72 Commits

Author SHA1 Message Date
Colin Walters
96dea82c50 Release 2020.8
This mainly has two build-side fixes for coreos-assembler.
2020-11-13 23:03:23 +01:00
Luca BRUNO
b4e4005f56 sh: fix bash shebang
This updates a couple of shebangs for scripts using bash `pipefail`
option.
2020-11-11 16:50:43 +01:00
Jonathan Lebon
a1b35d0d75 Release 2020.7
To get https://github.com/coreos/rpm-ostree/pull/2301 out.
2020-11-02 16:47:10 +01:00
Colin Walters
607a04ae12 Release 2020.6
We have the 32 bit fix, the new initramfs command, and various
other cleanups.  I also want to see if this fixes https://bugzilla.redhat.com/show_bug.cgi?id=1865839
so let's get a release out.
2020-10-30 15:21:45 +01:00
Jonathan Lebon
4da10dc11e Add new ex initramfs-etc command
This command allows users to cheaply inject configuration files in the
initramfs stage without having to regenerate the whole initramfs (or
even a new OSTree commit). This will be useful for configuring services
involved in bringing up the root block device.

```
$ echo 'hello world' > /etc/foobar
$ rpm-ostree ex initramfs-etc --track /etc/foobar
Staging deployment... done
Run "systemctl reboot" to start a reboot
$ rpm-ostree status
State: idle
Deployments:
  ostree://fedora:fedora/x86_64/coreos/testing-devel
                   Version: 32.20200716.dev.1 (2020-07-16T02:47:29Z)
                    Commit: 9a817d75bef81b955179be6e602d1e6ae350645b6323231a62ba2ee6e5b9644b
              GPGSignature: (unsigned)
              InitramfsEtc: /etc/foobar

● ostree://fedora:fedora/x86_64/coreos/testing-devel
                   Version: 32.20200716.dev.1 (2020-07-16T02:47:29Z)
                    Commit: 9a817d75bef81b955179be6e602d1e6ae350645b6323231a62ba2ee6e5b9644b
              GPGSignature: (unsigned)
$ reboot
(boot into rd.break)
sh-5.0# cat /etc/foobar
hello world
```

See the libostree side of this at:
https://github.com/ostreedev/ostree/pull/2155

Lots more discussions in:
https://github.com/coreos/fedora-coreos-tracker/issues/94

Closes: #1930
2020-10-30 00:48:54 +01:00
Jonathan Lebon
ec940303c4 Release 2020.5
A few goodies, but mostly to get #2221 out.
2020-09-15 11:32:06 +02:00
Jeff Law
3097af804d spec: Disable LTO 2020-07-31 11:07:18 -04:00
Jonathan Lebon
bcf241d572 Release 2020.4
Thin release. Mostly for a bunch of RHCOS-relevant fixes and
enhancements: 752f4f09 (#2178), 4d836dd8 (#2151) and f608eb09 (#2158).
2020-07-29 10:41:43 -04:00
Tom Stellard
27c14d5809 spec: Use make macros
This pull request was create automatically for the f33 change:
https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro

(Upstreamed from
https://src.fedoraproject.org/rpms/rpm-ostree/pull-request/39).
2020-07-22 18:43:17 +02:00
Jonathan Lebon
f3ccd92cd7 Release 2020.3
Seems about time, but also to get the crypto-policies workaround out:
https://github.com/coreos/fedora-coreos-tracker/issues/540
2020-06-19 11:39:16 -04:00
Stephen Gallagher
541b43beaa spec: Fix up conditionals for ELN
The `rust-toolset` package does not exist in Fedora, so we cannot
use it for BuildRequires. Change the conditional to exclude ELN
from the %rhel conditional.

Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2020-05-23 10:18:00 -04:00
Jonathan Lebon
f8667c65f7 spec: Bump version to 2020.2
This should've been part of the last release commit.
2020-05-23 10:18:00 -04:00
dependabot-preview[bot]
86f808d49c build(deps): bump envsubst from 0.1.1 to 0.2.0 in /rust
Bumps [envsubst](https://github.com/lucab/envsubst-rs) from 0.1.1 to 0.2.0.
- [Release notes](https://github.com/lucab/envsubst-rs/releases)
- [Commits](https://github.com/lucab/envsubst-rs/compare/0.1.1...v0.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-04-06 20:21:54 +02:00
Jonathan Lebon
7501b39cbf spec: Bump libmodulemd version requirement
This matches the latest bump in libdnf:
763ccc3e33
2020-02-25 16:48:15 +01:00
Jonathan Lebon
35818cefd5 Release 2020.1 2020-02-05 23:18:45 +01:00
Jonathan Lebon
82b27de843 Release 2019.7
Not the biggest release, but there are some decent targeted fixes and
enhancements and it's been a while.
2019-12-19 16:22:11 +01:00
Colin Walters
8e5baf5ca7 Detect whether zchunk (zck) is available at build time
We don't *actually* use this ourself, but librepo does, and libdnf gets confused
if librepo doesn't support it.  This is the case in RHEL8 currently.

Basically what breaks is trying to use the Fedora EPEL repo (has zchunk metadata)
on RHEL CoreOS.  And we have a test in kola that does this today.
2019-10-18 17:13:55 +02:00
Jonathan Lebon
ccace4c56c Release 2019.6
Last release was almost two months ago. Not a lot of groundbreaking
features, though let's get the various fixes out.

Closes: #1907
Approved by: lucab
2019-09-24 16:23:27 +00:00
worldofpeace
a8ee788e61 Move D-Bus conf file to $(datadir)/dbus-1/system.d
Since D-Bus 1.9.18 configuration files installed by third-party should
go in share/dbus-1/system.d. The old location is for sysadmin overrides.

Closes: #1903
Approved by: jlebon
2019-09-17 04:37:59 +00:00
Jonathan Lebon
680cc10077 spec: Fix documentation files
Follow-up to the recent licensing changes.

This is the first spec file change since moving it upstream.

Closes: #1900
Approved by: cgwalters
2019-09-09 23:50:32 +00:00
Jonathan Lebon
801de7fdae packaging: Adapt to cargo vendor now being built-in
From Rust v1.37, `cargo vendor` is now baked. Stop building it, and
tweak the vendoring script to adapt to the new UX.

Closes: #1900
Approved by: cgwalters
2019-09-09 23:50:32 +00:00
Jonathan Lebon
e11d426f99 packaging: Move canonical spec file here
So this is a somewhat significant change, but I'd like to try having the
canonical spec file upstream. A few reasons for this:

1. We integrate tightly with the distros we're destined for, and so
   we're in a pretty good position for knowing how the software should
   be packaged.
2. We can atomically change packaging along with the rest of the code.
   This has important ramifications, including that it'll be easier to
   integrate with continuous build services like Packit, but releases
   will also be less fraught with last-minute packaging fixes.
3. I'm playing with Jenkins pipelines and there I'd like to make RPMs
   the "artifact" that gets moved down the pipeline into later stages
   (e.g. `cosa build`). We could even eventually make it an actual
   external artifact so that anyone can easily download RPMs from any
   random PR for testing. (And in fact, with a thin yumrepo layer on
   top, it could be used to replace Packit/rdgo entirely).

Not that this approach doesn't have issues as well (e.g. on the dist-git
side, we'll need some minimal tooling to merge in the changelog), though
I think it's worth trying out.

Closes: #1900
Approved by: cgwalters
2019-09-09 23:50:32 +00:00
Jonathan Lebon
146fe31620 packaging: Fix repomanage usage
Not actually planning to use this for now. Noticed it in passing.

Closes: #1900
Approved by: cgwalters
2019-09-09 23:50:32 +00:00
Jonathan Lebon
4824410cc2 packaging: Drop support for dist-snapshot w/o compose
The build system doesn't support this anymore. Also add `-T0` for
multi-threading.

Closes: #1900
Approved by: cgwalters
2019-09-09 23:50:32 +00:00
Jonathan Lebon
206ae24d4e tests: Bump to Python 3 only
This bumps the requirement on the controlling host to Python 3 only.
It also bumps the requirement on the target host to Python 3 as well
since FCOS doesn't ship Python 2 right now.

Though we'll need to eventually drop all Python usage anyway, but at
least let's get tests passing on FCOS first. (See related previous
patch).

Closes: #1828
Approved by: cgwalters
2019-05-08 19:02:32 +00:00
Jonathan Lebon
34bdffcbd2 packaging: Don't include checksums for libtool.m4 and configure
These are more files that get mangled at `%configure` time. These two
new ones specifically, I tripped on while building on ppc64le for RHEL7.
See https://bugzilla.redhat.com/show_bug.cgi?id=1113618 for more info.

Closes: #1731
Approved by: cgwalters
2019-01-15 19:20:36 +00:00
Jonathan Lebon
5202ce06c2 packaging: Don't include checksums for ltmain.sh
And `config.guess` and `config.sub`. These files get mangled by the
`%configure` macro when it tries to insert hardening compile flags and
so the checksums no longer match. This is an ugly hack akin to #1554
that requires an incision in the cargo vendor JSON.

Fedora does package a lot of these crate sources now which we
could use to drop these hacks, but not all the crates are packaged (I
counted 4 unpackaged top-level crates), and I'm not sure what their
states are in RHEL7/8 either.

Closes: #1715
Approved by: cgwalters
2018-12-15 14:21:19 +00:00
Jonathan Lebon
5fb5effbd2 packaging: Nuke more vendored sources
Nuke systemd source files for the same reasons as libcurl (see #1554).
Also noticed that libz-sys was doing this, though it's not new to this
patch.

For reference, see: https://github.com/projectatomic/rpm-ostree/pull/1554

Closes: #1601
Approved by: cgwalters
2018-10-16 17:41:09 +00:00
Colin Walters
f50f9e8d7e Split cbindgen to separate build, support external version
The problem is building bindgen as part of our single run
locks serde to way old versions, and I want to use newer versions.

Since Fedora will now again ship a `cbindgen` package, let's
also support using it if we find it, saving ourselves
the cost of building it.

For distros that don't ship it (e.g. CentOS) for CI purposes
we build it.  For downstream builds that are offline, rather
than vendor the cbindgen sources like we do with our main Rust,
let's just vendor the `rpmostree-rust.h` file as was suggested
in https://bugzilla.redhat.com/show_bug.cgi?id=1608670

Closes: https://github.com/projectatomic/rpm-ostree/issues/1557

Closes: #1573
Approved by: jlebon
2018-09-25 20:29:21 +00:00
Jonathan Lebon
57c4f8acff packaging: Don't vendor bundled libcurl
The `curl-sys` crate includes with it a bundled copy of libcurl which is
used if `pkgconfig` doesn't find libcurl configuration files. In our
case, we always want to use the system libcurl. So filter it out. This
also drops our *compressed* tarball by 2.5M.

One tricky bit is that cargo crates include a checksum JSON that's read
by `cargo build` later on to validate the crate. So we need to do some
JSON surgery.

What made me look into this was that Koji builds were failing due to the
`%configure` macro including hardening bits that sub out e.g. all
`config.sub` and `ltmain.sh` files which then caused the checksum to
fail validation. This completely sidesteps that issue.

Closes: #1554
Approved by: cgwalters
2018-09-11 14:44:44 +00:00
Jonathan Lebon
7467952c96 packaging: Use standard strict mode header
The script already turned on `-e` later on. Make it conform to the
standard strict mode with the rest of the options right at the
beginning.

Closes: #1554
Approved by: cgwalters
2018-09-11 14:44:44 +00:00
Colin Walters
a8a5f236f1 packaging: Fix Rust vendoring
I made a subtle change at the last minute with the previous PR
to use `*` for the glob instead of `.`, because the tmpdir had a `.tmp`
file I didn't want.

But - this caused us to miss the `.cargo` directory which has
the config file.  And while I'd been testing builds with no network,
of course cargo was really pulling content from `~/.cargo`.

When I went to do a scratch build in Koji, that failed obviously.
I tested this makes things [work with a SRPM scratch](https://koji.fedoraproject.org/koji/taskinfo?taskID=27490830)
and in my dev container under `bwrap --unshare-net` with `mv ~/.cargo{,.orig}`.

Closes: #1394
Approved by: jlebon
2018-06-08 15:42:03 +00:00
Colin Walters
7b69294b8a packaging: Support vendoring the Rust sources
This ends up being different than what landed in librsvg (that
was imported into ostree) because in rpm-ostree we've basically
been using `git archive`-based tarball generation rather than `make dist`
for a long time.  And supporting `make dist` looks like it'd get into
handling the `libdnf` bits and walking into `cmake` land so...yeah
let's not do that.

The canonical sources are in git (recursively via submodule),
except for the Rust sources, which cargo can download dynamically,
and with this patch we support glomming all of that together
into a tarball.

(And turn off `make dist` so people understand how we do it)

Tested by `make -f Makefile.dist-packaging dist-snapshot`, then
copying the resulting tarball into a container with `--net=none`
and building there.

Closes: #1391
Approved by: jlebon
2018-06-06 15:52:48 +00:00
Kalev Lember
84f6bcb4f0 Add polkit support
This allows non-root users access to the rpm-ostree daemon, which is
a pre-requirement for gnome-software rpm-ostree support.

Closes: #745

Closes: #825
Approved by: cgwalters
2017-06-19 21:19:42 +00:00
Chen Fan
afbf0de286 spec: Update from fedora dist-git
We'll keep a copy here for now, though the canonical
version should be viewed as the Fedora dist-git.

Updated-by: Colin Walters <walters@verbum.org>

Closes: #667
Approved by: jlebon
2017-03-08 19:52:58 +00:00
Colin Walters
63f0f5af47 packaging: Add a cccp.yml and tweak Dockerfile
Let's try out https://wiki.centos.org/ContainerPipeline

Having maintained Docker images for rpm-ostree seems kind of overdue.
(I didn't actually test the CP bits since I'm not sure how to do that)

Closes: #460
Approved by: jlebon
2016-09-13 13:35:12 +00:00
Colin Walters
3eaea54e6f build: Update .gitignore
Closes: #250
Approved by: cgwalters
2016-03-26 14:22:41 +00:00
Colin Walters
81e3c5fd6a packaging: Modernize Dockerfile a bit
As long as we require uid 0, we should encourage people to run
`compose tree` in its current state inside a Docker/nspawn container.

I didn't spend a lot of time on this yet but it works.  Am considering
switching to a CentOS base though.

Closes: #249
Approved by: giuseppe
2016-03-25 08:32:17 +00:00
Colin Walters
180d5c5374 packaging: Make a yum repo 2016-03-11 08:38:06 -05:00
Colin Walters
799fe4d7c7 packaging: Drop hawkey BR
We're now tracking libhif master only.
2016-03-08 14:53:23 -05:00
Colin Walters
b716959252 Major revamp/extension of libhif/unpacker code
This is in preparation for `rpm-ostree container`, which handles
unpacking RPMs as non-root.

At the moment, I'm copying code in from both ostree's libarchive bits
(fixable...may need to export some utility functions) and some
functions from libhif (harder, see:
http://lists.rpm.org/pipermail/rpm-ecosystem/2016-January/000297.html )

There's lots more cleanup to do here, but I don't want to block on the
resolution of the libhif changes.
2016-02-22 14:27:45 -05:00
petervo
c0d15a66ad daemon: Start of work on daemon 2015-09-09 22:00:04 -04:00
Colin Walters
da88e60241 spec: Drop no longer needed config arguments 2015-08-31 17:21:51 -04:00
Colin Walters
de47c23450 doc: Add gtk-doc for new library 2015-04-13 14:39:06 -04:00
Giuseppe Scrivano
e927f90de1 Makefile.dist-packaging: fix make rpm with submodules
Makefile.dist-packaging seems to assume to be run under packaging/ as
"make -C packaging -f Makefile.dist-packaging rpm" so ensure the
srcdir is set correctly to point to the parent directory.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2015-03-06 14:30:02 +01:00
Colin Walters
39cbc2998b packaging: Update BRs 2014-11-14 18:07:47 -05:00
Colin Walters
d572fe84a4 packaging: Add symlink for atomic 2014-10-03 20:02:24 -04:00
Colin Walters
466d9dbe33 packaging/make-git-snapshot.sh: Add missing file 2014-10-03 10:06:49 -04:00
Colin Walters
0f16e2e252 Add --disable-compose-tooling build option
Some downstreams want the ability to separate the compose tooling from
the client, for e.g. support reasons.

This approach supports generating a tarball without the source for the
compose command, and requires specifying a config option to disable
it.
2014-09-16 21:45:30 -04:00
Colin Walters
c577cb0296 packaging: Enable hawkey and usrbinatomic by default
This will break on F20 but if that starts being a problem we can work
around it with an automatic version check or so.
2014-06-22 18:03:21 -04:00