GCE recommends images to ship Python in them. Instead of shipping the
binaries inside our vendor partition, install an alias that will
download the latest official container, for both python2 and python3.
We were setting `CONFIG_VGACON_SOFT_SCROLLBACK=y`, but this config
option was deleted with 20782abbbdfe922496a28f9cc0c3c0030f7dfb8f, due to
security issues.
Remove the config to let the kernel image build again.
This change updates to the latest oslogin version provided by Google.
Since our last update, this was split into a different repo and the
directory structure changed significantly.
It also added group support, which needed to be added to the
nsswitch.conf file that we ship.
Flatcar users require docker group permissions, so ensure oslogin gives
that permission by shipping a separate group.conf file that gets
installed when oslogin is enabled.
The qemu update caused several errors:
* We currently don't have Python 3.8 available in the SDK, so adding it in
the PYTHON_COMPAT field causes a build failure.
* The manifest needed to be updated
* A patch file was missing
This commit fixes these errors and makes the package build.
Since rsync 3.2.0, the ebuild sets `--enable-simd` option in case of
amd64. However, the cross toolchain in Flatcar SDK is not able to deal
with the SIMD feature, so configure in rsync fails like:
```
gcc version 8.3.0 (Gentoo Hardened 8.3.0-r1 p1.1)
configure.sh:3774: $? = 0
configure.sh:3763: x86_64-cros-linux-gnu-g++ -V >&5
x86_64-cros-linux-gnu-g++: error: unrecognized command line option '-V'
x86_64-cros-linux-gnu-g++: fatal error: no input files
compilation terminated.
```
Until we could resolve the toolchain issue, we should disable
`cpu_flags_x86_sse2`, to disable simd for rsync.
Improve body text of each PR for `dev-lang/rust`, by mentioning that
it should be merged together with its paired PR in portage-stable.
Explicitly name `dev-lang/rust` instead of `Rust`, because now there are
`dev-lang/rust` as well as `virtual/rust`.
Rename the dispatched event-type name to `rust-pull-request-main`, as
`cargo` has already disappeared.
Make the repository-dispatch action send additional client-payload with
a field `coreos-overlay-pull-request-number`, which will be later used
by the corresponding PR in portage-stable for adding a link back to the
PR in coreos-overlay.
This will not be enabled by default, and still requires the "lockdown"
kernel parameter. Users can test by setting in
`/usr/share/oem/grub.cfg`:
```
set linux_append="lockdown=integrity"
```
After this is set, dmesg output you'll see:
```
[ 0.000000] Kernel is locked down from command line; see man
kernel_lockdown.7
```
Signed-off-by: Vincent Batts <vbatts@kinvolk.io>
Github Action for Go has had a bug when parsing the current Go version
from `dev-lang/go/Manifest`, only when the current ebuild file has only
major + minor versions, without patchlevel. For example, it could parse
well `1.13.15`, but not `1.15`. We need to make it deal with both
versions, `x.y.z` and `x.y`.
With this PR, for example, when `VERSION_SHORT` is `1.15` and the
Manifest includes a tarball `go1.15.src.tar.gz`, we can confirm the new
regexp works well like below:
```
$ sed -n "s/^DIST go\(1\.15\.*[0-9]*\)\.src.*/\1/p" dev-lang/go/Manifest
1.15
```
The dependency was added in commit
dddb318b9f989acba9ccca9babc4715a9075eae8. Earlier the regulator code
was only built for arm64, but since the CONFIG_AT803X_PHY variable is
specified in common config, the CONFIG_REGULATOR variables needed to
be moved to common config too.
