From 3c7501421e93f536c0e5eaccb17fe73e7f1ac8e0 Mon Sep 17 00:00:00 2001
From: leigh capili <leigh@null.net>
Date: Wed, 11 Sep 2019 00:15:09 -0600
Subject: [PATCH] Load ignite:dev image into containerd using root via docker

---
 Makefile | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/Makefile b/Makefile
index 6091a6e82..0fea76020 100644
--- a/Makefile
+++ b/Makefile
@@ -7,6 +7,20 @@ SHELL:=/bin/bash
 # Set the command for running `docker`
 # -- allows user to override for things like sudo usage or container images 
 DOCKER := docker
+# Find the host containerd sock
+CONTAINERD_SOCK := $(shell \
+	ls 2>/dev/null \
+		/run/containerd/containerd.sock \
+		/run/docker/containerd/containerd.sock \
+		| head -n1 \
+	)
+# Set the command for running `ctr`
+# Use root inside a container with the host containerd socket
+# This is a form of privilege escalation that avoids interactive sudo during make
+CTR := $(DOCKER) run -i --rm \
+		-v $(CONTAINERD_SOCK):/run/containerd/containerd.sock \
+		linuxkit/containerd:751de142273e1b5d2d247d2832d654ab92e907bc \
+		ctr
 UID_GID?=$(shell id -u):$(shell id -g)
 FIRECRACKER_VERSION:=$(shell cat hack/FIRECRACKER_VERSION)
 GO_VERSION=1.12.9
@@ -82,6 +96,9 @@ endif
 ifeq ($(GOARCH),$(GOHOSTARCH))
 	# Only tag the development image if its architecture matches the host
 	$(DOCKER) tag $(IMAGE):${IMAGE_DEV_TAG}-$(GOARCH) $(IMAGE):${IMAGE_DEV_TAG}
+	# Load the dev image into the host's containerd content store
+	$(DOCKER) image save $(IMAGE):${IMAGE_DEV_TAG} \
+		| $(CTR) -n firecracker image import -
 endif
 ifeq ($(IS_DIRTY),0)
 	$(DOCKER) tag $(IMAGE):${IMAGE_DEV_TAG}-$(GOARCH) $(IMAGE):${IMAGE_TAG}-$(GOARCH)