diff options
Diffstat (limited to 'recipes-containers/skopeo/skopeo_git.bb')
| -rw-r--r-- | recipes-containers/skopeo/skopeo_git.bb | 52 |
1 files changed, 22 insertions, 30 deletions
diff --git a/recipes-containers/skopeo/skopeo_git.bb b/recipes-containers/skopeo/skopeo_git.bb index df8ec372..5083b658 100644 --- a/recipes-containers/skopeo/skopeo_git.bb +++ b/recipes-containers/skopeo/skopeo_git.bb @@ -1,7 +1,7 @@ HOMEPAGE = "https://github.com/containers/skopeo" SUMMARY = "Work with remote images registries - retrieving information, images, signing content" LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://src/import/LICENSE;md5=7e611105d3e369954840a6668c438584" +LIC_FILES_CHKSUM = "file://LICENSE;md5=7e611105d3e369954840a6668c438584" DEPENDS = " \ gpgme \ @@ -9,11 +9,12 @@ DEPENDS = " \ lvm2 \ btrfs-tools \ glib-2.0 \ - ostree \ " inherit go +COMPATIBLE_HOST = "^(?!mips).*" + RDEPENDS:${PN} = " \ gpgme \ libgpg-error \ @@ -21,21 +22,25 @@ RDEPENDS:${PN} = " \ " SRC_URI = " \ - git://github.com/containers/skopeo;branch=main;protocol=https \ - file://0001-Makefile-use-pkg-config-instead-of-gpgme-config.patch \ - file://storage.conf \ - file://registries.conf \ + git://github.com/containers/skopeo;branch=release-1.14;protocol=https;destsuffix=git/src/github.com/containers/skopeo \ + file://0001-makefile-add-GOBUILDFLAGS-to-go-build-call.patch \ " -SRCREV = "1d24e657fa4a07a39939391902f8030f37716c32" -PV = "v1.5.2+git${SRCPV}" +SRCREV = "1c2ab995059dd011aad74e2c37305d636ebd2675" +PV = "v1.14.2+git" GO_IMPORT = "import" -S = "${WORKDIR}/git" +S = "${WORKDIR}/git/src/github.com/containers/skopeo" inherit goarch inherit pkgconfig +inherit container-host + +# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10214 +# https://github.com/containers/image/issues/654 +CVE_STATUS[CVE-2019-10214] = "fixed-version: This CVE was fixed in the container image go library skopeo is using." + # This disables seccomp and apparmor, which are on by default in the # go package. EXTRA_OEMAKE="BUILDTAGS=''" @@ -43,29 +48,20 @@ EXTRA_OEMAKE="BUILDTAGS=''" do_compile() { export GOARCH="${TARGET_GOARCH}" - # Setup vendor directory so that it can be used in GOPATH. - # - # Go looks in a src directory under any directory in GOPATH but riddler - # uses 'vendor' instead of 'vendor/src'. We can fix this with a symlink. - # - # We also need to link in the ipallocator directory as that is not under - # a src directory. - ln -sfn . "${S}/src/import/vendor/src" - mkdir -p "${S}/src/import/vendor/src/github.com/projectatomic/skopeo" - ln -sfn "${S}/src/import/skopeo" "${S}/src/import/vendor/src/github.com/projectatomic/skopeo" - ln -sfn "${S}/src/import/version" "${S}/src/import/vendor/src/github.com/projectatomic/skopeo/version" - export GOPATH="${S}/src/import/vendor" + export GOPATH="${S}/src/import/.gopath:${S}/src/import/vendor:${STAGING_DIR_TARGET}/${prefix}/local/go:${WORKDIR}/git/" + cd ${S} # Pass the needed cflags/ldflags so that cgo # can find the needed headers files and libraries export CGO_ENABLED="1" export CFLAGS="" export LDFLAGS="" - export CGO_CFLAGS="${BUILDSDK_CFLAGS} --sysroot=${STAGING_DIR_TARGET}" - export CGO_LDFLAGS="${BUILDSDK_LDFLAGS} --sysroot=${STAGING_DIR_TARGET}" - cd ${S}/src/import + export CGO_CFLAGS="${TARGET_CFLAGS}" + export CGO_LDFLAGS="${TARGET_LDFLAGS}" export GO111MODULE=off + export GOBUILDFLAGS="-trimpath" + export EXTRA_LDFLAGS="-s -w" oe_runmake bin/skopeo } @@ -74,11 +70,7 @@ do_install() { install -d ${D}/${sbindir} install -d ${D}/${sysconfdir}/containers - install ${S}/src/import/bin/skopeo ${D}/${sbindir}/ - install ${S}/src/import/default-policy.json ${D}/${sysconfdir}/containers/policy.json - - install ${WORKDIR}/storage.conf ${D}/${sysconfdir}/containers/storage.conf - install ${WORKDIR}/registries.conf ${D}/${sysconfdir}/containers/registries.conf + install ${S}/bin/skopeo ${D}/${sbindir}/ } do_install:append:class-native() { @@ -94,6 +86,6 @@ do_install:append:class-nativesdk() { --policy ${sysconfdir}/containers/policy.json } -INSANE_SKIP:${PN} += "ldflags" +INSANE_SKIP:${PN} += "ldflags already-stripped" BBCLASSEXTEND = "native nativesdk" |