mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-10-05 20:41:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
25,901 Commits 634 Branches 398 Tags
Commit Graph

25901 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Michael
254e6d949d profiles: sync man-db version on arm64 2017-07-09 17:39:13 -07:00
David Michael
ae4583d564 bump(app-text/manpager): sync with upstream 2017-07-09 17:29:18 -07:00
David Michael
5c70328f3f bump(sys-apps/man-db): sync with upstream 2017-07-09 17:24:50 -07:00
David Michael
2327a315bb bump(metadata/glsa): sync with upstream 2017-07-09 17:18:14 -07:00
Euan Kemp
5cbc755abc offline_signing: use a smartcard URI 2017-07-06 13:50:27 -07:00
Euan Kemp
2146975588 coreos_sign_update: return 'legacy' signing support 
We currently sign with both a devel key and a prod key. The devel key is
insecure and need not be included on a smartcard, so it makes sense to
leave it be on disk.

However, the previous commit's padding changes removed this legacy
method of signing.
For simplicity, simply re-introduce the old logic conditionally based on
whether it's a smartcard or not.

Alternate options could be using `-pkcs` instead of `-raw` for both
keys, but that is a more intricate change I'd be less confident in
making.
 2017-07-06 13:50:27 -07:00
Matthew Garrett
54048fbb00 coreos_sign_update: Use smartcards for signing 
Sign updates using private keys on smartcards. This involves changing the
padding approach - rather than including the padding in the hash, ask the
card to generate the padding itself, since the card will refuse to sign
pre-padded material. Use + as a key separator rather than : as the PKCS#11
URI includes colons.
 2017-07-06 13:50:27 -07:00
David Michael
15217f8003 Merge pull request #2646 from dgonyeo/ignition 
sys-apps/ignition: 0.17.0 -> 0.17.1
 2017-07-05 15:39:44 -07:00
Derek Gonyeo
10f31b7297 sys-apps/ignition: 0.17.0 -> 0.17.1 2017-07-05 15:38:27 -07:00
David Michael
35ea95152c app-arch/torcx: bump to v0.1.0-alpha.3 2017-07-05 11:00:05 -07:00
Benjamin Gilbert
4bfb26d23e Merge pull request #2641 from bgilbert/4.12 
sys-kernel/coreos-*: bump to v4.12
 2017-07-03 18:34:01 -07:00
Benjamin Gilbert
eac64b8cd5 sys-kernel/coreos-*: bump to v4.12 
CONFIG_EDAC_MM_EDAC was merged into CONFIG_EDAC, and the latter converted
to a tristate, in e3c4ff6d8c949fa9a9ea1bd005bf1967efe09d5d.
 2017-07-03 18:08:51 -07:00
Benjamin Gilbert
ab20c61d1d Merge pull request #2628 from bgilbert/packet 
Sync with Packet provisioner
 2017-06-30 23:29:36 -07:00
David Michael
1ca83d763a Merge pull request #2640 from dm0-/install 
coreos-base/coreos-init: bump for sync fixes
 2017-06-30 18:54:58 -07:00
David Michael
832db7af43 coreos-base/coreos-init: bump for sync fixes 2017-06-30 18:42:40 -07:00
Benjamin Gilbert
e39e10d31f sys-kernel/bootengine: bump for Packet networking via coreos-metadata 2017-06-30 18:36:44 -07:00
Benjamin Gilbert
637fc28091 coreos-base/coreos-metadata: bump to v0.12.0 2017-06-30 18:34:14 -07:00
Benjamin Gilbert
b2c6b39ac7 sys-apps/baselayout: bump to disable automatic creation of bond0 2017-06-30 18:20:34 -07:00
Benjamin Gilbert
6a199b1bd5 coreos-base/oem-packet: bump version 2017-06-30 18:16:31 -07:00
Benjamin Gilbert
0379e5e336 coreos-base/oem-packet: replace deprecated vga= argument 
GRUB warns at boot:

    vga=773 is deprecated. Use set gfxpayload=1024x768x8,1024x768 before
    linux command instead.
 2017-06-30 18:16:31 -07:00
Benjamin Gilbert
22113d7983 coreos-base/oem-packet: enable coreos.autologin 
Access control for the SOS console uses the same SSH keys that are
injected into the instance. The Packet provisioner already enables
this option.
 2017-06-30 18:16:31 -07:00
Benjamin Gilbert
a0bebdd68d coreos-base/oem-packet: update console config to match Packet provisioner 
Our default console settings are fine on arm64 but not on x86.
 2017-06-30 18:16:31 -07:00
Benjamin Gilbert
0a4101e2a0 coreos-base/oem-packet: improve wording of unit description 2017-06-30 18:16:31 -07:00
Benjamin Gilbert
10730f3e3a coreos-base/oem-packet: retry phoning home until it succeeds 2017-06-30 18:16:31 -07:00
Benjamin Gilbert
60e9819077 coreos-base/oem-packet: send Content-Type when phoning home 2017-06-30 18:16:31 -07:00
David Michael
2447debece Merge pull request #705 from dm0-/jenkins 
Add Jenkins scripts
 2017-06-30 17:04:46 -07:00
David Michael
f5398d962b Merge pull request #2639 from dgonyeo/metadata 
coreos-base/coreos-metadata: v0.9.0 -> v0.11.0
 2017-06-30 15:23:24 -07:00
Derek Gonyeo
f1e659960d coreos-base/coreos-metadata: v0.9.0 -> v0.11.0 2017-06-30 15:20:00 -07:00
David Michael
b2e1d84861 Merge pull request #2638 from dgonyeo/ignition 
sys-apps/ignition: v0.16.0 -> v0.17.0
 2017-06-30 14:38:41 -07:00
Derek Gonyeo
d7f4ce99d7 sys-apps/ignition: v0.16.0 -> v0.17.0 2017-06-30 14:35:44 -07:00
David Michael
f3d8fde907 Merge pull request #2637 from AlexNPavel/vagrant-virtualbox-oem-id 
oem-vagrant-virtualbox: change vagrant-virtualbox's oem-id to "vagrant-virtualbox"
 2017-06-30 14:02:55 -07:00
David Michael
6265999206 Merge pull request #561 from dm0-/glsa 
bump(media-libs/libjpeg-turbo): sync with upstream
 2017-06-30 13:59:46 -07:00
Alexander Pavel
0e863389e8 oem-vagrant-virtualbox: update ebuild version to 0.0.2 2017-06-30 13:58:34 -07:00
David Michael
32a0bd8b52 bump(media-libs/libjpeg-turbo): sync with upstream 2017-06-30 13:22:30 -07:00
Alexander Pavel
d474a97ece oem-vagrant-virtualbox: change oem-id to "vagrant-virtualbox" 
This changes the oem-id from "virtualbox" to "vagrant-virtualbox"
to allow for more flexibility and add coreos-metadata support
for this oem
 2017-06-30 10:08:49 -07:00
David Michael
19d9423db9 Merge pull request #2636 from dm0-/install 
coreos-base/coreos-init: bump for coreos-install upgrade
 2017-06-29 19:54:33 -07:00
David Michael
a2cc10dc03 coreos-base/coreos-init: bump for coreos-install upgrade 2017-06-29 19:49:29 -07:00
Benjamin Gilbert
c47ef878ef Merge pull request #706 from bgilbert/sdk_version 
tag_release: Verify SDK version exists
 2017-06-29 17:41:04 -07:00
Benjamin Gilbert
7e93698c9b tag_release: Verify SDK version exists 
Some releases may omit the SDK for expediency.
 2017-06-29 17:20:29 -07:00
Benjamin Gilbert
11f0ce5847 Merge pull request #2632 from bgilbert/v4.11.8 
sys-kernel/coreos-*: bump to v4.11.8
 2017-06-29 16:21:34 -07:00
Euan Kemp
3150346fc7 Merge pull request #2634 from euank/bump-systemd 
sys-apps/systemd: bump systemd for CVE-2017-9445 + autofs
 2017-06-29 16:06:18 -07:00
Euan Kemp
64f0964e5b sys-apps/systemd: bump systemd for CVE-2017-9445 + autofs 
Corresponds to https://github.com/coreos/systemd/pull/82
 2017-06-29 16:02:39 -07:00
David Michael
9256893e83 jenkins: Drop conditions not affecting this branch 2017-06-29 15:34:29 -07:00
David Michael
9cfed47be0 jenkins: Re-add Jenkins scripts to this repository 
We are going to restore the split-script setup from the old Jenkins
server.  This ensures that the each version's release process is
actually running with scripts in the correct release branch.  It
also allows branching the VM format lists.

Note that the scripts added here only cover the currently active
jobs in the main build pipeline.  There is no reason to add other
jobs, since they are mostly just running a single command using a
mantle binary from its master branch.

The scripts in this repository pick up after Jenkins has set up an
environment with all parameters and credentials defined, and an SDK
was prepared and validated.
 2017-06-29 15:16:54 -07:00
Benjamin Gilbert
0b8f171770 sys-kernel/coreos-*: bump to v4.11.8 
Includes patch for ext4_mb_load_buddy() journal abort.
 2017-06-29 14:14:19 -07:00
Benjamin Gilbert
7fd0621cf8 Merge pull request #2631 from bgilbert/firmware 
sys-kernel/coreos-firmware: update to 20170622
 2017-06-29 13:03:10 -07:00
Benjamin Gilbert
4f7e0ee368 sys-kernel/coreos-firmware: fail build if any firmware is missing 
Warnings will not be noticed.
 2017-06-27 18:35:00 -07:00
Benjamin Gilbert
ec67ac4b0b sys-kernel/coreos-modules: drop AIC94XX SCSI driver 
It was first enabled in 469ed7cf257d8dbb69c971e67c9e549b2d784e72, but the
driver has always required non-redistributable external firmware, which
we've apparently never shipped.
 2017-06-27 18:34:56 -07:00
Benjamin Gilbert
16f63fe8b0 sys-kernel/coreos-firmware: update to 20170622 2017-06-27 17:25:10 -07:00
David Michael
19a1bf5c20 Merge pull request #2630 from dm0-/gnupg 
profiles: disable smartcard in gnupg for the boards
 2017-06-27 17:09:48 -07:00