Accepting request 315847 from Virtualization:containers

- Exclude init scripts other than systemd from the test-package 

- Exclude intel 32 bits arch. Docker does not built on that. Let's
  make it explicit. 

- rediff ignore-dockerinit-checksum.patch, gcc-go-build-static-libgo.patch
  to make them apply again.
- introduce go_arches for architectures that use the go compiler
  instead of gcc-go
- add docker-netns-aarch64.patch: Add support for AArch64
- enable build for aarch64

- Build man pages only on platforms where gc compiler is available.

- Updated to 1.7.0 (2015-06-16) - bnc#935570
  * Runtime
    - Experimental feature: support for out-of-process volume plugins
    - The userland proxy can be disabled in favor of hairpin NAT using the daemon’s `--userland-proxy=false` flag
    - The `exec` command supports the `-u|--user` flag to specify the new process owner
    - Default gateway for containers can be specified daemon-wide using the `--default-gateway` and `--default-gateway-v6` flags
    - The CPU CFS (Completely Fair Scheduler) quota can be set in `docker run` using `--cpu-quota`
    - Container block IO can be controlled in `docker run` using`--blkio-weight`
    - ZFS support
    - The `docker logs` command supports a `--since` argument
    - UTS namespace can be shared with the host with `docker run --uts=host`
  * Quality
    - Networking stack was entirely rewritten as part of the libnetwork effort
    - Engine internals refactoring
    - Volumes code was entirely rewritten to support the plugins effort
    - Sending SIGUSR1 to a daemon will dump all goroutines stacks without exiting

OBS-URL: https://build.opensuse.org/request/show/315847
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/docker?expand=0&rev=18

0002-Stripped-dockerinit-binary.patch

@@ -1,29 +0,0 @@
-From 86a768c5a830220024a56495f18e88bfc21f3aac Mon Sep 17 00:00:00 2001
-From: Flavio Castelli <fcastelli@suse.com>
-Date: Wed, 26 Mar 2014 17:50:19 +0100
-Subject: [PATCH 2/2] Stripped dockerinit binary
-
-The sha1sum of `dockerinit` is hardcoded into `docker` binary and is
-checked at runtime. OBS strips the debugging symbols from all the
-binaries (and hence also from `dockerinit`). That causes the sha1sum of
-the installed file to be different from the value computed inside of the
-buildroot.
-
-This commit strips the debugging symbols from `dockerinit` _before_ the
-`docker` binary is built. Avoiding all the runtime errors.
----
- hack/make/dynbinary | 1 +
- 1 file changed, 1 insertion(+)
-
-Index: docker/hack/make/.dockerinit
-===================================================================
---- docker.orig/hack/make/.dockerinit
-+++ docker/hack/make/.dockerinit
-@@ -25,5 +25,7 @@ else
- 	exit 1
- fi
- 
-+/usr/bin/strip -s $DEST/dockerinit-$VERSION
-+
- # sha1 our new dockerinit to ensure separate docker and dockerinit always run in a perfect pair compiled for one another
- export DOCKER_INITSHA1="$($sha1sum $DEST/dockerinit-$VERSION | cut -d' ' -f1)"

docker-1.6.2.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d819c93af2c7dd7ad75d24df5ea525efe2abac8ff23c0a9667796dedd21c8f9f
-size 5480404

docker-1.7.0.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:760807f5c0a28f5262006704d2c682733bf7cddc4bfb1464f7b7eb88c84cb9a6
+size 6524566

docker-netns-aarch64.patch

@@ -0,0 +1,10 @@
+--- /dev/null
++++ vendor/src/github.com/vishvananda/netns/netns_linux_arm64.go
+@@ -0,0 +1,7 @@
++// +build linux,arm64
++
++package netns
++
++const (
++    SYS_SETNS = 268
++)

docker-rpmlintrc

@@ -4,3 +4,11 @@ addFilter ("^docker.x86_64: W: statically-linked-binary /usr/lib/docker/dockerin
 addFilter ("^docker.x86_64: W: unstripped-binary-or-object /usr/lib/docker/dockerinit")
 addFilter ("^docker.x86_64: W: no-manual-page-for-binary docker")
 addFilter ("^docker.x86_64: W: no-manual-page-for-binary nsinit")
+addFilter ("test.noarch.*: E: devel-file-in-non-devel-package")
+addFilter ("test.noarch.*: W: pem-certificate")
+addFilter ("test.noarch.*: W: non-executable-script")
+addFilter ("test.noarch.*: W: hidden-file-or-dir")
+addFilter ("test.noarch.*: W: files-duplicate")
+addFilter ("test.noarch.*: W: script-without-shebang /usr/src/docker/docs/README.md")
+addFilter ("test.noarch.*: W: sourced-script-with-shebang /etc/bash_completion.d/docker bash")
+addFilter ("test.noarch.*: W: suse-filelist-forbidden-fhs23 /usr/src/docker")

docker.changes

@@ -1,3 +1,82 @@
+-------------------------------------------------------------------
+Fri Jul 10 11:22:00 UTC 2015 - jmassaguerpla@suse.com
+
+- Exclude init scripts other than systemd from the test-package 
+
+-------------------------------------------------------------------
+Wed Jul  1 12:38:50 UTC 2015 - jmassaguerpla@suse.com
+
+- Exclude intel 32 bits arch. Docker does not built on that. Let's
+  make it explicit. 
+
+-------------------------------------------------------------------
+Thu Jun 25 16:49:59 UTC 2015 - dmueller@suse.com
+
+- rediff ignore-dockerinit-checksum.patch, gcc-go-build-static-libgo.patch
+  to make them apply again.
+- introduce go_arches for architectures that use the go compiler
+  instead of gcc-go
+- add docker-netns-aarch64.patch: Add support for AArch64
+- enable build for aarch64
+
+-------------------------------------------------------------------
+Wed Jun 24 09:02:03 UTC 2015 - fcastelli@suse.com
+
+- Build man pages only on platforms where gc compiler is available.
+
+-------------------------------------------------------------------
+Mon Jun 22 08:48:11 UTC 2015 - fcastelli@suse.com
+
+- Updated to 1.7.0 (2015-06-16) - bnc#935570
+  * Runtime
+    - Experimental feature: support for out-of-process volume plugins
+    - The userland proxy can be disabled in favor of hairpin NAT using the daemon’s `--userland-proxy=false` flag
+    - The `exec` command supports the `-u|--user` flag to specify the new process owner
+    - Default gateway for containers can be specified daemon-wide using the `--default-gateway` and `--default-gateway-v6` flags
+    - The CPU CFS (Completely Fair Scheduler) quota can be set in `docker run` using `--cpu-quota`
+    - Container block IO can be controlled in `docker run` using`--blkio-weight`
+    - ZFS support
+    - The `docker logs` command supports a `--since` argument
+    - UTS namespace can be shared with the host with `docker run --uts=host`
+  * Quality
+    - Networking stack was entirely rewritten as part of the libnetwork effort
+    - Engine internals refactoring
+    - Volumes code was entirely rewritten to support the plugins effort
+    - Sending SIGUSR1 to a daemon will dump all goroutines stacks without exiting
+  * Build
+    - Support ${variable:-value} and ${variable:+value} syntax for environment variables
+    - Support resource management flags `--cgroup-parent`, `--cpu-period`, `--cpu-quota`, `--cpuset-cpus`, `--cpuset-mems`
+    - git context changes with branches and directories
+    - The .dockerignore file support exclusion rules
+  * Distribution
+    - Client support for v2 mirroring support for the official registry
+  * Bugfixes
+    - Firewalld is now supported and will automatically be used when available
+    - mounting --device recursively
+- Patch 0002-Stripped-dockerinit-binary.patch renamed to fix-docker-init.patch
+  and fixed to build with latest version of docker
+
+-------------------------------------------------------------------
+Tue Jun  9 16:35:46 UTC 2015 - jmassaguerpla@suse.com
+
+- Add test subpackage and fix line numbers in patches 
+
+-------------------------------------------------------------------
+Fri Jun  5 15:29:45 UTC 2015 - fcastelli@suse.com
+
+- Fixed ppc64le name inside of spec file
+
+-------------------------------------------------------------------
+Fri Jun  5 15:23:47 UTC 2015 - fcastelli@suse.com
+
+- Build docker on PPC and S390x using gcc-go provided by gcc5
+  * added sysconfig.docker.ppc64le: make docker daemon start on ppc64le
+    despite some iptables issues. To be removed soon
+  * ignore-dockerinit-checksum.patch: applied only when building with
+    gcc-go. Required to workaround a limitation of gcc-go
+  * gcc-go-build-static-libgo.patch: used only when building with gcc-go,
+    link libgo statically into docker itself.
+
 -------------------------------------------------------------------
 Wed May 27 10:02:51 UTC 2015 - dmacvicar@suse.de
 

docker.spec

@@ -16,9 +16,10 @@
 #
 
 
-%define git_version 7c8fca2
+%define git_version 0baf609
+%define go_arches %ix86 x86_64
 Name:           docker
-Version:        1.6.2
+Version:        1.7.0
 Release:        0
 Summary:        The Linux container runtime
 License:        Apache-2.0
@@ -37,14 +38,27 @@ Source5:        docker_systemd_lt_214.socket
 
 Source6:        docker-rpmlintrc
 Source7:        README_SUSE.md
-Patch0:         0002-Stripped-dockerinit-binary.patch
+# TODO: remove once we figure out what is wrong with iptables on ppc64le
+Source100:      sysconfig.docker.ppc64le
+Patch0:         fix-docker-init.patch
 # PATCH-FIX-OPENSUSE libcontainer-apparmor-fixes.patch -- mount rules aren't supported in our apparmor
 Patch1:         libcontainer-apparmor-fixes.patch
+# Required to overcome some limitations of gcc-go: https://groups.google.com/forum/#!msg/golang-nuts/SlGCPYkjxo4/4DjcjXRCqAkJ
+# Right now docker passes the sha1sum of the dockerinit binary to the docker binary at build time
+# We cannot do that, right now a quick and really dirty way to get it running is
+# to simply disable this check
+Patch100:       ignore-dockerinit-checksum.patch
+Patch101:       gcc-go-build-static-libgo.patch
+Patch102:       docker-netns-aarch64.patch
 BuildRequires:  bash-completion
 BuildRequires:  device-mapper-devel >= 1.2.68
 BuildRequires:  glibc-devel-static
-BuildRequires:  go >= 1.3
+%ifarch %go_arches
+BuildRequires:  go >= 1.4
 BuildRequires:  go-go-md2man
+%else
+BuildRequires:  gcc5-go >= 5.0
+%endif
 BuildRequires:  libapparmor-devel
 BuildRequires:  libbtrfs-devel >= 3.8
 BuildRequires:  procps
@@ -67,7 +81,7 @@ Requires:       xz >= 4.9
 Conflicts:      lxc < 1.0
 PreReq:         %fillup_prereq
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
-ExclusiveArch:  armv7hl x86_64
+ExcludeArch:    %ix86
 
 %description
 Docker complements LXC with a high-level API which operates at the process
@@ -98,18 +112,60 @@ BuildArch:      noarch
 %description zsh-completion
 Zsh command line completion support for %{name}.
 
+%package test
+Summary:        Test package for docker
+Group:          System/Management
+Requires:       device-mapper-devel >= 1.2.68
+Requires:       glibc-devel-static
+%ifarch %go_arches
+Requires:       go >= 1.4
+%else
+Requires:       gcc5-go >= 5.0
+%endif
+Requires:       apparmor-parser
+Requires:       bash-completion
+Requires:       libapparmor-devel
+Requires:       libbtrfs-devel >= 3.8
+Requires:       procps
+Requires:       sqlite3-devel
+BuildArch:      noarch
+
+%description test
+Test package for docker. It contains the source code and the tests.
+
 %prep
 %setup -q -n docker
 %patch0 -p1
 %patch1 -p1
+%ifnarch %go_arches
+%patch100
+%patch101
+%endif
+%patch102
 cp %{SOURCE7} .
+find . -name ".gitignore" | xargs rm
 
 %build
+%ifnarch %go_arches
+mkdir /tmp/dirty-hack
+ln -s /usr/bin/go-5 /tmp/dirty-hack/go
+export PATH=/tmp/dirty-hack:$PATH
+%endif
+
+(cat <<EOF
 export AUTO_GOPATH=1
 export DOCKER_BUILDTAGS="exclude_graphdriver_aufs apparmor selinux"
 export DOCKER_GITCOMMIT=%{git_version}
+EOF
+) > docker_build_env
+. ./docker_build_env
 ./hack/make.sh dynbinary
-docs/man/md2man-all.sh
+%ifarch %go_arches
+man/md2man-all.sh
+%endif
+# remove other than systemd
+# otherwise the resulting package will have extra requires
+rm -rf hack/make/.build-deb
 
 %install
 install -d %{buildroot}%{go_contribdir}
@@ -123,6 +179,9 @@ install -Dd -m 0755 \
 
 install -D -m0644 contrib/completion/bash/docker "%{buildroot}/etc/bash_completion.d/%{name}"
 install -D -m0644 contrib/completion/zsh/_docker "%{buildroot}/etc/zsh_completion.d/%{name}"
+# copy all for the test package
+install -d %{buildroot}/usr/src/docker/
+cp -av . %{buildroot}/usr/src/docker/
 
 #
 # systemd service
@@ -139,13 +198,19 @@ ln -sf /sbin/service $RPM_BUILD_ROOT/usr/sbin/rcdocker
 install -D -m 0644 %SOURCE3 %{buildroot}%{_prefix}/lib/udev/rules.d/80-%{name}.rules
 
 # sysconfig file
+%ifarch ppc64le
+install -D -m 644 %SOURCE100 %{buildroot}/var/adm/fillup-templates/sysconfig.docker
+%else
 install -D -m 644 %SOURCE4 %{buildroot}/var/adm/fillup-templates/sysconfig.docker
+%endif
 
+%ifarch %go_arches
 # install manpages
 install -d %{buildroot}%{_mandir}/man1
-install -p -m 644 docs/man/man1/*.1 %{buildroot}%{_mandir}/man1
+install -p -m 644 man/man1/*.1 %{buildroot}%{_mandir}/man1
 install -d %{buildroot}%{_mandir}/man5
-install -p -m 644 docs/man/man5/Dockerfile.5 %{buildroot}%{_mandir}/man5
+install -p -m 644 man/man5/Dockerfile.5 %{buildroot}%{_mandir}/man5
+%endif
 
 %pre
 echo "creating group docker..."
@@ -173,9 +238,11 @@ groupadd -r docker 2>/dev/null || :
 %{_unitdir}/%{name}.socket
 %{_prefix}/lib/udev/rules.d/80-%{name}.rules
 /var/adm/fillup-templates/sysconfig.docker
+%ifarch %go_arches
 %{_mandir}/man1/docker-*.1.gz
 %{_mandir}/man1/docker.1.gz
 %{_mandir}/man5/Dockerfile.5.gz
+%endif
 
 %files bash-completion
 %defattr(-,root,root)
@@ -185,4 +252,15 @@ groupadd -r docker 2>/dev/null || :
 %defattr(-,root,root)
 %config %{_sysconfdir}/zsh_completion.d/%{name}
 
+%files test
+%defattr(-,root,root)
+/usr/src/docker/
+# exclude binaries
+%exclude /usr/src/docker/bundles/
+# exclude init configurations other than systemd
+%exclude /usr/src/docker/contrib/init/openrc
+%exclude /usr/src/docker/contrib/init/sysvinit-debian
+%exclude /usr/src/docker/contrib/init/sysvinit-redhat
+%exclude /usr/src/docker/contrib/init/upstart
+
 %changelog

fix-docker-init.patch

@@ -0,0 +1,12 @@
+Index: docker/hack/make/.dockerinit
+===================================================================
+--- docker.orig/hack/make/.dockerinit
++++ docker/hack/make/.dockerinit
+@@ -29,5 +29,7 @@ else
+ 	exit 1
+ fi
+ 
++/usr/bin/strip -s $DEST/dockerinit-$VERSION
++
+ # sha1 our new dockerinit to ensure separate docker and dockerinit always run in a perfect pair compiled for one another
+ export DOCKER_INITSHA1=$($sha1sum "$DEST/dockerinit-$VERSION" | cut -d' ' -f1)

gcc-go-build-static-libgo.patch

@@ -0,0 +1,10 @@
+--- hack/make/binary
++++ hack/make/binary
+@@ -9,6 +9,7 @@
+ 
+ echo "Building: $DEST/$BINARY_FULLNAME"
+ go build \
++	-gccgoflags="-static-libgo" \
+ 	-o "$DEST/$BINARY_FULLNAME" \
+ 	"${BUILDFLAGS[@]}" \
+ 	-ldflags "

ignore-dockerinit-checksum.patch

@@ -0,0 +1,11 @@
+--- utils/utils.go
++++ utils/utils.go
+@@ -76,7 +76,7 @@
+ 		}
+ 		return os.SameFile(targetFileInfo, selfPathFileInfo)
+ 	}
+-	return dockerversion.INITSHA1 != "" && dockerInitSha1(target) == dockerversion.INITSHA1
++	return true
+ }
+ 
+ // Figure out the path of our dockerinit (which may be SelfPath())

sysconfig.docker.ppc64le

@@ -0,0 +1,10 @@
+
+## Path           : System/Management
+## Description    : Extra cli switches for docker daemon
+## Type           : string
+## Default        : ""
+## ServiceRestart : docker
+#
+
+# TODO: remove it once we fix the real issue
+DOCKER_OPTS=" -iptables=false "