Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add bundle validate, using reflect to check omitempty #4

Closed
wants to merge 11 commits into from
Closed

add bundle validate, using reflect to check omitempty #4

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
667f2e1
add bundle validate, using reflect to check omitempty
liangchenye Jan 21, 2016
1f40975
fix message typo; replace validate by bvalidate
liangchenye Jan 24, 2016
92bda88
add validate to README.md
liangchenye Jan 24, 2016
2d277db
fix tab in README.md
liangchenye Jan 24, 2016
73f69bf
merge bundle validate with upstream
liangchenye Jan 24, 2016
bc8cb89
conflict merge REAME.md
liangchenye Jan 24, 2016
1697953
add contrib directory and mv get-stage3 to that
liangchenye Jan 27, 2016
fee7a5c
change back to bundleValidateCommand
liangchenye Jan 27, 2016
607ee90
rename to rootfs-builder
liangchenye Jan 28, 2016
0ad2df8
Merge pull request #17 from liangchenye/contrib
Feb 5, 2016
50ada03
add bundle validate as sub-command
liangchenye Feb 5, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 1 addition & 26 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,33 +8,8 @@ all:
install:
cp ocitools /usr/local/bin/ocitools

rootfs.tar.gz: rootfs/bin/echo
tar -czf $@ -C rootfs .

rootfs/bin/busybox: downloads/stage3-amd64-current.tar.bz2 rootfs-files
gpg --verify $<.DIGESTS.asc
(cd downloads && \
grep -A1 '^# SHA512 HASH' stage3-amd64-current.tar.bz2.DIGESTS.asc | \
grep -v '^--' | \
sha512sum -c)
sudo rm -rf rootfs
sudo mkdir rootfs
sudo tar -xvf downloads/stage3-amd64-current.tar.bz2 -C rootfs \
--no-recursion --wildcards $$(< rootfs-files)
sudo touch $@

rootfs/bin/echo: rootfs/bin/busybox
sudo sh -c 'for COMMAND in $$($< --list); do \
ln -rs $< "rootfs/bin/$${COMMAND}"; \
done'

downloads/stage3-amd64-current.tar.bz2: get-stage3.sh
./$<
touch downloads/stage3-amd64-*.tar.bz2

clean:
rm -f ocitools runtimetest downloads/*
sudo rm -rf rootfs
rm -f ocitools runtimetest

.PHONY: test .gofmt .govet .golint

Expand Down
54 changes: 16 additions & 38 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,22 @@ OPTIONS:
Arg2_index/Arg2_value/Arg2_valuetwo/Arg2_op
```

Validating OCI bundle
------------------------------------------

```
# ocitools bvalidate --help
NAME:
bvalidate - validate a OCI bundle

USAGE:
command bvalidate [command options] [arguments...]

OPTIONS:
--path path to a bundle

```

Testing OCI runtimes
------------------------------------------

Expand All @@ -68,41 +84,3 @@ validating rlimits
validating sysctls
Runtime runc passed validation
```

Building `rootfs.tar.gz`
------------------------

The root filesystem tarball is based on [Gentoo][]'s [amd64
stage3][stage3-amd64] (which we check for a valid [GnuPG
signature][gentoo-signatures]), copying a [minimal
subset](rootfs-files) to the root filesytem, and adding symlinks for
all BusyBox commands. To rebuild the tarball based on a newer stage3,
just run:

```
$ touch get-stage3.sh
$ make rootfs.tar.gz
```

### Getting Gentoo's Release Engineering public key

If `make rootfs.tar.gz` gives an error like:

```
gpg --verify downloads/stage3-amd64-current.tar.bz2.DIGESTS.asc
gpg: Signature made Thu 14 Jan 2016 09:00:11 PM EST using RSA key ID 2D182910
gpg: Can't check signature: public key not found
```

you will need to [add the missing public key to your
keystore][gentoo-signatures]. One way to do that is by [asking a
keyserver][recv-keys]:

```
$ gpg --keyserver pool.sks-keyservers.net --recv-keys 2D182910
```

[Gentoo]: https://www.gentoo.org/
[stage3-amd64]: http://distfiles.gentoo.org/releases/amd64/autobuilds/
[gentoo-signatures]: https://www.gentoo.org/downloads/signatures/
[recv-keys]: https://www.gnupg.org/documentation/manuals/gnupg/Operational-GPG-Commands.html
Loading