RPM Packaging

Packaging the fapolicy analyzer RPM

GitHub CI builds a SRPM first and then performs a rpmbuild --rebuild to produce the RPM, both are captured as artifacts in builds and releases.

Build from Rawhide container with Podman

make -f .copr/Makefile vendor
podman build -t fapolicy-analyzer:rawhide -f scripts/srpm/Containerfile.fc .
podman run --rm -it --network=none fapolicy-analyzer:rawhide

or from a RHEL container

make -f .copr/Makefile vendor
podman build -t fapolicy-analyzer:el -f scripts/srpm/Containerfile.el .
podman run --rm -it --network=none fapolicy-analyzer:el

Both examples produce a disconnected build using an unprivileged user.

Fedora Copr

RPMS for several platforms are also available from Copr

Guidelines

It is important to reference the guidelines here when packaging:

• https://docs.fedoraproject.org/en-US/packaging-guidelines/Python/