mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-15 17:06:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,261 Commits 624 Branches 395 Tags 164 MiB
4c225455f1
Commit Graph

8345 Commits

Author SHA1 Message Date
Krzesimir Nowak
4c225455f1 Merge pull request #2095 from flatcar-linux/linux-5.15.61-main 
Upgrade Linux Kernel in main from 5.15.60 to 5.15.61
 2022-08-18 16:55:19 +02:00
Krzesimir Nowak
4860ed8ae8 changelog: Fix a link 2022-08-18 13:27:06 +02:00
Krzesimir Nowak
1217d6c0fa coreos/config: Add a fix for dev-libs/cyrus-sasl cross-compilation 2022-08-18 10:43:35 +02:00
Krzesimir Nowak
723745befc profiles: Drop redundant entry in package.provides in target profile 
It's already a part of a base profile.
 2022-08-18 10:42:07 +02:00
Krzesimir Nowak
6c60feb9a7 dev-libs/cyrus-sasl: Move to portage-stable 2022-08-18 10:34:49 +02:00
Flatcar Buildbot
7d5371aee8 sys-kernel: Upgrade Kernel 5.15.60 to 5.15.61 2022-08-18 07:22:54 +00:00
Flatcar Buildbot
e44aacf2d5 sys-kernel: Upgrade Kernel 5.15.59 to 5.15.60 2022-08-16 21:16:34 +02:00
Jeremi Piotrowski
39a5eddec4 Merge pull request #2027 from flatcar-linux/t-lo/slsa-record-provenance-main 
Record SLSA provenance data by extending profile bashrc with phase hooks.
 2022-08-15 13:38:21 +02:00
Flatcar Buildbot
f87b7996f0 app-emulation: Upgrade Containerd 1.6.7 to 1.6.8 2022-08-12 13:04:27 +02:00
Sayan Chowdhury
046403e71d app-editors/vim,vim-core: Add accept_keywords for vim & vim-core 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2022-08-12 14:53:32 +05:30
Kai Lueke
a3e20e8bc5 coreos-base/coreos-init: Add new image signing key to flatcar-install 
This pulls in
https://github.com/flatcar-linux/init/pull/79
to updated the embedded pub key in flatcar-install to include the new
subkey that is used for signing new releases.
 2022-08-11 15:27:24 +02:00
Dongsu Park
e5dc9fac33 profiles: enable dev-vcs/git 2.37.1 
To be able to address CVE-2022-29187, we need to accept keywords
and unmask dev-vcs/git 2.37.1.
 2022-08-09 16:25:19 +02:00
Dongsu Park
9d1c45fc11 changelog: add changelog for Go 1.18.5 2022-08-08 14:39:51 +02:00
Flatcar Buildbot
110a8c0b0c dev-lang: Upgrade Go 1.18.4 to 1.18.5 2022-08-08 07:31:17 +00:00
Flatcar Buildbot
cac72c0f5a dev-lang: Upgrade Go 1.17.12 to 1.17.13 2022-08-08 07:31:17 +00:00
Krzesimir Nowak
1315e7e8bd Merge pull request #2076 from flatcar-linux/linux-5.15.59-main 
Upgrade Linux Kernel in main from 5.15.58 to 5.15.59
 2022-08-05 19:09:26 +02:00
Dongsu Park
3e41b06e26 Merge pull request #2079 from flatcar-linux/containerd-1.6.7-main 
Upgrade Containerd in main from 1.6.6 to 1.6.7
 2022-08-05 14:40:08 +02:00
Flatcar Buildbot
f8020786b7 app-emulation: Upgrade Containerd 1.6.6 to 1.6.7 2022-08-05 08:25:17 +00:00
Dongsu Park
e739f9bfa4 changelog: add changelog for libtirpc 1.3.2-r1 2022-08-04 18:04:07 +02:00
Dongsu Park
a729ef7c9a net-libs/libtirpc: Apply Flatcar modifications 
Update keywords to stable amd64 and arm64.

Note, fix-dos patch is not necessary any more, because 1.3.2-r1 from
upstream Gentoo already has the patch.

Based on commit f3150e4b458e8d8979a37a91e44a7e1d2334d2aa.
 2022-08-04 18:04:07 +02:00
Dongsu Park
382a18c125 net-libs/libtirpc: update to 1.3.2-r1 
Update net-libs/libtirpc to 1.3.2-r1 mainly to address CVE-2021-46828.
 2022-08-04 18:04:07 +02:00
Jeremi Piotrowski
1da35c897e Merge pull request #2070 from flatcar-linux/jepio/coreos-cloudinit-update 
coreos-base/coreos-cloudinit: bump commit for imdsv2 and go.mod support
 2022-08-04 15:43:40 +02:00
Jeremi Piotrowski
cd37e46bb8 changelog: add entry for coreos-cloudinit update 2022-08-04 14:47:13 +02:00
Jeremi Piotrowski
f2c0730ab7 coreos-base/coreos-cloudinit: pull in AWS IMDSv2 and go-module support 
This pulls in these PRs:
- https://github.com/flatcar-linux/coreos-cloudinit/pull/13 (imdsv2)
- https://github.com/flatcar-linux/coreos-cloudinit/pull/14 (go.mod)

Since go.mod is now present, rework the ebuild to remove unused bits and
enable go module support.
 2022-08-04 10:30:09 +02:00
Flatcar Buildbot
43279010b9 sys-kernel: Upgrade Kernel 5.15.58 to 5.15.59 2022-08-04 07:23:00 +00:00
Mathieu Tortuyaux
988523a4b2 changelog: add entries 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-08-03 18:35:29 +02:00
Mathieu Tortuyaux
0924a6d486 coreos-base/coreos-init: bump commit ID 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-08-03 18:27:13 +02:00
Jeremi Piotrowski
4c6debc989 sys-kernel/coreos-sources: backport 2 more patches 
and refresh other patches. The changes in PCI irq masking on hyperv resulted in
the previous set of patches not building on arm64. Resolve this by taking
another 2 patches. Patch z0006 makes the non-compiling code x86 specific
(fixing the build failure on arm64) and patch z0007 fixes a subsequent "not
used function" error.
 2022-08-03 12:15:50 +02:00
Krzesimir Nowak
45268f7e02 sys-kernel/coreos-sources: Regenerate patches 
The changes made to drivers/pci/controller/pci-hyperv.c by upstream
resulted in the first hyperv patch failing to apply.
 2022-08-02 17:51:47 +02:00
Jeremi Piotrowski
10cde6a11a profiles/coreos/base: slsa: format report before compression 2022-08-02 17:04:23 +02:00
Krzesimir Nowak
9fc609c834 Merge pull request #2068 from flatcar-linux/linux-5.15.58-main 
Upgrade Linux Kernel in main from 5.15.56 to 5.15.58
 2022-08-02 09:55:03 +02:00
Mathieu Tortuyaux
f6628428ea changelog: add entry 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-08-01 10:40:05 +02:00
Mathieu Tortuyaux
85fe7d9c1d coreos-base/init: keep static network configuration 
this pulls: https://github.com/flatcar-linux/init/pull/77

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-08-01 10:40:05 +02:00
Flatcar Buildbot
4d6fefdcee sys-kernel: Upgrade Kernel 5.15.56 to 5.15.58 2022-07-30 07:21:57 +00:00
Mathieu Tortuyaux
78f76d45fd coreos-base/hard-host-depends: add syft 
Otherwise it's not pulled in the SDK

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-07-28 12:36:20 +02:00
Mathieu Tortuyaux
372a75bdf9 Merge pull request #2060 from flatcar-linux/tormath1/ignition 
sys-apps/ignition: add networkd translate fix
 2022-07-28 10:05:02 +02:00
Mathieu Tortuyaux
8f0354c2f3 changelog: add entry 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-07-28 10:03:57 +02:00
Mathieu Tortuyaux
669a944e8d sys-apps/ignition: add networkd translate fix 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-07-28 10:03:57 +02:00
Jeremi Piotrowski
ef48877b47 Merge pull request #2030 from flatcar-linux/jepio/spdx-sbom 
app-containers/syft: add v0.51.0 to sdk
 2022-07-27 13:51:24 +02:00
jenkins
d6077e9286 profiles/coreos/base: slsa: use .git/HEAD file to fetch scripts hash 
ORIG_HEAD is the previous HEAD, so it is not what we are after. HEAD
only contains the hash if we are in a detached head situation, otherwise
it will contain a ref and we need to resolve it. `git rev-parse HEAD`
should work as well but hits an issue with git's new `safe.directory`
setting, I have not found a way to set this parameter for a signle call.

For toolchain packages are built with catalyst, and the HEAD value needs
to pre-resolved because we do not have access to the whole git
repository. So build_toolchains will need to inject the correct HEAD
file contents.
 2022-07-27 13:02:22 +02:00
jenkins
113de2ac75 profiles/coreos/base: slsa: compute ebuild file checksum for materials entry 2022-07-27 13:02:22 +02:00
Jeremi Piotrowski
fbdbd1ac19 profiles/coreos/base: slsa: revise material uri to match SPDXDownloadLocation spec 
If the uri points to a path within the repo then the format is
git+https://repo@ref#path. ORIG_HEAD is actually the previous HEAD, so read
use that to extract the correct ref.
 2022-07-27 13:02:22 +02:00
Jeremi Piotrowski
b1ce3800a5 profiles/coreos/base: slsa: sort file checksums by name 2022-07-27 13:02:22 +02:00
Jeremi Piotrowski
1a0f396be4 profile/coreos/base: slsa: switch to bz2 compression for consistency 
...and remove redundant mkdir. Mkdir is already called with the same argument a
couple of lines lower.
 2022-07-27 13:02:22 +02:00
Jeremi Piotrowski
d211a2b168 profile/core/base: slsa: use nproc instead of parsing /proc/cpuinfo 2022-07-27 13:02:22 +02:00
Jeremi Piotrowski
91b64a5587 profile/coreos/base: slsa: remove name collision between variable and function 
__slsa_provenance_report is both a variable and a function, which is confusing.
Rename the variable.
 2022-07-27 13:02:22 +02:00
jenkins
39f1d45dff profiles/coreos/base: slsa: return when disabled and use die() 2022-07-27 13:02:22 +02:00
jenkins
7bd2f19fac profiles/coreos/base: slsa: use portageq to find repository path 
This makes the lookup work within the catalyst chroot, as well as in the
SDK.
 2022-07-27 13:02:22 +02:00
Thilo Fromm
d86d5ebe3f slsa-provenance: make generation optional 2022-07-27 13:02:22 +02:00
Thilo Fromm
be46ed7bb0 profiles/coreos/base/profile.bashrc: SLSA provenance reports 
This change adds initial support for SLSA provenance report generation.
Reports are generated in package build post-install hooks after
compilation.

See https://slsa.dev/ for SLSA and https://slsa.dev/provenance/v0.2 for
the provenance report syntax.

Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
 2022-07-27 13:02:22 +02:00