$WARNING

%global with_debug   0

%if 0%{?with_debug}

# https://bugzilla.redhat.com/show_bug.cgi?id=995136#c12

%global _dwz_low_mem_die_limit 0

%else

%global debug_package %{nil}

%endif

%global provider                github

%global provider_tld            com

%global owner                   kubernetes

%global repo                    kubernetes

# https://github.com/kubernetes/kubernetes

%global provider_prefix         %{provider}.%{provider_tld}/%{owner}/%{repo}

%global import_path             kubernetes.io/

# **** release metadata ****

# populated by envsubst in newrelease.sh

%global gittag                  $GIT_TAG

%global tar_ver                 $TAR_VERSION

%global k8s_name                $SPEC_NAME

%global k8s_ver                 $SPEC_VERSION

# golang 'built with' version

%global golangver               $GOLANG_VERSION

# last release version of these rpms prior to F40 restructure

# should not change once restructure goes into rawhide

%global switchver              1.29.0

# Needed otherwise "version_ldflags=$(kube::version_ldflags)" doesn't work

%global _buildshell  /bin/bash

%global _checkshell  /bin/bash

##############################################

Name:           %{k8s_name}

Version:        %{k8s_ver}

Release:        %autorelease

Summary:        Open Source Production-Grade Container Scheduling And Management Platform

License:        ASL 2.0

URL:            https://%{import_path}

ExclusiveArch:  x86_64 aarch64 ppc64le s390x %{arm}

Source0:        https://%{provider_prefix}/archive/%{gittag}/%{repo}-%{tar_ver}.tar.gz

Source101:      kube-proxy.service

Source102:      kube-apiserver.service

Source103:      kube-scheduler.service

Source104:      kube-controller-manager.service

Source105:      kubelet.service

Source106:      environ-apiserver

Source107:      environ-config

Source108:      environ-controller-manager

Source109:      environ-kubelet

Source110:      environ-kubelet.kubeconfig

Source111:      environ-proxy

Source112:      environ-scheduler

Source113:      kubernetes-accounting.conf

Source114:      10-kubeadm.conf

Source115:      kubernetes.conf

Source116:      %{repo}.sysusers

Patch3:         build-with-debug-info.patch

##############################################

# main package components - installs kubelet and necessary

# configuration files. Recommends kubernetes-client and

# kubernetes-kubeadm.

# build requirements for kubelet

BuildRequires: golang >= %{golangver}

BuildRequires: go-rpm-macros

BuildRequires: make

BuildRequires: go-md2man

BuildRequires: systemd

BuildRequires: rsync

# needed per fedora documentation - may drop as /run not used

# and kube user no longer needed

BuildRequires: systemd-rpm-macros

%{?sysusers_requires_compat}

# additonal kubelet requirements

Requires:   (containerd or cri-o)

Recommends: cri-o = %{version}-%{release}

Requires:   conntrack-tools

Requires(pre): shadow-utils

Requires:      socat

Recommends:    %{name}-client = %{version}-%{release}

Recommends:    %{name}-kubeadm = %{version}-%{release}

# require same version for kubernetes-kubeadm if installed

Conflicts: %{name}-kubeadm < %{version}-%{release}

Conflicts: %{name}-kubeadm > %{version}-%{release}

# require same version for kubernetes-client if installed

Conflicts: %{name}-client < %{version}-%{release}

Conflicts: %{name}-client > %{version}-%{release}

# provides and obsoletes kubernetes-node and kubernetes-kubeadm

Provides: kubernetes-node = %{version}-%{release}

Obsoletes: kubernetes-node < %{switchver}

%description

%{summary}

Installs kubelet, the kubernetes agent on each machine in a

cluster. The kubernetes-client sub-package,

containing kubectl, is recommended but not strictly required.

The kubernetes-client sub-package should be installed on

control plane machines.

##############################################

%package  kubeadm

Summary:  Kubernetes tool for standing up clusters

Requires: kubernetes = %{version}-%{release}

BuildRequires: golang >= %{golangver}

BuildRequires: systemd

Requires: containernetworking-plugins

Requires: cri-tools

# require same version for kubernetes

Conflicts: %{name} < %{version}-%{release}

Conflicts: %{name} > %{version}-%{release}

%description kubeadm

Kubernetes tool for standing up clusters. Not mandatory. If used,

install on each machine in the cluster. Used to initialize each node,

and to join new machines to an existing cluster.

##############################################

%package client

Summary: Kubernetes client tools

BuildRequires: golang >= %{golangver}

BuildRequires: make

Conflicts: %{name} < %{version}-%{release}

Conflicts: %{name} > %{version}-%{release}

%description client

Installs kubectl, the Kubernetes command line client.

##############################################

%package systemd

Summary: Systemd services for control plane and/or node

BuildRequires: golang >= %{golangver}

BuildRequires: systemd

BuildRequires: rsync

BuildRequires: make

BuildRequires: go-md2man

Requires(pre): shadow-utils

Requires: %{name} = %{version}-%{release}

# obsoletes kubernetes-master in part

Provides: kubernetes-master = %{version}-%{release}

Provides: kubernetes-legacy-systemd = %{version}-%{release}

Obsoletes: kubernetes-master < %{switchver}

%description systemd

Systemd services needed for manual installation of Kubernetes

on control plane or node machines. If kubeadm is used to bootstrap

Kubernetes then this rpm is not needed as kubeadm will install

these services as static pods in the cluster on nodes as needed.

If these systemd services are used, enable all services except

kube-proxy on each control plane. Enable kube-proxy on all machines

nodes that runs kubelet, including control plane machines with

kubelet.

##############################################

##############################################

%prep

%setup -q -n %{repo}-%{tar_ver}

%if 0%{?with_debug}

%patch3 -p1

%endif

# src/k8s.io/kubernetes/pkg/util/certificates

# Patch the code to remove eliptic.P224 support

# For whatever reason:

# https://groups.google.com/forum/#!topic/Golang-nuts/Oq4rouLEvrU

for dir in vendor/github.com/google/certificate-transparency/go/x509 pkg/util/certificates; do

  if [ -d "${dir}" ]; then

    pushd ${dir}

    sed -i "/^[^=]*$/ s/oidNamedCurveP224/oidNamedCurveP256/g" *.go

    sed -i "/^[^=]*$/ s/elliptic\.P224/elliptic.P256/g" *.go

    popd

  fi

done

mkdir -p src/k8s.io/kubernetes

mv $(ls | grep -v "^src$") src/k8s.io/kubernetes/.

# mv command above skips all dot files. Move .generated_files and all

#.go* files

mv .generated_files src/k8s.io/kubernetes/.

mv .go* src/k8s.io/kubernetes/.

###############

%build

# As of K8S 1.26.3/1.25.8/1.24.12 upstream now builds with an explicit

# version of go and will try to fetch that version if not present.

# FORCE_HOTS_GO=y overrides that specification by using the host's

# version of go. This spec file continues to use build requires to

# require as a minimum the 'built with' go version from upstream.

#

# Packagers need to ensure that the go version on the build host contains

# any security patches and other critical fixes that are part of the

# "built with" version. Go maintainers typically release patch updates

# for both supported versions of Go that contain the same security

# updates.

export FORCE_HOST_GO=y

pushd src/k8s.io/kubernetes/

source hack/lib/init.sh

kube::golang::setup_env

export KUBE_GIT_TREE_STATE="clean"

export KUBE_GIT_VERSION=v%{version}

export KUBE_EXTRA_GOPATH=$(pwd)/Godeps/_workspace

# go internal linker does not provide build ids; use

# KUBE_CGO_OVERRIDES to force external linker; consistent

# with Fedora go standards

export KUBE_CGO_OVERRIDES="kube-proxy kubeadm kube-apiserver kube-controller-manager kubelet kube-scheduler kubectl"

# Use settings from gobuild macro to populate GOFLAGS and

# GOLDFLAGS - see Makefile (make help) for more information

export GOFLAGS="-buildmode=pie -compiler=gc -tags=rpm_crashtraceback${BUILDTAGS:+,}${BUILDTAGS:-}"

export GOLDFLAGS="%{?currentgoldflags} -B 0x$(echo '%{name}-%{version}-%{release}-${SOURCE_DATE_EPOCH:-}' | sha1sum | cut -d ' ' -f1) -compressdwarf=false -linkmode=external -extldflags '%{build_ldflags} %{?__golang_extldflags}'"

# Build each binary separately to generate a unique build-id.

# Otherwise: Duplicate build-ids /builddir/build/BUILDROOT/.../usr/bin/kube-apiserver and /builddir/build/BUILDROOT/.../usr/bin/kubeadm

make WHAT="cmd/kube-proxy"

make WHAT="cmd/kube-apiserver"

make WHAT="cmd/kube-controller-manager"

make WHAT="cmd/kubelet"

make WHAT="cmd/kubeadm"

make WHAT="cmd/kube-scheduler"

make WHAT="cmd/kubectl"

# Gen docs

make WHAT="cmd/gendocs"

make WHAT="cmd/genkubedocs"

make WHAT="cmd/genman"

make WHAT="cmd/genyaml"

kube::util::gen-docs .

###############

%install

pushd src/k8s.io/kubernetes/

source hack/lib/init.sh

kube::golang::setup_env

%ifarch ppc64le

output_path="_output/local/go/bin"

%else

output_path="${KUBE_OUTPUT_BINPATH}/$(kube::golang::host_platform)"

%endif

echo "+++ INSTALLING binaries"

install -m 755 -d %{buildroot}%{_bindir}

install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/kube-proxy

install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/kube-apiserver

install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/kube-controller-manager

install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/kubelet

install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/kubeadm

install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/kube-scheduler

install -p -m 755 -t %{buildroot}%{_bindir} ${output_path}/kubectl

echo "+++ INSTALLING kubelet service config"

install -d -m 0755 %{buildroot}/%{_unitdir}/kubelet.service.d

install -p -m 0644 -t %{buildroot}/%{_unitdir}/kubelet.service.d %{SOURCE114}

echo "+++ INSTALLING shell completion"

install -dm 0755 %{buildroot}/%{bash_completions_dir}

%{buildroot}%{_bindir}/kubectl completion bash > %{buildroot}/%{bash_completions_dir}/kubectl

install -dm 0755 %{buildroot}/%{fish_completions_dir}

%{buildroot}%{_bindir}/kubectl completion fish > %{buildroot}/%{fish_completions_dir}/kubectl.fish

install -dm 0755 %{buildroot}/%{zsh_completions_dir}

%{buildroot}%{_bindir}/kubectl completion zsh > %{buildroot}/%{zsh_completions_dir}/_kubectl

echo "+++ INSTALLING config files"

%define remove_environ_prefix() %(echo -n %1|sed 's/.*environ-//g')

install -d -m 0755 %{buildroot}%{_sysconfdir}/%{repo}

install -d -m 0700 %{buildroot}%{_sysconfdir}/%{repo}/manifests

install -m 644 -T %{SOURCE106} %{buildroot}%{_sysconfdir}/%{repo}/%{remove_environ_prefix %{SOURCE106}}

install -m 644 -T %{SOURCE107} %{buildroot}%{_sysconfdir}/%{repo}/%{remove_environ_prefix %{SOURCE107}}

install -m 644 -T %{SOURCE108} %{buildroot}%{_sysconfdir}/%{repo}/%{remove_environ_prefix %{SOURCE108}}

install -m 644 -T %{SOURCE109} %{buildroot}%{_sysconfdir}/%{repo}/%{remove_environ_prefix %{SOURCE109}}

install -m 644 -T %{SOURCE110} %{buildroot}%{_sysconfdir}/%{repo}/%{remove_environ_prefix %{SOURCE110}}

install -m 644 -T %{SOURCE111} %{buildroot}%{_sysconfdir}/%{repo}/%{remove_environ_prefix %{SOURCE111}}

install -m 644 -T %{SOURCE112} %{buildroot}%{_sysconfdir}/%{repo}/%{remove_environ_prefix %{SOURCE112}}

# place systemd/tmpfiles.d/kubernetes.conf to /usr/lib/tmpfiles.d/kubernetes.conf

install -d -m 0755 %{buildroot}%{_tmpfilesdir}

install -p -m 0644 -t %{buildroot}/%{_tmpfilesdir} %{SOURCE115}

echo "+++ INSTALLING sysusers.d"

install -D -m 0644 -vp %{SOURCE116}       %{buildroot}%{_sysusersdir}/%{repo}.conf

# enable CPU and Memory accounting

install -d -m 0755 %{buildroot}/%{_sysconfdir}/systemd/system.conf.d

install -p -m 0644 -t %{buildroot}/%{_sysconfdir}/systemd/system.conf.d %{SOURCE113}

echo "+++ INSTALLING service files"

install -d -m 0755 %{buildroot}%{_unitdir}

install -m 0644 -t %{buildroot}%{_unitdir} %{SOURCE101}

install -m 0644 -t %{buildroot}%{_unitdir} %{SOURCE102}

install -m 0644 -t %{buildroot}%{_unitdir} %{SOURCE103}

install -m 0644 -t %{buildroot}%{_unitdir} %{SOURCE104}

install -m 0644 -t %{buildroot}%{_unitdir} %{SOURCE105}

echo "+++ INSTALLING manpages"

install -d %{buildroot}%{_mandir}/man1

# from k8s tarball copied docs/man/man1/*.1

install -p -m 644 docs/man/man1/*.1 %{buildroot}%{_mandir}/man1

# install the place the kubelet defaults to put volumes and default folder structure

install -d %{buildroot}%{_sharedstatedir}/kubelet

mkdir -p %{buildroot}/run

install -d -m 0755 %{buildroot}/run/%{repo}/

popd

mv src/k8s.io/kubernetes/CHANGELOG/CHANGELOG-*.md .

mv src/k8s.io/kubernetes/*.md .

mv src/k8s.io/kubernetes/LICENSE .

# CHANGELOG.md is symlink to CHANGELOG/README.md and not actual

# change log. no need to include generated rpms

rm CHANGELOG.md

%check

if [ 1 != 1 ]; then

echo "******Testing the commands*****"

hack/test-cmd.sh

echo "******Benchmarking kube********"

hack/benchmark-go.sh

# In Fedora 20 and RHEL7 the go cover tools isn't available correctly

echo "******Testing the go code******"

hack/test-go.sh

echo "******Testing integration******"

hack/test-integration.sh --use_go_build

fi

##############################################

%files

%license LICENSE

%doc *.md

# kubelet

%{_mandir}/man1/kubelet.1*

%{_bindir}/kubelet

%{_unitdir}/kubelet.service

%{_sysusersdir}/%{repo}.conf

%dir %{_sharedstatedir}/kubelet

%dir %{_sysconfdir}/%{repo}

%dir %{_sysconfdir}/%{repo}/manifests

%config(noreplace) %{_sysconfdir}/%{repo}/config

%config(noreplace) %{_sysconfdir}/%{repo}/kubelet

# % config(noreplace) % {_sysconfdir}/% {repo}/proxy

%config(noreplace) %{_sysconfdir}/%{repo}/kubelet.kubeconfig

%config(noreplace) %{_sysconfdir}/systemd/system.conf.d/kubernetes-accounting.conf

%{_tmpfilesdir}/kubernetes.conf

%verify(not size mtime md5) %attr(755, kube,kube) %dir /run/%{repo}

##############################################

%files kubeadm

%license LICENSE

%doc *.md

%{_mandir}/man1/kubeadm.1*

%{_mandir}/man1/kubeadm-*

%{_bindir}/kubeadm

%dir %{_unitdir}/kubelet.service.d

%{_unitdir}/kubelet.service.d/10-kubeadm.conf

##############################################

%files client

%license LICENSE

%doc *.md

%{_mandir}/man1/kubectl.1*

%{_mandir}/man1/kubectl-*

%{_bindir}/kubectl

%{bash_completions_dir}/kubectl

%{fish_completions_dir}/kubectl.fish

%{zsh_completions_dir}/_kubectl

##############################################

%files systemd

%license LICENSE

%doc *.md

%{_mandir}/man1/kube-apiserver.1*

%{_mandir}/man1/kube-controller-manager.1*

%{_mandir}/man1/kube-scheduler.1*

%{_mandir}/man1/kube-proxy.1*

%attr(754, -, kube) %caps(cap_net_bind_service=ep) %{_bindir}/kube-apiserver

%{_bindir}/kube-controller-manager

%{_bindir}/kube-scheduler

%{_bindir}/kube-proxy

%{_unitdir}/kube-proxy.service

%{_unitdir}/kube-apiserver.service

%{_unitdir}/kube-controller-manager.service

%{_unitdir}/kube-scheduler.service

%{_sysusersdir}/%{repo}.conf

%dir %{_sysconfdir}/%{repo}

%config(noreplace) %{_sysconfdir}/%{repo}/apiserver

%config(noreplace) %{_sysconfdir}/%{repo}/scheduler

%config(noreplace) %{_sysconfdir}/%{repo}/config

%config(noreplace) %{_sysconfdir}/%{repo}/controller-manager

%config(noreplace) %{_sysconfdir}/%{repo}/proxy

%{_tmpfilesdir}/kubernetes.conf

%verify(not size mtime md5) %attr(755, kube,kube) %dir /run/%{repo}

##############################################

%pre systemd

%sysusers_create_compat %{SOURCE116}

%post systemd

%systemd_post kube-apiserver kube-scheduler kube-controller-manager kube-proxy

%preun systemd

%systemd_preun kube-apiserver kube-scheduler kube-controller-manager kube-proxy

%postun systemd

%systemd_postun kube-apiserver kube-scheduler kube-controller-manager kube-proxy

%pre

%sysusers_create_compat %{SOURCE116}

%post

%systemd_post kubelet

# If accounting is not currently enabled systemd reexec

if [[ `systemctl show kubelet | grep -q -e CPUAccounting=no -e MemoryAccounting=no; echo $?` -eq 0 ]]; then

  systemctl daemon-reexec

fi

%preun

%systemd_preun kubelet

%postun

%systemd_postun kubelet

############################################

%changelog

%autochangelog