File micro-okd.spec of Package micro-okd
#
# spec file for package micro-okd
#
# Copyright (c) 2025 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
#######################################################################################################################
# openSUSE packaging
#######################################################################################################################
# - based on the spec file in upstream/packaging/rpm/microshift.spec
# - version is set by an obs service
# - git commit etc. are handled in the build section
# - BuildRequires were added to avoid rpm-lint errors for un-owned directories
# - systemd drop-ins are not being installed to /etc/systemd/system/foo.service.d/
# - BuildRequires on openvswitch added, to have the openvswitch user in the build environment
# - BuildRequires for systemd commented out, as openvswitch need udev-mini which needs systemd-mini
# which collides with systemd
# - greenboot has been disabled for now, see FIXME REMOVE greenboot
#######################################################################################################################
#######################################################################################################################
#######################################################################################################################
# SELinux specifics
%global selinuxtype targeted
%define selinux_policyver 3.14.3-67
%define microshift_relabel_files() \
mkdir -p /var/lib/kubelet/pods; \
mkdir -p /etc/microshift; \
mkdir -p /usr/lib/microshift; \
mkdir -p /var/lib/microshift-backups; # Creating folder to avoid GreenBoot race condition so that correct label is applied \
restorecon -R /var/lib/kubelet/pods; \
restorecon -R /var/lib/microshift-backups; \
restorecon -R /etc/microshift; \
restorecon -R /usr/lib/microshift
%define microshift_relabel_exes() \
restorecon -v /usr/bin/microshift; \
restorecon -v /usr/bin/microshift-etcd
# Don't build flannel subpackage by default
%{!?with_flannel: %global with_flannel 0}
# Don't build topolvm subpackage by default
%{!?with_topolvm: %global with_topolvm 0}
%define version_with_underscores %{gsub %{version} ~ _}
%define version_with_hyphens %{gsub %{version} ~ -}
%define microshift_version 4.18.0
%global embedded_git_tag 4.18.0-3
Name: micro-okd
Version: 4.18.0~okd~scos.9
Release: 0
Summary: Micro OKD is an small form-factor Kubernetes distribution based on OKD
License: Apache-2.0
URL: https://github.com/okd-project/micro-okd
Source0: %{name}-%{version}.tar.gz
#
Source11: 0011-kube-proxy-rebase.patch
#
Source21: 0021-update-last_rebase.sh.patch
Source22: 0022-update-changelog.patch
Source23: 0023-update-microshift-go.mod.patch
Source24: 0024-update-microshift-vendor.patch
Source25: 0025-update-component-images.patch
Source26: 0026-update-manifests.patch
Source27: 0027-update-buildfiles.patch
#
Source31: 0031-update-last_lvms_rebase.sh.patch
Source32: 0032-update-rebase_job_entrypoint.sh.patch
Source33: 0033-update-LVMS-manifests.patch
ExclusiveArch: x86_64 aarch64
BuildRequires: gcc
BuildRequires: git-core
BuildRequires: curl
BuildRequires: yq
BuildRequires: make
BuildRequires: policycoreutils
# openSUSE BuildRequires: systemd
BuildRequires: golang(API) = 1.22
# openSUSE
BuildRequires: NetworkManager
BuildRequires: (cri-o >= 1.31.0 with cri-o < 1.32.0)
BuildRequires: (cri-tools >= 1.31.0 with cri-tools < 1.32.0)
BuildRequires: tuned
BuildRequires: sed
BuildRequires: fdupes
# openSUSE
Conflicts: microshift
#
Requires: (cri-o >= 1.31.0 with cri-o < 1.32.0)
Requires: (cri-tools >= 1.31.0 with cri-tools < 1.32.0)
Requires: iptables
Requires: micro-okd-selinux = %{version}
Requires: micro-okd-networking = %{version}
# FIXME REMOVE greenboot Requires: micro-okd-greenboot = %{version}
Requires: conntrack-tools
# openSUSE Requires: sos
Requires: crun
Requires: hostname
# openSUSE Requires: openshift-clients
Requires: oc
%{?systemd_requires}
%description
μOKD is a lightweight, single-node OKD cluster designed for edge deployment. It
is built on top of the OKD 4.x distribution and is optimized for low-resource
environments. μOKD is ideal for developers and teams looking to run OKD on
resource-constrained devices, in development environments, or home labs.
%package release-info
Summary: Release information for Micro-OKD
BuildArch: noarch
BuildRequires: jq
BuildRequires: gettext
%description release-info
The micro-okd-release package provides release information files for this
release. These files contain the list of container image references used by
Micro-OKD and can be used to embed those images into osbuilder blueprints.
An example of such osbuilder blueprints for x86_64 and aarch64 platforms are
also included in the package.
%package selinux
Summary: SELinux policies for Micro-OKD
BuildRequires: selinux-policy >= %{selinux_policyver}
BuildRequires: selinux-policy-devel >= %{selinux_policyver}
BuildRequires: container-selinux
Requires: container-selinux
BuildArch: noarch
Requires: micro-okd = %{version}
Requires: selinux-policy >= %{selinux_policyver}
%description selinux
The micro-okd-selinux package provides the SELinux policy modules required by Micro-OKD.
%package networking
Summary: Networking components for Micro-OKD
Requires: micro-okd = %{version}
# openSUSE Obsoletes: openvswitch3.1 < 3.3
# openSUSE Obsoletes: openvswitch3.3 < 3.4
# openSUSE Requires: (openvswitch3.4 or openvswitch >= 3.4)
BuildRequires: openvswitch >= 3.4.0
Requires: openvswitch >= 3.4.0
Requires: NetworkManager
Requires: NetworkManager-ovs
Requires: jq
%description networking
The micro-okd-networking package provides the networking components necessary
for the Micro-OKD default CNI driver.
# FIXME REMOVE greenboot %package greenboot
# FIXME REMOVE greenboot Summary: Greenboot components for Micro-OKD
# FIXME REMOVE greenboot BuildArch: noarch
# FIXME REMOVE greenboot Requires: micro-okd = %{version}
# FIXME REMOVE greenboot Requires: greenboot
# FIXME REMOVE greenboot Requires: python3-pyyaml
# FIXME REMOVE greenboot
# FIXME REMOVE greenboot %description greenboot
# FIXME REMOVE greenboot The micro-okd-greenboot package provides the Greenboot scripts used for
# FIXME REMOVE greenboot verifying that Micro-OKD is up and running.
%package olm
Summary: Operator Lifecycle Manager components for Micro-OKD
ExclusiveArch: x86_64 aarch64
Requires: micro-okd = %{version}
%description olm
The micro-okd-olm package provides the required manifests for the Operator
Lifecycle Manager to be installed on Micro-OKD.
%package olm-release-info
Summary: Release information for Operator Lifecycle Manager components for Micro-OKD
BuildArch: noarch
Requires: micro-okd-release-info = %{version}
%description olm-release-info
The micro-okd-olm-release-info package provides release information files for this
release. These files contain the list of container image references used by
the Operator Lifecycle Manager for Micro-OKD and can be used to embed those
images into osbuilder blueprints.
%package multus
Summary: Multus CNI for Micro-OKD
ExclusiveArch: x86_64 aarch64
Requires: micro-okd = %{version}
%description multus
The micro-okd-multus package provides the required manifests for the Multus CNI to be installed on Micro-OKD.
%package multus-release-info
Summary: Release information for Multus CNI for Micro-OKD
BuildArch: noarch
Requires: micro-okd-release-info = %{version}
%description multus-release-info
The micro-okd-multus-release-info package provides release information files for this
release. These files contain the list of container image references used by
the Multus CNI for Micro-OKD and can be used to embed those images into osbuilder blueprints.
%if %{with_flannel}
%package flannel
Summary: flannel CNI for Micro-OKD
ExclusiveArch: x86_64 aarch64
Requires: micro-okd = %{version}
%description flannel
The micro-okd-flannel package provides the required manifests for the flannel CNI and the dependent
kube-proxy to be installed on Micro-OKD.
%package flannel-release-info
Summary: Release information for flannel CNI for Micro-OKD
BuildArch: noarch
Requires: micro-okd-release-info = %{version}
%description flannel-release-info
The micro-okd-flannel-release-info package provides release information files for this
release. These files contain the list of container image references used by the flannel CNI
with the dependent kube-proxy for Micro-OKD and can be used to embed those images
into osbuilder blueprints.
%endif
%package low-latency
Summary: Baseline configuration for running low latency workload on Micro-OKD
BuildArch: noarch
Requires: micro-okd = %{version}
Requires: tuned-profiles-cpu-partitioning
Requires: python3-pyyaml
%description low-latency
The micro-okd-low-latency package provides a baseline configuration prepared for
running low latency workloads on Micro-OKD.
%package gateway-api
Summary: Gateway API for Micro-OKD
ExclusiveArch: x86_64 aarch64
Requires: micro-okd = %{version}
%description gateway-api
The micro-okd-gateway-api package provides the required manifests for the
Gateway API to be installed on Micro-OKD.
%package gateway-api-release-info
Summary: Release information for Gateway API for Micro-OKD
BuildArch: noarch
Requires: micro-okd = %{version}
%description gateway-api-release-info
The micro-okd-gateway-api-release-info package provides release information files for this
release. These files contain the list of container image references used by Gateway API
and can be used to embed those images into osbuilder blueprints.
%prep
%autosetup
cd upstream || exit 1
echo "Applying patch11"
patch -p1 < %{SOURCE11}
echo "Applying patch21"
patch -p1 < %{SOURCE21}
echo "Applying patch22"
patch -p1 < %{SOURCE22}
echo "Applying patch23"
patch -p1 < %{SOURCE23}
echo "Applying patch24"
patch -p1 < %{SOURCE24}
echo "Applying patch25"
patch -p1 < %{SOURCE25}
echo "Applying patch26"
patch -p1 < %{SOURCE26}
echo "Applying patch27"
patch -p1 < %{SOURCE27}
echo "Applying patch31"
patch -p1 < %{SOURCE31}
echo "Applying patch32"
patch -p1 < %{SOURCE32}
echo "Applying patch33"
patch -p1 < %{SOURCE33}
#######################################################################################################################
# SECTION build
#######################################################################################################################
%build
COMMIT_HASH="$(sed -n 's/commit: \(.*\)/\1/p' %_sourcedir/%{name}.obsinfo)"
DATE_FMT="+%%Y-%%m-%%dT%%H:%%M:%%SZ"
BUILD_DATE=$(date -u -d "@${SOURCE_DATE_EPOCH}" "${DATE_FMT}" 2>/dev/null || date -u -r "${SOURCE_DATE_EPOCH}" "${DATE_FMT}" 2>/dev/null || date -u "${DATE_FMT}")
GOOS=linux
%ifarch %{arm} aarch64
GOARCH=arm64
%endif
%ifarch x86_64
GOARCH=amd64
%endif
#####################################################
# directory ./upstream
#####################################################
cd upstream || exit 1
#
#
#
make \
_build_local \
GOOS=${GOOS} \
GOARCH=${GOARCH} \
EMBEDDED_GIT_COMMIT=${COMMIT_HASH:0:8} \
EMBEDDED_GIT_TAG=%{embedded_git_tag} \
EMBEDDED_GIT_TREE_STATE=clean \
MICROSHIFT_VERSION=%{microshift_version}
cp ./_output/bin/${GOOS}_${GOARCH}/microshift ./_output/microshift
cp ./_output/bin/${GOOS}_${GOARCH}/microshift-etcd ./_output/microshift-etcd
# SELinux modules build
make --directory packaging/selinux
# osbuilder sample blueprints build
function create_blueprint() {
local -r larch="$1"
REPLACE_USHIFT_VERSION="%{version}" \
REPLACE_USHIFT_ARCH="${larch}" \
envsubst < "packaging/blueprint/blueprint.toml.template" > "packaging/blueprint/blueprint-${larch}.toml"
jq -r \
'.images | .[] | ("[[containers]]\nsource = \"" + . + "\"\n")' \
"assets/release/release-${larch}.json" \
>> "packaging/blueprint/blueprint-${larch}.toml"
}
create_blueprint x86_64
create_blueprint aarch64
#######################################################################################################################
# SECTION install
#######################################################################################################################
%install
#####################################################
# directory ./upstream
#####################################################
cd upstream || exit 1
install -d %{buildroot}%{_bindir}
install -p -m755 ./_output/microshift %{buildroot}%{_bindir}/microshift
install -p -m755 ./_output/microshift-etcd %{buildroot}%{_bindir}/microshift-etcd
install -p -m755 scripts/microshift-cleanup-data.sh %{buildroot}%{_bindir}/microshift-cleanup-data
install -p -m755 scripts/microshift-sos-report.sh %{buildroot}%{_bindir}/microshift-sos-report
install -d -m755 %{buildroot}%{_sharedstatedir}/microshift
install -d -m755 %{buildroot}%{_sharedstatedir}/microshift-backups
install -d -m755 %{buildroot}%{_sysconfdir}/crio/crio.conf.d
install -p -m644 packaging/crio.conf.d/00-crio-crun.conf %{buildroot}%{_sysconfdir}/crio/crio.conf.d/00-crio-crun.conf
%ifarch %{arm} aarch64
install -p -m644 packaging/crio.conf.d/10-microshift_arm64.conf %{buildroot}%{_sysconfdir}/crio/crio.conf.d/10-microshift.conf
%endif
%ifarch x86_64
install -p -m644 packaging/crio.conf.d/10-microshift_amd64.conf %{buildroot}%{_sysconfdir}/crio/crio.conf.d/10-microshift.conf
%endif
install -p -m644 packaging/crio.conf.d/11-microshift-ovn.conf %{buildroot}%{_sysconfdir}/crio/crio.conf.d/11-microshift-ovn.conf
install -d -m755 %{buildroot}%{_sysconfdir}/NetworkManager/conf.d
install -p -m644 packaging/NetworkManager.conf.d/10-microshift-ignore-devices.conf %{buildroot}%{_sysconfdir}/NetworkManager/conf.d/10-microshift-ignore-devices.conf
install -d -m755 %{buildroot}/%{_unitdir}
install -p -m644 packaging/systemd/microshift.service %{buildroot}%{_unitdir}/microshift.service
install -d -m755 %{buildroot}/%{_sysconfdir}/microshift
install -d -m755 %{buildroot}/%{_sysconfdir}/microshift/manifests
install -d -m755 %{buildroot}/%{_sysconfdir}/microshift/manifests.d
install -d -m755 %{buildroot}/%{_sysconfdir}/microshift/config.d
install -p -m644 packaging/microshift/config.yaml %{buildroot}%{_sysconfdir}/microshift/config.yaml.default
install -p -m644 packaging/microshift/lvmd.yaml %{buildroot}%{_sysconfdir}/microshift/lvmd.yaml.default
install -p -m644 packaging/microshift/ovn.yaml %{buildroot}%{_sysconfdir}/microshift/ovn.yaml.default
# /usr/lib/microshift manifest directories for other packages to add to
install -d -m755 %{buildroot}/%{_prefix}/lib/microshift
install -d -m755 %{buildroot}/%{_prefix}/lib/microshift/manifests
install -d -m755 %{buildroot}/%{_prefix}/lib/microshift/manifests.d
# release-info files
mkdir -p -m755 %{buildroot}%{_datadir}/microshift/release
# openSUSE
%ifarch %{arm} aarch64
install -p -m644 assets/release/release-aarch64.json %{buildroot}%{_datadir}/microshift/release
%endif
# openSUSE
%ifarch x86_64
install -p -m644 assets/release/release-x86_64.json %{buildroot}%{_datadir}/microshift/release
%endif
mkdir -p -m755 %{buildroot}%{_datadir}/microshift/blueprint
install -p -m644 packaging/blueprint/blueprint*.toml %{buildroot}%{_datadir}/microshift/blueprint
mkdir -p -m755 %{buildroot}%{_datadir}/microshift/kickstart
install -p -m644 packaging/kickstart/kickstart*.ks.template %{buildroot}%{_datadir}/microshift/kickstart
# spec validation files
mkdir -p -m755 %{buildroot}%{_datadir}/microshift/spec
install -p -m644 cmd/generate-config/config/config-openapi-spec.json %{buildroot}%{_datadir}/microshift/spec/config-openapi-spec.json
# Memory tweaks to the OpenvSwitch services
mkdir -p -m755 %{buildroot}%{_sysconfdir}/systemd/system/ovs-vswitchd.service.d
mkdir -p -m755 %{buildroot}%{_sysconfdir}/systemd/system/ovsdb-server.service.d
install -p -m644 packaging/systemd/microshift-ovs-vswitchd.conf %{buildroot}%{_sysconfdir}/systemd/system/ovs-vswitchd.service.d/microshift-cpuaffinity.conf
install -p -m644 packaging/systemd/microshift-ovsdb-server.conf %{buildroot}%{_sysconfdir}/systemd/system/ovsdb-server.service.d/microshift-cpuaffinity.conf
# this script and systemd service configures openvswitch to properly operate with OVN
install -p -m644 packaging/systemd/microshift-ovs-init.service %{buildroot}%{_unitdir}/microshift-ovs-init.service
install -p -m755 packaging/systemd/configure-ovs.sh %{buildroot}%{_bindir}/configure-ovs.sh
install -p -m755 packaging/systemd/configure-ovs-microshift.sh %{buildroot}%{_bindir}/configure-ovs-microshift.sh
# Avoid firewalld manipulation and flushing of iptable rules,
# this is a workaround for https://issues.redhat.com/browse/NP-641
# It will trigger some warnings on the selinux audit log when restarting firewalld.
# In the future firewalld should stop flushing iptables unless we use any firewalld rule with direct
# iptables rules, once that's available in RHEL we can remove this workaround
# see https://github.com/firewalld/firewalld/issues/863#issuecomment-1407059938
mkdir -p -m755 %{buildroot}%{_sysconfdir}/systemd/system/firewalld.service.d
install -p -m644 packaging/systemd/firewalld-no-iptables.conf %{buildroot}%{_sysconfdir}/systemd/system/firewalld.service.d/firewalld-no-iptables.conf
mkdir -p -m755 %{buildroot}/var/lib/kubelet/pods
install -d %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}
install -m644 packaging/selinux/microshift.pp.bz2 %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}
# FIXME REMOVE greenboot # Greenboot scripts
# FIXME REMOVE greenboot install -d -m755 %{buildroot}%{_datadir}/microshift/functions
# FIXME REMOVE greenboot install -p -m644 packaging/greenboot/functions.sh %{buildroot}%{_datadir}/microshift/functions/greenboot.sh
# FIXME REMOVE greenboot
# FIXME REMOVE greenboot install -d -m755 %{buildroot}%{_sysconfdir}/greenboot/check/required.d
# FIXME REMOVE greenboot install -p -m755 packaging/greenboot/microshift-running-check.sh %{buildroot}%{_sysconfdir}/greenboot/check/required.d/40_microshift_running_check.sh
# FIXME REMOVE greenboot
# FIXME REMOVE greenboot install -d -m755 %{buildroot}%{_sysconfdir}/greenboot/red.d
# FIXME REMOVE greenboot install -p -m755 packaging/greenboot/microshift-pre-rollback.sh %{buildroot}%{_sysconfdir}/greenboot/red.d/40_microshift_pre_rollback.sh
# OLM manifests
install -d -m755 %{buildroot}/%{_prefix}/lib/microshift/manifests.d/001-microshift-olm
# Copy all the OLM manifests except the arch specific ones
install -p -m644 assets/optional/operator-lifecycle-manager/0000* %{buildroot}/%{_prefix}/lib/microshift/manifests.d/001-microshift-olm
install -p -m644 assets/optional/operator-lifecycle-manager/kustomization.yaml %{buildroot}/%{_prefix}/lib/microshift/manifests.d/001-microshift-olm
# FIXME REMOVE greenboot install -p -m755 packaging/greenboot/microshift-running-check-olm.sh %{buildroot}%{_sysconfdir}/greenboot/check/required.d/50_microshift_running_check_olm.sh
%ifarch %{arm} aarch64
cat assets/optional/operator-lifecycle-manager/kustomization.aarch64.yaml >> %{buildroot}/%{_prefix}/lib/microshift/manifests.d/001-microshift-olm/kustomization.yaml
%endif
%ifarch x86_64
cat assets/optional/operator-lifecycle-manager/kustomization.x86_64.yaml >> %{buildroot}/%{_prefix}/lib/microshift/manifests.d/001-microshift-olm/kustomization.yaml
%endif
# olm-release-info
mkdir -p -m755 %{buildroot}%{_datadir}/microshift/release
install -p -m644 assets/optional/operator-lifecycle-manager/release-olm-{x86_64,aarch64}.json %{buildroot}%{_datadir}/microshift/release/
# multus
install -d -m755 %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-multus
install -p -m644 assets/optional/multus/kustomization.yaml %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-multus
# FIXME REMOVE greenboot install -p -m755 packaging/greenboot/microshift-running-check-multus.sh %{buildroot}%{_sysconfdir}/greenboot/check/required.d/41_microshift_running_check_multus.sh
install -p -m755 packaging/crio.conf.d/12-microshift-multus.conf %{buildroot}%{_sysconfdir}/crio/crio.conf.d/12-microshift-multus.conf
# multus-release-info
mkdir -p -m755 %{buildroot}%{_datadir}/microshift/release
install -p -m644 assets/optional/multus/release-multus-{x86_64,aarch64}.json %{buildroot}%{_datadir}/microshift/release/
### %if %{with_flannel}
### # kube-proxy
### install -d -m755 %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-kube-proxy
### # Copy all the manifests except the arch specific ones
### install -p -m644 assets/optional/kube-proxy/0* %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-kube-proxy
### install -p -m644 assets/optional/kube-proxy/kustomization.yaml %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-kube-proxy
###
### %ifarch %{arm} aarch64
### cat assets/optional/kube-proxy/kustomization.aarch64.yaml >> %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-kube-proxy/kustomization.yaml
### %endif
###
### %ifarch x86_64
### cat assets/optional/kube-proxy/kustomization.x86_64.yaml >> %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-kube-proxy/kustomization.yaml
### %endif
###
### # kube-proxy-release-info
### mkdir -p -m755 %{buildroot}%{_datadir}/microshift/release
### install -p -m644 assets/optional/kube-proxy/release-kube-proxy-{x86_64,aarch64}.json %{buildroot}%{_datadir}/microshift/release/
###
### # flannel
### install -d -m755 %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-flannel
### install -d -m755 %{buildroot}%{_sysconfdir}/systemd/system/
### # Copy all the manifests except the arch specific ones
### install -p -m644 assets/optional/flannel/0* %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-flannel
### install -p -m644 assets/optional/flannel/kustomization.yaml %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-flannel
### install -p -m644 packaging/flannel/00-disableDefaultCNI.yaml %{buildroot}%{_sysconfdir}/microshift/config.d/00-disableDefaultCNI.yaml
### install -p -m644 packaging/flannel/microshift-flannel.service %{buildroot}%{_unitdir}/microshift.service
###
### %ifarch %{arm} aarch64
### cat assets/optional/flannel/kustomization.aarch64.yaml >> %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-flannel/kustomization.yaml
### %endif
###
### %ifarch x86_64
### cat assets/optional/flannel/kustomization.x86_64.yaml >> %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-flannel/kustomization.yaml
### %endif
###
### # flannel-release-info
### mkdir -p -m755 %{buildroot}%{_datadir}/microshift/release
### install -p -m644 assets/optional/flannel/release-flannel-{x86_64,aarch64}.json %{buildroot}%{_datadir}/microshift/release/
### %endif
# cleanup kubelet
install -p -m644 packaging/tuned/microshift-cleanup-kubelet.service %{buildroot}%{_unitdir}/microshift-cleanup-kubelet.service
# low-latency
install -d -m755 %{buildroot}/%{_prefix}/lib/tuned/microshift-baseline
install -p -m644 packaging/tuned/profile/tuned.conf %{buildroot}/%{_prefix}/lib/tuned/microshift-baseline/tuned.conf
install -p -m755 packaging/tuned/profile/script.sh %{buildroot}/%{_prefix}/lib/tuned/microshift-baseline/script.sh
install -d -m755 %{buildroot}%{_sysconfdir}/tuned
install -p -m644 packaging/tuned/profile/variables.conf %{buildroot}%{_sysconfdir}/tuned/microshift-baseline-variables.conf
## low-latency: crio runtime & manifests to install runtime-class
install -p -m644 packaging/crio.conf.d/05-high-performance-runtime.conf %{buildroot}%{_sysconfdir}/crio/crio.conf.d/05-high-performance-runtime.conf
install -d -m755 %{buildroot}/%{_prefix}/lib/microshift/manifests.d/002-microshift-low-latency
install -p -m644 packaging/tuned/runtime-class/runtime-class.yaml %{buildroot}/%{_prefix}/lib/microshift/manifests.d/002-microshift-low-latency/runtime-class.yaml
install -p -m644 packaging/tuned/runtime-class/kustomization.yaml %{buildroot}/%{_prefix}/lib/microshift/manifests.d/002-microshift-low-latency/kustomization.yaml
## low-latency: microshift-tuned
install -p -m644 packaging/tuned/microshift-tuned.service %{buildroot}%{_unitdir}/microshift-tuned.service
install -p -m755 packaging/tuned/microshift-tuned.py %{buildroot}%{_bindir}/microshift-tuned
# gateway-api
install -d -m755 %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-gateway-api
install -p -m644 assets/optional/gateway-api/0* %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-gateway-api
install -p -m644 assets/optional/gateway-api/kustomization.yaml %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-gateway-api
# FIXME REMOVE greenboot install -p -m755 packaging/greenboot/microshift-running-check-gateway-api.sh %{buildroot}%{_sysconfdir}/greenboot/check/required.d/41_microshift_running_check_gateway_api.sh
%ifarch %{arm} aarch64
cat assets/optional/gateway-api/kustomization.aarch64.yaml >> %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-gateway-api/kustomization.yaml
%endif
%ifarch x86_64
cat assets/optional/gateway-api/kustomization.x86_64.yaml >> %{buildroot}/%{_prefix}/lib/microshift/manifests.d/000-microshift-gateway-api/kustomization.yaml
%endif
# gateway-api-release-info
mkdir -p -m755 %{buildroot}%{_datadir}/microshift/release
install -p -m644 assets/optional/gateway-api/release-gateway-api-{x86_64,aarch64}.json %{buildroot}%{_datadir}/microshift/release/
# openSUSE
sed -i '/^#!/ s/env\ python.*$/python3/' %{buildroot}%{_bindir}/microshift-tuned
sed -i '/^#!/ s/env\ bash/bash/' %{buildroot}/%{_prefix}/lib/tuned/microshift-baseline/script.sh
%fdupes %{buildroot}%{_datadir}/microshift/
#######################################################################################################################
# SECTION pre/post/...
#######################################################################################################################
%pre networking
getent group hugetlbfs >/dev/null || groupadd -r hugetlbfs
usermod -a -G hugetlbfs openvswitch
%post
# This can be called only after microshift executable files are installed
%microshift_relabel_exes
%systemd_post microshift.service
# Restart crio and microshift services if they are active, both on installs and upgrades
# - Crio should pick up potential configuration updates
# - MicroShift should refresh running containers, pick up potential manifest updates, etc.
systemctl is-active --quiet crio && systemctl restart --quiet crio || true
systemctl is-active --quiet microshift && systemctl restart --quiet microshift || true
%pre selinux
%selinux_relabel_pre -s %{selinuxtype}
%post selinux
%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/microshift.pp.bz2
%microshift_relabel_files
%postun selinux
if [ $1 -eq 0 ]; then
%selinux_modules_uninstall -s %{selinuxtype} microshift
fi
%posttrans selinux
%selinux_relabel_post -s %{selinuxtype}
%post networking
# setup ovs / ovsdb optimization to avoid full pre-allocation of memory
sed -i -n -e '/^OPTIONS=/!p' -e '$aOPTIONS="--no-mlockall"' /etc/sysconfig/openvswitch
%systemd_post microshift-ovs-init.service
systemctl is-active --quiet NetworkManager && systemctl restart --quiet NetworkManager || true
systemctl enable --now --quiet openvswitch || true
%preun networking
%systemd_preun microshift-ovs-init.service
%preun
%systemd_preun microshift.service
%post multus
# only for install, not on upgrades
if [ $1 -eq 1 ]; then
# if crio was already started, restart it so it will catch /etc/crio/crio.conf.d/12-microshift-multus.conf
systemctl is-active --quiet crio && systemctl restart --quiet crio || true
fi
%files
%license LICENSE
%{_bindir}/microshift
%{_bindir}/microshift-etcd
%{_bindir}/microshift-cleanup-data
%{_bindir}/microshift-sos-report
%{_unitdir}/microshift.service
%{_unitdir}/microshift-cleanup-kubelet.service
%{_sysconfdir}/crio/crio.conf.d/00-crio-crun.conf
%{_sysconfdir}/crio/crio.conf.d/10-microshift.conf
%{_datadir}/microshift/spec/config-openapi-spec.json
%dir %{_sysconfdir}/microshift
%dir %{_sysconfdir}/microshift/config.d
%dir %{_sysconfdir}/microshift/manifests
%dir %{_sysconfdir}/microshift/manifests.d
%config(noreplace) %{_sysconfdir}/microshift/config.yaml.default
%config(noreplace) %{_sysconfdir}/microshift/lvmd.yaml.default
%config(noreplace) %{_sysconfdir}/microshift/ovn.yaml.default
%dir %{_datadir}/microshift
%dir %{_datadir}/microshift/spec
%dir %{_prefix}/lib/microshift
%dir %{_prefix}/lib/microshift/manifests
%dir %{_prefix}/lib/microshift/manifests.d
%dir /var/lib/kubelet/
%files release-info
%dir %{_datadir}/microshift
%dir %{_datadir}/microshift/release
%dir %{_datadir}/microshift/blueprint
%dir %{_datadir}/microshift/kickstart
%{_datadir}/microshift/release/release-{x86_64,aarch64}.json
%{_datadir}/microshift/blueprint/blueprint*.toml
%{_datadir}/microshift/kickstart/kickstart*.ks.template
%files selinux
/var/lib/kubelet/pods
%{_datadir}/selinux/packages/%{selinuxtype}/microshift.pp.bz2
%files networking
%{_sysconfdir}/NetworkManager/conf.d/10-microshift-ignore-devices.conf
%{_sysconfdir}/crio/crio.conf.d/11-microshift-ovn.conf
%dir %{_unitdir}/
%dir %{_sysconfdir}/systemd/system/ovs-vswitchd.service.d/
%dir %{_sysconfdir}/systemd/system/ovsdb-server.service.d/
%dir %{_sysconfdir}/systemd/system/firewalld.service.d/
%{_sysconfdir}/systemd/system/ovs-vswitchd.service.d/microshift-cpuaffinity.conf
%{_sysconfdir}/systemd/system/ovsdb-server.service.d/microshift-cpuaffinity.conf
%{_sysconfdir}/systemd/system/firewalld.service.d/firewalld-no-iptables.conf
# OpensvSwitch oneshot configuration script which handles ovn-k8s gateway mode setup
%{_unitdir}/microshift-ovs-init.service
%{_bindir}/configure-ovs.sh
%{_bindir}/configure-ovs-microshift.sh
# FIXME REMOVE greenboot %files greenboot
# FIXME REMOVE greenboot %{_sysconfdir}/greenboot/check/required.d/40_microshift_running_check.sh
# FIXME REMOVE greenboot %{_sysconfdir}/greenboot/red.d/40_microshift_pre_rollback.sh
# FIXME REMOVE greenboot %{_datadir}/microshift/functions/greenboot.sh
# FIXME REMOVE greenboot %dir %{_datadir}/microshift
# FIXME REMOVE greenboot %dir %{_datadir}/microshift/functions
%files olm
%dir %{_prefix}/lib/microshift/manifests.d/001-microshift-olm
%{_prefix}/lib/microshift/manifests.d/001-microshift-olm/*
# FIXME REMOVE greenboot %{_sysconfdir}/greenboot/check/required.d/50_microshift_running_check_olm.sh
%files olm-release-info
%{_datadir}/microshift/release/release-olm-{x86_64,aarch64}.json
%files multus
%dir %{_prefix}/lib/microshift/manifests.d/000-microshift-multus
%{_prefix}/lib/microshift/manifests.d/000-microshift-multus/*
# FIXME REMOVE greenboot %{_sysconfdir}/greenboot/check/required.d/41_microshift_running_check_multus.sh
%{_sysconfdir}/crio/crio.conf.d/12-microshift-multus.conf
%files multus-release-info
%{_datadir}/microshift/release/release-multus-{x86_64,aarch64}.json
%if %{with_flannel}
%files flannel
%dir %{_prefix}/lib/microshift/manifests.d/000-microshift-flannel
%dir %{_prefix}/lib/microshift/manifests.d/000-microshift-kube-proxy
%{_prefix}/lib/microshift/manifests.d/000-microshift-flannel/*
%{_prefix}/lib/microshift/manifests.d/000-microshift-kube-proxy/*
%config(noreplace) %{_sysconfdir}/microshift/config.d/00-disableDefaultCNI.yaml
%{_unitdir}/microshift.service
%files flannel-release-info
%{_datadir}/microshift/release/release-flannel-{x86_64,aarch64}.json
%{_datadir}/microshift/release/release-kube-proxy-{x86_64,aarch64}.json
%endif
%if %{with_topolvm}
%files topolvm
%dir %{_prefix}/lib/microshift/manifests.d/001-microshift-topolvm
%{_prefix}/lib/microshift/manifests.d/001-microshift-topolvm/*
%config(noreplace) %{_sysconfdir}/microshift/config.d/01-disable-storage-csi.yaml
%endif
%files low-latency
%{_prefix}/lib/tuned/microshift-baseline
%config(noreplace) %{_sysconfdir}/tuned/microshift-baseline-variables.conf
%{_sysconfdir}/crio/crio.conf.d/05-high-performance-runtime.conf
%{_prefix}/lib/microshift/manifests.d/002-microshift-low-latency/
%{_unitdir}/microshift-tuned.service
%{_bindir}/microshift-tuned
%files gateway-api
%dir %{_prefix}/lib/microshift/manifests.d/000-microshift-gateway-api
%{_prefix}/lib/microshift/manifests.d/000-microshift-gateway-api/*
# FIXME REMOVE greenboot %{_sysconfdir}/greenboot/check/required.d/41_microshift_running_check_gateway_api.sh
%files gateway-api-release-info
%{_datadir}/microshift/release/release-gateway-api-{x86_64,aarch64}.json
%changelog
