Automates deployment of containerized applications
1 files added
1 files deleted
4 files modified
412 ■■■■ changed files
.docker.metadata 6 ●●●● patch | view | raw | blame | history
.gitignore 6 ●●●● patch | view | raw | blame | history
README.debrand 2 ●●●●● patch | view | raw | blame | history
SOURCES/0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b.patch 290 ●●●●● patch | view | raw | blame | history
SOURCES/docker.service 4 ●●● patch | view | raw | blame | history
SPECS/docker.spec 104 ●●●● patch | view | raw | blame | history
.docker.metadata
@@ -1,10 +1,10 @@
4191963addb1f68b3bebfb93dbe12cb5db7a22d1 SOURCES/07f3374cf1b29aadf824d8b8dcbf6e63403689c6.tar.gz
82c5eac259a4161cf051893bd532409007c1ce81 SOURCES/b2f74b220126bddbae585cfe2406498ced3ae065.tar.gz
e21d6c1b9e04650915499946bb4e6a01727c7d54 SOURCES/container-storage-setup-413b408.tar.gz
1d7cd417c6e8414b65bd127f488719b5355e135f SOURCES/containerd-b968034.tar.gz
7fda753d7eb81e1f48fdee734a6dc898b4edf02f SOURCES/containerd-7989550.tar.gz
c5e6169ea101c97d94257f48fa227f5ff0501454 SOURCES/docker-lvm-plugin-20a1f68.tar.gz
0beb6283e30f1e87e907576f4571ccb0a48b6be5 SOURCES/docker-novolume-plugin-385ec70.tar.gz
656b1d1605dc43d7f5c00cedadd686dbd418d285 SOURCES/libnetwork-c5d66a0.tar.gz
965d64f5a81c3a428ca3b29495ecf66748c67c1f SOURCES/rhel-push-plugin-af9107b.tar.gz
704ece9f78221c6a58364f942a0d03d64a93b85a SOURCES/runc-290a336.tar.gz
59482abd62fc50a2b4fbf5ad79b4414a1963aeeb SOURCES/runc-df5c38a.tar.gz
7941233b1ed34afdc074e74ab26a86dea20ee7d4 SOURCES/tini-fec3683.tar.gz
496f9927f4254508ea1cd94f473b5b9321d41245 SOURCES/v1.10-migrator-c417a6a.tar.gz
.gitignore
@@ -1,10 +1,10 @@
SOURCES/07f3374cf1b29aadf824d8b8dcbf6e63403689c6.tar.gz
SOURCES/b2f74b220126bddbae585cfe2406498ced3ae065.tar.gz
SOURCES/container-storage-setup-413b408.tar.gz
SOURCES/containerd-b968034.tar.gz
SOURCES/containerd-7989550.tar.gz
SOURCES/docker-lvm-plugin-20a1f68.tar.gz
SOURCES/docker-novolume-plugin-385ec70.tar.gz
SOURCES/libnetwork-c5d66a0.tar.gz
SOURCES/rhel-push-plugin-af9107b.tar.gz
SOURCES/runc-290a336.tar.gz
SOURCES/runc-df5c38a.tar.gz
SOURCES/tini-fec3683.tar.gz
SOURCES/v1.10-migrator-c417a6a.tar.gz
README.debrand
New file
@@ -0,0 +1,2 @@
Warning: This package was configured for automatic debranding, but the changes
failed to apply.
SOURCES/0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b.patch
File was deleted
SOURCES/docker.service
@@ -1,8 +1,9 @@
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
After=network.target
After=network.target rhel-push-plugin.socket registries.service
Wants=docker-storage-setup.service
Requires=rhel-push-plugin.socket registries.service
Requires=docker-cleanup.timer
[Service]
@@ -18,6 +19,7 @@
ExecStart=/usr/bin/dockerd-current \
          --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current \
          --default-runtime=docker-runc \
          --authorization-plugin=rhel-push-plugin \
          --exec-opt native.cgroupdriver=systemd \
          --userland-proxy-path=/usr/libexec/docker/docker-proxy-current \
          --init-path=/usr/libexec/docker/docker-init-current \
SPECS/docker.spec
@@ -23,7 +23,7 @@
# docker
%global git_docker https://github.com/projectatomic/docker
%global commit_docker 07f3374cf1b29aadf824d8b8dcbf6e63403689c6
%global commit_docker b2f74b220126bddbae585cfe2406498ced3ae065
%global shortcommit_docker %(c=%{commit_docker}; echo ${c:0:7})
# docker_branch used in %%check
%global docker_branch %{name}-%{version}
@@ -45,9 +45,9 @@
%global shortcommit_novolume %(c=%{commit_novolume}; echo ${c:0:7})
# rhel-push-plugin
#%%global git_rhel_push https://github.com/projectatomic/rhel-push-plugin
#%%global commit_rhel_push af9107b2aedb235338e32a3c19507cad3f218b0d
#%%global shortcommit_rhel_push %(c=%{commit_rhel_push}; echo ${c:0:7})
%global git_rhel_push https://github.com/projectatomic/rhel-push-plugin
%global commit_rhel_push af9107b2aedb235338e32a3c19507cad3f218b0d
%global shortcommit_rhel_push %(c=%{commit_rhel_push}; echo ${c:0:7})
# docker-lvm-plugin
%global git_lvm https://github.com/projectatomic/%{repo}-lvm-plugin
@@ -56,12 +56,12 @@
# docker-runc
%global git_runc https://github.com/projectatomic/runc
%global commit_runc 290a33602b16ff2d1cc5339bc0297f0e094462ce
%global commit_runc df5c38a9167e87f53a9894d77c0950e178a745e7
%global shortcommit_runc %(c=%{commit_runc}; echo ${c:0:7})
# docker-containerd
%global git_containerd https://github.com/projectatomic/containerd
%global commit_containerd b968034319d76c623176301198c1e34ea6541b33
%global commit_containerd 7989550b83317f799af20ab4df3a5b6487767fc9
%global shortcommit_containerd %(c=%{commit_containerd}; echo ${c:0:7})
# docker-init
@@ -77,15 +77,15 @@
Name: %{repo}
Epoch: 2
Version: 1.13.1
Release: 91.git%{shortcommit_docker}%{?dist}
Release: 94.git%{shortcommit_docker}%{?dist}
Summary: Automates deployment of containerized applications
License: ASL 2.0
URL: https://%{import_path}
ExclusiveArch: aarch64 %{arm} ppc64le s390x x86_64 %{ix86}
ExclusiveArch: aarch64 %{arm} ppc64le s390x x86_64
Source0: %{git_docker}/archive/%{commit_docker}.tar.gz
Source2: %{git_dss}/archive/%{commit_dss}/container-storage-setup-%{shortcommit_dss}.tar.gz
Source4: %{git_novolume}/archive/%{commit_novolume}/%{repo}-novolume-plugin-%{shortcommit_novolume}.tar.gz
#Source5: %{git_rhel_push}/archive/%{commit_rhel_push}/rhel-push-plugin-%{shortcommit_rhel_push}.tar.gz
Source5: %{git_rhel_push}/archive/%{commit_rhel_push}/rhel-push-plugin-%{shortcommit_rhel_push}.tar.gz
Source6: %{git_lvm}/archive/%{commit_lvm}/%{repo}-lvm-plugin-%{shortcommit_lvm}.tar.gz
Source8: %{name}.service
Source9: %{name}.sysconfig
@@ -109,12 +109,11 @@
Source30: %{git_tini}/archive/%{commit_tini}/tini-%{shortcommit_tini}.tar.gz
Source31: %{git_libnetwork}/archive/%{commit_libnetwork}/libnetwork-%{shortcommit_libnetwork}.tar.gz
Source32: seccomp.json
Patch0: 0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b.patch
BuildRequires: cmake
BuildRequires: sed
BuildRequires: git
BuildRequires: glibc-static
%if 0%{?fedora}
%if 0%{?fedora} || 0%{?centos}
BuildRequires: %{?go_compiler:compiler(go-compiler)}%{!?go_compiler:golang}
%else
BuildRequires: go-toolset-1.10
@@ -188,7 +187,7 @@
Requires: oci-umount >= 2:2.3.3-3
Requires: oci-register-machine >= 1:0-5.13
Requires: oci-systemd-hook >= 1:0.1.4-9
#Requires: %{name}-rhel-push-plugin = %{epoch}:%{version}-%{release}
Requires: %{name}-rhel-push-plugin = %{epoch}:%{version}-%{release}
Requires: xz
Requires: atomic-registries
Requires: container-selinux >= 2:2.51-1
@@ -240,16 +239,16 @@
The only thing allowed will be just bind mounts.
#%%package rhel-push-plugin
#License: GPLv2
#Summary: Avoids pushing a RHEL-based image to docker.io registry
%package rhel-push-plugin
License: GPLv2
Summary: Avoids pushing a RHEL-based image to docker.io registry
#%%description rhel-push-plugin
#In order to use this plugin you must be running at least Docker 1.10 which
#has support for authorization plugins.
%description rhel-push-plugin
In order to use this plugin you must be running at least Docker 1.10 which
has support for authorization plugins.
#This plugin avoids any RHEL based image to be pushed to the default docker.io
#registry preventing users to violate the RH subscription agreement.
This plugin avoids any RHEL based image to be pushed to the default docker.io
registry preventing users to violate the RH subscription agreement.
%package lvm-plugin
License: LGPLv3
@@ -274,7 +273,7 @@
tar zxf %{SOURCE4}
# untar rhel-push-plugin
#tar zxf %{SOURCE5}
tar zxf %{SOURCE5}
# untar lvm-plugin
tar zxf %{SOURCE6}
@@ -303,9 +302,6 @@
# untar docker-runc
tar zxf %{SOURCE19}
pushd runc-%{commit_runc}
%patch0 -p1
popd
# untar docker-containerd
tar zxf %{SOURCE20}
@@ -336,7 +332,7 @@
  mkdir -p src/%{provider}.%{provider_tld}/{%{name},projectatomic}
  ln -s $(dirs +1 -l) src/%{import_path}
  ln -s $(dirs +1 -l)/%{repo}-novolume-plugin-%{commit_novolume} src/%{provider}.%{provider_tld}/projectatomic/%{repo}-novolume-plugin
#  ln -s $(dirs +1 -l)/rhel-push-plugin-%{commit_rhel_push} src/%{provider}.%{provider_tld}/projectatomic/rhel-push-plugin
  ln -s $(dirs +1 -l)/rhel-push-plugin-%{commit_rhel_push} src/%{provider}.%{provider_tld}/projectatomic/rhel-push-plugin
  ln -s $(dirs +1 -l)/%{repo}-lvm-plugin-%{commit_lvm} src/%{provider}.%{provider_tld}/projectatomic/%{repo}-lvm-plugin
popd
@@ -345,10 +341,10 @@
%gobuild %{provider}.%{provider_tld}/projectatomic/%{repo}-novolume-plugin
popd
#export GOPATH=$(pwd)/rhel-push-plugin-%{commit_rhel_push}/Godeps/_workspace:$(pwd)/_build
#pushd $(pwd)/_build/src
#%%gobuild %{provider}.%{provider_tld}/projectatomic/rhel-push-plugin
#popd
export GOPATH=$(pwd)/rhel-push-plugin-%{commit_rhel_push}/Godeps/_workspace:$(pwd)/_build
pushd $(pwd)/_build/src
%gobuild %{provider}.%{provider_tld}/projectatomic/rhel-push-plugin
popd
export GOPATH=$(pwd)/%{repo}-lvm-plugin-%{commit_lvm}/Godeps/_workspace:$(pwd)/_build
pushd $(pwd)/_build/src
@@ -371,7 +367,7 @@
# build %%{name} manpages
man/md2man-all.sh
go-md2man -in %{repo}-novolume-plugin-%{commit_novolume}/man/%{repo}-novolume-plugin.8.md -out %{repo}-novolume-plugin.8
#go-md2man -in rhel-push-plugin-%{commit_rhel_push}/man/rhel-push-plugin.8.md -out rhel-push-plugin.8
go-md2man -in rhel-push-plugin-%{commit_rhel_push}/man/rhel-push-plugin.8.md -out rhel-push-plugin.8
go-md2man -in %{repo}-lvm-plugin-%{commit_lvm}/man/%{repo}-lvm-plugin.8.md -out %{repo}-lvm-plugin.8
# build %%{name} binary
@@ -536,12 +532,12 @@
install -p -m 644 %{repo}-novolume-plugin.8 %{buildroot}%{_mandir}/man8
# install rhel-push-plugin executable, unitfile, socket and man
#install -d %{buildroot}%{_libexecdir}/%{repo}
#install -p -m 755 _build/src/rhel-push-plugin %{buildroot}%{_libexecdir}/%{repo}/rhel-push-plugin
#install -p -m 644 rhel-push-plugin-%{commit_rhel_push}/systemd/rhel-push-plugin.service %{buildroot}%{_unitdir}/rhel-push-plugin.service
#install -p -m 644 rhel-push-plugin-%{commit_rhel_push}/systemd/rhel-push-plugin.socket %{buildroot}%{_unitdir}/rhel-push-plugin.socket
#install -d %{buildroot}%{_mandir}/man8
#install -p -m 644 rhel-push-plugin.8 %{buildroot}%{_mandir}/man8
install -d %{buildroot}%{_libexecdir}/%{repo}
install -p -m 755 _build/src/rhel-push-plugin %{buildroot}%{_libexecdir}/%{repo}/rhel-push-plugin
install -p -m 644 rhel-push-plugin-%{commit_rhel_push}/systemd/rhel-push-plugin.service %{buildroot}%{_unitdir}/rhel-push-plugin.service
install -p -m 644 rhel-push-plugin-%{commit_rhel_push}/systemd/rhel-push-plugin.socket %{buildroot}%{_unitdir}/rhel-push-plugin.socket
install -d %{buildroot}%{_mandir}/man8
install -p -m 644 rhel-push-plugin.8 %{buildroot}%{_mandir}/man8
# install %%{repo}-lvm-plugin executable, unitfile, socket and man
install -d %{buildroot}/%{_libexecdir}/%{repo}
@@ -621,14 +617,14 @@
%postun novolume-plugin
%systemd_postun_with_restart %{name}-novolume-plugin.service
#%%post rhel-push-plugin
#%%systemd_post rhel-push-plugin.service
%post rhel-push-plugin
%systemd_post rhel-push-plugin.service
#%%preun rhel-push-plugin
#%%systemd_preun rhel-push-plugin.service
%preun rhel-push-plugin
%systemd_preun rhel-push-plugin.service
#%%postun rhel-push-plugin
#%%systemd_postun_with_restart rhel-push-plugin.service
%postun rhel-push-plugin
%systemd_postun_with_restart rhel-push-plugin.service
%posttrans
# Install a default docker-storage-setup based on kernel version.
@@ -724,12 +720,12 @@
%{_libexecdir}/%{repo}/%{repo}-novolume-plugin
%{_unitdir}/%{repo}-novolume-plugin.*
#%%files rhel-push-plugin
#%%license rhel-push-plugin-%{commit_rhel_push}/LICENSE
#%%doc rhel-push-plugin-%{commit_rhel_push}/README.md
#%%{_mandir}/man8/rhel-push-plugin.8.gz
#%%{_libexecdir}/%{repo}/rhel-push-plugin
#%%{_unitdir}/rhel-push-plugin.*
%files rhel-push-plugin
%license rhel-push-plugin-%{commit_rhel_push}/LICENSE
%doc rhel-push-plugin-%{commit_rhel_push}/README.md
%{_mandir}/man8/rhel-push-plugin.8.gz
%{_libexecdir}/%{repo}/rhel-push-plugin
%{_unitdir}/rhel-push-plugin.*
%files lvm-plugin
%license %{repo}-lvm-plugin-%{commit_lvm}/LICENSE
@@ -745,8 +741,16 @@
%{_bindir}/%{name}-v1.10-migrator-*
%changelog
* Wed Feb 13 2019 Johnny Hughes <johnny@centos.org>
- Manual CentOS Debranding
* Tue Feb 26 2019 Lokesh Mandvekar <lsm5@redhat.com> - 2:1.13.1-94.gitb2f74b2
- Resolves: #1556901, #1678096
- built docker-runc @projectatomic/docker-1.13.1-rhel commit df5c38a
* Tue Feb 19 2019 Frantisek Kluknavsky <fkluknav@redhat.com> - 2:1.13.1-93.gitb2f74b2
- rebased containerd to 7989550b83317f799af20ab4df3a5b6487767fc9
- Resolves: #1671861
* Mon Feb 11 2019 Frantisek Kluknavsky <fkluknav@redhat.com> - 2:1.13.1-92.gitb2f74b2
- rebase
* Sat Feb 09 2019 Lokesh Mandvekar <lsm5@redhat.com> - 2:1.13.1-91.git07f3374
- Resolves: #1665326 - CVE-2019-5736