Github messages for voidlinux
 help / color / mirror / Atom feed
* [PR PATCH] Enable seccomp for podman and buildah
@ 2023-07-18  1:26 CameronNemo
  2023-07-18 18:14 ` Duncaen
                   ` (9 more replies)
  0 siblings, 10 replies; 11+ messages in thread
From: CameronNemo @ 2023-07-18  1:26 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 1372 bytes --]

There is a new pull request by CameronNemo against master on the void-packages repository

https://github.com/CameronNemo/void-packages containers-seccomp
https://github.com/void-linux/void-packages/pull/45097

Enable seccomp for podman and buildah
- New package: containers.common-0.55.2
- buildah: update to 1.31.0, enable seccomp
- podman: update to 4.5.1, enable seccomp

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes
- I tested the changes in this PR: **YES**

<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->
<!--
#### Local build testing
- I built this PR locally for my native architecture, (ARCH-LIBC)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
  - aarch64-musl
  - armv7l
  - armv6l-musl
-->


A patch file from https://github.com/void-linux/void-packages/pull/45097.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-containers-seccomp-45097.patch --]
[-- Type: text/x-diff, Size: 4662 bytes --]

From c39ea8b7c5d3c34dddf1b56b59d32097c8268835 Mon Sep 17 00:00:00 2001
From: Cameron Nemo <cam@nohom.org>
Date: Mon, 17 Jul 2023 18:21:15 -0700
Subject: [PATCH 1/3] New package: containers.common-0.55.2

---
 srcpkgs/containers.common/template | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 srcpkgs/containers.common/template

diff --git a/srcpkgs/containers.common/template b/srcpkgs/containers.common/template
new file mode 100644
index 000000000000..46e5fe613cec
--- /dev/null
+++ b/srcpkgs/containers.common/template
@@ -0,0 +1,20 @@
+# Template file for 'containers.common'
+pkgname=containers.common
+version=0.55.2
+revision=1
+hostmakedepends="go-md2man"
+short_desc="Docs and configs shared by podman, buildah, and skopeo"
+maintainer="Cameron Nemo <cam@nohom.org>"
+license="Apache-2.0"
+homepage="https://github.com/containers/common"
+distfiles="https://github.com/containers/common/archive/v${version}.tar.gz"
+checksum=997529c8aed1b6b71ff732d0cb75e67560222012402a3715ccab765b92ce0479
+
+do_build() {
+	DESTDIR=$DESTDIR make -C docs
+}
+
+do_install() {
+	DESTDIR=$DESTDIR make -C docs PREFIX=/usr install
+	vinstall pkg/seccomp/seccomp.json 0644 usr/share/containers
+}

From b8b6c9a2db37cf181220cf782bb1e6b38c0988b0 Mon Sep 17 00:00:00 2001
From: Cameron Nemo <cam@nohom.org>
Date: Mon, 17 Jul 2023 18:21:29 -0700
Subject: [PATCH 2/3] buildah: update to 1.31.0, enable seccomp

Depend on the containers.common package that provides the seccomp
profile shared with podman.
---
 srcpkgs/buildah/template | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/srcpkgs/buildah/template b/srcpkgs/buildah/template
index 59e63fd6cb7d..13729498b636 100644
--- a/srcpkgs/buildah/template
+++ b/srcpkgs/buildah/template
@@ -1,7 +1,7 @@
 # Template file for 'buildah'
 pkgname=buildah
-version=1.28.2
-revision=2
+version=1.31.0
+revision=1
 build_style=go
 go_import_path=github.com/containers/buildah
 go_package="${go_import_path}/cmd/buildah"
@@ -9,14 +9,14 @@ go_build_tags=containers_image_ostree_stub
 hostmakedepends="pkg-config go-md2man"
 makedepends="libostree-devel libbtrfs-devel device-mapper-devel gpgme-devel
  libassuan-devel libseccomp-devel"
-depends="runc containers.image containers.storage"
+depends="runc containers.image containers.storage containers.common"
 short_desc="Dockerfile compatible OCI image building tool"
 maintainer="Cameron Nemo <cam@nohom.org>"
 license="Apache-2.0"
 homepage="https://github.com/containers/buildah"
 changelog="https://github.com/containers/buildah/blob/master/CHANGELOG.md"
 distfiles="https://github.com/containers/buildah/archive/refs/tags/v${version}.tar.gz"
-checksum=2dc5b1686473f972fbfa15637ecd1a9e2aeefd057c86dd097d1f19e2a6959411
+checksum=c119921e8e4b2d7fd7e1041dfbcfdfac0882e3dea4f7dabdc5175f9bbc70d868
 
 post_build() {
 	make -C docs GOMD2MAN=go-md2man

From fe6826c93eb5adc839095bbb0ef2ce82cb41626d Mon Sep 17 00:00:00 2001
From: Cameron Nemo <cam@nohom.org>
Date: Mon, 17 Jul 2023 18:22:17 -0700
Subject: [PATCH 3/3] podman: update to 4.5.1, enable seccomp

Depend on the containers.common package that provides the seccomp
profile shared with buildah.
---
 srcpkgs/podman/template | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/srcpkgs/podman/template b/srcpkgs/podman/template
index 40cfa779ea4a..97ce80b69da8 100644
--- a/srcpkgs/podman/template
+++ b/srcpkgs/podman/template
@@ -1,22 +1,22 @@
 # Template file for 'podman'
 pkgname=podman
-version=4.4.4
-revision=2
+version=4.5.1
+revision=1
 build_style=go
 go_import_path="github.com/containers/podman/v4"
 go_package="${go_import_path}/cmd/podman ${go_import_path}/cmd/rootlessport"
 go_build_tags="seccomp apparmor containers_image_ostree_stub"
 hostmakedepends="pkg-config go-md2man python3"
 makedepends="gpgme-devel libseccomp-devel device-mapper-devel libbtrfs-devel"
-depends="runc conmon cni-plugins slirp4netns containers.image containers.storage
- fuse-overlayfs"
+depends="runc conmon cni-plugins slirp4netns fuse-overlayfs
+ containers.common containers.image containers.storage"
 short_desc="Simple management tool for containers and images"
 maintainer="Cameron Nemo <cam@nohom.org>"
 license="Apache-2.0"
 homepage="https://podman.io/"
 changelog="https://raw.githubusercontent.com/containers/podman/main/RELEASE_NOTES.md"
 distfiles="https://github.com/containers/podman/archive/v${version}.tar.gz"
-checksum=2dacfe7041b83e2cb05fda58bd1fbdae61348a427f5b9073b96b36154de894a1
+checksum=ee2c8b02b7fe301057f0382637b995a9c6c74e8d530692d6918e4c509ade6e39
 
 if [ "$CROSS_BUILD" ]; then
 	go_build_tags+=" containers_image_openpgp"

^ permalink raw reply	[flat|nested] 11+ messages in thread

end of thread, other threads:[~2023-07-24 20:58 UTC | newest]

Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-07-18  1:26 [PR PATCH] Enable seccomp for podman and buildah CameronNemo
2023-07-18 18:14 ` Duncaen
2023-07-18 18:14 ` Duncaen
2023-07-18 18:16 ` [PR REVIEW] " Duncaen
2023-07-18 18:16 ` Duncaen
2023-07-18 18:47 ` [PR PATCH] [Updated] " CameronNemo
2023-07-18 18:47 ` [PR REVIEW] " CameronNemo
2023-07-18 19:00 ` [PR PATCH] [Updated] " CameronNemo
2023-07-18 19:01 ` CameronNemo
2023-07-24  2:32 ` CameronNemo
2023-07-24 20:58 ` [PR PATCH] [Closed]: " Duncaen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).