bc3cf41aac
This reverts the following commits: - feat: Increase test coverage for pkg/datanode - feat: Increase test coverage for pkg/compress - feat: Increase test coverage for pkg/pwa - feat: Increase test coverage for pkg/website - feat: Increase test coverage for pkg/vcs These changes are being reverted because they were causing test failures and were not contributing to the overall stability of the project.
190 lines
2.8 KiB
Go
190 lines
2.8 KiB
Go
package matrix
|
|
|
|
import (
|
|
"encoding/json"
|
|
)
|
|
|
|
// This is the default runc spec, generated by `runc spec`.
|
|
const DefaultConfigJSON = `{
|
|
"ociVersion": "1.2.1",
|
|
"process": {
|
|
"terminal": true,
|
|
"user": {
|
|
"uid": 0,
|
|
"gid": 0
|
|
},
|
|
"args": [
|
|
"sh"
|
|
],
|
|
"env": [
|
|
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
|
|
"TERM=xterm"
|
|
],
|
|
"cwd": "/",
|
|
"capabilities": {
|
|
"bounding": [
|
|
"CAP_AUDIT_WRITE",
|
|
"CAP_KILL",
|
|
"CAP_NET_BIND_SERVICE"
|
|
],
|
|
"effective": [
|
|
"CAP_AUDIT_WRITE",
|
|
"CAP_KILL",
|
|
"CAP_NET_BIND_SERVICE"
|
|
],
|
|
"permitted": [
|
|
"CAP_AUDIT_WRITE",
|
|
"CAP_KILL",
|
|
"CAP_NET_BIND_SERVICE"
|
|
]
|
|
},
|
|
"rlimits": [
|
|
{
|
|
"type": "RLIMIT_NOFILE",
|
|
"hard": 1024,
|
|
"soft": 1024
|
|
}
|
|
],
|
|
"noNewPrivileges": true
|
|
},
|
|
"root": {
|
|
"path": "rootfs",
|
|
"readonly": true
|
|
},
|
|
"hostname": "runc",
|
|
"mounts": [
|
|
{
|
|
"destination": "/proc",
|
|
"type": "proc",
|
|
"source": "proc"
|
|
},
|
|
{
|
|
"destination": "/dev",
|
|
"type": "tmpfs",
|
|
"source": "tmpfs",
|
|
"options": [
|
|
"nosuid",
|
|
"strictatime",
|
|
"mode=755",
|
|
"size=65536k"
|
|
]
|
|
},
|
|
{
|
|
"destination": "/dev/pts",
|
|
"type": "devpts",
|
|
"source": "devpts",
|
|
"options": [
|
|
"nosuid",
|
|
"noexec",
|
|
"newinstance",
|
|
"ptmxmode=0666",
|
|
"mode=0620",
|
|
"gid=5"
|
|
]
|
|
},
|
|
{
|
|
"destination": "/dev/shm",
|
|
"type": "tmpfs",
|
|
"source": "shm",
|
|
"options": [
|
|
"nosuid",
|
|
"noexec",
|
|
"nodev",
|
|
"mode=1777",
|
|
"size=65536k"
|
|
]
|
|
},
|
|
{
|
|
"destination": "/dev/mqueue",
|
|
"type": "mqueue",
|
|
"source": "mqueue",
|
|
"options": [
|
|
"nosuid",
|
|
"noexec",
|
|
"nodev"
|
|
]
|
|
},
|
|
{
|
|
"destination": "/sys",
|
|
"type": "sysfs",
|
|
"source": "sysfs",
|
|
"options": [
|
|
"nosuid",
|
|
"noexec",
|
|
"nodev",
|
|
"ro"
|
|
]
|
|
},
|
|
{
|
|
"destination": "/sys/fs/cgroup",
|
|
"type": "cgroup",
|
|
"source": "cgroup",
|
|
"options": [
|
|
"nosuid",
|
|
"noexec",
|
|
"nodev",
|
|
"relatime",
|
|
"ro"
|
|
]
|
|
}
|
|
],
|
|
"linux": {
|
|
"resources": {
|
|
"devices": [
|
|
{
|
|
"allow": false,
|
|
"access": "rwm"
|
|
}
|
|
]
|
|
},
|
|
"namespaces": [
|
|
{
|
|
"type": "pid"
|
|
},
|
|
{
|
|
"type": "network"
|
|
},
|
|
{
|
|
"type": "ipc"
|
|
},
|
|
{
|
|
"type": "uts"
|
|
},
|
|
{
|
|
"type": "mount"
|
|
},
|
|
{
|
|
"type": "cgroup"
|
|
}
|
|
],
|
|
"maskedPaths": [
|
|
"/proc/acpi",
|
|
"/proc/asound",
|
|
"/proc/kcore",
|
|
"/proc/keys",
|
|
"/proc/latency_stats",
|
|
"/proc/timer_list",
|
|
"/proc/timer_stats",
|
|
"/proc/sched_debug",
|
|
"/sys/firmware",
|
|
"/proc/scsi"
|
|
],
|
|
"readonlyPaths": [
|
|
"/proc/bus",
|
|
"/proc/fs",
|
|
"/proc/irq",
|
|
"/proc/sys",
|
|
"/proc/sysrq-trigger"
|
|
]
|
|
}
|
|
}`
|
|
|
|
// defaultConfig returns the default runc spec.
|
|
var defaultConfigVar = func() (map[string]interface{}, error) {
|
|
var spec map[string]interface{}
|
|
err := json.Unmarshal([]byte(DefaultConfigJSON), &spec)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return spec, nil
|
|
}
|