diff --git a/README.SUSE b/README.SUSE index d11dd6a..be93d3b 100644 --- a/README.SUSE +++ b/README.SUSE @@ -18,6 +18,11 @@ Changes for openSUSE / SLE: Set timeout for Ignition device so boot will just continue if no physical Ignition configuration device is attached (e.g. when using platform specific configuration). +* ignition-rmcfg-suse.conf: + Adapt systemd service to match our own packaging: We do not support + ConditionFirstBoot, and additionally support auto-detection of the platform + (see ignition-suse-generator), so the detection whether the stage should be + called has to be done via shell script. * ignition-touch-selinux-autorelabel.conf: Trigger SELinux autorelabel after Ignition runs; Ignition would support SELinux itself, however this is a compile time option, so it can't be diff --git a/_service b/_service index 5f2901a..2bf8b8f 100644 --- a/_service +++ b/_service @@ -1,8 +1,8 @@ - 2.13.0 - v2.13.0 - git://github.com/coreos/ignition.git + 2.14.0 + v2.14.0 + https://github.com/coreos/ignition git enable diff --git a/_servicedata b/_servicedata index 272fbb0..82a8130 100644 --- a/_servicedata +++ b/_servicedata @@ -1,6 +1,6 @@ - git://github.com/coreos/ignition.git - 103783f0d74dafc5fbad38c6de6ff983d0b6aef2 + https://github.com/coreos/ignition + d10f7c1ac3576c1010cecaa74b12a502cbfbffce - \ No newline at end of file + diff --git a/ignition-2.13.0.tar.xz b/ignition-2.13.0.tar.xz deleted file mode 100644 index f648948..0000000 --- a/ignition-2.13.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:91ec0315c37237f2edeb8130722c3715884eeb49baf6c6bf2fc0a3383b07645a -size 2291392 diff --git a/ignition-2.14.0.tar.xz b/ignition-2.14.0.tar.xz new file mode 100644 index 0000000..da98531 --- /dev/null +++ b/ignition-2.14.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:babaa5bcd775b227ee010a01313d3a6984d6edb4f4146ab067de8eca458fb340 +size 2352848 diff --git a/ignition-rmcfg-suse.conf b/ignition-rmcfg-suse.conf new file mode 100644 index 0000000..c47b4aa --- /dev/null +++ b/ignition-rmcfg-suse.conf @@ -0,0 +1,9 @@ +[Unit] +ConditionFirstBoot= +ConditionKernelCommandLine= +ConditionKernelCommandLine=|ignition.firstboot + +[Service] +ExecStart= +ExecStart=/bin/bash -c 'if [ "${PLATFORM_ID}" = virtualbox -o "${PLATFORM_ID}" = vmware ]; then /usr/libexec/ignition-rmcfg --platform=${PLATFORM_ID}; fi' + diff --git a/ignition.changes b/ignition.changes index 1b518a2..95d5f5f 100644 --- a/ignition.changes +++ b/ignition.changes @@ -1,3 +1,39 @@ +------------------------------------------------------------------- +Wed May 18 12:37:46 UTC 2022 - iforster@suse.com + +- Update to version 2.14.0: + * NEWS: update v2.14.0 + * docs/operator-notes: add section on provisioning secrets + * Dockerfile.validate: build with Fedora 36 + * internal/resource: fix gs:// fetches in GCE without a service account + * docs/operator-notes: document supported S3 URL formats + * internal/resource: fix S3 access point object ARNs + * exec/util: fix infinite loop in Depth() if -root is relative + * Add ignition-delete-config.service and ignition-rmcfg symlink + * providers/virtualbox: support deleting Ignition configs + * providers/virtualbox: add comment referencing VirtualBox source + * providers/virtualbox: add define for GUEST_PROP_FN_GET_PROP + * providers/virtualbox: add helper to set up hypervisor connection + * providers/vmware: support deleting Ignition configs + * main: add ignition-rmcfg multicall binary + * go.mod: add github.com/beevik/etree + * providers/vmware: switch to internal copy of OVF parser + * internal/resource: fix bucket field in error message + * internal/resource: derive AWS region hint from ARN partition field + * internal/resource: simplify test + * internal/resource: fix minor nits + * provider/azure: try to fetch userdata from IMDS + * providers/vmware: convert OVF tests to testify + * providers/vmware: drop vmw-ovflib docs + * providers/vmware: add verbatim copy of vmw-ovflib + * providers/vmware: add constants for guestinfo and OVF property names + * providers/virtualbox: fix reading properties with flags + * internal/resource: support S3 access point URLs +- Update fixes CVE from [bsc#1199524]; this introduces a new + service "ignition-delete-config.service" +- Add ignition-rmcfg-suse.conf dropin to adapt to SUSE environment +- Use fixed paths in spec file for hardcoded installation paths + ------------------------------------------------------------------- Fri Apr 8 13:47:56 UTC 2022 - Ignaz Forster diff --git a/ignition.spec b/ignition.spec index 49c17e2..ba75426 100644 --- a/ignition.spec +++ b/ignition.spec @@ -17,7 +17,7 @@ Name: ignition -Version: 2.13.0 +Version: 2.14.0 Release: 0 Summary: First boot installer and configuration tool License: Apache-2.0 @@ -38,6 +38,7 @@ Source11: ignition-enable-network.sh Source12: ignition-kargs-helper Source13: ignition-remove-reconfig_system.service Source14: ignition-touch-selinux-autorelabel.conf +Source15: ignition-rmcfg-suse.conf Source20: ignition-userconfig-timeout.conf Source21: ignition-userconfig-timeout-arm.conf Patch2: 0002-allow-multiple-mounts-of-same-device.patch @@ -87,7 +88,7 @@ which creates firstboot_happened after the first boot. %prep %autosetup -p1 -mkdir dracut/30ignition-microos grub systemd_suse +mkdir -p dracut/30ignition-microos grub systemd_suse/ignition-delete-config.service.d chmod +x %{SOURCE3} %{SOURCE4} %{SOURCE8} %{SOURCE12} cp %{SOURCE1} %{SOURCE2} %{SOURCE3} %{SOURCE4} %{SOURCE8} %{SOURCE9} %{SOURCE10} %{SOURCE11} %{SOURCE13} %{SOURCE14} dracut/30ignition-microos/ %ifarch aarch64 %{arm} @@ -97,6 +98,7 @@ cp %{SOURCE20} dracut/30ignition-microos/ignition-userconfig-timeout.conf %endif cp %{SOURCE5} grub/ cp %{SOURCE6} systemd_suse/ +cp %{SOURCE15} systemd_suse/ignition-delete-config.service.d/ cp %{SOURCE7} . cp %{SOURCE12} dracut/30ignition/ignition-kargs-helper.sh @@ -109,8 +111,13 @@ make -o all install DESTDIR=%{buildroot} install -d %{buildroot}%{_sysconfdir}/grub.d install -d %{buildroot}%{_prefix}/lib/systemd/system +install -d %{buildroot}%{_prefix}/lib/systemd/system/ignition-delete-config.service.d install -p -m 0755 grub/* %{buildroot}%{_sysconfdir}/grub.d/ -install -p -m 0644 systemd_suse/* %{buildroot}%{_prefix}/lib/systemd/system/ +install -p -m 0644 systemd_suse/*.service %{buildroot}%{_prefix}/lib/systemd/system/ +install -p -m 0644 systemd_suse/ignition-delete-config.service.d/* %{buildroot}%{_prefix}/lib/systemd/system/ignition-delete-config.service.d + +%pre +%service_add_pre ignition-delete-config.service %post %{?regenerate_initrd_post} @@ -121,6 +128,13 @@ if [ "$1" -ne 1 ]; then mkdir -p %{_rundir}/ignition-dracut/ touch %{_rundir}/ignition-dracut/isupgrade fi +%service_add_post ignition-delete-config.service + +%preun +%service_del_preun ignition-delete-config.service + +%postun +%service_del_postun_without_restart ignition-delete-config.service %posttrans %{?regenerate_initrd_posttrans} @@ -152,9 +166,14 @@ fi %files %license LICENSE %doc README.md README.SUSE docs/*.md -%{_prefix}/lib/dracut/modules.d/30ignition -%{_prefix}/lib/dracut/modules.d/30ignition-microos -%{_bindir}/ignition-validate +# Paths are hardcoded in the Makefile +/usr/lib/dracut/modules.d/30ignition +/usr/lib/dracut/modules.d/30ignition-microos +/usr/bin/ignition-validate +/usr/libexec/ignition-rmcfg +/usr/lib/systemd/system/ignition-delete-config.service +%dir %{_unitdir}/ignition-delete-config.service.d +%{_unitdir}/ignition-delete-config.service.d/ignition-rmcfg-suse.conf %files dracut-grub2 %license LICENSE