Signed-off-by: Jessica Frazelle <acidburn@docker.com>
Jessica Frazelle authored on 2015/09/01 02:06:22... | ... |
@@ -49,6 +49,7 @@ RUN apt-get update && apt-get install -y \ |
49 | 49 |
gcc-mingw-w64 \ |
50 | 50 |
git \ |
51 | 51 |
iptables \ |
52 |
+ jq \ |
|
52 | 53 |
libapparmor-dev \ |
53 | 54 |
libcap-dev \ |
54 | 55 |
libltdl-dev \ |
... | ... |
@@ -175,11 +176,11 @@ RUN ln -sfv $PWD/.bashrc ~/.bashrc |
175 | 175 |
RUN ln -sv $PWD/contrib/completion/bash/docker /etc/bash_completion.d/docker |
176 | 176 |
|
177 | 177 |
# Get useful and necessary Hub images so we can "docker load" locally instead of pulling |
178 |
-COPY contrib/download-frozen-image.sh /go/src/github.com/docker/docker/contrib/ |
|
179 |
-RUN ./contrib/download-frozen-image.sh /docker-frozen-images \ |
|
180 |
- busybox:latest@d7057cb020844f245031d27b76cb18af05db1cc3a96a29fa7777af75f5ac91a3 \ |
|
181 |
- hello-world:frozen@91c95931e552b11604fea91c2f537284149ec32fff0f700a4769cfd31d7696ae \ |
|
182 |
- jess/unshare@5c9f6ea50341a2a8eb6677527f2bdedbf331ae894a41714fda770fb130f3314d |
|
178 |
+COPY contrib/download-frozen-image-v2.sh /go/src/github.com/docker/docker/contrib/ |
|
179 |
+RUN ./contrib/download-frozen-image-v2.sh /docker-frozen-images \ |
|
180 |
+ busybox:latest@sha256:eb3c0d4680f9213ee5f348ea6d39489a1f85a318a2ae09e012c426f78252a6d2 \ |
|
181 |
+ hello-world:latest@sha256:8be990ef2aeb16dbcb9271ddfe2610fa6658d13f6dfb8bc72074cc1ca36966a7 \ |
|
182 |
+ jess/unshare:latest@sha256:2e3a8c0591c4690b82d4eba7e5ef8f49f2ddfe9f867f3e865198db9bd1436c5b |
|
183 | 183 |
# see also "hack/make/.ensure-frozen-images" (which needs to be updated any time this list is) |
184 | 184 |
|
185 | 185 |
# Download man page generator |
186 | 186 |
new file mode 100755 |
... | ... |
@@ -0,0 +1,108 @@ |
0 |
+#!/bin/bash |
|
1 |
+set -e |
|
2 |
+ |
|
3 |
+# hello-world latest ef872312fe1b 3 months ago 910 B |
|
4 |
+# hello-world latest ef872312fe1bbc5e05aae626791a47ee9b032efa8f3bda39cc0be7b56bfe59b9 3 months ago 910 B |
|
5 |
+ |
|
6 |
+# debian latest f6fab3b798be 10 weeks ago 85.1 MB |
|
7 |
+# debian latest f6fab3b798be3174f45aa1eb731f8182705555f89c9026d8c1ef230cbf8301dd 10 weeks ago 85.1 MB |
|
8 |
+ |
|
9 |
+if ! command -v curl &> /dev/null; then |
|
10 |
+ echo >&2 'error: "curl" not found!' |
|
11 |
+ exit 1 |
|
12 |
+fi |
|
13 |
+ |
|
14 |
+usage() { |
|
15 |
+ echo "usage: $0 dir image[:tag][@image-id] ..." |
|
16 |
+ echo " ie: $0 /tmp/hello-world hello-world" |
|
17 |
+ echo " $0 /tmp/debian-jessie debian:jessie" |
|
18 |
+ echo " $0 /tmp/old-hello-world hello-world@ef872312fe1bbc5e05aae626791a47ee9b032efa8f3bda39cc0be7b56bfe59b9" |
|
19 |
+ echo " $0 /tmp/old-debian debian:latest@f6fab3b798be3174f45aa1eb731f8182705555f89c9026d8c1ef230cbf8301dd" |
|
20 |
+ [ -z "$1" ] || exit "$1" |
|
21 |
+} |
|
22 |
+ |
|
23 |
+dir="$1" # dir for building tar in |
|
24 |
+shift || usage 1 >&2 |
|
25 |
+ |
|
26 |
+[ $# -gt 0 -a "$dir" ] || usage 2 >&2 |
|
27 |
+mkdir -p "$dir" |
|
28 |
+ |
|
29 |
+# hacky workarounds for Bash 3 support (no associative arrays) |
|
30 |
+images=() |
|
31 |
+rm -f "$dir"/tags-*.tmp |
|
32 |
+# repositories[busybox]='"latest": "...", "ubuntu-14.04": "..."' |
|
33 |
+ |
|
34 |
+while [ $# -gt 0 ]; do |
|
35 |
+ imageTag="$1" |
|
36 |
+ shift |
|
37 |
+ image="${imageTag%%[:@]*}" |
|
38 |
+ tag="${imageTag#*:}" |
|
39 |
+ imageId="${tag##*@}" |
|
40 |
+ [ "$imageId" != "$tag" ] || imageId= |
|
41 |
+ [ "$tag" != "$imageTag" ] || tag='latest' |
|
42 |
+ tag="${tag%@*}" |
|
43 |
+ |
|
44 |
+ imageFile="${image//\//_}" # "/" can't be in filenames :) |
|
45 |
+ |
|
46 |
+ token="$(curl -sSL -o /dev/null -D- -H 'X-Docker-Token: true' "https://index.docker.io/v1/repositories/$image/images" | tr -d '\r' | awk -F ': *' '$1 == "X-Docker-Token" { print $2 }')" |
|
47 |
+ |
|
48 |
+ if [ -z "$imageId" ]; then |
|
49 |
+ imageId="$(curl -sSL -H "Authorization: Token $token" "https://registry-1.docker.io/v1/repositories/$image/tags/$tag")" |
|
50 |
+ imageId="${imageId//\"/}" |
|
51 |
+ fi |
|
52 |
+ |
|
53 |
+ ancestryJson="$(curl -sSL -H "Authorization: Token $token" "https://registry-1.docker.io/v1/images/$imageId/ancestry")" |
|
54 |
+ if [ "${ancestryJson:0:1}" != '[' ]; then |
|
55 |
+ echo >&2 "error: /v1/images/$imageId/ancestry returned something unexpected:" |
|
56 |
+ echo >&2 " $ancestryJson" |
|
57 |
+ exit 1 |
|
58 |
+ fi |
|
59 |
+ |
|
60 |
+ IFS=',' |
|
61 |
+ ancestry=( ${ancestryJson//[\[\] \"]/} ) |
|
62 |
+ unset IFS |
|
63 |
+ |
|
64 |
+ if [ -s "$dir/tags-$imageFile.tmp" ]; then |
|
65 |
+ echo -n ', ' >> "$dir/tags-$imageFile.tmp" |
|
66 |
+ else |
|
67 |
+ images=( "${images[@]}" "$image" ) |
|
68 |
+ fi |
|
69 |
+ echo -n '"'"$tag"'": "'"$imageId"'"' >> "$dir/tags-$imageFile.tmp" |
|
70 |
+ |
|
71 |
+ echo "Downloading '$imageTag' (${#ancestry[@]} layers)..." |
|
72 |
+ for imageId in "${ancestry[@]}"; do |
|
73 |
+ mkdir -p "$dir/$imageId" |
|
74 |
+ echo '1.0' > "$dir/$imageId/VERSION" |
|
75 |
+ |
|
76 |
+ curl -sSL -H "Authorization: Token $token" "https://registry-1.docker.io/v1/images/$imageId/json" -o "$dir/$imageId/json" |
|
77 |
+ |
|
78 |
+ # TODO figure out why "-C -" doesn't work here |
|
79 |
+ # "curl: (33) HTTP server doesn't seem to support byte ranges. Cannot resume." |
|
80 |
+ # "HTTP/1.1 416 Requested Range Not Satisfiable" |
|
81 |
+ if [ -f "$dir/$imageId/layer.tar" ]; then |
|
82 |
+ # TODO hackpatch for no -C support :'( |
|
83 |
+ echo "skipping existing ${imageId:0:12}" |
|
84 |
+ continue |
|
85 |
+ fi |
|
86 |
+ curl -SL --progress -H "Authorization: Token $token" "https://registry-1.docker.io/v1/images/$imageId/layer" -o "$dir/$imageId/layer.tar" # -C - |
|
87 |
+ done |
|
88 |
+ echo |
|
89 |
+done |
|
90 |
+ |
|
91 |
+echo -n '{' > "$dir/repositories" |
|
92 |
+firstImage=1 |
|
93 |
+for image in "${images[@]}"; do |
|
94 |
+ imageFile="${image//\//_}" # "/" can't be in filenames :) |
|
95 |
+ |
|
96 |
+ [ "$firstImage" ] || echo -n ',' >> "$dir/repositories" |
|
97 |
+ firstImage= |
|
98 |
+ echo -n $'\n\t' >> "$dir/repositories" |
|
99 |
+ echo -n '"'"$image"'": { '"$(cat "$dir/tags-$imageFile.tmp")"' }' >> "$dir/repositories" |
|
100 |
+done |
|
101 |
+echo -n $'\n}\n' >> "$dir/repositories" |
|
102 |
+ |
|
103 |
+rm -f "$dir"/tags-*.tmp |
|
104 |
+ |
|
105 |
+echo "Download of images into '$dir' complete." |
|
106 |
+echo "Use something like the following to load the result into a Docker daemon:" |
|
107 |
+echo " tar -cC '$dir' . | docker load" |
0 | 108 |
new file mode 100755 |
... | ... |
@@ -0,0 +1,113 @@ |
0 |
+#!/bin/bash |
|
1 |
+set -e |
|
2 |
+ |
|
3 |
+# hello-world latest ef872312fe1b 3 months ago 910 B |
|
4 |
+# hello-world latest ef872312fe1bbc5e05aae626791a47ee9b032efa8f3bda39cc0be7b56bfe59b9 3 months ago 910 B |
|
5 |
+ |
|
6 |
+# debian latest f6fab3b798be 10 weeks ago 85.1 MB |
|
7 |
+# debian latest f6fab3b798be3174f45aa1eb731f8182705555f89c9026d8c1ef230cbf8301dd 10 weeks ago 85.1 MB |
|
8 |
+ |
|
9 |
+if ! command -v curl &> /dev/null; then |
|
10 |
+ echo >&2 'error: "curl" not found!' |
|
11 |
+ exit 1 |
|
12 |
+fi |
|
13 |
+ |
|
14 |
+usage() { |
|
15 |
+ echo "usage: $0 dir image[:tag][@digest] ..." |
|
16 |
+ echo " $0 /tmp/old-hello-world hello-world:latest@sha256:8be990ef2aeb16dbcb9271ddfe2610fa6658d13f6dfb8bc72074cc1ca36966a7" |
|
17 |
+ [ -z "$1" ] || exit "$1" |
|
18 |
+} |
|
19 |
+ |
|
20 |
+dir="$1" # dir for building tar in |
|
21 |
+shift || usage 1 >&2 |
|
22 |
+ |
|
23 |
+[ $# -gt 0 -a "$dir" ] || usage 2 >&2 |
|
24 |
+mkdir -p "$dir" |
|
25 |
+ |
|
26 |
+# hacky workarounds for Bash 3 support (no associative arrays) |
|
27 |
+images=() |
|
28 |
+rm -f "$dir"/tags-*.tmp |
|
29 |
+# repositories[busybox]='"latest": "...", "ubuntu-14.04": "..."' |
|
30 |
+ |
|
31 |
+while [ $# -gt 0 ]; do |
|
32 |
+ imageTag="$1" |
|
33 |
+ shift |
|
34 |
+ image="${imageTag%%[:@]*}" |
|
35 |
+ imageTag="${imageTag#*:}" |
|
36 |
+ digest="${imageTag##*@}" |
|
37 |
+ tag="${imageTag%%@*}" |
|
38 |
+ |
|
39 |
+ # add prefix library if passed official image |
|
40 |
+ if [[ "$image" != *"/"* ]]; then |
|
41 |
+ image="library/$image" |
|
42 |
+ fi |
|
43 |
+ |
|
44 |
+ imageFile="${image//\//_}" # "/" can't be in filenames :) |
|
45 |
+ |
|
46 |
+ token="$(curl -sSL "https://auth.docker.io/token?service=registry.docker.io&scope=repository:$image:pull" | jq --raw-output .token)" |
|
47 |
+ |
|
48 |
+ manifestJson="$(curl -sSL -H "Authorization: Bearer $token" "https://registry-1.docker.io/v2/$image/manifests/$digest")" |
|
49 |
+ if [ "${manifestJson:0:1}" != '{' ]; then |
|
50 |
+ echo >&2 "error: /v2/$image/manifests/$digest returned something unexpected:" |
|
51 |
+ echo >&2 " $manifestJson" |
|
52 |
+ exit 1 |
|
53 |
+ fi |
|
54 |
+ |
|
55 |
+ layersFs=$(echo "$manifestJson" | jq --raw-output '.fsLayers | .[] | .blobSum') |
|
56 |
+ |
|
57 |
+ IFS=$'\n' |
|
58 |
+ layers=( ${layersFs} ) |
|
59 |
+ unset IFS |
|
60 |
+ |
|
61 |
+ history=$(echo "$manifestJson" | jq '.history | [.[] | .v1Compatibility]') |
|
62 |
+ imageId=$(echo "$history" | jq --raw-output .[0] | jq --raw-output .id) |
|
63 |
+ |
|
64 |
+ if [ -s "$dir/tags-$imageFile.tmp" ]; then |
|
65 |
+ echo -n ', ' >> "$dir/tags-$imageFile.tmp" |
|
66 |
+ else |
|
67 |
+ images=( "${images[@]}" "$image" ) |
|
68 |
+ fi |
|
69 |
+ echo -n '"'"$tag"'": "'"$imageId"'"' >> "$dir/tags-$imageFile.tmp" |
|
70 |
+ |
|
71 |
+ echo "Downloading '${image}:${tag}@${digest}' (${#layers[@]} layers)..." |
|
72 |
+ for i in "${!layers[@]}"; do |
|
73 |
+ imageJson=$(echo "$history" | jq --raw-output .[${i}]) |
|
74 |
+ imageId=$(echo "$imageJson" | jq --raw-output .id) |
|
75 |
+ imageLayer=${layers[$i]} |
|
76 |
+ |
|
77 |
+ mkdir -p "$dir/$imageId" |
|
78 |
+ echo '1.0' > "$dir/$imageId/VERSION" |
|
79 |
+ |
|
80 |
+ echo "$imageJson" > "$dir/$imageId/json" |
|
81 |
+ |
|
82 |
+ # TODO figure out why "-C -" doesn't work here |
|
83 |
+ # "curl: (33) HTTP server doesn't seem to support byte ranges. Cannot resume." |
|
84 |
+ # "HTTP/1.1 416 Requested Range Not Satisfiable" |
|
85 |
+ if [ -f "$dir/$imageId/layer.tar" ]; then |
|
86 |
+ # TODO hackpatch for no -C support :'( |
|
87 |
+ echo "skipping existing ${imageId:0:12}" |
|
88 |
+ continue |
|
89 |
+ fi |
|
90 |
+ curl -SL --progress -H "Authorization: Bearer $token" "https://registry-1.docker.io/v2/$image/blobs/$imageLayer" -o "$dir/$imageId/layer.tar" # -C - |
|
91 |
+ done |
|
92 |
+ echo |
|
93 |
+done |
|
94 |
+ |
|
95 |
+echo -n '{' > "$dir/repositories" |
|
96 |
+firstImage=1 |
|
97 |
+for image in "${images[@]}"; do |
|
98 |
+ imageFile="${image//\//_}" # "/" can't be in filenames :) |
|
99 |
+ image="${image#library\/}" |
|
100 |
+ |
|
101 |
+ [ "$firstImage" ] || echo -n ',' >> "$dir/repositories" |
|
102 |
+ firstImage= |
|
103 |
+ echo -n $'\n\t' >> "$dir/repositories" |
|
104 |
+ echo -n '"'"$image"'": { '"$(cat "$dir/tags-$imageFile.tmp")"' }' >> "$dir/repositories" |
|
105 |
+done |
|
106 |
+echo -n $'\n}\n' >> "$dir/repositories" |
|
107 |
+ |
|
108 |
+rm -f "$dir"/tags-*.tmp |
|
109 |
+ |
|
110 |
+echo "Download of images into '$dir' complete." |
|
111 |
+echo "Use something like the following to load the result into a Docker daemon:" |
|
112 |
+echo " tar -cC '$dir' . | docker load" |
0 | 113 |
deleted file mode 100755 |
... | ... |
@@ -1,108 +0,0 @@ |
1 |
-#!/bin/bash |
|
2 |
-set -e |
|
3 |
- |
|
4 |
-# hello-world latest ef872312fe1b 3 months ago 910 B |
|
5 |
-# hello-world latest ef872312fe1bbc5e05aae626791a47ee9b032efa8f3bda39cc0be7b56bfe59b9 3 months ago 910 B |
|
6 |
- |
|
7 |
-# debian latest f6fab3b798be 10 weeks ago 85.1 MB |
|
8 |
-# debian latest f6fab3b798be3174f45aa1eb731f8182705555f89c9026d8c1ef230cbf8301dd 10 weeks ago 85.1 MB |
|
9 |
- |
|
10 |
-if ! command -v curl &> /dev/null; then |
|
11 |
- echo >&2 'error: "curl" not found!' |
|
12 |
- exit 1 |
|
13 |
-fi |
|
14 |
- |
|
15 |
-usage() { |
|
16 |
- echo "usage: $0 dir image[:tag][@image-id] ..." |
|
17 |
- echo " ie: $0 /tmp/hello-world hello-world" |
|
18 |
- echo " $0 /tmp/debian-jessie debian:jessie" |
|
19 |
- echo " $0 /tmp/old-hello-world hello-world@ef872312fe1bbc5e05aae626791a47ee9b032efa8f3bda39cc0be7b56bfe59b9" |
|
20 |
- echo " $0 /tmp/old-debian debian:latest@f6fab3b798be3174f45aa1eb731f8182705555f89c9026d8c1ef230cbf8301dd" |
|
21 |
- [ -z "$1" ] || exit "$1" |
|
22 |
-} |
|
23 |
- |
|
24 |
-dir="$1" # dir for building tar in |
|
25 |
-shift || usage 1 >&2 |
|
26 |
- |
|
27 |
-[ $# -gt 0 -a "$dir" ] || usage 2 >&2 |
|
28 |
-mkdir -p "$dir" |
|
29 |
- |
|
30 |
-# hacky workarounds for Bash 3 support (no associative arrays) |
|
31 |
-images=() |
|
32 |
-rm -f "$dir"/tags-*.tmp |
|
33 |
-# repositories[busybox]='"latest": "...", "ubuntu-14.04": "..."' |
|
34 |
- |
|
35 |
-while [ $# -gt 0 ]; do |
|
36 |
- imageTag="$1" |
|
37 |
- shift |
|
38 |
- image="${imageTag%%[:@]*}" |
|
39 |
- tag="${imageTag#*:}" |
|
40 |
- imageId="${tag##*@}" |
|
41 |
- [ "$imageId" != "$tag" ] || imageId= |
|
42 |
- [ "$tag" != "$imageTag" ] || tag='latest' |
|
43 |
- tag="${tag%@*}" |
|
44 |
- |
|
45 |
- imageFile="${image//\//_}" # "/" can't be in filenames :) |
|
46 |
- |
|
47 |
- token="$(curl -sSL -o /dev/null -D- -H 'X-Docker-Token: true' "https://index.docker.io/v1/repositories/$image/images" | tr -d '\r' | awk -F ': *' '$1 == "X-Docker-Token" { print $2 }')" |
|
48 |
- |
|
49 |
- if [ -z "$imageId" ]; then |
|
50 |
- imageId="$(curl -sSL -H "Authorization: Token $token" "https://registry-1.docker.io/v1/repositories/$image/tags/$tag")" |
|
51 |
- imageId="${imageId//\"/}" |
|
52 |
- fi |
|
53 |
- |
|
54 |
- ancestryJson="$(curl -sSL -H "Authorization: Token $token" "https://registry-1.docker.io/v1/images/$imageId/ancestry")" |
|
55 |
- if [ "${ancestryJson:0:1}" != '[' ]; then |
|
56 |
- echo >&2 "error: /v1/images/$imageId/ancestry returned something unexpected:" |
|
57 |
- echo >&2 " $ancestryJson" |
|
58 |
- exit 1 |
|
59 |
- fi |
|
60 |
- |
|
61 |
- IFS=',' |
|
62 |
- ancestry=( ${ancestryJson//[\[\] \"]/} ) |
|
63 |
- unset IFS |
|
64 |
- |
|
65 |
- if [ -s "$dir/tags-$imageFile.tmp" ]; then |
|
66 |
- echo -n ', ' >> "$dir/tags-$imageFile.tmp" |
|
67 |
- else |
|
68 |
- images=( "${images[@]}" "$image" ) |
|
69 |
- fi |
|
70 |
- echo -n '"'"$tag"'": "'"$imageId"'"' >> "$dir/tags-$imageFile.tmp" |
|
71 |
- |
|
72 |
- echo "Downloading '$imageTag' (${#ancestry[@]} layers)..." |
|
73 |
- for imageId in "${ancestry[@]}"; do |
|
74 |
- mkdir -p "$dir/$imageId" |
|
75 |
- echo '1.0' > "$dir/$imageId/VERSION" |
|
76 |
- |
|
77 |
- curl -sSL -H "Authorization: Token $token" "https://registry-1.docker.io/v1/images/$imageId/json" -o "$dir/$imageId/json" |
|
78 |
- |
|
79 |
- # TODO figure out why "-C -" doesn't work here |
|
80 |
- # "curl: (33) HTTP server doesn't seem to support byte ranges. Cannot resume." |
|
81 |
- # "HTTP/1.1 416 Requested Range Not Satisfiable" |
|
82 |
- if [ -f "$dir/$imageId/layer.tar" ]; then |
|
83 |
- # TODO hackpatch for no -C support :'( |
|
84 |
- echo "skipping existing ${imageId:0:12}" |
|
85 |
- continue |
|
86 |
- fi |
|
87 |
- curl -SL --progress -H "Authorization: Token $token" "https://registry-1.docker.io/v1/images/$imageId/layer" -o "$dir/$imageId/layer.tar" # -C - |
|
88 |
- done |
|
89 |
- echo |
|
90 |
-done |
|
91 |
- |
|
92 |
-echo -n '{' > "$dir/repositories" |
|
93 |
-firstImage=1 |
|
94 |
-for image in "${images[@]}"; do |
|
95 |
- imageFile="${image//\//_}" # "/" can't be in filenames :) |
|
96 |
- |
|
97 |
- [ "$firstImage" ] || echo -n ',' >> "$dir/repositories" |
|
98 |
- firstImage= |
|
99 |
- echo -n $'\n\t' >> "$dir/repositories" |
|
100 |
- echo -n '"'"$image"'": { '"$(cat "$dir/tags-$imageFile.tmp")"' }' >> "$dir/repositories" |
|
101 |
-done |
|
102 |
-echo -n $'\n}\n' >> "$dir/repositories" |
|
103 |
- |
|
104 |
-rm -f "$dir"/tags-*.tmp |
|
105 |
- |
|
106 |
-echo "Download of images into '$dir' complete." |
|
107 |
-echo "Use something like the following to load the result into a Docker daemon:" |
|
108 |
-echo " tar -cC '$dir' . | docker load" |
... | ... |
@@ -4,17 +4,17 @@ set -e |
4 | 4 |
# this list should match roughly what's in the Dockerfile (minus the explicit image IDs, of course) |
5 | 5 |
images=( |
6 | 6 |
busybox:latest |
7 |
- hello-world:frozen |
|
7 |
+ hello-world:latest |
|
8 | 8 |
jess/unshare:latest |
9 | 9 |
) |
10 | 10 |
|
11 | 11 |
# on ARM we need images that work for the ARM architecture |
12 |
-if [ -v DOCKER_ENGINE_OSARCH ] && [ "$DOCKER_ENGINE_OSARCH" = "linux/arm" ]; then |
|
13 |
- images=( |
|
14 |
- hypriot/armhf-busybox@ea0800bb83571c585c5652b53668e76b29c7c0eef719892f9d0a48607984f9e1 |
|
15 |
- hypriot/armhf-hello-world@508c59a4f8b23c77bbcf43296c3f580873dc7eecb1f0d680cea3067e221fd4c2 |
|
16 |
- hypriot/armhf-unshare@3f1db65f8bbabc743fd739cf7145a56c35b2a0979ae3174e9d79b7fa4b00fca1 |
|
17 |
- ) |
|
12 |
+if [ "$DOCKER_ENGINE_OSARCH" = "linux/arm" ]; then |
|
13 |
+ images=( |
|
14 |
+ hypriot/armhf-busybox@ea0800bb83571c585c5652b53668e76b29c7c0eef719892f9d0a48607984f9e1 |
|
15 |
+ hypriot/armhf-hello-world@508c59a4f8b23c77bbcf43296c3f580873dc7eecb1f0d680cea3067e221fd4c2 |
|
16 |
+ hypriot/armhf-unshare@3f1db65f8bbabc743fd739cf7145a56c35b2a0979ae3174e9d79b7fa4b00fca1 |
|
17 |
+ ) |
|
18 | 18 |
fi |
19 | 19 |
|
20 | 20 |
if ! docker inspect "${images[@]}" &> /dev/null; then |
... | ... |
@@ -23,10 +23,10 @@ if ! docker inspect "${images[@]}" &> /dev/null; then |
23 | 23 |
( set -x; tar -cC "$hardCodedDir" . | docker load ) |
24 | 24 |
else |
25 | 25 |
dir="$DEST/frozen-images" |
26 |
- # extract the exact "RUN download-frozen-image.sh" line from the Dockerfile itself for consistency |
|
27 |
- # NOTE: this will fail if either "curl" is not installed or if the Dockerfile is not available/readable |
|
26 |
+ # extract the exact "RUN download-frozen-image-v2.sh" line from the Dockerfile itself for consistency |
|
27 |
+ # NOTE: this will fail if either "curl" or "jq" is not installed or if the Dockerfile is not available/readable |
|
28 | 28 |
awk ' |
29 |
- $1 == "RUN" && $2 == "./contrib/download-frozen-image.sh" { |
|
29 |
+ $1 == "RUN" && $2 == "./contrib/download-frozen-image-v2.sh" { |
|
30 | 30 |
for (i = 2; i < NF; i++) |
31 | 31 |
printf ( $i == "'"$hardCodedDir"'" ? "'"$dir"'" : $i ) " "; |
32 | 32 |
print $NF; |
... | ... |
@@ -46,14 +46,16 @@ if ! docker inspect "${images[@]}" &> /dev/null; then |
46 | 46 |
fi |
47 | 47 |
fi |
48 | 48 |
|
49 |
-if [ -v DOCKER_ENGINE_OSARCH ] && [ "$DOCKER_ENGINE_OSARCH" = "linux/arm" ]; then |
|
50 |
- # tag images to ensure that all integrations work with the defined image names |
|
51 |
- docker tag hypriot/armhf-busybox:latest busybox:latest |
|
52 |
- docker tag hypriot/armhf-hello-world:latest hello-world:frozen |
|
53 |
- docker tag hypriot/armhf-unshare:latest jess/unshare:latest |
|
49 |
+if [ "$DOCKER_ENGINE_OSARCH" = "linux/arm" ]; then |
|
50 |
+ # tag images to ensure that all integrations work with the defined image names |
|
51 |
+ docker tag hypriot/armhf-busybox:latest busybox:latest |
|
52 |
+ docker tag hypriot/armhf-hello-world:latest hello-world:frozen |
|
53 |
+ docker tag hypriot/armhf-unshare:latest jess/unshare:latest |
|
54 | 54 |
|
55 |
- # remove orignal tags as these make problems with later tests: TestInspectApiImageResponse |
|
56 |
- docker rmi hypriot/armhf-busybox:latest |
|
57 |
- docker rmi hypriot/armhf-hello-world:latest |
|
58 |
- docker rmi hypriot/armhf-unshare:latest |
|
55 |
+ # remove orignal tags as these make problems with later tests: TestInspectApiImageResponse |
|
56 |
+ docker rmi hypriot/armhf-busybox:latest |
|
57 |
+ docker rmi hypriot/armhf-hello-world:latest |
|
58 |
+ docker rmi hypriot/armhf-unshare:latest |
|
59 |
+else |
|
60 |
+ docker tag hello-world:latest hello-world:frozen |
|
59 | 61 |
fi |
... | ... |
@@ -2868,7 +2868,7 @@ func (s *DockerSuite) TestRunUnshareProc(c *check.C) { |
2868 | 2868 |
|
2869 | 2869 |
/* Ensure still fails if running privileged with the default policy */ |
2870 | 2870 |
name = "crashoverride" |
2871 |
- if out, _, err := dockerCmdWithError("run", "--privileged", "--security-opt", "apparmor:docker-default", "--name", name, "jess/unshare", "unshare", "-p", "-m", "-f", "-r", "mount", "-t", "proc", "none", "/proc"); err == nil || !(strings.Contains(out, "Permission denied") || strings.Contains(out, "Operation not permitted")) { |
|
2871 |
+ if out, _, err := dockerCmdWithError("run", "--privileged", "--security-opt", "apparmor:docker-default", "--name", name, "jess/unshare", "unshare", "-p", "-m", "-f", "-r", "mount", "-t", "proc", "none", "/proc"); err == nil || !(strings.Contains(strings.ToLower(out), "permission denied") || strings.Contains(strings.ToLower(out), "operation not permitted")) { |
|
2872 | 2872 |
c.Fatalf("unshare should have failed with permission denied, got: %s, %v", out, err) |
2873 | 2873 |
} |
2874 | 2874 |
} |