From 73fb980885a044b642a572b5321e4165f79b1493 Mon Sep 17 00:00:00 2001 From: Rishi Anand Date: Thu, 14 Sep 2023 02:10:31 -0700 Subject: [PATCH 1/9] PE-2605 Adding apparmor-parser as se_linux is disabled (#57) --- Earthfile | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/Earthfile b/Earthfile index 1f7ee38..48f13ee 100644 --- a/Earthfile +++ b/Earthfile @@ -266,6 +266,13 @@ base-image: RUN zypper cc && \ zypper clean END + + IF [ "$OS_DISTRIBUTION" = "opensuse-leap" ] + RUN zypper install -y apparmor-parser apparmor-profiles + RUN zypper cc && \ + zypper clean + END + IF [ "$ARCH" = "arm64" ] RUN mkdir -p /etc/luet/repos.conf.d && luet repo add spectro --type docker --url gcr.io/spectro-dev-public/luet-repo-arm --priority 1 -y && luet repo update ELSE IF [ "$ARCH" = "amd64" ] From 80eaa2dbed4906c385e2b998f1dd8a3d7df4c175 Mon Sep 17 00:00:00 2001 From: Rishi Anand Date: Thu, 14 Sep 2023 02:12:52 -0700 Subject: [PATCH 2/9] Updating Earthfile with Luet version v1.1.4 (#55) * Updating Earthfile with Luet version v1.1.3 * Update Earthfile --------- Co-authored-by: Santhosh --- Earthfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Earthfile b/Earthfile index 48f13ee..ddf1e0d 100644 --- a/Earthfile +++ b/Earthfile @@ -10,7 +10,7 @@ ARG K8S_DISTRIBUTION ARG CUSTOM_TAG ARG ARCH ARG PE_VERSION=v4.0.3 -ARG SPECTRO_LUET_VERSION=v1.1.2 +ARG SPECTRO_LUET_VERSION=v1.1.4 ARG KAIROS_VERSION=v2.3.2 ARG K3S_FLAVOR_TAG=k3s1 ARG RKE2_FLAVOR_TAG=rke2r1 From 58ab429f66e6340b7b76d03a5aaed5000c8ebdf9 Mon Sep 17 00:00:00 2001 From: Santhosh Date: Fri, 15 Sep 2023 22:42:39 +0530 Subject: [PATCH 3/9] Update PE_VERSION --- Earthfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Earthfile b/Earthfile index ddf1e0d..4784b96 100644 --- a/Earthfile +++ b/Earthfile @@ -9,7 +9,7 @@ ARG IMAGE_REPO=$OS_DISTRIBUTION ARG K8S_DISTRIBUTION ARG CUSTOM_TAG ARG ARCH -ARG PE_VERSION=v4.0.3 +ARG PE_VERSION=v4.0.4 ARG SPECTRO_LUET_VERSION=v1.1.4 ARG KAIROS_VERSION=v2.3.2 ARG K3S_FLAVOR_TAG=k3s1 From f67db2a4f457e23630f5a4d431d93a64a89da573 Mon Sep 17 00:00:00 2001 From: Santhosh Date: Thu, 21 Sep 2023 23:45:06 +0530 Subject: [PATCH 4/9] Update ubuntu-fips kernel for fips --- ubuntu-fips/Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ubuntu-fips/Dockerfile b/ubuntu-fips/Dockerfile index 74efc8d..7d4a879 100644 --- a/ubuntu-fips/Dockerfile +++ b/ubuntu-fips/Dockerfile @@ -155,6 +155,9 @@ RUN rm -rf /boot/initramfs-* # Fixup sudo perms RUN chown root:root /usr/bin/sudo && chmod 4755 /usr/bin/sudo +# Symlink kernel HMAC +RUN kernel=$(ls /boot/vmlinuz-* | head -n1) && ln -sf ."${kernel#/boot/}".hmac /boot/.vmlinuz.hmac + RUN ln -s /usr/sbin/grub-install /usr/sbin/grub2-install RUN ln -s /usr/bin/grub-editenv /usr/bin/grub2-editenv From b583e089bc83d6a787c66aabab0d9750b13ba020 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 21 Sep 2023 11:25:16 -0700 Subject: [PATCH 5/9] move etcdctl to /usr/bin (#59) (#61) (cherry picked from commit 96372c7ec02cef74ef01f39ab959865e85915e65) Co-authored-by: Nianyu Shen --- Earthfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Earthfile b/Earthfile index 4784b96..d43a122 100644 --- a/Earthfile +++ b/Earthfile @@ -157,7 +157,7 @@ provider-image: RUN luet install -y k8s/$K8S_DISTRIBUTION@$BASE_K8S_VERSION && luet cleanup RUN rm -f /etc/ssh/ssh_host_* /etc/ssh/moduli - COPY (+download-etcdctl/etcdctl) /usr/local/bin/ + COPY (+download-etcdctl/etcdctl) /usr/bin/ RUN touch /etc/machine-id \ && chmod 444 /etc/machine-id From 38da95803589a162ba2b7eaf469988eb267bc0d3 Mon Sep 17 00:00:00 2001 From: Santhosh Date: Tue, 3 Oct 2023 05:46:34 -0700 Subject: [PATCH 6/9] Update PE_VERSION to v4.0.5 --- Earthfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Earthfile b/Earthfile index d43a122..46d44e2 100644 --- a/Earthfile +++ b/Earthfile @@ -9,7 +9,7 @@ ARG IMAGE_REPO=$OS_DISTRIBUTION ARG K8S_DISTRIBUTION ARG CUSTOM_TAG ARG ARCH -ARG PE_VERSION=v4.0.4 +ARG PE_VERSION=v4.0.5 ARG SPECTRO_LUET_VERSION=v1.1.4 ARG KAIROS_VERSION=v2.3.2 ARG K3S_FLAVOR_TAG=k3s1 From cfa60a1805ff9e9afeab3c0c2d4e26bb05eeea8e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sun, 8 Oct 2023 22:24:51 -0700 Subject: [PATCH 7/9] PE-2558: use fips image for rke2 if fips_enabled is true (#67) (#68) (cherry picked from commit fff7a34e30c294a5cac73bae07161ef97f53070f) Co-authored-by: Santhosh --- Earthfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Earthfile b/Earthfile index 46d44e2..6523cd5 100644 --- a/Earthfile +++ b/Earthfile @@ -165,7 +165,7 @@ provider-image: SAVE IMAGE --push $IMAGE_PATH stylus-image: - IF [ "$K8S_DISTRIBUTION" = "kubeadm-fips" ] + IF [ "$FIPS_ENABLED" = "true" ] ARG STYLUS_BASE=gcr.io/spectro-dev-public/stylus-framework-fips-linux-$ARCH:$PE_VERSION ELSE ARG STYLUS_BASE=gcr.io/spectro-dev-public/stylus-framework-linux-$ARCH:$PE_VERSION From 284331edaa6ed43036beb719ae6d05772fb6f5c7 Mon Sep 17 00:00:00 2001 From: Santhosh Date: Mon, 9 Oct 2023 08:39:02 -0700 Subject: [PATCH 8/9] add support for sles os_distribution (#69) --- Earthfile | 2 +- README.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Earthfile b/Earthfile index 6523cd5..6c0908a 100644 --- a/Earthfile +++ b/Earthfile @@ -38,7 +38,7 @@ ELSE IF [ "$OS_DISTRIBUTION" = "opensuse-leap" ] && [ "$BASE_IMAGE" = "" ] ARG BASE_IMAGE_NAME=core-$OS_DISTRIBUTION ARG BASE_IMAGE_TAG=core-$OS_DISTRIBUTION:$KAIROS_VERSION ARG BASE_IMAGE=$BASE_IMAGE_URL/$BASE_IMAGE_TAG -ELSE IF [ "$OS_DISTRIBUTION" = "rhel" ] +ELSE IF [ "$OS_DISTRIBUTION" = "rhel" ] || [ "$OS_DISTRIBUTION" = "sles" ] # Check for default value for rhel ARG BASE_IMAGE END diff --git a/README.md b/README.md index d5b083a..7eeade6 100644 --- a/README.md +++ b/README.md @@ -114,9 +114,9 @@ Skip this step if your base image is ubuntu or opensuse-leap. If you are buildin |------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------|-------------------------| | CUSTOM_TAG | Environment name for provider image tagging. The default value is `demo`. | String | `demo` | | IMAGE_REGISTRY | Image registry name that will store the image artifacts. The default value points to the *ttl.sh* image registry, an anonymous and ephemeral Docker image registry where images live for a maximum of 24 hours by default. If you wish to make the images exist longer than 24 hours, you can use any other image registry to suit your needs. | String | `ttl.sh` | -| OS_DISTRIBUTION | OS distribution of your choice. For example, it can be `ubuntu` or `opensuse-leap`. | String | `ubuntu` | +| OS_DISTRIBUTION | OS distribution of your choice. For example, it can be `ubuntu`, `opensuse-leap`, `rhel` or `sles` | String | `ubuntu` | | IMAGE_REPO | Image repository name in your chosen registry. | String | `$OS_DISTRIBUTION` | -| OS_VERSION | OS version. For Ubuntu, the possible values are `20`, and `22`. Whereas for openSUSE Leap, the possible value is `15.4`. This example uses `22` for Ubuntu. | String | `22` | +| OS_VERSION | OS version. For Ubuntu, the possible values are `20`, and `22`. Whereas for openSUSE Leap, the possible value is `15.4`. For sles, possible values are `5.4`. This example uses `22` for Ubuntu. | String | `22` | | K8S_DISTRIBUTION | Kubernetes distribution name. It can be one of these: `k3s`, `rke2`, `kubeadm`, or `kubeadm-fips`. | String | `k3s` | | ISO_NAME | Name of the Edge installer ISO image. In this example, the name is *palette-edge-installer*. | String | `palette-edge-installer`| | ARCH | Type of platform to use for the build. Used for Cross Platform Build (arm64 to amd64 as example). | string | `amd64` | From 0621341826a4184142d507f942983898f655411c Mon Sep 17 00:00:00 2001 From: vipsharm Date: Mon, 9 Oct 2023 11:39:34 -0700 Subject: [PATCH 9/9] Release 4.0.6 --- Earthfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Earthfile b/Earthfile index 6c0908a..5b26308 100644 --- a/Earthfile +++ b/Earthfile @@ -9,7 +9,7 @@ ARG IMAGE_REPO=$OS_DISTRIBUTION ARG K8S_DISTRIBUTION ARG CUSTOM_TAG ARG ARCH -ARG PE_VERSION=v4.0.5 +ARG PE_VERSION=v4.0.6 ARG SPECTRO_LUET_VERSION=v1.1.4 ARG KAIROS_VERSION=v2.3.2 ARG K3S_FLAVOR_TAG=k3s1