rpms/weldr-client
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

merge into: rpms:rawhide
Branches Tags
rpms:rawhide
rpms:f43
rpms:main
rpms:f42
rpms:f41
rpms:f40
rpms:f39
rpms:f38
rpms:f37
rpms:f36
rpms:f35
rpms:f34
...
pull from: rpms:f35
Branches Tags
rpms:f43
rpms:main
rpms:rawhide
rpms:f42
rpms:f41
rpms:f40
rpms:f39
rpms:f38
rpms:f37
rpms:f36
rpms:f35
rpms:f34
Sign in to create a new pull request.

3 commits
rawhide ... f35

Author SHA1 Message Date
Maxwell G
c45d5fbe9d
 		Rebuild for CVE-2022-{24675,28327,29526} in golang 2022-07-08 19:25:22 -05:00
Brian C. Lane
273c8bd6c7 - New release: 35.5 (bcl) 
- docs: Explain how to undo blueprints delete (bcl)
- test: server status no longer returns devel (bcl)
- Use GetFrozenBlueprintsTOML for blueprints freeze save (bcl)
- Add a test for float uid/gid in frozen blueprint (bcl)
- Use GetBlueprintsTOML for blueprints save (bcl)
- test: Add a test for float uid/gid in saved blueprint (bcl)
- build(deps): bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0 (49699333+dependabot[bot])
- tests: trigger on push to main (jrusz)
- build(deps): bump github.com/spf13/cobra from 1.2.1 to 1.3.0 (49699333+dependabot[bot])
- ci: add keystore for sonarqube (jrusz)
- spec: Switch to using %gobuild macro on Fedora (bcl)
- ci: change workflow name (jrusz)
- ci: add gitlab-ci and sonarqube (jrusz)
- doc: fix example links from the README (tdecacqu)
- build(deps): bump actions/checkout from 2.3.4 to 2.4.0 (49699333+dependabot[bot])
- ci: Enable Coverity Scan tool (atodorov)
 2022-02-15 09:40:38 -08:00
Brian C. Lane
5fc622c19f - New release: 35.4 (bcl) 
- test: More detailed error for test compose failure (bcl)
- weldr: Return a helpful error for socket problems (bcl)
- spec: Add build flags to composer-cli-test build cmdline (bcl)
 2021-11-04 15:35:28 -07:00
4 changed files with 49 additions and 54 deletions
Download patch file Download diff file Expand all files Collapse all files

5
.gitignore vendored
View file

@ -1,2 +1,5 @@
/gpg-117E8C168EFE3A7F.key
/weldr-client-35.1.tar.gz
/weldr-client-35.4.tar.gz
/weldr-client-35.4.tar.gz.asc
/weldr-client-35.5.tar.gz
/weldr-client-35.5.tar.gz.asc

5
sources
View file

@ -1,2 +1,3 @@
SHA512 (gpg-117E8C168EFE3A7F.key) = 36712a4e05cbb2ca139e777d8b2abe4ee0536f970208c2c2c1a50a2294979b828a9d6abcbad1dce3cc015a0c4364ab87ab04cb459811ad3aca5cf6611093b9bd
SHA512 (weldr-client-35.1.tar.gz) = 8508b446c44eae917710083c8185054e3a89f799723b71e2d0069ce35c653ea2adabcab3b8d7d9a903f127798368933ba765c603ebed4fe3f6c6187c032a793c
SHA512 (weldr-client-35.5.tar.gz) = 81f4a97ce1f1081ea27d0f5e3513ef705586b5b29ff4f9047e067888af4784472c79203397aa8e567414f3e92a1b1fef55412d0e151adaef01f96cc5ec0cceb3
SHA512 (weldr-client-35.5.tar.gz.asc) = 3116b9481bf43eea82029b15bbc972341ef2cc9e73e97bf60490458085cba0f4fe0adb4651688101ffaa2e41f5f5f112a5a6555be3253d3666faf801e3d157cc
SHA512 (gpg-117E8C168EFE3A7F.key) = 9c760460e3227848c99a1178828512056ac04f518f98bdab5ef36d2aa31c4e5dcda3800d7141cfaf7f2acd0f7f35d4b9971083b6f14f8a36231b74041d4ed88d

11
weldr-client-35.1.tar.gz.asc
View file

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEtMa0UeT6i0IyyhkeEX6MFo7+On8FAmB0v1oACgkQEX6MFo7+
On/fBQgAheXV7RRzQEKiYTc53dNKY2+jTzy++W2BpBnpMVIkcu8LjSLQ9sD2AF5o
90aeeTnMs4o2YKjInj2Rl/TfnA0JfHl+es/QcpKwM6Tl7Znn9570hRy10JuRojSe
4Lq8wxcr8m5oxAzE1UAvz4ws0xdgHwvhPJJUfMNXANj5BX7M/5A3493zDAkwvQ9H
3VdPenPgZk2nwjml0IgtTR+sRn1aJC0yXYtcP2bAlOV3sAklVkIGhL3E9bh78Bbj
oRCN50Bw3jrFmhisfT1HhKtW0B64mg12uIXAqi0S471O4eiy4cF6SFh9L5bSqaTZ
Zw1nTyzykUR0DCtQ6n/Vcqo7jl8Fsw==
=YWa+
-----END PGP SIGNATURE-----

82
weldr-client.spec
View file

@ -1,18 +1,22 @@
# Pass --with tests to rpmbuild to build composer-cli-tests
%bcond_with tests
# Pass --without signed to skip gpg signed tar.gz (DO NOT DO THAT IN PRODUCTION)
%bcond_without signed
%global goipath github.com/osbuild/weldr-client
%global goipath github.com/osbuild/weldr-client/v2
Name: weldr-client
Version: 35.1
Release: 3%{?dist}
Version: 35.5
Release: 2%{?dist}
# Upstream license specification: Apache-2.0
License: ASL 2.0
Summary: Command line utility to control osbuild-composer
Url: %{gourl}
Source0: https://github.com/osbuild/weldr-client/releases/download/v%{version}/%{name}-%{version}.tar.gz
%if %{with signed}
Source1: https://github.com/osbuild/weldr-client/releases/download/v%{version}/%{name}-%{version}.tar.gz.asc
Source2: https://keys.openpgp.org/vks/v1/by-fingerprint/117E8C168EFE3A7F#/gpg-117E8C168EFE3A7F.key
%endif
Obsoletes: composer-cli < 35.0
Provides: composer-cli = %{version}-%{release}
@ -37,7 +41,9 @@ BuildRequires: gnupg2
Command line utility to control osbuild-composer
%prep
%if %{with signed}
%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
%endif
%if 0%{?rhel}
%forgeautosetup -p1
%else
@ -45,6 +51,8 @@ Command line utility to control osbuild-composer
%endif
%build
export LDFLAGS="-X %{goipath}/cmd/composer-cli/root.Version=%{version} "
%if 0%{?rhel}
GO_BUILD_PATH=$PWD/_build
install -m 0755 -vd $(dirname $GO_BUILD_PATH/src/%{goipath})
@ -58,28 +66,23 @@ export GOFLAGS=-mod=vendor
export GOPATH="%{gobuilddir}:${GOPATH:+${GOPATH}:}%{?gopath}"
export GO111MODULE=off
%endif
%gobuild -o composer-cli %{goipath}/cmd/composer-cli
export LDFLAGS="-X github.com/osbuild/weldr-client/cmd/composer-cli/root.Version=%{version} "
make GOBUILDFLAGS="%{gobuildflags}" build
## TODO
##make man
%if %{with tests} || 0%{?rhel}
export BUILDTAGS="integration"
# Build test binaries with `go test -c`, so that they can take advantage of
# golang's testing package. The golang rpm macros don't support building them
# golang's testing package. The RHEL golang rpm macros don't support building them
# directly. Thus, do it manually, taking care to also include a build id.
#
# On Fedora, also turn off go modules and set the path to the one into which
# On Fedora go modules have already been turned off, and the path set to the one into which
# the golang-* packages install source code.
%if 0%{?fedora}
export GOPATH="%{gobuilddir}:${GOPATH:+${GOPATH}:}%{?gopath}"
export GO111MODULE=off
%endif
export LDFLAGS="-X github.com/osbuild/weldr-client/cmd/composer-cli/root.Version=%{version} "
export BUILDTAGS="integration"
make GOBUILDFLAGS="%{gobuildflags}" integration
export LDFLAGS="${LDFLAGS:-} -linkmode=external -compressdwarf=false -B 0x$(od -N 20 -An -tx1 -w100 /dev/urandom | tr -d ' ')"
go test -c -tags=integration -buildmode pie -compiler gc -ldflags="${LDFLAGS}" -o composer-cli-tests %{goipath}/weldr
%endif
%install
@ -95,8 +98,10 @@ export GOPATH="%{gobuilddir}:${GOPATH:+${GOPATH}:}%{?gopath}"
export GO111MODULE=off
%endif
export LDFLAGS="-X github.com/osbuild/weldr-client/cmd/composer-cli/root.Version=%{version} "
make GOBUILDFLAGS="%{gotestflags}" test
# Run the unit tests
export LDFLAGS="-X %{goipath}/cmd/composer-cli/root.Version=%{version} "
make test
%files
%license LICENSE
@ -121,27 +126,24 @@ composer-cli package.
%changelog
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 35.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Sat Jul 09 2022 Maxwell G <gotmax@e.email> - 35.5-2
- Rebuild for CVE-2022-{24675,28327,29526} in golang
* Thu Apr 22 2021 Brian C. Lane <bcl@redhat.com> - 35.1-2
- Obsolete composer-cli < 35.0 instead of 34.0
Patch until next upstream release
* Mon Apr 12 2021 Brian C. Lane <bcl@redhat.com> - 35.1-1
- New release: 35.1 (bcl)
- spec: Change release back to 1 (bcl)
- spec: Move testify BuildRequires into fedora block (bcl)
- vendor: Add vendored dependencies for RHEL (bcl)
- tools: Add prepare-source.sh vendoring helper script (bcl)
- Makefile: skip vendor directory for check target (bcl)
- spec: Bump release to 2 (bcl)
- spec: Fix BuildRequires for tests (bcl)
- Makefile: Remove executable from bash completion (bcl)
- Makefile: Only use GOBUILDFLAGS (bcl)
- spec: Bump release to 2 (bcl)
- spec: Add doc files (bcl)
- spec: Add gpg signature verification (bcl)
- spec: Use git-core instead of git (bcl)
- spec: Set License to Apache 2.0 (bcl)
- spec: Update Source urls with new project location (bcl)
* Mon Feb 14 2022 Brian C. Lane <bcl@redhat.com> - 35.5-1
- New release: 35.5 (bcl)
- docs: Explain how to undo blueprints delete (bcl)
- test: server status no longer returns devel (bcl)
- Use GetFrozenBlueprintsTOML for blueprints freeze save (bcl)
- Add a test for float uid/gid in frozen blueprint (bcl)
- Use GetBlueprintsTOML for blueprints save (bcl)
- test: Add a test for float uid/gid in saved blueprint (bcl)
- build(deps): bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0 (49699333+dependabot[bot])
- tests: trigger on push to main (jrusz)
- build(deps): bump github.com/spf13/cobra from 1.2.1 to 1.3.0 (49699333+dependabot[bot])
- ci: add keystore for sonarqube (jrusz)
- spec: Switch to using %%gobuild macro on Fedora (bcl)
- ci: change workflow name (jrusz)
- ci: add gitlab-ci and sonarqube (jrusz)
- doc: fix example links from the README (tdecacqu)
- build(deps): bump actions/checkout from 2.3.4 to 2.4.0 (49699333+dependabot[bot])
- ci: Enable Coverity Scan tool (atodorov)