summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--contrib/pkginstaller/.gitignore6
-rw-r--r--contrib/pkginstaller/Distribution.in17
-rw-r--r--contrib/pkginstaller/Makefile61
-rw-r--r--contrib/pkginstaller/README.md25
-rw-r--r--contrib/pkginstaller/Resources/banner.pngbin0 -> 50381 bytes
-rw-r--r--contrib/pkginstaller/Resources/conclusion.html13
-rw-r--r--contrib/pkginstaller/hvf.entitlements8
-rwxr-xr-xcontrib/pkginstaller/package.sh88
-rwxr-xr-xcontrib/pkginstaller/scripts/postinstall27
-rwxr-xr-xcontrib/pkginstaller/scripts/preinstall5
-rw-r--r--contrib/pkginstaller/welcome.html.in16
11 files changed, 266 insertions, 0 deletions
diff --git a/contrib/pkginstaller/.gitignore b/contrib/pkginstaller/.gitignore
new file mode 100644
index 000000000..5e597ab07
--- /dev/null
+++ b/contrib/pkginstaller/.gitignore
@@ -0,0 +1,6 @@
+out
+Distribution
+welcome.html
+tmp-download
+.vscode
+root
diff --git a/contrib/pkginstaller/Distribution.in b/contrib/pkginstaller/Distribution.in
new file mode 100644
index 000000000..0e0d3843a
--- /dev/null
+++ b/contrib/pkginstaller/Distribution.in
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="utf-8" standalone="no"?>
+<installer-script minSpecVersion="1.000000">
+ <title>Podman __VERSION__</title>
+ <background mime-type="image/png" file="banner.png" scaling="proportional"/>
+ <welcome file="welcome.html" mime-type="text/html" />
+ <conclusion file="conclusion.html" mime-type="text/html" />
+ <license file="LICENSE.txt"/>
+ <options customize="never" hostArchitectures="x86_64,arm64" />
+ <domains enable_localSystem="true" />
+ <choices-outline>
+ <line choice="podman"/>
+ </choices-outline>
+ <choice id="podman" title="podman">
+ <pkg-ref id="podman.pkg"/>
+ </choice>
+ <pkg-ref id="podman.pkg">podman.pkg</pkg-ref>
+</installer-script>
diff --git a/contrib/pkginstaller/Makefile b/contrib/pkginstaller/Makefile
new file mode 100644
index 000000000..c84a08482
--- /dev/null
+++ b/contrib/pkginstaller/Makefile
@@ -0,0 +1,61 @@
+SHELL := bash
+
+ARCH ?= aarch64
+PODMAN_VERSION ?= 4.1.0
+GVPROXY_VERSION ?= 0.4.0
+QEMU_VERSION ?= 7.0.0-2
+GVPROXY_RELEASE_URL ?= https://github.com/containers/gvisor-tap-vsock/releases/download/v$(GVPROXY_VERSION)/gvproxy-darwin
+QEMU_RELEASE_URL ?= https://github.com/containers/podman-machine-qemu/releases/download/v$(QEMU_VERSION)/podman-machine-qemu-$(ARCH)-$(QEMU_VERSION).tar.xz
+PACKAGE_DIR ?= out/packaging
+TMP_DOWNLOAD ?= tmp-download
+PACKAGE_ROOT ?= root
+PKG_NAME := podman-installer-macos-$(ARCH).pkg
+
+default: pkginstaller
+
+$(TMP_DOWNLOAD)/gvproxy:
+ mkdir -p $(TMP_DOWNLOAD)
+ cd $(TMP_DOWNLOAD) && curl -sLo gvproxy $(GVPROXY_RELEASE_URL)
+
+$(TMP_DOWNLOAD)/podman-machine-qemu-$(ARCH)-$(QEMU_VERSION).tar.xz:
+ mkdir -p $(TMP_DOWNLOAD)
+ cd $(TMP_DOWNLOAD) && curl -sLO $(QEMU_RELEASE_URL)
+
+packagedir: package_root Distribution welcome.html
+ mkdir -p $(PACKAGE_DIR)
+ cp -r Resources $(PACKAGE_DIR)/
+ cp welcome.html $(PACKAGE_DIR)/Resources/
+ cp Distribution $(PACKAGE_DIR)/
+ cp -r scripts $(PACKAGE_DIR)/
+ cp -r $(PACKAGE_ROOT) $(PACKAGE_DIR)/
+ cp package.sh $(PACKAGE_DIR)/
+ cd $(PACKAGE_DIR) && pkgbuild --analyze --root ./root component.plist
+ echo -n $(PODMAN_VERSION) > $(PACKAGE_DIR)/VERSION
+ echo -n $(ARCH) > $(PACKAGE_DIR)/ARCH
+ cp ../../LICENSE $(PACKAGE_DIR)/Resources/LICENSE.txt
+ cp hvf.entitlements $(PACKAGE_DIR)/
+
+package_root: clean-pkgroot $(TMP_DOWNLOAD)/podman-machine-qemu-$(ARCH)-$(QEMU_VERSION).tar.xz $(TMP_DOWNLOAD)/gvproxy
+ mkdir -p $(PACKAGE_ROOT)/podman/bin $(PACKAGE_ROOT)/podman/qemu
+ tar -C $(PACKAGE_ROOT)/podman/qemu -xf $(TMP_DOWNLOAD)/podman-machine-qemu-$(ARCH)-$(QEMU_VERSION).tar.xz
+ cp $(TMP_DOWNLOAD)/gvproxy $(PACKAGE_ROOT)/podman/bin/
+ chmod a+x $(PACKAGE_ROOT)/podman/bin/*
+
+%: %.in
+ @sed -e 's/__VERSION__/'$(PODMAN_VERSION)'/g' $< >$@
+
+pkginstaller: packagedir
+ cd $(PACKAGE_DIR) && ./package.sh ..
+
+_notarize: pkginstaller
+ xcrun notarytool submit --apple-id $(NOTARIZE_USERNAME) --password $(NOTARIZE_PASSWORD) --team-id=$(NOTARIZE_TEAM) -f json --wait out/$(PKG_NAME)
+
+notarize: _notarize
+ xcrun stapler staple out/$(PKG_NAME)
+
+.PHONY: clean clean-pkgroot
+clean:
+ rm -rf $(TMP_DOWNLOAD) $(PACKAGE_ROOT) $(PACKAGE_DIR) Distribution welcome.html
+
+clean-pkgroot:
+ rm -rf $(PACKAGE_ROOT) $(PACKAGE_DIR) Distribution welcome.html
diff --git a/contrib/pkginstaller/README.md b/contrib/pkginstaller/README.md
new file mode 100644
index 000000000..7aaf64808
--- /dev/null
+++ b/contrib/pkginstaller/README.md
@@ -0,0 +1,25 @@
+## How to build
+
+```sh
+$ make ARCH=<amd64 | aarch64> NO_CODESIGN=1 pkginstaller
+
+# or to create signed pkg
+$ make ARCH=<amd64 | aarch64> CODESIGN_IDENTITY=<ID> PRODUCTSIGN_IDENTITY=<ID> pkginstaller
+
+# or to prepare a signed and notarized pkg for release
+$ make ARCH=<amd64 | aarch64> CODESIGN_IDENTITY=<ID> PRODUCTSIGN_IDENTITY=<ID> NOTARIZE_USERNAME=<appleID> NOTARIZE_PASSWORD=<appleID-password> NOTARIZE_TEAM=<team-id> notarize
+```
+
+The generated pkg will be written to `out/podman-macos-installer-*.pkg`.
+Currently the pkg installs `podman`, `qemu`, `gvproxy` and `podman-mac-helper` to `/opt/podman`
+
+The `qemu` build it uses is from [containers/podman-machine-qemu](https://github.com/containers/podman-machine-qemu)
+
+## Uninstalling
+
+```sh
+$ sudo rm -rf /opt/podman
+```
+
+### Screenshot
+<img width="626" alt="screenshot-macOS-pkg-podman" src="https://user-images.githubusercontent.com/8885742/157380992-2e3b1573-34a0-4aa0-bdc1-a85f4792a1d2.png">
diff --git a/contrib/pkginstaller/Resources/banner.png b/contrib/pkginstaller/Resources/banner.png
new file mode 100644
index 000000000..7db751341
--- /dev/null
+++ b/contrib/pkginstaller/Resources/banner.png
Binary files differ
diff --git a/contrib/pkginstaller/Resources/conclusion.html b/contrib/pkginstaller/Resources/conclusion.html
new file mode 100644
index 000000000..c442e4ebf
--- /dev/null
+++ b/contrib/pkginstaller/Resources/conclusion.html
@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <meta charset="utf-8"/>
+</head>
+<body>
+<div align="left" style="font-family: Helvetica; padding-left: 10px;">
+ <br/>
+ <p style="color: #020202; font-size: 12px;">Thanks for installing Podman!</p>
+ <p style="color: #020202; font-size: 12px;">You can now start using the 'podman' command. First run 'podman machine init'</b>.</p>
+</div>
+</body>
+</html>
diff --git a/contrib/pkginstaller/hvf.entitlements b/contrib/pkginstaller/hvf.entitlements
new file mode 100644
index 000000000..154f3308e
--- /dev/null
+++ b/contrib/pkginstaller/hvf.entitlements
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+ <key>com.apple.security.hypervisor</key>
+ <true/>
+</dict>
+</plist>
diff --git a/contrib/pkginstaller/package.sh b/contrib/pkginstaller/package.sh
new file mode 100755
index 000000000..bb91fe01f
--- /dev/null
+++ b/contrib/pkginstaller/package.sh
@@ -0,0 +1,88 @@
+#!/bin/bash
+
+set -euxo pipefail
+
+BASEDIR=$(dirname "$0")
+OUTPUT=$1
+CODESIGN_IDENTITY=${CODESIGN_IDENTITY:-mock}
+PRODUCTSIGN_IDENTITY=${PRODUCTSIGN_IDENTITY:-mock}
+NO_CODESIGN=${NO_CODESIGN:-0}
+HELPER_BINARIES_DIR="/opt/podman/qemu/bin"
+
+binDir="${BASEDIR}/root/podman/bin"
+qemuBinDir="${BASEDIR}/root/podman/qemu/bin"
+
+version=$(cat "${BASEDIR}/VERSION")
+arch=$(cat "${BASEDIR}/ARCH")
+
+function build_podman() {
+ pushd "$1"
+ make GOARCH="${arch}" podman-remote HELPER_BINARIES_DIR="${HELPER_BINARIES_DIR}"
+ make GOARCH="${arch}" podman-mac-helper
+ cp bin/darwin/podman "contrib/pkginstaller/out/packaging/${binDir}/podman"
+ cp bin/darwin/podman-mac-helper "contrib/pkginstaller/out/packaging/${binDir}/podman-mac-helper"
+ popd
+}
+
+function sign() {
+ if [ "${NO_CODESIGN}" -eq "1" ]; then
+ return
+ fi
+ local opts=""
+ entitlements="${BASEDIR}/$(basename "$1").entitlements"
+ if [ -f "${entitlements}" ]; then
+ opts="--entitlements ${entitlements}"
+ fi
+ codesign --deep --sign "${CODESIGN_IDENTITY}" --options runtime --timestamp --force ${opts} "$1"
+}
+
+function signQemu() {
+ if [ "${NO_CODESIGN}" -eq "1" ]; then
+ return
+ fi
+
+ local qemuArch="${arch}"
+ if [ "${qemuArch}" = amd64 ]; then
+ qemuArch=x86_64
+ fi
+
+ # sign the files inside /opt/podman/qemu/lib
+ libs=$(find "${BASEDIR}"/root/podman/qemu/lib -depth -name "*.dylib" -or -type f -perm +111)
+ echo "${libs}" | xargs -t -I % codesign --deep --sign "${CODESIGN_IDENTITY}" --options runtime --timestamp --force % || true
+
+ # sign the files inside /opt/podman/qemu/bin except qemu-system-*
+ bins=$(find "${BASEDIR}"/root/podman/qemu/bin -depth -type f -perm +111 ! -name "qemu-system-${qemuArch}")
+ echo "${bins}" | xargs -t -I % codesign --deep --sign "${CODESIGN_IDENTITY}" --options runtime --timestamp --force % || true
+
+ # sign the qemu-system-* binary
+ # need to remove any extended attributes, otherwise codesign complains:
+ # qemu-system-aarch64: resource fork, Finder information, or similar detritus not allowed
+ xattr -cr "${qemuBinDir}/qemu-system-${qemuArch}"
+ codesign --deep --sign "${CODESIGN_IDENTITY}" --options runtime --timestamp --force \
+ --entitlements "${BASEDIR}/hvf.entitlements" "${qemuBinDir}/qemu-system-${qemuArch}"
+}
+
+build_podman "../../../../"
+sign "${binDir}/podman"
+sign "${binDir}/gvproxy"
+sign "${binDir}/podman-mac-helper"
+signQemu
+
+pkgbuild --identifier com.redhat.podman --version "${version}" \
+ --scripts "${BASEDIR}/scripts" \
+ --root "${BASEDIR}/root" \
+ --install-location /opt \
+ --component-plist "${BASEDIR}/component.plist" \
+ "${OUTPUT}/podman.pkg"
+
+productbuild --distribution "${BASEDIR}/Distribution" \
+ --resources "${BASEDIR}/Resources" \
+ --package-path "${OUTPUT}" \
+ "${OUTPUT}/podman-unsigned.pkg"
+rm "${OUTPUT}/podman.pkg"
+
+if [ ! "${NO_CODESIGN}" -eq "1" ]; then
+ productsign --timestamp --sign "${PRODUCTSIGN_IDENTITY}" "${OUTPUT}/podman-unsigned.pkg" "${OUTPUT}/podman-installer-macos-${arch}.pkg"
+else
+ mv "${OUTPUT}/podman-unsigned.pkg" "${OUTPUT}/podman-installer-macos-${arch}.pkg"
+fi
diff --git a/contrib/pkginstaller/scripts/postinstall b/contrib/pkginstaller/scripts/postinstall
new file mode 100755
index 000000000..db17eede8
--- /dev/null
+++ b/contrib/pkginstaller/scripts/postinstall
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+set -e
+
+BZSH_PODMAN_PATH_EXP='PATH="/opt/podman/bin:$PATH"'
+FISH_PODMAN_PATH_EXP='set PATH "/opt/podman/bin $PATH"'
+BASHRC_PATH="$HOME/.bash_profile"
+ZSHENV_PATH="$HOME/.zshenv"
+ZSHRC_PATH="$HOME/.zshrc"
+FSHCFG_PATH="$HOME/.config/fish/config.fish"
+
+# append /Applications/podman/bin to $PATH
+if [ -f "$BASHRC_PATH" ]; then
+ grep -Fxq "$BZSH_PODMAN_PATH_EXP" "$BASHRC_PATH" || echo "$BZSH_PODMAN_PATH_EXP" >> "$BASHRC_PATH"
+fi
+if [ -f "$ZSHENV_PATH" ]; then
+ grep -Fxq "$BZSH_PODMAN_PATH_EXP" "$ZSHENV_PATH" || echo "$BZSH_PODMAN_PATH_EXP" >> "$ZSHENV_PATH"
+fi
+if [ -f "$ZSHRC_PATH" ]; then
+ grep -Fxq "$BZSH_PODMAN_PATH_EXP" "$ZSHRC_PATH" || echo "$BZSH_PODMAN_PATH_EXP" >> "$ZSHRC_PATH"
+fi
+if [ -f "$FSHCFG_PATH" ]; then
+ grep -Fxq "$FISH_PODMAN_PATH_EXP" "$FSHCFG_PATH" || echo "$FISH_PODMAN_PATH_EXP" >> "$FSHCFG_PATH"
+fi
+
+ln -s /opt/podman/bin/podman-mac-helper /opt/podman/qemu/bin/podman-mac-helper
+ln -s /opt/podman/bin/gvproxy /opt/podman/qemu/bin/gvproxy
diff --git a/contrib/pkginstaller/scripts/preinstall b/contrib/pkginstaller/scripts/preinstall
new file mode 100755
index 000000000..a381868fc
--- /dev/null
+++ b/contrib/pkginstaller/scripts/preinstall
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+set -e
+
+rm -rf /opt/podman
diff --git a/contrib/pkginstaller/welcome.html.in b/contrib/pkginstaller/welcome.html.in
new file mode 100644
index 000000000..b06198716
--- /dev/null
+++ b/contrib/pkginstaller/welcome.html.in
@@ -0,0 +1,16 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <meta charset="utf-8"/>
+</head>
+<body>
+<div align="left" style="font-family: Helvetica; padding-left: 10px;">
+ <br/>
+ <p style="color: #020202; font-size: 12px;">This will install <span style="color: #46b9d6; font-size: 12px;">Podman __VERSION__</span>
+ on your computer. You will be guided through the steps necessary to install this software.</p>
+ <br/>
+ <p style="color: #abb0b0; font-size: 12px;">Click <span style="color: #626666">“Continue"</span> to continue the
+ setup</p>
+</div>
+</body>
+</html>