)]}' { "log": [ { "commit": "c3ae7588e04e283a9ee798823ff590f2eb26e13f", "tree": "dca98f6ae4627ba043527f1a2de01fb3b740be44", "parents": [ "3b544a960249e7000b4fd9ce36f118c261c467df" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Jun 08 17:15:26 2020 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Jun 08 17:15:26 2020 +0200" }, "message": "core/initramfs: add cilium, force static binaries\n\nThis adds a Bazel transition to the initramfs rule to ensure all\nbinaries that are part of it are built statically.\n\nTest Plan: tested by building the binary and checking all binaries are static\n\nX-Origin-Diff: phab/D557\nGitOrigin-RevId: 897b902c6b139fdffd1179caae757f5151ad7804\n" }, { "commit": "3b544a960249e7000b4fd9ce36f118c261c467df", "tree": "7c9c8febf50d0d4066ad952af8ce0fc09205352d", "parents": [ "e28e6d791792806eebbef7bb83681e6b6b815408" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Jun 08 19:24:42 2020 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Jun 08 19:24:42 2020 +0200" }, "message": "scripts: fietsje cleanliness check in CI\n\nTest Plan: CI\n\nBug: T788\n\nX-Origin-Diff: phab/D553\nGitOrigin-RevId: 25a9553d42c26507297d953849c838d55a1b4043\n" }, { "commit": "e28e6d791792806eebbef7bb83681e6b6b815408", "tree": "0ba4b0342ed6b2a6a009546d4662607a61cd1832", "parents": [ "a013ffaf2d7bc71a06148584020d429903456fff" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Jun 03 11:39:25 2020 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Jun 03 11:39:25 2020 +0200" }, "message": "core/tests/e2e: print pprof server port\n\nTest Plan: Ran tests, connected to pprof server address.\n\nX-Origin-Diff: phab/D549\nGitOrigin-RevId: b9aee2334d7ae981144add8996eb3a49d1afdd82\n" }, { "commit": "a013ffaf2d7bc71a06148584020d429903456fff", "tree": "95abf15e717ee2e1b0378ec4f922e84e57c0a1eb", "parents": [ "fc5dbc6646c6e332f5cbb88f6a68b6fbcffebe77" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Jun 03 15:09:32 2020 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Jun 03 15:09:32 2020 +0200" }, "message": "core/tests/e2e: wait for all subprocesses we created\n\nTest Plan: `bazel test core/tests/e2e/... --runs_per_test\u003d10`\n\nX-Origin-Diff: phab/D548\nGitOrigin-RevId: e7ed0d0f782fc38dfa94f83ded890187c6fd9c70\n" }, { "commit": "fc5dbc6646c6e332f5cbb88f6a68b6fbcffebe77", "tree": "4ea7cb93b2f0abfca9f547ee1401d39b73a79f5d", "parents": [ "140bddcbe1aac46b168f6fc2178eb9c3870a434c" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu May 28 12:18:07 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu May 28 12:18:07 2020 +0200" }, "message": "Add E2E tests for basic functionality and port launching to Go\n\nThis adds a new E2E test suite replacing the old log-parsing\nbased one. It also moves launching and controlling Smalltown VMs into\na Go package and command and exposes the \u0027//:launch\u0027 alias.\nThe new E2E test suite covers basic conditions (IP assigned, Data\navailable) and Kubernetes Node, Deployment and StatefulSet tests.\n\nTest Plan: This consists of E2E tests\n\nX-Origin-Diff: phab/D544\nGitOrigin-RevId: 7c624c667c849068bafa544a3a6c635d6d406e1c\n" }, { "commit": "140bddcbe1aac46b168f6fc2178eb9c3870a434c", "tree": "8719383a79e42b1334a53f88bdc015872cba66dd", "parents": [ "e6030f696613983ea00fc93b9e8b826cea7a1e9a" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri Jun 05 21:01:19 2020 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri Jun 05 21:01:19 2020 +0200" }, "message": "core: build initramfs using generic initramfs rule\n\nThis chips away at three different things:\n - it brings us closer to hermetic and cross-platform builds by not\n depending on genrule/shell and lz4-the-tool\n - it generalizes initramfs building (allowing for more than one to be\n built, if necessary)\n - sets the stage to use Bazel transitions [1] to force all included Go\n binaries to be built in pure/static mode while allowing host Go\n binaries to use cgo/dynamic linking if necessary, and hopefully also\n allowing us to get rid of some BUILD patches that set pure\u003d\u0027on\u0027 in\n go_binary calls (notably needed in Cilium and some existing\n third_party dependencies).\n\n[1] - https://docs.bazel.build/versions/master/skylark/config.html#user-defined-transitions\n\nTest Plan: build machinery change, covered by existing tests\n\nX-Origin-Diff: phab/D554\nGitOrigin-RevId: a5561eb5ca16e6529b9a4a2b98352f579c424222\n" }, { "commit": "e6030f696613983ea00fc93b9e8b826cea7a1e9a", "tree": "89a0459f2d021a77701faaa73742c21a24f07843", "parents": [ "4cc664da40ef91422fb90039b2a1e90a3f997078" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed Jun 03 17:52:59 2020 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed Jun 03 17:52:59 2020 +0200" }, "message": "core/internal/kubernetes: refactor reconciler, move to subpackage\n\nThis makes the reconciler a bit more generic, and thus allows for\nwriting some basic tests (of the reconciler logic and of the declared\nresources).\n\nWe also start the cleanup of //core/internal/kubernetes by moving the\nreconciler into a separate subpackage. This creates two sketchy\ncross-package references that we\u0027ll need to fix in the future once we\ncontinue the cleanup and modularization of the Kubernetes package.\n\nTest Plan: the reconciler is now tested with unit tests!\n\nX-Origin-Diff: phab/D552\nGitOrigin-RevId: b43643065c8174402922c62e80cd9c87fdce2f13\n" }, { "commit": "4cc664da40ef91422fb90039b2a1e90a3f997078", "tree": "9742180802c0f4364641bbc9607dea521d7a9a86", "parents": [ "980d003d69087eb3ef8976a2a7c2df6c7d3c54e7" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jun 02 16:08:24 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue Jun 02 16:08:24 2020 +0200" }, "message": "Reconciler fixup\n\nI made some changes further down the revision stack which weren\u0027t properly propagated.\nThis makes sure the code from subsequent revisions also has the necessary changes.\n\nTest Plan: `bazel run //:launch` no longer shows the reconciler looping\n\nX-Origin-Diff: phab/D547\nGitOrigin-RevId: 2d8c6121b071504048f10cd8a34cbfba2a0f94b7\n" }, { "commit": "980d003d69087eb3ef8976a2a7c2df6c7d3c54e7", "tree": "21d2bb6bd95974f0d3aef170e04f49e1dcd1eb58", "parents": [ "3058b7ab4e220c37624e1204744f0b17efd920d5" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Jun 03 14:44:49 2020 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Jun 03 14:44:49 2020 +0200" }, "message": "scripts: create local container with --net\u003dhost\n\nThis makes local debugging easier. We don\u0027t consider the\ncontainer an effective security barrier, anyway.\n\nTest Plan: Connected to a local server.\n\nX-Origin-Diff: phab/D551\nGitOrigin-RevId: d452d9f5a4addf4c526b7ac8f7ac688c36b816c5\n" }, { "commit": "3058b7ab4e220c37624e1204744f0b17efd920d5", "tree": "d501623c882286d2cd5e0977c1dd262db9f65dbe", "parents": [ "b15abadcd33cc25c220a2e8987f11bd967af5765" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Jun 03 17:51:07 2020 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Jun 03 17:51:07 2020 +0200" }, "message": "build: add fietsje config and alias for Delve debugger\n\nTest Plan: Debugged a running process using `bazel run :dlv`.\n\nX-Origin-Diff: phab/D550\nGitOrigin-RevId: 3bea727afc0cc275fac19238067d871c42beef19\n" }, { "commit": "b15abadcd33cc25c220a2e8987f11bd967af5765", "tree": "e9744eb8694a12238f345fa409ba1553f813d18d", "parents": [ "0db90ba4fde0be782f2dc43f4e6d269d7c1c5f0b" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Apr 16 11:17:12 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Apr 16 11:17:12 2020 +0200" }, "message": "Add PV provisioner\n\nThis adds a new PV provisioner which works together with the\nCSI Node driver to provide storage to workloads on Smalltown.\nIt talks to Kubernetes and listens for PVCs which need to be provisioned\nand PVs which have been released and need to be deleted.\n\nIs is implemented as a per-node agent where every node provisions the\nvolumes scheduled onto it by kube-scheduler.\n\nTest Plan: Manually tested by running `bazel run //core/cmd/dbg -- kubectl create -f $PWD/pv-test.yml` and observing a provisioned PV that\u0027s attached to the pod. An example `test-pv.yml` is in P137.\n\nX-Origin-Diff: phab/D482\nGitOrigin-RevId: 75a871b039e71dd248f937719c471e0277887964\n" }, { "commit": "0db90ba4fde0be782f2dc43f4e6d269d7c1c5f0b", "tree": "49237accda7efdae1c8398aa10da4aaa3ee9a4c8", "parents": [ "8e3b8fc9c4ccf5f92179c249de692e38a92d6ee0" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon Apr 06 14:04:52 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon Apr 06 14:04:52 2020 +0200" }, "message": "Implement CSI node plugin\n\nThis implements a CSI node plugin with registration support\nbacked by bind mounts from our XFS data partition.\nIt supports online volume expansion (and technically shrinking,\nbut K8s does not support shrinking) and CSI statistics backed by fsquota\n\nTest Plan: TBD\n\nX-Origin-Diff: phab/D471\nGitOrigin-RevId: 6bc37dac3726b39bd5d71cfddb2d53aeee0c8b4d\n" }, { "commit": "8e3b8fc9c4ccf5f92179c249de692e38a92d6ee0", "tree": "0cb705a7be0e42ac642cef771edab856f6676098", "parents": [ "8da5377d65930ff0a4085449c61f09fcfe64ec02" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue May 19 14:29:40 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue May 19 14:29:40 2020 +0200" }, "message": "Port kubernetes package to supervisor\n\nThis replaces the ad-hoc goroutine and process management\npreviously in the kubernetes package with a nice supervisor-based\nimplementation which should make it easier to understand and more\nreliable. It also prevents creation of more ad-hoc launching code\nfor future features (like CSI \u0026 Provisioning).\n\nSince porting SmalltownNode is rather involved I just instantiated a\nnew supervision tree in the Kubernetes main service and wired it\nup to the old interface. Once we port SmalltownNode we can just\nremove the legacy Start() method and directly call Run().\n\nTest Plan:\nPasses Bazel tests, Kubernetes functionality was manually\ntested by running `bazel run //core/cmd/dbg -- kubectl run -i --image alpine:edge sh`\nto verify that Kubernetes still works properly. Automated tests for this\nare being worked on.\n\nX-Origin-Diff: phab/D534\nGitOrigin-RevId: 001de38eaa5c7ee661bf5db9a7c3d0125c1b6af2\n" }, { "commit": "8da5377d65930ff0a4085449c61f09fcfe64ec02", "tree": "1bed5948776792298347e315341d199fc7bdcaa6", "parents": [ "6acfc323aa74a424220907218cfa7f303b6992cc" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Jun 02 15:56:51 2020 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Jun 02 15:56:51 2020 +0200" }, "message": "core/cmd/init: ignore SIGURG\n\nTest Plan: Error is gone.\n\nBug: T743\n\nX-Origin-Diff: phab/D526\nGitOrigin-RevId: ad080bd3299c2c32208ba7553b750b16282c5656\n" }, { "commit": "6acfc323aa74a424220907218cfa7f303b6992cc", "tree": "abb236a6ff03f48907c3feb398a1fac70212cf64", "parents": [ "878f5f9e5f9de93b09d354db7d116fd3d558dbfa" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed May 13 17:01:26 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed May 13 17:01:26 2020 +0200" }, "message": "Add support for gVisor logging\n\nTest Plan: Started Container using `bazel run //core/cmd/dbg -- kubectl run -i busybox --image\u003dbusybox test`, then observed logs using `bazel run //core/cmd/dbg logs containerd.runsc`\n\nX-Origin-Diff: phab/D527\nGitOrigin-RevId: 10dfa1704cbc18becc2005e7b38cc881e6ec50b5\n" }, { "commit": "878f5f9e5f9de93b09d354db7d116fd3d558dbfa", "tree": "994b67ea5264f7e38bb67e9043a369454eaab75d", "parents": [ "9a741a861a4cb5c52b0251a4abf3a2c606b06198" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue May 12 16:15:39 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Tue May 12 16:15:39 2020 +0200" }, "message": "Add Kubernetes Worker and infrastructure\n\nAdds Kubernetes Kubelet with patches for syscall-based mounting and\nsyscall-based (and much faster) metrics. fsquota patches have been\ndeferred to a further revision (for robust emptyDir capacity isolation).\n\nChanges encoding of the node ID to hex since Base64-URL is not supported\nas a character set for K8s names. Also adds `/etc/machine-id` and\n`/etc/os-release` since Kubernetes wants them. `os-release` is generated\nby stamping, `machine-id` is the hex-encoded node ID derived from the\npublic key.\n\nAlso includes a primitive reconciler which automatically ensures a set of\nbuilt-in Kubernetes objects are always present. Currently this includes\na PSP and some basic RBAC policies that are elementary to proper cluster\noperations.\n\nAdds an additional gRPC service (NodeDebugService) to cleanly\ncommunicate with external debug and test tooling. It supports reading\nfrom logbuffers for all externally-run components, checking conditions\n(for replacing log matching in testing and debugging) and getting\ndebug credentials for the Kubernetes cluster.\n\nA small utility (dbg) is provided that interfaces with NodeDebugService\nand provides access to its functions from the CLI. It also incorporates\na kubectl wrapper which directly grabs credentials from the Debug API\nand passes them to kubectl\n(e.g. `bazel run //core/cmd/dbg -- kubectl describe node`).\n\nTest Plan:\nManually tested.\nKubernetes:\n`bazel run //core/cmd/dbg -- kubectl create -f test.yml`\n\nChecked that pods run, logs are accessible and exec works.\n\nReading buffers:\n`bazel run //core/cmd/dbg -- logs containerd`\n\nOutputs containerd logs in the right order.\n\nAutomated testing is in the works, but has been deferred to a future\nrevision because this one is already too big again.\n\nX-Origin-Diff: phab/D525\nGitOrigin-RevId: 0fbfa0c433de405526c7f09ef10c466896331328\n" }, { "commit": "9a741a861a4cb5c52b0251a4abf3a2c606b06198", "tree": "1ec5dddcbc049c76f67585c5d03f184ee6c66a9c", "parents": [ "14cf750cac0d6c6e9504871246a45a226b2eb03e" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu May 28 15:08:45 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu May 28 15:08:45 2020 +0200" }, "message": "Apply containerd build patch again\n\nThe containerd pure mode build patch is no longer being applied after D535.\ncontainerd is thus no longer executable since we don\u0027t have a dynamic loader\nin Smalltown. This applies the patch again using Fietsje.\n\nTest Plan: Tested under D544\n\nX-Origin-Diff: phab/D545\nGitOrigin-RevId: 76bc4804c4dd0faf5fd38685d0c69bfa4af6ea94\n" }, { "commit": "14cf750cac0d6c6e9504871246a45a226b2eb03e", "tree": "5c17e5c6e9904675403e47f8a8658e966a9506b0", "parents": [ "f369cfa3ab4ad5ba882fa66f2fd1c3df8e5b4495" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu May 28 14:29:56 2020 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu May 28 14:29:56 2020 +0200" }, "message": "fietsje: implement .replace, add Cilium dependencies.\n\nThe new .replace() can be used to mirror \u0027replace\u0027 stanzas in go.mod,\nand that\u0027s what it\u0027s being used for in Cilium, as it ships a handful of\nforked libraries that we have to pull in.\n\nThe Cilium targets are currently unused, but the ones confirmed to build\nare:\n\n - @com_github_cilium_cilium//cilium: cilium API client\n - @com_github_cilium_cilium//daemon:daemon: cilium daemon/agent\n - @com_github_cilium_cilium//operator: cilium operator\n\nThese currently built as dynamic libraries - turning them into\nstatic/pure builds will come in a later build.\n\nTest Plan: how do we test this? :)\n\nX-Origin-Diff: phab/D542\nGitOrigin-RevId: b38c7c1d0be8b0b88ea8f6992c9c5557189399cc\n" }, { "commit": "f369cfa3ab4ad5ba882fa66f2fd1c3df8e5b4495", "tree": "623bb7e085852f87e9ad6618408dc4b3171f7b29", "parents": [ "df12522ed48dbac7edbae32be01a09770b01d0f7" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri May 22 18:36:42 2020 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Fri May 22 18:36:42 2020 +0200" }, "message": "fietsje: implement\n\nThis introduces Fietsje, a little Go dependency manager.\n\nFor more information, see third_party/go/fietsje/README.md.\n\nWe also bump some dependencies while we\u0027re at it, notably, sqliboiler\nnow uses Go modules. If we weren\u0027t to do that, we\u0027d have to add more\nheuristics to Fietsje to handle the old version correctly.\n\nTest Plan: fietsje is untested - I\u0027ll add some tests to it. Everything else is just regenerating basically the same repositories.bzl file, but with some bumped dependencies.\n\nX-Origin-Diff: phab/D535\nGitOrigin-RevId: 4fc919e1bd386bc3f3c1c53e672b1e3b9da17dfc\n" }, { "commit": "df12522ed48dbac7edbae32be01a09770b01d0f7", "tree": "167d9d5de66c430cc2ddd37feff561430ed0be5d", "parents": [ "d3c59d22955d01ff4afcada9d4845cd935d820b7" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Sat May 23 00:29:30 2020 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Sat May 23 00:29:30 2020 +0200" }, "message": "*: unpin rules_go/gazelle\n\nWe unpin these now that Gazelle 0.21.0 is out. This release also changes\nrunfile pathnames for go_binary, so we have to fix up the test_boot.sh\nscript that hardcodes a path.\n\nThis also pulls in a new protobuf version, that we have to let in with\nits imperfections that nogo rightfully complains about.\n\nTest Plan: machinery change, current tests cover this\n\nX-Origin-Diff: phab/D538\nGitOrigin-RevId: ad83d7868608b6883a891d127a6fbaf28f8aa14a\n" }, { "commit": "d3c59d22955d01ff4afcada9d4845cd935d820b7", "tree": "faa355d618630f556b053707cbe5ee60f84a534e", "parents": [ "c88c82db8b1a7f8a07782c970e1d0dfb453f9f66" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon May 11 16:00:22 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon May 11 16:00:22 2020 +0200" }, "message": "Update to Go 1.14\n\nUpdates the Go toolchain to 1.14 and gets rid of all upstreamed\npatches. Also shrinks binary sizes.\n\nTest Plan: Should be covered by CI.\n\nX-Origin-Diff: phab/D515\nGitOrigin-RevId: 1c400a6ba6a8d78a02aba925d95486b807eda0e9\n" }, { "commit": "c88c82db8b1a7f8a07782c970e1d0dfb453f9f66", "tree": "22072c4f18e4aaa855577ff0b42a86ef77a9c4cb", "parents": [ "60febd9db40970a31a2f49bdb969897a37c11cc6" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Fri May 08 14:35:04 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Fri May 08 14:35:04 2020 +0200" }, "message": "Add containerd \u0026 gVisor support\n\nThis adds containerd, CNI, gVisor and all the necessary shims\nand supporting infrastructure. It also enables all relevant features in\nthe Linux kernel. containerd is designed as a simple supervisor.Runnable.\nIt is not being started yet, this will happen in D497.\n\nSplit out from feature/kubelet.\n\nTest Plan:\nHas been tested in conjunction with the rest of D497, will be\ncovered by a K8s E2E test there.\n\nX-Origin-Diff: phab/D509\nGitOrigin-RevId: 92523516b7e361a30da330eb187787e6045bfd17\n" }, { "commit": "60febd9db40970a31a2f49bdb969897a37c11cc6", "tree": "8ac7756b46db3333e0f81dea04ce1d8bbfe38e62", "parents": [ "fc2c4f5bc24286f24d3fe130bec61cf9fc59982d" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu May 07 14:08:18 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu May 07 14:08:18 2020 +0200" }, "message": "Clean up consensus etcd log output\n\nIntegrates our Zap logger into our etcd embedded instance to\nclean up the logs. Split out from D497 (ex feature/kubelet).\n\nTest Plan:\n`bazel run //core/scripts:launch` no longer shows etcd JSON\noutput.\n\nX-Origin-Diff: phab/D498\nGitOrigin-RevId: 8df3b9c3edd20310079306479adfadf983af7da2\n" }, { "commit": "fc2c4f5bc24286f24d3fe130bec61cf9fc59982d", "tree": "f467337f1cc022eb06f0d6655a239af7a4a41723", "parents": [ "ac6b6441f65fa160c1a3d2e9b31277e747c96a32" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed May 06 19:26:32 2020 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed May 06 19:26:32 2020 +0200" }, "message": "ci: enable race detector in tests\n\nThe Go race detector [1] allows to detect runtime data races between\nGoroutines.\n\nAdding it to the test suite can increase runtime significantly (by\naround 20x), but for the amount of tests we have right now it should\nbe acceptable to always run them on every diff in CI.\n\n[1] - https://golang.org/doc/articles/race_detector.html\n\nTest Plan: consider the test runtime increase before merging\n\nX-Origin-Diff: phab/D496\nGitOrigin-RevId: 655a9ae3d3b4d72eae26180434f685193de6d9a7\n" }, { "commit": "ac6b6441f65fa160c1a3d2e9b31277e747c96a32", "tree": "340b921508eba906823c28740b2010733d108c13", "parents": [ "19bb4125a7eb155a51143046a8501b40702aa650" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed May 06 19:13:43 2020 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Wed May 06 19:13:43 2020 +0200" }, "message": "core/internal/common/supervisor: deflake\n\nWe fix several flaky tests in the supervisor framework, and one bug in the\nsupervisor itself.\n\nTests are deflaked by depending less on tight timing and instead on a\n\u0027settled\u0027 state of the supervisor, which is basically a wait to join the\nsupervisor when it\u0027s done with whatever work it\u0027s currently taking care\nof.\n\nAnother flake, TestBackoff, is fixed by widening the allowed restart\ntime.\n\nFinally, we fix a bug in the supervisor that caused it to spuriously\nrestart children when it would schedule them when their future parents\ncontext was canceled.\n\nFinally, we make some log messages less verbose.\n\nTest Plan: Covered by existing tests that are now less flaky. This was tested with bazel test --runs_per_test\u003d100 to not flake anymore.\n\nX-Origin-Diff: phab/D495\nGitOrigin-RevId: f92f7368708c54c59644d3e7dca03b2b5692c30a\n" }, { "commit": "19bb4125a7eb155a51143046a8501b40702aa650", "tree": "3b3bbc665edc254ba901baaf883ac96712125c18", "parents": [ "f64021170952839c39f25e13e8771d8e377af898" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon May 04 17:57:50 2020 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon May 04 17:57:50 2020 +0200" }, "message": "//core/internal/supervisor: drop panic propagation flag\n\nThis made the race detector unhappy (for a good reason), and was\nactually unused. The only place where we do want panic propagation is in\ntests, and making it configurable by an option passed to New() is much\nmore friendly, anyway.\n\nTest Plan: Behaviour unchanged, covered by existing tests.\n\nX-Origin-Diff: phab/D490\nGitOrigin-RevId: 465a8244445906bbb12e8fec13ccab0c87ab50f6\n" }, { "commit": "f64021170952839c39f25e13e8771d8e377af898", "tree": "06b4841b976cba50dea2f567d300ae2a5b355a14", "parents": [ "bb7db92ee6e788b576e22ece70914e0321a785f7" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon May 04 16:50:31 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon May 04 16:50:31 2020 +0200" }, "message": "Enable stamping and use correct variables\n\nIn D487 stamping was introduced, but not actually enabled. This enables it.\n\nKubernetes also uses \"volatile\" stamping variables for things that logic\ndepends on. This is a terrible idea because\nyou cannot unbreak a build since volatile stamps don\u0027t trigger a rebuild.\nThe status variables which are not purely informational have been changed\nto \"stable\" variables\n(see https://docs.bazel.build/versions/master/user-manual.html#flag--workspace_status_command).\n\nTest Plan:\nBy itself not really testable, but has been tested on an\nupcoming revision that actually depends on stamping behaving correctly.\n\nX-Origin-Diff: phab/D491\nGitOrigin-RevId: 48dda066d56e29d10fb0f0a88a845d8caf527c98\n" }, { "commit": "bb7db92ee6e788b576e22ece70914e0321a785f7", "tree": "1f4fee21a390625bd9766d0394e3076cf7e34d48", "parents": [ "547b33f2b38dba41f2c171f8730ff5093b267eaf" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Apr 30 12:43:10 2020 +0200" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Apr 30 12:43:10 2020 +0200" }, "message": "Add all dependencies for Kubernetes worker\n\nAdds Kubelet, CNI plugins, containerd, runc and gVisor using a\npre-baked list of dependencies generated using scripts/gazelle-deps/sh.\n\nThis moves all dependencies of gVisor, Kubernetes, runc, etc into the\nsame \u0027namespace\u0027 of Bazel external repositories, giving us ease of\naccessing code as libraries, and benefits when it comes to version\nauditing.\n\nThe gazelle-deps.sh script is a temporary solution that will be replaced\nASAP, see T725.\n\nThis unblocks T486.\n\nThis is an alternative to D389.\n\nTest Plan: `bazel build //core:image` runs and picks up the new binaries\n\nX-Origin-Diff: phab/D487\nGitOrigin-RevId: a28a25071fa2ae76b272d237ce9af777485065ff\n" }, { "commit": "547b33f2b38dba41f2c171f8730ff5093b267eaf", "tree": "0b1993d79cd3724613e43caed66e81979de0b082", "parents": [ "3dba53221970a81cdc1158cced2c6acf85b33065" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Apr 23 15:27:06 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Apr 23 15:27:06 2020 +0200" }, "message": "Add in-kernel test runner\n\nThis adds a way to run tests inside the Smalltown kernel.\n\nImprovements to the Bazel part of this are tracked in T726\n\nTest Plan: Tested by intentionally failing the test.\n\nX-Origin-Diff: phab/D485\nGitOrigin-RevId: e4aad7f28d122d82a7fcb6699e678cbe022e2f73\n" }, { "commit": "3dba53221970a81cdc1158cced2c6acf85b33065", "tree": "aceb033e536e6de6ec2825c3ee8bfb3a08ccad90", "parents": [ "c452a8dc724400c58a32faf4c4f51291b2675099" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Apr 28 12:23:04 2020 +0200" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Apr 28 12:23:04 2020 +0200" }, "message": "Fix ram_utilization_factor deprecation warning\n\nTest Plan: CI\n\nX-Origin-Diff: phab/D486\nGitOrigin-RevId: 2ef96572fab6e00c5b6c414ff542c8559eb6a84b\n" }, { "commit": "c452a8dc724400c58a32faf4c4f51291b2675099", "tree": "8d872a9f7565b63ddd37497797c8b111be89e18c", "parents": [ "5d7d2a42ed0394ecc57ef3cde1d837d8a997ec20" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon Apr 20 14:09:39 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon Apr 20 14:09:39 2020 +0200" }, "message": "Update built-in container to Fedora 32\n\nUpdates the base image of the built-in dev container to\nFedora 32 to get access to qemu 4.2+ and microvm.\n\nTest Plan: Covered by CI\n\nX-Origin-Diff: phab/D484\nGitOrigin-RevId: 3ac0fd3e9321acdb79814513e1fd7b4c10ef746d\n" }, { "commit": "5d7d2a42ed0394ecc57ef3cde1d837d8a997ec20", "tree": "55ead1cb4ddbd347faf26f7370b46de7e7f634b6", "parents": [ "1d8017549154d0bf2c36610d75eee8de9b25ce02" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon Apr 06 14:11:02 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon Apr 06 14:11:02 2020 +0200" }, "message": "Update Kubernetes to 1.18.0\n\nUpdates Kubernetes to 1.18.0 and removes patches that are no\nlonger needed. The directories themselves and the build code that deals\nwith patching is left intact since rebasing D389 and subsequent K8s work\nwould otherwise be unnecessarily complicated.\n\nTest Plan: Should be covered by CI\n\nX-Origin-Diff: phab/D470\nGitOrigin-RevId: 5c7749926f0adcc8d58e3bff3ce6413bab1d797d\n" }, { "commit": "1d8017549154d0bf2c36610d75eee8de9b25ce02", "tree": "854997e22377a1a3b2b2ef00fa9efe8fc2651228", "parents": [ "25b82a85dceb8f3ce847d712fa58809d87f316fb" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Apr 02 09:24:51 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Apr 02 09:24:51 2020 +0200" }, "message": "Introduce fsquota package\n\nThis introduces a new fsquota package and\na few low-level support packages to simplify the\nmanagement of filesystem quotas.\n\nTo expose an API that\u0027s nice to use while staying\nperformant and safe the new fsinfo syscall is being\nused. Since that syscall is not yet in mainline it has\nbeen backported to our 5.6 kernel.\n\nTest Plan:\nManually validated on our kernel, automated\ntests are pending some Bazel work to be able to run them\ninside our own kernel.\n\nX-Origin-Diff: phab/D462\nGitOrigin-RevId: bb463056589d2b13b7cf32d48ab0b884e70b1bad\n" }, { "commit": "25b82a85dceb8f3ce847d712fa58809d87f316fb", "tree": "badbb242c6fbd3889af79a5bb493895285d42707", "parents": [ "fd16651a2ef1484b7d8f12d0a7c7f93899af2747" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon Mar 23 20:27:51 2020 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon Mar 23 20:27:51 2020 +0100" }, "message": "Added logbuffer helper package\n\nThis adds a small package which is used to store logs for other\nbinaries we\u0027re calling. It\u0027s an in-memory non-depleting ring buffer\ncapable of directly taking in a stream (for example from stdout).\nFor reliability it has bounded total memory consumption.\nIt offers a simple interface to get the last n log lines out.\n\nTest Plan: Has 100% test coverage built-in\n\nBug: T667\n\nX-Origin-Diff: phab/D442\nGitOrigin-RevId: 32d5944650793b6cea8ec48a40ea4abb3944ad21\n" }, { "commit": "fd16651a2ef1484b7d8f12d0a7c7f93899af2747", "tree": "f7931a575e0a7133695b2e5a7ec412a2c21731e1", "parents": [ "b1b742f91489cafa199bf5dd6e83d965cb23f63f" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Apr 01 17:29:45 2020 +0200" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Wed Apr 01 17:29:45 2020 +0200" }, "message": "Update Linux to 5.6\n\nTest Plan: Covered by existing tests.\n\nX-Origin-Diff: phab/D458\nGitOrigin-RevId: ebc83b17a0bcf66997d65763d8ff852a2613887c\n" }, { "commit": "b1b742f91489cafa199bf5dd6e83d965cb23f63f", "tree": "11ad76da23350c0d70ee2f21aa50e56cb1421b57", "parents": [ "9c09c4e9a637dedc1643e32419f56f789e79fec8" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Mar 24 13:58:19 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Mar 24 13:58:19 2020 +0100" }, "message": "core/internal/network: move to supervisor\n\nTest Plan: behaviour shouldn\u0027t change, covered by existing tests\n\nBug: T653\n\nX-Origin-Diff: phab/D430\nGitOrigin-RevId: b92f0953daba6da84bad96120cde2021c4a82e5c\n" }, { "commit": "9c09c4e9a637dedc1643e32419f56f789e79fec8", "tree": "3f8d222ee9d25ede79ba11fee50eb095b6d5658f", "parents": [ "7b5d994379ef72ccf9f4de15d01b9604fc650287" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Mar 24 13:58:01 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Mar 24 13:58:01 2020 +0100" }, "message": "supervisor: init\n\nThis introduces the service supervisor (or supervisor, for short) - a\nlibrary used to reliably run parts of Smalltown.\n\nThe design is outlined in [[ https://phab.monogon.dev/u/supervision | go/supervision ]].\n\nThis only implements the supervision itself, and does not actually use\nit in Smalltown. Another revision based on this one will aims to move at\nleast parts of the codebase onto this library.\n\nTest Plan: the supervision code is integration tested\n\nBug: T653\n\nX-Origin-Diff: phab/D429\nGitOrigin-RevId: cffa73de5957e95af629b78379ffc0c7e8681afb\n" }, { "commit": "7b5d994379ef72ccf9f4de15d01b9604fc650287", "tree": "baaa1bb99c2cb3e081d4f978303be56520a3e4df", "parents": [ "9374393a16b9400866003cd972f9c4711c94869c" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Mar 19 16:14:02 2020 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Mar 19 16:14:02 2020 +0100" }, "message": "Update rules_go to 0.22.1 to fix @go_googleapis issue\n\nThis fixes a known issue[1] with rules_go in combination with\nBazel 2.2+ and some protobuf generates (like @go_googleapis).\nAlso updates a few dependencies because rules_go switched to\na newer GRPC compiler.\n\n[1] https://github.com/bazelbuild/bazel/issues/10681\n\nTest Plan: bazel test //... works again on Bazel 2.2+\n\nX-Origin-Diff: phab/D436\nGitOrigin-RevId: d5700cbaa59fefd791f5c9902195f0294a0e6f07\n" }, { "commit": "9374393a16b9400866003cd972f9c4711c94869c", "tree": "d201cb040a78e99baac99e6473c249d790be6b24", "parents": [ "8c8e677b05f92d948f3c864451751b7ca45a8462" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Fri Mar 13 14:20:29 2020 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Fri Mar 13 14:20:29 2020 +0100" }, "message": "test_boot is now a medium-sized test\n\nWe upped the timeout to 120, but Bazel had a lower timeout.\n\nGitOrigin-RevId: 8e9581b20760746e75edc990229be78ddf7992bb\n" }, { "commit": "8c8e677b05f92d948f3c864451751b7ca45a8462", "tree": "d03e67191aa589d5eb0dfc446619e1785e65fcc4", "parents": [ "581b0bd6386a077e29107710e008983b62233ccf" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Thu Mar 12 20:24:13 2020 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Thu Mar 12 20:24:13 2020 +0100" }, "message": ".bazelrc: set --test_output\u003derrors to debug master build failures\n\nBackported from D429,\n\nGitOrigin-RevId: 05a024e59fd598e180249c55a21dc1f8eaa24dc4\n" }, { "commit": "581b0bd6386a077e29107710e008983b62233ccf", "tree": "85cf721d9711e7adc88c744c55ee12a96ee7114d", "parents": [ "79d7a625709242204993cffbd99ed734dc1c50a5" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Mar 12 13:36:43 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Thu Mar 12 13:36:43 2020 +0100" }, "message": "init: remount to tmpfs\n\nrunsc needs to be able to pivot_root. According to @lorenz this does not\nwork from initramfs. This introduces a temporary fix to re-mount and\nre-exec into a new root based on tmpfs.\n\nA proper fix would be to use a real filesystem instead of initramfs\n(like squashfs), but this will do for now.\n\nWe also use this opportunity to use devtmpfs instead of manually\nmanaging /dev. This collides with the storage manager that tries to\ncreate all storage nodes - we just remove that.\n\nTest Plan: shouldn\u0027t change behaviour\n\nX-Origin-Diff: phab/D433\nGitOrigin-RevId: aa59fec6551bab1b1b9c2fe037dce410e550981b\n" }, { "commit": "79d7a625709242204993cffbd99ed734dc1c50a5", "tree": "6a4b3773d40a468e2fb35c66f4e058c6901baef7", "parents": [ "4ff52bd7326ff5b534261ffb47588a44216095af" ], "author": { "name": "Hendrik Hofstadt", "email": "hendrik@nexantic.com", "time": "Wed Mar 11 19:18:56 2020 +0100" }, "committer": { "name": "Hendrik Hofstadt", "email": "hendrik@nexantic.com", "time": "Wed Mar 11 19:18:56 2020 +0100" }, "message": "Add initial delta module\n\nTest Plan: covered by tests\n\nX-Origin-Diff: phab/D228\nGitOrigin-RevId: e44b5fd9b702bf8490b3c85edaf02f40b5d806c6\n" }, { "commit": "4ff52bd7326ff5b534261ffb47588a44216095af", "tree": "c3fdc157b6c47fd55e1f9ed001dc7a76e38e7515", "parents": [ "af5ec37ef2549cf136438e3fd1775ce601c25bc9" ], "author": { "name": "Hendrik Hofstadt", "email": "hendrik@nexantic.com", "time": "Sun Jan 12 15:21:49 2020 +0100" }, "committer": { "name": "Hendrik Hofstadt", "email": "hendrik@nexantic.com", "time": "Sun Jan 12 15:21:49 2020 +0100" }, "message": "Implement minijob\n\nThis implements a minimal job queue based on cockroachdb.\nCurrently this lacks getters for pending jobs.\n\nTest Plan: Execute the tests in minijob.\n\nX-Origin-Diff: phab/D253\nGitOrigin-RevId: b5c0bc0920a12cd976b848f05301f9d5f959e9de\n" }, { "commit": "af5ec37ef2549cf136438e3fd1775ce601c25bc9", "tree": "b96cf29a39793cb4e3511e1f3a7d637d29a08f79", "parents": [ "8fba0f84d52095ff933b442f2acaec315e2eb1da" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Mar 11 13:33:17 2020 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Mar 11 13:33:17 2020 +0100" }, "message": "build: update to Fedora 31 and Bazel 2.2.0\n\nTest Plan: CI\n\nX-Origin-Diff: phab/D432\nGitOrigin-RevId: 8b9173313e3d7970399e17305b61e3cfd0851a41\n" }, { "commit": "8fba0f84d52095ff933b442f2acaec315e2eb1da", "tree": "f8b168b9f2395ada0ea11980800836daee009dd5", "parents": [ "8efe51e0fd63e9df72cd61ab610ffe0a6dd27834" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Jan 22 18:46:25 2020 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Jan 22 18:46:25 2020 +0100" }, "message": "Review comments for TPM attestation\n\nLots of comments and an updated boot test. Generously increase the timeout to eliminate random CI failures.\n\nTest Plan: Boot test works\n\nBug: T499\n\nX-Origin-Diff: phab/D319\nGitOrigin-RevId: cf17fe7c599f670ff8b6f0ac60486f2a04f13a5a\n" }, { "commit": "8efe51e0fd63e9df72cd61ab610ffe0a6dd27834", "tree": "250202ef0188f8018193626c43f03b2cb3165de0", "parents": [ "30b00d6d9f0bc6928ea81a6780883d252def5a3c" ], "author": { "name": "Hendrik Hofstadt", "email": "hendrik@nexantic.com", "time": "Fri Feb 28 12:53:41 2020 +0100" }, "committer": { "name": "Hendrik Hofstadt", "email": "hendrik@nexantic.com", "time": "Fri Feb 28 12:53:41 2020 +0100" }, "message": "ide: use goimports instead of gofmt\n\nTest Plan: changed import sorting and saved file. Imports were resorted.\n\nX-Origin-Diff: phab/D413\nGitOrigin-RevId: 72ce771a9724f62f839e44211ee5cd64c89c56d7\n" }, { "commit": "30b00d6d9f0bc6928ea81a6780883d252def5a3c", "tree": "1ab8d6cb22fe61c89c8d5e45ea9bad027cdef89c", "parents": [ "da5cfaaf46e534220a52d9cf315ffe0a8c79c05d" ], "author": { "name": "Hendrik Hofstadt", "email": "hendrik@nexantic.com", "time": "Thu Feb 27 11:48:47 2020 +0100" }, "committer": { "name": "Hendrik Hofstadt", "email": "hendrik@nexantic.com", "time": "Thu Feb 27 11:48:47 2020 +0100" }, "message": "scripts: update aspects patch\n\nThe latest IntelliJ bazel plugin update can now resolve custom go code generators so we don\u0027t need most patches anymore.\nAlso since the source file was changed the old patch did not apply anymore.\n\nTest Plan: synced with latest Bazel plugin and checked that sqlboiler sources and mixed srcs/embed libraries resolve.\n\nX-Origin-Diff: phab/D411\nGitOrigin-RevId: b47ae60c1ca8506f6c94cbdb3d9e7016bddd9fae\n" }, { "commit": "da5cfaaf46e534220a52d9cf315ffe0a8c79c05d", "tree": "2b329e15589b360f430b615cfc50f212a7ce5ed8", "parents": [ "1a5a667667849db21b533405245239445947b7fb" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Feb 24 10:07:10 2020 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Feb 24 10:07:10 2020 +0100" }, "message": "Share Go pkg cache in CI\n\nThis will decrease build times for scripts/gazelle.sh invocations, which will\notherwise re-download all modules every time.\n\nThere\u0027s likely a small risk of corrupting the shared cache, at which point it\nwould have to cleaned manually.\n\nAccording to this GitHub issue, what we\u0027re doing is supported:\nhttps://github.com/golang/go/issues/26794\n\nDue to the lockfile, this also serializes builds that need to download new packages.\nIf this ever becomes an issue, we can create a per-working copy cache like we do for Bazel.\n\nTest Plan:\nRe-ran CI build multiple times, packages were not re-downloaded.\nBuild time decreased by ~5-7s.\n\nX-Origin-Diff: phab/D374\nGitOrigin-RevId: ec2f347d791f2915c5ecc04d9b67029de386aae9\n" }, { "commit": "1a5a667667849db21b533405245239445947b7fb", "tree": "fe1574ae959b3dcbd462af740f0f384ae8346479", "parents": [ "cdb8c78eb7d29e6595053c455141007cb1c13a83" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Feb 18 10:09:43 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Feb 18 10:09:43 2020 +0100" }, "message": "core/internal/network: use DHCP router/gateway\n\nThis makes us actually set up a default route now. We also stop using github.com/insomniacslk/dhcp types, and instead use our type for the DHCP status. Finally, we also comment the DHCP client a bit better.\n\nThis fixes T651.\n\nTest Plan: lacking a regression test, working on one now.\n\nBug: T651\n\nX-Origin-Diff: phab/D403\nGitOrigin-RevId: caead83016cfe2f1783fad33e8d71723a3a32057\n" }, { "commit": "cdb8c78eb7d29e6595053c455141007cb1c13a83", "tree": "db17ef01058c8185887e26e31131d62c168a23c7", "parents": [ "6c8d5f9319706be576563b990c875afc0d60d02d" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Feb 17 12:34:02 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Feb 17 12:34:02 2020 +0100" }, "message": "Revamp DHCP, add basic context management\n\nThis started off as a small change to make the network service DHCP client a bit nicer, and ended up basically me half-assedly starting to add context within Smalltown.\n\nIn my opionion a simple OnStart/OnStop lifecycle management for services will stop working once we have to start handling failing services. I think taking inspiration from Erlang\u0027s OTP and implementing some sort of supervision tree is the way to go. I think this also ties nicely together with Go\u0027s context system, at least partially. Implementing the full supervision tree system is out of scope for this change, but at least this introduces .Context() on the base service struct that service implementations can use. Currently each service has its own background context, but again, this should tie into some sort of supervision tree in the future. There will be a design document for this.\n\nI also rejigger the init code to have a context available immediately, and use that to acquire (with timeout) information about DHCP addresses from the network service.\n\nI also fix a bug where the network service is started twice (once by init, once by the smalltown node code; now the smalltown node code takes in a dependency injected network service instead).\n\nI also fix a bug where OnStop would call OnStart. Whoops.\n\nTest Plan: no new functionality, covered by current tests\n\nBug: T561\n\nX-Origin-Diff: phab/D396\nGitOrigin-RevId: adddf3dd2f140b6ea64eb034ff19533d32c4ef23\n" }, { "commit": "6c8d5f9319706be576563b990c875afc0d60d02d", "tree": "914915b626992cb596323c7756c4f01e02e24832", "parents": [ "2fb13a89a00a1d0bf2e87f10516dcb5d7c0691dc" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Feb 11 12:42:29 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Feb 11 12:42:29 2020 +0100" }, "message": "repositories.bzl -\u003e third_party/go/repositories.bzl\n\nLet\u0027s keep the root of the monorepo tidy. Also, a list of third party\ndependencies sounds like it should belong in third_party/, really.\n\nTest Plan: more build file mangling, CI should catch issues\n\nX-Origin-Diff: phab/D392\nGitOrigin-RevId: 3fdd7bb430e8b44df7301520657170ce28ba859e\n" }, { "commit": "2fb13a89a00a1d0bf2e87f10516dcb5d7c0691dc", "tree": "4a5c4b3b14afdd6d10192d2e6144d62051c92d9d", "parents": [ "aa6b7346a87a5512fbdd5b39db766000c0e10415" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Feb 11 12:41:37 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Feb 11 12:41:37 2020 +0100" }, "message": "third_party: slurp in edk2, kubernetes, mkfs.xfs\n\nThis finishes the move from core/build/* into third_party/.\n\nWhile at first this might look like wasted bandwidth, this separation\nwill make much more sense in the future, where different parts (not only\nthe Smalltown core) might depend on shared external dependencies. In\naddition, having everything in third_party laid out in a similar fashion\nlends itself to writing more general rules. Already there is quite a bit\nof deduplicaiton that we could remove for reliability and readability.\n\nThis does not fix the problem of the big honkin\u0027 genrule for mkfs.xfs -\nwhile I think we should fix it sooner than later by building a real\ntoolchain, that time is not yet now. But at least we\u0027ve moved things out\nof the way so that we can then drop in a better mkfs.xfs, once it is\nbuilt so.\n\nTest Plan: build file mangling, CI should cover this\n\nX-Origin-Diff: phab/D391\nGitOrigin-RevId: fb99c6a6270c5c6a56eeb4f18a41323ffebbc655\n" }, { "commit": "aa6b7346a87a5512fbdd5b39db766000c0e10415", "tree": "8b7665934b854d4d2ee18e90a289752f8cd85942", "parents": [ "5e0bd2d43ab72cf4091e7689d02f95e07b1c1010" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Dec 12 02:55:02 2019 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Dec 12 02:55:02 2019 +0100" }, "message": "Attestation \u0026 Identity \u0026 Global Unlock \u0026 Enrolment\n\nThis changes the node startup sequence significantly. Now the following three startup procedures replace the old setup/join mechanic:\n* If no enrolment config is present, automatically bootstrap a new cluster and become master for it.\n* If an enrolment config with an enrolment token is present, register with the NodeManagementService.\n* If an enrolment config without an enrolment token is present, attempt a normal cluster unlock.\n\nIt also completely revamps the GRPC management services:\n* NodeManagementService is a master-only service that deals with other nodes and has a cluster-wide identity\n* NodeService is only available in unlocked state and keyed with the node identity\n* ClusterManagement is now a master-only service that\u0027s been spun out of the main NMS since they have very different authentication models and also deals with EnrolmentConfigs\n\nThe TPM support library has also been extended by:\n* Lots of integrity attestation and verification functions\n* Built-in AK management\n* Some advanced policy-based authentication stuff\n\nAlso contains various enhancements to the network service to make everything work in a proper multi-node environment.\n\nLots of old code has been thrown out.\n\nTest Plan: Passed a full manual test of all three startup modes (bootstrap, enrolment and normal unlock) including automated EnrolmentConfig generation and consumption in a dual-node configuration on swtpm / OVMF.\n\nBug: T499\n\nX-Origin-Diff: phab/D291\nGitOrigin-RevId: d53755c828218b1df83a1d7ad252c7b3231abca8\n" }, { "commit": "5e0bd2d43ab72cf4091e7689d02f95e07b1c1010", "tree": "24920f9a9a322b58fe79258a735af3a460dd08f1", "parents": [ "7a1b10c4eb2a01084298537fae46f60ecf97cb6c" ], "author": { "name": "Hendrik Hofstadt", "email": "hendrik@nexantic.com", "time": "Mon Feb 10 19:46:41 2020 +0100" }, "committer": { "name": "Hendrik Hofstadt", "email": "hendrik@nexantic.com", "time": "Mon Feb 10 19:46:41 2020 +0100" }, "message": "Resolve embedded Go dependencies in IDEA\n\nThe bazel plugin aspects don\u0027t resolve embedded go libraries\u0027 source files.\n\n```\n\ngo_proto_library(\n name \u003d \"api_go_proto\",\n compilers \u003d [\"@io_bazel_rules_go//proto:go_grpc\"],\n importpath \u003d \"git.monogon.dev/source/nexantic.git/core/generated/api\",\n proto \u003d \":api_proto\",\n visibility \u003d [\"//visibility:public\"],\n deps \u003d [\"//core/api/common:go_default_library\"],\n)\n\ngo_library(\n name \u003d \"go_default_library\",\n embed \u003d [\":api_go_proto\"],\n importpath \u003d \"git.monogon.dev/source/nexantic.git/core/generated/api\",\n visibility \u003d [\"//visibility:public\"],\n)\n\n```\n\nIn this case the IDEA plugin would load only the proto library since it exposes more source files. The plugin will always load the rule with the most exposed source files.\nThis means that if we add additional source files to the go rule but still less than the proto files, they will be dropped even though we have the embedding that should theoretically merge them.\n\nThis revision merges embedded and source files so we can add custom go code to schema packages.\n\nTest Plan: patched and resynced\n\nX-Origin-Diff: phab/D394\nGitOrigin-RevId: 37639045a920b6d52e2e41119e5e06957b309f51\n" }, { "commit": "7a1b10c4eb2a01084298537fae46f60ecf97cb6c", "tree": "f65eea8dbd90529aaf9e99e41b7a3517f391849f", "parents": [ "ab0cc82b343ad93736ea4094844839a717190fd8" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Feb 11 10:02:21 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Tue Feb 11 10:02:21 2020 +0100" }, "message": "Explicitly provide Python toolchain, provide `python` in build container\n\nThis fixes being able to run py_binary targets within the build\ncontainer.\n\nEach py_binary creates a stub that always has the #!/usr/bin/env python\nshebang, and as such we need to have `python` available in the build\ncontainer. The stub then dispatches into the right Python interpreter,\nwhich we now configure explicitely via rules_python\u0027s py_runtime_pair.\n\nTest Plan: nothing breaks, future uses of py_binary (eg D389) will make actual use of this\n\nX-Origin-Diff: phab/D390\nGitOrigin-RevId: 78b6c51f09c720a46fbe2e6cbadb2a97d1161f7b\n" }, { "commit": "ab0cc82b343ad93736ea4094844839a717190fd8", "tree": "4367888166668b53ab51fc9b73955eaa9b6872d6", "parents": [ "822341ae63f435519b5329db3a9fe671fc48684c" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Feb 03 21:11:16 2020 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Feb 03 21:11:16 2020 +0100" }, "message": "Fail CI build if scripts/gazelle.sh dirties the working copy\n\nTest Plan:\nmaster happened to have an extra go.mod dependency that was caught:\n\n```lang\u003ddiff\nUnclean working directory after running scripts/gazelle.sh:\ndiff --git a/go.mod b/go.mod\nindex 9ff6291..bfea6de 100644\n--- a/go.mod\n+++ b/go.mod\n@@ -16,7 +16,6 @@ require (\n \tgithub.com/gofrs/uuid v3.2.0+incompatible // indirect\n \tgithub.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d\n \tgithub.com/golang/groupcache v0.0.0-20190702054246-869f871628b6 // indirect\n-\tgithub.com/golang/protobuf v1.3.2\n \tgithub.com/google/go-cmp v0.3.1 // indirect\n \tgithub.com/google/go-tpm v0.1.2-0.20190725015402-ae6dd98980d4\n \tgithub.com/google/go-tpm-tools v0.0.0-20190731025042-f8c04ff88181\n```\n\nBug: T561\n\nX-Origin-Diff: phab/D371\nGitOrigin-RevId: 13a24e85589c4f015cb476a9b817fd570871298e\n" }, { "commit": "822341ae63f435519b5329db3a9fe671fc48684c", "tree": "9a00fa6f64850c8607975bd8e7279d257c3c6ac6", "parents": [ "731d00ae802712305d2a01ea4a7bbc74227b2f0d" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Feb 03 21:51:47 2020 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Feb 03 21:51:47 2020 +0100" }, "message": "Manually invalidate image cache in CI\n\nOur objective is to ensure that the build always uses the latest\nDockerfile for a given build, while minimizing rebuilds.\n\nA counter is explicit and can be used to intentionally invalidate\nthe image cache, even if the the file\u0027s content did not change.\n\nThe caching performed by `podman build` is not very clever -\nit\u0027s not shared between repositories, and is easily invalidated\nby successive builds with different versions of the Dockerfile.\n\nGarbage collection is not trivial, since there may be multiple\nin-flight revisions with different counters.\n\nRef T506\n\nFixes T616\n\nTest Plan: CI ;)\n\nBug: T616, T506\n\nX-Origin-Diff: phab/D373\nGitOrigin-RevId: 5bfb8cd8b98175d645c904aee8e45402d0c049c7\n" }, { "commit": "731d00ae802712305d2a01ea4a7bbc74227b2f0d", "tree": "574c39c5ce00a4aeb03cb0e0136320836f2259cb", "parents": [ "7ba3152b450889e81e85a02bd2e28f992edba2b0" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Feb 03 19:08:07 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Feb 03 19:08:07 2020 +0100" }, "message": "Move linux to //third_party.\n\nTest Plan: refactor of build system, should be covered by existing tests\n\nX-Origin-Diff: phab/D367\nGitOrigin-RevId: 603c61bfadadfbd66c0ce31f05f6748251bea9f3\n" }, { "commit": "7ba3152b450889e81e85a02bd2e28f992edba2b0", "tree": "f543b51e889ff997beff6780e86a2eb4aab6aa50", "parents": [ "71049afd7c1828f5deb660c059527e5d99e8d1c7" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Feb 03 16:08:19 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Feb 03 16:08:19 2020 +0100" }, "message": "core/internal/api: use gRPC statuses as much as possible\n\nReturning plain go errors via gRPC will always result in a gRPC \u0027INTERNAL\u0027 error code, which is suboptimal. We go ahead and semanticize some of the possible error paths, and at the same time:\n\n - swallow some internal errors into logs and serve sanitized errors\n - move some of the internal service implementations to also use gRPC statuses\n - change a panic() call into a status.Unimplemented return type\n\nThere\u0027s still plenty work to be done on this front, but this is a good first change.\n\nTest Plan: if this is not covered by tests we\u0027re screwed anyways\n\nX-Origin-Diff: phab/D366\nGitOrigin-RevId: 71880a9e23c65631d6c4df6338855864c34bb11f\n" }, { "commit": "71049afd7c1828f5deb660c059527e5d99e8d1c7", "tree": "cae977fc7e2640c2630d662ef3d97525468a9691", "parents": [ "dcb3a56fe915f2359a5832c685aa2789027ee5fb" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Feb 03 16:05:52 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Feb 03 16:05:52 2020 +0100" }, "message": "core/api: fix RemoveNode return type.\n\nTest Plan: should be covered by API tests\n\nX-Origin-Diff: phab/D365\nGitOrigin-RevId: 71cb5ae7c91fff1a57bae508f027cac6f2f2fa74\n" }, { "commit": "dcb3a56fe915f2359a5832c685aa2789027ee5fb", "tree": "acaa864bedaa306005830dc7d5aa1e3b0562139d", "parents": [ "f8323f1010f4d1714570197f438888d081056846" ], "author": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Feb 03 13:44:44 2020 +0100" }, "committer": { "name": "Serge Bazanski", "email": "serge@nexantic.com", "time": "Mon Feb 03 13:44:44 2020 +0100" }, "message": "Remove spurious \u0027@//\u0027 root workspace references\n\nTest Plan: covered by tests\n\nX-Origin-Diff: phab/D364\nGitOrigin-RevId: 4425fa5756468685dfafaf87186bf12f7da455e8\n" }, { "commit": "f8323f1010f4d1714570197f438888d081056846", "tree": "58c3328cd2e1a576d0aa29ccebac6dd7b6a3077a", "parents": [ "83dc285944ad65d429bb2641a7348366e7028c40" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Jan 07 23:26:34 2020 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Jan 07 23:26:34 2020 +0100" }, "message": "Remove synthetic GOPATH and symlinks\n\nAs it turns out, `go mod tidy` complains about missing modules\nbut still properly generates go.mod, so it appears that we do\nnot need a GOPATH or symlinks except for non-IntelliJ IDE support.\n\nWe should standardize on IntelliJ and just get rid of this\nworkaround. Hendrik had trouble rebasing the shield revisions\n(that have a lot of generated code) and it\u0027s likely a lot of\nwork to maintain this hack in the future.\n\nSee D305, D309\n\nTest Plan:\nRan `scripts/gazelle.sh` after deleting all symlinks\nand tested that `go mod tidy` properly restored the go.mod file\nafter modifying it manually.\n\nX-Origin-Diff: phab/D311\nGitOrigin-RevId: fe4bc491fca6fa072cff047185d7c18305564ea4\n" }, { "commit": "83dc285944ad65d429bb2641a7348366e7028c40", "tree": "e81cc19c682a21084ec5ab700e61fe4396c81f8d", "parents": [ "2ab141d7fb88b7d939a286a219a000bedcf5f2e5" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Jan 07 21:57:08 2020 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Jan 07 21:57:08 2020 +0100" }, "message": "Teach Gazelle about k8s import paths in @kubernetes\n\nThis prevents \"gazelle update\" from attempting to add its\ngo_repository equivalent to the auto-generated BUILD file.\n\nWe still need to keep the entries in Go.mod and Gazelle\nwill generate unused go_repository rules for them, because\n`go mod tidy` would break otherwise (and we cannot use a\nreplace directive or a symlink, because replacing requires\na Go.mod file, which the Kubernetes repo does not have,\nand symlinks are not a thing for external dependencies).\n\nThis was broken in master since D271.\n\nTest Plan:\nRan `scripts/gazelle.sh`, `bazel build :gopath`,\nand then the script again. This previously broke and now works.\n\nX-Origin-Diff: phab/D310\nGitOrigin-RevId: 79c1b2836e86df6baddbc1a1dd770e6c0dd84133\n" }, { "commit": "2ab141d7fb88b7d939a286a219a000bedcf5f2e5", "tree": "7bf957488aac2289578490d00a07d1b9c027aa46", "parents": [ "f1d34d328eaf66f8ede61a0ffe30519f43aa73d9" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Jan 07 20:50:07 2020 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Jan 07 20:50:07 2020 +0100" }, "message": "Add documentation for scripts/symlink_generated_files.sh\n\nTest Plan: N/a\n\nX-Origin-Diff: phab/D309\nGitOrigin-RevId: 0e0d29f1e981ba383e38256f496f77f726a3c29a\n" }, { "commit": "f1d34d328eaf66f8ede61a0ffe30519f43aa73d9", "tree": "aa50b5494e92180403e8397087885ef4eeac0ce5", "parents": [ "db6283e3d6425eea168e8dfc56c4f19f358ab64f" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Jan 07 14:15:44 2020 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Tue Jan 07 14:15:44 2020 +0100" }, "message": "Update Bazel, rules_go, gazelle, linux_kernel, musl, and k8s\n\nrules_go updates Go to 1.13.5.\n\nEFI boot patch had to be rebased since a bunch of ifdefs got cleaned up in 5.x\n\nhttps://github.com/torvalds/linux/commit/ac09c5f43cf613939850cc38d7a34ae6556016ba\n\nhttps://github.com/torvalds/linux/commit/82f9ed3a93307089242ff8a5c694e82c8c93f522)\n\nTest Plan: CI\n\nX-Origin-Diff: phab/D304\nGitOrigin-RevId: 8d7711dd2038e76e091a22a1aab865c3593e3889\n" }, { "commit": "db6283e3d6425eea168e8dfc56c4f19f358ab64f", "tree": "586c9eb107e430ceeb90bdde96e57369044388b3", "parents": [ "8cc81f6d87a7fe2a1440a112a51d2fdfcf5bf568" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Jan 06 17:05:54 2020 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Jan 06 17:05:54 2020 +0100" }, "message": "Do not hardcode Fedora version in README\n\nTest Plan: N/A\n\nX-Origin-Diff: phab/D307\nGitOrigin-RevId: 1d2eb3e5b2b854f0a1791d0d9e28260d70566bb4\n" }, { "commit": "8cc81f6d87a7fe2a1440a112a51d2fdfcf5bf568", "tree": "1e719b87498a6197b678805f3dc2528ac5f79ce7", "parents": [ "eff7217f788aae2af6b86dbb91defa3171eb88b8" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Jan 06 17:04:54 2020 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Jan 06 17:04:54 2020 +0100" }, "message": "Pick the latest IntelliJ config folder for $ASPECT_ORIG\n\nTest Plan: Executed the two lines in my local shell\n\nX-Origin-Diff: phab/D306\nGitOrigin-RevId: f5744482129a649d358944fff0ae80a96e28a47d\n" }, { "commit": "eff7217f788aae2af6b86dbb91defa3171eb88b8", "tree": "c092558c9d6cc64725c1a41ed6797736ad5552e2", "parents": [ "a4516f9887e43b774e49c22db93cdf289dc9cfb1" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Sat Jan 04 15:07:52 2020 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Sat Jan 04 15:07:52 2020 +0100" }, "message": "Synthesize fake GOPATH and remove bazel_copy_generated_for_ide.sh\n\nWe can use rules_go to create a fake symlink farm GOPATH. This can be\nset as the GOPATH in IDEs that do not have native support for Bazel,\nand we can stop maintaining the bazel_copy_generated_for_ide.sh hack.\n\nThe remaining issue is that we still need Go tooling to manage our\ngo.mod file that serves as the input to Gazelle, so we need to add\nreplace directives to ensure that Go tools can resolve generated code.\n\nThe proper fix for all this is the upcoming native Bazel support in Go:\nhttps://github.com/bazelbuild/rules_go/issues/512\n\nTest Plan:\nRan `bazel build :gopath`, and a wild\n`bazel-bin/gopath/src/git.monogon.dev/source/nexantic.git/core/generated/api/schema.pb.go`\nappeared.\n\n`scripts/symlink_generated_files.sh` created a valid symlink in core/generated\nand `go mod tidy` ran successfully (despite complaining about the symlink).\n\nRunning `scripts/gazelle.sh` twice worked.\n\nX-Origin-Diff: phab/D305\nGitOrigin-RevId: 0d456bc57d4a2d72e30865ffef777d2f5be5c407\n" }, { "commit": "a4516f9887e43b774e49c22db93cdf289dc9cfb1", "tree": "8a0761a3480074b01d5584a1cd5c111a69f76594", "parents": [ "6e8f69c53a2c82f5a760ab2e8152218cc86f3430" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Dec 04 20:27:05 2019 +0000" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Dec 04 20:27:05 2019 +0000" }, "message": "Add minimal functionality test for k8s control plane\n\nBasic functionality test that sends the bootstrap RPC call,\nwaits for the k8s control plane to come up and runs a simple\nkubectl command (that is expected to fail).\n\nAdds reflection to the server to make grpc_cli easier to use.\n\nTest Plan:\nRan `:launch` (because we modified its config) and `:test_boot`,\nsaw a nicely booted k8s cluster:\n\n{P90}\n\nX-Origin-Diff: phab/D275\nGitOrigin-RevId: fe01e3f3ed09877aa76c15946664c9d9bdc4751b\n" }, { "commit": "6e8f69c53a2c82f5a760ab2e8152218cc86f3430", "tree": "1556b56e0a0cdb5108c301dc88710b5b2d74ba1b", "parents": [ "b7a18fd9be7732e9ed9b29f33b7f545916da207b" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon Nov 18 10:44:24 2019 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon Nov 18 10:44:24 2019 +0100" }, "message": "Initial Kubernetes Control Plane\n\nThis adds a minimum viable Kubernetes Control Plane consisting of a\nkube-apiserver, kube-controller-manager and kube-scheduler. It contains\ntwo small CAs for Kubernetes Identity management based on shared\ncertificates and contains changes for exposing etcd via UNIX socket\nso that the apiserver can talk to it.\n\nTest Plan:\nTested by manually calling Setup() and observing subsequent logs and\nconnecting to the API server.\n\nBug: T485\n\nX-Origin-Diff: phab/D271\nGitOrigin-RevId: e56f3e50eb9d33ea291289faa1aac3bebdeb3346\n" }, { "commit": "b7a18fd9be7732e9ed9b29f33b7f545916da207b", "tree": "e748ecfad21a55dc128f1d98b48307ba6160a204", "parents": [ "049049626fe28957009c7957fba5e04bd928ae78" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Thu Nov 28 13:57:54 2019 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Thu Nov 28 13:57:54 2019 +0100" }, "message": "Bump IJ version to 2019.3\n\nTest Plan: Recreated container, Bazel things still worked\n\nX-Origin-Diff: phab/D279\nGitOrigin-RevId: 9aa7832fd81ef7cfdf875db8732790b438c74a57\n" }, { "commit": "049049626fe28957009c7957fba5e04bd928ae78", "tree": "7ffc478b5e0a44a50ff06a1ded7c031af2085d1e", "parents": [ "f79bfac498914c90395c577f4a2f70956d9a5c56" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon Nov 11 15:21:14 2019 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon Nov 11 15:21:14 2019 +0100" }, "message": "Added kube-controlplane binary\n\nThis adds a custom binary which contains all Kubernetes control plane\ncomponents. This is necessary since every control plane binary by itself\nis around 130MiB and this combined one is only around 150MiB. This\ncan be cut in half to around 70MiB as soon as Kubernetes can be built\nproviderless by Bazel.\n\nI\u0027m not entirely happy with the integration, we may need gazelle\nexclusions and a plan to deal with go mod since it can\u0027t resolve the\ndependencies in a reasonable way.\n\nTest Plan: Manual test with kubectl (this by itself is not runnable)\n\nBug: T485\n\nX-Origin-Diff: phab/D256\nGitOrigin-RevId: d76702f2cd0d71463ff891e5a44eac7b66be07f0\n" }, { "commit": "f79bfac498914c90395c577f4a2f70956d9a5c56", "tree": "bf9eb32f936f07a6228262c7b7a2e2b145c1423f", "parents": [ "60a85b669e05f788bc63663568102a23c78d6195" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Nov 18 11:16:39 2019 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Nov 18 11:16:39 2019 +0100" }, "message": "Increase test_boot timeout to 60s\n\nUnbreaks master ()\n\nTest Plan: N/A\n\nGitOrigin-RevId: 4b3eb37ba37ff93e86e1739ab662299d6a280b51\n" }, { "commit": "60a85b669e05f788bc63663568102a23c78d6195", "tree": "f7dcac1fcabe86b8cd1afa317284e309d43916cf", "parents": [ "d868d69320140863a1938bfa042ad0824cfa9500" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Sun Nov 17 19:12:41 2019 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Sun Nov 17 19:12:41 2019 +0100" }, "message": "Run go vet using nogo during build step\n\nSee https://github.com/bazelbuild/rules_go/blob/master/go/nogo.rst\n\nThese are correctness checks, not coding style linters, such that\ncompilation will fail if they do not pass.\n\nThey are also ran for external dependencies, with more or less\nfine-grained exclusions.\n\nTest Plan: Ran gazelle.sh and tests.\n\nBug: T472\n\nX-Origin-Diff: phab/D269\nGitOrigin-RevId: f932555ec8cbb9d0c09f2a3c6a0df94a0f6724a8\n" }, { "commit": "d868d69320140863a1938bfa042ad0824cfa9500", "tree": "fd519288299185f48eec666a19b061b1444c9f78", "parents": [ "45333b68dd60942adc61a29f50b2c72420b792e3" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Sun Nov 17 17:28:29 2019 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Sun Nov 17 17:28:29 2019 +0100" }, "message": "Add go-sqlite3 dependency to go.mod\n\nFixes this \"go mod tidy\" error on master:\n\n```\ngit.monogon.dev/source/nexantic.git imports\n\tgithub.com/rubenv/sql-migrate/sql-migrate imports\n\tgithub.com/mattn/go-sqlite3: module github.com/mattn/go-sqlite3@latest found (v2.0.0+incompatible), but does not contain package github.com/mattn/go-sqlite3\n```\n\nThe fix was to run `go mod tidy` using Go 1.12, since Go 1.13 got confused\nabout the sqlite3 package (there is no v2.0.0 - I suspect an issue with\nthe proxy). Notably, neither sql-migrate nor go-sqlite3 use Go modules,\nand there\u0027s no way to get rid of the dependency:\n\nhttps://github.com/rubenv/sql-migrate/blob/aff46b65bb7f71e015dc28dc2edd083737985dfb/sql-migrate/config.go#L17\n\nAdds a `go mod tidy` invocation to gazelle.sh.\n\nTest Plan: Ran gazelle.sh.\n\nX-Origin-Diff: phab/D268\nGitOrigin-RevId: 843710797dc2bccc2c7efdc249ac2b28a23c3fae\n" }, { "commit": "45333b68dd60942adc61a29f50b2c72420b792e3", "tree": "64d2997e5b7bf68d5bc7084b07a765ddf5c9aa58", "parents": [ "719362043a48b7d1575b53885c3e95dade55f0bf" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon Nov 11 15:26:27 2019 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Mon Nov 11 15:26:27 2019 +0100" }, "message": "Enable network loopback interface\n\nAbsence of a properly enabled loopback interface caused weird\nbehavior in the Kubernetes control plane.\n\nTest Plan: Issues with kube-apiserver were no longer observed.\n\nX-Origin-Diff: phab/D257\nGitOrigin-RevId: 9b8a18a28463a29e85945587765f155de86f68b3\n" }, { "commit": "719362043a48b7d1575b53885c3e95dade55f0bf", "tree": "47d2be8211a290469db9e5b3c777dcd35c92d7d9", "parents": [ "399fe83ccccf616b5bc47c91693f86bce526f652" ], "author": { "name": "Lorenz Brun", "email": "lorenz@brun.one", "time": "Mon Nov 18 10:22:57 2019 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@brun.one", "time": "Mon Nov 18 10:22:57 2019 +0100" }, "message": "Added fileargs helper package\n\nThis helps with working with commandline software that mostly takes its\nconfiguration from files.\nIt exposes a data-friendly interface and hides\nall the messy file operations.\n\nTest Plan: Has been tested with Kubernetes\n\nX-Origin-Diff: phab/D270\nGitOrigin-RevId: 432f61830679225be54de577c0c2282b0ac8c306\n" }, { "commit": "399fe83ccccf616b5bc47c91693f86bce526f652", "tree": "e963fb801159692afcf9be25d5f687dfc94d7690", "parents": [ "8b9c055ed5a0dc77a191fb19d6812ea137c2b0fa" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Fri Nov 15 21:15:30 2019 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Fri Nov 15 21:15:30 2019 +0100" }, "message": "Patch IntelliJ Bazel plugin to recognize our custom generators\n\nWe can get rid of the fuzzy $ASPECT_PATH matching now that Hendrik\nhas deployed rW, and can remove the bind mount.\n\nTest Plan:\nRecreated container, ran tests and full sync. Generated SQL code\nwas properly recognized.\n\nX-Origin-Diff: phab/D265\nGitOrigin-RevId: 81de00d54402107ba217ab28b8812ace772777ac\n" }, { "commit": "8b9c055ed5a0dc77a191fb19d6812ea137c2b0fa", "tree": "d10f003ebe7fe9f75b4d22451a889dc91faebe88", "parents": [ "7670e67e72d6d4aaac174b91f4465a67479e1026" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Fri Nov 15 14:07:45 2019 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Fri Nov 15 14:07:45 2019 +0100" }, "message": "Bazel IntelliJ plugin support\n\nThis eliminates the need for manually synchronizing generated files.\n\nThe plugin authors advise against checking in the .iwjb directory,\nwhich we resolutely ignore. The recommended method is to provide a\ntemplate .bazelproject file that everyone needs to manually import and\nupdate. However, checking in the directory is supported and no different\nthan checking in .idea. This allows us to version things like watchers\nand run configurations, at the expense of requiring everyone to use\nthe same IntelliJ and Bazel plugin versions.\n\nHow it works:\n\n- Source code and execroot paths are identical inside and outside the\n container. This requires a bind mount. To avoid conflicts with a\n local Bazel instance, a separate directory is used.\n\n The wrapper script injects a --output_user_root startup parameter.\n We cannot set this in .bazelrc since we cannot substitute the\n user home. This means that running bazel inside the container,\n without the wrapper, will no longer work/blow up the overlayfs.\n\n Did anyone do this?\n\n- The tmpfs and other caches are eliminated.\n Forcing it hasn\u0027t been ideal anyway due to\n the excessive memory usage, and it can still be accomplished\n by mounting a tmpfs to `~/.cache/bazel-nxt` or symlinking it to\n `/dev/shm` or similar (set proper permissions!).\n\n- The plugin configures a custom local repository that has helper\n scripts. Since we need to be on the same IntelliJ version, we can\n simply hardcode the path and bind mount it (read only).\n\n The alternative would be to copy the files into the container and\n override the command line option using sync_flags\n (https://github.com/bazelbuild/intellij/issues/397), but bind\n mounting seems muche easier at no disadvantage.\n\n- IntelliJ needs a somewhat obscure custom startup option (see README)\n for BEP temp files (https://github.com/bazelbuild/intellij/issues/407).\n\nTest Plan:\n- Running tests works:\n\n {F16996}\n\n- Full and partial sync works:\n\n {F17000}\n\n- Updating a protobuf file triggered the watcher, which rebuilt the\n generated files. After triggering an source sync, the changes\n are visible in the IDE (I suspect that IntelliJ does not inotify-\n watch the generated files since they are outside the project directory.\n\nX-Origin-Diff: phab/D263\nGitOrigin-RevId: 39c50665575c2a0131c492385b0981b7ee2588d8\n" }, { "commit": "7670e67e72d6d4aaac174b91f4465a67479e1026", "tree": "e76d204e13a52816182f86599f22c6ce95eebeb6", "parents": [ "383d4bb84b7b5062b859f81db10e3f16bd427739" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Fri Nov 15 13:49:53 2019 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Fri Nov 15 13:49:53 2019 +0100" }, "message": "Improve core/scripts:launch ergonomics\n\n- Disable qemu monitor multiplexing. We don\u0027t need the monitor for most\n debugging tasks, and disabling it means we can kill the VM using Ctrl-C.\n\n- Strip metacharacters and DOS newlines from qemu serial output.\n This makes logs easier to read in the CI, and prevents it from\n messing with terminal settings locally.\n\n- Copy swtpm_data to a temporary directory to ensure we never override\n the build inputs (which can happen in a local run without sandbox).\n\n Re-running the target no longer triggers rebuilds for swtpm_data.\n\n- Remove local tag from :launch - it works fine in the sandbox.\n\nTest Plan:\nRan the test multiple times, no rebuilds occurred:\n\n bazel test core/scripts:test_boot\n\nX-Origin-Diff: phab/D264\nGitOrigin-RevId: 70d52e8a4cf24747d18fbaffeddb6e30bcdf61da\n" }, { "commit": "383d4bb84b7b5062b859f81db10e3f16bd427739", "tree": "9430d87be1ea0716b4075d5d19a358c2e3630383", "parents": [ "68c58755e0a56e1b1c565d80f99056ec4948fbec" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Thu Nov 14 22:53:58 2019 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Thu Nov 14 22:53:58 2019 +0100" }, "message": "Run \"bazel test //...\" in CI\n\nThis will build all buildable targets and test all testable targets.\n\nThe hardcoded Harbormaster rules have been removed in Phabricator.\n\nAdds a simple test for booting Smalltown.\n\nBUILD files that are injected into repositories have been renamed to\nBUILD.repo to ensure that Bazel does not recognize them as local BUILD\nfiles and attempt to build them.\n\nTest Plan: Covered by CI :)\n\nBug: T483\n\nX-Origin-Diff: phab/D262\nGitOrigin-RevId: 3512a5e13430001f4e6f91d21ac503564c8fb085\n" }, { "commit": "68c58755e0a56e1b1c565d80f99056ec4948fbec", "tree": "f122ab392769d33620077c65ddf0f0a3aed43d1c", "parents": [ "5ed291ea1833ffd07665b6194f7b6db2b7c1c4aa" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Thu Nov 14 21:00:59 2019 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Thu Nov 14 21:00:59 2019 +0100" }, "message": "Improve documentation, remove dead code plus some minor refactorings\n\nThis improves our code-to-comments ratio by a lot.\n\nOn the refactorings:\n\n- Simplify the cluster join mode to just a single protobuf message -\n a node can either join an existing cluster or bootstrap a new one.\n All of the node-level setup like hostname and trust backend is done\n using the setup call, since those are identical for both cases.\n\n- We don\u0027t need a node name separate from the hostname. Ideally, we would\n get rid of IP addresses for etcd as well.\n\n- Google API design guidelines suggest the `List` term (vs. `Get`).\n\n- Add username to comments for consistency. I think the names provide\n useful context, but git blame is a thing. What do you think?\n\n- Fixed or silenced some ignored error checks in preparation of using\n an errcheck linter. Especially during early boot, many errors are\n obviously not recoverable, but logging them can provide useful debugging info.\n\n- Split up the common package into smaller subpackages.\n\n- Remove the audit package (this will be a separate service that probably\n uses it own database, rather than etcd).\n\n- Move storage constants to storage package.\n\n- Remove the unused KV type.\n\nI also added a bunch of TODO comments with discussion points.\nAdded both of you as blocking reviewers - please comment if I\nmisunderstood any of your code.\n\nTest Plan: Everything compiles and scripts:launch works (for whatever that\u0027s worth).\n\nX-Origin-Diff: phab/D235\nGitOrigin-RevId: 922fec5076e8d683e1138f26d2cb490de64a9777\n" }, { "commit": "5ed291ea1833ffd07665b6194f7b6db2b7c1c4aa", "tree": "3a0f4cb2e726cddade0c6295c56b5d901b94c052", "parents": [ "4b0e5c075a81a7ea251c5c85af1d15c5ab54e962" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Thu Nov 14 19:09:24 2019 +0100" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Thu Nov 14 19:09:24 2019 +0100" }, "message": "IntelliJ generated sources content root and file watcher\n\nThis automatically refreshes the generated source files, and the\ngenerated sources folder now has a nice icon.\n\nPotential conflict if anyone uses IntelliJ without the container\n(which I\u0027m not aware of).\n\nTest Plan: Modified protobuf file, generated sources were automatically refreshed.\n\nX-Origin-Diff: phab/D234\nGitOrigin-RevId: 5f5eb7f2cf541c7dd143564dcad4885476b4bfb0\n" }, { "commit": "4b0e5c075a81a7ea251c5c85af1d15c5ab54e962", "tree": "e060fc053d6057b2488644aa36b75843fde62280", "parents": [ "a4ea9d03f1fb4248739392615967eaf07842e74b" ], "author": { "name": "Hendrik Hofstadt", "email": "hendrik@certus.one", "time": "Thu Nov 07 20:21:24 2019 +0100" }, "committer": { "name": "Hendrik Hofstadt", "email": "hendrik@certus.one", "time": "Thu Nov 07 20:21:24 2019 +0100" }, "message": "Add bindata rule\n\nTest Plan: Created a sample rule and packaged files to a go binary\n\nX-Origin-Diff: phab/D252\nGitOrigin-RevId: f80c25518008fded7104fa6945d077a52d928d85\n" }, { "commit": "a4ea9d03f1fb4248739392615967eaf07842e74b", "tree": "e2b8e2e3d9aa83ca7f650f2a0d972023869c1d3b", "parents": [ "e47ace84cb3e30375dcb4236c17ee9710a77a6ad" ], "author": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Oct 31 11:40:30 2019 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@nexantic.com", "time": "Thu Oct 31 11:40:30 2019 +0100" }, "message": "Added bootstrap CA\n\nThis adds a self-contained CA for bootstrapping and securing etcd\nusing certificates of infinite duration and a CRL for near-instant\nrevocation.\n\nThe bootstrapping problem is addressed by first\ngenerating the CA and issuing initial certificates and then\ninjecting them once the consensus system is up and running.\nAll files are also kept on the encrypted persistent data store to\nprevent the same bootstrapping problem when the node is already\ninitialized. The CRL is synchronized using a sync loop on every\nnode running the consensus service and distributed inside that.\n\nThe CA uses Ed25519-based cryptography and identifies the\nhosts by their external hostname.\n\nTest Plan:\nInitial bootstrapping manually tested on a single node using a\nmanual gRPC call for Setup() and openssl s_client for connecting\nto etcd.\n\nX-Origin-Diff: phab/D233\nGitOrigin-RevId: bd67818b5b649b13e0c098e480059ef990826542\n" }, { "commit": "e47ace84cb3e30375dcb4236c17ee9710a77a6ad", "tree": "c0e71fd6d25e4efad7175103b3b3780b773a02a0", "parents": [ "5b87d7b074f3385eb85de601f48f4f7bccf1d423" ], "author": { "name": "Lorenz Brun", "email": "lorenz@brun.one", "time": "Wed Nov 06 12:45:47 2019 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@brun.one", "time": "Wed Nov 06 12:45:47 2019 +0100" }, "message": "Fixes bazel_copy_generated_for_ide paths\n\nThis fixes the paths in bazel_copy_generated\nfor the new monorepo layout\n\nTest Plan: By using it :)\n\nX-Origin-Diff: phab/D246\nGitOrigin-RevId: 01fc0488ef4e2f6412ae458b4f2010a975a83692\n" }, { "commit": "5b87d7b074f3385eb85de601f48f4f7bccf1d423", "tree": "8c87ae8ce2f880af7963298811570e749e0a2a10", "parents": [ "1626705fd0ae9e93f563c2463fc514a144d41a99" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Nov 06 14:56:30 2019 +0000" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Nov 06 14:56:30 2019 +0000" }, "message": "Follow-up fix for D250 - actually use the new volume\n\nTest Plan: Covered by CI\n\nX-Origin-Diff: phab/D251\nGitOrigin-RevId: 65c547de038a4dfd37c7c8394a8a0e79914333bb\n" }, { "commit": "1626705fd0ae9e93f563c2463fc514a144d41a99", "tree": "0b882399123846787b9a20265b04e41cdf1e4941", "parents": [ "654930736a90fb7f2dadf280dc9044d8e57bce06" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Nov 06 14:43:21 2019 +0000" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Nov 06 14:43:21 2019 +0000" }, "message": "Separate cache volume for each working copy\n\nWe can rely on the repository leases to coordinate Bazel caches,\nbasically leasing them out along with the repository.\n\nWith multiple copies of the cache, keeping them on a tmpfs seems\nlike a bad idea, so we switch to a local volume.\n\nTest Plan: Covered by CI\n\nX-Origin-Diff: phab/D250\nGitOrigin-RevId: 01d9392198d8c00089d3133425091ab766b9b590\n" }, { "commit": "654930736a90fb7f2dadf280dc9044d8e57bce06", "tree": "55fbb824cb781fac42c9924b2883b63cf97b91ef", "parents": [ "5f1d05f7ad386d6832a5230c78f6c155659a32e9" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Nov 06 13:40:44 2019 +0000" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Nov 06 13:40:44 2019 +0000" }, "message": "Use flag package for mkimage command line parsing\n\nTest Plan: Covered by CI\n\nX-Origin-Diff: phab/D248\nGitOrigin-RevId: 3b59e11885c78e8321d8a44b22e67d85268b5765\n" }, { "commit": "5f1d05f7ad386d6832a5230c78f6c155659a32e9", "tree": "b37adaa75a67eb544deaea512c0fd829747836a0", "parents": [ "4d39d37035c5e46274183f36221c2e50f99bb411" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Nov 06 13:58:40 2019 +0000" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Nov 06 13:58:40 2019 +0000" }, "message": "Split up linux_kernel build folder to separate repo changes\n\nThis separates the kernel build steps (that happen in our main repo)\nand the things we inject into @linux_kernel.\n\nTest Plan: Covered by CI\n\nX-Origin-Diff: phab/D249\nGitOrigin-RevId: 98982d005ba582f9f08783915ee0603ff8634f55\n" }, { "commit": "4d39d37035c5e46274183f36221c2e50f99bb411", "tree": "48820886a3b559eac0669b1a7291425471efcc44", "parents": [ "0bcaaee19dc2338751705a83126cec40a1b8a2e8" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Nov 06 14:11:12 2019 +0000" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Nov 06 14:11:12 2019 +0000" }, "message": "Remove left-over debugging code introduced in D242\n\nThis was, of course, done on purpose in order to check how carefully\nyou read the code ;-)\n\nTest Plan: N/A\n\nX-Origin-Diff: phab/D247\nGitOrigin-RevId: caf9e59d4c87c59eab6e08c70cdcd61b1fa12627\n" }, { "commit": "0bcaaee19dc2338751705a83126cec40a1b8a2e8", "tree": "00b3015ea5085c7a66aa8f27cd71e750a8745bf2", "parents": [ "f08704a6a47e9a0cdbf7b9173c24f2f8eca581d5" ], "author": { "name": "Lorenz Brun", "email": "lorenz@brun.one", "time": "Wed Nov 06 12:42:39 2019 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@brun.one", "time": "Wed Nov 06 12:42:39 2019 +0100" }, "message": "Build core with separate initramfs\n\nBuild the initramfs separately and include it via mkimage. Also includes\na patch to the kernel which adds support for hardcoded cmdline\nto the Linux efistub.\n\nThis lowers build times by a lot, for normal changes they are now\nbelow 5s\n\nTest Plan: Ran `bazel run //core/scripts:launch`\n\nX-Origin-Diff: phab/D245\nGitOrigin-RevId: 206c7c5c979c10ffd25c36dfefd8b9290a6a3f43\n" }, { "commit": "f08704a6a47e9a0cdbf7b9173c24f2f8eca581d5", "tree": "89aaa4d65404fd5c2d36bab78faf7fa658fd1ad5", "parents": [ "052af2dce813dba9f74ffc05ffd760e60a37c23b" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Nov 06 12:34:53 2019 +0000" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Nov 06 12:34:53 2019 +0000" }, "message": "Dynamic \"make -j\" parameter\n\nThis obviously interferes with Bazel\u0027s own scheduler, but these are\nour only compute-intensive compilation tasks, anyway.\n\nFixes T522\n\nTest Plan:\n{F16451}\n\n(fun fact: that EPYC 7401P wasn\u0027t faster than the 3900X)\n\nBug: T522\n\nX-Origin-Diff: phab/D236\nGitOrigin-RevId: 8735ece9eea6ed2cd38fda8823a674d0298b6dbc\n" }, { "commit": "052af2dce813dba9f74ffc05ffd760e60a37c23b", "tree": "e0c5dac8c237ad4e92a6c2d91427678d8a4e1691", "parents": [ "b51b4171390ec52433f8c06faef46ef5eccf91d4" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Nov 06 02:21:53 2019 +0000" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Wed Nov 06 02:21:53 2019 +0000" }, "message": "Simple CI pipeline for Smalltown Core\n\nSince we run as root on the build server, we can properly mount a tmpfs\nas the shared build volume with exec support (this is still broken for\nunprivileged create_container.sh). We\u0027ll have to see when and if this\nblows up, and whether we want to use a disk-backed volume instead.\n\nThe pipeline has two stages that run the following commands:\n\n- `scripts/run_ci.sh ${build.id} ${target.phid} bazel build //core/scripts:launch`\n\n- `timeout 30 scripts/run_ci.sh ${build.id} ${target.phid} bazel run //core/scripts:launch; true` (for visual inspection)\n\nThose are placeholders - we will want to integrate any and all\ntests in Bazel, only trigger tests whose dependencies have been\nmodified in a given build step, and report individual results back\nto Habormaster.\n\nWhat works:\n\n- Persistent working copies on the build server. Drydocks caches a number of\n persistent repository copies to avoid a full clone on each build, and\n uses a leasing mechanism to allocate them. Of course, this means we\n have to be careful about not polluting the repo, but Bazel takes care of that.\n\n- Shared build cache with fast incremental rebuilds\n (a build with no changes takes ~15s including the podman build step).\n\n- Full rebuild after volume deletion takes ~4m.\n\n- Build output shows up in Phabricator in real time.\n\n- Aborting a build properly cancels the running build and clean up the pod.\n\n- Launching the QEMU VM.\n\n- Reporting build status back to Harbormaster (noop at the moment, can\n be used to report unit test states later). This uses the awesome undocumented\n SSH conduit transport so we don\u0027t have to deploy a separate token on the host.\n\n- Phabricator revisions are drafts until all tests complete successfully.\n\nTest Plan: See tests :-)\n\nBug: T483\n\nX-Origin-Diff: phab/D242\nGitOrigin-RevId: 64eca996c8704cb0cd4f1cbb4f88f71a6fdca1eb\n" }, { "commit": "b51b4171390ec52433f8c06faef46ef5eccf91d4", "tree": "8c537364ed17732d16800fbe0e5a710519de71ca", "parents": [ "6c39ea1355bf2853abdbd2f69a7eece222c44b78" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Nov 04 12:55:19 2019 +0000" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Nov 04 12:55:19 2019 +0000" }, "message": "Remove --userns\u003dkeep-id in create_container.sh\n\nWith a mapped user namespace, recent podman versions fail to mount /sys\n\nThis removes some isolation, similar to using uid 0 in a regular Docker container.\n\nTest Plan: Ran build\n\nX-Origin-Diff: phab/D238\nGitOrigin-RevId: 39dc826f4ce95a6c5b405a49be3d2e9d19174fc1\n" }, { "commit": "6c39ea1355bf2853abdbd2f69a7eece222c44b78", "tree": "a0377ac95e3036fb06886c1b9be504faf4773850", "parents": [ "3e6018fcf0645da7876eec06d1604438bea0550e" ], "author": { "name": "Lorenz Brun", "email": "lorenz@brun.one", "time": "Mon Nov 04 11:39:42 2019 +0100" }, "committer": { "name": "Lorenz Brun", "email": "lorenz@brun.one", "time": "Mon Nov 04 11:39:42 2019 +0100" }, "message": "Added Kubernetes to build system\n\nThis adds Kubernetes and its dependencies to the WORKSPACE. A small patch\nis needed to make this compatible with Bazel 1.0+ since they still use\n0.23.\n\nTest Plan:\n`bazel test @kubernetes//pkg/...` (:warning: slow)\nThere is one single test failure with OpenAPI, but I\u0027m not yet sure if it\nis actually meaningful since the individual tests of the OpenAPI generated\ncode pass just fine.\n\n`bazel build @kubernetes//cmd/kube-controller-manager @kubernetes//cmd/kube-scheduler @kubernetes//cmd/kube-apiserver`\nAll three required binaries for the control plane build just fine\n\nX-Origin-Diff: phab/D237\nGitOrigin-RevId: 1c0708272636fb68ca6ced6666f885344bb81a7c\n" }, { "commit": "3e6018fcf0645da7876eec06d1604438bea0550e", "tree": "6bb2fa6081152d2dc32530a8eaaf0a58c31dc35e", "parents": [ "0d7c91e331022831a974c2e34d32bb5b89ddc89c" ], "author": { "name": "Hendrik Hofstadt", "email": "hendrik@certus.one", "time": "Mon Oct 28 21:29:42 2019 +0100" }, "committer": { "name": "Hendrik Hofstadt", "email": "hendrik@certus.one", "time": "Mon Oct 28 21:29:42 2019 +0100" }, "message": "Add sqlboiler bazel rules\n\nThis implements a bazel rule to build sqlboiler models from sql migration stacks. It also launches a cockroachdb container in `create_container` and puts it in one pod with the nexantic-dev container.\n\nCurrently gazelle overwrites the `go_library` rule. I still need to find a way to properly exclude it.\n\nTest Plan: Built a sample set of sql models\n\nX-Origin-Diff: phab/D226\nGitOrigin-RevId: ff24f07bb0b3da9994c52a74f48b54e1e2bea726\n" }, { "commit": "0d7c91e331022831a974c2e34d32bb5b89ddc89c", "tree": "5b822873c015053f4b697d60c33fa3b1ef9a3a4b", "parents": [ "043daa57020dd36e074488dcb432114a548a3d2a" ], "author": { "name": "Hendrik Hofstadt", "email": "hendrik@certus.one", "time": "Wed Oct 23 21:44:47 2019 +0200" }, "committer": { "name": "Hendrik Hofstadt", "email": "hendrik@certus.one", "time": "Wed Oct 23 21:44:47 2019 +0200" }, "message": "Implement monorepo layout\n\nImplemented the nexantic monorepo.\n\nSmalltown code was moved to `core`. From now on all code will live in top level directories named after the projects with the exception for general purpose libraries which should go to `\u003clang\u003elibs`.\n\nGeneral build and utility folders are underscore prefixed.\n\nThe repo name will from now on be rNXT (nexantic). I think this change makes sense since components in this repo will not all be part of Smalltown, the Smalltown brand has been claimed by Signon GmbH so we need to change it anyway and the longer we wait the harder it will be to change/move it.\n\nTest Plan: Launched Smalltown using `./scripts/bin/bazel run //core/scripts:launch`\n\nX-Origin-Diff: phab/D210\nGitOrigin-RevId: fa5a7f08143d2ead2cb7206b4c63ab641794162c\n" }, { "commit": "043daa57020dd36e074488dcb432114a548a3d2a", "tree": "2975b607028ca0c085df182afd809d1d322be2b7", "parents": [ "23be9215aae77d2171c31f767c37cf69050fb748" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Oct 28 11:48:45 2019 +0000" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Oct 28 11:48:45 2019 +0000" }, "message": "Fix caching and set home to /user\n\nTest Plan: Ran build\n\nX-Origin-Diff: phab/D220\nGitOrigin-RevId: d93c13b9a74c45d717e92151cdb10f0f3484a78b\n" }, { "commit": "23be9215aae77d2171c31f767c37cf69050fb748", "tree": "72323854031d5311f437e490370f1644d34f0796", "parents": [ "ba7bc7664b53ce63824ec991febdd74ea4d9dbf3" ], "author": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Oct 28 11:48:32 2019 +0000" }, "committer": { "name": "Leopold Schabel", "email": "leo@nexantic.com", "time": "Mon Oct 28 11:48:32 2019 +0000" }, "message": "Use rsync --delete to sync generated dependencies\n\nTest Plan:\nRecreated container, ran `build api/...` and the copy script,\neverything works.\n\nX-Origin-Diff: phab/D218\nGitOrigin-RevId: 22160ddaf417177ba7af94ea29d75663b20950b0\n" } ], "next": "ba7bc7664b53ce63824ec991febdd74ea4d9dbf3" }