bbde02e26d
and round tarball mtime timestamp to midnight, to match SOURCE_DATE_EPOCH |
||
|---|---|---|
| .fmf | ||
| .github/workflows | ||
| plans | ||
| tests | ||
| .gitignore | ||
| 001-wrappers-grafana-cli.patch | ||
| 002-manpages.patch | ||
| 003-fix-dashboard-abspath-test.patch | ||
| 004-skip-x86-goldenfiles-tests.patch | ||
| 005-remove-unused-dependencies.patch | ||
| 006-fix-gtime-test-32bit.patch | ||
| 008-remove-unused-frontend-crypto.patch | ||
| 009-patch-unused-backend-crypto.patch | ||
| 010-fips.patch | ||
| 011-use-hmac-sha-256-for-password-reset-tokens.patch | ||
| 012-support-go1.18.patch | ||
| 013-CVE-2021-23648.patch | ||
| 014-CVE-2022-21698.patch | ||
| 015-CVE-2022-21698.vendor.patch | ||
| Makefile | ||
| README.md | ||
| build_frontend.sh | ||
| create_bundles_in_container.sh | ||
| distro-defaults.ini | ||
| gating.yaml | ||
| grafana.rpmlintrc | ||
| grafana.spec | ||
| list_bundled_nodejs_packages.py | ||
| sources | ||
README.md
grafana
The grafana package
Upgrade instructions
- update
Version,Release,%changelogand tarball NVRs in the specfile - create bundles and manifest:
make clean all - update specfile with contents of the
.manifestfile - check if the default configuration has changed:
diff grafana-X.Y.Z/conf/defaults.ini distro-defaults.iniand updatedistro-defaults.iniif necessary - update the manpages patch in
002-manpages.patchand other patches if required - run local build:
rpkg local - run rpm linter:
rpkg lint -r grafana.rpmlintrc - run a scratch build:
fedpkg scratch-build --srpm - upload new source tarballs:
fedpkg new-sources *.tar.gz *.tar.xz - commit new
sourcesfile
Patches
- create the patch
- declare and apply (
%prep) the patch in the specfile - if the patch affects Go or Node.js dependencies, or the webpack
- add the patch to
PATCHES_PRE_VENDORorPATCHES_PRE_WEBPACKin the Makefile - create new tarballs
- update the specfile with new tarball name and contents of the
.manifestfile
- add the patch to
General guidelines
- aim to apply all patches in the specfile
- avoid rebuilding the tarballs
Patches fall in several categories:
- modify dependency versions
- modify both sources and vendored dependencies (e.g. CVEs)
- modify the Node.js source (i.e. affect the webpack)
- some patches are conditional (e.g. FIPS)
Patches cannot be applied twice. It is not possible to unconditionally apply all patches in the Makefile, and great care must be taken to include the required patches at the correct stage of the build.
Reproducible Bundles
Run ./create_bundles_in_container.sh to generate a reproducible vendor and webpack bundle.
Alternatively, install the same software as in the container, create a bind mount from /tmp/grafana-build to the directory of this repository, and run make.
The bind mount is required because Webpack stores absolute paths in the JS source maps, and also resolves symlinks (i.e. symlinking /tmp/grafana-build doesn't work).
Verification
- compare the list of files with the upstream RPM at https://grafana.com/grafana/download