| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
Working in a firewalled environment where Go proxy services are blocked.
To work around this, we need to set GORPOXY=direct in order to make go
builds download packages directly from source rather than using a proxy.
Support such setups by passing the user's GOPROXY setting into the
syz-env Docker container.
Signed-off-by: Bjoern Doebel <doebel@amazon.de>
|
| |
|
|
|
|
| |
In extension of commit 326f9c5a1cae ("tools/syz-env: export https_proxy
to docker in case behind proxy"), cover further HTTP proxy environment
variables and the Docker build process.
|
| |
|
|
| |
Useful for testing local Dockerfile changes that have not been pushed yet.
|
| | |
|
| |
|
|
| |
This reverts commit 0b280217382f718e910b700169a0b8d12b2d7026.
|
| | |
|
| | |
|
| |
|
|
| |
Use just env instead of that.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Docker now supports rootless mode, which allows you to run your dockerd as
a non-root user. This is helpful for security, as traditional rootful
Docker can trivially be used to obtain root privileges outside of a
container.
Rootless Docker is implemented using RootlessKit (a fancy version of
fakeroot that uses user namespaces) to create a new user namespace that
maps the uid of the user running dockerd to 0. Files in mounted volumes
that are owned by that user will appear in the container as belonging to
root.
Currently, syz-env invokes "docker run" with --user to set the uid inside
the container to match the user's uid outside the container, to ensure
that file ownership and permissions behave as expected. This breaks under
rootless mode, as the files will appear to be owned by root while the user
has a non-root uid.
Only add the --user flag if the Docker daemon is not running in rootless
mode. If running in rootless mode, run without --user so that the user
appears to be root inside the container.
Closes: #3765 ("syz-env: uid/permissions issues when running with rootless Docker")
Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com>
|
| |
|
| |
https://docs.docker.com/storage/bind-mounts/#configure-the-selinux-label
|
| |
|
| |
always pull latest syz-env version if available
|
| | |
|
| |
|
|
| |
To see you garbage containers, call "docker ps -a".
To clean your system, use "docker container prune". In my case ~9GB.
|
| |
|
|
|
|
|
| |
old-env is based on Ubuntu 16.04 and allows to test
executor build on older distributions.
Fixes #2055
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We currently check from github.event.pull_request.base.sha
to github.event.pull_request.head.sha, but they may be in
different branches if the PR commits are branched not from
the latest master HEAD (at the time of PR creation).
Then GH will create a merge commit, and the range we try
to check is not valid.
Check github.event.pull_request.commits commits backwards
from github.event.pull_request.head.sha commit.
|
| |
|
|
|
| |
Check PR commit subjects for the standard format we use "pkg/name: description of the change".
Check PR commit bodies for at most 120 characters.
|
| |
|
|
|
|
|
|
| |
On top of syz-env it provides akaros/fuchsia/netbsd toolchains and gcloud sdk.
With this it's possible to run dashboard/app tests on CI and locally
and test executor build and pkg/{csource,cover} for these OSes.
Update #1765
|
| |
|
|
|
|
|
|
|
|
|
| |
syz-env provides a canned dev environment with all tools necessary
(Go, gcc, clang-format, etc) for development/testing in a form
of a Docker image. Example use:
$ syz-env make presubmit
$ syz-env make extract SOURCEDIR=~/linux
Update #1699
|
| |
|
|
|
|
| |
syz-env will be a good, short name for the planned
docker-ized build environment. So rename syz-env to syz-make.
Maybe not the best name, but it's not visible basically anywhere.
|
| |
|
|
|
|
|
|
|
| |
Renamed Target.BrokenCrossCompiler to Target.BrokenCompiler and
Target.CrossCFlags to Target.CFlags
"Everything in Target is about Cross now."
Signed-off-by: Alexander Potapenko <glider@google.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Detect when compiler is present, but is not functioning
(can't build a simple program, common for Linux distros).
2. Be more strict with skipping tests due to missing/broken compilers on CI
(on CI they should work, so fail loudly if not).
3. Dedup this logic across syz-env and pkg/csource tests.
4. Add better error reporting for syz-env.
Fixes #1606
|
| |
|
|
|
|
|
| |
Ensure that we have at least 1GB per Makefile job.
Go compiler/linker can consume significant amount of memory
(observed to consume at least 600MB). See #1276 for context.
Update #1276
|
| |
|
|
|
|
|
|
| |
We started building netbsd executor on linux.
This fails on CI since cross-compiler is missing.
But we don't want to exclude netbsd from presubmit entirely.
So check if cross-compiler is missing and just produce a warning.
This should unbreak CI and humans will see the warning.
|
| |
|
|
|
|
|
|
| |
We can't cross-compile native binaries from just any OS to any other.
For most OSes we can do only native compilation.
Some can only be compiled from linux.
To date we avoided this problem completely (mostly assumed linux build OS).
Make this notion of what can build what explicit.
|
|
|
We currently have native cross-compilation logic duplicated
in Makefile and in sys/targets. Some pieces are missed in one
place, some are in another. Only pkg/csource knows how to check
for -static support.
Move all CC/CFLAGS logic to sys/targets and pull results in Makefile.
This should make Makefile work on distros that have broken x86_64-linux-gnu-gcc,
now we will use just gcc. And this removes the need to define NOSTATIC,
as it's always auto-detected.
This also paves the way for making pkg/csource work on OSes other than Linux.
|
