mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-18 21:11:08 +02:00
Code Issues Packages Projects Releases Wiki Activity
28,798 Commits 625 Branches 396 Tags
Commit Graph

28798 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Flatcar Buildbot
e917c4066f
sys-kernel/coreos-sources: Update from 6.6.41 to 6.6.43 2024-07-29 17:59:00 +02:00
Mathieu Tortuyaux
9bfbdcb162
app-containers/docker-cli: sync with Gentoo 
Commit-Ref: 74214006c9

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-07-29 17:50:10 +02:00
Mathieu Tortuyaux
6bd9d82d32
app-containers/docker: sync with Gentoo 
Commit-Ref: 74214006c9

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-07-29 17:50:10 +02:00
Mathieu Tortuyaux
ca129b1d96
eclass/coreos-go-depend: use go 1.21 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-07-29 17:50:10 +02:00
Mathieu Tortuyaux
57f2b0c8e2
coreos-base/hard-host-depends: use go 1.21 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-07-29 17:50:10 +02:00
Mathieu Tortuyaux
3368d962ae
dev-lang/go: bump to 1.21.12 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-07-29 17:50:10 +02:00
Mathieu Tortuyaux
9ec5ddc9b3
app-emulation/amazon-ssm-agent: drop COREOS_GO_VERSION 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-07-29 17:50:09 +02:00
Mathieu Tortuyaux
7242e53b9f
Merge pull request #2171 from flatcar/mantle-update-main 
Upgrade mantle container image to latest HEAD in main
 2024-07-29 17:40:50 +02:00
Flatcar Buildbot
c0839dd919 Update mantle container image to latest HEAD 2024-07-29 15:26:44 +00:00
Mickaël Salaün
b2be807349
sys-kernel/coreos-modules: Enable Landlock 
Landlock is a feature to create security sandboxes thanks to 3 dedicated
system calls.  They are designed to be safe to used by any processes,
which can only drop their privileges, similarly to seccomp.

The new Landlock LSM is build in the kernel (CONFIG_SECURITY_LANDLOCK=y)
but it is not enough to make it usable by default.  As a stackable LSM,
it is required to enable it at boot time with the CONFIG_LSM list.  See
https://docs.kernel.org/userspace-api/landlock.html#kernel-support

As for other stackable LSMs, prepending Landlock to the default LSM list
enables users to potentially get more protection by default by letting
programs sandbox themselves.

As a dependency, CONFIG_SECURITY_PATH=y will be automatically set.

Signed-off-by: Mickaël Salaün <mic@digikod.net>
 2024-07-29 15:10:55 +02:00
Jeremi Piotrowski
38f9638a72
Merge pull request #2170 from flatcar/jepio/switch-nss-to-https 
app-misc/ca-certificates: Switch to https protocol in SRC_URI
 2024-07-29 10:46:17 +02:00
Jeremi Piotrowski
417790ff0d app-misc/ca-certificates: Switch to https protocol in SRC_URI 
Ftp access appears to have been decommissioned (access times out) so switch to
the https mirror that Mozilla provides.

Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
 2024-07-29 10:37:36 +02:00
Mathieu Tortuyaux
6428c9ed00
Merge pull request #2168 from flatcar/cacerts-3.102.1-main 
Update ca-certificates in main from 3.102 to 3.102.1
 2024-07-29 09:45:39 +02:00
Flatcar Buildbot
87c73ec262 app-misc/ca-certificates: Update from 3.102 to 3.102.1 2024-07-29 07:21:21 +00:00
flatcar-ci
a94f908998 New version: main-4041.0.0-nightly-20240724-2100 2024-07-24 21:00:27 +00:00
James Le Cuirot
1a1007ab2f
Merge pull request #2146 from flatcar/chewi/fix-distfiles 
Fix distfiles mirror by writing to coreos as before, not coreos-overlay
 2024-07-24 10:05:23 +01:00
Mathieu Tortuyaux
0e308b5236
Merge pull request #2149 from flatcar/mantle-update-main 
Upgrade mantle container image to latest HEAD in main
 2024-07-24 08:59:58 +02:00
Flatcar Buildbot
c5b7a56352 Update mantle container image to latest HEAD 2024-07-23 21:00:58 +00:00
flatcar-ci
55cd93be03 New version: main-4040.0.0-nightly-20240723-2100 2024-07-23 21:00:40 +00:00
James Le Cuirot
228e1bb1e1
Fix distfiles mirror by writing to coreos as before, not coreos-overlay 
It isn't worth renaming the directory used on the mirror, and the
Portage configuration still points to the old name.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2024-07-23 14:20:30 +01:00
Mathieu Tortuyaux
696f0168fd
changelog: add entries 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-07-23 12:01:30 +02:00
Mathieu Tortuyaux
911386c504
coreos-base/afterburn: pull Hetzner patch 
* allows Afterburn to get private IPs from Hetzner metadata
service
* fix duplicate attribute prefix

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-07-23 12:01:30 +02:00
James Le Cuirot
417ebf57f6
Merge pull request #2143 from flatcar/chewi/drop-alternatives 
Drop Catalyst package.use.force for alternatives
 2024-07-23 08:44:04 +01:00
flatcar-ci
15386d5459 New version: main-4039.0.0-nightly-20240722-2100 2024-07-22 21:00:26 +00:00
Mathieu Tortuyaux
dd9035644f
Merge pull request #2126 from flatcar/buildbot/weekly-portage-stable-package-updates-2024-07-16 
Weekly portage-stable package updates 2024-07-16
 2024-07-22 17:13:02 +02:00
Mathieu Tortuyaux
bef1feca36
changelog: add entries 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-07-22 17:10:16 +02:00
James Le Cuirot
389610f832
Drop Catalyst package.use.force for alternatives 
These flags normally need to be temporarily forced during stage1, but we
already force them permanently in our profiles.

Removing this appears to make build_library/portage redundant, but it
will later be used to allow building under QEMU with Catalyst, and it
could have other uses too.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2024-07-22 14:08:57 +01:00
Dongsu Park
29f7c259bd
Merge pull request #2069 from flatcar/buildbot/monthly-glsa-metadata-updates-2024-07-01 
Monthly GLSA metadata 2024-07-01
 2024-07-22 10:13:49 +02:00
flatcar-ci
dab06c59d6 New version: main-4036.0.0-nightly-20240719-2100 2024-07-20 03:00:28 +00:00
flatcar-ci
868c931c12 New version: main-4036.0.0-nightly-20240719-2100-INTERMEDIATE 2024-07-19 21:00:27 +00:00
James Le Cuirot
b04d424af2
Merge pull request #2133 from flatcar/chewi/catalyst-4-fixes 
Catalyst 4 upgrade follow up fixes
 2024-07-19 18:18:10 +01:00
Mathieu Tortuyaux
98500cd0be
Merge pull request #2139 from flatcar/containerd-1.7.20-main 
Upgrade Containerd in main from 1.7.19 to 1.7.20
 2024-07-19 17:03:45 +02:00
Mathieu Tortuyaux
b8c3a337fc
Merge pull request #2136 from flatcar/linux-6.6.41-main 
Upgrade Linux Kernel for main from 6.6.40 to 6.6.41
 2024-07-19 16:05:35 +02:00
Mathieu Tortuyaux
b9cb2aba53
overlay profiles: Drop accept keywords for sys-libs/libnvme 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-07-19 10:55:52 +02:00
Mathieu Tortuyaux
03e38f76f4
overlay profiles: Drop accept keywords for sys-apps/nvme-cli 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-07-19 10:35:36 +02:00
Mathieu Tortuyaux
8caa3537c0
overlay profiles: Drop accept keywords for sys-apps/coreutils 
This reverts ac79ba87022a8fe3d9961e56f5bea32c950b0971

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-07-19 10:32:53 +02:00
Flatcar Buildbot
cfb72f2e85 app-containers/containerd: Update from 1.7.19 to 1.7.20 2024-07-19 08:17:51 +00:00
Flatcar Buildbot
361d7d99e1 sys-kernel/coreos-sources: Update from 6.6.40 to 6.6.41 2024-07-19 07:14:34 +00:00
James Le Cuirot
36d0432a20
Add Catalyst 4 dependencies to package automation list 
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2024-07-17 11:31:43 +01:00
James Le Cuirot
2ba2b0236d
Move Catalyst upgrade inside catalyst_init and add --jobs option 
catalyst.sh is a library file, so it shouldn't upgrade Catalyst until
actually taking action.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2024-07-17 11:24:20 +01:00
flatcar-ci
0463d58c63 New version: main-4033.0.0-nightly-20240716-2100 2024-07-17 08:21:20 +00:00
Mathieu Tortuyaux
837620ec5a
Merge pull request #2132 from flatcar/tormath1/tomli 
Revert "dev-python/tomli: Drop unused package"
 2024-07-17 10:20:21 +02:00
Mathieu Tortuyaux
9c6cacacad
Revert "dev-python/tomli: Drop unused package" 
This reverts commit aaed2bdabb241c98200764cb3129711b546cb9f9.
 2024-07-17 09:55:10 +02:00
Dongsu Park
ea7ca345f0 test_image_content: add GLSA 202407-05 to allowlist 
Add GLSA 202407-05 to allowlist, because ebuild of sys-auth/sssd already
has a custom patch to fix CVE-2021-3621.
 2024-07-17 09:41:24 +02:00
Flatcar Buildbot
8b7394459a portage-stable/metadata: Monthly GLSA metadata updates 2024-07-17 09:41:24 +02:00
Mathieu Tortuyaux
0b08f9cb02
Merge pull request #2128 from flatcar/mantle-update-main 
Upgrade mantle container image to latest HEAD in main
 2024-07-17 09:25:03 +02:00
Flatcar Buildbot
1524f70113 Update mantle container image to latest HEAD 2024-07-17 07:24:28 +00:00
Mathieu Tortuyaux
ca6660d6b0
Merge pull request #2123 from flatcar/linux-6.6.40-main 
Upgrade Linux Kernel for main from 6.6.39 to 6.6.40
 2024-07-17 09:24:14 +02:00
flatcar-ci
de9d0d98d7 New version: main-4033.0.0-nightly-20240716-2100 2024-07-16 21:00:29 +00:00
Mathieu Tortuyaux
c9e11c054c
Revert "dev-python/tomli: Drop unused package" 
This reverts commit aaed2bdabb241c98200764cb3129711b546cb9f9.
 2024-07-16 18:13:18 +02:00