mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-10-10 23:11:55 +02:00
Code Issues Packages Projects Releases Wiki Activity
29,602 Commits 599 Branches 412 Tags
Commit Graph

20234 Commits

Author SHA1 Message Date
Sayan Chowdhury
a15ff23bdb
shim, shim-signed: Move the packages from SDK to BOARD packages 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-11-13 12:19:10 +00:00
James Le Cuirot
b401cee2a9
sys-boot/shim-signed: Add shim-signed package to place signed binaries 
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2024-11-13 12:19:09 +00:00
Sayan Chowdhury
761bc04a19
sys-boot/shim: Append the suffix to the shim binary 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-11-13 12:19:08 +00:00
Sayan Chowdhury
02c0bdaa28
sys-boot/shim: Include @@VERSION@@ in SBAT for version 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-11-13 12:19:07 +00:00
Sayan Chowdhury
eef935e596
sys-boot/shim: Add the SBAT data to shim binary 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-11-13 12:19:06 +00:00
Sayan Chowdhury
b8f290bae4
sys-boot/shim: Add a use flag to use a DER files for shim builds 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2024-11-13 12:18:44 +00:00
Flatcar Buildbot
6cb21a37e1
sys-apps/portage: Sync with Gentoo 
It's from Gentoo commit ba2693dfc0f0f5535e6371c4e4d19806109537c9.
 2024-11-12 22:08:27 +00:00
James Le Cuirot
010afcd35d
sys-boot/mokutil: Install on arm64 now that it supports Secure Boot 
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2024-11-12 12:02:01 +00:00
James Le Cuirot
5125317506
coreos-base/coreos-sb-keys: Drop unnecessary PK and KEK certificates 
These are only needed when you are going to ship DB updates to existing
systems, which we are not going to do. Our EFI variables are only for
testing. End users are expected to use EFI variables provided by their
hosts or hardware vendors. We presumably provided these before because
some PK and KEK does need to be provided, but we can now use the
Microsoft and Red Hat ones provided via Gentoo's edk2 package.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2024-11-12 12:02:00 +00:00
James Le Cuirot
e50fe0a7e4
sys-firmware/edk2-aarch64: Drop in favour of edk2-bin 
edk2-bin now supports multiple platforms, including QEMU on arm64, so we
no longer need to use Fedora's build. Note that the Secure Boot
implementation is currently insecure as it lacks SMM, which is needed to
protect the EFI variable store.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2024-11-12 12:01:58 +00:00
Mathieu Tortuyaux
c80760c999
Merge pull request #1783 from flatcar/kai/proxmox-support 
OEM: Provide Proxmox images
 2024-11-12 12:52:31 +01:00
Mathieu Tortuyaux
c1cd33684b
coreos-base/afterburn: fix instance boots 
Without configdrive the instance is failing to boot - this patch is
currently under review on PR#1128 (coreos/afterburn)

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-11-12 12:51:36 +01:00
Mathieu Tortuyaux
6e674b26d3
oem: provide proxmox images 
Co-authored-by: Kai Lüke <pothos@users.noreply.github.com>
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-11-12 12:51:36 +01:00
Flatcar Buildbot
087d5e8bf4 sys-kernel/coreos-sources: Update from 6.6.59 to 6.6.60 2024-11-09 07:04:43 +00:00
James Le Cuirot
2bce0a69b9
Merge pull request #2431 from flatcar/chewi/grub-redhat-patches 
sys-boot/grub: Apply Red Hat's large patch set (and drop Gentoo's)
 2024-11-08 11:58:42 +00:00
Mathieu Tortuyaux
c6d69ef8aa
Merge pull request #2432 from flatcar/go-1.22.9-main 
Upgrade Go from 1.22.8 to 1.22.9
 2024-11-08 09:22:26 +01:00
Flatcar Buildbot
bf7d649c8e
dev-lang/go: Update from 1.22.8 to 1.22.9 2024-11-08 09:21:47 +01:00
James Le Cuirot
e0109ef1c6
sys-boot/grub: Fix fallback mechanism broken by Red Hat's patches 
This fix has been submitted to Red Hat. It will hopefully be merged
soon.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2024-11-07 14:26:05 +00:00
James Le Cuirot
fb3c9cff98
sys-boot/grub: Apply Red Hat's large patch set (and drop Gentoo's) 
We initially thought we would need Red Hat's patch set. Then it looked
like we wouldn't because the TPM Event Log appeared to work without it.
We later discovered that on amd64, it only works with Secure Boot
disabled. The patch set also fixes Secure Boot on arm64, which would
have otherwise needed a couple of patches from Canonical.

We have to drop Gentoo's patches because they conflict, but they don't
affect Flatcar anyway.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2024-11-07 14:26:04 +00:00
James Le Cuirot
2fcff863dc
Merge pull request #2430 from flatcar/chewi/virt-firmware 
app-crypt/efitools: Drop in favour of app-emulation/virt-firmware
 2024-11-07 11:43:45 +00:00
James Le Cuirot
bcd203ebcb
app-crypt/efitools: Drop in favour of app-emulation/virt-firmware 
virt-fw-vars handles X.509 conversion and QCOW2 conversion transparently
and can update all the variables in a single invocation.

Bonus: Asking it to list the variables doesn't cause a segfault due to
the feature not really being implemented. :D

The 00000000-0000-0000-0000-000000000000 owner GUID is what flash-var
used to set, as we didn't specify the -g argument. We don't need to set
a meaningful value as this file is only for testing.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2024-11-06 12:04:18 +00:00
James Le Cuirot
86ebb70552
app-emulation/virt-firmware: Import from Gentoo to replace efitools 
Unfortunately, it pulls in a number of dependencies.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2024-11-06 11:58:23 +00:00
Mathieu Tortuyaux
b6a76ca848
x11-drivers/nvidia: update to 535.216.01 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-11-06 10:13:30 +01:00
Mathieu Tortuyaux
5677ea6d60
Merge pull request #2419 from flatcar/linux-6.6.59-main 
Upgrade Linux Kernel for main from 6.6.58 to 6.6.59
 2024-11-05 11:33:04 +01:00
Flatcar Buildbot
2d86f41650 portage-stable/metadata: Monthly GLSA metadata updates 2024-11-01 07:05:51 +00:00
Flatcar Buildbot
d9da11dda3 sys-kernel/coreos-sources: Update from 6.6.58 to 6.6.59 2024-11-01 07:05:04 +00:00
Adrian Vladu
5a76525c84
Merge pull request #2390 from flatcar/ader1990/fix-nfs-read-plus 
sys-kernel/coreos-modules: disable CONFIG_NFS_V4_2_READ_PLUS
 2024-10-30 15:59:52 +02:00
Krzesimir Nowak
31db0ade6e
Merge pull request #2388 from flatcar/buildbot/weekly-portage-stable-package-updates-2024-10-21 
Weekly portage-stable package updates 2024-10-21
 2024-10-29 10:33:01 +01:00
Flatcar Buildbot
9d2d43bc79 app-misc/ca-certificates: Update from 3.105 to 3.106 2024-10-28 07:09:50 +00:00
Krzesimir Nowak
c82b8d9837 overlay coreos/user-patches: Update selinux policies patch 2024-10-25 15:26:16 +02:00
Mathieu Tortuyaux
41e9e07e69
Merge pull request #2396 from flatcar/firmware-20241017-main 
Upgrade Linux Firmware in main from 20240909 to 20241017
 2024-10-25 12:36:41 +02:00
Mathieu Tortuyaux
a37c9ed6ea
Merge pull request #2397 from flatcar/tormath1/ignition 
sys-apps/ignition: pull 2.20.0
 2024-10-24 15:06:09 +02:00
Mathieu Tortuyaux
17c232f3ae
sys-apps/ignition: bump to 2.20.0 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-10-24 10:32:21 +02:00
Mathieu Tortuyaux
c3b1c5869c
sys-apps/ignition: dropped upstreamed patches 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2024-10-24 09:55:48 +02:00
Flatcar Buildbot
ba83e2ff28 sys-kernel/coreos-firmware: Update from 20240909 to 20241017 2024-10-24 07:05:28 +00:00
Flatcar Buildbot
28cd12a41d sys-kernel/coreos-sources: Update from 6.6.57 to 6.6.58 2024-10-23 07:05:15 +00:00
Krzesimir Nowak
ae2f509f1b overlay profiles: Drop accept keywords for sys-process/audit 2024-10-22 17:22:18 +02:00
Krzesimir Nowak
61ab8e9cbb overlay profiles: Drop accept keywords for sys-libs/readline 2024-10-22 17:18:28 +02:00
Krzesimir Nowak
d535371642 overlay profiles: Drop accept keywords for sys-libs/efivar 2024-10-22 17:11:36 +02:00
Krzesimir Nowak
1461f946de overlay profiles: Drop accept keywords for sys-libs/cracklib 2024-10-22 17:11:00 +02:00
Krzesimir Nowak
1b719f17e2 overlay profiles: Drop accept keywords for sys-fs/quota 2024-10-22 17:10:10 +02:00
Krzesimir Nowak
3b4accdb5f overlay profiles: Drop accept keywords for sys-fs/btrfs-progs 2024-10-22 17:08:17 +02:00
Krzesimir Nowak
0f671a51a1 overlay profiles: Drop accept keywords for sys-devel/gettext 2024-10-22 16:59:54 +02:00
Krzesimir Nowak
281012ce1a overlay profiles: Drop accept keywords for sys-block/open-iscsi 2024-10-22 16:53:18 +02:00
Krzesimir Nowak
f9d2e93878 overlay profiles: Drop accept keywords for sys-apps/nvme-cli 2024-10-22 16:28:28 +02:00
Krzesimir Nowak
4ce2b26642 overlay profiles: Drop accept keywords for sys-apps/man-db 2024-10-22 16:27:34 +02:00
Krzesimir Nowak
f04cd56fe7 overlay profiles: Drop accept keywords for sys-apps/kmod 2024-10-22 16:26:47 +02:00
Krzesimir Nowak
fa37708be5 overlay profiles: Drop accept keywords for sys-apps/dtc 2024-10-22 16:24:48 +02:00
Krzesimir Nowak
348e8a3e0e overlay profiles: Drop accept keywords for sys-apps/bubblewrap 2024-10-22 16:23:43 +02:00
Krzesimir Nowak
e9b9cfccc4 overlay coreos/user-patches: Regenerate our selinux patch 2024-10-22 16:21:29 +02:00