Hello community, here is the log from the commit of package container-registry-systemd for openSUSE:Factory checked in at 2019-12-30 12:34:31 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/container-registry-systemd (Old) and /work/SRC/openSUSE:Factory/.container-registry-systemd.new.6675 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "container-registry-systemd" Mon Dec 30 12:34:31 2019 rev:5 rq:759895 version:0.0+git20191229.fbbe884 Changes: -------- --- /work/SRC/openSUSE:Factory/container-registry-systemd/container-registry-systemd.changes 2019-12-23 22:49:05.442104127 +0100 +++ /work/SRC/openSUSE:Factory/.container-registry-systemd.new.6675/container-registry-systemd.changes 2019-12-30 12:34:36.863797547 +0100 @@ -1,0 +2,6 @@ +Sun Dec 29 12:46:22 UTC 2019 - kukuk@suse.com + +- Update to version 0.0+git20191229.fbbe884: + * Add re-generation of certificates + +------------------------------------------------------------------- Old: ---- container-registry-systemd-0.0+git20191222.b00b515.tar.xz New: ---- container-registry-systemd-0.0+git20191229.fbbe884.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ container-registry-systemd.spec ++++++ --- /var/tmp/diff_new_pack.xSAolp/_old 2019-12-30 12:34:37.323797794 +0100 +++ /var/tmp/diff_new_pack.xSAolp/_new 2019-12-30 12:34:37.323797794 +0100 @@ -17,11 +17,11 @@ Name: container-registry-systemd -Version: 0.0+git20191222.b00b515 +Version: 0.0+git20191229.fbbe884 Release: 0 Summary: Systemd service files and config files for container-registry License: GPL-3.0-or-later -URL: https://github.com/thkukuk/container-registry-systemd +URL: https://github.com/kubic-project/container-registry-systemd Source: container-registry-systemd-%{version}.tar.xz Requires: certstrap Requires(post): %fillup_prereq ++++++ _service ++++++ --- /var/tmp/diff_new_pack.xSAolp/_old 2019-12-30 12:34:37.355797811 +0100 +++ /var/tmp/diff_new_pack.xSAolp/_new 2019-12-30 12:34:37.355797811 +0100 @@ -2,7 +2,7 @@ <service name="tar_scm" mode="disabled"> <param name="version">0.0</param> <param name="versionformat">0.0+git%cd.%h</param> - <param name="url">git://github.com/thkukuk/container-registry-systemd.git</param> + <param name="url">git://github.com/kubic-project/container-registry-systemd.git</param> <param name="scm">git</param> <param name="changesgenerate">enable</param> </service> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.xSAolp/_old 2019-12-30 12:34:37.367797817 +0100 +++ /var/tmp/diff_new_pack.xSAolp/_new 2019-12-30 12:34:37.367797817 +0100 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> - <param name="url">git://github.com/thkukuk/container-registry-systemd.git</param> - <param name="changesrevision">b00b5157429f328f3c21a7837d1c13b03767f99b</param> + <param name="url">git://github.com/kubic-project/container-registry-systemd.git</param> + <param name="changesrevision">fbbe884b36ac072012796e6ed4af3d4c0fdc0022</param> </service> </servicedata> \ No newline at end of file ++++++ container-registry-systemd-0.0+git20191222.b00b515.tar.xz -> container-registry-systemd-0.0+git20191229.fbbe884.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/container-registry-systemd-0.0+git20191222.b00b515/create-container-registry-certs.sh new/container-registry-systemd-0.0+git20191229.fbbe884/create-container-registry-certs.sh --- old/container-registry-systemd-0.0+git20191222.b00b515/create-container-registry-certs.sh 2019-12-22 10:01:45.000000000 +0100 +++ new/container-registry-systemd-0.0+git20191229.fbbe884/create-container-registry-certs.sh 2019-12-29 10:56:58.000000000 +0100 @@ -2,13 +2,20 @@ CERTDIR=/etc/registry/certs LANG=C USE_PORTUS= +FORCE=0 show_help() { - echo "create-container-registry-certs [--help|--portus|--docker_auth]" - echo "" - echo "Script to create self signed certificates for a container" - echo "registry and optional portus" - echo "" + echo "create-container-registry-certs [--help|--portus|--docker_auth][--force]" + echo "" + echo "Script to create self signed certificates for a container" + echo "registry and optional portus" + echo "" + echo "Options:" + echo " -f|--force Overwrite existing CA certificate" + echo " -a|--docker_auth Create additional a certificate for docker_auth" + echo " -p|--portus Create additional a certificate for Portus" + echo " -h|--help Print this help text" + echo "" } POSITIONAL=() @@ -25,10 +32,14 @@ USE_PORTUS=1 shift ;; - --docker_auth) + -a|--docker_auth) USE_DOCKER_AUTH=1 shift ;; + -f|--force) + FORCE=1 + shift + ;; *) # unknown option POSITIONAL+=("$1") # save it in an array for later shift # past argument @@ -37,14 +48,17 @@ done set -- "${POSITIONAL[@]}" # restore positional parameters -mkdir -p ${CERTDIR} -# Create CA certificate -certstrap --depot-path ${CERTDIR} init --common-name "ContainerRegistryCA" --passphrase "" +if [ ${FORCE} -eq 1 -o ! -f ${CERTDIR}/ContainerRegistryCA.crt ]; then + mkdir -p ${CERTDIR} + rm -f ${CERTDIR}/ContainerRegistryCA.* + # Create CA certificate + certstrap --depot-path ${CERTDIR} init --common-name "ContainerRegistryCA" --passphrase "" +fi if [ -n "$*" ]; then - HOSTNAMES="$@" + HOSTNAMES="$@" else - HOSTNAMES="`hostname -f; hostname` localhost" + HOSTNAMES="`hostname -f; hostname` localhost" fi IP_ADDRS=`getent ahosts ${HOSTNAMES} | awk '{print $1}' | sort -u` @@ -52,14 +66,17 @@ HOSTNAMES=`echo -n ${HOSTNAMES} | tr ' ' ','` if [ ! -z "${USE_PORTUS}" ]; then + rm -f ${CERTDIR}/portus.* certstrap --depot-path ${CERTDIR} request-cert -ip ${IP_ADDRS} -domain ${HOSTNAMES} --passphrase "" --common-name portus certstrap --depot-path ${CERTDIR} sign portus --CA "ContainerRegistryCA" fi if [ ! -z "${USE_DOCKER_AUTH}" ]; then + rm -f ${CERTDIR}/auth_server.* certstrap --depot-path ${CERTDIR} request-cert -ip ${IP_ADDRS} -domain ${HOSTNAMES} --passphrase "" --common-name auth_server certstrap --depot-path ${CERTDIR} sign auth_server --CA "ContainerRegistryCA" fi +rm -f ${CERTDIR}/registry.* certstrap --depot-path ${CERTDIR} request-cert -ip ${IP_ADDRS} -domain ${HOSTNAMES} --passphrase "" --common-name registry certstrap --depot-path ${CERTDIR} sign registry --CA "ContainerRegistryCA"