mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-18 10:27:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
8,803 Commits 632 Branches 394 Tags 167 MiB
1da2d646da
Commit Graph

7044 Commits

Author SHA1 Message Date
Kai Lüke
1da2d646da Merge pull request #1180 from kinvolk/kai/new-subkey 
coreos-base/coreos-init: embed new subkey in flatcar-install
 2021-08-12 11:30:16 +02:00
Dongsu Park
e724ec668b Merge pull request #1169 from kinvolk/runc-1.0.1-main 
Upgrade Runc in main from 1.0.0 to 1.0.1
 2021-08-12 10:51:15 +02:00
Dongsu Park
bdd9f29187 app-emulation/docker-runc: remove obsolete comments 
Now that runc version follows simple semver semantics, we do not have to
care about number of patches up to an rc version. Remove the obsolete
comments.
 2021-08-12 10:04:07 +02:00
Sayan Chowdhury
75f9c43ee0 Merge pull request #1171 from kinvolk/sayan/move-expat-to-portage 
dev-libs/expat: Remove patches and move to portage-stable
 2021-08-12 09:47:10 +05:30
Kai Lueke
c9e7e6d245 coreos-base/coreos-init: embed new subkey in flatcar-install 
This pulls in
https://github.com/kinvolk/init/pull/45
but from a backport branch "flatcar-2905-backport".
 2021-08-11 18:15:55 +02:00
Dongsu Park
abf87f84dd Merge pull request #1160 from kinvolk/rust-1.54.0-main 
Upgrade dev-lang/rust in main from 1.53.0 to 1.54.0
 2021-08-11 17:06:12 +02:00
Flatcar Buildbot
06b6e84d5c app-emulation: Upgrade Runc 1.0.0 to 1.0.1 2021-08-10 14:23:03 +02:00
Kai Lüke
37e0e8d92c Merge pull request #1170 from kinvolk/kai/sssd-faillock 
sys-apps/baselayout: fix sssd LDAP auth with sudo
 2021-08-09 17:40:11 +02:00
Kai Lueke
261ec85cfd sys-apps/baselayout: fix sssd LDAP auth with sudo 
This pulls in
https://github.com/kinvolk/baselayout/pull/18
 2021-08-09 17:38:22 +02:00
Flatcar Buildbot
6f654df672 dev-lang: Upgrade Go 1.16.6 to 1.16.7 2021-08-09 07:25:39 +00:00
Dongsu Park
942d66e678 profiles: delete ccache completely 
As we do not use ccache at all, we should simply clean up ccache from
all of the code, to shrink size of the SDK.
 2021-08-06 11:35:06 +02:00
Sayan Chowdhury
7869f54c9c Merge pull request #1152 from kinvolk/sayan/update-nvidia-470.57.02 
nvidia-{drivers, metadata}: Update NVIDIA to 470.57.02
 2021-08-06 14:37:10 +05:30
Sayan Chowdhury
86e391de6d Merge pull request #1166 from kinvolk/linux-5.10.56-main 
Upgrade Linux Kernel in main from 5.10.55 to 5.10.56
 2021-08-06 11:22:16 +05:30
Sayan Chowdhury
6c24e9d8cf dev-libs/expat: Remove patches and move to portage-stable 
The patches applies does not make sense to be removed, hence it would
be better to move `expat` back to portage-stable

Signed-off-by: Sayan Chowdhury <sayan.chowdhury2012@gmail.com>
 2021-08-06 05:40:34 +00:00
Thilo Fromm
5210371270 sys-apps/glibc: add Flatcar changes for 2.33-r5 
- unmask amd64 and arm64
- remove tmpfiles from ebuild inherit so we don't run into a circular
  dep with systemd, use systemd_tmpfilesd instead
- take care of nscd.conf via systemd_tmpfilesd,
  add files/nscd-conf.tmpfiles.
- Don't run sanity checks in pkg_pretend to prevent gcc checks when
  only the binary package is installed.
- comment out 'dostrip -x' to force the OS image binaries to be stripped
- remove everything glibc wants to put under /etc since we use
  baselayout to provide that

Add flatcar specific changes to the build recipe.
Move PYTHON_DEPS to DEPEND so things can build.

Don't run sanity checks in pkg_pretend
(similar change as in glibc-2.29) to prevent
gcc checks when only the binary package is installed.

Based on commit 8d040f93c289.

Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
Signed-off-by: Dongsu Park <dongsupark@microsoft.com>
 2021-08-05 09:53:52 +02:00
Dongsu Park
ce63084f8e sys-libs/glibc: sync with Gentoo for 2.33-r5 
Update glibc to 2.33-r5, mainly to address CVE-2021-35942 .

Gentoo ref: 5cde29d04e2da37ded900130f0f3dea13fcc350f
 2021-08-05 09:38:10 +02:00
Flatcar Buildbot
c72b4d1450 sys-kernel: Upgrade Kernel 5.10.55 to 5.10.56 2021-08-05 07:10:12 +00:00
Jeremi Piotrowski
7cf88348f3 Merge pull request #1162 from kinvolk/jepio/amazon-ssm-agent-xcompile 
amazon-ssm-agent: re-add dependency to oem-ec2-compat
 2021-08-04 10:20:15 +02:00
Dongsu Park
ae2e9e0376 dev-lang/rust: adjust libressl patch for Rust 1.54 
We need to adjust 1.47.0-libressl.patch to Rust 1.54, to fix the build
error caused by the invalid patch.
 2021-08-04 10:19:14 +02:00
Flatcar Buildbot
89e18d585e dev-lang: Upgrade dev-lang/rust 1.53.0 to 1.54.0 2021-08-04 10:19:07 +02:00
Sayan Chowdhury
4052dc2ce5 Merge pull request #1151 from kinvolk/sayan/update-libarchive-3.5.1 
profiles: Remove libarchive-3.3.1 from ACCEPT_KEYWORDS
 2021-08-03 20:15:07 +05:30
Sayan Chowdhury
7d0075e163 Merge pull request #1150 from kinvolk/sayan/update-expat-2.4.1 
dev-libs/expat: Sync with Gentoo upstream; updates to 2.4.1
 2021-08-03 20:14:36 +05:30
Sayan Chowdhury
2726b348d6 profiles: Remove libarchive-3.3.1 from ACCEPT_KEYWORDS 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2021-08-03 19:50:09 +05:30
Sayan Chowdhury
ae033984a8 Merge pull request #1157 from kinvolk/linux-5.10.55-main 
Upgrade Linux Kernel in main from 5.10.52 to 5.10.55
 2021-08-03 19:33:20 +05:30
Jeremi Piotrowski
cbc6a8fb90 coreos-base/oem-ec2-compat: make ssm agent conditional on ec2 
and properly include all deps in RDEPEND.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2021-08-03 13:32:26 +00:00
Jeremi Piotrowski
26767b01aa Revert "Revert "Build app-emulation/amazon-ssm-agent with EC2 AMI images"" 
Now that the OEM partition is a btrfs partition with compression, we have
enough space to install ssm agent.

This reverts commit b6abb59c544be13e923a3e7240b5c9395c281fca.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2021-08-03 12:55:42 +00:00
Jeremi Piotrowski
0875344378 app-emulation/amazon-ssm-agent: cross-compile and use correct go version 
The ebuild was missing a call to go_export() which exports GOARCH, and so was
always built for host architecture. While COREOS_GO_VERSION was specified as
go1.12, src_compile() has to use '${EGO}' to make use of it, so we were
building with go1.16 (latest).  Upstream builds with 1.12 for this version, so
we will do the same.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2021-08-03 12:33:48 +00:00
Jeremi Piotrowski
ba7b460518 Merge pull request #1130 from kinvolk/jepio/arm64-sdk-support 
enable arm64 SDK bootstrap
 2021-08-03 14:28:15 +02:00
Kai Lüke
1b2ab70890 sys-kernel/bootengine: finish network-cleanup.service before rootfs switch 
This pulls in
https://github.com/kinvolk/bootengine/pull/27
 2021-08-03 10:45:23 +02:00
Kai Lüke
2148ced2f2 Merge pull request #1153 from kinvolk/kai/ignition-oem-auto 
sys-apps/ignition: Ignore filesystem format mismatches for the OEM partition
 2021-08-03 10:39:59 +02:00
Kai Lüke
9139387127 sys-apps/ignition: Ignore filesystem format mismatches for the OEM partition 
This pulls in
https://github.com/kinvolk/ignition/pull/22
 2021-08-03 10:39:40 +02:00
Dongsu Park
c449236fb1 Merge pull request #934 from kinvolk/dongsu/delete-boost-build-1.67 
dev-util/boost-build: delete boost-build 1.67
 2021-08-03 10:26:59 +02:00
Sayan Chowdhury
39db514ce3 dev-libs/expat: Apply Flatcar changes 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2021-08-02 22:22:14 +05:30
Sayan Chowdhury
564f8f7b1d dev-libs/expat: Sync with Gentoo upstream; updates to 2.4.1 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2021-08-02 22:22:14 +05:30
Sayan Chowdhury
af9d9bc3ca nvidia-{drivers, metadata}: Update NVIDIA to 470.57.02 
Signed-off-by: Sayan Chowdhury <sayan@kinvolk.io>
 2021-08-02 22:21:24 +05:30
Dongsu Park
349a9ba532 Merge pull request #1129 from kinvolk/dongsu/github-actions-exclude-rcbeta 
.github: list only ebuilds with a unique VERSION_OLD for runc
 2021-08-02 14:12:17 +02:00
Kai Lüke
3088fd3cac Merge pull request #1138 from kinvolk/kai/dm-verity-corruption-panic 
sys-kernel/bootengine: issue a kernel panic on dm-verity corruption
 2021-08-02 13:34:24 +02:00
Kai Lüke
ee14557288 sys-kernel/bootengine: issue a kernel panic on dm-verity corruption 
This pulls in
https://github.com/kinvolk/bootengine/pull/26
 2021-08-02 13:34:08 +02:00
Dongsu Park
40f5f348af Merge pull request #1127 from kinvolk/firmware-20210716-main 
Upgrade Linux Firmware in main from 20210511 to 20210716
 2021-08-02 12:26:29 +02:00
Flatcar Buildbot
736682d437 sys-kernel: Upgrade Kernel 5.10.52 to 5.10.55 2021-07-31 07:10:22 +00:00
Kai Lüke
eb06982881 Merge pull request #1146 from kinvolk/kai/gce-oem-net-admin 
coreos-base/oem-gce: grant CAP_NET_ADMIN to set routes for LB
 2021-07-30 18:31:08 +02:00
Mathieu Tortuyaux
22c2e57360 Merge pull request #1149 from kinvolk/tormath1/fix-457 
docker/torcx: disable SELinux by default on `dockerd` wrapper script
 2021-07-30 15:00:12 +02:00
Dongsu Park
b37bce7dff sys-kernel/coreos-firmware: fix builds by updating CXGB version 
Fix build failures by updating CXGB firmware version to 1.26.0.0.
 2021-07-30 11:03:41 +02:00
Mathieu Tortuyaux
be50e579c8 app-emulation/docker: update wrapper to disable selinux 
this is now the default behavior - since this script is deprecated
we do a minimum update on it

Signed-off-by: Mathieu Tortuyaux <mathieu@kinvolk.io>
 2021-07-30 10:34:03 +02:00
Mathieu Tortuyaux
501d937d7e app-arch/torcx: update wrapper to disable selinux 
it's the default behavior now. Since this script is deprecated, we
do a minimum change on it.

Signed-off-by: Mathieu Tortuyaux <mathieu@kinvolk.io>
 2021-07-30 10:33:36 +02:00
Jeremi Piotrowski
b42cfedcf5 profiles: use correct lib64 path to sysroot-wrappers 
Sysroot-wrappers contains binaries installed to /usr/lib64/sysroot-wrappers,
but the profile referenced them through the 'lib -> lib64' symlink. Stop
relying on that symlink, which is not present in arm64 profiles, and is
not part of 17.1 amd64 profiles.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2021-07-30 07:43:15 +00:00
Kai Lüke
764d5c6baf coreos-base/coreos-init: prevent networkd interference with cilium_vxlan 
This pulls in
https://github.com/kinvolk/init/pull/43
 2021-07-29 20:01:50 +02:00
Kai Lüke
daf0a01b55 coreos-base/oem-gce: grant CAP_NET_ADMIN to set routes for LB 
With the switch from rkt to systemd-nspawn the ability for the service
to set the routing entries for the TCP load balancer got lost,
resulting in an unreachable LB as reported in
https://github.com/kinvolk/Flatcar/issues/459

The fix also reported there is to retain CAP_NET_ADMIN when starting
the service.
 2021-07-29 15:30:39 +02:00
Flatcar Buildbot
990e4f82b8 sys-kernel: Upgrade Linux Firmware 20210511 to 20210716 2021-07-29 07:07:37 +00:00
Kai Lüke
622a99058c coreos-base/update_engine: support btrfs as /usr filesystem 
This pulls in
https://github.com/kinvolk/update_engine/pull/11
 2021-07-28 13:29:02 +02:00