blob: 06c74964b7c19819c36a8ec5c4d676f234e77b49 [file] [log] [blame]
ZONE := us-central1-f
TEST_VM := gvisor-cos-test-vm
PROJ := golang-org
NETWORK := golang
# Docker environment for the sandbox server itself (containing docker CLI, etc), running
# in a privileged container.
docker build -f Dockerfile --tag=golang/playground-sandbox ..
docker tag golang/playground-sandbox$(PROJ)/playground-sandbox:latest
# dockergvisor builds the golang/playground-sandbox-gvisor docker
# image, which is the environment that the untrusted programs run in
# (a busybox:glibc world with this directory's sandbox binary which
# runs in --mode=contained)
docker build -f Dockerfile.gvisor --tag=golang/playground-sandbox-gvisor ..
docker tag golang/playground-sandbox-gvisor$(PROJ)/playground-sandbox-gvisor:latest
push: docker dockergvisor
docker push$(PROJ)/playground-sandbox:latest
docker push$(PROJ)/playground-sandbox-gvisor:latest
# runlocal runs the sandbox server locally, for use with the frontend
# parent directory's "test_nacl" or "test_gvisor" test targets.
runlocal: docker dockergvisor
docker network create sandnet || true
docker kill sandbox_dev || true
docker run --name=sandbox_dev --rm --network=sandnet -ti -p -v /var/run/docker.sock:/var/run/docker.sock golang/playground-sandbox:latest --dev
konlet.yaml.expanded: konlet.yaml
sed "s/PROJECT_NAME/$(PROJ)/" konlet.yaml > konlet.yaml.expanded
# create_test_vm creates a test VM for interactive debugging.
create_test_vm: konlet.yaml.expanded
gcloud --project=$(PROJ) compute instances create $(TEST_VM) \
--zone $(ZONE) \
--network $(NETWORK) \
--no-address \
--image-project cos-cloud \
--image cos-stable-76-12239-60-0 \
--metadata-from-file gce-container-declaration=konlet.yaml.expanded,user-data=cloud-init.yaml
# delete_test_vm deletes the test VM from create_test_vm.
gcloud --project=$(PROJ) compute instances delete $(TEST_VM) --quiet --zone $(ZONE)
# ssh connects to the create_test_vm VM. It must be run from the same network.
gcloud --project=$(PROJ) compute ssh $(TEST_VM) --internal-ip --zone $(ZONE)