From abd0bfdc4cdb10fb4a515ac78a3c42dcd38abf3b Mon Sep 17 00:00:00 2001
From: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Date: Thu, 19 Nov 2020 02:14:34 +0900
Subject: [PATCH] base: update runc to master (Nov 18, 2020)

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
---
 images/base/Dockerfile | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/images/base/Dockerfile b/images/base/Dockerfile
index 9ca4dfae32..c68ed05088 100644
--- a/images/base/Dockerfile
+++ b/images/base/Dockerfile
@@ -12,6 +12,16 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+# runc (v1.0.0-rc93-pre)
+FROM golang:1.15-alpine AS runc
+RUN apk add --no-cache git build-base libseccomp-dev
+RUN git clone -q https://github.com/opencontainers/runc.git /go/src/github.com/opencontainers/runc
+WORKDIR /go/src/github.com/opencontainers/runc
+# Nov 18, 2020
+ARG RUNC_VERSION="689513cc0946d8e968abbe35544d5a7827d2bcfa"
+RUN git checkout "${RUNC_VERSION}"
+RUN make static install
+
 # kind node base image
 #
 # For systemd + docker configuration used below, see the following references:
@@ -88,10 +98,7 @@ RUN echo "Ensuring scripts are executable ..." \
     && tar -C /usr/local -xzvf /tmp/containerd.tgz \
     && rm -rf /tmp/containerd.tgz \
     && rm -f /usr/local/bin/containerd-stress /usr/local/bin/containerd-shim-runc-v1 \
-    && curl -sSL --retry 5 --output /usr/local/sbin/runc "${CONTAINERD_BASE_URL}/runc.${ARCH}" \
-    && chmod 755 /usr/local/sbin/runc \
     && containerd --version \
-    && runc --version \
     && systemctl enable containerd \
  && echo "Installing crictl ..." \
     && export CRICTL_URL="https://github.com/kubernetes-sigs/cri-tools/releases/download/${CRICTL_VERSION}/crictl-${CRICTL_VERSION}-linux-${ARCH}.tar.gz" \
@@ -117,6 +124,8 @@ RUN echo "Ensuring scripts are executable ..." \
  && echo "Adjusting systemd-tmpfiles timer" \
     && sed -i /usr/lib/systemd/system/systemd-tmpfiles-clean.timer -e 's#OnBootSec=.*#OnBootSec=1min#'
 
+COPY --from=runc /usr/local/sbin/runc /usr/local/sbin/runc
+
 # tell systemd that it is in docker (it will check for the container env)
 # https://systemd.io/CONTAINER_INTERFACE/
 ENV container docker