mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-18 21:11:08 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,572 Commits 625 Branches 396 Tags
Commit Graph

10572 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jeremi Piotrowski
10cde6a11a profiles/coreos/base: slsa: format report before compression 2022-08-02 17:04:23 +02:00
Krzesimir Nowak
9fc609c834 Merge pull request #2068 from flatcar-linux/linux-5.15.58-main 
Upgrade Linux Kernel in main from 5.15.56 to 5.15.58
 2022-08-02 09:55:03 +02:00
Mathieu Tortuyaux
cc90b123dc Merge pull request #2061 from flatcar-linux/tormath1/init 
coreos-base/init: keep static network configuration
 2022-08-01 11:35:18 +02:00
Mathieu Tortuyaux
f6628428ea changelog: add entry 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-08-01 10:40:05 +02:00
Mathieu Tortuyaux
85fe7d9c1d coreos-base/init: keep static network configuration 
this pulls: https://github.com/flatcar-linux/init/pull/77

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-08-01 10:40:05 +02:00
Flatcar Buildbot
4d6fefdcee sys-kernel: Upgrade Kernel 5.15.56 to 5.15.58 2022-07-30 07:21:57 +00:00
Mathieu Tortuyaux
98d31238c4 Merge pull request #2062 from flatcar-linux/tormath1/syft 
coreos-base/hard-host-depends: add syft
 2022-07-28 18:10:07 +02:00
Mathieu Tortuyaux
78f76d45fd coreos-base/hard-host-depends: add syft 
Otherwise it's not pulled in the SDK

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-07-28 12:36:20 +02:00
Mathieu Tortuyaux
372a75bdf9 Merge pull request #2060 from flatcar-linux/tormath1/ignition 
sys-apps/ignition: add networkd translate fix
 2022-07-28 10:05:02 +02:00
Mathieu Tortuyaux
8f0354c2f3 changelog: add entry 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-07-28 10:03:57 +02:00
Mathieu Tortuyaux
669a944e8d sys-apps/ignition: add networkd translate fix 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-07-28 10:03:57 +02:00
Jeremi Piotrowski
ef48877b47 Merge pull request #2030 from flatcar-linux/jepio/spdx-sbom 
app-containers/syft: add v0.51.0 to sdk
 2022-07-27 13:51:24 +02:00
jenkins
d6077e9286 profiles/coreos/base: slsa: use .git/HEAD file to fetch scripts hash 
ORIG_HEAD is the previous HEAD, so it is not what we are after. HEAD
only contains the hash if we are in a detached head situation, otherwise
it will contain a ref and we need to resolve it. `git rev-parse HEAD`
should work as well but hits an issue with git's new `safe.directory`
setting, I have not found a way to set this parameter for a signle call.

For toolchain packages are built with catalyst, and the HEAD value needs
to pre-resolved because we do not have access to the whole git
repository. So build_toolchains will need to inject the correct HEAD
file contents.
 2022-07-27 13:02:22 +02:00
jenkins
113de2ac75 profiles/coreos/base: slsa: compute ebuild file checksum for materials entry 2022-07-27 13:02:22 +02:00
Jeremi Piotrowski
fbdbd1ac19 profiles/coreos/base: slsa: revise material uri to match SPDXDownloadLocation spec 
If the uri points to a path within the repo then the format is
git+https://repo@ref#path. ORIG_HEAD is actually the previous HEAD, so read
use that to extract the correct ref.
 2022-07-27 13:02:22 +02:00
Jeremi Piotrowski
b1ce3800a5 profiles/coreos/base: slsa: sort file checksums by name 2022-07-27 13:02:22 +02:00
Jeremi Piotrowski
1a0f396be4 profile/coreos/base: slsa: switch to bz2 compression for consistency 
...and remove redundant mkdir. Mkdir is already called with the same argument a
couple of lines lower.
 2022-07-27 13:02:22 +02:00
Jeremi Piotrowski
d211a2b168 profile/core/base: slsa: use nproc instead of parsing /proc/cpuinfo 2022-07-27 13:02:22 +02:00
Jeremi Piotrowski
91b64a5587 profile/coreos/base: slsa: remove name collision between variable and function 
__slsa_provenance_report is both a variable and a function, which is confusing.
Rename the variable.
 2022-07-27 13:02:22 +02:00
jenkins
39f1d45dff profiles/coreos/base: slsa: return when disabled and use die() 2022-07-27 13:02:22 +02:00
jenkins
7bd2f19fac profiles/coreos/base: slsa: use portageq to find repository path 
This makes the lookup work within the catalyst chroot, as well as in the
SDK.
 2022-07-27 13:02:22 +02:00
Thilo Fromm
d86d5ebe3f slsa-provenance: make generation optional 2022-07-27 13:02:22 +02:00
Thilo Fromm
be46ed7bb0 profiles/coreos/base/profile.bashrc: SLSA provenance reports 
This change adds initial support for SLSA provenance report generation.
Reports are generated in package build post-install hooks after
compilation.

See https://slsa.dev/ for SLSA and https://slsa.dev/provenance/v0.2 for
the provenance report syntax.

Signed-off-by: Thilo Fromm <thilo@kinvolk.io>
 2022-07-27 13:02:22 +02:00
Dongsu Park
0d2a3f29fb Merge pull request #2059 from flatcar-linux/rust-1.62.1-main 
Upgrade dev-lang/rust and virtual/rust in main from 1.62.0 to 1.62.1
 2022-07-26 16:58:05 +02:00
Jeremi Piotrowski
c2c7f0d504 Merge pull request #2057 from flatcar-linux/jepio/systemd-resolve.conf 
sys-apps/systemd: fix tmpfile entry for resolv.conf link
 2022-07-26 11:07:09 +02:00
Jeremi Piotrowski
36ecad566a changelog: add entry for resolv.conf bugfix 2022-07-26 11:06:27 +02:00
Jeremi Piotrowski
d9972d4ad1 sys-apps/systemd: fix tmpfile entry for resolv.conf link 
Our ebuild modifies the systemd owned tmpfiles.d entry that creates the
/etc/resolv.conf symlink to point to resolv.conf instead of stub-resolv.conf.
The file that contains that entry changed from etc.conf.in to
systemd-resolve.conf, so update the ebuild to touch that file.
 2022-07-26 10:03:13 +02:00
Flatcar Buildbot
5acb31cbab dev-lang: Upgrade dev-lang/rust 1.62.0 to 1.62.1 2022-07-26 07:37:28 +00:00
Dongsu Park
f36c15c44d Merge pull request #2056 from flatcar-linux/cacerts-3.81-main 
Upgrade ca-certificates in main from 3.80 to 3.81
 2022-07-25 16:18:25 +02:00
Flatcar Buildbot
6058ad50fc app-misc: Upgrade ca-certificates 3.80 to 3.81 2022-07-25 07:24:01 +00:00
Dongsu Park
cd80387051 Merge pull request #2040 from flatcar-linux/dongsu/add-Go-CVE-2022-32148 
changelog: add missing CVE for Go 1.18.4, 1.17.12
 2022-07-22 15:04:15 +02:00
Krzesimir Nowak
fa391c188d Merge pull request #2045 from flatcar-linux/linux-5.15.56-main 
Upgrade Linux Kernel in main from 5.15.55 to 5.15.56
 2022-07-22 14:51:58 +02:00
Flatcar Buildbot
2568802c6e sys-kernel: Upgrade Kernel 5.15.55 to 5.15.56 2022-07-22 07:24:26 +00:00
Dongsu Park
1e1c30264e changelog: add missing CVE for Go 1.18.4, 1.17.12 
Add missing CVE-2022-32148 for Go 1.18.4, 1.17.12.
 2022-07-21 13:39:12 +02:00
Mathieu Tortuyaux
ace84f7d4f Merge pull request #2038 from flatcar-linux/tormath1/nmap 
profiles: enable symlink for nmap
 2022-07-19 14:11:09 +02:00
Mathieu Tortuyaux
f334da4fb5 changelog: add entry 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-07-19 08:45:57 +02:00
Sayan Chowdhury
6aa0ab8a87 Merge pull request #2036 from flatcar-linux/linux-5.15.55-main 
Upgrade Linux Kernel in main from 5.15.54 to 5.15.55
 2022-07-19 02:59:46 +05:30
Mathieu Tortuyaux
606ba61447 profiles: enable symlink for nmap 
For compatiblity, it's good to have `nc` in the PATH too.

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2022-07-18 11:23:09 +02:00
jenkins
a938fb9b5c app-containers/syft: apply downstream changes 
* pass additional ldflags so that `syft version` prints the package
  version.
* keyword stable for amd64 and arm64 (to reduce differences between the
  two).
 2022-07-18 07:49:27 +00:00
jenkins
e995d9a4b1 app-containers/syft: Import from Gentoo 
Upstream commit c691680319ac2f00f203533c3dca0b21ecf77f80
 2022-07-18 07:49:22 +00:00
Flatcar Buildbot
d68ffc61cc sys-kernel: Upgrade Kernel 5.15.54 to 5.15.55 2022-07-16 07:22:06 +00:00
Krzesimir Nowak
6dea2f8ae7 Merge pull request #2024 from flatcar-linux/linux-5.15.54-main 
Upgrade Linux Kernel in main from 5.15.52 to 5.15.54
 2022-07-15 16:03:41 +02:00
Sayan Chowdhury
2959870601 Merge pull request #2018 from flatcar-linux/sayan/update-sudo-1.9.10-r1 
app-admin/sudo: Sync with Gentoo upstream; updates to 1.9.10-r1
 2022-07-15 16:11:46 +05:30
Sayan Chowdhury
c605e33d23 app-admin/sudo: Add the changelog for sudo-1.9.10-r1 release 
Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2022-07-15 15:33:39 +05:30
Sayan Chowdhury
c0afb3e982 app-admin/sudo: Apply Flatcar patches 
- Remove Perl Runtime Dependency
- Remove OpenLDAP schema files for sudo
- Remove sudo.conf file as it is shipped via baselayout

Signed-off-by: Sayan Chowdhury <schowdhury@microsoft.com>
 2022-07-15 15:33:39 +05:30
Sayan Chowdhury
46ef576243 Merge pull request #2029 from flatcar-linux/sayan/update-curl-7.84.0 
profiles: remove outdated arm64 accept_keywords for curl
 2022-07-15 15:28:28 +05:30
Dongsu Park
2ad4c0c632 Merge pull request #2028 from flatcar-linux/firmware-20220708-main 
Upgrade Linux Firmware in main from 20220610 to 20220708
 2022-07-14 13:42:34 +02:00
Kai Lüke
9d8e918968 Merge pull request #2026 from flatcar-linux/kai/kargs-nonexisting-grubcfg 
sys-kernel/bootengine: Fix ignition kargs support by creating grub.cfg
 2022-07-14 10:30:48 +02:00
Kai Lueke
b9ee2d9c4f sys-kernel/bootengine: Fix ignition kargs support by creating grub.cfg 
This pulls in
https://github.com/flatcar-linux/bootengine/pull/47
which creates the grub.cfg file if it does not exist when the Ignition
kargs directive is used, preventing an error when it tried to read the
current settings from it.
 2022-07-14 10:30:25 +02:00
Flatcar Buildbot
74073529a9 sys-kernel: Upgrade Linux Firmware 20220610 to 20220708 2022-07-14 07:11:33 +00:00