# Below definitions are used to deliver config files from a particular branch
# of c/image, c/common, c/storage vendored in all of Buildah, Podman and Skopeo.
# These vendored components must have the same version. If it is not the case,
# pick the oldest version on c/image, c/common, c/storage vendored in
# Buildah/Podman/Skopeo.
%global skopeo_branch main
%global podman_branch main
%global buildah_branch main
%global image_branch main
%global common_branch main
%global storage_branch main
%global shortnames_branch main
%global github_containers https://raw.githubusercontent.com/containers
Epoch: 4
Name: containers-common
Version: 1
Release: %autorelease
License: ASL 2.0
BuildArch: noarch
Summary: Common configuration and documentation for containers
BuildRequires: go-md2man
Provides: skopeo-containers = %{epoch}:%{version}-%{release}
Requires: (container-selinux >= 2:2.162.1 if selinux-policy)
Recommends: fuse-overlayfs
Requires: (fuse-overlayfs if fedora-release-identity-server)
# SourceN files fetched from upstream
# GPG key and registry configs taken from RH
Source1: %{github_containers}/common/%{common_branch}/docs/containers.conf.5.md
Source2: %{github_containers}/common/%{common_branch}/pkg/config/containers.conf
Source3: %{github_containers}/common/%{common_branch}/pkg/seccomp/seccomp.json
Source4: %{github_containers}/common/%{common_branch}/pkg/subscriptions/mounts.conf
Source5: %{github_containers}/image/%{image_branch}/docs/containers-auth.json.5.md
Source6: %{github_containers}/image/%{image_branch}/docs/containers-certs.d.5.md
Source7: %{github_containers}/image/%{image_branch}/docs/containers-policy.json.5.md
Source8: %{github_containers}/image/%{image_branch}/docs/containers-registries.conf.5.md
Source9: %{github_containers}/image/%{image_branch}/docs/containers-registries.conf.d.5.md
Source10: %{github_containers}/image/%{image_branch}/docs/containers-registries.d.5.md
Source11: %{github_containers}/image/%{image_branch}/docs/containers-signature.5.md
Source12: %{github_containers}/image/%{image_branch}/docs/containers-transports.5.md
Source13: %{github_containers}/image/%{image_branch}/registries.conf
Source14: %{github_containers}/common/%{common_branch}/docs/containers-mounts.conf.5.md
Source15: %{github_containers}/shortnames/%{shortnames_branch}/shortnames.conf
Source16: %{github_containers}/skopeo/%{skopeo_branch}/default.yaml
Source17: %{github_containers}/skopeo/%{skopeo_branch}/default-policy.json
Source18: %{github_containers}/storage/%{storage_branch}/docs/containers-storage.conf.5.md
Source19: %{github_containers}/storage/%{storage_branch}/storage.conf
Source20: RPM-GPG-KEY-redhat-release
Source21: registry.access.redhat.com.yaml
Source22: registry.redhat.io.yaml
Source23: %{github_containers}/common/%{common_branch}/docs/Containerfile.5.md
Source24: %{github_containers}/common/%{common_branch}/docs/containerignore.5.md
Source25: %{github_containers}/common/%{common_branch}/docs/links/.containerignore.5
%description
This package contains common configuration files and documentation for container
tools ecosystem, such as Podman, Buildah and Skopeo.
It is required because the most of configuration files and docs come from projects
which are vendored into Podman, Buildah, Skopeo, etc. but they are not packaged
separately.
%package extra
Summary: Extra dependencies for Podman and Buildah
Requires: %{name} = %{epoch}:%{version}-%{release}
Requires: container-network-stack
Requires: oci-runtime
Recommends: crun
Requires: (crun if fedora-release-identity-server)
Recommends: netavark
Requires: (netavark if fedora-release-identity-server)
Recommends: slirp4netns
Requires: (slirp4netns if fedora-release-identity-server)
Requires: iptables
Requires: nftables
Suggests: containernetworking-plugins >= 0.9.1-1
Suggests: qemu-user-static
%description extra
This subpackage will handle dependencies common to Podman and Buildah which are
not required by Skopeo.
%prep
cp %{SOURCE1} .
cp %{SOURCE2} .
cp %{SOURCE3} .
cp %{SOURCE4} .
cp %{SOURCE5} .
cp %{SOURCE6} .
cp %{SOURCE7} .
cp %{SOURCE8} .
cp %{SOURCE9} .
cp %{SOURCE10} .
cp %{SOURCE11} .
cp %{SOURCE12} .
cp %{SOURCE13} .
cp %{SOURCE14} .
cp %{SOURCE15} 000-shortnames.conf
cp %{SOURCE16} .
cp %{SOURCE17} policy.json
cp %{SOURCE18} .
cp %{SOURCE19} .
cp %{SOURCE20} .
cp %{SOURCE21} .
cp %{SOURCE22} .
cp %{SOURCE23} .
cp %{SOURCE24} .
cp %{SOURCE25} .
%if 0%{?rhel} <= 8
sed -i 's/log_driver = "journald"/#log_driver = "journald"/' containers.conf
%endif
%build
mkdir -p man5
for FILE in $(ls *.5.md); do
go-md2man -in $FILE -out man5/$(basename $FILE .md)
done
cp man5/containerignore.5 man5/.containerignore.5
%install
# install config and policy files for registries
install -dp %{buildroot}%{_sysconfdir}/containers/{certs.d,oci/hooks.d}
install -dp %{buildroot}%{_sharedstatedir}/containers/sigstore
install -Dp -m0644 default.yaml -t %{buildroot}%{_sysconfdir}/containers/registries.d
install -Dp -m0644 storage.conf -t %{buildroot}%{_datadir}/containers
install -Dp -m0644 registries.conf -t %{buildroot}%{_sysconfdir}/containers
install -Dp -m0644 000-shortnames.conf -t %{buildroot}%{_sysconfdir}/containers/registries.conf.d
install -Dp -m0644 policy.json -t %{buildroot}%{_sysconfdir}/containers
install -Dp -m0644 RPM-GPG-KEY-redhat-release -t %{buildroot}%{_sysconfdir}/pki/rpm-gpg
install -Dp -m0644 registry.access.redhat.com.yaml -t %{buildroot}%{_sysconfdir}/containers/registries.d
install -Dp -m0644 registry.redhat.io.yaml -t %{buildroot}%{_sysconfdir}/containers/registries.d
# install manpages
for FILE in $(ls -a man5 | grep 5); do
install -Dp -m0644 man5/$FILE -t %{buildroot}%{_mandir}/man5
done
# install config files for mounts, containers and seccomp
install -m0644 mounts.conf %{buildroot}%{_datadir}/containers/mounts.conf
install -m0644 seccomp.json %{buildroot}%{_datadir}/containers/seccomp.json
install -m0644 containers.conf %{buildroot}%{_datadir}/containers/containers.conf
# install secrets patch directory
install -d -p -m 755 %{buildroot}/%{_datadir}/rhel/secrets
# rhbz#1110876 - update symlinks for subscription management
ln -s %{_sysconfdir}/pki/entitlement %{buildroot}%{_datadir}/rhel/secrets/etc-pki-entitlement
ln -s %{_sysconfdir}/rhsm %{buildroot}%{_datadir}/rhel/secrets/rhsm
ln -s %{_sysconfdir}/yum.repos.d/redhat.repo %{buildroot}%{_datadir}/rhel/secrets/redhat.repo
%files
%dir %{_sysconfdir}/containers
%dir %{_sysconfdir}/containers/certs.d
%dir %{_sysconfdir}/containers/oci
%dir %{_sysconfdir}/containers/oci/hooks.d
%dir %{_sysconfdir}/containers/registries.conf.d
%dir %{_sysconfdir}/containers/registries.d
%config(noreplace) %{_sysconfdir}/containers/policy.json
%config(noreplace) %{_sysconfdir}/containers/registries.conf
%config(noreplace) %{_sysconfdir}/containers/registries.conf.d/000-shortnames.conf
%{_sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
%config(noreplace) %{_sysconfdir}/containers/registries.d/default.yaml
%{_sysconfdir}/containers/registries.d/registry.redhat.io.yaml
%{_sysconfdir}/containers/registries.d/registry.access.redhat.com.yaml
%ghost %{_sysconfdir}/containers/storage.conf
%ghost %{_sysconfdir}/containers/containers.conf
%dir %{_sharedstatedir}/containers/sigstore
%{_mandir}/man5/Containerfile.5.gz
%{_mandir}/man5/containerignore.5.gz
%{_mandir}/man5/.containerignore.5.gz
%{_mandir}/man5/containers*.5.gz
%dir %{_datadir}/containers
%{_datadir}/containers/storage.conf
%{_datadir}/containers/containers.conf
%{_datadir}/containers/mounts.conf
%{_datadir}/containers/seccomp.json
%dir %{_datadir}/rhel/secrets
%{_datadir}/rhel/secrets/*
%files extra
%changelog
%autochangelog