Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rke2-selinux for openSUSE:Factory checked in at 2022-11-25 15:47:03 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rke2-selinux (Old) and /work/SRC/openSUSE:Factory/.rke2-selinux.new.1597 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rke2-selinux" Fri Nov 25 15:47:03 2022 rev:2 rq:1038193 version:0.11.latest.1 Changes: -------- --- /work/SRC/openSUSE:Factory/rke2-selinux/rke2-selinux.changes 2022-01-26 21:28:28.113378459 +0100 +++ /work/SRC/openSUSE:Factory/.rke2-selinux.new.1597/rke2-selinux.changes 2022-11-25 15:47:04.652499281 +0100 @@ -1,0 +2,10 @@ +Thu Nov 24 16:12:58 UTC 2022 - [email protected] + +- Update to version 0.11.latest.1: + * Fix EOF error + * Add container_file_t context to /opt/cni + * Bump pip/setuptools version; switch to https for git clone + * Use SHA256 to sign packages instead of default SHA1 + * centos 8 vault: side-step eol problems (#28) + +------------------------------------------------------------------- Old: ---- rke2-selinux-0.9.latest.1.tar.gz New: ---- rke2-selinux-0.11.latest.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rke2-selinux.spec ++++++ --- /var/tmp/diff_new_pack.75SERy/_old 2022-11-25 15:47:05.304502939 +0100 +++ /var/tmp/diff_new_pack.75SERy/_new 2022-11-25 15:47:05.308502962 +0100 @@ -1,5 +1,5 @@ # -# spec file for package rke-selinux +# spec file for package rke2-selinux # # Copyright (c) 2022 SUSE LLC # @@ -15,6 +15,7 @@ # Please submit bugfixes or comments via https://bugs.opensuse.org/ # + %define rke2_relabel_files() \ mkdir -p /var/lib/cni; \ mkdir -p /var/lib/kubelet/pods; \ @@ -34,7 +35,7 @@ %define container_policyver 2.164.2-1.1 Name: rke2-selinux -Version: 0.9.latest.1 +Version: 0.11.latest.1 Release: 0 Summary: SELinux policy module for rke2 @@ -49,11 +50,12 @@ BuildRequires: selinux-policy >= %{selinux_policyver} BuildRequires: selinux-policy-devel >= %{selinux_policyver} -Requires: policycoreutils, selinux-tools +Requires: policycoreutils +Requires: selinux-tools Requires(post): selinux-policy-base >= %{selinux_policyver} Requires(post): policycoreutils Requires(post): container-selinux >= %{container_policyver} -Requires(postun): policycoreutils +Requires(postun):policycoreutils Provides: %{name} = %{version}-%{release} Obsoletes: rke2-selinux < 0.9 ++++++ _service ++++++ --- /var/tmp/diff_new_pack.75SERy/_old 2022-11-25 15:47:05.356503230 +0100 +++ /var/tmp/diff_new_pack.75SERy/_new 2022-11-25 15:47:05.360503254 +0100 @@ -3,7 +3,7 @@ <param name="url">https://github.com/rancher/rke2-selinux</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="revision">v0.9.latest.1</param> + <param name="revision">v0.11.stable.1</param> <param name="versionformat">@PARENT_TAG@</param> <param name="changesgenerate">enable</param> <param name="versionrewrite-pattern">v(.*)</param> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.75SERy/_old 2022-11-25 15:47:05.392503433 +0100 +++ /var/tmp/diff_new_pack.75SERy/_new 2022-11-25 15:47:05.396503455 +0100 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/rancher/rke2-selinux</param> - <param name="changesrevision">337f0a28ff298f889edc69b164661137d2b45db0</param></service></servicedata> + <param name="changesrevision">d5efcf12e3100f503eff4f5b214e711ce43eb398</param></service></servicedata> (No newline at EOF) ++++++ rke2-selinux-0.9.latest.1.tar.gz -> rke2-selinux-0.11.latest.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rke2-selinux-0.9.latest.1/Dockerfile.centos8.dapper new/rke2-selinux-0.11.latest.1/Dockerfile.centos8.dapper --- old/rke2-selinux-0.9.latest.1/Dockerfile.centos8.dapper 2021-11-11 22:53:04.000000000 +0100 +++ new/rke2-selinux-0.11.latest.1/Dockerfile.centos8.dapper 2022-11-15 23:05:02.000000000 +0100 @@ -1,5 +1,7 @@ FROM centos:8 +RUN find /etc/yum.repos.d -type f -name '*.repo' -exec \ + sed -i -e '/mirrorlist.*/d' -e 's%#baseurl=http://mirror.centos.org%baseurl=http://vault.centos.org%g' {} \; RUN yum install -y epel-release \ && yum -y install container-selinux git rpm-build selinux-policy-devel yum-utils diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rke2-selinux-0.9.latest.1/policy/centos7/rke2-selinux.spec new/rke2-selinux-0.11.latest.1/policy/centos7/rke2-selinux.spec --- old/rke2-selinux-0.9.latest.1/policy/centos7/rke2-selinux.spec 2021-11-11 22:53:04.000000000 +0100 +++ new/rke2-selinux-0.11.latest.1/policy/centos7/rke2-selinux.spec 2022-11-15 23:05:02.000000000 +0100 @@ -2,6 +2,7 @@ %define rke2_relabel_files() \ mkdir -p /var/lib/cni; \ +mkdir -p /opt/cni; \ mkdir -p /var/lib/kubelet/pods; \ mkdir -p /var/lib/rancher/rke2/agent/containerd/io.containerd.snapshotter.v1.overlayfs/snapshots; \ mkdir -p /var/lib/rancher/rke2/data; \ @@ -10,6 +11,7 @@ restorecon -R -i /etc/systemd/system/rke2.service; \ restorecon -R -i /usr/lib/systemd/system/rke2.service; \ restorecon -R /var/lib/cni; \ +restorecon -R /opt/cni; \ restorecon -R /var/lib/kubelet; \ restorecon -R /var/lib/rancher; \ restorecon -R /var/run/k3s; \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rke2-selinux-0.9.latest.1/policy/centos7/rke2.fc new/rke2-selinux-0.11.latest.1/policy/centos7/rke2.fc --- old/rke2-selinux-0.9.latest.1/policy/centos7/rke2.fc 2021-11-11 22:53:04.000000000 +0100 +++ new/rke2-selinux-0.11.latest.1/policy/centos7/rke2.fc 2022-11-15 23:05:02.000000000 +0100 @@ -6,6 +6,7 @@ /usr/bin/rke2 -- gen_context(system_u:object_r:container_runtime_exec_t,s0) /usr/local/bin/rke2 -- gen_context(system_u:object_r:container_runtime_exec_t,s0) /var/lib/cni(/.*)? gen_context(system_u:object_r:container_var_lib_t,s0) +/opt/cni(/.*)? gen_context(system_u:object_r:container_file_t,s0) /var/lib/kubelet/pods(/.*)? gen_context(system_u:object_r:container_file_t,s0) /var/lib/rancher/rke2(/.*)? gen_context(system_u:object_r:container_var_lib_t,s0) /var/lib/rancher/rke2/data(/.*)? gen_context(system_u:object_r:container_runtime_exec_t,s0) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rke2-selinux-0.9.latest.1/policy/centos7/scripts/sign new/rke2-selinux-0.11.latest.1/policy/centos7/scripts/sign --- old/rke2-selinux-0.9.latest.1/policy/centos7/scripts/sign 2021-11-11 22:53:04.000000000 +0100 +++ new/rke2-selinux-0.11.latest.1/policy/centos7/scripts/sign 2022-11-15 23:05:02.000000000 +0100 @@ -10,6 +10,9 @@ cat <<\EOF >~/.rpmmacros %_signature gpg %_gpg_name [email protected] +%__gpg_sign_cmd %{__gpg} gpg --force-v3-sigs --batch --verbose --no-armor --passphrase-fd 3 --no-secmem-warning -u "%{_gpg_name}" -sbo %{__signature_filename} --digest-algo sha256 %{__plaintext_filename} +%_source_filedigest_algorithm 8 +%_binary_filedigest_algorithm 8 EOF case "$RPM_CHANNEL" in diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rke2-selinux-0.9.latest.1/policy/centos7/scripts/upload-repo new/rke2-selinux-0.11.latest.1/policy/centos7/scripts/upload-repo --- old/rke2-selinux-0.9.latest.1/policy/centos7/scripts/upload-repo 2021-11-11 22:53:04.000000000 +0100 +++ new/rke2-selinux-0.11.latest.1/policy/centos7/scripts/upload-repo 2022-11-15 23:05:02.000000000 +0100 @@ -7,9 +7,9 @@ yum install -y epel-release yum install -y git python2-pip python-deltarpm -pip install boto3==1.17.112 +pip install --cache-dir=/var/cache/pip --upgrade 'boto3==1.17.112' 'pip<21.0' 'setuptools<45.0' pip install --cache-dir=/var/cache/pip/ \ - git+git://github.com/Voronenko/rpm-s3.git@5695c6ad9a08548141d3713328e1bd3f533d137e + git+https://github.com/Voronenko/rpm-s3.git@5695c6ad9a08548141d3713328e1bd3f533d137e if [ -z "$RPM_CHANNEL" ]; then echo "RPM_CHANNEL not defined, failing rpm upload" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rke2-selinux-0.9.latest.1/policy/centos8/rke2-selinux.spec new/rke2-selinux-0.11.latest.1/policy/centos8/rke2-selinux.spec --- old/rke2-selinux-0.9.latest.1/policy/centos8/rke2-selinux.spec 2021-11-11 22:53:04.000000000 +0100 +++ new/rke2-selinux-0.11.latest.1/policy/centos8/rke2-selinux.spec 2022-11-15 23:05:02.000000000 +0100 @@ -2,6 +2,7 @@ %define rke2_relabel_files() \ mkdir -p /var/lib/cni; \ +mkdir -p /opt/cni; \ mkdir -p /var/lib/kubelet/pods; \ mkdir -p /var/lib/rancher/rke2/agent/containerd/io.containerd.snapshotter.v1.overlayfs/snapshots; \ mkdir -p /var/lib/rancher/rke2/data; \ @@ -10,6 +11,7 @@ restorecon -R -i /etc/systemd/system/rke2.service; \ restorecon -R -i /usr/lib/systemd/system/rke2.service; \ restorecon -R /var/lib/cni; \ +restorecon -R /opt/cni; \ restorecon -R /var/lib/kubelet; \ restorecon -R /var/lib/rancher; \ restorecon -R /var/run/k3s; \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rke2-selinux-0.9.latest.1/policy/centos8/rke2.fc new/rke2-selinux-0.11.latest.1/policy/centos8/rke2.fc --- old/rke2-selinux-0.9.latest.1/policy/centos8/rke2.fc 2021-11-11 22:53:04.000000000 +0100 +++ new/rke2-selinux-0.11.latest.1/policy/centos8/rke2.fc 2022-11-15 23:05:02.000000000 +0100 @@ -10,6 +10,7 @@ /usr/bin/rke2 -- gen_context(system_u:object_r:container_runtime_exec_t,s0) /usr/local/bin/rke2 -- gen_context(system_u:object_r:container_runtime_exec_t,s0) #/var/lib/cni(/.*)? gen_context(system_u:object_r:container_var_lib_t,s0) +/opt/cni(/.*)? gen_context(system_u:object_r:container_file_t,s0) #/var/lib/kubelet/pods(/.*)? gen_context(system_u:object_r:container_file_t,s0) /var/lib/rancher/rke2(/.*)? gen_context(system_u:object_r:container_var_lib_t,s0) /var/lib/rancher/rke2/data(/.*)? gen_context(system_u:object_r:container_runtime_exec_t,s0) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rke2-selinux-0.9.latest.1/policy/centos8/scripts/sign new/rke2-selinux-0.11.latest.1/policy/centos8/scripts/sign --- old/rke2-selinux-0.9.latest.1/policy/centos8/scripts/sign 2021-11-11 22:53:04.000000000 +0100 +++ new/rke2-selinux-0.11.latest.1/policy/centos8/scripts/sign 2022-11-15 23:05:02.000000000 +0100 @@ -10,6 +10,9 @@ cat <<\EOF >~/.rpmmacros %_signature gpg %_gpg_name [email protected] +%__gpg_sign_cmd %{__gpg} gpg --force-v3-sigs --batch --verbose --no-armor --passphrase-fd 3 --no-secmem-warning -u "%{_gpg_name}" -sbo %{__signature_filename} --digest-algo sha256 %{__plaintext_filename} +%_source_filedigest_algorithm 8 +%_binary_filedigest_algorithm 8 EOF case "$RPM_CHANNEL" in diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rke2-selinux-0.9.latest.1/policy/centos8/scripts/upload-repo new/rke2-selinux-0.11.latest.1/policy/centos8/scripts/upload-repo --- old/rke2-selinux-0.9.latest.1/policy/centos8/scripts/upload-repo 2021-11-11 22:53:04.000000000 +0100 +++ new/rke2-selinux-0.11.latest.1/policy/centos8/scripts/upload-repo 2022-11-15 23:05:02.000000000 +0100 @@ -7,9 +7,9 @@ yum install -y epel-release yum install -y git python2-pip python-deltarpm -pip install boto3==1.17.112 +pip install --cache-dir=/var/cache/pip --upgrade 'boto3==1.17.112' 'pip<21.0' 'setuptools<45.0' pip install --cache-dir=/var/cache/pip/ \ - git+git://github.com/Voronenko/rpm-s3.git@5695c6ad9a08548141d3713328e1bd3f533d137e + git+https://github.com/Voronenko/rpm-s3.git@5695c6ad9a08548141d3713328e1bd3f533d137e if [ -z "$RPM_CHANNEL" ]; then echo "RPM_CHANNEL not defined, failing rpm upload" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rke2-selinux-0.9.latest.1/policy/microos/rke2-selinux.spec new/rke2-selinux-0.11.latest.1/policy/microos/rke2-selinux.spec --- old/rke2-selinux-0.9.latest.1/policy/microos/rke2-selinux.spec 2021-11-11 22:53:04.000000000 +0100 +++ new/rke2-selinux-0.11.latest.1/policy/microos/rke2-selinux.spec 2022-11-15 23:05:02.000000000 +0100 @@ -2,6 +2,7 @@ %define rke2_relabel_files() \ mkdir -p /var/lib/cni; \ +mkdir -p /opt/cni; \ mkdir -p /var/lib/kubelet/pods; \ mkdir -p /var/lib/rancher/rke2/agent/containerd/io.containerd.snapshotter.v1.overlayfs/snapshots; \ mkdir -p /var/lib/rancher/rke2/data; \ @@ -10,6 +11,7 @@ restorecon -R -i /etc/systemd/system/rke2.service; \ restorecon -R -i /usr/lib/systemd/system/rke2.service; \ restorecon -R /var/lib/cni; \ +restorecon -R /opt/cni; \ restorecon -R /var/lib/kubelet; \ restorecon -R /var/lib/rancher; \ restorecon -R /var/run/k3s; \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rke2-selinux-0.9.latest.1/policy/microos/rke2.fc new/rke2-selinux-0.11.latest.1/policy/microos/rke2.fc --- old/rke2-selinux-0.9.latest.1/policy/microos/rke2.fc 2021-11-11 22:53:04.000000000 +0100 +++ new/rke2-selinux-0.11.latest.1/policy/microos/rke2.fc 2022-11-15 23:05:02.000000000 +0100 @@ -10,6 +10,7 @@ /usr/bin/rke2 -- gen_context(system_u:object_r:container_runtime_exec_t,s0) /usr/local/bin/rke2 -- gen_context(system_u:object_r:container_runtime_exec_t,s0) #/var/lib/cni(/.*)? gen_context(system_u:object_r:container_var_lib_t,s0) +/opt/cni(/.*)? gen_context(system_u:object_r:container_file_t,s0) #/var/lib/kubelet/pods(/.*)? gen_context(system_u:object_r:container_file_t,s0) /var/lib/rancher/rke2(/.*)? gen_context(system_u:object_r:container_var_lib_t,s0) /var/lib/rancher/rke2/data(/.*)? gen_context(system_u:object_r:container_runtime_exec_t,s0) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rke2-selinux-0.9.latest.1/policy/microos/scripts/sign new/rke2-selinux-0.11.latest.1/policy/microos/scripts/sign --- old/rke2-selinux-0.9.latest.1/policy/microos/scripts/sign 2021-11-11 22:53:04.000000000 +0100 +++ new/rke2-selinux-0.11.latest.1/policy/microos/scripts/sign 2022-11-15 23:05:02.000000000 +0100 @@ -10,6 +10,9 @@ cat <<\EOF >~/.rpmmacros %_signature gpg %_gpg_name [email protected] +%__gpg_sign_cmd %{__gpg} gpg --force-v3-sigs --batch --verbose --no-armor --passphrase-fd 3 --no-secmem-warning -u "%{_gpg_name}" -sbo %{__signature_filename} --digest-algo sha256 %{__plaintext_filename} +%_source_filedigest_algorithm 8 +%_binary_filedigest_algorithm 8 EOF case "$RPM_CHANNEL" in diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rke2-selinux-0.9.latest.1/policy/microos/scripts/upload-repo new/rke2-selinux-0.11.latest.1/policy/microos/scripts/upload-repo --- old/rke2-selinux-0.9.latest.1/policy/microos/scripts/upload-repo 2021-11-11 22:53:04.000000000 +0100 +++ new/rke2-selinux-0.11.latest.1/policy/microos/scripts/upload-repo 2022-11-15 23:05:02.000000000 +0100 @@ -7,9 +7,9 @@ yum install -y epel-release yum install -y git python2-pip python-deltarpm -pip install boto3==1.17.112 +pip install --cache-dir=/var/cache/pip --upgrade 'boto3==1.17.112' 'pip<21.0' 'setuptools<45.0' pip install --cache-dir=/var/cache/pip/ \ - git+git://github.com/Voronenko/rpm-s3.git@5695c6ad9a08548141d3713328e1bd3f533d137e + git+https://github.com/Voronenko/rpm-s3.git@5695c6ad9a08548141d3713328e1bd3f533d137e if [ -z "$RPM_CHANNEL" ]; then echo "RPM_CHANNEL not defined, failing rpm upload"
