From 155facd430e4156012b22ff711d75d19a53c04b7 Mon Sep 17 00:00:00 2001 From: thediveo Date: Sat, 4 Oct 2025 21:26:41 +0200 Subject: [PATCH 1/6] chore: vscode workspace, recommend bash language server extension Signed-off-by: thediveo --- .vscode/extensions.json | 5 +++++ devcontainer-features.code-workspace | 8 ++++++++ 2 files changed, 13 insertions(+) create mode 100644 .vscode/extensions.json create mode 100644 devcontainer-features.code-workspace diff --git a/.vscode/extensions.json b/.vscode/extensions.json new file mode 100644 index 0000000..3367f5c --- /dev/null +++ b/.vscode/extensions.json @@ -0,0 +1,5 @@ +{ + "recommendations": [ + "mads-hartmann.bash-ide-vscode" + ] +} \ No newline at end of file diff --git a/devcontainer-features.code-workspace b/devcontainer-features.code-workspace new file mode 100644 index 0000000..876a149 --- /dev/null +++ b/devcontainer-features.code-workspace @@ -0,0 +1,8 @@ +{ + "folders": [ + { + "path": "." + } + ], + "settings": {} +} \ No newline at end of file From e73276f24f749a24ddead1edc5f0de2553d1e4c6 Mon Sep 17 00:00:00 2001 From: thediveo Date: Sat, 4 Oct 2025 21:27:06 +0200 Subject: [PATCH 2/6] feat: cni-plugins Signed-off-by: thediveo --- .github/workflows/test.yaml | 1 + src/cni-plugins/NOTES.md | 11 ++ src/cni-plugins/README.md | 36 +++++ src/cni-plugins/devcontainer-feature.json | 18 +++ src/cni-plugins/install.sh | 162 ++++++++++++++++++++++ test/cni-plugins/almalinux.sh | 4 + test/cni-plugins/debian.sh | 6 + test/cni-plugins/fedora.sh | 4 + test/cni-plugins/other-location.sh | 5 + test/cni-plugins/scenarios.json | 28 ++++ test/cni-plugins/test.sh | 10 ++ test/local-pkgsite/debian.sh | 2 - 12 files changed, 285 insertions(+), 2 deletions(-) create mode 100644 src/cni-plugins/NOTES.md create mode 100644 src/cni-plugins/README.md create mode 100644 src/cni-plugins/devcontainer-feature.json create mode 100755 src/cni-plugins/install.sh create mode 100644 test/cni-plugins/almalinux.sh create mode 100644 test/cni-plugins/debian.sh create mode 100644 test/cni-plugins/fedora.sh create mode 100644 test/cni-plugins/other-location.sh create mode 100644 test/cni-plugins/scenarios.json create mode 100755 test/cni-plugins/test.sh diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index f565f4b..a86be12 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -15,6 +15,7 @@ jobs: matrix: features: - bpftool + - cni-plguins - docsify - grafanactl - gocover diff --git a/src/cni-plugins/NOTES.md b/src/cni-plugins/NOTES.md new file mode 100644 index 0000000..404f10d --- /dev/null +++ b/src/cni-plugins/NOTES.md @@ -0,0 +1,11 @@ +## OS Support + +Tested with: +- [ghcr.io/almalinux/almalinux](https://ghcr.io/almalinux/almalinux), +- [mcr.microsoft.com/devcontainers/base:debian](https://mcr.microsoft.com/en-us/artifact/mar/devcontainers/base/about#about:_debian), +- [fedora](https://hub.docker.com/_/fedora), +- [mcr.microsoft.com/devcontainers/base:ubuntu](https://mcr.microsoft.com/en-us/artifact/mar/devcontainers/base/about#about:_ubuntu). + +## Acknowledgement + +[@containernetworking/plugins](https://github.com/containernetworking/plugins) diff --git a/src/cni-plugins/README.md b/src/cni-plugins/README.md new file mode 100644 index 0000000..3481b53 --- /dev/null +++ b/src/cni-plugins/README.md @@ -0,0 +1,36 @@ + +# CNI Plugins (cni-plugins) + +Installs CNI plugins from upstream. + +## Example Usage + +```json +"features": { + "ghcr.io/thediveo/devcontainer-features/cni-plugins:0": {} +} +``` + +## Options + +| Options Id | Description | Type | Default Value | +|-----|-----|-----|-----| +| version | version of cni-plugins to install | string | latest | +| plugins-path | path to install the CNI plugins into | string | /usr/lib/cni | + +## OS Support + +Tested with: +- [ghcr.io/almalinux/almalinux](https://ghcr.io/almalinux/almalinux), +- [mcr.microsoft.com/devcontainers/base:debian](https://mcr.microsoft.com/en-us/artifact/mar/devcontainers/base/about#about:_debian), +- [fedora](https://hub.docker.com/_/fedora), +- [mcr.microsoft.com/devcontainers/base:ubuntu](https://mcr.microsoft.com/en-us/artifact/mar/devcontainers/base/about#about:_ubuntu). + +## Acknowledgement + +[@containernetworking/plugins](https://github.com/containernetworking/plugins) + + +--- + +_Note: This file was auto-generated from the [devcontainer-feature.json](https://github.com/thediveo/devcontainer-features/blob/main/src/cni-plugins/devcontainer-feature.json). Add additional notes to a `NOTES.md`._ diff --git a/src/cni-plugins/devcontainer-feature.json b/src/cni-plugins/devcontainer-feature.json new file mode 100644 index 0000000..5ba86ea --- /dev/null +++ b/src/cni-plugins/devcontainer-feature.json @@ -0,0 +1,18 @@ +{ + "name": "CNI Plugins", + "id": "cni-plugins", + "version": "0.0.1", + "description": "Installs CNI plugins from upstream.", + "options": { + "version": { + "type": "string", + "default": "latest", + "description": "version of cni-plugins to install" + }, + "plugins-path": { + "type": "string", + "default": "/usr/lib/cni", + "description": "path to install the CNI plugins into" + } + } +} \ No newline at end of file diff --git a/src/cni-plugins/install.sh b/src/cni-plugins/install.sh new file mode 100755 index 0000000..4d9f865 --- /dev/null +++ b/src/cni-plugins/install.sh @@ -0,0 +1,162 @@ +#!/usr/bin/env bash + +# Distribution and package manager detection are licensed by Microsoft +# Corporation under the MIT License, please refer to: +# https://github.com/devcontainers/features/blob/main/src/go/install.sh: +# +# Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the +# MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license +# information + +set -e + +CNIPLUGINS_VERSION="${VERSION:-"latest"}" +CNIPLUGINS_PATH="${PLUGINS_PATH:-"/usr/lib/cni"}" + +REPOSLUG="containernetworking/plugins" +QUERYLATEST_URL="https://api.github.com/repos/${REPOSLUG}/releases/latest" +RELEASE_URL="https://github.com/${REPOSLUG}/releases/download/" + +echo "installing feature cni-plugins..." + +if [ "$(id -u)" -ne 0 ]; then + echo -e 'Script must be run as root. Use sudo, su, or add "USER root" to your Dockerfile before running this script.' + exit 1 +fi + +# Bring in ID, ID_LIKE, VERSION_ID, VERSION_CODENAME +. /etc/os-release +# Get an adjusted ID independent of distro variants +MAJOR_VERSION_ID=$(echo ${VERSION_ID} | cut -d . -f 1) +if [ "${ID}" = "debian" ] || [ "${ID_LIKE}" = "debian" ]; then + ADJUSTED_ID="debian" +elif [[ "${ID}" = "rhel" || "${ID}" = "fedora" || "${ID}" = "mariner" || "${ID_LIKE}" = *"rhel"* || "${ID_LIKE}" = *"fedora"* || "${ID_LIKE}" = *"mariner"* ]]; then + ADJUSTED_ID="rhel" + if [[ "${ID}" = "rhel" ]] || [[ "${ID}" = *"alma"* ]] || [[ "${ID}" = *"rocky"* ]]; then + VERSION_CODENAME="rhel${MAJOR_VERSION_ID}" + else + VERSION_CODENAME="${ID}${MAJOR_VERSION_ID}" + fi +else + echo "Linux distro ${ID} not supported." + exit 1 +fi + +if [ "${ADJUSTED_ID}" = "rhel" ] && [ "${VERSION_CODENAME-}" = "centos7" ]; then + # As of 1 July 2024, mirrorlist.centos.org no longer exists. + # Update the repo files to reference vault.centos.org. + sed -i s/mirror.centos.org/vault.centos.org/g /etc/yum.repos.d/*.repo + sed -i s/^#.*baseurl=http/baseurl=http/g /etc/yum.repos.d/*.repo + sed -i s/^mirrorlist=http/#mirrorlist=http/g /etc/yum.repos.d/*.repo +fi + +# Setup INSTALL_CMD & PKG_MGR_CMD +if type apt-get > /dev/null 2>&1; then + PKG_MGR_CMD=apt-get + INSTALL_CMD="${PKG_MGR_CMD} -y install --no-install-recommends" +elif type microdnf > /dev/null 2>&1; then + PKG_MGR_CMD=microdnf + INSTALL_CMD="${PKG_MGR_CMD} ${INSTALL_CMD_ADDL_REPOS} -y install --refresh --best --nodocs --noplugins --setopt=install_weak_deps=0" +elif type dnf > /dev/null 2>&1; then + PKG_MGR_CMD=dnf + INSTALL_CMD="${PKG_MGR_CMD} ${INSTALL_CMD_ADDL_REPOS} -y install --refresh --best --nodocs --noplugins --setopt=install_weak_deps=0" +else + PKG_MGR_CMD=yum + INSTALL_CMD="${PKG_MGR_CMD} ${INSTALL_CMD_ADDL_REPOS} -y install --noplugins --setopt=install_weak_deps=0" +fi + +# Clean up +clean_up() { + case ${ADJUSTED_ID} in + debian) + rm -rf /var/lib/apt/lists/* + ;; + rhel) + rm -rf /var/cache/dnf/* /var/cache/yum/* + rm -rf /tmp/yum.log + rm -rf ${GPG_INSTALL_PATH} + ;; + esac +} +clean_up + +pkg_mgr_update() { + case $ADJUSTED_ID in + debian) + if [ "$(find /var/lib/apt/lists/* | wc -l)" = "0" ]; then + echo "Running apt-get update..." + ${PKG_MGR_CMD} update -y + fi + ;; + rhel) + if [ ${PKG_MGR_CMD} = "microdnf" ]; then + if [ "$(ls /var/cache/yum/* 2>/dev/null | wc -l)" = 0 ]; then + echo "Running ${PKG_MGR_CMD} makecache ..." + ${PKG_MGR_CMD} makecache + fi + else + if [ "$(ls /var/cache/${PKG_MGR_CMD}/* 2>/dev/null | wc -l)" = 0 ]; then + echo "Running ${PKG_MGR_CMD} check-update ..." + set +e + ${PKG_MGR_CMD} check-update + rc=$? + if [ $rc != 0 ] && [ $rc != 100 ]; then + exit 1 + fi + set -e + fi + fi + ;; + esac +} + +# Checks if packages are installed and installs them if not +check_packages() { + case ${ADJUSTED_ID} in + debian) + if ! dpkg -s "$@" > /dev/null 2>&1; then + pkg_mgr_update + ${INSTALL_CMD} "$@" + fi + ;; + rhel) + if ! rpm -q "$@" > /dev/null 2>&1; then + pkg_mgr_update + ${INSTALL_CMD} "$@" + fi + ;; + esac +} + +case $(uname -m) in + x86_64) ARCH="amd64";; + aarch64 | armv8*) ARCH="arm64";; + *) echo "Unsupported architecture: $(uname -m)"; exit 1;; +esac + +export DEBIAN_FRONTEND=noninteractive + +if ! type curl > /dev/null 2>&1; then + check_packages curl +fi + +if [ "$CNIPLUGINS_VERSION" = "latest" ]; then + # get latest release + CNIPLUGINS_VERSION=$(curl -s ${QUERYLATEST_URL} | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/') +fi + +echo version: $CNIPLUGINS_VERSION +echo for arch: $ARCH + +URL="${RELEASE_URL}${CNIPLUGINS_VERSION}/cni-plugins-linux-${ARCH}-${CNIPLUGINS_VERSION}.tgz" +echo "${URL}" + +curl -sSL -o /tmp/cni-plugins.tgz "${URL}" +ls -lH /tmp/cni-plugins.tgz +mkdir -p "${CNIPLUGINS_PATH}" +tar xzof /tmp/cni-plugins.tgz -C "${CNIPLUGINS_PATH}" +rm /tmp/cni-plugins.tgz + +clean_up + +echo "Done!" diff --git a/test/cni-plugins/almalinux.sh b/test/cni-plugins/almalinux.sh new file mode 100644 index 0000000..d4e56d7 --- /dev/null +++ b/test/cni-plugins/almalinux.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash +set -e + +. ./test.sh diff --git a/test/cni-plugins/debian.sh b/test/cni-plugins/debian.sh new file mode 100644 index 0000000..67ae783 --- /dev/null +++ b/test/cni-plugins/debian.sh @@ -0,0 +1,6 @@ +#!/usr/bin/env bash +set -e + +PORT=6666 + +. ./test.sh diff --git a/test/cni-plugins/fedora.sh b/test/cni-plugins/fedora.sh new file mode 100644 index 0000000..d4e56d7 --- /dev/null +++ b/test/cni-plugins/fedora.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash +set -e + +. ./test.sh diff --git a/test/cni-plugins/other-location.sh b/test/cni-plugins/other-location.sh new file mode 100644 index 0000000..3d93415 --- /dev/null +++ b/test/cni-plugins/other-location.sh @@ -0,0 +1,5 @@ +#!/usr/bin/env bash +set -e + +PLUGINS_PATH="/opt/cni/bin" +. ./test.sh diff --git a/test/cni-plugins/scenarios.json b/test/cni-plugins/scenarios.json new file mode 100644 index 0000000..4088823 --- /dev/null +++ b/test/cni-plugins/scenarios.json @@ -0,0 +1,28 @@ +{ + "other-location": { + "image": "mcr.microsoft.com/devcontainers/base:ubuntu-24.04", + "features": { + "cni-plugins": { + "plugin-path": "/opt/cni/bin" + } + } + }, + "almalinux": { + "image": "ghcr.io/almalinux/almalinux:9", + "features": { + "cni-plugins": {} + } + }, + "debian": { + "image": "mcr.microsoft.com/devcontainers/base:debian-12", + "features": { + "cni-plugins": {} + } + }, + "fedora": { + "image": "fedora", + "features": { + "cni-plugins": {} + } + } +} diff --git a/test/cni-plugins/test.sh b/test/cni-plugins/test.sh new file mode 100755 index 0000000..3395079 --- /dev/null +++ b/test/cni-plugins/test.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env bash +set -e + +CNIPLUGINS_PATH="${PLUGINS_PATH:-"/usr/lib/cni"}" + +source dev-container-features-test-lib + +check "bridge and macvlan plugins" bash -c "[ -x "${CNIPLUGINS_PATH}/bridge" ] && [ -x "${CNIPLUGINS_PATH}/macvlan" ]" + +reportResults diff --git a/test/local-pkgsite/debian.sh b/test/local-pkgsite/debian.sh index 67ae783..d4e56d7 100644 --- a/test/local-pkgsite/debian.sh +++ b/test/local-pkgsite/debian.sh @@ -1,6 +1,4 @@ #!/usr/bin/env bash set -e -PORT=6666 - . ./test.sh From 687c2f1341218c4b47eba194a07ad81487f67d6f Mon Sep 17 00:00:00 2001 From: thediveo Date: Sat, 4 Oct 2025 22:38:22 +0200 Subject: [PATCH 3/6] feat: nerdctl Signed-off-by: thediveo --- README.md | 6 + src/nerdctl/NOTES.md | 33 +++++ src/nerdctl/README.md | 58 +++++++++ src/nerdctl/devcontainer-feature.json | 18 +++ src/nerdctl/install.sh | 169 ++++++++++++++++++++++++++ test/nerdctl/almalinux.sh | 8 ++ test/nerdctl/debian.sh | 11 ++ test/nerdctl/fedora.sh | 11 ++ test/nerdctl/scenarios.json | 26 ++++ test/nerdctl/test.sh | 8 ++ 10 files changed, 348 insertions(+) create mode 100644 src/nerdctl/NOTES.md create mode 100644 src/nerdctl/README.md create mode 100644 src/nerdctl/devcontainer-feature.json create mode 100755 src/nerdctl/install.sh create mode 100644 test/nerdctl/almalinux.sh create mode 100644 test/nerdctl/debian.sh create mode 100644 test/nerdctl/fedora.sh create mode 100644 test/nerdctl/scenarios.json create mode 100755 test/nerdctl/test.sh diff --git a/README.md b/README.md index d16e297..59ac118 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,9 @@ Alpine](https://github.com/devcontainers/features/blob/091886b3568dad70f835cc428 https://github.com/libbpf/bpftool binary releases, especially avoiding the usual pain of upstream Debian/Ubuntu kernel-specific bpftool packages. +- [cni-plugins](src/cni-plugins/README.md) – installs CNI plugins directly from + upstream https://github.com/containernetworking/plugins binary releases. + - [docsify](src/docsify/README.md) – automatically serves ./docs workspace directory via `docsify serve` in the background (with the specific workspace location being configurable). @@ -40,6 +43,9 @@ Alpine](https://github.com/devcontainers/features/blob/091886b3568dad70f835cc428 - [local-pkgsite](src/local-pkgsite/README.md) – a local Go pkgsite serving the module documentation, with automatic project reload and browser refresh. +- [nerdctl](src/nerdctl/README.md) – installs `nerdctl` directly from upstream + https://github.com/containerd/nerdctl binary releases. + - [pin-github-action](src/pin-github-action/README.md) – provides mheaps's `pin-github-action` for pinning GitHub actions to specific hashes. diff --git a/src/nerdctl/NOTES.md b/src/nerdctl/NOTES.md new file mode 100644 index 0000000..75732ee --- /dev/null +++ b/src/nerdctl/NOTES.md @@ -0,0 +1,33 @@ +## Combining with `docker-in-docker` Feature + +Please note that the `docker-in-docker` feature is only available for +Debian/Docker-based base images. + +In order to use nerdctl with the `containerd` included in the +[`docker-in-docker`](https://github.com/devcontainers/features/tree/main/src/docker-in-docker) +feature, you need to explicitly configure the non-standard API endpoint URL for +`containerd` as follows: + +```json + "features": { + "ghcr.io/devcontainers/features/docker-in-docker:2": { + "dockerDashComposeVersion": "none", + "installDockerBuildx": false + }, + "ghcr.io/devcontainers/features/nerdctl:0": { + "containerd-api": "unix:///run/docker/containerd/containerd.sock" + } + } +``` + +## OS Support + +Tested with: +- [ghcr.io/almalinux/almalinux](https://ghcr.io/almalinux/almalinux), +- [mcr.microsoft.com/devcontainers/base:debian](https://mcr.microsoft.com/en-us/artifact/mar/devcontainers/base/about#about:_debian), +- [fedora](https://hub.docker.com/_/fedora), +- [mcr.microsoft.com/devcontainers/base:ubuntu](https://mcr.microsoft.com/en-us/artifact/mar/devcontainers/base/about#about:_ubuntu). + +## Acknowledgement + +[@containerd/nerdctl](https://github.com/containerd/nerdctl) diff --git a/src/nerdctl/README.md b/src/nerdctl/README.md new file mode 100644 index 0000000..11574d3 --- /dev/null +++ b/src/nerdctl/README.md @@ -0,0 +1,58 @@ + +# containerd control CLI (nerdctl) + +Installs nerdctl from upstream. + +## Example Usage + +```json +"features": { + "ghcr.io/thediveo/devcontainer-features/nerdctl:0": {} +} +``` + +## Options + +| Options Id | Description | Type | Default Value | +|-----|-----|-----|-----| +| version | version of cni-plugins to install | string | latest | +| containerd-api | path to containerd API endpoint | string | unix:///run/containerd/containerd.sock | + +## Combining with `docker-in-docker` Feature + +Please note that the `docker-in-docker` feature is only available for +Debian/Docker-based base images. + +In order to use nerdctl with the `containerd` included in the +[`docker-in-docker`](https://github.com/devcontainers/features/tree/main/src/docker-in-docker) +feature, you need to explicitly configure the non-standard API endpoint URL for +`containerd` as follows: + +```json + "features": { + "ghcr.io/devcontainers/features/docker-in-docker:2": { + "dockerDashComposeVersion": "none", + "installDockerBuildx": false + }, + "ghcr.io/devcontainers/features/nerdctl:0": { + "containerd-api": "unix:///run/docker/containerd/containerd.sock" + } + } +``` + +## OS Support + +Tested with: +- [ghcr.io/almalinux/almalinux](https://ghcr.io/almalinux/almalinux), +- [mcr.microsoft.com/devcontainers/base:debian](https://mcr.microsoft.com/en-us/artifact/mar/devcontainers/base/about#about:_debian), +- [fedora](https://hub.docker.com/_/fedora), +- [mcr.microsoft.com/devcontainers/base:ubuntu](https://mcr.microsoft.com/en-us/artifact/mar/devcontainers/base/about#about:_ubuntu). + +## Acknowledgement + +[@containerd/nerdctl](https://github.com/containerd/nerdctl) + + +--- + +_Note: This file was auto-generated from the [devcontainer-feature.json](https://github.com/thediveo/devcontainer-features/blob/main/src/nerdctl/devcontainer-feature.json). Add additional notes to a `NOTES.md`._ diff --git a/src/nerdctl/devcontainer-feature.json b/src/nerdctl/devcontainer-feature.json new file mode 100644 index 0000000..ecdaf8f --- /dev/null +++ b/src/nerdctl/devcontainer-feature.json @@ -0,0 +1,18 @@ +{ + "name": "containerd control CLI", + "id": "nerdctl", + "version": "0.0.1", + "description": "Installs nerdctl from upstream.", + "options": { + "version": { + "type": "string", + "default": "latest", + "description": "version of cni-plugins to install" + }, + "containerd-api": { + "type": "string", + "default": "unix:///run/containerd/containerd.sock", + "description": "path to containerd API endpoint" + } + } +} \ No newline at end of file diff --git a/src/nerdctl/install.sh b/src/nerdctl/install.sh new file mode 100755 index 0000000..fd04e17 --- /dev/null +++ b/src/nerdctl/install.sh @@ -0,0 +1,169 @@ +#!/usr/bin/env bash + +# Distribution and package manager detection are licensed by Microsoft +# Corporation under the MIT License, please refer to: +# https://github.com/devcontainers/features/blob/main/src/go/install.sh: +# +# Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the +# MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license +# information + +set -e + +NERDCTL_VERSION="${VERSION:-"latest"}" +CONTAINERD_API="${CONTAINERD_API:-"unix:///run/containerd/containerd.sock"}" + +REPOSLUG="containerd/nerdctl" +QUERYLATEST_URL="https://api.github.com/repos/${REPOSLUG}/releases/latest" +RELEASE_URL="https://github.com/${REPOSLUG}/releases/download/" + +echo "installing feature nerdctl..." + +if [ "$(id -u)" -ne 0 ]; then + echo -e 'Script must be run as root. Use sudo, su, or add "USER root" to your Dockerfile before running this script.' + exit 1 +fi + +# Bring in ID, ID_LIKE, VERSION_ID, VERSION_CODENAME +. /etc/os-release +# Get an adjusted ID independent of distro variants +MAJOR_VERSION_ID=$(echo ${VERSION_ID} | cut -d . -f 1) +if [ "${ID}" = "debian" ] || [ "${ID_LIKE}" = "debian" ]; then + ADJUSTED_ID="debian" +elif [[ "${ID}" = "rhel" || "${ID}" = "fedora" || "${ID}" = "mariner" || "${ID_LIKE}" = *"rhel"* || "${ID_LIKE}" = *"fedora"* || "${ID_LIKE}" = *"mariner"* ]]; then + ADJUSTED_ID="rhel" + if [[ "${ID}" = "rhel" ]] || [[ "${ID}" = *"alma"* ]] || [[ "${ID}" = *"rocky"* ]]; then + VERSION_CODENAME="rhel${MAJOR_VERSION_ID}" + else + VERSION_CODENAME="${ID}${MAJOR_VERSION_ID}" + fi +else + echo "Linux distro ${ID} not supported." + exit 1 +fi + +if [ "${ADJUSTED_ID}" = "rhel" ] && [ "${VERSION_CODENAME-}" = "centos7" ]; then + # As of 1 July 2024, mirrorlist.centos.org no longer exists. + # Update the repo files to reference vault.centos.org. + sed -i s/mirror.centos.org/vault.centos.org/g /etc/yum.repos.d/*.repo + sed -i s/^#.*baseurl=http/baseurl=http/g /etc/yum.repos.d/*.repo + sed -i s/^mirrorlist=http/#mirrorlist=http/g /etc/yum.repos.d/*.repo +fi + +# Setup INSTALL_CMD & PKG_MGR_CMD +if type apt-get > /dev/null 2>&1; then + PKG_MGR_CMD=apt-get + INSTALL_CMD="${PKG_MGR_CMD} -y install --no-install-recommends" +elif type microdnf > /dev/null 2>&1; then + PKG_MGR_CMD=microdnf + INSTALL_CMD="${PKG_MGR_CMD} ${INSTALL_CMD_ADDL_REPOS} -y install --refresh --best --nodocs --noplugins --setopt=install_weak_deps=0" +elif type dnf > /dev/null 2>&1; then + PKG_MGR_CMD=dnf + INSTALL_CMD="${PKG_MGR_CMD} ${INSTALL_CMD_ADDL_REPOS} -y install --refresh --best --nodocs --noplugins --setopt=install_weak_deps=0" +else + PKG_MGR_CMD=yum + INSTALL_CMD="${PKG_MGR_CMD} ${INSTALL_CMD_ADDL_REPOS} -y install --noplugins --setopt=install_weak_deps=0" +fi + +# Clean up +clean_up() { + case ${ADJUSTED_ID} in + debian) + rm -rf /var/lib/apt/lists/* + ;; + rhel) + rm -rf /var/cache/dnf/* /var/cache/yum/* + rm -rf /tmp/yum.log + rm -rf ${GPG_INSTALL_PATH} + ;; + esac +} +clean_up + +pkg_mgr_update() { + case $ADJUSTED_ID in + debian) + if [ "$(find /var/lib/apt/lists/* | wc -l)" = "0" ]; then + echo "Running apt-get update..." + ${PKG_MGR_CMD} update -y + fi + ;; + rhel) + if [ ${PKG_MGR_CMD} = "microdnf" ]; then + if [ "$(ls /var/cache/yum/* 2>/dev/null | wc -l)" = 0 ]; then + echo "Running ${PKG_MGR_CMD} makecache ..." + ${PKG_MGR_CMD} makecache + fi + else + if [ "$(ls /var/cache/${PKG_MGR_CMD}/* 2>/dev/null | wc -l)" = 0 ]; then + echo "Running ${PKG_MGR_CMD} check-update ..." + set +e + ${PKG_MGR_CMD} check-update + rc=$? + if [ $rc != 0 ] && [ $rc != 100 ]; then + exit 1 + fi + set -e + fi + fi + ;; + esac +} + +# Checks if packages are installed and installs them if not +check_packages() { + case ${ADJUSTED_ID} in + debian) + if ! dpkg -s "$@" > /dev/null 2>&1; then + pkg_mgr_update + ${INSTALL_CMD} "$@" + fi + ;; + rhel) + if ! rpm -q "$@" > /dev/null 2>&1; then + pkg_mgr_update + ${INSTALL_CMD} "$@" + fi + ;; + esac +} + +case $(uname -m) in + x86_64) ARCH="amd64";; + aarch64 | armv8*) ARCH="arm64";; + *) echo "Unsupported architecture: $(uname -m)"; exit 1;; +esac + +export DEBIAN_FRONTEND=noninteractive + +if ! type curl > /dev/null 2>&1; then + check_packages curl +fi + +if [ "$NERDCTL_VERSION" = "latest" ]; then + # get latest release + NERDCTL_VERSION=$(curl -s ${QUERYLATEST_URL} | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/') +fi + +echo version: $NERDCTL_VERSION +echo for arch: $ARCH + +URL="${RELEASE_URL}${NERDCTL_VERSION}/nerdctl-${NERDCTL_VERSION#v}-linux-${ARCH}.tar.gz" +echo "${URL}" + +curl -sSL -o /tmp/nerdctl.tar.gz "${URL}" +ls -lH /tmp/nerdctl.tar.gz +tar xzof /tmp/nerdctl.tar.gz -C /usr/local/bin/ nerdctl +chmod 0755 /usr/local/bin/nerdctl +rm /tmp/nerdctl.tar.gz + +mkdir -p /etc/nerdctl +cat <"/etc/nerdctl/nerdctl.toml" +debug = false +debug_full = false +address = "${CONTAINERD_API}" +EOF + +clean_up + +echo "Done!" diff --git a/test/nerdctl/almalinux.sh b/test/nerdctl/almalinux.sh new file mode 100644 index 0000000..fad0a2a --- /dev/null +++ b/test/nerdctl/almalinux.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env bash +set -e + +source dev-container-features-test-lib + +check "nerdctl" bash -c "nerdctl --version" + +reportResults diff --git a/test/nerdctl/debian.sh b/test/nerdctl/debian.sh new file mode 100644 index 0000000..8bdeed9 --- /dev/null +++ b/test/nerdctl/debian.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash +set -e + +source dev-container-features-test-lib + +# as we're combining this test with docker-in-docker, containerd's socket isn't +# in its default location and we explicitly specify it in this feature's options +# (whalewatchers: hold my beer...) +check "nerdctl" bash -c "sudo nerdctl ps" + +reportResults diff --git a/test/nerdctl/fedora.sh b/test/nerdctl/fedora.sh new file mode 100644 index 0000000..1edda60 --- /dev/null +++ b/test/nerdctl/fedora.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash +set -e + +source dev-container-features-test-lib + +# as we're combining this test with docker-in-docker, containerd's socket isn't +# in its default location and we explicitly specify it in this feature's options +# (whalewatchers: hold my beer...) +check "nerdctl" bash -c "nerdctl --version" + +reportResults diff --git a/test/nerdctl/scenarios.json b/test/nerdctl/scenarios.json new file mode 100644 index 0000000..9ef5cb8 --- /dev/null +++ b/test/nerdctl/scenarios.json @@ -0,0 +1,26 @@ +{ + "almalinux": { + "image": "ghcr.io/almalinux/almalinux:9", + "features": { + "nerdctl": {} + } + }, + "debian": { + "image": "mcr.microsoft.com/devcontainers/base:debian-12", + "features": { + "ghcr.io/devcontainers/features/docker-in-docker:2": { + "dockerDashComposeVersion": "none", + "installDockerBuildx": false + }, + "nerdctl": { + "containerd-api": "unix:///run/docker/containerd/containerd.sock" + } + } + }, + "fedora": { + "image": "fedora", + "features": { + "nerdctl": {} + } + } +} diff --git a/test/nerdctl/test.sh b/test/nerdctl/test.sh new file mode 100755 index 0000000..fad0a2a --- /dev/null +++ b/test/nerdctl/test.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env bash +set -e + +source dev-container-features-test-lib + +check "nerdctl" bash -c "nerdctl --version" + +reportResults From a82f81599b29fbf1d777d1795809c675c8ca1075 Mon Sep 17 00:00:00 2001 From: thediveo Date: Sat, 4 Oct 2025 22:39:41 +0200 Subject: [PATCH 4/6] chore: also test new nerdctl feature Signed-off-by: thediveo --- .github/workflows/test.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index a86be12..3370ab0 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -23,6 +23,7 @@ jobs: - go-mod-upgrade - goreportcard - local-pkgsite + - nerdctl - pin-github-action - wal-wahl baseImage: From 244f8c92371f75cfbcba8606f599a2a7bfdab820 Mon Sep 17 00:00:00 2001 From: thediveo Date: Sat, 4 Oct 2025 22:41:50 +0200 Subject: [PATCH 5/6] fix: cni-plugin name in test matrix Signed-off-by: thediveo --- .github/workflows/test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 3370ab0..3ba922e 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -15,7 +15,7 @@ jobs: matrix: features: - bpftool - - cni-plguins + - cni-plugins - docsify - grafanactl - gocover From 8dd9aecf8f7b9f4d158e735ce56496e37bee801d Mon Sep 17 00:00:00 2001 From: thediveo Date: Sat, 4 Oct 2025 22:45:46 +0200 Subject: [PATCH 6/6] test: fix cni-plugins other-location Signed-off-by: thediveo --- test/cni-plugins/scenarios.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/cni-plugins/scenarios.json b/test/cni-plugins/scenarios.json index 4088823..b7c1520 100644 --- a/test/cni-plugins/scenarios.json +++ b/test/cni-plugins/scenarios.json @@ -3,7 +3,7 @@ "image": "mcr.microsoft.com/devcontainers/base:ubuntu-24.04", "features": { "cni-plugins": { - "plugin-path": "/opt/cni/bin" + "plugins-path": "/opt/cni/bin" } } },