| { | |
| "ociVersion": "1.0.0", | |
| "process": { | |
| "user": { | |
| "uid": 0, | |
| "gid": 0 | |
| }, | |
| "args": [ | |
| "/runner" | |
| ], | |
| "env": [ | |
| "PATH=/usr/local/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", | |
| "TERM=xterm" | |
| ], | |
| "cwd": "/", | |
| "capabilities": { | |
| "bounding": [ | |
| "CAP_AUDIT_WRITE", | |
| "CAP_KILL", | |
| "CAP_NET_BIND_SERVICE" | |
| ], | |
| "effective": [ | |
| "CAP_AUDIT_WRITE", | |
| "CAP_KILL", | |
| "CAP_NET_BIND_SERVICE" | |
| ], | |
| "inheritable": [ | |
| "CAP_AUDIT_WRITE", | |
| "CAP_KILL", | |
| "CAP_NET_BIND_SERVICE" | |
| ], | |
| "permitted": [ | |
| "CAP_AUDIT_WRITE", | |
| "CAP_KILL", | |
| "CAP_NET_BIND_SERVICE" | |
| ] | |
| }, | |
| "rlimits": [ | |
| { | |
| "type": "RLIMIT_NOFILE", | |
| "hard": 1048576, | |
| "soft": 1048576 | |
| } | |
| ] | |
| }, | |
| "root": { | |
| "path": "rootfs", | |
| "readonly": false | |
| }, | |
| "hostname": "runsc", | |
| "mounts": [ | |
| { | |
| "destination": "/proc", | |
| "type": "proc", | |
| "source": "proc" | |
| }, | |
| { | |
| "destination": "/dev", | |
| "type": "tmpfs", | |
| "source": "tmpfs" | |
| }, | |
| { | |
| "destination": "/sys", | |
| "type": "sysfs", | |
| "source": "sysfs", | |
| "options": [ | |
| "nosuid", | |
| "noexec", | |
| "nodev", | |
| "ro" | |
| ] | |
| } | |
| ], | |
| "linux": { | |
| "namespaces": [ | |
| { | |
| "type": "pid" | |
| }, | |
| { | |
| "type": "network" | |
| }, | |
| { | |
| "type": "ipc" | |
| }, | |
| { | |
| "type": "uts" | |
| }, | |
| { | |
| "type": "mount" | |
| } | |
| ] | |
| } | |
| } |