tjh.dev
1{
2 stdenv,
3 lib,
4 fetchFromGitHub,
5 autoreconfHook,
6 go-md2man,
7 pkg-config,
8 libcap,
9 libseccomp,
10 python3,
11 systemd,
12 yajl,
13 nixosTests,
14 criu,
15}:
16
17let
18 # these tests require additional permissions
19 disabledTests = [
20 "test_capabilities.py"
21 "test_cwd.py"
22 "test_delete.py"
23 "test_detach.py"
24 "test_exec.py"
25 "test_hooks.py"
26 "test_hostname.py"
27 "test_oci_features"
28 "test_paths.py"
29 "test_pid.py"
30 "test_pid_file.py"
31 "test_preserve_fds.py"
32 "test_resources"
33 "test_seccomp"
34 "test_start.py"
35 "test_uid_gid.py"
36 "test_update.py"
37 "tests_libcrun_utils"
38 ];
39
40in
41stdenv.mkDerivation rec {
42 pname = "crun";
43 version = "1.22";
44
45 src = fetchFromGitHub {
46 owner = "containers";
47 repo = "crun";
48 rev = version;
49 hash = "sha256-6XhwGuV9btN7wuwJuQITHtVTKBcawTuMG8lY22RMdWk=";
50 fetchSubmodules = true;
51 };
52
53 nativeBuildInputs = [
54 autoreconfHook
55 go-md2man
56 pkg-config
57 python3
58 ];
59
60 buildInputs = [
61 criu
62 libcap
63 libseccomp
64 systemd
65 yajl
66 ];
67
68 enableParallelBuilding = true;
69 strictDeps = true;
70
71 NIX_LDFLAGS = "-lcriu";
72
73 # we need this before autoreconfHook does its thing in order to initialize
74 # config.h with the correct values
75 postPatch = ''
76 echo ${version} > .tarball-version
77 echo '#define GIT_VERSION "${src.rev}"' > git-version.h
78
79 ${lib.concatMapStringsSep "\n" (
80 e: "substituteInPlace Makefile.am --replace 'tests/${e}' ''"
81 ) disabledTests}
82 '';
83
84 doCheck = true;
85
86 passthru.tests = { inherit (nixosTests) podman; };
87
88 meta = {
89 changelog = "https://github.com/containers/crun/releases/tag/${version}";
90 description = "Fast and lightweight fully featured OCI runtime and C library for running containers";
91 homepage = "https://github.com/containers/crun";
92 license = lib.licenses.gpl2Plus;
93 platforms = lib.platforms.linux;
94 teams = [ lib.teams.podman ];
95 mainProgram = "crun";
96 };
97}