rpms
/
containers-common
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: rpms:c9
Branches Tags
rpms:i10cs
rpms:cs10
rpms:i8c-stream-rhel8
rpms:c8-stream-rhel8
rpms:i8-beta-stream-rhel8
rpms:i9
rpms:i9-beta
rpms:i9c
rpms:c9
rpms:i8c-beta-stream-rhel8
rpms:c8-beta-stream-rhel8
rpms:i9c-beta
rpms:c9-beta
rpms:i8-stream-rhel8
rpms:i8-stream-4.0
rpms:i8c-stream-4.0
rpms:c8-stream-4.0
...
pull from: rpms:i8-beta-stream-rhel8
Branches Tags
rpms:i10cs
rpms:cs10
rpms:i8c-stream-rhel8
rpms:c8-stream-rhel8
rpms:i8-beta-stream-rhel8
rpms:i9
rpms:i9-beta
rpms:i9c
rpms:c9
rpms:i8c-beta-stream-rhel8
rpms:c8-beta-stream-rhel8
rpms:i9c-beta
rpms:c9-beta
rpms:i8-stream-rhel8
rpms:i8-stream-4.0
rpms:i8c-stream-4.0
rpms:c8-stream-4.0

No commits in common. 'c9' and 'i8-beta-stream-rhel8' have entirely different histories.
c9 ... i8-beta-st

13 changed files with 191 additions and 5406 deletions
Show Stats

5048
SOURCES/001-rhel-shortnames-pyxis.conf
View File

File diff suppressed because it is too large Load Diff

10
SOURCES/002-rhel-shortnames-overrides.conf
Unescape View File

@ -1,10 +0,0 @@
[aliases]
"skopeo" = "registry.access.redhat.com/ubi8/skopeo"
"ubi8/skopeo" = "registry.access.redhat.com/ubi8/skopeo"
"rhel9/skopeo" = "registry.redhat.io/rhel9/skopeo"
"buildah" = "registry.access.redhat.com/ubi8/buildah"
"ubi8/buildah" = "registry.access.redhat.com/ubi8/buildah"
"rhel9/buildah" = "registry.redhat.io/rhel9/buildah"
"podman" = "registry.access.redhat.com/ubi8/podman"
"ubi8/podman" = "registry.access.redhat.com/ubi8/podman"
"rhel9/podman" = "registry.redhat.io/rhel9/podman"

29
SOURCES/RPM-GPG-KEY-redhat-beta
Unescape View File

@ -1,29 +0,0 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.6 (GNU/Linux)
mQINBEmkAzABEAC2/c7bP1lHQ3XScxbIk0LQWe1YOiibQBRLwf8Si5PktgtuPibT
kKpZjw8p4D+fM7jD1WUzUE0X7tXg2l/eUlMM4dw6XJAQ1AmEOtlwSg7rrMtTvM0A
BEtI7Km6fC6sU6RtBMdcqD1cH/6dbsfh8muznVA7UlX+PRBHVzdWzj6y8h84dBjo
gzcbYu9Hezqgj/lLzicqsSZPz9UdXiRTRAIhp8V30BD8uRaaa0KDDnD6IzJv3D9P
xQWbFM4Z12GN9LyeZqmD7bpKzZmXG/3drvfXVisXaXp3M07t3NlBa3Dt8NFIKZ0D
FRXBz5bvzxRVmdH6DtkDWXDPOt+Wdm1rZrCOrySFpBZQRpHw12eo1M1lirANIov7
Z+V1Qh/aBxj5EUu32u9ZpjAPPNtQF6F/KjaoHHHmEQAuj4DLex4LY646Hv1rcv2i
QFuCdvLKQGSiFBrfZH0j/IX3/0JXQlZzb3MuMFPxLXGAoAV9UP/Sw/WTmAuTzFVm
G13UYFeMwrToOiqcX2VcK0aC1FCcTP2z4JW3PsWvU8rUDRUYfoXovc7eg4Vn5wHt
0NBYsNhYiAAf320AUIHzQZYi38JgVwuJfFu43tJZE4Vig++RQq6tsEx9Ftz3EwRR
fJ9z9mEvEiieZm+vbOvMvIuimFVPSCmLH+bI649K8eZlVRWsx3EXCVb0nQARAQAB
tDBSZWQgSGF0LCBJbmMuIChiZXRhIGtleSAyKSA8c2VjdXJpdHlAcmVkaGF0LmNv
bT6JAjYEEwECACAFAkpSM+cCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRCT
ioDK8hVB6/9tEAC0+KmzeKceXQ/GTUoU6jy9vtkFCFrmv+c7ol4XpdTt0QhqBOwy
6m2mKWwmm8KfYfy0cADQ4y/EcoXl7FtFBwYmkCuEQGXhTDn9DvVjhooIq59LEMBQ
OW879RwwzRIZ8ebbjMUjDPF5MfPQqP2LBu9N4KvXlZp4voykwuuaJ+cbsKZR6pZ6
0RQKPHKP+NgUFC0fff7XY9cuOZZWFAeKRhLN2K7bnRHKxp+kELWb6R9ZfrYwZjWc
MIPbTd1khE53L4NTfpWfAnJRtkPSDOKEGVlVLtLq4HEAxQt07kbslqISRWyXER3u
QOJj64D1ZiIMz6t6uZ424VE4ry9rBR0Jz55cMMx5O/ni9x3xzFUgH8Su2yM0r3jE
Rf24+tbOaPf7tebyx4OKe+JW95hNVstWUDyGbs6K9qGfI/pICuO1nMMFTo6GqzQ6
DwLZvJ9QdXo7ujEtySZnfu42aycaQ9ZLC2DOCQCUBY350Hx6FLW3O546TAvpTfk0
B6x+DV7mJQH7MGmRXQsE7TLBJKjq28Cn4tVp04PmybQyTxZdGA/8zY6pPl6xyVMH
V68hSBKEVT/rlouOHuxfdmZva1DhVvUC6Xj7+iTMTVJUAq/4Uyn31P1OJmA2a0PT
CAqWkbJSgKFccsjPoTbLyxhuMSNkEZFHvlZrSK9vnPzmfiRH0Orx3wYpMQ==
=21pb
-----END PGP PUBLIC KEY BLOCK-----

66
SOURCES/RPM-GPG-KEY-redhat-release
Unescape View File

@ -1,66 +0,0 @@
The following public key can be used to verify RPM packages built and
signed by Red Hat, Inc. This key is used for packages in Red Hat
products shipped after November 2009, and for all updates to those
products.
Questions about this key should be sent to security@redhat.com.
pub 4096R/FD431D51 2009-10-22 Red Hat, Inc. (release key 2) <security@redhat.com>
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBErgSTsBEACh2A4b0O9t+vzC9VrVtL1AKvUWi9OPCjkvR7Xd8DtJxeeMZ5eF
0HtzIG58qDRybwUe89FZprB1ffuUKzdE+HcL3FbNWSSOXVjZIersdXyH3NvnLLLF
0DNRB2ix3bXG9Rh/RXpFsNxDp2CEMdUvbYCzE79K1EnUTVh1L0Of023FtPSZXX0c
u7Pb5DI5lX5YeoXO6RoodrIGYJsVBQWnrWw4xNTconUfNPk0EGZtEnzvH2zyPoJh
XGF+Ncu9XwbalnYde10OCvSWAZ5zTCpoLMTvQjWpbCdWXJzCm6G+/hx9upke546H
5IjtYm4dTIVTnc3wvDiODgBKRzOl9rEOCIgOuGtDxRxcQkjrC+xvg5Vkqn7vBUyW
9pHedOU+PoF3DGOM+dqv+eNKBvh9YF9ugFAQBkcG7viZgvGEMGGUpzNgN7XnS1gj
/DPo9mZESOYnKceve2tIC87p2hqjrxOHuI7fkZYeNIcAoa83rBltFXaBDYhWAKS1
PcXS1/7JzP0ky7d0L6Xbu/If5kqWQpKwUInXtySRkuraVfuK3Bpa+X1XecWi24JY
HVtlNX025xx1ewVzGNCTlWn1skQN2OOoQTV4C8/qFpTW6DTWYurd4+fE0OJFJZQF
buhfXYwmRlVOgN5i77NTIJZJQfYFj38c/Iv5vZBPokO6mffrOTv3MHWVgQARAQAB
tDNSZWQgSGF0LCBJbmMuIChyZWxlYXNlIGtleSAyKSA8c2VjdXJpdHlAcmVkaGF0
LmNvbT6JAjYEEwECACAFAkrgSTsCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAK
CRAZni+R/UMdUWzpD/9s5SFR/ZF3yjY5VLUFLMXIKUztNN3oc45fyLdTI3+UClKC
2tEruzYjqNHhqAEXa2sN1fMrsuKec61Ll2NfvJjkLKDvgVIh7kM7aslNYVOP6BTf
C/JJ7/ufz3UZmyViH/WDl+AYdgk3JqCIO5w5ryrC9IyBzYv2m0HqYbWfphY3uHw5
un3ndLJcu8+BGP5F+ONQEGl+DRH58Il9Jp3HwbRa7dvkPgEhfFR+1hI+Btta2C7E
0/2NKzCxZw7Lx3PBRcU92YKyaEihfy/aQKZCAuyfKiMvsmzs+4poIX7I9NQCJpyE
IGfINoZ7VxqHwRn/d5mw2MZTJjbzSf+Um9YJyA0iEEyD6qjriWQRbuxpQXmlAJbh
8okZ4gbVFv1F8MzK+4R8VvWJ0XxgtikSo72fHjwha7MAjqFnOq6eo6fEC/75g3NL
Ght5VdpGuHk0vbdENHMC8wS99e5qXGNDued3hlTavDMlEAHl34q2H9nakTGRF5Ki
JUfNh3DVRGhg8cMIti21njiRh7gyFI2OccATY7bBSr79JhuNwelHuxLrCFpY7V25
OFktl15jZJaMxuQBqYdBgSay2G0U6D1+7VsWufpzd/Abx1/c3oi9ZaJvW22kAggq
dzdA27UUYjWvx42w9menJwh/0jeQcTecIUd0d0rFcw/c1pvgMMl/Q73yzKgKYw==
=zbHE
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGIpIp4BEAC/o5e1WzLIsS6/JOQCs4XYATYTcf6B6ALzcP05G0W3uRpUQSrL
FRKNrU8ZCelm/B+XSh2ljJNeklp2WLxYENDOsftDXGoyLr2hEkI5OyK267IHhFNJ
g+BN+T5Cjh4ZiiWij6o9F7x2ZpxISE9M4iI80rwSv1KOnGSw5j2zD2EwoMjTVyVE
/t3s5XJxnDclB7ZqL+cgjv0mWUY/4+b/OoRTkhq7b8QILuZp75Y64pkrndgakm1T
8mAGXV02mEzpNj9DyAJdUqa11PIhMJMxxHOGHJ8CcHZ2NJL2e7yJf4orTj+cMhP5
LzJcVlaXnQYu8Zkqa0V6J1Qdj8ZXL72QsmyicRYXAtK9Jm5pvBHuYU2m6Ja7dBEB
Vkhe7lTKhAjkZC5ErPmANNS9kPdtXCOpwN1lOnmD2m04hks3kpH9OTX7RkTFUSws
eARAfRID6RLfi59B9lmAbekecnsMIFMx7qR7ZKyQb3GOuZwNYOaYFevuxusSwCHv
4FtLDIhk+Fge+EbPdEva+VLJeMOb02gC4V/cX/oFoPkxM1A5LHjkuAM+aFLAiIRd
Np/tAPWk1k6yc+FqkcDqOttbP4ciiXb9JPtmzTCbJD8lgH0rGp8ufyMXC9x7/dqX
TjsiGzyvlMnrkKB4GL4DqRFl8LAR02A3846DD8CAcaxoXggL2bJCU2rgUQARAQAB
tDVSZWQgSGF0LCBJbmMuIChhdXhpbGlhcnkga2V5IDMpIDxzZWN1cml0eUByZWRo
YXQuY29tPokCUgQTAQgAPBYhBH5GJCWMQGU11W1vE1BU5KRaY0CzBQJiKSKeAhsD
BQsJCAcCAyICAQYVCgkICwIEFgIDAQIeBwIXgAAKCRBQVOSkWmNAsyBfEACuTN/X
YR+QyzeRw0pXcTvMqzNE4DKKr97hSQEwZH1/v1PEPs5O3psuVUm2iam7bqYwG+ry
EskAgMHi8AJmY0lioQD5/LTSLTrM8UyQnU3g17DHau1NHIFTGyaW4a7xviU4C2+k
c6X0u1CPHI1U4Q8prpNcfLsldaNYlsVZtUtYSHKPAUcswXWliW7QYjZ5tMSbu8jR
OMOc3mZuf0fcVFNu8+XSpN7qLhRNcPv+FCNmk/wkaQfH4Pv+jVsOgHqkV3aLqJeN
kNUnpyEKYkNqo7mNfNVWOcl+Z1KKKwSkIi3vg8maC7rODsy6IX+Y96M93sqYDQom
aaWue2gvw6thEoH4SaCrCL78mj2YFpeg1Oew4QwVcBnt68KOPfL9YyoOicNs4Vuu
fb/vjU2ONPZAeepIKA8QxCETiryCcP43daqThvIgdbUIiWne3gae6eSj0EuUPoYe
H5g2Lw0qdwbHIOxqp2kvN96Ii7s1DK3VyhMt/GSPCxRnDRJ8oQKJ2W/I1IT5VtiU
zMjjq5JcYzRPzHDxfVzT9CLeU/0XQ+2OOUAiZKZ0dzSyyVn8xbpviT7iadvjlQX3
CINaPB+d2Kxa6uFWh+ZYOLLAgZ9B8NKutUHpXN66YSfe79xFBSFWKkJ8cSIMk13/
Ifs7ApKlKCCRDpwoDqx/sjIaj1cpOfLHYjnefg==
=UZd/
-----END PGP PUBLIC KEY BLOCK-----

32
SOURCES/containers.conf
Unescape View File

@ -57,19 +57,20 @@
# List of default capabilities for containers. If it is empty or commented out,
# the default capabilities defined in the container engine will be added.
#
#default_capabilities = [
# "CHOWN",
# "DAC_OVERRIDE",
# "FOWNER",
# "FSETID",
# "KILL",
# "NET_BIND_SERVICE",
# "SETFCAP",
# "SETGID",
# "SETPCAP",
# "SETUID",
# "SYS_CHROOT",
#]
default_capabilities = [
"NET_RAW",
"CHOWN",
"DAC_OVERRIDE",
"FOWNER",
"FSETID",
"KILL",
"NET_BIND_SERVICE",
"SETFCAP",
"SETGID",
"SETPCAP",
"SETUID",
"SYS_CHROOT",
]
# A list of sysctls to be set in containers by default,
# specified as "name=value",
@ -184,6 +185,7 @@ default_sysctls = [
# Logging driver for the container. Available options: k8s-file and journald.
#
#log_driver = "k8s-file"
log_driver = "k8s-file"
# Maximum size allowed for the container log file. Negative numbers indicate
# that no size limit is imposed. If positive, it must be >= 8192 to match or
@ -320,6 +322,7 @@ default_sysctls = [
# iptables rules and network interfaces might leak on the host. A reboot will fix this.
#
#network_backend = ""
network_backend = "cni"
# Path to directory where CNI plugin binaries are located.
#
@ -505,6 +508,7 @@ default_sysctls = [
# Valid values are `journald`, `file` and `none`.
#
#events_logger = "journald"
events_logger = "file"
# Creates a more verbose container-create event which includes a JSON payload
# with detailed information about the container.
@ -642,7 +646,7 @@ default_sysctls = [
# Default OCI runtime
#
#runtime = "crun"
runtime = "crun"
runtime = "runc"
# List of the OCI runtimes that support --format=json. When json is supported
# engine will use it for reporting nicer errors.

13
SOURCES/default-policy.json
Unescape View File

@ -6,18 +6,9 @@
],
"transports": {
"docker": {
"registry.access.redhat.com": [
"": [
{
"type": "signedBy",
"keyType": "GPGKeys",
"keyPaths": ["/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release", "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta"]
}
],
"registry.redhat.io": [
{
"type": "signedBy",
"keyType": "GPGKeys",
"keyPaths": ["/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release", "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta"]
"type": "insecureAcceptAnything"
}
]
},

6
SOURCES/pyxis.sh
Unescape View File

@ -30,12 +30,6 @@ while [ $IDX -lt ${#lines[@]} ]; do
[[ $REPOSITORY != *[* ]] &&
[[ $REGISTRY == *.* ]] &&
[ "$REGISTRY" != "non_registry" ]; then
if [[ $REGISTRY == *quay.io* ]] ||
[[ $REGISTRY == *redhat.com* ]]; then
if [ "$REQ_TERMS" == "true" ]; then
REGISTRY=registry.redhat.io
fi
fi
echo "\"$REPOSITORY\" = \"$REGISTRY/$REPOSITORY\""
echo $PUBLISHED,$REQ_TERMS,$REPOSITORY,$REGISTRY,$RELEASE >> /tmp/pyx_debug
echo "\"$REPOSITORY\" = \"$REGISTRY/$REPOSITORY\"" >> /tmp/rhel-shortnames.conf

4
SOURCES/registries.conf
Unescape View File

@ -19,7 +19,7 @@
#
# # An array of host[:port] registries to try when pulling an unqualified image, in order.
unqualified-search-registries = ["registry.access.redhat.com", "registry.redhat.io", "docker.io"]
unqualified-search-registries = ["docker.io"]
# [[registry]]
# # The "prefix" field is used to choose the relevant [[registry]] TOML table;
@ -76,4 +76,4 @@ unqualified-search-registries = ["registry.access.redhat.com", "registry.redhat.
# # 2. example-mirror-1.local/mirrors/foo/image:latest
# # 3. internal-registry-for-example.net/bar/image:latest
# # in order, and use the first one that exists.
short-name-mode = "enforcing"
short-name-mode = "permissive"

3
SOURCES/registry.access.redhat.com.yaml
Unescape View File

@ -1,3 +0,0 @@
docker:
registry.access.redhat.com:
sigstore: https://access.redhat.com/webassets/docker/content/sigstore

3
SOURCES/registry.redhat.io.yaml
Unescape View File

@ -1,3 +0,0 @@
docker:
registry.redhat.io:
sigstore: https://registry.redhat.io/containers/sigstore

2
SOURCES/shortnames.conf
Unescape View File

@ -22,6 +22,8 @@
# Fedora
"fedora-minimal" = "registry.fedoraproject.org/fedora-minimal"
"fedora" = "registry.fedoraproject.org/fedora"
# MSVSphere
"msvsphere" = "docker.io/inferit/msvsphere"
# Gentoo
"gentoo" = "docker.io/gentoo/stage3"
# openSUSE

11
SOURCES/update.sh
Unescape View File

@ -33,7 +33,7 @@ ensure storage.conf mountopt \"nodev,metacopy=on\"
if pwd | grep rhel-8 > /dev/null
then
awk -i inplace '/#default_capabilities/,/#\]/{gsub("#","",$0)}1' containers.conf
ensure registries.conf unqualified-search-registries [\"registry.access.redhat.com\",\ \"registry.redhat.io\",\ \"docker.io\"]
ensure registries.conf unqualified-search-registries [\"docker.io\"]
ensure registries.conf short-name-mode \"permissive\"
ensure containers.conf runtime \"runc\"
ensure containers.conf events_logger \"file\"
@ -50,7 +50,7 @@ then
"SYS_CHROOT",' containers.conf
fi
else
ensure registries.conf unqualified-search-registries [\"registry.access.redhat.com\",\ \"registry.redhat.io\",\ \"docker.io\"]
ensure registries.conf unqualified-search-registries [\"docker.io\"]
ensure registries.conf short-name-mode \"enforcing\"
ensure containers.conf runtime \"crun\"
fi
@ -58,10 +58,3 @@ fi
"keyctl",' seccomp.json
[ `grep \"socket\", seccomp.json | wc -l` == 0 ] && sed -i '/\"socketcall\",/i \
"socket",' seccomp.json
rhpkg clone redhat-release
cd redhat-release
rhpkg switch-branch rhel-9.4.0
rhpkg prep
cp -f redhat-release-*/RPM-GPG* ../
cd -
rm -rf redhat-release

370
SPECS/containers-common.spec
Unescape View File

@ -12,9 +12,11 @@
Epoch: 2
Name: containers-common
Version: 1
Release: 91%{?dist}
Release: 81%{?dist}.inferit
Summary: Common configuration and documentation for containers
License: ASL 2.0
# arch limitation because of go-md2man (missing on i686)
# https://fedoraproject.org/wiki/PackagingDrafts/Go#Go_Language_Architectures
ExclusiveArch: %{go_arches}
BuildRequires: /usr/bin/go-md2man
Provides: skopeo-containers = %{epoch}:%{version}-%{release}
@ -49,18 +51,12 @@ Source14: https://raw.githubusercontent.com/containers/common/%{common_branch}/d
Source15: https://raw.githubusercontent.com/containers/image/%{image_branch}/docs/containers-auth.json.5.md
Source16: https://raw.githubusercontent.com/containers/image/%{image_branch}/docs/containers-registries.conf.d.5.md
Source17: https://raw.githubusercontent.com/containers/shortnames/%{shortnames_branch}/shortnames.conf
Source19: 001-rhel-shortnames-pyxis.conf
Source20: 002-rhel-shortnames-overrides.conf
Source21: RPM-GPG-KEY-redhat-release
Source22: registry.access.redhat.com.yaml
Source23: registry.redhat.io.yaml
#Source24: https://raw.githubusercontent.com/containers/skopeo/%%{skopeo_branch}/default-policy.json
Source24: default-policy.json
Source25: https://raw.githubusercontent.com/containers/skopeo/%{skopeo_branch}/default.yaml
# FIXME: fix the branch once these are available via regular c/common branch
Source26: https://raw.githubusercontent.com/containers/common/main/docs/Containerfile.5.md
Source27: https://raw.githubusercontent.com/containers/common/main/docs/containerignore.5.md
Source28: RPM-GPG-KEY-redhat-beta
# scripts used for synchronization with upstream and shortname generation
Source100: update.sh
@ -85,18 +81,12 @@ install -dp %{buildroot}%{_datadir}/containers/systemd
install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/storage.conf
install -m0644 %{SOURCE5} %{buildroot}%{_sysconfdir}/containers/registries.conf
install -m0644 %{SOURCE17} %{buildroot}%{_sysconfdir}/containers/registries.conf.d/000-shortnames.conf
install -m0644 %{SOURCE19} %{buildroot}%{_sysconfdir}/containers/registries.conf.d/001-rhel-shortnames.conf
install -m0644 %{SOURCE20} %{buildroot}%{_sysconfdir}/containers/registries.conf.d/002-rhel-shortnames-overrides.conf
# for signature verification
%if !0%{?rhel} || 0%{?centos}
install -dp %{buildroot}%{_sysconfdir}/pki/rpm-gpg
install -m0644 %{SOURCE21} %{buildroot}%{_sysconfdir}/pki/rpm-gpg
install -m0644 %{SOURCE28} %{buildroot}%{_sysconfdir}/pki/rpm-gpg
%endif
install -dp %{buildroot}%{_sysconfdir}/containers/registries.d
install -m0644 %{SOURCE22} %{buildroot}%{_sysconfdir}/containers/registries.d
install -m0644 %{SOURCE23} %{buildroot}%{_sysconfdir}/containers/registries.d
install -m0644 %{SOURCE24} %{buildroot}%{_sysconfdir}/containers/policy.json
install -dp %{buildroot}%{_sharedstatedir}/containers/sigstore
install -m0644 %{SOURCE25} %{buildroot}%{_sysconfdir}/containers/registries.d/default.yaml
@ -129,19 +119,6 @@ ln -s %{_sysconfdir}/pki/entitlement %{buildroot}%{_datadir}/rhel/secrets/etc-pk
ln -s %{_sysconfdir}/rhsm %{buildroot}%{_datadir}/rhel/secrets/rhsm
ln -s %{_sysconfdir}/yum.repos.d/redhat.repo %{buildroot}%{_datadir}/rhel/secrets/redhat.repo
# ship preconfigured /etc/containers/registries.d/ files with containers-common - #1903813
cat <<EOF > %{buildroot}%{_sysconfdir}/containers/registries.d/registry.access.redhat.com.yaml
docker:
registry.access.redhat.com:
sigstore: https://access.redhat.com/webassets/docker/content/sigstore
EOF
cat <<EOF > %{buildroot}%{_sysconfdir}/containers/registries.d/registry.redhat.io.yaml
docker:
registry.redhat.io:
sigstore: https://registry.redhat.io/containers/sigstore
EOF
%files
%dir %{_sysconfdir}/containers
%dir %{_sysconfdir}/containers/certs.d
@ -151,17 +128,11 @@ EOF
%dir %{_sysconfdir}/containers/registries.conf.d
%dir %{_sysconfdir}/containers/systemd
%dir %{_datadir}/containers/systemd
%if !0%{?rhel} || 0%{?centos}
%{_sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
%{_sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta
%endif
%config(noreplace) %{_sysconfdir}/containers/policy.json
%config(noreplace) %{_sysconfdir}/containers/storage.conf
%config(noreplace) %{_sysconfdir}/containers/registries.conf
%config(noreplace) %{_sysconfdir}/containers/registries.conf.d/*.conf
%config(noreplace) %{_sysconfdir}/containers/registries.d/default.yaml
%config(noreplace) %{_sysconfdir}/containers/registries.d/registry.redhat.io.yaml
%config(noreplace) %{_sysconfdir}/containers/registries.d/registry.access.redhat.com.yaml
%ghost %{_sysconfdir}/containers/containers.conf
%dir %{_sharedstatedir}/containers/sigstore
%{_mandir}/man5/*
@ -173,268 +144,257 @@ EOF
%{_datadir}/rhel/secrets/*
%changelog
* Wed Apr 17 2024 Jindrich Novy <jnovy@redhat.com> - 2:1-91
- rebuild for the wrong tag
- Related: RHEL-31946
* Wed Apr 24 2024 Sergey Cherevko <s.cherevko@msvsphere-os.ru> - 2:1-81.inferit
- MSVSphere debranding
- Rebuilt for MSVSphere 8.10 beta
* Fri Apr 05 2024 Lokesh Mandvekar <lsm5@redhat.com> - 2:1-90
- Bump release to way higher than rhel 8.10 to preserve upgrade path
- Related: Jira:RHEL-31946
* Wed Feb 14 2024 Jindrich Novy <jnovy@redhat.com> - 2:1-81
- Update shortnames from Pyxis
- Related: Jira:RHEL-2110
* Wed Feb 14 2024 Jindrich Novy <jnovy@redhat.com> - 2:1-62
- regenerate shortnames from Pyxis and update vendored components
- Related: Jira:RHEL-2112
* Mon Feb 12 2024 Jindrich Novy <jnovy@redhat.com> - 2:1-80
- bump release to preserve upgrade path
- Resolves: Jira:RHEL-12277
* Thu Feb 08 2024 Jindrich Novy <jnovy@redhat.com> - 2:1-61
* Thu Feb 08 2024 Jindrich Novy <jnovy@redhat.com> - 2:1-59
- update vendored components
- Related: Jira:RHEL-2112
- Related: Jira:RHEL-2110
* Tue Jan 02 2024 Jindrich Novy <jnovy@redhat.com> - 2:1-60
- Update vendored components
- Related: Jira:RHEL-2112
* Tue Jan 02 2024 Jindrich Novy <jnovy@redhat.com> - 2:1-58
- update vendored components
- Related: Jira:RHEL-2110
* Wed Oct 11 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-59
- fix shortnames
- Related: Jira:RHEL-2112
* Wed Oct 11 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-57
- fix shortnames for rhel-minimal
- Related: Jira:RHEL-2110
* Thu Sep 14 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-58
* Fri Sep 15 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-56
- implement GPG auto updating mechanism from redhat-release
- Resolves: #RHEL-3164
- Resolves: #RHEL-2110
* Wed Sep 13 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-57
* Wed Sep 13 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-55
- update GPG keys to the current content of redhat-release
- Resolves: #RHEL-3164
* Fri Aug 25 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-56
* Fri Aug 25 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-54
- update vendored components and shortnames
- Related: #2176063
- Related: #2176055
* Wed Jul 19 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-55
- fix vendoring script
- Related: #2176063
* Mon Jul 10 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-54
* Mon Jul 10 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-53
- update vendored components
- Related: #2176063
* Tue Jun 20 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-53
- rebuild
- Resolves: #2178263
- Related: #2176055
* Fri Apr 21 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-52
* Sat Jul 08 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-52
- update vendored components
- Related: #2176063
- Related: #2176055
* Fri Mar 24 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-51
- regenerate shortnames, vendored components + fix pyxis script
- Related: #2176063
* Tue Mar 21 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-51
- be sure default_capabilities contain SYS_CHROOT
- Resolves: #2166195
* Wed Feb 22 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-50
* Thu Mar 09 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-50
- improve shortnames generation
- Related: #2124478
- Related: #2176055
* Tue Jan 31 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-49
- add missing systemd directories
- Related: #2124478
* Mon Jan 02 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-49
- update vendored components and configuration files
- Related: #2123641
* Mon Jan 30 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-48
* Fri Dec 02 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-48
- update vendored components and configuration files
- Related: #2124478
- Related: #2123641
* Thu Jan 05 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-47
- update vendored components, regenerate pyxis
- Related: #2124478
* Mon Nov 14 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-47
- enable NET_RAW capability for RHEL8 only
- Related: #2123641
* Thu Nov 10 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-46
- The NET_RAW capability was required in RHEL8 but no longer required in RHEL9
- Resolves: #2141531
* Tue Nov 08 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-46
- update vendored components and configuration files
- Related: #2123641
* Fri Oct 21 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-45
- add beta GPG key
- Related: #2124478
- update vendored components and configuration files
- Related: #2123641
* Mon Oct 17 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-44
- update vendored components and configuration files
- Related: #2123641
* Thu Oct 06 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-43
- update vendored components and configuration files
- Related: #2123641
* Tue Aug 23 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-44
- exclude non-go arches because of go-md2man
- Related: #2061316
* Wed Sep 21 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-42
- update vendored components and configuration files
- Related: #2123641
* Tue Sep 06 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-41
- add beta GPG key
- Related: #2123641
* Tue Aug 23 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-43
* Tue Aug 23 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-40
- add beta keys to default-policy.json
- Related: #2061316
- Related: #2061390
* Mon Aug 08 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-42
* Mon Aug 08 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-39
- update shortnames
- Related: #2061316
- Related: #2061390
* Wed Aug 03 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-41
- drop aardvark-dns and netavark - packaged separately
* Thu Aug 04 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-38
- arch limitation because of go-md2man (missing on i686)
- Related: #2061390
* Wed Aug 03 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-37
- add install section
- update vendored components
- Related: #2061316
- Related: #2061390
* Wed Aug 03 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-36
- remove aardvark-dns and netavark - packaged separately
- update vendored components and configuration files
- Related: #2061390
* Tue Jul 26 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-35
- update vendored components and configuration files
- Related: #2061390
* Mon Jun 27 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-40
* Mon Jun 27 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-34
- remove rhel-els and update shortnames
- Related: #2061316
- Related: #2061390
* Tue Jun 14 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-39
* Thu Jun 16 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-33
- update shortnames
- Related: #2061316
- Related: #2061390
* Thu Jun 09 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-38
- fix unqualified registries in registries.conf generation code
- Related: #2088139
* Thu Jun 09 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-32
- additional fix for unqualified registries
- Related: #2061390
* Thu Jun 09 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-31
- fix unqualified registries
- Related: #2061390
* Thu Jun 09 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-30
- update vendored components and configuration files
- Related: #2061390
* Mon May 23 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-37
* Mon May 23 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-29
- update unqualified registries list
- Related: #2088139
- Related: #2061390
* Mon May 09 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-36
* Mon May 09 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-28
- update aardvark-dns and netavark to 1.0.3
- update vendored components
- Related: #2061316
- Related: #2061390
* Wed Apr 20 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-35
* Fri Apr 22 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-27
- add man page sources too
- Related: #2061390
* Wed Apr 20 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-26
- add missing man pages from Fedora
- Related: #2061316
- Related: #2061390
* Wed Apr 06 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-25
- allow consuming aardvark-dns and netavark from upstream branch
- Related: #2061390
* Wed Apr 06 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-34
* Wed Apr 06 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-24
- update to netavark and aardvark-dns 1.0.2
- update vendored components
- Related: #2061316
* Mon Mar 21 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-33
- allow consuming aardvark-dns and netavark from upstream branches
- Related: #2061316
- Related: #2061390
* Mon Feb 28 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-32
- build rust packages with RUSTFLAGS set to make ExecShield happy (Lokesh Mandvekar)
- Related: #2000051
* Mon Feb 28 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-31
* Mon Feb 28 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-23
- update to netavark and aardvark-dns 1.0.1
- Related: #2000051
* Wed Feb 23 2022 Lokesh Mandvekar <lsm5@redhat.com> - 2:1-30
- archful package should conflict with older noarch package
- Related: #2000051
- Related: #2001445
* Tue Feb 22 2022 Lokesh Mandvekar <lsm5@redhat.com> - 2:1-29
- consistent release tags for all packages
- Related: #2000051
* Wed Feb 23 2022 Lokesh Mandvekar <lsm5@redhat.com> - 2:1-22
- build rust packages with RUSTFLAGS set to make ExecShield happy
- Related: #2001445
* Tue Feb 22 2022 Lokesh Mandvekar <lsm5@redhat.com> - 2:1-28
- main package should obsolete noarch versions upto 2:1-22
- Related: #2000051
* Mon Feb 21 2022 Lokesh Mandvekar <lsm5@redhat.com> - 2:1-27
* Mon Feb 21 2022 Lokesh Mandvekar <lsm5@redhat.com> - 2:1-21
- do not specify infra_image in containers.conf
- needed to resolve gating test failures
- Related: #2000051
* Sat Feb 19 2022 Lokesh Mandvekar <lsm5@redhat.com> - 2:1-26
- aardvark-dns built for same arches as netavark
- Related: #2000051
* Sat Feb 19 2022 Lokesh Mandvekar <lsm5@redhat.com> - 2:1-25
- build netavark only for podman's arches
- i686 can't find go-md2man which causes the build to fail otherwise
- Related: #2000051
- Related: #2001445
* Fri Feb 18 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-24
* Fri Feb 18 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-20
- update to netavark-1.0.0 and aardvark-dns-1.0.0
- Related: #2000051
- Related: #2001445
* Thu Feb 17 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-23
* Thu Feb 17 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-19
- package aarvark-dns and netavark as part of the containers-common
- Related: #2000051
- Related: #2001445
* Thu Feb 17 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-22
* Thu Feb 17 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-18
- update shortnames and vendored components
- Related: #2000051
- Related: #2001445
* Wed Feb 16 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-21
* Wed Feb 16 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-17
- containers.conf should contain network_backend = "cni" in RHEL8.6
- Related: #2000051
- Related: #2001445
* Wed Feb 09 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-20
- update shortname aliases from upstream
- Related: #2000051
* Fri Feb 11 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-16
- update vendored components and configuration files
- Related: #2001445
* Fri Feb 04 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-19
* Fri Feb 04 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-15
- sync vendored components
- Related: #2000051
- Related: #2001445
* Fri Feb 04 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-18
* Fri Feb 04 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-14
- sync vendored components
- Related: #2000051
* Mon Jan 17 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-17
- sync shortname aliases via Pyxis
- Related: #2000051
- Related: #2001445
* Fri Dec 10 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-16
- do not hardcode log_driver = "journald" and events_logger = "journald"
for RHEL9 and leave the rootful/rootless behaviour change based on
internal logic
- Related: #2000051
* Mon Jan 17 2022 Jindrich Novy <jnovy@redhat.com> - 2:1-13
- update shortnames from Pyxis
- Related: #2001445
* Thu Dec 09 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-15
* Thu Dec 09 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-12
- do not allow broken content from Pyxis to land in shortnames.conf
- Related: #2000051
- Related: #2001445
* Wed Dec 08 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-14
- update vendored component versions
- sync shortname aliases via Pyxis
- Related: #2000051
* Wed Dec 08 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-11
- sync vendored components
- update shortnames from Pyxis
- Related: #2001445
* Tue Nov 30 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-13
* Wed Dec 01 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-10
- use log_driver = "journald" and events_logger = "journald" for RHEL9
- Related: #2000051
- Related: #2001445
* Tue Nov 16 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-12
* Tue Nov 16 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-9
- consume seccomp.json from the oldest vendored version of c/common,
not main branch
- Related: #2000051
* Fri Nov 12 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-11
- use ubi8/pause as ubi9/pause is not available yet
- Related: #2000051
- Related: #2001445
* Wed Nov 10 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-10
* Wed Nov 10 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-8
- update vendored components
- Related: #2000051
- Related: #2001445
* Tue Nov 02 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-9
* Tue Nov 02 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-7
- make log_driver = "k8s-file" default in containers.conf
- Related: #2000051
- Related: #2001445
* Fri Oct 01 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-8
- perform only sanity/installability tests for now
- Related: #2000051
* Wed Oct 13 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-6
- sync vendored components
- Related: #2001445
* Wed Sep 29 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-7
* Wed Sep 29 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-5
- update to the new vendored components
- Related: #2000051
- Related: #2001445
* Wed Sep 29 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-6
- add gating.yaml
- Related: #2000051
* Fri Sep 24 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-5
* Fri Sep 24 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-4
- update to the new vendored components
- Related: #2000051
* Fri Sep 10 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-4
- fix updating scripts
- Related: #2000051
- Related: #2001445
* Thu Sep 09 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-3
* Fri Sep 10 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-3
- update to the new vendored components
- Related: #2000051
- Related: #2001445
* Fri Aug 20 2021 Lokesh Mandvekar <lsm5@fedoraproject.org> - 2:1-2
- bump configs to latest versions
- replace ubi9 references with ubi8
- Related: #1970747
* Wed Aug 11 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-2
- synchronize config files for RHEL-8.5
- Related: #1934415
* Wed Aug 11 2021 Jindrich Novy <jnovy@redhat.com> - 2:1-1
- initial import
- Related: #1970747
- Related: #1934415

Write Preview
Loading…
Cancel
Save