* [gentoo-commits] repo/gentoo:master commit in: app-containers/podman/files/, app-containers/podman/
@ 2024-03-23 8:29 Sam James
0 siblings, 0 replies; only message in thread
From: Sam James @ 2024-03-23 8:29 UTC (permalink / raw
To: gentoo-commits
commit: b86ea5f418a7dbe75847a8dc940edc114e3a17b8
Author: Rahil Bhimjiani <me <AT> rahil <DOT> rocks>
AuthorDate: Wed Mar 20 11:50:37 2024 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sat Mar 23 08:29:03 2024 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b86ea5f4
app-containers/podman: update to 5.0.0
1) Podman 5 drops old, slow & insecure stack in favour of shiny new one:
* slirp4netns -> passt/pasta
* runc -> crun
* cni-plugins -> netavark + aardvark-dns
* cgroupv1 -> cgroupv2
2) remove USE flags: cgroup-hybrid, init, rootless, fuse because ...
* cgroupv1 support is deprecated.
* app-containers/catatonit, net-misc/passt, sys-fs/fuse-overlayfs are very minimal
dependencies, <1M of installed size in <30s of compile time (ofc it
varies).
* These flags didn't do much except pulling in dependencies. So suppose
someone goes from -init to +init they've to compile whole podman again,
instead of just emerging catatonit.
* Forcing fuse-overlayfs on users makes sure to have a default graph driver in
rootless mode. containers-storage(5)
3) add python-any-r1.elcass to fix python-exec[-native-symlinks]
Closes: https://bugs.gentoo.org/877719
Closes: https://bugs.gentoo.org/906073
Bug: https://bugs.gentoo.org/show_bug.cgi?id=927501
Bug: https://bugs.gentoo.org/show_bug.cgi?id=927500
Signed-off-by: Rahil Bhimjiani <me <AT> rahil.rocks>
Signed-off-by: Sam James <sam <AT> gentoo.org>
app-containers/podman/Manifest | 1 +
.../podman/files/podman-auto-update-5.0.0.cron | 5 ++
.../podman/files/podman-auto-update-5.0.0_rc4.cron | 7 ---
app-containers/podman/metadata.xml | 6 +-
.../{podman-9999.ebuild => podman-5.0.0.ebuild} | 73 ++++++++--------------
app-containers/podman/podman-9999.ebuild | 73 ++++++++--------------
6 files changed, 57 insertions(+), 108 deletions(-)
diff --git a/app-containers/podman/Manifest b/app-containers/podman/Manifest
index d21910b422e6..1f1960306d0d 100644
--- a/app-containers/podman/Manifest
+++ b/app-containers/podman/Manifest
@@ -1 +1,2 @@
DIST podman-4.9.3.tar.gz 21727849 BLAKE2B 9a67ba4266a8a0e20d165ba2bae00dcf146724ee976838d5e3310b094155ffa89bff526e8ae72864dc100d1e6878d5519d53581dc7e034982a4f2b364e4c8feb SHA512 395014bbe70923f1444d2f33440013a16e9c339b70be5e6a9c7026617a40795a1c0e410c08a52fba46b9f5e853d853ce4133db36167a3c5ace7d325f8b3a3327
+DIST podman-5.0.0.tar.gz 21861935 BLAKE2B 1ec7006f272f5da7f93929bc543cd8988d6f9596cb868e9561578ebef85d51cbd6baa4b66571872fc9748c639ca636ce27f6d90303707f04caa321c7b71db81a SHA512 8800d96d668cbc7a7ff85a09c71b3307a280c124513fd02fe478f415cf8db43ee47dc7e9c3b75046c6bda9f916937a2cc59887c2c4b26766c2f770abb87fd7ce
diff --git a/app-containers/podman/files/podman-auto-update-5.0.0.cron b/app-containers/podman/files/podman-auto-update-5.0.0.cron
new file mode 100644
index 000000000000..509146e0aa56
--- /dev/null
+++ b/app-containers/podman/files/podman-auto-update-5.0.0.cron
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+# podman-auto-update(1)
+# uncomment following to auto update containers according to their auto-update policy
+# /usr/bin/podman auto-update && /usr/bin/podman image prune -f
diff --git a/app-containers/podman/files/podman-auto-update-5.0.0_rc4.cron b/app-containers/podman/files/podman-auto-update-5.0.0_rc4.cron
deleted file mode 100644
index d0a0fb54b106..000000000000
--- a/app-containers/podman/files/podman-auto-update-5.0.0_rc4.cron
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/sh
-set -e
-
-# mimicking behaviour of podman-auto-update.service
-if [ -x /usr/bin/podman ]; then
- /usr/bin/podman auto-update && /usr/bin/podman image prune -f
-fi
diff --git a/app-containers/podman/metadata.xml b/app-containers/podman/metadata.xml
index 0ae6596fc7c4..59ab2d3ffda0 100644
--- a/app-containers/podman/metadata.xml
+++ b/app-containers/podman/metadata.xml
@@ -24,15 +24,11 @@
</longdescription>
<use>
<flag name="btrfs">
- Enables dependencies for the "btrfs" graph driver, including
- necessary kernel flags.
+ Enables btrfs support (graph driver) in Podman
</flag>
<flag name="cgroup-hybrid">
Use legacy (hybrid) cgroups instead of modern (unified) cgroups
</flag>
- <flag name="cron">
- Runs `podman auto-update` daily. See podman-auto-update(1)
- </flag>
<flag name="fuse">
Enables fuse dependencies (fuse-overlayfs is especially useful
for rootless mode).
diff --git a/app-containers/podman/podman-9999.ebuild b/app-containers/podman/podman-5.0.0.ebuild
similarity index 55%
copy from app-containers/podman/podman-9999.ebuild
copy to app-containers/podman/podman-5.0.0.ebuild
index 2027b142f82f..b535f608f817 100644
--- a/app-containers/podman/podman-9999.ebuild
+++ b/app-containers/podman/podman-5.0.0.ebuild
@@ -3,7 +3,9 @@
EAPI=8
-inherit go-module tmpfiles linux-info
+PYTHON_COMPAT=( python3_{11,12} )
+
+inherit go-module python-any-r1 tmpfiles linux-info
DESCRIPTION="A tool for managing OCI containers and pods with Docker-compatible CLI"
HOMEPAGE="https://github.com/containers/podman/ https://podman.io/"
@@ -14,9 +16,8 @@ if [[ ${PV} == 9999* ]]; then
else
SRC_URI="https://github.com/containers/podman/archive/v${PV/_rc/-rc}.tar.gz -> ${P}.tar.gz"
S="${WORKDIR}/${P/_rc/-rc}"
- if [[ ${PV} != *rc* ]] ; then
+ [[ ${PV} != *rc* ]] && \
KEYWORDS="~amd64 ~arm64 ~riscv"
- fi
fi
# main pkg
@@ -24,32 +25,28 @@ LICENSE="Apache-2.0"
# deps
LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0"
SLOT="0"
-IUSE="apparmor btrfs cgroup-hybrid cron wrapper +fuse +init +rootless +seccomp selinux systemd"
+IUSE="apparmor btrfs +seccomp selinux systemd wrapper"
RESTRICT="test"
RDEPEND="
+ app-containers/catatonit
+ >=app-containers/conmon-2.1.10
+ >=app-containers/containers-common-0.58.0-r1
app-crypt/gpgme:=
- >=app-containers/conmon-2.0.0
- >=app-containers/containers-common-0.56.0
dev-libs/libassuan:=
dev-libs/libgpg-error:=
sys-apps/shadow:=
apparmor? ( sys-libs/libapparmor )
btrfs? ( sys-fs/btrfs-progs )
- cgroup-hybrid? ( >=app-containers/runc-1.0.0_rc6 )
- !cgroup-hybrid? ( app-containers/crun )
- cron? ( virtual/cron )
wrapper? ( !app-containers/docker-cli )
- fuse? ( sys-fs/fuse-overlayfs )
- init? ( app-containers/catatonit )
- rootless? ( app-containers/slirp4netns )
seccomp? ( sys-libs/libseccomp:= )
selinux? ( sec-policy/selinux-podman sys-libs/libselinux:= )
systemd? ( sys-apps/systemd:= )
"
DEPEND="${RDEPEND}"
BDEPEND="
+ ${PYTHON_DEPS}
dev-go/go-md2man
"
@@ -64,6 +61,7 @@ CONFIG_CHECK="
pkg_setup() {
use btrfs && CONFIG_CHECK+=" ~BTRFS_FS"
linux-info_pkg_setup
+ python-any-r1_pkg_setup
}
src_prepare() {
@@ -93,59 +91,38 @@ src_prepare() {
src_compile() {
export PREFIX="${EPREFIX}/usr"
- # bug 906073
- use elibc_musl && export CGO_CFLAGS="-D_LARGEFILE64_SOURCE"
-
# For non-live versions, prevent git operations which causes sandbox violations
# https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493
- [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT=""
+ [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" EPOCH_TEST_COMMIT=""
# BUILD_SECCOMP is used in the patch to toggle seccomp
- emake BUILDFLAGS="-v -work -x" GOMD2MAN="go-md2man" BUILD_SECCOMP="$(usex seccomp)" all $(usev wrapper docker-docs)
+ emake BUILDFLAGS="-v -work -x" GOMD2MAN="go-md2man" BUILD_SECCOMP="$(usex seccomp)" \
+ all $(usev wrapper docker-docs)
}
src_install() {
emake DESTDIR="${D}" install install.completions $(usev wrapper install.docker-full)
- insinto /etc/cni/net.d
- doins cni/87-podman-bridge.conflist
+ if use !systemd; then
+ newconfd "${FILESDIR}"/podman-5.0.0_rc4.confd podman
+ newinitd "${FILESDIR}"/podman-5.0.0_rc4.initd podman
- newconfd "${FILESDIR}"/podman-5.0.0_rc4.confd podman
- newinitd "${FILESDIR}"/podman-5.0.0_rc4.initd podman
+ newinitd "${FILESDIR}"/podman-restart-5.0.0_rc4.initd podman-restart
+ newconfd "${FILESDIR}"/podman-restart-5.0.0_rc4.confd podman-restart
- newinitd "${FILESDIR}"/podman-restart-5.0.0_rc4.initd podman-restart
- newconfd "${FILESDIR}"/podman-restart-5.0.0_rc4.confd podman-restart
+ newinitd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.initd podman-clean-transient
+ newconfd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.confd podman-clean-transient
- newinitd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.initd podman-clean-transient
- newconfd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.confd podman-clean-transient
+ exeinto /etc/cron.daily
+ newexe "${FILESDIR}"/podman-auto-update-5.0.0.cron podman-auto-update
- use cron && \
- { exeinto /etc/cron.daily && newexe "${FILESDIR}"/podman-auto-update-5.0.0_rc4.cron podman-auto-update; }
-
- insinto /etc/logrotate.d
- newins "${FILESDIR}/podman.logrotated" podman
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/podman.logrotated" podman
+ fi
keepdir /var/lib/containers
}
-pkg_preinst() {
- PODMAN_ROOTLESS_UPGRADE=false
- if use rootless; then
- has_version 'app-containers/podman[rootless]' || PODMAN_ROOTLESS_UPGRADE=true
- fi
-}
-
pkg_postinst() {
tmpfiles_process podman.conf $(usev wrapper podman-docker.conf)
-
- local want_newline=false
- if [[ ${PODMAN_ROOTLESS_UPGRADE} == true ]] ; then
- ${want_newline} && elog ""
- elog "For rootless operation, you need to configure subuid/subgid"
- elog "for user running podman. In case subuid/subgid has only been"
- elog "configured for root, run:"
- elog "usermod --add-subuids 1065536-1131071 <user>"
- elog "usermod --add-subgids 1065536-1131071 <user>"
- want_newline=true
- fi
}
diff --git a/app-containers/podman/podman-9999.ebuild b/app-containers/podman/podman-9999.ebuild
index 2027b142f82f..b535f608f817 100644
--- a/app-containers/podman/podman-9999.ebuild
+++ b/app-containers/podman/podman-9999.ebuild
@@ -3,7 +3,9 @@
EAPI=8
-inherit go-module tmpfiles linux-info
+PYTHON_COMPAT=( python3_{11,12} )
+
+inherit go-module python-any-r1 tmpfiles linux-info
DESCRIPTION="A tool for managing OCI containers and pods with Docker-compatible CLI"
HOMEPAGE="https://github.com/containers/podman/ https://podman.io/"
@@ -14,9 +16,8 @@ if [[ ${PV} == 9999* ]]; then
else
SRC_URI="https://github.com/containers/podman/archive/v${PV/_rc/-rc}.tar.gz -> ${P}.tar.gz"
S="${WORKDIR}/${P/_rc/-rc}"
- if [[ ${PV} != *rc* ]] ; then
+ [[ ${PV} != *rc* ]] && \
KEYWORDS="~amd64 ~arm64 ~riscv"
- fi
fi
# main pkg
@@ -24,32 +25,28 @@ LICENSE="Apache-2.0"
# deps
LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0"
SLOT="0"
-IUSE="apparmor btrfs cgroup-hybrid cron wrapper +fuse +init +rootless +seccomp selinux systemd"
+IUSE="apparmor btrfs +seccomp selinux systemd wrapper"
RESTRICT="test"
RDEPEND="
+ app-containers/catatonit
+ >=app-containers/conmon-2.1.10
+ >=app-containers/containers-common-0.58.0-r1
app-crypt/gpgme:=
- >=app-containers/conmon-2.0.0
- >=app-containers/containers-common-0.56.0
dev-libs/libassuan:=
dev-libs/libgpg-error:=
sys-apps/shadow:=
apparmor? ( sys-libs/libapparmor )
btrfs? ( sys-fs/btrfs-progs )
- cgroup-hybrid? ( >=app-containers/runc-1.0.0_rc6 )
- !cgroup-hybrid? ( app-containers/crun )
- cron? ( virtual/cron )
wrapper? ( !app-containers/docker-cli )
- fuse? ( sys-fs/fuse-overlayfs )
- init? ( app-containers/catatonit )
- rootless? ( app-containers/slirp4netns )
seccomp? ( sys-libs/libseccomp:= )
selinux? ( sec-policy/selinux-podman sys-libs/libselinux:= )
systemd? ( sys-apps/systemd:= )
"
DEPEND="${RDEPEND}"
BDEPEND="
+ ${PYTHON_DEPS}
dev-go/go-md2man
"
@@ -64,6 +61,7 @@ CONFIG_CHECK="
pkg_setup() {
use btrfs && CONFIG_CHECK+=" ~BTRFS_FS"
linux-info_pkg_setup
+ python-any-r1_pkg_setup
}
src_prepare() {
@@ -93,59 +91,38 @@ src_prepare() {
src_compile() {
export PREFIX="${EPREFIX}/usr"
- # bug 906073
- use elibc_musl && export CGO_CFLAGS="-D_LARGEFILE64_SOURCE"
-
# For non-live versions, prevent git operations which causes sandbox violations
# https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493
- [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT=""
+ [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" EPOCH_TEST_COMMIT=""
# BUILD_SECCOMP is used in the patch to toggle seccomp
- emake BUILDFLAGS="-v -work -x" GOMD2MAN="go-md2man" BUILD_SECCOMP="$(usex seccomp)" all $(usev wrapper docker-docs)
+ emake BUILDFLAGS="-v -work -x" GOMD2MAN="go-md2man" BUILD_SECCOMP="$(usex seccomp)" \
+ all $(usev wrapper docker-docs)
}
src_install() {
emake DESTDIR="${D}" install install.completions $(usev wrapper install.docker-full)
- insinto /etc/cni/net.d
- doins cni/87-podman-bridge.conflist
+ if use !systemd; then
+ newconfd "${FILESDIR}"/podman-5.0.0_rc4.confd podman
+ newinitd "${FILESDIR}"/podman-5.0.0_rc4.initd podman
- newconfd "${FILESDIR}"/podman-5.0.0_rc4.confd podman
- newinitd "${FILESDIR}"/podman-5.0.0_rc4.initd podman
+ newinitd "${FILESDIR}"/podman-restart-5.0.0_rc4.initd podman-restart
+ newconfd "${FILESDIR}"/podman-restart-5.0.0_rc4.confd podman-restart
- newinitd "${FILESDIR}"/podman-restart-5.0.0_rc4.initd podman-restart
- newconfd "${FILESDIR}"/podman-restart-5.0.0_rc4.confd podman-restart
+ newinitd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.initd podman-clean-transient
+ newconfd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.confd podman-clean-transient
- newinitd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.initd podman-clean-transient
- newconfd "${FILESDIR}"/podman-clean-transient-5.0.0_rc6.confd podman-clean-transient
+ exeinto /etc/cron.daily
+ newexe "${FILESDIR}"/podman-auto-update-5.0.0.cron podman-auto-update
- use cron && \
- { exeinto /etc/cron.daily && newexe "${FILESDIR}"/podman-auto-update-5.0.0_rc4.cron podman-auto-update; }
-
- insinto /etc/logrotate.d
- newins "${FILESDIR}/podman.logrotated" podman
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/podman.logrotated" podman
+ fi
keepdir /var/lib/containers
}
-pkg_preinst() {
- PODMAN_ROOTLESS_UPGRADE=false
- if use rootless; then
- has_version 'app-containers/podman[rootless]' || PODMAN_ROOTLESS_UPGRADE=true
- fi
-}
-
pkg_postinst() {
tmpfiles_process podman.conf $(usev wrapper podman-docker.conf)
-
- local want_newline=false
- if [[ ${PODMAN_ROOTLESS_UPGRADE} == true ]] ; then
- ${want_newline} && elog ""
- elog "For rootless operation, you need to configure subuid/subgid"
- elog "for user running podman. In case subuid/subgid has only been"
- elog "configured for root, run:"
- elog "usermod --add-subuids 1065536-1131071 <user>"
- elog "usermod --add-subgids 1065536-1131071 <user>"
- want_newline=true
- fi
}
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2024-03-23 8:30 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-03-23 8:29 [gentoo-commits] repo/gentoo:master commit in: app-containers/podman/files/, app-containers/podman/ Sam James
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox