SPECS/caas-danm.spec

   1 # Copyright 2019 Nokia
   2 #
   3 # Licensed under the Apache License, Version 2.0 (the "License");
   4 # you may not use this file except in compliance with the License.
   5 # You may obtain a copy of the License at
   6 #
   7 #     http://www.apache.org/licenses/LICENSE-2.0
   8 #
   9 # Unless required by applicable law or agreed to in writing, software
  10 # distributed under the License is distributed on an "AS IS" BASIS,
  11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12 # See the License for the specific language governing permissions and
  13 # limitations under the License.
  14
  15 %define COMPONENT danm
  16 %define RPM_NAME caas-%{COMPONENT}
  17 %define RPM_MAJOR_VERSION 4.0.0
  18 %define RPM_MINOR_VERSION 0
  19 %define DANM_VERSION v%{RPM_MAJOR_VERSION}
  20 %define CNI_VERSION 0.7.0
  21 %define go_version 1.12.1
  22 %define SRIOV_VERSION 9e4c973b2ac517c64867e33d61aee152d70dc330
  23 %define IMAGE_TAG %{RPM_MAJOR_VERSION}-%{RPM_MINOR_VERSION}
  24 %define binary_build_dir %{_builddir}/%{RPM_NAME}-%{RPM_MAJOR_VERSION}/binary-save
  25 %define docker_build_dir %{_builddir}/%{RPM_NAME}-%{RPM_MAJOR_VERSION}/docker-build
  26 %define build_dir %{_builddir}/%{RPM_NAME}-%{RPM_MAJOR_VERSION}/build
  27 %define built_binaries_dir /binary-save
  28
  29 Name:           %{RPM_NAME}
  30 Version:        %{RPM_MAJOR_VERSION}
  31 Release:        %{RPM_MINOR_VERSION}%{?dist}
  32 Summary:        Containers as a Service %{COMPONENT} component
  33 License:        %{_platform_license} and BSD 3-Clause License
  34 URL:            https://github.com/nokia/danm
  35 BuildArch:      x86_64
  36 Vendor:         %{_platform_vendor} and Nokia
  37 Source0:        %{name}-%{version}.tar.gz
  38
  39 Requires: docker-ce >= 18.09.2, iputils, rsync
  40 BuildRequires: docker-ce-cli >= 18.09.2, curl
  41
  42 # more info at: https://fedoraproject.org/wiki/Packaging:Debuginfo No build ID note in Flannel
  43 %global debug_package %{nil}
  44
  45 %description
  46 This RPM contains the DANM and related CNI binaries for CaaS subsystem.
  47
  48 %prep
  49 %autosetup
  50
  51 %build
  52 mkdir -p %{binary_build_dir}/cni
  53 curl -fsSL -k https://github.com/containernetworking/plugins/releases/download/v%{CNI_VERSION}/cni-plugins-amd64-v%{CNI_VERSION}.tgz  | tar zx --strip-components=1 -C %{binary_build_dir}/cni
  54
  55 docker build \
  56   --network=host \
  57   --no-cache \
  58   --force-rm \
  59   --build-arg HTTP_PROXY="${http_proxy}" \
  60   --build-arg HTTPS_PROXY="${https_proxy}" \
  61   --build-arg NO_PROXY="${no_proxy}" \
  62   --build-arg http_proxy="${http_proxy}" \
  63   --build-arg https_proxy="${https_proxy}" \
  64   --build-arg no_proxy="${no_proxy}" \
  65   --build-arg DANM_VERSION="%{DANM_VERSION}" \
  66   --build-arg go_version="%{go_version}" \
  67   --build-arg SRIOV_VERSION="%{SRIOV_VERSION}" \
  68   --build-arg binaries="%{built_binaries_dir}" \
  69   --tag cni-builder:%{IMAGE_TAG} \
  70   %{docker_build_dir}/cni-builder/
  71
  72 builder_container=$(docker run -id --rm --network=none --entrypoint=/bin/sh cni-builder:%{IMAGE_TAG})
  73 mkdir -p %{binary_build_dir}/danm
  74 docker cp ${builder_container}:%{built_binaries_dir}/danm %{binary_build_dir}/
  75 mkdir -p %{binary_build_dir}/flannel
  76 docker cp ${builder_container}:%{built_binaries_dir}/flannel %{binary_build_dir}/
  77 mkdir -p %{binary_build_dir}/sriov
  78 docker cp ${builder_container}:%{built_binaries_dir}/sriov %{binary_build_dir}/
  79
  80 docker rm -f ${builder_container}
  81 docker rmi cni-builder:%{IMAGE_TAG}
  82
  83 # Collect DANM CRDs
  84 git clone https://github.com/nokia/danm.git %{build_dir}/danm
  85 cd %{build_dir}/danm
  86 git checkout %{DANM_VERSION}
  87
  88 %install
  89 mkdir -p %{buildroot}/etc/cni/net.d/
  90 rsync -av cni-config/00-danm.conf %{buildroot}/etc/cni/net.d/00-danm.conf
  91 rsync -av cni-config/flannel.conf %{buildroot}/etc/cni/net.d/flannel.conf
  92
  93 mkdir -p %{buildroot}/opt/cni/bin/
  94 # Generic CNI plugins
  95 # Don't use the standard ipvlan binary \
  96 # Don't use portmap, quick fix for CVE-2019-9946 \
  97 rsync -av \
  98       --chmod=go+rx,u+rwx \
  99       --exclude=ipvlan \
 100       --exclude=portmap \
 101        %{binary_build_dir}/cni/* %{buildroot}/opt/cni/bin
 102 # DANM
 103 install -D -m 0755 %{binary_build_dir}/danm/danm %{buildroot}/opt/cni/bin/danm
 104 install -D -m 0755 %{binary_build_dir}/danm/fakeipam %{buildroot}/opt/cni/bin/fakeipam
 105 # FLANNEL
 106 install -D -m 0755 %{binary_build_dir}/flannel/flannel %{buildroot}/opt/cni/bin/flannel
 107 # SRIOV
 108 install -D -m 0755 %{binary_build_dir}/sriov/sriov %{buildroot}/opt/cni/bin/sriov
 109
 110 mkdir -p %{buildroot}/%{_caas_danm_crd_path}
 111 rsync -av %{build_dir}/danm/integration/crds/production/ %{buildroot}/%{_caas_danm_crd_path}
 112
 113
 114 %files
 115 # CONFIG
 116 /etc/cni/net.d/00-danm.conf
 117 /etc/cni/net.d/flannel.conf
 118 # CNI binaries
 119 /opt/cni/bin
 120 # DANM CRDs
 121 /%{_caas_danm_crd_path}
 122
 123 %preun
 124
 125 %post
 126
 127 %postun
 128
 129 %clean
 130 rm -rf ${buildroot}