From 6652633ce55e36cecb42a9569666571ed1eb5671 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Tue, 23 May 2023 09:15:03 -0400 Subject: [PATCH 1/3] [CI:BUILD] Packit: add jobs for downstream Fedora package builds Get rid of `podman.spec.rpkg` in favour of `rpm/podman.spec` which gets synced with fedora dist-git on every upstream release. The version in the new spec file is set to `0` by default and gets updated by packit automatically on every packit task. For local manual rpm builds using the spec, the helper script in the `rpm/` subdir will update the Version field with the latest version found in the upstream repo. Packit will automatically create a PR on fedora dist-git on every new upstream release. A sample PR will look like: https://src.fedoraproject.org/rpms/container-selinux/pull-request/10# A dry run for this can be triggered using: `$ packit propose-downstream --local-content` To run this command locally, you would need to have your packit user-configuration-file set. Ref: https://packit.dev/docs/configuration/#user-configuration-file along with a fedora api key created at: https://src.fedoraproject.org/settings#nav-api-tab with sufficient ACLs. Also includes a revised `package` Makefile target which will build rpms using `rpm/podman.spec`. Fixes: #18421. [NO NEW TESTS NEEDED] Signed-off-by: Lokesh Mandvekar (cherry picked from commit 6003dca9c78f6dde90f269ff7cac78e14735e157) Signed-off-by: Lokesh Mandvekar --- .packit.sh | 25 ++- .packit.yaml | 26 ++- Makefile | 2 +- podman.spec.rpkg | 260 ---------------------- rpm/Makefile | 10 + rpm/podman.spec | 422 ++++++++++++++++++++++++++++++++++++ rpm/update-spec-provides.sh | 13 ++ rpm/update-spec-version.sh | 11 + 8 files changed, 497 insertions(+), 272 deletions(-) delete mode 100644 podman.spec.rpkg create mode 100644 rpm/Makefile create mode 100644 rpm/podman.spec create mode 100644 rpm/update-spec-provides.sh create mode 100644 rpm/update-spec-version.sh diff --git a/.packit.sh b/.packit.sh index 03401c01ba..4b8d5c0cf6 100644 --- a/.packit.sh +++ b/.packit.sh @@ -5,24 +5,33 @@ set -eo pipefail -# Get Version from version/version.go in HEAD -VERSION=$(grep '^const RawVersion' version/rawversion/version.go | cut -d\" -f2 | sed -e 's/-/~/') +# Set path to rpm spec file +SPEC_FILE=rpm/podman.spec + +# Get Version from HEAD +VERSION=$(grep '^const RawVersion' version/rawversion/version.go | cut -d\" -f2) + +# RPM Version can't take "-" +RPM_VERSION=$(echo $VERSION | sed -e 's/-/~/') # Generate source tarball from HEAD git archive --prefix=podman-$VERSION/ -o podman-$VERSION.tar.gz HEAD +# rpmbuild expects source tarball in the same dir as spec file +mv podman-$VERSION.tar.gz rpm/ + # RPM Spec modifications -# Use the Version from version/version.go in rpm spec -sed -i "s/^Version:.*/Version: $VERSION/" podman.spec +# Use the Version from HEAD in rpm spec +sed -i "s/^Version:.*/Version: $RPM_VERSION/" $SPEC_FILE # Use Packit's supplied variable in the Release field in rpm spec. # podman.spec is generated using `rpkg spec --outdir ./` as mentioned in the # `post-upstream-clone` action in .packit.yaml. -sed -i "s/^Release:.*/Release: $PACKIT_RPMSPEC_RELEASE%{?dist}/" podman.spec +sed -i "s/^Release:.*/Release: $PACKIT_RPMSPEC_RELEASE%{?dist}/" $SPEC_FILE # Use above generated tarball as Source in rpm spec -sed -i "s/^Source:.*.tar.gz/Source: podman-$VERSION.tar.gz/" podman.spec +sed -i "s/^Source0:.*.tar.gz/Source0: podman-$VERSION.tar.gz/" $SPEC_FILE -# Use the right build dir for autosetup stage in rpm spec -sed -i "s/^%setup.*/%autosetup -Sgit -n %{name}-$VERSION/" podman.spec +# Update setup macro to use the correct build dir +sed -i "s/^%autosetup.*/%autosetup -Sgit -n %{name}-$VERSION/" $SPEC_FILE diff --git a/.packit.yaml b/.packit.yaml index afb7fd418c..6387dd544b 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -5,7 +5,8 @@ # Build targets can be found at: # https://copr.fedorainfracloud.org/coprs/rhcontainerbot/packit-builds/ -specfile_path: podman.spec +specfile_path: rpm/podman.spec +upstream_tag_template: v{version} jobs: - &copr @@ -18,8 +19,6 @@ jobs: - make - rpkg actions: - post-upstream-clone: - - "rpkg spec --outdir ./" fix-spec-file: - "bash .packit.sh" @@ -30,3 +29,24 @@ jobs: trigger: commit branch: v4.5 project: qm + + - job: propose_downstream + trigger: release + update_release: false + dist_git_branches: + - fedora-all + #TODO use the right action to update the goimports + # For whatever reason, none of the actions seem to work + #actions: + # create-patches: + # - "cd rpm && bash update-spec-provides.sh" + + - job: koji_build + trigger: commit + dist_git_branches: + - fedora-all + + - job: bodhi_update + trigger: commit + dist_git_branches: + - fedora-branched # rawhide updates are created automatically diff --git a/Makefile b/Makefile index 972fc9bc29..ca57ada69d 100644 --- a/Makefile +++ b/Makefile @@ -774,7 +774,7 @@ win-gvproxy: test/version/version .PHONY: package package: ## Build rpm packages - rpkg local + $(MAKE) -C rpm ### ### Installation targets diff --git a/podman.spec.rpkg b/podman.spec.rpkg deleted file mode 100644 index 9ba250872e..0000000000 --- a/podman.spec.rpkg +++ /dev/null @@ -1,260 +0,0 @@ -# For automatic rebuilds in COPR - -# The following tag is to get correct syntax highlighting for this file in vim text editor -# vim: syntax=spec - -%global with_debug 1 - -# _user_tmpfiles.d currently undefined on rhel -%if 0%{?rhel} -%global _user_tmpfilesdir %{_datadir}/user-tmpfiles.d -%endif - -%if 0%{?with_debug} -%global _find_debuginfo_dwz_opts %{nil} -%global _dwz_low_mem_die_limit 0 -%else -%global debug_package %{nil} -%endif - -# RHEL 8's default %%gobuild macro doesn't account for the BUILDTAGS variable, so we -# set it separately here and do not depend on RHEL 8's go-srpm-macros package. -%if !0%{?fedora} && 0%{?rhel} <= 8 -%define gobuild(o:) go build -buildmode pie -compiler gc -tags="rpm_crashtraceback libtrust_openssl ${BUILDTAGS:-}" -ldflags "-linkmode=external -compressdwarf=false ${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags'" -a -v -x %{?**}; -%endif - -Name: {{{ git_dir_name }}} -Epoch: 101 -Version: {{{ git_dir_version }}} -Release: 1%{?dist} -Summary: Manage Pods, Containers and Container Images -License: Apache-2.0 -URL: https://github.com/containers/podman -VCS: {{{ git_dir_vcs }}} -Source: {{{ git_dir_pack }}} -%if 0%{?fedora} && ! 0%{?rhel} -BuildRequires: btrfs-progs-devel -%endif -BuildRequires: gcc -%if 0%{?fedora} >= 37 -BuildRequires: gettext-envsubst -%else -BuildRequires: gettext -%endif -BuildRequires: golang >= 1.16.6 -BuildRequires: glib2-devel -BuildRequires: glibc-devel -BuildRequires: glibc-static -BuildRequires: git-core -BuildRequires: go-md2man -%if 0%{?fedora} || 0%{?rhel} >= 9 -BuildRequires: go-rpm-macros -%endif -%if 0%{?rhel} <= 8 -BuildRequires: pkgconfig(devmapper) -BuildRequires: python3 -%endif -BuildRequires: gpgme-devel -BuildRequires: libassuan-devel -BuildRequires: libgpg-error-devel -BuildRequires: libseccomp-devel -BuildRequires: libselinux-devel -BuildRequires: shadow-utils-subid-devel -BuildRequires: pkgconfig -BuildRequires: make -BuildRequires: ostree-devel -%{?systemd_requires} -BuildRequires: systemd -BuildRequires: systemd-devel -Requires: conmon >= 2:2.0.30-2 -Requires: containers-common-extra >= 4:1-87 -Recommends: catatonit -Conflicts: quadlet -Provides: %{name}-quadlet -Obsoletes: %{name}-quadlet <= 101:0.0.git.17877.f247b4d4-1 -Provides: %{name}-quadlet = %{epoch}:%{version}-%{release} - -%description -%{name} (Pod Manager) is a fully featured container engine that is a simple -daemonless tool. %{name} provides a Docker-CLI comparable command line that -eases the transition from other container engines and allows the management of -pods, containers and images. Simply put: alias docker=%{name}. -Most %{name} commands can be run as a regular user, without requiring -additional privileges. - -%{name} uses Buildah(1) internally to create container images. -Both tools share image (not container) storage, hence each can use or -manipulate images (but not containers) created by the other. - -%package docker -Summary: Emulate Docker CLI using %{name} -BuildArch: noarch -Requires: %{name} = %{epoch}:%{version}-%{release} -Conflicts: docker -Conflicts: docker-latest -Conflicts: docker-ce -Conflicts: docker-ee -Conflicts: moby-engine - -%description docker -This package installs a script named docker that emulates the Docker CLI by -executes %{name} commands, it also creates links between all Docker CLI man -pages and %{name}. - -%package tests -Summary: Tests for %{name} -Requires: %{name} = %{epoch}:%{version}-%{release} -Requires: bats -Requires: jq -Requires: skopeo -Requires: nmap-ncat -Requires: httpd-tools -Requires: openssl -Requires: socat -Requires: buildah -Requires: gnupg - -%description tests -%{summary} - -This package contains system tests for %{name} - -%package remote -Summary: (Experimental) Remote client for managing %{name} containers - -%description remote -Remote client for managing %{name} containers. - -%{name}-remote uses the libpod REST API to connect to a %{name} client to -manage pods, containers and container images. %{name}-remote supports ssh -connections as well. - -%prep -{{{ git_dir_setup_macro }}} - -%build -%set_build_flags -%global gomodulesmode GO111MODULE=on -export CGO_CFLAGS=$CFLAGS -# These extra flags present in $CFLAGS have been skipped for now as they break the build -CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-flto=auto//g') -CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-Wp,D_GLIBCXX_ASSERTIONS//g') -CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-specs=\/usr\/lib\/rpm\/redhat\/redhat-annobin-cc1//g') - -%ifarch x86_64 -export CGO_CFLAGS+=" -m64 -mtune=generic -fcf-protection=full" -%endif - -# build date. FIXME: Makefile uses '/v2/libpod', that doesn't work here? -LDFLAGS="-X ./libpod/define.buildInfo=$(date +%s)" - -# build rootlessport first -%gobuild -o bin/rootlessport ./cmd/rootlessport - -# set base buildtags common to both %%{name} and %%{name}-remote -export BASEBUILDTAGS="seccomp exclude_graphdriver_devicemapper $(hack/selinux_tag.sh) $(hack/systemd_tag.sh) $(hack/libsubid_tag.sh)" - -# build %%{name} -export BUILDTAGS="$BASEBUILDTAGS $(hack/btrfs_installed_tag.sh) $(hack/btrfs_tag.sh)" -%gobuild -o bin/%{name} ./cmd/%{name} - -# build %%{name}-remote -export BUILDTAGS="$BASEBUILDTAGS exclude_graphdriver_btrfs btrfs_noversion remote" -%gobuild -o bin/%{name}-remote ./cmd/%{name} - -# build quadlet -export BUILDTAGS="$BASEBUILDTAGS $(hack/btrfs_installed_tag.sh) $(hack/btrfs_tag.sh)" -%gobuild -o bin/quadlet ./cmd/quadlet - -make docs docker-docs - -%install -PODMAN_VERSION=%{version} %{__make} DESTDIR=%{buildroot} PREFIX=%{_prefix} ETCDIR=%{_sysconfdir} \ - install.bin \ - install.man \ - install.systemd \ - install.completions \ - install.docker \ - install.docker-docs \ - install.remote \ -%if 0%{?fedora} || 0%{?rhel} >= 10 - install.modules-load -%endif - -install -d -p %{buildroot}/%{_datadir}/%{name}/test/system -cp -pav test/system %{buildroot}/%{_datadir}/%{name}/test/ - -# do not include docker and %%{name}-remote man pages in main package -for file in `find %{buildroot}%{_mandir}/man[15] -type f | sed "s,%{buildroot},," | grep -v -e remote -e docker`; do - echo "$file*" >> %{name}.file-list -done - -%post -if [ $1 -eq 1 ]; then - %{_bindir}/systemctl enable --now %{name}-restart.service -fi - -%preun -%systemd_preun %{name}-restart.service - -%postun -%systemd_postun %{name}-restart.service - -# This lists all the files that are included in the rpm package and that -# are going to be installed into target system where the rpm is installed. -%files -f %{name}.file-list -%license LICENSE -%doc README.md CONTRIBUTING.md install.md transfer.md -%{_bindir}/%{name} -%dir %{_libexecdir}/%{name} -%{_libexecdir}/%{name}/rootlessport -%{_libexecdir}/%{name}/quadlet -%{_systemdgeneratordir}/%{name}-system-generator -%{_systemdusergeneratordir}/%{name}-user-generator -%{_datadir}/bash-completion/completions/%{name} -# By "owning" the site-functions dir, we don't need to Require zsh -%dir %{_datadir}/zsh/site-functions -%{_datadir}/zsh/site-functions/_%{name} -%dir %{_datadir}/fish/vendor_completions.d -%{_datadir}/fish/vendor_completions.d/%{name}.fish -%{_unitdir}/%{name}-auto-update.service -%{_unitdir}/%{name}-auto-update.timer -%{_unitdir}/%{name}.service -%{_unitdir}/%{name}.socket -%{_unitdir}/%{name}-restart.service -%{_unitdir}/%{name}-kube@.service -%{_unitdir}/%{name}-clean-transient.service -%{_userunitdir}/%{name}-auto-update.service -%{_userunitdir}/%{name}-auto-update.timer -%{_userunitdir}/%{name}.service -%{_userunitdir}/%{name}.socket -%{_userunitdir}/%{name}-restart.service -%{_userunitdir}/%{name}-kube@.service -%{_tmpfilesdir}/%{name}.conf -%{_user_tmpfilesdir}/%{name}-docker.conf -%if 0%{?fedora} || 0%{?rhel} >= 10 -%{_modulesloaddir}/%{name}-iptables.conf -%endif - -%files docker -%{_bindir}/docker -%{_mandir}/man1/docker*.1* -%{_mandir}/man5/docker*.5* -%{_usr}/lib/tmpfiles.d/%{name}-docker.conf - -%files remote -%license LICENSE -%{_bindir}/%{name}-remote -%{_mandir}/man1/%{name}-remote*.* -%{_datadir}/bash-completion/completions/%{name}-remote -%dir %{_datadir}/fish/vendor_completions.d -%{_datadir}/fish/vendor_completions.d/%{name}-remote.fish -%dir %{_datadir}/zsh/site-functions -%{_datadir}/zsh/site-functions/_%{name}-remote - -%files tests -%license LICENSE -%{_datadir}/%{name}/test - -%changelog -{{{ git_dir_changelog }}} diff --git a/rpm/Makefile b/rpm/Makefile new file mode 100644 index 0000000000..2ed4fadca2 --- /dev/null +++ b/rpm/Makefile @@ -0,0 +1,10 @@ +rpm: + $(shell /usr/bin/bash ./update-spec-version.sh) + spectool -g podman.spec + sudo dnf -y builddep podman.spec + rpmbuild -ba \ + --define '_sourcedir $(shell pwd)' \ + --define '_rpmdir %{_sourcedir}/RPMS' \ + --define '_srcrpmdir %{_sourcedir}/SRPMS' \ + --define '_builddir %{_sourcedir}/BUILD' \ + podman.spec diff --git a/rpm/podman.spec b/rpm/podman.spec new file mode 100644 index 0000000000..661cac3cc5 --- /dev/null +++ b/rpm/podman.spec @@ -0,0 +1,422 @@ +%global with_debug 1 + +%if 0%{?with_debug} +%global _find_debuginfo_dwz_opts %{nil} +%global _dwz_low_mem_die_limit 0 +%else +%global debug_package %{nil} +%endif + +# RHEL 8's default %%gobuild macro doesn't account for the BUILDTAGS variable, so we +# set it separately here and do not depend on RHEL 8's go-srpm-macros package. +%if !0%{?fedora} && 0%{?rhel} <= 8 +%define gobuild(o:) go build -buildmode pie -compiler gc -tags="rpm_crashtraceback libtrust_openssl ${BUILDTAGS:-}" -ldflags "-linkmode=external -compressdwarf=false ${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags'" -a -v -x %{?**}; +%endif + +%if 0%{?rhel} +%bcond_with btrfs +# _user_tmpfiles.d currently undefined on rhel +%global _user_tmpfilesdir %{_datadir}/user-tmpfiles.d +%else +%bcond_without btrfs +%endif + +# RHEL 8 needs /usr/bin/python3 to build docs +%if 0%{?rhel} == 8 +%bcond_without python3 +%else +%bcond_with python3 +%endif + +%if 0%{?fedora} || 0%{?rhel} >= 10 +%bcond_without modules_load +%else +%bcond_with modules_load +%endif + +%if 0%{?fedora} || 0%{?rhel} >= 9 +%bcond_without go_rpm_macros +%else +%bcond_with go_rpm_macros +%endif + +# copr_username is only set on copr environments, not on others like koji +%if "%{?copr_username}" != "rhcontainerbot" +%bcond_with copr +%else +%bcond_without copr +%endif + +%if 0%{?centos} <= 8 +%bcond_without changelog +%else +%bcond_with changelog +%endif + +%if 0%{?fedora} +%bcond_without golang_arches_future +%else +%bcond_with golang_arches_future +%endif + +%global provider github +%global provider_tld com +%global project containers +%global repo %{name} +# https://github.com/containers/%%{name} +%global import_path %{provider}.%{provider_tld}/%{project}/%{repo} +%global git0 https://%{import_path} + +# dnsname +%global repo_plugins dnsname +# https://github.com/containers/dnsname +%global import_path_plugins %{provider}.%{provider_tld}/%{project}/%{repo_plugins} +%global git_plugins https://%{import_path_plugins} +%global commit_plugins 18822f9a4fb35d1349eb256f4cd2bfd372474d84 + +# gvproxy +%global repo_gvproxy gvisor-tap-vsock +# https://github.com/containers/gvisor-tap-vsock +%global import_path_gvproxy %{provider}.%{provider_tld}/%{project}/%{repo_gvproxy} +%global git_gvproxy https://%{import_path_gvproxy} +%global commit_gvproxy aab0ac9367fc5142f5857c36ac2352bcb3c60ab7 + +# podman +%global git0 https://github.com/containers/%{name} + +Name: podman +%if %{with copr} +Epoch: 101 +%else +Epoch: 5 +%endif +# DO NOT TOUCH the Version string! +# The TRUE source of this specfile is: +# https://github.com/containers/podman/blob/main/rpm/podman.spec +# If that's what you're reading, Version must be 0, and will be updated by Packit for +# copr and koji builds. +# If you're reading this on dist-git, the version is automatically filled in by Packit. +Version: 0 +License: Apache-2.0 and BSD-2-Clause and BSD-3-Clause and ISC and MIT and MPL-2.0 +Release: %autorelease +%if %{with golang_arches_future} +ExclusiveArch: %{golang_arches_future} +%else +ExclusiveArch: aarch64 ppc64le s390x x86_64 +%endif +Summary: Manage Pods, Containers and Container Images +URL: https://%{name}.io/ +# All SourceN files fetched from upstream +Source0: %{git0}/archive/v%{version}.tar.gz +Source1: %{git_plugins}/archive/%{commit_plugins}/%{repo_plugins}-%{commit_plugins}.tar.gz +Source2: %{git_gvproxy}/archive/%{commit_gvproxy}/%{repo_gvproxy}-%{commit_gvproxy}.tar.gz +Provides: %{name}-manpages = %{epoch}:%{version}-%{release} +BuildRequires: %{_bindir}/envsubst +BuildRequires: go-md2man +%if %{with btrfs} +BuildRequires: btrfs-progs-devel +%endif +BuildRequires: gcc +BuildRequires: glib2-devel +BuildRequires: glibc-devel +BuildRequires: glibc-static +BuildRequires: golang +BuildRequires: git-core +%if %{with go_rpm_macros} +BuildRequires: go-rpm-macros +%endif +BuildRequires: gpgme-devel +BuildRequires: libassuan-devel +BuildRequires: libgpg-error-devel +BuildRequires: libseccomp-devel +BuildRequires: libselinux-devel +BuildRequires: shadow-utils-subid-devel +BuildRequires: pkgconfig +BuildRequires: make +BuildRequires: ostree-devel +BuildRequires: systemd +BuildRequires: systemd-devel +%if %{with python3} +BuildRequires: python3 +%endif +Requires: catatonit +Requires: conmon >= 2:2.1.7-2 +%if 0%{?fedora} > 38 +Requires: containers-common-extra >= 4:1-90 +%else +%if 0%{?fedora} == 38 +Requires: containers-common-extra >= 4:1-89 +%else +Requires: containers-common-extra >= 4:1-82 +%endif +%endif +Recommends: %{name}-gvproxy = %{epoch}:%{version}-%{release} +Provides: %{name}-quadlet +Obsoletes: %{name}-quadlet <= 5:4.4.0-1 +Provides: %{name}-quadlet = %{epoch}:%{version}-%{release} +# TODO: need to find the right action in packit propose-downstream to update +# the goimports here. None of the actions seem to work so far. +# DO NOT DELETE BELOW LINE - used for updating downstream goimports +# vendored libraries + +%description +%{name} (Pod Manager) is a fully featured container engine that is a simple +daemonless tool. %{name} provides a Docker-CLI comparable command line that +eases the transition from other container engines and allows the management of +pods, containers and images. Simply put: alias docker=%{name}. +Most %{name} commands can be run as a regular user, without requiring +additional privileges. + +%{name} uses Buildah(1) internally to create container images. +Both tools share image (not container) storage, hence each can use or +manipulate images (but not containers) created by the other. + +%{summary} +%{repo} Simple management tool for pods, containers and images + +%package docker +Summary: Emulate Docker CLI using %{name} +BuildArch: noarch +Requires: %{name} = %{epoch}:%{version}-%{release} +Conflicts: docker +Conflicts: docker-latest +Conflicts: docker-ce +Conflicts: docker-ee +Conflicts: moby-engine + +%description docker +This package installs a script named docker that emulates the Docker CLI by +executes %{name} commands, it also creates links between all Docker CLI man +pages and %{name}. + +%package tests +Summary: Tests for %{name} + +Requires: %{name} = %{epoch}:%{version}-%{release} +Requires: bats +Requires: jq +Requires: skopeo +Requires: nmap-ncat +Requires: httpd-tools +Requires: openssl +Requires: socat +Requires: buildah +Requires: gnupg + +%description tests +%{summary} + +This package contains system tests for %{name} + +%package remote +Summary: (Experimental) Remote client for managing %{name} containers + +%description remote +Remote client for managing %{name} containers. + +This experimental remote client is under heavy development. Please do not +run %{name}-remote in production. + +%{name}-remote uses the version 2 API to connect to a %{name} client to +manage pods, containers and container images. %{name}-remote supports ssh +connections as well. + +%package plugins +Summary: Plugins for %{name} +Requires: dnsmasq +Recommends: %{name}-gvproxy = %{epoch}:%{version}-%{release} + +%description plugins +This plugin sets up the use of dnsmasq on a given CNI network so +that Pods can resolve each other by name. When configured, +the pod and its IP address are added to a network specific hosts file +that dnsmasq will read in. Similarly, when a pod +is removed from the network, it will remove the entry from the hosts +file. Each CNI network will have its own dnsmasq instance. + +%package gvproxy +Summary: Go replacement for libslirp and VPNKit + +%description gvproxy +A replacement for libslirp and VPNKit, written in pure Go. +It is based on the network stack of gVisor. Compared to libslirp, +gvisor-tap-vsock brings a configurable DNS server and +dynamic port forwarding. + +%prep +%autosetup -Sgit -n %{name}-%{version} +sed -i 's;@@PODMAN@@\;$(BINDIR);@@PODMAN@@\;%{_bindir};' Makefile + +# untar dnsname +tar zxf %{SOURCE1} + +# untar %%{name}-gvproxy +tar zxf %{SOURCE2} + +%build +%set_build_flags +export CGO_CFLAGS=$CFLAGS +# These extra flags present in $CFLAGS have been skipped for now as they break the build +CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-flto=auto//g') +CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-Wp,D_GLIBCXX_ASSERTIONS//g') +CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-specs=\/usr\/lib\/rpm\/redhat\/redhat-annobin-cc1//g') + +%ifarch x86_64 +export CGO_CFLAGS+=" -m64 -mtune=generic -fcf-protection=full" +%endif + +export GO111MODULE=off +export GOPATH=$(pwd)/_build:$(pwd) + +mkdir _build +cd _build +mkdir -p src/%{provider}.%{provider_tld}/%{project} +ln -s ../../../../ src/%{import_path} +cd .. +ln -s vendor src + +# build date. FIXME: Makefile uses '/v2/libpod', that doesn't work here? +LDFLAGS="-X %{import_path}/libpod/define.buildInfo=$(date +%s)" + +# build rootlessport first +%gobuild -o bin/rootlessport %{import_path}/cmd/rootlessport + +export BASEBUILDTAGS="seccomp exclude_graphdriver_devicemapper $(hack/systemd_tag.sh) $(hack/libsubid_tag.sh)" + +# build %%{name} +export BUILDTAGS="$BASEBUILDTAGS $(hack/btrfs_installed_tag.sh) $(hack/btrfs_tag.sh) $(hack/libdm_tag.sh)" +%gobuild -o bin/%{name} %{import_path}/cmd/%{name} + +# build %%{name}-remote +export BUILDTAGS="$BASEBUILDTAGS exclude_graphdriver_btrfs btrfs_noversion remote" +%gobuild -o bin/%{name}-remote %{import_path}/cmd/%{name} + +# build quadlet +export BUILDTAGS="$BASEBUILDTAGS $(hack/btrfs_installed_tag.sh) $(hack/btrfs_tag.sh)" +%gobuild -o bin/quadlet %{import_path}/cmd/quadlet + +cd %{repo_plugins}-%{commit_plugins} +mkdir _build +cd _build +mkdir -p src/%{provider}.%{provider_tld}/%{project} +ln -s ../../../../ src/%{import_path_plugins} +cd .. +ln -s vendor src +export GOPATH=$(pwd)/_build:$(pwd) +%gobuild -o bin/dnsname %{import_path_plugins}/plugins/meta/dnsname +cd .. + +cd %{repo_gvproxy}-%{commit_gvproxy} +mkdir _build +cd _build +mkdir -p src/%{provider}.%{provider_tld}/%{project} +ln -s ../../../../ src/%{import_path_gvproxy} +cd .. +ln -s vendor src +export GOPATH=$(pwd)/_build:$(pwd) +%gobuild -o bin/gvproxy %{import_path_gvproxy}/cmd/gvproxy +cd .. + +%{__make} docs docker-docs + +%install +install -dp %{buildroot}%{_unitdir} +PODMAN_VERSION=%{version} %{__make} PREFIX=%{buildroot}%{_prefix} ETCDIR=%{_sysconfdir} \ + install.bin \ + install.man \ + install.systemd \ + install.completions \ + install.docker \ + install.docker-docs \ + install.remote \ +%if %{with modules_load} + install.modules-load +%endif + +sed -i 's;%{buildroot};;g' %{buildroot}%{_bindir}/docker + +# install dnsname plugin +cd %{repo_plugins}-%{commit_plugins} +%{__make} PREFIX=%{_prefix} DESTDIR=%{buildroot} install +cd .. + +# install gvproxy +cd %{repo_gvproxy}-%{commit_gvproxy} +install -dp %{buildroot}%{_libexecdir}/%{name} +install -p -m0755 bin/gvproxy %{buildroot}%{_libexecdir}/%{name} +cd .. + +# do not include docker and podman-remote man pages in main package +for file in `find %{buildroot}%{_mandir}/man[15] -type f | sed "s,%{buildroot},," | grep -v -e remote -e docker`; do + echo "$file*" >> podman.file-list +done + +rm -f %{buildroot}%{_mandir}/man5/docker*.5 + +install -d -p %{buildroot}/%{_datadir}/%{name}/test/system +cp -pav test/system %{buildroot}/%{_datadir}/%{name}/test/ + +#define license tag if not already defined +%{!?_licensedir:%global license %doc} + +%files -f %{name}.file-list +%license LICENSE +%doc README.md CONTRIBUTING.md install.md transfer.md +%{_bindir}/%{name} +%dir %{_libexecdir}/%{name} +%{_libexecdir}/%{name}/rootlessport +%{_libexecdir}/%{name}/quadlet +%{_datadir}/bash-completion/completions/%{name} +# By "owning" the site-functions dir, we don't need to Require zsh +%dir %{_datadir}/zsh/site-functions +%{_datadir}/zsh/site-functions/_%{name} +%dir %{_datadir}/fish/vendor_completions.d +%{_datadir}/fish/vendor_completions.d/%{name}.fish +%{_unitdir}/%{name}* +%{_userunitdir}/%{name}* +%{_tmpfilesdir}/%{name}.conf +%{_systemdgeneratordir}/%{name}-system-generator +%{_systemdusergeneratordir}/%{name}-user-generator +%if %{with modules_load} +%{_modulesloaddir}/%{name}-iptables.conf +%endif + +%files docker +%{_bindir}/docker +%{_mandir}/man1/docker*.1* +%{_tmpfilesdir}/%{name}-docker.conf +%{_user_tmpfilesdir}/%{name}-docker.conf + +%files remote +%license LICENSE +%{_bindir}/%{name}-remote +%{_mandir}/man1/%{name}-remote*.* +%{_datadir}/bash-completion/completions/%{name}-remote +%dir %{_datadir}/fish/vendor_completions.d +%{_datadir}/fish/vendor_completions.d/%{name}-remote.fish +%dir %{_datadir}/zsh/site-functions +%{_datadir}/zsh/site-functions/_%{name}-remote + +%files tests +%license LICENSE +%{_datadir}/%{name}/test + +%files plugins +%license %{repo_plugins}-%{commit_plugins}/LICENSE +%doc %{repo_plugins}-%{commit_plugins}/{README.md,README_PODMAN.md} +%dir %{_libexecdir}/cni +%{_libexecdir}/cni/dnsname + +%files gvproxy +%license %{repo_gvproxy}-%{commit_gvproxy}/LICENSE +%doc %{repo_gvproxy}-%{commit_gvproxy}/README.md +%dir %{_libexecdir}/%{name} +%{_libexecdir}/%{name}/gvproxy + +%changelog +%if %{with changelog} +* Mon May 01 2023 RH Container Bot +- Placeholder changelog for envs that are not autochangelog-ready +%else +%autochangelog +%endif diff --git a/rpm/update-spec-provides.sh b/rpm/update-spec-provides.sh new file mode 100644 index 0000000000..94a6048d4e --- /dev/null +++ b/rpm/update-spec-provides.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env bash + +# This script will update the goimports in the rpm spec for downstream fedora +# packaging, via the `propose-downstream` packit action. +# The goimports don't need to be present upstream. + +SPEC_FILE=$(pwd)/podman.spec + +sed -i '/Provides: bundled(golang.*/d' $SPEC_FILE + +GO_IMPORTS=$(golist --imported --package-path github.com/containers/podman --skip-self | sort -u | xargs -I{} echo "Provides: bundled(golang({}))") + +awk -v r="$GO_IMPORTS" '/^# vendored libraries/ {print; print r; next} 1' $SPEC_FILE > temp && mv temp $SPEC_FILE diff --git a/rpm/update-spec-version.sh b/rpm/update-spec-version.sh new file mode 100644 index 0000000000..43b7408c7f --- /dev/null +++ b/rpm/update-spec-version.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash + +# This script will update the Version field in the spec which is set to 0 by +# default. Useful for local manual rpm builds where the Version needs to be set +# correctly. + +SPEC_FILE=$(pwd)/podman.spec +LATEST_TAG=$(git tag --sort=creatordate | tail -1) +LATEST_VERSION=$(echo $LATEST_TAG | sed -e 's/^v//') + +sed -i "s/^Version:.*/Version: $LATEST_VERSION/" $SPEC_FILE From 8b35bbab9a97bbf1d610d40a1cccf6c8d408e867 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Wed, 24 May 2023 11:16:36 -0400 Subject: [PATCH 2/3] no need for podman-next rpm test on maint branch Signed-off-by: Lokesh Mandvekar --- .cirrus.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index bde179a35a..f8e36b4caa 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -380,8 +380,6 @@ alt_build_task: ALT_NAME: 'Windows Cross' - env: ALT_NAME: 'Build Without CGO' - - env: - ALT_NAME: 'Test build podman-next Copr RPM' - env: ALT_NAME: 'Alt Arch. Cross' - env: From 2b045de48dcecd17992f19a9c5719e40eb1f9f01 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Thu, 25 May 2023 09:11:21 -0400 Subject: [PATCH 3/3] [CI:BUILD] Packit: set propose-downstream action type to pre-sync Also address review concerns in pr#18675. [NO NEW TESTS NEEDED] Co-authored-by: Chris Evich Signed-off-by: Lokesh Mandvekar --- .packit.yaml | 8 +++----- rpm/Makefile | 2 +- rpm/podman.spec | 2 -- rpm/update-spec-provides.sh | 2 ++ rpm/update-spec-version.sh | 2 ++ 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.packit.yaml b/.packit.yaml index 6387dd544b..f4b29003f9 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -35,11 +35,9 @@ jobs: update_release: false dist_git_branches: - fedora-all - #TODO use the right action to update the goimports - # For whatever reason, none of the actions seem to work - #actions: - # create-patches: - # - "cd rpm && bash update-spec-provides.sh" + actions: + pre-sync: + - "cd rpm && bash update-spec-provides.sh" - job: koji_build trigger: commit diff --git a/rpm/Makefile b/rpm/Makefile index 2ed4fadca2..62fa0c075f 100644 --- a/rpm/Makefile +++ b/rpm/Makefile @@ -1,7 +1,7 @@ +.PHONY: rpm rpm: $(shell /usr/bin/bash ./update-spec-version.sh) spectool -g podman.spec - sudo dnf -y builddep podman.spec rpmbuild -ba \ --define '_sourcedir $(shell pwd)' \ --define '_rpmdir %{_sourcedir}/RPMS' \ diff --git a/rpm/podman.spec b/rpm/podman.spec index 661cac3cc5..bf76488c12 100644 --- a/rpm/podman.spec +++ b/rpm/podman.spec @@ -154,8 +154,6 @@ Recommends: %{name}-gvproxy = %{epoch}:%{version}-%{release} Provides: %{name}-quadlet Obsoletes: %{name}-quadlet <= 5:4.4.0-1 Provides: %{name}-quadlet = %{epoch}:%{version}-%{release} -# TODO: need to find the right action in packit propose-downstream to update -# the goimports here. None of the actions seem to work so far. # DO NOT DELETE BELOW LINE - used for updating downstream goimports # vendored libraries diff --git a/rpm/update-spec-provides.sh b/rpm/update-spec-provides.sh index 94a6048d4e..2dd8594676 100644 --- a/rpm/update-spec-provides.sh +++ b/rpm/update-spec-provides.sh @@ -4,6 +4,8 @@ # packaging, via the `propose-downstream` packit action. # The goimports don't need to be present upstream. +set -e + SPEC_FILE=$(pwd)/podman.spec sed -i '/Provides: bundled(golang.*/d' $SPEC_FILE diff --git a/rpm/update-spec-version.sh b/rpm/update-spec-version.sh index 43b7408c7f..8d43f27a42 100644 --- a/rpm/update-spec-version.sh +++ b/rpm/update-spec-version.sh @@ -4,6 +4,8 @@ # default. Useful for local manual rpm builds where the Version needs to be set # correctly. +set -e + SPEC_FILE=$(pwd)/podman.spec LATEST_TAG=$(git tag --sort=creatordate | tail -1) LATEST_VERSION=$(echo $LATEST_TAG | sed -e 's/^v//')