)]}' { "log": [ { "commit": "9d2f3c681fee76b54dc202da6ca140151f588be8", "tree": "9f673387eea27eac06fbd16e9c2f3cfc689cc7fb", "parents": [ "82900a743f1eebcb80c0a310563be149691b89a7" ], "author": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Mon Apr 14 11:17:22 2025 +0000" }, "committer": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Tue Apr 29 06:55:58 2025 +0000" }, "message": "m/test/localregistry: use osbase/oci/registry\n\nThis replaces the localregistry implementation with a small wrapper\naround the new registry package.\n\nThe images attribute of the Bazel rule was changed from a list to a\ndict, which makes the repository and tag independent from the file path.\n\nChange-Id: I1f6213dd67f7bdcf2373fe136958caa68b9f4d10\nReviewed-on: https://review.monogon.dev/c/monogon/+/4089\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "1fe3f9419ae27d593a7c1840e6c37b20923da206", "tree": "03d182217e78e21487839fe1691601b15955a5d5", "parents": [ "b8500fb0d7463f8fd629148fd0760ece2a4e7102" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Apr 01 14:22:11 2025 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Apr 03 12:18:32 2025 +0000" }, "message": "metropolis/test/launch: write nanoswitch logs to correct dir\n\nChange-Id: I9ef4f39d0ca279b9b16158453b9e9b7774426480\nReviewed-on: https://review.monogon.dev/c/monogon/+/4053\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "d0cdb57f3d19239d987ffc58d3bb89760837953b", "tree": "e31c9e4ed046cfbebbd077dc0e5b137f2bb066ea", "parents": [ "47eb65bd29d4576593c134915088fe8bf144b047" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Mar 27 17:18:39 2025 +0100" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Mar 31 11:30:21 2025 +0000" }, "message": "treewide: rename osbase/test/launch to osbase/test/qemu\n\nChange-Id: Ia0775c462c8c909dc2080f01ff1f609b6d099179\nReviewed-on: https://review.monogon.dev/c/monogon/+/4046\nTested-by: Jenkins CI\nReviewed-by: Jan Schär \u003cjan@monogon.tech\u003e\n" }, { "commit": "9bd9bd45d58fd615c0c240226e6fb74e406b0d17", "tree": "18961f688d41f4098e34231c201f2e96ac35d864", "parents": [ "ffd8c7bb37da9b72eb66a0555e319ca2290ea761" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Fri Feb 14 17:08:52 2025 +0100" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Feb 27 07:43:17 2025 +0000" }, "message": "treewide: replace deprecated grpc.Dial with grpc.NewClient\n\nChange-Id: I925912ca1ee01d547fd9c1813eb083a2cd9a590a\nReviewed-on: https://review.monogon.dev/c/monogon/+/3858\nReviewed-by: Jan Schär \u003cjan@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "59094470108cac86cc8a9615cb934075a2c8780c", "tree": "ad823351a916d3391a5738a800c9866a0cae1428", "parents": [ "5ffa636e48f42aef08bd8d186db2213fc8d0d665" ], "author": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Mon Feb 10 10:17:33 2025 +0100" }, "committer": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Mon Feb 10 16:16:47 2025 +0000" }, "message": "m/test/launch/cli/launch-cluster: use metroctl_lite\n\nThis avoids building the bundle and thus speeds up the build of\nlaunch-cluster. metroctl_lite is already used in\n//metropolis/test/launch.\n\nChange-Id: I67ef3e92f068d4314f1ef9942ed2fe49992ce48f\nReviewed-on: https://review.monogon.dev/c/monogon/+/3839\nTested-by: Jenkins CI\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "6d33a4342a16200d628f30ff91b169927fc2867a", "tree": "e65ad23cb6d0b795420b5ec625a757784d4c3e3b", "parents": [ "7887f758de8f9106a484ca59d9734304aa919e36" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Feb 04 14:34:25 2025 +0100" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Feb 06 17:03:43 2025 +0000" }, "message": "treewide: add license header and enable haslicense linter\n\nChange-Id: I873a8d4082d75e8f813d8a726a41187eea7a065e\nReviewed-on: https://review.monogon.dev/c/monogon/+/3825\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "8f1254d1919c7cda42c611c9e1d83cf9a2ef8034", "tree": "5be283b1ba93876be9c5c53f256ef55793b35bd3", "parents": [ "32e74305db44feaa564da55b3108ff3cc3f1fd32" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jan 28 14:10:05 2025 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Feb 03 11:13:25 2025 +0000" }, "message": "m/test/launch: extend GetKubeClientSet with rest.Config\n\nK8s streaming transports need a separate rest.Config, expose that from\nthe GetKubeClientSet.\n\nChange-Id: I7c4ee5dae0349bd6742afcbaf23aa7536b1bdf88\nReviewed-on: https://review.monogon.dev/c/monogon/+/3811\nReviewed-by: Jan Schär \u003cjan@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "a10d0cb2c85c0ede60be6cc6d2dc7a66750ddecb", "tree": "540bc92832ea12cc8427c0bcd785498dfcc30119", "parents": [ "f408e8123a3919a27d51983973a1bd41eaac1162" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jan 13 14:44:15 2025 +0100" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jan 23 20:14:58 2025 +0000" }, "message": "treewide: Fix ENUM_VALUE_PREFIX rule exception\n\nChange-Id: Ibc2fd66711f6aa347e88e2379c12db1898373700\nReviewed-on: https://review.monogon.dev/c/monogon/+/3804\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "4beaf4fac641e77fd08b7b9a3139f7d27fddac72", "tree": "6185d3a82ca7350d0db9ceb56fadf5e68bc02adc", "parents": [ "5c52062f02eb3b32b39ed4ccb9aa6e70c7e1af0d" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jan 14 16:10:55 2025 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jan 16 12:38:32 2025 +0000" }, "message": "m/t/launch: use undeclared test outputs for node logs\n\nThis allows easy access to node logs for failed tests. If\nNodeLogsToFiles is set and the environment variable is available, this\nis used instead of the test temp dir.\n\nChange-Id: Icf0a99280e4bfabb34f9259ea0e94ac3d6cc4b05\nReviewed-on: https://review.monogon.dev/c/monogon/+/3781\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "156248b949f3da7c8d0f4f46cb97ac7606464952", "tree": "ff52faf242a29f1916edad64bca6282f8030ee66", "parents": [ "227c5cbbdd8f682b6e4d4cc661fa0d6e734206f2" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Fri Jan 10 00:27:45 2025 +0100" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Fri Jan 10 20:13:30 2025 +0000" }, "message": "treewide: format repo with buildifier\n\nChange-Id: Ia7aebeb7bba5b119c9157d1ad805cc477bcbb68a\nReviewed-on: https://review.monogon.dev/c/monogon/+/3774\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "681d5157b955f6b942c620837d1a9e90bdefc983", "tree": "254905b461e1545d960fafbdad1ec2c250fc383f", "parents": [ "2edb96aeded0f67904ac9630088454fb12a62317" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jan 08 00:19:33 2025 +0100" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jan 08 20:54:21 2025 +0000" }, "message": "treewide: clean up test static binary targets\n\nThis removes some intermediate targets only used for transitions by\nconsolidating them into a single one.\n\nChange-Id: I46dcbcb731038edd2b67259de1811018f5ba43da\nReviewed-on: https://review.monogon.dev/c/monogon/+/3753\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\nVouch-Run-CI: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "a5b00bd43cceaf807e56ae609c6acdb9f94fa983", "tree": "5c2c0fe0d3947ddc7d82f6c4b34bedaeb26b7f39", "parents": [ "70e5a977302e5ce90c94488b7da0d55894dea3ec" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Dec 09 22:52:31 2024 +0100" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Dec 23 13:11:29 2024 +0000" }, "message": "metropolis/test/launch: fix data race\n\nChange-Id: Id427d73cf32ff06a074fce5903d66050dd9e28cb\nReviewed-on: https://review.monogon.dev/c/monogon/+/3688\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "d1a8b64d305c57f45416fc40b39211541113a373", "tree": "17fcd0e77576b200e75a940fb26ce2334a7a8553", "parents": [ "d77e26ee216738393a9808c95266bbcb91ca0e68" ], "author": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Tue Dec 03 17:40:41 2024 +0100" }, "committer": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Wed Dec 04 08:28:03 2024 +0000" }, "message": "treewide: add more ptr.To usages\n\nChange-Id: Ibf511bc012a17e39d6b7b4f3a7d9abc1304d755f\nReviewed-on: https://review.monogon.dev/c/monogon/+/3677\nTested-by: Jenkins CI\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "78567601398f4db5a8080fd30038ff7ac6affe0f", "tree": "757ee7c8d374317366a2535dbfb48ceaa66700f0", "parents": [ "beec27c6bdc2da730ffa2a2be6a68e1610148913" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Oct 31 13:42:04 2024 +0000" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Nov 05 13:11:03 2024 +0000" }, "message": "metropolis: remove stutter in ClusterConfiguration.KubernetesConfig\n\nWe already know this is a config (it lives in ClusterConfiguration), no\nneed to call that a config again.\n\nThis doesn\u0027t break any compatibility yet as field names are not (yet)\nunder a stability guarantee.\n\nChange-Id: Ib6492d1c8303cbd0620b979b8047ec9757e301c0\nReviewed-on: https://review.monogon.dev/c/monogon/+/3594\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "39f4f5c360e7a286bff4adaeabc52393dc28dc22", "tree": "c81382f2408a83ab7391414738713633b8fc9608", "parents": [ "1e39914fbcecda7ec236e67f143bbefc31eee9da" ], "author": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Tue Oct 29 09:41:50 2024 +0100" }, "committer": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Wed Oct 30 13:10:29 2024 +0000" }, "message": "metropolis: add cluster domain config and metroctl param\n\nThis adds a --cluster parameter to metroctl and a cluster domain field\nto the bootstrap configuration. It is not yet used anywhere, but later\nthe cluster domain will be used to identify the cluster.\n\nThe length of the cluster domain is limited to 80, to allow for\nconstructing subdomains. This limit could be increased later if needed,\nbut it cannot easily be decreased, so I chose a conservative value that\nshould be enough in most cases.\n\nChange-Id: I627cca8eb1d92c4b06e4dfd6b6926a013e8f33ae\nReviewed-on: https://review.monogon.dev/c/monogon/+/3508\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "20498ddc40079451c83ba3708afc57d820866cb3", "tree": "08849c86dba480fd56e4252a302ee804d8ac7fae", "parents": [ "e99638e3c7a2f1a604d49c47cc7a2685bfff8c5e" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Sep 30 17:07:08 2024 +0000" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Oct 28 14:22:49 2024 +0000" }, "message": "metropolis/test/launch: synchronize test node labels to kubernetes\n\nChange-Id: I57361503debb1d25873a72be18e947d2d1f11511\nReviewed-on: https://review.monogon.dev/c/monogon/+/3470\nReviewed-by: Jan Schär \u003cjan@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "1dcede9600e4c1584da4fbe89128970ea9532860", "tree": "1561bfcc59a2663ee432339bf4d815e399571a9a", "parents": [ "39d9c24f7167eb853aed0e1865ef8b187adf5bba" ], "author": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Wed Sep 25 13:07:11 2024 +0200" }, "committer": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Thu Sep 26 11:44:09 2024 +0000" }, "message": "m/test/launch/cli/launch-cluster: add allow-reboot flag\n\nWith the `-allow-reboot` flag set, it is possible to reboot a node with\n`metroctl node reboot`.\n\nChange-Id: I5c16f40d231803e31452a3b3c524be209d501526\nReviewed-on: https://review.monogon.dev/c/monogon/+/3453\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "39d9c24f7167eb853aed0e1865ef8b187adf5bba", "tree": "dc8229e272c2f78eac56bdf4fde135809444f255", "parents": [ "8d82f8d261b14b73385ba66e44279c53bb9fef13" ], "author": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Tue Sep 24 13:49:55 2024 +0200" }, "committer": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Thu Sep 26 11:44:09 2024 +0000" }, "message": "metropolis: reduce usage of identity.NodeID\n\nEventually, we want to be able to rotate node keypairs. To allow this,\nthe node ID needs to become independent of the public key. This change\nis a refactoring which starts this work by reducing the usage of\nidentity.NodeID, the function which derives a node ID from a public key.\n\nChange-Id: I5231ed0a7be37c23327fec93481b00c74374af07\nReviewed-on: https://review.monogon.dev/c/monogon/+/3445\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "ca8d951b683a3f0c64da7f61d4f74567d50623ac", "tree": "8e8f7af5a5902c0807d77d6774dfd8b426510624", "parents": [ "04aa3df595521dab1fe8fb12b716d2826a37105f" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Sep 12 14:20:57 2024 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Sep 16 16:29:59 2024 +0000" }, "message": "metropolis/resolver: use logging.Leveled\n\nThis moves the resover client library to use logging.Leveled instead of\nan ad-hoc logger interface.\n\nBy now having multiple level of logs, and by defaulting metroctl to show\nerrors and warnings, this should fix #302.\n\nChange-Id: I7cae1cf1be377ec824ad46ea1da1b23b46e01903\nReviewed-on: https://review.monogon.dev/c/monogon/+/3432\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "5abcc7a8a8eb891c0f8920fbd4fa0104e751841b", "tree": "9aa19c4a6dd5234b241f6f6a0b82f3d2878e4ce3", "parents": [ "0700357ac03ceb039c0c66e07f06da164d53d5b5" ], "author": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Mon Aug 26 13:59:11 2024 +0200" }, "committer": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Tue Sep 10 14:50:21 2024 +0000" }, "message": "m/test/launch/cli/launch-cluster: fix metroctl path\n\nos.Executable() returns the path to launch-cluster, not metroctl. This \nbug meant that trying to use kubectl on the cluster instead launched \nanother cluster.\n\nChange-Id: I94305c2688e55e2d2776d4a141d80b9f4ee3ec8f\nReviewed-on: https://review.monogon.dev/c/monogon/+/3352\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "0700357ac03ceb039c0c66e07f06da164d53d5b5", "tree": "8ea2f279903ea08850cf521f8cc25277467aed1f", "parents": [ "12b9a5d23a8cd59b2b9861aca47b81ed44abbdfd" ], "author": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Mon Aug 26 10:42:16 2024 +0200" }, "committer": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Tue Sep 10 14:50:21 2024 +0000" }, "message": "m/test/launch: make disk size configurable\n\nThis adds a flag to the launch-cluster command to specify the disk size \nof the VMs. This takes advantage of the previously added data partition \ngrowing feature.\n\nFixes: https://github.com/monogon-dev/monogon/issues/309\nChange-Id: Iecf8d8c186af16dfa9ed0418ec96c51e58900052\nReviewed-on: https://review.monogon.dev/c/monogon/+/3351\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "6120f38e1a10a1389f9413209ea6b6f23be56258", "tree": "e05e708b1c8c9a8fabdd725f66e8885dec448857", "parents": [ "e1420ab79117be4c97818fa708f62fea3ff6d265" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Sep 03 16:31:10 2024 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Sep 10 12:10:09 2024 +0000" }, "message": "cli/metroctl: add metroctl_lite for use in tests\n\nIt is the same target just without any data dependencies to ensure we\ndont have large dependency tree when running tests.\n\nChange-Id: Iebd0fbd880de07bbd853ea8dce8e9fbb193506af\nReviewed-on: https://review.monogon.dev/c/monogon/+/3372\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "62e6f0b9a4561118f691f2d886a7e2c026cec333", "tree": "1a587dfea077d6111018913573cce7152cf1340b", "parents": [ "b2d6c33bbb47a4b59bfb8c63934de500815a6a91" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Sep 03 12:18:56 2024 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Sep 04 19:40:28 2024 +0000" }, "message": "metropolis/launch: expose VNC socket\n\nThis can be used to manually test our upcoming console terminal.\n\nDrive-by add a timeout to retrieving initial cluster credentials in\ntest, as this wasn\u0027t capped and caused tests to fail at the Bazel 300\nsec timeout for a trivial case of a misconfigured qemu that wouldn\u0027t\nlaunch.\n\nChange-Id: I31fe8b82f3d7ad606c0ca1b03f51373fc746d499\nReviewed-on: https://review.monogon.dev/c/monogon/+/3370\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "a9b060b0bf7d965c7f04f1d005d7f3767715d5bc", "tree": "3f04781571d00e3b9640bb24da27cd0c7b6c121a", "parents": [ "397f7eaa1e98554f8b9fed2c748e492bf739027b" ], "author": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Wed Aug 07 10:42:29 2024 +0200" }, "committer": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Wed Aug 21 12:34:45 2024 +0000" }, "message": "m/test/launch: allow specifying launch parameters\n\nThis adds flags to the launch-cluster command for specifying the size of\nthe cluster, tpm and storage security configuration, number of CPUs and\nRAM size for all nodes, and assigning roles to specific nodes.\n\nAs an example, the following command launches a cluster with tpm\ndisabled, 4 nodes, 2 CPUs and 4 GiB of RAM on each node, and assigns the\nKubernetes Worker role to all except the first node:\n\nbazel run //metropolis:launch-cluster -- -tpm-mode\u003ddisabled \\\n-num-nodes\u003d4 -cpu\u003d2 -ram\u003d4G -kubernetes-worker\u003d1-3\n\nThe default storage security policy was changed to insecure, as this\nspeeds up cluster launch.\n\nThe cluster configuration flags are defined in a new separate package to\navoid code duplication.\n\nFixes: https://github.com/monogon-dev/monogon/issues/315\nChange-Id: Icf8b7fcbd6e609f4785b2a60ce5e7be14b641884\nReviewed-on: https://review.monogon.dev/c/monogon/+/3307\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "82e6af71ad2b7927de8d754799271ee9f39506f9", "tree": "4da4ec95a6e4c5f58957c555d8646e46dbb25c6d", "parents": [ "bceb1604c4d6ce1396c63083d2fd8aae98346cf3" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 23 00:05:42 2024 +0000" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Aug 13 12:43:45 2024 +0000" }, "message": "treewide: replace hardcoded runfiles paths\n\nWe hardcoded some of the runfiles paths to find specific files. This replaces the hardcoded paths by a call to rlocationpath. This prevents running a target without the correct dependencies at build time instead of at runtime\n\nChange-Id: I7ce56935ac80be6b28b824ccb0781ab401bd6521\nReviewed-on: https://review.monogon.dev/c/monogon/+/3301\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "0b9276519a7475c3a341f78d83ca8d18cec3b38a", "tree": "4824ee5afec87621b60d6cf06e22d3c696d3a978", "parents": [ "a3e38cf9a4fcc0940402c4f18172662a84e28151" ], "author": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Wed Jul 31 18:08:50 2024 +0200" }, "committer": { "name": "Jan Schär", "email": "jan@monogon.tech", "time": "Mon Aug 05 07:36:08 2024 +0000" }, "message": "m/test/launch: consistently use 0-based node indices\n\nPreviously, the first node was sometimes called node 1 in the logs, and \nsometimes node 0. Now it is always called node 0.\n\nOnce all nodes are up, node info is now printed in the order of node \nnumbers. Previously this was random as this was iterating over a map \n(cluster.Nodes).\n\nChange-Id: I0757c89951d7292f2f720237604a3554af4bf404\nReviewed-on: https://review.monogon.dev/c/monogon/+/3293\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "3325b4b940370ad4282fdaa6027a5672ff8fdc2a", "tree": "7308d80e86a0d0ea34a5d2d5c8dac8cb2dd8efeb", "parents": [ "41b244857ee793cbf74552ec39f2ff614a686a56" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 15 19:19:49 2024 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 22 21:25:58 2024 +0000" }, "message": "workspace: bump bazel_gazelle to v0.37.0\n\nChange-Id: I45a7769d80781075fdfb1c438240a75629dd572a\nReviewed-on: https://review.monogon.dev/c/monogon/+/3220\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "9f21f5396aa18bc9f2f83c867ff883f49bbf02ae", "tree": "c232f42c84bd6b7ace576261a188134cb0c69771", "parents": [ "f430fbfe35b70283090b6174cf5a920163c0148c" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue May 07 15:14:20 2024 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jul 04 12:19:37 2024 +0000" }, "message": "treewide: introduce osbase package and move things around\n\nAll except localregistry moved from metropolis/pkg to osbase,\nlocalregistry moved to metropolis/test as its only used there anyway.\n\nChange-Id: If1a4bf377364bef0ac23169e1b90379c71b06d72\nReviewed-on: https://review.monogon.dev/c/monogon/+/3079\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "53458ba5e9a9be9d7bbca7b01fb7ad5ff1201698", "tree": "0da5c7f8d4bec5c26d13b727de829bbb4bf91111", "parents": [ "dac0bba8b4762def59b5f929f6e9cc04f376e3e3" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 18 09:56:46 2024 +0000" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 25 08:21:11 2024 +0000" }, "message": "m/test/launch: order nodes in NodeIDs correctly\n\nThis ensures that referring to node by number via NodeIDs is possible -\nie. that NodeIDs[n] is the ID of the nth node as defined in NodeOpts or\nas used as the \u0027idx\u0027 argument in RebootNode.\n\nThis was never and is still not correctly formalized, even in comments,\nand is yet another proof that the cluster launch code deserves to be\nrewritten from first principles.\n\nFixes #301.\n\nChange-Id: I1ad13dc3bdd35a0c34f86e5d051ca9378491c876\nReviewed-on: https://review.monogon.dev/c/monogon/+/3168\nReviewed-by: Jan Schär \u003cjan@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "30e30b3323f05cb76a5168c24a487e4d8138b653", "tree": "f658e7c3537c1511dc84d6d2acad99a5c514269b", "parents": [ "11198c83ff733a10bfd731f20abadd286e753e28" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed May 22 14:11:56 2024 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 12 10:00:40 2024 +0000" }, "message": "m/node: allow specifying node labels during node registration\n\nChange-Id: Ie7fc7387314cd2f59661c2d07530b712f8f29b48\nReviewed-on: https://review.monogon.dev/c/monogon/+/3104\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "11198c83ff733a10bfd731f20abadd286e753e28", "tree": "62d9f95bf1736fd9e3f77d6e21256223ff86a89d", "parents": [ "41113935d59f3c0210b04d6251b1559979c677fb" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed May 22 14:11:01 2024 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 12 10:00:40 2024 +0000" }, "message": "m/node: allow specifying node labels during cluster bootstrap\n\nWe also drive-by refactor ProvideBootstrapData to take a structure\ninstead of a bunch of unnamed arguments.\n\nChange-Id: I8d876fd726fa87420789513540b20f523994d801\nReviewed-on: https://review.monogon.dev/c/monogon/+/3103\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "2b6dc312656035aedade6f368af1994bdb8b6021", "tree": "488e63bfdf22b6b389e160a01d4f731c3956e2f3", "parents": [ "8111b901b88c8ef9ca5e113584c928de4bfdd24d" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 04 17:44:55 2024 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 11 17:01:21 2024 +0000" }, "message": "metropolis/test: create swtpm TPMs at runtime instead of compile time\n\nThe generated TPM data is random (it contains generated cryptographic\nkeys) so we really shouldn\u0027t be building it with Bazel.\n\nInstead, let\u0027s create it at runtime for e2e tests, and also actually\ngenerate separate TPM data per node with a common issuer for all.\n\nMoving the logic out of //metropolis/node also feels deserved, as this\nis all squarely in test territory.\n\nChange-Id: I257ee54c88ede685ba3faf573282b0f9228b10e8\nReviewed-on: https://review.monogon.dev/c/monogon/+/3132\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "b07c57a3d0d7bc3d63e86e0b50c2ed4f5c6e5af6", "tree": "a189e5d724ab5f83cc0e6d237b8cb4bc1fcf1be2", "parents": [ "551a8199dab7faaa0bfb2c082c7f55a0940df247" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 04 14:33:27 2024 +0000" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 11 17:01:21 2024 +0000" }, "message": "metropolis: use swtpm from monorepo\n\nChange-Id: I6da94c7eaa31930d120955a17661152fc284f4a0\nReviewed-on: https://review.monogon.dev/c/monogon/+/3130\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "d02c6c7745943f19d453f6fba0bfb701e7f222df", "tree": "47a142a6b71e2aaa8e6a1ac9dc8d948158b70fec", "parents": [ "327cdbaec24fe9eddf6cb7589acbe7e8612eb6a4" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed May 22 18:19:00 2024 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 04 15:54:09 2024 +0000" }, "message": "m/test/launch/cli: turn targets back into binaries and aliases\n\nWe had some kind of hack to get //metropolis:{launch,launch-cluster} to\nwork as `bazel test` targets, but I see no reason to ever want that.\n\nHaving the thing go through a test_suite and a native_test broke passing\nSIGINT and caused the emulated environments to continue running in the\nbackground forked off the server when the user exited via Ctrl-C.\n\nFor some reason, running in tests also allowed us to do a weird hack in\nwhich we could resolve the TPM config directory as a runfile and list\nfiles there (running via `bazel run` broke that). Let\u0027s also fix this to\njust use a file list instead.\n\nChange-Id: I3389617272307275e2755e540b233f88ca80f0bd\nReviewed-on: https://review.monogon.dev/c/monogon/+/3105\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "dd5b03c0f43dabdd1b2882a4147f5b4a828543b8", "tree": "c5ad7f6f841cce6f18fbf85c1820503e6fe740a6", "parents": [ "a42844a2d797d0ddc3a8eb0658ecd26f949277df" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu May 16 18:07:06 2024 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed May 22 12:12:27 2024 +0000" }, "message": "m/test/launch/cluster: make node images use qcow2-based snapshots instead of copying\n\nThis is a mild speedup, saving a few seconds from every E2E test (time\nwhich would\u0027ve otherwise been spent copying image blocks) and\nalleviating IOPS pressure as the test runs on tests which don\u0027t use\nintegrity checking.\n\nChange-Id: I8feece1c028b62e54dc0b45732443d7c93515d7f\nReviewed-on: https://review.monogon.dev/c/monogon/+/3093\nReviewed-by: Jan Schär \u003cjan@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "adcf5d79ca9e4dd370d24e6579932a3dbaf5bd50", "tree": "bc038e72961171e033b9fb85abea5731ee38eb26", "parents": [ "0726486159ad5ee1e1ddcd8d8e1e52bb6cf11e20" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue May 21 13:46:25 2024 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue May 21 12:55:58 2024 +0000" }, "message": "metropolis/test: fix %v in cases where we should use %w\n\nChange-Id: I3ad73960ad6655332c9d223e13796ca410dca582\nReviewed-on: https://review.monogon.dev/c/monogon/+/3095\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "99b021469b209bf184cd8d18749a7c1e74852a50", "tree": "9b916b10f5048cd40e9b0c929926d6d70abb36fa", "parents": [ "d5d33ba1e0798b48f56e6a1bc9178af9fc778179" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Apr 17 16:33:28 2024 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu May 16 08:35:09 2024 +0000" }, "message": "m/test/e2e: split out tests into subpackages\n\nThe end-to-end tests have grown large enough that they merit their own\ntest targets. To make this more Go-idiomatic, we split away the tests\nnot just int separate Bazel targets, but also Go packages.\n\nWe also add per-test resource requests for Bazel, including a new\nresource kind (iops). This makes the tests more deterministic and allows\nuse to eg. use --runs_per_test\u003d10 to deflake test logic without hitting\nresource contention issues.\n\n//metropolis/test/e2e/suites/core:core_test PASSED in 35.1s\n Stats over 10 runs: max \u003d 35.1s, min \u003d 26.6s, avg \u003d 31.9s, dev \u003d 2.6s\n//metropolis/test/e2e/suites/ha:ha_test PASSED in 114.6s\n Stats over 10 runs: max \u003d 114.6s, min \u003d 90.1s, avg \u003d 100.9s, dev \u003d 7.6s\n//metropolis/test/e2e/suites/ha_cold:ha_cold_test PASSED in 67.8s\n Stats over 10 runs: max \u003d 67.8s, min \u003d 55.5s, avg \u003d 62.0s, dev \u003d 4.1s\n//metropolis/test/e2e/suites/kubernetes:kubernetes_test PASSED in 80.9s\n Stats over 10 runs: max \u003d 80.9s, min \u003d 58.8s, avg \u003d 68.6s, dev \u003d 6.0s\n\nChange-Id: I8f31e09f599fd90c9941e2b69f36789817fa90ce\nReviewed-on: https://review.monogon.dev/c/monogon/+/3086\nReviewed-by: Jan Schär \u003cjan@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "b765f24f8f1c93b817c8a3f4f1eef2514562b140", "tree": "1afe10327fcbbefa99de0bf3bfcb0d28ca77abca", "parents": [ "da1c950d5099b7384d9239d3590393080e9bc8f4" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed May 08 01:40:02 2024 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon May 13 10:07:41 2024 +0000" }, "message": "metropolis/cli/pkg/context: replace with signal.NotifyContext\n\nChange-Id: I457ccb83c7e25988755bb9463a8c83fc328a722b\nReviewed-on: https://review.monogon.dev/c/monogon/+/3081\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "500f6e08356b1cf358e619247582be784616964e", "tree": "acbefa8a8ff731ef38ea547172d8c87249209e77", "parents": [ "e564f17cc268763402ccaed1d2416309568c06f9" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Apr 03 12:06:40 2024 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Apr 25 12:01:18 2024 +0000" }, "message": "m/t/launch/cluster: add ShutdownNode/StartNode calls\n\nThis is a simplistic implementation of the ability to shut down and then\nstart nodes back up.\n\nThis has the following known issues:\n\n 1. Starting a node back up won\u0027t start it\u0027s TPM emulator again.\n 2. LaunchNode and StartNode likely should be reworked into CreateNode\n and StartNode.\n\nA future change will clean this up, but this is enough to be able to\nimplement cold cluster startup tests.\n\nChange-Id: I2ed34a30c8659e5023866aaa8f4ff19caafb53fd\nReviewed-on: https://review.monogon.dev/c/monogon/+/2942\nTested-by: Jenkins CI\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "e564f17cc268763402ccaed1d2416309568c06f9", "tree": "bc2a39f001bad14a9e6688d7e258ac1640200d83", "parents": [ "d5cabdeb41f24c70ca6977a6f8bfb798719d1df1" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Apr 03 12:06:06 2024 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Apr 25 12:01:18 2024 +0000" }, "message": "m/t/launch/cluster: allow specifying InitialClusterConfiguration\n\nThis allows different tests to run clusters with different\nClusterConfigurations.\n\nChange-Id: I159ced96e95c6762c493c590e596c1a8dd94b35d\nReviewed-on: https://review.monogon.dev/c/monogon/+/2941\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "73e9882a907654dbecfb55ea0f30030e0fedbb1e", "tree": "b69ef493fcdf76614ed82d64f1a9ec8c79bb0375", "parents": [ "07541ae311e9477cf1e5a20af82a81ee77840afe" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Apr 18 23:13:49 2024 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Apr 24 22:29:11 2024 +0000" }, "message": "treewide: cleanup error string formatting\n\nChange-Id: I9012ba58dded916984468219b214200144a439b9\nReviewed-on: https://review.monogon.dev/c/monogon/+/3023\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nVouch-Run-CI: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "ee8c81bebb610af692db594dfbb848c506a5fd6a", "tree": "ced910e5099b8e465516639918e8e336cd27c826", "parents": [ "28296493299f49fe82c2fe4b085ad6cf72097daf" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Apr 03 11:59:38 2024 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Apr 23 12:05:29 2024 +0000" }, "message": "m/t/launch/cluster: make LaunchNode non-blocking\n\nThis is an API change that will help down the line when implementing\nnode shutdowns/startups. It brings the \u0027done\u0027 channel as a LaunchNode\nargument, making the function call itself non-blocking.\n\nChange-Id: Ic536826be8a25b9af9376c771c35c8767641ec8c\nReviewed-on: https://review.monogon.dev/c/monogon/+/2940\nTested-by: Jenkins CI\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "e84726bf41988c062c86968fd17e1a90a53a9174", "tree": "aefd64754a2a02819bd3d0fd012129f635f15b53", "parents": [ "f779b8fbd5b9d7deb17bb8833ade823bd6ebc185" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Apr 17 16:32:32 2024 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Apr 17 16:16:51 2024 +0000" }, "message": "m/test/launch/cluster: make runfile aware\n\nResolving paths from metropolis/... doesn\u0027t seem to work in some tests\n(noticed while reworking E2E test package layout, but I\u0027m not exactly\nsure why it\u0027s only surfacing then...).\n\nChange-Id: Idc30ba79b188f60f0502910ad065aefacdb2db83\nReviewed-on: https://review.monogon.dev/c/monogon/+/2992\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "5e460a92353ec619f4f12fffbe3281d40c85cf61", "tree": "193a72608c05ad45f3a60a4ac84a8f5d731d7f73", "parents": [ "438ae2e52cb0aa8dea021419d921c687330e7d3b" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Apr 11 01:33:09 2024 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Apr 15 21:19:50 2024 +0000" }, "message": "treewide: remove unnecessary types and conversions\n\nChange-Id: Ifcaa9ceeec243b3646c9b6e0a6fad7ef2db8fd90\nReviewed-on: https://review.monogon.dev/c/monogon/+/2954\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "a7a82f32c7e0ab2765cda5f32f8d3bc6ff7a6fca", "tree": "6867ed20da73232d289d0e7b701361a877cd8532", "parents": [ "1ba1e1d299dd398db1c4434e0a0081edacfe3676" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Apr 11 01:40:25 2024 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Apr 15 19:08:20 2024 +0000" }, "message": "metropolis/test/launch/cluster: remove redundant logic\n\nChange-Id: I993ac428f29423da62469a2fcea6b8d1d0ea7b87\nReviewed-on: https://review.monogon.dev/c/monogon/+/2963\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "37cfcc109508d5370900228d5f20f2183ed2d65b", "tree": "8f6ed3609c784eab89d28b8e7b8e5b8ab83a1bda", "parents": [ "c16f0488f8466a3e0ea81fb12ae249fe46bba892" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Mar 21 11:59:07 2024 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Apr 11 15:16:05 2024 +0000" }, "message": "m/test/e2e: Implement TestE2ECoreHA\n\nThis is a basic test which exercises a TPM-sealed three-node cluster by\nperforming a rolling restart of control plane nodes.\n\nChange-Id: Ic6f46192d8ccba1ef7a767988cf5a216beb5a4c6\nReviewed-on: https://review.monogon.dev/c/monogon/+/2884\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "bc969572bb153f88ac164243b4ad82fda435b748", "tree": "a9f50923fbb47025b2d5ebcdf0282464c2b220ad", "parents": [ "19b110bd2f003e9e56bc5b1ca908a342beac9828" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Mar 21 11:56:13 2024 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Apr 11 15:16:05 2024 +0000" }, "message": "m/t/launch/cluster: use Health for node liveness in RebootNode\n\nDepending on just heartbeat timestamps is buggy. A node\u0027s Health is\ncalculated on demand, and the calculation is aware of expected heartbeat\nintervals configured within the cluster, let\u0027s use that, gated by an\nadditional condition to make sure that the last heartbeat has been\nissued after the check has started.\n\nChange-Id: Id5982182a43ae9371b7d25451fedf91df3329218\nReviewed-on: https://review.monogon.dev/c/monogon/+/2882\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "276a746de8b2b551f7088e88c93da0e0b15c99d6", "tree": "de82f9b1f243151c7a7d8d52bb8136a1d07c4f3f", "parents": [ "87d9c59a3b3dbbd4264f9c8b224e58fc5ff18815" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jul 12 21:28:54 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Mar 21 10:09:21 2024 +0000" }, "message": "m/test/e2e: test NodePort\n\nThis was originally written as a test for validating fixes for\nthe issue that NodePort was not working if any non-local pods were in\nthe NodePort service, even for externalTrafficPolicy: cluster services.\nAs it turns out CL:2795 fixed this, the changes in previous versions of\nthis CL broke it again. So now it just consists of the test itself,\nwhich passes.\n\nChange-Id: If4cf4ffc46a5456b4defa330776e043593e61b29\nReviewed-on: https://review.monogon.dev/c/monogon/+/1924\nTested-by: Jenkins CI\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "87d9c59a3b3dbbd4264f9c8b224e58fc5ff18815", "tree": "d927065d7f56bc46207a9df2c60c9c580757e5dd", "parents": [ "5d5d733b9fb3d9892b37840124d959fae07c98b9" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Mar 20 12:35:11 2024 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Mar 20 12:11:01 2024 +0000" }, "message": "m/test/launch/cluster: fix duplicate NodeIDs entries\n\nThis code loop looks for any NEW nodes and inserts them into\ncluster.{Nodes,NodeIDs}. The first structure is a lookup from NodeID to\nnode information, the latter is a list of NodeIDs used to look up\nnumeric node IDs (in order of startup/detection) to NodeIDs.\n\nThe loop in the code runs multiple times to catch any NEW nodes might\ntake a while to appear, and exits once the expected number of nodes have\nbeen detected.\n\nThe bug caused the code to repeatedly insert into Nodes[NodeID] (which\nis fine, but wasteful) and into NodeIDs. The latter resulted in a\nNodeIDs that contained duplicate entries.\n\nTo make sure we only handle each NEW node once, we skip nodes that have\nalready been seen.\n\nThis bug caused us to sometimes act on wrong nodes in E2E tests (any\ntime tests were looking up node number -\u003e node ID -\u003e Node via .NodeIDs\nand .Nodes, they had a chance of picking the wrong node ID / node for a\ngiven node number).\n\nChange-Id: Ie459c8277c0d03902ce23f3b20b0c4e367cc015b\nReviewed-on: https://review.monogon.dev/c/monogon/+/2881\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "87bbf7e4b41500316e93f98bee0564eb2cfb0366", "tree": "c0b34141f5ee75e73a6e490e40540928594453f6", "parents": [ "d6a88022d0c8ffdd2b938f161b8825148762b099" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Mar 18 18:22:25 2024 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Mar 19 12:51:28 2024 +0000" }, "message": "m/test/l/cluster: use sparse-aware copy for images\n\nThis speeds up the image copy significantly as the file is less than 10%\nallocated. Especially for many concurrent runs this greatly reduces disk\nbottlenecking.\n\nThis has been tested by comparing the SHA256 hash of both the original\nand the copied image, which is still the same.\n\nChange-Id: I65f62537f048bc180cd732c53a03f980e016b723\nReviewed-on: https://review.monogon.dev/c/monogon/+/2874\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "68cf38a2ca4fdc370e78e9b8d23e55c0b9cc9c72", "tree": "c0aa9300bdb617fb577e3a0a6b2e802c0ddad15d", "parents": [ "240faa45248cb64227fa74ae57822af0340b884f" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Mar 07 15:52:28 2024 +0100" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Mar 11 16:34:34 2024 +0000" }, "message": "m/t/l/cluster: fix wrong metroctl path in launch-cluster wrapper\n\nChange-Id: I3dfd740fb45809bc81555d87083a0476600f60e1\nReviewed-on: https://review.monogon.dev/c/monogon/+/2836\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "6a328e61aece941c0b91a97c8303c235ce80f596", "tree": "2a4fe2f61f6fa669de2b1df016e8c6df05a70c13", "parents": [ "9ce4071f43ce45198b702176a84342e9a8fc6e90" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Feb 12 17:37:50 2024 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Feb 19 10:08:55 2024 +0000" }, "message": "root: move metropolis-specific tools to metropolis/, rename launch-multi2 to launch-cluster\n\nSince we now have more than one top-level project it makes sense to not\nhave metropolis aliases in the root.\n\nWe also drive-by rename launch-multi2 to launch-cluster and bump it up\nto three nodes.\n\nChange-Id: Ic99065465006e0dace05bcc1f2a702d430014b84\nReviewed-on: https://review.monogon.dev/c/monogon/+/2764\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "244b567d827331be5bcc147562dd00db1d2b6579", "tree": "8a0222cdfbe1fd2e10bc682ec1871ba263bbfae7", "parents": [ "b40b918b88971002fd82f4e172ee347b435e41f5" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Feb 06 10:18:56 2024 +0100" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Feb 12 14:23:45 2024 +0000" }, "message": "treewide: remove direct access to external/\n\nThis prepares the repositoriy to be compatible with the flag\n--nolegacy_external_runfiles. This reduces runfiles \u0026 sandbox creation\n times.\n\nChange-Id: I06720be4a3c873d68d8278dcb24271ed874f7134\nReviewed-on: https://review.monogon.dev/c/monogon/+/2747\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "b40b918b88971002fd82f4e172ee347b435e41f5", "tree": "e225e83ee1cc281b8ba8728efa0a4c1029559faf", "parents": [ "2a1d1b2e90a44e140dd95a492de0c857287e071f" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Feb 06 07:08:35 2024 +0100" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Feb 12 14:11:09 2024 +0000" }, "message": "treewide: replace deprecated qemu short-form option \u0027readonly\u0027\n\nChange-Id: Id9fb95ab8b975cdbe76fc711ab20c16e3a91592a\nReviewed-on: https://review.monogon.dev/c/monogon/+/2746\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "2a1d1b2e90a44e140dd95a492de0c857287e071f", "tree": "392015b9ffa5f6f38da494c0a2fc519f16883113", "parents": [ "5d556cae21803212ac72a3713ed449b412f777af" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Feb 06 07:07:42 2024 +0100" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Feb 12 14:11:04 2024 +0000" }, "message": "treewide: replace datafile pkg with rules_go/runfiles pkg\n\nrules_go/runfiles provides the same functionality as our datafile\npackage. This change also contains some specifics for the now active\nbzlmod, which replaces all WORKSPACE related behaviour. As example the\nWORKSPACE name is now always set to _main.\n\n\nChange-Id: I1a69c72b479330a627b402135670f218c297906f\nReviewed-on: https://review.monogon.dev/c/monogon/+/2745\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "568c38c74f95612fc3c236539b037ebe490302ee", "tree": "8380bdc8956c3843cce7fae9cf4c700576d22d87", "parents": [ "7eeef0f448a4ec1737e2e63961f24f51eec5deae" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Feb 05 14:40:39 2024 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Feb 08 11:10:07 2024 +0000" }, "message": "m/c/metroctl: use TOFU CA for Kubernetes with node pinning hack\n\nNow that we have a persisted CA certificate in metroctl, we can use it\nwhen generating a kubeconfig to verify the cluster.\n\nThere\u0027s a catch though: the presented node certificates do not have any\n\u0027global\u0027 name (just per-node names), and we can\u0027t easily tell Kubernetes\nto trust any name from a given CA. Thus, we introduce a hack to pin the\nname of the node we\u0027re connecting to within the generated kubeconfig.\n\nChange-Id: Iea6aa5c0012c793fcb42a94c3c9bf35ea5787ab1\nReviewed-on: https://review.monogon.dev/c/monogon/+/2744\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "7eeef0f448a4ec1737e2e63961f24f51eec5deae", "tree": "690afce7d61fed7284991d3622d2b4b7f5948c14", "parents": [ "925ec3de7a8562ef478216c77dff68c8235aeabd" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Feb 05 14:40:15 2024 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Feb 08 11:10:07 2024 +0000" }, "message": "m/c/metroctl: implement TOFU for CA certificates\n\nThis implements trust-on-first-use (TOFU) for connecting to a Metropolis\ncluster.\n\nIf no locally persisted CA is available, one will be retrieved from the\ncluster. If it is then accepted, it will be persisted for future use.\n\nTo retrieve the Cluster CA certificate we implement a new\nunauthenticated call in the CuratorLocal service. The alternative would\nbe to include the CA certificate in the served TLS chain, but that would\nlikely cause some backwards compatibility problems with existing client\nsoftware.\n\nFull TOFU (with an SSH style prompt) will be performed when the user\nfirst takes ownership of a cluster. Otherwise, user credentials\nincluding a certificate will be present, which allows the process to be\nsimplified by just retrieving a remote CA and checking it against the\nsignature of the credentials.\n\nChange-Id: I20002399935c2f13adc4526f5cceddad84b36a8f\nReviewed-on: https://review.monogon.dev/c/monogon/+/2743\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "0c2801516b5191472bd4bc1a07ab6f414a805b27", "tree": "ddcffa8351f934c0a7066a6341b8bc6888e90ab3", "parents": [ "ad86a55c9c507478e2c4989f50912d7869164066" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Feb 05 14:33:19 2024 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Feb 08 11:10:07 2024 +0000" }, "message": "m/n/core/rpc: limit API footgun availability\n\nThis unifies the interface of the\nNew{Ephemeral,Authenticated}Credentials calls. They now use the same set\nof CredentialsOpt options which allows both calls to request a\nparticular verification of the remote side of the connection.\nNewEphemeralCredentials also now requires an explicit WantInsecure\noption which surfaces attempts to dial the cluster without CA/node\nverification.\n\nChange-Id: Ibb65cb0952f6ff2092a3f55fe1c5a31bd2b72b36\nReviewed-on: https://review.monogon.dev/c/monogon/+/2741\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "62f1d3680947e1d78bacf2a7277fb4b2007ebacb", "tree": "38c2fe1d57b68788f79ae018075b246f228310cc", "parents": [ "60461b2b23eb57319525a3e00d7ae57e51598ebc" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Nov 14 16:18:24 2023 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Nov 14 16:44:03 2023 +0000" }, "message": "treewide: stop using LZ4 for initrd compression\n\nThere are two issues at play here: One is a bug in pierrec/lz4 when\nusing the legacy framing format [1]. This bit us when we hit a broken\nsize region with CL:2130, taking hours to debug.\n\nThe other is the fact that the Linux LZ4 frame format has significant\ndesign issues [2], especially with concatenanted initrds.\n\nThe first issue could be fixed by switching to a different LZ4\nimplementation (we do even have the reference impl in the monorepo) but\nthere is no API to generate the legacy frame format and things like [3],\na patch carried by Ubuntu to fix more edge cases just do not inspire\nconfidence in such a solution.\n\nThus, this CL switches over to using zstd for compressing initrds.\n\nZstd is slower than LZ4 for decompressing, but it still decompresses at\nmultiple GB/s per core while having a much better compression ratio.\nIt also doesn\u0027t have any Linux-specific bits and Linux uses the\nreference implementation for decoding, which should make it much more\nrobust. So overall I think this is a good tradeoff.\n\n[1] https://github.com/pierrec/lz4/issues/156\n[2] https://github.com/lz4/lz4/issues/956#issuecomment-736705712\n[3] https://launchpadlibrarian.net/507407918/0001-unlz4-Handle-0-size-chunks-discard-trailing-padding-.patch\n\nChange-Id: I69cf69f2f361de325f4b39f2d3644ee729643716\nReviewed-on: https://review.monogon.dev/c/monogon/+/2313\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "1dc60af36a57d434689032234fdc9e9d00ed957e", "tree": "df6f6d4fef63fb3fa13b4f06b9a06e0339caaec2", "parents": [ "e0c0617e33e3b9c9a69b150189b1b13c010de9e0" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Oct 03 15:40:09 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Oct 05 13:46:24 2023 +0000" }, "message": "m/node: replace image genrule with proper rule\n\nThe genrule has issues with transitions so replace it with a proper\nrule.\n\nChange-Id: Ie5c38ae17da07a3694a6d0ea7a6580c588916175\nReviewed-on: https://review.monogon.dev/c/monogon/+/2205\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "be25a3b839debc10817670fac0c20660a87bea12", "tree": "df5c6ef648ad41fb5037a53976835709737454bd", "parents": [ "b551b65225b7398ed4eb8b3361f50c7998f56ce1" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jul 19 16:31:56 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 24 14:52:41 2023 +0000" }, "message": "metropolis/test/launch/cluster: expose metrics port\n\nChange-Id: I2ef17374db665c5491f9594de2ae4474be5163a4\nReviewed-on: https://review.monogon.dev/c/monogon/+/1948\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "150f24a5421dc1449d79a801524a7c98754f7bca", "tree": "c4f69b7e6260a241f3d946b36eda309e2539ccba", "parents": [ "901c7326fe067707812757e4e9409f756edf0e37" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 13 20:11:06 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jul 19 12:17:34 2023 +0000" }, "message": "metropolis/test: use localregistry\n\nThis removes everything but the preseed test image from the preseed\nimage pool, instead opting to serve all test image via localregistry.\n\nThe registry API is served from a dedicated IP inside the virtual\nnetwork and forwarded to an ephemeral listener on the host. The relevant\ninfrastructure is added to the launch package.\n\nAs it is required to add configuration to containerd for this registry\nanyways as it does not and should not have TLS we take that opportunity\nto give it a descriptive name (test.monogon.internal).\n\nVisibilities of images are also adjusted as they are now referenced much\ncloser to their point of use.\n\nAgainst main this saves 51MiB in bundle size (289MiB -\u003e 238MiB).\n\nChange-Id: I31f732eb8c4ccec486204f35e3635b588fd9c85b\nReviewed-on: https://review.monogon.dev/c/monogon/+/1927\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "a0bc6d3f0ce4f3a73eb0019e4f18f508ee36ce21", "tree": "6f77b3184d1cd558dfd8f29437fb61c2e74df431", "parents": [ "3722025f8ed0b46eb7f48c7c0fbfc53de9e84340" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 28 18:57:40 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 03 08:03:11 2023 +0000" }, "message": "m/test/e2e: split core/kubernetes tests, clean up\n\nThis splits the large TestE2E function into two separate functions and\ntests: one which exercises the core functionality of Kubernetes, the\nother which exercises just the Kubernetes bits.\n\nThis allows for easier testing during development, and generally trades\noff higher resources usage for faster execution time in CI.\n\nAt the same time we do some small cleanups of the E2E functionality:\n\n 1. Node startup is now parallelized.\n 2. Non-bootstrap nodes can now be left in NEW (this was used in\n diagnosing issue #234, but it currently unused in the main code).\n 3. Kubernetes access now goes over SOCKS.\n 4. Some Cluster helper functions have been added.\n\nAll in all this should allow us writing more E2E tests in the future,\nand at some point also maybe turn Cluster into an interface that is\nimplemented both by the current framework but also some persistent tests\nrunning against long-term VMs/physical machines.\n\nChange-Id: Ia4586b2aaa5fc8c979d35f4b49513638481e4c10\nReviewed-on: https://review.monogon.dev/c/monogon/+/1870\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "54e212a9914ad8003fc4e353f96651340d287c2d", "tree": "df3b1624d9679e30aefac9b98b2f9b91523eca0b", "parents": [ "d34299ebe13211802739d698e526be78161eac6f" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 14 13:45:11 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 11:37:55 2023 +0000" }, "message": "metropolis: implement Metrics Service\n\nThis is the first pass at a Metrics Service. It currently consists of an\nHTTP reverse proxy which authenticates incoming connections using the\nCluster CA and certificates, and passes these connections over to a\nlocally running node_exporter.\n\nIn the future more exporters will be added, and we will likely also run\nour own exporter for Metropolis-specific metrics.\n\nChange-Id: Ibab52aa303965dd7d975f5035f411d1c56ad73e6\nReviewed-on: https://review.monogon.dev/c/monogon/+/1816\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "ce68ab953ef5501a3da3367372daf25801bc0ee7", "tree": "898dc33bb8a97345b6c3e1ace3ec29c1eb6a5234", "parents": [ "3a3c517696210f23f2c1d74d766ddf5750a3f4b8" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 06 03:32:39 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 06 11:20:51 2023 +0000" }, "message": "m/t/ktest: allow more memory and extra fssepcs\n\nktest until now used the QEMU default memory which is only 128MiB which\ncan be insufficent for tests with more data. Increase that to 1GiB\nwhich is a more reasonable limit. Since ktest doesn\u0027t use any filesystem\ncache in practice this shouldn\u0027t be using much more memory.\n\nAlso allow adding additional fsspecs to ktest which get integrated into\nthe test initramfs.\n\nChange-Id: Ib1a1611cb8e3fdce11a3fac7c0c1ed04097032ea\nReviewed-on: https://review.monogon.dev/c/monogon/+/1788\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "630fb5c5349b13330b7de6f8300b495b801db061", "tree": "9d946ba0dd34a6ba0567f4f7120174797e29a8fe", "parents": [ "1fb2b10801eb4ea56a1e00f174923ec83f039623" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Apr 06 10:50:24 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Apr 06 09:55:51 2023 +0000" }, "message": "m/test/e2e: deflake\n\nNow that nodes don\u0027t heartbeat before they have critical ESP data\npersisted, we can simply make sure they heartbeat before any disruptive\nreboot and that will remove our biggest source of flakiness in E2E\ntests.\n\nChange-Id: I9d4483015341157af6b27c8bd98f5df64da229d2\nReviewed-on: https://review.monogon.dev/c/monogon/+/1499\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "8535cb5bc5437960430ff94d3ea7280ccf931340", "tree": "57edb5cf064ad8b43aef52c1bbb974dd5cce7c26", "parents": [ "30fd15406e2c9cba7391f6af96c775b313a115fa" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Mar 29 14:15:08 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Mar 29 17:18:22 2023 +0000" }, "message": "m/n/core/rpc: implement node verification in authenticated connections\n\nThe current API of NewAuthenticatedCredentials is not easily extensible,\nso switch over to such an API now.\n\nThis then adds a WantRemoteNode option which verifies that the remote\nconnection is established to a node with a given ID.\n\nChange-Id: Ie9f6b33d8b032729181bae5591eba9856ea2f523\nReviewed-on: https://review.monogon.dev/c/monogon/+/1427\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "d09c58f33c523c9395446122fc552c58dbab80cc", "tree": "c1438cddc469da77cf1640e672894e99123bb827", "parents": [ "ce19acc9d66055d912287d9f1f26c08d3df55aa8" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Fri Mar 17 00:25:08 2023 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Mar 21 17:56:13 2023 +0000" }, "message": "m/test/launch: do not pipe node logs to stdout in //:launch-multi2\n\nChange-Id: I9e74ca8d6121725b9d38c910f80759c3c6b932a0\nReviewed-on: https://review.monogon.dev/c/monogon/+/1372\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "1f8cad7568ad2e8e539fe44f1b2d51e1f2a19fd5", "tree": "ed38d5ecb2f775c73c0ac8c23a68e610ce261591", "parents": [ "d174e556db5e2ad25e406babf34442a529756081" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Mar 20 16:58:10 2023 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Mar 21 16:39:39 2023 +0000" }, "message": "m/{cli,test/launch}: integrate launch/cluster with metroctl\n\nThis makes test-launch2 (and possibly later any other code that uses the\nlaunch/cluster library) tell the user that they can connect to the newly\nlaunched cluster using metroctl, either by using specific flags, or\nusing a wrapper script, or using kubectl.\n\nChange-Id: I54035ee02f3cbab3d17f46b1f1685b91aab275a9\nReviewed-on: https://review.monogon.dev/c/monogon/+/1373\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "05f813bf2d311f94dbc8021a85b37ff7c2e33242", "tree": "861772847ef842bbdc362224c442a7679b8b10f2", "parents": [ "cc4e96aed59648a3c4ac3faf3755deff4bb7f656" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Mar 16 17:58:39 2023 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Mar 16 20:52:16 2023 +0000" }, "message": "m/test/e2e: use concise-style logging\n\nMaking our test logs look like LogEntry.ConciseString() means we have\nsignificantly more readable test logs.\n\nChange-Id: I0b1eab6a5a837bb2001f3b32779c23df2feaa381\nReviewed-on: https://review.monogon.dev/c/monogon/+/1362\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "e2a302a9062d3ebfc33ad83dd382653e067ca009", "tree": "55165c3da49a1f7b4604c4db85b59bb305011718", "parents": [ "7fbf10455fd61b4c34182be5cdb3a53fd9897d4b" ], "author": { "name": "Leopold", "email": "leo@monogon.tech", "time": "Sun Jan 15 15:39:18 2023 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Thu Jan 19 19:07:21 2023 +0000" }, "message": "metropolis/test/launch: convert :launch to a test\n\n\"bazel run\" simply executes the binary outside the sandbox, so swtpm\nand other dependencies from the sandbox sysroot won\u0027t be available.\n\nIf swtpm is installed on the host, running the _bin target still works,\nbut it\u0027s better to point contributors to something that works\nout of the box.\n\nThis is a temporary workaround. Tests have timeouts and take the global\nBazel server lock. The correct solution is a static swtpm build\nwhich can run outside the sandbox.\n\nChange-Id: Icf7bf5cc44825df676d37a75ea9c1e135de14fef\nReviewed-on: https://review.monogon.dev/c/monogon/+/1078\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "acfad5b4d130084d58235a1eae54f4c51f936e44", "tree": "ecfbf0e9635fa4a6ef49b524c914834eb195f986", "parents": [ "af5086bfe505940699203d158ffa89307f28ebde" ], "author": { "name": "Leopold", "email": "leo@monogon.tech", "time": "Sun Jan 15 14:05:25 2023 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Mon Jan 16 13:54:47 2023 +0000" }, "message": "m/test/launch/cluster: add pcap dump\n\nDump all network traffic by default to help debug failed tests.\n\nChange-Id: I5466639fa00501373690bd95452b85b61fb5b172\nReviewed-on: https://review.monogon.dev/c/monogon/+/1076\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "af5086bfe505940699203d158ffa89307f28ebde", "tree": "3ec03923903f2a5f9262f1b9ee79b6e80158520b", "parents": [ "20a036ee94d0999ab632de4f9c2d1feff192d72b" ], "author": { "name": "Leopold", "email": "leo@monogon.tech", "time": "Sun Jan 15 14:12:42 2023 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Mon Jan 16 12:44:48 2023 +0000" }, "message": "m/test/launch: print qemu options at startup\n\nChange-Id: I35b234301e7c06a910127a4cf2c1573d23af45a9\nReviewed-on: https://review.monogon.dev/c/monogon/+/1077\nTested-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "20a036ee94d0999ab632de4f9c2d1feff192d72b", "tree": "47b90debe3873ee1d8075ffac1995f3769bdae31", "parents": [ "afb925b446e4f13a05a36f1d87e6b8a1f5a2e27a" ], "author": { "name": "Leopold", "email": "leo@monogon.tech", "time": "Sun Jan 15 00:17:19 2023 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Mon Jan 16 12:37:51 2023 +0000" }, "message": "Fix some typos/grammar/variable shadows\n\nChange-Id: I43e78ec7931399c4f60f431d659953f084db7172\nReviewed-on: https://review.monogon.dev/c/monogon/+/1074\nTested-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "28800ad9a591c8a9dbbba4f21de51d8e07443b1e", "tree": "4ea4604d271543acaf928a987e2c6b3937bc435f", "parents": [ "f777496512bc553faeb5e17c818a118c6a057817" ], "author": { "name": "Mateusz Zalega", "email": "mateusz@monogon.tech", "time": "Fri Jul 08 14:56:02 2022 +0200" }, "committer": { "name": "Mateusz Zalega", "email": "mateusz@monogon.tech", "time": "Mon Jul 11 12:09:15 2022 +0000" }, "message": "m/p/common: use protobuf.Timestamp in NodeStatus\n\nThis updates NodeStatus to use google.protobuf.Timestamp.\nSee: issue #129.\n\nChange-Id: I7902908a885a909d5ad6e232333037add5fb02e2\nReviewed-on: https://review.monogon.dev/c/monogon/+/831\nTested-by: Jenkins CI\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "58ddc0981614e7582a3ad5a505d64e4c48cd2800", "tree": "3060609a9e68a4a032c133330c5f2f18218e52be", "parents": [ "5bb8a33c73eb418729227e071af6777703913a65" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 30 18:23:33 2022 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 30 17:55:07 2022 +0000" }, "message": "m/n/c/r/resolver: allow disabling curator updater\n\nThis allows some resolvers to not attempt to contact the cluster for\ncurator node updates. We use this in the Join and Register resolvers as\nthey don\u0027t have permission to access this data anywa.\n\nWe also generalize Resolver options into a proper WithX setup. We also\nuse this opportunity to move the resolver creation in node code outside\nof the roleserver, as it should have been in the first place.\n\nChange-Id: I1cc227711d784e07959371873029e09fc8cd1b99\nReviewed-on: https://review.monogon.dev/c/monogon/+/808\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "5bb8a33c73eb418729227e071af6777703913a65", "tree": "243c70849397b0a708864eb2b7a3d02ec5d41f4e", "parents": [ "b43d0f0765916e029db8f784e44659fc8468e945" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 23 17:41:33 2022 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 30 15:55:44 2022 +0000" }, "message": "m/t/launch: use cluster resolver\n\nThis makes the cluster launch framework use a resolver to connect to\ncluster nodes after credential escrow has been performed.\n\nChange-Id: I09b0ec50bdb758e0c91e505a3c51839bb274f959\nReviewed-on: https://review.monogon.dev/c/monogon/+/797\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "1fbc5975a74174c3719ae2a15b60d202b6b4e609", "tree": "48ea22a01ede3bd490bf590d3cf2d3fef339d620", "parents": [ "9d9711884e042066b1f9ba51b7d9665596828748" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 22 13:36:16 2022 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Fri Jun 24 09:26:31 2022 +0000" }, "message": "m/test/launch/cluster: print nanoswitch logs\n\nChange-Id: I3a034e075aa253ecb4ef6306e50686a6d44aab80\nReviewed-on: https://review.monogon.dev/c/monogon/+/792\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "e90f4a1c0e0d33f7cac7ab53773e40409c86a3ab", "tree": "d3e4aea64b329241e17fa063e6585fe3212583a4", "parents": [ "32b192929c34e408bec6286de471313a4cfce5e2" ], "author": { "name": "Mateusz Zalega", "email": "mateusz@monogon.tech", "time": "Wed May 25 18:24:01 2022 +0200" }, "committer": { "name": "Mateusz Zalega", "email": "mateusz@monogon.tech", "time": "Tue May 31 12:58:47 2022 +0000" }, "message": "m/t/launch: prevent a TPM socket race with QEMU\n\nThis deflakes e2e tests by making sure that TPM emulator\u0027s socket\nbecomes available before QEMU is launched in LaunchNode.\n\nChange-Id: I2ca937ca0cd4712552805dc16fcbf7949f672ff3\nReviewed-on: https://review.monogon.dev/c/monogon/+/701\nTested-by: Jenkins CI\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "08cb464d60f859ad029a52abe161cae02a0bf405", "tree": "098f8216960af32afe8ee6059c01a4e10045e7ad", "parents": [ "4f6fad3a6ed4e244c97aa5cb486aec5ca676c465" ], "author": { "name": "Mateusz Zalega", "email": "mateusz@monogon.tech", "time": "Wed May 25 17:35:59 2022 +0200" }, "committer": { "name": "Mateusz Zalega", "email": "mateusz@monogon.tech", "time": "Fri May 27 10:24:12 2022 +0000" }, "message": "m/t/launch: log LaunchNode errors in LaunchCluster\n\nLaunchNode errors that were made available through Cluster.nodesDone,\nreturned by LaunchCluster, weren\u0027t actually logged anywhere in the\nrepo, resulting in a significant blind spot.\n\nChange-Id: I12fd5a072330253e00cc57c0b6a29411a65c0d56\nReviewed-on: https://review.monogon.dev/c/monogon/+/700\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "0246f5eb3a48f8a521ab20d776b923fcf0af6e1c", "tree": "73ff4458a28566fa580c116958aeceb222d7e4ac", "parents": [ "2930e9966deca2ebcb9b497d4d133ffb6258ed87" ], "author": { "name": "Mateusz Zalega", "email": "mateusz@monogon.tech", "time": "Fri Apr 22 17:29:04 2022 +0200" }, "committer": { "name": "Mateusz Zalega", "email": "mateusz@monogon.tech", "time": "Tue May 03 12:11:19 2022 +0000" }, "message": "m/test: implement non-transient QEMU VMs\n\nThis patch reworks the launch code, enabling rebooting of cluster\nmember VMs, while precluding erasure of their transient state (disk\nimage, OVMF firmware variables, TPM state, MAC address).\n\nRebootNode method included in this patch is cluster-aware in the sense\nthat it blocks until the node has re-joined the cluster.\n\nChange-Id: Ie1236297d214399e927a67295200f8b8879a5b39\nReviewed-on: https://review.monogon.dev/c/monogon/+/664\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "be74284cb84581b7217a934d2a771edb7c948223", "tree": "c943b51d32f0f0c0f81b97faa4660a9099b3caee", "parents": [ "fe7134b0b25b620b6f40b1f41f37ab93fca6d3c0" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Apr 04 13:18:50 2022 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Wed Apr 06 09:52:24 2022 +0000" }, "message": "m/test: implement SOCKS proxy in cluster tests\n\nThis uses the new socksproxy package to run a proxy server in the\nnanoswitch, and uses it within tests to access the test cluster\u0027s nodes.\n\nThe cluster test code (and nanoswitch) still forward traffic to the\nfirst node, but this will be gradually removed as SOCKS support is\nimplemented in metroctl and the debug tool. Forwards from host ports to\ndifferent node can then be implemented as part of the dbg tool (instead\nof the cluster launch code) to maintain a simple interface during debug\nand development.\n\nWe also use the opportunity to make the non-cluster launch code not\nMetropolis specific (by removing an assumption that all ports on all\nnodes are Metropolis ports). In the long term, we will probably remove\nnon-cluster launches entirely (or further turn this code into just being\na \u0027launch qemu\u0027 wrapper).\n\nChange-Id: I9b321bde95ba74fbfaa695eaaad8f9974aba5372\nReviewed-on: https://review.monogon.dev/c/monogon/+/648\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "d13c1c64387ca9a83bb832a3faa5c4b07268d265", "tree": "0c0f534db4726e4400486aad25235e8c573d455e", "parents": [ "79a1a8f9dd49afe8e0a2364c4586b8f39525b204" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Mar 30 19:58:58 2022 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Apr 05 10:35:29 2022 +0000" }, "message": "treewide: switch to gomod and bump everything\n\nThis switches version resolution from fietsje to gomod and updates\nall Go dependencies. It also bumps rules_go (required by gVisor) and\nswitches the Gazelle naming convention from go_default_xxx to the\nstandard Bazel convention of the default target having the package\nname.\n\nSince Kubernetes dropped upstream Bazel support and doesn\u0027t check in\nall generated files I manually pregenerated the OpenAPI spec. This\nshould be fixed, but because of the already-huge scope of this CL\nand the rebase complexity this is not in here.\n\nChange-Id: Iec8ea613d06946882426c2f9fad5bda7e8aaf833\nReviewed-on: https://review.monogon.dev/c/monogon/+/639\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "399ce5537c9d74b2335add19dcb6a4043d9468b5", "tree": "a7e086c69c69f8745ca123764c6929e090e0d80b", "parents": [ "0ea448a92ad342bcb0ecb05a2aa9652ebe48b62a" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Mar 29 12:52:42 2022 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Wed Mar 30 15:50:59 2022 +0000" }, "message": "m/n/core/rpc: provide lower-level gRPC dialing constructs\n\nThis replaces the 2x2 cartesian product of ready-made dialing functions\n(New{Authenticated,Ephemeral}Client{Test,}) with plain gRPC Dial\nOptions.\n\nThis is partially to reduce the magical aspect of the RPC library (after\nall, we are just using gRPC here, no need for these wrappers), but\nmostly in preparation for having another dimension added: dynamic\ncluster resolving, which will also be just provided as a Dial Option.\n\nChange-Id: Id051ca5204e4b44afcc10164f376ccf08af46120\nReviewed-on: https://review.monogon.dev/c/monogon/+/640\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "942f5e2188f67d78fe8da86f42e1902427792f2b", "tree": "b3465cd8996a224a678f12cf1d858173077dadd1", "parents": [ "d3ce0ac027b205b1eeccbbcb062c9d417e205df4" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jan 27 15:03:10 2022 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Mar 08 12:05:38 2022 +0000" }, "message": "b/ci: update build container to Fedora 35\n\nFedora 32 is EOL since over half a year, update to the current stable\nFedora release.\n\ntoolchains: adds clang as it\u0027s no longer part of the llvm package,\nchanges toolchain path references to GCC 11, and rebuilds the sysroot.\n\nedk2: update to latest stable (old version cannot build with a newer\nminor version of Python 3) and patch to disable -Werror and make the\nnewer included Brotli version work as it natively includes BUILD\nfiles which need to be patched out to make the source files accessible.\n\nlinux: add patch to fix PVH ELF note entrypoint with binutils 2.32+ as\notherwise the .notes section gets emitted with broken alignment.\n\nm/t/launch: RunMicroVM is broken if SerialPort is not set with newer\nQEMU versions because fcntl(2) fails to interact with a broken file\ndescriptor. This is due to a confusion between nil interfaces and\ninterfaces containing a nil pointer causing Go to improperly pass the\nfile descriptor. Changing the type of SerialPort to the actual\ninterface resolves the issue.\n\nChange-Id: I03a8cbf4f80a7363794dad1ff62ccb57e778cac3\nReviewed-on: https://review.monogon.dev/c/monogon/+/529\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "636032e843efcdef0716ed9956f40642d07b8d4c", "tree": "9499a197eec2483636b1fc940d8b7e78d3a29161", "parents": [ "5839e97231f31fac6730a1d553fe7114d37a1521" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jan 26 14:21:33 2022 +0100" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Wed Feb 23 16:15:54 2022 +0000" }, "message": "m/test/launch: fail ROC on non-UNAVAILABLE errors\n\nThis makes RetrieveOwnerKeys fail fast in tests if some non-transient\n(ie. non-UNAVAILABLE) error is encountered. I hit this while developing\nsomething around the codebase and it took me way too long to figure out\nwhy the e2e test was stalling.\n\nThis really begs doing a pass on all retry loops to make sure we don\u0027t\nget stuck like this. Perhaps we should formalize this, too.\n\nChange-Id: I048f5ac79802330f789e67ba316bc38f04d83331\nReviewed-on: https://review.monogon.dev/c/monogon/+/531\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "b6a9d3c613847de99be456f17c6b18cc4d1c4e63", "tree": "65aa9692174230796bfcc30aba663d5063190d6b", "parents": [ "26d5225a142057b6eb04cff9ba86173a6682b626" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jan 27 18:56:20 2022 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Feb 08 13:06:05 2022 +0000" }, "message": "m/n/build: implement new fsspec infrastructure\n\nThis makes the node_initramfs and erofs_image use the new common fsspec\ninfrastructure. It also adds the fsspecs attribute to both which can\nlater be used to add arbitrary fsspecs.\n\nChange-Id: I384e04712c0a70f82c5c975911cbb1d0d5e6cabc\nReviewed-on: https://review.monogon.dev/c/monogon/+/530\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "cc078df2124306799c66786833746999259ea792", "tree": "43807fcfec2196430b4bd4def124dad2231451db", "parents": [ "8c2c771a750f30b3edf240fc8352e777795e989b" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Dec 23 11:51:55 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Feb 02 14:07:37 2022 +0000" }, "message": "m/n/kubernetes: implement Metropolis authenticating proxy\n\nThis implements an authenticating proxy for K8s which can authenticate\nMetropolis credentials and passes the extracted identity information\nback to the Kubernetes API server. It currently only handles user\nauthentication, machine-to-machine authentication is still done by the\nAPI server itself. It also adds a role binding to allow full access\nto the owner as we do not have an identity system yet.\n\nChange-Id: I02043924bb7ce7a1acdb826dad2d27a4c2008136\nReviewed-on: https://review.monogon.dev/c/monogon/+/509\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "075465c4f4437d6bcd0326cd673aedf2b5bbc686", "tree": "057c78acaff2b9f9770bbed6f225dd6f0468e8e3", "parents": [ "0e057feb0b5c932e1b86ba769ad92bfc9bfdcd65" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Nov 16 15:38:49 2021 +0100" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Tue Jan 25 14:27:03 2022 +0000" }, "message": "m/t/launch: multi-node launches, prefixed stdout\n\nThis reinstantiates //:launch-test2, with some small fixes for usability\n(prefixed stdout and GetNodes retries to handle cluster connectivity\nissues as the cluster grows).\n\nWe also drive-by port //:launch-test2 and //:launch to use the new and\nshiny clicontext package.\n\nChange-Id: I62a1d827b2087f1173abf19e792a2088dc8b80bb\nReviewed-on: https://review.monogon.dev/c/monogon/+/485\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "e78a08987e48aa5d9f77954886b7cc544f218638", "tree": "77d91020801cf19d2979db69495e40f3aeb889d5", "parents": [ "957c5b142abf8976c212ae013e6c36c4ff80f6c8" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Oct 07 17:03:49 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Thu Dec 09 17:51:43 2021 +0000" }, "message": "m/n/c/cluster: implement register flow\n\nChange-Id: I197cbfa96d34c9912c7fc19710db25276e7440fc\nReviewed-on: https://review.monogon.dev/c/monogon/+/454\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "764a2de7911a42d57720911332a12895f0aad707", "tree": "dd0e31cee8fb5c753a762462e9eb16f776c3ec73", "parents": [ "e65731049afb6fd49da80f064fa40a28c9d5741d" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Nov 22 16:26:36 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Nov 22 20:39:51 2021 +0000" }, "message": "tree-wide: rewrite ioutil functions to their replacements\n\nThe ioutil package has been deprecated in Go 1.16 [1]. This CL removes\nall our own users of that package and rewrites them to use their\nreplacements in the os package. I initially wanted to do this with a\ngofix but because all replacements were signature-compatible I just\ndid it with a few string replaces and then ran goimports to fix up the\nimports.\n\nI intentionally didn\u0027t rewrite the patches as that would require a\ndifferent process and is IMO of less value.\n\n[1] https://github.com/golang/go/issues/42026\n\nChange-Id: Iac6663a1f1ee49f9b1c6e4b3d97e73f2c3b54a13\nReviewed-on: https://review.monogon.dev/c/monogon/+/449\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "52304a8aa84604846e316e28c955b67e68c52f34", "tree": "df8518bb50b9665af7f4897665d8aa16f4a43e7f", "parents": [ "ba7bf7dc83c15cbd94a1f71b7992df7d7fc7d752" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Fri Oct 29 16:56:18 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Wed Nov 03 11:36:20 2021 +0000" }, "message": "m/node: implement Port type for node ports\n\nThis allows us to use %v/%s to get a pretty port name where needed.\n\nWe also drive-by remove MasterServicePort which is a leftover from\na pre-curator cluster service implementation.\n\nChange-Id: Id8feddf87269b13dd1dad2460a015c1a7ecbc6d7\nReviewed-on: https://review.monogon.dev/c/monogon/+/418\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "66e589595ecbefdc1466ea5e98e9c237e3300f8e", "tree": "c5bf14131ce984dea96ee6825c12b5e3cf7a342a", "parents": [ "a1a96b454eb3c21d03b7f95f1917dd6ce1b84b8a" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Oct 05 17:06:56 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Mon Oct 11 13:27:02 2021 +0000" }, "message": "m/test: refactor cluster launch code, use for e2e tests\n\nThis is a light dust-off pass for the existing cluster launch code.\nNotably, we separate Metropolis-specific code into a subpackage\n(allowing us to make the package itself depend on the required\nnode/kernel images, without introducing dependency loops or unnecessary\ndependencies on the Metropolis node image).\n\nWe also make the LaunchCluster code return an already authenticated\nManagement client, and subsequent changes will use this client to add\nmore nodes to the running cluster.\n\nWe then move the E2E test to use LaunchCluster instead of LaunchNode, in\npreparation for running a multi-node cluster in the E2E test.\n\nWe also add some more log calls and clean up the existing ones to make\nit clear which subsystem (launch, launch/cluster or e2e) is respondible\nfor each message.\n\nChange-Id: I838bdc75073831fe94b9cdcef4fb3ab6bf8cba2c\nReviewed-on: https://review.monogon.dev/c/monogon/+/343\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "96043bc1cb55b1271b21309b2011d64d2361a0fd", "tree": "b4db59595d8635154de74b0a244a6bb28bc52d2d", "parents": [ "3379a5d0ffcd652031c135f2ffe7600272fa0093" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Oct 05 12:10:13 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Tue Oct 05 17:29:16 2021 +0000" }, "message": "*: import reformats\n\nAs caused by my IntelliJ/gofmt locally. We really need to do gofmt\nchecks in CI, especially now that we nearly have the tooling ready for\nit.\n\nChange-Id: Id105ba9ad8a34b8b8e883d52d621d47b0ea888d7\nReviewed-on: https://review.monogon.dev/c/monogon/+/338\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "d7d6e0284de38cbeeb185ca17c0853b4b2c10ee9", "tree": "37e0b443caf904f0b78d423ba6580c1416f5bc11", "parents": [ "9ffa1f9577003ab70a6b483475874f3552d1ccc3" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Sep 01 15:03:06 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Fri Sep 03 11:15:40 2021 +0000" }, "message": "m/n/core/rpc: create library for common gRPC functions\n\nThis is the beginning of consolidating all gRPC-related code into a\nsingle package.\n\nWe also run the Curator service publicly and place it behind a new\nauthorization permission bit. This is in preparation for Curator\nfollowers needing access to this Service.\n\nSome of the service split and authorization options are likely to be\nchanged in the future (I\u0027m considering renaming Curator to something\nelse, or at least clearly stating that it\u0027s a node-to-node service).\n\nChange-Id: I0a4a57da15b35688aefe7bf669ba6342d46aa3f5\nReviewed-on: https://review.monogon.dev/c/monogon/+/316\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "1f9a03b3f952320824b1ae49e56da3cb814cd5b0", "tree": "315ea3ca5711b2dca9173dcf825c18e031affa84", "parents": [ "b9044c888097757c36933062f27b5f5ee103ee5f" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Aug 17 13:40:53 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Tue Aug 24 17:26:20 2021 +0000" }, "message": "m/test/e2e: retrieve owner credentials in e2e test\n\nThis exercises AAA.Escrow for the initial cluster owner within our large\ne2e test suite. The certificate retrieved this way is not yet used, but\nis verified to be emitted for the correct public key.\n\nChange-Id: Id33178cd223e3180d6f834c6fac94d6d657d5349\nReviewed-on: https://review.monogon.dev/c/monogon/+/290\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "5b2ae5500a90dc48b9713095e5f1580b9c9646d9", "tree": "1f6efbed2aa20716c18772bb30dbafacd6f07db3", "parents": [ "03758714f4b7be2a712831beecfdfcbf151b4c66" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Aug 17 13:00:14 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Mon Aug 23 12:26:16 2021 +0000" }, "message": "m/n/c/curator: listen on public gRPC\n\nThis enables listening on CuratorPort (which was called\nNodeServicePort) using TLS node certificates. No service is yet running\non the new gRPC listener.\n\nChange-Id: I436ac1ae9cbdb257419ad114262fc2a7516396b1\nReviewed-on: https://review.monogon.dev/c/monogon/+/288\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "216fe7b3ae949376467f626f339423a31ea7da97", "tree": "b0fe587b671a76bf6229339825d2a61df7fc847b", "parents": [ "6ebdc418f3c4799c12368e34ea78dc9c9757fb54" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri May 21 18:36:16 2021 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri May 28 17:54:03 2021 +0200" }, "message": "*: reflow comments to 80 characters\n\nThis reformats the entire Metropolis codebase to have comments no longer\nthan 80 characters, implementing CR/66.\n\nThis has been done half manually, as we don\u0027t have a good integration\nbetween commentwrap/Bazel, but that can be implemented if we decide to\ngo for this tool/limit.\n\nChange-Id: If1fff0b093ef806f5dc00551c11506e8290379d0\n" }, { "commit": "be57a039071a451763adc6c3456b7d79ca1999bb", "tree": "391ebab65e54c88c0b101a137371b283c5fd3812", "parents": [ "3536e4d4923e76486167c85c2b09a1cf4ca5502d" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue May 11 13:41:52 2021 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue May 11 13:42:23 2021 +0200" }, "message": "m/test/launch: fix TPM tempdir permissions, wrap errors\n\nOn Linux, the following generally fails:\n\n $ cd /tmp\n $ mkdir test\n $ cd test/\n $ chmod 644 .\n $ touch foo\n touch: cannot touch \u0027foo\u0027: Permission denied\n\nThis changes our launch code to create a temporary TPM directory with\n755 instead of 644 permissions, preventing a situation like above\nmanifesting in our new CI.\n\nThis didn\u0027t manifest before as we always ran builds through podman, and\nthere this behaviour doesn\u0027t appear to hold, probably because we are uid\n0 there:\n\n $ podman exec -it monogon-dev bash\n bash-5.0# id\n uid\u003d0(root) gid\u003d0(root) groups\u003d0(root) context\u003dunconfined_u:system_r:spc_t:s0\n bash-5.0# cd /tmp/\n bash-5.0# mkdir test\n bash-5.0# cd test/\n bash-5.0# chmod 644 .\n bash-5.0# touch foo\n\nWe also drive-by some unwrapped error returns to be a bit more helpful.\n\nTest Plan: Tested on new CI, manually.\n\nX-Origin-Diff: phab/D773\nGitOrigin-RevId: 5a55a7878109717f0c17251a659dfc6ee04b94f4\n" }, { "commit": "f055a7fce0263a30fd2c853b5ed002a765fc23e8", "tree": "de2dc0daeebfc7ecce2b1987ffb13eb4f2475088", "parents": [ "2666513457e8d7a282560a7090f35439ab9695ce" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Apr 13 16:22:33 2021 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Apr 14 14:35:09 2021 +0200" }, "message": "third_party/linux: build using unhermetic rule\n\nThis replaces ad-hoc genrules (for the node Linux image and the ktest\nimage) with a real Bazel rule with an attached transition which ensures\nwe end up with the same-ish configurations for all builds of an image.\n\nThis reduces rebuilds of the ktest Linux kernel, from three down to one.\n\nBefore: https://drive.google.com/file/d/1c6VmY2bqx9Pgs61TOUfgMi8Sn0WQeobu/view\n\nAfter: https://drive.google.com/file/d/13eO1rLhoBCMMRUKrmJz8QnhdAR3ctIGb/view\n\nWe also drive-by fix the Kubernetes CTS test suite to run on a single-node\nCluster (instead of failing early due to that being currently reworked).\n\nTest Plan: Build system refactor, following existing test.\n\nX-Origin-Diff: phab/D761\nGitOrigin-RevId: b5545ac5fd402fbf0340d941a90b9ea6ea0b6d43\n" } ], "next": "886d2892d1717bc130cfa008742c06c29f7ff186" }