diff --git a/.fmf/version b/.fmf/version deleted file mode 100644 index d00491f..0000000 --- a/.fmf/version +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/.gitignore b/.gitignore index ae2c48c..c3f5790 100644 --- a/.gitignore +++ b/.gitignore @@ -713,25 +713,3 @@ /v1.36.0.tar.gz /v1.37.0.tar.gz /v1.37.1.tar.gz -/v1.37.2.tar.gz -/v1.37.3.tar.gz -/v1.37.4.tar.gz -/v1.37.5.tar.gz -/v1.38.0.tar.gz -/v1.38.1.tar.gz -/v1.39.0.tar.gz -/v1.39.1.tar.gz -/v1.39.2.tar.gz -/v1.39.3.tar.gz -/v1.39.4.tar.gz -/v1.40.0.tar.gz -/v1.40.1.tar.gz -/v1.41.0.tar.gz -/v1.41.1.tar.gz -/v1.41.2.tar.gz -/v1.41.3.tar.gz -/v1.41.4.tar.gz -/v1.41.5.tar.gz -/v1.42.0.tar.gz -/v1.42.1.tar.gz -/v1.42.2.tar.gz diff --git a/.packit.yaml b/.packit.yaml index 032e9e1..b465fec 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -5,27 +5,6 @@ downstream_package_name: buildah upstream_tag_template: v{version} -# These files get synced from upstream to downstream (Fedora / CentOS Stream) on every -# propose-downstream job. This is done so tests maintained upstream can be run -# downstream in Zuul CI and Bodhi. -# Ref: https://packit.dev/docs/configuration#files_to_sync -files_to_sync: - - src: rpm/gating.yaml - dest: gating.yaml - delete: true - - src: plans/ - dest: plans/ - delete: true - mkpath: true - - src: tests/tmt/ - dest: tests/tmt/ - delete: true - mkpath: true - - src: .fmf/ - dest: .fmf/ - delete: true - - .packit.yaml - packages: buildah-fedora: pkg_tool: fedpkg @@ -33,7 +12,7 @@ packages: buildah-centos: pkg_tool: centpkg specfile_path: rpm/buildah.spec - buildah-eln: + buildah-rhel: specfile_path: rpm/buildah.spec srpm_build_deps: @@ -46,22 +25,9 @@ jobs: notifications: &copr_build_failure_notification failure_comment: message: "Ephemeral COPR build failed. @containers/packit-build please check." - # Fedora aliases documentation: https://packit.dev/docs/configuration#aliases - # python3-fedora-distro-aliases provides `resolve-fedora-aliases` command - targets: &fedora_copr_targets - - fedora-all-x86_64 - - fedora-all-aarch64 - enable_net: true - # Disable osh diff scan until Go support is available - # Ref: https://github.com/openscanhub/known-false-positives/pull/30#issuecomment-2858698495 - osh_diff_scan_after_copr_build: false - - # Ignore until golang is updated in distro buildroot to 1.23.3+ - - job: copr_build - trigger: ignore - packages: [buildah-eln] - notifications: *copr_build_failure_notification targets: + fedora-all-x86_64: {} + fedora-all-aarch64: {} fedora-eln-x86_64: additional_repos: - "https://kojipkgs.fedoraproject.org/repos/eln-build/latest/x86_64/" @@ -70,18 +36,26 @@ jobs: - "https://kojipkgs.fedoraproject.org/repos/eln-build/latest/aarch64/" enable_net: true - # Ignore until golang is updated in distro buildroot to 1.23.3+ - job: copr_build - trigger: ignore + trigger: pull_request packages: [buildah-centos] notifications: *copr_build_failure_notification - targets: ¢os_copr_targets + targets: - centos-stream-9-x86_64 - centos-stream-9-aarch64 - centos-stream-10-x86_64 - centos-stream-10-aarch64 enable_net: true + - job: copr_build + trigger: pull_request + packages: [buildah-rhel] + notifications: *copr_build_failure_notification + targets: + - epel-9-x86_64 + - epel-9-aarch64 + enable_net: true + # Run on commit to main branch - job: copr_build trigger: commit @@ -94,38 +68,12 @@ jobs: project: podman-next enable_net: true - # Tests on Fedora for main branch PRs - - job: tests - trigger: pull_request - packages: [buildah-fedora] - targets: - - fedora-all-x86_64 - tf_extra_params: - environments: - - artifacts: - - type: repository-file - id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/fedora-$releasever/rhcontainerbot-podman-next-fedora-$releasever.repo - - # Ignore until golang is updated in distro buildroot to 1.23.3+ - # Tests on CentOS Stream for main branch PRs - - job: tests - trigger: ignore - packages: [buildah-centos] - targets: - - centos-stream-9-x86_64 - - centos-stream-10-x86_64 - tf_extra_params: - environments: - - artifacts: - - type: repository-file - id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/centos-stream-$releasever/rhcontainerbot-podman-next-centos-stream-$releasever.repo - # Sync to Fedora - job: propose_downstream trigger: release packages: [buildah-fedora] update_release: false - dist_git_branches: &fedora_targets + dist_git_branches: - fedora-all # Sync to CentOS Stream @@ -136,14 +84,12 @@ jobs: dist_git_branches: - c10s - # Fedora Koji build - job: koji_build trigger: commit - packages: [buildah-fedora] - sidetag_group: podman-releases - # Dependents are not rpm dependencies, but the package whose bodhi update - # should include this package. - # Ref: https://packit.dev/docs/fedora-releases-guide/releasing-multiple-packages - dependents: - - podman - dist_git_branches: *fedora_targets + dist_git_branches: + - fedora-all + + - job: bodhi_update + trigger: commit + dist_git_branches: + - fedora-branched # rawhide updates are created automatically diff --git a/README.packit b/README.packit index b4b46e3..4df53f3 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 1.12.0.post1.dev20+g7d30dac21. +The file was generated using packit 0.100.1. diff --git a/buildah.spec b/buildah.spec index 9751b59..c5e10b3 100644 --- a/buildah.spec +++ b/buildah.spec @@ -7,17 +7,19 @@ %global debug_package %{nil} %endif +# RHEL's default %%gobuild macro doesn't account for the BUILDTAGS variable, so we +# set it separately here and do not depend on RHEL's go-[s]rpm-macros package +# until that's fixed. +# c9s bz: https://bugzilla.redhat.com/show_bug.cgi?id=2227328 +# c8s bz: https://bugzilla.redhat.com/show_bug.cgi?id=2227331 +%if %{defined rhel} +%define gobuild(o:) go build -buildmode pie -compiler gc -tags="rpm_crashtraceback libtrust_openssl ${BUILDTAGS:-}" -ldflags "-linkmode=external -compressdwarf=false ${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags'" -a -v -x %{?**}; +%endif + %global gomodulesmode GO111MODULE=on -%if %{defined fedora} +%if 0%{defined fedora} %define build_with_btrfs 1 -%if 0%{?fedora} >= 43 -%define sequoia 1 -%endif -%endif - -%if %{defined rhel} -%define fips 1 %endif %global git0 https://github.com/containers/%{name} @@ -26,8 +28,6 @@ Name: buildah # Set different Epoch for copr %if %{defined copr_username} Epoch: 102 -%else -Epoch: 2 %endif # DO NOT TOUCH the Version string! # The TRUE source of this specfile is: @@ -35,7 +35,7 @@ Epoch: 2 # If that's what you're reading, Version must be 0, and will be updated by Packit for # copr and koji builds. # If you're reading this on dist-git, the version is automatically filled in by Packit. -Version: 1.42.2 +Version: 1.37.1 # The `AND` needs to be uppercase in the License for SPDX compatibility License: Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND ISC AND MIT AND MPL-2.0 Release: %autorelease @@ -59,11 +59,11 @@ BuildRequires: go-rpm-macros BuildRequires: gpgme-devel BuildRequires: libassuan-devel BuildRequires: make +BuildRequires: ostree-devel %if %{defined build_with_btrfs} BuildRequires: btrfs-progs-devel %endif BuildRequires: shadow-utils-subid-devel -BuildRequires: sqlite-devel Requires: containers-common-extra %if %{defined fedora} BuildRequires: libseccomp-static @@ -72,9 +72,6 @@ BuildRequires: libseccomp-devel %endif Requires: libseccomp >= 2.4.1-0 Suggests: cpp -%if %{defined sequoia} -Requires: podman-sequoia -%endif %description The %{name} package provides a command line tool which can be used to @@ -85,16 +82,12 @@ or * save container's root file system layer to create a new image * delete a working container or an image -# This subpackage is only intended for CI testing. -# Not meant for end user/customer usage. %package tests Summary: Tests for %{name} -Requires: %{name} = %{epoch}:%{version}-%{release} -%if %{defined bats_epel} +Requires: %{name} = %{version}-%{release} +%if %{defined fedora} Requires: bats -%else -Recommends: bats %endif Requires: bzip2 Requires: podman @@ -129,28 +122,15 @@ export CGO_CFLAGS+=" -m64 -mtune=generic -fcf-protection=full" export CNI_VERSION=`grep '^# github.com/containernetworking/cni ' src/modules.txt | sed 's,.* ,,'` export LDFLAGS="-X main.buildInfo=`date +%s` -X main.cniVersion=${CNI_VERSION}" -export BUILDTAGS="seccomp $(hack/systemd_tag.sh) $(hack/libsubid_tag.sh) libsqlite3" +export BUILDTAGS="seccomp exclude_graphdriver_devicemapper $(hack/systemd_tag.sh) $(hack/libsubid_tag.sh)" %if !%{defined build_with_btrfs} -export BUILDTAGS+=" exclude_graphdriver_btrfs" -%endif - -%if %{defined fips} -export BUILDTAGS+=" libtrust_openssl" -%endif - -%if %{defined sequoia} -export BUILDTAGS+=" containers_image_sequoia" +export BUILDTAGS+=" btrfs_noversion exclude_graphdriver_btrfs" %endif %gobuild -o bin/%{name} ./cmd/%{name} %gobuild -o bin/imgtype ./tests/imgtype %gobuild -o bin/copy ./tests/copy %gobuild -o bin/tutorial ./tests/tutorial -%gobuild -o bin/inet ./tests/inet -%gobuild -o bin/dumpspec ./tests/dumpspec -%gobuild -o bin/passwd ./tests/passwd -%gobuild -o bin/crash ./tests/crash -%gobuild -o bin/wait ./tests/wait %{__make} docs %install @@ -161,20 +141,12 @@ cp -pav tests/. %{buildroot}/%{_datadir}/%{name}/test/system cp bin/imgtype %{buildroot}/%{_bindir}/%{name}-imgtype cp bin/copy %{buildroot}/%{_bindir}/%{name}-copy cp bin/tutorial %{buildroot}/%{_bindir}/%{name}-tutorial -cp bin/inet %{buildroot}/%{_bindir}/%{name}-inet -cp bin/dumpspec %{buildroot}/%{_bindir}/%{name}-dumpspec -cp bin/passwd %{buildroot}/%{_bindir}/%{name}-passwd -cp bin/crash %{buildroot}/%{_bindir}/%{name}-crash -cp bin/wait %{buildroot}/%{_bindir}/%{name}-wait rm %{buildroot}%{_datadir}/%{name}/test/system/tools/build/* #define license tag if not already defined %{!?_licensedir:%global license %doc} -# Include check to silence rpmlint. -%check - %files %license LICENSE vendor/modules.txt %doc README.md @@ -189,12 +161,15 @@ rm %{buildroot}%{_datadir}/%{name}/test/system/tools/build/* %{_bindir}/%{name}-imgtype %{_bindir}/%{name}-copy %{_bindir}/%{name}-tutorial -%{_bindir}/%{name}-inet -%{_bindir}/%{name}-dumpspec -%{_bindir}/%{name}-passwd -%{_bindir}/%{name}-crash -%{_bindir}/%{name}-wait %{_datadir}/%{name}/test %changelog +%if %{defined autochangelog} %autochangelog +%else +# NOTE: This changelog will be visible on CentOS 8 Stream builds +# Other envs are capable of handling autochangelog +* Fri Jun 16 2023 RH Container Bot +- Placeholder changelog for envs that are not autochangelog-ready. +- Contact upstream if you need to report an issue with the build. +%endif diff --git a/gating.yaml b/gating.yaml index 1fb3172..c8a218f 100644 --- a/gating.yaml +++ b/gating.yaml @@ -1,16 +1,14 @@ --- !Policy product_versions: - fedora-* -decision_contexts: - - bodhi_update_push_stable - - bodhi_update_push_testing +decision_context: bodhi_update_push_stable subject_type: koji_build rules: - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} - --- !Policy product_versions: - - rhel-* -decision_context: osci_compose_gate + - fedora-* +decision_context: bodhi_update_push_testing +subject_type: koji_build rules: - - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional} + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} diff --git a/plans/main.fmf b/plans/main.fmf deleted file mode 100644 index b982e76..0000000 --- a/plans/main.fmf +++ /dev/null @@ -1,34 +0,0 @@ -discover: - how: fmf - -execute: - how: tmt - -prepare: - - when: distro == centos-stream or distro == rhel - how: shell - script: | - dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-$(rpm --eval '%{?rhel}').noarch.rpm - dnf -y config-manager --set-enabled epel - order: 10 - - when: initiator == packit - how: shell - script: | - COPR_REPO_FILE="/etc/yum.repos.d/*podman-next*.repo" - if compgen -G $COPR_REPO_FILE > /dev/null; then - sed -i -n '/^priority=/!p;$apriority=1' $COPR_REPO_FILE - fi - dnf -y upgrade --allowerasing - order: 20 - -provision: - how: artemis - hardware: - memory: ">= 16 GB" - cpu: - cores: ">= 4" - threads: ">=8" - disk: - - size: ">= 512 GB" - - diff --git a/sources b/sources index c210586..ebe2ecb 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v1.42.2.tar.gz) = adb1de700db9b589639f6fd02cad95d9bedacb9d0363838315f33c978a8c900570d55af95073992ff69cff4f2a9d18776c5d786af294aaa1604144580c957414 +SHA512 (v1.37.1.tar.gz) = b36dd0c9ccac399550232fe1b7024f8969fa9086efe9cdf8a8ed10ad3c3d3bad4095a7ac17ed41ccb670a781a975dea36f1ad99ba6ae15d7b2b4d728399c5e36 diff --git a/tests/test_buildah.sh b/tests/test_buildah.sh new file mode 100755 index 0000000..f8776bb --- /dev/null +++ b/tests/test_buildah.sh @@ -0,0 +1,69 @@ +#!/bin/bash -e + +# Log program and kernel versions +echo "Important package versions:" +( + uname -r + rpm -qa |\ + egrep 'buildah|podman|conmon|containers-common|crun|runc|iptable|slirp|aardvark|netavark|containernetworking-plugins|systemd|container-selinux' |\ + sort +) | sed -e 's/^/ /' + +# Log environment; or at least the useful bits +echo "Environment:" +env | grep -v LS_COLORS= | sort | sed -e 's/^/ /' + +export BUILDAH_BINARY=/usr/bin/buildah +export IMGTYPE_BINARY=/usr/bin/buildah-imgtype +export COPY_BINARY=/usr/bin/buildah-copy +export TUTORIAL_BINARY=/usr/bin/buildah-tutorial + +############################################################################### +# BEGIN setup/teardown + +# Start a registry +pre_bats_setup() { + REGISTRY_FQIN=quay.io/libpod/registry:2 + + AUTHDIR=/tmp/buildah-tests-auth.$$ + mkdir -p $AUTHDIR + + CERT=$AUTHDIR/domain.crt + if [ ! -e $CERT ]; then + openssl req -newkey rsa:4096 -nodes -sha256 \ + -keyout $AUTHDIR/domain.key -x509 -days 2 \ + -out $AUTHDIR/domain.crt \ + -subj "/C=US/ST=Foo/L=Bar/O=Red Hat, Inc./CN=registry host certificate" \ + -addext subjectAltName=DNS:localhost + fi + + if [ ! -e $AUTHDIR/htpasswd ]; then + htpasswd -Bbn testuser testpassword > $AUTHDIR/htpasswd + fi + + podman rm -f registry || true + podman run -d -p 5000:5000 \ + --name registry \ + -v $AUTHDIR:/auth:Z \ + -e "REGISTRY_AUTH=htpasswd" \ + -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \ + -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \ + -e REGISTRY_HTTP_TLS_CERTIFICATE=/auth/domain.crt \ + -e REGISTRY_HTTP_TLS_KEY=/auth/domain.key \ + $REGISTRY_FQIN +} + +post_bats_teardown() { + podman rm -f registry +} + +# END setup/teardown +############################################################################### +# BEGIN actual test + +pre_bats_setup +bats /usr/share/buildah/test/system +rc=$? +post_bats_teardown + +exit $rc diff --git a/tests/test_buildah.yml b/tests/test_buildah.yml new file mode 100644 index 0000000..8bb1ed0 --- /dev/null +++ b/tests/test_buildah.yml @@ -0,0 +1,17 @@ +--- +- hosts: localhost + environment: + TMPDIR: /var/tmp + roles: + - role: standard-test-basic + tags: + - classic + - container + required_packages: + - buildah + - buildah-tests + tests: + - root-test: + dir: ./ + run: ./test_buildah.sh + timeout: 80m diff --git a/tests/tests.yml b/tests/tests.yml new file mode 100644 index 0000000..596f735 --- /dev/null +++ b/tests/tests.yml @@ -0,0 +1 @@ +- import_playbook: test_buildah.yml diff --git a/tests/tmt/system.fmf b/tests/tmt/system.fmf deleted file mode 100644 index eb6b766..0000000 --- a/tests/tmt/system.fmf +++ /dev/null @@ -1,24 +0,0 @@ -require: - - buildah-tests - - git-daemon - - slirp4netns - -environment: - BUILDAH_BINARY: /usr/bin/buildah - IMGTYPE_BINARY: /usr/bin/buildah-imgtype - INET_BINARY: /usr/bin/buildah-inet - COPY_BINARY: /usr/bin/buildah-copy - TUTORIAL_BINARY: /usr/bin/buildah-tutorial - DUMPSPEC_BINARY: /usr/bin/buildah-dumpspec - PASSWD_BINARY: /usr/bin/buildah-passwd - TMPDIR: /var/tmp - -adjust: - - when: initiator != "packit" - environment+: - RELEASE_TESTING: true - -/local/root: - summary: System test - test: bash ./system.sh - duration: 60m diff --git a/tests/tmt/system.sh b/tests/tmt/system.sh deleted file mode 100644 index 73553aa..0000000 --- a/tests/tmt/system.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/usr/bin/env bash - -set -exo pipefail - -uname -r - -rpm -q \ - aardvark-dns \ - buildah \ - buildah-tests \ - conmon \ - container-selinux \ - containers-common \ - crun \ - netavark \ - systemd - -bats /usr/share/buildah/test/system