Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[1.1] bump libseccomp to v2.5.4, check tarball sha #3481

Merged
merged 2 commits into from
May 27, 2022

Conversation

kolyshkin
Copy link
Contributor

@kolyshkin kolyshkin commented May 24, 2022

Release notes: https://github.com/seccomp/libseccomp/releases/tag/v2.5.4

This affects the released static binaries (as they are statically linked
against libseccomp).


This is a backport of #3480 and #3482.

@kolyshkin kolyshkin added backport/1.1-pr A backport PR to release-1.1 area/seccomp dependencies Pull requests that update a dependency file labels May 24, 2022
@kolyshkin kolyshkin marked this pull request as draft May 24, 2022 17:57
@kolyshkin

This comment was marked as outdated.

@kolyshkin kolyshkin marked this pull request as ready for review May 24, 2022 18:18
@kolyshkin kolyshkin added this to the 1.1.3 milestone May 24, 2022
@kolyshkin kolyshkin changed the title [1.1] Dockerfile,scripts/release: bump libseccomp to v2.5.4 [1.1] Dockerfile,scripts/release: bump libseccomp to v2.5.4, check tarball sha May 24, 2022
@kolyshkin kolyshkin changed the title [1.1] Dockerfile,scripts/release: bump libseccomp to v2.5.4, check tarball sha [1.1] bump libseccomp to v2.5.4, check tarball sha May 24, 2022
@kolyshkin kolyshkin force-pushed the 1.1-bump-libseccomp branch from eded0c5 to f7a29b4 Compare May 26, 2022 01:32
@kolyshkin kolyshkin mentioned this pull request May 26, 2022
@kolyshkin kolyshkin force-pushed the 1.1-bump-libseccomp branch from f7a29b4 to 1011bfd Compare May 27, 2022 01:26
Copy link
Member

@cyphar cyphar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

kolyshkin added 2 commits May 27, 2022 12:17
Release notes: https://github.com/seccomp/libseccomp/releases/tag/v2.5.4

This affects the released static binaries (as they are statically linked
against libseccomp).

Signed-off-by: Kir Kolyshkin <[email protected]>
(cherry picked from commit f7b07fd)
Signed-off-by: Kir Kolyshkin <[email protected]>
Add checking of downloaded tarball checksum.

In case it doesn't match the hardcoded value, the error is like this:

	libseccomp-2.5.4.tar.gz: FAILED
	sha256sum: WARNING: 1 computed checksum did NOT match

In case the checksum for a particular version is not specified in the
script, the error will look like this:

	./script/seccomp.sh: line 29: SECCOMP_SHA256[${ver}]: unbound variable

In case the the hardcoded value in the file is of wrong format/length,
we'll get:

	sha256sum: 'standard input': no properly formatted SHA256 checksum lines found

In any of these cases, the script aborts (due to set -e).

Signed-off-by: Kir Kolyshkin <[email protected]>
(cherry picked from commit 95f1e2e18872de54a17d64b2d808255463ee3d93)
Signed-off-by: Kir Kolyshkin <[email protected]>
@cyphar cyphar force-pushed the 1.1-bump-libseccomp branch from 1011bfd to 8242c05 Compare May 27, 2022 02:17
@cyphar cyphar merged commit ff14258 into opencontainers:release-1.1 May 27, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/seccomp backport/1.1-pr A backport PR to release-1.1 dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants