opencontainers
diff --git a/‎.gitignore‎
Lines changed: 2 additions & 0 deletions b/‎.gitignore‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎.pullapprove.yml‎
Lines changed: 9 additions & 0 deletions b/‎.pullapprove.yml‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎.tool/version-doc.go‎
Lines changed: 25 additions & 0 deletions b/‎.tool/version-doc.go‎
Lines changed: 25 additions & 0 deletions
diff --git a/‎.travis.yml‎
Lines changed: 3 additions & 4 deletions b/‎.travis.yml‎
Lines changed: 3 additions & 4 deletions
diff --git a/‎Makefile‎
Lines changed: 70 additions & 26 deletions b/‎Makefile‎
Lines changed: 70 additions & 26 deletions
diff --git a/‎README.md‎
Lines changed: 9 additions & 7 deletions b/‎README.md‎
Lines changed: 9 additions & 7 deletions
diff --git a/‎ROADMAP.md‎
Lines changed: 0 additions & 48 deletions b/‎ROADMAP.md‎
Lines changed: 0 additions & 48 deletions
diff --git a/‎code-of-conduct.md‎
Lines changed: 0 additions & 37 deletions b/‎code-of-conduct.md‎
Lines changed: 0 additions & 37 deletions
diff --git a/‎config-linux.md‎
Lines changed: 2 additions & 2 deletions b/‎config-linux.md‎
Lines changed: 2 additions & 2 deletions
@@ -1,2 +1,4 @@
 output
 schema/validate
+code-of-conduct.md
+version.md
@@ -0,0 +1,9 @@
+approve_by_comment: true
+approve_regex: ^LGTM
+reject_regex: ^Rejected
+reset_on_push: true
+reviewers:
+  teams:
+  - runtime-spec-maintainers
+  name: default
+  required: 2
@@ -0,0 +1,25 @@
+// +build ignore
+
+package main
+
+import (
+	"fmt"
+	"html/template"
+	"os"
+
+	"github.com/opencontainers/runtime-spec/specs-go"
+)
+
+var markdownTemplateString = `
+
+**Specification Version:** *{{.}}*
+
+`
+
+var markdownTemplate = template.Must(template.New("markdown").Parse(markdownTemplateString))
+
+func main() {
+	if err := markdownTemplate.Execute(os.Stdout, specs.Version); err != nil {
+		fmt.Fprintln(os.Stderr, err)
+	}
+}
@@ -6,13 +6,12 @@ go:
 sudo: false
 
 before_install:
-  - go version | (grep -q 'go1.[56]' || exit 0 && go get -u github.com/golang/lint/golint )
-  - go get -u github.com/vbatts/git-validation
+  - make install.tools
 
 install: true
 
 script:
-  - go vet -x ./...
+  - make .govet
   - make .golint
-  - git-validation -run DCO,short-subject,dangling-whitespace -v
+  - make .gitvalidation
 
@@ -1,7 +1,24 @@
 
-DOCKER ?= $(shell which docker)
+SHELL  ?= $(shell command -v bash 2>/dev/null)
+DOCKER ?= $(shell command -v docker 2>/dev/null)
+PANDOC ?= $(shell command -v pandoc 2>/dev/null)
+ifeq "$(strip $(PANDOC))" ''
+	ifneq "$(strip $(DOCKER))" ''
+		PANDOC = $(DOCKER) run \
+			-it \
+			--rm \
+			-v $(shell pwd)/:/input/:ro \
+			-v $(shell pwd)/output/:/output/ \
+			-u $(shell id -u) \
+			vbatts/pandoc
+		PANDOC_SRC := /input/
+		PANDOC_DST := /
+	endif
+endif
+
 # These docs are in an order that determines how they show up in the PDF/HTML docs.
 DOC_FILES := \
+	version.md \
 	README.md \
 	code-of-conduct.md \
 	principles.md \
@@ -14,34 +31,33 @@ DOC_FILES := \
 	runtime-linux.md \
 	config.md \
 	config-linux.md \
+	config-solaris.md \
 	glossary.md
-EPOCH_TEST_COMMIT := 041eb73d2e0391463894c04c8ac938036143eba3
+EPOCH_TEST_COMMIT := 78e6667ae2d67aad100b28ee9580b41b7a24e667
+
+default: docs
 
-docs: pdf html
 .PHONY: docs
+docs: output/docs.pdf output/docs.html
 
-pdf:
-	@mkdir -p output/ && \
-	$(DOCKER) run \
-	-it \
-	--rm \
-	-v $(shell pwd)/:/input/:ro \
-	-v $(shell pwd)/output/:/output/ \
-	-u $(shell id -u) \
-	vbatts/pandoc -f markdown_github -t latex -o /output/docs.pdf $(patsubst %,/input/%,$(DOC_FILES)) && \
-	ls -sh $(shell readlink -f output/docs.pdf)
-
-html:
-	@mkdir -p output/ && \
-	$(DOCKER) run \
-	-it \
-	--rm \
-	-v $(shell pwd)/:/input/:ro \
-	-v $(shell pwd)/output/:/output/ \
-	-u $(shell id -u) \
-	vbatts/pandoc -f markdown_github -t html5 -o /output/docs.html $(patsubst %,/input/%,$(DOC_FILES)) && \
-	ls -sh $(shell readlink -f output/docs.html)
+ifeq "$(strip $(PANDOC))" ''
+output/docs.pdf output/docs.html:
+	$(error cannot build $@ without either pandoc or docker)
+else
+output/docs.pdf: $(DOC_FILES)
+	mkdir -p output/ && \
+	$(PANDOC) -f markdown_github -t latex -o $(PANDOC_DST)$@ $(patsubst %,$(PANDOC_SRC)%,$(DOC_FILES))
+
+output/docs.html: $(DOC_FILES)
+	mkdir -p output/ && \
+	$(PANDOC) -f markdown_github -t html5 -o $(PANDOC_DST)$@ $(patsubst %,$(PANDOC_SRC)%,$(DOC_FILES))
+endif
 
+code-of-conduct.md:
+	curl -o $@ https://raw.githubusercontent.com/opencontainers/tob/d2f9d68c1332870e40693fe077d311e0742bc73d/code-of-conduct.md
+
+version.md: ./specs-go/version.go
+	go run ./.tool/version-doc.go > $@
 
 HOST_GOLANG_VERSION	= $(shell go version | cut -d ' ' -f3 | cut -c 3-)
 # this variable is used like a function. First arg is the minimum version, Second arg is the version to be checked.
@@ -53,19 +69,47 @@ test: .govet .golint .gitvalidation
 
 # `go get golang.org/x/tools/cmd/vet`
 .govet:
+	@go tool | grep -qw vet || (echo "ERROR: 'go vet' not found. Consider 'make install.tools' target" && false)
 	go vet -x ./...
 
 # `go get github.com/golang/lint/golint`
 .golint:
 ifeq ($(call ALLOWED_GO_VERSION,1.5,$(HOST_GOLANG_VERSION)),true)
+	@which golint > /dev/null 2>/dev/null || (echo "ERROR: golint not found. Consider 'make install.tools' target" && false)
 	golint ./...
 endif
 
 
-# `go get github.com/vbatts/git-validation`
+# When this is running in travis, it will only check the travis commit range
 .gitvalidation:
-	git-validation -q -run DCO,short-subject -v -range $(EPOCH_TEST_COMMIT)..HEAD
+	@which git-validation > /dev/null 2>/dev/null || (echo "ERROR: git-validation not found. Consider 'make install.tools' target" && false)
+ifeq ($(TRAVIS),true)
+	git-validation -q -run DCO,short-subject,dangling-whitespace
+else
+	git-validation -v -run DCO,short-subject,dangling-whitespace -range $(EPOCH_TEST_COMMIT)..HEAD
+endif
+
+
+.PHONY: install.tools
+install.tools: .install.golint .install.govet .install.gitvalidation
+
+# golint does not even build for <go1.5
+.install.golint:
+ifeq ($(call ALLOWED_GO_VERSION,1.5,$(HOST_GOLANG_VERSION)),true)
+	go get github.com/golang/lint/golint
+endif
+
+# go vet is now included in >=go1.5, so no need to get it.
+.install.govet:
+ifeq ($(call ALLOWED_GO_VERSION,1.5,$(HOST_GOLANG_VERSION)),true)
+	go get golang.org/x/tools/cmd/vet
+endif
+
+.install.gitvalidation:
+	go get github.com/vbatts/git-validation
+
 
+.PHONY: clean
 clean:
 	rm -rf output/ *~
 
@@ -6,18 +6,20 @@ The [Open Container Initiative](http://www.opencontainers.org/) develops specifi
 Table of Contents
 
 - [Introduction](README.md)
-  - [Code of Conduct](code-of-conduct.md)
+  - [Code of Conduct](#code-of-conduct)
   - [Container Principles](principles.md)
   - [Style and Conventions](style.md)
   - [Roadmap](ROADMAP.md)
   - [Implementations](implementations.md)
   - [project](project.md)
 - [Filesystem Bundle](bundle.md)
-- [Runtime and Lifecycle](runtime.md)
-  - [Linux Specific Runtime](runtime-linux.md)
+- Runtime and Lifecycle
+  - [General Runtime and Lifecycle](runtime.md)
+  - [Linux-specific Runtime and Lifecycle](runtime-linux.md)
 - Configuration
-  - [General](config.md)
-  - [Linux-specific](config-linux.md)
+  - [General Configuration](config.md)
+  - [Linux-specific Configuration](config-linux.md)
+  - [Solaris-specific Configuration](config-solaris.md)
 - [Glossary](glossary.md)
 
 In the specifications in the above table of contents, the keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as described in [RFC 2119](http://tools.ietf.org/html/rfc2119) (Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997).
@@ -54,11 +56,11 @@ During the `0.x` series of OCI releases we make no backwards compatibility guara
 Development happens on GitHub for the spec.
 Issues are used for bugs and actionable items and longer discussions can happen on the [mailing list](#mailing-list).
 
-The specification and code is licensed under the Apache 2.0 license found in the `LICENSE` file of this repository.
+The specification and code is licensed under the Apache 2.0 license found in the [LICENSE](./LICENSE) file.
 
 ## Code of Conduct
 
-Participation in the OpenContainers community is governed by [OpenContainer's Code of Conduct](https://github.com/opencontainers/tob/blob/master/code-of-conduct.md).
+Participation in the OpenContainers community is governed by [OpenContainer's Code of Conduct](https://github.com/opencontainers/tob/blob/d2f9d68c1332870e40693fe077d311e0742bc73d/code-of-conduct.md).
 
 ## Discuss your design
 
 
@@ -10,26 +10,6 @@ Listed topics may defer to the [project wiki](https://github.com/opencontainers/
 
 ## 1.0
 
-### Digest and Hashing
-
-A bundle is designed to be moved between hosts.
-Although OCI doesn't define a transport method we should have a cryptographic digest of the on-disk bundle that can be used to verify that a bundle is not corrupted and in an expected configuration.
-
-*Owner:* philips
-
-### Define Container Lifecycle
-
-Containers have a lifecycle and being able to identify and document the lifecycle of a container is very helpful for implementations of the spec.
-The lifecycle events of a container also help identify areas to implement hooks that are portable across various implementations and platforms.
-
-*Owner:* mrunalp
-
-### Define Standard Container Actions (Target release: v0.3.0)
-
-Define what type of actions a runtime can perform on a container without imposing hardships on authors of platforms that do not support advanced options.
-
-*Owner:* duglin
-
 ### Container Definition
 
 Define what a software container is and its attributes in a cross platform way.
@@ -46,18 +26,6 @@ Proposal: make it an optional feature
 
 *Owner:* hqhq (was vishh) robdolinms, bcorrie
 
-### Validation Tooling (Target release: v0.3.0)
-
-Provide validation tooling for compliance with OCI spec and runtime environment.
-
-*Owner:* mrunalp
-
-### Testing Framework
-
-Provide a testing framework for compliance with OCI spec and runtime environment.
-
-*Owner:* liangchenye
-
 ### Version Schema
 
 Decide on a robust versioning schema for the spec as it evolves.
@@ -66,16 +34,6 @@ Resolved but release process could evolve. Resolved for v0.2.0, expect to revisi
 
 *Owner:* vbatts
 
-### Printable/Compiled Spec
-
-Regardless of how the spec is written, ensure that it is easy to read and follow for first time users.
-
-Part of this is resolved.  Produces an html & pdf.
-Done
-Would be nice to publish to the OCI web site as part of our release process.
-
-*Owner:* vbatts
-
 ### Base Config Compatibility
 
 Ensure that the base configuration format is viable for various platforms.
@@ -95,9 +53,3 @@ Ensure that we have lifecycle hooks in the correct places with full coverage ove
 Will probably go away with Vish's work on splitting create and start, and if we have exec.
 
 *Owner:*
-
-### Distributable Format
-
-A common format for serializing and distributing bundles.
-
-*Owner:* vbatts
@@ -1,7 +1,7 @@
 # Linux-specific Container Configuration
 
+This document describes the schema for the [Linux-specific section](config.md#platform-specific-configuration) of the [container configuration](config.md).
 The Linux container specification uses various kernel features like namespaces, cgroups, capabilities, LSM, and file system jails to fulfill the spec.
-Additional information is needed for Linux over the [default spec configuration](config.md) in order to configure these various kernel features.
 
 ## Default File Systems
 
@@ -88,7 +88,7 @@ Also, when a path is specified, a runtime MUST assume that the setup for that pa
 ```
 
 uid/gid mappings describe the user namespace mappings from the host to the container.
-The mappings represent how the bundle `rootfs` expects the user namespace to be setup and the runtime SHOULD NOT modify the permissions on the rootfs to realize the mapping.
+The runtime SHOULD NOT modify the ownership of referenced filesystems to realize the mapping.
 *hostID* is the starting uid/gid on the host to be mapped to *containerID* which is the starting uid/gid in the container and *size* refers to the number of ids to be mapped.
 There is a limit of 5 mappings which is the Linux kernel hard limit.