Commit Graph

724 Commits

Author SHA1 Message Date
Vincent Batts 0bb7b17b8c Merge pull request #566 from wking/mount-link-whitespace
config: Quote whitespace in mount(8) links
2016-09-15 11:23:39 -04:00
Vincent Batts a992b1b72a Merge pull request #565 from jhowardmsft/jjh/user
Windows: User struct changes
2016-09-15 11:21:57 -04:00
Tianon Gravi 66f4f354fd Merge pull request #568 from wking/drop-platform-dependent-comment
specs-go/config: Drop "this field is platform dependent"
2016-09-15 08:15:42 -07:00
Tianon Gravi 74ec713eaf Merge pull request #523 from wking/clarify-version
config: Clarify ociVersion covering the configuration <-> runtime API
2016-09-15 07:59:03 -07:00
W. Trevor King 47740802f8 specs-go/config: Drop "this field is platform dependent"
These comments first landed in 820131db (*: flatten platform dependent
source, 2016-03-08, #310).  But you can tell they're platform
dependent by the platform:"..." tags.  The Go comment doesn't add
any additional information.

Signed-off-by: W. Trevor King <wking@tremily.us>
2016-09-14 16:23:45 -07:00
John Howard f9e48e0024 Windows: User struct changes
Signed-off-by: John Howard <jhoward@microsoft.com>
2016-09-14 16:14:38 -07:00
W. Trevor King 5d7721d886 config: Quote whitespace in mount(8) links
Avoid confusing Markdown.

Signed-off-by: W. Trevor King <wking@tremily.us>
2016-09-14 14:04:03 -07:00
W. Trevor King c94e7c0ace config: Clarify ociVersion covering the configuration <-> runtime API
There are other APIs described in this specification (e.g. the state
JSON format, and the in-flight command-line API [1]), but this string
covers the configuration file and referenced objects (e.g. the
filesystem at root.path).  As additional, backwards compatible
features are added to the spec (leading to 1.1, 1.2, etc. releases)
and supported by runtimes, those runtimes will *still* stupport 1.0
configs.  Once a 2.0 spec is cut, runtimes that only support 2.0 (and
nothing in the 1.0 line) will no longer support the 1.0 config.

My preferred approach here would be to use JSON-LD [2,3,4] to
explicitly document the intended semantics for each field, which would
allow us to drop the config-wide version and version each field
independently.  That would mean a breaking change on a particular
field would only break compatibility for folks who were using that
field.  Unfortunately, I haven't had much luck pushing the consensus
in that direction.

This commit does not add wording about how the runtime and other
consumers should handle an incompatible version.  We can address that
once the command-line API lands.

[1]: https://github.com/opencontainers/runtime-spec/pull/513
[2]: https://github.com/opencontainers/runtime-spec/pull/371#issuecomment-209684002
[3]: https://github.com/opencontainers/image-spec/pull/111#discussion_r65619280
[4]: https://github.com/opencontainers/runtime-spec/pull/510#discussion_r68513241

Signed-off-by: W. Trevor King <wking@tremily.us>
2016-09-14 01:26:38 -07:00
Vincent Batts b3ce1951cf Merge pull request #558 from Mashimiao/config-clarify-root-filesystem-path
config.md: clarify the root filesystem path
2016-09-13 14:49:30 -04:00
Ma Shimiao 61e2a60ce0 config.md: clarify the root filesystem path
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
2016-09-09 14:01:37 +08:00
Tianon Gravi 7a36e7ed86 Merge pull request #547 from vbatts/go_vet
ci-tools: versions of golang
2016-09-08 13:44:13 -07:00
Vincent Batts d4ede0d364
ci-tools: versions of golang
Add and update golang versions. Also fix install.tools target for
installing govet

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
2016-09-08 09:52:46 -04:00
Vincent Batts 22c29c18ed Merge pull request #556 from wking/remove-space-before-colon
Replace " : " with ": "
2016-09-07 14:36:30 -04:00
W. Trevor King a2d07dcfda Replace " : " with ": "
There's an outside change that these are intentional, since I pointed
one of these out earlier [1] and it wasn't fixed.  But I haven't seen
" : " used intentionally outside of this project, and don't think we
want to break ground in that direction ;).

[1]: https://github.com/opencontainers/runtime-spec/pull/510#discussion_r77291554

Signed-off-by: W. Trevor King <wking@tremily.us>
2016-09-06 22:21:33 -07:00
Mrunal Patel b2f69c69e8 Merge pull request #510 from duglin/extension
Add text about extensions
2016-09-06 13:51:58 -07:00
Michael Crosby c678086a64 Merge pull request #553 from RobDolinMS/patch-11
[ReadMe] Just one level/tier of compliance (rebase)
2016-09-06 11:13:33 -07:00
Doug Davis 27a05de3f6 Add text about extensions
Mimic https://github.com/opencontainers/image-spec/pull/164
and they should be kept in-sync

Signed-off-by: Doug Davis <dug@us.ibm.com>
2016-09-01 19:18:07 -07:00
Rob Dolin (MSFT) 9da89675f5 [ReadMe] Just one level/tier of compliance (rebase)
Signed-off-by: Rob Dolin <robdolin@microsoft.com>
2016-09-01 10:55:01 -07:00
Michael Crosby d3c3763b9f Merge pull request #551 from wking/schema-format
schema: Run 'make fmt'
2016-08-31 09:41:00 -07:00
W. Trevor King 90be62f150 schema: Run 'make fmt'
This should probably be part of our CI testing.

Signed-off-by: W. Trevor King <wking@tremily.us>
2016-08-30 15:46:26 -07:00
Mrunal Patel b860409a5a Merge pull request #546 from Mashimiao/seccomp-remove-unneeded-item
remove unneeded item from seccomp
2016-08-30 15:43:59 -07:00
Michael Crosby 4a910f0711 Merge pull request #550 from Mashimiao/add-devicecgroup-and-devices
add devices for resources and DeviceCgroup
2016-08-30 13:42:07 -07:00
Vincent Batts 53917150da Merge pull request #544 from Mashimiao/add-timeout-for-hook
add timeout for Hook
2016-08-30 13:16:15 -04:00
Ma Shimiao 50f36a4148 add timeout for Hook
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
2016-08-30 13:41:37 +08:00
Ma Shimiao 60672c0b3c add devices for resources and DeviceCgroup
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
2016-08-30 13:31:01 +08:00
Vincent Batts 90451c4923 Merge pull request #541 from hqhq/remove_file_when_clean
Remove code-of-conduct.md and version.md when clean
2016-08-29 10:29:41 -04:00
Vincent Batts a3d7507732 Merge pull request #527 from mrunalp/plat_comp
Add language for compliance requirements around platforms
2016-08-29 10:29:10 -04:00
Ma Shimiao 7d22f1c244 remove unneeded item from seccomp
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
2016-08-29 15:33:23 +08:00
W. Trevor King ad9d643c3d Makefile: Use a POSIX-compatible test ('==' -> '=')
With dash 0.5.7:

  # make docs
  /bin/sh: 1: test: 1.3.3: unexpected operator
  /bin/sh: 1: test: 1.3.3: unexpected operator
  /bin/sh: 1: test: 1.3.3: unexpected operator
  Makefile:47: *** cannot build output//oci-runtime-spec.pdf without either pandoc or docker.  Stop.
  # command -V test
  test is a shell builtin

POSIX defines '=' for string comparison [1]; the '==' form is a
Bashism.

SHELL was added in f3fdf03 (Makefile: prefer bash, 2016-05-25, #455)
to avoid these "unexpected operator" errors, but there's no reason to
require Bash when we can make the comparison's POSIX compliant.

[1]: http://pubs.opengroup.org/onlinepubs/9699919799/utilities/test.html

Signed-off-by: W. Trevor King <wking@tremily.us>
2016-08-26 08:15:55 -07:00
Qiang Huang c57a0238b0 Remove code-of-conduct.md and version.md when clean
So we can use latest files after make clean.

Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
2016-08-26 15:37:04 +08:00
Qiang Huang 069e8e1c16 Merge pull request #531 from wking/pointer-omitempty
specs-go/config: Make KernelTCP and ClassID omitempty
2016-08-26 09:55:28 +08:00
Michael Crosby 9c0fcee0b8 Merge pull request #538 from wking/no-tweaking-host-namespaces
config-linux: Extend no-tweak requirement to runtime namespaces
2016-08-25 10:42:42 -07:00
Mrunal Patel ce64fbdda2 Merge pull request #539 from jodh-intel/add-cc-oci-runtime-to-implementations-list
Add "cc-oci-runtime" to implementations list.
2016-08-25 10:41:09 -07:00
James Hunt 30bc033168 Add "cc-oci-runtime" to implementations list.
Signed-off-by: James Hunt <james.o.hunt@intel.com>
2016-08-25 14:48:06 +01:00
W. Trevor King 01c2d55fac config-linux: Extend no-tweak requirement to runtime namespaces
Since [1] we've required runtimes to error out if a configuration
joins an existing namespace and adjusts it somehow (e.g. joining an
existing UTC namespace and setting 'hostname', [2]).  However, the
wording from [1] (which survives untouched in the current master) only
talked about "when a path is specified".  I see two possible
approaches for internal consistency:

a. Lift the OCI restriction and allow join-and-tweak [3] where the
   kernel supports it.  When we landed the current restriction, the
   main issues seemed to be "we don't have a clear use-case for join
   and tweak" [4] (although see [5]) and "this is a foot gun [6,7]"
   (I'd rather leave policy to higher-level config linters).

b. Extend the OCI restriction to all cases where the runtime does not
   create a new namespace.  Besides the already covered "namespace
   entry exists and includes 'path'", we'd also want to forbid configs
   that were missing the relevant namespace(s) entirely (in which case
   the container inherits the host namespace(s)).

I'm partial to (a) in the long run, but (b) is less of a shift from
the current spec and likely a better choice for a pending 1.0.

This commit implements (b).

It also makes it explicit that not listing a namespace type will cause
the container to inherit the runtime namespace of that type.

[1]: https://github.com/opencontainers/runtime-spec/pull/158
     Subject: Clarify behavior around namespaces paths
[2]: https://github.com/opencontainers/runtime-spec/pull/214
     Subject: config: Require a new UTS namespace for config.json's hostname
[3]: https://github.com/opencontainers/runtime-spec/pull/158#issuecomment-138687129
[4]: https://github.com/opencontainers/runtime-spec/pull/158#issuecomment-138997548
[5]: https://github.com/opencontainers/runtime-spec/pull/305
     Subject: [Tracker] Live Container Updates
[6]: https://github.com/opencontainers/runtime-spec/pull/158#issuecomment-139106987
[7]: https://github.com/opencontainers/runtime-spec/issues/537#issuecomment-242132288
     Subject: [linux] Tweaking host namespaces?

Signed-off-by: W. Trevor King <wking@tremily.us>
2016-08-24 10:41:50 -07:00
Mrunal Patel 8095e4eb4e Merge pull request #528 from hmeng-19/add_missing_type
Add missing `"type": "object"`
2016-08-17 15:54:40 -07:00
Mrunal Patel 90027b005b Merge pull request #525 from wking/go-comment-sync
config: Synchronize comments between Markdown and Go
2016-08-17 11:03:15 -07:00
Mrunal Patel de3f1af680 Remove language around Solaris being optional as it is covered in compliance language
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-08-17 10:58:21 -07:00
Mrunal Patel 6a5b1449ae Add language for compliance requirements around platforms and architectures
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2016-08-17 10:44:55 -07:00
W. Trevor King 980ed05aa5 specs-go/config: Make KernelTCP and ClassID omitempty
Found with:

  $ git grep ' \*' origin/master -- specs-go/*.go | grep -v omitempty
  origin/master:specs-go/config.go:       KernelTCP *uint64 `json:"kernelTCP"`
  origin/master:specs-go/config.go:       ClassID *uint32 `json:"classID"`

Both settings are optional:

  $ git grep '`kernelTCP`\|`classID`' origin/master
  origin/master:config-linux.md:* **`kernelTCP`** *(uint64, optional)* - ...
  origin/master:config-linux.md:* **`classID`** *(uint32, optional)* - ...

Signed-off-by: W. Trevor King <wking@tremily.us>
2016-08-13 09:40:47 -07:00
Vincent Batts c66adccf2f Merge pull request #529 from coolljt0725/fix_typo
Use filesystem instead of file system
2016-08-12 08:46:32 -04:00
Lei Jitang d0b0ac224f Use filesystem instead of file system
Signed-off-by: Lei Jitang <leijitang@huawei.com>
2016-08-12 00:00:00 -04:00
Haiyan Meng da3b96e996 Add missing `"type": "object"`
Signed-off-by: Haiyan Meng <haiyanalady@gmail.com>
2016-08-10 17:14:25 -04:00
Qiang Huang c9c25740df Merge pull request #526 from wking/optional-devices
config-linux: Make Linux 'devices' explicitly optional
2016-08-07 13:08:42 +08:00
W. Trevor King 054d2df15a config-linux: Make linux.resources.devices explicitly optional
And mark it omitempty to avoid:

  $ ocitools generate --template <(echo '{"linux": {"resources": {}}}') | jq .linux
  {
    "resources": {
      "devices": null
    }
  }

Signed-off-by: W. Trevor King <wking@tremily.us>
2016-08-03 09:13:53 -07:00
W. Trevor King 60fff3f51c config-linux: Add (array, optional) for linux.devices
To match the omitempty which the Go property has had since 28cc4239
(add omitempty to 'Device' and 'Namespace', 2016-03-10, #340).

Signed-off-by: W. Trevor King <wking@tremily.us>
2016-08-03 09:13:53 -07:00
W. Trevor King 7477fa519f config: config: Consistent Markdown/Go wording for 'annotations'
I've replaced the old OPTIONAL with our usual:

  (<type>, <optional|required>)

to get the property name first, since that translates more directly
into a Go comment that godoc will like.

The new Go comment is much shorter, dropping "unstructured" (because
the Markdown says "structured or unstructured") and "set by external
tools..." (because *everything* in the configuration JSON is set by
external-to-the-runtime tools).

Signed-off-by: W. Trevor King <wking@tremily.us>
2016-08-03 00:18:07 -07:00
W. Trevor King 9837b6b725 config: Consistent Markdown/Go wording for 'hooks'
The new wording isn't particularly close to either of the old
wordings, but it reads more clearly to me.  I've also added our usual:

  (<type>, <required|optional>)

to the Markdown so folks can see that this is an optional object
(although see [1] for a more complete version).

[1]: https://github.com/opencontainers/runtime-spec/pull/427
     Subject: config: Explicitly list 'hooks' as optional

Signed-off-by: W. Trevor King <wking@tremily.us>
2016-08-03 00:16:35 -07:00
W. Trevor King ad81edca26 config: Consistent Markdown/Go wording for 'mounts'
I've replaced the old MAY with our usual

  (<type>, <optional|required>)

to get the property name first, since that translates more directly
into a Go comment that godoc will like.

Signed-off-by: W. Trevor King <wking@tremily.us>
2016-08-03 00:16:35 -07:00
W. Trevor King 1a8611644f config: Consistent Markdown/Go wording for 'hostname'
I've changed the old "as it is accessible to ..." to the more compact
"as seen by ..." language from the old Markdown version, although I
don't think it's strictly necessary.  The original "accessbile to"
language is from 77d44b10 (Update runtime.md, 2015-06-16), which
actually looked fairly similar to the language I'm using here.  That
commit's "hostname for the container" lanuage went away in 7ac41c69
(config.md: reformat into a standard style, 2015-06-30), although that
commit made too many changes to motivate them all at that level.

I've left that language out of the Go comment, because truncating for
compact Go comments is fine (the Markdown entry is canonical, and the
Go comment is just to provide some minimal context).

Signed-off-by: W. Trevor King <wking@tremily.us>
2016-08-03 00:16:35 -07:00