SUSE Container Update Advisory: rancher/elemental-channel ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:2262-1 Container Tags : rancher/elemental-channel:1.5.1 , rancher/elemental-channel:1.5.1-1.5.1 , rancher/elemental-channel:latest Container Release : 1.5.1 Severity : important Type : security References : 1134524 1142847 1150130 1157805 1164550 1164569 1170838 1177179 1182959 1186489 1187911 1191592 1194640 1194768 1194770 1194785 1195149 1195792 1195856 1197718 1198751 1199140 1200334 1200855 1200855 1201560 1201640 1201942 1207571 1207957 1207975 1208358 1208721 1209229 1211828 1211829 1212819 1212910 1215286 1215891 1217445 1217589 1218560 1218866 1220441 1222992 CVE-2019-13224 CVE-2019-16163 CVE-2019-19203 CVE-2019-19204 CVE-2019-19246 CVE-2019-5021 CVE-2020-26159 CVE-2021-33574 CVE-2021-35942 CVE-2021-3999 CVE-2022-23218 CVE-2022-23219 CVE-2023-0687 CVE-2023-4813 CVE-2024-2961 ----------------------------------------------------------------- The container rancher/elemental-channel was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2019:1368-1 Released: Tue May 28 13:15:38 2019 Summary: Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root Type: security Severity: important References: 1134524,CVE-2019-5021 This update for sles12sp3-docker-image, sles12sp4-image, system-user-root fixes the following issues: - CVE-2019-5021: Include an invalidated root password by default, not an empty one (bsc#1134524) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2020:1266-1 Released: Wed May 13 10:20:54 2020 Summary: Recommended update for jq Type: recommended Severity: moderate References: 1170838 This update for jq fixes the following issues: jq was updated to version 1.6: * Destructuring Alternation * many new builtins (see docs) * Add support for ASAN and UBSAN * Make it easier to use jq with shebangs * Add $ENV builtin variable to access environment * Add JQ_COLORS env var for configuring the output colors * change: Calling jq without a program argument now always assumes '.' for the program, regardless of stdin/stdout * fix: Make sorting stable regardless of qsort. - Make jq depend on libjq1, so upgrading jq upgrades both ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3291-1 Released: Wed Oct 6 16:45:36 2021 Summary: Security update for glibc Type: security Severity: moderate References: 1186489,1187911,CVE-2021-33574,CVE-2021-35942 This update for glibc fixes the following issues: - CVE-2021-33574: Fixed use __pthread_attr_copy in mq_notify (bsc#1186489). - CVE-2021-35942: Fixed wordexp handle overflow in positional parameter number (bsc#1187911). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3980-1 Released: Thu Dec 9 16:42:19 2021 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1191592 glibc was updated to fix the following issue: - Support for new IBM Z Hardware (bsc#1191592, jsc#IBM-869) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:207-1 Released: Thu Jan 27 09:24:49 2022 Summary: Recommended update for glibc Type: recommended Severity: moderate References: This update for glibc fixes the following issues: - Add support for livepatches on x86_64 for SUSE Linux Enterprise 15 SP4 (jsc#SLE-20049). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:330-1 Released: Fri Feb 4 09:29:08 2022 Summary: Security update for glibc Type: security Severity: important References: 1194640,1194768,1194770,1194785,CVE-2021-3999,CVE-2022-23218,CVE-2022-23219 This update for glibc fixes the following issues: - CVE-2021-3999: Fixed incorrect errno in getcwd (bsc#1194640) - CVE-2022-23219: Fixed buffer overflow in sunrpc clnt_create for 'unix' (bsc#1194768) - CVE-2022-23218: Fixed buffer overflow in sunrpc svcunix_create (bsc#1194770) Features added: - IBM Power 10 string operation improvements (bsc#1194785, jsc#SLE-18195) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:861-1 Released: Tue Mar 15 23:31:21 2022 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate References: 1182959,1195149,1195792,1195856 This update for openssl-1_1 fixes the following issues: openssl-1_1: - Fix PAC pointer authentication in ARM (bsc#1195856) - Pull libopenssl-1_1 when updating openssl-1_1 with the same version (bsc#1195792) - FIPS: Fix function and reason error codes (bsc#1182959) - Enable zlib compression support (bsc#1195149) glibc: - Resolve installation issue of `glibc-devel` in SUSE Linux Enterprise Micro 5.1 linux-glibc-devel: - Resolve installation issue of `linux-kernel-headers` in SUSE Linux Enterprise Micro 5.1 libxcrypt: - Resolve installation issue of `libxcrypt-devel` in SUSE Linux Enterprise Micro 5.1 zlib: - Resolve installation issue of `zlib-devel` in SUSE Linux Enterprise Micro 5.1 ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1909-1 Released: Wed Jun 1 16:25:35 2022 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1198751 This update for glibc fixes the following issues: - Add the correct name for the IBM Z16 (bsc#1198751). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:2406-1 Released: Fri Jul 15 11:49:01 2022 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1197718,1199140,1200334,1200855 This update for glibc fixes the following issues: - powerpc: Fix VSX register number on __strncpy_power9 (bsc#1200334) - Disable warnings due to deprecated libselinux symbols used by nss and nscd (bsc#1197718) - i386: Remove broken CAN_USE_REGISTER_ASM_EBP (bsc#1197718) - rtld: Avoid using up static TLS surplus for optimizations (bsc#1200855, BZ #25051) This readds the s390 32bit glibc and libcrypt1 libraries (glibc-32bit, glibc-locale-base-32bit, libcrypt1-32bit). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:2494-1 Released: Thu Jul 21 15:16:42 2022 Summary: Recommended update for glibc Type: recommended Severity: important References: 1200855,1201560,1201640 This update for glibc fixes the following issues: - Remove tunables from static tls surplus patch which caused crashes (bsc#1200855) - i386: Disable check_consistency for GCC 5 and above (bsc#1201640, BZ #25788) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3327-1 Released: Wed Sep 21 12:47:17 2022 Summary: Security update for oniguruma Type: security Severity: important References: 1142847,1150130,1157805,1164550,1164569,1177179,CVE-2019-13224,CVE-2019-16163,CVE-2019-19203,CVE-2019-19204,CVE-2019-19246,CVE-2020-26159 This update for oniguruma fixes the following issues: - CVE-2019-19246: Fixed an out of bounds access during regular expression matching (bsc#1157805). - CVE-2019-19204: Fixed an out of bounds access when compiling a crafted regular expression (bsc#1164569). - CVE-2019-19203: Fixed an out of bounds access when performing a string search (bsc#1164550). - CVE-2019-16163: Fixed an uncontrolled recursion issue when compiling a crafted regular expression, which could lead to denial of service (bsc#1150130). - CVE-2020-26159: Fixed an off-by-one buffer overflow (bsc#1177179). - CVE-2019-13224: Fixed a potential use-after-free when handling multiple different encodings (bsc#1142847). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3452-1 Released: Wed Sep 28 12:13:43 2022 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1201942 This update for glibc fixes the following issues: - Reversing calculation of __x86_shared_non_temporal_threshold (bsc#1201942) - powerpc: Optimized memcmp for power10 (jsc#PED-987) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:1718-1 Released: Fri Mar 31 15:47:34 2023 Summary: Security update for glibc Type: security Severity: moderate References: 1207571,1207957,1207975,1208358,CVE-2023-0687 This update for glibc fixes the following issues: Security issue fixed: - CVE-2023-0687: Fix allocated buffer overflow in gmon (bsc#1207975) Other issues fixed: - Fix avx2 strncmp offset compare condition check (bsc#1208358) - elf: Allow dlopen of filter object to work (bsc#1207571) - powerpc: Fix unrecognized instruction errors with recent GCC - x86: Cache computation for AMD architecture (bsc#1207957) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2885-1 Released: Wed Jul 19 16:58:43 2023 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1208721,1209229,1211828 This update for glibc fixes the following issues: - getlogin_r: fix missing fallback if loginuid is unset (bsc#1209229, BZ #30235) - Exclude static archives from preparation for live patching (bsc#1208721) - resolv_conf: release lock on allocation failure (bsc#1211828, BZ #30527) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3814-1 Released: Wed Sep 27 18:08:17 2023 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1211829,1212819,1212910 This update for glibc fixes the following issues: - nscd: Fix netlink cache invalidation if epoll is used (bsc#1212910, BZ #29415) - Restore lookup of IPv4 mapped addresses in files database (bsc#1212819, BZ #25457) - elf: Remove excessive p_align check on PT_LOAD segments (bsc#1211829, BZ #28688) - elf: Properly align PT_LOAD segments (bsc#1211829, BZ #28676) - ld.so: Always use MAP_COPY to map the first segment (BZ #30452) - add GB18030-2022 charmap (jsc#PED-4908, BZ #30243) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:4110-1 Released: Wed Oct 18 12:35:26 2023 Summary: Security update for glibc Type: security Severity: important References: 1215286,1215891,CVE-2023-4813 This update for glibc fixes the following issues: Security issue fixed: - CVE-2023-4813: Fixed a potential use-after-free in gaih_inet() (bsc#1215286, BZ #28931) Also a regression from a previous update was fixed: - elf: Align argument of __munmap to page size (bsc#1215891, BZ #28676) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:870-1 Released: Wed Mar 13 13:05:14 2024 Summary: Security update for glibc Type: security Severity: moderate References: 1217445,1217589,1218866 This update for glibc fixes the following issues: Security issues fixed: - qsort: harden handling of degenerated / non transient compare function (bsc#1218866) Other issues fixed: - getaddrinfo: translate ENOMEM to EAI_MEMORY (bsc#1217589, BZ #31163) - aarch64: correct CFI in rawmemchr (bsc#1217445, BZ #31113) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1231-1 Released: Thu Apr 11 15:20:40 2024 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1220441 This update for glibc fixes the following issues: - duplocale: protect use of global locale (bsc#1220441, BZ #23970) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:1375-1 Released: Mon Apr 22 14:56:13 2024 Summary: Security update for glibc Type: security Severity: important References: 1222992,CVE-2024-2961 This update for glibc fixes the following issues: - iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961, bsc#1222992) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2024:1769-1 Released: Thu May 23 16:26:19 2024 Summary: Recommended update for SLE-Micro, SLE-Micro-base, SLE-Micro-kvm, SLE-Micro-rt, build-iso, build-iso-base, elemental, elemental-channel-image, elemental-channel1.5-image, elemental-operator1.5, elemental-operator1.5-crds-helm, elemental-operator1.5-helm, elemental-rt-channel-image, elemental-rt-channel1.5-image, elemental-toolkit, operator-image1.5, seedimage-builder, seedimage-builder1.5, systemd-presets-branding-SLE-Micro-for-Rancher Type: recommended Severity: important References: 1218560 This update for SLE-Micro, SLE-Micro-base, SLE-Micro-kvm, SLE-Micro-rt, build-iso, build-iso-base, elemental, elemental-channel-image, elemental-channel1.5-image, elemental-operator1.5, elemental-operator1.5-crds-helm, elemental-operator1.5-helm, elemental-rt-channel-image, elemental-rt-channel1.5-image, elemental-toolkit, operator-image1.5, seedimage-builder, seedimage-builder1.5, systemd-presets-branding-SLE-Micro-for-Rancher fixes the following issues: Changes in SLE-Micro: - Update to version 2.0.4: * [v2.0.x] Hostname backports (#1371) * Fix kvm and rt dockerfile arguments * Make sure no variables in /etc/os-release are duplicated * Fix endless reboot on FORCE upgrades (v2.0.x backport) (#1258) Changes in SLE-Micro-base: - Update to version 2.0.4: * [v2.0.x] Hostname backports (#1371) * Fix kvm and rt dockerfile arguments * Make sure no variables in /etc/os-release are duplicated - Update to version 2.0.3: * Fix endless reboot on FORCE upgrades (v2.0.x backport) (#1258) Changes in SLE-Micro-kvm: - Update to version 2.0.4: * [v2.0.x] Hostname backports (#1371) * Fix kvm and rt dockerfile arguments * Make sure no variables in /etc/os-release are duplicated - Update to version 2.0.3: * Fix endless reboot on FORCE upgrades (v2.0.x backport) (#1258) Changes in SLE-Micro-rt: - Update to version 2.0.4: * [v2.0.x] Hostname backports (#1371) * Fix kvm and rt dockerfile arguments * Make sure no variables in /etc/os-release are duplicated - Update to version 2.0.3: * Fix endless reboot on FORCE upgrades (v2.0.x backport) (#1258) Changes in build-iso: - Update to version 2.0.4: * Fix kvm and rt dockerfile arguments * Make sure no variables in /etc/os-release are duplicated - Update to version 2.0.3 Changes in build-iso-base: - Update to version 2.0.4: * Fix kvm and rt dockerfile arguments * Make sure no variables in /etc/os-release are duplicated - Update to version 2.0.3 Changes in elemental: - Update to version 2.0.4: * [v2.0.x] Hostname backports (#1371) * Fix kvm and rt dockerfile arguments * Make sure no variables in /etc/os-release are duplicated - Update to version 2.0.3: * Fix endless reboot on FORCE upgrades (v2.0.x backport) (#1258) Changes in elemental-channel-image: - Adapt Dockerfile to pull explicitly elemental-register instead of the newer 1.5 version of it - Add v2.0.2 image to channel Changes in elemental-channel1.5-image: - Add v2.0.2 image to channel - Remove `for Rancher` suffix - Channel adapted to 'suse/sle-micro' images Changes in elemental-operator1.5: - Update to version 1.5.1: * Repurpose v1.5.x branch for SLE Micro 5.5 * Micro rename (#684) * elemental-operator registration cleanups (#689) * Sanitize elemental-operator dependencies (#690) * github actions: add airgap script test * [Airgap] minor: fix debug message * [Airgap] add script tests * Bump docker/setup-buildx-action from 3.1.0 to 3.2.0 * Bump docker/login-action from 3.0.0 to 3.1.0 * Bump docker/build-push-action from 5.2.0 to 5.3.0 * Add extension to seedimage url (#682) * registration: allow dots in machineInventory names * registration: decouple replacing data-labels from sanitizing strings * registration: move sanitize code in sanitizeString() * Fix ManagedOSImage cloudConfig (#671) * New name is elemental-rootfs * Use /run/elemental and elemental- services (#675) * Update github.com/golang/protobuf * Run make vendor * Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 * Bump docker/build-push-action from 5.1.0 to 5.2.0 * [Airgap] fix channel.json extraction (#669) * [Airgap] fix 'channel.image'/'channel.repository' value in 'next steps' (#665) * Align DrainSpec to system-upgrade-controller defaults (#668) * operator/Dockerfile: tag IMAGE_REPO with :latest * seedimage: add tag to IMG_REPO * Dockerfile: SLE_VERSION -> SLEMICRO_VERSION * operator: switch to toolbox for ALP * seedimage: switch labelprefix to com.suse.elemental * seedimage: Switch to toolbox for ALP * Drain nodes by default on upgrade (#660) * [Airgap] fix missing return code value * [Airgap] Use bash test syntax * [Airgap] make the script work with both legacy and newer charts * [Airgap] fix the airgap script - Update to version 1.5.0: * Enable ManagedOSImage updates (#658) * Review omitempty flag on API json converter * charts: backport changes from Rancher Marketplace chart (#652) * Make snapshotter configurable (#651) * [Airgap] fix the airgap script (#654) * Bump docker/setup-buildx-action from 3.0.0 to 3.1.0 * [Airgap] add support to Hauler in the airgap script (#647) * Fix channel synchronization * Bump docker/metadata-action from 4.1.1 to 5.5.1 * Requeue reconcile loop for ongoing synchronizations * elemental-register: collect OS data for MachineInventories annotations (#642) * Bump go to 1.22 (#643) * Make channel sync more robust (#638) * Makefile/setup-full-cluster: build seedimage-builder image too (#639) * Makefile: fix commit date for local builds (#631) * Requeue after 1 second in case of failures * Recover on syncer pod creation failures * Bump docker/build-push-action from 3.2.0 to 5.1.0 * Bump docker/setup-buildx-action from 2.2.1 to 3.0.0 * Bump golangci/golangci-lint-action from 3 to 4 * Bump github/codeql-action from 2 to 3 * Update system-upgrade-controller test version (#630) * Add dev baseimage build (#619) * Test against k8s v1.27, rancher v2.8.2, and upgrade all test dependendencies (#628) * Use go 1.20 * Use rancher/yip v1.4.10 * Use go.mod ginkgo version * SeedImage builder arguments in wrong order * Use newer xorriso (#624) * Bump codecov/codecov-action from 3 to 4 * Bump docker/login-action from 2.1.0 to 3.0.0 * Bump actions/dependency-review-action from 2 to 4 * Update actions/labeler config * Make linter happy * Bump actions/labeler from 4 to 5 * README: drop legacy docs (#616) * Add dependabot config for actions * Bump github actions * Do not adopt machineinventories undergoing deletion/reset (#605) * Update seedimage build-disk command * Fix inversed reset options (#604) * Print system architecture (#603) * hostname: set the hostname on the newer location too * Charts/Makefile: fix default OS channel repo name (#594) * Add hostname to system-data * Add elemental-seedimage-hooks package (#592) * Restrict package arch to x86_64 and aarch64 * Update copyright year (2024) * Update copyright year (2024) * Change raw SeedImage deploy-command * Add target platform validation test * Add kubebuilder example and validation * Add TargetPlatform to SeedImageSpec * Fix default values in questions.yaml file * Bump golang.org/x/crypto to 0.17.0 * Add disable-boot-entry flag to reset command * Always pull channel image on channel sync * Fix channel sync bug * Avoid repeating package name in summary * Make summary start with a capital letter * Unify all chart files under .obs/charfile * Add warning if both device and device-selector set * Add grub package to seedimage built in OBS (#568) * Fix device-selector logic (#571) * Add missing questions.yaml file * Implement picking dynamic installation device (#561) * Build raw disk images in SeedImage (#557) * charts: fix annotations (#566) * ci: fix SeedImage builder used image * Bump github.com/docker/docker from 20.10.24+incompatible to 24.0.7+incompatible (#560) * Update google.golang.org/grpc to v1.56.3 * Keep old output-name * Add slem4r images in channel (#544) * Bring your own SeedImage builder (#542) - Update to version 1.4.3: * registration: allow dots in machineInventory names * registration: decouple replacing data-labels from sanitizing strings * registration: move sanitize code in sanitizeString() * V1.4.x fix channel synchronization (#683) * linter: fix copyright dates * Make linter happy - Update to version 1.4.2: * Fix inversed reset options (#604) * Add hostname to system-data * Fix default values in questions.yaml file - ExclusiveArch x86_64 and aarch64 (bsc#1218560) - Update to version 1.4.1 * Always pull channel image on channel sync * Fix channel sync bug * Avoid repeating package name in summary * Make summary start with a capital letter - Update to version 1.4.0+git20231129.c7f1dc1: * Add slem4r images in channel (#544) * Unify all chart files under .obs/charfile - Update to version 1.4.0+git20231127.55a37d4: * Add warning if both device and device-selector set * Fix device-selector logic (#571) * Implement picking dynamic installation device (#561) * Add missing questions.yaml file * charts: fix annotations (#566) * Make sure to not overlap with the already existing channel and use RT for tests * Remove use of images from quay.io * Prevent installing if previous CRDs are pending to be removed * elemental-airgap: allow to just create the channel (#548) * bump go to 1.20 or later * Bump dependencies (#540) * ci: bump k8s and Rancher Manager versions * Use helm/kind-action to install kind * ci: fix action versions used * Disable local plan for elemental-system-agent * Improve error management * Patch already existing versions on channel sync * Improve update events filtering to actually ignore status updates * Add some improvements * Run all syncers in a pod * Fix e2e workflow * elemental-airgap: fix skipping http/https URLs * Use the proper format for command arguments * Prevent recalling bootstrap.sh on 'systemctl restart elemental-system-agent' * elemental-airgap: fix automatic image channel name (#521) * register: add no-toolkit unit tests * register: add os.unmanaged inventory annotation * register: add no-toolkit option * make verify: stay on mockgen v0.2.0 (#523) * elemental-airgap: add support to OS images (#518) * Small refactor to centralize registration config checks * Ensure Elemental registration data includes the registration URL * Remove --debug flag from helm pull * Attempt to use charts from PR project in e2e tests * Publish OBS charts to gh-pages * elemental-airgap: allow to pass dev | staging | stable as argument * elemental-airgap: pick the operator chart as an argument * elemental-airgap: add script to help airgap deployment * Apply a regex on tags to match the same criteria as in OBS * Charts: fix OBS build * Publish all OBS repositories on PRs * Fix repository url * Charts: always use camelCase for values (#507) * Revert not-needed marker fix * Set default spec.config.elemental.reset block for MachineRegistration * Use elemental-register-reset service (#502) * Use OBS PR builds for the e2e tests * Build and publish charts for OBS/IBS artifacts in gh-pages - Update to version 1.3.2+git20230824.c90c1c8: * Disable service triggers on staging (#498) * Add CAPI cluster role to helm chart (#500) * Charts: sync OBS charts * tests: fix e2e workflow * tests: fix chart workflow * Makefile: add the REGISTRY_URL var * Charts: add registry templating for custom airgap * Charts: add README * Charts: enforce templating on the channel resource * Charts: update rancher annotations * Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible (#442) * Fixed a typo in the version string for elemental-teal-channel in helm chart (#495) * Implement remote machines reset (#489) * Remove custom default config-dir on installation media * Remove SLE Micro reference from elemental-operator images * Include crds chart in OBS workflow * Update OBS workflow to the new project setup * Make SLE Micro version from image references dynamic (#480) * Recreate service account token secret if missing * Adds ca-certificates and ca-certificates-mozilla in operator image * Adapt .spec file to non-SUSE distributions (#482) * Improve re-registration (#479) * Do not make use of ServiceAccount.Secrets list * Fix elemental managed label value to match backup operator expectations * Make explicit elemental-operator image is under l3 support * Add CONTRIBUTING.md (#472) * Handle mkdir error * Create registration config directory if not exist * Persist registration state * Omit confusing debug message * Fix error formatting * Handle MsgUpdate response on client side * Remove unnecessary MsgUpdate payload. Rely on authentication data instead * Handle sendUpdate error * Do not terminate serveLoop on MsgUpdate * - Check protocol version before sending MsgUpdate - Use MsgUpdate to notify registration update only * Charts: add a new chart to host the pre-hook migration template * Charts: add template checking crds installation * Prevent registration update if MachineInventory is not found * Do not retry registration when on installed system and using randomized TPM seed * Do not retry registration when not on live system * Check for live registration config when no arguments passed * operator: copy cloud-config file not its link (#468) * Update README installation section (#465) * SeedImage: manage updates of builder Pod under deletion * SeedImage: add ResourcesNotCreatedYet Ready condition * SeedImage: reset download URL on Pod deletion * SeedImage: allow the controller full control on configmaps * SeedImage: isolate all the config map logic in a separate function * SeedImage: on retriggerBuild delete owned SeedImage resources * SeedImage: drop redundant set of retriggerBuild * The job was missing a templated name for the serviceaccount to be fully consistent * Update charts/crds/Chart.yaml * Update .obs/chartfile/crds/Chart.yaml * Add upgrade hook * Include channel as part of the installation * Adapt tests and Makefile * Split chart into crds chart and operator chart * websocket/trivial: messages: annotate version of introduction * register client: make linter happy * register client: annotate auth method used for registration * register client: rework getHostMacAddr() * register client: add 'mac' and 'sys-uuid' Plain Auth * register client: set TPM as default authentication method * operator: enable plain auth * operator: add plain auth * elemental api: add fields to support plain authentication * Bump rancher and k8s for e2e tests (#449) * OBS PR workflow: set the right project to disable images repo * Fix OBS PR workflow * goreleaser: fix releases CI (#444) * Chart: add logo and Rancher display-name annotation (#440) * Add channel hook-failed delete policy * Include display name field on ManagedOSVersions * Add ISO type in ManagedOSVersions * SeedImage: add to the github release workflow * Fix template * Include elemental-teal-channel by default on chart install * Merge default command and image in containersSpec * Add tests for containerized base ISO and utilities * Pull iso as a container * SeedImage extended API: drop debug log * SeedImage: extended api doesn't expect the iso name anymore * SeedImage: inject MachineRegistration and date in the built iso name * httpfy: allow to serve single file * SeedImage: pass whole SeedImage reference to fillBuildImagePod * SeedImage: add more seedimage_controller tests * Utils: generalize IsPodOwned func to IsObecjtOwned() and add tests * SeedImage: make the linter happy... * SeedImage: controller logic for the pod cleanup/retrigger * SeedImage: add image timeout and retrigger fields * httpfy: add timeout parameter * Use config map in seedimage pod (#423) * SeedImage: check OwnerReference in controller tests * SeedImage: retrieve MachineRegistration just once * SeedImage: set OwnerReferences * Add seedimage-builder into the OBS workflow * Feat: add CODEOWNERS * OBS: build ssl default certificates in SeedImage build image * Update default values file in OBS * SeedImage: set build image PullPolicy from the operator chart * unit-tests: cover MAC and Used Memory in labels test * unit-tests/trivial: move server.go test to the new server_test.go file * OBS: use SeedImage build image from OBS for the chart * Bump github.com/docker/docker from 20.10.22+incompatible to 20.10.24+incompatible (#410) * Update to go 1.19 (#408) * SeedImage: add Dockerfile for OBS build * httpfy: support automated building * Build elemental-operator image from scratch * Prevent a nil pointer dereference panic error * Fix event filters * Prevent retriggering a reconcile on ownership setup * Do not start error messages with capital letters * Extend unit tests for inventory and selector resources * Adapt unit tests to new condition states * Selector and inventory cleanup * Ensure optimistic locking is set on machine selectors * Adapt info and debug logging for the inventory and selector controllers * Read machine inventory only once on selector reconcile * Sets a validation process for Machine Inventory adoption * Enble cache for MachineInventorySelector resources * SeedImage: update OBS build recipes * SeedImage: busybox base64 decodes with -d only * SeedImage: pass the build image from the operator chart * SeedImage: build image for the builder pod * Add cloud-config support to seedImage (#399) * SeedImage: fix registration yaml name (#394) * operator: ensure elemental finalizers are removed if present (#393) * SeedImage: move sync status with running pod to new func * operator: allow seedimage download from the extended API * SeedImage: add DownloadToken in the Status * operator: return http 401 error on registration auth failure * operator: report error on unrecognized auth websocket connections * operator: drop build-image api (#389) * unit-tests: ensure resources cleanup (#390) * SeedImage: drop finalizer tests * SeedImage: check conditions and return early when needed * SeedImage: add more tests * Adapt tests to drop finalizers * Stop using finalizers if not extrictly needed * operator: add SeedImage CRD (#377) * Prevent MachineInventorySelector from being cached * Set object not found as a debug message * Update logs to not use info with custom depth * operator: use opensuse nginx to serve build-img ISO (#369) * Use variadic arguments in klog instead of slices * operator: register the host IP in MachineInventory annotations (#350) * Unify logging * operator: labels minor improvements (#363) * build-image API: add build job with single pod lifecycle (#362) * Turn MachineInventoryRef into LocalObjectReference (#359) * Remove branch filter on tag events (#361) * Update actions/download-artifact to v3.0.2 * Filter inventory list with a labelSelector and not with a labels map (#358) * Move system-data labels to templating * operator: let build-image API GET to return the image URL (#351) * register client: isolate TPM auth code (#346) * operator: fix label name (#348) * operator: fix MachineInventory search during registration (#342) * operator: always use software UUID as default machine name (#340) * Set default elemental-operator USER * operator: add support to old register clients (#338) * Lints * Update wharfie to 0.5.3 * register client: allow to register against lower version operators (#332) * Replace action engineerd/setup-kind (#328) * Copyright date-range 2022 - 2023 (#327) * Use go 1.18 * operator: expose build-image API (#315) * Fix node-labels regression * Do not store cpu info if not available (#321) * docs: add ref to the official docs in the chart readme (#316) * linter: fix go-header check (#319) * unit-tests: disable parallelization (#312) * Change tar-file layout in elemental-support * Add default config-dir value (#313) * Re-add config-dir install flag (#309) * Return registration errors to client (#301) * Properly sanitize extra system data (#307) * Improve unit tests (#308) * Derive TPM seed from system UUID (#297) * Add disable-boot-entry flag in install structure (#302) * Fetch commit and date from obsinfo file (#300) * operator: add back debug logs for logrus (registration) (#299) * [tpm] Set a random seed if emulated tpm seed is set to -1 (#282) * Include _helmignore file (#295) * Add OBS build repcipes into the repository (#294) * Drop legacy catalog for tests (#291) * Kubebuilder: fix MachineRegistration search during registration (#280) (#293) * Send full system data on registration (#276) * Bump rancher version in e2e tests (#290) * Set default syncTime when not provided (#289) * Remove invalid conditions from objects (#284) * operator: don't try to patch an empty MachineInventory (#274) * Backport minor fixes (#271) * Merge all main logic in one file (#270) * [controller_runtime] add registration protocol version (#266) * Kubebuilder: Remove unused code (#267) * [controller_runtime] operator/registration: switch to Kubebuilder client (#256) * Refactor ManagedOsImage e2e tests (#263) * Add a rate limiter to managedosversionchannel reconciler (#260) * Refactor MachineRegistration e2e tests (#253) * Drop requeuer, not needed anymore (#255) * Improve syncer (#252) * New syncer logic (#245) * Fix make verify (#248) * controller: add Secret name reference to the ServiceAccount (#247) * Kubebuilder: Add 'verify' workflow (#244) * Add remaining controllers (#232) * Kubebuilder: Add machine inventory selector controller (#224) * Kubebuilder: Add remaining API types (#225) * Kubebuilder: Add machine inventory controller (#221) * Kubebuilder: Add machine registration controller (#206) * Kubebuilder: Run new code and generate RBAC (#203) * Kubebuilder: Add make tasks for different tools (#194) * Add kubebuilder API definitions (#184) * Change yaml-marshalling of node-labels file (#287) * Remove yaml typo (#286) * Add helm labels and annotations to all crds (#281) * Set helm labels on CRDs (#277) * Change the helm chart oci reference to be aligned with other elemental images (#268) * Add version commands/flags for all binaries (#262) * Use custom names in upgrade objects (#254) * Several improvements to the support command (#258) * Also trigger Dev rebuild on tag push (#249) * Propagate inventory labels to node on bootstrap plan (#243) * Add codeql + escape user input before processing (#237) * Create dependency-review.yml (#236) * Bump golangci action (#234) * Stop elemental-system-agent when the node is ready (#231) * Fix docker and gorelease jobs (#230) * operator: improve logging of the MachineRegistration controller * operator: move ServiceAccount creation to a separate func * operator: drop duplicated import * operator: enforce ServiceAccount's Secret link * operator: create ServiceAccounts before their Secrets * operator: unit-tests: add coverage for unauthenticatedResponse() (#217) * coverity: make patch status informational (#219) * tests: Add k8s 1.24 and default to rancher 2.6.9 (#220) * tests: use latest url for rancher charts (#218) * Elemental Operator: manage empty config in MachineRegistrations (#213) * Label other objects created by elemental-operator (#216) * Only read yaml files included in the given directories (#215) * Label secrets managed by elemental-operator (#212) * Allow custom config files for elemental-cli (#210) * Collect operator logs after running tests (#204) * Audit and update elemental-operator RBAC ClusterRole (#196) * Add config for e2e tests (#201) * Add OBS workflow to update elemental-operator package (#200) * Add vendor for obs integration (#198) * release: enhance release pipeline (#195) * operator: drop duplicated import of elemental APIs (#199) * Disable CGO under arm for register binaries + restore SBOM (#193) * Revert 'Add sbom to releases and attach to containers' (#191) * Add elemental GlobalRole for Rancher UI (#187) * Add reasons for conditions (#185) * lint: dont overshadow var (#172) - elemental-register needs lvm2 for running blkdeactivate. - Update to version 0.6.0+git20220923.ffdff84: * Add v0.6.0 changelog (#182) - Update to version 0.6.0+git20220923.f022acb: * unit-tests: add support to Secrets in registraion's OnChange() * operator: log the creation of a new registration token * operator: explicitly add Secrets to registration ServiceAccounts * operator: return error when the ServiceAccount has no secrets - Update to version 0.5.0+git20220922.17d9d21: * support command improvements (#173) - make elemental-support a sub-package - disable chart building, was not packaged - Update to version 0.5.0+git20220912.846c610: * Add sbom to releases and attach to containers (#160) * Use BCI Golang image to build image * register: fix CGO build in Dockerfile * register: build it with CGO (#169) * tests(registration): More unit tests (#167) * Rework client to accept a ClientInterface (#166) * tests(inventory): Add unit tests for inventory methods (#164) * register/operator: drop MachineInventory labels passed from the client * unit-tests: check default machine name * go mod tidy * operator: change default MachineInventory name * Add simple changelog (#158) - Update to version 0.5.0+git20220902.3d28c5d: * Configure custom smbios data (#157) - Update to version 0.4.4+git20220902.64f4703: * operator: ensure inventory.Labels is not nil before adding labels - Update to version 0.4.4+git20220901.75792d6: * Add extra labels with smbios data (#155) * Fix secretname for the apiService (#153) * unit-tests: add websocket coverage * operator: add unit-test for mergeInventoryLabels() * operator/register: drop unused code * operator/register: rework the registration protocol * websocket: add helper functions * register: set a timeout for retrieving the installation config * drop unused labels on bootstrap (#154) * Fix missing cosign and run command (#151) * Enable deploying operator replicas (#150) * register: take control of the registration process * bump github.com/rancher-sandbox/go-tpm * fix linter: cyclomatic complexity of ServeHTTP is 16 * operator: move websocket management logic out of the tpm package * minor: drop duplicated logging * operator/http: check websocket upgrade header in HTTP connections - Update to version 0.4.3+git20220831.7e58679: * Add image signing to push jobs (#148) * Add local plan to rancher-system-agent to stop elemental-system-agent (#146) - Update to version 0.4.3+git20220822.f0bd8f4: * log: report elemental installation completion * Fix e2e discovery tests (#138) - Update to version 0.4.3+git20220812.72971ff: * Backwards compatibility for smbios headers (#137) * Only decode some smbios data (#134) * Drop uneeded files and add extra label (#135) * Split header into 7Kb of data (#133) * Add auto labeler (#125) * Remove default value for flag and expand description (#126) * [chart] only add default-registry if specified (#128) * Store binary artifacts on PR/master (#127) * [tests] fix nginx deploy url (#129) * Bundle support bin with register (#124) - build elemental-operator without CGO_ENABLED (doesn't need tpm) - Update to version 0.4.2+git20220805.5b64a77: * Set the proper namespace (#117) - Update to version 0.4.2+git20220805.485ff21: * Add CAs to docker artifact (#120) - Update to version 0.4.2+git20220804.76f61f5: * Store all registration data on installation (#116) - Update to version 0.4.2+git20220803.6d730d3: * Set fixed hostname and make it persistent (#106) - Update to version 0.4.2+git20220803.f4ba471: * Add 'support' to 'make build' (#111) - Update to version 0.4.2+git20220803.10d3621: * Add a elemental-support binary (#109) - Update to version 0.4.2+git20220802.f243498: * Add missing register command to bootstrap (#104) * Couple of tests for config mapstructure (#102) - Update to version 0.4.2+git20220801.ea7884e: * Produce 2 binaries instead of one (#99) * Push master merges to elemental-operator-ci (#100) * operator: pass all the registration fields on unauthenticated query - Update to version 0.4.2+git20220801.846d313: * Add missing mapstructure annotations to config (#101) * operator: drop duplicated MachineInventory init code - Update to version 0.4.2+git20220729.6b52b44 - Bump to v0.4.2 - Update to version 0.4.1+git20220729.6b52b44: * Set a fixed name config for rke/k3s deployments (#97) - Update to version 0.4.1+git20220728.896efee: * mend * Drop unneeded code - Update to version 0.4.1+git20220728.38929d2: * Update elemental api resources for upgrades (#95) - Update to version 0.4.1+git20220728.b5c35b9: * operator: fix adding machineInventoryLabels after initial registration - Update to version 0.4.1+git20220727.68b87dd: * Drop setting a custom providerID (#91) - Update to version 0.4.0+git20220727.3241cfd: * Bump rancher version (#89) - Update to version 0.4.0+git20220722.ea618ea: * elemental-operator register: keep system CAs when passing a custom CA * elemental-operator register: add some more logging * add github.com/sanity-io/litter module * ensure all the structs include proper yaml labels * Add a target to setup a clean cluster (#79) * [register] Check for path error before doing anything (#80) * Make /oem/registration the default configuration dir (#81) * Add README to elemetal-operator helm chart (#56) * Store registration yaml in installed system (#71) * Fix 'make unit-tests' - Update to version 0.3.0+git20220722.f2ab68c: * [register] Check for path error before doing anything (#80) - Update to version 0.3.0+git20220722.cf20bc6: * Make /oem/registration the default configuration dir (#81) - Update to version 0.3.0+git20220722.9b9844b: * Add README to elemetal-operator helm chart (#56) - Update to version 0.3.0+git20220721.52c3cbb: * Store registration yaml in installed system (#71) - Remove elemental-operator.service, as this is now executed as part of the cloud-config shipped with elemental. See https://github.com/rancher/elemental/pull/178 - Update to version 0.3.0+git20220721.e15e76e: * Fix 'make unit-tests' * Do note fetch cloud-config on unauthenticated registartion calls (#67) * Change the default machine name to include the UUID - read config from /run/initramfs/live - Update to version 0.3.0+git20220720.90791e4: * Update MachineRegistration example - Update to version 0.3.0+git20220720.79d957e: * Adds support for cloud-config data in machine registration (#61) - Update to version 0.2.1+git20220719.489d40f: * review elemental installer env vars (#59) - Run elemental-operator.service after cos-setup-network.service is completely done. Add back a dependency with multi-user.target to ensure it is pulled by some target at boot. - Run elemental-operator.service after mutli-user.target to ensure it is executed after all boot services are ready - only run in live mode - Update to version 0.2.1+git20220718.3530dc5: * ensure install struct includes proper yaml labels (#57) - Update to version 0.2.1+git20220718.6e2f20f: * Pass debug flag to elemental client if requested (#58) - Update to version 0.2.1+git20220715.2381ebc: * Do not attempt to install in already installed systems (#55) * Some fixes for the release pipelines (#53) - Update to 0.2.0 - Update to version 0.1.1+git20220715.618d3c4: * Log the version, commit and commit date on start (#43) - Update to version 0.1.1+git20220715.bd811be: * Remove obsolete logic from former ros-installer (#45) - pass COMMITDATE to build - Update to version 0.1.1+git20220714.a05a2db: * elemental-operator register: enable local plans - Update to version 0.1.1+git20220714.602178c: * elemental-operator register: allow cacert passed as file or data (#44) * Makefile: fix make build-docker (#41) - On behalf of commit 62bac1d (#38) `elemental install` is called within the `elemental-operator register` command, so the unit file only needs to call `elemental-operator register` - drop elemental-installer and -chart subpackages - add elemental-operator.service file - build with TPM emulation - Update to version 0.1.1+git20220713.adfff7c: * Some register fixes (#40) * elemental-operator register: add elemental cli call (#38) * Fix building the operator/installer with emulatedTPM (#39) * Return a Config.Config in MachineInventory (#35) * Use cacert from rancher and use serverl-url from rancher (#36) - Update to version 0.1.1+git20220713.bcfe4d0: * Add test for chart values (#31) - Update to version 0.1.1+git20220712.14d4d95: * Share installation configuration structures (#24) * bump github.com/docker/distribution to 2.8.1 (#29) * Bump image-spec to 1.0.2 (#28) * Bump system-agent to 0.2.8 (#17) * update testhelpers * Update go.sum * [ci] Up the go version and restore the proper cache * Fix go.sum * [test] Remove focus * [lint] ignore generated files - Update to version 0.1.1+git20220707.39177e8: * Rename RancherOS to Elemental in installer logic * Merge elemental installer (#20) * renamed to elemental-operator and switched to system agent * Fix wrong key in example full reference * Rename rancheros->elemental in README * tests: Use helpers from testlib * tests: Add upgrades e2e test * ci: detect when deployments are already there * Update missing policy rule * Sort env to avoid updating same bundle - Update to version 0.1.1+git20220707.1d97f14: * Merge elemental installer (#20) * renamed to elemental-operator and switched to system agent * Fix wrong key in example full reference * Rename rancheros->elemental in README * tests: Use helpers from testlib * tests: Add upgrades e2e test * ci: detect when deployments are already there * Update missing policy rule * Sort env to avoid updating same bundle * Be sure to not push same env multiple times - Update to version 0.0.0+git20220707.0c6dcff: * Adapat Dockerfile and golreleaser to keep releasing and building elemental-operator as they used to * Update .github/workflows/unit-tests.yaml * Update Makefile - Update to version 0.0.0+git20220707.4b69306: * Adding installer unit tests * Add elemental-installer * Move main into a cmd/operator package - Update to version 0.0.0+git20220704.211ad46: * renamed to elemental-operator and switched to system agent * Fix wrong key in example full reference * Rename elemental->elemental in README * tests: Use helpers from testlib * tests: Add upgrades e2e test * ci: detect when deployments are already there * Update missing policy rule * Sort env to avoid updating same bundle * Be sure to not push same env multiple times * Update pkg/controllers/inventory/inventory.go - adapt machine-registration.yaml and create-cluster.yaml to system-agent - Update to version 0.1.0+git20220622.84e703a: * added registration command and support for using elemental as a cluster api infrastructure provider * wip * renamed to elemental-operator and switched to system agent - Update to version 0.1.0+git20220603.19a5e9e: * Fix wrong key in example full reference * Rename elemental->elemental in README - rename binary to elemental-operator - Update to version 0.1.0+git20220420.6e6aa51: - Update to version 0.1.0+git20220525.9e1d451: * rename pathes to 'elemental' * rename files to 'elemental' * rename directories to 'elemental' * tests: Use helpers from testlib * tests: Add upgrades e2e test * ci: detect when deployments are already there * Update missing policy rule * Sort env to avoid updating same bundle * Be sure to not push same env multiple times * Update pkg/controllers/inventory/inventory.go - renamed the api spec in the sample .yaml files - Update to version 0.1.0+git20220525.9e1d451: * rename pathes to 'elemental' * rename files to 'elemental' * rename directories to 'elemental' * tests: Use helpers from testlib * tests: Add upgrades e2e test * ci: detect when deployments are already there * Update missing policy rule * Sort env to avoid updating same bundle * Be sure to not push same env multiple times * Update pkg/controllers/inventory/inventory.go - Update to version 0.1.0+git20220420.6e6aa51: * tests: Use helpers from testlib * tests: Add upgrades e2e test * ci: detect when deployments are already there * Update missing policy rule * Sort env to avoid updating same bundle * Be sure to not push same env multiple times * Update pkg/controllers/inventory/inventory.go * Rework * Add events on errors * e2e-ci: add some missing check on errors - Update to version 0.1.0+git20220518.f916493: * rename to elemental-operator - update default kubernetesVersion to 1.22.7 - Update machine-registration.yaml * add hostname * put 'install' section below 'elemental' - Update to version 0.1.0+git20220420.6e6aa51: * tests: Use helpers from testlib * tests: Add upgrades e2e test * ci: detect when deployments are already there * Update missing policy rule * Sort env to avoid updating same bundle * Be sure to not push same env multiple times * Update pkg/controllers/inventory/inventory.go * Rework * Add events on errors - Update to version 0.1.0-alpha23+git20220408.cd4553f: * e2e-ci: add some missing check on errors * Bump ele-testhelpers version * e2e-ci: move some functions to ele-testhelpers * Update README * Do not make kube calls blocking * Test env metadata injection * Correctly annotate env vars from metadata * Adapt tests, add test cases * Respect upgradeContainerSpec from ManagedOSVersion * Do allocate the event recorder once in the syncer * Refactor out recorder boilerplate * Collect errors when syncing * Refactor out requeuer to not be blocking * Add test for event broadcasting * Set appropriate rules for broadcasting events * go gen * Record invalid specs back to the VersionChannel * Build general event interface from raw k8s into client * Add reconciler * Wrong obs workflow name :facepalm: * Add OBS workflow to trigger rpm build * Use operator image for wait and display hook * CLI fixups * Allow to specify a mountpath * Add requeue mechanism * Disable mounting SA token by default on sync pod * Implement Custom syncer * Lower the ticker for testing * Set the default update to 60m * Add sync-interval flag * Add owner reference on ManagedOSVersion * Bump rancher version used in tests * Don't watch over specific namespaces * Add make target to test local changes in kind * Enhance tests * Allow to set a bridge ip * Allow to selectively sync user-defined namespaces * Add MachineOSVersionChannel JSON tests * Implement JSON syncer logic * Very basic sync service logic * ManagedOSVersionChannel sync service * Add ManagedOSVersionChannel and skeleton for sync service - Initial version 0.1.0~alpha23 Changes in elemental-operator1.5-crds-helm: - Update to version 1.5.1: * Sanitize elemental-operator dependencies (#690) * Fix ManagedOSImage cloudConfig (#671) * Align DrainSpec to system-upgrade-controller defaults (#668) * Drain nodes by default on upgrade (#660) - Update to version 1.5.0: * Make snapshotter configurable (#651) * Make channel sync more robust (#638) * Test against k8s v1.27, rancher v2.8.2, and upgrade all test dependendencies (#628) * Add kubebuilder example and validation * Add TargetPlatform to SeedImageSpec * Add disable-boot-entry flag to reset command - Update to version 1.4.3 - Update to version 1.4.2 - Update to version 1.4.1 - Update to version 1.4.0+git20231128.a867d93: * Unify all chart files under .obs/charfile - Update to version 1.3.2+git20230824.c90c1c8: * Charts: sync OBS charts * Update .obs/chartfile/crds/Chart.yaml * Adapt tests and Makefile * Split chart into crds chart and operator chart - Update to version 0.5.0+git20220902.3d28c5d: * Configure custom smbios data (#157) - Update to version v0.4.4: * Fix secretname for the apiService (#153) * Enable deploying operator replicas (#150) - Update to version 0.4.3+git20220822.f0bd8f4: * log: report elemental installation completion * Fix e2e discovery tests (#138) - Update to version v0.4.3: * Remove default value for flag and expand description (#126) * [chart] only add default-registry if specified (#128) * Set the proper namespace (#117) - Bump to v0.4.2 - Bump to v0.4.1 - Update to version v0.4.0: * Add README to elemetal-operator helm chart (#56) - Update Chart.yaml to the right elemental-operator version - Update to elemental-operator v0.3.0 - Improve Makefile to get image tag from github - Update Makefile and build elemental-operator.tar - Bump version to 0.2.1 - Bump elemental-operator tag image to 0.2.1-10.1 - Bump elemental-operator tag image to 0.2.0-9.1 - Update _helmignore file - Update Makefile and fix build issues - Add _helmignore file - Update to version 0.1.1+git2022-07-13.adfff7c: * Use cacert from rancher and use serverl-url from rancher (#36) - Update image repository in values-overwrite.yaml - Initial commit for elemental-operator helm chart Changes in elemental-operator1.5-helm: - Update to version 1.5.1 - Update to version 1.5.0: * Enable ManagedOSImage updates (#658) * charts: backport changes from Rancher Marketplace chart (#652) * Test against k8s v1.27, rancher v2.8.2, and upgrade all test dependendencies (#628) * Fix default values in questions.yaml file * Unify all chart files under .obs/charfile * charts: fix annotations (#566) * Add slem4r images in channel (#544) * Charts: fix OBS build * Charts: sync OBS charts * Fixed a typo in the version string for elemental-teal-channel in helm chart (#495) - Update to version 1.4.3 - Update to version 1.4.2 * Fix default values in questions.yaml file - Update to version 1.4.1 - Update to version 1.4.0+git20231129.c7f1dc1: * Add slem4r images in channel (#544) - Update to version 1.4.0+git20231128.a867d93: * Unify all chart files under .obs/charfile * charts: fix annotations (#566) * Charts: fix OBS build - Update to version 1.3.2+git20230824.c90c1c8: * Charts: sync OBS charts * Fixed a typo in the version string for elemental-teal-channel in helm chart (#495) * Remove SLE Micro reference from elemental-operator images * Make SLE Micro version from image references dynamic (#480) * Adapt tests and Makefile * Split chart into crds chart and operator chart - Update to version 0.5.0+git20220902.3d28c5d: * Configure custom smbios data (#157) - Update to version v0.4.4: * Fix secretname for the apiService (#153) * Enable deploying operator replicas (#150) - Update to version 0.4.3+git20220822.f0bd8f4: * log: report elemental installation completion * Fix e2e discovery tests (#138) - Update to version v0.4.3: * Remove default value for flag and expand description (#126) * [chart] only add default-registry if specified (#128) * Set the proper namespace (#117) - Bump to v0.4.2 - Bump to v0.4.1 - Update to version v0.4.0: * Add README to elemetal-operator helm chart (#56) - Update Chart.yaml to the right elemental-operator version - Update to elemental-operator v0.3.0 - Improve Makefile to get image tag from github - Update Makefile and build elemental-operator.tar - Bump version to 0.2.1 - Bump elemental-operator tag image to 0.2.1-10.1 - Bump elemental-operator tag image to 0.2.0-9.1 - Update _helmignore file - Update Makefile and fix build issues - Add _helmignore file - Update to version 0.1.1+git2022-07-13.adfff7c: * Use cacert from rancher and use serverl-url from rancher (#36) - Update image repository in values-overwrite.yaml - Initial commit for elemental-operator helm chart Changes in elemental-rt-channel-image: - Adapt the Dockerfile to explicitly pull elemental-register (v1.4) instead of the newer 1.5 variant of it. - Fix RT URLs and use import channel.json file from previous build stage - Only build for x86_64 - Add SLE Micro RT v2.0.2 to channel Changes in elemental-rt-channel1.5-image: - Fix RT URLs and use import channel.json file from previous build stage - Only build for x86_64 - Add SLE Micro RT v2.0.2 to channel - Adapt channel to the new 'suse/sle-micro' images Changes in elemental-toolkit: - Update to version 1.1.5: * [v1.1.x] Move recovery hostname to cloud-config-defaults (#2047) - Update to version 1.1.4: * Add default rootfs settings * Install podman in example Dockerfiles (#1959) - Update to version 1.1.2: * Remove unused method * Update copyright year (2024) * Update workflow to trigger for go.mod * Bump moby@v25.0.1 * Bump docker@v23.0.8 * Bump go-git@v5.11.0 * Bump containerd@v1.7.12 Changes in operator-image1.5: - Update to version 1.5.1: * Repurpose v1.5.x branch for SLE Micro 5.5 - Update to version 1.5.0: * Micro rename (#684) * operator/Dockerfile: tag IMAGE_REPO with :latest - Update to version 1.4.3 - Update to version 1.4.2 - Update to version 1.4.1 - Adding a changes file Changes in seedimage-builder: - Update to version 1.4.3 Changes in seedimage-builder1.5: - Update to version 1.5.1: * Repurpose v1.5.x branch for SLE Micro 5.5 - Update to version 1.5.0: * Micro rename (#684) * seedimage: add tag to IMG_REPO * seedimage: switch labelprefix to com.suse.elemental * seedimage: Switch to toolbox for ALP * Add elemental-seedimage-hooks package (#592) * Add grub package to seedimage built in OBS (#568) * Build raw disk images in SeedImage (#557) - Update to version 1.4.3 - Update to version 1.4.2 - Update to version 1.4.1 - Adding changes file The following package changes have been done: - filesystem-15.0-150500.1.1 added - glibc-2.31-150300.74.1 added - elemental-register1.5-1.5.1-150500.1.3.1 added - system-user-root-20190513-3.3.1 added - libonig4-6.7.0-150000.3.3.1 added - libjq1-1.6-3.3.1 added - jq-1.6-3.3.1 added - container:suse-sle-micro-5.5-latest-- added - container:bci-bci-busybox-15.5-- added