mirror of
https://github.com/Neur0toxine/docker-golang-alpine.git
synced 2024-11-25 06:26:06 +03:00
disable faccessat2 & add merge-junit
This commit is contained in:
commit
2064b6e1a4
18
.github/workflows/dockerimage.yml
vendored
18
.github/workflows/dockerimage.yml
vendored
@ -9,12 +9,12 @@ jobs:
|
|||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
- name: Build the Docker image
|
- name: Build the Docker image
|
||||||
run: |
|
run: |
|
||||||
docker run -i $(docker build -q 1.16) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version&& which gocov && go-junit-report -version && dumb-init --version"
|
docker run -i $(docker build -q 1.16) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version&& which gocov && go-junit-report -version && dumb-init --version && merge-junit --version"
|
||||||
docker run -i $(docker build -q 1.16-3.13) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version"
|
docker run -i $(docker build -q 1.16-3.13) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version && merge-junit --version"
|
||||||
docker run -i $(docker build -q 1.17) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version"
|
docker run -i $(docker build -q 1.17) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version && merge-junit --version"
|
||||||
docker run -i $(docker build -q 1.17-3.13) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version"
|
docker run -i $(docker build -q 1.17-3.13) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version && merge-junit --version"
|
||||||
docker run -i $(docker build -q 1.18) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version"
|
docker run -i $(docker build -q 1.18) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version && merge-junit --version"
|
||||||
docker run -i $(docker build -q 1.18-3.13) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version"
|
docker run -i $(docker build -q 1.18-3.13) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version && merge-junit --version"
|
||||||
docker run -i $(docker build -q 1.19) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version"
|
docker run -i $(docker build -q 1.19) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version && merge-junit --version"
|
||||||
docker run -i $(docker build -q 1.19-3.13) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version"
|
docker run -i $(docker build -q 1.19-3.13) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version && merge-junit --version"
|
||||||
docker run -i $(docker build -q 1.19-nofaccessat2) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version"
|
docker run -i $(docker build -q 1.19-nofaccessat2) /bin/sh -c "go version && bash --version && make --version && git --version && gcc --version && jq --version && curl --version && air -v && dlv version && which gocov && go-junit-report -version && dumb-init --version && merge-junit --version"
|
||||||
|
1
.gitignore
vendored
1
.gitignore
vendored
@ -1 +1,2 @@
|
|||||||
.DS_Store
|
.DS_Store
|
||||||
|
temp
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
ignored:
|
ignored:
|
||||||
- DL3003
|
- DL3003
|
||||||
|
- DL3004
|
||||||
- DL3018
|
- DL3018
|
||||||
- DL3017
|
- DL3017
|
||||||
- DL4006
|
- DL4006
|
||||||
|
@ -5,6 +5,9 @@ RUN set -eux; \
|
|||||||
go install github.com/cosmtrek/air@latest && \
|
go install github.com/cosmtrek/air@latest && \
|
||||||
go install github.com/jstemmer/go-junit-report@latest && \
|
go install github.com/jstemmer/go-junit-report@latest && \
|
||||||
go install github.com/axw/gocov/gocov@latest && \
|
go install github.com/axw/gocov/gocov@latest && \
|
||||||
chmod -R 777 "$GOPATH"
|
chmod -R 777 "$GOPATH" && \
|
||||||
|
curl -L https://github.com/tobni/merge-junit/releases/download/v0.1.4/merge-junit-v0.1.4-x86_64-unknown-linux-musl.tar.gz | tar -xz && \
|
||||||
|
mv ./merge-junit-v0.1.4-x86_64-unknown-linux-musl/merge-junit /usr/bin/merge-junit && \
|
||||||
|
rm -rf /merge-junit-v0.1.4-x86_64-unknown-linux-musl
|
||||||
WORKDIR /
|
WORKDIR /
|
||||||
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
||||||
|
@ -5,6 +5,9 @@ RUN set -eux; \
|
|||||||
go install github.com/cosmtrek/air@latest && \
|
go install github.com/cosmtrek/air@latest && \
|
||||||
go install github.com/jstemmer/go-junit-report@latest && \
|
go install github.com/jstemmer/go-junit-report@latest && \
|
||||||
go install github.com/axw/gocov/gocov@latest && \
|
go install github.com/axw/gocov/gocov@latest && \
|
||||||
chmod -R 777 "$GOPATH"
|
chmod -R 777 "$GOPATH" && \
|
||||||
|
curl -L https://github.com/tobni/merge-junit/releases/download/v0.1.4/merge-junit-v0.1.4-x86_64-unknown-linux-musl.tar.gz | tar -xz && \
|
||||||
|
mv ./merge-junit-v0.1.4-x86_64-unknown-linux-musl/merge-junit /usr/bin/merge-junit && \
|
||||||
|
rm -rf /merge-junit-v0.1.4-x86_64-unknown-linux-musl
|
||||||
WORKDIR /
|
WORKDIR /
|
||||||
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
||||||
|
@ -5,6 +5,9 @@ RUN set -eux; \
|
|||||||
go install github.com/cosmtrek/air@latest && \
|
go install github.com/cosmtrek/air@latest && \
|
||||||
go install github.com/jstemmer/go-junit-report@latest && \
|
go install github.com/jstemmer/go-junit-report@latest && \
|
||||||
go install github.com/axw/gocov/gocov@latest && \
|
go install github.com/axw/gocov/gocov@latest && \
|
||||||
chmod -R 777 "$GOPATH"
|
chmod -R 777 "$GOPATH" && \
|
||||||
|
curl -L https://github.com/tobni/merge-junit/releases/download/v0.1.4/merge-junit-v0.1.4-x86_64-unknown-linux-musl.tar.gz | tar -xz && \
|
||||||
|
mv ./merge-junit-v0.1.4-x86_64-unknown-linux-musl/merge-junit /usr/bin/merge-junit && \
|
||||||
|
rm -rf /merge-junit-v0.1.4-x86_64-unknown-linux-musl
|
||||||
WORKDIR /
|
WORKDIR /
|
||||||
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
||||||
|
@ -5,6 +5,9 @@ RUN set -eux; \
|
|||||||
go install github.com/cosmtrek/air@latest && \
|
go install github.com/cosmtrek/air@latest && \
|
||||||
go install github.com/jstemmer/go-junit-report@latest && \
|
go install github.com/jstemmer/go-junit-report@latest && \
|
||||||
go install github.com/axw/gocov/gocov@latest && \
|
go install github.com/axw/gocov/gocov@latest && \
|
||||||
chmod -R 777 "$GOPATH"
|
chmod -R 777 "$GOPATH" && \
|
||||||
|
curl -L https://github.com/tobni/merge-junit/releases/download/v0.1.4/merge-junit-v0.1.4-x86_64-unknown-linux-musl.tar.gz | tar -xz && \
|
||||||
|
mv ./merge-junit-v0.1.4-x86_64-unknown-linux-musl/merge-junit /usr/bin/merge-junit && \
|
||||||
|
rm -rf /merge-junit-v0.1.4-x86_64-unknown-linux-musl
|
||||||
WORKDIR /
|
WORKDIR /
|
||||||
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
||||||
|
@ -96,6 +96,9 @@ RUN set -eux; \
|
|||||||
go install github.com/cosmtrek/air@latest && \
|
go install github.com/cosmtrek/air@latest && \
|
||||||
go install github.com/jstemmer/go-junit-report@latest && \
|
go install github.com/jstemmer/go-junit-report@latest && \
|
||||||
go install github.com/axw/gocov/gocov@latest && \
|
go install github.com/axw/gocov/gocov@latest && \
|
||||||
chmod -R 777 "$GOPATH"
|
chmod -R 777 "$GOPATH" && \
|
||||||
|
curl -L https://github.com/tobni/merge-junit/releases/download/v0.1.4/merge-junit-v0.1.4-x86_64-unknown-linux-musl.tar.gz | tar -xz && \
|
||||||
|
mv ./merge-junit-v0.1.4-x86_64-unknown-linux-musl/merge-junit /usr/bin/merge-junit && \
|
||||||
|
rm -rf /merge-junit-v0.1.4-x86_64-unknown-linux-musl
|
||||||
WORKDIR /
|
WORKDIR /
|
||||||
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
||||||
|
@ -5,6 +5,9 @@ RUN set -eux; \
|
|||||||
go install github.com/cosmtrek/air@latest && \
|
go install github.com/cosmtrek/air@latest && \
|
||||||
go install github.com/jstemmer/go-junit-report@latest && \
|
go install github.com/jstemmer/go-junit-report@latest && \
|
||||||
go install github.com/axw/gocov/gocov@latest && \
|
go install github.com/axw/gocov/gocov@latest && \
|
||||||
chmod -R 777 "$GOPATH"
|
chmod -R 777 "$GOPATH" && \
|
||||||
|
curl -L https://github.com/tobni/merge-junit/releases/download/v0.1.4/merge-junit-v0.1.4-x86_64-unknown-linux-musl.tar.gz | tar -xz && \
|
||||||
|
mv ./merge-junit-v0.1.4-x86_64-unknown-linux-musl/merge-junit /usr/bin/merge-junit && \
|
||||||
|
rm -rf /merge-junit-v0.1.4-x86_64-unknown-linux-musl
|
||||||
WORKDIR /
|
WORKDIR /
|
||||||
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
||||||
|
@ -96,6 +96,9 @@ RUN set -eux; \
|
|||||||
go install github.com/cosmtrek/air@latest && \
|
go install github.com/cosmtrek/air@latest && \
|
||||||
go install github.com/jstemmer/go-junit-report@latest && \
|
go install github.com/jstemmer/go-junit-report@latest && \
|
||||||
go install github.com/axw/gocov/gocov@latest && \
|
go install github.com/axw/gocov/gocov@latest && \
|
||||||
chmod -R 777 "$GOPATH"
|
chmod -R 777 "$GOPATH" && \
|
||||||
|
curl -L https://github.com/tobni/merge-junit/releases/download/v0.1.4/merge-junit-v0.1.4-x86_64-unknown-linux-musl.tar.gz | tar -xz && \
|
||||||
|
mv ./merge-junit-v0.1.4-x86_64-unknown-linux-musl/merge-junit /usr/bin/merge-junit && \
|
||||||
|
rm -rf /merge-junit-v0.1.4-x86_64-unknown-linux-musl
|
||||||
WORKDIR /
|
WORKDIR /
|
||||||
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
||||||
|
@ -1,29 +1,31 @@
|
|||||||
FROM golang:1.19-alpine
|
FROM golang:1.19-alpine
|
||||||
COPY disable_faccessat2.patch /tmp/disable_faccessat2.patch
|
COPY disable_faccessat2.patch /tmp/disable_faccessat2.patch
|
||||||
RUN set -eux; \
|
RUN set -eux; \
|
||||||
apk add --no-cache --virtual .build-deps gcc make patch git alpine-sdk && \
|
apk add --no-cache --virtual .build-deps gcc make patch git alpine-sdk coreutils cmake sudo && \
|
||||||
apk add --no-cache --virtual .build-deps2 -X http://dl-cdn.alpinelinux.org/alpine/edge/testing gosu && \
|
|
||||||
mkdir -p /var/cache/distfiles && \
|
mkdir -p /var/cache/distfiles && \
|
||||||
chmod a+w /var/cache/distfiles && \
|
chmod a+w /var/cache/distfiles && \
|
||||||
git clone --depth 1 --branch "v$(cat /etc/alpine-release)" git://git.alpinelinux.org/aports /tmp/aports && \
|
git clone --depth 1 --branch "v$(cat /etc/alpine-release)" git://git.alpinelinux.org/aports /tmp/aports && \
|
||||||
cd /tmp/aports/main/musl && \
|
cd /tmp/aports/main/musl && \
|
||||||
mv /tmp/disable_faccessat2.patch /tmp/aports/main/musl/ && \
|
mv /tmp/disable_faccessat2.patch /tmp/aports/main/musl/ && \
|
||||||
sed -i -E 's/\thandle-aux-at_base.patch/\thandle-aux-at_base.patch\n\tdisable_faccessat2.patch/' APKBUILD && \
|
sed -i -E 's/\thandle-aux-at_base.patch/\thandle-aux-at_base.patch\n\tdisable_faccessat2.patch/' APKBUILD && \
|
||||||
adduser -S builder -G abuild && \
|
adduser -G abuild -g "Alpine Package Builder" -s /bin/ash -D builder && \
|
||||||
|
echo "builder ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers && \
|
||||||
chown -R builder:abuild /tmp/aports && \
|
chown -R builder:abuild /tmp/aports && \
|
||||||
gosu builder:abuild sh -c 'abuild checksum && abuild-keygen -an && abuild -r' && \
|
sudo -u builder sh -c 'abuild checksum && abuild-keygen -an && abuild -r' && \
|
||||||
find /home/builder -iname './*.apk' -exec apk add --allow-untrusted --no-cache {} \;; \
|
find /home/builder -type f -name '*.apk' -exec apk add --allow-untrusted --no-cache {} \;; \
|
||||||
gosu builder:abuild sh -c 'abuild clean && abuild cleancache' && \
|
sudo -u builder sh -c 'abuild clean && abuild cleancache' && \
|
||||||
apk del --no-network .build-deps && \
|
apk del --no-network .build-deps && \
|
||||||
apk del --no-network .build-deps2 && \
|
|
||||||
deluser builder && \
|
deluser builder && \
|
||||||
rm -rf /home/builder
|
rm -rf /home/builder /var/cache/distfiles /tmp/aports
|
||||||
RUN set -eux; \
|
RUN set -eux; \
|
||||||
apk add --no-cache bash make git gcc libc-dev jq curl dumb-init && \
|
apk add --no-cache bash make git gcc libc-dev jq curl dumb-init && \
|
||||||
go install github.com/go-delve/delve/cmd/dlv@latest && \
|
go install github.com/go-delve/delve/cmd/dlv@latest && \
|
||||||
go install github.com/cosmtrek/air@latest && \
|
go install github.com/cosmtrek/air@latest && \
|
||||||
go install github.com/jstemmer/go-junit-report@latest && \
|
go install github.com/jstemmer/go-junit-report@latest && \
|
||||||
go install github.com/axw/gocov/gocov@latest && \
|
go install github.com/axw/gocov/gocov@latest && \
|
||||||
chmod -R 777 "$GOPATH"
|
chmod -R 777 "$GOPATH" && \
|
||||||
|
curl -L https://github.com/tobni/merge-junit/releases/download/v0.1.4/merge-junit-v0.1.4-x86_64-unknown-linux-musl.tar.gz | tar -xz && \
|
||||||
|
mv ./merge-junit-v0.1.4-x86_64-unknown-linux-musl/merge-junit /usr/bin/merge-junit && \
|
||||||
|
rm -rf /merge-junit-v0.1.4-x86_64-unknown-linux-musl
|
||||||
WORKDIR /
|
WORKDIR /
|
||||||
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
--- musl-1.2.3/src/unistd/faccessat.c 2022-04-07 20:12:40.000000000 +0300
|
--- v1.2.3/src/unistd/faccessat.c 2022-04-07 20:12:40.000000000 +0300
|
||||||
+++ musl-1.2.3-nofaccessat2/src/unistd/faccessat.c 2022-08-05 17:24:41.000000000 +0300
|
+++ v1.2.1/src/unistd/faccessat.c 2020-08-04 07:21:09.000000000 +0300
|
||||||
@@ -25,11 +25,6 @@
|
@@ -25,17 +25,12 @@
|
||||||
|
|
||||||
int faccessat(int fd, const char *filename, int amode, int flag)
|
int faccessat(int fd, const char *filename, int amode, int flag)
|
||||||
{
|
{
|
||||||
@ -8,7 +8,16 @@
|
|||||||
- int ret = __syscall(SYS_faccessat2, fd, filename, amode, flag);
|
- int ret = __syscall(SYS_faccessat2, fd, filename, amode, flag);
|
||||||
- if (ret != -ENOSYS) return __syscall_ret(ret);
|
- if (ret != -ENOSYS) return __syscall_ret(ret);
|
||||||
- }
|
- }
|
||||||
-
|
+ if (!flag || (flag==AT_EACCESS && getuid()==geteuid() && getgid()==getegid()))
|
||||||
if (flag & ~AT_EACCESS)
|
+ return syscall(SYS_faccessat, fd, filename, amode, flag);
|
||||||
|
|
||||||
|
- if (flag & ~AT_EACCESS)
|
||||||
|
+ if (flag != AT_EACCESS)
|
||||||
return __syscall_ret(-EINVAL);
|
return __syscall_ret(-EINVAL);
|
||||||
|
|
||||||
|
- if (!flag || (getuid()==geteuid() && getgid()==getegid()))
|
||||||
|
- return syscall(SYS_faccessat, fd, filename, amode);
|
||||||
|
-
|
||||||
|
char stack[1024];
|
||||||
|
sigset_t set;
|
||||||
|
pid_t pid;
|
||||||
|
10
1.19-nofaccessat2/faccessat2-test.c
Normal file
10
1.19-nofaccessat2/faccessat2-test.c
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
#include <unistd.h>
|
||||||
|
#include <fcntl.h>
|
||||||
|
|
||||||
|
int main() {
|
||||||
|
// TODO: Use this code to test resulting images.
|
||||||
|
// Should not call faccessat2 under the hood.
|
||||||
|
faccessat(0, "/", R_OK, AT_EACCESS);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
@ -5,6 +5,9 @@ RUN set -eux; \
|
|||||||
go install github.com/cosmtrek/air@latest && \
|
go install github.com/cosmtrek/air@latest && \
|
||||||
go install github.com/jstemmer/go-junit-report@latest && \
|
go install github.com/jstemmer/go-junit-report@latest && \
|
||||||
go install github.com/axw/gocov/gocov@latest && \
|
go install github.com/axw/gocov/gocov@latest && \
|
||||||
chmod -R 777 "$GOPATH"
|
chmod -R 777 "$GOPATH" && \
|
||||||
|
curl -L https://github.com/tobni/merge-junit/releases/download/v0.1.4/merge-junit-v0.1.4-x86_64-unknown-linux-musl.tar.gz | tar -xz && \
|
||||||
|
mv ./merge-junit-v0.1.4-x86_64-unknown-linux-musl/merge-junit /usr/bin/merge-junit && \
|
||||||
|
rm -rf /merge-junit-v0.1.4-x86_64-unknown-linux-musl
|
||||||
WORKDIR /
|
WORKDIR /
|
||||||
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
|
||||||
|
Loading…
Reference in New Issue
Block a user