)]}' { "log": [ { "commit": "8b000b2217522891cace6ad3b98d805b1a262345", "tree": "2696cf2de6fe72f5e220e4db725a81c816de1bce", "parents": [ "0573d7d031e51af42cb482c3cd788a280ccaaf28" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Aug 08 16:11:26 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Aug 23 08:59:12 2023 +0000" }, "message": "metropolis/hostsfile: update our own node\u0027s roles correctly\n\nThis properly serializes the state of our own node\u0027s roles into startup\ndata (and the hosts file) if it is assigned during node runtime.\n\nWithout this, we could end up serializing out of date node role data and\nthus would not startup up with a cluster directory (and persisted node\nroles) which would allow for proper control plane startup.\n\nChange-Id: I45da5d73cc0eea0a7c32308bbecf512bb9699d55\nReviewed-on: https://review.monogon.dev/c/monogon/+/2068\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "0573d7d031e51af42cb482c3cd788a280ccaaf28", "tree": "8e7cb6f506bbba04985860830dae6f8de4ac4b4f", "parents": [ "67023fe466d35df7ff7e606e74f3bcf51ac8085c" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Aug 08 16:01:04 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Aug 23 08:59:12 2023 +0000" }, "message": "metropolis/resolver: more logging\n\nThis should let us figure out HA connectivity issues better in the\nfuture. We were mostly missing logging connection attempts to control\nplane nodes and leader information received from them.\n\nChange-Id: I88f3e4b289561e7b31fcbb59d26b674d8b6aea39\nReviewed-on: https://review.monogon.dev/c/monogon/+/2067\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "67023fe466d35df7ff7e606e74f3bcf51ac8085c", "tree": "fb5fd15306831b95c84c69d60ce32c2a623c17cf", "parents": [ "c38aca282657ac1ed2fba5dd79477ffe945b5bf6" ], "author": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Mon Aug 14 12:36:35 2023 +0000" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Tue Aug 15 17:10:59 2023 +0000" }, "message": "Improve Nix instructions in README\n\nChange-Id: I758f9f84f449e2ea3f8cd8c28b3dbcce72584496\nReviewed-on: https://review.monogon.dev/c/monogon/+/2083\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "c38aca282657ac1ed2fba5dd79477ffe945b5bf6", "tree": "6af66e1a59839382a906114a088f0b01f676e82f", "parents": [ "14bd519e1a084a4d490f8da8a212ce37ee7d9936" ], "author": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Mon Aug 14 12:22:13 2023 +0000" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Tue Aug 15 17:10:41 2023 +0000" }, "message": "shell.nix: add buildifier\n\nIntellij auto-formats BUILD files when buildifier is present.\n\nChange-Id: I07d650ae879e4f7e168cfed698c68ec6df3ef3ae\nReviewed-on: https://review.monogon.dev/c/monogon/+/2082\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "14bd519e1a084a4d490f8da8a212ce37ee7d9936", "tree": "33241e0942f75e07f6cea3e99afd8cba93876894", "parents": [ "eb79bfa9bae59540920d1a990a61b204bd9977d8" ], "author": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Mon Aug 14 12:19:01 2023 +0000" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Tue Aug 15 17:10:41 2023 +0000" }, "message": "shell.nix: change prompt color to magenta\n\n\"Light gray\" underperforms in light themes.\n\nChange-Id: I03296f04593975cf912da83f3cc5192c7ccb048a\nReviewed-on: https://review.monogon.dev/c/monogon/+/2081\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "eb79bfa9bae59540920d1a990a61b204bd9977d8", "tree": "7c49253bb6108b72be0fe4fbebe9cf32d85c6313", "parents": [ "1e963fe8bdf4eb368b66717bafd640c7f17528d6" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 21:09:08 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 21:01:36 2023 +0000" }, "message": "t/linux-firmware: update to master\n\nContains new AMD microcode with mitigations for\nInception (CVE-2023-20569) and Phantom (CVE-2022-23825).\n\nChange-Id: If6e26b9f1a96bf6e50c3c9f74bb60ad41c4d441f\nReviewed-on: https://review.monogon.dev/c/monogon/+/2049\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "1e963fe8bdf4eb368b66717bafd640c7f17528d6", "tree": "e6f40f9ee469f824bd3f9bfceae3c6074f95990b", "parents": [ "6eb3fb31f0d1385e96652b6bee043bd9c5f6a577" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 18:24:02 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 21:01:36 2023 +0000" }, "message": "t/linux: update to 5.15.125\n\nThis kernel contains additional handling and workarounds for Gather Data\nSampling aka Downfall (CVE-2022-40982) on Intel CPUs,\nInception (CVE-2023-20569) and Phantom (CVE-2022-23825) on AMD CPUs.\n\nPerformant workarounds for these issues also requires updated microcode\nfor both CPU vendors. Microcode for Intel has already been updated,\nAMD\u0027s is not merged in linux-firmware yet.\n\nChange-Id: I441c8c7b39a8eec0c42d1aac0375d0d15ec1703d\nReviewed-on: https://review.monogon.dev/c/monogon/+/2048\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "6eb3fb31f0d1385e96652b6bee043bd9c5f6a577", "tree": "33e2e6e6e17ae40519909d0927ce33bb9b0cf2c7", "parents": [ "c7108352bd9e03780e6f8836be6c5fffaa0f6501" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 17:19:24 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 21:01:28 2023 +0000" }, "message": "m/n/core: pipe kernel logs into logtree\n\nCurrently the kernel log is only available on the local console\n(serial/screen) and only if they are high-severity entries.\nThis log should be inspectable and collectable together with the\nother Metropolis logs, thus pipe it into logtree under the root.kernel\nnode..\n\nChange-Id: If5006db251eb8662ae9939a56e23bbb895304690\nReviewed-on: https://review.monogon.dev/c/monogon/+/2045\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "c7108352bd9e03780e6f8836be6c5fffaa0f6501", "tree": "fa6b87a5cd44288921d18a3f4476c99717da318f", "parents": [ "efa381fa9e8a3850ca1332ce617778d330d5e3ba" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 17:09:40 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 18:46:57 2023 +0000" }, "message": "m/p/logtree: add kmsg pipe\n\nThis allows ingesting Linux kernel (kmsg) logs into logtree with\nthe original metadata (timestamp, severity) preserved.\n\nChange-Id: Ibb6e3a7a0ae4a008b8e9c98beccb3a95c067cb75\nReviewed-on: https://review.monogon.dev/c/monogon/+/2044\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "efa381fa9e8a3850ca1332ce617778d330d5e3ba", "tree": "6fd0db26eab500ba19d7dd6c92b3f9b2cffb6646", "parents": [ "431acaa53ad0914eaf8bc89366b693640acbde13" ], "author": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Wed Aug 09 17:43:06 2023 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Wed Aug 09 18:11:25 2023 +0000" }, "message": "Set flaky flag on all known flakes\n\nBazel will retry tests marked as flaky up to three times. This has\nthe obvious downside of making the flakes less visible, but popping\nup as unrelated build failures is not the best way to surface them.\n\nChange-Id: I0c97450b17f2e8a56275d3b738e7d34b89be44f6\nReviewed-on: https://review.monogon.dev/c/monogon/+/2047\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "431acaa53ad0914eaf8bc89366b693640acbde13", "tree": "5c6fedd3d4cd204c4b99b42afbc5eba83a167341", "parents": [ "009b12662712fd70670c0dc6015e1a135d4a3cd0" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 14:29:24 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 16:10:05 2023 +0000" }, "message": "m/n/c/consensus: fix flaky TestEtcdMetrics\n\nThe metrics endpoint comes up before the bootstrap process is complete.\nThe test context then gets cancelled as the test has succeeded,\nbut the consensus runnable is not done bootstrapping, causing it to\nreturn an error and TestHarness to\nfail the test.\n\nFix this by waiting for the etcd state to be populated, indicating that\nthe bootstrap machinery has done its job.\n\nFixes https://github.com/monogon-dev/monogon/issues/258\n\nChange-Id: Ied270191aaebb226822a1c9d7f8c6312bd0da1ed\nReviewed-on: https://review.monogon.dev/c/monogon/+/2043\nTested-by: Jenkins CI\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "009b12662712fd70670c0dc6015e1a135d4a3cd0", "tree": "d3e164ef5b094489c04939cd4bab8dbf907cb3b1", "parents": [ "8055d23f3116a9695367ee09155ef9e0a4059f90" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 13:40:11 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 09 13:43:55 2023 +0000" }, "message": "third_party/intel_ucode: update to 20230808\n\nThis fixes the Intel Gather Data Sampling aka Downfall (CVE-2022-40982)\nmicroarchitectural data disclosure vulnerability.\n\nChange-Id: Ib185e8763f15e2af9fca2b89671825e5e87480fa\nReviewed-on: https://review.monogon.dev/c/monogon/+/2042\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "8055d23f3116a9695367ee09155ef9e0a4059f90", "tree": "17a093240dca129cec9aba29edcf777ff56c9f23", "parents": [ "0e74961fc03de5a439484ea5ec33e0fc52a22edd" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Aug 08 23:56:07 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Aug 08 22:07:41 2023 +0000" }, "message": "third_party/linux: enable VLAN interface support\n\nThis is configurable through the Metropolis static network\nconfiguration and thus needs to be enabled.\n\nChange-Id: Id479e0d26a93819de0e315c8c470e94386f0351f\nReviewed-on: https://review.monogon.dev/c/monogon/+/2041\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "0e74961fc03de5a439484ea5ec33e0fc52a22edd", "tree": "79097191057579098832aaafe30fceb2572a3bdc", "parents": [ "9563673b5913420e143518b53d3134d4f29b404b" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Aug 07 17:42:59 2023 +0000" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Aug 08 12:06:53 2023 +0000" }, "message": "cloud/bmaas/bmdb: Filter for machines based on provider\n\nCurrently the equinix shepherd tries to initialize our nodes from lumen,\nwhich of course is not correct. This change adds another parameter to\nthe queries and prevents that.\n\nChange-Id: Ib3f65e68403cb1b1282b80c1d494fb030a6d17b1\nReviewed-on: https://review.monogon.dev/c/monogon/+/2039\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "9563673b5913420e143518b53d3134d4f29b404b", "tree": "f41aee88ab9e63b2a8f38203d3aa9a169663edc7", "parents": [ "32c5fb80970db711fc2f81ceef2b07c29b409e5b" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Aug 07 16:59:40 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Aug 07 17:54:59 2023 +0000" }, "message": "m/n/c/update: work with invalid boot entries\n\nCurrently if any boot entry is unreadable or unparseable, we refuse to\nperform any updates. This is not desirable as any edge cases in our\nparser or the EFI firmware cause the update mechanism to be\nnon-functional, even preventing us from shipping an update to fix the\nissue. It makes more sense to just log occurrences where such an entry\ncould not be read/parsed.\n\nChange-Id: I8a1161bf35a4c8deb1d82156662b512bcc43ed59\nReviewed-on: https://review.monogon.dev/c/monogon/+/2038\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "32c5fb80970db711fc2f81ceef2b07c29b409e5b", "tree": "45b735a5f41722d0cc5fc6886e894d498830a132", "parents": [ "f025d1b20232385fa09459794dda9f9df0f5295a" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Aug 03 17:37:56 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Aug 07 17:54:59 2023 +0000" }, "message": "m/n/c/update: fix matching boot entries\n\nThe matching code accidentally worked as long as there was only one boot\nentry for each loader path (boot-a.efi/boot-b.efi) as it type-asserted\na pointer which caused ok to always be false and thus all entries passed\nthrough the UUID check.\n\nThis fixes the type assertion and following logic.\n\nChange-Id: I83fdd2204028633dc274055f7d1ecb458747174e\nReviewed-on: https://review.monogon.dev/c/monogon/+/2031\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "f025d1b20232385fa09459794dda9f9df0f5295a", "tree": "e19ea5d8e3af4e2314b42602e60305db5d376051", "parents": [ "3b25cf7c486781e018795066c3337e73ac7e526b" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Aug 07 14:52:49 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Aug 07 13:28:39 2023 +0000" }, "message": "m/p/efivarfs: allow multiple paths in LoadOption\n\nThe FilePathList in an EFI LOAD_OPTION technically allows multiple\ndevice paths separated by end of path markers. These additional paths\nbeyond the first one do not have any standardized function, but some\nEFI vendors use them to store data. Currently we fail to parse them\nbecause they contain more than one end of path marker. Fix this by\nadding an ExtraPaths field to LoadOption and implementing marshalling/\nunmarshalling for it. I chose to use a separate field in the Go\nstruct because these additional paths do not have the same functionality\nas the first one (they are not bootable).\n\nChange-Id: I96df17915966a973a7553fe9864a0b3e6f6b61e8\nReviewed-on: https://review.monogon.dev/c/monogon/+/2037\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "3b25cf7c486781e018795066c3337e73ac7e526b", "tree": "82e9b47b2ffb0614f811b57eb000c249942686d7", "parents": [ "45d6f1821bf047dbe2a71b8d21401dfb60583285" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 17 16:58:10 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Aug 07 13:27:50 2023 +0000" }, "message": "metropolis/cli/metroctl: add update command\n\nChange-Id: Iab7f930923f8009e0e14f96fc64d336614b1251e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1937\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "45d6f1821bf047dbe2a71b8d21401dfb60583285", "tree": "196dd81b11f57f665327e5e53f59a726c0488513", "parents": [ "b80b8449f4a62c797dd397d08fc0caf70776e5c0" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Aug 07 13:19:41 2023 +0000" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Aug 07 13:27:46 2023 +0000" }, "message": "metropolis/node/core/mgmt: add logging for update activation method\n\nChange-Id: Ief4ef6447ac132755df35c5742dedc5d15d71d74\nReviewed-on: https://review.monogon.dev/c/monogon/+/2029\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "b80b8449f4a62c797dd397d08fc0caf70776e5c0", "tree": "be4ca586c31d9abd9152a16d69c1839c28cf1070", "parents": [ "a4b88849c4691a1674d4427ee73a79ae8ea76460" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Aug 03 17:40:17 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Aug 07 13:04:06 2023 +0000" }, "message": "m/n/c/mgmt: unmount ESP before restarting\n\nThis provides additional reliability for the FAT32 ESP partition.\nNothing should keep persistent handles for files on the ESP. Ignore\nerrors in case anything does.\n\nChange-Id: I04bfbb82fddfc740c5c234c028de89539e91a696\nReviewed-on: https://review.monogon.dev/c/monogon/+/2032\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "a4b88849c4691a1674d4427ee73a79ae8ea76460", "tree": "c7e187fc439da01546cf701d5501dab799a91ee9", "parents": [ "d14be0eb8bcffb6ba597f26e3ad57b311ca376fc" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Aug 03 17:34:56 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Aug 07 11:37:10 2023 +0000" }, "message": "m/n/c/localstorage: fix logic error determining ESP\n\nThe OS integration of the A/B update engine has a logic error which\ncaused it to provide all partitions as ESP, of which the last one\n(the data partition) stuck.\n\nChange-Id: Ia721f9f515ca65f710f07ba25b3be68544158a7c\nReviewed-on: https://review.monogon.dev/c/monogon/+/2030\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "d14be0eb8bcffb6ba597f26e3ad57b311ca376fc", "tree": "3a1286f0eb3623db53c4cb2c880eb5a1059ae1f0", "parents": [ "c07d74efd282261c68d33d745d52a6703448c8fd" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Jul 31 16:46:14 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Aug 07 11:37:10 2023 +0000" }, "message": "m/n/c/update: implement kexec-based activation\n\nAs we\u0027ve had some issues with EFI-based slot activation and enterprise\nserver firmware is extremely slow, this implements kexec-based\nactivation. This just kexecs into the freshly-installed slot instead of\nrebooting. It still updates the BootOrder on successful boot to allow\ncold-boots if the server crashes or loses power, but no longer uses the\nNextBoot mechanism to boot into the new slot once (this is taken care of\nby kexec).\n\nChange-Id: I6092c47d988634ba39fb6bdd7fd7ccd41ceb02ef\nReviewed-on: https://review.monogon.dev/c/monogon/+/2021\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "c07d74efd282261c68d33d745d52a6703448c8fd", "tree": "d02247ddbe08318edc5e1ea5eb17c23f0a2c3435", "parents": [ "cf7bd147a0e8b61133472471eb7193566d8b1a4e" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Aug 03 17:41:23 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Aug 03 16:55:34 2023 +0000" }, "message": "m/i/t: replace loglevel\u003d0 with quiet\n\nWe should really not be using loglevel\u003d0 in tests, it hides even\ncritical errors like panics.\n\nChange-Id: I6e8dc0f2352efe7f9328faeb0c5e736a75eacb0e\nReviewed-on: https://review.monogon.dev/c/monogon/+/2033\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "cf7bd147a0e8b61133472471eb7193566d8b1a4e", "tree": "3521de5e73c456870dbbce86d907e3557593b452", "parents": [ "d07489b551c242df6ed73d07d17b47feb3827b48" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Aug 03 15:20:09 2023 +0000" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Aug 03 15:42:45 2023 +0000" }, "message": "metropolis/node: remove genrule image_gcp\n\nThis is currently very flaky and we dont use it anyway\n\nChange-Id: Idf91cdc3f45da11635a8ee78617d209665a5bbc7\nReviewed-on: https://review.monogon.dev/c/monogon/+/2028\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "d07489b551c242df6ed73d07d17b47feb3827b48", "tree": "2684f906758105cb9108c19069091a9d86ad7786", "parents": [ "8e87a062badeb7f6b93c6486925aa99c616cd8a6" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Aug 03 13:09:02 2023 +0000" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Aug 03 15:33:41 2023 +0000" }, "message": "metropolis/pkg/efivarfs: write variables with 0644 perms\n\nThe kernel creates all files with these permissions, so having different ones\nis useless.\n\nChange-Id: Iaafb6080de349f95e566bb2e4faf821864cf75e6\nReviewed-on: https://review.monogon.dev/c/monogon/+/2025\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "8e87a062badeb7f6b93c6486925aa99c616cd8a6", "tree": "73226d80fb80580c02c092d41aac59da1d94d1f9", "parents": [ "3961acd37445d5139040b910e093e759828552ad" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 31 01:33:10 2023 +0000" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Aug 03 15:33:25 2023 +0000" }, "message": "metropolis/node/core/update: set partition start and size in efi\n\nChange-Id: I1dc6b6738a375c6fc581d51494d13fbeda7b724d\nReviewed-on: https://review.monogon.dev/c/monogon/+/2026\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "3961acd37445d5139040b910e093e759828552ad", "tree": "3ed82aa3adca72268431acd88135e2afa2397468", "parents": [ "a622379880cd043e0a12ab25129801e2c63d82bb" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 02 17:55:06 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 02 16:33:55 2023 +0000" }, "message": "m/p/gpt: fix protective MBR off-by-one\n\nSince the protective MBR partition starts at block 1 (the first is the\nthe protective MBR itself) that first block needs to be subtracted from\nits size.\n\nChange-Id: I99bbb449c27596efd2dd260ffb388a9a69a09589\nReviewed-on: https://review.monogon.dev/c/monogon/+/2024\nTested-by: Jenkins CI\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "a622379880cd043e0a12ab25129801e2c63d82bb", "tree": "2b624fc68521ec72a3d018b2b71cfe755939795a", "parents": [ "0b84a9f5e2caef3f66e4d912b6ac18429dff2c2d" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Jul 31 17:13:11 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Aug 02 10:12:22 2023 +0000" }, "message": "m/n/c/consensus: fix format directive error\n\nThat %w points to err which is not actually populated in this code path.\n\nChange-Id: I025eafbd4733cb584c67af2479992c9368d414e9\nReviewed-on: https://review.monogon.dev/c/monogon/+/2022\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "0b84a9f5e2caef3f66e4d912b6ac18429dff2c2d", "tree": "e44c00c20213a01877783405929f27edc3357d79", "parents": [ "35fcf0397be02883ace364e650b3e8d9a2281e24" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jul 27 14:20:31 2023 +0000" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Aug 01 13:30:41 2023 +0000" }, "message": "metropolis/node: show build commit on startup\n\nPreviously it was not possible to identify the running version,\nwith this change the build commit and tree state gets stamped into the binary\nand printed on boot.\n\nChange-Id: I3916e3d40dc87f28a58eb74c6450218550fb3214\nReviewed-on: https://review.monogon.dev/c/monogon/+/1978\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "35fcf0397be02883ace364e650b3e8d9a2281e24", "tree": "cb1297a2e4a34eeebb9faf09b44c3b95cf603f7f", "parents": [ "ad131883747f73e51526dd6f163df23b913f69ed" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 29 04:15:58 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 27 13:58:35 2023 +0000" }, "message": "metropolis: implement A/B updates\n\nThis implements an A/B update mechanism using two slots, A and B.\nThis is realized with two system partitions as well as two EFI\nloaders/kernels.\n\nThe A/B system relies on two EFI loader entries. This has the advantage\nthat there is no preloader required, which makes the system more\nreliable as well as avoiding the complexity of having an un-updatable\npreloader (CoreOS has this issue where their GRUB2 crashed booting newer\nkernels, sadly the issue seems lost with the migration to Fedora\nCoreOS). It also means that the operator can easily override the slot\nbeing booted via the boot loader entries. Primary disadvantage is that\nit relies on EFI working somewhat to spec.\n\nNew versions are booted into only once by setting NextBoot, if the\nbootup doesn\u0027t succeed, i.e. if the boot doesn\u0027t get to a cluster rejoin\nthe next boot will be the old slot. Once it gets to this stage the\npermanent BootOrder is changed.\n\nThe EFI loaders don\u0027t know if they are slot A or B because they are\nidentical and relying on OptionalData in the boot entry to indicate the\nslot means that if the EFI boot entries go away, recovering is very hard.\nThus the loaders look at their own file name to determine what slot they\nare in. If no slot could be determined, they default to booting slot A.\nIt is planned to eventually use Authenticode Stamping (passing data in\nfake certificates) to stamp the slot into the loader without affecting\nthe TPM hash logged.\n\nChange-Id: I40de2df8ff7ff660c17d2c97f3d9eb1bd4ddf5bc\nReviewed-on: https://review.monogon.dev/c/monogon/+/1874\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "ad131883747f73e51526dd6f163df23b913f69ed", "tree": "e5dee1d605cf4df4c507529185a82b49dbb841b3", "parents": [ "cb9f3d3d495b12e26772271e368340a38244d586" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 28 16:42:20 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 27 13:58:35 2023 +0000" }, "message": "treewide: port everything to blockdev\n\nThis gets rid of most ad-hoc block device code, using blockdev for\neverything. It also gets rid of diskfs for everything but tests. This\nenables Metropolis to be installed on non-512-byte block sizes.\n\nChange-Id: I644b5b68bb7bed8106585df3179674789031687a\nReviewed-on: https://review.monogon.dev/c/monogon/+/1873\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "cb9f3d3d495b12e26772271e368340a38244d586", "tree": "ba362d7665cf7c48f246b9040ce65a506ea5b93b", "parents": [ "1e0e3a47f72a8fb251bec9a98cb3d6acffe79989" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 27 15:21:49 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 27 13:58:35 2023 +0000" }, "message": "m/p/blockdev: add darwin implementation\n\nThis adds a minimal blockdev implementation for Darwin/macOS.\nProperly implementing Discard() is left for later as it would require\nextending x/sys/unix and it is allowed to just return ErrUnsupported\nfor all calls.\n\nChange-Id: I5f3c85935301857c1f25edd8b8f9acdbe4abf4ad\nReviewed-on: https://review.monogon.dev/c/monogon/+/1977\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "1e0e3a47f72a8fb251bec9a98cb3d6acffe79989", "tree": "64f18c66ac03870d1cbbae02b91e6f14a4ebc090", "parents": [ "fd49f22e3a98d42ffe4d508a1e49ef2549fa8ecf" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 28 16:40:18 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 27 13:58:35 2023 +0000" }, "message": "m/p/blockdev: init\n\nAdds blockdev, a package providing a Go interface for generic block\ndevices as well as an implementation of it for Linux and auxiliary\ntypes.\n\nThis will replace most ad-hoc block device handling in the monorepo.\n\nChange-Id: I3a4e3b7c31a8344f7859210bbb4942977d1ad1d2\nReviewed-on: https://review.monogon.dev/c/monogon/+/1871\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "fd49f22e3a98d42ffe4d508a1e49ef2549fa8ecf", "tree": "cbca6bd43f671088aaac950a996055d1a3536b09", "parents": [ "4c6720da59d460d74487fb9bf42f42334cf191d3" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jul 20 14:27:50 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jul 26 16:49:54 2023 +0000" }, "message": "metropolis/node/core/metrics: export (controller-manager|scheduler) metrics\n\nChange-Id: Ie61551655cbf1130bb5f5beb2923dac1aa52f868\nReviewed-on: https://review.monogon.dev/c/monogon/+/1952\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "4c6720da59d460d74487fb9bf42f42334cf191d3", "tree": "b10de2997c7c711bc579e7cb38c04ffa5d86cd0d", "parents": [ "c37a886044f368ef7b0de61fc77daae8c52e74e8" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 25 14:44:19 2023 +0000" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jul 26 16:41:04 2023 +0000" }, "message": "metropolis/node/core/metrics: migrate labels to sd-meta naming scheme\n\nChange-Id: Ie5ad32d5383abbe13ff9c347d47ecc10f090bccb\nReviewed-on: https://review.monogon.dev/c/monogon/+/1971\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "c37a886044f368ef7b0de61fc77daae8c52e74e8", "tree": "5ed030955e1f57d7fb5df9fa49597e62a808e071", "parents": [ "78a538df4c1112bad6bee08509385af8d0ecc77a" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jul 19 16:33:21 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jul 26 16:39:41 2023 +0000" }, "message": "metropolis/node/core/metrics: expose etcd metrics\n\nChange-Id: Ie916d497b44c05ab51b13d0bb14f4e850291a77e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1950\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "78a538df4c1112bad6bee08509385af8d0ecc77a", "tree": "7c0c3d44f2334a2305242f768322f36a175434a9", "parents": [ "90613afdf11f7831fc0a673f2fe502c28ab93729" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jul 25 21:39:04 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jul 26 12:39:17 2023 +0000" }, "message": "t/{linux,-firmware}: fix Zenbleed (CVE-2023-20593)\n\nThis fixes the Zenbleed vulnerability by including the latest fixed\nmicrocode from linux-firmware. They don\u0027t do proper release management\nbut just tag a date approximately every month to keep distros happy.\nThus we need to use a master commit to get the fixes now.\n\nAlso update Linux to 5.15.122 to make sure that we know in case the\nmicrocode fix somehow didn\u0027t get applied.\n\nChange-Id: I5e26826e6df0f665e1a23efe8587dfb93edb2d94\nReviewed-on: https://review.monogon.dev/c/monogon/+/1974\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "90613afdf11f7831fc0a673f2fe502c28ab93729", "tree": "1f524cdd0e25a3dd28ff350803d2bc296c3d6fda", "parents": [ "88a76b7a89b3fc81b9135b1197e1ea6fd3698121" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jul 20 14:26:18 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jul 26 12:04:58 2023 +0000" }, "message": "metropolis/node/kubernetes: fix mtls authentication to (controller-manager|scheduler)\n\nPreviously it wasn\u0027t possible to authenticate against the services\nas they had no CA they trusted for the sent client certificate.\n\nChange-Id: Ic7cd2419a9e3496680a9393424c7ca1780c4d38c\nReviewed-on: https://review.monogon.dev/c/monogon/+/1951\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "88a76b7a89b3fc81b9135b1197e1ea6fd3698121", "tree": "b1ab3800149e95405b41a21bd74437c1f43c55e7", "parents": [ "4ac7112b135518b610a84a3a6db535dbb41f1fcf" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 24 13:10:33 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 26 10:47:46 2023 +0000" }, "message": "build/ci: ensure that we can build metroctl for macOS\n\nWe should probably soon have separate CI targets for different\nbuild/test kinds/targets, but this will do for now.\n\nChange-Id: I710a498f771fc8fd225c1e3b4666fb28e7421b7d\nReviewed-on: https://review.monogon.dev/c/monogon/+/1962\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "4ac7112b135518b610a84a3a6db535dbb41f1fcf", "tree": "19bcc8dd598928d6413d6721ef52ee211406a8d9", "parents": [ "e5abee60401840f9af83d9181f9ce36f886b10ce" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 24 13:08:34 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 26 10:47:46 2023 +0000" }, "message": "metropolis/node/core/rpc: decouple from pki\n\nChange-Id: I15d3e7d1142f0f95081e73c985d96f8d103df55e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1961\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "e5abee60401840f9af83d9181f9ce36f886b10ce", "tree": "9887e5c3f28cd295ec19f35a01469286530fe8b3", "parents": [ "be25a3b839debc10817670fac0c20660a87bea12" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jul 19 16:33:36 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 24 14:52:41 2023 +0000" }, "message": "metropolis/node/core/metrics: allow exporters without executables\n\nChange-Id: I8f05c5a2a59018e8979c48a0253f2c068a71e5cd\nReviewed-on: https://review.monogon.dev/c/monogon/+/1949\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "be25a3b839debc10817670fac0c20660a87bea12", "tree": "df5c6ef648ad41fb5037a53976835709737454bd", "parents": [ "b551b65225b7398ed4eb8b3361f50c7998f56ce1" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jul 19 16:31:56 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 24 14:52:41 2023 +0000" }, "message": "metropolis/test/launch/cluster: expose metrics port\n\nChange-Id: I2ef17374db665c5491f9594de2ae4474be5163a4\nReviewed-on: https://review.monogon.dev/c/monogon/+/1948\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "b551b65225b7398ed4eb8b3361f50c7998f56ce1", "tree": "3ae89cf74847693ae13f2c18063a48d4fb8563ba", "parents": [ "5d0906e1db869ddeac081567b469671a5ff25f7c" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 17 16:01:42 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 24 14:45:04 2023 +0000" }, "message": "metropolis/node/core/metrics: implement http_sd discovery endpoint\n\nWe provide prometheus metrics but dont have a way to discover all nodes,\nthis change implements a new http endpoint: /discovery. It implements the\nhttp_sd api and returns all current cluster nodes including their roles as\nlabel.\n\nChange-Id: I931a88e2afb285482d122dd059c96f9ebfab4052\nReviewed-on: https://review.monogon.dev/c/monogon/+/1934\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "5d0906e1db869ddeac081567b469671a5ff25f7c", "tree": "c12afd970111219040b457fc739823513fcb2957", "parents": [ "ffbf393575c52f7444f66d4bef86ecd81e3fdb98" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jul 20 20:23:57 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 24 14:45:04 2023 +0000" }, "message": "metropolis/test/util: move TestCurator to utils package\n\nTo use it inside other tests this change moves the TestCurator\nto allow usage inside other tests\n\nChange-Id: I75be31f490eb84e5c9bc56b65317ea5483415dcf\nReviewed-on: https://review.monogon.dev/c/monogon/+/1954\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "ffbf393575c52f7444f66d4bef86ecd81e3fdb98", "tree": "05d223a1d481de0e9725997174d45e5874fad785", "parents": [ "a004576acfd826bf8a2a3371a3fde787afb9629b" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 24 13:02:42 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 24 12:36:21 2023 +0000" }, "message": "metropolis/test/util: move in NewEphemeralClusterCredentials from rpc\n\nChange-Id: I41603b19a76ea91c2191b0118183957973fc9ccd\nReviewed-on: https://review.monogon.dev/c/monogon/+/1960\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "a004576acfd826bf8a2a3371a3fde787afb9629b", "tree": "09a029faa89414ea4e7ceaaaa4a424e2ea20f3ae", "parents": [ "9933ef0d18cf42a604fc7ed25cec3e05f8ab6368" ], "author": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Thu Jul 20 19:27:41 2023 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Fri Jul 21 12:04:38 2023 +0000" }, "message": "Set flaky\u003dTrue on roleserve_test and memory_test\n\nThese are frequent CI failures.\n\nChange-Id: Ic45f4dcd22bb608bc96da84c9de74faae1f8daab\nReviewed-on: https://review.monogon.dev/c/monogon/+/1953\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "9933ef0d18cf42a604fc7ed25cec3e05f8ab6368", "tree": "484c711598ccef01f2218564a79a8352c657958b", "parents": [ "394b67e4208e1b2f06e61ab7e69ae58f444a56d8" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 06 18:28:29 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 20 11:48:17 2023 +0000" }, "message": "m/p/efivarfs: BootOrder fixes\n\nThis doesn\u0027t need to be a pointer as it\u0027s a slice.\nThere was also a bug left in here because it previously skipped over\nthe attributes field which we now treat separately.\n\nChange-Id: Icc80496e9bc826ae11201f96a703fb80f97c478a\nReviewed-on: https://review.monogon.dev/c/monogon/+/1913\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "394b67e4208e1b2f06e61ab7e69ae58f444a56d8", "tree": "76280f2c02e4afe2f9ace484f7fd61040326df47", "parents": [ "4f28b9ed6387dc22225f5e60a78f91ab8e3d65bd" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 19 17:34:34 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jul 20 10:54:36 2023 +0000" }, "message": "m/cli/metroctl: implement buildkind\u003dlite\n\nUsers can now build metroctl with:\n\n bazel build //metropolis/cli/metroctl --//metropolis/cli/metrocli:buildkind\u003dlite\n\nTo request a metroctl built without a direct dependency on the rest of\nMetropolis. Such a metroctl tool will not be able to run `genusb`\nwithout manually specifying a metropolis bundle and metropolis installer\nkernel.\n\nChange-Id: Ic8c135392a7d0ec3120e5dbed8fd6636de578633\nReviewed-on: https://review.monogon.dev/c/monogon/+/1947\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "4f28b9ed6387dc22225f5e60a78f91ab8e3d65bd", "tree": "6b0e7b9014a99a92e23e0a5d2d7c25a8a4e566ba", "parents": [ "46a45f941632de6ef0085eee373a6c3dad5e9f53" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 19 17:11:05 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jul 20 10:54:36 2023 +0000" }, "message": "m/n/core/identity: decouple from localstorage\n\nChange-Id: I825bc7d71f9866b0052e550f0d113bd8bc726fdc\nReviewed-on: https://review.monogon.dev/c/monogon/+/1946\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "46a45f941632de6ef0085eee373a6c3dad5e9f53", "tree": "07f2b51255011347175505c94c2a99ebdb0832c4", "parents": [ "9508b12bba50625eaccadc4aacf908ba538e3dd6" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 19 17:09:52 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jul 20 10:54:36 2023 +0000" }, "message": "m/c/metroctl: move installer dependency to runfiles\n\nThis is the first step in not requiring a full Metropolis build to build\nmetroctl.\n\nThings are still actively coupled at build time, but the resulting\nbinary can now run without any embedded installer.\n\nChange-Id: I55fc53c57ac6d1d3e75a225e7d7c79bae5759b67\nReviewed-on: https://review.monogon.dev/c/monogon/+/1945\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "9508b12bba50625eaccadc4aacf908ba538e3dd6", "tree": "acaf5e1981fc98101f25924a6fb44cf827f826c5", "parents": [ "150f24a5421dc1449d79a801524a7c98754f7bca" ], "author": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Fri Jul 14 17:54:17 2023 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Wed Jul 19 15:57:32 2023 +0000" }, "message": "*: fully hermetic builds and nix shell support\n\nThis change is a slightly more polished version of Serge\u0027s experiment:\n- https://review.monogon.dev/c/monogon/+/1148\n- https://bin.monogon.dev/pasta/sloth-parrot-ant\n- https://bin.monogon.dev/pasta/eel-seal-wolf\n\nThere are two execution environments we have to support:\n\n- Most builds run inside a sandbox, which is a Fedora\n environment and does not require any host dependencies at all.\n\n- Bazel itself and the tooling we require to bootstrap\n the sandbox (mainly, Go and Proto toolchains). This has to\n work directly on the host.\n\nWe first make the sandbox fully hermetic by setting\n--experimental_use_hermetic_linux_sandbox, which set up an empty /\ninstead of mounting over individual directories, removing any remaining\nhost paths from the sandbox (except /proc and /dev/shm, which are\nrequired by some toolchains). We also force static values for the shell,\n$TMPDIR and $PATH, which would otherwise leak into the sandbox.\n\nFor the host, we use buildFHSUserEnv to build an environment which\nsupports our static toolchains, and well as a clean Bazel build\nwithout all the nixpkgs patches which would otherwise break our custom\ntoolchains and sandbox implementation.\n\nThis allows us to use the exact same toolchains on NixOS and other\ndistros for perfect reproducibility.\n\nFixes https://github.com/monogon-dev/monogon/issues/174.\nFixes https://github.com/monogon-dev/monogon/issues/175.\n\nCo-authored-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nChange-Id: I665471a45b315ce7e93ef16d9d056d7622886959\nReviewed-on: https://review.monogon.dev/c/monogon/+/1929\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "150f24a5421dc1449d79a801524a7c98754f7bca", "tree": "c4f69b7e6260a241f3d946b36eda309e2539ccba", "parents": [ "901c7326fe067707812757e4e9409f756edf0e37" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 13 20:11:06 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jul 19 12:17:34 2023 +0000" }, "message": "metropolis/test: use localregistry\n\nThis removes everything but the preseed test image from the preseed\nimage pool, instead opting to serve all test image via localregistry.\n\nThe registry API is served from a dedicated IP inside the virtual\nnetwork and forwarded to an ephemeral listener on the host. The relevant\ninfrastructure is added to the launch package.\n\nAs it is required to add configuration to containerd for this registry\nanyways as it does not and should not have TLS we take that opportunity\nto give it a descriptive name (test.monogon.internal).\n\nVisibilities of images are also adjusted as they are now referenced much\ncloser to their point of use.\n\nAgainst main this saves 51MiB in bundle size (289MiB -\u003e 238MiB).\n\nChange-Id: I31f732eb8c4ccec486204f35e3635b588fd9c85b\nReviewed-on: https://review.monogon.dev/c/monogon/+/1927\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "901c7326fe067707812757e4e9409f756edf0e37", "tree": "f07f9dc363f0448076024ec4217858dcf47bcb88", "parents": [ "3df66ebf2ae75de9e62302332412655e8fb45d04" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 13 20:10:37 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jul 19 11:54:30 2023 +0000" }, "message": "m/p/localregistry: init\n\nAdds the localregistry package, which serves Bazel-built container\nimages via the Docker/OCI V2 registry API.\n\nThis will be used to serve test images instead of preseeding them.\n\nChange-Id: I0c2ceb9a83f807c9c87ab03bc1141ca67cc64268\nReviewed-on: https://review.monogon.dev/c/monogon/+/1926\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "3df66ebf2ae75de9e62302332412655e8fb45d04", "tree": "afe917d9fa6eba01dbc9aac0b59a7a189c3c64ce", "parents": [ "f0ec0f670512f82b8e1428acd577ffe1693d1f8f" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 17 15:58:07 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 18 14:52:36 2023 +0000" }, "message": "metropolis/node/core/metrics: configure node-exporter collectors\n\nTo have a better overview over the nodes we enable additional collectors\nand tell the filesystem collector to not report high cardinality mountpoints.\n\nChange-Id: I267c7c82d671f03c037aabcb067a06fdf29aef65\nReviewed-on: https://review.monogon.dev/c/monogon/+/1933\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "f0ec0f670512f82b8e1428acd577ffe1693d1f8f", "tree": "690b280b94ed797149986fbbbd697ca216386235", "parents": [ "e95007b7090921e2aa4fdc24fea3d23f1bda048e" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 17 13:43:38 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 18 13:58:24 2023 +0000" }, "message": "metropolis/cli/metroctl: add cert export command\n\nTo scrape metrics we currently need the owner certificate in a usable format.\n\nChange-Id: Ic6695b14a764d71d9c7b698c113fe0109d5820bf\nReviewed-on: https://review.monogon.dev/c/monogon/+/1932\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "e95007b7090921e2aa4fdc24fea3d23f1bda048e", "tree": "2884539aa61dcf8a8390299869fa63999382f841", "parents": [ "5c829a4aae48ab0f81f24cde89cf8a85e4adcf3e" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 17 19:05:30 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 18 12:01:46 2023 +0000" }, "message": "metropolis/node: pretend usage of metropolis ports as node port\n\nWithout this additional change, the repair job detects that we are not\nusing the ports with a service. Since we are using them just not with a\nservice, lets just pretend to have a valid service\n\nChange-Id: Ia226415393031761bdf1d683a8389db65f76bcec\nReviewed-on: https://review.monogon.dev/c/monogon/+/1938\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "5c829a4aae48ab0f81f24cde89cf8a85e4adcf3e", "tree": "1734b3ea9565bf167405d1c4dd85a15272a76537", "parents": [ "800e7c9514c1ea5aa9267a19217086363d6d8c4d" ], "author": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Fri Jul 14 17:41:42 2023 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Mon Jul 17 10:06:40 2023 +0000" }, "message": "third_party/chrony: fix chrony source\n\nThe Git snapshot download currently returns a 500 status code.\nDownload the official release instead.\n\nChange-Id: I673584ec2ea6152ca7338bd3609d2264d31b69bd\nReviewed-on: https://review.monogon.dev/c/monogon/+/1928\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "800e7c9514c1ea5aa9267a19217086363d6d8c4d", "tree": "3543adb39b0f1ba5d84f651a2840edc885b7dce4", "parents": [ "d1c392a788043f2bd82d936a334bd01e1be97421" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jul 12 22:37:39 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 13 10:23:27 2023 +0000" }, "message": "m/p/tpm: fix garbage when logging PCRs\n\nCasting an int to a string causes it to be interpreted as a byte of an\nUTF-8 string, not converted to the respective UTF-8 character(s).\nUse strconv instead to actually convert the integers to valid UTF-8\ntext.\n\nChange-Id: I4878d9312f2fd2f2401e7fc3ba0e7a69cbca4d9e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1925\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "d1c392a788043f2bd82d936a334bd01e1be97421", "tree": "1bdf2d7a4d7a54b2d8bda0c3c729eb2c9eef90a4", "parents": [ "0553f885b84ca97384ffdb942b30c67d23166a16" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 06 19:10:56 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jul 11 10:48:05 2023 +0000" }, "message": "m/n/kubernetes: fix CSI local PV publishing\n\nExperimentally confirmed to fix pods stuck in creating because the\nmount syscall failed with ENOENT because the target directory did not\nexist. The current CSI spec now explicitly says that creation of\ntarget_path is the responsibility of the storage plugin, so let\u0027s\nactually create that directory.\n\nChange-Id: I57d8086f2e70040095206c36e4302b352d06bb84\nReviewed-on: https://review.monogon.dev/c/monogon/+/1914\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "0553f885b84ca97384ffdb942b30c67d23166a16", "tree": "aacfd7d09e462de3c5cfc4cb5cb23840e0b5f6c3", "parents": [ "93910e666218954def8e1e3b304909f7dbb7a1b5" ], "author": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Sat Jul 08 22:13:30 2023 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Mon Jul 10 11:33:56 2023 +0000" }, "message": "webug: shrink tabs in monospace areas\n\nThis makes prototxt output more readable by saving\nsome horizontal space.\n\nChange-Id: Ia0703f280dfb8c8dd9e3899cc20cefc81773d1e1\nReviewed-on: https://review.monogon.dev/c/monogon/+/1921\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "93910e666218954def8e1e3b304909f7dbb7a1b5", "tree": "bc584ab34d4c5e0caa094d94bcee99ccf01f50a7", "parents": [ "7d1a0dee36f43f232481eb7ca4ec5d520a526907" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jul 06 16:15:06 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jul 06 23:09:14 2023 +0000" }, "message": "m/n/core/curator: fix clusternet sync issues\n\nClusternet sync was broken whenever a node just started a curator\nwatcher, as the curator\u0027s codepath to serve the backlog wasn\u0027t copying\nover clusternet data.\n\nThis shouldn\u0027t have happened, especially as we implemented a unified\nfunction to convert node data into node update data, we just forgot to\nuse it during the initial backlog generation code on the curator.\n\nI\u0027ve spent some time trying to come up with a testcase that would\nautomatically catch any further bug of this type, but that\u0027s not really\ndoable without having more formalized type casts between all the\ndifferent types a node can be encoded in (curator in-memory, curator\nproto state, api node object). But we do still update one of the curator\ntests to catch this particular regression.\n\nChange-Id: I203d9a41b735db63d076c7e68a9fc6fe2f795ab4\nReviewed-on: https://review.monogon.dev/c/monogon/+/1912\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "7d1a0dee36f43f232481eb7ca4ec5d520a526907", "tree": "f63118614604040cdea0edfbfd7b644a124e8cda", "parents": [ "0300077941db0edfdcac0ae42e4a5dad3e8d3fd7" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 05 01:17:15 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 05 09:31:04 2023 +0000" }, "message": "m/cli/metroctl: implement `k8s configure` command\n\nChange-Id: I3da7a627b1ada462e62b739bde2073743262e23e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1905\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "0300077941db0edfdcac0ae42e4a5dad3e8d3fd7", "tree": "979cfc5f4269d3428b725acd79b9a216db8a6f82", "parents": [ "a2ee88d585b9b8603f47544c95f09b380b92b5e2" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 03 02:19:28 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 04 18:58:49 2023 +0000" }, "message": "metropolis/node: allow all ports as NodePorts except special ones\n\nAs we dont have hostPort implemented we can only provide NodePorts to\napplications. To allow apps to use all ports we have to increase the range\nbut have to prevent them from using reserved metropolis ones. This is\ncurrently prevented by patching the allocator and hardcode all of them.\n\nChange-Id: I7c0e8b17643d1ec03e1a1b678bc6276881b1c5e5\nReviewed-on: https://review.monogon.dev/c/monogon/+/1884\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "a2ee88d585b9b8603f47544c95f09b380b92b5e2", "tree": "c92d30b80722b0c47130e35fde86c20875471659", "parents": [ "f83f5037ab5e09b7c57a01fe7ff3c2eba3b69f4c" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 04 14:58:10 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 04 18:58:45 2023 +0000" }, "message": "cloud: package scruffy into the cloud container bundle\n\nChange-Id: Ic82e2d530dd4a3f97c4985427754d38ad4afcfc1\nReviewed-on: https://review.monogon.dev/c/monogon/+/1896\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "f83f5037ab5e09b7c57a01fe7ff3c2eba3b69f4c", "tree": "99286697f55a59cd15a6331ee64a70b0e046d3cc", "parents": [ "7e0649b4ea4e450dde5ea309d984209226d995a3" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 04 14:59:14 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 04 18:58:40 2023 +0000" }, "message": "WORKSPACE: add gazelle generate directive for this monorepo\n\nTo allow usage of metropolis code inside other repositories via e.g.\npatches, we need to expose metropolis as gazelle repository\n\nChange-Id: I07ab413d66aef2be67f78c80ad8202204e788d76\nReviewed-on: https://review.monogon.dev/c/monogon/+/1897\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "7e0649b4ea4e450dde5ea309d984209226d995a3", "tree": "6491043e47a6e8288c3e0887666f21103b6e5812", "parents": [ "0e06e57b7d9a3cc6050bfacfeead3eb54ec8fd29" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jul 04 18:07:34 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jul 04 18:58:09 2023 +0000" }, "message": "third_party/go: remove etcd-fix-stub.patch\n\nThis doesn\u0027t seem to be necessary anymore, tests pass without this.\n\nChange-Id: Ia56b49f7b1c96978af45b42bb72b4618344f08d2\nReviewed-on: https://review.monogon.dev/c/monogon/+/1902\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "0e06e57b7d9a3cc6050bfacfeead3eb54ec8fd29", "tree": "e3e6e2b894c55d84295fb949902fb5c9f7297115", "parents": [ "5308730b6181304ae1d34acf0f2bea6c4cb65339" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jul 04 17:41:22 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jul 04 18:58:06 2023 +0000" }, "message": "third_party/go: remove unreferences patches\n\nChange-Id: Idd00b552c621e3a227fc097e175f0c82fa1a7249\nReviewed-on: https://review.monogon.dev/c/monogon/+/1901\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "5308730b6181304ae1d34acf0f2bea6c4cb65339", "tree": "f54596d0c24dd78aa64a97c72d24763b8892e818", "parents": [ "12c814085ac4b58922ca5d88ee571b8ee5ee7ece" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 27 16:36:31 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 04 10:47:13 2023 +0000" }, "message": "cloud/bmaas/bmdb: correctly handle installation report\n\nPreviously we ignored the result of an installation report.\nThe bmdb does now store the result and correctly triggers\na recovery flow of the installation fails.\n\nChange-Id: Ie8445cf9178ba84c6362b61ef8fa47208ab690be\nReviewed-on: https://review.monogon.dev/c/monogon/+/1865\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "12c814085ac4b58922ca5d88ee571b8ee5ee7ece", "tree": "a392fb27ca7e53b9e528e1b1bba7125dcf7e3ac0", "parents": [ "72a903fb7b60d629a8f25a2eadf34c7fa1948c10" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 03 02:16:08 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 03 13:55:41 2023 +0000" }, "message": "cloud/shepherd/equinix/cli: replace old argument handling and wrong loop\n\nChange-Id: I1c1657432296170a6a214d4a5907c86c8a3daeec\nReviewed-on: https://review.monogon.dev/c/monogon/+/1883\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "72a903fb7b60d629a8f25a2eadf34c7fa1948c10", "tree": "1189b483e1984a0e26fc20aac901d32264f3b1fc", "parents": [ "521a83591361c7c0353944a1e742eb70e013cf9b" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 27 15:49:36 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 03 13:50:27 2023 +0000" }, "message": "cloud/shepherd/equinix/cli: Rename servers before deletion\n\nThis avoids collisions when redeploying servers\n\nChange-Id: I94c8c5e0b1b601ee6513f7baddb251053ce9430b\nReviewed-on: https://review.monogon.dev/c/monogon/+/1864\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "521a83591361c7c0353944a1e742eb70e013cf9b", "tree": "63f4d9499151fb7416318f0f2bdc12f3c1f37523", "parents": [ "a0bc6d3f0ce4f3a73eb0019e4f18f508ee36ce21" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 29 12:38:17 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 03 13:40:32 2023 +0000" }, "message": "m/n/core/clusternet: avoid spurious updates, log more\n\nThis should make debugging\nhttps://github.com/monogon-dev/monogon/issues/235 easier, as I haven\u0027t\nbeen able to replicate it locally.\n\nChange-Id: I23f1a1d3d22841558e0db3e32b76b8bb8319fd3d\nReviewed-on: https://review.monogon.dev/c/monogon/+/1876\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "a0bc6d3f0ce4f3a73eb0019e4f18f508ee36ce21", "tree": "6f77b3184d1cd558dfd8f29437fb61c2e74df431", "parents": [ "3722025f8ed0b46eb7f48c7c0fbfc53de9e84340" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 28 18:57:40 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 03 08:03:11 2023 +0000" }, "message": "m/test/e2e: split core/kubernetes tests, clean up\n\nThis splits the large TestE2E function into two separate functions and\ntests: one which exercises the core functionality of Kubernetes, the\nother which exercises just the Kubernetes bits.\n\nThis allows for easier testing during development, and generally trades\noff higher resources usage for faster execution time in CI.\n\nAt the same time we do some small cleanups of the E2E functionality:\n\n 1. Node startup is now parallelized.\n 2. Non-bootstrap nodes can now be left in NEW (this was used in\n diagnosing issue #234, but it currently unused in the main code).\n 3. Kubernetes access now goes over SOCKS.\n 4. Some Cluster helper functions have been added.\n\nAll in all this should allow us writing more E2E tests in the future,\nand at some point also maybe turn Cluster into an interface that is\nimplemented both by the current framework but also some persistent tests\nrunning against long-term VMs/physical machines.\n\nChange-Id: Ia4586b2aaa5fc8c979d35f4b49513638481e4c10\nReviewed-on: https://review.monogon.dev/c/monogon/+/1870\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "3722025f8ed0b46eb7f48c7c0fbfc53de9e84340", "tree": "34c8a1fbe2a6996ace1fe1b9e893b550bffd9ba3", "parents": [ "ca1cff0f214a1ed5ee967d421f5fe1fd5afa756d" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 29 12:39:08 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 29 10:46:39 2023 +0000" }, "message": "m/n/core/devmgr: load modules in separate goroutines\n\nIf we spend too much time processing kobject uevents, we get an ENOBUFS\nerror:\n\n root.devmgr: error receiving kobject uevent: no buffer space available\n\nThis is a hot-fix for this issue. A better solution would be to have a\nsingle goroutine that handles all loading in order to avoid goroutine\nleaks. But this will do for now.\n\nChange-Id: Id085e1e489760c33b1f278dd7c17bf58c01bdad8\nReviewed-on: https://review.monogon.dev/c/monogon/+/1877\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "ca1cff0f214a1ed5ee967d421f5fe1fd5afa756d", "tree": "7ea16e63681ad4695f7d7cd1115c0168fc553d4b", "parents": [ "4599aa2dfa42a7b694ad295bc700db03de96d7f5" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Jun 26 17:52:44 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 29 10:41:38 2023 +0000" }, "message": "m/p/efivarfs: refactor\n\nThis accomplishes three things:\n\nFirst, split out the variable access layer from the rest of the code.\nThis cleans up the attribute handling, which is now done centrally as\nwell as making the high-level functions very short and clean. They now\nalso return better errors.\n\nSecond this introduces proper types for LoadOption, which can now also\nbe unmarshaled which was a requirement for A/B updates. This required\nimplementation of EFI\u0027s DevicePath structure.\nWhile refactoring the higher-level functions for this, this also\nfixes a bug where the variable index (the 4 hex nibbles at the end) were\nimproperly generated as lowercase hex.\n\nThird, this adds new high-level functions for interacting with more\nboot-related variables needed for the A/B effort.\n\nChange-Id: I53490fa4898a5e7a5498ecc05a9078bd2d66c26e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1855\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "4599aa2dfa42a7b694ad295bc700db03de96d7f5", "tree": "411035d2b647dcb1adc68db8f22c4384befa8294", "parents": [ "6f5995153827f2b191cc2faebe21ca58764af33b" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 28 13:09:32 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 28 12:20:57 2023 +0000" }, "message": "m/n/k8s: fix start after unclean shutdown\n\nBoth the kvmdevice as well as the CSI runnables listen on Unix sockets.\nThese are normally removed on close (this is actually the default for\nsockets opened wiht ListenUnix, thus drop setting this), but when an\nunclean shutdown occurs they persist. Since one cannot listen on an\nalready-existing socket, opportunistically remove them before listening.\n\nChange-Id: I11d986a2816fde3d7ffef0817ae3bbf39bba4faf\nReviewed-on: https://review.monogon.dev/c/monogon/+/1867\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "6f5995153827f2b191cc2faebe21ca58764af33b", "tree": "e80d2e3c933116c3488145949d9114de8576511f", "parents": [ "de097947a7c54f1d5e0abb30b18539637a3245d2" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Apr 26 19:08:19 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 27 19:40:23 2023 +0000" }, "message": "cloud/bmaas/bmdb/scruffy: initialize, implement BMDB metrics\n\nThis creates a new BMaaS component, Scruffy the Janitor.\n\nScruffy will run a bunch of housekeeping jobs that aren\u0027t tied to a\nparticular provider or even region. Currently Scruffy just collects BMDB\nmetrics by periodically polling the BMDB SQL database.\n\nChange-Id: Icafa714811757eaaf31fed43184ded8512bde067\nReviewed-on: https://review.monogon.dev/c/monogon/+/1819\nTested-by: Jenkins CI\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "de097947a7c54f1d5e0abb30b18539637a3245d2", "tree": "579a5de8cd4cb379d708f676bb6897acee00dffc", "parents": [ "d69848409ba4f34102f709f591e1432e6b458856" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 27 13:55:10 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 27 19:40:23 2023 +0000" }, "message": "go/algorithm/cartesian: implement cartesian product\n\nChange-Id: I9553266ce64a104f5b8bab2e83d9d7234994cd4b\nReviewed-on: https://review.monogon.dev/c/monogon/+/1863\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "d69848409ba4f34102f709f591e1432e6b458856", "tree": "0dbd46449cb0fa070835f2238c4eda5edbb72461", "parents": [ "a551c58f3ceb3af37e5e596c3b5fc84609d6e429" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 27 11:31:48 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 27 10:19:47 2023 +0000" }, "message": "intellij: update patch\n\nBroken by upstream: https://github.com/bazelbuild/intellij/commit/464dbd5cfbbe9b63b928d9b5b01e3156a9b2ec95\n\nChange-Id: I41bc0f333ea68636c35721dfc9d60c35ed687cd8\nReviewed-on: https://review.monogon.dev/c/monogon/+/1859\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "a551c58f3ceb3af37e5e596c3b5fc84609d6e429", "tree": "90f380e1401e6da73762c027c5fb4df9dd357774", "parents": [ "8481f7506b4c67de54fa96b5510007dc2c66a348" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 27 01:09:09 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 27 10:07:47 2023 +0000" }, "message": "m/t/e2e: adapt runtime test\n\nSince we\u0027re now defaulting to runc, test gVisor separately instead of\nrunc.\n\nChange-Id: Idbf9c961526ea82e20113286fd801553ad785aa9\nReviewed-on: https://review.monogon.dev/c/monogon/+/1858\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "8481f7506b4c67de54fa96b5510007dc2c66a348", "tree": "591d0e285c1d36aeb813b75c0f8d76e62b688a2d", "parents": [ "a380d67c4f648aaf576adba0ea22d40d3782bf44" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 27 00:51:28 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 27 10:07:32 2023 +0000" }, "message": "m/n/c/network: fix SNAT\n\nThe previous change to this broke clusternet as it tried to masquerade\ntraffic destined to that interface, but that is an unnumbered interface,\ncausing the masquerade to fail and all inter-node traffic to be\nrejected. Fix this by including the clusternet interface in the list of\ninterfaces not to NAT for.\n\nChange-Id: I4a79a1978b1aa449fca1dd2d0a2b0a5decc63ea8\nReviewed-on: https://review.monogon.dev/c/monogon/+/1857\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "a380d67c4f648aaf576adba0ea22d40d3782bf44", "tree": "eead98807b56e6ab66eca83102119c5a5477209c", "parents": [ "7053598586ab00378938c245b7ad748f671a991d" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jun 26 13:17:42 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jun 26 13:48:52 2023 +0000" }, "message": "m/n/core/rpc/resolver: log current processor state on watcher error\n\nWe seem to be having some resolvers getting stuck in production like so:\n\nI0626 09:52:39.708844 resolver.go:275] CURUPDATE: error in loop: when receiving node: rpc error: code \u003d Unimplemented desc \u003d unknown service metropolis.node.core.curator.proto.api.Curator\nI0626 09:52:39.708850 resolver.go:276] CURUPDATE: retrying in 10.040771699s...\n\nThis introduces extra logging that should help us figure out what\nexactly broke, or at least bring us a bit closer to figuring it out.\n\nChange-Id: I658cff6ae86e9124141b5d2c36dceafa377842e9\nReviewed-on: https://review.monogon.dev/c/monogon/+/1852\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "7053598586ab00378938c245b7ad748f671a991d", "tree": "fd52caf5360282ca315e98e407a4d42f906a2800", "parents": [ "60d6b902d66a4c5c0a2a926c85936935106b9180" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 22 19:37:38 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jun 26 11:44:11 2023 +0000" }, "message": "m/n/c/rpc/resolver: dampen curator updates\n\nThis makes the resolver only process node updates if some curator data\nwas actually changed.\n\nFixes https://github.com/monogon-dev/monogon/issues/233\n\nChange-Id: I790adfc4aa3562864faf807d32ac00d9e3bd0bea\nReviewed-on: https://review.monogon.dev/c/monogon/+/1851\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "60d6b902d66a4c5c0a2a926c85936935106b9180", "tree": "d0d690bb830ebd611318626110db510015b5ce58", "parents": [ "62a1edd234557c46facfd23661ff08c37c8e911f" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 20 16:02:40 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Jun 26 11:34:08 2023 +0000" }, "message": "m/p/gpt: switch to msguid\n\nReplaces the old UUID mangling code with the newly-introduced msguid.\n\nChange-Id: I667e41c28959b4b95265c1ffdcf7f5bfcad4083d\nReviewed-on: https://review.monogon.dev/c/monogon/+/1850\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "62a1edd234557c46facfd23661ff08c37c8e911f", "tree": "7555b7996b1761d6eef4777a2ea482520b2c1db2", "parents": [ "b390d715897e29064102257f4837959e694f9bf9" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 20 16:01:44 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Jun 26 11:34:03 2023 +0000" }, "message": "m/p/msguid: init\n\nAdds a new msguid package which contains functions for encoding and\ndecoding Microsoft\u0027s mixed-endian GUID/UUID format. This format is\nused by Microsoft as well as a bunch of UEFI-related standards.\n\nChange-Id: Icca8ef7ad7f7359808ea7f19e3824639f7b1e2eb\nReviewed-on: https://review.monogon.dev/c/monogon/+/1849\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "b390d715897e29064102257f4837959e694f9bf9", "tree": "4d705eb9b84b87f3be6c3da31d24bf959da1f768", "parents": [ "3546615448c39dff683bb1723344ed283b279d46" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 21:47:59 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jun 26 09:32:41 2023 +0000" }, "message": "m/n/c/curator: clean up stale leader election after reboot\n\nThis is useful if we reboot a leader and it comes back while its\u0027 old\nstale leader election key/value is present.\n\nWithout this, other nodes would continue to connect to the newly\nrebooted leader even though it is not a leader anymore, confusing\nthemselves and cluster operators in the process.\n\nChange-Id: I306e7040550084ef39ab20c3c289a3137145a2d9\nReviewed-on: https://review.monogon.dev/c/monogon/+/1845\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "3546615448c39dff683bb1723344ed283b279d46", "tree": "ed3285dfa7a0adcc76f64766707a28e24d0373e4", "parents": [ "2f7e0a281e72ae45fff6c4d79934442367475b81" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jun 14 20:01:11 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jun 22 17:12:03 2023 +0000" }, "message": "m/n/core/localstorage/crypt: read partition data from uevent\n\nPreviously we only checked the blockdevices itself,\nbut in the real-world the minor-id is not always the partition offset.\nThis scans all blockdevs that are partitions and creates them correctly\n\nChange-Id: I8f3d99761e9e883783b398496ec8b35f28f3557d\nReviewed-on: https://review.monogon.dev/c/monogon/+/1813\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "2f7e0a281e72ae45fff6c4d79934442367475b81", "tree": "4dcd2233a274bef4645c4bfbbbd62f072d11481a", "parents": [ "c49b207a66a994ccda382d685022d08cbd9ee582" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 22 16:56:13 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 22 16:36:33 2023 +0000" }, "message": "m/node: enlarge K8s networks\n\nFor bigger clusters, the current 10.0.0.0/16 subnet is far too small.\nSwitch to 10.192.0.0/11 which should be out of the way of most of our\ntest infra and is large enough for 8192 nodes with 253 pods which is\nbig enough for the time being. Also migrate the service network\nto 10.224.0.0/16 and make it much bigger. It does not need to be in the\npod CIDR, so move it out of there.\nBut for large clusters this will continue to be a problem until we have\na better allocation algorithm or switch to IPv6 with 464xlat (which\nis not supported on Linux currently however).\n\nChange-Id: Ib3a019fffacec2172721f04c01133b44bffba73b\nReviewed-on: https://review.monogon.dev/c/monogon/+/1848\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "c49b207a66a994ccda382d685022d08cbd9ee582", "tree": "b0eed5a22bdb110ea4c115a2bea403e1e00e5dc2", "parents": [ "51a3ed59a1408fe5d8103dca5b6a04dbaa4e5b6a" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 23:12:01 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 22 12:38:25 2023 +0000" }, "message": "m/n/core/net/hostsfile: do not stomp over cluster directory\n\nIf we join a cluster after reboot, we already have a cluster directory\non the ESP. We should not write over it with an empty one, but instead\nwait until we\u0027ve received a recent copy of it from the cluster.\n\nFixes https://github.com/monogon-dev/monogon/issues/228\n\nChange-Id: Ibbfa23009eaa9feb99a332ac0c5e17dd89aea7bf\nReviewed-on: https://review.monogon.dev/c/monogon/+/1846\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "51a3ed59a1408fe5d8103dca5b6a04dbaa4e5b6a", "tree": "b17dd748b088b4c7899c4aee0a1ab862a59509b4", "parents": [ "186109c55db3121749311fc2e954be0eaccdf249" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 21 16:45:15 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 22 12:33:31 2023 +0000" }, "message": "m/n/k/containerd: change default runtime to runc\n\nFor high-security usecases it might still make sense to force gVisor,\nbut generally people expect runc as the default runtime. gVisor can\nstill be used by specifying a runtimeclass in the pod.\n\nChange-Id: Idc02275fd00c2a7dff3ce6949268294afa5644eb\nReviewed-on: https://review.monogon.dev/c/monogon/+/1839\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "186109c55db3121749311fc2e954be0eaccdf249", "tree": "d65cd1416c480bf517bede017f5688ad4352e0ab", "parents": [ "d2fc01fb49e7f1decb534a9ae8da7ba8814406d9" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 16:57:36 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 21:52:37 2023 +0000" }, "message": "m/n/core/roleserve: persist node roles across reboots\n\nThis allows us nodes to attempt to bring up some services before they\nget fully connectivity to the cluster.\n\nThis is especially useful if a node cannot establish connectivity to the\ncluster, eg. because it\u0027s the only control plane node that just started\nup.\n\nFixes https://github.com/monogon-dev/monogon/issues/226\n\nChange-Id: I030ccc02851e74ceb8dc043203083aa5b6854b55\nReviewed-on: https://review.monogon.dev/c/monogon/+/1842\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "d2fc01fb49e7f1decb534a9ae8da7ba8814406d9", "tree": "3b4991d6c8cd45e40066dbc1ebe9c66b508d10ce", "parents": [ "6a09bd5dbf49c438dc9c5743c8724ddc6efbe505" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 16:49:23 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 21:52:37 2023 +0000" }, "message": "m/n/core/n/hostsfile: only persist control plane nodes in ClusterDirectory\n\nThis fixes some ugly startup issues where a node attempts to communicate\nvia control plane protocols to nodes that have no chance of running the\ncontrol plane.\n\nIn general, the Cluster Directory predates the split between control\nplane and worker nodes, and its definition should likely be formally\nupdated to only contain control plane nodes.\n\nChange-Id: Ie290829a010aef0c3a587326e864fe93bf991220\nReviewed-on: https://review.monogon.dev/c/monogon/+/1840\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "6a09bd5dbf49c438dc9c5743c8724ddc6efbe505", "tree": "d4829766a1844f761187c70a44b5101363d8637c", "parents": [ "eca5af965b6d95d953066a298ee896791ee00796" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 21 17:40:32 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 21 16:04:12 2023 +0000" }, "message": "m/n/c/network: make SNAT generic\n\nThis changes the SNAT/Masquerade rule from being a thing set up per\ninterface which was only implemented by the dynamic network runnable to\na generic rule set up by the general network service part shared between\nthe static and dynamic implementations. It also tries to avoid NATing\nhost-originated traffic. Matching on interface names is argubly ugly but\nthe alternative is patching CNI plugins, which is also ugly.\n\nChange-Id: I7ec40fc244ae4689b6f96ab87dbebe9a6c43dd70\nReviewed-on: https://review.monogon.dev/c/monogon/+/1844\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "eca5af965b6d95d953066a298ee896791ee00796", "tree": "095d92aeddcd7861b4c204bc2a9abb5db24977cb", "parents": [ "2876efab007ae58856891dbe5cb3e985d948c6d9" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:31:37 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 15:01:58 2023 +0000" }, "message": ".bazelrc: add go tags: {net,osuser}go\n\nThis makes our code not use glibc-based implementations of user and host\nresolution even when cgo is enabled for race detection.\n\nChange-Id: I162105ef58291dc225fb158b56c93cfb7bce9a54\nReviewed-on: https://review.monogon.dev/c/monogon/+/1834\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "2876efab007ae58856891dbe5cb3e985d948c6d9", "tree": "25d2194ef0afd0337d12725dc5848ad870923a22", "parents": [ "83b2a3612d375d60f97500352c1f8a2197c99645" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:30:40 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 15:01:51 2023 +0000" }, "message": "third_party/go: disable btrfs in containerd\n\nThis makes sure that if we build with cgo enabled (for race testing) we\nstill don\u0027t attempt to build btrfs.\n\nChange-Id: Ic608188ad1dc0b21c9f1822afa2b455bfd56959f\nReviewed-on: https://review.monogon.dev/c/monogon/+/1830\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "83b2a3612d375d60f97500352c1f8a2197c99645", "tree": "aba96d8a6503d92983f365dd27fa7e81f511c53c", "parents": [ "9fd3c3de3d48f328c5771f3659235774aa7df984" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jun 14 22:15:25 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 20 16:36:17 2023 +0000" }, "message": "m/n/core/cluster: dont print cluster directory\n\nIf a cluster has hundreds of nodes, the bootup will print all of them.\nWhen you have a particularly slow serial connection,\nit can hide crash reports and other more important messages.\n\nChange-Id: I50b75795ec3ebadefe364bf94c3b907c257ffa71\nReviewed-on: https://review.monogon.dev/c/monogon/+/1821\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "9fd3c3de3d48f328c5771f3659235774aa7df984", "tree": "ed1c39faa59c9bfd6a3bdd6a2bdfe6814c73e2f6", "parents": [ "9739a4f0d1a48cbc4e9f6092d3bd471e833bb8c0" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:18:36 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:19:54 2023 +0000" }, "message": "build/toolchain/musl-host-gcc: handle non-workspace-root execution\n\nThis is needed to build stdlib with cgo, which is in turn required for\nthe race checker to be enabled.\n\nChange-Id: Ic81542925a02c626f157dfd8c6650de3dbb30c7d\nReviewed-on: https://review.monogon.dev/c/monogon/+/1832\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "9739a4f0d1a48cbc4e9f6092d3bd471e833bb8c0", "tree": "a0d1048b3a37d0050b0ff5aba250435c039d29be", "parents": [ "30021af6eaf9f2963d83314c283ebdd23fff2674" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:40:21 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:19:47 2023 +0000" }, "message": "build: add cgo to nogo exceptions\n\nSeems like cgo is placing some files in a separate directory in the\nworkspace root.\n\nChange-Id: Icd94dec7281350339f0b1dd88d61556d75982d64\nReviewed-on: https://review.monogon.dev/c/monogon/+/1836\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "30021af6eaf9f2963d83314c283ebdd23fff2674", "tree": "b8be79d10a869ebb1e2aac4a5a89ce187206bb60", "parents": [ "ea6353fd49b3978cfef7f99ada99a99f8bc10715" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:30:11 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:19:43 2023 +0000" }, "message": "metropolis/node/build: allow impure code in root if race checking is enabled\n\nThis allows us to build the root filesystem with race detection enabled.\n\nChange-Id: I370ce2114090f828f0d9843fd4a7dc87c47bd153\nReviewed-on: https://review.monogon.dev/c/monogon/+/1835\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "ea6353fd49b3978cfef7f99ada99a99f8bc10715", "tree": "b854dec6f99a7555abc32b1ca27b74b2af815294", "parents": [ "98a6cccb052c5d17f4f2429edf41d57bd74b7ffd" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:08:55 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:18:34 2023 +0000" }, "message": "metropolis/clusternet: fix race condition\n\nThis gives the wireguard backend a copy of the peer data instead of a\npointer into mutable memory.\n\nChange-Id: I47ee83f3d484cc809c35d2e1779b519ec60c7c78\nReviewed-on: https://review.monogon.dev/c/monogon/+/1825\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "98a6cccb052c5d17f4f2429edf41d57bd74b7ffd", "tree": "da656463788abd785a884743e5c5f75e0da7f7c7", "parents": [ "c1ce95f7e86c74a76ae2b29986905cb34cb19e56" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:09:12 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:18:27 2023 +0000" }, "message": "metropolis/consensus: fix race condition\n\nThis returns a copy of each status, instead of the same status, possibly\nmutated.\n\nChange-Id: Ic4ed425a38b001b0139a81c46c61af551b966166\nReviewed-on: https://review.monogon.dev/c/monogon/+/1826\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" } ], "next": "c1ce95f7e86c74a76ae2b29986905cb34cb19e56" }