Accepting request 1189775 from security

refactor spec, change to obs_scm (no longer hardcoding the commit hash) and update to 1.3.6 (forwarded request 1189772 from ojkastl_buildservice)

OBS-URL: https://build.opensuse.org/request/show/1189775
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/rekor?expand=0&rev=22
This commit is contained in:
Dominique Leuenberger 2024-07-26 14:16:23 +00:00 committed by Git OBS Bridge
commit 52e029fb34
8 changed files with 73 additions and 13 deletions

View File

@ -1,5 +1,23 @@
<services>
<service name="obs_scm" mode="manual">
<param name="url">https://github.com/sigstore/rekor</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
<param name="revision">v1.3.6</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="versionrewrite-pattern">v(.*)</param>
</service>
<service name="set_version" mode="manual">
</service>
<service name="go_modules" mode="manual">
<param name="compression">zst</param>
</service>
<!-- services below are running at buildtime -->
<service name="tar" mode="buildtime">
</service>
<service name="recompress" mode="buildtime">
<param name="file">*.tar</param>
<param name="compression">gz</param>
</service>
</services>

4
_servicedata Normal file
View File

@ -0,0 +1,4 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/sigstore/rekor</param>
<param name="changesrevision">a6788566cd62facb0fb0450e9d2c2867f551e37c</param></service></servicedata>

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:bc82064bc32a83bd4d4d7f4fccb8579d3ebb9f64073ff000da99b01af508b40f
size 830762

3
rekor-1.3.6.obscpio Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:5dea844ae511e8957e0d433438b9b128126bc8cea9efd35c601a4b696980758f
size 3277324

View File

@ -1,3 +1,24 @@
-------------------------------------------------------------------
Fri Jul 26 12:01:47 UTC 2024 - opensuse_buildservice@ojkastl.de
- Update to version 1.3.6:
* New Features
- Add support for IEEE P1363 encoded ECDSA signatures
- Add index performance script (#2042)
- Add support for ed25519ph user keys in hashedrekord (#1945)
- Add metrics for index insertion (#2015)
- Add TLS support for Redis Client implementation (#1998)
* Bug Fixes
- fix typo in remoteIp and set full name for trace field
-------------------------------------------------------------------
Fri Jul 26 12:00:14 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- refactor spec file
- switch to using obs_scm to generate the source obscpio archive
* this way we do no longer need to hardcode the commit hash
* and the tarball was never verified anyway
-------------------------------------------------------------------
Mon Feb 5 14:38:58 UTC 2024 - Marcus Meissner <meissner@suse.com>

4
rekor.obsinfo Normal file
View File

@ -0,0 +1,4 @@
name: rekor
version: 1.3.6
mtime: 1712031396
commit: a6788566cd62facb0fb0450e9d2c2867f551e37c

View File

@ -19,13 +19,12 @@
%define apps cli server
Name: rekor
Version: 1.3.5
Version: 1.3.6
Release: 0
%define revision 488eb9782d8d95c83ac70bfb2f5049928504127e
Summary: Supply Chain Transparency Log
License: Apache-2.0
URL: https://github.com/sigstore/rekor
Source: https://github.com/sigstore/rekor/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
Source: %{name}-%{version}.tar.gz
Source1: vendor.tar.zst
Source2: rekor-zypper-verify.sh
BuildRequires: golang-packaging
@ -43,13 +42,27 @@ Rekor fulfils the signature transparency role of sigstore's software signing inf
%autosetup -p1 -a1
%build
COMMIT_HASH="$(sed -n 's/commit: \(.*\)/\1/p' %_sourcedir/%{name}.obsinfo)"
DATE_FMT="+%%Y-%%m-%%dT%%H:%%M:%%SZ"
BUILD_DATE=$(date -u -d "@${SOURCE_DATE_EPOCH}" "${DATE_FMT}" 2>/dev/null || date -u -r "${SOURCE_DATE_EPOCH}" "${DATE_FMT}" 2>/dev/null || date -u "${DATE_FMT}")
for app in %{apps} ; do
CLI_PKG=sigs.k8s.io/release-utils/version
CLI_LDFLAGS="-X ${CLI_PKG}.gitVersion=%{version} -X ${CLI_PKG}.gitCommit=%{revision} -X ${CLI_PKG}.gitTreeState=release -X ${CLI_PKG}.buildDate=${BUILD_DATE}"
go build -mod=vendor -trimpath -buildmode=pie -ldflags "${CLI_LDFLAGS}" ./cmd/rekor-${app}
./rekor-${app} version
for app in %{apps}
do
CLI_PKG=sigs.k8s.io/release-utils/version
CLI_LDFLAGS="-X ${CLI_PKG}.gitVersion=%{version} -X ${CLI_PKG}.gitCommit=%{COMMIT_HASH} -X ${CLI_PKG}.gitTreeState=release -X ${CLI_PKG}.buildDate=${BUILD_DATE}"
go build \
-mod=vendor \
-trimpath \
-buildmode=pie \
-ldflags "${CLI_LDFLAGS}" ./cmd/rekor-${app}
done
%check
for app in %{apps}
do
./rekor-${app} version | grep %{version}
done
%install

View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ec9261ffeea3e9813b6d6b64fe6f17084a01465b2b4508143ba56786112f6af5
size 8391086
oid sha256:c8f1ff950db90505d4d61e6b0a60be3beef1b517a7c156e694dba9f81d05cff6
size 5958336