1 |
commit: 73716742eaab9768a28bccc7a0365d733cb766dd |
2 |
Author: William Hubbs <williamh <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon Oct 4 23:20:58 2021 +0000 |
4 |
Commit: William Hubbs <williamh <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Oct 4 23:20:58 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=73716742 |
7 |
|
8 |
app-emulation/docker: 20.10.9 bump |
9 |
|
10 |
Bug: https://bugs.gentoo.org/816273 |
11 |
Package-Manager: Portage-3.0.20, Repoman-3.0.3 |
12 |
Signed-off-by: William Hubbs <williamh <AT> gentoo.org> |
13 |
|
14 |
app-emulation/docker/Manifest | 1 + |
15 |
app-emulation/docker/docker-20.10.9.ebuild | 279 +++++++++++++++++++++++++++++ |
16 |
2 files changed, 280 insertions(+) |
17 |
|
18 |
diff --git a/app-emulation/docker/Manifest b/app-emulation/docker/Manifest |
19 |
index 161c7416863..6a01c8194e0 100644 |
20 |
--- a/app-emulation/docker/Manifest |
21 |
+++ b/app-emulation/docker/Manifest |
22 |
@@ -1,2 +1,3 @@ |
23 |
DIST docker-20.10.7.tar.gz 11077660 BLAKE2B 081b36668ead0fd727ebdabc0d07fdf1992f64e3ab1e7c09933130b37f9ad60876c36d1fcda5619ba1bffac7fadafe63d7fc647868c3c6ba30429487c2ebc31b SHA512 2341faa3ebb903d74fa434712fce45e7acf0423710b97cdca11e3999db2819c4385d9a7fb3850925592f20f02c6261edbade6c9d6a2fefbc32f05a6b44ec3073 |
24 |
DIST docker-20.10.8.tar.gz 11080739 BLAKE2B 1e5c14e23c4e9c8b0568cf19c98cb4cdbedc43742357bed61201f0188d5e3f4949d5e2a2231fd89635290c8784678005dff707a4e00ececfb82d88c69d31d235 SHA512 17c0519c8938227c578e5fe37689dd5a362b9673fabe06f98145b6fd5ae99e099a304c5706a84df30a2810855987fd694ac9cae7574023710fd1d99b0ca1aaf8 |
25 |
+DIST docker-20.10.9.tar.gz 11083239 BLAKE2B 16dbd22b67ecd626b638406fffaec3c62eeee7dc93e661f982e12436afa10f230da4257a22a38ab1df366026033207d00e6571f3b853477852f3e14f24d9f567 SHA512 e4ae9e37633c821892e929e7a5f9dab652fe17f348a24cd37778bc4bfc33d99cdb347e2f575966364a37664dcfa83d1500f2bff7d0b0398a890f2039155a0c0c |
26 |
|
27 |
diff --git a/app-emulation/docker/docker-20.10.9.ebuild b/app-emulation/docker/docker-20.10.9.ebuild |
28 |
new file mode 100644 |
29 |
index 00000000000..d9b6af6abf2 |
30 |
--- /dev/null |
31 |
+++ b/app-emulation/docker/docker-20.10.9.ebuild |
32 |
@@ -0,0 +1,279 @@ |
33 |
+# Copyright 1999-2021 Gentoo Authors |
34 |
+# Distributed under the terms of the GNU General Public License v2 |
35 |
+ |
36 |
+EAPI=7 |
37 |
+EGO_PN=github.com/docker/docker |
38 |
+MY_PV=${PV/_/-} |
39 |
+GIT_COMMIT=79ea9d3080 |
40 |
+inherit bash-completion-r1 linux-info systemd udev golang-vcs-snapshot |
41 |
+ |
42 |
+DESCRIPTION="The core functions you need to create Docker images and run Docker containers" |
43 |
+HOMEPAGE="https://www.docker.com/" |
44 |
+SRC_URI="https://github.com/moby/moby/archive/v${MY_PV}.tar.gz -> ${P}.tar.gz" |
45 |
+ |
46 |
+LICENSE="Apache-2.0" |
47 |
+SLOT="0" |
48 |
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" |
49 |
+IUSE="apparmor aufs btrfs +cli +container-init device-mapper hardened overlay seccomp" |
50 |
+ |
51 |
+DEPEND=" |
52 |
+ acct-group/docker |
53 |
+ >=dev-db/sqlite-3.7.9:3 |
54 |
+ apparmor? ( sys-libs/libapparmor ) |
55 |
+ btrfs? ( >=sys-fs/btrfs-progs-3.16.1 ) |
56 |
+ device-mapper? ( >=sys-fs/lvm2-2.02.89[thin] ) |
57 |
+ seccomp? ( >=sys-libs/libseccomp-2.2.1 ) |
58 |
+" |
59 |
+ |
60 |
+# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#runtime-dependencies |
61 |
+# https://github.com/moby/moby/blob/master/project/PACKAGERS.md#optional-dependencies |
62 |
+# https://github.com/moby/moby/tree/master//hack/dockerfile/install |
63 |
+# make sure docker-proxy is pinned to exact version from ^, |
64 |
+# for appropriate branchch/version of course |
65 |
+RDEPEND=" |
66 |
+ ${DEPEND} |
67 |
+ >=net-firewall/iptables-1.4 |
68 |
+ sys-process/procps |
69 |
+ >=dev-vcs/git-1.7 |
70 |
+ >=app-arch/xz-utils-4.9 |
71 |
+ dev-libs/libltdl |
72 |
+ >=app-emulation/containerd-1.4.9[apparmor?,btrfs?,device-mapper?,seccomp?] |
73 |
+ ~app-emulation/docker-proxy-0.8.0_p20210525 |
74 |
+ cli? ( app-emulation/docker-cli ) |
75 |
+ container-init? ( >=sys-process/tini-0.19.0[static] ) |
76 |
+" |
77 |
+ |
78 |
+# https://github.com/docker/docker/blob/master/project/PACKAGERS.md#build-dependencies |
79 |
+BDEPEND=" |
80 |
+ >=dev-lang/go-1.16.6 |
81 |
+ dev-go/go-md2man |
82 |
+ virtual/pkgconfig |
83 |
+" |
84 |
+# tests require running dockerd as root and downloading containers |
85 |
+RESTRICT="installsources strip test" |
86 |
+ |
87 |
+S="${WORKDIR}/${P}/src/${EGO_PN}" |
88 |
+ |
89 |
+# https://bugs.gentoo.org/748984 https://github.com/etcd-io/etcd/pull/12552 |
90 |
+PATCHES=( |
91 |
+ "${FILESDIR}/etcd-F_OFD_GETLK-fix.patch" |
92 |
+ "${FILESDIR}/ppc64-buildmode.patch" |
93 |
+) |
94 |
+ |
95 |
+# see "contrib/check-config.sh" from upstream's sources |
96 |
+CONFIG_CHECK=" |
97 |
+ ~NAMESPACES ~NET_NS ~PID_NS ~IPC_NS ~UTS_NS |
98 |
+ ~CGROUPS ~CGROUP_CPUACCT ~CGROUP_DEVICE ~CGROUP_FREEZER ~CGROUP_SCHED ~CPUSETS ~MEMCG |
99 |
+ ~CGROUP_NET_PRIO |
100 |
+ ~KEYS |
101 |
+ ~VETH ~BRIDGE ~BRIDGE_NETFILTER |
102 |
+ ~IP_NF_FILTER ~IP_NF_TARGET_MASQUERADE ~NETFILTER_XT_MARK |
103 |
+ ~NETFILTER_NETLINK ~NETFILTER_XT_MATCH_ADDRTYPE ~NETFILTER_XT_MATCH_CONNTRACK ~NETFILTER_XT_MATCH_IPVS |
104 |
+ ~IP_NF_NAT ~NF_NAT |
105 |
+ ~POSIX_MQUEUE |
106 |
+ |
107 |
+ ~USER_NS |
108 |
+ ~SECCOMP |
109 |
+ ~CGROUP_PIDS |
110 |
+ ~MEMCG_SWAP |
111 |
+ |
112 |
+ ~BLK_CGROUP ~BLK_DEV_THROTTLING |
113 |
+ ~CGROUP_PERF |
114 |
+ ~CGROUP_HUGETLB |
115 |
+ ~NET_CLS_CGROUP |
116 |
+ ~CFS_BANDWIDTH ~FAIR_GROUP_SCHED |
117 |
+ ~IP_VS ~IP_VS_PROTO_TCP ~IP_VS_PROTO_UDP ~IP_VS_NFCT ~IP_VS_RR |
118 |
+ |
119 |
+ ~VXLAN |
120 |
+ ~CRYPTO ~CRYPTO_AEAD ~CRYPTO_GCM ~CRYPTO_SEQIV ~CRYPTO_GHASH ~XFRM_ALGO ~XFRM_USER |
121 |
+ ~IPVLAN |
122 |
+ ~MACVLAN ~DUMMY |
123 |
+ |
124 |
+ ~OVERLAY_FS ~!OVERLAY_FS_REDIRECT_DIR |
125 |
+ ~EXT4_FS_SECURITY |
126 |
+ ~EXT4_FS_POSIX_ACL |
127 |
+" |
128 |
+ |
129 |
+ERROR_KEYS="CONFIG_KEYS: is mandatory" |
130 |
+ERROR_MEMCG_SWAP="CONFIG_MEMCG_SWAP: is required if you wish to limit swap usage of containers" |
131 |
+ERROR_RESOURCE_COUNTERS="CONFIG_RESOURCE_COUNTERS: is optional for container statistics gathering" |
132 |
+ |
133 |
+ERROR_BLK_CGROUP="CONFIG_BLK_CGROUP: is optional for container statistics gathering" |
134 |
+ERROR_IOSCHED_CFQ="CONFIG_IOSCHED_CFQ: is optional for container statistics gathering" |
135 |
+ERROR_CGROUP_PERF="CONFIG_CGROUP_PERF: is optional for container statistics gathering" |
136 |
+ERROR_CFS_BANDWIDTH="CONFIG_CFS_BANDWIDTH: is optional for container statistics gathering" |
137 |
+ERROR_XFRM_ALGO="CONFIG_XFRM_ALGO: is optional for secure networks" |
138 |
+ERROR_XFRM_USER="CONFIG_XFRM_USER: is optional for secure networks" |
139 |
+ |
140 |
+pkg_setup() { |
141 |
+ |
142 |
+ if kernel_is lt 4 5; then |
143 |
+ CONFIG_CHECK+=" |
144 |
+ ~MEMCG_KMEM |
145 |
+ " |
146 |
+ ERROR_MEMCG_KMEM="CONFIG_MEMCG_KMEM: is optional" |
147 |
+ fi |
148 |
+ |
149 |
+ if kernel_is lt 4 7; then |
150 |
+ CONFIG_CHECK+=" |
151 |
+ ~DEVPTS_MULTIPLE_INSTANCES |
152 |
+ " |
153 |
+ fi |
154 |
+ |
155 |
+ if kernel_is lt 5 1; then |
156 |
+ CONFIG_CHECK+=" |
157 |
+ ~NF_NAT_IPV4 |
158 |
+ ~IOSCHED_CFQ |
159 |
+ ~CFQ_GROUP_IOSCHED |
160 |
+ " |
161 |
+ fi |
162 |
+ |
163 |
+ if kernel_is lt 5 2; then |
164 |
+ CONFIG_CHECK+=" |
165 |
+ ~NF_NAT_NEEDED |
166 |
+ " |
167 |
+ fi |
168 |
+ |
169 |
+ if kernel_is lt 5 8; then |
170 |
+ CONFIG_CHECK+=" |
171 |
+ ~MEMCG_SWAP_ENABLED |
172 |
+ " |
173 |
+ fi |
174 |
+ |
175 |
+ if use aufs; then |
176 |
+ CONFIG_CHECK+=" |
177 |
+ ~AUFS_FS |
178 |
+ ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY |
179 |
+ " |
180 |
+ ERROR_AUFS_FS="CONFIG_AUFS_FS: is required to be set if and only if aufs is patched to kernel instead of using standalone" |
181 |
+ fi |
182 |
+ |
183 |
+ if use btrfs; then |
184 |
+ CONFIG_CHECK+=" |
185 |
+ ~BTRFS_FS |
186 |
+ ~BTRFS_FS_POSIX_ACL |
187 |
+ " |
188 |
+ fi |
189 |
+ |
190 |
+ if use device-mapper; then |
191 |
+ CONFIG_CHECK+=" |
192 |
+ ~BLK_DEV_DM ~DM_THIN_PROVISIONING ~EXT4_FS ~EXT4_FS_POSIX_ACL ~EXT4_FS_SECURITY |
193 |
+ " |
194 |
+ fi |
195 |
+ |
196 |
+ linux-info_pkg_setup |
197 |
+} |
198 |
+ |
199 |
+src_compile() { |
200 |
+ export DOCKER_GITCOMMIT="${GIT_COMMIT}" |
201 |
+ export GOPATH="${WORKDIR}/${P}" |
202 |
+ export VERSION=${PV} |
203 |
+ |
204 |
+ # setup CFLAGS and LDFLAGS for separate build target |
205 |
+ # see https://github.com/tianon/docker-overlay/pull/10 |
206 |
+ export CGO_CFLAGS="-I${ESYSROOT}/usr/include" |
207 |
+ export CGO_LDFLAGS="-L${ESYSROOT}/usr/$(get_libdir)" |
208 |
+ |
209 |
+ # let's set up some optional features :) |
210 |
+ export DOCKER_BUILDTAGS='' |
211 |
+ for gd in aufs btrfs device-mapper overlay; do |
212 |
+ if ! use $gd; then |
213 |
+ DOCKER_BUILDTAGS+=" exclude_graphdriver_${gd//-/}" |
214 |
+ fi |
215 |
+ done |
216 |
+ |
217 |
+ for tag in apparmor seccomp; do |
218 |
+ if use $tag; then |
219 |
+ DOCKER_BUILDTAGS+=" $tag" |
220 |
+ fi |
221 |
+ done |
222 |
+ |
223 |
+ if use hardened; then |
224 |
+ sed -i "s/EXTLDFLAGS_STATIC='/&-fno-PIC /" hack/make.sh || die |
225 |
+ grep -q -- '-fno-PIC' hack/make.sh || die 'hardened sed failed' |
226 |
+ sed "s/LDFLAGS_STATIC_DOCKER='/&-extldflags -fno-PIC /" \ |
227 |
+ -i hack/make/dynbinary-daemon || die |
228 |
+ grep -q -- '-fno-PIC' hack/make/dynbinary-daemon || die 'hardened sed failed' |
229 |
+ fi |
230 |
+ |
231 |
+ # build daemon |
232 |
+ ./hack/make.sh dynbinary || die 'dynbinary failed' |
233 |
+} |
234 |
+ |
235 |
+src_install() { |
236 |
+ dosym containerd /usr/bin/docker-containerd |
237 |
+ dosym containerd-shim /usr/bin/docker-containerd-shim |
238 |
+ dosym runc /usr/bin/docker-runc |
239 |
+ use container-init && dosym tini /usr/bin/docker-init |
240 |
+ newbin bundles/dynbinary-daemon/dockerd dockerd |
241 |
+ |
242 |
+ newinitd contrib/init/openrc/docker.initd docker |
243 |
+ newconfd contrib/init/openrc/docker.confd docker |
244 |
+ |
245 |
+ systemd_dounit contrib/init/systemd/docker.{service,socket} |
246 |
+ |
247 |
+ udev_dorules contrib/udev/*.rules |
248 |
+ |
249 |
+ dodoc AUTHORS CONTRIBUTING.md CHANGELOG.md NOTICE README.md |
250 |
+ dodoc -r docs/* |
251 |
+ |
252 |
+ # note: intentionally not using "doins" so that we preserve +x bits |
253 |
+ dodir /usr/share/${PN}/contrib |
254 |
+ cp -R contrib/* "${ED}/usr/share/${PN}/contrib" |
255 |
+} |
256 |
+ |
257 |
+pkg_postinst() { |
258 |
+ udev_reload |
259 |
+ |
260 |
+ elog |
261 |
+ elog "To use Docker, the Docker daemon must be running as root. To automatically" |
262 |
+ elog "start the Docker daemon at boot:" |
263 |
+ if systemd_is_booted || has_version sys-apps/systemd; then |
264 |
+ elog " systemctl enable docker.service" |
265 |
+ else |
266 |
+ elog " rc-update add docker default" |
267 |
+ fi |
268 |
+ elog |
269 |
+ elog "To use Docker as a non-root user, add yourself to the 'docker' group:" |
270 |
+ elog ' usermod -aG docker <youruser>' |
271 |
+ elog |
272 |
+ |
273 |
+ if use device-mapper; then |
274 |
+ elog " Devicemapper storage driver has been deprecated" |
275 |
+ elog " It will be removed in a future release" |
276 |
+ elog |
277 |
+ fi |
278 |
+ |
279 |
+ if use overlay; then |
280 |
+ elog " Overlay storage driver/USEflag has been deprecated" |
281 |
+ elog " in favor of overlay2 (enabled unconditionally)" |
282 |
+ elog |
283 |
+ fi |
284 |
+ |
285 |
+ if has_version sys-fs/zfs; then |
286 |
+ elog " ZFS storage driver is available" |
287 |
+ elog " Check https://docs.docker.com/storage/storagedriver/zfs-driver for more info" |
288 |
+ elog |
289 |
+ fi |
290 |
+ |
291 |
+ if use cli; then |
292 |
+ ewarn "Starting with docker 20.10.2, docker has been split into" |
293 |
+ ewarn "two packages upstream, so Gentoo has followed suit." |
294 |
+ ewarn |
295 |
+ ewarn "app-emulation/docker contains the daemon and" |
296 |
+ ewarn "app-emulation/docker-cli contains the docker command." |
297 |
+ ewarn |
298 |
+ ewarn "docker currently installs docker-cli using the cli use flag." |
299 |
+ ewarn |
300 |
+ ewarn "This use flag is temporary, so you need to take the" |
301 |
+ ewarn "following actions:" |
302 |
+ ewarn |
303 |
+ ewarn "First, disable the cli use flag for app-emulation/docker" |
304 |
+ ewarn |
305 |
+ ewarn "Then, if you need docker-cli and docker on the same machine," |
306 |
+ ewarn "run the following command:" |
307 |
+ ewarn |
308 |
+ ewarn "# emerge --noreplace docker-cli" |
309 |
+ ewarn |
310 |
+ fi |
311 |
+} |