Sync from SUSE:SLFO:Main netavark revision 4f050d6dfb6093bfa50eccf32aee47a8

2024-05-03 16:58:23 +02:00 · 2024-05-03 16:58:23 +02:00 · 7bd0059023
commit 7bd0059023
8 changed files with 493 additions and 0 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
--- a/26
+++ b/26
@ -0,0 +1,26 @@
+<services>
+  <service mode="disabled" name="obs_scm">
+    <param name="url">https://github.com/containers/netavark.git</param>
+    <param name="versionformat">@PARENT_TAG@</param>
+    <param name="scm">git</param>
+    <param name="revision">v1.10.2</param>
+    <param name="match-tag">*</param>
+    <param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
+    <param name="versionrewrite-replacement">\1</param>
+    <param name="changesgenerate">enable</param>
+  </service>
+  <service mode="disabled" name="tar" />
+  <service mode="disabled" name="recompress">
+    <param name="file">*.tar</param>
+    <param name="compression">gz</param>
+  </service>
+  <service mode="disabled" name="set_version"/>
+  <service name="cargo_vendor" mode="disabled">
+     <param name="srcdir">netavark</param>
+     <param name="compression">gz</param>
+     <param name="update">true</param>
+  </service>
+  <service name="cargo_audit" mode="disabled">
+     <param name="srcdir">netavark</param>
+  </service>
+</services>
--- a/4
+++ b/4
@ -0,0 +1,4 @@
+<servicedata>
+<service name="tar_scm">
+                <param name="url">https://github.com/containers/netavark.git</param>
+              <param name="changesrevision">664637b12ab9ce96247fa907265171289cf0d501</param></service></servicedata>
--- a/5
+++ b/5
@ -0,0 +1,5 @@
+[source.crates-io]
+replace-with = "vendored-sources"
+
+[source.vendored-sources]
+directory = "vendor"
--- a/netavark-1.10.2.tar.gz
+++ b/netavark-1.10.2.tar.gz
--- a/netavark.changes
+++ b/netavark.changes
@ -0,0 +1,336 @@
+-------------------------------------------------------------------
+Tue Feb  6 07:50:29 UTC 2024 - Danish Prakash <danish.prakash@suse.com>
+
+- Rely only on <major>.<minor> for aardvark-dns requires, even though
+  it is released in sync with netavark, relying on patch version is brittle.
+
+-------------------------------------------------------------------
+Thu Feb 01 14:04:11 UTC 2024 - danish.prakash@suse.com
+
+- Update to version 1.10.2:
+  * Release v1.10.2
+  * Release notes for v1.10.2
+  * [CI:BUILD] Packit/rpm: fix aardvark-dns handling
+  * Do not perform network namespace detection on AV update
+  * Release v1.10.1
+  * Updated release notes for v1.10.1
+  * update to nftables release 0.3 from crates.io
+  * DISTRO_PACKAGE: fix incorrect vendored tar archive URL
+  * Bump to 1.11.0-dev
+  * Release 1.10.0
+  * Release notes for 1.10.0
+  * RPM: update .cargo/config before building
+  * Add support for isolation to the nftables driver
+  * build(deps): bump h2 from 0.3.22 to 0.3.24
+  * chore(deps): update rust crate chrono to 0.4.32
+  * fix(deps): update rust crate env_logger to 0.11.0
+  * chore(deps): update dependency containers/automation_images to v20240102
+  * Bump nftables-rs to latest commit
+  * Netavark: nftables support
+  * fix(deps): update rust crate serde_json to 1.0.111
+  * feat: added the --firewall-driver option
+  * Document how to generate a code coverage report for netavark
+  * fix(deps): update rust crate clap to ~4.4.12
+  * fix(deps): update rust crate serde_json to 1.0.110
+  * fix(deps): update rust-futures monorepo to 0.3.30
+  * fix(deps): update rust crate nispor to 1.2.16
+  * chore(deps): update rust crate tempfile to 3.9.0
+  * Use tonic::transport::Uri instead of HTTP
+  * chore(deps): update dependency containers/automation_images to v20231208
+  * fix(deps): update rust crate tokio to 1.35
+  * dhcp-proxy: return actual error instead of generic one
+  * dhcp-proxy: skip set gateway if missing
+  * bump netlink-packet-route to 0.18.1
+  * chore(deps): update rust crate once_cell to 1.19.0
+  * fix(deps): update rust crate nispor to 1.2.15
+  * fix(deps): update rust crate serde to 1.0.193
+  * fix(deps): update rust crate clap to ~4.4.10
+  * aardvark: show error if process is in wrong netns
+  * aardvark: remove unessesary unlock lockfile calls
+  * fix(deps): update rust crate url to 2.5.0
+  * Bump working version to v1.10.0-dev
+
+-------------------------------------------------------------------
+Thu Nov 30 07:05:28 UTC 2023 - danish.prakash@suse.com
+
+- Update to version 1.9.0:
+  * v1.9.0 Release
+  * v1.9.0 Release notes
+  * test: fix syntax problem in helpers.bash
+  * run cargo update
+  * use OsString/Path over String for file paths
+  * chore(deps): update dependency containers/automation_images to v20231116
+  * firewalld-reload: fix CI tests
+  * firewalld-reload: prevent race which could leak fw rules
+  * fix(deps): update rust crate clap to ~4.4.8
+  * CI: skip broken firewalld test
+  * fix(deps): update rust crate http to 0.2.11
+  * rpm: add netavark-firewalld-reload.service to spec
+  * firewalld-reload: add integration tests
+  * firewall/state: make sure to ignore enoent on read
+  * firewall-reload: integrate actual logic to reload rules
+  * firewall/state: improve error messages
+  * firewall: add state functions to serialize configs
+  * firewalld: fix lint errors with rust v1.73
+  * firewall: do not use full Network in NetworkStruct
+  * firewall: add dns_port to SetupNetwork
+  * add firewalld-reload subcommand
+  * fix(deps): update rust crate http to 0.2.10
+  * fix(deps): update rust crate env_logger to 0.10.1
+  * fix(deps): update rust crate tokio to 1.34
+  * Update rust container build files
+  * bridge: force static mac on bridge interface
+  * fix(deps): update rust crate futures-core to 0.3.29
+  * fix(deps): update rust crate serde to 1.0.190
+  * fix(deps): update rust crate serde_json to 1.0.108
+  * fix(deps): update rust crate sysctl to 0.5.5
+  * fix(deps): update rust-futures monorepo to 0.3.29
+  * CI: Drop CI VM distro name
+  * chore(deps): update dependency containers/automation_images to v20231004
+  * fix(deps): update rust crate tokio to 1.33
+  * build-sys: Filter to tier 2 Linux declaratively
+  * fix(deps): update rust crate sha2 to 0.10.8
+  * fix podman.io community link
+  * Bump to v1.9.0-dev
+
+-------------------------------------------------------------------
+Thu Sep 28 05:05:43 UTC 2023 - danish.prakash@suse.com
+
+- Update to version 1.8.0:
+  * Release v1.8.0
+  * update release notes for v1.8.0
+  * run cargo update
+  * Add vrf support for bridges
+  * Packit: switch to @containers/packit-build team for copr failure notification comments
+  * fix(deps): update rust crate nispor to 1.2.14
+  * [CI:BUILD] Packit: tag @lsm5 on copr build failures
+  * chore(deps): update rust crate chrono to 0.4.31
+  * fix(deps): update rust crate serde_json to 1.0.107
+  * rust io safety: convert RawFd to BorrowedFd<>
+  * bump nix to 0.27.1
+  * chore(deps): update rust crate chrono to 0.4.30
+  * fix(deps): update rust crate serde_json to 1.0.106
+  * chore(deps): update rust crate chrono to 0.4.29
+  * fix(deps): update rust crate netlink-packet-route to 0.17.1
+  * Bump tonic and prost
+  * Update container image to F38
+  * Add ACCEPT rules in firewall for bridge network with internal dns.
+  * chore(deps): update rust crate tonic-build to 0.10
+  * fix(deps): update rust crate nispor to 1.2.13
+  * fix(deps): update rust crate serde to 1.0.188
+  * Fix clippy warnings about formatting
+  * update chrono crate
+  * fix(deps): update rust crate url to 2.4.1
+  * Add protoc dependency to README
+  * [CI:BUILD] rpm: spdx compatible license field
+  * fix(deps): update rust crate tokio to 1.32
+  * chore(deps): update dependency containers/automation_images to v20230816
+  * fix(deps): update rust crate serde_json to 1.0.105
+  * fix(deps): update rust crate tokio to 1.31
+  * fix(deps): update rust crate log to 0.4.20
+  * run cargo update
+  * update tonic-build to 0.9.2
+  * bump rust edition to 2021
+  * iptables: drop invalid packages
+  * fix(deps): update rust crate tokio to 1.30
+  * docs: Convert markdown with go-md2man instead of mandown
+  * fix(deps): update rust crate clap to 4.3.21
+  * packit: Build PRs into default packit COPRs
+  * chore(deps): update dependency containers/automation_images to v20230807
+  * fix(deps): update rust crate serde to 1.0.183
+  * fix(deps): update rust crate serde to 1.0.181
+  * fix(deps): update rust crate serde to 1.0.180
+  * fix(deps): update rust crate serde_json to 1.0.104
+  * fix(deps): update rust crate serde to 1.0.179
+  * fix(deps): update rust crate serde to 1.0.176
+  * fix(deps): update rust crate clap to 4.3.19
+  * fix(deps): update rust crate serde to 1.0.175
+  * fix(deps): update rust crate clap to 4.3.17
+  * fix(deps): update rust crate clap to 4.3.15
+  * fix(deps): update rust crate clap to 4.3.12
+  * fix(deps): update rust crate serde_json to 1.0.103
+  * [CI:BUILD] Packit: remove pre-sync action
+  * fix(deps): update rust crate serde_json to 1.0.102
+  * fix(deps): update rust crate nispor to 1.2.12
+  * macvlan: use netlink type for bclim
+  * bump netlink deps
+  * fix(deps): update rust crate serde to 1.0.171
+  * fix(deps): update rust crate serde to 1.0.167
+  * fix(deps): update rust crate clap to 4.3.11
+  * fix(deps): update rust crate serde to 1.0.166
+  * fix(deps): update rust crate serde_json to 1.0.100
+  * iptables: improve error when ip6?tables commands are missing
+  * fix(deps): update rust crate clap to 4.3.10
+  * fix(deps): update rust crate zbus to 3.14.1
+  * [CI:BUILD] RPM: Fix ELN build and cleanup spec
+  * bump to v1.8.0-dev
+
+-------------------------------------------------------------------
+Tue Jul 11 13:30:20 UTC 2023 - Danish Prakash <danish.prakash@suse.com>
+
+- Disable restricting builds only for tier1 platforms
+  i.e. only for x86_64 and aarch64 and enable for all.
+
+-------------------------------------------------------------------
+Mon Jul 03 11:22:33 UTC 2023 - danish.prakash@suse.com
+
+- Update to version 1.7.0:
+  * release v1.7.0
+  * Update release notes for v1.7.0
+  * fix(deps): update rust crate tokio to 1.29
+  * netavark: make --config required for dns
+  * fix(deps): update rust crate serde_json to 1.0.99
+  * fix(deps): update rust crate clap to 4.3.8
+  * [CI:BUILD] Packit: add Fedora downstream tasks
+  * run cargo update
+  * fix(deps): update rust crate serde_json to 1.0.97
+  * fix(deps): update rust crate sha2 to 0.10.7
+  * fix(deps): update rust crate clap to 4.3.4
+  * chore(deps): update dependency containers/automation_images to v20230614
+  * fix(deps): update rust crate clap to 4.3.3
+  * fix(deps): update rust crate log to 0.4.19
+  * aardvark: fix missleading dns disabled log
+  * firewall: add NETAVARK_ISOLATION_3 chain for strict isolation
+  * docs: fix link to getting started
+  * fix(deps): update rust crate serde to 1.0.164
+  * netlink: fix incorrect info log for del_route
+  * dhcp-proxy: apply new ip address/gateway
+  * test-dhcp: fix broekn has_ip() check
+  * dhcp-proxy: actually implement renewing leases
+  * dhcp-proxy: simplify code
+  * dhcp-proxy: drop macaddr dependency
+  * dhcp-proxy: remove some unused traits
+  * fix(deps): update rust crate zbus to 3.13.1
+  * fix(deps): update rust crate clap to 4.3.2
+  * chore(deps): update rust crate once_cell to 1.18.0
+  * fix(deps): update rust crate url to 2.4.0
+  * fix(deps): update rust crate clap to 4.3.1
+  * chore(deps): update dependency containers/automation_images to v20230601
+  * chore(deps): update rust crate chrono to 0.4.26
+  * chore(deps): update rust crate chrono to 0.4.25
+  * fix(deps): update rust crate log to 0.4.18
+  * chore(deps): update rust crate once_cell to 1.17.2
+  * macvlan: add bclim option
+  * parse_option(): return option instead of default
+  * add no_default_gateway option
+  * fix(deps): update rust crate clap to 4.3.0
+  * chore(deps): update dependency containers/automation_images to v20230517
+  * fix(deps): update rust crate serde to 1.0.163
+  * Add ability to add static route
+  * fix(deps): update rust crate serde to 1.0.162
+  * Cirrus: Update fedora name to match image
+  * fix(deps): update rust crate clap to 4.2.7
+  * chore(deps): update dependency containers/automation_images to v20230426
+  * correct typo in Makefile
+  * simplify path printing
+  * fix(deps): update rust crate tokio to 1.28
+  * aardvark-dns pid: return better errors
+  * fix comment in Subnet definition
+  * aardvark: no error when aardvark config is not there
+  * fix(deps): update rust crate zbus to 3.12.0
+  * fix(deps): update rust crate clap to 4.2.4
+  * fix(deps): update rust crate clap to 4.2.2
+  * fix(deps): update rust crate serde_json to 1.0.96
+  * update clap to v4
+  * fix(deps): update rust crate serde to 1.0.160
+  * bump to v1.7.0-dev
+
+-------------------------------------------------------------------
+Fri Jun 23 13:50:40 UTC 2023 - Danish Prakash <danish.prakash@suse.com>
+
+- Add aardvark-dns as Requires for netavark
+
+-------------------------------------------------------------------
+Wed Apr 12 06:12:35 UTC 2023 - danish.prakash@suse.com
+
+- Update to version 1.6.0:
+  * v1.6.0 release
+  * Update release notes for v1.6.0
+  * dhcp-proxy: fix typo for --activity-timeout
+  * chore(deps): update dependency containers/automation_images to v20230405
+  * dhcp-proxy: use better error when connection fails
+  * add documentation for netavark plugins
+  * add stderr example plugin to test stderr passthrough
+  * add netavark plugin driver
+  * add example error plugin
+  * add host-device example plugin
+  * plugin: add simple plugin interface
+  * netlink: add dump_addresses
+  * netlink: add set_link_ns
+  * dhcp-proxy: correctly exit > 0 on errors
+  * fix(deps): update rust crate tonic to 0.9
+  * fix(deps): update rust crate mozim to 0.2.2
+  * fix(deps): update rust crate serde to 1.0.159
+  * fix(deps): update rust crate netlink-sys to 0.8.5
+  * dhcp-proxy: create socket directory only when used
+  * dhcp-proxy: do not remove socket when running under systemd
+  * Makefile: netavark-dhcp-proxy.service use correct path
+  * fix(deps): update rust crate http to 0.2.9
+  * chore(deps): update rust crate once_cell to 1.17.1
+  * fix(deps): update rust-futures monorepo to 0.3.28
+  * fix(deps): update rust crate serde_json to 1.0.95
+  * chore(deps): update dependency containers/automation_images to v20230330
+  * Disable Dependabot in favor of Renovate
+  * chore(deps): update rust crate chrono to 0.4.24
+  * build(deps): bump ipnet from 2.7.1 to 2.7.2
+  * build(deps): bump serde from 1.0.158 to 1.0.159
+  * build(deps): bump serde_json from 1.0.94 to 1.0.95
+  * update,main: dont write empty space when no network_dns_servers is given
+  * fix(deps): update rust crate tokio to 1.27
+  * Quit Leasing when Client disconnects
+  * build(deps): bump mozim from 0.2.1 to 0.2.2
+  * iptables: fix incorrect debug statement
+  * build(deps): bump serde from 1.0.156 to 1.0.158
+  * iptables: port fw handle wildcard address correctly
+  * chore(deps): update dependency containers/automation_images to v20230320
+  * build(deps): bump zbus from 3.11.0 to 3.11.1
+  * build(deps): bump anyhow from 1.0.69 to 1.0.70
+  * [CI:BUILD] Packit: trigger builds on commit to main branch
+  * Cirrus: Invalidate v2 bin cache
+  * Include Systemd Files in RPM Package
+  * Cirrus: Fix success failing on artifact extraction
+  * fix lint issue with new rust version 1.68
+  * Cirrus: Update to newer CI VM images
+  * build(deps): bump serde from 1.0.152 to 1.0.156
+  * combine dhcp-proxy and netavark into one binary
+  * update: should allow empty network_dns_servers
+  * build(deps): bump libc from 0.2.139 to 0.2.140
+  * fix aarch64 ncat flake
+  * update to mozim 0.2.1
+  * build(deps): bump zbus from 3.10.0 to 3.11.0
+  * packit: Update build release tag correctly
+  * test: move proto option into run_nc_test()
+  * test: add netns pid param to port checks
+  * test: import podman code to check for ports
+  * cirrus.yaml: add new binaries in art_prep_script
+  * fix netavark-dhcp-proxy binary in system unit
+  * import netavark-proxy-dhcp tests
+  * add build_proxy_client target
+  * add netavark-dhcp-proxy to rpm
+  * Fix dhcp-proxy build
+  * Merge nv-dhcp-proxy into nv
+  * fix default route metric test name
+  * build(deps): bump tokio from 1.25.0 to 1.26.0
+  * Support none parameter on NETAVARK_FW
+  * build(deps): bump anyhow from 1.0.68 to 1.0.69
+  * Fix typos
+  * update netlink-packet-{route,core} to 0.15 and 0.5
+  * build(deps): bump serde_json from 1.0.92 to 1.0.93
+  * build(deps): bump zbus from 3.8.0 to 3.10.0
+  * [CI:BUILD] Packit: initial enablement
+  * Allow custom cargo binary path
+  * build(deps): bump serde_json from 1.0.91 to 1.0.92
+  * Cirrus: Reduce requested CPUs for compile-tasks
+  * bump to version 1.0.6-dev
+  * build(deps): bump netlink-sys from 0.8.3 to 0.8.4
+  * Add renovate.json5
+
+-------------------------------------------------------------------
+Thu Mar 16 14:07:12 UTC 2023 - Dan Čermák <dcermak@suse.com>
+
+- Bump required rust version & fix libexecdir
+
+-------------------------------------------------------------------
+Fri Feb 10 09:14:07 UTC 2023 - Dan Čermák <dcermak@suse.com>
+
+- First version of netavark
--- a/netavark.spec
+++ b/netavark.spec
@ -0,0 +1,93 @@
+#
+# spec file for package netavark
+#
+# Copyright (c) 2024 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+%define major_minor %((v=%{version}; echo ${v%.*}))
+
+Name:           netavark
+Version:        1.10.2
+Release:        0
+Summary:        Container network stack
+License:        Apache-2.0
+URL:            https://github.com/containers/%{name}
+Source0:        %{name}-%{version}.tar.gz
+Source1:        vendor.tar.gz
+Source2:        cargo_config
+BuildRequires:  cargo-packaging
+BuildRequires:  go-md2man
+BuildRequires:  protobuf-devel
+BuildRequires:  rust+cargo >= 1.66
+BuildRequires:  systemd-rpm-macros
+# aardvark-dns and %%{name} are usually released in sync
+Requires:       aardvark-dns >= %{major_minor}
+# Provides: container-network-stack = 2
+
+%description
+Netavark is a rust based network stack for containers. It is being
+designed to work with Podman but is also applicable for other OCI
+container management applications.
+Netavark is a tool for configuring networking for Linux containers.
+Its features include:
+* Configuration of container networks via JSON configuration file
+* Creation and management of required network interfaces,
+    including MACVLAN networks
+* All required firewall configuration to perform NAT and port
+    forwarding as required for containers
+* Support for iptables and firewalld at present, with support
+    for nftables planned in a future release
+* Support for rootless containers
+* Support for IPv4 and IPv6
+* Support for container DNS resolution via aardvark-dns.
+
+%prep
+%autosetup -a1
+mkdir .cargo
+cp %{SOURCE2} .cargo/config
+
+%build
+cargo build --release
+mkdir -p bin
+cp target/release/%{name} bin/
+
+cd docs
+go-md2man -in %{name}.1.md -out %{name}.1
+
+%install
+%make_install DESTDIR=%{buildroot} PREFIX=%{_prefix} LIBEXECDIR=%{_libexecdir}
+
+%files
+%license LICENSE
+%dir %{_libexecdir}/podman
+%{_libexecdir}/podman/%{name}
+%{_mandir}/man1/%{name}.1%{?ext_man}
+%{_unitdir}/%{name}-dhcp-proxy.service
+%{_unitdir}/%{name}-dhcp-proxy.socket
+%{_unitdir}/%{name}-firewalld-reload.service
+
+%pre
+%service_add_pre %{name}-dhcp-proxy.service %{name}-dhcp-proxy.socket %{name}-firewalld-reload.service
+
+%post
+%service_add_post %{name}-dhcp-proxy.service %{name}-dhcp-proxy.socket %{name}-firewalld-reload.service
+
+%preun
+%service_del_preun %{name}-dhcp-proxy.service %{name}-dhcp-proxy.socket %{name}-firewalld-reload.service
+
+%postun
+%service_del_postun %{name}-dhcp-proxy.service %{name}-dhcp-proxy.socket %{name}-firewalld-reload.service
+
+%changelog
--- a/vendor.tar.gz
+++ b/vendor.tar.gz