# Disable debuginfo/debugsource generation. The vendored pydantic_core ships # prebuilt .so files that lack debug sources, causing empty debugsourcefiles.list. %global debug_package %{nil} %define python_package_src goose_proxy # Set selinux_ver depending on RHEL version %define selinux_ver 38.1.65 %if 0%{?rhel} && 0%{?rhel} > 10 %define selinux_ver 42.1.7 %endif %define selinuxtype targeted %define modulename goose_proxy Name: goose-proxy Version: 0.1.0 Release: 1.20260423161814197546.main%{?dist} Summary: A proxy API for RHEL command line assistant License: Apache-2.0 AND GPL-3.0-or-later URL: https://github.com/rhel-lightspeed/goose-proxy Source: %{url}/archive/v%{version}/goose-proxy-%{version}.tar.gz # Vendored dependency wheels generated by pip download from requirements.txt. # Contains wheels for all target Python versions (cp39, cp312) and x86_64. # Shipped as a GitHub release artifact for tagged releases; generated by packit # post-upstream-clone action for PR/main builds. Source1: vendor-wheels.tar.gz # Note: not BuildArch: noarch because pydantic_core contains compiled .so files # Build dependencies BuildRequires: python3-devel BuildRequires: python3-pip BuildRequires: python3-setuptools BuildRequires: python3-wheel BuildRequires: pyproject-rpm-macros BuildRequires: systemd-rpm-macros # Not needed after RHEL 10 as it is native in Python 3.11+ %if 0%{?rhel} && 0%{?rhel} < 10 BuildRequires: python3-tomli Requires: python3-tomli %endif # Docs dependencies # Sphinx is used to build the manpages for the project. BuildRequires: python3-sphinx # Third-party runtime dependencies used by goose-proxy Provides: bundled(fastapi) Provides: bundled(uvicorn) Provides: bundled(pydantic) # SELinux policy build dependencies BuildRequires: selinux-policy-devel BuildRequires: bzip2 # Add selinux subpackage as dependency Requires: %{name}-selinux %global _description %{expand: A lightweight API translation proxy that bridges Goose with backend servers that speak the Responses API from OpenAI, such as Lightspeed Stack.} # All Python dependencies are vendored in _vendor. Suppress the auto-generated # python3.Xdist(...) Requires so RPM does not demand them as system packages. %{?python_disable_dependency_generator} %description %_description %prep %autosetup -p1 # Remove options from pytest as some of them are not available at all sed -i '/^addopts = \[/,/^\]/d' pyproject.toml # Remove asyncio_mode as pytest-asyncio is not available sed -i '/^asyncio_mode = /d' pyproject.toml # Remove license-files as this is a conflicting property sed -i '/^license-files = /d' pyproject.toml # Install vendored dependency wheels into the _vendor directory so they are # included in the wheel built during %%build. The tarball contains wheels for # multiple Python versions (cp39, cp312). A per-version requirements file # selects the correct packages and pip picks the compatible wheel. tar xzf %{SOURCE1} %{python3} -m pip install --no-deps --no-index \ --find-links vendor_wheels --target src/goose_proxy/_vendor \ -r vendor_wheels/requirements-%{python3_version_nodots}.txt %build %pyproject_wheel # Build the manpages sphinx-build -b man docs/man docs/build/man # Build SELinux policy module %{__make} -C data/release/selinux %{modulename}.pp.bz2 %install %pyproject_install %pyproject_save_files %{python_package_src} # Install the manpages for goose-proxy and goose-proxy-config %{__install} -D -m 0644 docs/build/man/%{name}-config.5 %{buildroot}%{_mandir}/man5/%{name}-config.5 %{__install} -D -m 0644 docs/build/man/%{name}.7 %{buildroot}%{_mandir}/man7/%{name}.7 # System units %{__install} -D -m 0644 data/release/systemd/%{name}.service %{buildroot}/%{_unitdir}/%{name}.service %{__install} -D -m 0644 data/release/systemd/%{name}.socket %{buildroot}/%{_unitdir}/%{name}.socket %{__install} -D -m 0644 data/release/systemd/80-%{name}.preset %{buildroot}/%{_presetdir}/80-%{name}.preset # Config file %{__install} -d -m 0700 %{buildroot}/%{_sysconfdir}/xdg/%{name} %{__install} -D -m 0600 data/release/xdg/config.toml %{buildroot}/%{_sysconfdir}/xdg/%{name}/config.toml # Red Hat specific configs # Install the goose-init shell script inside /etc/profile.d for automatic # placement of the goose-config and custom_goose-proxy on user home directory. %{__install} -Dpm 0755 data/release/goose/goose-init.sh %{buildroot}%{_sysconfdir}/profile.d/goose-init.sh # Install the sources into /usr/share/goose-redhat %{__install} -Dpm 0644 data/release/goose/config.yaml %{buildroot}%{_datadir}/goose-redhat/config.yaml %{__install} -Dpm 0644 data/release/goose/rhel_cla.json %{buildroot}%{_datadir}/goose-redhat/rhel_cla.json # SELinux policy module %{__install} -d %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype} %{__install} -m 644 data/release/selinux/%{modulename}.pp.bz2 %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}/%{modulename}.pp.bz2 %{__install} -d %{buildroot}%{_datadir}/selinux/devel/include/contrib %{__install} -m 644 data/release/selinux/%{modulename}.if %{buildroot}%{_datadir}/selinux/devel/include/contrib/ %post %systemd_post %{name}.socket # Start the socket immediately so the proxy is reachable without a reboot. if [ $1 -eq 1 ]; then # First install: start the socket so the proxy is reachable immediately. systemctl start %{name}.socket 2>/dev/null || : fi %preun %systemd_preun %{name}.socket %{name}.service %postun %systemd_postun_with_restart %{name}.socket %{name}.service %files -f %{pyproject_files} %license LICENSE %doc README.md %{_bindir}/goose-proxy # Manpages %{_mandir}/man5/%{name}-config.5* %{_mandir}/man7/%{name}.7* # Needed directories %dir %attr(0700, root, root) %{_sysconfdir}/xdg/%{name} # System units %{_unitdir}/%{name}.service %{_unitdir}/%{name}.socket %{_presetdir}/80-%{name}.preset # Config file %config(noreplace) %attr(0600, root, root) %{_sysconfdir}/xdg/%{name}/config.toml # ---------------- Red Hat package %package -n goose-redhat Summary: %{summary} Requires: goose Requires: %{name} = %{version}-%{release} %description -n goose-redhat This package contains Red Hat specific configurations for %{name}, which enable the communication with RHEL Lightspeed services. %files -n goose-redhat %{_sysconfdir}/profile.d/goose-init.sh %{_datadir}/goose-redhat/config.yaml %{_datadir}/goose-redhat/rhel_cla.json # ---------------- SELinux package %package selinux Summary: SELinux policy module for goose-proxy BuildArch: noarch Requires: selinux-policy >= %{selinux_ver} Requires: selinux-policy-%{selinuxtype} Requires(post): selinux-policy-%{selinuxtype} Requires(post): selinux-policy-base >= %{selinux_ver} Requires(post): policycoreutils-python-utils Requires(postun): selinux-policy-base >= %{selinux_ver} Requires(postun): policycoreutils-python-utils %description selinux This package installs and sets up the SELinux policy security module for %{modulename}. %pre selinux %selinux_relabel_pre -s %{selinuxtype} %post selinux %selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/%{modulename}.pp.bz2 # Port 7080 may already be assigned to http_cache_port_t; use -m as fallback. semanage port -a -t goose_proxy_port_t -p tcp 7080 2>/dev/null || \ semanage port -m -t goose_proxy_port_t -p tcp 7080 2>/dev/null || : %postun selinux if [ $1 -eq 0 ]; then semanage port -d -t goose_proxy_port_t -p tcp 7080 2>/dev/null || : %selinux_modules_uninstall -s %{selinuxtype} %{modulename} fi %posttrans selinux %selinux_relabel_post -s %{selinuxtype} %files selinux %attr(0644,root,root) %{_datadir}/selinux/packages/%{selinuxtype}/%{modulename}.pp.bz2 %{_datadir}/selinux/devel/include/contrib/%{modulename}.if %ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename} %changelog * Thu Apr 23 2026 Packit - 0.1.0-2 - latest upstream build %autochangelog