Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package docker for openSUSE:Factory checked in at 2024-12-18 20:09:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/docker (Old) and /work/SRC/openSUSE:Factory/.docker.new.29675 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "docker" Wed Dec 18 20:09:12 2024 rev:158 rq:1231895 version:unknown Changes: -------- --- /work/SRC/openSUSE:Factory/docker/docker.changes 2024-12-13 22:32:59.372689236 +0100 +++ /work/SRC/openSUSE:Factory/.docker.new.29675/docker.changes 2024-12-18 20:09:29.603654507 +0100 @@ -1,0 +2,35 @@ +Wed Dec 18 12:29:07 UTC 2024 - Aleksa Sarai <asa...@suse.com> + +- Update to Docker 27.4.1-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/27/#2741> +- Rebase patches: + * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch + * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch + * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch + * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch + * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch + * cli-0001-docs-include-required-tools-in-source-tree.patch + +------------------------------------------------------------------- +Tue Dec 17 13:20:39 UTC 2024 - Aleksa Sarai <asa...@suse.com> + +- Update to docker-buildx 0.19.3. See upstream changelog online at + <https://github.com/docker/buildx/releases/tag/v0.19.3> + +------------------------------------------------------------------- +Fri Dec 13 06:12:25 UTC 2024 - Aleksa Sarai <asa...@suse.com> + +- Update to Docker 27.4.0-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/27/#274> +- Rebase patches: + * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch + * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch + * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch + * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch + * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch + * cli-0001-docs-include-required-tools-in-source-tree.patch +- Remove upstreamed patches: + - 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch + - 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch + +------------------------------------------------------------------- @@ -188,0 +224 @@ + bsc#1234089 CVE-2024-29018 Old: ---- 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch docker-26.1.5_ce_411e817ddf71.tar.xz docker-buildx-0.19.2.tar.xz docker-cli-26.1.5_ce.tar.xz New: ---- docker-27.4.1_ce_c710b88579fc.tar.xz docker-buildx-0.19.3.tar.xz docker-cli-27.4.1_ce.tar.xz BETA DEBUG BEGIN: Old:- Remove upstreamed patches: - 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch - 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch Old: - 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch - 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ docker.spec ++++++ --- /var/tmp/diff_new_pack.9mNFnW/_old 2024-12-18 20:09:30.515692520 +0100 +++ /var/tmp/diff_new_pack.9mNFnW/_new 2024-12-18 20:09:30.515692520 +0100 @@ -51,8 +51,8 @@ %endif # MANUAL: This needs to be updated with every docker update. -%define docker_real_version 26.1.5 -%define docker_git_version 411e817ddf71 +%define docker_real_version 27.4.1 +%define docker_git_version c710b88579fc %define docker_version %{docker_real_version}_ce # This "nice version" is so that docker --version gives a result that can be # parsed by other people. boo#1182476 @@ -60,7 +60,7 @@ %if %{with buildx} # MANUAL: This needs to be updated with every docker-buildx update. -%define buildx_version 0.19.2 +%define buildx_version 0.19.3 %endif # Used when generating the "build" information for Docker version. The value of @@ -68,7 +68,7 @@ # helpfully injects into our build environment from the changelog). If you want # to generate a new git_commit_epoch, use this: # $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP '(?<=^CommitDate: ).*')" '+%s' -%define git_commit_epoch 1721763388 +%define git_commit_epoch 1734439831 Name: docker%{flavour} Version: %{docker_version} @@ -104,11 +104,6 @@ Patch201: 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch # UPSTREAM: Revert of upstream patches to make apparmor work on SLE 12. Patch202: 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch -# UPSTREAM: Backport of <https://github.com/moby/buildkit/pull/4896> and -# <https://github.com/moby/buildkit/pull/5060>. -Patch203: 0006-bsc1221916-update-to-patched-buildkit-version-to-fix.patch -# UPSTREAM: Backport of <https://github.com/moby/moby/pull/48034>. -Patch204: 0007-bsc1214855-volume-use-AtomicWriteFile-to-save-volume.patch # UPSTREAM: Backport of <https://github.com/docker/cli/pull/4228>. Patch900: cli-0001-docs-include-required-tools-in-source-tree.patch BuildRequires: audit @@ -367,10 +362,6 @@ %patch -P201 -p1 # Solves apparmor issues on SLE-12, but okay for newer SLE versions too. %patch -P202 -p1 -# bsc#1221916 -%patch -P203 -p1 -# bsc#1214855 -%patch -P204 -p1 %build %sysusers_generate_pre %{SOURCE160} %{name} docker.conf @@ -402,8 +393,8 @@ pushd "%{docker_builddir}" # use go module for build -ln -s {vendor,go}.mod -ln -s {vendor,go}.sum +cp {vendor,go}.mod +cp {vendor,go}.sum ./hack/make.sh dynbinary %if %{with integration_tests} @@ -428,8 +419,8 @@ pushd "%{cli_builddir}" # use go module for build -ln -s {vendor,go}.mod -ln -s {vendor,go}.sum +cp {vendor,go}.mod +cp {vendor,go}.sum make DISABLE_WARN_OUTSIDE_CONTAINER=1 dynbinary manpages popd ++++++ 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch ++++++ --- /var/tmp/diff_new_pack.9mNFnW/_old 2024-12-18 20:09:30.539693520 +0100 +++ /var/tmp/diff_new_pack.9mNFnW/_new 2024-12-18 20:09:30.539693520 +0100 @@ -1,7 +1,7 @@ -From ec53ee338835c4c1dc583695ac166f36bf3bac5c Mon Sep 17 00:00:00 2001 +From 70a1e03d5572deb789c5c4d817257c0760b79869 Mon Sep 17 00:00:00 2001 From: Aleksa Sarai <asa...@suse.de> Date: Wed, 8 Mar 2017 12:41:54 +1100 -Subject: [PATCH 1/7] SECRETS: daemon: allow directory creation in /run/secrets +Subject: [PATCH 1/5] SECRETS: daemon: allow directory creation in /run/secrets Since FileMode can have the directory bit set, allow a SecretStore implementation to return secrets that are actually directories. This is @@ -14,7 +14,7 @@ 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/daemon/container_operations_unix.go b/daemon/container_operations_unix.go -index 4dedc1b21c87..b7c310493e79 100644 +index f572e0d8a865..88573559d537 100644 --- a/daemon/container_operations_unix.go +++ b/daemon/container_operations_unix.go @@ -3,6 +3,7 @@ @@ -25,15 +25,15 @@ "context" "fmt" "os" -@@ -16,6 +17,7 @@ import ( - "github.com/docker/docker/daemon/links" +@@ -17,6 +18,7 @@ import ( + "github.com/docker/docker/daemon/network" "github.com/docker/docker/errdefs" "github.com/docker/docker/libnetwork" + "github.com/docker/docker/pkg/archive" "github.com/docker/docker/pkg/idtools" "github.com/docker/docker/pkg/process" "github.com/docker/docker/pkg/stringid" -@@ -240,9 +242,6 @@ func (daemon *Daemon) setupSecretDir(c *container.Container) (setupErr error) { +@@ -240,9 +242,6 @@ func (daemon *Daemon) setupSecretDir(ctr *container.Container) (setupErr error) if err != nil { return errors.Wrap(err, "unable to get secret from secret store") } @@ -43,7 +43,7 @@ uid, err := strconv.Atoi(s.File.UID) if err != nil { -@@ -253,6 +252,24 @@ func (daemon *Daemon) setupSecretDir(c *container.Container) (setupErr error) { +@@ -253,6 +252,24 @@ func (daemon *Daemon) setupSecretDir(ctr *container.Container) (setupErr error) return err } @@ -69,6 +69,6 @@ return errors.Wrap(err, "error setting ownership for secret") } -- -2.45.2 +2.47.1 ++++++ 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch ++++++ --- /var/tmp/diff_new_pack.9mNFnW/_old 2024-12-18 20:09:30.551694020 +0100 +++ /var/tmp/diff_new_pack.9mNFnW/_new 2024-12-18 20:09:30.555694187 +0100 @@ -1,7 +1,7 @@ -From 7ab9590b94925a03e0f16285492a73dbc231800c Mon Sep 17 00:00:00 2001 +From f1bfb09b1d53d6ddf68beedfce4e4110c2b10118 Mon Sep 17 00:00:00 2001 From: Aleksa Sarai <asa...@suse.de> Date: Wed, 8 Mar 2017 11:43:29 +1100 -Subject: [PATCH 2/7] SECRETS: SUSE: implement SUSE container secrets +Subject: [PATCH 2/5] SECRETS: SUSE: implement SUSE container secrets This allows for us to pass in host credentials to a container, allowing for SUSEConnect to work with containers. @@ -23,10 +23,10 @@ create mode 100644 daemon/suse_secrets.go diff --git a/daemon/start.go b/daemon/start.go -index b967947af2ce..e1a1218eb016 100644 +index 027f08a6dc07..d8545f8cb46a 100644 --- a/daemon/start.go +++ b/daemon/start.go -@@ -118,6 +118,11 @@ func (daemon *Daemon) containerStart(ctx context.Context, daemonCfg *configStore +@@ -128,6 +128,11 @@ func (daemon *Daemon) containerStart(ctx context.Context, daemonCfg *configStore return err } ++++++ 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch ++++++ --- /var/tmp/diff_new_pack.9mNFnW/_old 2024-12-18 20:09:30.567694687 +0100 +++ /var/tmp/diff_new_pack.9mNFnW/_new 2024-12-18 20:09:30.567694687 +0100 @@ -1,7 +1,7 @@ -From 983a57fd37dc8e42e9c4e4dfc72eb346a4385948 Mon Sep 17 00:00:00 2001 +From 3613734aeb6eacd45e53dfd834f46dc006ba0047 Mon Sep 17 00:00:00 2001 From: Aleksa Sarai <asa...@suse.de> Date: Mon, 22 May 2023 15:44:54 +1000 -Subject: [PATCH 3/7] BUILD: SLE12: revert "graphdriver/btrfs: use kernel UAPI +Subject: [PATCH 3/5] BUILD: SLE12: revert "graphdriver/btrfs: use kernel UAPI headers" This reverts commit 3208dcabdc8997340b255f5b880fef4e3f54580d. @@ -16,7 +16,7 @@ 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/daemon/graphdriver/btrfs/btrfs.go b/daemon/graphdriver/btrfs/btrfs.go -index 6aaa33cf7622..7264d4036427 100644 +index 61f22ed2dd49..330571e3c047 100644 --- a/daemon/graphdriver/btrfs/btrfs.go +++ b/daemon/graphdriver/btrfs/btrfs.go @@ -4,17 +4,12 @@ package btrfs // import "github.com/docker/docker/daemon/graphdriver/btrfs" @@ -42,6 +42,6 @@ static void set_name_btrfs_ioctl_vol_args_v2(struct btrfs_ioctl_vol_args_v2* btrfs_struct, const char* value) { snprintf(btrfs_struct->name, BTRFS_SUBVOL_NAME_MAX, "%s", value); -- -2.45.2 +2.47.1 ++++++ 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch ++++++ --- /var/tmp/diff_new_pack.9mNFnW/_old 2024-12-18 20:09:30.579695188 +0100 +++ /var/tmp/diff_new_pack.9mNFnW/_new 2024-12-18 20:09:30.583695354 +0100 @@ -1,7 +1,7 @@ -From 8829bb8ec53399fd41dd6f46e2bad64e773e8eaa Mon Sep 17 00:00:00 2001 +From e06f78e09fa03680ce51c8a080447fbc62156d3d Mon Sep 17 00:00:00 2001 From: Aleksa Sarai <asa...@suse.de> Date: Fri, 29 Jun 2018 17:59:30 +1000 -Subject: [PATCH 4/7] bsc1073877: apparmor: clobber docker-default profile on +Subject: [PATCH 4/5] bsc1073877: apparmor: clobber docker-default profile on start In the process of making docker-default reloading far less expensive, @@ -69,10 +69,10 @@ return nil } diff --git a/daemon/daemon.go b/daemon/daemon.go -index e7ca77d8cbfc..13b39538fb00 100644 +index f152685e6026..dee4c33471d5 100644 --- a/daemon/daemon.go +++ b/daemon/daemon.go -@@ -916,8 +916,9 @@ func NewDaemon(ctx context.Context, config *config.Config, pluginStore *plugin.S +@@ -941,8 +941,9 @@ func NewDaemon(ctx context.Context, config *config.Config, pluginStore *plugin.S log.G(ctx).Warnf("Failed to configure golang's threads limit: %v", err) } @@ -81,10 +81,10 @@ + // Make sure we clobber any pre-existing docker-default profile to ensure + // that upgrades to the profile actually work smoothly. + if err := clobberDefaultAppArmorProfile(); err != nil { - log.G(ctx).Errorf(err.Error()) + log.G(ctx).WithError(err).Error("Failed to ensure default apparmor profile is loaded") } -- -2.45.2 +2.47.1 ++++++ 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch ++++++ --- /var/tmp/diff_new_pack.9mNFnW/_old 2024-12-18 20:09:30.595695854 +0100 +++ /var/tmp/diff_new_pack.9mNFnW/_new 2024-12-18 20:09:30.599696021 +0100 @@ -1,7 +1,7 @@ -From 24173cd6a2643e5e680e84920864f42ed43b6f28 Mon Sep 17 00:00:00 2001 +From 65799b8d19180cb039d257262bfa88e6629ccdf9 Mon Sep 17 00:00:00 2001 From: Aleksa Sarai <asa...@suse.de> Date: Wed, 11 Oct 2023 21:19:12 +1100 -Subject: [PATCH 5/7] SLE12: revert "apparmor: remove version-conditionals from +Subject: [PATCH 5/5] SLE12: revert "apparmor: remove version-conditionals from template" This reverts the following commits: @@ -322,6 +322,6 @@ } ` -- -2.45.2 +2.47.1 ++++++ _service ++++++ --- /var/tmp/diff_new_pack.9mNFnW/_old 2024-12-18 20:09:30.643697855 +0100 +++ /var/tmp/diff_new_pack.9mNFnW/_new 2024-12-18 20:09:30.647698022 +0100 @@ -3,24 +3,24 @@ <param name="url">https://github.com/moby/moby.git</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="versionformat">26.1.5_ce_%h</param> - <param name="revision">v26.1.5</param> + <param name="versionformat">27.4.1_ce_%h</param> + <param name="revision">v27.4.1</param> <param name="filename">docker</param> </service> <service name="tar_scm" mode="manual"> <param name="url">https://github.com/docker/cli.git</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="versionformat">26.1.5_ce</param> - <param name="revision">v26.1.5</param> + <param name="versionformat">27.4.1_ce</param> + <param name="revision">v27.4.1</param> <param name="filename">docker-cli</param> </service> <service name="tar_scm" mode="manual"> <param name="url">https://github.com/docker/buildx.git</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="versionformat">0.19.2</param> - <param name="revision">v0.19.2</param> + <param name="versionformat">0.19.3</param> + <param name="revision">v0.19.3</param> <param name="filename">docker-buildx</param> </service> <service name="recompress" mode="manual"> ++++++ cli-0001-docs-include-required-tools-in-source-tree.patch ++++++ ++++ 1433 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/docker/cli-0001-docs-include-required-tools-in-source-tree.patch ++++ and /work/SRC/openSUSE:Factory/.docker.new.29675/cli-0001-docs-include-required-tools-in-source-tree.patch ++++++ docker-26.1.5_ce_411e817ddf71.tar.xz -> docker-27.4.1_ce_c710b88579fc.tar.xz ++++++ /work/SRC/openSUSE:Factory/docker/docker-26.1.5_ce_411e817ddf71.tar.xz /work/SRC/openSUSE:Factory/.docker.new.29675/docker-27.4.1_ce_c710b88579fc.tar.xz differ: char 16, line 1 ++++++ docker-buildx-0.19.2.tar.xz -> docker-buildx-0.19.3.tar.xz ++++++ /work/SRC/openSUSE:Factory/docker/docker-buildx-0.19.2.tar.xz /work/SRC/openSUSE:Factory/.docker.new.29675/docker-buildx-0.19.3.tar.xz differ: char 15, line 1 ++++++ docker-cli-26.1.5_ce.tar.xz -> docker-cli-27.4.1_ce.tar.xz ++++++ ++++ 101799 lines of diff (skipped)
