diff options
author | Andrew Hsu <andrewhsu@docker.com> | 2019-02-19 13:45:28 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-02-19 13:45:28 -0800 |
commit | cbe11bdc6da871bdce0993fddb4ff8a29c476a63 (patch) | |
tree | 8feeb52c2f50cf5076081c6c6ab676f775402be9 | |
parent | cdb0218236f1625134bf8ff5ecef2035eaa70e51 (diff) | |
parent | e8ab845eb19ced9bfb2e6afdc33121412e7af4a3 (diff) | |
download | docker-cbe11bdc6da871bdce0993fddb4ff8a29c476a63.tar.gz |
Merge pull request #156 from dave-tucker/18.06.3v18.06.3-ce
[18.06] Revert git-bundles and update runc commit
-rw-r--r-- | Dockerfile | 1 | ||||
-rw-r--r-- | git-bundles/CVE-2019-5736.bundle | bin | 4763 -> 0 bytes | |||
-rwxr-xr-x | hack/dockerfile/install/runc.installer | 23 |
3 files changed, 4 insertions, 20 deletions
diff --git a/Dockerfile b/Dockerfile index a4af1f6dce..38ca482a5a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -155,7 +155,6 @@ FROM runtime-dev AS runc ENV INSTALL_BINARY_NAME=runc COPY hack/dockerfile/install/install.sh ./install.sh COPY hack/dockerfile/install/$INSTALL_BINARY_NAME.installer ./ -COPY git-bundles git-bundles RUN PREFIX=/build/ ./install.sh $INSTALL_BINARY_NAME FROM base AS tini diff --git a/git-bundles/CVE-2019-5736.bundle b/git-bundles/CVE-2019-5736.bundle Binary files differdeleted file mode 100644 index dcd170a071..0000000000 --- a/git-bundles/CVE-2019-5736.bundle +++ /dev/null diff --git a/hack/dockerfile/install/runc.installer b/hack/dockerfile/install/runc.installer index 3508ed9c85..43b5504357 100755 --- a/hack/dockerfile/install/runc.installer +++ b/hack/dockerfile/install/runc.installer @@ -1,38 +1,23 @@ #!/bin/sh # When updating RUNC_COMMIT, also update runc in vendor.conf accordingly -RUNC_COMMIT=69663f0bd4b60df09991c08812a60108003fa340 -RUNC_OVERRIDE_COMMIT=a592beb5bc4c4092b1b1bac971afed27687340c5 -RUNC_BUNDLE=/go/src/github.com/docker/docker/git-bundles/CVE-2019-5736.bundle +RUNC_COMMIT=a592beb5bc4c4092b1b1bac971afed27687340c5 install_runc() { # Do not build with ambient capabilities support RUNC_BUILDTAGS="${RUNC_BUILDTAGS:-"seccomp apparmor selinux"}" echo "Install runc version $RUNC_COMMIT" - git clone https://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc" + git clone https://github.com/docker/runc.git "$GOPATH/src/github.com/opencontainers/runc" cd "$GOPATH/src/github.com/opencontainers/runc" git checkout -q "$RUNC_COMMIT" - - if [ -f "$RUNC_BUNDLE" ];then - git bundle unbundle "$RUNC_BUNDLE" - git checkout -q "$RUNC_OVERRIDE_COMMIT" - if [ "$(git rev-parse HEAD)" != "$RUNC_OVERRIDE_COMMIT" ]; then - echo "ERROR: Commit with bundle does not match override commit" - echo " $(git rev-parse HEAD) != '$RUNC_OVERRIDE_COMMIT'" - exit 1 - fi - RUNC_COMMIT=$RUNC_OVERRIDE_COMMIT - fi - if [ -z "$1" ]; then target=static else target="$1" fi - - OVERRIDE_VERSION="1.0.0-rc5+dev.docker-18.06" - make BUILDTAGS="$RUNC_BUILDTAGS" COMMIT="$RUNC_COMMIT" VERSION="$OVERRIDE_VERSION" "$target" + # TODO: Remove me before 18.06.4 + make BUILDTAGS="$RUNC_BUILDTAGS" VERSION="1.0.0-rc5+dev.docker-18.06" "$target" mkdir -p ${PREFIX} cp runc ${PREFIX}/docker-runc } |