1 |
commit: 10ee4c2641fc908fd6e28e7577d9b89c775cf279 |
2 |
Author: William Hubbs <williamh <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Jan 8 17:49:58 2021 +0000 |
4 |
Commit: William Hubbs <williamh <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Jan 8 17:53:24 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=10ee4c26 |
7 |
|
8 |
app-emulation/docker: 20.10.2 bump |
9 |
|
10 |
Bug: https://bugs.gentoo.org/764122 |
11 |
Signed-off-by: William Hubbs <williamh <AT> gentoo.org> |
12 |
|
13 |
app-emulation/docker/Manifest | 1 + |
14 |
app-emulation/docker/docker-20.10.2.ebuild | 294 +++++++++++++++++++++++++++++ |
15 |
app-emulation/docker/metadata.xml | 6 + |
16 |
3 files changed, 301 insertions(+) |
17 |
|
18 |
diff --git a/app-emulation/docker/Manifest b/app-emulation/docker/Manifest |
19 |
index 69713fa51d7..846dc1dd1b5 100644 |
20 |
--- a/app-emulation/docker/Manifest |
21 |
+++ b/app-emulation/docker/Manifest |
22 |
@@ -1,3 +1,4 @@ |
23 |
DIST docker-19.03.13.tar.gz 18242693 BLAKE2B c19afed62694274298b42fc9af3b36c4cc6429b40f7e5447a996b87636a0d2e916476875652e20abd7aeab4e5e0e1cf887a04dcade1de03ded549fc36d911ac4 SHA512 5f34a14ef0b36a309d4a08926ac482ca82d24cdd873aa359c5ba7c65473cbb2e987fe615c38c1bc1c50135284da78a7eb98a8a0106d7d073aeda0cd8f1c31873 |
24 |
DIST docker-19.03.14.tar.gz 18278132 BLAKE2B 5e32cb482fdc40531aa4ba79dd447093859f568b3d8b5c3ed584c78d5709fabf2a1e05e82af2686cd87462e1abd899bd3f0a746f97937b7d16950f5e94264dff SHA512 5e48185a7787d5637fc11f43f6af604d56a5fa4367fd5a558bb3a5ef3c0d767f1c7f83ecef369453696b68eed81e49520453f267fbe8c2b840b3f62d35f25c28 |
25 |
DIST docker-20.10.1.tar.gz 11042081 BLAKE2B 98fec753f0695983d197993291a4fd0f3c94e3e3bfe548977df6659c9458109fa35edc9cf2cdd94e2277250672b9a265b50b35bd52228665f7dddf6875a24604 SHA512 5e32a46dab5b527839594e48b715495a77aa9c9e0c7e427eb227409c20c3af0d95a731080048ee20b7c68288bd77e32458bf30c658406d8585ccf8d33e7b79e3 |
26 |
+DIST docker-20.10.2.tar.gz 11045195 BLAKE2B 182ceabbabfa091eaae8ecf12a50dfbe296722072ee24cdde48c3ed2ad40f47d6f939830a00e1dbe7d5dfb1fa25ccda7efe25ce3e4f9a7bbf6ad85dac109168c SHA512 b514e98e3f71874fcf5374eeaaabc2c879691b48937dbc962be3577d834f571353d4f946aebfa69f1a62b1388c9220bfdff09b62bf62c134bd41f494e8506f56 |
27 |
|
28 |
diff --git a/app-emulation/docker/docker-20.10.2.ebuild b/app-emulation/docker/docker-20.10.2.ebuild |
29 |
new file mode 100644 |
30 |
index 00000000000..fc76d42b04c |
31 |
--- /dev/null |
32 |
+++ b/app-emulation/docker/docker-20.10.2.ebuild |
33 |
@@ -0,0 +1,294 @@ |
34 |
+# Copyright 1999-2020 Gentoo Authors |
35 |
+# Distributed under the terms of the GNU General Public License v2 |
36 |
+ |
37 |
+EAPI=7 |
38 |
+EGO_PN="github.com/moby/moby" |
39 |
+GIT_COMMIT=f0014860c1 |
40 |
+inherit bash-completion-r1 linux-info systemd udev golang-vcs-snapshot |
41 |
+ |
42 |
+DESCRIPTION="The core functions you need to create Docker images and run Docker containers" |
43 |
+HOMEPAGE="https://www.docker.com/" |
44 |
+MY_PV=${PV/_/-} |
45 |
+SRC_URI="https://github.com/moby/moby/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" |
46 |
+ |
47 |
+LICENSE="Apache-2.0" |
48 |
+SLOT="0" |
49 |
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86" |
50 |
+IUSE="apparmor aufs btrfs +container-init device-mapper hardened overlay seccomp +temp-cli" |
51 |
+ |
52 |
+DEPEND=" |
53 |
+ acct-group/docker |
54 |
+ >=dev-db/sqlite-3.7.9:3 |
55 |
+ apparmor? ( sys-libs/libapparmor ) |
56 |
+ btrfs? ( >=sys-fs/btrfs-progs-3.16.1 ) |
57 |
+ device-mapper? ( >=sys-fs/lvm2-2.02.89[thin] ) |
58 |
+ seccomp? ( >=sys-libs/libseccomp-2.2.1 ) |
59 |
+" |
60 |
+ |
61 |
+# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#runtime-dependencies |
62 |
+# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#optional-dependencies |
63 |
+# https://github.com/moby/moby/tree/master//hack/dockerfile/install |
64 |
+# make sure containerd, docker-proxy, runc and tini pinned to exact versions from ^, |
65 |
+# for appropriate branchch/version of course |
66 |
+RDEPEND=" |
67 |
+ ${DEPEND} |
68 |
+ >=net-firewall/iptables-1.4 |
69 |
+ sys-process/procps |
70 |
+ >=dev-vcs/git-1.7 |
71 |
+ >=app-arch/xz-utils-4.9 |
72 |
+ dev-libs/libltdl |
73 |
+ ~app-emulation/containerd-1.4.3[apparmor?,btrfs?,device-mapper?,seccomp?] |
74 |
+ ~app-emulation/runc-1.0.0_rc92[apparmor?,seccomp?] |
75 |
+ ~app-emulation/docker-proxy-0.8.0_p20201211 |
76 |
+ container-init? ( >=sys-process/tini-0.19.0[static] ) |
77 |
+ temp-cli? ( ~app-emulation/docker-cli-${PV} ) |
78 |
+" |
79 |
+ |
80 |
+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies |
81 |
+BDEPEND=" |
82 |
+ >=dev-lang/go-1.13.12 |
83 |
+ dev-go/go-md2man |
84 |
+ virtual/pkgconfig |
85 |
+" |
86 |
+ |
87 |
+RESTRICT="installsources strip" |
88 |
+ |
89 |
+S="${WORKDIR}/${P}/src/${EGO_PN}" |
90 |
+ |
91 |
+# see "contrib/check-config.sh" from upstream's sources |
92 |
+CONFIG_CHECK=" |
93 |
+ ~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS |
94 |
+ ~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG |
95 |
+ ~KEYS |
96 |
+ ~VETH ~BRIDGE ~BRIDGE_NETFILTER |
97 |
+ ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE |
98 |
+ ~NETFILTER_NETLINK ~NETFILTER_XT_MATCH_ADDRTYPE ~NETFILTER_XT_MATCH_CONNTRACK ~NETFILTER_XT_MATCH_IPVS |
99 |
+ ~IP_NF_NAT ~NF_NAT |
100 |
+ ~POSIX_MQUEUE |
101 |
+ |
102 |
+ ~USER_NS |
103 |
+ ~SECCOMP |
104 |
+ ~CGROUP_PIDS |
105 |
+ ~MEMCG_SWAP |
106 |
+ |
107 |
+ ~BLK_CGROUP ~BLK_DEV_THROTTLING |
108 |
+ ~CGROUP_PERF |
109 |
+ ~CGROUP_HUGETLB |
110 |
+ ~NET_CLS_CGROUP |
111 |
+ ~CFS_BANDWIDTH ~FAIR_GROUP_SCHED ~RT_GROUP_SCHED |
112 |
+ ~IP_VS ~IP_VS_PROTO_TCP ~IP_VS_PROTO_UDP ~IP_VS_NFCT ~IP_VS_RR |
113 |
+ |
114 |
+ ~VXLAN |
115 |
+ ~CRYPTO ~CRYPTO_AEAD ~CRYPTO_GCM ~CRYPTO_SEQIV ~CRYPTO_GHASH ~XFRM_ALGO ~XFRM_USER |
116 |
+ ~IPVLAN |
117 |
+ ~MACVLAN ~DUMMY |
118 |
+ |
119 |
+ ~OVERLAY_FS ~!OVERLAY_FS_REDIRECT_DIR |
120 |
+ ~EXT4_FS_SECURITY |
121 |
+ ~EXT4_FS_POSIX_ACL |
122 |
+" |
123 |
+ |
124 |
+ERROR_KEYS="CONFIG_KEYS: is mandatory" |
125 |
+ERROR_MEMCG_SWAP="CONFIG_MEMCG_SWAP: is required if you wish to limit swap usage of containers" |
126 |
+ERROR_RESOURCE_COUNTERS="CONFIG_RESOURCE_COUNTERS: is optional for container statistics gathering" |
127 |
+ |
128 |
+ERROR_BLK_CGROUP="CONFIG_BLK_CGROUP: is optional for container statistics gathering" |
129 |
+ERROR_IOSCHED_CFQ="CONFIG_IOSCHED_CFQ: is optional for container statistics gathering" |
130 |
+ERROR_CGROUP_PERF="CONFIG_CGROUP_PERF: is optional for container statistics gathering" |
131 |
+ERROR_CFS_BANDWIDTH="CONFIG_CFS_BANDWIDTH: is optional for container statistics gathering" |
132 |
+ERROR_XFRM_ALGO="CONFIG_XFRM_ALGO: is optional for secure networks" |
133 |
+ERROR_XFRM_USER="CONFIG_XFRM_USER: is optional for secure networks" |
134 |
+ |
135 |
+pkg_setup() { |
136 |
+ if kernel_is lt 3 10; then |
137 |
+ ewarn "" |
138 |
+ ewarn "Using Docker with kernels older than 3.10 is unstable and unsupported." |
139 |
+ ewarn " - http://docs.docker.com/engine/installation/binaries/#check-kernel-dependencies" |
140 |
+ fi |
141 |
+ |
142 |
+ if kernel_is le 3 18; then |
143 |
+ CONFIG_CHECK+=" |
144 |
+ ~RESOURCE_COUNTERS |
145 |
+ " |
146 |
+ fi |
147 |
+ |
148 |
+ if kernel_is le 3 13; then |
149 |
+ CONFIG_CHECK+=" |
150 |
+ ~NETPRIO_CGROUP |
151 |
+ " |
152 |
+ else |
153 |
+ CONFIG_CHECK+=" |
154 |
+ ~CGROUP_NET_PRIO |
155 |
+ " |
156 |
+ fi |
157 |
+ |
158 |
+ if kernel_is lt 4 5; then |
159 |
+ CONFIG_CHECK+=" |
160 |
+ ~MEMCG_KMEM |
161 |
+ " |
162 |
+ ERROR_MEMCG_KMEM="CONFIG_MEMCG_KMEM: is optional" |
163 |
+ fi |
164 |
+ |
165 |
+ if kernel_is lt 4 7; then |
166 |
+ CONFIG_CHECK+=" |
167 |
+ ~DEVPTS_MULTIPLE_INSTANCES |
168 |
+ " |
169 |
+ fi |
170 |
+ |
171 |
+ if kernel_is lt 5 1; then |
172 |
+ CONFIG_CHECK+=" |
173 |
+ ~NF_NAT_IPV4 |
174 |
+ ~IOSCHED_CFQ |
175 |
+ ~CFQ_GROUP_IOSCHED |
176 |
+ " |
177 |
+ fi |
178 |
+ |
179 |
+ if kernel_is lt 5 2; then |
180 |
+ CONFIG_CHECK+=" |
181 |
+ ~NF_NAT_NEEDED |
182 |
+ " |
183 |
+ fi |
184 |
+ |
185 |
+ if kernel_is lt 5 8; then |
186 |
+ CONFIG_CHECK+=" |
187 |
+ ~MEMCG_SWAP_ENABLED |
188 |
+ " |
189 |
+ fi |
190 |
+ |
191 |
+ if use aufs; then |
192 |
+ CONFIG_CHECK+=" |
193 |
+ ~AUFS_FS |
194 |
+ ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY |
195 |
+ " |
196 |
+ ERROR_AUFS_FS="CONFIG_AUFS_FS: is required to be set if and only if aufs is patched to kernel instead of using standalone" |
197 |
+ fi |
198 |
+ |
199 |
+ if use btrfs; then |
200 |
+ CONFIG_CHECK+=" |
201 |
+ ~BTRFS_FS |
202 |
+ ~BTRFS_FS_POSIX_ACL |
203 |
+ " |
204 |
+ fi |
205 |
+ |
206 |
+ if use device-mapper; then |
207 |
+ CONFIG_CHECK+=" |
208 |
+ ~BLK_DEV_DM ~DM_THIN_PROVISIONING ~EXT4_FS ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY |
209 |
+ " |
210 |
+ fi |
211 |
+ |
212 |
+ linux-info_pkg_setup |
213 |
+} |
214 |
+ |
215 |
+src_compile() { |
216 |
+ export DOCKER_GITCOMMIT="${GIT_COMMIT}" |
217 |
+ export GOPATH="${WORKDIR}/${P}" |
218 |
+ |
219 |
+ # setup CFLAGS and LDFLAGS for separate build target |
220 |
+ # see https://github.com/tianon/docker-overlay/pull/10 |
221 |
+ export CGO_CFLAGS="-I${ROOT}/usr/include" |
222 |
+ export CGO_LDFLAGS="-L${ROOT}/usr/$(get_libdir)" |
223 |
+ |
224 |
+ # let's set up some optional features :) |
225 |
+ export DOCKER_BUILDTAGS='' |
226 |
+ for gd in aufs btrfs device-mapper overlay; do |
227 |
+ if ! use $gd; then |
228 |
+ DOCKER_BUILDTAGS+=" exclude_graphdriver_${gd//-/}" |
229 |
+ fi |
230 |
+ done |
231 |
+ |
232 |
+ for tag in apparmor seccomp selinux; do |
233 |
+ if use $tag; then |
234 |
+ DOCKER_BUILDTAGS+=" $tag" |
235 |
+ fi |
236 |
+ done |
237 |
+ |
238 |
+ if use hardened; then |
239 |
+ sed -i "s/EXTLDFLAGS_STATIC='/&-fno-PIC /" hack/make.sh || die |
240 |
+ grep -q -- '-fno-PIC' hack/make.sh || die 'hardened sed failed' |
241 |
+ sed "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \ |
242 |
+ -i hack/make/dynbinary-daemon || die |
243 |
+ grep -q -- '-fno-PIC' hack/make/dynbinary-daemon || die 'hardened sed failed' |
244 |
+ fi |
245 |
+ |
246 |
+ # build daemon |
247 |
+ ./hack/make.sh dynbinary || die 'dynbinary failed' |
248 |
+} |
249 |
+ |
250 |
+src_install() { |
251 |
+ dosym containerd /usr/bin/docker-containerd |
252 |
+ dosym containerd-shim /usr/bin/docker-containerd-shim |
253 |
+ dosym runc /usr/bin/docker-runc |
254 |
+ use container-init && dosym tini /usr/bin/docker-init |
255 |
+ newbin bundles/dynbinary-daemon/dockerd dockerd |
256 |
+ |
257 |
+ newinitd contrib/init/openrc/docker.initd docker |
258 |
+ newconfd contrib/init/openrc/docker.confd docker |
259 |
+ |
260 |
+ systemd_dounit contrib/init/systemd/docker.{service,socket} |
261 |
+ |
262 |
+ udev_dorules contrib/udev/*.rules |
263 |
+ |
264 |
+ dodoc AUTHORS CONTRIBUTING.md CHANGELOG.md NOTICE README.md |
265 |
+ dodoc -r docs/* |
266 |
+ |
267 |
+ # note: intentionally not using "doins" so that we preserve +x bits |
268 |
+ dodir /usr/share/${PN}/contrib |
269 |
+ cp -R contrib/* "${ED}/usr/share/${PN}/contrib" |
270 |
+} |
271 |
+ |
272 |
+pkg_postinst() { |
273 |
+ udev_reload |
274 |
+ |
275 |
+ elog |
276 |
+ elog "To use Docker, the Docker daemon must be running as root. To automatically" |
277 |
+ elog "start the Docker daemon at boot:" |
278 |
+ if systemd_is_booted || has_version sys-apps/systemd; then |
279 |
+ elog " systemctl enable docker.service" |
280 |
+ else |
281 |
+ elog " rc-update add docker default" |
282 |
+ fi |
283 |
+ elog |
284 |
+ elog "To use Docker as a non-root user, add yourself to the 'docker' group:" |
285 |
+ elog ' usermod -aG docker <youruser>' |
286 |
+ elog |
287 |
+ |
288 |
+ if use device-mapper; then |
289 |
+ elog " Devicemapper storage driver has been deprecated" |
290 |
+ elog " It will be removed in a future release" |
291 |
+ elog |
292 |
+ fi |
293 |
+ |
294 |
+ if use overlay; then |
295 |
+ elog " Overlay storage driver/USEflag has been deprecated" |
296 |
+ elog " in favor of overlay2 (enabled unconditionally)" |
297 |
+ elog |
298 |
+ fi |
299 |
+ |
300 |
+ if has_version sys-fs/zfs; then |
301 |
+ elog " ZFS storage driver is available" |
302 |
+ elog " Check https://docs.docker.com/storage/storagedriver/zfs-driver for more info" |
303 |
+ elog |
304 |
+ fi |
305 |
+ |
306 |
+ if use temp-cli; then |
307 |
+ ewarn "Starting with docker 20.10.2, docker has been split into" |
308 |
+ ewarn "two packages upstream, so Gentoo has followed suit." |
309 |
+ ewarn |
310 |
+ ewarn "app-emulation/docker contains the daemon and" |
311 |
+ ewarn "app-emulation/docker-cli contains the docker command." |
312 |
+ ewarn |
313 |
+ ewarn "docker currently installs docker-cli using the temp-cli" |
314 |
+ ewarn "use flag." |
315 |
+ ewarn |
316 |
+ ewarn "This use flag is temporary, so you need to take the" |
317 |
+ ewarn "following actions:" |
318 |
+ ewarn |
319 |
+ ewarn "First, disable the temp-cli use flag for app-emulation/docker" |
320 |
+ ewarn |
321 |
+ ewarn "Then, if you need docker-cli and docker on the same machine," |
322 |
+ ewarn "run the following command:" |
323 |
+ ewarn |
324 |
+ ewarn "# emerge --noreplace docker-cli" |
325 |
+ ewarn |
326 |
+ fi |
327 |
+} |
328 |
|
329 |
diff --git a/app-emulation/docker/metadata.xml b/app-emulation/docker/metadata.xml |
330 |
index fdd881c3fea..93b6a7a3098 100644 |
331 |
--- a/app-emulation/docker/metadata.xml |
332 |
+++ b/app-emulation/docker/metadata.xml |
333 |
@@ -40,6 +40,12 @@ |
334 |
Enables dependencies for the "overlay" graph driver, including |
335 |
necessary kernel flags. |
336 |
</flag> |
337 |
+ <flag name="temp-cli"> |
338 |
+ This is a temporary use flag which pulls in |
339 |
+ app-emulation/docker-cli, the docker command line client. |
340 |
+ This flag is here to assist in the transition to split packages |
341 |
+ and will be removed in a future release. |
342 |
+ </flag> |
343 |
</use> |
344 |
<upstream> |
345 |
<remote-id type="github">moby/moby</remote-id> |