Packit: add jobs for downstream Fedora package builds

.packit.sh

@@ -6,6 +6,9 @@
 
 set -eo pipefail
 
+# Set path to rpm spec file
+SPEC_FILE=rpm/container-selinux.spec
+
 # Get Version from HEAD
 HEAD_VERSION=$(grep '^policy_module' container.te | sed 's/[^0-9.]//g')
 
@@ -15,13 +18,10 @@ git archive --prefix=container-selinux-$HEAD_VERSION/ -o container-selinux-$HEAD
 # RPM Spec modifications
 
 # Update Version in spec with Version from container.te
-sed -i "s/^Version:.*/Version: $HEAD_VERSION/" container-selinux.spec
+sed -i "s/^Version:.*/Version: $HEAD_VERSION/" $SPEC_FILE
 
 # Update Release in spec with Packit's release envvar
-sed -i "s/^Release:.*/Release: $PACKIT_RPMSPEC_RELEASE%{?dist}/" container-selinux.spec
+sed -i "s/^Release:.*/Release: $PACKIT_RPMSPEC_RELEASE%{?dist}/" $SPEC_FILE
 
 # Update Source tarball name in spec
-sed -i "s/^Source:.*.tar.gz/Source: %{name}-$HEAD_VERSION.tar.gz/" container-selinux.spec
-
-# Update setup macro to use the correct build dir
-sed -i "s/^%setup.*/%autosetup -Sgit -n %{name}-$HEAD_VERSION/" container-selinux.spec
+sed -i "s/^Source:.*.tar.gz/Source: %{name}-$HEAD_VERSION.tar.gz/" $SPEC_FILE

.packit.yaml

@@ -5,7 +5,8 @@
 # Build targets can be found at:
 # https://copr.fedorainfracloud.org/coprs/rhcontainerbot/packit-builds/
 
-specfile_path: container-selinux.spec
+specfile_path: rpm/container-selinux.spec
+upstream_tag_template: v{version}
 
 jobs:
   - &copr
@@ -27,8 +28,6 @@ jobs:
       - make
       - rpkg
     actions:
-      post-upstream-clone:
-        - rpkg spec --outdir ./
       fix-spec-file:
         - bash .packit.sh
 
@@ -69,3 +68,19 @@ jobs:
     targets: *pr_copr_targets
     identifier: podman_system_test
     tmt_plan: "/plans/podman_system_test"
+
+  - job: propose_downstream
+    trigger: release
+    update_release: false
+    dist_git_branches:
+      - fedora-all
+
+  - job: koji_build
+    trigger: commit
+    dist_git_branches:
+      - fedora-all
+
+  - job: bodhi_update
+    trigger: commit
+    dist_git_branches:
+      - fedora-branched # rawhide updates are created automatically

container-selinux.spec.rpkg → rpm/container-selinux.spec

@@ -1,10 +1,8 @@
-# For automatic rebuilds in COPR
-
-# The following tag is to get correct syntax highlighting for this file in vim text editor
-# vim: syntax=spec
-
 %global debug_package %{nil}
 
+# container-selinux upstream
+%global git0 https://github.com/containers/container-selinux
+
 # container-selinux stuff (prefix with ds_ for version/release etc.)
 # Some bits borrowed from the openstack-selinux package
 %global selinuxtype targeted
@@ -16,15 +14,29 @@
 # Format must contain '$x' somewhere to do anything useful
 %global _format() export %1=""; for x in %{modulenames}; do %1+=%2; %1+=" "; done;
 
-Name: {{{ git_dir_name }}}
+# copr_username is only set on copr environments, not on others like koji
+%if "%{?copr_username}" != "rhcontainerbot"
+%bcond_with copr
+%else
+%bcond_without copr
+%endif
+
+Name: container-selinux
+# Set different Epochs for copr and koji
+%if %{with copr}
 Epoch: 101
-Version: {{{ git_dir_version }}}
-Release: 1%{?dist}
-License: GPLv2
-URL: https://github.com/containers/container-selinux
+%else
+Epoch: 2
+%endif
+# Keep Version in upstream specfile at 0. It will be automatically set
+# to the correct value by Packit for copr and koji builds.
+# IGNORE this comment if you're looking at it in dist-git.
+Version: 0
+Release: %autorelease
+License: GPL-2.0-only
+URL: %{git0}
 Summary: SELinux policies for container runtimes
-VCS: {{{ git_dir_vcs }}}
-Source: {{{ git_dir_pack }}}
+Source0: %{git0}/archive/v%{version}.tar.gz
 BuildArch: noarch
 BuildRequires: make
 BuildRequires: git-core
@@ -48,24 +60,26 @@ Conflicts: k3s-selinux <= 0.4-1
 SELinux policy modules for use with container runtimes.
 
 %prep
-{{{ git_dir_setup_macro }}}
+%autosetup -Sgit %{name}-%{version}
 
 # Remove some lines for RHEL 8 build
 %if ! 0%{?fedora} && 0%{?rhel} <= 8
 sed -i 's/watch watch_reads//' container.if
 sed -i '/sysfs_t:dir watch/d' container.te
-sed -i '/systemd_chat_resolved/d' container.te
+sed -i '/^systemd_chat_resolved/d' container.te
 %endif
 
-sed -i 's/man: install-policy/man:/' Makefile
-sed -i 's/install: man/install:/' Makefile
+sed -i 's/^man: install-policy/man:/' Makefile
+sed -i 's/^install: man/install:/' Makefile
 
 # https://github.com/containers/container-selinux/issues/203
 %if 0%{?fedora} <= 37 || 0%{?rhel} <= 9
 sed -i '/user_namespace/d' container.te
 %endif
 
 %build
+
+
 make
 
 %install
@@ -106,17 +120,22 @@ fi
 %files
 %doc README.md
 %{_datadir}/selinux/*
-%{_mandir}/man8/*
 %dir %{_datadir}/containers/selinux
 %{_datadir}/containers/selinux/contexts
 %dir %{_datadir}/udica/templates/
 %{_datadir}/udica/templates/*
+%{_mandir}/man8/container_selinux.8.gz
 
 %triggerpostun -- container-selinux < 2:2.162.1-3
 if %{_sbindir}/selinuxenabled ; then
     echo "Fixing Rootless SELinux labels in homedir"
     %{_sbindir}/restorecon -R /home/*/.local/share/containers/storage/overlay*  2> /dev/null
 fi
 
+%if 0%{?centos} <= 8
+* Mon May 01 2023 RH Container Bot <[email protected]>
+- Dummy changelog for CentOS Stream 8
+%else
 %changelog
-{{{ git_dir_changelog }}}
+%autochangelog
+%endif

rpm/update-spec-version.sh

@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+
+# This script will update the Version field in the spec which is set to 0 by
+# default. Useful for local manual rpm builds where the Version needs to be set
+# correctly.
+
+SPEC_FILE=$(pwd)/container-selinux.spec
+LATEST_TAG=$(git tag --sort=creatordate | tail -1)
+LATEST_VERSION=$(echo $LATEST_TAG | sed -e 's/^v//')
+
+sed -i "s/^Version:.*/Version: $LATEST_VERSION/" $SPEC_FILE