mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2026-02-09 01:32:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,840 Commits 632 Branches 414 Tags
Commit Graph

33840 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniel Zatovic
b3dfe61eea changelog: Add entry for signed OS-dependent sysexts 
Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2026-01-28 13:15:33 +01:00
Daniel Zatovic
3ffbf90154 sysext: Add OS-dependent sysext compression 
We removed the sysext compression, because we double-compression is
redundant for sysexts stored in already coimpressed BTRFS /usr. However,
OS-dependent sysexts that are downloaded on-demand were now also
uncompressed. This commit brings back the compression via
SYSTEMD_REPART_MKFS_OPTIONS_EROFS option.

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2026-01-28 13:15:33 +01:00
Daniel Zatovic
0edeb6cb5c sysext: Sign OS-dependent sysexts 
Generate an ephemeral sysext signing key, that is injected into the
image's sysext root of trust. All OS-dependent sysexts will be signed by
this key and the private key (stored in /tmp) will be discarded on SDK
container exit.

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2026-01-28 13:15:33 +01:00
Daniel Zatovic
9ef06f8928 overlay profiles: Enable cryptsetup in SDK systemd 
The cryptsetup useflag is required for signing sysexts built with
systemd-repart.

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2026-01-28 13:15:33 +01:00
James Le Cuirot
0a6a706520
Merge pull request #3673 from flatcar/vmware-13.0.10-main 
Upgrade open-vm-tools in main from 13.0.5 to 13.0.10
 2026-01-28 10:24:23 +00:00
Dongsu Park
d87f4c0a9b
Merge pull request #3648 from flatcar/firmware-20260110-main 
Upgrade Linux Firmware in main from 20251125 to 20260110
 2026-01-28 10:50:11 +01:00
flatcar-ci
f174e1b5b7 Revert failed version back to 4592.0.0+nightly-20260126-2100 2026-01-28 08:07:20 +00:00
Flatcar Buildbot
9185aa1d76 app-emulation/open-vm-tools: Update from 13.0.5 to 13.0.10 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-01-28 07:07:00 +00:00
flatcar-ci
b88fb61825 New version: main-4593.0.0-nightly-20260127-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-01-27 21:00:22 +00:00
Mathieu Tortuyaux
b0cbbcf492
Merge pull request #3669 from flatcar/mantle-update-main 
Upgrade mantle container image to latest HEAD in main
 2026-01-27 10:20:10 +01:00
Flatcar Buildbot
559513963d Update mantle container image to latest HEAD 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-01-27 08:58:19 +00:00
Dongsu Park
6041239da4
Merge pull request #3613 from flatcar/buildbot/monthly-glsa-metadata-updates-2026-01-01 
Monthly GLSA metadata 2026-01-01
 2026-01-27 09:58:04 +01:00
flatcar-ci
66995caefa New version: main-4592.0.0-nightly-20260126-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
main-4592.0.0-nightly-20260126-2100 		2026-01-26 21:00:24 +00:00
Flatcar Buildbot
f222a71d8c portage-stable/metadata: Monthly GLSA metadata updates 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Dongsu Park <dongsu@dpark.io>
 2026-01-26 13:27:54 +01:00
flatcar-ci
ade059da60 New version: main-4589.0.0-nightly-20260123-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
main-4589.0.0-nightly-20260123-2100 		2026-01-24 03:00:01 +00:00
flatcar-ci
90f86ae905 New version: main-4589.0.0-nightly-20260123-2100-INTERMEDIATE 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
main-4589.0.0-nightly-20260123-2100-INTERMEDIATE 		2026-01-23 21:00:28 +00:00
Mathieu Tortuyaux
0a3e23bc59
Merge pull request #3661 from flatcar/krnowak/gnupg 
Update gnupg packages
 2026-01-23 14:23:11 +01:00
Krzesimir Nowak
d22c749c94 changelog: Add entries 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-23 14:16:03 +01:00
Krzesimir Nowak
1eed1066ab app-crypt/pinentry: Sync with Gentoo 
It's from Gentoo commit 2d25fad95cbaa525c8945d8e582c749d49524f49.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-23 13:57:16 +01:00
Krzesimir Nowak
0b21977c86 app-crypt/gpgme: Sync with Gentoo 
It's from Gentoo commit 2d25fad95cbaa525c8945d8e582c749d49524f49.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-23 13:53:51 +01:00
Krzesimir Nowak
c0e9c0bbd1 app-alternatives/gpg: Sync with Gentoo 
It's from Gentoo commit c5b26c6b223e02892a79b1836531fded7123b854.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-23 13:30:14 +01:00
Krzesimir Nowak
6f633aca2f dev-libs/npth: Sync with Gentoo 
It's from Gentoo commit 9fbdb080f182155a33ff5f977d9c7fa2b2889db5.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-23 13:14:07 +01:00
Krzesimir Nowak
9fb7d08d0c dev-libs/libksba: Sync with Gentoo 
It's from Gentoo commit 2d25fad95cbaa525c8945d8e582c749d49524f49.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-23 13:14:06 +01:00
Krzesimir Nowak
2fbea58f1f dev-libs/libgpg-error: Sync with Gentoo 
It's from Gentoo commit b9824063db6ccf8c4e7e7b8d37f34814e483ec39.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-23 13:14:06 +01:00
Krzesimir Nowak
995cacb882 dev-libs/libgcrypt: Sync with Gentoo 
It's from Gentoo commit fb11a11f280769e8273be722e7717d44805155e5.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-23 13:14:06 +01:00
Krzesimir Nowak
5c044301f5 dev-libs/libassuan: Sync with Gentoo 
It's from Gentoo commit 2d25fad95cbaa525c8945d8e582c749d49524f49.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-23 13:14:06 +01:00
Krzesimir Nowak
c2ede77c37 app-crypt/gnupg: Sync with Gentoo 
It's from Gentoo commit 5d13f520cbffbd379192a3644046c6835826a6c3.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-23 13:12:21 +01:00
flatcar-ci
5611890b22 New version: main-4588.0.0-nightly-20260122-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
main-4588.0.0-nightly-20260122-2100 		2026-01-22 21:00:34 +00:00
Dongsu Park
74fc3e1f14
Merge pull request #3649 from flatcar/dongsu/ue-rs-20250109 
overlay ue-rs: update to v0.2.0, 2026-01-09
 2026-01-22 11:29:42 +01:00
flatcar-ci
769580b4cc New version: main-4586.0.0-nightly-20260120-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
main-4586.0.0-nightly-20260120-2100 		2026-01-20 21:00:25 +00:00
Krzesimir Nowak
211be0aa19
Merge pull request #3618 from flatcar/krnowak/python-bump 
Bump python to 3.12
 2026-01-20 14:54:46 +01:00
flatcar-ci
6d03cc9bef New version: main-4585.0.0-nightly-20260119-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-01-19 21:00:24 +00:00
Mathieu Tortuyaux
11b3978980
Merge pull request #3657 from flatcar/mantle-update-main 
Upgrade mantle container image to latest HEAD in main
 2026-01-19 14:46:40 +01:00
Flatcar Buildbot
441c71805e Update mantle container image to latest HEAD 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-01-19 13:39:34 +00:00
Mathieu Tortuyaux
012ba19079
Merge pull request #3652 from flatcar/linux-6.12.66-main 
Upgrade Linux Kernel for main from 6.12.65 to 6.12.66
 2026-01-19 14:39:22 +01:00
Krzesimir Nowak
f23661e2d0 overlay dev-python/boto: Add a patch to make it work on python 3.12 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-19 12:02:44 +01:00
Krzesimir Nowak
d4e33f7a4c overlay profiles: Ease into Python bump with transitional profile 
We only allow one version of Python in the SDK and generic images, but
this creates a friction during the SDK build where the seed still has
an old version of Python and the stage1 is supposed to have the new
one, and thus we end up with slot conflicts for python packages - I
don't really understand what is going on (there are python packages in
the seed image that are built for old Python and emerge wants to
install the same packages in the seed but built for the new Python and
it can't work its way around it.)

Allowing both versions of Python to coexist in stage1 seems to be
moving things forward. Stage3 image (stage2 is skipped) will contain
only the new version of Python.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-19 11:56:44 +01:00
Krzesimir Nowak
965d344a92 overlay profiles: Add a transitional profile for SDK 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-19 11:55:49 +01:00
Flatcar Buildbot
7ae9c7dcea sys-kernel/coreos-sources: Update from 6.12.65 to 6.12.66 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-01-18 07:06:49 +00:00
Krzesimir Nowak
06328bb286 changelog: Add an entry 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-15 13:00:18 +01:00
Krzesimir Nowak
1a55092a98 overlay *: Bump some python compats to 3.14 
Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-15 13:00:18 +01:00
Krzesimir Nowak
5dfb62c7e8 overlay profiles: Bump python to 3.12 
Try to do it with in a kinda-sorta proper Gentoo way - with
PYTHON_TARGETS and PYTHON_SINGLE_TARGET variables in
make.defaults. Still need to disable all other versions of python,
otherwise our settings gets merged with settings from base Gentoo
profiles, which currently enable python 3.13. And we also need to keep
masking the other python versions, because emerge still for some
reason wants to install python 3.13 or 3.14 for some packages, despite
the settings in PYTHON_TARGETS.

We are not bumping to 3.13, because sec-policy/selinux-base
PYTHON_COMPAT is still on at most 3.12.

Note that this change still allows python 3.11 in PYTHON_TARGETS for a
transition period. Otherwise the SDK builds do not go past stage1. We
only restrict generic images to 3.12 only, otherwise we would end up
with two python version installed in sysext images.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2026-01-15 12:55:12 +01:00
Flatcar Buildbot
18ef25f802 sys-kernel/coreos-firmware: Update from 20251125 to 20260110 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-01-15 07:08:26 +00:00
flatcar-ci
06b03f1059 New version: main-4580.0.0-nightly-20260114-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-01-14 21:00:25 +00:00
Dongsu Park
2c382e50f2 overlay ue-rs: update to 2026-01-09 
Signed-off-by: Dongsu Park <dongsu@dpark.io>
 2026-01-14 16:38:03 +01:00
James Le Cuirot
9d62073973
Merge pull request #3647 from flatcar/chewi/ignition-live 
sys-apps/ignition: Add live ebuild
 2026-01-14 15:30:47 +00:00
James Le Cuirot
26d90b38ce
sys-apps/ignition: Add live ebuild 
We often do development work on Ignition, so this is useful to have. The
ebuild will not work with Flatcar as-is because it lacks our patches,
but it can still be used in conjunction with flatcar_workon. We cannot
apply the patches unconditionally because they are unlikely to apply.
They do not apply right now.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2026-01-14 10:50:05 +00:00
flatcar-ci
1c8aeb0e54 New version: main-4579.0.0-nightly-20260113-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-01-13 21:00:26 +00:00
James Le Cuirot
1860f032ee
Merge pull request #3612 from flatcar/chewi/non-live 
Migrate (almost) all versioned coreos-overlay ebuilds away from git eclass
 2026-01-13 15:27:26 +00:00
James Le Cuirot
a9297cf2e9
build_image_util: Drop duplicate EGIT_REPO_URI handling 
This was left over from the cros_workon migration.

Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2026-01-13 15:16:46 +00:00