Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1771346 - Review Request: attestation-hub-4.5-1 - Intel SecL Attestation Hub for Security Attribute Orchestration
Summary: Review Request: attestation-hub-4.5-1 - Intel SecL Attestation Hub for Securi...
Keywords:
Status: NEW
Alias: None
Product: Fedora
Classification: Fedora
Component: Package Review
Version: rawhide
Hardware: All
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: Nobody's working on this, feel free to take it
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: FE-NEEDSPONSOR
TreeView+ depends on / blocked
 
Reported: 2019-11-12 08:43 UTC by Tim Knoll
Modified: 2020-10-06 17:09 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Tim Knoll 2019-11-12 08:43:30 UTC
Spec URL: https://01.org/sites/default/files/downloads//attestation-hub-1.5.1.zip
SRPM URL: https://01.org/sites/default/files/downloads//attestation-hub-1.5.1.zip
Spec and SRPM are bundled into a single zip file.

Description: This package provides the Attestation hub component of Intel Security Libraries for Datacenter.  This service facilitates integration of Intel SecL with cloud orchestrators (currently supporting OpenStack and Kubernetes), allowing cloud platforms to include security attributes based on Intel SecL in workload placement decisions.  The Intel SecL Verification Service and Trust Agent applications can provide remote attestation of a platform's boot-time integrity based on Intel hardware security features like Intel TXT and Intel Boot Guard.  The attestation results can be retrieved by the Hub and "pushed" to designated orchestrator services, requiring workloads that have Intel SecL security attribute requirements to be scheduled only on compute resources that have matching security attributes.

Fedora Account System Username: teknoll

Comment 1 Neil Horman 2019-11-18 17:42:04 UTC
Adding FE-NEEDSPONSOR, as the submitter is not currently a packager

Submission is in incorrect format, should not be zipped into a single file, SPEC url and SRPM URL should point to those files specifically, so that fedora-review works with the BZ

Package fails to build:
[exec] main:
     [exec]     [mkdir] Created dir: /home/nhorman/rpmbuild/BUILD/contrib/features/hex2bin/target/dist
     [exec]     [mkdir] Created dir: /home/nhorman/rpmbuild/BUILD/contrib/features/hex2bin/target/dist-deps
     [exec]     [touch] Creating /home/nhorman/rpmbuild/BUILD/contrib/features/hex2bin/target/dist/builder/x
     [exec]      [exec] PREFIX=/opt/mtwilson/share/hex2bin
     [exec]      [exec] mkdir: cannot create directory '/opt/mtwilson': Permission denied
     [exec]      [exec] gcc -fstack-protector-strong -fPIE -fPIC -O2 -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -o hex2bin hex2bin.c -z noexecstack -z relro -z now -pie
     [exec]      [exec] mkdir: cannot create directory '/opt/mtwilson': Permission denied
     [exec]      [exec] mkdir: cannot create directory '/opt/mtwilson': Permission denied
     [exec]      [exec] make: *** [Makefile:13: install] Error 1
     [exec]      [exec] chmod +x hex2bin
     [exec]      [exec] mkdir -p /opt/mtwilson/share/hex2bin/bin
     [exec]      [exec] Failed to make install hex2bin
     [exec]      [exec] mkdir: cannot create directory '/opt/mtwilson': Permission denied
     [exec]      [exec] make: *** [Makefile:13: install] Error 1
     [exec] [INFO] ------------------------------------------------------------------------
     [exec] [INFO] Reactor Summary:
     [exec] [INFO] 
     [exec] [INFO] hex2bin-dist 1.0 ................................... FAILURE [  1.867 s]
     [exec] [INFO] mtwilson-maven-build-contrib-features 1.1 .......... SKIPPED
     [exec] [INFO] ------------------------------------------------------------------------
     [exec] [INFO] BUILD FAILURE
     [exec] [INFO] ------------------------------------------------------------------------
     [exec] [INFO] Total time: 1.969 s
     [exec] [INFO] Finished at: 2019-11-18T12:37:31-05:00
     [exec] [INFO] ------------------------------------------------------------------------
     [exec] [ERROR] Failed to execute goal org.apache.maven.plugins:maven-antrun-plugin:1.7:run (default-cli) on project hex2bin-dist: An Ant BuildException has occured: exec returned: 2
     [exec] [ERROR] around Ant part ...<exec failonerror="true" dir="/home/nhorman/rpmbuild/BUILD/contrib/features/hex2bin/target" executable="/bin/bash">... @ 27:122 in /home/nhorman/rpmbuild/BUILD/contrib/features/hex2bin/target/antrun/build-main.xml
     [exec] [ERROR] -> [Help 1]
     [exec] [ERROR] 
     [exec] [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
     [exec] [ERROR] Re-run Maven using the -X switch to enable full debug logging.
     [exec] [ERROR] 
     [exec] [ERROR] For more information about the errors and possible solutions, please read the following articles:
     [exec] [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
     [exec] Result: 1

Comment 2 Tim Knoll 2020-01-10 21:30:02 UTC
We have re-uploaded the source RPM and spec files to a new location:

Spec URL: https://github.com/intel-secl/attestation-hub/blob/v1.5.1/packages/attestation-hub/src/build/attestation-hub.spec
SRPM URL: https://github.com/intel-secl/attestation-hub/blob/v1.5.1/packages/attestation-hub/src/build/attestation-hub-4.5-1.el7.src.rpm

We are currently still working through the Koji build failures and will update once we have a resolution.

Comment 3 Fabian Affolter 2020-10-06 17:09:45 UTC
The URL for the SPEC file needs to point to a raw text for fedora-review to work.


Note You need to log in before you can comment on or make changes to this bug.