nitro-enclaves-vsock-proxy.service

OBS-URL: https://build.opensuse.org/package/show/Cloud:Tools/aws-nitro-enclaves-cli?expand=0&rev=8
2021-11-24 13:23:53 +00:00 · 2021-11-24 13:23:53 +00:00 · 7a1087b8d1
commit 7a1087b8d1
parent 12ee4d93e8
2 changed files with 18 additions and 7 deletions
--- a/aws-nitro-enclaves-cli.patch
+++ b/aws-nitro-enclaves-cli.patch
@ -4,7 +4,7 @@
 StandardOutput=journal
 StandardError=journal
 SyslogIdentifier=vsock-proxy
-+Environment=VSOCK_PROXY_CONFIG=/etc/nitro_enclaves/vsock-proxy.yaml
+Environment=VSOCK_PROXY_CONFIG=/usr/share/nitro_enclaves/vsock-proxy.yaml
 ExecStart=/bin/bash -ce "TOKEN=$(curl --silent -X PUT \"http://169.254.169.254/latest/api/token\" -H \"X-aws-ec2-metadata-token-ttl-seconds: 21600\") ; \
 			REGION=$(curl --silent -H \"X-aws-ec2-metadata-token: $TOKEN\" http://169.254.169.254/latest/dynamic/instance-identity/document | jq -r .region) ; \
 			[ -z \"$REGION\" ] && REGION=$(curl --silent http://169.254.169.254/latest/dynamic/instance-identity/document | jq -r .region) ; \
--- a/aws-nitro-enclaves-cli.spec
+++ b/aws-nitro-enclaves-cli.spec
@ -31,6 +31,7 @@ Source1:        vendor.tar.xz
 Source2:        cargo_config
 Requires(pre):  system-group-%ne_system_group = %version-%release
 Requires:       aws-nitro-enclaves-binaryblobs
+Requires:       jq
 BuildRequires:  cargo > 1.44
 BuildRequires:  clang
 BuildRequires:  glibc-devel-static
@ -81,6 +82,7 @@ RUSTFLAGS="${rustflags}" cargo build ${release} --manifest-path=./vsock_proxy/Ca
 mkdir -vp '%buildroot%_unitdir'
 cp -aviLt "$_" \
 	bootstrap/nitro-enclaves-allocator.service \
+	vsock_proxy/service/nitro-enclaves-vsock-proxy.service \
 	%nil
 mkdir -vp '%buildroot%_bindir'
 cp -aviLt "$_" \
@ -94,7 +96,12 @@ cp -aviLt "$_" \
 	bootstrap/allocator.yaml \
 	%nil

-blobs='%buildroot%_datadir/nitro_enclaves/blobs'
+d='%buildroot%_datadir/nitro_enclaves'
+mkdir -vp "${d}"
+cp -aviLt "$_" \
+	vsock_proxy/configs/vsock-proxy.yaml \
+	%nil
+blobs="${d}/blobs"
 mkdir -vp "${blobs}"
 %ifarch aarch64
 cp -aviLt "${blobs}" blobs/aarch64/*
@ -132,7 +139,7 @@ cp -aviLt "$_" "${suc}"
 %_sysusersdir/*.conf

 %pre -n system-group-%ne_system_group -f system-group-%ne_system_group.pre
-%service_add_pre nitro-enclaves-allocator.service
+%service_add_pre nitro-enclaves-allocator.service nitro-enclaves-vsock-proxy.service
 %post
 %tmpfiles_create %_tmpfilesdir/%name.conf
 ld='/var/log/nitro_enclaves'
@ -140,11 +147,11 @@ mkdir -vp "${ld}"
 chmod -v 0770 "${ld}"
 chown -v '0:%ne_system_group' "${ld}"
 %udev_rules_update
-%service_add_post nitro-enclaves-allocator.service
+%service_add_post nitro-enclaves-allocator.service nitro-enclaves-vsock-proxy.service
 %preun
-%service_del_preun nitro-enclaves-allocator.service
+%service_del_preun nitro-enclaves-allocator.service nitro-enclaves-vsock-proxy.service
 %postun
-%service_del_postun_without_restart nitro-enclaves-allocator.service
+%service_del_postun_without_restart nitro-enclaves-allocator.service nitro-enclaves-vsock-proxy.service

 %files
 %doc README.md
@ -152,14 +159,18 @@ chown -v '0:%ne_system_group' "${ld}"
 %license LICENSE
 %license THIRD_PARTY_LICENSES
 %license THIRD_PARTY_LICENSES*.html
+%dir %_datadir/nitro_enclaves
 %config(noreplace) %_sysconfdir/nitro_enclaves
 %_bindir/*
+%_datadir/nitro_enclaves/vsock-proxy.yaml
 %_tmpfilesdir/%name.conf
 %_udevrulesdir/%name.conf
 %_unitdir/nitro-enclaves-allocator.service
+%_unitdir/nitro-enclaves-vsock-proxy.service

 %files -n aws-nitro-enclaves-binaryblobs-upstream
-%_datadir/nitro_enclaves
+%dir %_datadir/nitro_enclaves
+%_datadir/nitro_enclaves/blobs

 %changelog