6377 Commits

Author SHA1 Message Date
Flatcar Buildbot
d84648559d sys-kernel: Upgrade coreos-kernel 5.4.51 to 5.4.52 2020-07-16 07:07:09 +00:00
Kai Lüke
54ab97589b dev-lang/rust: Apply Flatcar patch
- Added crossdev patch
- Removed Python 3.8 support which we don't have yet
2020-07-15 18:10:00 +02:00
Kai Lüke
34c2cdcc8e dev-lang/rust: Sync Gentoo ebuild file 2020-07-15 18:10:00 +02:00
Dongsu Park
cf049abbd9 Merge pull request #440 from flatcar-linux/rust-1.44.1-alpha
Upgrade Rust in Alpha from 1.43.1 to 1.44.1
2020-07-14 14:36:35 +02:00
Sayan Chowdhury
091b16e493 Merge pull request #365 from samm-git/flatcar-ssm
Add Amazon SSM manager to the EC2 images
2020-07-13 23:59:58 +05:30
Dongsu Park
a0c45ef355 chore(metadata): Regenerate cache 2020-07-13 10:46:58 +02:00
Dongsu Park
1a8e6cb1ec dev-lang/rust: fix build failures after updates to 1.44.1
Update rust ebuild 1.44.1 to get it synced with upstream Gentoo.

Now that rust was updated to 1.44.1, we need to update patch files
and ebuilds, so that it can build without build failures.
2020-07-13 10:46:58 +02:00
Flatcar Buildbot
ec86861018 chore(metadata): Regenerate cache 2020-07-13 10:46:57 +02:00
Flatcar Buildbot
284f07d020 dev-lang: Upgrade Rust 1.43.1 to 1.44.1 2020-07-13 10:46:19 +02:00
Sayan Chowdhury
11cbd24e9d Merge pull request #466 from flatcar-linux/sayan/upgrade-flannel-wrapper-0-12-0
Bump flannel-wrapper to 0.12.0
2020-07-11 01:10:29 +05:30
Dongsu Park
00af243122 Merge pull request #469 from flatcar-linux/linux-5.4.51-alpha
Upgrade Linux Kernel in Alpha from 5.4.50 to 5.4.51
2020-07-10 13:44:55 +02:00
Dongsu Park
fdb8c71f3a Merge pull request #381 from flatcar-linux/dongsu/gnupg-alpha
app-crypt/gnupg: add patches for accepting without UIDs for alpha
2020-07-10 09:57:30 +02:00
Dongsu Park
86217c645d profiles: bump GnuPG versions to 2.2.20 for both arches 2020-07-10 09:55:21 +02:00
Dongsu Park
bff1e680ef app-crypt/gnupg: add patches for accepting without UIDs
When the GnuPG keyserver is set to `keys.openpgp.org`, `gpg --recv-keys`
occasionally fails with the following error:

```
gpg: key E52F0DB391453C45: no user ID
```

We need to make GnuPG accept keys even without UIDs.
Original patches come from
f292beac11/debian/patches/import-merge-without-userid .
See also https://dev.gnupg.org/T4393 .
2020-07-10 09:55:15 +02:00
Flatcar Buildbot
e4e4983ef7 chore(metadata): Regenerate cache 2020-07-10 07:06:32 +00:00
Flatcar Buildbot
0c365e62aa sys-kernel: Upgrade coreos-kernel 5.4.50 to 5.4.51 2020-07-10 07:06:32 +00:00
Dongsu Park
6b6a6e559a app-crypt/gnupg: import upstream gnupg 2.2.20 2020-07-09 17:55:45 +02:00
Sayan Chowdhury
7e76c7cafd Bump flannel-wrapper to 0.12.0
Signed-off-by: Sayan Chowdhury <sayan.chowdhury2012@gmail.com>
2020-07-09 19:18:09 +05:30
Sayan Chowdhury
7e39addf90 Bump app-admin/etcd-wrapper to 3.3.22
Signed-off-by: Sayan Chowdhury <sayan.chowdhury2012@gmail.com>
2020-07-09 11:18:44 +00:00
Dongsu Park
d2934cde4d Merge pull request #460 from flatcar-linux/containerd-1.3.6-alpha
Upgrade Containerd in Alpha from 1.3.4 to 1.3.6
2020-07-09 09:01:31 +02:00
Dongsu Park
a0e3a6674a sys-apps/ignition: fix package name to fetch
Update ignition to fix an internal package name to fetch.

Pulls in https://github.com/flatcar-linux/ignition/pull/14
2020-07-08 12:36:08 +02:00
Dongsu Park
4478f93fc0 Merge pull request #456 from flatcar-linux/linux-5.4.50-alpha
Upgrade Linux Kernel in Alpha from 5.4.49 to 5.4.50
2020-07-08 11:43:35 +02:00
Dongsu Park
7c23b07511 sys-kernel: enable kernel config CONFIG_IKHEADERS
Enable kernel config
[CONFIG_IKHEADERS](435faf5c21/init/Kconfig (L610-L617)
),
to make Kernel export kernel headers via `/sys/kernel/kheaders.tar.xz`.
Then bpf-related tools can be used without additional kernel headers in
userspace.
2020-07-03 12:40:59 +02:00
Flatcar Buildbot
973e2fd584 chore(metadata): Regenerate cache 2020-07-03 08:09:16 +00:00
Flatcar Buildbot
0415778311 app-emulation: Upgrade Containerd 1.3.4 to 1.3.6 2020-07-03 08:09:16 +00:00
Flatcar Buildbot
92d8f2eeee chore(metadata): Regenerate cache 2020-07-02 07:08:50 +00:00
Flatcar Buildbot
86253d468f sys-kernel: Upgrade coreos-kernel 5.4.49 to 5.4.50 2020-07-02 07:08:50 +00:00
Flatcar Buildbot
56f892ae9b chore(metadata): Regenerate cache 2020-07-01 07:43:13 +00:00
Flatcar Buildbot
cfe38ca6bd app-emulation: Upgrade Docker 19.03.11 to 19.03.12 2020-07-01 07:43:13 +00:00
Kai Lüke
0d54b852b5 sys-kernel/bootengine: Update to include static IP address fix
This pulls in https://github.com/flatcar-linux/bootengine/pull/15
to ensure that /etc/systemd/network/ exists to write networkd unit
when static IP addresses are configured through the kernel command
line in the format ip=<ip>::<gateway>:<netmask>:<hostname>:<iface>:none[:<dns1>[:<dns2>]]
https://docs.flatcar-linux.org/ignition/network-configuration/#using-static-ip-addresses-with-ignition
2020-06-30 12:38:40 +02:00
Dongsu Park
c75a36d75b Merge pull request #443 from flatcar-linux/linux-5.4.49-alpha
Upgrade Linux Kernel in Alpha from 5.4.47 to 5.4.49
2020-06-29 17:31:17 +02:00
Kai Lüke
44dbd37ff6 app-admin/locksmith: Migrate to Go modules
Pulls in
https://github.com/flatcar-linux/locksmith/pull/4
2020-06-29 16:17:22 +02:00
Dongsu Park
67c51a96e8 Revert "profiles: force to use ssl USE flag for wget"
This reverts commit 517e23ebfe96137f1482ae42f8b29fc2f1b31317.

The new USE flag `ssl` for wget resulted in a strange issue.
`wget` started to pull in `dev-libs/openssl`, which has `bindist` in its
USE flag. The catalyst stages, however, need to install wget without
`bindist`. Such mismatches resulted in errors like:

```
!!! All ebuilds that could satisfy "dev-libs/openssl:0=" for /tmp/stage1root/ have been masked.
!!! One of the following masked packages is required to complete your request:
- dev-libs/openssl-1.0.2u::coreos (masked by: bindist in RESTRICT)
```

So to fix the issue, what needs to be done is basically:

```
ACCEPT_RESTRICT=bindist USE=-bindist emerge -pv openssl openssh
```

Unfortunately it is not possible to set `accept_restrict` configs
under the coreos-overlay repo. We need to have some time to investigate
why it is so.

As a hotfix, we need to revert the `ssl` USE flag for wget.
2020-06-26 16:11:57 +02:00
Vincent Batts
4435726c00 etcd: update URL to it's own org on github now
even though they're still building from quay.io/coreos/etcd? maybe
that'll change soon too?

Signed-off-by: Vincent Batts <vbatts@kinvolk.io>
2020-06-26 16:07:05 +02:00
Flatcar Buildbot
cd47202838 chore(metadata): Regenerate cache 2020-06-26 09:18:03 +02:00
Flatcar Buildbot
86998589ed app-emulation: Upgrade Runc 1.0.0_rc10 to 1.0.0_rc90 2020-06-26 09:17:14 +02:00
Dongsu Park
3191861b0e Merge pull request #394 from flatcar-linux/docker-19.03.11-alpha
Upgrade Docker in Alpha from 19.03.8 to 19.03.11
2020-06-26 09:14:20 +02:00
Dongsu Park
cc2fcb56a1 Merge pull request #396 from flatcar-linux/dongsu/docker-go1.13-alpha
app-emulation/docker: set go1.13 in DOCKER_BUILDTAGS for alpha
2020-06-26 09:12:17 +02:00
Dongsu Park
037b53190e profiles: force to use ssl USE flag for wget
When catalyst tries to fetch a file via https, wget sometimes fails
to do so, with the following messages:

```
https://www.kernel.org/pub/software/scm/git/git-2.24.1.tar.xz: HTTPS
support not compiled in.
!!! Couldn't download 'git-2.24.1.tar.xz'. Aborting.
```

That probably happens because wget in some catalyst stages are compiled
without `ssl` USE flag. If a catalyst stage is lucky enough to rebuild
wget with `ssl` before actually fetching a file, it would work well.
Though if not, it would fail. It is not deterministic, and hard to
reproduce.

So backport the fix from upstream Gentoo,
https://github.com/gentoo/gentoo/commit/d141380b915d , for both amd64
and arm64. By setting `ssl` for wget in `package.use.force`, it is now
not possible to disable `ssl` for wget.

More details: https://bugs.gentoo.org/611072
2020-06-25 16:34:30 +02:00
Flatcar Buildbot
d4055031a4 chore(metadata): Regenerate cache 2020-06-25 07:07:13 +00:00
Flatcar Buildbot
a868c2024b sys-kernel: Upgrade coreos-kernel 5.4.47 to 5.4.49 2020-06-25 07:07:13 +00:00
Dongsu Park
930c8a40fa sys-libs/glibc: Apply Flatcar changes
Drop pkg_pretend since it breaks build_image if cross-compilers are
not installed yet (e.g. in Jenkins jobs).

Drop the libidn2 runtime dependency since it breaks bootstrapping,
and it's dlopen()ed so the resolver can work without it.

Drop the host /dev/pts checks since the SDK doesn't control it.

Apply our gshadow segfault patch, and adapt into glibc 2.30.

Install nscd.conf in /usr and set up tmpfiles to link it in /etc.

Wipe out /etc files (except for an environment file that is still
needed in the SDK).

Originally comes from eb07324f4de3 ("sys-libs/glibc: Apply CoreOS
changes").
2020-06-19 15:57:10 +02:00
Dongsu Park
e43d18f0da sys-libs/glibc: update to 2.30-r8
Update glibc to 2.30-r8 to sync with upstream Gentoo, to address
security issues reported as
[GLSA 202006-04](https://security.gentoo.org/glsa/202006-04).
2020-06-19 15:57:10 +02:00
Dongsu Park
4b37cf1e73 Merge pull request #430 from flatcar-linux/linux-5.4.47-alpha
Upgrade Linux Kernel in Alpha from 5.4.46 to 5.4.47
2020-06-19 10:23:38 +02:00
Sayan Chowdhury
dc39ed2025 Merge pull request #421 from flatcar-linux/sayan/update-to-intel-microcode-20200609_p20200601-alpha
sys-firmware/intel-microcode: update to 20200609
2020-06-18 19:09:27 +05:30
Flatcar Buildbot
5aadf68896 chore(metadata): Regenerate cache 2020-06-18 07:09:39 +00:00
Flatcar Buildbot
1a2717f498 sys-kernel: Upgrade coreos-kernel 5.4.46 to 5.4.47 2020-06-18 07:09:39 +00:00
Flatcar Buildbot
2514c02574 chore(metadata): Regenerate cache 2020-06-17 16:46:22 +02:00
Flatcar Buildbot
c155b5d9f6 app-emulation: Upgrade Docker 19.03.8 to 19.03.11 2020-06-17 16:45:53 +02:00
Kai Lüke
15eae915b4 app-admin/*-wrapper: Only set arguments that weren't set
When 788f328dc752a75da08d4c6fc27d094ecb4807d5 introduced pulling from
docker by default, "--insecure-options=image" was added for all
docker registries. However, when the user also needs to set "http" as
in "--insecure-options=image,http" it will not be used because the
other argument is added as last disregarding the option was already
set by the user.
Check if the option was set by the user and only add it if it is not
provided. If the user forgets to add "image" then rkt will simply
fail and tell that this option is needed; thus no complex logic of
appending and detecting only "image" is needed. Do the same for the
"--trust-keys-from-https" option to be consistent in allowing to
overwrite it with "--trust-keys-from-https=false".
2020-06-17 14:48:24 +02:00