Update to 2.14.0

Fix trailing whitespace, and sync incidental changes from Fedora specfile. Resolves: rhbz#2090647
2022-05-26 05:06:08 -04:00 · 2022-05-26 05:06:08 -04:00 · 953995bb45
commit 953995bb45
parent 5ef0e911a9
5 changed files with 40 additions and 125 deletions
--- a/.gitignore
+++ b/.gitignore
@ -55,3 +55,4 @@
 /ignition-2.9.0.tar.gz
 /ignition-2.12.0.tar.gz
 /ignition-2.13.0.tar.gz
+/ignition-2.14.0.tar.gz
--- a/ignition.spec
+++ b/ignition.spec
@ -10,7 +10,7 @@
 # https://github.com/coreos/ignition
 %global goipath         github.com/coreos/ignition
 %global gomodulesmode   GO111MODULE=on
-Version:                2.13.0
+Version:                2.14.0

 %gometa

@ -19,20 +19,16 @@ Version:                2.13.0
 %global dracutlibdir %{_prefix}/lib/dracut

 Name:           ignition
-Release:        2%{?dist}
+Release:        1%{?dist}
 Summary:        First boot installer and configuration tool

 # Upstream license specification: Apache-2.0
 License:        ASL 2.0
 URL:            %{gourl}
 Source0:        %{gosource}
-# https://github.com/coreos/ignition/pull/1307
-Patch0:         luks-volume-reuse.patch
-# vmware: kernel_lockdown breaks guestinfo fetching
-# https://github.com/coreos/ignition/issues/1092
-Patch1:         vendor-vmw-guestinfo-quickfix-to-skip-performing-iop.patch

 BuildRequires: libblkid-devel
+BuildRequires: systemd-rpm-macros

 # Requires for 'disks' stage
 %if 0%{?fedora}
@ -98,27 +94,28 @@ Provides: bundled(golang(github.com/aws/aws-sdk-go/service/s3/s3iface)) = 1.30.2
 Provides: bundled(golang(github.com/aws/aws-sdk-go/service/s3/s3manager)) = 1.30.28
 Provides: bundled(golang(github.com/aws/aws-sdk-go/service/sts)) = 1.30.28
 Provides: bundled(golang(github.com/aws/aws-sdk-go/service/sts/stsiface)) = 1.30.28
+Provides: bundled(golang(github.com/beevik/etree)) = 1.1.1-0.20200718192613.git4a2f8b9d084c
 Provides: bundled(golang(github.com/coreos/go-semver/semver)) = 0.3.0
 Provides: bundled(golang(github.com/coreos/go-systemd/v22/dbus)) = 22.0.0
 Provides: bundled(golang(github.com/coreos/go-systemd/v22/journal)) = 22.0.0
 Provides: bundled(golang(github.com/coreos/go-systemd/v22/unit)) = 22.0.0
-Provides: bundled(golang(github.com/coreos/vcontext/json)) = 0.0.0-20210407161507.git4ee6c745c8bd
-Provides: bundled(golang(github.com/coreos/vcontext/path)) = 0.0.0-20210407161507.git4ee6c745c8bd
-Provides: bundled(golang(github.com/coreos/vcontext/report)) = 0.0.0-20210407161507.git4ee6c745c8bd
-Provides: bundled(golang(github.com/coreos/vcontext/tree)) = 0.0.0-20210407161507.git4ee6c745c8bd
-Provides: bundled(golang(github.com/coreos/vcontext/validate)) = 0.0.0-20210407161507.git4ee6c745c8bd
+Provides: bundled(golang(github.com/coreos/vcontext/json)) = 0.0.0-20211021162308.gitf1dbbca7bef4
+Provides: bundled(golang(github.com/coreos/vcontext/path)) = 0.0.0-20211021162308.gitf1dbbca7bef4
+Provides: bundled(golang(github.com/coreos/vcontext/report)) = 0.0.0-20211021162308.gitf1dbbca7bef4
+Provides: bundled(golang(github.com/coreos/vcontext/tree)) = 0.0.0-20211021162308.gitf1dbbca7bef4
+Provides: bundled(golang(github.com/coreos/vcontext/validate)) = 0.0.0-20211021162308.gitf1dbbca7bef4
 Provides: bundled(golang(github.com/google/renameio)) = 0.1.0
 Provides: bundled(golang(github.com/google/uuid)) = 1.1.1
 Provides: bundled(golang(github.com/pin/tftp)) = 2.1.0
 Provides: bundled(golang(github.com/pin/tftp/netascii)) = 2.1.0
-Provides: bundled(golang(github.com/stretchr/testify/assert)) = 1.5.1
-Provides: bundled(golang(github.com/vincent-petithory/dataurl)) = 0.0.0-20160330182126.git9a301d65acbb
-Provides: bundled(golang(github.com/vmware/vmw-guestinfo/bdoor)) = 0.0.0-20170707015358.git25eff159a728
-Provides: bundled(golang(github.com/vmware/vmw-guestinfo/message)) = 0.0.0-20170707015358.git25eff159a728
-Provides: bundled(golang(github.com/vmware/vmw-guestinfo/rpcout)) = 0.0.0-20170707015358.git25eff159a728
-Provides: bundled(golang(github.com/vmware/vmw-guestinfo/rpcvmx)) = 0.0.0-20170707015358.git25eff159a728
-Provides: bundled(golang(github.com/vmware/vmw-guestinfo/vmcheck)) = 0.0.0-20170707015358.git25eff159a728
-Provides: bundled(golang(github.com/vmware/vmw-ovflib)) = 0.0.0-20170608004843.git1f217b9dc714
+Provides: bundled(golang(github.com/spf13/pflag)) = 1.0.6-0.20210604193023.gitd5e0c0615ace
+Provides: bundled(golang(github.com/stretchr/testify/assert)) = 1.7.0
+Provides: bundled(golang(github.com/vincent-petithory/dataurl)) = 1.0.0
+Provides: bundled(golang(github.com/vmware/vmw-guestinfo/bdoor)) = 0.0.0-20220317130741.git510905f0efa3
+Provides: bundled(golang(github.com/vmware/vmw-guestinfo/message)) = 0.0.0-20220317130741.git510905f0efa3
+Provides: bundled(golang(github.com/vmware/vmw-guestinfo/rpcout)) = 0.0.0-20220317130741.git510905f0efa3
+Provides: bundled(golang(github.com/vmware/vmw-guestinfo/rpcvmx)) = 0.0.0-20220317130741.git510905f0efa3
+Provides: bundled(golang(github.com/vmware/vmw-guestinfo/vmcheck)) = 0.0.0-20220317130741.git510905f0efa3
 Provides: bundled(golang(golang.org/x/net/context)) = 0.0.0-20200602114024.git627f9648deb9
 Provides: bundled(golang(golang.org/x/net/context/ctxhttp)) = 0.0.0-20200602114024.git627f9648deb9
 Provides: bundled(golang(golang.org/x/net/http2)) = 0.0.0-20200602114024.git627f9648deb9
@ -233,13 +230,13 @@ Conflicts: ignition < 0.31.0-3

 # In case someone has this subpackage installed, obsolete the old name
 # Drop in Fedora 38
-Obsoletes:     ignition-validate-nonlinux < 2.13.0-4 
+Obsoletes:     ignition-validate-nonlinux < 2.13.0-4

 %description validate-redistributable
-This package contains macOS and Windows ignition-validate binaries built
-through cross-compilation. Do not install it. It is only used for
-building binaries to sign by Fedora release engineering and include on the
-Ignition project's Github releases page.
+This package contains statically linked Linux, macOS, and Windows
+ignition-validate binaries built through cross-compilation. Do not install it.
+It is only used for building release binaries to be signed by Fedora release
+engineering and uploaded to the Ignition GitHub releases page.
 %endif

 %prep
@ -271,7 +268,8 @@ echo "Building statically-linked Linux ignition-validate..."
 CGO_ENABLED=0 GOARCH=arm64 GOOS=linux %gocrossbuild -o ./ignition-validate-aarch64-unknown-linux-gnu-static validate/main.go
 CGO_ENABLED=0 GOARCH=ppc64le GOOS=linux %gocrossbuild -o ./ignition-validate-ppc64le-unknown-linux-gnu-static validate/main.go
 CGO_ENABLED=0 GOARCH=s390x GOOS=linux %gocrossbuild -o ./ignition-validate-s390x-unknown-linux-gnu-static validate/main.go
-CGO_ENABLED=0 GOARCH=amd64 GOOS=linux %gocrossbuild -o ./ignition-validate-x86_64-unknown-linux-gnu-static validate/main.go 
+CGO_ENABLED=0 GOARCH=amd64 GOOS=linux %gocrossbuild -o ./ignition-validate-x86_64-unknown-linux-gnu-static validate/main.go
+
 echo "Building macOS ignition-validate..."
 GOARCH=amd64 GOOS=darwin %gocrossbuild -o ./ignition-validate-x86_64-apple-darwin validate/main.go

@ -283,6 +281,10 @@ GOARCH=amd64 GOOS=windows %gocrossbuild -o ./ignition-validate-x86_64-pc-windows
 # dracut modules
 install -d -p %{buildroot}/%{dracutlibdir}/modules.d
 cp -r dracut/* %{buildroot}/%{dracutlibdir}/modules.d/
+install -m 0644 -D -t %{buildroot}/%{_unitdir} systemd/ignition-delete-config.service
+install -m 0755 -d %{buildroot}/%{_libexecdir}
+ln -sf ../lib/dracut/modules.d/30ignition/ignition %{buildroot}/%{_libexecdir}/ignition-apply
+ln -sf ../lib/dracut/modules.d/30ignition/ignition %{buildroot}/%{_libexecdir}/ignition-rmcfg

 # ignition
 install -d -p %{buildroot}%{_bindir}
@ -292,7 +294,7 @@ install -p -m 0755 ./ignition-validate %{buildroot}%{_bindir}
 install -d -p %{buildroot}%{_datadir}/ignition
 install -p -m 0644 ./ignition-validate-aarch64-unknown-linux-gnu-static %{buildroot}%{_datadir}/ignition
 install -p -m 0644 ./ignition-validate-ppc64le-unknown-linux-gnu-static %{buildroot}%{_datadir}/ignition
-install -p -m 0644 ./ignition-validate-s390x-unknown-linux-gnu-static %{buildroot}%{_datadir}/ignition 
+install -p -m 0644 ./ignition-validate-s390x-unknown-linux-gnu-static %{buildroot}%{_datadir}/ignition
 install -p -m 0644 ./ignition-validate-x86_64-apple-darwin %{buildroot}%{_datadir}/ignition
 install -p -m 0644 ./ignition-validate-x86_64-pc-windows-gnu.exe %{buildroot}%{_datadir}/ignition
 install -p -m 0644 ./ignition-validate-x86_64-unknown-linux-gnu-static %{buildroot}%{_datadir}/ignition
@ -312,6 +314,9 @@ install -p -m 0755 ./ignition %{buildroot}/%{dracutlibdir}/modules.d/30ignition
 %license %{golicenses}
 %doc %{godocs}
 %{dracutlibdir}/modules.d/*
+%{_unitdir}/*.service
+%{_libexecdir}/ignition-apply
+%{_libexecdir}/ignition-rmcfg

 %files validate
 %doc README.md
@ -324,13 +329,18 @@ install -p -m 0755 ./ignition %{buildroot}/%{dracutlibdir}/modules.d/30ignition
 %dir %{_datadir}/ignition
 %{_datadir}/ignition/ignition-validate-aarch64-unknown-linux-gnu-static
 %{_datadir}/ignition/ignition-validate-ppc64le-unknown-linux-gnu-static
-%{_datadir}/ignition/ignition-validate-s390x-unknown-linux-gnu-static 
+%{_datadir}/ignition/ignition-validate-s390x-unknown-linux-gnu-static
 %{_datadir}/ignition/ignition-validate-x86_64-apple-darwin
 %{_datadir}/ignition/ignition-validate-x86_64-pc-windows-gnu.exe
 %{_datadir}/ignition/ignition-validate-x86_64-unknown-linux-gnu-static
 %endif

 %changelog
+* Thu May 26 2022 Benjamin Gilbert <bgilbert@redhat.com> - 2.14.0-1
+- New release
+- Add ignition-apply symlink
+- Add ignition-rmcfg symlink and ignition-delete-config.service
+
 * Mon Mar 21 2022 Sohan Kunkerkar <skunkerk@redhat.com> - 2.13.0-2
 - Rename -validate-nonlinux subpackage to -validate-redistributable
 - Add static Linux binaries to -redistributable
--- a/luks-volume-reuse.patch
+++ b/luks-volume-reuse.patch
@ -1,56 +0,0 @@
-From aed47c18aee593d155d45c0fe9ba29a9e3123cf6 Mon Sep 17 00:00:00 2001
-From: Benjamin Gilbert <bgilbert@redhat.com>
-Date: Mon, 17 Jan 2022 21:17:08 -0500
-Subject: [PATCH] disks: fix reuse of statically keyed LUKS volume
-
-We need to persist a volume's keyfile to the real root even if we take
-the early `continue` when reusing the volume.  Rather than copying code,
-enable persistence up front and then disable it afterward if we decide
-not to persist the key.
-
-Fixes error:
-
-    CRITICAL : Ignition failed: creating crypttab entries: missing persisted keyfile for [...]
-
-Fixes: https://github.com/coreos/ignition/issues/1305
-Fixes: 65e9c1611128 ("stages/disks: use State to persist keyfiles for files stage")
---
- internal/exec/stages/disks/luks.go | 15 ++++++++-------
- 1 file changed, 8 insertions(+), 7 deletions(-)
-
-diff --git a/internal/exec/stages/disks/luks.go b/internal/exec/stages/disks/luks.go
-index 77ecc24e..5fa15e70 100644
--- a/internal/exec/stages/disks/luks.go
-+++ b/internal/exec/stages/disks/luks.go
-@@ -156,6 +156,13 @@ func (s *stage) createLuks(config types.Config) error {
- 				}
- 			}
- 		}
-+		// store the key to be persisted into the real root
-+		// do this here so device reuse works correctly
-+		key, err := ioutil.ReadFile(keyFilePath)
-+		if err != nil {
-+			return fmt.Errorf("failed to read keyfile %q: %w", keyFilePath, err)
-+		}
-+		s.State.LuksPersistKeyFiles[luks.Name] = dataurl.EncodeBytes(key)
- 
- 		if !util.IsTrue(luks.WipeVolume) {
- 			// If the volume isn't forcefully being created, then we need
-@@ -329,13 +336,7 @@ func (s *stage) createLuks(config types.Config) error {
- 			); err != nil {
- 				return fmt.Errorf("removing key file from luks device: %v", err)
- 			}
-		} else {
-			// store the key to be persisted into the real root
-			key, err := ioutil.ReadFile(keyFilePath)
-			if err != nil {
-				return fmt.Errorf("failed to read keyfile %q: %w", keyFilePath, err)
-			}
-			s.State.LuksPersistKeyFiles[luks.Name] = dataurl.EncodeBytes(key)
-+			delete(s.State.LuksPersistKeyFiles, luks.Name)
- 		}
- 	}
- 
-- 
-2.33.1
-
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (ignition-2.13.0.tar.gz) = 8e5a2e2feac002e829f2d5de54596752efef3a42ad393e55a15c0cc50b7ea4c438380cbb82c9ed386721cccea4a579e32960c463a7ec4fc27ac8aa532cf425ca
+SHA512 (ignition-2.14.0.tar.gz) = e66d42bcfc516055f61abd1808e7ed1bdb4bf4e99b69c16ab9031be173a709c5864e74f23033cb33288e758b2f98a1dd878ef1aa802220afa504997fc3440af3
--- a/vendor-vmw-guestinfo-quickfix-to-skip-performing-iop.patch
+++ b/vendor-vmw-guestinfo-quickfix-to-skip-performing-iop.patch
@ -1,40 +0,0 @@
-From 069ab246129be6860aed3389c526543afa87e712 Mon Sep 17 00:00:00 2001
-From: Luca BRUNO <luca.bruno@coreos.com>
-Date: Thu, 17 Sep 2020 16:07:59 +0000
-Subject: [PATCH] vendor/vmw-guestinfo: quickfix to skip performing iopl
-
-This is a quickfix to avoid performing an `iopl`, which is blocked by
-kernel_lockdown under SecureBoot.
-
-Refs:
- * https://bugzilla.redhat.com/show_bug.cgi?id=1877995
- * https://github.com/lucab/vmw_backdoor-rs/issues/6
- * https://github.com/coreos/ignition/issues/1092
---
- .../vmware/vmw-guestinfo/vmcheck/vmcheck.go           | 11 +++++++----
- 1 file changed, 7 insertions(+), 4 deletions(-)
-
-diff --git a/vendor/github.com/vmware/vmw-guestinfo/vmcheck/vmcheck.go b/vendor/github.com/vmware/vmw-guestinfo/vmcheck/vmcheck.go
-index c46cc5e4..ffd866c0 100644
--- a/vendor/github.com/vmware/vmw-guestinfo/vmcheck/vmcheck.go
-+++ b/vendor/github.com/vmware/vmw-guestinfo/vmcheck/vmcheck.go
-@@ -41,10 +41,13 @@ func IsVirtualWorld() (bool, error) {
- 
- // hypervisorPortCheck tests the availability of the HV port.
- func hypervisorPortCheck() (bool, error) {
-	// Privilege level 3 to access all ports above 0x3ff
-	if err := openPortsAccess(); err != nil {
-		return false, err
-	}
-+       // XXX(lucab): quickfix for https://github.com/coreos/ignition/issues/1092.
-+       /*
-+               // Privilege level 3 to access all ports above 0x3ff
-+               if err := openPortsAccess(); err != nil {
-+                       return false, err
-+               }
-+       */
- 
- 	p := &bdoor.BackdoorProto{}
- 
-- 
-2.21.1