Skip to content

Instantly share code, notes, and snippets.

View vbatts's full-sized avatar
🧁

Vincent Batts vbatts

🧁
543 followers · 22 following
View GitHub Profile
@vbatts
vbatts / setup.sh
Last active August 29, 2015 14:09
test setup for https://github.com/docker/docker/pull/9006
#!/bin/sh
set -e
dd of=pool.img if=/dev/zero bs=1G count=2
dd of=meta.img if=/dev/zero bs=1G count=1
l1=$(sudo losetup -f)
sudo losetup ${l1} ./pool.img
l2=$(sudo losetup -f)
@vbatts
vbatts / ensure_loops.sh
Created November 6, 2014 15:35
ensure enough loop devices. Pulled from https://github.com/jpetazzo/dind/issues/19#issuecomment-48859883 but ensure there are at least 4 loop devices
#!/bin/bash
ensure_loop(){
num="$1"
dev="/dev/loop$num"
if test -b "$dev"; then
echo "$dev is a usable loop device."
return 0
fi
echo "Attempting to create $dev for docker ..."
@vbatts
vbatts / Dockerfile
Last active August 29, 2015 14:06
centos7 builds of go1.3.1 and docker 1.2
FROM centos:latest
RUN yum groupinstall -y "development tools" && \
yum install -y yum-utils wget
RUN wget https://kojipkgs.fedoraproject.org//packages/golang/1.3.1/3.fc22/src/golang-1.3.1-3.fc22.src.rpm \
https://kojipkgs.fedoraproject.org//packages/docker-io/1.2.0/2.fc22/src/docker-io-1.2.0-2.fc22.src.rpm \
https://kojipkgs.fedoraproject.org//packages/golang-github-coreos-go-systemd/2/1.el7/src/golang-github-coreos-go-systemd-2-1.el7.src.rpm \
https://kojipkgs.fedoraproject.org//packages/golang-github-docker-libcontainer/1.1.0/10.gitdb65c35.fc22/src/golang-github-docker-libcontainer-1.1.0-10.gitdb65c35.fc22.src.rpm \
https://kojipkgs.fedoraproject.org//packages/golang-github-gorilla-mux/0/0.15.git136d54f.fc22/src/golang-github-gorilla-mux-0-0.15.git136d54f.fc22.src.rpm \
https://kojipkgs.fedoraproject.org//packages/golang-github-syndtr-gocapability/0/0.8.git3c85049.fc22/src/golang-github-syndtr-gocapability-0-0.8.git3c85049.fc22.src.rpm \
https://koj
@vbatts
vbatts / signing_and_provenance.md
Created July 28, 2014 20:00 — forked from aweiteka/signing_and_provenance.md

Definitions

  1. Image – immutable detached content that is means for instantiating a container
  2. registry – an endpoint that can serve information named images, within a namespace.
  3. image namespace – the owner scope of an image
  4. namespace identity – cryptographically safe identity or fingerprint for an image namespace

Requirements

  • definition of a registry as an endpoint for identity of a requested image’s namespace
  • detached validating of the identity of an image’s namespace
  • sane default registry of the docker hub
@vbatts
vbatts / test-env-leak.sh
Last active August 29, 2015 14:04
Docker: Environment variables are no place for secrets
#!/bin/sh
envfile=$(mktemp)
# Hard set one variable
echo FOO=bar >> ${envfile}
# and one pass through
echo BAZ >> ${envfile}
export BAZ="bif"
@vbatts
vbatts / images-tree.go
Last active August 29, 2015 14:02
example for https://github.com/dotcloud/docker/pull/5001
package main
import (
"flag"
"fmt"
"io"
"io/ioutil"
"log"
"os"
"strings"
@vbatts
vbatts / sizes.rb
Created May 20, 2014 16:09
get sizes of docker image layers
#!/usr/bin/env ruby
DOCKER = ENV["DOCKER"] || "/usr/bin/docker"
NO_VALUE = '<no value>'
def main(args)
args.each do |arg|
image_id = get_image_id(arg)
#next if image_id.length == 0
@vbatts
vbatts / Dockerfile
Last active August 29, 2015 14:01
reproducing the failure of value.decode("utf8") in python https://github.com/akheron/cpython/blob/2.7/Lib/tarfile.py#L1393
FROM fedora:latest
RUN yum install -y attr
RUN touch file
RUN setcap 'cap_setgid,cap_setuid+ep' ./file && getcap ./file
@vbatts
vbatts / another.go
Last active August 29, 2015 14:01
get support capability
package main
/*
#include <linux/capability.h>
int has_cap_syslog() {
int ret = 0;
#ifdef CAP_SYSLOG
ret = 1;
#endif
@vbatts
vbatts / Dockerfile
Last active August 29, 2015 14:01
reproduction for https://bugzilla.redhat.com/show_bug.cgi?id=1087621
FROM fedora:rawhide
RUN yum install -y mock && yum clean all
RUN curl -o go1.2.1.linux-386.tar.gz https://go.googlecode.com/files/go1.2.1.linux-386.tar.gz
RUN useradd -m -u 1000 -G wheel,mock build
RUN sed -ri 's/^(%wheel.*)(ALL)$/\1NOPASSWD: \2/' /etc/sudoers
USER build