mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-01-07 13:33:12 +00:00
ca9932abe5
I am deeply saddened at the fact that I need to do this. I have no interest in re-litigating everything that has happened over the past weeks and months, but I want to make my position(s) extremely clear: The thought of any of my work contributing to someone's death by drone makes me feel physically ill. Recent communications from senior members of the NixOS community have made it clear that leadership is unaware or uninterested in the basics of how to run and moderate a community in a way that is resilient to bad actors. The recent post by @edolstra is tone-deaf and gives me no confidence that the Nix/NixOS community is a place that I want to remain involved in going forward. I am thus choosing to remove myself from such a community. I also hereby resign from the ACME team. See also: #307033 Signed-off-by: Andrew Dunham <andrew@du.nham.ca>
44 lines
1.2 KiB
Nix
44 lines
1.2 KiB
Nix
# This test runs a container through gvisor and checks if simple container starts
|
|
|
|
import ./make-test-python.nix ({ pkgs, ... }: {
|
|
name = "gvisor";
|
|
meta = with pkgs.lib.maintainers; {
|
|
maintainers = [ ];
|
|
};
|
|
|
|
nodes = {
|
|
gvisor =
|
|
{ pkgs, ... }:
|
|
{
|
|
virtualisation.docker = {
|
|
enable = true;
|
|
extraOptions = "--add-runtime runsc=${pkgs.gvisor}/bin/runsc";
|
|
};
|
|
|
|
networking = {
|
|
dhcpcd.enable = false;
|
|
defaultGateway = "192.168.1.1";
|
|
interfaces.eth1.ipv4.addresses = pkgs.lib.mkOverride 0 [
|
|
{ address = "192.168.1.2"; prefixLength = 24; }
|
|
];
|
|
};
|
|
};
|
|
};
|
|
|
|
testScript = ''
|
|
start_all()
|
|
|
|
gvisor.wait_for_unit("network.target")
|
|
gvisor.wait_for_unit("sockets.target")
|
|
|
|
# Test the Docker runtime
|
|
gvisor.succeed("tar cv --files-from /dev/null | docker import - scratchimg")
|
|
gvisor.succeed(
|
|
"docker run -d --name=sleeping --runtime=runsc -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
|
|
)
|
|
gvisor.succeed("docker ps | grep sleeping")
|
|
gvisor.succeed("docker stop sleeping")
|
|
'';
|
|
})
|
|
|