From a7b070da3f7c537bae5eeb3cf0d236dd8640fc1e Mon Sep 17 00:00:00 2001
From: CoprDistGit <infra@openeuler.org>
Date: Thu, 1 Aug 2024 13:50:14 +0000
Subject: automatic import of containers-common

---
 update.sh | 67 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100755 update.sh

(limited to 'update.sh')

diff --git a/update.sh b/update.sh
new file mode 100755
index 0000000..64409fe
--- /dev/null
+++ b/update.sh
@@ -0,0 +1,67 @@
+#!/bin/bash
+# This script delivers current documentation/configs and assures it has the intended
+# settings for a particular branch/release.
+# For questions reach to Jindrich Novy <jnovy@redhat.com>
+
+ensure() {
+  if grep ^$2[[:blank:]].*= $1 > /dev/null
+  then
+    sed -i "s;^$2[[:blank:]]=.*;$2 = $3;" $1
+  else
+    if grep ^\#.*$2[[:blank:]].*= $1 > /dev/null
+    then
+      sed -i "/^#.*$2[[:blank:]].*=/a \
+$2 = $3" $1
+    else
+      echo "$2 = $3" >> $1
+    fi
+  fi
+}
+
+#./pyxis.sh
+#./update-vendored.sh
+spectool -f -g containers-common.spec
+for FILE in *; do
+  [ -s "$FILE" ]
+  if [ $? == 1 ] && [ "$FILE" != "sources" ]; then
+    echo "empty file: $FILE"
+    exit 1
+  fi
+done
+ensure storage.conf    driver                        \"overlay\"
+ensure storage.conf    mountopt                      \"nodev,metacopy=on\"
+if pwd | grep rhel-8 > /dev/null
+then
+awk -i inplace '/#default_capabilities/,/#\]/{gsub("#","",$0)}1' containers.conf
+ensure registries.conf unqualified-search-registries [\"registry.access.redhat.com\",\ \"registry.redhat.io\",\ \"docker.io\"]
+ensure registries.conf short-name-mode               \"permissive\"
+ensure containers.conf runtime                       \"runc\"
+ensure containers.conf events_logger                 \"file\"
+ensure containers.conf log_driver                    \"k8s-file\"
+ensure containers.conf network_backend               \"cni\"
+if ! grep \"NET_RAW\" containers.conf > /dev/null
+then
+  sed -i '/^default_capabilities/a \
+  "NET_RAW",' containers.conf
+fi
+if ! grep \"SYS_CHROOT\" containers.conf > /dev/null
+then
+  sed -i '/^default_capabilities/a \
+  "SYS_CHROOT",' containers.conf
+fi
+else
+ensure registries.conf unqualified-search-registries [\"registry.access.redhat.com\",\ \"registry.redhat.io\",\ \"docker.io\"]
+ensure registries.conf short-name-mode               \"enforcing\"
+ensure containers.conf runtime                       \"crun\"
+fi
+[ `grep \"keyctl\", seccomp.json | wc -l` == 0 ] && sed -i '/\"kill\",/i \
+				"keyctl",' seccomp.json
+[ `grep \"socket\", seccomp.json | wc -l` == 0 ] && sed -i '/\"socketcall\",/i \
+				"socket",' seccomp.json
+rhpkg clone redhat-release
+cd redhat-release
+rhpkg switch-branch rhel-9.4.0
+rhpkg prep
+cp -f redhat-release-*/RPM-GPG* ../
+cd -
+rm -rf redhat-release
-- 
cgit v1.2.3