feat: switch to binary runc and containerd install (#333) * feat: switch to binary runc and containerd install * fix: always download directly to dst node * feat: add crictl role * ci: add tests for binary downloads * ci: rename scenario and add matrix * ci: move to using prepare * ci: stop using anchors * chore: refactor to download_artifact * chore: add jammy to containerd+runc * chore: bump ansible-lint * chore: add more platforms for cri * fix: ensure tar command exists * chore: drop amznlinux2 --------- Co-authored-by: Mohammed Naser <mnaser@vexxhost.com>

commit: 4ace418dddae41023dd51fa88d86abfdac0aff61 [log] [tgz]
author: Tadas Sutkaitis <tadasas@gmail.com> Mon Feb 27 04:31:52 2023 +0200
committer: GitHub <noreply@github.com> Sun Feb 26 21:31:52 2023 -0500
tree: 660e92474a25cfa9cc0f0197d73989d342fd0c64
parent: b3435234f3f439eb62d46449d6e7e462ca97f9b5 [diff]
diff --git a/roles/runc/README.md b/roles/runc/README.md
new file mode 100644
index 0000000..0bb4bd9
--- /dev/null
+++ b/roles/runc/README.md

@@ -0,0 +1 @@
+# `runc`

diff --git a/roles/runc/defaults/main.yml b/roles/runc/defaults/main.yml
new file mode 100644
index 0000000..18e3926
--- /dev/null
+++ b/roles/runc/defaults/main.yml

@@ -0,0 +1,30 @@
+# Copyright (c) 2023 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+runc_bin_dir: /usr/bin
+
+runc_version: v1.1.4
+runc_checksums:
+  arm64:
+    v1.1.4: dbb71e737eaef454a406ce21fd021bd8f1b35afb7635016745992bbd7c17a223
+  amd64:
+    v1.1.4: db772be63147a4e747b4fe286c7c16a2edc4a8458bd3092ea46aaee77750e8ce
+
+runc_download_url: "https://github.com/opencontainers/runc/releases/download/{{ runc_version }}/runc.{{ download_artifact_goarch }}"
+runc_download_dest: "{{ download_artifact_work_directory }}/runc-{{ runc_version }}-{{ ansible_system | lower }}-{{ download_artifact_goarch }}"
+runc_binary_checksum: "{{ runc_checksums[download_artifact_goarch][runc_version] }}"
+
+# NOTE(mnaser): This is to accomodate for the uninstallation of the old packages
+#               that shipped with the operating system
+runc_package_name: runc

diff --git a/roles/runc/meta/main.yml b/roles/runc/meta/main.yml
new file mode 100644
index 0000000..7a61d82
--- /dev/null
+++ b/roles/runc/meta/main.yml

@@ -0,0 +1,46 @@
+# Copyright (c) 2023 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+galaxy_info:
+  author: VEXXHOST, Inc.
+  description: Ansible role for "runc"
+  license: Apache-2.0
+  min_ansible_version: 5.5.0
+  standalone: false
+  platforms:
+    - name: Debian
+      versions:
+        - buster
+        - bullseye
+    - name: Fedora
+      versions:
+        - "36"
+        - "37"
+    - name: EL
+      versions:
+        - "8"
+        - "9"
+    - name: Ubuntu
+      versions:
+        - focal
+        - jammy
+
+dependencies:
+  - role: download_artifact
+    vars:
+      download_artifact_url: "{{ runc_download_url }}"
+      download_artifact_dest: "{{ runc_download_dest }}"
+      download_artifact_checksum: "sha256:{{ runc_binary_checksum }}"
+      download_artifact_owner: root
+      download_artifact_mode: "0755"

diff --git a/roles/runc/tasks/main.yml b/roles/runc/tasks/main.yml
new file mode 100644
index 0000000..32b815d
--- /dev/null
+++ b/roles/runc/tasks/main.yml

@@ -0,0 +1,31 @@
+# Copyright (c) 2023 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+- name: Uninstall runc package
+  ansible.builtin.package:
+    name: "{{ runc_package_name }}"
+    state: absent
+
+- name: Copy runc binary from download dir
+  ansible.builtin.copy:
+    src: "{{ runc_download_dest }}"
+    dest: "{{ runc_bin_dir }}/runc"
+    mode: "0755"
+    remote_src: true
+
+- name: Remove runc orphaned binary
+  ansible.builtin.file:
+    path: /usr/bin/runc
+    state: absent
+  when: runc_bin_dir != "/usr/bin"
commit	4ace418dddae41023dd51fa88d86abfdac0aff61	[log] [tgz]
author	Tadas Sutkaitis <tadasas@gmail.com>	Mon Feb 27 04:31:52 2023 +0200
committer	GitHub <noreply@github.com>	Sun Feb 26 21:31:52 2023 -0500
tree	660e92474a25cfa9cc0f0197d73989d342fd0c64
parent	b3435234f3f439eb62d46449d6e7e462ca97f9b5 [diff]