diff options
Diffstat (limited to 'app-containers')
335 files changed, 16407 insertions, 0 deletions
diff --git a/app-containers/aardvark-dns/Manifest b/app-containers/aardvark-dns/Manifest new file mode 100644 index 000000000000..c205c4065d9a --- /dev/null +++ b/app-containers/aardvark-dns/Manifest @@ -0,0 +1,4 @@ +DIST aardvark-dns-1.10.0.crate 51028 BLAKE2B 81cdc4eb7eaff7359a1a12657b2bc42603383cf0f80a3a599ce9ce277e15ad83e9d5b36c3de3bef15b3201a1e60d86286ad61469d1d58ba2252b4c0174506ea2 SHA512 3d67f1b3c66aeaf4878c09e5e8fc34717cea6c348e0295bc0521c0c4144433656a3306731c24bb362a0e340e652b036b7544e544cca99b61590547bd7a6ce629 +DIST aardvark-dns-1.9.0.crate 50846 BLAKE2B bae46eae2ec2071b1a1a301f00dc3e3aac0b3a5f1247f1f5be4f2e4b1d9d906fc22c53e5d56967731fcf226a295e8b1d8868dcfae228b05674a5ddecb58a1455 SHA512 1f21b4c40567c0aff967d38ea224884d5c2cb4a85ddffe7bbc5badd237a1195943e4d76f3c65ceb0cab984aa0c2528d8486e78e1e53c5376792477a6a5f426e7 +DIST aardvark-dns-v1.10.0-vendor.tar.gz 6283889 BLAKE2B cb69144eabf876e418667782171273541bbc416b456193780b4d7f1d22ad03e18f06ec0d6b1e51e21eab912317bd61dd73266d717fa97a81b4314a3c7d14776a SHA512 68d0106b71f42ba789810020d62911d880debf90a35a086aabfd614403985025dc0c5934087a98943b53f6dfd8ede4add99465cec1ae9a098ff1de1082e1ef9c +DIST aardvark-dns-v1.9.0-vendor.tar.gz 8085548 BLAKE2B 487f69a9c34832d74783b66c565a7c2f67f101527e8a44c215f167e4ea80f069846b25decbb423972cd42cd9ee7717efc21c3d1b0885a7d87c0fbdb9cfb9d26f SHA512 f7174f1c4275991a6a2655046697f32511586f53fb343efa25f995cc07663091a634e8a82395840b022b6b3c8363863cdf8c9b6d4e38984fb841978eef0b1f22 diff --git a/app-containers/aardvark-dns/aardvark-dns-1.10.0.ebuild b/app-containers/aardvark-dns/aardvark-dns-1.10.0.ebuild new file mode 100644 index 000000000000..cdf0cb032c10 --- /dev/null +++ b/app-containers/aardvark-dns/aardvark-dns-1.10.0.ebuild @@ -0,0 +1,47 @@ +# Copyright 2023-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +[[ ${PV} == 9999* ]] || CRATES="${PN}@${PV}" +inherit cargo + +DESCRIPTION="A container-focused DNS server" +HOMEPAGE="https://github.com/containers/aardvark-dns" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/aardvark-dns.git" +else + SRC_URI="${CARGO_CRATE_URIS}" + SRC_URI+="https://github.com/containers/aardvark-dns/releases/download/v${PV}/${PN}-v${PV}-vendor.tar.gz" + KEYWORDS="~amd64 ~arm64 ~ppc64 ~riscv" +fi + +# main +LICENSE="Apache-2.0" +# deps +LICENSE+=" 0BSD Apache-2.0-with-LLVM-exceptions MIT Unlicense Unicode-DFS-2016 ZLIB" +SLOT="0" +QA_FLAGS_IGNORED="usr/libexec/podman/${PN}" +QA_PRESTRIPPED="usr/libexec/podman/${PN}" +ECARGO_VENDOR="${WORKDIR}/vendor" + +src_unpack() { + if [[ ${PV} == 9999* ]]; then + git-r3_src_unpack + cargo_live_src_unpack + else + cargo_src_unpack + fi +} + +src_prepare() { + default + sed -i -e "s|m0755 bin|m0755 target/$(usex debug debug release)|g;" Makefile || die +} + +src_install() { + export PREFIX="${EPREFIX}"/usr + default +} diff --git a/app-containers/aardvark-dns/aardvark-dns-1.9.0.ebuild b/app-containers/aardvark-dns/aardvark-dns-1.9.0.ebuild new file mode 100644 index 000000000000..e4edd4d987c7 --- /dev/null +++ b/app-containers/aardvark-dns/aardvark-dns-1.9.0.ebuild @@ -0,0 +1,47 @@ +# Copyright 2023-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +[[ ${PV} == 9999* ]] || CRATES="${PN}@${PV}" +inherit cargo + +DESCRIPTION="A container-focused DNS server" +HOMEPAGE="https://github.com/containers/aardvark-dns" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/aardvark-dns.git" +else + SRC_URI="${CARGO_CRATE_URIS}" + SRC_URI+="https://github.com/containers/aardvark-dns/releases/download/v${PV}/${PN}-v${PV}-vendor.tar.gz" + KEYWORDS="amd64 arm64 ~ppc64 ~riscv" +fi + +# main +LICENSE="Apache-2.0" +# deps +LICENSE+=" 0BSD Apache-2.0-with-LLVM-exceptions MIT Unlicense Unicode-DFS-2016 ZLIB" +SLOT="0" +QA_FLAGS_IGNORED="usr/libexec/podman/${PN}" +QA_PRESTRIPPED="usr/libexec/podman/${PN}" +ECARGO_VENDOR="${WORKDIR}/vendor" + +src_unpack() { + if [[ ${PV} == 9999* ]]; then + git-r3_src_unpack + cargo_live_src_unpack + else + cargo_src_unpack + fi +} + +src_prepare() { + default + sed -i -e "s|m0755 bin|m0755 target/$(usex debug debug release)|g;" Makefile || die +} + +src_install() { + export PREFIX="${EPREFIX}"/usr + default +} diff --git a/app-containers/aardvark-dns/aardvark-dns-9999.ebuild b/app-containers/aardvark-dns/aardvark-dns-9999.ebuild new file mode 100644 index 000000000000..cdf0cb032c10 --- /dev/null +++ b/app-containers/aardvark-dns/aardvark-dns-9999.ebuild @@ -0,0 +1,47 @@ +# Copyright 2023-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +[[ ${PV} == 9999* ]] || CRATES="${PN}@${PV}" +inherit cargo + +DESCRIPTION="A container-focused DNS server" +HOMEPAGE="https://github.com/containers/aardvark-dns" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/aardvark-dns.git" +else + SRC_URI="${CARGO_CRATE_URIS}" + SRC_URI+="https://github.com/containers/aardvark-dns/releases/download/v${PV}/${PN}-v${PV}-vendor.tar.gz" + KEYWORDS="~amd64 ~arm64 ~ppc64 ~riscv" +fi + +# main +LICENSE="Apache-2.0" +# deps +LICENSE+=" 0BSD Apache-2.0-with-LLVM-exceptions MIT Unlicense Unicode-DFS-2016 ZLIB" +SLOT="0" +QA_FLAGS_IGNORED="usr/libexec/podman/${PN}" +QA_PRESTRIPPED="usr/libexec/podman/${PN}" +ECARGO_VENDOR="${WORKDIR}/vendor" + +src_unpack() { + if [[ ${PV} == 9999* ]]; then + git-r3_src_unpack + cargo_live_src_unpack + else + cargo_src_unpack + fi +} + +src_prepare() { + default + sed -i -e "s|m0755 bin|m0755 target/$(usex debug debug release)|g;" Makefile || die +} + +src_install() { + export PREFIX="${EPREFIX}"/usr + default +} diff --git a/app-containers/aardvark-dns/metadata.xml b/app-containers/aardvark-dns/metadata.xml new file mode 100644 index 000000000000..5a843697929d --- /dev/null +++ b/app-containers/aardvark-dns/metadata.xml @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + <name>Zac Medico</name> + </maintainer> + <maintainer type="person" proxied="yes"> + <email>me@rahil.rocks</email> + <name>Rahil Bhimjiani</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <longdescription lang="en"> + Aardvark-dns is an authoritative dns server for A/AAAA container + records. It can forward other requests to configured resolvers. + </longdescription> + <upstream> + <remote-id type="github">containers/aardvark-dns</remote-id> + <bugs-to>https://github.com/containers/aardvark-dns/issues</bugs-to> + <doc>https://github.com/containers/aardvark-dns/blob/main/README.md</doc> + </upstream> +</pkgmetadata> diff --git a/app-containers/apptainer/Manifest b/app-containers/apptainer/Manifest new file mode 100644 index 000000000000..41d909813726 --- /dev/null +++ b/app-containers/apptainer/Manifest @@ -0,0 +1 @@ +DIST apptainer-1.3.0.tar.gz 17103544 BLAKE2B ed42b763a20b2b71cce6081b903697dc506073f91f9d928d49801165289d15c1416044af8fcedddcbd2a260c17a2e6488ed3d06b1edb4fb5f5ca5e9d14a14312 SHA512 a72afcac8e783f43732517314a94ffe039ab8f29027bcc398295fed97b123e6777039c016b6655a3cefbcba7e69832f62f3418b11e1bbd0452edc702ecaef69e diff --git a/app-containers/apptainer/apptainer-1.3.0.ebuild b/app-containers/apptainer/apptainer-1.3.0.ebuild new file mode 100644 index 000000000000..5f69289300ad --- /dev/null +++ b/app-containers/apptainer/apptainer-1.3.0.ebuild @@ -0,0 +1,92 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit linux-info toolchain-funcs + +DESCRIPTION="The container system for secure high-performance computing" +HOMEPAGE="https://apptainer.org/" +SRC_URI="https://github.com/apptainer/${PN}/releases/download/v${PV}/${P}.tar.gz" + +SLOT="0" +LICENSE="BSD" +KEYWORDS="amd64 ~riscv ~x86 ~amd64-linux ~x86-linux" +IUSE="examples +network suid systemd" + +# Do not complain about CFLAGS etc. since go projects do not use them. +QA_FLAGS_IGNORED='.*' + +DEPEND="app-crypt/gpgme + >=dev-lang/go-1.20.0 + dev-libs/openssl + sys-apps/util-linux + sys-fs/cryptsetup + sys-fs/squashfs-tools + sys-libs/libseccomp + !suid? ( + sys-fs/e2fsprogs[fuse] + sys-fs/squashfuse + )" +RDEPEND="${DEPEND} + !sys-cluster/singularity" +BDEPEND="virtual/pkgconfig" + +CONFIG_CHECK="~SQUASHFS" + +PATCHES=( + "${FILESDIR}"/${PN}-1.0.2-trim_upstream_cflags.patch +) + +DOCS=( README.md CONTRIBUTORS.md CONTRIBUTING.md ) + +src_configure() { + local myconfargs=( + -c "$(tc-getBUILD_CC)" \ + -x "$(tc-getBUILD_CXX)" \ + -C "$(tc-getCC)" \ + -X "$(tc-getCXX)" \ + --prefix="${EPREFIX}"/usr \ + --sysconfdir="${EPREFIX}"/etc \ + --runstatedir="${EPREFIX}"/run \ + --localstatedir="${EPREFIX}"/var \ + $(usex network "" "--without-network") \ + $(use_with suid) + ) + ./mconfig -v ${myconfargs[@]} || die "Error invoking mconfig" +} + +src_compile() { + emake -C builddir +} + +src_install() { + emake DESTDIR="${D}" -C builddir install + keepdir /var/${PN}/mnt/session + + if use systemd; then + sed -i -e '/systemd cgroups/ s/no/yes/' "${ED}"/etc/${PN}/${PN}.conf \ + || die "Failed to enable systemd use in configuration" + else + sed -i -e '/systemd cgroups/ s/yes/no/' "${ED}"/etc/${PN}/${PN}.conf \ + || die "Failed to disable systemd use in configuration" + fi + + einstalldocs + if use examples; then + dodoc -r examples + fi +} + +pkg_postinst() { + if ! use suid; then + local oldver + for oldver in ${REPLACING_VERSIONS}; do + if ver_test "${oldver}" -lt 1.1.0; then + ewarn "Since version 1.1.0 ${PN} no longer installs setuid-root components by default, relying on unprivileged user namespaces instead. For details, see https://apptainer.org/docs/admin/main/user_namespace.html" + ewarn "Make sure user namespaces (possibly except network ones for improved security) are enabled on your system, or re-enable installation of setuid root components by passing USE=suid to ${CATEGORY}/${PN}" + break + fi + done + fi +} diff --git a/app-containers/apptainer/files/apptainer-1.0.2-trim_upstream_cflags.patch b/app-containers/apptainer/files/apptainer-1.0.2-trim_upstream_cflags.patch new file mode 100644 index 000000000000..b1329b5d9d3e --- /dev/null +++ b/app-containers/apptainer/files/apptainer-1.0.2-trim_upstream_cflags.patch @@ -0,0 +1,24 @@ +--- a/mconfig ++++ b/mconfig +@@ -42,14 +42,14 @@ + + # user_cflags - user-defined CFLAGS without all the cflags_opts + user_cflags="$CFLAGS" +-cflags_opts="-Wall -Werror -Wfatal-errors -Wno-unknown-warning-option \ ++cflags_opts="-Wall -Wfatal-errors -Wno-unknown-warning-option \ + -Wstrict-prototypes -Wpointer-arith -Wbad-function-cast \ + -Woverlength-strings -Wframe-larger-than=2047 \ + -Wno-sign-compare -Wclobbered -Wempty-body -Wmissing-parameter-type \ + -Wtype-limits -Wunused-parameter -Wunused-but-set-parameter \ + -Wno-discarded-qualifiers -Wno-incompatible-pointer-types \ + -pipe -fmessage-length=0 -fPIC" +-cflags="$CFLAGS -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -fstack-protector --param ssp-buffer-size=4" ++cflags="$CFLAGS -Wformat -Wformat-security -fstack-protector --param ssp-buffer-size=4" + ldflags=$LDFLAGS + + package_name=apptainer +--- a/mlocal/frags/go_runtime_opts.mk ++++ b/mlocal/frags/go_runtime_opts.mk +@@ -1 +1 @@ +-CGO_CFLAGS += -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -fstack-protector --param ssp-buffer-size=4 ++CGO_CFLAGS += -O2 -Wformat -Wformat-security -fstack-protector --param ssp-buffer-size=4 diff --git a/app-containers/apptainer/metadata.xml b/app-containers/apptainer/metadata.xml new file mode 100644 index 000000000000..069f7e2cb731 --- /dev/null +++ b/app-containers/apptainer/metadata.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>marecki@gentoo.org</email> + <name>Marek Szuba</name> + </maintainer> + <use> + <flag name="network">Install network plug-ins</flag> + <flag name="suid">Install SUID helper binary</flag> + </use> + <upstream> + <remote-id type="github">apptainer/apptainer</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/buildah/Manifest b/app-containers/buildah/Manifest new file mode 100644 index 000000000000..7c70929c83d1 --- /dev/null +++ b/app-containers/buildah/Manifest @@ -0,0 +1,3 @@ +DIST buildah-1.33.7.tar.gz 18604354 BLAKE2B d2788096d8d6fd6cc528e8f33edc577778a2775a561ea3c4a983eb4a6fa1d5b570f6d8dc0f77e464d0c242add5d641e20afce83c9f5157021fbc82a009ea47c9 SHA512 1248ad1dcf0d10608674543caf4d78f5052db7932102226e23b73add5e129bd8c614672f3d06aa8052675dd83fa83ef2742ef08fe1a883037b41df8fde893ea1 +DIST buildah-1.34.3.tar.gz 18856476 BLAKE2B c91c995a2ff4be8b4e84a70c581a817cb2f1333b08ca297163d218f80d538905c41718cfc267c03173330234c3476344be44df799eaaac891395a22bc7a020b3 SHA512 26d5c48cb5b056a274c1a9c6820a6076337f625fc6dd6683000db871f3de9d37907bd962ced3400334bfc230718219cda2108e2e984be5f8c76ecfa4a2f1e1ac +DIST buildah-1.35.3.tar.gz 19372597 BLAKE2B 014bea80b3a8c4482bbe098a0c5293892cf9f4f0d4d74ecaba8f155e49fab326689b95b690b413d64f6b576c7269bdb9d0f446244b832afe311e909b3f96856d SHA512 ca325ce1a878eb9e9a6caedf236add16702d8dcd83f15a1995b8215998821218104ea8cb7a5d11fc354ee01d9805c339578975d35db859f1d53b08e0a2139fe3 diff --git a/app-containers/buildah/buildah-1.33.7.ebuild b/app-containers/buildah/buildah-1.33.7.ebuild new file mode 100644 index 000000000000..a24bd18a767c --- /dev/null +++ b/app-containers/buildah/buildah-1.33.7.ebuild @@ -0,0 +1,160 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module linux-info toolchain-funcs + +DESCRIPTION="A tool that facilitates building OCI images" +HOMEPAGE="https://github.com/containers/buildah" + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" + +SLOT="0" +IUSE="apparmor btrfs +seccomp systemd test" +RESTRICT="test" +DOCS=( + "CHANGELOG.md" + "troubleshooting.md" + "docs/tutorials" +) + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/buildah.git" +else + SRC_URI="https://github.com/containers/buildah/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="amd64 arm64" +fi + +RDEPEND=" + systemd? ( sys-apps/systemd ) + btrfs? ( sys-fs/btrfs-progs ) + seccomp? ( sys-libs/libseccomp:= ) + apparmor? ( sys-libs/libapparmor:= ) + app-containers/containers-common + app-crypt/gpgme:= + dev-libs/libgpg-error:= + dev-libs/libassuan:= + sys-apps/shadow:= +" +DEPEND="${RDEPEND}" +BDEPEND="dev-go/go-md2man" + +PATCHES=( + "${T}"/dont-call-as-directly-upstream-pr-5436.patch +) + +pkg_pretend() { + local CONFIG_CHECK="" + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + check_extra_config + + linux_config_exists || ewarn "Cannot determine configuration of your kernel." +} + +src_prepare() { + cat <<'EOF' > "${T}/dont-call-as-directly-upstream-pr-5436.patch" +--- a/Makefile ++++ b/Makefile +@@ -10,6 +10,8 @@ + BASHINSTALLDIR = $(PREFIX)/share/bash-completion/completions + BUILDFLAGS := -tags "$(BUILDTAGS)" + BUILDAH := buildah ++AS ?= as ++STRIP ?= strip + + GO := go + GO_LDFLAGS := $(shell if $(GO) version|grep -q gccgo; then echo "-gccgoflags"; else echo "-ldflags"; fi) +@@ -72,11 +74,11 @@ + bin/buildah: $(SOURCES) cmd/buildah/*.go internal/mkcw/embed/entrypoint.gz + $(GO_BUILD) $(BUILDAH_LDFLAGS) $(GO_GCFLAGS) "$(GOGCFLAGS)" -o $@ $(BUILDFLAGS) ./cmd/buildah + +-ifneq ($(shell as --version | grep x86_64),) ++ifneq ($(shell $(AS) --version | grep x86_64),) + internal/mkcw/embed/entrypoint: internal/mkcw/embed/entrypoint.s + $(AS) -o $(patsubst %.s,%.o,$^) $^ + $(LD) -o $@ $(patsubst %.s,%.o,$^) +- strip $@ ++ $(STRIP) $@ + else + .PHONY: internal/mkcw/embed/entrypoint + endif +EOF + + default + + # ensure all necessary files are there + local file + for file in docs/Makefile hack/libsubid_tag.sh hack/apparmor_tag.sh \ + hack/systemd_tag.sh btrfs_installed_tag.sh btrfs_tag.sh; do + [[ -f "${file}" ]] || die + done + + sed -i -e "s|/usr/local|/usr|g" Makefile docs/Makefile || die + echo -e '#!/usr/bin/env bash\necho libsubid' > hack/libsubid_tag.sh || die + + cat <<-EOF > hack/apparmor_tag.sh || die + #!/usr/bin/env bash + $(usex apparmor 'echo apparmor' echo) + EOF + + use seccomp || { + cat <<-'EOF' > "${T}/disable_seccomp.patch" + --- a/Makefile + +++ b/Makefile + @@ -5 +5 @@ + -SECURITYTAGS ?= seccomp $(APPARMORTAG) + +SECURITYTAGS ?= $(APPARMORTAG) + EOF + eapply "${T}/disable_seccomp.patch" || die + } + + cat <<-EOF > hack/systemd_tag.sh || die + #!/usr/bin/env bash + $(usex systemd 'echo systemd' echo) + EOF + + echo -e "#!/usr/bin/env bash\n echo" > btrfs_installed_tag.sh || die + cat <<-EOF > btrfs_tag.sh || die + #!/usr/bin/env bash + $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') + EOF + + use test || { + cat <<-'EOF' > "${T}/disable_tests.patch" + --- a/Makefile + +++ b/Makefile + @@ -54 +54 @@ + -all: bin/buildah bin/imgtype bin/copy bin/tutorial docs + +all: bin/buildah docs + @@ -123 +123 @@ + -docs: install.tools ## build the docs on the host + +docs: ## build the docs on the host + EOF + eapply "${T}/disable_tests.patch" || die + } + +} + +src_compile() { + # For non-live versions, prevent git operations which causes sandbox violations + # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 + [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" + + tc-export AS LD STRIP + export GOMD2MAN="$(command -v go-md2man)" + default +} + +src_test() { + emake test-unit +} + +src_install() { + emake DESTDIR="${ED}" install install.completions + einstalldocs +} diff --git a/app-containers/buildah/buildah-1.34.3.ebuild b/app-containers/buildah/buildah-1.34.3.ebuild new file mode 100644 index 000000000000..cc06bf2ff42d --- /dev/null +++ b/app-containers/buildah/buildah-1.34.3.ebuild @@ -0,0 +1,161 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module linux-info toolchain-funcs + +DESCRIPTION="A tool that facilitates building OCI images" +HOMEPAGE="https://github.com/containers/buildah" + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" + +SLOT="0" +IUSE="apparmor btrfs +seccomp systemd test" +RESTRICT="test" +DOCS=( + "CHANGELOG.md" + "troubleshooting.md" + "docs/tutorials" +) + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/buildah.git" +else + SRC_URI="https://github.com/containers/buildah/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="amd64 arm64" +fi + +RDEPEND=" + systemd? ( sys-apps/systemd ) + btrfs? ( sys-fs/btrfs-progs ) + seccomp? ( sys-libs/libseccomp:= ) + apparmor? ( sys-libs/libapparmor:= ) + app-containers/containers-common + app-crypt/gpgme:= + dev-libs/libgpg-error:= + dev-libs/libassuan:= + sys-apps/shadow:= +" +DEPEND="${RDEPEND}" +BDEPEND="dev-go/go-md2man" + +PATCHES=( + "${T}"/dont-call-as-directly-upstream-pr-5436.patch +) + +pkg_pretend() { + local CONFIG_CHECK="" + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + check_extra_config + + linux_config_exists || ewarn "Cannot determine configuration of your kernel." +} + +src_prepare() { + cat <<'EOF' > "${T}/dont-call-as-directly-upstream-pr-5436.patch" +--- a/Makefile ++++ b/Makefile +@@ -14,6 +14,8 @@ + BASHINSTALLDIR = $(PREFIX)/share/bash-completion/completions + BUILDFLAGS := -tags "$(BUILDTAGS)" + BUILDAH := buildah ++AS ?= as ++STRIP ?= strip + + GO := go + GO_LDFLAGS := $(shell if $(GO) version|grep -q gccgo; then echo "-gccgoflags"; else echo "-ldflags"; fi) +@@ -76,14 +78,14 @@ + bin/buildah: $(SOURCES) cmd/buildah/*.go internal/mkcw/embed/entrypoint_amd64.gz + $(GO_BUILD) $(BUILDAH_LDFLAGS) $(GO_GCFLAGS) "$(GOGCFLAGS)" -o $@ $(BUILDFLAGS) ./cmd/buildah + +-ifneq ($(shell as --version | grep x86_64),) ++ifneq ($(shell $(AS) --version | grep x86_64),) + internal/mkcw/embed/entrypoint_amd64.gz: internal/mkcw/embed/entrypoint_amd64 + gzip -k9nf $^ + + internal/mkcw/embed/entrypoint_amd64: internal/mkcw/embed/entrypoint_amd64.s + $(AS) -o $(patsubst %.s,%.o,$^) $^ + $(LD) -o $@ $(patsubst %.s,%.o,$^) +- strip $@ ++ $(STRIP) $@ + endif +EOF + + default + + # ensure all necessary files are there + local file + for file in docs/Makefile hack/libsubid_tag.sh hack/apparmor_tag.sh \ + hack/systemd_tag.sh btrfs_installed_tag.sh btrfs_tag.sh; do + [[ -f "${file}" ]] || die + done + + sed -i -e "s|/usr/local|/usr|g" Makefile docs/Makefile || die + echo -e '#!/usr/bin/env bash\necho libsubid' > hack/libsubid_tag.sh || die + + cat <<-EOF > hack/apparmor_tag.sh || die + #!/usr/bin/env bash + $(usex apparmor 'echo apparmor' echo) + EOF + + use seccomp || { + cat <<-'EOF' > "${T}/disable_seccomp.patch" + --- a/Makefile + +++ b/Makefile + @@ -5 +5 @@ + -SECURITYTAGS ?= seccomp $(APPARMORTAG) + +SECURITYTAGS ?= $(APPARMORTAG) + EOF + eapply "${T}/disable_seccomp.patch" || die + } + + cat <<-EOF > hack/systemd_tag.sh || die + #!/usr/bin/env bash + $(usex systemd 'echo systemd' echo) + EOF + + echo -e "#!/usr/bin/env bash\n echo" > btrfs_installed_tag.sh || die + cat <<-EOF > btrfs_tag.sh || die + #!/usr/bin/env bash + $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') + EOF + + use test || { + cat <<-'EOF' > "${T}/disable_tests.patch" + --- a/Makefile + +++ b/Makefile + @@ -54 +54 @@ + -all: bin/buildah bin/imgtype bin/copy bin/tutorial docs + +all: bin/buildah docs + @@ -123 +123 @@ + -docs: install.tools ## build the docs on the host + +docs: ## build the docs on the host + EOF + eapply "${T}/disable_tests.patch" || die + } + +} + +src_compile() { + # For non-live versions, prevent git operations which causes sandbox violations + # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 + [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" + + tc-export AS LD STRIP + export GOMD2MAN="$(command -v go-md2man)" + default +} + +src_test() { + emake test-unit +} + +src_install() { + emake DESTDIR="${ED}" install install.completions + einstalldocs +} diff --git a/app-containers/buildah/buildah-1.35.3.ebuild b/app-containers/buildah/buildah-1.35.3.ebuild new file mode 100644 index 000000000000..e1c7e23390e5 --- /dev/null +++ b/app-containers/buildah/buildah-1.35.3.ebuild @@ -0,0 +1,133 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module linux-info toolchain-funcs + +DESCRIPTION="A tool that facilitates building OCI images" +HOMEPAGE="https://github.com/containers/buildah" + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" + +SLOT="0" +IUSE="apparmor btrfs +seccomp systemd test" +RESTRICT="test" +DOCS=( + "CHANGELOG.md" + "troubleshooting.md" + "docs/tutorials" +) + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/buildah.git" +else + SRC_URI="https://github.com/containers/buildah/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~arm64" +fi + +RDEPEND=" + systemd? ( sys-apps/systemd ) + btrfs? ( sys-fs/btrfs-progs ) + seccomp? ( sys-libs/libseccomp:= ) + apparmor? ( sys-libs/libapparmor:= ) + >=app-containers/containers-common-0.58.0-r1 + app-crypt/gpgme:= + dev-libs/libgpg-error:= + dev-libs/libassuan:= + sys-apps/shadow:= +" +DEPEND="${RDEPEND}" +BDEPEND="dev-go/go-md2man" + +PATCHES=( + "${FILESDIR}"/dont-call-as-directly-upstream-pr-5436.patch + "${FILESDIR}"/softcode-strip-upstream-pr-5446.patch +) + +pkg_pretend() { + local CONFIG_CHECK="" + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + check_extra_config + + linux_config_exists || ewarn "Cannot determine configuration of your kernel." +} + +src_prepare() { + default + + # ensure all necessary files are there + local file + for file in docs/Makefile hack/libsubid_tag.sh hack/apparmor_tag.sh \ + hack/systemd_tag.sh btrfs_installed_tag.sh btrfs_tag.sh; do + [[ -f "${file}" ]] || die + done + + sed -i -e "s|/usr/local|/usr|g" Makefile docs/Makefile || die + echo -e '#!/usr/bin/env bash\necho libsubid' > hack/libsubid_tag.sh || die + + cat <<-EOF > hack/apparmor_tag.sh || die + #!/usr/bin/env bash + $(usex apparmor 'echo apparmor' echo) + EOF + + use seccomp || { + cat <<-'EOF' > "${T}/disable_seccomp.patch" + --- a/Makefile + +++ b/Makefile + @@ -5 +5 @@ + -SECURITYTAGS ?= seccomp $(APPARMORTAG) + +SECURITYTAGS ?= $(APPARMORTAG) + EOF + eapply "${T}/disable_seccomp.patch" || die + } + + cat <<-EOF > hack/systemd_tag.sh || die + #!/usr/bin/env bash + $(usex systemd 'echo systemd' echo) + EOF + + echo -e "#!/usr/bin/env bash\n echo" > btrfs_installed_tag.sh || die + cat <<-EOF > btrfs_tag.sh || die + #!/usr/bin/env bash + $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') + EOF + + use test || { + cat <<-'EOF' > "${T}/disable_tests.patch" + --- a/Makefile + +++ b/Makefile + @@ -54 +54 @@ + -all: bin/buildah bin/imgtype bin/copy bin/tutorial docs + +all: bin/buildah docs + @@ -123 +123 @@ + -docs: install.tools ## build the docs on the host + +docs: ## build the docs on the host + EOF + eapply "${T}/disable_tests.patch" || die + } + +} + +src_compile() { + # For non-live versions, prevent git operations which causes sandbox violations + # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 + [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" + + tc-export AS LD STRIP + export GOMD2MAN="$(command -v go-md2man)" + default +} + +src_test() { + emake test-unit +} + +src_install() { + emake DESTDIR="${ED}" install install.completions + einstalldocs +} diff --git a/app-containers/buildah/buildah-9999.ebuild b/app-containers/buildah/buildah-9999.ebuild new file mode 100644 index 000000000000..987715de5560 --- /dev/null +++ b/app-containers/buildah/buildah-9999.ebuild @@ -0,0 +1,132 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module linux-info toolchain-funcs + +DESCRIPTION="A tool that facilitates building OCI images" +HOMEPAGE="https://github.com/containers/buildah" + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" + +SLOT="0" +IUSE="apparmor btrfs +seccomp systemd test" +RESTRICT="test" +DOCS=( + "CHANGELOG.md" + "troubleshooting.md" + "docs/tutorials" +) + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/buildah.git" +else + SRC_URI="https://github.com/containers/buildah/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~arm64" +fi + +RDEPEND=" + systemd? ( sys-apps/systemd ) + btrfs? ( sys-fs/btrfs-progs ) + seccomp? ( sys-libs/libseccomp:= ) + apparmor? ( sys-libs/libapparmor:= ) + >=app-containers/containers-common-0.58.0-r1 + app-crypt/gpgme:= + dev-libs/libgpg-error:= + dev-libs/libassuan:= + sys-apps/shadow:= +" +DEPEND="${RDEPEND}" +BDEPEND="dev-go/go-md2man" + +PATCHES=( + "${FILESDIR}"/softcode-strip-upstream-pr-5446.patch +) + +pkg_pretend() { + local CONFIG_CHECK="" + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + check_extra_config + + linux_config_exists || ewarn "Cannot determine configuration of your kernel." +} + +src_prepare() { + default + + # ensure all necessary files are there + local file + for file in docs/Makefile hack/libsubid_tag.sh hack/apparmor_tag.sh \ + hack/systemd_tag.sh btrfs_installed_tag.sh btrfs_tag.sh; do + [[ -f "${file}" ]] || die + done + + sed -i -e "s|/usr/local|/usr|g" Makefile docs/Makefile || die + echo -e '#!/usr/bin/env bash\necho libsubid' > hack/libsubid_tag.sh || die + + cat <<-EOF > hack/apparmor_tag.sh || die + #!/usr/bin/env bash + $(usex apparmor 'echo apparmor' echo) + EOF + + use seccomp || { + cat <<-'EOF' > "${T}/disable_seccomp.patch" + --- a/Makefile + +++ b/Makefile + @@ -5 +5 @@ + -SECURITYTAGS ?= seccomp $(APPARMORTAG) + +SECURITYTAGS ?= $(APPARMORTAG) + EOF + eapply "${T}/disable_seccomp.patch" || die + } + + cat <<-EOF > hack/systemd_tag.sh || die + #!/usr/bin/env bash + $(usex systemd 'echo systemd' echo) + EOF + + echo -e "#!/usr/bin/env bash\n echo" > btrfs_installed_tag.sh || die + cat <<-EOF > btrfs_tag.sh || die + #!/usr/bin/env bash + $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') + EOF + + use test || { + cat <<-'EOF' > "${T}/disable_tests.patch" + --- a/Makefile + +++ b/Makefile + @@ -54 +54 @@ + -all: bin/buildah bin/imgtype bin/copy bin/tutorial docs + +all: bin/buildah docs + @@ -123 +123 @@ + -docs: install.tools ## build the docs on the host + +docs: ## build the docs on the host + EOF + eapply "${T}/disable_tests.patch" || die + } + +} + +src_compile() { + # For non-live versions, prevent git operations which causes sandbox violations + # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 + [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" + + tc-export AS LD STRIP + export GOMD2MAN="$(command -v go-md2man)" + default +} + +src_test() { + emake test-unit +} + +src_install() { + emake DESTDIR="${ED}" install install.completions + einstalldocs +} diff --git a/app-containers/buildah/files/dont-call-as-directly-upstream-pr-5436.patch b/app-containers/buildah/files/dont-call-as-directly-upstream-pr-5436.patch new file mode 100644 index 000000000000..0fc376b1d68b --- /dev/null +++ b/app-containers/buildah/files/dont-call-as-directly-upstream-pr-5436.patch @@ -0,0 +1,32 @@ +From c1b43b57bb20f8796002e1d6f93bbdbc02e28f20 Mon Sep 17 00:00:00 2001 +From: Rahil Bhimjiani <me@rahil.rocks> +Date: Wed, 27 Mar 2024 14:27:09 +0530 +Subject: [PATCH] Makefile - instead of calling `as` directly, use it from env + var + +Signed-off-by: Rahil Bhimjiani <me@rahil.rocks> +--- + Makefile | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/Makefile b/Makefile +index f1ab6b8bf4..7d27a41530 100644 +--- a/Makefile ++++ b/Makefile +@@ -16,6 +16,7 @@ BUILDFLAGS := -tags "$(BUILDTAGS)" + BUILDAH := buildah + SELINUXOPT ?= $(shell test -x /usr/sbin/selinuxenabled && selinuxenabled && echo -Z) + SELINUXTYPE=container_runtime_exec_t ++AS ?= as + + GO := go + GO_LDFLAGS := $(shell if $(GO) version|grep -q gccgo; then echo "-gccgoflags"; else echo "-ldflags"; fi) +@@ -79,7 +80,7 @@ bin/buildah: $(SOURCES) cmd/buildah/*.go internal/mkcw/embed/entrypoint_amd64.gz + $(GO_BUILD) $(BUILDAH_LDFLAGS) $(GO_GCFLAGS) "$(GOGCFLAGS)" -o $@ $(BUILDFLAGS) ./cmd/buildah + test -z "${SELINUXOPT}" || chcon --verbose -t $(SELINUXTYPE) $@ + +-ifneq ($(shell as --version | grep x86_64),) ++ifneq ($(shell $(AS) --version | grep x86_64),) + internal/mkcw/embed/entrypoint_amd64.gz: internal/mkcw/embed/entrypoint_amd64 + gzip -k9nf $^ + diff --git a/app-containers/buildah/files/softcode-strip-upstream-pr-5446.patch b/app-containers/buildah/files/softcode-strip-upstream-pr-5446.patch new file mode 100644 index 000000000000..0ca0a6602a7d --- /dev/null +++ b/app-containers/buildah/files/softcode-strip-upstream-pr-5446.patch @@ -0,0 +1,29 @@ +commit 2cd31a0698bea846366e8e153619a108484a1a2a +Author: Rahil Bhimjiani <me@rahil.rocks> +Date: Mon Apr 1 09:25:21 2024 +0530 + + Makefile: softcode `strip`, use it from env var + + Signed-off-by: Rahil Bhimjiani <me@rahil.rocks> + +diff --git a/Makefile b/Makefile +index 7d27a4153..3a955c85a 100644 +--- a/Makefile ++++ b/Makefile +@@ -17,6 +17,7 @@ BUILDAH := buildah + SELINUXOPT ?= $(shell test -x /usr/sbin/selinuxenabled && selinuxenabled && echo -Z) + SELINUXTYPE=container_runtime_exec_t + AS ?= as ++STRIP ?= strip + + GO := go + GO_LDFLAGS := $(shell if $(GO) version|grep -q gccgo; then echo "-gccgoflags"; else echo "-ldflags"; fi) +@@ -87,7 +88,7 @@ internal/mkcw/embed/entrypoint_amd64.gz: internal/mkcw/embed/entrypoint_amd64 + internal/mkcw/embed/entrypoint_amd64: internal/mkcw/embed/entrypoint_amd64.s + $(AS) -o $(patsubst %.s,%.o,$^) $^ + $(LD) -o $@ $(patsubst %.s,%.o,$^) +- strip $@ ++ $(STRIP) $@ + endif + + diff --git a/app-containers/buildah/metadata.xml b/app-containers/buildah/metadata.xml new file mode 100644 index 000000000000..93c7c7c12936 --- /dev/null +++ b/app-containers/buildah/metadata.xml @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + <name>Zac Medico</name> + </maintainer> + <maintainer type="person" proxied="yes"> + <email>me@rahil.rocks</email> + <name>Rahil Bhimjiani</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <upstream> + <remote-id type="github">containers/buildah</remote-id> + </upstream> + <use> + <flag name="btrfs"> + Enables dependencies for the "btrfs" graph driver, including + necessary kernel flags. + </flag> + </use> +</pkgmetadata> diff --git a/app-containers/cadvisor/Manifest b/app-containers/cadvisor/Manifest new file mode 100644 index 000000000000..cb18d0aa0fee --- /dev/null +++ b/app-containers/cadvisor/Manifest @@ -0,0 +1,2 @@ +DIST cadvisor-0.36.0-deps.tar.xz 149740960 BLAKE2B cff89f7661ed78addd1551b4353a93183c0fc317add01756a250429ad27a1b7c1c92fa6c1f0a129337204f89e85b1bfe16b1e17ff2ef7587f921ce1c9aaffdee SHA512 3e159c38fde84cb513bac3e2c3abce6ee1d4a60a2e77ba6a2c55e1abffde7df56c34b60e9b22379681d4d98575e4099f295735418bac8e960932183b9561c82a +DIST cadvisor-0.36.0.tar.gz 6182273 BLAKE2B 0406bd88c6595f23de06be1e63e7c0affda7f94a3bbbb1b9e390f2747fdd3ef3199622a5003b79ed083a0cd80e6c013d7776e18269044150dafb98341c54425b SHA512 2da8a2e81d33b97e6f7c5ba3982e51b6d87748b138345ff94eb7671df851f0a535ceeef61358b0ee43bc161a88becdb153065bd7ff8fc9d7c390a4629ad10f02 diff --git a/app-containers/cadvisor/cadvisor-0.36.0.ebuild b/app-containers/cadvisor/cadvisor-0.36.0.ebuild new file mode 100644 index 000000000000..f039eb3ee130 --- /dev/null +++ b/app-containers/cadvisor/cadvisor-0.36.0.ebuild @@ -0,0 +1,41 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit go-module +COMMIT=4fe450a23991beb6c61dc941c0f87f56021ad386 + +DESCRIPTION="Analyzes resource usage and performance characteristics of running containers" +HOMEPAGE="https://github.com/google/cadvisor" +SRC_URI="https://github.com/google/cadvisor/archive/v${PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0 BSD BSD-2 ISC MIT" +KEYWORDS="~amd64" +SLOT="0" + +COMMON_DEPEND="acct-group/cadvisor + acct-user/cadvisor" +DEPEND="${COMMON_DEPEND}" +RDEPEND="${COMMON_DEPEND}" + +src_prepare() { + default + sed -i -e "/go get/d" build/assets.sh || die + sed -i -e "s/git describe.*/echo ${PV} )/"\ + -e "s/git rev-parse --short HEAD.*/echo ${COMMIT} )/"\ + build/build.sh || die + sed -i -e "s/-short -race/-short/" Makefile || die +} + +src_compile() { + rm -fr vendor || die + GO_FLAGS="${GOFLAGS}" VERBOSE="true" emake build +} + +src_install() { + newinitd "${FILESDIR}"/${PN}.initd-r1 ${PN} + dobin ${PN} + keepdir /var/log/${PN} + fowners ${PN}:${PN} /var/log/${PN} +} diff --git a/app-containers/cadvisor/files/cadvisor.initd-r1 b/app-containers/cadvisor/files/cadvisor.initd-r1 new file mode 100644 index 000000000000..97a593dcd066 --- /dev/null +++ b/app-containers/cadvisor/files/cadvisor.initd-r1 @@ -0,0 +1,19 @@ +#!/sbin/openrc-run +# Copyright 2016-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +description="cAdvisor - Analyzes resource usage and performance characteristics of running containers" +pidfile=${pidfile:-"/run/${SVCNAME}.pid"} +user=${user:-${SVCNAME}} +group=${group:-${SVCNAME}} + +command="/usr/bin/cadvisor" +command_background="true" +start_stop_daemon_args="--user ${user} --group ${group} \ + --stdout /var/log/${SVCNAME}/${SVCNAME}.log \ + --stderr /var/log/${SVCNAME}/${SVCNAME}.log" + +depend() { + after net + use docker +} diff --git a/app-containers/cadvisor/metadata.xml b/app-containers/cadvisor/metadata.xml new file mode 100644 index 000000000000..3f736ba9d526 --- /dev/null +++ b/app-containers/cadvisor/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> + <upstream> + <remote-id type="github">google/cadvisor</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/catatonit/Manifest b/app-containers/catatonit/Manifest new file mode 100644 index 000000000000..2d8bb7fdb1a3 --- /dev/null +++ b/app-containers/catatonit/Manifest @@ -0,0 +1 @@ +DIST catatonit-0.2.0.tar.gz 16608 BLAKE2B 27b6ed1148aaef963140c42e2cb6a7a8c9c25f01eef62cf519c3b1c230c8f30838f5b9cb54bf0b37b1194084f3f0c750e20316738a330d6a01c830b71b45623c SHA512 115e72002e35bb2a03919f9422a9cb2d9a0e4f087862d4ffd20e9508af6d67efc359a577ec059574f2f6c98966a1f080b65dffc8dfb83b3c2ed48e63e2aeac3b diff --git a/app-containers/catatonit/catatonit-0.2.0.ebuild b/app-containers/catatonit/catatonit-0.2.0.ebuild new file mode 100644 index 000000000000..d456e8839984 --- /dev/null +++ b/app-containers/catatonit/catatonit-0.2.0.ebuild @@ -0,0 +1,31 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools + +DESCRIPTION="A container init that is so simple it's effectively brain-dead" +HOMEPAGE="https://github.com/openSUSE/catatonit" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/openSUSE/catatonit.git" +else + SRC_URI="https://github.com/openSUSE/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="amd64 arm64 ~ppc64 ~riscv" +fi + +LICENSE="GPL-2+" +SLOT="0" + +src_prepare() { + default + eautoreconf +} + +src_install() { + default + dodir /usr/libexec/podman + dosym -r /usr/bin/"${PN}" /usr/libexec/podman/"${PN}" +} diff --git a/app-containers/catatonit/catatonit-9999.ebuild b/app-containers/catatonit/catatonit-9999.ebuild new file mode 100644 index 000000000000..74469d9d4d19 --- /dev/null +++ b/app-containers/catatonit/catatonit-9999.ebuild @@ -0,0 +1,31 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools + +DESCRIPTION="A container init that is so simple it's effectively brain-dead" +HOMEPAGE="https://github.com/openSUSE/catatonit" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/openSUSE/catatonit.git" +else + SRC_URI="https://github.com/openSUSE/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~arm64 ~ppc64 ~riscv" +fi + +LICENSE="GPL-2+" +SLOT="0" + +src_prepare() { + default + eautoreconf +} + +src_install() { + default + dodir /usr/libexec/podman + dosym -r /usr/bin/"${PN}" /usr/libexec/podman/"${PN}" +} diff --git a/app-containers/catatonit/metadata.xml b/app-containers/catatonit/metadata.xml new file mode 100644 index 000000000000..45e2d07428b2 --- /dev/null +++ b/app-containers/catatonit/metadata.xml @@ -0,0 +1,20 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + </maintainer> + <maintainer type="person" proxied="yes"> + <email>me@rahil.rocks</email> + <name>Rahil Bhimjiani</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <upstream> + <remote-id type="github">openSUSE/catatonit</remote-id> + <bugs-to>https://github.com/openSUSE/catatonit/issues</bugs-to> + <doc>https://github.com/openSUSE/catatonit/blob/main/README.md</doc> + </upstream> +</pkgmetadata> diff --git a/app-containers/cni-plugins/Manifest b/app-containers/cni-plugins/Manifest new file mode 100644 index 000000000000..cfa9c06f5b3f --- /dev/null +++ b/app-containers/cni-plugins/Manifest @@ -0,0 +1,4 @@ +DIST cni-plugins-0.9.1.tar.gz 2703099 BLAKE2B 878f476e62f12020b39d33a79723fe246b34d80705d3a336573401743392adca9a57b196d6d191b4a6f281110f47ecbb1525aacd91cd488bea61c7aaed12a6ef SHA512 24e8fcedbff2ae7a83aa96085b546b164de6a0884d593e3b5386e9d2de3c4d9a215db9e9405332020cc45c371709a32b600e263e4f8dee62c51adafdc0180f24 +DIST cni-plugins-1.1.1.tar.gz 3076064 BLAKE2B 2fd70260995e423d2b4ac3a8d2135074baffe5d36177d5e1e5a9ce146f6d2ecfeb3b843de62e43f863085ff965be4160cf5f4cae892d3c59070ef390409ef3c9 SHA512 03da31caee5f9595abf65d4a551984b995bc18c5e97409549f08997c5a6a2b41a8950144f8a5b4f810cb401ddbe312232d2be76ec977acf8108eb490786b1817 +DIST cni-plugins-1.2.0.tar.gz 3365015 BLAKE2B 6b487a9c9b240c73510f2bc6aaa4a6c79055e43cacca8204781dbc65d231164fed9f3f68a2a0cead7a41a67bfc9d9e4480b488be26415d368da007559a721b25 SHA512 fb6fb4f46ac1610b3721f5f3a6ddfb096cbf2e5d5b792306edca5351a3944d2f802170d83e5adec01420395bf64fc8a174ede61ac9b93b5ac6b938a4b48651e6 +DIST cni-plugins-1.3.0.tar.gz 3684138 BLAKE2B c5599f1d8ac3bffb802877ae8c49024a9dea1940923316e534397a8dc7e467f6fe3ceef514a41522611a8f06c4f4ba0788105081e68a4712e2eefade33226c7b SHA512 87e186b3cd64f66280f5b2293dcdd1fc22cb8f51a248124fb622adc48a893348419ba4c29c4769dede4d9e60f2e9fea5d4198f10badb4ecd20a1551e0b344e10 diff --git a/app-containers/cni-plugins/cni-plugins-0.9.1.ebuild b/app-containers/cni-plugins/cni-plugins-0.9.1.ebuild new file mode 100644 index 000000000000..5d4529918862 --- /dev/null +++ b/app-containers/cni-plugins/cni-plugins-0.9.1.ebuild @@ -0,0 +1,32 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit go-module linux-info + +DESCRIPTION="Standard networking plugins for container networking" +HOMEPAGE="https://github.com/containernetworking/plugins" +SRC_URI="https://github.com/containernetworking/plugins/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="amd64 arm64 ~ppc64 ~riscv" +IUSE="hardened" + +CONFIG_CHECK="~BRIDGE_VLAN_FILTERING" +S="${WORKDIR}/plugins-${PV}" + +src_compile() { + CGO_LDFLAGS="$(usex hardened '-fno-PIC ' '')" ./build_linux.sh || die +} + +src_install() { + exeinto /opt/cni/bin + doexe bin/* + dodoc README.md + local i + for i in plugins/{meta/{bandwidth,firewall,flannel,portmap,sbr,tuning},main/{bridge,host-device,ipvlan,loopback,macvlan,ptp,vlan},ipam/{dhcp,host-local,static},sample}; do + newdoc README.md ${i##*/}.README.md + done + newinitd "${FILESDIR}"/cni-dhcp.initd cni-dhcp +} diff --git a/app-containers/cni-plugins/cni-plugins-1.1.1-r1.ebuild b/app-containers/cni-plugins/cni-plugins-1.1.1-r1.ebuild new file mode 100644 index 000000000000..2cd642a24d33 --- /dev/null +++ b/app-containers/cni-plugins/cni-plugins-1.1.1-r1.ebuild @@ -0,0 +1,37 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module linux-info systemd + +DESCRIPTION="Standard networking plugins for container networking" +HOMEPAGE="https://github.com/containernetworking/plugins" +SRC_URI="https://github.com/containernetworking/plugins/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm64 ~ppc64 ~riscv" +IUSE="hardened" + +RDEPEND="net-firewall/iptables" + +CONFIG_CHECK="~BRIDGE_VLAN_FILTERING ~NETFILTER_XT_MATCH_COMMENT + ~NETFILTER_XT_MATCH_MULTIPORT" + +S="${WORKDIR}/plugins-${PV}" + +src_compile() { + CGO_LDFLAGS="$(usex hardened '-fno-PIC ' '')" ./build_linux.sh || die +} + +src_install() { + exeinto /opt/cni/bin + doexe bin/* + dodoc README.md + local i + for i in plugins/{meta/{bandwidth,firewall,flannel,portmap,sbr,tuning},main/{bridge,host-device,ipvlan,loopback,macvlan,ptp,vlan},ipam/{dhcp,host-local,static},sample}; do + newdoc README.md ${i##*/}.README.md + done + systemd_dounit plugins/ipam/dhcp/systemd/cni-dhcp.{service,socket} + newinitd "${FILESDIR}"/cni-dhcp.initd cni-dhcp +} diff --git a/app-containers/cni-plugins/cni-plugins-1.1.1.ebuild b/app-containers/cni-plugins/cni-plugins-1.1.1.ebuild new file mode 100644 index 000000000000..963ca87f9d33 --- /dev/null +++ b/app-containers/cni-plugins/cni-plugins-1.1.1.ebuild @@ -0,0 +1,33 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module linux-info systemd + +DESCRIPTION="Standard networking plugins for container networking" +HOMEPAGE="https://github.com/containernetworking/plugins" +SRC_URI="https://github.com/containernetworking/plugins/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm64 ~ppc64 ~riscv" +IUSE="hardened" + +CONFIG_CHECK="~BRIDGE_VLAN_FILTERING" +S="${WORKDIR}/plugins-${PV}" + +src_compile() { + CGO_LDFLAGS="$(usex hardened '-fno-PIC ' '')" ./build_linux.sh || die +} + +src_install() { + exeinto /opt/cni/bin + doexe bin/* + dodoc README.md + local i + for i in plugins/{meta/{bandwidth,firewall,flannel,portmap,sbr,tuning},main/{bridge,host-device,ipvlan,loopback,macvlan,ptp,vlan},ipam/{dhcp,host-local,static},sample}; do + newdoc README.md ${i##*/}.README.md + done + systemd_dounit plugins/ipam/dhcp/systemd/cni-dhcp.{service,socket} + newinitd "${FILESDIR}"/cni-dhcp.initd cni-dhcp +} diff --git a/app-containers/cni-plugins/cni-plugins-1.2.0.ebuild b/app-containers/cni-plugins/cni-plugins-1.2.0.ebuild new file mode 100644 index 000000000000..93c3929f37d9 --- /dev/null +++ b/app-containers/cni-plugins/cni-plugins-1.2.0.ebuild @@ -0,0 +1,37 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module linux-info systemd + +DESCRIPTION="Standard networking plugins for container networking" +HOMEPAGE="https://github.com/containernetworking/plugins" +SRC_URI="https://github.com/containernetworking/plugins/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="amd64 arm64 ~ppc64 ~riscv" +IUSE="hardened" + +RDEPEND="net-firewall/iptables" + +CONFIG_CHECK="~BRIDGE_VLAN_FILTERING ~NETFILTER_XT_MATCH_COMMENT + ~NETFILTER_XT_MATCH_MULTIPORT" + +S="${WORKDIR}/plugins-${PV}" + +src_compile() { + CGO_LDFLAGS="$(usex hardened '-fno-PIC ' '')" ./build_linux.sh || die +} + +src_install() { + exeinto /opt/cni/bin + doexe bin/* + dodoc README.md + local i + for i in plugins/{meta/{bandwidth,firewall,flannel,portmap,sbr,tuning},main/{bridge,host-device,ipvlan,loopback,macvlan,ptp,vlan},ipam/{dhcp,host-local,static},sample}; do + newdoc README.md ${i##*/}.README.md + done + systemd_dounit plugins/ipam/dhcp/systemd/cni-dhcp.{service,socket} + newinitd "${FILESDIR}"/cni-dhcp.initd cni-dhcp +} diff --git a/app-containers/cni-plugins/cni-plugins-1.3.0.ebuild b/app-containers/cni-plugins/cni-plugins-1.3.0.ebuild new file mode 100644 index 000000000000..b21d3a20952c --- /dev/null +++ b/app-containers/cni-plugins/cni-plugins-1.3.0.ebuild @@ -0,0 +1,37 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module linux-info systemd + +DESCRIPTION="Standard networking plugins for container networking" +HOMEPAGE="https://github.com/containernetworking/plugins" +SRC_URI="https://github.com/containernetworking/plugins/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm64 ~ppc64 ~riscv" +IUSE="hardened" + +RDEPEND="net-firewall/iptables" + +CONFIG_CHECK="~BRIDGE_VLAN_FILTERING ~NETFILTER_XT_MATCH_COMMENT + ~NETFILTER_XT_MATCH_MULTIPORT" + +S="${WORKDIR}/plugins-${PV}" + +src_compile() { + CGO_LDFLAGS="$(usex hardened '-fno-PIC ' '')" ./build_linux.sh || die +} + +src_install() { + exeinto /opt/cni/bin + doexe bin/* + dodoc README.md + local i + for i in plugins/{meta/{bandwidth,firewall,flannel,portmap,sbr,tuning},main/{bridge,host-device,ipvlan,loopback,macvlan,ptp,vlan},ipam/{dhcp,host-local,static},sample}; do + newdoc README.md ${i##*/}.README.md + done + systemd_dounit plugins/ipam/dhcp/systemd/cni-dhcp.{service,socket} + newinitd "${FILESDIR}"/cni-dhcp.initd cni-dhcp +} diff --git a/app-containers/cni-plugins/files/cni-dhcp.initd b/app-containers/cni-plugins/files/cni-dhcp.initd new file mode 100644 index 000000000000..26b838c516bd --- /dev/null +++ b/app-containers/cni-plugins/files/cni-dhcp.initd @@ -0,0 +1,20 @@ +#!/sbin/openrc-run + +name="CNI-DHCP" +description="virtual dhcp server for containers" +command="/opt/cni/bin/dhcp" +command_args="daemon" +command_background=true +pidfile="/run/${RC_SVCNAME}.pid" + +depend() { + need net +} + +stop_post() { + if [ -e /run/cni/dhcp.sock ]; then + ebegin "Cleaning socket for ${name}" + rm -f /run/cni/dhcp.sock + eend $? "Failed to cleanup socket" + fi +} diff --git a/app-containers/cni-plugins/metadata.xml b/app-containers/cni-plugins/metadata.xml new file mode 100644 index 000000000000..8359d9316145 --- /dev/null +++ b/app-containers/cni-plugins/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> + <upstream> + <remote-id type="github">containernetworking/plugins</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/conmon/Manifest b/app-containers/conmon/Manifest new file mode 100644 index 000000000000..a091bde18e70 --- /dev/null +++ b/app-containers/conmon/Manifest @@ -0,0 +1,2 @@ +DIST conmon-2.1.10.tar.gz 121047 BLAKE2B 14b4c2d541607eac0af6b335f35bd506c9a6c3d2b4e4e3ad79f32550385e90b6f7533f505565f90fb4bb1f42d528c41e9ddc7ec275c16ee982a6d0afe1c65bff SHA512 ecf1a961f431b005b54faa68b5c1bcf31d448f994ca66a56f13002216074dba79b53b52a377d4f8dab08141d6c6cf44467352fbff37175135d3da84081b27a18 +DIST conmon-2.1.8.tar.gz 120541 BLAKE2B 8ae12e674edf49f233f7423f2566a1ddea793bd4fc888618a8903a84309cb4aacea9d200bb0f8e0895c96796dca9bc2e6e73c9c8a7dcc5f2c540b05f7a73a21e SHA512 a277de8f8adf001c3e3ef6ef19d4bade36d48c5395a624ee99cb22708ea26a9954df76362006a1331efc06265cb790883b43e84f0006f80c1725a7470ff244c3 diff --git a/app-containers/conmon/conmon-2.1.10.ebuild b/app-containers/conmon/conmon-2.1.10.ebuild new file mode 100644 index 000000000000..c41813b997a1 --- /dev/null +++ b/app-containers/conmon/conmon-2.1.10.ebuild @@ -0,0 +1,49 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit toolchain-funcs + +DESCRIPTION="An OCI container runtime monitor" +HOMEPAGE="https://github.com/containers/conmon" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/conmon.git" +else + SRC_URI="https://github.com/containers/conmon/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~arm64 ~ppc64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" +IUSE="+seccomp systemd" +RESTRICT="test" + +RDEPEND="dev-libs/glib:= + seccomp? ( sys-libs/libseccomp ) + systemd? ( sys-apps/systemd:= )" +DEPEND="${RDEPEND}" +BDEPEND="dev-go/go-md2man" +PATCHES=( + "${FILESDIR}/conmon-2.1.8-Makefile.patch" +) + +src_prepare() { + default + sed -i -e "s|shell.*--exists libsystemd.* && echo \"0\"|shell echo $(usex systemd 0 1)|g;" Makefile || die + echo -e "#!/usr/bin/env bash\necho $(usex seccomp 0 1)" > hack/seccomp-notify.sh || die +} + +src_compile() { + tc-export CC PKG_CONFIG + export PREFIX="${EPREFIX}/usr" GOMD2MAN=go-md2man + default +} + +src_install() { + default + dodir /usr/libexec/podman + dosym ../../bin/"${PN}" /usr/libexec/podman/"${PN}" +} diff --git a/app-containers/conmon/conmon-2.1.8.ebuild b/app-containers/conmon/conmon-2.1.8.ebuild new file mode 100644 index 000000000000..1acfecb84328 --- /dev/null +++ b/app-containers/conmon/conmon-2.1.8.ebuild @@ -0,0 +1,63 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit toolchain-funcs + +DESCRIPTION="An OCI container runtime monitor" +HOMEPAGE="https://github.com/containers/conmon" + +if [[ ${PV} == *9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/conmon.git" +else + SRC_URI="https://github.com/containers/conmon/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="amd64 arm64 ~ppc64 ~riscv" + GIT_COMMIT="00e08f4a9ca5420de733bf542b930ad58e1a7e7d" +fi + +LICENSE="Apache-2.0" +SLOT="0" +IUSE="+seccomp systemd" +RESTRICT="test" + +RDEPEND="dev-libs/glib:= + seccomp? ( sys-libs/libseccomp ) + systemd? ( sys-apps/systemd:= )" +DEPEND="${RDEPEND}" +BDEPEND="dev-go/go-md2man" +PATCHES=( + "${FILESDIR}/conmon-2.1.8-Makefile.patch" +) + +src_prepare() { + default + if use systemd; then + sed -i -e 's|shell $(PKG_CONFIG) --exists libsystemd.* && echo "0"|shell echo "0"|g;' Makefile || die + else + sed -i -e 's|shell $(PKG_CONFIG) --exists libsystemd.* && echo "0"|shell echo "1"|g;' Makefile || die + fi + + if use seccomp; then + echo -e '#!/usr/bin/env bash\necho "0"' > hack/seccomp-notify.sh || die + else + echo -e '#!/usr/bin/env bash\necho "1"' > hack/seccomp-notify.sh || die + fi +} + +src_compile() { + tc-export CC PKG_CONFIG + export PREFIX=${EPREFIX}/usr GOMD2MAN=go-md2man + if [[ ${PV} == *9999* ]]; then + default + else + emake GIT_COMMIT="${GIT_COMMIT}" + fi +} + +src_install() { + default + dodir /usr/libexec/podman + dosym ../../bin/"${PN}" /usr/libexec/podman/conmon +} diff --git a/app-containers/conmon/conmon-9999.ebuild b/app-containers/conmon/conmon-9999.ebuild new file mode 100644 index 000000000000..c41813b997a1 --- /dev/null +++ b/app-containers/conmon/conmon-9999.ebuild @@ -0,0 +1,49 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit toolchain-funcs + +DESCRIPTION="An OCI container runtime monitor" +HOMEPAGE="https://github.com/containers/conmon" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/conmon.git" +else + SRC_URI="https://github.com/containers/conmon/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~arm64 ~ppc64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" +IUSE="+seccomp systemd" +RESTRICT="test" + +RDEPEND="dev-libs/glib:= + seccomp? ( sys-libs/libseccomp ) + systemd? ( sys-apps/systemd:= )" +DEPEND="${RDEPEND}" +BDEPEND="dev-go/go-md2man" +PATCHES=( + "${FILESDIR}/conmon-2.1.8-Makefile.patch" +) + +src_prepare() { + default + sed -i -e "s|shell.*--exists libsystemd.* && echo \"0\"|shell echo $(usex systemd 0 1)|g;" Makefile || die + echo -e "#!/usr/bin/env bash\necho $(usex seccomp 0 1)" > hack/seccomp-notify.sh || die +} + +src_compile() { + tc-export CC PKG_CONFIG + export PREFIX="${EPREFIX}/usr" GOMD2MAN=go-md2man + default +} + +src_install() { + default + dodir /usr/libexec/podman + dosym ../../bin/"${PN}" /usr/libexec/podman/"${PN}" +} diff --git a/app-containers/conmon/files/conmon-2.1.8-Makefile.patch b/app-containers/conmon/files/conmon-2.1.8-Makefile.patch new file mode 100644 index 000000000000..8730f4cde59c --- /dev/null +++ b/app-containers/conmon/files/conmon-2.1.8-Makefile.patch @@ -0,0 +1,60 @@ +# https://github.com/containers/conmon/pull/482 +# https://github.com/containers/conmon/pull/456 +From 26f8263a2e5c7bff1e2d5985a8a3d5f07ab3b0b0 Mon Sep 17 00:00:00 2001 +From: Rahil Bhimjiani <me@rahil.rocks> +Date: Tue, 26 Sep 2023 03:21:49 +0530 +Subject: [PATCH] Remove checks for (long)deprecated libsystemd-journal in + favor of libsystemd + +https://bugzilla.redhat.com/show_bug.cgi?id=1350301#c2 + +Signed-off-by: Rahil Bhimjiani <me@rahil.rocks> +--- + Makefile | 5 +---- + meson.build | 5 +---- + 2 files changed, 2 insertions(+), 8 deletions(-) + +diff --git a/Makefile b/Makefile +index 5e6c0d39..40df8e3d 100644 +--- a/Makefile ++++ b/Makefile +@@ -38,10 +38,7 @@ override CFLAGS += $(shell $(PKG_CONFIG) --cflags glib-2.0) -DVERSION=\"$(VERSIO + # "pkg-config --exists" will error if the package doesn't exist. Make can only compare + # output of commands, so the echo commands are to allow pkg-config to error out, make to catch it, + # and allow the compilation to complete. +-ifeq ($(shell $(PKG_CONFIG) --exists libsystemd-journal && echo "0"), 0) +- override LIBS += $(shell $(PKG_CONFIG) --libs libsystemd-journal) +- override CFLAGS += $(shell $(PKG_CONFIG) --cflags libsystemd-journal) -D USE_JOURNALD=1 +-else ifeq ($(shell $(PKG_CONFIG) --exists libsystemd && echo "0"), 0) ++ifeq ($(shell $(PKG_CONFIG) --exists libsystemd && echo "0"), 0) + override LIBS += $(shell $(PKG_CONFIG) --libs libsystemd) + override CFLAGS += $(shell $(PKG_CONFIG) --cflags libsystemd) -D USE_JOURNALD=1 + endif +diff --git a/meson.build b/meson.build +index 336e48f3..b454e349 100644 +--- a/meson.build ++++ b/meson.build +@@ -47,10 +47,7 @@ else + libdl = cc.find_library('dl') + endif + +-sd_journal = dependency('libsystemd-journal', required : false) +-if not sd_journal.found() +- sd_journal = dependency('libsystemd', required : false) +-endif ++sd_journal = dependency('libsystemd', required : false) + if sd_journal.found() + add_project_arguments('-DUSE_JOURNALD=1', language : 'c') + endif +diff --git a/docs/Makefile b/docs/Makefile +index af20d2b8..25987664 100644 +--- a/docs/Makefile ++++ b/docs/Makefile +@@ -1,6 +1,6 @@ + PREFIX ?= /usr/local + DATADIR := ${PREFIX}/share + MANDIR := $(DATADIR)/man +-GOMD2MAN = ../tools/build/go-md2man ++GOMD2MAN ?= ../tools/build/go-md2man + + docs: $(patsubst %.md,%,$(wildcard *.8.md)) diff --git a/app-containers/conmon/metadata.xml b/app-containers/conmon/metadata.xml new file mode 100644 index 000000000000..a50753a5eb26 --- /dev/null +++ b/app-containers/conmon/metadata.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + <name>Zac Medico</name> + </maintainer> + <maintainer type="person" proxied="yes"> + <email>me@rahil.rocks</email> + <name>Rahil Bhimjiani</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <upstream> + <remote-id type="github">containers/conmon</remote-id> + <bugs-to>https://github.com/containers/conmon/issues</bugs-to> + <doc>https://github.com/containers/conmon/blob/main/README.md</doc> + </upstream> +</pkgmetadata> diff --git a/app-containers/containerd/Manifest b/app-containers/containerd/Manifest new file mode 100644 index 000000000000..52561c5926bf --- /dev/null +++ b/app-containers/containerd/Manifest @@ -0,0 +1,7 @@ +DIST containerd-1.7.1.tar.gz 9682254 BLAKE2B f168070caf2b76f0be350a98f41bfdbfe6d78344d68821fb92a29f839a6e847d795e5b79436e36f985aa88028ff1c3f44f134cf6bd502ddac22453a457bd952b SHA512 e9b00ba8f4dd1b5b1088060d3822f684611d43b367ddfeb1bee1660140af85f31e9c9bfc600a67e8fc8645a625dc4e1919d9af7291bdeaa607bff7065a4fc945 +DIST containerd-1.7.13.tar.gz 10047499 BLAKE2B 792eca378db4e1f7c57d68e00e2c77d11eab1ca60d280f662f1152a349d1c5ddc2a3a334484741e9a4a81f25cb800dce042eea94307c9f020d850ed81ef533aa SHA512 b2932387ea14b8fb76e2583b862ec6495b2e08a8fd7cdf169978d554e8b352b44bb27585c9de1e4e3bb3984d0050d0f3de9bc7a559205d3130c2fe40f961feb4 +DIST containerd-1.7.14.tar.gz 10054632 BLAKE2B 1a4db0d1fba16b71e55f213f5776dbef7d9806bf0f7623f0d1ab945554f8ef6c98a0d29923f1b19c4f0017b8a1c73ca929fd43522371c3c228be838e71e86763 SHA512 c80ad36027407b2e06fdff76280750f84de8d7300ef8be275976766f2a0a04dec1f0f850c8efcceaa7f6163f43922b427d7ae1fcdeabfaf531f487c25c461dc8 +DIST containerd-1.7.15.tar.gz 10071827 BLAKE2B 91de9b7d777d53ecdab4af5bbb0d4ccbe755e4cf0fb7bc99a7bb15c66e0e11ad30aa2af685e0e8b0df80dbeef451704fa056a04b460d92adceebd290977febfc SHA512 84a94c7658a431cfd7a5321ac262d966f4291337ddff14211951b0d2025cd3af25a48175794d2b3a630ffc25ba03047579163546a4758a2fb5d1898cd233854f +DIST containerd-1.7.2.tar.gz 9688701 BLAKE2B d31cd0e96bb2675390cc63d06114e37d532b7c666b3ffc5b0087dfcef8de23559471f08bf8a52b164c5f645faf1b8102ab2ccdd8ec417a1c74336097f0c3a899 SHA512 c0d4c02991b7e9fc341c4ef3df2d93097f5854a51b99596ed95436a79f7a586820bb8bb7c17fc43b5f38d97ea942e59490fbbf6c9710391ef9caae3d34627bc5 +DIST containerd-1.7.6.tar.gz 9714550 BLAKE2B 863df1a8ab0f0fe6ec62893ed64824763c1b5230fe830fa268820ce0d6254c79e1ac62ab1261a74785b86b01dff83ea9109a899857fa47a48f2cf2eaf298fea8 SHA512 8b7e13c6ea544754ba7d53092d143f3fd2224b9bc874a33d8a00b781e719927f1b22ad5cd1e35b7b95e4890e630f4b92308549a970587ccdf9dbb8eb470e2703 +DIST containerd-1.7.8.tar.gz 9939250 BLAKE2B cddfea0617e92dc56f118e63a3e7af0103c1afe1b18e2c3bf198e4a58aa52424cb62f813f304231700ca10f8ff8936faed5c26735d3dab8958de2219b6769db0 SHA512 29c317b53f1e0eb48f45da47161aad9e97a9e7c5ff6ca2fc0d1233b9e6dcf7c8cd7f866502df80119447e6b889c8ce26257282c7d1948e05e22e1a5afeed1d03 diff --git a/app-containers/containerd/containerd-1.7.1-r1.ebuild b/app-containers/containerd/containerd-1.7.1-r1.ebuild new file mode 100644 index 000000000000..cc7ea0516264 --- /dev/null +++ b/app-containers/containerd/containerd-1.7.1-r1.ebuild @@ -0,0 +1,86 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module systemd +GIT_REVISION=2806fc1057397dbaeefbea0e4e17bddfbd388f38 + +DESCRIPTION="A daemon to control runC" +HOMEPAGE="https://containerd.io/" +SRC_URI="https://github.com/containerd/containerd/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv ~x86" +IUSE="apparmor btrfs device-mapper +cri hardened +seccomp selinux test" + +DEPEND=" + btrfs? ( sys-fs/btrfs-progs ) + seccomp? ( sys-libs/libseccomp ) +" + +# recommended version of runc is found in script/setup/runc-version +RDEPEND=" + ${DEPEND} + ~app-containers/runc-1.1.7[apparmor?,seccomp?] +" + +BDEPEND=" + dev-go/go-md2man + virtual/pkgconfig +" + +# tests require root or docker +RESTRICT+="test" + +src_prepare() { + default + sed -i \ + -e "s/-s -w//" \ + -e "s/-mod=readonly//" \ + Makefile || die + sed -i \ + -e "s:/usr/local:/usr:" \ + containerd.service || die +} + +src_compile() { + local options=( + $(usev apparmor) + $(usex btrfs "" "no_btrfs") + $(usex cri "" "no_cri") + $(usex device-mapper "" "no_devmapper") + $(usev seccomp) + $(usev selinux) + ) + + myemakeargs=( + BUILDTAGS="${options[*]}" + LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" + REVISION="${GIT_REVISION}" + VERSION=v${PV} + ) + + # race condition in man target https://bugs.gentoo.org/765100 + # we need to explicitly specify GOFLAGS for "go run" to use vendor source + emake "${myemakeargs[@]}" man -j1 #nowarn + emake "${myemakeargs[@]}" all + +} + +src_install() { + rm "${D}"/bin/gen-manpages + dobin bin/* + doman man/* + newconfd "${FILESDIR}"/${PN}.confd "${PN}" + newinitd "${FILESDIR}"/${PN}.initd "${PN}" + systemd_dounit containerd.service + keepdir /var/lib/containerd + + # we already installed manpages, remove markdown source + # before installing docs directory + rm -r docs/man || die + + local DOCS=( ADOPTERS.md README.md RELEASES.md ROADMAP.md SCOPE.md docs/. ) + einstalldocs +} diff --git a/app-containers/containerd/containerd-1.7.13.ebuild b/app-containers/containerd/containerd-1.7.13.ebuild new file mode 100644 index 000000000000..e7293ba451b5 --- /dev/null +++ b/app-containers/containerd/containerd-1.7.13.ebuild @@ -0,0 +1,86 @@ +# Copyright 2022-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module systemd +GIT_REVISION=7c3aca7a610df76212171d200ca3811ff6096eb8 + +DESCRIPTION="A daemon to control runC" +HOMEPAGE="https://containerd.io/" +SRC_URI="https://github.com/containerd/containerd/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="apparmor btrfs device-mapper +cri hardened +seccomp selinux test" + +DEPEND=" + btrfs? ( sys-fs/btrfs-progs ) + seccomp? ( sys-libs/libseccomp ) +" + +# recommended version of runc is found in script/setup/runc-version +RDEPEND=" + ${DEPEND} + ~app-containers/runc-1.1.12[apparmor?,seccomp?] +" + +BDEPEND=" + dev-go/go-md2man + virtual/pkgconfig +" + +# tests require root or docker +RESTRICT+="test" + +src_prepare() { + default + sed -i \ + -e "s/-s -w//" \ + -e "s/-mod=readonly//" \ + Makefile || die + sed -i \ + -e "s:/usr/local:/usr:" \ + containerd.service || die +} + +src_compile() { + local options=( + $(usev apparmor) + $(usex btrfs "" "no_btrfs") + $(usex cri "" "no_cri") + $(usex device-mapper "" "no_devmapper") + $(usev seccomp) + $(usev selinux) + ) + + myemakeargs=( + BUILDTAGS="${options[*]}" + LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" + REVISION="${GIT_REVISION}" + VERSION=v${PV} + ) + + # race condition in man target https://bugs.gentoo.org/765100 + # we need to explicitly specify GOFLAGS for "go run" to use vendor source + emake "${myemakeargs[@]}" man -j1 #nowarn + emake "${myemakeargs[@]}" all + +} + +src_install() { + rm "${D}"/bin/gen-manpages + dobin bin/* + doman man/* + newconfd "${FILESDIR}"/${PN}.confd "${PN}" + newinitd "${FILESDIR}"/${PN}.initd "${PN}" + systemd_dounit containerd.service + keepdir /var/lib/containerd + + # we already installed manpages, remove markdown source + # before installing docs directory + rm -r docs/man || die + + local DOCS=( ADOPTERS.md README.md RELEASES.md ROADMAP.md SCOPE.md docs/. ) + einstalldocs +} diff --git a/app-containers/containerd/containerd-1.7.14.ebuild b/app-containers/containerd/containerd-1.7.14.ebuild new file mode 100644 index 000000000000..9a363e0c14c7 --- /dev/null +++ b/app-containers/containerd/containerd-1.7.14.ebuild @@ -0,0 +1,86 @@ +# Copyright 2022-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module systemd +GIT_REVISION=dcf2847247e18caba8dce86522029642f60fe96b + +DESCRIPTION="A daemon to control runC" +HOMEPAGE="https://containerd.io/" +SRC_URI="https://github.com/containerd/containerd/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="apparmor btrfs device-mapper +cri hardened +seccomp selinux test" + +DEPEND=" + btrfs? ( sys-fs/btrfs-progs ) + seccomp? ( sys-libs/libseccomp ) +" + +# recommended version of runc is found in script/setup/runc-version +RDEPEND=" + ${DEPEND} + ~app-containers/runc-1.1.12[apparmor?,seccomp?] +" + +BDEPEND=" + dev-go/go-md2man + virtual/pkgconfig +" + +# tests require root or docker +RESTRICT+="test" + +src_prepare() { + default + sed -i \ + -e "s/-s -w//" \ + -e "s/-mod=readonly//" \ + Makefile || die + sed -i \ + -e "s:/usr/local:/usr:" \ + containerd.service || die +} + +src_compile() { + local options=( + $(usev apparmor) + $(usex btrfs "" "no_btrfs") + $(usex cri "" "no_cri") + $(usex device-mapper "" "no_devmapper") + $(usev seccomp) + $(usev selinux) + ) + + myemakeargs=( + BUILDTAGS="${options[*]}" + LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" + REVISION="${GIT_REVISION}" + VERSION=v${PV} + ) + + # race condition in man target https://bugs.gentoo.org/765100 + # we need to explicitly specify GOFLAGS for "go run" to use vendor source + emake "${myemakeargs[@]}" man -j1 #nowarn + emake "${myemakeargs[@]}" all + +} + +src_install() { + rm "${D}"/bin/gen-manpages + dobin bin/* + doman man/* + newconfd "${FILESDIR}"/${PN}.confd "${PN}" + newinitd "${FILESDIR}"/${PN}.initd "${PN}" + systemd_dounit containerd.service + keepdir /var/lib/containerd + + # we already installed manpages, remove markdown source + # before installing docs directory + rm -r docs/man || die + + local DOCS=( ADOPTERS.md README.md RELEASES.md ROADMAP.md SCOPE.md docs/. ) + einstalldocs +} diff --git a/app-containers/containerd/containerd-1.7.15.ebuild b/app-containers/containerd/containerd-1.7.15.ebuild new file mode 100644 index 000000000000..8f8b2dbe442a --- /dev/null +++ b/app-containers/containerd/containerd-1.7.15.ebuild @@ -0,0 +1,86 @@ +# Copyright 2022-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module systemd +GIT_REVISION=926c9586fe4a6236699318391cd44976a98e31f1 + +DESCRIPTION="A daemon to control runC" +HOMEPAGE="https://containerd.io/" +SRC_URI="https://github.com/containerd/containerd/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="apparmor btrfs device-mapper +cri hardened +seccomp selinux test" + +DEPEND=" + btrfs? ( sys-fs/btrfs-progs ) + seccomp? ( sys-libs/libseccomp ) +" + +# recommended version of runc is found in script/setup/runc-version +RDEPEND=" + ${DEPEND} + ~app-containers/runc-1.1.12[apparmor?,seccomp?] +" + +BDEPEND=" + dev-go/go-md2man + virtual/pkgconfig +" + +# tests require root or docker +RESTRICT+="test" + +src_prepare() { + default + sed -i \ + -e "s/-s -w//" \ + -e "s/-mod=readonly//" \ + Makefile || die + sed -i \ + -e "s:/usr/local:/usr:" \ + containerd.service || die +} + +src_compile() { + local options=( + $(usev apparmor) + $(usex btrfs "" "no_btrfs") + $(usex cri "" "no_cri") + $(usex device-mapper "" "no_devmapper") + $(usev seccomp) + $(usev selinux) + ) + + myemakeargs=( + BUILDTAGS="${options[*]}" + LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" + REVISION="${GIT_REVISION}" + VERSION=v${PV} + ) + + # race condition in man target https://bugs.gentoo.org/765100 + # we need to explicitly specify GOFLAGS for "go run" to use vendor source + emake "${myemakeargs[@]}" man -j1 #nowarn + emake "${myemakeargs[@]}" all + +} + +src_install() { + rm "${D}"/bin/gen-manpages + dobin bin/* + doman man/* + newconfd "${FILESDIR}"/${PN}.confd "${PN}" + newinitd "${FILESDIR}"/${PN}.initd "${PN}" + systemd_dounit containerd.service + keepdir /var/lib/containerd + + # we already installed manpages, remove markdown source + # before installing docs directory + rm -r docs/man || die + + local DOCS=( ADOPTERS.md README.md RELEASES.md ROADMAP.md SCOPE.md docs/. ) + einstalldocs +} diff --git a/app-containers/containerd/containerd-1.7.2.ebuild b/app-containers/containerd/containerd-1.7.2.ebuild new file mode 100644 index 000000000000..498fb8d90a5f --- /dev/null +++ b/app-containers/containerd/containerd-1.7.2.ebuild @@ -0,0 +1,86 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module systemd +GIT_REVISION=0cae528dd6cb557f7201036e9f43420650207b58 + +DESCRIPTION="A daemon to control runC" +HOMEPAGE="https://containerd.io/" +SRC_URI="https://github.com/containerd/containerd/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="apparmor btrfs device-mapper +cri hardened +seccomp selinux test" + +DEPEND=" + btrfs? ( sys-fs/btrfs-progs ) + seccomp? ( sys-libs/libseccomp ) +" + +# recommended version of runc is found in script/setup/runc-version +RDEPEND=" + ${DEPEND} + ~app-containers/runc-1.1.7[apparmor?,seccomp?] +" + +BDEPEND=" + dev-go/go-md2man + virtual/pkgconfig +" + +# tests require root or docker +RESTRICT+="test" + +src_prepare() { + default + sed -i \ + -e "s/-s -w//" \ + -e "s/-mod=readonly//" \ + Makefile || die + sed -i \ + -e "s:/usr/local:/usr:" \ + containerd.service || die +} + +src_compile() { + local options=( + $(usev apparmor) + $(usex btrfs "" "no_btrfs") + $(usex cri "" "no_cri") + $(usex device-mapper "" "no_devmapper") + $(usev seccomp) + $(usev selinux) + ) + + myemakeargs=( + BUILDTAGS="${options[*]}" + LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" + REVISION="${GIT_REVISION}" + VERSION=v${PV} + ) + + # race condition in man target https://bugs.gentoo.org/765100 + # we need to explicitly specify GOFLAGS for "go run" to use vendor source + emake "${myemakeargs[@]}" man -j1 #nowarn + emake "${myemakeargs[@]}" all + +} + +src_install() { + rm "${D}"/bin/gen-manpages + dobin bin/* + doman man/* + newconfd "${FILESDIR}"/${PN}.confd "${PN}" + newinitd "${FILESDIR}"/${PN}.initd "${PN}" + systemd_dounit containerd.service + keepdir /var/lib/containerd + + # we already installed manpages, remove markdown source + # before installing docs directory + rm -r docs/man || die + + local DOCS=( ADOPTERS.md README.md RELEASES.md ROADMAP.md SCOPE.md docs/. ) + einstalldocs +} diff --git a/app-containers/containerd/containerd-1.7.6.ebuild b/app-containers/containerd/containerd-1.7.6.ebuild new file mode 100644 index 000000000000..8ce5ddd813bd --- /dev/null +++ b/app-containers/containerd/containerd-1.7.6.ebuild @@ -0,0 +1,86 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module systemd +GIT_REVISION=091922f03c2762540fd057fba91260237ff86acb + +DESCRIPTION="A daemon to control runC" +HOMEPAGE="https://containerd.io/" +SRC_URI="https://github.com/containerd/containerd/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="apparmor btrfs device-mapper +cri hardened +seccomp selinux test" + +DEPEND=" + btrfs? ( sys-fs/btrfs-progs ) + seccomp? ( sys-libs/libseccomp ) +" + +# recommended version of runc is found in script/setup/runc-version +RDEPEND=" + ${DEPEND} + ~app-containers/runc-1.1.9[apparmor?,seccomp?] +" + +BDEPEND=" + dev-go/go-md2man + virtual/pkgconfig +" + +# tests require root or docker +RESTRICT+="test" + +src_prepare() { + default + sed -i \ + -e "s/-s -w//" \ + -e "s/-mod=readonly//" \ + Makefile || die + sed -i \ + -e "s:/usr/local:/usr:" \ + containerd.service || die +} + +src_compile() { + local options=( + $(usev apparmor) + $(usex btrfs "" "no_btrfs") + $(usex cri "" "no_cri") + $(usex device-mapper "" "no_devmapper") + $(usev seccomp) + $(usev selinux) + ) + + myemakeargs=( + BUILDTAGS="${options[*]}" + LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" + REVISION="${GIT_REVISION}" + VERSION=v${PV} + ) + + # race condition in man target https://bugs.gentoo.org/765100 + # we need to explicitly specify GOFLAGS for "go run" to use vendor source + emake "${myemakeargs[@]}" man -j1 #nowarn + emake "${myemakeargs[@]}" all + +} + +src_install() { + rm "${D}"/bin/gen-manpages + dobin bin/* + doman man/* + newconfd "${FILESDIR}"/${PN}.confd "${PN}" + newinitd "${FILESDIR}"/${PN}.initd "${PN}" + systemd_dounit containerd.service + keepdir /var/lib/containerd + + # we already installed manpages, remove markdown source + # before installing docs directory + rm -r docs/man || die + + local DOCS=( ADOPTERS.md README.md RELEASES.md ROADMAP.md SCOPE.md docs/. ) + einstalldocs +} diff --git a/app-containers/containerd/containerd-1.7.8.ebuild b/app-containers/containerd/containerd-1.7.8.ebuild new file mode 100644 index 000000000000..023ca8488369 --- /dev/null +++ b/app-containers/containerd/containerd-1.7.8.ebuild @@ -0,0 +1,86 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module systemd +GIT_REVISION=8e4b0bde866788eec76735cc77c4720144248fb7 + +DESCRIPTION="A daemon to control runC" +HOMEPAGE="https://containerd.io/" +SRC_URI="https://github.com/containerd/containerd/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="apparmor btrfs device-mapper +cri hardened +seccomp selinux test" + +DEPEND=" + btrfs? ( sys-fs/btrfs-progs ) + seccomp? ( sys-libs/libseccomp ) +" + +# recommended version of runc is found in script/setup/runc-version +RDEPEND=" + ${DEPEND} + ~app-containers/runc-1.1.9[apparmor?,seccomp?] +" + +BDEPEND=" + dev-go/go-md2man + virtual/pkgconfig +" + +# tests require root or docker +RESTRICT+="test" + +src_prepare() { + default + sed -i \ + -e "s/-s -w//" \ + -e "s/-mod=readonly//" \ + Makefile || die + sed -i \ + -e "s:/usr/local:/usr:" \ + containerd.service || die +} + +src_compile() { + local options=( + $(usev apparmor) + $(usex btrfs "" "no_btrfs") + $(usex cri "" "no_cri") + $(usex device-mapper "" "no_devmapper") + $(usev seccomp) + $(usev selinux) + ) + + myemakeargs=( + BUILDTAGS="${options[*]}" + LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" + REVISION="${GIT_REVISION}" + VERSION=v${PV} + ) + + # race condition in man target https://bugs.gentoo.org/765100 + # we need to explicitly specify GOFLAGS for "go run" to use vendor source + emake "${myemakeargs[@]}" man -j1 #nowarn + emake "${myemakeargs[@]}" all + +} + +src_install() { + rm "${D}"/bin/gen-manpages + dobin bin/* + doman man/* + newconfd "${FILESDIR}"/${PN}.confd "${PN}" + newinitd "${FILESDIR}"/${PN}.initd "${PN}" + systemd_dounit containerd.service + keepdir /var/lib/containerd + + # we already installed manpages, remove markdown source + # before installing docs directory + rm -r docs/man || die + + local DOCS=( ADOPTERS.md README.md RELEASES.md ROADMAP.md SCOPE.md docs/. ) + einstalldocs +} diff --git a/app-containers/containerd/files/containerd.confd b/app-containers/containerd/files/containerd.confd new file mode 100644 index 000000000000..22ef83205e26 --- /dev/null +++ b/app-containers/containerd/files/containerd.confd @@ -0,0 +1,3 @@ +# This is the delay to be used in the start_post function to wait for +# the socket to be active. +#containerd_socket_delay=5 diff --git a/app-containers/containerd/files/containerd.initd b/app-containers/containerd/files/containerd.initd new file mode 100644 index 000000000000..143305c03336 --- /dev/null +++ b/app-containers/containerd/files/containerd.initd @@ -0,0 +1,26 @@ +#!/sbin/openrc-run +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +description="Containerd container runtime" +command="/usr/bin/containerd" +command_args="${command_args:-}" +command_background="true" +pidfile="${pidfile:-/run/${RC_SVCNAME}.pid}" +start_stop_daemon_args="--stderr /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log --stdout /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log" + +start_pre() { + checkpath -m 0750 -d "/var/log/${RC_SVCNAME}" + + ulimit -n 1048576 + + # Having non-zero limits causes performance problems due to accounting overhead + # in the kernel. We recommend using cgroups to do container-local accounting. + ulimit -u unlimited + + return 0 +} + +start_post() { + ewaitfile ${containerd_socket_delay:-5} /run/containerd/containerd.sock +} diff --git a/app-containers/containerd/metadata.xml b/app-containers/containerd/metadata.xml new file mode 100644 index 000000000000..4ee50fa856d8 --- /dev/null +++ b/app-containers/containerd/metadata.xml @@ -0,0 +1,24 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <longdescription> + Containerd is a daemon with an API and a command line client, to manage + containers on one machine. It uses runC to run containers according to + the OCI specification. Containerd has advanced features such as seccomp + and user namespace support as well as checkpoint and restore for cloning + and live migration of containers. + </longdescription> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> + <use> + <flag name="btrfs">Support for BTRFS snapshot driver</flag> + <flag name="cri">Support for Kubernetes CRI</flag> + <flag name="device-mapper">Support for device mapper snapshot driver</flag> + </use> + <upstream> + <remote-id type="github">containerd/containerd</remote-id> + <remote-id type="cpe">cpe:/a:linuxfoundation:containerd</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/containers-common/Manifest b/app-containers/containers-common/Manifest new file mode 100644 index 000000000000..d683aa50a470 --- /dev/null +++ b/app-containers/containers-common/Manifest @@ -0,0 +1,3 @@ +DIST containers-common-0.57.0.tar.gz 12700958 BLAKE2B 8432a7d839b94b59eabd75d4978a4d0c1340a64ed626db74e74a8318e08c61172bfba5e4f4c4b0dfffec302c5a310bb5be8fad3ab4d91a6d89ced373a0a6f297 SHA512 b993821040788085ff44e48023a64cea4e3e7e50731c359087bd287168e6849a543d930acbdaff2437fc7951acc46f7183f337dd977215eca814332e6869d1e3 +DIST containers-common-0.57.3.tar.gz 12702863 BLAKE2B 7842893f9b8ca72fa0657ea716f61cad95c4a8bff680922a15cffad4cecf897683591272fee83494e800023a432458cc689a810726e60e4d5ff9dd6af2d71737 SHA512 f0b7c4632317e666342f7b31bd9e5e9cdc794125d4d358e6a62ba115099ee1e6b33751cff982dcadbb3055b093d05fbd1049402f79ca2e6465cc6fcabce7c928 +DIST containers-common-0.58.0.tar.gz 13164567 BLAKE2B 17795eec2d38b4d8b9d6afeb20e249208c5ae2ac767a365ef7313d1e7c36eadb9a9eb284a657dfe3f4fcb0577448d4883fabbad76e0318425fdc03809e27cd7c SHA512 6f569d68d3b0e5ead304c7f23341808d66a47b6352c772d353d50c5f4777cd8a5a5b85d6faaf2887f828c17ec49b9c5f929177a67294b5bbb69baa80656982a8 diff --git a/app-containers/containers-common/containers-common-0.57.0-r1.ebuild b/app-containers/containers-common/containers-common-0.57.0-r1.ebuild new file mode 100644 index 000000000000..3cb764cb31ce --- /dev/null +++ b/app-containers/containers-common/containers-common-0.57.0-r1.ebuild @@ -0,0 +1,60 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Common config files and docs for Containers stack" +HOMEPAGE="https://github.com/containers/common" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/common.git" +else + SRC_URI="https://github.com/containers/common/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="amd64 arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" +RESTRICT="test" +RDEPEND=" + >=app-containers/containers-image-5.29.2 + app-containers/containers-storage + app-containers/containers-shortnames + !<app-containers/podman-4.5.0-r1 + net-firewall/nftables + net-firewall/iptables[nftables] + || ( app-containers/crun app-containers/runc ) + || ( + ( >=app-containers/netavark-1.6.0 >=app-containers/aardvark-dns-1.6.0 ) + >=app-containers/cni-plugins-0.9.1 + ) +" + +BDEPEND=" + >=dev-go/go-md2man-2.0.2 +" + +src_prepare() { + default + + [[ -f docs/Makefile && -f Makefile ]] || die + sed -i -e 's|/usr/local|/usr|g;' docs/Makefile Makefile || die + + # add comments to mounts.conf + eapply "${FILESDIR}/examplify-mounts-conf.patch" +} + +src_compile() { + emake docs +} + +src_install() { + emake DESTDIR="${ED}" install + + insinto /usr/share/containers + doins pkg/seccomp/seccomp.json pkg/subscriptions/mounts.conf + + keepdir /etc/containers/certs.d /etc/containers/oci/hooks.d /etc/containers/systemd /var/lib/containers/sigstore +} diff --git a/app-containers/containers-common/containers-common-0.57.0.ebuild b/app-containers/containers-common/containers-common-0.57.0.ebuild new file mode 100644 index 000000000000..2d56b46669f2 --- /dev/null +++ b/app-containers/containers-common/containers-common-0.57.0.ebuild @@ -0,0 +1,68 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Common config files and docs for Containers stack" +HOMEPAGE="https://github.com/containers/common" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/common.git" +else + SRC_URI="https://github.com/containers/common/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="amd64 ~arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" +RESTRICT="test" +RDEPEND=" + <app-containers/containers-image-5.29.2 + app-containers/containers-storage + app-containers/containers-shortnames + !<app-containers/podman-4.5.0-r1 + net-firewall/nftables + net-firewall/iptables[nftables] + || ( app-containers/crun app-containers/runc ) + || ( + ( >=app-containers/netavark-1.6.0 >=app-containers/aardvark-dns-1.6.0 ) + >=app-containers/cni-plugins-0.9.1 + ) +" + +BDEPEND=" + >=dev-go/go-md2man-2.0.2 +" + +src_prepare() { + default + + [[ -f docs/Makefile && -f Makefile ]] || die + sed -i -e 's|/usr/local|/usr|g;' docs/Makefile Makefile || die + + # add comments to mounts.conf + eapply "${FILESDIR}/examplify-mounts-conf.patch" +} + +src_compile() { + emake docs +} + +src_install() { + emake DESTDIR="${ED}" install + + insinto /etc/containers + # https://github.com/containers/skopeo/raw/main/default-policy.json + doins pkg/config/containers.conf "${FILESDIR}/policy.json" + + insinto /etc/containers/registries.d + # https://github.com/containers/skopeo/raw/main/default.yaml + doins "${FILESDIR}/default.yaml" + + insinto /usr/share/containers + doins pkg/seccomp/seccomp.json pkg/subscriptions/mounts.conf + + keepdir /etc/containers/certs.d /etc/containers/oci/hooks.d /etc/containers/systemd /var/lib/containers/sigstore +} diff --git a/app-containers/containers-common/containers-common-0.57.3.ebuild b/app-containers/containers-common/containers-common-0.57.3.ebuild new file mode 100644 index 000000000000..5a0aa2f26d0b --- /dev/null +++ b/app-containers/containers-common/containers-common-0.57.3.ebuild @@ -0,0 +1,59 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Common config files and docs for Containers stack" +HOMEPAGE="https://github.com/containers/common" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/common.git" +else + SRC_URI="https://github.com/containers/common/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" +RESTRICT="test" +RDEPEND=" + app-containers/containers-image + app-containers/containers-storage + app-containers/containers-shortnames + net-firewall/nftables + net-firewall/iptables[nftables] + || ( app-containers/crun app-containers/runc ) + || ( + ( >=app-containers/netavark-1.6.0 >=app-containers/aardvark-dns-1.6.0 ) + >=app-containers/cni-plugins-0.9.1 + ) +" + +BDEPEND=" + >=dev-go/go-md2man-2.0.3 +" + +src_prepare() { + default + + [[ -f docs/Makefile && -f Makefile ]] || die + sed -i -e 's|/usr/local|/usr|g;' docs/Makefile Makefile || die + + # add comments to mounts.conf + eapply "${FILESDIR}/examplify-mounts-conf.patch" +} + +src_compile() { + emake docs +} + +src_install() { + emake DESTDIR="${ED}" install + + insinto /usr/share/containers + doins pkg/seccomp/seccomp.json pkg/subscriptions/mounts.conf + + keepdir /etc/containers/certs.d /etc/containers/oci/hooks.d /etc/containers/systemd /var/lib/containers/sigstore +} diff --git a/app-containers/containers-common/containers-common-0.58.0-r1.ebuild b/app-containers/containers-common/containers-common-0.58.0-r1.ebuild new file mode 100644 index 000000000000..4a0427e20df7 --- /dev/null +++ b/app-containers/containers-common/containers-common-0.58.0-r1.ebuild @@ -0,0 +1,75 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit readme.gentoo-r1 + +DESCRIPTION="Common config files and docs for Containers stack" +HOMEPAGE="https://github.com/containers/common" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/common.git" +else + SRC_URI="https://github.com/containers/common/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" +RESTRICT="test" +RDEPEND=" + >=app-containers/aardvark-dns-1.10.0 + >=app-containers/crun-1.14.3 + >=app-containers/containers-image-5.30.0 + >=app-containers/containers-storage-1.53.0 + app-containers/containers-shortnames + >=app-containers/netavark-1.10.3 + net-firewall/nftables + net-firewall/iptables[nftables] + >=net-misc/passt-2024.03.20 + >=sys-fs/fuse-overlayfs-1.13 +" + +BDEPEND=" + >=dev-go/go-md2man-2.0.3 +" + +PATCHES=( + "${FILESDIR}/examplify-mounts-conf.patch" +) + +DOC_CONTENTS="\n +For rootless operations, one needs to configure subuid(5) and subgid(5)\n +See /etc/sub{uid,gid} to check whether rootless user is already configured\n +If not, quickly configure it with:\n +usermod --add-subuids 1065536-1131071 <rootless user>\n +usermod --add-subgids 1065536-1131071 <rootless user>\n +" + +src_prepare() { + default + + [[ -f docs/Makefile && -f Makefile ]] || die + sed -i -e 's|/usr/local|/usr|g;' docs/Makefile Makefile || die +} + +src_compile() { + emake docs +} + +src_install() { + emake DESTDIR="${ED}" install + readme.gentoo_create_doc + + insinto /usr/share/containers + doins pkg/seccomp/seccomp.json pkg/subscriptions/mounts.conf + + keepdir /etc/containers/certs.d /etc/containers/oci/hooks.d /etc/containers/systemd /var/lib/containers/sigstore +} + +pkg_postinst() { + readme.gentoo_print_elog +} diff --git a/app-containers/containers-common/containers-common-0.58.0.ebuild b/app-containers/containers-common/containers-common-0.58.0.ebuild new file mode 100644 index 000000000000..c4d53773f1d9 --- /dev/null +++ b/app-containers/containers-common/containers-common-0.58.0.ebuild @@ -0,0 +1,60 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Common config files and docs for Containers stack" +HOMEPAGE="https://github.com/containers/common" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/common.git" +else + SRC_URI="https://github.com/containers/common/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" +RESTRICT="test" +RDEPEND=" + app-containers/containers-image + app-containers/containers-storage + app-containers/containers-shortnames + net-firewall/nftables + net-firewall/iptables[nftables] + || ( app-containers/crun app-containers/runc ) + || ( + ( >=app-containers/netavark-1.6.0 >=app-containers/aardvark-dns-1.6.0 ) + >=app-containers/cni-plugins-0.9.1 + ) +" + +BDEPEND=" + >=dev-go/go-md2man-2.0.3 +" + +PATCHES=( + "${FILESDIR}/examplify-mounts-conf.patch" +) + +src_prepare() { + default + + [[ -f docs/Makefile && -f Makefile ]] || die + sed -i -e 's|/usr/local|/usr|g;' docs/Makefile Makefile || die +} + +src_compile() { + emake docs +} + +src_install() { + emake DESTDIR="${ED}" install + + insinto /usr/share/containers + doins pkg/seccomp/seccomp.json pkg/subscriptions/mounts.conf + + keepdir /etc/containers/certs.d /etc/containers/oci/hooks.d /etc/containers/systemd /var/lib/containers/sigstore +} diff --git a/app-containers/containers-common/containers-common-9999.ebuild b/app-containers/containers-common/containers-common-9999.ebuild new file mode 100644 index 000000000000..4a0427e20df7 --- /dev/null +++ b/app-containers/containers-common/containers-common-9999.ebuild @@ -0,0 +1,75 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit readme.gentoo-r1 + +DESCRIPTION="Common config files and docs for Containers stack" +HOMEPAGE="https://github.com/containers/common" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/common.git" +else + SRC_URI="https://github.com/containers/common/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" +RESTRICT="test" +RDEPEND=" + >=app-containers/aardvark-dns-1.10.0 + >=app-containers/crun-1.14.3 + >=app-containers/containers-image-5.30.0 + >=app-containers/containers-storage-1.53.0 + app-containers/containers-shortnames + >=app-containers/netavark-1.10.3 + net-firewall/nftables + net-firewall/iptables[nftables] + >=net-misc/passt-2024.03.20 + >=sys-fs/fuse-overlayfs-1.13 +" + +BDEPEND=" + >=dev-go/go-md2man-2.0.3 +" + +PATCHES=( + "${FILESDIR}/examplify-mounts-conf.patch" +) + +DOC_CONTENTS="\n +For rootless operations, one needs to configure subuid(5) and subgid(5)\n +See /etc/sub{uid,gid} to check whether rootless user is already configured\n +If not, quickly configure it with:\n +usermod --add-subuids 1065536-1131071 <rootless user>\n +usermod --add-subgids 1065536-1131071 <rootless user>\n +" + +src_prepare() { + default + + [[ -f docs/Makefile && -f Makefile ]] || die + sed -i -e 's|/usr/local|/usr|g;' docs/Makefile Makefile || die +} + +src_compile() { + emake docs +} + +src_install() { + emake DESTDIR="${ED}" install + readme.gentoo_create_doc + + insinto /usr/share/containers + doins pkg/seccomp/seccomp.json pkg/subscriptions/mounts.conf + + keepdir /etc/containers/certs.d /etc/containers/oci/hooks.d /etc/containers/systemd /var/lib/containers/sigstore +} + +pkg_postinst() { + readme.gentoo_print_elog +} diff --git a/app-containers/containers-common/files/default.yaml b/app-containers/containers-common/files/default.yaml new file mode 100644 index 000000000000..a7f3d2823136 --- /dev/null +++ b/app-containers/containers-common/files/default.yaml @@ -0,0 +1,28 @@ +# This is a default registries.d configuration file. You may +# add to this file or create additional files in registries.d/. +# +# lookaside: for reading/writing simple signing signatures +# lookaside-staging: for writing simple signing signatures, preferred over lookaside +# +# lookaside and lookaside-staging take a value of the following: +# lookaside: {schema}://location +# +# For reading signatures, schema may be http, https, or file. +# For writing signatures, schema may only be file. + +# The default locations are built-in, for both reading and writing: +# /var/lib/containers/sigstore for root, or +# ~/.local/share/containers/sigstore for non-root users. +default-docker: +# lookaside: https://… +# lookaside-staging: file:///… + +# The 'docker' indicator here is the start of the configuration +# for docker registries. +# +# docker: +# +# privateregistry.com: +# lookaside: https://privateregistry.com/sigstore/ +# lookaside-staging: /mnt/nfs/privateregistry/sigstore + diff --git a/app-containers/containers-common/files/examplify-mounts-conf.patch b/app-containers/containers-common/files/examplify-mounts-conf.patch new file mode 100644 index 000000000000..eeaca09d5f1e --- /dev/null +++ b/app-containers/containers-common/files/examplify-mounts-conf.patch @@ -0,0 +1,7 @@ +--- a/pkg/subscriptions/mounts.conf ++++ a/pkg/subscriptions/mounts.conf +@@ -1 +1,3 @@ +-/usr/share/rhel/secrets:/run/secrets ++# Refer to containers-mounts.conf(5) ++# Example: ++# /usr/share/rhel/secrets:/run/secrets diff --git a/app-containers/containers-common/files/policy.json b/app-containers/containers-common/files/policy.json new file mode 100644 index 000000000000..dffc54a62647 --- /dev/null +++ b/app-containers/containers-common/files/policy.json @@ -0,0 +1,14 @@ +{ + "default": [ + { + "type": "insecureAcceptAnything" + } + ], + "transports": + { + "docker-daemon": + { + "": [{"type":"insecureAcceptAnything"}] + } + } +} diff --git a/app-containers/containers-common/metadata.xml b/app-containers/containers-common/metadata.xml new file mode 100644 index 000000000000..21378d94d99f --- /dev/null +++ b/app-containers/containers-common/metadata.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person" proxied="yes"> + <email>me@rahil.rocks</email> + <name>Rahil Bhimjiani</name> + </maintainer> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + <name>Zac Medico</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <upstream> + <remote-id type="github">containers/common</remote-id> + <bugs-to>https://github.com/containers/common/issues</bugs-to> + <doc>https://github.com/containers/common/blob/main/README.md</doc> + </upstream> +</pkgmetadata> diff --git a/app-containers/containers-image/Manifest b/app-containers/containers-image/Manifest new file mode 100644 index 000000000000..0a452993112f --- /dev/null +++ b/app-containers/containers-image/Manifest @@ -0,0 +1,3 @@ +DIST containers-image-5.29.0.tar.gz 706774 BLAKE2B 0af5c7c43e8b75df591cbd291d0865ac19322bf62ad98b4f36cfb51b006ced088f91f0b3f582ce29ae80582e72087467cfe589683216eeb50ad3762152853dc0 SHA512 5e670f85fe0b43769667f1a3e710434ab65c4ec2d8c60b0cad4b0ed41c35f84677528f9dfecb0b946de556ebbdd56f4949760432ec49b1b3c691120a323af869 +DIST containers-image-5.29.2.tar.gz 707618 BLAKE2B f1556cbb26ceedd74a338355caf8b557c43286726f4be63544cebc9a8f4b92be78d7a0cddbedaba7352d13e9fc399f62ee114caba6c8b1ecc334dab1379e523b SHA512 f3f6e09670dc393067992a78303f01e2584dabe79ba156973a50d7a460c011e5a27d0ccdf0ff6b399099a9a3a4c57f3badf24fb5d0704efd645ab7196a544d8f +DIST containers-image-5.30.0.tar.gz 719070 BLAKE2B 5952ab703b6df793f326dd4fc82f50c5f672e2b9d142e0bc706014092420e3563599d9f1c1f65f743e1a8144b91f92b2326d7bf4c3024b5efb466d777a8ad613 SHA512 89cd0d482bb5d70037ff51413b7abca01d36bc7f39e9dc130c78462e501dae32193137a367d81532afd216a7432e127728147e6e839d5d99eeb6b6680f31d4dc diff --git a/app-containers/containers-image/containers-image-5.29.0.ebuild b/app-containers/containers-image/containers-image-5.29.0.ebuild new file mode 100644 index 000000000000..eb50b44f8f73 --- /dev/null +++ b/app-containers/containers-image/containers-image-5.29.0.ebuild @@ -0,0 +1,37 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Default config and docs related to Containers' images" +HOMEPAGE="https://github.com/containers/image" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/image.git" +else + SRC_URI="https://github.com/containers/image/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="amd64 ~arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" + +BDEPEND=">=dev-go/go-md2man-2.0.2" + +src_prepare() { + default + eapply "${FILESDIR}/fix-warnings.patch" +} + +src_compile() { + emake docs +} + +src_install() { + emake DESTDIR="${ED}" install + + insinto /etc/containers + doins registries.conf +} diff --git a/app-containers/containers-image/containers-image-5.29.2-r1.ebuild b/app-containers/containers-image/containers-image-5.29.2-r1.ebuild new file mode 100644 index 000000000000..5a0b9d37566c --- /dev/null +++ b/app-containers/containers-image/containers-image-5.29.2-r1.ebuild @@ -0,0 +1,39 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Default config and docs related to Containers' images" +HOMEPAGE="https://github.com/containers/image" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/image.git" +else + SRC_URI="https://github.com/containers/image/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="amd64 arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" + +# https://github.com/gentoo/gentoo/pull/35012#discussion_r1473740969 +RESTRICT='test' +BDEPEND=">=dev-go/go-md2man-2.0.3" +RDEPEND="!<=app-containers/containers-common-0.57.0" +PATCHES=( + "${FILESDIR}"/moving-policy-json-default-yaml.patch + "${FILESDIR}"/prevent-downloading-mods-5.29.2.patch +) + +src_compile() { + emake docs +} + +src_install() { + emake DESTDIR="${ED}" install + + insinto /etc/containers + doins registries.conf +} diff --git a/app-containers/containers-image/containers-image-5.30.0.ebuild b/app-containers/containers-image/containers-image-5.30.0.ebuild new file mode 100644 index 000000000000..9d755c4cf4ad --- /dev/null +++ b/app-containers/containers-image/containers-image-5.30.0.ebuild @@ -0,0 +1,38 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Default config and docs related to Containers' images" +HOMEPAGE="https://github.com/containers/image" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/image.git" +else + SRC_URI="https://github.com/containers/image/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" + +# https://github.com/gentoo/gentoo/pull/35012#discussion_r1473740969 +RESTRICT='test' +BDEPEND=">=dev-go/go-md2man-2.0.3" +RDEPEND="!<=app-containers/containers-common-0.57.0" +PATCHES=( + "${FILESDIR}"/fix-warnings.patch +) + +src_compile() { + emake docs +} + +src_install() { + emake DESTDIR="${ED}" install + + insinto /etc/containers + doins registries.conf +} diff --git a/app-containers/containers-image/containers-image-9999.ebuild b/app-containers/containers-image/containers-image-9999.ebuild new file mode 100644 index 000000000000..9d755c4cf4ad --- /dev/null +++ b/app-containers/containers-image/containers-image-9999.ebuild @@ -0,0 +1,38 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Default config and docs related to Containers' images" +HOMEPAGE="https://github.com/containers/image" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/image.git" +else + SRC_URI="https://github.com/containers/image/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" + +# https://github.com/gentoo/gentoo/pull/35012#discussion_r1473740969 +RESTRICT='test' +BDEPEND=">=dev-go/go-md2man-2.0.3" +RDEPEND="!<=app-containers/containers-common-0.57.0" +PATCHES=( + "${FILESDIR}"/fix-warnings.patch +) + +src_compile() { + emake docs +} + +src_install() { + emake DESTDIR="${ED}" install + + insinto /etc/containers + doins registries.conf +} diff --git a/app-containers/containers-image/files/fix-warnings.patch b/app-containers/containers-image/files/fix-warnings.patch new file mode 100644 index 000000000000..c68cffa8584b --- /dev/null +++ b/app-containers/containers-image/files/fix-warnings.patch @@ -0,0 +1,14 @@ +--- a/Makefile ++++ b/Makefile +@@ -5,7 +5,2 @@ + +-GOBIN := $(shell go env GOBIN) +-ifeq ($(GOBIN),) +-GOBIN := $(shell go env GOPATH)/bin +-endif +- + # when cross compiling _for_ a Darwin or windows host, then we must use openpgp +@@ -17,3 +12,2 @@ + +-PACKAGES := $(shell GO111MODULE=on go list $(BUILDFLAGS) ./...) + SOURCE_DIRS = $(shell echo $(PACKAGES) | awk 'BEGIN{FS="/"; RS=" "}{print $$4}' | uniq) diff --git a/app-containers/containers-image/files/moving-policy-json-default-yaml.patch b/app-containers/containers-image/files/moving-policy-json-default-yaml.patch new file mode 100644 index 000000000000..1713839371a5 --- /dev/null +++ b/app-containers/containers-image/files/moving-policy-json-default-yaml.patch @@ -0,0 +1,100 @@ +From 45441676e34e6410ae8af6dbb46b6161c5c81a7c Mon Sep 17 00:00:00 2001 +From: Rahil Bhimjiani <me@rahil.website> +Date: Thu, 7 Dec 2023 14:12:26 +0530 +Subject: [PATCH] Moving policy.json and default.yaml from containers/skopeo + +It makes more sense to keep these 2 files along with their man +pages...in c/image +https://github.com/containers/common/pull/1757 + +Signed-off-by: Rahil Bhimjiani <me@rahil.website> +--- + Makefile | 11 +++++++++++ + default-policy.json | 14 ++++++++++++++ + default.yaml | 27 +++++++++++++++++++++++++++ + 3 files changed, 52 insertions(+) + create mode 100644 default-policy.json + create mode 100644 default.yaml + +diff --git a/Makefile b/Makefile +index f329ef083..5e9799b19 100644 +--- a/Makefile ++++ b/Makefile +@@ -24,6 +24,13 @@ GOMD2MAN ?= $(shell command -v go-md2man || echo '$(GOBIN)/go-md2man') + MANPAGES_MD = $(wildcard docs/*.5.md) + MANPAGES ?= $(MANPAGES_MD:%.md=%) + ++ifeq ($(shell uname -s),FreeBSD) ++CONTAINERSCONFDIR ?= /usr/local/etc/containers ++else ++CONTAINERSCONFDIR ?= /etc/containers ++endif ++REGISTRIESDDIR ?= ${CONTAINERSCONFDIR}/registries.d ++ + # N/B: This value is managed by Renovate, manual changes are + # possible, as long as they don't disturb the formatting + # (i.e. DO NOT ADD A 'v' prefix!) +@@ -46,6 +53,10 @@ install-docs: docs + install -m 644 docs/*.5 ${MANINSTALLDIR}/man5/ + + install: install-docs ++ install -d -m 755 ${DESTDIR}${CONTAINERSCONFDIR} ++ install -m 644 default-policy.json ${DESTDIR}${CONTAINERSCONFDIR}/policy.json ++ install -d -m 755 ${DESTDIR}${REGISTRIESDDIR} ++ install -m 644 default.yaml ${DESTDIR}${REGISTRIESDDIR}/default.yaml + + cross: + GOOS=windows $(MAKE) build BUILDTAGS="$(BUILDTAGS) $(BUILD_TAGS_WINDOWS_CROSS)" +diff --git a/default-policy.json b/default-policy.json +new file mode 100644 +index 000000000..dffc54a62 +--- /dev/null ++++ b/default-policy.json +@@ -0,0 +1,14 @@ ++{ ++ "default": [ ++ { ++ "type": "insecureAcceptAnything" ++ } ++ ], ++ "transports": ++ { ++ "docker-daemon": ++ { ++ "": [{"type":"insecureAcceptAnything"}] ++ } ++ } ++} +diff --git a/default.yaml b/default.yaml +new file mode 100644 +index 000000000..9e892d760 +--- /dev/null ++++ b/default.yaml +@@ -0,0 +1,27 @@ ++# This is a default registries.d configuration file. You may ++# add to this file or create additional files in registries.d/. ++# ++# lookaside: for reading/writing simple signing signatures ++# lookaside-staging: for writing simple signing signatures, preferred over lookaside ++# ++# lookaside and lookaside-staging take a value of the following: ++# lookaside: {schema}://location ++# ++# For reading signatures, schema may be http, https, or file. ++# For writing signatures, schema may only be file. ++ ++# The default locations are built-in, for both reading and writing: ++# /var/lib/containers/sigstore for root, or ++# ~/.local/share/containers/sigstore for non-root users. ++default-docker: ++# lookaside: https://… ++# lookaside-staging: file:///… ++ ++# The 'docker' indicator here is the start of the configuration ++# for docker registries. ++# ++# docker: ++# ++# privateregistry.com: ++# lookaside: https://privateregistry.com/sigstore/ ++# lookaside-staging: /mnt/nfs/privateregistry/sigstore diff --git a/app-containers/containers-image/files/prevent-downloading-mods-5.29.2.patch b/app-containers/containers-image/files/prevent-downloading-mods-5.29.2.patch new file mode 100644 index 000000000000..8d70156bfb6f --- /dev/null +++ b/app-containers/containers-image/files/prevent-downloading-mods-5.29.2.patch @@ -0,0 +1,10 @@ +--- a/Makefile ++++ b/Makefile +@@ -15,7 +15,6 @@ + BUILDTAGS = btrfs_noversion libdm_no_deferred_remove + BUILDFLAGS := -tags "$(BUILDTAGS)" + +-PACKAGES := $(shell GO111MODULE=on go list $(BUILDFLAGS) ./...) + SOURCE_DIRS = $(shell echo $(PACKAGES) | awk 'BEGIN{FS="/"; RS=" "}{print $$4}' | uniq) + + PREFIX ?= ${DESTDIR}/usr diff --git a/app-containers/containers-image/metadata.xml b/app-containers/containers-image/metadata.xml new file mode 100644 index 000000000000..86025dfe250e --- /dev/null +++ b/app-containers/containers-image/metadata.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person" proxied="yes"> + <email>me@rahil.rocks</email> + <name>Rahil Bhimjiani</name> + </maintainer> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + <name>Zac Medico</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <upstream> + <remote-id type="github">containers/image</remote-id> + <bugs-to>https://github.com/containers/image/issues</bugs-to> + <doc>https://github.com/containers/image/blob/main/README.md</doc> + </upstream> +</pkgmetadata> diff --git a/app-containers/containers-shortnames/Manifest b/app-containers/containers-shortnames/Manifest new file mode 100644 index 000000000000..af3f5371bc0f --- /dev/null +++ b/app-containers/containers-shortnames/Manifest @@ -0,0 +1 @@ +DIST containers-shortnames-2023.02.20.tar.gz 13527 BLAKE2B 165a4c51bd284078990c94059145bb6b4bd5de4d8595eb2ccd2acc6fe8561e7edc300b7edadc684675ee281d7ada1c3a6d5aa0117c640ec22c2d2ef7e46486b5 SHA512 856dbbeb2acda276e9605bd1ecec0f8d65952c597ee2af61dd8909d7d3c04e5ef06c40b69ec4a98f79e623c536850f614c1b0af3a19637e300e7d3a285933193 diff --git a/app-containers/containers-shortnames/containers-shortnames-2023.02.20.ebuild b/app-containers/containers-shortnames/containers-shortnames-2023.02.20.ebuild new file mode 100644 index 000000000000..bf48bb1f16f0 --- /dev/null +++ b/app-containers/containers-shortnames/containers-shortnames-2023.02.20.ebuild @@ -0,0 +1,36 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Configures default shortnames (aliases) for Containers" +HOMEPAGE="https://github.com/containers/shortnames" + +if [[ ${PV} == *9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/shortnames.git" +else + SRC_URI="https://github.com/containers/shortnames/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="amd64 arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" + +src_configure() { + return +} + +src_compile() { + return +} + +src_test() { + return +} + +src_install() { + insinto /etc/containers/registries.conf.d + newins shortnames.conf 000-shortnames.conf +} diff --git a/app-containers/containers-shortnames/containers-shortnames-9999.ebuild b/app-containers/containers-shortnames/containers-shortnames-9999.ebuild new file mode 100644 index 000000000000..fc6e0837c92f --- /dev/null +++ b/app-containers/containers-shortnames/containers-shortnames-9999.ebuild @@ -0,0 +1,36 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Configures default shortnames (aliases) for Containers" +HOMEPAGE="https://github.com/containers/shortnames" + +if [[ ${PV} == *9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/shortnames.git" +else + SRC_URI="https://github.com/containers/shortnames/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="~amd64" +fi + +LICENSE="Apache-2.0" +SLOT="0" + +src_configure() { + return +} + +src_compile() { + return +} + +src_test() { + return +} + +src_install() { + insinto /etc/containers/registries.conf.d + newins shortnames.conf 000-shortnames.conf +} diff --git a/app-containers/containers-shortnames/metadata.xml b/app-containers/containers-shortnames/metadata.xml new file mode 100644 index 000000000000..6fbce4b1e2e0 --- /dev/null +++ b/app-containers/containers-shortnames/metadata.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person" proxied="yes"> + <email>me@rahil.rocks</email> + <name>Rahil Bhimjiani</name> + </maintainer> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + <name>Zac Medico</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <upstream> + <remote-id type="github">containers/shortnames</remote-id> + <bugs-to>https://github.com/containers/shortnames/issues</bugs-to> + <doc>https://github.com/containers/shortnames/blob/main/README.md</doc> + </upstream> +</pkgmetadata> diff --git a/app-containers/containers-storage/Manifest b/app-containers/containers-storage/Manifest new file mode 100644 index 000000000000..23aaf63ce28c --- /dev/null +++ b/app-containers/containers-storage/Manifest @@ -0,0 +1,2 @@ +DIST containers-storage-1.51.0.tar.gz 4283732 BLAKE2B 108401d68e617e6237e68cf2147113680e0452a8d15ee099da9872508800f3e7b8f2c5508e17d9c5f3d58fec4efc1c20f23f1a567fe592533c0e63efd05ae5c8 SHA512 89916b49438bce8bb774b4aa799676d4b3a946a0b5207a1b5241b1a3ac0875b06b3cd8e81d7e23332ceae6010b693516fc31d8c7f75a37e7ad3056a83c75b6c1 +DIST containers-storage-1.53.0.tar.gz 4291738 BLAKE2B 939ecca8a948165c42453d5461429d46249d73582869793969f9d4ae52d0a9fec25e6c39cd13190dad0730d9a17de7af1f237b3cf5434fd30f442c78e57ee7b3 SHA512 ea4a1d1899208eb8861e36beba206724b1f55cfd6007bc5a90c3a6a5e02835b4a2985814dc9363c31dcdc81a3fb331b29f51f5523628edb8d9c64c465d6dcaa3 diff --git a/app-containers/containers-storage/containers-storage-1.51.0.ebuild b/app-containers/containers-storage/containers-storage-1.51.0.ebuild new file mode 100644 index 000000000000..e06dc0abad14 --- /dev/null +++ b/app-containers/containers-storage/containers-storage-1.51.0.ebuild @@ -0,0 +1,37 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Default config and docs related to Containers' storage" +HOMEPAGE="https://github.com/containers/storage" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/storage.git" +else + SRC_URI="https://github.com/containers/storage/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="amd64 arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" + +BDEPEND=">=dev-go/go-md2man-2.0.2" + +src_prepare() { + default + eapply "${FILESDIR}"/system-md2man-path.patch +} + +src_compile() { + emake -C docs containers-storage.conf.5 +} + +src_install() { + emake DESTDIR="${ED}" -C docs install + + insinto /etc/containers + doins storage.conf +} diff --git a/app-containers/containers-storage/containers-storage-1.53.0.ebuild b/app-containers/containers-storage/containers-storage-1.53.0.ebuild new file mode 100644 index 000000000000..7161e2aa1c52 --- /dev/null +++ b/app-containers/containers-storage/containers-storage-1.53.0.ebuild @@ -0,0 +1,32 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Default config and docs related to Containers' storage" +HOMEPAGE="https://github.com/containers/storage" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/storage.git" +else + SRC_URI="https://github.com/containers/storage/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" + +BDEPEND=">=dev-go/go-md2man-2.0.2" + +src_compile() { + emake -C docs GOMD2MAN=go-md2man containers-storage.conf.5 +} + +src_install() { + emake DESTDIR="${ED}" -C docs install + + insinto /etc/containers + doins storage.conf +} diff --git a/app-containers/containers-storage/containers-storage-9999.ebuild b/app-containers/containers-storage/containers-storage-9999.ebuild new file mode 100644 index 000000000000..7161e2aa1c52 --- /dev/null +++ b/app-containers/containers-storage/containers-storage-9999.ebuild @@ -0,0 +1,32 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Default config and docs related to Containers' storage" +HOMEPAGE="https://github.com/containers/storage" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/storage.git" +else + SRC_URI="https://github.com/containers/storage/archive/v${PV}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P#containers-}" + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +LICENSE="Apache-2.0" +SLOT="0" + +BDEPEND=">=dev-go/go-md2man-2.0.2" + +src_compile() { + emake -C docs GOMD2MAN=go-md2man containers-storage.conf.5 +} + +src_install() { + emake DESTDIR="${ED}" -C docs install + + insinto /etc/containers + doins storage.conf +} diff --git a/app-containers/containers-storage/files/system-md2man-path.patch b/app-containers/containers-storage/files/system-md2man-path.patch new file mode 100644 index 000000000000..f7d8d58aeb80 --- /dev/null +++ b/app-containers/containers-storage/files/system-md2man-path.patch @@ -0,0 +1,7 @@ +--- a/docs/Makefile ++++ b/docs/Makefile +@@ -1,2 +1,3 @@ +-GOMD2MAN = ../tests/tools/build/go-md2man ++GOMD2MAN = $(shell command -v go-md2man) ++ + PREFIX ?= ${DESTDIR}/usr diff --git a/app-containers/containers-storage/metadata.xml b/app-containers/containers-storage/metadata.xml new file mode 100644 index 000000000000..64acdad60d53 --- /dev/null +++ b/app-containers/containers-storage/metadata.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + <name>Zac Medico</name> + </maintainer> + <maintainer type="person" proxied="yes"> + <email>me@rahil.rocks</email> + <name>Rahil Bhimjiani</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <upstream> + <remote-id type="github">containers/storage</remote-id> + <bugs-to>https://github.com/containers/storage/issues</bugs-to> + <doc>https://github.com/containers/storage/blob/main/README.md</doc> + </upstream> +</pkgmetadata> diff --git a/app-containers/cosign/Manifest b/app-containers/cosign/Manifest new file mode 100644 index 000000000000..501d631a7ce8 --- /dev/null +++ b/app-containers/cosign/Manifest @@ -0,0 +1,10 @@ +DIST cosign-2.0.0-deps.tar.xz 446730048 BLAKE2B f59c698ef5c4b908d09af10d0f254c9e03c3e109451d3e2ba2a7d5df007735651e1e28a089f07120155ee2d11648224afc2b126779ca344f0bdd8cd5f155d205 SHA512 29454a7710e18967879010f19c72ffebb75a867d495c48623fa7c61b20d770eb5868e96f0350fba275030438b309a4d1cf7a63212b208725fd5513de3693370b +DIST cosign-2.0.0.tar.gz 6654819 BLAKE2B eee1f7f86a12173baa8d6bac2441646b61c1ce205bbd695018bcf4f068e266c245f2cbd131a40017bb8d88bc8d1960b91c49782c9cdf65e2e47ce356ffe2a92c SHA512 b64fd9bc806d72aaada007d8e0bedcd73ba42cb35fbf4c0ee589c92d5460c90e5604f0ddb6a1f12ba45ce588098803ef026a309332a78613284265e95af4354f +DIST cosign-2.0.1-deps.tar.xz 409822612 BLAKE2B dba99cb2e5b9c3668b1d0c80ae7acc77d1a12ec5afe535178a8b5bc7cb5f06139d4196c31de9399c100a9bb964fde4881691ad7ff27f94ac1975a2ff742fa384 SHA512 ce81c672f1a1e793f11a5614d1c1f8f516208f844213ddbf173f8bf724b824240578be604212bdc66b3ea01737c6ec57f2713d8134c8063682abfb355c9884cb +DIST cosign-2.0.1.tar.gz 6656038 BLAKE2B eb552f0160473cd98d4c876c126f1bbacb53deeddaa9b475f12c3baa5b076fdc06ac3e9783f785059a96baf3643d010617efb695fb6a10f28f5d40023fa6602d SHA512 2d8ce3c495818091e8077503fd2266bd0f3d8ee8a76f2a9b27ab1ab1cf1e2a01fee3ce6138f54d634015010d80e8193f79a8029dd3eb7a09c4b457be16ee4e50 +DIST cosign-2.2.0-deps.tar.xz 474893012 BLAKE2B 75b8a9ccdb117c9eb147a5efd2a167164e5ff5d4dc18483777f0afc1a8c0fc378323003ca58bac92cea4c09a3c4b73d692a81bb45b13bce31553f0e0af2e76e9 SHA512 8b3288ad01ca0d5e789d782f7ba479314396a8848785e4b8fc62b60e1f96b442937d7f2d955370b82b825da62ba1d316169e1ccdff9ce1204663402d680910cb +DIST cosign-2.2.0.tar.gz 850421 BLAKE2B 182bb28cf2b17a04e20d61d4d039e9106fb54a773a9669ad27ff1f3f081a5739dbba7b949688d71a882a4cefceda057ce2636af50e99795194e9656c05928e08 SHA512 379c8544744afb36c143113d6cd3af63cdc28249a34e4c81ab4fe547e97868ae28e0796d9fe77108b7fa2ba30e6379be612650a4f37dc34c08de3fb88fbc5e1d +DIST cosign-2.2.1-deps.tar.xz 487130076 BLAKE2B a0adbfc4d6230f4ba1013dfc28638752e1732eff92b72993aa386073d255a2629c9abb36bca24cacdcd7edff11b4f34cd54356cb3af82b2c3a781a19c12c168e SHA512 27d09d16abbf1ee3d4d1e186dca9cd0836a6da8e36eeb6cce861c85c2a1ec594a4b37dfbd3ada0970fe469aebcf188a0bbe9f8903871bca0e3b81fb718acda09 +DIST cosign-2.2.1.tar.gz 853562 BLAKE2B 40894d00d6071206221010337cb517ee9559518764a0d991df3363cb4dc381a0af4cd31e60c0c1fc6cffce6086af08c908ccf503893356f224f95b1d4085b195 SHA512 84f2308bbb1968eaf6d0d95e2dcb8efa2c42cd2599298b37d576e5e87f0cf6c1153c330b034908c0c7557953e0a7d964eaa4a8768f7dc35900f5f427d8fe7713 +DIST cosign-2.2.3-deps.tar.xz 429760040 BLAKE2B 47ee9a4f6305a670e1818ce74a9da351fc763d4196334d738ab48b9dcba06f4be43ce2ba77dc879aae59ada2fa2ea66168a223c9da1029e02e140590dd1733a5 SHA512 481f8593b80d91996f2b2d4de10acad8bf1c5db3cf099a9683fd7da307c1142c870166a9222e58f9449a060248c94fecf35343dccc07d5cbf2acbdc00c0aef29 +DIST cosign-2.2.3.tar.gz 845096 BLAKE2B 2017cc1716899640cbfc10ce093280a1ee4789eb1e8a8077978ebe4efe38075efa73ccb1abecb41eaa64dc16e652dbb709be7f195a6542284d86b2d9fb5128f3 SHA512 fc488c80dab3d05e0eca714c6107fada01dfddc2b68747676665d20a3f229224bbe36bfc60625c581c2e80dd10ad1421e142cf7ef6e24eba0894a708f2d10f06 diff --git a/app-containers/cosign/cosign-2.0.0.ebuild b/app-containers/cosign/cosign-2.0.0.ebuild new file mode 100644 index 000000000000..62b7d9662254 --- /dev/null +++ b/app-containers/cosign/cosign-2.0.0.ebuild @@ -0,0 +1,30 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +GIT_HASH=d6b9001f8e6ed745fb845849d623274c897d55f2 +inherit go-module + +DESCRIPTION="container signing utility" +HOMEPAGE="https://sigstore.dev" +SRC_URI="https://github.com/sigstore/cosign/archive/v${PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="amd64" + +RESTRICT="test" + +src_compile() { + emake \ + GIT_HASH=${GIT_HASH} \ + GIT_VERSION=v${PV} \ + GIT_TREESTATE=clean +} + +src_install() { + dobin cosign + einstalldocs +dodoc CHANGELOG.md +} diff --git a/app-containers/cosign/cosign-2.0.1.ebuild b/app-containers/cosign/cosign-2.0.1.ebuild new file mode 100644 index 000000000000..5a36c4c478a2 --- /dev/null +++ b/app-containers/cosign/cosign-2.0.1.ebuild @@ -0,0 +1,30 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +GIT_HASH=8faaee4d2b5f65678eb0831a8a3d5990a0271d3a + +DESCRIPTION="container signing utility" +HOMEPAGE="https://sigstore.dev" +SRC_URI="https://github.com/sigstore/cosign/archive/v${PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" + +RESTRICT="test" + +src_compile() { + emake \ + GIT_HASH=${GIT_HASH} \ + GIT_VERSION=v${PV} \ + GIT_TREESTATE=clean +} + +src_install() { + dobin cosign + einstalldocs +dodoc CHANGELOG.md +} diff --git a/app-containers/cosign/cosign-2.2.0.ebuild b/app-containers/cosign/cosign-2.2.0.ebuild new file mode 100644 index 000000000000..54a6b816281f --- /dev/null +++ b/app-containers/cosign/cosign-2.2.0.ebuild @@ -0,0 +1,30 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +GIT_HASH=546f1c5b91ef58d6b034a402d0211d980184a0e5 + +DESCRIPTION="container signing utility" +HOMEPAGE="https://sigstore.dev" +SRC_URI="https://github.com/sigstore/cosign/archive/v${PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" + +RESTRICT="test" + +src_compile() { + emake \ + GIT_HASH=${GIT_HASH} \ + GIT_VERSION=v${PV} \ + GIT_TREESTATE=clean +} + +src_install() { + dobin cosign + einstalldocs +dodoc CHANGELOG.md +} diff --git a/app-containers/cosign/cosign-2.2.1.ebuild b/app-containers/cosign/cosign-2.2.1.ebuild new file mode 100644 index 000000000000..8324e0f4ed2e --- /dev/null +++ b/app-containers/cosign/cosign-2.2.1.ebuild @@ -0,0 +1,32 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +GIT_HASH=12cbf9ea177d22bbf5cf028bcb4712b5f174ebc6 +SOURCE_DATE_EPOCH=1699360786 + +DESCRIPTION="container signing utility" +HOMEPAGE="https://sigstore.dev" +SRC_URI="https://github.com/sigstore/cosign/archive/v${PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" + +RESTRICT="test" + +src_compile() { + emake \ + GIT_HASH=${GIT_HASH} \ + GIT_VERSION=v${PV} \ + GIT_TREESTATE=clean \ + SOURCE_DATE_EPOCH=${SOURCE_DATE_EPOCH} +} + +src_install() { + dobin cosign + einstalldocs +dodoc CHANGELOG.md +} diff --git a/app-containers/cosign/cosign-2.2.3.ebuild b/app-containers/cosign/cosign-2.2.3.ebuild new file mode 100644 index 000000000000..a1421c9276eb --- /dev/null +++ b/app-containers/cosign/cosign-2.2.3.ebuild @@ -0,0 +1,32 @@ +# Copyright 2022-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +GIT_HASH=493e6e29e2ac830aaf05ec210b36d0a5a60c3b32 +SOURCE_DATE_EPOCH=1706723680 + +DESCRIPTION="container signing utility" +HOMEPAGE="https://sigstore.dev" +SRC_URI="https://github.com/sigstore/cosign/archive/v${PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" + +RESTRICT="test" + +src_compile() { + emake \ + GIT_HASH=${GIT_HASH} \ + GIT_VERSION=v${PV} \ + GIT_TREESTATE=clean \ + SOURCE_DATE_EPOCH=${SOURCE_DATE_EPOCH} +} + +src_install() { + dobin cosign + einstalldocs +dodoc CHANGELOG.md +} diff --git a/app-containers/cosign/metadata.xml b/app-containers/cosign/metadata.xml new file mode 100644 index 000000000000..db463f3eeb66 --- /dev/null +++ b/app-containers/cosign/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> +</pkgmetadata> diff --git a/app-containers/cri-o/Manifest b/app-containers/cri-o/Manifest new file mode 100644 index 000000000000..11f94eddc2da --- /dev/null +++ b/app-containers/cri-o/Manifest @@ -0,0 +1,2 @@ +DIST cri-o-1.29.0.tar.gz 21371695 BLAKE2B f670605f07446a78ce04f497207e0205aee23138be448bdc2d2fb172691e5bb309234daa1c5c0adbb37dcb24e9177f24f62e01e183ac6443f48054b9e65b6dfe SHA512 bb83c906964e61ae68219e1374a3e0810fc982fd0389549e6fe3128156af8d5c6effce4217de4d33d3e29e986db630525694093ca3a99b6065385e1e37927fef +DIST cri-o-1.29.2.tar.gz 21203342 BLAKE2B deec88f8a505bdc1f184a3512da7f6d4b78499c4a66cacf0651a9fe56b62d33d62eaaf2ce68e5d8e856e13988b26e076ab69c24b30a62b42d88656441d948fcb SHA512 dd4105e0097a098b9009b00b59a8e8aeaad85b07177305e2e4b2c68a583a0c342e7a615f47a8cbcb7f179035f2c279573069f15aa1e91e491fe770eec1df326c diff --git a/app-containers/cri-o/cri-o-1.29.0.ebuild b/app-containers/cri-o/cri-o-1.29.0.ebuild new file mode 100644 index 000000000000..9d8b95307d64 --- /dev/null +++ b/app-containers/cri-o/cri-o-1.29.0.ebuild @@ -0,0 +1,102 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +EGIT_COMMIT=d59bbdc252837107c9f5d235b8fb2650ff2b9d93= + +inherit go-module + +DESCRIPTION="OCI-based implementation of Kubernetes Container Runtime Interface" +HOMEPAGE="https://cri-o.io/" +SRC_URI="https://github.com/cri-o/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0 BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm64" +IUSE="btrfs +device-mapper selinux systemd" + +COMMON_DEPEND=" + app-crypt/gpgme:= + app-containers/conmon + app-containers/runc + dev-libs/glib:= + dev-libs/libassuan:= + dev-libs/libgpg-error:= + net-firewall/conntrack-tools + net-firewall/iptables + app-containers/cni-plugins + net-misc/socat + sys-apps/iproute2 + sys-libs/libseccomp:= + btrfs? ( sys-fs/btrfs-progs ) + device-mapper? ( sys-fs/lvm2:= ) + selinux? ( sys-libs/libselinux:= ) + systemd? ( sys-apps/systemd:= )" +DEPEND=" + ${COMMON_DEPEND} + dev-go/go-md2man" +RDEPEND="${COMMON_DEPEND} + !<app-containers/podman-1.3.2-r1 + selinux? ( sec-policy/selinux-crio )" + +src_prepare() { + default + + sed -e '/^export GOPROXY=/d' \ + -e '/^GIT_.*/d' \ + -e '/ git diff --exit-code/d' \ + -e 's/$(GO) build -i/$(GO) build -v -work -x/' \ + -e 's/\${GIT_COMMIT}/'${EGIT_COMMIT}'/' \ + -e "s|^GIT_COMMIT := .*|GIT_COMMIT := ${EGIT_COMMIT}|" \ + -e "s|^COMMIT_NO := .*|COMMIT_NO := ${EGIT_COMMIT}|" \ + -i Makefile || die + + echo ".NOTPARALLEL: binaries docs" >> Makefile || die + + sed -e 's:/usr/local/bin:/usr/bin:' \ + -i contrib/systemd/* || die +} + +src_compile() { + [[ -f hack/btrfs_installed_tag.sh ]] || die + use btrfs || { echo -e "#!/bin/sh\necho exclude_graphdriver_btrfs" > \ + hack/btrfs_installed_tag.sh || die; } + + [[ -f hack/libdm_installed.sh ]] || die + use device-mapper || { echo -e "#!/bin/sh\necho exclude_graphdriver_devicemapper" > \ + hack/libdm_installed.sh || die; } + + [[ -f hack/selinux_tag.sh ]] || die + use selinux || { echo -e "#!/bin/sh\ntrue" > \ + hack/selinux_tag.sh || die; } + + mkdir -p bin || die + emake all \ + GOBIN="${S}/bin" \ + GO_BUILD="go build ${GOFLAGS}" \ + GO_MD2MAN="$(which go-md2man)" +} + +src_install() { + emake install install.config install.systemd \ + DESTDIR="${D}" \ + GO_MD2MAN="$(which go-md2man)" \ + PREFIX="${D}${EPREFIX}/usr" + keepdir /etc/crio + mv "${ED}/etc/crio/crio.conf"{,.example} || die + + newinitd "${FILESDIR}/crio.initd" crio + + insinto /etc/logrotate.d + newins "${FILESDIR}/${PN}.logrotated" "${PN}" + + # Suppress crio log error messages triggered if these don't exist. + keepdir /etc/containers/oci/hooks.d + keepdir /usr/share/containers/oci/hooks.d + + # Suppress crio "Missing CNI default network" log message. + keepdir /etc/cni/net.d + insinto /etc/cni/net.d + doins contrib/cni/99-loopback.conflist +} diff --git a/app-containers/cri-o/cri-o-1.29.2.ebuild b/app-containers/cri-o/cri-o-1.29.2.ebuild new file mode 100644 index 000000000000..31584eebabb9 --- /dev/null +++ b/app-containers/cri-o/cri-o-1.29.2.ebuild @@ -0,0 +1,102 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +EGIT_COMMIT=d317b5dc918bbfbc78481072a0d93e572aa8d0e8 + +inherit go-module + +DESCRIPTION="OCI-based implementation of Kubernetes Container Runtime Interface" +HOMEPAGE="https://cri-o.io/" +SRC_URI="https://github.com/cri-o/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0 BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm64" +IUSE="btrfs +device-mapper selinux systemd" + +COMMON_DEPEND=" + app-crypt/gpgme:= + app-containers/conmon + app-containers/runc + dev-libs/glib:= + dev-libs/libassuan:= + dev-libs/libgpg-error:= + net-firewall/conntrack-tools + net-firewall/iptables + app-containers/cni-plugins + net-misc/socat + sys-apps/iproute2 + sys-libs/libseccomp:= + btrfs? ( sys-fs/btrfs-progs ) + device-mapper? ( sys-fs/lvm2:= ) + selinux? ( sys-libs/libselinux:= ) + systemd? ( sys-apps/systemd:= )" +DEPEND=" + ${COMMON_DEPEND} + dev-go/go-md2man" +RDEPEND="${COMMON_DEPEND} + !<app-containers/podman-1.3.2-r1 + selinux? ( sec-policy/selinux-crio )" + +src_prepare() { + default + + sed -e '/^export GOPROXY=/d' \ + -e '/^GIT_.*/d' \ + -e '/ git diff --exit-code/d' \ + -e 's/$(GO) build -i/$(GO) build -v -work -x/' \ + -e 's/\${GIT_COMMIT}/'${EGIT_COMMIT}'/' \ + -e "s|^GIT_COMMIT := .*|GIT_COMMIT := ${EGIT_COMMIT}|" \ + -e "s|^COMMIT_NO := .*|COMMIT_NO := ${EGIT_COMMIT}|" \ + -i Makefile || die + + echo ".NOTPARALLEL: binaries docs" >> Makefile || die + + sed -e 's:/usr/local/bin:/usr/bin:' \ + -i contrib/systemd/* || die +} + +src_compile() { + [[ -f hack/btrfs_installed_tag.sh ]] || die + use btrfs || { echo -e "#!/bin/sh\necho exclude_graphdriver_btrfs" > \ + hack/btrfs_installed_tag.sh || die; } + + [[ -f hack/libdm_installed.sh ]] || die + use device-mapper || { echo -e "#!/bin/sh\necho exclude_graphdriver_devicemapper" > \ + hack/libdm_installed.sh || die; } + + [[ -f hack/selinux_tag.sh ]] || die + use selinux || { echo -e "#!/bin/sh\ntrue" > \ + hack/selinux_tag.sh || die; } + + mkdir -p bin || die + emake all \ + GOBIN="${S}/bin" \ + GO_BUILD="go build ${GOFLAGS}" \ + GO_MD2MAN="$(which go-md2man)" +} + +src_install() { + emake install install.config install.systemd \ + DESTDIR="${D}" \ + GO_MD2MAN="$(which go-md2man)" \ + PREFIX="${D}${EPREFIX}/usr" + keepdir /etc/crio + mv "${ED}/etc/crio/crio.conf"{,.example} || die + + newinitd "${FILESDIR}/crio.initd" crio + + insinto /etc/logrotate.d + newins "${FILESDIR}/${PN}.logrotated" "${PN}" + + # Suppress crio log error messages triggered if these don't exist. + keepdir /etc/containers/oci/hooks.d + keepdir /usr/share/containers/oci/hooks.d + + # Suppress crio "Missing CNI default network" log message. + keepdir /etc/cni/net.d + insinto /etc/cni/net.d + doins contrib/cni/99-loopback.conflist +} diff --git a/app-containers/cri-o/files/cri-o.logrotated b/app-containers/cri-o/files/cri-o.logrotated new file mode 100644 index 000000000000..fb0b8b14a8a1 --- /dev/null +++ b/app-containers/cri-o/files/cri-o.logrotated @@ -0,0 +1,7 @@ +/var/log/crio/crio.log { + missingok + size 5M + rotate 3 + compress + copytruncate +} diff --git a/app-containers/cri-o/files/crio.initd b/app-containers/cri-o/files/crio.initd new file mode 100644 index 000000000000..9e6383ac976b --- /dev/null +++ b/app-containers/cri-o/files/crio.initd @@ -0,0 +1,35 @@ +#!/sbin/openrc-run +# Copyright 2015-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +description="OCI Kubernetes Container Runtime daemon" +pidfile=${pidfile:-"/run/${RC_SVCNAME}.pid"} +extra_started_commands="reload" +command="/usr/bin/${RC_SVCNAME}" +command_args="${command_args}" +command_background="true" +start_stop_daemon_args=" \ + --stdout /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log \ + --stderr /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log" + +depend() { + need net +} + +checkconfig() { + checkpath --directory --owner root:root --mode 0775 \ + /var/log/${RC_SVCNAME} + checkpath --file --owner root:root --mode 0644 \ + /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log +} + +start() { + checkconfig + default_start +} + +reload() { + ebegin "Reloading ${RC_SVCNAME}" + start-stop-daemon --signal HUP --pidfile "${pidfile}" + eend $? +} diff --git a/app-containers/cri-o/metadata.xml b/app-containers/cri-o/metadata.xml new file mode 100644 index 000000000000..f4976c26dbe2 --- /dev/null +++ b/app-containers/cri-o/metadata.xml @@ -0,0 +1,28 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + <name>Zac Medico</name> + </maintainer> + <longdescription lang="en"> + CRI-O is meant to provide an integration path between + OCI conformant runtimes and the kubelet. Specifically, it + implements the Kubelet Container Runtime Interface (CRI) + using OCI conformant runtimes. The scope of CRI-O is tied to + the scope of the CRI. + </longdescription> + <use> + <flag name="btrfs"> + Enables dependencies for the "btrfs" graph driver, including + necessary kernel flags. + </flag> + <flag name="device-mapper"> + Enables dependencies for the "devicemapper" graph driver, including + necessary kernel flags. + </flag> + </use> + <upstream> + <remote-id type="github">cri-o/cri-o</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/cri-tools/Manifest b/app-containers/cri-tools/Manifest new file mode 100644 index 000000000000..a67abf87f207 --- /dev/null +++ b/app-containers/cri-tools/Manifest @@ -0,0 +1,2 @@ +DIST cri-tools-1.25.0.tar.gz 7905707 BLAKE2B 79595f31fc22aff608406bad4319a60dddcabda5f4dab8706305f11500b3db43f1d7021a340a096227d4580212953f32a95b05bbf81c1236f8fa8cf635017abb SHA512 dc04359320d59d6b3789e4e81fb613f3795b7e82dbad681393eaeff2c876e5b0393dd9384d7857d24ada5de34d03e151f7cf121367cc20e71d0b78607372b3a1 +DIST cri-tools-1.27.0.tar.gz 8465050 BLAKE2B d6c0429271ebc4085e75b54d7f3b9f75ab796e63bc9ae7562105296b13bbad8b512293a7d25abf1ab946f4bf54e672016fdb72696c12c730d21ac74724da465c SHA512 b94122e6401eb0c33b9c3d112274b7ab20cbbad05e76a54933e79d2e42ded2d684771cb9ed703a6c1afa381844142b6f1b4dc77d17e915f9a42c236fd8426b9b diff --git a/app-containers/cri-tools/cri-tools-1.25.0.ebuild b/app-containers/cri-tools/cri-tools-1.25.0.ebuild new file mode 100644 index 000000000000..67c3e8b38870 --- /dev/null +++ b/app-containers/cri-tools/cri-tools-1.25.0.ebuild @@ -0,0 +1,34 @@ +# Copyright 2021-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit bash-completion-r1 go-module + +DESCRIPTION="CLI and validation tools for Kubelet Container Runtime (CRI)" +HOMEPAGE="https://github.com/kubernetes-sigs/cri-tools" +SRC_URI="https://github.com/kubernetes-sigs/cri-tools/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0 BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" +SLOT="0" +KEYWORDS="amd64 ~arm64" + +DEPEND="dev-lang/go" + +RESTRICT+=" test" + +src_compile() { + emake VERSION="${PV}" + ./build/bin/crictl completion bash > "crictl.bash" || die + ./build/bin/crictl completion zsh > "crictl.zsh" || die +} + +src_install() { + dobin ./build/bin/crictl + + newbashcomp crictl.bash crictl + insinto /usr/share/zsh/site-functions + newins crictl.zsh _crictl + + dodoc -r docs {README,RELEASE,CHANGELOG,CONTRIBUTING}.md +} diff --git a/app-containers/cri-tools/cri-tools-1.27.0.ebuild b/app-containers/cri-tools/cri-tools-1.27.0.ebuild new file mode 100644 index 000000000000..ae910c91f755 --- /dev/null +++ b/app-containers/cri-tools/cri-tools-1.27.0.ebuild @@ -0,0 +1,33 @@ +# Copyright 2021-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit bash-completion-r1 go-module + +DESCRIPTION="CLI and validation tools for Kubelet Container Runtime (CRI)" +HOMEPAGE="https://github.com/kubernetes-sigs/cri-tools" +SRC_URI="https://github.com/kubernetes-sigs/cri-tools/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0 BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" +SLOT="0" +KEYWORDS="amd64 ~arm64" +RESTRICT="test" + +DOCS=( docs {README,RELEASE,CHANGELOG,CONTRIBUTING}.md ) + +src_compile() { + emake VERSION="${PV}" + find build/ -name crictl -exec cp {} build/bin/ \; || die + ./build/bin/crictl completion bash > "crictl.bash" || die + ./build/bin/crictl completion zsh > "crictl.zsh" || die +} + +src_install() { + einstalldocs + + dobin ./build/bin/crictl + newbashcomp crictl.bash crictl + insinto /usr/share/zsh/site-functions + newins crictl.zsh _crictl +} diff --git a/app-containers/cri-tools/metadata.xml b/app-containers/cri-tools/metadata.xml new file mode 100644 index 000000000000..8d6a4c5d53d2 --- /dev/null +++ b/app-containers/cri-tools/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + <name>Zac Medico</name> + </maintainer> + <upstream> + <remote-id type="github">kubernetes-sigs/cri-tools</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/crun/Manifest b/app-containers/crun/Manifest new file mode 100644 index 000000000000..3e403e47f1cf --- /dev/null +++ b/app-containers/crun/Manifest @@ -0,0 +1,3 @@ +DIST crun-1.11.2.tar.xz 738176 BLAKE2B ef13475089c87599159ce00dd26fbb19c7f2bb9564352c1f8040925e521bb924cf28a8d1f37cc95ce7d1b2797b8654740e9ad08352e357c8c9e2d176466101e0 SHA512 ae35ffb9bd1c7acebfd7f6236fa6a7ad524593d8f2cea1203f0e89023e9791d2d5bbc5c5cfc32ee5f18ad80662a1659076ab5f4d5ff74c6026842f2dd12be977 +DIST crun-1.14.3.tar.xz 750456 BLAKE2B 5a63b5da2f85ff1a83d4589be224c5b7a1123b6d7714b90a63c1907b78d42392aff25ffe5d9a4127173ac47026d57e9c93a39f5ba4b07de7f9f3722c14e6d203 SHA512 d6645c519ff00dda5def6d58240600d15e76969489918d51c0def2fee7dbad6374f83e5afc14a998d176aa2944765df5cd84c3031b265a1931ab23f2fc965fc1 +DIST crun-1.8.4.tar.xz 729552 BLAKE2B 8169518a0ddd8deb3820f7030d03dec6941d5d34fb73a036b82f15b0d8f2f702e117de00b829a16cb9976e118f5a5ca732b1cd572708f664cfeafc564f883824 SHA512 2ed80db2e7ddd1438bbe33e99ec2cdbcc55c4869504f719ff9302e834929752af09a59cd905accb37ee5f6cae3b9b16fd4f4c3fdab31db5fc38b007c1505bfa0 diff --git a/app-containers/crun/crun-1.11.2.ebuild b/app-containers/crun/crun-1.11.2.ebuild new file mode 100644 index 000000000000..029066f58826 --- /dev/null +++ b/app-containers/crun/crun-1.11.2.ebuild @@ -0,0 +1,76 @@ +# Copyright 2019-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..11} ) + +inherit python-any-r1 + +DESCRIPTION="A fast and low-memory footprint OCI Container Runtime fully written in C" +HOMEPAGE="https://github.com/containers/crun" +SRC_URI="https://github.com/containers/${PN}/releases/download/${PV}/${P}.tar.xz" + +LICENSE="GPL-2+ LGPL-2.1+" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv" +IUSE="+bpf +caps criu +seccomp selinux systemd static-libs" + +DEPEND=" + dev-libs/libgcrypt:= + dev-libs/yajl:= + sys-kernel/linux-headers + caps? ( sys-libs/libcap ) + criu? ( >=sys-process/criu-3.15 ) + seccomp? ( sys-libs/libseccomp ) + systemd? ( sys-apps/systemd:= ) +" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-container )" +BDEPEND=" + ${PYTHON_DEPS} + virtual/pkgconfig +" + +PATCHES=( + # merged upstream: https://github.com/containers/crun/pull/1345 + # drop when we get 1.11.3 + "${FILESDIR}/${P}-caps.patch" +) + +src_configure() { + local myeconfargs=( + --cache-file="${S}"/config.cache + $(use_enable bpf) + $(use_enable caps) + $(use_enable criu) + $(use_enable seccomp) + $(use_enable systemd) + $(usex static-libs '--enable-shared --enable-static' '--enable-shared --disable-static' '' '') + ) + + econf "${myeconfargs[@]}" +} + +src_compile() { + emake git-version.h + emake -C libocispec + emake crun +} + +# the crun test suite is comprehensive to the extent that tests will fail +# within a sandbox environment, due to the nature of the privileges +# required to create linux "containers". +# due to this we disable most of the core test suite by unsetting PYTHON_TESTS +src_test() { + emake check PYTHON_TESTS= +} + +src_install() { + emake "DESTDIR=${D}" install-exec + doman crun.1 + einstalldocs + + einfo "Cleaning up .la files" + find "${ED}" -name '*.la' -delete || die +} diff --git a/app-containers/crun/crun-1.14.3.ebuild b/app-containers/crun/crun-1.14.3.ebuild new file mode 100644 index 000000000000..1a73878201ef --- /dev/null +++ b/app-containers/crun/crun-1.14.3.ebuild @@ -0,0 +1,65 @@ +# Copyright 2019-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..12} ) + +inherit python-any-r1 + +DESCRIPTION="A fast and low-memory footprint OCI Container Runtime fully written in C" +HOMEPAGE="https://github.com/containers/crun" + +if [[ "$PV" == *9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/${PN}.git" +else + SRC_URI="https://github.com/containers/${PN}/releases/download/${PV}/${P}.tar.xz" + KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv" +fi + +LICENSE="GPL-2+ LGPL-2.1+" +SLOT="0" +IUSE="+bpf +caps criu +seccomp selinux systemd static-libs" + +DEPEND=" + dev-libs/yajl:= + sys-kernel/linux-headers + caps? ( sys-libs/libcap ) + criu? ( >=sys-process/criu-3.15 ) + seccomp? ( sys-libs/libseccomp ) + systemd? ( sys-apps/systemd:= ) +" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-container )" +BDEPEND=" + ${PYTHON_DEPS} + virtual/pkgconfig +" + +# the crun test suite is comprehensive to the extent that tests will fail +# within a sandbox environment, due to the nature of the privileges +# required to create linux "containers". +RESTRICT="test" + +src_configure() { + local myeconfargs=( + $(use_enable bpf) + $(use_enable caps) + $(use_enable criu) + $(use_enable seccomp) + $(use_enable systemd) + $(usex static-libs '--enable-shared --enable-static' '--enable-shared --disable-static' '' '') + ) + + econf "${myeconfargs[@]}" +} + +src_install() { + emake "DESTDIR=${D}" install-exec + doman crun.1 + einstalldocs + + einfo "Cleaning up .la files" + find "${ED}" -name '*.la' -delete || die +} diff --git a/app-containers/crun/crun-1.8.4.ebuild b/app-containers/crun/crun-1.8.4.ebuild new file mode 100644 index 000000000000..c0e0200e403c --- /dev/null +++ b/app-containers/crun/crun-1.8.4.ebuild @@ -0,0 +1,73 @@ +# Copyright 2019-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{9..11} ) + +# Can drop autotools/eautoreconf after next release & glibc patch gone +inherit autotools python-any-r1 + +DESCRIPTION="A fast and low-memory footprint OCI Container Runtime fully written in C" +HOMEPAGE="https://github.com/containers/crun" +SRC_URI="https://github.com/containers/${PN}/releases/download/${PV}/${P}.tar.xz" + +LICENSE="GPL-2+ LGPL-2.1+" +SLOT="0" +KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv" +IUSE="+bpf +caps criu +seccomp selinux systemd static-libs" + +DEPEND=" + dev-libs/libgcrypt:= + dev-libs/yajl:= + sys-kernel/linux-headers + caps? ( sys-libs/libcap ) + criu? ( >=sys-process/criu-3.15 ) + seccomp? ( sys-libs/libseccomp ) + systemd? ( sys-apps/systemd:= ) +" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-container )" +BDEPEND=" + ${PYTHON_DEPS} + virtual/pkgconfig +" + +# the crun test suite is comprehensive to the extent that tests will fail +# within a sandbox environment, due to the nature of the privileges +# required to create linux "containers". +RESTRICT="test" + +src_prepare() { + default + + eautoreconf +} + +src_configure() { + local myeconfargs=( + $(use_enable bpf) + $(use_enable caps) + $(use_enable criu) + $(use_enable seccomp) + $(use_enable systemd) + $(usex static-libs '--enable-shared --enable-static' '--enable-shared --disable-static' '' '') + ) + + econf "${myeconfargs[@]}" +} + +src_compile() { + emake git-version.h + emake -C libocispec + emake crun +} + +src_install() { + emake "DESTDIR=${D}" install-exec + doman crun.1 + einstalldocs + + einfo "Cleaning up .la files" + find "${ED}" -name '*.la' -delete || die +} diff --git a/app-containers/crun/files/crun-1.11.2-caps.patch b/app-containers/crun/files/crun-1.11.2-caps.patch new file mode 100644 index 000000000000..d32a4dd1a8f8 --- /dev/null +++ b/app-containers/crun/files/crun-1.11.2-caps.patch @@ -0,0 +1,32 @@ +From 767ba88ef363115e80e077ce312f89f20488da01 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Robert=20G=C3=BCnzler?= <r@gnzler.io> +Date: Thu, 9 Nov 2023 14:16:08 +0100 +Subject: [PATCH] Fix build without libcap +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The work to support features introduced another point of dependency on +libcap that previously wasn't guarded by ifdefs + +Refs: https://github.com/containers/crun/pull/1237 +Signed-off-by: Robert Günzler <r@gnzler.io> +--- + src/libcrun/container.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/libcrun/container.c b/src/libcrun/container.c +index ed0fa29bb..7be1713ab 100644 +--- a/src/libcrun/container.c ++++ b/src/libcrun/container.c +@@ -3925,8 +3925,10 @@ libcrun_container_get_features (libcrun_context_t *context, struct features_info + // Populate namespaces + populate_array_field (&((*info)->linux.namespaces), namespaces, num_namspaces); + ++#ifdef HAVE_CAP + // Populate capabilities + populate_capabilities (*info, &capabilities, &num_capabilities); ++#endif + + // Hardcode the values for cgroup + (*info)->linux.cgroup.v1 = true; diff --git a/app-containers/crun/metadata.xml b/app-containers/crun/metadata.xml new file mode 100644 index 000000000000..c87b3b38a78c --- /dev/null +++ b/app-containers/crun/metadata.xml @@ -0,0 +1,31 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person" proxied="yes"> + <email>robert@gnzler.io</email> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <longdescription lang="en"> + While most of the tools used in the Linux containers ecosystem are written in + Go, crun authors believe C is a better fit for a lower level tool like a + container runtime. runc; the most used implementation of the OCI runtime specs + written in Go, re-execs itself and use a module written in C for setting up + the environment before the container process starts. + + crun aims to be also usable as a library that can be easily included in + programs without requiring an external process for managing OCI containers. + </longdescription> + <upstream> + <changelog>https://github.com/containers/crun/releases</changelog> + <remote-id type="github">containers/crun</remote-id> + </upstream> + <use> + <flag name="bpf">Enable in Kernel, eBPF (enhanced Berkley Packet Filter) + support for managing device controllers. + </flag> + <flag name="criu">Enable CRIU based checkpoint/restore support</flag> + </use> +</pkgmetadata> diff --git a/app-containers/devcontainer/Manifest b/app-containers/devcontainer/Manifest new file mode 100644 index 000000000000..9d3563fe1fb8 --- /dev/null +++ b/app-containers/devcontainer/Manifest @@ -0,0 +1,3 @@ +DIST devcontainer-0.57.0.tgz 617323 BLAKE2B 74dd49c0e741715e34dce79cdc73617f4bed68b87f11fafa403a9548b334ecff1af8e2e3705c57c31ca057e12b19094a75a3a3e339cac3b6d005e00e7e08b433 SHA512 7b5680d003630af459d5bf12f6873ea990a67b5f16888317a27d7197799d9ff1cd802834e669c4e1c601780fa8a07c38ec4dab77e7bf64de08406403e163e954 +DIST devcontainer-0.58.0.tgz 618922 BLAKE2B e0962e273f6a28d4c6897523b565634d7849a37ed5866e47430080ac8e42026e888ba2a13cbcbb62dd6974f753383882b66b0129d1e7aad8321c938c58ffec58 SHA512 57beb86d4fcefddbaa4f13612cca0538b2449932164c062082a8ef62f3a7bd57ed6f7bb09e5954fe479c6da9caebc0b3075783fb3ba3391381ab7ce9027e5f08 +DIST devcontainer-0.59.1.tgz 619278 BLAKE2B 793ac8856814cb35ad668b496b12c8bf6e92277014ca2efd245cdebd5b032cbd574017bf758fcb92a675d7bbd07c966bb7c4344b8cb774ad11c02a4daac91eca SHA512 27bfd94b2a34815f90579ed136b6c032dc5f3b5172dfa5c124c151ef5b156038afdbc7b2bf189314c6f910bc7182117977b42712a172ca44af20c8ba481762cf diff --git a/app-containers/devcontainer/devcontainer-0.57.0.ebuild b/app-containers/devcontainer/devcontainer-0.57.0.ebuild new file mode 100644 index 000000000000..10d7f50fc167 --- /dev/null +++ b/app-containers/devcontainer/devcontainer-0.57.0.ebuild @@ -0,0 +1,46 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Reference implementation of the Development Containers specification" +HOMEPAGE="https://containers.dev/ + https://github.com/devcontainers/cli/" +SRC_URI="https://registry.npmjs.org/@devcontainers/cli/-/cli-${PV}.tgz + -> ${P}.tgz" +S="${WORKDIR}/package" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="amd64 ~x86" + +RDEPEND=" + net-libs/nodejs +" +BDEPEND=" + >=net-libs/nodejs-16[npm] +" + +DOCS=( CHANGELOG.md README.md ) + +src_compile() { + # Skip, nothing to compile here. + : +} + +src_install() { + local -a my_npm_opts=( + --audit false + --color false + --foreground-scripts + --global + --offline + --omit dev + --prefix "${ED}/usr" + --progress false + --verbose + ) + npm "${my_npm_opts[@]}" install "${DISTDIR}/${P}.tgz" || die "npm install failed" + + einstalldocs +} diff --git a/app-containers/devcontainer/devcontainer-0.58.0.ebuild b/app-containers/devcontainer/devcontainer-0.58.0.ebuild new file mode 100644 index 000000000000..10d7f50fc167 --- /dev/null +++ b/app-containers/devcontainer/devcontainer-0.58.0.ebuild @@ -0,0 +1,46 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Reference implementation of the Development Containers specification" +HOMEPAGE="https://containers.dev/ + https://github.com/devcontainers/cli/" +SRC_URI="https://registry.npmjs.org/@devcontainers/cli/-/cli-${PV}.tgz + -> ${P}.tgz" +S="${WORKDIR}/package" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="amd64 ~x86" + +RDEPEND=" + net-libs/nodejs +" +BDEPEND=" + >=net-libs/nodejs-16[npm] +" + +DOCS=( CHANGELOG.md README.md ) + +src_compile() { + # Skip, nothing to compile here. + : +} + +src_install() { + local -a my_npm_opts=( + --audit false + --color false + --foreground-scripts + --global + --offline + --omit dev + --prefix "${ED}/usr" + --progress false + --verbose + ) + npm "${my_npm_opts[@]}" install "${DISTDIR}/${P}.tgz" || die "npm install failed" + + einstalldocs +} diff --git a/app-containers/devcontainer/devcontainer-0.59.1.ebuild b/app-containers/devcontainer/devcontainer-0.59.1.ebuild new file mode 100644 index 000000000000..991cd956e37b --- /dev/null +++ b/app-containers/devcontainer/devcontainer-0.59.1.ebuild @@ -0,0 +1,46 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Reference implementation of the Development Containers specification" +HOMEPAGE="https://containers.dev/ + https://github.com/devcontainers/cli/" +SRC_URI="https://registry.npmjs.org/@devcontainers/cli/-/cli-${PV}.tgz + -> ${P}.tgz" +S="${WORKDIR}/package" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +RDEPEND=" + net-libs/nodejs +" +BDEPEND=" + >=net-libs/nodejs-16[npm] +" + +DOCS=( CHANGELOG.md README.md ) + +src_compile() { + # Skip, nothing to compile here. + : +} + +src_install() { + local -a my_npm_opts=( + --audit false + --color false + --foreground-scripts + --global + --offline + --omit dev + --prefix "${ED}/usr" + --progress false + --verbose + ) + npm "${my_npm_opts[@]}" install "${DISTDIR}/${P}.tgz" || die "npm install failed" + + einstalldocs +} diff --git a/app-containers/devcontainer/metadata.xml b/app-containers/devcontainer/metadata.xml new file mode 100644 index 000000000000..07653ea3406a --- /dev/null +++ b/app-containers/devcontainer/metadata.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> + +<pkgmetadata> + <maintainer type="person"> + <email>xgqt@gentoo.org</email> + <name>Maciej Barć</name> + </maintainer> + <longdescription> + A Development Container (or Dev Container for short) allows you to use a + container as a full-featured development environment. It can be used to run + an application, to separate tools, libraries, or runtimes needed for + working with a codebase, and to aid in continuous integration and testing. + Dev containers can be run locally or remotely, in a private or public + cloud, in a variety of supporting tools and editors. + </longdescription> + <upstream> + <bugs-to>https://github.com/devcontainers/cli/issues/</bugs-to> + <remote-id type="github">devcontainers/cli</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/distrobox/Manifest b/app-containers/distrobox/Manifest new file mode 100644 index 000000000000..32415373b5a4 --- /dev/null +++ b/app-containers/distrobox/Manifest @@ -0,0 +1,2 @@ +DIST distrobox-1.7.0.1.tar.gz 6756031 BLAKE2B 320dde2bdf005c5bd66954f212547adb6bbd6d06611272c6a1b1859eef7ad47dbbbf300baaef555e2bf9a750def117ec69418affb75514652aa0e366314fbaf2 SHA512 971a3f15216d2dfa2829a1ea085c7579c4f0bf0e57678474f83df05ae8c897db8a8cd477a429d0126cad11ac0379029b9c759944cea8649971e67f20a3e18328 +DIST distrobox-1.7.1.tar.gz 6885484 BLAKE2B c4b2710d7f1cff7baee2e340a79345359e9906e508e8b1bc351a7b8ee2d8d2e1cb13c381e40231f8c962542e37e32988d04a687810bdfd7ec917868944c51cf3 SHA512 a86a49b9f6158af3172369a201ce3852a349258c46ebb8dfb269f7b96dfbe2bf2fe9f80a5cf9b9236432d99f4f67fb3d95ab4663964fcdb0f888d48cbdd82c39 diff --git a/app-containers/distrobox/distrobox-1.7.0.1.ebuild b/app-containers/distrobox/distrobox-1.7.0.1.ebuild new file mode 100644 index 000000000000..a49244c1584d --- /dev/null +++ b/app-containers/distrobox/distrobox-1.7.0.1.ebuild @@ -0,0 +1,35 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Use any Linux distribution inside your terminal (powered by docker/podman)" +HOMEPAGE="https://distrobox.privatedns.org/ + https://github.com/89luca89/distrobox/" + +if [[ "${PV}" == *9999* ]] ; then + inherit git-r3 + + EGIT_REPO_URI="https://github.com/89luca89/${PN}.git" +else + SRC_URI="https://github.com/89luca89/${PN}/archive/${PV}.tar.gz + -> ${P}.tar.gz" + + KEYWORDS="amd64 ~arm ~arm64 ~riscv ~x86" +fi + +LICENSE="GPL-3" # GPL-3.0-only ! +SLOT="0" + +RDEPEND=" + || ( + app-containers/docker + app-containers/podman + ) +" + +src_install() { + sh ./install --prefix "${ED}/usr" || die "${PN} install script failed" + + dodoc *.md +} diff --git a/app-containers/distrobox/distrobox-1.7.1.ebuild b/app-containers/distrobox/distrobox-1.7.1.ebuild new file mode 100644 index 000000000000..ddd8a782dfb3 --- /dev/null +++ b/app-containers/distrobox/distrobox-1.7.1.ebuild @@ -0,0 +1,35 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Use any Linux distribution inside your terminal (powered by docker/podman)" +HOMEPAGE="https://distrobox.privatedns.org/ + https://github.com/89luca89/distrobox/" + +if [[ "${PV}" == *9999* ]] ; then + inherit git-r3 + + EGIT_REPO_URI="https://github.com/89luca89/${PN}.git" +else + SRC_URI="https://github.com/89luca89/${PN}/archive/${PV}.tar.gz + -> ${P}.tar.gz" + + KEYWORDS="~amd64 ~arm ~arm64 ~riscv ~x86" +fi + +LICENSE="GPL-3" # GPL-3.0-only ! +SLOT="0" + +RDEPEND=" + || ( + app-containers/docker + app-containers/podman + ) +" + +src_install() { + sh ./install --prefix "${ED}/usr" || die "${PN} install script failed" + + dodoc *.md +} diff --git a/app-containers/distrobox/distrobox-9999.ebuild b/app-containers/distrobox/distrobox-9999.ebuild new file mode 100644 index 000000000000..ddd8a782dfb3 --- /dev/null +++ b/app-containers/distrobox/distrobox-9999.ebuild @@ -0,0 +1,35 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Use any Linux distribution inside your terminal (powered by docker/podman)" +HOMEPAGE="https://distrobox.privatedns.org/ + https://github.com/89luca89/distrobox/" + +if [[ "${PV}" == *9999* ]] ; then + inherit git-r3 + + EGIT_REPO_URI="https://github.com/89luca89/${PN}.git" +else + SRC_URI="https://github.com/89luca89/${PN}/archive/${PV}.tar.gz + -> ${P}.tar.gz" + + KEYWORDS="~amd64 ~arm ~arm64 ~riscv ~x86" +fi + +LICENSE="GPL-3" # GPL-3.0-only ! +SLOT="0" + +RDEPEND=" + || ( + app-containers/docker + app-containers/podman + ) +" + +src_install() { + sh ./install --prefix "${ED}/usr" || die "${PN} install script failed" + + dodoc *.md +} diff --git a/app-containers/distrobox/metadata.xml b/app-containers/distrobox/metadata.xml new file mode 100644 index 000000000000..b88c63cda978 --- /dev/null +++ b/app-containers/distrobox/metadata.xml @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> + +<pkgmetadata> + <maintainer type="person"> + <email>xgqt@gentoo.org</email> + <name>Maciej Barć</name> + </maintainer> + <longdescription> + Use any Linux distribution inside your terminal. Enable both backward and + forward compatibility with software and freedom to use whatever + distribution you’re more comfortable with. Distrobox uses podman or docker + to create containers using the Linux distribution of your choice. The + created container will be tightly integrated with the host, allowing + sharing of the HOME directory of the user, external storage, external USB + devices and graphical apps (X11/Wayland), and audio. + </longdescription> + <upstream> + <bugs-to>https://github.com/89luca89/distrobox/issues/</bugs-to> + <remote-id type="github">89luca89/distrobox</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/distrobuilder/Manifest b/app-containers/distrobuilder/Manifest new file mode 100644 index 000000000000..f5226ec2651a --- /dev/null +++ b/app-containers/distrobuilder/Manifest @@ -0,0 +1,4 @@ +DIST distrobuilder-2.1.tar.gz 5599048 BLAKE2B 90e82a20a3ef61d13148951956bb1f74cc3494ca86e339c188a1c9009dcb27c0cb9a298c639c6de891df67915b48d107557f6b698a45cbe35c54d41a45bac1ab SHA512 80184d27305f5659f1367563161220b966b1957810da61e8f3b9f32cf408795319b43dd650bc9f867b3ac73ef2b3251972bb11999d92feb34bfd9cdae7ff7b7b +DIST distrobuilder-2.1.tar.gz.asc 833 BLAKE2B fb3aadbc989438b0606c88e74fdd86e809b6373b907b37372cbbc0ca99415821f61772205967e0a7aa26b0bdaceb66df4ab39da1f08c339edeb84e66a04aab56 SHA512 0220fa34d966e2b3a244af21a894f5db7556b891ee3205b605ef633699553f0f53d876412c855010a0ef685fcfe376997790cf51d59fd46b7c9ba539507de4e3 +DIST distrobuilder-3.0.tar.gz 6135124 BLAKE2B 71cf594cdece46890418ea58af06205c59beaecce46a977efadcb336b93f0e1ed85ba4c1563a1f9f95937e935f844c91b6e45dfc73c0210f134ba3a694adea1d SHA512 c2218e6312257e5f15077d8380b9b49f7b8afd7ed5e43d46ac5d18a8cc332b096ab50c7301f74eb93769548c10f273e21a584ab2e908260ead4d2b219683bd1c +DIST distrobuilder-3.0.tar.gz.asc 833 BLAKE2B 9a6fba0101eaea411a1b56359265c02533739a180c095ef2edd07dbe65c1d3bd2c1deab46e0cfdab362a282b85843659c8876853252b7ab1ab49e9f3f3dc1e8f SHA512 238a0a93575cb05fcd13fc32b5faed7592ff3345ae91d07fc1ede5696903f2e4da3d6d79bf39bc05ac16f0c8e04afe3eefa0e96b2c789992f55859bac6fd56d0 diff --git a/app-containers/distrobuilder/distrobuilder-2.1.ebuild b/app-containers/distrobuilder/distrobuilder-2.1.ebuild new file mode 100644 index 000000000000..db14d40b98fa --- /dev/null +++ b/app-containers/distrobuilder/distrobuilder-2.1.ebuild @@ -0,0 +1,51 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module linux-info + +DESCRIPTION="System container image builder for LXC and LXD" +HOMEPAGE="https://linuxcontainers.org/distrobuilder/introduction/" + +SRC_URI="https://linuxcontainers.org/downloads/distrobuilder/distrobuilder-${PV}.tar.gz + verify-sig? ( https://linuxcontainers.org/downloads/distrobuilder/distrobuilder-${PV}.tar.gz.asc )" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="amd64 ~ppc64" +IUSE="verify-sig" + +RDEPEND="app-crypt/gnupg + dev-util/debootstrap + dev-vcs/git + net-misc/rsync + sys-fs/squashfs-tools" +BDEPEND="verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +# Test deps aren't vendored. +RESTRICT="test" + +CONFIG_CHECK="~OVERLAY_FS" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +PATCHES=( "${FILESDIR}"/distrobuilder-2.1-glibc-2.36-fix.patch ) + +GOPATH="${S}/_dist" + +src_compile() { + export GOPATH="${S}/_dist" + emake +} + +src_test() { + export GOPATH="${S}/_dist" + emake check +} + +src_install() { + export GOPATH="${S}/_dist" + dobin ${GOPATH}/bin/distrobuilder + dodoc -r doc/* +} diff --git a/app-containers/distrobuilder/distrobuilder-3.0-r1.ebuild b/app-containers/distrobuilder/distrobuilder-3.0-r1.ebuild new file mode 100644 index 000000000000..b3db1b7b116d --- /dev/null +++ b/app-containers/distrobuilder/distrobuilder-3.0-r1.ebuild @@ -0,0 +1,50 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module linux-info + +DESCRIPTION="System container image builder for LXC and incus" +HOMEPAGE="https://linuxcontainers.org/distrobuilder/introduction/" + +SRC_URI="https://linuxcontainers.org/downloads/distrobuilder/distrobuilder-${PV}.tar.gz + verify-sig? ( https://linuxcontainers.org/downloads/distrobuilder/distrobuilder-${PV}.tar.gz.asc )" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~ppc64" +IUSE="verify-sig" + +RDEPEND="app-cdr/cdrtools + app-crypt/gnupg + dev-util/debootstrap + dev-vcs/git + net-misc/rsync + sys-fs/squashfs-tools" +BDEPEND="verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +# Test deps aren't vendored. +RESTRICT="test" + +CONFIG_CHECK="~OVERLAY_FS" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +GOPATH="${S}/_dist" + +src_compile() { + export GOPATH="${S}/_dist" + emake +} + +src_test() { + export GOPATH="${S}/_dist" + emake check +} + +src_install() { + export GOPATH="${S}/_dist" + dobin ${GOPATH}/bin/distrobuilder + dodoc -r doc/* +} diff --git a/app-containers/distrobuilder/files/distrobuilder-2.1-glibc-2.36-fix.patch b/app-containers/distrobuilder/files/distrobuilder-2.1-glibc-2.36-fix.patch new file mode 100644 index 000000000000..5fd5ade014bb --- /dev/null +++ b/app-containers/distrobuilder/files/distrobuilder-2.1-glibc-2.36-fix.patch @@ -0,0 +1,34 @@ +diff --git a/vendor/github.com/lxc/lxd/lxd/include/syscall_wrappers.h b/vendor/github.com/lxc/lxd/lxd/include/syscall_wrappers.h +index 2c28133a8..a6975ab4d 100644 +--- a/vendor/github.com/lxc/lxd/lxd/include/syscall_wrappers.h ++++ b/vendor/github.com/lxc/lxd/lxd/include/syscall_wrappers.h +@@ -26,10 +26,10 @@ static inline int lxd_close_range(unsigned int fd, unsigned int max_fd, unsigned + return syscall(__NR_close_range, fd, max_fd, flags); + } + +-static inline int open_tree(int dfd, const char *filename, unsigned int flags) ++/* static inline int open_tree(int dfd, const char *filename, unsigned int flags) + { + return syscall(__NR_open_tree, dfd, filename, flags); +-} ++}*/ + + /* + * mount_setattr() +@@ -40,7 +40,7 @@ struct lxc_mount_attr { + __u64 propagation; + __u64 userns_fd; + }; +- ++/* + static inline int mount_setattr(int dfd, const char *path, unsigned int flags, + struct lxc_mount_attr *attr, size_t size) + { +@@ -53,6 +53,7 @@ static inline int move_mount(int from_dfd, const char *from_pathname, int to_dfd + return syscall(__NR_move_mount, from_dfd, from_pathname, to_dfd, + to_pathname, flags); + } ++*/ + + /* arg1 of prctl() */ + #ifndef PR_SCHED_CORE diff --git a/app-containers/distrobuilder/metadata.xml b/app-containers/distrobuilder/metadata.xml new file mode 100644 index 000000000000..5a061dc2f595 --- /dev/null +++ b/app-containers/distrobuilder/metadata.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> + <maintainer type="person" proxied="yes"> + <email>posting@vodacomm.ca</email> + <name>Stephen Bosch</name> + </maintainer> + <maintainer type="project"> + <email>virtualization@gentoo.org</email> + <name>Gentoo Virtualization Project</name> + </maintainer> + <upstream> + <remote-id type="github">lxc/distrobuilder</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/docker-bench-security/Manifest b/app-containers/docker-bench-security/Manifest new file mode 100644 index 000000000000..f722cecc4f51 --- /dev/null +++ b/app-containers/docker-bench-security/Manifest @@ -0,0 +1 @@ +DIST docker-bench-security-1.6.0.tar.gz 349131 BLAKE2B ce4700e3b7448365420adfb20ca3fa1fa5316157b1f587c40a1ea24e45312ac059a31f5fb152838442e19822c977855323f528d8ddca95eb11347a74606e5913 SHA512 1f3391946dd93540f99e8ea212c9d907d7939d248105082e81845e62eb2a08c4c5a1a32d13c93676ca31df1ee76079a804d36de1874341ed5da64806ea1c7c7b diff --git a/app-containers/docker-bench-security/docker-bench-security-1.6.0.ebuild b/app-containers/docker-bench-security/docker-bench-security-1.6.0.ebuild new file mode 100644 index 000000000000..45778b2f8d60 --- /dev/null +++ b/app-containers/docker-bench-security/docker-bench-security-1.6.0.ebuild @@ -0,0 +1,24 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DESCRIPTION="Test for best practices around deploying docker containers" +HOMEPAGE="https://github.com/docker/docker-bench-security" +SRC_URI="https://github.com/docker/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" + +RDEPEND=">=app-containers/docker-1.13" + +src_install() { + dobin "${FILESDIR}/docker-bench-security" + exeinto /usr/lib/${PN} + doexe ${PN}.sh + insinto /usr/lib/${PN} + doins -r functions/*.sh tests + dodoc -r img/benchmark_log.png CONTRIBUTING.md docker-compose.yml \ + Dockerfile MAINTAINERS README.md +} diff --git a/app-containers/docker-bench-security/files/docker-bench-security b/app-containers/docker-bench-security/files/docker-bench-security new file mode 100644 index 000000000000..3a79d1b3af4d --- /dev/null +++ b/app-containers/docker-bench-security/files/docker-bench-security @@ -0,0 +1,7 @@ +#!/bin/sh +if [ $(id -u) -ne 0 ]; then + printf "%s\n" "This script must be run as root." + exit 1 +fi +cd "$(dirname $0)/../lib/docker-bench-security" +./docker-bench-security.sh diff --git a/app-containers/docker-bench-security/metadata.xml b/app-containers/docker-bench-security/metadata.xml new file mode 100644 index 000000000000..2214840c4cc0 --- /dev/null +++ b/app-containers/docker-bench-security/metadata.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> + <longdescription lang="en"> + The Docker Bench for Security is a script that checks for dozens of + common best-practices around deploying Docker containers in production. + </longdescription> + <upstream> + <remote-id type="github">docker/docker-bench-security</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/docker-buildx/Manifest b/app-containers/docker-buildx/Manifest new file mode 100644 index 000000000000..810b0bff9ca8 --- /dev/null +++ b/app-containers/docker-buildx/Manifest @@ -0,0 +1,2 @@ +DIST docker-buildx-0.10.4.tar.gz 9184825 BLAKE2B f0e71c0f6dda5f02da4cf0b0514f67f5d339ba10359afc69aae25abf907447fd22fe3d92427299bc67aeaa6a84e748a8a5cbd86151b2baba2dd01f25cc04a793 SHA512 f82b89b8dd4e45524c8d353c4d7588f47b1c7b7ecf759fd9605247c1c7aa0ca152c3ecdec0e0b62b5eef05e6b65d2ca1f5ccab6d75819b92fc92ff62b44105b7 +DIST docker-buildx-0.11.2.tar.gz 10342565 BLAKE2B 1e034e9a07f36b46096f8f035869adc93b63af46cd9886f5ed4bc0939ce2f76b7f029a11ee536a34be23952e5c85251d757cec9ff05df172e3a26ea82a1bf0b1 SHA512 6f3718edf1e86c4422e1419580e4c38cf378a59555067be2aa6fac3e7f8878afe39d777765ace274cd9c47630f39cbacfacfdc4ecadd6ff46d5ee37d8f9bc75c diff --git a/app-containers/docker-buildx/docker-buildx-0.10.4-r1.ebuild b/app-containers/docker-buildx/docker-buildx-0.10.4-r1.ebuild new file mode 100644 index 000000000000..982bd439623f --- /dev/null +++ b/app-containers/docker-buildx/docker-buildx-0.10.4-r1.ebuild @@ -0,0 +1,61 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module + +MY_PN="buildx" +DESCRIPTION="Docker CLI plugin for extended build capabilities with BuildKit" +HOMEPAGE="https://github.com/docker/buildx" +if [[ ${PV} == 9999 ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/docker/buildx.git" +else + SRC_URI="https://github.com/docker/buildx/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv ~x86" + S="${WORKDIR}/${MY_PN}-${PV}" +fi + +LICENSE="Apache-2.0" +SLOT="0" + +# This gives us the ability to neatly `-skip` tests. +# not required once ::gentoo is all > 1.20 +RESTRICT="!test? ( test )" +IUSE="test" + +BDEPEND=" + test? ( >=dev-lang/go-1.20 ) +" +RDEPEND="app-containers/docker-cli" + +src_compile() { + local _buildx_r='github.com/docker/buildx' + local version=${PV} + if [[ ${PV} == 9999 ]]; then + version="$(git rev-parse --short HEAD)" + fi + ego build -o docker-buildx \ + -ldflags "-linkmode=external + -X $_buildx_r/version.Version=${version} + -X $_buildx_r/version.Revision=$(date -u +%FT%T%z) + -X $_buildx_r/version.Package=$_buildx_r" \ + ./cmd/buildx +} + +src_test() { + # TestGit can't work in a source tarball; TestReadTargets fails seemingly due to parallelism. + if [[ ${PV} == 9999 ]]; then + ego test ./... -skip "TestReadTargets" + else + ego test ./... -skip "TestGit|TestReadTargets" + fi +} + +src_install() { + exeinto /usr/libexec/docker/cli-plugins + doexe docker-buildx + + dodoc README.md +} diff --git a/app-containers/docker-buildx/docker-buildx-0.11.2.ebuild b/app-containers/docker-buildx/docker-buildx-0.11.2.ebuild new file mode 100644 index 000000000000..8cecb6eed7ae --- /dev/null +++ b/app-containers/docker-buildx/docker-buildx-0.11.2.ebuild @@ -0,0 +1,61 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module + +MY_PN="buildx" +DESCRIPTION="Docker CLI plugin for extended build capabilities with BuildKit" +HOMEPAGE="https://github.com/docker/buildx" +if [[ ${PV} == 9999 ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/docker/buildx.git" +else + SRC_URI="https://github.com/docker/buildx/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" + S="${WORKDIR}/${MY_PN}-${PV}" +fi + +LICENSE="Apache-2.0" +SLOT="0" + +# This gives us the ability to neatly `-skip` tests. +# not required once ::gentoo is all > 1.20 +RESTRICT="!test? ( test )" +IUSE="test" + +BDEPEND=" + test? ( >=dev-lang/go-1.20 ) +" +RDEPEND="app-containers/docker-cli" + +src_compile() { + local _buildx_r='github.com/docker/buildx' + local version=${PV} + if [[ ${PV} == 9999 ]]; then + version="$(git rev-parse --short HEAD)" + fi + ego build -o docker-buildx \ + -ldflags "-linkmode=external + -X $_buildx_r/version.Version=${version} + -X $_buildx_r/version.Revision=$(date -u +%FT%T%z) + -X $_buildx_r/version.Package=$_buildx_r" \ + ./cmd/buildx +} + +src_test() { + # TestGit can't work in a source tarball; TestReadTargets fails seemingly due to parallelism. + if [[ ${PV} == 9999 ]]; then + ego test ./... -skip "TestReadTargets|TestIntegration" + else + ego test ./... -skip "TestGit|TestReadTargets|TestIntegration" + fi +} + +src_install() { + exeinto /usr/libexec/docker/cli-plugins + doexe docker-buildx + + dodoc README.md +} diff --git a/app-containers/docker-buildx/docker-buildx-9999.ebuild b/app-containers/docker-buildx/docker-buildx-9999.ebuild new file mode 100644 index 000000000000..8cecb6eed7ae --- /dev/null +++ b/app-containers/docker-buildx/docker-buildx-9999.ebuild @@ -0,0 +1,61 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module + +MY_PN="buildx" +DESCRIPTION="Docker CLI plugin for extended build capabilities with BuildKit" +HOMEPAGE="https://github.com/docker/buildx" +if [[ ${PV} == 9999 ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/docker/buildx.git" +else + SRC_URI="https://github.com/docker/buildx/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" + S="${WORKDIR}/${MY_PN}-${PV}" +fi + +LICENSE="Apache-2.0" +SLOT="0" + +# This gives us the ability to neatly `-skip` tests. +# not required once ::gentoo is all > 1.20 +RESTRICT="!test? ( test )" +IUSE="test" + +BDEPEND=" + test? ( >=dev-lang/go-1.20 ) +" +RDEPEND="app-containers/docker-cli" + +src_compile() { + local _buildx_r='github.com/docker/buildx' + local version=${PV} + if [[ ${PV} == 9999 ]]; then + version="$(git rev-parse --short HEAD)" + fi + ego build -o docker-buildx \ + -ldflags "-linkmode=external + -X $_buildx_r/version.Version=${version} + -X $_buildx_r/version.Revision=$(date -u +%FT%T%z) + -X $_buildx_r/version.Package=$_buildx_r" \ + ./cmd/buildx +} + +src_test() { + # TestGit can't work in a source tarball; TestReadTargets fails seemingly due to parallelism. + if [[ ${PV} == 9999 ]]; then + ego test ./... -skip "TestReadTargets|TestIntegration" + else + ego test ./... -skip "TestGit|TestReadTargets|TestIntegration" + fi +} + +src_install() { + exeinto /usr/libexec/docker/cli-plugins + doexe docker-buildx + + dodoc README.md +} diff --git a/app-containers/docker-buildx/metadata.xml b/app-containers/docker-buildx/metadata.xml new file mode 100644 index 000000000000..14dd56055eaf --- /dev/null +++ b/app-containers/docker-buildx/metadata.xml @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person" proxied="yes"> + <email>nic@boet.cc</email> + <name>Nic Boet</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <maintainer type="project"> + <email>containers@gentoo.org</email> + <name>Containers</name> + </maintainer> + <upstream> + <remote-id type="github">docker/buildx</remote-id> + </upstream> + <longdescription lang="en"> + buildx is a Docker CLI plugin for extended build capabilities with BuildKit. + BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. + </longdescription> +</pkgmetadata> diff --git a/app-containers/docker-cli/Manifest b/app-containers/docker-cli/Manifest new file mode 100644 index 000000000000..1485c2336233 --- /dev/null +++ b/app-containers/docker-cli/Manifest @@ -0,0 +1,12 @@ +DIST docker-cli-24.0.5-man.tar.xz 82496 BLAKE2B f3295b684dbf8d251ba13a19b9bad9b828fce7d2f76b6643b1cf579cd297b770e8f7304bd3fce823badfbe97e9b760a108b819ca3c760a55e352cf3c5235d815 SHA512 683b0f131902e0a57512207daa49534d73aac6db99dc8621ac6b48eeef26b873e2ba03fe4afe6f1e84c5922e4c60bf0e80e24cc95cdbf2a4953d1c11b80d56ad +DIST docker-cli-24.0.5.tar.gz 6243993 BLAKE2B a7ce84ecf329bc74e48f3a6e1b12a9e310a8f27ac68918ffeb40ab9c4eab8b79e753265b48220fcd3ab40b4136de5ebd44607831f642664eaf732111bd8f41b1 SHA512 765c67634d91d248b156d3e407398b98b7a0a89507bbac0310d4a68b95aa1a05e3af43c8b90bc10166748749d8cc36670619fc9efca110beefbdcd4385dc96be +DIST docker-cli-24.0.6-man.tar.xz 82600 BLAKE2B 9e39bf200d252a0d91b0b6f17680a4c1b34e55cc9f357a59f124138cef39c5ff10fb104c51efe3010bca9a4f72447764ced1c02e3bb3924051fa6f1f01a8f6fa SHA512 5e972647961899e438b765f53afff570b9f0c1742c7c72a3a424887719c3a6afbd467d15884d44ac64b752c984261967f304afa5c168466fe6f611967d18a578 +DIST docker-cli-24.0.6.tar.gz 6244014 BLAKE2B c5f2082e44a568d3f6ee2ff5df9e9b727808f0b70d7d0c6c18b9769c1c4d0f49d371cbd08c95e748d441dc0ef011b66446527b0eeb33368ee59b85496185ba12 SHA512 55c56ae08eb314cce5f4c93544c6748586eadb3abe502d39d4d297e14d274af37346b38695a20a91dcfe51d3d35a77ddd7aa69d170b525e5e6ba345161869cd8 +DIST docker-cli-24.0.7-man.tar.xz 82228 BLAKE2B 7fbf114a724157243c78de9ae03b5d0b1237c5b506cd44edd7a28ffc13609a36b7acf66a25e1eff9f60966e48346d97e70f946cca9301f27fd0355db53a1994d SHA512 af2075e3c731c7e0da4941f4baf35e798f87d1e1f3fa09e85b27a4bcadfd767074af2acaff1fd919d8af2a89ed6d49daefcc0811342d1757886db7a28d1252f2 +DIST docker-cli-24.0.7.tar.gz 6451010 BLAKE2B de047f55ce388c09ec33492f470daf87c6f2d1651b0cd839634183494fba4065506661d2d15aac0dc076d005426411f4099ba8e8d95ea2c7247bb114a00f4eef SHA512 b4811e4ecaf1f17e5a53ee4fb34affab79545d87a1662b0f915efb28108989128f8bbf165c4aed111fcb0c851f7ec7d9137eb0f31447d698b058ff4200dba18d +DIST docker-cli-25.0.1-man.tar.xz 78920 BLAKE2B a4b483e7d3b5c5a70d834a49ca04cd94f76745a8666bbbbbb7aabe9bae887e84b7511e18c455aa213a68d116e3c9bd9652bc5a7afb032e102213d41cc3b7450f SHA512 7a5b676ee9618d0c8d0f3c5690d5d9999dc5a28ba0aa5c41c9da0d1c99da2878502d055e9e8dad71674a84deaffeb07c28a4ac89941c972909fa455447e3c2bc +DIST docker-cli-25.0.1.tar.gz 6860093 BLAKE2B c0745afe7f009b692c91029e9a0a447a1179c2a865b6021f6d48aa2f44e3405084244ca6802c15eb389151fc46fa194efb535ca4c824bfcd92c1ad51371ff1fe SHA512 6443f3184313acf34292f44b60b0de48c4cb141c607be81988aaacca36a6e4b6c862b249a5fba1c7f22b11523b42f3d38939f695e12f64eca305218add92d65f +DIST docker-cli-25.0.4-man.tar.xz 78952 BLAKE2B 91315d341c9a6eb42e039dee3ab0b683a2abb2bb3ce44d64fe7b662f03966bfd29ee16a8700368b88a2052df79b5863648df95cf1ddd1ffe9cfe6fb076db8ed8 SHA512 d7d942ee7b979056e0008261d83945be69e837c055b2392b9aa41850b8b003d304df66b06c83d3ff0f4d24b4c7135a370502623e844973768ffb699aab195f19 +DIST docker-cli-25.0.4.tar.gz 6862436 BLAKE2B 6045e7080ca87971904e5a50057f420bc1e6ce9cc3038d5110ae067da259375eff17834e250d61c011aebc117034b892063fab2d131b5b8a9e5168602dc7fe83 SHA512 214984791ab67ca3da4bd5308d73a16218a0210da367d380bbe2a3f56eae131e252080aa2ebc3343df642007c9d91de6c0e0200122be9833866e58c87549db0d +DIST docker-cli-26.1.0-man.tar.xz 79004 BLAKE2B 36dcf969c6567680990420d6d177101bf457f7fc1c24dff195ce8b478268335419fba5ff51a7b77bb8c0a6e0e6077d83ddb50f2ecf08bf069be89fc4849afd6e SHA512 36297ee3cbf096112ec41db2cd1d06796ddd27a57c4323e71a727e17d3930102710f643a77df9e68cd9b3294a6bb0fdf5565379e9fae7331e25afcd147b0084f +DIST docker-cli-26.1.0.tar.gz 7213165 BLAKE2B 302236467f2b6f3f46b0f0c75e89c2cef0cd251d36e12f78a67c906cfb85b842b998fd3b07f4a2dfc0a04825a9b105d90f11d176055ded397f2d4e9145639d5d SHA512 1a1e9af1a836765ffa91f7f2e1b27911e2b6b373c308a7db332a7cd1825459ab1c04a93d03c9947b631bead0af21d9f03e06c3a60855cc56ca7039e50e38ba87 diff --git a/app-containers/docker-cli/docker-cli-24.0.5.ebuild b/app-containers/docker-cli/docker-cli-24.0.5.ebuild new file mode 100644 index 000000000000..4e1f622ad7af --- /dev/null +++ b/app-containers/docker-cli/docker-cli-24.0.5.ebuild @@ -0,0 +1,70 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +GIT_COMMIT=ced0996600 +EGO_PN="github.com/docker/cli" +MY_PV=${PV/_/-} +inherit bash-completion-r1 golang-vcs-snapshot + +DESCRIPTION="the command line binary for docker" +HOMEPAGE="https://www.docker.com/" +SRC_URI="https://github.com/docker/cli/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-man.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="amd64 ~arm arm64 ~loong ppc64 ~riscv ~x86" +IUSE="hardened selinux" + +RDEPEND="!<app-containers/docker-20.10.1 + selinux? ( sec-policy/selinux-docker )" +BDEPEND=" + >=dev-lang/go-1.16.6" + +RESTRICT="installsources strip test" + +S="${WORKDIR}/${P}/src/${EGO_PN}" + +src_unpack() { + golang-vcs-snapshot_src_unpack + set -- ${A} + unpack ${2} +} + +src_prepare() { + default + sed -i 's@dockerd\?\.exe@@g' contrib/completion/bash/docker || die +} + +src_compile() { + export DISABLE_WARN_OUTSIDE_CONTAINER=1 + export GOPATH="${WORKDIR}/${P}" + # setup CFLAGS and LDFLAGS for separate build target + # see https://github.com/tianon/docker-overlay/pull/10 + export CGO_CFLAGS="-I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)" + emake \ + LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" \ + VERSION="${PV}" \ + GITCOMMIT="${GIT_COMMIT}" \ + dynbinary +} + +src_install() { + dobin build/docker + doman "${WORKDIR}"/man/man?/* + dobashcomp contrib/completion/bash/* + bashcomp_alias docker dockerd + insinto /usr/share/fish/vendor_completions.d/ + doins contrib/completion/fish/docker.fish + insinto /usr/share/zsh/site-functions + doins contrib/completion/zsh/_* +} + +pkg_postinst() { + has_version "app-containers/docker-buildx" && return + ewarn "the 'docker build' command is deprecated and will be removed in a" + ewarn "future release. If you need this functionality, install" + ewarn "app-containers/docker-buildx." +} diff --git a/app-containers/docker-cli/docker-cli-24.0.6.ebuild b/app-containers/docker-cli/docker-cli-24.0.6.ebuild new file mode 100644 index 000000000000..bb48e683d96b --- /dev/null +++ b/app-containers/docker-cli/docker-cli-24.0.6.ebuild @@ -0,0 +1,70 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +GIT_COMMIT=ed223bc820 +EGO_PN="github.com/docker/cli" +MY_PV=${PV/_/-} +inherit bash-completion-r1 golang-vcs-snapshot + +DESCRIPTION="the command line binary for docker" +HOMEPAGE="https://www.docker.com/" +SRC_URI="https://github.com/docker/cli/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-man.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86" +IUSE="hardened selinux" + +RDEPEND="!<app-containers/docker-20.10.1 + selinux? ( sec-policy/selinux-docker )" +BDEPEND=" + >=dev-lang/go-1.16.6" + +RESTRICT="installsources strip test" + +S="${WORKDIR}/${P}/src/${EGO_PN}" + +src_unpack() { + golang-vcs-snapshot_src_unpack + set -- ${A} + unpack ${2} +} + +src_prepare() { + default + sed -i 's@dockerd\?\.exe@@g' contrib/completion/bash/docker || die +} + +src_compile() { + export DISABLE_WARN_OUTSIDE_CONTAINER=1 + export GOPATH="${WORKDIR}/${P}" + # setup CFLAGS and LDFLAGS for separate build target + # see https://github.com/tianon/docker-overlay/pull/10 + export CGO_CFLAGS="-I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)" + emake \ + LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" \ + VERSION="${PV}" \ + GITCOMMIT="${GIT_COMMIT}" \ + dynbinary +} + +src_install() { + dobin build/docker + doman "${WORKDIR}"/man/man?/* + dobashcomp contrib/completion/bash/* + bashcomp_alias docker dockerd + insinto /usr/share/fish/vendor_completions.d/ + doins contrib/completion/fish/docker.fish + insinto /usr/share/zsh/site-functions + doins contrib/completion/zsh/_* +} + +pkg_postinst() { + has_version "app-containers/docker-buildx" && return + ewarn "the 'docker build' command is deprecated and will be removed in a" + ewarn "future release. If you need this functionality, install" + ewarn "app-containers/docker-buildx." +} diff --git a/app-containers/docker-cli/docker-cli-24.0.7.ebuild b/app-containers/docker-cli/docker-cli-24.0.7.ebuild new file mode 100644 index 000000000000..67adf9a5f12d --- /dev/null +++ b/app-containers/docker-cli/docker-cli-24.0.7.ebuild @@ -0,0 +1,70 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +GIT_COMMIT=afdd53b4e3 +EGO_PN="github.com/docker/cli" +MY_PV=${PV/_/-} +inherit bash-completion-r1 golang-vcs-snapshot + +DESCRIPTION="the command line binary for docker" +HOMEPAGE="https://www.docker.com/" +SRC_URI="https://github.com/docker/cli/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-man.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86" +IUSE="hardened selinux" + +RDEPEND="!<app-containers/docker-20.10.1 + selinux? ( sec-policy/selinux-docker )" +BDEPEND=" + >=dev-lang/go-1.16.6" + +RESTRICT="installsources strip test" + +S="${WORKDIR}/${P}/src/${EGO_PN}" + +src_unpack() { + golang-vcs-snapshot_src_unpack + set -- ${A} + unpack ${2} +} + +src_prepare() { + default + sed -i 's@dockerd\?\.exe@@g' contrib/completion/bash/docker || die +} + +src_compile() { + export DISABLE_WARN_OUTSIDE_CONTAINER=1 + export GOPATH="${WORKDIR}/${P}" + # setup CFLAGS and LDFLAGS for separate build target + # see https://github.com/tianon/docker-overlay/pull/10 + export CGO_CFLAGS="-I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)" + emake \ + LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" \ + VERSION="${PV}" \ + GITCOMMIT="${GIT_COMMIT}" \ + dynbinary +} + +src_install() { + dobin build/docker + doman "${WORKDIR}"/man/man?/* + dobashcomp contrib/completion/bash/* + bashcomp_alias docker dockerd + insinto /usr/share/fish/vendor_completions.d/ + doins contrib/completion/fish/docker.fish + insinto /usr/share/zsh/site-functions + doins contrib/completion/zsh/_* +} + +pkg_postinst() { + has_version "app-containers/docker-buildx" && return + ewarn "the 'docker build' command is deprecated and will be removed in a" + ewarn "future release. If you need this functionality, install" + ewarn "app-containers/docker-buildx." +} diff --git a/app-containers/docker-cli/docker-cli-25.0.1.ebuild b/app-containers/docker-cli/docker-cli-25.0.1.ebuild new file mode 100644 index 000000000000..54c637076191 --- /dev/null +++ b/app-containers/docker-cli/docker-cli-25.0.1.ebuild @@ -0,0 +1,70 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +GIT_COMMIT=29cf629222 +EGO_PN="github.com/docker/cli" +MY_PV=${PV/_/-} +inherit bash-completion-r1 golang-vcs-snapshot + +DESCRIPTION="the command line binary for docker" +HOMEPAGE="https://www.docker.com/" +SRC_URI="https://github.com/docker/cli/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-man.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86" +IUSE="hardened selinux" + +RDEPEND="!<app-containers/docker-20.10.1 + selinux? ( sec-policy/selinux-docker )" +BDEPEND=" + >=dev-lang/go-1.16.6" + +RESTRICT="installsources strip test" + +S="${WORKDIR}/${P}/src/${EGO_PN}" + +src_unpack() { + golang-vcs-snapshot_src_unpack + set -- ${A} + unpack ${2} +} + +src_prepare() { + default + sed -i 's@dockerd\?\.exe@@g' contrib/completion/bash/docker || die +} + +src_compile() { + export DISABLE_WARN_OUTSIDE_CONTAINER=1 + export GOPATH="${WORKDIR}/${P}" + # setup CFLAGS and LDFLAGS for separate build target + # see https://github.com/tianon/docker-overlay/pull/10 + export CGO_CFLAGS="-I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)" + emake \ + LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" \ + VERSION="${PV}" \ + GITCOMMIT="${GIT_COMMIT}" \ + dynbinary +} + +src_install() { + dobin build/docker + doman "${WORKDIR}"/man/man?/* + dobashcomp contrib/completion/bash/* + bashcomp_alias docker dockerd + insinto /usr/share/fish/vendor_completions.d/ + doins contrib/completion/fish/docker.fish + insinto /usr/share/zsh/site-functions + doins contrib/completion/zsh/_* +} + +pkg_postinst() { + has_version "app-containers/docker-buildx" && return + ewarn "the 'docker build' command is deprecated and will be removed in a" + ewarn "future release. If you need this functionality, install" + ewarn "app-containers/docker-buildx." +} diff --git a/app-containers/docker-cli/docker-cli-25.0.4.ebuild b/app-containers/docker-cli/docker-cli-25.0.4.ebuild new file mode 100644 index 000000000000..97d5f7e61767 --- /dev/null +++ b/app-containers/docker-cli/docker-cli-25.0.4.ebuild @@ -0,0 +1,70 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +GIT_COMMIT=1a576c50a9 +EGO_PN="github.com/docker/cli" +MY_PV=${PV/_/-} +inherit bash-completion-r1 golang-vcs-snapshot + +DESCRIPTION="the command line binary for docker" +HOMEPAGE="https://www.docker.com/" +SRC_URI="https://github.com/docker/cli/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-man.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86" +IUSE="hardened selinux" + +RDEPEND="!<app-containers/docker-20.10.1 + selinux? ( sec-policy/selinux-docker )" +BDEPEND=" + >=dev-lang/go-1.16.6" + +RESTRICT="installsources strip test" + +S="${WORKDIR}/${P}/src/${EGO_PN}" + +src_unpack() { + golang-vcs-snapshot_src_unpack + set -- ${A} + unpack ${2} +} + +src_prepare() { + default + sed -i 's@dockerd\?\.exe@@g' contrib/completion/bash/docker || die +} + +src_compile() { + export DISABLE_WARN_OUTSIDE_CONTAINER=1 + export GOPATH="${WORKDIR}/${P}" + # setup CFLAGS and LDFLAGS for separate build target + # see https://github.com/tianon/docker-overlay/pull/10 + export CGO_CFLAGS="-I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)" + emake \ + LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" \ + VERSION="${PV}" \ + GITCOMMIT="${GIT_COMMIT}" \ + dynbinary +} + +src_install() { + dobin build/docker + doman "${WORKDIR}"/man/man?/* + dobashcomp contrib/completion/bash/* + bashcomp_alias docker dockerd + insinto /usr/share/fish/vendor_completions.d/ + doins contrib/completion/fish/docker.fish + insinto /usr/share/zsh/site-functions + doins contrib/completion/zsh/_* +} + +pkg_postinst() { + has_version "app-containers/docker-buildx" && return + ewarn "the 'docker build' command is deprecated and will be removed in a" + ewarn "future release. If you need this functionality, install" + ewarn "app-containers/docker-buildx." +} diff --git a/app-containers/docker-cli/docker-cli-26.1.0.ebuild b/app-containers/docker-cli/docker-cli-26.1.0.ebuild new file mode 100644 index 000000000000..964ba9056825 --- /dev/null +++ b/app-containers/docker-cli/docker-cli-26.1.0.ebuild @@ -0,0 +1,72 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +GIT_COMMIT=9714adc6c797755f63053726c56bc1c17c0c9204 + +EGO_PN="github.com/docker/cli" +MY_PV=${PV/_/-} +inherit bash-completion-r1 golang-vcs-snapshot + +DESCRIPTION="the command line binary for docker" +HOMEPAGE="https://www.docker.com/" +SRC_URI="https://github.com/docker/cli/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-man.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86" +IUSE="hardened selinux" + +RDEPEND="!<app-containers/docker-20.10.1 + selinux? ( sec-policy/selinux-docker )" +BDEPEND=" + >=dev-lang/go-1.16.6" + +RESTRICT="installsources strip test" + +S="${WORKDIR}/${P}/src/${EGO_PN}" + +src_unpack() { + golang-vcs-snapshot_src_unpack + set -- ${A} + unpack ${2} +} + +src_prepare() { + default + sed -i 's@dockerd\?\.exe@@g' contrib/completion/bash/docker || die +} + +src_compile() { + export DISABLE_WARN_OUTSIDE_CONTAINER=1 + export GOPATH="${WORKDIR}/${P}" + # setup CFLAGS and LDFLAGS for separate build target + # see https://github.com/tianon/docker-overlay/pull/10 + export CGO_CFLAGS="-I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)" + emake \ + LDFLAGS="$(usex hardened '-extldflags -fno-PIC' '')" \ + VERSION="${PV}" \ + GITCOMMIT="${GIT_COMMIT}" \ + dynbinary +} + +src_install() { + dobin build/docker + doman "${WORKDIR}"/man/man?/* + dobashcomp contrib/completion/bash/* + bashcomp_alias docker dockerd + insinto /usr/share/fish/vendor_completions.d/ + doins contrib/completion/fish/docker.fish + insinto /usr/share/zsh/site-functions + doins contrib/completion/zsh/_* +} + +pkg_postinst() { + has_version "app-containers/docker-buildx" && return + ewarn "the 'docker build' command is deprecated and will be removed in a" + ewarn "future release. If you need this functionality, install" + ewarn "app-containers/docker-buildx." +} diff --git a/app-containers/docker-cli/metadata.xml b/app-containers/docker-cli/metadata.xml new file mode 100644 index 000000000000..3e133bab705a --- /dev/null +++ b/app-containers/docker-cli/metadata.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> + <upstream> + <remote-id type="github">docker/cli</remote-id> + <remote-id type="cpe">cpe:/a:docker:command_line_interface</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/docker-compose/Manifest b/app-containers/docker-compose/Manifest new file mode 100644 index 000000000000..acdcd8a78aa7 --- /dev/null +++ b/app-containers/docker-compose/Manifest @@ -0,0 +1,11 @@ +DIST docker-compose-1.29.2.gh.tar.gz 320320 BLAKE2B 2d1a6375127fa09661822f7148665161b45bbd234c93444ae31c1d926513fcbc9fb845f8af01d8f11788f24b7517bff5f6cea2a5da9ade897891f2dd728f26bd SHA512 09f2ae2ae7a17ab5fb3e22580f7a80f1a8253f7ad9fc8f29aca432911bcde46ed22030ff3073cdd7eff3d55aaba17f56e628a178ec05c3a9b4f28495d6045111 +DIST docker-compose-2.17.2-deps.tar.xz 194695756 BLAKE2B 2a0ce1c41d09186f36ea4a935977a35edd80d013b6face813ac9622345ffa1ed8e090537ad990c4ee488ecccfe0575f92bb17f8baa0b8dc2104f75d18fac3877 SHA512 4649405eb0e49641265e514ef89cdae47806958611014ab9a9479848e857d85a5c3352ab44ff9ec39af1ca6fab67b6a2ae6c457d44690c1c1bcc3824aeb6fc07 +DIST docker-compose-2.17.2.gh.tar.gz 310664 BLAKE2B bb36afe02b85dd4f64e6eefdb542cc954e03c11f5f3b39bcd5d84b8b4ea87218e222a89a9f20aa2b6e89afc6edd0e7ef68ccc98cbe4e26be5fe2a07f189ea07e SHA512 e0afb5ac5867f3fbe4c3216710f6f529832310e69cc8943f47d6e67fbbcc7c7541a589f6b42eed54c0415c10851dd635c0b73c4ca31dd0969c6bf68de2b40b8b +DIST docker-compose-2.20.3-deps.tar.xz 182138348 BLAKE2B db61f405421b609ef68a667909441938b79b9f565bbace1c5dcdc5c8fc26ea60a8f00dbcbe03b1f0d7c7f0e3f2c0f900f9cfc9b0d4cf98527082ce3800811ba5 SHA512 84b898d298cbcea06bffe88139321aebc6a0be2f58478d0c255e48d9a1e3e12b1ee17104adf53911a4233fc8ec3bb51a75b2d1380cd34c65e3bdb8dba3892ed8 +DIST docker-compose-2.20.3.gh.tar.gz 336432 BLAKE2B c4c5c26e722b081363d0c28cb49483393ad3c8abdfddab6f3054997bd3389c4db92aa6698f205b990d976759f14143706a949db9ee69dc20953e1270525d3eb9 SHA512 d533318bbe550568a2c5bd43c6fa6d1d9b3887f09b6d75f278687dc28d23c4863c618599a816b7789a19182acaf869b6785c4bfc3a9b26d6329f1ac97b8059cf +DIST docker-compose-2.23.0-deps.tar.xz 163606408 BLAKE2B 56c60b81d7efd273309b71359f6286a546054db7d56851ba2a6b48c201e32c32fc596ec9e2f31f33988a45190f19a871fd28d3c639a35d1489511a7dda39984c SHA512 a1ed81259df7d84cb5fcb377ac7cd8d8f4b1b56b9c5006c1aa257d6f7834efc1fa69dfc6b50d4813dc89439d308573271d7c5c4115761d13083164080fae49b8 +DIST docker-compose-2.23.0.gh.tar.gz 343649 BLAKE2B 687f4aed8a4fa4edfb92b36a21210fec29d95fc441d5aee93f47b3f42b883f84b929fc72e0243e7816292ff51354aaa543069628de1a369d7f9832d64a0a1e73 SHA512 c6bb3041f8bc23ecf9932fdc1d0c88283848026083b1854770506fee7f1dbec2f605e6eaf159705ab8ed3f1b9669b8474addac61564b37aff84ea994abb88f4e +DIST docker-compose-2.24.0-deps.tar.xz 165907064 BLAKE2B 22b760393edc5a17bee52c6ccd5f227e724aaee32eb92113898e2f01727ff8913f98e2dba2f1f43277feffa9332888d64ef24b7fb9eb0f90f5038d711271b66a SHA512 2446cd56c69cc8cf1908ef2fd76e969bbd9a743f0b75d25e6c99304a203951a3196d8b8a9a4052560fb4923d20be8023452f051c3c3215e38007a7c6173489c9 +DIST docker-compose-2.24.0.gh.tar.gz 344571 BLAKE2B 4d79bf83b0584b8ed56c6f573798f8ed6fe264ffbfc870e9fbe6b79ba4c61248a6e139ebbbd0cd80b9ad607b5c71901ebb19b04e7b6c3e4cbbe8806d0a174eed SHA512 78e5d6ad6f00c4c4a5878b8231ab538bdc9a1d1df17fe1b5aca7bb3a4358897bd6742f8075c54fc00de8bccf5e9f6529acceb57ae221c0794b6c5b0e655b8771 +DIST docker-compose-2.26.1-deps.tar.xz 66292916 BLAKE2B 011026d25674981860ecdf37d598d1caa53394044c06dc335a8579d6f39d295d6f8304cada20b3f7f1691c680f32b998a4421ca4ac863d7eee186ad81c6cddfa SHA512 9834df136fd013e36481c1c88b63b945abff6d1183091a70affbea99e2d96681edcf6ec8cf0c95ec35d9ea9236ff4f9f8f2995ca80d069646edcc92555792f4f +DIST docker-compose-2.26.1.gh.tar.gz 361194 BLAKE2B 464afc0f4d41165b97c1c35f2fcf57916ea8e7da367b43c7efb0d863416ae3b13a243f56dd2261eec0f3c7465999ce5505bb62a2bc61c1e80998c2bacec905c5 SHA512 4a97326c6ed974400aca91a64e93ef0e1fa6b52f988f636b8bbcb43e14442c6702e2d42afda3e491a9da18176448f342ebae7212bf59617372295d831beb8aba diff --git a/app-containers/docker-compose/docker-compose-1.29.2-r3.ebuild b/app-containers/docker-compose/docker-compose-1.29.2-r3.ebuild new file mode 100644 index 000000000000..ee0767eba707 --- /dev/null +++ b/app-containers/docker-compose/docker-compose-1.29.2-r3.ebuild @@ -0,0 +1,73 @@ +# Copyright 2018-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{9..11} ) + +inherit bash-completion-r1 distutils-r1 + +MY_PV=${PV/_/-} +DESCRIPTION="Multi-container orchestration for Docker" +HOMEPAGE="https://github.com/docker/compose" +SRC_URI="https://github.com/docker/compose/archive/${MY_PV}.tar.gz -> ${P}.gh.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="amd64 arm64" + +RDEPEND=" + >=dev-python/distro-1.5.0[${PYTHON_USEDEP}] + <dev-python/docker-7[${PYTHON_USEDEP}] + >=dev-python/dockerpty-0.4.1[${PYTHON_USEDEP}] + >=dev-python/docopt-0.6.1[${PYTHON_USEDEP}] + >=dev-python/python-dotenv-0.13.0[${PYTHON_USEDEP}] + >=dev-python/jsonschema-2.5.1[${PYTHON_USEDEP}] + dev-python/paramiko[${PYTHON_USEDEP}] + >=dev-python/PySocks-1.6.0[${PYTHON_USEDEP}] + >=dev-python/pyyaml-3.10[${PYTHON_USEDEP}] + >=dev-python/requests-2.20.0[${PYTHON_USEDEP}] + >=dev-python/six-1.3.0[${PYTHON_USEDEP}] + >=dev-python/texttable-0.9.0[${PYTHON_USEDEP}] + >=dev-python/websocket-client-0.32.0[${PYTHON_USEDEP}]" + +DEPEND="${RDEPEND} + test? ( + >=dev-python/pytest-5[${PYTHON_USEDEP}] + >=dev-python/ddt-1.2.2[${PYTHON_USEDEP}] + dev-python/py[${PYTHON_USEDEP}] + )" + +S="${WORKDIR}/compose-${MY_PV}" + +distutils_enable_tests pytest + +PATCHES=( + # Bug #679968 -- https://bugs.gentoo.org/679968 + # Bug #681002 -- https://bugs.gentoo.org/681002 + "${FILESDIR}"/${PN}-1.29.0-setup-py.patch + "${FILESDIR}"/${P}-tests-unit-cli-test-py.patch +) + +DOCS=( CHANGELOG.md README.md ) + +src_prepare() { + # Address QA issue "docker-compose.exe: missing alias (symlink) for completed command." + sed 's,^\(complete.*\) docker-compose\.exe\(.*\),\1\2,' -i contrib/completion/bash/docker-compose || die + + default +} + +python_test() { + distutils_install_for_testing + epytest tests/unit/ +} + +python_install_all() { + newbashcomp contrib/completion/bash/docker-compose ${PN} + + insinto /usr/share/zsh/site-functions + doins contrib/completion/zsh/* + + distutils-r1_python_install_all +} diff --git a/app-containers/docker-compose/docker-compose-1.29.2-r5.ebuild b/app-containers/docker-compose/docker-compose-1.29.2-r5.ebuild new file mode 100644 index 000000000000..65f0ca25d5a4 --- /dev/null +++ b/app-containers/docker-compose/docker-compose-1.29.2-r5.ebuild @@ -0,0 +1,73 @@ +# Copyright 2018-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DISTUTILS_USE_PEP517=setuptools +PYTHON_COMPAT=( python3_{9..11} ) + +inherit bash-completion-r1 distutils-r1 + +MY_PV=${PV/_/-} +DESCRIPTION="Multi-container orchestration for Docker" +HOMEPAGE="https://github.com/docker/compose" +SRC_URI="https://github.com/docker/compose/archive/${MY_PV}.tar.gz -> ${P}.gh.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm64" + +RDEPEND=" + >=dev-python/distro-1.5.0[${PYTHON_USEDEP}] + <dev-python/docker-7[${PYTHON_USEDEP}] + >=dev-python/dockerpty-0.4.1[${PYTHON_USEDEP}] + >=dev-python/docopt-0.6.1[${PYTHON_USEDEP}] + >=dev-python/python-dotenv-0.13.0[${PYTHON_USEDEP}] + >=dev-python/jsonschema-2.5.1[${PYTHON_USEDEP}] + dev-python/paramiko[${PYTHON_USEDEP}] + >=dev-python/PySocks-1.6.0[${PYTHON_USEDEP}] + >=dev-python/pyyaml-3.10[${PYTHON_USEDEP}] + >=dev-python/requests-2.20.0[${PYTHON_USEDEP}] + >=dev-python/six-1.3.0[${PYTHON_USEDEP}] + >=dev-python/texttable-0.9.0[${PYTHON_USEDEP}] + >=dev-python/websocket-client-0.32.0[${PYTHON_USEDEP}]" + +DEPEND="${RDEPEND} + test? ( + >=dev-python/pytest-5[${PYTHON_USEDEP}] + >=dev-python/ddt-1.2.2[${PYTHON_USEDEP}] + dev-python/py[${PYTHON_USEDEP}] + )" + +S="${WORKDIR}/compose-${MY_PV}" + +distutils_enable_tests pytest + +PATCHES=( + # Bug #679968 -- https://bugs.gentoo.org/679968 + # Bug #681002 -- https://bugs.gentoo.org/681002 + "${FILESDIR}"/${PN}-1.29.0-setup-py.patch + "${FILESDIR}"/${P}-tests-unit-cli-test-py.patch +) + +DOCS=( CHANGELOG.md README.md ) + +src_prepare() { + # Address QA issue "docker-compose.exe: missing alias (symlink) for completed command." + sed 's,^\(complete.*\) docker-compose\.exe\(.*\),\1\2,' -i contrib/completion/bash/docker-compose || die + + default +} + +python_test() { + epytest tests/unit/ +} + +python_install_all() { + newbashcomp contrib/completion/bash/docker-compose ${PN} + + insinto /usr/share/zsh/site-functions + doins contrib/completion/zsh/* + + distutils-r1_python_install_all +} diff --git a/app-containers/docker-compose/docker-compose-1.29.2-r6.ebuild b/app-containers/docker-compose/docker-compose-1.29.2-r6.ebuild new file mode 100644 index 000000000000..cb09144e9979 --- /dev/null +++ b/app-containers/docker-compose/docker-compose-1.29.2-r6.ebuild @@ -0,0 +1,80 @@ +# Copyright 2018-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DISTUTILS_USE_PEP517=setuptools +PYTHON_COMPAT=( python3_{9..11} ) + +inherit bash-completion-r1 distutils-r1 + +MY_PV=${PV/_/-} +DESCRIPTION="Multi-container orchestration for Docker" +HOMEPAGE="https://github.com/docker/compose" +SRC_URI="https://github.com/docker/compose/archive/${MY_PV}.tar.gz -> ${P}.gh.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="amd64 arm64" + +RDEPEND=" + >=dev-python/distro-1.5.0[${PYTHON_USEDEP}] + >=dev-python/docker-7[${PYTHON_USEDEP}] + >=dev-python/dockerpty-0.4.1[${PYTHON_USEDEP}] + >=dev-python/docopt-0.6.1[${PYTHON_USEDEP}] + >=dev-python/python-dotenv-0.13.0[${PYTHON_USEDEP}] + >=dev-python/jsonschema-2.5.1[${PYTHON_USEDEP}] + dev-python/paramiko[${PYTHON_USEDEP}] + >=dev-python/PySocks-1.6.0[${PYTHON_USEDEP}] + >=dev-python/pyyaml-3.10[${PYTHON_USEDEP}] + >=dev-python/requests-2.20.0[${PYTHON_USEDEP}] + >=dev-python/six-1.3.0[${PYTHON_USEDEP}] + >=dev-python/texttable-0.9.0[${PYTHON_USEDEP}] + >=dev-python/websocket-client-0.32.0[${PYTHON_USEDEP}]" + +DEPEND="${RDEPEND} + test? ( + >=dev-python/pytest-5[${PYTHON_USEDEP}] + >=dev-python/ddt-1.2.2[${PYTHON_USEDEP}] + dev-python/py[${PYTHON_USEDEP}] + )" + +S="${WORKDIR}/compose-${MY_PV}" + +EPYTEST_DESELECT=( + # These are not ready for >=dev-python/docker-7 + tests/unit/cli/docker_client_test.py::TLSConfigTestCase:: +) + +distutils_enable_tests pytest + +PATCHES=( + # Bug #679968 -- https://bugs.gentoo.org/679968 + # Bug #681002 -- https://bugs.gentoo.org/681002 + "${FILESDIR}"/${PN}-1.29.0-setup-py.patch + "${FILESDIR}"/${P}-tests-unit-cli-test-py.patch + # Bug #920631 -- https://bugs.gentoo.org/920631 + "${FILESDIR}"/${P}-docker-7.patch +) + +DOCS=( CHANGELOG.md README.md ) + +src_prepare() { + # Address QA issue "docker-compose.exe: missing alias (symlink) for completed command." + sed 's,^\(complete.*\) docker-compose\.exe\(.*\),\1\2,' -i contrib/completion/bash/docker-compose || die + + default +} + +python_test() { + epytest tests/unit/ +} + +python_install_all() { + newbashcomp contrib/completion/bash/docker-compose ${PN} + + insinto /usr/share/zsh/site-functions + doins contrib/completion/zsh/* + + distutils-r1_python_install_all +} diff --git a/app-containers/docker-compose/docker-compose-2.17.2.ebuild b/app-containers/docker-compose/docker-compose-2.17.2.ebuild new file mode 100644 index 000000000000..5702db996b66 --- /dev/null +++ b/app-containers/docker-compose/docker-compose-2.17.2.ebuild @@ -0,0 +1,50 @@ +# Copyright 2018-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +MY_PV=${PV/_/-} + +DESCRIPTION="Multi-container orchestration for Docker" +HOMEPAGE="https://github.com/docker/compose" +SRC_URI="https://github.com/docker/compose/archive/v${MY_PV}.tar.gz -> ${P}.gh.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="2" +KEYWORDS="amd64 arm64" + +RDEPEND=">=app-containers/docker-cli-23.0.0" + +RESTRICT="test" +S="${WORKDIR}/compose-${MY_PV}" + +src_prepare() { + default + # do not strip + sed -i -e 's/-s -w//' Makefile || die +} + +src_compile() { + emake VERSION=v${PV} +} + +src_test() { + emake test +} + +src_install() { + exeinto /usr/libexec/docker/cli-plugins + doexe bin/build/docker-compose + dodoc README.md +} + +pkg_postinst() { + ewarn + ewarn "docker-compose 2.x is a sub command of docker" + ewarn "Use 'docker compose' from the command line instead of" + ewarn "'docker-compose'" + ewarn "If you need to keep 1.x around, please run the following" + ewarn "command before your next --depclean" + ewarn "# emerge --noreplace docker-compose:0" +} diff --git a/app-containers/docker-compose/docker-compose-2.20.3.ebuild b/app-containers/docker-compose/docker-compose-2.20.3.ebuild new file mode 100644 index 000000000000..5702db996b66 --- /dev/null +++ b/app-containers/docker-compose/docker-compose-2.20.3.ebuild @@ -0,0 +1,50 @@ +# Copyright 2018-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +MY_PV=${PV/_/-} + +DESCRIPTION="Multi-container orchestration for Docker" +HOMEPAGE="https://github.com/docker/compose" +SRC_URI="https://github.com/docker/compose/archive/v${MY_PV}.tar.gz -> ${P}.gh.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="2" +KEYWORDS="amd64 arm64" + +RDEPEND=">=app-containers/docker-cli-23.0.0" + +RESTRICT="test" +S="${WORKDIR}/compose-${MY_PV}" + +src_prepare() { + default + # do not strip + sed -i -e 's/-s -w//' Makefile || die +} + +src_compile() { + emake VERSION=v${PV} +} + +src_test() { + emake test +} + +src_install() { + exeinto /usr/libexec/docker/cli-plugins + doexe bin/build/docker-compose + dodoc README.md +} + +pkg_postinst() { + ewarn + ewarn "docker-compose 2.x is a sub command of docker" + ewarn "Use 'docker compose' from the command line instead of" + ewarn "'docker-compose'" + ewarn "If you need to keep 1.x around, please run the following" + ewarn "command before your next --depclean" + ewarn "# emerge --noreplace docker-compose:0" +} diff --git a/app-containers/docker-compose/docker-compose-2.23.0.ebuild b/app-containers/docker-compose/docker-compose-2.23.0.ebuild new file mode 100644 index 000000000000..f306d5212cc7 --- /dev/null +++ b/app-containers/docker-compose/docker-compose-2.23.0.ebuild @@ -0,0 +1,51 @@ +# Copyright 2018-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +MY_PV=${PV/_/-} + +DESCRIPTION="Multi-container orchestration for Docker" +HOMEPAGE="https://github.com/docker/compose" +SRC_URI="https://github.com/docker/compose/archive/v${MY_PV}.tar.gz -> ${P}.gh.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="2" +KEYWORDS="~amd64 ~arm64" + +BDEPEND=">=dev-lang/go-1.21" +RDEPEND=">=app-containers/docker-cli-23.0.0" + +RESTRICT="test" +S="${WORKDIR}/compose-${MY_PV}" + +src_prepare() { + default + # do not strip + sed -i -e 's/-s -w//' Makefile || die +} + +src_compile() { + emake VERSION=v${PV} +} + +src_test() { + emake test +} + +src_install() { + exeinto /usr/libexec/docker/cli-plugins + doexe bin/build/docker-compose + dodoc README.md +} + +pkg_postinst() { + ewarn + ewarn "docker-compose 2.x is a sub command of docker" + ewarn "Use 'docker compose' from the command line instead of" + ewarn "'docker-compose'" + ewarn "If you need to keep 1.x around, please run the following" + ewarn "command before your next --depclean" + ewarn "# emerge --noreplace docker-compose:0" +} diff --git a/app-containers/docker-compose/docker-compose-2.24.0.ebuild b/app-containers/docker-compose/docker-compose-2.24.0.ebuild new file mode 100644 index 000000000000..f306d5212cc7 --- /dev/null +++ b/app-containers/docker-compose/docker-compose-2.24.0.ebuild @@ -0,0 +1,51 @@ +# Copyright 2018-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +MY_PV=${PV/_/-} + +DESCRIPTION="Multi-container orchestration for Docker" +HOMEPAGE="https://github.com/docker/compose" +SRC_URI="https://github.com/docker/compose/archive/v${MY_PV}.tar.gz -> ${P}.gh.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="2" +KEYWORDS="~amd64 ~arm64" + +BDEPEND=">=dev-lang/go-1.21" +RDEPEND=">=app-containers/docker-cli-23.0.0" + +RESTRICT="test" +S="${WORKDIR}/compose-${MY_PV}" + +src_prepare() { + default + # do not strip + sed -i -e 's/-s -w//' Makefile || die +} + +src_compile() { + emake VERSION=v${PV} +} + +src_test() { + emake test +} + +src_install() { + exeinto /usr/libexec/docker/cli-plugins + doexe bin/build/docker-compose + dodoc README.md +} + +pkg_postinst() { + ewarn + ewarn "docker-compose 2.x is a sub command of docker" + ewarn "Use 'docker compose' from the command line instead of" + ewarn "'docker-compose'" + ewarn "If you need to keep 1.x around, please run the following" + ewarn "command before your next --depclean" + ewarn "# emerge --noreplace docker-compose:0" +} diff --git a/app-containers/docker-compose/docker-compose-2.26.1.ebuild b/app-containers/docker-compose/docker-compose-2.26.1.ebuild new file mode 100644 index 000000000000..f306d5212cc7 --- /dev/null +++ b/app-containers/docker-compose/docker-compose-2.26.1.ebuild @@ -0,0 +1,51 @@ +# Copyright 2018-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +MY_PV=${PV/_/-} + +DESCRIPTION="Multi-container orchestration for Docker" +HOMEPAGE="https://github.com/docker/compose" +SRC_URI="https://github.com/docker/compose/archive/v${MY_PV}.tar.gz -> ${P}.gh.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="2" +KEYWORDS="~amd64 ~arm64" + +BDEPEND=">=dev-lang/go-1.21" +RDEPEND=">=app-containers/docker-cli-23.0.0" + +RESTRICT="test" +S="${WORKDIR}/compose-${MY_PV}" + +src_prepare() { + default + # do not strip + sed -i -e 's/-s -w//' Makefile || die +} + +src_compile() { + emake VERSION=v${PV} +} + +src_test() { + emake test +} + +src_install() { + exeinto /usr/libexec/docker/cli-plugins + doexe bin/build/docker-compose + dodoc README.md +} + +pkg_postinst() { + ewarn + ewarn "docker-compose 2.x is a sub command of docker" + ewarn "Use 'docker compose' from the command line instead of" + ewarn "'docker-compose'" + ewarn "If you need to keep 1.x around, please run the following" + ewarn "command before your next --depclean" + ewarn "# emerge --noreplace docker-compose:0" +} diff --git a/app-containers/docker-compose/files/docker-compose-1.29.0-setup-py.patch b/app-containers/docker-compose/files/docker-compose-1.29.0-setup-py.patch new file mode 100644 index 000000000000..5b42159a1342 --- /dev/null +++ b/app-containers/docker-compose/files/docker-compose-1.29.0-setup-py.patch @@ -0,0 +1,66 @@ +From 6829b2c1885b3a0ff758751db2c936ef384d00f9 Mon Sep 17 00:00:00 2001 +From: Sebastian Pipping <sebastian@pipping.org> +Date: Wed, 7 Apr 2021 00:46:38 +0200 +Subject: [PATCH] setup.py: Drop generic upper version boundaries + +--- + setup.py | 32 ++++++++++++++++---------------- + 1 file changed, 16 insertions(+), 16 deletions(-) + +diff --git a/setup.py b/setup.py +index aaf33f7..74be464 100644 +--- a/setup.py ++++ b/setup.py +@@ -25,33 +25,33 @@ def find_version(*file_paths): + + + install_requires = [ +- 'docopt >= 0.6.1, < 1', +- 'PyYAML >= 3.10, < 6', +- 'requests >= 2.20.0, < 3', +- 'texttable >= 0.9.0, < 2', +- 'websocket-client >= 0.32.0, < 1', +- 'distro >= 1.5.0, < 2', ++ 'docopt >= 0.6.1', ++ 'PyYAML >= 3.10', ++ 'requests >= 2.20.0', ++ 'texttable >= 0.9.0', ++ 'websocket-client >= 0.32.0', ++ 'distro >= 1.5.0', + 'docker[ssh] >= 5', +- 'dockerpty >= 0.4.1, < 1', +- 'jsonschema >= 2.5.1, < 4', +- 'python-dotenv >= 0.13.0, < 1', ++ 'dockerpty >= 0.4.1', ++ 'jsonschema >= 2.5.1', ++ 'python-dotenv >= 0.13.0', + ] + + + tests_require = [ +- 'ddt >= 1.2.2, < 2', +- 'pytest < 6', ++ 'ddt >= 1.2.2', ++ 'pytest', + ] + + + if sys.version_info[:2] < (3, 4): +- tests_require.append('mock >= 1.0.1, < 4') ++ tests_require.append('mock >= 1.0.1') + + extras_require = { +- ':python_version < "3.5"': ['backports.ssl_match_hostname >= 3.5, < 4'], +- ':python_version < "3.8"': ['cached-property >= 1.2.0, < 2'], +- ':sys_platform == "win32"': ['colorama >= 0.4, < 1'], +- 'socks': ['PySocks >= 1.5.6, != 1.5.7, < 2'], ++ ':python_version < "3.5"': ['backports.ssl_match_hostname >= 3.5'], ++ ':python_version < "3.8"': ['cached-property >= 1.2.0'], ++ ':sys_platform == "win32"': ['colorama >= 0.4'], ++ 'socks': ['PySocks >= 1.5.6, != 1.5.7'], + 'tests': tests_require, + } + +-- +2.31.1 + diff --git a/app-containers/docker-compose/files/docker-compose-1.29.2-docker-7.patch b/app-containers/docker-compose/files/docker-compose-1.29.2-docker-7.patch new file mode 100644 index 000000000000..aafa7a7dddde --- /dev/null +++ b/app-containers/docker-compose/files/docker-compose-1.29.2-docker-7.patch @@ -0,0 +1,36 @@ +From 1e838052b7ccc2a5bb6b674154450a4411de9e15 Mon Sep 17 00:00:00 2001 +From: Sebastian Pipping <sebastian@pipping.org> +Date: Mon, 8 Jan 2024 21:28:27 +0100 +Subject: [PATCH] compose/cli/docker_client.py: Quickfix for + >=dev-python/docker-7 + +Symptom was: +> # docker-compose build +> Traceback (most recent call last): +> [..] +> File "[..]/python3.12/site-packages/compose/cli/docker_client.py", line 124, in docker_client +> kwargs = kwargs_from_env(environment=environment, ssl_version=tls_version) +> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +> TypeError: kwargs_from_env() got an unexpected keyword argument 'ssl_version' + +Related: https://stackoverflow.com/a/77638834/11626624 +--- + compose/cli/docker_client.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/compose/cli/docker_client.py b/compose/cli/docker_client.py +index e4a0fea..f550e20 100644 +--- a/compose/cli/docker_client.py ++++ b/compose/cli/docker_client.py +@@ -121,7 +121,7 @@ def docker_client(environment, version=None, context=None, tls_version=None): + according to the same logic as the official Docker client. + """ + try: +- kwargs = kwargs_from_env(environment=environment, ssl_version=tls_version) ++ kwargs = kwargs_from_env(environment=environment) + except TLSParameterError: + raise UserError( + "TLS configuration is invalid - make sure your DOCKER_TLS_VERIFY " +-- +2.43.0 + diff --git a/app-containers/docker-compose/files/docker-compose-1.29.2-tests-unit-cli-test-py.patch b/app-containers/docker-compose/files/docker-compose-1.29.2-tests-unit-cli-test-py.patch new file mode 100644 index 000000000000..0d6cf44c1887 --- /dev/null +++ b/app-containers/docker-compose/files/docker-compose-1.29.2-tests-unit-cli-test-py.patch @@ -0,0 +1,33 @@ +From 988f954a7e185c521e7c0f720684e8a53068b136 Mon Sep 17 00:00:00 2001 +From: Sebastian Pipping <sebastian@pipping.org> +Date: Thu, 15 Dec 2022 18:11:03 +0100 +Subject: [PATCH] tests/unit/cli_test.py: Fix access to + py._path.local.LocalPath + +.. for test CLITestCase.test_default_project_name: + +> class CLITestCase(unittest.TestCase): +> +> def test_default_project_name(self): +> test_dir = py._path.local.LocalPath('tests/fixtures/simple-composefile') +> [..] +--- + tests/unit/cli_test.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/unit/cli_test.py b/tests/unit/cli_test.py +index fa6e767..83ecef8 100644 +--- a/tests/unit/cli_test.py ++++ b/tests/unit/cli_test.py +@@ -4,7 +4,7 @@ import tempfile + from io import StringIO + + import docker +-import py ++import py._path.local + import pytest + from docker.constants import DEFAULT_DOCKER_API_VERSION + +-- +2.39.0 + diff --git a/app-containers/docker-compose/metadata.xml b/app-containers/docker-compose/metadata.xml new file mode 100644 index 000000000000..06f0c4e4e3e3 --- /dev/null +++ b/app-containers/docker-compose/metadata.xml @@ -0,0 +1,18 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer restrict=">=app-containers/docker-compose-2" type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + <description>Version 2.x.x (Golang)</description> + </maintainer> + <maintainer restrict="<app-containers/docker-compose-2" type="person"> + <email>sping@gentoo.org</email> + <name>Sebastian Pipping</name> + <description>Version 1.x.x (Python)</description> + </maintainer> + <upstream> + <remote-id type="pypi">docker-compose</remote-id> + <remote-id type="github">docker/compose</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/docker-credential-helpers/Manifest b/app-containers/docker-credential-helpers/Manifest new file mode 100644 index 000000000000..73b7729ba3f7 --- /dev/null +++ b/app-containers/docker-credential-helpers/Manifest @@ -0,0 +1 @@ +DIST docker-credential-helpers-0.6.3.tar.gz 28971 BLAKE2B b50e4de0f3b126e0118f24f845a94be5e932975ab54ad6e0a52129a56109ecafb021f14986569295242cb0af4ea109d8786b8a5ca8481cc48daad14671841432 SHA512 2d15be8df134bff08eef9461348f07cd57c70c15a0ab044de2e69296c400b8c0e16198c90fd064d5ce83037d0bad57520e7524b0832b7a00e69397203dc90d10 diff --git a/app-containers/docker-credential-helpers/docker-credential-helpers-0.6.3.ebuild b/app-containers/docker-credential-helpers/docker-credential-helpers-0.6.3.ebuild new file mode 100644 index 000000000000..e10a2730beea --- /dev/null +++ b/app-containers/docker-credential-helpers/docker-credential-helpers-0.6.3.ebuild @@ -0,0 +1,55 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +DESCRIPTION="Suite of programs to use native stores to keep Docker credentials safe" +HOMEPAGE="https://github.com/docker/docker-credential-helpers" +EGO_PN=github.com/docker/docker-credential-helpers + +LICENSE="MIT" +SLOT="0" + +if [[ ${PV} = *9999* ]]; then + inherit golang-vcs +else + KEYWORDS="amd64 arm64" + EGIT_COMMIT="v${PV}" + SRC_URI="https://${EGO_PN}/archive/${EGIT_COMMIT}.tar.gz -> ${P}.tar.gz" + inherit golang-vcs-snapshot +fi +inherit golang-build + +IUSE="keyring pass" +REQUIRED_USE="|| ( keyring pass )" +RESTRICT="test" + +DEPEND="keyring? ( app-crypt/libsecret )" +RDEPEND="${DEPEND} + pass? ( app-admin/pass ) +" + +S="${WORKDIR}/${P}/src/${EGO_PN}" + +src_compile() { + local -x GOPATH="${WORKDIR}/${P}" + use keyring && emake secretservice + use pass && emake pass +} + +src_install() { + dobin bin/* + dodoc CHANGELOG.md MAINTAINERS README.md +} + +pkg_postinst() { + if use keyring; then + elog "For keyring/kwallet add:\n" + elog ' "credStore": "secretservice"'"\n" + fi + if use pass; then + elog "For 'pass' add:\n" + elog ' "credStore": "pass"'"\n" + fi + elog "to your ~/.docker/config.json" +} diff --git a/app-containers/docker-credential-helpers/metadata.xml b/app-containers/docker-credential-helpers/metadata.xml new file mode 100644 index 000000000000..2f589c3c8517 --- /dev/null +++ b/app-containers/docker-credential-helpers/metadata.xml @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <longdescription> + A suite of programs to use native stores to keep Docker credentials + safe. Currently provides docker-credential-secretservice to use the + D-Bus secret service APIs, and docker-credential-pass to use the + pass framework. + </longdescription> + <maintainer type="person" proxied="yes"> + <email>rkitover@gmail.com</email> + <name>Rafael Kitover</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <use> + <flag name="pass"> + Build pass helper for the pass utility. + </flag> + </use> +</pkgmetadata> diff --git a/app-containers/docker-proxy/Manifest b/app-containers/docker-proxy/Manifest new file mode 100644 index 000000000000..1e6185c5ff97 --- /dev/null +++ b/app-containers/docker-proxy/Manifest @@ -0,0 +1 @@ +DIST docker-proxy-0.8.0_p20230118.tar.gz 3154267 BLAKE2B 307799d9dab73ed3ed3e537a247d70a65d9b4a51db69ae09518eb9daee949f78478ec104751d088717ca17171f604ff5c450198cc24e79cca266a1c7f61800ad SHA512 079eee720a4e755639e39fd8764f380549e715cbd6be0b46a102771a09f6cce5f085f7e568429c8c35a46f09948aea3e60de5ba2e32e22f0ee1fd9559c2d58f6 diff --git a/app-containers/docker-proxy/docker-proxy-0.8.0_p20230118.ebuild b/app-containers/docker-proxy/docker-proxy-0.8.0_p20230118.ebuild new file mode 100644 index 000000000000..a39b18d1aee2 --- /dev/null +++ b/app-containers/docker-proxy/docker-proxy-0.8.0_p20230118.ebuild @@ -0,0 +1,30 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +EGO_PN=github.com/moby/libnetwork +GIT_COMMIT=05b93e0d3a95952f70c113b0bc5bdb538d7afdd7 +inherit golang-vcs-snapshot + +DESCRIPTION="Docker container networking" +HOMEPAGE="https://github.com/docker/libnetwork" +SRC_URI="https://github.com/moby/libnetwork/archive/${GIT_COMMIT}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv ~x86" + +S=${WORKDIR}/${P}/src/${EGO_PN} + +# needs dockerd +RESTRICT="strip test" + +src_compile() { + GO111MODULE=auto GOPATH="${WORKDIR}/${P}" \ + go build -o "bin/docker-proxy" ./cmd/proxy || die +} + +src_install() { + dobin bin/docker-proxy + dodoc README.md CHANGELOG.md +} diff --git a/app-containers/docker-proxy/metadata.xml b/app-containers/docker-proxy/metadata.xml new file mode 100644 index 000000000000..cd1d22d48de8 --- /dev/null +++ b/app-containers/docker-proxy/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> + <upstream> + <remote-id type="github">docker/libnetwork</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/docker-registry/Manifest b/app-containers/docker-registry/Manifest new file mode 100644 index 000000000000..a5925694786d --- /dev/null +++ b/app-containers/docker-registry/Manifest @@ -0,0 +1,2 @@ +DIST docker-registry-2.8.1.tar.gz 2007611 BLAKE2B abf3e630652f195cf3ad4d07e6d9845000e79d340b0bb8046528bb62592df754c125fd38a92d1af27d068fcd51910f80f356d6a894cb1b97f28d7042af24b898 SHA512 b9c8525051458ff4bf4592ca3ddba83c4325e88c6812ddb28c1567e331c1571f112e3b646ca970f0fe420f3b1d61d00f7151450d7b9948a08733606255731266 +DIST docker-registry-2.8.2.tar.gz 2008415 BLAKE2B 824325f835b2c7cc18f711204b4a92d21f661129ee2b446e3fc42f0e064b8dde43f119bff29216625cfb5e25aec152225680148ae3fc157886acb1e248b6d3b5 SHA512 c2270c14e09399b10fa474a93855e542b82a7746764ec581a218826581e30b76d4d31ae8f91957b8e48a7c14c054b84091c73679e40dbdff1a5bd0de8b18af83 diff --git a/app-containers/docker-registry/docker-registry-2.8.1.ebuild b/app-containers/docker-registry/docker-registry-2.8.1.ebuild new file mode 100644 index 000000000000..773fa15bb205 --- /dev/null +++ b/app-containers/docker-registry/docker-registry-2.8.1.ebuild @@ -0,0 +1,55 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit golang-vcs-snapshot systemd + +EGIT_COMMIT="b5ca020cfbe998e5af3457fda087444cf5116496" +EGO_PN="github.com/docker/distribution" + +DESCRIPTION="Docker Registry 2.0" +HOMEPAGE="https://github.com/docker/distribution" +SRC_URI="https://${EGO_PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0 BSD BSD-2 CC-BY-SA-4.0 MIT ZLIB" +SLOT="0" +KEYWORDS="amd64 ~arm64" + +DEPEND=" + acct-group/registry + acct-user/registry +" +RDEPEND="${DEPEND}" + +SVCNAME="registry" + +src_prepare() { + default + pushd src/${EGO_PN} || die + eapply "${FILESDIR}"/${PN}-2.7.0-notification-metrics.patch + sed -e "s/git describe.*/echo ${PV})/" \ + -e "s/git rev-parse.*/echo ${EGIT_COMMIT})/" \ + -e "s/-s -w/-w/" \ + -i Makefile || die + popd || die +} + +src_compile() { + export -n GOCACHE XDG_CACHE_HOME #681072 + GOPATH="${S}" GO_BUILD_FLAGS="-v" emake -C src/${EGO_PN} binaries +} + +src_install() { + exeinto /usr/libexec/${PN} + doexe src/${EGO_PN}/bin/* + insinto /etc/docker/registry + newins src/${EGO_PN}/cmd/registry/config-example.yml config.yml.example + newinitd "${FILESDIR}/${SVCNAME}.initd" "${SVCNAME}" + newconfd "${FILESDIR}/${SVCNAME}.confd" "${SVCNAME}" + systemd_dounit "${FILESDIR}/${SVCNAME}.service" + keepdir /var/log/${SVCNAME} + fowners ${SVCNAME}:${SVCNAME} /var/log/${SVCNAME} + insinto /etc/logrotate.d + newins "${FILESDIR}/${SVCNAME}.logrotated" "${SVCNAME}" +} diff --git a/app-containers/docker-registry/docker-registry-2.8.2.ebuild b/app-containers/docker-registry/docker-registry-2.8.2.ebuild new file mode 100644 index 000000000000..6286a187586d --- /dev/null +++ b/app-containers/docker-registry/docker-registry-2.8.2.ebuild @@ -0,0 +1,55 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit golang-vcs-snapshot systemd + +EGIT_COMMIT="7c354a4b40feeea21d7eeae4de91c8ff7951e672" +EGO_PN="github.com/docker/distribution" + +DESCRIPTION="Docker Registry 2.0" +HOMEPAGE="https://github.com/docker/distribution" +SRC_URI="https://${EGO_PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0 BSD BSD-2 CC-BY-SA-4.0 MIT ZLIB" +SLOT="0" +KEYWORDS="amd64 ~arm64" + +DEPEND=" + acct-group/registry + acct-user/registry +" +RDEPEND="${DEPEND}" + +SVCNAME="registry" + +src_prepare() { + default + pushd src/${EGO_PN} || die + eapply "${FILESDIR}"/${PN}-2.7.0-notification-metrics.patch + sed -e "s/git describe.*/echo ${PV})/" \ + -e "s/git rev-parse.*/echo ${EGIT_COMMIT})/" \ + -e "s/-s -w/-w/" \ + -i Makefile || die + popd || die +} + +src_compile() { + export -n GOCACHE XDG_CACHE_HOME #681072 + GOPATH="${S}" GO_BUILD_FLAGS="-v" emake -C src/${EGO_PN} binaries +} + +src_install() { + exeinto /usr/libexec/${PN} + doexe src/${EGO_PN}/bin/* + insinto /etc/docker/registry + newins src/${EGO_PN}/cmd/registry/config-example.yml config.yml.example + newinitd "${FILESDIR}/${SVCNAME}.initd" "${SVCNAME}" + newconfd "${FILESDIR}/${SVCNAME}.confd" "${SVCNAME}" + systemd_dounit "${FILESDIR}/${SVCNAME}.service" + keepdir /var/log/${SVCNAME} + fowners ${SVCNAME}:${SVCNAME} /var/log/${SVCNAME} + insinto /etc/logrotate.d + newins "${FILESDIR}/${SVCNAME}.logrotated" "${SVCNAME}" +} diff --git a/app-containers/docker-registry/files/docker-registry-2.7.0-notification-metrics.patch b/app-containers/docker-registry/files/docker-registry-2.7.0-notification-metrics.patch new file mode 100644 index 000000000000..8adf364ce164 --- /dev/null +++ b/app-containers/docker-registry/files/docker-registry-2.7.0-notification-metrics.patch @@ -0,0 +1,398 @@ +From 7b2292ee20c5d49053cc5262dfbc99ce121b9b74 Mon Sep 17 00:00:00 2001 +From: tifayuki <tifayuki@gmail.com> +Date: Tue, 13 Feb 2018 13:30:56 -0800 +Subject: [PATCH 1/4] Add notification metrics + +It adds notification related prometheus metrics, including: + - total count for events/success/failure/error + - total count for notification per each status code + - gauge of the pending notification queue + +Signed-off-by: tifayuki <tifayuki@gmail.com> +--- + metrics/prometheus.go | 3 +++ + notifications/metrics.go | 28 ++++++++++++++++++++++++++++ + 2 files changed, 31 insertions(+) + +diff --git a/metrics/prometheus.go b/metrics/prometheus.go +index b5a532144..91b32b23d 100644 +--- a/metrics/prometheus.go ++++ b/metrics/prometheus.go +@@ -10,4 +10,7 @@ const ( + var ( + // StorageNamespace is the prometheus namespace of blob/cache related operations + StorageNamespace = metrics.NewNamespace(NamespacePrefix, "storage", nil) ++ ++ // NotificationsNamespace is the prometheus namespace of notification related metrics ++ NotificationsNamespace = metrics.NewNamespace(NamespacePrefix, "notifications", nil) + ) +diff --git a/notifications/metrics.go b/notifications/metrics.go +index a20af1687..69960e9cb 100644 +--- a/notifications/metrics.go ++++ b/notifications/metrics.go +@@ -5,6 +5,18 @@ import ( + "fmt" + "net/http" + "sync" ++ ++ prometheus "github.com/docker/distribution/metrics" ++ "github.com/docker/go-metrics" ++) ++ ++var ( ++ // eventsCounter counts total events of incoming, success, failure, and errors ++ eventsCounter = prometheus.NotificationsNamespace.NewLabeledCounter("events", "The number of total events", "type") ++ // pendingGauge measures the pending queue size ++ pendingGauge = prometheus.NotificationsNamespace.NewGauge("pending", "The gauge of pending events in queue", metrics.Total) ++ // statusCounter counts the total notification call per each status code ++ statusCounter = prometheus.NotificationsNamespace.NewLabeledCounter("status", "The number of status code", "code") + ) + + // EndpointMetrics track various actions taken by the endpoint, typically by +@@ -61,6 +73,9 @@ func (emsl *endpointMetricsHTTPStatusListener) success(status int, events ...Eve + defer emsl.safeMetrics.Unlock() + emsl.Statuses[fmt.Sprintf("%d %s", status, http.StatusText(status))] += len(events) + emsl.Successes += len(events) ++ ++ statusCounter.WithValues(fmt.Sprintf("%d %s", status, http.StatusText(status))).Inc(1) ++ eventsCounter.WithValues("Successes").Inc(1) + } + + func (emsl *endpointMetricsHTTPStatusListener) failure(status int, events ...Event) { +@@ -68,12 +83,17 @@ func (emsl *endpointMetricsHTTPStatusListener) failure(status int, events ...Eve + defer emsl.safeMetrics.Unlock() + emsl.Statuses[fmt.Sprintf("%d %s", status, http.StatusText(status))] += len(events) + emsl.Failures += len(events) ++ ++ statusCounter.WithValues(fmt.Sprintf("%d %s", status, http.StatusText(status))).Inc(1) ++ eventsCounter.WithValues("Failures").Inc(1) + } + + func (emsl *endpointMetricsHTTPStatusListener) err(err error, events ...Event) { + emsl.safeMetrics.Lock() + defer emsl.safeMetrics.Unlock() + emsl.Errors += len(events) ++ ++ eventsCounter.WithValues("Errors").Inc(1) + } + + // endpointMetricsEventQueueListener maintains the incoming events counter and +@@ -87,12 +107,17 @@ func (eqc *endpointMetricsEventQueueListener) ingress(events ...Event) { + defer eqc.Unlock() + eqc.Events += len(events) + eqc.Pending += len(events) ++ ++ eventsCounter.WithValues("Events").Inc() ++ pendingGauge.Inc(1) + } + + func (eqc *endpointMetricsEventQueueListener) egress(events ...Event) { + eqc.Lock() + defer eqc.Unlock() + eqc.Pending -= len(events) ++ ++ pendingGauge.Dec(1) + } + + // endpoints is global registry of endpoints used to report metrics to expvar +@@ -149,4 +174,7 @@ func init() { + })) + + registry.(*expvar.Map).Set("notifications", ¬ifications) ++ ++ // register prometheus metrics ++ metrics.Register(prometheus.NotificationsNamespace) + } + +From 4497e40eda1e0024f055c09ab480b7816a1147b1 Mon Sep 17 00:00:00 2001 +From: Honglin Feng <tifayuki@gmail.com> +Date: Thu, 11 Oct 2018 21:39:02 +0800 +Subject: [PATCH 2/4] add label to the metrics + +Signed-off-by: Honglin Feng <tifayuki@gmail.com> +--- + notifications/endpoint.go | 2 +- + notifications/http_test.go | 2 +- + notifications/metrics.go | 26 ++++++++++++++------------ + notifications/sinks_test.go | 2 +- + 4 files changed, 17 insertions(+), 15 deletions(-) + +diff --git a/notifications/endpoint.go b/notifications/endpoint.go +index a8a52d0c9..854f1dd6c 100644 +--- a/notifications/endpoint.go ++++ b/notifications/endpoint.go +@@ -58,7 +58,7 @@ func NewEndpoint(name, url string, config EndpointConfig) *Endpoint { + endpoint.url = url + endpoint.EndpointConfig = config + endpoint.defaults() +- endpoint.metrics = newSafeMetrics() ++ endpoint.metrics = newSafeMetrics(name) + + // Configures the inmemory queue, retry, http pipeline. + endpoint.Sink = newHTTPSink( +diff --git a/notifications/http_test.go b/notifications/http_test.go +index de47f789e..b7845cf95 100644 +--- a/notifications/http_test.go ++++ b/notifications/http_test.go +@@ -63,7 +63,7 @@ func TestHTTPSink(t *testing.T) { + }) + server := httptest.NewTLSServer(serverHandler) + +- metrics := newSafeMetrics() ++ metrics := newSafeMetrics("") + sink := newHTTPSink(server.URL, 0, nil, nil, + &endpointMetricsHTTPStatusListener{safeMetrics: metrics}) + +diff --git a/notifications/metrics.go b/notifications/metrics.go +index 69960e9cb..4464edd8f 100644 +--- a/notifications/metrics.go ++++ b/notifications/metrics.go +@@ -12,11 +12,11 @@ import ( + + var ( + // eventsCounter counts total events of incoming, success, failure, and errors +- eventsCounter = prometheus.NotificationsNamespace.NewLabeledCounter("events", "The number of total events", "type") ++ eventsCounter = prometheus.NotificationsNamespace.NewLabeledCounter("events", "The number of total events", "type", "to") + // pendingGauge measures the pending queue size +- pendingGauge = prometheus.NotificationsNamespace.NewGauge("pending", "The gauge of pending events in queue", metrics.Total) ++ pendingGauge = prometheus.NotificationsNamespace.NewLabeledGauge("pending", "The gauge of pending events in queue", metrics.Total, "to") + // statusCounter counts the total notification call per each status code +- statusCounter = prometheus.NotificationsNamespace.NewLabeledCounter("status", "The number of status code", "code") ++ statusCounter = prometheus.NotificationsNamespace.NewLabeledCounter("status", "The number of status code", "code", "to") + ) + + // EndpointMetrics track various actions taken by the endpoint, typically by +@@ -34,14 +34,16 @@ type EndpointMetrics struct { + // safeMetrics guards the metrics implementation with a lock and provides a + // safe update function. + type safeMetrics struct { ++ EndpointName string + EndpointMetrics + sync.Mutex // protects statuses map + } + + // newSafeMetrics returns safeMetrics with map allocated. +-func newSafeMetrics() *safeMetrics { ++func newSafeMetrics(name string) *safeMetrics { + var sm safeMetrics + sm.Statuses = make(map[string]int) ++ sm.EndpointName = name + return &sm + } + +@@ -74,8 +76,8 @@ func (emsl *endpointMetricsHTTPStatusListener) success(status int, events ...Eve + emsl.Statuses[fmt.Sprintf("%d %s", status, http.StatusText(status))] += len(events) + emsl.Successes += len(events) + +- statusCounter.WithValues(fmt.Sprintf("%d %s", status, http.StatusText(status))).Inc(1) +- eventsCounter.WithValues("Successes").Inc(1) ++ statusCounter.WithValues(fmt.Sprintf("%d %s", status, http.StatusText(status)), emsl.EndpointName).Inc(1) ++ eventsCounter.WithValues("Successes", emsl.EndpointName).Inc(1) + } + + func (emsl *endpointMetricsHTTPStatusListener) failure(status int, events ...Event) { +@@ -84,8 +86,8 @@ func (emsl *endpointMetricsHTTPStatusListener) failure(status int, events ...Eve + emsl.Statuses[fmt.Sprintf("%d %s", status, http.StatusText(status))] += len(events) + emsl.Failures += len(events) + +- statusCounter.WithValues(fmt.Sprintf("%d %s", status, http.StatusText(status))).Inc(1) +- eventsCounter.WithValues("Failures").Inc(1) ++ statusCounter.WithValues(fmt.Sprintf("%d %s", status, http.StatusText(status)), emsl.EndpointName).Inc(1) ++ eventsCounter.WithValues("Failures", emsl.EndpointName).Inc(1) + } + + func (emsl *endpointMetricsHTTPStatusListener) err(err error, events ...Event) { +@@ -93,7 +95,7 @@ func (emsl *endpointMetricsHTTPStatusListener) err(err error, events ...Event) { + defer emsl.safeMetrics.Unlock() + emsl.Errors += len(events) + +- eventsCounter.WithValues("Errors").Inc(1) ++ eventsCounter.WithValues("Errors", emsl.EndpointName).Inc(1) + } + + // endpointMetricsEventQueueListener maintains the incoming events counter and +@@ -108,8 +110,8 @@ func (eqc *endpointMetricsEventQueueListener) ingress(events ...Event) { + eqc.Events += len(events) + eqc.Pending += len(events) + +- eventsCounter.WithValues("Events").Inc() +- pendingGauge.Inc(1) ++ eventsCounter.WithValues("Events", eqc.EndpointName).Inc() ++ pendingGauge.WithValues(eqc.EndpointName).Inc(1) + } + + func (eqc *endpointMetricsEventQueueListener) egress(events ...Event) { +@@ -117,7 +119,7 @@ func (eqc *endpointMetricsEventQueueListener) egress(events ...Event) { + defer eqc.Unlock() + eqc.Pending -= len(events) + +- pendingGauge.Dec(1) ++ pendingGauge.WithValues(eqc.EndpointName).Dec(1) + } + + // endpoints is global registry of endpoints used to report metrics to expvar +diff --git a/notifications/sinks_test.go b/notifications/sinks_test.go +index 06f88b2c9..4a69486b5 100644 +--- a/notifications/sinks_test.go ++++ b/notifications/sinks_test.go +@@ -66,7 +66,7 @@ func TestBroadcaster(t *testing.T) { + func TestEventQueue(t *testing.T) { + const nevents = 1000 + var ts testSink +- metrics := newSafeMetrics() ++ metrics := newSafeMetrics("") + eq := newEventQueue( + // delayed sync simulates destination slower than channel comms + &delayedSink{ + +From 73e4232b5171c2988b0daeea517aa07386e7945d Mon Sep 17 00:00:00 2001 +From: Honglin Feng <tifayuki@gmail.com> +Date: Mon, 15 Oct 2018 19:50:38 +0800 +Subject: [PATCH 3/4] run go fmt + +Signed-off-by: Honglin Feng <tifayuki@gmail.com> +--- + registry/storage/driver/s3-aws/s3.go | 10 +++++----- + registry/storage/linkedblobstore.go | 16 ++++++++-------- + registry/storage/linkedblobstore_test.go | 4 ++-- + 3 files changed, 15 insertions(+), 15 deletions(-) + +diff --git a/registry/storage/driver/s3-aws/s3.go b/registry/storage/driver/s3-aws/s3.go +index 800435d01..9cd87dbab 100644 +--- a/registry/storage/driver/s3-aws/s3.go ++++ b/registry/storage/driver/s3-aws/s3.go +@@ -476,11 +476,11 @@ func New(params DriverParameters) (*Driver, error) { + // } + + d := &driver{ +- S3: s3obj, +- Bucket: params.Bucket, +- ChunkSize: params.ChunkSize, +- Encrypt: params.Encrypt, +- KeyID: params.KeyID, ++ S3: s3obj, ++ Bucket: params.Bucket, ++ ChunkSize: params.ChunkSize, ++ Encrypt: params.Encrypt, ++ KeyID: params.KeyID, + MultipartCopyChunkSize: params.MultipartCopyChunkSize, + MultipartCopyMaxConcurrency: params.MultipartCopyMaxConcurrency, + MultipartCopyThresholdSize: params.MultipartCopyThresholdSize, +diff --git a/registry/storage/linkedblobstore.go b/registry/storage/linkedblobstore.go +index de591c8a5..3fb1da26f 100644 +--- a/registry/storage/linkedblobstore.go ++++ b/registry/storage/linkedblobstore.go +@@ -312,14 +312,14 @@ func (lbs *linkedBlobStore) newBlobUpload(ctx context.Context, uuid, path string + } + + bw := &blobWriter{ +- ctx: ctx, +- blobStore: lbs, +- id: uuid, +- startedAt: startedAt, +- digester: digest.Canonical.Digester(), +- fileWriter: fw, +- driver: lbs.driver, +- path: path, ++ ctx: ctx, ++ blobStore: lbs, ++ id: uuid, ++ startedAt: startedAt, ++ digester: digest.Canonical.Digester(), ++ fileWriter: fw, ++ driver: lbs.driver, ++ path: path, + resumableDigestEnabled: lbs.resumableDigestEnabled, + } + +diff --git a/registry/storage/linkedblobstore_test.go b/registry/storage/linkedblobstore_test.go +index e0ffd2796..85376f715 100644 +--- a/registry/storage/linkedblobstore_test.go ++++ b/registry/storage/linkedblobstore_test.go +@@ -162,8 +162,8 @@ type mockBlobDescriptorServiceFactory struct { + func (f *mockBlobDescriptorServiceFactory) BlobAccessController(svc distribution.BlobDescriptorService) distribution.BlobDescriptorService { + return &mockBlobDescriptorService{ + BlobDescriptorService: svc, +- t: f.t, +- stats: f.stats, ++ t: f.t, ++ stats: f.stats, + } + } + + +From 5c66b577b027e3b314680f245be4213a002fcee0 Mon Sep 17 00:00:00 2001 +From: Honglin Feng <tifayuki@gmail.com> +Date: Mon, 15 Oct 2018 20:18:36 +0800 +Subject: [PATCH 4/4] run go fmt and goimports + +Signed-off-by: Honglin Feng <tifayuki@gmail.com> +--- + registry/storage/driver/s3-aws/s3.go | 10 +++++----- + registry/storage/linkedblobstore.go | 16 ++++++++-------- + registry/storage/linkedblobstore_test.go | 4 ++-- + 3 files changed, 15 insertions(+), 15 deletions(-) + +diff --git a/registry/storage/driver/s3-aws/s3.go b/registry/storage/driver/s3-aws/s3.go +index 9cd87dbab..800435d01 100644 +--- a/registry/storage/driver/s3-aws/s3.go ++++ b/registry/storage/driver/s3-aws/s3.go +@@ -476,11 +476,11 @@ func New(params DriverParameters) (*Driver, error) { + // } + + d := &driver{ +- S3: s3obj, +- Bucket: params.Bucket, +- ChunkSize: params.ChunkSize, +- Encrypt: params.Encrypt, +- KeyID: params.KeyID, ++ S3: s3obj, ++ Bucket: params.Bucket, ++ ChunkSize: params.ChunkSize, ++ Encrypt: params.Encrypt, ++ KeyID: params.KeyID, + MultipartCopyChunkSize: params.MultipartCopyChunkSize, + MultipartCopyMaxConcurrency: params.MultipartCopyMaxConcurrency, + MultipartCopyThresholdSize: params.MultipartCopyThresholdSize, +diff --git a/registry/storage/linkedblobstore.go b/registry/storage/linkedblobstore.go +index 3fb1da26f..de591c8a5 100644 +--- a/registry/storage/linkedblobstore.go ++++ b/registry/storage/linkedblobstore.go +@@ -312,14 +312,14 @@ func (lbs *linkedBlobStore) newBlobUpload(ctx context.Context, uuid, path string + } + + bw := &blobWriter{ +- ctx: ctx, +- blobStore: lbs, +- id: uuid, +- startedAt: startedAt, +- digester: digest.Canonical.Digester(), +- fileWriter: fw, +- driver: lbs.driver, +- path: path, ++ ctx: ctx, ++ blobStore: lbs, ++ id: uuid, ++ startedAt: startedAt, ++ digester: digest.Canonical.Digester(), ++ fileWriter: fw, ++ driver: lbs.driver, ++ path: path, + resumableDigestEnabled: lbs.resumableDigestEnabled, + } + +diff --git a/registry/storage/linkedblobstore_test.go b/registry/storage/linkedblobstore_test.go +index 85376f715..e0ffd2796 100644 +--- a/registry/storage/linkedblobstore_test.go ++++ b/registry/storage/linkedblobstore_test.go +@@ -162,8 +162,8 @@ type mockBlobDescriptorServiceFactory struct { + func (f *mockBlobDescriptorServiceFactory) BlobAccessController(svc distribution.BlobDescriptorService) distribution.BlobDescriptorService { + return &mockBlobDescriptorService{ + BlobDescriptorService: svc, +- t: f.t, +- stats: f.stats, ++ t: f.t, ++ stats: f.stats, + } + } + diff --git a/app-containers/docker-registry/files/registry.confd b/app-containers/docker-registry/files/registry.confd new file mode 100644 index 000000000000..bfa97f127ef1 --- /dev/null +++ b/app-containers/docker-registry/files/registry.confd @@ -0,0 +1,2 @@ +# arguments for docker-registry +command_args="serve /etc/docker/registry/config.yml" diff --git a/app-containers/docker-registry/files/registry.initd b/app-containers/docker-registry/files/registry.initd new file mode 100644 index 000000000000..b81303c624d1 --- /dev/null +++ b/app-containers/docker-registry/files/registry.initd @@ -0,0 +1,19 @@ +#!/sbin/openrc-run +# Copyright 2016-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +description="Docker Registry 2.0" +pidfile=${pidfile:-"/run/${RC_SVCNAME}.pid"} +user=${user:-${RC_SVCNAME}} +group=${group:-${RC_SVCNAME}} + +command="/usr/libexec/docker-${RC_SVCNAME}/${RC_SVCNAME}" +command_args="${command_args:-serve /etc/docker/registry/config.yml}" +command_background="true" +start_stop_daemon_args="--user ${user} --group ${group} \ + --stdout /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log \ + --stderr /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log" + +depend() { + need net +} diff --git a/app-containers/docker-registry/files/registry.logrotated b/app-containers/docker-registry/files/registry.logrotated new file mode 100644 index 000000000000..3cb63f949a08 --- /dev/null +++ b/app-containers/docker-registry/files/registry.logrotated @@ -0,0 +1,7 @@ +/var/log/registry/registry.log { + missingok + size 5M + rotate 3 + compress + copytruncate +} diff --git a/app-containers/docker-registry/files/registry.service b/app-containers/docker-registry/files/registry.service new file mode 100644 index 000000000000..14ff5f9c0b77 --- /dev/null +++ b/app-containers/docker-registry/files/registry.service @@ -0,0 +1,13 @@ +[Unit] +Description=Docker Registry 2.0 +Requires=network-online.target +After=network-online.target + +[Service] +User=registry +PrivateDevices=Yes +Environment="DOCKER_REGISTRY_ARGS=serve /etc/docker/registry/config.yml" +ExecStart=/usr/libexec/docker-registry/registry $DOCKER_REGISTRY_ARGS + +[Install] +WantedBy=multi-user.target diff --git a/app-containers/docker-registry/metadata.xml b/app-containers/docker-registry/metadata.xml new file mode 100644 index 000000000000..e9f15ec90c2b --- /dev/null +++ b/app-containers/docker-registry/metadata.xml @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + </maintainer> + <upstream> + <remote-id type="github">docker/distribution</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/docker-swarm/Manifest b/app-containers/docker-swarm/Manifest new file mode 100644 index 000000000000..e67d6adbf65b --- /dev/null +++ b/app-containers/docker-swarm/Manifest @@ -0,0 +1 @@ +DIST docker-swarm-1.2.9.tar.gz 1532493 BLAKE2B 243a3cb6d2e9f719d81947429c6616e93cf1b08187685922ad5daf732e61db12bd626fa26f30174af7e779c8ba45ecce7d2cfb33835ef985bdd57657e30e2228 SHA512 cc0e0e27d0ed4845abd99d1554630cc8e2ab0645d40a76358a83b2ea6d1bc5287dbf5d1aefdd2eb4302aeef3894725e75cae3f5da2353b045492a4357631daa2 diff --git a/app-containers/docker-swarm/docker-swarm-1.2.9.ebuild b/app-containers/docker-swarm/docker-swarm-1.2.9.ebuild new file mode 100644 index 000000000000..5ca267108edf --- /dev/null +++ b/app-containers/docker-swarm/docker-swarm-1.2.9.ebuild @@ -0,0 +1,54 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit go-module + +KEYWORDS="~amd64" +EGO_PN=github.com/docker/swarm +EGIT_COMMIT="527a849cc6b8297690f478905083fc77951da2a7" +MY_PN=classicswarm +SRC_URI="https://github.com/docker/classicswarm/archive/v${PV}.tar.gz -> ${P}.tar.gz" +DESCRIPTION="Swarm Classic: a container clustering system" +HOMEPAGE="https://docs.docker.com/swarm" +LICENSE="Apache-2.0 CC-BY-SA-4.0 BSD BSD-2 ISC MIT MPL-2.0 WTFPL-2" +SLOT="0" +IUSE="" +RESTRICT="test" + +S="${WORKDIR}/${MY_PN}-${PV}" + +src_prepare() { + # It would require internet access to run `go mod vendor`, so + # generate approximate go.mod and vendor/modules.txt from the + # content of vendor.conf. Use a dummy vendor_version that is + # good enough for go to recognize as a valid version. + rm -f go.mod vendor/modules.txt || die + local x vendor_version=v1.0.0 + printf -- 'module %s\n' "${EGO_PN}" >> go.mod || die + printf -- 'go 1.14\n' >> go.mod || die + printf -- 'require (\n' >> go.mod || die + while read -r x; do + printf -- '\t%s %s\n' "${x}" "${vendor_version}" >> go.mod || die + printf -- '# %s %s\n' "${x}" "${vendor_version}" >> vendor/modules.txt || die + printf -- '## explicit\n' >> vendor/modules.txt || die + printf -- '%s\n' "${x}" >> vendor/modules.txt || die + done < <(grep -Eo "^[^#[:space:]]+" vendor.conf) + printf -- ')\n' >> go.mod || die + default +} + +src_compile() { + GOBIN="${S}/bin" \ + go install -v -work -x -mod=vendor -x \ + -ldflags "-w -X github.com/docker/swarm/version.GITCOMMIT=${EGIT_COMMIT} \ + -X github.com/docker/swarm/version.BUILDTIME=$(date -u +%FT%T%z)" \ + ./... || die +} + +src_install() { + dobin bin/swarm + dosym swarm /usr/bin/docker-swarm + dodoc CHANGELOG.md CONTRIBUTING.md logo.png README.md +} diff --git a/app-containers/docker-swarm/metadata.xml b/app-containers/docker-swarm/metadata.xml new file mode 100644 index 000000000000..9a5462b50dc9 --- /dev/null +++ b/app-containers/docker-swarm/metadata.xml @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + </maintainer> + <upstream> + <remote-id type="github">docker/swarm</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/docker/Manifest b/app-containers/docker/Manifest new file mode 100644 index 000000000000..bd1c7e1ad7a7 --- /dev/null +++ b/app-containers/docker/Manifest @@ -0,0 +1,6 @@ +DIST docker-24.0.5.tar.gz 14456089 BLAKE2B be13a4256787152cb35ddb96d80e97a5e5b587094f1c61d18158737a037c4e81b88c186098ba7416eb7778022ece07bc31ee55af13d3e3da8e0bbd5452ad027f SHA512 cde2e47e7658b153399ee29154ec21eebf54b292185e07d43b968895dcfdfead95e4507fefb713859a4540f21d8007116d3ebeaa1fb7ba305fb2a0449ba1bee6 +DIST docker-24.0.6.tar.gz 14462378 BLAKE2B bced8e687abac59254a9969df46f323a835627a724889e5966bea08df8766b4291914442001d1b573280c45ac4d357a673e98e8fba2b8d116a1dbd65424ccf78 SHA512 d9bf0ba756b1ebe69a44819d7c6aa5d66dad8db5bcc41233e2bfce8131334a2fe1af3972de7f602b7911231288d29aaea797b7a05b335c2d7214a613b27c4b63 +DIST docker-24.0.7.tar.gz 14658649 BLAKE2B 73bad494640ef8cad2b9b991f94414d8bec4dd88b120b0f8238f74d01269c445270f45410ac2c78af074356c3ba60a7c550ab28f5da5924bdc6d8b99e85a1360 SHA512 08f22fcbce163c3ba8eb21302fd38ff04fd3f27067f5715a3c527ba2efe67f694fac80bfe6d6b5e22d06d98917e1685a9d3d9b58991f221354f637f4a8bdc526 +DIST docker-25.0.1.tar.gz 15936052 BLAKE2B 32b24893c9b098b218b16548be074588ad98ed31c8b87ab3fa467f79e33e96ce94f694b86f2920b1166e64c153b1c2482cb602117f673d23f0fc5ccc9b28ae92 SHA512 816c888925cf609e7caa6e491b45614f69fdd7df5ed4f783d8a77cf86d9f46f4f457a95a943aa75ecddf99d080daf78bc0dba55e9648960dc539b1ae62052361 +DIST docker-25.0.4.tar.gz 15953567 BLAKE2B 85398de80b14f21d611822a1714ac987d919cf6a2a8059d8a6d41c9b63fd63a04013e47e01021eccdbd107f1a3f8ee55dc1ecbc4b6c9cc20ff2854434e3b6af7 SHA512 07e724de305def32a1e32a724a8041be193745c4f0d549708723cf5d14b840f74648e83e790fd526e00a6c6fdb7e487ee4e5ed0752fbe172d673ab86fe8819d2 +DIST docker-26.1.0.tar.gz 16390376 BLAKE2B 6703e9b153c430bc28aed2e7de7bada0203353d61f0a2ce3d49ddbd017eab196a685dd1ab1e719a6b287813eb5fa4f2c612e2cf1ab95789d6e79ebe5dac7ace3 SHA512 47b6b9af9947016884614b6bc25977e1db281da95c9b8b34c753c21c664a737a893f9fa65d92cbb897735aae3893567e106e6bababb5507e069b1e0981e48d50 diff --git a/app-containers/docker/docker-24.0.5-r1.ebuild b/app-containers/docker/docker-24.0.5-r1.ebuild new file mode 100644 index 000000000000..2421fd8dd3eb --- /dev/null +++ b/app-containers/docker/docker-24.0.5-r1.ebuild @@ -0,0 +1,334 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +EGO_PN=github.com/docker/docker +MY_PV=${PV/_/-} +inherit linux-info systemd udev golang-vcs-snapshot +GIT_COMMIT=4ffc61430bbe6d3d405bdf357b766bf303ff3cc5 + +DESCRIPTION="The core functions you need to create Docker images and run Docker containers" +HOMEPAGE="https://www.docker.com/" +SRC_URI="https://github.com/moby/moby/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv ~x86" +IUSE="apparmor btrfs +container-init device-mapper overlay seccomp selinux systemd" + +DEPEND=" + acct-group/docker + >=dev-db/sqlite-3.7.9:3 + apparmor? ( sys-libs/libapparmor ) + btrfs? ( >=sys-fs/btrfs-progs-3.16.1 ) + device-mapper? ( >=sys-fs/lvm2-2.02.89[thin] ) + seccomp? ( >=sys-libs/libseccomp-2.2.1 ) + systemd? ( sys-apps/systemd ) +" + +# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#runtime-dependencies +# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#optional-dependencies +RDEPEND=" + ${DEPEND} + >=net-firewall/iptables-1.4 + sys-process/procps + >=dev-vcs/git-1.7 + >=app-arch/xz-utils-4.9 + dev-libs/libltdl + >=app-containers/containerd-1.7.1[apparmor?,btrfs?,device-mapper?,seccomp?] + !app-containers/docker-proxy + container-init? ( >=sys-process/tini-0.19.0[static] ) + selinux? ( sec-policy/selinux-docker ) +" + +# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies +BDEPEND=" + >=dev-lang/go-1.16.12 + dev-go/go-md2man + virtual/pkgconfig +" +# tests require running dockerd as root and downloading containers +RESTRICT="installsources strip test" + +S="${WORKDIR}/${P}/src/${EGO_PN}" + +# https://bugs.gentoo.org/748984 https://github.com/etcd-io/etcd/pull/12552 +PATCHES=( + "${FILESDIR}/0001-Openrc-Depend-on-containerd-init-script.patch" + "${FILESDIR}/docker-24.0.5-automagic-systemd.patch" +) + +pkg_setup() { + # this is based on "contrib/check-config.sh" from upstream's sources + # required features. + CONFIG_CHECK=" + ~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS + ~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG + ~KEYS + ~VETH ~BRIDGE ~BRIDGE_NETFILTER + ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE + ~NETFILTER_XT_MATCH_ADDRTYPE + ~NETFILTER_XT_MATCH_CONNTRACK + ~NETFILTER_XT_MATCH_IPVS + ~NETFILTER_XT_MARK + ~IP_NF_NAT ~NF_NAT + ~POSIX_MQUEUE + " + WARNING_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: is required for bind-mounting /dev/mqueue into containers" + + if kernel_is lt 4 8; then + CONFIG_CHECK+=" + ~DEVPTS_MULTIPLE_INSTANCES + " + fi + + if kernel_is le 5 1; then + CONFIG_CHECK+=" + ~NF_NAT_IPV4 + " + fi + + if kernel_is le 5 2; then + CONFIG_CHECK+=" + ~NF_NAT_NEEDED + " + fi + + if kernel_is ge 4 15; then + CONFIG_CHECK+=" + ~CGROUP_BPF + " + fi + + # optional features + CONFIG_CHECK+=" + ~USER_NS + " + + if use seccomp; then + CONFIG_CHECK+=" + ~SECCOMP ~SECCOMP_FILTER + " + fi + + CONFIG_CHECK+=" + ~CGROUP_PIDS + " + + if kernel_is lt 6 1; then + CONFIG_CHECK+=" + ~MEMCG_SWAP + " + fi + + if kernel_is le 5 8; then + CONFIG_CHECK+=" + ~MEMCG_SWAP_ENABLED + " + fi + + CONFIG_CHECK+=" + ~!LEGACY_VSYSCALL_NATIVE + " + if kernel_is lt 5 19; then + CONFIG_CHECK+=" + ~LEGACY_VSYSCALL_EMULATE + " + fi + CONFIG_CHECK+=" + ~!LEGACY_VSYSCALL_NONE + " + WARNING_LEGACY_VSYSCALL_NONE="CONFIG_LEGACY_VSYSCALL_NONE enabled: \ + Containers with <=glibc-2.13 will not work" + + if kernel_is le 4 5; then + CONFIG_CHECK+=" + ~MEMCG_KMEM + " + fi + + if kernel_is lt 5; then + CONFIG_CHECK+=" + ~IOSCHED_CFQ ~CFQ_GROUP_IOSCHED + " + fi + + CONFIG_CHECK+=" + ~BLK_CGROUP ~BLK_DEV_THROTTLING + ~CGROUP_PERF + ~CGROUP_HUGETLB + ~NET_CLS_CGROUP ~CGROUP_NET_PRIO + ~CFS_BANDWIDTH ~FAIR_GROUP_SCHED + ~IP_NF_TARGET_REDIRECT + ~IP_VS + ~IP_VS_NFCT + ~IP_VS_PROTO_TCP + ~IP_VS_PROTO_UDP + ~IP_VS_RR + " + + if use selinux; then + CONFIG_CHECK+=" + ~SECURITY_SELINUX + " + fi + + if use apparmor; then + CONFIG_CHECK+=" + ~SECURITY_APPARMOR + " + fi + + # if ! is_set EXT4_USE_FOR_EXT2; then + # check_flags EXT3_FS EXT3_FS_XATTR EXT3_FS_POSIX_ACL EXT3_FS_SECURITY + # if ! is_set EXT3_FS || ! is_set EXT3_FS_XATTR || ! is_set EXT3_FS_POSIX_ACL || ! is_set EXT3_FS_SECURITY; then + # echo " $(wrap_color '(enable these ext3 configs if you are using ext3 as backing filesystem)' bold black)" + # fi + # fi + + CONFIG_CHECK+=" + ~EXT4_FS ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY + " + + # if ! is_set EXT4_FS || ! is_set EXT4_FS_POSIX_ACL || ! is_set EXT4_FS_SECURITY; then + # if is_set EXT4_USE_FOR_EXT2; then + # echo " $(wrap_color 'enable these ext4 configs if you are using ext3 or ext4 as backing filesystem' bold black)" + # else + # echo " $(wrap_color 'enable these ext4 configs if you are using ext4 as backing filesystem' bold black)" + # fi + # fi + + # network drivers + CONFIG_CHECK+=" + ~VXLAN ~BRIDGE_VLAN_FILTERING + ~CRYPTO ~CRYPTO_AEAD ~CRYPTO_GCM ~CRYPTO_SEQIV ~CRYPTO_GHASH + ~XFRM ~XFRM_USER ~XFRM_ALGO ~INET_ESP + " + if kernel_is le 5 3; then + CONFIG_CHECK+=" + ~INET_XFRM_MODE_TRANSPORT + " + fi + + CONFIG_CHECK+=" + ~IPVLAN + " + CONFIG_CHECK+=" + ~MACVLAN ~DUMMY + " + CONFIG_CHECK+=" + ~NF_NAT_FTP ~NF_CONNTRACK_FTP ~NF_NAT_TFTP ~NF_CONNTRACK_TFTP + " + + # storage drivers + if use btrfs; then + CONFIG_CHECK+=" + ~BTRFS_FS + ~BTRFS_FS_POSIX_ACL + " + fi + + if use device-mapper; then + CONFIG_CHECK+=" + ~BLK_DEV_DM ~DM_THIN_PROVISIONING + " + fi + + CONFIG_CHECK+=" + ~OVERLAY_FS + " + + linux-info_pkg_setup +} + +src_compile() { + export DOCKER_GITCOMMIT="${GIT_COMMIT}" + export GOPATH="${WORKDIR}/${P}" + export VERSION=${PV} + + # setup CFLAGS and LDFLAGS for separate build target + # see https://github.com/tianon/docker-overlay/pull/10 + export CGO_CFLAGS="-I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)" + + # let's set up some optional features :) + export DOCKER_BUILDTAGS='' + for gd in btrfs device-mapper overlay; do + if ! use $gd; then + DOCKER_BUILDTAGS+=" exclude_graphdriver_${gd//-/}" + fi + done + + for tag in apparmor seccomp; do + if use $tag; then + DOCKER_BUILDTAGS+=" $tag" + fi + done + + export SYSTEMD=$(usex systemd 1 0) + + # build binaries + ./hack/make.sh dynbinary || die 'dynbinary failed' +} + +src_install() { + dosym containerd /usr/bin/docker-containerd + dosym containerd-shim /usr/bin/docker-containerd-shim + dosym runc /usr/bin/docker-runc + use container-init && dosym tini /usr/bin/docker-init + dobin bundles/dynbinary-daemon/dockerd + dobin bundles/dynbinary-daemon/docker-proxy + + newinitd contrib/init/openrc/docker.initd docker + newconfd contrib/init/openrc/docker.confd docker + + systemd_dounit contrib/init/systemd/docker.{service,socket} + + udev_dorules contrib/udev/*.rules + + dodoc AUTHORS CONTRIBUTING.md NOTICE README.md + dodoc -r docs/* + + # note: intentionally not using "doins" so that we preserve +x bits + dodir /usr/share/${PN}/contrib + cp -R contrib/* "${ED}/usr/share/${PN}/contrib" +} + +pkg_postinst() { + udev_reload + + elog + elog "To use Docker, the Docker daemon must be running as root. To automatically" + elog "start the Docker daemon at boot:" + if systemd_is_booted || has_version sys-apps/systemd; then + elog " systemctl enable docker.service" + else + elog " rc-update add docker default" + fi + elog + elog "To use Docker as a non-root user, add yourself to the 'docker' group:" + elog ' usermod -aG docker <youruser>' + elog + + if use device-mapper; then + elog " Devicemapper storage driver has been deprecated" + elog " It will be removed in a future release" + elog + fi + + if use overlay; then + elog " Overlay storage driver/USEflag has been deprecated" + elog " in favor of overlay2 (enabled unconditionally)" + elog + fi + + if has_version sys-fs/zfs; then + elog " ZFS storage driver is available" + elog " Check https://docs.docker.com/storage/storagedriver/zfs-driver for more info" + elog + fi +} + +pkg_postrm() { + udev_reload +} diff --git a/app-containers/docker/docker-24.0.6.ebuild b/app-containers/docker/docker-24.0.6.ebuild new file mode 100644 index 000000000000..6a8cc58fd1f6 --- /dev/null +++ b/app-containers/docker/docker-24.0.6.ebuild @@ -0,0 +1,331 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +EGO_PN=github.com/docker/docker +MY_PV=${PV/_/-} +inherit linux-info systemd udev golang-vcs-snapshot +GIT_COMMIT=1a7969545d73537545645f5cd2c79b7a77e7d39f + +DESCRIPTION="The core functions you need to create Docker images and run Docker containers" +HOMEPAGE="https://www.docker.com/" +SRC_URI="https://github.com/moby/moby/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="apparmor btrfs +container-init device-mapper overlay seccomp selinux" + +DEPEND=" + acct-group/docker + >=dev-db/sqlite-3.7.9:3 + apparmor? ( sys-libs/libapparmor ) + btrfs? ( >=sys-fs/btrfs-progs-3.16.1 ) + device-mapper? ( >=sys-fs/lvm2-2.02.89[thin] ) + seccomp? ( >=sys-libs/libseccomp-2.2.1 ) +" + +# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#runtime-dependencies +# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#optional-dependencies +RDEPEND=" + ${DEPEND} + >=net-firewall/iptables-1.4 + sys-process/procps + >=dev-vcs/git-1.7 + >=app-arch/xz-utils-4.9 + dev-libs/libltdl + >=app-containers/containerd-1.7.3[apparmor?,btrfs?,device-mapper?,seccomp?] + >=app-containers/runc-1.1.9[apparmor?,seccomp?] + !app-containers/docker-proxy + container-init? ( >=sys-process/tini-0.19.0[static] ) + selinux? ( sec-policy/selinux-docker ) +" + +# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies +BDEPEND=" + >=dev-lang/go-1.16.12 + dev-go/go-md2man + virtual/pkgconfig +" +# tests require running dockerd as root and downloading containers +RESTRICT="installsources strip test" + +S="${WORKDIR}/${P}/src/${EGO_PN}" + +# https://bugs.gentoo.org/748984 https://github.com/etcd-io/etcd/pull/12552 +PATCHES=( + "${FILESDIR}/0001-Openrc-Depend-on-containerd-init-script.patch" +) + +pkg_setup() { + # this is based on "contrib/check-config.sh" from upstream's sources + # required features. + CONFIG_CHECK=" + ~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS + ~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG + ~KEYS + ~VETH ~BRIDGE ~BRIDGE_NETFILTER + ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE + ~NETFILTER_XT_MATCH_ADDRTYPE + ~NETFILTER_XT_MATCH_CONNTRACK + ~NETFILTER_XT_MATCH_IPVS + ~NETFILTER_XT_MARK + ~IP_NF_NAT ~NF_NAT + ~POSIX_MQUEUE + " + WARNING_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: is required for bind-mounting /dev/mqueue into containers" + + if kernel_is lt 4 8; then + CONFIG_CHECK+=" + ~DEVPTS_MULTIPLE_INSTANCES + " + fi + + if kernel_is le 5 1; then + CONFIG_CHECK+=" + ~NF_NAT_IPV4 + " + fi + + if kernel_is le 5 2; then + CONFIG_CHECK+=" + ~NF_NAT_NEEDED + " + fi + + if kernel_is ge 4 15; then + CONFIG_CHECK+=" + ~CGROUP_BPF + " + fi + + # optional features + CONFIG_CHECK+=" + ~USER_NS + " + + if use seccomp; then + CONFIG_CHECK+=" + ~SECCOMP ~SECCOMP_FILTER + " + fi + + CONFIG_CHECK+=" + ~CGROUP_PIDS + " + + if kernel_is lt 6 1; then + CONFIG_CHECK+=" + ~MEMCG_SWAP + " + fi + + if kernel_is le 5 8; then + CONFIG_CHECK+=" + ~MEMCG_SWAP_ENABLED + " + fi + + CONFIG_CHECK+=" + ~!LEGACY_VSYSCALL_NATIVE + " + if kernel_is lt 5 19; then + CONFIG_CHECK+=" + ~LEGACY_VSYSCALL_EMULATE + " + fi + CONFIG_CHECK+=" + ~!LEGACY_VSYSCALL_NONE + " + WARNING_LEGACY_VSYSCALL_NONE="CONFIG_LEGACY_VSYSCALL_NONE enabled: \ + Containers with <=glibc-2.13 will not work" + + if kernel_is le 4 5; then + CONFIG_CHECK+=" + ~MEMCG_KMEM + " + fi + + if kernel_is lt 5; then + CONFIG_CHECK+=" + ~IOSCHED_CFQ ~CFQ_GROUP_IOSCHED + " + fi + + CONFIG_CHECK+=" + ~BLK_CGROUP ~BLK_DEV_THROTTLING + ~CGROUP_PERF + ~CGROUP_HUGETLB + ~NET_CLS_CGROUP ~CGROUP_NET_PRIO + ~CFS_BANDWIDTH ~FAIR_GROUP_SCHED + ~IP_NF_TARGET_REDIRECT + ~IP_VS + ~IP_VS_NFCT + ~IP_VS_PROTO_TCP + ~IP_VS_PROTO_UDP + ~IP_VS_RR + " + + if use selinux; then + CONFIG_CHECK+=" + ~SECURITY_SELINUX + " + fi + + if use apparmor; then + CONFIG_CHECK+=" + ~SECURITY_APPARMOR + " + fi + + # if ! is_set EXT4_USE_FOR_EXT2; then + # check_flags EXT3_FS EXT3_FS_XATTR EXT3_FS_POSIX_ACL EXT3_FS_SECURITY + # if ! is_set EXT3_FS || ! is_set EXT3_FS_XATTR || ! is_set EXT3_FS_POSIX_ACL || ! is_set EXT3_FS_SECURITY; then + # echo " $(wrap_color '(enable these ext3 configs if you are using ext3 as backing filesystem)' bold black)" + # fi + # fi + + CONFIG_CHECK+=" + ~EXT4_FS ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY + " + + # if ! is_set EXT4_FS || ! is_set EXT4_FS_POSIX_ACL || ! is_set EXT4_FS_SECURITY; then + # if is_set EXT4_USE_FOR_EXT2; then + # echo " $(wrap_color 'enable these ext4 configs if you are using ext3 or ext4 as backing filesystem' bold black)" + # else + # echo " $(wrap_color 'enable these ext4 configs if you are using ext4 as backing filesystem' bold black)" + # fi + # fi + + # network drivers + CONFIG_CHECK+=" + ~VXLAN ~BRIDGE_VLAN_FILTERING + ~CRYPTO ~CRYPTO_AEAD ~CRYPTO_GCM ~CRYPTO_SEQIV ~CRYPTO_GHASH + ~XFRM ~XFRM_USER ~XFRM_ALGO ~INET_ESP + " + if kernel_is le 5 3; then + CONFIG_CHECK+=" + ~INET_XFRM_MODE_TRANSPORT + " + fi + + CONFIG_CHECK+=" + ~IPVLAN + " + CONFIG_CHECK+=" + ~MACVLAN ~DUMMY + " + CONFIG_CHECK+=" + ~NF_NAT_FTP ~NF_CONNTRACK_FTP ~NF_NAT_TFTP ~NF_CONNTRACK_TFTP + " + + # storage drivers + if use btrfs; then + CONFIG_CHECK+=" + ~BTRFS_FS + ~BTRFS_FS_POSIX_ACL + " + fi + + if use device-mapper; then + CONFIG_CHECK+=" + ~BLK_DEV_DM ~DM_THIN_PROVISIONING + " + fi + + CONFIG_CHECK+=" + ~OVERLAY_FS + " + + linux-info_pkg_setup +} + +src_compile() { + export DOCKER_GITCOMMIT="${GIT_COMMIT}" + export GOPATH="${WORKDIR}/${P}" + export VERSION=${PV} + + # setup CFLAGS and LDFLAGS for separate build target + # see https://github.com/tianon/docker-overlay/pull/10 + export CGO_CFLAGS="-I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)" + + # let's set up some optional features :) + export DOCKER_BUILDTAGS='' + for gd in btrfs device-mapper overlay; do + if ! use $gd; then + DOCKER_BUILDTAGS+=" exclude_graphdriver_${gd//-/}" + fi + done + + for tag in apparmor seccomp; do + if use $tag; then + DOCKER_BUILDTAGS+=" $tag" + fi + done + + # build binaries + ./hack/make.sh dynbinary || die 'dynbinary failed' +} + +src_install() { + dosym containerd /usr/bin/docker-containerd + dosym containerd-shim /usr/bin/docker-containerd-shim + dosym runc /usr/bin/docker-runc + use container-init && dosym tini /usr/bin/docker-init + dobin bundles/dynbinary-daemon/dockerd + dobin bundles/dynbinary-daemon/docker-proxy + + newinitd contrib/init/openrc/docker.initd docker + newconfd contrib/init/openrc/docker.confd docker + + systemd_dounit contrib/init/systemd/docker.{service,socket} + + udev_dorules contrib/udev/*.rules + + dodoc AUTHORS CONTRIBUTING.md NOTICE README.md + dodoc -r docs/* + + # note: intentionally not using "doins" so that we preserve +x bits + dodir /usr/share/${PN}/contrib + cp -R contrib/* "${ED}/usr/share/${PN}/contrib" +} + +pkg_postinst() { + udev_reload + + elog + elog "To use Docker, the Docker daemon must be running as root. To automatically" + elog "start the Docker daemon at boot:" + if systemd_is_booted || has_version sys-apps/systemd; then + elog " systemctl enable docker.service" + else + elog " rc-update add docker default" + fi + elog + elog "To use Docker as a non-root user, add yourself to the 'docker' group:" + elog ' usermod -aG docker <youruser>' + elog + + if use device-mapper; then + elog " Devicemapper storage driver has been deprecated" + elog " It will be removed in a future release" + elog + fi + + if use overlay; then + elog " Overlay storage driver/USEflag has been deprecated" + elog " in favor of overlay2 (enabled unconditionally)" + elog + fi + + if has_version sys-fs/zfs; then + elog " ZFS storage driver is available" + elog " Check https://docs.docker.com/storage/storagedriver/zfs-driver for more info" + elog + fi +} + +pkg_postrm() { + udev_reload +} diff --git a/app-containers/docker/docker-24.0.7-r1.ebuild b/app-containers/docker/docker-24.0.7-r1.ebuild new file mode 100644 index 000000000000..ad913c3d0c3b --- /dev/null +++ b/app-containers/docker/docker-24.0.7-r1.ebuild @@ -0,0 +1,335 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +EGO_PN=github.com/docker/docker +MY_PV=${PV/_/-} +inherit linux-info systemd udev golang-vcs-snapshot +GIT_COMMIT=311b9ff0aa93aa55880e1e5f8871c4fb69583426 + +DESCRIPTION="The core functions you need to create Docker images and run Docker containers" +HOMEPAGE="https://www.docker.com/" +SRC_URI="https://github.com/moby/moby/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="apparmor btrfs +container-init device-mapper overlay seccomp selinux systemd" + +DEPEND=" + acct-group/docker + >=dev-db/sqlite-3.7.9:3 + apparmor? ( sys-libs/libapparmor ) + btrfs? ( >=sys-fs/btrfs-progs-3.16.1 ) + device-mapper? ( >=sys-fs/lvm2-2.02.89[thin] ) + seccomp? ( >=sys-libs/libseccomp-2.2.1 ) + systemd? ( sys-apps/systemd ) +" + +# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#runtime-dependencies +# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#optional-dependencies +RDEPEND=" + ${DEPEND} + >=net-firewall/iptables-1.4 + sys-process/procps + >=dev-vcs/git-1.7 + >=app-arch/xz-utils-4.9 + dev-libs/libltdl + >=app-containers/containerd-1.7.3[apparmor?,btrfs?,device-mapper?,seccomp?] + >=app-containers/runc-1.1.9[apparmor?,seccomp?] + !app-containers/docker-proxy + container-init? ( >=sys-process/tini-0.19.0[static] ) + selinux? ( sec-policy/selinux-docker ) +" + +# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies +BDEPEND=" + >=dev-lang/go-1.16.12 + dev-go/go-md2man + virtual/pkgconfig +" +# tests require running dockerd as root and downloading containers +RESTRICT="installsources strip test" + +S="${WORKDIR}/${P}/src/${EGO_PN}" + +# https://bugs.gentoo.org/748984 https://github.com/etcd-io/etcd/pull/12552 +PATCHES=( + "${FILESDIR}/0001-Openrc-Depend-on-containerd-init-script.patch" + "${FILESDIR}/docker-24.0.5-automagic-systemd.patch" +) + +pkg_setup() { + # this is based on "contrib/check-config.sh" from upstream's sources + # required features. + CONFIG_CHECK=" + ~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS + ~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG + ~KEYS + ~VETH ~BRIDGE ~BRIDGE_NETFILTER + ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE + ~NETFILTER_XT_MATCH_ADDRTYPE + ~NETFILTER_XT_MATCH_CONNTRACK + ~NETFILTER_XT_MATCH_IPVS + ~NETFILTER_XT_MARK + ~IP_NF_NAT ~NF_NAT + ~POSIX_MQUEUE + " + WARNING_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: is required for bind-mounting /dev/mqueue into containers" + + if kernel_is lt 4 8; then + CONFIG_CHECK+=" + ~DEVPTS_MULTIPLE_INSTANCES + " + fi + + if kernel_is le 5 1; then + CONFIG_CHECK+=" + ~NF_NAT_IPV4 + " + fi + + if kernel_is le 5 2; then + CONFIG_CHECK+=" + ~NF_NAT_NEEDED + " + fi + + if kernel_is ge 4 15; then + CONFIG_CHECK+=" + ~CGROUP_BPF + " + fi + + # optional features + CONFIG_CHECK+=" + ~USER_NS + " + + if use seccomp; then + CONFIG_CHECK+=" + ~SECCOMP ~SECCOMP_FILTER + " + fi + + CONFIG_CHECK+=" + ~CGROUP_PIDS + " + + if kernel_is lt 6 1; then + CONFIG_CHECK+=" + ~MEMCG_SWAP + " + fi + + if kernel_is le 5 8; then + CONFIG_CHECK+=" + ~MEMCG_SWAP_ENABLED + " + fi + + CONFIG_CHECK+=" + ~!LEGACY_VSYSCALL_NATIVE + " + if kernel_is lt 5 19; then + CONFIG_CHECK+=" + ~LEGACY_VSYSCALL_EMULATE + " + fi + CONFIG_CHECK+=" + ~!LEGACY_VSYSCALL_NONE + " + WARNING_LEGACY_VSYSCALL_NONE="CONFIG_LEGACY_VSYSCALL_NONE enabled: \ + Containers with <=glibc-2.13 will not work" + + if kernel_is le 4 5; then + CONFIG_CHECK+=" + ~MEMCG_KMEM + " + fi + + if kernel_is lt 5; then + CONFIG_CHECK+=" + ~IOSCHED_CFQ ~CFQ_GROUP_IOSCHED + " + fi + + CONFIG_CHECK+=" + ~BLK_CGROUP ~BLK_DEV_THROTTLING + ~CGROUP_PERF + ~CGROUP_HUGETLB + ~NET_CLS_CGROUP ~CGROUP_NET_PRIO + ~CFS_BANDWIDTH ~FAIR_GROUP_SCHED + ~IP_NF_TARGET_REDIRECT + ~IP_VS + ~IP_VS_NFCT + ~IP_VS_PROTO_TCP + ~IP_VS_PROTO_UDP + ~IP_VS_RR + " + + if use selinux; then + CONFIG_CHECK+=" + ~SECURITY_SELINUX + " + fi + + if use apparmor; then + CONFIG_CHECK+=" + ~SECURITY_APPARMOR + " + fi + + # if ! is_set EXT4_USE_FOR_EXT2; then + # check_flags EXT3_FS EXT3_FS_XATTR EXT3_FS_POSIX_ACL EXT3_FS_SECURITY + # if ! is_set EXT3_FS || ! is_set EXT3_FS_XATTR || ! is_set EXT3_FS_POSIX_ACL || ! is_set EXT3_FS_SECURITY; then + # echo " $(wrap_color '(enable these ext3 configs if you are using ext3 as backing filesystem)' bold black)" + # fi + # fi + + CONFIG_CHECK+=" + ~EXT4_FS ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY + " + + # if ! is_set EXT4_FS || ! is_set EXT4_FS_POSIX_ACL || ! is_set EXT4_FS_SECURITY; then + # if is_set EXT4_USE_FOR_EXT2; then + # echo " $(wrap_color 'enable these ext4 configs if you are using ext3 or ext4 as backing filesystem' bold black)" + # else + # echo " $(wrap_color 'enable these ext4 configs if you are using ext4 as backing filesystem' bold black)" + # fi + # fi + + # network drivers + CONFIG_CHECK+=" + ~VXLAN ~BRIDGE_VLAN_FILTERING + ~CRYPTO ~CRYPTO_AEAD ~CRYPTO_GCM ~CRYPTO_SEQIV ~CRYPTO_GHASH + ~XFRM ~XFRM_USER ~XFRM_ALGO ~INET_ESP + " + if kernel_is le 5 3; then + CONFIG_CHECK+=" + ~INET_XFRM_MODE_TRANSPORT + " + fi + + CONFIG_CHECK+=" + ~IPVLAN + " + CONFIG_CHECK+=" + ~MACVLAN ~DUMMY + " + CONFIG_CHECK+=" + ~NF_NAT_FTP ~NF_CONNTRACK_FTP ~NF_NAT_TFTP ~NF_CONNTRACK_TFTP + " + + # storage drivers + if use btrfs; then + CONFIG_CHECK+=" + ~BTRFS_FS + ~BTRFS_FS_POSIX_ACL + " + fi + + if use device-mapper; then + CONFIG_CHECK+=" + ~BLK_DEV_DM ~DM_THIN_PROVISIONING + " + fi + + CONFIG_CHECK+=" + ~OVERLAY_FS + " + + linux-info_pkg_setup +} + +src_compile() { + export DOCKER_GITCOMMIT="${GIT_COMMIT}" + export GOPATH="${WORKDIR}/${P}" + export VERSION=${PV} + + # setup CFLAGS and LDFLAGS for separate build target + # see https://github.com/tianon/docker-overlay/pull/10 + export CGO_CFLAGS="-I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)" + + # let's set up some optional features :) + export DOCKER_BUILDTAGS='' + for gd in btrfs device-mapper overlay; do + if ! use $gd; then + DOCKER_BUILDTAGS+=" exclude_graphdriver_${gd//-/}" + fi + done + + for tag in apparmor seccomp; do + if use $tag; then + DOCKER_BUILDTAGS+=" $tag" + fi + done + + export SYSTEMD=$(usex systemd 1 0) + + # build binaries + ./hack/make.sh dynbinary || die 'dynbinary failed' +} + +src_install() { + dosym containerd /usr/bin/docker-containerd + dosym containerd-shim /usr/bin/docker-containerd-shim + dosym runc /usr/bin/docker-runc + use container-init && dosym tini /usr/bin/docker-init + dobin bundles/dynbinary-daemon/dockerd + dobin bundles/dynbinary-daemon/docker-proxy + + newinitd contrib/init/openrc/docker.initd docker + newconfd contrib/init/openrc/docker.confd docker + + systemd_dounit contrib/init/systemd/docker.{service,socket} + + udev_dorules contrib/udev/*.rules + + dodoc AUTHORS CONTRIBUTING.md NOTICE README.md + dodoc -r docs/* + + # note: intentionally not using "doins" so that we preserve +x bits + dodir /usr/share/${PN}/contrib + cp -R contrib/* "${ED}/usr/share/${PN}/contrib" +} + +pkg_postinst() { + udev_reload + + elog + elog "To use Docker, the Docker daemon must be running as root. To automatically" + elog "start the Docker daemon at boot:" + if systemd_is_booted || has_version sys-apps/systemd; then + elog " systemctl enable docker.service" + else + elog " rc-update add docker default" + fi + elog + elog "To use Docker as a non-root user, add yourself to the 'docker' group:" + elog ' usermod -aG docker <youruser>' + elog + + if use device-mapper; then + elog " Devicemapper storage driver has been deprecated" + elog " It will be removed in a future release" + elog + fi + + if use overlay; then + elog " Overlay storage driver/USEflag has been deprecated" + elog " in favor of overlay2 (enabled unconditionally)" + elog + fi + + if has_version sys-fs/zfs; then + elog " ZFS storage driver is available" + elog " Check https://docs.docker.com/storage/storagedriver/zfs-driver for more info" + elog + fi +} + +pkg_postrm() { + udev_reload +} diff --git a/app-containers/docker/docker-25.0.1.ebuild b/app-containers/docker/docker-25.0.1.ebuild new file mode 100644 index 000000000000..92c7e31beb2d --- /dev/null +++ b/app-containers/docker/docker-25.0.1.ebuild @@ -0,0 +1,318 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +EGO_PN=github.com/docker/docker +MY_PV=${PV/_/-} +inherit linux-info systemd udev golang-vcs-snapshot +GIT_COMMIT=71fa3ab079ec13d17257f86fa92db8d7f24802f1 + +DESCRIPTION="The core functions you need to create Docker images and run Docker containers" +HOMEPAGE="https://www.docker.com/" +SRC_URI="https://github.com/moby/moby/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="apparmor btrfs +container-init overlay seccomp selinux" + +DEPEND=" + acct-group/docker + >=dev-db/sqlite-3.7.9:3 + apparmor? ( sys-libs/libapparmor ) + btrfs? ( >=sys-fs/btrfs-progs-3.16.1 ) + seccomp? ( >=sys-libs/libseccomp-2.2.1 ) +" + +# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#runtime-dependencies +# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#optional-dependencies +RDEPEND=" + ${DEPEND} + >=net-firewall/iptables-1.4 + sys-process/procps + >=dev-vcs/git-1.7 + >=app-arch/xz-utils-4.9 + dev-libs/libltdl + >=app-containers/containerd-1.7.3[apparmor?,btrfs?,seccomp?] + >=app-containers/runc-1.1.9[apparmor?,seccomp?] + !app-containers/docker-proxy + container-init? ( >=sys-process/tini-0.19.0[static] ) + selinux? ( sec-policy/selinux-docker ) +" + +# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies +BDEPEND=" + >=dev-lang/go-1.16.12 + dev-go/go-md2man + virtual/pkgconfig +" +# tests require running dockerd as root and downloading containers +RESTRICT="installsources strip test" + +S="${WORKDIR}/${P}/src/${EGO_PN}" + +# https://bugs.gentoo.org/748984 https://github.com/etcd-io/etcd/pull/12552 +PATCHES=( + "${FILESDIR}/0001-Openrc-Depend-on-containerd-init-script.patch" +) + +pkg_setup() { + # this is based on "contrib/check-config.sh" from upstream's sources + # required features. + CONFIG_CHECK=" + ~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS + ~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG + ~KEYS + ~VETH ~BRIDGE ~BRIDGE_NETFILTER + ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE + ~NETFILTER_XT_MATCH_ADDRTYPE + ~NETFILTER_XT_MATCH_CONNTRACK + ~NETFILTER_XT_MATCH_IPVS + ~NETFILTER_XT_MARK + ~IP_NF_NAT ~NF_NAT + ~POSIX_MQUEUE + " + WARNING_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: is required for bind-mounting /dev/mqueue into containers" + + if kernel_is lt 4 8; then + CONFIG_CHECK+=" + ~DEVPTS_MULTIPLE_INSTANCES + " + fi + + if kernel_is le 5 1; then + CONFIG_CHECK+=" + ~NF_NAT_IPV4 + " + fi + + if kernel_is le 5 2; then + CONFIG_CHECK+=" + ~NF_NAT_NEEDED + " + fi + + if kernel_is ge 4 15; then + CONFIG_CHECK+=" + ~CGROUP_BPF + " + fi + + # optional features + CONFIG_CHECK+=" + ~USER_NS + " + + if use seccomp; then + CONFIG_CHECK+=" + ~SECCOMP ~SECCOMP_FILTER + " + fi + + CONFIG_CHECK+=" + ~CGROUP_PIDS + " + + if kernel_is lt 6 1; then + CONFIG_CHECK+=" + ~MEMCG_SWAP + " + fi + + if kernel_is le 5 8; then + CONFIG_CHECK+=" + ~MEMCG_SWAP_ENABLED + " + fi + + CONFIG_CHECK+=" + ~!LEGACY_VSYSCALL_NATIVE + " + if kernel_is lt 5 19; then + CONFIG_CHECK+=" + ~LEGACY_VSYSCALL_EMULATE + " + fi + CONFIG_CHECK+=" + ~!LEGACY_VSYSCALL_NONE + " + WARNING_LEGACY_VSYSCALL_NONE="CONFIG_LEGACY_VSYSCALL_NONE enabled: \ + Containers with <=glibc-2.13 will not work" + + if kernel_is le 4 5; then + CONFIG_CHECK+=" + ~MEMCG_KMEM + " + fi + + if kernel_is lt 5; then + CONFIG_CHECK+=" + ~IOSCHED_CFQ ~CFQ_GROUP_IOSCHED + " + fi + + CONFIG_CHECK+=" + ~BLK_CGROUP ~BLK_DEV_THROTTLING + ~CGROUP_PERF + ~CGROUP_HUGETLB + ~NET_CLS_CGROUP ~CGROUP_NET_PRIO + ~CFS_BANDWIDTH ~FAIR_GROUP_SCHED + ~IP_NF_TARGET_REDIRECT + ~IP_VS + ~IP_VS_NFCT + ~IP_VS_PROTO_TCP + ~IP_VS_PROTO_UDP + ~IP_VS_RR + " + + if use selinux; then + CONFIG_CHECK+=" + ~SECURITY_SELINUX + " + fi + + if use apparmor; then + CONFIG_CHECK+=" + ~SECURITY_APPARMOR + " + fi + + # if ! is_set EXT4_USE_FOR_EXT2; then + # check_flags EXT3_FS EXT3_FS_XATTR EXT3_FS_POSIX_ACL EXT3_FS_SECURITY + # if ! is_set EXT3_FS || ! is_set EXT3_FS_XATTR || ! is_set EXT3_FS_POSIX_ACL || ! is_set EXT3_FS_SECURITY; then + # echo " $(wrap_color '(enable these ext3 configs if you are using ext3 as backing filesystem)' bold black)" + # fi + # fi + + CONFIG_CHECK+=" + ~EXT4_FS ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY + " + + # if ! is_set EXT4_FS || ! is_set EXT4_FS_POSIX_ACL || ! is_set EXT4_FS_SECURITY; then + # if is_set EXT4_USE_FOR_EXT2; then + # echo " $(wrap_color 'enable these ext4 configs if you are using ext3 or ext4 as backing filesystem' bold black)" + # else + # echo " $(wrap_color 'enable these ext4 configs if you are using ext4 as backing filesystem' bold black)" + # fi + # fi + + # network drivers + CONFIG_CHECK+=" + ~VXLAN ~BRIDGE_VLAN_FILTERING + ~CRYPTO ~CRYPTO_AEAD ~CRYPTO_GCM ~CRYPTO_SEQIV ~CRYPTO_GHASH + ~XFRM ~XFRM_USER ~XFRM_ALGO ~INET_ESP + " + if kernel_is le 5 3; then + CONFIG_CHECK+=" + ~INET_XFRM_MODE_TRANSPORT + " + fi + + CONFIG_CHECK+=" + ~IPVLAN + " + CONFIG_CHECK+=" + ~MACVLAN ~DUMMY + " + CONFIG_CHECK+=" + ~NF_NAT_FTP ~NF_CONNTRACK_FTP ~NF_NAT_TFTP ~NF_CONNTRACK_TFTP + " + + # storage drivers + if use btrfs; then + CONFIG_CHECK+=" + ~BTRFS_FS + ~BTRFS_FS_POSIX_ACL + " + fi + + CONFIG_CHECK+=" + ~OVERLAY_FS + " + + linux-info_pkg_setup +} + +src_compile() { + export DOCKER_GITCOMMIT="${GIT_COMMIT}" + export GOPATH="${WORKDIR}/${P}" + export VERSION=${PV} + + # setup CFLAGS and LDFLAGS for separate build target + # see https://github.com/tianon/docker-overlay/pull/10 + export CGO_CFLAGS="-I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)" + + # let's set up some optional features :) + export DOCKER_BUILDTAGS='' + for gd in btrfs overlay; do + if ! use $gd; then + DOCKER_BUILDTAGS+=" exclude_graphdriver_${gd//-/}" + fi + done + + for tag in apparmor seccomp; do + if use $tag; then + DOCKER_BUILDTAGS+=" $tag" + fi + done + + # build binaries + ./hack/make.sh dynbinary || die 'dynbinary failed' +} + +src_install() { + dosym containerd /usr/bin/docker-containerd + dosym containerd-shim /usr/bin/docker-containerd-shim + dosym runc /usr/bin/docker-runc + use container-init && dosym tini /usr/bin/docker-init + dobin bundles/dynbinary-daemon/dockerd + dobin bundles/dynbinary-daemon/docker-proxy + + newinitd contrib/init/openrc/docker.initd docker + newconfd contrib/init/openrc/docker.confd docker + + systemd_dounit contrib/init/systemd/docker.{service,socket} + + udev_dorules contrib/udev/*.rules + + dodoc AUTHORS CONTRIBUTING.md NOTICE README.md + dodoc -r docs/* + + # note: intentionally not using "doins" so that we preserve +x bits + dodir /usr/share/${PN}/contrib + cp -R contrib/* "${ED}/usr/share/${PN}/contrib" +} + +pkg_postinst() { + udev_reload + + elog + elog "To use Docker, the Docker daemon must be running as root. To automatically" + elog "start the Docker daemon at boot:" + if systemd_is_booted || has_version sys-apps/systemd; then + elog " systemctl enable docker.service" + else + elog " rc-update add docker default" + fi + elog + elog "To use Docker as a non-root user, add yourself to the 'docker' group:" + elog ' usermod -aG docker <youruser>' + elog + + if use overlay; then + elog " Overlay storage driver/USEflag has been deprecated" + elog " in favor of overlay2 (enabled unconditionally)" + elog + fi + + if has_version sys-fs/zfs; then + elog " ZFS storage driver is available" + elog " Check https://docs.docker.com/storage/storagedriver/zfs-driver for more info" + elog + fi +} + +pkg_postrm() { + udev_reload +} diff --git a/app-containers/docker/docker-25.0.4.ebuild b/app-containers/docker/docker-25.0.4.ebuild new file mode 100644 index 000000000000..739506d1d063 --- /dev/null +++ b/app-containers/docker/docker-25.0.4.ebuild @@ -0,0 +1,318 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +EGO_PN=github.com/docker/docker +MY_PV=${PV/_/-} +inherit linux-info systemd udev golang-vcs-snapshot +GIT_COMMIT=061aa95809be396a6b5542618d8a34b02a21ff77 + +DESCRIPTION="The core functions you need to create Docker images and run Docker containers" +HOMEPAGE="https://www.docker.com/" +SRC_URI="https://github.com/moby/moby/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="apparmor btrfs +container-init overlay seccomp selinux" + +DEPEND=" + acct-group/docker + >=dev-db/sqlite-3.7.9:3 + apparmor? ( sys-libs/libapparmor ) + btrfs? ( >=sys-fs/btrfs-progs-3.16.1 ) + seccomp? ( >=sys-libs/libseccomp-2.2.1 ) +" + +# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#runtime-dependencies +# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#optional-dependencies +RDEPEND=" + ${DEPEND} + >=net-firewall/iptables-1.4 + sys-process/procps + >=dev-vcs/git-1.7 + >=app-arch/xz-utils-4.9 + dev-libs/libltdl + >=app-containers/containerd-1.7.12[apparmor?,btrfs?,seccomp?] + >=app-containers/runc-1.1.12[apparmor?,seccomp?] + !app-containers/docker-proxy + container-init? ( >=sys-process/tini-0.19.0[static] ) + selinux? ( sec-policy/selinux-docker ) +" + +# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies +BDEPEND=" + >=dev-lang/go-1.16.12 + dev-go/go-md2man + virtual/pkgconfig +" +# tests require running dockerd as root and downloading containers +RESTRICT="installsources strip test" + +S="${WORKDIR}/${P}/src/${EGO_PN}" + +# https://bugs.gentoo.org/748984 https://github.com/etcd-io/etcd/pull/12552 +PATCHES=( + "${FILESDIR}/0001-Openrc-Depend-on-containerd-init-script.patch" +) + +pkg_setup() { + # this is based on "contrib/check-config.sh" from upstream's sources + # required features. + CONFIG_CHECK=" + ~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS + ~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG + ~KEYS + ~VETH ~BRIDGE ~BRIDGE_NETFILTER + ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE + ~NETFILTER_XT_MATCH_ADDRTYPE + ~NETFILTER_XT_MATCH_CONNTRACK + ~NETFILTER_XT_MATCH_IPVS + ~NETFILTER_XT_MARK + ~IP_NF_NAT ~NF_NAT + ~POSIX_MQUEUE + " + WARNING_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: is required for bind-mounting /dev/mqueue into containers" + + if kernel_is lt 4 8; then + CONFIG_CHECK+=" + ~DEVPTS_MULTIPLE_INSTANCES + " + fi + + if kernel_is le 5 1; then + CONFIG_CHECK+=" + ~NF_NAT_IPV4 + " + fi + + if kernel_is le 5 2; then + CONFIG_CHECK+=" + ~NF_NAT_NEEDED + " + fi + + if kernel_is ge 4 15; then + CONFIG_CHECK+=" + ~CGROUP_BPF + " + fi + + # optional features + CONFIG_CHECK+=" + ~USER_NS + " + + if use seccomp; then + CONFIG_CHECK+=" + ~SECCOMP ~SECCOMP_FILTER + " + fi + + CONFIG_CHECK+=" + ~CGROUP_PIDS + " + + if kernel_is lt 6 1; then + CONFIG_CHECK+=" + ~MEMCG_SWAP + " + fi + + if kernel_is le 5 8; then + CONFIG_CHECK+=" + ~MEMCG_SWAP_ENABLED + " + fi + + CONFIG_CHECK+=" + ~!LEGACY_VSYSCALL_NATIVE + " + if kernel_is lt 5 19; then + CONFIG_CHECK+=" + ~LEGACY_VSYSCALL_EMULATE + " + fi + CONFIG_CHECK+=" + ~!LEGACY_VSYSCALL_NONE + " + WARNING_LEGACY_VSYSCALL_NONE="CONFIG_LEGACY_VSYSCALL_NONE enabled: \ + Containers with <=glibc-2.13 will not work" + + if kernel_is le 4 5; then + CONFIG_CHECK+=" + ~MEMCG_KMEM + " + fi + + if kernel_is lt 5; then + CONFIG_CHECK+=" + ~IOSCHED_CFQ ~CFQ_GROUP_IOSCHED + " + fi + + CONFIG_CHECK+=" + ~BLK_CGROUP ~BLK_DEV_THROTTLING + ~CGROUP_PERF + ~CGROUP_HUGETLB + ~NET_CLS_CGROUP ~CGROUP_NET_PRIO + ~CFS_BANDWIDTH ~FAIR_GROUP_SCHED + ~IP_NF_TARGET_REDIRECT + ~IP_VS + ~IP_VS_NFCT + ~IP_VS_PROTO_TCP + ~IP_VS_PROTO_UDP + ~IP_VS_RR + " + + if use selinux; then + CONFIG_CHECK+=" + ~SECURITY_SELINUX + " + fi + + if use apparmor; then + CONFIG_CHECK+=" + ~SECURITY_APPARMOR + " + fi + + # if ! is_set EXT4_USE_FOR_EXT2; then + # check_flags EXT3_FS EXT3_FS_XATTR EXT3_FS_POSIX_ACL EXT3_FS_SECURITY + # if ! is_set EXT3_FS || ! is_set EXT3_FS_XATTR || ! is_set EXT3_FS_POSIX_ACL || ! is_set EXT3_FS_SECURITY; then + # echo " $(wrap_color '(enable these ext3 configs if you are using ext3 as backing filesystem)' bold black)" + # fi + # fi + + CONFIG_CHECK+=" + ~EXT4_FS ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY + " + + # if ! is_set EXT4_FS || ! is_set EXT4_FS_POSIX_ACL || ! is_set EXT4_FS_SECURITY; then + # if is_set EXT4_USE_FOR_EXT2; then + # echo " $(wrap_color 'enable these ext4 configs if you are using ext3 or ext4 as backing filesystem' bold black)" + # else + # echo " $(wrap_color 'enable these ext4 configs if you are using ext4 as backing filesystem' bold black)" + # fi + # fi + + # network drivers + CONFIG_CHECK+=" + ~VXLAN ~BRIDGE_VLAN_FILTERING + ~CRYPTO ~CRYPTO_AEAD ~CRYPTO_GCM ~CRYPTO_SEQIV ~CRYPTO_GHASH + ~XFRM ~XFRM_USER ~XFRM_ALGO ~INET_ESP + " + if kernel_is le 5 3; then + CONFIG_CHECK+=" + ~INET_XFRM_MODE_TRANSPORT + " + fi + + CONFIG_CHECK+=" + ~IPVLAN + " + CONFIG_CHECK+=" + ~MACVLAN ~DUMMY + " + CONFIG_CHECK+=" + ~NF_NAT_FTP ~NF_CONNTRACK_FTP ~NF_NAT_TFTP ~NF_CONNTRACK_TFTP + " + + # storage drivers + if use btrfs; then + CONFIG_CHECK+=" + ~BTRFS_FS + ~BTRFS_FS_POSIX_ACL + " + fi + + CONFIG_CHECK+=" + ~OVERLAY_FS + " + + linux-info_pkg_setup +} + +src_compile() { + export DOCKER_GITCOMMIT="${GIT_COMMIT}" + export GOPATH="${WORKDIR}/${P}" + export VERSION=${PV} + + # setup CFLAGS and LDFLAGS for separate build target + # see https://github.com/tianon/docker-overlay/pull/10 + export CGO_CFLAGS="-I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)" + + # let's set up some optional features :) + export DOCKER_BUILDTAGS='' + for gd in btrfs overlay; do + if ! use $gd; then + DOCKER_BUILDTAGS+=" exclude_graphdriver_${gd//-/}" + fi + done + + for tag in apparmor seccomp; do + if use $tag; then + DOCKER_BUILDTAGS+=" $tag" + fi + done + + # build binaries + ./hack/make.sh dynbinary || die 'dynbinary failed' +} + +src_install() { + dosym containerd /usr/bin/docker-containerd + dosym containerd-shim /usr/bin/docker-containerd-shim + dosym runc /usr/bin/docker-runc + use container-init && dosym tini /usr/bin/docker-init + dobin bundles/dynbinary-daemon/dockerd + dobin bundles/dynbinary-daemon/docker-proxy + + newinitd contrib/init/openrc/docker.initd docker + newconfd contrib/init/openrc/docker.confd docker + + systemd_dounit contrib/init/systemd/docker.{service,socket} + + udev_dorules contrib/udev/*.rules + + dodoc AUTHORS CONTRIBUTING.md NOTICE README.md + dodoc -r docs/* + + # note: intentionally not using "doins" so that we preserve +x bits + dodir /usr/share/${PN}/contrib + cp -R contrib/* "${ED}/usr/share/${PN}/contrib" +} + +pkg_postinst() { + udev_reload + + elog + elog "To use Docker, the Docker daemon must be running as root. To automatically" + elog "start the Docker daemon at boot:" + if systemd_is_booted || has_version sys-apps/systemd; then + elog " systemctl enable docker.service" + else + elog " rc-update add docker default" + fi + elog + elog "To use Docker as a non-root user, add yourself to the 'docker' group:" + elog ' usermod -aG docker <youruser>' + elog + + if use overlay; then + elog " Overlay storage driver/USEflag has been deprecated" + elog " in favor of overlay2 (enabled unconditionally)" + elog + fi + + if has_version sys-fs/zfs; then + elog " ZFS storage driver is available" + elog " Check https://docs.docker.com/storage/storagedriver/zfs-driver for more info" + elog + fi +} + +pkg_postrm() { + udev_reload +} diff --git a/app-containers/docker/docker-26.1.0-r1.ebuild b/app-containers/docker/docker-26.1.0-r1.ebuild new file mode 100644 index 000000000000..9a1e51a65f67 --- /dev/null +++ b/app-containers/docker/docker-26.1.0-r1.ebuild @@ -0,0 +1,322 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +EGO_PN=github.com/docker/docker +MY_PV=${PV/_/-} +inherit golang-vcs-snapshot linux-info systemd udev +GIT_COMMIT=061aa95809be396a6b5542618d8a34b02a21ff77 + +DESCRIPTION="The core functions you need to create Docker images and run Docker containers" +HOMEPAGE="https://www.docker.com/" +SRC_URI="https://github.com/moby/moby/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="apparmor btrfs +container-init overlay seccomp selinux systemd" + +DEPEND=" + acct-group/docker + >=dev-db/sqlite-3.7.9:3 + apparmor? ( sys-libs/libapparmor ) + btrfs? ( >=sys-fs/btrfs-progs-3.16.1 ) + seccomp? ( >=sys-libs/libseccomp-2.2.1 ) + systemd? ( sys-apps/systemd ) +" + +# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#runtime-dependencies +# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#optional-dependencies +RDEPEND=" + ${DEPEND} + >=net-firewall/iptables-1.4 + sys-process/procps + >=dev-vcs/git-1.7 + >=app-arch/xz-utils-4.9 + >=app-containers/containerd-1.7.15[apparmor?,btrfs?,seccomp?] + >=app-containers/runc-1.1.12[apparmor?,seccomp?] + !app-containers/docker-proxy + container-init? ( >=sys-process/tini-0.19.0[static] ) + selinux? ( sec-policy/selinux-docker ) +" + +# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies +BDEPEND=" + >=dev-lang/go-1.16.12 + dev-go/go-md2man + virtual/pkgconfig +" +# tests require running dockerd as root and downloading containers +RESTRICT="installsources strip test" + +S="${WORKDIR}/${P}/src/${EGO_PN}" + +# https://bugs.gentoo.org/748984 https://github.com/etcd-io/etcd/pull/12552 +PATCHES=( + "${FILESDIR}/0001-Openrc-Depend-on-containerd-init-script.patch" + "${FILESDIR}/docker-26.1.0-automagic-systemd.patch" +) + +pkg_setup() { + # this is based on "contrib/check-config.sh" from upstream's sources + # required features. + CONFIG_CHECK=" + ~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS + ~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG + ~KEYS + ~VETH ~BRIDGE ~BRIDGE_NETFILTER + ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE + ~NETFILTER_XT_MATCH_ADDRTYPE + ~NETFILTER_XT_MATCH_CONNTRACK + ~NETFILTER_XT_MATCH_IPVS + ~NETFILTER_XT_MARK + ~IP_NF_NAT ~NF_NAT + ~POSIX_MQUEUE + " + WARNING_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: is required for bind-mounting /dev/mqueue into containers" + + if kernel_is lt 4 8; then + CONFIG_CHECK+=" + ~DEVPTS_MULTIPLE_INSTANCES + " + fi + + if kernel_is le 5 1; then + CONFIG_CHECK+=" + ~NF_NAT_IPV4 + " + fi + + if kernel_is le 5 2; then + CONFIG_CHECK+=" + ~NF_NAT_NEEDED + " + fi + + if kernel_is ge 4 15; then + CONFIG_CHECK+=" + ~CGROUP_BPF + " + fi + + # optional features + CONFIG_CHECK+=" + ~USER_NS + " + + if use seccomp; then + CONFIG_CHECK+=" + ~SECCOMP ~SECCOMP_FILTER + " + fi + + CONFIG_CHECK+=" + ~CGROUP_PIDS + " + + if kernel_is lt 6 1; then + CONFIG_CHECK+=" + ~MEMCG_SWAP + " + fi + + if kernel_is le 5 8; then + CONFIG_CHECK+=" + ~MEMCG_SWAP_ENABLED + " + fi + + CONFIG_CHECK+=" + ~!LEGACY_VSYSCALL_NATIVE + " + if kernel_is lt 5 19; then + CONFIG_CHECK+=" + ~LEGACY_VSYSCALL_EMULATE + " + fi + CONFIG_CHECK+=" + ~!LEGACY_VSYSCALL_NONE + " + WARNING_LEGACY_VSYSCALL_NONE="CONFIG_LEGACY_VSYSCALL_NONE enabled: \ + Containers with <=glibc-2.13 will not work" + + if kernel_is le 4 5; then + CONFIG_CHECK+=" + ~MEMCG_KMEM + " + fi + + if kernel_is lt 5; then + CONFIG_CHECK+=" + ~IOSCHED_CFQ ~CFQ_GROUP_IOSCHED + " + fi + + CONFIG_CHECK+=" + ~BLK_CGROUP ~BLK_DEV_THROTTLING + ~CGROUP_PERF + ~CGROUP_HUGETLB + ~NET_CLS_CGROUP ~CGROUP_NET_PRIO + ~CFS_BANDWIDTH ~FAIR_GROUP_SCHED + ~IP_NF_TARGET_REDIRECT + ~IP_VS + ~IP_VS_NFCT + ~IP_VS_PROTO_TCP + ~IP_VS_PROTO_UDP + ~IP_VS_RR + " + + if use selinux; then + CONFIG_CHECK+=" + ~SECURITY_SELINUX + " + fi + + if use apparmor; then + CONFIG_CHECK+=" + ~SECURITY_APPARMOR + " + fi + + # if ! is_set EXT4_USE_FOR_EXT2; then + # check_flags EXT3_FS EXT3_FS_XATTR EXT3_FS_POSIX_ACL EXT3_FS_SECURITY + # if ! is_set EXT3_FS || ! is_set EXT3_FS_XATTR || ! is_set EXT3_FS_POSIX_ACL || ! is_set EXT3_FS_SECURITY; then + # echo " $(wrap_color '(enable these ext3 configs if you are using ext3 as backing filesystem)' bold black)" + # fi + # fi + + CONFIG_CHECK+=" + ~EXT4_FS ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY + " + + # if ! is_set EXT4_FS || ! is_set EXT4_FS_POSIX_ACL || ! is_set EXT4_FS_SECURITY; then + # if is_set EXT4_USE_FOR_EXT2; then + # echo " $(wrap_color 'enable these ext4 configs if you are using ext3 or ext4 as backing filesystem' bold black)" + # else + # echo " $(wrap_color 'enable these ext4 configs if you are using ext4 as backing filesystem' bold black)" + # fi + # fi + + # network drivers + CONFIG_CHECK+=" + ~VXLAN ~BRIDGE_VLAN_FILTERING + ~CRYPTO ~CRYPTO_AEAD ~CRYPTO_GCM ~CRYPTO_SEQIV ~CRYPTO_GHASH + ~XFRM ~XFRM_USER ~XFRM_ALGO ~INET_ESP + " + if kernel_is le 5 3; then + CONFIG_CHECK+=" + ~INET_XFRM_MODE_TRANSPORT + " + fi + + CONFIG_CHECK+=" + ~IPVLAN + " + CONFIG_CHECK+=" + ~MACVLAN ~DUMMY + " + CONFIG_CHECK+=" + ~NF_NAT_FTP ~NF_CONNTRACK_FTP ~NF_NAT_TFTP ~NF_CONNTRACK_TFTP + " + + # storage drivers + if use btrfs; then + CONFIG_CHECK+=" + ~BTRFS_FS + ~BTRFS_FS_POSIX_ACL + " + fi + + CONFIG_CHECK+=" + ~OVERLAY_FS + " + + linux-info_pkg_setup +} + +src_compile() { + export DOCKER_GITCOMMIT="${GIT_COMMIT}" + export GOPATH="${WORKDIR}/${P}" + export VERSION=${PV} + tc-export PKG_CONFIG + + # setup CFLAGS and LDFLAGS for separate build target + # see https://github.com/tianon/docker-overlay/pull/10 + export CGO_CFLAGS="-I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)" + + # let's set up some optional features :) + export DOCKER_BUILDTAGS='' + for gd in btrfs overlay; do + if ! use $gd; then + DOCKER_BUILDTAGS+=" exclude_graphdriver_${gd//-/}" + fi + done + + for tag in apparmor seccomp; do + if use $tag; then + DOCKER_BUILDTAGS+=" $tag" + fi + done + + export SYSTEMD=$(usex systemd 1 0) + + # build binaries + ./hack/make.sh dynbinary || die 'dynbinary failed' +} + +src_install() { + dosym containerd /usr/bin/docker-containerd + dosym containerd-shim /usr/bin/docker-containerd-shim + dosym runc /usr/bin/docker-runc + use container-init && dosym tini /usr/bin/docker-init + dobin bundles/dynbinary-daemon/dockerd + dobin bundles/dynbinary-daemon/docker-proxy + + newinitd contrib/init/openrc/docker.initd docker + newconfd contrib/init/openrc/docker.confd docker + + systemd_dounit contrib/init/systemd/docker.{service,socket} + + udev_dorules contrib/udev/*.rules + + dodoc AUTHORS CONTRIBUTING.md NOTICE README.md + dodoc -r docs/* + + # note: intentionally not using "doins" so that we preserve +x bits + dodir /usr/share/${PN}/contrib + cp -R contrib/* "${ED}/usr/share/${PN}/contrib" +} + +pkg_postinst() { + udev_reload + + elog + elog "To use Docker, the Docker daemon must be running as root. To automatically" + elog "start the Docker daemon at boot:" + if systemd_is_booted || has_version sys-apps/systemd; then + elog " systemctl enable docker.service" + else + elog " rc-update add docker default" + fi + elog + elog "To use Docker as a non-root user, add yourself to the 'docker' group:" + elog ' usermod -aG docker <youruser>' + elog + + if use overlay; then + elog " Overlay storage driver/USEflag has been deprecated" + elog " in favor of overlay2 (enabled unconditionally)" + elog + fi + + if has_version sys-fs/zfs; then + elog " ZFS storage driver is available" + elog " Check https://docs.docker.com/storage/storagedriver/zfs-driver for more info" + elog + fi +} + +pkg_postrm() { + udev_reload +} diff --git a/app-containers/docker/files/0001-Openrc-Depend-on-containerd-init-script.patch b/app-containers/docker/files/0001-Openrc-Depend-on-containerd-init-script.patch new file mode 100644 index 000000000000..22aa145f33b8 --- /dev/null +++ b/app-containers/docker/files/0001-Openrc-Depend-on-containerd-init-script.patch @@ -0,0 +1,28 @@ +From bb69104381805014eb7675682d204fe460a52388 Mon Sep 17 00:00:00 2001 +From: Jan Breig <git@pygos.space> +Date: Mon, 16 May 2022 14:58:36 +0200 +Subject: [PATCH] Openrc: Depend on containerd init script + +Signed-off-by: Jan Breig <git@pygos.space> +--- + contrib/init/openrc/docker.initd | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/contrib/init/openrc/docker.initd b/contrib/init/openrc/docker.initd +index 3229223bad..57defb8f57 100644 +--- a/contrib/init/openrc/docker.initd ++++ b/contrib/init/openrc/docker.initd +@@ -17,6 +17,10 @@ rc_ulimit="${DOCKER_ULIMIT:--c unlimited -n 1048576 -u unlimited}" + + retry="${DOCKER_RETRY:-TERM/60/KILL/10}" + ++depend() { ++ need containerd ++} ++ + start_pre() { + checkpath -f -m 0644 -o root:docker "$DOCKER_LOGFILE" + } +-- +2.35.1 + diff --git a/app-containers/docker/files/docker-24.0.5-automagic-systemd.patch b/app-containers/docker/files/docker-24.0.5-automagic-systemd.patch new file mode 100644 index 000000000000..fb764b3b1a99 --- /dev/null +++ b/app-containers/docker/files/docker-24.0.5-automagic-systemd.patch @@ -0,0 +1,13 @@ +https://bugs.gentoo.org/914076 +https://github.com/moby/moby/issues/47770 +--- a/hack/make.sh ++++ b/hack/make.sh +@@ -90,7 +90,7 @@ add_buildtag() { + [[ " $DOCKER_BUILDTAGS" == *" $1_"* ]] || DOCKER_BUILDTAGS+=" $1_$2" + } + +-if ${PKG_CONFIG} 'libsystemd' 2> /dev/null; then ++if [[ -n "$SYSTEMD" ]] && [[ "$SYSTEMD" == 1 ]] && ${PKG_CONFIG} 'libsystemd' 2> /dev/null; then + DOCKER_BUILDTAGS+=" journald" + fi + diff --git a/app-containers/docker/files/docker-26.1.0-automagic-systemd.patch b/app-containers/docker/files/docker-26.1.0-automagic-systemd.patch new file mode 100644 index 000000000000..004dbb9ad3c7 --- /dev/null +++ b/app-containers/docker/files/docker-26.1.0-automagic-systemd.patch @@ -0,0 +1,13 @@ +https://bugs.gentoo.org/914076 +https://github.com/moby/moby/issues/47770 +--- a/hack/make.sh ++++ b/hack/make.sh +@@ -83,7 +83,7 @@ if [ ! "$GOPATH" ]; then + exit 1 + fi + +-if ${PKG_CONFIG} 'libsystemd' 2> /dev/null; then ++if [[ -n "$SYSTEMD" ]] && [[ "$SYSTEMD" == 1 ]] && ${PKG_CONFIG} 'libsystemd' 2> /dev/null; then + DOCKER_BUILDTAGS+=" journald" + fi + diff --git a/app-containers/docker/metadata.xml b/app-containers/docker/metadata.xml new file mode 100644 index 000000000000..5c680bb1005b --- /dev/null +++ b/app-containers/docker/metadata.xml @@ -0,0 +1,37 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <longdescription> + Docker is an open-source project to easily create lightweight, + portable, self-sufficient containers from any application. The same + container that a developer builds and tests on a laptop can run at + scale, in production, on VMs, bare metal, OpenStack clusters, public + clouds and more. + </longdescription> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> + <use> + <flag name="btrfs"> + Enables dependencies for the "btrfs" graph driver, including + necessary kernel flags. + </flag> + <flag name="container-init"> + Makes the a staticly-linked init system tini available inside a + container. + </flag> + <flag name="device-mapper"> + Enables dependencies for the "devicemapper" graph driver, including + necessary kernel flags. + </flag> + <flag name="overlay"> + Enables dependencies for the "overlay" graph driver, including + necessary kernel flags. + </flag> + </use> + <upstream> + <remote-id type="github">moby/moby</remote-id> + <remote-id type="cpe">cpe:/a:docker:docker</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/earthly/Manifest b/app-containers/earthly/Manifest new file mode 100644 index 000000000000..fe1d3ec1e37a --- /dev/null +++ b/app-containers/earthly/Manifest @@ -0,0 +1,8 @@ +DIST earthly-0.8.6-deps.tar.xz 157843872 BLAKE2B aade314abdcd8aaf18737908df1a90d71c907f286df463c9f8ce9654d5e212387b7107070225bf85f54d6e4688a741b7838b5c70d9f1a09ac15e904b83d4d2b8 SHA512 557b3477c1773c27934429677a53efbdc104230fcbd536cb73e8cd631ccf2af488731acc5555484298fc579e08b8e52031191b49ef0610595b2b67cc987232e3 +DIST earthly-0.8.6.tar.gz 8052646 BLAKE2B 43cb74b7ad198d6418a60dd8b3bac61c1bf67f460b73ca3627647ce71778178e69075bc5122a24cfe33c075c40e962db60845ae6d0933782432eb56087ed83f2 SHA512 4c5ae65452ff940bbeeff7ec489882c5db82597977d18ac3f187ae6a444f6b78222f16f3e0ff10250100195227b925d1a73e24c2ffce618b8675fd826302a47a +DIST earthly-0.8.7-deps.tar.zst 180209748 BLAKE2B e4c5f4b856d0ed3a0c757128c144f6267fd763118de12a51877781e82ea15722420c871f5d66a4dd797cc67b85b7c7cd26a1d2e8f417bd5517f1109e376bbefc SHA512 b8dc56b302aca63837a87cfcced4d0387adaea5433b72eb7c7056dab8a486208d06fff39b4ecd753a30f27878b1497eb1892456876e7632ee2c44926747a12d6 +DIST earthly-0.8.7.tar.gz 8062437 BLAKE2B 82796711c13cb7fd2bf957148ddd7ff31d14b9888b30a910682b956ecb8cd9c66539a71b558f92f972b54c566411257c769dadfe2e1d720d9a4e496292185d48 SHA512 c8bddfc2c4e5702abb5c119a022ab5cc875b460535fb5af4364ee7bd89e950768f71fe1ccf1860d0826d8934b283745ca22abae147852a7b779081373b40be4f +DIST earthly-0.8.8-deps.tar.zst 180214607 BLAKE2B f407dcc4cb8daee7ac53433af830b6c872b0c9e1e05004b2bc4c8706eb98b65e457f7bea2b221e6c4cf4dfe8bb218a5ca60e85beb1f7839cb0ffaadaf8110ad3 SHA512 6a9d0eb7a69b36cca2f79d3f92e21f9f97d858451308f7151e4810c479105b7dad3fe2ad1b8a90a6ca9f0c7d3d06a8f89cd3eab4fde54e10fae2e3ea98fbb7bb +DIST earthly-0.8.8.tar.gz 8069650 BLAKE2B 05dca12e206a22c522d36711cb960525bb20c51439dd73c8ec4a96151c306022483ade55ebe80f30d85acba3c1531b0c9b97115702c6bfc96daa615d9b798d31 SHA512 9a19ddfcaa40720b1cbab166e40a6300a79d38245074bd111082eaa04206ae8020c7596ad5801f3048e3a411cbcd88b161d8c01375e4b00192b8cf2b23e62e77 +DIST earthly-0.8.9-deps.tar.zst 180210180 BLAKE2B 8d48677c9dac4571efadb41c882520ba6f92bfc4a6f36ae55f6ce54c258f16dbd693412d1a25b4467d078c2b9b039b96d934236c3a071f1f64040b2da5a3d848 SHA512 f504567855830d8027d830372f8e365b8f9893d3625b94b2e91294985f65be3d276cdceba9913ef37a6e1a45debcd8fb393e6ea0d16615c06a188862b33d8a1d +DIST earthly-0.8.9.tar.gz 8070633 BLAKE2B 3ed83bf57654f89d0b579ec9df64a9025d9fae1da755018c83cfd6ac03e70da176de564185a2ad1f68383ff0c6a2e26132568cb451bc1b474b87c4852dc2266b SHA512 e1fccfafa845b1964f824850c05fa39904e2804f8145f24342ee86e6c9f1a8ffbb30b1a822744343f59ba9dc4b1e4788020d0cc6b954d9f62eeeb43a594bd326 diff --git a/app-containers/earthly/earthly-0.8.6.ebuild b/app-containers/earthly/earthly-0.8.6.ebuild new file mode 100644 index 000000000000..ebe325c5acc1 --- /dev/null +++ b/app-containers/earthly/earthly-0.8.6.ebuild @@ -0,0 +1,71 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +# Git commit SHA is needed at runtime by earthly to pull and bootstrap images. +if [[ "${PV}" == 0.8.6 ]] ; then + COMMIT_SHA=b20c1db1cfe5816a5d2f7d416d598d5777d8f4bb +else + die 'Could not detect "COMMIT_SHA", please update the ebuild.' +fi + +inherit go-module + +DESCRIPTION="Build automation tool that executes in containers" +HOMEPAGE="https://earthly.dev/ + https://github.com/earthly/earthly/" +SRC_URI=" + https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz + -> ${P}.tar.gz + https://dev.gentoo.org/~xgqt/distfiles/deps/${P}-deps.tar.xz +" + +LICENSE="MPL-2.0" +SLOT="0" +KEYWORDS="amd64 ~x86" + +RDEPEND=" + || ( + app-containers/docker + app-containers/podman + ) +" + +DOCS=( CHANGELOG.md CONTRIBUTING.md README.md ) + +src_compile() { + local go_tags="dfrunmount,dfrunsecurity,dfsecrets,dfssh,dfrunnetwork,dfheredoc,forceposix" + local go_ldflags=" + -X main.DefaultBuildkitdImage=docker.io/earthly/buildkitd:v${PV} + -X main.GitSha=${COMMIT_SHA} + -X main.Version=v${PV} + " + local -a go_buildargs=( + -tags "${go_tags}" + -ldflags "${go_ldflags}" + -o ./bin/ + ) + ego build "${go_buildargs[@]}" ./cmd/... +} + +src_install() { + exeinto /usr/bin + doexe bin/earthly + newexe bin/debugger earthly-debugger + + einstalldocs +} + +pkg_postinst() { + if has_version "app-containers/podman" ; then + ewarn "Podman is supported but not recommended." + ewarn "If issues arise, then please try running earthly with docker." + fi + + if has_version "app-containers/podman[rootless]" ; then + ewarn "Running podman in rootless mode is not supported because" + ewarn "earthly/dind and earthly/buildkit require privileged access." + ewarn "For more info see: https://docs.earthly.dev/docs/guides/podman/" + fi +} diff --git a/app-containers/earthly/earthly-0.8.7.ebuild b/app-containers/earthly/earthly-0.8.7.ebuild new file mode 100644 index 000000000000..dce5b7a66374 --- /dev/null +++ b/app-containers/earthly/earthly-0.8.7.ebuild @@ -0,0 +1,77 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +# Git commit SHA is needed at runtime by earthly to pull and bootstrap images. +if [[ "${PV}" == 0.8.7 ]] ; then + COMMIT_SHA=c18f025070261439c15a97897a8940cb109ea7c4 +else + die 'Could not detect "COMMIT_SHA", please update the ebuild.' +fi + +inherit go-module unpacker + +DESCRIPTION="Build automation tool that executes in containers" +HOMEPAGE="https://earthly.dev/ + https://github.com/earthly/earthly/" +SRC_URI=" + https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz + -> ${P}.tar.gz + https://dev.gentoo.org/~xgqt/distfiles/deps/${P}-deps.tar.zst +" + +LICENSE="MPL-2.0" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +RDEPEND=" + || ( + app-containers/docker + app-containers/podman + ) +" + +DOCS=( CHANGELOG.md CONTRIBUTING.md README.md ) + +src_unpack() { + unpacker "${P}-deps.tar.zst" + + go-module_src_unpack +} + +src_compile() { + local go_tags="dfrunmount,dfrunsecurity,dfsecrets,dfssh,dfrunnetwork,dfheredoc,forceposix" + local go_ldflags=" + -X main.DefaultBuildkitdImage=docker.io/earthly/buildkitd:v${PV} + -X main.GitSha=${COMMIT_SHA} + -X main.Version=v${PV} + " + local -a go_buildargs=( + -tags "${go_tags}" + -ldflags "${go_ldflags}" + -o ./bin/ + ) + ego build "${go_buildargs[@]}" ./cmd/... +} + +src_install() { + exeinto /usr/bin + doexe bin/earthly + newexe bin/debugger earthly-debugger + + einstalldocs +} + +pkg_postinst() { + if has_version "app-containers/podman" ; then + ewarn "Podman is supported but not recommended." + ewarn "If issues arise, then please try running earthly with docker." + fi + + if has_version "app-containers/podman[rootless]" ; then + ewarn "Running podman in rootless mode is not supported because" + ewarn "earthly/dind and earthly/buildkit require privileged access." + ewarn "For more info see: https://docs.earthly.dev/docs/guides/podman/" + fi +} diff --git a/app-containers/earthly/earthly-0.8.8.ebuild b/app-containers/earthly/earthly-0.8.8.ebuild new file mode 100644 index 000000000000..bace0e6e3fcf --- /dev/null +++ b/app-containers/earthly/earthly-0.8.8.ebuild @@ -0,0 +1,77 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +# Git commit SHA is needed at runtime by earthly to pull and bootstrap images. +if [[ "${PV}" == 0.8.8 ]] ; then + COMMIT_SHA=2718b793272cf8f80fa61071b41fec8469a7427b +else + die 'Could not detect "COMMIT_SHA", please update the ebuild.' +fi + +inherit go-module unpacker + +DESCRIPTION="Build automation tool that executes in containers" +HOMEPAGE="https://earthly.dev/ + https://github.com/earthly/earthly/" +SRC_URI=" + https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz + -> ${P}.tar.gz + https://dev.gentoo.org/~xgqt/distfiles/deps/${P}-deps.tar.zst +" + +LICENSE="MPL-2.0" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +RDEPEND=" + || ( + app-containers/docker + app-containers/podman + ) +" + +DOCS=( CHANGELOG.md CONTRIBUTING.md README.md ) + +src_unpack() { + unpacker "${P}-deps.tar.zst" + + go-module_src_unpack +} + +src_compile() { + local go_tags="dfrunmount,dfrunsecurity,dfsecrets,dfssh,dfrunnetwork,dfheredoc,forceposix" + local go_ldflags=" + -X main.DefaultBuildkitdImage=docker.io/earthly/buildkitd:v${PV} + -X main.GitSha=${COMMIT_SHA} + -X main.Version=v${PV} + " + local -a go_buildargs=( + -tags "${go_tags}" + -ldflags "${go_ldflags}" + -o ./bin/ + ) + ego build "${go_buildargs[@]}" ./cmd/... +} + +src_install() { + exeinto /usr/bin + doexe bin/earthly + newexe bin/debugger earthly-debugger + + einstalldocs +} + +pkg_postinst() { + if has_version "app-containers/podman" ; then + ewarn "Podman is supported but not recommended." + ewarn "If issues arise, then please try running earthly with docker." + fi + + if has_version "app-containers/podman[rootless]" ; then + ewarn "Running podman in rootless mode is not supported because" + ewarn "earthly/dind and earthly/buildkit require privileged access." + ewarn "For more info see: https://docs.earthly.dev/docs/guides/podman/" + fi +} diff --git a/app-containers/earthly/earthly-0.8.9.ebuild b/app-containers/earthly/earthly-0.8.9.ebuild new file mode 100644 index 000000000000..c2d32ac9fae0 --- /dev/null +++ b/app-containers/earthly/earthly-0.8.9.ebuild @@ -0,0 +1,77 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +# Git commit SHA is needed at runtime by earthly to pull and bootstrap images. +if [[ "${PV}" == 0.8.9 ]] ; then + COMMIT_SHA=a2fc61ee6e00ed5b8ad09bd06c59451534e2541e +else + die 'Could not detect "COMMIT_SHA", please update the ebuild.' +fi + +inherit go-module unpacker + +DESCRIPTION="Build automation tool that executes in containers" +HOMEPAGE="https://earthly.dev/ + https://github.com/earthly/earthly/" +SRC_URI=" + https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz + -> ${P}.tar.gz + https://dev.gentoo.org/~xgqt/distfiles/deps/${P}-deps.tar.zst +" + +LICENSE="MPL-2.0" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +RDEPEND=" + || ( + app-containers/docker + app-containers/podman + ) +" + +DOCS=( CHANGELOG.md CONTRIBUTING.md README.md ) + +src_unpack() { + unpacker "${P}-deps.tar.zst" + + go-module_src_unpack +} + +src_compile() { + local -r go_tags="dfrunmount,dfrunsecurity,dfsecrets,dfssh,dfrunnetwork,dfheredoc,forceposix" + local -r go_ldflags=" + -X main.DefaultBuildkitdImage=docker.io/earthly/buildkitd:v${PV} + -X main.GitSha=${COMMIT_SHA} + -X main.Version=v${PV} + " + local -a -r go_buildargs=( + -tags "${go_tags}" + -ldflags "${go_ldflags}" + -o ./bin/ + ) + ego build "${go_buildargs[@]}" ./cmd/... +} + +src_install() { + exeinto /usr/bin + doexe bin/earthly + newexe bin/debugger earthly-debugger + + einstalldocs +} + +pkg_postinst() { + if has_version "app-containers/podman" ; then + ewarn "Podman is supported but not recommended." + ewarn "If issues arise, then please try running earthly with docker." + fi + + if has_version "app-containers/podman[rootless]" ; then + ewarn "Running podman in rootless mode is not supported because" + ewarn "earthly/dind and earthly/buildkit require privileged access." + ewarn "For more info see: https://docs.earthly.dev/docs/guides/podman/" + fi +} diff --git a/app-containers/earthly/metadata.xml b/app-containers/earthly/metadata.xml new file mode 100644 index 000000000000..f0f168c87b07 --- /dev/null +++ b/app-containers/earthly/metadata.xml @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> + +<pkgmetadata> + <maintainer type="person"> + <email>xgqt@gentoo.org</email> + <name>Maciej Barć</name> + </maintainer> + <longdescription> + Earthly is a versatile, approachable CI/CD framework that runs every + pipeline inside containers, giving you repeatable builds that you write + once and run anywhere. It has a super simple, instantly recognizable syntax + that is easy to write and understand – like Dockerfile and Makefile had a + baby. And it leverages and augments popular build tools instead of + replacing them, so you don’t have to rewrite all your builds no matter what + languages you use. + </longdescription> + <upstream> + <bugs-to>https://github.com/earthly/earthly/issues/</bugs-to> + <remote-id type="github">earthly/earthly</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/flannel/Manifest b/app-containers/flannel/Manifest new file mode 100644 index 000000000000..adad8566f465 --- /dev/null +++ b/app-containers/flannel/Manifest @@ -0,0 +1,2 @@ +DIST flannel-0.17.0.tar.gz 9534647 BLAKE2B 03d6d036d5877641a2fc7b6654995822522d378943e4d7b2531be8197de6e7d6e0509143cd8d4dfd3d2ef11c9355011bfc44c834f966e14fd3aa774350bcab11 SHA512 f0625339e387a6ae81780d21025c282c2e0caf8b32ac778634a877a4e04ebf10d41fc10b50ae477c28815cedaf34af867b651ed5a8c5267177ea925abc6a1253 +DIST flannel-0.20.0.tar.gz 10737855 BLAKE2B d2e5821c4457a8c0781618a62245132f862d7877ce10467f8d9c72be2440f7b60f0866a3420a69d13bc53826407b0b653e6c2385f8e56d684ee1e09acf0528f0 SHA512 624a293607d3d4d5e53b41b5fd26a416f8499a763f8cfbe39c79796644a56d5eb3605664592d15eddde519f2dba55da241889be159644bbe40e78ae72ed5a43b diff --git a/app-containers/flannel/files/flannel-docker.conf b/app-containers/flannel/files/flannel-docker.conf new file mode 100644 index 000000000000..8f5517776b89 --- /dev/null +++ b/app-containers/flannel/files/flannel-docker.conf @@ -0,0 +1,2 @@ +[Service] +EnvironmentFile=-/run/flannel/docker diff --git a/app-containers/flannel/files/flannel.tmpfilesd b/app-containers/flannel/files/flannel.tmpfilesd new file mode 100644 index 000000000000..98e5abd9b20f --- /dev/null +++ b/app-containers/flannel/files/flannel.tmpfilesd @@ -0,0 +1 @@ +d /run/flannel 0755 root root diff --git a/app-containers/flannel/files/flanneld.confd b/app-containers/flannel/files/flanneld.confd new file mode 100644 index 000000000000..18686aa5d223 --- /dev/null +++ b/app-containers/flannel/files/flanneld.confd @@ -0,0 +1,2 @@ +# arguments for flannel +command_args="" diff --git a/app-containers/flannel/files/flanneld.initd b/app-containers/flannel/files/flanneld.initd new file mode 100644 index 000000000000..d5d966a40d30 --- /dev/null +++ b/app-containers/flannel/files/flanneld.initd @@ -0,0 +1,19 @@ +#!/sbin/openrc-run +# Copyright 2016-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +description="Flannel Network Fabric for Containers" +pidfile=${pidfile:-"/run/${RC_SVCNAME}.pid"} +user=${user:-root} +group=${group:-root} + +command="/usr/bin/${RC_SVCNAME}" +command_args="${command_args}" +command_background="true" +start_stop_daemon_args="--user ${user} --group ${group} \ + --stdout /var/log/flannel/flannel.log \ + --stderr /var/log/flannel/flannel.log" + +depend() { + need net +} diff --git a/app-containers/flannel/files/flanneld.logrotated b/app-containers/flannel/files/flanneld.logrotated new file mode 100644 index 000000000000..4108e6305578 --- /dev/null +++ b/app-containers/flannel/files/flanneld.logrotated @@ -0,0 +1,7 @@ +/var/log/flannel/* { + missingok + size 5M + rotate 3 + compress + copytruncate +} diff --git a/app-containers/flannel/files/flanneld.service b/app-containers/flannel/files/flanneld.service new file mode 100644 index 000000000000..86e69a49e73f --- /dev/null +++ b/app-containers/flannel/files/flanneld.service @@ -0,0 +1,13 @@ +[Unit] +Description=Flanneld overlay address etcd agent +After=network.target +Before=docker.service + +[Service] +Type=notify +Environment=FLANNEL_ETCD=http://127.0.0.1:4001,http://127.0.0.1:2379 FLANNEL_ETCD_KEY=/coreos.com/network +ExecStart=/usr/bin/flanneld -etcd-endpoints=${FLANNEL_ETCD} -etcd-prefix=${FLANNEL_ETCD_KEY} $FLANNEL_OPTIONS +ExecStartPost=/usr/libexec/flannel/mk-docker-opts.sh -k DOCKER_NETWORK_OPTIONS -d /run/flannel/docker + +[Install] +RequiredBy=docker.service diff --git a/app-containers/flannel/flannel-0.17.0.ebuild b/app-containers/flannel/flannel-0.17.0.ebuild new file mode 100644 index 000000000000..18d922d3f1d3 --- /dev/null +++ b/app-containers/flannel/flannel-0.17.0.ebuild @@ -0,0 +1,54 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit go-module systemd tmpfiles + +KEYWORDS="~amd64 ~arm64" +DESCRIPTION="An etcd backed network fabric for containers" +HOMEPAGE="https://github.com/flannel-io/flannel" +SRC_URI="https://github.com/flannel-io/flannel/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0 BSD ISC LGPL-3 MIT" +SLOT="0" +IUSE="hardened" + +RESTRICT+=" test" + +src_prepare() { + default + sed -e "s:^var Version =.*:var Version = \"${PV}\":" \ + -i "${S}/version/version.go" || die +} + +src_compile() { + CGO_LDFLAGS="$(usex hardened '-fno-PIC ' '')"\ + go build -o dist/flanneld -ldflags " + -X github.com/flannel-io/flannel/version.Version=v${PV} + -extldflags \"-static\"" . || die +} + +src_test() { + GOPATH="${WORKDIR}/${P}" \ + go test -v -work -x "${EGO_PN}" || die +} + +src_install() { + dobin dist/${PN}d + exeinto /usr/libexec/flannel + doexe dist/mk-docker-opts.sh + insinto /etc/systemd/system/docker.service.d + newins "${FILESDIR}/flannel-docker.conf" flannel.conf + newinitd "${FILESDIR}"/flanneld.initd flanneld + newconfd "${FILESDIR}"/flanneld.confd flanneld + keepdir /var/log/${PN} + insinto /etc/logrotate.d + newins "${FILESDIR}"/flanneld.logrotated flanneld + newtmpfiles "${FILESDIR}/flannel.tmpfilesd" flannel.conf + systemd_dounit "${FILESDIR}/flanneld.service" + dodoc README.md +} + +pkg_postinst() { + tmpfiles_process flannel.conf +} diff --git a/app-containers/flannel/flannel-0.20.0.ebuild b/app-containers/flannel/flannel-0.20.0.ebuild new file mode 100644 index 000000000000..18d922d3f1d3 --- /dev/null +++ b/app-containers/flannel/flannel-0.20.0.ebuild @@ -0,0 +1,54 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit go-module systemd tmpfiles + +KEYWORDS="~amd64 ~arm64" +DESCRIPTION="An etcd backed network fabric for containers" +HOMEPAGE="https://github.com/flannel-io/flannel" +SRC_URI="https://github.com/flannel-io/flannel/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0 BSD ISC LGPL-3 MIT" +SLOT="0" +IUSE="hardened" + +RESTRICT+=" test" + +src_prepare() { + default + sed -e "s:^var Version =.*:var Version = \"${PV}\":" \ + -i "${S}/version/version.go" || die +} + +src_compile() { + CGO_LDFLAGS="$(usex hardened '-fno-PIC ' '')"\ + go build -o dist/flanneld -ldflags " + -X github.com/flannel-io/flannel/version.Version=v${PV} + -extldflags \"-static\"" . || die +} + +src_test() { + GOPATH="${WORKDIR}/${P}" \ + go test -v -work -x "${EGO_PN}" || die +} + +src_install() { + dobin dist/${PN}d + exeinto /usr/libexec/flannel + doexe dist/mk-docker-opts.sh + insinto /etc/systemd/system/docker.service.d + newins "${FILESDIR}/flannel-docker.conf" flannel.conf + newinitd "${FILESDIR}"/flanneld.initd flanneld + newconfd "${FILESDIR}"/flanneld.confd flanneld + keepdir /var/log/${PN} + insinto /etc/logrotate.d + newins "${FILESDIR}"/flanneld.logrotated flanneld + newtmpfiles "${FILESDIR}/flannel.tmpfilesd" flannel.conf + systemd_dounit "${FILESDIR}/flanneld.service" + dodoc README.md +} + +pkg_postinst() { + tmpfiles_process flannel.conf +} diff --git a/app-containers/flannel/metadata.xml b/app-containers/flannel/metadata.xml new file mode 100644 index 000000000000..7e0f71c1df52 --- /dev/null +++ b/app-containers/flannel/metadata.xml @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + </maintainer> + <upstream> + <remote-id type="github">flannel-io/flannel</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/grype/Manifest b/app-containers/grype/Manifest new file mode 100644 index 000000000000..eeb89d8c7035 --- /dev/null +++ b/app-containers/grype/Manifest @@ -0,0 +1,8 @@ +DIST grype-0.59.1-deps.tar.xz 555292828 BLAKE2B ce132ecd42efd2c76bce1843b1da2ff763494a0206c8618c95ec03ae9d73a77378a68e503de9115c73efd6acbab4cc30bf222676c7888aafb08de8454351fb2b SHA512 aa627bfbf52c218786d009dee6e37bc09d70fd98ad10b8c07ec91db9d15380a1fbc35f380ee22fae8b6e7b090d1aabfebf58bc1ea6bca2bd179dcaa74b52a2c0 +DIST grype-0.59.1.tar.gz 1021093 BLAKE2B 0c5b0a8a14e297e123965d451daff082cbabb01f766ec355a37d54d7044b865430aa7cbec20d8002feac33f93e24565ebe6346a8559e8a25bf3df1dcc8ca217e SHA512 8f219ade9d7369f124dd8c035f3bef6ce5055e318d7ab1578f7f98a7fa6e842dad26fae8b2337884d4af3773b2c590b61485a490f98c66dfcbd82ef73d8b766b +DIST grype-0.61.0-deps.tar.xz 562038080 BLAKE2B cb780751f50f9c74ac9f9a7064e489211bdfbd3d9df5fbd3fd51aa6081a48cac38b5efcaf524708cb010b3767c7bf31eaf8151e96f610ae84a814de767beec8e SHA512 eca6b813c140af26533154ca10f50a44351bef921e6140c3ae02c8b888d4e43bd7163954684463c19acf3c11b7ee93c1531b4b1042f0cd3886e1da36f384c029 +DIST grype-0.61.0.tar.gz 1021705 BLAKE2B 32ff98f3f240ee5d883edb568ff9caa7614053e76ea9bd8a774a5abb92091e4356e25c10b94d9aaf4a17a2f8c4c7d0f26e2ceec8a089ca079029893d255a7480 SHA512 ce4b1805f17bccd3281a218673156669ae632418bdfabf95c310b973bc224b89b7e0e3ca57a8c7e1df444074e034092d963df3b11cbf393e500fe1786f707ed5 +DIST grype-0.72.0-deps.tar.xz 599210536 BLAKE2B 4912cf4278488e78c7a174654da20f640c4975b5e98741e7caa94d9865ae51013a410863ee68c520805985afc19ca0b2b2175b8f2241724ceac86217719efd82 SHA512 1a91f1b46dc5a206025554c32f5420019ff0f8de564b67ad91070bdbe46abb71f08d409856799672cc31a7d753e151343d925147332caeb044f3cfd81318ff08 +DIST grype-0.72.0.tar.gz 1114440 BLAKE2B 931f4bdd883471e8b34b09dd1df53d4e67df96fc0d7be5224d1acfecc618cb068ee268f4b269e5a7f5e01a6605b9e01f8bb6a150819e8410a6b4f0daa12877ff SHA512 8335de5cba0b11500df1404afeee311be50c7e55d1a57c85cbebe830c9e8d9d21ff7b35ab6110200e57f464e999576f395814a56485115f8c7ed7b6e9f7dafb9 +DIST grype-0.73.0-deps.tar.xz 627765660 BLAKE2B 3d3949922a635d0654120aaf05edef38e7ae998c7beab89a7f13de994ab5f34bd6ade6a67145f5a366a2956ffb124a94a952b426a71cb50a7a30f65a7d721784 SHA512 f2e0ba2da0c196e705a23efc9e989ed3525d3465d661a2d5ce832c0663b0226a885541d91a773922f32de4d849030b73c307487eec00d0498368925213b9444d +DIST grype-0.73.0.tar.gz 1124082 BLAKE2B 835b1833e6809510821f07906df06c55b418f7226dba190b4bf4f32ae603c006842496512d5e788eef8f2ce7e215a923bc338a1c55f089a3942476275663a6b2 SHA512 06be60104f23be38578660a79d3c593e988e2c5fce646b00dedec9af4d3442f204f81d063806944cfdaa04daffdff256ac71b52ed94d8ae07acde1e15c442f08 diff --git a/app-containers/grype/grype-0.59.1.ebuild b/app-containers/grype/grype-0.59.1.ebuild new file mode 100644 index 000000000000..3ce88f7f6d9d --- /dev/null +++ b/app-containers/grype/grype-0.59.1.ebuild @@ -0,0 +1,33 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +GIT_COMMIT=29b646568901d1ef48a528cf35f67f3cead49c9f +SYFT_VERSION=0.74.1 + +DESCRIPTION="A vulnerability scanner for container images and filesystems" +HOMEPAGE="https://www.anchore.com" +SRC_URI="https://github.com/anchore/grype/archive/v${PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" + +# tests require a running docker +RESTRICT="test" + +src_compile() { + ego build -o bin/grype -ldflags " + -extldflags '-static' + -X github.com/anchore/grype/internal/version.version=${PV} + -X github.com/anchore/grype/internal/version.syftVersion=${SYFT_VERSION} + -X github.com/anchore/grype/internal/version.gitCommit=${GIT_COMMIT} + -X github.com/anchore/grype/internal/version.buildDate=${BUILD_DATE} + -X github.com/anchore/grype/internal/version.gitDescription=v${PV}" +} + +src_install() { + dobin bin/grype +} diff --git a/app-containers/grype/grype-0.61.0.ebuild b/app-containers/grype/grype-0.61.0.ebuild new file mode 100644 index 000000000000..99ae14b81d3c --- /dev/null +++ b/app-containers/grype/grype-0.61.0.ebuild @@ -0,0 +1,33 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +GIT_COMMIT=d8c0c0805b59659c4d6e49d6806a0eba11bdc2ee +SYFT_VERSION=0.76.0 + +DESCRIPTION="A vulnerability scanner for container images and filesystems" +HOMEPAGE="https://www.anchore.com" +SRC_URI="https://github.com/anchore/grype/archive/v${PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" + +# tests require a running docker +RESTRICT="test" + +src_compile() { + ego build -o bin/grype -ldflags " + -extldflags '-static' + -X github.com/anchore/grype/internal/version.version=${PV} + -X github.com/anchore/grype/internal/version.syftVersion=${SYFT_VERSION} + -X github.com/anchore/grype/internal/version.gitCommit=${GIT_COMMIT} + -X github.com/anchore/grype/internal/version.buildDate=${BUILD_DATE} + -X github.com/anchore/grype/internal/version.gitDescription=v${PV}" +} + +src_install() { + dobin bin/grype +} diff --git a/app-containers/grype/grype-0.72.0.ebuild b/app-containers/grype/grype-0.72.0.ebuild new file mode 100644 index 000000000000..acccd2982d3f --- /dev/null +++ b/app-containers/grype/grype-0.72.0.ebuild @@ -0,0 +1,34 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +GIT_COMMIT=04df28051b7694a5e4a28fc5b2ea2068f24ef213 +SYFT_VERSION=0.94.0 + +DESCRIPTION="A vulnerability scanner for container images and filesystems" +HOMEPAGE="https://www.anchore.com" +SRC_URI="https://github.com/anchore/grype/archive/v${PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" + +# tests require a running docker +RESTRICT="test" + +src_compile() { + ego build -o bin/grype -ldflags " + -extldflags '-static' + -X github.com/anchore/grype/internal/version.version=${PV} + -X github.com/anchore/grype/internal/version.syftVersion=${SYFT_VERSION} + -X github.com/anchore/grype/internal/version.gitCommit=${GIT_COMMIT} + -X github.com/anchore/grype/internal/version.buildDate=${BUILD_DATE} + -X github.com/anchore/grype/internal/version.gitDescription=v${PV} + " ./cmd/grype +} + +src_install() { + dobin bin/grype +} diff --git a/app-containers/grype/grype-0.73.0.ebuild b/app-containers/grype/grype-0.73.0.ebuild new file mode 100644 index 000000000000..a2befc0a8c0d --- /dev/null +++ b/app-containers/grype/grype-0.73.0.ebuild @@ -0,0 +1,34 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +GIT_COMMIT=15432488224b3d7a557798fd258828f618dadc90 +SYFT_VERSION=0.95.0 + +DESCRIPTION="A vulnerability scanner for container images and filesystems" +HOMEPAGE="https://www.anchore.com" +SRC_URI="https://github.com/anchore/grype/archive/v${PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" + +# tests require a running docker +RESTRICT="test" + +src_compile() { + ego build -o bin/grype -ldflags " + -extldflags '-static' + -X github.com/anchore/grype/internal/version.version=${PV} + -X github.com/anchore/grype/internal/version.syftVersion=${SYFT_VERSION} + -X github.com/anchore/grype/internal/version.gitCommit=${GIT_COMMIT} + -X github.com/anchore/grype/internal/version.buildDate=${BUILD_DATE} + -X github.com/anchore/grype/internal/version.gitDescription=v${PV} + " ./cmd/grype +} + +src_install() { + dobin bin/grype +} diff --git a/app-containers/grype/metadata.xml b/app-containers/grype/metadata.xml new file mode 100644 index 000000000000..db463f3eeb66 --- /dev/null +++ b/app-containers/grype/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> +</pkgmetadata> diff --git a/app-containers/img/Manifest b/app-containers/img/Manifest new file mode 100644 index 000000000000..fcf3e28d9654 --- /dev/null +++ b/app-containers/img/Manifest @@ -0,0 +1 @@ +DIST img-0.5.11.tar.gz 4743864 BLAKE2B 6e08ddce536d666539bca9d06fc14c8a01cedb012024ee7f970a7c4ea5a701f28b52a0b247e9f681e72bff1aab354e6f6d02d12bdde4d434aa2dd6ff92de949c SHA512 de80c2c26dd2fb780fb0447f07b5478e1571067ec934fb2adb32dff1aa3853ff872388b9c9c168c139194ab5d38672fb3b4c76c4f77fd8e61ce48bde8cae8c1b diff --git a/app-containers/img/img-0.5.11.ebuild b/app-containers/img/img-0.5.11.ebuild new file mode 100644 index 000000000000..d8709e615dbd --- /dev/null +++ b/app-containers/img/img-0.5.11.ebuild @@ -0,0 +1,32 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module + +DESCRIPTION="Standalone daemon-less unprivileged Dockerfile and OCI container image builder" +HOMEPAGE="https://github.com/genuinetools/img" +SRC_URI="https://github.com/genuinetools/img/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +KEYWORDS="~amd64" +LICENSE="MIT" +SLOT="0" +IUSE="seccomp" + +DEPEND="seccomp? ( sys-libs/libseccomp )" +RDEPEND="${DEPEND} + app-containers/runc" + +src_compile() { + IMG_DISABLE_EMBEDDED_RUNC=1 \ + ego build \ + -mod=vendor \ + -tags "noembed $(usev seccomp)" \ + -ldflags="-X version.VERSION=${PV}" +} + +src_install() { + dobin img + dodoc README.md AUTHORS +} diff --git a/app-containers/img/metadata.xml b/app-containers/img/metadata.xml new file mode 100644 index 000000000000..d2efb365f539 --- /dev/null +++ b/app-containers/img/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <!-- maintainer-needed --> + <upstream> + <remote-id type="github">genuinetools/img</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/incus/Manifest b/app-containers/incus/Manifest new file mode 100644 index 000000000000..4dba74aab158 --- /dev/null +++ b/app-containers/incus/Manifest @@ -0,0 +1,6 @@ +DIST incus-0.6.tar.xz 11749212 BLAKE2B 6cf607f13f0dd14e04b49e97e718d6f11612193a6f27515988c9d12383e3655147edd1120a2b030c9b77f3f72c0c73ae3ec960090b4d76f59930ac0256c2a5c8 SHA512 c90251be777963c437c8f5a3f6a9e448d41f58ec2f2fb7bafbdc241f32234edd50a82a4c6d4a19e822a3d090282e8ea220842a27b17d17bce8691c1549209f7f +DIST incus-0.6.tar.xz.asc 833 BLAKE2B 47d80cbf92961d03e8a96eb313213960b02730d21d0a36c37e22bd1ea238bee72b94f2f98f49574b4ae07d847099db760a253f3bf69ff2658bcba65bc6a61315 SHA512 7504f74bf1659f06c40b9ae04853bb993988ae704f2b46c39a744bfa7b179383b5377851b6514b368826d6b3beb930188f3cf73b51c99a1b4cb90f8f03a60b5c +DIST incus-0.7.tar.xz 11829696 BLAKE2B 9e7dd7b196e538a4eb47d158d7c3d5459eace38431dfbe91d5f28f5b9dfc174e485b44f6b8c0f87a054e11f40d29d754f05fc6835034e4131bd8d6b948d720fa SHA512 79e389be3fa094c6c82c1e06b9f2a7e5181dc91db40cdcae4b28593a3e9e53f4f5705b5d6566b48689dbdaec9a277704df0c1b396455aca5f4c5ab93e74dc4d7 +DIST incus-0.7.tar.xz.asc 833 BLAKE2B afb20ff942a4497e895d0cf40b4de260ea32d4cb40284e317188c6aef5e100836ac434038aa931a2ee733abce3569a6ef8bbc162afdcf4dfc542e5c6b55e7d6b SHA512 0ace5c060e1222220858814fb55ecd48ccb0f51d902e6ef29f32d715e185a8c3dcbd29f556453fdc19ad23b1eea7b39db06786cc73373d881d0137d3ebf3af9a +DIST incus-6.0.0.tar.xz 11839792 BLAKE2B 135574e6f19262992bb068a3c0a0045c192699503e417eb861e00a974e631fd869485eb96238d1dbe4712e789367d31afae1c62bade2a8b75f7e9a7620547e74 SHA512 eb6d784a535d487bd85b3e8272d7cddc23f2ed98ca2b3e2f19c038b4a6f910d4030822424154489adef7a688757905927309d25f6d1ff621d99d678fe6aeae2b +DIST incus-6.0.0.tar.xz.asc 833 BLAKE2B f35c38f886290ff08e017cd54e8019c43bfbf1f9c84b26ede2cfa78acbe4047af4314465e77d6e900f296552d5ac8f8c07d26a11920bff937fbb8a0a910efb0d SHA512 0360520752fad3e95807d09e4fd6d60c96a202d0dbb61621925abd75aa801b6d573abbece3179a8906bdc47e96ddec4a746607ce2d10dcc1a76d0afd459cbf81 diff --git a/app-containers/incus/files/incus-0.4.confd b/app-containers/incus/files/incus-0.4.confd new file mode 100644 index 000000000000..b0f7e0e212ae --- /dev/null +++ b/app-containers/incus/files/incus-0.4.confd @@ -0,0 +1,26 @@ +# Group which owns the shared socket +INCUS_OPTIONS+=" --group incus-admin" + +# Enable cpu profiling into the specified file +#INCUS_OPTIONS+=" --cpuprofile /tmp/lxc_cpu_profile" + +# Enable memory profiling into the specified file +#INCUS_OPTIONS+=" --memprofile /tmp/lxc_mem_profile" + +# Enable debug mode +#INCUS_OPTIONS+=" --debug" + +# For debugging, print a complete stack trace every n seconds +#INCUS_OPTIONS+=" --print-goroutines-every 5" + +# Enable verbose mode +#INCUS_OPTIONS+=" -v" + +# Logfile to log to +#INCUS_OPTIONS+=" --logfile /var/log/incus/incus.log" + +# Enable syslog logging +#INCUS_OPTIONS+=" --syslog" + +# Increase ulimits to allow more open files on OpenRC. +rc_ulimit="-n 1048576 -l unlimited" diff --git a/app-containers/incus/files/incus-0.4.initd b/app-containers/incus/files/incus-0.4.initd new file mode 100644 index 000000000000..34e1f07a8921 --- /dev/null +++ b/app-containers/incus/files/incus-0.4.initd @@ -0,0 +1,59 @@ +#!/sbin/openrc-run +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +DAEMON=/usr/sbin/incusd +PIDFILE=/run/incus.pid + +depend() { + need net + need lxcfs +} + +start() { + ebegin "Starting incus daemon service" + + modprobe -f loop > /dev/null 2>&1 + + # Fix permissions on /var/lib/incus and make sure it exists. + # Create a log directory for incus with correct permissions. + install -d /var/lib/incus --group incus-admin --owner root --mode 0775 + install -d /var/log/incus --group incus-admin --owner root + + start-stop-daemon --start \ + --pidfile ${PIDFILE} \ + --exec ${DAEMON} \ + --background \ + --make-pidfile \ + -- \ + ${INCUS_OPTIONS} + eend ${?} + + # Create necessary systemd paths in order for systemd containers to work on openrc host. + # /etc/rc.conf should have following values: + # rc_cgroup_mode="hybrid" + if [ -d /sys/fs/cgroup/unified ] && + [ ! -d /sys/fs/cgroup/systemd ]; then + install -d /sys/fs/cgroup/systemd --group incus-admin --owner root + mount -t cgroup -o none,name=systemd systemd /sys/fs/cgroup/systemd + fi +} + +stop() { + if [ "${RC_CMD}" = restart ]; then + ebegin "Stopping incus daemon service (but not containers)" + # start-stop-daemon sends SIGTERM with a timeout of 5s by default. + # SIGTERM indicates to INCUS that it will be stopped temporarily. + # Instances will keep running. + start-stop-daemon --stop --quiet -p "${PIDFILE}" + eend ${?} + else + ebegin "Stopping incus daemon service and containers, waiting 40s" + # SIGPWR indicates to INCUS that the host is going down. + # LXD will do a clean shutdown of all instances. + # After 30s all remaining instances will be killed. + # We wait up to 40s for INCUS. + start-stop-daemon --stop --quiet -R SIGPWR/40 -p "${PIDFILE}" + eend ${?} + fi +} diff --git a/app-containers/incus/files/incus-0.4.service b/app-containers/incus/files/incus-0.4.service new file mode 100644 index 000000000000..17aea1de12b9 --- /dev/null +++ b/app-containers/incus/files/incus-0.4.service @@ -0,0 +1,22 @@ +[Unit] +Description=Incus - main daemon +After=network-online.target lxcfs.service incus.socket +Requires=network-online.target lxcfs.service incus.socket + +[Service] +EnvironmentFile=-/etc/environment +ExecStart=/usr/sbin/incusd --group incus-admin --syslog +ExecStartPost=/usr/sbin/incusd waitready --timeout=600 +ExecStartPre=/bin/mkdir -p /var/log/incus +ExecStartPre=/bin/chown -R root:incus-admin /var/log/incus +KillMode=process +PermissionsStartOnly=true +TimeoutStartSec=600s +TimeoutStopSec=30s +Restart=on-failure +LimitNOFILE=1048576 +LimitNPROC=infinity +TasksMax=infinity + +[Install] +Also=incus-startup.service incus.socket diff --git a/app-containers/incus/files/incus-0.4.socket b/app-containers/incus/files/incus-0.4.socket new file mode 100644 index 000000000000..741fadd0309d --- /dev/null +++ b/app-containers/incus/files/incus-0.4.socket @@ -0,0 +1,11 @@ +[Unit] +Description=Incus - Daemon (unix socket) + +[Socket] +ListenStream=/var/lib/incus/unix.socket +SocketGroup=incus-admin +SocketMode=0660 +Service=incus.service + +[Install] +WantedBy=sockets.target diff --git a/app-containers/incus/files/incus-0.6-fix-column-handling-with-all-projects.patch b/app-containers/incus/files/incus-0.6-fix-column-handling-with-all-projects.patch new file mode 100644 index 000000000000..75e85331f776 --- /dev/null +++ b/app-containers/incus/files/incus-0.6-fix-column-handling-with-all-projects.patch @@ -0,0 +1,41 @@ +From bbc4b946355775606da35557e5404ca83a586c67 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber@stgraber.org> +Date: Thu, 22 Feb 2024 22:41:15 -0500 +Subject: [PATCH] incus/image: Fix column handling with --all-projects +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Stéphane Graber <stgraber@stgraber.org> +--- + cmd/incus/image.go | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/cmd/incus/image.go b/cmd/incus/image.go +index 5ee2b74709..d5a1126855 100644 +--- a/cmd/incus/image.go ++++ b/cmd/incus/image.go +@@ -1134,11 +1134,6 @@ func (c *cmdImageList) parseColumns() ([]imageColumn, error) { + columnList := strings.Split(c.flagColumns, ",") + + columns := []imageColumn{} +- // Add project column if --all-projects flag specified and +- // no --c was passed +- if c.flagAllProjects && c.flagColumns == defaultImagesColumns { +- c.flagColumns = defaultImagesColumnsAllProjects +- } + + for _, columnEntry := range columnList { + if columnEntry == "" { +@@ -1321,6 +1316,11 @@ func (c *cmdImageList) Run(cmd *cobra.Command, args []string) error { + return err + } + ++ // Add project column if --all-projects flag specified and no -c was passed. ++ if c.flagAllProjects && c.flagColumns == defaultImagesColumns { ++ c.flagColumns = defaultImagesColumnsAllProjects ++ } ++ + // Parse remote + remote := "" + if len(args) > 0 { diff --git a/app-containers/incus/files/incus-startup-0.4.service b/app-containers/incus/files/incus-startup-0.4.service new file mode 100644 index 000000000000..8838bdc4949d --- /dev/null +++ b/app-containers/incus/files/incus-startup-0.4.service @@ -0,0 +1,15 @@ +[Unit] +Description=Incus - Startup check +After=incus.socket incus.service +Requires=incus.socket + +[Service] +Type=oneshot +ExecStart=/usr/sbin/incus-startup start +ExecStop=/usr/sbin/incus-startup stop +TimeoutStartSec=600s +TimeoutStopSec=600s +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target diff --git a/app-containers/incus/files/incus-startup-0.4.sh b/app-containers/incus/files/incus-startup-0.4.sh new file mode 100644 index 000000000000..6b19f22e4cb5 --- /dev/null +++ b/app-containers/incus/files/incus-startup-0.4.sh @@ -0,0 +1,21 @@ +#!/bin/sh +set -e + +case "$1" in + start) + systemctl is-active incus -q && exit 0 + exec incusd activateifneeded + ;; + + stop) + systemctl is-active incus -q || exit 0 + exec incusd shutdown + ;; + + *) + echo "unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +exit 0 diff --git a/app-containers/incus/files/incus-user-0.4.initd b/app-containers/incus/files/incus-user-0.4.initd new file mode 100644 index 000000000000..7d81d298f584 --- /dev/null +++ b/app-containers/incus/files/incus-user-0.4.initd @@ -0,0 +1,37 @@ +#!/sbin/openrc-run +# Copyright 2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +name="incus-user socket daemon" +description="incus-user socket daemon" + +DAEMON=/usr/sbin/incus-user +PIDFILE=/run/incus-user.pid + +depend() { + need incus + need net +} + +start() { + ebegin "Starting incus-user socket daemon" + + start-stop-daemon --start \ + --pidfile ${PIDFILE} \ + --exec ${DAEMON} \ + --background \ + --make-pidfile \ + -- \ + --group incus + eend ${?} +} + +stop() { + if [ "${RC_CMD}" = restart ]; then + start-stop-daemon --stop --quiet -p "${PIDFILE}" + eend ${?} + else + start-stop-daemon --stop --quiet -p "${PIDFILE}" + eend ${?} + fi +} diff --git a/app-containers/incus/files/incus-user-0.4.service b/app-containers/incus/files/incus-user-0.4.service new file mode 100644 index 000000000000..4cb4d44263cb --- /dev/null +++ b/app-containers/incus/files/incus-user-0.4.service @@ -0,0 +1,12 @@ +[Unit] +Description=Incus - User daemon +After=incus-user.socket incus.service +Requires=incus-user.socket + +[Service] +EnvironmentFile=-/etc/environment +ExecStart=/usr/sbin/incus-user --group incus +Restart=on-failure + +[Install] +Also=incus-user.socket diff --git a/app-containers/incus/files/incus-user-0.4.socket b/app-containers/incus/files/incus-user-0.4.socket new file mode 100644 index 000000000000..5c14276fc6c6 --- /dev/null +++ b/app-containers/incus/files/incus-user-0.4.socket @@ -0,0 +1,11 @@ +[Unit] +Description=Incus - Daemon (user unix socket) + +[Socket] +ListenStream=/var/lib/incus/unix.socket.user +SocketGroup=incus +SocketMode=0660 +Service=incus-user.service + +[Install] +WantedBy=sockets.target diff --git a/app-containers/incus/incus-0.6-r1.ebuild b/app-containers/incus/incus-0.6-r1.ebuild new file mode 100644 index 000000000000..ccbc40adf773 --- /dev/null +++ b/app-containers/incus/incus-0.6-r1.ebuild @@ -0,0 +1,208 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit bash-completion-r1 go-module linux-info optfeature systemd verify-sig + +DESCRIPTION="Modern, secure and powerful system container and virtual machine manager" +HOMEPAGE="https://linuxcontainers.org/incus/introduction/ https://github.com/lxc/incus" +SRC_URI="https://linuxcontainers.org/downloads/incus/${P}.tar.xz + verify-sig? ( https://linuxcontainers.org/downloads/incus/${P}.tar.xz.asc )" + +LICENSE="Apache-2.0 BSD LGPL-3 MIT" +SLOT="0" +KEYWORDS="~amd64 ~arm64" +IUSE="apparmor fuidshift nls" + +DEPEND="acct-group/incus + acct-group/incus-admin + app-arch/xz-utils + >=app-containers/lxc-5.0.0:=[apparmor?,seccomp(+)] + dev-db/sqlite:3 + dev-libs/cowsql + dev-libs/lzo + >=dev-libs/raft-0.22.0:=[lz4] + >=dev-util/xdelta-3.0[lzma(+)] + net-dns/dnsmasq[dhcp] + sys-libs/libcap + virtual/udev" +RDEPEND="${DEPEND} + fuidshift? ( !app-containers/lxd ) + net-firewall/ebtables + net-firewall/iptables + sys-apps/iproute2 + sys-fs/fuse:* + >=sys-fs/lxcfs-5.0.0 + sys-fs/squashfs-tools[lzma] + virtual/acl" +BDEPEND=">=dev-lang/go-1.21 + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +CONFIG_CHECK=" + ~CGROUPS + ~IPC_NS + ~NET_NS + ~PID_NS + + ~SECCOMP + ~USER_NS + ~UTS_NS + + ~KVM + ~MACVTAP + ~VHOST_VSOCK +" + +ERROR_IPC_NS="CONFIG_IPC_NS is required." +ERROR_NET_NS="CONFIG_NET_NS is required." +ERROR_PID_NS="CONFIG_PID_NS is required." +ERROR_SECCOMP="CONFIG_SECCOMP is required." +ERROR_UTS_NS="CONFIG_UTS_NS is required." + +WARNING_KVM="CONFIG_KVM and CONFIG_KVM_AMD/-INTEL is required for virtual machines." +WARNING_MACVTAP="CONFIG_MACVTAP is required for virtual machines." +WARNING_VHOST_VSOCK="CONFIG_VHOST_VSOCK is required for virtual machines." + +# Go magic. +QA_PREBUILT="/usr/bin/incus + /usr/bin/lxc-to-incus + /usr/bin/incus-agent + /usr/bin/incus-benchmark + /usr/bin/incus-migrate + /usr/sbin/fuidshift + /usr/sbin/lxd-to-incus + /usr/sbin/incusd" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +# The testsuite must be run as root. +# make: *** [Makefile:156: check] Error 1 +RESTRICT="test" + +GOPATH="${S}/_dist" + +PATCHES=( "${FILESDIR}"/incus-0.6-fix-column-handling-with-all-projects.patch ) + +src_prepare() { + export GOPATH="${S}/_dist" + + default + + sed -i \ + -e "s:\./configure:./configure --prefix=/usr --libdir=${EPREFIX}/usr/lib/incus:g" \ + -e "s:make:make ${MAKEOPTS}:g" \ + Makefile || die + + # Fix hardcoded ovmf file path, see bug 763180 + sed -i \ + -e "s:/usr/share/OVMF:/usr/share/edk2-ovmf:g" \ + -e "s:OVMF_VARS.ms.fd:OVMF_VARS.fd:g" \ + doc/environment.md \ + internal/server/apparmor/instance.go \ + internal/server/apparmor/instance_qemu.go \ + internal/server/instance/drivers/driver_qemu.go || die "Failed to fix hardcoded ovmf paths." + + # Fix hardcoded virtfs-proxy-helper file path, see bug 798924 + sed -i \ + -e "s:/usr/lib/qemu/virtfs-proxy-helper:/usr/libexec/virtfs-proxy-helper:g" \ + internal/server/device/device_utils_disk.go || die "Failed to fix virtfs-proxy-helper path." + + cp "${FILESDIR}"/incus-0.4.service "${T}"/incus.service || die + if use apparmor; then + sed -i \ + '/^EnvironmentFile=.*/a ExecStartPre=\/usr\/libexec\/lxc\/lxc-apparmor-load' \ + "${T}"/incus.service || die + fi + + # Disable -Werror's from go modules. + find "${S}" -name "cgo.go" -exec sed -i "s/ -Werror / /g" {} + || die +} + +src_configure() { :; } + +src_compile() { + export GOPATH="${S}/_dist" + export CGO_LDFLAGS_ALLOW="-Wl,-z,now" + + for k in incus-benchmark incus-user incus lxc-to-incus ; do + ego install -v -x "${S}/cmd/${k}" + done + + if use fuidshift ; then + ego install -v -x "${S}/cmd/fuidshift" + fi + + ego install -v -x -tags libsqlite3 "${S}"/cmd/incusd + + # Needs to be built statically + CGO_ENABLED=0 go install -v -tags netgo "${S}"/cmd/incus-migrate + CGO_ENABLED=0 go install -v -tags agent,netgo "${S}"/cmd/incus-agent + + cd "${S}"/cmd/lxd-to-incus || die + ego build -v -x ./ + cd "${S}" || die + + use nls && emake build-mo +} + +src_test() { + emake check +} + +src_install() { + export GOPATH="${S}/_dist" + local bindir="_dist/bin" + + newsbin "${FILESDIR}"/incus-startup-0.4.sh incus-startup + + # Admin tools + for l in incusd incus-user ; do + dosbin ${bindir}/${l} + done + dosbin cmd/lxd-to-incus/lxd-to-incus + + # User tools + for m in incus-agent incus-benchmark incus-migrate incus lxc-to-incus ; do + dobin ${bindir}/${m} + done + + # fuidshift, should be moved under admin tools at some point + if use fuidshift ; then + dosbin ${bindir}/fuidshift + fi + + newconfd "${FILESDIR}"/incus-0.4.confd incus + newinitd "${FILESDIR}"/incus-0.4.initd incus + newinitd "${FILESDIR}"/incus-user-0.4.initd incus-user + + systemd_dounit "${T}"/incus.service + systemd_newunit "${FILESDIR}"/incus-0.4.socket incus.socket + systemd_newunit "${FILESDIR}"/incus-startup-0.4.service incus-startup.service + systemd_newunit "${FILESDIR}"/incus-user-0.4.service incus-user.service + systemd_newunit "${FILESDIR}"/incus-user-0.4.socket incus-user.socket + + dobashcomp scripts/bash/incus + + dodoc AUTHORS + dodoc -r doc/* + use nls && domo po/*.mo +} + +pkg_postinst() { + elog + elog "Please see" + elog " https://wiki.gentoo.org/wiki/Incus" + elog " https://wiki.gentoo.org/wiki/Incus#Migrating_from_LXD" + elog + optfeature "virtual machine support" app-cdr/cdrtools app-emulation/qemu[spice,usbredir,virtfs] + optfeature "btrfs storage backend" sys-fs/btrfs-progs + optfeature "ipv6 support" net-dns/dnsmasq[ipv6] + optfeature "full incus-migrate support" net-misc/rsync + optfeature "lvm2 storage backend" sys-fs/lvm2 + optfeature "zfs storage backend" sys-fs/zfs + elog + elog "Be sure to add your local user to the incus group." + elog +} diff --git a/app-containers/incus/incus-0.7.ebuild b/app-containers/incus/incus-0.7.ebuild new file mode 100644 index 000000000000..be2cf6ac0037 --- /dev/null +++ b/app-containers/incus/incus-0.7.ebuild @@ -0,0 +1,205 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module linux-info optfeature systemd verify-sig + +DESCRIPTION="Modern, secure and powerful system container and virtual machine manager" +HOMEPAGE="https://linuxcontainers.org/incus/introduction/ https://github.com/lxc/incus" +SRC_URI="https://linuxcontainers.org/downloads/incus/${P}.tar.xz + verify-sig? ( https://linuxcontainers.org/downloads/incus/${P}.tar.xz.asc )" + +LICENSE="Apache-2.0 BSD LGPL-3 MIT" +SLOT="0" +KEYWORDS="~amd64 ~arm64" +IUSE="apparmor fuidshift nls" + +DEPEND="acct-group/incus + acct-group/incus-admin + app-arch/xz-utils + >=app-containers/lxc-5.0.0:=[apparmor?,seccomp(+)] + dev-db/sqlite:3 + dev-libs/cowsql + dev-libs/lzo + >=dev-libs/raft-0.22.0:=[lz4] + >=dev-util/xdelta-3.0[lzma(+)] + net-dns/dnsmasq[dhcp] + sys-libs/libcap + virtual/udev" +RDEPEND="${DEPEND} + fuidshift? ( !app-containers/lxd ) + net-firewall/ebtables + net-firewall/iptables + sys-apps/iproute2 + sys-fs/fuse:* + >=sys-fs/lxcfs-5.0.0 + sys-fs/squashfs-tools[lzma] + virtual/acl" +BDEPEND=">=dev-lang/go-1.21 + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +CONFIG_CHECK=" + ~CGROUPS + ~IPC_NS + ~NET_NS + ~PID_NS + + ~SECCOMP + ~USER_NS + ~UTS_NS + + ~KVM + ~MACVTAP + ~VHOST_VSOCK +" + +ERROR_IPC_NS="CONFIG_IPC_NS is required." +ERROR_NET_NS="CONFIG_NET_NS is required." +ERROR_PID_NS="CONFIG_PID_NS is required." +ERROR_SECCOMP="CONFIG_SECCOMP is required." +ERROR_UTS_NS="CONFIG_UTS_NS is required." + +WARNING_KVM="CONFIG_KVM and CONFIG_KVM_AMD/-INTEL is required for virtual machines." +WARNING_MACVTAP="CONFIG_MACVTAP is required for virtual machines." +WARNING_VHOST_VSOCK="CONFIG_VHOST_VSOCK is required for virtual machines." + +# Go magic. +QA_PREBUILT="/usr/bin/incus + /usr/bin/lxc-to-incus + /usr/bin/incus-agent + /usr/bin/incus-benchmark + /usr/bin/incus-migrate + /usr/sbin/fuidshift + /usr/sbin/lxd-to-incus + /usr/sbin/incusd" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +# The testsuite must be run as root. +# make: *** [Makefile:156: check] Error 1 +RESTRICT="test" + +GOPATH="${S}/_dist" + +src_prepare() { + export GOPATH="${S}/_dist" + + default + + sed -i \ + -e "s:\./configure:./configure --prefix=/usr --libdir=${EPREFIX}/usr/lib/incus:g" \ + -e "s:make:make ${MAKEOPTS}:g" \ + Makefile || die + + # Fix hardcoded ovmf file path, see bug 763180 + sed -i \ + -e "s:/usr/share/OVMF:/usr/share/edk2-ovmf:g" \ + -e "s:OVMF_VARS.ms.fd:OVMF_VARS.fd:g" \ + doc/environment.md \ + internal/server/apparmor/instance.go \ + internal/server/apparmor/instance_qemu.go \ + internal/server/instance/drivers/driver_qemu.go || die "Failed to fix hardcoded ovmf paths." + + # Fix hardcoded virtfs-proxy-helper file path, see bug 798924 + sed -i \ + -e "s:/usr/lib/qemu/virtfs-proxy-helper:/usr/libexec/virtfs-proxy-helper:g" \ + internal/server/device/device_utils_disk.go || die "Failed to fix virtfs-proxy-helper path." + + cp "${FILESDIR}"/incus-0.4.service "${T}"/incus.service || die + if use apparmor; then + sed -i \ + '/^EnvironmentFile=.*/a ExecStartPre=\/usr\/libexec\/lxc\/lxc-apparmor-load' \ + "${T}"/incus.service || die + fi + + # Disable -Werror's from go modules. + find "${S}" -name "cgo.go" -exec sed -i "s/ -Werror / /g" {} + || die +} + +src_configure() { :; } + +src_compile() { + export GOPATH="${S}/_dist" + export CGO_LDFLAGS_ALLOW="-Wl,-z,now" + + for k in incus-benchmark incus-simplestreams incus-user incus lxc-to-incus lxd-to-incus ; do + ego install -v -x "${S}/cmd/${k}" + done + + if use fuidshift ; then + ego install -v -x "${S}/cmd/fuidshift" + fi + + ego install -v -x -tags libsqlite3 "${S}"/cmd/incusd + + # Needs to be built statically + CGO_ENABLED=0 go install -v -tags netgo "${S}"/cmd/incus-migrate + CGO_ENABLED=0 go install -v -tags agent,netgo "${S}"/cmd/incus-agent + + use nls && emake build-mo +} + +src_test() { + emake check +} + +src_install() { + export GOPATH="${S}/_dist" + local bindir="_dist/bin" + + newsbin "${FILESDIR}"/incus-startup-0.4.sh incus-startup + + # Admin tools + for l in incusd incus-user lxd-to-incus ; do + dosbin ${bindir}/${l} + done + + # User tools + for m in incus-agent incus-benchmark incus-migrate incus-simplestreams incus lxc-to-incus ; do + dobin ${bindir}/${m} + done + + # fuidshift, should be moved under admin tools at some point + if use fuidshift ; then + dosbin ${bindir}/fuidshift + fi + + newconfd "${FILESDIR}"/incus-0.4.confd incus + newinitd "${FILESDIR}"/incus-0.4.initd incus + newinitd "${FILESDIR}"/incus-user-0.4.initd incus-user + + systemd_dounit "${T}"/incus.service + systemd_newunit "${FILESDIR}"/incus-0.4.socket incus.socket + systemd_newunit "${FILESDIR}"/incus-startup-0.4.service incus-startup.service + systemd_newunit "${FILESDIR}"/incus-user-0.4.service incus-user.service + systemd_newunit "${FILESDIR}"/incus-user-0.4.socket incus-user.socket + + # Generate and install shell completion files. + mkdir -p "${D}"/usr/share/{bash-completion/completions/,fish/vendor_completions.d/,zsh/site-functions/} || die + "${bindir}"/incus completion bash > "${D}"/usr/share/bash-completion/completions/incus || die + "${bindir}"/incus completion fish > "${D}"/usr/share/fish/vendor_completions.d/incus.fish || die + "${bindir}"/incus completion zsh > "${D}"/usr/share/zsh/site-functions/_incus || die + + dodoc AUTHORS + dodoc -r doc/* + use nls && domo po/*.mo +} + +pkg_postinst() { + elog + elog "Please see" + elog " https://wiki.gentoo.org/wiki/Incus" + elog " https://wiki.gentoo.org/wiki/Incus#Migrating_from_LXD" + elog + optfeature "virtual machine support" app-cdr/cdrtools app-emulation/qemu[spice,usbredir,virtfs] + optfeature "btrfs storage backend" sys-fs/btrfs-progs + optfeature "ipv6 support" net-dns/dnsmasq[ipv6] + optfeature "full incus-migrate support" net-misc/rsync + optfeature "lvm2 storage backend" sys-fs/lvm2 + optfeature "zfs storage backend" sys-fs/zfs + elog + elog "Be sure to add your local user to the incus group." + elog +} diff --git a/app-containers/incus/incus-6.0.0-r1.ebuild b/app-containers/incus/incus-6.0.0-r1.ebuild new file mode 100644 index 000000000000..79a1af3f07c5 --- /dev/null +++ b/app-containers/incus/incus-6.0.0-r1.ebuild @@ -0,0 +1,219 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module linux-info optfeature systemd toolchain-funcs verify-sig + +DESCRIPTION="Modern, secure and powerful system container and virtual machine manager" +HOMEPAGE="https://linuxcontainers.org/incus/introduction/ https://github.com/lxc/incus" +SRC_URI="https://linuxcontainers.org/downloads/incus/${P}.tar.xz + verify-sig? ( https://linuxcontainers.org/downloads/incus/${P}.tar.xz.asc )" + +LICENSE="Apache-2.0 BSD LGPL-3 MIT" +SLOT="0" +KEYWORDS="~amd64 ~arm64" +IUSE="apparmor fuidshift nls" + +DEPEND="acct-group/incus + acct-group/incus-admin + app-arch/xz-utils + >=app-containers/lxc-5.0.0:=[apparmor?,seccomp(+)] + dev-db/sqlite:3 + >=dev-libs/cowsql-1.15.6 + dev-libs/lzo + >=dev-libs/raft-0.22.1:=[lz4] + >=dev-util/xdelta-3.0[lzma(+)] + net-dns/dnsmasq[dhcp] + sys-libs/libcap + virtual/udev" +RDEPEND="${DEPEND} + fuidshift? ( !app-containers/lxd ) + net-firewall/ebtables + net-firewall/iptables + sys-apps/iproute2 + sys-fs/fuse:* + >=sys-fs/lxcfs-5.0.0 + sys-fs/squashfs-tools[lzma] + virtual/acl" +BDEPEND=">=dev-lang/go-1.21 + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +CONFIG_CHECK=" + ~CGROUPS + ~IPC_NS + ~NET_NS + ~PID_NS + + ~SECCOMP + ~USER_NS + ~UTS_NS + + ~KVM + ~MACVTAP + ~VHOST_VSOCK +" + +ERROR_IPC_NS="CONFIG_IPC_NS is required." +ERROR_NET_NS="CONFIG_NET_NS is required." +ERROR_PID_NS="CONFIG_PID_NS is required." +ERROR_SECCOMP="CONFIG_SECCOMP is required." +ERROR_UTS_NS="CONFIG_UTS_NS is required." + +WARNING_KVM="CONFIG_KVM and CONFIG_KVM_AMD/-INTEL is required for virtual machines." +WARNING_MACVTAP="CONFIG_MACVTAP is required for virtual machines." +WARNING_VHOST_VSOCK="CONFIG_VHOST_VSOCK is required for virtual machines." + +# Go magic. +QA_PREBUILT="/usr/bin/incus + /usr/bin/lxc-to-incus + /usr/bin/incus-agent + /usr/bin/incus-benchmark + /usr/bin/incus-migrate + /usr/sbin/fuidshift + /usr/sbin/lxd-to-incus + /usr/sbin/incusd" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +# The testsuite must be run as root. +# make: *** [Makefile:156: check] Error 1 +RESTRICT="test" + +GOPATH="${S}/_dist" + +src_unpack() { + verify-sig_src_unpack + go-module_src_unpack +} + +src_prepare() { + export GOPATH="${S}/_dist" + + default + + sed -i \ + -e "s:\./configure:./configure --prefix=/usr --libdir=${EPREFIX}/usr/lib/incus:g" \ + -e "s:make:make ${MAKEOPTS}:g" \ + Makefile || die + + # Fix hardcoded ovmf file path, see bug 763180 + sed -i \ + -e "s:/usr/share/OVMF:/usr/share/edk2-ovmf:g" \ + -e "s:OVMF_VARS.ms.fd:OVMF_VARS.fd:g" \ + doc/environment.md \ + internal/server/apparmor/instance.go \ + internal/server/apparmor/instance_qemu.go \ + internal/server/instance/drivers/driver_qemu.go || die "Failed to fix hardcoded ovmf paths." + + # Fix hardcoded virtfs-proxy-helper file path, see bug 798924 + sed -i \ + -e "s:/usr/lib/qemu/virtfs-proxy-helper:/usr/libexec/virtfs-proxy-helper:g" \ + internal/server/device/device_utils_disk.go || die "Failed to fix virtfs-proxy-helper path." + + cp "${FILESDIR}"/incus-0.4.service "${T}"/incus.service || die + if use apparmor; then + sed -i \ + '/^EnvironmentFile=.*/a ExecStartPre=\/usr\/libexec\/lxc\/lxc-apparmor-load' \ + "${T}"/incus.service || die + fi + + # Disable -Werror's from go modules. + find "${S}" -name "cgo.go" -exec sed -i "s/ -Werror / /g" {} + || die +} + +src_configure() { :; } + +src_compile() { + export GOPATH="${S}/_dist" + export CGO_LDFLAGS_ALLOW="-Wl,-z,now" + + for k in incus-benchmark incus-simplestreams incus-user incus lxc-to-incus lxd-to-incus ; do + ego install -v -x "${S}/cmd/${k}" + done + + if use fuidshift ; then + ego install -v -x "${S}/cmd/fuidshift" + fi + + ego install -v -x -tags libsqlite3 "${S}"/cmd/incusd + + # Needs to be built statically + CGO_ENABLED=0 go install -v -tags netgo "${S}"/cmd/incus-migrate + CGO_ENABLED=0 go install -v -tags agent,netgo "${S}"/cmd/incus-agent + + use nls && emake build-mo +} + +src_test() { + emake check +} + +src_install() { + export GOPATH="${S}/_dist" + + if tc-is-cross-compiler ; then + local bindir="_dist/bin/linux_${GOARCH}" + else + local bindir="_dist/bin" + fi + + newsbin "${FILESDIR}"/incus-startup-0.4.sh incus-startup + + # Admin tools + for l in incusd incus-user lxd-to-incus ; do + dosbin ${bindir}/${l} + done + + # User tools + for m in incus-agent incus-benchmark incus-migrate incus-simplestreams incus lxc-to-incus ; do + dobin ${bindir}/${m} + done + + # fuidshift, should be moved under admin tools at some point + if use fuidshift ; then + dosbin ${bindir}/fuidshift + fi + + newconfd "${FILESDIR}"/incus-0.4.confd incus + newinitd "${FILESDIR}"/incus-0.4.initd incus + newinitd "${FILESDIR}"/incus-user-0.4.initd incus-user + + systemd_dounit "${T}"/incus.service + systemd_newunit "${FILESDIR}"/incus-0.4.socket incus.socket + systemd_newunit "${FILESDIR}"/incus-startup-0.4.service incus-startup.service + systemd_newunit "${FILESDIR}"/incus-user-0.4.service incus-user.service + systemd_newunit "${FILESDIR}"/incus-user-0.4.socket incus-user.socket + + if ! tc-is-cross-compiler; then + # Generate and install shell completion files. + mkdir -p "${D}"/usr/share/{bash-completion/completions/,fish/vendor_completions.d/,zsh/site-functions/} || die + "${bindir}"/incus completion bash > "${D}"/usr/share/bash-completion/completions/incus || die + "${bindir}"/incus completion fish > "${D}"/usr/share/fish/vendor_completions.d/incus.fish || die + "${bindir}"/incus completion zsh > "${D}"/usr/share/zsh/site-functions/_incus || die + else + ewarn "Shell completion files not installed! Install them manually with incus completion --help" + fi + + dodoc AUTHORS + dodoc -r doc/* + use nls && domo po/*.mo +} + +pkg_postinst() { + elog + elog "Please see" + elog " https://wiki.gentoo.org/wiki/Incus" + elog " https://wiki.gentoo.org/wiki/Incus#Migrating_from_LXD" + elog + optfeature "virtual machine support" app-cdr/cdrtools app-emulation/qemu[spice,usbredir,virtfs] + optfeature "btrfs storage backend" sys-fs/btrfs-progs + optfeature "ipv6 support" net-dns/dnsmasq[ipv6] + optfeature "full incus-migrate support" net-misc/rsync + optfeature "lvm2 storage backend" sys-fs/lvm2 + optfeature "zfs storage backend" sys-fs/zfs + elog + elog "Be sure to add your local user to the incus group." + elog +} diff --git a/app-containers/incus/metadata.xml b/app-containers/incus/metadata.xml new file mode 100644 index 000000000000..adf7210ec6b7 --- /dev/null +++ b/app-containers/incus/metadata.xml @@ -0,0 +1,34 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>juippis@gentoo.org</email> + <name>Joonas Niilola</name> + </maintainer> + <maintainer type="project"> + <email>virtualization@gentoo.org</email> + <name>Gentoo Virtualization Project</name> + </maintainer> + <use> + <flag name="fuidshift">Install the fuidshift binary - currently conflicts with app-containers/lxd</flag> + </use> + <longdescription> + Incus is a modern, secure and powerful system container and virtual machine manager. + Incus is a community fork from Canonical's LXD. + + It provides a unified experience for running and managing full Linux systems inside containers + or virtual machines. Incus supplies images for a wide number of Linux distributions and is built + around a very powerful, yet pretty simple, REST API. Incus scales from one instance on a single + machine to a cluster in a full data center rack, making it suitable for running workloads both + for development and in production. + + Incus allows you to easily set up a system that feels like a small private cloud. You can run any + type of workload in an efficient way while keeping your resources optimized. + + You should consider using Incus if you want to containerize different environments or run virtual + machines, or in general run and manage your infrastructure in a cost-effective way. + </longdescription> + <upstream> + <remote-id type="github">canonical/lxd</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/k3d/Manifest b/app-containers/k3d/Manifest new file mode 100644 index 000000000000..536b64890a4f --- /dev/null +++ b/app-containers/k3d/Manifest @@ -0,0 +1,2 @@ +DIST k3d-5.4.9.tar.gz 7740293 BLAKE2B b7a657720524abac2c36cccef8cf6e9c5588fcc191ecc2a3f7ed138762cc23abdc2b6413c67d426635e50777b8b87fccf93dc7cd88b0dd5c67becbc3f9056472 SHA512 caa6566f79837deb31db991df5475369b4921a5a110b723ad6c76f8ce2349399d0843d3e5de071a4ec50b318157d8fb47cc36018a0af9bb487793269c27027bf +DIST k3d-5.6.0.tar.gz 8022281 BLAKE2B 93f32f65e6c42650608b94d58d2149c3fec96251500be0d95d5673f07ae8c366d80954afa4d80eec149b7a9e8af7389323c21498910a3010bb80b975f64064d0 SHA512 c13df93499ffde6567e4bf7dcf260cb65ca01c390bf39361122fa61553591f418213049cf29d8dde63896f026a28d96f4e2ab522a143ac66cfa9f3786f8ba9b9 diff --git a/app-containers/k3d/k3d-5.4.9.ebuild b/app-containers/k3d/k3d-5.4.9.ebuild new file mode 100644 index 000000000000..6f57b743d680 --- /dev/null +++ b/app-containers/k3d/k3d-5.4.9.ebuild @@ -0,0 +1,39 @@ +# Copyright 2021-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module + +DESCRIPTION="k3d creates k3s clusters in docker" +HOMEPAGE="https://github.com/rancher/k3d" + +K3D_K3S_TAG=v1.24.12-k3s1 +SRC_URI="https://github.com/rancher/k3d/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz" +LICENSE="MIT Apache-2.0 BSD BSD-2 MPL-2.0 ISC" +SLOT="0" + +KEYWORDS="~amd64" +IUSE="doc" + +src_prepare() { + default + rm Makefile || die +} + +src_compile() { + GOWORK=off \ + CGO_ENABLED=0 \ + go build \ + -mod=vendor \ + -ldflags "-w -s -X github.com/k3d-io/k3d/v5/version.Version=v${PV} -X github.com/k3d-io/k3d/v5/version.K3sVersion=${K3D_K3S_TAG}" \ + -o bin/k3d +} + +src_install() { + dobin bin/${PN} + DOCS=(*.md) + if use doc; then + DOCS+=(docs) + fi + default_src_install +} diff --git a/app-containers/k3d/k3d-5.6.0.ebuild b/app-containers/k3d/k3d-5.6.0.ebuild new file mode 100644 index 000000000000..1baa48e507e5 --- /dev/null +++ b/app-containers/k3d/k3d-5.6.0.ebuild @@ -0,0 +1,39 @@ +# Copyright 2021-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module + +DESCRIPTION="k3d creates k3s clusters in docker" +HOMEPAGE="https://github.com/rancher/k3d" + +K3D_K3S_TAG=v1.28.3-k3s2 +SRC_URI="https://github.com/rancher/k3d/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz" +LICENSE="MIT Apache-2.0 BSD BSD-2 MPL-2.0 ISC" +SLOT="0" + +KEYWORDS="~amd64" +IUSE="doc" + +src_prepare() { + default + rm Makefile || die +} + +src_compile() { + GOWORK=off \ + CGO_ENABLED=0 \ + go build \ + -mod=vendor \ + -ldflags "-w -s -X github.com/k3d-io/k3d/v5/version.Version=v${PV} -X github.com/k3d-io/k3d/v5/version.K3sVersion=${K3D_K3S_TAG}" \ + -o bin/k3d +} + +src_install() { + dobin bin/${PN} + DOCS=(*.md) + if use doc; then + DOCS+=(docs) + fi + default_src_install +} diff --git a/app-containers/k3d/metadata.xml b/app-containers/k3d/metadata.xml new file mode 100644 index 000000000000..43d8f81ce348 --- /dev/null +++ b/app-containers/k3d/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + <name>Zac Medico</name> + </maintainer> + <upstream> + <remote-id type="github">rancher/k3d</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/kompose/Manifest b/app-containers/kompose/Manifest new file mode 100644 index 000000000000..99c79998b3d1 --- /dev/null +++ b/app-containers/kompose/Manifest @@ -0,0 +1,2 @@ +DIST kompose-1.26.1-deps.tar.xz 177960392 BLAKE2B cf9074a64493c8280d2cf4e6c737100338ee049231abc45f3b80665ef864a49cb269285785facb82897c12f09c8f48564a28f180c195dc016f5f54db2989c8f9 SHA512 acba18bedae36e321012993c1e297c9bf59d732d561c72a0eadbd10d5aadbb838e38d3f7c9bd0086157874b58af8cca9ed67587cd931bed0831884b4d7688994 +DIST kompose-1.26.1.tar.gz 434463 BLAKE2B e4cc000723a34d46d39f6222864960c184e72ea8f30eac858a67e1664359676f103775790cdcf3faac798110a6ba5ff5f029a1213b54691abfef965be4ddfe94 SHA512 d9d181b12908298c11d99b9dda6f5e48b0bf44fca84836a7397bc726746f8d1a615a7b26aa90ea64a0fd90c50ddceae6c325d0c9d8c0c14840fc5828cefe8c23 diff --git a/app-containers/kompose/kompose-1.26.1.ebuild b/app-containers/kompose/kompose-1.26.1.ebuild new file mode 100644 index 000000000000..1db26ca08272 --- /dev/null +++ b/app-containers/kompose/kompose-1.26.1.ebuild @@ -0,0 +1,35 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit go-module +GIT_COMMIT=a9d05d50 + +DESCRIPTION="Tool to move from docker-compose to Kubernetes" +HOMEPAGE="https://github.com/kubernetes/kompose https://kompose.io" +SRC_URI="https://github.com/kubernetes/kompose/archive/v${PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" +IUSE="hardened" + +RESTRICT+=" test" + +src_prepare() { + default + sed -i -e 's/-w -s//' Makefile || die +} + +src_compile() { + CGO_LDFLAGS="$(usex hardened '-fno-PIC ' '')" \ + emake \ + GITCOMMIT=${GIT_COMMIT} \ + bin +} + +src_install() { + dobin ${PN} + dodoc -r docs examples {README,RELEASE,CHANGELOG,CONTRIBUTING}.md +} diff --git a/app-containers/kompose/metadata.xml b/app-containers/kompose/metadata.xml new file mode 100644 index 000000000000..8577a1ac59bf --- /dev/null +++ b/app-containers/kompose/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> + <upstream> + <remote-id type="github">kubernetes/kompose</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/lxc-templates/Manifest b/app-containers/lxc-templates/Manifest new file mode 100644 index 000000000000..292a5eb8bce9 --- /dev/null +++ b/app-containers/lxc-templates/Manifest @@ -0,0 +1,2 @@ +DIST lxc-templates-3.0.4.tar.gz 257015 BLAKE2B 599c0cb083cf358c8252467b3870450e754b2aa30daf8d72e07e746ce37e2fb26fecc0adf416325c9e02b1f98f5745af5985360e9494e5ed54a242a3e17330d4 SHA512 e5b628b40e7108fca858dbd9ae92495016069ff3cba7feb34e9559c7f61dfc36944a9ef441369952a988e821f8b5d883ae97b81f6eef0683a22f1f702b5b913e +DIST lxc-templates-3.0.4.tar.gz.asc 833 BLAKE2B a125e46200cbc1bce6a721ba338b6c896098711a7454ee18a153b9e7a3d25e08ea29cf13accf25e8af085865237fe4b20d633c92d71103213a49ba7d80de0154 SHA512 1195a3d835935606af405af77d5ee629dc7b7c0f05a17c05df191f6275c8e7ebec9eb05201bbfb46060af5a36aba4f17b53122904fd10f2d8b28524f4e5b5e71 diff --git a/app-containers/lxc-templates/files/lxc-templates-3.0.1-no-cache-dir.patch b/app-containers/lxc-templates/files/lxc-templates-3.0.1-no-cache-dir.patch new file mode 100644 index 000000000000..d7e50fd3712b --- /dev/null +++ b/app-containers/lxc-templates/files/lxc-templates-3.0.1-no-cache-dir.patch @@ -0,0 +1,12 @@ +--- a/Makefile.am ++++ b/Makefile.am +@@ -10,9 +10,5 @@ EXTRA_DIST = \ + CONTRIBUTING \ + MAINTAINERS + +-install-data-local: +- $(MKDIR_P) $(DESTDIR)$(LXCPATH) +- $(MKDIR_P) $(DESTDIR)$(localstatedir)/cache/lxc +- + ChangeLog:: + @touch ChangeLog diff --git a/app-containers/lxc-templates/lxc-templates-3.0.4.ebuild b/app-containers/lxc-templates/lxc-templates-3.0.4.ebuild new file mode 100644 index 000000000000..4e0d01e710cd --- /dev/null +++ b/app-containers/lxc-templates/lxc-templates-3.0.4.ebuild @@ -0,0 +1,30 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools verify-sig + +DESCRIPTION="Old style template scripts for LXC" +HOMEPAGE="https://linuxcontainers.org/ https://github.com/lxc/lxc-templates" +SRC_URI="https://linuxcontainers.org/downloads/lxc/${P}.tar.gz + verify-sig? ( https://linuxcontainers.org/downloads/lxc/${P}.tar.gz.asc )" + +KEYWORDS="amd64 ~arm ~arm64 ~ppc64 ~riscv x86" + +LICENSE="LGPL-3" +SLOT="0" + +RDEPEND=">=app-containers/lxc-3.0" +DEPEND="${RDEPEND}" +BDEPEND="verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +PATCHES=( "${FILESDIR}/${PN}-3.0.1-no-cache-dir.patch" ) +DOCS=() + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +src_prepare() { + default + eautoreconf +} diff --git a/app-containers/lxc-templates/metadata.xml b/app-containers/lxc-templates/metadata.xml new file mode 100644 index 000000000000..7761d238525c --- /dev/null +++ b/app-containers/lxc-templates/metadata.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>juippis@gentoo.org</email> + <name>Joonas Niilola</name> + </maintainer> + <maintainer type="project"> + <email>virtualization@gentoo.org</email> + <name>Gentoo Virtualization Project</name> + </maintainer> + <upstream> + <remote-id type="github">lxc/lxc-templates</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/lxc/Manifest b/app-containers/lxc/Manifest new file mode 100644 index 000000000000..0257fd2ae87a --- /dev/null +++ b/app-containers/lxc/Manifest @@ -0,0 +1,4 @@ +DIST lxc-5.0.3.tar.gz 975269 BLAKE2B 533d97fe4d986acbf5d562bb2c295a63df2a9a8bfc27aeff5056e4235f667102500debc586c5698482ec048c1b222a0fdc234db6fd6648c4b649f87a85de18f8 SHA512 0553be317431ab7ec0c450c0f85724a53de1f251c39c9716168e17cda6a8daec70b8221228c4be64027df28a327e0f1fd508e6bb48348ab540bbfeaf2b9ac974 +DIST lxc-5.0.3.tar.gz.asc 833 BLAKE2B c35278ed17cad76d2ea94b3985e0110731efea751fb5f1c2d1c9db71486e4844285f372a94c8611dcfe91fdb16459694843b9e0a8273cfc68a56f549c7162cfb SHA512 a5ce5769d49abdf35d94de8273fd3e9c2a8ba4fafea71cf33ee6bce1d83531c8b550d972f7080409a4cc5a92e9d04ece50ed108f92c6aec4868d150e58d7d11a +DIST lxc-6.0.0.tar.gz 964053 BLAKE2B d41bcab4e225c139d4d41df5291717e4d196fe3b48d978a993811b74a08e7a75e1528f4bf44f694a624537632bdec642cd80cf51a528dea848baa11c10471afa SHA512 acff2fc70cf2c65af37b70a21239482c3d845c408f7132558b54980e4400c23670c63178a3a3dfb239f047f529004df93cd829d728852a8c8647ce6babf7857f +DIST lxc-6.0.0.tar.gz.asc 833 BLAKE2B d2cda07e605d64dbb650506cf536c545e2c5746973c834f4d4f409064e2ba8265040b13a60e124e30e154bbc5a51c704bad0fa2ff5530effddfa449618aa60a7 SHA512 4e56ffa7395877714f993d9c54cf8b9df91cdced96c5a609b63f5e3896a0a51db8ba6f99bf2360d60af202df79123deea72215bf854d8798d3af361a4888445e diff --git a/app-containers/lxc/files/lxc-monitord.service.5.0.0 b/app-containers/lxc/files/lxc-monitord.service.5.0.0 new file mode 100644 index 000000000000..ff4a201152c0 --- /dev/null +++ b/app-containers/lxc/files/lxc-monitord.service.5.0.0 @@ -0,0 +1,11 @@ +[Unit] +Description=LXC Container Monitoring Daemon +After=syslog.service network.target +Documentation=man:lxc + +[Service] +Type=simple +ExecStart=/usr/libexec/lxc/lxc-monitord --daemon + +[Install] +WantedBy=multi-user.target diff --git a/app-containers/lxc/files/lxc-net.service.5.0.0 b/app-containers/lxc/files/lxc-net.service.5.0.0 new file mode 100644 index 000000000000..8a037fcb7614 --- /dev/null +++ b/app-containers/lxc/files/lxc-net.service.5.0.0 @@ -0,0 +1,15 @@ +[Unit] +Description=LXC network bridge setup +After=network-online.target +Before=lxc.service +Documentation=man:lxc +ConditionVirtualization=!lxc + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/libexec/lxc/lxc-net start +ExecStop=/usr/libexec/lxc/lxc-net stop + +[Install] +WantedBy=multi-user.target diff --git a/app-containers/lxc/files/lxc.initd.9 b/app-containers/lxc/files/lxc.initd.9 new file mode 100644 index 000000000000..4958fbcbbc7b --- /dev/null +++ b/app-containers/lxc/files/lxc.initd.9 @@ -0,0 +1,132 @@ +#!/sbin/openrc-run +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +CONTAINER=${SVCNAME#*.} + +LXC_PATH=`lxc-config lxc.lxcpath` + +lxc_get_configfile() { + if [ -f "${LXC_PATH}/${CONTAINER}.conf" ]; then + echo "${LXC_PATH}/${CONTAINER}.conf" + elif [ -f "${LXC_PATH}/${CONTAINER}/config" ]; then + echo "${LXC_PATH}/${CONTAINER}/config" + else + eerror "Unable to find a suitable configuration file." + eerror "If you set up the container in a non-standard" + eerror "location, please set the CONFIGFILE variable." + return 1 + fi +} + +[ $CONTAINER != $SVCNAME ] && CONFIGFILE=${CONFIGFILE:-$(lxc_get_configfile)} + +lxc_get_var() { + awk 'BEGIN { FS="[ \t]*=[ \t]*" } $1 == "'$1'" { print $2; exit }' ${CONFIGFILE} +} + +lxc_get_net_link_type() { + # gentoo bugfix 909640, drop commented lines before awk + grep -v '^#' ${CONFIGFILE} | awk 'BEGIN { FS="[ \t]*=[ \t]*"; _link=""; _type="" } + $1 == "lxc.network.type" {_type=$2;} + $1 == "lxc.network.link" {_link=$2;} + match($1, /lxc\.net\.[[:digit:]]+\.type/) {_type=$2;} + match($1, /lxc\.net\.[[:digit:]]+\.link/) {_link=$2;} + {if(_link != "" && _type != ""){ + printf("%s:%s\n", _link, _type ); + _link=""; _type=""; + }; }' +} + +checkconfig() { + if [ ${CONTAINER} = ${SVCNAME} ]; then + eerror "You have to create an init script for each container:" + eerror " ln -s lxc /etc/init.d/lxc.container" + return 1 + fi + + # no need to output anything, the function takes care of that. + [ -z "${CONFIGFILE}" ] && return 1 + + utsname=$(lxc_get_var lxc.uts.name) + if [ -z "$utsname" ] ; then + utsname=$(lxc_get_var lxc.utsname) + fi + + if [ "${CONTAINER}" != "${utsname}" ]; then + eerror "You should use the same name for the service and the" + eerror "container. Right now the container is called ${utsname}" + return 1 + fi +} + +depend() { + # be quiet, since we have to run depend() also for the + # non-muxed init script, unfortunately. + checkconfig 2>/dev/null || return 0 + + config ${CONFIGFILE} + need localmount + use lxcfs + + local _x _if + for _x in $(lxc_get_net_link_type); do + _if=${_x%:*} + case "${_x##*:}" in + # when the network type is set to phys, we can make use of a + # network service (for instance to set it up before we disable + # the net_admin capability), but we might also not set it up + # at all on the host and leave the net_admin capable service + # to take care of it. + phys) use net.${_if} ;; + *) need net.${_if} ;; + esac + done +} + +start() { + checkconfig || return 1 + rm -f /var/log/lxc/${CONTAINER}.log + + rootpath=$(lxc_get_var lxc.rootfs) + + # Check the format of our init and the chroot's init, to see + # if we have to use linux32 or linux64; always use setarch + # when required, as that makes it easier to deal with + # x32-based containers. + case $(scanelf -BF '%a#f' ${rootpath}/sbin/init) in + EM_X86_64) setarch=linux64;; + EM_386) setarch=linux32;; + esac + + ebegin "Starting LXC container ${CONTAINER}" + env -i ${setarch} $(which lxc-start) -n ${CONTAINER} -f ${CONFIGFILE} -d -o /var/log/lxc/${CONTAINER}.log + sleep 1 + + # lxc-start -d will _always_ report a correct startup, even if it + # failed, so rather than trust that, check that the cgroup exists. + # fix for LXC 3.1 + + STATE="$(lxc-info -s -H ${CONTAINER})" + [ "$STATE" = "RUNNING" ] + + eend $? +} + +stop() { + checkconfig || return 1 + + STATE="$(lxc-info -s -H ${CONTAINER})" + + if ! [ "$STATE" = "RUNNING" ]; then + ewarn "${CONTAINER} doesn't seem to be started." + return 0 + fi + + # 30s should be enough to shut everything down + # lxc-stop will return back anyway as soon as successful shutdown + # after 30s, lxc-stop sends SIGKILL (dirty shotdown) + ebegin "Stopping LXC container ${CONTAINER}" + lxc-stop -t 30 -n ${CONTAINER} + eend $? +} diff --git a/app-containers/lxc/files/lxc.service-5.0.0 b/app-containers/lxc/files/lxc.service-5.0.0 new file mode 100644 index 000000000000..35d0dff241d0 --- /dev/null +++ b/app-containers/lxc/files/lxc.service-5.0.0 @@ -0,0 +1,19 @@ +[Unit] +Description=LXC Container Initialization and Autoboot Code +After=network.target lxc-net.service remote-fs.target +Wants=lxc-net.service +Documentation=man:lxc-autostart man:lxc + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStartPre=/usr/libexec/lxc/lxc-apparmor-load +ExecStart=/usr/libexec//lxc/lxc-containers start +ExecStop=/usr/libexec/lxc/lxc-containers stop +ExecReload=/usr/libexec/lxc/lxc-apparmor-load +# Environment=BOOTUP=serial +# Environment=CONSOLETYPE=serial +Delegate=yes + +[Install] +WantedBy=multi-user.target diff --git a/app-containers/lxc/files/lxc_at.service.5.0.0 b/app-containers/lxc/files/lxc_at.service.5.0.0 new file mode 100644 index 000000000000..447b6c87ec5d --- /dev/null +++ b/app-containers/lxc/files/lxc_at.service.5.0.0 @@ -0,0 +1,19 @@ +[Unit] +Description=LXC Container: %i +# This pulls in apparmor, dev-setup, lxc-net +After=lxc.service +Wants=lxc.service +Documentation=man:lxc-start man:lxc + +[Service] +Type=simple +KillMode=mixed +TimeoutStopSec=120s +ExecStart=/usr/bin/lxc-start -F -n %i +ExecStop=/usr/bin/lxc-stop -n %i +# Environment=BOOTUP=serial +# Environment=CONSOLETYPE=serial +Delegate=yes + +[Install] +WantedBy=multi-user.target diff --git a/app-containers/lxc/lxc-5.0.3.ebuild b/app-containers/lxc/lxc-5.0.3.ebuild new file mode 100644 index 000000000000..4fdedaf083a2 --- /dev/null +++ b/app-containers/lxc/lxc-5.0.3.ebuild @@ -0,0 +1,169 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit bash-completion-r1 linux-info meson optfeature systemd toolchain-funcs verify-sig + +DESCRIPTION="A userspace interface for the Linux kernel containment features" +HOMEPAGE="https://linuxcontainers.org/ https://github.com/lxc/lxc" +SRC_URI="https://linuxcontainers.org/downloads/lxc/${P}.tar.gz + verify-sig? ( https://linuxcontainers.org/downloads/lxc/${P}.tar.gz.asc )" + +LICENSE="GPL-2 LGPL-2.1 LGPL-3" +SLOT="0/1.502" # SONAME liblxc.so.1 + ${PV//./} _if_ breaking ABI change while bumping. +KEYWORDS="amd64 ~arm ~arm64 ~ppc64 ~riscv x86" +IUSE="apparmor +caps examples io-uring lto man pam seccomp selinux ssl systemd test +tools" + +RDEPEND="acct-group/lxc + acct-user/lxc + apparmor? ( sys-libs/libapparmor ) + caps? ( sys-libs/libcap[static-libs] ) + io-uring? ( >=sys-libs/liburing-2:= ) + pam? ( sys-libs/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux ) + ssl? ( dev-libs/openssl:0= ) + systemd? ( sys-apps/systemd:= ) + tools? ( sys-libs/libcap[static-libs] )" +DEPEND="${RDEPEND} + sys-kernel/linux-headers" +BDEPEND="virtual/pkgconfig + man? ( app-text/docbook2X ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +RESTRICT="!test? ( test )" + +CONFIG_CHECK="~!NETPRIO_CGROUP + ~CGROUPS + ~CGROUP_CPUACCT + ~CGROUP_DEVICE + ~CGROUP_FREEZER + + ~CGROUP_SCHED + ~CPUSETS + ~IPC_NS + ~MACVLAN + + ~MEMCG + ~NAMESPACES + ~NET_NS + ~PID_NS + + ~POSIX_MQUEUE + ~USER_NS + ~UTS_NS + ~VETH" + +ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER: needed to freeze containers" +ERROR_MACVLAN="CONFIG_MACVLAN: needed for internal (inter-container) networking" +ERROR_MEMCG="CONFIG_MEMCG: needed for memory resource control in containers" +ERROR_NET_NS="CONFIG_NET_NS: needed for unshared network" +ERROR_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: needed for lxc-execute command" +ERROR_UTS_NS="CONFIG_UTS_NS: needed to unshare hostnames and uname info" +ERROR_VETH="CONFIG_VETH: needed for internal (host-to-container) networking" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +DOCS=( AUTHORS CONTRIBUTING MAINTAINERS README.md doc/FAQ.txt ) + +pkg_setup() { + linux-info_pkg_setup +} + +src_configure() { + local emesonargs=( + --localstatedir "${EPREFIX}/var" + + -Dcoverity-build=false + -Doss-fuzz=false + + -Dcommands=true + -Dmemfd-rexec=true + -Dthread-safety=true + + $(meson_use apparmor) + $(meson_use caps capabilities) + $(meson_use examples) + $(meson_use io-uring io-uring-event-loop) + $(meson_use lto b_lto) + $(meson_use man) + $(meson_use pam pam-cgroup) + $(meson_use seccomp) + $(meson_use selinux) + $(meson_use ssl openssl) + $(meson_use test tests) + $(meson_use tools) + + -Ddata-path=/var/lib/lxc + -Ddoc-path=/usr/share/doc/${PF} + -Dlog-path=/var/log/lxc + -Drootfs-mount-path=/var/lib/lxc/rootfs + -Druntime-path=/run + ) + + if use systemd; then + local emesonargs+=( -Dinit-script="systemd" ) + local emesonargs+=( -Dsd-bus=enabled ) + else + local emesonargs+=( -Dinit-script="sysvinit" ) + local emesonargs+=( -Dsd-bus=disabled ) + fi + + use tools && local emesonargs+=( -Dcapabilities=true ) + + if $(tc-ld-is-gold) || $(tc-ld-is-lld); then + local emesonargs+=( -Db_lto_mode=thin ) + else + local emesonargs+=( -Db_lto_mode=default ) + fi + + meson_src_configure +} + +src_install() { + meson_src_install + + # The main bash-completion file will collide with lxd, need to relocate and update symlinks. + mkdir -p "${ED}"/$(get_bashcompdir) || die "Failed to create bashcompdir." + + if use tools; then + bashcomp_alias lxc-start lxc-{attach,autostart,cgroup,checkpoint,config,console,copy,create,destroy,device,execute,freeze,info,ls,monitor,snapshot,stop,top,unfreeze,unshare,usernsexec,wait} + else + bashcomp_alias lxc-start lxc-usernsexec + fi + + keepdir /var/lib/cache/lxc /var/lib/lib/lxc + + find "${ED}" -name '*.la' -delete -o -name '*.a' -delete || die + + # Replace upstream sysvinit/systemd files. + if use systemd; then + rm -r "${D}$(systemd_get_systemunitdir)" || die "Failed to remove systemd lib dir" + else + rm "${ED}"/etc/init.d/lxc-{containers,net} || die "Failed to remove sysvinit scripts" + fi + + newinitd "${FILESDIR}/${PN}.initd.9" ${PN} + systemd_newunit "${FILESDIR}"/lxc-monitord.service.5.0.0 lxc-monitord.service + systemd_newunit "${FILESDIR}"/lxc-net.service.5.0.0 lxc-net.service + systemd_newunit "${FILESDIR}"/lxc.service-5.0.0 lxc.service + systemd_newunit "${FILESDIR}"/lxc_at.service.5.0.0 "lxc@.service" + + if ! use apparmor; then + sed -i '/lxc-apparmor-load/d' "${D}$(systemd_get_systemunitdir)/lxc.service" || + die "Failed to remove apparmor references from lxc.service systemd unit." + fi +} + +pkg_postinst() { + elog "Please refer to " + elog "https://wiki.gentoo.org/wiki/LXC for introduction and usage guide." + elog + elog "Run 'lxc-checkconfig' to see optional kernel features." + elog + + optfeature "automatic template scripts" app-containers/lxc-templates + optfeature "Debian-based distribution container image support" dev-util/debootstrap + optfeature "snapshot & restore functionality" sys-process/criu +} diff --git a/app-containers/lxc/lxc-6.0.0-r1.ebuild b/app-containers/lxc/lxc-6.0.0-r1.ebuild new file mode 100644 index 000000000000..64d7aef60e47 --- /dev/null +++ b/app-containers/lxc/lxc-6.0.0-r1.ebuild @@ -0,0 +1,171 @@ +# Copyright 2022-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit bash-completion-r1 linux-info meson optfeature systemd toolchain-funcs verify-sig + +DESCRIPTION="A userspace interface for the Linux kernel containment features" +HOMEPAGE="https://linuxcontainers.org/ https://github.com/lxc/lxc" +SRC_URI="https://linuxcontainers.org/downloads/lxc/${P}.tar.gz + verify-sig? ( https://linuxcontainers.org/downloads/lxc/${P}.tar.gz.asc )" + +LICENSE="GPL-2 LGPL-2.1 LGPL-3" +SLOT="0/1.8" # SONAME liblxc.so.1 + ${PV//./} _if_ breaking ABI change while bumping. +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="apparmor +caps examples io-uring lto man pam seccomp selinux ssl systemd test +tools" + +RDEPEND="acct-group/lxc + acct-user/lxc + sys-apps/dbus + apparmor? ( sys-libs/libapparmor ) + caps? ( sys-libs/libcap[static-libs] ) + io-uring? ( >=sys-libs/liburing-2:= ) + pam? ( sys-libs/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux ) + ssl? ( dev-libs/openssl:0= ) + systemd? ( sys-apps/systemd:= ) + tools? ( sys-libs/libcap[static-libs] )" +DEPEND="${RDEPEND} + sys-kernel/linux-headers" +BDEPEND="virtual/pkgconfig + man? ( app-text/docbook2X ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +RESTRICT="!test? ( test )" + +CONFIG_CHECK="~!NETPRIO_CGROUP + ~CGROUPS + ~CGROUP_CPUACCT + ~CGROUP_DEVICE + ~CGROUP_FREEZER + + ~CGROUP_SCHED + ~CPUSETS + ~IPC_NS + ~MACVLAN + + ~MEMCG + ~NAMESPACES + ~NET_NS + ~PID_NS + + ~POSIX_MQUEUE + ~USER_NS + ~UTS_NS + ~VETH" + +ERROR_CGROUP_FREEZER="CONFIG_CGROUP_FREEZER: needed to freeze containers" +ERROR_MACVLAN="CONFIG_MACVLAN: needed for internal (inter-container) networking" +ERROR_MEMCG="CONFIG_MEMCG: needed for memory resource control in containers" +ERROR_NET_NS="CONFIG_NET_NS: needed for unshared network" +ERROR_POSIX_MQUEUE="CONFIG_POSIX_MQUEUE: needed for lxc-execute command" +ERROR_UTS_NS="CONFIG_UTS_NS: needed to unshare hostnames and uname info" +ERROR_VETH="CONFIG_VETH: needed for internal (host-to-container) networking" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +DOCS=( AUTHORS CONTRIBUTING MAINTAINERS README.md doc/FAQ.txt ) + +pkg_setup() { + linux-info_pkg_setup +} + +src_configure() { + + # -Dtools-multicall=false: will create a single binary called 'lxc' that conflicts with LXD. + local emesonargs=( + --localstatedir "${EPREFIX}/var" + + -Ddbus=true + + -Dcoverity-build=false + -Dinstall-state-dirs=false + -Doss-fuzz=false + -Dspecfile=false + -Dtools-multicall=false + + -Dcommands=true + -Dinstall-init-files=true + -Dmemfd-rexec=true + -Dthread-safety=true + + $(meson_use apparmor) + $(meson_use caps capabilities) + $(meson_use examples) + $(meson_use io-uring io-uring-event-loop) + $(meson_use lto b_lto) + $(meson_use man) + $(meson_use pam pam-cgroup) + $(meson_use seccomp) + $(meson_use selinux) + $(meson_use ssl openssl) + $(meson_use test tests) + $(meson_use tools) + + $(usex systemd -Dinit-script="systemd" -Dinit-script="sysvinit") + + -Ddata-path=/var/lib/lxc + -Ddoc-path=/usr/share/doc/${PF} + -Dlog-path=/var/log/lxc + -Drootfs-mount-path=/var/lib/lxc/rootfs + -Druntime-path=/run + ) + + use tools && local emesonargs+=( -Dcapabilities=true ) + + if $(tc-ld-is-gold) || $(tc-ld-is-lld); then + local emesonargs+=( -Db_lto_mode=thin ) + else + local emesonargs+=( -Db_lto_mode=default ) + fi + + meson_src_configure +} + +src_install() { + meson_src_install + + # The main bash-completion file will collide with lxd, need to relocate and update symlinks. + mkdir -p "${ED}"/$(get_bashcompdir) || die "Failed to create bashcompdir." + + if use tools; then + bashcomp_alias lxc-start lxc-{attach,autostart,cgroup,checkpoint,config,console,copy,create,destroy,device,execute,freeze,info,ls,monitor,snapshot,stop,top,unfreeze,unshare,usernsexec,wait} + else + bashcomp_alias lxc-start lxc-usernsexec + fi + + find "${ED}" -name '*.la' -delete -o -name '*.a' -delete || die + + # Replace upstream sysvinit/systemd files. + if use systemd; then + rm -r "${D}$(systemd_get_systemunitdir)" || die "Failed to remove systemd lib dir" + else + rm "${ED}"/etc/init.d/lxc-{containers,net} || die "Failed to remove sysvinit scripts" + fi + + newinitd "${FILESDIR}/${PN}.initd.9" ${PN} + systemd_newunit "${FILESDIR}"/lxc-monitord.service.5.0.0 lxc-monitord.service + systemd_newunit "${FILESDIR}"/lxc-net.service.5.0.0 lxc-net.service + systemd_newunit "${FILESDIR}"/lxc.service-5.0.0 lxc.service + systemd_newunit "${FILESDIR}"/lxc_at.service.5.0.0 "lxc@.service" + + if ! use apparmor; then + sed -i '/lxc-apparmor-load/d' "${D}$(systemd_get_systemunitdir)/lxc.service" || + die "Failed to remove apparmor references from lxc.service systemd unit." + fi +} + +pkg_postinst() { + elog "Please refer to " + elog "https://wiki.gentoo.org/wiki/LXC for introduction and usage guide." + elog + elog "Run 'lxc-checkconfig' to see optional kernel features." + elog + + optfeature "creating your own LXC containers" app-containers/distrobuilder + optfeature "automatic template scripts" app-containers/lxc-templates + optfeature "Debian-based distribution container image support" dev-util/debootstrap + optfeature "snapshot & restore functionality" sys-process/criu +} diff --git a/app-containers/lxc/metadata.xml b/app-containers/lxc/metadata.xml new file mode 100644 index 000000000000..7c423aeaca6f --- /dev/null +++ b/app-containers/lxc/metadata.xml @@ -0,0 +1,20 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>juippis@gentoo.org</email> + <name>Joonas Niilola</name> + </maintainer> + <maintainer type="project"> + <email>virtualization@gentoo.org</email> + <name>Gentoo Virtualization Project</name> + </maintainer> + <use> + <flag name="io-uring">Enable io_uring support, and use io_uring instead of epoll</flag> + <flag name="tools">Build and install additional command line tools</flag> + </use> + <upstream> + <remote-id type="github">lxc/lxc</remote-id> + <remote-id type="cpe">cpe:/a:linuxcontainers:lxc</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/lxd/Manifest b/app-containers/lxd/Manifest new file mode 100644 index 000000000000..224db03baf4c --- /dev/null +++ b/app-containers/lxd/Manifest @@ -0,0 +1,12 @@ +DIST lxd-4.0.9.tar.gz 9117078 BLAKE2B aa6689c1e958258484fba5c060765dd71d5406cb4375d3132cdc38633277e6c95322e8e3aed5e9dd251140c6868ec42470e797639dde4af42848e138f3b45ee2 SHA512 657949311753895f3941deaabae2d03092fc67490d2de78db48b296fdd3e9df4c5844467dd6913814426ca423a6ee1da9705bb1a2652ea99fe1356eb7da97ebb +DIST lxd-4.0.9.tar.gz.asc 833 BLAKE2B 7cd0d3ab518d947ca3ea6dc804c6a59b592e4e568152c078fdd3c102420bcd94d2f0b2c335b8b4ecdb19dc3c9a10f665a1510903f395247da956717beaa172a3 SHA512 79a4111571ab43e79cf669e416ed50f3ccae0fbceb86d73757d23c778035e827f47643bc87ff6a2fc64b095345a3d53cbd0c4eb245c75364e907d7449f3a0886 +DIST lxd-5.0.2.tar.gz 16258766 BLAKE2B a0d4e3108664724c064fb8c16031ff7dfa3f49735c81290c78fca1dd8c95774e8d8faf131a9de0961a51fb3f1fb1e3a1219d325e6c440dc42d077bfb6550df0b SHA512 e44b210828251ef2bbdcca332f605294a9258572a52a8e94f5c8dcf8d5c2b3d4cdaf46f85236d9c963de5654d3a0437b5f177ea908a6dac3b5b03fb721be6eaa +DIST lxd-5.0.2.tar.gz.asc 833 BLAKE2B 606cae1439148060acd3fb04fdb108654a351ce2b7484081f7874ab2b0af8de2b5befc5a5409a94af0da25308622234db2e3b411edb20324df458fe85f46ac21 SHA512 884c921a263a8baf2d94958c72e232a0a47d0747f5a9d36ed8fc270edfa18dfc240d1e858e75dcc03eae921dae08d3ddfd34d9146d1510de6a09031da26aaccc +DIST lxd-5.0.3.tar.gz 16628656 BLAKE2B d24b4b2e40635b109b69196995a434fac26e1ffb023bfd2181588ff7543a9022fcd82a0a4ac84d40a7a3f0dceda0167a55e64c40b91c3719dbbeac6e102dd211 SHA512 87f5d9fbe2cef5970c0a95f61dc615f26e4168202d39f53c7323787a246fa1d6a378c7b957d90f6afd02e048fb3080a06f7202d02652973fb33421f18680d9bf +DIST lxd-5.0.3.tar.gz.asc 833 BLAKE2B c6ef26dc8ba4033dbc98367609826389640bfd31da25113f9285dc67b2a69da4fe06a3cacbb83fe5b1b984b5eed8ff3a373d5f88693c2999c10b25a7cfd4cd8d SHA512 424e969de30e4fcfabf65062f387d15bd1cc99ed2c984944c529df92d520b3d5de306a8d444850b3916889d318a88e521d275c62353b25853471efb713d58d18 +DIST lxd-5.19.tar.gz 22506800 BLAKE2B 94940a9e886d005495f8888d4491e5a8f8beee60c44051c767d32fd3dead9a93c1e546c0117207aefb60280a289d464615fba7e80385df23f397388a88be1386 SHA512 11d712245fc9cb77e7eabc748cfac38c1936be1c49b8dc4a2a7ebc06d0797f4d0d728b275cee27f9c2c64bc13275fc29ac57fc8d0dce9c24d6636b51248e9b4f +DIST lxd-5.19.tar.gz.asc 833 BLAKE2B 591f12c8e93199061b588bdffded5d159f714d91c68a0d8003590bc672cec787418611f0597fe8e137b3c2b61e8171ca6393db912b8f55ded39db934d55d3df1 SHA512 2337d42f0a7dfdbb2870511442f05e1dd9c214e1b0d96b20ee677a3a345bf41c15c0b1cb0d42ddd15766813e4ae405577f8b49fa60fdc541fb3db35c0bc569ed +DIST lxd-5.20.tar.gz 22825821 BLAKE2B 616e6659c75e87027883dc6643c8c42cce75f69e7781b93371ca8d00078a7c5086679d70dfd5497ec6be9f917f07d81ef826fc0bdd09317d7b98e435f053c465 SHA512 cf593f967d9d595577ab9b05bad99d04b9c30031461fdd4769f4746e651b3aa8e94fca53548da1aec22ff312a91ff46710ab88043a633fbd78ffafe130fed3e3 +DIST lxd-5.20.tar.gz.asc 833 BLAKE2B 03d469429fee81e6b061de458eeffe7aacf19ccc1dacb73e2e9cf3530439c82fcd016496aa7757d3ff54af2da7372c5ecf0642b3adddff950065b1ceb1e64103 SHA512 e48af466194523903a472a246dfa81cd67ec4ad7b1be6edb1ce9135945be8a810fca3f98de5a4d8b93390119cb0e4eda78a323d5dea0330b0c92e755781982a3 +DIST lxd-5.21.1.tar.gz 23753867 BLAKE2B 102f3c83faa956f6a5f052912417f595a7374c13ff1da21e43b76e267908323f3db05aed8b83fb99a0b70ee03af9b1df0551a2c535db146d5ea6f415f7671e7a SHA512 809099d16ffd12b785a03ad3ed527fa6f0c7503a41b7c93d41fd3418d18f8c68c79e5a689c8df2ed4157d434742bfb5cc267a5afb9734091b224be644a3a6958 +DIST lxd-5.21.1.tar.gz.asc 833 BLAKE2B 1c43b7750e505ef66d4f9fcf3723abf28a7b4e2785866604b88f6dfa80f7e3d0ed33734bc49606ecff16659de9dabfbeb08ba71c36eafc8d05a28397e3e73a89 SHA512 8ec81d1df6d3b9aec58cbde08306a865f9c27e86be04da11a2b5566c78865b51f91edb6fa26e8b5d25202bf33657bd0f867ec986e4e8b39f379b25e03cd6a5d3 diff --git a/app-containers/lxd/files/lxd-4.0.0.confd b/app-containers/lxd/files/lxd-4.0.0.confd new file mode 100644 index 000000000000..68cf344995be --- /dev/null +++ b/app-containers/lxd/files/lxd-4.0.0.confd @@ -0,0 +1,23 @@ +# Group which owns the shared socket +LXD_OPTIONS+=" --group lxd" + +# Enable cpu profiling into the specified file +#LXD_OPTIONS+=" --cpuprofile /tmp/lxc_cpu_profile" + +# Enable memory profiling into the specified file +#LXD_OPTIONS+=" --memprofile /tmp/lxc_mem_profile" + +# Enable debug mode +#LXD_OPTIONS+=" --debug" + +# For debugging, print a complete stack trace every n seconds +#LXD_OPTIONS+=" --print-goroutines-every 5" + +# Enable verbose mode +#LXD_OPTIONS+=" -v" + +# Logfile to log to +#LXD_OPTIONS+=" --logfile /var/log/lxd/lxd.log" + +# Enable syslog logging +#LXD_OPTIONS+=" --syslog" diff --git a/app-containers/lxd/files/lxd-4.0.0.socket b/app-containers/lxd/files/lxd-4.0.0.socket new file mode 100644 index 000000000000..3207c9453d11 --- /dev/null +++ b/app-containers/lxd/files/lxd-4.0.0.socket @@ -0,0 +1,12 @@ +[Unit] +Description=LXD - unix socket +Documentation=man:lxd(1) + +[Socket] +ListenStream=/var/lib/lxd/unix.socket +SocketGroup=lxd +SocketMode=0660 +Service=lxd.service + +[Install] +WantedBy=sockets.target diff --git a/app-containers/lxd/files/lxd-4.0.9-glibc-2.36-fix.patch b/app-containers/lxd/files/lxd-4.0.9-glibc-2.36-fix.patch new file mode 100644 index 000000000000..d05ff2c81bd9 --- /dev/null +++ b/app-containers/lxd/files/lxd-4.0.9-glibc-2.36-fix.patch @@ -0,0 +1,74 @@ +From cc7bab602e6b967fdd31c5feed0f3f6321c0a0a7 Mon Sep 17 00:00:00 2001 +From: Luca Barbato <lu_zero@gentoo.org> +Date: Fri, 13 Jan 2023 21:43:22 +0000 +Subject: [PATCH] Fix syscall wrappers + +--- + lxd/include/syscall_wrappers.h | 7 ++++--- + lxd/main_nsexec.go | 2 +- + shared/idmap/shift_linux.go | 2 +- + 3 files changed, 6 insertions(+), 5 deletions(-) + +diff --git a/lxd/include/syscall_wrappers.h b/lxd/include/syscall_wrappers.h +index 2c28133a8..a6975ab4d 100644 +--- a/lxd/include/syscall_wrappers.h ++++ b/lxd/include/syscall_wrappers.h +@@ -26,10 +26,10 @@ static inline int lxd_close_range(unsigned int fd, unsigned int max_fd, unsigned + return syscall(__NR_close_range, fd, max_fd, flags); + } + +-static inline int open_tree(int dfd, const char *filename, unsigned int flags) ++/* static inline int open_tree(int dfd, const char *filename, unsigned int flags) + { + return syscall(__NR_open_tree, dfd, filename, flags); +-} ++}*/ + + /* + * mount_setattr() +@@ -40,7 +40,7 @@ struct lxc_mount_attr { + __u64 propagation; + __u64 userns_fd; + }; +- ++/* + static inline int mount_setattr(int dfd, const char *path, unsigned int flags, + struct lxc_mount_attr *attr, size_t size) + { +@@ -53,6 +53,7 @@ static inline int move_mount(int from_dfd, const char *from_pathname, int to_dfd + return syscall(__NR_move_mount, from_dfd, from_pathname, to_dfd, + to_pathname, flags); + } ++*/ + + /* arg1 of prctl() */ + #ifndef PR_SCHED_CORE +diff --git a/lxd/main_nsexec.go b/lxd/main_nsexec.go +index f11c0d4cb..753024283 100644 +--- a/lxd/main_nsexec.go ++++ b/lxd/main_nsexec.go +@@ -298,7 +298,7 @@ static char *file_to_buf(char *path, ssize_t *length) + int mount_detach_idmap(const char *path, int fd_userns) + { + __do_close int fd_tree = -EBADF; +- struct lxc_mount_attr attr = { ++ struct mount_attr attr = { + .attr_set = MOUNT_ATTR_IDMAP, + + }; +diff --git a/shared/idmap/shift_linux.go b/shared/idmap/shift_linux.go +index daaf37275..e219ac01c 100644 +--- a/shared/idmap/shift_linux.go ++++ b/shared/idmap/shift_linux.go +@@ -314,7 +314,7 @@ static int get_userns_fd(void) + static int create_detached_idmapped_mount(const char *path) + { + __do_close int fd_tree = -EBADF, fd_userns = -EBADF; +- struct lxc_mount_attr attr = { ++ struct mount_attr attr = { + .attr_set = MOUNT_ATTR_IDMAP, + .propagation = MS_SLAVE, + +-- +2.39.0 + diff --git a/app-containers/lxd/files/lxd-4.0.9-r1.service b/app-containers/lxd/files/lxd-4.0.9-r1.service new file mode 100644 index 000000000000..480940dab7a3 --- /dev/null +++ b/app-containers/lxd/files/lxd-4.0.9-r1.service @@ -0,0 +1,23 @@ +[Unit] +Description=LXD - main daemon +After=network-online.target lxcfs.service lxd.socket +Requires=network-online.target lxcfs.service lxd.socket +Documentation=man:lxd(1) + +[Service] +EnvironmentFile=-/etc/environment +ExecStart=/usr/sbin/lxd --group lxd --syslog +ExecStartPost=/usr/sbin/lxd waitready --timeout=600 +ExecStartPre=/bin/mkdir -p /var/log/lxd +ExecStartPre=/bin/chown -R root:lxd /var/log/lxd +KillMode=process +PermissionsStartOnly=true +TimeoutStartSec=600s +TimeoutStopSec=30s +Restart=on-failure +LimitNOFILE=1048576 +LimitNPROC=infinity +TasksMax=infinity + +[Install] +Also=lxd-containers.service lxd.socket diff --git a/app-containers/lxd/files/lxd-4.0.9.initd b/app-containers/lxd/files/lxd-4.0.9.initd new file mode 100644 index 000000000000..7b3d464ea367 --- /dev/null +++ b/app-containers/lxd/files/lxd-4.0.9.initd @@ -0,0 +1,49 @@ +#!/sbin/openrc-run +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +DAEMON=/usr/sbin/lxd +PIDFILE=/run/lxd.pid + +depend() { + need net + need lxcfs +} + +start() { + ebegin "Starting lxd service" + + modprobe -f loop > /dev/null 2>&1 + + # Fix permissions on /var/lib/lxd and make sure it exists. + # Create a log directory for lxd with correct permissions. + install -d /var/lib/lxd --group lxd --owner root --mode 0775 + install -d /var/log/lxd --group lxd --owner root + start-stop-daemon --start \ + --pidfile ${PIDFILE} \ + --exec ${DAEMON} \ + --background \ + --make-pidfile \ + -- \ + ${LXD_OPTIONS} + eend ${?} +} + +stop() { + if [ "${RC_CMD}" = restart ]; then + ebegin "Stopping lxd service (but not containers)" + # start-stop-daemon sends SIGTERM with a timeout of 5s by default. + # SIGTERM indicates to LXD that it will be stopped temporarily. + # Instances will keep running. + start-stop-daemon --stop --quiet -p "${PIDFILE}" + eend ${?} + else + ebegin "Stopping lxd service and containers, waiting 40s" + # SIGPWR indicates to LXD that the host is going down. + # LXD will do a clean shutdown of all instances. + # After 30s all remaining instances will be killed. + # We wait up to 40s for LXD. + start-stop-daemon --stop --quiet -R SIGPWR/40 -p "${PIDFILE}" + eend ${?} + fi +} diff --git a/app-containers/lxd/files/lxd-5.0.2-r1.initd b/app-containers/lxd/files/lxd-5.0.2-r1.initd new file mode 100644 index 000000000000..7c74c0fdc308 --- /dev/null +++ b/app-containers/lxd/files/lxd-5.0.2-r1.initd @@ -0,0 +1,59 @@ +#!/sbin/openrc-run +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +DAEMON=/usr/sbin/lxd +PIDFILE=/run/lxd.pid + +depend() { + need net + need lxcfs +} + +start() { + ebegin "Starting lxd service" + + modprobe -f loop > /dev/null 2>&1 + + # Fix permissions on /var/lib/lxd and make sure it exists. + # Create a log directory for lxd with correct permissions. + install -d /var/lib/lxd --group lxd --owner root --mode 0775 + install -d /var/log/lxd --group lxd --owner root + + start-stop-daemon --start \ + --pidfile ${PIDFILE} \ + --exec ${DAEMON} \ + --background \ + --make-pidfile \ + -- \ + ${LXD_OPTIONS} + eend ${?} + + # Create necessary systemd paths in order for systemd containers to work on openrc host. + # /etc/rc.conf should have following values: + # rc_cgroup_mode="hybrid" + if [ -d /sys/fs/cgroup/unified ] && + [ ! -d /sys/fs/cgroup/systemd ]; then + install -d /sys/fs/cgroup/systemd --group lxd --owner root + mount -t cgroup -o none,name=systemd systemd /sys/fs/cgroup/systemd + fi +} + +stop() { + if [ "${RC_CMD}" = restart ]; then + ebegin "Stopping lxd service (but not containers)" + # start-stop-daemon sends SIGTERM with a timeout of 5s by default. + # SIGTERM indicates to LXD that it will be stopped temporarily. + # Instances will keep running. + start-stop-daemon --stop --quiet -p "${PIDFILE}" + eend ${?} + else + ebegin "Stopping lxd service and containers, waiting 40s" + # SIGPWR indicates to LXD that the host is going down. + # LXD will do a clean shutdown of all instances. + # After 30s all remaining instances will be killed. + # We wait up to 40s for LXD. + start-stop-daemon --stop --quiet -R SIGPWR/40 -p "${PIDFILE}" + eend ${?} + fi +} diff --git a/app-containers/lxd/files/lxd-5.0.2-remove-shellcheck-buildsystem-checks.patch b/app-containers/lxd/files/lxd-5.0.2-remove-shellcheck-buildsystem-checks.patch new file mode 100644 index 000000000000..a8e457387ee6 --- /dev/null +++ b/app-containers/lxd/files/lxd-5.0.2-remove-shellcheck-buildsystem-checks.patch @@ -0,0 +1,32 @@ +diff -Naur a/Makefile b/Makefile +--- a/Makefile 2023-01-16 21:10:45.000000000 -0000 ++++ b/Makefile 2023-01-19 14:52:28.488204725 -0000 +@@ -248,28 +248,6 @@ + .PHONY: build-mo + build-mo: $(MOFILES) + +-.PHONY: static-analysis +-static-analysis: +-ifeq ($(shell command -v golangci-lint 2> /dev/null),) +- go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.46.2 +-endif +-ifeq ($(shell command -v shellcheck 2> /dev/null),) +- echo "Please install shellcheck" +- exit 1 +-endif +-ifneq "$(shell shellcheck --version | grep version: | cut -d ' ' -f2)" "0.8.0" +- @echo "WARN: shellcheck version is not 0.8.0" +-endif +-ifeq ($(shell command -v flake8 2> /dev/null),) +- echo "Please install flake8" +- exit 1 +-endif +- golangci-lint run --timeout 5m +- flake8 test/deps/import-busybox +- shellcheck --shell sh test/*.sh test/includes/*.sh test/suites/*.sh test/backends/*.sh test/lint/*.sh +- shellcheck test/extras/*.sh +- run-parts --regex '.sh' test/lint +- + .PHONY: tags + tags: *.go lxd/*.go shared/*.go lxc/*.go + find . -type f -name '*.go' | xargs gotags > tags diff --git a/app-containers/lxd/files/lxd-5.0.3-btrfs-quota-group-fix.patch b/app-containers/lxd/files/lxd-5.0.3-btrfs-quota-group-fix.patch new file mode 100644 index 000000000000..4e993b7e7054 --- /dev/null +++ b/app-containers/lxd/files/lxd-5.0.3-btrfs-quota-group-fix.patch @@ -0,0 +1,52 @@ +From e7c852e43c0479060e630adb50342d2552a6cdad Mon Sep 17 00:00:00 2001 +From: Thomas Parrott <thomas.parrott@canonical.com> +Date: Tue, 7 Feb 2023 10:04:27 +0000 +Subject: [PATCH] lxd/storage/drivers/driver/btrfs/utils: Only check for + minimum number of columns in `btrfs qgroup show` command + +Previously we expected 4 columns, but in btrfs-progs >= 6.0 this has changed to 5 columns. + +E.g. in Jammy btrfs-progs v5.16.2: + +``` +sudo btrfs qgroup show /var/lib/lxd/storage-pools/btrfs +qgroupid rfer excl +-------- ---- ---- +0/5 16.00KiB 16.00KiB +0/256 9.66MiB 400.00KiB +0/257 9.66MiB 392.00KiB +``` + +And in Lunar btrfs-progs v6.1.3: + +``` +btrfs qgroup show /var/lib/lxd/storage-pools/btrfs +Qgroupid Referenced Exclusive Path +-------- ---------- --------- ---- +0/5 16.00KiB 16.00KiB <toplevel> +0/256 9.63MiB 400.00KiB images/1f81470478d136f0008c856e3a47369e0ac863f0402ce0e31c56dd29e9fdd4d7 +0/257 9.64MiB 404.00KiB containers/c1 +``` + +Fixes #11210 + +Signed-off-by: Thomas Parrott <thomas.parrott@canonical.com> +--- + lxd/storage/drivers/driver_btrfs_utils.go | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/lxd/storage/drivers/driver_btrfs_utils.go b/lxd/storage/drivers/driver_btrfs_utils.go +index e1468e4b1a59..722a2de20978 100644 +--- a/lxd/storage/drivers/driver_btrfs_utils.go ++++ b/lxd/storage/drivers/driver_btrfs_utils.go +@@ -253,7 +253,9 @@ func (d *btrfs) getQGroup(path string) (string, int64, error) { + } + + fields := strings.Fields(line) +- if len(fields) != 4 { ++ ++ // The BTRFS tooling changed the number of columns between versions so we only check for minimum. ++ if len(fields) < 3 { + continue + } + diff --git a/app-containers/lxd/files/lxd-5.0.3-pr-12834-dont-stop-parsing-image-info.patch b/app-containers/lxd/files/lxd-5.0.3-pr-12834-dont-stop-parsing-image-info.patch new file mode 100644 index 000000000000..768e4d160132 --- /dev/null +++ b/app-containers/lxd/files/lxd-5.0.3-pr-12834-dont-stop-parsing-image-info.patch @@ -0,0 +1,79 @@ +From fe71f2135bdc3aa6ea28de7ed1ac324f7d689ed6 Mon Sep 17 00:00:00 2001 +From: Thomas Parrott <thomas.parrott@canonical.com> +Date: Wed, 7 Feb 2024 16:53:29 +0000 +Subject: [PATCH 1/2] shared/simplestreams/products: Fix regression in parsing + version files + +Don't stop when finding first matching version file because the index is parsed +in random order and LXD calls it multiple times when figuring out which image +file to download and so stopping early can cause mismatches when trying to match +a converted alias to a specific file fingerprint. + +Introduced with 3e9acc4 + +Signed-off-by: Thomas Parrott <thomas.parrott@canonical.com> +(cherry picked from commit 3681d5e54649fcc2fc9375b6820c1133f140228d) +--- + shared/simplestreams/products.go | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/shared/simplestreams/products.go b/shared/simplestreams/products.go +index a07e4d5b1b5b..542051403899 100644 +--- a/shared/simplestreams/products.go ++++ b/shared/simplestreams/products.go +@@ -279,8 +279,6 @@ func (s *Products) ToLXD() ([]api.Image, map[string][][]string) { + if err != nil { + continue + } +- +- break // Stop at first compatible item found. + } else if shared.StringInSlice(item.FileType, lxdCompatItems) { + // Locate the root files + for _, subItem := range version.Items { +@@ -291,8 +289,6 @@ func (s *Products) ToLXD() ([]api.Image, map[string][][]string) { + } + } + } +- +- break // Stop at first compatible item found. + } + } + } + +From d3253e4cbc85b97e3bc6dba9a27fd2ab0c4d8685 Mon Sep 17 00:00:00 2001 +From: Thomas Parrott <thomas.parrott@canonical.com> +Date: Wed, 7 Feb 2024 10:28:36 +0000 +Subject: [PATCH 2/2] shared/simplestreams/simplestreams: Improve error + messages + +Signed-off-by: Thomas Parrott <thomas.parrott@canonical.com> +(cherry picked from commit 56364f5a97373155d5e6a5a6b10d06d16a25fb3c) +--- + shared/simplestreams/simplestreams.go | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/shared/simplestreams/simplestreams.go b/shared/simplestreams/simplestreams.go +index 3f3255cac913..68e1d96278a3 100644 +--- a/shared/simplestreams/simplestreams.go ++++ b/shared/simplestreams/simplestreams.go +@@ -377,7 +377,7 @@ func (s *SimpleStreams) GetFiles(fingerprint string) (map[string]DownloadableFil + } + } + +- return nil, fmt.Errorf("Couldn't find the requested image") ++ return nil, fmt.Errorf("Couldn't find the requested image for fingerprint %q", fingerprint) + } + + // ListAliases returns a list of image aliases for the provided image fingerprint. +@@ -501,9 +501,9 @@ func (s *SimpleStreams) GetImage(fingerprint string) (*api.Image, error) { + } + + if len(matches) == 0 { +- return nil, fmt.Errorf("The requested image couldn't be found") ++ return nil, fmt.Errorf("The requested image couldn't be found for fingerprint %q", fingerprint) + } else if len(matches) > 1 { +- return nil, fmt.Errorf("More than one match for the provided partial fingerprint") ++ return nil, fmt.Errorf("More than one match for the provided partial fingerprint %q", fingerprint) + } + + return &matches[0], nil diff --git a/app-containers/lxd/files/lxd-5.0.3-pr-12847-ignore-incus-archives.patch b/app-containers/lxd/files/lxd-5.0.3-pr-12847-ignore-incus-archives.patch new file mode 100644 index 000000000000..76a6a1476de8 --- /dev/null +++ b/app-containers/lxd/files/lxd-5.0.3-pr-12847-ignore-incus-archives.patch @@ -0,0 +1,26 @@ +From 55bd4024dbfc315c0f57da57f2f9bd9c5c97dad1 Mon Sep 17 00:00:00 2001 +From: Din Music <din.music@canonical.com> +Date: Thu, 18 Jan 2024 17:08:36 +0100 +Subject: [PATCH] shared/simplestreams/products: Search only for lxd archives + +Signed-off-by: Din Music <din.music@canonical.com> +(cherry picked from commit 0c9253da9448475e6de60dd345c67c0179884f13) +--- + shared/simplestreams/products.go | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/shared/simplestreams/products.go b/shared/simplestreams/products.go +index 542051403899..d80d8e7be251 100644 +--- a/shared/simplestreams/products.go ++++ b/shared/simplestreams/products.go +@@ -10,8 +10,8 @@ import ( + "github.com/canonical/lxd/shared/osarch" + ) + +-var lxdCompatCombinedItems = []string{"lxd_combined.tar.gz", "incus_combined.tar.gz"} +-var lxdCompatItems = []string{"lxd.tar.xz", "incus.tar.xz"} ++var lxdCompatCombinedItems = []string{"lxd_combined.tar.gz"} ++var lxdCompatItems = []string{"lxd.tar.xz"} + + // Products represents the base of download.json. + type Products struct { diff --git a/app-containers/lxd/files/lxd-5.0.3-remove-shellcheck-buildsystem-checks.patch b/app-containers/lxd/files/lxd-5.0.3-remove-shellcheck-buildsystem-checks.patch new file mode 100644 index 000000000000..d3efd72ecb37 --- /dev/null +++ b/app-containers/lxd/files/lxd-5.0.3-remove-shellcheck-buildsystem-checks.patch @@ -0,0 +1,33 @@ +diff --git a/Makefile b/Makefile +index 8061227..c9b85d2 100644 +--- a/Makefile ++++ b/Makefile +@@ -258,28 +258,6 @@ endif + .PHONY: build-mo + build-mo: $(MOFILES) + +-.PHONY: static-analysis +-static-analysis: +-ifeq ($(shell command -v golangci-lint),) +- curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $$(go env GOPATH)/bin +-endif +-ifeq ($(shell command -v shellcheck),) +- echo "Please install shellcheck" +- exit 1 +-else +-ifneq "$(shell shellcheck --version | grep version: | cut -d ' ' -f2)" "0.8.0" +- @echo "WARN: shellcheck version is not 0.8.0" +-endif +-endif +-ifeq ($(shell command -v flake8),) +- echo "Please install flake8" +- exit 1 +-endif +- flake8 test/deps/import-busybox +- shellcheck --shell sh test/*.sh test/includes/*.sh test/suites/*.sh test/backends/*.sh test/lint/*.sh +- shellcheck test/extras/*.sh +- run-parts --exit-on-error --regex '.sh' test/lint +- + .PHONY: staticcheck + staticcheck: + ifeq ($(shell command -v staticcheck),) diff --git a/app-containers/lxd/files/lxd-containers-4.0.0.service b/app-containers/lxd/files/lxd-containers-4.0.0.service new file mode 100644 index 000000000000..894760c3506b --- /dev/null +++ b/app-containers/lxd/files/lxd-containers-4.0.0.service @@ -0,0 +1,16 @@ +[Unit] +Description=LXD - container startup/shutdown +Documentation=man:lxd(1) +After=lxd.socket lxd.service +Requires=lxd.socket + +[Service] +Type=oneshot +ExecStart=/usr/sbin/lxd activateifneeded +ExecStop=/usr/sbin/lxd shutdown +TimeoutStartSec=600s +TimeoutStopSec=600s +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target diff --git a/app-containers/lxd/lxd-4.0.9-r4.ebuild b/app-containers/lxd/lxd-4.0.9-r4.ebuild new file mode 100644 index 000000000000..efb4546488c2 --- /dev/null +++ b/app-containers/lxd/lxd-4.0.9-r4.ebuild @@ -0,0 +1,186 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit bash-completion-r1 go-module linux-info optfeature systemd verify-sig + +DESCRIPTION="Fast, dense and secure container management" +HOMEPAGE="https://linuxcontainers.org/lxd/introduction/ https://github.com/lxc/lxd" +SRC_URI="https://linuxcontainers.org/downloads/lxd/${P}.tar.gz + verify-sig? ( https://linuxcontainers.org/downloads/lxd/${P}.tar.gz.asc )" + +LICENSE="Apache-2.0" +SLOT="0/lts" +KEYWORDS="~amd64 ~arm64 ~x86" +IUSE="apparmor ipv6 nls verify-sig" + +DEPEND="acct-group/lxd + app-arch/xz-utils + >=app-containers/lxc-3.0.0[apparmor?,seccomp(+)] + dev-db/sqlite:3 + dev-libs/dqlite + dev-libs/lzo + dev-libs/raft[lz4] + >=dev-util/xdelta-3.0[lzma(+)] + net-dns/dnsmasq[dhcp,ipv6(+)?] + sys-libs/libcap + virtual/udev" +RDEPEND="${DEPEND} + || ( + net-firewall/nftables[json] + ( + net-firewall/ebtables + net-firewall/iptables[ipv6(+)?] + ) + ) + sys-apps/iproute2[ipv6(+)?] + sys-fs/fuse:* + sys-fs/lxcfs + sys-fs/squashfs-tools[lzma] + virtual/acl" +BDEPEND="dev-lang/go + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +CONFIG_CHECK=" + ~CGROUPS + ~IPC_NS + ~NET_NS + ~PID_NS + + ~SECCOMP + ~USER_NS + ~UTS_NS + + ~KVM + ~MACVTAP + ~VHOST_VSOCK +" + +ERROR_IPC_NS="CONFIG_IPC_NS is required." +ERROR_NET_NS="CONFIG_NET_NS is required." +ERROR_PID_NS="CONFIG_PID_NS is required." +ERROR_SECCOMP="CONFIG_SECCOMP is required." +ERROR_UTS_NS="CONFIG_UTS_NS is required." + +WARNING_KVM="CONFIG_KVM and CONFIG_KVM_AMD/-INTEL is required for virtual machines." +WARNING_MACVTAP="CONFIG_MACVTAP is required for virtual machines." +WARNING_VHOST_VSOCK="CONFIG_VHOST_VSOCK is required for virtual machines." + +# Go magic. +QA_PREBUILT="/usr/bin/fuidshift + /usr/bin/lxc + /usr/bin/lxc-to-lxd + /usr/bin/lxd-agent + /usr/bin/lxd-benchmark + /usr/bin/lxd-p2c + /usr/sbin/lxd" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +# The testsuite must be run as root. +# make: *** [Makefile:156: check] Error 1 +RESTRICT="test" + +GOPATH="${S}/_dist" + +PATCHES=( "${FILESDIR}"/lxd-4.0.9-glibc-2.36-fix.patch ) + +src_prepare() { + export GOPATH="${S}/_dist" + + default + + sed -i \ + -e "s:\./configure:./configure --prefix=/usr --libdir=${EPREFIX}/usr/lib/lxd:g" \ + -e "s:make:make ${MAKEOPTS}:g" \ + Makefile || die + + # Fix hardcoded ovmf file path, see bug 763180 + sed -i \ + -e "s:/usr/share/OVMF:/usr/share/edk2-ovmf:g" \ + -e "s:OVMF_VARS.ms.fd:OVMF_VARS.secboot.fd:g" \ + doc/environment.md \ + lxd/apparmor/instance.go \ + lxd/apparmor/instance_qemu.go \ + lxd/instance/drivers/driver_qemu.go || die "Failed to fix hardcoded ovmf paths." + + # Fix hardcoded virtfs-proxy-helper file path, see bug 798924 + sed -i \ + -e "s:/usr/lib/qemu/virtfs-proxy-helper:/usr/libexec/virtfs-proxy-helper:g" \ + lxd/device/device_utils_disk.go || die "Failed to fix virtfs-proxy-helper path." + + cp "${FILESDIR}"/lxd-4.0.9-r1.service "${T}"/lxd.service || die + if use apparmor; then + sed -i \ + '/^EnvironmentFile=.*/a ExecStartPre=\/usr\/libexec\/lxc\/lxc-apparmor-load' \ + "${T}"/lxd.service || die + fi + + # Disable -Werror's from go modules. + find "${S}" -name "cgo.go" -exec sed -i "s/ -Werror / /g" {} + || die +} + +src_configure() { :; } + +src_compile() { + export GOPATH="${S}/_dist" + export CGO_LDFLAGS_ALLOW="-Wl,-z,now" + + for k in fuidshift lxd-benchmark lxc lxc-to-lxd; do + go install -v -x "${S}/${k}" || die "failed compiling ${k}" + done + + go install -v -x -tags libsqlite3 "${S}"/lxd || die "Failed to build the daemon" + + # Needs to be built statically + CGO_ENABLED=0 go install -v -tags netgo "${S}"/lxd-p2c + CGO_ENABLED=0 go install -v -tags agent,netgo "${S}"/lxd-agent + + use nls && emake build-mo +} + +src_test() { + emake check +} + +src_install() { + export GOPATH="${S}/_dist" + local bindir="_dist/bin" + + dosbin ${bindir}/lxd + + for l in fuidshift lxd-agent lxd-benchmark lxd-p2c lxc lxc-to-lxd; do + dobin ${bindir}/${l} + done + + newbashcomp scripts/bash/lxd-client lxc + + newconfd "${FILESDIR}"/lxd-4.0.0.confd lxd + newinitd "${FILESDIR}"/lxd-4.0.9.initd lxd + + systemd_dounit "${T}"/lxd.service + systemd_newunit "${FILESDIR}"/lxd-containers-4.0.0.service lxd-containers.service + systemd_newunit "${FILESDIR}"/lxd-4.0.0.socket lxd.socket + + dodoc AUTHORS doc/* + use nls && domo po/*.mo +} + +pkg_postinst() { + elog + elog "Consult https://wiki.gentoo.org/wiki/LXD for more information," + elog "including a Quick Start." + elog "For virtual machine support, see:" + elog "https://wiki.gentoo.org/wiki/LXD#Virtual_machines" + elog + elog "Please run 'lxc-checkconfig' to see all optional kernel features." + elog + optfeature "virtual machine support" app-emulation/qemu[spice,usbredir,virtfs] + optfeature "btrfs storage backend" sys-fs/btrfs-progs + optfeature "lvm2 storage backend" sys-fs/lvm2 + optfeature "zfs storage backend" sys-fs/zfs + elog + elog "Be sure to add your local user to the lxd group." +} diff --git a/app-containers/lxd/lxd-5.0.2-r4.ebuild b/app-containers/lxd/lxd-5.0.2-r4.ebuild new file mode 100644 index 000000000000..f74e0a523ad9 --- /dev/null +++ b/app-containers/lxd/lxd-5.0.2-r4.ebuild @@ -0,0 +1,211 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit bash-completion-r1 go-module linux-info optfeature systemd verify-sig + +DESCRIPTION="Modern, secure and powerful system container and virtual machine manager" +HOMEPAGE="https://ubuntu.com/lxd https://github.com/canonical/lxd" +SRC_URI="https://linuxcontainers.org/downloads/lxd/${P}.tar.gz + verify-sig? ( https://linuxcontainers.org/downloads/lxd/${P}.tar.gz.asc )" + +LICENSE="Apache-2.0 BSD LGPL-3 MIT" +SLOT="0/lts" +KEYWORDS="amd64 ~arm64 ~x86" +IUSE="apparmor nls" + +DEPEND="acct-group/lxd + app-arch/xz-utils + >=app-containers/lxc-5.0.0:=[apparmor?,seccomp(+)] + dev-db/sqlite:3 + >=dev-libs/dqlite-1.16.4:=[lz4] + dev-libs/lzo + >=dev-util/xdelta-3.0[lzma(+)] + net-dns/dnsmasq[dhcp] + sys-libs/libcap + virtual/udev" +RDEPEND="${DEPEND} + || ( + net-firewall/nftables[json] + ( + net-firewall/ebtables + net-firewall/iptables + ) + ) + sys-apps/iproute2 + sys-fs/fuse:* + >=sys-fs/lxcfs-5.0.0 + sys-fs/squashfs-tools[lzma] + virtual/acl" +BDEPEND="dev-lang/go + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-linuxcontainers )" + +CONFIG_CHECK=" + ~CGROUPS + ~IPC_NS + ~NET_NS + ~PID_NS + + ~SECCOMP + ~USER_NS + ~UTS_NS + + ~KVM + ~MACVTAP + ~VHOST_VSOCK +" + +ERROR_IPC_NS="CONFIG_IPC_NS is required." +ERROR_NET_NS="CONFIG_NET_NS is required." +ERROR_PID_NS="CONFIG_PID_NS is required." +ERROR_SECCOMP="CONFIG_SECCOMP is required." +ERROR_UTS_NS="CONFIG_UTS_NS is required." + +WARNING_KVM="CONFIG_KVM and CONFIG_KVM_AMD/-INTEL is required for virtual machines." +WARNING_MACVTAP="CONFIG_MACVTAP is required for virtual machines." +WARNING_VHOST_VSOCK="CONFIG_VHOST_VSOCK is required for virtual machines." + +# Go magic. +QA_PREBUILT="/usr/bin/fuidshift + /usr/bin/lxc + /usr/bin/lxc-to-lxd + /usr/bin/lxd-agent + /usr/bin/lxd-benchmark + /usr/bin/lxd-migrate + /usr/sbin/lxd" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/linuxcontainers.asc + +# The testsuite must be run as root. +# make: *** [Makefile:156: check] Error 1 +RESTRICT="test" + +GOPATH="${S}/_dist" + +PATCHES=( "${FILESDIR}"/lxd-5.0.2-remove-shellcheck-buildsystem-checks.patch + "${FILESDIR}"/lxd-5.0.3-btrfs-quota-group-fix.patch ) + +src_prepare() { + export GOPATH="${S}/_dist" + + default + + sed -i \ + -e "s:\./configure:./configure --prefix=/usr --libdir=${EPREFIX}/usr/lib/lxd:g" \ + -e "s:make:make ${MAKEOPTS}:g" \ + Makefile || die + + # Fix hardcoded ovmf file path, see bug 763180 + sed -i \ + -e "s:/usr/share/OVMF:/usr/share/edk2-ovmf:g" \ + -e "s:OVMF_VARS.ms.fd:OVMF_VARS.fd:g" \ + doc/environment.md \ + lxd/apparmor/instance.go \ + lxd/apparmor/instance_qemu.go \ + lxd/instance/drivers/driver_qemu.go || die "Failed to fix hardcoded ovmf paths." + + # Fix hardcoded virtfs-proxy-helper file path, see bug 798924 + sed -i \ + -e "s:/usr/lib/qemu/virtfs-proxy-helper:/usr/libexec/virtfs-proxy-helper:g" \ + lxd/device/device_utils_disk.go || die "Failed to fix virtfs-proxy-helper path." + + cp "${FILESDIR}"/lxd-4.0.9-r1.service "${T}"/lxd.service || die + if use apparmor; then + sed -i \ + '/^EnvironmentFile=.*/a ExecStartPre=\/usr\/libexec\/lxc\/lxc-apparmor-load' \ + "${T}"/lxd.service || die + fi + + # Disable -Werror's from go modules. + find "${S}" -name "cgo.go" -exec sed -i "s/ -Werror / /g" {} + || die +} + +src_configure() { :; } + +src_compile() { + export GOPATH="${S}/_dist" + export CGO_LDFLAGS_ALLOW="-Wl,-z,now" + + for k in fuidshift lxd-benchmark lxc lxc-to-lxd; do + go install -v -x "${S}/${k}" || die "failed compiling ${k}" + done + + go install -v -x -tags libsqlite3 "${S}"/lxd || die "Failed to build the daemon" + + # Needs to be built statically + CGO_ENABLED=0 go install -v -tags netgo "${S}"/lxd-migrate + CGO_ENABLED=0 go install -v -tags agent,netgo "${S}"/lxd-agent + + use nls && emake build-mo +} + +src_test() { + emake check +} + +src_install() { + export GOPATH="${S}/_dist" + local bindir="_dist/bin" + + dosbin ${bindir}/lxd + + for l in fuidshift lxd-agent lxd-benchmark lxd-migrate lxc lxc-to-lxd; do + dobin ${bindir}/${l} + done + + newbashcomp scripts/bash/lxd-client lxc + + newconfd "${FILESDIR}"/lxd-4.0.0.confd lxd + newinitd "${FILESDIR}"/lxd-5.0.2-r1.initd lxd + + systemd_dounit "${T}"/lxd.service + systemd_newunit "${FILESDIR}"/lxd-containers-4.0.0.service lxd-containers.service + systemd_newunit "${FILESDIR}"/lxd-4.0.0.socket lxd.socket + + dodoc AUTHORS + dodoc -r doc/* + use nls && domo po/*.mo +} + +pkg_postinst() { + elog + elog "Consult https://wiki.gentoo.org/wiki/LXD for more information," + elog "including a Quick Start." + elog "For virtual machine support, see:" + elog "https://wiki.gentoo.org/wiki/LXD#Virtual_machines" + elog + elog "Please run 'lxc-checkconfig' to see all optional kernel features." + elog + optfeature "virtual machine support" app-emulation/qemu[spice,usbredir,virtfs] + optfeature "btrfs storage backend" sys-fs/btrfs-progs + optfeature "ipv6 support" net-dns/dnsmasq[ipv6] + optfeature "full lxd-migrate support" net-misc/rsync + optfeature "lvm2 storage backend" sys-fs/lvm2 + optfeature "zfs storage backend" sys-fs/zfs + elog + elog "Be sure to add your local user to the lxd group." + + if [[ ${REPLACING_VERSIONS} ]] && + ver_test ${REPLACING_VERSIONS} -lt 5.0.1 && + has_version app-emulation/qemu[spice,usbredir,virtfs]; then + ewarn "" + ewarn "You're updating from <5.0.1. Due to incompatible API updates in the lxd-agent" + ewarn "product, you'll have to restart any running virtual machines before they work" + ewarn "properly." + ewarn "" + ewarn "Run: 'lxc restart your-vm' after the update for your vm's managed by lxd." + ewarn "" + fi + + if [[ ${REPLACING_VERSIONS} ]] && + has_version "sys-apps/openrc"; then + elog "" + elog "The new init.d script will attempt to mount " + elog " /sys/fs/cgroup/systemd" + elog "by default, which is needed to run systemd containers with openrc host." + elog "See the /etc/init.d/lxd file for requirements." + elog "" + fi +} diff --git a/app-containers/lxd/lxd-5.0.3-r2.ebuild b/app-containers/lxd/lxd-5.0.3-r2.ebuild new file mode 100644 index 000000000000..2a37a0ddeac2 --- /dev/null +++ b/app-containers/lxd/lxd-5.0.3-r2.ebuild @@ -0,0 +1,215 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit bash-completion-r1 go-module linux-info optfeature systemd verify-sig + +DESCRIPTION="Modern, secure and powerful system container and virtual machine manager" +HOMEPAGE="https://ubuntu.com/lxd https://github.com/canonical/lxd" +SRC_URI="https://github.com/canonical/lxd/releases/download/${P}/${P}.tar.gz + verify-sig? ( https://github.com/canonical/lxd/releases/download/${P}/${P}.tar.gz.asc +)" + +LICENSE="Apache-2.0 BSD LGPL-3 MIT" +SLOT="0/lts" +KEYWORDS="amd64 ~arm64 ~x86" +IUSE="apparmor nls" + +DEPEND="acct-group/lxd + app-arch/xz-utils + >=app-containers/lxc-5.0.0:=[apparmor?,seccomp(+)] + dev-db/sqlite:3 + >=dev-libs/dqlite-1.16.4:=[lz4] + dev-libs/lzo + >=dev-util/xdelta-3.0[lzma(+)] + net-dns/dnsmasq[dhcp] + sys-libs/libcap + virtual/udev" +RDEPEND="${DEPEND} + || ( + net-firewall/nftables[json] + ( + net-firewall/ebtables + net-firewall/iptables + ) + ) + sys-apps/iproute2 + sys-fs/fuse:* + >=sys-fs/lxcfs-5.0.0 + sys-fs/squashfs-tools[lzma] + virtual/acl" +BDEPEND="dev-lang/go + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-canonical )" + +CONFIG_CHECK=" + ~CGROUPS + ~IPC_NS + ~NET_NS + ~PID_NS + + ~SECCOMP + ~USER_NS + ~UTS_NS + + ~KVM + ~MACVTAP + ~VHOST_VSOCK +" + +ERROR_IPC_NS="CONFIG_IPC_NS is required." +ERROR_NET_NS="CONFIG_NET_NS is required." +ERROR_PID_NS="CONFIG_PID_NS is required." +ERROR_SECCOMP="CONFIG_SECCOMP is required." +ERROR_UTS_NS="CONFIG_UTS_NS is required." + +WARNING_KVM="CONFIG_KVM and CONFIG_KVM_AMD/-INTEL is required for virtual machines." +WARNING_MACVTAP="CONFIG_MACVTAP is required for virtual machines." +WARNING_VHOST_VSOCK="CONFIG_VHOST_VSOCK is required for virtual machines." + +# Go magic. +QA_PREBUILT="/usr/bin/fuidshift + /usr/bin/lxc + /usr/bin/lxc-to-lxd + /usr/bin/lxd-agent + /usr/bin/lxd-benchmark + /usr/bin/lxd-migrate + /usr/sbin/lxd" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/canonical.asc + +# The testsuite must be run as root. +# make: *** [Makefile:156: check] Error 1 +RESTRICT="test" + +GOPATH="${S}/_dist" + +PATCHES=( + "${FILESDIR}"/lxd-5.0.3-remove-shellcheck-buildsystem-checks.patch + "${FILESDIR}"/lxd-5.0.3-pr-12834-dont-stop-parsing-image-info.patch + "${FILESDIR}"/lxd-5.0.3-pr-12847-ignore-incus-archives.patch +) + +src_prepare() { + export GOPATH="${S}/_dist" + + default + + sed -i \ + -e "s:\./configure:./configure --prefix=/usr --libdir=${EPREFIX}/usr/lib/lxd:g" \ + -e "s:make:make ${MAKEOPTS}:g" \ + Makefile || die + + # Fix hardcoded ovmf file path, see bug 763180 + sed -i \ + -e "s:/usr/share/OVMF:/usr/share/edk2-ovmf:g" \ + -e "s:OVMF_VARS.ms.fd:OVMF_VARS.fd:g" \ + doc/environment.md \ + lxd/apparmor/instance.go \ + lxd/apparmor/instance_qemu.go \ + lxd/instance/drivers/driver_qemu.go || die "Failed to fix hardcoded ovmf paths." + + # Fix hardcoded virtfs-proxy-helper file path, see bug 798924 + sed -i \ + -e "s:/usr/lib/qemu/virtfs-proxy-helper:/usr/libexec/virtfs-proxy-helper:g" \ + lxd/device/device_utils_disk.go || die "Failed to fix virtfs-proxy-helper path." + + cp "${FILESDIR}"/lxd-4.0.9-r1.service "${T}"/lxd.service || die + if use apparmor; then + sed -i \ + '/^EnvironmentFile=.*/a ExecStartPre=\/usr\/libexec\/lxc\/lxc-apparmor-load' \ + "${T}"/lxd.service || die + fi + + # Disable -Werror's from go modules. + find "${S}" -name "cgo.go" -exec sed -i "s/ -Werror / /g" {} + || die +} + +src_configure() { :; } + +src_compile() { + export GOPATH="${S}/_dist" + export CGO_LDFLAGS_ALLOW="-Wl,-z,now" + + for k in fuidshift lxd-benchmark lxc lxc-to-lxd; do + go install -v -x "${S}/${k}" || die "failed compiling ${k}" + done + + go install -v -x -tags libsqlite3 "${S}"/lxd || die "Failed to build the daemon" + + # Needs to be built statically + CGO_ENABLED=0 go install -v -tags netgo "${S}"/lxd-migrate + CGO_ENABLED=0 go install -v -tags agent,netgo "${S}"/lxd-agent + + use nls && emake build-mo +} + +src_test() { + emake check +} + +src_install() { + export GOPATH="${S}/_dist" + local bindir="_dist/bin" + + dosbin ${bindir}/lxd + + for l in fuidshift lxd-agent lxd-benchmark lxd-migrate lxc lxc-to-lxd; do + dobin ${bindir}/${l} + done + + newbashcomp scripts/bash/lxd-client lxc + + newconfd "${FILESDIR}"/lxd-4.0.0.confd lxd + newinitd "${FILESDIR}"/lxd-5.0.2-r1.initd lxd + + systemd_dounit "${T}"/lxd.service + systemd_newunit "${FILESDIR}"/lxd-containers-4.0.0.service lxd-containers.service + systemd_newunit "${FILESDIR}"/lxd-4.0.0.socket lxd.socket + + dodoc AUTHORS + dodoc -r doc/* + use nls && domo po/*.mo +} + +pkg_postinst() { + elog + elog "Consult https://wiki.gentoo.org/wiki/LXD for more information," + elog "including a Quick Start." + elog "For virtual machine support, see:" + elog "https://wiki.gentoo.org/wiki/LXD#Virtual_machines" + elog + elog "Please run 'lxc-checkconfig' to see all optional kernel features." + elog + optfeature "virtual machine support" app-emulation/qemu[spice,usbredir,virtfs] + optfeature "btrfs storage backend" sys-fs/btrfs-progs + optfeature "ipv6 support" net-dns/dnsmasq[ipv6] + optfeature "full lxd-migrate support" net-misc/rsync + optfeature "lvm2 storage backend" sys-fs/lvm2 + optfeature "zfs storage backend" sys-fs/zfs + elog + elog "Be sure to add your local user to the lxd group." + + if [[ ${REPLACING_VERSIONS} ]] && + ver_test ${REPLACING_VERSIONS} -lt 5.0.1 && + has_version app-emulation/qemu[spice,usbredir,virtfs]; then + ewarn "" + ewarn "You're updating from <5.0.1. Due to incompatible API updates in the lxd-agent" + ewarn "product, you'll have to restart any running virtual machines before they work" + ewarn "properly." + ewarn "" + ewarn "Run: 'lxc restart your-vm' after the update for your vm's managed by lxd." + ewarn "" + fi + + if [[ ${REPLACING_VERSIONS} ]] && + has_version "sys-apps/openrc"; then + elog "" + elog "The new init.d script will attempt to mount " + elog " /sys/fs/cgroup/systemd" + elog "by default, which is needed to run systemd containers with openrc host." + elog "See the /etc/init.d/lxd file for requirements." + elog "" + fi +} diff --git a/app-containers/lxd/lxd-5.19-r1.ebuild b/app-containers/lxd/lxd-5.19-r1.ebuild new file mode 100644 index 000000000000..43ca84883aa1 --- /dev/null +++ b/app-containers/lxd/lxd-5.19-r1.ebuild @@ -0,0 +1,187 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit bash-completion-r1 go-module linux-info optfeature systemd verify-sig + +DESCRIPTION="Modern, secure and powerful system container and virtual machine manager" +HOMEPAGE="https://ubuntu.com/lxd https://github.com/canonical/lxd" +SRC_URI="https://github.com/canonical/lxd/releases/download/${P}/${P}.tar.gz + verify-sig? ( https://github.com/canonical/lxd/releases/download/${P}/${P}.tar.gz.asc +)" + +LICENSE="Apache-2.0 BSD LGPL-3 MIT" +SLOT="0/stable" +KEYWORDS="~amd64 ~arm64 ~x86" +IUSE="apparmor nls" + +DEPEND="acct-group/lxd + app-arch/xz-utils + >=app-containers/lxc-5.0.0:=[apparmor?,seccomp(+)] + dev-db/sqlite:3 + >=dev-libs/dqlite-1.16.4:=[lz4] + dev-libs/lzo + >=dev-util/xdelta-3.0[lzma(+)] + net-dns/dnsmasq[dhcp] + sys-libs/libcap + virtual/udev" +RDEPEND="${DEPEND} + || ( + net-firewall/nftables[json] + ( + net-firewall/ebtables + net-firewall/iptables + ) + ) + sys-apps/iproute2 + sys-fs/fuse:3 + >=sys-fs/lxcfs-5.0.0 + sys-fs/squashfs-tools[lzma] + virtual/acl" +BDEPEND="dev-lang/go + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-canonical )" + +CONFIG_CHECK=" + ~CGROUPS + ~IPC_NS + ~NET_NS + ~PID_NS + + ~SECCOMP + ~USER_NS + ~UTS_NS + + ~KVM + ~MACVTAP + ~VHOST_VSOCK +" + +ERROR_IPC_NS="CONFIG_IPC_NS is required." +ERROR_NET_NS="CONFIG_NET_NS is required." +ERROR_PID_NS="CONFIG_PID_NS is required." +ERROR_SECCOMP="CONFIG_SECCOMP is required." +ERROR_UTS_NS="CONFIG_UTS_NS is required." + +WARNING_KVM="CONFIG_KVM and CONFIG_KVM_AMD/-INTEL is required for virtual machines." +WARNING_MACVTAP="CONFIG_MACVTAP is required for virtual machines." +WARNING_VHOST_VSOCK="CONFIG_VHOST_VSOCK is required for virtual machines." + +# Go magic. +QA_PREBUILT="/usr/bin/fuidshift + /usr/bin/lxc + /usr/bin/lxc-to-lxd + /usr/bin/lxd-agent + /usr/bin/lxd-benchmark + /usr/bin/lxd-migrate + /usr/sbin/lxd" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/canonical.asc + +# The testsuite must be run as root. +# make: *** [Makefile:156: check] Error 1 +RESTRICT="test" + +GOPATH="${S}/_dist" + +src_prepare() { + export GOPATH="${S}/_dist" + + default + + sed -i \ + -e "s:\./configure:./configure --prefix=/usr --libdir=${EPREFIX}/usr/lib/lxd:g" \ + -e "s:make:make ${MAKEOPTS}:g" \ + Makefile || die + + # Fix hardcoded ovmf file path, see bug 763180 + sed -i \ + -e "s:/usr/share/OVMF:/usr/share/edk2-ovmf:g" \ + -e "s:OVMF_VARS.ms.fd:OVMF_VARS.fd:g" \ + doc/environment.md \ + lxd/apparmor/instance.go \ + lxd/apparmor/instance_qemu.go \ + lxd/instance/drivers/driver_qemu.go || die "Failed to fix hardcoded ovmf paths." + + # Fix hardcoded virtfs-proxy-helper file path, see bug 798924 + sed -i \ + -e "s:/usr/lib/qemu/virtfs-proxy-helper:/usr/libexec/virtfs-proxy-helper:g" \ + lxd/device/device_utils_disk.go || die "Failed to fix virtfs-proxy-helper path." + + cp "${FILESDIR}"/lxd-4.0.9-r1.service "${T}"/lxd.service || die + if use apparmor; then + sed -i \ + '/^EnvironmentFile=.*/a ExecStartPre=\/usr\/libexec\/lxc\/lxc-apparmor-load' \ + "${T}"/lxd.service || die + fi + + # Disable -Werror's from go modules. + find "${S}" -name "cgo.go" -exec sed -i "s/ -Werror / /g" {} + || die +} + +src_configure() { :; } + +src_compile() { + export GOPATH="${S}/_dist" + export CGO_LDFLAGS_ALLOW="-Wl,-z,now" + + for k in fuidshift lxd-benchmark lxc lxc-to-lxd; do + go install -v -x "${S}/${k}" || die "failed compiling ${k}" + done + + go install -v -x -tags libsqlite3 "${S}"/lxd || die "Failed to build the daemon" + + # Needs to be built statically + CGO_ENABLED=0 go install -v -tags netgo "${S}"/lxd-migrate + CGO_ENABLED=0 go install -v -tags agent,netgo "${S}"/lxd-agent + + use nls && emake build-mo +} + +src_test() { + emake check +} + +src_install() { + export GOPATH="${S}/_dist" + local bindir="_dist/bin" + + dosbin ${bindir}/lxd + + for l in fuidshift lxd-agent lxd-benchmark lxd-migrate lxc lxc-to-lxd; do + dobin ${bindir}/${l} + done + + newbashcomp scripts/bash/lxd-client lxc + + newconfd "${FILESDIR}"/lxd-4.0.0.confd lxd + newinitd "${FILESDIR}"/lxd-5.0.2-r1.initd lxd + + systemd_dounit "${T}"/lxd.service + systemd_newunit "${FILESDIR}"/lxd-containers-4.0.0.service lxd-containers.service + systemd_newunit "${FILESDIR}"/lxd-4.0.0.socket lxd.socket + + dodoc AUTHORS + dodoc -r doc/* + use nls && domo po/*.mo +} + +pkg_postinst() { + elog + elog "Consult https://wiki.gentoo.org/wiki/LXD for more information," + elog "including a Quick Start." + elog "For virtual machine support, see:" + elog "https://wiki.gentoo.org/wiki/LXD#Virtual_machines" + elog + elog "Please run 'lxc-checkconfig' to see all optional kernel features." + elog + optfeature "virtual machine support" app-emulation/qemu[spice,usbredir,virtfs] + optfeature "btrfs storage backend" sys-fs/btrfs-progs + optfeature "ipv6 support" net-dns/dnsmasq[ipv6] + optfeature "full lxd-migrate support" net-misc/rsync + optfeature "lvm2 storage backend" sys-fs/lvm2 + optfeature "zfs storage backend" sys-fs/zfs + elog + elog "Be sure to add your local user to the lxd group." +} diff --git a/app-containers/lxd/lxd-5.20-r1.ebuild b/app-containers/lxd/lxd-5.20-r1.ebuild new file mode 100644 index 000000000000..d7165784ee4d --- /dev/null +++ b/app-containers/lxd/lxd-5.20-r1.ebuild @@ -0,0 +1,187 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit bash-completion-r1 go-module linux-info optfeature systemd verify-sig + +DESCRIPTION="Modern, secure and powerful system container and virtual machine manager" +HOMEPAGE="https://ubuntu.com/lxd https://github.com/canonical/lxd" +SRC_URI="https://github.com/canonical/lxd/releases/download/${P}/${P}.tar.gz + verify-sig? ( https://github.com/canonical/lxd/releases/download/${P}/${P}.tar.gz.asc +)" + +LICENSE="Apache-2.0 AGPL-3+ BSD LGPL-3 MIT" +SLOT="0/stable" +KEYWORDS="~amd64 ~arm64 ~x86" +IUSE="apparmor nls" + +DEPEND="acct-group/lxd + app-arch/xz-utils + >=app-containers/lxc-5.0.0:=[apparmor?,seccomp(+)] + dev-db/sqlite:3 + >=dev-libs/dqlite-1.16.4:=[lz4] + dev-libs/lzo + >=dev-util/xdelta-3.0[lzma(+)] + net-dns/dnsmasq[dhcp] + sys-libs/libcap + virtual/udev" +RDEPEND="${DEPEND} + || ( + net-firewall/nftables[json] + ( + net-firewall/ebtables + net-firewall/iptables + ) + ) + sys-apps/iproute2 + sys-fs/fuse:3 + >=sys-fs/lxcfs-5.0.0 + sys-fs/squashfs-tools[lzma] + virtual/acl" +BDEPEND=">=dev-lang/go-1.20 + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-canonical )" + +CONFIG_CHECK=" + ~CGROUPS + ~IPC_NS + ~NET_NS + ~PID_NS + + ~SECCOMP + ~USER_NS + ~UTS_NS + + ~KVM + ~MACVTAP + ~VHOST_VSOCK +" + +ERROR_IPC_NS="CONFIG_IPC_NS is required." +ERROR_NET_NS="CONFIG_NET_NS is required." +ERROR_PID_NS="CONFIG_PID_NS is required." +ERROR_SECCOMP="CONFIG_SECCOMP is required." +ERROR_UTS_NS="CONFIG_UTS_NS is required." + +WARNING_KVM="CONFIG_KVM and CONFIG_KVM_AMD/-INTEL is required for virtual machines." +WARNING_MACVTAP="CONFIG_MACVTAP is required for virtual machines." +WARNING_VHOST_VSOCK="CONFIG_VHOST_VSOCK is required for virtual machines." + +# Go magic. +QA_PREBUILT="/usr/bin/fuidshift + /usr/bin/lxc + /usr/bin/lxc-to-lxd + /usr/bin/lxd-agent + /usr/bin/lxd-benchmark + /usr/bin/lxd-migrate + /usr/sbin/lxd" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/canonical.asc + +# The testsuite must be run as root. +# make: *** [Makefile:156: check] Error 1 +RESTRICT="test" + +GOPATH="${S}/_dist" + +src_prepare() { + export GOPATH="${S}/_dist" + + default + + sed -i \ + -e "s:\./configure:./configure --prefix=/usr --libdir=${EPREFIX}/usr/lib/lxd:g" \ + -e "s:make:make ${MAKEOPTS}:g" \ + Makefile || die + + # Fix hardcoded ovmf file path, see bug 763180 + sed -i \ + -e "s:/usr/share/OVMF:/usr/share/edk2-ovmf:g" \ + -e "s:OVMF_VARS.ms.fd:OVMF_VARS.fd:g" \ + doc/environment.md \ + lxd/apparmor/instance.go \ + lxd/apparmor/instance_qemu.go \ + lxd/instance/drivers/driver_qemu.go || die "Failed to fix hardcoded ovmf paths." + + # Fix hardcoded virtfs-proxy-helper file path, see bug 798924 + sed -i \ + -e "s:/usr/lib/qemu/virtfs-proxy-helper:/usr/libexec/virtfs-proxy-helper:g" \ + lxd/device/device_utils_disk.go || die "Failed to fix virtfs-proxy-helper path." + + cp "${FILESDIR}"/lxd-4.0.9-r1.service "${T}"/lxd.service || die + if use apparmor; then + sed -i \ + '/^EnvironmentFile=.*/a ExecStartPre=\/usr\/libexec\/lxc\/lxc-apparmor-load' \ + "${T}"/lxd.service || die + fi + + # Disable -Werror's from go modules. + find "${S}" -name "cgo.go" -exec sed -i "s/ -Werror / /g" {} + || die +} + +src_configure() { :; } + +src_compile() { + export GOPATH="${S}/_dist" + export CGO_LDFLAGS_ALLOW="-Wl,-z,now" + + for k in fuidshift lxd-benchmark lxc lxc-to-lxd; do + go install -v -x "${S}/${k}" || die "failed compiling ${k}" + done + + go install -v -x -tags libsqlite3 "${S}"/lxd || die "Failed to build the daemon" + + # Needs to be built statically + CGO_ENABLED=0 go install -v -tags netgo "${S}"/lxd-migrate + CGO_ENABLED=0 go install -v -tags agent,netgo "${S}"/lxd-agent + + use nls && emake build-mo +} + +src_test() { + emake check +} + +src_install() { + export GOPATH="${S}/_dist" + local bindir="_dist/bin" + + dosbin ${bindir}/lxd + + for l in fuidshift lxd-agent lxd-benchmark lxd-migrate lxc lxc-to-lxd; do + dobin ${bindir}/${l} + done + + newbashcomp scripts/bash/lxd-client lxc + + newconfd "${FILESDIR}"/lxd-4.0.0.confd lxd + newinitd "${FILESDIR}"/lxd-5.0.2-r1.initd lxd + + systemd_dounit "${T}"/lxd.service + systemd_newunit "${FILESDIR}"/lxd-containers-4.0.0.service lxd-containers.service + systemd_newunit "${FILESDIR}"/lxd-4.0.0.socket lxd.socket + + dodoc AUTHORS + dodoc -r doc/* + use nls && domo po/*.mo +} + +pkg_postinst() { + elog + elog "Consult https://wiki.gentoo.org/wiki/LXD for more information," + elog "including a Quick Start." + elog "For virtual machine support, see:" + elog "https://wiki.gentoo.org/wiki/LXD#Virtual_machines" + elog + elog "Please run 'lxc-checkconfig' to see all optional kernel features." + elog + optfeature "virtual machine support" app-emulation/qemu[spice,usbredir,virtfs] + optfeature "btrfs storage backend" sys-fs/btrfs-progs + optfeature "ipv6 support" net-dns/dnsmasq[ipv6] + optfeature "full lxd-migrate support" net-misc/rsync + optfeature "lvm2 storage backend" sys-fs/lvm2 + optfeature "zfs storage backend" sys-fs/zfs + elog + elog "Be sure to add your local user to the lxd group." +} diff --git a/app-containers/lxd/lxd-5.21.1.ebuild b/app-containers/lxd/lxd-5.21.1.ebuild new file mode 100644 index 000000000000..d7165784ee4d --- /dev/null +++ b/app-containers/lxd/lxd-5.21.1.ebuild @@ -0,0 +1,187 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit bash-completion-r1 go-module linux-info optfeature systemd verify-sig + +DESCRIPTION="Modern, secure and powerful system container and virtual machine manager" +HOMEPAGE="https://ubuntu.com/lxd https://github.com/canonical/lxd" +SRC_URI="https://github.com/canonical/lxd/releases/download/${P}/${P}.tar.gz + verify-sig? ( https://github.com/canonical/lxd/releases/download/${P}/${P}.tar.gz.asc +)" + +LICENSE="Apache-2.0 AGPL-3+ BSD LGPL-3 MIT" +SLOT="0/stable" +KEYWORDS="~amd64 ~arm64 ~x86" +IUSE="apparmor nls" + +DEPEND="acct-group/lxd + app-arch/xz-utils + >=app-containers/lxc-5.0.0:=[apparmor?,seccomp(+)] + dev-db/sqlite:3 + >=dev-libs/dqlite-1.16.4:=[lz4] + dev-libs/lzo + >=dev-util/xdelta-3.0[lzma(+)] + net-dns/dnsmasq[dhcp] + sys-libs/libcap + virtual/udev" +RDEPEND="${DEPEND} + || ( + net-firewall/nftables[json] + ( + net-firewall/ebtables + net-firewall/iptables + ) + ) + sys-apps/iproute2 + sys-fs/fuse:3 + >=sys-fs/lxcfs-5.0.0 + sys-fs/squashfs-tools[lzma] + virtual/acl" +BDEPEND=">=dev-lang/go-1.20 + nls? ( sys-devel/gettext ) + verify-sig? ( sec-keys/openpgp-keys-canonical )" + +CONFIG_CHECK=" + ~CGROUPS + ~IPC_NS + ~NET_NS + ~PID_NS + + ~SECCOMP + ~USER_NS + ~UTS_NS + + ~KVM + ~MACVTAP + ~VHOST_VSOCK +" + +ERROR_IPC_NS="CONFIG_IPC_NS is required." +ERROR_NET_NS="CONFIG_NET_NS is required." +ERROR_PID_NS="CONFIG_PID_NS is required." +ERROR_SECCOMP="CONFIG_SECCOMP is required." +ERROR_UTS_NS="CONFIG_UTS_NS is required." + +WARNING_KVM="CONFIG_KVM and CONFIG_KVM_AMD/-INTEL is required for virtual machines." +WARNING_MACVTAP="CONFIG_MACVTAP is required for virtual machines." +WARNING_VHOST_VSOCK="CONFIG_VHOST_VSOCK is required for virtual machines." + +# Go magic. +QA_PREBUILT="/usr/bin/fuidshift + /usr/bin/lxc + /usr/bin/lxc-to-lxd + /usr/bin/lxd-agent + /usr/bin/lxd-benchmark + /usr/bin/lxd-migrate + /usr/sbin/lxd" + +VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/canonical.asc + +# The testsuite must be run as root. +# make: *** [Makefile:156: check] Error 1 +RESTRICT="test" + +GOPATH="${S}/_dist" + +src_prepare() { + export GOPATH="${S}/_dist" + + default + + sed -i \ + -e "s:\./configure:./configure --prefix=/usr --libdir=${EPREFIX}/usr/lib/lxd:g" \ + -e "s:make:make ${MAKEOPTS}:g" \ + Makefile || die + + # Fix hardcoded ovmf file path, see bug 763180 + sed -i \ + -e "s:/usr/share/OVMF:/usr/share/edk2-ovmf:g" \ + -e "s:OVMF_VARS.ms.fd:OVMF_VARS.fd:g" \ + doc/environment.md \ + lxd/apparmor/instance.go \ + lxd/apparmor/instance_qemu.go \ + lxd/instance/drivers/driver_qemu.go || die "Failed to fix hardcoded ovmf paths." + + # Fix hardcoded virtfs-proxy-helper file path, see bug 798924 + sed -i \ + -e "s:/usr/lib/qemu/virtfs-proxy-helper:/usr/libexec/virtfs-proxy-helper:g" \ + lxd/device/device_utils_disk.go || die "Failed to fix virtfs-proxy-helper path." + + cp "${FILESDIR}"/lxd-4.0.9-r1.service "${T}"/lxd.service || die + if use apparmor; then + sed -i \ + '/^EnvironmentFile=.*/a ExecStartPre=\/usr\/libexec\/lxc\/lxc-apparmor-load' \ + "${T}"/lxd.service || die + fi + + # Disable -Werror's from go modules. + find "${S}" -name "cgo.go" -exec sed -i "s/ -Werror / /g" {} + || die +} + +src_configure() { :; } + +src_compile() { + export GOPATH="${S}/_dist" + export CGO_LDFLAGS_ALLOW="-Wl,-z,now" + + for k in fuidshift lxd-benchmark lxc lxc-to-lxd; do + go install -v -x "${S}/${k}" || die "failed compiling ${k}" + done + + go install -v -x -tags libsqlite3 "${S}"/lxd || die "Failed to build the daemon" + + # Needs to be built statically + CGO_ENABLED=0 go install -v -tags netgo "${S}"/lxd-migrate + CGO_ENABLED=0 go install -v -tags agent,netgo "${S}"/lxd-agent + + use nls && emake build-mo +} + +src_test() { + emake check +} + +src_install() { + export GOPATH="${S}/_dist" + local bindir="_dist/bin" + + dosbin ${bindir}/lxd + + for l in fuidshift lxd-agent lxd-benchmark lxd-migrate lxc lxc-to-lxd; do + dobin ${bindir}/${l} + done + + newbashcomp scripts/bash/lxd-client lxc + + newconfd "${FILESDIR}"/lxd-4.0.0.confd lxd + newinitd "${FILESDIR}"/lxd-5.0.2-r1.initd lxd + + systemd_dounit "${T}"/lxd.service + systemd_newunit "${FILESDIR}"/lxd-containers-4.0.0.service lxd-containers.service + systemd_newunit "${FILESDIR}"/lxd-4.0.0.socket lxd.socket + + dodoc AUTHORS + dodoc -r doc/* + use nls && domo po/*.mo +} + +pkg_postinst() { + elog + elog "Consult https://wiki.gentoo.org/wiki/LXD for more information," + elog "including a Quick Start." + elog "For virtual machine support, see:" + elog "https://wiki.gentoo.org/wiki/LXD#Virtual_machines" + elog + elog "Please run 'lxc-checkconfig' to see all optional kernel features." + elog + optfeature "virtual machine support" app-emulation/qemu[spice,usbredir,virtfs] + optfeature "btrfs storage backend" sys-fs/btrfs-progs + optfeature "ipv6 support" net-dns/dnsmasq[ipv6] + optfeature "full lxd-migrate support" net-misc/rsync + optfeature "lvm2 storage backend" sys-fs/lvm2 + optfeature "zfs storage backend" sys-fs/zfs + elog + elog "Be sure to add your local user to the lxd group." +} diff --git a/app-containers/lxd/metadata.xml b/app-containers/lxd/metadata.xml new file mode 100644 index 000000000000..ee1b9a718c31 --- /dev/null +++ b/app-containers/lxd/metadata.xml @@ -0,0 +1,35 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>juippis@gentoo.org</email> + <name>Joonas Niilola</name> + </maintainer> + <maintainer type="person" proxied="yes"> + <email>brahmajit.xyz@gmail.com</email> + <name>Brahmajit Das</name> + </maintainer> + <maintainer type="project"> + <email>virtualization@gentoo.org</email> + <name>Gentoo Virtualization Project</name> + </maintainer> + <longdescription> + LXD is a modern, secure and powerful system container and virtual machine manager. + + It provides a unified experience for running and managing full Linux systems inside containers + or virtual machines. LXD supplies images for a wide number of Linux distributions and is built + around a very powerful, yet pretty simple, REST API. LXD scales from one instance on a single + machine to a cluster in a full data center rack, making it suitable for running workloads both + for development and in production. + + LXD allows you to easily set up a system that feels like a small private cloud. You can run any + type of workload in an efficient way while keeping your resources optimized. + + You should consider using LXD if you want to containerize different environments or run virtual + machines, or in general run and manage your infrastructure in a cost-effective way. + </longdescription> + <upstream> + <remote-id type="github">canonical/lxd</remote-id> + <remote-id type="cpe">cpe:/a:linuxcontainers:lxd</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/metadata.xml b/app-containers/metadata.xml new file mode 100644 index 000000000000..65e29673ea3d --- /dev/null +++ b/app-containers/metadata.xml @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE catmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<catmetadata> + <longdescription lang="en"> + The app-containers category contains container related software. + </longdescription> + <longdescription lang="de"> + Die Kategorie app-containers enthält Container-bezogene Software. + </longdescription> +</catmetadata> diff --git a/app-containers/nerdctl/Manifest b/app-containers/nerdctl/Manifest new file mode 100644 index 000000000000..2f1673410118 --- /dev/null +++ b/app-containers/nerdctl/Manifest @@ -0,0 +1,4 @@ +DIST nerdctl-1.7.4-go-mod-vendor.tar.gz 7197938 BLAKE2B 14a95cd634acc652d5532d1c6aa28abf24c1cf26393d63fd627e864ba73e5f3355832afd8c3c31eb0dcef9ae1d82c35a7df49c017c5719b45145496ec9243e79 SHA512 aefc9d23114bb2ca0a640287ed27e2afeeb9075a4fdfa33817310300ac8a1ca492defd4a5436f71f4f06a2b8916a75793ce846eac0878a8e51e1accadd21d13f +DIST nerdctl-1.7.4.tar.gz 516231 BLAKE2B 3f1726945c5b816b4ca922187ae0bde0af82ca38227fe3ad2509b8b1654a2ee22d3929296d9633275cc7c3495202c66d90a956ac92c790f17eb2d1254bdb2c17 SHA512 a2cf60e2d704bef6a9c2abc697ef44a6a833b5fcc276bbffec503437281c830e2cd73fc541ef85be2444bad8f2b827c832b7685a3c74ebba503019ed39a19d75 +DIST nerdctl-1.7.5-go-mod-vendor.tar.gz 7229228 BLAKE2B 24dd81b3b54542e8723c44d75e653414c75be9e0e56095e7afe6886d2bde6febdc91b7ef903009145c77a57dd4780bbceda58851b39e7375141066abc20f2f1f SHA512 265d9ae58ec221611c9f7666de2748bf8519a7ba8b3bc0bd3b1e97d671bfc11c7d51cd4512d52000a579c8f5e4bd7e4c5a4bf469853b481c838262001bd9dd65 +DIST nerdctl-1.7.5.tar.gz 517127 BLAKE2B 800fc487c60ea62641b26a1b41f95747bd39467d8e1c7fd7b5302c5d515c2e6765fcf7ef8860b3cbfe04428fe849a7293ec914bae3da65ac6418a1f5c789d832 SHA512 3e35c5e3c68c675d23c1a106d267f62c2e36cd8026308ac6237fa5aa2f3ebaea0f47888e6702290f40c26f543e90bca91d76cae28b74732e8fb351f6ef2441f9 diff --git a/app-containers/nerdctl/metadata.xml b/app-containers/nerdctl/metadata.xml new file mode 100644 index 000000000000..364fdaa26268 --- /dev/null +++ b/app-containers/nerdctl/metadata.xml @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + <name>Zac Medico</name> + </maintainer> + <use> + <flag name="rootless"> + Enables dependencies for running in rootless mode. + </flag> + </use> + <upstream> + <remote-id type="github">containerd/nerdctl</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/nerdctl/nerdctl-1.7.4.ebuild b/app-containers/nerdctl/nerdctl-1.7.4.ebuild new file mode 100644 index 000000000000..43a574817df7 --- /dev/null +++ b/app-containers/nerdctl/nerdctl-1.7.4.ebuild @@ -0,0 +1,53 @@ +# Copyright 2021-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module + +EGIT_COMMIT="7b5f7e0d8f705ed4e54f7040512327e231433366" + +DESCRIPTION="Docker-compatible CLI for containerd, with support for Compose" +HOMEPAGE="https://github.com/containerd/nerdctl" +SRC_URI=" + https://github.com/containerd/${PN}/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz + https://github.com/containerd/${PN}/releases/download/v${PV}/${P}-go-mod-vendor.tar.gz +" + +LICENSE="Apache-2.0" +LICENSE+=" BSD BSD-2 ISC MIT" +SLOT="0" +KEYWORDS="~amd64" +IUSE="rootless" + +DEPEND=" + rootless? ( + app-containers/slirp4netns + sys-apps/rootlesskit + ) +" +RDEPEND="${DEPEND}" + +src_unpack() { + unpack "${P}.tar.gz" + cd "${S}" + unpack "${P}-go-mod-vendor.tar.gz" +} + +src_compile() { + emake VERSION=v${PV} REVISION="${EGIT_COMMIT}" +} + +src_install() { + local emake_args=( + DESTDIR="${D}" + VERSION=v${PV} + REVISION="${EGIT_COMMIT}" + DOCDIR="${EPREFIX}/usr/share/doc/${PF}" + PREFIX="${EPREFIX}/usr" + install + ) + emake "${emake_args[@]}" + DOCS=( README.md docs/* examples ) + einstalldocs +} diff --git a/app-containers/nerdctl/nerdctl-1.7.5.ebuild b/app-containers/nerdctl/nerdctl-1.7.5.ebuild new file mode 100644 index 000000000000..a4e11f03f281 --- /dev/null +++ b/app-containers/nerdctl/nerdctl-1.7.5.ebuild @@ -0,0 +1,53 @@ +# Copyright 2021-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module + +EGIT_COMMIT="cffed372371dcbea3dc9a646ce5a913fc1c09513" + +DESCRIPTION="Docker-compatible CLI for containerd, with support for Compose" +HOMEPAGE="https://github.com/containerd/nerdctl" +SRC_URI=" + https://github.com/containerd/${PN}/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz + https://github.com/containerd/${PN}/releases/download/v${PV}/${P}-go-mod-vendor.tar.gz +" + +LICENSE="Apache-2.0" +LICENSE+=" BSD BSD-2 ISC MIT" +SLOT="0" +KEYWORDS="~amd64" +IUSE="rootless" + +DEPEND=" + rootless? ( + app-containers/slirp4netns + sys-apps/rootlesskit + ) +" +RDEPEND="${DEPEND}" + +src_unpack() { + unpack "${P}.tar.gz" + cd "${S}" + unpack "${P}-go-mod-vendor.tar.gz" +} + +src_compile() { + emake VERSION=v${PV} REVISION="${EGIT_COMMIT}" +} + +src_install() { + local emake_args=( + DESTDIR="${D}" + VERSION=v${PV} + REVISION="${EGIT_COMMIT}" + DOCDIR="${EPREFIX}/usr/share/doc/${PF}" + PREFIX="${EPREFIX}/usr" + install + ) + emake "${emake_args[@]}" + DOCS=( README.md docs/* examples ) + einstalldocs +} diff --git a/app-containers/netavark/Manifest b/app-containers/netavark/Manifest new file mode 100644 index 000000000000..5987fb7d613a --- /dev/null +++ b/app-containers/netavark/Manifest @@ -0,0 +1,6 @@ +DIST netavark-1.10.2.crate 154261 BLAKE2B 2da5b12917f5db01d82c47808f403e06d6abbcbad0b777d1871de73d52d25219e3d6f8db48feb862aff8a20ed2184c728e813871aa1acc1d02e3997987a932b6 SHA512 362dd2652b3a9d9d1dec99cd85bc6e74b323d86b79ded742e68472e0b58881a5306d7217218d88e27d5e1c4094f2d67c9cb766d4b4c1ee2185c8b4fcbd299e3d +DIST netavark-1.10.3.crate 154416 BLAKE2B a7750304484ae820eb3bb1bc4de8c2ad22d95494fe10471014e0eb999fb7578c5e9c2ab352fe357d964d701206ee7016f87134a62afe0a03cd1b574cae1264ca SHA512 6ed9cd5a69a6eacc4ad839a82680c7b98d453564aadee41eb6ea632223fba7fbdb20f11e4146dc74b6c6d3695ac50624424b3260dbb7769a4100a918e4328dbf +DIST netavark-1.9.0.crate 139321 BLAKE2B c0c40c5b109544c094bf83ba9c73f829472c7703a72e25ec3dcb9b62b926f404618b2cb143fcc944f2240db074de14e711115d6f51d722125e152eea0ac0a631 SHA512 7a5fb4a856b5815c141ad63abbe0f122d762a411b86189add76cfff99adfdb066e24a7b577683950efdc39f2b7955bbdfb31f2c1c41037702fb732916e8aeebe +DIST netavark-v1.10.2-vendor.tar.gz 16135498 BLAKE2B 607cad9d80067d579adaafdea22b238f5e2f6f92a3c6aed530c8e97bce2f7f869adeabbc7b7d1c04f7c517459112c42b5588aa3ccbf04d5205d2b8212c1e7a42 SHA512 a5079b724d25af60cc094dd5c0bc9e01d503f64bee7ef1c8e616e79793726d848a5e000d951f02d2516f10feea23e30ab637b37ae09da5580f4edb1e783240c0 +DIST netavark-v1.10.3-vendor.tar.gz 16135507 BLAKE2B 114519b76d932c5918fd91cea73e8bc9f5aa3a63275f9218e667e400c3e2512e5db29ce806b5e5b509b043c04a3436344a27cf170e203d4360d00247e48b5ca9 SHA512 b8a99f45ba4ebb20414fe052ff08b1e7a7a86994c7dfa2f36d0500d52bcbd2d279aeff19fb0844a65e2375e86da33af735851f038f598771d2dac96ff7e032a5 +DIST netavark-v1.9.0-vendor.tar.gz 16032862 BLAKE2B 313bcde75f2355dab3fa4fdc82881109924c07408aa352e92b590356cf292cd60ad39d8ef31687935e3fed6f22ec8c3b8f26e6eae21fdf211c29c83b745c8a84 SHA512 a5c11dd47122490579a260b6ac3b1c8f01d1c2881e58dbcc5bece398c7d6ef01f376f8c342df4ef619b135cc92a95c48741c8098413c33ede696c87a9cdcc96c diff --git a/app-containers/netavark/metadata.xml b/app-containers/netavark/metadata.xml new file mode 100644 index 000000000000..d4dd8b9ce309 --- /dev/null +++ b/app-containers/netavark/metadata.xml @@ -0,0 +1,26 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + <name>Zac Medico</name> + </maintainer> + <maintainer type="person" proxied="yes"> + <email>me@rahil.rocks</email> + <name>Rahil Bhimjiani</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <longdescription lang="en"> + Netavark is a rust based network stack for containers. It is + being designed to work with Podman but is also applicable for + other OCI container management applications. + </longdescription> + <upstream> + <remote-id type="github">containers/netavark</remote-id> + <bugs-to>https://github.com/containers/netavark/issues</bugs-to> + <doc>https://github.com/containers/netavark/blob/main/README.md</doc> + </upstream> +</pkgmetadata> diff --git a/app-containers/netavark/netavark-1.10.2.ebuild b/app-containers/netavark/netavark-1.10.2.ebuild new file mode 100644 index 000000000000..a18be8dea54d --- /dev/null +++ b/app-containers/netavark/netavark-1.10.2.ebuild @@ -0,0 +1,59 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +[[ ${PV} == 9999* ]] || CRATES="${PN}@${PV}" + +inherit cargo systemd + +DESCRIPTION="A container network stack" +HOMEPAGE="https://github.com/containers/netavark" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/netavark.git" +else + SRC_URI="${CARGO_CRATE_URIS} https://github.com/containers/netavark/releases/download/v${PV}/${PN}-v${PV}-vendor.tar.gz" + KEYWORDS="~amd64 ~arm64 ~ppc64 ~riscv" +fi + +# main +LICENSE="Apache-2.0" +# deps +LICENSE+=" Apache-2.0-with-LLVM-exceptions BSD BSD-2 Boost-1.0 MIT Unicode-DFS-2016 Unlicense ZLIB" +SLOT="0" +BDEPEND="dev-go/go-md2man + dev-libs/protobuf" + +QA_FLAGS_IGNORED=" + usr/libexec/podman/${PN}" +QA_PRESTRIPPED=" + usr/libexec/podman/${PN}" + +ECARGO_VENDOR="${WORKDIR}/vendor" + +src_unpack() { + if [[ ${PV} == 9999* ]]; then + git-r3_src_unpack + cargo_live_src_unpack + else + cargo_src_unpack + fi +} + +src_prepare() { + default + sed -i -e "s|m0755 bin|m0755 target/$(usex debug debug release)|g;" Makefile || die +} + +src_compile() { + cargo_src_compile + export PREFIX="${EPREFIX}"/usr SYSTEMDDIR="$(systemd_get_systemunitdir)" + emake docs +} + +# Following is needed because we want to use `make install` instead of `cargo install` (exported by cargo.eclass) +src_install() { + default +} diff --git a/app-containers/netavark/netavark-1.10.3.ebuild b/app-containers/netavark/netavark-1.10.3.ebuild new file mode 100644 index 000000000000..a18be8dea54d --- /dev/null +++ b/app-containers/netavark/netavark-1.10.3.ebuild @@ -0,0 +1,59 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +[[ ${PV} == 9999* ]] || CRATES="${PN}@${PV}" + +inherit cargo systemd + +DESCRIPTION="A container network stack" +HOMEPAGE="https://github.com/containers/netavark" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/netavark.git" +else + SRC_URI="${CARGO_CRATE_URIS} https://github.com/containers/netavark/releases/download/v${PV}/${PN}-v${PV}-vendor.tar.gz" + KEYWORDS="~amd64 ~arm64 ~ppc64 ~riscv" +fi + +# main +LICENSE="Apache-2.0" +# deps +LICENSE+=" Apache-2.0-with-LLVM-exceptions BSD BSD-2 Boost-1.0 MIT Unicode-DFS-2016 Unlicense ZLIB" +SLOT="0" +BDEPEND="dev-go/go-md2man + dev-libs/protobuf" + +QA_FLAGS_IGNORED=" + usr/libexec/podman/${PN}" +QA_PRESTRIPPED=" + usr/libexec/podman/${PN}" + +ECARGO_VENDOR="${WORKDIR}/vendor" + +src_unpack() { + if [[ ${PV} == 9999* ]]; then + git-r3_src_unpack + cargo_live_src_unpack + else + cargo_src_unpack + fi +} + +src_prepare() { + default + sed -i -e "s|m0755 bin|m0755 target/$(usex debug debug release)|g;" Makefile || die +} + +src_compile() { + cargo_src_compile + export PREFIX="${EPREFIX}"/usr SYSTEMDDIR="$(systemd_get_systemunitdir)" + emake docs +} + +# Following is needed because we want to use `make install` instead of `cargo install` (exported by cargo.eclass) +src_install() { + default +} diff --git a/app-containers/netavark/netavark-1.9.0.ebuild b/app-containers/netavark/netavark-1.9.0.ebuild new file mode 100644 index 000000000000..d157e0604afc --- /dev/null +++ b/app-containers/netavark/netavark-1.9.0.ebuild @@ -0,0 +1,59 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +[[ ${PV} == 9999* ]] || CRATES="${PN}@${PV}" + +inherit cargo systemd + +DESCRIPTION="A container network stack" +HOMEPAGE="https://github.com/containers/netavark" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/netavark.git" +else + SRC_URI="${CARGO_CRATE_URIS} https://github.com/containers/netavark/releases/download/v${PV}/${PN}-v${PV}-vendor.tar.gz" + KEYWORDS="amd64 arm64 ~ppc64 ~riscv" +fi + +# main +LICENSE="Apache-2.0" +# deps +LICENSE+=" Apache-2.0-with-LLVM-exceptions BSD BSD-2 Boost-1.0 MIT Unicode-DFS-2016 Unlicense ZLIB" +SLOT="0" +BDEPEND="dev-go/go-md2man + dev-libs/protobuf" + +QA_FLAGS_IGNORED=" + usr/libexec/podman/${PN}" +QA_PRESTRIPPED=" + usr/libexec/podman/${PN}" + +ECARGO_VENDOR="${WORKDIR}/vendor" + +src_unpack() { + if [[ ${PV} == 9999* ]]; then + git-r3_src_unpack + cargo_live_src_unpack + else + cargo_src_unpack + fi +} + +src_prepare() { + default + sed -i -e "s|m0755 bin|m0755 target/$(usex debug debug release)|g;" Makefile || die +} + +src_compile() { + cargo_src_compile + export PREFIX="${EPREFIX}"/usr SYSTEMDDIR="$(systemd_get_systemunitdir)" + emake docs +} + +# Following is needed because we want to use `make install` instead of `cargo install` (exported by cargo.eclass) +src_install() { + default +} diff --git a/app-containers/netavark/netavark-9999.ebuild b/app-containers/netavark/netavark-9999.ebuild new file mode 100644 index 000000000000..a18be8dea54d --- /dev/null +++ b/app-containers/netavark/netavark-9999.ebuild @@ -0,0 +1,59 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +[[ ${PV} == 9999* ]] || CRATES="${PN}@${PV}" + +inherit cargo systemd + +DESCRIPTION="A container network stack" +HOMEPAGE="https://github.com/containers/netavark" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/netavark.git" +else + SRC_URI="${CARGO_CRATE_URIS} https://github.com/containers/netavark/releases/download/v${PV}/${PN}-v${PV}-vendor.tar.gz" + KEYWORDS="~amd64 ~arm64 ~ppc64 ~riscv" +fi + +# main +LICENSE="Apache-2.0" +# deps +LICENSE+=" Apache-2.0-with-LLVM-exceptions BSD BSD-2 Boost-1.0 MIT Unicode-DFS-2016 Unlicense ZLIB" +SLOT="0" +BDEPEND="dev-go/go-md2man + dev-libs/protobuf" + +QA_FLAGS_IGNORED=" + usr/libexec/podman/${PN}" +QA_PRESTRIPPED=" + usr/libexec/podman/${PN}" + +ECARGO_VENDOR="${WORKDIR}/vendor" + +src_unpack() { + if [[ ${PV} == 9999* ]]; then + git-r3_src_unpack + cargo_live_src_unpack + else + cargo_src_unpack + fi +} + +src_prepare() { + default + sed -i -e "s|m0755 bin|m0755 target/$(usex debug debug release)|g;" Makefile || die +} + +src_compile() { + cargo_src_compile + export PREFIX="${EPREFIX}"/usr SYSTEMDDIR="$(systemd_get_systemunitdir)" + emake docs +} + +# Following is needed because we want to use `make install` instead of `cargo install` (exported by cargo.eclass) +src_install() { + default +} diff --git a/app-containers/podman-tui/Manifest b/app-containers/podman-tui/Manifest new file mode 100644 index 000000000000..8c13a661d10e --- /dev/null +++ b/app-containers/podman-tui/Manifest @@ -0,0 +1,4 @@ +DIST podman-tui-0.14.0.tar.gz 15857429 BLAKE2B c1a6f056b45d4fa9e0cd749570275da1d98d3f8477a1e85a151afd1cecc9506555c55e065b86d9c49acde36a27c3dac960530218022672fc8044dee0d2284c62 SHA512 d79e5b0cabed6873ff90e4e36fec841b74d53b0e876f6449c9b5512c8a92d7d4bcf733e23abc92a6344d6dcd72957929fde48b4e16dcb1cc33cf10f33074171a +DIST podman-tui-0.17.0.tar.gz 15853215 BLAKE2B bfdaf085837497c8ce1525eccb04fc977472291e45417a3993a3e9bc2a742e132d14bce7580c0126be94262a10999da2b81edd6997b8c377a3de8a4da20c153f SHA512 137740737e4fe5138198923fb5db6dc6ca901ed7739af09c19bcb0a60fdfe0db79d7c2ac83157675ec478ab8e9dc9b1348cd8aa9f0e5298f8d20ff6cf0284afc +DIST podman-tui-0.18.0.tar.gz 15928626 BLAKE2B 80fd4f826a407b4eeeb664c065f836f12dd85cacab35003ad8fbcabf3eb69b3838bf02fb76269124d18c110370e42556cff8e348caabb100aa88a1994f99d4cc SHA512 77107a9e64b12fd5065698b7065909d5aa45ca49d749056cfb0f76aa2fd0f269708d3d75ecb4cab7939c30571510cdacebcdaac67549979873e3656e1af4db9f +DIST podman-tui-1.0.0.tar.gz 16208356 BLAKE2B c5ae4274cdc6c4d5abb9f9a18c82949a40a9f2894a9127d8bdf89b8a9445716cc985d8400833c890dec4524fd617babd5791e3062e9e7654ea93d66c34dfe181 SHA512 918b3efb823a543a439ae0f56c59ee2689961ac6e39a40054a7971ddf02056ca50c7c681ca03c45590e9fdfce1822f406bbf90f9b25563a0ef9ae75b88235a8c diff --git a/app-containers/podman-tui/metadata.xml b/app-containers/podman-tui/metadata.xml new file mode 100644 index 000000000000..604c70611a59 --- /dev/null +++ b/app-containers/podman-tui/metadata.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person" proxied="yes"> + <email>me@rahil.rocks</email> + <name>Rahil Bhimjiani</name> + </maintainer> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + <name>Zac Medico</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <upstream> + <remote-id type="github">containers/podman-tui</remote-id> + <bugs-to>https://github.com/containers/podman-tui/issues</bugs-to> + <doc>https://github.com/containers/podman-tui/blob/main/README.md</doc> + </upstream> +</pkgmetadata> diff --git a/app-containers/podman-tui/podman-tui-0.14.0.ebuild b/app-containers/podman-tui/podman-tui-0.14.0.ebuild new file mode 100644 index 000000000000..2effb9e6c06b --- /dev/null +++ b/app-containers/podman-tui/podman-tui-0.14.0.ebuild @@ -0,0 +1,37 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module +DESCRIPTION="Terminal UI frontend for Podman" +HOMEPAGE="https://github.com/containers/podman-tui" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/podman-tui.git" +else + SRC_URI="https://github.com/containers/podman-tui/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64" +fi + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD-2 BSD MIT MPL-2.0" +SLOT="0" +RESTRICT="test" +RDEPEND=" + >=app-containers/podman-4.0.2 +" + +src_compile() { + # parse tags from Makefile & make them comma-seperated as space-seperated list is deprecated + local BUILDTAGS=$(grep 'BUILDTAGS :=' Makefile | awk -F\" '{ print $2; }' | sed -e 's| |,|g;') + ego build -tags "${BUILDTAGS}" +} + +src_install() { + dobin "${PN}" + einstalldocs +} diff --git a/app-containers/podman-tui/podman-tui-0.17.0.ebuild b/app-containers/podman-tui/podman-tui-0.17.0.ebuild new file mode 100644 index 000000000000..beefef11ab58 --- /dev/null +++ b/app-containers/podman-tui/podman-tui-0.17.0.ebuild @@ -0,0 +1,34 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module +DESCRIPTION="Terminal UI frontend for Podman" +HOMEPAGE="https://github.com/containers/podman-tui" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/podman-tui.git" +else + SRC_URI="https://github.com/containers/podman-tui/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64" +fi + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD-2 BSD MIT MPL-2.0" +SLOT="0" +RESTRICT="test" + +src_compile() { + # parse tags from Makefile & make them comma-seperated as space-seperated list is deprecated + local BUILDTAGS=$(grep 'BUILDTAGS :=' Makefile | awk -F\" '{ print $2; }' | sed -e 's| |,|g;') + ego build -tags "${BUILDTAGS}" +} + +src_install() { + dobin "${PN}" + einstalldocs +} diff --git a/app-containers/podman-tui/podman-tui-0.18.0.ebuild b/app-containers/podman-tui/podman-tui-0.18.0.ebuild new file mode 100644 index 000000000000..beefef11ab58 --- /dev/null +++ b/app-containers/podman-tui/podman-tui-0.18.0.ebuild @@ -0,0 +1,34 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module +DESCRIPTION="Terminal UI frontend for Podman" +HOMEPAGE="https://github.com/containers/podman-tui" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/podman-tui.git" +else + SRC_URI="https://github.com/containers/podman-tui/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64" +fi + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD-2 BSD MIT MPL-2.0" +SLOT="0" +RESTRICT="test" + +src_compile() { + # parse tags from Makefile & make them comma-seperated as space-seperated list is deprecated + local BUILDTAGS=$(grep 'BUILDTAGS :=' Makefile | awk -F\" '{ print $2; }' | sed -e 's| |,|g;') + ego build -tags "${BUILDTAGS}" +} + +src_install() { + dobin "${PN}" + einstalldocs +} diff --git a/app-containers/podman-tui/podman-tui-1.0.0.ebuild b/app-containers/podman-tui/podman-tui-1.0.0.ebuild new file mode 100644 index 000000000000..beefef11ab58 --- /dev/null +++ b/app-containers/podman-tui/podman-tui-1.0.0.ebuild @@ -0,0 +1,34 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module +DESCRIPTION="Terminal UI frontend for Podman" +HOMEPAGE="https://github.com/containers/podman-tui" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/podman-tui.git" +else + SRC_URI="https://github.com/containers/podman-tui/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64" +fi + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD-2 BSD MIT MPL-2.0" +SLOT="0" +RESTRICT="test" + +src_compile() { + # parse tags from Makefile & make them comma-seperated as space-seperated list is deprecated + local BUILDTAGS=$(grep 'BUILDTAGS :=' Makefile | awk -F\" '{ print $2; }' | sed -e 's| |,|g;') + ego build -tags "${BUILDTAGS}" +} + +src_install() { + dobin "${PN}" + einstalldocs +} diff --git a/app-containers/podman-tui/podman-tui-9999.ebuild b/app-containers/podman-tui/podman-tui-9999.ebuild new file mode 100644 index 000000000000..beefef11ab58 --- /dev/null +++ b/app-containers/podman-tui/podman-tui-9999.ebuild @@ -0,0 +1,34 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit go-module +DESCRIPTION="Terminal UI frontend for Podman" +HOMEPAGE="https://github.com/containers/podman-tui" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/podman-tui.git" +else + SRC_URI="https://github.com/containers/podman-tui/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64" +fi + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD-2 BSD MIT MPL-2.0" +SLOT="0" +RESTRICT="test" + +src_compile() { + # parse tags from Makefile & make them comma-seperated as space-seperated list is deprecated + local BUILDTAGS=$(grep 'BUILDTAGS :=' Makefile | awk -F\" '{ print $2; }' | sed -e 's| |,|g;') + ego build -tags "${BUILDTAGS}" +} + +src_install() { + dobin "${PN}" + einstalldocs +} diff --git a/app-containers/podman/Manifest b/app-containers/podman/Manifest new file mode 100644 index 000000000000..5b73dbae0975 --- /dev/null +++ b/app-containers/podman/Manifest @@ -0,0 +1,3 @@ +DIST podman-4.9.4.tar.gz 21733620 BLAKE2B 17d099c0a13fbbb77556742313c39995127fc97b4086ef3c2d74a92cc0a4f825a6c729dd099c6d4f4cd3d2ebfd470494babdeaa85a5653b327ea1a16fb5ea993 SHA512 7b52555789a1c214fcf26b0826bdda6cf0ccca588f87c0f15ac5e8358ddac625e17cafbe6a43de07cad964e1418b5ee0d2e38a5cb5dc6f6d4e638399749a7f7b +DIST podman-5.0.1.tar.gz 21863115 BLAKE2B 433949d70e7984a278d5231fe4a480d0c758a67e6df30f587f25da727440ba944cf38bb979ab6b6375f0ba65038c6b4c5a8ca73c6bc73df57b92089c5f6c072e SHA512 4ab64beea9b23839caa35bf8ec0f097ed16b4d2f448ce16039bb55672ac8b1d8d8cadf86c21eb32dc2c1d30dabb5b57a141823aa5fc3f14f09741f76cffa6023 +DIST podman-5.0.2.tar.gz 23811875 BLAKE2B e943eb36eb0b80332223afc5d971c0886f6eaffeb7133c634d28c0a38e9aae6a54266691067dbca7684882f8b6dad72c3d5de2287ec5a7e8fb4b1cfd96df0b4d SHA512 70dbac9fc81d66eb9b0a5174f5776b805397005cacca917674d2b001591fadd05a776c956e693bad932e9eefe591c35da5c566e8e9e01db8be42bc454cd03104 diff --git a/app-containers/podman/files/podman-5.0.0_rc4.confd b/app-containers/podman/files/podman-5.0.0_rc4.confd new file mode 100644 index 000000000000..eafaee7fddef --- /dev/null +++ b/app-containers/podman/files/podman-5.0.0_rc4.confd @@ -0,0 +1,11 @@ +# Config file for /etc/init.d/podman + +# Sets the API service daemon log level +# valid levels: debug, info, warn, error, fatal or panic +#LOG_LEVEL="error" + +# Sets the API service daemon socket +#SOCKET="unix:///run/podman/podman.sock" + +# Configure the user[:group] the API service daemon will run as +#RUN_AS_USER="root:root" diff --git a/app-containers/podman/files/podman-5.0.0_rc4.initd b/app-containers/podman/files/podman-5.0.0_rc4.initd new file mode 100644 index 000000000000..53026a54176d --- /dev/null +++ b/app-containers/podman/files/podman-5.0.0_rc4.initd @@ -0,0 +1,21 @@ +#!/sbin/openrc-run +# Copyright 2015-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +description="Podman API Service" + +LOG_PATH="/var/log/${RC_SVCNAME}" +output_log="${LOG_PATH}/${RC_SVCNAME}.log" +error_log="${LOG_PATH}/${RC_SVCNAME}.log" +RUN_PATH="/run/${RC_SVCNAME}" +pidfile="${RUN_PATH}/${RC_SVCNAME}.pid" + +command_user="${RUN_AS_USER:=root:root}" +command="/usr/bin/podman" +command_args="--log-level ${LOG_LEVEL:-error} system service --time 0 ${SOCKET:-unix://${RUN_PATH}/${RC_SVCNAME}.sock}" +command_background="true" + +start() { + checkpath -o "${RUN_AS_USER}" -d "${RUN_PATH}" "${LOG_PATH}" + default_start +} diff --git a/app-containers/podman/files/podman-auto-update-5.0.0.cron b/app-containers/podman/files/podman-auto-update-5.0.0.cron new file mode 100644 index 000000000000..509146e0aa56 --- /dev/null +++ b/app-containers/podman/files/podman-auto-update-5.0.0.cron @@ -0,0 +1,5 @@ +#!/bin/sh + +# podman-auto-update(1) +# uncomment following to auto update containers according to their auto-update policy +# /usr/bin/podman auto-update && /usr/bin/podman image prune -f diff --git a/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.confd b/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.confd new file mode 100644 index 000000000000..e85d8d51ff8e --- /dev/null +++ b/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.confd @@ -0,0 +1,8 @@ +# Config file for /etc/init.d/podman-clean-transient + +# Sets the podman log level +# valid levels: debug, info, warn, error, fatal or panic +#LOG_LEVEL="info" + +# Configure the user[:group] the podman will run as +#RUN_AS_USER="root:root" diff --git a/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.initd b/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.initd new file mode 100644 index 000000000000..cd759c7eafc0 --- /dev/null +++ b/app-containers/podman/files/podman-clean-transient-5.0.0_rc6.initd @@ -0,0 +1,17 @@ +#!/sbin/openrc-run +# Copyright 2015-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +# This service runs once each boot to remove potential leftover +# container state from previous boots. + +# This is needed when using transient storage mode in podman where the +# database and other configs are stored in tmpfs, but some other files +# are not. If we don't run this after an unclean boot then there may +# be some leftover files that grow over time. + +description="Clean up podman transient data" + +command_user="${RUN_AS_USER:-root:root}" +command="/usr/bin/podman" +command_args="--log-level ${LOG_LEVEL:-info} system prune --external" diff --git a/app-containers/podman/files/podman-restart-5.0.0_rc4.confd b/app-containers/podman/files/podman-restart-5.0.0_rc4.confd new file mode 100644 index 000000000000..4d63848cb16f --- /dev/null +++ b/app-containers/podman/files/podman-restart-5.0.0_rc4.confd @@ -0,0 +1,9 @@ +# Config file for /etc/init.d/podman-restart + +# Sets the podman log level +# valid levels: debug, info, warn, error, fatal or panic +#LOG_LEVEL="info" + +# Configure the user[:group] the podman will run as +# Can be useful to manage rootful or rootless containers +#RUN_AS_USER="root:root" diff --git a/app-containers/podman/files/podman-restart-5.0.0_rc4.initd b/app-containers/podman/files/podman-restart-5.0.0_rc4.initd new file mode 100644 index 000000000000..d02bd64c6279 --- /dev/null +++ b/app-containers/podman/files/podman-restart-5.0.0_rc4.initd @@ -0,0 +1,22 @@ +#!/sbin/openrc-run +# Copyright 2015-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +description="Start all containers with restart-policy set to always" + +command_user="${RUN_AS_USER:=root:root}" +command="/usr/bin/podman" +command_args="--log-level ${LOG_LEVEL:=info} start --all --filter restart-policy=always" + +depend() { + after net +} + +stop() { + ebegin "Stopping all containers with restart-policy set to always" + ${command} \ + --log-level ${LOG_LEVEL} \ + stop \ + $(${command} container ls --filter restart-policy=always -q) + eend $? "Failed to stop containers with restart-policy set to always" +} diff --git a/app-containers/podman/files/podman.logrotated b/app-containers/podman/files/podman.logrotated new file mode 100644 index 000000000000..b9d723451b0a --- /dev/null +++ b/app-containers/podman/files/podman.logrotated @@ -0,0 +1,7 @@ +/var/log/podman/podman.log { + missingok + size 5M + rotate 3 + compress + copytruncate +} diff --git a/app-containers/podman/files/seccomp-toggle-4.7.0.patch b/app-containers/podman/files/seccomp-toggle-4.7.0.patch new file mode 100644 index 000000000000..17a09b601369 --- /dev/null +++ b/app-containers/podman/files/seccomp-toggle-4.7.0.patch @@ -0,0 +1,15 @@ +--- a/Makefile ++++ b/Makefile +@@ -57,7 +57,11 @@ + $(shell hack/systemd_tag.sh) \ + $(shell hack/libsubid_tag.sh) \ + exclude_graphdriver_devicemapper \ +- seccomp ++ ++BUILD_SECCOMP ?= yes ++ifeq ($(BUILD_SECCOMP),yes) ++BUILDTAGS += seccomp ++endif + # N/B: This value is managed by Renovate, manual changes are + # possible, as long as they don't disturb the formatting + # (i.e. DO NOT ADD A 'v' prefix!) diff --git a/app-containers/podman/metadata.xml b/app-containers/podman/metadata.xml new file mode 100644 index 000000000000..59ab2d3ffda0 --- /dev/null +++ b/app-containers/podman/metadata.xml @@ -0,0 +1,51 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + <name>Zac Medico</name> + </maintainer> + <maintainer type="person" proxied="yes"> + <email>me@rahil.rocks</email> + <name>Rahil Bhimjiani</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <longdescription lang="en"> + Podman (the POD MANager) is a tool for managing containers + and images, volumes mounted into those containers, and pods + made from groups of containers. Podman is based on libpod, + a library for container lifecycle management that is also + contained in this repository. The libpod library provides + APIs for managing containers, pods, container images, + and volumes. + </longdescription> + <use> + <flag name="btrfs"> + Enables btrfs support (graph driver) in Podman + </flag> + <flag name="cgroup-hybrid"> + Use legacy (hybrid) cgroups instead of modern (unified) cgroups + </flag> + <flag name="fuse"> + Enables fuse dependencies (fuse-overlayfs is especially useful + for rootless mode). + </flag> + <flag name="init"> + Enables catatonit dependency required for podman run --init. + </flag> + <flag name="rootless"> + Enables dependencies for running in rootless mode. + </flag> + <flag name="wrapper"> + Install wrapper which lets use podman for command `docker` + </flag> + </use> + <upstream> + <remote-id type="github">containers/podman</remote-id> + <bugs-to>https://github.com/containers/podman/issues</bugs-to> + <doc>https://podman.io/docs</doc> + </upstream> +</pkgmetadata> diff --git a/app-containers/podman/podman-4.9.4.ebuild b/app-containers/podman/podman-4.9.4.ebuild new file mode 100644 index 000000000000..845dcbc2a7aa --- /dev/null +++ b/app-containers/podman/podman-4.9.4.ebuild @@ -0,0 +1,156 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{11,12} ) + +inherit go-module python-any-r1 tmpfiles linux-info + +DESCRIPTION="A tool for managing OCI containers and pods with Docker-compatible CLI" +HOMEPAGE="https://github.com/containers/podman/ https://podman.io/" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/podman.git" +else + SRC_URI="https://github.com/containers/podman/archive/v${PV/_rc/-rc}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P/_rc/-rc}" + if [[ ${PV} != *rc* ]] ; then + KEYWORDS="amd64 arm64 ~riscv" + fi +fi + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" +SLOT="0" +IUSE="apparmor btrfs cgroup-hybrid wrapper +fuse +init +rootless +seccomp selinux systemd" +RESTRICT="test" + +RDEPEND=" + app-crypt/gpgme:= + >=app-containers/conmon-2.0.0 + >=app-containers/containers-common-0.56.0 + dev-libs/libassuan:= + dev-libs/libgpg-error:= + sys-apps/shadow:= + + apparmor? ( sys-libs/libapparmor ) + btrfs? ( sys-fs/btrfs-progs ) + cgroup-hybrid? ( >=app-containers/runc-1.0.0_rc6 ) + !cgroup-hybrid? ( app-containers/crun ) + wrapper? ( !app-containers/docker-cli ) + fuse? ( sys-fs/fuse-overlayfs ) + init? ( app-containers/catatonit ) + rootless? ( app-containers/slirp4netns ) + seccomp? ( sys-libs/libseccomp:= ) + selinux? ( sec-policy/selinux-podman sys-libs/libselinux:= ) + systemd? ( sys-apps/systemd:= ) +" +DEPEND="${RDEPEND}" +BDEPEND=" + ${PYTHON_DEPS} + dev-go/go-md2man +" + +PATCHES=( + "${FILESDIR}/seccomp-toggle-4.7.0.patch" +) + +CONFIG_CHECK=" + ~USER_NS +" + +pkg_setup() { + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + linux-info_pkg_setup + python-any-r1_pkg_setup +} + +src_prepare() { + default + + # assure necessary files are present + local file + for file in apparmor_tag btrfs_installed_tag btrfs_tag systemd_tag; do + [[ -f hack/"${file}".sh ]] || die + done + + local feature + for feature in apparmor systemd; do + cat <<-EOF > hack/"${feature}"_tag.sh || die + #!/usr/bin/env bash + $(usex ${feature} "echo ${feature}" echo) + EOF + done + + echo -e "#!/usr/bin/env bash\n echo" > hack/btrfs_installed_tag.sh || die + cat <<-EOF > hack/btrfs_tag.sh || die + #!/usr/bin/env bash + $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') + EOF +} + +src_compile() { + export PREFIX="${EPREFIX}/usr" + + # bug 906073 + use elibc_musl && export CGO_CFLAGS="-D_LARGEFILE64_SOURCE" + + # For non-live versions, prevent git operations which causes sandbox violations + # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 + [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" EPOCH_TEST_COMMIT="" + + # BUILD_SECCOMP is used in the patch to toggle seccomp + emake BUILDFLAGS="-v -work -x" GOMD2MAN="go-md2man" BUILD_SECCOMP="$(usex seccomp)" all $(usev wrapper docker-docs) +} + +src_install() { + emake DESTDIR="${D}" install install.completions $(usev wrapper install.docker-full) + + insinto /etc/cni/net.d + doins cni/87-podman-bridge.conflist + + if use !systemd; then + newconfd "${FILESDIR}"/podman-5.0.0_rc4.confd podman + newinitd "${FILESDIR}"/podman-5.0.0_rc4.initd podman + + newinitd "${FILESDIR}"/podman-restart-5.0.0_rc4.initd podman-restart + newconfd "${FILESDIR}"/podman-restart-5.0.0_rc4.confd podman-restart + + newinitd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.initd podman-clean-transient + newconfd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.confd podman-clean-transient + + exeinto /etc/cron.daily + newexe "${FILESDIR}"/podman-auto-update-5.0.0.cron podman-auto-update + + insinto /etc/logrotate.d + newins "${FILESDIR}/podman.logrotated" podman + fi + + keepdir /var/lib/containers +} + +pkg_preinst() { + PODMAN_ROOTLESS_UPGRADE=false + if use rootless; then + has_version 'app-containers/podman[rootless]' || PODMAN_ROOTLESS_UPGRADE=true + fi +} + +pkg_postinst() { + tmpfiles_process podman.conf $(usev wrapper podman-docker.conf) + + local want_newline=false + if [[ ${PODMAN_ROOTLESS_UPGRADE} == true ]] ; then + ${want_newline} && elog "" + elog "For rootless operation, you need to configure subuid/subgid" + elog "for user running podman. In case subuid/subgid has only been" + elog "configured for root, run:" + elog "usermod --add-subuids 1065536-1131071 <user>" + elog "usermod --add-subgids 1065536-1131071 <user>" + want_newline=true + fi +} diff --git a/app-containers/podman/podman-5.0.1.ebuild b/app-containers/podman/podman-5.0.1.ebuild new file mode 100644 index 000000000000..b535f608f817 --- /dev/null +++ b/app-containers/podman/podman-5.0.1.ebuild @@ -0,0 +1,128 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{11,12} ) + +inherit go-module python-any-r1 tmpfiles linux-info + +DESCRIPTION="A tool for managing OCI containers and pods with Docker-compatible CLI" +HOMEPAGE="https://github.com/containers/podman/ https://podman.io/" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/podman.git" +else + SRC_URI="https://github.com/containers/podman/archive/v${PV/_rc/-rc}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P/_rc/-rc}" + [[ ${PV} != *rc* ]] && \ + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" +SLOT="0" +IUSE="apparmor btrfs +seccomp selinux systemd wrapper" +RESTRICT="test" + +RDEPEND=" + app-containers/catatonit + >=app-containers/conmon-2.1.10 + >=app-containers/containers-common-0.58.0-r1 + app-crypt/gpgme:= + dev-libs/libassuan:= + dev-libs/libgpg-error:= + sys-apps/shadow:= + + apparmor? ( sys-libs/libapparmor ) + btrfs? ( sys-fs/btrfs-progs ) + wrapper? ( !app-containers/docker-cli ) + seccomp? ( sys-libs/libseccomp:= ) + selinux? ( sec-policy/selinux-podman sys-libs/libselinux:= ) + systemd? ( sys-apps/systemd:= ) +" +DEPEND="${RDEPEND}" +BDEPEND=" + ${PYTHON_DEPS} + dev-go/go-md2man +" + +PATCHES=( + "${FILESDIR}/seccomp-toggle-4.7.0.patch" +) + +CONFIG_CHECK=" + ~USER_NS +" + +pkg_setup() { + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + linux-info_pkg_setup + python-any-r1_pkg_setup +} + +src_prepare() { + default + + # assure necessary files are present + local file + for file in apparmor_tag btrfs_installed_tag btrfs_tag systemd_tag; do + [[ -f hack/"${file}".sh ]] || die + done + + local feature + for feature in apparmor systemd; do + cat <<-EOF > hack/"${feature}"_tag.sh || die + #!/usr/bin/env bash + $(usex ${feature} "echo ${feature}" echo) + EOF + done + + echo -e "#!/usr/bin/env bash\n echo" > hack/btrfs_installed_tag.sh || die + cat <<-EOF > hack/btrfs_tag.sh || die + #!/usr/bin/env bash + $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') + EOF +} + +src_compile() { + export PREFIX="${EPREFIX}/usr" + + # For non-live versions, prevent git operations which causes sandbox violations + # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 + [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" EPOCH_TEST_COMMIT="" + + # BUILD_SECCOMP is used in the patch to toggle seccomp + emake BUILDFLAGS="-v -work -x" GOMD2MAN="go-md2man" BUILD_SECCOMP="$(usex seccomp)" \ + all $(usev wrapper docker-docs) +} + +src_install() { + emake DESTDIR="${D}" install install.completions $(usev wrapper install.docker-full) + + if use !systemd; then + newconfd "${FILESDIR}"/podman-5.0.0_rc4.confd podman + newinitd "${FILESDIR}"/podman-5.0.0_rc4.initd podman + + newinitd "${FILESDIR}"/podman-restart-5.0.0_rc4.initd podman-restart + newconfd "${FILESDIR}"/podman-restart-5.0.0_rc4.confd podman-restart + + newinitd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.initd podman-clean-transient + newconfd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.confd podman-clean-transient + + exeinto /etc/cron.daily + newexe "${FILESDIR}"/podman-auto-update-5.0.0.cron podman-auto-update + + insinto /etc/logrotate.d + newins "${FILESDIR}/podman.logrotated" podman + fi + + keepdir /var/lib/containers +} + +pkg_postinst() { + tmpfiles_process podman.conf $(usev wrapper podman-docker.conf) +} diff --git a/app-containers/podman/podman-5.0.2.ebuild b/app-containers/podman/podman-5.0.2.ebuild new file mode 100644 index 000000000000..b535f608f817 --- /dev/null +++ b/app-containers/podman/podman-5.0.2.ebuild @@ -0,0 +1,128 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{11,12} ) + +inherit go-module python-any-r1 tmpfiles linux-info + +DESCRIPTION="A tool for managing OCI containers and pods with Docker-compatible CLI" +HOMEPAGE="https://github.com/containers/podman/ https://podman.io/" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/podman.git" +else + SRC_URI="https://github.com/containers/podman/archive/v${PV/_rc/-rc}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P/_rc/-rc}" + [[ ${PV} != *rc* ]] && \ + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" +SLOT="0" +IUSE="apparmor btrfs +seccomp selinux systemd wrapper" +RESTRICT="test" + +RDEPEND=" + app-containers/catatonit + >=app-containers/conmon-2.1.10 + >=app-containers/containers-common-0.58.0-r1 + app-crypt/gpgme:= + dev-libs/libassuan:= + dev-libs/libgpg-error:= + sys-apps/shadow:= + + apparmor? ( sys-libs/libapparmor ) + btrfs? ( sys-fs/btrfs-progs ) + wrapper? ( !app-containers/docker-cli ) + seccomp? ( sys-libs/libseccomp:= ) + selinux? ( sec-policy/selinux-podman sys-libs/libselinux:= ) + systemd? ( sys-apps/systemd:= ) +" +DEPEND="${RDEPEND}" +BDEPEND=" + ${PYTHON_DEPS} + dev-go/go-md2man +" + +PATCHES=( + "${FILESDIR}/seccomp-toggle-4.7.0.patch" +) + +CONFIG_CHECK=" + ~USER_NS +" + +pkg_setup() { + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + linux-info_pkg_setup + python-any-r1_pkg_setup +} + +src_prepare() { + default + + # assure necessary files are present + local file + for file in apparmor_tag btrfs_installed_tag btrfs_tag systemd_tag; do + [[ -f hack/"${file}".sh ]] || die + done + + local feature + for feature in apparmor systemd; do + cat <<-EOF > hack/"${feature}"_tag.sh || die + #!/usr/bin/env bash + $(usex ${feature} "echo ${feature}" echo) + EOF + done + + echo -e "#!/usr/bin/env bash\n echo" > hack/btrfs_installed_tag.sh || die + cat <<-EOF > hack/btrfs_tag.sh || die + #!/usr/bin/env bash + $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') + EOF +} + +src_compile() { + export PREFIX="${EPREFIX}/usr" + + # For non-live versions, prevent git operations which causes sandbox violations + # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 + [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" EPOCH_TEST_COMMIT="" + + # BUILD_SECCOMP is used in the patch to toggle seccomp + emake BUILDFLAGS="-v -work -x" GOMD2MAN="go-md2man" BUILD_SECCOMP="$(usex seccomp)" \ + all $(usev wrapper docker-docs) +} + +src_install() { + emake DESTDIR="${D}" install install.completions $(usev wrapper install.docker-full) + + if use !systemd; then + newconfd "${FILESDIR}"/podman-5.0.0_rc4.confd podman + newinitd "${FILESDIR}"/podman-5.0.0_rc4.initd podman + + newinitd "${FILESDIR}"/podman-restart-5.0.0_rc4.initd podman-restart + newconfd "${FILESDIR}"/podman-restart-5.0.0_rc4.confd podman-restart + + newinitd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.initd podman-clean-transient + newconfd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.confd podman-clean-transient + + exeinto /etc/cron.daily + newexe "${FILESDIR}"/podman-auto-update-5.0.0.cron podman-auto-update + + insinto /etc/logrotate.d + newins "${FILESDIR}/podman.logrotated" podman + fi + + keepdir /var/lib/containers +} + +pkg_postinst() { + tmpfiles_process podman.conf $(usev wrapper podman-docker.conf) +} diff --git a/app-containers/podman/podman-9999.ebuild b/app-containers/podman/podman-9999.ebuild new file mode 100644 index 000000000000..b535f608f817 --- /dev/null +++ b/app-containers/podman/podman-9999.ebuild @@ -0,0 +1,128 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{11,12} ) + +inherit go-module python-any-r1 tmpfiles linux-info + +DESCRIPTION="A tool for managing OCI containers and pods with Docker-compatible CLI" +HOMEPAGE="https://github.com/containers/podman/ https://podman.io/" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/podman.git" +else + SRC_URI="https://github.com/containers/podman/archive/v${PV/_rc/-rc}.tar.gz -> ${P}.tar.gz" + S="${WORKDIR}/${P/_rc/-rc}" + [[ ${PV} != *rc* ]] && \ + KEYWORDS="~amd64 ~arm64 ~riscv" +fi + +# main pkg +LICENSE="Apache-2.0" +# deps +LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" +SLOT="0" +IUSE="apparmor btrfs +seccomp selinux systemd wrapper" +RESTRICT="test" + +RDEPEND=" + app-containers/catatonit + >=app-containers/conmon-2.1.10 + >=app-containers/containers-common-0.58.0-r1 + app-crypt/gpgme:= + dev-libs/libassuan:= + dev-libs/libgpg-error:= + sys-apps/shadow:= + + apparmor? ( sys-libs/libapparmor ) + btrfs? ( sys-fs/btrfs-progs ) + wrapper? ( !app-containers/docker-cli ) + seccomp? ( sys-libs/libseccomp:= ) + selinux? ( sec-policy/selinux-podman sys-libs/libselinux:= ) + systemd? ( sys-apps/systemd:= ) +" +DEPEND="${RDEPEND}" +BDEPEND=" + ${PYTHON_DEPS} + dev-go/go-md2man +" + +PATCHES=( + "${FILESDIR}/seccomp-toggle-4.7.0.patch" +) + +CONFIG_CHECK=" + ~USER_NS +" + +pkg_setup() { + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + linux-info_pkg_setup + python-any-r1_pkg_setup +} + +src_prepare() { + default + + # assure necessary files are present + local file + for file in apparmor_tag btrfs_installed_tag btrfs_tag systemd_tag; do + [[ -f hack/"${file}".sh ]] || die + done + + local feature + for feature in apparmor systemd; do + cat <<-EOF > hack/"${feature}"_tag.sh || die + #!/usr/bin/env bash + $(usex ${feature} "echo ${feature}" echo) + EOF + done + + echo -e "#!/usr/bin/env bash\n echo" > hack/btrfs_installed_tag.sh || die + cat <<-EOF > hack/btrfs_tag.sh || die + #!/usr/bin/env bash + $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') + EOF +} + +src_compile() { + export PREFIX="${EPREFIX}/usr" + + # For non-live versions, prevent git operations which causes sandbox violations + # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 + [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" EPOCH_TEST_COMMIT="" + + # BUILD_SECCOMP is used in the patch to toggle seccomp + emake BUILDFLAGS="-v -work -x" GOMD2MAN="go-md2man" BUILD_SECCOMP="$(usex seccomp)" \ + all $(usev wrapper docker-docs) +} + +src_install() { + emake DESTDIR="${D}" install install.completions $(usev wrapper install.docker-full) + + if use !systemd; then + newconfd "${FILESDIR}"/podman-5.0.0_rc4.confd podman + newinitd "${FILESDIR}"/podman-5.0.0_rc4.initd podman + + newinitd "${FILESDIR}"/podman-restart-5.0.0_rc4.initd podman-restart + newconfd "${FILESDIR}"/podman-restart-5.0.0_rc4.confd podman-restart + + newinitd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.initd podman-clean-transient + newconfd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.confd podman-clean-transient + + exeinto /etc/cron.daily + newexe "${FILESDIR}"/podman-auto-update-5.0.0.cron podman-auto-update + + insinto /etc/logrotate.d + newins "${FILESDIR}/podman.logrotated" podman + fi + + keepdir /var/lib/containers +} + +pkg_postinst() { + tmpfiles_process podman.conf $(usev wrapper podman-docker.conf) +} diff --git a/app-containers/reg/Manifest b/app-containers/reg/Manifest new file mode 100644 index 000000000000..5c060ef79ca1 --- /dev/null +++ b/app-containers/reg/Manifest @@ -0,0 +1,2 @@ +DIST reg-0.16.1-deps.tar.xz 64969744 BLAKE2B 40cc07bc6b24660e945f0a20ea8a8de98e987c23fb44bfc2793ff808b7ef86b01956dbb17af70d13071ffa8ca1301409ca2ad350c73297263b7b24224f816642 SHA512 7c3c41c9b891118504b03c0996d2b6f50928e6f0d9300a2430574d4f39a810c2f8fa0f3d2c2405d4ef5a17509e84d2a19b040f89195885eacd7ae33c9ef67c50 +DIST reg-0.16.1.tar.gz 3163977 BLAKE2B b161200e7b96b26054e121853bafb4751865de1146f07fa48418a6624beeebd10eb8fcde1af90f9dd3c20ffd8d5807a106d012bf996944c96b5ff841b0079fb4 SHA512 77fbd543de6e94c504e98a0364895b19099e3cde55a85a4413730de58de8e84f50889fdcfaffa1c76ae412a603ed6d5f4b1d57566ec814cf88df70278e91aee6 diff --git a/app-containers/reg/files/reg-0.16.1-config.patch b/app-containers/reg/files/reg-0.16.1-config.patch new file mode 100644 index 000000000000..717861dfab38 --- /dev/null +++ b/app-containers/reg/files/reg-0.16.1-config.patch @@ -0,0 +1,296 @@ +From ce4b2828ec800f0d1782b97b9400bd71154e5bbf Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Manuel=20R=C3=BCger?= <manuel@rueg.eu> +Date: Tue, 18 Sep 2018 15:42:24 +0200 +Subject: [PATCH] server: Read config from file + +--- + README.md | 4 ++ + config.yml.example | 37 ++++++++++++++++ + go.mod | 1 + + go.sum | 4 ++ + server.go | 107 +++++++++++++++++++++++++++++++-------------- + 5 files changed, 119 insertions(+), 34 deletions(-) + create mode 100644 config.yml.example + +diff --git a/README.md b/README.md +index 3c93191a..23b1b33c 100644 +--- a/README.md ++++ b/README.md +@@ -212,6 +212,7 @@ Flags: + -u, --username username for the registry (default: <none>) + --listen-address address to listen on (default: <none>) + --asset-path Path to assets and templates (default: <none>) ++ --config Path to config file (default: <none>) + -f, --force-non-ssl force allow use of non-ssl (default: false) + --once generate the templates once and then exit (default: false) + --skip-ping skip pinging the registry while establishing connection (default: false) +@@ -227,6 +228,9 @@ Flags: + -p, --password password for the registry (default: <none>) + ``` + ++Alternatively you can provide configuration to `reg server` via a file passed to ++`reg server` via as `--config`. See also config.yml.example in this repository. ++ + **Screenshots:** + + ![home.png](server/home.png) +diff --git a/config.yml.example b/config.yml.example +new file mode 100644 +index 00000000..9d4be25f +--- /dev/null ++++ b/config.yml.example +@@ -0,0 +1,37 @@ ++### Reg Server Settings ++ ++## Path to server TLS certificate: ++# cert: ++## Path to server TLS key: ++# key: ++## Address to listen on: ++# listen-address: 0.0.0.0 ++## Port to listen on: ++# port: 8080 ++## Path Assets are stored under: ++# asset-path: /var/lib/reg ++## Generate static website and exit: ++# once: false ++## Refresh interval: ++# interval: 1h0m0s ++## Debug output ++# debug: false ++## Skip initial ping ++# skip-ping: false ++## Timeout ++# timeout: 1m0s ++ ++ ++### Registry and Clair Server Settings ++## Registry Server: ++# registry: r.j3ss.co ++## Username to authenticate against registry server ++# username: ++## Password to authenticate against registry server ++# password: ++## If true, do not verify TLS certificates ++# insecure: false ++## Force allow use of non-TLS connections ++# force-nonssl: false ++## Clair Server: ++# clair: +diff --git a/go.mod b/go.mod +index 4e7583e8..914297a8 100644 +--- a/go.mod ++++ b/go.mod +@@ -35,5 +35,6 @@ require ( + github.com/sirupsen/logrus v1.4.2 + golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 // indirect + google.golang.org/grpc v1.23.1 ++ gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7 + gotest.tools v2.2.0+incompatible // indirect + ) +diff --git a/go.sum b/go.sum +index 71f46e16..ff078b3f 100644 +--- a/go.sum ++++ b/go.sum +@@ -54,8 +54,10 @@ github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQL + github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= + github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk= + github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= ++github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= + github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= + github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= ++github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= + github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= + github.com/mitchellh/go-wordwrap v1.0.0 h1:6GlHJ/LTGMrIJbwgdqdl2eEH8o+Exx/0m8ir9Gns0u4= + github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= +@@ -115,8 +117,10 @@ google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoA + google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= + google.golang.org/grpc v1.23.1 h1:q4XQuHFC6I28BKZpo6IYyb3mNO+l7lSOxRuYTCiDfXk= + google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= ++gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= + gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= + gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= ++gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7 h1:+t9dhfO+GNOIGJof6kPOAenx7YgrZMTdRPV+EsnPabk= + gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= +diff --git a/server.go b/server.go +index fcd4cd71..0c84d85d 100644 +--- a/server.go ++++ b/server.go +@@ -4,7 +4,9 @@ import ( + "context" + "flag" + "fmt" ++ "gopkg.in/yaml.v2" + "html/template" ++ "io/ioutil" + "net/http" + "os" + "path/filepath" +@@ -29,39 +31,76 @@ func (cmd *serverCommand) LongHelp() string { return serverHelp } + func (cmd *serverCommand) Hidden() bool { return false } + + func (cmd *serverCommand) Register(fs *flag.FlagSet) { +- fs.DurationVar(&cmd.interval, "interval", time.Hour, "interval to generate new index.html's at") ++ fs.DurationVar(&cmd.Interval, "interval", time.Hour, "interval to generate new index.html's at") + +- fs.StringVar(&cmd.registryServer, "registry", "", "URL to the private registry (ex. r.j3ss.co)") +- fs.StringVar(&cmd.registryServer, "r", "", "URL to the private registry (ex. r.j3ss.co)") ++ fs.StringVar(&cmd.RegistryServer, "registry", "", "URL to the private registry (ex. r.j3ss.co)") ++ fs.StringVar(&cmd.RegistryServer, "r", "", "URL to the private registry (ex. r.j3ss.co)") + +- fs.StringVar(&cmd.clairServer, "clair", "", "url to clair instance") ++ fs.StringVar(&cmd.ClairServer, "clair", "", "url to clair instance") + +- fs.StringVar(&cmd.cert, "cert", "", "path to ssl cert") +- fs.StringVar(&cmd.key, "key", "", "path to ssl key") +- fs.StringVar(&cmd.listenAddress, "listen-address", "", "address to listen on") +- fs.StringVar(&cmd.port, "port", "8080", "port for server to run on") +- fs.StringVar(&cmd.assetPath, "asset-path", "", "Path to assets and templates") ++ fs.StringVar(&cmd.Cert, "cert", "", "path to ssl cert") ++ fs.StringVar(&cmd.Key, "key", "", "path to ssl key") ++ fs.StringVar(&cmd.ListenAddress, "listen-address", "", "address to listen on") ++ fs.StringVar(&cmd.Port, "port", "8080", "port for server to run on") + +- fs.BoolVar(&cmd.generateAndExit, "once", false, "generate the templates once and then exit") ++ fs.StringVar(&cmd.AssetPath, "asset-path", "", "Path to assets and templates") ++ fs.StringVar(&cmd.configPath, "config", "", "Path to config file") ++ ++ fs.BoolVar(&cmd.GenerateAndExit, "once", false, "generate the templates once and then exit") + } + + type serverCommand struct { +- interval time.Duration +- registryServer string +- clairServer string +- +- generateAndExit bool +- +- cert string +- key string +- listenAddress string +- port string +- assetPath string ++ Interval time.Duration `yaml:"interval"` ++ RegistryServer string `yaml:"registry"` ++ ClairServer string `yaml:"clair"` ++ GenerateAndExit bool `yaml:"once"` ++ Cert string `yaml:"cert"` ++ Key string `yaml:"key"` ++ ListenAddress string `yaml:"listen-address"` ++ Port string `yaml:"port"` ++ AssetPath string `yaml:"asset-path"` ++ configPath string ++ ++ Password string `yaml:"password"` ++ Username string `yaml:"username"` ++ Insecure bool `yaml:"insecure"` ++ Debug bool `yaml:"debug"` ++ SkipPing bool `yaml:"skip-ping"` ++ ForceNonSSL bool `yaml:"force-nonssl"` ++ Timeout time.Duration `yaml:"timeout"` + } + + func (cmd *serverCommand) Run(ctx context.Context, args []string) error { + // Create the registry client. +- r, err := createRegistryClient(ctx, cmd.registryServer) ++ if len(cmd.configPath) > 0 { ++ config, err := ioutil.ReadFile(cmd.configPath) ++ if err != nil { ++ return err ++ } ++ yaml.Unmarshal(config, cmd) ++ if err != nil { ++ return err ++ } ++ if len(cmd.Username) > 0 { ++ username = cmd.Username ++ } ++ if len(cmd.Password) > 0 { ++ password = cmd.Password ++ } ++ if cmd.Debug { ++ debug = cmd.Debug ++ } ++ if cmd.Insecure { ++ insecure = cmd.Insecure ++ } ++ if cmd.SkipPing { ++ skipPing = cmd.SkipPing ++ } ++ if cmd.Timeout != 0 { ++ timeout = cmd.Timeout ++ } ++ } ++ r, err := createRegistryClient(ctx, cmd.RegistryServer) + if err != nil { + return err + } +@@ -69,25 +108,25 @@ func (cmd *serverCommand) Run(ctx context.Context, args []string) error { + // Create the registry controller for the handlers. + rc := registryController{ + reg: r, +- generateOnly: cmd.generateAndExit, ++ generateOnly: cmd.GenerateAndExit, + } + + // Create a clair client if the user passed in a server address. +- if len(cmd.clairServer) > 0 { +- rc.cl, err = clair.New(cmd.clairServer, clair.Opt{ ++ if len(cmd.ClairServer) > 0 { ++ rc.cl, err = clair.New(cmd.ClairServer, clair.Opt{ + Insecure: insecure, + Debug: debug, + Timeout: timeout, + }) + if err != nil { +- return fmt.Errorf("creation of clair client at %s failed: %v", cmd.clairServer, err) ++ return fmt.Errorf("creation of clair client at %s failed: %v", cmd.ClairServer, err) + } + } else { + rc.cl = nil + } + // Get the path to the asset directory. +- assetDir := cmd.assetPath +- if len(cmd.assetPath) <= 0 { ++ assetDir := cmd.AssetPath ++ if len(cmd.AssetPath) <= 0 { + assetDir, err = os.Getwd() + if err != nil { + return err +@@ -131,12 +170,12 @@ func (cmd *serverCommand) Run(ctx context.Context, args []string) error { + return fmt.Errorf("creating index failed: %v", err) + } + +- if cmd.generateAndExit { ++ if cmd.GenerateAndExit { + logrus.Info("output generated, exiting...") + return nil + } + +- rc.interval = cmd.interval ++ rc.interval = cmd.Interval + ticker := time.NewTicker(rc.interval) + go func() { + // Create more indexes every X minutes based off interval. +@@ -174,12 +213,12 @@ func (cmd *serverCommand) Run(ctx context.Context, args []string) error { + + // Set up the server. + server := &http.Server{ +- Addr: cmd.listenAddress + ":" + cmd.port, ++ Addr: cmd.ListenAddress + ":" + cmd.Port, + Handler: mux, + } +- logrus.Infof("Starting server on port %q", cmd.port) +- if len(cmd.cert) > 0 && len(cmd.key) > 0 { +- return server.ListenAndServeTLS(cmd.cert, cmd.key) ++ logrus.Infof("Starting server on port %q", cmd.Port) ++ if len(cmd.Cert) > 0 && len(cmd.Key) > 0 { ++ return server.ListenAndServeTLS(cmd.Cert, cmd.Key) + } + return server.ListenAndServe() + } +-- +2.34.1 + diff --git a/app-containers/reg/files/reg.confd b/app-containers/reg/files/reg.confd new file mode 100644 index 000000000000..1bd2475decc4 --- /dev/null +++ b/app-containers/reg/files/reg.confd @@ -0,0 +1,2 @@ +# arguments for reg server +command_args="--asset-path=/var/lib/reg" diff --git a/app-containers/reg/files/reg.initd b/app-containers/reg/files/reg.initd new file mode 100644 index 000000000000..7759f44f376c --- /dev/null +++ b/app-containers/reg/files/reg.initd @@ -0,0 +1,19 @@ +#!/sbin/openrc-run +# Copyright 2016-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +description="Reg server - providing a UI for Docker Registry" +pidfile=${pidfile:-"/run/${RC_SVCNAME}.pid"} +user=${user:-${RC_SVCNAME}} +group=${group:-${RC_SVCNAME}} + +command="/usr/bin/reg server" +command_args="${command_args:---asset-path=/var/lib/reg}" +command_background="true" +start_stop_daemon_args="--user ${user} --group ${group} \ + --stdout /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log \ + --stderr /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log" + +depend() { + after net +} diff --git a/app-containers/reg/metadata.xml b/app-containers/reg/metadata.xml new file mode 100644 index 000000000000..0d1d641a5742 --- /dev/null +++ b/app-containers/reg/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> + <upstream> + <remote-id type="github">genuinetools/reg</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/reg/reg-0.16.1-r1.ebuild b/app-containers/reg/reg-0.16.1-r1.ebuild new file mode 100644 index 000000000000..a7f35b0e2b85 --- /dev/null +++ b/app-containers/reg/reg-0.16.1-r1.ebuild @@ -0,0 +1,46 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +GIT_COMMIT=4203e559f331009df04a3ca47820989c6c43e138 +inherit go-module + +DESCRIPTION="Docker registry v2 command line client" +HOMEPAGE="https://github.com/genuinetools/reg" +SRC_URI="https://github.com/genuinetools/reg/archive/${GIT_COMMIT}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="MIT Apache-2.0 BSD BSD-2 CC-BY-SA-4.0 ISC" +SLOT="0" +KEYWORDS="~amd64" + +DEPEND="acct-group/reg + acct-user/reg +" +RDEPEND="${DEPEND}" + +RESTRICT+=" test " +S="${WORKDIR}/${PN}-${GIT_COMMIT}" + +PATCHES=( + "${FILESDIR}"/${P}-config.patch +) + +src_compile() { + export -n XDG_CACHE_HOME + ego build -ldflags " + -X ${EGO_PN}/version.GITCOMMIT=${GIT_COMMIT} + -X ${EGO_PN}/version.VERSION=${PV}" \ + -o reg . +} + +src_install() { + dobin reg + dodoc README.md + insinto /var/lib/${PN} + doins -r server/* + newinitd "${FILESDIR}"/reg.initd reg + newconfd "${FILESDIR}"/reg.confd reg + keepdir /var/log/reg + fowners -R reg:reg /var/log/reg /var/lib/reg/static +} diff --git a/app-containers/runc/Manifest b/app-containers/runc/Manifest new file mode 100644 index 000000000000..acb6c17123e9 --- /dev/null +++ b/app-containers/runc/Manifest @@ -0,0 +1,3 @@ +DIST runc-1.1.12.tar.gz 2522196 BLAKE2B 14fe8d5f82d5b4d7f6b4bb9111c5d258e74f6a44aeb51fc87c69104e95b9bf24a3d503f4cc5dedb40d542fbd4b6e27273f456bda4fcf3bc298eb93ae292d9663 SHA512 92e8ac54a77d7ebcc76b5a9cc08d9a064211f12e9d26f064070cc203a5afb11c3af28d8f556f297513f797a2933d50bf10a8f22e307724041d66aa8c5ca1d9d3 +DIST runc-1.1.7.tar.gz 2511464 BLAKE2B 63f09052659636b62185abbb178f7e104d22125190899e80e71ed2ba35567eb855abf786d3c7fff3dd9a1ab43ee282fcaecb6650cd8a1ce49c05acefd7c12cde SHA512 e3a18f04ac2c3553a815074ca64e04cfd71af54d78edbd4a13819f187476f96d7311c23bb63fb5c311b91865db4540985a6f9daa84819b0bac5f023b3b2a832c +DIST runc-1.1.9.tar.gz 2512231 BLAKE2B 4e8e2a454231492f83de34bf66ba25a02b8925b6ef0af2206cdf4ab3299173d3452cea4d51fcfeb02026df288dd8ca6c44ecd35fb075f25f56fd7bc07f873af7 SHA512 020986f2df49c45394d0acbfa4da62663353004550d9b4409f6cfe8369972a090fb8020e4a05342754bde5c1fbe9fcf3868faed2dceed5d54460c3373cdd2278 diff --git a/app-containers/runc/metadata.xml b/app-containers/runc/metadata.xml new file mode 100644 index 000000000000..09cd07da70ce --- /dev/null +++ b/app-containers/runc/metadata.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <longdescription lang="en"> + runc is a CLI tool for spawning and running containers according + to the OCF (Open Container Format) specification. + </longdescription> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> + <use> + <flag name="kmem"> + Enable Kernel Memory Accounting. + </flag> + </use> + <upstream> + <remote-id type="github">opencontainers/runc</remote-id> + <remote-id type="cpe">cpe:/a:linuxfoundation:runc</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/runc/runc-1.1.12.ebuild b/app-containers/runc/runc-1.1.12.ebuild new file mode 100644 index 000000000000..c605e6d0a2c3 --- /dev/null +++ b/app-containers/runc/runc-1.1.12.ebuild @@ -0,0 +1,78 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module linux-info + +# update on bump, look for https://github.com/docker\ +# docker-ce/blob/<docker ver OR branch>/components/engine/hack/dockerfile/install/runc.installer +RUNC_COMMIT=51d5e94601ceffbbd85688df1c928ecccbfa4685 +CONFIG_CHECK="~USER_NS" + +DESCRIPTION="runc container cli tools" +HOMEPAGE="http://github.com/opencontainers/runc/" +MY_PV="${PV/_/-}" +SRC_URI="https://github.com/opencontainers/${PN}/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0 BSD-2 BSD MIT" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +IUSE="apparmor hardened +kmem +seccomp selinux test" + +DEPEND="seccomp? ( sys-libs/libseccomp )" + +RDEPEND=" + ${DEPEND} + !app-emulation/docker-runc + apparmor? ( sys-libs/libapparmor ) + selinux? ( sec-policy/selinux-container ) +" + +BDEPEND=" + dev-go/go-md2man + test? ( "${RDEPEND}" ) +" + +# tests need busybox binary, and portage namespace +# sandboxing disabled: mount-sandbox pid-sandbox ipc-sandbox +# majority of tests pass +RESTRICT+=" test" + +S="${WORKDIR}/${PN}-${MY_PV}" + +src_compile() { + # Taken from app-containers/docker-1.7.0-r1 + export CGO_CFLAGS="-I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="$(usex hardened '-fno-PIC ' '') + -L${ESYSROOT}/usr/$(get_libdir)" + + # build up optional flags + local options=( + $(usev apparmor) + $(usev seccomp) + $(usex kmem '' 'nokmem') + ) + + myemakeargs=( + BUILDTAGS="${options[*]}" + COMMIT="${RUNC_COMMIT}" + ) + + emake "${myemakeargs[@]}" runc man +} + +src_install() { + myemakeargs+=( + PREFIX="${ED}/usr" + BINDIR="${ED}/usr/bin" + MANDIR="${ED}/usr/share/man" + ) + emake "${myemakeargs[@]}" install install-man install-bash + + local DOCS=( README.md PRINCIPLES.md docs/. ) + einstalldocs +} + +src_test() { + emake "${myemakeargs[@]}" localunittest +} diff --git a/app-containers/runc/runc-1.1.7.ebuild b/app-containers/runc/runc-1.1.7.ebuild new file mode 100644 index 000000000000..01b66cb34800 --- /dev/null +++ b/app-containers/runc/runc-1.1.7.ebuild @@ -0,0 +1,78 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module linux-info + +# update on bump, look for https://github.com/docker\ +# docker-ce/blob/<docker ver OR branch>/components/engine/hack/dockerfile/install/runc.installer +RUNC_COMMIT=4ffc61430bbe6d3d405bdf357b766bf303ff3cc5 +CONFIG_CHECK="~USER_NS" + +DESCRIPTION="runc container cli tools" +HOMEPAGE="http://github.com/opencontainers/runc/" +MY_PV="${PV/_/-}" +SRC_URI="https://github.com/opencontainers/${PN}/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0 BSD-2 BSD MIT" +SLOT="0" +KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv ~x86" +IUSE="apparmor hardened +kmem +seccomp selinux test" + +DEPEND="seccomp? ( sys-libs/libseccomp )" + +RDEPEND=" + ${DEPEND} + !app-emulation/docker-runc + apparmor? ( sys-libs/libapparmor ) + selinux? ( sec-policy/selinux-container ) +" + +BDEPEND=" + dev-go/go-md2man + test? ( "${RDEPEND}" ) +" + +# tests need busybox binary, and portage namespace +# sandboxing disabled: mount-sandbox pid-sandbox ipc-sandbox +# majority of tests pass +RESTRICT+=" test" + +S="${WORKDIR}/${PN}-${MY_PV}" + +src_compile() { + # Taken from app-containers/docker-1.7.0-r1 + export CGO_CFLAGS="-I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="$(usex hardened '-fno-PIC ' '') + -L${ESYSROOT}/usr/$(get_libdir)" + + # build up optional flags + local options=( + $(usev apparmor) + $(usev seccomp) + $(usex kmem '' 'nokmem') + ) + + myemakeargs=( + BUILDTAGS="${options[*]}" + COMMIT="${RUNC_COMMIT}" + ) + + emake "${myemakeargs[@]}" runc man +} + +src_install() { + myemakeargs+=( + PREFIX="${ED}/usr" + BINDIR="${ED}/usr/bin" + MANDIR="${ED}/usr/share/man" + ) + emake "${myemakeargs[@]}" install install-man install-bash + + local DOCS=( README.md PRINCIPLES.md docs/. ) + einstalldocs +} + +src_test() { + emake "${myemakeargs[@]}" localunittest +} diff --git a/app-containers/runc/runc-1.1.9.ebuild b/app-containers/runc/runc-1.1.9.ebuild new file mode 100644 index 000000000000..3d5796186404 --- /dev/null +++ b/app-containers/runc/runc-1.1.9.ebuild @@ -0,0 +1,78 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module linux-info + +# update on bump, look for https://github.com/docker\ +# docker-ce/blob/<docker ver OR branch>/components/engine/hack/dockerfile/install/runc.installer +RUNC_COMMIT=ccaecfcbc907d70a7aa870a6650887b901b25b82 +CONFIG_CHECK="~USER_NS" + +DESCRIPTION="runc container cli tools" +HOMEPAGE="http://github.com/opencontainers/runc/" +MY_PV="${PV/_/-}" +SRC_URI="https://github.com/opencontainers/${PN}/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0 BSD-2 BSD MIT" +SLOT="0" +KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv ~x86" +IUSE="apparmor hardened +kmem +seccomp selinux test" + +DEPEND="seccomp? ( sys-libs/libseccomp )" + +RDEPEND=" + ${DEPEND} + !app-emulation/docker-runc + apparmor? ( sys-libs/libapparmor ) + selinux? ( sec-policy/selinux-container ) +" + +BDEPEND=" + dev-go/go-md2man + test? ( "${RDEPEND}" ) +" + +# tests need busybox binary, and portage namespace +# sandboxing disabled: mount-sandbox pid-sandbox ipc-sandbox +# majority of tests pass +RESTRICT+=" test" + +S="${WORKDIR}/${PN}-${MY_PV}" + +src_compile() { + # Taken from app-containers/docker-1.7.0-r1 + export CGO_CFLAGS="-I${ESYSROOT}/usr/include" + export CGO_LDFLAGS="$(usex hardened '-fno-PIC ' '') + -L${ESYSROOT}/usr/$(get_libdir)" + + # build up optional flags + local options=( + $(usev apparmor) + $(usev seccomp) + $(usex kmem '' 'nokmem') + ) + + myemakeargs=( + BUILDTAGS="${options[*]}" + COMMIT="${RUNC_COMMIT}" + ) + + emake "${myemakeargs[@]}" runc man +} + +src_install() { + myemakeargs+=( + PREFIX="${ED}/usr" + BINDIR="${ED}/usr/bin" + MANDIR="${ED}/usr/share/man" + ) + emake "${myemakeargs[@]}" install install-man install-bash + + local DOCS=( README.md PRINCIPLES.md docs/. ) + einstalldocs +} + +src_test() { + emake "${myemakeargs[@]}" localunittest +} diff --git a/app-containers/s6-overlay/Manifest b/app-containers/s6-overlay/Manifest new file mode 100644 index 000000000000..b5a39bab89bf --- /dev/null +++ b/app-containers/s6-overlay/Manifest @@ -0,0 +1 @@ +DIST s6-overlay-2.1.0.2.tar.gz 30688 BLAKE2B 14d631a23be831d9dbc62a7e5ca341320eb8a0f46ae94d243bba4d6ba8fe9f6102dc818555398af64a207ea3056eb2cbbe045b5ec3baaf7d3a058217ad20e4f7 SHA512 6ff18566c64031fca985b36d6cbba646c3fb5c7f16a9d2dcca74e66ed4de5f10399c2142453e550c4e711f716158b91dd5777c7f6a03a91ed61ca9e81d6cef30 diff --git a/app-containers/s6-overlay/metadata.xml b/app-containers/s6-overlay/metadata.xml new file mode 100644 index 000000000000..1ac1fdb7dff3 --- /dev/null +++ b/app-containers/s6-overlay/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> + <upstream> + <remote-id type="github">just-containers/s6-overlay</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/s6-overlay/s6-overlay-2.1.0.2-r1.ebuild b/app-containers/s6-overlay/s6-overlay-2.1.0.2-r1.ebuild new file mode 100644 index 000000000000..17960297fa00 --- /dev/null +++ b/app-containers/s6-overlay/s6-overlay-2.1.0.2-r1.ebuild @@ -0,0 +1,61 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +if [[ ${PV} = 9999 ]]; then + EGIT_REPO_URI="https://github.com/just-containers/${PN}" + inherit git-r3 +else + SRC_URI="https://github.com/just-containers/${PN}/archive/v${PV}.tar.gz -> + ${P}.tar.gz" + KEYWORDS="~amd64" +fi + +DESCRIPTION="an s6-based init system for containers" +HOMEPAGE="https://github.com/just-containers/s6-overlay" + +LICENSE="ISC" +SLOT="0" +IUSE="" + +DEPEND="" +RDEPEND="sys-apps/s6 + sys-apps/s6-portable-utils" + +src_install() { + dodoc *.md + cd builder/overlay-rootfs + dobin usr/bin/{fix-attrs,logutil*,print*,with*} + + insinto / + doins -r etc init + + # create must exist directories + dodir /etc/{cont-init.d,cont-finish.d,fix-attrs.d,services.d} + dodir /etc/s6/init/env-stage2 + + # create "supervise" directory in fdholder, its needed for no-catchall + # stage2 wake up + dodir /etc/s6/services/s6-fdholderd/supervise + fperms 0700 /etc/s6/services/s6-fdholderd/supervise + + # fix misc permissions + fperms 0755 /init + fperms 0755 /etc/s6/init/init-stage1 \ + /etc/s6/init/init-stage2 \ + /etc/s6/init/init-stage2-redirfd \ + /etc/s6/init/init-stage3 + fperms 0755 /etc/s6/init-catchall/init-stage1 \ + /etc/s6/init-catchall/init-stage2 + fperms 0755 /etc/s6/init-no-catchall/init-stage1 \ + /etc/s6/init-no-catchall/init-stage2 + fperms 0755 /etc/s6/services/.s6-svscan/crash + fperms 0755 /etc/s6/services/.s6-svscan/finish + fperms 0755 /etc/s6/services/s6-fdholderd/run + fperms 0755 /etc/s6/services/s6-svscan-log/run + + # create a stub for the s6-overlay-preinit setuid program, since + # it's really not needed when permissions are already correct + dosym true /bin/s6-overlay-preinit +} diff --git a/app-containers/sen/Manifest b/app-containers/sen/Manifest new file mode 100644 index 000000000000..f610c5c57e56 --- /dev/null +++ b/app-containers/sen/Manifest @@ -0,0 +1 @@ +DIST sen-0.6.1_p20200905.tar.gz 1913978 BLAKE2B 189bff583770265de29ca3e54cad1283051c05eccab4fc98160801e50b31376188c52e49b43972292fe231b376ba42879fb34d7b1ae70c2246d676a6e25f670b SHA512 cd1899c1b4c5c7cf7f1f2f5e557bd609a7d7619dbc3fc6457f5ef5ce5c9ab43d92a6fbfa228c43d543d4f46c7928d74dbed9ab8346cabc772c8e7c63a7c07bfe diff --git a/app-containers/sen/metadata.xml b/app-containers/sen/metadata.xml new file mode 100644 index 000000000000..fbd85595ef5f --- /dev/null +++ b/app-containers/sen/metadata.xml @@ -0,0 +1,9 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <!-- maintainer-needed --> + <upstream> + <remote-id type="github">TomasTomecek/sen</remote-id> + <remote-id type="pypi">sen</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/sen/sen-0.6.1_p20200905-r1.ebuild b/app-containers/sen/sen-0.6.1_p20200905-r1.ebuild new file mode 100644 index 000000000000..9f7bf271cf92 --- /dev/null +++ b/app-containers/sen/sen-0.6.1_p20200905-r1.ebuild @@ -0,0 +1,41 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DISTUTILS_USE_PEP517=setuptools +PYTHON_COMPAT=( python3_{9..11} ) +inherit distutils-r1 + +COMMIT="02e5872ee2905861e1da06ab5174e1a3f41f0e0b" + +DESCRIPTION="Terminal User Interface for docker engine" +HOMEPAGE="https://github.com/TomasTomecek/sen" +SRC_URI="https://github.com/TomasTomecek/${PN}/archive/${COMMIT}.tar.gz -> ${P}.tar.gz" +S="${WORKDIR}/${PN}-${COMMIT}" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~amd64" + +RDEPEND=" + dev-python/urwid[${PYTHON_USEDEP}] + dev-python/urwidtrees[${PYTHON_USEDEP}] + dev-python/docker[${PYTHON_USEDEP}] +" +BDEPEND=" + test? ( + dev-python/flexmock[${PYTHON_USEDEP}] + ) +" + +distutils_enable_tests pytest + +python_install_all() { + distutils-r1_python_install_all + dodoc -r docs +} + +python_test() { + epytest tests +} diff --git a/app-containers/skopeo/Manifest b/app-containers/skopeo/Manifest new file mode 100644 index 000000000000..17b91a05315b --- /dev/null +++ b/app-containers/skopeo/Manifest @@ -0,0 +1,3 @@ +DIST skopeo-1.14.0.tar.gz 10548883 BLAKE2B 6ecf54d236405ce59bedf77acc124fa8b3bb12acefa24a679a1d2d85957ddf585b5a6ba163806b8b7b510485d936adbe1afd6eee8c92b267b948f7d78ac83d05 SHA512 59d329036a97cbeca4de20b15d9dd8adacd5201834b26ae5e5c88b05594b2a7101c22da91f22c35c07a98e41afa28f2c7103e660b3847c7f8c9691f27f4c4146 +DIST skopeo-1.14.2.tar.gz 10547979 BLAKE2B bca47d82380ad714397dc8e36e365a3e81fc628b47519b022ecb5edd2a03ce8972c066af350cd1f0b5a3d9d6c1585f0729b32a1a829cfc4eaefc1c7fc9dc2667 SHA512 ffb3c00cdde05f7a916bd3980c9cec1bb82b3f3bf90058bfff1837d3a9902087ac011828e6164baec18210d4aeee1a5258b75405411fd15ea2470a2522a6da73 +DIST skopeo-1.15.0.tar.gz 10710505 BLAKE2B b6804561ec96ce7f987ccdaf5a89aa7f5fd0ed2da1307467b4c1857386508d88e3fd28f066f49b136962e232b89594484610fc4f6b494be6a98b64908900865b SHA512 71fb94fd2cf9937bf2dd969c8b1b74f5b66eb2ac2bd9358e8c8983c3fd6548311ca274ed2f8c3f088c3c9d6032962075da1890449dcd25dcfd49882acbfa20de diff --git a/app-containers/skopeo/metadata.xml b/app-containers/skopeo/metadata.xml new file mode 100644 index 000000000000..59cd39c52a42 --- /dev/null +++ b/app-containers/skopeo/metadata.xml @@ -0,0 +1,26 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> + <maintainer type="person" proxied="yes"> + <email>me@rahil.rocks</email> + <name>Rahil Bhimjiani</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <use> + <flag name="btrfs">Enables dependencies for the "btrfs" graph driver.</flag> + <flag name="device-mapper">Compiles with libdevmapper</flag> + <flag name="rootless">Compiles with libsubid</flag> + </use> + <upstream> + <remote-id type="github">containers/skopeo</remote-id> + <bugs-to>https://github.com/containers/skopeo/issues</bugs-to> + <doc>https://github.com/containers/skopeo/blob/main/README.md</doc> + </upstream> +</pkgmetadata> diff --git a/app-containers/skopeo/skopeo-1.14.0-r3.ebuild b/app-containers/skopeo/skopeo-1.14.0-r3.ebuild new file mode 100644 index 000000000000..462b948cd231 --- /dev/null +++ b/app-containers/skopeo/skopeo-1.14.0-r3.ebuild @@ -0,0 +1,69 @@ +# Copyright 2023-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module linux-info + +DESCRIPTION="Work with remote container images registries" +HOMEPAGE="https://github.com/containers/skopeo" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/skopeo.git" +else + SRC_URI="https://github.com/containers/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="amd64 arm64" +fi + +# main +LICENSE="Apache-2.0 BSD BSD-2 CC-BY-SA-4.0 ISC MIT" +SLOT="0" +IUSE="btrfs device-mapper rootless" + +COMMON_DEPEND=" + >=app-crypt/gpgme-1.5.5:= + >=dev-libs/libassuan-2.4.3:= + btrfs? ( >=sys-fs/btrfs-progs-4.0.1 ) + device-mapper? ( >=sys-fs/lvm2-2.02.145:= ) + rootless? ( sys-apps/shadow:= ) +" + +# TODO: Is this really needed? cause upstream doesnt mention it https://github.com/containers/skopeo/blob/main/install.md#building-from-source +# dev-libs/libgpg-error:= +DEPEND="${COMMON_DEPEND}" +RDEPEND=" + ${COMMON_DEPEND} + app-containers/containers-common +" +BDEPEND="dev-go/go-md2man" + +RESTRICT="test" + +pkg_setup() { + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + use device-mapper && CONFIG_CHECK+=" ~MD" + linux-info_pkg_setup +} + +run_make() { + emake \ + BTRFS_BUILD_TAG="$(usex btrfs '' 'btrfs_noversion exclude_graphdriver_btrfs')" \ + CONTAINERSCONFDIR="${EPREFIX}/etc/containers" \ + LIBDM_BUILD_TAG="$(usex device-mapper '' 'libdm_no_deferred_remove exclude_graphdriver_devicemapper')" \ + LIBSUBID_BUILD_TAG="$(usex rootless 'libsubid' '')" \ + PREFIX="${EPREFIX}/usr" \ + $@ +} + +src_compile() { + run_make all completions +} + +src_install() { + # The install target in the Makefile tries to rebuild the binary and + # installs things that are already installed by containers-common. + dobin bin/skopeo + einstalldocs + doman docs/*.1 + run_make "DESTDIR=${D}" install-completions +} diff --git a/app-containers/skopeo/skopeo-1.14.2.ebuild b/app-containers/skopeo/skopeo-1.14.2.ebuild new file mode 100644 index 000000000000..ab892d6789a8 --- /dev/null +++ b/app-containers/skopeo/skopeo-1.14.2.ebuild @@ -0,0 +1,69 @@ +# Copyright 2023-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module linux-info + +DESCRIPTION="Work with remote container images registries" +HOMEPAGE="https://github.com/containers/skopeo" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/skopeo.git" +else + SRC_URI="https://github.com/containers/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~arm64" +fi + +# main +LICENSE="Apache-2.0 BSD BSD-2 CC-BY-SA-4.0 ISC MIT" +SLOT="0" +IUSE="btrfs device-mapper rootless" + +COMMON_DEPEND=" + >=app-crypt/gpgme-1.5.5:= + >=dev-libs/libassuan-2.4.3:= + btrfs? ( >=sys-fs/btrfs-progs-4.0.1 ) + device-mapper? ( >=sys-fs/lvm2-2.02.145:= ) + rootless? ( sys-apps/shadow:= ) +" + +# TODO: Is this really needed? cause upstream doesnt mention it https://github.com/containers/skopeo/blob/main/install.md#building-from-source +# dev-libs/libgpg-error:= +DEPEND="${COMMON_DEPEND}" +RDEPEND=" + ${COMMON_DEPEND} + app-containers/containers-common +" +BDEPEND="dev-go/go-md2man" + +RESTRICT="test" + +pkg_setup() { + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + use device-mapper && CONFIG_CHECK+=" ~MD" + linux-info_pkg_setup +} + +run_make() { + emake \ + BTRFS_BUILD_TAG="$(usex btrfs '' 'btrfs_noversion exclude_graphdriver_btrfs')" \ + CONTAINERSCONFDIR="${EPREFIX}/etc/containers" \ + LIBDM_BUILD_TAG="$(usex device-mapper '' 'libdm_no_deferred_remove exclude_graphdriver_devicemapper')" \ + LIBSUBID_BUILD_TAG="$(usex rootless 'libsubid' '')" \ + PREFIX="${EPREFIX}/usr" \ + $@ +} + +src_compile() { + run_make all completions +} + +src_install() { + # The install target in the Makefile tries to rebuild the binary and + # installs things that are already installed by containers-common. + dobin bin/skopeo + einstalldocs + doman docs/*.1 + run_make "DESTDIR=${D}" install-completions +} diff --git a/app-containers/skopeo/skopeo-1.15.0.ebuild b/app-containers/skopeo/skopeo-1.15.0.ebuild new file mode 100644 index 000000000000..ab892d6789a8 --- /dev/null +++ b/app-containers/skopeo/skopeo-1.15.0.ebuild @@ -0,0 +1,69 @@ +# Copyright 2023-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module linux-info + +DESCRIPTION="Work with remote container images registries" +HOMEPAGE="https://github.com/containers/skopeo" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/skopeo.git" +else + SRC_URI="https://github.com/containers/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~arm64" +fi + +# main +LICENSE="Apache-2.0 BSD BSD-2 CC-BY-SA-4.0 ISC MIT" +SLOT="0" +IUSE="btrfs device-mapper rootless" + +COMMON_DEPEND=" + >=app-crypt/gpgme-1.5.5:= + >=dev-libs/libassuan-2.4.3:= + btrfs? ( >=sys-fs/btrfs-progs-4.0.1 ) + device-mapper? ( >=sys-fs/lvm2-2.02.145:= ) + rootless? ( sys-apps/shadow:= ) +" + +# TODO: Is this really needed? cause upstream doesnt mention it https://github.com/containers/skopeo/blob/main/install.md#building-from-source +# dev-libs/libgpg-error:= +DEPEND="${COMMON_DEPEND}" +RDEPEND=" + ${COMMON_DEPEND} + app-containers/containers-common +" +BDEPEND="dev-go/go-md2man" + +RESTRICT="test" + +pkg_setup() { + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + use device-mapper && CONFIG_CHECK+=" ~MD" + linux-info_pkg_setup +} + +run_make() { + emake \ + BTRFS_BUILD_TAG="$(usex btrfs '' 'btrfs_noversion exclude_graphdriver_btrfs')" \ + CONTAINERSCONFDIR="${EPREFIX}/etc/containers" \ + LIBDM_BUILD_TAG="$(usex device-mapper '' 'libdm_no_deferred_remove exclude_graphdriver_devicemapper')" \ + LIBSUBID_BUILD_TAG="$(usex rootless 'libsubid' '')" \ + PREFIX="${EPREFIX}/usr" \ + $@ +} + +src_compile() { + run_make all completions +} + +src_install() { + # The install target in the Makefile tries to rebuild the binary and + # installs things that are already installed by containers-common. + dobin bin/skopeo + einstalldocs + doman docs/*.1 + run_make "DESTDIR=${D}" install-completions +} diff --git a/app-containers/skopeo/skopeo-9999.ebuild b/app-containers/skopeo/skopeo-9999.ebuild new file mode 100644 index 000000000000..ab892d6789a8 --- /dev/null +++ b/app-containers/skopeo/skopeo-9999.ebuild @@ -0,0 +1,69 @@ +# Copyright 2023-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module linux-info + +DESCRIPTION="Work with remote container images registries" +HOMEPAGE="https://github.com/containers/skopeo" + +if [[ ${PV} == 9999* ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/containers/skopeo.git" +else + SRC_URI="https://github.com/containers/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~arm64" +fi + +# main +LICENSE="Apache-2.0 BSD BSD-2 CC-BY-SA-4.0 ISC MIT" +SLOT="0" +IUSE="btrfs device-mapper rootless" + +COMMON_DEPEND=" + >=app-crypt/gpgme-1.5.5:= + >=dev-libs/libassuan-2.4.3:= + btrfs? ( >=sys-fs/btrfs-progs-4.0.1 ) + device-mapper? ( >=sys-fs/lvm2-2.02.145:= ) + rootless? ( sys-apps/shadow:= ) +" + +# TODO: Is this really needed? cause upstream doesnt mention it https://github.com/containers/skopeo/blob/main/install.md#building-from-source +# dev-libs/libgpg-error:= +DEPEND="${COMMON_DEPEND}" +RDEPEND=" + ${COMMON_DEPEND} + app-containers/containers-common +" +BDEPEND="dev-go/go-md2man" + +RESTRICT="test" + +pkg_setup() { + use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" + use device-mapper && CONFIG_CHECK+=" ~MD" + linux-info_pkg_setup +} + +run_make() { + emake \ + BTRFS_BUILD_TAG="$(usex btrfs '' 'btrfs_noversion exclude_graphdriver_btrfs')" \ + CONTAINERSCONFDIR="${EPREFIX}/etc/containers" \ + LIBDM_BUILD_TAG="$(usex device-mapper '' 'libdm_no_deferred_remove exclude_graphdriver_devicemapper')" \ + LIBSUBID_BUILD_TAG="$(usex rootless 'libsubid' '')" \ + PREFIX="${EPREFIX}/usr" \ + $@ +} + +src_compile() { + run_make all completions +} + +src_install() { + # The install target in the Makefile tries to rebuild the binary and + # installs things that are already installed by containers-common. + dobin bin/skopeo + einstalldocs + doman docs/*.1 + run_make "DESTDIR=${D}" install-completions +} diff --git a/app-containers/slirp4netns/Manifest b/app-containers/slirp4netns/Manifest new file mode 100644 index 000000000000..aaf8b2828349 --- /dev/null +++ b/app-containers/slirp4netns/Manifest @@ -0,0 +1,3 @@ +DIST slirp4netns-1.1.12.tar.gz 60223 BLAKE2B 2bd4ed6cded075a151fec0e6b2222b0a72f2027d702cd3e2760ab8c811e375ea5becfeb32ccf71f4b41a257b9e7f32852d6d805912ad950da3364e240d191674 SHA512 82584e40079c2a7730c098f2a2406dc042498f7d50cc9ad8404acf3bb3a50c6969737be531d64b2eca6ba86a968bb5bfea9ad10eba4979cc40a5da5c9745ebdb +DIST slirp4netns-1.1.9.tar.gz 58951 BLAKE2B e4fde408b3cd55dec0cca495c58936ec32c6201a0fe63c1a9fc9502ac41da615f92271d5fb365475f6864dd3c195097c81f01268b1b8d10d0f888c4e154cac34 SHA512 6471bf2b2eff9bd3ef037de986ab612f20bfce7a52bfd2b1b434d0606a3d2e6170b3fc43b168c8cc6f56ffb82f8361f21a26522ac1092c71f6e694a9588d5854 +DIST slirp4netns-1.2.0.tar.gz 62617 BLAKE2B ddedfbbd64094142392bcb1730900634983a8422ae33bc9eb798e42e8f45a773ad30ba78f7a406c9db2c2a7393572a313b9464bc09c2f13343bcf6d960a9f609 SHA512 4ede7323aab92d0ad0026bc5e1aefc07898a5b50c4ff57c13eb9d8e75d73a4bb5ac992f021404053fcba2b05c56dcafcbfefbc4bbc47f72a0797ab62bd76a60a diff --git a/app-containers/slirp4netns/metadata.xml b/app-containers/slirp4netns/metadata.xml new file mode 100644 index 000000000000..0b87d9c1ea79 --- /dev/null +++ b/app-containers/slirp4netns/metadata.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + <name>Zac Medico</name> + </maintainer> + <maintainer type="person" proxied="yes"> + <email>g.braeunlich@disroot.org</email> + <name>Gerhard Bräunlich</name> + </maintainer> + <upstream> + <remote-id type="github">rootless-containers/slirp4netns</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/slirp4netns/slirp4netns-1.1.12-r1.ebuild b/app-containers/slirp4netns/slirp4netns-1.1.12-r1.ebuild new file mode 100644 index 000000000000..3895f2b716fe --- /dev/null +++ b/app-containers/slirp4netns/slirp4netns-1.1.12-r1.ebuild @@ -0,0 +1,42 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools + +DESCRIPTION="User-mode networking for unprivileged network namespaces" +HOMEPAGE="https://github.com/rootless-containers/slirp4netns" +SRC_URI="https://github.com/rootless-containers/slirp4netns/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 arm64 ~ppc64 ~riscv" + +RDEPEND=" + dev-libs/glib:2= + net-libs/libslirp:= + sys-libs/libseccomp:= + sys-libs/libcap:=" + +DEPEND="${RDEPEND}" + +BDEPEND="virtual/pkgconfig" + +RESTRICT+=" test" + +src_prepare() { + default + + # Respect AR variable for bug 722162. + sed -e 's|^AC_PROG_CC$|AC_DEFUN([AC_PROG_AR], [AC_CHECK_TOOL(AR, ar, :)])\nAC_PROG_AR\n\0|' \ + -i configure.ac || die + eautoreconf +} + +pkg_postinst() { + if [[ -z ${REPLACING_VERSIONS} ]]; then + elog "You need to have the tun kernel module loaded in order to have" + elog "slirp4netns working" + fi +} diff --git a/app-containers/slirp4netns/slirp4netns-1.1.9.ebuild b/app-containers/slirp4netns/slirp4netns-1.1.9.ebuild new file mode 100644 index 000000000000..d200849be68c --- /dev/null +++ b/app-containers/slirp4netns/slirp4netns-1.1.9.ebuild @@ -0,0 +1,40 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools + +DESCRIPTION="User-mode networking for unprivileged network namespaces" +HOMEPAGE="https://github.com/rootless-containers/slirp4netns" +SRC_URI="https://github.com/rootless-containers/slirp4netns/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +KEYWORDS="~amd64 ~arm64 ~ppc64" +LICENSE="GPL-2" +SLOT="0" + +RDEPEND=" + dev-libs/glib:2= + dev-libs/libpcre:= + net-libs/libslirp:= + sys-libs/libseccomp:= + sys-libs/libcap:=" + +DEPEND="${RDEPEND} + virtual/pkgconfig" +RESTRICT="test" + +src_prepare() { + # Respect AR variable for bug 722162. + sed -e 's|^AC_PROG_CC$|AC_DEFUN([AC_PROG_AR], [AC_CHECK_TOOL(AR, ar, :)])\nAC_PROG_AR\n\0|' \ + -i configure.ac || die + eautoreconf + default +} + +pkg_postinst() { + if [[ -z ${REPLACING_VERSIONS} ]]; then + elog "You need to have the tun kernel module loaded in order to have" + elog "slirp4netns working" + fi +} diff --git a/app-containers/slirp4netns/slirp4netns-1.2.0.ebuild b/app-containers/slirp4netns/slirp4netns-1.2.0.ebuild new file mode 100644 index 000000000000..3895f2b716fe --- /dev/null +++ b/app-containers/slirp4netns/slirp4netns-1.2.0.ebuild @@ -0,0 +1,42 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools + +DESCRIPTION="User-mode networking for unprivileged network namespaces" +HOMEPAGE="https://github.com/rootless-containers/slirp4netns" +SRC_URI="https://github.com/rootless-containers/slirp4netns/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 arm64 ~ppc64 ~riscv" + +RDEPEND=" + dev-libs/glib:2= + net-libs/libslirp:= + sys-libs/libseccomp:= + sys-libs/libcap:=" + +DEPEND="${RDEPEND}" + +BDEPEND="virtual/pkgconfig" + +RESTRICT+=" test" + +src_prepare() { + default + + # Respect AR variable for bug 722162. + sed -e 's|^AC_PROG_CC$|AC_DEFUN([AC_PROG_AR], [AC_CHECK_TOOL(AR, ar, :)])\nAC_PROG_AR\n\0|' \ + -i configure.ac || die + eautoreconf +} + +pkg_postinst() { + if [[ -z ${REPLACING_VERSIONS} ]]; then + elog "You need to have the tun kernel module loaded in order to have" + elog "slirp4netns working" + fi +} diff --git a/app-containers/snapd/Manifest b/app-containers/snapd/Manifest new file mode 100644 index 000000000000..e8b84e38cac9 --- /dev/null +++ b/app-containers/snapd/Manifest @@ -0,0 +1,5 @@ +DIST snapd-2.57.6.tar.xz 6889052 BLAKE2B 5d1190f3d1ccc6446f950cc95c09180707c3a96285bcdd197aef06b2d69cfef6daf85a93844f105dd434b29b73d3b9c832dfcbebcdc2451443eb5421046de849 SHA512 cd74fa92cddff3452448a50536ded504c68ca6f786b465b8561ccc43c02856742a895efb71bf92b8d125173e0d083faf61ca563f69da03ebf3c4df1b0b0b8d5e +DIST snapd-2.58.tar.xz 6980916 BLAKE2B d3de507513db808fa4f85498b5c238de143f06660f1d677186c8c763b38643a2486e25b747977b3eb584619d79ea0a12e88dc5a909045a853c1d8f849f2c1638 SHA512 555915b8b4d9d2d91a3ba19e9e78cf6b19d9683a9f390ad225aa5876320cb8595b464d6133706c4923fc15fbe04ba2b65a47e403c9a2d8859adae827f8ec000a +DIST snapd-2.60.3.tar.xz 7184964 BLAKE2B c40c4e041a91de1732c23b5845a322873498da76d50e0c91e97941d1fc4f6f1991fe2b009414952bf0ebb614e8e19a0015c698ff09c61a12940349ea714f77f0 SHA512 630738c956773354006c195bfe954902b0d082e94345b54c6a6795139d36e1f95a236c6e9a8947338e03caca03520c6e8c1a1c44d3788ec93107f7f97b2d952d +DIST snapd-2.60.4.tar.xz 7187708 BLAKE2B 488ca5b70e9174f07ac54cbc221a323607e337dbde45e7c4d11669ed2f61409fa7bb21b4a5432cd84fb312d92cacf19e5bccc80ef77b71233e19e158d937ac04 SHA512 3035e4e5d52fef00606bc532f855817200d9f6035f660b0377d5dccf5bb64bbf0a94a4e3b8f3941e54b62259378dae4084baa2a29fb5120c714559c899c33c0e +DIST snapd-2.61.tar.xz 7626784 BLAKE2B d716e91df4702fbd415bb6204a4557f37afd3dce187e3bca33b12a2ac5a1b54d1c31473d1537a784f6cbbfaf213f676d1f1b29d716e8c5f45a785229c9f3e018 SHA512 2fd432d7ef2204535576e980de7060ad15a0b3610b25e0f41b630ae34e172f97460f0a38d9d456af08dd36c619e90119219788a49e56a69afc7fbf014fc1db22 diff --git a/app-containers/snapd/files/README.gentoo b/app-containers/snapd/files/README.gentoo new file mode 100644 index 000000000000..f2e34601802e --- /dev/null +++ b/app-containers/snapd/files/README.gentoo @@ -0,0 +1,56 @@ +*Security Alert* + +Application confinement may be automatically disabled if snapd +fails to detect the required features. If you would like to disable +this automatic behavior, causing snapd to panic if its confinement +feature detection fails, then use this setting in package.use: + + app-emulation/snapd -forced-devmode + +Use this command to enable the snapd service: + + systemctl enable snapd.socket + +You can source /etc/profile.d/snapd.sh in your shell in order to +update PATH and XDG_DATA_DIRS environment variables to include +installed snaps. + +Once you have snapd running (first refer to the *AppArmor Section* +below if you have that enabled), see the snap-store installation +instructions here: + + https://snapcraft.io/docs/installing-snap-store-app + +If snap-store does not work correctly then it may be due to a temporary +service outage which will hopefully be reported on this page: + + https://status.snapcraft.io/ + +When snap-store is not working due to a service outage, it may still +be possible to install apps via the snap cli. See snap --help for +details. Many apps can be installed without a snap store (Ubuntu One) +account. The snap login, logout, and whoami subcommands are available +to manage snap store account details. + +Note that you will need a polkit authentication agent running in +order to authenticate as root when installing snaps as a non-root user. +The agent is typically started by a desktop entry found in +/etc/xdg/autostart such as one of these: + + polkit-gnome-authentication-agent-1.desktop + polkit-kde-authentication-agent-1.desktop + +*AppArmor Section* + +When apparmor is enabled you should enable these services: + + systemctl enable apparmor.service snapd.apparmor.service + +You also need it enabled in your kernel and you may need to add these +kernel parameters to your boot loader configuration: + + apparmor=1 security=apparmor + +Refer here for more information about apparmor: + + https://wiki.gentoo.org/wiki/AppArmor diff --git a/app-containers/snapd/metadata.xml b/app-containers/snapd/metadata.xml new file mode 100644 index 000000000000..730665fd01eb --- /dev/null +++ b/app-containers/snapd/metadata.xml @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>zmedico@gentoo.org</email> + <name>Zac Medico</name> + </maintainer> + <upstream> + <remote-id type="github">snapcore/snapd</remote-id> + </upstream> + <use> + <flag name="forced-devmode"> + Automatically disable application confinement if feature detection fails. + </flag> + </use> +</pkgmetadata> diff --git a/app-containers/snapd/snapd-2.57.6.ebuild b/app-containers/snapd/snapd-2.57.6.ebuild new file mode 100644 index 000000000000..35255adff108 --- /dev/null +++ b/app-containers/snapd/snapd-2.57.6.ebuild @@ -0,0 +1,178 @@ +# Copyright 2020-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools bash-completion-r1 flag-o-matic go-module linux-info readme.gentoo-r1 systemd xdg-utils + +DESCRIPTION="Service and tools for management of snap packages" +HOMEPAGE="http://snapcraft.io/" + +SRC_URI="https://github.com/snapcore/${PN}/releases/download/${PV}/${PN}_${PV}.vendor.tar.xz -> ${P}.tar.xz" +MY_PV=${PV} +KEYWORDS="~amd64" + +LICENSE="GPL-3 Apache-2.0 BSD BSD-2 LGPL-3-with-linking-exception MIT" +SLOT="0" +IUSE="apparmor +forced-devmode gtk kde systemd" +REQUIRED_USE="!forced-devmode? ( apparmor ) systemd" + +CONFIG_CHECK="~CGROUPS + ~CGROUP_DEVICE + ~CGROUP_FREEZER + ~NAMESPACES + ~SQUASHFS + ~SQUASHFS_ZLIB + ~SQUASHFS_LZO + ~SQUASHFS_XZ + ~BLK_DEV_LOOP + ~SECCOMP + ~SECCOMP_FILTER" + +RDEPEND=" + sys-libs/libseccomp:= + apparmor? ( + sec-policy/apparmor-profiles + sys-apps/apparmor:= + ) + dev-libs/glib + virtual/libudev + systemd? ( sys-apps/systemd ) + sys-libs/libcap:= + sys-fs/squashfs-tools[lzma]" + +DEPEND="${RDEPEND}" + +BDEPEND=" + >=dev-lang/go-1.9 + dev-python/docutils + sys-devel/gettext + sys-fs/xfsprogs" + +PDEPEND="sys-auth/polkit[gtk?,kde?]" + +README_GENTOO_SUFFIX="" + +pkg_setup() { + if use apparmor; then + CONFIG_CHECK+=" ~SECURITY_APPARMOR" + fi + linux-info_pkg_setup + + # Seems to have issues building with -O3, switch to -O2 + replace-flags -O3 -O2 +} + +src_prepare() { + default + # Update apparmor profile to allow libtinfow.so* + sed -i 's/libtinfo/libtinfo{,w}/' \ + "cmd/snap-confine/snap-confine.apparmor.in" || die + + if ! use forced-devmode; then + sed -e 's#return !apparmorFull#if !apparmorFull {\n\t\tpanic("USE=forced-devmode is disabled")\n\t}\n\treturn false#' \ + -i "sandbox/forcedevmode.go" || die + grep -q 'panic("USE=forced-devmode is disabled")' "sandbox/forcedevmode.go" || die "failed to disable forced-devmode" + fi + + sed -i 's:command -v git >/dev/null:false:' -i "mkversion.sh" || die + + ./mkversion.sh "${PV}" + pushd "cmd" >/dev/null || die + eautoreconf +} + +src_configure() { + SNAPD_MAKEARGS=( + "BINDIR=${EPREFIX}/usr/bin" + "DBUSSERVICESDIR=${EPREFIX}/usr/share/dbus-1/services" + "LIBEXECDIR=${EPREFIX}/usr/lib" + "SNAP_MOUNT_DIR=${EPREFIX}/var/lib/snapd/snap" + "SYSTEMDSYSTEMUNITDIR=$(systemd_get_systemunitdir)" + ) + export CGO_ENABLED="1" + export CGO_CFLAGS="${CFLAGS}" + export CGO_CPPFLAGS="${CPPFLAGS}" + export CGO_CXXFLAGS="${CXXFLAGS}" + + pushd "${S}/cmd" >/dev/null || die + econf --libdir="${EPREFIX}/usr/lib" \ + --libexecdir="${EPREFIX}/usr/lib/snapd" \ + $(use_enable apparmor) \ + --enable-nvidia-biarch \ + --with-snap-mount-dir="${EPREFIX}/var/lib/snapd/snap" +} + +src_compile() { + export -n GOCACHE XDG_CACHE_HOME + export GOBIN="${S}/bin" + + local file + for file in "${S}/po/"*.po; do + msgfmt "${file}" -o "${file%.po}.mo" || die + done + + emake -C "${S}/data" "${SNAPD_MAKEARGS[@]}" + + local -a flags=(-buildmode=pie -ldflags "-s -linkmode external -extldflags '${LDFLAGS}'" -trimpath) + local -a staticflags=(-buildmode=pie -ldflags "-s -linkmode external -extldflags '${LDFLAGS} -static'" -trimpath) + + local cmd + for cmd in snap snapd snapd-apparmor snap-bootstrap snap-failure snap-preseed snap-recovery-chooser snap-repair snap-seccomp; do + go build ${GOFLAGS} -mod=vendor -o "${GOBIN}/${cmd}" "${flags[@]}" \ + -v -x "github.com/snapcore/${PN}/cmd/${cmd}" + [[ -e "${GOBIN}/${cmd}" ]] || die "failed to build ${cmd}" + done + for cmd in snapctl snap-exec snap-update-ns; do + go build ${GOFLAGS} -mod=vendor -o "${GOBIN}/${cmd}" "${staticflags[@]}" \ + -v -x "github.com/snapcore/${PN}/cmd/${cmd}" + [[ -e "${GOBIN}/${cmd}" ]] || die "failed to build ${cmd}" + done +} + +src_install() { + emake -C "${S}/data" install "${SNAPD_MAKEARGS[@]}" DESTDIR="${D}" + emake -C "${S}/cmd" install "${SNAPD_MAKEARGS[@]}" DESTDIR="${D}" + + if use apparmor; then + mv "${ED}/etc/apparmor.d/usr.lib.snapd.snap-confine"{,.real} || die + keepdir /var/lib/snapd/apparmor/profiles + fi + keepdir /var/lib/snapd/{apparmor/snap-confine,cache,cookie,snap,void} + fperms 700 /var/lib/snapd/{cache,cookie} + + dobin "${GOBIN}/"{snap,snapctl} + ln "${ED}/usr/bin/snapctl" "${ED}/usr/lib/snapd/snapctl" || die + + exeinto /usr/lib/snapd + doexe "${GOBIN}/"{snapd,snapd-apparmor,snap-bootstrap,snap-failure,snap-exec,snap-preseed,snap-recovery-chooser,snap-repair,snap-seccomp,snap-update-ns} \ + "${S}/"{cmd/snap-discard-ns/snap-discard-ns,cmd/snap-gdb-shim/snap-gdb-shim,cmd/snap-mgmt/snap-mgmt} \ + "${S}/data/completion/bash/"{complete.sh,etelpmoc.sh,} + + dobashcomp "${S}/data/completion/bash/snap" + + insinto /usr/share/zsh/site-functions + doins "${S}/data/completion/zsh/_snap" + + insinto "/usr/share/polkit-1/actions" + doins "${S}/data/polkit/io.snapcraft.snapd.policy" + + dodoc "${S}/packaging/ubuntu-16.04/changelog" + domo "${S}/po/"*.mo + + readme.gentoo_create_doc +} + +pkg_postinst() { + readme.gentoo_print_elog + xdg_desktop_database_update + + if use apparmor && [[ -z ${ROOT} && -e /sys/kernel/security/apparmor/profiles && + $(wc -l < /sys/kernel/security/apparmor/profiles) -gt 0 ]]; then + apparmor_parser -r "${EPREFIX}/etc/apparmor.d/usr.lib.snapd.snap-confine.real" + fi +} + +pkg_postrm() { + xdg_desktop_database_update +} diff --git a/app-containers/snapd/snapd-2.58.ebuild b/app-containers/snapd/snapd-2.58.ebuild new file mode 100644 index 000000000000..09043d528c25 --- /dev/null +++ b/app-containers/snapd/snapd-2.58.ebuild @@ -0,0 +1,179 @@ +# Copyright 2020-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools bash-completion-r1 flag-o-matic go-module linux-info readme.gentoo-r1 systemd tmpfiles xdg-utils + +DESCRIPTION="Service and tools for management of snap packages" +HOMEPAGE="http://snapcraft.io/" + +SRC_URI="https://github.com/snapcore/${PN}/releases/download/${PV}/${PN}_${PV}.vendor.tar.xz -> ${P}.tar.xz" +MY_PV=${PV} +KEYWORDS="amd64" + +LICENSE="GPL-3 Apache-2.0 BSD BSD-2 LGPL-3-with-linking-exception MIT" +SLOT="0" +IUSE="apparmor +forced-devmode gtk kde systemd" +REQUIRED_USE="!forced-devmode? ( apparmor ) systemd" + +CONFIG_CHECK="~CGROUPS + ~CGROUP_DEVICE + ~CGROUP_FREEZER + ~NAMESPACES + ~SQUASHFS + ~SQUASHFS_ZLIB + ~SQUASHFS_LZO + ~SQUASHFS_XZ + ~BLK_DEV_LOOP + ~SECCOMP + ~SECCOMP_FILTER" + +RDEPEND=" + sys-libs/libseccomp:= + apparmor? ( + sec-policy/apparmor-profiles + sys-apps/apparmor:= + ) + dev-libs/glib + virtual/libudev + systemd? ( sys-apps/systemd ) + sys-libs/libcap:= + sys-fs/squashfs-tools[lzma]" + +DEPEND="${RDEPEND}" + +BDEPEND=" + >=dev-lang/go-1.9 + dev-python/docutils + sys-devel/gettext + sys-fs/xfsprogs" + +PDEPEND="sys-auth/polkit[gtk?,kde?]" + +README_GENTOO_SUFFIX="" + +pkg_setup() { + if use apparmor; then + CONFIG_CHECK+=" ~SECURITY_APPARMOR" + fi + linux-info_pkg_setup + + # Seems to have issues building with -O3, switch to -O2 + replace-flags -O3 -O2 +} + +src_prepare() { + default + # Update apparmor profile to allow libtinfow.so* + sed -i 's/libtinfo/libtinfo{,w}/' \ + "cmd/snap-confine/snap-confine.apparmor.in" || die + + if ! use forced-devmode; then + sed -e 's#return !apparmorFull#if !apparmorFull {\n\t\tpanic("USE=forced-devmode is disabled")\n\t}\n\treturn false#' \ + -i "sandbox/forcedevmode.go" || die + grep -q 'panic("USE=forced-devmode is disabled")' "sandbox/forcedevmode.go" || die "failed to disable forced-devmode" + fi + + sed -i 's:command -v git >/dev/null:false:' -i "mkversion.sh" || die + + ./mkversion.sh "${PV}" + pushd "cmd" >/dev/null || die + eautoreconf +} + +src_configure() { + SNAPD_MAKEARGS=( + "BINDIR=${EPREFIX}/usr/bin" + "DBUSSERVICESDIR=${EPREFIX}/usr/share/dbus-1/services" + "LIBEXECDIR=${EPREFIX}/usr/lib" + "SNAP_MOUNT_DIR=${EPREFIX}/var/lib/snapd/snap" + "SYSTEMDSYSTEMUNITDIR=$(systemd_get_systemunitdir)" + ) + export CGO_ENABLED="1" + export CGO_CFLAGS="${CFLAGS}" + export CGO_CPPFLAGS="${CPPFLAGS}" + export CGO_CXXFLAGS="${CXXFLAGS}" + + pushd "${S}/cmd" >/dev/null || die + econf --libdir="${EPREFIX}/usr/lib" \ + --libexecdir="${EPREFIX}/usr/lib/snapd" \ + $(use_enable apparmor) \ + --enable-nvidia-biarch \ + --with-snap-mount-dir="${EPREFIX}/var/lib/snapd/snap" +} + +src_compile() { + export -n GOCACHE XDG_CACHE_HOME + export GOBIN="${S}/bin" + + local file + for file in "${S}/po/"*.po; do + msgfmt "${file}" -o "${file%.po}.mo" || die + done + + emake -C "${S}/data" "${SNAPD_MAKEARGS[@]}" + + local -a flags=(-buildmode=pie -ldflags "-s -linkmode external -extldflags '${LDFLAGS}'" -trimpath) + local -a staticflags=(-buildmode=pie -ldflags "-s -linkmode external -extldflags '${LDFLAGS} -static'" -trimpath) + + local cmd + for cmd in snap snapd snapd-apparmor snap-bootstrap snap-failure snap-preseed snap-recovery-chooser snap-repair snap-seccomp; do + go build ${GOFLAGS} -mod=vendor -o "${GOBIN}/${cmd}" "${flags[@]}" \ + -v -x "github.com/snapcore/${PN}/cmd/${cmd}" + [[ -e "${GOBIN}/${cmd}" ]] || die "failed to build ${cmd}" + done + for cmd in snapctl snap-exec snap-update-ns; do + go build ${GOFLAGS} -mod=vendor -o "${GOBIN}/${cmd}" "${staticflags[@]}" \ + -v -x "github.com/snapcore/${PN}/cmd/${cmd}" + [[ -e "${GOBIN}/${cmd}" ]] || die "failed to build ${cmd}" + done +} + +src_install() { + emake -C "${S}/data" install "${SNAPD_MAKEARGS[@]}" DESTDIR="${D}" + emake -C "${S}/cmd" install "${SNAPD_MAKEARGS[@]}" DESTDIR="${D}" + + if use apparmor; then + mv "${ED}/etc/apparmor.d/usr.lib.snapd.snap-confine"{,.real} || die + keepdir /var/lib/snapd/apparmor/profiles + fi + keepdir /var/lib/snapd/{apparmor/snap-confine,cache,cookie,snap,void} + fperms 700 /var/lib/snapd/{cache,cookie} + + dobin "${GOBIN}/"{snap,snapctl} + ln "${ED}/usr/bin/snapctl" "${ED}/usr/lib/snapd/snapctl" || die + + exeinto /usr/lib/snapd + doexe "${GOBIN}/"{snapd,snapd-apparmor,snap-bootstrap,snap-failure,snap-exec,snap-preseed,snap-recovery-chooser,snap-repair,snap-seccomp,snap-update-ns} \ + "${S}/"{cmd/snap-discard-ns/snap-discard-ns,cmd/snap-gdb-shim/snap-gdb-shim,cmd/snap-mgmt/snap-mgmt} \ + "${S}/data/completion/bash/"{complete.sh,etelpmoc.sh,} + + dobashcomp "${S}/data/completion/bash/snap" + + insinto /usr/share/zsh/site-functions + doins "${S}/data/completion/zsh/_snap" + + insinto "/usr/share/polkit-1/actions" + doins "${S}/data/polkit/io.snapcraft.snapd.policy" + + dodoc "${S}/packaging/ubuntu-16.04/changelog" + domo "${S}/po/"*.mo + + readme.gentoo_create_doc +} + +pkg_postinst() { + readme.gentoo_print_elog + xdg_desktop_database_update + tmpfiles_process snapd.conf + + if use apparmor && [[ -z ${ROOT} && -e /sys/kernel/security/apparmor/profiles && + $(wc -l < /sys/kernel/security/apparmor/profiles) -gt 0 ]]; then + apparmor_parser -r "${EPREFIX}/etc/apparmor.d/usr.lib.snapd.snap-confine.real" + fi +} + +pkg_postrm() { + xdg_desktop_database_update +} diff --git a/app-containers/snapd/snapd-2.60.3.ebuild b/app-containers/snapd/snapd-2.60.3.ebuild new file mode 100644 index 000000000000..7bd5d8f6f6e3 --- /dev/null +++ b/app-containers/snapd/snapd-2.60.3.ebuild @@ -0,0 +1,179 @@ +# Copyright 2020-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools bash-completion-r1 flag-o-matic go-module linux-info readme.gentoo-r1 systemd tmpfiles xdg-utils + +DESCRIPTION="Service and tools for management of snap packages" +HOMEPAGE="http://snapcraft.io/" + +SRC_URI="https://github.com/snapcore/snapd/releases/download/${PV}/snapd_${PV}.vendor.tar.xz -> ${P}.tar.xz" +MY_PV=${PV} +KEYWORDS="~amd64" + +LICENSE="GPL-3 Apache-2.0 BSD BSD-2 LGPL-3-with-linking-exception MIT" +SLOT="0" +IUSE="apparmor +forced-devmode gtk kde systemd" +REQUIRED_USE="!forced-devmode? ( apparmor ) systemd" + +CONFIG_CHECK="~CGROUPS + ~CGROUP_DEVICE + ~CGROUP_FREEZER + ~NAMESPACES + ~SQUASHFS + ~SQUASHFS_ZLIB + ~SQUASHFS_LZO + ~SQUASHFS_XZ + ~BLK_DEV_LOOP + ~SECCOMP + ~SECCOMP_FILTER" + +RDEPEND=" + sys-libs/libseccomp:= + apparmor? ( + sec-policy/apparmor-profiles + sys-apps/apparmor:= + ) + dev-libs/glib + virtual/libudev + systemd? ( sys-apps/systemd ) + sys-libs/libcap:= + sys-fs/squashfs-tools[lzma,lzo]" + +DEPEND="${RDEPEND}" + +BDEPEND=" + >=dev-lang/go-1.9 + dev-python/docutils + sys-devel/gettext + sys-fs/xfsprogs" + +PDEPEND="sys-auth/polkit[gtk?,kde?]" + +README_GENTOO_SUFFIX="" + +pkg_setup() { + if use apparmor; then + CONFIG_CHECK+=" ~SECURITY_APPARMOR" + fi + linux-info_pkg_setup + + # Seems to have issues building with -O3, switch to -O2 + replace-flags -O3 -O2 +} + +src_prepare() { + default + # Update apparmor profile to allow libtinfow.so* + sed -i 's/libtinfo/libtinfo{,w}/' \ + "cmd/snap-confine/snap-confine.apparmor.in" || die + + if ! use forced-devmode; then + sed -e 's#return !apparmorFull#if !apparmorFull {\n\t\tpanic("USE=forced-devmode is disabled")\n\t}\n\treturn false#' \ + -i "sandbox/forcedevmode.go" || die + grep -q 'panic("USE=forced-devmode is disabled")' "sandbox/forcedevmode.go" || die "failed to disable forced-devmode" + fi + + sed -i 's:command -v git >/dev/null:false:' -i "mkversion.sh" || die + + ./mkversion.sh "${PV}" + pushd "cmd" >/dev/null || die + eautoreconf +} + +src_configure() { + SNAPD_MAKEARGS=( + "BINDIR=${EPREFIX}/usr/bin" + "DBUSSERVICESDIR=${EPREFIX}/usr/share/dbus-1/services" + "LIBEXECDIR=${EPREFIX}/usr/lib" + "SNAP_MOUNT_DIR=${EPREFIX}/var/lib/snapd/snap" + "SYSTEMDSYSTEMUNITDIR=$(systemd_get_systemunitdir)" + ) + export CGO_ENABLED="1" + export CGO_CFLAGS="${CFLAGS}" + export CGO_CPPFLAGS="${CPPFLAGS}" + export CGO_CXXFLAGS="${CXXFLAGS}" + + pushd "${S}/cmd" >/dev/null || die + econf --libdir="${EPREFIX}/usr/lib" \ + --libexecdir="${EPREFIX}/usr/lib/snapd" \ + $(use_enable apparmor) \ + --enable-nvidia-biarch \ + --with-snap-mount-dir="${EPREFIX}/var/lib/snapd/snap" +} + +src_compile() { + export -n GOCACHE XDG_CACHE_HOME + export GOBIN="${S}/bin" + + local file + for file in "${S}/po/"*.po; do + msgfmt "${file}" -o "${file%.po}.mo" || die + done + + emake -C "${S}/data" "${SNAPD_MAKEARGS[@]}" + + local -a flags=(-buildmode=pie -ldflags "-s -linkmode external -extldflags '${LDFLAGS}'" -trimpath) + local -a staticflags=(-buildmode=pie -ldflags "-s -linkmode external -extldflags '${LDFLAGS} -static'" -trimpath) + + local cmd + for cmd in snap snapd snapd-apparmor snap-bootstrap snap-failure snap-preseed snap-recovery-chooser snap-repair snap-seccomp; do + go build ${GOFLAGS} -mod=vendor -o "${GOBIN}/${cmd}" "${flags[@]}" \ + -v -x "github.com/snapcore/${PN}/cmd/${cmd}" + [[ -e "${GOBIN}/${cmd}" ]] || die "failed to build ${cmd}" + done + for cmd in snapctl snap-exec snap-update-ns; do + go build ${GOFLAGS} -mod=vendor -o "${GOBIN}/${cmd}" "${staticflags[@]}" \ + -v -x "github.com/snapcore/${PN}/cmd/${cmd}" + [[ -e "${GOBIN}/${cmd}" ]] || die "failed to build ${cmd}" + done +} + +src_install() { + emake -C "${S}/data" install "${SNAPD_MAKEARGS[@]}" DESTDIR="${D}" + emake -C "${S}/cmd" install "${SNAPD_MAKEARGS[@]}" DESTDIR="${D}" + + if use apparmor; then + mv "${ED}/etc/apparmor.d/usr.lib.snapd.snap-confine"{,.real} || die + keepdir /var/lib/snapd/apparmor/profiles + fi + keepdir /var/lib/snapd/{apparmor/snap-confine,cache,cookie,snap,void} + fperms 700 /var/lib/snapd/{cache,cookie} + + dobin "${GOBIN}/"{snap,snapctl} + ln "${ED}/usr/bin/snapctl" "${ED}/usr/lib/snapd/snapctl" || die + + exeinto /usr/lib/snapd + doexe "${GOBIN}/"{snapd,snapd-apparmor,snap-bootstrap,snap-failure,snap-exec,snap-preseed,snap-recovery-chooser,snap-repair,snap-seccomp,snap-update-ns} \ + "${S}/"{cmd/snap-discard-ns/snap-discard-ns,cmd/snap-gdb-shim/snap-gdb-shim,cmd/snap-mgmt/snap-mgmt} \ + "${S}/data/completion/bash/"{complete.sh,etelpmoc.sh,} + + dobashcomp "${S}/data/completion/bash/snap" + + insinto /usr/share/zsh/site-functions + doins "${S}/data/completion/zsh/_snap" + + insinto "/usr/share/polkit-1/actions" + doins "${S}/data/polkit/io.snapcraft.snapd.policy" + + dodoc "${S}/packaging/ubuntu-16.04/changelog" + domo "${S}/po/"*.mo + + readme.gentoo_create_doc +} + +pkg_postinst() { + readme.gentoo_print_elog + xdg_desktop_database_update + tmpfiles_process snapd.conf + + if use apparmor && [[ -z ${ROOT} && -e /sys/kernel/security/apparmor/profiles && + $(wc -l < /sys/kernel/security/apparmor/profiles) -gt 0 ]]; then + apparmor_parser -r "${EPREFIX}/etc/apparmor.d/usr.lib.snapd.snap-confine.real" + fi +} + +pkg_postrm() { + xdg_desktop_database_update +} diff --git a/app-containers/snapd/snapd-2.60.4.ebuild b/app-containers/snapd/snapd-2.60.4.ebuild new file mode 100644 index 000000000000..7bd5d8f6f6e3 --- /dev/null +++ b/app-containers/snapd/snapd-2.60.4.ebuild @@ -0,0 +1,179 @@ +# Copyright 2020-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools bash-completion-r1 flag-o-matic go-module linux-info readme.gentoo-r1 systemd tmpfiles xdg-utils + +DESCRIPTION="Service and tools for management of snap packages" +HOMEPAGE="http://snapcraft.io/" + +SRC_URI="https://github.com/snapcore/snapd/releases/download/${PV}/snapd_${PV}.vendor.tar.xz -> ${P}.tar.xz" +MY_PV=${PV} +KEYWORDS="~amd64" + +LICENSE="GPL-3 Apache-2.0 BSD BSD-2 LGPL-3-with-linking-exception MIT" +SLOT="0" +IUSE="apparmor +forced-devmode gtk kde systemd" +REQUIRED_USE="!forced-devmode? ( apparmor ) systemd" + +CONFIG_CHECK="~CGROUPS + ~CGROUP_DEVICE + ~CGROUP_FREEZER + ~NAMESPACES + ~SQUASHFS + ~SQUASHFS_ZLIB + ~SQUASHFS_LZO + ~SQUASHFS_XZ + ~BLK_DEV_LOOP + ~SECCOMP + ~SECCOMP_FILTER" + +RDEPEND=" + sys-libs/libseccomp:= + apparmor? ( + sec-policy/apparmor-profiles + sys-apps/apparmor:= + ) + dev-libs/glib + virtual/libudev + systemd? ( sys-apps/systemd ) + sys-libs/libcap:= + sys-fs/squashfs-tools[lzma,lzo]" + +DEPEND="${RDEPEND}" + +BDEPEND=" + >=dev-lang/go-1.9 + dev-python/docutils + sys-devel/gettext + sys-fs/xfsprogs" + +PDEPEND="sys-auth/polkit[gtk?,kde?]" + +README_GENTOO_SUFFIX="" + +pkg_setup() { + if use apparmor; then + CONFIG_CHECK+=" ~SECURITY_APPARMOR" + fi + linux-info_pkg_setup + + # Seems to have issues building with -O3, switch to -O2 + replace-flags -O3 -O2 +} + +src_prepare() { + default + # Update apparmor profile to allow libtinfow.so* + sed -i 's/libtinfo/libtinfo{,w}/' \ + "cmd/snap-confine/snap-confine.apparmor.in" || die + + if ! use forced-devmode; then + sed -e 's#return !apparmorFull#if !apparmorFull {\n\t\tpanic("USE=forced-devmode is disabled")\n\t}\n\treturn false#' \ + -i "sandbox/forcedevmode.go" || die + grep -q 'panic("USE=forced-devmode is disabled")' "sandbox/forcedevmode.go" || die "failed to disable forced-devmode" + fi + + sed -i 's:command -v git >/dev/null:false:' -i "mkversion.sh" || die + + ./mkversion.sh "${PV}" + pushd "cmd" >/dev/null || die + eautoreconf +} + +src_configure() { + SNAPD_MAKEARGS=( + "BINDIR=${EPREFIX}/usr/bin" + "DBUSSERVICESDIR=${EPREFIX}/usr/share/dbus-1/services" + "LIBEXECDIR=${EPREFIX}/usr/lib" + "SNAP_MOUNT_DIR=${EPREFIX}/var/lib/snapd/snap" + "SYSTEMDSYSTEMUNITDIR=$(systemd_get_systemunitdir)" + ) + export CGO_ENABLED="1" + export CGO_CFLAGS="${CFLAGS}" + export CGO_CPPFLAGS="${CPPFLAGS}" + export CGO_CXXFLAGS="${CXXFLAGS}" + + pushd "${S}/cmd" >/dev/null || die + econf --libdir="${EPREFIX}/usr/lib" \ + --libexecdir="${EPREFIX}/usr/lib/snapd" \ + $(use_enable apparmor) \ + --enable-nvidia-biarch \ + --with-snap-mount-dir="${EPREFIX}/var/lib/snapd/snap" +} + +src_compile() { + export -n GOCACHE XDG_CACHE_HOME + export GOBIN="${S}/bin" + + local file + for file in "${S}/po/"*.po; do + msgfmt "${file}" -o "${file%.po}.mo" || die + done + + emake -C "${S}/data" "${SNAPD_MAKEARGS[@]}" + + local -a flags=(-buildmode=pie -ldflags "-s -linkmode external -extldflags '${LDFLAGS}'" -trimpath) + local -a staticflags=(-buildmode=pie -ldflags "-s -linkmode external -extldflags '${LDFLAGS} -static'" -trimpath) + + local cmd + for cmd in snap snapd snapd-apparmor snap-bootstrap snap-failure snap-preseed snap-recovery-chooser snap-repair snap-seccomp; do + go build ${GOFLAGS} -mod=vendor -o "${GOBIN}/${cmd}" "${flags[@]}" \ + -v -x "github.com/snapcore/${PN}/cmd/${cmd}" + [[ -e "${GOBIN}/${cmd}" ]] || die "failed to build ${cmd}" + done + for cmd in snapctl snap-exec snap-update-ns; do + go build ${GOFLAGS} -mod=vendor -o "${GOBIN}/${cmd}" "${staticflags[@]}" \ + -v -x "github.com/snapcore/${PN}/cmd/${cmd}" + [[ -e "${GOBIN}/${cmd}" ]] || die "failed to build ${cmd}" + done +} + +src_install() { + emake -C "${S}/data" install "${SNAPD_MAKEARGS[@]}" DESTDIR="${D}" + emake -C "${S}/cmd" install "${SNAPD_MAKEARGS[@]}" DESTDIR="${D}" + + if use apparmor; then + mv "${ED}/etc/apparmor.d/usr.lib.snapd.snap-confine"{,.real} || die + keepdir /var/lib/snapd/apparmor/profiles + fi + keepdir /var/lib/snapd/{apparmor/snap-confine,cache,cookie,snap,void} + fperms 700 /var/lib/snapd/{cache,cookie} + + dobin "${GOBIN}/"{snap,snapctl} + ln "${ED}/usr/bin/snapctl" "${ED}/usr/lib/snapd/snapctl" || die + + exeinto /usr/lib/snapd + doexe "${GOBIN}/"{snapd,snapd-apparmor,snap-bootstrap,snap-failure,snap-exec,snap-preseed,snap-recovery-chooser,snap-repair,snap-seccomp,snap-update-ns} \ + "${S}/"{cmd/snap-discard-ns/snap-discard-ns,cmd/snap-gdb-shim/snap-gdb-shim,cmd/snap-mgmt/snap-mgmt} \ + "${S}/data/completion/bash/"{complete.sh,etelpmoc.sh,} + + dobashcomp "${S}/data/completion/bash/snap" + + insinto /usr/share/zsh/site-functions + doins "${S}/data/completion/zsh/_snap" + + insinto "/usr/share/polkit-1/actions" + doins "${S}/data/polkit/io.snapcraft.snapd.policy" + + dodoc "${S}/packaging/ubuntu-16.04/changelog" + domo "${S}/po/"*.mo + + readme.gentoo_create_doc +} + +pkg_postinst() { + readme.gentoo_print_elog + xdg_desktop_database_update + tmpfiles_process snapd.conf + + if use apparmor && [[ -z ${ROOT} && -e /sys/kernel/security/apparmor/profiles && + $(wc -l < /sys/kernel/security/apparmor/profiles) -gt 0 ]]; then + apparmor_parser -r "${EPREFIX}/etc/apparmor.d/usr.lib.snapd.snap-confine.real" + fi +} + +pkg_postrm() { + xdg_desktop_database_update +} diff --git a/app-containers/snapd/snapd-2.61.ebuild b/app-containers/snapd/snapd-2.61.ebuild new file mode 100644 index 000000000000..7bd5d8f6f6e3 --- /dev/null +++ b/app-containers/snapd/snapd-2.61.ebuild @@ -0,0 +1,179 @@ +# Copyright 2020-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools bash-completion-r1 flag-o-matic go-module linux-info readme.gentoo-r1 systemd tmpfiles xdg-utils + +DESCRIPTION="Service and tools for management of snap packages" +HOMEPAGE="http://snapcraft.io/" + +SRC_URI="https://github.com/snapcore/snapd/releases/download/${PV}/snapd_${PV}.vendor.tar.xz -> ${P}.tar.xz" +MY_PV=${PV} +KEYWORDS="~amd64" + +LICENSE="GPL-3 Apache-2.0 BSD BSD-2 LGPL-3-with-linking-exception MIT" +SLOT="0" +IUSE="apparmor +forced-devmode gtk kde systemd" +REQUIRED_USE="!forced-devmode? ( apparmor ) systemd" + +CONFIG_CHECK="~CGROUPS + ~CGROUP_DEVICE + ~CGROUP_FREEZER + ~NAMESPACES + ~SQUASHFS + ~SQUASHFS_ZLIB + ~SQUASHFS_LZO + ~SQUASHFS_XZ + ~BLK_DEV_LOOP + ~SECCOMP + ~SECCOMP_FILTER" + +RDEPEND=" + sys-libs/libseccomp:= + apparmor? ( + sec-policy/apparmor-profiles + sys-apps/apparmor:= + ) + dev-libs/glib + virtual/libudev + systemd? ( sys-apps/systemd ) + sys-libs/libcap:= + sys-fs/squashfs-tools[lzma,lzo]" + +DEPEND="${RDEPEND}" + +BDEPEND=" + >=dev-lang/go-1.9 + dev-python/docutils + sys-devel/gettext + sys-fs/xfsprogs" + +PDEPEND="sys-auth/polkit[gtk?,kde?]" + +README_GENTOO_SUFFIX="" + +pkg_setup() { + if use apparmor; then + CONFIG_CHECK+=" ~SECURITY_APPARMOR" + fi + linux-info_pkg_setup + + # Seems to have issues building with -O3, switch to -O2 + replace-flags -O3 -O2 +} + +src_prepare() { + default + # Update apparmor profile to allow libtinfow.so* + sed -i 's/libtinfo/libtinfo{,w}/' \ + "cmd/snap-confine/snap-confine.apparmor.in" || die + + if ! use forced-devmode; then + sed -e 's#return !apparmorFull#if !apparmorFull {\n\t\tpanic("USE=forced-devmode is disabled")\n\t}\n\treturn false#' \ + -i "sandbox/forcedevmode.go" || die + grep -q 'panic("USE=forced-devmode is disabled")' "sandbox/forcedevmode.go" || die "failed to disable forced-devmode" + fi + + sed -i 's:command -v git >/dev/null:false:' -i "mkversion.sh" || die + + ./mkversion.sh "${PV}" + pushd "cmd" >/dev/null || die + eautoreconf +} + +src_configure() { + SNAPD_MAKEARGS=( + "BINDIR=${EPREFIX}/usr/bin" + "DBUSSERVICESDIR=${EPREFIX}/usr/share/dbus-1/services" + "LIBEXECDIR=${EPREFIX}/usr/lib" + "SNAP_MOUNT_DIR=${EPREFIX}/var/lib/snapd/snap" + "SYSTEMDSYSTEMUNITDIR=$(systemd_get_systemunitdir)" + ) + export CGO_ENABLED="1" + export CGO_CFLAGS="${CFLAGS}" + export CGO_CPPFLAGS="${CPPFLAGS}" + export CGO_CXXFLAGS="${CXXFLAGS}" + + pushd "${S}/cmd" >/dev/null || die + econf --libdir="${EPREFIX}/usr/lib" \ + --libexecdir="${EPREFIX}/usr/lib/snapd" \ + $(use_enable apparmor) \ + --enable-nvidia-biarch \ + --with-snap-mount-dir="${EPREFIX}/var/lib/snapd/snap" +} + +src_compile() { + export -n GOCACHE XDG_CACHE_HOME + export GOBIN="${S}/bin" + + local file + for file in "${S}/po/"*.po; do + msgfmt "${file}" -o "${file%.po}.mo" || die + done + + emake -C "${S}/data" "${SNAPD_MAKEARGS[@]}" + + local -a flags=(-buildmode=pie -ldflags "-s -linkmode external -extldflags '${LDFLAGS}'" -trimpath) + local -a staticflags=(-buildmode=pie -ldflags "-s -linkmode external -extldflags '${LDFLAGS} -static'" -trimpath) + + local cmd + for cmd in snap snapd snapd-apparmor snap-bootstrap snap-failure snap-preseed snap-recovery-chooser snap-repair snap-seccomp; do + go build ${GOFLAGS} -mod=vendor -o "${GOBIN}/${cmd}" "${flags[@]}" \ + -v -x "github.com/snapcore/${PN}/cmd/${cmd}" + [[ -e "${GOBIN}/${cmd}" ]] || die "failed to build ${cmd}" + done + for cmd in snapctl snap-exec snap-update-ns; do + go build ${GOFLAGS} -mod=vendor -o "${GOBIN}/${cmd}" "${staticflags[@]}" \ + -v -x "github.com/snapcore/${PN}/cmd/${cmd}" + [[ -e "${GOBIN}/${cmd}" ]] || die "failed to build ${cmd}" + done +} + +src_install() { + emake -C "${S}/data" install "${SNAPD_MAKEARGS[@]}" DESTDIR="${D}" + emake -C "${S}/cmd" install "${SNAPD_MAKEARGS[@]}" DESTDIR="${D}" + + if use apparmor; then + mv "${ED}/etc/apparmor.d/usr.lib.snapd.snap-confine"{,.real} || die + keepdir /var/lib/snapd/apparmor/profiles + fi + keepdir /var/lib/snapd/{apparmor/snap-confine,cache,cookie,snap,void} + fperms 700 /var/lib/snapd/{cache,cookie} + + dobin "${GOBIN}/"{snap,snapctl} + ln "${ED}/usr/bin/snapctl" "${ED}/usr/lib/snapd/snapctl" || die + + exeinto /usr/lib/snapd + doexe "${GOBIN}/"{snapd,snapd-apparmor,snap-bootstrap,snap-failure,snap-exec,snap-preseed,snap-recovery-chooser,snap-repair,snap-seccomp,snap-update-ns} \ + "${S}/"{cmd/snap-discard-ns/snap-discard-ns,cmd/snap-gdb-shim/snap-gdb-shim,cmd/snap-mgmt/snap-mgmt} \ + "${S}/data/completion/bash/"{complete.sh,etelpmoc.sh,} + + dobashcomp "${S}/data/completion/bash/snap" + + insinto /usr/share/zsh/site-functions + doins "${S}/data/completion/zsh/_snap" + + insinto "/usr/share/polkit-1/actions" + doins "${S}/data/polkit/io.snapcraft.snapd.policy" + + dodoc "${S}/packaging/ubuntu-16.04/changelog" + domo "${S}/po/"*.mo + + readme.gentoo_create_doc +} + +pkg_postinst() { + readme.gentoo_print_elog + xdg_desktop_database_update + tmpfiles_process snapd.conf + + if use apparmor && [[ -z ${ROOT} && -e /sys/kernel/security/apparmor/profiles && + $(wc -l < /sys/kernel/security/apparmor/profiles) -gt 0 ]]; then + apparmor_parser -r "${EPREFIX}/etc/apparmor.d/usr.lib.snapd.snap-confine.real" + fi +} + +pkg_postrm() { + xdg_desktop_database_update +} diff --git a/app-containers/syft/Manifest b/app-containers/syft/Manifest new file mode 100644 index 000000000000..686b770e21fb --- /dev/null +++ b/app-containers/syft/Manifest @@ -0,0 +1,8 @@ +DIST syft-0.75.0-deps.tar.xz 449464772 BLAKE2B 60329a7054917079ea2ad683019933b5a5b02441f7ec6823f64b83fd5c353b7096a21113d91d3b9fc1ecaa0870ccef4ee39c60a250f193bef35e15ea1e1b5598 SHA512 1605a7dd830d648e48049bf918c67bbc542dc790c09097db52e578bb826c994ca0364cc42ae510a6411febd90e395715b8a5317e82d424481ae3b835fae98357 +DIST syft-0.75.0.tar.gz 5714462 BLAKE2B 4513fb5ce8c9b432d9042e31c13032428db7ae2b7637f25d391c572094706a1bcfa7dc971a96a8630b3d226504000c79219c0cbc6e1372558c6d08c3ff41dfa4 SHA512 4b8f7cc2823ace1fb2a57a5a989690967ac2b0caf2358dd61a85eca418050ff3fb8ea0409fa694754e595f85168f7f2b192fd407f651f48e05932a73b18fa379 +DIST syft-0.76.0-deps.tar.xz 457367140 BLAKE2B 8d05372361e6051b8102bec3b775eb00f9f24c5d6cddcee39d5d5b0a8f8db5260173d17aa3922b625885c1dddba42f2c2ecb6afe39b03c61a04a9a9577c4a9c6 SHA512 20f32db12c11a15eb323016fb0df09ec0ad823882344006fd30c4450e25feb9db17b8784581a01ed5a3fd68597ad05749082413c4196deff4b908af56c72b04e +DIST syft-0.76.0.tar.gz 5726316 BLAKE2B debf5c9764994c616fceb7b69c42e87d6399ceb4b2f878935901f626256723177cc3e23b38f6dbce40a59c6586cb5589e82ed3c2a9811117486d9a1ced2f2260 SHA512 86f82455ff0d78864f56f2575bb2acb311ab658c23161b44f342242e88470948581097c2d928fae96ed01ad52843cb26d4682e22e5f81818a83a35cca1eff69e +DIST syft-0.94.0-deps.tar.xz 502576092 BLAKE2B 35c13d34a7a4b2afafb9b73502f4258b379db737d9482d3f2fc8c0748cda67733e198df25237b6622e7450055f6681de7e7031cf0d5c0f7d422b268e64608da2 SHA512 1018cbd7e22b44ca8626747ddce2a4672b7f6e0ff359d30e36877ac00e093cea8709d6880093850afe107aef7333b6f928ababc1dbb3cb5741c466b95ac69268 +DIST syft-0.94.0.tar.gz 5266343 BLAKE2B 892c7bf90a1d15fd926207acd1a28e8bd907ae5869be763e48ccd8d3279975c2ec84d9ec5842e3799460a823b5aa611a028982d8d40d90248c1cfad25415c672 SHA512 171b23271f03e1e824dcac41a563f7947d004797a21e762eea883ea680e0de65a532e03e4b245a4021288fec60142da8c1c16d6520eadece65728728b9d15f91 +DIST syft-0.95.0-deps.tar.xz 525784260 BLAKE2B 8aa9da529a605725ecbcc4ec98bef651218ee7b1ed08564fae0911fc83f78a13f7773c8c6e7c12f0ecb4b979477e1ea1a89354c11de932ef2e0a45b1fb80ec10 SHA512 0571b3586d27d1cf76a6bfd4c3fd5c06f796bd94feea63303c8464c602ce91f94e4bdc0002eb7241ff967e4146ec2a91cce428ad495d89dfda078a968e43d63f +DIST syft-0.95.0.tar.gz 5328311 BLAKE2B 555844c771dc57dd396f4016095a8e462b5088abf7d7dc2f77b14dcd98bd77fb58598c1011145ce001117ea3059cf93f2b4a1d2a7c01914cd1e5b855e79394cc SHA512 6509d7a505ff1adc37386bccfefb8ce106ff8c1ffe267ee768f731ef865c731dec3603c055d094363aae8b0ad6dd09547cb4b7e5a8d6993d7f8e09ef47f195c3 diff --git a/app-containers/syft/metadata.xml b/app-containers/syft/metadata.xml new file mode 100644 index 000000000000..522f506c2c33 --- /dev/null +++ b/app-containers/syft/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> + <upstream> + <remote-id type="github">anchore/syft</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/syft/syft-0.75.0.ebuild b/app-containers/syft/syft-0.75.0.ebuild new file mode 100644 index 000000000000..1dc3782ce80c --- /dev/null +++ b/app-containers/syft/syft-0.75.0.ebuild @@ -0,0 +1,34 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +GIT_COMMIT=cc0a376aba43e7f9c5fe66320643f72088533838 + +DESCRIPTION="Generate a Software Bill of Materials from container images and filesystems" +HOMEPAGE="https://www.anchore.com" +SRC_URI="https://github.com/anchore/syft/archive/v${PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm64" + +# tests require a running docker daemon +RESTRICT="test" + +src_compile() { + local BUILD_DATE + BUILD_DATE=$(date -u +%Y-%m-%dT%H:%M:%SZ) + ego build -o bin/syft -ldflags " + -extldflags '-static' + -X github.com/anchore/syft/internal/version.version=${PV} + -X github.com/anchore/syft/internal/version.gitCommit=${GIT_COMMIT} + -X github.com/anchore/syft/internal/version.buildDate=${BUILD_DATE} + -X github.com/anchore/syft/internal/version.gitDescription=v${PV} + " ./cmd/syft +} + +src_install() { + dobin bin/* +} diff --git a/app-containers/syft/syft-0.76.0.ebuild b/app-containers/syft/syft-0.76.0.ebuild new file mode 100644 index 000000000000..f2d767a1a229 --- /dev/null +++ b/app-containers/syft/syft-0.76.0.ebuild @@ -0,0 +1,34 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +GIT_COMMIT=dfcc07e5122217ca9e2fc75817c593356fc0c405 + +DESCRIPTION="Generate a Software Bill of Materials from container images and filesystems" +HOMEPAGE="https://www.anchore.com" +SRC_URI="https://github.com/anchore/syft/archive/v${PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm64" + +# tests require a running docker daemon +RESTRICT="test" + +src_compile() { + local BUILD_DATE + BUILD_DATE=$(date -u +%Y-%m-%dT%H:%M:%SZ) + ego build -o bin/syft -ldflags " + -extldflags '-static' + -X github.com/anchore/syft/internal/version.version=${PV} + -X github.com/anchore/syft/internal/version.gitCommit=${GIT_COMMIT} + -X github.com/anchore/syft/internal/version.buildDate=${BUILD_DATE} + -X github.com/anchore/syft/internal/version.gitDescription=v${PV} + " ./cmd/syft +} + +src_install() { + dobin bin/* +} diff --git a/app-containers/syft/syft-0.94.0.ebuild b/app-containers/syft/syft-0.94.0.ebuild new file mode 100644 index 000000000000..b5c24f11d18c --- /dev/null +++ b/app-containers/syft/syft-0.94.0.ebuild @@ -0,0 +1,34 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +GIT_COMMIT=8f6bdde6662aa8050a71eadbdb7bd5a3b079a56d + +DESCRIPTION="Generate a Software Bill of Materials from container images and filesystems" +HOMEPAGE="https://www.anchore.com" +SRC_URI="https://github.com/anchore/syft/archive/v${PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm64" + +# tests require a running docker daemon +RESTRICT="test" + +src_compile() { + local BUILD_DATE + BUILD_DATE=$(date -u +%Y-%m-%dT%H:%M:%SZ) + ego build -o bin/syft -ldflags " + -extldflags '-static' + -X github.com/anchore/syft/internal/version.version=${PV} + -X github.com/anchore/syft/internal/version.gitCommit=${GIT_COMMIT} + -X github.com/anchore/syft/internal/version.buildDate=${BUILD_DATE} + -X github.com/anchore/syft/internal/version.gitDescription=v${PV} + " ./cmd/syft +} + +src_install() { + dobin bin/* +} diff --git a/app-containers/syft/syft-0.95.0.ebuild b/app-containers/syft/syft-0.95.0.ebuild new file mode 100644 index 000000000000..a3a0542d8fa7 --- /dev/null +++ b/app-containers/syft/syft-0.95.0.ebuild @@ -0,0 +1,34 @@ +# Copyright 2022-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 +inherit go-module +GIT_COMMIT=9b98785aab9346999a0b5e9f5e4b4e63a1b1916c + +DESCRIPTION="Generate a Software Bill of Materials from container images and filesystems" +HOMEPAGE="https://www.anchore.com" +SRC_URI="https://github.com/anchore/syft/archive/v${PV}.tar.gz -> ${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~williamh/dist/${P}-deps.tar.xz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~arm64" + +# tests require a running docker daemon +RESTRICT="test" + +src_compile() { + local BUILD_DATE + BUILD_DATE=$(date -u +%Y-%m-%dT%H:%M:%SZ) + ego build -o bin/syft -ldflags " + -extldflags '-static' + -X github.com/anchore/syft/internal/version.version=${PV} + -X github.com/anchore/syft/internal/version.gitCommit=${GIT_COMMIT} + -X github.com/anchore/syft/internal/version.buildDate=${BUILD_DATE} + -X github.com/anchore/syft/internal/version.gitDescription=v${PV} + " ./cmd/syft +} + +src_install() { + dobin bin/* +} diff --git a/app-containers/umoci/Manifest b/app-containers/umoci/Manifest new file mode 100644 index 000000000000..47ca93d6d0f8 --- /dev/null +++ b/app-containers/umoci/Manifest @@ -0,0 +1 @@ +DIST umoci-0.4.6.tar.gz 2273608 BLAKE2B d5a36c78918697b9c8f54a5c4b914a9124b5e989dff3efc81a9f64f1bd276189d15a565a6ec2e8d4021925017e9a7a17f7cc5359a552f7c57dda414c25d2fb02 SHA512 0614dd583e00b6e2e69256f1ae1d3316e5bb5989a177d18c5ceacf3af18ab82ccf8edef879b6c813855d878d5af53c541ac433d81e6c20796885a26c57564118 diff --git a/app-containers/umoci/metadata.xml b/app-containers/umoci/metadata.xml new file mode 100644 index 000000000000..7cc282ba772a --- /dev/null +++ b/app-containers/umoci/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>williamh@gentoo.org</email> + <name>William Hubbs</name> + </maintainer> + <upstream> + <remote-id type="github">opencontainers/umoci</remote-id> + </upstream> +</pkgmetadata> diff --git a/app-containers/umoci/umoci-0.4.6.ebuild b/app-containers/umoci/umoci-0.4.6.ebuild new file mode 100644 index 000000000000..f315c80c886b --- /dev/null +++ b/app-containers/umoci/umoci-0.4.6.ebuild @@ -0,0 +1,35 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +COMMIT=5efa06acfb3bb4e65d2711cf5255970948e047cf +inherit go-module + +DESCRIPTION="Manipulation tool for OCI images" +HOMEPAGE="https://github.com/opencontainers/umoci" +SRC_URI="https://github.com/opencontainers/umoci/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64" + +BDEPEND="dev-go/go-md2man" + +RESTRICT+=" test " + +src_compile() { + go build -buildmode=pie -mod=vendor \ + -ldflags "-w -X main.gitCommit=${COMMIT} -X main.version=${PV}" \ + -o "bin/${PN}" ./cmd/${PN} || die + cd doc/man + for f in *.1.md; do + go-md2man -in ${f} -out ${f%%.md} || die + done +} + +src_install() { + dobin bin/${PN} + doman doc/man/*.1 + dodoc CHANGELOG.md + einstalldocs +} |