GNU bug report logs - #31237
[PATCH] gnu: Add runc.

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 31237 in the body.
You can then email your comments to 31237 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: 宋文武 <iyzsong <at> member.fsf.org>
To: guix-patches <at> gnu.org
Cc: 宋文武 <iyzsong <at> member.fsf.org>
Subject: [PATCH] gnu: Add runc.
Date: Sun, 22 Apr 2018 20:58:44 +0800

* gnu/packages/virtualization.scm (runc): New variable.
---
 gnu/packages/virtualization.scm | 54 ++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 53 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm
index 55ace5a56..e6d52c870 100644
--- a/gnu/packages/virtualization.scm
+++ b/gnu/packages/virtualization.scm
@@ -8,6 +8,7 @@
 ;;; Copyright © 2017 Rutger Helling <rhelling <at> mykolab.com>
 ;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me <at> tobias.gr>
 ;;; Copyright © 2018 Danny Milosavljevic <dannym <at> scratchpost.org>
+;;; Copyright © 2018 Sou Bunnbu <iyzsong <at> member.fsf.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -41,6 +42,7 @@
   #:use-module (gnu packages gl)
   #:use-module (gnu packages glib)
   #:use-module (gnu packages gnome)
+  #:use-module (gnu packages golang)
   #:use-module (gnu packages gtk)
   #:use-module (gnu packages image)
   #:use-module (gnu packages libusb)
@@ -65,7 +67,8 @@
   #:use-module (guix build-system gnu)
   #:use-module (guix build-system python)
   #:use-module (guix download)
-  #:use-module ((guix licenses) #:select (gpl2 gpl2+ gpl3+ lgpl2.1 lgpl2.1+))
+  #:use-module ((guix licenses) #:select (gpl2 gpl2+ gpl3+ lgpl2.1 lgpl2.1+
+                                               asl2.0))
   #:use-module (guix packages)
   #:use-module (guix utils)
   #:use-module (srfi srfi-1))
@@ -772,3 +775,52 @@ monitor/GPU.")
    ;; This package requires SSE instructions.
    (supported-systems '("i686-linux" "x86_64-linux"))
    (license gpl2+)))
+
+(define-public runc
+  (package
+    (name "runc")
+    (version "1.0.0-rc5")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append
+                    "https://github.com/opencontainers/runc/releases/"
+                    "download/v" version "/runc.tar.xz"))
+              (sha256
+               (base32
+                "081avdzwnqpk368wbaihlzsypaxpj42d7699h7jgp0fks14x4103"))))
+    (build-system gnu-build-system)
+    (arguments
+     '(#:tests? #f                      ; FIXME: 20/139 tests fail.
+       #:test-target "localunittest"
+       #:phases
+       (modify-phases %standard-phases
+         (delete 'configure)            ; no 'configure' script
+         (replace 'build
+           (lambda _
+             (let* ((gopath (string-append (getenv "TMPDIR") "/go"))
+                    (srcdir (string-append
+                             gopath "/src/github.com/opencontainers/runc")))
+               (setenv "GOPATH" gopath)
+               (mkdir-p (dirname srcdir))
+               (copy-recursively (getcwd) srcdir)
+               (chdir srcdir)
+               ;; XXX: requires 'go-md2man'.
+               ;; (invoke "make man")
+               (invoke "make"))))
+         (replace 'install
+           (lambda* (#:key outputs #:allow-other-keys)
+             (let ((out (assoc-ref outputs "out")))
+              (invoke "make" "install" "install-bash"
+                      (string-append "PREFIX=" out))))))))
+    (native-inputs
+     `(("go" ,go)
+       ("pkg-config" ,pkg-config)))
+    (inputs
+     `(("libseccomp" ,libseccomp)))
+    (synopsis "Open container initiative runtime")
+    (home-page "https://www.opencontainers.org/")
+    (description
+     "@command{runc} is a command line client for running applications
+packaged according to the Open Container Initiative (OCI) format and is a
+compliant implementation of the Open Container Initiative specification.")
+    (license asl2.0)))
-- 
2.13.3

Message #8 received at 31237 <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: 宋文武 <iyzsong <at> member.fsf.org>
Cc: 31237 <at> debbugs.gnu.org
Subject: Re: [bug#31237] [PATCH] gnu: Add runc.
Date: Mon, 23 Apr 2018 00:08:25 +0200

Hello,

宋文武 <iyzsong <at> member.fsf.org> skribis:

> * gnu/packages/virtualization.scm (runc): New variable.

Nice!

> +(define-public runc
> +  (package
> +    (name "runc")
> +    (version "1.0.0-rc5")

If the actual release is going to be out soon, I’d be in favor of
waiting for it; an RC doesn’t sound great.  WDYT?

> +    (build-system gnu-build-system)

Would ‘go-build-system’ work better?  Or is it something of a hybrid
(apparently it has makefiles)?

> +    (arguments
> +     '(#:tests? #f                      ; FIXME: 20/139 tests fail.

Have you looked a bit into them, just to see if it’s one of the usual
things (/bin/sh, networking, etc.) or if it’s more involved?

> +               (invoke "make"))))

Perhaps honor (parallel-job-count).

> +    (synopsis "Open container initiative runtime")
> +    (home-page "https://www.opencontainers.org/")
> +    (description
> +     "@command{runc} is a command line client for running applications
> +packaged according to the Open Container Initiative (OCI) format and is a
                             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
An @uref would be nice.  :-)

Thanks!

Ludo’.

Message #11 received at 31237 <at> debbugs.gnu.org (full text, mbox):

From: Nils Gillmann <ng0 <at> n0.is>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 宋文武 <iyzsong <at> member.fsf.org>, 31237 <at> debbugs.gnu.org
Subject: Re: [bug#31237] [PATCH] gnu: Add runc.
Date: Sun, 22 Apr 2018 23:06:03 +0000

Ludovic Courtès transcribed 1.2K bytes:
> Hello,
> 
> 宋文武 <iyzsong <at> member.fsf.org> skribis:
> 
> > * gnu/packages/virtualization.scm (runc): New variable.
> 
> Nice!
> 
> > +(define-public runc
> > +  (package
> > +    (name "runc")
> > +    (version "1.0.0-rc5")
> 
> If the actual release is going to be out soon, I’d be in favor of
> waiting for it; an RC doesn’t sound great.  WDYT?

What I wanted to comment earlier from my experience packaging this:
I was advised to follow the docker suggestions, where the dependency
versions are known by recommended commit.

> > +    (build-system gnu-build-system)
> 
> Would ‘go-build-system’ work better?  Or is it something of a hybrid
> (apparently it has makefiles)?

Same question here, since my runc package so far (without testing) just builds,
with go-build-system.

> > +    (arguments
> > +     '(#:tests? #f                      ; FIXME: 20/139 tests fail.
> 
> Have you looked a bit into them, just to see if it’s one of the usual
> things (/bin/sh, networking, etc.) or if it’s more involved?
> 
> > +               (invoke "make"))))
> 
> Perhaps honor (parallel-job-count).
> 
> > +    (synopsis "Open container initiative runtime")
> > +    (home-page "https://www.opencontainers.org/")
> > +    (description
> > +     "@command{runc} is a command line client for running applications
> > +packaged according to the Open Container Initiative (OCI) format and is a
>                              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
> An @uref would be nice.  :-)
> 
> Thanks!
> 
> Ludo’.
> 
> 
> 

Message #14 received at 31237 <at> debbugs.gnu.org (full text, mbox):

From: iyzsong <at> member.fsf.org (宋文武)
To: Nils Gillmann <ng0 <at> n0.is>
Cc: Ludovic Courtès <ludo <at> gnu.org>, 31237 <at> debbugs.gnu.org
Subject: Re: [bug#31237] [PATCH] gnu: Add runc.
Date: Mon, 23 Apr 2018 11:25:51 +0800

Nils Gillmann <ng0 <at> n0.is> writes:

> Ludovic Courtès transcribed 1.2K bytes:
>> Hello,
>> 
>> 宋文武 <iyzsong <at> member.fsf.org> skribis:
>> 
>> > * gnu/packages/virtualization.scm (runc): New variable.
>> 
>> Nice!

>> 
>> > +(define-public runc
>> > +  (package
>> > +    (name "runc")
>> > +    (version "1.0.0-rc5")
>> 
>> If the actual release is going to be out soon, I’d be in favor of
>> waiting for it; an RC doesn’t sound great.  WDYT?

Sure, but it's not clear to me when the 1.0.0 release will be out...

>
> What I wanted to comment earlier from my experience packaging this:
> I was advised to follow the docker suggestions, where the dependency
> versions are known by recommended commit.

Okay, I have some ideas to use runc directly with rootfs bulit by guix,
I haven't looked into docker yet.

>
>> > +    (build-system gnu-build-system)
>> 
>> Would ‘go-build-system’ work better?  Or is it something of a hybrid
>> (apparently it has makefiles)?
>
> Same question here, since my runc package so far (without testing) just builds,
> with go-build-system.

Okay, I have to modify the unpack phase for the tarball. 

>
>> > +    (arguments
>> > +     '(#:tests? #f                      ; FIXME: 20/139 tests fail.
>> 
>> Have you looked a bit into them, just to see if it’s one of the usual
>> things (/bin/sh, networking, etc.) or if it’s more involved?

No I haven't, some fails are:

--- FAIL: TestFactoryNewTmpfs (0.00s)
	factory_linux_test.go:87: operation not permitted

FAIL	github.com/opencontainers/runc/libcontainer	0.047s
?   	github.com/opencontainers/runc/libcontainer/apparmor	[no test files]

--- FAIL: TestInvalidCgroupPath (0.00s)
	apply_raw_test.go:16: couldn't get cgroup root: mountpoint for cgroup not found
	apply_raw_test.go:25: couldn't get cgroup data: mountpoint for cgroup not found
panic: runtime error: invalid memory address or nil pointer dereference [recovered]

--- FAIL: TestValidateRootlessMountUid (0.00s)
	rootless_test.go:96: Expected error to not occur when uid= not set in mount options: rootfs (/var) does not exist
	rootless_test.go:106: Expected error to not occur when setting uid=0 in mount options: rootfs (/var) does not exist
	rootless_test.go:112: Expected error to not occur when setting uid=2 in mount options and UidMapping[0].size is 10

--- FAIL: TestValidateValidSysctl (0.00s)
	validator_test.go:229: Expected error to not occur with {net.ctl=ctl} but got: "rootfs (/var) does not exist"
	validator_test.go:229: Expected error to not occur with {kernel.msgmax=ctl} but got: "rootfs (/var) does not exist"
	validator_test.go:229: Expected error to not occur with {fs.mqueue.ctl=ctl} but got: "rootfs (/var) does not exist"

--- FAIL: TestNsenterValidPaths (0.01s)
	nsenter_test.go:65: nsenter exits with a non-zero exit status


Look like it need /var, network namespace and other things?  But thoes
are unittest (runc also has integrationtest target)...  Need more
investment.

>> 
>> > +               (invoke "make"))))
>> 
>> Perhaps honor (parallel-job-count).

Thanks for the tip!  Now I think it's not needed, since the target only
run one 'go build' command, so there is nothing to be executed
parallel...

>> 
>> > +    (synopsis "Open container initiative runtime")
>> > +    (home-page "https://www.opencontainers.org/")
>> > +    (description
>> > +     "@command{runc} is a command line client for running applications
>> > +packaged according to the Open Container Initiative (OCI) format and is a
>>                              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
>> An @uref would be nice.  :-)

Okay.

Pushed, thanks ludo and ng0 for the review!

Message #17 received at 31237 <at> debbugs.gnu.org (full text, mbox):

From: ludo <at> gnu.org (Ludovic Courtès)
To: iyzsong <at> member.fsf.org (宋文武)
Cc: Nils Gillmann <ng0 <at> n0.is>, 31237 <at> debbugs.gnu.org
Subject: Re: [bug#31237] [PATCH] gnu: Add runc.
Date: Mon, 23 Apr 2018 11:41:41 +0200

Hello,

iyzsong <at> member.fsf.org (宋文武) skribis:

> No I haven't, some fails are:
>
> --- FAIL: TestFactoryNewTmpfs (0.00s)
> 	factory_linux_test.go:87: operation not permitted
>
> FAIL	github.com/opencontainers/runc/libcontainer	0.047s
> ?   	github.com/opencontainers/runc/libcontainer/apparmor	[no test files]
>
> --- FAIL: TestInvalidCgroupPath (0.00s)
> 	apply_raw_test.go:16: couldn't get cgroup root: mountpoint for cgroup not found
> 	apply_raw_test.go:25: couldn't get cgroup data: mountpoint for cgroup not found
> panic: runtime error: invalid memory address or nil pointer dereference [recovered]
>
> --- FAIL: TestValidateRootlessMountUid (0.00s)
> 	rootless_test.go:96: Expected error to not occur when uid= not set in mount options: rootfs (/var) does not exist
> 	rootless_test.go:106: Expected error to not occur when setting uid=0 in mount options: rootfs (/var) does not exist
> 	rootless_test.go:112: Expected error to not occur when setting uid=2 in mount options and UidMapping[0].size is 10
>
> --- FAIL: TestValidateValidSysctl (0.00s)
> 	validator_test.go:229: Expected error to not occur with {net.ctl=ctl} but got: "rootfs (/var) does not exist"
> 	validator_test.go:229: Expected error to not occur with {kernel.msgmax=ctl} but got: "rootfs (/var) does not exist"
> 	validator_test.go:229: Expected error to not occur with {fs.mqueue.ctl=ctl} but got: "rootfs (/var) does not exist"
>
> --- FAIL: TestNsenterValidPaths (0.01s)
> 	nsenter_test.go:65: nsenter exits with a non-zero exit status
>
>
> Look like it need /var, network namespace and other things?  But thoes
> are unittest (runc also has integrationtest target)...  Need more
> investment.

Right.  For now I think we could skip all the tests above, with a
comment explaining the reason (/var, cgroups, and apparmor unavailable
in the build environment.)

Thank you!

Ludo’.

Message #22 received at 31237-done <at> debbugs.gnu.org (full text, mbox):

From: iyzsong <at> member.fsf.org (宋文武)
To: ludo <at> gnu.org (Ludovic Courtès)
Cc: 31237-done <at> debbugs.gnu.org
Subject: Re: [bug#31237] [PATCH] gnu: Add runc.
Date: Thu, 26 Apr 2018 09:39:58 +0800

ludo <at> gnu.org (Ludovic Courtès) writes:

> Hello,
>
> iyzsong <at> member.fsf.org (宋文武) skribis:
>
>> No I haven't, some fails are:
>>
>> --- FAIL: TestFactoryNewTmpfs (0.00s)
>> 	factory_linux_test.go:87: operation not permitted
>>
>> FAIL	github.com/opencontainers/runc/libcontainer	0.047s
>> ?   	github.com/opencontainers/runc/libcontainer/apparmor	[no test files]
>>
>> --- FAIL: TestInvalidCgroupPath (0.00s)
>> 	apply_raw_test.go:16: couldn't get cgroup root: mountpoint for
>> cgroup not found
>> 	apply_raw_test.go:25: couldn't get cgroup data: mountpoint for
>> cgroup not found
>> panic: runtime error: invalid memory address or nil pointer dereference [recovered]
>>
>> --- FAIL: TestValidateRootlessMountUid (0.00s)
>> 	rootless_test.go:96: Expected error to not occur when uid= not
>> set in mount options: rootfs (/var) does not exist
>> 	rootless_test.go:106: Expected error to not occur when setting
>> uid=0 in mount options: rootfs (/var) does not exist
>> 	rootless_test.go:112: Expected error to not occur when setting
>> uid=2 in mount options and UidMapping[0].size is 10
>>
>> --- FAIL: TestValidateValidSysctl (0.00s)
>> 	validator_test.go:229: Expected error to not occur with
>> {net.ctl=ctl} but got: "rootfs (/var) does not exist"
>> 	validator_test.go:229: Expected error to not occur with
>> {kernel.msgmax=ctl} but got: "rootfs (/var) does not exist"
>> 	validator_test.go:229: Expected error to not occur with
>> {fs.mqueue.ctl=ctl} but got: "rootfs (/var) does not exist"
>>
>> --- FAIL: TestNsenterValidPaths (0.01s)
>> 	nsenter_test.go:65: nsenter exits with a non-zero exit status
>>
>>
>> Look like it need /var, network namespace and other things?  But thoes
>> are unittest (runc also has integrationtest target)...  Need more
>> investment.
>
> Right.  For now I think we could skip all the tests above, with a
> comment explaining the reason (/var, cgroups, and apparmor unavailable
> in the build environment.)
>

Done, thank you!

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.