|
 |
9e7e45 |
%global forgeurl https://github.com/osbuild/osbuild
|
|
|
9e7e45 |
%global selinuxtype targeted
|
|
|
9e7e45 |
|
|
|
9e7e45 |
Version: 18
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%forgemeta
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%global pypi_name osbuild
|
|
|
9e7e45 |
%global pkgdir %{_prefix}/lib/%{pypi_name}
|
|
|
9e7e45 |
|
|
|
9e7e45 |
Name: %{pypi_name}
|
|
|
9e7e45 |
Release: 3%{?dist}
|
|
|
9e7e45 |
License: ASL 2.0
|
|
|
9e7e45 |
|
|
|
9e7e45 |
URL: %{forgeurl}
|
|
|
9e7e45 |
|
|
|
9e7e45 |
Source0: %{forgesource}
|
|
|
9e7e45 |
Patch0: no-floats-in-sources.patch
|
|
|
9e7e45 |
Patch1: selinux-allow-nnp-and-nosuid-transitions.patch
|
|
|
9e7e45 |
BuildArch: noarch
|
|
|
9e7e45 |
Summary: A build system for OS images
|
|
|
9e7e45 |
|
|
|
9e7e45 |
BuildRequires: make
|
|
|
9e7e45 |
BuildRequires: python3-devel
|
|
|
9e7e45 |
BuildRequires: python3-docutils
|
|
|
9e7e45 |
|
|
|
9e7e45 |
Requires: bash
|
|
|
9e7e45 |
Requires: coreutils
|
|
|
9e7e45 |
Requires: curl
|
|
|
9e7e45 |
Requires: dnf
|
|
|
9e7e45 |
Requires: e2fsprogs
|
|
|
9e7e45 |
Requires: glibc
|
|
|
9e7e45 |
Requires: policycoreutils
|
|
|
9e7e45 |
Requires: qemu-img
|
|
|
9e7e45 |
Requires: systemd
|
|
|
9e7e45 |
Requires: systemd-container
|
|
|
9e7e45 |
Requires: tar
|
|
|
9e7e45 |
Requires: util-linux
|
|
|
9e7e45 |
Requires: python3-%{pypi_name} = %{version}-%{release}
|
|
|
9e7e45 |
Requires: (%{name}-selinux if selinux-policy-%{selinuxtype})
|
|
|
9e7e45 |
|
|
|
9e7e45 |
# Turn off dependency generators for assemblers, runners and stages.
|
|
|
9e7e45 |
# They run in a container, so there's no reason to generate dependencies
|
|
|
9e7e45 |
# from them. As of 2020-03-25 this filters out python3.6 dependency generated
|
|
|
9e7e45 |
# by rhel runner.
|
|
|
9e7e45 |
%global __requires_exclude_from ^%{pkgdir}/(assemblers|runners|stages)/.*$
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%{?python_enable_dependency_generator}
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%description
|
|
|
9e7e45 |
A build system for OS images
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%package -n python3-%{pypi_name}
|
|
|
9e7e45 |
Summary: %{summary}
|
|
|
9e7e45 |
%{?python_provide:%python_provide python3-%{pypi_name}}
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%description -n python3-%{pypi_name}
|
|
|
9e7e45 |
A build system for OS images
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%package ostree
|
|
|
9e7e45 |
Summary: OSTree support
|
|
|
9e7e45 |
Requires: %{name} = %{version}-%{release}
|
|
|
9e7e45 |
Requires: ostree
|
|
|
9e7e45 |
Requires: rpm-ostree
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%description ostree
|
|
|
9e7e45 |
Contains the necessary stages, assembler and source
|
|
|
9e7e45 |
to build OSTree based images.
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%package selinux
|
|
|
9e7e45 |
Summary: SELinux policies
|
|
|
9e7e45 |
Requires: %{name} = %{version}-%{release}
|
|
|
9e7e45 |
BuildRequires: selinux-policy
|
|
|
9e7e45 |
BuildRequires: selinux-policy-devel
|
|
|
9e7e45 |
%{?selinux_requires}
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%description selinux
|
|
|
9e7e45 |
Contains the necessary SELinux policies that allows
|
|
|
9e7e45 |
osbuild to use labels unknown to the host inside the
|
|
|
9e7e45 |
containers it uses to build OS artifacts.
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%prep
|
|
|
9e7e45 |
%forgesetup
|
|
|
9e7e45 |
%patch0 -p1
|
|
|
9e7e45 |
%patch1 -p1
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%build
|
|
|
9e7e45 |
%py3_build
|
|
|
9e7e45 |
make man
|
|
|
9e7e45 |
|
|
|
9e7e45 |
# SELinux
|
|
|
9e7e45 |
make -f /usr/share/selinux/devel/Makefile osbuild.pp
|
|
|
9e7e45 |
bzip2 -9 osbuild.pp
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%pre
|
|
|
9e7e45 |
%selinux_relabel_pre -s %{selinuxtype}
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%install
|
|
|
9e7e45 |
%py3_install
|
|
|
9e7e45 |
|
|
|
9e7e45 |
mkdir -p %{buildroot}%{pkgdir}/stages
|
|
|
9e7e45 |
install -p -m 0755 $(find stages -type f) %{buildroot}%{pkgdir}/stages/
|
|
|
9e7e45 |
|
|
|
9e7e45 |
mkdir -p %{buildroot}%{pkgdir}/assemblers
|
|
|
9e7e45 |
install -p -m 0755 $(find assemblers -type f) %{buildroot}%{pkgdir}/assemblers/
|
|
|
9e7e45 |
|
|
|
9e7e45 |
mkdir -p %{buildroot}%{pkgdir}/runners
|
|
|
9e7e45 |
install -p -m 0755 $(find runners -type f -or -type l) %{buildroot}%{pkgdir}/runners
|
|
|
9e7e45 |
|
|
|
9e7e45 |
mkdir -p %{buildroot}%{pkgdir}/sources
|
|
|
9e7e45 |
install -p -m 0755 $(find sources -type f) %{buildroot}%{pkgdir}/sources
|
|
|
9e7e45 |
|
|
|
9e7e45 |
# mount point for bind mounting the osbuild library
|
|
|
9e7e45 |
mkdir -p %{buildroot}%{pkgdir}/osbuild
|
|
|
9e7e45 |
|
|
|
9e7e45 |
# schemata
|
|
|
9e7e45 |
mkdir -p %{buildroot}%{_datadir}/osbuild/schemas
|
|
|
9e7e45 |
install -p -m 0755 $(find schemas/*.json) %{buildroot}%{_datadir}/osbuild/schemas
|
|
|
9e7e45 |
ln -s %{_datadir}/osbuild/schemas %{buildroot}%{pkgdir}/schemas
|
|
|
9e7e45 |
|
|
|
9e7e45 |
# documentation
|
|
|
9e7e45 |
mkdir -p %{buildroot}%{_mandir}/man1
|
|
|
9e7e45 |
mkdir -p %{buildroot}%{_mandir}/man5
|
|
|
9e7e45 |
install -p -m 0644 -t %{buildroot}%{_mandir}/man1/ docs/*.1
|
|
|
9e7e45 |
install -p -m 0644 -t %{buildroot}%{_mandir}/man5/ docs/*.5
|
|
|
9e7e45 |
|
|
|
9e7e45 |
# SELinux
|
|
|
9e7e45 |
install -D -m 644 -t %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype} %{name}.pp.bz2
|
|
|
9e7e45 |
install -D -m 644 -t %{buildroot}%{_mandir}/man8 selinux/%{name}_selinux.8
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%check
|
|
|
9e7e45 |
exit 0
|
|
|
9e7e45 |
# We have some integration tests, but those require running a VM, so that would
|
|
|
9e7e45 |
# be an overkill for RPM check script.
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%files
|
|
|
9e7e45 |
%license LICENSE
|
|
|
9e7e45 |
%{_bindir}/osbuild
|
|
|
9e7e45 |
%{_mandir}/man1/%{name}.1*
|
|
|
9e7e45 |
%{_mandir}/man5/%{name}-manifest.5*
|
|
|
9e7e45 |
%{_datadir}/osbuild/schemas
|
|
|
9e7e45 |
%{pkgdir}
|
|
|
9e7e45 |
# the following files are in the ostree sub-package
|
|
|
9e7e45 |
%exclude %{pkgdir}/assemblers/org.osbuild.ostree.commit
|
|
|
9e7e45 |
%exclude %{pkgdir}/sources/org.osbuild.ostree
|
|
|
9e7e45 |
%exclude %{pkgdir}/stages/org.osbuild.ostree
|
|
|
9e7e45 |
%exclude %{pkgdir}/stages/org.osbuild.rpm-ostree
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%files -n python3-%{pypi_name}
|
|
|
9e7e45 |
%license LICENSE
|
|
|
9e7e45 |
%doc README.md NEWS.md
|
|
|
9e7e45 |
%{python3_sitelib}/%{pypi_name}-*.egg-info/
|
|
|
9e7e45 |
%{python3_sitelib}/%{pypi_name}/
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%files ostree
|
|
|
9e7e45 |
%{pkgdir}/assemblers/org.osbuild.ostree.commit
|
|
|
9e7e45 |
%{pkgdir}/sources/org.osbuild.ostree
|
|
|
9e7e45 |
%{pkgdir}/stages/org.osbuild.ostree
|
|
|
9e7e45 |
%{pkgdir}/stages/org.osbuild.rpm-ostree
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%files selinux
|
|
|
9e7e45 |
%{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.bz2
|
|
|
9e7e45 |
%{_mandir}/man8/%{name}_selinux.8.*
|
|
|
9e7e45 |
%ghost %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{name}
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%post selinux
|
|
|
9e7e45 |
%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.bz2
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%postun selinux
|
|
|
9e7e45 |
if [ $1 -eq 0 ]; then
|
|
|
9e7e45 |
%selinux_modules_uninstall -s %{selinuxtype} %{name}
|
|
|
9e7e45 |
fi
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%posttrans selinux
|
|
|
9e7e45 |
%selinux_relabel_post -s %{selinuxtype}
|
|
|
9e7e45 |
|
|
|
9e7e45 |
|
|
|
9e7e45 |
%changelog
|
|
|
9e7e45 |
* Thu Aug 13 2020 Christian Kellner <ckellner@redhat.com> - 18-3
|
|
|
9e7e45 |
- Add patch to allow nnp and nosuid domain transitions
|
|
|
9e7e45 |
https://github.com/osbuild/osbuild/pull/495
|
|
|
9e7e45 |
|
|
|
9e7e45 |
* Fri Jun 26 2020 Christian Kellner <ckellner@redhat.com> - 18-2
|
|
|
9e7e45 |
- Add patch to not pass floats to curl in the files source
|
|
|
9e7e45 |
https://github.com/osbuild/osbuild/pull/459
|
|
|
9e7e45 |
|
|
|
9e7e45 |
* Tue Jun 23 2020 Christian Kellner <ckellner@redhat.com> - 18-1
|
|
|
9e7e45 |
- Upstream release 18
|
|
|
9e7e45 |
- All RHEL runners now use platform-python.
|
|
|
9e7e45 |
|
|
|
9e7e45 |
* Wed Jun 10 2020 Christian Kellner <ckellner@redhat.com> - 17-1
|
|
|
9e7e45 |
- Upstream release 17
|
|
|
9e7e45 |
- Add custom SELinux policy that lets osbuild set labels inside
|
|
|
9e7e45 |
the build root that are unknown to the host.
|
|
|
9e7e45 |
|
|
|
9e7e45 |
* Thu Jun 4 2020 Christian Kellner <christian@kellner.me> - 16-1
|
|
|
9e7e45 |
- Upstream release 16
|
|
|
9e7e45 |
- Drop sources-fix-break-when-secrets-is-None.patch included in
|
|
|
9e7e45 |
osbuild-16.
|
|
|
9e7e45 |
|
|
|
9e7e45 |
* Tue May 26 2020 Christian Kellner <ckellner@redhat.com> - 15-2
|
|
|
9e7e45 |
- Add a patch to allow org.osbuild.files source in the new format
|
|
|
9e7e45 |
but without actually containing the secrets key.
|
|
|
9e7e45 |
Taken from merged PR: https://github.com/osbuild/osbuild/pull/416
|
|
|
9e7e45 |
|
|
|
9e7e45 |
* Thu May 21 2020 Christian Kellner <ckellner@redhat.com> - 15-1
|
|
|
9e7e45 |
- New upstream release 15
|
|
|
9e7e45 |
- Drop draft4-validator.json patch, included in osbuild-15
|
|
|
9e7e45 |
|
|
|
9e7e45 |
* Wed May 13 2020 Christian Kellner <ckellner@redhat.com> - 14-2
|
|
|
9e7e45 |
- Add draft4-validator.json patch
|
|
|
9e7e45 |
python3-jsonschema in RHEL currently has version 2.6.0 which
|
|
|
9e7e45 |
has support validating up to and including draft4 of jsonschema.
|
|
|
9e7e45 |
See https://github.com/osbuild/osbuild/pull/394
|
|
|
9e7e45 |
|
|
|
9e7e45 |
* Wed May 13 2020 Christian Kellner <ckellner@redhat.com> - 14-1
|
|
|
9e7e45 |
- Upstream release 14
|
|
|
9e7e45 |
- Install schemata to <datadir>/osbuild/schemas and include a
|
|
|
9e7e45 |
symlink to it in /usr/lib/osbuild/schemas
|
|
|
9e7e45 |
- The directories /usr/lib/osbuild/{assemblers, stages}/osbuild
|
|
|
9e7e45 |
got removed. Changes to osbuild made them obsolete.
|
|
|
9e7e45 |
|
|
|
9e7e45 |
* Wed Apr 15 2020 Christian Kellner <ckellner@redhat.com> - 12-1
|
|
|
9e7e45 |
- Sync with Fedora and use upstream release 12
|
|
|
9e7e45 |
- Specify the exact version in the 'python3-osbuild' requirement
|
|
|
9e7e45 |
to avoid the library and the main binary being out of sync.
|
|
|
9e7e45 |
- osbuild-ostree sub-package with the necessary bits to create
|
|
|
9e7e45 |
OSTree based images
|
|
|
9e7e45 |
- Turn off dependency generator for internal components
|
|
|
9e7e45 |
- Add NEWS.md file with the release notes and man pages
|
|
|
9e7e45 |
|
|
|
9e7e45 |
* Mon Dec 16 2019 Lars Karlitski <lars@karlitski.net> - 7-1
|
|
|
9e7e45 |
- New upstream release
|
|
|
9e7e45 |
|
|
|
9e7e45 |
* Sun Dec 1 2019 Tom Gundersen <teg@jklm.no> - 6-2
|
|
|
9e7e45 |
- New upstream release
|
|
|
9e7e45 |
|
|
|
9e7e45 |
* Thu Oct 24 2019 Lars Karlitski <lueberni@redhat.com> - 3-2
|
|
|
9e7e45 |
- add gating infra and tests
|
|
|
9e7e45 |
|
|
|
9e7e45 |
* Mon Aug 19 2019 Miro HronĨok <mhroncok@redhat.com> - 1-3
|
|
|
9e7e45 |
- Rebuilt for Python 3.8
|
|
|
9e7e45 |
|
|
|
9e7e45 |
* Mon Jul 29 2019 Martin Sehnoutka <msehnout@redhat.com> - 1-2
|
|
|
9e7e45 |
- update upstream URL to the new Github organization
|
|
|
9e7e45 |
|
|
|
9e7e45 |
* Wed Jul 17 2019 Martin Sehnoutka <msehnout@redhat.com> - 1-1
|
|
|
9e7e45 |
- Initial package
|