diff --git a/build-scripts/detect-environment b/build-scripts/detect-environment index 81d0831a7..dff3f597c 100644 --- a/build-scripts/detect-environment +++ b/build-scripts/detect-environment @@ -129,7 +129,7 @@ detect_distribution() { # CentOS Linux release 7.6.1810 (Core) OS=centos ;; - "Red Hat Enterprise Linux "*) + "Red Hat Enterprise Linux "*|"Rocky Linux release "*) # Example output for RHEL: # Red Hat Enterprise Linux release 8.10 (Ootpa) OS=rhel diff --git a/build-scripts/labels.txt b/build-scripts/labels.txt index 06fa3d72a..dfcff7b10 100644 --- a/build-scripts/labels.txt +++ b/build-scripts/labels.txt @@ -4,10 +4,14 @@ PACKAGES_HUB_x86_64_linux_debian_11 PACKAGES_HUB_arm_64_linux_debian_11 PACKAGES_HUB_x86_64_linux_debian_12 PACKAGES_HUB_arm_64_linux_debian_12 +PACKAGES_HUB_x86_64_linux_debian_13 +PACKAGES_HUB_arm_64_linux_debian_13 PACKAGES_HUB_x86_64_linux_redhat_7 PACKAGES_HUB_x86_64_linux_redhat_8 PACKAGES_HUB_x86_64_linux_redhat_9 +PACKAGES_HUB_x86_64_linux_redhat_10 +PACKAGES_HUB_arm_64_linux_redhat_10 PACKAGES_HUB_x86_64_linux_ubuntu_20 PACKAGES_HUB_x86_64_linux_ubuntu_22 @@ -19,10 +23,14 @@ PACKAGES_x86_64_linux_debian_11 PACKAGES_arm_64_linux_debian_11 PACKAGES_x86_64_linux_debian_12 PACKAGES_arm_64_linux_debian_12 +PACKAGES_x86_64_linux_debian_13 +PACKAGES_arm_64_linux_debian_13 PACKAGES_x86_64_linux_redhat_7 PACKAGES_x86_64_linux_redhat_8 PACKAGES_x86_64_linux_redhat_9 +PACKAGES_x86_64_linux_redhat_10 +PACKAGES_arm_64_linux_redhat_10 PACKAGES_x86_64_linux_suse_12 PACKAGES_x86_64_linux_suse_15 diff --git a/build-scripts/package b/build-scripts/package index 71252da14..f156b8ac7 100755 --- a/build-scripts/package +++ b/build-scripts/package @@ -225,6 +225,8 @@ rpm | lpp) # eval is needed to preserve spaces in arguments within quotes # Example: --define 'with_expansion 1' needs to be passed as two args log_debug "Building RPM package with rpmbuild" + # rhel-10 rpmbuild is more picky about /var/cfengine/lib RPATH we need + export QA_RPATHS=2 # this is a set of bit flags, we just want 0x0002 here eval rpmbuild -bb \ --define "'_topdir $BASEDIR/$PKG'" \ --define "'buildprefix $BUILDPREFIX'" \ diff --git a/ci/setup-cfengine-build-host.sh b/ci/setup-cfengine-build-host.sh index 610c26b34..36c2da242 100755 --- a/ci/setup-cfengine-build-host.sh +++ b/ci/setup-cfengine-build-host.sh @@ -30,7 +30,7 @@ elif [ -f /etc/os-release ]; then fi fi if [ "$ID" = "ubuntu" ]; then - _version=$(echo "$VERSION_ID" | cut -d. -f1) + _version="$(echo "$VERSION_ID" | cut -d. -f1)" if [ "$_version" -lt "16" ]; then echo "Platform $ID $VERSION_ID is too old." exit 9 diff --git a/deps-packaging/apache/cfbuild-apache.spec b/deps-packaging/apache/cfbuild-apache.spec index 1a743e508..f404c8972 100644 --- a/deps-packaging/apache/cfbuild-apache.spec +++ b/deps-packaging/apache/cfbuild-apache.spec @@ -8,6 +8,7 @@ Release: 1 Source0: httpd-%{apache_version}.tar.gz Source1: httpd.conf Patch0: apachectl.patch +Patch1: fixed-implicit-decl-gettid.patch License: MIT Group: Other Url: https://cfengine.com @@ -21,7 +22,8 @@ AutoReqProv: no mkdir -p %{_builddir} %setup -q -n httpd-%{apache_version} -%patch0 -p0 +%patch -P 0 +%patch -P 1 -p1 CPPFLAGS=-I%{buildprefix}/include diff --git a/deps-packaging/leech/cfbuild-leech.spec b/deps-packaging/leech/cfbuild-leech.spec index 4f1aa72dd..a437def74 100644 --- a/deps-packaging/leech/cfbuild-leech.spec +++ b/deps-packaging/leech/cfbuild-leech.spec @@ -21,7 +21,6 @@ mkdir -p %{_builddir} ./configure --prefix=%{prefix} --enable-shared --disable-static rm -f ${RPM_BUILD_ROOT}%{prefix}/lib/libleech.a -rm -f ${RPM_BUILD_ROOT}%{prefix}/lib/libleech.la %build @@ -31,6 +30,7 @@ make rm -rf ${RPM_BUILD_ROOT} make install DESTDIR=${RPM_BUILD_ROOT} +rm -f ${RPM_BUILD_ROOT}%{prefix}/lib/libleech.la %clean rm -rf $RPM_BUILD_ROOT @@ -59,6 +59,5 @@ CFEngine Build Automation -- leech -- development files %{prefix}/include/*.h %dir %{prefix}/lib -%{prefix}/lib/*.la %changelog diff --git a/deps-packaging/librsync/cfbuild-librsync.spec b/deps-packaging/librsync/cfbuild-librsync.spec index e3be8bc21..534d828d9 100644 --- a/deps-packaging/librsync/cfbuild-librsync.spec +++ b/deps-packaging/librsync/cfbuild-librsync.spec @@ -53,7 +53,6 @@ touch -t 0001010102 ar-lib ./configure --prefix=%{prefix} --enable-shared --disable-static rm -f ${RPM_BUILD_ROOT}%{prefix}/lib/librsync.a -rm -f ${RPM_BUILD_ROOT}%{prefix}/lib/librsync.la %build @@ -63,6 +62,7 @@ make rm -rf ${RPM_BUILD_ROOT} make install DESTDIR=${RPM_BUILD_ROOT} +rm -f ${RPM_BUILD_ROOT}%{prefix}/lib/librsync.la %clean rm -rf $RPM_BUILD_ROOT @@ -91,7 +91,6 @@ CFEngine Build Automation -- librsync -- development files %{prefix}/include/*.h %dir %{prefix}/lib -%{prefix}/lib/*.la %{prefix}/lib/pkgconfig %changelog diff --git a/deps-packaging/libyaml/cfbuild-libyaml.spec b/deps-packaging/libyaml/cfbuild-libyaml.spec index b2de6669f..8ad3ebe70 100644 --- a/deps-packaging/libyaml/cfbuild-libyaml.spec +++ b/deps-packaging/libyaml/cfbuild-libyaml.spec @@ -33,6 +33,7 @@ $MAKE %install rm -rf ${RPM_BUILD_ROOT} $MAKE DESTDIR=${RPM_BUILD_ROOT} install +rm -rf ${RPM_BUILD_ROOT}%{prefix}/lib/libyaml.la %clean rm -rf $RPM_BUILD_ROOT @@ -65,7 +66,6 @@ CFEngine Build Automation -- lmdb -- development files %dir %{prefix}/lib %{prefix}/lib/pkgconfig %{prefix}/lib/*.a -%{prefix}/lib/*.la %changelog diff --git a/deps-packaging/pkg-build-rpm b/deps-packaging/pkg-build-rpm index 2039562aa..72b4d2d6e 100755 --- a/deps-packaging/pkg-build-rpm +++ b/deps-packaging/pkg-build-rpm @@ -76,11 +76,15 @@ if [ $TARGET != native ]; then exit 42 fi +# deps packages may result in binaries without debug symbols even when debugsym=yes aka BUILD_TYPE=DEBUG +# to avoid rpmbuild errors when this occurs, allow empties +RPMBUILD_OPTIONS="$RPMBUILD_OPTIONS --define '_empty_manifest_terminate_build 0'" + case "$TESTS" in no) - RPMBUILD_OPTIONS="--define 'with_testsuite 0'";; + RPMBUILD_OPTIONS="$RPMBUILD_OPTIONS --define 'with_testsuite 0'";; yes) - RPMBUILD_OPTIONS="--define 'with_testsuite 1'";; + RPMBUILD_OPTIONS="$RPMBUILD_OPTIONS --define 'with_testsuite 1'";; *) fatal "Unknown tests option: $TESTS";; esac @@ -112,6 +116,12 @@ fi # example cmd --define 'a b': # - argv[1] = --define # - argv[2] = a b + +# We have /var/cfengine/lib in RPATHS which should be OK +# We asked in https://github.com/rpm-software-management/rpm/issues/3982, and it seems allowing this is OK +# 0x0002 - contains an invalid RPATH - in our case /var/cfengine/lib is OK so allow it as an exception +# Here we only want to specify this one flag: 0x0002. Sadly these scripts run on POSIX shell (especially e.g. aix71 runs as /bin/sh which is ksh) so no bitwise operators. Add them together manually to a decimal integer. +export QA_RPATHS=2 # 0x0002 all by itself, no &(ands) eval rpmbuild -bb \ --define "'_topdir $BASEDIR/$PKGNAME'" \ --define "'version $VERSION'" \ diff --git a/packaging/cfengine-community/cfengine-community.spec.in b/packaging/cfengine-community/cfengine-community.spec.in index 55a1b2eda..293d8d2ad 100644 --- a/packaging/cfengine-community/cfengine-community.spec.in +++ b/packaging/cfengine-community/cfengine-community.spec.in @@ -63,10 +63,11 @@ rm -f $RPM_BUILD_ROOT%{prefix}/bin/curl rm -f $RPM_BUILD_ROOT%{prefix}/bin/wcurl rm -rf $RPM_BUILD_ROOT%{prefix}/ssl -# For el9+ and suse-15+ we started seeing issues from other packages not expecting init scripts -%if %{?rhel}%{!?rhel:0} >= 9 || %{?suse_version}%{!?suse_version:0} >= 1500 +# For el8+ and suse-15+ we started seeing issues from other packages not expecting init scripts +%if %{?rhel}%{!?rhel:0} >= 8 || %{?suse_version}%{!?suse_version:0} >= 1500 rm -f $RPM_BUILD_ROOT/etc/sysconfig/cfengine3 rm -f $RPM_BUILD_ROOT/etc/init.d/cfengine3 +rm -f $RPM_BUILD_ROOT/etc/init.d/cf-php-fpm rm -f $RPM_BUILD_ROOT/etc/profile.d/cfengine3.sh %endif @@ -149,12 +150,13 @@ done %endif # Globally installed configs, scripts -%if %{?rhel}%{!?rhel:0} < 9 && %{?suse_version}%{!?suse_version:0} < 1500 +%if %{?rhel}%{!?rhel:0} < 8 && %{?suse_version}%{!?suse_version:0} < 1500 %attr(644,root,root) /etc/sysconfig/cfengine3 %attr(755,root,root) /etc/profile.d/cfengine3.sh # ENT-11901 -# For el9+ and suse15+ we started seeing issues from other packages not expecting init scripts +# For el8+ and suse15+ we started seeing issues from other packages not expecting init scripts %attr(755,root,root) /etc/init.d/cfengine3 +%attr(755,root,root) /etc/init.d/cf-php-fpm %endif # Systemd units diff --git a/packaging/cfengine-nova-hub/cfengine-nova-hub.spec.in b/packaging/cfengine-nova-hub/cfengine-nova-hub.spec.in index 74ace020d..0a95de657 100644 --- a/packaging/cfengine-nova-hub/cfengine-nova-hub.spec.in +++ b/packaging/cfengine-nova-hub/cfengine-nova-hub.spec.in @@ -82,10 +82,12 @@ cp -a %{prefix}/* $RPM_BUILD_ROOT%{prefix} cp -a %{_basedir}/cfengine/dist/* $RPM_BUILD_ROOT # ENT-11901 -# For el9+ we started seeing issues from other packages not expecting init scripts -%if %{?rhel}%{!?rhel:0} >= 9 +# For el8+ we started seeing issues from other packages not expecting init scripts +# If sysvinit scripts other than cfengine3 are present, such as cf-php-fpm, they will fail with systemctl operations due to not supporting chkconfig. +%if %{?rhel}%{!?rhel:0} >= 8 rm -f $RPM_BUILD_ROOT/etc/sysconfig/cfengine3 rm -f $RPM_BUILD_ROOT/etc/init.d/cfengine3 +rm -f $RPM_BUILD_ROOT/etc/init.d/cf-php-fpm rm -f $RPM_BUILD_ROOT/etc/profile.d/cfengine.sh %endif # Remove useless stuff @@ -347,9 +349,11 @@ exit 0 # Initscript, other configuration %defattr(755,root,root,755) # ENT-11901 -# For el9+ we started seeing issues from other packages not expecting init scripts -%if %{?rhel}%{!?rhel:0} < 9 +# For el8+ we started seeing issues from other packages not expecting init scripts +# ENT-13319 we found that rhel-8 also exhibited this behavior so adjusted el9+ to el8+ +%if %{?rhel}%{!?rhel:0} < 8 /etc/init.d/cfengine3 +/etc/init.d/cf-php-fpm /etc/profile.d/cfengine.sh %attr(644,root,root) /etc/sysconfig/cfengine3 %endif diff --git a/packaging/cfengine-nova/cfengine-nova.spec.aix.in b/packaging/cfengine-nova/cfengine-nova.spec.aix.in index aff7e6fd0..1fae9f57d 100644 --- a/packaging/cfengine-nova/cfengine-nova.spec.aix.in +++ b/packaging/cfengine-nova/cfengine-nova.spec.aix.in @@ -42,6 +42,9 @@ rm -f $RPM_BUILD_ROOT%{prefix}/bin/openssl rm -f $RPM_BUILD_ROOT%{prefix}/bin/curl rm -rf $RPM_BUILD_ROOT%{prefix}/ssl +# For client we never want hub-specific things +rm -f $RPM_BUILD_ROOT/init.d/cf-php-fpm + %clean rm -rf $RPM_BUILD_ROOT diff --git a/packaging/cfengine-nova/cfengine-nova.spec.in b/packaging/cfengine-nova/cfengine-nova.spec.in index c6bd7fc16..94bb72cf6 100644 --- a/packaging/cfengine-nova/cfengine-nova.spec.in +++ b/packaging/cfengine-nova/cfengine-nova.spec.in @@ -57,6 +57,9 @@ mkdir -p $RPM_BUILD_ROOT%{prefix} cp -a %{prefix}/* $RPM_BUILD_ROOT%{prefix} cp -a %{_basedir}/cfengine/dist/* $RPM_BUILD_ROOT +# for cfengine-nova (client) we never want cf-php-fpm service, that is only for cfengine-nova-hub +rm -f $RPM_BUILD_ROOT/etc/init.d/cf-php-fpm + # ENT-11901 # For el9+ and suse-15+ we started seeing issues from other packages not expecting init scripts %if %{?rhel}%{!?rhel:0} >= 9 || %{?suse_version}%{!?suse_version:0} >= 1500 diff --git a/packaging/cfengine-nova/debian/rules b/packaging/cfengine-nova/debian/rules index f6b777cc9..ff362457d 100755 --- a/packaging/cfengine-nova/debian/rules +++ b/packaging/cfengine-nova/debian/rules @@ -38,7 +38,8 @@ install: build rm -f $(CURDIR)/debian/tmp$(PREFIX)/bin/openssl rm -f $(CURDIR)/debian/tmp$(PREFIX)/bin/curl rm -rf $(CURDIR)/debian/tmp$(PREFIX)/ssl - +# remove hub-specific files + rm -f $(CURDIR)/debian/tmp/etc/init.d/cf-php-fpm # Debian is different