ADD COPYING /dnsdist/
@EXEC sdist_dirs=(build-aux m4 pdns ext)
@EXEC for d in ${sdist_dirs[@]} ; do echo "COPY $d/ /dnsdist/$d/" ; done
+COPY .git/ /dnsdist/.git/
+COPY builder-support/ /dnsdist/builder-support/
+COPY docs/ /dnsdist/docs/
ADD builder-support/gen-version /dnsdist/pdns/dnsdistdist/builder-support/gen-version
-WORKDIR /dnsdist/pdns/dnsdistdist
+WORKDIR /dnsdist/
RUN mkdir /sdist
ARG BUILDER_VERSION
-RUN /dnsdist/builder/helpers/set-configure-ac-version.sh && \
+
+RUN cd /dnsdist/pdns/dnsdistdist && \
+ /dnsdist/builder/helpers/set-configure-ac-version.sh && \
meson setup build && \
meson dist -C build
+WORKDIR /dnsdist/pdns/dnsdistdist
RUN cp build/meson-dist/dnsdist-${BUILDER_VERSION}.tar.xz /sdist/
FROM dist-base as package-builder
-RUN yum upgrade -y && \
- yum install --allowerasing -y rpm-build rpmdevtools python3 curl jq "@Development Tools"
+RUN if $(grep -q 'release 8' /etc/redhat-release); then \
+ yum upgrade -y && \
+ yum install --allowerasing -y rpm-build rpmdevtools python3.11 curl jq "@Development Tools" ninja-build hostname python3.11-pip python3.11-yaml ; \
+ else \
+ yum upgrade -y && \
+ yum install --allowerasing -y rpm-build rpmdevtools python3 curl jq "@Development Tools" ninja-build hostname python3-pip python3-yaml ; \
+ fi
RUN mkdir /dist /pdns
WORKDIR /pdns
@ENDIF
# Generate provenance
+RUN yum install --allowerasing -y python3
@EVAL RUN python builder/helpers/generate-dnf-provenance.py /dist/packages-${BUILDER_TARGET}.json || python3 builder/helpers/generate-dnf-provenance.py /dist/packages-${BUILDER_TARGET}.json
# mv across layers with overlay2 is buggy in some kernel versions (results in empty dirs)
tar xf "${MESON_TARBALL}"
cd "meson-${MESON_VERSION}"
-python3 setup.py build
-python3 setup.py install
+install -Dpm0644 -t /usr/lib/rpm/macros.d/ data/macros.meson
+
+python3 -m pip install .
+ln -s /usr/local/bin/meson /usr/bin/meson
+PYVERS=$(python3 --version | sed 's/Python //' | cut -d. -f1,2)
+ln -s "/usr/local/lib/python${PYVERS}/site-packages/mesonbuild" /usr/lib/python${PYVERS}/site-packages/mesonbuild
cd ..
rm -rf "${MESON_TARBALL}" "meson-${MESON_VERSION}"
# with a find condition for pdns to exclude accidentally matching pdns-recursor*.
for prog in pdns-recursor dnsdist; do
if [ $(find ${SRCDIR}/dist -name "${prog}*" 2>/dev/null | wc -l) -ne 0 ]; then
+ extension="tar.bz2"
+ if [ "$prog" = "dnsdist" ]; then
+ extension="tar.xz"
+ fi
dst=${DESTDIR}/${prog}/${BUILDER_VERSION}
mkdir -p ${dst}
- cp ${BUILDER_TMP}/${BUILDER_VERSION}/sdist/${prog}*.tar.bz2 ${dst}
+ cp ${BUILDER_TMP}/${BUILDER_VERSION}/sdist/${prog}*.${extension} ${dst}
tardirname=${prog}-${BUILDER_VERSION}-${BUILDER_TARGET}
"$tar" -cjf ${dst}/${tardirname}.tar.bz2 --transform="s,.*/,${tardirname}/,g" $(find ${SRCDIR} -type f)
fi
License: GPLv2
Vendor: PowerDNS.COM BV
Group: System/DNS
-Source: %{name}-%{getenv:BUILDER_VERSION}.tar.bz2
+Source: %{name}-%{getenv:BUILDER_VERSION}.tar.xz
+BuildRequires: ninja-build
+BuildRequires: hostname
BuildRequires: readline-devel
BuildRequires: libedit-devel
BuildRequires: openssl-devel
%prep
%autosetup -p1 -n %{name}-%{getenv:BUILDER_VERSION}
+%if 0%{?rhel} >= 9
+%global toolchain clang
+%else
+# we need to disable the hardened flags because they are GCC-only
+%undefine _hardened_build
+%endif
+
%build
# We need to build with LLVM/clang to be able to use LTO, since we are linking against a static Rust library built with LLVM
export CC=clang
# build-id SHA1 prevents an issue with the debug symbols ("export: `-Wl,--build-id=sha1': not a valid identifier")
# and the --no-as-needed -ldl an issue with the dlsym not being found ("ld.lld: error: undefined symbol: dlsym eferenced by weak.rs:142 (library/std/src/sys/pal/unix/weak.rs:142) [...] in archive ./dnsdist-rust-lib/rust/libdnsdist_rust.a)
export LDFLAGS="-fuse-ld=lld -Wl,--build-id=sha1 -Wl,--no-as-needed -ldl"
+%if 0%{?rhel} < 9
+export CFLAGS="-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -gdwarf-4"
+export CXXFLAGS="-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -gdwarf-4"
+%endif
-export AR=gcc-ar
-export RANLIB=gcc-ranlib
+#export AR=gcc-ar
+#export RANLIB=gcc-ranlib
+export PKG_CONFIG_PATH=/usr/lib/pkgconfig:/opt/lib64/pkgconfig
%meson \
- -Dsysconfdir=/etc/dnsdist
+ --sysconfdir=/etc/dnsdist \
-Dunit-tests=true \
-Db_lto=true \
-Db_lto_mode=thin \
-Db_pie=true \
- -Ddebug=true \
- -Doptimization=3 \
-Ddns-over-tls=true \
%if 0%{?suse_version}
-Ddnscrypt=disabled \
- -Dsnmp=false
+ -Dsnmp=false \
+%else
+ -Ddnscrypt=enabled \
+ -Dsnmp=true \
%endif
-Ddnstap=enabled \
-Ddns-over-https=true \
-Dlibcap=enabled \
-Dlua=luajit \
-Dre2=enabled \
- -Ddnscrypt=enabled \
- -Dsnmp=true \
-Ddns-over-quic=true \
-Ddns-over-http3=true \
- -Dyaml=enabled \
- PKG_CONFIG_PATH=/usr/lib/pkgconfig:/opt/lib64/pkgconfig
+ -Dyaml=enabled
%meson_build
%check
projects / thirdparty / pdns.git / commitdiff
