app-emulation/docker: Sync with upstream, bump to 17.06.1 / Go 1.8

This switches to the new Docker CE repo structure.  It points to
the docker/docker-ce GitHub repo directly now, not the CoreOS fork.

The cros_workon code was dropped, so we are building unmodified
upstream releases now.  If fixes need to be backported, patch files
can just be added to the PATCHES array since this uses EAPI=6.

LDFLAGS are tacked onto the -extldflags option to support torcx.  A
special RPATH is added for torcx support, which is passed through
the LDFLAGS environment variable.  The value is applied along with
the "hardened" USE flag's options, so note that torcx will not work
if that flag is disabled.
This commit is contained in:
David Michael 2017-08-18 18:18:50 -07:00
parent d97cc4a139
commit 9492b0b1ed
4 changed files with 96 additions and 83 deletions

View File

@ -0,0 +1 @@
DIST docker-17.06.1.tar.gz 9682381 SHA256 2ca8615162873b32d9565f95a4b2977d025fd44c69e087046e004f5dfb1ce30c SHA512 0a7dd578b3f5aa2be9e8df270b74cc5ad698b9c00ed4c314ecfea588cddddef26c0696265978d09abc5799f22f8bd8013b4f1a818e78eb7f7a4e7c15e082b5d0 WHIRLPOOL f6cf32cca15b36b4fa17239ee800d7e9347fc5f97050eca3590c75a76ab4d36ffff676508e7240aef5bd440795a870aa4349f7cede4e9fb4d610a3146693f8d7

View File

@ -1,39 +1,45 @@
# Copyright 1999-2017 Gentoo Foundation # Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2 # Distributed under the terms of the GNU General Public License v2
EAPI=5 EAPI=6
CROS_WORKON_PROJECT="coreos/docker" COREOS_GO_PACKAGE="github.com/docker/docker-ce"
CROS_WORKON_LOCALNAME="docker" COREOS_GO_VERSION="go1.8"
CROS_WORKON_REPO="git://github.com"
COREOS_GO_VERSION="go1.7"
if [[ ${PV} == *9999 ]]; then if [[ ${PV} = *9999* ]]; then
DOCKER_GITCOMMIT="unknown" # Docker cannot be fetched via "go get", thanks to autogenerated code
EGIT_REPO_URI="https://${COREOS_GO_PACKAGE}.git"
EGIT_CHECKOUT_DIR="${WORKDIR}/${P}/src/${COREOS_GO_PACKAGE}"
inherit git-r3
KEYWORDS="~amd64 ~arm64" KEYWORDS="~amd64 ~arm64"
else else
CROS_WORKON_COMMIT="89658bed64c2a8fe05a978e5b87dbec409d57a0f" # coreos-17.05.0-ce inherit versionator
DOCKER_GITCOMMIT="${CROS_WORKON_COMMIT:0:7}" if [ "$(get_version_component_count)" = 4 ]; then
KEYWORDS="amd64 arm64" MY_PV="$(replace_version_separator 3 '-ce-')"
else
MY_PV="$PV-ce"
fi fi
DOCKER_GITCOMMIT="874a737"
SRC_URI="https://${COREOS_GO_PACKAGE}/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz"
KEYWORDS="amd64 arm64"
[ "$DOCKER_GITCOMMIT" ] || die "DOCKER_GITCOMMIT must be added manually for each bump!"
fi
inherit bash-completion-r1 coreos-go-depend linux-info systemd udev user
inherit bash-completion-r1 eutils linux-info multilib systemd udev user cros-workon coreos-go-depend DESCRIPTION="The core functions you need to create Docker images and run Docker containers"
DESCRIPTION="Docker complements kernel namespacing with a high-level API which operates at the process level"
HOMEPAGE="https://dockerproject.org" HOMEPAGE="https://dockerproject.org"
LICENSE="Apache-2.0" LICENSE="Apache-2.0"
SLOT="0" SLOT="0"
IUSE="apparmor aufs +btrfs +container-init +device-mapper +overlay pkcs11 +journald seccomp +selinux vim-syntax zsh-completion" IUSE="apparmor aufs +btrfs +container-init +device-mapper hardened +overlay pkcs11 seccomp +journald +selinux"
# https://github.com/docker/docker/blob/v17.05.0-ce/project/PACKAGERS.md#build-dependencies # https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies
CDEPEND=" CDEPEND="
>=dev-db/sqlite-3.7.9:3 >=dev-db/sqlite-3.7.9:3
device-mapper? ( device-mapper? (
>=sys-fs/lvm2-2.02.89[thin] >=sys-fs/lvm2-2.02.89[thin]
) )
seccomp? ( seccomp? ( >=sys-libs/libseccomp-2.2.1[static-libs] )
>=sys-libs/libseccomp-2.2.1[static-libs] apparmor? ( sys-libs/libapparmor )
)
" "
DEPEND=" DEPEND="
@ -49,26 +55,25 @@ DEPEND="
# or an explicit copy when installing binary packages. See coreos-kernel.eclass # or an explicit copy when installing binary packages. See coreos-kernel.eclass
DEPEND+="sys-kernel/coreos-kernel" DEPEND+="sys-kernel/coreos-kernel"
# https://github.com/docker/docker/blob/master/hack/PACKAGERS.md#runtime-dependencies # https://github.com/docker/docker/blob/master/project/PACKAGERS.md#runtime-dependencies
# https://github.com/docker/docker/blob/master/hack/PACKAGERS.md#optional-dependencies # https://github.com/docker/docker/blob/master/project/PACKAGERS.md#optional-dependencies
RDEPEND=" RDEPEND="
${CDEPEND} ${CDEPEND}
!app-emulation/docker-bin
>=net-firewall/iptables-1.4 >=net-firewall/iptables-1.4
sys-process/procps sys-process/procps
>=dev-vcs/git-1.7 >=dev-vcs/git-1.7
>=app-arch/xz-utils-4.9 >=app-arch/xz-utils-4.9
>=sys-apps/shadow-4.4
>=app-emulation/containerd-0.2.7_p2-r1[seccomp?] =app-emulation/containerd-0.2.9_p7[seccomp?]
=app-emulation/runc-1.0.0_rc2_p137[apparmor?,seccomp?] =app-emulation/docker-runc-1.0.0_rc3_p53[apparmor?,seccomp?]
app-emulation/docker-proxy app-emulation/docker-proxy
container-init? ( >=sys-process/tini-0.13.1 ) container-init? ( >=sys-process/tini-0.13.1 )
" "
RESTRICT="installsources strip" RESTRICT="installsources strip"
S="${WORKDIR}/${P}/src/${COREOS_GO_PACKAGE}"
# see "contrib/check-config.sh" from upstream's sources # see "contrib/check-config.sh" from upstream's sources
CONFIG_CHECK=" CONFIG_CHECK="
~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS ~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS
@ -193,34 +198,30 @@ pkg_setup() {
enewgroup docker enewgroup docker
} }
src_prepare() { src_unpack() {
# allow user patches (use sparingly - upstream won't support them) if [ -n "$DOCKER_GITCOMMIT" ]; then
epatch_user mkdir -p "${S}"
tar --strip-components=1 -C "${S}" -xf "${DISTDIR}/${A}"
# remove the .git directory so that hack/make.sh uses DOCKER_GITCOMMIT else
# for the commit hash. git-r3_src_unpack
rm --recursive --force .git DOCKER_GITCOMMIT=$(git -C "${S}" rev-parse HEAD | head -c 7)
fi
} }
src_compile() { src_compile() {
# if we treat them right, Docker's build scripts will set up a export GOPATH="${WORKDIR}/${P}"
# reasonable GOPATH for us
export AUTO_GOPATH=1
# if we're building from a zip, we need the GITCOMMIT value # setup CFLAGS and LDFLAGS for separate build target
# see https://github.com/tianon/docker-overlay/pull/10
export CGO_CFLAGS="-I${ROOT}/usr/include"
export CGO_LDFLAGS="-L${ROOT}/usr/$(get_libdir)"
# if we're building from a tarball, we need the GITCOMMIT value
[ "$DOCKER_GITCOMMIT" ] && export DOCKER_GITCOMMIT [ "$DOCKER_GITCOMMIT" ] && export DOCKER_GITCOMMIT
if gcc-specs-pie; then # fake golang layout
sed -i "s/EXTLDFLAGS_STATIC='/&-fno-PIC /" hack/make.sh || die ln -s docker-ce/components/engine ../docker || die
grep -q -- '-fno-PIC' hack/make.sh || die 'hardened sed failed' ln -s docker-ce/components/cli ../cli || die
sed "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \
-i hack/make/dynbinary-client || die
sed "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \
-i hack/make/dynbinary-daemon || die
grep -q -- '-fno-PIC' hack/make/dynbinary-daemon || die 'hardened sed failed'
grep -q -- '-fno-PIC' hack/make/dynbinary-client || die 'hardened sed failed'
fi
# let's set up some optional features :) # let's set up some optional features :)
export DOCKER_BUILDTAGS='' export DOCKER_BUILDTAGS=''
@ -236,24 +237,42 @@ src_compile() {
fi fi
done done
go_export pushd components/engine || die
# verbose building if use hardened; then
export BUILDFLAGS="-x -v" sed -i "s#EXTLDFLAGS_STATIC='#&-fno-PIC $LDFLAGS #" hack/make.sh || die
grep -q -- '-fno-PIC' hack/make.sh || die 'hardened sed failed'
sed "s#LDFLAGS_STATIC_DOCKER='#&-extldflags \"-fno-PIC $LDFLAGS\" #" \
-i hack/make/dynbinary-daemon || die
grep -q -- '-fno-PIC' hack/make/dynbinary-daemon || die 'hardened sed failed'
fi
# time to build! # build daemon
./hack/make.sh dynbinary || die 'dynbinary failed' ./hack/make.sh dynbinary || die 'dynbinary failed'
popd || die # components/engine
pushd components/cli || die
# build cli
emake \
LDFLAGS="$(usex hardened "-extldflags \"-fno-PIC $LDFLAGS\"" '')" \
VERSION="$(cat ../../VERSION)" \
GITCOMMIT="${DOCKER_GITCOMMIT}" \
dynbinary || die
popd || die # components/cli
} }
src_install() { src_install() {
VERSION="$(cat VERSION)"
newbin "bundles/$VERSION/dynbinary-client/docker-$VERSION" docker
newbin "bundles/$VERSION/dynbinary-daemon/dockerd-$VERSION" dockerd
dosym containerd /usr/bin/docker-containerd dosym containerd /usr/bin/docker-containerd
dosym containerd-shim /usr/bin/docker-containerd-shim dosym containerd-shim /usr/bin/docker-containerd-shim
dosym runc /usr/bin/docker-runc dosym runc /usr/bin/docker-runc
use container-init && dosym tini /usr/bin/docker-init use container-init && dosym tini /usr/bin/docker-init
pushd components/engine || die
newbin "$(readlink -f bundles/latest/dynbinary-daemon/dockerd)" dockerd
newinitd contrib/init/openrc/docker.initd docker newinitd contrib/init/openrc/docker.initd docker
newconfd contrib/init/openrc/docker.confd docker newconfd contrib/init/openrc/docker.confd docker
@ -273,18 +292,19 @@ src_install() {
dodoc AUTHORS CONTRIBUTING.md CHANGELOG.md NOTICE README.md dodoc AUTHORS CONTRIBUTING.md CHANGELOG.md NOTICE README.md
dodoc -r docs/* dodoc -r docs/*
dobashcomp contrib/completion/bash/*
if use zsh-completion; then
insinto /usr/share/zsh/site-functions
doins contrib/completion/zsh/*
fi
if use vim-syntax; then
insinto /usr/share/vim/vimfiles insinto /usr/share/vim/vimfiles
doins -r contrib/syntax/vim/ftdetect doins -r contrib/syntax/vim/ftdetect
doins -r contrib/syntax/vim/syntax doins -r contrib/syntax/vim/syntax
fi popd || die # components/engine
pushd components/cli || die
newbin build/docker-* docker
dobashcomp contrib/completion/bash/*
insinto /usr/share/zsh/site-functions
doins contrib/completion/zsh/_*
popd || die # components/cli
} }
pkg_postinst() { pkg_postinst() {

View File

@ -8,23 +8,18 @@
scale, in production, on VMs, bare metal, OpenStack clusters, public scale, in production, on VMs, bare metal, OpenStack clusters, public
clouds and more. clouds and more.
</longdescription> </longdescription>
<herd>proxy-maintainers</herd> <maintainer type="person">
<maintainer status="active">
<email>admwiggin@gmail.com</email> <email>admwiggin@gmail.com</email>
<name>Tianon</name> <name>Tianon</name>
</maintainer> </maintainer>
<maintainer> <maintainer type="person">
<email>xarthisius@gentoo.org</email>
<name>Kacper Kowalik</name>
</maintainer>
<maintainer>
<email>alunduil@gentoo.org</email>
<name>Alex Brandt</name>
</maintainer>
<maintainer>
<email>williamh@gentoo.org</email> <email>williamh@gentoo.org</email>
<name>William Hubbs</name> <name>William Hubbs</name>
</maintainer> </maintainer>
<maintainer type="person">
<email>mrueg@gentoo.org</email>
<name>Manuel Rüger</name>
</maintainer>
<use> <use>
<flag name="aufs"> <flag name="aufs">
Enables dependencies for the "aufs" graph driver, including Enables dependencies for the "aufs" graph driver, including
@ -37,23 +32,20 @@
Enables dependencies for the "btrfs" graph driver, including Enables dependencies for the "btrfs" graph driver, including
necessary kernel flags. necessary kernel flags.
</flag> </flag>
<flag name="contrib"> <flag name="container-init">
Install additional contrib scripts and components. Makes the a staticly-linked init system tini available inside a
container.
</flag> </flag>
<flag name="device-mapper"> <flag name="device-mapper">
Enables dependencies for the "devicemapper" graph driver, including Enables dependencies for the "devicemapper" graph driver, including
necessary kernel flags. necessary kernel flags.
</flag> </flag>
<flag name="experimental">
Enable features labelled by upstream to be of "experimental"
quality and not yet ready for general consumption.
</flag>
<flag name="overlay"> <flag name="overlay">
Enables dependencies for the "overlay" graph driver, including Enables dependencies for the "overlay" graph driver, including
necessary kernel flags. necessary kernel flags.
</flag> </flag>
<flag name="lxc"> <flag name="pkcs11">
Enables dependencies for the "lxc" execution driver. Enables pkcs-11 support.
</flag> </flag>
</use> </use>
<upstream> <upstream>