Lukas Vrabec 03d22f
#!/bin/bash
Lukas Vrabec 03d22f
Lukas Vrabec 03d22f
DISTGIT_PATH=$(pwd)
Lukas Vrabec 03d22f
Lukas Vrabec 03d22f
FEDORA_VERSION=rawhide
Lukas Vrabec b040fb
DOCKER_FEDORA_VERSION=master
Lukas Vrabec 03d22f
DISTGIT_BRANCH=master
Lukas Vrabec 735de0
REPO_SELINUX_POLICY=${REPO_SELINUX_POLICY:-https://github.com/fedora-selinux/selinux-policy}
Petr Lautrbach b71984
REPO_SELINUX_POLICY_BRANCH=${REPO_SELINUX_POLICY_BRANCH:-$FEDORA_VERSION}
Lukas Vrabec 735de0
REPO_SELINUX_POLICY_CONTRIB=${REPO_SELINUX_POLICY_CONTRIB:-https://github.com/fedora-selinux/selinux-policy-contrib}
Petr Lautrbach b71984
REPO_SELINUX_POLICY_CONTRIB_BRANCH=${REPO_SELINUX_POLICY_CONTRIB_BRANCH:-$FEDORA_VERSION}
Lukas Vrabec 735de0
REPO_CONTAINER_SELINUX=${REPO_CONTAINER_SELINUX:-https://github.com/containers/container-selinux}
Lukas Vrabec b9e53a
REPO_MACRO_EXPANDER=${REPO_MACRO_EXPANDER:-https://github.com/fedora-selinux/macro-expander.git}
Petr Lautrbach b71984
Petr Lautrbach b71984
# When -l is specified, we use locally created tarballs and don't download them from github
Petr Lautrbach b71984
DOWNLOAD_DEFAULT_GITHUB_TARBALLS=1
Petr Lautrbach b71984
if [ "$1" == "-l" ]; then
Petr Lautrbach b71984
    DOWNLOAD_DEFAULT_GITHUB_TARBALLS=0
Petr Lautrbach b71984
fi
Lukas Vrabec 03d22f
Lukas Vrabec 03d22f
git checkout $DISTGIT_BRANCH -q
Lukas Vrabec 03d22f
Ondrej Mosnacek d9d563
POLICYSOURCES=`mktemp -d --tmpdir policysources.XXXXXX`
Lukas Vrabec 03d22f
pushd $POLICYSOURCES > /dev/null
Lukas Vrabec 03d22f
Petr Lautrbach b71984
git clone -q $REPO_SELINUX_POLICY selinux-policy
Petr Lautrbach b71984
git clone -q $REPO_SELINUX_POLICY_CONTRIB selinux-policy-contrib
Petr Lautrbach b71984
git clone -q $REPO_CONTAINER_SELINUX container-selinux
Lukas Vrabec b9e53a
git clone -q $REPO_MACRO_EXPANDER macro-expander
Lukas Vrabec 03d22f
Lukas Vrabec 03d22f
pushd selinux-policy > /dev/null
Miroslav Grepl 856e20
# prepare policy patches against upstream commits matching the last upstream merge
Petr Lautrbach b71984
git checkout $REPO_SELINUX_POLICY_BRANCH
Lukas Vrabec 51dc83
BASE_HEAD_ID=$(git rev-parse HEAD)
Lukas Vrabec 51dc83
BASE_SHORT_HEAD_ID=$(c=${BASE_HEAD_ID}; echo ${c:0:7})
Petr Lautrbach b71984
git archive --prefix=selinux-policy-$BASE_HEAD_ID/ --format tgz HEAD > $DISTGIT_PATH/selinux-policy-$BASE_SHORT_HEAD_ID.tar.gz
Lukas Vrabec 47948f
popd > /dev/null
Lukas Vrabec 47948f
Lukas Vrabec 47948f
pushd selinux-policy-contrib > /dev/null
Lukas Vrabec 47948f
# prepare policy patches against upstream commits matching the last upstream merge
Petr Lautrbach b71984
git checkout $REPO_SELINUX_POLICY_CONTRIB_BRANCH
Lukas Vrabec 51dc83
CONTRIB_HEAD_ID=$(git rev-parse HEAD)
Lukas Vrabec 51dc83
CONTRIB_SHORT_HEAD_ID=$(c=${CONTRIB_HEAD_ID}; echo ${c:0:7})
Petr Lautrbach b71984
git archive --prefix=selinux-policy-contrib-$CONTRIB_HEAD_ID/ --format tgz HEAD > $DISTGIT_PATH/selinux-policy-contrib-$CONTRIB_SHORT_HEAD_ID.tar.gz
Lukas Vrabec 03d22f
popd > /dev/null
Lukas Vrabec 03d22f
Lukas Vrabec ab3db2
pushd container-selinux > /dev/null
Lukas Vrabec ab3db2
# Actual container-selinux files are in master branch
Lukas Vrabec d93225
#git checkout -b ${DOCKER_FEDORA_VERSION} -t origin/${DOCKER_FEDORA_VERSION} -q
Lukas Vrabec ab3db2
tar -czf container-selinux.tgz container.if container.te container.fc
Lukas Vrabec 03d22f
popd > /dev/null
Lukas Vrabec 03d22f
Lukas Vrabec 03d22f
pushd $DISTGIT_PATH > /dev/null
Petr Lautrbach b71984
if [ $DOWNLOAD_DEFAULT_GITHUB_TARBALLS == 1 ]; then
Lukas Vrabec 5e55c3
    wget -O selinux-policy-${BASE_SHORT_HEAD_ID}.tar.gz https://github.com/fedora-selinux/selinux-policy/archive/${BASE_HEAD_ID}.tar.gz &> /dev/null
Lukas Vrabec 5e55c3
    wget -O selinux-policy-contrib-${CONTRIB_SHORT_HEAD_ID}.tar.gz https://github.com/fedora-selinux/selinux-policy-contrib/archive/${CONTRIB_HEAD_ID}.tar.gz &> /dev/null
Petr Lautrbach b71984
fi
Lukas Vrabec ab3db2
cp $POLICYSOURCES/container-selinux/container-selinux.tgz .
Lukas Vrabec b9e53a
cp $POLICYSOURCES/macro-expander/macro-expander.sh ./macro-expander
Lukas Vrabec 8e8fb9
chmod +x ./macro-expander
Lukas Vrabec 03d22f
popd > /dev/null
Lukas Vrabec 03d22f
Lukas Vrabec 03d22f
popd > /dev/null
Lukas Vrabec 03d22f
rm -rf $POLICYSOURCES
Lukas Vrabec 03d22f
Petr Lautrbach b71984
# Update commit ids in selinux-policy.spec file
Petr Lautrbach b71984
sed -i "s/%global commit0 [^ ]*$/%global commit0 $BASE_HEAD_ID/" selinux-policy.spec
Petr Lautrbach b71984
sed -i "s/%global commit1 [^ ]*$/%global commit1 $CONTRIB_HEAD_ID/" selinux-policy.spec
Petr Lautrbach b71984
Petr Lautrbach b71984
# Update sources
Lukas Vrabec 4052eb
sha512sum --tag selinux-policy-${BASE_SHORT_HEAD_ID}.tar.gz selinux-policy-contrib-${CONTRIB_SHORT_HEAD_ID}.tar.gz container-selinux.tgz macro-expander > sources
Petr Lautrbach b71984
Lukas Vrabec 51dc83
echo -e "\nSELinux policy tarballs  and container.tgz with container policy files have been created."
Petr Lautrbach b71984
echo "Commit ids of selinux-policy and selinux-policy-contrib in spec file were changed to:"
Lukas Vrabec 51dc83
echo "commit0 " ${BASE_HEAD_ID}
Lukas Vrabec 51dc83
echo "commit1 " ${CONTRIB_HEAD_ID}