add helper scripts to SRPM, fix perms on upgrade, update changelog
This commit is contained in:
Andreas Gerstmayr
parent
09156edf8f
commit
365729b038
@ -6,11 +6,11 @@ The grafana package
|
|||||||
|
|
||||||
* update `Version` and `%changelog` in the specfile
|
* update `Version` and `%changelog` in the specfile
|
||||||
* download source tarball and create webpack: `./make_grafana_webpack.sh X.Y.Z`
|
* download source tarball and create webpack: `./make_grafana_webpack.sh X.Y.Z`
|
||||||
* update golang buildrequires: `./scripts/list_go_buildrequires.sh grafana-X.Y.Z` and replace the old golang `BuildRequires:` with the new ones
|
* update golang buildrequires: `./list_go_buildrequires.sh grafana-X.Y.Z` and replace the old golang `BuildRequires:` with the new ones
|
||||||
* update nodejs provides: `./scripts/list_bundled_nodejs_packages.py grafana-X.Y.Z` and replace the old nodejs `Provides:` with the new ones
|
* update nodejs provides: `./list_bundled_nodejs_packages.py grafana-X.Y.Z` and replace the old nodejs `Provides:` with the new ones
|
||||||
* check if the default configuration has changed: `diff grafana-X.Y.Z/conf/defaults.ini distro-defaults.ini` and update `distro-defaults.ini` if necessary
|
* check if the default configuration has changed: `diff grafana-X.Y.Z/conf/defaults.ini distro-defaults.ini` and update `distro-defaults.ini` if necessary
|
||||||
* install all new golang build dependencies: `sudo dnf builddep grafana.spec` and create packages for missing dependencies
|
* install all new golang build dependencies: `sudo dnf builddep grafana.spec` and create packages for missing dependencies
|
||||||
* run local build: `rpkg local`, and if any patches fail, update them accordingly
|
* run local build: `rpkg local`, and if any patches fail, update them accordingly
|
||||||
* run rpm linter: `rpkg lint`
|
* run rpm linter: `rpkg lint`
|
||||||
* run local builds with different OS versions: `./scripts/run_container_build.sh version` (place not yet published dependencies in the `deps/` directory)
|
* run local builds with different OS versions: `./run_container_build.sh version` (place not yet published dependencies in the `deps/` directory)
|
||||||
* run a scratch build: `fedpkg scratch-build --srpm`
|
* run a scratch build: `fedpkg scratch-build --srpm`
|
||||||
|
|||||||
37
grafana.spec
37
grafana.spec
@ -27,11 +27,18 @@ Source0: https://github.com/grafana/grafana/archive/v%{version}/%{name}
|
|||||||
# Source1 contains the front-end javascript modules bundled into a webpack
|
# Source1 contains the front-end javascript modules bundled into a webpack
|
||||||
Source1: grafana_webpack-%{version}.tar.gz
|
Source1: grafana_webpack-%{version}.tar.gz
|
||||||
|
|
||||||
# Source2 is the script to create the above webpack from grafana sources
|
# Source2 contains Grafana configuration defaults for distributions
|
||||||
Source2: make_grafana_webpack.sh
|
Source2: distro-defaults.ini
|
||||||
|
|
||||||
|
# Source3 is the script to create the webpack from grafana sources
|
||||||
|
Source3: make_grafana_webpack.sh
|
||||||
|
|
||||||
|
# Source4 is the script to generate the list of Go build dependencies:
|
||||||
|
Source4: list_go_buildrequires.sh
|
||||||
|
|
||||||
|
# Source5 is the script to generate the list of bundled nodejs packages
|
||||||
|
Source5: list_bundled_nodejs_packages.py
|
||||||
|
|
||||||
# Source3 contains Grafana configuration defaults for distributions
|
|
||||||
Source3: distro-defaults.ini
|
|
||||||
|
|
||||||
# Patches
|
# Patches
|
||||||
Patch1: 001-login-oauth-use-oauth2-exchange.patch
|
Patch1: 001-login-oauth-use-oauth2-exchange.patch
|
||||||
@ -59,7 +66,7 @@ ExclusiveArch: %{grafana_arches}
|
|||||||
%{?systemd_requires}
|
%{?systemd_requires}
|
||||||
Requires(pre): shadow-utils
|
Requires(pre): shadow-utils
|
||||||
|
|
||||||
BuildRequires: git, systemd, golang, go-srpm-macros go-rpm-macros
|
BuildRequires: git, systemd, golang, go-srpm-macros, go-rpm-macros
|
||||||
|
|
||||||
Recommends: grafana-cloudwatch = %{version}-%{release}
|
Recommends: grafana-cloudwatch = %{version}-%{release}
|
||||||
Recommends: grafana-elasticsearch = %{version}-%{release}
|
Recommends: grafana-elasticsearch = %{version}-%{release}
|
||||||
@ -355,11 +362,14 @@ The Grafana stackdriver datasource.
|
|||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
%patch3 -p1
|
%patch3 -p1
|
||||||
%patch4 -p1
|
%patch4 -p1
|
||||||
%patch5 -p1
|
|
||||||
%patch6 -p1
|
%patch6 -p1
|
||||||
|
|
||||||
|
%if 0%{?unbundle_vendor_sources}
|
||||||
|
%patch5 -p1
|
||||||
%patch7 -p1
|
%patch7 -p1
|
||||||
%patch8 -p1
|
%patch8 -p1
|
||||||
%patch9 -p1
|
%patch9 -p1
|
||||||
|
%endif
|
||||||
|
|
||||||
# Set up build subdirs and links
|
# Set up build subdirs and links
|
||||||
mkdir -p %{_builddir}/src/github.com/grafana
|
mkdir -p %{_builddir}/src/github.com/grafana
|
||||||
@ -429,9 +439,9 @@ install -d %{buildroot}%{_sysconfdir}/%{name}
|
|||||||
install -d %{buildroot}%{_sysconfdir}/sysconfig
|
install -d %{buildroot}%{_sysconfdir}/sysconfig
|
||||||
|
|
||||||
# config defaults
|
# config defaults
|
||||||
install -p -m 640 %{SOURCE3} %{buildroot}%{_sysconfdir}/%{name}/grafana.ini
|
install -p -m 640 %{SOURCE2} %{buildroot}%{_sysconfdir}/%{name}/grafana.ini
|
||||||
install -p -m 640 conf/ldap.toml %{buildroot}%{_sysconfdir}/%{name}/ldap.toml
|
install -p -m 640 conf/ldap.toml %{buildroot}%{_sysconfdir}/%{name}/ldap.toml
|
||||||
install -p -m 644 %{SOURCE3} %{buildroot}%{_datadir}/%{name}/conf/defaults.ini
|
install -p -m 644 %{SOURCE2} %{buildroot}%{_datadir}/%{name}/conf/defaults.ini
|
||||||
install -p -m 644 packaging/rpm/sysconfig/grafana-server \
|
install -p -m 644 packaging/rpm/sysconfig/grafana-server \
|
||||||
%{buildroot}%{_sysconfdir}/sysconfig/grafana-server
|
%{buildroot}%{_sysconfdir}/sysconfig/grafana-server
|
||||||
|
|
||||||
@ -481,6 +491,10 @@ if [ -f %{_sharedstatedir}/%{name}/grafana.db ]; then
|
|||||||
chmod 640 %{_sharedstatedir}/%{name}/grafana.db
|
chmod 640 %{_sharedstatedir}/%{name}/grafana.db
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# required for upgrades
|
||||||
|
chmod 640 %{_sysconfdir}/%{name}/grafana.ini
|
||||||
|
chmod 640 %{_sysconfdir}/%{name}/ldap.toml
|
||||||
|
|
||||||
%postun
|
%postun
|
||||||
%systemd_postun_with_restart grafana-server.service
|
%systemd_postun_with_restart grafana-server.service
|
||||||
|
|
||||||
@ -609,11 +623,10 @@ export GO111MODULE=off
|
|||||||
- set Grafana version in Grafana UI and grafana-cli --version
|
- set Grafana version in Grafana UI and grafana-cli --version
|
||||||
- declare README.md as documentation of datasource plugins
|
- declare README.md as documentation of datasource plugins
|
||||||
- create grafana.db on first installation (fixes RH BZ #1805472)
|
- create grafana.db on first installation (fixes RH BZ #1805472)
|
||||||
- change permissions of /var/lib/grafana to 750
|
- change permissions of /var/lib/grafana to 750 (CVE-2020-12458)
|
||||||
- change permissions of /var/lib/grafana/grafana.db to 640 and
|
- change permissions of /var/lib/grafana/grafana.db to 640 and
|
||||||
user/group grafana:grafana
|
user/group grafana:grafana (CVE-2020-12458)
|
||||||
- change permissions of grafana.ini and ldap.toml to 640
|
- change permissions of grafana.ini and ldap.toml to 640 (CVE-2020-12459)
|
||||||
(contains secret_key/bind_password)
|
|
||||||
|
|
||||||
* Wed Feb 26 2020 Mark Goodwin <mgoodwin@redhat.com> 6.6.2-1
|
* Wed Feb 26 2020 Mark Goodwin <mgoodwin@redhat.com> 6.6.2-1
|
||||||
- added patch0 to set the version string correctly
|
- added patch0 to set the version string correctly
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user