# For package version updates, check UPDATE.md which has instructions # on using the update.sh script %global _trivial .0 %global _buildid .4 %global debug_package %{nil} # latest release/commit %global _finch_release 1.10.0 %global _finch_commit 223facc30093245168e7024213c1e78e4a08ab07 %if 0%{?amzn} > 2 %global requires_systemd_macros false %endif # build_latest takes precedence because build_local is for debugging %if %{undefined build_latest} && %{undefined build_local} %global finch_release %{_finch_release} %global finch_commit %{_finch_commit} %endif %global finch_package github.com/runfinch/finch %global finch_src finch-%{finch_commit} %global finch_rpm_version %(r=%finch_release; echo ${r%%%%-*}) # finch-daemon %global finch_daemon_release 0.20.0 %global finch_daemon_commit ef5d71ddf0a98f39f6ebcf0401b8706543c9f04e %global finch_daemon_package github.com/runfinch/finch-daemon %global finch_daemon_src finch-daemon-%{finch_daemon_commit} %global finch_daemon_rpm_version %(r=%finch_daemon_release; echo ${r%%%%-*}) # buildkit %global buildkit_release 0.23.2 %global buildkit_commit 40b2ede0ac0a37030f9959b4a28e9c6c8ea036e7 %global buildkit_package github.com/moby/buildkit %global buildkit_src buildkit-%{buildkit_commit} %global buildkit_rpm_version %(r=%buildkit_release; echo ${r%%%%-*}) %global buildkit_go_ldflags -ldflags '-w -X %{buildkit_package}/version.Version=%{buildkit_rpm_version} -X %{buildkit_package}/version.Revision=%{buildkit_commit}' # cosign %global cosign_release 2.5.3 %global cosign_commit 488ef8ceed5ab5d77379e9077a124a0d0df41d06 %global cosign_package github.com/sigstore/cosign %global cosign_src cosign-%{cosign_commit} %global cosign_rpm_version %(r=%cosign_release; echo ${r%%%%-*}) Name: runfinch-finch Version: %{finch_rpm_version} Release: 1%{?dist}%{?_trivial}%{?_buildid} # Upstream license specification: Apache-2.0 License: ASL 2.0 Summary: The Finch CLI is an open source client for container development tool %if %{defined build_latest} Source0: https://github.com/runfinch/finch/archive/refs/heads/%{latest_branch}.tar.gz %else %if %{defined build_local} Source0: %{finch_src}.tar.gz %else Source0: https://github.com/runfinch/finch/archive/%{finch_commit}/%{finch_src}.tar.gz %endif %endif Source1: finch.service Source2: finch.socket Source3: finch.yaml Source4: nerdctl.toml Source5: buildkitd.toml Source6: finch-buildkit.service Source7: finch-buildkit.socket Source8: %{finch_src}-vendor-patch-1.tar.gz # buildkit Source1000: https://%{buildkit_package}/archive/%{buildkit_commit}/%{buildkit_src}.tar.gz # cosign Source2000: https://%{cosign_package}/archive/%{cosign_commit}/%{cosign_src}.tar.gz Source2001: %{cosign_src}-vendor.tar.gz # finch_daemon_package Source3000: https://%{finch_daemon_package}/archive/%{finch_daemon_commit}/%{finch_daemon_src}.tar.gz Source3001: %{finch_daemon_src}-vendor.tar.gz # Runtime requirements Requires: containerd nerdctl cni-plugins iptables Provides: finch = %{finch_rpm_version} # License: ASL 2.0 Provides: bundled(finch-daemon) = %{finch_daemon_rpm_version} # License: ASL 2.0 Provides: bundled(buildctl) = %{buildkit_rpm_version} # License: ASL 2.0 Provides: bundled(buildkitd) = %{buildkit_rpm_version} # License: ASL 2.0 Provides: bundled(cosign) = %{cosign_rpm_version} # Compilation requirements BuildRequires: golang >= 1.24.6, git, make %if 0%{?amzn} > 2 # this macro package doesn't exist on AL2 BuildRequires: systemd-rpm-macros %endif %description Finch is an open source client for container development. Its simple installer provides a minimal native client along with an opinionated distribution of other open source components. Rather than creating even more options to reason about and choose from, Finch aims to help promote other projects by making it easy to install and use them, while offering a simple native client to tie it all together. %prep # %setup -D -T -c -b 0 -n finch-%{finch_commit} %setup -c %if %{defined build_latest} mv "finch-%{latest_branch}" "%{finch_src}" %endif # extract vendor %setup -D -T -a 8 # extract buildkit %setup -D -T -a 1000 pushd "%{buildkit_src}" popd # extract cosign %setup -D -T -a 2000 pushd "%{cosign_src}" popd # extract vendor %setup -D -T -a 2001 # extract finch-daemon %setup -D -T -a 3000 pushd "%{finch_daemon_src}" popd # extract vendor %setup -D -T -a 3001 %build # build finch pushd "%{finch_src}" VERSION=%{finch_release} GITCOMMIT=%{finch_commit} make finch popd # build buildkit pushd "%{buildkit_src}" go build -mod=vendor -buildmode=pie %{buildkit_go_ldflags} -o _output/buildkitd %{buildkit_package}/cmd/buildkitd go build -mod=vendor -buildmode=pie %{buildkit_go_ldflags} -o _output/buildctl %{buildkit_package}/cmd/buildctl popd # build cosign pushd "%{cosign_src}" GIT_VERSION="%{cosign_release}" GIT_HASH="%{cosign_commit}" make cosign popd # build finch-daemon pushd "%{finch_daemon_src}" VERSION="%{finch_daemon_release}" make popd %check # pushd "%finch_src" # make test-unit # popd %install # install finch install -d %{buildroot}%{_bindir} install -d %{buildroot}%{_unitdir} install -d %{buildroot}%{_sharedstatedir}/finch/nerdctl install -p %{finch_src}/_output/bin/finch %{buildroot}%{_bindir} install -D -p -m 0644 %{S:1} %{buildroot}%{_unitdir}/finch.service install -D -p -m 0644 %{S:2} %{buildroot}%{_unitdir}/finch.socket install -d -p -m 0755 %{buildroot}%{_sysconfdir}/finch install -D -p -m 0644 %{S:3} %{buildroot}%{_sysconfdir}/finch/finch.yaml install -d -p -m 0755 %{buildroot}%{_sysconfdir}/finch/nerdctl/ install -D -p -m 0644 %{S:4} %{buildroot}%{_sysconfdir}/finch/nerdctl/nerdctl.toml # install buildkit install -d %{buildroot}%{_sharedstatedir}/finch/buildkit install -D -p %{buildkit_src}/_output/buildkitd %{buildroot}%{_libexecdir}/finch/buildkitd install -D -p %{buildkit_src}/_output/buildctl %{buildroot}%{_libexecdir}/finch/buildctl install -d -p -m 0755 %{buildroot}%{_sysconfdir}/finch/buildkit/ install -D -p -m 0644 %{S:5} %{buildroot}%{_sysconfdir}/finch/buildkit/buildkitd.toml install -D -p -m 0644 %{S:6} %{buildroot}%{_unitdir}/finch-buildkit.service install -D -p -m 0644 %{S:7} %{buildroot}%{_unitdir}/finch-buildkit.socket # install cosign install -D -p %{cosign_src}/cosign %{buildroot}%{_libexecdir}/finch/cosign # nerdctl ln -sf /usr/local/bin/nerdctl %{buildroot}%{_libexecdir}/finch/nerdctl # install finch-daemon install -D -p %{finch_daemon_src}/bin/finch-daemon %{buildroot}%{_libexecdir}/finch/finch-daemon install -D -p %{finch_daemon_src}/bin/docker-credential-finch %{buildroot}%{_libexecdir}/finch/docker-credential-finch %if 0%{?amzn} == 2 # On a fresh install of container-selinux, or updating from selinux-policy in # amzn2-core to one that more closely tracks upstream, we need to relabel critical # files to pick up changes to file_contexts introduced by those packages. %define selinux_relabel_paths %{_bindir}/finch \ %{_sysconfdir}/finch/ \ %{_sharedstatedir}/finch/ \ %{_sharedstatedir}/finch/nerdctl \ %{_libexecdir}/finch/buildctl \ %{_sysconfdir}/finch/buildkit \ %{_sharedstatedir}/finch/buildkit \ %{_libexecdir}/finch/finch-daemon \ %{_libexecdir}/finch/docker-credential-finch %define do_selinux_relabel() /usr/sbin/selinuxenabled && /usr/sbin/restorecon -r %* %triggerin -- container-selinux if [ $1 -eq 1 ]; then # new install, not update %{do_selinux_relabel} %{selinux_relabel_paths} ||: fi %endif %files %license finch-%{finch_commit}/LICENSE %license buildkit-%{buildkit_commit}/LICENSE %doc finch-%{finch_commit}/README.md %{_bindir}/finch %config(noreplace) %{_sysconfdir}/finch/finch.yaml %config(noreplace) %{_sysconfdir}/finch/nerdctl/nerdctl.toml %{_unitdir}/finch.service %{_unitdir}/finch.socket # buildkit %config(noreplace) %{_sysconfdir}/finch/buildkit/buildkitd.toml %{_libexecdir}/finch/buildkitd %{_libexecdir}/finch/buildctl %{_unitdir}/finch-buildkit.service %{_unitdir}/finch-buildkit.socket %{_sharedstatedir}/finch/nerdctl %{_sharedstatedir}/finch/buildkit # cosign %{_libexecdir}/finch/cosign # nerdctl %{_libexecdir}/finch/nerdctl # finch-daemon %{_libexecdir}/finch/finch-daemon %{_libexecdir}/finch/docker-credential-finch %post %systemd_post finch %preun %systemd_preun finch %postun %systemd_postun_with_restart finch %changelog * Mon Aug 25 2025 Justin Alvarez - runfinch-finch-1.10.0-1.amzn2023.0.4 - Update finch-daemon to 0.20.0 - Update cosign to 2.5.3 - Update golang to 1.24.6 * Fri Aug 22 2025 Henry Wang - runfinch-finch-1.10.0-1.amzn2023.0.3 - Fix finch service PATH environment variable * Mon Jul 28 2025 Swagat Bora - runfinch-finch-1.10.0-1.amzn2023.0.2 - Update finch-daemon to 0.19.1 * Tue Jul 15 2025 Shubhranshu Mahapatra - runfinch-finch-1.10.0-1.amzn2023.0.1 - Update finch to 1.10.0 - Update finch-daemon to 0.18.1 - Update buildkit to 0.23.2 * Tue Jun 17 2025 Justin Alvarez - runfinch-finch-1.8.3-1.amzn2023.0.1 - Update Finch to 1.8.3 - Update finch-daemon to 0.17.2 * Thu May 15 2025 Austin Vazquez - runfinch-finch-1.8.1-1.amzn2023.0.1 - Update Finch to 1.8.1 - Update finch-daemon to 0.16.0 - Update buildkit to 0.21.1 * Wed Apr 16 2025 Justin Alvarez - runfinch-finch-1.7.2-1.amzn2023.0.1 - Update Finch to 1.7.2 - Update finch-daemon to 0.15.0 - Update buildkit to 0.20.2 - Update cosign to 2.5.0 * Fri Mar 21 2025 Swagat Bora - runfinch-finch-1.7.1-1.amzn2023.0.1 - Update Finch to 1.7.1, Finch daemon to 0.14.0 * Thu Jan 9 2025 Austin Vazquez - runfinch-finch-1.6.0-1.amzn2023.0.1 - Update Finch to 1.6.0, Finch daemon to 0.12.0, BuildKit to 0.18.1 * Wed Nov 27 2024 Austin Vazquez - runfinch-finch-1.4.1-1.amzn2023.0.2 - Finch daemon 0.11.0 release * Mon Nov 4 2024 Shubhranshu Mahapatra - runfinch-finch-1.4.1-1.amzn2023.0.1 - Finch upstream release to 1.4.1 and finch daemon 0.10.0 release * Tue Sep 24 2024 Justin Alvarez - runfinch-finch-1.3.0-1.amzn2023.0.1 - Update to 1.3.0 from upstream * Tue Sep 24 2024 Justin Alvarez - runfinch-finch-1.3.0-1.amzn2023.0.1 - First release of Finch on Amazon Linux