pool/tetragon
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5eb78adf87
tetragon/tetragon.spec

200 lines
6.5 KiB
RPMSpec
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#
# spec file for package tetragon
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define __arch_install_post export NO_BRP_STRIP_DEBUG=true
%define cli_binary_name tetra
%define cli_package_name tetragon-cli
Name: tetragon
Version: 1.2.0
Release: 0
Summary: eBPF-based Security Observability and Runtime Enforcement
License: Apache-2.0
URL: https://github.com/cilium/tetragon
Source: tetragon-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: clang >= 15
BuildRequires: go >= 1.22
BuildRequires: llvm
BuildRequires: make
ExcludeArch: i586 ppc64le s390x armv7l armv7hl
%description
Ciliums new Tetragon component enables powerful real-time, eBPF-based Security
Observability and Runtime Enforcement.
Tetragon detects and is able to react to security-significant events, such as
* Process execution events
* System call activity
* I/O activity including network & file access
When used in a Kubernetes environment, Tetragon is Kubernetes-aware - that is,
it understands Kubernetes identities such as namespaces, pods and so on - so
that security event detection can be configured in relation to individual
workloads.
%package -n %{cli_package_name}
Summary: CLI for Tetragon
Provides: tetra = %{version}
%description -n %{cli_package_name}
To interact with Tetragon, install the Tetragon client CLI tetra.
%package -n %{cli_package_name}-bash-completion
Summary: Bash Completion for %{cli_package_name}
Group: System/Shells
Requires: %{cli_package_name} = %{version}
Requires: bash-completion
Supplements: (%{cli_package_name} and bash-completion)
BuildArch: noarch
%description -n %{cli_package_name}-bash-completion
Bash command line completion support for %{cli_package_name}.
%package -n %{cli_package_name}-fish-completion
Summary: Fish Completion for %{cli_package_name}
Group: System/Shells
Requires: %{cli_package_name} = %{version}
Supplements: (%{cli_package_name} and fish)
BuildArch: noarch
%description -n %{cli_package_name}-fish-completion
Fish command line completion support for %{cli_package_name}.
%package -n %{cli_package_name}-zsh-completion
Summary: Zsh Completion for %{cli_package_name}
Group: System/Shells
Requires: %{cli_package_name} = %{version}
Supplements: (%{cli_package_name} and zsh)
BuildArch: noarch
%description -n %{cli_package_name}-zsh-completion
zsh command line completion support for %{cli_package_name}.
%prep
%autosetup -p 1 -a 1
%build
#
# tetragon
#
go build \
-mod=vendor \
-buildmode=pie \
-ldflags="-X github.com/cilium/tetragon/pkg/version.Version=%{version}" \
-o bin/%{name} ./cmd/%{name}
# bpf stuff
# https://github.com/cilium/tetragon/blob/main/Makefile#L159
# https://github.com/cilium/tetragon/blob/main/bpf/Makefile
make -C ./bpf BPF_TARGET_ARCH=x86 %{?_smp_mflags}
#
# tetra cli
#
go build \
-mod=vendor \
-buildmode=pie \
-ldflags="-X github.com/cilium/tetragon/pkg/version.Version=%{version}" \
-o bin/%{cli_binary_name} ./cmd/%{cli_binary_name}
%install
#
# tetragon
#
install -D -m 0755 bin/%{name} %{buildroot}/%{_bindir}/%{name}
install -D -m 0644 ./install/linux-tarball/systemd/tetragon.service %{buildroot}/%{_unitdir}/%{name}.service
sed -i 's#/local##' %{buildroot}/%{_unitdir}/%{name}.service
install -d -m 0755 %{buildroot}%{_sysconfdir}/%{name}/
install -d -m 0755 %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf.d/
install -d -m 0755 %{buildroot}%{_sysconfdir}/%{name}/%{name}.tp.d/
install -D -m 0644 ./install/linux-tarball/usr/local/lib/tetragon/tetragon.conf.d/* %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf.d/
sed -i 's#/local##' %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf.d/*
sed -i 's#/lib/#/lib64/#' %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf.d/bpf-lib
install -d -m 0755 %{buildroot}/%{_libdir}/%{name}/
install -d -m 0755 %{buildroot}/%{_libdir}/%{name}/bpf
install -D -m 0644 ./bpf/objs/*.o %{buildroot}/%{_libdir}/%{name}/bpf
#
# tetra cli
#
# Install the binary.
install -D -m 0755 bin/%{cli_binary_name} %{buildroot}/%{_bindir}/%{cli_binary_name}
# create the bash completion file
mkdir -p %{buildroot}%{_datarootdir}/bash-completion/completions/
%{buildroot}/%{_bindir}/%{cli_binary_name} completion bash > %{buildroot}%{_datarootdir}/bash-completion/completions/%{cli_binary_name}
# create the fish completion file
mkdir -p %{buildroot}%{_datarootdir}/fish/vendor_completions.d/
%{buildroot}/%{_bindir}/%{cli_binary_name} completion fish > %{buildroot}%{_datarootdir}/fish/vendor_completions.d/%{cli_binary_name}.fish
# create the zsh completion file
mkdir -p %{buildroot}%{_datarootdir}/zsh_completion.d/
%{buildroot}/%{_bindir}/%{cli_binary_name} completion zsh > %{buildroot}%{_datarootdir}/zsh_completion.d/_%{cli_binary_name}
%pre
%service_add_pre %{name}.service
%post
%service_add_post %{name}.service
%preun
%service_del_preun %{name}.service
%postun
%service_del_postun %{name}.service
%check
%files
%doc README.md
%license LICENSE
%{_bindir}/%{name}
%{_unitdir}/%{name}.service
%dir %attr(755,root, root) %{_sysconfdir}/%{name}/
%dir %attr(755,root, root) %{_sysconfdir}/%{name}/%{name}.conf.d/
%defattr(0644, root, root)
%config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf.d/*
%dir %attr(755,root, root) %{_libdir}/%{name}
%dir %attr(755,root, root) %{_libdir}/%{name}/bpf/
%attr(644,root, root) %{_libdir}/%{name}/bpf/*
%files -n %{cli_package_name}
%doc README.md
%license LICENSE
%{_bindir}/%{cli_binary_name}
%files -n %{cli_package_name}-bash-completion
%dir %{_datarootdir}/bash-completion/completions/
%{_datarootdir}/bash-completion/completions/%{cli_binary_name}
%files -n %{cli_package_name}-fish-completion
%dir %{_datarootdir}/fish
%dir %{_datarootdir}/fish/vendor_completions.d
%{_datarootdir}/fish/vendor_completions.d/%{cli_binary_name}.fish
%files -n %{cli_package_name}-zsh-completion
%dir %{_datarootdir}/zsh_completion.d/
%{_datarootdir}/zsh_completion.d/_%{cli_binary_name}
%changelog
Reference in New Issue View Git Blame Copy Permalink