1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
moby--moby/hack/make/build-rpm
Brian Goff adb2ddf288 Rely on container-selinux for centos/fedora25/rhel
RH now provides `container-selinux` which provides everything we need
for docker's selinux policy. Rely on `container-selinux` where
available, and `docker-engine-selinux` when not.

This still builds the `docker-engine-selinux` package and presumably
makes it available, but is no longer a requirement in the
`docker-engine` package preferring `container-selinux` instead.

`container-selinux` is available on fedora24, however the version that
is available does not set the correct types on the `dockerd` binary. We
can use `container-selinux` and just supplement that with some of our
own policy, but for now just keep using `docker-engine-selinux` as is.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2017-05-01 11:23:18 -04:00

148 lines
5.9 KiB
Bash

#!/usr/bin/env bash
set -e
# subshell so that we can export PATH and TZ without breaking other things
(
export TZ=UTC # make sure our "date" variables are UTC-based
source "$(dirname "$BASH_SOURCE")/.integration-daemon-start"
source "$(dirname "$BASH_SOURCE")/.detect-daemon-osarch"
# TODO consider using frozen images for the dockercore/builder-rpm tags
rpmName=docker-engine
rpmVersion="$VERSION"
rpmRelease=1
# rpmRelease versioning is as follows
# Docker 1.7.0: version=1.7.0, release=1
# Docker 1.7.0-rc1: version=1.7.0, release=0.1.rc1
# Docker 1.7.0-cs1: version=1.7.0.cs1, release=1
# Docker 1.7.0-cs1-rc1: version=1.7.0.cs1, release=0.1.rc1
# Docker 1.7.0-dev nightly: version=1.7.0, release=0.0.YYYYMMDD.HHMMSS.gitHASH
# if we have a "-rc*" suffix, set appropriate release
if [[ "$rpmVersion" =~ .*-rc[0-9]+$ ]] ; then
rcVersion=${rpmVersion#*-rc}
rpmVersion=${rpmVersion%-rc*}
rpmRelease="0.${rcVersion}.rc${rcVersion}"
fi
DOCKER_GITCOMMIT=$(git rev-parse --short HEAD)
if [ -n "$(git status --porcelain --untracked-files=no)" ]; then
DOCKER_GITCOMMIT="$DOCKER_GITCOMMIT-unsupported"
fi
# if we have a "-dev" suffix or have change in Git, let's make this package version more complex so it works better
if [[ "$rpmVersion" == *-dev ]] || [ -n "$(git status --porcelain)" ]; then
gitUnix="$(git log -1 --pretty='%at')"
gitDate="$(date --date "@$gitUnix" +'%Y%m%d.%H%M%S')"
gitCommit="$(git log -1 --pretty='%h')"
gitVersion="${gitDate}.git${gitCommit}"
# gitVersion is now something like '20150128.112847.17e840a'
rpmVersion="${rpmVersion%-dev}"
rpmRelease="0.0.$gitVersion"
fi
# Replace any other dashes with periods
rpmVersion="${rpmVersion/-/.}"
rpmPackager="$(awk -F ': ' '$1 == "Packager" { print $2; exit }' hack/make/.build-rpm/${rpmName}.spec)"
rpmDate="$(date +'%a %b %d %Y')"
# if go-md2man is available, pre-generate the man pages
make manpages
# Convert the CHANGELOG.md file into RPM changelog format
rm -f contrib/builder/rpm/${PACKAGE_ARCH}/changelog
VERSION_REGEX="^\W\W (.*) \((.*)\)$"
ENTRY_REGEX="^[-+*] (.*)$"
while read -r line || [[ -n "$line" ]]; do
if [ -z "$line" ]; then continue; fi
if [[ "$line" =~ $VERSION_REGEX ]]; then
echo >> contrib/builder/rpm/${PACKAGE_ARCH}/changelog
echo "* `date -d ${BASH_REMATCH[2]} '+%a %b %d %Y'` ${rpmPackager} - ${BASH_REMATCH[1]}" >> contrib/builder/rpm/${PACKAGE_ARCH}/changelog
fi
if [[ "$line" =~ $ENTRY_REGEX ]]; then
echo "- ${BASH_REMATCH[1]//\`}" >> contrib/builder/rpm/${PACKAGE_ARCH}/changelog
fi
done < CHANGELOG.md
builderDir="contrib/builder/rpm/${PACKAGE_ARCH}"
pkgs=( $(find "${builderDir}/"*/ -type d) )
if [ ! -z "$DOCKER_BUILD_PKGS" ]; then
pkgs=()
for p in $DOCKER_BUILD_PKGS; do
pkgs+=( "$builderDir/$p" )
done
fi
for dir in "${pkgs[@]}"; do
[ -d "$dir" ] || { echo >&2 "skipping nonexistent $dir"; continue; }
version="$(basename "$dir")"
suite="${version##*-}"
image="dockercore/builder-rpm:$version"
if ! docker inspect "$image" &> /dev/null; then
( set -x && docker build ${DOCKER_BUILD_ARGS} -t "$image" "$dir" )
fi
mkdir -p "$DEST/$version"
cat > "$DEST/$version/Dockerfile.build" <<-EOF
FROM $image
COPY . /usr/src/${rpmName}
WORKDIR /usr/src/${rpmName}
RUN mkdir -p /go/src/github.com/docker && mkdir -p /go/src/github.com/opencontainers
EOF
cat >> "$DEST/$version/Dockerfile.build" <<-EOF
# Install runc, containerd, proxy and tini
RUN TMP_GOPATH="/go" ./hack/dockerfile/install-binaries.sh runc-dynamic containerd-dynamic proxy-dynamic tini
EOF
if [[ "$VERSION" == *-dev ]] || [ -n "$(git status --porcelain)" ]; then
echo 'ENV DOCKER_EXPERIMENTAL 1' >> "$DEST/$version/Dockerfile.build"
fi
cat >> "$DEST/$version/Dockerfile.build" <<-EOF
RUN mkdir -p /root/rpmbuild/SOURCES \
&& echo '%_topdir /root/rpmbuild' > /root/.rpmmacros
WORKDIR /root/rpmbuild
RUN ln -sfv /usr/src/${rpmName}/hack/make/.build-rpm SPECS
WORKDIR /root/rpmbuild/SPECS
RUN tar --exclude .git -r -C /usr/src -f /root/rpmbuild/SOURCES/${rpmName}.tar ${rpmName}
RUN tar --exclude .git -r -C /go/src/github.com/docker -f /root/rpmbuild/SOURCES/${rpmName}.tar containerd
RUN tar --exclude .git -r -C /go/src/github.com/docker/libnetwork/cmd -f /root/rpmbuild/SOURCES/${rpmName}.tar proxy
RUN tar --exclude .git -r -C /go/src/github.com/opencontainers -f /root/rpmbuild/SOURCES/${rpmName}.tar runc
RUN tar --exclude .git -r -C /go/ -f /root/rpmbuild/SOURCES/${rpmName}.tar tini
RUN gzip /root/rpmbuild/SOURCES/${rpmName}.tar
RUN { cat /usr/src/${rpmName}/contrib/builder/rpm/${PACKAGE_ARCH}/changelog; } >> ${rpmName}.spec && tail >&2 ${rpmName}.spec
RUN rpmbuild -ba \
--define '_gitcommit $DOCKER_GITCOMMIT' \
--define '_release $rpmRelease' \
--define '_version $rpmVersion' \
--define '_origversion $VERSION' \
--define '_experimental ${DOCKER_EXPERIMENTAL:-0}' \
${rpmName}.spec
EOF
# selinux policy referencing systemd things won't work on non-systemd versions
# of centos or rhel, which we don't support anyways
if [ "${suite%.*}" -gt 6 ] && [[ "$version" != opensuse* ]]; then
if [ -d "./contrib/selinux-$version" ]; then
selinuxDir="selinux-${version}"
cat >> "$DEST/$version/Dockerfile.build" <<-EOF
RUN tar -cz -C /usr/src/${rpmName}/contrib/${selinuxDir} -f /root/rpmbuild/SOURCES/${rpmName}-selinux.tar.gz ${rpmName}-selinux
RUN rpmbuild -ba \
--define '_gitcommit $DOCKER_GITCOMMIT' \
--define '_release $rpmRelease' \
--define '_version $rpmVersion' \
--define '_origversion $VERSION' \
${rpmName}-selinux.spec
EOF
fi
fi
tempImage="docker-temp/build-rpm:$version"
( set -x && docker build ${DOCKER_BUILD_ARGS} -t "$tempImage" -f $DEST/$version/Dockerfile.build . )
docker run --rm "$tempImage" bash -c 'cd /root/rpmbuild && tar -c *RPMS' | tar -xvC "$DEST/$version"
docker rmi "$tempImage"
done
source "$(dirname "$BASH_SOURCE")/.integration-daemon-stop"
) 2>&1 | tee -a $DEST/test.log