rpms
/
containers-common
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: rpms:c9
Branches Tags
rpms:i10cs
rpms:cs10
rpms:i8c-stream-rhel8
rpms:c8-stream-rhel8
rpms:i8-beta-stream-rhel8
rpms:i9
rpms:i9-beta
rpms:i9c
rpms:c9
rpms:i8c-beta-stream-rhel8
rpms:c8-beta-stream-rhel8
rpms:i9c-beta
rpms:c9-beta
rpms:i8-stream-rhel8
rpms:i8-stream-4.0
rpms:i8c-stream-4.0
rpms:c8-stream-4.0
...
pull from: rpms:i9-beta
Branches Tags
rpms:i10cs
rpms:cs10
rpms:i8c-stream-rhel8
rpms:c8-stream-rhel8
rpms:i8-beta-stream-rhel8
rpms:i9
rpms:i9-beta
rpms:i9c
rpms:c9
rpms:i8c-beta-stream-rhel8
rpms:c8-beta-stream-rhel8
rpms:i9c-beta
rpms:c9-beta
rpms:i8-stream-rhel8
rpms:i8-stream-4.0
rpms:i8c-stream-4.0
rpms:c8-stream-4.0

No commits in common. 'c9' and 'i9-beta' have entirely different histories.
c9 ... i9-beta

8 changed files with 12 additions and 71 deletions
Show Stats

10
SOURCES/002-rhel-shortnames-overrides.conf
Unescape View File

@ -1,10 +0,0 @@
[aliases]
"skopeo" = "registry.access.redhat.com/ubi8/skopeo"
"ubi8/skopeo" = "registry.access.redhat.com/ubi8/skopeo"
"rhel9/skopeo" = "registry.redhat.io/rhel9/skopeo"
"buildah" = "registry.access.redhat.com/ubi8/buildah"
"ubi8/buildah" = "registry.access.redhat.com/ubi8/buildah"
"rhel9/buildah" = "registry.redhat.io/rhel9/buildah"
"podman" = "registry.access.redhat.com/ubi8/podman"
"ubi8/podman" = "registry.access.redhat.com/ubi8/podman"
"rhel9/podman" = "registry.redhat.io/rhel9/podman"

13
SOURCES/default-policy.json
Unescape View File

@ -6,18 +6,9 @@
],
"transports": {
"docker": {
"registry.access.redhat.com": [
{
"type": "signedBy",
"keyType": "GPGKeys",
"keyPaths": ["/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release", "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta"]
}
],
"registry.redhat.io": [
"": [
{
"type": "signedBy",
"keyType": "GPGKeys",
"keyPaths": ["/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release", "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta"]
"type": "insecureAcceptAnything"
}
]
},

8
SOURCES/pyxis.sh
Unescape View File

@ -30,15 +30,7 @@ while [ $IDX -lt ${#lines[@]} ]; do
[[ $REPOSITORY != *[* ]] &&
[[ $REGISTRY == *.* ]] &&
[ "$REGISTRY" != "non_registry" ]; then
if [[ $REGISTRY == *quay.io* ]] ||
[[ $REGISTRY == *redhat.com* ]]; then
if [ "$REQ_TERMS" == "true" ]; then
REGISTRY=registry.redhat.io
fi
fi
echo "\"$REPOSITORY\" = \"$REGISTRY/$REPOSITORY\""
echo $PUBLISHED,$REQ_TERMS,$REPOSITORY,$REGISTRY,$RELEASE >> /tmp/pyx_debug
echo "\"$REPOSITORY\" = \"$REGISTRY/$REPOSITORY\"" >> /tmp/rhel-shortnames.conf
fi
IDX=$(($IDX+5))
done

2
SOURCES/registries.conf
Unescape View File

@ -19,7 +19,7 @@
#
# # An array of host[:port] registries to try when pulling an unqualified image, in order.
unqualified-search-registries = ["registry.access.redhat.com", "registry.redhat.io", "docker.io"]
unqualified-search-registries = ["docker.io"]
# [[registry]]
# # The "prefix" field is used to choose the relevant [[registry]] TOML table;

3
SOURCES/registry.access.redhat.com.yaml
Unescape View File

@ -1,3 +0,0 @@
docker:
registry.access.redhat.com:
sigstore: https://access.redhat.com/webassets/docker/content/sigstore

3
SOURCES/registry.redhat.io.yaml
Unescape View File

@ -1,3 +0,0 @@
docker:
registry.redhat.io:
sigstore: https://registry.redhat.io/containers/sigstore

4
SOURCES/update.sh
Unescape View File

@ -33,7 +33,7 @@ ensure storage.conf mountopt \"nodev,metacopy=on\"
if pwd | grep rhel-8 > /dev/null
then
awk -i inplace '/#default_capabilities/,/#\]/{gsub("#","",$0)}1' containers.conf
ensure registries.conf unqualified-search-registries [\"registry.access.redhat.com\",\ \"registry.redhat.io\",\ \"docker.io\"]
ensure registries.conf unqualified-search-registries [\"docker.io\"]
ensure registries.conf short-name-mode \"permissive\"
ensure containers.conf runtime \"runc\"
ensure containers.conf events_logger \"file\"
@ -50,7 +50,7 @@ then
"SYS_CHROOT",' containers.conf
fi
else
ensure registries.conf unqualified-search-registries [\"registry.access.redhat.com\",\ \"registry.redhat.io\",\ \"docker.io\"]
ensure registries.conf unqualified-search-registries [\"docker.io\"]
ensure registries.conf short-name-mode \"enforcing\"
ensure containers.conf runtime \"crun\"
fi

40
SPECS/containers-common.spec
Unescape View File

@ -12,7 +12,7 @@
Epoch: 2
Name: containers-common
Version: 1
Release: 91%{?dist}
Release: 91%{?dist}.inferit
Summary: Common configuration and documentation for containers
License: ASL 2.0
ExclusiveArch: %{go_arches}
@ -49,11 +49,6 @@ Source14: https://raw.githubusercontent.com/containers/common/%{common_branch}/d
Source15: https://raw.githubusercontent.com/containers/image/%{image_branch}/docs/containers-auth.json.5.md
Source16: https://raw.githubusercontent.com/containers/image/%{image_branch}/docs/containers-registries.conf.d.5.md
Source17: https://raw.githubusercontent.com/containers/shortnames/%{shortnames_branch}/shortnames.conf
Source19: 001-rhel-shortnames-pyxis.conf
Source20: 002-rhel-shortnames-overrides.conf
Source21: RPM-GPG-KEY-redhat-release
Source22: registry.access.redhat.com.yaml
Source23: registry.redhat.io.yaml
#Source24: https://raw.githubusercontent.com/containers/skopeo/%%{skopeo_branch}/default-policy.json
Source24: default-policy.json
Source25: https://raw.githubusercontent.com/containers/skopeo/%{skopeo_branch}/default.yaml
@ -85,18 +80,12 @@ install -dp %{buildroot}%{_datadir}/containers/systemd
install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/storage.conf
install -m0644 %{SOURCE5} %{buildroot}%{_sysconfdir}/containers/registries.conf
install -m0644 %{SOURCE17} %{buildroot}%{_sysconfdir}/containers/registries.conf.d/000-shortnames.conf
install -m0644 %{SOURCE19} %{buildroot}%{_sysconfdir}/containers/registries.conf.d/001-rhel-shortnames.conf
install -m0644 %{SOURCE20} %{buildroot}%{_sysconfdir}/containers/registries.conf.d/002-rhel-shortnames-overrides.conf
# for signature verification
%if !0%{?rhel} || 0%{?centos}
install -dp %{buildroot}%{_sysconfdir}/pki/rpm-gpg
install -m0644 %{SOURCE21} %{buildroot}%{_sysconfdir}/pki/rpm-gpg
install -m0644 %{SOURCE28} %{buildroot}%{_sysconfdir}/pki/rpm-gpg
%endif
install -dp %{buildroot}%{_sysconfdir}/containers/registries.d
install -m0644 %{SOURCE22} %{buildroot}%{_sysconfdir}/containers/registries.d
install -m0644 %{SOURCE23} %{buildroot}%{_sysconfdir}/containers/registries.d
install -m0644 %{SOURCE24} %{buildroot}%{_sysconfdir}/containers/policy.json
install -dp %{buildroot}%{_sharedstatedir}/containers/sigstore
install -m0644 %{SOURCE25} %{buildroot}%{_sysconfdir}/containers/registries.d/default.yaml
@ -129,19 +118,6 @@ ln -s %{_sysconfdir}/pki/entitlement %{buildroot}%{_datadir}/rhel/secrets/etc-pk
ln -s %{_sysconfdir}/rhsm %{buildroot}%{_datadir}/rhel/secrets/rhsm
ln -s %{_sysconfdir}/yum.repos.d/redhat.repo %{buildroot}%{_datadir}/rhel/secrets/redhat.repo
# ship preconfigured /etc/containers/registries.d/ files with containers-common - #1903813
cat <<EOF > %{buildroot}%{_sysconfdir}/containers/registries.d/registry.access.redhat.com.yaml
docker:
registry.access.redhat.com:
sigstore: https://access.redhat.com/webassets/docker/content/sigstore
EOF
cat <<EOF > %{buildroot}%{_sysconfdir}/containers/registries.d/registry.redhat.io.yaml
docker:
registry.redhat.io:
sigstore: https://registry.redhat.io/containers/sigstore
EOF
%files
%dir %{_sysconfdir}/containers
%dir %{_sysconfdir}/containers/certs.d
@ -149,19 +125,11 @@ EOF
%dir %{_sysconfdir}/containers/oci
%dir %{_sysconfdir}/containers/oci/hooks.d
%dir %{_sysconfdir}/containers/registries.conf.d
%dir %{_sysconfdir}/containers/systemd
%dir %{_datadir}/containers/systemd
%if !0%{?rhel} || 0%{?centos}
%{_sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
%{_sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta
%endif
%config(noreplace) %{_sysconfdir}/containers/policy.json
%config(noreplace) %{_sysconfdir}/containers/storage.conf
%config(noreplace) %{_sysconfdir}/containers/registries.conf
%config(noreplace) %{_sysconfdir}/containers/registries.conf.d/*.conf
%config(noreplace) %{_sysconfdir}/containers/registries.d/default.yaml
%config(noreplace) %{_sysconfdir}/containers/registries.d/registry.redhat.io.yaml
%config(noreplace) %{_sysconfdir}/containers/registries.d/registry.access.redhat.com.yaml
%ghost %{_sysconfdir}/containers/containers.conf
%dir %{_sharedstatedir}/containers/sigstore
%{_mandir}/man5/*
@ -185,6 +153,9 @@ EOF
- regenerate shortnames from Pyxis and update vendored components
- Related: Jira:RHEL-2112
* Fri Apr 09 2024 Sergey Cherevko <s.cherevko@msvsphere-os.ru> - 2:1-61.inferit
- Rebuilt for MSVSphere 9.4-beta
* Thu Feb 08 2024 Jindrich Novy <jnovy@redhat.com> - 2:1-61
- update vendored components
- Related: Jira:RHEL-2112
@ -225,6 +196,9 @@ EOF
- update vendored components
- Related: #2176063
* Fri Apr 14 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 2:1-51
- Rebuilt for MSVSphere 9.2 beta
* Fri Mar 24 2023 Jindrich Novy <jnovy@redhat.com> - 2:1-51
- regenerate shortnames, vendored components + fix pyxis script
- Related: #2176063

Write Preview
Loading…
Cancel
Save