diff options
| author | Robert Scott <code@humanleg.org.uk> | 2023-11-26 00:43:40 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-11-26 00:43:40 +0000 |
| commit | b7a2c41788518c080ef3b51631f78985cfdd0228 (patch) | |
| tree | b076ec2095a5e58fd78b903cbc5dac75ce90a2e3 | |
| parent | f7aec1f5d509cc15ab73f47de64ce2b298f97f29 (diff) | |
| parent | ee59d35be8d16ae3f48d598639d9befabfc5ac74 (diff) | |
Merge pull request #268853 from nevivurn/feat/gvisor-unbreak
gvisor: 20221102.1 -> 20231113.0
| -rw-r--r-- | nixos/tests/gvisor.nix | 36 | ||||
| -rw-r--r-- | pkgs/applications/virtualization/gvisor/default.nix | 13 |
2 files changed, 23 insertions, 26 deletions
diff --git a/nixos/tests/gvisor.nix b/nixos/tests/gvisor.nix index 77ff29341bed2..7f130b709fc9d 100644 --- a/nixos/tests/gvisor.nix +++ b/nixos/tests/gvisor.nix @@ -1,6 +1,6 @@ # This test runs a container through gvisor and checks if simple container starts -import ./make-test-python.nix ({ pkgs, ...} : { +import ./make-test-python.nix ({ pkgs, ... }: { name = "gvisor"; meta = with pkgs.lib.maintainers; { maintainers = [ andrew-d ]; @@ -9,21 +9,21 @@ import ./make-test-python.nix ({ pkgs, ...} : { nodes = { gvisor = { pkgs, ... }: - { - virtualisation.docker = { - enable = true; - extraOptions = "--add-runtime runsc=${pkgs.gvisor}/bin/runsc"; - }; + { + virtualisation.docker = { + enable = true; + extraOptions = "--add-runtime runsc=${pkgs.gvisor}/bin/runsc"; + }; - networking = { - dhcpcd.enable = false; - defaultGateway = "192.168.1.1"; - interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [ - { address = "192.168.1.2"; prefixLength = 24; } - ]; - }; + networking = { + dhcpcd.enable = false; + defaultGateway = "192.168.1.1"; + interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [ + { address = "192.168.1.2"; prefixLength = 24; } + ]; }; - }; + }; + }; testScript = '' start_all() @@ -31,13 +31,7 @@ import ./make-test-python.nix ({ pkgs, ...} : { gvisor.wait_for_unit("network.target") gvisor.wait_for_unit("sockets.target") - # Start by verifying that gvisor itself works - output = gvisor.succeed( - "${pkgs.gvisor}/bin/runsc -alsologtostderr do ${pkgs.coreutils}/bin/echo hello world" - ) - assert output.strip() == "hello world" - - # Also test the Docker runtime + # Test the Docker runtime gvisor.succeed("tar cv --files-from /dev/null | docker import - scratchimg") gvisor.succeed( "docker run -d --name=sleeping --runtime=runsc -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10" diff --git a/pkgs/applications/virtualization/gvisor/default.nix b/pkgs/applications/virtualization/gvisor/default.nix index 3e0349b5109ed..67917b6b02fd2 100644 --- a/pkgs/applications/virtualization/gvisor/default.nix +++ b/pkgs/applications/virtualization/gvisor/default.nix @@ -1,4 +1,5 @@ { lib +, nixosTests , buildGoModule , fetchFromGitHub , iproute2 @@ -7,9 +8,9 @@ , procps }: -buildGoModule rec { +buildGoModule { pname = "gvisor"; - version = "20221102.1"; + version = "20231113.0"; # gvisor provides a synthetic go branch (https://github.com/google/gvisor/tree/go) # that can be used to build gvisor without bazel. @@ -18,11 +19,11 @@ buildGoModule rec { src = fetchFromGitHub { owner = "google"; repo = "gvisor"; - rev = "bf8eeee3a9eb966bc72c773da060a3c8bb73b8ff"; - sha256 = "sha256-rADQsJ+AnBVlfQURGJl1xR6Ad5NyRWSrBSpOFMRld+o="; + rev = "cdaf5c462c4040ed4cc88989e43f7d373acb9d24"; + hash = "sha256-9d2AJXoGFRCSM6900gOBxNBgL6nxXqz/pPan5EeEdsI="; }; - vendorHash = "sha256-iGLWxx/Kn1QaJTNOZcc+mwoF3ecEDOkaqmA0DH4pdgU="; + vendorHash = "sha256-QdsVELNcIVsZv2gA05YgQfMZ6hmnfN2GGqW6r+mHqbs="; nativeBuildInputs = [ makeWrapper ]; @@ -39,6 +40,8 @@ buildGoModule rec { mv $out/bin/shim $out/bin/containerd-shim-runsc-v1 ''; + passthru.tests = { inherit (nixosTests) gvisor; }; + meta = with lib; { description = "Application Kernel for Containers"; homepage = "https://github.com/google/gvisor"; |