From 8d18e6b30f0a33463c749079d87cad8fa9c19d52 Mon Sep 17 00:00:00 2001
From: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
Date: Mon, 28 Mar 2016 11:36:20 -0700
Subject: [PATCH] move hardware signing out of experimental, remove
 dependencies to yubico-piv-tool

Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
---
 Dockerfile                              | 4 ++--
 Dockerfile.aarch64                      | 2 +-
 Dockerfile.armhf                        | 2 +-
 Dockerfile.ppc64le                      | 2 +-
 Dockerfile.s390x                        | 2 +-
 hack/make.sh                            | 2 +-
 hack/make/.build-deb/control            | 3 +--
 hack/make/.build-deb/rules              | 2 --
 hack/make/.build-rpm/docker-engine.spec | 7 -------
 hack/make/binary                        | 2 +-
 project/PACKAGERS.md                    | 1 -
 11 files changed, 9 insertions(+), 20 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 23a4c5c656..94b8305237 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -98,7 +98,7 @@ RUN set -x \
 	&& export OSXCROSS_PATH="/osxcross" \
 	&& git clone https://github.com/tpoechtrager/osxcross.git $OSXCROSS_PATH \
 	&& ( cd $OSXCROSS_PATH && git checkout -q $OSX_CROSS_COMMIT) \
-	&& curl -sSL https://s3.dockerproject.org/darwin/${OSX_SDK}.tar.xz -o "${OSXCROSS_PATH}/tarballs/${OSX_SDK}.tar.xz" \
+	&& curl -sSL https://s3.dockerproject.org/darwin/v2/${OSX_SDK}.tar.xz -o "${OSXCROSS_PATH}/tarballs/${OSX_SDK}.tar.xz" \
 	&& UNATTENDED=yes OSX_VERSION_MIN=10.6 ${OSXCROSS_PATH}/build.sh
 ENV PATH /osxcross/target/bin:$PATH
 
@@ -198,7 +198,7 @@ RUN useradd --create-home --gid docker unprivilegeduser
 
 VOLUME /var/lib/docker
 WORKDIR /go/src/github.com/docker/docker
-ENV DOCKER_BUILDTAGS apparmor seccomp selinux
+ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux
 
 # Let us use a .bashrc file
 RUN ln -sfv $PWD/.bashrc ~/.bashrc
diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64
index 3d50968eec..e2db7dddc7 100644
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -145,7 +145,7 @@ RUN useradd --create-home --gid docker unprivilegeduser
 
 VOLUME /var/lib/docker
 WORKDIR /go/src/github.com/docker/docker
-ENV DOCKER_BUILDTAGS apparmor seccomp selinux
+ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux
 
 # Let us use a .bashrc file
 RUN ln -sfv $PWD/.bashrc ~/.bashrc
diff --git a/Dockerfile.armhf b/Dockerfile.armhf
index aa016a56dc..d4f591c526 100644
--- a/Dockerfile.armhf
+++ b/Dockerfile.armhf
@@ -154,7 +154,7 @@ RUN useradd --create-home --gid docker unprivilegeduser
 
 VOLUME /var/lib/docker
 WORKDIR /go/src/github.com/docker/docker
-ENV DOCKER_BUILDTAGS apparmor seccomp selinux
+ENV DOCKER_BUILDTAGS apparmor pkcs11 seccomp selinux
 
 # Let us use a .bashrc file
 RUN ln -sfv $PWD/.bashrc ~/.bashrc
diff --git a/Dockerfile.ppc64le b/Dockerfile.ppc64le
index 6c5f8372bf..d1a4f17f94 100644
--- a/Dockerfile.ppc64le
+++ b/Dockerfile.ppc64le
@@ -155,7 +155,7 @@ RUN useradd --create-home --gid docker unprivilegeduser
 
 VOLUME /var/lib/docker
 WORKDIR /go/src/github.com/docker/docker
-ENV DOCKER_BUILDTAGS apparmor selinux
+ENV DOCKER_BUILDTAGS apparmor pkcs11 selinux
 
 # Let us use a .bashrc file
 RUN ln -sfv $PWD/.bashrc ~/.bashrc
diff --git a/Dockerfile.s390x b/Dockerfile.s390x
index fdec13b24d..ae7f6d1bc1 100644
--- a/Dockerfile.s390x
+++ b/Dockerfile.s390x
@@ -134,7 +134,7 @@ RUN useradd --create-home --gid docker unprivilegeduser
 
 VOLUME /var/lib/docker
 WORKDIR /go/src/github.com/docker/docker
-ENV DOCKER_BUILDTAGS apparmor selinux
+ENV DOCKER_BUILDTAGS apparmor pkcs11 selinux
 
 # Let us use a .bashrc file
 RUN ln -sfv $PWD/.bashrc ~/.bashrc
diff --git a/hack/make.sh b/hack/make.sh
index 909703b9f7..1a9c14c0fc 100755
--- a/hack/make.sh
+++ b/hack/make.sh
@@ -121,7 +121,7 @@ fi
 if [ "$DOCKER_EXPERIMENTAL" ]; then
 	echo >&2 '# WARNING! DOCKER_EXPERIMENTAL is set: building experimental features'
 	echo >&2
-	DOCKER_BUILDTAGS+=" experimental pkcs11"
+	DOCKER_BUILDTAGS+=" experimental"
 fi
 
 if [ -z "$DOCKER_CLIENTONLY" ]; then
diff --git a/hack/make/.build-deb/control b/hack/make/.build-deb/control
index 6a2af3f2dc..0f5439947c 100644
--- a/hack/make/.build-deb/control
+++ b/hack/make/.build-deb/control
@@ -15,8 +15,7 @@ Recommends: aufs-tools,
             cgroupfs-mount | cgroup-lite,
             git,
             xz-utils,
-            ${apparmor:Recommends},
-            ${yubico:Recommends}
+            ${apparmor:Recommends}
 Conflicts: docker (<< 1.5~), docker.io, lxc-docker, lxc-docker-virtual-package, docker-engine-cs
 Description: Docker: the open-source application container engine
  Docker is an open source project to build, ship and run any application as a
diff --git a/hack/make/.build-deb/rules b/hack/make/.build-deb/rules
index 9eca1b4c92..651105f7a8 100755
--- a/hack/make/.build-deb/rules
+++ b/hack/make/.build-deb/rules
@@ -5,8 +5,6 @@ VERSION = $(shell cat VERSION)
 override_dh_gencontrol:
 	# if we're on Ubuntu, we need to Recommends: apparmor
 	echo 'apparmor:Recommends=$(shell dpkg-vendor --is Ubuntu && echo apparmor)' >> debian/docker-engine.substvars
-	# if we are building experimental we recommend yubico-piv-tool
-	echo 'yubico:Recommends=$(shell [ "$DOCKER_EXPERIMENTAL" ] && echo "yubico-piv-tool (>= 1.1.0~)")' >> debian/docker-engine.substvars
 	dh_gencontrol
 
 override_dh_auto_build:
diff --git a/hack/make/.build-rpm/docker-engine.spec b/hack/make/.build-rpm/docker-engine.spec
index ac51af16e3..4f366dd39d 100644
--- a/hack/make/.build-rpm/docker-engine.spec
+++ b/hack/make/.build-rpm/docker-engine.spec
@@ -60,13 +60,6 @@ Requires: device-mapper >= 1.02.90-2
 %global with_selinux 1
 %endif
 
-%if 0%{?_experimental}
-# yubico-piv-tool conditional
-%if 0%{?fedora} >= 20 || 0%{?centos} >= 7 || 0%{?rhel} >= 7
-Requires: yubico-piv-tool >= 1.1.0
-%endif
-%endif
-
 # start if with_selinux
 %if 0%{?with_selinux}
 # Version of SELinux we were using
diff --git a/hack/make/binary b/hack/make/binary
index 407947da59..378af761be 100644
--- a/hack/make/binary
+++ b/hack/make/binary
@@ -36,7 +36,7 @@ if [ "$(go env GOOS)" == "linux" ] ; then
 	esac
 fi
 
-if [ "$IAMSTATIC" == "true" ] && [ "$(go env GOHOSTOS)" == "linux" ] && [ "$DOCKER_EXPERIMENTAL" ]; then
+if [ "$IAMSTATIC" == "true" ] && [ "$(go env GOHOSTOS)" == "linux" ]; then
 	if  [ "${GOOS}/${GOARCH}" == "darwin/amd64" ]; then
 		export CGO_ENABLED=1
 		export CC=o64-clang
diff --git a/project/PACKAGERS.md b/project/PACKAGERS.md
index b3f60472fd..03a69db172 100644
--- a/project/PACKAGERS.md
+++ b/project/PACKAGERS.md
@@ -60,7 +60,6 @@ To build the Docker daemon, you will additionally need:
 * btrfs-progs version 3.16.1 or later (unless using an older version is
   absolutely necessary, in which case 3.8 is the minimum)
 * libseccomp version 2.2.1 or later (for build tag seccomp)
-* yubico-piv-tool version 1.1.0 or later (for experimental)
 
 Be sure to also check out Docker's Dockerfile for the most up-to-date list of
 these build-time dependencies.