From d39df7b5873168e8c61e2fb1939c8e59a801c653 Mon Sep 17 00:00:00 2001 From: zhongtao Date: Tue, 19 Sep 2023 11:35:04 +0800 Subject: [PATCH] bugfix for codecheck and adapt new library for libisulad-shim utils Signed-off-by: zhongtao --- ...-build_docs-guide-build_guide_riscv_.patch | 27 ++ ...-design-detailed-Image-image_storage.patch | 27 ++ ...-design-detailed-Image-remote_ro_des.patch | 43 ++ ...-Limit-the-response-size-of-ExecSync.patch | 50 +++ ...new-library-for-libisulad-shim-utils.patch | 45 +++ ...t-build-isulad-on-many-linux-distros.patch | 373 ++++++++++++++++++ ...gument-cause-to-coredump-on-fedora38.patch | 26 ++ ...-container-do-not-need-change-resolv.patch | 28 ++ 0042-CI-fix-relative-path-of-file.patch | 59 +++ ...-CI-do-not-use-tty-to-run-docker-run.patch | 34 ++ ...lad_shim_libutils.a-from-libisula.pc.patch | 26 ++ iSulad.spec | 19 +- 12 files changed, 756 insertions(+), 1 deletion(-) create mode 100644 0034-2184-update-docs-build_docs-guide-build_guide_riscv_.patch create mode 100644 0035-2186-update-docs-design-detailed-Image-image_storage.patch create mode 100644 0036-2187-update-docs-design-detailed-Image-remote_ro_des.patch create mode 100644 0037-2189-Limit-the-response-size-of-ExecSync.patch create mode 100644 0038-refactor-adapt-new-library-for-libisulad-shim-utils.patch create mode 100644 0039-CI-support-build-isulad-on-many-linux-distros.patch create mode 100644 0040-fix-null-argument-cause-to-coredump-on-fedora38.patch create mode 100644 0041-new-docker-container-do-not-need-change-resolv.patch create mode 100644 0042-CI-fix-relative-path-of-file.patch create mode 100644 0043-CI-do-not-use-tty-to-run-docker-run.patch create mode 100644 0044-2196-find-libisulad_shim_libutils.a-from-libisula.pc.patch diff --git a/0034-2184-update-docs-build_docs-guide-build_guide_riscv_.patch b/0034-2184-update-docs-build_docs-guide-build_guide_riscv_.patch new file mode 100644 index 0000000..7395e90 --- /dev/null +++ b/0034-2184-update-docs-build_docs-guide-build_guide_riscv_.patch @@ -0,0 +1,27 @@ +From 0ad1a31cb0b53ef7b33ad827b0c96d7bdfd061db Mon Sep 17 00:00:00 2001 +From: wangyu +Date: Thu, 14 Sep 2023 02:42:30 +0000 +Subject: [PATCH 34/44] !2184 update + docs/build_docs/guide/build_guide_riscv_zh.md. * update + docs/build_docs/guide/build_guide_riscv_zh.md. + +--- + docs/build_docs/guide/build_guide_riscv_zh.md | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/docs/build_docs/guide/build_guide_riscv_zh.md b/docs/build_docs/guide/build_guide_riscv_zh.md +index c1bbffae..2e778fb8 100644 +--- a/docs/build_docs/guide/build_guide_riscv_zh.md ++++ b/docs/build_docs/guide/build_guide_riscv_zh.md +@@ -61,7 +61,7 @@ qemu-system-riscv64 \ + 1. 在终端直接输入shell文件中的内容 + 2. 如果创建了shell文件,只需要在终端里输入 `sh run_oe1_rv64.sh` + +-默认的登陆用户名/密码是:root/openEuler12#$ ++默认的登录用户名/密码是:root/openEuler12#$ + + ## 源码编译及安装 + +-- +2.40.1 + diff --git a/0035-2186-update-docs-design-detailed-Image-image_storage.patch b/0035-2186-update-docs-design-detailed-Image-image_storage.patch new file mode 100644 index 0000000..edd4cd9 --- /dev/null +++ b/0035-2186-update-docs-design-detailed-Image-image_storage.patch @@ -0,0 +1,27 @@ +From 11419bcdd3fe16d5095bf4d43196177df3e10dd8 Mon Sep 17 00:00:00 2001 +From: wangyu +Date: Thu, 14 Sep 2023 02:42:49 +0000 +Subject: [PATCH 35/44] !2186 update + docs/design/detailed/Image/image_storage_driver_design_zh.md. * update + docs/design/detailed/Image/image_storage_driver_design_zh.md. + +--- + docs/design/detailed/Image/image_storage_driver_design_zh.md | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/docs/design/detailed/Image/image_storage_driver_design_zh.md b/docs/design/detailed/Image/image_storage_driver_design_zh.md +index a9d324ac..ea82df14 100644 +--- a/docs/design/detailed/Image/image_storage_driver_design_zh.md ++++ b/docs/design/detailed/Image/image_storage_driver_design_zh.md +@@ -203,7 +203,7 @@ struct io_read_wrapper { + dr-xr-x--- 2 root root 26 Mar 13 12:13 root + ``` + +-3. 解压数据应当chroot到对应目录下,防止软连接攻击 ++3. 解压数据应当chroot到对应目录下,防止软链接攻击 + + ## 3.9 获取层meta数据 + +-- +2.40.1 + diff --git a/0036-2187-update-docs-design-detailed-Image-remote_ro_des.patch b/0036-2187-update-docs-design-detailed-Image-remote_ro_des.patch new file mode 100644 index 0000000..765a0f8 --- /dev/null +++ b/0036-2187-update-docs-design-detailed-Image-remote_ro_des.patch @@ -0,0 +1,43 @@ +From 14fb6f4df5f75d3998e504bd32747714f3ce0e52 Mon Sep 17 00:00:00 2001 +From: wangyu +Date: Thu, 14 Sep 2023 02:43:02 +0000 +Subject: [PATCH 36/44] !2187 update + docs/design/detailed/Image/remote_ro_design.md. * update + docs/design/detailed/Image/remote_ro_design.md. + +--- + docs/design/detailed/Image/remote_ro_design.md | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/docs/design/detailed/Image/remote_ro_design.md b/docs/design/detailed/Image/remote_ro_design.md +index fee33835..fd778440 100644 +--- a/docs/design/detailed/Image/remote_ro_design.md ++++ b/docs/design/detailed/Image/remote_ro_design.md +@@ -126,7 +126,7 @@ overlay-layer + └── b64792.tar.gz + ``` + +-以overlay-layers目录为例,创建新layer时,如果是只读层,就把层数据放到RO目录下,在RO上层目录创建软连接指向真实数据。删除layer时需要额外删除软连接。 ++以overlay-layers目录为例,创建新layer时,如果是只读层,就把层数据放到RO目录下,在RO上层目录创建软链接指向真实数据。删除layer时需要额外删除软链接。 + + + *定期更新* +@@ -210,12 +210,12 @@ int remote_overlay_remove_ro_dir(const char *id); + ``` + + # 4. 详细设计 +-分离RO目录的关键在于适配原来的代码逻辑,原先的代码在操作镜像和层的时候,不管是RO层还是RW层,从创建到删除都是在当前目录下进行的,这就是我们额外创建一个软连接的作用: ++分离RO目录的关键在于适配原来的代码逻辑,原先的代码在操作镜像和层的时候,不管是RO层还是RW层,从创建到删除都是在当前目录下进行的,这就是我们额外创建一个软链接的作用: + - RO目录的作用是为了支持远程挂载 +-- 软连接的作用是模拟原来的目录结构 ++- 软链接的作用是模拟原来的目录结构 + + 这样以来,image module的逻辑几乎不需要改动,除了以下几点需要注意: +-- 创建和删除的时候需要处理一个额外的资源:软连接,之前只需要关注目录即可,现在如果创建的是只读层,就需要额外创建软连接,如果删除的是只读层,就需要额外删除软连接 ++- 创建和删除的时候需要处理一个额外的资源:软链接,之前只需要关注目录即可,现在如果创建的是只读层,就需要额外创建软链接,如果删除的是只读层,就需要额外删除软链接 + - 以`overlay-layers`目录为例,isulad启动时会以正则规则扫描当前目录下的子目录是否合法,所以需要屏蔽`RO`目录 + + 定时刷新的逻辑如下: +-- +2.40.1 + diff --git a/0037-2189-Limit-the-response-size-of-ExecSync.patch b/0037-2189-Limit-the-response-size-of-ExecSync.patch new file mode 100644 index 0000000..9bcea70 --- /dev/null +++ b/0037-2189-Limit-the-response-size-of-ExecSync.patch @@ -0,0 +1,50 @@ +From 40a76773f8c834577c5e2ba8dfbfbda365facdf0 Mon Sep 17 00:00:00 2001 +From: jake +Date: Thu, 14 Sep 2023 02:43:42 +0000 +Subject: [PATCH 37/44] !2189 Limit the response size of ExecSync * !2129 Limit + the response size of ExecSync + +--- + src/daemon/entry/cri/v1/v1_cri_container_manager_service.cc | 6 ++++++ + .../entry/cri/v1alpha/cri_container_manager_service.cc | 6 ++++++ + 2 files changed, 12 insertions(+) + +diff --git a/src/daemon/entry/cri/v1/v1_cri_container_manager_service.cc b/src/daemon/entry/cri/v1/v1_cri_container_manager_service.cc +index daba21e4..52f62320 100644 +--- a/src/daemon/entry/cri/v1/v1_cri_container_manager_service.cc ++++ b/src/daemon/entry/cri/v1/v1_cri_container_manager_service.cc +@@ -1363,7 +1363,13 @@ static auto WriteToString(void *context, const void *data, size_t len) -> ssize_ + return 0; + } + ++ // Limit the response size of ExecSync, outside of the response limit will never be seen ++ // Allow last write to exceed the limited size since every single write has a limit len ++ const size_t max_stream_size = 1024 * 1024 * 16; + std::string *str = reinterpret_cast(context); ++ if (str->length() >= max_stream_size) { ++ return (ssize_t)len; ++ } + + str->append(reinterpret_cast(data), len); + return (ssize_t)len; +diff --git a/src/daemon/entry/cri/v1alpha/cri_container_manager_service.cc b/src/daemon/entry/cri/v1alpha/cri_container_manager_service.cc +index 013b938a..083d9f68 100644 +--- a/src/daemon/entry/cri/v1alpha/cri_container_manager_service.cc ++++ b/src/daemon/entry/cri/v1alpha/cri_container_manager_service.cc +@@ -1382,7 +1382,13 @@ static auto WriteToString(void *context, const void *data, size_t len) -> ssize_ + return 0; + } + ++ // Limit the response size of ExecSync, outside of the response limit will never be seen ++ // Allow last write to exceed the limited size since every single write has a limit len ++ const size_t max_stream_size = 1024 * 1024 * 16; + std::string *str = reinterpret_cast(context); ++ if (str->length() >= max_stream_size) { ++ return (ssize_t)len; ++ } + + str->append(reinterpret_cast(data), len); + return (ssize_t)len; +-- +2.40.1 + diff --git a/0038-refactor-adapt-new-library-for-libisulad-shim-utils.patch b/0038-refactor-adapt-new-library-for-libisulad-shim-utils.patch new file mode 100644 index 0000000..a67580c --- /dev/null +++ b/0038-refactor-adapt-new-library-for-libisulad-shim-utils.patch @@ -0,0 +1,45 @@ +From 7d143223967ec452f870edab88672dca420ff94f Mon Sep 17 00:00:00 2001 +From: haozi007 +Date: Thu, 14 Sep 2023 14:36:05 +0800 +Subject: [PATCH 38/44] [refactor] adapt new library for libisulad-shim utils + +Signed-off-by: haozi007 +--- + cmake/checker.cmake | 4 ++++ + src/CMakeLists.txt | 4 ++-- + 2 files changed, 6 insertions(+), 2 deletions(-) + +diff --git a/cmake/checker.cmake b/cmake/checker.cmake +index 052f563f..0f1b3ce0 100644 +--- a/cmake/checker.cmake ++++ b/cmake/checker.cmake +@@ -107,6 +107,10 @@ find_library(ISULA_LIBUTILS_LIBRARY isula_libutils + HINTS ${PC_ISULA_LIBUTILS_LIBDIR} ${PC_ISULA_LIBUTILS_LIBRARY_DIRS}) + _CHECK(ISULA_LIBUTILS_LIBRARY "ISULA_LIBUTILS_LIBRARY-NOTFOUND" "libisula_libutils.so") + ++find_library(ISULAD_SHIM_LIBUTILS_LIBRARY isulad_shim_libutils ++ HINTS ${PC_ISULAD_SHIM_LIBUTILS_LIBDIR} ${PC_ISULAD_SHIM_LIBUTILS_LIBRARY_DIRS}) ++_CHECK(ISULAD_SHIM_LIBUTILS_LIBRARY "ISULAD_SHIM_LIBUTILS_LIBRARY-NOTFOUND" "libisulad_shim_libutils.a") ++ + if (ENABLE_SHIM_V2) + find_path(LIBSHIM_V2_INCLUDE_DIR shim_v2.h) + _CHECK(LIBSHIM_V2_INCLUDE_DIR "LIBSHIM_V2_INCLUDE_DIR-NOTFOUND" "shim_v2.h") +diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt +index a087cc05..8e197b9f 100644 +--- a/src/CMakeLists.txt ++++ b/src/CMakeLists.txt +@@ -122,9 +122,9 @@ target_include_directories(isulad-shim PUBLIC + ${SHARED_INCS} + ${ISULA_LIBUTILS_INCLUDE_DIR} + ) +-target_link_libraries(isulad-shim ${ISULA_LIBUTILS_LIBRARY}) ++target_link_libraries(isulad-shim ${ISULAD_SHIM_LIBUTILS_LIBRARY} ${LIBYAJL_LIBRARY}) + if (ANDROID OR MUSL) +- target_link_libraries(isulad-shim ${LIBSSL_LIBRARY} ${LIBYAJL_LIBRARY}) ++ target_link_libraries(isulad-shim ${LIBSSL_LIBRARY}) + else() + target_link_libraries(isulad-shim -lpthread) + endif() +-- +2.40.1 + diff --git a/0039-CI-support-build-isulad-on-many-linux-distros.patch b/0039-CI-support-build-isulad-on-many-linux-distros.patch new file mode 100644 index 0000000..8a875d9 --- /dev/null +++ b/0039-CI-support-build-isulad-on-many-linux-distros.patch @@ -0,0 +1,373 @@ +From 7ae7e03a498d37c9f3dad50c1769796c2027c5d9 Mon Sep 17 00:00:00 2001 +From: haozi007 +Date: Thu, 14 Sep 2023 17:00:57 +0800 +Subject: [PATCH 39/44] [CI] support build isulad on many linux distros + +Signed-off-by: haozi007 +--- + CI/build.sh | 8 ++- + CI/build_on_linux_distros.sh | 40 ++++++++++++++ + CI/{ => dockerfiles}/Dockerfile-fedora | 59 ++++++-------------- + CI/{ => dockerfiles}/Dockerfile-ubuntu | 25 +++------ + CI/only_build_isulad.sh | 74 ++++++++++++++++++++++++++ + 5 files changed, 145 insertions(+), 61 deletions(-) + create mode 100755 CI/build_on_linux_distros.sh + rename CI/{ => dockerfiles}/Dockerfile-fedora (65%) + rename CI/{ => dockerfiles}/Dockerfile-ubuntu (85%) + create mode 100755 CI/only_build_isulad.sh + +diff --git a/CI/build.sh b/CI/build.sh +index 6c90028a..cf68fac5 100755 +--- a/CI/build.sh ++++ b/CI/build.sh +@@ -295,7 +295,13 @@ make_sure_cgroup + + make_base_image + if [ $? -ne 0 ];then +- exit 0 ++ exit 1 ++fi ++ ++# build iSulad on many linux distros ++./build_on_linux_distros.sh ++if [ $? -ne 0 ];then ++ exit 1 + fi + + #if you want to debug and disable cleanup all resources, create directory by 'mkdir -p $KEEP_CONTAINERS_ALIVE_DIR' +diff --git a/CI/build_on_linux_distros.sh b/CI/build_on_linux_distros.sh +new file mode 100755 +index 00000000..3464b781 +--- /dev/null ++++ b/CI/build_on_linux_distros.sh +@@ -0,0 +1,40 @@ ++#!/bin/bash ++####################################################################### ++##- Copyright (c) Huawei Technologies Co., Ltd. 2023. All rights reserved. ++# - iSulad licensed under the Mulan PSL v2. ++# - You can use this software according to the terms and conditions of the Mulan PSL v2. ++# - You may obtain a copy of Mulan PSL v2 at: ++# - http://license.coscl.org.cn/MulanPSL2 ++# - THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR ++# - IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR ++# - PURPOSE. ++# - See the Mulan PSL v2 for more details. ++##- @Description: build isulad on many linux distros ++##- @Author: haozi007 ++##- @Create: 2023-09-14 ++####################################################################### ++ ++set +e ++set -x ++ ++ubuntu_image_name="isulad_on_ubunut:2023" ++fedora_image_name="isulad_on_fedora:2023" ++ ++ret=0 ++ ++# prepare docker images, current support fedora and ubuntu ++docker build -t ${fedora_image_name} -f ./dockerfiles/Dockerfile-fedora . ++docker run --rm -ti -v $(pwd):/test ${fedora_image_name} /test/only_build_isulad.sh ++if [ $? -ne 0 ]; then ++ echo ">>>>>>>>>>>>>>>>build iSulad on fedora failed>>>>>>>>>>>>>>>>>" ++ ret=1 ++fi ++ ++docker build -t ${ubuntu_image_name} -f ./dockerfiles/Dockerfile-ubuntu . ++docker run --rm -ti -v $(pwd):/test ${ubuntu_image_name} /test/only_build_isulad.sh ++if [ $? -ne 0 ]; then ++ echo ">>>>>>>>>>>>>>>>build iSulad on ubuntu failed>>>>>>>>>>>>>>>>>" ++ ret=1 ++fi ++ ++exit $ret +\ No newline at end of file +diff --git a/CI/Dockerfile-fedora b/CI/dockerfiles/Dockerfile-fedora +similarity index 65% +rename from CI/Dockerfile-fedora +rename to CI/dockerfiles/Dockerfile-fedora +index 293ca264..44059cf1 100644 +--- a/CI/Dockerfile-fedora ++++ b/CI/dockerfiles/Dockerfile-fedora +@@ -20,7 +20,7 @@ + # --build-arg https_proxy=YOUR_HTTPS_PROXY_IF_NEEDED \ + # -t YOUR_IMAGE_NAME -f ./Dockerfile . + +-FROM fedora:35 ++FROM fedora:38 + MAINTAINER haozi007 + + # if set proxy, need add no_proxy +@@ -29,17 +29,12 @@ MAINTAINER haozi007 + # ENV http_proxy=http://proxy.com + # ENV https_proxy=http://proxy.com + +-RUN echo "nameserver 8.8.8.8" > /etc/resolv.conf && \ +- echo "nameserver 8.8.4.4" >> /etc/resolv.conf && \ +- echo "search localdomain" >> /etc/resolv.conf +- + # Install dependency package +-RUN dnf update -y && dnf install -y systemd && dnf clean all +- +-RUN dnf install -y automake \ ++RUN dnf update -y && dnf install -y automake \ + autoconf \ + libtool \ + make \ ++ systemd \ + cmake \ + grpc-devel \ + grpc-plugins \ +@@ -50,9 +45,7 @@ RUN dnf install -y automake \ + gmock-devel \ + libarchive-devel \ + which \ +- gdb \ + strace \ +- rpm-build \ + graphviz \ + libcap \ + libcap-devel \ +@@ -94,31 +87,13 @@ RUN dnf install -y automake \ + expect \ + systemd-devel \ + systemd-libs \ +- go \ + bc \ +- procps-ng \ +- valgrind \ +- e2fsprogs \ +- lcov \ +- libasan \ + langpacks-en \ +- containernetworking-plugins \ +- runc \ + lvm2 \ +- tcpdump \ +- systemd-udev \ ++ patch \ + iputils + +-RUN yum clean all && \ +- (cd /lib/systemd/system/sysinit.target.wants/; for i in *; \ +- do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ +- rm -f /lib/systemd/system/multi-user.target.wants/*;\ +- rm -f /etc/systemd/system/*.wants/*;\ +- rm -f /lib/systemd/system/local-fs.target.wants/*; \ +- rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ +- rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ +- rm -f /lib/systemd/system/basic.target.wants/*;\ +- rm -f /lib/systemd/system/anaconda.target.wants/*; ++RUN dnf clean all + + # disalbe sslverify + RUN git config --global http.sslverify false +@@ -128,13 +103,12 @@ RUN echo "export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH" >> / + echo "/usr/lib" >> /etc/ld.so.conf && \ + echo "/usr/local/lib" >> /etc/ld.so.conf + +- +-RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y ++#RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y + + # configure rust +-RUN echo "[source.crates-io]" >> ${HOME}/.cargo/config && \ +- echo "[source.local-registry]" >> ${HOME}/.cargo/config && \ +- echo "directory = \"vendor\"" >> ${HOME}/.cargo/config ++#RUN echo "[source.crates-io]" >> ${HOME}/.cargo/config && \ ++# echo "[source.local-registry]" >> ${HOME}/.cargo/config && \ ++# echo "directory = \"vendor\"" >> ${HOME}/.cargo/config + + # install libevhtp + RUN export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH && \ +@@ -142,11 +116,14 @@ RUN export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH && \ + cd ~ && \ + git clone https://gitee.com/src-openeuler/libevhtp.git && \ + cd libevhtp && \ +- git checkout -b openEuler-20.03-LTS-tag openEuler-20.03-LTS-tag && \ +- tar -xzvf libevhtp-1.2.16.tar.gz && \ +- cd libevhtp-1.2.16 && \ +- patch -p1 -F1 -s < ../0001-support-dynamic-threads.patch && \ +- patch -p1 -F1 -s < ../0002-close-openssl.patch && \ ++ tar -xzvf 1.2.18.tar.gz && \ ++ cd libevhtp-1.2.18 && \ ++ patch -p1 -F1 -s < ../0001-decrease-numbers-of-fd-for-shared-pipe-mode.patch && \ ++ patch -p1 -F1 -s < ../0002-evhtp-enable-dynamic-thread-pool.patch && \ ++ patch -p1 -F1 -s < ../0003-close-open-ssl.-we-do-NOT-use-it-in-lcrd.patch && \ ++ patch -p1 -F1 -s < ../0004-Use-shared-library-instead-static-one.patch && \ ++ patch -p1 -F1 -s < ../0005-libevhtp-add-securce-compile-options.patch && \ ++ patch -p1 -F1 -s < ../0006-libevhtp-add-gcov-compile-options.patch && \ + rm -rf build && \ + mkdir build && \ + cd build && \ +@@ -155,6 +132,4 @@ RUN export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH && \ + make install && \ + ldconfig + +-VOLUME [ "/sys/fs/cgroup" ] +-CMD ["/usr/sbin/init"] + WORKDIR /root +diff --git a/CI/Dockerfile-ubuntu b/CI/dockerfiles/Dockerfile-ubuntu +similarity index 85% +rename from CI/Dockerfile-ubuntu +rename to CI/dockerfiles/Dockerfile-ubuntu +index ac76b823..e056beb5 100644 +--- a/CI/Dockerfile-ubuntu ++++ b/CI/dockerfiles/Dockerfile-ubuntu +@@ -21,25 +21,19 @@ + # -t YOUR_IMAGE_NAME -f ./Dockerfile . + + +-FROM ubuntu:20.04 ++FROM ubuntu:lunar + MAINTAINER WuJing + + ENV TZ=Asia/Shanghai + + RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone + +-RUN echo "nameserver 8.8.8.8" > /etc/resolv.conf && \ +- echo "nameserver 8.8.4.4" >> /etc/resolv.conf && \ +- echo "search localdomain" >> /etc/resolv.conf +- + # Install dependency package + RUN apt update -y && apt upgrade -y && \ + apt install -y automake \ + autoconf \ + libtool \ + make \ +- gdb \ +- strace \ + libcap-dev \ + libxslt-dev \ + graphviz \ +@@ -72,13 +66,7 @@ RUN apt update -y && apt upgrade -y && \ + libgpgme-dev \ + expect \ + libsystemd-dev \ +- golang \ + bc \ +- valgrind \ +- e2fsprogs \ +- lcov \ +- libasan6 \ +- lvm2 \ + locales \ + language-pack-en \ + curl \ +@@ -93,6 +81,7 @@ RUN apt update -y && apt upgrade -y && \ + libgmock-dev \ + libgtest-dev \ + libarchive-dev \ ++ patch \ + tcpdump + + RUN apt autoremove -y +@@ -107,12 +96,12 @@ RUN echo "export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH" >> / + RUN git config --global http.sslverify false + + # install rust +-RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y ++# RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y + + # configure rust +-RUN echo "[source.crates-io]" >> ${HOME}/.cargo/config && \ +- echo "[source.local-registry]" >> ${HOME}/.cargo/config && \ +- echo "directory = \"vendor\"" >> ${HOME}/.cargo/config ++# RUN echo "[source.crates-io]" >> ${HOME}/.cargo/config && \ ++# echo "[source.local-registry]" >> ${HOME}/.cargo/config && \ ++# echo "directory = \"vendor\"" >> ${HOME}/.cargo/config + + # install libevhtp + RUN export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH && \ +@@ -133,5 +122,5 @@ RUN export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH && \ + make install && \ + ldconfig + +-VOLUME [ "/sys/fs/cgroup" ] + CMD ["/bin/bash"] ++WORKDIR /root +\ No newline at end of file +diff --git a/CI/only_build_isulad.sh b/CI/only_build_isulad.sh +new file mode 100755 +index 00000000..d2d3417d +--- /dev/null ++++ b/CI/only_build_isulad.sh +@@ -0,0 +1,74 @@ ++#!/bin/bash ++####################################################################### ++##- Copyright (c) Huawei Technologies Co., Ltd. 2023. All rights reserved. ++# - iSulad licensed under the Mulan PSL v2. ++# - You can use this software according to the terms and conditions of the Mulan PSL v2. ++# - You may obtain a copy of Mulan PSL v2 at: ++# - http://license.coscl.org.cn/MulanPSL2 ++# - THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR ++# - IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR ++# - PURPOSE. ++# - See the Mulan PSL v2 for more details. ++##- @Description: build isulad on many linux distros ++##- @Author: haozi007 ++##- @Create: 2023-09-14 ++####################################################################### ++ ++set +e ++set -x ++ ++support_shim_v2=0 ++ ++export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:$PKG_CONFIG_PATH ++export LD_LIBRARY_PATH=/usr/local/lib:/usr/lib:$LD_LIBRARY_PATH ++cd ~ ++ ++# install lib-shim-v2 ++if [ ${support_shim_v2} -ne 0 ]; then ++ source ${HOME}/.cargo/env ++ rm -rf lib-shim-v2 ++ git clone https://gitee.com/openeuler/lib-shim-v2.git ++ pushd lib-shim-v2 ++ mkdir .cargo ++cat >> ./.cargo/config << EOF ++[source.crates-io] ++replace-with = "local-registry" ++[source.local-registry] ++directory = "vendor" ++EOF ++ cargo build --release ++ make install ++ popd ++ ldconfig ++fi ++ ++# install lxc ++git clone https://gitee.com/src-openeuler/lxc.git ++pushd lxc/ ++git checkout origin/openEuler-22.03-LTS-SP1 ++./apply-patches ++pushd lxc-4.0.3 ++./autogen.sh ++./configure --disable-silent-rules --disable-rpath --disable-static \ ++ --disable-apparmor --enable-selinux --enable-seccomp --disable-werror ++make && make install ++popd ++popd ++ ++git clone https://gitee.com/openeuler/lcr.git ++pushd lcr ++mkdir build && pushd build ++cmake -DENABLE_UT=ON ../ ++make -j2 && make install ++ctest -V ++popd ++popd ++ ++git clone https://gitee.com/openeuler/iSulad.git ++pushd iSulad ++mkdir build && pushd build ++cmake -DENABLE_UT=ON ../ ++make -j2 && make install ++ctest -V ++popd ++popd +-- +2.40.1 + diff --git a/0040-fix-null-argument-cause-to-coredump-on-fedora38.patch b/0040-fix-null-argument-cause-to-coredump-on-fedora38.patch new file mode 100644 index 0000000..2e9281c --- /dev/null +++ b/0040-fix-null-argument-cause-to-coredump-on-fedora38.patch @@ -0,0 +1,26 @@ +From 976fea1ca1c9d38646600b71e2cd4b923477de26 Mon Sep 17 00:00:00 2001 +From: haozi007 +Date: Thu, 14 Sep 2023 20:31:39 +0800 +Subject: [PATCH 40/44] fix null argument cause to coredump on fedora38 + +Signed-off-by: haozi007 +--- + src/utils/cutils/error.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/utils/cutils/error.h b/src/utils/cutils/error.h +index fdbe6678..088ed261 100644 +--- a/src/utils/cutils/error.h ++++ b/src/utils/cutils/error.h +@@ -59,7 +59,7 @@ static inline void format_errorf(char **err, const char *format, ...) + char errbuf[BUFSIZ + 1] = { 0 }; + va_list argp; + +- if (err == NULL) { ++ if (err == NULL || format == NULL) { + return; + } + +-- +2.40.1 + diff --git a/0041-new-docker-container-do-not-need-change-resolv.patch b/0041-new-docker-container-do-not-need-change-resolv.patch new file mode 100644 index 0000000..e7b4a45 --- /dev/null +++ b/0041-new-docker-container-do-not-need-change-resolv.patch @@ -0,0 +1,28 @@ +From 24b71ab63ba4b7a17baeb6717342422f0874e215 Mon Sep 17 00:00:00 2001 +From: haozi007 +Date: Fri, 15 Sep 2023 09:57:02 +0800 +Subject: [PATCH 41/44] new docker container do not need change resolv + +Signed-off-by: haozi007 +--- + CI/Dockerfile-centos | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/CI/Dockerfile-centos b/CI/Dockerfile-centos +index 27aa56a9..bafc87e1 100644 +--- a/CI/Dockerfile-centos ++++ b/CI/Dockerfile-centos +@@ -24,10 +24,6 @@ + FROM centos:7.6.1810 + MAINTAINER LiFeng + +-RUN echo "nameserver 8.8.8.8" > /etc/resolv.conf && \ +- echo "nameserver 8.8.4.4" >> /etc/resolv.conf && \ +- echo "search localdomain" >> /etc/resolv.conf +- + # Install dependency package + RUN yum clean all && yum makecache && yum install -y epel-release && yum swap -y fakesystemd systemd && \ + yum update -y && \ +-- +2.40.1 + diff --git a/0042-CI-fix-relative-path-of-file.patch b/0042-CI-fix-relative-path-of-file.patch new file mode 100644 index 0000000..3c31799 --- /dev/null +++ b/0042-CI-fix-relative-path-of-file.patch @@ -0,0 +1,59 @@ +From f41cc34ee4686be8930f7f66bbf1ed44e6fa0403 Mon Sep 17 00:00:00 2001 +From: haozi007 +Date: Fri, 15 Sep 2023 14:34:37 +0800 +Subject: [PATCH 42/44] [CI] fix relative path of file + +Signed-off-by: haozi007 +--- + CI/build.sh | 2 +- + CI/build_on_linux_distros.sh | 10 ++++++---- + 2 files changed, 7 insertions(+), 5 deletions(-) + +diff --git a/CI/build.sh b/CI/build.sh +index cf68fac5..b3f9ee49 100755 +--- a/CI/build.sh ++++ b/CI/build.sh +@@ -299,7 +299,7 @@ if [ $? -ne 0 ];then + fi + + # build iSulad on many linux distros +-./build_on_linux_distros.sh ++${basepath}/build_on_linux_distros.sh + if [ $? -ne 0 ];then + exit 1 + fi +diff --git a/CI/build_on_linux_distros.sh b/CI/build_on_linux_distros.sh +index 3464b781..d7054a2d 100755 +--- a/CI/build_on_linux_distros.sh ++++ b/CI/build_on_linux_distros.sh +@@ -17,21 +17,23 @@ + set +e + set -x + ++basepath=$(cd `dirname $0`; pwd) ++ + ubuntu_image_name="isulad_on_ubunut:2023" + fedora_image_name="isulad_on_fedora:2023" + + ret=0 + + # prepare docker images, current support fedora and ubuntu +-docker build -t ${fedora_image_name} -f ./dockerfiles/Dockerfile-fedora . +-docker run --rm -ti -v $(pwd):/test ${fedora_image_name} /test/only_build_isulad.sh ++docker build -t ${fedora_image_name} -f ${basepath}/dockerfiles/Dockerfile-fedora . ++docker run --rm -ti -v ${basepath}:/test ${fedora_image_name} /test/only_build_isulad.sh + if [ $? -ne 0 ]; then + echo ">>>>>>>>>>>>>>>>build iSulad on fedora failed>>>>>>>>>>>>>>>>>" + ret=1 + fi + +-docker build -t ${ubuntu_image_name} -f ./dockerfiles/Dockerfile-ubuntu . +-docker run --rm -ti -v $(pwd):/test ${ubuntu_image_name} /test/only_build_isulad.sh ++docker build -t ${ubuntu_image_name} -f ${basepath}/dockerfiles/Dockerfile-ubuntu . ++docker run --rm -ti -v ${basepath}:/test ${ubuntu_image_name} /test/only_build_isulad.sh + if [ $? -ne 0 ]; then + echo ">>>>>>>>>>>>>>>>build iSulad on ubuntu failed>>>>>>>>>>>>>>>>>" + ret=1 +-- +2.40.1 + diff --git a/0043-CI-do-not-use-tty-to-run-docker-run.patch b/0043-CI-do-not-use-tty-to-run-docker-run.patch new file mode 100644 index 0000000..7c8e7ff --- /dev/null +++ b/0043-CI-do-not-use-tty-to-run-docker-run.patch @@ -0,0 +1,34 @@ +From 50d5b8946382a857beaa0b1b1231c9f2cdedc24a Mon Sep 17 00:00:00 2001 +From: haozi007 +Date: Mon, 18 Sep 2023 09:42:36 +0800 +Subject: [PATCH 43/44] [CI] do not use tty to run docker run + +Signed-off-by: haozi007 +--- + CI/build_on_linux_distros.sh | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/CI/build_on_linux_distros.sh b/CI/build_on_linux_distros.sh +index d7054a2d..d033c8ba 100755 +--- a/CI/build_on_linux_distros.sh ++++ b/CI/build_on_linux_distros.sh +@@ -26,14 +26,14 @@ ret=0 + + # prepare docker images, current support fedora and ubuntu + docker build -t ${fedora_image_name} -f ${basepath}/dockerfiles/Dockerfile-fedora . +-docker run --rm -ti -v ${basepath}:/test ${fedora_image_name} /test/only_build_isulad.sh ++docker run --rm -v ${basepath}:/test ${fedora_image_name} /test/only_build_isulad.sh + if [ $? -ne 0 ]; then + echo ">>>>>>>>>>>>>>>>build iSulad on fedora failed>>>>>>>>>>>>>>>>>" + ret=1 + fi + + docker build -t ${ubuntu_image_name} -f ${basepath}/dockerfiles/Dockerfile-ubuntu . +-docker run --rm -ti -v ${basepath}:/test ${ubuntu_image_name} /test/only_build_isulad.sh ++docker run --rm -v ${basepath}:/test ${ubuntu_image_name} /test/only_build_isulad.sh + if [ $? -ne 0 ]; then + echo ">>>>>>>>>>>>>>>>build iSulad on ubuntu failed>>>>>>>>>>>>>>>>>" + ret=1 +-- +2.40.1 + diff --git a/0044-2196-find-libisulad_shim_libutils.a-from-libisula.pc.patch b/0044-2196-find-libisulad_shim_libutils.a-from-libisula.pc.patch new file mode 100644 index 0000000..2247c87 --- /dev/null +++ b/0044-2196-find-libisulad_shim_libutils.a-from-libisula.pc.patch @@ -0,0 +1,26 @@ +From 3c18490c773191dda77783bd56f92c015fa3a22f Mon Sep 17 00:00:00 2001 +From: haozi007 +Date: Mon, 18 Sep 2023 13:18:06 +0000 +Subject: [PATCH 44/44] !2196 find libisulad_shim_libutils.a from libisula.pc * + find libisulad_shim_libutils.a from libisula.pc + +--- + cmake/checker.cmake | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/cmake/checker.cmake b/cmake/checker.cmake +index 0f1b3ce0..358ab4af 100644 +--- a/cmake/checker.cmake ++++ b/cmake/checker.cmake +@@ -108,7 +108,7 @@ find_library(ISULA_LIBUTILS_LIBRARY isula_libutils + _CHECK(ISULA_LIBUTILS_LIBRARY "ISULA_LIBUTILS_LIBRARY-NOTFOUND" "libisula_libutils.so") + + find_library(ISULAD_SHIM_LIBUTILS_LIBRARY isulad_shim_libutils +- HINTS ${PC_ISULAD_SHIM_LIBUTILS_LIBDIR} ${PC_ISULAD_SHIM_LIBUTILS_LIBRARY_DIRS}) ++ HINTS ${PC_ISULA_LIBUTILS_LIBDIR} ${PC_ISULA_LIBUTILS_LIBRARY_DIRS}) + _CHECK(ISULAD_SHIM_LIBUTILS_LIBRARY "ISULAD_SHIM_LIBUTILS_LIBRARY-NOTFOUND" "libisulad_shim_libutils.a") + + if (ENABLE_SHIM_V2) +-- +2.40.1 + diff --git a/iSulad.spec b/iSulad.spec index 6cd9ab0..edc73ca 100644 --- a/iSulad.spec +++ b/iSulad.spec @@ -1,5 +1,5 @@ %global _version 2.1.3 -%global _release 2 +%global _release 3 %global is_systemd 1 %global enable_criv1 1 %global enable_shimv2 1 @@ -48,6 +48,17 @@ Patch0030: 0030-mask-proxy-informations.patch Patch0031: 0031-add-testcase-for-isula-info.patch Patch0032: 0032-fix-oci-import-compile-error.patch Patch0033: 0033-2188-Support-both-C-11-and-C-17.patch +Patch0034: 0034-2184-update-docs-build_docs-guide-build_guide_riscv_.patch +Patch0035: 0035-2186-update-docs-design-detailed-Image-image_storage.patch +Patch0036: 0036-2187-update-docs-design-detailed-Image-remote_ro_des.patch +Patch0037: 0037-2189-Limit-the-response-size-of-ExecSync.patch +Patch0038: 0038-refactor-adapt-new-library-for-libisulad-shim-utils.patch +Patch0039: 0039-CI-support-build-isulad-on-many-linux-distros.patch +Patch0040: 0040-fix-null-argument-cause-to-coredump-on-fedora38.patch +Patch0041: 0041-new-docker-container-do-not-need-change-resolv.patch +Patch0042: 0042-CI-fix-relative-path-of-file.patch +Patch0043: 0043-CI-do-not-use-tty-to-run-docker-run.patch +Patch0044: 0044-2196-find-libisulad_shim_libutils.a-from-libisula.pc.patch Patch6001: 6001-modify-daemon-json-default-runtime-to-runc.patch %ifarch x86_64 aarch64 @@ -303,6 +314,12 @@ fi %endif %changelog +* Tue Sep 19 2023 zhongtao - 2.1.3-3 +- Type: bugfix +- ID: NA +- SUG: NA +- DESC: bugfix for codecheck and adapt new library for libisulad-shim utils + * Wed Sep 13 2023 xuxuepeng - 2.1.3-2 - Type: update - ID: NA -- Gitee