The `version_no_tilde` rpm macro correctly handles both `vX.Y.Z` and
`vX.Y.Z-rcN` git tags. Using this macro instead of `version` will soon
allow Packit to handle RC builds correctly.
Accompanying change in Packit to land soon:
https://github.com/packit/packit/pull/2149
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
We don't have a successful rhel build of gvforwarder so far on the
podman-next copr, so any RHEL users of podman-next will have trouble
installing podman if it's a gvforwarder is a hard dep.
Switching gvforwarder to a Recommends until that's resolved.
The ELN environment is an exception as it gets dependencies updated a
lot quicker.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
This change will allow `podman --version` from COPR rpm builds to be of
the form `X.Y.Z-dev-SHORT_SHA`.
Also specify a `copr_build` macro as it feels more intuitive
than `copr_username` or `copr_project`.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
gvisor-tap-vsock is now a standalone package for Fedora 38 and higher so
we can simplify the rpm spec a lot by removing all subpackage
references.
If we need to bump podman on Fedora 37, that can be handled manually on
Fedora itself. The Packit config can be left unchanged. Any packit PRs created on
Fedora dist-git for Fedora 37 can simply be closed without merging.
Fedora 37 will go EOL soon so not much of a point to changing packit
config to exclude Fedora 37.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
The lowercase `and` in the License field isn't compatible with spdx
license format.
This commit replaces all `and` with `AND` in the License field in spec.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Include dependencies in rpm/podman.spec to make it easy for end users to
build podman from source. This way users can install all build
dependencies by running `dnf -y builddep rpm/podman.spec`.
This is not usually noticeable except on container environments where
man-db often isn't installed by default.
Refs:
https://github.com/containers/podman.io/issues/157https://github.com/containers/podman.io/pull/174
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
go-md2man is fragile, especially around tables (#18678, #19278).
Podman man pages are finely tuned to look OK using v2.02, which
is what we vendor in test/tools, so we should really use it
instead of whatever is installed on the system.
This fixes 'make docs' on RHEL8, broken as of #19278.
Signed-off-by: Ed Santiago <santiago@redhat.com>
The tests & podmansh sub-package depend on podman which already pull in the
LICENSE & doc files. According to the packaging guidelines, these files need not
be added to the subpackages.
[NO NEW TESTS NEEDED]
Signed-off-by: Dan Čermák <dcermak@suse.com>
gvproxy doesn't currently build on rawhide because of go1.21.
It can be included as a standalone package on copr.
It is currently open for review on bugzilla until which fedora releases can't
include it. Official rawhide should be able to fetch the last active build of
gvproxy, the min version requirement has been removed to allow it.
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=2224434
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
The pre-sync action constantly breaks and is currently not possible to
reliably test until the subsequent upstream release due to limitations
in packit.
The lines being added by the action script to the downstream Fedora spec
were only meant to keep Fedora happy. But given that they provide
no tangible benefit as github notifies us of security
issues in libraries mentioned in go.mod and go.sum, along with redhat
prodsec's own magic for creating security alerts, there's absolutely
no point to having the pre-sync action run and add a layer of uncertainty.
This commit removes the pre-sync action and
`rpm/update-spec-provides.sh`.
Ref: https://github.com/containers/podman/issues/19232
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
- build dnsname the old way otherwise it fails on koji
- use the binary path for go-md2man for successful ELN builds
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
- remove .packit.sh
- remove all bcond_with[out] conditionals in favor of easier to read
alternatives
- simplify build process by removing GOPATH and related cruft
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
This commit creates a new command `podmansh` command which can be used by
administrators to provide a confined shell to their users.
The user will only have access to the volumes and capabilities for that
user.
Co-authored-by: Paul Holzinger <pholzing@redhat.com>
Co-authored-by: Daniel Walsh <dwalsh@redhat.com>
Co-authored-by: Petr Lautrbach <lautrbach@redhat.com>
Co-authored-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Because of a c/storage change[1] all we get a lot of new dependencies in
rootlessport despite not using them. Add build tags to exclude storage
drivers to make the binary smaller until it get addressed in c/storage.
This saves about 800 MB but the bloat due that change is still causing
us to gain over 2 MB. This is not ideal but we should get vendoring
going and not wait any longer.
[1] https://github.com/containers/storage/pull/1618
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Also address review concerns in pr#18675.
[NO NEW TESTS NEEDED]
Co-authored-by: Chris Evich <cevich@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Get rid of `podman.spec.rpkg` in favour of
`rpm/podman.spec` which gets synced with fedora dist-git on every
upstream release. The version in the new spec file is set to `0` by
default and gets updated by packit automatically on every packit task.
For local manual rpm builds using the spec, the helper script in the
`rpm/` subdir will update the Version field with the latest version
found in the upstream repo.
Packit will automatically create a PR on fedora dist-git on every new
upstream release. A sample PR will look like:
https://src.fedoraproject.org/rpms/container-selinux/pull-request/10#
A dry run for this can be triggered using:
`$ packit propose-downstream --local-content`
To run this command locally, you would need to have your packit
user-configuration-file set.
Ref: https://packit.dev/docs/configuration/#user-configuration-file
along with a fedora api key created at:
https://src.fedoraproject.org/settings#nav-api-tab with sufficient ACLs.
Also includes a revised `package` Makefile target which will build rpms
using `rpm/podman.spec`. Fixes: #18421.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Yaakov Selkowitz
Lokesh Mandvekar
Lokesh Mandvekar
OpenShift Merge Robot
Ed Santiago
Dan Čermák
Paul Holzinger