Update cert-manager to v1.7.3. (#3575)

- Update cert-manager to v1.7.3.
- Split cert-manager binaries into separate packages.
- Remove cert-manager build dependency on Bazel and just build the
binaries directly using `go build`. This makes building easier. Also,
the latest upstream version of cert-manager does this.
- Use the Go "vendor" directory for Go dependencies instead of dumping
files in the global Go cache.

SPECS/cert-manager/cert-manager.signatures.json

@@ -1,7 +1,6 @@
 {
  "Signatures": {
-  "cert-manager-1.5.3-gocache.tar.gz": "314222bf36a5a5b16f2f2b58099c0d19b1fa5da1c80f4057d2ad41f3043ebe0c",
-  "cert-manager-1.5.3-vendor.tar.gz": "b6c17ee4daee33ad980e5b41cb1d04cde33468f64400044d5d799c97edba8cf2",
-  "cert-manager-1.5.3.tar.gz": "48c451bfc87a9fadd575a05e586d80858ddf87e933c695293aff3f4782f3cbda"
+  "cert-manager-1.7.3-govendor.tar.gz": "48fe09366760fa4f450bdb7e3cd7ab9555a7685ed53543db738788236a50218c",
+  "cert-manager-1.7.3.tar.gz": "0519f0713d76044a348b0e33a2984d6b506f9f2683007f8487142127b09896d2"
  }
 }

SPECS/cert-manager/cert-manager.spec

@@ -1,96 +1,120 @@
 Summary:        Automatically provision and manage TLS certificates in Kubernetes
 Name:           cert-manager
-Version:        1.5.3
-Release:        2%{?dist}
+Version:        1.7.3
+Release:        1%{?dist}
 License:        ASL 2.0
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
 URL:            https://github.com/jetstack/cert-manager
 #Source0:       https://github.com/jetstack/%{name}/archive/refs/tags/v%{version}.tar.gz
 Source0:        %{name}-%{version}.tar.gz
 # Below is a manually created tarball, no download link.
-# We're using pre-populated external dependencies from this tarball, since network is disabled during build time.
-#   1. wget https://github.com/jetstack/%{name}/archive/refs/tags/v%{version}.tar.gz -o %%{name}-%%{version}.tar.gz
-#   2. tar -xf %%{name}-%%{version}.tar.gz
-#   3. cd %%{name}-%%{version}
-#   4. patch -p1 < Fix-dependency-checksum.patch
-#   5. mkdir -p BAZEL_CACHE
-#   6. bazel fetch --repository_cache=BAZEL_CACHE //...
-#   7. tar  --sort=name \
-#           --mtime="2021-04-26 00:00Z" \
-#           --owner=0 --group=0 --numeric-owner \
-#           --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime \
-#           -cf %%{name}-%%{version}-vendor.tar.gz BAZEL_CACHE
-Source1:        %{name}-%{version}-vendor.tar.gz
-# Below is a manually created tarball, no download link.
 # We're using pre-populated GO dependencies from this tarball, since network is disabled during build time.
 #   1. wget https://github.com/jetstack/%{name}/archive/refs/tags/v%{version}.tar.gz -o %%{name}-%%{version}.tar.gz
 #   2. tar -xf %%{name}-%%{version}.tar.gz
 #   3. cd %%{name}-%%{version}
-#   4. go mod download
-#   5. cd $HOME
+#   4. go mod vendor
 #   5. tar  --sort=name \
 #           --mtime="2021-04-26 00:00Z" \
 #           --owner=0 --group=0 --numeric-owner \
 #           --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime \
-#           -cf %%{name}-%%{version}-gocache.tar.gz go
-Source2:        %{name}-%{version}-gocache.tar.gz
-Patch0:         Fix-dependency-checksum.patch
-Patch1:         Fix-os-WriteFile.patch
-BuildRequires:  bazel
-BuildRequires:  git
-BuildRequires:  golang <= 1.17.10
+#           -cf %%{name}-%%{version}-govendor.tar.gz vendor
+Source1:        %{name}-%{version}-govendor.tar.gz
+BuildRequires:  golang
 BuildRequires:  patch
+Requires:       %{name}-acmesolver
+Requires:       %{name}-cainjector
+Requires:       %{name}-cmctl
+Requires:       %{name}-controller
+Requires:       %{name}-webhook
 
 %description
 cert-manager is a Kubernetes add-on to automate the management and issuance
 of TLS certificates from various issuing sources.
 
+%package acmesolver
+Summary:        cert-manager's acmesolver binary
+
+%description acmesolver
+HTTP server used to solve ACME challenges.
+
+%package cainjector
+Summary:        cert-manager's cainjector binary
+
+%description cainjector
+cert-manager CA injector is a Kubernetes addon to automate the injection of CA data into
+webhooks and APIServices from cert-manager certificates.
+
+%package controller
+Summary:        cert-manager's controller binary
+
+%description controller
+cert-manager is a Kubernetes addon to automate the management and issuance of
+TLS certificates from various issuing sources.
+
+%package cmctl
+Summary:        cert-manager's cmctl binary
+
+%description cmctl
+cmctl is a CLI tool manage and configure cert-manager resources for Kubernetes
+
+%package webhook
+Summary:        cert-manager's webhook binary
+
+%description webhook
+Webhook component providing API validation, mutation and conversion functionality for cert-manager.
+
 %prep
 %autosetup -p1
 %setup -q -T -D -a 1
 
 %build
-export GO111MODULE=off
-mkdir -p %{_topdir}/go
-export GOPATH=%{_topdir}/go
-pushd $GOPATH
-tar -xvf %{SOURCE2} --strip-components=1 --no-same-owner
-popd
-
-export GO_REPOSITORY_USE_HOST_CACHE=1
-
-git config --global user.email [email protected]
-git config --global user.name "Your Name"
-git init
-git add .
-GIT_AUTHOR_DATE=2000-01-01T01:01:01 GIT_COMMITTER_DATE=2000-01-01T01:01:01 \
-git commit -m "Dummy commit just to satisfy bazel" &> /dev/null
-
-for cmd in cmd/* ; do
-  if [ "$cmd" != cmd/util ]; then
-    bazel --batch build --repository_cache=BAZEL_CACHE //$cmd
-  fi
-done
+go build -o bin/acmesolver cmd/acmesolver/main.go
+go build -o bin/cainjector cmd/cainjector/main.go
+go build -o bin/controller cmd/controller/main.go
+go build -o bin/cmctl cmd/ctl/main.go
+go build -o bin/webhook cmd/webhook/main.go
 
 %install
 mkdir -p %{buildroot}%{_bindir}
-%ifarch aarch64
-install -D -m0755 bazel-out/aarch64-fastbuild-ST-4c64f0b3d5c7/bin/cmd/ctl/kubectl-cert_manager %{buildroot}%{_bindir}/
-%else
-install -D -m0755 bazel-out/k8-fastbuild-ST-4c64f0b3d5c7/bin/cmd/ctl/kubectl-cert_manager %{buildroot}%{_bindir}/
-%endif
-install -D -m0755 bazel-bin/cmd/webhook/webhook_/webhook %{buildroot}%{_bindir}/
-install -D -m0755 bazel-bin/cmd/controller/controller_/controller %{buildroot}%{_bindir}/
-install -D -m0755 bazel-bin/cmd/cainjector/cainjector_/cainjector %{buildroot}%{_bindir}/
-install -D -m0755 bazel-bin/cmd/acmesolver/acmesolver_/acmesolver %{buildroot}%{_bindir}/
+install -D -m0755 bin/acmesolver %{buildroot}%{_bindir}/
+install -D -m0755 bin/cainjector %{buildroot}%{_bindir}/
+install -D -m0755 bin/controller %{buildroot}%{_bindir}/
+install -D -m0755 bin/cmctl %{buildroot}%{_bindir}/
+install -D -m0755 bin/webhook %{buildroot}%{_bindir}/
 
 %files
-%license LICENSE
+
+%files acmesolver
+%license LICENSE LICENSES
 %doc README.md
-%{_bindir}/*
+%{_bindir}/acmesolver
+
+%files cainjector
+%license LICENSE LICENSES
+%doc README.md
+%{_bindir}/cainjector
+
+%files controller
+%license LICENSE LICENSES
+%doc README.md
+%{_bindir}/controller
+
+%files cmctl
+%license LICENSE LICENSES
+%doc README.md
+%{_bindir}/cmctl
+
+%files webhook
+%license LICENSE LICENSES
+%doc README.md
+%{_bindir}/webhook
 
 %changelog
+* Fri Aug 05 2022 Chris Gunn <[email protected]> - 1.7.3-1
+- Update to v1.7.3
+- Split binaries into separate packages.
+
 * Tue Jun 14 2022 Muhammad Falak <[email protected]> - 1.5.3-2
 - Add a hard BR on golang <= 1.17.10
 - Bump release to rebuild with golang 1.17.10

cgmanifest.json

@@ -1357,8 +1357,8 @@
         "type": "other",
         "other": {
           "name": "cert-manager",
-          "version": "1.5.3",
-          "downloadUrl": "https://github.com/jetstack/cert-manager/archive/refs/tags/v1.5.3.tar.gz"
+          "version": "1.7.3",
+          "downloadUrl": "https://github.com/jetstack/cert-manager/archive/refs/tags/v1.7.3.tar.gz"
         }
       }
     },