mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-09-22 14:11:07 +02:00
Code Issues Packages Projects Releases Wiki Activity
23,028 Commits 633 Branches 408 Tags
Commit Graph

23028 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Benjamin Gilbert
85451cb7e4 sys-kernel/bootengine: add missing chmod 
It was performed by bootengine until
coreos/bootengine@7c7bbb8d85.
 2017-07-21 13:38:11 -07:00
David Michael
386efa4ae8 Merge pull request #2655 from dm0-/wrappers 
Bump flannel and etcd wrappers
 2017-07-20 14:57:16 -07:00
David Michael
0b033b5f8c app-admin/etcd-wrapper: bump to 3.1.10 2017-07-20 12:20:23 -07:00
David Michael
c88b4345f6 app-admin/flannel-wrapper: bump to 0.8.0 2017-07-20 12:19:28 -07:00
David Michael
15a1555043 bump(dev-util/re2c): sync with upstream 2017-07-19 13:14:12 -07:00
David Michael
379d06dec5 bump(dev-util/meson): sync with upstream 2017-07-19 13:01:01 -07:00
David Michael
47f585634e bump(dev-util/ninja): sync with upstream 2017-07-19 13:00:52 -07:00
David Michael
89cba335c5 bump(dev-lang/python): sync with upstream 2017-07-19 12:59:17 -07:00
David Michael
269204200a bump(profiles): sync with upstream 
Packages updated:
  eclass
  licenses
  profiles
  scripts
 2017-07-19 12:58:28 -07:00
Euan Kemp
50ef678e25 Merge pull request #712 from euank/fixup-core-sign-update 
core_sign_update: fix flag parsing for keys_separator
 2017-07-18 18:30:48 -07:00
Euan Kemp
e174703778 core_sign_update: fix flag parsing for keys_separator 
Introduced in #710, whoops.
 2017-07-18 18:24:38 -07:00
David Michael
341cb0dea6 Merge pull request #2653 from dm0-/systemd 
Upgrade to systemd v234
 2017-07-18 13:51:25 -07:00
David Michael
f186446b98 sys-apps/systemd: upgrade to v234 
This syncs most of the ebuild with Gentoo's, except it omits the
meson build part for now.

A side effect of this is that lxml will be built as a dependency,
but it is not used since systemd now requires Python 3.  This will
be fixed with meson support, since meson requires Python 3 as well.
 2017-07-18 12:54:06 -07:00
David Michael
4c5c1fb86f profiles: sync lxml on arm64 2017-07-18 12:49:54 -07:00
Euan Kemp
cdf275cd3e Merge pull request #710 from euank/coreos-card_signing 
coreos_sign_update: Use smartcards for signing (updated)
 2017-07-18 11:35:35 -07:00
David Michael
c78baf748b Merge pull request #2652 from coreosbot/master 
Upgrade Linux in master to 4.12.2
 2017-07-17 15:37:54 -07:00
Jenkins OS
467cedff05 sys-kernel/coreos-sources: bump to 4.12.2 2017-07-17 20:23:39 +00:00
David Michael
9e399e19de Merge pull request #2648 from dm0-/dracut 
profiles: upgrade to dracut 045
 2017-07-13 18:31:11 -07:00
David Michael
a1d5775603 Merge pull request #563 from dm0-/dracut 
bump(sys-kernel/dracut): sync with upstream
 2017-07-13 18:29:28 -07:00
David Michael
44a42faa1e sys-kernel/bootengine: bump for dracut 045 2017-07-13 18:27:42 -07:00
David Michael
5446be23f3 profiles: upgrade to dracut 045 2017-07-11 18:23:39 -07:00
David Michael
125bb460d8 bump(sys-kernel/dracut): sync with upstream 2017-07-11 18:22:27 -07:00
Euan Kemp
61be39c999 core_sign_update: remain compatible with older sign.sh 
The motivation behind retaining this backwards compatibility, at least
now, is that it's actually non-trivial to revert these code changes for
a given release.

The `sign.sh` changes can easily be changed, but the `core_sign_update`
code is included in the update-specific "au_zip" file. Replacing that is
a little more fiddly.

Since it's possible we'll still want to revert to the previous signing
behavior, make it so the update payload (namely core_sign_update) should
work both under the previous `sign.sh` script, and when using the new
one.
 2017-07-11 13:55:59 -07:00
David Michael
8ac62a5664 Merge pull request #2642 from dm0-/torcx 
app-arch/torcx: bump to v0.1.0-alpha.3
 2017-07-11 12:16:25 -07:00
David Michael
9889f2681c Merge pull request #2647 from dm0-/glsa 
profiles: sync man-db version on arm64
 2017-07-10 12:36:52 -07:00
David Michael
ee7a21794d Merge pull request #562 from dm0-/glsa 
Sync GLSAs
 2017-07-10 12:36:42 -07:00
David Michael
00d0400d58 bump(dev-libs/libpipeline): sync with upstream 2017-07-09 17:44:36 -07:00
David Michael
254e6d949d profiles: sync man-db version on arm64 2017-07-09 17:39:13 -07:00
David Michael
ae4583d564 bump(app-text/manpager): sync with upstream 2017-07-09 17:29:18 -07:00
David Michael
5c70328f3f bump(sys-apps/man-db): sync with upstream 2017-07-09 17:24:50 -07:00
David Michael
2327a315bb bump(metadata/glsa): sync with upstream 2017-07-09 17:18:14 -07:00
Euan Kemp
5cbc755abc offline_signing: use a smartcard URI 2017-07-06 13:50:27 -07:00
Euan Kemp
2146975588 coreos_sign_update: return 'legacy' signing support 
We currently sign with both a devel key and a prod key. The devel key is
insecure and need not be included on a smartcard, so it makes sense to
leave it be on disk.

However, the previous commit's padding changes removed this legacy
method of signing.
For simplicity, simply re-introduce the old logic conditionally based on
whether it's a smartcard or not.

Alternate options could be using `-pkcs` instead of `-raw` for both
keys, but that is a more intricate change I'd be less confident in
making.
 2017-07-06 13:50:27 -07:00
Matthew Garrett
54048fbb00 coreos_sign_update: Use smartcards for signing 
Sign updates using private keys on smartcards. This involves changing the
padding approach - rather than including the padding in the hash, ask the
card to generate the padding itself, since the card will refuse to sign
pre-padded material. Use + as a key separator rather than : as the PKCS#11
URI includes colons.
 2017-07-06 13:50:27 -07:00
David Michael
15217f8003 Merge pull request #2646 from dgonyeo/ignition 
sys-apps/ignition: 0.17.0 -> 0.17.1
 2017-07-05 15:39:44 -07:00
Derek Gonyeo
10f31b7297 sys-apps/ignition: 0.17.0 -> 0.17.1 2017-07-05 15:38:27 -07:00
David Michael
35ea95152c app-arch/torcx: bump to v0.1.0-alpha.3 2017-07-05 11:00:05 -07:00
Benjamin Gilbert
4bfb26d23e Merge pull request #2641 from bgilbert/4.12 
sys-kernel/coreos-*: bump to v4.12
 2017-07-03 18:34:01 -07:00
Benjamin Gilbert
eac64b8cd5 sys-kernel/coreos-*: bump to v4.12 
CONFIG_EDAC_MM_EDAC was merged into CONFIG_EDAC, and the latter converted
to a tristate, in e3c4ff6d8c949fa9a9ea1bd005bf1967efe09d5d.
 2017-07-03 18:08:51 -07:00
Benjamin Gilbert
ab20c61d1d Merge pull request #2628 from bgilbert/packet 
Sync with Packet provisioner
 2017-06-30 23:29:36 -07:00
David Michael
1ca83d763a Merge pull request #2640 from dm0-/install 
coreos-base/coreos-init: bump for sync fixes
 2017-06-30 18:54:58 -07:00
David Michael
832db7af43 coreos-base/coreos-init: bump for sync fixes 2017-06-30 18:42:40 -07:00
Benjamin Gilbert
e39e10d31f sys-kernel/bootengine: bump for Packet networking via coreos-metadata 2017-06-30 18:36:44 -07:00
Benjamin Gilbert
637fc28091 coreos-base/coreos-metadata: bump to v0.12.0 2017-06-30 18:34:14 -07:00
Benjamin Gilbert
b2c6b39ac7 sys-apps/baselayout: bump to disable automatic creation of bond0 2017-06-30 18:20:34 -07:00
Benjamin Gilbert
6a199b1bd5 coreos-base/oem-packet: bump version 2017-06-30 18:16:31 -07:00
Benjamin Gilbert
0379e5e336 coreos-base/oem-packet: replace deprecated vga= argument 
GRUB warns at boot:

    vga=773 is deprecated. Use set gfxpayload=1024x768x8,1024x768 before
    linux command instead.
 2017-06-30 18:16:31 -07:00
Benjamin Gilbert
22113d7983 coreos-base/oem-packet: enable coreos.autologin 
Access control for the SOS console uses the same SSH keys that are
injected into the instance. The Packet provisioner already enables
this option.
 2017-06-30 18:16:31 -07:00
Benjamin Gilbert
a0bebdd68d coreos-base/oem-packet: update console config to match Packet provisioner 
Our default console settings are fine on arm64 but not on x86.
 2017-06-30 18:16:31 -07:00
Benjamin Gilbert
0a4101e2a0 coreos-base/oem-packet: improve wording of unit description 2017-06-30 18:16:31 -07:00