Multiarch nonewprivs test image

test/images/BUILD

@@ -31,6 +31,7 @@ filegroup(
         "//test/images/nettest:all-srcs",
         "//test/images/no-snat-test:all-srcs",
         "//test/images/no-snat-test-proxy:all-srcs",
+        "//test/images/nonewprivs:all-srcs",
         "//test/images/port-forward-tester:all-srcs",
         "//test/images/porter:all-srcs",
         "//test/images/resource-consumer:all-srcs",

test/images/nonewprivs/BASEIMAGE

@@ -0,0 +1,4 @@
+amd64=alpine:3.6
+arm=arm32v6/alpine:3.6
+arm64=arm64v8/alpine:3.6
+ppc64le=ppc64le/alpine:3.6

test/images/nonewprivs/BUILD

@@ -0,0 +1,34 @@
+package(default_visibility = ["//visibility:public"])
+
+licenses(["notice"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_binary",
+    "go_library",
+)
+
+go_binary(
+    name = "nonewprivs",
+    library = ":go_default_library",
+    tags = ["automanaged"],
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = ["nnp.go"],
+    tags = ["automanaged"],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+)

test/images/nonewprivs/Dockerfile

@@ -12,7 +12,9 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-FROM alpine:latest
+FROM BASEIMAGE
+
+CROSS_BUILD_COPY qemu-QEMUARCH-static /usr/bin/
 
 COPY nnp /usr/local/bin/nnp
 RUN chmod +s /usr/local/bin/nnp

test/images/nonewprivs/Makefile

@@ -12,22 +12,14 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-.PHONY: all image push clean
+SRCS = nnp
+ARCH ?= amd64
+TARGET ?= $(CURDIR)
+GOLANG_VERSION ?= latest
+SRC_DIR = $(notdir $(shell pwd))
+export
 
-TAG = 1.2
+bin:
-PREFIX = gcr.io/google_containers
+	../image-util.sh bin $(SRCS)
 
-
+.PHONY: bin
-all: push
-
-nnp: nnp.c
-	gcc -static -o $@ $@.c
-
-image: nnp
-	docker build --pull -t $(PREFIX)/nonewprivs:$(TAG) .
-
-push: image
-	gcloud docker -- push $(PREFIX)/nonewprivs:$(TAG)
-
-clean:
-	rm -f nnp

test/images/nonewprivs/VERSION

@@ -0,0 +1 @@
+1.0

test/images/nonewprivs/nnp.c

@@ -1,22 +0,0 @@
-// Copyright 2017 The Kubernetes Authors.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#include <stdio.h>
-#include <unistd.h>
-#include <sys/types.h>
-
-int main(int argc, char *argv[]){
-        printf("Effective uid: %d\n", geteuid());
-        return 0;
-}

test/images/nonewprivs/nnp.go

@@ -0,0 +1,26 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package main
+
+import (
+	"fmt"
+	"os"
+)
+
+func main() {
+	fmt.Printf("Effective uid: %d\n", os.Geteuid())
+}