mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-07 21:16:57 +02:00
Code Issues Packages Projects Releases Wiki Activity
25,388 Commits 620 Branches 390 Tags 160 MiB
16b3a2a10b
Commit Graph

25388 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sayan Chowdhury
16b3a2a10b vendor-testing: Add qemu_uefi_secure, symlinked to qemu.sh 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-02-26 15:46:12 +01:00
Sayan Chowdhury
0fc380cf21 sys-boot/shim: Add the changelog for shim upgrade, and secureboot 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-02-26 15:46:12 +01:00
Sayan Chowdhury
99bfcf5f32 shim, coreos-sb-keys, grub_install.sh: retab to spaces 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-02-26 12:01:10 +01:00
Sayan Chowdhury
4648be9dbb sys-boot/grub: Make sed silently fail when updating sbat 
Co-authored-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-02-26 12:01:10 +01:00
Sayan Chowdhury
97ebc770ea sys-boot/shim: Move from cros_workon to upstream 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-02-26 12:01:10 +01:00
Sayan Chowdhury
04005652dd build_library: Drop redundant config from grub.cfg 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-02-26 12:01:10 +01:00
Sayan Chowdhury
c1bdbd9d90 build_image_util: Sign the vmlinuz with the shim key 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-02-26 12:01:10 +01:00
Jeremi Piotrowski
6ff9f8b098 Add support for secure boot in qemu_template.sh 
We have an existing qemu_uefi_secure format definition, but it is
necessary to update it so that it actually works. Qemu needs to be
passed the correct flags to enable SMM, we need to switch to the Q35
machine, and we need to copy over the secboot variant of the OVMF
firmware.
 2024-02-26 12:01:09 +01:00
Sayan Chowdhury
fc28e72322 sys-boot/grub: install file with sbat contents, add --sbat to script 
This is just the contents of the section, but the section
itself is written by grub-mkimage. sbat.csv needs to be passed
with --sbat.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-02-26 12:01:09 +01:00
Jeremi Piotrowski
64556256db grub_install: switch to BOARD_GRUB by default 
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2024-02-26 12:01:09 +01:00
Sayan Chowdhury
0479480ef1 grub_install.sh: Sign the GRUB/MM with the proper keys 
Add the linux.mod file back

Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-02-26 12:01:09 +01:00
Sayan Chowdhury
b42e3ad58b sys-boot/shim: Update shim to include signing keys, and build mm.efi 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-02-26 12:01:09 +01:00
Sayan Chowdhury
348a26201a coreos-sb-keys: Add the shim keys 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-02-26 12:01:09 +01:00
Sayan Chowdhury
65fe1f4cdb sys-boot/shim: make the shim buildable 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-02-26 12:01:09 +01:00
Sayan Chowdhury
fc4acb6b40 sys-boot/shim: updates to 15.7 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-02-26 12:01:09 +01:00
Jeremi Piotrowski
8019f7fd9f vm_image_util.sh: update path to arm64 UEFI firmware 
The arm64 firmware is now called AAVMF with the updated edk2-aarch64
ebuild.
 2024-02-26 12:01:09 +01:00
Sayan Chowdhury
58806c5342 eclass/rpm: Add from Gentoo 
It's from Gentoo commit 78e5f99cb41eaa50da930e7ab2dc7993fa243e1f.
 2024-02-26 12:01:09 +01:00
Sayan Chowdhury
af68df3d43 coreos-devel/board-packages: remove edk2-ovmf from arm64 dependencies 
This package is not used, we use edk2-aarch64 on arm64 but and it is
fetched during image_to_vm.sh because the ebuild simply wraps a binary
file.

Original Author: Jeremi Piotrowski <jpiotrowski@microsoft.com>

Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-02-26 12:01:09 +01:00
Sayan Chowdhury
ceb1480e48 sys-firmware/edk2-aarch64: drop old package and replace with new 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-02-26 12:01:09 +01:00
Sayan Chowdhury
984233b9e8 coreo-base/coreos: Add mokutil to the base amd64 image 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-02-26 12:01:09 +01:00
Sayan Chowdhury
6e497dbd0d sys-boot/mokutil: Add from Gentoo 
It's from Gentoo commit cf90a21600e8d81c12b7e1143f43cd28f58dd70d.
 2024-02-26 10:53:45 +01:00
Krzesimir Nowak
b51e3cbd94 Revert "New version: main-3889.0.0-nightly-20240223-2100-INTERMEDIATE" 
This reverts commit 1fcad52f3a.

Last nightly failed to build, possibly some intermittent error.
 2024-02-26 09:13:24 +01:00
flatcar-ci
1fcad52f3a New version: main-3889.0.0-nightly-20240223-2100-INTERMEDIATE 2024-02-23 21:00:26 +00:00
Jeremi Piotrowski
57f2ead111
Merge pull request #1688 from flatcar/jepio/improve-gpu-match 
nvidia-drivers: Improve match for NVIDIA GPUs
 2024-02-23 16:38:07 +01:00
Mathieu Tortuyaux
c3c046529c
Merge pull request #1689 from flatcar/tormath1/keyutils 
sys-apps/keyutils: sync with upstream
 2024-02-23 14:54:09 +01:00
Mathieu Tortuyaux
e5970bb3cb
changelog: add entry 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-02-23 14:53:10 +01:00
Mathieu Tortuyaux
f84eedf688
sys-apps/keyutils: Apply Flatcar modifications 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
Co-authored-by: Krzesimir Nowak <knowak@microsoft.com>
 2024-02-23 14:53:10 +01:00
Mathieu Tortuyaux
c57607f3dd
Merge pull request #1687 from flatcar/tormath1/cloudinit 
coreos-base/coreos-cloudinit: bump commit ID
 2024-02-23 14:34:15 +01:00
Mathieu Tortuyaux
ea3d0cf1c4
changelog: add entry 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-02-23 14:33:29 +01:00
Mathieu Tortuyaux
af249419bc
coreos-base/coreos-cloudinit: bump commit ID 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-02-23 14:28:01 +01:00
Jeremi Piotrowski
2cbd78091e nvidia-drivers: Improve match for NVIDIA GPUs 
The logic for checking if we need to probe depends on the device showing up
with the product type in lspci output, which doesn't hold for all sorts of
GPUs. The NVIDIA_PRODUCT_TYPE is used for fetching the drivers and is "tesla"
across datacenter GPUs.

Switch to matching on vendor id and device class. The values are the same
ones that the nvidia driver binds to.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2024-02-23 10:05:15 +01:00
Mathieu Tortuyaux
7b720fb337
sys-apps/keyutils: sync with upstream 
Commit-Ref: 7456de7c55

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-02-23 10:05:02 +01:00
flatcar-ci
b2f4560d8e New version: main-3888.0.0-nightly-20240222-2100 2024-02-22 21:00:32 +00:00
Krzesimir Nowak
bf4b088cb8
Merge pull request #1672 from flatcar/buildbot/weekly-portage-stable-package-updates-2024-02-19 
Weekly portage-stable package updates 2024-02-19
 2024-02-22 09:01:41 +01:00
flatcar-ci
4bd0d342ac New version: main-3887.0.0-nightly-20240221-2100 2024-02-21 21:00:26 +00:00
Dongsu Park
051232e560
Merge pull request #1681 from flatcar/dongsu/gnupg-2.2.42 
app-crypt/gnupg: update to 2.2.42-r2
 2024-02-21 16:04:41 +01:00
Mathieu Tortuyaux
5a4c7d993a
Merge pull request #1680 from flatcar/tormath1/ignition 
sys-apps/ignition: bump to 2.17.0
 2024-02-21 15:47:59 +01:00
Mathieu Tortuyaux
2c2b20dd7d
changelog: add entry 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-02-21 15:47:14 +01:00
Mathieu Tortuyaux
0c3c14e9c3
sys-apps/ignition: bump to 2.17.0 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-02-21 15:47:14 +01:00
Krzesimir Nowak
1020bc7dcf changelog: Add entries 2024-02-21 11:05:42 +01:00
Krzesimir Nowak
c272472a40 overlay profiles: Add accept keywords for sys-apps/coreutils 2024-02-21 10:54:28 +01:00
Krzesimir Nowak
14ac663023 overlay profiles: Update accept keywords for net-misc/curl 2024-02-21 10:54:28 +01:00
Krzesimir Nowak
1bd3db3f19 overlay profiles: Update accept keywords for dev-libs/opensc 2024-02-21 10:54:28 +01:00
Krzesimir Nowak
9161f8913f overlay profiles: Drop obsolete package mask 
We have updated dev-libs/openssl to 3.2.1-r1 which has a patch that
makes it work with dev-libs/libp11 package.
 2024-02-21 10:54:28 +01:00
Krzesimir Nowak
8ccf5902cf overlay profiles: Add accept keywords for dev-libs/libp11 2024-02-21 10:54:28 +01:00
Krzesimir Nowak
f8050f6c70 overlay profiles: Drop accept keywords for app-misc/pax-utils 2024-02-21 10:54:28 +01:00
Krzesimir Nowak
6e9df73b93 overlay profiles: Add accept keywords for app-emulation/qemu 2024-02-21 10:54:28 +01:00
Krzesimir Nowak
51eb82b311 overlay: Add some accept keywords to keep packages between arches in sync 2024-02-21 10:54:28 +01:00
Krzesimir Nowak
82b947c1db overlay profiles: Update accept keywords for sys-libs/readline 2024-02-21 10:54:28 +01:00
Mathieu Tortuyaux
0d6ca4fe04 dev-libs/openssl: Apply Flatcar modifications 
- drop `pkg_postint`
- create `/etc/ssl` with tmpfiles
- continue shipping app-misc/c_rehash
- mark as stable
 2024-02-21 10:54:10 +01:00