containers-common/containers-common.spec

# Below definitions are used to deliver config files from a particular branch
# of c/image, c/common, c/storage vendored in all of Buildah, Podman and Skopeo.
# These vendored components must have the same version. If it is not the case,
# pick the oldest version on c/image, c/common, c/storage vendored in
# Buildah/Podman/Skopeo.
%global image_branch  main
%global common_branch v%{version}
%global storage_branch main
%global shortnames_branch main

%global github_containers https://raw.githubusercontent.com/containers

Epoch: 5
Name: containers-common
Version: 0.57.1
Release: %autorelease
License: Apache-2.0
BuildArch: noarch
# for BuildRequires: go-md2man
ExclusiveArch: %{golang_arches} noarch
Summary: Common configuration and documentation for containers
BuildRequires: go-md2man
Provides: skopeo-containers = %{epoch}:%{version}-%{release}
Recommends: (container-selinux >= 2:2.162.1 if selinux-policy)
Recommends: fuse-overlayfs
Requires: (fuse-overlayfs if fedora-release-identity-server)
# SourceN files fetched from upstream
# GPG key and registry configs taken from RH
Source1: %{github_containers}/common/%{common_branch}/docs/containers.conf.5.md
Source2: %{github_containers}/common/%{common_branch}/pkg/config/containers.conf
Source3: %{github_containers}/common/%{common_branch}/pkg/seccomp/seccomp.json
Source4: %{github_containers}/common/%{common_branch}/pkg/subscriptions/mounts.conf
Source5: %{github_containers}/image/%{image_branch}/docs/containers-auth.json.5.md
Source6: %{github_containers}/image/%{image_branch}/docs/containers-certs.d.5.md
Source7: %{github_containers}/image/%{image_branch}/docs/containers-policy.json.5.md
Source8: %{github_containers}/image/%{image_branch}/docs/containers-registries.conf.5.md
Source9: %{github_containers}/image/%{image_branch}/docs/containers-registries.conf.d.5.md
Source10: %{github_containers}/image/%{image_branch}/docs/containers-registries.d.5.md
Source11: %{github_containers}/image/%{image_branch}/docs/containers-signature.5.md
Source12: %{github_containers}/image/%{image_branch}/docs/containers-transports.5.md
Source13: %{github_containers}/image/%{image_branch}/registries.conf
Source14: %{github_containers}/common/%{common_branch}/docs/containers-mounts.conf.5.md
Source15: %{github_containers}/shortnames/%{shortnames_branch}/shortnames.conf
Source16: %{github_containers}/image/%{image_branch}/default.yaml
Source17: %{github_containers}/image/%{image_branch}/default-policy.json
Source18: %{github_containers}/storage/%{storage_branch}/docs/containers-storage.conf.5.md
Source19: %{github_containers}/storage/%{storage_branch}/storage.conf
Source20: RPM-GPG-KEY-redhat-release
Source21: registry.access.redhat.com.yaml
Source22: registry.redhat.io.yaml
Source23: %{github_containers}/common/%{common_branch}/docs/Containerfile.5.md
Source24: %{github_containers}/common/%{common_branch}/docs/containerignore.5.md
Source25: %{github_containers}/common/%{common_branch}/docs/links/.containerignore.5

%description
This package contains common configuration files and documentation for container
tools ecosystem, such as Podman, Buildah and Skopeo.

It is required because the most of configuration files and docs come from projects
which are vendored into Podman, Buildah, Skopeo, etc. but they are not packaged
separately.

%package extra
Summary: Extra dependencies for Podman and Buildah
Requires: %{name} = %{epoch}:%{version}-%{release}
Requires: container-network-stack
Requires: oci-runtime
Recommends: crun
Requires: (crun if fedora-release-identity-server)
Recommends: netavark >= 1.6.0-1
Requires: (netavark >= 1.6.0-1 if fedora-release-identity-server)
Recommends: slirp4netns
Requires: (slirp4netns if fedora-release-identity-server)
Recommends: passt
Requires: (passt if fedora-release-identity-server)
Requires: iptables
Requires: nftables
Suggests: containernetworking-plugins >= 0.9.1-1
Recommends: qemu-user-static
Requires: (qemu-user-static-aarch64 if fedora-release-identity-server)
Requires: (qemu-user-static-arm if fedora-release-identity-server)
Requires: (qemu-user-static-x86 if fedora-release-identity-server)

%description extra
This subpackage will handle dependencies common to Podman and Buildah which are
not required by Skopeo.

%prep
cp %{SOURCE1} .
cp %{SOURCE2} .
cp %{SOURCE3} .
cp %{SOURCE4} .
cp %{SOURCE5} .
cp %{SOURCE6} .
cp %{SOURCE7} .
cp %{SOURCE8} .
cp %{SOURCE9} .
cp %{SOURCE10} .
cp %{SOURCE11} .
cp %{SOURCE12} .
cp %{SOURCE13} .
cp %{SOURCE14} .
cp %{SOURCE15} 000-shortnames.conf
cp %{SOURCE16} .
cp %{SOURCE17} policy.json
cp %{SOURCE18} .
cp %{SOURCE19} .
cp %{SOURCE20} .
cp %{SOURCE21} .
cp %{SOURCE22} .
cp %{SOURCE23} .
cp %{SOURCE24} .
cp %{SOURCE25} .

%if 0%{?rhel} <= 8
sed -i 's/log_driver = "journald"/#log_driver = "journald"/' containers.conf
%endif

%build
mkdir -p man5
for FILE in $(ls *.5.md); do
    go-md2man -in $FILE -out man5/$(basename $FILE .md)
done

cp man5/containerignore.5 man5/.containerignore.5

%install
# install config and policy files for registries
install -dp %{buildroot}%{_sysconfdir}/containers/{certs.d,oci/hooks.d,systemd}
install -dp %{buildroot}%{_sharedstatedir}/containers/sigstore
install -dp %{buildroot}%{_datadir}/containers/systemd
install -dp -m 700 %{buildroot}%{_prefix}/lib/containers/storage/overlay-images
touch %{buildroot}%{_prefix}/lib/containers/storage/overlay-images/images.lock
install -dp -m 700 %{buildroot}%{_prefix}/lib/containers/storage/overlay-layers
touch %{buildroot}%{_prefix}/lib/containers/storage/overlay-layers/layers.lock

install -Dp -m0644 default.yaml -t %{buildroot}%{_sysconfdir}/containers/registries.d
install -Dp -m0644 storage.conf -t %{buildroot}%{_datadir}/containers
install -Dp -m0644 registries.conf -t %{buildroot}%{_sysconfdir}/containers
install -Dp -m0644 000-shortnames.conf -t %{buildroot}%{_sysconfdir}/containers/registries.conf.d
install -Dp -m0644 policy.json -t %{buildroot}%{_sysconfdir}/containers
# RPM-GPG-KEY-redhat-release already exists on rhel envs, install only on
# fedora and centos
%if 0%{?fedora} || 0%{?centos}
install -Dp -m0644 RPM-GPG-KEY-redhat-release -t %{buildroot}%{_sysconfdir}/pki/rpm-gpg
%endif
install -Dp -m0644 registry.access.redhat.com.yaml -t %{buildroot}%{_sysconfdir}/containers/registries.d
install -Dp -m0644 registry.redhat.io.yaml -t %{buildroot}%{_sysconfdir}/containers/registries.d


# install manpages
for FILE in $(ls -a man5 | grep 5); do
    install -Dp -m0644 man5/$FILE -t %{buildroot}%{_mandir}/man5
done

# install config files for mounts, containers and seccomp
install -m0644 mounts.conf %{buildroot}%{_datadir}/containers/mounts.conf
install -m0644 seccomp.json %{buildroot}%{_datadir}/containers/seccomp.json
install -m0644 containers.conf %{buildroot}%{_datadir}/containers/containers.conf

# install secrets patch directory
install -d -p -m 755 %{buildroot}/%{_datadir}/rhel/secrets
# rhbz#1110876 - update symlinks for subscription management
ln -s ../../../..%{_sysconfdir}/pki/entitlement %{buildroot}%{_datadir}/rhel/secrets/etc-pki-entitlement
ln -s ../../../..%{_sysconfdir}/rhsm %{buildroot}%{_datadir}/rhel/secrets/rhsm
ln -s ../../../..%{_sysconfdir}/yum.repos.d/redhat.repo %{buildroot}%{_datadir}/rhel/secrets/redhat.repo

%files
%dir %{_sysconfdir}/containers
%dir %{_sysconfdir}/containers/certs.d
%dir %{_sysconfdir}/containers/oci
%dir %{_sysconfdir}/containers/oci/hooks.d
%dir %{_sysconfdir}/containers/registries.conf.d
%dir %{_sysconfdir}/containers/registries.d
%dir %{_sysconfdir}/containers/systemd
%dir %{_prefix}/lib/containers/storage
%dir %{_prefix}/lib/containers/storage/overlay-images
%dir %{_prefix}/lib/containers/storage/overlay-layers
%{_prefix}/lib/containers/storage/overlay-images/images.lock
%{_prefix}/lib/containers/storage/overlay-layers/layers.lock

%config(noreplace) %{_sysconfdir}/containers/policy.json
%config(noreplace) %{_sysconfdir}/containers/registries.conf
%config(noreplace) %{_sysconfdir}/containers/registries.conf.d/000-shortnames.conf
%if 0%{?fedora} || 0%{?centos}
%{_sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
%endif
%config(noreplace) %{_sysconfdir}/containers/registries.d/default.yaml
%{_sysconfdir}/containers/registries.d/registry.redhat.io.yaml
%{_sysconfdir}/containers/registries.d/registry.access.redhat.com.yaml
%ghost %{_sysconfdir}/containers/storage.conf
%ghost %{_sysconfdir}/containers/containers.conf
%dir %{_sharedstatedir}/containers/sigstore
%{_mandir}/man5/Containerfile.5.gz
%{_mandir}/man5/containerignore.5.gz
%{_mandir}/man5/.containerignore.5.gz
%{_mandir}/man5/containers*.5.gz
%dir %{_datadir}/containers
%dir %{_datadir}/containers/systemd
%{_datadir}/containers/storage.conf
%{_datadir}/containers/containers.conf
%{_datadir}/containers/mounts.conf
%{_datadir}/containers/seccomp.json
%dir %{_datadir}/rhel/secrets
%{_datadir}/rhel/secrets/*

%files extra

%changelog
%autochangelog