Packit: initial enablement

Signed-off-by: Lokesh Mandvekar <[email protected]>

Author: lsm5

.packit.yaml

@@ -0,0 +1,89 @@
+---
+# See the documentation for more information:
+# https://packit.dev/docs/configuration/
+
+upstream_tag_template: common/v{version}
+
+packages:
+  containers-common-fedora:
+    downstream_package_name: containers-common
+    pkg_tool: fedpkg
+    specfile_path: common/rpm/containers-common.spec
+  containers-common-centos:
+    downstream_package_name: containers-common
+    pkg_tool: centpkg
+    specfile_path: common/rpm/containers-common.spec
+  containers-common-eln:
+    downstream_package_name: containers-common
+    specfile_path: common/rpm/containers-common.spec
+
+jobs:
+  - job: copr_build
+    trigger: pull_request
+    packages: [containers-common-fedora]
+    notifications: &ephemeral_build_failure_notification
+      failure_comment:
+        message: "Packit jobs failed. @containers/packit-build please check."
+    enable_net: true
+    targets:
+      - fedora-all
+
+  - job: copr_build
+    trigger: pull_request
+    packages: [containers-common-eln]
+    notifications: *ephemeral_build_failure_notification
+    enable_net: true
+    targets:
+      fedora-eln:
+        # Need this to fetch go-md2man which is present in koji envs but not by
+        # default on copr envs. Also helps to avoid bundling go-md2man in
+        # c/common.
+        additional_repos:
+          - https://kojipkgs.fedoraproject.org/repos/eln-build/latest/x86_64/
+
+  - job: copr_build
+    trigger: pull_request
+    packages: [containers-common-centos]
+    notifications: *ephemeral_build_failure_notification
+    enable_net: true
+    targets:
+      - centos-stream-9
+      - centos-stream-10
+
+  # Run on commit to main branch
+  - job: copr_build
+    trigger: ignore
+    packages: [containers-common-fedora]
+    notifications:
+      failure_comment:
+        message: "podman-next COPR build failed. @containers/packit-build please check."
+    branch: main
+    owner: rhcontainerbot
+    project: podman-next
+    enable_net: true
+
+  - job: propose_downstream
+    trigger: release
+    packages: [containers-common-fedora]
+    dist_git_branches: &fedora_targets
+      - fedora-all
+
+  # Ignore CentOS Stream for now
+  - job: propose_downstream
+    trigger: ignore
+    packages: [containers-common-centos]
+    dist_git_branches:
+      - c10s
+      - c9s
+
+  # Fedora Koji build
+  - job: koji_build
+    trigger: commit
+    packages: [containers-common-fedora]
+    sidetag_group: podman-releases
+    # Dependencies are not rpm dependencies, but packages that should go in the
+    # same bodhi update
+    # Ref: https://packit.dev/docs/fedora-releases-guide/releasing-multiple-packages
+    dependents:
+      - podman
+    dist_git_branches: *fedora_targets

common/rpm/containers-common.spec

@@ -1,19 +1,5 @@
-# Below definitions are used to deliver config files from a particular branch
-# of c/image, c/storage  and c/shortnames vendored in all of Buildah, Podman and Skopeo.
-# These vendored components must have the same version. If it is not the case,
-# pick the oldest version on c/image, c/storage and c/shortnames vendored in
-# Buildah/Podman/Skopeo.
-
-# Packit will automatically update the image and storage versions on Fedora and
-# CentOS Stream dist-git PRs.
-%global image_branch main
-%global storage_branch main
-%global shortnames_branch main
-
 %global project containers
-%global repo common
-
-%global raw_github_url https://raw.githubusercontent.com/%{project}
+%global repo container-libs
 
 %if %{defined copr_username}
 %define copr_build 1
@@ -35,7 +21,7 @@ Epoch: 5
 %endif
 # DO NOT TOUCH the Version string!
 # The TRUE source of this specfile is:
-# https://github.com/containers/common/blob/main/rpm/containers-common.spec
+# https://github.com/containers/container-libs/blob/main/common/rpm/containers-common.spec
 # If that's what you're reading, Version must be 0, and will be updated by Packit for
 # copr and koji builds.
 # If you're reading this on dist-git, the version is automatically filled in by Packit.
@@ -57,25 +43,12 @@ Requires: (fuse-overlayfs if fedora-release-identity-server)
 Suggests: fuse-overlayfs
 %endif
 URL: https://github.com/%{project}/%{repo}
-Source0: %{url}/archive/v%{version_no_tilde}.tar.gz
-Source1: %{raw_github_url}/image/%{image_branch}/docs/containers-auth.json.5.md
-Source2: %{raw_github_url}/image/%{image_branch}/docs/containers-certs.d.5.md
-Source3: %{raw_github_url}/image/%{image_branch}/docs/containers-policy.json.5.md
-Source4: %{raw_github_url}/image/%{image_branch}/docs/containers-registries.conf.5.md
-Source5: %{raw_github_url}/image/%{image_branch}/docs/containers-registries.conf.d.5.md
-Source6: %{raw_github_url}/image/%{image_branch}/docs/containers-registries.d.5.md
-Source7: %{raw_github_url}/image/%{image_branch}/docs/containers-signature.5.md
-Source8: %{raw_github_url}/image/%{image_branch}/docs/containers-transports.5.md
-Source9: %{raw_github_url}/storage/%{storage_branch}/docs/containers-storage.conf.5.md
-Source10: %{raw_github_url}/shortnames/%{shortnames_branch}/shortnames.conf
-Source11: %{raw_github_url}/image/%{image_branch}/default.yaml
-Source12: %{raw_github_url}/image/%{image_branch}/default-policy.json
-Source13: %{raw_github_url}/image/%{image_branch}/registries.conf
-Source14: %{raw_github_url}/storage/%{storage_branch}/storage.conf
+Source0: %{url}/archive/refs/tags/common/v%{version}.tar.gz
+Source1: https://raw.githubusercontent.com/containers/shortnames/refs/heads/main/shortnames.conf
 # Fetch RPM-GPG-KEY-redhat-release from the authoritative source instead of storing
 # a copy in repo or dist-git. Depending on distribution-gpg-keys rpm is also
 # not an option because that package doesn't exist on CentOS Stream.
-Source15: https://access.redhat.com/security/data/fd431d51.txt
+Source2: https://access.redhat.com/security/data/fd431d51.txt
 
 %description
 This package contains common configuration files and documentation for container
@@ -109,34 +82,16 @@ This subpackage will handle dependencies common to Podman and Buildah which are
 not required by Skopeo.
 
 %prep
-%autosetup -Sgit -n %{repo}-%{version_no_tilde}
-
-# Copy manpages to docs subdir in builddir to build before installing.
-cp %{SOURCE1} docs/.
-cp %{SOURCE2} docs/.
-cp %{SOURCE3} docs/.
-cp %{SOURCE4} docs/.
-cp %{SOURCE5} docs/.
-cp %{SOURCE6} docs/.
-cp %{SOURCE7} docs/.
-cp %{SOURCE8} docs/.
-cp %{SOURCE9} docs/.
-
-# Copy config files to builddir to patch them before installing.
-# Currently, only registries.conf and storage.conf files are patched before
-# installing.
-cp %{SOURCE10} shortnames.conf
-cp %{SOURCE13} registries.conf
-cp %{SOURCE14} storage.conf
+%autosetup -Sgit -n %{repo}-common-v%{version}
 
 # Fine-grain distro- and release-specific tuning of config files,
 # e.g., seccomp, composefs, registries on different RHEL/Fedora versions
-bash rpm/update-config-files.sh
+bash common/rpm/update-config-files.sh
 
 %build
 mkdir -p man5
-for i in docs/*.5.md; do
-    go-md2man -in $i -out man5/$(basename $i .md)
+for i in common/docs/*.5.md image/docs/*.5.md storage/docs/*.5.md; do
+   go-md2man -in $i -out man5/$(basename $i .md)
 done
 
 %install
@@ -150,32 +105,31 @@ touch %{buildroot}%{_prefix}/lib/containers/storage/overlay-images/images.lock
 install -dp -m 700 %{buildroot}%{_prefix}/lib/containers/storage/overlay-layers
 touch %{buildroot}%{_prefix}/lib/containers/storage/overlay-layers/layers.lock
 
-install -Dp -m0644 shortnames.conf %{buildroot}%{_sysconfdir}/containers/registries.conf.d/000-shortnames.conf
-install -Dp -m0644 %{SOURCE11} %{buildroot}%{_sysconfdir}/containers/registries.d/default.yaml
-install -Dp -m0644 %{SOURCE12} %{buildroot}%{_sysconfdir}/containers/policy.json
-install -Dp -m0644 registries.conf %{buildroot}%{_sysconfdir}/containers/registries.conf
-install -Dp -m0644 storage.conf %{buildroot}%{_datadir}/containers/storage.conf
+install -Dp -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/registries.conf.d/000-shortnames.conf
+install -Dp -m0644 image/default.yaml %{buildroot}%{_sysconfdir}/containers/registries.d/default.yaml
+install -Dp -m0644 image/default-policy.json %{buildroot}%{_sysconfdir}/containers/policy.json
+install -Dp -m0644 image/registries.conf %{buildroot}%{_sysconfdir}/containers/registries.conf
+install -Dp -m0644 storage/storage.conf %{buildroot}%{_datadir}/containers/storage.conf
 
 # RPM-GPG-KEY-redhat-release already exists on rhel envs, install only on
 # fedora and centos
 %if %{defined fedora} || %{defined centos}
-install -Dp -m0644 %{SOURCE15} %{buildroot}%{_sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
+install -Dp -m0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
 %endif
 
-install -Dp -m0644 contrib/redhat/registry.access.redhat.com.yaml -t %{buildroot}%{_sysconfdir}/containers/registries.d
-install -Dp -m0644 contrib/redhat/registry.redhat.io.yaml -t %{buildroot}%{_sysconfdir}/containers/registries.d
+install -Dp -m0644 common/contrib/redhat/registry.access.redhat.com.yaml -t %{buildroot}%{_sysconfdir}/containers/registries.d
+install -Dp -m0644 common/contrib/redhat/registry.redhat.io.yaml -t %{buildroot}%{_sysconfdir}/containers/registries.d
 
 # install manpages
-install -dp %{buildroot}%{_mandir}/man5
 for i in man5/*.5; do
-   install -Dp -m0644 $i -t %{buildroot}%{_mandir}/man5
+    install -Dp -m0644 $i -t %{buildroot}%{_mandir}/man5
 done
 ln -s containerignore.5 %{buildroot}%{_mandir}/man5/.containerignore.5
 
 # install config files for mounts, containers and seccomp
-install -m0644 pkg/subscriptions/mounts.conf %{buildroot}%{_datadir}/containers/mounts.conf
-install -m0644 pkg/seccomp/seccomp.json %{buildroot}%{_datadir}/containers/seccomp.json
-install -m0644 pkg/config/containers.conf %{buildroot}%{_datadir}/containers/containers.conf
+install -m0644 common/pkg/subscriptions/mounts.conf %{buildroot}%{_datadir}/containers/mounts.conf
+install -m0644 common/pkg/seccomp/seccomp.json %{buildroot}%{_datadir}/containers/seccomp.json
+install -m0644 common/pkg/config/containers.conf %{buildroot}%{_datadir}/containers/containers.conf
 
 # install secrets patch directory
 install -d -p -m 755 %{buildroot}/%{_datadir}/rhel/secrets

common/rpm/update-config-files.sh

@@ -5,45 +5,45 @@
 set -exo pipefail
 
 ensure() {
-  if [[ ! -f $1 ]]; then
-      echo "File not found:" $1
+  if [[ ! -f "$1" ]]; then
+      echo "File not found:" "$1"
       exit 1
   fi
-  if grep ^$2[[:blank:]].*= $1 > /dev/null
+  if grep "^$2[[:blank:]].*=" "$1" > /dev/null
   then
-    sed -i "s;^$2[[:blank:]]=.*;$2 = $3;" $1
+    sed -i "s;^$2[[:blank:]]=.*;$2 = $3;" "$1"
   else
-    if grep ^\#.*$2[[:blank:]].*= $1 > /dev/null
+    if grep "^\#.*$2[[:blank:]].*=" "$1" > /dev/null
     then
       sed -i "/^#.*$2[[:blank:]].*=/a \
-$2 = $3" $1
+$2 = $3" "$1"
     else
-      echo "$2 = $3" >> $1
+      echo "$2 = $3" >> "$1"
     fi
   fi
 }
 
 # Common options enabled across all fedora, centos, rhel
 # TBD: Can these be enabled by default upstream?
-ensure registries.conf              short-name-mode     \"enforcing\"
+ensure image/registries.conf              short-name-mode     \"enforcing\"
 
-ensure storage.conf                 driver              \"overlay\"
-ensure storage.conf                 mountopt            \"nodev,metacopy=on\"
+ensure storage/storage.conf               driver              \"overlay\"
+ensure storage/storage.conf               mountopt            \"nodev,metacopy=on\"
 
-ensure pkg/config/containers.conf   runtime             \"crun\"
-ensure pkg/config/containers.conf   log_driver          \"journald\"
+ensure common/pkg/config/containers.conf  runtime             \"crun\"
+ensure common/pkg/config/containers.conf  log_driver          \"journald\"
 
 FEDORA=$(rpm --eval '%{?fedora}')
 RHEL=$(rpm --eval '%{?rhel}')
 
 # Set search registries
 if [[ -n "$FEDORA" ]]; then
-    ensure registries.conf unqualified-search-registries [\"registry.fedoraproject.org\",\ \"registry.access.redhat.com\",\ \"docker.io\"]
+    ensure image/registries.conf unqualified-search-registries [\"registry.fedoraproject.org\",\ \"registry.access.redhat.com\",\ \"docker.io\"]
 else
-    ensure registries.conf unqualified-search-registries [\"registry.access.redhat.com\",\ \"registry.redhat.io\",\ \"docker.io\"]
+    ensure image/registries.conf unqualified-search-registries [\"registry.access.redhat.com\",\ \"registry.redhat.io\",\ \"docker.io\"]
 fi
 
 # Set these on all Fedora and RHEL 10+
 if [[ -n "$FEDORA" ]] || [[ "$RHEL" -ge 10 ]]; then
-    sed -i -e '/^additionalimagestores\ =\ \[/a "\/usr\/lib\/containers\/storage",' storage.conf
+    sed -i -e '/^additionalimagestores\ =\ \[/a "\/usr\/lib\/containers\/storage",' storage/storage.conf
 fi