------------------------------------------------------------------- Mon May 31 14:57:06 UTC 2021 - rpm@fthiessen.de - Update to version 2.10.1: * Breaking Changes: * Rename Custom struct to ClevisCustom * Embed Clevis and ClevisCustom structs in parents * Always include interior nodes in merge transcript * Add kernel argument support * Fix fetching userdata on AWS when IMDSv1 is disabled * Fix creating Tang-based LUKS volumes before network is up * Document storage.filesystems.wipeFilesystem default * Fix file mode of ignition-kargs-helper script - Fix Go dependency, 1.13+ is required ------------------------------------------------------------------- Wed Mar 31 16:03:16 UTC 2021 - hello@anthonyrabbito.com - Update to version 2.9.0: * news: add notes for 2.9.0 * internal/providers: Run platform Init function before fetching config * internal/providers/aws: fix panic when an IMDSv2 token is present * internal/resource/http: re-order initial backoff ramping * internal/providers/util: drop dead code * ci: move Travis jobs to GitHub actions * *: fix errcheck warnings * internal/log: drop the error return to appease golanci-lint * internal/providers/packet: fix ineffassign warning * internal/exec/stages/files: fix the EntrySort test * internal: support IMDSv2 for AWS metadata service * config/*: require filesystems.format with wipeFilesystem or mountOptions * docs: make storage.filesystems.path field optional * aws: Log if we fail to determine the EC2 region * docs: move systemd.units.name uniqueness constraint to units * *: fix gosimple warnings * *: fix deadcode warnings * *: fix staticcheck warnings * config/*: fix nil deref on partitions with no number or label * config: add specs newer than 3.0 to TestConfigStructure * news: add notes for 2.8.1 * config/merge: support struct pointers * test: drop stale comment * tests: Remove unused checkOnStrings * news: add notes for 2.8.0 * config: deprecate MergeStruct() * config/merge: allow obtaining a transcript of merge operations * config/merge: access field name as fieldMeta.Name * config/merge: test primitive list items in slice case 1 * config/merge: fix typo * config/merge: fix comments and add a couple more * config/util: remove stray print when parsing invalid JSON * vendor: update vcontext * docs/development: update dep list for blackbox tests * tests/positive: Add tests for masking and unmasking units * units: add support for unmasking systemd units * release-checklist: minor updates to the release instructions * tests/positive/general: add test for merging multiple base configs * tests/positive/general: update base config reference * docs/development: update spec stabilization to avoid CI breakage * release-checklist: drop download_ignition.sh * providers/system: support .d directory for base config fragments * docs/migrating-configs: spell out Google Cloud Storage * release-checklist: update packaging section ------------------------------------------------------------------- Tue Nov 3 14:40:58 UTC 2020 - Franck Bui - Replace '%service_del_postun -n' with '%service_del_postun_without_restart' '-n' is deprecated and will be removed in the future. ------------------------------------------------------------------- Mon Oct 19 15:39:37 UTC 2020 - iforster@suse.de - Update to version 2.7.0: * news: add notes for 2.7.0 * docs: stabilize spec * gomod: bump go.opencensus.io to v0.22.5 * docs: add section to spec stabilization for failing external tests * news: fix error in 2.3.0 changelog * tests: update for spec stabilization * internal: update for new experimental spec * config/v3_3_experimental: create new experimental package * config/v3_2_experimental: mark stable * interal/providers/*stack: drop timeout for config fetch * internal/providers/*stack: exit early if all configs error out * internal/providers/*stack: make ErrNotFound authoritative * doc: add clevis custom documentation * internal/exec/stages: add clevis custom support * config: add custom options for clevis devices * fetch-offline: immediately return ErrNeedNet on OpenStack * ci: unfreeze kernel * tests/*: add test for resizing an existing partition * docs/*: add resize partition info * stages/disks: support resizing an existing partition * config: add resize to schema * README: Minor changes for consistency * test: Use alternative marker for testing ignition config examples * docs: Convert and improve formatting for INI sections * docs: Add spec ordering instructions for new stable releases * docs: Add ToC for some long pages * docs: Rename Migrating ... to Upgrading Configs * docs: Fix link in Development page * docs: Add specs reference page * docs: Add index page inspired from README * docs: Add Config Validation example from README * docs: Add Jekyll front matter for existing pages * docs: Add Jekyll and theme config * internal: fix S3 region detection * docs: Follow-up for doc->docs renaming * docs: Rename doc to docs for GitHub Pages support * docs/getting-started: tiny cleanups * README: drop stray link target * doc: drop references to Container Linux * doc/development: drop section on running blackbox tests on CL * doc: add gs url scheme for bare metal platform * fetch: don't run if fetch-offline fetched a config * doc: fix LUKS indentation for configuration-v3_2_experimental docs * doc: Add shouldExist for users and groups * engine: fix logging interactions with fetch-offline * AzureStack: fix unfortunate typo of iso9660 * *: add wipeVolume LUKS field * types: Use "path" instead of "path/filepath" * Add support for building 32 bit ARM version * Install Dracut modules with correct permissions * Add support for building 32 bit x86 version * doc: add LUKS examples & operator notes * internal/stages/disks: allow LUKS device re-use * internal: use device aliases for LUKS * tests: fix partition.number0 partition size specification * blkid: drop some unsafe pointer casts * blkid: fix invalid pointer cast in DumpDisk() * {sgdisk,blkid}: use int64 for sector counts * sgdisk: stop putting sector counts in MiB fields * README: note that spec2x is unmaintained * release-checklist: drop support for Ignition 0.x * release-checklist: minor updates - Remove upstreamed patches * 0001-fix-install-permissions.patch * 0003-fix-i386-build.patch * ignition-fix-arm32-installation.patch - Refreshed to match new Ignition spec * 0002-allow-multiple-mounts-of-same-device.patch ------------------------------------------------------------------- Fri Sep 18 06:33:02 UTC 2020 - Ignaz Forster - Retrigger udev when requesting networking on demand ------------------------------------------------------------------- Fri Sep 4 12:07:21 UTC 2020 - Fabian Vogt - 02_ignition_firstboot, ignition-enable-network.sh: Drop ip=dhcp, it's the default anyway and avoids a delay on boot (boo#1173402) - 02_ignition_firstboot: Drop rd.neednet=1, both ignition and combustion enable it themselves when necessary ------------------------------------------------------------------- Thu Sep 3 15:04:30 UTC 2020 - Ignaz Forster - Change virtualization detection from virt-what to systemd-detect-virt; this avoids a dependency to a hardcoded libexec path in module-setup.sh (which broke during the recent migration to /usr/libexec) ------------------------------------------------------------------- Tue Aug 18 11:56:54 UTC 2020 - Guillaume GARDET - Add patch to fix install on %arm: * ignition-fix-arm32-installation.patch ------------------------------------------------------------------- Wed Aug 12 09:27:01 UTC 2020 - Ignaz Forster - Fixed "ignition presets not applied" (boo#1172510) - Refresh 0001-fix-install-permissions.patch to match pull request ------------------------------------------------------------------- Sun Aug 09 22:06:51 UTC 2020 - kukuk@suse.de - Update to version 2.6.0: * news: add notes for 2.6.0 * travis: test container build * README: always run latest release of ignition-validate container * release-checklist: update Quay release tag * build_releases: specialize for container build * Revert "build_releases: drop script" * ci: use faster compression for buildextend-live * cloudstack|openstack: propagate ErrNeedNet * internal/config: allow Ignition generated key-files for all devices * dracut/30ignition: Add packages to delete users/groups * tests/positive: Add test for deleting users * tests/stubs: Add blackbox testing stub for userdel and groupdel * config: add ShouldExist to schema * passwd: allow removing the existing users/groups * Revert "ci: skip rootfs.uuid test while ratcheting ignition-dracut merge" * ci: drop cosa compress call - Add 0001-fix-install-permissions.patch: Fix permissions of installed files - Add 0003-fix-i386-build.patch: Fix build on 32 Bit x86 machines ------------------------------------------------------------------- Tue Jul 28 11:16:55 UTC 2020 - kukuk@suse.de - Update to version 2.5.0: Merge of ignition-dracut into ignition; CoreOS specific files have been removed (they can be found as part of https://github.com/coreos/fedora-coreos-config now for reference) * news: add notes for 2.5.0 * ci: skip rootfs.uuid test while ratcheting ignition-dracut merge * stages/disks: get filesystem info via device alias * dracut: remove CoreOS specific modules * Clean-up post-merge files. * ci: build metal4k image before live image * 30ignition: move conditional network startup out of ignition-dracut * tests/kola: move blackbox tests to its own dir * build_releases: drop script * templates: update checklist for current process * dracut/30ignition: fix typo in udev rule * dracut/30ignition: add Ignition LUKS * make: install systemd unit as non-executable * 30ignition: make var in dracut_func local * Add new ignition-fetch-offline.service * ci: test with git master of coreos/ignition * 30ignition: GPT setup: wait for 'boot' labeled partition * 30ignition: add wipefs to the initramfs * Remove OnFailure= from targets, put in services * ignition-setup-user.service: run before multipathd * 30ignition: clean up Ignition stages ordering * coreos-teardown-initramfs: propagate the automatic multipath conf * 99emergency-timeout: Dump all failed services * 30ignition: drop hard requirement on qemu_fw_cfg * 99emergency-timeout: improve readability of Ignition failure message * 99emergency-timeout: also check ignition-fetch.service for failure * coreos-teardown-initramfs-network: don't run when emergency.target * dracut: add logging to systemd generator * coreos-teardown-initramfs-network: also propagate hostname * coreos-teardown-initramfs-network: support coreos.no_persist_ip karg * coreos-teardown-initramfs-network: consider ifcfg files in real root for RHCOS * coreos-teardown-initramfs-network: also skip local loopback interface * coreos-teardown-initramfs-network: do SELinux relabel on copied files * coreos-teardown-initramfs-network: order ExecStop after other ignition units * coreos-teardown-initramfs-network: remove After=ignition-files.service * Add ignition-virtio-dump-journal.service * Add `basename` dependency to dracut module * coreos-teardown-initramfs-network: enable the service statically * coreos-teardown-initramfs-network: simplify networking takedown * coreos-teardown-initramfs-network: take down routes too * coreos-teardown-initramfs-network: take down teams as well * coreos-teardown-initramfs-network: remove state files on switch * coreos-teardown-initramfs-network: also propagate initramfs networking if desired * coreos-teardown-initramfs-network: refactor into more functions * add coreos-teardown-initramfs-network.service * Declare external applications as optional * Remove obsolete dependencies * Hook up to CoreOS CI * Add ignition-diskful-subsequent.target * Makefile: Remove grub/ install bits * Make setfiles optional * dracut: add some bins for s390x zVM instalation * README.md: add details about the branches here * units: add ConditionPathExists=/etc/initrd-release everywhere * Add ConditionPathExists=/etc/initrd-release to targets * 30ignition: add setfiles * 30ignition/ignition-setup-user: mount /boot partition ro * firstboot-complete: tell zipl to run * coreos-gpt-setup: workaround old lsblk not having PTUUID * Add `ignition-subsequent.target` for non-Ignition boots * ignition-firstboot-complete.service: Run as part of basic.target * Run ignition-disks earlier to avoid race condition * 30ignition: update ignition-complete.target OnFailure comment * dracut: Add an ignition-fetch.service * 30ignition: drop OnFailure handler from ignition-diskful.target * 30ignition: fix sequencing of target dependencies * Add RemainAfterExit=yes to systemd units of Type=oneshot * Makefile: New file implementing `make install` * 30ignition: move coreos-gpt-setup RemainAfterExit to correct section * 30ignition: on live images, read config.ign from custom initrd * 30ignition: make ignition-diskful a dependency of ignition-complete * 30ignition: fix double slash in ignition-setup-* dest paths * systemd: don't try to mark live boots complete * 30ignition: conditionally enable units requiring a boot disk * README.md: fix download link * update-bootengine: drop file * dracut/30ignition: localize some variables * ignition: fix correct device path when randomizing UUID * dracut/30ignition: fix typo in module_setup * ignition: split ignition-setup into base and user * dracut/30ignition: scramble disk uuid on 1st boot * grub: drop 02_ignition_firstboot * dracut: add 99emergency-timeout * 30ignition: drop CoreOS specific bits * dracut/30ignition: link to RHBZ in ignition-complete * dracut/30ignition: add OnFailure= for ExecStop= services * dracut/30ignition: order ExecStop= units before initrd-switch-root.target * dracut/30ignition: re-order directives in remount-sysroot * dracut/30ignition: add missing Before= for mount unit * dracut/30ignition: order ignition-complete.target before initrd.target * module_setup: include cdrom rules for openstack * dracut: add CoreOS integration services * dracut/30ignition: Add mount stage and drop OSTree-specific bits * dracut/30ignition: Explicitly add OnFailure=emergency.target * 30ignition: ignore coreos.randomize_disk_guid * 30ignition: drop check for coreos.oem.id * grub: support overriding network kcmdline args * README.md: update documentation * 02_ignition_firstboot: Enable networking if Ignition will run * dracut/30ignition: expect ignition binary in module directory * dracut/30ignition: add ignition-complete.target * dracut/30ignition: split out ignition-setup.service * dracut/30ignition: Only write ignition-setup.service on first boot * grub: find boot partition and use it directly * module-setup.sh: Check for module qemu_fw_cfg not build-in, so it works out of box on all arches * dracut/30ignition: general hack cleanups * dracut: adapt for s/oem/platform in Ignition * ignition-setup: don't perform umount, rely on systemd * ignition-setup: rename copy function * services: fixup unit deps to more match CL * ignition-setup: use MountFlags=slave for systemd unit * ignition-setup: changes from code review * ignition-setup: mount/unmount boot to grab user.ign * dracut: add /usr/sbin/ignition-setup to initramfs * generator: try to get ignition-setup to run on boot * generator: RemainAfterExit=yes for ignition-setup * ignition-setup: support boot or platform base/user configs * ignition-setup: remove support for default configs * Remove the check for OEM partition, not used * Always check for boot, needs to exist * Replace OEM with boot * Add ability to parse config.ign file on boot * journal: add clarifying comment for context * Remount /sysroot rw (#38) * ignition-firstboot-complete.service: Remount /boot rw * Rename `coreos.firstboot` kernel cmdline arg to `ignition.firstboot` to make options more distribution neutral. Update dracut/README.txt to take into account recent changes. * 30ignition: only instmods if module available * remove ignition-remount-sysroot.service files * ignition: run files stage at original CL ordering * ignition-disks.service: drop Requires=network.target * ignition-ask-var-mount.service: use RemainAfterExit=yes * module-setup.sh: explicitly install qemu_fw_cfg * module-setup: Make mkfs.btrfs optional * 30ignition: add support for ignition-disks * journal: Don't log to console AND kmsg * dracut/ignition: remove CL-legacy udev references * coreos-firstboot-complete: RemainAfterExit=yes * change the default level of messages send to kmsg * Add Journald forward to kernel log buffer option * fixup! Rework how we run Ignition on first boot * Rework how we run Ignition on first boot * Drop 'auto-detect' hacks in generator * Make ignition work on classic systems * ignition-generator: add hack for openstack support * Add ignition-ask-var-mount.service * no disks for now - boot systemd unit ordering issue * Run ignition-files after ostree-prepare-root.service * Prefix remount-sysroot.service with "ignition-" * README.txt: fix rpm-ostree instruction * update README * add back in forwarding journal to console * get rid of usr-generator module * For now let's assume ec2 if we are running on xen * module-setup: update module-setup so deps are pulled in * module-setup: order install list alphabetically * README: Note instructions are for classic systems * ignition-quench.clc: add the source for ignition-quench.ign * add ignition disks stage * only run Ignition on first boot * module-setup.sh should install the binaries Ignition depends on * reset to 863a8f6 * Try to fix problem * Revert "use /etc/machine-id to detect firstboot" * use /etc/machine-id to detect firstboot * Make it so we will only run once * Add README that shows people how to use this * Hack dracut to just do ignition-files. * remove extra sauce * dracut: drop obsolete comment * 99start-root: drop DEVLINKS from mdadm invocation * update CoC and legalese * dracut: ignore Azure SR-IOV VF interface * dracut: correctly sequence disk-uuid@ before ignition-setup * dracut: copy Ignition base configs into system dir * dracut: fix comment * dracut: consolidate Oracle OCI network units * dracut: add module to start iSCSI root disk * dracut: add network units for Oracle OCI * dracut: move IP/link teardown from a drop-in to a separate unit * dracut: switch to using gpt partition types * dracut: add module to assemble root raid array * update-bootengine: enable terminfo module * dracut: fail verity-setup.service if verity setup fails * dracut: update some comments in usr-generator * dracut: disable systemd-fsck@.service for /usr * dracut: prevent dev-mapper-usr.device from timing out * dracut: Move chmod into coreos-overlay with the others * dracut: Run coreos-static-network before ignition-files * dracut: add mkswap for ignition-disks * update-bootengine: take out multipath again with 045 * dracut: Have ignition depend on the upstream qemu module * dracut: use coreos-metadata to configure Packet networking on first boot * dracut: on ec2, disable systemd-networkd if ignition fails * update-bootengine: Drop amd64-generic from usage text * dracut: Drop support for diskless amd64-generic * dracut: disable networkd by default * dracut: conditionally enable coreos-digitalocean-network.service * dracut/30ignition: add mkfs.vfat * Revert "add sysusers to the initramfs" * add sysusers to the initramfs * dracut: Don't prompt twice upon reaching a dracut breakpoint * dracut: Don't instantly reboot upon reaching a dracut breakpoint * dracut: Unmount /sysroot/boot more carefully * dracut: teach ignition-generator about kvm * dracut: Delete /boot/coreos/first_boot after automatic Ignition run * dracut: Add comment * Revert "dracut: Use ConditionKernelCommandLine in Ignition units" * Revert "dracut: Run ignition-files whenever /etc/machine-id doesn't exist" * Revert "dracut: Randomize disk GUID only after ignition-disks succeeds" * dracut: Confirm entering emergency shell, reboot otherwise * dracut: Randomize disk GUID only after ignition-disks succeeds * dracut: Run ignition-files whenever /etc/machine-id doesn't exist * dracut: Use ConditionKernelCommandLine in Ignition units * dracut: Eliminate ignition.target * dracut: Migrate Ignition unit files from coreos-overlay * diskless-generator: Fix root directory mode 1777 on tmpfs * dracut: add qemu detection to ignition generator * dracut: support initramfs network configuration via cmdline * verity-generator: use BindsTo for device dependencies * verity-generator: fix race with disk modification jobs * dracut: enable coreos-digitalocean-network.service * dracut: add digitalocean network config * dracut: include cdrom_id rules * dracut: install qemu_fw_cfg lkm in ignition module * dracut: build onto the upstream systemd-networkd module * dracut: change pxe network config condition * dracut: set ClientIdentifier=mac for the PXE OEM * update-bootengine: add -k to usage message * dracut: install kernel network modules * update-bootengine: add support for bundling kernel modules * dracut: include ca-certs bundle * setup-root: fix ordering with /sysroot/usr mount * dracut: enable DHCPv6 * dracut: make gpt headers valid before randomizing * dracut: add forward-to-console option to journald * dracut: run tmpfilesd with etc-shadow config * dracut: explicitly order disk-uuid before systemd-fsck-root * dracut: read guid to randomize in disk-uuid from kernel paramater * dracut: require disk-uuid.service on coreos.randomize_disk_guid=1 * dracut: use ignition-generator to require disk-uuid.service * dracut: parse coreos.oem.id for ignition * setup-root: fix ordering between selinux-base.conf and libsemanage.conf * dracut: add mkfs.xfs to ignition * initrd-setup-root: check selinux tmpfiles configs before using them * update-bootengine: use the native ldconfig * dracut: apply etc.conf in initrd-setup-root * dracut: remove link-local addr from network config * dracut: remove junk from zz-default.network * dracut: remove Ignition udev trigger * dracut: use inst_simple instead of inst * dracut: swap ignition.force for coreos.first_boot * dracut: add mkfs dependencies for Ignition * dracut: use idiomatic method for installing rules * bootengine: apply baselayout-home.conf in initrd-setup-root * bootengine: fully populate the initrd shadow db from baselayout * bootengine: initialize /sysroot/etc shadowdb files from baselayout * bootengine: convert initrd-setup-root to a standalone shell script * bootengine: convert setup-root to a standalone systemd service * bootengine: rename 80setup-root to 99setup-root * Set up selinux tmpfiles before performing root pivot * dracut: set DefaultDependencies=no for initrd-systemd-resolved * dracut: add ignition systemd generator * dracut: add useradd, usermod, groupadd to ignition module. * dracut: udevadm settle after writing the disk GUID * dracut: take down all interfaces before switchroot * dracut: discard 99-default.link from 02systemd-networkd module * dracut: add ordering on disk-uuid.service * dracut: add Ignition * dracut: add systemd-networkd to the initramfs. * dracut: remove disk-uuid's dependence on Ignition * dracut: fix typo in disk-uuid.service * disk-uuid: add service for generating GPT UUID * verity-generator: disable default dependencies * verity-generator: add service generator for veritysetup * diskless-generator: make a real mount unit when using btrfs as rootfstype * dracut: don't explicitly remount /sysroot rw * setup-root: remove call to ldconfig * gptprio: remove kexec based implementation * diskless-generator: check value of mount.usr= and usr= * systemd: don't initialize machine-id, do initialize ld.so.conf * Explicitly supply the ACPI RSDP address to kexec on efi systems * update-bootengine: always run ldconfig in chroots before dracut * gptprio: retry mount if it fails the first time * systemd: add module to disable network device renaming * fix(update-bootengine): Exclude unnecessary dracut modules. * add(diskless-btrfs): Experiment for diskless btrfs instead of tmpfs * add(remount-sysroot.service): If needed remount root as rw * fix(99dracut-root): Replace 99fstab with an even more stupid hack. * add(10diskless-generator): Add generator for squashfs and tmpfs mounts. * fix(10usr-generator): Typo fixes * add(10usr-generator): Move usr=/dev/foo handling to a systemd generator * fix(80setup-root): Add missing -E flag to grep. * remove(80squashfs): Replaced by using fstab instead. * add(99fstab): New module to satisfy dracut without root= * fix(80setup-root): Handle initrd OEMs * fix(80setup-root): Silence "machine-id: No such file" error message * cleanup(80setup-root): Remove ${BOOTENGINE_ROOT_DIR} var * remove(80usrgptprio): Replaced by new gptprio and setup-root modules * add(80setup-root): Move fs setup logic to new module * fix(80gptprio): Gut most of gptprio, make it work for root and usr * feat(80usrgptprio) add ability for unique /etc/machine-id files * remove(80resize): Drop resize module * fix(80resize): Don't resize until after kexec * fix(80usrgptprio): Add special x-initrd.mount option to /sysroot/usr * add(resize): New dracut module to resize ROOT before mounting. * fix(update-bootengine): Include fsck in bootengine. * fix(80squashfs): Split hook into separate parse and mount hooks. * fix(80usrgptprio): Add basic support for plain block devices * fix(80usrgptprio): Update usr= option, not root= * fix(80usrgptprio): Support kernels in both /usr/boot and /boot * fix(80usrgptprio): Fix normal test case. Enable 80usrgptprio testing. * fix(80usrgptprio): Fix mount-fail test case. * fix(80usrgptprio): Fix kexec-fail test case. * fix(80usrgptprio): Fix fail-kernel test case. * fix(80usrgptprio): Fix backup/setup of symlinks root filesystem. * fix(80usrgptprio): Fix fail-everything test case. * fix(80usrgptprio): Do not run without usr=gptprio * fix(80usrgptprio): Convert test case to same spacing as module code. * feat(80usrgptprio): initial commit * fix(gptprio): Fix fallback path when using systemd. * fix(parse-gptprio.sh): Fix up log message. * add(journald): New module for journald configuration * fix(gptprio): Add best-effort support for unloading modules before kexec * fix(gptprio): Switch to falling back on kernel/kexec failures. * fix(tests): Rework the test suite, make false positives harder. * cleanup(gptprio): Move our verbose command logging into a common function * fix(gptprio): Drop case translation, cgpt next now uses lower case * fix(update-bootengine): Silence setlocale errors * fix(update-bootengine): Fix terrible typo that broke namespace creation. * feat(dracut/80squashfs): make oem of unlimited size * feat(parse-squashfs): add in support for custom OEMs * feat(squashfs): initial commit of squashfs root support * fix(update-bootengine): Compare namespaces via mountinfo. * License project under BSD-2 license * fix(module-setup): Use dracut_install which aborts on errors. * Add(update-bootengine): Move code for running dracut out of ebuild. * fix(dracut): use lower on PARTUUID * fix(dracut): umount the root fs * feat(tests): refactor and add tests * feat(dracut): add debuggging output * feat(pre-mount-gptprio): die if the kexec returns * fix(dracut) mount boot filesystem as ro so it's not dirty when it boots * feat(dracut) add proper support for cgpt * feat(dracut): get everything working * Initial commit - Dropped 0003-Disable-resetting-UUID.patch (upstream moved the functionality into the CoreOS configuration. - Added ignition-enable-network.sh / ignition-enable-network.service: Implemented ignition-fetch-offline feature to only start networking if required ------------------------------------------------------------------- Mon Jul 20 06:53:08 UTC 2020 - iforster@suse.de - Update to version 2.4.1: * news: add notes for 2.4.1 * ci: also run testiso * engine: fix provider config precedence * news: fix typo * files: don't relabel homedir symlinks themselves * stages/files: set LUKS keyfile directory to 0700 * util/user_group_lookup: handle more error codes - Update to version 2.4.0: * news: add notes for 2.4.0 * doc: add Azure Stack to platform list * doc: drop production-users * doc: update link for systemd drop-ins * doc: update supported platform links * fetch-offline: signal networking for Tang-pinned LUKS devices * doc: add LUKS fields to configuration document * internal: add LUKS support * config: add LUKS to schema * units: empty dropins should be written to disk * internal/resource/http: clear CA compression on rewrite * internal/exec/engine: write empty cache config when not provided * AzureStack: add new target platform * CONTRIBUTING: drop mailing list and IRC references * MAINTAINERS: drop file * Azure: allow for either udf or iso9660 config volume * files: don't run `setfiles` with `-i` * files: relabel the systemd preset directory * exec/util: factor function for resolving symlinks * passwd: don't auto-prefix user homedir * internal/util/url: don't require networking for empty schemes * docs: Add gs scheme * config/types: Add validation for gcs urls * internal/resource: Support gcs urls in Ignition config * vendor: Add GCS module and its dependencies * ci: change --blacklist-test to --denylist-test * ci: also run gofmt and unit tests * fetch-offline: new stage for conditional networking * ci: move comment about kernel closer to `curl` * tests: add test for creating a deeper hard link to the file * stages/files: fix hard links to files that are deeper than the hard link * doc/configuration-*: clarify references to `source` * stages/disks: run wipefs before creating filesystem * stages/disks: warn if libblkid finds multiple filesystem signatures * exec/util: merge filesystem lookup functions * tests: add positive test for reusing ambivalent filesystem * tests: specify type when mounting filesystem * tests: add canned ZFS image * tests: only mount partitions if we need to * ci: test with latest ignition-dracut * providers/aws: change metadata version from 2009-04-04 to 2019-10-01 * Add CA bundle reference in the docs * Moving tls public/private keys into a separate package * Update AWS for IMDSv2 * Add cabundle tests * config/*: drop warning on unset file/dir mode * Add support for CA bundles for fetching the ignition config Fixes https://github.com/coreos/ignition/issues/931 * ci: Freeze kernel at 5.6.7 due to loop regression breaking blackbox test ------------------------------------------------------------------- Mon May 11 07:09:28 UTC 2020 - kukuk@suse.de - Update to version 2.3.0: * news: add notes for 2.3.0 * config/v3_2_experimental: update all copyright dates * doc/configuration-*: update for new spec * tests: stabilize spec 3.1.0 * *: update for new experimental spec * config/v3_2_experimental: set up package * config/v3_2_experimental: copy from config/v3_1 * config/v3_1_experimental: mark stable * doc/development: update spec stabilization instructions * config: rename function for clarity * tests: bump invalid 2.x experimental version to match spec2x branch * config/v3_1_experimental: add some missing version tests * config/v3_1/translate: fix package name * doc/migrating-configs: update for 3.1.0 * resource/url: allow compression in data URLs * doc/migrating-configs: mention spec 2.4.0 * validate: accept any supported config version * exec: drop validate.go * doc/migrating-configs: put newest version first * Add SHA-256 reference in the docs * Add SHA-256 support for file verification * ci: run blackbox tests in CoreOS CI * Send ssh_authorized keys info into the journald log * Update go-systemd with the systemd module * Send a message to the systemd journal if a user config is provided * tests: add positive tests for resource compression * spec: unify resource fetching type * doc: clarify wording of files.*.verification.hash * vendor: refresh after gomod changes * gomod: update to go-systemd v22 * stages: fix package names * providers/packet: override Accept header fetching instance metadata * resource/url: allow caller-specified headers to override defaults * Allow to specify HTTP headers for fetching configs and files ------------------------------------------------------------------- Wed Mar 25 10:11:53 UTC 2020 - kukuk@suse.de - Update to version 2.2.1: * news: add notes for 2.2.1 * providers/qemu: fix default to fwcfg * doc/development: remember to bump Accept header during spec bumps - Remove 0001-Support-more-architectures.patch: Patch added upstream ------------------------------------------------------------------- Tue Mar 24 12:58:48 UTC 2020 - Ignaz Forster - Add 0001-Support-more-architectures.patch: Allow builing on i586 (and other architectures) again ------------------------------------------------------------------- Tue Mar 24 07:45:25 UTC 2020 - kukuk@suse.de - Update to version 2.2.0: * news: add notes for 2.2.0 * Fix ignition config for the instantiated unit test * Fix enabling systemd instantiated services * providers/qemu: support Ignition block device on s390x and ppc64le * blkid: Explicitly use C int variable for numParts * tests: don't panic after failing to run Ignition * platform: sort providers * ci: migrate to new coreos-ci project * OWNERS: add OWNERS file * Add Exoscale provider * docs: minor fixes to platforms page * ci: hook up to CoreOS CI * providers/vultr: Add Vultr provider * Throw error if SSH keys could not be written * stages/files: don't relabel /home and /root symlinks - Drop 0001-Throw-error-if-SSH-keys-could-not-be-written.patch - Added explicit Recommends for helper applications [boo#1167289] ------------------------------------------------------------------- Tue Jan 21 16:25:25 UTC 2020 - Ignaz Forster - Do not use SSH keys fragments, those are not supported by openSUSE. [boo#1161265] ------------------------------------------------------------------- Tue Jan 14 17:05:19 UTC 2020 - Ignaz Forster - Add 0002-allow-multiple-mounts-of-same-device.patch: Allow mounting a device multiple times, e.g. to mount several subvolumes from a Btrfs device or bind mounting the device to multiple places, by also adding the path to the key. [Workaround for gh#coreos/ignition#890] ------------------------------------------------------------------- Wed Jan 8 17:47:30 UTC 2020 - Ignaz Forster - Add 0001-Throw-error-if-SSH-keys-could-not-be-written.patch: Don't silently ignore if the SSH key could not be written [boo#1159232] ------------------------------------------------------------------- Mon Dec 23 09:16:22 UTC 2019 - iforster@suse.de - Update to version 2.1.1: * stages/files: don't relabel /home and /root symlinks * tests/filesystems: fix error handling * blackbox tests: don't swallow errors * log: use os.ProcessState.ExitCode instead of unix * travis: bump min go to 1.12 * news: add notes for 2.1.1 * readme: fix links, add validation container docs * Dockerfile: add dockerfile for ignition-validate * news: add news for v2.1.0 * README.md: add details about dracut and branches here * doc/operator-notes: simplify SELinux section * mount: also relabel mount points * util: factor out FindFirstMissingDirForFile function * files: perform relabeling from initrd * doc/examples: Make example file path valid * Rework fetch/resource to automatically append required headers ------------------------------------------------------------------- Wed Nov 20 10:29:29 UTC 2019 - iforster@suse.de - Update to version 2.0.1+git20191112.a924dd7: * tests: remove unused partitions, dead code * internal,tests: abolish syscall package * vendor: include golang.org/x/sys/unix * providers: add ibmcloud - turn off SELinux by default ------------------------------------------------------------------- Thu Nov 07 17:45:13 UTC 2019 - kukuk@suse.de - Update to version 2.0.1+git20191106.809f44a: * Add test cases for file system mount options * Add translator for Filesystem struct * Document file system mount options * Implement file system mount options * providers: add initial zVM hypervisor support * travis: test on arm, use new ubuntu, cleanup * config/v3_1_exp/types: validate http(s) proxies * tests: remove unused stub for id * distro: turn on SELinux by default * Add filesystem mount options to schema * files/passwd: don't shell out to id * files/passwd: clean up repetitive code * providers/aliyun: Add aliyun * release-checklist: mention mantle cl branch for 0.x.y releases * config/v3*: don't warn on unset mode if appending ------------------------------------------------------------------- Fri Sep 27 11:17:00 UTC 2019 - kukuk@suse.de - Update to version 2.0.1+git20190925.641ec6a: * selinux: use /run/systemd/relabel-extra.d for etc * resource/url: Don't use a tmpfile in FetchToBuffer * resource/url: use only needed ifaces in fetchFrom* * resource/url: make FetchFrom* private * Add a `fetch` stage * build: Add `make install` * tests: fix bb tests for size/start 0 * Continue on empty GPT partition label * files/selinux: deglob user/group related paths * stages/files: relabel masking symlinks for systemd * engine: Write `/run/ignition.json` atomically * vendor: Add github.com/google/renameio * stages/filesystems: drop stray debug print * doc/supported-platforms: mention qemu version requirements * Source build file correctly * resource/url: update schema version in Accept header * fix check path mount - Drop 0001-Continue-on-empty-GPT-partition-label.patch: Added upstream ------------------------------------------------------------------- Mon Sep 02 16:34:22 UTC 2019 - iforster@suse.de - Update to version 2.0.1+git20190802.d523754: * main: log stage at startup - Add 0001-Continue-on-empty-GPT-partition-label.patch ------------------------------------------------------------------- Fri Jul 26 08:36:17 UTC 2019 - kukuk@suse.de - Update to version 2.0.1+git20190725.10b85d1: * release-checklist: add step to submit to bodhi * news: add news for v2.0.1 * config/v*: run Node.Validate() as well * doc/getting-started: rm online validator section * providers/aws: get region after getting config. * providers: allow FetchConfig to mutate the fetcher * release-checklist: fix for new website and jenkins ------------------------------------------------------------------- Thu Jun 6 15:32:37 CEST 2019 - kukuk@suse.de - Update to version 2.0.0+git20190603.0c1da80: * news: update for v2.0.0 * build*: use --always with git describe * vendor: switch to coreos/vcontext * config/validate: add tests for duplicate checking * build: export GOFLAGS so they get used * config/validate: add test for validation * config/validate: check for unused keys * internal/util/docs: update to use new validation * internal: update to use new validation code * config/validate: replace old validation with vcontext * config/v3*: update to use new validation functions * vendor: add vcontext * internal: create dev aliases in /run/ignition/ instead of / * Update hostname example * tests/*: rename bb tests * release-checklist: split out 0.x and 2.x+ bits ------------------------------------------------------------------- Thu May 02 09:14:07 UTC 2019 - kukuk@suse.de - Update to version 2.0.0~beta+git20190429.1eeb201: * build_releases: update for using go mod * news: add news for v2.0.0-beta * doc: mv spec 3.1.0 -> 3.1.0-experimental * contributing.md: add pointer to development guide * doc/operator-notes: add section on config merging * test: turn on docs checking * doc/migrating-configs.md: update for spec 3.0.0 * doc/development.md: update doc for spec 3.0.0 * doc/getting-started.md: update for spec 3.0.0 * doc/examples.md: update for spec 3.0.0 ------------------------------------------------------------------- Thu Apr 25 07:40:40 UTC 2019 - kukuk@suse.de - Update to version 0.30.0+git20190424.9212ea6: * doc: add docs for existing link behavior * tests: add test for matching links * tests: fix test runner to link in the correct root * stages/files: do not fail if links are correct * tests/positive: test hardlinking to symlinks * tests/validator: use os.Lstat() not os.Stat() * config/*/types/storage: fail on hardlinked dirs ------------------------------------------------------------------- Tue Apr 23 07:39:41 UTC 2019 - kukuk@suse.de - Update to version 0.30.0+git20190417.ccc74c4: * doc/config-v3_*: Add notes about uniqueness ------------------------------------------------------------------- Mon Apr 15 11:32:53 UTC 2019 - kukuk@suse.de - Update to version 0.30.0+git20190411.205ae79: * providers/vmware: update for new vmware library * vendor: update to use vmware libraries * tests: update code for google's uuid package * vendor: switch to github.com/google/uuid * vendor: bump go-semver to latest * vendor: update aws-sdk-go to latest tag * doc: Document new proxy configuration options * vendor: Add golang.org/x/net/http/httpproxy dep * tests: Initial positive/negative tests * engine: Update http client based on proxy config * schema: Add proxy config and properties * *: bump import path * platform: drop "pxe" * doc: add documentation for 3.1.0-experimental spec * tests: turn on 3.1.0-experimental tests * *: switch to using 3.1.0-experimental everywhere * tests: don't fail on 3.1.0-experimental * config: add v3.1.0-experimental spec * tests/runner: use generic parse * providers/util: use generic parse * internal/engine: use generic parse * tests: add test for directory correction * doc/spec-3_0: clarify behavior with overwrite * stages/file: fail if relabeling and no restorecon * stages/files: allow directory matching * config/v3_0/types: add files verification tests * config/v3_0/types/file: add more validation * config/helpers: make StrToPtr strict * doc/spec-3_0: clarify overwrite behavior * stages/files: refactor overwrite handling * config/v3_0: disallow overwrite and nil source * config: validate fs entries dont use symlinks * platform: drop compat alias for "ec2" platform ID * config/shared/errors: drop unused errors * doc/spec-v3_0: remove deprecated size and start * tests: add test for file conflicts * stages/files: check that files dont conflict * config: remove partition start and size * internal: don't use partitions.{size,start} * tests: change partitioning bb to use MiB * build_blackbox_tests: fix for go mod * stages/files: fix unit relabeling to exclude DestDir * Fix configspec link to remove `-experimental` * doc/spec-v3_0: update to not be -experimental * tag_release: allow -suffixes on tags * doc/spec-v3_0: remove docs on removed field * doc: drop -experimental from spec filename * news: add news for 2.0.0-alpha * tests/positive/general: use hashes from server * tests: make servers generate their own hashes * *: stablize spec 3.0.0 * stages/files: fix relabel path to be relative to sysroot * tests: add bb test for invalid merged configs * exec/engine: validate merged config before use * tests/blackbox: make runner print config * config/types: call IgnoreDuplicates correctly * config: test to ensure config type is valid * config/types: de-pointer config.ignition.replace * config/merge: add tests * config: replace config appending with merging * config/v3_0_exp: rename config.append to merge * config: rework schema for better merging * *: rename ec2 -> aws and gce -> gcp * stages/files: Also relabel subuid/subgid files * doc/config-spec: drop passwd.users.create * config: drop passwd.users.create * config/validate: allow dups on some fields * config/validate_test: add tests for detecting dups * doc/config-v3_0_exp: add doc for new append logic * config/v3_0_exp: reject duplicate partition labels * config/v3_0_exp: require partition label or number * config/validate: validate no duplicates exist * config/v3_0_exp/types: implement Key() for types * tests/files: add test appending to existing file * tests: apply mode/owner in bb test runner input * config/v3_0_exp/types: rework storage.files.append * config: refactor * *: use config/ver instead of internal/config * config: move json schema to be with its types * test: don't validate docs * tests/negative/files: add ForceFileCreationNoOverwrite * *: default file.overwrite config option to false * tests/positive/passwd: add test UseAuthorizedKeysFile * tests/*: expose env vars through Test.Env * internal/*: drop merging authorized_keys.d into authorized_keys * vendor: switch to go modules * MAINTAINERS: update ------------------------------------------------------------------- Mon Mar 18 17:36:58 UTC 2019 - Ignaz Forster - Copy binary to dracut module directory as required by https://github.com/coreos/ignition-dracut/commit/b11553f9e2b530fbbb5a2504bc72b364829c879c ------------------------------------------------------------------- Mon Mar 04 14:10:54 UTC 2019 - kukuk@suse.de - Update to version 0.30.0+git20190301.2ce015b: * tests: add test ensuring correct ordering of nodes * tests: move failing tests to negative * stages/files: sort entries by resolved depth * Fix function comments based on best practices from Effective Go * tests: add bb test for mounting with sylminks * stages/mount: fail if mount paths involve symlinks * internal/exec/util: make SplitPath public * config/translate: add unit tests * config/translate: add reflection based translator * internal/distro: use relative paths * exec/util/passwd: rename authorized_keys.d fragment to "ignition" ------------------------------------------------------------------- Wed Feb 27 13:52:29 UTC 2019 - kukuk@suse.de - Update to version 0.30.0+git20190225.7de027b: * oem: add metal oem * internal/exec: use nonzero default file permissions * *: drop OEM terminology * tests: drop OEMLookaside type * *: drop OEM URI support * tests/validator: show formatted os.FileMode in validateMode error * doc/configuration-v3_0_exp: update with fs changes * tests: refactor bb tests, add mount/umount stages * exec/stages: add mount and umount stages * tests/*: update bb tests for new fs semantics * exec/*: rework files and filesystems * validate/report: add helpers to cut verbosity * engine: log configs on failure and fetched urls * engine: clear highlights before logging reports * internal/exec: log hashes of configs not configs ------------------------------------------------------------------- Tue Feb 19 15:12:40 UTC 2019 - kukuk@suse.de - Update to version 0.30.0+git20190215.cc767cc: * vendor: remove unused dependency go4.org * config: replace go4's errorutil with own impl ------------------------------------------------------------------- Fri Feb 15 12:15:58 UTC 2019 - kukuk@suse.de - Update to version 0.30.0+git20190206.aad24ad: * doc/development: add note to run individual blackbox tests * tests/types: add comments on some members of Test * internal/*: drop support for default.ign config files ------------------------------------------------------------------- Wed Jan 30 14:16:05 UTC 2019 - kukuk@suse.de - Update to version 0.30.0+git20190124.fd1e703: * docs: fix stale link to config 2.x ------------------------------------------------------------------- Mon Jan 14 11:39:00 UTC 2019 - kukuk@suse.de - Update to version 0.30.0+git20190111.96f8aae: * Replace cobra with built-in flag * *: drop networkd section * travis: bump min go version to 1.10.x ------------------------------------------------------------------- Fri Jan 11 13:25:29 UTC 2019 - kukuk@suse.de - Update to version 0.30.0+git20190110.5a28cac: * docs: remove config 2.x, add config 3.0.0 spec doc * config/*: drop cloudinit support * config: rip out all v1, v2.x configs * tests: update all versions to 3.0.0-experimental * config: replace v2_4 with v3_0_exp * types/v2_4_exp: rename to 3_0_exp * tests/timeouts: fix concurrency panic * internal/oem: drop vagrant-virtualbox * internal/oem: drop noop OEMs * Rename `coreos.config.*` options to `ignition.config.*` to make options more distribution neutral ------------------------------------------------------------------- Wed Dec 19 14:09:12 UTC 2018 - kukuk@suse.de - Update to version 0.30.0+git20181218.641adcb: * readme: add note about branching * release-checklist: correctly select GPG subkey ID * release-checklist: bump Fedora specfile * release-checklist: fix tag_release script name * news: add news for 0.30.0 * doc/development: add "kind/release" label to release issues * test: skip backward compat tests with -test.short * tests/partitioning: add minversion to complex mb * tests: add -list flag to blackbox tests * stages/filesystems: parallelize creation * tests: add test for multiple data filesystems * internal/exec: increase default config fetch timeout ------------------------------------------------------------------- Wed Dec 12 15:53:36 UTC 2018 - kukuk@suse.de - Update to version 0.29.1+git20181206.b1ab0b2: * news: add news for 0.29.1 * tests: add bb test for symlink resolution * exec/util: use Lstat() for existance checks * exec/util: don't follow links for last path elem * internal/resource: use earlyrand * internal: add earlyrand * news: add news for 0.29.0 * doc/migrating-configs: make link to doc relative * docs: update migrating config guide for 2.3.0 * docs: add config spec for 2.4.0, update 2.3.0 * tests: update to include 2.4.0-experimental * *: switch packages to use new experimental package * config/v2_4_experimental: add package * config/v2_3: update version to not be experimental * config/v2_3: change package statements to v2_3 * config/2_3: move 2.3.0-exp to 2.3.0 * schema: use mebibytes not megabytes for partitions * schema: fix incorrect case * docs/operator-notes: add notes about symlinks * tests: add bb tests for symlink resolution * internal/exec: fix util.JoinPath symlink handling * vendor: sync after glide updates * glide: update go-systemd to v18 * glide: pin transitive deps for aws-sdk-go * tests/validator: be more verbose about links * internal/providers/packet: don't send success to packet from Ignition * resource: add support for ?versionId on s3:// URL download * config/v2.1+/link: allow relative paths for target ------------------------------------------------------------------- Tue Oct 16 14:06:49 UTC 2018 - kukuk@suse.de - Update to version 0.28.0+git20181016.7785e61: * release-checklist: move to .github and drop front matter * stages/files: relabel files before systemd-sysctl * blkid: Compile with -Werror=implicit-function-declaration * config: Clarify semantics around certs * stages/disks: fix extraneous udevadm settle * glide: switch to tags where we can * stages/files: relabel /var/home and /var/roothome * tests: don't run files stage if disks failed * glide.*: remove subpackages * Revert "doc/development: update blackbox test instructions to low parallelism" * tests: workaround umount issues * docs/config-v2_3-exp: add sizeMB/startMB fields * tests: new tests for size-mb and start-mb * config/types/partition*: deprecate size/start * internal: updates for size-mb and start-mb * schema: add size-mb and start-mb to partitions * internal/*: fix go-vet formatting errors * build: clean before building * travis: bump go versions * doc/development: update blackbox test instructions to low parallelism * tests: refactor handling of root partition * tests: cleanup tests to use defer more * tests: cleanup extraneous testing.T's * tests: add a cancelation mechanism * build_blackbox_tests: only compile top level tests * release-checklist: explicitly merge the docs PR * config/*/append*: remove unused code ------------------------------------------------------------------- Thu Sep 6 17:11:56 CEST 2018 - kukuk@suse.de - Initial version (0.28.0)