Browse code
update docker to 17.09
Change-Id: I911c0cc19be1e45ebf06022d9493415f58375345
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/5043
Tested-by: michellew <michellew@vmware.com>
Reviewed-by: Anish Swaminathan <anishs@vmware.com>
Bo Gan authored on 2018/04/20 19:01:41Showing 1 changed files
| ... | ... |
@@ -1,32 +1,20 @@ |
| 1 |
+%global security_hardening nopie |
|
| 1 | 2 |
%define debug_package %{nil}
|
| 2 | 3 |
%define __os_install_post %{nil}
|
| 3 | 4 |
Summary: Docker |
| 4 | 5 |
Name: docker |
| 5 |
-Version: 17.06.0 |
|
| 6 |
-Release: 3%{?dist}
|
|
| 6 |
+Version: 17.09.1 |
|
| 7 |
+Release: 1%{?dist}
|
|
| 7 | 8 |
License: ASL 2.0 |
| 8 | 9 |
URL: http://docs.docker.com |
| 9 | 10 |
Group: Applications/File |
| 10 | 11 |
Vendor: VMware, Inc. |
| 11 | 12 |
Distribution: Photon |
| 12 |
-#Git commits must be in sync with docker/hack/dockerfile/binaries-commits |
|
| 13 |
-Source0: https://github.com/docker/moby/archive/docker-ce-02c1d87.tar.gz |
|
| 14 |
-%define sha1 docker-ce=40deab51330b39d16abc23831063a6123ff0a570 |
|
| 15 |
-Source1: https://github.com/docker/containerd/tree/containerd-cfb82a8.tar.gz |
|
| 16 |
-%define sha1 containerd=2adb56ddd2d89af5c6ab649de93c34d421b62649 |
|
| 17 |
-Source2: https://github.com/docker/runc/tree/runc-2d41c04.tar.gz |
|
| 18 |
-%define sha1 runc=41cd104b168cef29032c268e0d6de1bad5dadc25 |
|
| 19 |
-Source3: https://github.com/docker/libnetwork/tree/libnetwork-7b2b1fe.tar.gz |
|
| 20 |
-%define sha1 libnetwork=0afeb8c802998344753fb933f827427da23975f8 |
|
| 21 |
-#Source4: https://github.com/docker/cli/tree/cli-3dfb834.tar.gz |
|
| 22 |
-#%define sha1 cli=9dd33ca7d8e554fe875138000c6767167228e125 |
|
| 23 |
-Source4: https://github.com/krallin/tini/tree/tini-949e6fa.tar.gz |
|
| 24 |
-%define sha1 tini=e1a0e72ff74e1486e0701dd52983014777a7d949 |
|
| 25 |
-Source5: https://github.com/cpuguy83/go-md2man/tree/go-md2man-a65d4d2.tar.gz |
|
| 26 |
-%define sha1 go-md2man=e3d0865c583150f7c76e385a8b4a3f2432ca8ad8 |
|
| 27 |
-Source6: default-disable.preset |
|
| 28 |
-Patch0: remove-firewalld.patch |
|
| 29 |
-Patch1: CVE-2017-14992.patch |
|
| 13 |
+Source0: https://github.com/docker/docker-ce/archive/docker-%{version}-ce.tar.gz
|
|
| 14 |
+%define sha1 docker=fa734169d40ae8017f9ec2708fbbbc2734c58475 |
|
| 15 |
+%define DOCKER_GITCOMMIT 19e2cf6259bd7f027a3fff180876a22945ce4ba8 |
|
| 16 |
+Source99: default-disable.preset |
|
| 17 |
+Patch99: remove-firewalld.patch |
|
| 30 | 18 |
|
| 31 | 19 |
BuildRequires: systemd |
| 32 | 20 |
BuildRequires: device-mapper-devel |
| ... | ... |
@@ -50,7 +38,7 @@ Requires: systemd |
| 50 | 50 |
Requires: device-mapper-libs |
| 51 | 51 |
|
| 52 | 52 |
%description |
| 53 |
-Docker is a platform for developers and sysadmins to develop, ship and run applications. |
|
| 53 |
+Docker is an open source project to build, ship and run any application as a lightweight container. |
|
| 54 | 54 |
|
| 55 | 55 |
%package doc |
| 56 | 56 |
Summary: Documentation and vimfiles for docker |
| ... | ... |
@@ -61,72 +49,51 @@ Documentation and vimfiles for docker |
| 61 | 61 |
|
| 62 | 62 |
%prep |
| 63 | 63 |
%setup -q -c |
| 64 |
-%setup -T -D -a 1 |
|
| 65 |
-%setup -T -D -a 2 |
|
| 66 |
-%setup -T -D -a 3 |
|
| 67 |
-%setup -T -D -a 4 |
|
| 68 |
-%setup -T -D -a 5 |
|
| 69 | 64 |
|
| 70 |
-ln -s docker-ce/components/cli cli |
|
| 71 |
-ln -s docker-ce/components/engine engine |
|
| 72 |
-ln -s docker-ce/components/packaging packaging |
|
| 73 |
- |
|
| 74 |
-%patch0 -p2 |
|
| 75 |
-%patch1 -p2 |
|
| 65 |
+%patch99 -p1 |
|
| 76 | 66 |
|
| 77 | 67 |
mkdir -p /go/src/github.com |
| 78 | 68 |
cd /go/src/github.com |
| 79 | 69 |
mkdir opencontainers |
| 80 |
-mkdir containerd |
|
| 81 |
-mkdir cpuguy83 |
|
| 82 | 70 |
mkdir docker |
| 83 | 71 |
|
| 84 |
-ln -snrf "$OLDPWD/containerd" containerd/ |
|
| 85 |
-ln -snrf "$OLDPWD/engine" docker/docker |
|
| 86 |
-ln -snrf "$OLDPWD/runc" opencontainers/ |
|
| 87 |
-ln -snrf "$OLDPWD/go-md2man" cpuguy83/ |
|
| 88 |
-ln -snrf "$OLDPWD/libnetwork" docker/ |
|
| 89 |
-ln -snrf "$OLDPWD/cli" docker/ |
|
| 90 |
- |
|
| 91 |
-ln -snrf "$OLDPWD/tini" /go/ |
|
| 92 |
- |
|
| 93 |
-sed -i '/^\s*git clone.*$/d' docker/docker/hack/dockerfile/install-binaries.sh |
|
| 94 |
- |
|
| 95 |
-#catch git clone |
|
| 96 |
-git config --global http.proxy http://localhost:0 |
|
| 72 |
+ln -snrf "$OLDPWD/components/engine" docker/docker |
|
| 73 |
+ln -snrf "$OLDPWD/components/cli" docker/cli |
|
| 97 | 74 |
|
| 98 | 75 |
%build |
| 99 |
- |
|
| 100 | 76 |
export GOPATH="/go" |
| 101 | 77 |
export PATH="$PATH:$GOPATH/bin" |
| 102 | 78 |
|
| 103 |
-export DOCKER_BUILDTAGS="pkcs11 seccomp exclude_graphdriver_aufs" |
|
| 104 |
-export RUNC_BUILDTAGS="seccomp" |
|
| 79 |
+GIT_COMMIT=%{DOCKER_GITCOMMIT}
|
|
| 80 |
+GIT_COMMIT_SHORT=${GIT_COMMIT:0:7}
|
|
| 105 | 81 |
|
| 106 |
-cd /go/src/github.com |
|
| 82 |
+cd "$GOPATH/src/github.com/docker" |
|
| 107 | 83 |
|
| 108 |
-pushd docker/cli |
|
| 109 |
-make VERSION="$(cat VERSION)" dynbinary manpages |
|
| 84 |
+pushd cli |
|
| 85 |
+DISABLE_WARN_OUTSIDE_CONTAINER=1 make VERSION=%{version} GITCOMMIT=${GIT_COMMIT_SHORT} dynbinary manpages
|
|
| 110 | 86 |
popd |
| 111 | 87 |
|
| 112 |
-pushd docker/docker |
|
| 113 |
-TMP_GOPATH="$GOPATH" ./hack/dockerfile/install-binaries.sh runc-dynamic containerd-dynamic proxy-dynamic tini |
|
| 114 |
-DOCKER_GITCOMMIT="$(git rev-parse --short HEAD)" ./hack/make.sh dynbinary |
|
| 88 |
+pushd docker |
|
| 89 |
+for component in runc-dynamic containerd-dynamic proxy-dynamic tini; do |
|
| 90 |
+ RUNC_BUILDTAGS="seccomp" \ |
|
| 91 |
+ hack/dockerfile/install-binaries.sh $component |
|
| 92 |
+done |
|
| 93 |
+DOCKER_BUILDTAGS="pkcs11 seccomp exclude_graphdriver_aufs" \ |
|
| 94 |
+VERSION=%{version} DOCKER_GITCOMMIT=${GIT_COMMIT_SHORT} hack/make.sh dynbinary
|
|
| 115 | 95 |
popd |
| 116 | 96 |
|
| 117 | 97 |
%install |
| 118 |
- |
|
| 119 | 98 |
install -d -m755 %{buildroot}%{_mandir}/man1
|
| 120 | 99 |
install -d -m755 %{buildroot}%{_mandir}/man5
|
| 121 | 100 |
install -d -m755 %{buildroot}%{_mandir}/man8
|
| 122 | 101 |
install -d -m755 %{buildroot}%{_bindir}
|
| 123 | 102 |
install -d -m755 %{buildroot}%{_unitdir}
|
| 124 |
-install -d -m755 %{buildroot}lib/udev/rules.d
|
|
| 103 |
+install -d -m755 %{buildroot}/lib/udev/rules.d
|
|
| 125 | 104 |
install -d -m755 %{buildroot}%{_datadir}/bash-completion/completions
|
| 126 | 105 |
|
| 127 | 106 |
# install binary |
| 128 |
-install -p -m 755 cli/build/docker %{buildroot}%{_bindir}/docker
|
|
| 129 |
-install -p -m 755 "$(readlink -f engine/bundles/latest/dynbinary-daemon/dockerd)" %{buildroot}%{_bindir}/dockerd
|
|
| 107 |
+install -p -m 755 "$(readlink -f components/cli/build/docker)" %{buildroot}%{_bindir}/docker
|
|
| 108 |
+install -p -m 755 "$(readlink -f components/engine/bundles/latest/dynbinary-daemon/dockerd)" %{buildroot}%{_bindir}/dockerd
|
|
| 130 | 109 |
|
| 131 | 110 |
# install proxy |
| 132 | 111 |
install -p -m 755 /usr/local/bin/docker-proxy %{buildroot}%{_bindir}/docker-proxy
|
| ... | ... |
@@ -143,36 +110,36 @@ install -p -m 755 /usr/local/bin/docker-runc %{buildroot}%{_bindir}/docker-runc
|
| 143 | 143 |
install -p -m 755 /usr/local/bin/docker-init %{buildroot}%{_bindir}/docker-init
|
| 144 | 144 |
|
| 145 | 145 |
# install udev rules |
| 146 |
-install -p -m 644 engine/contrib/udev/80-docker.rules %{buildroot}lib/udev/rules.d/80-docker.rules
|
|
| 146 |
+install -p -m 644 components/engine/contrib/udev/80-docker.rules %{buildroot}/lib/udev/rules.d/80-docker.rules
|
|
| 147 | 147 |
|
| 148 | 148 |
# add init scripts |
| 149 |
-install -p -m 644 packaging/rpm/systemd/docker.service %{buildroot}%{_unitdir}/docker.service
|
|
| 149 |
+install -p -m 644 components/packaging/rpm/systemd/docker.service %{buildroot}%{_unitdir}/docker.service
|
|
| 150 | 150 |
|
| 151 |
-# add bash, zsh, and fish completions |
|
| 152 |
-install -p -m 644 engine/contrib/completion/bash/docker %{buildroot}%{_datadir}/bash-completion/completions/docker
|
|
| 151 |
+# add bash completions |
|
| 152 |
+install -p -m 644 components/cli/contrib/completion/bash/docker %{buildroot}%{_datadir}/bash-completion/completions/docker
|
|
| 153 | 153 |
|
| 154 | 154 |
# install manpages |
| 155 |
-install -p -m 644 cli/man/man1/*.1 %{buildroot}%{_mandir}/man1
|
|
| 156 |
-install -p -m 644 cli/man/man5/*.5 %{buildroot}%{_mandir}/man5
|
|
| 157 |
-install -p -m 644 cli/man/man8/*.8 %{buildroot}%{_mandir}/man8
|
|
| 155 |
+install -p -m 644 components/cli/man/man1/*.1 %{buildroot}%{_mandir}/man1
|
|
| 156 |
+install -p -m 644 components/cli/man/man5/*.5 %{buildroot}%{_mandir}/man5
|
|
| 157 |
+install -p -m 644 components/cli/man/man8/*.8 %{buildroot}%{_mandir}/man8
|
|
| 158 | 158 |
|
| 159 | 159 |
# add vimfiles |
| 160 | 160 |
install -d -m 755 %{buildroot}%{_datadir}/vim/vimfiles/doc
|
| 161 | 161 |
install -d -m 755 %{buildroot}%{_datadir}/vim/vimfiles/ftdetect
|
| 162 | 162 |
install -d -m 755 %{buildroot}%{_datadir}/vim/vimfiles/syntax
|
| 163 |
-install -p -m 644 engine/contrib/syntax/vim/doc/dockerfile.txt %{buildroot}%{_datadir}/vim/vimfiles/doc/dockerfile.txt
|
|
| 164 |
-install -p -m 644 engine/contrib/syntax/vim/ftdetect/dockerfile.vim %{buildroot}%{_datadir}/vim/vimfiles/ftdetect/dockerfile.vim
|
|
| 165 |
-install -p -m 644 engine/contrib/syntax/vim/syntax/dockerfile.vim %{buildroot}%{_datadir}/vim/vimfiles/syntax/dockerfile.vim
|
|
| 163 |
+install -p -m 644 components/engine/contrib/syntax/vim/doc/dockerfile.txt %{buildroot}%{_datadir}/vim/vimfiles/doc/dockerfile.txt
|
|
| 164 |
+install -p -m 644 components/engine/contrib/syntax/vim/ftdetect/dockerfile.vim %{buildroot}%{_datadir}/vim/vimfiles/ftdetect/dockerfile.vim
|
|
| 165 |
+install -p -m 644 components/engine/contrib/syntax/vim/syntax/dockerfile.vim %{buildroot}%{_datadir}/vim/vimfiles/syntax/dockerfile.vim
|
|
| 166 | 166 |
|
| 167 | 167 |
mkdir -p build-docs |
| 168 | 168 |
for engine_file in AUTHORS CHANGELOG.md CONTRIBUTING.md LICENSE MAINTAINERS NOTICE README.md; do |
| 169 |
- cp "engine/$engine_file" "build-docs/engine-$engine_file" |
|
| 169 |
+ cp "components/engine/$engine_file" "build-docs/engine-$engine_file" |
|
| 170 | 170 |
done |
| 171 | 171 |
for cli_file in LICENSE MAINTAINERS NOTICE README.md; do |
| 172 |
- cp "cli/$cli_file" "build-docs/cli-$cli_file" |
|
| 172 |
+ cp "components/cli/$cli_file" "build-docs/cli-$cli_file" |
|
| 173 | 173 |
done |
| 174 | 174 |
|
| 175 |
-install -v -D -m 0644 %{SOURCE6} %{buildroot}%{_presetdir}/50-docker.preset
|
|
| 175 |
+install -v -D -m 0644 %{SOURCE99} %{buildroot}%{_presetdir}/50-docker.preset
|
|
| 176 | 176 |
|
| 177 | 177 |
%preun |
| 178 | 178 |
%systemd_preun docker.service |
| ... | ... |
@@ -206,6 +173,7 @@ rm -rf %{buildroot}/*
|
| 206 | 206 |
%{_bindir}/docker-runc
|
| 207 | 207 |
%{_bindir}/docker-init
|
| 208 | 208 |
%{_datadir}/bash-completion/completions/docker
|
| 209 |
+/lib/udev/rules.d/80-docker.rules |
|
| 209 | 210 |
|
| 210 | 211 |
%files doc |
| 211 | 212 |
%defattr(-,root,root) |
| ... | ... |
@@ -220,6 +188,8 @@ rm -rf %{buildroot}/*
|
| 220 | 220 |
%{_datadir}/vim/vimfiles/syntax/dockerfile.vim
|
| 221 | 221 |
|
| 222 | 222 |
%changelog |
| 223 |
+* Mon Apr 09 2018 Bo Gan <ganb@vmware.com> 17.09.1-1 |
|
| 224 |
+- Update to 17.09.1-ce |
|
| 223 | 225 |
* Mon Jan 15 2018 Bo Gan <ganb@vmware.com> 17.06.0-3 |
| 224 | 226 |
- disable docker service by default |
| 225 | 227 |
- Fix post scriptlet to invoke systemd_post |