Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-10-12 | context: add platform map | Matthias Schiffer | |
2021-10-12 | Update dependencies | Matthias Schiffer | |
2021-10-12 | util: fs: get rid of rm_rf dependency | Matthias Schiffer | |
All "interesting" deletions happen in a user namespace where we have CAP_DAC_OVERRIDE, so remove_dir_all() should be sufficient. | |||
2021-10-11 | Map single UID/GID, not full subid mapping | Matthias Schiffer | |
2021-10-11 | Switch to unprivileged user in container using unshare | Matthias Schiffer | |
We can get away with only a single user ID mapping by mapping UID 0 to the build UID using unshare. | |||
2021-10-11 | executor: sort and reformat summary output | Matthias Schiffer | |
2021-10-11 | container: do not hash layer if it is empty | Matthias Schiffer | |
2021-10-11 | runner: make layer hash output optional | Matthias Schiffer | |
There is no need to store a layer hash when the task has not touched any files. | |||
2021-10-10 | examples: rootfs: preserve hardlinks (and a few other things) | Matthias Schiffer | |
2021-10-10 | util: tar: remove unused unpack filter support | Matthias Schiffer | |
2021-10-10 | container: use GNU tar for packing outputs | Matthias Schiffer | |
Using GNU tar in a container is slightly slower than doing this in Rust, but we get hardlink support this way. | |||
2021-10-10 | container: run tar in more privileged container setup | Matthias Schiffer | |
Run as root and with CAP_DAC_READ_SEARCH to handle files with missing permissions correctly. We also don't create a user namespace for the container in this case, which might save a few milliseconds. | |||
2021-10-10 | container: use GNU tar to build layer tar | Matthias Schiffer | |
The Rust tar library is missing many features like hardlinks. To ensure reproduciblity, we run the tar command in a container as well. | |||
2021-10-10 | container: run cleanup after hashing and moving layer | Matthias Schiffer | |
2021-10-10 | container: clean up directory creation | Matthias Schiffer | |
2021-10-10 | util: fs: make mount() a toplevel function | Matthias Schiffer | |
2021-10-10 | container: switch to crun runtime | Matthias Schiffer | |
2021-10-10 | Rename runc runner to "container" | Matthias Schiffer | |
The runner should also work with other OCI runtimes. | |||
2021-10-10 | runc: do not mount /sys | Matthias Schiffer | |
A build task does not need /sys for anything. | |||
2021-10-10 | runc: do not change rootfs file owner to root | Matthias Schiffer | |
The rootfs is mounted read-only, the owner of the files does not matter. | |||
2021-10-09 | paths: remove defintions for TASK_TMP_BUILDDIR and its subdirs | Matthias Schiffer | |
2021-10-09 | runc: fix error handling when moving layer directory | Matthias Schiffer | |
2021-10-09 | runc: move main module to subdirectory | Matthias Schiffer | |
2021-10-09 | context: shorter alternative task format | Matthias Schiffer | |
Only print the package version and host/target architectures. | |||
2021-10-09 | Update dependencies | Matthias Schiffer | |
2021-10-09 | Refer to inherited tasks by their layer hash | Matthias Schiffer | |
2021-10-09 | runc: compute layer hash | Matthias Schiffer | |
2021-10-09 | Add layer hash to task output | Matthias Schiffer | |
For now, the hash is not actually computed. | |||
2021-10-08 | runc: use buffered writer for archive write | Matthias Schiffer | |
This should speed up both the actual file writing and the hashing. | |||
2021-10-08 | Switch from SHA256 to Blake3 for task hashes | Matthias Schiffer | |
Mostly relevant for output hashing, and the to-be-implemented workdir hashing. Passing data to the hasher is not optimized using a buffered writer yet. | |||
2021-10-08 | runc: reliable task cleanup | Matthias Schiffer | |
2021-10-08 | runc: add -x option to shell in task container | Matthias Schiffer | |
2021-10-08 | runc: persistently store task output | Matthias Schiffer | |
2021-10-07 | Update dependencies | Matthias Schiffer | |
2021-10-07 | Various code improvements suggested by clippy | Matthias Schiffer | |
2021-10-04 | recipe: used scoped TLS to base recipe name to deserializer | Matthias Schiffer | |
2021-10-04 | Update dependencies | Matthias Schiffer | |
2021-10-03 | Update dependencies | Matthias Schiffer | |
2021-10-03 | examples: split libgcc from gcc-libs package | Matthias Schiffer | |
Avoid building gcc-libs twice for cross-native toolchains. libgcc_s.so is still installed as part of gcc-libs. | |||
2021-10-03 | executor: store start time and duration of tasks | Matthias Schiffer | |
2021-10-02 | examples: rootfs: include toolchain | Matthias Schiffer | |
2021-10-02 | examples: gcc, gcc-libs: make recipes work with cross host build | Matthias Schiffer | |
2021-10-02 | examples: gcc: add dependencies for cross host build | Matthias Schiffer | |
2021-10-02 | examples: libgcc-initial: make code more generic | Matthias Schiffer | |
2021-10-02 | examples: binutils: allow build for cross host | Matthias Schiffer | |
2021-10-02 | context: assume that gcc dependencies are provided by rootfs | Matthias Schiffer | |
2021-10-02 | examples: add recipes for zlib, gmp, mpfr and mpc | Matthias Schiffer | |
These are dependencies of gcc. | |||
2021-10-02 | examples: remove redundant environment variables | Matthias Schiffer | |
2021-10-02 | executor: add various toolchain-related variables to the environment by default | Matthias Schiffer | |
2021-10-02 | Update dependencies | Matthias Schiffer | |