.gitignore

@@ -1,2 +1 @@
-SOURCES/1.1.0.tar.gz
-SOURCES/netavark-v1.1.0-vendor.tar.gz
+/*.tar.*

.netavark.metadata

@@ -1,2 +0,0 @@
-5f22fd74fc25d71335f8ca5cd5aa74c383d30576 SOURCES/1.1.0.tar.gz
-63dcfdcb2b5917a213f89469aa4e643f92230410 SOURCES/netavark-v1.1.0-vendor.tar.gz

.packit.yaml

@@ -0,0 +1,100 @@
+---
+# See the documentation for more information:
+# https://packit.dev/docs/configuration/
+
+downstream_package_name: netavark
+upstream_tag_template: v{version}
+
+packages:
+  netavark-fedora:
+    pkg_tool: fedpkg
+    specfile_path: rpm/netavark.spec
+  netavark-centos:
+    pkg_tool: centpkg
+    specfile_path: rpm/netavark.spec
+  netavark-rhel:
+    specfile_path: rpm/netavark.spec
+
+srpm_build_deps:
+  - cargo
+  - make
+  - openssl-devel
+
+jobs:
+  - job: copr_build
+    trigger: pull_request
+    packages: [netavark-fedora]
+    notifications: &copr_build_failure_notification
+      failure_comment:
+        message: "Ephemeral COPR build failed. @containers/packit-build please check."
+    targets:
+      fedora-all-x86_64: {}
+      fedora-all-aarch64: {}
+      fedora-eln-x86_64:
+        additional_repos:
+          - "https://kojipkgs.fedoraproject.org/repos/eln-build/latest/x86_64/"
+      fedora-eln-aarch64:
+        additional_repos:
+          - "https://kojipkgs.fedoraproject.org/repos/eln-build/latest/aarch64/"
+    enable_net: true
+
+  - job: copr_build
+    trigger: pull_request
+    packages: [netavark-centos]
+    notifications: *copr_build_failure_notification
+    targets:
+      - centos-stream-9-x86_64
+      - centos-stream-9-aarch64
+      - centos-stream-10-x86_64
+      - centos-stream-10-aarch64
+    enable_net: true
+
+  - job: copr_build
+    trigger: pull_request
+    packages: [netavark-rhel]
+    notifications: *copr_build_failure_notification
+    targets:
+      - epel-9-x86_64
+      - epel-9-aarch64
+    enable_net: true
+
+  # Run on commit to main branch
+  - job: copr_build
+    trigger: commit
+    packages: [netavark-fedora]
+    notifications:
+      failure_comment:
+        message: "podman-next COPR build failed. @containers/packit-build please check."
+    branch: main
+    owner: rhcontainerbot
+    project: podman-next
+    enable_net: true
+
+  # Sync to Fedora
+  - job: propose_downstream
+    trigger: release
+    packages: [netavark-fedora]
+    update_release: false
+    dist_git_branches:
+      - fedora-all
+
+  # Sync to CentOS Stream
+  - job: propose_downstream
+    trigger: release
+    packages: [netavark-centos]
+    update_release: false
+    dist_git_branches:
+      - c10s
+
+  - job: koji_build
+    trigger: commit
+    dist_git_branches:
+      - fedora-all
+
+        # NOTE: Bodhi update tasks are disabled to allow netavark and aardvark-dns X.Y
+        # builds in a single manual bodhi update. Leaving this commented out
+        # but not deleted so it's not forgotten.
+        #- job: bodhi_update
+        #trigger: commit
+        #dist_git_branches:
+        #- fedora-branched # rawhide updates are created automatically

README.md

@@ -0,0 +1,3 @@
+# netavark
+
+The netavark package

README.packit

@@ -0,0 +1,3 @@
+This repository is maintained by packit.
+https://packit.dev/
+The file was generated using packit 0.100.0.

SOURCES/netavark.1

@@ -1,51 +0,0 @@
-.nh
-.TH netavark(1)
-.SH NAME
-.PP
-netavark - Configure a given network namespace for use by a container
-
-.SH SYNOPSIS
-.PP
-\fBnetavark\fP [\fIoptions\fP] \fIcommand\fP \fInetwork namespace path\fP
-
-.SH DESCRIPTION
-.PP
-Netavark configures a network namespace according to a configuration read from STDIN. The configuration is JSON formatted.
-
-.SH GLOBAL OPTIONS
-.SS \fB--file\fP, \fB-f\fP
-.PP
-Instead of reading from STDIN, read the configuration to be applied from the given file. \fB-f -\fP may also be used to flag reading from STDIN.
-
-.SH COMMANDS
-.SS netavark setup
-.PP
-The setup command configures the given network namespace with the given configuration, creating any interfaces and firewall rules necessary.
-
-.SS netavark teardown
-.PP
-The teardown command is the inverse of the setup command, undoing any configuration applied. Some interfaces may not be deleted (bridge interfaces, for example, will not be removed).
-
-.SS CONFIGURATION FORMAT
-.PP
-The configuration accepted is the same for both setup and teardown. It is JSON formatted.
-
-.PP
-Format is https://github.com/containers/podman/blob/cd7b48198c38c5028540e85dc72dd3406f4318f0/libpod/network/types/network.go#L164-L173 but we will also send a Networks array including all the network definitions (https://github.com/containers/podman/blob/cd7b48198c38c5028540e85dc72dd3406f4318f0/libpod/network/types/network.go#L32-L62)
-TODO: Transcribe configuration into here in a nice tabular format
-
-.SH EXAMPLE
-.PP
-netavark setup /run/user/1000/podman/netns/d11d1f9c499d
-
-.PP
-netavark -f /run/podman/828b0508ae64.conf teardown /run/podman/netns/828b0508ae64
-
-.SH SEE ALSO
-.PP
-podman(1)
-
-.SH HISTORY
-.PP
-September 2021, Originally compiled by Matt Heon mheon@redhat.com
-\[la]mailto:mheon@redhat.com\[ra]

SPECS/netavark.spec

@@ -1,92 +0,0 @@
-# debuginfo doesn't work yet
-%global debug_package %{nil}
-
-Epoch: 2
-Name: netavark
-Version: 1.1.0
-Release: 6%{?dist}
-License: ASL 2.0 and BSD and MIT
-ExclusiveArch: %{rust_arches}
-Summary: OCI network stack
-URL: https://github.com/containers/%{name}
-Source0: %{url}/archive/v%{version}/%{version}.tar.gz
-Source1: %{url}/releases/download/v%{version}/%{name}-v%{version}-vendor.tar.gz
-Source2: netavark.1
-BuildRequires: cargo
-Recommends: aardvark-dns >= 1.0.3
-Provides: container-network-stack = 2
-BuildRequires: make
-BuildRequires: rust-srpm-macros
-BuildRequires: git-core
-
-%description
-%{summary}
-
-Netavark is a rust based network stack for containers. It is being
-designed to work with Podman but is also applicable for other OCI
-container management applications.
-
-Netavark is a tool for configuring networking for Linux containers.
-Its features include:
-* Configuration of container networks via JSON configuration file
-* Creation and management of required network interfaces,
-    including MACVLAN networks
-* All required firewall configuration to perform NAT and port
-    forwarding as required for containers
-* Support for iptables and firewalld at present, with support
-    for nftables planned in a future release
-* Support for rootless containers
-* Support for IPv4 and IPv6
-* Support for container DNS resolution via aardvark-dns.
-
-%prep
-%autosetup -Sgit
-tar fx %{SOURCE1}
-mkdir -p .cargo
-
-cat >.cargo/config << EOF
-[source.crates-io]
-replace-with = "vendored-sources"
-
-[source.vendored-sources]
-directory = "vendor"
-EOF
-
-%build
-%{__make} build
-
-cd docs
-cp %{SOURCE2} .
-
-%install
-%{__make} DESTDIR=%{buildroot} PREFIX=%{_prefix} install
-
-%files
-%license LICENSE
-%dir %{_libexecdir}/podman
-%{_libexecdir}/podman/%{name}
-%{_mandir}/man1/%{name}.1*
-
-%changelog
-* Tue Aug 09 2022 Jindrich Novy <jnovy@redhat.com> - 2:1.1.0-6
-- bump Epoch to preserve upgrade path
-- Related: #2061390
-
-* Tue Aug 09 2022 Jindrich Novy <jnovy@redhat.com> - 1.1.0-5
-- remove dependency on md2man
-- Related: #2061390
-
-* Tue Aug 09 2022 Jindrich Novy <jnovy@redhat.com> - 1.1.0-4
-- fix arches
-- Related: #2061390
-
-* Tue Aug 09 2022 Jindrich Novy <jnovy@redhat.com> - 1.1.0-3
-- add gating.yaml
-- Related: #2061390
-
-* Thu Aug 04 2022 Jindrich Novy <jnovy@redhat.com> - 1.1.0-2
-- require /usr/bin/go-md2man directly
-
-* Wed Aug 03 2022 Jindrich Novy <jnovy@redhat.com> - 1.1.0-1
-- initial import
-- Related: #2061390

gating.yaml

@@ -0,0 +1,6 @@
+# recipients: jnovy, lsm5, santiago
+--- !Policy
+product_versions:
+  - rhel-10
+decision_context: osci_compose_gate
+rules: []

netavark.spec

@@ -0,0 +1,152 @@
+# Building from fedora dependencies not possible
+# Latest upstream rtnetlink frequently required
+# sha2, zbus, zvariant are currently out of date
+
+%global with_debug 1
+
+%if 0%{?with_debug}
+%global _find_debuginfo_dwz_opts %{nil}
+%global _dwz_low_mem_die_limit 0
+%else
+%global debug_package %{nil}
+%endif
+
+# Minimum X.Y dep for aardvark-dns
+%define major_minor %((v=%{version}; echo ${v%.*}))
+
+# Set default firewall to nftables on CentOS Stream 10+, RHEL 10+, Fedora 41+
+# and default to iptables on all other environments
+# The `rhel` macro is defined on CentOS Stream, RHEL as well as Fedora ELN.
+%if (%{defined rhel} && 0%{?rhel} >= 10) || (%{defined fedora} && 0%{?fedora} >= 41)
+%define default_fw nftables
+%else
+%define default_fw iptables
+%endif
+
+Name: netavark
+# Set a different Epoch for copr builds
+%if %{defined copr_username}
+Epoch: 102
+%else
+Epoch: 2
+%endif
+Version: 1.14.0
+Release: 1%{?dist}
+# The `AND` needs to be uppercase in the License for SPDX compatibility
+License: Apache-2.0 AND BSD-3-Clause AND MIT
+%if %{defined golang_arches_future}
+ExclusiveArch: %{golang_arches_future}
+%else
+ExclusiveArch: aarch64 ppc64le s390x x86_64
+%endif
+Summary: OCI network stack
+URL: https://github.com/containers/%{name}
+# Tarballs fetched from upstream's release page
+Source0: %{url}/archive/v%{version}.tar.gz
+Source1: %{url}/releases/download/v%{version}/%{name}-v%{version}-vendor.tar.gz
+BuildRequires: cargo
+BuildRequires: %{_bindir}/go-md2man
+# aardvark-dns and %%{name} are usually released in sync
+Requires: aardvark-dns >=  %{epoch}:%{major_minor}
+Provides: container-network-stack = 2
+%if "%{default_fw}" == "nftables"
+Requires: nftables
+%else
+Requires: iptables
+%endif
+BuildRequires: make
+BuildRequires: protobuf-c
+BuildRequires: protobuf-compiler
+%if %{defined rhel}
+# rust-toolset requires the `local` repo enabled on non-koji ELN build environments
+BuildRequires: rust-toolset
+%else
+BuildRequires: rust-packaging
+BuildRequires: rust-srpm-macros
+%endif
+BuildRequires: git-core
+BuildRequires: systemd
+BuildRequires: systemd-devel
+
+%description
+%{summary}
+
+Netavark is a rust based network stack for containers. It is being
+designed to work with Podman but is also applicable for other OCI
+container management applications.
+
+Netavark is a tool for configuring networking for Linux containers.
+Its features include:
+* Configuration of container networks via JSON configuration file
+* Creation and management of required network interfaces,
+    including MACVLAN networks
+* All required firewall configuration to perform NAT and port
+    forwarding as required for containers
+* Support for iptables and firewalld at present, with support
+    for nftables planned in a future release
+* Support for rootless containers
+* Support for IPv4 and IPv6
+* Support for container DNS resolution via aardvark-dns.
+
+%prep
+%autosetup -Sgit %{name}-%{version}
+# Following steps are only required on environments like koji which have no
+# network access and thus depend on the vendored tarball. Copr pulls
+# dependencies directly from the network.
+%if !%{defined copr_username}
+tar fx %{SOURCE1}
+%if 0%{?fedora} || 0%{?rhel} >= 10
+%cargo_prep -v vendor
+%else
+%cargo_prep -V 1
+%endif
+%endif
+
+%build
+NETAVARK_DEFAULT_FW=%{default_fw} %{__make} CARGO="%{__cargo}" build
+%if (0%{?fedora} || 0%{?rhel} >= 10) && !%{defined copr_username}
+%cargo_license_summary
+%{cargo_license} > LICENSE.dependencies
+%cargo_vendor_manifest
+%endif
+
+cd docs
+%{__make}
+
+%install
+%{__make} DESTDIR=%{buildroot} PREFIX=%{_prefix} install
+
+%preun
+%systemd_preun %{name}-dhcp-proxy.service
+%systemd_preun %{name}-firewalld-reload.service
+
+%postun
+%systemd_postun %{name}-dhcp-proxy.service
+%systemd_postun %{name}-firewalld-reload.service
+
+%files
+%license LICENSE
+%if (0%{?fedora} || 0%{?rhel} >= 10) && !%{defined copr_username}
+%license LICENSE.dependencies
+%license cargo-vendor.txt
+%endif
+%dir %{_libexecdir}/podman
+%{_libexecdir}/podman/%{name}*
+%{_mandir}/man1/%{name}.1*
+%{_mandir}/man7/%{name}-firewalld.7*
+%{_unitdir}/%{name}-dhcp-proxy.service
+%{_unitdir}/%{name}-dhcp-proxy.socket
+%{_unitdir}/%{name}-firewalld-reload.service
+
+%changelog
+* Mon Feb 10 2025 Jindrich Novy <jnovy@redhat.com> - 2:1.14.0-1
+- update to https://github.com/containers/netavark/releases/tag/v1.14.0
+- Related: RHEL-58990
+
+* Fri Dec 06 2024 Jindrich Novy <jnovy@redhat.com> - 2:1.13.1-1
+- update to https://github.com/containers/netavark/releases/tag/v1.13.1
+- Related: RHEL-58990
+
+* Wed Oct 30 2024 Jindrich Novy <jnovy@redhat.com> - 2:1.13.0-1
+- update to https://github.com/containers/netavark/releases/tag/v1.13.0
+- Resolves: RHEL-65324

sources

@@ -0,0 +1,2 @@
+SHA512 (v1.14.0.tar.gz) = 06fca26f5db61de4578aadbcff3b45a9533228e5145b9eb58fbc2200b954ffe91e877e47daf2661bacd67164026add1c9811aa48be5d54d1790d06531204d969
+SHA512 (netavark-v1.14.0-vendor.tar.gz) = b1d71add9f4c6daec2ca9d13804620d6cd4412714715b55026e1d813c64fbee4c9460cf6a19a28e75c15e3bc21486de46bb7c94de626a3d78d3c33424759650f