Sync from SUSE:SLFO:Main python-kiwi revision f8d75180e911fdf7dc2c64c7c0dea27c

2025-02-20 10:02:07 +01:00 · 2025-02-20 10:02:07 +01:00 · 3432bffb96
commit 3432bffb96
parent 4d2da6d4fb
4 changed files with 702 additions and 5 deletions
--- a/4
+++ b/4
@ -3,7 +3,7 @@
 pkgname=('python-kiwi' 'kiwi-man-pages' 'dracut-kiwi-lib' 'dracut-kiwi-oem-repart' 'dracut-kiwi-oem-dump' 'dracut-kiwi-live' 'dracut-kiwi-overlay')
 arch=(x86_64)
-pkgver=10.1.16
+pkgver=10.2.10
 pkgrel=0
 pkgdesc="KIWI - Appliance Builder Next Generation"
 url="https://github.com/SUSE/kiwi/tarball/master"
@ -12,7 +12,7 @@ makedepends=(make gcc python-build python-docopt python-installer python-lxml py
 provides=(kiwi-ng kiwi)
 source=("${pkgname}.tar.gz")
 changelog="${pkgname}.changes"
-md5sums=('812a9cd9a12600a955663baa3f6da1e3')
+md5sums=('84f2bafc3002f5a4c83cabd627c16f6f')
 build() {
--- a/python-kiwi.changes
+++ b/python-kiwi.changes
@ -1,3 +1,670 @@
 -------------------------------------------------------------------
 Sun Feb 09 20:16:13 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Bump version: 10.2.9 → 10.2.10
 -------------------------------------------------------------------
 Sun Feb 09 19:36:28 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Poetry build sdist timestamps set to epoch 0
  Newer versions of poetry set the timestamp for all source
  files to epoch 0. Such sources are not accepted by e.g
  Debian FTP servers and in general I don't like when tools
  changes their behavior just like that. This commit forces
  an older version of poetry for the purpose of creating the
  sdist tarball which then gets published on pypi. The
  argumentation for reproducible builds by forcing source
  files to a certain timestamp doesn't fly for me. I'm open
  for any better solution though. This Fixes #2730
 -------------------------------------------------------------------
 Sat Feb 01 23:13:22 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Bump version: 10.2.8 → 10.2.9
 -------------------------------------------------------------------
 Thu Jan 30 23:55:51 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Classify missing chkstat as debug message
  chkstat is a distribution specific tool. If it is
  present we use it, if not we don't but it's not worth
  a warning. This Fixes #2711
 -------------------------------------------------------------------
 Thu Jan 30 22:50:28 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Allow to run setfiles multi threaded
  Use option -T0 for newer setfiles version.
  This Fixes #2719
 -------------------------------------------------------------------
 Thu Jan 30 22:39:12 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Add rd.kiwi.dialog.timeout option
  Allow to configure the timeout value for dialogs displayed
  by the kiwi dracut code. By default the timeout is set to
  60 seconds. With the special value "off" the dialog will
  never timeout. This Fixes #2718
 -------------------------------------------------------------------
 Thu Jan 30 22:10:39 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Make sure copy actions does not drop context
  Use shutil.copy2 to copy files preserving their
  attributes in the grub BootLoader space.
  This Fixes #2709
 -------------------------------------------------------------------
 Thu Jan 30 21:26:00 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Improve unit test for archive target_dir
  Add a test case with absolute path in the target_dir
  to make sure we never unpack the archive to the host
  system. The actual issue was resolved together with
  the implementation in #1953 and commit
  78238a993c966d1229cd2fc1f5923673a90de14d
  This Fixes #2701
 -------------------------------------------------------------------
 Thu Jan 30 20:56:53 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fixed profiled overlay imports
  When building an image for profile: SOME and providing
  an overlay directory named SOME/... kiwi will sync the
  contents of this overlay directory to the root tree.
  However it took the toplevel name SOME/ into account
  which is unwanted because only the sub data structure
  should be synced into the new root tree. This
  Fixes #2690
 -------------------------------------------------------------------
 Mon Jan 27 11:47:55 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Bump version: 10.2.7 → 10.2.8
 -------------------------------------------------------------------
 Mon Jan 27 11:46:48 CET 2025 - Ondrej Holecek <oholecek@suse.com>
 - Use multipath child instead of parent device
  On multipath systems we need to find underlying child device
  instead of using parent device.
  This prevents listing all parent devices for a multipath device
 -------------------------------------------------------------------
 Sat Jan 25 17:55:15 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Increase size for agama integration test build
  Agama needs more space to build now
 -------------------------------------------------------------------
 Sat Jan 25 17:41:59 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fixed agama integration test
  rubygem-byebug and rubygem-agama-yast seems to
  no longer exist
 -------------------------------------------------------------------
 Sat Jan 25 17:38:01 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Update TW integration tests
  Package nscd was dropped from TW
 -------------------------------------------------------------------
 Wed Jan 22 10:38:09 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fix documentation regarding URI styles
  In reference to commit 760a65558f9e2e91d3eaa3a2f9503ff596984b48
  the support for iso:// URI types was dropped some time ago.
  However, the documentation was not properly updated. This
  commit fixes it
 -------------------------------------------------------------------
 Tue Jan 21 10:39:32 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fix return value of grub helper methods
  The grub helper methods to find grub tools returns a
  None value if the tool cannot be found. This None value
  could be used later in a Command call where it will be
  used in a join() command to log the resulting commandline.
  This join() call then fails and raises an unhandled error
  causing a stack trace in the application. This commit
  fixes it
 -------------------------------------------------------------------
 Mon Jan 20 17:54:08 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Added disk validation for duplicate installs
  Installing the same image to different storage disks on the
  same machine creates device conflicts with unexpected side
  effects. This commit adds a validation based on the PTUUID
  of the disk image to check if another device on the system
  has the same ID and if yes, does not allow to install the
  image again including a message which device takes the same
  identifier. This references bsc#1228741
 -------------------------------------------------------------------
 Mon Jan 20 09:13:22 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fixed documentation for signing key attribute
  The source locator name for local files was incorrect
 -------------------------------------------------------------------
 Sat Jan 18 17:58:02 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Bump version: 10.2.6 → 10.2.7
 -------------------------------------------------------------------
 Sat Jan 18 17:53:07 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Update documentation
  Added a new troubleshooting chapter as subsection to
  the Build Host Constraints named Package Manager Behavior.
  It serves the purpose to describe options for the customer
  to change the default package manager behavior which
  we from the kiwi side do not influence intentionally.
  This is a followup change to bsc#1235448
 -------------------------------------------------------------------
 Tue Jan 14 10:52:43 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Drop still present tox artifacts
  There were still some left over tox files and the
  documentation contribution chapter was also wrong at
  several places
 -------------------------------------------------------------------
 Mon Jan 13 14:45:55 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Add support for reading optional pkgmgr env file
  If there is a file .kiwi.package_manager.env in the root of
  the image tree it will be read and put into the caller environment for
  the selected package and repository manager. There are features
  in e.g zypper which can only be used via env variables.
  This Fixes bsc#1235448
 -------------------------------------------------------------------
 Mon Jan 13 10:18:49 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Auto convert unit test XML data to schema v8.3
 -------------------------------------------------------------------
 Mon Jan 13 09:45:32 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Rename btrfs_root_is_snapshot
  Rename btrfs_root_is_snapshot to btrfs_root_is_snapper_snapshot.
  This happens in preparation for the changes suggested in #2697
  where we want to get rid of snapper specific btrfs code which
  will be available in snapper natively soon. To make sure a btrfs
  layout specific to snapper(and SUSE), the implicitly used attribute
  named btrfs_root_is_snapshot now becomes explicit and its new
  name will indicate that snapper sits behind it. Along with the
  rename a XSLT stylesheet to automatically convert the old name
  into the new name for schema v8.3 will be performed.
 -------------------------------------------------------------------
 Mon Jan 13 09:25:29 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Bump version: 10.2.5 → 10.2.6
 -------------------------------------------------------------------
 Fri Jan 10 16:49:03 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fixed donate button target
 -------------------------------------------------------------------
 Wed Jan 08 21:51:57 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Added LUKS reencryption support
  Added rd.kiwi.oem.luks.reencrypt boot option consumed by the
  kiwi-repart dracut module. For OEM LUKS2 encrypted disk images.
  If set, reencrypts the disk prior an eventual resize and therefore
  creates a new key pool and master key. The reencryption is advisable
  if the image binary is not protected. With access to the image
  binary it's possible to extract the luks header which then allows to
  decrypt the data unless it was reencrypted. The reencryption process
  only runs if the checksum of the luks header still matches the one
  from the original disk image. Be aware that the reencryption will
  ask for the passphrase if the image has been built with an initial
  luks passphrase.
 -------------------------------------------------------------------
 Wed Jan 08 09:51:06 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fixed arm/tumbleweed/test-image-rpi
  No ruby required for this integration test build
 -------------------------------------------------------------------
 Tue Jan 07 09:58:22 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Plain zipl loader needs boot partition
  If the rootfs is something zipl cannot read, we need an
  extra boot partition using a supported filesystem
 -------------------------------------------------------------------
 Tue Jan 07 09:44:06 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fixed IBM-Cloud-Standard profile
  The test-image-MicroOS integration test builds an IBM-Cloud-Standard
  profile as encrypted variant with a random key that is not protected
  by an encrypted boot image. This doesn't make sense. Thus the
  encryption setup for the IBM cloud standard build got removed.
  Use the IBM-Cloud-Secure-Execution profile to test encrypted
  secure linux builds
 -------------------------------------------------------------------
 Tue Jan 07 09:18:55 CET 2025 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fixed test-image-qcow-openstack
  rsh package was dropped from TW
 -------------------------------------------------------------------
 Tue Dec 31 11:28:49 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fix genprotimg for s390 builds
  A recent change on genprotimg now forbids to use --cert in
  combination with --no-verify, even though this was allowed
  before.
 -------------------------------------------------------------------
 Fri Dec 20 12:57:29 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fix documentation for repo, package gpg settings
  In contrast to the documentation, kiwi sets default values
  for any gpg setting if not explicitly specified differently.
  We want to avoid to inherit a behavior from how the distribution
  packages the package manager. This commit fixes the documentation
  to be in line with the implementation
 -------------------------------------------------------------------
 Thu Dec 19 11:26:07 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Drop insecure and unsupported md5 digest
  Decommission the Checksum.md5() method and move all places
  in code to sha256(). The md5 digest is considered insecure
  and has also been removed from hashlib as a supported digest.
  This Fixes #2696
 -------------------------------------------------------------------
 Thu Dec 19 10:48:43 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fix config functions action
  The action failed on the setup of the runtime because the upgrade
  of pip failed.
 -------------------------------------------------------------------
 Thu Dec 19 10:35:24 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Bump version: 10.2.4 → 10.2.5
 -------------------------------------------------------------------
 Mon Dec 16 10:19:37 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Changed systemfiles provider
  Instead of providing a static list of filenames, provide a list
  of package names. It is expected that the pilot of flake-pilot
  resolves this list against the local package database to build
  up the filelist for provisioning
 -------------------------------------------------------------------
 Sat Dec 14 20:59:03 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Bump version: 10.2.3 → 10.2.4
 -------------------------------------------------------------------
 Wed Dec 11 20:40:19 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Update system files setup for containers
  The attribute provide_system_files creates a meta file in the
  root tree named 'systemfiles'. The contents of this file were
  produced by just a dump of the package database so far. For
  a more generic use of this data some adaptions were needed.
  First we allow to skip packages matching a pattern from being
  part of the system files. Next we do not put ghost and doc
  files into account. And last we handle library files in a different
  file named 'systemfiles.libs' where we do not add symlink targets
  if the target path is also part of the package. The consumer
  of this information is flake-pilot which syncs that library system
  files from the host via --copy-links. This allows a more generic
  use with regards to versioned libraries e.g. libc
 -------------------------------------------------------------------
 Tue Dec 10 19:14:52 CET 2024 - Neal Gompa <ngompa@velocitylimitless.com>
 - Drop /dev/pts from bind mount locations
  This has created havoc in the Fedora build environments by
  fully unmounting /dev/pts and breaking the builders for
  subsquent tasks.
  This is a partial revert of commit daf1323c5ded7e4e7783205f5e30457b40eb322f.
 -------------------------------------------------------------------
 Sun Dec 08 20:35:42 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Don't take ghost files into account
  When creating the system files information do not
  take ghost files and artifact files into account
 -------------------------------------------------------------------
 Tue Dec 03 14:58:40 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Bump version: 10.2.2 → 10.2.3
 -------------------------------------------------------------------
 Tue Dec 03 14:56:47 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Update STYLEROOT to SUSE 2022
 -------------------------------------------------------------------
 Mon Dec 02 14:57:30 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fix broken links in the documentation
 -------------------------------------------------------------------
 Mon Dec 02 11:30:51 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fix legacy_bios_mode detection
  The code in this method does not work correctly if the
  firmware is set to 'bios'. In bios only mode the method
  returned a false value which is incorrect as it should
  return a true value in this case. Without this patch
  ISO images will fail to boot because no loader gets
  configured.
 -------------------------------------------------------------------
 Mon Dec 02 09:48:50 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Added /dev/pts to bind mount locations
  During runtime several kernel filesystems are bind mounted into
  the image root system such that programs expecting it can work.
  /dev/pts was not needed so far but seems to be a good addition
  to the list to make tools like sudo to work properly when called
  e.g. from a config.sh script. This Fixes #2686
 -------------------------------------------------------------------
 Fri Nov 29 20:12:38 CET 2024 - Adam Williamson <awilliam@redhat.com>
 - xorriso: respect efiparttable and gpt_hybrid_mbr
  This should make the xorriso-based ISO build path respect the
  'efiparttable' and 'gpt_hybrid_mbr' settings when building a
  UEFI-compatible image, making it write a GPT disk label by default
  instead of an MBR (msdos) one. If it's building an image that is not
  UEFI-compatible it will always write an MBR label, regardless of
  this setting.
  If 'gpt_hybrid_mbr' is set, xorriso will write an Ubuntu-style
  MBR/GPT hybrid partition table, where the MBR partition table
  includes a partition with type 00 and the bootable flag, as well
  as the partition with type ee required by the UEFI spec. This
  mildly violates the UEFI spec but may make the image bootable on
  native BIOS or CSM firmwares which refuse to boot from a disk with
  no partition marked 'bootable' in the MBR. If 'gpt_hybrid_mbr' is
  not set, xorriso will write a strictly UEFI-spec compliant label,
  with just the 'protective MBR' required by the UEFI spec (no
  bootable partition) and the correct GPT partition table. Note
  this is somewhat different from what gpt_hybrid_mbr does for
  disk images.
  Also, we now pass -compliance no_emul_toc when building ISOs, as
  recommended by upstream in
  https://lists.gnu.org/archive/html/bug-xorriso/2024-11/msg00012.html
  This tool is generally always going to be building ISOs intended
  for write-once use, not multi-session use (and which are rarely,
  these days, written to physical discs at all anyway).
  Signed-off-by: Adam Williamson <awilliam@redhat.com>
 -------------------------------------------------------------------
 Wed Nov 27 15:59:32 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Added provide/require system files for containers
  Added the attributes provide_system_files and require_system_files
  to control the provider and requester of system files in
  container image builds. systemfiles is a metadata file which
  contains all files from the package database at call time.
  It is used in flake-pilot to provision the systemfiles data
  from the host into the container instance. One possible use
  case for this data is a flake registration which uses a
  base container that is derived from a runtime container but
  all data from the runtime should be provisioned from the
  host. Using this feature tightly couples the flake to the
  host OS distribution and version.
 -------------------------------------------------------------------
 Wed Nov 27 09:59:27 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Bump version: 10.2.1 → 10.2.2
 -------------------------------------------------------------------
 Wed Nov 27 09:49:05 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fix scope issue
  Increase livetime of the the compressor instances
  to the livetime of RootImportOCI. They create temporary
  files which are referenced later and need to live longer
  than the block they got created in
 -------------------------------------------------------------------
 Tue Nov 26 13:14:19 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Bump version: 10.2.0 → 10.2.1
 -------------------------------------------------------------------
 Mon Nov 25 16:30:53 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fixed use of fscreateoptions for iso type
  The information for fscreateoptions was not passed along to the
  tooling if a custom filesystem attribute was specified.
  This Fixes #2681
 -------------------------------------------------------------------
 Mon Nov 25 12:32:20 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Allow to derive from multiple containers
  Add support for multi inheritance to the derived_from attribute
  In the order of a comma seperated list of docker source URI's
  a base tree is created. This was possible only with one container
  so far and Fixes #2680 as well as jira#OBS-354
 -------------------------------------------------------------------
 Thu Nov 21 11:52:53 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Bump version: 10.1.18 → 10.2.0
 -------------------------------------------------------------------
 Thu Nov 21 11:33:25 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Add selinux test build to TW
  Also update derived docker integration test to latest Leap
 -------------------------------------------------------------------
 Wed Nov 20 02:14:58 CET 2024 - Neal Gompa <ngompa@velocitylimitless.com>
 - kiwi/schema: Fix allowed value type for ISO publisher and application ID
  According to the spec, this should be constrained to 128 characters
  but also allow quite a few other special characters (as well as spaces).
  We didn't allow spaces in application ID, but allowed too much for Publisher.
  Now we set up both correctly.
 -------------------------------------------------------------------
 Sun Nov 17 23:25:35 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fix setup of kiwi environment variables
  Some kiwi env vars are initialized with an empty value
  and not overwritten if another value is provided. For
  the selected variables an empty value setting is not
  allowed because the schema also enforces the value to
  be set at least once. In addition a helpful option
  named --print-kiwi-env was added to the 'image info'
  command which allows to print the environment variables
  and their values.
 -------------------------------------------------------------------
 Tue Nov 12 09:52:44 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Add random key support for LUKS encryption
  Allow to pass luks="random". In random mode use the
  generated keyfile as the only key to decrypt. This is
  only secure if the generated initrd also gets protected
  e.g. through encryption like it is done with the secure
  linux execution on zSystems
 -------------------------------------------------------------------
 Thu Nov 07 08:43:03 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Added development group in pyproject setup
  generateDS and other tools are needed and were forgotten
  to be added when we deleted the tox dependency
 -------------------------------------------------------------------
 Wed Nov 06 10:13:01 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Added containers integration with OBS
  When building in the Open Build Service (OBS) there is no way
  to create outgoing connections from the build workers. To allow
  the <containers> section to fetch containers from the SUSE
  registry we need to apply an OCI URI translation into a local
  path. The actual OCI container image is expected to be provided
  by the obs backend on the worker. Along with this commit also an
  integration test named test-image-disk-containers is provided.
  This Fixes jira#OBS-351
 -------------------------------------------------------------------
 Sun Nov 03 18:17:43 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fix rendering of SUSE docs
  The SUSE documentation is produced through a conversion
  of the ReST source into docbook. The name kiwi is reserved
  in the index and needs to be referenced as kiwi-ng when
  used as command.
 -------------------------------------------------------------------
 Sun Nov 03 14:37:49 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Remove tox dependency
  tox was used as sort of a make target to run unit tests
  and more in a python virtualenv. However, since we switched
  everything to poetry it's no longer needed to let tox create
  the python virtual environments. This commit moves the tox
  targets into the Makefile and adapts the github workflow
  files accordingly. In addition the scripts container based
  tests were re-activated and fixed such that they succeed
  again.
 -------------------------------------------------------------------
 Fri Nov 01 13:31:20 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fix make build target
  Move the actions done by the tox target into the
  build target and call them there in a clean and easy
  to spot sequence. There is no need to call tox to
  prepare for the package submission, instead the
  checks and poetry runs to prepare for the package
  target should be called directly as part of the
  build target. In the future we might get rid of
  tox completely.
 -------------------------------------------------------------------
 Fri Nov 01 13:08:12 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Bump version: 10.1.17 → 10.1.18
 -------------------------------------------------------------------
 Thu Oct 31 23:21:53 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fixed zipl caller environment
  zipl gets confused with an active sysfs mount inside
  the root tree at call time of zipl. This commit
  umounts the /sys bind mount in the image tree prior
  calling zipl
 -------------------------------------------------------------------
 Thu Oct 31 17:46:31 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fix s390 test-image-disk build
  Add missing kernel links used by suse tools
 -------------------------------------------------------------------
 Thu Oct 31 10:01:54 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Bump version: 10.1.16 → 10.1.17
 -------------------------------------------------------------------
 Wed Oct 30 13:49:02 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fix coloring of build_status.sh flags
  Depending on the place of the status flag the color
  setup might fail. This commit fixes it
 -------------------------------------------------------------------
 Wed Oct 30 10:24:38 CET 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Add pytest-container as optional dependency
  The pyproject.toml listed pytest-container as dependency
  but it is used only to run the container based integration
  tests for the shell helper methods. For building the package
  this dependency should not be pulled in
 -------------------------------------------------------------------
 Fri Oct 25 10:58:52 CEST 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Fix networking in erofs integration test
  The network setup was systemd-networkd based but
  the provided network config was not for systemd
 -------------------------------------------------------------------
 Wed Oct 23 12:21:32 CEST 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
@ -734,6 +1401,16 @@ Wed Jul 31 16:57:30 CEST 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
  os.path.basename was called on a MagicMock object which
  sometimes confused pytest
 -------------------------------------------------------------------
 Wed Jul 31 15:22:06 CEST 2024 - Neal Gompa <neal@gompa.dev>
 - CI: Add testing against Python 3.13
  Python 3.13 is shipping in Fedora Linux for Fedora Linux 41, so we
  should ensure kiwi is tested against it. The testing setup is
  based on the latest development version of 3.13 as it is not
  yet released.
 -------------------------------------------------------------------
 Wed Jul 31 12:09:20 CEST 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
@ -1594,6 +2271,26 @@ Mon Apr 15 16:43:21 CEST 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
  not get umounted and keeps a busy state until the lazy umount
  kicks in. This Fixes #2529
 -------------------------------------------------------------------
 Fri Apr 12 10:39:31 CEST 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
 - Added IBM Secure Execution support on s390
  IBM SEL(Secure Execution for Linux) is supported for s390
  KVM guests. SEL images used to start a confidential computing
  protected guest contain an encrypted boot image which encapsulates
  the kernel the initrd and the bootparams. The encrypted Image is
  provided by the KVM/hypervisor to the Embedded zFirmware of the
  system (the ultravisor device). The decryption keys are hardware
  based and each system has an individual keypool unique to that
  system. The root filesystem is LUKS encrypted with a random key
  produced by kiwi at build time and kept inside of the initrd which
  exists only inside of the encrypted boot image and the encrypted
  rootfs to allow kernel updates. The commit to support secure
  execution also comes with an integration test that provides
  profiled image builds to target SUSE's LinuxONE as well
  as IBM Cloud systems.
 -------------------------------------------------------------------
 Tue Apr 09 14:13:08 CEST 2024 - Marcus Schäfer <marcus.schaefer@gmail.com>
--- a/python-kiwi.spec
+++ b/python-kiwi.spec
@ -52,7 +52,7 @@
 %endif
 Name:           python-kiwi
-Version:        10.1.16
+Version:        10.2.10
 Provides:       kiwi-schema = 8.1
 Release:        0
 Url:            https://github.com/OSInside/kiwi
--- a/python-kiwi.tar.gz
+++ b/python-kiwi.tar.gz