From b1e22dd31c9450f7444d242af7ab4a16ec2b65a6 Mon Sep 17 00:00:00 2001 From: Packit Date: Tue, 29 Aug 2023 21:06:35 +0000 Subject: [PATCH 01/38] [packit] 2.221.1 upstream release MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Upstream tag: v2.221.1 Upstream commit: bfb44d38 If you need to do any change in this pull request, you need to locally fetch the source branch of it and push it (with a fix) to your fork (as it is not possible to push to the branch created in the Packit’s fork): ``` git fetch https://src.fedoraproject.org/forks/packit/rpms/container-selinux.git refs/heads/*:refs/remotes/packit/* git checkout packit/2.221.1-rawhide-update-propose_downstream ``` --- .gitignore | 1 + README.packit | 2 +- container-selinux.spec | 2 +- sources | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 5e1ef4b..4d18507 100644 --- a/.gitignore +++ b/.gitignore @@ -216,3 +216,4 @@ /v2.219.0.tar.gz /v2.221.tar.gz /v2.221.0.tar.gz +/v2.221.1.tar.gz diff --git a/README.packit b/README.packit index d7c433c..797aefb 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 0.78.2.post2+g81828af. +The file was generated using packit 0.79.0.post2+g93f33d9. diff --git a/container-selinux.spec b/container-selinux.spec index 6eeab50..9c3efc3 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -33,7 +33,7 @@ Epoch: 2 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.221.0 +Version: 2.221.1 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index 38029d7..7ecf5ea 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.221.0.tar.gz) = 71e4bbc1507f9d04dd78c5881814c57b2138ed91ff474f0ce6db5da5e14ce848d7fe41952284b3525fb222eaf364dcc84efbb2f7641d78ac9abf5343e481be5d +SHA512 (v2.221.1.tar.gz) = 5ba0144812b4df7b5ef2480cdb1330f3aeae4781ee89d3342770cd301b3c8df764a144ca32f622a28adadeb9b973ede8008c23eacca51edec12d3882bceb2d9a From bbe8925300e5d15057835071cb325022e76f261a Mon Sep 17 00:00:00 2001 From: Packit Date: Sun, 17 Sep 2023 13:49:48 +0000 Subject: [PATCH 02/38] [packit] 2.222.0 upstream release Upstream tag: v2.222.0 Upstream commit: cbaa1ba7 --- .gitignore | 1 + README.packit | 2 +- container-selinux.spec | 2 +- sources | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 4d18507..16e4ef8 100644 --- a/.gitignore +++ b/.gitignore @@ -217,3 +217,4 @@ /v2.221.tar.gz /v2.221.0.tar.gz /v2.221.1.tar.gz +/v2.222.0.tar.gz diff --git a/README.packit b/README.packit index 797aefb..786c2a0 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 0.79.0.post2+g93f33d9. +The file was generated using packit 0.80.0.post8+gf2b5fcbc. diff --git a/container-selinux.spec b/container-selinux.spec index 9c3efc3..324451a 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -33,7 +33,7 @@ Epoch: 2 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.221.1 +Version: 2.222.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index 7ecf5ea..e18b4c0 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.221.1.tar.gz) = 5ba0144812b4df7b5ef2480cdb1330f3aeae4781ee89d3342770cd301b3c8df764a144ca32f622a28adadeb9b973ede8008c23eacca51edec12d3882bceb2d9a +SHA512 (v2.222.0.tar.gz) = f5475c4f0d99c0b594637d004b526f8c129e967ed93b558e11dbed772df958cd6967f0a3183ea02cd1c7ef941510b59e9ffdf1a1238ae6880c220466967d683a From 8252c641d9b1f9fc6d81b944d0cafec27e7fe483 Mon Sep 17 00:00:00 2001 From: Packit Date: Wed, 11 Oct 2023 11:09:33 +0000 Subject: [PATCH 03/38] [packit] 2.224.0 upstream release Upstream tag: v2.224.0 Upstream commit: 31e9f0bd --- .gitignore | 1 + .packit.yaml | 67 ++++++++++++++++++++++++++++++++++-------- README.packit | 2 +- container-selinux.spec | 2 +- sources | 2 +- 5 files changed, 59 insertions(+), 15 deletions(-) diff --git a/.gitignore b/.gitignore index 16e4ef8..a935d69 100644 --- a/.gitignore +++ b/.gitignore @@ -218,3 +218,4 @@ /v2.221.0.tar.gz /v2.221.1.tar.gz /v2.222.0.tar.gz +/v2.224.0.tar.gz diff --git a/.packit.yaml b/.packit.yaml index b4167a5..6f84a58 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -11,36 +11,79 @@ srpm_build_deps: jobs: - job: copr_build trigger: pull_request + notifications: + failure_comment: + message: "Ephemeral COPR build failed. @containers/packit-build please check." enable_net: true # container-selinux is noarch so we only need to test on one arch - targets: &pr_copr_targets + targets: - fedora-all - - centos-stream-9 - - centos-stream-8 + - fedora-eln + - epel-9 + - epel-8 # Run on commit to main branch + # Build targets managed in copr settings - job: copr_build trigger: commit + notifications: + failure_comment: + message: "podman-next COPR build failed. @containers/packit-build please check." branch: main owner: rhcontainerbot project: podman-next enable_net: true # All tests specified in the `/plans/` subdir - # FIXME: uncomment e2e tests after disk space issues resolved on testing farm - #- job: tests - # trigger: pull_request - # targets: *test_targets - # identifier: podman_e2e_test - # tmt_plan: "/plans/podman_e2e_test" - + # Podman e2e tests for Fedora and CentOS Stream - job: tests trigger: pull_request - # arch assumed to be x86_64 by default. - targets: *pr_copr_targets + notifications: + failure_comment: + message: "podman e2e tests failed. @containers/packit-build please check." + targets: &pr_test_targets + - fedora-all + - epel-9 + - epel-8 + identifier: podman_e2e_test + tmt_plan: "/plans/podman_e2e_test" + + # Podman system tests for Fedora and CentOS Stream + - job: tests + trigger: pull_request + notifications: + failure_comment: + message: "podman system tests failed. @containers/packit-build please check." + targets: *pr_test_targets identifier: podman_system_test tmt_plan: "/plans/podman_system_test" + # Podman e2e tests for RHEL + - job: tests + trigger: pull_request + use_internal_tf: true + notifications: + failure_comment: + message: "podman e2e tests failed on RHEL. @containers/packit-build please check." + targets: &pr_test_targets_rhel + epel-9-x86_64: + distros: [RHEL-9.2.0-Nightly] + epel-8-x86_64: + distros: [RHEL-8.10.0-Nightly] + identifier: podman_e2e_test_internal + tmt_plan: "/plans/podman_e2e_test" + + # Podman system tests for RHEL + - job: tests + trigger: pull_request + use_internal_tf: true + notifications: + failure_comment: + message: "podman system tests failed on RHEL. @containers/packit-build please check." + targets: *pr_test_targets_rhel + identifier: podman_system_test_internal + tmt_plan: "/plans/podman_system_test" + - job: propose_downstream trigger: release update_release: false diff --git a/README.packit b/README.packit index 786c2a0..327dfec 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 0.80.0.post8+gf2b5fcbc. +The file was generated using packit 0.83.0.post1.dev4+g46d87465. diff --git a/container-selinux.spec b/container-selinux.spec index 324451a..3c995a5 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -33,7 +33,7 @@ Epoch: 2 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.222.0 +Version: 2.224.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index e18b4c0..2eec748 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.222.0.tar.gz) = f5475c4f0d99c0b594637d004b526f8c129e967ed93b558e11dbed772df958cd6967f0a3183ea02cd1c7ef941510b59e9ffdf1a1238ae6880c220466967d683a +SHA512 (v2.224.0.tar.gz) = ab838c379aae99347c5d49ef84513c5fa1cd03faf1ab6b1dd4b6c571875c7c9df389abfb41ce0e2c2a57e14d11c47cbac85e2a6ad8004c2db6087849d91282aa From 4d552c672dbb5fc5c72929c9c7e3947e0ceedcd0 Mon Sep 17 00:00:00 2001 From: Packit Date: Thu, 30 Nov 2023 00:41:51 +0000 Subject: [PATCH 04/38] [packit] 2.226.0 upstream release Upstream tag: v2.226.0 Upstream commit: cff8553f --- .gitignore | 1 + .packit.yaml | 4 ++-- README.packit | 2 +- container-selinux.spec | 2 +- sources | 2 +- 5 files changed, 6 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index a935d69..e57030a 100644 --- a/.gitignore +++ b/.gitignore @@ -219,3 +219,4 @@ /v2.221.1.tar.gz /v2.222.0.tar.gz /v2.224.0.tar.gz +/v2.226.0.tar.gz diff --git a/.packit.yaml b/.packit.yaml index 6f84a58..0f6b9fd 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -67,9 +67,9 @@ jobs: message: "podman e2e tests failed on RHEL. @containers/packit-build please check." targets: &pr_test_targets_rhel epel-9-x86_64: - distros: [RHEL-9.2.0-Nightly] + distros: [RHEL-9.3.0-Nightly,RHEL-9.4.0-Nightly] epel-8-x86_64: - distros: [RHEL-8.10.0-Nightly] + distros: [RHEL-8.9.0-Nightly,RHEL-8.10.0-Nightly] identifier: podman_e2e_test_internal tmt_plan: "/plans/podman_e2e_test" diff --git a/README.packit b/README.packit index 327dfec..ef95206 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 0.83.0.post1.dev4+g46d87465. +The file was generated using packit 0.87.0. diff --git a/container-selinux.spec b/container-selinux.spec index 3c995a5..7f2ac48 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -33,7 +33,7 @@ Epoch: 2 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.224.0 +Version: 2.226.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index 2eec748..d6bc57a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.224.0.tar.gz) = ab838c379aae99347c5d49ef84513c5fa1cd03faf1ab6b1dd4b6c571875c7c9df389abfb41ce0e2c2a57e14d11c47cbac85e2a6ad8004c2db6087849d91282aa +SHA512 (v2.226.0.tar.gz) = 9decb066c62779336c22c027a2d3870c3dc1fe0afaa80ad59c4058c0030e0867352955d568e297f2258ba855a2be0d70c0d257cb64543b8726ff0755d63e95f8 From fce80f30080b39a96de5cd218482cd133eb1ff1a Mon Sep 17 00:00:00 2001 From: Packit Date: Thu, 21 Dec 2023 15:51:36 +0000 Subject: [PATCH 05/38] [packit] 2.227.0 upstream release Upstream tag: v2.227.0 Upstream commit: 289df825 --- .gitignore | 1 + README.packit | 2 +- container-selinux.spec | 2 +- sources | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index e57030a..a6ea623 100644 --- a/.gitignore +++ b/.gitignore @@ -220,3 +220,4 @@ /v2.222.0.tar.gz /v2.224.0.tar.gz /v2.226.0.tar.gz +/v2.227.0.tar.gz diff --git a/README.packit b/README.packit index ef95206..f27b296 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 0.87.0. +The file was generated using packit 0.87.1.post1.dev11+gd1f7091b. diff --git a/container-selinux.spec b/container-selinux.spec index 7f2ac48..0aa2346 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -33,7 +33,7 @@ Epoch: 2 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.226.0 +Version: 2.227.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index d6bc57a..3b13bad 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.226.0.tar.gz) = 9decb066c62779336c22c027a2d3870c3dc1fe0afaa80ad59c4058c0030e0867352955d568e297f2258ba855a2be0d70c0d257cb64543b8726ff0755d63e95f8 +SHA512 (v2.227.0.tar.gz) = 604f6e8be89efb1dc6b70596149ea8cdd36958125dc740e3468757e732d452dda8b786b7d593bff099fb80fada369e54118a6d9e3eff0cdae2c15ac22c4acf04 From c63e6813d94835abfb00f5035acc225a00d605be Mon Sep 17 00:00:00 2001 From: Packit Date: Thu, 11 Jan 2024 03:13:23 +0000 Subject: [PATCH 06/38] [packit] 2.228.0 upstream release Upstream tag: v2.228.0 Upstream commit: 48c2b45f --- .gitignore | 1 + README.packit | 2 +- container-selinux.spec | 3 ++- sources | 2 +- 4 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index a6ea623..5d86517 100644 --- a/.gitignore +++ b/.gitignore @@ -221,3 +221,4 @@ /v2.224.0.tar.gz /v2.226.0.tar.gz /v2.227.0.tar.gz +/v2.228.0.tar.gz diff --git a/README.packit b/README.packit index f27b296..8c508a5 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 0.87.1.post1.dev11+gd1f7091b. +The file was generated using packit 0.88.0. diff --git a/container-selinux.spec b/container-selinux.spec index 0aa2346..689dc58 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -33,7 +33,7 @@ Epoch: 2 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.227.0 +Version: 2.228.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} @@ -71,6 +71,7 @@ sed -i 's/^install: man/install:/' Makefile sed -i 's/watch watch_reads//' container.if sed -i 's/watch watch_reads//' container.te sed -i '/sysfs_t:dir watch/d' container.te +sed -i '/fifo_file watch/d' container.te %endif %if %{defined no_systemd_chat_resolved} diff --git a/sources b/sources index 3b13bad..56eb602 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.227.0.tar.gz) = 604f6e8be89efb1dc6b70596149ea8cdd36958125dc740e3468757e732d452dda8b786b7d593bff099fb80fada369e54118a6d9e3eff0cdae2c15ac22c4acf04 +SHA512 (v2.228.0.tar.gz) = b6dcfdc7044d491c15fe582af7cd2a653318ccb0d793556a7222620b5d3d1270d6d514cb9fae83d8f9e8300c5a3a8aee3c9bf69d68f8955b3f87cc20fb035f97 From f2ab676dc0792b449cd57867643be5c6688fff6c Mon Sep 17 00:00:00 2001 From: Packit Date: Thu, 18 Jan 2024 02:53:21 +0000 Subject: [PATCH 07/38] [packit] 2.228.1 upstream release Upstream tag: v2.228.1 Upstream commit: d733187b --- .gitignore | 1 + README.packit | 2 +- container-selinux.spec | 2 +- sources | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 5d86517..755ae26 100644 --- a/.gitignore +++ b/.gitignore @@ -222,3 +222,4 @@ /v2.226.0.tar.gz /v2.227.0.tar.gz /v2.228.0.tar.gz +/v2.228.1.tar.gz diff --git a/README.packit b/README.packit index 8c508a5..115b422 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 0.88.0. +The file was generated using packit 0.88.0.post1.dev4+gc070191b. diff --git a/container-selinux.spec b/container-selinux.spec index 689dc58..efca51a 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -33,7 +33,7 @@ Epoch: 2 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.228.0 +Version: 2.228.1 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index 56eb602..ebebf32 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.228.0.tar.gz) = b6dcfdc7044d491c15fe582af7cd2a653318ccb0d793556a7222620b5d3d1270d6d514cb9fae83d8f9e8300c5a3a8aee3c9bf69d68f8955b3f87cc20fb035f97 +SHA512 (v2.228.1.tar.gz) = d746a9d843c6bbe9cec0d7bb4ab7de4c791f12d82cc2f95aa52b225729d2a0933019a4d588d8b565e92aaaf04a0e967a5db3d50caded4b3f446bc122e841da03 From 0ad7a38c63a57d5ac351eae8dc6447f74bb13277 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 19 Jan 2024 16:07:41 +0000 Subject: [PATCH 08/38] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild From fb3dca68cbdc3f922256b63b7e82858dafb26d76 Mon Sep 17 00:00:00 2001 From: Packit Date: Mon, 22 Jan 2024 12:53:47 +0000 Subject: [PATCH 09/38] [packit] 2.229.0 upstream release Upstream tag: v2.229.0 Upstream commit: eac57925 --- .gitignore | 1 + container-selinux.spec | 2 +- sources | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 755ae26..ceb3a01 100644 --- a/.gitignore +++ b/.gitignore @@ -223,3 +223,4 @@ /v2.227.0.tar.gz /v2.228.0.tar.gz /v2.228.1.tar.gz +/v2.229.0.tar.gz diff --git a/container-selinux.spec b/container-selinux.spec index efca51a..70a34f3 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -33,7 +33,7 @@ Epoch: 2 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.228.1 +Version: 2.229.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index ebebf32..05ff519 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.228.1.tar.gz) = d746a9d843c6bbe9cec0d7bb4ab7de4c791f12d82cc2f95aa52b225729d2a0933019a4d588d8b565e92aaaf04a0e967a5db3d50caded4b3f446bc122e841da03 +SHA512 (v2.229.0.tar.gz) = 1341e0a6996d1ff2b06a0095f6720595f0775dff27f1f45702b3e03ea78f3b45708f55400b4dc8bfc4586efec4f72528512e8fbe461629a55a18936f8e6df30d From b0b9b555ec4a7c5785444b05cd0e09e339ccd535 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 24 Jan 2024 08:00:11 +0000 Subject: [PATCH 10/38] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild From a24e6afd78102261b06788feb2788c773a0066a0 Mon Sep 17 00:00:00 2001 From: Packit Date: Wed, 28 Feb 2024 15:07:51 +0000 Subject: [PATCH 11/38] [packit] 2.229.1 upstream release Upstream tag: v2.229.1 Upstream commit: a023e9ee --- .gitignore | 1 + README.packit | 2 +- container-selinux.spec | 2 +- sources | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index ceb3a01..dd028fd 100644 --- a/.gitignore +++ b/.gitignore @@ -224,3 +224,4 @@ /v2.228.0.tar.gz /v2.228.1.tar.gz /v2.229.0.tar.gz +/v2.229.1.tar.gz diff --git a/README.packit b/README.packit index 115b422..31341b6 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 0.88.0.post1.dev4+gc070191b. +The file was generated using packit 0.93.0. diff --git a/container-selinux.spec b/container-selinux.spec index 70a34f3..3372761 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -33,7 +33,7 @@ Epoch: 2 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.229.0 +Version: 2.229.1 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index 05ff519..9c53c37 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.229.0.tar.gz) = 1341e0a6996d1ff2b06a0095f6720595f0775dff27f1f45702b3e03ea78f3b45708f55400b4dc8bfc4586efec4f72528512e8fbe461629a55a18936f8e6df30d +SHA512 (v2.229.1.tar.gz) = 19a3434093c1e30ae4e09988169435489c054f5eb9e0fb2a6ddd511da1393340913abbc5d848da280dfff1b314b1ee88bdff8092e59c51da839ca8e0bead531e From f7ef46bd6be7b4993f3147cc52fadfd4449ee7b7 Mon Sep 17 00:00:00 2001 From: Packit Date: Sat, 2 Mar 2024 18:44:04 +0000 Subject: [PATCH 12/38] [packit] 2.230.0 upstream release Upstream tag: v2.230.0 Upstream commit: 5cec8532 --- .gitignore | 1 + container-selinux.spec | 2 +- sources | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index dd028fd..c22fbd6 100644 --- a/.gitignore +++ b/.gitignore @@ -225,3 +225,4 @@ /v2.228.1.tar.gz /v2.229.0.tar.gz /v2.229.1.tar.gz +/v2.230.0.tar.gz diff --git a/container-selinux.spec b/container-selinux.spec index 3372761..2aea4cd 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -33,7 +33,7 @@ Epoch: 2 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.229.1 +Version: 2.230.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index 9c53c37..17706d2 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.229.1.tar.gz) = 19a3434093c1e30ae4e09988169435489c054f5eb9e0fb2a6ddd511da1393340913abbc5d848da280dfff1b314b1ee88bdff8092e59c51da839ca8e0bead531e +SHA512 (v2.230.0.tar.gz) = 6534fb6e1360b6e64d6e49e674a976e711f42b8b75b0ad1dffb35f870e2ccf9fcfe38de5e4f695a7e2490c6fe880c36bb3c17c1510e4758d0d3aa877dea719a8 From 2d328af1cd85cfa3b228296f582709f5ba25dcf4 Mon Sep 17 00:00:00 2001 From: Packit Date: Wed, 24 Apr 2024 14:30:43 +0000 Subject: [PATCH 13/38] Update to 2.231.0 upstream release - Resolves: rhbz#2276827 Upstream tag: v2.231.0 Upstream commit: 5d983412 Commit authored by Packit automation (https://packit.dev/) --- .gitignore | 1 + .packit.yaml | 4 ++-- README.packit | 2 +- container-selinux.spec | 14 +++++++++++++- sources | 2 +- 5 files changed, 18 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index c22fbd6..07fedca 100644 --- a/.gitignore +++ b/.gitignore @@ -226,3 +226,4 @@ /v2.229.0.tar.gz /v2.229.1.tar.gz /v2.230.0.tar.gz +/v2.231.0.tar.gz diff --git a/.packit.yaml b/.packit.yaml index 0f6b9fd..b066cb5 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -67,9 +67,9 @@ jobs: message: "podman e2e tests failed on RHEL. @containers/packit-build please check." targets: &pr_test_targets_rhel epel-9-x86_64: - distros: [RHEL-9.3.0-Nightly,RHEL-9.4.0-Nightly] + distros: [RHEL-9.4.0-Nightly,RHEL-9-Nightly] epel-8-x86_64: - distros: [RHEL-8.9.0-Nightly,RHEL-8.10.0-Nightly] + distros: [RHEL-8.9.0-Nightly,RHEL-8-Nightly] identifier: podman_e2e_test_internal tmt_plan: "/plans/podman_e2e_test" diff --git a/README.packit b/README.packit index 31341b6..bee8d88 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 0.93.0. +The file was generated using packit 0.95.0. diff --git a/container-selinux.spec b/container-selinux.spec index 2aea4cd..87bd464 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -18,6 +18,14 @@ %global _selinux_policy_version 3.14.3-80.el8 %endif +# RHEL < 10 and Fedora < 40 use file context entries in /var/run +%if %{defined rhel} && 0%{?rhel} < 10 +%define legacy_var_run 1 +%endif +%if %{defined fedora} && 0%{?fedora} < 40 +%define legacy_var_run 1 +%endif + # https://github.com/containers/container-selinux/issues/203 %if %{!defined fedora} && %{!defined rhel} || %{defined fedora} && 0%{?fedora} <= 37 || %{defined rhel} && 0%{?rhel} <= 9 %define no_user_namespace 1 @@ -33,7 +41,7 @@ Epoch: 2 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.230.0 +Version: 2.231.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} @@ -82,6 +90,10 @@ sed -i '/^systemd_chat_resolved/d' container.te sed -i '/user_namespace/d' container.te %endif +%if %{defined legacy_var_run} +sed -i 's|^/run/|/var/run/|' container.fc +%endif + %build make diff --git a/sources b/sources index 17706d2..2755628 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.230.0.tar.gz) = 6534fb6e1360b6e64d6e49e674a976e711f42b8b75b0ad1dffb35f870e2ccf9fcfe38de5e4f695a7e2490c6fe880c36bb3c17c1510e4758d0d3aa877dea719a8 +SHA512 (v2.231.0.tar.gz) = 1e1cf48dda96e72330719ec6b679cbb832e002903c94afee3d3a4754196712026a050bbf619e9b0fdba6efbd1c56aaf1e687cd0436cc3386ac23d5b5a83f6352 From 7c08fffb11ed1d7a6315a587346670ac9c9c064d Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Mon, 20 May 2024 15:00:44 -0400 Subject: [PATCH 14/38] Attempt to use TMT plans Signed-off-by: Lokesh Mandvekar --- .fmf/version | 1 + gating.yaml | 8 +++++- plans/main.fmf | 54 +++++++++++++++++++++++++++++++++++++ plans/podman_e2e_test.sh | 32 ++++++++++++++++++++++ plans/podman_system_test.sh | 9 +++++++ 5 files changed, 103 insertions(+), 1 deletion(-) create mode 100644 .fmf/version create mode 100644 plans/main.fmf create mode 100644 plans/podman_e2e_test.sh create mode 100644 plans/podman_system_test.sh diff --git a/.fmf/version b/.fmf/version new file mode 100644 index 0000000..d00491f --- /dev/null +++ b/.fmf/version @@ -0,0 +1 @@ +1 diff --git a/gating.yaml b/gating.yaml index c2182c7..e15b02e 100644 --- a/gating.yaml +++ b/gating.yaml @@ -3,4 +3,10 @@ product_versions: - fedora-* decision_context: bodhi_update_push_stable rules: - - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} + #- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/podman_e2e_test_downstream.functional} + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/podman_system_test_downstream.functional} +product_versions: + - rhel-* +decision_context: osci_compose_gate +rules: [] diff --git a/plans/main.fmf b/plans/main.fmf new file mode 100644 index 0000000..17a055a --- /dev/null +++ b/plans/main.fmf @@ -0,0 +1,54 @@ +prepare+: + - name: Install bats + how: shell + script: | + BATS_VERSION=1.11.0 + curl -s -L -O https://github.com/bats-core/bats-core/archive/refs/tags/v$BATS_VERSION.tar.gz + tar zxf v$BATS_VERSION.tar.gz + cd bats-core-$BATS_VERSION + ./install.sh /usr + + # Install packages to run podman revdep tests + - how: install + package: + - golang + - podman + - podman-tests + +/podman_e2e_test_upstream: + summary: Run SELinux specific Podman e2e tests on upstream PRs + execute: + how: tmt + script: | + # Install podman-next copr and update from it + bash ./plans/repo_setup.sh + bash ./plans/podman_e2e_test.sh + adjust: + when: trigger == commit + +/podman_e2e_test_downstream: + summary: Run SELinux specific Podman e2e tests on downstream bodhi / errata + execute: + how: tmt + script: bash ./plans/podman_e2e_test.sh + adjust: + when: trigger == update + +/podman_system_test_upstream: + summary: Run SELinux specific Podman system tests on upstream PRs + execute: + how: tmt + script: | + # Install podman-next copr and update from it + bash ./plans/repo_setup.sh + bash ./plans/podman_system_test.sh + adjust: + when: trigger == commit + +/podman_system_test_downstream: + summary: Run SELinux specific Podman system tests on downstream bodhi / errata + execute: + how: tmt + script: bash ./plans/podman_system_test.sh + adjust: + when: trigger == update diff --git a/plans/podman_e2e_test.sh b/plans/podman_e2e_test.sh new file mode 100644 index 0000000..c2b5a27 --- /dev/null +++ b/plans/podman_e2e_test.sh @@ -0,0 +1,32 @@ +#!/usr/bin/env bash + +# Do not set -e as we want to work on all results of `rpm -q dnf[5]`. +set -xo pipefail + +cat /etc/redhat-release +rpm -q container-selinux golang podman + +# /tmp is often unsufficient +export TMPDIR=/var/tmp + +# dnf5 contains breaking changes +# Either of `dnf` OR `dnf5` will be installed, never both. +# To fetch srpm, dnf uses `--source`, dnf5 uses `--srpm`. +rpm -q dnf5 +if [[ $? -eq 0 ]]; then + SRPM_OPTS="--srpm" +else + SRPM_OPTS="--source" +fi + +# Fetch and extract latest podman source from the highest priority dnf repo +# NOTE: On upstream pull-requests, the srpm will be fetched from the +# podman-next copr while on bodhi updates, it will be fetched from Fedora's +# official repos. +dnf download $SRPM_OPTS podman +rpm2cpio podman*.src.rpm | cpio -di +tar zxf podman-*.tar.gz + +# Run podman e2e tests +cd podman-*/test/e2e +PODMAN_BINARY=/usr/bin/podman go test -v config.go config_amd64.go common_test.go libpod_suite_test.go run_selinux_test.go diff --git a/plans/podman_system_test.sh b/plans/podman_system_test.sh new file mode 100644 index 0000000..428145a --- /dev/null +++ b/plans/podman_system_test.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +set -exo pipefail + +cat /etc/redhat-release +rpm -q container-selinux podman podman-tests + +# Run podman system tests +bats /usr/share/podman/test/system/410-selinux.bats From 114bba5ebc94bfb6e8b1522d2e3e5677a70c5a87 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Mon, 20 May 2024 15:25:11 -0400 Subject: [PATCH 15/38] Reuse TMT tests: remove old STI tests Signed-off-by: Lokesh Mandvekar --- gating.yaml | 1 - plans/main.fmf | 1 + tests/tests.yml | 16 ---------------- 3 files changed, 1 insertion(+), 17 deletions(-) delete mode 100644 tests/tests.yml diff --git a/gating.yaml b/gating.yaml index e15b02e..d34f241 100644 --- a/gating.yaml +++ b/gating.yaml @@ -3,7 +3,6 @@ product_versions: - fedora-* decision_context: bodhi_update_push_stable rules: - #- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/podman_e2e_test_downstream.functional} - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/podman_system_test_downstream.functional} product_versions: diff --git a/plans/main.fmf b/plans/main.fmf index 17a055a..aeccfdf 100644 --- a/plans/main.fmf +++ b/plans/main.fmf @@ -12,6 +12,7 @@ prepare+: - how: install package: - golang + - iptables - podman - podman-tests diff --git a/tests/tests.yml b/tests/tests.yml deleted file mode 100644 index 552bdbb..0000000 --- a/tests/tests.yml +++ /dev/null @@ -1,16 +0,0 @@ -- hosts: localhost - tags: - - classic - roles: - - role: standard-test-basic - required_packages: - - policycoreutils - - container-selinux - - podman - tests: - - is-module-installed: - run: semodule --list=full | grep container - - can-rebuild-policy: - run: semodule -B - - can-run-podman: - run: podman run --rm quay.io/libpod/testimage:20210610 cat -v /proc/self/attr/current From 6548fb56c2be5e93a2e2b41e7fb031184bf90769 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Mon, 20 May 2024 15:52:00 -0400 Subject: [PATCH 16/38] TMT: use fmf to discover tests Signed-off-by: Lokesh Mandvekar --- gating.yaml | 3 +-- plans/main.fmf | 4 ++++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/gating.yaml b/gating.yaml index d34f241..2866434 100644 --- a/gating.yaml +++ b/gating.yaml @@ -3,8 +3,7 @@ product_versions: - fedora-* decision_context: bodhi_update_push_stable rules: - - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/podman_e2e_test_downstream.functional} - - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/podman_system_test_downstream.functional} + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} product_versions: - rhel-* decision_context: osci_compose_gate diff --git a/plans/main.fmf b/plans/main.fmf index aeccfdf..640f679 100644 --- a/plans/main.fmf +++ b/plans/main.fmf @@ -29,6 +29,8 @@ prepare+: /podman_e2e_test_downstream: summary: Run SELinux specific Podman e2e tests on downstream bodhi / errata + discover: + how: fmf execute: how: tmt script: bash ./plans/podman_e2e_test.sh @@ -48,6 +50,8 @@ prepare+: /podman_system_test_downstream: summary: Run SELinux specific Podman system tests on downstream bodhi / errata + discover: + how: fmf execute: how: tmt script: bash ./plans/podman_system_test.sh From 1012b5368e910a6dbe43067af18040f9fbf81e61 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Mon, 20 May 2024 16:13:42 -0400 Subject: [PATCH 17/38] fix gating.yaml Signed-off-by: Lokesh Mandvekar --- gating.yaml | 2 ++ plans/main.fmf | 21 +++++++++------------ 2 files changed, 11 insertions(+), 12 deletions(-) diff --git a/gating.yaml b/gating.yaml index 2866434..dbb1d91 100644 --- a/gating.yaml +++ b/gating.yaml @@ -4,6 +4,8 @@ product_versions: decision_context: bodhi_update_push_stable rules: - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} + +--- !Policy product_versions: - rhel-* decision_context: osci_compose_gate diff --git a/plans/main.fmf b/plans/main.fmf index 640f679..81c4835 100644 --- a/plans/main.fmf +++ b/plans/main.fmf @@ -1,3 +1,8 @@ +discover: + how: fmf +execute: + how: tmt + prepare+: - name: Install bats how: shell @@ -18,8 +23,7 @@ prepare+: /podman_e2e_test_upstream: summary: Run SELinux specific Podman e2e tests on upstream PRs - execute: - how: tmt + execute+: script: | # Install podman-next copr and update from it bash ./plans/repo_setup.sh @@ -29,18 +33,14 @@ prepare+: /podman_e2e_test_downstream: summary: Run SELinux specific Podman e2e tests on downstream bodhi / errata - discover: - how: fmf - execute: - how: tmt + execute+: script: bash ./plans/podman_e2e_test.sh adjust: when: trigger == update /podman_system_test_upstream: summary: Run SELinux specific Podman system tests on upstream PRs - execute: - how: tmt + execute+: script: | # Install podman-next copr and update from it bash ./plans/repo_setup.sh @@ -50,10 +50,7 @@ prepare+: /podman_system_test_downstream: summary: Run SELinux specific Podman system tests on downstream bodhi / errata - discover: - how: fmf - execute: - how: tmt + execute+: script: bash ./plans/podman_system_test.sh adjust: when: trigger == update From 66b85a8781ee41973c2167c58b1cdb29f4982629 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Tue, 21 May 2024 16:48:26 -0400 Subject: [PATCH 18/38] sync test plans from upstream --- .gitignore | 1 + .packit.yaml | 113 ++++++++++++++++++++++++------------ container-selinux.spec | 8 ++- plans/all.fmf | 20 +++++++ plans/main.fmf | 56 ------------------ plans/podman_e2e_test.sh | 32 ---------- plans/podman_system_test.sh | 9 --- sources | 2 +- test/Makefile | 23 ++++++++ test/main.fmf | 29 +++++++++ test/podman-tests.sh | 84 +++++++++++++++++++++++++++ 11 files changed, 238 insertions(+), 139 deletions(-) create mode 100644 plans/all.fmf delete mode 100644 plans/main.fmf delete mode 100644 plans/podman_e2e_test.sh delete mode 100644 plans/podman_system_test.sh create mode 100644 test/Makefile create mode 100644 test/main.fmf create mode 100644 test/podman-tests.sh diff --git a/.gitignore b/.gitignore index 07fedca..c48dcd9 100644 --- a/.gitignore +++ b/.gitignore @@ -227,3 +227,4 @@ /v2.229.1.tar.gz /v2.230.0.tar.gz /v2.231.0.tar.gz +/packit-tmt-bodhi-reuse.zip diff --git a/.packit.yaml b/.packit.yaml index b066cb5..9d0fa2f 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -2,16 +2,42 @@ # See the documentation for more information: # https://packit.dev/docs/configuration/ -specfile_path: rpm/container-selinux.spec +downstream_package_name: container-selinux upstream_tag_template: v{version} +# Ref: https://packit.dev/docs/configuration#files_to_sync +files_to_sync: + - src: rpm/gating.yaml + dest: gating.yaml + - src: plans/ + dest: plans/ + delete: true + - src: test/ + dest: test/ + delete: true + - src: .fmf/ + dest: .fmf/ + delete: true + - .packit.yaml + +packages: + container-selinux-fedora: + pkg_tool: fedpkg + specfile_path: rpm/container-selinux.spec + container-selinux-centos: + pkg_tool: centpkg + specfile_path: rpm/container-selinux.spec + container-selinux-rhel: + specfile_path: rpm/container-selinux.spec + srpm_build_deps: - make jobs: - job: copr_build trigger: pull_request - notifications: + packages: [container-selinux-fedora] + notifications: &copr_build_failure_notification failure_comment: message: "Ephemeral COPR build failed. @containers/packit-build please check." enable_net: true @@ -19,13 +45,29 @@ jobs: targets: - fedora-all - fedora-eln + + - job: copr_build + trigger: pull_request + packages: [container-selinux-centos] + notifications: *copr_build_failure_notification + enable_net: true + targets: + - centos-stream-9 + - centos-stream-10 + + - job: copr_build + trigger: pull_request + packages: [container-selinux-rhel] + notifications: *copr_build_failure_notification + enable_net: true + targets: - epel-9 - - epel-8 # Run on commit to main branch # Build targets managed in copr settings - job: copr_build trigger: commit + packages: [container-selinux-fedora] notifications: failure_comment: message: "podman-next COPR build failed. @containers/packit-build please check." @@ -35,67 +77,62 @@ jobs: enable_net: true # All tests specified in the `/plans/` subdir - # Podman e2e tests for Fedora and CentOS Stream + # Tests for Fedora - job: tests trigger: pull_request - notifications: + packages: [container-selinux-fedora] + notifications: &test_failure_notification failure_comment: - message: "podman e2e tests failed. @containers/packit-build please check." - targets: &pr_test_targets + message: "Tests failed. @containers/packit-build please check." + targets: - fedora-all - - epel-9 - - epel-8 - identifier: podman_e2e_test - tmt_plan: "/plans/podman_e2e_test" - # Podman system tests for Fedora and CentOS Stream + # Tests for CentOS Stream - job: tests trigger: pull_request - notifications: - failure_comment: - message: "podman system tests failed. @containers/packit-build please check." - targets: *pr_test_targets - identifier: podman_system_test - tmt_plan: "/plans/podman_system_test" + packages: [container-selinux-centos] + notifications: *test_failure_notification + targets: + - centos-stream-9 + - centos-stream-10 - # Podman e2e tests for RHEL + # Tests for RHEL - job: tests trigger: pull_request + packages: [container-selinux-rhel] use_internal_tf: true - notifications: - failure_comment: - message: "podman e2e tests failed on RHEL. @containers/packit-build please check." - targets: &pr_test_targets_rhel + notifications: *test_failure_notification + targets: epel-9-x86_64: distros: [RHEL-9.4.0-Nightly,RHEL-9-Nightly] - epel-8-x86_64: - distros: [RHEL-8.9.0-Nightly,RHEL-8-Nightly] - identifier: podman_e2e_test_internal - tmt_plan: "/plans/podman_e2e_test" - - # Podman system tests for RHEL - - job: tests - trigger: pull_request - use_internal_tf: true - notifications: - failure_comment: - message: "podman system tests failed on RHEL. @containers/packit-build please check." - targets: *pr_test_targets_rhel - identifier: podman_system_test_internal - tmt_plan: "/plans/podman_system_test" + # Use centos-stream-10 until we have epel-10 + # TODO: Enable after RHEL-10 gets selinux-policy >= 40.13.1 which is + # already on CentOS Stream 10. + #centos-stream-10-x86_64: + # distros: [RHEL-10-Beta-Nightly] - job: propose_downstream trigger: release update_release: false + packages: [container-selinux-fedora] dist_git_branches: - fedora-all + - job: propose_downstream + trigger: release + update_release: false + packages: [container-selinux-centos] + dist_git_branches: + - c10s + - job: koji_build trigger: commit + packages: [container-selinux-fedora] dist_git_branches: - fedora-all - job: bodhi_update trigger: commit + packages: [container-selinux-fedora] dist_git_branches: - fedora-branched # rawhide updates are created automatically diff --git a/container-selinux.spec b/container-selinux.spec index 87bd464..94c3b2c 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -44,9 +44,10 @@ Epoch: 2 Version: 2.231.0 Release: %autorelease License: GPL-2.0-only -URL: https://github.com/containers/%{name} +URL: https://github.com/lsm5/%{name} Summary: SELinux policies for container runtimes -Source0: %{url}/archive/v%{version}.tar.gz +#Source0: %%{url}/archive/v%%{version}.tar.gz +Source0: https://github.com/lsm5/container-selinux/archive/refs/heads/packit-tmt-bodhi-reuse.zip BuildArch: noarch BuildRequires: make BuildRequires: git-core @@ -70,7 +71,8 @@ Conflicts: k3s-selinux <= 0.4-1 SELinux policy modules for use with container runtimes. %prep -%autosetup -Sgit %{name}-%{version} +#%%autosetup -Sgit %%{name}-packit-tmt-bodhi-reuse +%setup -q -n %{name}-packit-tmt-bodhi-reuse sed -i 's/^man: install-policy/man:/' Makefile sed -i 's/^install: man/install:/' Makefile diff --git a/plans/all.fmf b/plans/all.fmf new file mode 100644 index 0000000..b6ec398 --- /dev/null +++ b/plans/all.fmf @@ -0,0 +1,20 @@ +discover: + how: fmf +execute: + how: tmt + +/upstream: + summary: Run SELinux specific Podman tests on upstream PRs + discover+: + filter: tag:upstream + adjust+: + enabled: false + when: initiator is not defined or initiator != packit + +/downstream: + summary: Run SELinux specific Podman e2e tests on bodhi / errata and dist-git PRs + discover+: + filter: tag:downstream + adjust+: + enabled: false + when: initiator == packit diff --git a/plans/main.fmf b/plans/main.fmf deleted file mode 100644 index 81c4835..0000000 --- a/plans/main.fmf +++ /dev/null @@ -1,56 +0,0 @@ -discover: - how: fmf -execute: - how: tmt - -prepare+: - - name: Install bats - how: shell - script: | - BATS_VERSION=1.11.0 - curl -s -L -O https://github.com/bats-core/bats-core/archive/refs/tags/v$BATS_VERSION.tar.gz - tar zxf v$BATS_VERSION.tar.gz - cd bats-core-$BATS_VERSION - ./install.sh /usr - - # Install packages to run podman revdep tests - - how: install - package: - - golang - - iptables - - podman - - podman-tests - -/podman_e2e_test_upstream: - summary: Run SELinux specific Podman e2e tests on upstream PRs - execute+: - script: | - # Install podman-next copr and update from it - bash ./plans/repo_setup.sh - bash ./plans/podman_e2e_test.sh - adjust: - when: trigger == commit - -/podman_e2e_test_downstream: - summary: Run SELinux specific Podman e2e tests on downstream bodhi / errata - execute+: - script: bash ./plans/podman_e2e_test.sh - adjust: - when: trigger == update - -/podman_system_test_upstream: - summary: Run SELinux specific Podman system tests on upstream PRs - execute+: - script: | - # Install podman-next copr and update from it - bash ./plans/repo_setup.sh - bash ./plans/podman_system_test.sh - adjust: - when: trigger == commit - -/podman_system_test_downstream: - summary: Run SELinux specific Podman system tests on downstream bodhi / errata - execute+: - script: bash ./plans/podman_system_test.sh - adjust: - when: trigger == update diff --git a/plans/podman_e2e_test.sh b/plans/podman_e2e_test.sh deleted file mode 100644 index c2b5a27..0000000 --- a/plans/podman_e2e_test.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/env bash - -# Do not set -e as we want to work on all results of `rpm -q dnf[5]`. -set -xo pipefail - -cat /etc/redhat-release -rpm -q container-selinux golang podman - -# /tmp is often unsufficient -export TMPDIR=/var/tmp - -# dnf5 contains breaking changes -# Either of `dnf` OR `dnf5` will be installed, never both. -# To fetch srpm, dnf uses `--source`, dnf5 uses `--srpm`. -rpm -q dnf5 -if [[ $? -eq 0 ]]; then - SRPM_OPTS="--srpm" -else - SRPM_OPTS="--source" -fi - -# Fetch and extract latest podman source from the highest priority dnf repo -# NOTE: On upstream pull-requests, the srpm will be fetched from the -# podman-next copr while on bodhi updates, it will be fetched from Fedora's -# official repos. -dnf download $SRPM_OPTS podman -rpm2cpio podman*.src.rpm | cpio -di -tar zxf podman-*.tar.gz - -# Run podman e2e tests -cd podman-*/test/e2e -PODMAN_BINARY=/usr/bin/podman go test -v config.go config_amd64.go common_test.go libpod_suite_test.go run_selinux_test.go diff --git a/plans/podman_system_test.sh b/plans/podman_system_test.sh deleted file mode 100644 index 428145a..0000000 --- a/plans/podman_system_test.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/env bash - -set -exo pipefail - -cat /etc/redhat-release -rpm -q container-selinux podman podman-tests - -# Run podman system tests -bats /usr/share/podman/test/system/410-selinux.bats diff --git a/sources b/sources index 2755628..be5f9f2 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.231.0.tar.gz) = 1e1cf48dda96e72330719ec6b679cbb832e002903c94afee3d3a4754196712026a050bbf619e9b0fdba6efbd1c56aaf1e687cd0436cc3386ac23d5b5a83f6352 +SHA512 (packit-tmt-bodhi-reuse.zip) = 91d25cd7fd97710c2ff1f1330f4f6d25d6ab0e7d17b05e956bb5975bbca9ba72c35276e4a5cd10163838b9ba84e5e30cb868715cbeb5fead6acb98a1697e0eac diff --git a/test/Makefile b/test/Makefile new file mode 100644 index 0000000..083ca93 --- /dev/null +++ b/test/Makefile @@ -0,0 +1,23 @@ +.PHONY: basic_check +basic_check: + semodule --list=full | grep container + semodule -B + +.PHONY: podman_e2e_test_upstream +podman_e2e_test_upstream: + bash ./podman-tests.sh e2e upstream + +.PHONY: podman_e2e_test_downstream +podman_e2e_test_downstream: + bash ./podman-tests.sh e2e downstream + +.PHONY: podman_system_test_upstream +podman_system_test_upstream: + bash ./podman-tests.sh system upstream + +.PHONY: podman_system_test_downstream +podman_system_test_downstream: + bash ./podman-tests.sh system downstream + +clean: + rm -rf podman-*dev* podman.spec diff --git a/test/main.fmf b/test/main.fmf new file mode 100644 index 0000000..6543521 --- /dev/null +++ b/test/main.fmf @@ -0,0 +1,29 @@ +# Only common dependencies that are NOT required to run podman-tests.sh are +# specified here. Everything else is in podman-tests.sh. +require: + - cpio + - make + - policycoreutils + +/basic_check: + summary: Run basic checks + tag: [ upstream, downstream ] + test: make basic_check + +/upstream: + tag: upstream +/upstream/podman_e2e_test: + summary: Run SELinux specific Podman e2e tests on upstream PRs + test: make podman_e2e_test_upstream +/upstream/podman_system_test: + summary: Run SELinux specific Podman system tests on upstream PRs + test: make podman_system_test_upstream + +/downstream: + tag: downstream +/downstream/podman_e2e_test: + summary: Run SELinux specific Podman e2e tests on downstream bodhi / errata and dist-git PRs + test: make podman_e2e_test_downstream +/downstream/podman_system_test: + summary: Run SELinux specific Podman system tests on downstream bodhi / errata and dist-git PRs + test: make podman_system_test_downstream diff --git a/test/podman-tests.sh b/test/podman-tests.sh new file mode 100644 index 0000000..0ff881e --- /dev/null +++ b/test/podman-tests.sh @@ -0,0 +1,84 @@ +#!/usr/bin/env bash + +# Do not set -e as we want to work on all results of `rpm -q dnf[5]`. +set -exo pipefail + +if [ "$(id -u)" -ne 0 ];then + echo "Please run this script as superuser" + exit 1 +fi + +if [[ $1 == '' ]]; then + echo -e "Usage: podman-tests.sh TEST_TYPE STREAM\nTEST_TYPE can be 'e2e' or 'system'\nSTREAM can be 'upstream' or 'downstream'" + exit 1 +fi + +# `rhel` macro exists on RHEL, CentOS Stream, and Fedora ELN +# `centos` macro exists only on CentOS Stream +CENTOS_VERSION=$(rpm --eval '%{?centos}') +RHEL_VERSION=$(rpm --eval '%{?rhel}') + +# For upstream tests, we need to test with podman and other packages from the +# podman-next copr. For downstream tests (bodhi, errata), we don't need any +# additional setup +if [[ $2 == "upstream" ]]; then + # Use CentOS Stream 10 copr target for RHEL-10 until EPEL 10 becomes + # available + if [[ -n $CENTOS_VERSION || $RHEL_VERSION -ge 10 ]]; then + dnf -y copr enable rhcontainerbot/podman-next centos-stream-$CENTOS_VERSION + else + dnf -y copr enable rhcontainerbot/podman-next + fi + echo "priority=5" >> /etc/yum.repos.d/_copr:copr.fedorainfracloud.org:rhcontainerbot:podman-next.repo +fi + +# Remove testing-farm repos if they exist +rm -f /etc/yum.repos.d/tag-repository.repo + +# Install common dependencies for tests +dnf -y install podman + +cat /etc/redhat-release +rpm -q container-selinux podman + +if [[ $1 == "e2e" ]]; then + # Install dependencies for tests + dnf -y install golang + rpm -q golang + + # /tmp is often unsufficient + export TMPDIR=/var/tmp + + # dnf5 contains breaking changes + # Either of `dnf` OR `dnf5` will be installed, never both. + # To fetch srpm, dnf uses `--source`, dnf5 uses `--srpm`. + rpm -q dnf5 && SRPM_OPTS="--srpm" || SRPM_OPTS="--source" + + # Fetch and extract latest podman source from the highest priority dnf repo + # NOTE: On upstream pull-requests, the srpm will be fetched from the + # podman-next copr while on bodhi updates, it will be fetched from Fedora's + # official repos. + dnf download $SRPM_OPTS podman + rpm2cpio podman*.src.rpm | cpio -di + tar zxf *.tar.gz + + # Run podman e2e tests + cd podman-*/test/e2e + PODMAN_BINARY=/usr/bin/podman go test -v config.go config_amd64.go common_test.go libpod_suite_test.go run_selinux_test.go +fi + +if [[ $1 == "system" ]]; then + # Enable EPEL to fetch bats + if [[ -n $(rpm --eval '%{?rhel}') ]]; then + # Until EPEL 10 is available use epel-9 for all RHEL and CentOS Stream + dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm + sed -i 's/$releasever/9/g' /etc/yum.repos.d/epel.repo + fi + + # Install test dependencies + dnf -y install bats podman-tests + rpm -q bats podman-tests + + # Run podman system tests + bats /usr/share/podman/test/system/410-selinux.bats +fi From 8377dcb72ba4c889ac241728b01ee1d98effd42e Mon Sep 17 00:00:00 2001 From: Packit Date: Mon, 10 Jun 2024 17:32:34 +0000 Subject: [PATCH 19/38] Update to 2.232.1 upstream release Upstream tag: v2.232.1 Upstream commit: 4ff1a398 Commit authored by Packit automation (https://packit.dev/) --- .gitignore | 1 + .packit.yaml | 2 - README.packit | 2 +- container-selinux.spec | 43 ++++++-------------- sources | 2 +- test/podman-tests.sh | 92 +++++++++++++++++++++++++----------------- 6 files changed, 72 insertions(+), 70 deletions(-) diff --git a/.gitignore b/.gitignore index c48dcd9..a973481 100644 --- a/.gitignore +++ b/.gitignore @@ -228,3 +228,4 @@ /v2.230.0.tar.gz /v2.231.0.tar.gz /packit-tmt-bodhi-reuse.zip +/v2.232.1.tar.gz diff --git a/.packit.yaml b/.packit.yaml index 9d0fa2f..4b6cb92 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -113,14 +113,12 @@ jobs: - job: propose_downstream trigger: release - update_release: false packages: [container-selinux-fedora] dist_git_branches: - fedora-all - job: propose_downstream trigger: release - update_release: false packages: [container-selinux-centos] dist_git_branches: - c10s diff --git a/README.packit b/README.packit index bee8d88..d2b528d 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 0.95.0. +The file was generated using packit 0.97.1.post1.dev6+gc8c0314a. diff --git a/container-selinux.spec b/container-selinux.spec index 94c3b2c..a56b428 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -11,29 +11,24 @@ # Format must contain '$x' somewhere to do anything useful %global _format() export %1=""; for x in %{modulenames}; do %1+=%2; %1+=" "; done; -# RHEL 8 doesn't allow watch and systemd_chat_resolved -%if %{defined rhel} && 0%{?rhel} == 8 -%define no_watch 1 -%define no_systemd_chat_resolved 1 -%global _selinux_policy_version 3.14.3-80.el8 -%endif - # RHEL < 10 and Fedora < 40 use file context entries in /var/run -%if %{defined rhel} && 0%{?rhel} < 10 -%define legacy_var_run 1 -%endif -%if %{defined fedora} && 0%{?fedora} < 40 +%if %{defined rhel} && 0%{?rhel} < 10 || %{defined fedora} && 0%{?fedora} < 40 %define legacy_var_run 1 %endif # https://github.com/containers/container-selinux/issues/203 -%if %{!defined fedora} && %{!defined rhel} || %{defined fedora} && 0%{?fedora} <= 37 || %{defined rhel} && 0%{?rhel} <= 9 +%if %{!defined fedora} && %{!defined rhel} || %{defined rhel} && 0%{?rhel} <= 9 %define no_user_namespace 1 %endif +# copr_build is more intuitive than copr_username +%if %{defined copr_username} +%define copr_build 1 +%endif + Name: container-selinux # Set different Epochs for copr and koji -%if %{defined copr_username} +%if %{defined copr_build} Epoch: 102 %else Epoch: 2 @@ -41,13 +36,12 @@ Epoch: 2 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.231.0 +Version: 2.232.1 Release: %autorelease License: GPL-2.0-only -URL: https://github.com/lsm5/%{name} +URL: https://github.com/containers/%{name} Summary: SELinux policies for container runtimes -#Source0: %%{url}/archive/v%%{version}.tar.gz -Source0: https://github.com/lsm5/container-selinux/archive/refs/heads/packit-tmt-bodhi-reuse.zip +Source0: %{url}/archive/v%{version}.tar.gz BuildArch: noarch BuildRequires: make BuildRequires: git-core @@ -71,23 +65,11 @@ Conflicts: k3s-selinux <= 0.4-1 SELinux policy modules for use with container runtimes. %prep -#%%autosetup -Sgit %%{name}-packit-tmt-bodhi-reuse -%setup -q -n %{name}-packit-tmt-bodhi-reuse +%autosetup -Sgit %{name}-%{version} sed -i 's/^man: install-policy/man:/' Makefile sed -i 's/^install: man/install:/' Makefile -%if %{defined no_watch} -sed -i 's/watch watch_reads//' container.if -sed -i 's/watch watch_reads//' container.te -sed -i '/sysfs_t:dir watch/d' container.te -sed -i '/fifo_file watch/d' container.te -%endif - -%if %{defined no_systemd_chat_resolved} -sed -i '/^systemd_chat_resolved/d' container.te -%endif - %if %{defined no_user_namespace} sed -i '/user_namespace/d' container.te %endif @@ -140,6 +122,7 @@ fi %{_datadir}/selinux/* %dir %{_datadir}/containers/selinux %{_datadir}/containers/selinux/contexts +%dir %{_datadir}/udica %dir %{_datadir}/udica/templates/ %{_datadir}/udica/templates/* # Ref: https://bugzilla.redhat.com/show_bug.cgi?id=2209120 diff --git a/sources b/sources index be5f9f2..07ddcc7 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (packit-tmt-bodhi-reuse.zip) = 91d25cd7fd97710c2ff1f1330f4f6d25d6ab0e7d17b05e956bb5975bbca9ba72c35276e4a5cd10163838b9ba84e5e30cb868715cbeb5fead6acb98a1697e0eac +SHA512 (v2.232.1.tar.gz) = babaf5f65b639493482392674717284574859e4bbb03e897843265708f4f5cceeb260712cdff09771076d99c18aa89718c0e95dc33839e72e809de9e80079ae2 diff --git a/test/podman-tests.sh b/test/podman-tests.sh index 0ff881e..50a29e2 100644 --- a/test/podman-tests.sh +++ b/test/podman-tests.sh @@ -1,18 +1,20 @@ #!/usr/bin/env bash -# Do not set -e as we want to work on all results of `rpm -q dnf[5]`. set -exo pipefail -if [ "$(id -u)" -ne 0 ];then - echo "Please run this script as superuser" +if [[ "$(id -u)" -ne 0 ]];then + echo "Please run as superuser" exit 1 fi -if [[ $1 == '' ]]; then +if [[ -z "$1" ]]; then echo -e "Usage: podman-tests.sh TEST_TYPE STREAM\nTEST_TYPE can be 'e2e' or 'system'\nSTREAM can be 'upstream' or 'downstream'" exit 1 fi +TEST_TYPE=$1 +STREAM=$2 + # `rhel` macro exists on RHEL, CentOS Stream, and Fedora ELN # `centos` macro exists only on CentOS Stream CENTOS_VERSION=$(rpm --eval '%{?centos}') @@ -21,7 +23,7 @@ RHEL_VERSION=$(rpm --eval '%{?rhel}') # For upstream tests, we need to test with podman and other packages from the # podman-next copr. For downstream tests (bodhi, errata), we don't need any # additional setup -if [[ $2 == "upstream" ]]; then +if [[ "$STREAM" == "upstream" ]]; then # Use CentOS Stream 10 copr target for RHEL-10 until EPEL 10 becomes # available if [[ -n $CENTOS_VERSION || $RHEL_VERSION -ge 10 ]]; then @@ -32,53 +34,71 @@ if [[ $2 == "upstream" ]]; then echo "priority=5" >> /etc/yum.repos.d/_copr:copr.fedorainfracloud.org:rhcontainerbot:podman-next.repo fi -# Remove testing-farm repos if they exist +# Remove testing-farm repos if they exist as these interfere with the packages +# we want to install, especially when podman-next copr is involved rm -f /etc/yum.repos.d/tag-repository.repo -# Install common dependencies for tests -dnf -y install podman +# Fetch and extract latest podman source from the highest priority dnf repo +# NOTE: On upstream pull-requests, the srpm will be fetched from the +# podman-next copr while on bodhi updates, it will be fetched from Fedora's +# official repos. +PODMAN_DIR=$(mktemp -d) +pushd $PODMAN_DIR +# Download podman and podman-tests rpms, along with podman srpm +dnf download podman podman-tests +# Download srpm, srpm opts differ between dnf and dnf5 +rpm -q dnf5 && dnf download --srpm podman || dnf download --source podman + +# Ensure podman-tests RPM and podman SRPM version-release match +# NOTE: podman RPM and podman-tests RPM matching is ensured by podman.spec so +# matching podman-tests and podman srpm is sufficient here. +PODMAN_TESTS_VERSION=$(ls podman-tests* | sed -e "s/.$(uname -m).rpm//" -e "s/podman-tests-//") +PODMAN_SRPM_VERSION=$(ls podman*.src.rpm | sed -e "s/.src.rpm//" -e "s/podman-//") +if [[ "$PODMAN_TESTS_VERSION" != "$PODMAN_SRPM_VERSION" ]]; then + echo "podman-tests and podman srpm version-release don't match" + exit 1 +fi + +# Install downloaded podman and podman-tests rpms +dnf -y install ./podman*.$(uname -m).rpm + +# Extract and untar podman source from srpm +rpm2cpio $(ls podman*.src.rpm) | cpio -di +tar zxf *.tar.gz + +popd + +# Enable EPEL on RHEL/CentOS Stream envs to fetch bats +if [[ -n $(rpm --eval '%{?rhel}') ]]; then + # Until EPEL 10 is available use epel-9 for all RHEL and CentOS Stream + dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm + sed -i 's/$releasever/9/g' /etc/yum.repos.d/epel.repo +fi + +# Install dependencies for running tests +dnf -y install bats golang + +# Print versions of distro and installed packages cat /etc/redhat-release -rpm -q container-selinux podman - -if [[ $1 == "e2e" ]]; then - # Install dependencies for tests - dnf -y install golang - rpm -q golang +rpm -q bats container-selinux golang podman podman-tests selinux-policy +if [[ "$TEST_TYPE" == "e2e" ]]; then # /tmp is often unsufficient export TMPDIR=/var/tmp # dnf5 contains breaking changes # Either of `dnf` OR `dnf5` will be installed, never both. # To fetch srpm, dnf uses `--source`, dnf5 uses `--srpm`. - rpm -q dnf5 && SRPM_OPTS="--srpm" || SRPM_OPTS="--source" - - # Fetch and extract latest podman source from the highest priority dnf repo - # NOTE: On upstream pull-requests, the srpm will be fetched from the - # podman-next copr while on bodhi updates, it will be fetched from Fedora's - # official repos. - dnf download $SRPM_OPTS podman - rpm2cpio podman*.src.rpm | cpio -di - tar zxf *.tar.gz + #rpm -q dnf5 && SRPM_OPTS="--srpm" || SRPM_OPTS="--source" # Run podman e2e tests - cd podman-*/test/e2e + pushd $PODMAN_DIR/podman-*/test/e2e PODMAN_BINARY=/usr/bin/podman go test -v config.go config_amd64.go common_test.go libpod_suite_test.go run_selinux_test.go + popd fi -if [[ $1 == "system" ]]; then - # Enable EPEL to fetch bats - if [[ -n $(rpm --eval '%{?rhel}') ]]; then - # Until EPEL 10 is available use epel-9 for all RHEL and CentOS Stream - dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm - sed -i 's/$releasever/9/g' /etc/yum.repos.d/epel.repo - fi - - # Install test dependencies - dnf -y install bats podman-tests - rpm -q bats podman-tests - +if [[ "$TEST_TYPE" == "system" ]]; then # Run podman system tests bats /usr/share/podman/test/system/410-selinux.bats fi From 1d88ecfc5671417f42184cb232192e8c188f0a08 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 17 Jul 2024 19:56:23 +0000 Subject: [PATCH 20/38] Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild From b4ebc80e865c58cb49c63fb12b4659b125cf5dc8 Mon Sep 17 00:00:00 2001 From: Packit Date: Wed, 11 Sep 2024 14:00:39 +0000 Subject: [PATCH 21/38] Update to 2.233.0 upstream release Upstream tag: v2.233.0 Upstream commit: cc5da8a9 Commit authored by Packit automation (https://packit.dev/) --- .gitignore | 1 + .packit.yaml | 29 ++++++++++++++++++++--------- README.packit | 2 +- container-selinux.spec | 2 +- plans/all.fmf | 2 +- sources | 2 +- test/Makefile | 20 ++++++-------------- test/main.fmf | 26 +++++++++----------------- test/podman-tests.sh | 33 ++++----------------------------- 9 files changed, 44 insertions(+), 73 deletions(-) diff --git a/.gitignore b/.gitignore index a973481..d168437 100644 --- a/.gitignore +++ b/.gitignore @@ -229,3 +229,4 @@ /v2.231.0.tar.gz /packit-tmt-bodhi-reuse.zip /v2.232.1.tar.gz +/v2.233.0.tar.gz diff --git a/.packit.yaml b/.packit.yaml index 4b6cb92..2f048d0 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -9,6 +9,7 @@ upstream_tag_template: v{version} files_to_sync: - src: rpm/gating.yaml dest: gating.yaml + delete: true - src: plans/ dest: plans/ delete: true @@ -51,7 +52,7 @@ jobs: packages: [container-selinux-centos] notifications: *copr_build_failure_notification enable_net: true - targets: + targets: ¢os_targets - centos-stream-9 - centos-stream-10 @@ -86,15 +87,23 @@ jobs: message: "Tests failed. @containers/packit-build please check." targets: - fedora-all + tf_extra_params: + environments: + - artifacts: + - type: repository-file + id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/fedora-$releasever/rhcontainerbot-podman-next-fedora-$releasever.repo # Tests for CentOS Stream - job: tests trigger: pull_request packages: [container-selinux-centos] notifications: *test_failure_notification - targets: - - centos-stream-9 - - centos-stream-10 + targets: *centos_targets + tf_extra_params: + environments: + - artifacts: + - type: repository-file + id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/centos-stream-$releasever/rhcontainerbot-podman-next-centos-stream-$releasever.repo # Tests for RHEL - job: tests @@ -105,11 +114,13 @@ jobs: targets: epel-9-x86_64: distros: [RHEL-9.4.0-Nightly,RHEL-9-Nightly] - # Use centos-stream-10 until we have epel-10 - # TODO: Enable after RHEL-10 gets selinux-policy >= 40.13.1 which is - # already on CentOS Stream 10. - #centos-stream-10-x86_64: - # distros: [RHEL-10-Beta-Nightly] + tf_extra_params: + environments: + - artifacts: + - type: repository-file + id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/epel-$releasever/rhcontainerbot-podman-next-epel-$releasever.repo + - type: repository-file + id: https://src.fedoraproject.org/rpms/epel-release/raw/epel9/f/epel.repo - job: propose_downstream trigger: release diff --git a/README.packit b/README.packit index d2b528d..459869a 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 0.97.1.post1.dev6+gc8c0314a. +The file was generated using packit 0.101.0. diff --git a/container-selinux.spec b/container-selinux.spec index a56b428..cc61060 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -36,7 +36,7 @@ Epoch: 2 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.232.1 +Version: 2.233.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/plans/all.fmf b/plans/all.fmf index b6ec398..9e0d10b 100644 --- a/plans/all.fmf +++ b/plans/all.fmf @@ -12,7 +12,7 @@ execute: when: initiator is not defined or initiator != packit /downstream: - summary: Run SELinux specific Podman e2e tests on bodhi / errata and dist-git PRs + summary: Run SELinux specific Podman tests on bodhi / errata and dist-git PRs discover+: filter: tag:downstream adjust+: diff --git a/sources b/sources index 07ddcc7..e8e9fbc 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.232.1.tar.gz) = babaf5f65b639493482392674717284574859e4bbb03e897843265708f4f5cceeb260712cdff09771076d99c18aa89718c0e95dc33839e72e809de9e80079ae2 +SHA512 (v2.233.0.tar.gz) = f79380a3312cb57953bc1286ba7dcdbf29ab95ce72de79c5bac1eb6c4401d2bcb0c9875802c7198a9680af19affb34170581c609180408b21cc27cf680c3feb4 diff --git a/test/Makefile b/test/Makefile index 083ca93..5fee1ea 100644 --- a/test/Makefile +++ b/test/Makefile @@ -3,21 +3,13 @@ basic_check: semodule --list=full | grep container semodule -B -.PHONY: podman_e2e_test_upstream -podman_e2e_test_upstream: - bash ./podman-tests.sh e2e upstream +.PHONY: podman_e2e_test +podman_e2e_test: + bash ./podman-tests.sh e2e -.PHONY: podman_e2e_test_downstream -podman_e2e_test_downstream: - bash ./podman-tests.sh e2e downstream - -.PHONY: podman_system_test_upstream -podman_system_test_upstream: - bash ./podman-tests.sh system upstream - -.PHONY: podman_system_test_downstream -podman_system_test_downstream: - bash ./podman-tests.sh system downstream +.PHONY: podman_system_test +podman_system_test: + bash ./podman-tests.sh system clean: rm -rf podman-*dev* podman.spec diff --git a/test/main.fmf b/test/main.fmf index 6543521..8c30075 100644 --- a/test/main.fmf +++ b/test/main.fmf @@ -6,24 +6,16 @@ require: - policycoreutils /basic_check: - summary: Run basic checks tag: [ upstream, downstream ] + summary: Run basic checks test: make basic_check -/upstream: - tag: upstream -/upstream/podman_e2e_test: - summary: Run SELinux specific Podman e2e tests on upstream PRs - test: make podman_e2e_test_upstream -/upstream/podman_system_test: - summary: Run SELinux specific Podman system tests on upstream PRs - test: make podman_system_test_upstream +/podman_e2e_test: + tag: [ upstream, downstream ] + summary: Run SELinux specific Podman e2e tests + test: make podman_e2e_test -/downstream: - tag: downstream -/downstream/podman_e2e_test: - summary: Run SELinux specific Podman e2e tests on downstream bodhi / errata and dist-git PRs - test: make podman_e2e_test_downstream -/downstream/podman_system_test: - summary: Run SELinux specific Podman system tests on downstream bodhi / errata and dist-git PRs - test: make podman_system_test_downstream +/podman_system_test: + tag: [ upstream, downstream ] + summary: Run SELinux specific Podman system tests + test: make podman_system_test diff --git a/test/podman-tests.sh b/test/podman-tests.sh index 50a29e2..b758cc8 100644 --- a/test/podman-tests.sh +++ b/test/podman-tests.sh @@ -2,37 +2,19 @@ set -exo pipefail +cat /etc/redhat-release + if [[ "$(id -u)" -ne 0 ]];then echo "Please run as superuser" exit 1 fi if [[ -z "$1" ]]; then - echo -e "Usage: podman-tests.sh TEST_TYPE STREAM\nTEST_TYPE can be 'e2e' or 'system'\nSTREAM can be 'upstream' or 'downstream'" + echo -e "Usage: $(basename ${BASH_SOURCE[0]}) TEST_TYPE\nTEST_TYPE can be 'e2e' or 'system'\n" exit 1 fi TEST_TYPE=$1 -STREAM=$2 - -# `rhel` macro exists on RHEL, CentOS Stream, and Fedora ELN -# `centos` macro exists only on CentOS Stream -CENTOS_VERSION=$(rpm --eval '%{?centos}') -RHEL_VERSION=$(rpm --eval '%{?rhel}') - -# For upstream tests, we need to test with podman and other packages from the -# podman-next copr. For downstream tests (bodhi, errata), we don't need any -# additional setup -if [[ "$STREAM" == "upstream" ]]; then - # Use CentOS Stream 10 copr target for RHEL-10 until EPEL 10 becomes - # available - if [[ -n $CENTOS_VERSION || $RHEL_VERSION -ge 10 ]]; then - dnf -y copr enable rhcontainerbot/podman-next centos-stream-$CENTOS_VERSION - else - dnf -y copr enable rhcontainerbot/podman-next - fi - echo "priority=5" >> /etc/yum.repos.d/_copr:copr.fedorainfracloud.org:rhcontainerbot:podman-next.repo -fi # Remove testing-farm repos if they exist as these interfere with the packages # we want to install, especially when podman-next copr is involved @@ -69,18 +51,11 @@ tar zxf *.tar.gz popd -# Enable EPEL on RHEL/CentOS Stream envs to fetch bats -if [[ -n $(rpm --eval '%{?rhel}') ]]; then - # Until EPEL 10 is available use epel-9 for all RHEL and CentOS Stream - dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm - sed -i 's/$releasever/9/g' /etc/yum.repos.d/epel.repo -fi - # Install dependencies for running tests +# NOTE: bats will be fetched from Fedora repos on public testing-farm envs if EPEL repo is absent or disabled. dnf -y install bats golang # Print versions of distro and installed packages -cat /etc/redhat-release rpm -q bats container-selinux golang podman podman-tests selinux-policy if [[ "$TEST_TYPE" == "e2e" ]]; then From edda101018b1210c0b1a1d463b0ccacb1f716059 Mon Sep 17 00:00:00 2001 From: Packit Date: Mon, 11 Nov 2024 12:09:59 +0000 Subject: [PATCH 22/38] Update to 2.234.1 upstream release Upstream tag: v2.234.1 Upstream commit: 8ba68ee9 Commit authored by Packit automation (https://packit.dev/) --- .gitignore | 1 + .packit.yaml | 51 ++++++++++++++---------------------------- README.packit | 2 +- container-selinux.spec | 25 +++++++++++---------- sources | 2 +- test/Makefile | 1 + 6 files changed, 34 insertions(+), 48 deletions(-) diff --git a/.gitignore b/.gitignore index d168437..0c07861 100644 --- a/.gitignore +++ b/.gitignore @@ -230,3 +230,4 @@ /packit-tmt-bodhi-reuse.zip /v2.232.1.tar.gz /v2.233.0.tar.gz +/v2.234.1.tar.gz diff --git a/.packit.yaml b/.packit.yaml index 2f048d0..c9b56ad 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -28,7 +28,7 @@ packages: container-selinux-centos: pkg_tool: centpkg specfile_path: rpm/container-selinux.spec - container-selinux-rhel: + container-selinux-eln: specfile_path: rpm/container-selinux.spec srpm_build_deps: @@ -43,8 +43,18 @@ jobs: message: "Ephemeral COPR build failed. @containers/packit-build please check." enable_net: true # container-selinux is noarch so we only need to test on one arch + targets: &fedora_copr_targets + - fedora-development + - fedora-latest + - fedora-ltest-stable + - fedora-40 + + - job: copr_build + trigger: pull_request + packages: [container-selinux-eln] + notifications: *copr_build_failure_notification + enable_net: true targets: - - fedora-all - fedora-eln - job: copr_build @@ -52,18 +62,10 @@ jobs: packages: [container-selinux-centos] notifications: *copr_build_failure_notification enable_net: true - targets: ¢os_targets + targets: ¢os_copr_targets - centos-stream-9 - centos-stream-10 - - job: copr_build - trigger: pull_request - packages: [container-selinux-rhel] - notifications: *copr_build_failure_notification - enable_net: true - targets: - - epel-9 - # Run on commit to main branch # Build targets managed in copr settings - job: copr_build @@ -85,8 +87,7 @@ jobs: notifications: &test_failure_notification failure_comment: message: "Tests failed. @containers/packit-build please check." - targets: - - fedora-all + targets: *fedora_copr_targets tf_extra_params: environments: - artifacts: @@ -98,34 +99,17 @@ jobs: trigger: pull_request packages: [container-selinux-centos] notifications: *test_failure_notification - targets: *centos_targets + targets: *centos_copr_targets tf_extra_params: environments: - artifacts: - type: repository-file id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/centos-stream-$releasever/rhcontainerbot-podman-next-centos-stream-$releasever.repo - # Tests for RHEL - - job: tests - trigger: pull_request - packages: [container-selinux-rhel] - use_internal_tf: true - notifications: *test_failure_notification - targets: - epel-9-x86_64: - distros: [RHEL-9.4.0-Nightly,RHEL-9-Nightly] - tf_extra_params: - environments: - - artifacts: - - type: repository-file - id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/epel-$releasever/rhcontainerbot-podman-next-epel-$releasever.repo - - type: repository-file - id: https://src.fedoraproject.org/rpms/epel-release/raw/epel9/f/epel.repo - - job: propose_downstream trigger: release packages: [container-selinux-fedora] - dist_git_branches: + dist_git_branches: &fedora_targets - fedora-all - job: propose_downstream @@ -137,8 +121,7 @@ jobs: - job: koji_build trigger: commit packages: [container-selinux-fedora] - dist_git_branches: - - fedora-all + dist_git_branches: *fedora_targets - job: bodhi_update trigger: commit diff --git a/README.packit b/README.packit index 459869a..1b4760d 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 0.101.0. +The file was generated using packit 0.102.2.post1.dev4+g3142fcf8. diff --git a/container-selinux.spec b/container-selinux.spec index cc61060..646c38a 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -2,7 +2,6 @@ # container-selinux stuff (prefix with ds_ for version/release etc.) # Some bits borrowed from the openstack-selinux package -%global selinuxtype targeted %global moduletype services %global modulenames container @@ -36,7 +35,7 @@ Epoch: 2 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.233.0 +Version: 2.234.1 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} @@ -51,7 +50,8 @@ BuildRequires: selinux-policy-devel >= %_selinux_policy_version # RE: rhbz#1195804 - ensure min NVR for selinux-policy Requires: selinux-policy >= %_selinux_policy_version Requires(post): selinux-policy-base >= %_selinux_policy_version -Requires(post): selinux-policy-targeted >= %_selinux_policy_version +Requires(post): selinux-policy-any >= %_selinux_policy_version +Recommends: selinux-policy-targeted >= %_selinux_policy_version Requires(post): policycoreutils Requires(post): libselinux-utils Requires(post): sed @@ -90,7 +90,7 @@ make rm %{buildroot}%{_mandir}/man8/container_selinux.8 %pre -%selinux_relabel_pre -s %{selinuxtype} +%selinux_relabel_pre %post # Install all modules in a single transaction @@ -98,21 +98,21 @@ if [ $1 -eq 1 ]; then %{_sbindir}/setsebool -P -N virt_use_nfs=1 virt_sandbox_use_all_caps=1 fi %_format MODULES %{_datadir}/selinux/packages/$x.pp.bz2 -%{_sbindir}/semodule -n -s %{selinuxtype} -r container 2> /dev/null -%{_sbindir}/semodule -n -s %{selinuxtype} -d docker 2> /dev/null -%{_sbindir}/semodule -n -s %{selinuxtype} -d gear 2> /dev/null -%selinux_modules_install -s %{selinuxtype} $MODULES . %{_sysconfdir}/selinux/config +%{_sbindir}/semodule -n -s ${SELINUXTYPE} -r container 2> /dev/null +%{_sbindir}/semodule -n -s ${SELINUXTYPE} -d docker 2> /dev/null +%{_sbindir}/semodule -n -s ${SELINUXTYPE} -d gear 2> /dev/null +%selinux_modules_install -s ${SELINUXTYPE} $MODULES sed -e "\|container_file_t|h; \${x;s|container_file_t||;{g;t};a\\" -e "container_file_t" -e "}" -i /etc/selinux/${SELINUXTYPE}/contexts/customizable_types matchpathcon -qV %{_sharedstatedir}/containers || restorecon -R %{_sharedstatedir}/containers &> /dev/null || : %postun if [ $1 -eq 0 ]; then - %selinux_modules_uninstall -s %{selinuxtype} %{modulenames} docker + %selinux_modules_uninstall %{modulenames} docker fi %posttrans -%selinux_relabel_post -s %{selinuxtype} +%selinux_relabel_post #define license tag if not already defined %{!?_licensedir:%global license %doc} @@ -127,8 +127,9 @@ fi %{_datadir}/udica/templates/* # Ref: https://bugzilla.redhat.com/show_bug.cgi?id=2209120 #%%{_mandir}/man8/container_selinux.8.gz -%{_sysconfdir}/selinux/targeted/contexts/users/* -%ghost %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulenames} +%{_sysconfdir}/selinux/targeted/contexts/users/container_u +%ghost %verify(not mode) %{_selinux_store_path}/targeted/active/modules/200/%{modulenames} +%ghost %verify(not mode) %{_selinux_store_path}/mls/active/modules/200/%{modulenames} %triggerpostun -- container-selinux < 2:2.162.1-3 if %{_sbindir}/selinuxenabled ; then diff --git a/sources b/sources index e8e9fbc..3c5862b 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.233.0.tar.gz) = f79380a3312cb57953bc1286ba7dcdbf29ab95ce72de79c5bac1eb6c4401d2bcb0c9875802c7198a9680af19affb34170581c609180408b21cc27cf680c3feb4 +SHA512 (v2.234.1.tar.gz) = 6ffc70aa42134aec10eaf5f5b4b10a0481309e4285a419d65df9afabc033a34c86147fade0640e7b641b89aaaea3c525ae23700bea675ea6a1319c8fdb7a1859 diff --git a/test/Makefile b/test/Makefile index 5fee1ea..9088bd9 100644 --- a/test/Makefile +++ b/test/Makefile @@ -2,6 +2,7 @@ basic_check: semodule --list=full | grep container semodule -B + rpm -Vqf /var/lib/selinux/*/active/modules/200/container .PHONY: podman_e2e_test podman_e2e_test: From 038f1b6063dc8a9960157896a00a0f33121c6e7d Mon Sep 17 00:00:00 2001 From: Packit Date: Mon, 11 Nov 2024 14:12:33 +0000 Subject: [PATCH 23/38] Update to 2.234.2 upstream release Upstream tag: v2.234.2 Upstream commit: cd0a1758 Commit authored by Packit automation (https://packit.dev/) --- .gitignore | 1 + README.packit | 2 +- container-selinux.spec | 7 ++----- sources | 2 +- 4 files changed, 5 insertions(+), 7 deletions(-) diff --git a/.gitignore b/.gitignore index 0c07861..2069158 100644 --- a/.gitignore +++ b/.gitignore @@ -231,3 +231,4 @@ /v2.232.1.tar.gz /v2.233.0.tar.gz /v2.234.1.tar.gz +/v2.234.2.tar.gz diff --git a/README.packit b/README.packit index 1b4760d..c18262a 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 0.102.2.post1.dev4+g3142fcf8. +The file was generated using packit 0.103.0. diff --git a/container-selinux.spec b/container-selinux.spec index 646c38a..e34b6fd 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -35,7 +35,7 @@ Epoch: 2 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.234.1 +Version: 2.234.2 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} @@ -86,9 +86,6 @@ make %_format MODULES $x.pp.bz2 %{__make} DATADIR=%{buildroot}%{_datadir} SYSCONFDIR=%{buildroot}%{_sysconfdir} install install.udica-templates install.selinux-user -# Ref: https://bugzilla.redhat.com/show_bug.cgi?id=2209120 -rm %{buildroot}%{_mandir}/man8/container_selinux.8 - %pre %selinux_relabel_pre @@ -126,7 +123,7 @@ fi %dir %{_datadir}/udica/templates/ %{_datadir}/udica/templates/* # Ref: https://bugzilla.redhat.com/show_bug.cgi?id=2209120 -#%%{_mandir}/man8/container_selinux.8.gz +%{_mandir}/man8/container_selinux.8.gz %{_sysconfdir}/selinux/targeted/contexts/users/container_u %ghost %verify(not mode) %{_selinux_store_path}/targeted/active/modules/200/%{modulenames} %ghost %verify(not mode) %{_selinux_store_path}/mls/active/modules/200/%{modulenames} diff --git a/sources b/sources index 3c5862b..1703887 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.234.1.tar.gz) = 6ffc70aa42134aec10eaf5f5b4b10a0481309e4285a419d65df9afabc033a34c86147fade0640e7b641b89aaaea3c525ae23700bea675ea6a1319c8fdb7a1859 +SHA512 (v2.234.2.tar.gz) = 2ec931ca1bf3f62659944389ef9679c6bc283aa001c275ef84e5be0430e79090ec20a993cccd24c4122f7adc3bcf8338489e09b1e5ad548fde1eef840022281c From c2d42deedf06526ec01b5492de41d4dec146d7c6 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Thu, 26 Dec 2024 15:35:49 +0530 Subject: [PATCH 24/38] TMT: sync tests with upstream Signed-off-by: Lokesh Mandvekar --- plans/all.fmf | 20 ------------- plans/main.fmf | 40 ++++++++++++++++++++++++++ test/main.fmf | 12 ++++---- test/podman-tests.sh | 67 ++------------------------------------------ 4 files changed, 47 insertions(+), 92 deletions(-) delete mode 100644 plans/all.fmf create mode 100644 plans/main.fmf diff --git a/plans/all.fmf b/plans/all.fmf deleted file mode 100644 index 9e0d10b..0000000 --- a/plans/all.fmf +++ /dev/null @@ -1,20 +0,0 @@ -discover: - how: fmf -execute: - how: tmt - -/upstream: - summary: Run SELinux specific Podman tests on upstream PRs - discover+: - filter: tag:upstream - adjust+: - enabled: false - when: initiator is not defined or initiator != packit - -/downstream: - summary: Run SELinux specific Podman tests on bodhi / errata and dist-git PRs - discover+: - filter: tag:downstream - adjust+: - enabled: false - when: initiator == packit diff --git a/plans/main.fmf b/plans/main.fmf new file mode 100644 index 0000000..2e13af5 --- /dev/null +++ b/plans/main.fmf @@ -0,0 +1,40 @@ +discover: + how: fmf +execute: + how: tmt +adjust: + - when: initiator == packit + because: "We need to test with updated packages from rhcontainerbot/podman-next copr" + prepare+: + how: shell + script: | + sed -i -n '/^priority=/!p;$apriority=1' /etc/yum.repos.d/*podman-next*.repo + dnf -y upgrade --allowerasing + # FIXME: Use epel10 once bats is available there + - when: distro == centos-stream-10 or distro == rhel-10 + because: "bats isn't yet available on epel10" + prepare+: + how: install + copr: rhcontainerbot/bats-el10 + package: bats + - when: distro == centos-stream-9 or distro == rhel-9 + because: "bats is present on EPEL on rhel9 / c9s" + prepare+: + how: feature + epel: enabled + +/upstream: + summary: Run SELinux specific Podman tests on upstream PRs + discover+: + filter: tag:upstream + adjust+: + - enabled: false + when: initiator is not defined or initiator != packit + +/downstream: + summary: Run SELinux specific Podman tests on bodhi / errata and dist-git PRs + discover+: + filter: tag:downstream + adjust+: + - enabled: false + when: initiator == packit diff --git a/test/main.fmf b/test/main.fmf index 8c30075..bded6bc 100644 --- a/test/main.fmf +++ b/test/main.fmf @@ -1,8 +1,11 @@ -# Only common dependencies that are NOT required to run podman-tests.sh are -# specified here. Everything else is in podman-tests.sh. require: + - bats + - container-selinux - cpio + - golang - make + - podman + - podman-tests - policycoreutils /basic_check: @@ -10,11 +13,6 @@ require: summary: Run basic checks test: make basic_check -/podman_e2e_test: - tag: [ upstream, downstream ] - summary: Run SELinux specific Podman e2e tests - test: make podman_e2e_test - /podman_system_test: tag: [ upstream, downstream ] summary: Run SELinux specific Podman system tests diff --git a/test/podman-tests.sh b/test/podman-tests.sh index b758cc8..0033d25 100644 --- a/test/podman-tests.sh +++ b/test/podman-tests.sh @@ -9,71 +9,8 @@ if [[ "$(id -u)" -ne 0 ]];then exit 1 fi -if [[ -z "$1" ]]; then - echo -e "Usage: $(basename ${BASH_SOURCE[0]}) TEST_TYPE\nTEST_TYPE can be 'e2e' or 'system'\n" - exit 1 -fi - -TEST_TYPE=$1 - -# Remove testing-farm repos if they exist as these interfere with the packages -# we want to install, especially when podman-next copr is involved -rm -f /etc/yum.repos.d/tag-repository.repo - -# Fetch and extract latest podman source from the highest priority dnf repo -# NOTE: On upstream pull-requests, the srpm will be fetched from the -# podman-next copr while on bodhi updates, it will be fetched from Fedora's -# official repos. -PODMAN_DIR=$(mktemp -d) -pushd $PODMAN_DIR - -# Download podman and podman-tests rpms, along with podman srpm -dnf download podman podman-tests -# Download srpm, srpm opts differ between dnf and dnf5 -rpm -q dnf5 && dnf download --srpm podman || dnf download --source podman - -# Ensure podman-tests RPM and podman SRPM version-release match -# NOTE: podman RPM and podman-tests RPM matching is ensured by podman.spec so -# matching podman-tests and podman srpm is sufficient here. -PODMAN_TESTS_VERSION=$(ls podman-tests* | sed -e "s/.$(uname -m).rpm//" -e "s/podman-tests-//") -PODMAN_SRPM_VERSION=$(ls podman*.src.rpm | sed -e "s/.src.rpm//" -e "s/podman-//") -if [[ "$PODMAN_TESTS_VERSION" != "$PODMAN_SRPM_VERSION" ]]; then - echo "podman-tests and podman srpm version-release don't match" - exit 1 -fi - -# Install downloaded podman and podman-tests rpms -dnf -y install ./podman*.$(uname -m).rpm - -# Extract and untar podman source from srpm -rpm2cpio $(ls podman*.src.rpm) | cpio -di -tar zxf *.tar.gz - -popd - -# Install dependencies for running tests -# NOTE: bats will be fetched from Fedora repos on public testing-farm envs if EPEL repo is absent or disabled. -dnf -y install bats golang - # Print versions of distro and installed packages rpm -q bats container-selinux golang podman podman-tests selinux-policy -if [[ "$TEST_TYPE" == "e2e" ]]; then - # /tmp is often unsufficient - export TMPDIR=/var/tmp - - # dnf5 contains breaking changes - # Either of `dnf` OR `dnf5` will be installed, never both. - # To fetch srpm, dnf uses `--source`, dnf5 uses `--srpm`. - #rpm -q dnf5 && SRPM_OPTS="--srpm" || SRPM_OPTS="--source" - - # Run podman e2e tests - pushd $PODMAN_DIR/podman-*/test/e2e - PODMAN_BINARY=/usr/bin/podman go test -v config.go config_amd64.go common_test.go libpod_suite_test.go run_selinux_test.go - popd -fi - -if [[ "$TEST_TYPE" == "system" ]]; then - # Run podman system tests - bats /usr/share/podman/test/system/410-selinux.bats -fi +# Run podman system tests +bats /usr/share/podman/test/system/410-selinux.bats From 67ab29b766617e11fd06df08c1f94f6accba25cd Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 16 Jan 2025 14:27:37 +0000 Subject: [PATCH 25/38] Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild From 58f6209191b5fe9d0353db218b8cfab135e4a555 Mon Sep 17 00:00:00 2001 From: Packit Date: Mon, 24 Feb 2025 10:42:38 +0000 Subject: [PATCH 26/38] Update to 2.235.0 upstream release Upstream tag: v2.235.0 Upstream commit: c9b3eca0 Commit authored by Packit automation (https://packit.dev/) --- .gitignore | 1 + .packit.yaml | 17 ++++++++------ README.packit | 2 +- container-selinux.spec | 4 ++-- gating.yaml | 4 +++- plans/main.fmf | 50 +++++++++++++----------------------------- sources | 2 +- test/Makefile | 16 -------------- test/main.fmf | 14 +++++------- test/podman-tests.sh | 2 +- 10 files changed, 40 insertions(+), 72 deletions(-) delete mode 100644 test/Makefile diff --git a/.gitignore b/.gitignore index 2069158..abf490c 100644 --- a/.gitignore +++ b/.gitignore @@ -232,3 +232,4 @@ /v2.233.0.tar.gz /v2.234.1.tar.gz /v2.234.2.tar.gz +/v2.235.0.tar.gz diff --git a/.packit.yaml b/.packit.yaml index c9b56ad..cc1d83b 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -13,9 +13,11 @@ files_to_sync: - src: plans/ dest: plans/ delete: true + mkpath: true - src: test/ dest: test/ delete: true + mkpath: true - src: .fmf/ dest: .fmf/ delete: true @@ -44,10 +46,8 @@ jobs: enable_net: true # container-selinux is noarch so we only need to test on one arch targets: &fedora_copr_targets - - fedora-development - - fedora-latest - - fedora-ltest-stable - - fedora-40 + - fedora-all-x86_64 + - fedora-all-aarch64 - job: copr_build trigger: pull_request @@ -55,7 +55,8 @@ jobs: notifications: *copr_build_failure_notification enable_net: true targets: - - fedora-eln + - fedora-eln-x86_64 + - fedora-eln-aarch64 - job: copr_build trigger: pull_request @@ -63,8 +64,10 @@ jobs: notifications: *copr_build_failure_notification enable_net: true targets: ¢os_copr_targets - - centos-stream-9 - - centos-stream-10 + - centos-stream-9-x86_64 + - centos-stream-9-aarch64 + - centos-stream-10-x86_64 + - centos-stream-10-aarch64 # Run on commit to main branch # Build targets managed in copr settings diff --git a/README.packit b/README.packit index c18262a..2cdc258 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 0.103.0. +The file was generated using packit 1.1.1.post1.dev1+g7c5e02df. diff --git a/container-selinux.spec b/container-selinux.spec index e34b6fd..6fd90dd 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -30,12 +30,12 @@ Name: container-selinux %if %{defined copr_build} Epoch: 102 %else -Epoch: 2 +Epoch: 4 %endif # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.234.2 +Version: 2.235.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/gating.yaml b/gating.yaml index dbb1d91..8f949e2 100644 --- a/gating.yaml +++ b/gating.yaml @@ -1,7 +1,9 @@ --- !Policy product_versions: - fedora-* -decision_context: bodhi_update_push_stable +decision_context: + - bodhi_update_push_stable + - bodhi_update_push_testing rules: - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} diff --git a/plans/main.fmf b/plans/main.fmf index 2e13af5..baa8b2f 100644 --- a/plans/main.fmf +++ b/plans/main.fmf @@ -2,39 +2,19 @@ discover: how: fmf execute: how: tmt -adjust: +prepare: + - when: distro == centos-stream or distro == rhel + how: shell + script: | + dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-$(rpm --eval '%{?rhel}').noarch.rpm + dnf -y config-manager --set-enabled epel + order: 10 - when: initiator == packit - because: "We need to test with updated packages from rhcontainerbot/podman-next copr" - prepare+: - how: shell - script: | - sed -i -n '/^priority=/!p;$apriority=1' /etc/yum.repos.d/*podman-next*.repo - dnf -y upgrade --allowerasing - # FIXME: Use epel10 once bats is available there - - when: distro == centos-stream-10 or distro == rhel-10 - because: "bats isn't yet available on epel10" - prepare+: - how: install - copr: rhcontainerbot/bats-el10 - package: bats - - when: distro == centos-stream-9 or distro == rhel-9 - because: "bats is present on EPEL on rhel9 / c9s" - prepare+: - how: feature - epel: enabled - -/upstream: - summary: Run SELinux specific Podman tests on upstream PRs - discover+: - filter: tag:upstream - adjust+: - - enabled: false - when: initiator is not defined or initiator != packit - -/downstream: - summary: Run SELinux specific Podman tests on bodhi / errata and dist-git PRs - discover+: - filter: tag:downstream - adjust+: - - enabled: false - when: initiator == packit + how: shell + script: | + COPR_REPO_FILE="/etc/yum.repos.d/*podman-next*.repo" + if compgen -G $COPR_REPO_FILE > /dev/null; then + sed -i -n '/^priority=/!p;$apriority=1' $COPR_REPO_FILE + fi + dnf -y upgrade --allowerasing + order: 20 diff --git a/sources b/sources index 1703887..1602c69 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.234.2.tar.gz) = 2ec931ca1bf3f62659944389ef9679c6bc283aa001c275ef84e5be0430e79090ec20a993cccd24c4122f7adc3bcf8338489e09b1e5ad548fde1eef840022281c +SHA512 (v2.235.0.tar.gz) = 5d422ffe69e994d2b30460bef39598ccac52d3607a23dd15e300374f1704c6e5883069aa74cb3b362b9545f4dd4e048b6e9893a6086cbba53e9d5f8185b2ffd2 diff --git a/test/Makefile b/test/Makefile deleted file mode 100644 index 9088bd9..0000000 --- a/test/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -.PHONY: basic_check -basic_check: - semodule --list=full | grep container - semodule -B - rpm -Vqf /var/lib/selinux/*/active/modules/200/container - -.PHONY: podman_e2e_test -podman_e2e_test: - bash ./podman-tests.sh e2e - -.PHONY: podman_system_test -podman_system_test: - bash ./podman-tests.sh system - -clean: - rm -rf podman-*dev* podman.spec diff --git a/test/main.fmf b/test/main.fmf index bded6bc..4b186d5 100644 --- a/test/main.fmf +++ b/test/main.fmf @@ -1,19 +1,17 @@ require: + - attr - bats - container-selinux - - cpio - - golang - - make - - podman - podman-tests - policycoreutils /basic_check: - tag: [ upstream, downstream ] summary: Run basic checks - test: make basic_check + test: | + semodule --list=full | grep container + semodule -B + rpm -Vqf /var/lib/selinux/*/active/modules/200/container /podman_system_test: - tag: [ upstream, downstream ] summary: Run SELinux specific Podman system tests - test: make podman_system_test + test: bash ./podman-tests.sh diff --git a/test/podman-tests.sh b/test/podman-tests.sh index 0033d25..faa504b 100644 --- a/test/podman-tests.sh +++ b/test/podman-tests.sh @@ -10,7 +10,7 @@ if [[ "$(id -u)" -ne 0 ]];then fi # Print versions of distro and installed packages -rpm -q bats container-selinux golang podman podman-tests selinux-policy +rpm -q bats container-selinux podman podman-tests policycoreutils selinux-policy # Run podman system tests bats /usr/share/podman/test/system/410-selinux.bats From a15b46699ba2930583bd677a292cfc1ce7df64e5 Mon Sep 17 00:00:00 2001 From: Lokesh Mandvekar Date: Mon, 24 Feb 2025 17:01:52 +0530 Subject: [PATCH 27/38] fix gating.yaml --- gating.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gating.yaml b/gating.yaml index 8f949e2..c692db7 100644 --- a/gating.yaml +++ b/gating.yaml @@ -1,7 +1,7 @@ --- !Policy product_versions: - fedora-* -decision_context: +decision_contexts: - bodhi_update_push_stable - bodhi_update_push_testing rules: From 5c4e72179b5f16ca28ee0d03a08322e6e9d00912 Mon Sep 17 00:00:00 2001 From: Packit Date: Thu, 13 Mar 2025 20:26:37 +0000 Subject: [PATCH 28/38] Update to 2.236.0 upstream release Upstream tag: v2.236.0 Upstream commit: 4244f856 Commit authored by Packit automation (https://packit.dev/) --- .gitignore | 1 + README.packit | 2 +- container-selinux.spec | 2 +- sources | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index abf490c..1dfba9e 100644 --- a/.gitignore +++ b/.gitignore @@ -233,3 +233,4 @@ /v2.234.1.tar.gz /v2.234.2.tar.gz /v2.235.0.tar.gz +/v2.236.0.tar.gz diff --git a/README.packit b/README.packit index 2cdc258..f5cc99f 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 1.1.1.post1.dev1+g7c5e02df. +The file was generated using packit 1.2.0.post1.dev13+g55ed4527. diff --git a/container-selinux.spec b/container-selinux.spec index 6fd90dd..cf61d09 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -35,7 +35,7 @@ Epoch: 4 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.235.0 +Version: 2.236.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index 1602c69..f7b9b50 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.235.0.tar.gz) = 5d422ffe69e994d2b30460bef39598ccac52d3607a23dd15e300374f1704c6e5883069aa74cb3b362b9545f4dd4e048b6e9893a6086cbba53e9d5f8185b2ffd2 +SHA512 (v2.236.0.tar.gz) = 02f4cf1549bbe8c647fc2d2af9f239a23b47e67964d2ee66a45578b6494a9257185f210a61a3e666470489698760b6dd336db3e6a867002fdac68f64689d3841 From 1b9c808c738d24f95cfe5d479f4ffc9ce606276f Mon Sep 17 00:00:00 2001 From: Packit Date: Mon, 28 Apr 2025 19:06:43 +0000 Subject: [PATCH 29/38] Update to 2.237.0 upstream release Upstream tag: v2.237.0 Upstream commit: d7e420a1 Commit authored by Packit automation (https://packit.dev/) --- .gitignore | 1 + README.packit | 2 +- container-selinux.spec | 5 ++++- sources | 2 +- 4 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 1dfba9e..b1d1698 100644 --- a/.gitignore +++ b/.gitignore @@ -234,3 +234,4 @@ /v2.234.2.tar.gz /v2.235.0.tar.gz /v2.236.0.tar.gz +/v2.237.0.tar.gz diff --git a/README.packit b/README.packit index f5cc99f..807ffc6 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 1.2.0.post1.dev13+g55ed4527. +The file was generated using packit 1.6.0.post1.dev2+gd5a7662a. diff --git a/container-selinux.spec b/container-selinux.spec index cf61d09..afe8b30 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -35,7 +35,7 @@ Epoch: 4 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.236.0 +Version: 2.237.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} @@ -111,6 +111,9 @@ fi %posttrans %selinux_relabel_post +# Empty placeholder check to silence rpmlint +%check + #define license tag if not already defined %{!?_licensedir:%global license %doc} diff --git a/sources b/sources index f7b9b50..907c8b1 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.236.0.tar.gz) = 02f4cf1549bbe8c647fc2d2af9f239a23b47e67964d2ee66a45578b6494a9257185f210a61a3e666470489698760b6dd336db3e6a867002fdac68f64689d3841 +SHA512 (v2.237.0.tar.gz) = 39226dc5474934eb509bde812a7df3647d38c69d33ff3d54d0774286d1bc325dae867280571d3681e23a334aa785acfb6a1c22ca2f3df6031f95d005145930df From 556c1de55498dc30db550ad67f0e63a7d7de4d90 Mon Sep 17 00:00:00 2001 From: Packit Date: Fri, 30 May 2025 18:02:24 +0000 Subject: [PATCH 30/38] Update to 2.238.0 upstream release Upstream tag: v2.238.0 Upstream commit: 36e8f213 Commit authored by Packit automation (https://packit.dev/) --- .gitignore | 1 + README.packit | 2 +- container-selinux.spec | 2 +- sources | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index b1d1698..8101221 100644 --- a/.gitignore +++ b/.gitignore @@ -235,3 +235,4 @@ /v2.235.0.tar.gz /v2.236.0.tar.gz /v2.237.0.tar.gz +/v2.238.0.tar.gz diff --git a/README.packit b/README.packit index 807ffc6..7e268b5 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 1.6.0.post1.dev2+gd5a7662a. +The file was generated using packit 1.8.0.post1.dev15+g39511efc. diff --git a/container-selinux.spec b/container-selinux.spec index afe8b30..76589ec 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -35,7 +35,7 @@ Epoch: 4 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.237.0 +Version: 2.238.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index 907c8b1..866448b 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.237.0.tar.gz) = 39226dc5474934eb509bde812a7df3647d38c69d33ff3d54d0774286d1bc325dae867280571d3681e23a334aa785acfb6a1c22ca2f3df6031f95d005145930df +SHA512 (v2.238.0.tar.gz) = f251bab5a5992feb6ce3d295d39a75627bd3c5deddbdb7ad64018c4f3b652637ff27760f40082b1cd31802f500f8927ae96256a4a11aa085b4b84703906f856f From b938868d0dcd742da3f42d4e48a8798e8cff8ac2 Mon Sep 17 00:00:00 2001 From: Packit Date: Mon, 7 Jul 2025 16:09:13 +0000 Subject: [PATCH 31/38] Update to 2.239.0 upstream release Upstream tag: v2.239.0 Upstream commit: 229e8d8b Commit authored by Packit automation (https://packit.dev/) --- .gitignore | 1 + README.packit | 2 +- container-selinux.spec | 2 +- sources | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 8101221..f3b7604 100644 --- a/.gitignore +++ b/.gitignore @@ -236,3 +236,4 @@ /v2.236.0.tar.gz /v2.237.0.tar.gz /v2.238.0.tar.gz +/v2.239.0.tar.gz diff --git a/README.packit b/README.packit index 7e268b5..dde2a46 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 1.8.0.post1.dev15+g39511efc. +The file was generated using packit 1.9.0.post1.dev4+g48b4c222. diff --git a/container-selinux.spec b/container-selinux.spec index 76589ec..c070080 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -35,7 +35,7 @@ Epoch: 4 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.238.0 +Version: 2.239.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index 866448b..3280111 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.238.0.tar.gz) = f251bab5a5992feb6ce3d295d39a75627bd3c5deddbdb7ad64018c4f3b652637ff27760f40082b1cd31802f500f8927ae96256a4a11aa085b4b84703906f856f +SHA512 (v2.239.0.tar.gz) = a3bafe979394358c9e0d51816fd92765ff88f2fab4a5aa22e1ce533e8ee4d1ce2b59435891ba39acb795f44509104fc558588ded180bfb3b27c4662a0b5a6643 From ae2bda3b191919740e1e08402c9e7197f95126ed Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 23 Jul 2025 18:38:20 +0000 Subject: [PATCH 32/38] Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild From 33a94c0fec233beb298dfcdb28d6f60f52fd6c0f Mon Sep 17 00:00:00 2001 From: Packit Date: Thu, 7 Aug 2025 12:54:13 +0000 Subject: [PATCH 33/38] Update to 2.240.0 upstream release Upstream tag: v2.240.0 Upstream commit: 10cc7eca Commit authored by Packit automation (https://packit.dev/) --- .gitignore | 1 + README.packit | 2 +- container-selinux.spec | 2 +- sources | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index f3b7604..67fd154 100644 --- a/.gitignore +++ b/.gitignore @@ -237,3 +237,4 @@ /v2.237.0.tar.gz /v2.238.0.tar.gz /v2.239.0.tar.gz +/v2.240.0.tar.gz diff --git a/README.packit b/README.packit index dde2a46..3ad54d6 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 1.9.0.post1.dev4+g48b4c222. +The file was generated using packit 1.11.0. diff --git a/container-selinux.spec b/container-selinux.spec index c070080..f874f51 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -35,7 +35,7 @@ Epoch: 4 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.239.0 +Version: 2.240.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index 3280111..64f44ff 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.239.0.tar.gz) = a3bafe979394358c9e0d51816fd92765ff88f2fab4a5aa22e1ce533e8ee4d1ce2b59435891ba39acb795f44509104fc558588ded180bfb3b27c4662a0b5a6643 +SHA512 (v2.240.0.tar.gz) = d5077aa547c2d85613eb168348fe01d92c198b72f3d3523c90d587f12ff8d221c9ee63da1ed1d7201f592853e1aa77406d10b751a0cd7ba9203ea0a22fea3f9b From f5e56373a3e582ff84fac2bc4e4874a23230f7be Mon Sep 17 00:00:00 2001 From: Packit Date: Tue, 19 Aug 2025 16:05:32 +0000 Subject: [PATCH 34/38] Update to 2.241.0 upstream release Upstream tag: v2.241.0 Upstream commit: 5997aa52 Commit authored by Packit automation (https://packit.dev/) --- .gitignore | 1 + README.packit | 2 +- container-selinux.spec | 2 +- sources | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 67fd154..a27fbf9 100644 --- a/.gitignore +++ b/.gitignore @@ -238,3 +238,4 @@ /v2.238.0.tar.gz /v2.239.0.tar.gz /v2.240.0.tar.gz +/v2.241.0.tar.gz diff --git a/README.packit b/README.packit index 3ad54d6..2be479e 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 1.11.0. +The file was generated using packit 1.11.0.post1.dev3+g351a3979f. diff --git a/container-selinux.spec b/container-selinux.spec index f874f51..cd7fd8e 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -35,7 +35,7 @@ Epoch: 4 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.240.0 +Version: 2.241.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index 64f44ff..3211fe3 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.240.0.tar.gz) = d5077aa547c2d85613eb168348fe01d92c198b72f3d3523c90d587f12ff8d221c9ee63da1ed1d7201f592853e1aa77406d10b751a0cd7ba9203ea0a22fea3f9b +SHA512 (v2.241.0.tar.gz) = acab4eb986e494c09a7f01d0263c2908bae8b93039fd0584c0cfa32c44b59e72db2d3f09d1c9213e9640b5f7af2361a460658cd49deafca0a37535f5e8b6fd80 From ac7e099b8e4e99fd11302236418597f6041888ff Mon Sep 17 00:00:00 2001 From: Packit Date: Fri, 5 Sep 2025 14:44:40 +0000 Subject: [PATCH 35/38] Update to 2.242.0 upstream release Upstream tag: v2.242.0 Upstream commit: edfbda46 Commit authored by Packit automation (https://packit.dev/) --- .gitignore | 1 + .packit.yaml | 14 +++++++++++++- README.packit | 2 +- container-selinux.spec | 12 ++++++------ sources | 2 +- 5 files changed, 22 insertions(+), 9 deletions(-) diff --git a/.gitignore b/.gitignore index a27fbf9..9f6dc41 100644 --- a/.gitignore +++ b/.gitignore @@ -239,3 +239,4 @@ /v2.239.0.tar.gz /v2.240.0.tar.gz /v2.241.0.tar.gz +/v2.242.0.tar.gz diff --git a/.packit.yaml b/.packit.yaml index cc1d83b..d25d664 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -54,7 +54,7 @@ jobs: packages: [container-selinux-eln] notifications: *copr_build_failure_notification enable_net: true - targets: + targets: &eln_copr_targets - fedora-eln-x86_64 - fedora-eln-aarch64 @@ -97,6 +97,18 @@ jobs: - type: repository-file id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/fedora-$releasever/rhcontainerbot-podman-next-fedora-$releasever.repo + # Tests for Fedora + - job: tests + trigger: pull_request + packages: [container-selinux-eln] + notifications: *test_failure_notification + targets: *eln_copr_targets + tf_extra_params: + environments: + - artifacts: + - type: repository-file + id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/fedora-eln/rhcontainerbot-podman-next-fedora-eln.repo + # Tests for CentOS Stream - job: tests trigger: pull_request diff --git a/README.packit b/README.packit index 2be479e..fb341a1 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 1.11.0.post1.dev3+g351a3979f. +The file was generated using packit 1.11.0.post1.dev7+gfdcdf3a32. diff --git a/container-selinux.spec b/container-selinux.spec index cd7fd8e..273ec70 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -20,14 +20,14 @@ %define no_user_namespace 1 %endif -# copr_build is more intuitive than copr_username -%if %{defined copr_username} -%define copr_build 1 +# set copr_build is more intuitive than copr_username +%if %{defined copr_username} && "%{copr_username}" == "rhcontainerbot" && "%{copr_projectname}" == "podman-next" +%define next_build 1 %endif Name: container-selinux -# Set different Epochs for copr and koji -%if %{defined copr_build} +# Set different Epoch for rhcontainerbot/podman-next copr build +%if %{defined next_build} Epoch: 102 %else Epoch: 4 @@ -35,7 +35,7 @@ Epoch: 4 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.241.0 +Version: 2.242.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index 3211fe3..ab44a19 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.241.0.tar.gz) = acab4eb986e494c09a7f01d0263c2908bae8b93039fd0584c0cfa32c44b59e72db2d3f09d1c9213e9640b5f7af2361a460658cd49deafca0a37535f5e8b6fd80 +SHA512 (v2.242.0.tar.gz) = 48ed0644081cd1f52d2e842c46af9c7dd64685aab121a9a275da2ea75eb8b48b7b24ffc45658b6bc78b41a9bad116c3352e1bd540cfba298276519cd6ddea47c From 99f38c064f082eeda912d7da59b822f80d4bbbc6 Mon Sep 17 00:00:00 2001 From: Packit Date: Fri, 7 Nov 2025 19:05:10 +0000 Subject: [PATCH 36/38] Update to 2.243.0 upstream release Upstream tag: v2.243.0 Upstream commit: efdee4df Commit authored by Packit automation (https://packit.dev/) --- .gitignore | 1 + README.packit | 2 +- container-selinux.spec | 2 +- plans/main.fmf | 26 +++++++++++++------ plans/tmt.fmf | 9 +++++++ sources | 2 +- test/main.fmf | 23 +++++++++++++--- ...odman-tests.sh => podman-rootful-tests.sh} | 0 test/podman-rootless-tests.sh | 15 +++++++++++ 9 files changed, 66 insertions(+), 14 deletions(-) create mode 100644 plans/tmt.fmf rename test/{podman-tests.sh => podman-rootful-tests.sh} (100%) create mode 100644 test/podman-rootless-tests.sh diff --git a/.gitignore b/.gitignore index 9f6dc41..9ae95ce 100644 --- a/.gitignore +++ b/.gitignore @@ -240,3 +240,4 @@ /v2.240.0.tar.gz /v2.241.0.tar.gz /v2.242.0.tar.gz +/v2.243.0.tar.gz diff --git a/README.packit b/README.packit index fb341a1..2511bf4 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 1.11.0.post1.dev7+gfdcdf3a32. +The file was generated using packit 1.12.0. diff --git a/container-selinux.spec b/container-selinux.spec index 273ec70..fa68c27 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -35,7 +35,7 @@ Epoch: 4 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.242.0 +Version: 2.243.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/plans/main.fmf b/plans/main.fmf index baa8b2f..c758669 100644 --- a/plans/main.fmf +++ b/plans/main.fmf @@ -3,12 +3,12 @@ discover: execute: how: tmt prepare: - - when: distro == centos-stream or distro == rhel - how: shell - script: | - dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-$(rpm --eval '%{?rhel}').noarch.rpm - dnf -y config-manager --set-enabled epel - order: 10 + - how: feature + epel: enabled + # TODO: Revisit this once https://github.com/teemtee/tmt/issues/3990 is in place. + # FIXME: For whatever reason, CentOS Stream envs end up upgrading container-selinux + # from podman-next instead of using the one installed by Packit. This apparently should + # be easier to handle once tmt#3990 is done. Things work as expected on Fedora already. - when: initiator == packit how: shell script: | @@ -16,5 +16,15 @@ prepare: if compgen -G $COPR_REPO_FILE > /dev/null; then sed -i -n '/^priority=/!p;$apriority=1' $COPR_REPO_FILE fi - dnf -y upgrade --allowerasing - order: 20 + +/basic_check: + discover+: + test: /test/basic_check + +/podman_rootful_system: + discover+: + test: /test/podman_rootful_system + +/podman_rootless_system: + discover+: + test: /test/podman_rootless_system diff --git a/plans/tmt.fmf b/plans/tmt.fmf new file mode 100644 index 0000000..1941978 --- /dev/null +++ b/plans/tmt.fmf @@ -0,0 +1,9 @@ +/: + inherit: false + +summary: Run tmt's integration tests +plan: + import: + url: https://github.com/teemtee/tmt + path: /plans/friends + name: /podman diff --git a/sources b/sources index ab44a19..06d448c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.242.0.tar.gz) = 48ed0644081cd1f52d2e842c46af9c7dd64685aab121a9a275da2ea75eb8b48b7b24ffc45658b6bc78b41a9bad116c3352e1bd540cfba298276519cd6ddea47c +SHA512 (v2.243.0.tar.gz) = 8ed193e467d247a277f1d21b6f1f2044273e15301e27ed33e0240af27f8d6ade4585a6fa9953a05bf11298d3a4ef2ea4fdc7f6e43abddd7e03c9c38835ad4429 diff --git a/test/main.fmf b/test/main.fmf index 4b186d5..13b8104 100644 --- a/test/main.fmf +++ b/test/main.fmf @@ -1,9 +1,10 @@ require: - attr - - bats - container-selinux - podman-tests - policycoreutils +recommend: + - bats /basic_check: summary: Run basic checks @@ -12,6 +13,22 @@ require: semodule -B rpm -Vqf /var/lib/selinux/*/active/modules/200/container -/podman_system_test: +/podman_rootful_system: summary: Run SELinux specific Podman system tests - test: bash ./podman-tests.sh + test: bash ./podman-rootful-tests.sh + +/podman_rootless_system: + summary: Run rootless Podman system tests + test: bash ./podman-rootless-tests.sh + require+: + - passt + - passt-selinux + environment: + ROOTLESS_USER: "fedora" + adjust: + - when: distro == centos-stream + environment+: + ROOTLESS_USER: "ec2-user" + - when: distro == fedora-eln or distro == rhel + environment+: + ROOTLESS_USER: "cloud-user" diff --git a/test/podman-tests.sh b/test/podman-rootful-tests.sh similarity index 100% rename from test/podman-tests.sh rename to test/podman-rootful-tests.sh diff --git a/test/podman-rootless-tests.sh b/test/podman-rootless-tests.sh new file mode 100644 index 0000000..e5583e0 --- /dev/null +++ b/test/podman-rootless-tests.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env bash + +set -exo pipefail + +cat /etc/redhat-release + +# Print versions of distro and installed packages +rpm -q bats container-selinux passt passt-selinux podman podman-tests policycoreutils selinux-policy + +loginctl enable-linger "$ROOTLESS_USER" + +# Run podman system tests +su - "$ROOTLESS_USER" -c "bats /usr/share/podman/test/system/410-selinux.bats" +su - "$ROOTLESS_USER" -c "bats /usr/share/podman/test/system/500-networking.bats" +su - "$ROOTLESS_USER" -c "bats /usr/share/podman/test/system/505-networking-pasta.bats" From 3f88bda292ee2de6b5bc847b37f68206c4c009ec Mon Sep 17 00:00:00 2001 From: Packit Date: Mon, 1 Dec 2025 15:51:17 +0000 Subject: [PATCH 37/38] Update to 2.244.0 upstream release Upstream tag: v2.244.0 Upstream commit: 9017e1f8 Commit authored by Packit automation (https://packit.dev/) --- .gitignore | 1 + README.packit | 2 +- container-selinux.spec | 2 +- sources | 2 +- test/main.fmf | 2 +- 5 files changed, 5 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 9ae95ce..0891100 100644 --- a/.gitignore +++ b/.gitignore @@ -241,3 +241,4 @@ /v2.241.0.tar.gz /v2.242.0.tar.gz /v2.243.0.tar.gz +/v2.244.0.tar.gz diff --git a/README.packit b/README.packit index 2511bf4..b4b46e3 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 1.12.0. +The file was generated using packit 1.12.0.post1.dev20+g7d30dac21. diff --git a/container-selinux.spec b/container-selinux.spec index fa68c27..07c8f41 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -35,7 +35,7 @@ Epoch: 4 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.243.0 +Version: 2.244.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index 06d448c..68be440 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.243.0.tar.gz) = 8ed193e467d247a277f1d21b6f1f2044273e15301e27ed33e0240af27f8d6ade4585a6fa9953a05bf11298d3a4ef2ea4fdc7f6e43abddd7e03c9c38835ad4429 +SHA512 (v2.244.0.tar.gz) = 21bb73a226d96a152de53475ad23d1daa119a20d83c835c7c5c2da011a2fd066955db1b4d4e11527883f7ef5dc027937bd9f1f65bc4388b44aed10337936f877 diff --git a/test/main.fmf b/test/main.fmf index 13b8104..741aef1 100644 --- a/test/main.fmf +++ b/test/main.fmf @@ -29,6 +29,6 @@ recommend: - when: distro == centos-stream environment+: ROOTLESS_USER: "ec2-user" - - when: distro == fedora-eln or distro == rhel + - when: distro == rhel environment+: ROOTLESS_USER: "cloud-user" From 615e4619a44c9275352a61d5fc766b77d439b869 Mon Sep 17 00:00:00 2001 From: Packit Date: Mon, 15 Dec 2025 15:49:15 +0000 Subject: [PATCH 38/38] Update to 2.245.0 upstream release Upstream tag: v2.245.0 Upstream commit: 3f7c37e9 Commit authored by Packit automation (https://packit.dev/) --- .gitignore | 1 + README.packit | 2 +- container-selinux.spec | 2 +- sources | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 0891100..523a91e 100644 --- a/.gitignore +++ b/.gitignore @@ -242,3 +242,4 @@ /v2.242.0.tar.gz /v2.243.0.tar.gz /v2.244.0.tar.gz +/v2.245.0.tar.gz diff --git a/README.packit b/README.packit index b4b46e3..db537f9 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 1.12.0.post1.dev20+g7d30dac21. +The file was generated using packit 1.13.0. diff --git a/container-selinux.spec b/container-selinux.spec index 07c8f41..6348202 100644 --- a/container-selinux.spec +++ b/container-selinux.spec @@ -35,7 +35,7 @@ Epoch: 4 # Keep Version in upstream specfile at 0. It will be automatically set # to the correct value by Packit for copr and koji builds. # IGNORE this comment if you're looking at it in dist-git. -Version: 2.244.0 +Version: 2.245.0 Release: %autorelease License: GPL-2.0-only URL: https://github.com/containers/%{name} diff --git a/sources b/sources index 68be440..ce107a4 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (v2.244.0.tar.gz) = 21bb73a226d96a152de53475ad23d1daa119a20d83c835c7c5c2da011a2fd066955db1b4d4e11527883f7ef5dc027937bd9f1f65bc4388b44aed10337936f877 +SHA512 (v2.245.0.tar.gz) = 0bc85980780631ceccb38f2fde64ff7f3792be18d4501806532f097deedde70f446e2389c543dd78e9087b45cd1a6916c0e096e6ea42dd77ac377ad4111b7db2