diff --git a/aardvark-dns.yaml b/aardvark-dns.yaml new file mode 100644 index 00000000000..f554e14911b --- /dev/null +++ b/aardvark-dns.yaml @@ -0,0 +1,38 @@ +# Generated from https://git.alpinelinux.org/aports/plain/community/aardvark-dns/APKBUILD +package: + name: aardvark-dns + version: 1.10.0 + epoch: 0 + description: Authoritative DNS server for A/AAAA container records + copyright: + - license: Apache-2.0 + +environment: + contents: + packages: + - build-base + - busybox + - rust + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/containers/aardvark-dns + tag: v${{package.version}} + expected-commit: 875c717352be058864d107c6cb07e820904aca0d + + - runs: | + cargo fetch --target="${{host.triplet.gnu}}" --locked + cargo build --release --frozen + + install -Dm755 target/release/aardvark-dns \ + -t ${{targets.destdir}}/usr/libexec/podman/ + + - uses: strip + +update: + enabled: true + github: + identifier: containers/aardvark-dns + use-tag: true + strip-prefix: v diff --git a/catatonit.yaml b/catatonit.yaml new file mode 100644 index 00000000000..d3a6ddbbe25 --- /dev/null +++ b/catatonit.yaml @@ -0,0 +1,44 @@ +# Generated from https://git.alpinelinux.org/aports/plain/community/catatonit/APKBUILD +package: + name: catatonit + version: 0.2.0 + epoch: 0 + description: Container init that is so simple it's effectively brain-dead + copyright: + - license: GPL-2.0-or-later + +environment: + contents: + packages: + - autoconf + - automake + - build-base + - busybox + - libtool + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/openSUSE/catatonit + tag: v${{package.version}} + expected-commit: 7f0c9bb45d3490c3e7f579833c9b0689f78c8923 + + - runs: autoreconf -fi + + - uses: autoconf/configure + + - uses: autoconf/make + + - uses: autoconf/make-install + + - runs: | + install -d ${{targets.destdir}}/usr/libexec/podman + ln -s /usr/bin/${{package.name}} ${{targets.destdir}}/usr/libexec/podman/${{package.name}} + + - uses: strip + +update: + enabled: true + github: + identifier: openSUSE/catatonit + use-tag: true diff --git a/conmon.yaml b/conmon.yaml new file mode 100644 index 00000000000..bdac1656c37 --- /dev/null +++ b/conmon.yaml @@ -0,0 +1,49 @@ +# Generated from https://git.alpinelinux.org/aports/plain/community/conmon/APKBUILD +package: + name: conmon + version: 2.1.10 + epoch: 0 + description: OCI container runtime monitor + copyright: + - license: Apache-2.0 + +environment: + contents: + packages: + - automake + - bash + - build-base + - busybox + - glib-dev + - go + - go-md2man + - libseccomp-dev + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/containers/conmon + tag: v${{package.version}} + expected-commit: 2dcd736e46ded79a53339462bc251694b150f870 + + # fix location of go-md2man + - runs: sed -E "s/(GOMD2MAN =).*/\1 go-md2man/" -i docs/Makefile + + - uses: autoconf/make + + - runs: make PREFIX=/usr DESTDIR="${{targets.destdir}}" install + + - uses: strip + +subpackages: + - name: conmon-doc + pipeline: + - uses: split/manpages + description: conmon manpages + +update: + enabled: true + github: + identifier: containers/conmon + use-tag: true + strip-prefix: v diff --git a/containers-common.yaml b/containers-common.yaml new file mode 100644 index 00000000000..9d5677aef82 --- /dev/null +++ b/containers-common.yaml @@ -0,0 +1,98 @@ +# Generated from https://git.alpinelinux.org/aports/plain/community/containers-common/APKBUILD +package: + name: containers-common + version: 0.57.4 + epoch: 0 + description: Configuration files for container tools + copyright: + - license: Apache-2.0 + +environment: + contents: + packages: + - build-base + - busybox + - git + - go-md2man + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/containers/common + tag: v${{package.version}} + expected-commit: 215e898615b7de5f789be60784b8303f2ab6de3d + + - name: Setup containers-common + runs: | + install -d ${{targets.destdir}}/etc/containers/certs.d + install -d ${{targets.destdir}}/etc/containers/oci/hooks.d + install -d ${{targets.destdir}}/var/lib/containers/sigstore + + install -Dm644 pkg/config/containers.conf ${{targets.destdir}}/etc/containers/containers.conf + install -Dm644 pkg/config/containers.conf ${{targets.destdir}}/usr/share/containers/containers.conf + install -Dm644 pkg/seccomp/seccomp.json ${{targets.destdir}}/etc/containers/seccomp.json + install -Dm644 pkg/seccomp/seccomp.json ${{targets.destdir}}/usr/share/containers/seccomp.json + + make -C docs + make -C docs PREFIX=/usr DESTDIR="${{targets.destdir}}" install + + - name: Install configuration for containers-image + runs: | + git clone --depth=1 https://github.com/containers/image image + cd ~/image + + # set unqualified-search-registries + sed -E 's/# (unqualified-search-registries =).*/\1 ["docker.io"]/' -i ./registries.conf + install -d ${{targets.destdir}}/etc/containers + install -Dm644 registries.conf ${{targets.destdir}}/etc/containers/registries.conf + + make docs + make DESTDIR="${{targets.destdir}}" install + + - name: Install configuration for containers-storage + runs: | + git clone --depth=1 https://github.com/containers/storage storage + cd ~/storage + + # fix go-md2man path in containers-storage + sed -E 's/(GOMD2MAN =).*/\1 go-md2man/' -i ./docs/Makefile + + # set default storage driver + sed -E 's/(driver =) ""/\1 "overlay"/' -i ./storage.conf + + install -d ${{targets.destdir}}/etc/containers + install -d ${{targets.destdir}}/usr/share/containers + install -Dm644 storage.conf ${{targets.destdir}}/etc/containers/storage.conf + install -Dm644 storage.conf ${{targets.destdir}}/usr/share/containers/storage.conf + + make -C docs + make -C docs DESTDIR="${{targets.destdir}}" install + + - name: Install configuration for containers-shortnames + runs: | + git clone https://github.com/containers/shortnames + cd ~/shortnames + install -Dm644 shortnames.conf ${{targets.destdir}}/etc/containers/registries.conf.d/00-shortnames.conf + + - name: Install configuration for skopeo + runs: | + git clone https://github.com/containers/skopeo + cd ~/skopeo + + install -Dm644 default-policy.json "$pkgdir"/etc/containers/policy.json + install -Dm644 default.yaml "$pkgdir"/etc/containers/registries.d/default.yaml + + - uses: strip + +subpackages: + - name: containers-common-doc + pipeline: + - uses: split/manpages + description: Man pages for container tools + +update: + enabled: true + github: + identifier: containers/common + use-tag: true + strip-prefix: v diff --git a/netavark.yaml b/netavark.yaml new file mode 100644 index 00000000000..05379d386ae --- /dev/null +++ b/netavark.yaml @@ -0,0 +1,50 @@ +# Generated from https://git.alpinelinux.org/aports/plain/community/netavark/APKBUILD +package: + name: netavark + version: 1.10.3 + epoch: 0 + description: Container network stack + copyright: + - license: Apache-2.0 + +environment: + contents: + packages: + - build-base + - busybox + - go-md2man + - protoc + - rust + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/containers/netavark + tag: v${{package.version}} + expected-commit: d9f9fdc116ea3ed72a6eb4e59da33bf5d7c60b38 + + - runs: | + cargo fetch --target="${{host.triplet.gnu}}" --locked + cargo build --release --frozen --bin netavark + + go-md2man -in docs/netavark.1.md -out docs/netavark.1 + + install -Dm755 target/release/netavark \ + -t ${{targets.destdir}}/usr/libexec/podman/ + install -Dm644 docs/netavark.1 \ + -t ${{targets.destdir}}/usr/share/man/man1/ + + - uses: strip + +subpackages: + - name: netavark-doc + pipeline: + - uses: split/manpages + description: netavark manpages + +update: + enabled: true + github: + identifier: containers/netavark + use-tag: true + strip-prefix: v diff --git a/podman.yaml b/podman.yaml new file mode 100644 index 00000000000..f7f65e6a855 --- /dev/null +++ b/podman.yaml @@ -0,0 +1,145 @@ +# Generated from https://git.alpinelinux.org/aports/plain/community/podman/APKBUILD +package: + name: podman + version: 4.9.3 + epoch: 0 + description: Simple management tool for pods, containers and images + copyright: + - license: Apache-2.0 + +environment: + contents: + packages: + - aardvark-dns + - bash + - btrfs-progs-dev + - build-base + - busybox + - catatonit + - conmon + - crun + - containers-common + - gettext + - go + - go-md2man + - gpgme-dev + - grep + - iptables + - libassuan-dev + - libgpg-error-dev + - libseccomp-dev + - man-db + - netavark + - python3 + - shadow-subids + - slirp4netns + - sqlite-dev + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/containers/podman + tag: v${{package.version}} + expected-commit: 8d2b55ddde1bc81f43d018dfc1ac027c06b26a7f + + - uses: patch + with: + patches: no-quadlet.patch + + - runs: | + # https://github.com/mattn/go-sqlite3/issues/1164 + export CGO_CFLAGS="$CFLAGS -D_LARGEFILE64_SOURCE" + + export BUILDTAGS="exclude_graphdriver_devicemapper seccomp apparmor libsqlite3" + + make -j1 podman podman-remote rootlessport docs \ + PREFIX=/usr \ + GOMD2MAN="$(which go-md2man)" + + make install.bin install.remote install.man install.completions \ + PREFIX=/usr DESTDIR="${{targets.destdir}}" + + install -Dm755 ${{package.name}}.initd ${{targets.destdir}}/etc/init.d/${{package.name}} + install -Dm644 ${{package.name}}.confd ${{targets.destdir}}/etc/conf.d/${{package.name}} + + # remove systemd files + rm -r ${{targets.destdir}}/usr/lib/tmpfiles.d + + - uses: strip + +subpackages: + - name: podman-doc + pipeline: + - uses: split/manpages + description: podman manpages + + - name: podman-openrc + pipeline: + - runs: | + mkdir -p ${{targets.subpkgdir}}/etc/conf.d + mkdir -p ${{targets.subpkgdir}}/etc/init.d + mv ${{targets.destdir}}/etc/conf.d/podman ${{targets.subpkgdir}}/etc/conf.d/ + mv ${{targets.destdir}}/etc/init.d/podman ${{targets.subpkgdir}}/etc/init.d/ + description: OpenRC init files for Podman + + - name: podman-bash-completion + pipeline: + - runs: | + mkdir -p ${{targets.subpkgdir}}/usr/share/bash-completion + mv ${{targets.destdir}}/usr/share/bash-completion ${{targets.subpkgdir}}/usr/share/ + description: bash completion for Podman + + - name: podman-fish-completion + pipeline: + - runs: | + mkdir -p ${{targets.subpkgdir}}/usr/share/fish + mv ${{targets.destdir}}/usr/share/fish ${{targets.subpkgdir}}/usr/share/ + description: fish completion for Podman + + - name: podman-zsh-completion + pipeline: + - runs: | + mkdir -p ${{targets.subpkgdir}}/usr/share/zsh + mv ${{targets.destdir}}/usr/share/zsh ${{targets.subpkgdir}}/usr/share/ + description: Zsh completion for Podman + + - name: podman-remote + pipeline: + - runs: | + mkdir -p ${{targets.subpkgdir}}/usr/bin + mv ${{targets.destdir}}/usr/bin/podman-remote ${{targets.subpkgdir}}/usr/bin/ + description: Remote CLI for Podman + + - name: podman-docker + pipeline: + - runs: | + install -d ${{targets.subpkgdir}}/usr/bin + make PREFIX=/usr DESTDIR="${{targets.subpkgdir}}" install.docker + + # Move man pages + rm -rf ${{targets.subpkgdir}}/usr/share + + # Remove systemd files + rm -rf ${{targets.subpkgdir}}/usr/lib + - uses: strip + description: Emulate Docker CLI using Podman + + - name: podman-docker-doc + pipeline: + - runs: | + # make target install.docker nor docker-docs are of any use, + # so lets create the symlinks manually: + cd docs/build/man + + mkdir -p ${{targets.subpkgdir}}/usr/share/man/man1 + for i in podman*.1; do + ln -s $i.gz ${{targets.subpkgdir}}/usr/share/man/man1/${i/podman/docker}.gz + done + description: Emulate Docker CLI using Podman (documentation) + +update: + enabled: true + github: + identifier: containers/podman + use-tag: true + strip-prefix: v diff --git a/podman/no-quadlet.patch b/podman/no-quadlet.patch new file mode 100644 index 00000000000..be942d498a9 --- /dev/null +++ b/podman/no-quadlet.patch @@ -0,0 +1,25 @@ +diff --git a/Makefile b/Makefile +index 8e701c3..e20799b 100644 +--- a/Makefile ++++ b/Makefile +@@ -219,7 +219,7 @@ binaries: podman podman-remote ## Build podman and podman-remote binaries + else ifneq (, $(findstring $(GOOS),darwin windows)) + binaries: podman-remote ## Build podman-remote (client) only binaries + else +-binaries: podman podman-remote podmansh rootlessport quadlet ## Build podman, podman-remote and rootlessport binaries quadlet ++binaries: podman podman-remote podmansh rootlessport ## Build podman, podman-remote and rootlessport binaries quadlet + endif + + # Extract text following double-# for targets, as their description for +@@ -829,11 +829,8 @@ install.bin: + ifneq ($(shell uname -s),FreeBSD) + install ${SELINUXOPT} -m 755 bin/rootlessport $(DESTDIR)$(LIBEXECPODMAN)/rootlessport + test -z "${SELINUXOPT}" || chcon --verbose --reference=$(DESTDIR)$(LIBEXECPODMAN)/rootlessport bin/rootlessport +- install ${SELINUXOPT} -m 755 bin/quadlet $(DESTDIR)$(LIBEXECPODMAN)/quadlet + install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(SYSTEMDGENERATORSDIR) +- ln -sfr $(DESTDIR)$(LIBEXECPODMAN)/quadlet $(DESTDIR)$(SYSTEMDGENERATORSDIR)/podman-system-generator + install ${SELINUXOPT} -d -m 755 $(DESTDIR)$(USERSYSTEMDGENERATORSDIR) +- ln -sfr $(DESTDIR)$(LIBEXECPODMAN)/quadlet $(DESTDIR)$(USERSYSTEMDGENERATORSDIR)/podman-user-generator + install ${SELINUXOPT} -m 755 -d ${DESTDIR}${TMPFILESDIR} + install ${SELINUXOPT} -m 644 contrib/tmpfile/podman.conf ${DESTDIR}${TMPFILESDIR}/podman.conf + endif diff --git a/podman/podman.confd b/podman/podman.confd new file mode 100644 index 00000000000..5d75790cfa8 --- /dev/null +++ b/podman/podman.confd @@ -0,0 +1,12 @@ +# Configuration for /etc/init.d/podman + +# See podman-system-service(1) for service description +# and available options. +#podman_opts="--time 0" + +# API endpoint in URI form. Leave empty to use defaults. +#podman_uri="" + +# Setting root user will start rootful service. +# Use any other user for rootless mode. +#podman_user="root" diff --git a/podman/podman.initd b/podman/podman.initd new file mode 100644 index 00000000000..76586631023 --- /dev/null +++ b/podman/podman.initd @@ -0,0 +1,37 @@ +#!/sbin/openrc-run +supervisor=supervise-daemon + +name="Podman API service" +description="Listening service that answers API calls for Podman" + +command=/usr/bin/podman +command_args="system service ${podman_opts:=--time 0} $podman_uri" +command_user="${podman_user:=root}" + +extra_commands="start_containers" +description_start_containers="Start containers with restart policy set to always" + +depend() { + need sysfs cgroups +} + +start_containers() { + ebegin "Starting containers with restart policy set to always" + su "$podman_user" -s /bin/sh -c "$command start --all --filter restart-policy=always" + eend $? +} + +start_pre() { + if [ "$podman_user" = "root" ]; then + einfo "Configured as rootful service" + checkpath -d -m 0755 /run/podman + else + einfo "Configured as rootless service" + modprobe tun + modprobe fuse + fi +} + +start_post() { + start_containers +} diff --git a/skopeo.yaml b/skopeo.yaml index f59aeab1317..95261b5ca22 100644 --- a/skopeo.yaml +++ b/skopeo.yaml @@ -34,6 +34,15 @@ pipeline: - uses: strip +subpackages: + - name: skopeo-common + pipeline: + - runs: | + mkdir -p ${{targets.subpkgdir}}/etc/containers/registries.d + install -Dm644 default-policy.json ${{targets.subpkgdir}}/etc/containers/policy.json + install -Dm644 default.yaml ${{targets.subpkgdir}}/etc/containers/registries.d/default.yaml + description: Skopeo configuration files for container tools + update: enabled: true release-monitor: