Spec URL: https://gitlab.com/rhcontainerbot/rpms/cri-o/-/raw/1.21/cri-o.spec SRPM URL: https://haircommander.fedorapeople.org/cri-o-1.21.0-2.fc32.src.rpm Description: An OCI-compliant implementation of the Kubernetes CRI Fedora Account System Username: haircommander
*** Bug 1970049 has been marked as a duplicate of this bug. ***
Taking this review.
I am proposing a refresh of this spec to match our guidelines closer even if it is vendored: =========================================================================================== # https://github.com/cri-o/cri-o %global goipath github.com/cri-o/cri-o Version: 1.21.0 %if ! 0%{?fedora} && (0%{?centos} <= 8 || 0%{?rhel} <= 8) %define gobuild(o:) %{expand: # https://bugzilla.redhat.com/show_bug.cgi?id=995136#c12 %global _dwz_low_mem_die_limit 0 %ifnarch ppc64 go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-}%{?currentgoldflags} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags %{?__golang_extldflags}' -compressdwarf=false" -a -v -x %{?**}; %else go build -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-}%{?currentgoldflags} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags %{?__golang_extldflags}' -compressdwarf=false" -a -v -x %{?**}; %endif } %bcond_with check %else %gometa %bcond_without check %endif # Related: github.com/cri-o/cri-o/issues/3684 %global build_timestamp %(date -u +'%Y-%m-%dT%H:%M:%SZ') %global git_tree_state clean %global criocli_path "" # Used for comparing with latest upstream tag # to decide whether to autobuild (non-rawhide only) %global built_tag v%{version} %global built_tag_strip %(b=%{built_tag}; echo ${b:1}) %global crio_release_tag %(echo %{built_tag_strip} | cut -f1,2 -d'.') # Services %global service_name crio # https://github.com/cri-o/cri-o %global goipath github.com/cri-o/cri-o Name: cri-o Epoch: 0 Release: 1%{?dist} Summary: Open Container Initiative-based implementation of Kubernetes Container Runtime Interface # Upstream license specification: Apache-2.0 License: ASL 2.0 URL: https://github.com/rclone/rclone Source0: %url/archive/v%{version}/%{name}-%{version}.tar.gz Source3: %{service_name}-network.sysconfig Source4: %{service_name}-storage.sysconfig Source5: %{service_name}-metrics.sysconfig # e.g. el6 has ppc64 arch without gcc-go, so EA tag is required ExclusiveArch: %{?go_arches:%{go_arches}}%{!?go_arches:%{ix86} x86_64 aarch64 %{arm}} # If go_compiler is not set to 1, there is no virtual provide. Use golang instead. BuildRequires: %{?go_compiler:compiler(go-compiler)}%{!?go_compiler:golang} %if 0%{?fedora} BuildRequires: btrfs-progs-devel BuildRequires: device-mapper-devel %endif BuildRequires: git-core BuildRequires: glib2-devel BuildRequires: glibc-static BuildRequires: go-md2man BuildRequires: gpgme-devel BuildRequires: libassuan-devel BuildRequires: libseccomp-devel %if 0%{?fedora} || 0%{?centos} >= 8 BuildRequires: systemd-rpm-macros %else BuildRequires: systemd-devel %endif BuildRequires: make %if 0%{?fedora} Requires(pre): container-selinux %else Requires: container-selinux %endif Requires: containers-common >= 1:0.1.31-14 %if 0%{?fedora} || 0%{?centos} >= 8 Recommends: runc >= 1.0.0-16 %else Requires: runc >= 1.0.0-16 %endif Requires: containernetworking-plugins >= 0.7.5-1 Requires: conmon >= 2.0.2-1 Requires: socat Obsoletes: ocid <= 0.3 Provides: ocid = %{epoch}:%{version}-%{release} Provides: %{service_name} = %{epoch}:%{version}-%{release} %description Open Container Initiative-based implementation of Kubernetes Container Runtime Interface. %prep %if ! 0%{?fedora} && (0%{?centos} <= 8 || 0%{?rhel} <= 8) %autosetup -p1 -n %{name}-%{version} %else %goprep -k %endif sed -i 's/install.config: crio.conf/install.config:/' Makefile sed -i 's/install.bin: binaries/install.bin:/' Makefile sed -i 's/install.man: $(MANPAGES)/install.man:/' Makefile sed -i 's/\.gopathok //' Makefile sed -i 's/module_/module-/' internal/version/version.go sed -i 's/\/local//' contrib/systemd/%{service_name}.service sed -i 's/\/local//' contrib/systemd/%{service_name}-wipe.service %build export GO111MODULE=on export GOFLAGS=-mod=vendor export BUILDTAGS="$(hack/btrfs_installed_tag.sh) $(hack/btrfs_tag.sh) $(hack/libdm_installed.sh) $(hack/libdm_no_deferred_remove_tag.sh) $(hack/seccomp_tag.sh) $(hack/selinux_tag.sh)" export LDFLAGS="-X %{import_path}/internal/pkg/criocli.DefaultsPath=%{criocli_path} -X %{import_path}/internal/version.buildDate=%{build_timestamp} -X %{import_path}/internal/version.gitCommit=%{commit0} -X %{import_path}/internal/version.version=%{version} -X %{import_path}/internal/version.gitTreeState=%{git_tree_state}" for cmd in cmd/* ; do %gobuild -o bin/$(basename $cmd) %{goipath}/$cmd done %set_build_flags export CFLAGS="$CFLAGS -std=c99" %make_build bin/pinns GO_MD2MAN=go-md2man make docs %install sed -i 's/\/local//' contrib/systemd/%{service_name}.service bin/%{service_name} \ --selinux \ --cni-plugin-dir /opt/cni/bin \ --cni-plugin-dir "%{_libexecdir}/cni" \ --enable-metrics \ --metrics-port 9537 \ config > %{service_name}.conf # install binaries install -dp %{buildroot}{%{_bindir},%{_libexecdir}/%{service_name}} install -p -m 755 bin/%{service_name} %{buildroot}%{_bindir} # install conf files install -dp %{buildroot}%{_sysconfdir}/cni/net.d install -p -m 644 contrib/cni/10-crio-bridge.conf %{buildroot}%{_sysconfdir}/cni/net.d/100-crio-bridge.conf install -p -m 644 contrib/cni/99-loopback.conf %{buildroot}%{_sysconfdir}/cni/net.d/200-loopback.conf install -dp %{buildroot}%{_sysconfdir}/%{service_name} install -dp %{buildroot}%{_datadir}/containers/oci/hooks.d install -dp %{buildroot}%{_datadir}/oci-umount/oci-umount.d install -p -m 644 crio.conf %{buildroot}%{_sysconfdir}/%{service_name} #install -p -m 644 seccomp.json %%{buildroot}%%{_sysconfdir}/%%{service_name} install -p -m 644 crio-umount.conf %{buildroot}%{_datadir}/oci-umount/oci-umount.d/%{service_name}-umount.conf install -p -m 644 crictl.yaml %{buildroot}%{_sysconfdir} install -dp %{buildroot}%{_sysconfdir}/sysconfig install -p -m 644 contrib/sysconfig/%{service_name} %{buildroot}%{_sysconfdir}/sysconfig/%{service_name} install -p -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/sysconfig/%{service_name}-network install -p -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/%{service_name}-storage install -p -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/sysconfig/%{service_name}-metrics %make_install PREFIX=%{buildroot}%{_prefix} \ install.bin \ install.completions \ install.config \ install.man \ install.systemd %if 0%{?centos} <= 7 || 0%{?rhel} <= 7 # https://bugzilla.redhat.com/show_bug.cgi?id=1823374#c17 install -d -p %{buildroot}%{_prefix}/lib/sysctl.d echo "fs.may_detach_mounts=1" > %{buildroot}%{_prefix}/lib/sysctl.d/99-cri-o.conf %endif install -dp %{buildroot}%{_sharedstatedir}/containers #install -dp %%{buildroot}%%{_libexecdir}/%%{service_name}/%%{service_name}-wipe #install -dp %%{buildroot}%%{_prefix}/lib/systemd/system-preset %if %{with check} %check # https://github.com/cri-o/cri-o/issues/4991 %gocheck -d server %endif %post # Old verions of kernel do not recognize metacopy option. # Reference: github.com/cri-o/cri-o/issues/3631 %if ! 0%{?fedora} && (0%{?centos} <= 7 || 0%{?rhel} <= 7) sed -i -e 's/,metacopy=on//g' /etc/containers/storage.conf %sysctl_apply 99-cri-o.conf %endif ln -sf %{_unitdir}/%{service_name}.service {_unitdir}/%{name}.service %systemd_post %{service_name} %preun %systemd_preun %{service_name} %postun rm -f %{_unitdir}/%{name}.service %systemd_postun_with_restart %{service_name} %files %license LICENSE %doc docs code-of-conduct.md tutorial.md ADOPTERS.md CONTRIBUTING.md README.md %doc awesome.md transfer.md %{_bindir}/%{service_name} %{_bindir}/%{service_name}-status %{_bindir}/pinns %{_mandir}/man5/%{service_name}.conf*5* %{_mandir}/man8/%{service_name}*.8* %dir %{_sysconfdir}/%{service_name} %config(noreplace) %{_sysconfdir}/%{service_name}/%{service_name}.conf %config(noreplace) %{_sysconfdir}/sysconfig/%{service_name} %config(noreplace) %{_sysconfdir}/sysconfig/%{service_name}-storage %config(noreplace) %{_sysconfdir}/sysconfig/%{service_name}-network %config(noreplace) %{_sysconfdir}/sysconfig/%{service_name}-metrics %config(noreplace) %{_sysconfdir}/cni/net.d/100-%{service_name}-bridge.conf %config(noreplace) %{_sysconfdir}/cni/net.d/200-loopback.conf %config(noreplace) %{_sysconfdir}/crictl.yaml %dir %{_libexecdir}/%{service_name} %{_unitdir}/%{service_name}.service %{_unitdir}/%{name}.service %{_unitdir}/%{service_name}-shutdown.service %{_unitdir}/%{service_name}-wipe.service %dir %{_sharedstatedir}/containers %dir %{_datadir}/containers %dir %{_datadir}/containers/oci %dir %{_datadir}/containers/oci/hooks.d %dir %{_datadir}/oci-umount %dir %{_datadir}/oci-umount/oci-umount.d %{_datadir}/oci-umount/oci-umount.d/%{service_name}-umount.conf %{_datadir}/bash-completion/completions/%{service_name}* %{_datadir}/fish/completions/%{service_name}*.fish %{_datadir}/zsh/site-functions/_%{service_name}* %if 0%{?centos} <= 7 || 0%{?rhel} <= 7 %{_prefix}/lib/sysctl.d/99-cri-o.conf %endif %changelog =========================================================================================== F35: https://koji.fedoraproject.org/koji/taskinfo?taskID=6993835 EPEL7: https://koji.fedoraproject.org/koji/taskinfo?taskID=69938272 EPEL8 is still pending, there is no go-md2man in it yet, I'm working on it.
> %if 0%{?fedora} || 0%{?centos} >= 8 > Recommends: runc >= 1.0.0-16 > %else > Requires: runc >= 1.0.0-16 > %endif What's up with this conditional? Shouldn't this be something like: %if 0%{?rhel} && 0%{?rhel} < 8 Requires: runc >= 1.0.0-16 %else Recommends: runc >= 1.0.0-16 %endif
Also note that CentOS defines %rhel, so you should only need to use %rhel across the board.
Right, I've just took the original conditions but you're right. Some of them looks erroneous too like: %if 0%{?centos} <= 7 || 0%{?rhel} <= 7 which would evaluate to true on fedora since 0%{?centos} or 0%{?rhel} would be 0 on Fedora, to my understanding. In the meantime I have built go-md2man on EPELs. My proposal is still the following if you are interested Peter Hunt: =================================================================== # https://github.com/cri-o/cri-o %global goipath github.com/cri-o/cri-o Version: 1.21.0 %if 0%{?rhel} && 0%{?rhel} <= 8 %define gobuild(o:) %{expand: # https://bugzilla.redhat.com/show_bug.cgi?id=995136#c12 %global _dwz_low_mem_die_limit 0 %ifnarch ppc64 go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-}%{?currentgoldflags} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags %{?__golang_extldflags}' -compressdwarf=false" -a -v -x %{?**}; %else go build -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-}%{?currentgoldflags} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags %{?__golang_extldflags}' -compressdwarf=false" -a -v -x %{?**}; %endif } %bcond_with check %else %gometa %bcond_without check %endif # Related: github.com/cri-o/cri-o/issues/3684 %global build_timestamp %(date -u +'%Y-%m-%dT%H:%M:%SZ') %global git_tree_state clean %global criocli_path "" # Used for comparing with latest upstream tag # to decide whether to autobuild (non-rawhide only) %global built_tag v%{version} %global built_tag_strip %(b=%{built_tag}; echo ${b:1}) %global crio_release_tag %(echo %{built_tag_strip} | cut -f1,2 -d'.') # Services %global service_name crio # https://github.com/cri-o/cri-o %global goipath github.com/cri-o/cri-o Name: cri-o Epoch: 0 Release: 1%{?dist} Summary: Open Container Initiative-based implementation of Kubernetes Container Runtime Interface # Upstream license specification: Apache-2.0 License: ASL 2.0 URL: https://github.com/rclone/rclone Source0: %url/archive/v%{version}/%{name}-%{version}.tar.gz Source3: %{service_name}-network.sysconfig Source4: %{service_name}-storage.sysconfig Source5: %{service_name}-metrics.sysconfig %if 0%{?rhel} && 0%{?rhel} <= 8 # e.g. el6 has ppc64 arch without gcc-go, so EA tag is required ExclusiveArch: %{?go_arches:%{go_arches}}%{!?go_arches:%{ix86} x86_64 aarch64 %{arm}} # If go_compiler is not set to 1, there is no virtual provide. Use golang instead. BuildRequires: %{?go_compiler:compiler(go-compiler)}%{!?go_compiler:golang} %endif %if 0%{?fedora} BuildRequires: btrfs-progs-devel BuildRequires: device-mapper-devel %endif BuildRequires: git-core BuildRequires: glib2-devel BuildRequires: glibc-static BuildRequires: go-md2man BuildRequires: gpgme-devel BuildRequires: libassuan-devel BuildRequires: libseccomp-devel %if 0%{?rhel} && 0%{?rhel} < 8 BuildRequires: systemd-devel %else BuildRequires: systemd-rpm-macros %endif BuildRequires: make %if 0%{?fedora} Requires(pre): container-selinux %else Requires: container-selinux %endif Requires: containers-common >= 1:0.1.31-14 %if 0%{?rhel} && 0%{?rhel} < 8 Requires: runc >= 1.0.0-16 %else Recommends: runc >= 1.0.0-16 %endif Requires: containernetworking-plugins >= 0.7.5-1 Requires: conmon >= 2.0.2-1 Requires: socat Obsoletes: ocid <= 0.3 Provides: ocid = %{epoch}:%{version}-%{release} Provides: %{service_name} = %{epoch}:%{version}-%{release} %description Open Container Initiative-based implementation of Kubernetes Container Runtime Interface. %prep %if 0%{?rhel} && 0%{?rhel} <= 8 %autosetup -p1 -n %{name}-%{version} %else %goprep -k %endif sed -i 's/install.config: crio.conf/install.config:/' Makefile sed -i 's/install.bin: binaries/install.bin:/' Makefile sed -i 's/install.man: $(MANPAGES)/install.man:/' Makefile sed -i 's/\.gopathok //' Makefile sed -i 's/module_/module-/' internal/version/version.go sed -i 's/\/local//' contrib/systemd/%{service_name}.service sed -i 's/\/local//' contrib/systemd/%{service_name}-wipe.service %build export GO111MODULE=on export GOFLAGS=-mod=vendor export BUILDTAGS="$(hack/btrfs_installed_tag.sh) $(hack/btrfs_tag.sh) $(hack/libdm_installed.sh) $(hack/libdm_no_deferred_remove_tag.sh) $(hack/seccomp_tag.sh) $(hack/selinux_tag.sh)" export LDFLAGS="-X %{import_path}/internal/pkg/criocli.DefaultsPath=%{criocli_path} -X %{import_path}/internal/version.buildDate=%{build_timestamp} -X %{import_path}/internal/version.gitCommit=%{commit0} -X %{import_path}/internal/version.version=%{version} -X %{import_path}/internal/version.gitTreeState=%{git_tree_state}" for cmd in cmd/* ; do %gobuild -o bin/$(basename $cmd) %{goipath}/$cmd done %set_build_flags export CFLAGS="$CFLAGS -std=c99" %make_build bin/pinns GO_MD2MAN=go-md2man make docs %install sed -i 's/\/local//' contrib/systemd/%{service_name}.service bin/%{service_name} \ --selinux \ --cni-plugin-dir /opt/cni/bin \ --cni-plugin-dir "%{_libexecdir}/cni" \ --enable-metrics \ --metrics-port 9537 \ config > %{service_name}.conf # install binaries install -dp %{buildroot}{%{_bindir},%{_libexecdir}/%{service_name}} install -p -m 755 bin/%{service_name} %{buildroot}%{_bindir} # install conf files install -dp %{buildroot}%{_sysconfdir}/cni/net.d install -p -m 644 contrib/cni/10-crio-bridge.conf %{buildroot}%{_sysconfdir}/cni/net.d/100-crio-bridge.conf install -p -m 644 contrib/cni/99-loopback.conf %{buildroot}%{_sysconfdir}/cni/net.d/200-loopback.conf install -dp %{buildroot}%{_sysconfdir}/%{service_name} install -dp %{buildroot}%{_datadir}/containers/oci/hooks.d install -dp %{buildroot}%{_datadir}/oci-umount/oci-umount.d install -p -m 644 crio.conf %{buildroot}%{_sysconfdir}/%{service_name} #install -p -m 644 seccomp.json %%{buildroot}%%{_sysconfdir}/%%{service_name} install -p -m 644 crio-umount.conf %{buildroot}%{_datadir}/oci-umount/oci-umount.d/%{service_name}-umount.conf install -p -m 644 crictl.yaml %{buildroot}%{_sysconfdir} install -dp %{buildroot}%{_sysconfdir}/sysconfig install -p -m 644 contrib/sysconfig/%{service_name} %{buildroot}%{_sysconfdir}/sysconfig/%{service_name} install -p -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/sysconfig/%{service_name}-network install -p -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/%{service_name}-storage install -p -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/sysconfig/%{service_name}-metrics %make_install PREFIX=%{buildroot}%{_prefix} \ install.bin \ install.completions \ install.config \ install.man \ install.systemd %if 0%{?rhel} && 0%{?rhel} <= 7 # https://bugzilla.redhat.com/show_bug.cgi?id=1823374#c17 install -d -p %{buildroot}%{_prefix}/lib/sysctl.d echo "fs.may_detach_mounts=1" > %{buildroot}%{_prefix}/lib/sysctl.d/99-cri-o.conf %endif install -dp %{buildroot}%{_sharedstatedir}/containers #install -dp %%{buildroot}%%{_libexecdir}/%%{service_name}/%%{service_name}-wipe #install -dp %%{buildroot}%%{_prefix}/lib/systemd/system-preset %if %{with check} %check # https://github.com/cri-o/cri-o/issues/4991 %gocheck -d server %endif %post # Old verions of kernel do not recognize metacopy option. # Reference: github.com/cri-o/cri-o/issues/3631 %if 0%{?rhel} && 0%{?rhel} <= 7 sed -i -e 's/,metacopy=on//g' /etc/containers/storage.conf %sysctl_apply 99-cri-o.conf %endif ln -sf %{_unitdir}/%{service_name}.service {_unitdir}/%{name}.service %systemd_post %{service_name} %preun %systemd_preun %{service_name} %postun rm -f %{_unitdir}/%{name}.service %systemd_postun_with_restart %{service_name} %files %license LICENSE %doc docs code-of-conduct.md tutorial.md ADOPTERS.md CONTRIBUTING.md README.md %doc awesome.md transfer.md %{_bindir}/%{service_name} %{_bindir}/%{service_name}-status %{_bindir}/pinns %{_mandir}/man5/%{service_name}.conf*5* %{_mandir}/man8/%{service_name}*.8* %dir %{_sysconfdir}/%{service_name} %config(noreplace) %{_sysconfdir}/%{service_name}/%{service_name}.conf %config(noreplace) %{_sysconfdir}/sysconfig/%{service_name} %config(noreplace) %{_sysconfdir}/sysconfig/%{service_name}-storage %config(noreplace) %{_sysconfdir}/sysconfig/%{service_name}-network %config(noreplace) %{_sysconfdir}/sysconfig/%{service_name}-metrics %config(noreplace) %{_sysconfdir}/cni/net.d/100-%{service_name}-bridge.conf %config(noreplace) %{_sysconfdir}/cni/net.d/200-loopback.conf %config(noreplace) %{_sysconfdir}/crictl.yaml %dir %{_libexecdir}/%{service_name} %{_unitdir}/%{service_name}.service %{_unitdir}/%{name}.service %{_unitdir}/%{service_name}-shutdown.service %{_unitdir}/%{service_name}-wipe.service %dir %{_sharedstatedir}/containers %dir %{_datadir}/containers %dir %{_datadir}/containers/oci %dir %{_datadir}/containers/oci/hooks.d %dir %{_datadir}/oci-umount %dir %{_datadir}/oci-umount/oci-umount.d %{_datadir}/oci-umount/oci-umount.d/%{service_name}-umount.conf %{_datadir}/bash-completion/completions/%{service_name}* %{_datadir}/fish/completions/%{service_name}*.fish %{_datadir}/zsh/site-functions/_%{service_name}* %if 0%{?rhel} && 0%{?rhel} <= 7 %{_prefix}/lib/sysctl.d/99-cri-o.conf %endif %changelog =================================================================== EPEL7: https://koji.fedoraproject.org/koji/taskinfo?taskID=69943567 EPEL8: https://koji.fedoraproject.org/koji/taskinfo?taskID=69943596 Rawhide: https://koji.fedoraproject.org/koji/taskinfo?taskID=69944870
sorry for the delay, but I've gotten around to updating the rpm I have updated https://gitlab.com/rhcontainerbot/rpms/cri-o/-/raw/1.21/cri-o.spec to adapt to your changes, but also fit the rest of my needs (build in build.opensuse.org). the srpm link is now: https://haircommander.fedorapeople.org/cri-o-1.21.0-2.fc32.src.rpm thank you for your help!
What about what Robert proposed didn't work in OBS?
some small tweaks, here's a diff with explanations inline ``` # duplicated with the declaration at the top needed for gometa 34a35,36 > # https://github.com/cri-o/cri-o > %global goipath github.com/cri-o/cri-o # update url 44c45 < URL: https://github.com/cri-o/cri-o --- > URL: https://github.com/rclone/rclone # our obs instance doesn't provide go_compiler, but does provide golang. every rhel (centos) needs to require golang 50,53d50 < %if 0%{?rhel} < BuildRequires: golang < %endif < 56a54,55 > # If go_compiler is not set to 1, there is no virtual provide. Use golang instead. > BuildRequires: %{?go_compiler:compiler(go-compiler)}%{!?go_compiler:golang} # need to add go-rpm-macros in fedora 62d59 < BuildRequires: go-rpm-macros # import_path is no longer defined 125,129c122,126 < export LDFLAGS="-X %{goipath}/internal/pkg/criocli.DefaultsPath=%{criocli_path} < -X %{goipath}/internal/version.buildDate=%{build_timestamp} < -X %{goipath}/internal/version.gitCommit=%{commit0} < -X %{goipath}/internal/version.version=%{version} < -X %{goipath}/internal/version.gitTreeState=%{git_tree_state} " --- > export LDFLAGS="-X %{import_path}/internal/pkg/criocli.DefaultsPath=%{criocli_path} > -X %{import_path}/internal/version.buildDate=%{build_timestamp} > -X %{import_path}/internal/version.gitCommit=%{commit0} > -X %{import_path}/internal/version.version=%{version} > -X %{import_path}/internal/version.gitTreeState=%{git_tree_state}" # only call set_build_flags on fedora where it's defined 135d131 < %if 0%{?fedora} 137d132 < %endif # remove commented out fields 188a184,185 > #install -dp %%{buildroot}%%{_libexecdir}/%%{service_name}/%%{service_name}-wipe > #install -dp %%{buildroot}%%{_prefix}/lib/systemd/system-preset ```
hey folks, checking in on the status of this. Can someone review?
Looking over the spec... > %if ! 0%{?gobuild:1} || 0%{?centos} Use %rhel instead of %centos > %define download_url %{git0}/archive/%{built_tag}.tar.gz Use "%{git0}/archive/%{built_tag}/%{name}-%{built_tag_strip}.tar.gz" > Version: 1.21.0 You have a %built_tag_strip variable that you should probably have using this value > %if 0%{?fedora} || 0%{?centos} >= 8 Use %rhel instead of %centos > %if 0%{?centos} <= 7 || 0%{?rhel} <= 7 Use "%if 0%{?rhel} && 0%{?rhel} < 8" instead. > %if ! 0%{?fedora} && (0%{?centos} <= 7 || 0%{?rhel} <= 7) Use "%if 0%{?rhel} && 0%{?rhel} < 8" instead. > %postun > rm -f %{_unitdir}/%{repo}.service This is not acceptable in a scriptlet. Please drop that. > #define license tag if not already defined > %{!?_licensedir:%global license %doc} This is not needed for any supported Fedora or RHEL release. Please drop it. > %{_usr}/lib/sysctl.d/99-cri-o.conf Use "%{_sysctldir}/99-cri-o.conf" instead.
(In reply to Neal Gompa from comment #11) > > > Version: 1.21.0 > > You have a %built_tag_strip variable that you should probably have using > this value What I mean here is that Version should be "Version: %{built_tag_strip}" instead.
oops, sorry, the URL I had previously posted was still out of date, I've updated the spec at https://gitlab.com/rhcontainerbot/rpms/cri-o/-/raw/1.21/cri-o.spec to reflect the current state
>%post > [...] > ln -sf %{_unitdir}/%{service_name}.service {_unitdir}/%{name}.service > [...] > %postun > rm -f %{_unitdir}/%{name}.service This is a problem. These symlinks should just be included in the RPM in the file list. Why is this being done? (Also, typo with %_unitdir macro...)
just to check, is the issue just the `rm -f` or is the `ln -sf` also problematic?
(problematic as in WRT "Why is this being done?", not the %_unitdir typo...
(In reply to Peter Hunt from comment #16) > (problematic as in WRT "Why is this being done?", not the %_unitdir typo... The former, as this is basically not allowed in Fedora.
(In reply to Peter Hunt from comment #15) > just to check, is the issue just the `rm -f` or is the `ln -sf` also > problematic? Both, this is not allowed in Fedora, especially messing around with %_unitdir.
Interesting, how is creating a symlink from %{_unitdir}/%{service_name}.service to %{_unitdir}/%{name}.service different from creating %{_unitdir}/%{service_name}.service in the first place? I definitely understand why one doesn't need `rm -f %{_unitdir}/%{name}.service` if `%{_unitdir}/%{name}.service` is listed in the files, but I'm curious if this restriction is documented or if you could explain more
Can you just create the symlink in %install and list it in %files and from the %post and %postun stuff? Neal, would that address the concerns?
correction.. "and remove the %post and %postun stuff?".
(In reply to Dusty Mabe from comment #20) > Can you just create the symlink in %install and list it in %files and from > the %post and %postun stuff? > > Neal, would that address the concerns? Yeah. The problem isn't the symlink, but that you're doing it in a scriptlet.
Thanks for the tips, y'all; I have updated https://gitlab.com/rhcontainerbot/rpms/cri-o/-/raw/1.21/cri-o.spec
(In reply to Peter Hunt from comment #23) > Thanks for the tips, y'all; I have updated > https://gitlab.com/rhcontainerbot/rpms/cri-o/-/raw/1.21/cri-o.spec It looks like everything I asked you to change was reverted. This thing is back to the way it was on Monday.
Hm, there seems to be some automation overwriting my changes to what is upstream. not sure what's going on. Here is the current version of the spec file: https://gist.github.com/haircommander/1eef31a957f6ba67d7c1a37227a85f49 sorry about that.
> # sometimes users specify crio, not cri-o > ln -sf %{_unitdir}/%{service_name}.service %{_unitdir}/%{name}.service This should be in the %install section like so: > # sometimes users specify crio, not cri-o > ln -sr %{buildroot}%{_unitdir}/%{service_name}.service %{buildroot}%{_unitdir}/%{name}.service Alternatively, you can add an alias to the systemd service: https://www.mankier.com/5/systemd.unit#%5BInstall%5D_Section_Options-Alias
I like the alias idea, I've opened a PR upstream to do so https://github.com/cri-o/cri-o/pull/5179 in the meantime, I've updated the gist with the buildroot change
> # sometimes users specify crio, not cri-o > ln -sr %{buildroot}%{_unitdir}/%{service_name}.service %{buildroot}%{_unitdir}/%{name}.service You have this placed in the spec file below the %check section. It needs to be above it. Also, I can't run fedora-review against a gist. I need a spec url + srpm url.
Spec URL: https://haircommander.fedorapeople.org/cri-o.spec SRPM URL: https://haircommander.fedorapeople.org/cri-o-1.21.2-1.fc32.src.rpm (note, I ended up dropping the ln -sf from the spec, as the Makefile was already doing it, so the build failed when it was duplicated)
Review notes: * Package complies with Fedora Packaging Guidelines * Package complies (mostly) with Go packaging guidelines * Package builds and installs * Package has correct licensing and license files are installed * No serious issues from rpmlint There are a couple of minor things you should fix on import: * cri-o.src: E: summary-too-long C Open Container Initiative-based implementation of Kubernetes Container Runtime Interface * cri-o.src: E: specfile-error warning: bogus date in %changelog: Thu May 16 2020 Douglas Schilling Landgraf <dougsland> - 2:1.18.1-1 There's an odd error that I *think* looks like an upstream software bug? * cri-o.x86_64: E: missing-call-to-setgroups-before-setuid /usr/bin/pinns Regardless, I think we're in good shape here, so... PACKAGE APPROVED.
What's point of this review? The rpms/cri-o repository exists since 2017. Can this review be closed? I can see 1.21 built in Koji <https://koji.fedoraproject.org/koji/buildinfo?buildID=1820631>.
(In reply to Petr Pisar from comment #31) > What's point of this review? The rpms/cri-o repository exists since 2017. > Can this review be closed? I can see 1.21 built in Koji > <https://koji.fedoraproject.org/koji/buildinfo?buildID=1820631>. The main branch was retired, and it's not anymore, so I think it can be closed now.
I see. Unretired <https://pdc.fedoraproject.org/rest_api/v1/component-branch-slas/?branch_type=rpm&global_component=cri-o&branch=rawhide>, <https://src.fedoraproject.org/rpms/cri-o/c/6b5d63550a794d9d062714f5dc3779fc6012a437?branch=rawhide>. However, the packager has never built it successfully <https://koji.fedoraproject.org/koji/buildinfo?buildID=1881485>. The package actually happily lives in a module. In violation with packaging guidelines which require every modular package to exist as a nonmodule <https://docs.fedoraproject.org/en-US/modularity/policies/#_requirements_for_modules_in_fedora>. There is a FTBFS bug #2045287 for it.
Okay finally had a moment to address this. I have built cri-o 1.23.2 for rawhide and f36. do I need to build for f35/f34 as well?
If you want to get it into F36, you also need push the build into Bodhi system <https://bodhi.fedoraproject.org/updates/> as an update. I think you should put the package into all Fedoras where the module already exists.
Kubernetes needs to be upgraded to 1.23.x in F36+, since the major version (1.23) has to match for Kubernetes and CRI-O. For F34 and F35, you should ship crio builds matching those k8s releases.
The fedora kubernetes team will work on the needed updates to kubernetes. For F34 I will update kubernetes to 1.21.x since the current kubernetes rpm version (1.20.x) is no longer maintained upstream. The same 1.21.x version can be released for F35. My personal goal is to modularize kubernetes to mirror the cri-o modules, but work on that is very slow.
Package is now in repositories, closing review.