Commit Graph

23 Commits

Author SHA1 Message Date
Bruce Ashfield
08435d20b1 recipes/classes/scripts: Drop SRCPV usage
bitbake has been enhanced such that SRCPV is no longer needed in
PV to handle updating git hashes and task signatures.

We can simplify our PV by dropping SRCPV

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2023-08-24 01:38:21 +00:00
Bruce Ashfield
2119189361 treewide: bulk update patches with status field
While the insane.bbclass upstream-status check hasn't been made
default, users of meta-virtualization may have it enabled in their
distros .. so the effect is the same. We must have this tracking
tag in out patches.

This is a bulk update to add the tag and silence the QA message.

As packages get updated, the normal/routine process of checking
the patches will continue, and the status fields may (or may not)
get more useful.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2023-01-27 10:32:06 -05:00
Bruce Ashfield
1242b97f7f oci-runtime-tools: fix TMPDIR references
The structure of the source code layout that was used by
this recipe required symlinking subirectories of the source
into a location that would be searched by go. While this
fixes the build, and produces a working binary, go stores
the location into the binary itself. Those stored paths
reference the build directory, making the result not
reproducible.

With this change, we create an alternate structure that
doesn't require symlinking and allows go to find the
components during build. This results in a simpler recipe
and binaries without TMPDIR references.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2022-09-14 20:34:11 -04:00
Bruce Ashfield
0b0718efc1 oci-runtme-tools: fix TMPDIR references
pass -trimpath to remove most TMPDIR referneces.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2022-09-14 14:48:43 -04:00
Chen Qi
08d50052be oci-runtime-tools: adjust GOROOT, CGO_CFLAGS and CGO_LDFALGS
Adjust the GOROOT setting as directory specified by the original
one does not exist.

The CGO_CFLAGS and CGO_LDFLAGS should use target flags instead
of the nativesdk ones.

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2022-06-20 12:09:46 -04:00
Bruce Ashfield
cbf5766d78 oci-runtime-tools: update to 0.9.0
Along with the commit summary below, we have the following changes:

  - refresh the GO cross compiler patch context
  - add new go dependency package symlinks
  - only build the 'tool', since that is all we need
  - fix the build error of:

          cannot find package runtime/cgo (using -importcfg)
                  ...
                 recipe-sysroot-native/usr/lib/aarch64-poky-linux/go/pkg/tool/linux_amd64/link:
                 cannot open file : open : no such file or directory

    by setting the GO_BUILD_FLAGS appropriately for our static and -pie
    configuration

Bumping runtime-tools to version v0.9.0-75-g0105384, which comprises the following commits:

    8927281 Add syscall "statx" in seccomp to fix Operation not permitted
    a202491 spec generator support setting unified
    30cecc1 validation/linux_rootfs_propagation: fix
    10d2584 runtimetest: validateRootfsPropagation: fixes
    8b26e24 validate: rm Clean() arguments
    3fb1264 validation: fix Cleanup
    14cd51e Makefile: replace TAP with TAPTOOL
    adcb290 Fix hanging on runc create.
    5ce2cac cmd/runtimetest: fix NewPid deprecation warning
    8e1a3b5 deps: bump github.com/syndtr/gocapability to latest
    543268b deps: github.com/hashicorp/go-multierror to v1.1.1
    4b164a1 deps: bump github.com/opencontainers/selinux to v1.9.1
    ee9c051 deps: bump github.com/mrunalp/fileutils to v0.5.0
    01a6f47 deps: bump sirupsen/logrus to v1.8.1
    abcb94d deps: switch to google/uuid
    2253869 validation/.gitignore: fix
    953e752 MAINTAINERS: add @kolyshkin
    221e5ea deps: bump github.com/xeipuuv/gojsonschema to v1.2.0
    67884fc validate: prepare for new xeipuuv/gojsonschema
    09d837b Change /dev to be mounted by default with /noexec
    10c865d ci: re-add commit subject length validation
    a22a894 ci: add golangci-lint run
    a7cecde Add*Hook: do not return errors
    c0037c9 runtimetest: silence errlint on unix.Unmount
    9505f16 Explicitly ignore errors from YAML
    fec9c3c validation: fix Clean
    0ab61ae validation: fix/rename ReadStandardStreams
    6f4b5ba validate: fix staticcheck linter warning
    6a9ad7c runtimtest: fix validatePosixMounts
    44e9496 Fix "addr cannot be nil" staticcheck linter warnings
    d38bd63 Fix deprecation warnings from staticcheck linter
    1826c32 Fix gosimple linter warnings
    e36f98f Fix deadcode linter warnings
    112c88c Makefile: use fancy git commit ids
    16dfbbd Makefile: add/use BUILD_FLAGS
    5432bc4 ci: replace travis with gha ci
    fab664e Makefile: rm gofmt and golint, simplify gotest
    98b2d35 Run make .gofmt
    0e5956d Switch from Godeps to go modules
    71a5e7c generate: add --linux-intelRdt-closid option
    4f51ef9 validation: read pid in PostCreate
    6502e57 Fix build of hugetlb tests on 32-bit platforms
    10f8f55 generate: fix type for Umask
    8f1e958 Remove spurious WARNING message
    43243fe Add missing interface to set init processes Umask
    120c67a AddDevice(): better diagnostic when creating dup
    2affd45 Add missing clone rule for s390x.
    be9f6f1 Update hugetlb tests to be more portable
    5a98426 Fix cgroup hugetlb size prefix for kB
    cd1349b Improve performance of AddProcessEnv
    73e9a99 update Mashimiao email in MAINTAINERS
    ee63cfa release v0.9.0
    0d022f7 Makefile: add rule to print validation-tests
    6212483 delete: reduce check waiting time
    3abdc1f kill: cleanup container on error
    4db38e4 oci: kill process before delete
    1c40e59 seccomp: add TAP plan to the output
    dd39124 validate: check mount label only for bind mounts
    6fd7866 misc: use different objects for the different tests
    e83ba34 capabilities: correctly add not existing capability
    9585ecb adding security and CoC links
    6dae2f0 Simplified code
    2e8216d validation: add apparmorProfile validation
    b113b38 runtimetest: add apparmorProfile validation
    743b0b3 validation: add mountLabel validation
    3bc60a4 Windows: Typos and incorrect defaults
    20302da add selinux deps
    555c03d validate: add mountlabel validation
    a2df8d9 runtimetest: add mountlabel validation
    b90e5bc generate: add oci-version option
    00f6e86 Modify the corresponding test according to hashicorp/go-multierror v1.0.0.
    b005481 Godeps: update hashicorp/go-multierror
    1f0579c hack: drop -dev from runtime-spec version
    b1c11da fix up vm parameters
    9f6de4d generate: add process-cap-drop option
    192a8eb generate: add process-cap-add option
    575c8a0 man: Add some instructions and examples to some commands.
    9f55c07 generate: fix capabilities add/drop option
    3fc5fcb generate: Verify the input values
    146c5ee generate: add vm-image-format option
    f5e59a3 generate: add vm-image-path option
    0cd6663 generate: add vm-kernel-initrd option
    3e43643 generate: add vm-kernel-parameters option
    fc0fc84 generate: add vm-kernel-path option
    73f6711 generate: add vm-hypervisor-parameters option
    9b1de8c generate: add vm-hypervisor-path option
    e980d2f generate: add windows-devices option
    f5556a8 update to golang 1.11
    58f2a15 Initialize Config Windows Network
    a4a33d4 release v0.8.0
    c291c2a Add generate.New support for Windows.
    2974f2e readme: fix wrong filepath
    fb101d5 Expose Windows namespace
    4615fa4 /proc should be mounted with nosuid, noexec, nodev to match the host
    30a03ab Fix test
    c48ee5c Vendor in windows runtime-spec changes
    d5be152 validation: mounts: fix condition of source & type check
    069db1a validation tests: use new RuntimeInsideValidate
    270145a RuntimeInsideValidate: can now be called several times
    4b49cba devel guidelines: update TAP documentation
    caa32a1 validation: Implement DeleteOnlyCreatedRes
    e86b898 MAINTAINERS: remove philips
    dcadcca Makefile: add generate to gotest
    ae94592 release v0.7.0
    6c943e8 validation: Implement DeleteResImplement
    fab1de6 validation: use t.Fail when checking for main test errors
    06591d3 travis: add go 1.10
    68b7caa mountinfo: parse empty strings in source
    a6e6aff validation: check for masked block, char devices, fifo
    99c5e91 validation: check for invalid symlink inside container
    234933b validation: check for a masked relative path
    303ae30 validation: check for read-only block, char devices, fifo
    e60cd06 validation: check for invalid symlink inside container
    5dd461f validation: check for a read-only relative path
    d9febe1 validation: more test cases for masked paths tests
    91f2983 validation: more test cases for readonly paths tests
    e2d34c1 validation: add more test cases for private & slave propagations
    94f1f84 validation: squash rootfs propagation tests into a single file
    708de67 runtimetest: improve logic for checking for file modes
    2c9b929 runtimetest: correctly check for a readable directory
    0a7749a validation: test with different test cases for hugetlb cgroups
    ef113d1 validation: add different test cases for blkio cgroup tests
    cf9decf validation: add more test cases for linux_cgroups_network
    acaa992 validation: test linux_cgroups_cpus with different values
    871f0eb validation: test linux_cgroups_memory with different values
    279a194 validation: allow RuntimeOutsideValidate to take a tap parameter
    58ea84a fix some misspells
    c887efb fix generate test in calling generate.New
    cf7b786 README: fix broken links to documentation
    cd3faf9 validation: fix nil dereference when handling multierror in hooks_stdin
    1fb00d9 validation: use helper util.GetRuntimeToolsNamespaces()
    0f52f9a validation: add a new test for NSPathMatchTypeError
    ad0e97e validation: exclude user namespaces and cgroup namespaces
    f64bed2 validation: add more signals to killsig test
    613c5de runtimetest: check if /dev/ptmx is a symlink to /dev/pts/ptmx
    582a909 validation: test validation test with an empty hostname
    1ceca9e validation: use rfcError instead of specerror
    a90cd2b validation: print out correct diagnostics based on specError
    23c9a51 validation: sync with unshare by using select & time ticker
    e132d37 validation: kill child processes by setting process groups
    73358a3 validation: fix a bug when passing in namespace strings
    c5c1422 validation: add test for NSProcInPath
    1794938 validation: add cgroup devices validation
    7c6996f check the status of the state passed to hooks over stdin
    6cc92d0 validation: fix nil deferences in cpu & blkio cgroups tests
    1c243a8 release v0.6.0
    ef75900 validation/kill_no_effect: fix bug
    3e3094d Add cgroupsPath validation
    f7dd673 cgroups_v1: Correction parameters
    2640f5c travis: fix fetch issue of golint
    e830fa3 validation: split out pringDiag from testNamespaceInheritType
    1ac1c02 validation: split out pringDiag from testNamespaceNoPath
    7992f01 specerror: Add NewRFCError and NewRFCErrorOrPanic
    d165658 validation: add more values for rlimits test
    9152ff4 validation: create: don't skip errors on state
    cc8ab2e doc: add developer guidelines
    d7985e3 validation: add a new test for NSInheritWithoutType
    5ce0ff8 validation: add a new test for NSNewNSWithoutPath
    14e621c bash: add os
    5d2dc61 validation: Implement ConfigUpdatesWithoutAffect
    84a62c6 generate: Move Generator.spec to Generator.Config
    2e6f6ab generate: Respect runtime.GOOS when generating default template
    1917b8c validate: With --host-specific, compare config platform vs. runtime
    e1ad3f0 README: Update to reflect granular TAP output
    4b888f2 runtimetest: Use ModeType as the mask in the symlink check
    732d438 validation: Use non-empty files in masked/readonly tests
    20a71e4 runtimetest: Make TAP output more granular
    b4014f8 validation/test-yaml: Drop this local experiment
    7f50875 docs/command-line-interface: Require complete runtime coverage
    fc1bcf5 fix process_user validation
    7c5f941 generate: add process-username option
    83d367b validation: add process_user validation
    0ddb5cd kill stopped container generate error
    73964f2 add hooks stdin test
    a79a1cb add test case for KillNonCreateRunHaveNoEffect
    ff399f1 contrib/rootfs-builder: Use $(cat rootfs-files)
    0f3cf9d validation: LinuxUIDMapping: fix tests
    984dbc8 Fix error messages in validation cgroup tests
    d5630f7 validation: Implement ProcArgsApplyUntilStart
    82836c8 validate: mv deviceValid to validate_linux
    e99b47e Implement DevicesErrorOnDup
    9e919c6 runtimetest: fix root readonly check
    c9b4d66 runtimetest: count correctly TAP tests
    a7f94a2 rootfs-386.tar.gz: Add with BusyBox v1.28.0
    be8811c contrib/rootfs-builder: Support xz (and other) compression formats
    eea2bc9 contrib/rootfs-builder: Support timestamps in stage3 dates
    141f9ea contrib/rootfs-builder: Don't hit latest-stage3 when STAGE3 is supplied
    4dfca7a contrib/rootfs-builder: add /proc, /dev, /sys in rootfs
    b5e5322 contrib/rootfs-builder: fix busybox link list
    79ae4aa validation: run CLI with correct argument order
    e43d1ff return ErrorOrNil in bundle validate
    4e999f2 runtimetest: fix uid_map parsing
    d412a17 Fix condition in BlockIO test
    8e42ca5 Add system validation
    4e8dc67 add annotation and prop tests
    ac12f97 Implement PosixProcRlimitsTypeGenError and LinuxProcCapError
    0ec9fe6 validation: Add system validation
    3401d41 validate: CheckLinux is platform dependent
    0451545 validate: allow non-linux compatibility
    536b713 Implement PosixProcRlimitsSoftMatchCur and PosixProcRlimitsHardMatchMax
    198b3ff add 'delete' testcases
    b456bda validation: Add error judgment to SetConfig
    1cbf66a check RootOnWindowsRequired
    e2fbc1b generate/seccomp: platform independent values
    55d7e14 implement kill tests
    899a400 generate: fix handling of permitted caps drop
    4902e9c implement start operation tests
    86869d1 validation: Increase err judgment
    4947839 validation: implement PosixHooksCalledInOrder test
    f48ae22 validate_test: add weightDevice test
    27acd46 implement DefaultStateJSONPattern test
    b25ef0d validate: implement DevicesErrorOnDup
    87c5e52 release v0.5.0
    e211fb5 validate: add logrus.Debugf to CheckJSONSchema
    fb9511d validate: Add a non-nil test to CheckMandatoryFields
    9177741 add tests when prestart/poststart/poststop hooks fail
    5cbd8c7 don't overwrite hook which has a same path
    9dca840 validate: add weightDevice validation
    78fdf66 validate_test: Complement test
    4fdf325 nil config support in lifecycle validate
    09ddc02 add lifecycle validation
    be390c4 change two LGTMs requirement to one
    696b805 waiting until the container stopped in inside validation
    ed2a4b3 add 'state' test
    c76062f validation: Remove runc 'create' exit timing crutches
    d8d2396 validation/util/container: Use ExitError for stderr
    5e8b51e Add lifecycle testing function; Add pidfile test. Fixes #556
    17486b4 Relax LGTM acquirement for PullApprove
    0909a7f release v0.4.0
    b5a43d1 validation/util/container: Use --bundle (and stop requiring BundleDir)
    8769602 validate_test: add TestCheckMandatoryFields
    7815111 cmd/runtimetest/main: Run validateDefaultDevices even with process unset
    6ae0867 README: Link to the runtime API docs
    fb19ae1 cmd/runtimetest/main: Loop for DRYer validateCapabilities
    e85081a Makefile: Clearer warning on missing validation executable(s)
    0c2e37e validation/util/container: Use a local UUID for stdout/stderr
    a12de42 validation/create: Label the state ID comparison test
    b880d57 *: Transition from tap Diagnostic(...) to YAML(...)
    0c66fe9 vendor/github.com/mndrix/tap-go: Bump to 629fa407
    7a4cb36 docs/command-line-interface: Add Runtime CLI Spec (#321)
    c2f774c validation: add mount validation
    625e232 Hooks should be passed in as rspec.Hook, not as a string.
    48b7f56 Modify the legal value of the rootfs-propagation
    5bb8754 runtimetest: add validateSeccomp
    9144f82 generate: add windows-servicing option
    ef277d6 generate: add windows-resources-storage option
    4068d38 generate: add windows-resources-memory-limit option
    93b5f72 generate: add windows-resources-cpu option
    b285305 generate: add windows-network option
    6a71d30 generate: add windows-layer-folders option
    e9507da generate: add windows-ignore-flushes-during-boot option
    df629e3 generate: add windows-hyperv-utilityVMPath option
    8397b70 Add interface to remove mounts.
    e266af5 generate: modify the function return value
    e996b69 generate: add solaris-milestone option
    fc48567 generate: add solaris-max-shm-memory option
    3bca692 generate: add solaris-limitpriv option
    4a9f3fa generate: add solaris-capped-memory-swap option
    c9ef766 generate: add solaris-capped-memory-physical option
    61884ee generate: add solaris-capped-cpu-ncpus option
    01cf5e7 generate: add solaris-anet option
    6f10352 AddMounts should be AddMount you are only adding a single Mount
    9bcbe83 Recursive propagation flags should be legal to use
    3bd8d43 validation/linux_cgroups_*: Generate TAP output
    c94875e validation/util/test: Fix 'start' -> 'create' typo in error message
    1094856 validation/util: Generic RuntimeOutsideValidate API
    612c315 validate_test: perfect TestJSONSchema
    8fb3e83 Add validation when host-specific is set
    9db5ddf validate: change platform default value
    8a09ee1 generate: Use non-null validation instead of initialization
    10ede2c validate: Add a double guards to the call of the verification function
    2f21180 filepath/clean: Add Windows support
    17ce13a filepath/abs_test: Compare IsAbs with the standard library
    60df768 filepath/clean_test: Compare with the standard library
    f2e8be2 filepath/clean: Avoid a panic on abs-path with trailing ..
    eb2ffab filepath/clean: Handle 'a/..' -> '.' case
    4b20ce2 validate: fix CheckHooks
    4d0a011 validate: fix CheckCapabilities
    45068ce validate_test: add TestCheckHooks
    34f773a validate_test: add TestCheckPlatform
    7c09b4c add relative cgroupath test
    1aebc09 update to support relative cgrouppath test
    6351044 add cgroup network test for runtime
    72e67e5 add cgroup pids test for runtime
    b712995 add cgroup cpus test for runtime
    f1e02ff add cgroup blkio test for runtime
    432615a add cgroup hugetlb test for runtime
    4a57b0f add cgroup memory test for runtime
    07118a8 add runtimeOutsideValidate
    9a56096 add cgroups package
    0d75257 validate: remove duplicate verification
    229722a validate_test: add TestCheckLinux
    e7ee761 remove kernel limit for id mappings
    f7b8c7e fix idmappings test
    53da048 generate: add linux-intelRdt-l3CacheSchema option
    ad47e7d Makefile: Change from prove to node-tap
    0a919c0 validation/util/container: Remove bundle even if delete fails
    e11b77f validation: Use prove(1) as a TAP harness
    721fbce solve conflicting option problem
    e409855 man: small fixs
    58374ae remove --mount-cgroups option
    74d6245 man: add manpage for option --mounts-add
    6e78ff2 support json value for hooks
    1c2dca0 generate: Move generate_test.go from validation
    9422eec cmd/runtimetest/main: Use TAP diagnostics for errors
    ca332ae runtimetest: fix nil dereference
    cdf38ca validate: fix nil deference
    3e82a0a add all left behind container inside tests
    9a69e14 add preFunc
    39f3f74 runtimetest: add host platform validation
    7026311 runtimetest: add rootfs propagation test
    adf1844 generate: fix error return
    d327e0b generate: fix DropProcessCapability*
    b5c45de generate: remove redundant code
    5557d36 add more test cases for default runtime validation
    9f47cbe remove debug info
    68e7720 generate: change process-tty to process-terminal
    045bc5f generate: fixed seccompSet
    8765570 runtimetest: add posixValidations
    45b2686 runtimetest: add validateUser
    cc5bf05 runtimetest: fix process validation
    6c98b46 runtimetest: Raise ConfigInRootBundleDir for missing config.json
    95e0d95 runtimetest: Make validateRlimits silent on Windows
    2746c06 move validateRlimits to defaultValidations
    3c9cdc5 runtimetest: fix error return
    630f06a validate_test: add cwd check to TestCheckProcess
    3a46197 add version file
    e08f842 release v0.3.0
    90ace62 translate RFC errors
    a171213 redefine error code as int64
    3a97b98 translate more RFC errors based on specerror
    87d3df2 complete RFC codes of runtime.md
    ccef443 generate: add mounts related option
    64c5ef8 complete specerror of config-linux.md config-windows.md
    6df06d9 validation: add a generate smoke-test
    a6f475f config: correct rootfs default
    de08605 validate: allow unset "type" fields in resource devices whitelist
    7553161 validate: Soften unrecognized rlimit types to SHOULD violations
    b446e38 add specerror framework; complete rfc errors of bundle.md and config.md
    19b061c generate: fix nil deference
    6d2dbbc runtimetest: fix nil deference
    0b49b01 man: fix typo
    6089f63 specerror: Add SplitLevel helper
    a9dbd7e cmd/oci-runtime-tool: Implement --compliance-level
    286d437 fix compile issue
    310bac8 bash: fix commands
    6dabb9b generate: fix rootfs-propagation
    93ba5a2 bash: fix rootfs-propagation
    4beb2a6 validate: fix cap validation
    ed4adc3 travis: update go versions
    19ae238 CHANGELOG: Document changes since v0.1.0
    f172006 release: v0.2.0
    c3c8c02 rootfs-386.tar.gz: Add with BusyBox 1.25.1
    894cae7 validate/validate: Linux rlimits extend the POSIX rlimits
    6367e88 validation: Support per-architecture tarballs
    ff5e578 contrib/rootfs-builder: Support multiple architectures
    a94f1f6 contrib/rootfs-builder/Makefile: Ignore previous symlinks
    8635532 contrib/rootfs-builder/Makefile: Raise errors from echo recipe
    4f756fd Specific cap-drop command
    ea55f9d Specific cap-add command
    5cb6c48 rootfs.tar.gz: Bump to BusyBox 1.25.1
    1a9532e generate: remove redundant content
    567f1aa validate: add root.path validation when platform is windows
    2cbb341 validate/validate_test: Add linux.rootfsPropagation checks
    6e7da81 validate/validate_test: Better error messages for unexpected JSON Schema errors
    4a705c6 validate/validate_test: Handle JSON Schema test not raising an error
    16be985 validate: Delete the extra validation
    b3fc8fe validate: add the validation of rlimit.type when platform is solaris
    24a2327 validate: modify the condition of the deviceValid
    cf64923 filepath: Add a stand-alone package for explicit-OS path logic
    fa9842c Add manpages and bash-completion for --device-access-add and --device-access-remove
    7f09e1b generate: add --device-access-add and --device-access-remove option
    a9c6787 generate: support blkio related options

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2022-03-21 17:31:29 -04:00
Bruce Ashfield
108e089f7e global: update licence values to SPDX values
These changes are the result of running the convert-spdx-licenses.py
oe-core script.

There's no impact to the build, but we will avoid issues when
interacting with core QA by the alignment.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2022-02-18 13:07:10 -05:00
Bruce Ashfield
0a7ae8bc50 global: convert github SRC_URIs to use https protocol
github is removing git:// access, and fetches will start experiencing
interruptions in service, and eventually will fail completely.

bitbake will also begin to warn on github src_uri's that don't use
https. So we convert the meta-virt instances to use protocol=https
(done using the oe-core contrib conversion script)

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2021-11-02 09:57:03 -04:00
Bruce Ashfield
ac399ad091 global: add explicit branch to all SRC_URIs
As introduced in the oe-core post:

  https://lists.openembedded.org/g/openembedded-core/message/157623

SRC_URIs without an explicit branch will generate warnings, and
eventually be an error.

We run the provided conversion script to make sure that meta-virt
is ready for the change.

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2021-11-02 09:57:03 -04:00
Bruce Ashfield
d876cfc5bf global: overrides syntax conversion
OEcore/bitbake are moving to use the clearer ":" as an overrides
separator.

This is pass one of updating the meta-virt recipes to use that
syntax.

This has only been minimally build/runtime tested, more changes
will be required for missed overrides, or incorrect conversions

Note: A recent bitbake is required:

    commit 75fad23fc06c008a03414a1fc288a8614c6af9ca
    Author: Richard Purdie <richard.purdie@linuxfoundation.org>
    Date:   Sun Jul 18 12:59:15 2021 +0100

        bitbake: data_smart/parse: Allow ':' characters in variable/function names

        It is becomming increasingly clear we need to find a way to show what
        is/is not an override in our syntax. We need to do this in a way which
        is clear to users, readable and in a way we can transition to.

        The most effective way I've found to this is to use the ":" charater
        to directly replace "_" where an override is being specified. This
        includes "append", "prepend" and "remove" which are effectively special
        override directives.

        This patch simply adds the character to the parser so bitbake accepts
        the value but maps it back to "_" internally so there is no behaviour
        change.

        This change is simple enough it could potentially be backported to older
        version of bitbake meaning layers using the new syntax/markup could
        work with older releases. Even if other no other changes are accepted
        at this time and we don't backport, it does set us on a path where at
        some point in future we could
        require a more explict syntax.

        I've tested this patch by converting oe-core/meta-yocto to the new
        syntax for overrides (9000+ changes) and then seeing that builds
        continue to work with this patch.

        (Bitbake rev: 0dbbb4547cb2570d2ce607e9a53459df3c0ac284)

        Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2021-08-02 17:17:53 -04:00
Bruce Ashfield
7aee7a31ed oci-runtime-tools: export GO111MODULE=off
With the latest go version bump in oe-core export GO111MODULE is
on by default. Our build is not setup to use go modules, so we
disable it and avoid configuration errors:

  no required module provides package ... : working directory is not part of a module

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2021-03-01 15:57:20 -05:00
Bruce Ashfield
f567afae0a oci-runtime-tools: fix 32bit ARM build
With oe-core commit c23f9e80492e4b [tcmode-default: use
go-binary-native by default], we must explictly call the proper
cross go binary, versus just the go-native variant.

These builds were working by luck, since the go compiler was capable
of building the target binaries previously (in its build-from-source
creation). We fixup the calls and we no longer see fpu build issues:

 fatal error: gnu/stubs-soft.h: No such file or directory

    7 | # include <gnu/stubs-soft.h>
      |           ^~~~~~~~~~~~~~~~~~

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2020-07-01 12:43:16 -04:00
Changqing Li
5e20120aa7 oci-runtime-tools: fix do package qa warning
1. After security flag PIE is enabled by default, we might met
below QA warning on some arch, like aarch64, fix it by skip
textrel QA check refer commit b689c72a of oe-core

oci-runtime-tools-0.1.0+gitAUTOINC+6e7da8148f-r0 do_package_qa: QA Issue:
ELF binary 'work/aarch64-poky-linux/oci-runtime-tools/0.1.0+gitAUTOINC+6e7
da8148f-r0/packages-split/oci-runtime-tools/usr/sbin/oci-runtime-tool'
has relocations in .text [textrel]

2. This problem is caused since security_flags.inc is used by default.
   so alternative work around is:
      SECURITY_CFLAGS_pn-oci-runtime-tools = "${SECURITY_NOPIE_CFLAGS}"
      SECURITY_LDFLAGS_pn-oci-runtime-tools = ""

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
2018-10-11 14:35:06 -04:00
Bruce Ashfield
6c3a6c31cc oci-runtime-tools: fix multi hook specification
The following commit:

   commit df3a46feb971386f922c7c2c2822b88301f87cb0
   Author: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
   Date:   Tue Aug 1 17:39:39 2017 +0800

    implement add/set function for hooks items

    Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>

Breaks the ability to specify multiple hooks with the same path
(i.e. a shell script that does different things based on arguments).

The author's intent with the change is unclear, so rather than fix
it, we revert it for now.

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
2017-09-20 23:56:25 -04:00
Bruce Ashfield
4557a1b286 oci-runtime-tools: update to 0.1.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
2017-09-20 11:01:28 -04:00
Jason Wessel
01a8d45370 nets, docker, runc, oci-*tools: go.bbclass compile fixes
Recently in the oe-core the go.bbclass changed and requires the
defition of the GO_IMPORT variable.  This was intended to simplify how
the compilation works with go packages and it is still a work in
progress.

This patch set makes the recipes compatible to generate the same end
result as before using the new go.bbclass from oe-core.

Any patches that were included in the recipes had to have the paths
adjusted because the new go.bbclass manipulates the notion of S to be
S + "src" + "$GO_IMPORT" internally for the purpose of unpack, patch
and compile.

Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
2017-09-14 09:49:00 -04:00
Bruce Ashfield
b7e1fc9745 oci-runtime-tools: skip ld checks
The latest oci-runtime-tool builds are throwing the missing GNU_HASH
error during QA checks.

This is common with go applications, and isn't a problem, so for now,
we simply skip the check.

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
2017-07-13 22:37:35 -04:00
Jason Wessel
a31f735bda oci-runtime-tools, oci-runtime-spec: Uprev to runc 1.0-rc3 versions
The config.json has elements which have changed in the latest runc.
These changes are not backward compatible with older versions of runc.

Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
2017-07-13 13:53:58 -04:00
Mark Asselstine
a20d51d5c6 housekeeping: swap out go-osarchmap in favor of goarch
Continue work to use go infra in oe-core instead of the support for go
previously found in meta-virt. This is a 1:1 drop in replacement and
removes one more go piece from meta-virt in favor of the common
support found in oe-core.

Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
2017-04-11 23:09:01 -04:00
Khem Raj
a8e3eddaec recipes-containers: set GOROOT
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
2017-03-21 08:22:32 -04:00
Bruce Ashfield
7d66b0cc41 go: replace explicit go-cross* with inherit go bbclass
Rather than expliciting depending on go-cross-${TARGET_ARCH}, we
can now simply inherit the oe-core go bbclass. This gets us the
correct go dependencies and other variables properly set.

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
2017-03-20 23:15:01 -04:00
Mark Asselstine
2ef58c264b go-cross: add ${TARGET_ARCH} to PN
Since we are building a cross tool which produces something which is
ARCH specific we should stick to the <toolname>-cross-<arch> naming
convention. A variant of this patch has been floating around for a
while but with the changes around per recipe sysroots, distributed
builds, shared builds... we are best served to adopt this convention
now.

Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
2017-02-09 09:14:27 -05:00
Bruce Ashfield
8753a622f1 oci: introduce runtime tools
The oci runtime uses config.json to configure and control containers.
Most of that file can be generated via the oci runtime tools.

With this package we can generate container configurations dynamically
on the target.

Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
2016-11-21 15:58:33 -05:00