diff --git a/.github/workflows/create-release-and-upload-assets.yml b/.github/workflows/create-release-and-upload-assets.yml index 6090dcbf..5c440cb2 100644 --- a/.github/workflows/create-release-and-upload-assets.yml +++ b/.github/workflows/create-release-and-upload-assets.yml @@ -19,7 +19,11 @@ jobs: version: ${{ steps.set-vars.outputs.version }} rpm_version: ${{ steps.set-vars.outputs.rpm_version }} is_prerelease: ${{ steps.set-vars.outputs.is_prerelease }} + target_branch: ${{ steps.set-vars.outputs.target_branch }} steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 - id: set-vars run: | if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then @@ -35,10 +39,20 @@ jobs: else IS_PRERELEASE=false fi + # Detect target branch: if tag version matches VERSION.txt, use main + # otherwise use stable-X.Y branch for backport releases + MAJOR_MINOR=$(echo "$VERSION" | grep -oP '^\d+\.\d+') + CURRENT=$(cat VERSION.txt | grep -oP '^\d+\.\d+') + if [[ "$MAJOR_MINOR" == "$CURRENT" ]]; then + TARGET_BRANCH="main" + else + TARGET_BRANCH="stable-${MAJOR_MINOR}" + fi echo "version=${VERSION}" >> $GITHUB_OUTPUT echo "rpm_version=${RPM_VERSION}" >> $GITHUB_OUTPUT echo "is_prerelease=${IS_PRERELEASE}" >> $GITHUB_OUTPUT - echo "Version: $VERSION, RPM Version: $RPM_VERSION, Pre-release: $IS_PRERELEASE" + echo "target_branch=${TARGET_BRANCH}" >> $GITHUB_OUTPUT + echo "Version: $VERSION, RPM Version: $RPM_VERSION, Pre-release: $IS_PRERELEASE, Target: $TARGET_BRANCH" create-release: needs: setup @@ -69,7 +83,7 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 - ref: main + ref: ${{ needs.setup.outputs.target_branch }} - name: git fetch --all run: | git fetch --all @@ -91,7 +105,7 @@ jobs: echo "${{ needs.setup.outputs.version }}" > VERSION.txt git add VERSION.txt git diff --quiet && git diff --staged --quiet || git commit -m "${COMMIT_MSG}" - git push origin main + git push origin ${{ needs.setup.outputs.target_branch }} - name: Update debian changelog env: EMAIL: furlongm@gmail.com @@ -101,7 +115,7 @@ jobs: skip-checks: true run: | gbp dch --new-version=${{ needs.setup.outputs.version }}-1 --release --distribution=stable --spawn-editor=never --commit --commit-msg="${COMMIT_MSG}" - git push origin main + git push origin ${{ needs.setup.outputs.target_branch }} build-and-upload-deb-assets: needs: [setup, create-release, update-version-and-changelog] @@ -123,8 +137,8 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 - # For stable releases, use main (has updated changelog); for pre-releases, use the tag - ref: ${{ needs.setup.outputs.is_prerelease == 'false' && 'main' || github.ref }} + # For stable releases, use target branch (has updated changelog); for pre-releases, use the tag + ref: ${{ needs.setup.outputs.is_prerelease == 'false' && needs.setup.outputs.target_branch || github.ref }} - name: git fetch --all run: | git config --global --add safe.directory /__w/patchman/patchman @@ -151,7 +165,7 @@ jobs: EMAIL: furlongm@gmail.com VERSION: ${{ needs.setup.outputs.version }} run: | - # VERSION.txt and changelog already updated on main by update-version-and-changelog job + # VERSION.txt and changelog already updated on target branch by update-version-and-changelog job # Recreate tag to include those commits git tag --delete v${VERSION} git tag v${VERSION} @@ -181,7 +195,7 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 0 - ref: ${{ needs.setup.outputs.is_prerelease == 'false' && 'main' || github.ref }} + ref: ${{ needs.setup.outputs.is_prerelease == 'false' && needs.setup.outputs.target_branch || github.ref }} - name: git fetch --all run: | git config --global --add safe.directory /__w/patchman/patchman diff --git a/.github/workflows/docker-build.yaml b/.github/workflows/docker-build.yaml index 6287e429..4825c77b 100644 --- a/.github/workflows/docker-build.yaml +++ b/.github/workflows/docker-build.yaml @@ -26,7 +26,7 @@ jobs: file: docker/Dockerfile platforms: linux/amd64,linux/arm64 push: true - tags: ${{vars.DOCKERHUB_USERNAME}}/${{vars.DOCKERHUB_CONTAINER}}:latest,${{vars.DOCKERHUB_USERNAME}}/${{vars.DOCKERHUB_CONTAINER}}:unstable + tags: ${{vars.DOCKERHUB_USERNAME}}/${{vars.DOCKERHUB_CONTAINER}}:unstable cache-from: type=gha cache-to: type=gha,mode=max diff --git a/INSTALL.md b/INSTALL.md index 0d94733b..f9002a15 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -7,7 +7,7 @@ mysql or postgresql instead, see the database configuration section. ## Supported Server Installation Options - [Ubuntu 24.04](#ubuntu-2404-noble) - [Debian 13](#debian-13-trixie) - - [Rocky 10](#rocky-10) + - [Rocky/Alma/RHEL](#rockyalmarhel) - [virtualenv + pip](#virtualenv--pip) - [Source](#source) @@ -15,7 +15,7 @@ mysql or postgresql instead, see the database configuration section. ### Ubuntu 24.04 (noble) ```shell -curl -sS https://repo.openbytes.ie/openbytes.gpg > /usr/share/keyrings/openbytes.gpg +curl -sS https://repo.openbytes.ie/openbytes-1.gpg > /usr/share/keyrings/openbytes.gpg echo "deb [signed-by=/usr/share/keyrings/openbytes.gpg] https://repo.openbytes.ie/patchman/ubuntu noble-backports main" > /etc/apt/sources.list.d/patchman.list apt update apt -y install python3-patchman patchman-client @@ -25,26 +25,26 @@ patchman-manage createsuperuser ### Debian 13 (trixie) ```shell -curl -sS https://repo.openbytes.ie/openbytes.gpg > /usr/share/keyrings/openbytes.gpg +curl -sS https://repo.openbytes.ie/openbytes-1.gpg > /usr/share/keyrings/openbytes.gpg echo "deb [signed-by=/usr/share/keyrings/openbytes.gpg] https://repo.openbytes.ie/patchman/debian trixie main" > /etc/apt/sources.list.d/patchman.list apt update apt -y install python3-patchman patchman-client patchman-manage createsuperuser ``` -### Rocky 10 +### Rocky/Alma/RHEL Server installation is currently broken due to missing upstream packages: https://github.com/furlongm/patchman/issues/669 Client installation should work as expected. -This also applies to Alma, RHEL, etc. ```shell -curl -sS https://repo.openbytes.ie/openbytes-2.gpg > /etc/pki/rpm-gpg/RPM-GPG-KEY-openbytes +# curl -sS https://repo.openbytes.ie/openbytes.gpg > /etc/pki/rpm-gpg/RPM-GPG-KEY-openbytes # rocky/alma/rhel 8/9 +curl -sS https://repo.openbytes.ie/openbytes-1.gpg > /etc/pki/rpm-gpg/RPM-GPG-KEY-openbytes # rocky/alma/rhel 10 cat <> /etc/yum.repos.d/openbytes.repo [openbytes] name=openbytes -baseurl=https://repo.openbytes.ie/patchman/el10 +baseurl=https://repo.openbytes.ie/patchman/el\$releasever enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-openbytes @@ -53,15 +53,15 @@ dnf -y install epel-release dnf makecache dnf -y install patchman-client #dnf -y install patchman -systemctl restart httpd -patchman-manage createsuperuser +#systemctl restart httpd +#patchman-manage createsuperuser ``` ### virtualenv + pip ```shell apt -y install python3-venv # (debian/ubuntu) -dnf -y install python3-virtualenv # (rocky/alma/redhat) +dnf -y install python3-virtualenv # (rocky/alma/rhel) mkdir /srv/patchman cd /srv/patchman python3 -m venv .venv @@ -165,7 +165,7 @@ protocol=2 Or use the `-p 2` command line option: ```shell -$ patchman-client -s http://patchman.example.org -p 2 +$ patchman-client -s http://patchman.example.com -p 2 ``` @@ -393,14 +393,14 @@ patchman-client Install Celery for realtime processing of reports from clients and for periodic maintenance tasks. The celery configuation file is in `/etc/patchman/celery.conf` -#### Ubuntu / Debian +#### Debian/Ubuntu ```shell apt -y install python3-celery redis python3-redis python-celery-common /usr/bin/celery --broker redis://127.0.0.1:6379/0 --app patchman worker --loglevel info --beat --scheduler django_celery_beat.schedulers:DatabaseScheduler --task-events --pool threads ``` -#### Rocky / Alma / RHEL +#### Rocky/Alma/RHEL Currently waiting on https://bugzilla.redhat.com/show_bug.cgi?id=2032543 @@ -434,8 +434,9 @@ Install Redis: ```shell apt -y install redis python3-redis # (debian/ubuntu) -dnf -y install redis python3-redis # (rocky/alma/redhat) -systemctl restart redis/redis-server +dnf -y install redis python3-redis # (rocky/alma/rhel) +systemctl restart redis-server # (debian/ubuntu) +systemctl restart redis # (rocky/alma/rhel) ``` and add the following to `/etc/patchman/local_settings.py` @@ -450,13 +451,13 @@ CACHES = { } ``` -#### Memcacached +#### Memcached Install Memcached ```shell apt -y install memcached python3-pymemcache # (debian/ubuntu) -dnf -y install memcached python3-pymemcache # (rocky/alma/redhat) +dnf -y install memcached python3-pymemcache # (rocky/alma/rhel) systemctl restart memcached ``` @@ -522,7 +523,7 @@ api_key=abc123... Or use the `-k` command line option: ```shell -$ patchman-client -s http://patchman.example.org -p 2 -k abc123... +$ patchman-client -s http://patchman.example.com -p 2 -k abc123... ``` diff --git a/VERSION.txt b/VERSION.txt index 86edc68d..249b676a 100644 --- a/VERSION.txt +++ b/VERSION.txt @@ -1 +1 @@ -4.0.20 +4.0.21 diff --git a/debian/changelog b/debian/changelog index d07e4a60..bef9185f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,26 @@ +patchman (4.0.21-1) stable; urgency=medium + + [ dependabot[bot] ] + * Bump gitpython from 3.1.47 to 3.1.49 + + [ Marcus Furlong ] + * use gpg file with both keys on all distros + * handle backported stable releases + + [ dependabot[bot] ] + * Bump gitpython from 3.1.49 to 3.1.50 + * update installation docs + * fix tz and local_settings getting overwritten + + [ Gedminas, Marius ] + * Use underscore names in setup.cfg + * Use SPDX license expression in setup.py + + [ Marcus Furlong ] + * auto-commit to update version skip-checks: true + + -- Marcus Furlong Fri, 29 May 2026 05:33:43 +0000 + patchman (4.0.20-1) stable; urgency=medium * django 5.2 compatibility updates diff --git a/debian/python3-patchman.conffiles b/debian/python3-patchman.conffiles new file mode 100644 index 00000000..f05a6c32 --- /dev/null +++ b/debian/python3-patchman.conffiles @@ -0,0 +1 @@ +/etc/patchman/local_settings.py diff --git a/patchman/settings.py b/patchman/settings.py index cb86644d..54b98a6f 100644 --- a/patchman/settings.py +++ b/patchman/settings.py @@ -65,7 +65,7 @@ # Internationalization LANGUAGE_CODE = 'en-us' -TIME_ZONE = 'America/NewYork' +TIME_ZONE = 'UTC' USE_I18N = True USE_TZ = True diff --git a/requirements.txt b/requirements.txt index cdfbb825..d75ebdec 100644 --- a/requirements.txt +++ b/requirements.txt @@ -13,7 +13,7 @@ django-filter==25.1 humanize==4.12.1 version-utils==0.3.2 python-magic==0.4.27 -gitpython==3.1.47 +gitpython==3.1.50 tenacity==8.2.3 celery==5.4.0 redis==6.4.0 diff --git a/scripts/rpm-install.sh b/scripts/rpm-install.sh index 73b62783..f47f63be 100644 --- a/scripts/rpm-install.sh +++ b/scripts/rpm-install.sh @@ -19,4 +19,4 @@ for i in `cat INSTALLED_FILES`; do done cat DIRS > INSTALLED_FILES -sed -e '/\/etc\//s|^|%config(noreplace) |' FILES >>INSTALLED_FILES +sed -e '/\/etc\//s|^|%config |' FILES >>INSTALLED_FILES diff --git a/setup.cfg b/setup.cfg index 48415b86..8797ec89 100644 --- a/setup.cfg +++ b/setup.cfg @@ -1,7 +1,7 @@ [bdist_rpm] doc_files = README.md AUTHORS COPYING INSTALL.md -install-script = scripts/rpm-install.sh -post-install = scripts/rpm-post-install.sh +install_script = scripts/rpm-install.sh +post_install = scripts/rpm-post-install.sh requires = /usr/bin/python3 python3-django >= 4.2.20 python3-django-taggit diff --git a/setup.py b/setup.py index a7dbfc68..82074ece 100755 --- a/setup.py +++ b/setup.py @@ -67,7 +67,7 @@ author='Marcus Furlong', author_email='furlongm@gmail.com', description='Django based patch status monitoring tool for linux systems', - license='GPLv3', + license='GPL-3.0-only', keywords='django patch status monitoring linux spacewalk patchman', packages=find_packages(), install_requires=install_requires, @@ -84,6 +84,5 @@ 'Environment :: Web Environment', 'Framework :: Django', 'Topic :: Internet :: WWW/HTTP :: WSGI :: Application', - 'License :: OSI Approved :: GNU General Public License v3 (GPLv3)', ], )