From dc28e5dbbdf80291ee52dc260616f055ca86d1c8 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Sun, 15 Mar 2026 03:14:21 +0900 Subject: [PATCH 1/2] Dockerfile: update test deps Signed-off-by: Akihiro Suda --- .github/workflows/main.yaml | 2 +- Dockerfile | 11 +++++------ 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 6db0e651..d586fb89 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -225,7 +225,7 @@ jobs: matrix: # The design of the proxy was changed in Docker v28. # rootlesskit-docker-proxy is no longer used since Docker v28. - docker_version: [27.5.1, 28.1.1] + docker_version: [27.5.1, 29.3.0] steps: - name: "Set up AppArmor" run: | diff --git a/Dockerfile b/Dockerfile index 63953b08..c8e95590 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,10 +1,10 @@ -ARG GO_VERSION=1.24 +ARG GO_VERSION=1.25 ARG UBUNTU_VERSION=24.04 ARG SHADOW_VERSION=4.17.4 -ARG SLIRP4NETNS_VERSION=v1.3.2 +ARG SLIRP4NETNS_VERSION=v1.3.3 ARG VPNKIT_VERSION=0.6.0 -ARG PASST_VERSION=2025_04_15.2340bbf -ARG DOCKER_VERSION=28.1.1 +ARG PASST_VERSION=2026_01_20.386b5f5 +ARG DOCKER_VERSION=29.3.0 ARG DOCKER_CHANNEL=stable FROM golang:${GO_VERSION}-alpine AS build @@ -95,8 +95,7 @@ FROM test-integration AS test-integration-docker ARG DOCKER_VERSION ARG DOCKER_CHANNEL RUN curl -fsSL https://download.docker.com/linux/static/${DOCKER_CHANNEL}/$(uname -m)/docker-${DOCKER_VERSION}.tgz | tar xz --strip-components=1 -C /home/user/bin/ -RUN curl -fsSL -o /home/user/bin/dockerd-rootless.sh https://raw.githubusercontent.com/moby/moby/v${DOCKER_VERSION}/contrib/dockerd-rootless.sh && \ - chmod +x /home/user/bin/dockerd-rootless.sh +RUN curl -fsSL https://download.docker.com/linux/static/${DOCKER_CHANNEL}/$(uname -m)/docker-rootless-extras-${DOCKER_VERSION}.tgz | tar xz --strip-components=1 -C /home/user/bin/ docker-rootless-extras/dockerd-rootless.sh # rootlesskit-docker-proxy is no longer needed since Docker v28 RUN --mount=source=/rootlesskit-docker-proxy,target=/tmp/rootlesskit-docker-proxy,from=artifact < Date: Sun, 15 Mar 2026 03:57:58 +0900 Subject: [PATCH 2/2] hack/integration-docker.sh: increase sleep Signed-off-by: Akihiro Suda --- hack/integration-docker.sh | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/hack/integration-docker.sh b/hack/integration-docker.sh index 23cdc449..db8fccbe 100755 --- a/hack/integration-docker.sh +++ b/hack/integration-docker.sh @@ -3,19 +3,23 @@ source $(realpath $(dirname $0))/common.inc.sh nonloopback="$(hostname -I | awk '{print $1}')" + +SLEEP_SECS=2 +[ "$DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER" = "implicit" ] && SLEEP_SECS=5 + docker rm -f nginx >/dev/null 2>&1 || true CURL="curl -fsSL" set -x docker run -d --name=nginx -p 8080:80 nginx:alpine -sleep 2 +sleep "$SLEEP_SECS" $CURL "http://127.0.0.1:8080" $CURL "http://${nonloopback}:8080" docker rm -f nginx docker run -d --name=nginx -p 127.0.0.1:8080:80 nginx:alpine -sleep 2 +sleep "$SLEEP_SECS" $CURL "http://127.0.0.1:8080" $CURL "http://${nonloopback}:8080" && ( ERROR "should fail"; exit 1 ) docker rm -f nginx @@ -24,7 +28,7 @@ docker rm -f nginx # "Error starting userland proxy: listen tcp4 172.18.0.2:8080: bind: cannot assign requested address." if [ "$DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER" != "implicit" ]; then docker run -d --name=nginx -p "${nonloopback}:8080:80" nginx:alpine - sleep 2 + sleep "$SLEEP_SECS" $CURL "http://127.0.0.1:8080" && ( ERROR "should fail"; exit 1 ) $CURL "http://${nonloopback}:8080" docker rm -f nginx