diff --git a/.gitignore b/.gitignore index e69de29..8a19a0c 100644 --- a/.gitignore +++ b/.gitignore @@ -0,0 +1,34 @@ +/cri-o-441bd3d.tar.gz +/cri-o-3eac3b2.tar.gz +/cri-o-4fbb022.tar.gz +/cri-o-e0c89d8.tar.gz +/cri-o-71cc465.tar.gz +/cri-o-774a29e.tar.gz +/cri-o-18bc811.tar.gz +/cri-o-e8a2525.tar.gz +/cri-o-d70609a.tar.gz +/cri-o-b7644f6.tar.gz +/cri-o-485227d.tar.gz +/cri-o-f0827bb.tar.gz +/cri-o-b731670.tar.gz +/cri-o-6a4b481.tar.gz +/cri-o-a783f23.tar.gz +/cri-o-bf8fcf3.tar.gz +/cri-o-cd4b6ae.tar.gz +/cri-o-b89a5fc.tar.gz +/cri-o-6d0ffae.tar.gz +/cri-o-ee2de87.tar.gz +/v1.17.1.tar.gz +/v1.17.2.tar.gz +/v1.18.0-rc1.tar.gz +/v1.18.0.tar.gz +/v1.18.1.tar.gz +/v1.18.2.tar.gz +/v1.18.3.tar.gz +/v1.19.0.tar.gz +/v1.20.0.tar.gz +/v1.20.1.tar.gz +/v1.20.2.tar.gz +/v1.20.5.tar.gz +/v1.20.6.tar.gz +/v1.20.7.tar.gz diff --git a/cri-o.spec b/cri-o.spec new file mode 100644 index 0000000..f8b044b --- /dev/null +++ b/cri-o.spec @@ -0,0 +1,680 @@ +%if 0%{?centos} +%global with_debug 0 +%else +%global with_debug 1 +%endif +%global with_check 0 + +%if 0%{?with_debug} +%global _find_debuginfo_dwz_opts %{nil} +%global _dwz_low_mem_die_limit 0 +%else +%global debug_package %{nil} +%endif + +# https://github.com/cri-o/cri-o +%global goipath github.com/cri-o/cri-o +Version: 1.20.7 + +%if 0%{?rhel} && 0%{?rhel} <= 8 +%define gobuild(o:) %{expand: + # https://bugzilla.redhat.com/show_bug.cgi?id=995136#c12 + %global _dwz_low_mem_die_limit 0 + %ifnarch ppc64 + go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-}%{?currentgoldflags} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags %{?__golang_extldflags}' -compressdwarf=false" -a -v -x %{?**}; + %else + go build -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-}%{?currentgoldflags} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags %{?__golang_extldflags}' -compressdwarf=false" -a -v -x %{?**}; + %endif +} +%bcond_with check +%else +%gometa +%bcond_without check +%endif + + +# Global vars +%global provider github +%global provider_tld com +%global project cri-o +%global repo cri-o + +# Related: github.com/cri-o/cri-o/issues/3684 +%global build_timestamp %(date -u +'%Y-%m-%dT%H:%M:%SZ') +%global git_tree_state clean +%global criocli_path "" + +# https://github.com/cri-o/cri-o +%global import_path %{provider}.%{provider_tld}/%{project}/%{repo} + +# Commit for the builds +%global commit0 5d2fa3419f15655454edb94dfcc0993cb5a1521c +%global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) +%global git0 https://%{import_path} + +# Services +%global service_name crio + +# Used for comparing with latest upstream tag +# to decide whether to autobuild (non-rawhide only) +%define built_tag v1.20.7 +%define built_tag_strip %(b=%{built_tag}; echo ${b:1}) +%define crio_release_tag %(echo %{built_tag_strip} | cut -f1,2 -d'.') +%define download_url %{git0}/archive/%{built_tag}.tar.gz + +Epoch: 0 +Name: %{repo} +Release: 1%{?dist} +ExcludeArch: ppc64 +Summary: Kubernetes Container Runtime Interface for OCI-based containers +License: ASL 2.0 +URL: %{git0} +Source0: %{download_url} +Source3: %{service_name}-network.sysconfig +Source4: %{service_name}-storage.sysconfig +Source5: %{service_name}-metrics.sysconfig +# If go_compiler is not set to 1, there is no virtual provide. Use golang instead. +BuildRequires: golang +%if 0%{?fedora} +BuildRequires: btrfs-progs-devel +BuildRequires: device-mapper-devel +%endif +BuildRequires: git +BuildRequires: glib2-devel +BuildRequires: glibc-static +%if 0%{?fedora} +BuildRequires: golang-github-cpuguy83-md2man +%else +BuildRequires: go-md2man +%endif +BuildRequires: gpgme-devel +BuildRequires: libassuan-devel +BuildRequires: libseccomp-devel +BuildRequires: pkgconfig(systemd) +BuildRequires: make +%if 0%{?fedora} +Requires(pre): container-selinux +%else +Requires: container-selinux +%endif +Requires: containers-common >= 1:0.1.31-14 +%if 0%{?fedora} || 0%{?centos} >= 8 +Recommends: runc >= 1.0.0-16 +%else +Requires: runc >= 1.0.0-16 +%endif +Obsoletes: ocid <= 0.3 +Provides: ocid = %{epoch}:%{version}-%{release} +Provides: %{service_name} = %{epoch}:%{version}-%{release} +Requires: containernetworking-plugins >= 0.7.5-1 +Requires: conmon >= 2.0.2-1 +Requires: socat + +%description +%{summary} + +%prep +%autosetup -Sgit -n %{repo}-%{built_tag_strip} +sed -i 's/install.config: crio.conf/install.config:/' Makefile +sed -i 's/install.bin: binaries/install.bin:/' Makefile +sed -i 's/install.man: $(MANPAGES)/install.man:/' Makefile +sed -i 's/\.gopathok //' Makefile +sed -i 's/module_/module-/' internal/version/version.go +sed -i 's/\/local//' contrib/systemd/%{service_name}.service +sed -i 's/\/local//' contrib/systemd/%{service_name}-wipe.service + + +%build +export CGO_CFLAGS='-O2 -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -ffat-lto-objects -fexceptions -fasynchronous-unwind-tables -fstack-protector-strong -fstack-clash-protection -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64' +%ifarch x86_64 +export CGO_CFLAGS="$CGO_CFLAGS -m64 -mtune=generic" +%if 0%{?fedora} || 0%{?centos} >= 8 +export CGO_CFLAGS="$CGO_CFLAGS -fcf-protection" +%endif +%endif +# These extra flags present in %%{optflags} have been skipped for now as they break the build +#export CGO_CFLAGS="$CGO_CFLAGS -flto=auto -Wp,D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1" + +mkdir _output +pushd _output +mkdir -p src/%{provider}.%{provider_tld}/{%{project},opencontainers} +ln -s $(dirs +1 -l) src/%{import_path} +popd + +ln -s vendor src +export GOPATH=$(pwd)/_output:$(pwd) +export BUILDTAGS="$(hack/btrfs_installed_tag.sh) $(hack/btrfs_tag.sh) $(hack/libdm_installed.sh) $(hack/libdm_no_deferred_remove_tag.sh) $(hack/seccomp_tag.sh) $(hack/selinux_tag.sh)" +export GO111MODULE=off + +# FIX-ME we are doing a mimic of Makefile. +# Related: github.com/cri-o/cri-o/issues/3684 +export LDFLAGS="-X %{import_path}/internal/pkg/criocli.DefaultsPath=%{criocli_path} +-X %{import_path}/internal/version.buildDate=%{build_timestamp} +-X %{import_path}/internal/version.gitCommit=%{commit0} +-X %{import_path}/internal/version.version=%{version} +-X %{import_path}/internal/version.gitTreeState=%{git_tree_state}" + +%gobuild -o bin/%{service_name} %{import_path}/cmd/%{service_name} +%gobuild -o bin/%{service_name}-status %{import_path}/cmd/%{service_name}-status + +GO_MD2MAN=go-md2man %{__make} docs +# work around until https://github.com/cri-o/cri-o/pull/4442 is accepted +# we need to drop -static for Stack Canary, Relro, and PIE +sed -i 's/-static//g' pinns/Makefile +CFLAGS="-std=c99 -Os -Wall -Werror -Wextra -fpie -pie -fstack-protector -D_FORTIFY_SOURCE=2 -Wl,-z,relro,-z,now" %{__make} bin/pinns + +%install +sed -i 's/\/local//' contrib/systemd/%{service_name}.service +./bin/%{service_name} \ + --selinux \ + --cgroup-manager "systemd" \ + --cni-plugin-dir /opt/cni/bin \ + --cni-plugin-dir "%{_libexecdir}/cni" \ + config > %{service_name}.conf + +# install binaries +install -dp %{buildroot}{%{_bindir},%{_libexecdir}/%{service_name}} +install -p -m 755 bin/%{service_name} %{buildroot}%{_bindir} + +# install conf files +install -dp %{buildroot}%{_sysconfdir}/cni/net.d +install -p -m 644 contrib/cni/10-crio-bridge.conf %{buildroot}%{_sysconfdir}/cni/net.d/100-crio-bridge.conf +install -p -m 644 contrib/cni/99-loopback.conf %{buildroot}%{_sysconfdir}/cni/net.d/200-loopback.conf + +install -dp %{buildroot}%{_sysconfdir}/%{service_name} +install -dp %{buildroot}%{_datadir}/containers/oci/hooks.d +install -dp %{buildroot}%{_datadir}/oci-umount/oci-umount.d +install -p -m 644 crio.conf %{buildroot}%{_sysconfdir}/%{service_name} +#install -p -m 644 seccomp.json %%{buildroot}%%{_sysconfdir}/%%{service_name} +install -p -m 644 crio-umount.conf %{buildroot}%{_datadir}/oci-umount/oci-umount.d/%{service_name}-umount.conf +install -p -m 644 crictl.yaml %{buildroot}%{_sysconfdir} + +install -dp %{buildroot}%{_sysconfdir}/sysconfig +install -p -m 644 contrib/sysconfig/%{service_name} %{buildroot}%{_sysconfdir}/sysconfig/%{service_name} +install -p -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/sysconfig/%{service_name}-network +install -p -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/%{service_name}-storage +install -p -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/sysconfig/%{service_name}-metrics + +make PREFIX=%{buildroot}%{_usr} DESTDIR=%{buildroot} \ + install.bin \ + install.completions \ + install.config \ + install.man \ + install.systemd + +%if 0%{?centos} <= 7 || 0%{?rhel} <= 7 +# https://bugzilla.redhat.com/show_bug.cgi?id=1823374#c17 +install -d -p %{buildroot}%{_usr}/lib/sysctl.d +echo "fs.may_detach_mounts=1" > %{buildroot}%{_usr}/lib/sysctl.d/99-cri-o.conf +%endif + +install -dp %{buildroot}%{_sharedstatedir}/containers +#install -dp %%{buildroot}%%{_libexecdir}/%%{service_name}/%%{service_name}-wipe +#install -dp %%{buildroot}%%{_usr}/lib/systemd/system-preset + +%check +%if 0%{?with_check} +export GOPATH=%{buildroot}/%{gopath}:$(pwd)/Godeps/_workspace +%endif + +%post +# Old verions of kernel do not reconigze metacopy option. +# Reference: github.com/cri-o/cri-o/issues/3631 +%if ! 0%{?fedora} && (0%{?centos} <= 7 || 0%{?rhel} <= 7) +sed -i -e 's/,metacopy=on//g' /etc/containers/storage.conf +%sysctl_apply 99-cri-o.conf +%endif +ln -sf %{_unitdir}/%{service_name}.service %{_unitdir}/%{repo}.service +%systemd_post %{service_name} + +%preun +%systemd_preun %{service_name} + +%postun +rm -f %{_unitdir}/%{repo}.service +%systemd_postun_with_restart %{service_name} + +#define license tag if not already defined +%{!?_licensedir:%global license %doc} + +%files +%license LICENSE +%doc README.md +%{_bindir}/%{service_name} +%{_bindir}/%{service_name}-status +%{_bindir}/pinns +%{_mandir}/man5/%{service_name}.conf*5* +%{_mandir}/man8/%{service_name}*.8* +%dir %{_sysconfdir}/%{service_name} +%config(noreplace) %{_sysconfdir}/%{service_name}/%{service_name}.conf +%config(noreplace) %{_sysconfdir}/sysconfig/%{service_name} +%config(noreplace) %{_sysconfdir}/sysconfig/%{service_name}-storage +%config(noreplace) %{_sysconfdir}/sysconfig/%{service_name}-network +%config(noreplace) %{_sysconfdir}/sysconfig/%{service_name}-metrics +%config(noreplace) %{_sysconfdir}/cni/net.d/100-%{service_name}-bridge.conf +%config(noreplace) %{_sysconfdir}/cni/net.d/200-loopback.conf +%config(noreplace) %{_sysconfdir}/crictl.yaml +%dir %{_libexecdir}/%{service_name} +%{_unitdir}/%{service_name}.service +%{_unitdir}/%{repo}.service +%{_unitdir}/%{service_name}-shutdown.service +%{_unitdir}/%{service_name}-wipe.service +%dir %{_sharedstatedir}/containers +%dir %{_datadir}/containers +%dir %{_datadir}/containers/oci +%dir %{_datadir}/containers/oci/hooks.d +%dir %{_datadir}/oci-umount +%dir %{_datadir}/oci-umount/oci-umount.d +%{_datadir}/oci-umount/oci-umount.d/%{service_name}-umount.conf +%{_datadir}/bash-completion/completions/%{service_name}* +%{_datadir}/fish/completions/%{service_name}*.fish +%{_datadir}/zsh/site-functions/_%{service_name}* +%if 0%{?centos} <= 7 || 0%{?rhel} <= 7 +%{_usr}/lib/sysctl.d/99-cri-o.conf +%endif + +%changelog +* Tue Mar 15 2022 Peter Hunt - 0:1.20.7-1 +- bump to v1.20.7 + +* Fri Dec 03 2021 Peter Hunt - 0:1.20.6-2 +- fix gobuild macros to set debug symbols right +- fix bogus date +- fix broken macro + +* Thu Nov 11 2021 Peter Hunt - 0:1.20.6-1 +- bump to v1.20.6 + +* Thu Sep 16 2021 Peter Hunt - 0:1.20.5-2 +- bump to 1.20.5 + +* Wed Mar 24 2021 Peter Hunt - 0:1.20.2-1 +- Bump to v1.20.2 + +* Fri Mar 12 2021 Peter Hunt - 0:1.20.1-1 +- Bump to v1.20.1 + +* Mon Feb 15 2021 Peter Hunt - 0:1.20.0-5 +- Keep metacopy for fedora + +* Tue Jan 12 2021 Peter Hunt - 0:1.20.0-4 +- add fs.may_detach_mounts sysctl for centos/rhel 7 + +* Thu Dec 17 2020 Peter Hunt - 0:1.20.0-3 +- Fix checksec for pinns + +* Wed Dec 16 2020 Peter Hunt - 0:1.20.0-2 +- enable PIE mode for cri-o + +* Fri Dec 11 2020 Peter Hunt - 0:1.20.0-1 +- Bump to v1.20.0 + +* Thu Nov 19 2020 Peter Hunt - 2:1.19.0-4 +- fix timestamp for centos 7 + +* Mon Nov 9 2020 Peter Hunt - 2:1.19.0-3 +- upstream#3879: fix symbolic link + +* Mon Oct 05 2020 Peter Hunt - 2:1.19.0-2 +- update selinux dep to handle OBS + +* Mon Oct 05 2020 Peter Hunt - 2:1.19.0-1 +- update go-md2man dependency to handle OBS + +* Mon Sep 14 2020 Peter Hunt - 2:1.19.0-0 +- bump to 1.19.0 + +* Tue Aug 04 2020 Peter Hunt - 2:1.18.3-1 +- Github 3923: Make runc installation recommended + +* Wed Jul 29 2020 Peter Hunt - 2:1.18.3-0 +- Bump to v1.18.3 + +* Wed Jul 29 2020 Peter Hunt - 2:1.18.2-2 +- remove custom conmon path + +* Tue Jun 23 2020 Douglas Schilling Landgraf - 2:1.18.2-1 +- Build 1.18.2 + +* Fri Jun 05 2020 Douglas Schilling Landgraf - 2:1.18.1-2 +- Add --cni-plugin-dir /opt/cni/bin to cri-o conf file + +* Thu May 14 2020 Douglas Schilling Landgraf - 2:1.18.1-1 +- Release 1.18.1 + +* Thu Apr 23 2020 Douglas Schilling Landgraf - 2:1.18.0-2 +- Fix crio version - github.com/cri-o/cri-o/issues/3684 + +* Thu Apr 23 2020 Douglas Schilling Landgraf - 2:1.18.0-1 +- Bump for 1.18.0 release + +* Wed Apr 15 2020 Douglas Schilling Landgraf - 2:1.18.0-0.1.rc1 +- Bump for 1.18 release candidate + +* Tue Mar 31 2020 Lokesh Mandvekar - 2:1.17.2-2 +- use correct tag + +* Tue Mar 31 2020 RH Container Bot - 2:1.17.2-1 +- autobuilt v1.17.2 + +* Fri Mar 20 2020 Lokesh Mandvekar - 2:1.17.1-2 +- Resolves: #1795858 - list /usr/share/containers/oci/hooks.d +- enable debuginfo +- spec changes for autobuilder + +* Mon Mar 16 2020 RH Container Bot - 2:1.17.1-1 +- autobuilt v1.17.1 + +* Mon Feb 10 2020 RH Container Bot - 2:1.17.0-1 +- autobuilt $LATEST_TAG + +* Tue Jan 14 2020 Lokesh Mandvekar - 2:1.17.0-0.1.gitb89a5fc +- built v1.17.0-rc1 + +* Wed Jan 08 2020 RH Container Bot - 2:1.16.2-1 +- autobuilt $LATEST_TAG + +* Wed Dec 04 2019 Lokesh Mandvekar - 2:1.16.1-1 +- Resolves: #1740730, #1743017, #1754170 + +* Fri Nov 15 2019 Lokesh Mandvekar - 2:1.16.0-0.4.rc2 +- Resolves: #1740730, #1743017, #1754170 - no underscore in crio --version + +* Tue Nov 05 2019 Lokesh Mandvekar - 2:1.16.0-0.3.rc2 +- Requires: socat + +* Mon Nov 04 2019 RH Container Bot - 2:1.16.0-0.2.rc2 +- bump to v1.16.0-rc2 +- autobuilt a783f23 + +* Mon Oct 21 2019 Lokesh Mandvekar - 2:1.16.0-1.rc1.git6a4b481 +- built release-1.16 + +* Thu Oct 03 2019 Lokesh Mandvekar - 2:1.15.2-1 +- bump to v1.15.2 + +* Mon Sep 09 2019 Lokesh Mandvekar - 2:1.15.1-2 +- correct path in crio-wipe unitfile + +* Wed Sep 04 2019 Lokesh Mandvekar - 2:1.15.1-1 +- bump to v1.15.1 + +* Sun Jul 21 2019 Lokesh Mandvekar - 2:1.15.0-1 +- bump to 1.15.0 +- autobuilt 485227d + +* Mon May 27 2019 Lokesh Mandvekar - 2:1.14.1-2.gitb7644f6 +- add a patch to build on 32-bit systems (upstream PR: 2409) + +* Thu May 23 2019 Lokesh Mandvekar - 2:1.14.1-1.gitb7644f6 +- bump to v1.14.1 + +* Thu May 23 2019 Lokesh Mandvekar - 2:1.13.9-1.gitd70609a +- bump to v1.13.9 + +* Thu Feb 21 2019 Lokesh Mandvekar - 2:1.13.0-1.gite8a2525 +- bump to v1.13.0 + +* Sat Nov 24 2018 Lokesh Mandvekar - 2:1.12.0-1.git18bc811 +- bump to v1.12.1 + +* Tue Oct 30 2018 Lokesh Mandvekar - 2:1.12.0-1.git774a29e +- bump to v1.12.0 + +* Tue Oct 30 2018 Lokesh Mandvekar - 2:1.11.8-1.git71cc465 +- bump to v1.11.8 +- built commit 71cc465 + +* Mon Sep 17 2018 Lokesh Mandvekar - 2:1.11.4-1.gite0c89d8 +- bump to v1.11.4 +- built commit e0c89d8 +- crio.conf changes: cgroup_manager=systemd, file_locking=false + +* Tue Sep 11 2018 Lokesh Mandvekar - 2:1.11.3-1.git4fbb022 +- bump to v1.11.3 + +* Mon Aug 27 2018 Lokesh Mandvekar - 2:1.11.2-2.git3eac3b2 +- no go-md2man or go compiler for ppc64 + +* Mon Aug 27 2018 Lokesh Mandvekar - 2:1.11.2-1.git3eac3b2 +- bump to v1.11.2 +- conmon is a separate subpackage + +* Mon Jul 2 2018 Dan Walsh - 2:1.11.0-1.rhaos3.11.git441bd3d +- bump to v1.11.0 + +* Mon Jul 2 2018 Dan Walsh - 2:1.10.5-1.rhaos3.10.git +- bump to v1.10.5 + +* Wed Jun 27 2018 Lokesh Mandvekar - 2:1.10.4-1.rhaos3.10.gitebaa77a +- bump to v1.10.4 +- remove devel and unittest subpackages - unused +- debuginfo disabled for now, complains about %%files being empty + +* Mon Jun 18 2018 Dan Walsh - 2:1.10.3-1.rhaos3.10.gite558bd +- bump to v1.10.3 + +* Tue Jun 12 2018 Dan Walsh - 2:1.10.2-2.rhaos3.10.git1ffcbb +- Released version of v1.10.2 + +* Tue May 15 2018 Lokesh Mandvekar - 2:1.10.2-1.rhaos3.10.git095e88c +- bump to v1.10.2 +- built commit 095e88c +- include rhaos3.10 in release tag +- do not compress debuginfo with dwz to support delve debugger + +* Tue May 8 2018 Dan Walsh - 2:1.10.1-2.git728df92 +- bump to v1.10.1 + +* Wed Mar 28 2018 Lokesh Mandvekar - 2:1.10.0-1.beta.1gitc956614 +- bump to v1.10.0-beta.1 +- built commit c956614 + +* Tue Mar 13 2018 Dan Walsh - 2:1.9.10-1.git8723732 +- bump to v1.9.10 + +* Fri Mar 09 2018 Dan Walsh - 2:1.9.9-1.git4d7e7dc +- bump to v1.9.9 + +* Fri Feb 23 2018 Lokesh Mandvekar - 2:1.9.8-1.git7d9d2aa +- bump to v1.9.8 + +* Fri Feb 23 2018 Lokesh Mandvekar - 2:1.9.7-2.gita98f9c9 +- correct version in previous changelog entry + +* Fri Feb 23 2018 Dan Walsh - 2:1.9.7-1.gita98f9c9 +- Merge pull request #1357 from runcom/netns-fixes +- sandbox_stop: close/remove the netns _after_ stopping the containers +- sandbox net: set netns closed after actaully closing it + +* Wed Feb 21 2018 Dan Walsh - 2:1.9.6-1.git5e48c92 +- vendor: update c/image to handle text/plain from registries + +* Fri Feb 16 2018 Dan Walsh - 2:1.9.5-1.git125ec8a +- image: Add lock around image cache access + +* Thu Feb 15 2018 Dan Walsh - 2:1.9.4-1.git28c7dee +- imageService: cache information about images +- container_create: correctly set user +- system container: add /var/tmp as RW + +* Sun Feb 11 2018 Dan Walsh - 2:1.9.3-1.git63ea1dd +- Update containers/image and containers/storage +- Pick up lots of fixes in image and storage library + +* Thu Feb 8 2018 Dan Walsh - 2:1.9.2-1.gitb066a83 +- sandbox: fix sandbox logPath when crio restarts +- syscontainers, rhel: add ADDTL_MOUNTS +- Adapt to recent containers/image API updates +- container_create: only bind mount /etc/hosts if not provided by k8s + +* Wed Jan 24 2018 Dan Walsh - 2:1.9.1-1.gitb066a8 +- Final Release 1.9.1 + +* Wed Jan 03 2018 Frantisek Kluknavsky - 2:1.8.4-4.gitdffb5c2 +- epoch not needed, 1.9 was never shipped, 1.8 with epoch also never shipped + +* Wed Jan 03 2018 Frantisek Kluknavsky - 2:1.8.4-3.gitdffb5c2 +- reversed to 1.8, epoch + +* Mon Dec 18 2017 Lokesh Mandvekar - 1.9.0-1.git814c6ab +- bump to v1.9.0 + +* Fri Dec 15 2017 Dan Walsh - 1.8.4-1.gitdffb5c2 +- bump to v1.8.4 + +* Wed Nov 29 2017 Lokesh Mandvekar - 1.8.2-1.git3de7ab4 +- bump to v1.8.2 + +* Mon Nov 20 2017 Lokesh Mandvekar - 1.8.0-1.git80f54bc +- bump to v1.8.0 + +* Wed Nov 15 2017 Dan Walsh - 1.0.4-2.git4aceedee +- Fix script error in kpod completions. + +* Mon Nov 13 2017 Dan Walsh - 1.0.4-1.git4aceedee +- bump to v1.0.4 +- Add crictl.yaml +- Add prometheous end points +- Several bug fixes + +* Fri Nov 10 2017 Lokesh Mandvekar - 1.0.3-1.git17bcfb4 +- bump to v1.0.3 + +* Fri Nov 03 2017 Lokesh Mandvekar - 1.0.2-3.git748bc46 +- enable debuginfo for C binaries + +* Fri Nov 03 2017 Lokesh Mandvekar - 1.0.2-2.git748bc46 +- enable debuginfo + +* Mon Oct 30 2017 Dan Walsh - 1.0.2-1.git748bc46 +- Lots of bug fixes +- Fixes to pass cri-tools tests + +* Wed Oct 25 2017 Dan Walsh - 1.0.1-1.git64a30e1 +- Lots of bug fixes +- Fixes to pass cri-tools tests + +* Thu Oct 19 2017 Lokesh Mandvekar - 1.0.0-7.gita636972 +- update dep NVRs +- update release tag + +* Mon Oct 16 2017 Dan Walsh - 1.0.0-6.gita636972 +- Get the correct checksum +- Setup storage-opt to override kernel check + +* Fri Oct 13 2017 Lokesh Mandvekar - 1.0.0-2.gitcd1bac5 +- bump to v1.0.0 +- require containernetworking-plugins >= 0.5.2-3 + +* Wed Oct 11 2017 Lokesh Mandvekar - 1.0.0-1.rc3.gitd2c6f64 +- bump to v1.0.0-rc3 + +* Wed Sep 20 2017 Lokesh Mandvekar - 1.0.0-1.rc2.git6784a66 +- bump to v1.0.0-rc2 + +* Mon Sep 18 2017 Lokesh Mandvekar - 1.0.0-2.rc1.gitbb1da97 +- bump release tag and build for extras + +* Mon Sep 18 2017 Lokesh Mandvekar - 1.0.0-1.rc1.gitbb1da97 +- bump to v1.0.0-rc1 tag +- built commit bb1da97 +- use bundled deps +- disable devel package +- remove redundant meta-provides + +* Thu Aug 3 2017 Dan Walsh - 1.0.0.beta.0-1.git66d96e7 +- Beta Release +- Additional registry support +- Daemon pids-limit support +- cri-o daemon now supports a default pid-limit on all containers to prevent fork-bombs. This is configurable by admins through a flag or /etc/crio/crio.conf +- Configurable image volume support +- Bugs and Stability fixes +- OCI 1.0 runtime support +- Dropped internal runc, and now use systems runc + +* Fri Jun 30 2017 Lokesh Mandvekar - 1.0.0.alpha.0-1.git91977d3 +- built commit 91977d3 +- remove cri-o-cni subpackage +- require containernetworking-plugins >= 0.5.2-2 (same as containernetworking-cni) + +* Fri Jun 23 2017 Antonio Murdaca - 1.0.0.alpha.0-0.git5dcbdc0.3 +- rebuilt to include cri-o-cni sub package + +* Wed Jun 21 2017 Antonio Murdaca - 1.0.0.alpha.0-0.git5dcbdc0.2 +- rebuilt for s390x + +* Wed Jun 21 2017 Antonio Murdaca - 1.0.0.alpha.0-0.git5dcbdc0.1 +- built first alpha release + +* Fri May 5 2017 Dan Walsh 0.3-0.gitf648cd6e +- Bump up version to 0.3 + +* Tue Mar 21 2017 Dan Walsh 0.2-1.git7d7570e +- Bump up version to 0.2 + +* Tue Mar 21 2017 Dan Walsh 0.1-1.git9bf26b5 +- Bump up version to 0.1 + +* Mon Feb 13 2017 Lokesh Mandvekar - 0-0.15.git0639f06 +- built commit 0639f06 +- packaging workarounds for 'go install' + +* Wed Feb 8 2017 Dan Walsh 0-0.14.git6bd7c53 +- Use newer versions of runc +- Applying k8s kubelet v3 api to cri-o server +- Applying k8s.io v3 API for ocic and ocid +- doc: Add instruction to run cri-o with kubernetes +- Lots of updates of container/storage and containers/image + +* Mon Jan 23 2017 Peter Robinson 0-0.13.git7cc8492 +- Build on all kubernetes arches + +* Fri Jan 20 2017 Lokesh Mandvekar - 0-0.12.git7cc8492 +- add bash completion +- From: Daniel J Walsh + +* Thu Jan 19 2017 Lokesh Mandvekar - 0-0.11.git7cc8492 +- remove trailing whitespace from unitfile + +* Thu Jan 19 2017 Lokesh Mandvekar - 0-0.10.git7cc8492 +- built commit 7cc8492 +- packaging fixes from Nalin Dahyabhai + +* Thu Jan 19 2017 Dan Walsh - 0-0.9.gitb9dc097 +- Change to require skopeo-containers +- Merge Nalind/storage patch +- Now uses Storage for Image Management + +* Mon Jan 16 2017 Lokesh Manvekar - 0-0.8.git2e6070f +- packaging changes from Nalin Dahyabhai +- Don't make the ExecReload setting part of the ExecStart setting. +- Create ocid.conf in install, not in check. +- Own /etc/ocid. +- Install an "anything goes" pulling policy for a default. + +* Thu Dec 22 2016 Dan Walsh - 0-0.7.git2e6070f +- Switch locate to /var/lib/containers for images + +* Thu Dec 22 2016 Lokesh Mandvekar - 0-0.6.git2e6070f +- built commit 2e6070f + +* Wed Dec 21 2016 Lokesh Mandvekar - 0-0.5.git36dfef5 +- install plugins into /usr/libexec/ocid/cni/ +- require runc >= 1.0.0 rc2 + +* Wed Dec 21 2016 Lokesh Mandvekar - 0-0.4.git36dfef5 +- built runcom/alpha commit 36dfef5 +- cni bundled for now + +* Thu Dec 15 2016 Lokesh Mandvekar - 0-0.3.gitc57530e +- Resolves: #1392977 - first upload to Fedora +- add build deps, enable only for x86_64 (doesn't build on i686) + +* Thu Dec 15 2016 Lokesh Mandvekar - 0-0.2.gitc57530e +- add Godeps.json + +* Tue Nov 08 2016 Lokesh Mandvekar - 0-0.1.gitc57530e +- First package for Fedora + + diff --git a/crio-metrics.sysconfig b/crio-metrics.sysconfig new file mode 100644 index 0000000..c4bbe6e --- /dev/null +++ b/crio-metrics.sysconfig @@ -0,0 +1,2 @@ +# /etc/sysconfig/crio-metrics +CRIO_METRICS_OPTIONS="--enable-metrics=true --metrics-port=9537" diff --git a/crio-network.sysconfig b/crio-network.sysconfig new file mode 100644 index 0000000..7c47f86 --- /dev/null +++ b/crio-network.sysconfig @@ -0,0 +1,3 @@ +# /etc/sysconfig/crio-network + +CRIO_NETWORK_OPTIONS= diff --git a/crio-storage.sysconfig b/crio-storage.sysconfig new file mode 100644 index 0000000..fbc68c5 --- /dev/null +++ b/crio-storage.sysconfig @@ -0,0 +1,2 @@ +# /etc/sysconfig/crio-storage +CRIO_STORAGE_OPTIONS= diff --git a/sources b/sources index e69de29..9e8b73a 100644 --- a/sources +++ b/sources @@ -0,0 +1 @@ +SHA512 (v1.20.7.tar.gz) = 2748e50315cc0ded2061667e800ce440a0b6e2b9f679be76a7cba6d54daa8f50dbe9447a00d889e971f1687eaa95ceee85253f3b5b7a7b73143f9701295078e0 diff --git a/tests/test_crio.sh b/tests/test_crio.sh new file mode 100755 index 0000000..fd1a9ae --- /dev/null +++ b/tests/test_crio.sh @@ -0,0 +1,53 @@ +#!/bin/bash +# +# Simple wrapper for cri-o tests +# + +set -x + +exec >/tmp/test.debug.log 2>&1 + +echo "************************************************************************" +echo "* This log contains the output from test_crio.sh." +echo "*" +echo "* It is almost certainly not what you want. What you want is" +echo "* probably test.full.log , which is the output of test_runner.sh ," +echo "* the actual cri-o tests." +echo "************************************************************************" + +rm -f /tmp/test.log /tmp/test.full.log + +cd /usr/share/cri-o/test + +# Gah +cp --force redhat_sigstore.yaml \ + /etc/containers/registries.d/registry.access.redhat.com.yaml + +export CRIO_CNI_PLUGIN=/usr/libexec/cni +export PAUSE_BINARY=/usr/libexec/crio/pause +export CRIO_BINARY=/usr/bin/crio +export CONMON_BINARY=/usr/libexec/crio/conmon +export SECCOMP_PROFILE=/etc/crio/seccomp.json + +./test_runner.sh &> /tmp/test.full.log + +status=$? + +# Sample output from cri-tests: +# +# not ok 35 ctr update resources +# ok 84 pod stop idempotent with ctrs already stopped +# ok 86 # skip (need systemd cgroup manager) invalid systemd cgroup_parent +# +# convert those to: +# +# FAIL 35 ctr ... +# PASS 84 pod stop ... +# +sed -n \ + -e 's/^ok /PASS /p' \ + -e 's/^not ok /FAIL /p' \ + /tmp/test.log + +exit $status diff --git a/tests/test_crio.yml b/tests/test_crio.yml new file mode 100644 index 0000000..42a7f3a --- /dev/null +++ b/tests/test_crio.yml @@ -0,0 +1,36 @@ +--- +- hosts: localhost + vars: + - artifacts: ./artifacts + tags: + - classic + - container +# - atomic + + tasks: + - name: install integration tests + dnf: name={{ item }} state=present enablerepo=updates-testing + with_items: + - cri-o + - cri-o-integration-tests + - cri-tools + - nmap-ncat + - socat + - containernetworking-cni + - conntrack-tools + - python2 + - bats + + - block: + - name: Run test + script: ./test_crio.sh + always: + - name: Pull out logs + fetch: + src: "/tmp/{{ item }}" + dest: "{{ artifacts }}/{{ item }}" + flat: yes + with_items: + - test.log + - test.debug.log + - test.full.log diff --git a/tests/tests.yml b/tests/tests.yml new file mode 100644 index 0000000..7c259f4 --- /dev/null +++ b/tests/tests.yml @@ -0,0 +1 @@ +- import_playbook: test_crio.yml