0fc12ef141
- Update to version 2.14.0: * NEWS: update v2.14.0 * docs/operator-notes: add section on provisioning secrets * Dockerfile.validate: build with Fedora 36 * internal/resource: fix gs:// fetches in GCE without a service account * docs/operator-notes: document supported S3 URL formats * internal/resource: fix S3 access point object ARNs * exec/util: fix infinite loop in Depth() if -root is relative * Add ignition-delete-config.service and ignition-rmcfg symlink * providers/virtualbox: support deleting Ignition configs * providers/virtualbox: add comment referencing VirtualBox source * providers/virtualbox: add define for GUEST_PROP_FN_GET_PROP * providers/virtualbox: add helper to set up hypervisor connection * providers/vmware: support deleting Ignition configs * main: add ignition-rmcfg multicall binary * go.mod: add github.com/beevik/etree * providers/vmware: switch to internal copy of OVF parser * internal/resource: fix bucket field in error message * internal/resource: derive AWS region hint from ARN partition field * internal/resource: simplify test * internal/resource: fix minor nits * provider/azure: try to fetch userdata from IMDS * providers/vmware: convert OVF tests to testify * providers/vmware: drop vmw-ovflib docs * providers/vmware: add verbatim copy of vmw-ovflib * providers/vmware: add constants for guestinfo and OVF property names * providers/virtualbox: fix reading properties with flags * internal/resource: support S3 access point URLs - Update fixes CVE from [bsc#1199524]; this introduces a new service "ignition-delete-config.service" - Add ignition-rmcfg-suse.conf dropin to adapt to SUSE environment - Use fixed paths in spec file for hardcoded installation paths OBS-URL: https://build.opensuse.org/request/show/982087 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/ignition?expand=0&rev=35 |
||
---|---|---|
_service | ||
_servicedata | ||
.gitattributes | ||
.gitignore | ||
02_ignition_firstboot | ||
0002-allow-multiple-mounts-of-same-device.patch | ||
ignition-2.14.0.tar.xz | ||
ignition-enable-network.service | ||
ignition-enable-network.sh | ||
ignition-firstboot-complete.service | ||
ignition-kargs-helper | ||
ignition-mount-initrd-fstab.service | ||
ignition-remove-reconfig_system.service | ||
ignition-rmcfg-suse.conf | ||
ignition-setup-user.service | ||
ignition-setup-user.sh | ||
ignition-suse-generator | ||
ignition-touch-selinux-autorelabel.conf | ||
ignition-umount-initrd-fstab.service | ||
ignition-userconfig-timeout-arm.conf | ||
ignition-userconfig-timeout.conf | ||
ignition.changes | ||
ignition.spec | ||
module-setup.sh | ||
README.SUSE |
Changes for openSUSE / SLE: * ignition-mount-initrd-fstab.service / ignition-umount-initrd-fstab.service: Upstream Ignition will only mount partitions or subvolumes explicitly mentioned in the Ignition configuration. A default SUSE system, however, is split over several subvolumes, and most users won't want to define all the partitions again. On the other hand a lot of core functionality (e.g. configuring a SSH certificate for the root user or adding a configuration file) requires access to those subvolumes. For better usability in addition to Ignition's own mount / umount stage all files systems tagged for being mounted in the initrd ("x-initrd.mount" mount flag) will automatically be mounted / umounted. * ignition-setup-user.service / ignition-setup-use.sh: The user configuration can be stored on a device with the label "ignition" (e.g. by attaching a USB flash drive with that name) instead of using the platform specific configuration storage mechanism. * ignition-userconfig-timeout*.conf: Set timeout for Ignition device so boot will just continue if no physical Ignition configuration device is attached (e.g. when using platform specific configuration). * ignition-rmcfg-suse.conf: Adapt systemd service to match our own packaging: We do not support ConditionFirstBoot, and additionally support auto-detection of the platform (see ignition-suse-generator), so the detection whether the stage should be called has to be done via shell script. * ignition-touch-selinux-autorelabel.conf: Trigger SELinux autorelabel after Ignition runs; Ignition would support SELinux itself, however this is a compile time option, so it can't be used here. * ignition-suse-generator: Supplements the upstream generator by adding dependencies to ignition-setup-user.service and ignition-mount-initrd-fstab.service. Additionally it will try to autodect the platform if it is not set on the kernel command line. * 02_ignition_firstboot: This file has been part of upstream ignition-dracut, but has since then been moved to a static CoreOS specific configuration (https://github.com/coreos/coreos-assembler/pull/616); it is now used in a modified version adapted to SUSE's needs. This script will automatically set the kernel parameters to trigger an Ignition run if a flag file does not exist (e.g. on first boot). To trigger an Ignition run manually just delete the file "/boot/writable/firstboot_happened". * ignition-firstboot-complete.service: This file has been part of upstream ignition-dracut, but has since then been moved to a static CoreOS specific configuration (https://github.com/coreos/fedora-coreos-config/pull/1087); it is now used in a simpified version adapted to SUSE's needs. Sets the flag file "/boot/writable/firstboot_happened" to indicate a successful first boot. This flag file is evaluated by the GRUB script 02_ignition_firstboot from above. * ignition-enable-network.service / ignition-enable-network.sh: Ignition supports detection whether the configuration requires networking to avoid having to boot with networking enabled even when it isn't necessary; the actual implementation to start the network is left to the distribution. * ignition-kargs-helper: Distribution specific helper script to implement kernel argument support.