From 1fddbf7c5eb4ed013b13705a5f5c08f1a0cdff66 Mon Sep 17 00:00:00 2001 From: Alex Bennée Date: Tue, 25 Jul 2017 14:34:20 +0100 Subject: docker: ensure NOUSER for travis images While adding the current user is a useful default behaviour for creating new images it is not appropriate for Travis which already has a default user. Signed-off-by: Alex Bennée Reviewed-by: Philippe Mathieu-Daudé Tested-by: Philippe Mathieu-Daudé Message-Id: <20170725133425.436-2-alex.bennee@linaro.org> Signed-off-by: Fam Zheng --- tests/docker/Makefile.include | 1 + 1 file changed, 1 insertion(+) (limited to 'tests/docker/Makefile.include') diff --git a/tests/docker/Makefile.include b/tests/docker/Makefile.include index aa566aa223..2c49930907 100644 --- a/tests/docker/Makefile.include +++ b/tests/docker/Makefile.include @@ -70,6 +70,7 @@ docker-image-debian-ppc64el-cross: docker-image-debian9 docker-image-debian-s390x-cross: docker-image-debian9 docker-image-debian-win32-cross: docker-image-debian8-mxe docker-image-debian-win64-cross: docker-image-debian8-mxe +docker-image-travis: NOUSER=1 # Expand all the pre-requistes for each docker image and test combination $(foreach i,$(DOCKER_IMAGES), \ -- cgit v1.2.3-55-g7522 From 447074918652e7a72daf0875a97351cad10581b6 Mon Sep 17 00:00:00 2001 From: Fam Zheng Date: Tue, 5 Sep 2017 10:56:11 +0800 Subject: docker: Use unconfined security profile Some by default blocked syscalls are required to run tests for example userfaultfd. Reviewed-by: Kashyap Chamarthy Signed-off-by: Fam Zheng Message-Id: <20170905025614.579-4-famz@redhat.com> Reviewed-by: Stefan Hajnoczi Based-on: 20170905021201.25684-1-famz@redhat.com --- tests/docker/Makefile.include | 1 + 1 file changed, 1 insertion(+) (limited to 'tests/docker/Makefile.include') diff --git a/tests/docker/Makefile.include b/tests/docker/Makefile.include index 2c49930907..2bed4c0e00 100644 --- a/tests/docker/Makefile.include +++ b/tests/docker/Makefile.include @@ -145,6 +145,7 @@ docker-run: docker-qemu-src $(call quiet-command, \ $(SRC_PATH)/tests/docker/docker.py run \ $(if $(NOUSER),,-u $(shell id -u)) -t \ + --security-opt seccomp=unconfined \ $(if $V,,--rm) \ $(if $(DEBUG),-i,) \ $(if $(NETWORK),$(if $(subst $(NETWORK),,1),--net=$(NETWORK)),--net=none) \ -- cgit v1.2.3-55-g7522 From b7f404201e45e99da23b9764dec27ce5f965cdcd Mon Sep 17 00:00:00 2001 From: Fam Zheng Date: Tue, 5 Sep 2017 10:12:01 +0800 Subject: docker: Use archive-source.py Signed-off-by: Fam Zheng Reviewed-by: Alex Bennée --- tests/docker/Makefile.include | 14 ++------------ tests/docker/run | 8 +------- 2 files changed, 3 insertions(+), 19 deletions(-) (limited to 'tests/docker/Makefile.include') diff --git a/tests/docker/Makefile.include b/tests/docker/Makefile.include index 2bed4c0e00..0e4f159619 100644 --- a/tests/docker/Makefile.include +++ b/tests/docker/Makefile.include @@ -17,23 +17,13 @@ DOCKER_TOOLS := travis TESTS ?= % IMAGES ?= % -# Make archive from git repo $1 to tar.gz $2 -make-archive-maybe = $(if $(wildcard $1/*), \ - $(call quiet-command, \ - (cd $1; if git diff-index --quiet HEAD -- &>/dev/null; then \ - git archive -1 HEAD --format=tar.gz; \ - else \ - git archive -1 $$(git stash create) --format=tar.gz; \ - fi) > $2, \ - "ARCHIVE","$(notdir $2)")) - CUR_TIME := $(shell date +%Y-%m-%d-%H.%M.%S.$$$$) DOCKER_SRC_COPY := docker-src.$(CUR_TIME) $(DOCKER_SRC_COPY): @mkdir $@ - $(call make-archive-maybe, $(SRC_PATH), $@/qemu.tgz) - $(call make-archive-maybe, $(SRC_PATH)/dtc, $@/dtc.tgz) + $(call quiet-command, $(SRC_PATH)/scripts/archive-source.sh $@/qemu.tar, \ + "GEN", "$@/qemu.tar") $(call quiet-command, cp $(SRC_PATH)/tests/docker/run $@/run, \ "COPY","RUNNER") diff --git a/tests/docker/run b/tests/docker/run index ec2541cbd9..52b76e443d 100755 --- a/tests/docker/run +++ b/tests/docker/run @@ -32,13 +32,7 @@ export TEST_DIR=/tmp/qemu-test mkdir -p $TEST_DIR/{src,build,install} # Extract the source tarballs -tar -C $TEST_DIR/src -xzf $BASE/qemu.tgz -for p in dtc pixman; do - if test -f $BASE/$p.tgz; then - tar -C $TEST_DIR/src/$p -xzf $BASE/$p.tgz - export FEATURES="$FEATURES $p" - fi -done +tar -C $TEST_DIR/src -xf $BASE/qemu.tar if test -n "$SHOW_ENV"; then if test -f /packages.txt; then -- cgit v1.2.3-55-g7522