configuring repositories" -ooe.sh sudo yum -y install centos-release-scl epel-release - -echo "Installing packages" -ooe.sh sudo yum -y install \ - genisoimage \ - gcc \ - golang \ - google-cloud-sdk \ - libvirt \ - libvirt-admin \ - libvirt-client \ - libvirt-daemon \ - make \ - python34 \ - python34 \ - python34-PyYAML \ - python34-PyYAML \ - qemu-img \ - qemu-kvm \ - qemu-kvm-tools \ - qemu-user \ - rsync \ - unzip \ - util-linux \ - vim - -sudo ln -s /usr/libexec/qemu-kvm /usr/bin/ - -sudo tee /etc/modprobe.d/kvm-nested.conf <<EOF -options kvm-intel nested=1 -options kvm-intel enable_shadow_vmcs=1 -options kvm-intel enable_apicv=1 -options kvm-intel ept=1 -EOF - -echo "Installing packer" -sudo mkdir -p /root/$(basename $PACKER_BASE) -sudo cp $SRC/$PACKER_BASE/*packer* /root/$(basename $PACKER_BASE) -sudo mkdir -p /root/$(basename $SCRIPT_BASE) -sudo cp $SRC/$SCRIPT_BASE/*.sh /root/$(basename $SCRIPT_BASE) - -echo "Cleaning up" -cd / -rm -rf $SRC - -rh_finalize - -echo "SUCCESS!" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/contrib/cirrus/packer/make-user-data.sh new/conmon-2.0.21/contrib/cirrus/packer/make-user-data.sh --- old/conmon-2.0.20/contrib/cirrus/packer/make-user-data.sh 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/contrib/cirrus/packer/make-user-data.sh 1970-01-01 01:00:00.000000000 +0100 @@ -1,20 +0,0 @@ -#!/bin/bash - -# This script is utilized by Makefile, it's not intended to be run by humans - -cat <<EOF > user-data -#cloud-config -timezone: US/Eastern -growpart: - mode: auto -disable_root: false -ssh_pwauth: True -ssh_import_id: [root] -ssh_authorized_keys: - - $(cat cidata.ssh.pub) -users: - - name: root - primary-group: root - homedir: /root - system: true -EOF diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/contrib/cirrus/setup_environment.sh new/conmon-2.0.21/contrib/cirrus/setup_environment.sh --- old/conmon-2.0.20/contrib/cirrus/setup_environment.sh 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/contrib/cirrus/setup_environment.sh 2020-09-08 22:33:37.000000000 +0200 @@ -64,7 +64,7 @@ setup_gopath case "$OS_REL_VER" in - fedora-29) + fedora-32) install_testing_deps build_and_replace_conmon diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/go.mod new/conmon-2.0.21/go.mod --- old/conmon-2.0.20/go.mod 1970-01-01 01:00:00.000000000 +0100 +++ new/conmon-2.0.21/go.mod 2020-09-08 22:33:37.000000000 +0200 @@ -0,0 +1,3 @@ +module github.com/containers/conmon + +go 1.15 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/go.sum new/conmon-2.0.21/go.sum --- old/conmon-2.0.20/go.sum 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/go.sum 1970-01-01 01:00:00.000000000 +0100 @@ -1,31 +0,0 @@ -github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.11.0 h1:JAKSXpt1YjtLA7YpPiqO9ss6sNXEsPfSGdwN0UHqzrw= -github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/gomega v1.8.1 h1:C5Dqfs/LeauYDX0jJXIe2SWmwCbGzx9yF8C8xy3Lh34= -github.com/onsi/gomega v1.8.1/go.mod h1:Ho0h+IUsWyvy1OpqCwxlQ/21gkhVunqlU8fDGcoTdcA= -github.com/pkg/errors v0.9.0 h1:J8lpUdobwIeCI7OiSxHqEwJUKvJwicL5+3v1oe2Yb4k= -github.com/pkg/errors v0.9.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd h1:nTDtHvHSdCn1m6ITfMRqtOd/9+7a3s8RBNOZ3eYZzJA= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f h1:wMNYb4v58l5UBM7MYRLPG6ZhfOqbKu7X5eyFl8ZhKvA= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e h1:o3PsSEY8E4eXWkXrIP9YJALUkVZqzHJT5DOasTyn8Vs= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7 h1:9zdDQZ7Thm29KFXgAX/+yaf3eVbP7djjWp/dXAppNCc= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/nix/default.nix new/conmon-2.0.21/nix/default.nix --- old/conmon-2.0.20/nix/default.nix 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/nix/default.nix 2020-09-08 22:33:37.000000000 +0200 @@ -38,6 +38,11 @@ sed -ri "s;$out/(.*);$nukedRef/\1;g" $lib/lib/libsystemd.a ''; }); + e2fsprogs = (static pkg.e2fsprogs).overrideAttrs(x: { + postPatch = x.postPatch + '' + rm -rf tests/d_fallocate* + ''; + }); }; }; }); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/nix/nixpkgs.json new/conmon-2.0.21/nix/nixpkgs.json --- old/conmon-2.0.20/nix/nixpkgs.json 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/nix/nixpkgs.json 2020-09-08 22:33:37.000000000 +0200 @@ -1,7 +1,7 @@ { "url": "https://github.com/nixos/nixpkgs", - "rev": "02591d02a910b3b92092153c5f3419a8d696aa1d", - "date": "2020-07-09T03:52:28+02:00", - "sha256": "1pp9v4rqmgx1b298gxix8b79m8pvxy1rcf8l25rxxxxnkr5ls1ng", + "rev": "5f212d693fe1c82f9c7e20cd57bc69802b36a321", + "date": "2020-08-22T01:42:23+02:00", + "sha256": "1h3819ppllcpw07j884bjh07sma07vrrk1md92sf93cg43nmzncf", "fetchSubmodules": false } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.20/src/conmon.c new/conmon-2.0.21/src/conmon.c --- old/conmon-2.0.20/src/conmon.c 2020-07-28 15:57:21.000000000 +0200 +++ new/conmon-2.0.21/src/conmon.c 2020-09-08 22:33:37.000000000 +0200 @@ -443,8 +443,9 @@ */ if (timed_out && container_pid > 0) { pid_t process_group = getpgid(container_pid); - - if (process_group > 0) + /* if process_group is 1, we will end up calling + * kill(-1), which kills everything conmon is allowed to. */ + if (process_group > 1) kill(-process_group, SIGKILL); else kill(container_pid, SIGKILL);