|
 |
701744 |
# Specfile based and updated from
|
|
|
701744 |
# https://github.com/theforeman/foreman-packaging/blob/rpm/develop/packages/client/foreman_ygg_worker/foreman_ygg_worker.spec
|
|
|
701744 |
|
|
|
701744 |
%define debug_package %{nil}
|
|
|
701744 |
|
|
|
701744 |
%global repo_orgname oamg
|
|
|
701744 |
%global repo_name rhc-worker-script
|
|
|
701744 |
%global binary_name rhc-script-worker
|
|
|
701744 |
%global rhc_libexecdir %{_libexecdir}/rhc
|
|
|
701744 |
%{!?_root_sysconfdir:%global _root_sysconfdir %{_sysconfdir}}
|
|
|
701744 |
%global rhc_worker_conf_dir %{_root_sysconfdir}/rhc/workers
|
|
|
701744 |
|
|
|
701744 |
%define gobuild(o:) env GO111MODULE=off go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -linkmode=external -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '-Wl,-z,relro -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld '" -a -v %{?**}
|
|
|
701744 |
|
|
|
701744 |
# EL7 doesn't define go_arches (it is available in go-srpm-macros which is EL8+)
|
|
|
701744 |
%if !%{defined go_arches}
|
|
|
701744 |
%define go_arches x86_64
|
|
|
701744 |
%endif
|
|
|
701744 |
|
|
|
c8b9ca |
%global use_go_toolset_1_19 0%{?rhel} == 7 && !%{defined centos}
|
|
|
701744 |
|
|
|
701744 |
Name: %{repo_name}
|
|
|
c8b9ca |
Version: 0.5
|
|
|
c8b9ca |
Release: 1%{?dist}
|
|
|
701744 |
Summary: Worker executing scripts on hosts managed by Red Hat Insights
|
|
|
701744 |
|
|
|
701744 |
License: GPLv3+
|
|
|
701744 |
URL: https://github.com/%{repo_orgname}/%{repo_name}
|
|
|
c8b9ca |
Source0: %{url}/releases/download/v%{version}/%{name}-%{version}.tar.gz
|
|
|
701744 |
ExclusiveArch: %{go_arches}
|
|
|
701744 |
|
|
|
c8b9ca |
%if %{use_go_toolset_1_19}
|
|
|
c8b9ca |
BuildRequires: go-toolset-1.19-golang
|
|
|
701744 |
%else
|
|
|
701744 |
BuildRequires: golang
|
|
|
701744 |
%endif
|
|
|
701744 |
Requires: rhc
|
|
|
701744 |
|
|
|
701744 |
%description
|
|
|
701744 |
Remote Host Configuration (rhc) worker for executing scripts on hosts
|
|
|
701744 |
managed by Red Hat Insights.
|
|
|
701744 |
|
|
|
701744 |
%prep
|
|
|
701744 |
%setup -q
|
|
|
701744 |
|
|
|
701744 |
%build
|
|
|
701744 |
mkdir -p _gopath/src
|
|
|
701744 |
ln -fs $(pwd)/src _gopath/src/%{binary_name}-%{version}
|
|
|
701744 |
ln -fs $(pwd)/vendor _gopath/src/%{binary_name}-%{version}/vendor
|
|
|
701744 |
export GOPATH=$(pwd)/_gopath
|
|
|
701744 |
pushd _gopath/src/%{binary_name}-%{version}
|
|
|
c8b9ca |
%if %{use_go_toolset_1_19}
|
|
|
c8b9ca |
scl enable go-toolset-1.19 -- %{gobuild}
|
|
|
701744 |
%else
|
|
|
701744 |
%{gobuild}
|
|
|
701744 |
%endif
|
|
|
701744 |
strip %{binary_name}-%{version}
|
|
|
701744 |
popd
|
|
|
701744 |
|
|
|
701744 |
|
|
|
701744 |
%install
|
|
|
701744 |
# Create a temporary directory /var/lib/rhc-worker-script - used mainly for storing temporary files
|
|
|
701744 |
install -d %{buildroot}%{_sharedstatedir}/%{binary_name}/
|
|
|
701744 |
|
|
|
701744 |
install -D -m 755 _gopath/src/%{binary_name}-%{version}/%{binary_name}-%{version} %{buildroot}%{rhc_libexecdir}/%{binary_name}
|
|
|
701744 |
install -D -d -m 755 %{buildroot}%{rhc_worker_conf_dir}
|
|
|
701744 |
|
|
|
c8b9ca |
cat <<EOF >%{buildroot}%{rhc_worker_conf_dir}/rhc-worker-script.yml
|
|
|
c8b9ca |
# recipient directive to register with dispatcher
|
|
|
c8b9ca |
directive: "%{name}"
|
|
|
c8b9ca |
|
|
|
c8b9ca |
# whether to verify incoming yaml files
|
|
|
c8b9ca |
verify_yaml: true
|
|
|
c8b9ca |
|
|
|
c8b9ca |
# perform the insights-client GPG check on the insights-core egg
|
|
|
c8b9ca |
insights_core_gpg_check: true
|
|
|
c8b9ca |
|
|
|
c8b9ca |
# temporary directory in which the temporary script will be placed and executed.
|
|
|
c8b9ca |
temporary_worker_directory: "/var/lib/rhc-worker-script"
|
|
|
c8b9ca |
EOF
|
|
|
c8b9ca |
|
|
|
c8b9ca |
|
|
|
701744 |
%files
|
|
|
701744 |
%{rhc_libexecdir}/%{binary_name}
|
|
|
701744 |
%license LICENSE
|
|
|
701744 |
%doc README.md
|
|
|
c8b9ca |
%config %{rhc_worker_conf_dir}/rhc-worker-script.yml
|
|
|
701744 |
|
|
|
701744 |
%changelog
|
|
|
701744 |
|
|
|
c8b9ca |
* Mon Oct 16 2023 Rodolfo Olivieri <rolivier@redhat.com> 0.5-1
|
|
|
c8b9ca |
- Rebuild against newer golang which addresses CVE-2023-39325 and CVE-2023-44487
|
|
|
c8b9ca |
- Fix OpenScanHub defects related to runtime code
|
|
|
c8b9ca |
- Update specfile to include default config file
|
|
|
c8b9ca |
- Improve logging when config file can't be used and default values are used instead
|
|
|
c8b9ca |
- Move the logging init to be before anything else
|
|
|
c8b9ca |
- Improve logging when insights_core_gpg_check is disabled
|
|
|
701744 |
|
|
|
701744 |
* Thu Aug 10 2023 Rodolfo Olivieri <rolivier@redhat.com> 0.4-1
|
|
|
701744 |
- Update specfile binary name generation
|
|
|
701744 |
- Add couple more unit tests for util.go
|
|
|
701744 |
|
|
|
701744 |
* Thu Aug 10 2023 Rodolfo Olivieri <rolivier@redhat.com> 0.3-1
|
|
|
701744 |
- Parse minimal yaml instead of raw bash script
|
|
|
701744 |
- Tidy up the modules and replace deprecated call WithInsecure
|
|
|
701744 |
- Add option to create config for rhc-worker-bash
|
|
|
701744 |
- Fix build for go1.16
|
|
|
701744 |
- Use separate environment for every executed command
|
|
|
701744 |
- Update to make the yaml-file more generic
|
|
|
701744 |
- Expected yaml structure should be list on top level
|
|
|
701744 |
- Add setup for sos report
|
|
|
701744 |
- Update the worker to make it more generic
|
|
|
701744 |
|
|
|
701744 |
* Thu Jul 06 2023 Eric Gustavsson <egustavs@redhat.com> 0.2-1
|
|
|
701744 |
- Fix RPM specfile Source
|
|
|
701744 |
|
|
|
701744 |
* Wed Jun 14 2023 Rodolfo Olivieri <rolivier@redhat.com> 0.1-1
|
|
|
701744 |
- Initial RPM release
|