## START: Set by rpmautospec ## (rpmautospec version 0.3.5) ## RPMAUTOSPEC: autorelease, autochangelog %define autorelease(e:s:pb:n) %{?-p:0.}%{lua: release_number = 12; base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}")); print(release_number + base_release_number - 1); }%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}} ## END: Set by rpmautospec # Generated by go2rpm %bcond_without check # https://github.com/theupdateframework/notary %global goipath github.com/theupdateframework/notary Version: 0.7.0 %gometa %global common_description %{expand: The Notary project comprises a server and a client for running and interacting with trusted collections. See the service architecture documentation for more information. Notary aims to make the internet more secure by making it easy for people to publish and verify content. We often rely on TLS to secure our communications with a web server, which is inherently flawed, as any compromise of the server enables malicious content to be substituted for the legitimate content. With Notary, publishers can sign their content offline using keys kept highly secure. Once the publisher is ready to make the content available, they can push their signed trusted collection to a Notary Server. Consumers, having acquired the publisher's public key through a secure channel, can then communicate with any Notary server or (insecure) mirror, relying only on the publisher's key to determine the validity and integrity of the received content.} %global golicenses LICENSE LICENSE-tuf %global godocs docs CHANGELOG.md CODE_OF_CONDUCT.md CONTRIBUTING.md\\\ CONTRIBUTORS MAINTAINERS_RULES.md README.md\\\ README-tuf.md Name: %{goname} Release: %autorelease Summary: Project that allows anyone to have trust over arbitrary collections of data # Upstream license specification: BSD-3-Clause and Apache-2.0 # Main library: ASL 2.0 # tuf/: BSD License: BSD and ASL 2.0 URL: %{gourl} Source0: %{gosource} # Change NewBasicKeyRequest to NewKeyRequest to use cfssl 1.4.1 Patch0: 0001-Change-NewBasicKeyRequest-to-NewKeyRequest-to-use-cf.patch # Update prometheus library Patch1: 0001-Update-for-newer-prometheus.patch BuildRequires: golang(github.com/bugsnag/bugsnag-go) BuildRequires: golang(github.com/distribution/distribution/v3/context) BuildRequires: golang(github.com/distribution/distribution/v3/health) BuildRequires: golang(github.com/distribution/distribution/v3/registry/api/errcode) BuildRequires: golang(github.com/distribution/distribution/v3/registry/auth) BuildRequires: golang(github.com/distribution/distribution/v3/registry/auth/htpasswd) BuildRequires: golang(github.com/distribution/distribution/v3/registry/auth/token) BuildRequires: golang(github.com/distribution/distribution/v3/registry/client/auth) BuildRequires: golang(github.com/distribution/distribution/v3/registry/client/auth/challenge) BuildRequires: golang(github.com/distribution/distribution/v3/registry/client/transport) BuildRequires: golang(github.com/distribution/distribution/v3/uuid) BuildRequires: golang(github.com/docker/go-connections/tlsconfig) BuildRequires: golang(github.com/docker/go/canonical/json) BuildRequires: golang(github.com/dvsekhvalnov/jose2go) BuildRequires: golang(github.com/go-sql-driver/mysql) BuildRequires: golang(github.com/golang/protobuf/proto) BuildRequires: golang(github.com/golang/protobuf/ptypes/empty) BuildRequires: golang(github.com/gorilla/mux) BuildRequires: golang(github.com/jinzhu/gorm) BuildRequires: golang(github.com/lib/pq) BuildRequires: golang(github.com/prometheus/client_golang/prometheus) BuildRequires: golang(github.com/Shopify/logrus-bugsnag) BuildRequires: golang(github.com/sirupsen/logrus) BuildRequires: golang(github.com/spf13/cobra) BuildRequires: golang(github.com/spf13/viper) BuildRequires: golang(github.com/stretchr/testify/require) BuildRequires: golang(golang.org/x/crypto/ed25519) BuildRequires: golang(golang.org/x/crypto/pbkdf2) BuildRequires: golang(golang.org/x/net/context) BuildRequires: golang(golang.org/x/sys/unix) BuildRequires: golang(golang.org/x/term) BuildRequires: golang(google.golang.org/grpc) BuildRequires: golang(google.golang.org/grpc/codes) BuildRequires: golang(google.golang.org/grpc/credentials) BuildRequires: golang(google.golang.org/grpc/health) BuildRequires: golang(google.golang.org/grpc/health/grpc_health_v1) BuildRequires: golang(gopkg.in/rethinkdb/rethinkdb-go.v6) %if %{with check} # Tests BuildRequires: golang(github.com/distribution/distribution/v3/registry/auth/silly) BuildRequires: golang(github.com/mattn/go-sqlite3) %endif %description %{common_description} %gopkg %prep %goprep %patch -P0 -p1 %patch -P1 -p1 sed -i 's|github.com/docker/distribution|github.com/distribution/distribution/v3|' $(find . -iname "*.go" -type f) mv tuf/LICENSE LICENSE-tuf mv tuf/README.md README-tuf.md %build for cmd in cmd/* ; do %gobuild -o %{gobuilddir}/bin/$(basename $cmd) %{goipath}/$cmd done %install %gopkginstall install -m 0755 -vd %{buildroot}%{_bindir} install -m 0755 -vp %{gobuilddir}/bin/* %{buildroot}%{_bindir}/ %if %{with check} %check # cmd/notary-signer: needs network %gocheck -d cmd/notary \ -d cmd/notary-signer \ -d utils \ -d signer/keydbstore \ -d trustmanager/remoteks \ -d trustpinning \ -d client %endif %files %license LICENSE LICENSE-tuf %doc docs CHANGELOG.md CODE_OF_CONDUCT.md CONTRIBUTING.md CONTRIBUTORS %doc MAINTAINERS_RULES.md README.md README-tuf.md %{_bindir}/* %gopkgfiles %changelog * Thu Jul 20 2023 Fedora Release Engineering - 0.7.0-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Thu Jan 19 2023 Fedora Release Engineering - 0.7.0-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Wed Aug 10 2022 Maxwell G - 0.7.0-9 - Rebuild to fix FTBFS * Thu Jul 21 2022 Fedora Release Engineering - 0.7.0-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Tue Jul 19 2022 Maxwell G - 0.7.0-7 - Rebuild for CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang * Thu Jun 23 2022 Maxwell G - 0.7.0-6 - Rebuild to mitigate CVE-2022-21698 (rhbz#2067400). * Sun Jun 19 2022 Robert-André Mauchin - 0.7.0-5 - Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629 * Sat Apr 16 2022 Fabio Alessandro Locati - 0.7.0-4 - Rebuilt for CVE-2022-27191 * Thu Mar 03 2022 Robert-André Mauchin - 0.7.0-3 - Fix FTBFS Close: rhbz#2045619 * Thu Jan 20 2022 Fedora Release Engineering - 0.7.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild * Wed Aug 04 2021 Robert-André Mauchin - 0.7.0-1 - Update to 0.7.0 Close: rhbz#1987545 * Thu Jul 22 2021 Fedora Release Engineering - 0.6.1-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Tue Jan 26 2021 Fedora Release Engineering - 0.6.1-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Fri Sep 18 00:22:19 CEST 2020 Robert-André Mauchin - 0.6.1-9.20200917git84287fd - Reenable cmd/notary-signer * Thu Sep 17 23:45:06 CEST 2020 Robert-André Mauchin - 0.6.1-8.20200917git84287fd - Bump to commit 84287fd8df4f172c9a8289641cdfa355fc86989d * Sun Aug 23 08:24:17 CEST 2020 Robert-André Mauchin - 0.6.1-7.20200803gitc312d82 - Disable package depending on github.com/dvsekhvalnov/jose2go until it is fixed * Mon Aug 03 15:47:32 CEST 2020 Robert-André Mauchin - 0.6.1-6.20200803gitc312d82 - Bump to commit c312d8211cfbaebf9825eadd0cd5eec568231cd9 * Mon Jul 27 2020 Fedora Release Engineering - 0.6.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Tue Feb 04 21:28:21 CET 2020 Robert-André Mauchin - 0.6.1-4.20200204gitf255ae7 - Bump to f255ae779066dc28ae4aee196061e58bb38a2b49 * Wed Jan 29 2020 Fedora Release Engineering - 0.6.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Thu Jul 25 2019 Fedora Release Engineering - 0.6.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Mon May 13 18:27:42 CEST 2019 Robert-André Mauchin - 0.6.1-1.20190630git8ff3ca0 - Initial package