diff --git a/.gitignore b/.gitignore index 2d860cd..5d442e6 100644 --- a/.gitignore +++ b/.gitignore @@ -53,3 +53,4 @@ /ignition-c733d23.tar.gz /ignition-1d56dc8.tar.gz /ignition-2.9.0.tar.gz +/ignition-2.10.1.tar.gz diff --git a/ignition.rpmlintrc b/ignition.rpmlintrc new file mode 100644 index 0000000..de41af1 --- /dev/null +++ b/ignition.rpmlintrc @@ -0,0 +1,2 @@ +# Suppress hardcoded library path warning +addFilter("hardcoded-library-path in %{_prefix}/lib/dracut") diff --git a/ignition.spec b/ignition.spec index 6e768a6..4bf342b 100644 --- a/ignition.spec +++ b/ignition.spec @@ -58,15 +58,12 @@ %global dracutlibdir %{_prefix}/lib/dracut Name: ignition -Version: 2.9.0 -Release: 4%{?dist} +Version: 2.10.1 +Release: 1%{?dist} Summary: First boot installer and configuration tool License: ASL 2.0 URL: https://%{provider_prefix} Source0: https://%{provider_prefix}/archive/v%{version}/%{repo}-%{version}.tar.gz -# Fix AWS probing by using the IMDS token URL to ensure that networking is up -# https://github.com/coreos/ignition/pull/1161 -Patch0: internal-providers-aws-probe-the-IMDS-token-URL.patch %define gopath %{_datadir}/gocode ExclusiveArch: %{go_arches} @@ -171,11 +168,11 @@ Provides: bundled(golang(github.com/coreos/go-semver/semver)) = 0.3.0 Provides: bundled(golang(github.com/coreos/go-systemd/v22/dbus)) = 22.0.0 Provides: bundled(golang(github.com/coreos/go-systemd/v22/journal)) = 22.0.0 Provides: bundled(golang(github.com/coreos/go-systemd/v22/unit)) = 22.0.0 -Provides: bundled(golang(github.com/coreos/vcontext/json)) = 0.0.0-20201120045928.gitb0e13dab675c -Provides: bundled(golang(github.com/coreos/vcontext/path)) = 0.0.0-20201120045928.gitb0e13dab675c -Provides: bundled(golang(github.com/coreos/vcontext/report)) = 0.0.0-20201120045928.gitb0e13dab675c -Provides: bundled(golang(github.com/coreos/vcontext/tree)) = 0.0.0-20201120045928.gitb0e13dab675c -Provides: bundled(golang(github.com/coreos/vcontext/validate)) = 0.0.0-20201120045928.gitb0e13dab675c +Provides: bundled(golang(github.com/coreos/vcontext/json)) = 0.0.0-20210407161507.git4ee6c745c8bd +Provides: bundled(golang(github.com/coreos/vcontext/path)) = 0.0.0-20210407161507.git4ee6c745c8bd +Provides: bundled(golang(github.com/coreos/vcontext/report)) = 0.0.0-20210407161507.git4ee6c745c8bd +Provides: bundled(golang(github.com/coreos/vcontext/tree)) = 0.0.0-20210407161507.git4ee6c745c8bd +Provides: bundled(golang(github.com/coreos/vcontext/validate)) = 0.0.0-20210407161507.git4ee6c745c8bd Provides: bundled(golang(github.com/google/renameio)) = 0.1.0 Provides: bundled(golang(github.com/google/uuid)) = 1.1.1 Provides: bundled(golang(github.com/pin/tftp)) = 2.1.0 @@ -558,11 +555,17 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath} %gotest %{import_path}/config/merge %gotest %{import_path}/config/translate %gotest %{import_path}/config/v3_0 +%gotest %{import_path}/config/v3_0/translate %gotest %{import_path}/config/v3_0/types %gotest %{import_path}/config/v3_1 +%gotest %{import_path}/config/v3_1/translate %gotest %{import_path}/config/v3_1/types %gotest %{import_path}/config/v3_2 +%gotest %{import_path}/config/v3_2/translate %gotest %{import_path}/config/v3_2/types +%gotest %{import_path}/config/v3_3_experimental +%gotest %{import_path}/config/v3_3_experimental/translate +%gotest %{import_path}/config/v3_3_experimental/types %gotest %{import_path}/config/validate %gotest %{import_path}/internal/exec/stages/files %gotest %{import_path}/internal/exec/util @@ -605,6 +608,9 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath} %endif %changelog +* Thu Apr 29 2021 Stephen Lowrie - 2.10.1-1 +- New release + * Fri Feb 05 2021 Benjamin Gilbert - 2.9.0-4 - Drop Git commit hash from Release - Correctly enable IMDS patch diff --git a/internal-providers-aws-probe-the-IMDS-token-URL.patch b/internal-providers-aws-probe-the-IMDS-token-URL.patch deleted file mode 100644 index d989482..0000000 --- a/internal-providers-aws-probe-the-IMDS-token-URL.patch +++ /dev/null @@ -1,76 +0,0 @@ -From 74ffe3749d70b9d115a9b9790969b8dcb4a76e12 Mon Sep 17 00:00:00 2001 -From: Stephen Lowrie -Date: Mon, 11 Jan 2021 11:27:12 -0600 -Subject: [PATCH] internal/providers/aws: probe the IMDS token URL - -Probing the `/latest` path causes a 401 Unauthorized when running with -IMDSv2 only. Instead ping the token URL. ---- - internal/providers/aws/aws.go | 37 +++++++++++++++++++---------------- - 1 file changed, 20 insertions(+), 17 deletions(-) - -diff --git a/internal/providers/aws/aws.go b/internal/providers/aws/aws.go -index 54373dbb..4a6655f0 100644 ---- a/internal/providers/aws/aws.go -+++ b/internal/providers/aws/aws.go -@@ -40,11 +40,6 @@ var ( - Host: "169.254.169.254", - Path: "2019-10-01/user-data", - } -- metadataServiceProbeURL = url.URL{ -- Scheme: "http", -- Host: "169.254.169.254", -- Path: "latest", -- } - imdsTokenURL = url.URL{ - Scheme: "http", - Host: "169.254.169.254", -@@ -78,17 +73,17 @@ func NewFetcher(l *log.Logger) (resource.Fetcher, error) { - // Init prepares the fetcher for this platform - func Init(f *resource.Fetcher) error { - // During the fetch stage we might be running before the networking -- // is fully ready. Perform an HTTP fetch against the metadata probe -- // URL to ensure that networking is up before we attempt to fetch -- // the region hint from ec2metadata. -+ // is fully ready. Perform an HTTP fetch against the IMDS token URL -+ // to ensure that networking is up before we attempt to fetch the -+ // region hint from ec2metadata. - // -- // NOTE: the FetchToBuffer call against the metadata service probe -- // URL is a temporary solution to handle waiting for networking -- // before fetching from the AWS API. We do this instead of an -- // infinite retry loop on the API call because, without a clear -- // understanding of the failure cases, that would risk provisioning -- // failures due to quirks of the ec2metadata API. Additionally a -- // finite retry loop would have to time out quickly enough to avoid -+ // NOTE: the FetchToBuffer call against the IMDS token URL is a -+ // temporary solution to handle waiting for networking before -+ // fetching from the AWS API. We do this instead of an infinite -+ // retry loop on the API call because, without a clear understanding -+ // of the failure cases, that would risk provisioning failures due -+ // to quirks of the ec2metadata API. Additionally a finite retry -+ // loop would have to time out quickly enough to avoid - // extraordinarily long boots on failure (since this code runs in - // every stage) but that would risk premature timeouts if the - // network takes a while to come up. -@@ -102,8 +97,16 @@ func Init(f *resource.Fetcher) error { - // NOTE: FetchToBuffer is handling the ErrNeedNet case. If we move - // to an alternative method, we will need to handle the detection in - // this function. -- _, err := f.FetchToBuffer(metadataServiceProbeURL, resource.FetchOptions{}) -- if err != nil { -+ opts := resource.FetchOptions{ -+ Headers: http.Header{ -+ "x-aws-ec2-metadata-token-ttl-seconds": []string{"21600"}, -+ }, -+ HTTPVerb: "PUT", -+ } -+ _, err := f.FetchToBuffer(imdsTokenURL, opts) -+ // ErrNotFound would just mean that the instance might not have -+ // IMDSv2 enabled -+ if err != nil && err != resource.ErrNotFound { - return err - } - --- -2.29.2 diff --git a/sources b/sources index 8a36460..21c6ff9 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (ignition-2.9.0.tar.gz) = 714ae90fb32a45e1b21e0b0671e7933ce302cdd943cd02cfc221e8bf88269fb464ff5f740d54b444e5c341a3877bf2943ca6f2c2f1374df904386400d73ebe97 +SHA512 (ignition-2.10.1.tar.gz) = 039ea5ab19c0e2efa6ec2c21534e4a5b93f0fb20576d51563283ede1caa3faa29dbb461632bb01f7549d47677991d17516d94f2cefc5982d23545ace5f196f4f