moby/moby.spec

%global _gitcommit_engine f417435 
%global _gitcommit_cli 4debf41
%global _source_engine moby-%{version}
%global _source_client cli-%{version}
%global _source_docker_init tini-0.19.0
%define _debugsource_template %{nil}

Name: 	  moby
Version:  25.0.3
Release:  23
Summary:  The open-source application container engine
License:  Apache-2.0
URL:	  https://www.docker.com
# https://github.com/docker/cli/archive/refs/tags/v25.0.3.tar.gz
Source0:  cli-%{version}.tar.gz
# https://github.com/moby/moby/archive/refs/tags/v25.0.3.tar.gz
Source1:  moby-%{version}.tar.gz
# https://github.com/krallin/tini/archive/refs/tags/v0.19.0.tar.gz
Source2:  tini-0.19.0.tar.gz
Source3:  docker.service
Source4:  docker.socket
Source5:  docker.sysconfig
# Patch 0001-0999 for cli
Patch0001:  0001-Set-CGO_ENABLED-1-on-riscv64.patch
# Patch 1001-1999 for moby
Patch1001:  1001-fix-cve-2024-29018.patch
Patch1002:  1002-fix-cve-2024-32473.patch
Patch1003:  1003-add-loongarch64-seccomp-support.patch
Patch1004:  1004-fix-docker-swarm-run-failed-for-loongarch64.patch
Patch1005:  1005-CVE-2024-41110.patch
Patch1006:  1006-fix-libnetwork-osl-test-TestAddRemoveInterface.patch
Patch1007:  1007-api-omit-missing-Created-field-from-ImageInspect-res.patch
Patch1008:  1008-integration-Add-container-output-utility.patch
Patch1009:  1009-mounts-validate-Don-t-check-source-exists-with-Creat.patch
Patch1010:  1010-fix-CVE-2024-36621.patch
Patch1011:  1011-fix-CVE-2024-36620.patch
Patch1012:  1012-fix-CVE-2024-36623.patch
# Patch 2001-2999 for tini
Patch2001:  2001-tini.c-a-function-declaration-without-a-prototype-is.patch
Requires(meta): %{name}-engine = %{version}-%{release}
Requires(meta): %{name}-client = %{version}-%{release}

# conflicting packages
Conflicts: docker-ce
Conflicts: docker-io
Conflicts: docker-engine-cs
Conflicts: docker-ee
Obsoletes: docker < %{version}-%{release}
Provides: docker = %{version}-%{release}

%description
Docker is a product for you to build, ship and run any application as a
lightweight container.

%package engine
Summary: Docker daemon binary and related utilities

Requires(pre): /usr/sbin/groupadd
Requires: runc
Requires: container-selinux >= 2:2.74
Requires: libseccomp >= 2.3
Requires: systemd
Requires: iptables
Requires: libcgroup
Requires: containerd
Requires: tar
Requires: xz
%{?systemd_requires}

BuildRequires: bash
BuildRequires: ca-certificates
BuildRequires: cmake
BuildRequires: device-mapper-devel
BuildRequires: gcc
BuildRequires: git
BuildRequires: glibc-static
BuildRequires: libarchive
BuildRequires: libseccomp-devel
BuildRequires: libselinux-devel
BuildRequires: libtool
BuildRequires: libtool-ltdl-devel
BuildRequires: make
BuildRequires: pkgconfig
BuildRequires: pkgconfig(systemd)
BuildRequires: selinux-policy-devel
BuildRequires: systemd-devel
BuildRequires: tar
BuildRequires: which
BuildRequires: golang  >= 1.18.0
Obsoletes: docker-engine < %{version}-%{release}
Conflicts: docker-engine >= 2:18
Requires: libnetwork = %{version}-%{release}

%description engine
Docker daemon binary and related utilities

%package client
Summary: Docker client binary and related utilities
Obsoletes: docker-client < %{version}-%{release}

Requires: /bin/sh
BuildRequires: libtool-ltdl-devel

%description client
Docker client binary and related utilities

%package -n libnetwork
Summary: Proxy used for docker port mapping
Provides: docker-proxy
Obsoletes: docker-proxy
Conflicts: docker-engine < 25.0.3-20

%description -n libnetwork
Proxy used for docker port mapping.

%prep
%setup -q -n %{_source_client}
%autopatch -p1 -m 0001 -M 0999
%setup -q -T -n %{_source_engine} -b 1
%autopatch -p1 -m 1001 -M 1999
%setup -q -T -n %{_source_docker_init} -b 2
%autopatch -p1 -m 2001 -M 2999

%build
export GO111MODULE=off
# build docker daemon
export DOCKER_GITCOMMIT=%{_gitcommit_engine}
export DOCKER_BUILDTAGS="exclude_graphdriver_btrfs"

pushd %{_builddir}/%{_source_engine}
CGO_CFLAGS="%{build_cflags}" \
CGO_LDFLAGS="%{build_ldflags}" \
AUTO_GOPATH=1 VERSION=%{version} PRODUCT=docker hack/make.sh dynbinary
popd

# build docker-tini
pushd %{_builddir}/%{_source_docker_init}
cmake .
make tini-static
popd

# build cli
pushd %{_builddir}/%{_source_client}
mkdir -p .gopath/src/github.com/docker/cli
export GOPATH=`pwd`/.gopath
rm -rf .gopath/src/github.com/docker/cli
ln -s %{_builddir}/%{_source_client} .gopath/src/github.com/docker/cli
pushd .gopath/src/github.com/docker/cli
DISABLE_WARN_OUTSIDE_CONTAINER=1 make VERSION=%{version} GITCOMMIT=%{_gitcommit_cli} dynbinary
popd
popd

%check
# check for daemon
ver="$(%{_builddir}/%{_source_engine}/bundles/dynbinary-daemon/dockerd --version)"; \
    test "$ver" = "Docker version %{version}, build %{_gitcommit_engine}" && echo "PASS: daemon version OK" || (echo "FAIL: daemon version ($ver) did not match" && exit 1)
# check for client
ver="$(%{_builddir}/%{_source_client}/build/docker --version)"; \
    test "$ver" = "Docker version %{version}, build %{_gitcommit_cli}" && echo "PASS: cli version OK" || (echo "FAIL: cli version ($ver) did not match" && exit 1)


%install
# install daemon binary
install -D -p -m 0755 $(readlink -f %{_builddir}/%{_source_engine}/bundles/dynbinary-daemon/dockerd) %{buildroot}%{_bindir}/dockerd

# install proxy
install -D -p -m 0755 %{_builddir}/%{_source_engine}/bundles/dynbinary-daemon/docker-proxy %{buildroot}%{_bindir}/docker-proxy

# install tini
install -D -p -m 755 %{_builddir}/%{_source_docker_init}/tini-static %{buildroot}%{_bindir}/docker-init

# install systemd scripts
install -D -m 0644 %{SOURCE3} %{buildroot}%{_unitdir}/docker.service
install -D -m 0644 %{SOURCE4} %{buildroot}%{_unitdir}/docker.socket

# for additional args
install -Dpm 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/sysconfig/docker

# install docker client
install -p -m 0755 $(readlink -f %{_builddir}/%{_source_client}/build/docker) %{buildroot}%{_bindir}/docker

# add bash, zsh, and fish completions
install -d %{buildroot}%{_datadir}/bash-completion/completions
install -d %{buildroot}%{_datadir}/zsh/vendor-completions
install -d %{buildroot}%{_datadir}/fish/vendor_completions.d
install -p -m 644 %{_builddir}/%{_source_client}/contrib/completion/bash/docker %{buildroot}%{_datadir}/bash-completion/completions/docker
install -p -m 644 %{_builddir}/%{_source_client}/contrib/completion/zsh/_docker %{buildroot}%{_datadir}/zsh/vendor-completions/_docker
install -p -m 644 %{_builddir}/%{_source_client}/contrib/completion/fish/docker.fish %{buildroot}%{_datadir}/fish/vendor_completions.d/docker.fish

# add docs
install -d %{buildroot}%{_pkgdocdir}
install -p -m 644 %{_builddir}/%{_source_client}/{LICENSE,MAINTAINERS,NOTICE,README.md} %{buildroot}%{_pkgdocdir}

%files
# empty as it depends on engine and client

%files engine
%config(noreplace) %{_sysconfdir}/sysconfig/docker
%{_bindir}/dockerd
%{_bindir}/docker-init
%{_unitdir}/docker.service
%{_unitdir}/docker.socket

%files -n libnetwork
%{_bindir}/docker-proxy

%files client
%{_bindir}/docker
%{_datadir}/bash-completion/completions/docker
%{_datadir}/zsh/vendor-completions/_docker
%{_datadir}/fish/vendor_completions.d/docker.fish
%doc %{_pkgdocdir}

%pre engine
if ! getent group docker > /dev/null; then
    groupadd --system docker
fi

%post engine
%systemd_post docker.service

%preun engine
%systemd_preun docker.service docker.socket

%postun engine
%systemd_postun_with_restart docker.service

%changelog
* Fri Jan 17 2025 laokz <zhangkai@iscas.ac.cn> - 25.0.3-23
- backport cli v26.1.0 patch to fix riscv64 build error

* Sat Nov 30 2024 Funda Wang <fundawang@yeah.net> - 25.0.3-22
- fix CVE-2024-36620, CVE-2024-36621, CVE-2024-36623
- reorganize patches so that they could be applied automatically

* Fri Nov 29 2024 Funda Wang <fundawang@yeah.net> - 25.0.3-21
- convert patches into unix format

* Fri Nov 22 2024 Funda Wang <fundawang@yeah.net> - 25.0.3-20
- rename back to moby
- split docker-proxy for docker 18 to use

* Thu Nov 14 2024 shechenglong <shechenglong@xfusion.com> - 25.0.3-19
- DESC: Resolving installation conflicts between docker-engine and libnetwork

* Fri Nov 08 2024 shechenglong <shechenglong@xfusion.com> - 25.0.3-18
- DESC: Don't check source exists with CreateMountpoint

* Fri Nov 08 2024 shechenglong <shechenglong@xfusion.com> - 25.0.3-17
- DESC: move group creation into pre section rather than post section
        change requires into meta dependency for its actual use

* Wed Nov 6 2024 sunchendong<sunchendong@xfusion.com> - 25.0.3-16
- DESC:Add container.Output utility

* Mon Nov 4 2024 sunchendong<sunchendong@xfusion.com> - 25.0.3-15
- DESC:omit missing Created field from ImageInspect response

* Thu Oct 31 2024 yaoguangzhong<yaoguangzhong@xfusion.com> - 25.0.3-14
- DESC:backport upstream patch to fix libnetwork/osl test TestAddRemoveInterface

* Tue Oct 29 2024 yaoguangzhong<yaoguangzhong@xfusion.com> - 25.0.3-13
- DESC:modify patch number

* Tue Oct 29 2024 yaoguangzhong<yaoguangzhong@xfusion.com> - 25.0.3-12
- DESC:fix build warnings for moby.spec

* Mon Sep 9 2024 tiberium <jinzhe.oerv@isrc.iscas.ac.cn> - 25.0.3-11
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:backport upstream patch to solve -Wstrict-prototypes error

* Fri Jul 26 2024 zhangxianting <zhangxianting@uniontechc.om> - 25.0.3-10
- Type:CVE
- ID:NA
- SUG:NA
- DESC:fix CVE-2024-41110

* Fri Jul 12 2024 lvxiangcong <lvxiangcong@kylinos.cn> - 25.0.3-9
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:fix docker swarm run failed for loongarch64

* Tue Jul 02 2024 zhangbowei<zhangbowei@kylinos.cn> - 25.0.3-8
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:fix bug by using docker-proxy in the source file to get better compatibility

* Fri Jun 28 2024 shechenglong<shechenglong@xfusion.com> - 25.0.3-7
- DESC:software package name moby is changed to docker

* Fri Jun 14 2024 zhaixiaojuan<zhaixiaojuan@loongson.cn> - 25.0.3-6
- DESC:add loongarch64 seccomp support

* Tue May 14 2024 wanglimin<wanglimin@xfusion.com> - 25.0.3-5
- DESC:clean dependency between engine and cli

* Sat May 11 2024 lvxiangcong<lvxiangcong@kylinos.cn> - 25.0.3-4
- DESC:fix install error failed to docker.service does not exit

* Mon Apr 22 2024 lvxiangcong<lvxiangcong@kylinos.cn> - 25.0.3-3
- DESC:fix cve-2024-32473

* Wed Apr 17 2024 lvxiangcong<lvxiangcong@kylinos.cn> - 25.0.3-2
- DESC:fix cve-2024-29018

* Tue Feb 06 2024 shechenglong<shechenglong@xfusion.com> - 25.0.3-1
- DESC:update to 25.0.3

* Thu Dec 28 2023 maokecheng<maokecheng@xfusion.com> - 20.10.24-7
- Adapt docker-runc to be changed to runc

* Tue Sep 26 2023 xulei<xulei@xfusion.com> - 20.10.24-6
- Fix the missing socketGroup permissions for only installing moby-engine

* Mon Sep 18 2023 xulei<xulei@xfusion.com> - 20.10.24-5
- Optimize the apply patch method

* Thu Sep 14 2023 xulei<xulei@xfusion.com> - 20.10.24-4
- DESC: Fix missing runc dependencies
        The declaration conflicts with the installation of docker-engine

* Mon Sep 4 2023 xulei<xulei@xfusion.com> - 20.10.24-3
- Fix the conflict libnetwork installation

* Sun Jul 16 2023 xulei<xulei@xfusion.com> - 20.10.24-2
- DESC: fix non-blocking awslogs log drop bug
        fix panic if mount is not a volume

* Mon Apr 10 2023 xulei<xulei@xfusion.com> - 20.10.24-1
- DESC: update to 20.10.24

* Tue Apr 4 2023 zhangzhihui<zhangzhihui@xfusion.com> - 20.10.23-3
- DESC: sync upstream patch
        Dockerfile: configure code dir as "safe" directory

* Fri Mar 31 2023 zhangzhihui<zhangzhihui@xfusion.com> - 20.10.23-2
- DESC: sync upstream patch to update containerd to v1.6.16

* Wed Mar 29 2023 xulei<xulei@xfusion.com> - 20.10.23-1
- DESC:update to 20.10.23

* Wed Mar 8 2023 xulei<xulei@xfusion.com> - 20.10.21-4
- DESC: enhance container behavior
        1.stop docker.socket before uninstall docker.
        2.container keep running when restart docker service.
        3.when containerd exits abnormally, it can be automatically pulled up.
        4.add some dockerd options.
        5.change to BuildRequires golang-1.18.0

* Wed Dec 28 2022 xulei<xulei@xfusion.com> - 20.10.21-3
- DESC: change to BuildRequires golang-1.17.3

* Wed Dec 21 2022 wanglimin<wanglimin@xfusion.com> - 20.10.21-2
- DESC: revert any to interface{} temporarily to allow builtable with golang-1.17.x
-       it will be withdrawed if golang upgrade to 1.18.x in the branch

* Thu Dec 14 2022 wanglimin<wanglimin@xfusion.com> - 20.10.21-1
- DESC: initial docker-20.10.21-1