)]}' { "log": [ { "commit": "0b84a9f5e2caef3f66e4d912b6ac18429dff2c2d", "tree": "e44c00c20213a01877783405929f27edc3357d79", "parents": [ "35fcf0397be02883ace364e650b3e8d9a2281e24" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jul 27 14:20:31 2023 +0000" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Aug 01 13:30:41 2023 +0000" }, "message": "metropolis/node: show build commit on startup\n\nPreviously it was not possible to identify the running version,\nwith this change the build commit and tree state gets stamped into the binary\nand printed on boot.\n\nChange-Id: I3916e3d40dc87f28a58eb74c6450218550fb3214\nReviewed-on: https://review.monogon.dev/c/monogon/+/1978\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "88a76b7a89b3fc81b9135b1197e1ea6fd3698121", "tree": "b1ab3800149e95405b41a21bd74437c1f43c55e7", "parents": [ "4ac7112b135518b610a84a3a6db535dbb41f1fcf" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 24 13:10:33 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 26 10:47:46 2023 +0000" }, "message": "build/ci: ensure that we can build metroctl for macOS\n\nWe should probably soon have separate CI targets for different\nbuild/test kinds/targets, but this will do for now.\n\nChange-Id: I710a498f771fc8fd225c1e3b4666fb28e7421b7d\nReviewed-on: https://review.monogon.dev/c/monogon/+/1962\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "9fd3c3de3d48f328c5771f3659235774aa7df984", "tree": "ed1c39faa59c9bfd6a3bdd6a2bdfe6814c73e2f6", "parents": [ "9739a4f0d1a48cbc4e9f6092d3bd471e833bb8c0" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:18:36 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:19:54 2023 +0000" }, "message": "build/toolchain/musl-host-gcc: handle non-workspace-root execution\n\nThis is needed to build stdlib with cgo, which is in turn required for\nthe race checker to be enabled.\n\nChange-Id: Ic81542925a02c626f157dfd8c6650de3dbb30c7d\nReviewed-on: https://review.monogon.dev/c/monogon/+/1832\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "9739a4f0d1a48cbc4e9f6092d3bd471e833bb8c0", "tree": "a0d1048b3a37d0050b0ff5aba250435c039d29be", "parents": [ "30021af6eaf9f2963d83314c283ebdd23fff2674" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:40:21 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:19:47 2023 +0000" }, "message": "build: add cgo to nogo exceptions\n\nSeems like cgo is placing some files in a separate directory in the\nworkspace root.\n\nChange-Id: Icd94dec7281350339f0b1dd88d61556d75982d64\nReviewed-on: https://review.monogon.dev/c/monogon/+/1836\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "2d1ebd3567567d9e6563776e637006c1d8d88e68", "tree": "00305a6b2ddf285998adc442a893e4ca9a22773e", "parents": [ "c59c515435eff154d15c8f4f84ba9b83f93a94c8" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue May 23 01:53:12 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue May 23 13:25:20 2023 +0000" }, "message": "build/toolchain: remove deprecated use of @bazel_tools\n\n@bazel_tools//platforms will be removed with bazel 6.\nhttps://github.com/bazelbuild/bazel/issues/8622\n\nChange-Id: Iee484f68d76d83ec6d874d0eb4457bb273dc5ed8\nReviewed-on: https://review.monogon.dev/c/monogon/+/1703\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "c8480eedace7c915ebd82695945bf59e09588d83", "tree": "29aed38e5517510112eaeeb85c4aef0104cb05c1", "parents": [ "98e05e1e5fd348ac07e221732251734256777ecd" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Apr 05 13:25:03 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Apr 06 11:35:55 2023 +0000" }, "message": "build/ci: add patch to Dockerfile\n\nChange-Id: I553bbaadd4bfcd0aefd838e2703548fc902c2b53\nReviewed-on: https://review.monogon.dev/c/monogon/+/1500\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "4e6eae2bec769a565eece47438fcb594e7da2765", "tree": "02991fb6c7a758e75c16aae2da84910a36aebede", "parents": [ "c6367b9680d9157fbc8d6d1c7a04a715269c47ba" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Apr 04 22:53:28 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Apr 04 21:07:54 2023 +0000" }, "message": "build/ci: call bazelisk from PATH instead ~\n\nChange-Id: Ic0cd685f81d763ad05418626d514f2a17d8cb524\nReviewed-on: https://review.monogon.dev/c/monogon/+/1482\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "c6367b9680d9157fbc8d6d1c7a04a715269c47ba", "tree": "c5a40f4b2aa3f23dbf4f98609fffaf425b1e84c7", "parents": [ "e012b728d98e51e6b5564873f10c06c4f4c81415" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Apr 04 14:27:26 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Apr 04 18:02:35 2023 +0000" }, "message": "build/ci: remove bazelisk update as the builder image got updated\n\nChange-Id: I5494d540dd89da32c3c05575d26d7af6b7fcf74e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1480\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "cff8eb9db471c6dd85f92e1828ecd268c2737dda", "tree": "c6eb023bb66d2c92d680ea38f6ab33391f2cc881", "parents": [ "9ab3750dce088191a0af8f605246f81d863318c9" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Apr 04 12:21:00 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Apr 04 10:25:18 2023 +0000" }, "message": "build/ci: add gcloud\n\nChange-Id: Idaa081ebc0ab23980bc4913a7afbd3c317086899\nReviewed-on: https://review.monogon.dev/c/monogon/+/1478\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "9ab3750dce088191a0af8f605246f81d863318c9", "tree": "3aebc52158a88409ea48bcf42ef89d48ea81287e", "parents": [ "77b87a6eb9bdc659757ad8edae43ac1fd4b74821" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Apr 03 19:05:07 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Apr 04 10:25:18 2023 +0000" }, "message": "build: allow override of IMAGE_TAG\n\nChange-Id: I23637f1c0d6d0e7cd45ad160209399cc9bf8b1a1\nReviewed-on: https://review.monogon.dev/c/monogon/+/1477\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "1fdab13a2ea1411b332f67cfa9b1216753b9eb11", "tree": "34da6ed80b784c7ccd15e5ac611b03d604523795", "parents": [ "ca4bbee8d21cbfc4cdc3bf6750d3bc2166c7c1ea" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Mar 30 15:04:16 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Apr 03 12:07:27 2023 +0000" }, "message": "cloud: add container_bundle\n\nChange-Id: I3101b02c570d90b77860a1d928f48139d7ce8889\nReviewed-on: https://review.monogon.dev/c/monogon/+/1444\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "0b3aac94581f63b3024b261fa6a9f298d0cca52b", "tree": "5d08ccdc172f131c99b7acaabb108d2d4d4ce53b", "parents": [ "cf33f6805a7842a1aa7fac377468d9ca54f8d05b" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Mar 16 16:49:56 2023 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Mar 20 11:23:46 2023 +0000" }, "message": "g/a/toposort: add topological sorting pkg\n\nThis adds a package which implements topological sorting.\nThere are existing Go packages out there which do this, but all of\nthem have various shortcomings, either in the API or in\nperformance or stability.\n\nThis uses a fairly simple DFS-based algorithm for doing the majority\nof the work. It uses generics for the nodes to allow for flexibility and\nis covered by a fuzz test to check for correctness.\n\nChange-Id: I4ae3f0b97ef801350b87cdae3a3d9a1ba63830e3\nReviewed-on: https://review.monogon.dev/c/monogon/+/1351\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "b033b380387a999b7ad19f9d001c42ec570c8945", "tree": "6093a955f5c08f29e6590fb71781849d100a3e0e", "parents": [ "d8290c8082f752f52d0ba1c765f668e2992bc5d4" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Mar 07 20:06:36 2023 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Mar 07 22:29:46 2023 +0000" }, "message": "*: fix gomodproxy compatibility\n\nThis is necessary for the source to be fetchable from third-party Go\nprojects (currently via a replace directive, as source.monogon.dev isn\u0027t\ngo-getable). Otherwise, `go mod tidy` complains:\n\nreading https://sum.golang.org/lookup/github.com/monogon-dev/monogon@v0.0.0-20230223122556-665b10937eb8: 404 Not Found\n\tserver response:\n\tnot found: create zip: build/analysis/BUILD.bazel: case-insensitive file name collision: \"BUILD\" and \"build\"\n\tbuild/analysis/importsort/BUILD.bazel: case-insensitive file name collision: \"BUILD\" and \"build\"\n\tbuild/analysis/importsort/classify.go: case-insensitive file name collision: \"BUILD\" and \"build\"\n\tbuild/analysis/importsort/importsort.go: case-insensitive file name collision: \"BUILD\" and \"build\"\n\tbuild/analysis/importsort/importsort_test.go: case-insensitive file name collision: \"BUILD\" and \"build\"\n\tbuild/analysis/importsort/testdata/README.md: case-insensitive file name collision: \"BUILD\" and \"build\"\n\t[Truncated: too long.]\n\nChange-Id: If5947be74f7dfcf4ba4bd79c4dc37589f324b891\nReviewed-on: https://review.monogon.dev/c/monogon/+/1223\nTested-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "1cf17953163089f6b90d0922bff0994e06c95e29", "tree": "cfcef14d8530761d9b0a18adf266262898ede7c6", "parents": [ "d026b37c2a27d414821f860ccd0effb522be1ce4" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Feb 13 17:41:59 2023 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Feb 14 10:03:25 2023 +0000" }, "message": "pkg/bootparam: add bootparam pkg\n\nThis adds the bootparam package which can marshal and unmarshal the Linux\nkernel command line into boot parameters and a rest section passed to\ninit.\n\nThis is a very quirky format, thus there is a fuzz testing harness\nagainst the reference implementation from the kernel included to verify\ncorrectness.\n\nA set of weird edge cases is rejected by Unmarshal instead of parsing\nto nonsensical data as the reference implementation does to save on\ncomplexity in the parser.\n\nChange-Id: I6debfa67e69ae8db4e0356f34ecb127ea27d18de\nReviewed-on: https://review.monogon.dev/c/monogon/+/1125\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "d6397766915e4427f74d59656718acffc92d872c", "tree": "a3ca53093fb6f0caa39b5b252c1530a76ce64a47", "parents": [ "52c261e956bc48b538f15b64d89a39f5f567ceaa" ], "author": { "name": "Leopold", "email": "leo@monogon.tech", "time": "Tue Jan 31 18:16:07 2023 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Tue Jan 31 17:56:09 2023 +0000" }, "message": "build/ci: add \"go mod tidy\" step\n\nThis ensures that go.{mod,sum} are up to date and that there\naren\u0027t any missing placeholders.\n\nChange-Id: I2ebc60a8f43f62bf8b70df66e68fafd7026b6148\nReviewed-on: https://review.monogon.dev/c/monogon/+/1107\nReviewed-by: Mateusz Zalega \u003cmateusz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "2aa8b184fcbc713d99bb7c3d868d1ab9df6f5b71", "tree": "6ee292c36be2008e8d2fc4d7af23157c17c0c981", "parents": [ "bc93c2b50690e66712d80e4da5837554588ca065" ], "author": { "name": "Leopold", "email": "leo@monogon.tech", "time": "Sat Jan 14 23:31:43 2023 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Thu Jan 19 19:07:21 2023 +0000" }, "message": "third_party/rust: update rules_rust and deps\n\nThis is required for rules_rust to work with CC toolchains.\n\nChange-Id: I15f20c7bde09697fda248f7107be8bcd00e24d57\nReviewed-on: https://review.monogon.dev/c/monogon/+/1073\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "bc93c2b50690e66712d80e4da5837554588ca065", "tree": "68842095e93b11649cdc23da3bb4a6ef24f9dc8a", "parents": [ "e1ebf729194f3673ea0638f0aceb90cb70de23aa" ], "author": { "name": "Leopold", "email": "leo@monogon.tech", "time": "Sat Jan 14 13:12:23 2023 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Thu Jan 19 19:07:21 2023 +0000" }, "message": "*: migrate to CC toolchains and Bazel 5.4.0\n\nChange-Id: Iff3c0ddda4413dd0c5fa657a5b7813223e98611e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1079\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "7fbf10455fd61b4c34182be5cdb3a53fd9897d4b", "tree": "02ead12ee79b10abfdd624071802acc771f6bb3e", "parents": [ "bffdda85d7750c9a9a34289a79281edeae1d73ef" ], "author": { "name": "Leopold", "email": "leo@monogon.tech", "time": "Fri Jan 06 19:57:37 2023 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Thu Jan 19 19:07:21 2023 +0000" }, "message": "*: bring our own sandbox root\n\nThis change removes the build container and replaces it with a\nBazel-built Fedora 37 sysroot which is bind-mounted into the Bazel\nsandbox using --sandbox_add_mount_pair. The tools/bazel wrapper script\nautomatically (re-)generates the sysroot when needed.\n\nBoth Bazelisk and Bazel\u0027s native wrapper automatically run the\ntools/bazel script, which means that our build should now work without\nextra steps on any machine with a working Bazelisk setup and unpriv ns.\n\nThis fixes all kinds of weirdness caused by the previous podman setup\n(\"bazel run\"/container pushes, log access, weird podman bugs,\nbreaking the IDE plugin for any non-Monogon workspaces...).\n\nUsing the sandbox hash as an action var also ensures that the cache\nis invalidated whenever the ambient environment changes. Previously,\nBazel did not invalidate build steps when any host dependency changed.\nTo my knowledge, this was the only remaining cause for stale builds.\n\nIt also means we cannot depend on the host toolchain since it\nwon\u0027t be accessible in the sandbox, and anything that inspects the\nhost during analysis stage will fail. This currently means that\nrunning on a non-Fedora host won\u0027t work - we fix this next.\n\nAll RPMs are pinned and the sysroot is fully reproducible.\n\nOnce we upgrade to Bazel 5.x, we can take it further by enabling\n--experimental_use_hermetic_linux_sandbox and fully remove the\nremaining host paths from the sandbox for full hermeticity.\n\nIn a follow-up, we can clean up the CI image to only contain the\nminimum dependencies needed for Bazelisk and the agent.\n\nExisting IntelliJ users need to remove the -Dbazel.bep.path flag\nfrom their VM options.\n\nHandbook/Rust rules are disabled temporarily to keep CI green\n(requires a more recent rules_rust version).\n\nChange-Id: I1f17d57d985ff9d749bf3359f259d8ef52247c18\nReviewed-on: https://review.monogon.dev/c/monogon/+/1033\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "79c13a296a51fc3765fc1857698575621052150d", "tree": "746398d651c94f4dc5d48ebfe4c8679fdb8fa1de", "parents": [ "20f68b68006bc85ecf873316c1ec4415fb7d2ce6" ], "author": { "name": "Leopold", "email": "leo@monogon.tech", "time": "Wed Jan 04 23:15:13 2023 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Mon Jan 09 10:04:15 2023 +0000" }, "message": "build/toolchain: fix a few typos while driving by\n\nChange-Id: I7e0dd8bea122990143619d69e312f0f67f3b3a7f\nReviewed-on: https://review.monogon.dev/c/monogon/+/1032\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "9cdec58c06b7eb5b8b532ccf5e6babb060992276", "tree": "d2fa7915a7995f434cf6b4a8e930c68d4759b1f5", "parents": [ "1e9d7d875a7bd10ab30d4b193badab9f76936aca" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Sep 15 18:48:27 2022 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Fri Sep 16 11:30:15 2022 +0000" }, "message": "build/sqlc: remove bindata machinery for migrations\n\nThis wasn\u0027t great to use, mostly because of the amount of symbols that\ngo-bindata generates. Instead, for now expect downstream users to use\ngo:embed.\n\nThe mentioned example will come in a follow-up CL.\n\nChange-Id: I74c0cef691af54a87a5170f63b57356999841379\nReviewed-on: https://review.monogon.dev/c/monogon/+/911\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "1b28e1b92989e827087bc6b594a411e10328e00a", "tree": "6f15262ff5bbbc09b48e184ba59289ff5379ec92", "parents": [ "46e72abb01d6bd4b39fd720680602bd6914e545a" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Sep 05 18:41:18 2022 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Wed Sep 07 13:44:24 2022 +0000" }, "message": "build/sqlc: implement simple sqlc/bindata rules\n\nThis is a first pass at implementing rules to generate sqlc stubs from\n.sql files and embed relevant migration files into bindata.\n\nThis is not yet used. The Go API is subject to change - especially the\nway migrations are laid out in the generated package will probably\nchange.\n\nChange-Id: I0873031603957a176ad4664c3b10768b791e0dd5\nReviewed-on: https://review.monogon.dev/c/monogon/+/884\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "46e72abb01d6bd4b39fd720680602bd6914e545a", "tree": "6b5b740ecc003b62db432f5b2b6b13a88dcb3c8a", "parents": [ "bd2ce6dcffa271d8ef00bceda1a89fc34d1d0f3d" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Sep 05 15:13:22 2022 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Wed Sep 07 13:44:24 2022 +0000" }, "message": "third_party: add libpg_query and sqlc\n\nThis adds sqlc, a SQL query code generator for Go (and other languages).\nIt in turn requires pganalyze\u0027s libpg_query, which is a C library for\nparsing PostgreSQL queries.\n\nTo test:\n\n $ bazel build @com_github_kyleconroy_sqlc//cmd/sqlc\n\nIn the future this will be used by Bazel rules to generate sources at\nbuild time.\n\nChange-Id: I369c9ab503e8ce6952fd3f73c233dd3d59922358\nReviewed-on: https://review.monogon.dev/c/monogon/+/882\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "ea0a2c862d41544cf58807b17daf6b3b4dfa12bc", "tree": "e8a35fdf2706a84aa75d46930c3280c0d4f55224", "parents": [ "cf92f409655c4f4bc22eaa5d17f543d69e8c411b" ], "author": { "name": "Leopold", "email": "leo@monogon.tech", "time": "Thu Jun 30 19:49:18 2022 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Mon Jul 11 12:16:20 2022 +0000" }, "message": "build/ci: add github actions runner dependencies\n\nChange-Id: I7674796d6280fb838d382ef50296f04932d80e0b\nReviewed-on: https://review.monogon.dev/c/monogon/+/812\nTested-by: Jenkins CI\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "ac3324bb1d7ed8dd088aebf2fabc054dd7f8d046", "tree": "edfb97eb84e5c2ca82a1f9d3e14935e3c1236c22", "parents": [ "961c7a25b6f1e7026ebac57e93501307945e98e4" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 07 10:55:48 2022 +0000" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 07 11:10:42 2022 +0000" }, "message": "workspace: update version number for initial release\n\nIt has been decided to call this the 0.1 release, so tag it as such.\nAt some point in the future this can call something like git describe.\n\nChange-Id: I25bb9138d1ee79b7250439cc8a72d7db147dc5bd\nReviewed-on: https://review.monogon.dev/c/monogon/+/824\nTested-by: Jenkins CI\nReviewed-by: Mateusz Zalega \u003cmateusz@monogon.tech\u003e\n" }, { "commit": "961c7a25b6f1e7026ebac57e93501307945e98e4", "tree": "0eb67b5021801b6e6805d87de1ceba2e87308609", "parents": [ "02bc7de3e9f6743f4713edcd83497a14ade48da2" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 07 10:51:33 2022 +0000" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 07 11:10:39 2022 +0000" }, "message": "workspace: update main K8s to 1.24.2\n\nThis was missed in 801. Updating Kubernetes is currently very easy to\nscrew up (see #136 tracking improvements to this).\n\nChange-Id: Ia49ffba93cfdbb3e3111050f59e9dbb64b93361c\nReviewed-on: https://review.monogon.dev/c/monogon/+/823\nTested-by: Jenkins CI\nReviewed-by: Mateusz Zalega \u003cmateusz@monogon.tech\u003e\n" }, { "commit": "f1bdfbe5679da9fc895f8172867f7e557476c5f6", "tree": "105ff0bb1da3db8dfa5934069d5e9ccef604df62", "parents": [ "619029b4ec9b2908baf8f873b34ba4800738f12d" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Thu May 26 22:43:42 2022 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Fri May 27 08:48:35 2022 +0000" }, "message": "build/ci: vote on Verified label\n\nSee internal discussion:\nhttps://monogon.discourse.team/t/replacing-prolog-rules-by-submit-requirements/41/5\n\nChange-Id: Id68b7153cb0ec4018ab95222cf659a79f01ef291\nReviewed-on: https://review.monogon.dev/c/monogon/+/746\nTested-by: Jenkins CI\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "9a6cc56da8f1f5b11eda7ff8ae1f4c7315891556", "tree": "78bd4616b8e20be2d85e70792e50c15f6e4aa2f9", "parents": [ "2d91aa323b5cb576b3c7749eedb91058be1f8f57" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed May 25 13:13:40 2022 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed May 25 13:21:28 2022 +0000" }, "message": "build/ci/Dockerfile: add tini package\n\nSee Idaa0b856 for the internal infra change.\n\nChange-Id: Ic699b8298204e6e4d1bc68993ea377b4054cc80e\nReviewed-on: https://review.monogon.dev/c/monogon/+/696\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "f73d6f0fdf2983a2b578020c56e53f0f0aa91244", "tree": "8e4a28c8b83c9cb8624e46ef5d30c73512e734af", "parents": [ "d279dc056ff0cc93621f7dbab220ed4b8a5f501f" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon May 16 14:34:23 2022 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu May 19 10:47:57 2022 +0000" }, "message": "workspace: fix Kubernetes version\n\nI missed this in CL 674 as it is still not automatically derived.\nThis should really be derived automatically, but regexing it out\nof go.mod or calling go list in here seems sketchy.\n\nChange-Id: I32d5d7987b2a88c01c9239a470413b31c598608b\nReviewed-on: https://review.monogon.dev/c/monogon/+/682\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "fdc3a2473e4ebfd77db342252e1088882e01b2d6", "tree": "addfe894acce55d3088764cc49a6c1c3cee55573", "parents": [ "33ce3bcd5c4791cb66a3020b7792829c534c97c6" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Apr 06 15:56:38 2022 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Tue Apr 19 08:01:17 2022 +0000" }, "message": "third_party/go: fix `go mod tidy`\n\nThis makes our root repository somewhat more gomod-compliant, to the\npoint where we can run `go mod tidy` to manage dependencies.\n\nThe generated placeholder files turn their parent paths into enough of a\nGo package that the go tooling is appeased, but they are ignored by\nGazelle.\n\nIdeally, we will generate these placeholders automatically before\nrunning `go mod tidy` and gitignore them, but this will do as a first\npass.\n\nWe also remove some unused dependencies which got caught by `go mod\ntidy`.\n\nChange-Id: I81e7e92a45f22c8ef9c92207f67a5bd6cc773da5\nReviewed-on: https://review.monogon.dev/c/monogon/+/652\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "ee4bfdb9c59848d618975f24746c78b418e9aebc", "tree": "f84f251df9e2908667f27151794c90cf66965380", "parents": [ "be74284cb84581b7217a934d2a771edb7c948223" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Apr 06 15:30:52 2022 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Wed Apr 06 17:18:39 2022 +0000" }, "message": "build/fietsje: remove\n\nWe\u0027ve moved back to using go.mod as a source of truth, as our main large\ndepdency (Kubernetes) is now mostly gomod compatible.\n\nChange-Id: Ie6215b7330a7dcec7681fa3081437efb2be5bf77\nReviewed-on: https://review.monogon.dev/c/monogon/+/651\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "d13c1c64387ca9a83bb832a3faa5c4b07268d265", "tree": "0c0f534db4726e4400486aad25235e8c573d455e", "parents": [ "79a1a8f9dd49afe8e0a2364c4586b8f39525b204" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Mar 30 19:58:58 2022 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Apr 05 10:35:29 2022 +0000" }, "message": "treewide: switch to gomod and bump everything\n\nThis switches version resolution from fietsje to gomod and updates\nall Go dependencies. It also bumps rules_go (required by gVisor) and\nswitches the Gazelle naming convention from go_default_xxx to the\nstandard Bazel convention of the default target having the package\nname.\n\nSince Kubernetes dropped upstream Bazel support and doesn\u0027t check in\nall generated files I manually pregenerated the OpenAPI spec. This\nshould be fixed, but because of the already-huge scope of this CL\nand the rebase complexity this is not in here.\n\nChange-Id: Iec8ea613d06946882426c2f9fad5bda7e8aaf833\nReviewed-on: https://review.monogon.dev/c/monogon/+/639\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "d23365d8645d1c7839a49af509af283ee1d0cc4f", "tree": "c82f037eca115af58c14c1b2da99b7f98157c121", "parents": [ "fc2d0d8275a2596794f4f2d1d32b8a536854d825" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Mar 30 14:15:12 2022 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Apr 04 09:05:34 2022 +0000" }, "message": "build/ci: bump Bazel to 4.2.2\n\nUpdate to newest Bazel 4.2 patch release because newer rules_go versions\nrequire it.\n\nChange-Id: I3a54d8402c3e5f2183331cabaecac2cc6313e46a\nReviewed-on: https://review.monogon.dev/c/monogon/+/642\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "0ea448a92ad342bcb0ecb05a2aa9652ebe48b62a", "tree": "440a2910a98d9d1e3b895a6fceba859d6e57baa3", "parents": [ "49a1ea42df1cf9f6f3b401a52565496c32b18308" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Mar 16 13:49:32 2022 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Thu Mar 17 18:09:25 2022 +0000" }, "message": "build: fix typos\n\nChange-Id: I5ecd37cc9eb6145076068b458f2a1d95587e8665\nReviewed-on: https://review.monogon.dev/c/monogon/+/631\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "74440ac441be981eb570dc37036e71bf25a04492", "tree": "49295538e3e1abb19b607b42e02c033ffa2b3d76", "parents": [ "b6c0aa9703d7b92ea0a94f16a81a7218fc80d36b" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Mar 08 00:45:35 2022 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Mar 08 12:49:43 2022 +0000" }, "message": "build/ci: add build_ci_image.sh script\n\nChange-Id: I3faad06d501dc792d3855143b7cc877e1751fb0d\nReviewed-on: https://review.monogon.dev/c/monogon/+/558\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "942f5e2188f67d78fe8da86f42e1902427792f2b", "tree": "b3465cd8996a224a678f12cf1d858173077dadd1", "parents": [ "d3ce0ac027b205b1eeccbbcb062c9d417e205df4" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jan 27 15:03:10 2022 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Mar 08 12:05:38 2022 +0000" }, "message": "b/ci: update build container to Fedora 35\n\nFedora 32 is EOL since over half a year, update to the current stable\nFedora release.\n\ntoolchains: adds clang as it\u0027s no longer part of the llvm package,\nchanges toolchain path references to GCC 11, and rebuilds the sysroot.\n\nedk2: update to latest stable (old version cannot build with a newer\nminor version of Python 3) and patch to disable -Werror and make the\nnewer included Brotli version work as it natively includes BUILD\nfiles which need to be patched out to make the source files accessible.\n\nlinux: add patch to fix PVH ELF note entrypoint with binutils 2.32+ as\notherwise the .notes section gets emitted with broken alignment.\n\nm/t/launch: RunMicroVM is broken if SerialPort is not set with newer\nQEMU versions because fcntl(2) fails to interact with a broken file\ndescriptor. This is due to a confusion between nil interfaces and\ninterfaces containing a nil pointer causing Go to improperly pass the\nfile descriptor. Changing the type of SerialPort to the actual\ninterface resolves the issue.\n\nChange-Id: I03a8cbf4f80a7363794dad1ff62ccb57e778cac3\nReviewed-on: https://review.monogon.dev/c/monogon/+/529\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "b6a9d3c613847de99be456f17c6b18cc4d1c4e63", "tree": "65aa9692174230796bfcc30aba663d5063190d6b", "parents": [ "26d5225a142057b6eb04cff9ba86173a6682b626" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jan 27 18:56:20 2022 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Feb 08 13:06:05 2022 +0000" }, "message": "m/n/build: implement new fsspec infrastructure\n\nThis makes the node_initramfs and erofs_image use the new common fsspec\ninfrastructure. It also adds the fsspecs attribute to both which can\nlater be used to add arbitrary fsspecs.\n\nChange-Id: I384e04712c0a70f82c5c975911cbb1d0d5e6cabc\nReviewed-on: https://review.monogon.dev/c/monogon/+/530\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "13050ef7ba39455bd519971221a332eb5c0fcbd6", "tree": "f7ffc3a53832a5254dea1ee02f3d39532707690a", "parents": [ "8bd2ab16d14200774009f96ed94f83edf6ea1094" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Fri Dec 17 17:33:20 2021 +0100" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Mon Dec 20 16:31:30 2021 +0000" }, "message": "build/analysis: enable importsort, reformat\n\nChange-Id: I64fd8803264138e02d016d4751bc23bc56a02521\nReviewed-on: https://review.monogon.dev/c/monogon/+/495\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nReviewed-by: Mateusz Zalega \u003cmateusz@monogon.tech\u003e\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "8bd2ab16d14200774009f96ed94f83edf6ea1094", "tree": "1ad5f5de274c14b340c0bbc2ec2af7b4ef770532", "parents": [ "144b786814f203ed2f2f9a4edfc30cefc5d8dd7c" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Fri Dec 17 17:32:16 2021 +0100" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Mon Dec 20 16:31:30 2021 +0000" }, "message": "build/analysis/importsort: init\n\nThis adds an analyzer which enforces import sorting as per\nCODING_STANDARDS.md. It is not yet enabled in nogo.\n\nThis effectively duplicates some logic that is present in goimports.\nHowever, that logic is mostly within an \u0027internal\u0027 package in x/tools,\nand would be somewhat tricky to make work within the framework of an\nanalysis.Analyser (as it expects to also mutate a file). Thus, we\nend up writing the analysis logic ourselves. Tests are provided to make\nsure this logic doesn\u0027t rot away.\n\nWe also move some common logic from \u0027noioutil\u0027 to a new \u0027lib\u0027 package,\nand implement the last piece of the puzzle there: a code generator to\nprovide information about the toolchain\u0027s stdlib as a map/set.\n\nChange-Id: Ia0f32d6f9122e13117d18ae781d8255c6e3a887d\nReviewed-on: https://review.monogon.dev/c/monogon/+/494\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "144b786814f203ed2f2f9a4edfc30cefc5d8dd7c", "tree": "12f11f840239b33329c8bd854a550785e1eed0df", "parents": [ "b309e3fa020ab70f169c0f2b4a63a9f68da775b7" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Fri Dec 17 17:30:14 2021 +0100" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Mon Dec 20 16:31:30 2021 +0000" }, "message": "third_party: goimports: apply import grouping patch\n\nThis allows developers to build //:goimports and point their IDE/editor\nto it to easily conform to the import style guide.\n\nWe also document how to run this tool in CODING_STANDARDS.md.\nIntegration with IntelliJ is TBD.\n\nChange-Id: I61e412162e51e513ec5888eda5221c9d145b6454\nReviewed-on: https://review.monogon.dev/c/monogon/+/493\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "ae574130297293a59894c0e49eebeaa9766fca1c", "tree": "bcd3e9ab29ce79d7d0f6de8715f8447366082eb0", "parents": [ "dc1bec4fd5d6b43d2218f466955720b911cefb17" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Fri Dec 17 17:28:52 2021 +0100" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Fri Dec 17 17:51:36 2021 +0000" }, "message": "build: gotoolchain: support runfiles in tools\n\nThis allows us to use gotoolchain.{Go,Root} at build time in genrules,\nand in tests. I\u0027m still somewhat confused as to why bazel.Runfile\ndoesn\u0027t do this by itself.\n\nChange-Id: I3c4c236bbe9782c5aa01cf7b801f691bf1ac2d85\nReviewed-on: https://review.monogon.dev/c/monogon/+/491\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "dcfc6787c736ae3461138224a33c5d5c560df2ff", "tree": "5ce2f2719c320e0f77aa5c667ed8221e27a39ca2", "parents": [ "43e2107d9b76e8c1df0974c3125878ca64f2bb61" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Nov 30 05:27:48 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Nov 30 19:38:46 2021 +0000" }, "message": "build/proto_docs: add proto documentation generator\n\nThis adds an HTML documentation generator for our Protobuf files.\nIt consists of a new Bazel rule `proto_docs` which wraps protoc-gen-doc.\nprotoc-gen-doc itself and go-proto-validator which it includes need\nsome light patching because of dumbness in the Go Proto ecosystem that\ndoesn\u0027t exist in our Bazel build.\n\nThis just hooks up everything, it does not yet do anything custom like\nannotating our own authorization metadata or similar.\n\nChange-Id: If6fd7c777210fea700e49242b5339cfafe7c030d\nReviewed-on: https://review.monogon.dev/c/monogon/+/452\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "cb2dcf6c3ffa2d50293faa1708fad975ea237afa", "tree": "0dd4505eb664795cbe688da03228ebf1ab4f3637", "parents": [ "764a2de7911a42d57720911332a12895f0aad707" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Nov 22 22:57:34 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Nov 23 09:18:53 2021 +0000" }, "message": "b/a/noioutil: add an analyzer prohibiting use of ioutil\n\nThe ioutil package is deprecated and a tree-wide migration was already\ndone. This analyzer ensures that there can be no users of this package\nin the future.\n\nChange-Id: Ica6cd01ce5cb919d6f236225deeaff70b8e2800b\nReviewed-on: https://review.monogon.dev/c/monogon/+/451\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "764a2de7911a42d57720911332a12895f0aad707", "tree": "dd0e31cee8fb5c753a762462e9eb16f776c3ec73", "parents": [ "e65731049afb6fd49da80f064fa40a28c9d5741d" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Nov 22 16:26:36 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Nov 22 20:39:51 2021 +0000" }, "message": "tree-wide: rewrite ioutil functions to their replacements\n\nThe ioutil package has been deprecated in Go 1.16 [1]. This CL removes\nall our own users of that package and rewrites them to use their\nreplacements in the os package. I initially wanted to do this with a\ngofix but because all replacements were signature-compatible I just\ndid it with a few string replaces and then ran goimports to fix up the\nimports.\n\nI intentionally didn\u0027t rewrite the patches as that would require a\ndifferent process and is IMO of less value.\n\n[1] https://github.com/golang/go/issues/42026\n\nChange-Id: Iac6663a1f1ee49f9b1c6e4b3d97e73f2c3b54a13\nReviewed-on: https://review.monogon.dev/c/monogon/+/449\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "e65731049afb6fd49da80f064fa40a28c9d5741d", "tree": "21dcad96d01c15fe0d0044c6ff72fbc18ab9105a", "parents": [ "c71efc9d3b6c9d626e752ec5e17ea6893a3fbe34" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Nov 02 14:15:37 2021 +0100" }, "committer": { "name": "Mateusz Zalega", "email": "mateusz@monogon.tech", "time": "Mon Nov 22 12:55:56 2021 +0000" }, "message": "m/c/metroctl: add MVP disk/image-only installer\n\nThis adds a very minimalist metroctl install command.\nOnly supports boostrapping and a single owner key.\nBut good enough to set up a node.\n\nChange-Id: I9306a054b9540a3a0c70621f3f5d9cb34fc18d14\nReviewed-on: https://review.monogon.dev/c/monogon/+/417\nReviewed-by: Mateusz Zalega \u003cmateusz@monogon.tech\u003e\n" }, { "commit": "c2e3b1b7f29708fa136e9195645b31fce530c1f0", "tree": "94d45711f78c1c1cc859e251519838350ce91938", "parents": [ "44d2ad428573bb20ee6be4b957b1abbacad50fcb" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Nov 11 11:06:41 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Nov 16 12:47:21 2021 +0000" }, "message": "WORKSPACE: bump rules_go go 0.29 and Go to 1.17.1\n\nThe changes to nogo are from rules_go being able to use go_library\ntargets as part toolchain definitions. gVisor needed to be bumped\nto be compatible with Go 1.17. It also needs a fix for us not having\nthe systemd cgroup controller.\n\nChange-Id: I058b5c68d97809a286fbe36df00e49e55874dfd5\nReviewed-on: https://review.monogon.dev/c/monogon/+/438\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "8fda084b12ad482da4b76888078cc53bfd3c2e20", "tree": "42e77f22b4b0f2c69dd7264c6ca5759df7b92789", "parents": [ "f73d8a993251c8fda30ce665c7f4eabdb7a203e3" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Nov 09 19:47:51 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Nov 11 13:24:38 2021 +0000" }, "message": "build/ci: bump Bazel to 4.2.0\n\nThis bumps Bazel to 4.2.0 in preparation for other rule updates.\n\nChange-Id: I786320e335a721a103859a87e066e199565e9fa0\nReviewed-on: https://review.monogon.dev/c/monogon/+/437\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "d32d1eaec33b9b6e8a2ce6f207892d7a2b236382", "tree": "dc8e209fe34fbe3575223ac47864b1b7558a9f12", "parents": [ "8d45a0598ae83b8da89442ce8960e64f065182c7" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Nov 02 00:06:07 2021 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Thu Nov 04 12:40:54 2021 +0000" }, "message": "build/ci: install headless JDK\n\nAs discussed in monogon-dev/monogon#83, we can avoid\npulling in a number of unnecessary dependencies by using\na headless JDK. Improves upon I4622349, which would break Jenkins.\n\nChange-Id: Iff4aef30b9c1ae76293d9a29cf0a86945eabc679\nReviewed-on: https://review.monogon.dev/c/monogon/+/414\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "57479bb5c00df6127e592716b6d644c3c13d75e9", "tree": "db782aca2c0ea03fac70ab9d0cc89d30abf838ea", "parents": [ "070ec4eb5f6853185209494455a9a7b751cf32e1" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Oct 26 14:01:06 2021 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Nov 02 12:35:45 2021 +0000" }, "message": "m/c/metroctl/core: add frontend-independent metroctl support pkg\n\nThis adds metroctl/core, a package which contains parts of metroctl\nwhich do significant amounts of work beyond just providing a CLI for\nthem.\nThis package is intended to be used for integrating with functions\nprovided by metroctl, for example for using them in integration tests\nor writing other frontends providing functionality similar to metroctl\n(like a GUI or webapp).\n\nChange-Id: I8a56bfbefce8d18c6c9be3349e3c7a15a699d009\nReviewed-on: https://review.monogon.dev/c/monogon/+/411\nReviewed-by: Mateusz Zalega \u003cmateusz@monogon.tech\u003e\nVouch-Run-CI: Mateusz Zalega \u003cmateusz@monogon.tech\u003e\n" }, { "commit": "070ec4eb5f6853185209494455a9a7b751cf32e1", "tree": "58e1edfe5c83976feeac07606c65252cafcf6aba", "parents": [ "6ef7f9bb94890748cc7c635f187fce7c5f497fe3" ], "author": { "name": "curiousleo", "email": "leo.markert@gmail.com", "time": "Mon Nov 01 16:22:10 2021 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Nov 01 17:39:47 2021 +0000" }, "message": "build/ci: Remove JDK from builder image\n\nThe JDK is not used and pulls in further unnecessary dependencies.\n\nChange-Id: I46223497d6809b911ab200bd255c20054e7c78d2\nReviewed-on: https://review.monogon.dev/c/monogon/+/413\nVouch-Run-CI: Leopold Schabel \u003cleo@nexantic.com\u003e\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "da3be1bde2f7cffc518433c8f65569079a30655e", "tree": "f1f308bfaec9ab63d86fdbbfeb414a296ac1a280", "parents": [ "66e589595ecbefdc1466ea5e98e9c237e3300f8e" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Sun Oct 17 22:15:10 2021 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Oct 18 10:00:04 2021 +0000" }, "message": "build/ci: output link to Gerrit change\n\nChange-Id: I126e724052fea1cd04584b4a11d016dbd1c292a7\nReviewed-on: https://review.monogon.dev/c/monogon/+/384\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "a1a96b454eb3c21d03b7f95f1917dd6ce1b84b8a", "tree": "349684ba3c542d059472cb23e67c36fdff980dcb", "parents": [ "4b1e37c88d7472fa378393e7a2e545b7a87145c9" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Oct 06 19:29:57 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Fri Oct 08 15:34:28 2021 +0000" }, "message": "b/toolbase/gotoolchain: fix IntelliJ integration\n\nThis adds OutputGroupInfo(go_generated_srcs) to expose the Generated\ntoolchain source code to the IntelliJ Bazel aspect, removes the\nunnecessary GoArchive output (which seems to not be used when embedding\ninto another go_library) and does a reformat (as per IntelliJ\nconfiguration).\n\nChange-Id: I4bb981d8fa86b5960a7bcceab87607fdff6d1f13\nReviewed-on: https://review.monogon.dev/c/monogon/+/348\nReviewed-by: Mateusz Zalega \u003cmateusz@monogon.tech\u003e\n" }, { "commit": "4b1e37c88d7472fa378393e7a2e545b7a87145c9", "tree": "8f1670f60907fb204bb159f11af637076a43af8f", "parents": [ "2f58ac0ba336ad64e5708a4bb72163e368410959" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Sep 28 12:49:15 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Fri Oct 08 15:34:28 2021 +0000" }, "message": "build/fietsje: split into monogon-specific library and cli tool\n\nThis is a first pass at sightly modularizing fietsje. This allows\nfietsje-for-Monogon to be used as a Go library, and moves all the\ntoolbase startup logic into its own executable package. This allows us\nto call fietsje from some multi-purpose CI/check tool that I\u0027m slowly\nimplementing on the side.\n\nFietsje should still be split up further, allowing a generic fietsje\nlibrary to be used for more than just the Monogon repository - but that\nwill come at a later point.\n\nChange-Id: Ic59c0bb954c5416fda95d3604d5aa94553dc1030\nReviewed-on: https://review.monogon.dev/c/monogon/+/331\nReviewed-by: Mateusz Zalega \u003cmateusz@monogon.tech\u003e\n" }, { "commit": "bf5994514f50390c64c2ae6be2371687d312850c", "tree": "679766afdb62bd1721bfb48acb71c394c691f595", "parents": [ "bf68fa9d8cbf6d283da8d538c1f28d8f53df0fcd" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Oct 06 00:00:22 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Wed Oct 06 14:50:22 2021 +0000" }, "message": "build/ci: attempt to prevent Jenkins from killing Bazel\n\nEvery so often in CI we see the following:\n\n Server terminated abruptly (error code: 14, error message: \u0027Socket closed\u0027, log file: \u0027/home/ci/.cache/bazel/_bazel_ci/8746318cfadba75371ec634ee6e84c81/server/jvm.out\u0027)\n\nNot sure what causes it, but setting this magical value apparently\ncauses Jenkins\u0027 ProcessTreeKiller to stop killing all subprocesses of an\nexisting process, which might be causing the above. We\u0027ll find out.\n\nChange-Id: Ibe48126dcf547735183c8789260bac6c42a0a10e\nReviewed-on: https://review.monogon.dev/c/monogon/+/347\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "96043bc1cb55b1271b21309b2011d64d2361a0fd", "tree": "b4db59595d8635154de74b0a244a6bb28bc52d2d", "parents": [ "3379a5d0ffcd652031c135f2ffe7600272fa0093" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Oct 05 12:10:13 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Tue Oct 05 17:29:16 2021 +0000" }, "message": "*: import reformats\n\nAs caused by my IntelliJ/gofmt locally. We really need to do gofmt\nchecks in CI, especially now that we nearly have the tooling ready for\nit.\n\nChange-Id: Id105ba9ad8a34b8b8e883d52d621d47b0ea888d7\nReviewed-on: https://review.monogon.dev/c/monogon/+/338\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "6adf8840e846b15b7b34151c3432c886b540f420", "tree": "c10422b27c730cdc7bdfb56e493aac784de5904a", "parents": [ "2f9f3876dd51d6a3031220d578a18c98270c74a8" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Oct 05 13:39:11 2021 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Oct 05 16:00:31 2021 +0000" }, "message": "m/c/metroctl: add skeleton and dependencies\n\nThis adds the skeleton for the Metropolis control command line,\nmetroctl. It currently consists of a single root command doing nothing\nand the dependency updates for viper, the library providing command\nline parsing and completion support.\nActual functionality will be in subsequent CLs.\n\nChange-Id: I73d0e2956d9550902a80295928e94cb32bb12cfc\nReviewed-on: https://review.monogon.dev/c/monogon/+/337\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "605efbe76a4317b50bc5499041784f303a9bdc37", "tree": "a8599cf7715aaa2035163aeba83666d0d6506804", "parents": [ "bc7614ee942aee814865a5967c642802040476ed" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Sep 28 14:01:01 2021 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Sep 30 13:14:43 2021 +0000" }, "message": "b/t/llvm-efi: add EFI toolchain based on LLVM\n\nThis adds a Bazel toolchain for building EFI binaries using rules_cc\nwith LLVM installed in the container.\n\nIt does not yet add an EFI standard library.\n\nChange-Id: I9eb15de6f4f800ab6351607d2fb01dad3135da9f\nReviewed-on: https://review.monogon.dev/c/monogon/+/333\nReviewed-by: Sergiusz Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "116c4a69dc90827d82023c362cbc26a17e188787", "tree": "dac0e28341a03ede45012c1945879348020967da", "parents": [ "ab4ef137f84411197c20e477aa8d7dd23f82d8ea" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Fri Sep 24 14:22:27 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Mon Sep 27 18:58:01 2021 +0000" }, "message": "build/fietsje: move to toolbase\n\nThis removes some of the bash magic copied over from Gazelle, and\ninstead uses toolbase to achieve the same effect.\n\nChange-Id: I6ea3bfda68092c00ea58883bb9b1f7c0779a97e6\nReviewed-on: https://review.monogon.dev/c/monogon/+/330\nReviewed-by: Mateusz Zalega \u003cmateusz@monogon.tech\u003e\n" }, { "commit": "ab4ef137f84411197c20e477aa8d7dd23f82d8ea", "tree": "30d663886742a10d2fb499b21f4f836560fb300c", "parents": [ "cbd02be30a3960034ba1be55eabf0aa185604499" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Fri Sep 24 13:58:13 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Mon Sep 27 18:58:01 2021 +0000" }, "message": "build/toolbase/gotoolchain: init\n\nAnother piece of the toolbase puzzle, this one is a library which\nprovides information about the Go SDK picked by Bazel/rules_go, and\nallows to build tools that call the `go` tool.\n\nThis is effectively the logic from //build/fietsje:def.bzl, but\nrewritten to be reusable. In a later CL, we will make Fietsje use this\nlogic instead of its existing starlark/shell magic.\n\nChange-Id: I2be723089410c81843b54df77bcd665a4e050cbb\nReviewed-on: https://review.monogon.dev/c/monogon/+/329\nReviewed-by: Mateusz Zalega \u003cmateusz@monogon.tech\u003e\n" }, { "commit": "cbd02be30a3960034ba1be55eabf0aa185604499", "tree": "eb64c22a5851773ade075837cf3c4a040c54181b", "parents": [ "c72aa433ff68b76317233ba8805d55845e9efd1a" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Fri Sep 24 13:39:12 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Mon Sep 27 18:58:01 2021 +0000" }, "message": "build/toolbase: init\n\nIn an effort to better the developer/CI experience, I\u0027m moving some of\nour presubmit checks into a Go tool. This is a helper library that will\nbe used to interact with a Monogon workspace checkout from Go, both in\nthe new presubmit tool but also any other future tools that would like\nto operate on source code.\n\nChange-Id: Ie5f1b1d0153a1c853c241e167d2d3a469c636c94\nReviewed-on: https://review.monogon.dev/c/monogon/+/328\nReviewed-by: Mateusz Zalega \u003cmateusz@monogon.tech\u003e\n" }, { "commit": "3bb23219009a98643a562b1e59e3a4080f422c51", "tree": "52173a35ecc7029ce0d5cb681bc215a362b0d730", "parents": [ "41d275a63864e67deacad5b2ec0b435b01984034" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Aug 24 16:27:21 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@monogon.tech", "time": "Tue Aug 24 14:43:38 2021 +0000" }, "message": "build/ci: disable concurrent presubmit builds\n\nThis prevents more than one presubmit job from executing globally in\nJenkins.\n\nThis will naturally make things more slow, but should let us\ntroubleshoot \u0027Socket closed\u0027 errors.\n\nIf after this still keeps happening, the theory that Jenkins is somehow\nscheduling multiple different pipelines per agent/executor (and causing\nBazel server conflicts) is wrong and we need to look elsewhere.\n\nIf it stops the problem, the builds will likely effectively be faster\n(because we won\u0027t waste so much time retriggering builds), and we can\nthen further debug why is it that multiple pipeline stages get scheduled\non the same agent/executor.\n\nChange-Id: I90a8cdbb6b79fef4b9a33471ff20b821e9988ae9\nReviewed-on: https://review.monogon.dev/c/monogon/+/313\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "e7bb94c0b2b2a7694c8985c5da80e814a51c4bdf", "tree": "89d182c5ef72d7f8e73b2eca677105cf6e91af88", "parents": [ "dd7b2d22fb0e13547505bacd862b92bf56a35983" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri Jul 02 17:11:58 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Fri Jul 02 17:27:17 2021 +0000" }, "message": "build/ci/Dockerfile: add ibazel\n\nibazel (a.k.a. bazel-watcher) is a tool which wraps bazel and\nautomatically rebuilds/restarts targets if source files or\ndependencies change.\n\nChange-Id: Ifd5b53619c597c28eaef217067e619430f71d885\nReviewed-on: https://review.monogon.dev/c/monogon/+/199\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "dd7b2d22fb0e13547505bacd862b92bf56a35983", "tree": "ef18d20d2688a62bdf80147ec343e05789ac6cae", "parents": [ "76003f807b24a22476b14bc308939fc62e1ad6a2" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri Jul 02 17:13:22 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Fri Jul 02 16:28:59 2021 +0000" }, "message": "third_party/go: add package missing from dependency graph\n\nThis is a Windows-specific package being pulled in by github.com/spf13/cobra.\n\nWe don\u0027t need it, and we don\u0027t ever build it (it\u0027s behind a select()\ngate depending on the Windows platform), but its lack causes us to not\nbe able to perform Bazel queries against anything that stumbles upon\nthis select statement.\n\nNotably, things like ibazel don\u0027t work without the ability to query\ndependencies of a target. In theory, cquery could be used of query (and\ncquery would know that it\u0027s not running on a windows platform and not\nattempt to resolve the missing package). This might happen some day,\nbut:\n\n 1) cquery currently does not support the buildfiles() function, which\n is needed by tools like ibazel to find not only source/data/target\n dependencies for a taret, but also every BUILD/.bzl file that\n influenced that target.\n\n See: https://github.com/bazelbuild/bazel-watcher/issues/305#issuecomment-627312885\n\n 2) It\u0027s generally good practice to not have missing objects in our\n dependency graph, I think. We will sooner or later start using this\n data in CI and other automation, and it might be useful to make an\n assumption, at some point, that we don\u0027t ever have a broken\n target dependency graph.\n\nTesting plan: the following now works:\n\n bazel query \u0027deps(set(//...))\u0027 --output\u003dxml\n\nChange-Id: Ic45e293b868b0aaa707f31384b4b24626ba23e29\nReviewed-on: https://review.monogon.dev/c/monogon/+/200\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "216fe7b3ae949376467f626f339423a31ea7da97", "tree": "b0fe587b671a76bf6229339825d2a61df7fc847b", "parents": [ "6ebdc418f3c4799c12368e34ea78dc9c9757fb54" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri May 21 18:36:16 2021 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri May 28 17:54:03 2021 +0200" }, "message": "*: reflow comments to 80 characters\n\nThis reformats the entire Metropolis codebase to have comments no longer\nthan 80 characters, implementing CR/66.\n\nThis has been done half manually, as we don\u0027t have a good integration\nbetween commentwrap/Bazel, but that can be implemented if we decide to\ngo for this tool/limit.\n\nChange-Id: If1fff0b093ef806f5dc00551c11506e8290379d0\n" }, { "commit": "6ebdc418f3c4799c12368e34ea78dc9c9757fb54", "tree": "55dcecf2fda5b992c703dea87ef2cea495f6ffe0", "parents": [ "67483ded56f26ced15581d7a87314d776cf5ecb0" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri May 21 16:25:55 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Fri May 28 15:53:36 2021 +0000" }, "message": "RFC: build/analysis: add commentwrap\n\nThis adds a Go analyzer which limits the length of comment lines to 80\ncharacters.\n\nRationale:\n\nMonogon currently follows gofmt style. Gofmt in itself is already quite\nopinionated, but one thing it explicitly does not check for is maximum\nline length.\n\nThis implements a limit for the maximum length of a comment line in Go\nsource within Monogon. It explicitly does not limit code line length, as\nthese can be handled much more easily by soft reflows.\n\nThe tool used, github.com/corverroos/commentwrap, will now be\nautomatically ran by our nogo pass, and prevent any line of commnets\nwithin Go to be longer than 80 characters, with the exception of:\n\n - cgo/generate directives\n - TODOs\n - indented comments (eg. sample code or long URLs)\n\nDownsides:\n\n1. We have to reformat the entire codebase. CR/67 does this.\n\n2. We end up with a bulk Git commit that will pollute Git history. A\n followup CR attempts to resolve this by using Git\u0027s ignoreRevsFile\n functionality.\n\n3. There\u0027s currently no integration with IntelliJ and no way to\n automatically reformat code. If this RFC gets approved, a follow up\n CR will be created that adds integration/automation to make this\n easier to work against.\n\nOpen questions:\n\n1. Is 80 characters the right limit? I, personally, quite like it, but\n am willing to compromise on line length.\n\nChange-Id: I063d64596ca5ef038a8426c6b9f806b65c18451e\nReviewed-on: https://review.monogon.dev/c/monogon/+/66\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "0ef9629ffd82027c5dbff11f3530b86136636597", "tree": "b28ac6ae9aff11c0fdbdf6e50d75d2d8b830dd76", "parents": [ "bd0d24e1fda0ee0cd8231d25eff499894226e04d" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri May 21 15:41:32 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Tue May 25 09:52:53 2021 +0000" }, "message": "build/analysis: move nogo configuration\n\nThis moves the nogo config JSON file from the root of the repository,\nand cleans up the BUILD file in preparation for adding extra, possibly\ncustom, analyzers.\n\nChange-Id: Id85c9cd8515b9178712329fe425c1e1740f04d8b\nReviewed-on: https://review.monogon.dev/c/monogon/+/65\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "acae1ef4088e0e9579d7c35b2f7ce1de21c5ac22", "tree": "761455858b1e1491981d1d58dc093ca93402d541", "parents": [ "7b73537d3fe08f5bbca741c7abbd95115ac2e6c2" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed May 19 11:31:40 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Wed May 19 11:28:32 2021 +0000" }, "message": "*: replace nxt -\u003e monogon\n\nThese are hopefully the last leftovers from the nxt monorepo.\n\nThis change breaks existing build containers and IntelliJ setups, and\nunfortunately thrashes developer workstation Bazel caches.\n\nRunning `scripts/bin/destroy_container.sh \u0026\u0026\nscripts/bin/create_container.sh` and then following the IntelliJ setup\nguide in //README.md should be enough to fix everything.\n\nDid that locally and was able to set up a fully working IntelliJ\nIDE against this change.\n\nChange-Id: I090f4e4f2ea03998569a4ea3d1aa4cd4ec570f8a\nReviewed-on: https://review.monogon.dev/c/monogon/+/61\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "5aa494f9576756992113c72164ec6dc298071276", "tree": "076d9ea79874838d89cffa74f1f0d160a5884422", "parents": [ "6feb746cfafeedb600ae12e22be910ad376b30a5" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue May 18 18:57:10 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Tue May 18 18:12:39 2021 +0000" }, "message": "build/ci: move Dockerfile, document new CI\n\nThis moves the Builder Imager Dockerfile into //build/ci, adds some\nsmall changes to make it usable as a Jenkins agent base, documents its\nusage, and adds a script which builds and pushes that image into an\nexternal container registry.\n\nWe also remove the old Phabricator-based CI scripting.\n\nChange-Id: I332608f7d7105f675104db3ee2d787b2412fcbe9\nReviewed-on: https://review.monogon.dev/c/monogon/+/28\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "6feb746cfafeedb600ae12e22be910ad376b30a5", "tree": "6b8f67cc7f183cfaa3b533a20d069abd1e7f3b07", "parents": [ "99d210d48afc2207ffb4064c58068faa9449a981" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue May 18 15:49:15 2021 +0200" }, "committer": { "name": "Sergiusz Bazanski", "email": "serge@nexantic.com", "time": "Tue May 18 15:37:38 2021 +0000" }, "message": "build/ci: add presubmit Jenkinsfile\n\nThis implements a basic presubmit Jenkinsfile which should be consumed\n(in this CR already) by CI machinery running against review.monogon.dev.\n\nThis presubmit exercises the same build targets as the old, internal\nPhabricator CI. The build executing agents are based off of the \u0027monogon\nbuilder\u0027 Docker image defined within build/Dockerfile. A follow up CR\nwill remove the leftover of Phabricator CI machinery and explicitly\ndocument how that agent image is built and used.\n\nWe also reformat a generated .bzl file to remove a spurious copyright\nheader. This appeases Gazelle/Fietsje checks.\n\nFinally, we add a .gitignore which ignores build files to make the\nGazelle/Fietsje dirty checkout detection work correctly. The internal\nversion of the metropolis repository had an equivalent .gitignore which\nwasn\u0027t carried over during the initial migration into the Monogon\nmonorepo.\n\nChange-Id: Ib88b8b50dbc6fcd034757558697e6ae2334235b1\nReviewed-on: https://review.monogon.dev/c/monogon/+/26\nReviewed-by: Leopold Schabel \u003cleo@nexantic.com\u003e\n" }, { "commit": "37050126ef89ec30cc677c272471debe55ec0d69", "tree": "c64a64a622ec1c3e1e72fc12a6d4252c0e803cc1", "parents": [ "2999427c182463840a339cf0e82885d8a3b6e79f" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Mar 30 14:00:27 2021 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Apr 13 11:04:01 2021 +0200" }, "message": "Implement Block PVCs in our storage backend\n\nThis implements full support for Block PVCs in our Kubernetes storage backend.\nThe block PVCs are backed by files made available to the pods using loop devices and\nhave read-only and online expansion support.\n\nThis also requires a Kubernetes patch because they call losetup if block PVCs are used\nwith CSI to establish a form of lock on the backing block device. This lock is not\nexclusive and does absolutely nothing for our use case and could get very expensive\non dense machines so I removed it.\n\nTest Plan: Comes with E2E tests\n\nX-Origin-Diff: phab/D746\nGitOrigin-RevId: 430d3f445286c0d3498b2153df333a19f3fcab89\n" }, { "commit": "30167f5cf55829d38f9d480466d7b5742c62a5fc", "tree": "fd89a3bb8a1c08b10d870a6b185b2deffa131cac", "parents": [ "9956e72c6c0b4f6436dc9493bc213965ee0cc191" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Mar 17 17:49:01 2021 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Apr 13 11:03:56 2021 +0200" }, "message": "Add VM infrastructure smoke test\n\nThis adds an E2E test which exercises the VM infrastructure (Kubernetes, KVM device plugin and QEMU).\nThis test should ensure that nobody breaks the core infrastructure Metropolis VMs rely on.\n\nTest Plan: This is a test\n\nX-Origin-Diff: phab/D740\nGitOrigin-RevId: ddf629725dfb664ace5a50efee9ed9442962d6f7\n" }, { "commit": "339f97dc7ae48876f77b1195a8840f9369fb5d25", "tree": "126cb2059727f7bf4fe50adff74aeeb93e8c618b", "parents": [ "fa99799583dfc3b485012dd0575287643f568b72" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed Mar 31 22:16:52 2021 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Thu Apr 01 18:58:27 2021 +0200" }, "message": "third_party/go: add k8s.io/code-generator\n\nTest Plan: New dep. Used further down change stack.\n\nX-Origin-Diff: phab/D749\nGitOrigin-RevId: 4cd0cab36dbd2aa17f944ad6fb3bf90af638ebef\n" }, { "commit": "bb95ebd12f8777b1b653653bcb54a081b6c54771", "tree": "0c52fbe31ea06cf4b1151e991f3da4ed6515b426", "parents": [ "b60d9cb51462a82a89f9c16f5ca6b4541de6d450" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Mar 16 15:06:51 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Mar 16 15:06:51 2021 +0100" }, "message": "Include compiler-specific headers in musl toolchain sysroot\n\nCurrently our musl sysroot does not include any compiler-specific headers. This makes the musl\ntoolchain unable to build more complicated things like QEMU. Since the musl toolchain is not actually\na real toolchain, but just a thin wrapper around the host toolchain this is a problem as these headers\nare not static. For a lack of better options it has thus been decided that we\u0027re just going to manually\nmerge the headers for our build container in.\n\nThis is expected to be removed as soon as we have a proper toolchain.\n\nTest Plan: Tested in subsequent revision\n\nX-Origin-Diff: phab/D737\nGitOrigin-RevId: a1ed1d229c87980341c80b22263f5d9a4cf9924c\n" }, { "commit": "b60d9cb51462a82a89f9c16f5ca6b4541de6d450", "tree": "6d9d0debaa652988ecbae503c56748f9a17ed481", "parents": [ "c4a3aab4c8d14d05b7e2448ab11897b6f9093046" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Feb 18 17:34:00 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Feb 18 17:34:00 2021 +0100" }, "message": "Add C/C++ header rewriter\n\nThis adds a C/C++ header rewriter utility. See the top comment on a quick description of how it works.\nNo workspace rule is provided yet, that will come later.\n\nTest Plan: This is a build utility, doesn\u0027t really matter.\n\nX-Origin-Diff: phab/D705\nGitOrigin-RevId: 4bf274d8301f3a38a1ec7512bf310be9815fb647\n" }, { "commit": "735119f8efcd1ce8689703fe455e39f2146b0b3e", "tree": "40fd14c0a07c12974d01d67997349917b40f5d69", "parents": [ "ddd6caff9edac56dad727a79eb5b0faf4dbd6cb9" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Mar 11 00:30:01 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Mar 11 00:30:01 2021 +0100" }, "message": "Host toolchain minimal features\n\nTest Plan: Tested with QEMU and the existing codebase.\n\nX-Origin-Diff: phab/D713\nGitOrigin-RevId: ecfc94ab2b4880447c628fc2e41b5ed6234f90d8\n" }, { "commit": "bcae658f9530e95cde2ac931beacae71c9fb240e", "tree": "649848ec85c0f168a8672fab143d1b53b0b55903", "parents": [ "c00318e448212b01a8121059be3c3e9b35bd13a7" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Mar 04 17:09:50 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Mar 04 17:09:50 2021 +0100" }, "message": "Add common template_file rule\n\nThis adds a template_file rule, which is used often when building C/C++ dependencies which use\nautotools or similar build systems upstream. Taken from an existing repo of various Bazel helper rules.\n\nTest Plan: None\n\nX-Origin-Diff: phab/D707\nGitOrigin-RevId: 9cc818803b2fed9e15677924dbc9137c39459151\n" }, { "commit": "2073ce34e57b0be3cedd39b8934869abb6f73582", "tree": "8c7f86cecb41848e0614da742935cc656be02239", "parents": [ "7b82227c87f477e9d986d648b8ad63f4268dde3b" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Feb 03 18:52:59 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Feb 03 18:52:59 2021 +0100" }, "message": "Bump Bazel to 4.0.0\n\nThis bumps Bazel to 4.0.0 because we want to use ProtoModule. The update was relatively painless,\nno incompat-flags needed to be switched back off. `bazel_gazelle` is pinned on a master version\nsince they haven\u0027t released a Bazel 4-comaptible version yet and I have one patch against Kubernetes\u0027s\ninfra repo which is going upstream.\n\nTest Plan: Build system change, should be covered by existing tests\n\nX-Origin-Diff: phab/D701\nGitOrigin-RevId: 24f675e6ba33efb9f46191eccca95088d7d2d1f1\n" }, { "commit": "7b82227c87f477e9d986d648b8ad63f4268dde3b", "tree": "bd4f8afb09a40f4217709f956c2344c67f95e660", "parents": [ "378a4455aedda838f60c546e55199092f24952ed" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Feb 03 17:03:41 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Feb 03 17:03:41 2021 +0100" }, "message": "Drop legacy kubelet log path\n\nIt looks like the Kubernetes update broke E2E tests on the EROFS stack because of some change\nto how the legacy log dir is handled. Kubelet currently just crashes because it can\u0027t mkdir\n/var/log/containers. This directory is apparently only used by fluentd for log collection in upstream\nE2E tests and with dockershim, both of which we don\u0027t care about. So let\u0027s just nuke it.\n\nTest Plan: Fixes things on top of the EROFS stack\n\nX-Origin-Diff: phab/D700\nGitOrigin-RevId: 45b7f76a61b7234845ab55fcfbc37a66f69fe065\n" }, { "commit": "74e8e5c35fea1ec9ce13c8a2d16100bab45d42d9", "tree": "3ec734c4b86fed54a5039623c789dd4b805b3b6e", "parents": [ "19eb0006edc79edc53fb53ea0eed67e93f4c8eba" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jan 26 14:00:50 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jan 26 14:00:50 2021 +0100" }, "message": "Make containerd work with read-only root\n\nThis makes containerd work with a read-only root. There were a few config mistakes on our side which\ncaused it to write to the rootfs (mostly leftovers from the switch to /ephemeral) and a semi-hardcoded path\nin /var/lib/cni from containernetworking/cni. This is technically configurable, but it would require patching\nthree different repos (see diff message) and getting all of them to agree to take the change and wait for\nit to propagate to all repos (containerd is known to be slow to release stuff). So let\u0027s just hack in\nthis one-line diff for the time being.\n\nTest Plan: Should be covered by existing tests\n\nX-Origin-Diff: phab/D694\nGitOrigin-RevId: 0e8f5dbfb216539c16e64130af9fe1023722ae1b\n" }, { "commit": "19eb0006edc79edc53fb53ea0eed67e93f4c8eba", "tree": "704a52ab75bde43409d80246cf23bce6b6be3467", "parents": [ "842536b10bd1b11e62317940feef215442a8ecb4" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jan 21 14:25:25 2021 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jan 21 14:25:25 2021 +0100" }, "message": "third_party: bump Kubernetes to 1.19.7\n\nThis... didn\u0027t exactly go well. Turns out a change between rc.1 and rc.2\nbroke our runc runtime by enabling seccomp by default for pod sandboxes.\n\nWe work around this by reverting this change, and filing T916 to solve\nthis soon.\n\nThis fixes T910 and T909.\n\nTest Plan: kube bump, CI should run e2e, didn\u0027t run CTS.\n\nBug: T910, T909\n\nX-Origin-Diff: phab/D691\nGitOrigin-RevId: 78afca77c294895859e0af9150128d82677d875b\n" }, { "commit": "842536b10bd1b11e62317940feef215442a8ecb4", "tree": "264906157b5cd51ef39e952326b85da48b5bbb5b", "parents": [ "f12bedfa4cd144c3abc4deac58405067d55f9c87" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jan 26 13:54:57 2021 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jan 26 13:54:57 2021 +0100" }, "message": "Make Kubernetes work with read-only root\n\nThis makes Kubernetes work with a read-only root. There\u0027s two places where they hardcode\npaths: One is the DeviceManager socket path (/var/lib/kubelet/device-plugins/kubelet.sock), that one\nis easy to fix because KubeletRootDir is available one scope above. The other one is the pod logs dir\nwhich is too far removed from the main Kubelet config, so I just changed their hardcoded path to ours.\nThe first patch should be upstreamable, for the second one we\u0027d need to take a different approach to upstream.\n\nTest Plan: Should be covered by existing E2E tests.\n\nX-Origin-Diff: phab/D693\nGitOrigin-RevId: 4606ab228a24bd4a0274f8e3156123710a59f2aa\n" }, { "commit": "f12bedfa4cd144c3abc4deac58405067d55f9c87", "tree": "ddbc408e424a0ea8e446bcf0022ee16278202d63", "parents": [ "c3ad846e0eaf4cf008130a643ff247aa27531e17" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri Jan 15 16:58:50 2021 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri Jan 15 16:58:50 2021 +0100" }, "message": "*: bump up Go dependencies\n\nThis started off as \u0027let\u0027s bump gVisor\u0027. However, pulling that thread\nresulted in quite a few things that also required bumping for the build\nto actually work. Here I come back from a day in the Bazel mines,\nbearing fruits of my labor.\n\nNotable changes:\n\n - bump up gVisor\n - bump up containerd\n - bump up Bazel\n - bump up rules_go, rules_docker, Gazelle\n - use google.golang.org/protobuf (the \u0027new\u0027 go proto package)\n - bump up gRPC (but not too much, as go-etcd is still straggling)\n\nNotable effects:\n\n - new gVisor supports TTY allocation (kubectl run -it\n --image\u003dubuntu:20.04 ubuntu bash now works!)\n\nNotable notes:\n\n - gVisor shim has new been rolled into the main gVisor package and is\n slightly easier to build (we can get rid of a bunch of patches).\n - Opencontainers\u0027 runtime-specs now follow containerd instead of gVisor\n - gVisor had to be taught to use the slightly newer runtime-specs via a\n new patch.\n - go_rule() in Starlark is now deprecated, and we had to change our\n Starlark rule definitions to use rule() instead. We also had to patch\n gVisor to do that (as there hasn\u0027t yet been a release that rolled\n this up).\n - Gazelle now supports different naming schemes for generated Go\n targets - either the old //foo/bar:go_default_library scheme, or a\n new and nicer //foo/bar:bar scheme. We currently force the usage of\n the old scheme, as switching over is probably not going to be easy\n (we use a lot of external Bazel files, and we have to wait for their\n compatibility with the new scheme first).\n - New Bazel/rules_go sets a TMPDIR long enough to generate paths (via\n ioutil.TempDir) to which sockets cannot be bound (108-byte limit).\n - The new protobuf API is incompatible with gogoproto. containerd/ttrpc\n uses gogoproto, but we are smart enough to pull in the old protobuf\n library as gogoproto\u0027s transitive dep. However, ttrpc also wants to\n use some proto-generated grpc bits, and that doesn\u0027t work. We have to\n pull in a ttrpc fork from a PR that hasn\u0027t yet been merged that fixes\n this issue.\n\nTest Plan: Refactor only, should be covered by tests.\n\nX-Origin-Diff: phab/D689\nGitOrigin-RevId: 1188c0605d25e7f40307fab5fd96e7019f3a9171\n" }, { "commit": "febf0b0defa3a4ccfb58f4c77ddb095a2668162a", "tree": "03043ebb7c96fc2b8293221fdb59740dc162942e", "parents": [ "31370b07f0df2dc2765d812d4ce00a6b35185b16" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jan 07 16:34:28 2021 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jan 07 16:34:28 2021 +0100" }, "message": "script: nexantic -\u003e monogon\n\nThis replaces the \u0027nexantic\u0027 build container with one called \u0027monogon\u0027.\n\nAlso drive-by fix Fietsje\u0027s proto package path.\n\nTest Plan: Refactor, CI only.\n\nX-Origin-Diff: phab/D687\nGitOrigin-RevId: 15165f3b57927836dc9601454b31dce4b2c09c7d\n" }, { "commit": "31370b07f0df2dc2765d812d4ce00a6b35185b16", "tree": "15563902eee9591083284441c8505b084b275d0a", "parents": [ "313816f41244d7520eb2b6f8c231328ee5b7a4ef" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jan 07 16:31:14 2021 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jan 07 16:31:14 2021 +0100" }, "message": "*: git.monogon.dev -\u003e source.monogon.dev\n\nThis implements T882, setting our (virtual) GOPATH to source.monogon.dev\nfor this repository.\n\nTest Plan: Refactor, CI only.\n\nX-Origin-Diff: phab/D686\nGitOrigin-RevId: c5e2309089948ffc3a98e68e2e0e1cbb157d3a36\n" }, { "commit": "d9ed6560d5db2783252945e1dd3c2e4f908c019e", "tree": "7b90c06406fa071f1a7927c25d3526339a509758", "parents": [ "0be9be88224dd87eedb10436b11615fa59862271" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jan 07 16:06:44 2021 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Jan 07 16:06:44 2021 +0100" }, "message": "build: remove cilium\n\nThis was used back when we were considering CIlium for our networking\nlayer. However, we abandoned that idea, and as such these are all\nunnecessary.\n\nTest Plan: Refactor, CI only.\n\nX-Origin-Diff: phab/D685\nGitOrigin-RevId: 30f296d7626d64cc1a07a73e4e7bbd18d9e9d933\n" }, { "commit": "81de89b8675ee0ce677225ffef1cd3ee6ad9f56f", "tree": "e518c0a70ec203314fcd9415d01a484ac3182a91", "parents": [ "520c934288d32979ed54b7ffde74428e4583509b" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Dec 22 10:59:14 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Dec 22 10:59:14 2020 +0100" }, "message": "scripts: remove cockroachdb container\n\nRemoving Anubis/Delta in D676 frees us from needing to run a cockroachdb\ncontainer.\n\nTest Plan: Refactor, covered by tests.\n\nX-Origin-Diff: phab/D678\nGitOrigin-RevId: 704b0d9f2ea1f09e143758f1b3aa336a84904b74\n" }, { "commit": "520c934288d32979ed54b7ffde74428e4583509b", "tree": "47fe9a4317e2a13789f4a8f855490ef98edc2065", "parents": [ "6df7c4f6b2c9a896357cb6c4e236d588f4e23277" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Dec 22 10:58:41 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Dec 22 10:58:41 2020 +0100" }, "message": "sqlboiler: remove\n\nWe do not use any SQL anymore in this repository, so we do not need sqlboiler.\n\nTest Plan: Refactor, covered by CI.\n\nX-Origin-Diff: phab/D677\nGitOrigin-RevId: 1ed24f3d57774be14e6611582f691e73b1106ea9\n" }, { "commit": "662b5b3119b0798980b887d1ef9fa1b5632aa7fb", "tree": "3e1fc4ab033530e6d579112ba500d2c6edb43368", "parents": [ "39f2f691726dc6e0a291aa8609085b835a313dad" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Dec 21 13:49:00 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Dec 21 13:49:00 2020 +0100" }, "message": "smalltown -\u003e metropolis\n\nThis pass removes all mentions of Smalltown, both from code and comments,\nand replaces them with appropriate new terminology.\n\nTest Plan: Refactor, covered by CI.\n\nX-Origin-Diff: phab/D674\nGitOrigin-RevId: 04a94d44ef07d46f7821530da5614daefe16d7ea\n" }, { "commit": "26d41999e0c71813648c16ad84bba810c3b9d593", "tree": "13b60089a6d8e40aab345820498e9e703ad41f7a", "parents": [ "023093c104fbddc568e624949ec68a5722dcd180" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Dec 15 19:27:58 2020 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Dec 15 19:27:58 2020 +0100" }, "message": "intellij: use Bazel-built goimports\n\nTest Plan: Tested the watcher, it fixed my code\n\nX-Origin-Diff: phab/D663\nGitOrigin-RevId: 0e06b3a4043e1671d8bb553312c8894d7c916933\n" }, { "commit": "56a7ae643059875a074ab6e3ca92754520483edd", "tree": "b949c496629eea44dfb0407fc90bef5bcb9bf894", "parents": [ "21b039bcd224dc0ba0050e7281cef8d73071d0a4" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Oct 29 11:03:30 2020 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Oct 29 11:03:30 2020 +0100" }, "message": "Added DHCPv4 Client\n\nThis adds a bare-bones DHCPv4 client. Currently leases are handled by a single callback which\ncan then be used to implement option observers and other ways to deal with them.\n\nTest Plan: Some tests already here, more coming.\n\nX-Origin-Diff: phab/D645\nGitOrigin-RevId: 76fae7080cdd8ba59cf77368179cae0bc9c9c824\n" }, { "commit": "9e861a87775191faf1a027f603a0074446cd1319", "tree": "01fb624b542762594bad6e88d67c947263837769", "parents": [ "5faa2fc7fb6266486183fdc1455e711079d33e37" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed Sep 16 13:46:41 2020 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed Sep 16 13:46:41 2020 +0200" }, "message": "//build/toolchain/musl-host-gcc: implement\n\nThis is a cc_toolchain which runs on x86 systems with Linux/gcc and\ntargets Smalltown via static musl builds.\n\nIt is currently unused, but can be tested by trying to build any\ncc_binary with\n--crosstool_top\u003d//build/toolchain/musl-host-gcc:musl_host_cc_suite .\n\nTest Plan: This has been tested manually by running it against a simple cc_binary. Another revision on top of this will attempt to build mkfs.xfs with it.\n\nX-Origin-Diff: phab/D623\nGitOrigin-RevId: ebdf51ee76d9d5a7fd94725c66ef53783f787df7\n" }, { "commit": "a50e845df333a4d7531793e3fed61ca8411384f5", "tree": "d27ebc111fce076181d9ddda5c06882334f91823", "parents": [ "ed0503cbe3c2d85d138f2604b87d73417be6c940" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Sep 09 17:09:27 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Sep 09 17:09:27 2020 +0200" }, "message": "Introduce TPM event log infrastructure\n\nThis adds support for reading the local TPM event log and for parsing the\nresulting blob. Reading the log is implemented as part of our TPM library, but\nfor reading and processing the event log binary structure we rely on Google\u0027s\ngo-attestation. Since they don\u0027t separate their event log processing from the rest\nof the package, I imported the relevant files here directly.\n\nSince TPM event logs are really terrible (see included workarounds and\nhttps://github.com/google/go-attestation/blob/master/docs/event-log-disclosure.md)\nit\u0027s probably a bad idea to use them for anything where we can avoid it.\nSo this will likely only be used for EFI boot / secure boot attestation and\neverything we measure will be part of our TPM library with a much less insane format.\n\nTest Plan:\nManually smoke-tested using a custom fixture on a Ryzen 3000 fTPM.\nWe cannot really test this until we have a way of generating and loading\nsecure boot keys since an empty secure boot setup generates no events.\n\nX-Origin-Diff: phab/D622\nGitOrigin-RevId: e730a3ea69c4055e411833c80530f630d77788e4\n" }, { "commit": "ed0503cbe3c2d85d138f2604b87d73417be6c940", "tree": "66fce41e479e22ba8a735fbcbb62d768c0307bd3", "parents": [ "b9431c95082a3de6c87f96b700e69b72e4d87fdc" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jul 28 17:21:25 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jul 28 17:21:25 2020 +0200" }, "message": "Add Kubernetes CTS\n\nThis adds patches and build specifications for the Kubernetes Conformance Test Suite. This involves\ngating various cloud-specific tests behind the providerless flag (otherwise we\u0027d gain a ton of additional dependencies)\nand an additional 60MiB in test binary size.\nSince the CTS for weird reasons requires kubectl to be available in the path we first build a kubectl go_image and then\nstack the CTS on top of it. The output bundle is then preseeded for use.\n\nTest Plan: `bazel run //core/tests/e2e/k8s_cts`\n\nBug: T836\n\nX-Origin-Diff: phab/D615\nGitOrigin-RevId: 7d2cd780a3ffb63b217591c5854b4aec4031d83d\n" }, { "commit": "b29e0b07048697a8e8b4b33adb98dd6d8e79eddf", "tree": "b0b9660a1a783aae391bafd1a9fbac56bcad5498", "parents": [ "efb028fdc542dd2f19bf74a3be98506e7a15c7b7" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jul 28 17:26:12 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jul 28 17:26:12 2020 +0200" }, "message": "Add CoreDNS build\n\nThis adds CoreDNS and all relevant dependencies. Unused plugins are patched out\nto prevent excessive dependencies and binary size.\n\nTest Plan: `bazel build @com_github_coredns_coredns//:coredns`\n\nX-Origin-Diff: phab/D614\nGitOrigin-RevId: a897bc0e9f908218fd2f414d7e3b902c14e0a374\n" }, { "commit": "efb028fdc542dd2f19bf74a3be98506e7a15c7b7", "tree": "778c7ccea019f423ca9f660125fe8898014aa9d8", "parents": [ "8b0431a9d22b1f2bb8ab3e6eb66ffda5ca4a2ea9" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jul 28 17:04:49 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jul 28 17:04:49 2020 +0200" }, "message": "Allow applying patches before BUILD file generation\n\nThis adds support for patching Go dependencies before BUILD file generation and\nalso plumbs that support into fietsje. No actual prepatching is done in this revision.\n\nTest Plan: This has been used successfully in code built on top of it.\n\nX-Origin-Diff: phab/D612\nGitOrigin-RevId: 7013e5f98feb57ac64ff3dc79d1a9bb94e4152a8\n" }, { "commit": "b682ba55d4a51babad2beebb470b0fef0e6067ca", "tree": "d94c2bb98f3a47896558d9cd4d2cc0271a4558c7", "parents": [ "f85748717f32f0a74816de01b1e5f2e0104342c5" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Jul 08 14:51:36 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Jul 08 14:51:36 2020 +0200" }, "message": "Add service proxy\n\nThis adds a service proxy based on nfproxy and changes to the service IP allocation to make it work.\nAlso adds support for masquerading outbound traffic for outbound network connectivity.\n\nTest Plan:\nCurrently manually tested by creating an alpine pod and running \u0027apk add curl \u0026\u0026 curl -k https://192.168.188.1:443/\u0027.\nWill be covered later by CTS.\n\nBug: T810\n\nX-Origin-Diff: phab/D580\nGitOrigin-RevId: cace863fd8c2f045560f8abf84c40cc77bc275d4\n" }, { "commit": "f85748717f32f0a74816de01b1e5f2e0104342c5", "tree": "bfac698dc5127fa6440a844c23c6469082256bc3", "parents": [ "57b4375dc2763dbf8444a4786bd41b7ec1a8172b" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jul 28 17:12:04 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jul 28 17:12:04 2020 +0200" }, "message": "Make bindata relative to workspace root\n\nThis makes bindata relative to the Bazel workspace root instead of the package. This\nputs it in line with general Bazel expectations about how files are laid out.\n\nTest Plan: Should be covered by existing tests\n\nX-Origin-Diff: phab/D613\nGitOrigin-RevId: ce338fd40d24d6dd222c4fc02f48ada87b562d06\n" }, { "commit": "f042e6f95bb7dc771bf79f309dbdf0b34da933da", "tree": "f18c60fb92202ce2d5ec7041c85579865a81509d", "parents": [ "b876fc31f12628562a51c70668b318b9fc50478b" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Jun 24 16:46:09 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Jun 24 16:46:09 2020 +0200" }, "message": "Add Wireguard-based K8s pod networking\n\nThis adds a pod networking runnable based on Wireguard which watches all nodes\nand adds their K8s IPAM allocations as routes into the kernel \u0026 WireGuard. It only depends\non K8s and only performs direct routing.\n\nTest Plan: Manually tested by spinning up a two-node cluster and running two Alpine pods pinging eachother. Can be covered by E2E tests once we can do image preseeding for the test infra (T793).\n\nBug: T487\n\nX-Origin-Diff: phab/D573\nGitOrigin-RevId: ba3fc36f421fd75002f6cf8bea25ed6f1eb457b0\n" }, { "commit": "b876fc31f12628562a51c70668b318b9fc50478b", "tree": "b7f4001c6ab56712dd26473b216e74222b1903f0", "parents": [ "78fd97294dbc8bbf5ef1a490b2d7b7ad96fddcae" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jul 14 13:54:01 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jul 14 13:54:01 2020 +0200" }, "message": "Update containerd to 1.4.0-beta.2 and K8s to 1.19.0-rc.0\n\nThis unbreaks bbolt (as part of containerd) on 1.14+ (see https://github.com/etcd-io/bbolt/pull/201 and\nhttps://github.com/etcd-io/bbolt/pull/220), pulls in my patch to ignore image-defined volumes\n(https://github.com/containerd/cri/pull/1504) and gets us some robustness fixes in containerd CNI/CRI integration\n(https://github.com/containerd/cri/pull/1405). This also updates K8s at the same time since they share a lot of\ndependencies and only updating one is very annoying. On the K8s side we mostly get the standard stream of fixes\nplus some patches that are no longer necessary.\n\nOne annoying on the K8s side (but with no impact to the functionality) are these messages in the logs of various\ncomponents:\n```\nW0714 11:51:26.323590 1 warnings.go:67] policy/v1beta1 PodSecurityPolicy is deprecated in v1.22+, unavailable in v1.25+\n```\nThey are caused by KEP-1635, but there\u0027s not explanation why this gets logged so aggressively considering the operators\ncannot do anything about it. There\u0027s no newer version of PodSecurityPolicy and you are pretty much required to use it if\nyou use RBAC.\n\nTest Plan: Covered by existing tests\n\nBug: T753\n\nX-Origin-Diff: phab/D597\nGitOrigin-RevId: f6c447da1de037c27646f9ec9f45ebd5d6660ab0\n" }, { "commit": "52f7f291c1987fe98bd10d3ad79d4a0c8772ad03", "tree": "eaf212647f9bab001e62bb35647255b5f107bd2e", "parents": [ "3ff5af330857b2aadcdae9d9e6ca37b7e5d2c56e" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Jun 24 16:42:02 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Jun 24 16:42:02 2020 +0200" }, "message": "Add nanoswitch and cluster testing\n\nAdds nanoswitch and the `switched-multi2` launch target to launch two Smalltown instances on a switched\nnetwork and enroll them into a single cluster. Nanoswitch contains a Linux bridge and a minimal DHCP server\nand connects to the two Smalltown instances over virtual Ethernet cables. Also moves out the DHCP client into\na package since nanoswitch needs it.\n\nTest Plan:\nManually tested using `bazel run //:launch -- switched-multi2` and observing that the second VM\n(whose serial port is mapped to stdout) prints that it is enrolled. Also validated by `bazel run //core/cmd/dbg -- kubectl get node -o wide` returning two ready nodes.\n\nX-Origin-Diff: phab/D572\nGitOrigin-RevId: 9f6e2b3d8268749dd81588205646ae3976ad14b3\n" }, { "commit": "385c12f84a0f1b6b5d70f228a0fb629f6f8f316c", "tree": "ef5ea6804ca0419e8851d1a21f956508764ba446", "parents": [ "032ca1877adc3421343ed35a49c014ca261effff" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed Jun 17 12:12:42 2020 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed Jun 17 12:12:42 2020 +0200" }, "message": "build/toolchain: init\n\nThis adds a new, bare-bones, host-based C++ toolchain, and enables it\nfor all target builds. This toolchain replaces the automatically\ngenerated host toolchain from bazel-tools, and differs in the following\nways:\n - uses fully hardcoded paths\n - is the bare minimum required, which allows us full control over all\n aspects of it, notably link arguments\n - does not assume we\u0027re building normal C++ binaries for Linux (for\n instance, the new toolchain does not always link with -lm)\n\nThis is in anticipation of a change by @lorenz that uses cc_binary to\nbuild qboot for tests. However, this is also a good basis to start\nwriting a \u0027real\u0027 toolchain suite for mkfs.xfs, linux \u0026 co.\n\nTest Plan: For now, this is unused - but does not break any existing flow, which is fine. I did test this on a qboot WIP commit from @lorenz, and it at least fixed our immediate problem that it wanted to build it with with -lm,-lstdc++ - which we didn\u0027t.\n\nX-Origin-Diff: phab/D560\nGitOrigin-RevId: 8a5bc5f00a0a0534ea245e556d160f5bab7f8a0c\n" } ], "next": "c3ae7588e04e283a9ee798823ff590f2eb26e13f" }