[autobackport: sssd-2-10] Use macro rather than shell expansion for string processing in spec file

[sssd-bot]

This is an automatic backport of PR#8511 Use macro rather than shell expansion for string processing in spec file to branch sssd-2-10, created by @nforro.

Caution

@nforro The patches did not apply cleanly. It is necessary to resolve conflicts before merging this pull request. Commits that introduced conflict are marked with CONFLICT!.

You can push changes to this pull request

git remote add sssd-bot git@github.com:sssd-bot/sssd.git
git fetch sssd-bot refs/heads/SSSD-sssd-backport-pr8511-to-sssd-2-10
git checkout SSSD-sssd-backport-pr8511-to-sssd-2-10
git push sssd-bot SSSD-sssd-backport-pr8511-to-sssd-2-10 --force

---

Original commits
f9697d4 - Use macro rather than shell expansion for string processing in spec file
caa0ec2 - Add a default for %samba_package_version

Backported commits

• 650589d - CONFLICT! Use macro rather than shell expansion for string processing in spec file
• cb2f38a - Add a default for %samba_package_version

Conflicting Files Information (check for deleted and re-added files)

• CONFLICT! Use macro rather than shell expansion for string processing in spec file

On branch SSSD-sssd-backport-pr8511-to-sssd-2-10
You are currently cherry-picking commit f9697d4ff.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Unmerged paths:
  (use "git add <file>..." to mark resolution)
	both modified:   contrib/sssd.spec.in

no changes added to commit (use "git add" and/or "git commit -a")

---

Original Pull Request Body

We've hardened security in Packit Service and shell expansions in spec files are now rejected as they can be used to execute arbitrary code. There is no need to use shell expansion for string processing, there is an existing macro for this very purpose.

[gemini-code-assist]

Code Review

This pull request is an automatic backport that aims to replace a shell expansion with a macro in the spec file for security reasons. However, the backport resulted in a merge conflict in contrib/sssd.spec.in which has been left unresolved. This makes the spec file invalid and must be fixed. My review provides a suggestion to resolve the conflict and correct the macro syntax.

[gemini-code-assist]

This file contains unresolved merge conflict markers, which will cause the build to fail. The conflict needs to be resolved.

Based on the original pull request, the intention is to replace the shell expansion with an RPM macro. The correct resolution is to use the gsub macro. Additionally, the syntax for gsub in the conflicting change appears incorrect. The correct format is %{gsub:text:pattern:replacement}.

Please resolve the conflict using the suggested code.

Version: %{gsub:@PACKAGE_VERSION@:-:~}

[ikerexxe]

LGTM

[sssd-bot]

The pull request was accepted by @ikerexxe with the following PR CI status:

---

🟢 CodeQL (success)
🟢 rpm-build:centos-stream-10-x86_64:upstream (success)
🟢 Build / make-distcheck (success)
🟢 ci / prepare (success)
🟢 ci / system (centos-10) (success)
🟢 Static code analysis / codeql (success)
🟢 Static code analysis / pre-commit (success)
🟢 Static code analysis / python-system-tests (success)

---

There are unsuccessful or unfinished checks. Make sure that the failures are not related to this pull request before merging.