Skip to content

Latest commit

 

History

History
84 lines (59 loc) · 3.33 KB

HACKING.rst

File metadata and controls

84 lines (59 loc) · 3.33 KB
Raw

The 'sandboxlib' library uses the PEP-8 coding style, as a guide.

Release process

Basically, tag the commit you're going to release with a sensible version number, then build and upload a source distribution tarball to PyPI.

The 'sandboxlib' library uses PBR, which makes packaging pretty easy. In particular, note that PBR will work out a version number automatically from Git tags.

You need:

Process:

  1. Run tests: sudo tox
  2. Create and push tag: git tag --annotate -m "sandboxlib version 0.0.0" 0.0.0 && git push --tags
  3. Create source distribution tarball: python ./setup.py sdist
  4. Upload to PyPI: twine upload -u $PYPI_USERNAME -p $PYPI_PASSWORD dist/sandboxlib-0.0.0.tar.gz

I intend to follow the PBR Linux/Python Compatible Semantic Versioning version scheme for this library. This is based on the semantic versioning and PEP 440 schemes.

For background on releasing to the Python Package Index (PyPI), see: https://packaging.python.org/en/latest/distributing.html.

Running the automated test suite

Use tox. You'll need 'py.test', 'tox' and their dependencies available.

You will also need to have installed the C library static libraries for -static linking (glibc-static package in Fedora).

Note that a lot of the tests will be skipped or fail if you don't run as 'root', because some of the sandboxing backends only work when you are the 'root' user. The test suite could handle this better than it does.

You can also run PYTHONPATH=. py.test, which is quicker but only tests with a single version of Python, and runs in your host environment rather than a clean one managed by 'virtualenv'.

On Mac OS X the test suite mostly doesn't work, because the C compiler on Mac OS X cannot build statically linked programs.

Testing that a sandbox conforms to the App Container spec

The App Container project provides an 'ace' package containing a `validator application for App Container Executors (ACEs)`_.

If you want to test whether a particular sandbox 'exec' module conforms to the App Container spec, try this. You'll need a golang compiler available, and you might need to set the GOPATH environment variable to point to a path where you're happy for Go to install dependencies.

First build the ace-validator-main.aci and ace-validator-sidekick.aci App Container images:

git clone git://github.com/appc/spec appc-spec
cd appc-spec
ace/build
cd -

Then, use the run-sandbox program from this repository to run the image:

run-sandbox appc-spec/ace/build/ace-validator-main.aci -e linux-user-chroot