academy/mq-container
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Freshgomod (#106)

Browse Source 
* initial go modules, fresh start to find breaking change

* change dep to go mod vendor

* main go modules done, tests passed locally

* upgrade go in dockerfileserver
This commit is contained in:
Amrit K Kandola
2020-10-06 19:28:48 +01:00
committed by GitHub Enterprise
parent a2940a4ba8
commit 678a62f152
1346 changed files with 125903 additions and 266970 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
vendor/github.com/genuinetools/amicontained/.gitignore generated vendored
View File

@@ -1,50 +0,0 @@
###Go###
# Compiled Object files, Static and Dynamic libs (Shared Objects)
*.o
*.a
*.so
# Folders
_obj
_test
# Architecture specific extensions/prefixes
*.[568vq]
[568vq].out
*.cgo1.go
*.cgo2.c
_cgo_defun.c
_cgo_gotypes.go
_cgo_export.*
_testmain.go
*.exe
*.test
###OSX###
.DS_Store
.AppleDouble
.LSOverride
# Icon must ends with two \r.
Icon
# Thumbnails
._*
# Files that might appear on external disk
.Spotlight-V100
.Trashes
amicontained
cross/
# Go coverage results
coverage.txt
profile.out

49
vendor/github.com/genuinetools/amicontained/.travis.yml generated vendored
View File

@@ -1,49 +0,0 @@
---
language: go
sudo: false
notifications:
email: true
go:
- 1.x
- tip
env:
global:
- GO15VENDOREXPERIMENT=1
matrix:
allow_failures:
- go: tip
fast_finish: true
install:
- go get github.com/golang/lint/golint
- go get honnef.co/go/tools/cmd/staticcheck
script:
- go build -v
- go vet $(go list ./... | grep -v vendor)
- staticcheck $(go list ./... | grep -v vendor)
- test -z "$(golint ./... | grep -v vendor | tee /dev/stderr)"
- test -z "$(gofmt -s -l . | grep -v vendor | tee /dev/stderr)"
- go test $(go list ./... | grep -v vendor)
- make cover
- make release
after_success:
- bash <(curl -s https://codecov.io/bash)
deploy:
provider: releases
api_key:
secure: "PMnPJQ00zNL2MeTosnC2uL47srkL38PDgHllf7VlEQCjTtAd0LiPuYWXIhRncEXyXQX66uAmz2nDSuR0H+2mB1tIt9gpTMe0bItUHIQhcgJllJWtcMIwE7decMwDRaXVhh/vlzGYTLnT2wZEGFQS57nHZdZd9kXD9w2sepQvgaLmELnAlwXP+TXf7U8WWZ1fw3a4LdotnZRRcy4NkzpsaRep2tTRJTPu01YPMALusucaPGAmlw/pCKvflNR7fqEMKR/dP+hmtk0DFhCNaSSIWHplwFMc4PGOTRjWIdGEvIivqx7HVfF/jFqAZDGr38qcErpW4jUVNBTTrBW22RKLt1vZ/BgdcBYn5siWeytu4YWnZpsxh2u9bcoHhO323SHRdQtDU5N96UV5NqFymYKCl941xRS8mZ1Wu5vetswYYtRG45OEDq3KZFw88QDBjGeNDkXk6hQdu3hQt3CNDNCI/2vzh20/rWErc7jiDy9uNsJdIiruO+3AWt20aZgzw+X7GfbNYGa42RcW6a//4RoN9S7iEaw/xbfHuh08gNCT4Zfg6EY98XU3yX+IJupoqST68kMWIupr0cA9WKwtUHcHquZP1VbkPXkg7xeb6zLCPNDyJ3ly1UFeZ7L+TGUdyNP2NWNAcbgkMgN+TkdbidywSn0GoK1D4rw9vXuqzgRQGK8="
file:
- cross/amicontained-linux-amd64.md5
- cross/amicontained-linux-arm
- cross/amicontained-linux-arm64.sha256
- cross/amicontained-linux-arm.sha256
- cross/amicontained-linux-386.sha256
- cross/amicontained-linux-arm64.md5
- cross/amicontained-linux-arm64
- cross/amicontained-linux-amd64.sha256
- cross/amicontained-linux-386.md5
- cross/amicontained-linux-arm.md5
- cross/amicontained-linux-386
- cross/amicontained-linux-amd64
skip_cleanup: true
on:
tags: true

32
vendor/github.com/genuinetools/amicontained/Dockerfile generated vendored
View File

@@ -1,32 +0,0 @@
FROM golang:alpine as builder
MAINTAINER Jessica Frazelle <jess@linux.com>
ENV PATH /go/bin:/usr/local/go/bin:$PATH
ENV GOPATH /go
RUN apk add --no-cache \
ca-certificates
COPY . /go/src/github.com/genuinetools/amicontained
RUN set -x \
&& apk add --no-cache --virtual .build-deps \
git \
gcc \
libc-dev \
libgcc \
make \
&& cd /go/src/github.com/genuinetools/amicontained \
&& make static \
&& mv amicontained /usr/bin/amicontained \
&& apk del .build-deps \
&& rm -rf /go \
&& echo "Build complete."
FROM scratch
COPY --from=builder /usr/bin/amicontained /usr/bin/amicontained
COPY --from=builder /etc/ssl/certs/ /etc/ssl/certs
ENTRYPOINT [ "amicontained" ]
CMD [ "--help" ]

36
vendor/github.com/genuinetools/amicontained/Gopkg.lock generated vendored
View File

@@ -1,36 +0,0 @@
# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
[[projects]]
name = "github.com/sirupsen/logrus"
packages = ["."]
revision = "d682213848ed68c0a260ca37d6dd5ace8423f5ba"
version = "v1.0.4"
[[projects]]
branch = "master"
name = "github.com/syndtr/gocapability"
packages = ["capability"]
revision = "33e07d32887e1e06b7c025f27ce52f62c7990bc0"
[[projects]]
branch = "master"
name = "golang.org/x/crypto"
packages = ["ssh/terminal"]
revision = "c7dcf104e3a7a1417abc0230cb0d5240d764159d"
[[projects]]
branch = "master"
name = "golang.org/x/sys"
packages = [
"unix",
"windows"
]
revision = "7dca6fe1f43775aa6d1334576870ff63f978f539"
[solve-meta]
analyzer-name = "dep"
analyzer-version = 1
inputs-digest = "5953687325d75acd19cee162d99f0d313ea8e61aa4336cfff6b0be32fa814d9e"
solver-name = "gps-cdcl"
solver-version = 1

25
vendor/github.com/genuinetools/amicontained/Gopkg.toml generated vendored
View File

@@ -1,25 +0,0 @@
# Gopkg.toml example
#
# Refer to https://github.com/golang/dep/blob/master/docs/Gopkg.toml.md
# for detailed Gopkg.toml documentation.
#
# required = ["github.com/user/thing/cmd/thing"]
# ignored = ["github.com/user/project/pkgX", "bitbucket.org/user/project/pkgA/pkgY"]
#
# [[constraint]]
# name = "github.com/user/project"
# version = "1.0.0"
#
# [[constraint]]
# name = "github.com/user/project2"
# branch = "dev"
# source = "github.com/myfork/project2"
#
# [[override]]
# name = "github.com/x/y"
# version = "2.4.0"
[[override]]
name = "github.com/Sirupsen/logrus"
source = "github.com/sirupsen/logrus"

141
vendor/github.com/genuinetools/amicontained/Makefile generated vendored
View File

@@ -1,141 +0,0 @@
# Set an output prefix, which is the local directory if not specified
PREFIX?=$(shell pwd)
# Setup name variables for the package/tool
NAME := amicontained
PKG := github.com/genuinetools/$(NAME)
# Set any default go build tags
BUILDTAGS :=
# Set the build dir, where built cross-compiled binaries will be output
BUILDDIR := ${PREFIX}/cross
# Populate version variables
# Add to compile time flags
VERSION := $(shell cat VERSION.txt)
GITCOMMIT := $(shell git rev-parse --short HEAD)
GITUNTRACKEDCHANGES := $(shell git status --porcelain --untracked-files=no)
ifneq ($(GITUNTRACKEDCHANGES),)
GITCOMMIT := $(GITCOMMIT)-dirty
endif
CTIMEVAR=-X $(PKG)/version.GITCOMMIT=$(GITCOMMIT) -X $(PKG)/version.VERSION=$(VERSION)
GO_LDFLAGS=-ldflags "-w $(CTIMEVAR)"
GO_LDFLAGS_STATIC=-ldflags "-w $(CTIMEVAR) -extldflags -static"
# List the GOOS and GOARCH to build
GOOSARCHES = linux/arm linux/arm64 linux/amd64 linux/386
all: clean build fmt lint test staticcheck vet install ## Runs a clean, build, fmt, lint, test, staticcheck, vet and install
.PHONY: build
build: $(NAME) ## Builds a dynamic executable or package
$(NAME): *.go VERSION.txt
@echo "+ $@"
go build -tags "$(BUILDTAGS)" ${GO_LDFLAGS} -o $(NAME) .
.PHONY: static
static: ## Builds a static executable
@echo "+ $@"
CGO_ENABLED=0 go build \
-tags "$(BUILDTAGS) static_build" \
${GO_LDFLAGS_STATIC} -o $(NAME) .
.PHONY: fmt
fmt: ## Verifies all files have men `gofmt`ed
@echo "+ $@"
@gofmt -s -l . | grep -v '.pb.go:' | grep -v vendor | tee /dev/stderr
.PHONY: lint
lint: ## Verifies `golint` passes
@echo "+ $@"
@golint ./... | grep -v '.pb.go:' | grep -v vendor | tee /dev/stderr
.PHONY: test
test: ## Runs the go tests
@echo "+ $@"
@go test -v -tags "$(BUILDTAGS) cgo" $(shell go list ./... | grep -v vendor)
.PHONY: vet
vet: ## Verifies `go vet` passes
@echo "+ $@"
@go vet $(shell go list ./... | grep -v vendor) | grep -v '.pb.go:' | tee /dev/stderr
.PHONY: staticcheck
staticcheck: ## Verifies `staticcheck` passes
@echo "+ $@"
@staticcheck $(shell go list ./... | grep -v vendor) | grep -v '.pb.go:' | tee /dev/stderr
.PHONY: cover
cover: ## Runs go test with coverage
@echo "" > coverage.txt
@for d in $(shell go list ./... | grep -v vendor); do \
go test -race -coverprofile=profile.out -covermode=atomic "$$d"; \
if [ -f profile.out ]; then \
cat profile.out >> coverage.txt; \
rm profile.out; \
fi; \
done;
.PHONY: install
install: ## Installs the executable or package
@echo "+ $@"
go install -a -tags "$(BUILDTAGS)" ${GO_LDFLAGS} .
define buildpretty
mkdir -p $(BUILDDIR)/$(1)/$(2);
GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 go build \
-o $(BUILDDIR)/$(1)/$(2)/$(NAME) \
-a -tags "$(BUILDTAGS) static_build netgo" \
-installsuffix netgo ${GO_LDFLAGS_STATIC} .;
md5sum $(BUILDDIR)/$(1)/$(2)/$(NAME) > $(BUILDDIR)/$(1)/$(2)/$(NAME).md5;
sha256sum $(BUILDDIR)/$(1)/$(2)/$(NAME) > $(BUILDDIR)/$(1)/$(2)/$(NAME).sha256;
endef
.PHONY: cross
cross: *.go VERSION.txt ## Builds the cross-compiled binaries, creating a clean directory structure (eg. GOOS/GOARCH/binary)
@echo "+ $@"
$(foreach GOOSARCH,$(GOOSARCHES), $(call buildpretty,$(subst /,,$(dir $(GOOSARCH))),$(notdir $(GOOSARCH))))
define buildrelease
GOOS=$(1) GOARCH=$(2) CGO_ENABLED=0 go build \
-o $(BUILDDIR)/$(NAME)-$(1)-$(2) \
-a -tags "$(BUILDTAGS) static_build netgo" \
-installsuffix netgo ${GO_LDFLAGS_STATIC} .;
md5sum $(BUILDDIR)/$(NAME)-$(1)-$(2) > $(BUILDDIR)/$(NAME)-$(1)-$(2).md5;
sha256sum $(BUILDDIR)/$(NAME)-$(1)-$(2) > $(BUILDDIR)/$(NAME)-$(1)-$(2).sha256;
endef
.PHONY: release
release: *.go VERSION.txt ## Builds the cross-compiled binaries, naming them in such a way for release (eg. binary-GOOS-GOARCH)
@echo "+ $@"
$(foreach GOOSARCH,$(GOOSARCHES), $(call buildrelease,$(subst /,,$(dir $(GOOSARCH))),$(notdir $(GOOSARCH))))
.PHONY: bump-version
BUMP := patch
bump-version: ## Bump the version in the version file. Set BUMP to [ patch | major | minor ]
@go get -u github.com/jessfraz/junk/sembump # update sembump tool
$(eval NEW_VERSION = $(shell sembump --kind $(BUMP) $(VERSION)))
@echo "Bumping VERSION.txt from $(VERSION) to $(NEW_VERSION)"
echo $(NEW_VERSION) > VERSION.txt
@echo "Updating links to download binaries in README.md"
sed -i s/$(VERSION)/$(NEW_VERSION)/g README.md
git add VERSION.txt README.md
git commit -vsam "Bump version to $(NEW_VERSION)"
@echo "Run make tag to create and push the tag for new version $(NEW_VERSION)"
.PHONY: tag
tag: ## Create a new git tag to prepare to build a release
git tag -sa $(VERSION) -m "$(VERSION)"
@echo "Run git push origin $(VERSION) to push your new tag to GitHub and trigger a travis build."
.PHONY: clean
clean: ## Cleanup any build binaries or packages
@echo "+ $@"
$(RM) $(NAME)
$(RM) -r $(BUILDDIR)
.PHONY: help
help:
@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'

177
vendor/github.com/genuinetools/amicontained/README.md generated vendored
View File

@@ -1,177 +0,0 @@
# amicontained
[![Travis CI](https://travis-ci.org/genuinetools/amicontained.svg?branch=master)](https://travis-ci.org/genuinetools/amicontained)
Container introspection tool. Find out what container runtime is being used as
well as features available.
- [Installation](#installation)
+ [Binaries](#binaries)
+ [Via Go](#via-go)
- [Usage](#usage)
- [Examples](#examples)
+ [docker](#docker)
+ [lxc](#lxc)
+ [systemd-nspawn](#systemd-nspawn)
+ [rkt](#rkt)
+ [unshare](#unshare)
## Installation
#### Binaries
- **linux** [386](https://github.com/genuinetools/amicontained/releases/download/v0.4.0/amicontained-linux-386) / [amd64](https://github.com/genuinetools/amicontained/releases/download/v0.4.0/amicontained-linux-amd64) / [arm](https://github.com/genuinetools/amicontained/releases/download/v0.4.0/amicontained-linux-arm) / [arm64](https://github.com/genuinetools/amicontained/releases/download/v0.4.0/amicontained-linux-arm64)
#### Via Go
```bash
$ go get github.com/genuinetools/amicontained
```
## Usage
```console
$ amicontained -h
_ _ _ _
__ _ _ __ ___ (_) ___ ___ _ __ | |_ __ _(_)_ __ ___ __| |
/ _` | '_ ` _ \| |/ __/ _ \| '_ \| __/ _` | | '_ \ / _ \/ _` |
| (_| | | | | | | | (_| (_) | | | | || (_| | | | | | __/ (_| |
\__,_|_| |_| |_|_|\___\___/|_| |_|\__\__,_|_|_| |_|\___|\__,_|
Container introspection tool.
Version: v0.4.0
-d run in debug mode
-v print version and exit (shorthand)
-version
print version and exit
```
## Examples
#### docker
```console
$ docker run --rm -it r.j3ss.co/amicontained
Container Runtime: docker
Has Namespaces:
pid: true
user: true
User Namespace Mappings:
Container -> 0
Host -> 886432
Range -> 65536
AppArmor Profile: docker-default (enforce)
Capabilities:
BOUNDING -> chown dac_override fowner fsetid kill setgid setuid setpcap net_bind_service net_raw sys_chroot mknod audit_write setfcap
Chroot (not pivot_root): false
$ docker run --rm -it --pid host r.j3ss.co/amicontained
Container Runtime: docker
Has Namespaces:
pid: false
user: false
AppArmor Profile: docker-default (enforce)
Capabilities:
BOUNDING -> chown dac_override fowner fsetid kill setgid setuid setpcap net_bind_service net_raw sys_chroot mknod audit_write setfcap
Chroot (not pivot_root): false
$ docker run --rm -it --security-opt "apparmor=unconfined" r.j3ss.co/amicontained
Container Runtime: docker
Has Namespaces:
pid: true
user: false
AppArmor Profile: unconfined
Capabilities:
BOUNDING -> chown dac_override fowner fsetid kill setgid setuid setpcap net_bind_service net_raw sys_chroot mknod audit_write setfcap
Chroot (not pivot_root): false
```
#### lxc
```console
$ lxc-attach -n xenial
root@xenial:/# amicontained
Container Runtime: lxc
Has Namespaces:
pid: true
user: true
User Namespace Mappings:
Container -> 0 Host -> 100000 Range -> 65536
AppArmor Profile: none
Capabilities:
BOUNDING -> chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_tty_config mknod lease audit_write audit_control setfcap syslog wake_alarm block_suspend audit_read
Chroot (not pivot_root): false
$ lxc-execute -n xenial -- /bin/amicontained
Container Runtime: lxc
Has Namespaces:
pid: true
user: true
User Namespace Mappings:
Container -> 0 Host -> 100000 Range -> 65536
AppArmor Profile: none
Capabilities:
BOUNDING -> chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_tty_config mknod lease audit_write audit_control setfcap syslog wake_alarm block_suspend audit_read
Chroot (not pivot_root): false
```
#### systemd-nspawn
```console
$ sudo systemd-nspawn --machine amicontained --directory nspawn-amicontained /usr/bin/amicontained
Spawning container amicontained on /home/genuinetools/nspawn-amicontained.
Press ^] three times within 1s to kill container.
Timezone UTC does not exist in container, not updating container timezone.
Container Runtime: systemd-nspawn
Has Namespaces:
pid: true
user: false
AppArmor Profile: none
Capabilities:
BOUNDING -> chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_raw ipc_owner sys_chroot sys_ptrace sys_admin sys_boot sys_nice sys_resource sys_tty_config mknod lease audit_write audit_control setfcap
Chroot (not pivot_root): false
Container amicontained exited successfully.
```
#### rkt
```console
$ sudo rkt --insecure-options=image run docker://r.j3ss.co/amicontained
[ 631.522121] amicontained[5]: Container Runtime: rkt
[ 631.522471] amicontained[5]: Host PID Namespace: false
[ 631.522617] amicontained[5]: AppArmor Profile: none
[ 631.522768] amicontained[5]: User Namespace: false
[ 631.522922] amicontained[5]: Capabilities:
[ 631.523075] amicontained[5]: BOUNDING -> chown dac_override fowner fsetid kill setgid setuid setpcap net_bind_service net_raw sys_chroot mknod audit_write setfcap
[ 631.523213] amicontained[5]: Chroot (not pivot_root): false
$ sudo rkt --insecure-options=image run --private-users=true --no-overlay docker://r.j3ss.co/amicontained
[ 785.547050] amicontained[5]: Container Runtime: rkt
[ 785.547360] amicontained[5]: Host PID Namespace: false
[ 785.547567] amicontained[5]: AppArmor Profile: none
[ 785.547717] amicontained[5]: User Namespace: true
[ 785.547856] amicontained[5]: User Namespace Mappings:
[ 785.548064] amicontained[5]: Container -> 0 Host -> 229834752 Range -> 65536
[ 785.548335] amicontained[5]: Capabilities:
[ 785.548537] amicontained[5]: BOUNDING -> chown dac_override fowner fsetid kill setgid setuid setpcap net_bind_service net_raw sys_chroot mknod audit_write setfcap
[ 785.548679] amicontained[5]: Chroot (not pivot_root): false
```
#### unshare
```console
$ sudo unshare --user -r
root@coreos:/home/jessie/.go/src/github.com/genuinetools/amicontained# ./amicontained
Container Runtime: not-found
Has Namespaces:
pid: false
user: true
User Namespace Mappings:
Container -> 0
Host -> 0
Range -> 1
AppArmor Profile: unconfined
Capabilities:
BOUNDING -> chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_module sys_rawio sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_time sys_tty_config mknod lease audit_write audit_control setfcap mac_override mac_admin syslog wake_alarm block_suspend audit_read
Chroot (not pivot_root): false
```

1
vendor/github.com/genuinetools/amicontained/VERSION.txt generated vendored
View File

@@ -1 +0,0 @@
v0.4.0

41
vendor/github.com/genuinetools/amicontained/container/container_test.go generated vendored
View File

@@ -1,41 +0,0 @@
package container
import (
"testing"
)
func TestReadUserMappings(t *testing.T) {
f := ` 0 100000 1000
1000 1000 1
1001 101001 64535`
expected := []UserMapping{
{
ContainerID: 0,
HostID: 100000,
Range: 1000,
},
{
ContainerID: 1000,
HostID: 1000,
Range: 1,
},
{
ContainerID: 1001,
HostID: 101001,
Range: 64535,
},
}
userNs, mappings, err := readUserMappings(f)
if err != nil {
t.Fatal(err)
}
if !userNs {
t.Fatal("expected user namespaces to be true")
}
if len(expected) != len(mappings) {
t.Fatalf("expected length %d got %d", len(expected), len(mappings))
}
}

145
vendor/github.com/genuinetools/amicontained/main.go generated vendored
View File

@@ -1,145 +0,0 @@
package main
import (
"flag"
"fmt"
"log"
"os"
"strings"
"github.com/genuinetools/amicontained/container"
"github.com/genuinetools/amicontained/version"
"github.com/sirupsen/logrus"
)
const (
// BANNER is what is printed for help/info output
BANNER = ` _ _ _ _
__ _ _ __ ___ (_) ___ ___ _ __ | |_ __ _(_)_ __ ___ __| |
/ _` + "`" + ` | '_ ` + "`" + ` _ \| |/ __/ _ \| '_ \| __/ _` + "`" + ` | | '_ \ / _ \/ _` + "`" + ` |
| (_| | | | | | | | (_| (_) | | | | || (_| | | | | | __/ (_| |
\__,_|_| |_| |_|_|\___\___/|_| |_|\__\__,_|_|_| |_|\___|\__,_|
Container introspection tool.
Version: %s
`
)
var (
debug bool
vrsn bool
)
func init() {
// parse flags
flag.BoolVar(&vrsn, "version", false, "print version and exit")
flag.BoolVar(&vrsn, "v", false, "print version and exit (shorthand)")
flag.BoolVar(&debug, "d", false, "run in debug mode")
flag.Usage = func() {
fmt.Fprint(os.Stderr, fmt.Sprintf(BANNER, version.VERSION))
flag.PrintDefaults()
}
flag.Parse()
// set log level
if debug {
logrus.SetLevel(logrus.DebugLevel)
}
if vrsn {
fmt.Printf("amicontained version %s, build %s\n", version.VERSION, version.GITCOMMIT)
os.Exit(0)
}
if flag.NArg() < 1 {
return
}
// parse the arg
arg := flag.Args()[0]
if arg == "help" {
usageAndExit("", 0)
}
if arg == "version" {
fmt.Printf("amicontained version %s, build %s\n", version.VERSION, version.GITCOMMIT)
os.Exit(0)
}
}
func main() {
// Container Runtime
runtime, err := container.DetectRuntime()
if err != nil && err != container.ErrContainerRuntimeNotFound {
log.Fatal(err)
return
}
fmt.Printf("Container Runtime: %s\n", runtime)
// Namespaces
namespaces := []string{"pid"}
fmt.Println("Has Namespaces:")
for _, namespace := range namespaces {
ns, err := container.HasNamespace(namespace)
if err != nil {
fmt.Printf("\t%s: error -> %v\n", namespace, err)
continue
}
fmt.Printf("\t%s: %t\n", namespace, ns)
}
// User Namespaces
userNS, userMappings := container.UserNamespace()
fmt.Printf("\tuser: %t\n", userNS)
if len(userMappings) > 0 {
fmt.Println("User Namespace Mappings:")
for _, userMapping := range userMappings {
fmt.Printf("\tContainer -> %d\tHost -> %d\tRange -> %d\n", userMapping.ContainerID, userMapping.HostID, userMapping.Range)
}
}
// AppArmor Profile
aaprof := container.AppArmorProfile()
fmt.Printf("AppArmor Profile: %s\n", aaprof)
// Capabilities
caps, err := container.Capabilities()
if err != nil {
logrus.Warnf("getting capabilities failed: %v", err)
}
if len(caps) > 0 {
fmt.Println("Capabilities:")
for k, v := range caps {
if len(v) > 0 {
fmt.Printf("\t%s -> %s\n", k, strings.Join(v, " "))
}
}
}
// Chroot
chroot, err := container.Chroot()
if err != nil {
logrus.Debugf("chroot check error: %v", err)
}
fmt.Printf("Chroot (not pivot_root): %t\n", chroot)
// Seccomp
seccompMode, err := container.SeccompEnforcingMode()
if err != nil {
logrus.Debugf("error: %v", err)
}
fmt.Printf("Seccomp: %s\n", seccompMode)
}
func usageAndExit(message string, exitCode int) {
if message != "" {
fmt.Fprintf(os.Stderr, message)
fmt.Fprintf(os.Stderr, "\n\n")
}
flag.Usage()
fmt.Fprintf(os.Stderr, "\n")
os.Exit(exitCode)
}

7
vendor/github.com/genuinetools/amicontained/version/version.go generated vendored
View File

@@ -1,7 +0,0 @@
package version
// VERSION indicates which version of the binary is running.
var VERSION string
// GITCOMMIT indicates which git hash the binary was built off of
var GITCOMMIT string