packages/cri-o
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
cri-o/cri-o.spec
duyiwei c5f7f3818a
change docker-runc to runc in Requires 
Signed-off-by: duyiwei <duyiwei@kylinos.cn>
2024-06-17 07:39:04 +00:00

237 lines
7.9 KiB
RPMSpec
Raw Permalink Blame History

%global goipath github.com/cri-o/cri-o
%define gobuild(o:) %{expand:
%global _dwz_low_mem_die_limit 0
%ifnarch ppc64
go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-}%{?currentgoldflags} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '-Wl,-z,relro -Wl,-z,now' -compressdwarf=false" -a -v -x %{?**};
%else
go build -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-}%{?currentgoldflags} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '-Wl,-z,relro -Wl,-z,now' -compressdwarf=false" -a -v -x %{?**};
%endif
}
%bcond_with check
%global build_timestamp %(date -u +'%Y-%m-%dT%H:%M:%SZ')
%global git_tree_state clean
%global criocli_path ""
%global built_tag v%{version}
%global built_tag_strip %(b=%{built_tag}; echo ${b:1})
%global crio_release_tag %(echo %{built_tag_strip} | cut -f1,2 -d'.')
%global service_name crio
%global commit0 63ca93845d5fe05cdca826367afcb601ece8d7ad
Name: cri-o
Version: 1.23.2
Epoch: 0
Release: 12
Summary: Open Container Initiative-based implementation of Kubernetes Container Runtime Interface
License: ASL 2.0
URL: https://github.com/cri-o/cri-o
Source0: %{url}/archive/v%{version}/%{name}-%{version}.tar.gz
Source1: https://github.com/cpuguy83/go-md2man/archive/v1.0.10.tar.gz
Patch0: backport-CVE-2022-2995.patch
Patch0001: 0001-fix-CVE-2022-27652.patch
Patch0002: 0002-fix-CVE-2022-4318.patch
Patch0003: 0003-fix-CVE-2022-0811.patch
Patch0004: 0004-fix-CVE-2022-1708.patch
Patch0005: 0005-fix-CVE-2023-39325.patch
Patch0006: 0006-fix-CVE-2022-41723.patch
Patch0007: 0007-fix-CVE-2024-24786.patch
Patch0008: 0008-fix-CVE-2023-48795.patch
Patch0009: 0009-fix-CVE-2024-28180.patch
ExclusiveArch: %{?go_arches:%{go_arches}}%{!?go_arches:%{ix86} x86_64 aarch64 %{arm}}
BuildRequires: golang >= 1.17, git-core, glib2-devel, glibc-static, openEuler-rpm-config
BuildRequires: gpgme-devel, libassuan-devel, libseccomp-devel, systemd-devel, make
Requires: container-selinux, containers-common >= 1:0.1.31-14, runc >= 1.0.0-16
Requires: containernetworking-plugins >= 0.7.5-1, conmon >= 2.0.2-1, socat
Obsoletes: ocid <= 0.3
Provides: ocid = %{epoch}:%{version}-%{release}
Provides: %{service_name} = %{epoch}:%{version}-%{release}
%description
Open Container Initiative-based implementation of Kubernetes Container Runtime
Interface.
%prep
%autosetup -p1 -n %{name}-%{version}
tar -xf %SOURCE1
sed -i 's/install.config: crio.conf/install.config:/' Makefile
sed -i 's/install.bin: binaries/install.bin:/' Makefile
sed -i 's/install.man: $(MANPAGES)/install.man:/' Makefile
sed -i 's/\.gopathok //' Makefile
sed -i 's/module_/module-/' internal/version/version.go
sed -i 's/\/local//' contrib/systemd/%{service_name}.service
sed -i 's/\/local//' contrib/systemd/%{service_name}-wipe.service
%build
GO_MD2MAN_PATH="$(pwd)%{_bindir}"
mkdir -p _build/bin $GO_MD2MAN_PATH
cd go-md2man-*
go build -mod=vendor -o ../_build/bin/go-md2man .
cp ../_build/bin/go-md2man $GO_MD2MAN_PATH/go-md2man
export PATH=$GO_MD2MAN_PATH:$PATH
cd -
export GO111MODULE=on
export GOFLAGS=-mod=vendor
export BUILDTAGS="$(hack/btrfs_installed_tag.sh)
$(hack/btrfs_tag.sh) $(hack/libdm_installed.sh)
$(hack/libdm_no_deferred_remove_tag.sh)
$(hack/seccomp_tag.sh)
$(hack/selinux_tag.sh)"
export LDFLAGS="-X %{goipath}/internal/pkg/criocli.DefaultsPath=%{criocli_path}
-X %{goipath}/internal/version.buildDate=%{build_timestamp}
-X %{goipath}/internal/version.gitCommit=%{commit0}
-X %{goipath}/internal/version.version=%{version}
-X %{goipath}/internal/version.gitTreeState=%{git_tree_state} "
for cmd in cmd/* ; do
%gobuild -o bin/$(basename $cmd) %{goipath}/$cmd
done
export CFLAGS="$CFLAGS -std=c99"
%make_build bin/pinns
GO_MD2MAN=go-md2man make docs
%install
sed -i 's/\/local//' contrib/systemd/%{service_name}.service
bin/%{service_name} \
--selinux \
--cni-plugin-dir /opt/cni/bin \
--cni-plugin-dir "%{_libexecdir}/cni" \
--enable-metrics \
--metrics-port 9537 \
config > %{service_name}.conf
# install binaries
install -dp %{buildroot}{%{_bindir},%{_libexecdir}/%{service_name}}
install -p -m 755 bin/%{service_name} %{buildroot}%{_bindir}
# install conf files
install -dp %{buildroot}%{_sysconfdir}/cni/net.d
install -p -m 644 contrib/cni/10-crio-bridge.conf %{buildroot}%{_sysconfdir}/cni/net.d/100-crio-bridge.conf
install -p -m 644 contrib/cni/99-loopback.conf %{buildroot}%{_sysconfdir}/cni/net.d/200-loopback.conf
install -dp %{buildroot}%{_sysconfdir}/%{service_name}
install -dp %{buildroot}%{_datadir}/containers/oci/hooks.d
install -dp %{buildroot}%{_datadir}/oci-umount/oci-umount.d
install -p -m 644 crio.conf %{buildroot}%{_sysconfdir}/%{service_name}
install -p -m 644 crio-umount.conf %{buildroot}%{_datadir}/oci-umount/oci-umount.d/%{service_name}-umount.conf
install -p -m 644 crictl.yaml %{buildroot}%{_sysconfdir}
%make_install PREFIX=%{buildroot}%{_prefix} \
install.bin \
install.completions \
install.config \
install.man \
install.systemd
install -dp %{buildroot}%{_sharedstatedir}/containers
%post
%systemd_post %{service_name}
%preun
%systemd_preun %{service_name}
%postun
%systemd_postun_with_restart %{service_name}
%files
%license LICENSE
%doc docs code-of-conduct.md tutorial.md ADOPTERS.md CONTRIBUTING.md README.md
%doc awesome.md transfer.md
%{_bindir}/%{service_name}
%{_bindir}/%{service_name}-status
%{_bindir}/pinns
%{_mandir}/man5/%{service_name}.conf*5*
%{_mandir}/man8/%{service_name}*.8*
%dir %{_sysconfdir}/%{service_name}
%config(noreplace) %{_sysconfdir}/%{service_name}/%{service_name}.conf
%config(noreplace) %{_sysconfdir}/cni/net.d/100-%{service_name}-bridge.conf
%config(noreplace) %{_sysconfdir}/cni/net.d/200-loopback.conf
%config(noreplace) %{_sysconfdir}/crictl.yaml
%dir %{_libexecdir}/%{service_name}
%{_unitdir}/%{service_name}.service
%{_unitdir}/%{service_name}-wipe.service
%dir %{_sharedstatedir}/containers
%dir %{_datadir}/containers
%dir %{_datadir}/containers/oci
%dir %{_datadir}/containers/oci/hooks.d
%dir %{_datadir}/oci-umount
%dir %{_datadir}/oci-umount/oci-umount.d
%{_datadir}/oci-umount/oci-umount.d/%{service_name}-umount.conf
%{_datadir}/bash-completion/completions/%{service_name}*
%{_datadir}/fish/completions/%{service_name}*.fish
%{_datadir}/zsh/site-functions/_%{service_name}*
%changelog
* Mon Jun 17 2024 duyiwei <duyiwei@kylinos.cn> - 0:1.23.2-12
- change docker-runc to runc in Requires
* Tue Apr 2 2024 zhangbowei <zhangbowei@kylinos.cn> - 0:1.23.2-11
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC: CVE-2024-28180
* Mon Apr 1 2024 zhangbowei <zhangbowei@kylinos.cn> - 0:1.23.2-10
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC: fix CVE-2023-48795
* Mon Apr 1 2024 zhangbowei <zhangbowei@kylinos.cn> - 0:1.23.2-9
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC: fix CVE-2024-24786
* Mon Apr 1 2024 zhangbowei <zhangbowei@kylinos.cn> - 0:1.23.2-8
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC: fix CVE-2022-41723
* Mon Apr 1 2024 zhangbowei <zhangbowei@kylinos.cn> - 0:1.23.2-7
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC: fix CVE-2023-39325
* Mon Apr 1 2024 zhangbowei <zhangbowei@kylinos.cn> - 0:1.23.2-6
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC: fix CVE-2022-1708
* Mon Apr 1 2024 zhangbowei <zhangbowei@kylinos.cn> - 0:1.23.2-5
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC: fix CVE-2022-0811
* Wed Mar 13 2024 zhangbowei <zhangbowei@kylinos.cn> - 0:1.23.2-4
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC: fix CVE-2022-4318
* Mon Apr 1 2024 zhangbowei <zhangbowei@kylinos.cn> - 0:1.23.2-3
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix CVE-2022-27652
* Wed Feb 01 2023 biannm <bian_naimeng@hoperun.com> - 0:1.23.2-2
- Fix CVE-2022-2995
* Tue Jun 07 2022 fushanqing <fushanqing@kylinos.cn> - 0:1.23.2-1
- Update cri-o to 1.23.2
* Mon Mar 21 2022 fushanqing <fushanqing@kylinos.cn> - 0:1.22.1-1
- Init Package
Reference in New Issue View Git Blame Copy Permalink