)]}' { "log": [ { "commit": "be25a3b839debc10817670fac0c20660a87bea12", "tree": "df5c6ef648ad41fb5037a53976835709737454bd", "parents": [ "b551b65225b7398ed4eb8b3361f50c7998f56ce1" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jul 19 16:31:56 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 24 14:52:41 2023 +0000" }, "message": "metropolis/test/launch/cluster: expose metrics port\n\nChange-Id: I2ef17374db665c5491f9594de2ae4474be5163a4\nReviewed-on: https://review.monogon.dev/c/monogon/+/1948\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "b551b65225b7398ed4eb8b3361f50c7998f56ce1", "tree": "3ae89cf74847693ae13f2c18063a48d4fb8563ba", "parents": [ "5d0906e1db869ddeac081567b469671a5ff25f7c" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 17 16:01:42 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 24 14:45:04 2023 +0000" }, "message": "metropolis/node/core/metrics: implement http_sd discovery endpoint\n\nWe provide prometheus metrics but dont have a way to discover all nodes,\nthis change implements a new http endpoint: /discovery. It implements the\nhttp_sd api and returns all current cluster nodes including their roles as\nlabel.\n\nChange-Id: I931a88e2afb285482d122dd059c96f9ebfab4052\nReviewed-on: https://review.monogon.dev/c/monogon/+/1934\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "5d0906e1db869ddeac081567b469671a5ff25f7c", "tree": "c12afd970111219040b457fc739823513fcb2957", "parents": [ "ffbf393575c52f7444f66d4bef86ecd81e3fdb98" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jul 20 20:23:57 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 24 14:45:04 2023 +0000" }, "message": "metropolis/test/util: move TestCurator to utils package\n\nTo use it inside other tests this change moves the TestCurator\nto allow usage inside other tests\n\nChange-Id: I75be31f490eb84e5c9bc56b65317ea5483415dcf\nReviewed-on: https://review.monogon.dev/c/monogon/+/1954\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "ffbf393575c52f7444f66d4bef86ecd81e3fdb98", "tree": "05d223a1d481de0e9725997174d45e5874fad785", "parents": [ "a004576acfd826bf8a2a3371a3fde787afb9629b" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 24 13:02:42 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 24 12:36:21 2023 +0000" }, "message": "metropolis/test/util: move in NewEphemeralClusterCredentials from rpc\n\nChange-Id: I41603b19a76ea91c2191b0118183957973fc9ccd\nReviewed-on: https://review.monogon.dev/c/monogon/+/1960\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "a004576acfd826bf8a2a3371a3fde787afb9629b", "tree": "09a029faa89414ea4e7ceaaaa4a424e2ea20f3ae", "parents": [ "9933ef0d18cf42a604fc7ed25cec3e05f8ab6368" ], "author": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Thu Jul 20 19:27:41 2023 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Fri Jul 21 12:04:38 2023 +0000" }, "message": "Set flaky\u003dTrue on roleserve_test and memory_test\n\nThese are frequent CI failures.\n\nChange-Id: Ic45f4dcd22bb608bc96da84c9de74faae1f8daab\nReviewed-on: https://review.monogon.dev/c/monogon/+/1953\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "9933ef0d18cf42a604fc7ed25cec3e05f8ab6368", "tree": "484c711598ccef01f2218564a79a8352c657958b", "parents": [ "394b67e4208e1b2f06e61ab7e69ae58f444a56d8" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 06 18:28:29 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 20 11:48:17 2023 +0000" }, "message": "m/p/efivarfs: BootOrder fixes\n\nThis doesn\u0027t need to be a pointer as it\u0027s a slice.\nThere was also a bug left in here because it previously skipped over\nthe attributes field which we now treat separately.\n\nChange-Id: Icc80496e9bc826ae11201f96a703fb80f97c478a\nReviewed-on: https://review.monogon.dev/c/monogon/+/1913\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "394b67e4208e1b2f06e61ab7e69ae58f444a56d8", "tree": "76280f2c02e4afe2f9ace484f7fd61040326df47", "parents": [ "4f28b9ed6387dc22225f5e60a78f91ab8e3d65bd" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 19 17:34:34 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jul 20 10:54:36 2023 +0000" }, "message": "m/cli/metroctl: implement buildkind\u003dlite\n\nUsers can now build metroctl with:\n\n bazel build //metropolis/cli/metroctl --//metropolis/cli/metrocli:buildkind\u003dlite\n\nTo request a metroctl built without a direct dependency on the rest of\nMetropolis. Such a metroctl tool will not be able to run `genusb`\nwithout manually specifying a metropolis bundle and metropolis installer\nkernel.\n\nChange-Id: Ic8c135392a7d0ec3120e5dbed8fd6636de578633\nReviewed-on: https://review.monogon.dev/c/monogon/+/1947\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "4f28b9ed6387dc22225f5e60a78f91ab8e3d65bd", "tree": "6b0e7b9014a99a92e23e0a5d2d7c25a8a4e566ba", "parents": [ "46a45f941632de6ef0085eee373a6c3dad5e9f53" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 19 17:11:05 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jul 20 10:54:36 2023 +0000" }, "message": "m/n/core/identity: decouple from localstorage\n\nChange-Id: I825bc7d71f9866b0052e550f0d113bd8bc726fdc\nReviewed-on: https://review.monogon.dev/c/monogon/+/1946\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "46a45f941632de6ef0085eee373a6c3dad5e9f53", "tree": "07f2b51255011347175505c94c2a99ebdb0832c4", "parents": [ "9508b12bba50625eaccadc4aacf908ba538e3dd6" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 19 17:09:52 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jul 20 10:54:36 2023 +0000" }, "message": "m/c/metroctl: move installer dependency to runfiles\n\nThis is the first step in not requiring a full Metropolis build to build\nmetroctl.\n\nThings are still actively coupled at build time, but the resulting\nbinary can now run without any embedded installer.\n\nChange-Id: I55fc53c57ac6d1d3e75a225e7d7c79bae5759b67\nReviewed-on: https://review.monogon.dev/c/monogon/+/1945\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "9508b12bba50625eaccadc4aacf908ba538e3dd6", "tree": "acaf5e1981fc98101f25924a6fb44cf827f826c5", "parents": [ "150f24a5421dc1449d79a801524a7c98754f7bca" ], "author": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Fri Jul 14 17:54:17 2023 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Wed Jul 19 15:57:32 2023 +0000" }, "message": "*: fully hermetic builds and nix shell support\n\nThis change is a slightly more polished version of Serge\u0027s experiment:\n- https://review.monogon.dev/c/monogon/+/1148\n- https://bin.monogon.dev/pasta/sloth-parrot-ant\n- https://bin.monogon.dev/pasta/eel-seal-wolf\n\nThere are two execution environments we have to support:\n\n- Most builds run inside a sandbox, which is a Fedora\n environment and does not require any host dependencies at all.\n\n- Bazel itself and the tooling we require to bootstrap\n the sandbox (mainly, Go and Proto toolchains). This has to\n work directly on the host.\n\nWe first make the sandbox fully hermetic by setting\n--experimental_use_hermetic_linux_sandbox, which set up an empty /\ninstead of mounting over individual directories, removing any remaining\nhost paths from the sandbox (except /proc and /dev/shm, which are\nrequired by some toolchains). We also force static values for the shell,\n$TMPDIR and $PATH, which would otherwise leak into the sandbox.\n\nFor the host, we use buildFHSUserEnv to build an environment which\nsupports our static toolchains, and well as a clean Bazel build\nwithout all the nixpkgs patches which would otherwise break our custom\ntoolchains and sandbox implementation.\n\nThis allows us to use the exact same toolchains on NixOS and other\ndistros for perfect reproducibility.\n\nFixes https://github.com/monogon-dev/monogon/issues/174.\nFixes https://github.com/monogon-dev/monogon/issues/175.\n\nCo-authored-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nChange-Id: I665471a45b315ce7e93ef16d9d056d7622886959\nReviewed-on: https://review.monogon.dev/c/monogon/+/1929\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "150f24a5421dc1449d79a801524a7c98754f7bca", "tree": "c4f69b7e6260a241f3d946b36eda309e2539ccba", "parents": [ "901c7326fe067707812757e4e9409f756edf0e37" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 13 20:11:06 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jul 19 12:17:34 2023 +0000" }, "message": "metropolis/test: use localregistry\n\nThis removes everything but the preseed test image from the preseed\nimage pool, instead opting to serve all test image via localregistry.\n\nThe registry API is served from a dedicated IP inside the virtual\nnetwork and forwarded to an ephemeral listener on the host. The relevant\ninfrastructure is added to the launch package.\n\nAs it is required to add configuration to containerd for this registry\nanyways as it does not and should not have TLS we take that opportunity\nto give it a descriptive name (test.monogon.internal).\n\nVisibilities of images are also adjusted as they are now referenced much\ncloser to their point of use.\n\nAgainst main this saves 51MiB in bundle size (289MiB -\u003e 238MiB).\n\nChange-Id: I31f732eb8c4ccec486204f35e3635b588fd9c85b\nReviewed-on: https://review.monogon.dev/c/monogon/+/1927\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "901c7326fe067707812757e4e9409f756edf0e37", "tree": "f07f9dc363f0448076024ec4217858dcf47bcb88", "parents": [ "3df66ebf2ae75de9e62302332412655e8fb45d04" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 13 20:10:37 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jul 19 11:54:30 2023 +0000" }, "message": "m/p/localregistry: init\n\nAdds the localregistry package, which serves Bazel-built container\nimages via the Docker/OCI V2 registry API.\n\nThis will be used to serve test images instead of preseeding them.\n\nChange-Id: I0c2ceb9a83f807c9c87ab03bc1141ca67cc64268\nReviewed-on: https://review.monogon.dev/c/monogon/+/1926\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "3df66ebf2ae75de9e62302332412655e8fb45d04", "tree": "afe917d9fa6eba01dbc9aac0b59a7a189c3c64ce", "parents": [ "f0ec0f670512f82b8e1428acd577ffe1693d1f8f" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 17 15:58:07 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 18 14:52:36 2023 +0000" }, "message": "metropolis/node/core/metrics: configure node-exporter collectors\n\nTo have a better overview over the nodes we enable additional collectors\nand tell the filesystem collector to not report high cardinality mountpoints.\n\nChange-Id: I267c7c82d671f03c037aabcb067a06fdf29aef65\nReviewed-on: https://review.monogon.dev/c/monogon/+/1933\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "f0ec0f670512f82b8e1428acd577ffe1693d1f8f", "tree": "690b280b94ed797149986fbbbd697ca216386235", "parents": [ "e95007b7090921e2aa4fdc24fea3d23f1bda048e" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 17 13:43:38 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 18 13:58:24 2023 +0000" }, "message": "metropolis/cli/metroctl: add cert export command\n\nTo scrape metrics we currently need the owner certificate in a usable format.\n\nChange-Id: Ic6695b14a764d71d9c7b698c113fe0109d5820bf\nReviewed-on: https://review.monogon.dev/c/monogon/+/1932\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "e95007b7090921e2aa4fdc24fea3d23f1bda048e", "tree": "2884539aa61dcf8a8390299869fa63999382f841", "parents": [ "5c829a4aae48ab0f81f24cde89cf8a85e4adcf3e" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 17 19:05:30 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 18 12:01:46 2023 +0000" }, "message": "metropolis/node: pretend usage of metropolis ports as node port\n\nWithout this additional change, the repair job detects that we are not\nusing the ports with a service. Since we are using them just not with a\nservice, lets just pretend to have a valid service\n\nChange-Id: Ia226415393031761bdf1d683a8389db65f76bcec\nReviewed-on: https://review.monogon.dev/c/monogon/+/1938\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "5c829a4aae48ab0f81f24cde89cf8a85e4adcf3e", "tree": "1734b3ea9565bf167405d1c4dd85a15272a76537", "parents": [ "800e7c9514c1ea5aa9267a19217086363d6d8c4d" ], "author": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Fri Jul 14 17:41:42 2023 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Mon Jul 17 10:06:40 2023 +0000" }, "message": "third_party/chrony: fix chrony source\n\nThe Git snapshot download currently returns a 500 status code.\nDownload the official release instead.\n\nChange-Id: I673584ec2ea6152ca7338bd3609d2264d31b69bd\nReviewed-on: https://review.monogon.dev/c/monogon/+/1928\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "800e7c9514c1ea5aa9267a19217086363d6d8c4d", "tree": "3543adb39b0f1ba5d84f651a2840edc885b7dce4", "parents": [ "d1c392a788043f2bd82d936a334bd01e1be97421" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jul 12 22:37:39 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 13 10:23:27 2023 +0000" }, "message": "m/p/tpm: fix garbage when logging PCRs\n\nCasting an int to a string causes it to be interpreted as a byte of an\nUTF-8 string, not converted to the respective UTF-8 character(s).\nUse strconv instead to actually convert the integers to valid UTF-8\ntext.\n\nChange-Id: I4878d9312f2fd2f2401e7fc3ba0e7a69cbca4d9e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1925\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "d1c392a788043f2bd82d936a334bd01e1be97421", "tree": "1bdf2d7a4d7a54b2d8bda0c3c729eb2c9eef90a4", "parents": [ "0553f885b84ca97384ffdb942b30c67d23166a16" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jul 06 19:10:56 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jul 11 10:48:05 2023 +0000" }, "message": "m/n/kubernetes: fix CSI local PV publishing\n\nExperimentally confirmed to fix pods stuck in creating because the\nmount syscall failed with ENOENT because the target directory did not\nexist. The current CSI spec now explicitly says that creation of\ntarget_path is the responsibility of the storage plugin, so let\u0027s\nactually create that directory.\n\nChange-Id: I57d8086f2e70040095206c36e4302b352d06bb84\nReviewed-on: https://review.monogon.dev/c/monogon/+/1914\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "0553f885b84ca97384ffdb942b30c67d23166a16", "tree": "aacfd7d09e462de3c5cfc4cb5cb23840e0b5f6c3", "parents": [ "93910e666218954def8e1e3b304909f7dbb7a1b5" ], "author": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Sat Jul 08 22:13:30 2023 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Mon Jul 10 11:33:56 2023 +0000" }, "message": "webug: shrink tabs in monospace areas\n\nThis makes prototxt output more readable by saving\nsome horizontal space.\n\nChange-Id: Ia0703f280dfb8c8dd9e3899cc20cefc81773d1e1\nReviewed-on: https://review.monogon.dev/c/monogon/+/1921\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "93910e666218954def8e1e3b304909f7dbb7a1b5", "tree": "bc584ab34d4c5e0caa094d94bcee99ccf01f50a7", "parents": [ "7d1a0dee36f43f232481eb7ca4ec5d520a526907" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jul 06 16:15:06 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jul 06 23:09:14 2023 +0000" }, "message": "m/n/core/curator: fix clusternet sync issues\n\nClusternet sync was broken whenever a node just started a curator\nwatcher, as the curator\u0027s codepath to serve the backlog wasn\u0027t copying\nover clusternet data.\n\nThis shouldn\u0027t have happened, especially as we implemented a unified\nfunction to convert node data into node update data, we just forgot to\nuse it during the initial backlog generation code on the curator.\n\nI\u0027ve spent some time trying to come up with a testcase that would\nautomatically catch any further bug of this type, but that\u0027s not really\ndoable without having more formalized type casts between all the\ndifferent types a node can be encoded in (curator in-memory, curator\nproto state, api node object). But we do still update one of the curator\ntests to catch this particular regression.\n\nChange-Id: I203d9a41b735db63d076c7e68a9fc6fe2f795ab4\nReviewed-on: https://review.monogon.dev/c/monogon/+/1912\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "7d1a0dee36f43f232481eb7ca4ec5d520a526907", "tree": "f63118614604040cdea0edfbfd7b644a124e8cda", "parents": [ "0300077941db0edfdcac0ae42e4a5dad3e8d3fd7" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 05 01:17:15 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jul 05 09:31:04 2023 +0000" }, "message": "m/cli/metroctl: implement `k8s configure` command\n\nChange-Id: I3da7a627b1ada462e62b739bde2073743262e23e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1905\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "0300077941db0edfdcac0ae42e4a5dad3e8d3fd7", "tree": "979cfc5f4269d3428b725acd79b9a216db8a6f82", "parents": [ "a2ee88d585b9b8603f47544c95f09b380b92b5e2" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 03 02:19:28 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 04 18:58:49 2023 +0000" }, "message": "metropolis/node: allow all ports as NodePorts except special ones\n\nAs we dont have hostPort implemented we can only provide NodePorts to\napplications. To allow apps to use all ports we have to increase the range\nbut have to prevent them from using reserved metropolis ones. This is\ncurrently prevented by patching the allocator and hardcode all of them.\n\nChange-Id: I7c0e8b17643d1ec03e1a1b678bc6276881b1c5e5\nReviewed-on: https://review.monogon.dev/c/monogon/+/1884\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "a2ee88d585b9b8603f47544c95f09b380b92b5e2", "tree": "c92d30b80722b0c47130e35fde86c20875471659", "parents": [ "f83f5037ab5e09b7c57a01fe7ff3c2eba3b69f4c" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 04 14:58:10 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 04 18:58:45 2023 +0000" }, "message": "cloud: package scruffy into the cloud container bundle\n\nChange-Id: Ic82e2d530dd4a3f97c4985427754d38ad4afcfc1\nReviewed-on: https://review.monogon.dev/c/monogon/+/1896\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "f83f5037ab5e09b7c57a01fe7ff3c2eba3b69f4c", "tree": "99286697f55a59cd15a6331ee64a70b0e046d3cc", "parents": [ "7e0649b4ea4e450dde5ea309d984209226d995a3" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 04 14:59:14 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 04 18:58:40 2023 +0000" }, "message": "WORKSPACE: add gazelle generate directive for this monorepo\n\nTo allow usage of metropolis code inside other repositories via e.g.\npatches, we need to expose metropolis as gazelle repository\n\nChange-Id: I07ab413d66aef2be67f78c80ad8202204e788d76\nReviewed-on: https://review.monogon.dev/c/monogon/+/1897\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "7e0649b4ea4e450dde5ea309d984209226d995a3", "tree": "6491043e47a6e8288c3e0887666f21103b6e5812", "parents": [ "0e06e57b7d9a3cc6050bfacfeead3eb54ec8fd29" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jul 04 18:07:34 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jul 04 18:58:09 2023 +0000" }, "message": "third_party/go: remove etcd-fix-stub.patch\n\nThis doesn\u0027t seem to be necessary anymore, tests pass without this.\n\nChange-Id: Ia56b49f7b1c96978af45b42bb72b4618344f08d2\nReviewed-on: https://review.monogon.dev/c/monogon/+/1902\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "0e06e57b7d9a3cc6050bfacfeead3eb54ec8fd29", "tree": "e3e6e2b894c55d84295fb949902fb5c9f7297115", "parents": [ "5308730b6181304ae1d34acf0f2bea6c4cb65339" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jul 04 17:41:22 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jul 04 18:58:06 2023 +0000" }, "message": "third_party/go: remove unreferences patches\n\nChange-Id: Idd00b552c621e3a227fc097e175f0c82fa1a7249\nReviewed-on: https://review.monogon.dev/c/monogon/+/1901\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "5308730b6181304ae1d34acf0f2bea6c4cb65339", "tree": "f54596d0c24dd78aa64a97c72d24763b8892e818", "parents": [ "12c814085ac4b58922ca5d88ee571b8ee5ee7ece" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 27 16:36:31 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jul 04 10:47:13 2023 +0000" }, "message": "cloud/bmaas/bmdb: correctly handle installation report\n\nPreviously we ignored the result of an installation report.\nThe bmdb does now store the result and correctly triggers\na recovery flow of the installation fails.\n\nChange-Id: Ie8445cf9178ba84c6362b61ef8fa47208ab690be\nReviewed-on: https://review.monogon.dev/c/monogon/+/1865\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "12c814085ac4b58922ca5d88ee571b8ee5ee7ece", "tree": "a392fb27ca7e53b9e528e1b1bba7125dcf7e3ac0", "parents": [ "72a903fb7b60d629a8f25a2eadf34c7fa1948c10" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 03 02:16:08 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 03 13:55:41 2023 +0000" }, "message": "cloud/shepherd/equinix/cli: replace old argument handling and wrong loop\n\nChange-Id: I1c1657432296170a6a214d4a5907c86c8a3daeec\nReviewed-on: https://review.monogon.dev/c/monogon/+/1883\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "72a903fb7b60d629a8f25a2eadf34c7fa1948c10", "tree": "1189b483e1984a0e26fc20aac901d32264f3b1fc", "parents": [ "521a83591361c7c0353944a1e742eb70e013cf9b" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 27 15:49:36 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jul 03 13:50:27 2023 +0000" }, "message": "cloud/shepherd/equinix/cli: Rename servers before deletion\n\nThis avoids collisions when redeploying servers\n\nChange-Id: I94c8c5e0b1b601ee6513f7baddb251053ce9430b\nReviewed-on: https://review.monogon.dev/c/monogon/+/1864\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "521a83591361c7c0353944a1e742eb70e013cf9b", "tree": "63f4d9499151fb7416318f0f2bdc12f3c1f37523", "parents": [ "a0bc6d3f0ce4f3a73eb0019e4f18f508ee36ce21" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 29 12:38:17 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 03 13:40:32 2023 +0000" }, "message": "m/n/core/clusternet: avoid spurious updates, log more\n\nThis should make debugging\nhttps://github.com/monogon-dev/monogon/issues/235 easier, as I haven\u0027t\nbeen able to replicate it locally.\n\nChange-Id: I23f1a1d3d22841558e0db3e32b76b8bb8319fd3d\nReviewed-on: https://review.monogon.dev/c/monogon/+/1876\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "a0bc6d3f0ce4f3a73eb0019e4f18f508ee36ce21", "tree": "6f77b3184d1cd558dfd8f29437fb61c2e74df431", "parents": [ "3722025f8ed0b46eb7f48c7c0fbfc53de9e84340" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 28 18:57:40 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jul 03 08:03:11 2023 +0000" }, "message": "m/test/e2e: split core/kubernetes tests, clean up\n\nThis splits the large TestE2E function into two separate functions and\ntests: one which exercises the core functionality of Kubernetes, the\nother which exercises just the Kubernetes bits.\n\nThis allows for easier testing during development, and generally trades\noff higher resources usage for faster execution time in CI.\n\nAt the same time we do some small cleanups of the E2E functionality:\n\n 1. Node startup is now parallelized.\n 2. Non-bootstrap nodes can now be left in NEW (this was used in\n diagnosing issue #234, but it currently unused in the main code).\n 3. Kubernetes access now goes over SOCKS.\n 4. Some Cluster helper functions have been added.\n\nAll in all this should allow us writing more E2E tests in the future,\nand at some point also maybe turn Cluster into an interface that is\nimplemented both by the current framework but also some persistent tests\nrunning against long-term VMs/physical machines.\n\nChange-Id: Ia4586b2aaa5fc8c979d35f4b49513638481e4c10\nReviewed-on: https://review.monogon.dev/c/monogon/+/1870\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "3722025f8ed0b46eb7f48c7c0fbfc53de9e84340", "tree": "34c8a1fbe2a6996ace1fe1b9e893b550bffd9ba3", "parents": [ "ca1cff0f214a1ed5ee967d421f5fe1fd5afa756d" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 29 12:39:08 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 29 10:46:39 2023 +0000" }, "message": "m/n/core/devmgr: load modules in separate goroutines\n\nIf we spend too much time processing kobject uevents, we get an ENOBUFS\nerror:\n\n root.devmgr: error receiving kobject uevent: no buffer space available\n\nThis is a hot-fix for this issue. A better solution would be to have a\nsingle goroutine that handles all loading in order to avoid goroutine\nleaks. But this will do for now.\n\nChange-Id: Id085e1e489760c33b1f278dd7c17bf58c01bdad8\nReviewed-on: https://review.monogon.dev/c/monogon/+/1877\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "ca1cff0f214a1ed5ee967d421f5fe1fd5afa756d", "tree": "7ea16e63681ad4695f7d7cd1115c0168fc553d4b", "parents": [ "4599aa2dfa42a7b694ad295bc700db03de96d7f5" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Jun 26 17:52:44 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 29 10:41:38 2023 +0000" }, "message": "m/p/efivarfs: refactor\n\nThis accomplishes three things:\n\nFirst, split out the variable access layer from the rest of the code.\nThis cleans up the attribute handling, which is now done centrally as\nwell as making the high-level functions very short and clean. They now\nalso return better errors.\n\nSecond this introduces proper types for LoadOption, which can now also\nbe unmarshaled which was a requirement for A/B updates. This required\nimplementation of EFI\u0027s DevicePath structure.\nWhile refactoring the higher-level functions for this, this also\nfixes a bug where the variable index (the 4 hex nibbles at the end) were\nimproperly generated as lowercase hex.\n\nThird, this adds new high-level functions for interacting with more\nboot-related variables needed for the A/B effort.\n\nChange-Id: I53490fa4898a5e7a5498ecc05a9078bd2d66c26e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1855\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "4599aa2dfa42a7b694ad295bc700db03de96d7f5", "tree": "411035d2b647dcb1adc68db8f22c4384befa8294", "parents": [ "6f5995153827f2b191cc2faebe21ca58764af33b" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 28 13:09:32 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 28 12:20:57 2023 +0000" }, "message": "m/n/k8s: fix start after unclean shutdown\n\nBoth the kvmdevice as well as the CSI runnables listen on Unix sockets.\nThese are normally removed on close (this is actually the default for\nsockets opened wiht ListenUnix, thus drop setting this), but when an\nunclean shutdown occurs they persist. Since one cannot listen on an\nalready-existing socket, opportunistically remove them before listening.\n\nChange-Id: I11d986a2816fde3d7ffef0817ae3bbf39bba4faf\nReviewed-on: https://review.monogon.dev/c/monogon/+/1867\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "6f5995153827f2b191cc2faebe21ca58764af33b", "tree": "e80d2e3c933116c3488145949d9114de8576511f", "parents": [ "de097947a7c54f1d5e0abb30b18539637a3245d2" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Apr 26 19:08:19 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 27 19:40:23 2023 +0000" }, "message": "cloud/bmaas/bmdb/scruffy: initialize, implement BMDB metrics\n\nThis creates a new BMaaS component, Scruffy the Janitor.\n\nScruffy will run a bunch of housekeeping jobs that aren\u0027t tied to a\nparticular provider or even region. Currently Scruffy just collects BMDB\nmetrics by periodically polling the BMDB SQL database.\n\nChange-Id: Icafa714811757eaaf31fed43184ded8512bde067\nReviewed-on: https://review.monogon.dev/c/monogon/+/1819\nTested-by: Jenkins CI\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "de097947a7c54f1d5e0abb30b18539637a3245d2", "tree": "579a5de8cd4cb379d708f676bb6897acee00dffc", "parents": [ "d69848409ba4f34102f709f591e1432e6b458856" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 27 13:55:10 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 27 19:40:23 2023 +0000" }, "message": "go/algorithm/cartesian: implement cartesian product\n\nChange-Id: I9553266ce64a104f5b8bab2e83d9d7234994cd4b\nReviewed-on: https://review.monogon.dev/c/monogon/+/1863\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "d69848409ba4f34102f709f591e1432e6b458856", "tree": "0dbd46449cb0fa070835f2238c4eda5edbb72461", "parents": [ "a551c58f3ceb3af37e5e596c3b5fc84609d6e429" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 27 11:31:48 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 27 10:19:47 2023 +0000" }, "message": "intellij: update patch\n\nBroken by upstream: https://github.com/bazelbuild/intellij/commit/464dbd5cfbbe9b63b928d9b5b01e3156a9b2ec95\n\nChange-Id: I41bc0f333ea68636c35721dfc9d60c35ed687cd8\nReviewed-on: https://review.monogon.dev/c/monogon/+/1859\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "a551c58f3ceb3af37e5e596c3b5fc84609d6e429", "tree": "90f380e1401e6da73762c027c5fb4df9dd357774", "parents": [ "8481f7506b4c67de54fa96b5510007dc2c66a348" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 27 01:09:09 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 27 10:07:47 2023 +0000" }, "message": "m/t/e2e: adapt runtime test\n\nSince we\u0027re now defaulting to runc, test gVisor separately instead of\nrunc.\n\nChange-Id: Idbf9c961526ea82e20113286fd801553ad785aa9\nReviewed-on: https://review.monogon.dev/c/monogon/+/1858\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "8481f7506b4c67de54fa96b5510007dc2c66a348", "tree": "591d0e285c1d36aeb813b75c0f8d76e62b688a2d", "parents": [ "a380d67c4f648aaf576adba0ea22d40d3782bf44" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 27 00:51:28 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 27 10:07:32 2023 +0000" }, "message": "m/n/c/network: fix SNAT\n\nThe previous change to this broke clusternet as it tried to masquerade\ntraffic destined to that interface, but that is an unnumbered interface,\ncausing the masquerade to fail and all inter-node traffic to be\nrejected. Fix this by including the clusternet interface in the list of\ninterfaces not to NAT for.\n\nChange-Id: I4a79a1978b1aa449fca1dd2d0a2b0a5decc63ea8\nReviewed-on: https://review.monogon.dev/c/monogon/+/1857\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "a380d67c4f648aaf576adba0ea22d40d3782bf44", "tree": "eead98807b56e6ab66eca83102119c5a5477209c", "parents": [ "7053598586ab00378938c245b7ad748f671a991d" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jun 26 13:17:42 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jun 26 13:48:52 2023 +0000" }, "message": "m/n/core/rpc/resolver: log current processor state on watcher error\n\nWe seem to be having some resolvers getting stuck in production like so:\n\nI0626 09:52:39.708844 resolver.go:275] CURUPDATE: error in loop: when receiving node: rpc error: code \u003d Unimplemented desc \u003d unknown service metropolis.node.core.curator.proto.api.Curator\nI0626 09:52:39.708850 resolver.go:276] CURUPDATE: retrying in 10.040771699s...\n\nThis introduces extra logging that should help us figure out what\nexactly broke, or at least bring us a bit closer to figuring it out.\n\nChange-Id: I658cff6ae86e9124141b5d2c36dceafa377842e9\nReviewed-on: https://review.monogon.dev/c/monogon/+/1852\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "7053598586ab00378938c245b7ad748f671a991d", "tree": "fd52caf5360282ca315e98e407a4d42f906a2800", "parents": [ "60d6b902d66a4c5c0a2a926c85936935106b9180" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 22 19:37:38 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jun 26 11:44:11 2023 +0000" }, "message": "m/n/c/rpc/resolver: dampen curator updates\n\nThis makes the resolver only process node updates if some curator data\nwas actually changed.\n\nFixes https://github.com/monogon-dev/monogon/issues/233\n\nChange-Id: I790adfc4aa3562864faf807d32ac00d9e3bd0bea\nReviewed-on: https://review.monogon.dev/c/monogon/+/1851\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "60d6b902d66a4c5c0a2a926c85936935106b9180", "tree": "d0d690bb830ebd611318626110db510015b5ce58", "parents": [ "62a1edd234557c46facfd23661ff08c37c8e911f" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 20 16:02:40 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Jun 26 11:34:08 2023 +0000" }, "message": "m/p/gpt: switch to msguid\n\nReplaces the old UUID mangling code with the newly-introduced msguid.\n\nChange-Id: I667e41c28959b4b95265c1ffdcf7f5bfcad4083d\nReviewed-on: https://review.monogon.dev/c/monogon/+/1850\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "62a1edd234557c46facfd23661ff08c37c8e911f", "tree": "7555b7996b1761d6eef4777a2ea482520b2c1db2", "parents": [ "b390d715897e29064102257f4837959e694f9bf9" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 20 16:01:44 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon Jun 26 11:34:03 2023 +0000" }, "message": "m/p/msguid: init\n\nAdds a new msguid package which contains functions for encoding and\ndecoding Microsoft\u0027s mixed-endian GUID/UUID format. This format is\nused by Microsoft as well as a bunch of UEFI-related standards.\n\nChange-Id: Icca8ef7ad7f7359808ea7f19e3824639f7b1e2eb\nReviewed-on: https://review.monogon.dev/c/monogon/+/1849\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "b390d715897e29064102257f4837959e694f9bf9", "tree": "4d705eb9b84b87f3be6c3da31d24bf959da1f768", "parents": [ "3546615448c39dff683bb1723344ed283b279d46" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 21:47:59 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon Jun 26 09:32:41 2023 +0000" }, "message": "m/n/c/curator: clean up stale leader election after reboot\n\nThis is useful if we reboot a leader and it comes back while its\u0027 old\nstale leader election key/value is present.\n\nWithout this, other nodes would continue to connect to the newly\nrebooted leader even though it is not a leader anymore, confusing\nthemselves and cluster operators in the process.\n\nChange-Id: I306e7040550084ef39ab20c3c289a3137145a2d9\nReviewed-on: https://review.monogon.dev/c/monogon/+/1845\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "3546615448c39dff683bb1723344ed283b279d46", "tree": "ed3285dfa7a0adcc76f64766707a28e24d0373e4", "parents": [ "2f7e0a281e72ae45fff6c4d79934442367475b81" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jun 14 20:01:11 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jun 22 17:12:03 2023 +0000" }, "message": "m/n/core/localstorage/crypt: read partition data from uevent\n\nPreviously we only checked the blockdevices itself,\nbut in the real-world the minor-id is not always the partition offset.\nThis scans all blockdevs that are partitions and creates them correctly\n\nChange-Id: I8f3d99761e9e883783b398496ec8b35f28f3557d\nReviewed-on: https://review.monogon.dev/c/monogon/+/1813\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "2f7e0a281e72ae45fff6c4d79934442367475b81", "tree": "4dcd2233a274bef4645c4bfbbbd62f072d11481a", "parents": [ "c49b207a66a994ccda382d685022d08cbd9ee582" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 22 16:56:13 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 22 16:36:33 2023 +0000" }, "message": "m/node: enlarge K8s networks\n\nFor bigger clusters, the current 10.0.0.0/16 subnet is far too small.\nSwitch to 10.192.0.0/11 which should be out of the way of most of our\ntest infra and is large enough for 8192 nodes with 253 pods which is\nbig enough for the time being. Also migrate the service network\nto 10.224.0.0/16 and make it much bigger. It does not need to be in the\npod CIDR, so move it out of there.\nBut for large clusters this will continue to be a problem until we have\na better allocation algorithm or switch to IPv6 with 464xlat (which\nis not supported on Linux currently however).\n\nChange-Id: Ib3a019fffacec2172721f04c01133b44bffba73b\nReviewed-on: https://review.monogon.dev/c/monogon/+/1848\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "c49b207a66a994ccda382d685022d08cbd9ee582", "tree": "b0eed5a22bdb110ea4c115a2bea403e1e00e5dc2", "parents": [ "51a3ed59a1408fe5d8103dca5b6a04dbaa4e5b6a" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 23:12:01 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 22 12:38:25 2023 +0000" }, "message": "m/n/core/net/hostsfile: do not stomp over cluster directory\n\nIf we join a cluster after reboot, we already have a cluster directory\non the ESP. We should not write over it with an empty one, but instead\nwait until we\u0027ve received a recent copy of it from the cluster.\n\nFixes https://github.com/monogon-dev/monogon/issues/228\n\nChange-Id: Ibbfa23009eaa9feb99a332ac0c5e17dd89aea7bf\nReviewed-on: https://review.monogon.dev/c/monogon/+/1846\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "51a3ed59a1408fe5d8103dca5b6a04dbaa4e5b6a", "tree": "b17dd748b088b4c7899c4aee0a1ab862a59509b4", "parents": [ "186109c55db3121749311fc2e954be0eaccdf249" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 21 16:45:15 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 22 12:33:31 2023 +0000" }, "message": "m/n/k/containerd: change default runtime to runc\n\nFor high-security usecases it might still make sense to force gVisor,\nbut generally people expect runc as the default runtime. gVisor can\nstill be used by specifying a runtimeclass in the pod.\n\nChange-Id: Idc02275fd00c2a7dff3ce6949268294afa5644eb\nReviewed-on: https://review.monogon.dev/c/monogon/+/1839\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "186109c55db3121749311fc2e954be0eaccdf249", "tree": "d65cd1416c480bf517bede017f5688ad4352e0ab", "parents": [ "d2fc01fb49e7f1decb534a9ae8da7ba8814406d9" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 16:57:36 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 21:52:37 2023 +0000" }, "message": "m/n/core/roleserve: persist node roles across reboots\n\nThis allows us nodes to attempt to bring up some services before they\nget fully connectivity to the cluster.\n\nThis is especially useful if a node cannot establish connectivity to the\ncluster, eg. because it\u0027s the only control plane node that just started\nup.\n\nFixes https://github.com/monogon-dev/monogon/issues/226\n\nChange-Id: I030ccc02851e74ceb8dc043203083aa5b6854b55\nReviewed-on: https://review.monogon.dev/c/monogon/+/1842\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "d2fc01fb49e7f1decb534a9ae8da7ba8814406d9", "tree": "3b4991d6c8cd45e40066dbc1ebe9c66b508d10ce", "parents": [ "6a09bd5dbf49c438dc9c5743c8724ddc6efbe505" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 16:49:23 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 21:52:37 2023 +0000" }, "message": "m/n/core/n/hostsfile: only persist control plane nodes in ClusterDirectory\n\nThis fixes some ugly startup issues where a node attempts to communicate\nvia control plane protocols to nodes that have no chance of running the\ncontrol plane.\n\nIn general, the Cluster Directory predates the split between control\nplane and worker nodes, and its definition should likely be formally\nupdated to only contain control plane nodes.\n\nChange-Id: Ie290829a010aef0c3a587326e864fe93bf991220\nReviewed-on: https://review.monogon.dev/c/monogon/+/1840\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "6a09bd5dbf49c438dc9c5743c8724ddc6efbe505", "tree": "d4829766a1844f761187c70a44b5101363d8637c", "parents": [ "eca5af965b6d95d953066a298ee896791ee00796" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 21 17:40:32 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 21 16:04:12 2023 +0000" }, "message": "m/n/c/network: make SNAT generic\n\nThis changes the SNAT/Masquerade rule from being a thing set up per\ninterface which was only implemented by the dynamic network runnable to\na generic rule set up by the general network service part shared between\nthe static and dynamic implementations. It also tries to avoid NATing\nhost-originated traffic. Matching on interface names is argubly ugly but\nthe alternative is patching CNI plugins, which is also ugly.\n\nChange-Id: I7ec40fc244ae4689b6f96ab87dbebe9a6c43dd70\nReviewed-on: https://review.monogon.dev/c/monogon/+/1844\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "eca5af965b6d95d953066a298ee896791ee00796", "tree": "095d92aeddcd7861b4c204bc2a9abb5db24977cb", "parents": [ "2876efab007ae58856891dbe5cb3e985d948c6d9" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:31:37 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 15:01:58 2023 +0000" }, "message": ".bazelrc: add go tags: {net,osuser}go\n\nThis makes our code not use glibc-based implementations of user and host\nresolution even when cgo is enabled for race detection.\n\nChange-Id: I162105ef58291dc225fb158b56c93cfb7bce9a54\nReviewed-on: https://review.monogon.dev/c/monogon/+/1834\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "2876efab007ae58856891dbe5cb3e985d948c6d9", "tree": "25d2194ef0afd0337d12725dc5848ad870923a22", "parents": [ "83b2a3612d375d60f97500352c1f8a2197c99645" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:30:40 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 21 15:01:51 2023 +0000" }, "message": "third_party/go: disable btrfs in containerd\n\nThis makes sure that if we build with cgo enabled (for race testing) we\nstill don\u0027t attempt to build btrfs.\n\nChange-Id: Ic608188ad1dc0b21c9f1822afa2b455bfd56959f\nReviewed-on: https://review.monogon.dev/c/monogon/+/1830\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "83b2a3612d375d60f97500352c1f8a2197c99645", "tree": "aba96d8a6503d92983f365dd27fa7e81f511c53c", "parents": [ "9fd3c3de3d48f328c5771f3659235774aa7df984" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jun 14 22:15:25 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 20 16:36:17 2023 +0000" }, "message": "m/n/core/cluster: dont print cluster directory\n\nIf a cluster has hundreds of nodes, the bootup will print all of them.\nWhen you have a particularly slow serial connection,\nit can hide crash reports and other more important messages.\n\nChange-Id: I50b75795ec3ebadefe364bf94c3b907c257ffa71\nReviewed-on: https://review.monogon.dev/c/monogon/+/1821\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "9fd3c3de3d48f328c5771f3659235774aa7df984", "tree": "ed1c39faa59c9bfd6a3bdd6a2bdfe6814c73e2f6", "parents": [ "9739a4f0d1a48cbc4e9f6092d3bd471e833bb8c0" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:18:36 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:19:54 2023 +0000" }, "message": "build/toolchain/musl-host-gcc: handle non-workspace-root execution\n\nThis is needed to build stdlib with cgo, which is in turn required for\nthe race checker to be enabled.\n\nChange-Id: Ic81542925a02c626f157dfd8c6650de3dbb30c7d\nReviewed-on: https://review.monogon.dev/c/monogon/+/1832\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "9739a4f0d1a48cbc4e9f6092d3bd471e833bb8c0", "tree": "a0d1048b3a37d0050b0ff5aba250435c039d29be", "parents": [ "30021af6eaf9f2963d83314c283ebdd23fff2674" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:40:21 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:19:47 2023 +0000" }, "message": "build: add cgo to nogo exceptions\n\nSeems like cgo is placing some files in a separate directory in the\nworkspace root.\n\nChange-Id: Icd94dec7281350339f0b1dd88d61556d75982d64\nReviewed-on: https://review.monogon.dev/c/monogon/+/1836\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "30021af6eaf9f2963d83314c283ebdd23fff2674", "tree": "b8be79d10a869ebb1e2aac4a5a89ce187206bb60", "parents": [ "ea6353fd49b3978cfef7f99ada99a99f8bc10715" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:30:11 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:19:43 2023 +0000" }, "message": "metropolis/node/build: allow impure code in root if race checking is enabled\n\nThis allows us to build the root filesystem with race detection enabled.\n\nChange-Id: I370ce2114090f828f0d9843fd4a7dc87c47bd153\nReviewed-on: https://review.monogon.dev/c/monogon/+/1835\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "ea6353fd49b3978cfef7f99ada99a99f8bc10715", "tree": "b854dec6f99a7555abc32b1ca27b74b2af815294", "parents": [ "98a6cccb052c5d17f4f2429edf41d57bd74b7ffd" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:08:55 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:18:34 2023 +0000" }, "message": "metropolis/clusternet: fix race condition\n\nThis gives the wireguard backend a copy of the peer data instead of a\npointer into mutable memory.\n\nChange-Id: I47ee83f3d484cc809c35d2e1779b519ec60c7c78\nReviewed-on: https://review.monogon.dev/c/monogon/+/1825\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "98a6cccb052c5d17f4f2429edf41d57bd74b7ffd", "tree": "da656463788abd785a884743e5c5f75e0da7f7c7", "parents": [ "c1ce95f7e86c74a76ae2b29986905cb34cb19e56" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:09:12 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:18:27 2023 +0000" }, "message": "metropolis/consensus: fix race condition\n\nThis returns a copy of each status, instead of the same status, possibly\nmutated.\n\nChange-Id: Ic4ed425a38b001b0139a81c46c61af551b966166\nReviewed-on: https://review.monogon.dev/c/monogon/+/1826\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "c1ce95f7e86c74a76ae2b29986905cb34cb19e56", "tree": "aef29ffa1227fe5e8e07b610838489290be2c7a5", "parents": [ "2e9898d28213ec4e3fc48d962c2e2afbc0c6595c" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:09:25 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:18:21 2023 +0000" }, "message": "metropolis/rpc: fix race condition\n\nThis hands off a copy of the curator map across a channel instead of the\nmutable map itself.\n\nChange-Id: Ib7f4ed795648517ae19938c52a6cb193f293ac8b\nReviewed-on: https://review.monogon.dev/c/monogon/+/1827\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "2e9898d28213ec4e3fc48d962c2e2afbc0c6595c", "tree": "e0c778089bb8a3c67d24dd2db3cbbd302ce823b6", "parents": [ "5b13d8112a63282d12690ce05dbfa245f910d5a9" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:09:41 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:18:11 2023 +0000" }, "message": "metropolis/curator: fix race condition in tests\n\ngrpclog cannot be accessed concurrently with gRPC requests possibly\nalready running. Let\u0027s just remove this integration in tests.\n\nChange-Id: I074c583baf3a7f87e76e7dde6080e3efdb19d5c8\nReviewed-on: https://review.monogon.dev/c/monogon/+/1828\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "5b13d8112a63282d12690ce05dbfa245f910d5a9", "tree": "f69de58cf76b274e4c83f2472d08b578afb64fdc", "parents": [ "d20af4f15347651efa7b90490f8e657d35281883" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:22:23 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 14:18:03 2023 +0000" }, "message": "third_party/linux: ignore more configuration settings\n\nChange-Id: Id1117d86d742a94f762f186e6c1f9193dc4e0597\nReviewed-on: https://review.monogon.dev/c/monogon/+/1829\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "d20af4f15347651efa7b90490f8e657d35281883", "tree": "49f01ce9ba6d73e06cf7ff3b7184c5db1d9c7b25", "parents": [ "e1a4ac5eaec848a8b1d883c3963cfe399c71cb7d" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:08:24 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 13:06:46 2023 +0000" }, "message": "metropolis/pkg/cmd: fix race condition\n\ncmd.Wait should not be accessed concurrently.\n\nChange-Id: Icaaa1a22b1d23211dc1259af6cf97463228944ae\nReviewed-on: https://review.monogon.dev/c/monogon/+/1824\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "e1a4ac5eaec848a8b1d883c3963cfe399c71cb7d", "tree": "ef289013336335c69407d780bbccb614fb258282", "parents": [ "7e1c489409345f7212efdfcdfb105a5bbfd365c2" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 20 12:17:54 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 20 12:33:09 2023 +0000" }, "message": "cloud/agent: generate hwreport only if a first heartbeat was successful\n\nThis is mostly a hack but as we dont have a way (yet) to know when all devices\nare registered, we just wait until the first heartbeat was sent and only after\nthat sent a hwreport. This should at least make sure that all important network\ninterfaces are registered.\n\nChange-Id: Icdfc43c212470dcc37a2f916524b5f29ee42ae42\nReviewed-on: https://review.monogon.dev/c/monogon/+/1823\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "7e1c489409345f7212efdfcdfb105a5bbfd365c2", "tree": "be82408747ad02bdd08c6e3b5f0cacfa56d154ca", "parents": [ "54e212a9914ad8003fc4e353f96651340d287c2d" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 20 12:07:02 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 20 12:27:20 2023 +0000" }, "message": "c/shepherd/equinix/wrapngo: correct metric endpoint matcher\n\nAs stated in the error message its projects instead of project\n\nChange-Id: I4bee1fd7821d80280b314b8beaecfd88e48d81fd\nReviewed-on: https://review.monogon.dev/c/monogon/+/1822\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "54e212a9914ad8003fc4e353f96651340d287c2d", "tree": "df3b1624d9679e30aefac9b98b2f9b91523eca0b", "parents": [ "d34299ebe13211802739d698e526be78161eac6f" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 14 13:45:11 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 20 11:37:55 2023 +0000" }, "message": "metropolis: implement Metrics Service\n\nThis is the first pass at a Metrics Service. It currently consists of an\nHTTP reverse proxy which authenticates incoming connections using the\nCluster CA and certificates, and passes these connections over to a\nlocally running node_exporter.\n\nIn the future more exporters will be added, and we will likely also run\nour own exporter for Metropolis-specific metrics.\n\nChange-Id: Ibab52aa303965dd7d975f5035f411d1c56ad73e6\nReviewed-on: https://review.monogon.dev/c/monogon/+/1816\nTested-by: Jenkins CI\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\n" }, { "commit": "d34299ebe13211802739d698e526be78161eac6f", "tree": "2016915e8cb17311904638c13f934b2150b25aa4", "parents": [ "89974c6f9e4f81d6d819d041a7f5286772df7124" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 15 11:07:47 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu Jun 15 11:47:12 2023 +0000" }, "message": "m/n/core/network/hostsfile: fix nodeMap data race\n\nChange-Id: I7c052691712ebd39e2a23a9497d4d6d0c0ab1e0c\nReviewed-on: https://review.monogon.dev/c/monogon/+/1817\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "89974c6f9e4f81d6d819d041a7f5286772df7124", "tree": "db0e768e42262a04ddb11fa3c1a85420e54b4796", "parents": [ "6d563cac226b327d41d95bf0219b3ff972ab6952" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 14 22:15:10 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 15 10:02:31 2023 +0000" }, "message": "m/n/c/cluster: set StorageSecurity in bootstrap path\n\nCurrently this is only set properly in the register path, causing the\nconfiguration of the bootstrap node to be inconsistent. This causes\nbootup to fail with `Node startup failed: sealed configuration has\ninvalid node unlock key (wanted 32 bytes, got 0)`.\nFix this by also persisting the chosen storage security option in the\nnode configuration when bootstrapping.\n\nChange-Id: I93bf75d412c9aa7c09b5a739ce65b6873d947fd5\nReviewed-on: https://review.monogon.dev/c/monogon/+/1815\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "6d563cac226b327d41d95bf0219b3ff972ab6952", "tree": "02c80c9ad94b0302ffed71fb3b4763104574c394", "parents": [ "634a3cf16ecf4cd551847185e7b539d16ad52d2d" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 14 13:44:20 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu Jun 15 09:31:47 2023 +0000" }, "message": "third_party/go: pull in node_exporter, add to metropolis rootfs\n\nChange-Id: I5efe5257e7740bf1721f3dd6f130a3c618e33381\nReviewed-on: https://review.monogon.dev/c/monogon/+/1806\nReviewed-by: Leopold Schabel \u003cleo@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "634a3cf16ecf4cd551847185e7b539d16ad52d2d", "tree": "7653202205bd238b3d9d02c2bf87ae66e277d933", "parents": [ "b37d7d8ef4e318c9d35d34eff79fa0a304ff35aa" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jun 14 20:01:33 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jun 14 19:19:16 2023 +0000" }, "message": "metropolis/cli/metroctl: dont segfault on missing status\n\nChange-Id: Ib1a594e0ccca0f6a993e651b62e8adcfb9dc1ea4\nReviewed-on: https://review.monogon.dev/c/monogon/+/1814\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "b37d7d8ef4e318c9d35d34eff79fa0a304ff35aa", "tree": "d9426085481415352c83263204c81e2796032eed", "parents": [ "c09327c6393202f0b425313a18a834954aeba572" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jun 14 19:06:44 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jun 14 18:18:30 2023 +0000" }, "message": "metropolis/cli/metroctl: dont write hostPort and report correct context\n\nChange-Id: I9ddccf35cf7a1fe7ee839250ceab0925fe8f0138\nReviewed-on: https://review.monogon.dev/c/monogon/+/1811\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "c09327c6393202f0b425313a18a834954aeba572", "tree": "80eebf9133ee9126295b1f3aa1a80578854b830a", "parents": [ "1600d9b3aa84c3259a3e8355cba7702825924b6d" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jun 14 17:48:56 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jun 14 18:18:30 2023 +0000" }, "message": "metropolis/cli/metroctl: set storage security policy inside installer\n\nWithout it the installed metropolis node will fail initialization\n\nChange-Id: I137107260fc7c4f50052791f58454dd07b98c29c\nReviewed-on: https://review.monogon.dev/c/monogon/+/1809\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "1600d9b3aa84c3259a3e8355cba7702825924b6d", "tree": "89699bcfedda33bb6aa7a69a4a9b11d58e6009c6", "parents": [ "98054a1ddb45d9e0246a0f7f7b93f9e90619a544" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 14 20:00:59 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 14 18:16:09 2023 +0000" }, "message": "m/c/metroctl: add newline between unapproved nodes\n\nChange-Id: I1db00eb9396e597a4596ad2b491a75bbcebacd62\nReviewed-on: https://review.monogon.dev/c/monogon/+/1812\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "98054a1ddb45d9e0246a0f7f7b93f9e90619a544", "tree": "52ce0573faf5cddbb60c7ed99463837ba14426c8", "parents": [ "0c2f9ded884f7f54d74a8c251c51231841f71728" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed Jun 14 18:16:21 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jun 14 17:07:27 2023 +0000" }, "message": "metropolis/node: fix non-secure TPM/storage policy codepaths\n\nThis fixes enoug things to pass manually ran E2E tests with the initial\ncluster confiugration changed to a number of possible combinations\n(with/without TPM, with authenticated/encrypted/insecure storage).\n\nThese should, of course, be automatically tested. However, that is\npending on the extension of E2E test system that will let it run\nlong-term tests against real clusters. Otherwise we\u0027d just waste tons of\ntime running the entire matrix of possible combinations on every CR.\n\nChange-Id: I71a56f9a31c738ee2b2d4dfa10d2a58fd5cb0554\nReviewed-on: https://review.monogon.dev/c/monogon/+/1810\nTested-by: Jenkins CI\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "0c2f9ded884f7f54d74a8c251c51231841f71728", "tree": "9a084723cea0b9cc183b694386aa0e322b5d465f", "parents": [ "b7ff592e4f08022df5d980a03a396f4ff5330b29" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 14 15:19:27 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed Jun 14 15:41:41 2023 +0000" }, "message": "m/n/c/network: improve restartability\n\nDeletes all newly-added interfaces as well as sets all reconfigured\ninterfaces to down if an error occurs in an effort to improve\nrestartability.\n\nChange-Id: I715514c7f6b7a6f45a1c66333fd540556be2b29b\nReviewed-on: https://review.monogon.dev/c/monogon/+/1808\nTested-by: Jenkins CI\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "b7ff592e4f08022df5d980a03a396f4ff5330b29", "tree": "fb6173e39e0423c47f897939277ae68bd218e346", "parents": [ "e59e6e1ec670e6315fb8ce7fefd7a8551aec75db" ], "author": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Wed Jun 14 11:57:41 2023 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@monogon.tech", "time": "Wed Jun 14 11:18:26 2023 +0000" }, "message": "intellij: update aspect path\n\nUpstream change:\nhttps://github.com/bazelbuild/intellij/commit/d1a5ccc3d4d971224faafc6684e0216855e59d47\n\nChange-Id: I287fae1dcff38164eaea3aeaecf768247b8302c5\nReviewed-on: https://review.monogon.dev/c/monogon/+/1805\nTested-by: Jenkins CI\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "e59e6e1ec670e6315fb8ce7fefd7a8551aec75db", "tree": "bc642135ff1f2911e55942c2f1246c94d2a97370", "parents": [ "6c45434189e387b234109b68b1ed5a8f2cd5b439" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 13 16:11:43 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 13 18:52:29 2023 +0000" }, "message": "cloud/bmaas: first round of indexes\n\nThese are based on inspecting the production database, and should be\nenough to get us out of the woods wrt. BMDB performance.\n\nChange-Id: Ice285f25bc1d2825a04750fc6d62ef0925b9d643\nReviewed-on: https://review.monogon.dev/c/monogon/+/1804\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "6c45434189e387b234109b68b1ed5a8f2cd5b439", "tree": "4cff8bb2fac00df28699559256ce7649b38877e1", "parents": [ "46bf7d6c6437dfbf9dcc1e1d7d80fcc1c601f9b5" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 01 12:23:38 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 13 13:44:46 2023 +0000" }, "message": "m/node: build Linux with modules\n\nThis introduces modules into our Linux build. I originally didn\u0027t want\nto do this, this is why this wasn\u0027t done until now. But various things\nin the kernel weren\u0027t set up for this, for example the AMD and Intel KVM\nmodules cannot both be loaded, only the first one loaded works. Also,\nthe Linux kernel cannot load firmware for built-in modules reliably as\nthe filesystem it tries to load it from is not always mounted first,\neven if the kernel itself mounts it.\n\nThe firmware issue was brought up multiple times on LKML, but Linus is\nof the opinion that the firmware should be next to the kernel module,\nthus either built-in (not viable for licensing and size reasons) or the\nmodules need to be loadable and on the same filesystem as the firmware.\n\nThus unless we want to carry signifcant patches against the Kernel in a\ndeadlock-prone area, we are forced to adopt a design with loadable\nmodules (or ship everything twice in an initramfs which is also not\ndesirable).\n\nThe kernel config currently only has the modules as non-builtin which\nrequire firmware, everything else has been left as-is. For boot-time\nperformance it would eventually be a good idea to move to a setup with\nmore modules once we\u0027re confident in the implementation and everything\ncan deal with late-loaded modules/devices.\n\nAs a drive-by fix this also moves the kernel builds to out-of-tree so\nthat we no longer pollute the source folder. Bazel protected us from\nserious issues due to this, but it\u0027s still bad practice.\n\nChange-Id: Iced8e12234565e5b7447e732716651e05e67d55b\nReviewed-on: https://review.monogon.dev/c/monogon/+/1791\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "46bf7d6c6437dfbf9dcc1e1d7d80fcc1c601f9b5", "tree": "19b26feaf61870790ce3b27dac3623cba40e6119", "parents": [ "c7b036bca213962a7e60f3edb47624606799d074" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 01 12:24:19 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 13 13:44:46 2023 +0000" }, "message": "m/n/c/devmgr: init\n\nAdd a minimal device manager based on kobject/uevents. Currently this\nonly loads kernel modules. Further functionality will be added in\nsubsequent CLs.\n\nChange-Id: I444ecdaff3f8ddb9ec169b094ba03e169dd70c4e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1790\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "c7b036bca213962a7e60f3edb47624606799d074", "tree": "f0385f1ff6fe9a9fe41f62f32c0079006a1c5038", "parents": [ "5832cd92957a6933c0fd644496d957ea2d8ef36d" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 01 12:23:57 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 13 13:44:46 2023 +0000" }, "message": "m/p/kmod: init\n\nThis adds a package for working with Linux kernel loadable modules in\nGo. It contains syscall wrappers for loading and unloading modules, a\nmetadata format for fast lookup of modules handling devices using a\ncustom radix tree, parsers for module info metadata and various utility\nfunctions and data structures.\n\nA significant amount of the code in here has no formal spec and is\nwritten against behavior and information extracted from the reference\nkmod code as well as the Linux kernel itself.\n\nChange-Id: I3d527f3631f4dd1832b9cfba2d50aeb03a2b88a8\nReviewed-on: https://review.monogon.dev/c/monogon/+/1789\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "5832cd92957a6933c0fd644496d957ea2d8ef36d", "tree": "23d8faa7707807c1da543dbb91840c308790d694", "parents": [ "0e291a193cbfd0b169e749e7f28adc954a58f560" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 13 13:09:55 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 13 13:26:12 2023 +0000" }, "message": "cloud/bmaas/bmdb/webug: Use a flag for strict consistency\n\nChange-Id: I4ef6372108e4ada94a70525c6ec335e305dca320\nReviewed-on: https://review.monogon.dev/c/monogon/+/1801\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "0e291a193cbfd0b169e749e7f28adc954a58f560", "tree": "01b7ad51279b9060c3c967a0061826d37dbfaf01", "parents": [ "4264b8c641109c05c4828b40cd2e01e686890903" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 01 12:22:45 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 13 13:03:53 2023 +0000" }, "message": "m/node: clean up DNS service\n\nThe primary change in here is that CoreDNS now only listens on the\nloopback interface by default.\nThis fixes #217 as it cannot be accessed from the outside anymore.\nSince the containers do not share the host network namespace, they can\nnow no longer access the DNS service. This is solved by introducing a\nnew Network Service API to add listener IPs and using a link-local IP,\n169.254.77.53 for the container DNS.\nWhile at it, I cleaned up various parts of the DNS code.\n\nChange-Id: Id7b618f62690032db335e8478b9de84410c210a1\nReviewed-on: https://review.monogon.dev/c/monogon/+/1759\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "4264b8c641109c05c4828b40cd2e01e686890903", "tree": "c890d91434d3be41b12291338c55c7d0baf61315", "parents": [ "44cacd6bd39f0d70aab912e4d02f2ef2e453bc4d" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jun 12 23:54:58 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 13 09:40:46 2023 +0000" }, "message": "cloud: replace klog with klog/v2\n\nChange-Id: Ie54ef593825fdc72409da38ab1a6244e94db9eb9\nReviewed-on: https://review.monogon.dev/c/monogon/+/1799\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "44cacd6bd39f0d70aab912e4d02f2ef2e453bc4d", "tree": "1ab3deae3f63c854bf4e2a89f25937ad062a6130", "parents": [ "f9e3a6558f8725123e4cde38098e80c1167fb47c" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon Jun 12 23:54:45 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 13 09:40:46 2023 +0000" }, "message": "cloud: validate that there are not positional arguments\n\nflag.Parse() parses arguments after boolean flags as positional argument.\nThis produces unexpected behaviour like this:\n```\n\u003e -a \"true\" -b \"true\"\na: false\n\n\u003e -a -b \"true\"\nb: true\n```\n\nChange-Id: I0f8555fc45acf305a5efd365a6eae03eb8930942\nReviewed-on: https://review.monogon.dev/c/monogon/+/1798\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "f9e3a6558f8725123e4cde38098e80c1167fb47c", "tree": "7fb7d5397c0bf559e7d66f93565ac429cf489048", "parents": [ "fe3d8fd61a81c09a1544d8cf1e13326c179c5972" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue Jun 06 17:39:52 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Wed Jun 07 11:43:47 2023 +0000" }, "message": "cloud/bmaas: correctly format table\n\nChange-Id: Iafa4967d655c31f107167a82909eabc21bb4e2c5\nReviewed-on: https://review.monogon.dev/c/monogon/+/1792\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "fe3d8fd61a81c09a1544d8cf1e13326c179c5972", "tree": "d1803d9e307e5aea697c02fcb17e82e2c4fb605d", "parents": [ "90a70a0e1cab83ba1601d355d07f285dff0d4d55" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue May 30 20:50:09 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 06 12:11:51 2023 +0000" }, "message": "m/n/core/roleserve: rework cluster membership, reuse control plane connections\n\nThis changes up roleserver internals to simplify the handling of cluster\nmembership state. The end goal is to allow reusing control plane gRPC\nconnections across different components in a node, but the refactor goes\na bit beyond that.\n\nEver since the introduction of the rpc resolver, we have effectively\nsimplifies the control plane startup problem. This is because the\nresolver allows the rest of the system to dynamically switch between\ndifferent gRPC endpoints for the control plane.\n\nWhat this means is that some of the existing complexity in the\nroleserver (which predates the resolver) can be thrown away. Notably, we\nremove the ClusterMembership structure, and replace it with two\nsignificantly simpler structures that represent two separate facts about\nhe local node:\n\n1. localControlPlane carries information about whether this node has a\n locally running control plane. This is only used by the statuspusher\n (to report whether the control plane is running) and by the\n Kubernetes control plane.\n\n2. curatorConnection carries the credentials, resolver and an open gRPC\n connection to the control plane, and is the only roleserver\n EventValue now used by the vast majority of the roleserver runnables.\n\nThe resulting code, especially inside the control plane roleserver\nrunnable, is now less complex, at the cost of a bit of an ugly refactor.\n\nChange-Id: Idbe1ff2ac3bfb2d570bed040a2f78ccabb66caba\nReviewed-on: https://review.monogon.dev/c/monogon/+/1749\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "90a70a0e1cab83ba1601d355d07f285dff0d4d55", "tree": "d72351725c2d58ba3194e40f85fa5730ab2a798c", "parents": [ "ce68ab953ef5501a3da3367372daf25801bc0ee7" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue May 30 15:15:27 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Tue Jun 06 12:11:51 2023 +0000" }, "message": "m/n/core/roleserve: do not store cluster directory, populate resolver earlier\n\nThis cleans up the roleserver code slightly, as I\u0027ve noticed the cluster\ndirectory actually does not need to be stored anymore now that we have\nthe rpc resolver.\n\nChange-Id: Ibe9f55691602bc937205c5fb54833683e80d4804\nReviewed-on: https://review.monogon.dev/c/monogon/+/1748\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "ce68ab953ef5501a3da3367372daf25801bc0ee7", "tree": "898dc33bb8a97345b6c3e1ace3ec29c1eb6a5234", "parents": [ "3a3c517696210f23f2c1d74d766ddf5750a3f4b8" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 06 03:32:39 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 06 11:20:51 2023 +0000" }, "message": "m/t/ktest: allow more memory and extra fssepcs\n\nktest until now used the QEMU default memory which is only 128MiB which\ncan be insufficent for tests with more data. Increase that to 1GiB\nwhich is a more reasonable limit. Since ktest doesn\u0027t use any filesystem\ncache in practice this shouldn\u0027t be using much more memory.\n\nAlso allow adding additional fsspecs to ktest which get integrated into\nthe test initramfs.\n\nChange-Id: Ib1a1611cb8e3fdce11a3fac7c0c1ed04097032ea\nReviewed-on: https://review.monogon.dev/c/monogon/+/1788\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "3a3c517696210f23f2c1d74d766ddf5750a3f4b8", "tree": "f20c99b0329b5895948e1cef5991dde8e5483a79", "parents": [ "fd6d4ebffd699ed87cd8bb41dd7a74e40cbe519c" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Thu Jun 01 19:54:17 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue Jun 06 01:46:23 2023 +0000" }, "message": "m/c/metroctl/test: deflake test\n\nThis test was flaky as the node picked to run takeownership against was\ndependent on map key order. Only the first node runs the relevant\ncontrol plane services, thus if the second node was iterated over first,\nthe test broke. Fix this by using the NodeIDs slice to get deterministic\nordering and always pick the first node.\n\nChange-Id: Id4ac162a8295be4e84ad439ac5b70ff5a968af04\nReviewed-on: https://review.monogon.dev/c/monogon/+/1784\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "fd6d4ebffd699ed87cd8bb41dd7a74e40cbe519c", "tree": "8cb613a43199be0dd5a93d98955c95f8d3e7779d", "parents": [ "f1628ac0972b8ee7da19322514dc229872b5982b" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu May 25 14:45:48 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed May 31 12:25:21 2023 +0000" }, "message": "m/node: introduce node storage setting and cluster policy\n\nThis adds NodeStorageSecurity and a corresponding\nClusterConfiguration.StorageSecurityPolicy, and pipes it into the\nMetropolis node bootstrap and registration flow.\n\nAll the various settings have so far only been tested manually. For now\nthe default behaviour (which is exercised by tests) is the same as\npreviously: require encryption and authentication.\n\nIn the future, we will have to expand our end-to-end testing to properly\nexercise all the various settings and verify their enforcement and\neffect. But that has to come in a follow-up CR as this one is already\nlarge enough as is.\n\nChange-Id: I76f3e37639ef02f4fc708af47ae5014408dc7c21\nReviewed-on: https://review.monogon.dev/c/monogon/+/1747\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "f1628ac0972b8ee7da19322514dc229872b5982b", "tree": "9720402ab66d83dbd69844ffea60403e73756f26", "parents": [ "2b0f3d3df1fd3f71b57bb2ea581a649678b2451e" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu May 25 14:43:19 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Wed May 31 12:25:21 2023 +0000" }, "message": "m/n/core/localstorage/crypt: support more enc/auth modes\n\nThis is in preparation for introducing configurable disk\nencryption/authentication policies in Metropolis (eg. low integrity\nmode).\n\nWe also use the opportunity to add some tests for the newly refactored\ncrypt library. All modes go through an end-to-end test making sure data\nis preserved and repeatedly mapping/unmapping the device works.\n\nThis change also disables insecure mode in debug builds. The equivalent\nfunctionality will be re-established at a higher level in the cluster\ncode in a subsequent change, alongside the encryption/authentication\npolicy code.\n\nChange-Id: I85db001c7c37a918cb491b1fcc3a51ea1d715817\nReviewed-on: https://review.monogon.dev/c/monogon/+/1724\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "2b0f3d3df1fd3f71b57bb2ea581a649678b2451e", "tree": "1018cd62c66bff7c239ae4df9ff076b4b4c832c9", "parents": [ "886c386f9acf84d2600878c61e5f1822a5fb8c1b" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed May 03 15:39:11 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed May 31 11:29:13 2023 +0000" }, "message": "m/n/c/network: set status with static config\n\nThis makes the static network service also set the network state if no\nautoconfiguration is in use.\nThis is currently quite hacky, it essentially checks if any interface\nuses IPv4 autoconfig/DHCP and if not it choses the first IPv4 address\nand sets that as the external address.\n\nChange-Id: I53cebfaa373512eec3d26c59640c0328297acf32\nReviewed-on: https://review.monogon.dev/c/monogon/+/1644\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "886c386f9acf84d2600878c61e5f1822a5fb8c1b", "tree": "e7c747d479e3d9854233894db49dc0a77c9ed43f", "parents": [ "8180de90e9b90601cb87feac51426e7f39abc747" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue May 23 16:47:41 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue May 30 20:37:36 2023 +0000" }, "message": "c/s/e/cli: add equinix api cli tooling\n\nThis is a fairly simple and hacked together cli but it does its job for basic maintenance tasks\n\nChange-Id: I043c12b930546f9405b9f8190326724122f1c0aa\nReviewed-on: https://review.monogon.dev/c/monogon/+/1704\nTested-by: Jenkins CI\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\n" }, { "commit": "8180de90e9b90601cb87feac51426e7f39abc747", "tree": "dfe750f650d7d3b16972f541e521d3e01f3898f2", "parents": [ "7c38eef75b395b0515e34e2059091f8b0f8d3daf" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu May 11 19:45:37 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue May 30 20:37:36 2023 +0000" }, "message": "c/s/e/wrapngo: add more api wrappers\n\nChange-Id: I826a799cccc609d95b1ea3bd933b019558690c59\nReviewed-on: https://review.monogon.dev/c/monogon/+/1556\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "7c38eef75b395b0515e34e2059091f8b0f8d3daf", "tree": "636f2fa665d79f14109e10a3abc7d277b1ab73a3", "parents": [ "f2af76024340e782002f5d07333e2f3d09031554" ], "author": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Wed May 24 14:48:14 2023 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Tue May 30 16:29:11 2023 +0000" }, "message": "third_party/linux: refresh config\n\nRan oldconfig from 5.15.104, no functional changes intended.\n\nThis is to make subsequent changes easier to review.\n\nChange-Id: I420073d3c8fdc8ce96a4ec22061c4158d9f99a9e\nReviewed-on: https://review.monogon.dev/c/monogon/+/1709\nTested-by: Jenkins CI\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\n" }, { "commit": "f2af76024340e782002f5d07333e2f3d09031554", "tree": "fcdf868bbbd891404514b5ee06a6716ab8e8d9fb", "parents": [ "2d1ebd3567567d9e6563776e637006c1d8d88e68" ], "author": { "name": "Florian Klink", "email": "flokli@flokli.de", "time": "Sat May 27 17:55:21 2023 +0300" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@monogon.tech", "time": "Mon May 29 21:11:43 2023 +0000" }, "message": "metropolis/node/core/minit: update year in copyright header\n\nThis updates the copyright line to include 2023.\n\nChange-Id: I8442cb10d369ee1a13485f601242fee65c210ede\nReviewed-on: https://review.monogon.dev/c/monogon/+/1725\nVouch-Run-CI: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\n" }, { "commit": "2d1ebd3567567d9e6563776e637006c1d8d88e68", "tree": "00305a6b2ddf285998adc442a893e4ca9a22773e", "parents": [ "c59c515435eff154d15c8f4f84ba9b83f93a94c8" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue May 23 01:53:12 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Tue May 23 13:25:20 2023 +0000" }, "message": "build/toolchain: remove deprecated use of @bazel_tools\n\n@bazel_tools//platforms will be removed with bazel 6.\nhttps://github.com/bazelbuild/bazel/issues/8622\n\nChange-Id: Iee484f68d76d83ec6d874d0eb4457bb273dc5ed8\nReviewed-on: https://review.monogon.dev/c/monogon/+/1703\nReviewed-by: Lorenz Brun \u003clorenz@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "c59c515435eff154d15c8f4f84ba9b83f93a94c8", "tree": "b78a15dc2e31d881a8c03b4fb2ca4baad48d413a", "parents": [ "c3b0828e6e3913eec277af22385f346bf0710bfa" ], "author": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Thu May 11 16:15:30 2023 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@monogon.tech", "time": "Mon May 15 10:59:19 2023 +0000" }, "message": "cloud/bmaas: do not start/recover agent on installed machines\n\nThis prevents us from perpetually restarting machines (or otherwise\nattempting to get the agent running) on machines that have a \u0027fulfilled\u0027\ninstallation request, ie. machines with a machine generation in their\ninstallation request/report tags.\n\nThe recovery flow will still kick in when a new installation request\ncomes in after a machine has been sucesffuly installed, and that will\nstill cause a reboot loop (as even rebooting the machine does not allow\nus to start an agent anymore if it has been installed). But we\u0027ll fix\nthat later.\n\nChange-Id: I49bb81be5d35ef600e18021bdf98bb207bb8d5a7\nReviewed-on: https://review.monogon.dev/c/monogon/+/1672\nReviewed-by: Tim Windelschmidt \u003ctim@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "c3b0828e6e3913eec277af22385f346bf0710bfa", "tree": "fc7b8d7130bff9f6167193c2060db4f6806ba29f", "parents": [ "d03df119187ac7c00c07be585e20f790cc0daab4" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu May 04 16:39:15 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon May 08 12:21:25 2023 +0000" }, "message": "cloud/bmaas/bmdb/webug: add color coding for host status\n\nTo allow easier understanding of a backoff without opening the machine itself,\nits handy to have a color coding for the provider host status. Currently it only displays\nrunning as green and everything else as red, but that should be fine for now.\n\nChange-Id: I5f16cd6a0b14dc595c94f6ca1e647d3ba1f21d95\nReviewed-on: https://review.monogon.dev/c/monogon/+/1647\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" }, { "commit": "d03df119187ac7c00c07be585e20f790cc0daab4", "tree": "62c90dc3f6de7de0f2d35818adb558b7a42b3baf", "parents": [ "93b6fadb35d57b685ceb44530baaa79a7ed61fa4" ], "author": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Thu May 04 16:38:49 2023 +0200" }, "committer": { "name": "Tim Windelschmidt", "email": "tim@monogon.tech", "time": "Mon May 08 12:21:25 2023 +0000" }, "message": "cloud/bmaas/bmdb/webug: add location tag to host list\n\nChange-Id: I86e00fe3534cdc62fef73931647f15d6346ea1bf\nReviewed-on: https://review.monogon.dev/c/monogon/+/1646\nReviewed-by: Serge Bazanski \u003cserge@monogon.tech\u003e\nTested-by: Jenkins CI\n" } ], "next": "93b6fadb35d57b685ceb44530baaa79a7ed61fa4" }