Merge pull request #2585 from dm0-/torcx

Move Docker to torcx

sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/compat-wrapper.sh

@@ -0,0 +1,33 @@
+#!/bin/bash
+set -e
+
+bin=${0##*/}
+seal=/run/metadata/torcx
+
+if [ -z "${bin}" ]
+then
+        echo 'Failed to determine the executed program name.' 1>&2
+        exit 1
+fi
+
+if [ -s "${seal}" ]
+then
+        . "${seal}"
+else
+        echo "The program ${bin} is managed by torcx, which did not run." 1>&2
+        exit 1
+fi
+
+if [ -z "${TORCX_BINDIR-}" ]
+then
+        echo "The torcx seal file ${seal} is invalid." 1>&2
+        exit 1
+fi
+
+if [ ! -x "${TORCX_BINDIR}/${bin}" ]
+then
+        echo "The current torcx profile did not install a ${bin} program." 1>&2
+        exit 1
+fi
+
+PATH="${TORCX_BINDIR}${PATH:+:${PATH}}" exec "${TORCX_BINDIR}/${bin}" "$@"

sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/dockerd-wrapper.sh

@@ -0,0 +1,41 @@
+#!/bin/bash
+# Wrapper for launching docker daemons with selinux default on
+# This wrapper script has been deprecated (euank: 2017-05-09) and is retained
+# for backwards compatibility.
+
+set -e
+
+parse_docker_args() {
+    local flag
+    while [[ $# -gt 0 ]]; do
+        flag="$1"
+        shift
+
+        # treat --flag=foo and --flag foo identically
+        if [[ "${flag}" == *=* ]]; then
+            set -- "${flag#*=}" "$@"
+            flag="${flag%=*}"
+        fi
+
+        case "${flag}" in
+            --selinux-enabled)
+                ARG_SELINUX="$1"
+                shift
+                ;;
+            *)
+                # ignore everything else
+                ;;
+        esac
+    done
+}
+
+parse_docker_args "$@"
+
+USE_SELINUX=""
+# Do not override selinux if it is already explicitly configured.
+if [[ -z "${ARG_SELINUX}" ]]; then
+        # If unspecified, default on
+        USE_SELINUX="--selinux-enabled"
+fi
+
+exec dockerd "$@" ${USE_SELINUX}

sdk_container/src/third_party/coreos-overlay/app-arch/torcx/files/vendor.json

@@ -0,0 +1,11 @@
+{
+    "kind": "profile-manifest-v0",
+    "value": {
+        "images": [
+            {
+                "name": "docker",
+                "reference": "com.coreos.cl"
+            }
+        ]
+    }
+}

sdk_container/src/third_party/coreos-overlay/app-arch/torcx/torcx-9999.ebuild

@@ -11,7 +11,7 @@ COREOS_GO_VERSION="go1.8"
 if [[ "${PV}" == 9999 ]]; then
 	KEYWORDS="~amd64 ~arm64"
 else
-	CROS_WORKON_COMMIT="1987d1c516c6925280fade659569d5062999a1db" # v0.1.0-alpha.1a
+	CROS_WORKON_COMMIT="72f5f2721b867b158f14657d0ebe97fad8019a7a" # v0.1.0-alpha.2a
 	KEYWORDS="amd64 arm64"
 fi
 
@@ -46,4 +46,12 @@ src_install() {
 	insinto "${vendordir}/profiles"
 	doins "${FILESDIR}/vendor.json"
 	dodir "${vendordir}/store"
+
+	# Preserve program paths for torcx packages.
+	newbin "${FILESDIR}/compat-wrapper.sh" docker
+	for link in {docker-,}{containerd{,-shim},runc} ctr docker-{init,proxy} dockerd tini
+	do ln -fns docker "${ED}/usr/bin/${link}"
+	done
+	exeinto /usr/lib/coreos
+	newexe "${FILESDIR}/dockerd-wrapper.sh" dockerd
 }

sdk_container/src/third_party/coreos-overlay/app-torcx/docker/docker-1.12.ebuild

@@ -0,0 +1,26 @@
+# Copyright (c) 2017 CoreOS, Inc.. All rights reserved.
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=2
+
+DESCRIPTION="Packages to be installed in a torcx image for Docker"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 arm64"
+
+# Explicitly list all packages that will be built into the image.
+RDEPEND="
+	=app-emulation/docker-1.12.6-r5
+	=app-emulation/containerd-0.2.5-r2
+	=app-emulation/runc-1.0.0_rc2_p9
+"
+
+src_install() {
+	insinto /.torcx
+	newins "${FILESDIR}/${PN}-${PV}-manifest.json" manifest.json
+
+	# Enable the Docker socket by default.
+	local unitdir=/usr/lib/systemd/system
+	dosym ../docker.socket "${unitdir}/sockets.target.wants/docker.socket"
+}

sdk_container/src/third_party/coreos-overlay/app-torcx/docker/docker-17.05.ebuild

@@ -0,0 +1,28 @@
+# Copyright (c) 2017 CoreOS, Inc.. All rights reserved.
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=2
+
+DESCRIPTION="Packages to be installed in a torcx image for Docker"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 arm64"
+
+# Explicitly list all packages that will be built into the image.
+RDEPEND="
+	=app-emulation/docker-17.05.0
+	=app-emulation/containerd-0.2.7_p2
+	=app-emulation/docker-proxy-0.8.0_p20170410
+	=app-emulation/runc-1.0.0_rc2_p137
+	=sys-process/tini-0.13.2
+"
+
+src_install() {
+	insinto /.torcx
+	newins "${FILESDIR}/${PN}-${PV}-manifest.json" manifest.json
+
+	# Enable the Docker socket by default.
+	local unitdir=/usr/lib/systemd/system
+	dosym ../docker.socket "${unitdir}/sockets.target.wants/docker.socket"
+}

sdk_container/src/third_party/coreos-overlay/app-torcx/docker/files/docker-1.12-manifest.json

@@ -0,0 +1,27 @@
+{
+    "kind": "image-manifest-v0",
+    "value": {
+        "bin": [
+            "/bin/containerd",
+            "/bin/containerd-shim",
+            "/bin/ctr",
+            "/bin/docker",
+            "/bin/docker-containerd",
+            "/bin/docker-containerd-shim",
+            "/bin/docker-proxy",
+            "/bin/docker-runc",
+            "/bin/dockerd",
+            "/bin/runc"
+        ],
+        "network": [
+            "/lib/systemd/network/50-docker.network",
+            "/lib/systemd/network/90-docker-veth.network"
+        ],
+        "units": [
+            "/lib/systemd/system/containerd.service",
+            "/lib/systemd/system/docker.service",
+            "/lib/systemd/system/docker.socket",
+            "/lib/systemd/system/sockets.target.wants"
+        ]
+    }
+}

sdk_container/src/third_party/coreos-overlay/app-torcx/docker/files/docker-17.05-manifest.json

@@ -0,0 +1,29 @@
+{
+    "kind": "image-manifest-v0",
+    "value": {
+        "bin": [
+            "/bin/containerd",
+            "/bin/containerd-shim",
+            "/bin/ctr",
+            "/bin/docker",
+            "/bin/docker-containerd",
+            "/bin/docker-containerd-shim",
+            "/bin/docker-init",
+            "/bin/docker-proxy",
+            "/bin/docker-runc",
+            "/bin/dockerd",
+            "/bin/runc",
+            "/bin/tini"
+        ],
+        "network": [
+            "/lib/systemd/network/50-docker.network",
+            "/lib/systemd/network/90-docker-veth.network"
+        ],
+        "units": [
+            "/lib/systemd/system/containerd.service",
+            "/lib/systemd/system/docker.service",
+            "/lib/systemd/system/docker.socket",
+            "/lib/systemd/system/sockets.target.wants"
+        ]
+    }
+}

sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild

@@ -29,7 +29,6 @@ REQUIRED_USE="symlink-usr"
 # Daemons we enable here must installed during build/install in addition to
 # during runtime so the systemd unit enable step works.
 DEPEND="
-	app-emulation/docker
 	net-misc/openssh
 	net-nds/rpcbind
 	!<dev-db/etcd-0.0.1-r6
@@ -49,7 +48,6 @@ src_install() {
 
 	# Enable some sockets that aren't enabled by their own ebuilds.
 	systemd_enable_service sockets.target sshd.socket
-	systemd_enable_service sockets.target docker.socket
 
 	# Enable some services that aren't enabled elsewhere.
 	systemd_enable_service rpcbind.target rpcbind.service

sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild

@@ -102,7 +102,6 @@ RDEPEND="${RDEPEND}
 	app-crypt/gnupg
 	app-crypt/tpmpolicy
 	app-editors/vim
-	app-emulation/docker
 	app-emulation/rkt
 	app-emulation/actool
 	app-misc/ca-certificates

sdk_container/src/third_party/coreos-overlay/profiles/categories

@@ -21,6 +21,7 @@ app-pda
 app-portage
 app-shells
 app-text
+app-torcx
 app-vim
 app-xemacs
 chromeos-base