Add `features.md` and `features-linux.md`, to formalize the `runc features` JSON that was introduced in runc v1.1.0.
A runtime caller MAY use this JSON to detect the features implemented by the runtime.
The spec corresponds to https://github.com/opencontainers/runc/blob/v1.1.0/types/features/features.go
(opencontainers/runc PR 3296, opencontainers/runc PR 3310)
Differences since runc v1.1.0:
- Add `.linux.intelRdt.enabled` field
- Add `.linux.cgroup.rdma` field
- Add `.linux.seccomp.knownFlags` and `.linux.seccomp.supportedFlags` fields (Implemented in runc PR 3588)
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Adds a Go compiler matrix to CI for testing of latest Go versions.
Updates and pins to major version GitHub actions packages.
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
Otherwise, commands like "make install.tools" fail with:
$ make install.tools
go get -u github.com/golang/lint/golint
code in directory /<path>/github.com/golang/lint/golint expects import "golang.org/x/lint/golint"
The github repository says this URL should be used for go get. After
this patch, make install.tools works just fine.
Signed-off-by: Rodrigo Campos <rodrigo@kinvolk.io>
Go 1.10 was released on 2018-02-16 [1] and Go only supports the last
two major releases [2] (so currently 1.9 and 1.10). Besides ensuring
that we are compatible with the currently-maintained releases, this
will avoid our current test failure now that golint has dropped
support for Go 1.6 [3]:
$ make install.tools
go get -u github.com/golang/lint/golint
# golang.org/x/tools/go/internal/gcimporter
../../../golang.org/x/tools/go/internal/gcimporter/iimport.go:77: undefined: io.SeekCurrent
../../../golang.org/x/tools/go/internal/gcimporter/iimport.go:80: undefined: io.SeekCurrent
../../../golang.org/x/tools/go/internal/gcimporter/iimport.go:156: undefined: io.SeekCurrent
../../../golang.org/x/tools/go/internal/gcimporter/iimport.go:187: r.declReader.Reset undefined (type bytes.Reader has no field or method Reset)
../../../golang.org/x/tools/go/internal/gcimporter/iimport.go:226: r.declReader.Reset undefined (type bytes.Reader has no field or method Reset)
make: *** [.install.golint] Error 2
Quoting the versions in the Travis YAML is recommended to avoid them
being interpreted as floating point numbers [4].
[1]: https://golang.org/doc/devel/release.html#go1.10
[2]: https://golang.org/doc/devel/release.html#policy
[3]: https://travis-ci.org/opencontainers/runtime-spec/jobs/376692151#L469
[4]: https://docs.travis-ci.com/user/languages/go/#Specifying-a-Go-version-to-use
Signed-off-by: W. Trevor King <wking@tremily.us>
The only .PHONY entry we *need* is for schema/validate, since that's a
real file but we haven't told Make about its real dependencies (which
involve complicated Go lookups). I'm personally in favor of using
.PHONY for all targets that aren't on-disk files, because it hints to
readers that the rule is not generating a file at the target. But
there has been resistance to adding .PHONY entries to all such cases
(e.g. [1,2]), so this commit brings us around to a
internally-consistent "only use .PHONY when you always need it"
position.
That means that, for example, users who create files named 'clean'
will turn 'clean' the target into a no-op, but runtime-spec
maintainers are ok with that.
[1]: https://github.com/opencontainers/runtime-spec/pull/791#issuecomment-300369882
[2]: https://github.com/opencontainers/runtime-spec/pull/791#issuecomment-300612827
Signed-off-by: W. Trevor King <wking@tremily.us>
This slash gets added back on (e.g. $(OUTPUT_DIRNAME)/) in all the
places where a trailing slash matters.
Signed-off-by: W. Trevor King <wking@tremily.us>
With dash 0.5.7:
# make docs
/bin/sh: 1: test: 1.3.3: unexpected operator
/bin/sh: 1: test: 1.3.3: unexpected operator
/bin/sh: 1: test: 1.3.3: unexpected operator
Makefile:47: *** cannot build output//oci-runtime-spec.pdf without either pandoc or docker. Stop.
# command -V test
test is a shell builtin
POSIX defines '=' for string comparison [1]; the '==' form is a
Bashism.
SHELL was added in f3fdf03 (Makefile: prefer bash, 2016-05-25, #455)
to avoid these "unexpected operator" errors, but there's no reason to
require Bash when we can make the comparison's POSIX compliant.
[1]: http://pubs.opengroup.org/onlinepubs/9699919799/utilities/test.html
Signed-off-by: W. Trevor King <wking@tremily.us>
When this repo was only 'specs', then the generic name was not so bad.
But now there is also the oci-image-spec, so this lines up it's unique
name as well.
This also variablizes the output filename so it will be easier for
release specific names.
Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
Defaulting to whichever PANDOC is first in your path. This mirrors
the existing DOCKER handling. Folks who want to use the old path can
run:
$ make PANDOC=vbatts/pandoc ...
I'm not sure why 4ee036fc (*: printable documents, 2015-12-09, #263)
went with a variable for 'docker' but a hard-coded path for 'pandoc'.
I expect it was just oversight.
Signed-off-by: W. Trevor King <wking@tremily.us>
Reverting 7232e4b1 (specs: introduce the concept of a runtime.json,
2015-07-30, #88) after discussion on the mailing list [1]. The main
reason is that it's hard to draw a clear line around "inherently
runtime-specific" or "non-portable", so we shouldn't try to do that in
the spec. Folks who want to flag settings as non-portable for their
own system are welcome to do so (e.g. "we will clobber 'hooks' in
bundles we run") are welcome to do so, but we don't have to have
to split the config into multiple files to do that.
There have been a number of additional changes since #88, so this
isn't a pure Git reversion. Besides copy-pasting and the associated
link-target updates, I've:
* Restored path -> destination, now that the mount type contains both
source and target paths again. I'd prefer 'target' to 'destination'
to match mount(2), but the pre-7232e4b1 phrasing was 'destination'
(possibly due to Windows using 'target' for the source?).
* Restored the Windows mount example to its pre-7232e4b1 content.
* Removed required mounts from the config example (requirements landed
in 3848a238, config-linux: specify the default devices/filesystems
available, 2015-09-09, #164), because specifying those mounts in the
config is now redundant.
* Used headers (vs. bold paragraphs) to set off mount examples so we
get link anchors in the rendered Markdown.
* Replaced references to runtime.json with references to config.json.
[1]: https://groups.google.com/a/opencontainers.org/forum/#!topic/dev/0QbyJDM9fWY
Subject: Single, unified config file (i.e. rolling back specs#88)
Date: Wed, 4 Nov 2015 09:53:20 -0800
Message-ID: <20151104175320.GC24652@odin.tremily.us>
Signed-off-by: W. Trevor King <wking@tremily.us>
For now, just vet and lint. But would like to include the commit
validator, once a good range is selectable.
Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
So we have something to cite to avoid rehashing established decisions.
Provide some motivation and links to the backing discussion so folks
can re-open these if they have new information that wasn't covered in
the original decision.
Like the glossary (18734986, glossary: Provide a quick overview of
important terms, 2015-08-11, #107), I've used subsection titles for
each entry to get link anchors.
Signed-off-by: W. Trevor King <wking@tremily.us>
At the end of the list, to match its position in the README. This
catches #107 up with #263, which I'd missed during one of the #107
rebases.
Signed-off-by: W. Trevor King <wking@tremily.us>
I do not like having this build step of printable documentation
depending on pulling a container, but the pandoc+latex combo is a big
bundle. This is the minimal and cleanest approach for using these tools,
for now.
Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
