We used to keep the package in overlay, because we dropped one Gentoo
patch to avoid some failures when applying updates when updating
payloads. This issue was fixed in bzip2 in a smarter way - we know
this, because we used 1.0.8 version with the fix and we didn't have
any problems so far. No point in keeping the package in overlay then.
source_on_disk() so far relied on the 'sourcePackage' field, which contains the
primary dependency of a torcx packge (app-torcx/docker ->
app-emulation/docker). Now the 'metaPackage' field (app-torcx/docker) is used,
which lets us look at RDEPENDS and figure out all packages that are indirectly
installed when installing a torcx package. torcx_dependencies() does just that,
so move it's definition to torcx_manifest.sh.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
The torcx_manifest.json file currently has a 'sourcePackage' field which is
extracted from the first runtime dependency of the torcx package ebuild. This
is a convention, and causes sourcePackage to hold 'app-emulation/docker' for
the 'app-torcx/docker' package. This does not carry enough information to be
able to figure out what other packages are part of the torcx package.
Store an additional field, 'metaPackage', in the manifest which contains the
name of the torcx package. With the right ebuild it is then possible to figure
out what other packages are part of a given torcx package. This can then be
used to add that information to the image packages list.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
Instead of looping over the package list, pass all the packages to a single
emerge call and specify num jobs. This lets emerge build/install all of them in
parallel, shaving some time off the torcx build.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
root needs to be specified with -p instead of -S.
The policy dir (-S) defaults to (-p) + /var/lib/selinux/ + (-s).
Picked from upstream: 54a8322d18
Closes: https://github.com/flatcar-linux/Flatcar/issues/596
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
The mirror-calico workflow has been failing because it currently determines
version=v3.22.0-0.dev-typha, which is not the tag used by the individual
container images. Rewrite the version logic to determine the version based on
what is in the tigera operator manifest. This is the same manifest that we use
to deploy calico in mantle.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
The entries added in changelog/security/ do not follow our existing
security section in the release notes:
https://www.flatcar.org/releases/#release-3033.2.0
Document the structure and an example to use the right format that we
need for release note generation.
The entries added in changelog/security/ do not follow our existing
security section in the release notes:
https://www.flatcar.org/releases/#release-3033.2.0
Document the structure and an example to use the right format that we
need for release note generation.
