From 883d1421c3f4fe833e25ee7f61bfadf8d4a09de7 Mon Sep 17 00:00:00 2001
From: Feodor Alexandrov <f.aleksandrov@picodata.io>
Date: Fri, 24 Nov 2023 18:51:09 +0000
Subject: [PATCH] fix: a few certification patches
---
.gitlab-ci.yml | 12 +-
.../checks_debian_prebuild.patch | 478 ++++++++++++++++++
.../checks_rpm_prebuild.patch | 478 ++++++++++++++++++
certification_patches/curl_libssh2.patch | 17 +
certification_patches/curl_tool_dirhie.patch | 19 +
.../curl_tool_getparam.patch | 24 +
.../curl_tool_paramhlp.patch | 17 +
.../http_debian_pribuild.patch | 478 ++++++++++++++++++
certification_patches/http_rpm_prebuild.patch | 478 ++++++++++++++++++
certification_patches/luajit_luajit-gdb.patch | 14 +
.../nghttp2_fetch-ocsp-response.patch | 22 +
certification_patches/nghttp2_mkhufftbl.patch | 24 +
.../tarantool-sys_docker.patch | 12 +
.../tarantool-sys_icu_common_exec.patch | 24 +
.../tarantool-sys_icu_filtration.patch | 64 +++
.../tarantool-sys_icu_makefile.patch | 31 ++
.../tarantool-sys_icu_request_types.patch | 43 ++
.../tarantool-sys_icu_utils.patch | 14 +
.../tarantool-sys_tarantool-gdb.patch | 89 ++++
.../vshard_debian_prebuild.patch | 8 +
.../vshard_rpm_prebuild.patch | 11 +
certification_patches/zstd_freestanding.patch | 143 ++++++
picodata-webui | 2 +-
23 files changed, 2500 insertions(+), 2 deletions(-)
create mode 100644 certification_patches/checks_debian_prebuild.patch
create mode 100644 certification_patches/checks_rpm_prebuild.patch
create mode 100644 certification_patches/curl_libssh2.patch
create mode 100644 certification_patches/curl_tool_dirhie.patch
create mode 100644 certification_patches/curl_tool_getparam.patch
create mode 100644 certification_patches/curl_tool_paramhlp.patch
create mode 100644 certification_patches/http_debian_pribuild.patch
create mode 100644 certification_patches/http_rpm_prebuild.patch
create mode 100644 certification_patches/luajit_luajit-gdb.patch
create mode 100644 certification_patches/nghttp2_fetch-ocsp-response.patch
create mode 100644 certification_patches/nghttp2_mkhufftbl.patch
create mode 100644 certification_patches/tarantool-sys_docker.patch
create mode 100644 certification_patches/tarantool-sys_icu_common_exec.patch
create mode 100644 certification_patches/tarantool-sys_icu_filtration.patch
create mode 100644 certification_patches/tarantool-sys_icu_makefile.patch
create mode 100644 certification_patches/tarantool-sys_icu_request_types.patch
create mode 100644 certification_patches/tarantool-sys_icu_utils.patch
create mode 100644 certification_patches/tarantool-sys_tarantool-gdb.patch
create mode 100644 certification_patches/vshard_debian_prebuild.patch
create mode 100644 certification_patches/vshard_rpm_prebuild.patch
create mode 100644 certification_patches/zstd_freestanding.patch
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index cec830f642..8aed0f5f83 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -322,7 +322,7 @@ gamayun-run:
else
echo "No cache found"
fi
- # create an ssh tunned to gamayun server to allow the report uploading
+ # create an ssh tunnel to gamayun server to allow the report uploading
- TUNNEL="ssh -4 -L 9000:localhost:9000 sonar-reports -N -f"
- eval $TUNNEL
- ls -la
@@ -336,6 +336,16 @@ gamayun-run:
find . -type d -name 'docsrc' | xargs -n 1 rm -rvf
find . -name '*.md' | xargs -n 1 rm -rvf
find http tarantool-sys vshard -type d -name .github | xargs -n 1 rm -rfv
+ - PATCH_DIR=$(pwd)/certification_patches
+ - |
+ (cd tarantool-sys; find ${PATCH_DIR} -name "tarantool-sys_*" | xargs -n 1 git apply)
+ (cd tarantool-sys/third_party/curl; find ${PATCH_DIR} -name "curl_*" | xargs -n 1 git apply)
+ (cd tarantool-sys/third_party/zstd; find ${PATCH_DIR} -name "zstd_*" | xargs -n 1 git apply)
+ (cd tarantool-sys/third_party/luajit; find ${PATCH_DIR} -name "luajit_*" | xargs -n 1 git apply)
+ (cd tarantool-sys/third_party/nghttp2; find ${PATCH_DIR} -name "nghttp2_*" | xargs -n 1 git apply)
+ (cd tarantool-sys/third_party/checks; find ${PATCH_DIR} -name "checks_*" | xargs -n 1 git apply)
+ (cd http; find ${PATCH_DIR} -name "http_*" | xargs -n 1 git apply)
+ (cd vshard; find ${PATCH_DIR} -name "vshard_*" | xargs -n 1 git apply)
- |
docker run --rm -t \
-v $PWD:/tmp/src:rw \
diff --git a/certification_patches/checks_debian_prebuild.patch b/certification_patches/checks_debian_prebuild.patch
new file mode 100644
index 0000000000..0d887ac58a
--- /dev/null
+++ b/certification_patches/checks_debian_prebuild.patch
@@ -0,0 +1,478 @@
+diff --git a/debian/prebuild.sh b/debian/prebuild.sh
+index ecc64d2..e0ed466 100755
+--- a/debian/prebuild.sh
++++ b/debian/prebuild.sh
+@@ -1,5 +1,471 @@
+ #!/usr/bin/env bash
+
+-set -e -o pipefail
++# Simply the code from https://www.tarantool.io/release/1.10/installer.sh instead of piping it directly into bash
++set -o pipefail
+
+-curl -LsSf https://www.tarantool.io/release/1.10/installer.sh | sudo bash
++if [ $EUID != 0 ]; then
++ sudo "$0" "$@"
++ exit $?
++fi
++
++repo_type="release"
++repo_path=""
++gc64=""
++
++unsupported_os ()
++{
++ echo "Unfortunately, your operating system is not supported by this script."
++ exit 1
++}
++
++detect_os ()
++{
++ if [[ ( -z "${os}" ) && ( -z "${dist}" ) ]]; then
++ if [ -e /etc/centos-release ]; then
++ if [ -n "$(grep "RED OS" /etc/centos-release)" ]; then
++ os="redos"
++ dist=$(grep -Po "[6-9].[0-9]" /etc/centos-release)
++ else
++ os="centos"
++ dist=$(grep -Po "[6-9]" /etc/centos-release | head -1)
++ fi
++ elif [ -e /etc/os-release ]; then
++ os=$(. /etc/os-release && echo $ID)
++ # fix for UBUNTU like systems
++ os_like=$(. /etc/os-release && echo $ID_LIKE)
++ [[ $os_like = "ubuntu" ]] && os="ubuntu"
++
++ if [ $os = "debian" ]; then
++ dist=$(echo $(. /etc/os-release && echo $VERSION) | sed 's/^[[:digit:]]\+ (\(.*\))$/\1/')
++ if [ -z "$dist" ]; then
++ if grep -q "bullseye"* /etc/debian_version; then
++ dist="bullseye"
++ fi
++ fi
++ elif [ $os = "devuan" ]; then
++ # $ docker run -it dyne/devuan:chimaera grep VERSION= /etc/os-release
++ # VERSION="4 (chimaera)"
++ # $ docker run -it dyne/devuan:daedalus grep VERSION= /etc/os-release
++ # VERSION="5 (daedalus/ceres)"
++ dist=$(echo $(. /etc/os-release && echo $VERSION) | sed 's/^[[:digit:]]\+ (\([^/]*\)\(\/.*\)\?)$/\1/')
++ if [ -z "$dist" ]; then
++ if grep -q "bullseye"* /etc/debian_version; then
++ dist="bullseye"
++ fi
++ else
++ case ${dist} in
++ ascii) ddist=stretch ;;
++ beowulf) ddist=buster ;;
++ chimaera) ddist=bullseye ;;
++ daedalus) ddist=bookworm ;;
++ esac
++ dist=${ddist}
++ fi
++ os="debian"
++ elif [ $os = "ubuntu" ]; then
++ ver_id=$(. /etc/os-release && echo $VERSION_ID)
++
++ # fix for UBUNTU like systems
++ ver_codename=$(. /etc/os-release && echo $UBUNTU_CODENAME)
++ if [ ! -z "$ver_codename" ]; then
++ dist="$ver_codename"
++ elif [ $ver_id = "14.04" ]; then
++ dist="trusty"
++ elif [ $ver_id = "16.04" ]; then
++ dist="xenial"
++ elif [ $ver_id = "18.04" ]; then
++ dist="bionic"
++ elif [ $ver_id = "18.10" ]; then
++ dist="cosmic"
++ elif [ $ver_id = "19.04" ]; then
++ dist="disco"
++ elif [ $ver_id = "19.10" ]; then
++ dist="eoan"
++ elif [ $ver_id = "20.04" ]; then
++ dist="focal"
++ elif [ $ver_id = "20.10" ]; then
++ dist="groovy"
++ elif [ $ver_id = "21.04" ]; then
++ dist="hirsute"
++ elif [ $ver_id = "21.10" ]; then
++ dist="impish"
++ elif [ $ver_id = "22.04" ]; then
++ dist="jammy"
++ else
++ unsupported_os
++ fi
++ elif [ $os = "fedora" ]; then
++ dist=$(. /etc/os-release && echo $VERSION_ID)
++ elif [ $os = "amzn" ]; then
++ dist=$(. /etc/os-release && echo $VERSION_ID)
++ if [ $dist != "2" ]; then
++ unsupported_os
++ fi
++ else
++ unsupported_os
++ fi
++ else
++ unsupported_os
++ fi
++ fi
++
++ if [[ ( -z "${os}" ) || ( -z "${dist}" ) ]]; then
++ unsupported_os
++ fi
++
++ os="${os// /}"
++ dist="${dist// /}"
++
++ echo "Detected operating system as ${os}/${dist}."
++}
++
++print_new_release_policy_and_exit ()
++{
++ echo "Check out our new release policy https://github.com/tarantool/tarantool/discussions/6182"
++ exit 1
++}
++
++setup_type ()
++{
++ if [ "${repo_type}" = "release" ]; then
++ if [ "${ver}" -ge "2" ] 2> /dev/null; then
++ repo_path="release/series-"
++ else
++ repo_path="release/"
++ fi
++ elif [ "${repo_type}" = "pre-release" ]; then
++ if [ "${ver}" -ge "2" ] 2> /dev/null; then
++ repo_path="pre-release/series-"
++ else
++ echo "'pre-release' repository can be set up only with Tarantool series-N, where N = 2, 3, etc."
++ print_new_release_policy_and_exit
++ fi
++ elif [ "${repo_type}" = "live" ]; then
++ if [ "${ver}" -ge "2" ] 2> /dev/null; then
++ echo "'live' repository cannot be set up with Tarantool series-${ver}"
++ print_new_release_policy_and_exit
++ fi
++ else
++ echo "Unknown repository type '${repo_type}'"
++ print_new_release_policy_and_exit
++ fi
++}
++
++setup_ver ()
++{
++ ARCH=$(uname -m)
++ if [ "${ARCH}" = "x86_64" ] && [ "${GC64:-false}" = "true" ]; then
++ echo "GC64 will be used"
++ gc64="-gc64"
++ fi
++
++ ver="1.10"
++ ver_repo=$(echo $ver | tr . _)
++}
++
++curl_check ()
++{
++ echo
++ echo "####################"
++ echo "# Checking curl... #"
++ echo "####################"
++ if command -v curl > /dev/null; then
++ echo "Detected curl... "
++ else
++ echo "Installing curl..."
++ ${packet_manager} install -q -y curl
++ if [ "$?" -ne "0" ]; then
++ echo "Unable to install curl! Your base system has a problem; please check your default OS's package repositories because curl should work."
++ echo "Repository installation aborted."
++ exit 1
++ fi
++ fi
++}
++
++apt_update ()
++{
++ echo
++ echo "#############################"
++ echo "# Running apt-get update... #"
++ echo "#############################"
++ apt-get update
++}
++
++gpg_check ()
++{
++ echo
++ echo "#######################"
++ echo "# Checking for gpg... #"
++ echo "#######################"
++ if command -v gpg > /dev/null; then
++ echo "Detected gpg..."
++ else
++ echo "Installing gnupg for GPG verification..."
++ apt-get install -y gnupg
++ if [ "$?" -ne "0" ]; then
++ echo "Unable to install GPG! Your base system has a problem; please check your default OS's package repositories because GPG should work."
++ echo "Repository installation aborted."
++ exit 1
++ fi
++ fi
++}
++
++install_debian_keyring ()
++{
++ if [ "${os}" = "debian" ]; then
++ echo
++ echo "####################################################################"
++ echo "# Installing debian-archive-keyring which is needed for installing #"
++ echo "# apt-transport-https on many Debian systems. #"
++ echo "####################################################################"
++ apt-get install -y debian-archive-keyring
++ fi
++}
++
++install_apt ()
++{
++ export DEBIAN_FRONTEND=noninteractive
++ packet_manager="apt-get"
++ apt_update
++ curl_check
++ gpg_check
++
++ echo
++ echo "#####################################"
++ echo "# Installing apt-transport-https... #"
++ echo "#####################################"
++ apt-get install -y apt-transport-https
++
++ gpg_key_url="https://download.tarantool.org/tarantool/${repo_path}${ver}/gpgkey"
++ gpg_key_url_modules="https://download.tarantool.org/tarantool/modules/gpgkey"
++ apt_source_path="/etc/apt/sources.list.d/tarantool_${ver_repo}.list"
++
++ echo
++ echo "##################################"
++ echo "# Importing Tarantool gpg key... #"
++ echo "##################################"
++ curl -L "${gpg_key_url}" | apt-key add -
++ curl -L "${gpg_key_url_modules}" | apt-key add -
++
++ rm -f /etc/apt/sources.list.d/*tarantool*.list
++
++ # Since series-3 we use static builds and we can use one repository
++ # for all deb-based and rpm-based systems.
++ if [ "${ver}" -ge "3" ] 2> /dev/null; then
++ dist_path="${repo_path}${ver}/linux-deb"
++ dist_ver="static"
++ else
++ dist_path="${repo_path}${ver}${gc64}/${os}"
++ dist_ver="${dist}"
++ fi
++
++ echo "deb https://download.tarantool.org/tarantool/${dist_path}/ ${dist_ver} main" > ${apt_source_path}
++ echo "deb-src https://download.tarantool.org/tarantool/${dist_path}/ ${dist_ver} main" >> ${apt_source_path}
++ echo "deb https://download.tarantool.org/tarantool/modules/${os}/ ${dist} main" >> ${apt_source_path}
++ echo "deb-src https://download.tarantool.org/tarantool/modules/${os}/ ${dist} main" >> ${apt_source_path}
++ mkdir -p /etc/apt/preferences.d/
++ echo -e "Package: tarantool\nPin: origin download.tarantool.org\nPin-Priority: 1001" > /etc/apt/preferences.d/tarantool
++ echo -e "\nPackage: tarantool-common\nPin: origin download.tarantool.org\nPin-Priority: 1001" >> /etc/apt/preferences.d/tarantool
++ echo -e "\nPackage: tarantool-dev\nPin: origin download.tarantool.org\nPin-Priority: 1001" >> /etc/apt/preferences.d/tarantool
++ echo "The repository is setup! Tarantool can now be installed."
++
++ apt_update
++
++ echo
++ echo "Tarantool ${ver} is ready to be installed by 'apt-get install -y tarantool'"
++
++ if [[ ${FORCE_INSTALL_TARANTOOL:-False} = "True" ]]; then
++ apt-get -y install tarantool
++ fi
++}
++
++install_yum_repo ()
++{
++ if [[ "${os}" =~ ^(centos|amzn)$ ]]; then
++ OS_NAME="EnterpriseLinux"
++ OS_CODE="el"
++ modules_enabled="1"
++ elif [ "${os}" = "fedora" ]; then
++ OS_NAME="Fedora"
++ OS_CODE="fedora"
++ modules_enabled="1"
++ elif [ "${os}" = "redos" ]; then
++ OS_NAME="RedOS"
++ OS_CODE="redos"
++ modules_enabled="0" # for now modules for RedOS are not available
++ else
++ exit 1
++ fi
++
++ # Since series-3 we use static builds and we can use one repository
++ # for all deb-based and rpm-based systems.
++ if [ "${ver}" -ge "3" ] 2> /dev/null; then
++ repo_ver_path="${repo_path}${ver}"
++ dist_code="linux-rpm"
++ dist_ver="static"
++ source_enabled="0" # for now source packages for series-3 are not available
++ else
++ repo_ver_path="${repo_path}${ver}${gc64}"
++ dist_code="${OS_CODE}"
++ dist_ver="${dist}"
++ source_enabled="1"
++ fi
++
++ cat <<EOF > /etc/yum.repos.d/tarantool_${ver_repo}.repo
++[tarantool_${ver_repo}]
++name=${OS_NAME}-${dist} - Tarantool
++baseurl=https://download.tarantool.org/tarantool/${repo_ver_path}/${dist_code}/${dist_ver}/${ARCH}/
++gpgkey=https://download.tarantool.org/tarantool/${repo_ver_path}/gpgkey
++repo_gpgcheck=1
++gpgcheck=0
++enabled=1
++priority=1
++
++[tarantool_${ver_repo}-source]
++name=${OS_NAME}-${dist} - Tarantool Sources
++baseurl=https://download.tarantool.org/tarantool/${repo_ver_path}/${dist_code}/${dist_ver}/SRPMS
++gpgkey=https://download.tarantool.org/tarantool/${repo_ver_path}/gpgkey
++repo_gpgcheck=1
++gpgcheck=0
++enabled=${source_enabled}
++priority=1
++
++[tarantool_modules]
++name=${OS_NAME}-${dist} - Tarantool
++baseurl=https://download.tarantool.org/tarantool/modules/${OS_CODE}/${dist}/${ARCH}/
++gpgkey=https://download.tarantool.org/tarantool/modules/gpgkey
++repo_gpgcheck=1
++gpgcheck=0
++enabled=${modules_enabled}
++priority=1
++
++[tarantool_modules-source]
++name=${OS_NAME}-${dist} - Tarantool Sources
++baseurl=https://download.tarantool.org/tarantool/modules/${OS_CODE}/${dist}/SRPMS
++gpgkey=https://download.tarantool.org/tarantool/modules/gpgkey
++repo_gpgcheck=1
++gpgcheck=0
++enabled=${modules_enabled}
++EOF
++}
++
++install_yum ()
++{
++ echo
++ echo "#########################"
++ echo "# Cleaning yum cache... #"
++ echo "#########################"
++ yum clean all
++
++ if [ $os = "centos" ] || [ $os = "amzn" ]; then
++ echo
++ echo "#################################"
++ echo "# Installing EPEL repository... #"
++ echo "#################################"
++
++ if [ $dist = 6 ]; then
++ curl https://www.getpagespeed.com/files/centos6-eol.repo --output /etc/yum.repos.d/CentOS-Base.repo
++ yum install -y epel-release
++ else
++ yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-${dist}.noarch.rpm
++ fi
++
++ if [ $dist != 8 ]; then
++ yum -y install yum-priorities
++ fi
++
++ echo
++ echo "#####################################"
++ echo "# Setting up tarantool EPEL repo... #"
++ echo "#####################################"
++ if [ -e /etc/yum.repos.d/epel.repo ]; then
++ sed 's/enabled=.*/enabled=1/g' -i /etc/yum.repos.d/epel.repo
++ fi
++ fi
++
++ rm -f /etc/yum.repos.d/*tarantool*.repo && \
++ install_yum_repo
++
++ echo
++ echo "########################"
++ echo "# Updating metadata... #"
++ echo "########################"
++ if [ $os = "centos" ] || [ $os = "amzn" ]; then
++ yum makecache -y --disablerepo='*' --enablerepo="tarantool_${ver_repo}" --enablerepo="tarantool_modules" --enablerepo='epel'
++ elif [ $os = "redos" ]; then
++ # RedOS doesn't support epel repo
++ yum makecache -y --disablerepo='*' --enablerepo="tarantool_${ver_repo}"
++ else
++ unsupported_os
++ fi
++
++ echo
++ echo "Tarantool ${ver} is ready to be installed by 'yum install -y tarantool'"
++
++ if [[ ${FORCE_INSTALL_TARANTOOL:-False} = "True" ]]; then
++ yum -y install tarantool
++ fi
++
++}
++
++install_dnf ()
++{
++ dnf clean all
++
++ rm -f /etc/yum.repos.d/*tarantool*.repo
++ install_yum_repo
++
++ echo
++ echo "########################"
++ echo "# Updating metadata... #"
++ echo "########################"
++ if [ $os = "redos" ]; then
++ # RedOS doesn't support tarantool_modules repo
++ dnf -q makecache -y --disablerepo='*' --enablerepo="tarantool_${ver_repo}"
++ else
++ dnf -q makecache -y --disablerepo='*' --enablerepo="tarantool_${ver_repo}" --enablerepo="tarantool_modules"
++ fi
++
++ echo "Tarantool ${ver} is ready to be installed by 'dnf install -y tarantool'"
++
++ if [[ ${FORCE_INSTALL_TARANTOOL:-False} = "True" ]]; then
++ yum -y install tarantool
++ fi
++
++}
++
++main ()
++{
++ detect_os
++ setup_ver
++ setup_type
++ if [ ${os} = "centos" ] && [[ ${dist} =~ ^(6|7|8)$ ]]; then
++ echo
++ echo "################################"
++ echo "# Setting up yum repository... #"
++ echo "################################"
++ install_yum
++ elif [ ${os} = "amzn" ] && [[ ${dist} = 2 ]]; then
++ echo "Setting up yum repository... "
++ dist=7
++ install_yum
++ elif [ ${os} = "redos" ] && [[ ${dist} = "7.3" ]]; then
++ echo "Setting up yum repository... "
++ install_dnf
++ elif [ ${os} = "fedora" ] && [[ ${dist} =~ ^(28|29|30|31|32|33|34|35|36|37|38)$ ]]; then
++ echo "Setting up yum repository..."
++ install_dnf
++ elif ( [ ${os} = "debian" ] && [[ ${dist} =~ ^(jessie|stretch|buster|bullseye|bookworm)$ ]] ) ||
++ ( [ ${os} = "ubuntu" ] && [[ ${dist} =~ ^(trusty|xenial|bionic|cosmic|disco|eoan|focal|groovy|hirsute|impish|jammy)$ ]] ); then
++
++ echo
++ echo "################################"
++ echo "# Setting up apt repository... #"
++ echo "################################"
++ install_apt
++ else
++ unsupported_os
++ fi
++}
++
++main
diff --git a/certification_patches/checks_rpm_prebuild.patch b/certification_patches/checks_rpm_prebuild.patch
new file mode 100644
index 0000000000..e007301512
--- /dev/null
+++ b/certification_patches/checks_rpm_prebuild.patch
@@ -0,0 +1,478 @@
+diff --git a/rpm/prebuild.sh b/rpm/prebuild.sh
+index ecc64d2..e0ed466 100755
+--- a/rpm/prebuild.sh
++++ b/rpm/prebuild.sh
+@@ -1,5 +1,471 @@
+ #!/usr/bin/env bash
+
+-set -e -o pipefail
++# Simply the code from https://www.tarantool.io/release/1.10/installer.sh instead of piping it directly into bash
++set -o pipefail
+
+-curl -LsSf https://www.tarantool.io/release/1.10/installer.sh | sudo bash
++if [ $EUID != 0 ]; then
++ sudo "$0" "$@"
++ exit $?
++fi
++
++repo_type="release"
++repo_path=""
++gc64=""
++
++unsupported_os ()
++{
++ echo "Unfortunately, your operating system is not supported by this script."
++ exit 1
++}
++
++detect_os ()
++{
++ if [[ ( -z "${os}" ) && ( -z "${dist}" ) ]]; then
++ if [ -e /etc/centos-release ]; then
++ if [ -n "$(grep "RED OS" /etc/centos-release)" ]; then
++ os="redos"
++ dist=$(grep -Po "[6-9].[0-9]" /etc/centos-release)
++ else
++ os="centos"
++ dist=$(grep -Po "[6-9]" /etc/centos-release | head -1)
++ fi
++ elif [ -e /etc/os-release ]; then
++ os=$(. /etc/os-release && echo $ID)
++ # fix for UBUNTU like systems
++ os_like=$(. /etc/os-release && echo $ID_LIKE)
++ [[ $os_like = "ubuntu" ]] && os="ubuntu"
++
++ if [ $os = "debian" ]; then
++ dist=$(echo $(. /etc/os-release && echo $VERSION) | sed 's/^[[:digit:]]\+ (\(.*\))$/\1/')
++ if [ -z "$dist" ]; then
++ if grep -q "bullseye"* /etc/debian_version; then
++ dist="bullseye"
++ fi
++ fi
++ elif [ $os = "devuan" ]; then
++ # $ docker run -it dyne/devuan:chimaera grep VERSION= /etc/os-release
++ # VERSION="4 (chimaera)"
++ # $ docker run -it dyne/devuan:daedalus grep VERSION= /etc/os-release
++ # VERSION="5 (daedalus/ceres)"
++ dist=$(echo $(. /etc/os-release && echo $VERSION) | sed 's/^[[:digit:]]\+ (\([^/]*\)\(\/.*\)\?)$/\1/')
++ if [ -z "$dist" ]; then
++ if grep -q "bullseye"* /etc/debian_version; then
++ dist="bullseye"
++ fi
++ else
++ case ${dist} in
++ ascii) ddist=stretch ;;
++ beowulf) ddist=buster ;;
++ chimaera) ddist=bullseye ;;
++ daedalus) ddist=bookworm ;;
++ esac
++ dist=${ddist}
++ fi
++ os="debian"
++ elif [ $os = "ubuntu" ]; then
++ ver_id=$(. /etc/os-release && echo $VERSION_ID)
++
++ # fix for UBUNTU like systems
++ ver_codename=$(. /etc/os-release && echo $UBUNTU_CODENAME)
++ if [ ! -z "$ver_codename" ]; then
++ dist="$ver_codename"
++ elif [ $ver_id = "14.04" ]; then
++ dist="trusty"
++ elif [ $ver_id = "16.04" ]; then
++ dist="xenial"
++ elif [ $ver_id = "18.04" ]; then
++ dist="bionic"
++ elif [ $ver_id = "18.10" ]; then
++ dist="cosmic"
++ elif [ $ver_id = "19.04" ]; then
++ dist="disco"
++ elif [ $ver_id = "19.10" ]; then
++ dist="eoan"
++ elif [ $ver_id = "20.04" ]; then
++ dist="focal"
++ elif [ $ver_id = "20.10" ]; then
++ dist="groovy"
++ elif [ $ver_id = "21.04" ]; then
++ dist="hirsute"
++ elif [ $ver_id = "21.10" ]; then
++ dist="impish"
++ elif [ $ver_id = "22.04" ]; then
++ dist="jammy"
++ else
++ unsupported_os
++ fi
++ elif [ $os = "fedora" ]; then
++ dist=$(. /etc/os-release && echo $VERSION_ID)
++ elif [ $os = "amzn" ]; then
++ dist=$(. /etc/os-release && echo $VERSION_ID)
++ if [ $dist != "2" ]; then
++ unsupported_os
++ fi
++ else
++ unsupported_os
++ fi
++ else
++ unsupported_os
++ fi
++ fi
++
++ if [[ ( -z "${os}" ) || ( -z "${dist}" ) ]]; then
++ unsupported_os
++ fi
++
++ os="${os// /}"
++ dist="${dist// /}"
++
++ echo "Detected operating system as ${os}/${dist}."
++}
++
++print_new_release_policy_and_exit ()
++{
++ echo "Check out our new release policy https://github.com/tarantool/tarantool/discussions/6182"
++ exit 1
++}
++
++setup_type ()
++{
++ if [ "${repo_type}" = "release" ]; then
++ if [ "${ver}" -ge "2" ] 2> /dev/null; then
++ repo_path="release/series-"
++ else
++ repo_path="release/"
++ fi
++ elif [ "${repo_type}" = "pre-release" ]; then
++ if [ "${ver}" -ge "2" ] 2> /dev/null; then
++ repo_path="pre-release/series-"
++ else
++ echo "'pre-release' repository can be set up only with Tarantool series-N, where N = 2, 3, etc."
++ print_new_release_policy_and_exit
++ fi
++ elif [ "${repo_type}" = "live" ]; then
++ if [ "${ver}" -ge "2" ] 2> /dev/null; then
++ echo "'live' repository cannot be set up with Tarantool series-${ver}"
++ print_new_release_policy_and_exit
++ fi
++ else
++ echo "Unknown repository type '${repo_type}'"
++ print_new_release_policy_and_exit
++ fi
++}
++
++setup_ver ()
++{
++ ARCH=$(uname -m)
++ if [ "${ARCH}" = "x86_64" ] && [ "${GC64:-false}" = "true" ]; then
++ echo "GC64 will be used"
++ gc64="-gc64"
++ fi
++
++ ver="1.10"
++ ver_repo=$(echo $ver | tr . _)
++}
++
++curl_check ()
++{
++ echo
++ echo "####################"
++ echo "# Checking curl... #"
++ echo "####################"
++ if command -v curl > /dev/null; then
++ echo "Detected curl... "
++ else
++ echo "Installing curl..."
++ ${packet_manager} install -q -y curl
++ if [ "$?" -ne "0" ]; then
++ echo "Unable to install curl! Your base system has a problem; please check your default OS's package repositories because curl should work."
++ echo "Repository installation aborted."
++ exit 1
++ fi
++ fi
++}
++
++apt_update ()
++{
++ echo
++ echo "#############################"
++ echo "# Running apt-get update... #"
++ echo "#############################"
++ apt-get update
++}
++
++gpg_check ()
++{
++ echo
++ echo "#######################"
++ echo "# Checking for gpg... #"
++ echo "#######################"
++ if command -v gpg > /dev/null; then
++ echo "Detected gpg..."
++ else
++ echo "Installing gnupg for GPG verification..."
++ apt-get install -y gnupg
++ if [ "$?" -ne "0" ]; then
++ echo "Unable to install GPG! Your base system has a problem; please check your default OS's package repositories because GPG should work."
++ echo "Repository installation aborted."
++ exit 1
++ fi
++ fi
++}
++
++install_debian_keyring ()
++{
++ if [ "${os}" = "debian" ]; then
++ echo
++ echo "####################################################################"
++ echo "# Installing debian-archive-keyring which is needed for installing #"
++ echo "# apt-transport-https on many Debian systems. #"
++ echo "####################################################################"
++ apt-get install -y debian-archive-keyring
++ fi
++}
++
++install_apt ()
++{
++ export DEBIAN_FRONTEND=noninteractive
++ packet_manager="apt-get"
++ apt_update
++ curl_check
++ gpg_check
++
++ echo
++ echo "#####################################"
++ echo "# Installing apt-transport-https... #"
++ echo "#####################################"
++ apt-get install -y apt-transport-https
++
++ gpg_key_url="https://download.tarantool.org/tarantool/${repo_path}${ver}/gpgkey"
++ gpg_key_url_modules="https://download.tarantool.org/tarantool/modules/gpgkey"
++ apt_source_path="/etc/apt/sources.list.d/tarantool_${ver_repo}.list"
++
++ echo
++ echo "##################################"
++ echo "# Importing Tarantool gpg key... #"
++ echo "##################################"
++ curl -L "${gpg_key_url}" | apt-key add -
++ curl -L "${gpg_key_url_modules}" | apt-key add -
++
++ rm -f /etc/apt/sources.list.d/*tarantool*.list
++
++ # Since series-3 we use static builds and we can use one repository
++ # for all deb-based and rpm-based systems.
++ if [ "${ver}" -ge "3" ] 2> /dev/null; then
++ dist_path="${repo_path}${ver}/linux-deb"
++ dist_ver="static"
++ else
++ dist_path="${repo_path}${ver}${gc64}/${os}"
++ dist_ver="${dist}"
++ fi
++
++ echo "deb https://download.tarantool.org/tarantool/${dist_path}/ ${dist_ver} main" > ${apt_source_path}
++ echo "deb-src https://download.tarantool.org/tarantool/${dist_path}/ ${dist_ver} main" >> ${apt_source_path}
++ echo "deb https://download.tarantool.org/tarantool/modules/${os}/ ${dist} main" >> ${apt_source_path}
++ echo "deb-src https://download.tarantool.org/tarantool/modules/${os}/ ${dist} main" >> ${apt_source_path}
++ mkdir -p /etc/apt/preferences.d/
++ echo -e "Package: tarantool\nPin: origin download.tarantool.org\nPin-Priority: 1001" > /etc/apt/preferences.d/tarantool
++ echo -e "\nPackage: tarantool-common\nPin: origin download.tarantool.org\nPin-Priority: 1001" >> /etc/apt/preferences.d/tarantool
++ echo -e "\nPackage: tarantool-dev\nPin: origin download.tarantool.org\nPin-Priority: 1001" >> /etc/apt/preferences.d/tarantool
++ echo "The repository is setup! Tarantool can now be installed."
++
++ apt_update
++
++ echo
++ echo "Tarantool ${ver} is ready to be installed by 'apt-get install -y tarantool'"
++
++ if [[ ${FORCE_INSTALL_TARANTOOL:-False} = "True" ]]; then
++ apt-get -y install tarantool
++ fi
++}
++
++install_yum_repo ()
++{
++ if [[ "${os}" =~ ^(centos|amzn)$ ]]; then
++ OS_NAME="EnterpriseLinux"
++ OS_CODE="el"
++ modules_enabled="1"
++ elif [ "${os}" = "fedora" ]; then
++ OS_NAME="Fedora"
++ OS_CODE="fedora"
++ modules_enabled="1"
++ elif [ "${os}" = "redos" ]; then
++ OS_NAME="RedOS"
++ OS_CODE="redos"
++ modules_enabled="0" # for now modules for RedOS are not available
++ else
++ exit 1
++ fi
++
++ # Since series-3 we use static builds and we can use one repository
++ # for all deb-based and rpm-based systems.
++ if [ "${ver}" -ge "3" ] 2> /dev/null; then
++ repo_ver_path="${repo_path}${ver}"
++ dist_code="linux-rpm"
++ dist_ver="static"
++ source_enabled="0" # for now source packages for series-3 are not available
++ else
++ repo_ver_path="${repo_path}${ver}${gc64}"
++ dist_code="${OS_CODE}"
++ dist_ver="${dist}"
++ source_enabled="1"
++ fi
++
++ cat <<EOF > /etc/yum.repos.d/tarantool_${ver_repo}.repo
++[tarantool_${ver_repo}]
++name=${OS_NAME}-${dist} - Tarantool
++baseurl=https://download.tarantool.org/tarantool/${repo_ver_path}/${dist_code}/${dist_ver}/${ARCH}/
++gpgkey=https://download.tarantool.org/tarantool/${repo_ver_path}/gpgkey
++repo_gpgcheck=1
++gpgcheck=0
++enabled=1
++priority=1
++
++[tarantool_${ver_repo}-source]
++name=${OS_NAME}-${dist} - Tarantool Sources
++baseurl=https://download.tarantool.org/tarantool/${repo_ver_path}/${dist_code}/${dist_ver}/SRPMS
++gpgkey=https://download.tarantool.org/tarantool/${repo_ver_path}/gpgkey
++repo_gpgcheck=1
++gpgcheck=0
++enabled=${source_enabled}
++priority=1
++
++[tarantool_modules]
++name=${OS_NAME}-${dist} - Tarantool
++baseurl=https://download.tarantool.org/tarantool/modules/${OS_CODE}/${dist}/${ARCH}/
++gpgkey=https://download.tarantool.org/tarantool/modules/gpgkey
++repo_gpgcheck=1
++gpgcheck=0
++enabled=${modules_enabled}
++priority=1
++
++[tarantool_modules-source]
++name=${OS_NAME}-${dist} - Tarantool Sources
++baseurl=https://download.tarantool.org/tarantool/modules/${OS_CODE}/${dist}/SRPMS
++gpgkey=https://download.tarantool.org/tarantool/modules/gpgkey
++repo_gpgcheck=1
++gpgcheck=0
++enabled=${modules_enabled}
++EOF
++}
++
++install_yum ()
++{
++ echo
++ echo "#########################"
++ echo "# Cleaning yum cache... #"
++ echo "#########################"
++ yum clean all
++
++ if [ $os = "centos" ] || [ $os = "amzn" ]; then
++ echo
++ echo "#################################"
++ echo "# Installing EPEL repository... #"
++ echo "#################################"
++
++ if [ $dist = 6 ]; then
++ curl https://www.getpagespeed.com/files/centos6-eol.repo --output /etc/yum.repos.d/CentOS-Base.repo
++ yum install -y epel-release
++ else
++ yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-${dist}.noarch.rpm
++ fi
++
++ if [ $dist != 8 ]; then
++ yum -y install yum-priorities
++ fi
++
++ echo
++ echo "#####################################"
++ echo "# Setting up tarantool EPEL repo... #"
++ echo "#####################################"
++ if [ -e /etc/yum.repos.d/epel.repo ]; then
++ sed 's/enabled=.*/enabled=1/g' -i /etc/yum.repos.d/epel.repo
++ fi
++ fi
++
++ rm -f /etc/yum.repos.d/*tarantool*.repo && \
++ install_yum_repo
++
++ echo
++ echo "########################"
++ echo "# Updating metadata... #"
++ echo "########################"
++ if [ $os = "centos" ] || [ $os = "amzn" ]; then
++ yum makecache -y --disablerepo='*' --enablerepo="tarantool_${ver_repo}" --enablerepo="tarantool_modules" --enablerepo='epel'
++ elif [ $os = "redos" ]; then
++ # RedOS doesn't support epel repo
++ yum makecache -y --disablerepo='*' --enablerepo="tarantool_${ver_repo}"
++ else
++ unsupported_os
++ fi
++
++ echo
++ echo "Tarantool ${ver} is ready to be installed by 'yum install -y tarantool'"
++
++ if [[ ${FORCE_INSTALL_TARANTOOL:-False} = "True" ]]; then
++ yum -y install tarantool
++ fi
++
++}
++
++install_dnf ()
++{
++ dnf clean all
++
++ rm -f /etc/yum.repos.d/*tarantool*.repo
++ install_yum_repo
++
++ echo
++ echo "########################"
++ echo "# Updating metadata... #"
++ echo "########################"
++ if [ $os = "redos" ]; then
++ # RedOS doesn't support tarantool_modules repo
++ dnf -q makecache -y --disablerepo='*' --enablerepo="tarantool_${ver_repo}"
++ else
++ dnf -q makecache -y --disablerepo='*' --enablerepo="tarantool_${ver_repo}" --enablerepo="tarantool_modules"
++ fi
++
++ echo "Tarantool ${ver} is ready to be installed by 'dnf install -y tarantool'"
++
++ if [[ ${FORCE_INSTALL_TARANTOOL:-False} = "True" ]]; then
++ yum -y install tarantool
++ fi
++
++}
++
++main ()
++{
++ detect_os
++ setup_ver
++ setup_type
++ if [ ${os} = "centos" ] && [[ ${dist} =~ ^(6|7|8)$ ]]; then
++ echo
++ echo "################################"
++ echo "# Setting up yum repository... #"
++ echo "################################"
++ install_yum
++ elif [ ${os} = "amzn" ] && [[ ${dist} = 2 ]]; then
++ echo "Setting up yum repository... "
++ dist=7
++ install_yum
++ elif [ ${os} = "redos" ] && [[ ${dist} = "7.3" ]]; then
++ echo "Setting up yum repository... "
++ install_dnf
++ elif [ ${os} = "fedora" ] && [[ ${dist} =~ ^(28|29|30|31|32|33|34|35|36|37|38)$ ]]; then
++ echo "Setting up yum repository..."
++ install_dnf
++ elif ( [ ${os} = "debian" ] && [[ ${dist} =~ ^(jessie|stretch|buster|bullseye|bookworm)$ ]] ) ||
++ ( [ ${os} = "ubuntu" ] && [[ ${dist} =~ ^(trusty|xenial|bionic|cosmic|disco|eoan|focal|groovy|hirsute|impish|jammy)$ ]] ); then
++
++ echo
++ echo "################################"
++ echo "# Setting up apt repository... #"
++ echo "################################"
++ install_apt
++ else
++ unsupported_os
++ fi
++}
++
++main
diff --git a/certification_patches/curl_libssh2.patch b/certification_patches/curl_libssh2.patch
new file mode 100644
index 0000000000..e9c14c91b0
--- /dev/null
+++ b/certification_patches/curl_libssh2.patch
@@ -0,0 +1,17 @@
+diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
+index ce9229f8f..4aef2ae70 100644
+--- a/lib/vssh/libssh2.c
++++ b/lib/vssh/libssh2.c
+@@ -723,11 +723,11 @@ static CURLcode ssh_check_fingerprint(struct Curl_easy *data)
+ */
+ if((pub_pos != b64_pos) ||
+ strncmp(fingerprint_b64, pubkey_sha256, pub_pos)) {
+- free(fingerprint_b64);
+
+ failf(data,
+ "Denied establishing ssh session: mismatch sha256 fingerprint. "
+ "Remote %s is not equal to %s", fingerprint_b64, pubkey_sha256);
++ free(fingerprint_b64);
+ state(data, SSH_SESSION_FREE);
+ sshc->actualcode = CURLE_PEER_FAILED_VERIFICATION;
+ return sshc->actualcode;
diff --git a/certification_patches/curl_tool_dirhie.patch b/certification_patches/curl_tool_dirhie.patch
new file mode 100644
index 0000000000..58718467a0
--- /dev/null
+++ b/certification_patches/curl_tool_dirhie.patch
@@ -0,0 +1,19 @@
+diff --git a/src/tool_dirhie.c b/src/tool_dirhie.c
+index d80623e25..9e32c2f96 100644
+--- a/src/tool_dirhie.c
++++ b/src/tool_dirhie.c
+@@ -118,11 +118,12 @@ CURLcode create_dir_hierarchy(const char *outfile, FILE *errors)
+
+ /* Allow strtok() here since this isn't used threaded */
+ /* !checksrc! disable BANNEDFUNC 2 */
+- tempdir = strtok(outdup, PATH_DELIMITERS);
++ char *saveptr = NULL;
++ tempdir = strtok_r(outdup, PATH_DELIMITERS, &saveptr);
+
+ while(tempdir) {
+ bool skip = false;
+- tempdir2 = strtok(NULL, PATH_DELIMITERS);
++ tempdir2 = strtok_r(NULL, PATH_DELIMITERS, saveptr);
+ /* since strtok returns a token for the last word even
+ if not ending with DIR_CHAR, we need to prune it */
+ if(tempdir2) {
diff --git a/certification_patches/curl_tool_getparam.patch b/certification_patches/curl_tool_getparam.patch
new file mode 100644
index 0000000000..0c125eef38
--- /dev/null
+++ b/certification_patches/curl_tool_getparam.patch
@@ -0,0 +1,24 @@
+diff --git a/src/tool_getparam.c b/src/tool_getparam.c
+index 0beb94572..4c91212e4 100644
+--- a/src/tool_getparam.c
++++ b/src/tool_getparam.c
+@@ -2008,7 +2008,8 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
+ if(!err && string) {
+ /* Allow strtok() here since this isn't used threaded */
+ /* !checksrc! disable BANNEDFUNC 2 */
+- char *h = strtok(string, "\r\n");
++ char *saveptr = NULL;
++ char *h = strtok_r(string, "\r\n", &saveptr);
+ while(h) {
+ if(subletter == 'p') /* --proxy-header */
+ err = add2list(&config->proxyheaders, h);
+@@ -2016,7 +2017,8 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
+ err = add2list(&config->headers, h);
+ if(err)
+ break;
+- h = strtok(NULL, "\r\n");
++ char *saveptr = NULL;
++ h = strtok_r(NULL, "\r\n", &saveptr);
+ }
+ free(string);
+ }
diff --git a/certification_patches/curl_tool_paramhlp.patch b/certification_patches/curl_tool_paramhlp.patch
new file mode 100644
index 0000000000..084cce7e9c
--- /dev/null
+++ b/certification_patches/curl_tool_paramhlp.patch
@@ -0,0 +1,17 @@
+diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c
+index c4fd0a192..50b6204a7 100644
+--- a/src/tool_paramhlp.c
++++ b/src/tool_paramhlp.c
+@@ -362,9 +362,10 @@ ParameterError proto2num(struct OperationConfig *config,
+
+ /* Allow strtok() here since this isn't used threaded */
+ /* !checksrc! disable BANNEDFUNC 2 */
+- for(token = strtok(buffer, sep);
++ char *saveptr = NULL;
++ for(token = strtok_r(buffer, sep, &saveptr);
+ token;
+- token = strtok(NULL, sep)) {
++ token = strtok_r(NULL, sep, &saveptr)) {
+ enum e_action { allow, deny, set } action = allow;
+
+ /* Process token modifiers */
diff --git a/certification_patches/http_debian_pribuild.patch b/certification_patches/http_debian_pribuild.patch
new file mode 100644
index 0000000000..0d887ac58a
--- /dev/null
+++ b/certification_patches/http_debian_pribuild.patch
@@ -0,0 +1,478 @@
+diff --git a/debian/prebuild.sh b/debian/prebuild.sh
+index ecc64d2..e0ed466 100755
+--- a/debian/prebuild.sh
++++ b/debian/prebuild.sh
+@@ -1,5 +1,471 @@
+ #!/usr/bin/env bash
+
+-set -e -o pipefail
++# Simply the code from https://www.tarantool.io/release/1.10/installer.sh instead of piping it directly into bash
++set -o pipefail
+
+-curl -LsSf https://www.tarantool.io/release/1.10/installer.sh | sudo bash
++if [ $EUID != 0 ]; then
++ sudo "$0" "$@"
++ exit $?
++fi
++
++repo_type="release"
++repo_path=""
++gc64=""
++
++unsupported_os ()
++{
++ echo "Unfortunately, your operating system is not supported by this script."
++ exit 1
++}
++
++detect_os ()
++{
++ if [[ ( -z "${os}" ) && ( -z "${dist}" ) ]]; then
++ if [ -e /etc/centos-release ]; then
++ if [ -n "$(grep "RED OS" /etc/centos-release)" ]; then
++ os="redos"
++ dist=$(grep -Po "[6-9].[0-9]" /etc/centos-release)
++ else
++ os="centos"
++ dist=$(grep -Po "[6-9]" /etc/centos-release | head -1)
++ fi
++ elif [ -e /etc/os-release ]; then
++ os=$(. /etc/os-release && echo $ID)
++ # fix for UBUNTU like systems
++ os_like=$(. /etc/os-release && echo $ID_LIKE)
++ [[ $os_like = "ubuntu" ]] && os="ubuntu"
++
++ if [ $os = "debian" ]; then
++ dist=$(echo $(. /etc/os-release && echo $VERSION) | sed 's/^[[:digit:]]\+ (\(.*\))$/\1/')
++ if [ -z "$dist" ]; then
++ if grep -q "bullseye"* /etc/debian_version; then
++ dist="bullseye"
++ fi
++ fi
++ elif [ $os = "devuan" ]; then
++ # $ docker run -it dyne/devuan:chimaera grep VERSION= /etc/os-release
++ # VERSION="4 (chimaera)"
++ # $ docker run -it dyne/devuan:daedalus grep VERSION= /etc/os-release
++ # VERSION="5 (daedalus/ceres)"
++ dist=$(echo $(. /etc/os-release && echo $VERSION) | sed 's/^[[:digit:]]\+ (\([^/]*\)\(\/.*\)\?)$/\1/')
++ if [ -z "$dist" ]; then
++ if grep -q "bullseye"* /etc/debian_version; then
++ dist="bullseye"
++ fi
++ else
++ case ${dist} in
++ ascii) ddist=stretch ;;
++ beowulf) ddist=buster ;;
++ chimaera) ddist=bullseye ;;
++ daedalus) ddist=bookworm ;;
++ esac
++ dist=${ddist}
++ fi
++ os="debian"
++ elif [ $os = "ubuntu" ]; then
++ ver_id=$(. /etc/os-release && echo $VERSION_ID)
++
++ # fix for UBUNTU like systems
++ ver_codename=$(. /etc/os-release && echo $UBUNTU_CODENAME)
++ if [ ! -z "$ver_codename" ]; then
++ dist="$ver_codename"
++ elif [ $ver_id = "14.04" ]; then
++ dist="trusty"
++ elif [ $ver_id = "16.04" ]; then
++ dist="xenial"
++ elif [ $ver_id = "18.04" ]; then
++ dist="bionic"
++ elif [ $ver_id = "18.10" ]; then
++ dist="cosmic"
++ elif [ $ver_id = "19.04" ]; then
++ dist="disco"
++ elif [ $ver_id = "19.10" ]; then
++ dist="eoan"
++ elif [ $ver_id = "20.04" ]; then
++ dist="focal"
++ elif [ $ver_id = "20.10" ]; then
++ dist="groovy"
++ elif [ $ver_id = "21.04" ]; then
++ dist="hirsute"
++ elif [ $ver_id = "21.10" ]; then
++ dist="impish"
++ elif [ $ver_id = "22.04" ]; then
++ dist="jammy"
++ else
++ unsupported_os
++ fi
++ elif [ $os = "fedora" ]; then
++ dist=$(. /etc/os-release && echo $VERSION_ID)
++ elif [ $os = "amzn" ]; then
++ dist=$(. /etc/os-release && echo $VERSION_ID)
++ if [ $dist != "2" ]; then
++ unsupported_os
++ fi
++ else
++ unsupported_os
++ fi
++ else
++ unsupported_os
++ fi
++ fi
++
++ if [[ ( -z "${os}" ) || ( -z "${dist}" ) ]]; then
++ unsupported_os
++ fi
++
++ os="${os// /}"
++ dist="${dist// /}"
++
++ echo "Detected operating system as ${os}/${dist}."
++}
++
++print_new_release_policy_and_exit ()
++{
++ echo "Check out our new release policy https://github.com/tarantool/tarantool/discussions/6182"
++ exit 1
++}
++
++setup_type ()
++{
++ if [ "${repo_type}" = "release" ]; then
++ if [ "${ver}" -ge "2" ] 2> /dev/null; then
++ repo_path="release/series-"
++ else
++ repo_path="release/"
++ fi
++ elif [ "${repo_type}" = "pre-release" ]; then
++ if [ "${ver}" -ge "2" ] 2> /dev/null; then
++ repo_path="pre-release/series-"
++ else
++ echo "'pre-release' repository can be set up only with Tarantool series-N, where N = 2, 3, etc."
++ print_new_release_policy_and_exit
++ fi
++ elif [ "${repo_type}" = "live" ]; then
++ if [ "${ver}" -ge "2" ] 2> /dev/null; then
++ echo "'live' repository cannot be set up with Tarantool series-${ver}"
++ print_new_release_policy_and_exit
++ fi
++ else
++ echo "Unknown repository type '${repo_type}'"
++ print_new_release_policy_and_exit
++ fi
++}
++
++setup_ver ()
++{
++ ARCH=$(uname -m)
++ if [ "${ARCH}" = "x86_64" ] && [ "${GC64:-false}" = "true" ]; then
++ echo "GC64 will be used"
++ gc64="-gc64"
++ fi
++
++ ver="1.10"
++ ver_repo=$(echo $ver | tr . _)
++}
++
++curl_check ()
++{
++ echo
++ echo "####################"
++ echo "# Checking curl... #"
++ echo "####################"
++ if command -v curl > /dev/null; then
++ echo "Detected curl... "
++ else
++ echo "Installing curl..."
++ ${packet_manager} install -q -y curl
++ if [ "$?" -ne "0" ]; then
++ echo "Unable to install curl! Your base system has a problem; please check your default OS's package repositories because curl should work."
++ echo "Repository installation aborted."
++ exit 1
++ fi
++ fi
++}
++
++apt_update ()
++{
++ echo
++ echo "#############################"
++ echo "# Running apt-get update... #"
++ echo "#############################"
++ apt-get update
++}
++
++gpg_check ()
++{
++ echo
++ echo "#######################"
++ echo "# Checking for gpg... #"
++ echo "#######################"
++ if command -v gpg > /dev/null; then
++ echo "Detected gpg..."
++ else
++ echo "Installing gnupg for GPG verification..."
++ apt-get install -y gnupg
++ if [ "$?" -ne "0" ]; then
++ echo "Unable to install GPG! Your base system has a problem; please check your default OS's package repositories because GPG should work."
++ echo "Repository installation aborted."
++ exit 1
++ fi
++ fi
++}
++
++install_debian_keyring ()
++{
++ if [ "${os}" = "debian" ]; then
++ echo
++ echo "####################################################################"
++ echo "# Installing debian-archive-keyring which is needed for installing #"
++ echo "# apt-transport-https on many Debian systems. #"
++ echo "####################################################################"
++ apt-get install -y debian-archive-keyring
++ fi
++}
++
++install_apt ()
++{
++ export DEBIAN_FRONTEND=noninteractive
++ packet_manager="apt-get"
++ apt_update
++ curl_check
++ gpg_check
++
++ echo
++ echo "#####################################"
++ echo "# Installing apt-transport-https... #"
++ echo "#####################################"
++ apt-get install -y apt-transport-https
++
++ gpg_key_url="https://download.tarantool.org/tarantool/${repo_path}${ver}/gpgkey"
++ gpg_key_url_modules="https://download.tarantool.org/tarantool/modules/gpgkey"
++ apt_source_path="/etc/apt/sources.list.d/tarantool_${ver_repo}.list"
++
++ echo
++ echo "##################################"
++ echo "# Importing Tarantool gpg key... #"
++ echo "##################################"
++ curl -L "${gpg_key_url}" | apt-key add -
++ curl -L "${gpg_key_url_modules}" | apt-key add -
++
++ rm -f /etc/apt/sources.list.d/*tarantool*.list
++
++ # Since series-3 we use static builds and we can use one repository
++ # for all deb-based and rpm-based systems.
++ if [ "${ver}" -ge "3" ] 2> /dev/null; then
++ dist_path="${repo_path}${ver}/linux-deb"
++ dist_ver="static"
++ else
++ dist_path="${repo_path}${ver}${gc64}/${os}"
++ dist_ver="${dist}"
++ fi
++
++ echo "deb https://download.tarantool.org/tarantool/${dist_path}/ ${dist_ver} main" > ${apt_source_path}
++ echo "deb-src https://download.tarantool.org/tarantool/${dist_path}/ ${dist_ver} main" >> ${apt_source_path}
++ echo "deb https://download.tarantool.org/tarantool/modules/${os}/ ${dist} main" >> ${apt_source_path}
++ echo "deb-src https://download.tarantool.org/tarantool/modules/${os}/ ${dist} main" >> ${apt_source_path}
++ mkdir -p /etc/apt/preferences.d/
++ echo -e "Package: tarantool\nPin: origin download.tarantool.org\nPin-Priority: 1001" > /etc/apt/preferences.d/tarantool
++ echo -e "\nPackage: tarantool-common\nPin: origin download.tarantool.org\nPin-Priority: 1001" >> /etc/apt/preferences.d/tarantool
++ echo -e "\nPackage: tarantool-dev\nPin: origin download.tarantool.org\nPin-Priority: 1001" >> /etc/apt/preferences.d/tarantool
++ echo "The repository is setup! Tarantool can now be installed."
++
++ apt_update
++
++ echo
++ echo "Tarantool ${ver} is ready to be installed by 'apt-get install -y tarantool'"
++
++ if [[ ${FORCE_INSTALL_TARANTOOL:-False} = "True" ]]; then
++ apt-get -y install tarantool
++ fi
++}
++
++install_yum_repo ()
++{
++ if [[ "${os}" =~ ^(centos|amzn)$ ]]; then
++ OS_NAME="EnterpriseLinux"
++ OS_CODE="el"
++ modules_enabled="1"
++ elif [ "${os}" = "fedora" ]; then
++ OS_NAME="Fedora"
++ OS_CODE="fedora"
++ modules_enabled="1"
++ elif [ "${os}" = "redos" ]; then
++ OS_NAME="RedOS"
++ OS_CODE="redos"
++ modules_enabled="0" # for now modules for RedOS are not available
++ else
++ exit 1
++ fi
++
++ # Since series-3 we use static builds and we can use one repository
++ # for all deb-based and rpm-based systems.
++ if [ "${ver}" -ge "3" ] 2> /dev/null; then
++ repo_ver_path="${repo_path}${ver}"
++ dist_code="linux-rpm"
++ dist_ver="static"
++ source_enabled="0" # for now source packages for series-3 are not available
++ else
++ repo_ver_path="${repo_path}${ver}${gc64}"
++ dist_code="${OS_CODE}"
++ dist_ver="${dist}"
++ source_enabled="1"
++ fi
++
++ cat <<EOF > /etc/yum.repos.d/tarantool_${ver_repo}.repo
++[tarantool_${ver_repo}]
++name=${OS_NAME}-${dist} - Tarantool
++baseurl=https://download.tarantool.org/tarantool/${repo_ver_path}/${dist_code}/${dist_ver}/${ARCH}/
++gpgkey=https://download.tarantool.org/tarantool/${repo_ver_path}/gpgkey
++repo_gpgcheck=1
++gpgcheck=0
++enabled=1
++priority=1
++
++[tarantool_${ver_repo}-source]
++name=${OS_NAME}-${dist} - Tarantool Sources
++baseurl=https://download.tarantool.org/tarantool/${repo_ver_path}/${dist_code}/${dist_ver}/SRPMS
++gpgkey=https://download.tarantool.org/tarantool/${repo_ver_path}/gpgkey
++repo_gpgcheck=1
++gpgcheck=0
++enabled=${source_enabled}
++priority=1
++
++[tarantool_modules]
++name=${OS_NAME}-${dist} - Tarantool
++baseurl=https://download.tarantool.org/tarantool/modules/${OS_CODE}/${dist}/${ARCH}/
++gpgkey=https://download.tarantool.org/tarantool/modules/gpgkey
++repo_gpgcheck=1
++gpgcheck=0
++enabled=${modules_enabled}
++priority=1
++
++[tarantool_modules-source]
++name=${OS_NAME}-${dist} - Tarantool Sources
++baseurl=https://download.tarantool.org/tarantool/modules/${OS_CODE}/${dist}/SRPMS
++gpgkey=https://download.tarantool.org/tarantool/modules/gpgkey
++repo_gpgcheck=1
++gpgcheck=0
++enabled=${modules_enabled}
++EOF
++}
++
++install_yum ()
++{
++ echo
++ echo "#########################"
++ echo "# Cleaning yum cache... #"
++ echo "#########################"
++ yum clean all
++
++ if [ $os = "centos" ] || [ $os = "amzn" ]; then
++ echo
++ echo "#################################"
++ echo "# Installing EPEL repository... #"
++ echo "#################################"
++
++ if [ $dist = 6 ]; then
++ curl https://www.getpagespeed.com/files/centos6-eol.repo --output /etc/yum.repos.d/CentOS-Base.repo
++ yum install -y epel-release
++ else
++ yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-${dist}.noarch.rpm
++ fi
++
++ if [ $dist != 8 ]; then
++ yum -y install yum-priorities
++ fi
++
++ echo
++ echo "#####################################"
++ echo "# Setting up tarantool EPEL repo... #"
++ echo "#####################################"
++ if [ -e /etc/yum.repos.d/epel.repo ]; then
++ sed 's/enabled=.*/enabled=1/g' -i /etc/yum.repos.d/epel.repo
++ fi
++ fi
++
++ rm -f /etc/yum.repos.d/*tarantool*.repo && \
++ install_yum_repo
++
++ echo
++ echo "########################"
++ echo "# Updating metadata... #"
++ echo "########################"
++ if [ $os = "centos" ] || [ $os = "amzn" ]; then
++ yum makecache -y --disablerepo='*' --enablerepo="tarantool_${ver_repo}" --enablerepo="tarantool_modules" --enablerepo='epel'
++ elif [ $os = "redos" ]; then
++ # RedOS doesn't support epel repo
++ yum makecache -y --disablerepo='*' --enablerepo="tarantool_${ver_repo}"
++ else
++ unsupported_os
++ fi
++
++ echo
++ echo "Tarantool ${ver} is ready to be installed by 'yum install -y tarantool'"
++
++ if [[ ${FORCE_INSTALL_TARANTOOL:-False} = "True" ]]; then
++ yum -y install tarantool
++ fi
++
++}
++
++install_dnf ()
++{
++ dnf clean all
++
++ rm -f /etc/yum.repos.d/*tarantool*.repo
++ install_yum_repo
++
++ echo
++ echo "########################"
++ echo "# Updating metadata... #"
++ echo "########################"
++ if [ $os = "redos" ]; then
++ # RedOS doesn't support tarantool_modules repo
++ dnf -q makecache -y --disablerepo='*' --enablerepo="tarantool_${ver_repo}"
++ else
++ dnf -q makecache -y --disablerepo='*' --enablerepo="tarantool_${ver_repo}" --enablerepo="tarantool_modules"
++ fi
++
++ echo "Tarantool ${ver} is ready to be installed by 'dnf install -y tarantool'"
++
++ if [[ ${FORCE_INSTALL_TARANTOOL:-False} = "True" ]]; then
++ yum -y install tarantool
++ fi
++
++}
++
++main ()
++{
++ detect_os
++ setup_ver
++ setup_type
++ if [ ${os} = "centos" ] && [[ ${dist} =~ ^(6|7|8)$ ]]; then
++ echo
++ echo "################################"
++ echo "# Setting up yum repository... #"
++ echo "################################"
++ install_yum
++ elif [ ${os} = "amzn" ] && [[ ${dist} = 2 ]]; then
++ echo "Setting up yum repository... "
++ dist=7
++ install_yum
++ elif [ ${os} = "redos" ] && [[ ${dist} = "7.3" ]]; then
++ echo "Setting up yum repository... "
++ install_dnf
++ elif [ ${os} = "fedora" ] && [[ ${dist} =~ ^(28|29|30|31|32|33|34|35|36|37|38)$ ]]; then
++ echo "Setting up yum repository..."
++ install_dnf
++ elif ( [ ${os} = "debian" ] && [[ ${dist} =~ ^(jessie|stretch|buster|bullseye|bookworm)$ ]] ) ||
++ ( [ ${os} = "ubuntu" ] && [[ ${dist} =~ ^(trusty|xenial|bionic|cosmic|disco|eoan|focal|groovy|hirsute|impish|jammy)$ ]] ); then
++
++ echo
++ echo "################################"
++ echo "# Setting up apt repository... #"
++ echo "################################"
++ install_apt
++ else
++ unsupported_os
++ fi
++}
++
++main
diff --git a/certification_patches/http_rpm_prebuild.patch b/certification_patches/http_rpm_prebuild.patch
new file mode 100644
index 0000000000..e007301512
--- /dev/null
+++ b/certification_patches/http_rpm_prebuild.patch
@@ -0,0 +1,478 @@
+diff --git a/rpm/prebuild.sh b/rpm/prebuild.sh
+index ecc64d2..e0ed466 100755
+--- a/rpm/prebuild.sh
++++ b/rpm/prebuild.sh
+@@ -1,5 +1,471 @@
+ #!/usr/bin/env bash
+
+-set -e -o pipefail
++# Simply the code from https://www.tarantool.io/release/1.10/installer.sh instead of piping it directly into bash
++set -o pipefail
+
+-curl -LsSf https://www.tarantool.io/release/1.10/installer.sh | sudo bash
++if [ $EUID != 0 ]; then
++ sudo "$0" "$@"
++ exit $?
++fi
++
++repo_type="release"
++repo_path=""
++gc64=""
++
++unsupported_os ()
++{
++ echo "Unfortunately, your operating system is not supported by this script."
++ exit 1
++}
++
++detect_os ()
++{
++ if [[ ( -z "${os}" ) && ( -z "${dist}" ) ]]; then
++ if [ -e /etc/centos-release ]; then
++ if [ -n "$(grep "RED OS" /etc/centos-release)" ]; then
++ os="redos"
++ dist=$(grep -Po "[6-9].[0-9]" /etc/centos-release)
++ else
++ os="centos"
++ dist=$(grep -Po "[6-9]" /etc/centos-release | head -1)
++ fi
++ elif [ -e /etc/os-release ]; then
++ os=$(. /etc/os-release && echo $ID)
++ # fix for UBUNTU like systems
++ os_like=$(. /etc/os-release && echo $ID_LIKE)
++ [[ $os_like = "ubuntu" ]] && os="ubuntu"
++
++ if [ $os = "debian" ]; then
++ dist=$(echo $(. /etc/os-release && echo $VERSION) | sed 's/^[[:digit:]]\+ (\(.*\))$/\1/')
++ if [ -z "$dist" ]; then
++ if grep -q "bullseye"* /etc/debian_version; then
++ dist="bullseye"
++ fi
++ fi
++ elif [ $os = "devuan" ]; then
++ # $ docker run -it dyne/devuan:chimaera grep VERSION= /etc/os-release
++ # VERSION="4 (chimaera)"
++ # $ docker run -it dyne/devuan:daedalus grep VERSION= /etc/os-release
++ # VERSION="5 (daedalus/ceres)"
++ dist=$(echo $(. /etc/os-release && echo $VERSION) | sed 's/^[[:digit:]]\+ (\([^/]*\)\(\/.*\)\?)$/\1/')
++ if [ -z "$dist" ]; then
++ if grep -q "bullseye"* /etc/debian_version; then
++ dist="bullseye"
++ fi
++ else
++ case ${dist} in
++ ascii) ddist=stretch ;;
++ beowulf) ddist=buster ;;
++ chimaera) ddist=bullseye ;;
++ daedalus) ddist=bookworm ;;
++ esac
++ dist=${ddist}
++ fi
++ os="debian"
++ elif [ $os = "ubuntu" ]; then
++ ver_id=$(. /etc/os-release && echo $VERSION_ID)
++
++ # fix for UBUNTU like systems
++ ver_codename=$(. /etc/os-release && echo $UBUNTU_CODENAME)
++ if [ ! -z "$ver_codename" ]; then
++ dist="$ver_codename"
++ elif [ $ver_id = "14.04" ]; then
++ dist="trusty"
++ elif [ $ver_id = "16.04" ]; then
++ dist="xenial"
++ elif [ $ver_id = "18.04" ]; then
++ dist="bionic"
++ elif [ $ver_id = "18.10" ]; then
++ dist="cosmic"
++ elif [ $ver_id = "19.04" ]; then
++ dist="disco"
++ elif [ $ver_id = "19.10" ]; then
++ dist="eoan"
++ elif [ $ver_id = "20.04" ]; then
++ dist="focal"
++ elif [ $ver_id = "20.10" ]; then
++ dist="groovy"
++ elif [ $ver_id = "21.04" ]; then
++ dist="hirsute"
++ elif [ $ver_id = "21.10" ]; then
++ dist="impish"
++ elif [ $ver_id = "22.04" ]; then
++ dist="jammy"
++ else
++ unsupported_os
++ fi
++ elif [ $os = "fedora" ]; then
++ dist=$(. /etc/os-release && echo $VERSION_ID)
++ elif [ $os = "amzn" ]; then
++ dist=$(. /etc/os-release && echo $VERSION_ID)
++ if [ $dist != "2" ]; then
++ unsupported_os
++ fi
++ else
++ unsupported_os
++ fi
++ else
++ unsupported_os
++ fi
++ fi
++
++ if [[ ( -z "${os}" ) || ( -z "${dist}" ) ]]; then
++ unsupported_os
++ fi
++
++ os="${os// /}"
++ dist="${dist// /}"
++
++ echo "Detected operating system as ${os}/${dist}."
++}
++
++print_new_release_policy_and_exit ()
++{
++ echo "Check out our new release policy https://github.com/tarantool/tarantool/discussions/6182"
++ exit 1
++}
++
++setup_type ()
++{
++ if [ "${repo_type}" = "release" ]; then
++ if [ "${ver}" -ge "2" ] 2> /dev/null; then
++ repo_path="release/series-"
++ else
++ repo_path="release/"
++ fi
++ elif [ "${repo_type}" = "pre-release" ]; then
++ if [ "${ver}" -ge "2" ] 2> /dev/null; then
++ repo_path="pre-release/series-"
++ else
++ echo "'pre-release' repository can be set up only with Tarantool series-N, where N = 2, 3, etc."
++ print_new_release_policy_and_exit
++ fi
++ elif [ "${repo_type}" = "live" ]; then
++ if [ "${ver}" -ge "2" ] 2> /dev/null; then
++ echo "'live' repository cannot be set up with Tarantool series-${ver}"
++ print_new_release_policy_and_exit
++ fi
++ else
++ echo "Unknown repository type '${repo_type}'"
++ print_new_release_policy_and_exit
++ fi
++}
++
++setup_ver ()
++{
++ ARCH=$(uname -m)
++ if [ "${ARCH}" = "x86_64" ] && [ "${GC64:-false}" = "true" ]; then
++ echo "GC64 will be used"
++ gc64="-gc64"
++ fi
++
++ ver="1.10"
++ ver_repo=$(echo $ver | tr . _)
++}
++
++curl_check ()
++{
++ echo
++ echo "####################"
++ echo "# Checking curl... #"
++ echo "####################"
++ if command -v curl > /dev/null; then
++ echo "Detected curl... "
++ else
++ echo "Installing curl..."
++ ${packet_manager} install -q -y curl
++ if [ "$?" -ne "0" ]; then
++ echo "Unable to install curl! Your base system has a problem; please check your default OS's package repositories because curl should work."
++ echo "Repository installation aborted."
++ exit 1
++ fi
++ fi
++}
++
++apt_update ()
++{
++ echo
++ echo "#############################"
++ echo "# Running apt-get update... #"
++ echo "#############################"
++ apt-get update
++}
++
++gpg_check ()
++{
++ echo
++ echo "#######################"
++ echo "# Checking for gpg... #"
++ echo "#######################"
++ if command -v gpg > /dev/null; then
++ echo "Detected gpg..."
++ else
++ echo "Installing gnupg for GPG verification..."
++ apt-get install -y gnupg
++ if [ "$?" -ne "0" ]; then
++ echo "Unable to install GPG! Your base system has a problem; please check your default OS's package repositories because GPG should work."
++ echo "Repository installation aborted."
++ exit 1
++ fi
++ fi
++}
++
++install_debian_keyring ()
++{
++ if [ "${os}" = "debian" ]; then
++ echo
++ echo "####################################################################"
++ echo "# Installing debian-archive-keyring which is needed for installing #"
++ echo "# apt-transport-https on many Debian systems. #"
++ echo "####################################################################"
++ apt-get install -y debian-archive-keyring
++ fi
++}
++
++install_apt ()
++{
++ export DEBIAN_FRONTEND=noninteractive
++ packet_manager="apt-get"
++ apt_update
++ curl_check
++ gpg_check
++
++ echo
++ echo "#####################################"
++ echo "# Installing apt-transport-https... #"
++ echo "#####################################"
++ apt-get install -y apt-transport-https
++
++ gpg_key_url="https://download.tarantool.org/tarantool/${repo_path}${ver}/gpgkey"
++ gpg_key_url_modules="https://download.tarantool.org/tarantool/modules/gpgkey"
++ apt_source_path="/etc/apt/sources.list.d/tarantool_${ver_repo}.list"
++
++ echo
++ echo "##################################"
++ echo "# Importing Tarantool gpg key... #"
++ echo "##################################"
++ curl -L "${gpg_key_url}" | apt-key add -
++ curl -L "${gpg_key_url_modules}" | apt-key add -
++
++ rm -f /etc/apt/sources.list.d/*tarantool*.list
++
++ # Since series-3 we use static builds and we can use one repository
++ # for all deb-based and rpm-based systems.
++ if [ "${ver}" -ge "3" ] 2> /dev/null; then
++ dist_path="${repo_path}${ver}/linux-deb"
++ dist_ver="static"
++ else
++ dist_path="${repo_path}${ver}${gc64}/${os}"
++ dist_ver="${dist}"
++ fi
++
++ echo "deb https://download.tarantool.org/tarantool/${dist_path}/ ${dist_ver} main" > ${apt_source_path}
++ echo "deb-src https://download.tarantool.org/tarantool/${dist_path}/ ${dist_ver} main" >> ${apt_source_path}
++ echo "deb https://download.tarantool.org/tarantool/modules/${os}/ ${dist} main" >> ${apt_source_path}
++ echo "deb-src https://download.tarantool.org/tarantool/modules/${os}/ ${dist} main" >> ${apt_source_path}
++ mkdir -p /etc/apt/preferences.d/
++ echo -e "Package: tarantool\nPin: origin download.tarantool.org\nPin-Priority: 1001" > /etc/apt/preferences.d/tarantool
++ echo -e "\nPackage: tarantool-common\nPin: origin download.tarantool.org\nPin-Priority: 1001" >> /etc/apt/preferences.d/tarantool
++ echo -e "\nPackage: tarantool-dev\nPin: origin download.tarantool.org\nPin-Priority: 1001" >> /etc/apt/preferences.d/tarantool
++ echo "The repository is setup! Tarantool can now be installed."
++
++ apt_update
++
++ echo
++ echo "Tarantool ${ver} is ready to be installed by 'apt-get install -y tarantool'"
++
++ if [[ ${FORCE_INSTALL_TARANTOOL:-False} = "True" ]]; then
++ apt-get -y install tarantool
++ fi
++}
++
++install_yum_repo ()
++{
++ if [[ "${os}" =~ ^(centos|amzn)$ ]]; then
++ OS_NAME="EnterpriseLinux"
++ OS_CODE="el"
++ modules_enabled="1"
++ elif [ "${os}" = "fedora" ]; then
++ OS_NAME="Fedora"
++ OS_CODE="fedora"
++ modules_enabled="1"
++ elif [ "${os}" = "redos" ]; then
++ OS_NAME="RedOS"
++ OS_CODE="redos"
++ modules_enabled="0" # for now modules for RedOS are not available
++ else
++ exit 1
++ fi
++
++ # Since series-3 we use static builds and we can use one repository
++ # for all deb-based and rpm-based systems.
++ if [ "${ver}" -ge "3" ] 2> /dev/null; then
++ repo_ver_path="${repo_path}${ver}"
++ dist_code="linux-rpm"
++ dist_ver="static"
++ source_enabled="0" # for now source packages for series-3 are not available
++ else
++ repo_ver_path="${repo_path}${ver}${gc64}"
++ dist_code="${OS_CODE}"
++ dist_ver="${dist}"
++ source_enabled="1"
++ fi
++
++ cat <<EOF > /etc/yum.repos.d/tarantool_${ver_repo}.repo
++[tarantool_${ver_repo}]
++name=${OS_NAME}-${dist} - Tarantool
++baseurl=https://download.tarantool.org/tarantool/${repo_ver_path}/${dist_code}/${dist_ver}/${ARCH}/
++gpgkey=https://download.tarantool.org/tarantool/${repo_ver_path}/gpgkey
++repo_gpgcheck=1
++gpgcheck=0
++enabled=1
++priority=1
++
++[tarantool_${ver_repo}-source]
++name=${OS_NAME}-${dist} - Tarantool Sources
++baseurl=https://download.tarantool.org/tarantool/${repo_ver_path}/${dist_code}/${dist_ver}/SRPMS
++gpgkey=https://download.tarantool.org/tarantool/${repo_ver_path}/gpgkey
++repo_gpgcheck=1
++gpgcheck=0
++enabled=${source_enabled}
++priority=1
++
++[tarantool_modules]
++name=${OS_NAME}-${dist} - Tarantool
++baseurl=https://download.tarantool.org/tarantool/modules/${OS_CODE}/${dist}/${ARCH}/
++gpgkey=https://download.tarantool.org/tarantool/modules/gpgkey
++repo_gpgcheck=1
++gpgcheck=0
++enabled=${modules_enabled}
++priority=1
++
++[tarantool_modules-source]
++name=${OS_NAME}-${dist} - Tarantool Sources
++baseurl=https://download.tarantool.org/tarantool/modules/${OS_CODE}/${dist}/SRPMS
++gpgkey=https://download.tarantool.org/tarantool/modules/gpgkey
++repo_gpgcheck=1
++gpgcheck=0
++enabled=${modules_enabled}
++EOF
++}
++
++install_yum ()
++{
++ echo
++ echo "#########################"
++ echo "# Cleaning yum cache... #"
++ echo "#########################"
++ yum clean all
++
++ if [ $os = "centos" ] || [ $os = "amzn" ]; then
++ echo
++ echo "#################################"
++ echo "# Installing EPEL repository... #"
++ echo "#################################"
++
++ if [ $dist = 6 ]; then
++ curl https://www.getpagespeed.com/files/centos6-eol.repo --output /etc/yum.repos.d/CentOS-Base.repo
++ yum install -y epel-release
++ else
++ yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-${dist}.noarch.rpm
++ fi
++
++ if [ $dist != 8 ]; then
++ yum -y install yum-priorities
++ fi
++
++ echo
++ echo "#####################################"
++ echo "# Setting up tarantool EPEL repo... #"
++ echo "#####################################"
++ if [ -e /etc/yum.repos.d/epel.repo ]; then
++ sed 's/enabled=.*/enabled=1/g' -i /etc/yum.repos.d/epel.repo
++ fi
++ fi
++
++ rm -f /etc/yum.repos.d/*tarantool*.repo && \
++ install_yum_repo
++
++ echo
++ echo "########################"
++ echo "# Updating metadata... #"
++ echo "########################"
++ if [ $os = "centos" ] || [ $os = "amzn" ]; then
++ yum makecache -y --disablerepo='*' --enablerepo="tarantool_${ver_repo}" --enablerepo="tarantool_modules" --enablerepo='epel'
++ elif [ $os = "redos" ]; then
++ # RedOS doesn't support epel repo
++ yum makecache -y --disablerepo='*' --enablerepo="tarantool_${ver_repo}"
++ else
++ unsupported_os
++ fi
++
++ echo
++ echo "Tarantool ${ver} is ready to be installed by 'yum install -y tarantool'"
++
++ if [[ ${FORCE_INSTALL_TARANTOOL:-False} = "True" ]]; then
++ yum -y install tarantool
++ fi
++
++}
++
++install_dnf ()
++{
++ dnf clean all
++
++ rm -f /etc/yum.repos.d/*tarantool*.repo
++ install_yum_repo
++
++ echo
++ echo "########################"
++ echo "# Updating metadata... #"
++ echo "########################"
++ if [ $os = "redos" ]; then
++ # RedOS doesn't support tarantool_modules repo
++ dnf -q makecache -y --disablerepo='*' --enablerepo="tarantool_${ver_repo}"
++ else
++ dnf -q makecache -y --disablerepo='*' --enablerepo="tarantool_${ver_repo}" --enablerepo="tarantool_modules"
++ fi
++
++ echo "Tarantool ${ver} is ready to be installed by 'dnf install -y tarantool'"
++
++ if [[ ${FORCE_INSTALL_TARANTOOL:-False} = "True" ]]; then
++ yum -y install tarantool
++ fi
++
++}
++
++main ()
++{
++ detect_os
++ setup_ver
++ setup_type
++ if [ ${os} = "centos" ] && [[ ${dist} =~ ^(6|7|8)$ ]]; then
++ echo
++ echo "################################"
++ echo "# Setting up yum repository... #"
++ echo "################################"
++ install_yum
++ elif [ ${os} = "amzn" ] && [[ ${dist} = 2 ]]; then
++ echo "Setting up yum repository... "
++ dist=7
++ install_yum
++ elif [ ${os} = "redos" ] && [[ ${dist} = "7.3" ]]; then
++ echo "Setting up yum repository... "
++ install_dnf
++ elif [ ${os} = "fedora" ] && [[ ${dist} =~ ^(28|29|30|31|32|33|34|35|36|37|38)$ ]]; then
++ echo "Setting up yum repository..."
++ install_dnf
++ elif ( [ ${os} = "debian" ] && [[ ${dist} =~ ^(jessie|stretch|buster|bullseye|bookworm)$ ]] ) ||
++ ( [ ${os} = "ubuntu" ] && [[ ${dist} =~ ^(trusty|xenial|bionic|cosmic|disco|eoan|focal|groovy|hirsute|impish|jammy)$ ]] ); then
++
++ echo
++ echo "################################"
++ echo "# Setting up apt repository... #"
++ echo "################################"
++ install_apt
++ else
++ unsupported_os
++ fi
++}
++
++main
diff --git a/certification_patches/luajit_luajit-gdb.patch b/certification_patches/luajit_luajit-gdb.patch
new file mode 100644
index 0000000000..bebb807a1a
--- /dev/null
+++ b/certification_patches/luajit_luajit-gdb.patch
@@ -0,0 +1,14 @@
+diff --git a/src/luajit-gdb.py b/src/luajit-gdb.py
+index 96ee2289..7fd90e88 100644
+--- a/src/luajit-gdb.py
++++ b/src/luajit-gdb.py
+@@ -279,7 +279,8 @@ def itypemap(o):
+ return LJ_T['NUMX'] if tvisnumber(o) else itype(o)
+
+ def funcproto(func):
+- assert(func['ffid'] == 0)
++ if not (func['ffid'] == 0):
++ raise RuntimeError("assert failed")
+
+ return cast('GCproto *',
+ mref('char *', func['pc']) - gdb.lookup_type('GCproto').sizeof)
diff --git a/certification_patches/nghttp2_fetch-ocsp-response.patch b/certification_patches/nghttp2_fetch-ocsp-response.patch
new file mode 100644
index 0000000000..95a2215c59
--- /dev/null
+++ b/certification_patches/nghttp2_fetch-ocsp-response.patch
@@ -0,0 +1,22 @@
+diff --git a/script/fetch-ocsp-response b/script/fetch-ocsp-response
+index 0ff7461e..2fb75c40 100755
+--- a/script/fetch-ocsp-response
++++ b/script/fetch-ocsp-response
+@@ -83,7 +83,7 @@ def tempfail(msg):
+ def run_openssl(args, allow_tempfail=False):
+ buf = io.BytesIO()
+ try:
+- p = subprocess.Popen(args, stdout=subprocess.PIPE)
++ p = subprocess.Popen(args, stdout=subprocess.PIPE) # nosec
+ except Exception as e:
+ die('failed to invoke {}:{}'.format(args, e))
+ try:
+@@ -172,7 +172,7 @@ def verify_response(cmd, tempdir, issuer_fn, respder_fn):
+ with open(verify_fn, 'w+b') as f:
+ args = [cmd, 'ocsp', '-respin', respder_fn]
+ args.extend(extra)
+- p = subprocess.Popen(args, stdout=f, stderr=f)
++ p = subprocess.Popen(args, stdout=f, stderr=f) # nosec
+ if p.wait() == 0:
+ # OpenSSL <= 1.0.1, openssl ocsp still returns exit
+ # code 0 even if verification was failed. So check
diff --git a/certification_patches/nghttp2_mkhufftbl.patch b/certification_patches/nghttp2_mkhufftbl.patch
new file mode 100644
index 0000000000..020b5ba3b0
--- /dev/null
+++ b/certification_patches/nghttp2_mkhufftbl.patch
@@ -0,0 +1,24 @@
+diff --git a/mkhufftbl.py b/mkhufftbl.py
+index a9f10d75..dd3a5ea6 100755
+--- a/mkhufftbl.py
++++ b/mkhufftbl.py
+@@ -336,7 +336,8 @@ def _traverse(node, sym, start_node, root, left):
+
+ def go(node):
+ if node.term is not None:
+- assert sym is None
++ if not (sym is None):
++ raise RuntimeError("assert failed")
+ nsym = node.term
+ else:
+ nsym = sym
+@@ -422,7 +423,8 @@ if __name__ == '__main__':
+ nbits = int(m.group(4))
+ if len(code) > 8:
+ raise Error('Code is more than 4 bytes long')
+- assert(len(bits) == nbits)
++ if not ((len(bits) == nbits)):
++ raise RuntimeError("assert failed")
+ symbol_tbl[sym] = (nbits, code)
+ huffman_tree_add(ctx, sym, bits)
+
diff --git a/certification_patches/tarantool-sys_docker.patch b/certification_patches/tarantool-sys_docker.patch
new file mode 100644
index 0000000000..c4364f44c9
--- /dev/null
+++ b/certification_patches/tarantool-sys_docker.patch
@@ -0,0 +1,12 @@
+diff --git a/docker/Dockerfile b/docker/Dockerfile
+index ec10af6f1..4f57d0087 100644
+--- a/docker/Dockerfile
++++ b/docker/Dockerfile
+@@ -142,6 +142,7 @@ COPY files/tarantool.default /usr/local/etc/default/tarantool
+
+ ENTRYPOINT ["docker-entrypoint.sh"]
+
++USER tarantool
+ HEALTHCHECK CMD tarantool_is_up
+
+ EXPOSE 3301
diff --git a/certification_patches/tarantool-sys_icu_common_exec.patch b/certification_patches/tarantool-sys_icu_common_exec.patch
new file mode 100644
index 0000000000..326b8d8d3a
--- /dev/null
+++ b/certification_patches/tarantool-sys_icu_common_exec.patch
@@ -0,0 +1,24 @@
+diff --git a/vendor/icu4c-71_1/source/python/icutools/databuilder/renderers/common_exec.py b/vendor/icu4c-71_1/source/python/icutools/databuilder/renderers/common_exec.py
+index 91c12fdcf..173bd0216 100644
+--- a/vendor/icu4c-71_1/source/python/icutools/databuilder/renderers/common_exec.py
++++ b/vendor/icu4c-71_1/source/python/icutools/databuilder/renderers/common_exec.py
+@@ -68,7 +68,8 @@ def run_helper(request, common_vars, platform, tool_dir, verbose, tool_cfg=None,
+ # No-op
+ return 0
+
+- assert isinstance(request.tool, IcuTool)
++ if not (isinstance(request.tool, IcuTool)):
++ raise RuntimeError("assert failed")
+ if platform == "windows":
+ cmd_template = "{TOOL_DIR}/{TOOL}/{TOOL_CFG}/{TOOL}.exe {{ARGS}}".format(
+ TOOL_DIR = tool_dir,
+@@ -117,7 +118,8 @@ def run_helper(request, common_vars, platform, tool_dir, verbose, tool_cfg=None,
+ command_line = command_line.replace("/", "\\")
+ returncode = run_shell_command(command_line, platform, verbose)
+ return returncode
+- assert False
++ if not (False):
++ raise RuntimeError("assert failed")
+
+ def run_shell_command(command_line, platform, verbose):
+ changed_windows_comspec = False
diff --git a/certification_patches/tarantool-sys_icu_filtration.patch b/certification_patches/tarantool-sys_icu_filtration.patch
new file mode 100644
index 0000000000..622aefea99
--- /dev/null
+++ b/certification_patches/tarantool-sys_icu_filtration.patch
@@ -0,0 +1,64 @@
+diff --git a/vendor/icu4c-71_1/source/python/icutools/databuilder/filtration.py b/vendor/icu4c-71_1/source/python/icutools/databuilder/filtration.py
+index 27d08b0a7..64bda1e08 100644
+--- a/vendor/icu4c-71_1/source/python/icutools/databuilder/filtration.py
++++ b/vendor/icu4c-71_1/source/python/icutools/databuilder/filtration.py
+@@ -21,7 +21,8 @@ from .request_types import *
+ class Filter(object):
+ @staticmethod
+ def create_from_json(json_data, io):
+- assert io != None
++ if not (io != None):
++ raise RuntimeError("assert failed")
+ if "filterType" in json_data:
+ filter_type = json_data["filterType"]
+ else:
+@@ -47,7 +48,8 @@ class Filter(object):
+ if not request.apply_file_filter(self):
+ return []
+ for file in request.all_input_files():
+- assert self.match(file)
++ if not (self.match(file)):
++ raise RuntimeError("assert failed")
+ return [request]
+
+ @staticmethod
+@@ -183,7 +185,8 @@ class LocaleFilter(Filter):
+
+ def match(self, file):
+ tree = self._file_to_subdir(file)
+- assert tree is not None
++ if not (tree is not None):
++ raise RuntimeError("assert failed")
+ locale = self._file_to_file_stem(file)
+
+ # A locale is *required* if it is *requested* or an ancestor of a
+@@ -229,7 +232,8 @@ class LocaleFilter(Filter):
+ return "root"
+ i = locale.rfind("_")
+ if i < 0:
+- assert locale == "root", "Invalid locale: %s/%s" % (tree, locale)
++ if not (locale == "root", "Invalid locale: %s/%s" % (tree, locale)):
++ raise RuntimeError("assert failed")
+ return None
+ return locale[:i]
+
+@@ -306,7 +310,8 @@ class ResourceFilterInfo(object):
+
+ def apply_to_requests(self, all_requests):
+ # Call this method only once per list of requests.
+- assert self.input_files is None
++ if not (self.input_files is None):
++ raise RuntimeError("assert failed")
+ for request in all_requests:
+ if request.category != self.category:
+ continue
+@@ -334,7 +339,8 @@ class ResourceFilterInfo(object):
+ # --writePoolBundle, and the other for --usePoolBundle. They are both
+ # expected to have the same list of input files.
+ if self.input_files is not None:
+- assert self.input_files == files
++ if not (self.input_files == files):
++ raise RuntimeError("assert failed")
+ return
+ self.input_files = list(files)
+ self.filter_files = [
diff --git a/certification_patches/tarantool-sys_icu_makefile.patch b/certification_patches/tarantool-sys_icu_makefile.patch
new file mode 100644
index 0000000000..31bfce16d1
--- /dev/null
+++ b/certification_patches/tarantool-sys_icu_makefile.patch
@@ -0,0 +1,31 @@
+diff --git a/vendor/icu4c-71_1/source/python/icutools/databuilder/renderers/makefile.py b/vendor/icu4c-71_1/source/python/icutools/databuilder/renderers/makefile.py
+index 9b2005b07..fcc4b11a0 100644
+--- a/vendor/icu4c-71_1/source/python/icutools/databuilder/renderers/makefile.py
++++ b/vendor/icu4c-71_1/source/python/icutools/databuilder/renderers/makefile.py
+@@ -53,7 +53,8 @@ def get_gnumake_rules(build_dirs, requests, makefile_vars, **kwargs):
+ )
+ continue
+
+- assert isinstance(rule, MakeRule)
++ if not (isinstance(rule, MakeRule)):
++ raise RuntimeError("assert failed")
+ header_line = "{OUT_FILE}: {DEP_FILES} {DEP_LITERALS} | $(DIRS)".format(
+ OUT_FILE = files_to_makefile([rule.output_file], **kwargs),
+ DEP_FILES = files_to_makefile(rule.dep_files, wrap = True, **kwargs),
+@@ -135,7 +136,8 @@ def get_gnumake_rules_helper(request, common_vars, **kwargs):
+ elif request.tool.name == "gentest":
+ cmd_template = "$(INVOKE) $(GENTEST) {ARGS}"
+ else:
+- assert isinstance(request.tool, IcuTool)
++ if not (isinstance(request.tool, IcuTool)):
++ raise RuntimeError("assert failed")
+ cmd_template = "$(INVOKE) $(TOOLBINDIR)/{TOOL} {{ARGS}}".format(
+ TOOL = request.tool.name
+ )
+@@ -242,4 +244,5 @@ def get_gnumake_rules_helper(request, common_vars, **kwargs):
+ ]
+ return rules
+
+- assert False
++ if not (False):
++ raise RuntimeError("assert failed")
diff --git a/certification_patches/tarantool-sys_icu_request_types.patch b/certification_patches/tarantool-sys_icu_request_types.patch
new file mode 100644
index 0000000000..b8cd235e7a
--- /dev/null
+++ b/certification_patches/tarantool-sys_icu_request_types.patch
@@ -0,0 +1,43 @@
+diff --git a/vendor/icu4c-71_1/source/python/icutools/databuilder/request_types.py b/vendor/icu4c-71_1/source/python/icutools/databuilder/request_types.py
+index aa70f8d91..d0b1760a9 100644
+--- a/vendor/icu4c-71_1/source/python/icutools/databuilder/request_types.py
++++ b/vendor/icu4c-71_1/source/python/icutools/databuilder/request_types.py
+@@ -108,11 +108,13 @@ class AbstractExecutionRequest(AbstractRequest):
+ del self.input_files[i]
+ for _, v in self.format_with.items():
+ if isinstance(v, list):
+- assert len(v) == len(self.input_files) + 1
++ if not (len(v) == len(self.input_files) + 1):
++ raise RuntimeError("assert failed")
+ del v[i]
+ for v in self.dep_targets:
+ if isinstance(v, list):
+- assert len(v) == len(self.input_files) + 1
++ if not (len(v) == len(self.input_files) + 1):
++ raise RuntimeError("assert failed")
+ del v[i]
+
+ def flatten(self, config, all_requests, common_vars):
+@@ -125,16 +127,19 @@ class AbstractExecutionRequest(AbstractRequest):
+ for dep_target in self.dep_targets:
+ if isinstance(dep_target, list):
+ if hasattr(self, "specific_dep_files"):
+- assert len(dep_target) == len(self.specific_dep_files)
++ if not (len(dep_target) == len(self.specific_dep_files)):
++ raise RuntimeError("assert failed")
+ for file, out_list in zip(dep_target, self.specific_dep_files):
+- assert hasattr(file, "filename")
++ if not (hasattr(file, "filename")):
++ raise RuntimeError("assert failed")
+ out_list.append(file)
+ else:
+ self.common_dep_files += dep_target
+ continue
+ if not isinstance(dep_target, DepTarget):
+ # Copy file entries directly to dep_files.
+- assert hasattr(dep_target, "filename")
++ if not (hasattr(dep_target, "filename")):
++ raise RuntimeError("assert failed")
+ self.common_dep_files.append(dep_target)
+ continue
+ # For DepTarget entries, search for the target.
diff --git a/certification_patches/tarantool-sys_icu_utils.patch b/certification_patches/tarantool-sys_icu_utils.patch
new file mode 100644
index 0000000000..f6bec5cfbb
--- /dev/null
+++ b/certification_patches/tarantool-sys_icu_utils.patch
@@ -0,0 +1,14 @@
+diff --git a/vendor/icu4c-71_1/source/python/icutools/databuilder/utils.py b/vendor/icu4c-71_1/source/python/icutools/databuilder/utils.py
+index 3d53d18fa..4dca5848b 100644
+--- a/vendor/icu4c-71_1/source/python/icutools/databuilder/utils.py
++++ b/vendor/icu4c-71_1/source/python/icutools/databuilder/utils.py
+@@ -23,7 +23,8 @@ def dir_for(file):
+ return "{OUT_DIR}"
+ if isinstance(file, PkgFile):
+ return "{PKG_DIR}"
+- assert False
++ if not (False):
++ raise RuntimeError("assert failed")
+
+
+ LOCAL_DIRNAME_SUBSTITUTIONS = {
diff --git a/certification_patches/tarantool-sys_tarantool-gdb.patch b/certification_patches/tarantool-sys_tarantool-gdb.patch
new file mode 100644
index 0000000000..d5b494f294
--- /dev/null
+++ b/certification_patches/tarantool-sys_tarantool-gdb.patch
@@ -0,0 +1,89 @@
+diff --git a/tools/tarantool-gdb.py b/tools/tarantool-gdb.py
+index 2dba94459..6f413299a 100644
+--- a/tools/tarantool-gdb.py
++++ b/tools/tarantool-gdb.py
+@@ -1357,7 +1357,8 @@ class TuplePrinter(object):
+ # Pull configuration from class variables into the instance for
+ # convenience
+ config = self.__class__.__config
+- assert config is not None
++ if not(config is not None):
++ raise RuntimeError("assert failed")
+ self.mp_max_depth = config['mp_max_depth']
+ self.mp_max_length = config['mp_max_length']
+
+@@ -1393,7 +1394,8 @@ class TuplePrinter(object):
+ if field_offs > 0:
+ key = key_by_offset(field_offs)
+ elif field_offs < 0:
+- assert self.slot_extent_t is not None
++ if not (self.slot_extent_t is not None):
++ raise RuntimeError("assert failed")
+ ext = (self.data() + field_offs).cast(self.slot_extent_t.pointer()).dereference()
+ num_ext_keys = ext['size']
+ offsets = ext['offset']
+@@ -1490,7 +1492,8 @@ class TtListEntryInfo(object):
+ return self.__entry_type
+
+ def entry_from_item(self, item):
+- assert equal_types(item.type.target(), TtList.rlist_type)
++ if not (equal_types(item.type.target(), TtList.rlist_type)):
++ raise RuntimeError("assert failed")
+ return cast_ptr(self.__entry_type, item, self.__offset)
+
+
+@@ -1666,7 +1669,8 @@ class TtListsLut(object):
+ @classmethod
+ def lookup_list_info(cls, item):
+ """Try to identify list head and type of list entries from its item."""
+- assert equal_types(item.type.target(), TtList.rlist_type)
++ if not (equal_types(item.type.target(), TtList.rlist_type)):
++ raise RuntimeError("assert failed")
+ item_index = -1
+ item_sentinel = item['next']
+ while True:
+@@ -1684,10 +1688,12 @@ class TtList(object):
+
+ @classmethod
+ def resolve_item(cls, item, head=None, entry_info=None):
+- assert equal_types(item.type.target(), cls.rlist_type)
++ if not (equal_types(item.type.target(), cls.rlist_type)):
++ raise RuntimeError("assert failed")
+
+ list_info, index_or_len = TtListsLut.lookup_list_info(item)
+- assert index_or_len is not None, 'index_or_len is not None'
++ if not (index_or_len is not None, 'index_or_len is not None'):
++ raise RuntimeError("assert failed")
+ if list_info is None:
+ missing_parts = []
+ if head is None:
+@@ -1843,7 +1849,8 @@ head
+ return super(TtListPrinter, cls).__new__(cls)
+
+ def __init__(self, val):
+- assert self.__class__.__instance_exists
++ if not (self.__class__.__instance_exists):
++ raise RuntimeError("assert failed")
+ if not equal_types(val.type, TtList.rlist_type):
+ raise gdb.GdbError("expression doesn't evaluate to rlist")
+
+@@ -1856,7 +1863,8 @@ head
+ # Pull configuration from class variables into the instance for
+ # convenience
+ config = self.__class__.__config
+- assert config is not None
++ if not (config is not None):
++ raise RuntimeError("assert failed")
+ self.entry_info = config['entry_info']
+ self.head = config['head']
+ self.predicate = config['predicate']
+@@ -1879,7 +1887,8 @@ head
+ TtList.resolve_item(val.address, self.head, self.entry_info)
+
+ def __del__(self):
+- assert self.__class__.__instance_exists
++ if not (self.__class__.__instance_exists):
++ raise RuntimeError("assert failed")
+ self.__class__.__instance_exists = False
+
+ def to_string(self):
diff --git a/certification_patches/vshard_debian_prebuild.patch b/certification_patches/vshard_debian_prebuild.patch
new file mode 100644
index 0000000000..107439ec5b
--- /dev/null
+++ b/certification_patches/vshard_debian_prebuild.patch
@@ -0,0 +1,8 @@
+diff --git a/debian/prebuild.sh b/debian/prebuild.sh
+index 479bf20..edd8236 100755
+--- a/debian/prebuild.sh
++++ b/debian/prebuild.sh
+@@ -1 +1,2 @@
+-curl -s https://packagecloud.io/install/repositories/tarantool/1_10/script.deb.sh | sudo bash
++# echo 'now the following command returns nothing: curl -s https://packagecloud.io/install/repositories/tarantool/1_10/script.deb.sh
++# and nothing to do here
diff --git a/certification_patches/vshard_rpm_prebuild.patch b/certification_patches/vshard_rpm_prebuild.patch
new file mode 100644
index 0000000000..38d30fe25a
--- /dev/null
+++ b/certification_patches/vshard_rpm_prebuild.patch
@@ -0,0 +1,11 @@
+diff --git a/rpm/prebuild.sh b/rpm/prebuild.sh
+index bbf6eac..da5b964 100755
+--- a/rpm/prebuild.sh
++++ b/rpm/prebuild.sh
+@@ -1,3 +1,5 @@
+-curl -s https://packagecloud.io/install/repositories/tarantool/1_10/script.rpm.sh | sudo bash
++# echo 'now the following command returns nothing: curl -s https://packagecloud.io/install/repositories/tarantool/1_10/script.deb.sh
++# and nothing to do here except the following lines:
++
+ sudo yum -y install python-devel python-pip
+ sudo pip install tarantool msgpack
diff --git a/certification_patches/zstd_freestanding.patch b/certification_patches/zstd_freestanding.patch
new file mode 100644
index 0000000000..b869eada37
--- /dev/null
+++ b/certification_patches/zstd_freestanding.patch
@@ -0,0 +1,143 @@
+diff --git a/contrib/freestanding_lib/freestanding.py b/contrib/freestanding_lib/freestanding.py
+index df698324..4d9be79d 100755
+--- a/contrib/freestanding_lib/freestanding.py
++++ b/contrib/freestanding_lib/freestanding.py
+@@ -161,7 +161,8 @@ class PartialPreprocessor(object):
+
+ line = self._inlines[idx]
+ is_if = self._if.match(line) is not None
+- assert is_if or self._elif.match(line) is not None
++ if not (is_if or self._elif.match(line) is not None):
++ raise RuntimeError("assert failed")
+ depth = 0
+
+ start_idx = idx
+@@ -219,7 +220,8 @@ class PartialPreprocessor(object):
+ idx += 1
+ b = m.start('elif')
+ e = m.end('elif')
+- assert e - b == 2
++ if not (e - b == 2):
++ raise RuntimeError("assert failed")
+ replace.append(line[:b] + line[e:])
+ finished = True
+ break
+@@ -316,7 +318,8 @@ class PartialPreprocessor(object):
+ if op == '&&':
+ resolved = not is_true
+ else:
+- assert op == '||'
++ if not (op == '||'):
++ raise RuntimeError("assert failed")
+ resolved = is_true
+
+ else:
+@@ -335,11 +338,13 @@ class PartialPreprocessor(object):
+ if op == '&&':
+ resolved = not is_true
+ else:
+- assert op == '||'
++ if not (op == '||'):
++ raise RuntimeError("assert failed")
+ resolved = is_true
+
+ if macro2 is not None and not resolved:
+- assert ifdef and defined and op == '&&' and cmp is not None
++ if not (ifdef and defined and op == '&&' and cmp is not None):
++ raise RuntimeError("assert failed")
+ # If the statement is true, but we have a single value check, then
+ # check the value.
+ defined_value = self._defs[macro]
+@@ -377,11 +382,13 @@ class PartialPreprocessor(object):
+ if op == '&&':
+ opre = op
+ else:
+- assert op == '||'
++ if not (op == '||'):
++ raise RuntimeError("assert failed")
+ opre = r'\|\|'
+ needle = re.compile(fr"(?P<if>\s*#\s*(el)?if\s+).*?(?P<op>{opre}\s*)")
+ match = needle.match(line)
+- assert match is not None
++ if not (match is not None):
++ raise RuntimeError("assert failed")
+ newline = line[:match.end('if')] + line[match.end('op'):]
+
+ self._log(f"\tHardwiring partially resolved {macro}")
+@@ -400,8 +407,10 @@ class PartialPreprocessor(object):
+
+ prepend = []
+ if macro in self._replaces:
+- assert not ifdef
+- assert op is None
++ if not (not ifdef):
++ raise RuntimeError("assert failed")
++ if not (op is None):
++ raise RuntimeError("assert failed")
+ value = self._replaces.pop(macro)
+ prepend = [f"#define {macro} {value}\n"]
+
+@@ -479,7 +488,8 @@ class Freestanding(object):
+ def _copy_source_lib(self):
+ self._log("Copying source library into output library")
+
+- assert os.path.exists(self._src_lib)
++ if not (os.path.exists(self._src_lib)):
++ raise RuntimeError("assert failed")
+ os.makedirs(self._dst_lib, exist_ok=True)
+ self._copy_file("zstd.h")
+ self._copy_file("zstd_errors.h")
+@@ -487,7 +497,8 @@ class Freestanding(object):
+ src_dir = os.path.join(self._src_lib, subdir)
+ dst_dir = os.path.join(self._dst_lib, subdir)
+
+- assert os.path.exists(src_dir)
++ if not (os.path.exists(src_dir)):
++ raise RuntimeError("assert failed")
+ os.makedirs(dst_dir, exist_ok=True)
+
+ for filename in os.listdir(src_dir):
+@@ -510,7 +521,8 @@ class Freestanding(object):
+ If undef=True then value must be None.
+ If value='' then the macro is defined to '' exactly.
+ """
+- assert not (undef and value is not None)
++ if undef and value is not None:
++ raise RuntimeError("assert failed")
+ for filepath in self._dst_lib_file_paths():
+ file = FileLines(filepath)
+
+@@ -533,14 +545,16 @@ class Freestanding(object):
+ emit = True
+ for line in file.lines:
+ if emit and begin_re.search(line) is not None:
+- assert end_re.search(line) is None
++ if not (end_re.search(line) is None):
++ raise RuntimeError("assert failed")
+ emit = False
+ if emit:
+ outlines.append(line)
+ else:
+ skipped.append(line)
+ if end_re.search(line) is not None:
+- assert begin_re.search(line) is None
++ if not (begin_re.search(line) is None):
++ raise RuntimeError("assert failed")
+ self._log(f"\t\tRemoving excluded section: {exclude}")
+ for s in skipped:
+ self._log(f"\t\t\t- {s}")
+@@ -602,10 +616,12 @@ class Freestanding(object):
+ file.write()
+
+ def _parse_sed(self, sed):
+- assert sed[0] == 's'
++ if not (sed[0] == 's'):
++ raise RuntimeError("assert failed")
+ delim = sed[1]
+ match = re.fullmatch(f's{delim}(.+){delim}(.*){delim}(.*)', sed)
+- assert match is not None
++ if not (match is not None):
++ raise RuntimeError("assert failed")
+ regex = re.compile(match.group(1))
+ format_str = match.group(2)
+ is_global = match.group(3) == 'g'
diff --git a/picodata-webui b/picodata-webui
index 601958c914..25706b6b59 160000
--- a/picodata-webui
+++ b/picodata-webui
@@ -1 +1 @@
-Subproject commit 601958c91408375d2ae3863ec9bfcd5f030bacdf
+Subproject commit 25706b6b59718748e1b92efffbf34d44e3d73a8c
--
GitLab