diff --git a/.gitignore b/.gitignore index c8da0ac..777a610 100644 --- a/.gitignore +++ b/.gitignore @@ -4,7 +4,6 @@ SOURCES/aliyun-python-sdk-core-2.13.1.tar.gz SOURCES/aliyun-python-sdk-ecs-4.9.3.tar.gz SOURCES/aliyun-python-sdk-vpc-3.0.2.tar.gz SOURCES/colorama-0.3.3.tar.gz -SOURCES/google-cloud-sdk-241.0.0-linux-x86_64.tar.gz -SOURCES/httplib2-0.18.1.tar.gz +SOURCES/google-cloud-sdk-360.0.0-linux-x86_64.tar.gz SOURCES/pycryptodome-3.6.4.tar.gz SOURCES/pyroute2-0.4.13.tar.gz diff --git a/.resource-agents.metadata b/.resource-agents.metadata index 68e4fef..d0d8224 100644 --- a/.resource-agents.metadata +++ b/.resource-agents.metadata @@ -4,7 +4,6 @@ dfc65f4cac3f95026b2f5674019814a527333004 SOURCES/ClusterLabs-resource-agents-55a c2a98b9a1562d223a76514f05028488ca000c395 SOURCES/aliyun-python-sdk-ecs-4.9.3.tar.gz f14647a4d37a9a254c4e711b95a7654fc418e41e SOURCES/aliyun-python-sdk-vpc-3.0.2.tar.gz 0fe5bd8bca54dd71223778a1e0bcca9af324abb1 SOURCES/colorama-0.3.3.tar.gz -876e2b0c0e3031c6e6101745acd08e4e9f53d6a9 SOURCES/google-cloud-sdk-241.0.0-linux-x86_64.tar.gz -c5d22ce6660999633154927684eb9b799123e569 SOURCES/httplib2-0.18.1.tar.gz +81f039cf075e9c8b70d5af99c189296a9e031de3 SOURCES/google-cloud-sdk-360.0.0-linux-x86_64.tar.gz 326a73f58a62ebee00c11a12cfdd838b196e0e8e SOURCES/pycryptodome-3.6.4.tar.gz 147149db11104c06d405fd077dcd2aa1c345f109 SOURCES/pyroute2-0.4.13.tar.gz diff --git a/SOURCES/7-gcp-bundled.patch b/SOURCES/7-gcp-bundled.patch index b1b8a50..b341dac 100644 --- a/SOURCES/7-gcp-bundled.patch +++ b/SOURCES/7-gcp-bundled.patch @@ -10,26 +10,14 @@ diff -uNr a/heartbeat/gcp-vpc-move-ip.in b/heartbeat/gcp-vpc-move-ip.in OCF_RESKEY_configuration_default="default" OCF_RESKEY_vpc_network_default="default" OCF_RESKEY_interface_default="eth0" -diff -uNr a/heartbeat/gcp-vpc-move-vip.in b/heartbeat/gcp-vpc-move-vip.in ---- a/heartbeat/gcp-vpc-move-vip.in 2020-06-25 13:21:42.090334894 +0200 -+++ b/heartbeat/gcp-vpc-move-vip.in 2020-06-25 13:14:16.668092817 +0200 -@@ -28,6 +28,7 @@ - from ocf import * - - try: -+ sys.path.insert(0, '/usr/lib/resource-agents/bundled/gcp/google-cloud-sdk/lib/third_party') - import googleapiclient.discovery - except ImportError: - pass diff -uNr a/heartbeat/gcp-vpc-move-route.in b/heartbeat/gcp-vpc-move-route.in ---- a/heartbeat/gcp-vpc-move-route.in 2020-06-25 13:22:03.216301380 +0200 -+++ b/heartbeat/gcp-vpc-move-route.in 2020-06-25 13:13:19.864183380 +0200 -@@ -45,6 +45,8 @@ +--- a/heartbeat/gcp-vpc-move-route.in 2019-04-05 09:20:26.180739624 +0200 ++++ b/heartbeat/gcp-vpc-move-route.in 2019-04-05 09:22:28.648649593 +0200 +@@ -45,6 +45,7 @@ from ocf import * try: + sys.path.insert(0, '/usr/lib/resource-agents/bundled/gcp') -+ sys.path.insert(0, '/usr/lib/resource-agents/bundled/gcp/google-cloud-sdk/lib/third_party') import googleapiclient.discovery import pyroute2 except ImportError: diff --git a/SOURCES/8-google-cloud-sdk-fixes.patch b/SOURCES/8-google-cloud-sdk-fixes.patch deleted file mode 100644 index d734d82..0000000 --- a/SOURCES/8-google-cloud-sdk-fixes.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -uNr a/bundled/gcp/google-cloud-sdk/bin/gcloud b/bundled/gcp/google-cloud-sdk/bin/gcloud ---- a/bundled/gcp/google-cloud-sdk/bin/gcloud 2018-06-18 14:30:10.000000000 +0200 -+++ b/bundled/gcp/google-cloud-sdk/bin/gcloud 2018-06-25 13:12:56.057000620 +0200 -@@ -64,6 +64,8 @@ - } - CLOUDSDK_ROOT_DIR=$(_cloudsdk_root_dir "$0") - -+CLOUDSDK_PYTHON_SITEPACKAGES=1 -+ - # if CLOUDSDK_PYTHON is empty - if [ -z "$CLOUDSDK_PYTHON" ]; then - # if python2 exists then plain python may point to a version != 2 diff --git a/SOURCES/bz1691456-gcloud-dont-detect-python2.patch b/SOURCES/bz1691456-gcloud-dont-detect-python2.patch index 9abbd09..ae414a6 100644 --- a/SOURCES/bz1691456-gcloud-dont-detect-python2.patch +++ b/SOURCES/bz1691456-gcloud-dont-detect-python2.patch @@ -1,29 +1,14 @@ -diff -uNr a/bundled/gcp/google-cloud-sdk/bin/gcloud b/bundled/gcp/google-cloud-sdk/bin/gcloud ---- a/bundled/gcp/google-cloud-sdk/bin/gcloud 2019-04-04 12:01:28.838027640 +0200 -+++ b/bundled/gcp/google-cloud-sdk/bin/gcloud 2019-04-04 12:03:21.577089065 +0200 -@@ -74,24 +74,7 @@ +--- a/bundled/gcp/google-cloud-sdk/bin/gcloud 1980-01-01 09:00:00.000000000 +0100 ++++ b/bundled/gcp/google-cloud-sdk/bin/gcloud 2021-10-14 11:30:17.726138166 +0200 +@@ -128,6 +128,11 @@ + fi + } - # if CLOUDSDK_PYTHON is empty - if [ -z "$CLOUDSDK_PYTHON" ]; then -- # if python2 exists then plain python may point to a version != 2 -- if _cloudsdk_which python2 >/dev/null; then -- CLOUDSDK_PYTHON=python2 -- elif _cloudsdk_which python2.7 >/dev/null; then -- # this is what some OS X versions call their built-in Python -- CLOUDSDK_PYTHON=python2.7 -- elif _cloudsdk_which python >/dev/null; then -- # Use unversioned python if it exists. -- CLOUDSDK_PYTHON=python -- elif _cloudsdk_which python3 >/dev/null; then -- # We support python3, but only want to default to it if nothing else is -- # found. -- CLOUDSDK_PYTHON=python3 -- else -- # This won't work because it wasn't found above, but at this point this -- # is our best guess for the error message. -- CLOUDSDK_PYTHON=python -- fi ++if [ -z "$CLOUDSDK_PYTHON" ]; then + CLOUDSDK_PYTHON="/usr/libexec/platform-python" - fi ++ CLOUDSDK_PYTHON_SITEPACKAGES=1 ++fi ++ + setup_cloudsdk_python # $PYTHONHOME can interfere with gcloud. Users should use diff --git a/SPECS/resource-agents.spec b/SPECS/resource-agents.spec index 7246b87..1a666d0 100644 --- a/SPECS/resource-agents.spec +++ b/SPECS/resource-agents.spec @@ -27,12 +27,8 @@ ## google cloud # google-cloud-sdk bundle %global googlecloudsdk google-cloud-sdk -%global googlecloudsdk_version 241.0.0 +%global googlecloudsdk_version 360.0.0 %global googlecloudsdk_dir %{bundled_lib_dir}/gcp/%{googlecloudsdk} -# python-httplib2 bundle -%global httplib2 httplib2 -%global httplib2_version 0.18.1 -%global httplib2_dir %{bundled_lib_dir}/gcp/%{httplib2} # python-pyroute2 bundle %global pyroute2 pyroute2 %global pyroute2_version 0.4.13 @@ -70,7 +66,7 @@ Name: resource-agents Summary: Open Source HA Reusable Cluster Resource Scripts Version: 4.9.0 -Release: 3%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist} +Release: 4%{?rcver:%{rcver}}%{?numcomm:.%{numcomm}}%{?alphatag:.%{alphatag}}%{?dirty:.%{dirty}}%{?dist} License: GPLv2+ and LGPLv2+ URL: https://github.com/ClusterLabs/resource-agents %if 0%{?fedora} || 0%{?centos_version} || 0%{?rhel} @@ -80,14 +76,13 @@ Group: Productivity/Clustering/HA %endif Source0: %{upstream_prefix}-%{upstream_version}.tar.gz Source1: %{googlecloudsdk}-%{googlecloudsdk_version}-linux-x86_64.tar.gz -Source2: %{httplib2}-%{httplib2_version}.tar.gz -Source3: %{pyroute2}-%{pyroute2_version}.tar.gz -Source4: %{colorama}-%{colorama_version}.tar.gz -Source5: %{pycryptodome}-%{pycryptodome_version}.tar.gz -Source6: %{aliyunsdkcore}-%{aliyunsdkcore_version}.tar.gz -Source7: %{aliyunsdkecs}-%{aliyunsdkecs_version}.tar.gz -Source8: %{aliyunsdkvpc}-%{aliyunsdkvpc_version}.tar.gz -Source9: %{aliyuncli}-%{aliyuncli_version}.tar.gz +Source2: %{pyroute2}-%{pyroute2_version}.tar.gz +Source3: %{colorama}-%{colorama_version}.tar.gz +Source4: %{pycryptodome}-%{pycryptodome_version}.tar.gz +Source5: %{aliyunsdkcore}-%{aliyunsdkcore_version}.tar.gz +Source6: %{aliyunsdkecs}-%{aliyunsdkecs_version}.tar.gz +Source7: %{aliyunsdkvpc}-%{aliyunsdkvpc_version}.tar.gz +Source8: %{aliyuncli}-%{aliyuncli_version}.tar.gz Patch0: nova-compute-wait-NovaEvacuate.patch Patch1: bz1872754-pgsqlms-new-ra.patch Patch2: bz1995178-storage-mon-fix-typo.patch @@ -95,16 +90,15 @@ Patch3: bz2008333-gcp-pd-move-gcp-vpc-move-route-dont-fail-due-to-incorrect-rc. # bundle patches Patch1000: 7-gcp-bundled.patch -Patch1001: 8-google-cloud-sdk-fixes.patch -Patch1002: 9-google-cloud-sdk-oauth2client-python-rsa-to-cryptography.patch -Patch1003: 10-gcloud-support-info.patch -Patch1004: gcp-configure-skip-bundled-lib-checks.patch -Patch1005: bz1691456-gcloud-dont-detect-python2.patch -Patch1006: aliyun-vpc-move-ip-4-bundled.patch -Patch1007: python3-syntax-fixes.patch -Patch1008: aliyuncli-python3-fixes.patch -Patch1009: bz1935422-python-pygments-fix-CVE-2021-20270.patch -Patch1010: bz1943464-python-pygments-fix-CVE-2021-27291.patch +Patch1001: 9-google-cloud-sdk-oauth2client-python-rsa-to-cryptography.patch +Patch1002: 10-gcloud-support-info.patch +Patch1003: gcp-configure-skip-bundled-lib-checks.patch +Patch1004: bz1691456-gcloud-dont-detect-python2.patch +Patch1005: aliyun-vpc-move-ip-4-bundled.patch +Patch1006: python3-syntax-fixes.patch +Patch1007: aliyuncli-python3-fixes.patch +Patch1008: bz1935422-python-pygments-fix-CVE-2021-20270.patch +Patch1009: bz1943464-python-pygments-fix-CVE-2021-27291.patch Obsoletes: heartbeat-resources <= %{version} Provides: heartbeat-resources = %{version} @@ -281,33 +275,22 @@ mkdir -p %{bundled_lib_dir}/aliyun # google-cloud-sdk bundle %ifarch x86_64 tar -xzf %SOURCE1 -C %{bundled_lib_dir}/gcp -## upgrade httplib2 to fix CVE-2020-11078 -pushd %{googlecloudsdk_dir} -rm -rf lib/third_party/httplib2 -popd - -# python-httplib2 bundle -tar -xzf %SOURCE2 -C %{bundled_lib_dir} -mv %{bundled_lib_dir}/%{httplib2}-%{httplib2_version} %{httplib2_dir} - # gcp*: append bundled-directory to search path, gcloud-ra %patch1000 -p1 -F2 -# google-cloud-sdk fixes -%patch1001 -p1 # replace python-rsa with python-cryptography -%patch1002 -p1 +%patch1001 -p1 # gcloud support info -%patch1003 -p1 +%patch1002 -p1 # configure: skip bundled gcp lib checks -%patch1004 -p1 +%patch1003 -p1 # gcloud remove python 2 detection -%patch1005 -p1 +%patch1004 -p1 # rename gcloud mv %{googlecloudsdk_dir}/bin/gcloud %{googlecloudsdk_dir}/bin/gcloud-ra # keep googleapiclient mv %{googlecloudsdk_dir}/platform/bq/third_party/googleapiclient %{googlecloudsdk_dir}/lib/third_party # only keep gcloud -rm -rf %{googlecloudsdk_dir}/bin/{bootstrapping,bq,dev_appserver.py,docker-credential-gcloud,endpointscfg.py,git-credential-gcloud.sh,gsutil,java_dev_appserver.sh} %{googlecloudsdk_dir}/{completion.*,deb,install.*,path.*,platform,properties,RELEASE_NOTES,rpm,VERSION} +rm -rf %{googlecloudsdk_dir}/bin/{anthoscli,bootstrapping,bq,dev_appserver.py,docker-credential-gcloud,endpointscfg.py,git-credential-gcloud.sh,gsutil,java_dev_appserver.sh} %{googlecloudsdk_dir}/{completion.*,deb,install.*,path.*,platform,properties,RELEASE_NOTES,rpm,VERSION} # remove Python 2 code rm -rf %{googlecloudsdk_dir}/lib/third_party/*/python2 # remove python-rsa @@ -320,7 +303,7 @@ rm -rf %{googlecloudsdk_dir}/lib/third_party/dateutil cp %{googlecloudsdk_dir}/README %{googlecloudsdk}_README cp %{googlecloudsdk_dir}/lib/third_party/argparse/README.txt %{googlecloudsdk}_argparse_README.txt cp %{googlecloudsdk_dir}/LICENSE %{googlecloudsdk}_LICENSE -cp %{httplib2_dir}/LICENSE %{googlecloudsdk}_httplib2_LICENSE +cp %{googlecloudsdk_dir}/lib/third_party/httplib2/LICENSE %{googlecloudsdk}_httplib2_LICENSE cp %{googlecloudsdk_dir}/lib/third_party/contextlib2/LICENSE %{googlecloudsdk}_contextlib2_LICENSE cp %{googlecloudsdk_dir}/lib/third_party/concurrent/LICENSE %{googlecloudsdk}_concurrent_LICENSE cp %{googlecloudsdk_dir}/lib/third_party/yaml/LICENSE %{googlecloudsdk}_yaml_LICENSE @@ -363,7 +346,7 @@ cp %{googlecloudsdk_dir}/lib/third_party/apitools/LICENSE %{googlecloudsdk}_apit cp %{googlecloudsdk_dir}/lib/third_party/containerregistry/LICENSE %{googlecloudsdk}_containerregistry_LICENSE # python-pyroute2 bundle -tar -xzf %SOURCE3 -C %{bundled_lib_dir}/gcp +tar -xzf %SOURCE2 -C %{bundled_lib_dir}/gcp mv %{bundled_lib_dir}/gcp/%{pyroute2}-%{pyroute2_version} %{pyroute2_dir} cp %{pyroute2_dir}/README.md %{pyroute2}_README.md cp %{pyroute2_dir}/README.license.md %{pyroute2}_README.license.md @@ -371,7 +354,7 @@ cp %{pyroute2_dir}/LICENSE.Apache.v2 %{pyroute2}_LICENSE.Apache.v2 cp %{pyroute2_dir}/LICENSE.GPL.v2 %{pyroute2}_LICENSE.GPL.v2 # python-colorama bundle -tar -xzf %SOURCE4 -C %{bundled_lib_dir}/aliyun +tar -xzf %SOURCE3 -C %{bundled_lib_dir}/aliyun mv %{bundled_lib_dir}/aliyun/%{colorama}-%{colorama_version} %{colorama_dir} cp %{colorama_dir}/LICENSE.txt %{colorama}_LICENSE.txt cp %{colorama_dir}/README.rst %{colorama}_README.rst @@ -382,42 +365,42 @@ rm -rf *.egg-info popd # python-pycryptodome bundle -tar -xzf %SOURCE5 -C %{bundled_lib_dir}/aliyun +tar -xzf %SOURCE4 -C %{bundled_lib_dir}/aliyun mv %{bundled_lib_dir}/aliyun/%{pycryptodome}-%{pycryptodome_version} %{pycryptodome_dir} cp %{pycryptodome_dir}/README.rst %{pycryptodome}_README.rst cp %{pycryptodome_dir}/LICENSE.rst %{pycryptodome}_LICENSE.rst # python-aliyun-sdk-core bundle -tar -xzf %SOURCE6 -C %{bundled_lib_dir}/aliyun +tar -xzf %SOURCE5 -C %{bundled_lib_dir}/aliyun mv %{bundled_lib_dir}/aliyun/%{aliyunsdkcore}-%{aliyunsdkcore_version} %{aliyunsdkcore_dir} cp %{aliyunsdkcore_dir}/README.rst %{aliyunsdkcore}_README.rst # python-aliyun-sdk-ecs bundle -tar -xzf %SOURCE7 -C %{bundled_lib_dir}/aliyun +tar -xzf %SOURCE6 -C %{bundled_lib_dir}/aliyun mv %{bundled_lib_dir}/aliyun/%{aliyunsdkecs}-%{aliyunsdkecs_version} %{aliyunsdkecs_dir} cp %{aliyunsdkecs_dir}/README.rst %{aliyunsdkecs}_README.rst # python-aliyun-sdk-vpc bundle -tar -xzf %SOURCE8 -C %{bundled_lib_dir}/aliyun +tar -xzf %SOURCE7 -C %{bundled_lib_dir}/aliyun mv %{bundled_lib_dir}/aliyun/%{aliyunsdkvpc}-%{aliyunsdkvpc_version} %{aliyunsdkvpc_dir} cp %{aliyunsdkvpc_dir}/README.rst %{aliyunsdkvpc}_README.rst # aliyuncli bundle -tar -xzf %SOURCE9 -C %{bundled_lib_dir}/aliyun +tar -xzf %SOURCE8 -C %{bundled_lib_dir}/aliyun mv %{bundled_lib_dir}/aliyun/%{aliyuncli}-%{aliyuncli_version} %{aliyuncli_dir} cp %{aliyuncli_dir}/README.rst %{aliyuncli}_README.rst cp %{aliyuncli_dir}/LICENSE %{aliyuncli}_LICENSE # aliyun*: use bundled libraries -%patch1006 -p1 +%patch1005 -p1 # aliyun Python 3 fixes +%patch1006 -p1 %patch1007 -p1 -%patch1008 -p1 # fix CVE's in python-pygments pushd %{googlecloudsdk_dir}/lib/third_party +%patch1008 -p1 -F2 %patch1009 -p1 -F2 -%patch1010 -p1 -F2 popd %endif @@ -467,12 +450,7 @@ JFLAGS="$(echo '%{_smp_mflags}')" make $JFLAGS -# python-httplib2 bundle %ifarch x86_64 -pushd %{httplib2_dir} -%{__python3} setup.py build -popd - # python-pyroute2 bundle pushd %{pyroute2_dir} %{__python3} setup.py build @@ -525,11 +503,6 @@ mkdir %{buildroot}/%{_bindir} ln -s /usr/lib/%{name}/%{googlecloudsdk_dir}/bin/gcloud-ra %{buildroot}/%{_bindir} popd -# python-httplib2 bundle -pushd %{httplib2_dir} -%{__python3} setup.py install -O1 --skip-build --root %{buildroot} --install-lib /usr/lib/%{name}/%{googlecloudsdk_dir}/lib/third_party -popd - # python-pyroute2 bundle pushd %{pyroute2_dir} %{__python3} setup.py install -O1 --skip-build --root %{buildroot} --install-lib /usr/lib/%{name}/%{bundled_lib_dir}/gcp @@ -868,6 +841,12 @@ ccs_update_schema > /dev/null 2>&1 ||: %{_usr}/lib/ocf/lib/heartbeat/OCF_*.pm %changelog +* Thu Oct 14 2021 Oyvind Albrigtsen - 4.9.0-4 +- gcp-vpc-move-route/gcp-vpc-move-vip: add serviceaccount JSON file + support + + Resolves: rhbz#1704348 + * Thu Sep 30 2021 Oyvind Albrigtsen - 4.9.0-3 - Rebase to resource-agents 4.9.0 upstream release. - gcp-pd-move/gcp-vpc-move-route: dont fail with configuration rc