pyrox.dev
1{ lib
2, fetchFromGitHub
3, buildGoModule
4, go-md2man
5, installShellFiles
6, pkg-config
7, which
8, libapparmor
9, apparmor-parser
10, libseccomp
11, libselinux
12, makeWrapper
13, procps
14, nixosTests
15}:
16
17buildGoModule rec {
18 pname = "runc";
19 version = "1.0.2";
20
21 src = fetchFromGitHub {
22 owner = "opencontainers";
23 repo = "runc";
24 rev = "v${version}";
25 sha256 = "sha256-l+Uq7aiXFrI+qbKSOZpYFIXz0VJBBR7ZZxlAJeGb7K4=";
26 };
27
28 vendorSha256 = null;
29 outputs = [ "out" "man" ];
30
31 nativeBuildInputs = [ go-md2man installShellFiles makeWrapper pkg-config which ];
32
33 buildInputs = [ libselinux libseccomp libapparmor ];
34
35 makeFlags = [ "BUILDTAGS+=seccomp" ];
36
37 buildPhase = ''
38 runHook preBuild
39 patchShebangs .
40 make ${toString makeFlags} runc man
41 runHook postBuild
42 '';
43
44 installPhase = ''
45 runHook preInstall
46 install -Dm755 runc $out/bin/runc
47 installManPage man/*/*.[1-9]
48 wrapProgram $out/bin/runc \
49 --prefix PATH : ${lib.makeBinPath [ procps ]} \
50 --prefix PATH : /run/current-system/systemd/bin
51 runHook postInstall
52 '';
53
54 passthru.tests = { inherit (nixosTests) cri-o docker podman; };
55
56 meta = with lib; {
57 homepage = "https://github.com/opencontainers/runc";
58 description = "A CLI tool for spawning and running containers according to the OCI specification";
59 license = licenses.asl20;
60 maintainers = with maintainers; [ offline ] ++ teams.podman.members;
61 platforms = platforms.linux;
62 };
63}