3e3fef6f50
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
200 lines
8.0 KiB
RPMSpec
200 lines
8.0 KiB
RPMSpec
# Below definitions are used to deliver config files from a particular branch
|
|
# of c/image, c/common, c/storage vendored in all of Buildah, Podman and Skopeo.
|
|
# These vendored components must have the same version. If it is not the case,
|
|
# pick the oldest version on c/image, c/common, c/storage vendored in
|
|
# Buildah/Podman/Skopeo.
|
|
%global skopeo_branch main
|
|
%global podman_branch main
|
|
%global buildah_branch main
|
|
%global image_branch main
|
|
%global common_branch main
|
|
%global storage_branch main
|
|
%global shortnames_branch main
|
|
|
|
%global github_containers https://raw.githubusercontent.com/containers
|
|
|
|
Epoch: 4
|
|
Name: containers-common
|
|
Version: 1
|
|
Release: %autorelease
|
|
License: ASL 2.0
|
|
BuildArch: noarch
|
|
Summary: Common configuration and documentation for containers
|
|
BuildRequires: go-md2man
|
|
Provides: skopeo-containers = %{epoch}:%{version}-%{release}
|
|
Recommends: (container-selinux >= 2:2.162.1 if selinux-policy)
|
|
Recommends: fuse-overlayfs
|
|
Requires: (fuse-overlayfs if fedora-release-identity-server)
|
|
# SourceN files fetched from upstream
|
|
# GPG key and registry configs taken from RH
|
|
Source1: %{github_containers}/common/%{common_branch}/docs/containers.conf.5.md
|
|
Source2: %{github_containers}/common/%{common_branch}/pkg/config/containers.conf
|
|
Source3: %{github_containers}/common/%{common_branch}/pkg/seccomp/seccomp.json
|
|
Source4: %{github_containers}/common/%{common_branch}/pkg/subscriptions/mounts.conf
|
|
Source5: %{github_containers}/image/%{image_branch}/docs/containers-auth.json.5.md
|
|
Source6: %{github_containers}/image/%{image_branch}/docs/containers-certs.d.5.md
|
|
Source7: %{github_containers}/image/%{image_branch}/docs/containers-policy.json.5.md
|
|
Source8: %{github_containers}/image/%{image_branch}/docs/containers-registries.conf.5.md
|
|
Source9: %{github_containers}/image/%{image_branch}/docs/containers-registries.conf.d.5.md
|
|
Source10: %{github_containers}/image/%{image_branch}/docs/containers-registries.d.5.md
|
|
Source11: %{github_containers}/image/%{image_branch}/docs/containers-signature.5.md
|
|
Source12: %{github_containers}/image/%{image_branch}/docs/containers-transports.5.md
|
|
Source13: %{github_containers}/image/%{image_branch}/registries.conf
|
|
Source14: %{github_containers}/common/%{common_branch}/docs/containers-mounts.conf.5.md
|
|
Source15: %{github_containers}/shortnames/%{shortnames_branch}/shortnames.conf
|
|
Source16: %{github_containers}/skopeo/%{skopeo_branch}/default.yaml
|
|
Source17: %{github_containers}/skopeo/%{skopeo_branch}/default-policy.json
|
|
Source18: %{github_containers}/storage/%{storage_branch}/docs/containers-storage.conf.5.md
|
|
Source19: %{github_containers}/storage/%{storage_branch}/storage.conf
|
|
Source20: RPM-GPG-KEY-redhat-release
|
|
Source21: registry.access.redhat.com.yaml
|
|
Source22: registry.redhat.io.yaml
|
|
Source23: %{github_containers}/common/%{common_branch}/docs/Containerfile.5.md
|
|
Source24: %{github_containers}/common/%{common_branch}/docs/containerignore.5.md
|
|
Source25: %{github_containers}/common/%{common_branch}/docs/links/.containerignore.5
|
|
|
|
%description
|
|
This package contains common configuration files and documentation for container
|
|
tools ecosystem, such as Podman, Buildah and Skopeo.
|
|
|
|
It is required because the most of configuration files and docs come from projects
|
|
which are vendored into Podman, Buildah, Skopeo, etc. but they are not packaged
|
|
separately.
|
|
|
|
%package extra
|
|
Summary: Extra dependencies for Podman and Buildah
|
|
Requires: %{name} = %{epoch}:%{version}-%{release}
|
|
Requires: container-network-stack
|
|
Requires: oci-runtime
|
|
Recommends: crun
|
|
Requires: (crun if fedora-release-identity-server)
|
|
Recommends: netavark
|
|
Requires: (netavark if fedora-release-identity-server)
|
|
Recommends: slirp4netns
|
|
Requires: (slirp4netns if fedora-release-identity-server)
|
|
Requires: iptables
|
|
Requires: nftables
|
|
Suggests: containernetworking-plugins >= 0.9.1-1
|
|
Suggests: qemu-user-static
|
|
Recommends: qemu-user-static
|
|
Requires: (qemu-user-static-aarch64 if fedora-release-identity-server)
|
|
Requires: (qemu-user-static-arm if fedora-release-identity-server)
|
|
Requires: (qemu-user-static-x86 if fedora-release-identity-server)
|
|
|
|
%description extra
|
|
This subpackage will handle dependencies common to Podman and Buildah which are
|
|
not required by Skopeo.
|
|
|
|
%prep
|
|
cp %{SOURCE1} .
|
|
cp %{SOURCE2} .
|
|
cp %{SOURCE3} .
|
|
cp %{SOURCE4} .
|
|
cp %{SOURCE5} .
|
|
cp %{SOURCE6} .
|
|
cp %{SOURCE7} .
|
|
cp %{SOURCE8} .
|
|
cp %{SOURCE9} .
|
|
cp %{SOURCE10} .
|
|
cp %{SOURCE11} .
|
|
cp %{SOURCE12} .
|
|
cp %{SOURCE13} .
|
|
cp %{SOURCE14} .
|
|
cp %{SOURCE15} 000-shortnames.conf
|
|
cp %{SOURCE16} .
|
|
cp %{SOURCE17} policy.json
|
|
cp %{SOURCE18} .
|
|
cp %{SOURCE19} .
|
|
cp %{SOURCE20} .
|
|
cp %{SOURCE21} .
|
|
cp %{SOURCE22} .
|
|
cp %{SOURCE23} .
|
|
cp %{SOURCE24} .
|
|
cp %{SOURCE25} .
|
|
|
|
%if 0%{?rhel} <= 8
|
|
sed -i 's/log_driver = "journald"/#log_driver = "journald"/' containers.conf
|
|
%endif
|
|
|
|
%build
|
|
mkdir -p man5
|
|
for FILE in $(ls *.5.md); do
|
|
go-md2man -in $FILE -out man5/$(basename $FILE .md)
|
|
done
|
|
|
|
cp man5/containerignore.5 man5/.containerignore.5
|
|
|
|
%install
|
|
# install config and policy files for registries
|
|
install -dp %{buildroot}%{_sysconfdir}/containers/{certs.d,oci/hooks.d,systemd}
|
|
install -dp %{buildroot}%{_sharedstatedir}/containers/sigstore
|
|
install -dp %{buildroot}%{_datadir}/containers/systemd
|
|
install -Dp -m0644 default.yaml -t %{buildroot}%{_sysconfdir}/containers/registries.d
|
|
install -Dp -m0644 storage.conf -t %{buildroot}%{_datadir}/containers
|
|
install -Dp -m0644 registries.conf -t %{buildroot}%{_sysconfdir}/containers
|
|
install -Dp -m0644 000-shortnames.conf -t %{buildroot}%{_sysconfdir}/containers/registries.conf.d
|
|
install -Dp -m0644 policy.json -t %{buildroot}%{_sysconfdir}/containers
|
|
# RPM-GPG-KEY-redhat-release already exists on rhel envs, install only on
|
|
# fedora and centos
|
|
%if 0%{?fedora} || 0%{?centos}
|
|
install -Dp -m0644 RPM-GPG-KEY-redhat-release -t %{buildroot}%{_sysconfdir}/pki/rpm-gpg
|
|
%endif
|
|
install -Dp -m0644 registry.access.redhat.com.yaml -t %{buildroot}%{_sysconfdir}/containers/registries.d
|
|
install -Dp -m0644 registry.redhat.io.yaml -t %{buildroot}%{_sysconfdir}/containers/registries.d
|
|
|
|
|
|
# install manpages
|
|
for FILE in $(ls -a man5 | grep 5); do
|
|
install -Dp -m0644 man5/$FILE -t %{buildroot}%{_mandir}/man5
|
|
done
|
|
|
|
# install config files for mounts, containers and seccomp
|
|
install -m0644 mounts.conf %{buildroot}%{_datadir}/containers/mounts.conf
|
|
install -m0644 seccomp.json %{buildroot}%{_datadir}/containers/seccomp.json
|
|
install -m0644 containers.conf %{buildroot}%{_datadir}/containers/containers.conf
|
|
|
|
# install secrets patch directory
|
|
install -d -p -m 755 %{buildroot}/%{_datadir}/rhel/secrets
|
|
# rhbz#1110876 - update symlinks for subscription management
|
|
ln -s ../../../..%{_sysconfdir}/pki/entitlement %{buildroot}%{_datadir}/rhel/secrets/etc-pki-entitlement
|
|
ln -s ../../../..%{_sysconfdir}/rhsm %{buildroot}%{_datadir}/rhel/secrets/rhsm
|
|
ln -s ../../../..%{_sysconfdir}/yum.repos.d/redhat.repo %{buildroot}%{_datadir}/rhel/secrets/redhat.repo
|
|
|
|
%files
|
|
%dir %{_sysconfdir}/containers
|
|
%dir %{_sysconfdir}/containers/certs.d
|
|
%dir %{_sysconfdir}/containers/oci
|
|
%dir %{_sysconfdir}/containers/oci/hooks.d
|
|
%dir %{_sysconfdir}/containers/registries.conf.d
|
|
%dir %{_sysconfdir}/containers/registries.d
|
|
%dir %{_sysconfdir}/containers/systemd
|
|
%config(noreplace) %{_sysconfdir}/containers/policy.json
|
|
%config(noreplace) %{_sysconfdir}/containers/registries.conf
|
|
%config(noreplace) %{_sysconfdir}/containers/registries.conf.d/000-shortnames.conf
|
|
%if 0%{?fedora} || 0%{?centos}
|
|
%{_sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
|
|
%endif
|
|
%config(noreplace) %{_sysconfdir}/containers/registries.d/default.yaml
|
|
%{_sysconfdir}/containers/registries.d/registry.redhat.io.yaml
|
|
%{_sysconfdir}/containers/registries.d/registry.access.redhat.com.yaml
|
|
%ghost %{_sysconfdir}/containers/storage.conf
|
|
%ghost %{_sysconfdir}/containers/containers.conf
|
|
%dir %{_sharedstatedir}/containers/sigstore
|
|
%{_mandir}/man5/Containerfile.5.gz
|
|
%{_mandir}/man5/containerignore.5.gz
|
|
%{_mandir}/man5/.containerignore.5.gz
|
|
%{_mandir}/man5/containers*.5.gz
|
|
%dir %{_datadir}/containers
|
|
%dir %{_datadir}/containers/systemd
|
|
%{_datadir}/containers/storage.conf
|
|
%{_datadir}/containers/containers.conf
|
|
%{_datadir}/containers/mounts.conf
|
|
%{_datadir}/containers/seccomp.json
|
|
%dir %{_datadir}/rhel/secrets
|
|
%{_datadir}/rhel/secrets/*
|
|
|
|
%files extra
|
|
|
|
%changelog
|
|
%autochangelog
|