Accepting request 1088253 from home:cyphar:docker
- Update to Docker 23.0.6-ce. See upstream changelog online at <https://docs.docker.com/engine/release-notes/23.0/#2306>. bsc#1211578 - Rebase patches: * cli-0001-docs-include-required-tools-in-source-tree.patch - Re-unify packaging for SLE-12 and SLE-15. - Add patch to fix build on SLE-12 by switching back to libbtrfs-devel headers (the uapi headers in SLE-12 are too old). + 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch - Re-numbered patches: - 0003-bsc1073877-apparmor-clobber-docker-default-profile-o.patch + 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch` OBS-URL: https://build.opensuse.org/request/show/1088253 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/docker?expand=0&rev=386
This commit is contained in:
Aleksa Sarai
Git OBS Bridge
parent
8bf4339d22
commit
3a683e6a82
@ -1,7 +1,7 @@
|
|||||||
From 5c6812a104e161599fc8569d0b4af04224ef3b5a Mon Sep 17 00:00:00 2001
|
From e4410ba60f96f1d57d088208eaedd12c0fca6b80 Mon Sep 17 00:00:00 2001
|
||||||
From: Aleksa Sarai <asarai@suse.de>
|
From: Aleksa Sarai <asarai@suse.de>
|
||||||
Date: Wed, 8 Mar 2017 12:41:54 +1100
|
Date: Wed, 8 Mar 2017 12:41:54 +1100
|
||||||
Subject: [PATCH 1/3] SECRETS: daemon: allow directory creation in /run/secrets
|
Subject: [PATCH 1/4] SECRETS: daemon: allow directory creation in /run/secrets
|
||||||
|
|
||||||
Since FileMode can have the directory bit set, allow a SecretStore
|
Since FileMode can have the directory bit set, allow a SecretStore
|
||||||
implementation to return secrets that are actually directories. This is
|
implementation to return secrets that are actually directories. This is
|
||||||
@ -69,5 +69,5 @@ index 561077b66b60..0b70825dd2ff 100644
|
|||||||
return errors.Wrap(err, "error setting ownership for secret")
|
return errors.Wrap(err, "error setting ownership for secret")
|
||||||
}
|
}
|
||||||
--
|
--
|
||||||
2.40.0
|
2.40.1
|
||||||
|
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
From 4138c02a19fbd3d3ff50f0b364bf4b99adc47298 Mon Sep 17 00:00:00 2001
|
From 3b56cce3fab96f60ef8dcb40fe143159c519e97a Mon Sep 17 00:00:00 2001
|
||||||
From: Aleksa Sarai <asarai@suse.de>
|
From: Aleksa Sarai <asarai@suse.de>
|
||||||
Date: Wed, 8 Mar 2017 11:43:29 +1100
|
Date: Wed, 8 Mar 2017 11:43:29 +1100
|
||||||
Subject: [PATCH 2/3] SECRETS: SUSE: implement SUSE container secrets
|
Subject: [PATCH 2/4] SECRETS: SUSE: implement SUSE container secrets
|
||||||
|
|
||||||
This allows for us to pass in host credentials to a container, allowing
|
This allows for us to pass in host credentials to a container, allowing
|
||||||
for SUSEConnect to work with containers.
|
for SUSEConnect to work with containers.
|
||||||
@ -456,5 +456,5 @@ index 000000000000..32b0ece91b59
|
|||||||
+ return nil
|
+ return nil
|
||||||
+}
|
+}
|
||||||
--
|
--
|
||||||
2.40.0
|
2.40.1
|
||||||
|
|
||||||
|
|||||||
@ -0,0 +1,46 @@
|
|||||||
|
From a5bb4ed6a9dd6f3e859524bcc44a822fdeb779fc Mon Sep 17 00:00:00 2001
|
||||||
|
From: Aleksa Sarai <asarai@suse.de>
|
||||||
|
Date: Mon, 22 May 2023 15:44:54 +1000
|
||||||
|
Subject: [PATCH 3/4] BUILD: SLE12: revert "graphdriver/btrfs: use kernel UAPI
|
||||||
|
headers"
|
||||||
|
|
||||||
|
This reverts commit 3208dcabdc8997340b255f5b880fef4e3f54580d.
|
||||||
|
|
||||||
|
On SLE 12, our UAPI headers are too old, resulting in us being unable to
|
||||||
|
build the btrfs driver with the new headers. This patch is only needed
|
||||||
|
for SLE-12.
|
||||||
|
|
||||||
|
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
|
||||||
|
---
|
||||||
|
daemon/graphdriver/btrfs/btrfs.go | 13 ++++---------
|
||||||
|
1 file changed, 4 insertions(+), 9 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/daemon/graphdriver/btrfs/btrfs.go b/daemon/graphdriver/btrfs/btrfs.go
|
||||||
|
index 7f82594b4ebd..532c19a8a15c 100644
|
||||||
|
--- a/daemon/graphdriver/btrfs/btrfs.go
|
||||||
|
+++ b/daemon/graphdriver/btrfs/btrfs.go
|
||||||
|
@@ -5,17 +5,12 @@ package btrfs // import "github.com/docker/docker/daemon/graphdriver/btrfs"
|
||||||
|
|
||||||
|
/*
|
||||||
|
#include <stdlib.h>
|
||||||
|
-#include <stdio.h>
|
||||||
|
#include <dirent.h>
|
||||||
|
|
||||||
|
-#include <linux/version.h>
|
||||||
|
-#if LINUX_VERSION_CODE < KERNEL_VERSION(4,12,0)
|
||||||
|
- #error "Headers from kernel >= 4.12 are required to build with Btrfs support."
|
||||||
|
- #error "HINT: Set 'DOCKER_BUILDTAGS=exclude_graphdriver_btrfs' to build without Btrfs."
|
||||||
|
-#endif
|
||||||
|
-
|
||||||
|
-#include <linux/btrfs.h>
|
||||||
|
-#include <linux/btrfs_tree.h>
|
||||||
|
+// keep struct field name compatible with btrfs-progs < 6.1.
|
||||||
|
+#define max_referenced max_rfer
|
||||||
|
+#include <btrfs/ioctl.h>
|
||||||
|
+#include <btrfs/ctree.h>
|
||||||
|
|
||||||
|
static void set_name_btrfs_ioctl_vol_args_v2(struct btrfs_ioctl_vol_args_v2* btrfs_struct, const char* value) {
|
||||||
|
snprintf(btrfs_struct->name, BTRFS_SUBVOL_NAME_MAX, "%s", value);
|
||||||
|
--
|
||||||
|
2.40.1
|
||||||
|
|
||||||
@ -1,7 +1,7 @@
|
|||||||
From 3e37bbad6f0a0c2576ad0b9dfe7a4a9290aa2aa0 Mon Sep 17 00:00:00 2001
|
From 81648019f140e161dd723774ce206d40fb697ba3 Mon Sep 17 00:00:00 2001
|
||||||
From: Aleksa Sarai <asarai@suse.de>
|
From: Aleksa Sarai <asarai@suse.de>
|
||||||
Date: Fri, 29 Jun 2018 17:59:30 +1000
|
Date: Fri, 29 Jun 2018 17:59:30 +1000
|
||||||
Subject: [PATCH 3/3] bsc1073877: apparmor: clobber docker-default profile on
|
Subject: [PATCH 4/4] bsc1073877: apparmor: clobber docker-default profile on
|
||||||
start
|
start
|
||||||
|
|
||||||
In the process of making docker-default reloading far less expensive,
|
In the process of making docker-default reloading far less expensive,
|
||||||
@ -85,5 +85,5 @@ index 40abbe8cc19c..05c6db818c30 100644
|
|||||||
}
|
}
|
||||||
|
|
||||||
--
|
--
|
||||||
2.40.0
|
2.40.1
|
||||||
|
|
||||||
8
_service
8
_service
@ -3,16 +3,16 @@
|
|||||||
<param name="url">https://github.com/moby/moby.git</param>
|
<param name="url">https://github.com/moby/moby.git</param>
|
||||||
<param name="scm">git</param>
|
<param name="scm">git</param>
|
||||||
<param name="exclude">.git</param>
|
<param name="exclude">.git</param>
|
||||||
<param name="versionformat">23.0.5_ce_%h</param>
|
<param name="versionformat">23.0.6_ce_%h</param>
|
||||||
<param name="revision">v23.0.5</param>
|
<param name="revision">v23.0.6</param>
|
||||||
<param name="filename">docker</param>
|
<param name="filename">docker</param>
|
||||||
</service>
|
</service>
|
||||||
<service name="tar_scm" mode="disabled">
|
<service name="tar_scm" mode="disabled">
|
||||||
<param name="url">https://github.com/docker/cli.git</param>
|
<param name="url">https://github.com/docker/cli.git</param>
|
||||||
<param name="scm">git</param>
|
<param name="scm">git</param>
|
||||||
<param name="exclude">.git</param>
|
<param name="exclude">.git</param>
|
||||||
<param name="versionformat">23.0.5_ce</param>
|
<param name="versionformat">23.0.6_ce</param>
|
||||||
<param name="revision">v23.0.5</param>
|
<param name="revision">v23.0.6</param>
|
||||||
<param name="filename">docker-cli</param>
|
<param name="filename">docker-cli</param>
|
||||||
</service>
|
</service>
|
||||||
<service name="recompress" mode="disabled">
|
<service name="recompress" mode="disabled">
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
From 0c35d956eb289bd6186e2865a779d2615c471b94 Mon Sep 17 00:00:00 2001
|
From f571ed4f350621b20280e74bf663535533246511 Mon Sep 17 00:00:00 2001
|
||||||
From: Aleksa Sarai <asarai@suse.de>
|
From: Aleksa Sarai <asarai@suse.de>
|
||||||
Date: Wed, 26 Apr 2023 10:13:48 +1000
|
Date: Wed, 26 Apr 2023 10:13:48 +1000
|
||||||
Subject: [PATCH] docs: include required tools in source tree
|
Subject: [PATCH] docs: include required tools in source tree
|
||||||
@ -23,9 +23,9 @@ Signed-off-by: Aleksa Sarai <asarai@suse.de>
|
|||||||
import.go | 17 +
|
import.go | 17 +
|
||||||
man/go.mod | 15 -
|
man/go.mod | 15 -
|
||||||
man/tools.go | 11 -
|
man/tools.go | 11 -
|
||||||
scripts/docs/generate-man.sh | 32 +-
|
scripts/docs/generate-man.sh | 35 +-
|
||||||
scripts/docs/generate-md.sh | 23 +-
|
scripts/docs/generate-md.sh | 28 +-
|
||||||
scripts/docs/generate-yaml.sh | 28 +-
|
scripts/docs/generate-yaml.sh | 31 +-
|
||||||
vendor.mod | 4 +
|
vendor.mod | 4 +
|
||||||
vendor.sum | 4 +
|
vendor.sum | 4 +
|
||||||
.../cpuguy83/go-md2man/v2/.gitignore | 2 +
|
.../cpuguy83/go-md2man/v2/.gitignore | 2 +
|
||||||
@ -89,7 +89,7 @@ Signed-off-by: Aleksa Sarai <asarai@suse.de>
|
|||||||
vendor/gopkg.in/yaml.v3/yamlh.go | 807 +++++
|
vendor/gopkg.in/yaml.v3/yamlh.go | 807 +++++
|
||||||
vendor/gopkg.in/yaml.v3/yamlprivateh.go | 198 ++
|
vendor/gopkg.in/yaml.v3/yamlprivateh.go | 198 ++
|
||||||
vendor/modules.txt | 15 +
|
vendor/modules.txt | 15 +
|
||||||
71 files changed, 22956 insertions(+), 119 deletions(-)
|
71 files changed, 22969 insertions(+), 117 deletions(-)
|
||||||
delete mode 100644 docs/generate/go.mod
|
delete mode 100644 docs/generate/go.mod
|
||||||
delete mode 100644 docs/generate/tools.go
|
delete mode 100644 docs/generate/tools.go
|
||||||
create mode 100644 import.go
|
create mode 100644 import.go
|
||||||
@ -251,10 +251,10 @@ index 3cafe6533aff..000000000000
|
|||||||
- _ "github.com/spf13/pflag"
|
- _ "github.com/spf13/pflag"
|
||||||
-)
|
-)
|
||||||
diff --git a/scripts/docs/generate-man.sh b/scripts/docs/generate-man.sh
|
diff --git a/scripts/docs/generate-man.sh b/scripts/docs/generate-man.sh
|
||||||
index 6afed3fa8708..128828f50342 100755
|
index 6afed3fa8708..6abac3b1d28e 100755
|
||||||
--- a/scripts/docs/generate-man.sh
|
--- a/scripts/docs/generate-man.sh
|
||||||
+++ b/scripts/docs/generate-man.sh
|
+++ b/scripts/docs/generate-man.sh
|
||||||
@@ -1,35 +1,13 @@
|
@@ -1,35 +1,18 @@
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
-set -eu
|
-set -eu
|
||||||
@ -270,7 +270,11 @@ index 6afed3fa8708..128828f50342 100755
|
|||||||
-
|
-
|
||||||
-buildir=$(mktemp -d -t docker-cli-docsgen.XXXXXXXXXX)
|
-buildir=$(mktemp -d -t docker-cli-docsgen.XXXXXXXXXX)
|
||||||
-trap clean EXIT
|
-trap clean EXIT
|
||||||
-
|
+# temporary "go.mod" to make -modfile= work
|
||||||
|
+touch go.mod
|
||||||
|
+# shellcheck disable=SC2064
|
||||||
|
+trap "rm -f $(pwd)/go.mod" EXIT
|
||||||
|
|
||||||
-(
|
-(
|
||||||
- set -x
|
- set -x
|
||||||
- cp -r . "$buildir/"
|
- cp -r . "$buildir/"
|
||||||
@ -296,10 +300,10 @@ index 6afed3fa8708..128828f50342 100755
|
|||||||
mkdir -p man/man1
|
mkdir -p man/man1
|
||||||
(set -x ; /tmp/gen-manpages --root "." --target "$(pwd)/man/man1")
|
(set -x ; /tmp/gen-manpages --root "." --target "$(pwd)/man/man1")
|
||||||
diff --git a/scripts/docs/generate-md.sh b/scripts/docs/generate-md.sh
|
diff --git a/scripts/docs/generate-md.sh b/scripts/docs/generate-md.sh
|
||||||
index a947bb969673..327a06aa4c24 100755
|
index a947bb969673..0e4e231e5c8e 100755
|
||||||
--- a/scripts/docs/generate-md.sh
|
--- a/scripts/docs/generate-md.sh
|
||||||
+++ b/scripts/docs/generate-md.sh
|
+++ b/scripts/docs/generate-md.sh
|
||||||
@@ -1,36 +1,19 @@
|
@@ -1,36 +1,24 @@
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
-set -eu
|
-set -eu
|
||||||
@ -334,16 +338,21 @@ index a947bb969673..327a06aa4c24 100755
|
|||||||
- # build docsgen
|
- # build docsgen
|
||||||
- go build -mod=vendor -modfile=vendor.mod -tags docsgen -o /tmp/docsgen ./docs/generate/generate.go
|
- go build -mod=vendor -modfile=vendor.mod -tags docsgen -o /tmp/docsgen ./docs/generate/generate.go
|
||||||
-)
|
-)
|
||||||
|
+# temporary "go.mod" to make -modfile= work
|
||||||
|
+touch go.mod
|
||||||
|
+# shellcheck disable=SC2064
|
||||||
|
+trap "rm -f $(pwd)/go.mod" EXIT
|
||||||
|
+
|
||||||
+# build docsgen
|
+# build docsgen
|
||||||
+go build -mod=vendor -modfile=vendor.mod -tags docsgen -o /tmp/docsgen ./docs/generate/generate.go
|
+go build -mod=vendor -modfile=vendor.mod -tags docsgen -o /tmp/docsgen ./docs/generate/generate.go
|
||||||
|
|
||||||
# yaml generation on docs repo needs the cli.md file: https://github.com/docker/cli/pull/3924#discussion_r1059986605
|
# yaml generation on docs repo needs the cli.md file: https://github.com/docker/cli/pull/3924#discussion_r1059986605
|
||||||
# but markdown generation docker.md atm. While waiting for a fix in cli-docs-tool
|
# but markdown generation docker.md atm. While waiting for a fix in cli-docs-tool
|
||||||
diff --git a/scripts/docs/generate-yaml.sh b/scripts/docs/generate-yaml.sh
|
diff --git a/scripts/docs/generate-yaml.sh b/scripts/docs/generate-yaml.sh
|
||||||
index 4d0006e43e79..3f3f7df8b140 100755
|
index 4d0006e43e79..abebc183d49c 100755
|
||||||
--- a/scripts/docs/generate-yaml.sh
|
--- a/scripts/docs/generate-yaml.sh
|
||||||
+++ b/scripts/docs/generate-yaml.sh
|
+++ b/scripts/docs/generate-yaml.sh
|
||||||
@@ -1,33 +1,11 @@
|
@@ -1,33 +1,16 @@
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
-set -eu
|
-set -eu
|
||||||
@ -359,7 +368,11 @@ index 4d0006e43e79..3f3f7df8b140 100755
|
|||||||
-
|
-
|
||||||
-buildir=$(mktemp -d -t docker-cli-docsgen.XXXXXXXXXX)
|
-buildir=$(mktemp -d -t docker-cli-docsgen.XXXXXXXXXX)
|
||||||
-trap clean EXIT
|
-trap clean EXIT
|
||||||
-
|
+# temporary "go.mod" to make -modfile= work
|
||||||
|
+touch go.mod
|
||||||
|
+# shellcheck disable=SC2064
|
||||||
|
+trap "rm -f $(pwd)/go.mod" EXIT
|
||||||
|
|
||||||
-(
|
-(
|
||||||
- set -x
|
- set -x
|
||||||
- cp -r . "$buildir/"
|
- cp -r . "$buildir/"
|
||||||
@ -381,7 +394,7 @@ index 4d0006e43e79..3f3f7df8b140 100755
|
|||||||
mkdir -p docs/yaml
|
mkdir -p docs/yaml
|
||||||
set -x
|
set -x
|
||||||
diff --git a/vendor.mod b/vendor.mod
|
diff --git a/vendor.mod b/vendor.mod
|
||||||
index da1d033bff0b..61034043c05e 100644
|
index eed166a6de6b..993aca7af845 100644
|
||||||
--- a/vendor.mod
|
--- a/vendor.mod
|
||||||
+++ b/vendor.mod
|
+++ b/vendor.mod
|
||||||
@@ -8,7 +8,9 @@ go 1.18
|
@@ -8,7 +8,9 @@ go 1.18
|
||||||
@ -392,7 +405,7 @@ index da1d033bff0b..61034043c05e 100644
|
|||||||
github.com/creack/pty v1.1.11
|
github.com/creack/pty v1.1.11
|
||||||
+ github.com/docker/cli-docs-tool v0.5.1
|
+ github.com/docker/cli-docs-tool v0.5.1
|
||||||
github.com/docker/distribution v2.8.1+incompatible
|
github.com/docker/distribution v2.8.1+incompatible
|
||||||
github.com/docker/docker v23.0.4+incompatible
|
github.com/docker/docker v23.0.5+incompatible
|
||||||
github.com/docker/docker-credential-helpers v0.7.0
|
github.com/docker/docker-credential-helpers v0.7.0
|
||||||
@@ -67,6 +69,7 @@ require (
|
@@ -67,6 +69,7 @@ require (
|
||||||
github.com/prometheus/common v0.37.0 // indirect
|
github.com/prometheus/common v0.37.0 // indirect
|
||||||
@ -409,7 +422,7 @@ index da1d033bff0b..61034043c05e 100644
|
|||||||
+ gopkg.in/yaml.v3 v3.0.1 // indirect
|
+ gopkg.in/yaml.v3 v3.0.1 // indirect
|
||||||
)
|
)
|
||||||
diff --git a/vendor.sum b/vendor.sum
|
diff --git a/vendor.sum b/vendor.sum
|
||||||
index 91aae7c1487c..ad0005735231 100644
|
index 6edc40179f41..c5e8b1e9ea76 100644
|
||||||
--- a/vendor.sum
|
--- a/vendor.sum
|
||||||
+++ b/vendor.sum
|
+++ b/vendor.sum
|
||||||
@@ -89,6 +89,7 @@ github.com/containerd/containerd v1.6.19/go.mod h1:HZCDMn4v/Xl2579/MvtOC2M206i+J
|
@@ -89,6 +89,7 @@ github.com/containerd/containerd v1.6.19/go.mod h1:HZCDMn4v/Xl2579/MvtOC2M206i+J
|
||||||
@ -23703,7 +23716,7 @@ index 000000000000..e88f9c54aecb
|
|||||||
+
|
+
|
||||||
+}
|
+}
|
||||||
diff --git a/vendor/modules.txt b/vendor/modules.txt
|
diff --git a/vendor/modules.txt b/vendor/modules.txt
|
||||||
index 520bc4ca95e0..e744937180df 100644
|
index 807b468777dc..0d69cb4dbed5 100644
|
||||||
--- a/vendor/modules.txt
|
--- a/vendor/modules.txt
|
||||||
+++ b/vendor/modules.txt
|
+++ b/vendor/modules.txt
|
||||||
@@ -18,9 +18,17 @@ github.com/containerd/containerd/errdefs
|
@@ -18,9 +18,17 @@ github.com/containerd/containerd/errdefs
|
||||||
@ -23752,5 +23765,5 @@ index 520bc4ca95e0..e744937180df 100644
|
|||||||
## explicit; go 1.13
|
## explicit; go 1.13
|
||||||
gotest.tools/v3/assert
|
gotest.tools/v3/assert
|
||||||
--
|
--
|
||||||
2.40.0
|
2.40.1
|
||||||
|
|
||||||
|
|||||||
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:84d3a48cfbeeece15ad367eb03834a97b0c57d195d889e5191c138cd6e06579a
|
|
||||||
size 8262024
|
|
||||||
3
docker-23.0.6_ce_9dbdbd4b6d76.tar.xz
Normal file
3
docker-23.0.6_ce_9dbdbd4b6d76.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:d8494e1f37d2ebed2a41b347351d04c7d62d85d3fc99bbe3a82ba801ede376bf
|
||||||
|
size 8263188
|
||||||
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:b93219b6b5c781031c1ed35fb3174c59e3572e3437218ca3646361259acb77e8
|
|
||||||
size 3498104
|
|
||||||
3
docker-cli-23.0.6_ce.tar.xz
Normal file
3
docker-cli-23.0.6_ce.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:3ec1ca7d82f44abfe53424d1afd9ab4d81289108041e160984c46ef7171dd18f
|
||||||
|
size 3498076
|
||||||
@ -1,3 +1,18 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Sun May 21 02:31:35 UTC 2023 - Aleksa Sarai <asarai@suse.com>
|
||||||
|
|
||||||
|
- Update to Docker 23.0.6-ce. See upstream changelog online at
|
||||||
|
<https://docs.docker.com/engine/release-notes/23.0/#2306>. bsc#1211578
|
||||||
|
- Rebase patches:
|
||||||
|
* cli-0001-docs-include-required-tools-in-source-tree.patch
|
||||||
|
- Re-unify packaging for SLE-12 and SLE-15.
|
||||||
|
- Add patch to fix build on SLE-12 by switching back to libbtrfs-devel headers
|
||||||
|
(the uapi headers in SLE-12 are too old).
|
||||||
|
+ 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
|
||||||
|
- Re-numbered patches:
|
||||||
|
- 0003-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
|
||||||
|
+ 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch`
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Apr 27 14:09:05 UTC 2023 - Aleksa Sarai <asarai@suse.com>
|
Thu Apr 27 14:09:05 UTC 2023 - Aleksa Sarai <asarai@suse.com>
|
||||||
|
|
||||||
|
|||||||
43
docker.spec
43
docker.spec
@ -31,9 +31,9 @@
|
|||||||
# helpfully injects into our build environment from the changelog). If you want
|
# helpfully injects into our build environment from the changelog). If you want
|
||||||
# to generate a new git_commit_epoch, use this:
|
# to generate a new git_commit_epoch, use this:
|
||||||
# $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP '(?<=^CommitDate: ).*')" '+%s'
|
# $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP '(?<=^CommitDate: ).*')" '+%s'
|
||||||
%define real_version 23.0.5
|
%define real_version 23.0.6
|
||||||
%define git_version 94d3ad69cc59
|
%define git_version 9dbdbd4b6d76
|
||||||
%define git_commit_epoch 1682522945
|
%define git_commit_epoch 1683319810
|
||||||
|
|
||||||
Name: docker
|
Name: docker
|
||||||
Version: %{real_version}_ce
|
Version: %{real_version}_ce
|
||||||
@ -57,15 +57,16 @@ Source104: docker-audit.rules
|
|||||||
Source105: docker-daemon.json
|
Source105: docker-daemon.json
|
||||||
Source106: docker.sysusers
|
Source106: docker.sysusers
|
||||||
# NOTE: All of these patches are maintained in <https://github.com/suse/docker>
|
# NOTE: All of these patches are maintained in <https://github.com/suse/docker>
|
||||||
# in the suse-<version> branch. Make sure you update the patches in that
|
# in the suse-v<version> branch. Make sure you update the patches in that
|
||||||
# branch and then git-format-patch the patch here.
|
# branch and then git-format-patch the patch here.
|
||||||
# SUSE-FEATURE: Adds the /run/secrets mountpoint inside all Docker containers
|
# SUSE-FEATURE: Adds the /run/secrets mountpoint inside all Docker containers
|
||||||
# which is not snapshotted when images are committed.
|
# which is not snapshotted when images are committed.
|
||||||
Patch100: 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
|
Patch100: 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
|
||||||
Patch101: 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
|
Patch101: 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
|
||||||
# SUSE-FEATURE: Add support to mirror unofficial/private registries
|
# UPSTREAM: Revert of upstream patch to keep SLE-12 build working.
|
||||||
# <https://github.com/docker/docker/pull/34319>.
|
Patch200: 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch
|
||||||
Patch300: 0003-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
|
# UPSTREAM: Backport of <https://github.com/moby/moby/pull/41954>.
|
||||||
|
Patch300: 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
|
||||||
# UPSTREAM: Backport of <https://github.com/docker/cli/pull/4228>.
|
# UPSTREAM: Backport of <https://github.com/docker/cli/pull/4228>.
|
||||||
Patch900: cli-0001-docs-include-required-tools-in-source-tree.patch
|
Patch900: cli-0001-docs-include-required-tools-in-source-tree.patch
|
||||||
BuildRequires: audit
|
BuildRequires: audit
|
||||||
@ -77,6 +78,7 @@ BuildRequires: libapparmor-devel
|
|||||||
BuildRequires: libbtrfs-devel >= 3.8
|
BuildRequires: libbtrfs-devel >= 3.8
|
||||||
BuildRequires: libseccomp-devel >= 2.2
|
BuildRequires: libseccomp-devel >= 2.2
|
||||||
BuildRequires: libtool
|
BuildRequires: libtool
|
||||||
|
BuildRequires: linux-glibc-devel
|
||||||
BuildRequires: procps
|
BuildRequires: procps
|
||||||
BuildRequires: sqlite3-devel
|
BuildRequires: sqlite3-devel
|
||||||
BuildRequires: zsh
|
BuildRequires: zsh
|
||||||
@ -85,7 +87,19 @@ BuildRequires: go-go-md2man
|
|||||||
BuildRequires: pkgconfig(libsystemd)
|
BuildRequires: pkgconfig(libsystemd)
|
||||||
BuildRequires: sysuser-tools
|
BuildRequires: sysuser-tools
|
||||||
BuildRequires: golang(API) = 1.19
|
BuildRequires: golang(API) = 1.19
|
||||||
|
%if 0%{?sle_version} >= 150000
|
||||||
|
# This conditional only works on rpm>=4.13, which SLE 12 doesn't have. But we
|
||||||
|
# don't need to support Docker+selinux for SLE 12 anyway.
|
||||||
Requires: (apparmor-parser or container-selinux)
|
Requires: (apparmor-parser or container-selinux)
|
||||||
|
# This recommends is added to make sure that even if you have container-selinux
|
||||||
|
# installed you will still be prompted to install apparmor-parser which Docker
|
||||||
|
# requires to apply AppArmor profiles (for SELinux systems this doesn't matter
|
||||||
|
# but if you switch back to AppArmor on reboot this would result in insecure
|
||||||
|
# containers).
|
||||||
|
Recommends: apparmor-parser
|
||||||
|
%else
|
||||||
|
Requires: apparmor-parser
|
||||||
|
%endif
|
||||||
Requires: ca-certificates-mozilla
|
Requires: ca-certificates-mozilla
|
||||||
# The docker-proxy binary used to be in a separate package. We obsolete it,
|
# The docker-proxy binary used to be in a separate package. We obsolete it,
|
||||||
# since now docker-proxy is maintained as part of this package.
|
# since now docker-proxy is maintained as part of this package.
|
||||||
@ -93,8 +107,8 @@ Obsoletes: docker-libnetwork < 0.7.0.2
|
|||||||
Provides: docker-libnetwork = 0.7.0.2.%{version}
|
Provides: docker-libnetwork = 0.7.0.2.%{version}
|
||||||
# Required to actually run containers. We require the minimum version that is
|
# Required to actually run containers. We require the minimum version that is
|
||||||
# pinned by Docker, but in order to avoid headaches we allow for updates.
|
# pinned by Docker, but in order to avoid headaches we allow for updates.
|
||||||
Requires: runc >= 1.1.5
|
Requires: runc >= 1.1.7
|
||||||
Requires: containerd >= 1.6.20
|
Requires: containerd >= 1.6.21
|
||||||
# Needed for --init support. We don't use "tini", we use our own implementation
|
# Needed for --init support. We don't use "tini", we use our own implementation
|
||||||
# which handles edge-cases better.
|
# which handles edge-cases better.
|
||||||
Requires: catatonit
|
Requires: catatonit
|
||||||
@ -109,12 +123,6 @@ Requires: xz >= 4.9
|
|||||||
Requires(post): %fillup_prereq
|
Requires(post): %fillup_prereq
|
||||||
Requires(post): udev
|
Requires(post): udev
|
||||||
Requires(post): shadow
|
Requires(post): shadow
|
||||||
# This recommends is added to make sure that even if you have container-selinux
|
|
||||||
# installed you will still be prompted to install apparmor-parser which Docker
|
|
||||||
# requires to apply AppArmor profiles (for SELinux systems this doesn't matter
|
|
||||||
# but if you switch back to AppArmor on reboot this would result in insecure
|
|
||||||
# containers).
|
|
||||||
Recommends: apparmor-parser
|
|
||||||
# Not necessary, but must be installed when the underlying system is
|
# Not necessary, but must be installed when the underlying system is
|
||||||
# configured to use lvm and the user doesn't explicitly provide a
|
# configured to use lvm and the user doesn't explicitly provide a
|
||||||
# different storage-driver than devicemapper
|
# different storage-driver than devicemapper
|
||||||
@ -184,12 +192,15 @@ cp %{SOURCE103} .
|
|||||||
%patch100 -p1
|
%patch100 -p1
|
||||||
%patch101 -p1
|
%patch101 -p1
|
||||||
%endif
|
%endif
|
||||||
|
%if 0%{?sle_version} == 120000
|
||||||
|
# Patches to build on SLE-12.
|
||||||
|
%patch200 -p1
|
||||||
|
%endif
|
||||||
# bsc#1099277
|
# bsc#1099277
|
||||||
%patch300 -p1
|
%patch300 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%sysusers_generate_pre %{SOURCE106} %{name} %{name}.conf
|
%sysusers_generate_pre %{SOURCE106} %{name} %{name}.conf
|
||||||
echo "$PWD -- $PWD -- $PWD"
|
|
||||||
|
|
||||||
BUILDTAGS="exclude_graphdriver_aufs apparmor selinux seccomp pkcs11"
|
BUILDTAGS="exclude_graphdriver_aufs apparmor selinux seccomp pkcs11"
|
||||||
%if 0%{?sle_version} == 120000
|
%if 0%{?sle_version} == 120000
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user