grafana/README.md
Andreas Gerstmayr 598a441ca7 update to upstream version 7.5.11
Resolves: rhbz#1993215
Resolves: rhbz#2012165
Resolves: CVE-2021-39226
2021-10-11 18:51:14 +02:00

1.6 KiB

grafana

The grafana package

Upgrade instructions

  • update Version, Release, %changelog and tarball NVRs in the specfile
  • create bundles and manifest: make clean all
  • update specfile with contents of the .manifest file
  • check if the default configuration has changed: diff grafana-X.Y.Z/conf/defaults.ini distro-defaults.ini and update distro-defaults.ini if necessary
  • update the manpages patch in 002-manpages.patch and other patches if required
  • run local build: rpkg local
  • run rpm linter: rpkg lint -r grafana.rpmlintrc
  • run a scratch build: fedpkg scratch-build --srpm
  • upload new source tarballs: fedpkg new-sources *.tar.gz *.tar.xz
  • commit new sources file

Patches

  • create the patch
  • declare and apply (%prep) the patch in the specfile
  • if the patch affects Go or Node.js dependencies, or the webpack
    • add the patch to PATCHES_PRE_VENDOR or PATCHES_PRE_WEBPACK in the Makefile
    • create new tarballs
    • update the specfile with new tarball name and contents of the .manifest file

General guidelines

  • aim to apply all patches in the specfile
  • avoid rebuilding the tarballs

Patches fall in several categories:

  • modify dependency versions
  • modify both sources and vendored dependencies (e.g. CVEs)
  • modify the Node.js source (i.e. affect the webpack)
  • some patches are conditional (e.g. FIPS)

Patches cannot be applied twice. It is not possible to unconditionally apply all patches in the Makefile, and great care must be taken to include the required patches at the correct stage of the build.

Verification