From 8fc1769303f5e993a4265956200e250f28f1bb6d Mon Sep 17 00:00:00 2001 From: Christof Marti Date: Wed, 20 Mar 2024 08:38:12 +0100 Subject: [PATCH 1/5] Only use SELinux label for Linux hosts --- src/spec-configuration/containerFeaturesConfiguration.ts | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/spec-configuration/containerFeaturesConfiguration.ts b/src/spec-configuration/containerFeaturesConfiguration.ts index d5cf48efb..8b5968f32 100644 --- a/src/spec-configuration/containerFeaturesConfiguration.ts +++ b/src/spec-configuration/containerFeaturesConfiguration.ts @@ -291,6 +291,7 @@ function escapeQuotesForShell(input: string) { export function getFeatureLayers(featuresConfig: FeaturesConfig, containerUser: string, remoteUser: string, isBuildah = false, useBuildKitBuildContexts = false, contentSourceRootPath = '/tmp/build-features') { + const useSELinuxLabel = process.platform === 'linux' && isBuildah; const builtinsEnvFile = `${path.posix.join(FEATURES_CONTAINER_TEMP_DEST_FOLDER, 'devcontainer-features.builtin.env')}`; let result = `RUN \\ echo "_CONTAINER_USER_HOME=$(${getEntPasswdShellCommand(containerUser)} | cut -d: -f6)" >> ${builtinsEnvFile} && \\ @@ -312,7 +313,7 @@ RUN chmod -R 0755 ${dest} \\ `; } else { - result += `RUN --mount=type=bind,from=dev_containers_feature_content_source,source=${source},target=/tmp/build-features-src/${folder}${isBuildah ? ',z' : ''} \\ + result += `RUN --mount=type=bind,from=dev_containers_feature_content_source,source=${source},target=/tmp/build-features-src/${folder}${useSELinuxLabel ? ',z' : ''} \\ cp -ar /tmp/build-features-src/${folder} ${FEATURES_CONTAINER_TEMP_DEST_FOLDER} \\ && chmod -R 0755 ${dest} \\ && cd ${dest} \\ @@ -340,7 +341,7 @@ RUN chmod -R 0755 ${dest} \\ `; } else { result += ` -RUN --mount=type=bind,from=dev_containers_feature_content_source,source=${source},target=/tmp/build-features-src/${feature.consecutiveId}${isBuildah ? ',z' : ''} \\ +RUN --mount=type=bind,from=dev_containers_feature_content_source,source=${source},target=/tmp/build-features-src/${feature.consecutiveId}${useSELinuxLabel ? ',z' : ''} \\ cp -ar /tmp/build-features-src/${feature.consecutiveId} ${FEATURES_CONTAINER_TEMP_DEST_FOLDER} \\ && chmod -R 0755 ${dest} \\ && cd ${dest} \\ From 01f4e2d1b7164aec053a85639fee9424c66ecb96 Mon Sep 17 00:00:00 2001 From: Christof Marti Date: Wed, 20 Mar 2024 08:42:35 +0100 Subject: [PATCH 2/5] Update actions for new Node version --- .github/workflows/build-chat.yml | 2 +- .github/workflows/dev-containers.yml | 14 +++++++------- .github/workflows/publish-dev-containers.yml | 4 ++-- .github/workflows/test-plan-item-validator.yml | 2 +- .github/workflows/test-windows.yml | 4 ++-- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/build-chat.yml b/.github/workflows/build-chat.yml index 63b7c8574..c6ac67e9f 100644 --- a/.github/workflows/build-chat.yml +++ b/.github/workflows/build-chat.yml @@ -20,7 +20,7 @@ jobs: environment: ci steps: - name: Checkout Actions - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: repository: "microsoft/vscode-github-triage-actions" path: ./actions diff --git a/.github/workflows/dev-containers.yml b/.github/workflows/dev-containers.yml index 3e5c392ff..26b2933e4 100644 --- a/.github/workflows/dev-containers.yml +++ b/.github/workflows/dev-containers.yml @@ -13,8 +13,8 @@ jobs: name: CLI runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: actions/setup-node@v1 + - uses: actions/checkout@v4 + - uses: actions/setup-node@v4 with: node-version: '18.x' registry-url: 'https://npm.pkg.github.com' @@ -33,7 +33,7 @@ jobs: echo "TGZ=devcontainers-cli-${VERSION}.tgz" | tee -a $GITHUB_ENV echo "TGZ_UPLOAD=devcontainers-cli-${VERSION}-${GITHUB_SHA:0:8}.tgz" | tee -a $GITHUB_ENV - name: Store TGZ - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 with: name: ${{ env.TGZ_UPLOAD }} path: ${{ env.TGZ }} @@ -61,9 +61,9 @@ jobs: ] steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Setup Node.js - uses: actions/setup-node@v1 + uses: actions/setup-node@v4 with: node-version: '18.x' registry-url: 'https://npm.pkg.github.com' @@ -88,9 +88,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Setup Node.js - uses: actions/setup-node@v1 + uses: actions/setup-node@v4 with: node-version: '18.x' registry-url: 'https://npm.pkg.github.com' diff --git a/.github/workflows/publish-dev-containers.yml b/.github/workflows/publish-dev-containers.yml index b9d96795f..6dd0845d5 100644 --- a/.github/workflows/publish-dev-containers.yml +++ b/.github/workflows/publish-dev-containers.yml @@ -10,9 +10,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Setup Node.js - uses: actions/setup-node@v1 + uses: actions/setup-node@v4 with: node-version: '18.x' registry-url: 'https://registry.npmjs.org' diff --git a/.github/workflows/test-plan-item-validator.yml b/.github/workflows/test-plan-item-validator.yml index 69370c2a8..22f75ba44 100644 --- a/.github/workflows/test-plan-item-validator.yml +++ b/.github/workflows/test-plan-item-validator.yml @@ -9,7 +9,7 @@ jobs: steps: - name: Checkout Actions if: contains(github.event.issue.labels.*.name, 'testplan-item') || contains(github.event.issue.labels.*.name, 'invalid-testplan-item') - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: repository: 'microsoft/vscode-github-triage-actions' ref: stable diff --git a/.github/workflows/test-windows.yml b/.github/workflows/test-windows.yml index 0ee2929fa..ce1cd560b 100644 --- a/.github/workflows/test-windows.yml +++ b/.github/workflows/test-windows.yml @@ -46,9 +46,9 @@ jobs: ] steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Setup Node.js - uses: actions/setup-node@v1 + uses: actions/setup-node@v4 with: node-version: '18.x' registry-url: 'https://npm.pkg.github.com' From 8ba8f36d5988f1da9f088bc9bd53693a6442aed5 Mon Sep 17 00:00:00 2001 From: Christof Marti Date: Wed, 20 Mar 2024 09:16:58 +0100 Subject: [PATCH 3/5] Investigate test failures --- .../dockerfile-with-v2-oci-features/.devcontainer.json | 2 +- src/test/container-features/e2e.test.ts | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/test/container-features/configs/dockerfile-with-v2-oci-features/.devcontainer.json b/src/test/container-features/configs/dockerfile-with-v2-oci-features/.devcontainer.json index c9d0dcd64..9eda81146 100644 --- a/src/test/container-features/configs/dockerfile-with-v2-oci-features/.devcontainer.json +++ b/src/test/container-features/configs/dockerfile-with-v2-oci-features/.devcontainer.json @@ -7,7 +7,7 @@ }, "features": { "terraform": "latest", - "ghcr.io/devcontainers/features/docker-in-docker@sha256:e32e8937c87345ff7a937d22cacb7f395d41deffde9943291ef3cc0ac91a8ac6": {}, + "ghcr.io/devcontainers/features/docker-in-docker@sha256:440bdb81cf8af43f3e922450d33db9775c1097340557a5b7b6fe705bc758c5ef": {}, "node": "16" } } \ No newline at end of file diff --git a/src/test/container-features/e2e.test.ts b/src/test/container-features/e2e.test.ts index 31f523fee..7976b0c95 100644 --- a/src/test/container-features/e2e.test.ts +++ b/src/test/container-features/e2e.test.ts @@ -69,10 +69,12 @@ describe('Dev Container Features E2E (remote)', function () { for (let i = 2; i >= 0; i--) { try { const res = await shellExec(`${cli} exec --workspace-folder ${testFolder} docker ps`); + await shellExec(`${cli} exec --workspace-folder ${testFolder} ps ax`); assert.isNull(res.error); assert.match(res.stdout, /CONTAINER ID/); break; } catch (err) { + await shellExec(`${cli} exec --workspace-folder ${testFolder} ps ax`); if (i === 0) { throw err; } @@ -111,10 +113,12 @@ describe('Dev Container Features E2E (remote)', function () { for (let i = 2; i >= 0; i--) { try { const res = await shellExec(`${cli} exec --workspace-folder ${testFolder} docker ps`); + await shellExec(`${cli} exec --workspace-folder ${testFolder} ps ax`); assert.isNull(res.error); assert.match(res.stdout, /CONTAINER ID/); break; } catch (err) { + await shellExec(`${cli} exec --workspace-folder ${testFolder} ps ax`); if (i === 0) { throw err; } From 05ae9d8c6e95ef08c7e6ade25857a40cfdb57e94 Mon Sep 17 00:00:00 2001 From: Christof Marti Date: Thu, 21 Mar 2024 10:41:42 +0100 Subject: [PATCH 4/5] 0.58.0 --- CHANGELOG.md | 5 +++++ package.json | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 067481057..8cdce0610 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,11 @@ Notable changes. ## March 2024 +### [0.58.0] +- Allow empty value for remote env. (https://github.com/devcontainers/ci/issues/231) +- Add generate-docs subcommand for templates and features. (https://github.com/devcontainers/cli/pull/759) +- Only use SELinux label for Linux hosts. (https://github.com/devcontainers/cli/issues/776) + ### [0.57.0] - Fix crash updating UID/GID when the image's platform is different from the native CPU arch (https://github.com/devcontainers/cli/pull/746) - Add tags with build command (https://github.com/devcontainers/ci/issues/271) diff --git a/package.json b/package.json index c457362ce..27c386368 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "@devcontainers/cli", "description": "Dev Containers CLI", - "version": "0.57.0", + "version": "0.58.0", "bin": { "devcontainer": "devcontainer.js" }, From 1da368b5a227acea4b427fea2da4548960a7a061 Mon Sep 17 00:00:00 2001 From: Christof Marti Date: Fri, 22 Mar 2024 16:16:57 +0100 Subject: [PATCH 5/5] Update to latest download action (#785) --- .github/workflows/publish-dev-containers.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-dev-containers.yml b/.github/workflows/publish-dev-containers.yml index 6dd0845d5..8e059287e 100644 --- a/.github/workflows/publish-dev-containers.yml +++ b/.github/workflows/publish-dev-containers.yml @@ -33,7 +33,7 @@ jobs: echo "TGZ=devcontainers-cli-${VERSION}.tgz" | tee -a $GITHUB_ENV echo "TGZ_UPLOAD=devcontainers-cli-${VERSION}-${GITHUB_SHA:0:8}.tgz" | tee -a $GITHUB_ENV - name: Download TGZ - uses: dawidd6/action-download-artifact@6f8f427fb41886a66b82ea11a5a15d1454c79415 + uses: dawidd6/action-download-artifact@09f2f74827fd3a8607589e5ad7f9398816f540fe with: workflow: dev-containers.yml workflow_conclusion: success