mirror of
https://github.com/opencontainers/runc.git
synced 2026-07-11 06:03:57 +08:00
Merge pull request #4313 from kolyshkin/1.1-backport-4292
[1.1] Support Go 1.22, bump some CI deps
This commit is contained in:
+12
-13
@@ -21,7 +21,7 @@ jobs:
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
go-version: [1.17.x, 1.20.x, 1.21.x]
|
||||
go-version: [1.17.x, 1.21.x, 1.22.x]
|
||||
rootless: ["rootless", ""]
|
||||
race: ["-race", ""]
|
||||
criu: [""]
|
||||
@@ -35,7 +35,7 @@ jobs:
|
||||
steps:
|
||||
|
||||
- name: checkout
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: install deps
|
||||
if: matrix.criu == ''
|
||||
@@ -46,13 +46,13 @@ jobs:
|
||||
curl -fSsLl $REPO/Release.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_tools_criu.gpg > /dev/null
|
||||
echo "deb $REPO/ /" | sudo tee /etc/apt/sources.list.d/criu.list
|
||||
sudo apt update
|
||||
sudo apt install libseccomp-dev criu sshfs
|
||||
sudo apt -y install libseccomp-dev criu sshfs
|
||||
|
||||
- name: install deps (criu ${{ matrix.criu }})
|
||||
if: matrix.criu != ''
|
||||
run: |
|
||||
sudo apt -q update
|
||||
sudo apt -q install libseccomp-dev sshfs \
|
||||
sudo apt -qy install libseccomp-dev sshfs \
|
||||
libcap-dev libnet1-dev libnl-3-dev \
|
||||
libprotobuf-c-dev libprotobuf-dev protobuf-c-compiler protobuf-compiler
|
||||
git clone https://github.com/checkpoint-restore/criu.git ~/criu
|
||||
@@ -60,9 +60,10 @@ jobs:
|
||||
rm -rf ~/criu
|
||||
|
||||
- name: install go ${{ matrix.go-version }}
|
||||
uses: actions/setup-go@v4
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version: ${{ matrix.go-version }}
|
||||
check-latest: true
|
||||
|
||||
- name: build
|
||||
run: sudo -E PATH="$PATH" make EXTRA_FLAGS="${{ matrix.race }}" all
|
||||
@@ -99,12 +100,12 @@ jobs:
|
||||
# However, we do not have 32-bit ARM CI, so we use i386 for testing 32bit stuff.
|
||||
# We are not interested in providing official support for i386.
|
||||
cross-i386:
|
||||
runs-on: ubuntu-20.04
|
||||
runs-on: ubuntu-22.04
|
||||
|
||||
steps:
|
||||
|
||||
- name: checkout
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: install deps
|
||||
run: |
|
||||
@@ -113,15 +114,13 @@ jobs:
|
||||
sudo add-apt-repository -y ppa:criu/ppa
|
||||
# apt-add-repository runs apt update so we don't have to.
|
||||
|
||||
# Due to a bug in apt, we have to update it first
|
||||
# (see https://bugs.launchpad.net/ubuntu-cdimage/+bug/1871268)
|
||||
sudo apt -q install apt
|
||||
sudo apt -q install libseccomp-dev libseccomp-dev:i386 gcc-multilib criu
|
||||
sudo apt -qy install libseccomp-dev libseccomp-dev:i386 gcc-multilib criu
|
||||
|
||||
- name: install go
|
||||
uses: actions/setup-go@v4
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version: 1.21
|
||||
go-version: 1.x # Latest stable
|
||||
check-latest: true
|
||||
|
||||
- name: unit test
|
||||
run: sudo -E PATH="$PATH" -- make GOARCH=386 localunittest
|
||||
|
||||
@@ -8,57 +8,56 @@ on:
|
||||
- release-*
|
||||
pull_request:
|
||||
env:
|
||||
GO_VERSION: 1.20.x
|
||||
GO_VERSION: 1.22.x
|
||||
|
||||
jobs:
|
||||
keyring:
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/checkout@v4
|
||||
- name: check runc.keyring
|
||||
run: make validate-keyring
|
||||
|
||||
lint:
|
||||
runs-on: ubuntu-20.04
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 2
|
||||
- uses: actions/setup-go@v4
|
||||
- uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version: "${{ env.GO_VERSION }}"
|
||||
cache: false # golangci-lint-action does its own caching
|
||||
- name: install deps
|
||||
run: |
|
||||
sudo apt -q update
|
||||
sudo apt -q install libseccomp-dev
|
||||
- uses: golangci/golangci-lint-action@v3
|
||||
sudo apt -qy install libseccomp-dev
|
||||
- uses: golangci/golangci-lint-action@v6
|
||||
with:
|
||||
version: v1.53
|
||||
version: v1.57
|
||||
# Extra linters, only checking new code from a pull request.
|
||||
- name: lint-extra
|
||||
if: github.event_name == 'pull_request'
|
||||
run: |
|
||||
golangci-lint run --config .golangci-extra.yml --new-from-rev=HEAD~1 --out-format=github-actions
|
||||
golangci-lint run --config .golangci-extra.yml --new-from-rev=HEAD~1
|
||||
|
||||
compile-buildtags:
|
||||
runs-on: ubuntu-20.04
|
||||
runs-on: ubuntu-22.04
|
||||
env:
|
||||
# Don't ignore C warnings. Note that the output of "go env CGO_CFLAGS" by default is "-g -O2", so we keep them.
|
||||
CGO_CFLAGS: -g -O2 -Werror
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/checkout@v4
|
||||
- name: install go
|
||||
uses: actions/setup-go@v4
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version: "${{ env.GO_VERSION }}"
|
||||
- name: compile with no build tags
|
||||
run: make BUILDTAGS=""
|
||||
|
||||
codespell:
|
||||
runs-on: ubuntu-20.04
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/checkout@v4
|
||||
- name: install deps
|
||||
# Version of codespell bundled with Ubuntu is way old, so use pip.
|
||||
run: pip install codespell==v2.3.0
|
||||
@@ -66,16 +65,16 @@ jobs:
|
||||
run: codespell
|
||||
|
||||
shfmt:
|
||||
runs-on: ubuntu-20.04
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/checkout@v4
|
||||
- name: shfmt
|
||||
run: make shfmt
|
||||
|
||||
shellcheck:
|
||||
runs-on: ubuntu-20.04
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/checkout@v4
|
||||
- name: vars
|
||||
run: |
|
||||
echo 'VERSION=v0.8.0' >> $GITHUB_ENV
|
||||
@@ -98,19 +97,20 @@ jobs:
|
||||
run : ./script/check-config.sh
|
||||
|
||||
deps:
|
||||
runs-on: ubuntu-20.04
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/checkout@v4
|
||||
- name: install go
|
||||
uses: actions/setup-go@v4
|
||||
uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version: "${{ env.GO_VERSION }}"
|
||||
check-latest: true
|
||||
- name: verify deps
|
||||
run: make verify-dependencies
|
||||
|
||||
|
||||
commit:
|
||||
runs-on: ubuntu-20.04
|
||||
runs-on: ubuntu-22.04
|
||||
# Only check commits on pull requests.
|
||||
if: github.event_name == 'pull_request'
|
||||
steps:
|
||||
@@ -121,23 +121,23 @@ jobs:
|
||||
token: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: check subject line length
|
||||
uses: tim-actions/commit-message-checker-with-regex@v0.3.1
|
||||
uses: tim-actions/commit-message-checker-with-regex@v0.3.2
|
||||
with:
|
||||
commits: ${{ steps.get-pr-commits.outputs.commits }}
|
||||
pattern: '^.{0,72}(\n.*)*$'
|
||||
error: 'Subject too long (max 72)'
|
||||
|
||||
cfmt:
|
||||
runs-on: ubuntu-20.04
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: checkout
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- name: install deps
|
||||
run: |
|
||||
sudo apt -qq update
|
||||
sudo apt -qq install indent
|
||||
sudo apt -qqy install indent
|
||||
- name: cfmt
|
||||
run: |
|
||||
make cfmt
|
||||
@@ -145,10 +145,10 @@ jobs:
|
||||
|
||||
|
||||
release:
|
||||
runs-on: ubuntu-20.04
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: checkout
|
||||
uses: actions/checkout@v3
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
@@ -169,7 +169,7 @@ jobs:
|
||||
- name: make releaseall
|
||||
run: make releaseall
|
||||
- name: upload artifacts
|
||||
uses: actions/upload-artifact@v3
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: release-${{ github.run_id }}
|
||||
path: release/*
|
||||
|
||||
+3
-3
@@ -1,10 +1,10 @@
|
||||
ARG GO_VERSION=1.20
|
||||
ARG GO_VERSION=1.21
|
||||
ARG BATS_VERSION=v1.9.0
|
||||
ARG LIBSECCOMP_VERSION=2.5.5
|
||||
|
||||
FROM golang:${GO_VERSION}-bullseye
|
||||
FROM golang:${GO_VERSION}-bookworm
|
||||
ARG DEBIAN_FRONTEND=noninteractive
|
||||
ARG CRIU_REPO=https://download.opensuse.org/repositories/devel:/tools:/criu/Debian_11
|
||||
ARG CRIU_REPO=https://download.opensuse.org/repositories/devel:/tools:/criu/Debian_12
|
||||
|
||||
RUN KEYFILE=/usr/share/keyrings/criu-repo-keyring.gpg; \
|
||||
wget -nv $CRIU_REPO/Release.key -O- | gpg --dearmor > "$KEYFILE" \
|
||||
|
||||
@@ -28,6 +28,10 @@ A third party security audit was performed by Cure53, you can see the full repor
|
||||
|
||||
`runc` only supports Linux. It must be built with Go version 1.17 or higher.
|
||||
|
||||
NOTE: if building with Go 1.22.x, make sure to use 1.22.4 or a later version
|
||||
(see [issue #4233](https://github.com/opencontainers/runc/issues/4233) for
|
||||
more details).
|
||||
|
||||
In order to enable seccomp support you will need to install `libseccomp` on your platform.
|
||||
> e.g. `libseccomp-devel` for CentOS, or `libseccomp-dev` for Ubuntu
|
||||
|
||||
|
||||
@@ -197,7 +197,6 @@ func ParseGroupFilter(r io.Reader, filter func(Group) bool) ([]Group, error) {
|
||||
for {
|
||||
var line []byte
|
||||
line, isPrefix, err = rd.ReadLine()
|
||||
|
||||
if err != nil {
|
||||
// We should return no error if EOF is reached
|
||||
// without a match.
|
||||
|
||||
@@ -31,11 +31,11 @@ function teardown() {
|
||||
|
||||
git clone https://github.com/opencontainers/runtime-spec.git
|
||||
(cd runtime-spec && git reset --hard "$SPEC_REF")
|
||||
SCHEMA='runtime-spec/schema/config-schema.json'
|
||||
[ -e "$SCHEMA" ]
|
||||
|
||||
GO111MODULE=auto go get github.com/xeipuuv/gojsonschema
|
||||
GO111MODULE=auto go build runtime-spec/schema/validate.go
|
||||
cd runtime-spec/schema
|
||||
go mod init runtime-spec
|
||||
go mod tidy
|
||||
go build ./validate.go
|
||||
|
||||
./validate "$SCHEMA" config.json
|
||||
./validate config-schema.json ../../config.json
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user