From 5cc105397817d61796da3bd89bc379177871c5ee Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Wed, 2 Aug 2023 10:00:44 -0400 Subject: [PATCH] Packit: switch to rpm/gvisor-tap-vsock.spec gvisor-tap-vsock has now been included as a separate Fedora package. This commit also enables downstream Fedora packaging tasks on upstream release. Signed-off-by: Lokesh Mandvekar --- .packit.sh | 31 ---------- .packit.yaml | 66 ++++++++++++++-------- gvisor-tap-vsock.spec.rpkg | 100 --------------------------------- rpm/gvisor-tap-vsock.spec | 112 +++++++++++++++++++++++++++++++++++++ 4 files changed, 156 insertions(+), 153 deletions(-) delete mode 100644 .packit.sh delete mode 100644 gvisor-tap-vsock.spec.rpkg create mode 100644 rpm/gvisor-tap-vsock.spec diff --git a/.packit.sh b/.packit.sh deleted file mode 100644 index 31af2b0e7..000000000 --- a/.packit.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/env bash - -# This script handles any custom processing of the spec file generated using the `post-upstream-clone` -# action and gets used by the fix-spec-file action in .packit.yaml. - -set -eo pipefail - -REPO="gvisor-tap-vsock" -SPEC=$REPO.spec - -# Get Version from HEAD -VERSION=$(git describe --abbrev=0 | sed -e "s/^v//") - -# Generate source tarball from HEAD -git archive --prefix=$REPO-$VERSION/ -o $REPO-$VERSION.tar.gz HEAD - -# RPM Spec modifications - -# Use the Version from version/version.go in rpm spec -sed -i "s/^Version:.*/Version: $VERSION/" $SPEC - -# Use Packit's supplied variable in the Release field in rpm spec. -# podman.spec is generated using `rpkg spec --outdir ./` as mentioned in the -# `post-upstream-clone` action in .packit.yaml. -sed -i "s/^Release:.*/Release: $PACKIT_RPMSPEC_RELEASE%{?dist}/" $SPEC - -# Use above generated tarball as Source in rpm spec -sed -i "s/^Source:.*.tar.gz/Source: $REPO-$VERSION.tar.gz/" $SPEC - -# Use the right build dir for autosetup stage in rpm spec -sed -i "s/^%setup.*/%autosetup -Sgit -n %{name}-$VERSION/" $SPEC diff --git a/.packit.yaml b/.packit.yaml index 41bdceea5..6a44b113f 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -6,7 +6,8 @@ # On PR: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/packit-builds/ # On commit: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/ -specfile_path: gvisor-tap-vsock.spec +specfile_path: rpm/gvisor-tap-vsock.spec +upstream_tag_template: v{version} jobs: - &copr @@ -17,7 +18,6 @@ jobs: enable_net: true srpm_build_deps: - make - - rpkg targets: - fedora-rawhide-aarch64 - fedora-rawhide-x86_64 @@ -29,25 +29,47 @@ jobs: - centos-stream-9-x86_64 - centos-stream-8-aarch64 - centos-stream-8-x86_64 - actions: - post-upstream-clone: - - "rpkg spec --outdir ./" - fix-spec-file: - - "bash .packit.sh" - #- <<: *copr + - <<: *copr # Run on commit to main branch - #trigger: commit - #branch: main - #project: podman-next - #targets: - # - fedora-rawhide-aarch64 - # - fedora-rawhide-x86_64 - # - fedora-eln-aarch64 - # - fedora-eln-x86_64 - # - fedora-38-aarch64 - # - fedora-38-x86_64 - # - centos-stream-9-aarch64 - # - centos-stream-9-x86_64 - # - centos-stream-8-aarch64 - # - centos-stream-8-x86_64 + trigger: commit + branch: main + project: podman-next + targets: + - fedora-rawhide-aarch64 + - fedora-rawhide-ppc64le + - fedora-rawhide-s390x + - fedora-rawhide-x86_64 + - fedora-eln-aarch64 + - fedora-eln-ppc64le + - fedora-eln-s390x + - fedora-eln-x86_64 + - fedora-38-aarch64 + - fedora-38-ppc64le + - fedora-38-s390x + - fedora-38-x86_64 + - centos-stream+epel-next-9-aarch64 + - centos-stream+epel-next-9-ppc64le + - centos-stream+epel-next-9-s390x + - centos-stream+epel-next-9-x86_64 + - centos-stream+epel-next-8-aarch64 + - centos-stream+epel-next-8-ppc64le + - centos-stream+epel-next-8-x86_64 + + - job: propose_downstream + trigger: release + update_release: false + dist_git_branches: + - fedora-rawhide + - fedora-38 + + - job: koji_build + trigger: commit + dist_git_branches: + - fedora-rawhide + - fedora-38 + + - job: bodhi_update + trigger: commit + dist_git_branches: + - fedora-38 # rawhide updates are created automatically diff --git a/gvisor-tap-vsock.spec.rpkg b/gvisor-tap-vsock.spec.rpkg deleted file mode 100644 index d9d9efcd9..000000000 --- a/gvisor-tap-vsock.spec.rpkg +++ /dev/null @@ -1,100 +0,0 @@ -# For automatic rebuilds in COPR - -# The following tag is to get correct syntax highlighting for this file in vim text editor -# vim: syntax=spec - -%global with_debug 1 - -%if 0%{?with_debug} -%global _find_debuginfo_dwz_opts %{nil} -%global _dwz_low_mem_die_limit 0 -%else -%global debug_package %{nil} -%endif - -# RHEL 8's default %%gobuild macro doesn't account for the BUILDTAGS variable, so we -# set it separately here and do not depend on RHEL 8's go-srpm-macros package. -%if !0%{?fedora} && 0%{?rhel} <= 8 -%define gobuild(o:) go build -buildmode pie -compiler gc -tags="rpm_crashtraceback libtrust_openssl ${BUILDTAGS:-}" -ldflags "-linkmode=external -compressdwarf=false ${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags'" -a -v -x %{?**}; -%endif - -Name: {{{ git_dir_name }}} -Epoch: 101 -Version: {{{ git_dir_version }}} -Release: 1%{?dist} -Summary: Go replacement for libslirp and VPNKit -License: Apache-2.0 -URL: https://github.com/containers/gvisor-tap-vsock -VCS: {{{ git_dir_vcs }}} -Source: {{{ git_dir_pack }}} -BuildRequires: gcc -BuildRequires: golang >= 1.16.6 -BuildRequires: git-core -BuildRequires: systemd-rpm-macros -%if 0%{?fedora} || 0%{?rhel} >= 9 -BuildRequires: go-rpm-macros -%endif -Provides: podman-gvproxy = %{epoch}:%{version}-%{release} -# Obsolete everything <= Epoch 101 -Obsoletes: podman-gvproxy <= 100:4.5.0-1 - -%description -%{summary} - -%{name} is based on the network stack of gVisor. Compared to libslirp, -gvisor-tap-vsock brings a configurable DNS server and -dynamic port forwarding. - -%prep -{{{ git_dir_setup_macro }}} - -%build -%set_build_flags -%global gomodulesmode GO111MODULE=on -export CGO_CFLAGS=$CFLAGS -# These extra flags present in $CFLAGS have been skipped for now as they break the build -CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-flto=auto//g') -CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-Wp,D_GLIBCXX_ASSERTIONS//g') -CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-specs=\/usr\/lib\/rpm\/redhat\/redhat-annobin-cc1//g') - -%ifarch x86_64 -export CGO_CFLAGS+=" -m64 -mtune=generic -fcf-protection=full" -%endif - -export LDFLAGS='' - -mkdir _build -cd _build -mkdir -p src/%{provider}.%{provider_tld}/%{project} -ln -s ../../../../ src/%{import_path} -cd .. -ln -s vendor src - -export GOPATH=$(pwd)/_build:$(pwd) -%gobuild -o bin/gvproxy ./cmd/gvproxy -%gobuild -o bin/gvforwarder ./cmd/vm - -%install -install -dp %{buildroot}%{_libexecdir}/podman -install -p -m0755 bin/gvproxy %{buildroot}%{_libexecdir}/podman -install -p -m0755 bin/gvforwarder %{buildroot}%{_libexecdir}/podman -install -dp %{buildroot}%{_unitdir} -install -p -m0644 contrib/systemd/gv-user-network@.service %{buildroot}%{_unitdir} - -%post -%systemd_post gv-user-network@.service - -%preun -%systemd_preun gv-user-network@.service - -%postun -%systemd_postun_with_restart gv-user-network@.service - -%files -%dir %{_libexecdir}/podman -%{_libexecdir}/podman/gvproxy -%{_libexecdir}/podman/gvforwarder -%{_unitdir}/gv-user-network@.service - -%changelog -{{{ git_dir_changelog }}} diff --git a/rpm/gvisor-tap-vsock.spec b/rpm/gvisor-tap-vsock.spec new file mode 100644 index 000000000..69d7656c1 --- /dev/null +++ b/rpm/gvisor-tap-vsock.spec @@ -0,0 +1,112 @@ +%global with_debug 1 + +%if 0%{?with_debug} +%global _find_debuginfo_dwz_opts %{nil} +%global _dwz_low_mem_die_limit 0 +%else +%global debug_package %{nil} +%endif + +%global gomodulesmode GO111MODULE=on + +%global _gvisor_installdir %{_libexecdir}/podman + +Name: gvisor-tap-vsock +%if %{defined copr_username} +Epoch: 103 +%else +Epoch: 6 +%endif +# DO NOT TOUCH the Version string! +# The TRUE source of this specfile is: +# https://github.com/containers/podman/blob/main/rpm/podman.spec +# If that's what you're reading, Version must be 0, and will be updated by Packit for +# copr and koji builds. +# If you're reading this on dist-git, the version is automatically filled in by Packit. +Version: 0 +License: Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND MIT +%if %{defined autorelease} +Release: %autorelease +%else +Release: 1 +%endif +%if %{defined golang_arches_future} +ExclusiveArch: %{golang_arches_future} +%else +ExclusiveArch: aarch64 ppc64le s390x x86_64 +%endif +Summary: Go replacement for libslirp and VPNKit +URL: https://github.com/containers/%{name} +# All SourceN files fetched from upstream +Source0: %{url}/archive/refs/tags/v%{version}.tar.gz +BuildRequires: gcc +BuildRequires: glib2-devel +BuildRequires: glibc-devel +BuildRequires: glibc-static +BuildRequires: golang +BuildRequires: git-core +%if %{defined rhel} && 0%{?rhel} == 8 +BuildRequires: go-srpm-macros +%else +BuildRequires: go-rpm-macros +%endif +BuildRequires: make +%if %{defined copr_username} +Obsoletes: podman-gvproxy < 102:4.7.0-1 +%else +Obsoletes: podman-gvproxy < 5:4.7.0-1 +%endif +Provides: podman-gvproxy = %{epoch}:%{version}-%{release} + +%description +A replacement for libslirp and VPNKit, written in pure Go. +It is based on the network stack of gVisor. Compared to libslirp, +gvisor-tap-vsock brings a configurable DNS server and +dynamic port forwarding. + +%prep +%autosetup -Sgit -n %{name}-%{version} + +%build +%set_build_flags +export CGO_CFLAGS=$CFLAGS + +# These extra flags present in $CFLAGS have been skipped for now as they break the build +CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-flto=auto//g') +CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-Wp,D_GLIBCXX_ASSERTIONS//g') +CGO_CFLAGS=$(echo $CGO_CFLAGS | sed 's/-specs=\/usr\/lib\/rpm\/redhat\/redhat-annobin-cc1//g') + +%ifarch x86_64 +export CGO_CFLAGS+=" -m64 -mtune=generic -fcf-protection=full" +%endif + +# reset LDFLAGS for plugins and gvisor binaries +LDFLAGS='' + +# build gvisor-tap-vsock binaries +%gobuild -o bin/gvproxy ./cmd/gvproxy +%gobuild -o bin/gvforwarder ./cmd/vm + +%install +# install gvproxy +install -dp %{buildroot}%{_gvisor_installdir} +install -p -m0755 bin/gvproxy %{buildroot}%{_gvisor_installdir} +install -p -m0755 bin/gvforwarder %{buildroot}%{_gvisor_installdir} + +#define license tag if not already defined +%{!?_licensedir:%global license %doc} + +%files +%license LICENSE +%doc README.md +%dir %{_gvisor_installdir} +%{_gvisor_installdir}/gvproxy +%{_gvisor_installdir}/gvforwarder + +%changelog +%if %{defined autochangelog} +%autochangelog +%else +* Mon Jul 24 2023 RH Container Bot +- Placeholder changelog for envs that are not autochangelog-ready +%endif