- Use -buildmode=pie for tests and binary build. bsc#1048046 bsc#1051429
This also includes some various improvements to the packaging of runc, containerd and docker-runc. OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=53
This commit is contained in:
parent
c311eecf47
commit
ce95522847
19
runc.changes
19
runc.changes
@ -1,19 +1,26 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Aug 2 13:51:43 UTC 2017 - asarai@suse.com
|
||||||
|
|
||||||
|
- Use -buildmode=pie for tests and binary build. bsc#1048046 bsc#1051429
|
||||||
|
- Cleanup seccomp builds similar to bsc#1028638
|
||||||
|
- Remove the usage of 'cp -r' to reduce noise in the build logs.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Jul 6 17:14:17 UTC 2017 - thipp@suse.de
|
Thu Jul 6 17:14:17 UTC 2017 - thipp@suse.de
|
||||||
|
|
||||||
- switch to opencontainers/runc master branch
|
- switch to opencontainers/runc master branch
|
||||||
- remove CVE-2016-9962.patch
|
- remove CVE-2016-9962.patch
|
||||||
- stop providing docker-runc
|
- stop providing docker-runc
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu May 4 19:04:49 UTC 2017 - jmassaguerpla@suse.com
|
Thu May 4 19:04:49 UTC 2017 - jmassaguerpla@suse.com
|
||||||
|
|
||||||
- fix the golang requirement to 1.7 to the subpackages
|
- fix the golang requirement to 1.7 to the subpackages
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue May 2 15:49:41 UTC 2017 - jmassaguerpla@suse.com
|
Tue May 2 15:49:41 UTC 2017 - jmassaguerpla@suse.com
|
||||||
|
|
||||||
- fix golang requirement to 1.7
|
- fix golang requirement to 1.7
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Apr 28 16:16:00 UTC 2017 - jengelh@inai.de
|
Fri Apr 28 16:16:00 UTC 2017 - jengelh@inai.de
|
||||||
@ -23,20 +30,20 @@ Fri Apr 28 16:16:00 UTC 2017 - jengelh@inai.de
|
|||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Apr 13 16:34:03 UTC 2017 - jmassaguerpla@suse.com
|
Thu Apr 13 16:34:03 UTC 2017 - jmassaguerpla@suse.com
|
||||||
|
|
||||||
- update version to the one required by docker-17.04.0-ce (bsc#1034053)
|
- update version to the one required by docker-17.04.0-ce (bsc#1034053)
|
||||||
remove ignore_cgroup2_mountpoint.patch . This is already included in
|
remove ignore_cgroup2_mountpoint.patch . This is already included in
|
||||||
the upstream source code.
|
the upstream source code.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Apr 12 09:55:28 UTC 2017 - jmassaguerpla@suse.com
|
Wed Apr 12 09:55:28 UTC 2017 - jmassaguerpla@suse.com
|
||||||
|
|
||||||
- Make sure this is being built with go 1.7
|
- Make sure this is being built with go 1.7
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue Apr 11 15:37:36 UTC 2017 - jmassaguerpla@suse.com
|
Tue Apr 11 15:37:36 UTC 2017 - jmassaguerpla@suse.com
|
||||||
|
|
||||||
- remove the go_arches macro because we are using go1.7 which
|
- remove the go_arches macro because we are using go1.7 which
|
||||||
is available in all archs
|
is available in all archs
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Mar 29 15:47:52 UTC 2017 - jmassaguerpla@suse.com
|
Wed Mar 29 15:47:52 UTC 2017 - jmassaguerpla@suse.com
|
||||||
|
84
runc.spec
84
runc.spec
@ -18,6 +18,20 @@
|
|||||||
|
|
||||||
%define go_tool go
|
%define go_tool go
|
||||||
%define _version 1.0.0rc3+r133
|
%define _version 1.0.0rc3+r133
|
||||||
|
%define project github.com/opencontainers/runc
|
||||||
|
|
||||||
|
# enable libseccomp for sle >= sle12sp2
|
||||||
|
%if 0%{?sle_version} >= 120200
|
||||||
|
%define with_libseccomp 1
|
||||||
|
%endif
|
||||||
|
# enable libseccomp for leap >= 42.2
|
||||||
|
%if 0%{?leap_version} >= 420200
|
||||||
|
%define with_libseccomp 1
|
||||||
|
%endif
|
||||||
|
# enable libseccomp for Factory
|
||||||
|
%if 0%{?suse_version} > 1320
|
||||||
|
%define with_libseccomp 1
|
||||||
|
%endif
|
||||||
|
|
||||||
Name: runc
|
Name: runc
|
||||||
Version: 1.0.0~rc3+r133
|
Version: 1.0.0~rc3+r133
|
||||||
@ -32,8 +46,7 @@ BuildRequires: fdupes
|
|||||||
BuildRequires: go-go-md2man
|
BuildRequires: go-go-md2man
|
||||||
BuildRequires: libapparmor-devel
|
BuildRequires: libapparmor-devel
|
||||||
BuildRequires: golang(API) = 1.7
|
BuildRequires: golang(API) = 1.7
|
||||||
# Seccomp isn't supported on aarch64.
|
%if 0%{?with_libseccomp}
|
||||||
%ifnarch aarch64
|
|
||||||
BuildRequires: libseccomp-devel
|
BuildRequires: libseccomp-devel
|
||||||
%endif
|
%endif
|
||||||
BuildRequires: libselinux-devel
|
BuildRequires: libselinux-devel
|
||||||
@ -53,9 +66,8 @@ Group: System/Management
|
|||||||
BuildRequires: golang(API) = 1.7
|
BuildRequires: golang(API) = 1.7
|
||||||
Requires: go-go-md2man
|
Requires: go-go-md2man
|
||||||
Requires: libapparmor-devel
|
Requires: libapparmor-devel
|
||||||
# Seccomp isn't supported on aarch64.
|
%if 0%{?with_libseccomp}
|
||||||
%ifnarch aarch64
|
BuildRequires: libseccomp-devel
|
||||||
Requires: libseccomp-devel
|
|
||||||
%endif
|
%endif
|
||||||
Requires: libselinux-devel
|
Requires: libselinux-devel
|
||||||
Recommends: criu
|
Recommends: criu
|
||||||
@ -71,51 +83,66 @@ Test package for runc. It contains the source code and the tests.
|
|||||||
# Do not use symlinks. If you want to run the unit tests for this package at
|
# Do not use symlinks. If you want to run the unit tests for this package at
|
||||||
# some point during the build and you need to directly use go list directly it
|
# some point during the build and you need to directly use go list directly it
|
||||||
# will get confused by symlinks.
|
# will get confused by symlinks.
|
||||||
export GOPATH=${HOME}/go:${HOME}/go/src/github.com/opencontainers/runc/Godeps/_workspace
|
export GOPATH=${HOME}/go:${HOME}/go/src/%project/Godeps/_workspace
|
||||||
mkdir -pv $HOME/go/src/github.com/opencontainers/runc
|
mkdir -pv $HOME/go/src/%project
|
||||||
rm -rf $HOME/go/src/github.com/opencontainers/runc/*
|
rm -rf $HOME/go/src/%project/*
|
||||||
cp -avr * $HOME/go/src/github.com/opencontainers/runc
|
cp -av * $HOME/go/src/%project
|
||||||
|
|
||||||
export BUILDFLAGS="-gccgoflags=-Wl,--add-needed -Wl,--no-as-needed -static-libgo -ldl -lselinux -lapparmor"
|
|
||||||
# Build all features.
|
# Build all features.
|
||||||
export BUILDTAGS="apparmor selinux"
|
export BUILDTAGS="apparmor selinux"
|
||||||
|
export BUILDFLAGS="-gccgoflags=-Wl,--add-needed -Wl,--no-as-needed -static-libgo -ldl -lselinux -lapparmor"
|
||||||
|
|
||||||
# Seccomp isn't supported on aarch64.
|
# Additionally enable seccomp.
|
||||||
%ifnarch aarch64
|
%if 0%{?with_libseccomp}
|
||||||
export BUILDTAGS="$BUILDTAGS seccomp"
|
export BUILDTAGS="$BUILDTAGS seccomp"
|
||||||
export BUILDFLAGS="$BUILDFLAGS -lseccomp"
|
export BUILDFLAGS="$BUILDFLAGS -lseccomp"
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
(cat <<EOF
|
||||||
|
export GOPATH="$GOPATH"
|
||||||
|
export BUILDTAGS="$BUILDTAGS"
|
||||||
|
export BUILDFLAGS="$BUILDFLAGS"
|
||||||
|
EOF
|
||||||
|
) >./.runc_build_env
|
||||||
|
source ./.runc_build_env
|
||||||
|
|
||||||
# Build runc.
|
# Build runc.
|
||||||
%go_tool build "$BUILDFLAGS" -tags "$BUILDTAGS" -x -o %{name}-%{version} github.com/opencontainers/%{name}
|
%go_tool build -buildmode=pie "$BUILDFLAGS" -tags "$BUILDTAGS" -x -o %{name}-%{version} %{project}
|
||||||
|
|
||||||
# Build man pages, this can only be done on arches where we can build go-md2man.
|
# Build man pages, this can only be done on arches where we can build go-md2man.
|
||||||
man/md2man-all.sh
|
man/md2man-all.sh
|
||||||
|
|
||||||
%check
|
%check
|
||||||
export GOPATH=$HOME/go/src/github.com/opencontainers/runc/Godeps/_workspace:$GOPATH
|
source ./.runc_build_env
|
||||||
cd $HOME/go/src/github.com/opencontainers/runc
|
cd $HOME/go/src/%project
|
||||||
|
|
||||||
PKG_LIST=$(go list ./... \
|
PKG_LIST=$(go list ./... \
|
||||||
| grep -v 'github.com/opencontainers/runc/libcontainer/cgroups/fs$' \
|
| grep -v '%{project}/libcontainer/cgroups/fs$' \
|
||||||
| grep -v 'github.com/opencontainers/runc/libcontainer$' \
|
| grep -v '%{project}/libcontainer$' \
|
||||||
| grep -v 'github.com/opencontainers/runc/libcontainer/integration$' \
|
| grep -v '%{project}/libcontainer/integration$' \
|
||||||
| grep -v 'github.com/opencontainers/runc/libcontainer/nsenter$' \
|
| grep -v '%{project}/libcontainer/nsenter$' \
|
||||||
| grep -v 'github.com/opencontainers/runc/libcontainer/user$' \
|
| grep -v '%{project}/libcontainer/user$' \
|
||||||
| grep -v 'github.com/opencontainers/runc/libcontainer/xattr$')
|
| grep -v '%{project}/libcontainer/xattr$' \
|
||||||
go test -timeout 3m -tags "$BUILDTAGS" -v $PKG_LIST
|
%if ! 0%{?with_libseccomp}
|
||||||
|
| grep -v '%{project}/libcontainer/seccomp$' \
|
||||||
|
| grep -v 'github.com/seccomp/libseccomp-golang$' \
|
||||||
|
%endif
|
||||||
|
)
|
||||||
|
%go_tool test -buildmode=pie "$BUILDFLAGS" -tags "$BUILDTAGS" -timeout 3m -v $PKG_LIST
|
||||||
|
|
||||||
%install
|
%install
|
||||||
|
source ./.runc_build_env
|
||||||
|
|
||||||
|
# We install to /usr/sbin/runc as per upstream.
|
||||||
install -D -m755 %{name}-%{version} %{buildroot}%{_sbindir}/%{name}
|
install -D -m755 %{name}-%{version} %{buildroot}%{_sbindir}/%{name}
|
||||||
install -d -m755 %{buildroot}/usr/src/runc/
|
install -d -m755 %{buildroot}/usr/src/%{name}/
|
||||||
cp -avr $HOME/go/src/github.com/opencontainers/runc/* %{buildroot}/usr/src/runc/
|
cp -av $HOME/go/src/%{project}/* %{buildroot}/usr/src/%{name}/
|
||||||
|
|
||||||
# symlink runc as docker-runc. bsc#1015661
|
|
||||||
install -d -m755 %{buildroot}/%{_bindir}
|
|
||||||
|
|
||||||
|
# Man pages.
|
||||||
install -d -m755 %{buildroot}%{_mandir}/man8
|
install -d -m755 %{buildroot}%{_mandir}/man8
|
||||||
install -m644 man/man8/runc*.8 %{buildroot}%{_mandir}/man8
|
install -m644 man/man8/runc*.8 %{buildroot}%{_mandir}/man8
|
||||||
|
|
||||||
%fdupes %{buildroot}/%{_prefix}
|
%fdupes %{buildroot}
|
||||||
|
|
||||||
%post
|
%post
|
||||||
|
|
||||||
@ -123,7 +150,6 @@ install -m644 man/man8/runc*.8 %{buildroot}%{_mandir}/man8
|
|||||||
%defattr(-,root,root)
|
%defattr(-,root,root)
|
||||||
%doc README.md LICENSE
|
%doc README.md LICENSE
|
||||||
%{_sbindir}/%{name}
|
%{_sbindir}/%{name}
|
||||||
|
|
||||||
%{_mandir}/man8/runc*.8.gz
|
%{_mandir}/man8/runc*.8.gz
|
||||||
|
|
||||||
%files test
|
%files test
|
||||||
|
Loading…
Reference in New Issue
Block a user