diff --git a/.docker-latest.metadata b/.docker-latest.metadata index 73b1596..fa79190 100644 --- a/.docker-latest.metadata +++ b/.docker-latest.metadata @@ -1,7 +1,7 @@ -edee2dd2844c4a220864fe3ec0442bc337e0d383 SOURCES/containerd-e39d94f.tar.gz -6bfaa31f709952d52ce3572a8714208443ee5a8c SOURCES/docker-b303bf6.tar.gz -a2a9f5deac1f258765a1840240f8d80c2767e99f SOURCES/docker-storage-setup-f7a3746.tar.gz -66c83bf2232e9e153196a60ee97de10ecc02caf3 SOURCES/libnetwork-6426d1e.tar.gz -c8383936f11e8e8491b83fd9dac5adbe36c45da8 SOURCES/runc-2ade59f.tar.gz -4216c3edc139a56bb8363853f4f534d9c2439512 SOURCES/tini-eb3987c.tar.gz +a2a9f5deac1f258765a1840240f8d80c2767e99f SOURCES/container-storage-setup-f7a3746.tar.gz +0b0730569b88b527d2265e79def8cb35e042cba3 SOURCES/containerd-89a5d2c.tar.gz +17751cdfee98845e620ee8fe58f9b13a504684e7 SOURCES/docker-cd75c68.tar.gz +638b3f8555f4d2ff9783bbf8c79e059cf549b7dc SOURCES/libnetwork-f81e09a.tar.gz +79e69c135d2110f017a5893abbd55911a6dee1bd SOURCES/runc-79db05f.tar.gz +4cb9381a908a8e510e8568f471d08535f6a980a3 SOURCES/tini-4892d4d.tar.gz ea4b3d96c46fccb6781d66a6c53c087b179c80fe SOURCES/v1.10-migrator-c417a6a.tar.gz diff --git a/.gitignore b/.gitignore index ff32189..12d8276 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,7 @@ -SOURCES/containerd-e39d94f.tar.gz -SOURCES/docker-b303bf6.tar.gz -SOURCES/docker-storage-setup-f7a3746.tar.gz -SOURCES/libnetwork-6426d1e.tar.gz -SOURCES/runc-2ade59f.tar.gz -SOURCES/tini-eb3987c.tar.gz +SOURCES/container-storage-setup-f7a3746.tar.gz +SOURCES/containerd-89a5d2c.tar.gz +SOURCES/docker-cd75c68.tar.gz +SOURCES/libnetwork-f81e09a.tar.gz +SOURCES/runc-79db05f.tar.gz +SOURCES/tini-4892d4d.tar.gz SOURCES/v1.10-migrator-c417a6a.tar.gz diff --git a/SOURCES/0001-adjust-pkg-errors-imports.patch b/SOURCES/0001-adjust-pkg-errors-imports.patch new file mode 100644 index 0000000..27e8bc4 --- /dev/null +++ b/SOURCES/0001-adjust-pkg-errors-imports.patch @@ -0,0 +1,40 @@ +From 0fdc77886ccc101a28b11ce63e87a935c936d2ef Mon Sep 17 00:00:00 2001 +From: Antonio Murdaca +Date: Wed, 19 Jul 2017 20:02:32 +0200 +Subject: [PATCH] adjust pkg/errors imports + +Signed-off-by: Antonio Murdaca +--- + daemon/graphdriver/devmapper/deviceset.go | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/daemon/graphdriver/devmapper/deviceset.go b/daemon/graphdriver/devmapper/deviceset.go +index 51eaf45..2ef067c 100644 +--- a/daemon/graphdriver/devmapper/deviceset.go ++++ b/daemon/graphdriver/devmapper/deviceset.go +@@ -29,8 +29,8 @@ import ( + "github.com/docker/docker/pkg/mount" + "github.com/docker/docker/pkg/parsers" + "github.com/docker/go-units" +- + "github.com/opencontainers/runc/libcontainer/label" ++ pkgerr "github.com/pkg/errors" + ) + + var ( +@@ -2719,10 +2719,10 @@ func NewDeviceSet(root string, doInit bool, options []string, uidMaps, gidMaps [ + case "dm.libdm_log_level": + level, err := strconv.ParseInt(val, 10, 32) + if err != nil { +- return nil, errors.Wrapf(err, "could not parse `dm.libdm_log_level=%s`", val) ++ return nil, pkgerr.Wrapf(err, "could not parse `dm.libdm_log_level=%s`", val) + } + if level < devicemapper.LogLevelFatal || level > devicemapper.LogLevelDebug { +- return nil, errors.Errorf("dm.libdm_log_level must be in range [%d,%d]", devicemapper.LogLevelFatal, devicemapper.LogLevelDebug) ++ return nil, pkgerr.Errorf("dm.libdm_log_level must be in range [%d,%d]", devicemapper.LogLevelFatal, devicemapper.LogLevelDebug) + } + // Register a new logging callback with the specified level. + devicemapper.LogInit(devicemapper.DefaultLogger{ +-- +1.8.3.1 + diff --git a/SOURCES/docker-latest-cleanup.service b/SOURCES/docker-latest-cleanup.service index 25debd8..11c5e93 100644 --- a/SOURCES/docker-latest-cleanup.service +++ b/SOURCES/docker-latest-cleanup.service @@ -1,8 +1,11 @@ [Unit] Description=Docker Cleanup -BindsTo=docker-latest.service +Requires=docker-latest.service [Service] Type=oneshot ExecStart=/usr/bin/sh -c "DEAD=`docker ps -aq -f status=dead` && [ -n \"$DEAD\" ] && docker rm $DEAD; exit 0" + +[Install] +WantedBy=multi-user.target diff --git a/SOURCES/docker-latest-cleanup.timer b/SOURCES/docker-latest-cleanup.timer index 5d26a03..b4948d4 100644 --- a/SOURCES/docker-latest-cleanup.timer +++ b/SOURCES/docker-latest-cleanup.timer @@ -1,7 +1,5 @@ [Unit] Description=Run docker-cleanup every hour -BindsTo=docker-latest.service -After=docker-latest.service [Timer] OnCalendar=hourly diff --git a/SOURCES/docker-latest.service b/SOURCES/docker-latest.service index 46a0307..f229e7a 100644 --- a/SOURCES/docker-latest.service +++ b/SOURCES/docker-latest.service @@ -1,13 +1,13 @@ [Unit] Description=Docker Application Container Engine Documentation=http://docs.docker.com -After=network.target +After=network.target rhel-push-plugin.socket Wants=docker-latest-storage-setup.service +Requires=rhel-push-plugin.socket [Service] Type=notify NotifyAccess=all -KillMode=process EnvironmentFile=-/etc/sysconfig/docker-latest EnvironmentFile=-/etc/sysconfig/docker-latest-storage EnvironmentFile=-/etc/sysconfig/docker-latest-network @@ -17,6 +17,7 @@ Environment=PATH=/usr/libexec/docker:/usr/bin:/usr/sbin ExecStart=/usr/bin/dockerd-latest \ --add-runtime docker-runc=/usr/libexec/docker/docker-runc-latest \ --default-runtime=docker-runc \ + --authorization-plugin=rhel-push-plugin \ --exec-opt native.cgroupdriver=systemd \ --userland-proxy-path=/usr/libexec/docker/docker-proxy-latest \ --seccomp-profile=/etc/docker-latest/seccomp.json \ @@ -35,6 +36,7 @@ LimitCORE=infinity TimeoutStartSec=0 Restart=on-abnormal MountFlags=slave +KillMode=process [Install] WantedBy=multi-user.target diff --git a/SOURCES/docker-latest.sysconfig b/SOURCES/docker-latest.sysconfig index b240c20..7bf6915 100644 --- a/SOURCES/docker-latest.sysconfig +++ b/SOURCES/docker-latest.sysconfig @@ -8,7 +8,7 @@ DOCKER_CERT_PATH=/etc/docker # pull use the #ADD_REGISTRY option to list a set of registries, each prepended # with --add-registry flag. The first registry added will be the first registry # searched. -#ADD_REGISTRY='--add-registry registry.access.redhat.com' +ADD_REGISTRY='--add-registry registry.access.redhat.com' # If you want to block registries from being used, uncomment the BLOCK_REGISTRY # option and give it a set of registries, each prepended with --block-registry diff --git a/SPECS/docker-latest.spec b/SPECS/docker-latest.spec index b08a9eb..f5c1b29 100644 --- a/SPECS/docker-latest.spec +++ b/SPECS/docker-latest.spec @@ -22,17 +22,17 @@ # macros for 'docker' package VR %global docker_epoch 2 %global docker_ver 1.12.6 -%global docker_rel 22 +%global docker_rel 48 # docker %global git_docker https://github.com/projectatomic/docker -%global commit_docker b303bf68b7f06f751ce4887377ffb2ce02836fd7 +%global commit_docker cd75c685c826fed6d0954ac2334032e5c12bf675 %global shortcommit_docker %(c=%{commit_docker}; echo ${c:0:7}) # docker_branch used in %%check %global docker_branch docker-1.13.1-rhel -# d-s-s -%global git_dss https://github.com/projectatomic/%{repo}-storage-setup/ +# container-storage-setup +%global git_dss https://github.com/projectatomic/container-storage-setup/ %global commit_dss f7a37469b09b841e630f06e4c149fae345f66fbd %global shortcommit_dss %(c=%{commit_dss}; echo ${c:0:7}) %global dss_libdir %{_exec_prefix}/lib/%{name}-storage-setup @@ -46,32 +46,32 @@ # docker-runc %global git_runc https://github.com/projectatomic/runc -%global commit_runc 2ade59f1c16aca02c74b1bd3681522bd13cf0af2 +%global commit_runc 79db05ff0192bae1d0e505b93c5ac28818beb441 %global shortcommit_runc %(c=%{commit_runc}; echo ${c:0:7}) # docker-containerd %global git_containerd https://github.com/projectatomic/containerd -%global commit_containerd e39d94f23ea6148d73de7f94aa7cf7ef47656128 +%global commit_containerd 89a5d2ce19344c8c8bbfef03b43434f60a4afcc2 %global shortcommit_containerd %(c=%{commit_containerd}; echo ${c:0:7}) # docker-init %global git_tini https://github.com/krallin/tini -%global commit_tini eb3987cd023eb877b8a05d54023b7885e81a8acd +%global commit_tini 4892d4dc7add670cede5640bd37a29ed0547e030 %global shortcommit_tini %(c=%{commit_tini}; echo ${c:0:7}) # docker-proxy %global git_libnetwork https://github.com/docker/libnetwork -%global commit_libnetwork 6426d1e66f33c0b0c8bb135b7ee547447f54d043 +%global commit_libnetwork f81e09a9a9d83112aba6d6316d9fb4cea0035870 %global shortcommit_libnetwork %(c=%{commit_libnetwork}; echo ${c:0:7}) Name: %{repo}-latest Version: 1.13.1 -Release: 13.git%{shortcommit_docker}%{?dist} +Release: 21.1.git%{shortcommit_docker}%{?dist} Summary: Automates deployment of containerized applications License: ASL 2.0 URL: https://%{provider}.%{provider_tld}/projectatomic/%{repo} Source0: %{git_docker}/archive/%{commit_docker}/%{repo}-%{shortcommit_docker}.tar.gz -Source1: %{git_dss}/archive/%{commit_dss}/%{repo}-storage-setup-%{shortcommit_dss}.tar.gz +Source1: %{git_dss}/archive/%{commit_dss}/container-storage-setup-%{shortcommit_dss}.tar.gz %if 0%{with_migrator} Source2: %{git_migrator}/archive/%{commit_migrator}/v1.10-migrator-%{shortcommit_migrator}.tar.gz %endif # with_migrator @@ -91,6 +91,7 @@ Source16: %{name}-cleanup.timer Source17: daemon.json Source18: seccomp.json #Source13: %%{repo}-containerd.service +Patch0: 0001-adjust-pkg-errors-imports.patch BuildRequires: cmake BuildRequires: git BuildRequires: glibc-static @@ -105,9 +106,10 @@ BuildRequires: gpgme-devel BuildRequires: libassuan-devel BuildRequires: pkgconfig(systemd) Requires: device-mapper-libs >= 7:1.02.97 -Requires: container-selinux >= 2:2.12-2 +Requires: container-selinux >= 2:2.10-2 Requires: %{repo}-common >= %{docker_epoch}:%{docker_ver}-%{docker_rel} Requires: %{repo}-client-latest = %{version}-%{release} +Requires: %{repo}-rhel-push-plugin >= %{docker_epoch}:%{docker_ver}-%{docker_rel} Requires: oci-register-machine >= 1:0-3.10 Requires: oci-systemd-hook >= 1:0.1.4-9 Requires(post): systemd @@ -123,6 +125,7 @@ Provides: %{repo}-engine-latest = %{version}-%{release} # needs tar to be able to run containers Requires: tar + Requires: subscription-manager-plugin-container # include d-s-s into main docker package and obsolete existing d-s-s rpm @@ -130,9 +133,12 @@ Requires: subscription-manager-plugin-container Requires: lvm2 >= 7:1.02.97 Requires: xfsprogs Obsoletes: %{repo}-storage-setup <= 0.5-3 + Requires: skopeo-containers Requires: gnupg +Requires: criu + %description Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will @@ -186,15 +192,15 @@ Requires: %{repo}-common %{summary} %prep -%setup -q -n %{repo}-%{commit_docker} +%autosetup -Sgit -n %{repo}-%{commit_docker} # here keep the new line above otherwise autosetup fails when applying patch cp %{SOURCE9} . # rhel debranding for centos -#%if 0%{?centos} -#sed -i 's/ADD_REGISTRY/#ADD_REGISTRY/' %{SOURCE6} -#%endif +%if 0%{?centos} +sed -i 's/ADD_REGISTRY/#ADD_REGISTRY/' %{SOURCE6} +%endif # untar d-s-s tar zxf %{SOURCE1} @@ -310,7 +316,7 @@ for x in bundles/latest; do break done -#install daemon.json and seccomp.json +# install daemon.json and seccomp.json install -dp %{buildroot}%{_sysconfdir}/%{name} install -p -m 644 %{SOURCE17} %{buildroot}%{_sysconfdir}/%{name} install -p -m 644 %{SOURCE18} %{buildroot}%{_sysconfdir}/%{name} @@ -359,15 +365,17 @@ install -p contrib/udev/80-%{repo}.rules %{buildroot}%{_udevrulesdir}/80-%{name} install -d %{buildroot}%{_sharedstatedir}/%{name} # install secret patch directory -#install -d -p -m 750 %{buildroot}/%{_datadir}/rhel/secrets +install -d -p -m 750 %{buildroot}/%{_datadir}/rhel/secrets # rhbz#1110876 - update symlinks for subscription management -#ln -s %{_sysconfdir}/pki/entitlement %{buildroot}%{_datadir}/rhel/secrets/etc-pki-entitlement -#ln -s %{_sysconfdir}/rhsm %{buildroot}%{_datadir}/rhel/secrets/rhsm -#ln -s %{_sysconfdir}/yum.repos.d/redhat.repo %{buildroot}%{_datadir}/rhel/secrets/rhel7.repo +ln -s %{_sysconfdir}/pki/entitlement %{buildroot}%{_datadir}/rhel/secrets/etc-pki-entitlement +ln -s %{_sysconfdir}/rhsm %{buildroot}%{_datadir}/rhel/secrets/rhsm +ln -s %{_sysconfdir}/yum.repos.d/redhat.repo %{buildroot}%{_datadir}/rhel/secrets/rhel7.repo mkdir -p %{buildroot}%{_sysconfdir}/%{name}/certs.d/redhat.{com,io} +mkdir -p %{buildroot}/etc/%{name}/certs.d/registry.access.redhat.com ln -s %{_sysconfdir}/rhsm/ca/redhat-uep.pem %{buildroot}%{_sysconfdir}/%{name}/certs.d/redhat.com/redhat-ca.crt ln -s %{_sysconfdir}/rhsm/ca/redhat-uep.pem %{buildroot}%{_sysconfdir}/%{name}/certs.d/redhat.io/redhat-ca.crt +ln -s %{_sysconfdir}/rhsm/ca/redhat-uep.pem %{buildroot}%{_sysconfdir}/%{name}/certs.d/registry.access.redhat.com/redhat-ca.crt # install systemd/init scripts install -d %{buildroot}%{_unitdir} @@ -408,7 +416,7 @@ done # install %%{repo} config directory install -dp %{buildroot}%{_sysconfdir}/%{name} -# install d-s-s +# install container-storage-setup pushd container-storage-setup-%{commit_dss} make install DESTDIR=%{buildroot} DOCKER=%{name} DSSLIBDIR=%{buildroot}%{dss_libdir} popd @@ -483,13 +491,14 @@ exit 0 %{_unitdir}/%{name}-cleanup.service %{_unitdir}/%{name}-cleanup.timer %{_datadir}/bash-completion/completions/%{name} -#%dir %{_datadir}/rhel -#%{_datadir}/rhel/* +%dir %{_datadir}/rhel +%{_datadir}/rhel/* %dir %{_sharedstatedir}/%{name} %{_udevrulesdir}/80-%{name}.rules -%{_sysconfdir}/%{name} -%dir %{dss_libdir} -%{dss_libdir}/* +%dir %{_sysconfdir}/%{name} +%dir %{_sysconfdir}/%{name}/certs.d +%dir %{_sysconfdir}/%{name}/certs.d/redhat.* +%{_sysconfdir}/%{name}/certs.d/* %{_datadir}/vim/vimfiles/doc/%{repo}file-latest.txt %{_datadir}/vim/vimfiles/ftdetect/%{repo}file-latest.vim %{_datadir}/vim/vimfiles/syntax/%{repo}file-latest.vim @@ -501,6 +510,8 @@ exit 0 %{_libexecdir}/%{repo}/%{repo}-proxy-latest %{_libexecdir}/%{repo}/%{repo}-proxy-latest %{_libexecdir}/%{repo}/%{repo}-init-latest +%dir %{dss_libdir} +%{dss_libdir}/* #%%{_unitdir}/%%{repo}-containerd.service %files -n %{repo}-client-latest @@ -532,58 +543,72 @@ exit 0 %endif # with_migrator %changelog -* Mon Jul 3 2017 Johnny Hughes - 1.13.1-13.gitb303bf6 -- Manual CentOS Debranding - -* Mon Jun 19 2017 Lokesh Mandvekar - 1.13.1-13.gitb303bf6 -- Resolves: #1463003 -- built docker @projectatomic/docker-1.13.1-rhel commit b303bf6 +* Thu Jul 20 2017 Lokesh Mandvekar - 1.13.1-21.1.gitcd75c68 +- Resolves: #1473333 +- built docker @projectatomic/docker-1.13.1-rhel commit cd75c68 +- built docker-runc @projectatomic/docker-1.13.1-rhel commit 79db05f +- built docker-containerd @projectatomic/docker-1.13.1-rhel commit 89a5d2c +- built docker-init commit 4892d4d +- built libnetwork commit f81e09a +- Requires: docker >= 1.12.6-48 + +* Wed Jul 12 2017 Frantisek Kluknavsky - 1.13.1-20.1.git19ea2d3 +- /etc/docker/certs.d/registry.access.redhat.com/redhat-ca.crt symlink added, #1428142 + +* Wed Jun 14 2017 Lokesh Mandvekar - 1.13.1-19.1.git19ea2d3 +- correct typo in unitfile + +* Wed Jun 14 2017 Lokesh Mandvekar - 1.13.1-18.1.git19ea2d3 +- enable all arches + +* Tue Jun 13 2017 Lokesh Mandvekar - 1.13.1-17.1.git19ea2d3 +- disable s390x due to indefinite brew wait times + +* Tue Jun 13 2017 Lokesh Mandvekar - 1.13.1-16.1.git19ea2d3 +- Resolves: #1460268, #1460784 +- built docker @projectatomic/docker-1.13.1-rhel commit 19ea2d3 - built docker-runc @projectatomic/docker-1.13.1-rhel commit 2ade59f - built docker-containerd @projectatomic/docker-1.13.1-rhel commit e39d94f - built docker-init commit eb3987c -- built libnetwork commit 6426d1e +- built libnetwork commit 73f58e1 + +* Thu Jun 08 2017 Lokesh Mandvekar - 1.13.1-15.1.git55ffbf0 +- revert docker epoch value to 2, change made in "docker" package -* Tue Jun 06 2017 Lokesh Mandvekar - 1.13.1-12.git55ffbf0 +* Tue Jun 06 2017 Lokesh Mandvekar - 1.13.1-14.1.git55ffbf0 - built docker @projectatomic/docker-1.13.1-rhel commit 55ffbf0 - built docker-runc @projectatomic/docker-1.13.1-rhel commit 2ade59f - built docker-containerd @projectatomic/docker-1.13.1-rhel commit e39d94f - built docker-init commit 81f886d - built libnetwork commit eed0fe8 -* Tue May 17 2017 Lokesh Mandvekar - 1.13.1-11.git3a17ad5 -- Resolves: #1451796 -- built docker @projectatomic/docker-1.13.1-rhel commit 3a17ad5 - -* Tue May 09 2017 Lokesh Mandvekar - 1.13.1-10.git475c5d2 -- KillMode=process in docker-latest.service (RE: #1424709) - -* Tue May 09 2017 Lokesh Mandvekar - 1.13.1-9.git475c5d2 -- /etc/docker/{daemon,seccomp}.json should be config(noreplace) +* Wed May 17 2017 Lokesh Mandvekar - 1.13.1-13.1.git1626e6d +- ensure d-s-s files mention docker-latest and not docker -* Tue May 09 2017 Lokesh Mandvekar - 1.13.1-8.git475c5d2 -- correct docker-latest-cleanup.timer unitfile -- correct docker branch used in check section -- use docker-common >= 1.12.6-22 +* Wed May 17 2017 Lokesh Mandvekar - 1.13.1-12.1.git1626e6d +- requires: docker-common >= 3:1.12.6-29.1 +- bump release tag to -12 to stay ahead of extras-rhel-7.3 +- built docker @projectatomic/docker-1.13.1-rhel commit 1626e6d +- built docker-runc @projectatomic/docker-1.13.1-rhel commit 2ade59f +- built docker-containerd @projectatomic/docker-1.13.1-rhel commit 03e5862 +- built docker-init commit 6ad9813 +- built libnetwork commit b2bc1a6 -* Tue May 09 2017 Lokesh Mandvekar - 1.13.1-7.git475c5d2 -- built docker @projectatomic/docker-1.13.1-rhel commit 475c5d2 -- Resolves: #1447455 -- include patch for docker-cleanup unitfiles (RE: #1448457) +* Fri May 12 2017 Lokesh Mandvekar - 1.13.1-6.1.git3a17ad5 +- Resolves: #1449384 - revert to using older docker-storage-setup -* Tue May 02 2017 Lokesh Mandvekar - 1.13.1-6.gitb7732b0 -- Resolves: #1441100, #1444111, #1445134 -- built docker @projectatomic/docker-1.13.1-rhel commit b7732b0 +* Fri May 05 2017 Lokesh Mandvekar - 1.13.1-5.1.git3a17ad5 +- Resolves: #1400255 - enable criu +- add docker shortcommit id to release tag +- built docker @projectatomic/docker-1.13.1-rhel commit 3a17ad5 +- built c-s-s commit 8276a1e - built docker-runc @projectatomic/docker-1.13.1 commit 3753658 - built docker-containerd @projectatomic/docker-1.13.1 commit 03e5862 - built docker-init commit 6ad9813 - built libnetwork commit 929077d -* Thu Apr 27 2017 Lokesh Mandvekar - 1.13.1-5 -- built docker @projectatomic/docker-1.13.1 commit f27a6fc -- built docker-runc @projectatomic/docker-1.13.1 commit 3753658 -- built docker-containerd @projectatomic/docker-1.13.1 commit 03e5862 -- built docker-init commit 6ad9813 -- built libnetwork commit 5dc95a3 +* Mon Mar 27 2017 Lokesh Mandvekar - 1.13.1-4.1 +- rebuilt for all arches on 7.4 * Tue Mar 21 2017 Lokesh Mandvekar - 1.13.1-4 - Resolves: #1427334 - remove docker-latest on container-selinux removal