Commit Graph

54 Commits

Author SHA1 Message Date
Debarshi Ray
aa3d041937 Rebuild for CVE-2022-27664 and CVE-2022-32189
This commit resolves both bugs 2116786 and 2126772.  However, since the
latter doesn't have all approvals yet, it's not listed below.  Else,
the check-gitbz test will fail and block this from getting merged.

Resolves: #2116786
2022-10-14 00:42:43 +02:00
Debarshi Ray
aa1a1d24b6 Rebuild for CVE-2022-1705, CVE-2022-30630, CVE-2022-30631
... and CVE-2022-30632.

Resolves: #2111830
2022-08-16 23:23:14 +02:00
Debarshi Ray
c4cb9d3f29 Bump the minimum required golang version for added reassurance
Resolves: #2060769, #2089194
2022-06-22 13:18:00 +02:00
Tomas Pelka
f55ff2583f Fixing the correct gating test name. 2022-05-17 06:50:08 +00:00
Debarshi Ray
b5a0d2a45c Rebuild for FIPS-mode memory leak in the Go toolchain
Toolbx doesn't seem to directly use any cryptography, but go.sum does
list golang.org/x/crypto, which indicates that it's present somewhere
in the dependency chain.

Looking inside the vendored sources, there doesn't seem to be any
actual use of golang.org/x/crypto but it's still listed in the go.sum
files of some of the packages.

Interestingly, github.com/godbus/dbus does use crypto/rand and
crypto/sha1, and the former is a cryptographically secure random number
generator [1], but note that these aren't part of golang.org/x/crypto.

Anyway, it's better and easier to just rebuild the package than trying
to decipher if Toolbx is affected by the FIPS-mode memory leak in the
Go toolchain that affects cryptographic code.

[1] https://pkg.go.dev/crypto/rand

Resolves: #2060769
2022-05-16 23:22:39 +02:00
Jindrich Novy
2a480fd8da toolbox-0.0.99.3-2.el9
- BuildRequires: /usr/bin/go-md2man
- Related: #2061316

Signed-off-by: Jindrich Novy <jnovy@redhat.com>
2022-05-11 10:56:28 +02:00
Tomas Popela
c7f3708c66 rpminspec: rhel-policy -> hardened
rhel-policy was renamed to hardened in annocheck
2022-02-09 16:02:50 +01:00
Debarshi Ray
b4fb8f3c3a Silence 'rpminspect --tests=annocheck'
Note that all (default rhel-policy) flags need to be repeated. If some
configuration flags are overwritten, it will completely overwrite the
defaults (--ignore-unknown --verbose).

See:
https://gitlab.com/redhat/centos-stream/rpms/valgrind/-/blob/c9s/rpminspect.yaml

Resolves: #2000807
2021-12-17 12:40:50 +01:00
Debarshi Ray
862b07a86e Silence 'rpminspect --tests=runpath'
Resolves: #2000807
2021-12-17 01:11:05 +01:00
Debarshi Ray
06c284b9ce tests: Fix the tag of the default image
The test suite should use the latest build of the image for any given
RHEL minor release. Otherwise, it won't detect any breakage caused by
changes to the image.

Resolves: #2000807
2021-12-16 23:46:53 +01:00
Debarshi Ray
7212974445 tests: Add missing newline at end of file
Otherwise, it's difficult to read the file with cat(1).

Resolves: #2000807
2021-12-16 23:30:02 +01:00
Debarshi Ray
cd00cb09ca tests: Fix the permissions of /etc/containers/toolbox.conf
The RPM installs /etc/containers/toolbox.conf with its permissions set
to 0644, and there's no reason for the test suite to deviate from that.

Resolves: #2000807
2021-12-16 23:26:20 +01:00
Debarshi Ray
0b9dac8c68 Update to 0.0.99.3
- BuildRequire only systemd-rpm-macros as recommended by the Fedora
  packaging guidelines:
  https://docs.fedoraproject.org/en-US/packaging-guidelines/Tmpfiles.d/
  https://pagure.io/packaging-committee/issue/824

- Update the Summary to match upstream

- Update the URL to point to the website

Resolves: #2000807
2021-12-10 14:29:33 +01:00
Debarshi Ray
d4a6831d26 Suggest a way forward if coreos/toolbox was used
Resolves: #2006802
2021-09-22 16:02:35 +02:00
Debarshi Ray
3b440cd46a Use the Toolbox-specific UBI image for RHEL 9
This is RHEL 9, not RHEL 8. Hence the image for RHEL 9 should be used.

Fallout from e4faf0256c

Resolves: #2004563
2021-09-22 15:20:48 +02:00
Debarshi Ray
e4faf0256c Switch to using the Toolbox-specific UBI image by default
Resolves: #2004563
2021-09-22 14:33:18 +02:00
Oliver Gutierrez
b43ce464c3
Changed image for tests and tests parameters
Related: #2000051
2021-09-16 15:35:17 +01:00
Oliver Gutierrez
573971252e
Changed default image for tests
Related: #2000051
2021-09-16 11:45:05 +01:00
Oliver Gutierrez
d037151cc0
Added ability to force test system id and version id
Related: #2000051
2021-09-14 13:47:38 +01:00
Oliver Gutierrez
d5f960300f
Fixed test roles and changed default image path
Related: #2000051
2021-09-14 11:20:59 +01:00
Oliver Gutierrez
fcacaff8de
Version bump for rebuild
Related: rhbz#2000051
2021-09-14 10:46:27 +01:00
Oliver Gutierrez
8eac0d08fd
Added new role to setup default container image
Related: rhbz#2000051
2021-09-14 10:19:51 +01:00
Oliver Gutierrez
62a7b56985
Added missing gating tests files and patch for tests
Related: rhbz#2000051
2021-09-03 17:42:09 +01:00
Jindrich Novy
768bb82508 toolbox-0.0.99.3-0.6.git660b6970e998.el9
- re-add gating tests
- Related: #2000051

Signed-off-by: Jindrich Novy <jnovy@redhat.com>
2021-09-03 16:06:00 +02:00
Jindrich Novy
b9680ab712 toolbox-0.0.99.3-0.5.git660b6970e998.el9
- Make sosreport work by setting the HOST environment variable
- Related: #2000051

Signed-off-by: Jindrich Novy <jnovy@redhat.com>
2021-09-03 11:31:08 +02:00
Oliver Gutierrez
38f416cd16
Fixed bogus date in changelog
Related: rhbz#1977343
2021-08-30 15:47:11 +01:00
Oliver Gutierrez
b0004b6b93
Updated bats version for gating tests
Related: rhbz#1977343
2021-08-30 15:20:24 +01:00
Oliver Gutierrez
188290c2ab
Version bump for rebuilding and test gating
Resolves: rhbz#1977343
2021-08-24 13:01:59 +01:00
Oliver Gutierrez
66677d233d
Added gating based on podman gating
Resolves: rhbz#1977343
2021-08-24 11:14:29 +01:00
Mohan Boddu
185b7a847f Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
2021-08-10 01:07:01 +00:00
Tomas Popela
d824208ae6 Upload the fixed tarball
Related: #1970747
2021-08-04 21:50:27 +02:00
Debarshi Ray
4721e8ac6c Fix the build on CentOS Stream
Looks like centpkg can't handle the current guidelines for versioning
snapshot builds [1].

[1] https://docs.fedoraproject.org/en-US/packaging-guidelines/Versioning/#_snapshots

Related: #1970747
2021-08-02 15:40:14 +02:00
Jindrich Novy
7ebedec3a3 toolbox-0.0.99.2^1.git660b6970e998-1.el9
- Add support for configuration files
- Related: #1970747

Signed-off-by: Jindrich Novy <jnovy@redhat.com>
2021-07-28 15:04:29 +02:00
Jindrich Novy
b817729eef toolbox-0.0.99.2-3.el9
- Expose the host's entire / in the container at /run/host
- Resolves: #1977343

Signed-off-by: Jindrich Novy <jnovy@redhat.com>
2021-07-10 09:03:32 +02:00
Jindrich Novy
067c49f5d1 toolbox-0.0.99.2-2.el9
- Actually apply the patch to make 'toolbox' create or fall back to a
  container if possible
- Support logging into a registry if necessary
- Resolves: #1977343

Signed-off-by: Jindrich Novy <jnovy@redhat.com>
2021-07-05 13:14:16 +02:00
Jindrich Novy
72d3271661 toolbox-0.0.99.2-1.el9
- update to 0.99.2
- Resolves: #1977343

Signed-off-by: Jindrich Novy <jnovy@redhat.com>
2021-07-02 17:30:03 +02:00
Mohan Boddu
f2c4065d71 Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
2021-06-22 18:46:40 +00:00
Debarshi Ray
0924deeac6 Don't use ShellCheck when building because it was removed from RHEL 9
Resolves: #1912983
2021-04-29 18:08:57 +02:00
Debarshi Ray
88485aabc4 Remove unused patch
The tarball used in the RHEL 9 build vendors in all the Go dependencies
and therefore doesn't use this patch.

Resolves: #1912983
2021-04-29 18:08:51 +02:00
Debarshi Ray
72d79125ed Fix FTBFS
Resolves: #1912983
2021-04-29 17:39:17 +02:00
Mohan Boddu
6d502a823d - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
2021-04-16 05:55:19 +00:00
DistroBaker
b90fed3095 Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/toolbox.git#aa7f643e20fe9ca6a6e1d044e6ff72cd4cff9b93
2021-03-31 19:55:39 +00:00
DistroBaker
4b714c697e Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/toolbox.git#aa7f643e20fe9ca6a6e1d044e6ff72cd4cff9b93
2021-03-02 04:40:47 +00:00
DistroBaker
34e225a9e8 Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/toolbox.git#61252314d80ed2ca522615900e1d98abb4f76edc
2021-02-04 21:07:14 +00:00
Jindrich Novy
385ab10aa1 toolbox-0.0.99-2.el9
- Update to 0.0.99

Signed-off-by: Jindrich Novy <jnovy@redhat.com>
2021-01-14 09:27:25 +01:00
DistroBaker
0e55d874b1 Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/toolbox.git#07c5601e0b3108c6e7e287f064542027b81a18ed
2021-01-12 13:44:07 +00:00
DistroBaker
a1034df597 Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/toolbox.git#12f33fed755af5e34aa92ebcdc3e001751834102
2021-01-11 12:31:20 +00:00
DistroBaker
c7d874aa22 Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/toolbox.git#800ec3712d124fd7ffd5585d97ad20ae745bd207
2021-01-07 20:01:39 +00:00
DistroBaker
2ea595667e Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/toolbox.git#0e1027a12127ad6db8cc0152471a568d37ef7d88
2021-01-05 18:00:22 +00:00
DistroBaker
73bace8002 Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/toolbox.git#61caa93712e842f40b20f582bca065cf7aa80de8
2020-12-04 17:22:34 +01:00