From 6dbc2e193f611e0d37f0ff07de2bbe50d2136e17 Mon Sep 17 00:00:00 2001
From: Christian Stewart <christian@aperture.us>
Date: Sun, 24 Jul 2022 16:25:36 -0700
Subject: [PATCH] package/podman: new package

podman is a CLI tool for spawning and running containers according to the OCI
specification.

https://github.com/containers/podman

Signed-off-by: Christian Stewart <christian@aperture.us>

---

v1 -> v2:

 - package/podman: bump version to v4.5.0
 - Add cmd/quadlet target as required by the install script.

v2 -> v3:

 - remove duplicate CNI_PLUGINS line in Config.in
 - drop old unnecessary build tags:
   - btrfs_noversion: not needed for btrfs >= 3.16.1
   - containers_image_openpgp: no longer supported
   - exclude_graphdriver_devicemapper: set later in the file
 - Added myself to DEVELOPERS list
 - Added conmon -> libglib2 depends statements
 - Dropped CATATONIT select statement
 - Added CGROUPFS_MOUNT dependency if not using systemd
 - Thanks to Joachim for the review.

v3 -> v4:

 - bump version to v4.5.1

Signed-off-by: Christian Stewart <christian@aperture.us>
---
 DEVELOPERS                            |  1 +
 package/Config.in                     |  1 +
 package/podman/Config.in              | 58 +++++++++++++++++++++
 package/podman/containers-policy.json | 14 +++++
 package/podman/podman.hash            |  3 ++
 package/podman/podman.mk              | 75 +++++++++++++++++++++++++++
 6 files changed, 152 insertions(+)
 create mode 100644 package/podman/Config.in
 create mode 100644 package/podman/containers-policy.json
 create mode 100644 package/podman/podman.hash
 create mode 100644 package/podman/podman.mk

diff --git a/DEVELOPERS b/DEVELOPERS
index 85318a9ed5d..bce648b6cdc 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -629,6 +629,7 @@ F:	package/moby-buildkit/
 F:	package/mosh/
 F:	package/nerdctl/
 F:	package/pkg-golang.mk
+F:	package/podman/
 F:	package/rtl8821au/
 F:	package/rtl8821cu/
 F:	package/runc/
diff --git a/package/Config.in b/package/Config.in
index a3fb79bdecd..9cfd32d5e13 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -2865,6 +2865,7 @@ menu "System tools"
 	source "package/openvmtools/Config.in"
 	source "package/pamtester/Config.in"
 	source "package/petitboot/Config.in"
+	source "package/podman/Config.in"
 	source "package/polkit/Config.in"
 	source "package/powerpc-utils/Config.in"
 	source "package/procps-ng/Config.in"
diff --git a/package/podman/Config.in b/package/podman/Config.in
new file mode 100644
index 00000000000..92f5d6ae3d2
--- /dev/null
+++ b/package/podman/Config.in
@@ -0,0 +1,58 @@
+config BR2_PACKAGE_PODMAN
+	bool "podman"
+	depends on !BR2_TOOLCHAIN_USES_UCLIBC # no fexecve
+	depends on BR2_PACKAGE_HOST_GO_TARGET_ARCH_SUPPORTS
+	depends on BR2_PACKAGE_HOST_GO_TARGET_CGO_LINKING_SUPPORTS
+	depends on BR2_TOOLCHAIN_HAS_THREADS # conmon -> libglib2
+	depends on BR2_USE_MMU # libgpgme, conmon -> libglib2
+	depends on BR2_USE_WCHAR # conmon -> libglib2
+	select BR2_PACKAGE_CGROUPFS_MOUNT if !BR2_PACKAGE_SYSTEMD # runtime
+	select BR2_PACKAGE_CNI_PLUGINS
+	select BR2_PACKAGE_CONMON
+	select BR2_PACKAGE_CRUN
+	select BR2_PACKAGE_IPTABLES
+	select BR2_PACKAGE_LIBGLIB2
+	select BR2_PACKAGE_LIBGPGME
+	help
+	  podman is a CLI tool for spawning and running containers
+	  according to the OCI specification.
+
+	  https://github.com/containers/podman
+
+if BR2_PACKAGE_PODMAN
+
+config BR2_PACKAGE_PODMAN_DRIVER_BTRFS
+	bool "btrfs filesystem driver"
+	depends on BR2_USE_MMU # btrfs-progs
+	depends on BR2_TOOLCHAIN_HAS_THREADS # btrfs-progs
+	select BR2_PACKAGE_BTRFS_PROGS
+	help
+	  Build the btrfs filesystem driver.
+
+config BR2_PACKAGE_PODMAN_DRIVER_DEVICEMAPPER
+	bool "devicemapper filesystem driver"
+	depends on BR2_TOOLCHAIN_HAS_THREADS # lvm2
+	depends on BR2_USE_MMU # lvm2
+	depends on !BR2_STATIC_LIBS # lvm2
+	select BR2_PACKAGE_LVM2
+	help
+	  Build the devicemapper filesystem driver.
+
+config BR2_PACKAGE_PODMAN_DRIVER_VFS
+	bool "vfs filesystem driver"
+	depends on BR2_USE_WCHAR # gvfs
+	depends on BR2_USE_MMU # gvfs
+	depends on BR2_TOOLCHAIN_HAS_THREADS # gvfs
+	depends on !BR2_STATIC_LIBS # gvfs
+	select BR2_PACKAGE_GVFS
+	help
+	  Build the vfs filesystem driver.
+
+endif
+
+comment "podman needs a glibc or musl toolchain w/ threads, wchar"
+	depends on BR2_PACKAGE_HOST_GO_TARGET_ARCH_SUPPORTS && \
+		BR2_PACKAGE_HOST_GO_TARGET_CGO_LINKING_SUPPORTS
+	depends on !BR2_USE_WCHAR || !BR2_TOOLCHAIN_HAS_THREADS || \
+		BR2_TOOLCHAIN_USES_UCLIBC
+	depends on BR2_USE_MMU
diff --git a/package/podman/containers-policy.json b/package/podman/containers-policy.json
new file mode 100644
index 00000000000..4480eb82b4d
--- /dev/null
+++ b/package/podman/containers-policy.json
@@ -0,0 +1,14 @@
+{
+  "default": [
+    {
+    "type": "insecureAcceptAnything"
+  }
+  ],
+  "transports":
+  {
+    "docker-daemon":
+    {
+      "": [{"type":"insecureAcceptAnything"}]
+    }
+  }
+}
diff --git a/package/podman/podman.hash b/package/podman/podman.hash
new file mode 100644
index 00000000000..5e046e6d57c
--- /dev/null
+++ b/package/podman/podman.hash
@@ -0,0 +1,3 @@
+# Locally computed
+sha256  ee2c8b02b7fe301057f0382637b995a9c6c74e8d530692d6918e4c509ade6e39  podman-4.5.1-go2.tar.gz
+sha256  62fb8a3a9621dc2388174caaabe9c2317b694bb9a1d46c98bcf5655b68f51be3  LICENSE
diff --git a/package/podman/podman.mk b/package/podman/podman.mk
new file mode 100644
index 00000000000..4c988aaa94f
--- /dev/null
+++ b/package/podman/podman.mk
@@ -0,0 +1,75 @@
+################################################################################
+#
+# podman
+#
+################################################################################
+
+PODMAN_VERSION = 4.5.1
+PODMAN_SITE = $(call github,containers,podman,v$(PODMAN_VERSION))
+PODMAN_LICENSE = Apache-2.0
+PODMAN_LICENSE_FILES = LICENSE
+
+PODMAN_CPE_ID_VENDOR = podman_project
+PODMAN_GOMOD = github.com/containers/podman/v4
+
+PODMAN_BUILD_TARGETS = cmd/podman cmd/rootlessport cmd/quadlet
+PODMAN_DEPENDENCIES += libglib2 libgpgme
+PODMAN_LDFLAGS = \
+	-X $(PODMAN_GOMOD)/libpod/define.gitCommit=$(PODMAN_VERSION)
+PODMAN_TAGS = exclude_graphdriver_zfs
+
+ifeq ($(BR2_INIT_SYSTEMD),y)
+PODMAN_TAGS += systemd
+endif
+
+ifeq ($(BR2_PACKAGE_LIBAPPARMOR),y)
+PODMAN_DEPENDENCIES += libapparmor
+PODMAN_TAGS += apparmor
+endif
+
+ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
+PODMAN_TAGS += seccomp
+PODMAN_DEPENDENCIES += libseccomp host-pkgconf
+endif
+
+ifeq ($(BR2_PACKAGE_LIBSELINUX),y)
+PODMAN_TAGS += selinux
+PODMAN_DEPENDENCIES += libselinux
+endif
+
+ifeq ($(BR2_PACKAGE_PODMAN_DRIVER_BTRFS),y)
+PODMAN_DEPENDENCIES += btrfs-progs
+else
+PODMAN_TAGS += exclude_graphdriver_btrfs
+endif
+
+ifeq ($(BR2_PACKAGE_PODMAN_DRIVER_DEVICEMAPPER),y)
+PODMAN_DEPENDENCIES += lvm2
+else
+PODMAN_TAGS += exclude_graphdriver_devicemapper
+endif
+
+ifeq ($(BR2_PACKAGE_PODMAN_DRIVER_VFS),y)
+PODMAN_DEPENDENCIES += gvfs
+else
+PODMAN_TAGS += exclude_graphdriver_vfs
+endif
+
+define PODMAN_INSTALL_TARGET_CMDS
+	$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) DESTDIR=$(TARGET_DIR) PREFIX=/usr \
+		install.bin
+	$(INSTALL) -d -m 700 $(TARGET_DIR)/etc/cni
+	$(INSTALL) -d -m 700 $(TARGET_DIR)/etc/cni/net.d
+	$(INSTALL) -D -m 644 $(@D)/cni/87-podman-bridge.conflist \
+		$(TARGET_DIR)/etc/cni/net.d/87-podman-bridge.conflist
+	$(INSTALL) -d -m 755 $(TARGET_DIR)/etc/containers
+	$(INSTALL) -D -m 644 $(PODMAN_PKGDIR)/containers-policy.json \
+		$(TARGET_DIR)/etc/containers/policy.json
+endef
+
+define PODMAN_INSTALL_INIT_SYSTEMD
+	$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) DESTDIR=$(TARGET_DIR) PREFIX=/usr \
+		install.systemd
+endef
+
+$(eval $(golang-package))