rpms/containers-common
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import containers-common-1-49.el9_1

Browse Source
This commit is contained in:
CentOS Sources 2023-02-28 07:55:32 +00:00 committed by Stepan Oksanichenko
parent 1b99a9f313
commit 59c905b0d2
8 changed files with 542 additions and 230 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

711
SOURCES/001-rhel-shortnames-pyxis.conf
View File

File diff suppressed because it is too large Load Diff

6
SOURCES/Containerfile.5.md
View File

@ -118,7 +118,7 @@ Current supported mount TYPES are bind, cache, secret and tmpfs.
· dst, destination, target: mount destination spec. · dst, destination, target: mount destination spec.
· ro, read-only: true or false (default). · ro, read-only: true (default) or false.
Options specific to bind: Options specific to bind:
@ -128,6 +128,8 @@ Current supported mount TYPES are bind, cache, secret and tmpfs.
· from: stage or image name for the root of the source. Defaults to the build context. · from: stage or image name for the root of the source. Defaults to the build context.
· rw, read-write: allows writes on the mount.
Options specific to tmpfs: Options specific to tmpfs:
· tmpfs-size: Size of the tmpfs mount in bytes. Unlimited by default in Linux. · tmpfs-size: Size of the tmpfs mount in bytes. Unlimited by default in Linux.
@ -150,6 +152,8 @@ Current supported mount TYPES are bind, cache, secret and tmpfs.
· from: stage name for the root of the source. Defaults to host cache directory. · from: stage name for the root of the source. Defaults to host cache directory.
· rw, read-write: allows writes on the mount.
**RUN Secrets** **RUN Secrets**

1
SOURCES/containers.conf
View File

@ -53,7 +53,6 @@
# the default capabilities defined in the container engine will be added. # the default capabilities defined in the container engine will be added.
# #
default_capabilities = [ default_capabilities = [
"NET_RAW",
"CHOWN", "CHOWN",
"DAC_OVERRIDE", "DAC_OVERRIDE",
"FOWNER", "FOWNER",

14
SOURCES/default.yaml
View File

@ -1,8 +1,8 @@
# This is a default registries.d configuration file. You may # This is a default registries.d configuration file. You may
# add to this file or create additional files in registries.d/. # add to this file or create additional files in registries.d/.
# #
# lookaside: indicates a location that is read and write # lookaside: for reading/writing simple signing signatures
# lookaside-staging: indicates a location that is only for write # lookaside-staging: for writing simple signing signatures, preferred over lookaside
# #
# lookaside and lookaside-staging take a value of the following: # lookaside and lookaside-staging take a value of the following:
# lookaside: {schema}://location # lookaside: {schema}://location
@ -10,10 +10,12 @@
# For reading signatures, schema may be http, https, or file. # For reading signatures, schema may be http, https, or file.
# For writing signatures, schema may only be file. # For writing signatures, schema may only be file.
# This is the default signature write location for docker registries. # The default locations are built-in, for both reading and writing:
# /var/lib/containers/sigstore for root, or
# ~/.local/share/containers/sigstore for non-root users.
default-docker: default-docker:
# lookaside: file:///var/lib/containers/sigstore # lookaside: https://…
lookaside-staging: file:///var/lib/containers/sigstore # lookaside-staging: file:///…
# The 'docker' indicator here is the start of the configuration # The 'docker' indicator here is the start of the configuration
# for docker registries. # for docker registries.
@ -21,6 +23,6 @@ default-docker:
# docker: # docker:
# #
# privateregistry.com: # privateregistry.com:
# lookaside: http://privateregistry.com/sigstore/ # lookaside: https://privateregistry.com/sigstore/
# lookaside-staging: /mnt/nfs/privateregistry/sigstore # lookaside-staging: /mnt/nfs/privateregistry/sigstore

2
SOURCES/pyxis.sh
View File

@ -6,7 +6,7 @@ if [ "$TOTAL" == "null" ]; then
echo "Error comunicating with Pyxis API." echo "Error comunicating with Pyxis API."
exit 1 exit 1
fi fi
PAGES=$(($TOTAL/500)) PAGES=$(($TOTAL/250))
for P in `seq 0 $PAGES`; do for P in `seq 0 $PAGES`; do
curl -s --negotiate -u: -H 'Content-Type: application/json' -H 'Accept: application/json' -X GET "https://pyxis.engineering.redhat.com/v1/repositories?page_size=500&page=$P" > /tmp/pyxis$P.json curl -s --negotiate -u: -H 'Content-Type: application/json' -H 'Accept: application/json' -X GET "https://pyxis.engineering.redhat.com/v1/repositories?page_size=500&page=$P" > /tmp/pyxis$P.json
done done

8
SOURCES/shortnames.conf
View File

@ -3,7 +3,7 @@
"almalinux" = "docker.io/library/almalinux" "almalinux" = "docker.io/library/almalinux"
"almalinux-minimal" = "docker.io/library/almalinux-minimal" "almalinux-minimal" = "docker.io/library/almalinux-minimal"
# Arch Linux # Arch Linux
"archlinux" = "docker.io/archlinux/archlinux" "archlinux" = "docker.io/library/archlinux"
# centos # centos
"centos" = "quay.io/centos/centos" "centos" = "quay.io/centos/centos"
# containers # containers
@ -42,6 +42,10 @@
"sles12sp5" = "registry.suse.com/suse/sles12sp5" "sles12sp5" = "registry.suse.com/suse/sles12sp5"
"sles12sp4" = "registry.suse.com/suse/sles12sp4" "sles12sp4" = "registry.suse.com/suse/sles12sp4"
"sles12sp3" = "registry.suse.com/suse/sles12sp3" "sles12sp3" = "registry.suse.com/suse/sles12sp3"
"bci/bci-base" = "registry.suse.com/bci/bci-base"
"bci/bci-micro" = "registry.suse.com/bci/bci-micro"
"bci/bci-minimal" = "registry.suse.com/bci/bci-minimal"
"bci/bci-busybox" = "registry.suse.com/bci/bci-busybox"
# Red Hat Enterprise Linux # Red Hat Enterprise Linux
"rhel" = "registry.access.redhat.com/rhel" "rhel" = "registry.access.redhat.com/rhel"
"rhel6" = "registry.access.redhat.com/rhel6" "rhel6" = "registry.access.redhat.com/rhel6"
@ -111,5 +115,7 @@
"php" = "docker.io/library/php" "php" = "docker.io/library/php"
# python # python
"python" = "docker.io/library/python" "python" = "docker.io/library/python"
# rust
"rust" = "docker.io/library/rust"
# node # node
"node" = "docker.io/library/node" "node" = "docker.io/library/node"

10
SOURCES/update.sh
View File

@ -31,6 +31,11 @@ ensure containers.conf runtime \"runc\"
ensure containers.conf events_logger \"file\" ensure containers.conf events_logger \"file\"
ensure containers.conf log_driver \"k8s-file\" ensure containers.conf log_driver \"k8s-file\"
ensure containers.conf network_backend \"cni\" ensure containers.conf network_backend \"cni\"
if ! grep \"NET_RAW\" containers.conf > /dev/null
then
sed -i '/^default_capabilities/a \
"NET_RAW",' containers.conf
fi
else else
ensure registries.conf unqualified-search-registries [\"registry.access.redhat.com\",\ \"registry.redhat.io\",\ \"docker.io\"] ensure registries.conf unqualified-search-registries [\"registry.access.redhat.com\",\ \"registry.redhat.io\",\ \"docker.io\"]
ensure registries.conf short-name-mode \"enforcing\" ensure registries.conf short-name-mode \"enforcing\"
@ -40,8 +45,3 @@ fi
"keyctl",' seccomp.json "keyctl",' seccomp.json
sed -i '/\"socketcall\",/i \ sed -i '/\"socketcall\",/i \
"socket",' seccomp.json "socket",' seccomp.json
if ! grep \"NET_RAW\" containers.conf > /dev/null
then
sed -i '/^default_capabilities/a \
"NET_RAW",' containers.conf
fi

20
SPECS/containers-common.spec
View File

@ -4,7 +4,7 @@
# pick the oldest version on c/image, c/common, c/storage vendored in # pick the oldest version on c/image, c/common, c/storage vendored in
# podman/skopeo/podman. # podman/skopeo/podman.
%global skopeo_branch main %global skopeo_branch main
%global image_branch v5.22.0 %global image_branch v5.22.1
%global common_branch v0.49.1 %global common_branch v0.49.1
%global storage_branch v1.42.0 %global storage_branch v1.42.0
%global shortnames_branch main %global shortnames_branch main
@ -12,7 +12,7 @@
Epoch: 2 Epoch: 2
Name: containers-common Name: containers-common
Version: 1 Version: 1
Release: 45%{?dist} Release: 49%{?dist}
Summary: Common configuration and documentation for containers Summary: Common configuration and documentation for containers
License: ASL 2.0 License: ASL 2.0
ExclusiveArch: %{go_arches} ExclusiveArch: %{go_arches}
@ -170,6 +170,22 @@ EOF
%{_datadir}/rhel/secrets/* %{_datadir}/rhel/secrets/*
%changelog %changelog
* Sun Jan 08 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-49
- update vendored components, regenerate pyxis
- Resolves: #2158512
* Thu Dec 01 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-48
- update vendored components and configuration files
- Resolves: #2149776
* Wed Oct 26 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-47
- update vendored components and configuration files
- Resolves: #2136847
* Wed Oct 26 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-46
- update vendored components and configuration files
- Resolves: #2136845
* Thu Oct 13 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-45 * Thu Oct 13 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-45
- add beta GPG key - add beta GPG key
- Resolves: #2123611 - Resolves: #2123611