mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-12-23 18:21:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,603 Commits 620 Branches 411 Tags
Commit Graph

33603 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathieu Tortuyaux
99d27211ea
Merge pull request #3507 from flatcar/tormath1/changelog 
changelog: add missing link
 2025-11-28 10:37:24 +01:00
flatcar-ci
1367cb3c04 New version: main-4532.0.0-nightly-20251127-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2025-11-27 21:00:27 +00:00
Mathieu Tortuyaux
681864d5f1
Merge pull request #3516 from flatcar/firmware-20251125-main 
Upgrade Linux Firmware in main from 20251111 to 20251125
 2025-11-27 17:35:46 +01:00
Dongsu Park
d62b0d5361 overlay ue-rs: update to 2025-11-27 
Pulls in https://github.com/flatcar/ue-rs/pull/95,
https://github.com/flatcar/ue-rs/pull/98.

Signed-off-by: Dongsu Park <dongsu@dpark.io>
 2025-11-27 16:54:06 +01:00
flatcar-ci
4a8083a858 New version: main-4532.0.0-nightly-20251127-0956 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2025-11-27 09:56:50 +00:00
Flatcar Buildbot
78bbdbe6df sys-kernel/coreos-firmware: Update from 20251111 to 20251125 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-11-27 07:06:09 +00:00
Mathieu Tortuyaux
efe320c789
Merge pull request #3487 from flatcar/firmware-20251111-main 
Upgrade Linux Firmware in main from 20251021 to 20251111
 2025-11-26 17:47:23 +01:00
Flatcar Buildbot
755e2b84cd
sys-kernel/coreos-firmware: Update from 20251021 to 20251111 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-11-26 13:46:46 +01:00
James Le Cuirot
24f38bee51
Merge pull request #3511 from flatcar/linux-6.12.59-main 
Upgrade Linux Kernel for main from 6.12.58 to 6.12.59
 2025-11-25 14:37:10 +00:00
James Le Cuirot
f007107a4c
Merge pull request #3513 from flatcar/mantle-update-main 
Upgrade mantle container image to latest HEAD in main
 2025-11-25 14:15:46 +00:00
Flatcar Buildbot
1feb53d91a Update mantle container image to latest HEAD 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-11-25 14:07:49 +00:00
James Le Cuirot
ed064d8943
Merge pull request #3505 from flatcar/cacerts-3.118.1-main 
Update ca-certificates in main from 3.117 to 3.118.1
 2025-11-25 14:07:34 +00:00
James Le Cuirot
f7ed772ffc
Merge pull request #3500 from flatcar/mantle-update-main 
Upgrade mantle container image to latest HEAD in main
 2025-11-25 09:18:24 +00:00
Flatcar Buildbot
f86522aa10 sys-kernel/coreos-sources: Update from 6.12.58 to 6.12.59 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-11-25 07:06:12 +00:00
Mathieu Tortuyaux
334f056657
ci-automation: remove Equinix Metal testing 
After years of good services and sponsoring from Equinix Metal, we need
to retire those tests for AMD64 / ARM64 bare metal instances.

As Equinix Metal offering is still around until June 2026, let's
continue to produce and release Flatcar images for any users still using
those images but we won't test them as the Flatcar account won't be
covered by sponsoring.

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2025-11-24 15:24:19 +01:00
Mathieu Tortuyaux
b5198f15b5
changelog: add missing link 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2025-11-24 15:21:19 +01:00
Flatcar Buildbot
4158576088 app-misc/ca-certificates: Update from 3.117 to 3.118.1 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-11-24 07:11:24 +00:00
Flatcar Buildbot
9f6a5504ff Update mantle container image to latest HEAD 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-11-22 02:29:31 +00:00
flatcar-ci
a37789be1b New version: main-4526.0.0-nightly-20251121-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2025-11-22 02:29:14 +00:00
flatcar-ci
1289b297f0 New version: main-4526.0.0-nightly-20251121-2100-INTERMEDIATE 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2025-11-21 21:00:30 +00:00
Dongsu Park
e03c86c017
Merge pull request #3453 from flatcar/buildbot/monthly-glsa-metadata-updates-2025-11-01 
Monthly GLSA metadata 2025-11-01
 2025-11-21 16:40:21 +01:00
Flatcar Buildbot
8274cf7d8f portage-stable/metadata: Monthly GLSA metadata updates 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Dongsu Park <dongsu@dpark.io>
 2025-11-21 12:15:27 +01:00
flatcar-ci
74fb20a470 New version: main-4525.0.0-nightly-20251120-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2025-11-20 21:00:29 +00:00
Daniel Zatovic
f7a2e240ee changelog: Add entry for signed OS-dependent sysexts 
Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2025-11-20 18:26:53 +01:00
Daniel Zatovic
2eb0997167 app-crypt/azure-keyvault-pkcs11: Bump snapshot to 20250905 
Add support for WorkloadIdentityCredential.

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2025-11-20 18:26:12 +01:00
Daniel Zatovic
4a2154feb2 sysext: Sign OS-dependent sysexts 
Generate an ephemeral sysext signing key, that is injected into the
image's sysext root of trust. All OS-dependent sysexts will be signed by
this key and the private key (stored in /tmp) will be discarded on SDK
container exit.

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2025-11-20 18:25:41 +01:00
Daniel Zatovic
89da3cc75c dev-libs/xxhash,sys-fs/erofs-utils: Add from Gentoo 
These packages are needed for building erofs sysexts using
systemd-repart. Also add erofs-utils to SDK deps.

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2025-11-20 09:59:11 +01:00
Daniel Zatovic
4b3ae28dfb virtual/zlib: Add from Gentoo 
Gentoo is moving the zlib dependency from sys-libs/zlib to virtual/zlib
to allow different zlib implementation (like zlib-ng). We need to pull
this virtual dependency because erofs-utils depends on it.

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2025-11-20 09:59:11 +01:00
Daniel Zatovic
39d97da549 overlay profiles: Enable cryptsetup in SDK systemd 
The cryptsetup useflag is required for signing sysexts built with
systemd-repart.

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2025-11-20 09:59:11 +01:00
Daniel
f05097d82f
Fix kernel module signing with ephemeral keys for official builds (#3493) 
* sdk: Fix ephemeral key directory paths baked into container images

The SDK container build process was persisting temporary directory
paths for module signing keys into /home/sdk/.bashrc. This caused
all container instances to share the same ephemeral key location.

Fixed by:
- Runtime check in sdk_entry.sh to recreate stale temp directories
- Build-time cleanup in Dockerfiles to remove the variables

Each container instance now gets unique temporary directories.

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>

* sdk_entry: use persistent module signing keys for unofficial builds

For official builds (COREOS_OFFICIAL=1), continue using ephemeral
temporary directories for module signing keys.

For unofficial/development builds, use a persistent directory at
/mnt/host/source/.module-signing-keys to preserve keys across
container restarts.

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>

---------

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2025-11-20 09:56:49 +01:00
flatcar-ci
72a74fdce7 New version: main-4524.0.0-nightly-20251119-0830 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2025-11-19 08:30:44 +00:00
Mathieu Tortuyaux
fdfc391f5e
Merge pull request #3429 from flatcar/tormath1/bincache 
ci-config: use new bincache server
 2025-11-18 17:58:21 +01:00
James Le Cuirot
0547ba5ecc
Merge pull request #3496 from flatcar/mantle-update-main 
Upgrade mantle container image to latest HEAD in main
 2025-11-18 09:15:18 +00:00
Flatcar Buildbot
ce578cce4f Update mantle container image to latest HEAD 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-11-18 00:57:23 +00:00
flatcar-ci
e196336c82 Revert failed version back to 4519.0.0+nightly-20251114-2100 2025-11-18 00:57:09 +00:00
flatcar-ci
0332395383 New version: main-4522.0.0-nightly-20251117-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2025-11-17 21:00:30 +00:00
flatcar-ci
a23d816108 New version: main-4519.0.0-nightly-20251114-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2025-11-15 02:23:51 +00:00
flatcar-ci
764988d84d New version: main-4519.0.0-nightly-20251114-2100-INTERMEDIATE 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2025-11-14 21:00:32 +00:00
Krzesimir Nowak
891c871a6c
Merge pull request #3494 from flatcar/krnowak/add-missing-packages-to-automation 
.github: Add more packages to automation
 2025-11-14 16:00:41 +01:00
James Le Cuirot
129c7714fe
Merge pull request #3489 from flatcar/linux-6.12.58-main 
Upgrade Linux Kernel for main from 6.12.54 to 6.12.58
 2025-11-14 14:35:27 +00:00
James Le Cuirot
34de824d5f
Merge pull request #3491 from flatcar/chewi/gha-pr-command-logic 
github: Fix PR command dispatcher logic so it doesn't always trigger
 2025-11-14 14:00:13 +00:00
Krzesimir Nowak
dda87a035d .github: Add more packages to automation 
Seems like I forgot to do it when I added them to portage-stable.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
 2025-11-14 14:35:31 +01:00
James Le Cuirot
d3c482b1fe
Merge pull request #3492 from flatcar/chewi/fix-modprobe-via-udevd-changelog 
changelog: Add missing entry for recent sysext kernel module loading fix
 2025-11-14 12:46:11 +00:00
James Le Cuirot
754baf5a9a
changelog: Add missing entry for recent sysext kernel module loading fix 
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2025-11-14 11:15:08 +00:00
James Le Cuirot
3faad0b5d8
github: Fix PR command dispatcher logic so it doesn't always trigger 
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
 2025-11-14 10:22:19 +00:00
Flatcar Buildbot
00479cf02d sys-kernel/coreos-sources: Update from 6.12.54 to 6.12.58 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2025-11-14 07:05:47 +00:00
flatcar-ci
7ec9fa3ec2 New version: main-4518.0.0-nightly-20251113-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2025-11-13 21:00:28 +00:00
Mathieu Tortuyaux
2930d06948
Merge pull request #3482 from flatcar/tormath1/mirror 
ci/release: copy secondary artifacts from bincache
 2025-11-13 17:02:38 +01:00
Mathieu Tortuyaux
ca2545fbf3
ci/config: remove RELEASES_SERVER 
This does not seem to be used anywhere here and can be misleading

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2025-11-13 15:54:16 +01:00
Mathieu Tortuyaux
06efdb8b21
ci/release: copy secondary artifacts from bincache 
this logic takes care of copying binary packages, SDK and packages
containers to cloudflare bucket in the `r2:flatcar/mirror/` location

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2025-11-13 15:53:42 +01:00