diff --git a/0002-Stripped-dockerinit-binary.patch b/0002-Stripped-dockerinit-binary.patch deleted file mode 100644 index 89e472c..0000000 --- a/0002-Stripped-dockerinit-binary.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 86a768c5a830220024a56495f18e88bfc21f3aac Mon Sep 17 00:00:00 2001 -From: Flavio Castelli -Date: Wed, 26 Mar 2014 17:50:19 +0100 -Subject: [PATCH 2/2] Stripped dockerinit binary - -The sha1sum of `dockerinit` is hardcoded into `docker` binary and is -checked at runtime. OBS strips the debugging symbols from all the -binaries (and hence also from `dockerinit`). That causes the sha1sum of -the installed file to be different from the value computed inside of the -buildroot. - -This commit strips the debugging symbols from `dockerinit` _before_ the -`docker` binary is built. Avoiding all the runtime errors. ---- - hack/make/dynbinary | 1 + - 1 file changed, 1 insertion(+) - -Index: docker/hack/make/.dockerinit -=================================================================== ---- docker.orig/hack/make/.dockerinit -+++ docker/hack/make/.dockerinit -@@ -25,5 +25,7 @@ else - exit 1 - fi - -+/usr/bin/strip -s $DEST/dockerinit-$VERSION -+ - # sha1 our new dockerinit to ensure separate docker and dockerinit always run in a perfect pair compiled for one another - export DOCKER_INITSHA1="$($sha1sum $DEST/dockerinit-$VERSION | cut -d' ' -f1)" diff --git a/docker-1.6.2.tar.bz2 b/docker-1.6.2.tar.bz2 deleted file mode 100644 index a0e97ff..0000000 --- a/docker-1.6.2.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d819c93af2c7dd7ad75d24df5ea525efe2abac8ff23c0a9667796dedd21c8f9f -size 5480404 diff --git a/docker-1.7.0.tar.bz2 b/docker-1.7.0.tar.bz2 new file mode 100644 index 0000000..35b0f11 --- /dev/null +++ b/docker-1.7.0.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:760807f5c0a28f5262006704d2c682733bf7cddc4bfb1464f7b7eb88c84cb9a6 +size 6524566 diff --git a/docker-netns-aarch64.patch b/docker-netns-aarch64.patch new file mode 100644 index 0000000..87473c9 --- /dev/null +++ b/docker-netns-aarch64.patch @@ -0,0 +1,10 @@ +--- /dev/null ++++ vendor/src/github.com/vishvananda/netns/netns_linux_arm64.go +@@ -0,0 +1,7 @@ ++// +build linux,arm64 ++ ++package netns ++ ++const ( ++ SYS_SETNS = 268 ++) diff --git a/docker-rpmlintrc b/docker-rpmlintrc index 00c5581..3d6adae 100644 --- a/docker-rpmlintrc +++ b/docker-rpmlintrc @@ -4,3 +4,11 @@ addFilter ("^docker.x86_64: W: statically-linked-binary /usr/lib/docker/dockerin addFilter ("^docker.x86_64: W: unstripped-binary-or-object /usr/lib/docker/dockerinit") addFilter ("^docker.x86_64: W: no-manual-page-for-binary docker") addFilter ("^docker.x86_64: W: no-manual-page-for-binary nsinit") +addFilter ("test.noarch.*: E: devel-file-in-non-devel-package") +addFilter ("test.noarch.*: W: pem-certificate") +addFilter ("test.noarch.*: W: non-executable-script") +addFilter ("test.noarch.*: W: hidden-file-or-dir") +addFilter ("test.noarch.*: W: files-duplicate") +addFilter ("test.noarch.*: W: script-without-shebang /usr/src/docker/docs/README.md") +addFilter ("test.noarch.*: W: sourced-script-with-shebang /etc/bash_completion.d/docker bash") +addFilter ("test.noarch.*: W: suse-filelist-forbidden-fhs23 /usr/src/docker") diff --git a/docker.changes b/docker.changes index fd80cef..8096917 100644 --- a/docker.changes +++ b/docker.changes @@ -1,3 +1,82 @@ +------------------------------------------------------------------- +Fri Jul 10 11:22:00 UTC 2015 - jmassaguerpla@suse.com + +- Exclude init scripts other than systemd from the test-package + +------------------------------------------------------------------- +Wed Jul 1 12:38:50 UTC 2015 - jmassaguerpla@suse.com + +- Exclude intel 32 bits arch. Docker does not built on that. Let's + make it explicit. + +------------------------------------------------------------------- +Thu Jun 25 16:49:59 UTC 2015 - dmueller@suse.com + +- rediff ignore-dockerinit-checksum.patch, gcc-go-build-static-libgo.patch + to make them apply again. +- introduce go_arches for architectures that use the go compiler + instead of gcc-go +- add docker-netns-aarch64.patch: Add support for AArch64 +- enable build for aarch64 + +------------------------------------------------------------------- +Wed Jun 24 09:02:03 UTC 2015 - fcastelli@suse.com + +- Build man pages only on platforms where gc compiler is available. + +------------------------------------------------------------------- +Mon Jun 22 08:48:11 UTC 2015 - fcastelli@suse.com + +- Updated to 1.7.0 (2015-06-16) - bnc#935570 + * Runtime + - Experimental feature: support for out-of-process volume plugins + - The userland proxy can be disabled in favor of hairpin NAT using the daemon’s `--userland-proxy=false` flag + - The `exec` command supports the `-u|--user` flag to specify the new process owner + - Default gateway for containers can be specified daemon-wide using the `--default-gateway` and `--default-gateway-v6` flags + - The CPU CFS (Completely Fair Scheduler) quota can be set in `docker run` using `--cpu-quota` + - Container block IO can be controlled in `docker run` using`--blkio-weight` + - ZFS support + - The `docker logs` command supports a `--since` argument + - UTS namespace can be shared with the host with `docker run --uts=host` + * Quality + - Networking stack was entirely rewritten as part of the libnetwork effort + - Engine internals refactoring + - Volumes code was entirely rewritten to support the plugins effort + - Sending SIGUSR1 to a daemon will dump all goroutines stacks without exiting + * Build + - Support ${variable:-value} and ${variable:+value} syntax for environment variables + - Support resource management flags `--cgroup-parent`, `--cpu-period`, `--cpu-quota`, `--cpuset-cpus`, `--cpuset-mems` + - git context changes with branches and directories + - The .dockerignore file support exclusion rules + * Distribution + - Client support for v2 mirroring support for the official registry + * Bugfixes + - Firewalld is now supported and will automatically be used when available + - mounting --device recursively +- Patch 0002-Stripped-dockerinit-binary.patch renamed to fix-docker-init.patch + and fixed to build with latest version of docker + +------------------------------------------------------------------- +Tue Jun 9 16:35:46 UTC 2015 - jmassaguerpla@suse.com + +- Add test subpackage and fix line numbers in patches + +------------------------------------------------------------------- +Fri Jun 5 15:29:45 UTC 2015 - fcastelli@suse.com + +- Fixed ppc64le name inside of spec file + +------------------------------------------------------------------- +Fri Jun 5 15:23:47 UTC 2015 - fcastelli@suse.com + +- Build docker on PPC and S390x using gcc-go provided by gcc5 + * added sysconfig.docker.ppc64le: make docker daemon start on ppc64le + despite some iptables issues. To be removed soon + * ignore-dockerinit-checksum.patch: applied only when building with + gcc-go. Required to workaround a limitation of gcc-go + * gcc-go-build-static-libgo.patch: used only when building with gcc-go, + link libgo statically into docker itself. + ------------------------------------------------------------------- Wed May 27 10:02:51 UTC 2015 - dmacvicar@suse.de diff --git a/docker.spec b/docker.spec index 75fb827..8f5f23e 100644 --- a/docker.spec +++ b/docker.spec @@ -16,9 +16,10 @@ # -%define git_version 7c8fca2 +%define git_version 0baf609 +%define go_arches %ix86 x86_64 Name: docker -Version: 1.6.2 +Version: 1.7.0 Release: 0 Summary: The Linux container runtime License: Apache-2.0 @@ -37,14 +38,27 @@ Source5: docker_systemd_lt_214.socket Source6: docker-rpmlintrc Source7: README_SUSE.md -Patch0: 0002-Stripped-dockerinit-binary.patch +# TODO: remove once we figure out what is wrong with iptables on ppc64le +Source100: sysconfig.docker.ppc64le +Patch0: fix-docker-init.patch # PATCH-FIX-OPENSUSE libcontainer-apparmor-fixes.patch -- mount rules aren't supported in our apparmor Patch1: libcontainer-apparmor-fixes.patch +# Required to overcome some limitations of gcc-go: https://groups.google.com/forum/#!msg/golang-nuts/SlGCPYkjxo4/4DjcjXRCqAkJ +# Right now docker passes the sha1sum of the dockerinit binary to the docker binary at build time +# We cannot do that, right now a quick and really dirty way to get it running is +# to simply disable this check +Patch100: ignore-dockerinit-checksum.patch +Patch101: gcc-go-build-static-libgo.patch +Patch102: docker-netns-aarch64.patch BuildRequires: bash-completion BuildRequires: device-mapper-devel >= 1.2.68 BuildRequires: glibc-devel-static -BuildRequires: go >= 1.3 +%ifarch %go_arches +BuildRequires: go >= 1.4 BuildRequires: go-go-md2man +%else +BuildRequires: gcc5-go >= 5.0 +%endif BuildRequires: libapparmor-devel BuildRequires: libbtrfs-devel >= 3.8 BuildRequires: procps @@ -67,7 +81,7 @@ Requires: xz >= 4.9 Conflicts: lxc < 1.0 PreReq: %fillup_prereq BuildRoot: %{_tmppath}/%{name}-%{version}-build -ExclusiveArch: armv7hl x86_64 +ExcludeArch: %ix86 %description Docker complements LXC with a high-level API which operates at the process @@ -98,18 +112,60 @@ BuildArch: noarch %description zsh-completion Zsh command line completion support for %{name}. +%package test +Summary: Test package for docker +Group: System/Management +Requires: device-mapper-devel >= 1.2.68 +Requires: glibc-devel-static +%ifarch %go_arches +Requires: go >= 1.4 +%else +Requires: gcc5-go >= 5.0 +%endif +Requires: apparmor-parser +Requires: bash-completion +Requires: libapparmor-devel +Requires: libbtrfs-devel >= 3.8 +Requires: procps +Requires: sqlite3-devel +BuildArch: noarch + +%description test +Test package for docker. It contains the source code and the tests. + %prep %setup -q -n docker %patch0 -p1 %patch1 -p1 +%ifnarch %go_arches +%patch100 +%patch101 +%endif +%patch102 cp %{SOURCE7} . +find . -name ".gitignore" | xargs rm %build +%ifnarch %go_arches +mkdir /tmp/dirty-hack +ln -s /usr/bin/go-5 /tmp/dirty-hack/go +export PATH=/tmp/dirty-hack:$PATH +%endif + +(cat < docker_build_env +. ./docker_build_env ./hack/make.sh dynbinary -docs/man/md2man-all.sh +%ifarch %go_arches +man/md2man-all.sh +%endif +# remove other than systemd +# otherwise the resulting package will have extra requires +rm -rf hack/make/.build-deb %install install -d %{buildroot}%{go_contribdir} @@ -123,6 +179,9 @@ install -Dd -m 0755 \ install -D -m0644 contrib/completion/bash/docker "%{buildroot}/etc/bash_completion.d/%{name}" install -D -m0644 contrib/completion/zsh/_docker "%{buildroot}/etc/zsh_completion.d/%{name}" +# copy all for the test package +install -d %{buildroot}/usr/src/docker/ +cp -av . %{buildroot}/usr/src/docker/ # # systemd service @@ -139,13 +198,19 @@ ln -sf /sbin/service $RPM_BUILD_ROOT/usr/sbin/rcdocker install -D -m 0644 %SOURCE3 %{buildroot}%{_prefix}/lib/udev/rules.d/80-%{name}.rules # sysconfig file +%ifarch ppc64le +install -D -m 644 %SOURCE100 %{buildroot}/var/adm/fillup-templates/sysconfig.docker +%else install -D -m 644 %SOURCE4 %{buildroot}/var/adm/fillup-templates/sysconfig.docker +%endif +%ifarch %go_arches # install manpages install -d %{buildroot}%{_mandir}/man1 -install -p -m 644 docs/man/man1/*.1 %{buildroot}%{_mandir}/man1 +install -p -m 644 man/man1/*.1 %{buildroot}%{_mandir}/man1 install -d %{buildroot}%{_mandir}/man5 -install -p -m 644 docs/man/man5/Dockerfile.5 %{buildroot}%{_mandir}/man5 +install -p -m 644 man/man5/Dockerfile.5 %{buildroot}%{_mandir}/man5 +%endif %pre echo "creating group docker..." @@ -173,9 +238,11 @@ groupadd -r docker 2>/dev/null || : %{_unitdir}/%{name}.socket %{_prefix}/lib/udev/rules.d/80-%{name}.rules /var/adm/fillup-templates/sysconfig.docker +%ifarch %go_arches %{_mandir}/man1/docker-*.1.gz %{_mandir}/man1/docker.1.gz %{_mandir}/man5/Dockerfile.5.gz +%endif %files bash-completion %defattr(-,root,root) @@ -185,4 +252,15 @@ groupadd -r docker 2>/dev/null || : %defattr(-,root,root) %config %{_sysconfdir}/zsh_completion.d/%{name} +%files test +%defattr(-,root,root) +/usr/src/docker/ +# exclude binaries +%exclude /usr/src/docker/bundles/ +# exclude init configurations other than systemd +%exclude /usr/src/docker/contrib/init/openrc +%exclude /usr/src/docker/contrib/init/sysvinit-debian +%exclude /usr/src/docker/contrib/init/sysvinit-redhat +%exclude /usr/src/docker/contrib/init/upstart + %changelog diff --git a/fix-docker-init.patch b/fix-docker-init.patch new file mode 100644 index 0000000..fe5d25a --- /dev/null +++ b/fix-docker-init.patch @@ -0,0 +1,12 @@ +Index: docker/hack/make/.dockerinit +=================================================================== +--- docker.orig/hack/make/.dockerinit ++++ docker/hack/make/.dockerinit +@@ -29,5 +29,7 @@ else + exit 1 + fi + ++/usr/bin/strip -s $DEST/dockerinit-$VERSION ++ + # sha1 our new dockerinit to ensure separate docker and dockerinit always run in a perfect pair compiled for one another + export DOCKER_INITSHA1=$($sha1sum "$DEST/dockerinit-$VERSION" | cut -d' ' -f1) diff --git a/gcc-go-build-static-libgo.patch b/gcc-go-build-static-libgo.patch new file mode 100644 index 0000000..e4096fd --- /dev/null +++ b/gcc-go-build-static-libgo.patch @@ -0,0 +1,10 @@ +--- hack/make/binary ++++ hack/make/binary +@@ -9,6 +9,7 @@ + + echo "Building: $DEST/$BINARY_FULLNAME" + go build \ ++ -gccgoflags="-static-libgo" \ + -o "$DEST/$BINARY_FULLNAME" \ + "${BUILDFLAGS[@]}" \ + -ldflags " diff --git a/ignore-dockerinit-checksum.patch b/ignore-dockerinit-checksum.patch new file mode 100644 index 0000000..e25eff8 --- /dev/null +++ b/ignore-dockerinit-checksum.patch @@ -0,0 +1,11 @@ +--- utils/utils.go ++++ utils/utils.go +@@ -76,7 +76,7 @@ + } + return os.SameFile(targetFileInfo, selfPathFileInfo) + } +- return dockerversion.INITSHA1 != "" && dockerInitSha1(target) == dockerversion.INITSHA1 ++ return true + } + + // Figure out the path of our dockerinit (which may be SelfPath()) diff --git a/sysconfig.docker.ppc64le b/sysconfig.docker.ppc64le new file mode 100644 index 0000000..d963e0c --- /dev/null +++ b/sysconfig.docker.ppc64le @@ -0,0 +1,10 @@ + +## Path : System/Management +## Description : Extra cli switches for docker daemon +## Type : string +## Default : "" +## ServiceRestart : docker +# + +# TODO: remove it once we fix the real issue +DOCKER_OPTS=" -iptables=false "