From feee710497192de4e830170ca452c9fad77e3952 Mon Sep 17 00:00:00 2001 From: Vadim Yalovets Date: Tue, 10 Dec 2024 19:48:33 +0200 Subject: [PATCH] PKG-308 Release Tasks for PXB-8.4.0-2 --- .../innobase/xtrabackup/utils/build-binary.sh | 39 ++++++++--- .../xtrabackup/utils/debian/changelog | 2 +- .../innobase/xtrabackup/utils/debian/control | 16 ++++- .../innobase/xtrabackup/utils/debian/rules | 5 +- .../utils/percona-xtrabackup-8.0_builder.sh | 64 +++++++++++++++++-- .../xtrabackup/utils/percona-xtrabackup.spec | 13 +++- 6 files changed, 116 insertions(+), 23 deletions(-) diff --git a/storage/innobase/xtrabackup/utils/build-binary.sh b/storage/innobase/xtrabackup/utils/build-binary.sh index 9f3b44815bd..596a0eeae6b 100755 --- a/storage/innobase/xtrabackup/utils/build-binary.sh +++ b/storage/innobase/xtrabackup/utils/build-binary.sh @@ -12,6 +12,9 @@ # Bail out on errors, be strict set -ue +# Enable Pro build +FIPSMODE=0 + # Examine parameters TARGET="$(uname -m)" TARGET_CFLAGS='' @@ -99,13 +102,21 @@ if [ -f /etc/redhat-release ]; then fi # Create a temporary working directory -PRODUCT_FULL="percona-xtrabackup-$XTRABACKUP_VERSION-$(uname -s)-$(uname -m)$GLIBC_VER" +if [[ "x${FIPSMODE}" == "x1" ]]; then + PRODUCT_FULL="percona-xtrabackup-pro-$XTRABACKUP_VERSION-$(uname -s)-$(uname -m)$GLIBC_VER" +else + PRODUCT_FULL="percona-xtrabackup-$XTRABACKUP_VERSION-$(uname -s)-$(uname -m)$GLIBC_VER" +fi BASEINSTALLDIR="$(cd "$WORKDIR" && TMPDIR="$WORKDIR_ABS" mktemp -d xtrabackup-build.XXXXXX)" INSTALLDIR="$WORKDIR_ABS/$BASEINSTALLDIR/$PRODUCT_FULL" # Make it absolute mkdir "$INSTALLDIR" # Build + BUILD_PARAMETER="" + if [[ "x${FIPSMODE}" == "x1" ]]; then + BUILD_PARAMETER="-DCMAKE_CXX_FLAGS=-DPROBUILD -DCMAKE_C_FLAGS=-DPROBUILD" + fi ( cd "$WORKDIR" @@ -118,7 +129,7 @@ mkdir "$INSTALLDIR" $CMAKE_BIN -DBUILD_CONFIG=xtrabackup_release -DCMAKE_INSTALL_PREFIX="$INSTALLDIR" \ -DINSTALL_MYSQLTESTDIR=percona-xtrabackup-${XB_VERSION_MAJOR}.${XB_VERSION_MINOR}-test -DINSTALL_MANDIR=${INSTALLDIR}/man \ -DDOWNLOAD_BOOST=1 -DWITH_BOOST=${WORKDIR_ABS}/libboost \ - -DMINIMAL_RELWITHDEBINFO=OFF \ + -DMINIMAL_RELWITHDEBINFO=OFF ${BUILD_PARAMETER}\ -DMYSQL_UNIX_ADDR=/var/run/mysqld/mysqld.sock -DFORCE_INSOURCE_BUILD=1 -DWITH_ZLIB=bundled -DWITH_ZSTD=bundled . make $MAKE_JFLAG make install @@ -244,13 +255,23 @@ mkdir "$INSTALLDIR" link cd "$WORKDIR" - $TAR czf "percona-xtrabackup-$XTRABACKUP_VERSION-$(uname -s)-$(uname -m)$GLIBC_VER.tar.gz" \ - --owner=0 --group=0 -C "$INSTALLDIR/../" \ - "percona-xtrabackup-$XTRABACKUP_VERSION-$(uname -s)-$(uname -m)$GLIBC_VER" - - $TAR czf "percona-xtrabackup-$XTRABACKUP_VERSION-$(uname -s)-$(uname -m)$GLIBC_VER-minimal.tar.gz" \ - --owner=0 --group=0 -C "$INSTALLDIR/../minimal/" \ - "percona-xtrabackup-$XTRABACKUP_VERSION-$(uname -s)-$(uname -m)$GLIBC_VER-minimal" + if [[ "x${FIPSMODE}" == "x1" ]]; then + $TAR czf "percona-xtrabackup-pro-$XTRABACKUP_VERSION-$(uname -s)-$(uname -m)$GLIBC_VER.tar.gz" \ + --owner=0 --group=0 -C "$INSTALLDIR/../" \ + "percona-xtrabackup-$XTRABACKUP_VERSION-$(uname -s)-$(uname -m)$GLIBC_VER" + + $TAR czf "percona-xtrabackup-pro-$XTRABACKUP_VERSION-$(uname -s)-$(uname -m)$GLIBC_VER-minimal.tar.gz" \ + --owner=0 --group=0 -C "$INSTALLDIR/../minimal/" \ + "percona-xtrabackup-$XTRABACKUP_VERSION-$(uname -s)-$(uname -m)$GLIBC_VER-minimal" + else + $TAR czf "percona-xtrabackup-$XTRABACKUP_VERSION-$(uname -s)-$(uname -m)$GLIBC_VER.tar.gz" \ + --owner=0 --group=0 -C "$INSTALLDIR/../" \ + "percona-xtrabackup-$XTRABACKUP_VERSION-$(uname -s)-$(uname -m)$GLIBC_VER" + + $TAR czf "percona-xtrabackup-$XTRABACKUP_VERSION-$(uname -s)-$(uname -m)$GLIBC_VER-minimal.tar.gz" \ + --owner=0 --group=0 -C "$INSTALLDIR/../minimal/" \ + "percona-xtrabackup-$XTRABACKUP_VERSION-$(uname -s)-$(uname -m)$GLIBC_VER-minimal" + fi fi # Clean up build dir diff --git a/storage/innobase/xtrabackup/utils/debian/changelog b/storage/innobase/xtrabackup/utils/debian/changelog index 557e1461e72..f5f6c3716a8 100644 --- a/storage/innobase/xtrabackup/utils/debian/changelog +++ b/storage/innobase/xtrabackup/utils/debian/changelog @@ -13,7 +13,7 @@ percona-xtrabackup-82 (8.2) unstable; urgency=low * Packaging changes for version 8.2 - -- Vadim Yalovets Fri, 11 Dec 202r3 09:01:20 +0300 + -- Vadim Yalovets Fri, 11 Dec 2023 09:01:20 +0300 percona-xtrabackup-81 (8.1) unstable; urgency=low diff --git a/storage/innobase/xtrabackup/utils/debian/control b/storage/innobase/xtrabackup/utils/debian/control index 139212d967b..27effb0258d 100644 --- a/storage/innobase/xtrabackup/utils/debian/control +++ b/storage/innobase/xtrabackup/utils/debian/control @@ -27,9 +27,17 @@ Homepage: http://www.percona.com/software/percona-xtrabackup Package: percona-xtrabackup-84 Architecture: any -Depends: libdbd-mysql-perl, libcurl4-openssl-dev, rsync, zstd, ${misc:Depends}, ${shlibs:Depends} +Depends: libdbd-mysql-perl, libcurl4-openssl-dev, rsync, zstd, lz4, ${misc:Depends}, ${shlibs:Depends} Provides: xtrabackup -Conflicts: percona-xtrabackup-21, percona-xtrabackup-22, percona-xtrabackup, percona-xtrabackup-24, percona-xtrabackup-80, percona-xtrabackup-81, percona-xtrabackup-82, percona-xtrabackup-83 +Conflicts: percona-xtrabackup-21, + percona-xtrabackup-22, + percona-xtrabackup, + percona-xtrabackup-24, + percona-xtrabackup-80, + percona-xtrabackup-81, + percona-xtrabackup-82, + percona-xtrabackup-83, + percona-xtrabackup-pro-84 Breaks: xtrabackup (<< 2.0.0~) Replaces: xtrabackup (<< 2.0.0~) Enhances: mysql-server @@ -43,13 +51,15 @@ Package: percona-xtrabackup-dbg-84 Section: debug Architecture: any Depends: percona-xtrabackup-84 (= ${binary:Version}), ${misc:Depends} +Conflicts: percona-xtrabackup-pro-dbg-84 Description: Debug symbols for Percona XtraBackup Debug symbols for the binaries in percona-xtrabackup. Install this package if you need to run any of those with gdb. Package: percona-xtrabackup-test-84 Architecture: any -Depends: mysql-client, percona-xtrabackup-84, ${misc:Depends} +Depends: percona-xtrabackup-84, mysql-client, ${misc:Depends} +Conflicts: percona-xtrabackup-test-pro-84 Description: Test suite for Percona XtraBackup Test suite for Percona XtraBackup. Install this package if you intend to run XtraBackup's test suite. diff --git a/storage/innobase/xtrabackup/utils/debian/rules b/storage/innobase/xtrabackup/utils/debian/rules index 9697b7f3cbd..0cdb8f339d7 100755 --- a/storage/innobase/xtrabackup/utils/debian/rules +++ b/storage/innobase/xtrabackup/utils/debian/rules @@ -3,6 +3,7 @@ #export DH_VERBOSE=1 +export FIPSFLAGS= NCPU=$(shell grep -c processor /proc/cpuinfo) # These are used for cross-compiling and for saving the configure script @@ -28,14 +29,14 @@ ifeq "$(DEB_DUMMY)" "" -DWITH_SSL=system -DINSTALL_MYSQLTESTDIR=/usr/share/percona-xtrabackup-test-84 \ -DINSTALL_MANDIR=/usr/share/man -DWITH_MAN_PAGES=1 -DMINIMAL_RELWITHDEBINFO=OFF \ -DDOWNLOAD_BOOST=1 -DWITH_BOOST=libboost -DMYSQL_UNIX_ADDR=/var/run/mysqld/mysqld.sock \ - -DINSTALL_PLUGINDIR=lib/xtrabackup/plugin -DFORCE_INSOURCE_BUILD=1 -DWITH_ZLIB=bundled -DWITH_ZSTD=bundled -DWITH_PROTOBUF=bundled && \ + -DINSTALL_PLUGINDIR=lib/xtrabackup/plugin -DFORCE_INSOURCE_BUILD=1 -DWITH_ZLIB=bundled -DWITH_ZSTD=bundled -DWITH_PROTOBUF=bundled $(FIPSFLAGS) && \ cd .. ( test -d $(builddir) || mkdir $(builddir) ) && cd $(builddir) && \ cmake .. -DBUILD_CONFIG=xtrabackup_release -DCMAKE_INSTALL_PREFIX=/usr \ -DWITH_SSL=system -DINSTALL_MYSQLTESTDIR=/usr/share/percona-xtrabackup-test-84 \ -DINSTALL_MANDIR=/usr/share/man -DWITH_MAN_PAGES=1 -DMINIMAL_RELWITHDEBINFO=OFF \ -DDOWNLOAD_BOOST=1 -DWITH_BOOST=libboost -DMYSQL_UNIX_ADDR=/var/run/mysqld/mysqld.sock \ - -DINSTALL_PLUGINDIR=lib/xtrabackup/plugin -DFORCE_INSOURCE_BUILD=1 -DWITH_ZLIB=bundled -DWITH_ZSTD=bundled -DWITH_PROTOBUF=bundled + -DINSTALL_PLUGINDIR=lib/xtrabackup/plugin -DFORCE_INSOURCE_BUILD=1 -DWITH_ZLIB=bundled -DWITH_ZSTD=bundled -DWITH_PROTOBUF=bundled $(FIPSFLAGS) else # Dummy binaries that avoid compilation echo 'main() { return 300; }' | gcc -x c - -o xtrabackup diff --git a/storage/innobase/xtrabackup/utils/percona-xtrabackup-8.0_builder.sh b/storage/innobase/xtrabackup/utils/percona-xtrabackup-8.0_builder.sh index de736415bd6..9a0056d4de0 100644 --- a/storage/innobase/xtrabackup/utils/percona-xtrabackup-8.0_builder.sh +++ b/storage/innobase/xtrabackup/utils/percona-xtrabackup-8.0_builder.sh @@ -18,6 +18,7 @@ Usage: $0 [OPTIONS] --install_deps Install build dependencies(root previlages are required) --branch Branch for build --repo Repo for build + --enable_fipsmode Build gated PXB --rpm_release RPM version( default = 1) --deb_release DEB version( default = 1) --help) usage ;; @@ -57,6 +58,7 @@ parse_arguments() { --install_deps=*) INSTALL="$val" ;; --branch=*) BRANCH="$val" ;; --repo=*) REPO="$val" ;; + --enable_fipsmode=*) FIPSMODE="$val" ;; --rpm_release=*) RPM_RELEASE="$val" ;; --deb_release=*) DEB_RELEASE="$val" ;; --help) usage ;; @@ -252,7 +254,7 @@ install_deps() { yum-config-manager --enable ol9_codeready_builder yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm else - add_percona_yum_repo + # add_percona_yum_repo percona-release enable tools testing fi else @@ -464,13 +466,26 @@ build_srpm(){ sed -i "/^%changelog/a - Release ${VERSION}-${RELEASE}" percona-xtrabackup.spec sed -i "/^%changelog/a * $(date "+%a") $(date "+%b") $(date "+%d") $(date "+%Y") Percona Development Team - ${VERSION}-${RELEASE}" percona-xtrabackup.spec # + if [[ "x${FIPSMODE}" == "x1" ]]; then + sed -i -e "s:Name\: percona-xtrabackup-%:Name\: percona-xtrabackup-pro-%:g" \ + -e "s:Requires\: percona-xtrabackup-%:Requires\: percona-xtrabackup-pro-%:g" \ + -e "s:percona-xtrabackup-test-%:percona-xtrabackup-test-pro-%:g" \ + -e "s:Conflicts\: percona-xtrabackup-pro-%:Conflicts\: percona-xtrabackup-%:g" \ + -e "s:Conflicts\: percona-xtrabackup-test-pro-%:Conflicts\: percona-xtrabackup-test-%:g" \ + percona-xtrabackup.spec + fi + # cd $WORKDIR # mv -fv $TARFILE $WORKDIR/rpmbuild/SOURCES # enable_venv - rpmbuild -bs --define "_topdir $WORKDIR/rpmbuild" --define "dist .generic" rpmbuild/SPECS/percona-xtrabackup.spec + if [[ "x${FIPSMODE}" == "x1" ]]; then + rpmbuild -bs --define "_topdir $WORKDIR/rpmbuild" --define "dist .generic" --define "enable_fipsmode 1" rpmbuild/SPECS/percona-xtrabackup.spec + else + rpmbuild -bs --define "_topdir $WORKDIR/rpmbuild" --define "dist .generic" rpmbuild/SPECS/percona-xtrabackup.spec + fi mkdir -p ${WORKDIR}/srpm mkdir -p ${CURDIR}/srpm @@ -520,8 +535,11 @@ build_rpm(){ SRCRPM=$(basename $(find . -name '*.src.rpm' | sort | tail -n1)) enable_venv - - rpmbuild --define "_topdir ${WORKDIR}/rpmbuild" --define "dist .el${RHEL}" --rebuild rpmbuild/SRPMS/${SRCRPM} + if [[ "x${FIPSMODE}" == "x1" ]]; then + rpmbuild --define "_topdir ${WORKDIR}/rpmbuild" --define "dist .el${RHEL}" --define "enable_fipsmode 1" --rebuild rpmbuild/SRPMS/${SRCRPM} + else + rpmbuild --define "_topdir ${WORKDIR}/rpmbuild" --define "dist .el${RHEL}" --rebuild rpmbuild/SRPMS/${SRCRPM} + fi return_code=$? if [ $return_code != 0 ]; then exit $return_code @@ -554,12 +572,36 @@ build_source_deb(){ echo "DEB_RELEASE=${DEB_RELEASE}" >> ${CURDIR}/percona-xtrabackup-8.0.properties - NEWTAR=${NAME}-84_${VERSION}.orig.tar.gz + if [[ "x${FIPSMODE}" == "x1" ]]; then + NEWTAR=${NAME}-pro-84_${VERSION}.orig.tar.gz + else + NEWTAR=${NAME}-84_${VERSION}.orig.tar.gz + fi mv ${TARFILE} ${NEWTAR} tar xzf ${NEWTAR} cd percona-xtrabackup-$VERSION cp -av storage/innobase/xtrabackup/utils/debian . + if [ x"${FIPSMODE}" == x1 ]; then + sed -i "s:FIPSFLAGS=:FIPSFLAGS=-DPROBUILD=1:g" debian/rules + sed -i "s:percona-xtrabackup-dbg-:percona-xtrabackup-pro-dbg-:g" debian/rules + sed -i "s:percona-xtrabackup-test-:percona-xtrabackup-test-pro-:g" debian/rules + sed -i "s:percona-xtrabackup-:percona-xtrabackup-pro-:g" debian/changelog + sed -i "s:Source\: percona-xtrabackup:Source\: percona-xtrabackup-pro:g" debian/control + sed -i "s:Package\: percona-xtrabackup-84:Package\: percona-xtrabackup-pro-84:g" debian/control + sed -i "s: percona-xtrabackup-pro: percona-xtrabackup:g" debian/control + sed -i "s:Package\: percona-xtrabackup-dbg:Package\: percona-xtrabackup-pro-dbg:g" debian/control + sed -i "s:Depends\: percona-xtrabackup:Depends\: percona-xtrabackup-pro:g" debian/control + sed -i "s:Conflicts\: percona-xtrabackup-pro-dbg:Conflicts\: percona-xtrabackup-dbg:g" debian/control + sed -i "s:Package\: percona-xtrabackup-test:Package\: percona-xtrabackup-test-pro:g" debian/control + sed -i "s:Conflicts\: percona-xtrabackup-test-pro:Conflicts\: percona-xtrabackup-test:g" debian/control + cp debian/percona-xtrabackup-84.docs debian/percona-xtrabackup-pro-84.docs + cp debian/percona-xtrabackup-84.install debian/percona-xtrabackup-pro-84.install + cp debian/percona-xtrabackup-84.lintian-overrides debian/percona-xtrabackup-pro-84.lintian-overrides + cp debian/percona-xtrabackup-test-84.install debian/percona-xtrabackup-test-pro-84.install + cp debian/percona-xtrabackup-test-84.lintian-overrides debian/percona-xtrabackup-test-pro-84.lintian-overrides + sed -i "s:percona-xtrabackup-test:percona-xtrabackup-test-pro:g" debian/percona-xtrabackup-test-pro-84.install + fi dch -D unstable --force-distribution -v "${VERSION}-${DEB_RELEASE}" "Update to new upstream release Percona XtraBackup ${VERSION}" dpkg-buildpackage -S @@ -598,8 +640,13 @@ build_deb(){ DSC=$(basename $(find . -name '*.dsc' | sort | tail -n 1)) - DIRNAME=$(echo $DSC | sed -e 's:_:-:g' | awk -F'-' '{print $1"-"$2"-"$3"-"$4"-"$5}') - VERSION=$(echo $DSC | sed -e 's:_:-:g' | awk -F'-' '{print $4"-"$5}') + if [[ "x${FIPSMODE}" == "x1" ]]; then + DIRNAME=$(echo $DSC | sed -e 's:_:-:g' | awk -F'-' '{print $1"-"$2"-"$3"-"$4"-"$5"-"$6}') + VERSION=$(echo $DSC | sed -e 's:_:-:g' | awk -F'-' '{print $5"-"$6}') + else + DIRNAME=$(echo $DSC | sed -e 's:_:-:g' | awk -F'-' '{print $1"-"$2"-"$3"-"$4"-"$5}') + VERSION=$(echo $DSC | sed -e 's:_:-:g' | awk -F'-' '{print $4"-"$5}') + fi # echo "DEB_RELEASE=${DEB_RELEASE}" >> ${CURDIR}/percona-xtrabackup-8.0.properties echo "DEBIAN_VERSION=${OS_NAME}" >> ${CURDIR}/percona-xtrabackup-8.0.properties @@ -640,6 +687,9 @@ build_tarball(){ tar xzf ${TARFILE} cd ${TARFILE%.tar.gz} # + if [[ "x${FIPSMODE}" == "x1" ]]; then + sed -i "s/FIPSMODE=0/FIPSMODE=1/g" ./storage/innobase/xtrabackup/utils/build-binary.sh + fi bash -x ./storage/innobase/xtrabackup/utils/build-binary.sh ${WORKDIR}/TARGET mkdir -p ${WORKDIR}/tarball diff --git a/storage/innobase/xtrabackup/utils/percona-xtrabackup.spec b/storage/innobase/xtrabackup/utils/percona-xtrabackup.spec index b06ca36ba31..6db5331ae54 100644 --- a/storage/innobase/xtrabackup/utils/percona-xtrabackup.spec +++ b/storage/innobase/xtrabackup/utils/percona-xtrabackup.spec @@ -11,6 +11,9 @@ %endif %global mysqldatadir /var/lib/mysql +# By default a build will be done in normal mode +%{?enable_fipsmode: %global enable_fipsmode 1} + %if 0%{?rhel} == 7 %global __python %{__python3} %endif @@ -33,8 +36,9 @@ Source: percona-xtrabackup-%{version}%{xb_version_extra}.tar.gz BuildRequires: %{cmake_bin}, libaio-devel, libgcrypt-devel, ncurses-devel, readline-devel, zlib-devel, libev-devel openssl-devel BuildRequires: libcurl-devel Conflicts: percona-xtrabackup-21, percona-xtrabackup-22, percona-xtrabackup, percona-xtrabackup-24, percona-xtrabackup-80, percona-xtrabackup-81, percona-xtrabackup-82 +Conflicts: percona-xtrabackup-pro-%{xb_version_major}%{xb_version_minor} Requires: perl(DBD::mysql), rsync, zstd -Requires: perl(Digest::MD5) +Requires: perl(Digest::MD5), lz4 BuildRoot: %{_tmppath}/%{name}-%{version}%{xb_version_extra}-root @@ -44,6 +48,7 @@ Percona XtraBackup is OpenSource online (non-blockable) backup solution for Inno %package -n percona-xtrabackup-test-%{xb_version_major}%{xb_version_minor} Summary: Test suite for Percona XtraBackup Group: Applications/Databases +Conflicts: percona-xtrabackup-test-pro-%{xb_version_major}%{xb_version_minor} Requires: percona-xtrabackup-%{xb_version_major}%{xb_version_minor} = %{version}-%{release} Requires: /usr/bin/mysql AutoReqProv: no @@ -84,6 +89,9 @@ mkdir debug -DWITH_SSL=system -DINSTALL_MANDIR=%{_mandir} -DWITH_MAN_PAGES=1 \ -DINSTALL_MYSQLTESTDIR=%{_datadir}/percona-xtrabackup-test-%{xb_version_major}%{xb_version_minor} \ -DDOWNLOAD_BOOST=1 -DWITH_BOOST=libboost -DMINIMAL_RELWITHDEBINFO=OFF -DMYSQL_UNIX_ADDR="%{mysqldatadir}/mysql.sock" \ +%if 0%{?enable_fipsmode} + -DPROBUILD=1 \ +%endif -DINSTALL_PLUGINDIR="%{_lib}/xtrabackup/plugin" -DFORCE_INSOURCE_BUILD=1 -DWITH_ZLIB=bundled -DWITH_ZSTD=bundled -DWITH_PROTOBUF=bundled make %{?_smp_mflags} cd .. @@ -94,6 +102,9 @@ mkdir debug -DWITH_SSL=system -DINSTALL_MANDIR=%{_mandir} -DWITH_MAN_PAGES=1 \ -DINSTALL_MYSQLTESTDIR=%{_datadir}/percona-xtrabackup-test-%{xb_version_major}%{xb_version_minor} \ -DDOWNLOAD_BOOST=1 -DWITH_BOOST=libboost -DMINIMAL_RELWITHDEBINFO=OFF -DMYSQL_UNIX_ADDR="%{mysqldatadir}/mysql.sock" \ +%if 0%{?enable_fipsmode} + -DPROBUILD=1 \ +%endif -DINSTALL_PLUGINDIR="%{_lib}/xtrabackup/plugin" -DFORCE_INSOURCE_BUILD=1 -DWITH_ZLIB=bundled -DWITH_ZSTD=bundled -DWITH_PROTOBUF=bundled # make %{?_smp_mflags}