[dev] Enable nmi in Mariner (#1103)
* initial prototype for nmi * remove unnecessary files and clean-up spec * add manifest and license info * fix typo in manifest * fix comments * add commnets for building vendor source tarball * fix nit comments Co-authored-by: Henry Li <lihl@microsoft.com>
This commit is contained in:
parent
a4428ae3b2
commit
6a8c1c4451
File diff suppressed because one or more lines are too long
|
@ -164,6 +164,7 @@
|
|||
"ncompress",
|
||||
"nlohmann-json",
|
||||
"nmap",
|
||||
"nmi",
|
||||
"ntopng",
|
||||
"oath-toolkit",
|
||||
"omi",
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
diff --git a/Makefile b/Makefile
|
||||
index 418d975f..39f32b2a 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -106,7 +106,7 @@ build-demo: clean-demo
|
||||
PKG_NAME=github.com/Azure/$(PROJECT_NAME)/cmd/$(DEMO_BINARY_NAME) ${MAKE} bin/$(PROJECT_NAME)/$(DEMO_BINARY_NAME)
|
||||
|
||||
bin/%:
|
||||
- GOOS=$(GOOS) GOARCH=amd64 go build $(GO_BUILD_OPTIONS) -o "$(@)" "$(PKG_NAME)"
|
||||
+ GOOS=$(GOOS) GOARCH=amd64 go build -mod=vendor -v $(GO_BUILD_OPTIONS) -o "$(@)" "$(PKG_NAME)"
|
||||
|
||||
.PHONY: build-identity-validator
|
||||
build-identity-validator: clean-identity-validator
|
|
@ -0,0 +1,6 @@
|
|||
{
|
||||
"Signatures": {
|
||||
"nmi-1.7.0-vendor.tar.gz": "6addfc0548e96b65d3cb49f6f45ab4e9d42b854f4ba9eca524f257861b6b1374",
|
||||
"nmi-1.7.0.tar.gz": "87d1abdba7d314dc7aadd04af679b8f926b5ed572c70107e422767e0d7c077a9"
|
||||
}
|
||||
}
|
|
@ -0,0 +1,67 @@
|
|||
%global debug_package %{nil}
|
||||
Summary: Node Managed Identity
|
||||
Name: nmi
|
||||
Version: 1.7.0
|
||||
Release: 1%{?dist}
|
||||
License: MIT
|
||||
Vendor: Microsoft Corporation
|
||||
Distribution: Mariner
|
||||
Group: System Environment/Libraries
|
||||
URL: https://github.com/Azure/aad-pod-identity
|
||||
#Source0: https://github.com/Azure/aad-pod-identity/archive/refs/tags/v%{version}.tar.gz
|
||||
Source0: %{name}-%{version}.tar.gz
|
||||
# Below is a manually created tarball, no download link.
|
||||
# We're using pre-populated Go modules from this tarball, since network is disabled during build time.
|
||||
# How to re-build this file:
|
||||
# 1. wget https://github.com/Azure/aad-pod-identity/archive/refs/tags/v%%{version}.tar.gz -O aad-pod-identity-%%{version}.tar.gz
|
||||
# 2. tar -xf aad-pod-identity-%%{version}.tar.gz
|
||||
# 3. cd aad-pod-identity-%%{version}
|
||||
# 4. go mod vendor
|
||||
# 5. tar --sort=name \
|
||||
# --mtime="2021-04-26 00:00Z" \
|
||||
# --owner=0 --group=0 --numeric-owner \
|
||||
# --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime \
|
||||
# -cf %%{name}-%%{version}-vendor.tar.gz vendor
|
||||
#
|
||||
Source1: %{name}-%{version}-vendor.tar.gz
|
||||
Patch0: modify-go-build-option.patch
|
||||
BuildRequires: golang >= 1.15
|
||||
|
||||
%description
|
||||
NMI is the resource that is used when your pods look to use their identity.
|
||||
|
||||
%prep
|
||||
%autosetup -c -N -n %{name}-%{version}
|
||||
pushd aad-pod-identity-%{version}
|
||||
%patch0 -p1
|
||||
popd
|
||||
|
||||
%build
|
||||
pushd aad-pod-identity-%{version}
|
||||
|
||||
# create vendor folder from the vendor tarball and set vendor mode
|
||||
tar -xf %{SOURCE1} --no-same-owner
|
||||
|
||||
make build-nmi
|
||||
popd
|
||||
|
||||
%install
|
||||
mkdir -p %{buildroot}%{_bindir}
|
||||
pushd aad-pod-identity-%{version}
|
||||
cp ./bin/aad-pod-identity/nmi %{buildroot}%{_bindir}
|
||||
cp LICENSE ..
|
||||
popd
|
||||
|
||||
%check
|
||||
pushd aad-pod-identity-%{version}
|
||||
make unit-test
|
||||
popd
|
||||
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
%license LICENSE
|
||||
%{_bindir}/%{name}
|
||||
|
||||
%changelog
|
||||
* Thu Jun 24 2021 Henry Li <lihl@microsoft.com> - 1.7.0-1
|
||||
- Original version for CBL-Mariner
|
|
@ -3970,6 +3970,16 @@
|
|||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"component": {
|
||||
"type": "other",
|
||||
"other": {
|
||||
"name": "nmi",
|
||||
"version": "1.7.0",
|
||||
"downloadUrl": "https://github.com/Azure/aad-pod-identity/archive/refs/tags/v1.7.0.tar.gz"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"component": {
|
||||
"type": "other",
|
||||
|
|
Loading…
Reference in New Issue