mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2026-02-13 03:31:54 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,068 Commits 629 Branches 415 Tags
Commit Graph

954 Commits

Author SHA1 Message Date
Daniel Zatovic
ddd38ae5ab changelog: Mention OEM sysext signing changes 
Update the changelog entry to include information about OEM sysexts
being signed and built during the image phase.

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2026-01-28 13:15:33 +01:00
Daniel Zatovic
b3dfe61eea changelog: Add entry for signed OS-dependent sysexts 
Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2026-01-28 13:15:33 +01:00
James Le Cuirot
0a6a706520
Merge pull request #3673 from flatcar/vmware-13.0.10-main 
Upgrade open-vm-tools in main from 13.0.5 to 13.0.10
 2026-01-28 10:24:23 +00:00
Dongsu Park
d87f4c0a9b
Merge pull request #3648 from flatcar/firmware-20260110-main 
Upgrade Linux Firmware in main from 20251125 to 20260110
 2026-01-28 10:50:11 +01:00
Flatcar Buildbot
9185aa1d76 app-emulation/open-vm-tools: Update from 13.0.5 to 13.0.10 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-01-28 07:07:00 +00:00
Krzesimir Nowak
d22c749c94 changelog: Add entries 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-23 14:16:03 +01:00
Krzesimir Nowak
211be0aa19
Merge pull request #3618 from flatcar/krnowak/python-bump 
Bump python to 3.12
 2026-01-20 14:54:46 +01:00
Flatcar Buildbot
7ae9c7dcea sys-kernel/coreos-sources: Update from 6.12.65 to 6.12.66 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-01-18 07:06:49 +00:00
Krzesimir Nowak
06328bb286 changelog: Add an entry 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-15 13:00:18 +01:00
Flatcar Buildbot
18ef25f802 sys-kernel/coreos-firmware: Update from 20251125 to 20260110 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-01-15 07:08:26 +00:00
James Le Cuirot
243b7d34d3
sys-kernel/dracut: Bump to 109 ahead of Gentoo stabilisation 
They're a bit behind with the stabilisation and I need new features.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2026-01-13 14:24:39 +00:00
James Le Cuirot
0f0e8245b5
Merge pull request #3559 from flatcar/chewi/etcd 
dev-db/etcd: Replace our etcdctl package with Gentoo's etcd package
 2026-01-13 14:08:38 +00:00
Mathieu Tortuyaux
4e04d39b6f
Merge pull request #3634 from flatcar/linux-6.12.65-main 
Upgrade Linux Kernel for main from 6.12.64 to 6.12.65
 2026-01-12 14:36:44 +01:00
Flatcar Buildbot
817db36a39 app-misc/ca-certificates: Update from 3.119 to 3.120 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-01-12 07:17:33 +00:00
Flatcar Buildbot
f4abfee0ec sys-kernel/coreos-sources: Update from 6.12.64 to 6.12.65 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-01-12 07:11:03 +00:00
James Le Cuirot
29c2e01c90
dev-db/etcd: Replace our etcdctl package with Gentoo's etcd package 
A `server` USE flag avoids including that binary. The client tools now
include etcdutl for performing defragmentation and snapshot restoration
on local data.

We previously built etcdctl with `CGO_ENABLED=0`, apparently for
consistency when cross-compiling, but we have since fixed that.

Gentoo's package is not currently stabilised for arm64, as I have only
just added that keyword while bumping to the latest release. The latest
stable release is a little old, but still much newer than ours.

Closes: https://github.com/flatcar/Flatcar/issues/1932
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2026-01-09 17:11:02 +00:00
Flatcar Buildbot
18ac740b35 sys-kernel/coreos-sources: Update from 6.12.62 to 6.12.64 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-01-09 07:09:27 +00:00
James Le Cuirot
fdab8b4d35
coreos-base/misc-files: Drop Ciphers, MACs, KexAlgorithms from sshd conf 
Setting an absolute list was preventing newer options from being
enabled, leading to this scary error message from newer clients.

    $ ssh flatcar
    Warning: Permanently added '[127.0.0.1]:2222' (ED25519) to the list of known hosts.
    ** WARNING: connection is not using a post-quantum key exchange algorithm.
    ** This session may be vulnerable to "store now, decrypt later" attacks.
    ** The server may need to be upgraded. See https://openssh.com/pq.html
    Last login: Wed Oct 15 10:05:46 UTC 2025 from 10.0.2.2 on pts/0
    Flatcar Container Linux by Kinvolk beta 4426.1.0 for QEMU

After going through each of the options, the only ones we were adding
above the current 10.2p1 defaults were the diffie-hellman-group KEX
algorithms. These were dropped upstream in 2024 because they are slower
while providing no benefit over other options. The continued presence of
ecdh-sha2-nistp256 ensures compatibility with default clients at least
as far back as 2016.

I think we should just continue to follow the upstream defaults unless
some significant client breakage is reported. They're usually quite
forgiving.

The order of these is significant, and our order did differ from
upstream's slightly, but I trust their order over ours.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2026-01-06 11:55:15 +00:00
James Le Cuirot
7f128bce66
Merge pull request #3524 from timbuchwaldt/main 
sys-kernel/coreos-modules: Enable Netkit flag
 2025-12-17 10:59:28 +00:00
James Le Cuirot
4fe5f90ba3
Merge pull request #3561 from flatcar/linux-6.12.62-main 
Upgrade Linux Kernel for main from 6.12.61 to 6.12.62
 2025-12-16 11:48:25 +00:00
Daniel
d28ece4479 Revert PR #3534 "sysext: Add OS-dependent sysext compression" 
Revert PR #3162 "Signed OS-dependent sysexts"

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2025-12-15 17:56:48 +01:00
Flatcar Buildbot
1cb3f7399c sys-kernel/coreos-sources: Update from 6.12.61 to 6.12.62 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-12-13 07:05:25 +00:00
Dongsu Park
3bff39990f
Merge pull request #3495 from flatcar/buildbot/weekly-portage-stable-package-updates-2025-11-17 
Weekly portage-stable package updates 2025-11-17
 2025-12-12 12:57:27 +01:00
Mathieu Tortuyaux
20a5323e9a
Merge pull request #3542 from flatcar/cacerts-3.119-main 
Update ca-certificates in main from 3.118 to 3.119
 2025-12-10 16:18:19 +01:00
Krzesimir Nowak
bb5bbf9286 changelog: Add entries 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2025-12-10 14:21:35 +01:00
Mathieu Tortuyaux
1159884f42
Merge pull request #3533 from LittleFox94/ignition-2.24 2025-12-10 08:41:09 +01:00
Flatcar Buildbot
571254bdd0 app-misc/ca-certificates: Update from 3.118 to 3.119 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-12-08 07:13:24 +00:00
Flatcar Buildbot
caef944d7d sys-kernel/coreos-sources: Update from 6.12.60 to 6.12.61 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-12-07 07:05:37 +00:00
Mara Sophie Grosch
e640d196d3 Update ignition to 2.24.0 
Patches were reordered a bit, e.g. combining the
"mod-add-flatcar-ignition-0.36.2" and "sum-go-mod-tidy" patches and
moving "config-v3_6-convert-ignition-2.x-to-3.x" before
"vendor-go-mod-vendor" (so that the dependencies added by the former are
vendored in the latter).

Built and tested with the yet-unpublished UpCloud OEM.

Signed-off-by: Mara Sophie Grosch <mara.grosch@upcloud.com>
 2025-12-03 12:12:25 +02:00
Tim Buchwaldt
10c6d9bf9c sys-kernel/coreos-modules: Enable Netkit flag 
Closes https://github.com/flatcar/Flatcar/issues/1959
Signed-off-by: Tim Buchwaldt <tim.buchwaldt@deepl.com>
 2025-12-02 11:14:12 +01:00
Flatcar Buildbot
56aaa3080d sys-kernel/coreos-sources: Update from 6.12.59 to 6.12.60 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-12-02 07:06:48 +00:00
Daniel
0945652715
Merge pull request #3162 from flatcar/danzatt/sign-sysexts 
Signed OS-dependent sysexts
 2025-12-01 11:12:22 +01:00
Mathieu Tortuyaux
99d27211ea
Merge pull request #3507 from flatcar/tormath1/changelog 
changelog: add missing link
 2025-11-28 10:37:24 +01:00
Flatcar Buildbot
78bbdbe6df sys-kernel/coreos-firmware: Update from 20251111 to 20251125 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-11-27 07:06:09 +00:00
Flatcar Buildbot
755e2b84cd
sys-kernel/coreos-firmware: Update from 20251021 to 20251111 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-11-26 13:46:46 +01:00
James Le Cuirot
24f38bee51
Merge pull request #3511 from flatcar/linux-6.12.59-main 
Upgrade Linux Kernel for main from 6.12.58 to 6.12.59
 2025-11-25 14:37:10 +00:00
Flatcar Buildbot
f86522aa10 sys-kernel/coreos-sources: Update from 6.12.58 to 6.12.59 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-11-25 07:06:12 +00:00
Mathieu Tortuyaux
b5198f15b5
changelog: add missing link 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2025-11-24 15:21:19 +01:00
Flatcar Buildbot
4158576088 app-misc/ca-certificates: Update from 3.117 to 3.118.1 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-11-24 07:11:24 +00:00
Daniel Zatovic
f7a2e240ee changelog: Add entry for signed OS-dependent sysexts 
Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2025-11-20 18:26:53 +01:00
James Le Cuirot
129c7714fe
Merge pull request #3489 from flatcar/linux-6.12.58-main 
Upgrade Linux Kernel for main from 6.12.54 to 6.12.58
 2025-11-14 14:35:27 +00:00
James Le Cuirot
754baf5a9a
changelog: Add missing entry for recent sysext kernel module loading fix 
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2025-11-14 11:15:08 +00:00
Flatcar Buildbot
00479cf02d sys-kernel/coreos-sources: Update from 6.12.54 to 6.12.58 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-11-14 07:05:47 +00:00
Krzesimir Nowak
6fb2e9883b
Merge pull request #3478 from flatcar/krnowak/fix-sssd 
overlay coreos/config: Keep ldb modules
 2025-11-13 13:18:20 +01:00
James Le Cuirot
9d0aee7edf
Merge pull request #3479 from flatcar/chewi/sysext-no-debug 
build_library: Drop debug symbols and other noise from some sysexts
 2025-11-13 12:05:21 +00:00
James Le Cuirot
b930444366
build_library: Drop debug symbols and other noise from some sysexts 
These were present in containerd, incus, and overlaybd.

Also restore SLSA to the podman sysext as we normally include this.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2025-11-13 10:46:36 +00:00
Krzesimir Nowak
eb522c7085 changelog: Add entries 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2025-11-12 18:04:49 +01:00
Krzesimir Nowak
deac985a83 changelog: Add an entry 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2025-11-12 11:00:41 +01:00
Krzesimir Nowak
3f74e83ad3
Merge pull request #3459 from flatcar/buildbot/weekly-portage-stable-package-updates-2025-11-03 
Weekly portage-stable package updates 2025-11-03
 2025-11-10 15:31:36 +01:00
Krzesimir Nowak
06f3ae5305
Merge pull request #3472 from flatcar/krnowak/main-runc-containerd 
Bump runc to 1.3.3 and containerd to 2.1.5 in main
 2025-11-07 16:31:01 +01:00