diff --git a/make-rhat-patches.sh b/make-rhat-patches.sh index 990d55e..45129b5 100755 --- a/make-rhat-patches.sh +++ b/make-rhat-patches.sh @@ -5,28 +5,41 @@ DISTGIT_PATH=$(pwd) FEDORA_VERSION=f28 DOCKER_FEDORA_VERSION=master DISTGIT_BRANCH=f28 +REPO_SELINUX_POLICY=${REPO_SELINUX_POLICY:-git@github.com:fedora-selinux/selinux-policy.git} +REPO_SELINUX_POLICY_BRANCH=${REPO_SELINUX_POLICY_BRANCH:-$FEDORA_VERSION} +REPO_SELINUX_POLICY_CONTRIB=${REPO_SELINUX_POLICY_CONTRIB:-git@github.com:fedora-selinux/selinux-policy-contrib.git} +REPO_SELINUX_POLICY_CONTRIB_BRANCH=${REPO_SELINUX_POLICY_CONTRIB_BRANCH:-$FEDORA_VERSION} +REPO_CONTAINER_SELINUX=${REPO_CONTAINER_SELINUX:-git@github.com:projectatomic/container-selinux.git} + +# When -l is specified, we use locally created tarballs and don't download them from github +DOWNLOAD_DEFAULT_GITHUB_TARBALLS=1 +if [ "$1" == "-l" ]; then + DOWNLOAD_DEFAULT_GITHUB_TARBALLS=0 +fi git checkout $DISTGIT_BRANCH -q POLICYSOURCES=`mktemp -d policysources.XXXXXX` pushd $POLICYSOURCES > /dev/null -git clone git@github.com:fedora-selinux/selinux-policy.git -q -git clone git@github.com:fedora-selinux/selinux-policy-contrib.git -q -git clone git@github.com:projectatomic/container-selinux.git -q +git clone -q $REPO_SELINUX_POLICY selinux-policy +git clone -q $REPO_SELINUX_POLICY_CONTRIB selinux-policy-contrib +git clone -q $REPO_CONTAINER_SELINUX container-selinux pushd selinux-policy > /dev/null # prepare policy patches against upstream commits matching the last upstream merge -git checkout $FEDORA_VERSION +git checkout $REPO_SELINUX_POLICY_BRANCH BASE_HEAD_ID=$(git rev-parse HEAD) BASE_SHORT_HEAD_ID=$(c=${BASE_HEAD_ID}; echo ${c:0:7}) +git archive --prefix=selinux-policy-$BASE_HEAD_ID/ --format tgz HEAD > $DISTGIT_PATH/selinux-policy-$BASE_SHORT_HEAD_ID.tar.gz popd > /dev/null pushd selinux-policy-contrib > /dev/null # prepare policy patches against upstream commits matching the last upstream merge -git checkout $FEDORA_VERSION +git checkout $REPO_SELINUX_POLICY_CONTRIB_BRANCH CONTRIB_HEAD_ID=$(git rev-parse HEAD) CONTRIB_SHORT_HEAD_ID=$(c=${CONTRIB_HEAD_ID}; echo ${c:0:7}) +git archive --prefix=selinux-policy-contrib-$CONTRIB_HEAD_ID/ --format tgz HEAD > $DISTGIT_PATH/selinux-policy-contrib-$CONTRIB_SHORT_HEAD_ID.tar.gz popd > /dev/null pushd container-selinux > /dev/null @@ -36,15 +49,24 @@ tar -czf container-selinux.tgz container.if container.te container.fc popd > /dev/null pushd $DISTGIT_PATH > /dev/null -wget -nc https://github.com/fedora-selinux/selinux-policy/archive/${BASE_HEAD_ID}/selinux-policy-${BASE_SHORT_HEAD_ID}.tar.gz &> /dev/null -wget -nc https://github.com/fedora-selinux/selinux-policy-contrib/archive/${CONTRIB_HEAD_ID}/selinux-policy-contrib-${CONTRIB_SHORT_HEAD_ID}.tar.gz &> /dev/null +if [ $DOWNLOAD_DEFAULT_GITHUB_TARBALLS == 1 ]; then + wget -O selinux-policy-${BASE_SHORT_HEAD_ID}.tar.gz https://github.com/fedora-selinux/selinux-policy/archive/${BASE_HEAD_ID}/selinux-policy-${BASE_SHORT_HEAD_ID}.tar.gz &> /dev/null + wget -O selinux-policy-contrib-${CONTRIB_SHORT_HEAD_ID}.tar.gz https://github.com/fedora-selinux/selinux-policy-contrib/archive/${CONTRIB_HEAD_ID}/selinux-policy-contrib-${CONTRIB_SHORT_HEAD_ID}.tar.gz &> /dev/null +fi cp $POLICYSOURCES/container-selinux/container-selinux.tgz . popd > /dev/null popd > /dev/null rm -rf $POLICYSOURCES +# Update commit ids in selinux-policy.spec file +sed -i "s/%global commit0 [^ ]*$/%global commit0 $BASE_HEAD_ID/" selinux-policy.spec +sed -i "s/%global commit1 [^ ]*$/%global commit1 $CONTRIB_HEAD_ID/" selinux-policy.spec + +# Update sources +sha512sum --tag selinux-policy-${BASE_SHORT_HEAD_ID}.tar.gz selinux-policy-contrib-${CONTRIB_SHORT_HEAD_ID}.tar.gz container-selinux.tgz > sources + echo -e "\nSELinux policy tarballs and container.tgz with container policy files have been created." -echo "Replace commit ids of selinux-policy and selinux-policy-contrib in spec file to:" +echo "Commit ids of selinux-policy and selinux-policy-contrib in spec file were changed to:" echo "commit0 " ${BASE_HEAD_ID} echo "commit1 " ${CONTRIB_HEAD_ID}