Accepting request 1088253 from home:cyphar:docker

- Update to Docker 23.0.6-ce. See upstream changelog online at
  <https://docs.docker.com/engine/release-notes/23.0/#2306>. bsc#1211578
- Rebase patches:
  * cli-0001-docs-include-required-tools-in-source-tree.patch
- Re-unify packaging for SLE-12 and SLE-15.
- Add patch to fix build on SLE-12 by switching back to libbtrfs-devel headers
  (the uapi headers in SLE-12 are too old).
  + 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
- Re-numbered patches:
  - 0003-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
  + 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch`

OBS-URL: https://build.opensuse.org/request/show/1088253
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=386
This commit is contained in:
Aleksa Sarai 2023-05-22 06:23:47 +00:00 committed by Git OBS Bridge
parent 8bf4339d22
commit 3a683e6a82
12 changed files with 138 additions and 53 deletions

View File

@ -1,7 +1,7 @@
From 5c6812a104e161599fc8569d0b4af04224ef3b5a Mon Sep 17 00:00:00 2001 From e4410ba60f96f1d57d088208eaedd12c0fca6b80 Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <asarai@suse.de> From: Aleksa Sarai <asarai@suse.de>
Date: Wed, 8 Mar 2017 12:41:54 +1100 Date: Wed, 8 Mar 2017 12:41:54 +1100
Subject: [PATCH 1/3] SECRETS: daemon: allow directory creation in /run/secrets Subject: [PATCH 1/4] SECRETS: daemon: allow directory creation in /run/secrets
Since FileMode can have the directory bit set, allow a SecretStore Since FileMode can have the directory bit set, allow a SecretStore
implementation to return secrets that are actually directories. This is implementation to return secrets that are actually directories. This is
@ -69,5 +69,5 @@ index 561077b66b60..0b70825dd2ff 100644
return errors.Wrap(err, "error setting ownership for secret") return errors.Wrap(err, "error setting ownership for secret")
} }
-- --
2.40.0 2.40.1

View File

@ -1,7 +1,7 @@
From 4138c02a19fbd3d3ff50f0b364bf4b99adc47298 Mon Sep 17 00:00:00 2001 From 3b56cce3fab96f60ef8dcb40fe143159c519e97a Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <asarai@suse.de> From: Aleksa Sarai <asarai@suse.de>
Date: Wed, 8 Mar 2017 11:43:29 +1100 Date: Wed, 8 Mar 2017 11:43:29 +1100
Subject: [PATCH 2/3] SECRETS: SUSE: implement SUSE container secrets Subject: [PATCH 2/4] SECRETS: SUSE: implement SUSE container secrets
This allows for us to pass in host credentials to a container, allowing This allows for us to pass in host credentials to a container, allowing
for SUSEConnect to work with containers. for SUSEConnect to work with containers.
@ -456,5 +456,5 @@ index 000000000000..32b0ece91b59
+ return nil + return nil
+} +}
-- --
2.40.0 2.40.1

View File

@ -0,0 +1,46 @@
From a5bb4ed6a9dd6f3e859524bcc44a822fdeb779fc Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <asarai@suse.de>
Date: Mon, 22 May 2023 15:44:54 +1000
Subject: [PATCH 3/4] BUILD: SLE12: revert "graphdriver/btrfs: use kernel UAPI
headers"
This reverts commit 3208dcabdc8997340b255f5b880fef4e3f54580d.
On SLE 12, our UAPI headers are too old, resulting in us being unable to
build the btrfs driver with the new headers. This patch is only needed
for SLE-12.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
---
daemon/graphdriver/btrfs/btrfs.go | 13 ++++---------
1 file changed, 4 insertions(+), 9 deletions(-)
diff --git a/daemon/graphdriver/btrfs/btrfs.go b/daemon/graphdriver/btrfs/btrfs.go
index 7f82594b4ebd..532c19a8a15c 100644
--- a/daemon/graphdriver/btrfs/btrfs.go
+++ b/daemon/graphdriver/btrfs/btrfs.go
@@ -5,17 +5,12 @@ package btrfs // import "github.com/docker/docker/daemon/graphdriver/btrfs"
/*
#include <stdlib.h>
-#include <stdio.h>
#include <dirent.h>
-#include <linux/version.h>
-#if LINUX_VERSION_CODE < KERNEL_VERSION(4,12,0)
- #error "Headers from kernel >= 4.12 are required to build with Btrfs support."
- #error "HINT: Set 'DOCKER_BUILDTAGS=exclude_graphdriver_btrfs' to build without Btrfs."
-#endif
-
-#include <linux/btrfs.h>
-#include <linux/btrfs_tree.h>
+// keep struct field name compatible with btrfs-progs < 6.1.
+#define max_referenced max_rfer
+#include <btrfs/ioctl.h>
+#include <btrfs/ctree.h>
static void set_name_btrfs_ioctl_vol_args_v2(struct btrfs_ioctl_vol_args_v2* btrfs_struct, const char* value) {
snprintf(btrfs_struct->name, BTRFS_SUBVOL_NAME_MAX, "%s", value);
--
2.40.1

View File

@ -1,7 +1,7 @@
From 3e37bbad6f0a0c2576ad0b9dfe7a4a9290aa2aa0 Mon Sep 17 00:00:00 2001 From 81648019f140e161dd723774ce206d40fb697ba3 Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <asarai@suse.de> From: Aleksa Sarai <asarai@suse.de>
Date: Fri, 29 Jun 2018 17:59:30 +1000 Date: Fri, 29 Jun 2018 17:59:30 +1000
Subject: [PATCH 3/3] bsc1073877: apparmor: clobber docker-default profile on Subject: [PATCH 4/4] bsc1073877: apparmor: clobber docker-default profile on
start start
In the process of making docker-default reloading far less expensive, In the process of making docker-default reloading far less expensive,
@ -85,5 +85,5 @@ index 40abbe8cc19c..05c6db818c30 100644
} }
-- --
2.40.0 2.40.1

View File

@ -3,16 +3,16 @@
<param name="url">https://github.com/moby/moby.git</param> <param name="url">https://github.com/moby/moby.git</param>
<param name="scm">git</param> <param name="scm">git</param>
<param name="exclude">.git</param> <param name="exclude">.git</param>
<param name="versionformat">23.0.5_ce_%h</param> <param name="versionformat">23.0.6_ce_%h</param>
<param name="revision">v23.0.5</param> <param name="revision">v23.0.6</param>
<param name="filename">docker</param> <param name="filename">docker</param>
</service> </service>
<service name="tar_scm" mode="disabled"> <service name="tar_scm" mode="disabled">
<param name="url">https://github.com/docker/cli.git</param> <param name="url">https://github.com/docker/cli.git</param>
<param name="scm">git</param> <param name="scm">git</param>
<param name="exclude">.git</param> <param name="exclude">.git</param>
<param name="versionformat">23.0.5_ce</param> <param name="versionformat">23.0.6_ce</param>
<param name="revision">v23.0.5</param> <param name="revision">v23.0.6</param>
<param name="filename">docker-cli</param> <param name="filename">docker-cli</param>
</service> </service>
<service name="recompress" mode="disabled"> <service name="recompress" mode="disabled">

View File

@ -1,4 +1,4 @@
From 0c35d956eb289bd6186e2865a779d2615c471b94 Mon Sep 17 00:00:00 2001 From f571ed4f350621b20280e74bf663535533246511 Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <asarai@suse.de> From: Aleksa Sarai <asarai@suse.de>
Date: Wed, 26 Apr 2023 10:13:48 +1000 Date: Wed, 26 Apr 2023 10:13:48 +1000
Subject: [PATCH] docs: include required tools in source tree Subject: [PATCH] docs: include required tools in source tree
@ -23,9 +23,9 @@ Signed-off-by: Aleksa Sarai <asarai@suse.de>
import.go | 17 + import.go | 17 +
man/go.mod | 15 - man/go.mod | 15 -
man/tools.go | 11 - man/tools.go | 11 -
scripts/docs/generate-man.sh | 32 +- scripts/docs/generate-man.sh | 35 +-
scripts/docs/generate-md.sh | 23 +- scripts/docs/generate-md.sh | 28 +-
scripts/docs/generate-yaml.sh | 28 +- scripts/docs/generate-yaml.sh | 31 +-
vendor.mod | 4 + vendor.mod | 4 +
vendor.sum | 4 + vendor.sum | 4 +
.../cpuguy83/go-md2man/v2/.gitignore | 2 + .../cpuguy83/go-md2man/v2/.gitignore | 2 +
@ -89,7 +89,7 @@ Signed-off-by: Aleksa Sarai <asarai@suse.de>
vendor/gopkg.in/yaml.v3/yamlh.go | 807 +++++ vendor/gopkg.in/yaml.v3/yamlh.go | 807 +++++
vendor/gopkg.in/yaml.v3/yamlprivateh.go | 198 ++ vendor/gopkg.in/yaml.v3/yamlprivateh.go | 198 ++
vendor/modules.txt | 15 + vendor/modules.txt | 15 +
71 files changed, 22956 insertions(+), 119 deletions(-) 71 files changed, 22969 insertions(+), 117 deletions(-)
delete mode 100644 docs/generate/go.mod delete mode 100644 docs/generate/go.mod
delete mode 100644 docs/generate/tools.go delete mode 100644 docs/generate/tools.go
create mode 100644 import.go create mode 100644 import.go
@ -251,10 +251,10 @@ index 3cafe6533aff..000000000000
- _ "github.com/spf13/pflag" - _ "github.com/spf13/pflag"
-) -)
diff --git a/scripts/docs/generate-man.sh b/scripts/docs/generate-man.sh diff --git a/scripts/docs/generate-man.sh b/scripts/docs/generate-man.sh
index 6afed3fa8708..128828f50342 100755 index 6afed3fa8708..6abac3b1d28e 100755
--- a/scripts/docs/generate-man.sh --- a/scripts/docs/generate-man.sh
+++ b/scripts/docs/generate-man.sh +++ b/scripts/docs/generate-man.sh
@@ -1,35 +1,13 @@ @@ -1,35 +1,18 @@
#!/usr/bin/env bash #!/usr/bin/env bash
-set -eu -set -eu
@ -270,7 +270,11 @@ index 6afed3fa8708..128828f50342 100755
- -
-buildir=$(mktemp -d -t docker-cli-docsgen.XXXXXXXXXX) -buildir=$(mktemp -d -t docker-cli-docsgen.XXXXXXXXXX)
-trap clean EXIT -trap clean EXIT
- +# temporary "go.mod" to make -modfile= work
+touch go.mod
+# shellcheck disable=SC2064
+trap "rm -f $(pwd)/go.mod" EXIT
-( -(
- set -x - set -x
- cp -r . "$buildir/" - cp -r . "$buildir/"
@ -296,10 +300,10 @@ index 6afed3fa8708..128828f50342 100755
mkdir -p man/man1 mkdir -p man/man1
(set -x ; /tmp/gen-manpages --root "." --target "$(pwd)/man/man1") (set -x ; /tmp/gen-manpages --root "." --target "$(pwd)/man/man1")
diff --git a/scripts/docs/generate-md.sh b/scripts/docs/generate-md.sh diff --git a/scripts/docs/generate-md.sh b/scripts/docs/generate-md.sh
index a947bb969673..327a06aa4c24 100755 index a947bb969673..0e4e231e5c8e 100755
--- a/scripts/docs/generate-md.sh --- a/scripts/docs/generate-md.sh
+++ b/scripts/docs/generate-md.sh +++ b/scripts/docs/generate-md.sh
@@ -1,36 +1,19 @@ @@ -1,36 +1,24 @@
#!/usr/bin/env bash #!/usr/bin/env bash
-set -eu -set -eu
@ -334,16 +338,21 @@ index a947bb969673..327a06aa4c24 100755
- # build docsgen - # build docsgen
- go build -mod=vendor -modfile=vendor.mod -tags docsgen -o /tmp/docsgen ./docs/generate/generate.go - go build -mod=vendor -modfile=vendor.mod -tags docsgen -o /tmp/docsgen ./docs/generate/generate.go
-) -)
+# temporary "go.mod" to make -modfile= work
+touch go.mod
+# shellcheck disable=SC2064
+trap "rm -f $(pwd)/go.mod" EXIT
+
+# build docsgen +# build docsgen
+go build -mod=vendor -modfile=vendor.mod -tags docsgen -o /tmp/docsgen ./docs/generate/generate.go +go build -mod=vendor -modfile=vendor.mod -tags docsgen -o /tmp/docsgen ./docs/generate/generate.go
# yaml generation on docs repo needs the cli.md file: https://github.com/docker/cli/pull/3924#discussion_r1059986605 # yaml generation on docs repo needs the cli.md file: https://github.com/docker/cli/pull/3924#discussion_r1059986605
# but markdown generation docker.md atm. While waiting for a fix in cli-docs-tool # but markdown generation docker.md atm. While waiting for a fix in cli-docs-tool
diff --git a/scripts/docs/generate-yaml.sh b/scripts/docs/generate-yaml.sh diff --git a/scripts/docs/generate-yaml.sh b/scripts/docs/generate-yaml.sh
index 4d0006e43e79..3f3f7df8b140 100755 index 4d0006e43e79..abebc183d49c 100755
--- a/scripts/docs/generate-yaml.sh --- a/scripts/docs/generate-yaml.sh
+++ b/scripts/docs/generate-yaml.sh +++ b/scripts/docs/generate-yaml.sh
@@ -1,33 +1,11 @@ @@ -1,33 +1,16 @@
#!/usr/bin/env bash #!/usr/bin/env bash
-set -eu -set -eu
@ -359,7 +368,11 @@ index 4d0006e43e79..3f3f7df8b140 100755
- -
-buildir=$(mktemp -d -t docker-cli-docsgen.XXXXXXXXXX) -buildir=$(mktemp -d -t docker-cli-docsgen.XXXXXXXXXX)
-trap clean EXIT -trap clean EXIT
- +# temporary "go.mod" to make -modfile= work
+touch go.mod
+# shellcheck disable=SC2064
+trap "rm -f $(pwd)/go.mod" EXIT
-( -(
- set -x - set -x
- cp -r . "$buildir/" - cp -r . "$buildir/"
@ -381,7 +394,7 @@ index 4d0006e43e79..3f3f7df8b140 100755
mkdir -p docs/yaml mkdir -p docs/yaml
set -x set -x
diff --git a/vendor.mod b/vendor.mod diff --git a/vendor.mod b/vendor.mod
index da1d033bff0b..61034043c05e 100644 index eed166a6de6b..993aca7af845 100644
--- a/vendor.mod --- a/vendor.mod
+++ b/vendor.mod +++ b/vendor.mod
@@ -8,7 +8,9 @@ go 1.18 @@ -8,7 +8,9 @@ go 1.18
@ -392,7 +405,7 @@ index da1d033bff0b..61034043c05e 100644
github.com/creack/pty v1.1.11 github.com/creack/pty v1.1.11
+ github.com/docker/cli-docs-tool v0.5.1 + github.com/docker/cli-docs-tool v0.5.1
github.com/docker/distribution v2.8.1+incompatible github.com/docker/distribution v2.8.1+incompatible
github.com/docker/docker v23.0.4+incompatible github.com/docker/docker v23.0.5+incompatible
github.com/docker/docker-credential-helpers v0.7.0 github.com/docker/docker-credential-helpers v0.7.0
@@ -67,6 +69,7 @@ require ( @@ -67,6 +69,7 @@ require (
github.com/prometheus/common v0.37.0 // indirect github.com/prometheus/common v0.37.0 // indirect
@ -409,7 +422,7 @@ index da1d033bff0b..61034043c05e 100644
+ gopkg.in/yaml.v3 v3.0.1 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect
) )
diff --git a/vendor.sum b/vendor.sum diff --git a/vendor.sum b/vendor.sum
index 91aae7c1487c..ad0005735231 100644 index 6edc40179f41..c5e8b1e9ea76 100644
--- a/vendor.sum --- a/vendor.sum
+++ b/vendor.sum +++ b/vendor.sum
@@ -89,6 +89,7 @@ github.com/containerd/containerd v1.6.19/go.mod h1:HZCDMn4v/Xl2579/MvtOC2M206i+J @@ -89,6 +89,7 @@ github.com/containerd/containerd v1.6.19/go.mod h1:HZCDMn4v/Xl2579/MvtOC2M206i+J
@ -23703,7 +23716,7 @@ index 000000000000..e88f9c54aecb
+ +
+} +}
diff --git a/vendor/modules.txt b/vendor/modules.txt diff --git a/vendor/modules.txt b/vendor/modules.txt
index 520bc4ca95e0..e744937180df 100644 index 807b468777dc..0d69cb4dbed5 100644
--- a/vendor/modules.txt --- a/vendor/modules.txt
+++ b/vendor/modules.txt +++ b/vendor/modules.txt
@@ -18,9 +18,17 @@ github.com/containerd/containerd/errdefs @@ -18,9 +18,17 @@ github.com/containerd/containerd/errdefs
@ -23752,5 +23765,5 @@ index 520bc4ca95e0..e744937180df 100644
## explicit; go 1.13 ## explicit; go 1.13
gotest.tools/v3/assert gotest.tools/v3/assert
-- --
2.40.0 2.40.1

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:84d3a48cfbeeece15ad367eb03834a97b0c57d195d889e5191c138cd6e06579a
size 8262024

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d8494e1f37d2ebed2a41b347351d04c7d62d85d3fc99bbe3a82ba801ede376bf
size 8263188

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:b93219b6b5c781031c1ed35fb3174c59e3572e3437218ca3646361259acb77e8
size 3498104

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3ec1ca7d82f44abfe53424d1afd9ab4d81289108041e160984c46ef7171dd18f
size 3498076

View File

@ -1,3 +1,18 @@
-------------------------------------------------------------------
Sun May 21 02:31:35 UTC 2023 - Aleksa Sarai <asarai@suse.com>
- Update to Docker 23.0.6-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/23.0/#2306>. bsc#1211578
- Rebase patches:
* cli-0001-docs-include-required-tools-in-source-tree.patch
- Re-unify packaging for SLE-12 and SLE-15.
- Add patch to fix build on SLE-12 by switching back to libbtrfs-devel headers
(the uapi headers in SLE-12 are too old).
+ 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
- Re-numbered patches:
- 0003-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
+ 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch`
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Apr 27 14:09:05 UTC 2023 - Aleksa Sarai <asarai@suse.com> Thu Apr 27 14:09:05 UTC 2023 - Aleksa Sarai <asarai@suse.com>

View File

@ -31,9 +31,9 @@
# helpfully injects into our build environment from the changelog). If you want # helpfully injects into our build environment from the changelog). If you want
# to generate a new git_commit_epoch, use this: # to generate a new git_commit_epoch, use this:
# $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP '(?<=^CommitDate: ).*')" '+%s' # $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP '(?<=^CommitDate: ).*')" '+%s'
%define real_version 23.0.5 %define real_version 23.0.6
%define git_version 94d3ad69cc59 %define git_version 9dbdbd4b6d76
%define git_commit_epoch 1682522945 %define git_commit_epoch 1683319810
Name: docker Name: docker
Version: %{real_version}_ce Version: %{real_version}_ce
@ -57,15 +57,16 @@ Source104: docker-audit.rules
Source105: docker-daemon.json Source105: docker-daemon.json
Source106: docker.sysusers Source106: docker.sysusers
# NOTE: All of these patches are maintained in <https://github.com/suse/docker> # NOTE: All of these patches are maintained in <https://github.com/suse/docker>
# in the suse-<version> branch. Make sure you update the patches in that # in the suse-v<version> branch. Make sure you update the patches in that
# branch and then git-format-patch the patch here. # branch and then git-format-patch the patch here.
# SUSE-FEATURE: Adds the /run/secrets mountpoint inside all Docker containers # SUSE-FEATURE: Adds the /run/secrets mountpoint inside all Docker containers
# which is not snapshotted when images are committed. # which is not snapshotted when images are committed.
Patch100: 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch Patch100: 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
Patch101: 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch Patch101: 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
# SUSE-FEATURE: Add support to mirror unofficial/private registries # UPSTREAM: Revert of upstream patch to keep SLE-12 build working.
# <https://github.com/docker/docker/pull/34319>. Patch200: 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
Patch300: 0003-bsc1073877-apparmor-clobber-docker-default-profile-o.patch # UPSTREAM: Backport of <https://github.com/moby/moby/pull/41954>.
Patch300: 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
# UPSTREAM: Backport of <https://github.com/docker/cli/pull/4228>. # UPSTREAM: Backport of <https://github.com/docker/cli/pull/4228>.
Patch900: cli-0001-docs-include-required-tools-in-source-tree.patch Patch900: cli-0001-docs-include-required-tools-in-source-tree.patch
BuildRequires: audit BuildRequires: audit
@ -77,6 +78,7 @@ BuildRequires: libapparmor-devel
BuildRequires: libbtrfs-devel >= 3.8 BuildRequires: libbtrfs-devel >= 3.8
BuildRequires: libseccomp-devel >= 2.2 BuildRequires: libseccomp-devel >= 2.2
BuildRequires: libtool BuildRequires: libtool
BuildRequires: linux-glibc-devel
BuildRequires: procps BuildRequires: procps
BuildRequires: sqlite3-devel BuildRequires: sqlite3-devel
BuildRequires: zsh BuildRequires: zsh
@ -85,7 +87,19 @@ BuildRequires: go-go-md2man
BuildRequires: pkgconfig(libsystemd) BuildRequires: pkgconfig(libsystemd)
BuildRequires: sysuser-tools BuildRequires: sysuser-tools
BuildRequires: golang(API) = 1.19 BuildRequires: golang(API) = 1.19
%if 0%{?sle_version} >= 150000
# This conditional only works on rpm>=4.13, which SLE 12 doesn't have. But we
# don't need to support Docker+selinux for SLE 12 anyway.
Requires: (apparmor-parser or container-selinux) Requires: (apparmor-parser or container-selinux)
# This recommends is added to make sure that even if you have container-selinux
# installed you will still be prompted to install apparmor-parser which Docker
# requires to apply AppArmor profiles (for SELinux systems this doesn't matter
# but if you switch back to AppArmor on reboot this would result in insecure
# containers).
Recommends: apparmor-parser
%else
Requires: apparmor-parser
%endif
Requires: ca-certificates-mozilla Requires: ca-certificates-mozilla
# The docker-proxy binary used to be in a separate package. We obsolete it, # The docker-proxy binary used to be in a separate package. We obsolete it,
# since now docker-proxy is maintained as part of this package. # since now docker-proxy is maintained as part of this package.
@ -93,8 +107,8 @@ Obsoletes: docker-libnetwork < 0.7.0.2
Provides: docker-libnetwork = 0.7.0.2.%{version} Provides: docker-libnetwork = 0.7.0.2.%{version}
# Required to actually run containers. We require the minimum version that is # Required to actually run containers. We require the minimum version that is
# pinned by Docker, but in order to avoid headaches we allow for updates. # pinned by Docker, but in order to avoid headaches we allow for updates.
Requires: runc >= 1.1.5 Requires: runc >= 1.1.7
Requires: containerd >= 1.6.20 Requires: containerd >= 1.6.21
# Needed for --init support. We don't use "tini", we use our own implementation # Needed for --init support. We don't use "tini", we use our own implementation
# which handles edge-cases better. # which handles edge-cases better.
Requires: catatonit Requires: catatonit
@ -109,12 +123,6 @@ Requires: xz >= 4.9
Requires(post): %fillup_prereq Requires(post): %fillup_prereq
Requires(post): udev Requires(post): udev
Requires(post): shadow Requires(post): shadow
# This recommends is added to make sure that even if you have container-selinux
# installed you will still be prompted to install apparmor-parser which Docker
# requires to apply AppArmor profiles (for SELinux systems this doesn't matter
# but if you switch back to AppArmor on reboot this would result in insecure
# containers).
Recommends: apparmor-parser
# Not necessary, but must be installed when the underlying system is # Not necessary, but must be installed when the underlying system is
# configured to use lvm and the user doesn't explicitly provide a # configured to use lvm and the user doesn't explicitly provide a
# different storage-driver than devicemapper # different storage-driver than devicemapper
@ -184,12 +192,15 @@ cp %{SOURCE103} .
%patch100 -p1 %patch100 -p1
%patch101 -p1 %patch101 -p1
%endif %endif
%if 0%{?sle_version} == 120000
# Patches to build on SLE-12.
%patch200 -p1
%endif
# bsc#1099277 # bsc#1099277
%patch300 -p1 %patch300 -p1
%build %build
%sysusers_generate_pre %{SOURCE106} %{name} %{name}.conf %sysusers_generate_pre %{SOURCE106} %{name} %{name}.conf
echo "$PWD -- $PWD -- $PWD"
BUILDTAGS="exclude_graphdriver_aufs apparmor selinux seccomp pkcs11" BUILDTAGS="exclude_graphdriver_aufs apparmor selinux seccomp pkcs11"
%if 0%{?sle_version} == 120000 %if 0%{?sle_version} == 120000