cfengine/cfengine.spec

#
# spec file for package cfengine
#
# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#


%define libname   libpromises
%define libsoname %{libname}3

# Yes, its not FHS conformant but in sync with cfengine documentation
%define   basedir   %{_localstatedir}/%{name}
%define   workdir   %{basedir}
# This is the place where workdir should be
#%%define basedir   %%{_localstatedir}/lib/%%{name}
#%%define workdir   %%{basedir}/work

%if 0%{?suse_version} < 1500
# assume SuSEfirewall2
%define with_sfw2 1
%else
# assume firewalld
%define with_sfw2 0
%endif
# Version of libntech needed (see git repo of core)
%define libntech_hash 4e9efcb84172110fa92742836b8d34688983c2e7
# pass --with-bla to enable the build
%bcond_with mysql
%bcond_with postgresql
%bcond_with libvirt
Name:           cfengine
Version:        3.17.0
Release:        0
Summary:        Configuration management framework
License:        GPL-3.0-only
Group:          Productivity/Networking/System
URL:            https://cfengine.com/
Source0:        https://github.com/cfengine/core/archive/refs/tags/%{version}.tar.gz#/core-%{version}.tar.gz
Source1:        https://github.com/cfengine/libntech/archive/%{libntech_hash}.tar.gz#/libntech-%{libntech_hash}.tar.gz
Source11:       %{name}.SuSEfirewall2
Source12:       cf-execd.service
Source13:       cf-monitord.service
Source14:       cf-serverd.service
Source15:       cf-monitord
Source16:       cf-execd
Source17:       cf-serverd
Source20:       %{name}.cron
Source21:       %{name}-rpmlintrc
Patch0:         harden_cf-apache.service.patch
Patch1:         harden_cf-execd.service.patch
Patch2:         harden_cf-hub.service.patch
Patch3:         harden_cf-monitord.service.patch
Patch4:         harden_cf-postgres.service.patch
Patch5:         harden_cf-runalerts.service.patch
Patch6:         harden_cf-serverd.service.patch
Patch7:         harden_cfengine3.service.patch
BuildRequires:  bison
BuildRequires:  db-devel
BuildRequires:  fdupes
BuildRequires:  flex
BuildRequires:  libacl-devel
BuildRequires:  libtool
BuildRequires:  libxml2-devel
BuildRequires:  lmdb-devel >= 0.9.17
BuildRequires:  openssl-devel >= 1.0.2e
BuildRequires:  pam-devel
BuildRequires:  pcre-devel >= 8.38
BuildRequires:  pkgconfig
# for flock
BuildRequires:  util-linux
# for llzma
BuildRequires:  xz-devel
BuildRequires:  pkgconfig(systemd)
Requires:       %{libsoname} = %{version}
Recommends:     %{name}-documentation
%{?systemd_requires}
%if !%{with_sfw2}
BuildRequires:  firewall-macros
%endif
%if %{with mysql}
BuildRequires:  mysql-devel
%endif
%if %{with libvirt}
BuildRequires:  libvirt-devel
%endif
%if %{with postgresql}
BuildRequires:  postgresql-devel
%endif
%if 0%{?fedora_version} == 20
BuildRequires:  perl-Exporter
%endif

%description
CFEngine is the core of a configuration management system. It
combines modeling and monitoring to move a system into compliance
with a user-defined model (the Desired State). A domain-specific
language is used for setting this up.

%package -n %{libsoname}
Summary:        Shared library of cfengine
Group:          System/Libraries
Provides:       %{libname}1 = %{version}
Obsoletes:      %{libname}1 < %{version}

%description -n %{libsoname}
This package contains the shared libpromises (cfengine) library.

%package -n %{libname}-devel
Summary:        Development package for libpromises
Group:          Development/Libraries/C and C++
Requires:       %{libsoname} = %{version}
Requires:       glibc-devel
Provides:       %{name}-devel = %{version}
Obsoletes:      %{name}-devel < %{version}

%description -n %{libname}-devel
A character set detection library.

This package contains the files needed to compile programs that use the
libpromises library.

%package examples
Summary:        CFEngine example promises
Group:          Documentation/Other
BuildArch:      noarch

%description examples
Lots of example promises for CFEngine.

%prep
%setup -q -n core-%{version} -a 1
[ -d libntech ] && rmdir -v libntech
ln -s libntech-%{libntech_hash} libntech
##### rpmlint
#### wrong-file-end-of-line-encoding
find ./examples -type f -name "*.cf" -exec perl -p -i -e 's|\r\n|\n|' {} \;
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1

%build
EXPLICIT_VERSION=%{version} autoreconf -fvi -I m4
CC=cc CFLAGS="%{optflags} -fno-strict-aliasing" \
%configure \
  --disable-static \
  --disable-silent-rules \
  --enable-fhs \
  --datadir=%{_localstatedir} \
  --with-workdir=%{workdir} \
%if %{with postgresql}
  --with-postgresql \
%endif
%if %{with mysql}
  --with-mysql \
%endif
  --without-qdbm \
  --without-tokyocabinet \
  --with-lmdb \
  --with-pthreads \
  --with-openssl \
  --with-pcre \
%if %{with libvirt}
  --with-libvirt \
%endif
  --without-libacl \
  --with-libxml2 \
%if 0%{?rhel_version} > 0 && 0%{?rhel_version} < 700
  --docdir=%{_docdir}/%{name}-%{version} \
%else
  --docdir=%{_docdir}/%{name} \
%endif
  --with-pam

%make_build

%check
# FAIL: process_test
%make_build check || :

%install
chmod -x ChangeLog
%make_install

# will appear in cfengine-examples
rm -rf %{buildroot}/%{_docdir}/%{name}/examples

install -d %{buildroot}/{%{_bindir},%{_sbindir},%{workdir}/{bin,inputs,reports}}

# create dirs needed for better organizing dirs and files
install -d %{buildroot}/%{basedir}/{backup,failsafe,config,plugins}

# systemd: install sample cron file in docdir
cp %{SOURCE20} %{buildroot}/%{_docdir}/%{name}

# install systemd scripts
install -d %{buildroot}%{_unitdir}
install -m 0644 %{SOURCE12} %{SOURCE13} %{SOURCE14} %{buildroot}/%{_unitdir}
ln -s -f service %{buildroot}/%{_sbindir}/rccf-monitord
ln -s -f service %{buildroot}/%{_sbindir}/rccf-execd
ln -s -f service %{buildroot}/%{_sbindir}/rccf-serverd

# create symlinks for bin_PROGRAMS
# because: cf-promises needs to be installed in /var/cfengine/work/bin for pre-validation of full configuration
for i in cf-agent cf-execd cf-key cf-monitord cf-promises cf-runagent cf-serverd cf-upgrade; do
  ln -s -f %{_bindir}/${i} %{buildroot}%{workdir}/bin/${i}
done

rm -rf %{buildroot}/%{_libdir}/%{name}/libpromises.la

# will appear in %%docdir
rm -rf %{buildroot}/%{_datadir}/%{name}/ChangeLog
rm -rf %{buildroot}/%{_datadir}/%{name}/README

# create man pages, see https://cfengine.com/dev/issues/2989
install -d %{buildroot}/%{_mandir}/man8
for i in cf-agent cf-execd cf-key cf-monitord cf-promises cf-runagent cf-serverd
do
  LD_LIBRARY_PATH=%{buildroot}%{_libdir}/%{name} %{buildroot}%{_bindir}/$i -M > %{buildroot}%{_mandir}/man8/$i.8
  gzip -n9 %{buildroot}%{_mandir}/man8/$i.8
done

# Firewall
%if %{with_sfw2}
install -D -m 644 %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/cfengine
%endif

# Ckeabyo dyoes
%fdupes %{buildroot}%{_datadir}/cfengine

%pre
%service_add_pre cf-execd.service cf-monitord.service cf-serverd.service cf-apache.service cf-hub.service cf-postgres.service cf-runalerts.service cfengine3.service

%post
%service_add_post cf-execd.service cf-monitord.service cf-serverd.service cf-apache.service cf-hub.service cf-postgres.service cf-runalerts.service cfengine3.service
if [ $1 -lt 2 ]; then
  # first install, generate key pair
  cf-key
fi
%if !%{with_sfw2}
%firewalld_reload
%endif

%preun
%service_del_preun cf-execd.service cf-monitord.service cf-serverd.service cf-apache.service cf-hub.service cf-postgres.service cf-runalerts.service cfengine3.service

%postun
%service_del_postun cf-execd.service cf-monitord.service cf-serverd.service cf-apache.service cf-hub.service cf-postgres.service cf-runalerts.service cfengine3.service
if [ $1 -eq 0 ]; then
  # clean up inputs cache dir on removal
  rm -rf %{basedir}/inputs/*
fi
%if !%{with_sfw2}
%firewalld_reload
%endif

%post   -n %{libsoname} -p /sbin/ldconfig
%postun -n %{libsoname} -p /sbin/ldconfig

%files
%license LICENSE
%doc ChangeLog README.md
%{_bindir}/cf-agent
%{_bindir}/cf-check
%{_bindir}/cf-execd
%{_bindir}/cf-key
%{_bindir}/cf-net
%{_bindir}/cf-monitord
%{_bindir}/cf-promises
%{_bindir}/cf-secret
%{_bindir}/cf-serverd
%{_bindir}/cf-upgrade
%{_bindir}/cf-runagent
%{_bindir}/rpmvercmp
%{_unitdir}/cf-execd.service
%{_unitdir}/cf-monitord.service
%{_unitdir}/cf-serverd.service
%{_sbindir}/rccf-execd
%{_sbindir}/rccf-monitord
%{_sbindir}/rccf-serverd
%{_unitdir}/*.service
%if %{with_sfw2}
%config %dir %{_sysconfdir}/sysconfig/SuSEfirewall2.d
%config %dir %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services
%config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/cfengine
%endif
%{_mandir}/man8/*
%dir %{basedir}
%dir %{workdir}
%{workdir}/*
%{_docdir}/%{name}/cfengine.cron

%files -n %{libsoname}
%dir %{_libdir}/%{name}
%{_libdir}/%{name}/%{libname}.so.*

%files -n %{libname}-devel
%{_libdir}/%{name}/%{libname}.so

%files examples
%doc examples/*cf

%changelog