Metrics dashboard and graph editor
Go to file
2024-05-04 09:31:37 +02:00
.github/workflows update to upstream Grafana 7.5.15, resolve CVE-2021-23648 and CVE-2022-21698 2022-04-22 14:29:58 +02:00
.gitignore update to upstream version 7.5.10 2021-09-30 18:17:18 +02:00
0001-update-grafana-cli-script-with-distro-specific-paths.patch Resolves: RHEL-31246 2024-04-02 13:09:11 -04:00
0002-add-manpages.patch Resolves: RHEL-31246 2024-04-02 13:09:11 -04:00
0003-update-default-configuration.patch Resolves: RHEL-31246 2024-04-02 13:09:11 -04:00
0004-remove-unused-backend-dependencies.patch Resolves: RHEL-31246 2024-04-02 13:09:11 -04:00
0005-remove-unused-frontend-crypto.patch Resolves: RHEL-31246 2024-04-02 13:09:11 -04:00
0006-skip-marketplace-plugin-install-test.patch Resolves: RHEL-31246 2024-04-02 13:09:11 -04:00
0007-redact-weak-ciphers.patch Resolves: RHEL-31246 2024-04-02 13:09:11 -04:00
0008-replace-faulty-slices-sort.patch Resolves: RHEL-31246 2024-04-02 13:09:11 -04:00
0009-update-wrappers-and-systemd-with-distro-paths.patch Resolves: RHEL-31246 2024-04-02 13:09:11 -04:00
0010-remove-bcrypt-references.patch Resolves: RHEL-31246 2024-04-02 13:09:11 -04:00
1001-vendor-patch-removed-backend-crypto.patch Resolves: RHEL-31246 2024-04-02 13:09:11 -04:00
1002-vendor-use-pbkdf2-from-OpenSSL.patch Resolves: RHEL-33655 2024-05-03 10:53:30 -04:00
1003-vendor-skip-goldenfiles-tests.patch update to upstream v9.0.8 2022-09-15 18:34:41 +02:00
build_frontend.sh update to upstream v9.0.8 2022-09-15 18:34:41 +02:00
create_bundles_in_container.sh Resolves: RHEL-31246 2024-04-02 13:09:11 -04:00
create_bundles.sh Resolves: RHEL-33655 2024-05-03 10:53:30 -04:00
gating.yaml Rework of gating rules to follow new CI setup 2024-05-04 09:31:37 +02:00
grafana.fc Resolves: RHEL-31246 2024-04-02 13:09:11 -04:00
grafana.if Add selinux policy for grafana and fix CVE-2023-39325 2023-11-17 11:03:16 -05:00
grafana.rpmlintrc update to upstream v9.0.8 2022-09-15 18:34:41 +02:00
grafana.spec Resolves: RHEL-33655 2024-05-03 10:53:30 -04:00
grafana.sysusers update to upstream v9.0.8 2022-09-15 18:34:41 +02:00
grafana.te Resolves: RHEL-31246 2024-04-02 13:09:11 -04:00
list_bundled_nodejs_packages.py Resolves: RHEL-31246 2024-04-02 13:09:11 -04:00
README.md update to upstream v9.0.8 2022-09-15 18:34:41 +02:00
sources Resolves: RHEL-33655 2024-05-03 10:53:30 -04:00

grafana

The grafana package

Setup instructions

  • clone the upstream sources: git clone https://github.com/grafana/grafana && cd grafana
  • checkout the version of the specfile: git checkout <currentversion>
  • apply existing patches: git am ../0*.patch

Upgrade instructions

  • follow the Setup instructions above
  • rebase to the new version: git fetch && git rebase --onto <newversion> <oldversion>
    • rebasing remove-unused-backend-dependencies.patch: only apply the patch to pkg/extensions/main.go and run go mod tidy, then go.mod and go.sum will get updated automatically
    • rebasing remove-unused-frontend-crypto.patch: only apply the patch to package.json and run yarn install, then yarn.lock will get updated automatically
  • create new patches from the modified git commits: git format-patch -N --no-stat --no-signature <newversion> && mv *.patch ..
  • update Version, Release, %changelog and tarball NVRs in the specfile
  • create bundles and manifest: ./create_bundles_in_container.sh
  • inspect the vendor tarball for any new non-FIPS crypto (vendor/golang.org/x/crypto), delete these files/directories in the Makefile and update the patch-removed-backend-crypto.patch if required
  • update specfile with contents of the .manifest file
  • update the manpages patch in 0002-add-manpages.patch and other patches if required
  • run local build: rpkg local
  • run rpmlint: rpmlint -r grafana.rpmlintrc /tmp/rpkg/grafana-*/grafana-*.src.rpm /tmp/rpkg/grafana-*/x86_64/grafana-*.x86_64.rpm
  • run a scratch build: fedpkg scratch-build --srpm
  • upload new source tarballs: fedpkg new-sources *.tar.gz *.tar.xz
  • commit new sources file

Patches

  • create the patch
  • declare and apply (%prep) the patch in the specfile
  • if the patch affects Go or Node.js dependencies, or the webpack
    • update the create_bundles.sh script and apply the patch
    • create new tarballs
    • update the specfile with new tarball name and contents of the .manifest file

General guidelines

  • aim to apply all patches in the specfile
  • avoid rebuilding the tarballs

Patches fall in several categories:

  • modify dependency versions
  • modify both sources and vendored dependencies (e.g. CVEs)
  • modify the Node.js source (i.e. affect the webpack)
  • some patches are conditional (e.g. FIPS)

Patches cannot be applied twice. It is not possible to unconditionally apply all patches in the Makefile, and great care must be taken to include the required patches at the correct stage of the build.

Reproducible Bundles

Run ./create_bundles_in_container.sh to generate a reproducible vendor and webpack bundle.

Verification