fix(openscap): disable optional apt integration#16964
Merged
ddstreetmicrosoft merged 1 commit intotomls/base/mainfrom May 1, 2026
Merged
fix(openscap): disable optional apt integration#16964ddstreetmicrosoft merged 1 commit intotomls/base/mainfrom
ddstreetmicrosoft merged 1 commit intotomls/base/mainfrom
Conversation
reubeno
requested review from
christopherco and
ddstreetmicrosoft
as code owners
Contributor
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Disables OpenSCAP’s optional apt probe integration in Azure Linux to avoid pulling apt-libs/apt into the RPM-only base.
Changes:
- Load an AZL overlay macro file from the spec and add it as a Source.
- Add an openscap component build override to build
--without apt. - Add a generated macros file defining
%_without_apt 1and adjust component declarations accordingly.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| specs/o/openscap/openscap.spec | Loads generated AZL macros early in the spec and ships the macros file as a Source. |
| specs/o/openscap/openscap.azl.macros | Defines %_without_apt to force-disable the apt integration path. |
| base/comps/openscap/openscap.comp.toml | Disables the apt bcond for openscap builds in the component system. |
| base/comps/components.toml | Removes the explicit openscap component table entry (likely relying on included *.comp.toml). |
Comments suppressed due to low confidence (1)
specs/o/openscap/openscap.spec:1
- The macro file is loaded via a hardcoded
_sourcedirpath and literal filename beforeSource9999is declared. For better robustness and traceability, consider reordering soSource9999is declared before it’s loaded, and then load via the corresponding Source macro (e.g.,SOURCE9999) rather than_sourcedir+ a hardcoded name. This reduces reliance on external directory layout and avoids copy/paste filename mismatches.
# This spec file has been modified by azldev to include build configuration overlays.
📄❌ Rendered specs are out of date🚧🚧🚧🚧🚧 Warning Disregard this comment. Spec rendering is still under development and checked-in specs 🚧🚧🚧🚧🚧 FIX: — run this and commit the result: azldev component render erlang openscapOr download the fix patch and apply it: gh run download 25218236991 -R microsoft/azurelinux -n rendered-specs-patch
git apply rendered-specs.patch
Content diffs`specs/e/erlang/erlang.spec`--- committed/specs/e/erlang/erlang.spec
+++ rendered/specs/e/erlang/erlang.spec
@@ -75,7 +75,7 @@
Name: erlang
Version: 26.2.5.17
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: General-purpose programming language and runtime environment
License: Apache-2.0
`specs/o/openscap/openscap.spec`--- committed/specs/o/openscap/openscap.spec
+++ rendered/specs/o/openscap/openscap.spec
@@ -6,7 +6,7 @@
Name: openscap
Version: 1.4.3
-Release: 3%{?dist}
+Release: 4%{?dist}
Epoch: 1
Summary: Set of open source libraries enabling integration of the SCAP line of standards
License: LGPL-2.1-or-later
|
Disable openscap's apt-libs probe path. Upstream gates it on `%bcond_without apt` (default-on for Fedora, default-off for CentOS/ELN). We only need to support RPM environments. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
reubeno
force-pushed
the
users/reubeno/scalpel/openscap-no-apt
branch
from
a235bc9 to
36377ee
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Disable openscap's apt-libs probe path. Upstream gates it on
%bcond_without apt(default-on for Fedora, default-off forCentOS/ELN). We only need to support RPM environments.
--
Build validated locally via azldev + koji.