3 # Licensed under the Apache License, Version 2.0 (the "License");
4 # you may not use this file except in compliance with the License.
5 # You may obtain a copy of the License at
7 # http://www.apache.org/licenses/LICENSE-2.0
9 # Unless required by applicable law or agreed to in writing, software
10 # distributed under the License is distributed on an "AS IS" BASIS,
11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 # See the License for the specific language governing permissions and
13 # limitations under the License.
15 %define COMPONENT danm
16 %define RPM_NAME caas-%{COMPONENT}
17 %define RPM_MAJOR_VERSION 3.2.0
18 %define RPM_MINOR_VERSION 1
19 %define CNI_VERSION 0.7.0
20 %define DANM_VERSION b48eb154a7f81fcafb0ff9e5b7d3ca6b54e6565a
21 %define go_version 1.12.1
22 %define SRIOV_VERSION 6b53446e5781570c44e399cccb1fcdfa417f43a1
23 %define IMAGE_TAG %{RPM_MAJOR_VERSION}-%{RPM_MINOR_VERSION}
24 %define binary_build_dir %{_builddir}/%{RPM_NAME}-%{RPM_MAJOR_VERSION}/binary-save
25 %define docker_build_dir %{_builddir}/%{RPM_NAME}-%{RPM_MAJOR_VERSION}/docker-build
26 %define built_binaries_dir /binary-save
29 Version: %{RPM_MAJOR_VERSION}
30 Release: %{RPM_MINOR_VERSION}%{?dist}
31 Summary: Containers as a Service %{COMPONENT} component
32 License: %{_platform_license} and BSD 3-Clause License
33 URL: https://github.com/nokia/danm
35 Vendor: %{_platform_vendor} and Nokia
36 Source0: %{name}-%{version}.tar.gz
38 Requires: docker-ce >= 18.09.2, iputils
39 BuildRequires: docker-ce >= 18.09.2, git
41 # more info at: https://fedoraproject.org/wiki/Packaging:Debuginfo No build ID note in Flannel
42 %global debug_package %{nil}
45 This RPM contains the DANM and related CNI binaries for CaaS subsystem.
51 mkdir -p %{binary_build_dir}/cni
52 curl -fsSL -k https://github.com/containernetworking/plugins/releases/download/v%{CNI_VERSION}/cni-plugins-amd64-v%{CNI_VERSION}.tgz | tar zx --strip-components=1 -C %{binary_build_dir}/cni
58 --build-arg HTTP_PROXY="${http_proxy}" \
59 --build-arg HTTPS_PROXY="${https_proxy}" \
60 --build-arg NO_PROXY="${no_proxy}" \
61 --build-arg http_proxy="${http_proxy}" \
62 --build-arg https_proxy="${https_proxy}" \
63 --build-arg no_proxy="${no_proxy}" \
64 --build-arg DANM_VERSION="%{DANM_VERSION}" \
65 --build-arg go_version="%{go_version}" \
66 --build-arg SRIOV_VERSION="%{SRIOV_VERSION}" \
67 --build-arg binaries="%{built_binaries_dir}" \
68 --tag cni-builder:%{IMAGE_TAG} \
69 %{docker_build_dir}/cni-builder/
71 builder_container=$(docker run -id --rm --network=none --entrypoint=/bin/sh cni-builder:%{IMAGE_TAG})
72 mkdir -p %{binary_build_dir}/danm
73 docker cp ${builder_container}:%{built_binaries_dir}/danm %{binary_build_dir}/
74 mkdir -p %{binary_build_dir}/flannel
75 docker cp ${builder_container}:%{built_binaries_dir}/flannel %{binary_build_dir}/
76 mkdir -p %{binary_build_dir}/sriov
77 docker cp ${builder_container}:%{built_binaries_dir}/sriov %{binary_build_dir}/
79 docker rm -f ${builder_container}
80 docker rmi cni-builder:%{IMAGE_TAG}
83 mkdir -p %{buildroot}/etc/cni/net.d/
84 rsync -av cni-config/00-danm.conf %{buildroot}/etc/cni/net.d/00-danm.conf
85 rsync -av cni-config/flannel.conf %{buildroot}/etc/cni/net.d/flannel.conf
87 mkdir -p %{buildroot}/opt/cni/bin/
89 # Don't use the standard ipvlan binary \
90 # Dont't use portmap, quick fix for CVE-2019-9946 \
95 %{binary_build_dir}/cni/* %{buildroot}/opt/cni/bin
97 install -D -m 0755 %{binary_build_dir}/danm/danm %{buildroot}/opt/cni/bin/danm
98 install -D -m 0755 %{binary_build_dir}/danm/fakeipam %{buildroot}/opt/cni/bin/fakeipam
100 install -D -m 0755 %{binary_build_dir}/flannel/flannel %{buildroot}/opt/cni/bin/flannel
102 install -D -m 0755 %{binary_build_dir}/sriov/sriov %{buildroot}/opt/cni/bin/sriov
106 /etc/cni/net.d/00-danm.conf
107 /etc/cni/net.d/flannel.conf