mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2026-03-02 20:11:43 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,886 Commits 643 Branches 422 Tags
Commit Graph

33886 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathieu Tortuyaux
ec00da5ade
Merge pull request #3729 from flatcar/linux-6.12.73-main 
Upgrade Linux Kernel for main from 6.12.70 to 6.12.73
 2026-02-18 14:45:48 +01:00
flatcar-ci
ebfd922c25 Revert failed version back to 4609.0.0+nightly-20260212-2100 2026-02-18 02:42:34 +00:00
flatcar-ci
80ad4879e2 New version: main-4614.0.0-nightly-20260217-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-02-17 21:00:31 +00:00
Flatcar Buildbot
3e6fe1b2f6
sys-kernel/coreos-sources: Update from 6.12.70 to 6.12.73 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-02-17 11:00:11 +01:00
Mathieu Tortuyaux
51cb46a6cc
Merge pull request #3733 from flatcar/tormath1/ca-certificates 
app-misc/ca-certificates: use github URLs
 2026-02-17 10:58:56 +01:00
Mathieu Tortuyaux
25de567365
app-misc/ca-certificates: use github URLs 
Between 3.120.1 and 3.120, we noticed this:
```
$ ls /var/tmp/portage/app-misc/ca-certificates-3.120-r1/work
nss-3.120
$ ls /var/tmp/portage/app-misc/ca-certificates-3.120.1/work
nss-NSS_3_120_1_RTM
```

The last one is using the GitHub release format - it seems the upstream
pushed a GitHub release on the Mozilla Archive FTP server?

Gentoo did the move as well: b51bd45ded

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2026-02-17 10:35:51 +01:00
Mathieu Tortuyaux
9858e2637a
Merge pull request #3724 from flatcar/mantle-update-main 
Upgrade mantle container image to latest HEAD in main
 2026-02-17 09:20:17 +01:00
Flatcar Buildbot
5d911f86c4 Update mantle container image to latest HEAD 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-02-16 21:34:35 +00:00
flatcar-ci
67b14b5205 Revert failed version back to 4609.0.0+nightly-20260212-2100 2026-02-16 21:34:24 +00:00
flatcar-ci
24adb2df07 New version: main-4613.0.0-nightly-20260216-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-02-16 21:00:24 +00:00
Mathieu Tortuyaux
b3a17f6e4c
Merge pull request #3721 from flatcar/cacerts-3.120.1-main 
Update ca-certificates in main from 3.120 to 3.120.1
 2026-02-16 09:59:48 +01:00
Flatcar Buildbot
90f4cbad95 app-misc/ca-certificates: Update from 3.120 to 3.120.1 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-02-16 07:32:04 +00:00
flatcar-ci
b3c09c828a Revert failed version back to 4609.0.0+nightly-20260212-2100 2026-02-14 02:57:10 +00:00
flatcar-ci
7148f8b2d6 New version: main-4610.0.0-nightly-20260213-2100-INTERMEDIATE 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-02-13 21:00:22 +00:00
Mathieu Tortuyaux
d79e5424e0
Merge pull request #3696 from flatcar/tormath1/pam-sssd 
package.use: enable back sssd for pambase
 2026-02-13 09:52:27 +01:00
flatcar-ci
b9927a5d15 New version: main-4609.0.0-nightly-20260212-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-02-12 21:00:23 +00:00
James Le Cuirot
ccdfe1bbec
Merge pull request #3710 from flatcar/mantle-update-main 
Upgrade mantle container image to latest HEAD in main
 2026-02-12 13:58:21 +00:00
Flatcar Buildbot
43193e7bdc Update mantle container image to latest HEAD 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-02-12 13:50:57 +00:00
Mathieu Tortuyaux
81f215913f
Merge pull request #3702 from flatcar/linux-6.12.70-main 
Upgrade Linux Kernel for main from 6.12.69 to 6.12.70
 2026-02-12 14:50:22 +01:00
Flatcar Buildbot
e6fca0b759 sys-kernel/coreos-sources: Update from 6.12.69 to 6.12.70 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-02-12 07:24:12 +00:00
Mathieu Tortuyaux
24cd546041
changelog: add entry 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2026-02-11 09:29:00 +01:00
flatcar-ci
e7dd14a757 New version: main-4607.0.0-nightly-20260210-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-02-10 21:00:26 +00:00
Mathieu Tortuyaux
4666ae235b
Merge pull request #3692 from flatcar/linux-6.12.69-main 
Upgrade Linux Kernel for main from 6.12.66 to 6.12.69
 2026-02-10 14:03:31 +01:00
Mathieu Tortuyaux
b3a05aa894
sys-auth/pambase: regen patches 
This brings a fix to move the pam_sss at the right position. I think
this can be upstreamed.

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2026-02-10 11:30:55 +01:00
Mathieu Tortuyaux
f16b88ef72
Merge pull request #3700 from flatcar/mantle-update-main 
Upgrade mantle container image to latest HEAD in main
 2026-02-10 09:57:35 +01:00
Flatcar Buildbot
ac70232a64 Update mantle container image to latest HEAD 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-02-09 21:00:40 +00:00
flatcar-ci
01d917077d New version: main-4606.0.0-nightly-20260209-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-02-09 21:00:26 +00:00
Mathieu Tortuyaux
53047f14a3
package.use: enable back sssd for pambase 
This was not creating the system-auth with the 'pam_sss' module. Which
makes sssd LDAP authentication to fail.

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2026-02-09 12:56:50 +01:00
Flatcar Buildbot
5465fa56de sys-kernel/coreos-sources: Update from 6.12.66 to 6.12.69 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-02-07 07:14:41 +00:00
flatcar-ci
da64407a23 New version: main-4603.0.0-nightly-20260206-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-02-07 02:38:14 +00:00
flatcar-ci
60b1453b1a New version: main-4603.0.0-nightly-20260206-2100-INTERMEDIATE 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-02-06 21:00:25 +00:00
Dongsu Park
f8b1f793ce
Merge pull request #3683 from flatcar/buildbot/monthly-glsa-metadata-updates-2026-02-01 
Monthly GLSA metadata 2026-02-01
 2026-02-06 10:16:28 +01:00
flatcar-ci
68d889242d New version: main-4602.0.0-nightly-20260205-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-02-05 21:00:27 +00:00
James Le Cuirot
35e5faf1d9
Merge pull request #3690 from flatcar/mantle-update-main 
Upgrade mantle container image to latest HEAD in main
 2026-02-05 16:41:57 +00:00
Flatcar Buildbot
204b248877 Update mantle container image to latest HEAD 
Signed-off-by: Flatcar Buildbot <buildbot@flatcar-linux.org>
 2026-02-05 15:46:13 +00:00
Mathieu Tortuyaux
1fe6807a33
Merge pull request #3685 from tidusete/fix/1974-enable-function-tracer 
sys-kernel/coreos-modules: arm64: Enable CONFIG_FUNCTION_TRACER & CONFIG_DYNAMIC_FTRACE
 2026-02-05 16:45:56 +01:00
Jordi Cid Sierra
f15a0fad59 sys-kernel/coreos-modules: arm64: Enable CONFIG_FUNCTION_TRACER & CONFIG_DYNAMIC_FTRACE 
Signed-off-by: Jordi Cid Sierra <jordicidsierra@gmail.com>
 2026-02-05 14:11:43 +01:00
flatcar-ci
e749331650 New version: main-4599.0.0-nightly-20260202-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-02-02 21:00:23 +00:00
Flatcar Buildbot
6a5f972cb2 portage-stable/metadata: Monthly GLSA metadata updates 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2026-02-01 07:19:23 +00:00
flatcar-ci
d9f2e296d3 New version: main-4595.0.0-nightly-20260129-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-01-29 21:00:25 +00:00
Mathieu Tortuyaux
ce703f946e
Merge pull request #3675 from flatcar/tormath1/openssl-3.5.5 
dev-libs/openssl: pull official 3.5.5
 2026-01-29 09:21:00 +01:00
flatcar-ci
fc34f4b30d New version: main-4594.0.0-nightly-20260128-2100 
Signed-off-by: flatcar-ci <infra+ci@flatcar-linux.org>
 2026-01-28 21:00:25 +00:00
Mathieu Tortuyaux
b7f32ee4da
changelog: add openssl update 
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
 2026-01-28 14:40:38 +01:00
Daniel Zatovic
ddd38ae5ab changelog: Mention OEM sysext signing changes 
Update the changelog entry to include information about OEM sysexts
being signed and built during the image phase.

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2026-01-28 13:15:33 +01:00
Daniel Zatovic
10b808642b sysext: Move OEM sysext build to image phase 
Move OEM sysext building from the vms phase to the image phase. This
ensures OEM sysexts are signed with the same ephemeral key as other
sysexts, which is generated during image build and discarded afterward.

- Add create_oem_sysexts() to build all OEM sysexts during image build
- Add oem_sysexts.sh with OEM sysext definitions
- Update install_oem_sysext() to use prebuilt sysexts
- Add OEM sysext download to vms.sh for CI builds

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2026-01-28 13:15:33 +01:00
Daniel Zatovic
b3dfe61eea changelog: Add entry for signed OS-dependent sysexts 
Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2026-01-28 13:15:33 +01:00
Daniel Zatovic
3ffbf90154 sysext: Add OS-dependent sysext compression 
We removed the sysext compression, because we double-compression is
redundant for sysexts stored in already coimpressed BTRFS /usr. However,
OS-dependent sysexts that are downloaded on-demand were now also
uncompressed. This commit brings back the compression via
SYSTEMD_REPART_MKFS_OPTIONS_EROFS option.

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2026-01-28 13:15:33 +01:00
Daniel Zatovic
0edeb6cb5c sysext: Sign OS-dependent sysexts 
Generate an ephemeral sysext signing key, that is injected into the
image's sysext root of trust. All OS-dependent sysexts will be signed by
this key and the private key (stored in /tmp) will be discarded on SDK
container exit.

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2026-01-28 13:15:33 +01:00
Daniel Zatovic
9ef06f8928 overlay profiles: Enable cryptsetup in SDK systemd 
The cryptsetup useflag is required for signing sysexts built with
systemd-repart.

Signed-off-by: Daniel Zatovic <daniel.zatovic@gmail.com>
 2026-01-28 13:15:33 +01:00
James Le Cuirot
0a6a706520
Merge pull request #3673 from flatcar/vmware-13.0.10-main 
Upgrade open-vm-tools in main from 13.0.5 to 13.0.10
 2026-01-28 10:24:23 +00:00