From b0a59dbcbf8e047e29081a624a7d7e0450a14254 Mon Sep 17 00:00:00 2001 From: Antonio Murdaca Date: Tue, 26 Nov 2024 16:02:11 +0100 Subject: [PATCH] Update to 0.5.1 upstream release Upstream tag: v0.5.1 Upstream commit: 418eab5f Commit authored by Packit automation (https://packit.dev/) Resolves: RHEL-69267 Signed-off-by: Antonio Murdaca --- .packit.yaml | 99 +++++++++++++++++++ ...-git-fork-for-aws-nitro-enclaves-cos.patch | 22 ++--- README.packit | 3 + fido-device-onboard.spec | 88 +++++++++++++++-- sources | 4 +- 5 files changed, 193 insertions(+), 23 deletions(-) create mode 100644 .packit.yaml create mode 100644 README.packit diff --git a/.packit.yaml b/.packit.yaml new file mode 100644 index 0000000..b9278be --- /dev/null +++ b/.packit.yaml @@ -0,0 +1,99 @@ +--- +# https://packit.dev/docs/configuration/ + +specfile_path: fido-device-onboard.spec + +files_to_sync: + - src: + - patches/0001-Revert-chore-use-git-fork-for-aws-nitro-enclaves-cos.patch + - .packit.yaml + - fido-device-onboard.spec + - "fido-device-onboard-rs-*-vendor-patched.tar.xz" + dest: . + +upstream_package_name: fido-device-onboard +downstream_package_name: fido-device-onboard + +upstream_tag_template: v{version} +copy_upstream_release_description: true + +srpm_build_deps: + - cargo + - openssl-devel + +packages: + fido-device-onboard-fedora: + downstream_package_name: fido-device-onboard + upstream_package_name: fido-device-onboard + fido-device-onboard-centos: + downstream_package_name: fido-device-onboard + upstream_package_name: fido-device-onboard + pkg_tool: centpkg + +actions: + pre-sync: + - bash -c "./make-vendored-tarfile.sh ${PACKIT_PROJECT_VERSION}" + - bash -c "git restore Cargo.lock" + create-archive: + - bash -c "cp ./patches/0001-Revert-chore-use-git-fork-for-aws-nitro-enclaves-cos.patch ." + - bash -c "git archive --prefix=fido-device-onboard-rs-${PACKIT_PROJECT_VERSION}/ --format=tar HEAD > fido-device-onboard-rs-${PACKIT_PROJECT_VERSION}.tar" + - bash -c "./make-vendored-tarfile.sh ${PACKIT_PROJECT_VERSION}" + - bash -c "tar -xvf fido-device-onboard-rs-${PACKIT_PROJECT_VERSION}.tar" + - bash -c "ls -1 ./fido-device-onboard-rs-${PACKIT_PROJECT_VERSION}.tar" + +jobs: + - &fdo_copr_build + job: copr_build + trigger: pull_request + targets: + centos-stream-9: {} + fedora-latest-stable: {} + fedora-latest: {} + fedora-rawhide: {} + + - job: tests + trigger: pull_request + identifier: onboarding + fmf_path: test/fmf + tmt_plan: plans/onboarding + targets: + centos-stream-9: {} + fedora-latest-stable: {} + fedora-latest: {} + fedora-rawhide: {} + + - job: sync_from_downstream + trigger: commit + + - job: propose_downstream + trigger: release + packages: [fido-device-onboard-fedora] + dist_git_branches: + - fedora-development + - fedora-latest-stable + + - job: propose_downstream + trigger: release + packages: [fido-device-onboard-centos] + dist_git_branches: + - c10s + - c9s + + - job: koji_build + trigger: commit + dist_git_branches: + - fedora-development + - fedora-latest-stable + + - job: bodhi_update + trigger: commit + dist_git_branches: + - fedora-development + - fedora-latest-stable + + - <<: *fdo_copr_build + trigger: commit + branch: main + owner: "@fedora-iot" # copr repo namespace + project: fedora-iot # copr repo name so you can consume the builds +... diff --git a/0001-Revert-chore-use-git-fork-for-aws-nitro-enclaves-cos.patch b/0001-Revert-chore-use-git-fork-for-aws-nitro-enclaves-cos.patch index 722d680..5b2ea36 100644 --- a/0001-Revert-chore-use-git-fork-for-aws-nitro-enclaves-cos.patch +++ b/0001-Revert-chore-use-git-fork-for-aws-nitro-enclaves-cos.patch @@ -1,16 +1,16 @@ -From d9554495b54d1f150a85f4e329412ff62728d9c7 Mon Sep 17 00:00:00 2001 -From: Peter Robinson -Date: Thu, 15 Feb 2024 12:06:44 +0000 +From f1b53d4bdac4ab889eb084111f395d418945ed07 Mon Sep 17 00:00:00 2001 +From: Antonio Murdaca +Date: Mon, 25 Nov 2024 12:30:52 +0100 Subject: [PATCH] Revert "chore: use git fork for aws-nitro-enclaves-cose" This reverts commit 1ea09e88baee3c47cdc76902f0034d553207d515. --- data-formats/Cargo.toml | 2 +- http-wrapper/Cargo.toml | 2 +- - 3 files changed, 4 insertions(+), 3 deletions(-) + 2 files changed, 2 insertions(+), 2 deletions(-) -Sdiff --git a/data-formats/Cargo.toml b/data-formats/Cargo.toml -index 714fc55..6d00eb4 100644 +diff --git a/data-formats/Cargo.toml b/data-formats/Cargo.toml +index 83979e1..c8ae80f 100644 --- a/data-formats/Cargo.toml +++ b/data-formats/Cargo.toml @@ -17,7 +17,7 @@ serde_cbor = "0.11" @@ -23,18 +23,18 @@ index 714fc55..6d00eb4 100644 num-traits = "0.2" num-derive = "0.3" diff --git a/http-wrapper/Cargo.toml b/http-wrapper/Cargo.toml -index 5d4999c..7b98097 100644 +index 0decb0c..70fcf41 100644 --- a/http-wrapper/Cargo.toml +++ b/http-wrapper/Cargo.toml -@@ -20,7 +20,7 @@ openssl = "0.10.60" +@@ -20,7 +20,7 @@ openssl = "0.10.66" - fdo-data-formats = { path = "../data-formats", version = "0.5.0" } - fdo-store = { path = "../store", version = "0.5.0" } + fdo-data-formats = { path = "../data-formats", version = "0.5.1" } + fdo-store = { path = "../store", version = "0.5.1" } -aws-nitro-enclaves-cose = { git = "https://github.com/nullr0ute/aws-nitro-enclaves-cose/", rev = "e3938e60d9051690569d1e4fcbe1c0c99d2fafa8" } +aws-nitro-enclaves-cose = "0.4.0" # Server-side uuid = { version = "1.3", features = ["v4"], optional = true } -- -2.43.1 +2.47.0 diff --git a/README.packit b/README.packit new file mode 100644 index 0000000..72e3769 --- /dev/null +++ b/README.packit @@ -0,0 +1,3 @@ +This repository is maintained by packit. +https://packit.dev/ +The file was generated using packit 0.102.2. diff --git a/fido-device-onboard.spec b/fido-device-onboard.spec index 43472af..468f652 100644 --- a/fido-device-onboard.spec +++ b/fido-device-onboard.spec @@ -3,8 +3,8 @@ %global combined_license Apache-2.0 AND (Apache-2.0 OR BSL-1.0) AND (Apache-2.0 OR ISC OR MIT) AND (Apache-2.0 OR MIT) AND ((Apache-2.0 OR MIT) AND BSD-3-Clause) AND (Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT) AND BSD-2-Clause AND BSD-3-Clause AND (CC0-1.0 OR Apache-2.0) AND (CC0-1.0 OR MIT-0 OR Apache-2.0) AND ISC AND MIT AND ((MIT OR Apache-2.0) AND Unicode-DFS-2016) AND (Apache-2.0 OR MIT OR Zlib) AND MPL-2.0 AND (Unlicense OR MIT) Name: fido-device-onboard -Version: 0.5.0 -Release: 4%{?dist} +Version: 0.5.1 +Release: 1%{?dist} Summary: A rust implementation of the FIDO Device Onboard Specification License: BSD-3-Clause @@ -13,7 +13,6 @@ Source0: %{url}/archive/v%{version}/%{name}-rs-%{version}.tar.gz # See make-vendored-tarfile.sh in upstream repo Source1: %{name}-rs-%{version}-vendor-patched.tar.xz Patch1: 0001-Revert-chore-use-git-fork-for-aws-nitro-enclaves-cos.patch -Patch2: 0002-Fix-systemd-units-run-before-poweroff.patch # Because nobody cares ExcludeArch: %{ix86} @@ -37,13 +36,19 @@ BuildRequires: libpq-devel %{summary}. %prep -%setup -q -n %{name}-rs-%{version} -# general patches should go here -%autopatch -p1 %if 0%{?rhel} -%cargo_prep -V 1 +%autosetup -p1 -a1 -n %{name}-rs-%{version} +rm -f Cargo.lock +%if 0%{?rhel} >= 10 +%cargo_prep -v vendor %else +%cargo_prep -V 1 +%endif +%endif + +%if 0%{?fedora} +%autosetup -p1 -n %{name}-rs-%{version} %cargo_prep %generate_buildrequires %cargo_generate_buildrequires -a @@ -55,6 +60,9 @@ BuildRequires: libpq-devel %{?cargo_license_summary} %{?cargo_license} > LICENSE.dependencies +%if 0%{?rhel} >= 10 +%cargo_vendor_manifest +%endif %install install -D -m 0755 -t %{buildroot}%{_libexecdir}/fdo target/release/fdo-client-linuxapp @@ -75,8 +83,9 @@ install -D -m 0644 -t %{buildroot}%{_docdir}/fdo/migrations/migrations_owner_onb install -D -m 0644 -t %{buildroot}%{_docdir}/fdo/migrations/migrations_rendezvous_server_postgres migrations/migrations_rendezvous_server_postgres/2023-10-03-152801_create_db/* install -D -m 0644 -t %{buildroot}%{_docdir}/fdo/migrations/migrations_rendezvous_server_sqlite migrations/migrations_rendezvous_server_sqlite/2023-10-03-152801_create_db/* # duplicates as needed by AIO command so link them -ln -s %{_bindir}/fdo-owner-tool %{buildroot}%{_libexecdir}/fdo/fdo-owner-tool -ln -s %{_bindir}/fdo-admin-tool %{buildroot}%{_libexecdir}/fdo/fdo-admin-tool +mkdir -p %{buildroot}%{_bindir} +ln -sr %{buildroot}%{_bindir}/fdo-owner-tool %{buildroot}%{_libexecdir}/fdo/fdo-owner-tool +ln -sr %{buildroot}%{_bindir}/fdo-admin-tool %{buildroot}%{_libexecdir}/fdo/fdo-admin-tool # Create directories needed by the various services so we own them mkdir -p %{buildroot}%{_sysconfdir}/fdo mkdir -p %{buildroot}%{_sysconfdir}/fdo/keys @@ -109,6 +118,9 @@ Requires: dracut %files -n fdo-init %license LICENSE LICENSE.dependencies +%if 0%{?rhel} >= 10 +%license cargo-vendor.txt +%endif %{dracutlibdir}/modules.d/52fdo/ %{_libexecdir}/fdo/fdo-manufacturing-client @@ -121,6 +133,9 @@ Requires: openssl-libs >= 3.0.1-12 %files -n fdo-owner-onboarding-server %license LICENSE LICENSE.dependencies +%if 0%{?rhel} >= 10 +%license cargo-vendor.txt +%endif %dir %{_sysconfdir}/fdo %dir %{_sysconfdir}/fdo/keys %dir %{_sysconfdir}/fdo/owner-onboarding-server.conf.d @@ -161,6 +176,9 @@ License: %combined_license %files -n fdo-rendezvous-server %license LICENSE LICENSE.dependencies +%if 0%{?rhel} >= 10 +%license cargo-vendor.txt +%endif %dir %{_sysconfdir}/fdo %dir %{_sysconfdir}/fdo/keys %dir %{_sysconfdir}/fdo/rendezvous-server.conf.d @@ -193,13 +211,16 @@ Requires: openssl-libs >= 3.0.1-12 %files -n fdo-manufacturing-server %license LICENSE LICENSE.dependencies +%if 0%{?rhel} >= 10 +%license cargo-vendor.txt +%endif %dir %{_sysconfdir}/fdo %dir %{_sysconfdir}/fdo/keys %dir %{_sysconfdir}/fdo/manufacturing-server.conf.d -%dir %{_sysconfdir}/fdo/keys %dir %{_sysconfdir}/fdo/stores %dir %{_sysconfdir}/fdo/stores/manufacturer_keys %dir %{_sysconfdir}/fdo/stores/manufacturing_sessions +%dir %{_sysconfdir}/fdo/stores/owner_vouchers %{_libexecdir}/fdo/fdo-manufacturing-server %dir %{_localstatedir}/lib/fdo %dir %{_docdir}/fdo @@ -229,6 +250,9 @@ Requires: cryptsetup %{summary} %files -n fdo-client +%if 0%{?rhel} >= 10 +%license cargo-vendor.txt +%endif %license LICENSE LICENSE.dependencies %{_libexecdir}/fdo/fdo-client-linuxapp %{_unitdir}/fdo-client-linuxapp.service @@ -249,6 +273,9 @@ License: %combined_license %{summary} %files -n fdo-owner-cli +%if 0%{?rhel} >= 10 +%license cargo-vendor.txt +%endif %license LICENSE LICENSE.dependencies %{_bindir}/fdo-owner-tool %{_libexecdir}/fdo/fdo-owner-tool @@ -266,6 +293,9 @@ Requires: fdo-init = %{version}-%{release} %{summary} %files -n fdo-admin-cli +%if 0%{?rhel} >= 10 +%license cargo-vendor.txt +%endif %license LICENSE LICENSE.dependencies %dir %{_sysconfdir}/fdo %dir %{_sysconfdir}/fdo/keys @@ -283,6 +313,44 @@ Requires: fdo-init = %{version}-%{release} %systemd_postun_with_restart fdo-aio.service %changelog +* Tue Nov 26 2024 Antonio Murdaca - 0.5.1-1 +## What's Changed + * chore: update patch for new release by @nullr0ute in https://github.com/fdo-rs/fido-device-onboard-rs/pull/625 + * chore: fix require error with commitlint by @miabbott in https://github.com/fdo-rs/fido-device-onboard-rs/pull/636 + * fix(license): replace space with - in Apache 2.0 by @7flying in https://github.com/fdo-rs/fido-device-onboard-rs/pull/632 + * fix(data-formats): use serde_tuple serializer for error messages by @mmartinv in https://github.com/fdo-rs/fido-device-onboard-rs/pull/629 + * fix: cargo test for non-root users by @mmartinv in https://github.com/fdo-rs/fido-device-onboard-rs/pull/635 + * fix(get_current_user_name): remove trailing whitespaces. by @mmartinv in https://github.com/fdo-rs/fido-device-onboard-rs/pull/638 + * chore: bump mio from 0.8.10 to 0.8.11 by @dependabot in https://github.com/fdo-rs/fido-device-onboard-rs/pull/640 + * fix: vendored tarfile creation by @mmartinv in https://github.com/fdo-rs/fido-device-onboard-rs/pull/634 + * fix: static-mut-refs warning by @7flying in https://github.com/fdo-rs/fido-device-onboard-rs/pull/651 + * Enable CentOS 9 builds and add Testing Farm e2e tests by @mmartinv in https://github.com/fdo-rs/fido-device-onboard-rs/pull/650 + * Add an OV re-registration window option when using DB storage by @7flying in https://github.com/fdo-rs/fido-device-onboard-rs/pull/643 + * chore: bump pem from 2.0.1 to 3.0.3 by @dependabot in https://github.com/fdo-rs/fido-device-onboard-rs/pull/639 + * chore: bump h2 from 0.3.25 to 0.3.26 by @dependabot in https://github.com/fdo-rs/fido-device-onboard-rs/pull/659 + * feat: verify trusted manufacturers by @mmartinv in https://github.com/fdo-rs/fido-device-onboard-rs/pull/656 + * database enhancements by @runcom in https://github.com/fdo-rs/fido-device-onboard-rs/pull/666 + * chore: bump openssl to 0.10.66 by @7flying in https://github.com/fdo-rs/fido-device-onboard-rs/pull/664 + * chore(store): make the store OVs agnostic by @runcom in https://github.com/fdo-rs/fido-device-onboard-rs/pull/671 + * feat(manufacturing-server): implement an export OVs endpoint by @runcom in https://github.com/fdo-rs/fido-device-onboard-rs/pull/673 + * fix(systemd-units): run before powering off the system by @mmartinv in https://github.com/fdo-rs/fido-device-onboard-rs/pull/676 + * fix(dracut): use isolate on error in the manufacturing-client service by @mmartinv in https://github.com/fdo-rs/fido-device-onboard-rs/pull/678 + * fix(systemd-generator): write configuration to '/run' by @mmartinv in https://github.com/fdo-rs/fido-device-onboard-rs/pull/677 + * fix(owner-tool): use the new API to export ovs by @runcom in https://github.com/fdo-rs/fido-device-onboard-rs/pull/675 + * chore: update diesel to 2.2.3 by @7flying in https://github.com/fdo-rs/fido-device-onboard-rs/pull/669 + * chore: bump reqwest from 0.11.27 to 0.12.7 by @dependabot in https://github.com/fdo-rs/fido-device-onboard-rs/pull/683 + * fix: use centos-stream-9 target instead of epel-9 by @mmartinv in https://github.com/fdo-rs/fido-device-onboard-rs/pull/687 + * enhance onboarding testing by @mmartinv in https://github.com/fdo-rs/fido-device-onboard-rs/pull/681 + * ci: add konflux test cases by @yih-redhat in https://github.com/fdo-rs/fido-device-onboard-rs/pull/688 + * fix(make-vendored-tarfile.sh): exclude idna tests with unicode points by @runcom in https://github.com/fdo-rs/fido-device-onboard-rs/pull/692 + * chore: bump for 0.5.1 by @runcom in https://github.com/fdo-rs/fido-device-onboard-rs/pull/693 + +## New Contributors + * @miabbott made their first contribution in https://github.com/fdo-rs/fido-device-onboard-rs/pull/636 + * @yih-redhat made their first contribution in https://github.com/fdo-rs/fido-device-onboard-rs/pull/688 + + **Full Changelog**: https://github.com/fdo-rs/fido-device-onboard-rs/compare/v0.5.0...v0.5.1 + * Thu Oct 03 2024 Miguel Martín - 0.5.0-4 - Apply all the patches in the spec diff --git a/sources b/sources index 77dbad0..d708207 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (fido-device-onboard-rs-0.5.0.tar.gz) = 85609460b18b6b4d7f6623730f0f9b925d7d7cd4a75addd28dae61e58ce13337b9ad48355c8a05d359776553876b118bef2a0eaa347331af22817e434200cfef -SHA512 (fido-device-onboard-rs-0.5.0-vendor-patched.tar.xz) = 8975236217348aed08754c60e31064f38ecfdeb36e046a076d2c0993f5f840f50f39b49e5488dc69192e73c95eb7265d57eda7c41275852b8bd5864c8781b775 +SHA512 (fido-device-onboard-rs-0.5.1.tar.gz) = 6c8be6355cb8a4fc002ce3fcedda5b9337d384b70d966c85e7f6a111bf51445b2563190f747595c12ca1f46de3f56206fa4217ff6d1998b5540a35c3ddf374ea +SHA512 (fido-device-onboard-rs-0.5.1-vendor-patched.tar.xz) = d4f9499994554e8aee47e49a631acf4b533940ce2b67eec18008710b3d871be87866224ac358e3b91c8c2280c15499f8144e8706794e53c2d27c497b3fc49c27