From 6d281ff84ee37eb2793f03a84ea5efcd8c538ee9 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Fri, 27 May 2022 09:53:47 -0400 Subject: [PATCH] build deb packages using debbuild Signed-off-by: Lokesh Mandvekar --- oci-seccomp-bpf-hook.spec | 50 +++++++++++++++++++++++++++------------ 1 file changed, 35 insertions(+), 15 deletions(-) diff --git a/oci-seccomp-bpf-hook.spec b/oci-seccomp-bpf-hook.spec index d5c055f..dc65f29 100644 --- a/oci-seccomp-bpf-hook.spec +++ b/oci-seccomp-bpf-hook.spec @@ -1,3 +1,7 @@ +%if "%{_vendor}" == "debbuild" +%define gobuild(o:) GO111MODULE=off go build -buildmode pie -tags=" ${BUILDTAGS:-}" -a -v -x %{?**}; +%endif + %global with_debug 1 %if 0%{?with_debug} @@ -13,24 +17,35 @@ %global repo oci-seccomp-bpf-hook # https://github.com/containers/oci-seccomp-bpf-hook %global import_path %{provider}.%{provider_tld}/%{project}/%{repo} -%global git0 https://%{provider}.%{provider_tld}/%{project}/%{repo} +%global git0 https://%{import_path} %global built_tag v1.2.5 -%global built_tag_strip %(b=%{built_tag}; echo ${b:1}) -%global gen_version %(b=%{built_tag_strip}; echo ${b/-/"~"}) # use the same arch definitions as present in the bcc package -ExclusiveArch: x86_64 %%{power64} aarch64 s390x armv7hl +ExclusiveArch: x86_64 %{power64} aarch64 s390x armv7hl -Name: oci-seccomp-bpf-hook -Version: %{gen_version} -Release: %autorelease -Summary: OCI Hook to generate seccomp json files based on EBF syscalls used by container +Name: %{repo} +Version: 1.2.5 +%if "%{_vendor}" == "debbuild" +Maintainer: Lokesh Mandvekar +License: ASL-2.0+ +Release: 0%{?dist} +%else License: ASL 2.0 and BSD and ISC and MIT +Release: %autorelease +%endif +Summary: OCI Hook to generate seccomp json files based on EBF syscalls used by container URL: %{git0} -Source0: %{git0}/archive/%{built_tag}.tar.gz +Source0: %{url}/archive/%{built_tag}.tar.gz BuildRequires: golang BuildRequires: go-md2man +%if "%{_vendor}" == "debbuild" +BuildRequires: libbpfcc-dev +BuildRequires: libglib2.0-dev +BuildRequires: libgpgme-dev +BuildRequires: libseccomp-dev +Requires: libbpfcc +%else BuildRequires: go-rpm-macros BuildRequires: glib2-devel BuildRequires: glibc-devel @@ -50,10 +65,11 @@ Provides: bundled(golang(github.com/seccomp/containers_golang)) = v0.6.0 Provides: bundled(golang(github.com/seccomp/libseccomp_golang)) = v0.9.1 Provides: bundled(golang(github.com/sirupsen/logrus)) = v1.8.1 Provides: bundled(golang(github.com/stretchr/testify)) = v1.4.0 +%endif %description %{summary} -%{repo} provides a library for applications looking to use +%{name} provides a library for applications looking to use the Container Pod concept popularized by Kubernetes. %package tests @@ -69,11 +85,12 @@ Requires: podman This package contains system tests for %{name} %prep -%autosetup -Sgit -n %{name}-%{built_tag_strip} +%autosetup -Sgit sed -i 's;HOOK_BIN_DIR;%{_libexecdir}/oci/hooks.d;' %{name}.json sed -i '/$(HOOK_DIR)\/%{name}.json/d' Makefile %build +%if "%{_vendor}" == "debbuild" %set_build_flags export CGO_CFLAGS=$CFLAGS # These extra flags present in $CFLAGS have been skipped for now as they break the build @@ -84,24 +101,25 @@ CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-specs=\/usr\/lib\/rpm\/redhat\/redhat-an %ifarch x86_64 export CGO_CFLAGS+=" -m64 -mtune=generic -fcf-protection=full" %endif +%endif export GO111MODULE=off export GOPATH=$(pwd):$(pwd)/_build mkdir _build -pushd _build +cd _build mkdir -p src/%{provider}.%{provider_tld}/%{project} ln -s ../../../../ src/%{import_path} -popd +cd .. ln -s vendor src export GOPATH=$(pwd)/_build:$(pwd) export LDFLAGS="-X main.version=%{version}" %gobuild -o bin/%{name} %{import_path} -pushd docs +cd docs go-md2man -in %{name}.md -out %{name}.1 -popd +cd .. %install %{__make} DESTDIR=%{buildroot} PREFIX=%{_prefix} install-nobuild @@ -143,4 +161,6 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath} %{_datadir}/%{name}/test %changelog +%if "%{_vendor}" != "debbuild" %autochangelog +%endif