runc: init at 1.3.0

Signed-off-by: Christoph Heiss <christoph.heiss@robo4you.at>
2025-05-31 01:15:24 +02:00 · 2025-05-31 01:15:24 +02:00 · 82469b7165
commit 82469b7165
1 changed files with 141 additions and 0 deletions
--- a/.forgejo/workflows/runc.yaml
+++ b/.forgejo/workflows/runc.yaml
@ -0,0 +1,141 @@
+---
+name: runc
+
+on:
+  push:
+    branches:
+      - master
+
+env:
+  UPSTREAM_REPO: https://github.com/opencontainers/runc
+  UPSTREAM_VER: '1.3.0'
+  EXTRA_VER: r4u1
+
+jobs:
+  build:
+    strategy:
+      matrix:
+        platform:
+          - arch: amd64
+            image: node-24
+          # - arch: arm64
+          #   image: node-24-arm64
+
+    runs-on: ${{ matrix.platform.image }}
+    timeout-minutes: 20
+
+    steps:
+      - name: checkout runc
+        env:
+          TAG: 'v${{ env.UPSTREAM_VER }}'
+        run: |
+          git config --global --add safe.directory $PWD
+          git init
+          git remote add origin "$UPSTREAM_REPO"
+          git config --local gc.auto 0
+          git fetch --depth=1 --no-tags --prune origin refs/tags/$TAG
+          git checkout FETCH_HEAD
+
+      - name: install build requirements
+        run: |
+          # needed for golang-1.23-go
+          echo 'deb http://deb.debian.org/debian bookworm-backports main' \
+            >>/etc/apt/sources.list
+          apt update
+          apt install --assume-yes \
+            build-essential libseccomp-dev git ruby golang-1.23-go go-md2man
+          gem install fpm
+          echo "PATH=/usr/lib/go-1.23/bin:$PATH" >>$GITHUB_ENV
+
+      - run: make static
+      - run: make man
+
+      - name: gzip text assets
+        run: |
+          for f in README.md CHANGELOG.md docs/*.md man/man8/*; do
+            gzip -kv "$f"
+          done
+
+      - name: build deb
+        run: |
+          fpm \
+            --input-type dir \
+            --output-type deb \
+            --name runc \
+            --vendor robo4you \
+            --maintainer 'Christoph Heiss <christoph.heiss@robo4you.at>' \
+            --description 'CLI tool for spawning and running containers according to the OCI specification' \
+            --url "$UPSTREAM_REPO" \
+            --version "$UPSTREAM_VER" \
+            --iteration "$EXTRA_VER" \
+            --deb-priority medium \
+            --deb-dist bookworm \
+            --deb-upstream-changelog CHANGELOG.md \
+            --depends 'libc >= 2.34' \
+            --depends 'libseccomp2 >= 2.5.0' \
+            --deb-recommends criu \
+            runc=usr/bin/runc \
+            runc=usr/sbin/runc \
+            contrib/completions/bash/runc=usr/share/bash-completion/completions/runc \
+            NOTICE=usr/share/doc/runc/NOTICE \
+            README.md.gz=usr/share/doc/runc/README.md.gz \
+            CHANGELOG.md.gz=usr/share/doc/runc/CHANGELOG.md.gz \
+            docs/cgroup-v2.md.gz=usr/share/doc/runc/cgroup-v2.md.gz \
+            docs/experimental.md.gz=usr/share/doc/runc/experimental.md.gz \
+            docs/spec-conformance.md.gz=usr/share/doc/runc/spec-conformance.md.gz \
+            docs/terminals.md.gz=usr/share/doc/runc/terminals.md.gz \
+            docs/checkpoint-restore.md.gz=usr/share/doc/runc/checkpoint-restore.md.gz \
+            docs/Security-Audit.pdf=usr/share/doc/runc/Security-Audit.pdf \
+            docs/systemd.md.gz=usr/share/doc/runc/systemd.md.gz \
+            man/man8/runc.8.gz=usr/share/man/man8/runc.8.gz \
+            man/man8/runc-checkpoint.8.gz=usr/share/man/man8/runc-checkpoint.8.gz \
+            man/man8/runc-create.8.gz=usr/share/man/man8/runc-create.8.gz \
+            man/man8/runc-delete.8.gz=usr/share/man/man8/runc-delete.8.gz \
+            man/man8/runc-events.8.gz=usr/share/man/man8/runc-events.8.gz \
+            man/man8/runc-exec.8.gz=usr/share/man/man8/runc-exec.8.gz \
+            man/man8/runc-kill.8.gz=usr/share/man/man8/runc-kill.8.gz \
+            man/man8/runc-list.8.gz=usr/share/man/man8/runc-list.8.gz \
+            man/man8/runc-pause.8.gz=usr/share/man/man8/runc-pause.8.gz \
+            man/man8/runc-ps.8.gz=usr/share/man/man8/runc-ps.8.gz \
+            man/man8/runc-restore.8.gz=usr/share/man/man8/runc-restore.8.gz \
+            man/man8/runc-resume.8.gz=usr/share/man/man8/runc-resume.8.gz \
+            man/man8/runc-run.8.gz=usr/share/man/man8/runc-run.8.gz \
+            man/man8/runc-spec.8.gz=usr/share/man/man8/runc-spec.8.gz \
+            man/man8/runc-start.8.gz=usr/share/man/man8/runc-start.8.gz \
+            man/man8/runc-state.8.gz=usr/share/man/man8/runc-state.8.gz \
+            man/man8/runc-update.8.gz=usr/share/man/man8/runc-update.8.gz \
+
+          echo "DEBFILE=runc_${UPSTREAM_VER}-${EXTRA_VER}_${{ matrix.platform.arch }}.deb" \
+            >>$GITHUB_ENV
+
+      - name: print packages contents
+        run: |
+          echo "$DEBFILE:"
+          dpkg-deb -c "$DEBFILE"
+          echo
+
+      - name: print packages control info
+        run: |
+          echo "$DEBFILE:"
+          dpkg-deb -e "$DEBFILE"
+          cat DEBIAN/control
+
+      # https://forgejo.org/docs/latest/user/packages/debian/#publish-a-package
+      - name: push deb to apt repository
+        if: github.ref == 'refs/heads/master'
+        env:
+          REPO: ${{ github.repository }}
+          TAG: ${{ steps.tag.outputs.tag }}
+        run: |
+          url="$GITHUB_SERVER_URL/api/packages/${{ github.repository_owner }}/debian/pool/bookworm/robo4you/upload"
+          echo "api url: $url"
+
+          echo "uploading file: $DEBFILE"
+
+          curl --fail-with-body \
+            -X PUT \
+            --user "oauth2:${{ secrets.PACKAGE_REGISTRY_TOKEN }}" \
+            --upload-file "$DEBFILE" \
+            "$url"
+
+          echo "final url: $GITHUB_SERVER_URL/${{ github.repository_owner }}/-/packages/debian/runc/${debver}"