diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 5691911..cf2cdbc 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -8,14 +8,15 @@ "version": "latest", "moby": false // go for the upstream Docker-CE }, - //"ghcr.io/thediveo/devcontainer-features/pull-through-cache-registry:0": { - // "port": "9999" - //} + "ghcr.io/thediveo/devcontainer-features/pull-through-cache-registry:0": { + "port": "9999" + } }, "customizations": { "vscode": { "extensions": [ - "mads-hartmann.bash-ide-vscode" + "mads-hartmann.bash-ide-vscode", + "mhutchie.git-graph" ] } } diff --git a/.devcontainer/devcontainers-cli/devcontainer-feature.json b/.devcontainer/devcontainers-cli/devcontainer-feature.json index b6320d2..3e25c40 100644 --- a/.devcontainer/devcontainers-cli/devcontainer-feature.json +++ b/.devcontainer/devcontainers-cli/devcontainer-feature.json @@ -1,5 +1,7 @@ { "name": "@devcontainers/cli", + "id": "devcontainers-cli", + "version": "0.0.1", "installsAfter": [ "ghcr.io/devcontainers/features/node" ] diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 47d7786..3525c8c 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -14,7 +14,7 @@ jobs: packages: write steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # pin@v6 - name: "publish Features" uses: devcontainers/action@1082abd5d2bf3a11abccba70eef98df068277772 # pin@v1 diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index d1cb56e..b92d671 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -31,10 +31,10 @@ jobs: baseImage: - mcr.microsoft.com/devcontainers/base:ubuntu-24.04 steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # pin@v6 - name: "install latest devcontainer CLI" - run: npm install -g @devcontainers/cli@0.72.0 + run: npm install -g @devcontainers/cli@0.84.1 - name: "generating tests for '${{ matrix.features }}' against '${{ matrix.baseImage }}'" run: devcontainer features test --skip-duplicated -f ${{ matrix.features }} -i ${{ matrix.baseImage }} . diff --git a/.github/workflows/validate.yaml b/.github/workflows/validate.yaml index a50792e..afc4e29 100644 --- a/.github/workflows/validate.yaml +++ b/.github/workflows/validate.yaml @@ -8,7 +8,7 @@ jobs: validate: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # pin@v6 - name: "validate devcontainer-feature.json files" uses: devcontainers/action@1082abd5d2bf3a11abccba70eef98df068277772 # pin@v1 diff --git a/src/nerdctl/README.md b/src/nerdctl/README.md index 11574d3..ce12550 100644 --- a/src/nerdctl/README.md +++ b/src/nerdctl/README.md @@ -1,7 +1,7 @@ -# containerd control CLI (nerdctl) +# nerdctl containerd control CLI and CNI plugins (nerdctl) -Installs nerdctl from upstream. +Installs nerdctl and CNI plugins from upstream. ## Example Usage @@ -15,7 +15,9 @@ Installs nerdctl from upstream. | Options Id | Description | Type | Default Value | |-----|-----|-----|-----| -| version | version of cni-plugins to install | string | latest | +| version | version of nerdctl to install | string | latest | +| cni | additionally install CNI plugins from nerdctl-full | boolean | true | +| cni-path | path to install CNI plugin binaries into | string | /usr/libexec/cni | | containerd-api | path to containerd API endpoint | string | unix:///run/containerd/containerd.sock | ## Combining with `docker-in-docker` Feature diff --git a/src/nerdctl/devcontainer-feature.json b/src/nerdctl/devcontainer-feature.json index ecdaf8f..01dbdb3 100644 --- a/src/nerdctl/devcontainer-feature.json +++ b/src/nerdctl/devcontainer-feature.json @@ -1,13 +1,23 @@ { - "name": "containerd control CLI", + "name": "nerdctl containerd control CLI and CNI plugins", "id": "nerdctl", - "version": "0.0.1", - "description": "Installs nerdctl from upstream.", + "version": "0.1.0", + "description": "Installs nerdctl and CNI plugins from upstream.", "options": { "version": { "type": "string", "default": "latest", - "description": "version of cni-plugins to install" + "description": "version of nerdctl to install" + }, + "cni": { + "type": "boolean", + "default": true, + "description": "additionally install CNI plugins from nerdctl-full" + }, + "cni-path": { + "type": "string", + "default": "/usr/libexec/cni", + "description": "path to install CNI plugin binaries into" }, "containerd-api": { "type": "string", diff --git a/src/nerdctl/install.sh b/src/nerdctl/install.sh index fd04e17..fed5c3b 100755 --- a/src/nerdctl/install.sh +++ b/src/nerdctl/install.sh @@ -11,6 +11,8 @@ set -e NERDCTL_VERSION="${VERSION:-"latest"}" +INSTALL_CNI="${CNI:-true}" +CNI_PATH="${CNI_PATH:-/usr/libexec/cni}" CONTAINERD_API="${CONTAINERD_API:-"unix:///run/containerd/containerd.sock"}" REPOSLUG="containerd/nerdctl" @@ -142,20 +144,42 @@ fi if [ "$NERDCTL_VERSION" = "latest" ]; then # get latest release - NERDCTL_VERSION=$(curl -s ${QUERYLATEST_URL} | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/') + NERDCTL_VERSION=$(curl -s ${QUERYLATEST_URL} \ + | grep '"tag_name":' \ + | sed -E 's/.*"([^"]+)".*/\1/') fi -echo version: $NERDCTL_VERSION -echo for arch: $ARCH +echo "version: ${NERDCTL_VERSION}" +echo "for arch: ${ARCH}" +echo "install CNI plugins: ${INSTALL_CNI}" -URL="${RELEASE_URL}${NERDCTL_VERSION}/nerdctl-${NERDCTL_VERSION#v}-linux-${ARCH}.tar.gz" +VARIANT="" +if [ "${INSTALL_CNI}" = "true" ]; then + VARIANT="-full" +fi +URL="${RELEASE_URL}${NERDCTL_VERSION}/nerdctl${VARIANT}-${NERDCTL_VERSION#v}-linux-${ARCH}.tar.gz" echo "${URL}" -curl -sSL -o /tmp/nerdctl.tar.gz "${URL}" +trap 'rm -f /tmp/nerdctl.tar.gz' EXIT +curl -SL --progress-bar -o /tmp/nerdctl.tar.gz "${URL}" ls -lH /tmp/nerdctl.tar.gz -tar xzof /tmp/nerdctl.tar.gz -C /usr/local/bin/ nerdctl + +echo "installing nerdctl binary..." +mkdir -p /usr/local/bin +if [ "${INSTALL_CNI}" = "true" ]; then + tar -xzf /tmp/nerdctl.tar.gz --strip-components=1 -C /usr/local/bin bin/nerdctl +else + tar -xzf /tmp/nerdctl.tar.gz -C /usr/local/bin nerdctl +fi chmod 0755 /usr/local/bin/nerdctl -rm /tmp/nerdctl.tar.gz + + +if [ "${INSTALL_CNI}" = "true" ]; then + echo "installing CNI binaries..." + mkdir -p "${CNI_PATH}" + tar -xzf /tmp/nerdctl.tar.gz --strip-components=2 -C "${CNI_PATH}" --wildcards 'libexec/cni/*' + find "${CNI_PATH}" -maxdepth 1 -type f -exec chmod 0755 {} \; +fi mkdir -p /etc/nerdctl cat <"/etc/nerdctl/nerdctl.toml" diff --git a/test/docsify/almalinux.sh b/test/docsify/almalinux.sh new file mode 100644 index 0000000..d4e56d7 --- /dev/null +++ b/test/docsify/almalinux.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash +set -e + +. ./test.sh diff --git a/test/docsify/alpine.sh b/test/docsify/alpine.sh new file mode 100644 index 0000000..d4e56d7 --- /dev/null +++ b/test/docsify/alpine.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash +set -e + +. ./test.sh diff --git a/test/docsify/scenarios.json b/test/docsify/scenarios.json index 098e71d..fe87a34 100644 --- a/test/docsify/scenarios.json +++ b/test/docsify/scenarios.json @@ -15,5 +15,11 @@ "docs-path": "foobar" } } + }, + "almalinux": { + "image": "ghcr.io/almalinux/almalinux:9", + "features":{ + "docsify": {} + } } } \ No newline at end of file diff --git a/test/nerdctl/almalinux.sh b/test/nerdctl/almalinux.sh index fad0a2a..7740177 100644 --- a/test/nerdctl/almalinux.sh +++ b/test/nerdctl/almalinux.sh @@ -5,4 +5,6 @@ source dev-container-features-test-lib check "nerdctl" bash -c "nerdctl --version" +check "no CNI plugins" bash -c "[ ! -x /usr/libexec/cni/firewall ]" + reportResults diff --git a/test/nerdctl/debian.sh b/test/nerdctl/debian.sh index 8bdeed9..237e4bf 100644 --- a/test/nerdctl/debian.sh +++ b/test/nerdctl/debian.sh @@ -8,4 +8,6 @@ source dev-container-features-test-lib # (whalewatchers: hold my beer...) check "nerdctl" bash -c "sudo nerdctl ps" +check "CNI firewall plugin" bash -c "[ -x /usr/local/bin/cni/firewall ]" + reportResults diff --git a/test/nerdctl/fedora.sh b/test/nerdctl/fedora.sh index 1edda60..7740177 100644 --- a/test/nerdctl/fedora.sh +++ b/test/nerdctl/fedora.sh @@ -3,9 +3,8 @@ set -e source dev-container-features-test-lib -# as we're combining this test with docker-in-docker, containerd's socket isn't -# in its default location and we explicitly specify it in this feature's options -# (whalewatchers: hold my beer...) check "nerdctl" bash -c "nerdctl --version" +check "no CNI plugins" bash -c "[ ! -x /usr/libexec/cni/firewall ]" + reportResults diff --git a/test/nerdctl/scenarios.json b/test/nerdctl/scenarios.json index 9ef5cb8..70d9d6b 100644 --- a/test/nerdctl/scenarios.json +++ b/test/nerdctl/scenarios.json @@ -2,17 +2,21 @@ "almalinux": { "image": "ghcr.io/almalinux/almalinux:9", "features": { - "nerdctl": {} + "nerdctl": { + "cni": false + } } }, "debian": { - "image": "mcr.microsoft.com/devcontainers/base:debian-12", + "image": "mcr.microsoft.com/devcontainers/base:debian-13", "features": { "ghcr.io/devcontainers/features/docker-in-docker:2": { + "moby": false, "dockerDashComposeVersion": "none", "installDockerBuildx": false }, "nerdctl": { + "cni-path": "/usr/local/bin/cni", "containerd-api": "unix:///run/docker/containerd/containerd.sock" } } @@ -20,7 +24,9 @@ "fedora": { "image": "fedora", "features": { - "nerdctl": {} + "nerdctl": { + "cni": false + } } } } diff --git a/test/nerdctl/test.sh b/test/nerdctl/test.sh index fad0a2a..65f3da5 100755 --- a/test/nerdctl/test.sh +++ b/test/nerdctl/test.sh @@ -4,5 +4,6 @@ set -e source dev-container-features-test-lib check "nerdctl" bash -c "nerdctl --version" +check "CNI firewall plugin" bash -c "[ -x /usr/libexec/cni/firewall ]" reportResults