From 5bc2d57025face22eacf0ed9e2ab84f7f0fd6742 Mon Sep 17 00:00:00 2001 From: Kai Lueke Date: Fri, 1 Apr 2022 16:35:44 +0200 Subject: [PATCH] coreos-base/coreos-init: run update-ssh-keys once after Ignition This pulls in https://github.com/flatcar-linux/init/pull/66 to fix the problem that Ignition keys would be lost as soon as update-ssh-keys runs. This is done by placing Ignition's keys in as files in the authorized_keys.d folder and calling update-ssh-keys after Ignition ran. --- .../changelog/bugfixes/2022-04-01-preserve-ignition-keys.md | 1 + .../coreos-base/coreos-init/coreos-init-9999.ebuild | 2 +- .../{ignition-2.13.0.ebuild => ignition-2.13.0-r1.ebuild} | 0 .../coreos-overlay/sys-apps/ignition/ignition-9999.ebuild | 2 +- 4 files changed, 3 insertions(+), 2 deletions(-) create mode 100644 sdk_container/src/third_party/coreos-overlay/changelog/bugfixes/2022-04-01-preserve-ignition-keys.md rename sdk_container/src/third_party/coreos-overlay/sys-apps/ignition/{ignition-2.13.0.ebuild => ignition-2.13.0-r1.ebuild} (100%) diff --git a/sdk_container/src/third_party/coreos-overlay/changelog/bugfixes/2022-04-01-preserve-ignition-keys.md b/sdk_container/src/third_party/coreos-overlay/changelog/bugfixes/2022-04-01-preserve-ignition-keys.md new file mode 100644 index 0000000000..8b35c15ddc --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/changelog/bugfixes/2022-04-01-preserve-ignition-keys.md @@ -0,0 +1 @@ +- Made Ignition write the SSH keys into a file under `authorized_keys.d/ignition` again and added a call to `update-ssh-keys` after Ignition ran to create the merged `authorized_keys` file, which fixes the problem that keys added by Ignition get lost when `update-ssh-keys` runs ([PR#66](https://github.com/flatcar-linux/init/pull/66)) diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild index dc09f9b3d2..a9e3b825e6 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-init/coreos-init-9999.ebuild @@ -10,7 +10,7 @@ CROS_WORKON_REPO="https://github.com" if [[ "${PV}" == 9999 ]]; then KEYWORDS="~amd64 ~arm ~arm64 ~x86" else - CROS_WORKON_COMMIT="a22b550c7cf689661970a2a23dd457870dd84c97" # flatcar-master + CROS_WORKON_COMMIT="d76453b957f1e9ebe428c66ea6c9e3bb9a2d3489" # flatcar-master KEYWORDS="amd64 arm arm64 x86" fi diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/ignition/ignition-2.13.0.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/ignition/ignition-2.13.0-r1.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-apps/ignition/ignition-2.13.0.ebuild rename to sdk_container/src/third_party/coreos-overlay/sys-apps/ignition/ignition-2.13.0-r1.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/sys-apps/ignition/ignition-9999.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-apps/ignition/ignition-9999.ebuild index 2834b73bea..3d779acf6b 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-apps/ignition/ignition-9999.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-apps/ignition/ignition-9999.ebuild @@ -46,7 +46,7 @@ PATCHES=( src_compile() { export GO15VENDOREXPERIMENT="1" - GO_LDFLAGS="-X github.com/flatcar-linux/ignition/v2/internal/version.Raw=${PV} -X github.com/flatcar-linux/ignition/v2/internal/distro.selinuxRelabel=false -X github.com/flatcar-linux/ignition/v2/internal/distro.writeAuthorizedKeysFragment=false" || die + GO_LDFLAGS="-X github.com/flatcar-linux/ignition/v2/internal/version.Raw=${PV} -X github.com/flatcar-linux/ignition/v2/internal/distro.selinuxRelabel=false" || die go_build "${COREOS_GO_PACKAGE}/internal" }