Closed
Conversation
The cgpt tool supports only default 512 bytes sector size, so it cannot recognize partition tables on a UFS storage provisioned with 4KB sector size. This commit updates the cgpt tool to a newer version with the proper support for different sector sizes. An old non-used patch is also removed. Signed-off-by: Renê de Souza Pinto <rene@renesp.com.br>
When checking for unused state, zboot is comparing for 0x0. However only 0 is returned. This issue can be observed by getting the state of an unused partition: zboot partstate IMGB UNKNOWN 0 This commit fixes the checking. Signed-off-by: Renê de Souza Pinto <rene@renesp.com.br>
Update the hash for gpt-tools package to the latest version. Signed-off-by: Renê de Souza Pinto <rene@renesp.com.br>
…availability. Be flexible to intermittent network outages or cpu spikes. Signed-off-by: Andrew Durbin <andrewd@zededa.com>
Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.37.0 to 1.40.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.37.0...v1.40.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/sdk dependency-version: 1.40.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.38.0 to 1.40.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.38.0...v1.40.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/sdk dependency-version: 1.40.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Reorganize user-app related commands under "eve app" for better
ergonomics:
eve app list - list all user apps with display names and
status (RUNNING/STOPPED/HALTED)
eve app enter <app> - enter app shell by display name or container
ID
eve app console - list available VM consoles
eve app console <id> - attach to a VM console
The app list is driven from AppInstanceConfig as the source of truth,
which filters out volume containers that also live in the eve-user-apps
containerd namespace. Display names are resolved from the config JSON
using jq from the pillar onboot sysroot.
When entering a user app, the shell is auto-detected from the SHELL
environment variable in the OCI container spec. If SHELL is not set,
bash is tried first with a fallback to sh. This ensures users get
the best available shell (e.g. bash with history and completion)
instead of always dropping into plain sh.
The old list-app-consoles and attach-app-console commands are replaced
by the consolidated "eve app console" subcommand. The enter-user-app
command is replaced by "eve app enter".
Signed-off-by: Mikhail Malyshev <mike.malyshev@gmail.com>
Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.38.0 to 1.40.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.38.0...v1.40.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/sdk dependency-version: 1.40.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
for: - System/390 - HP Precision Architecutre - Riscv 32/64 bit - Power PC - OpenPower Signed-off-by: Christoph Ostarek <christoph@zededa.com>
move cleaning-up of unnecessary files out of building the scratch image to save time when transferring data from build image to scratch image Signed-off-by: Christoph Ostarek <christoph@zededa.com>
- support edgeview command passing App-UUID for virtctl to launch VNC proxy to be used for Edgeview-UI VNC and remote-console - have consolidated scheme for both remote-console and edgeview-ui VNC signaling file and launch - create new pkg/kube/vnc-proxy.sh script file Signed-off-by: naiming-zededa <naiming@zededa.com>
Unfortunately the job matrix cannot be used to build Yetus image because the job that finishes last will overwrite the image pushed to dockerhub. Since only x86 runners are used to build this image, there is no need to complicate the handling of manifests. Instead, we can just build and push both images at once. There are no advantages of the current matrix implementation. Signed-off-by: Renê de Souza Pinto <rene@renesp.com.br>
Remove deitch from CODEOWNERS as no longer active on project Signed-off-by: Avi Deitcher <avi@deitcher.net>
Start to use our Yetus container, which has dependencies already installed (e.g. ZFS lib, etc). Signed-off-by: Renê de Souza Pinto <rene@renesp.com.br>
The iwlwifi driver on ASUS-NUC14SRK (Meteor Lake PCH CNVi WiFi) needs iwlwifi-ma-b0-gf4-a0 firmware files (versions 77-89). These files are already present in linux-firmware-20240811 but were not being copied into the final image. Add COPY for iwlwifi-ma-b0-gf4-a0* which includes: - iwlwifi-ma-b0-gf4-a0-83.ucode - iwlwifi-ma-b0-gf4-a0-86.ucode - iwlwifi-ma-b0-gf4-a0-89.ucode - iwlwifi-ma-b0-gf4-a0.pnvm Signed-off-by: Mikhail Malyshev <mike.malyshev@gmail.com>
- the PR lf-edge#5638 introduced a regression. If the VMI on eve-k is already running, this new EVE image update won't automatically set the new feature item in kubevirt-feature.yaml, which can cause the VMI after update to fail to launch - this patch have a migration path to detect if this video feature is not there, apply the patch to that. Signed-off-by: naiming-zededa <naiming@zededa.com>
Fixes "Conditional expression contains literal text outside replacement
tokens. This will cause the expression to always evaluate to truthy. Did
you mean to put the entire expression inside ${{ }}?"
Signed-off-by: Paul Gaiduk <paulg@zededa.com>
And change the docker login step. Signed-off-by: Paul Gaiduk <paulg@zededa.com>
Bumps [github.com/docker/cli](https://github.com/docker/cli) from 28.3.0+incompatible to 29.2.0+incompatible. - [Commits](docker/cli@v28.3.0...v29.2.0) --- updated-dependencies: - dependency-name: github.com/docker/cli dependency-version: 29.2.0+incompatible dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
- Update eve-libs/nettrace to include the fix where HTTPClient.GetTrace() flushes all in-memory data and blocks until all asynchronous batch offloads are completed. This guarantees that exported traces are complete. - Extract tracing setup and teardown logic into helper methods (prepareNetworkTracing and processNetworkTraces) to remove duplication and unify trace lifecycle handling. - Fix trace handling in handleHTTPReqFailure. After introducing Bolt-based batch offloading, this path was not updated accordingly and continued to append in-memory traces to netdump. Since traces are offloaded to Bolt in batch mode, the in-memory structures were empty, resulting in missing network traces precisely when HTTP requests failed. The failure path now uses the same processing logic as the success path, ensuring that traces are properly flushed, exported, and attached to SendRetval. - Fix netdump tar path to properly use the per-session directory name Signed-off-by: Milan Lenco <milan@zededa.com>
Bumps [github.com/docker/cli](https://github.com/docker/cli) from 28.3.3+incompatible to 29.2.0+incompatible. - [Commits](docker/cli@v28.3.3...v29.2.0) --- updated-dependencies: - dependency-name: github.com/docker/cli dependency-version: 29.2.0+incompatible dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Some K3S_BASE mode use cases require local-path storage, for simplicity just enable it for all modes. Single node and CLUSTER_TYPE_REPLICATED_STORAGE continue to define all PVCs as longhorn. CLUSTER_TYPE_K3S_BASE will now allow for local volumes. Local-path storage is configured in the k3s config.yaml base config file to place all volumes in /persist/vault/volumes by default. Signed-off-by: Andrew Durbin <andrewd@zededa.com>
Fix LonghornReplicaList to be more resilient to failure modes. If the longhorn namespace exists pointing to an intact longhorn install, but the replica crd is missing, return no replicas and no error. This allows drain to be skipped and node delete or cluster delete to continue in a time efficient process. Fix Node Delete to be more resilient, defer node delete to run even in all error cases. Signed-off-by: Andrew Durbin <andrewd@zededa.com>
Remove security_opt and ports fields from build-dev.yml and build-k-dev.yml. These are Docker Compose-specific fields that have never been valid in linuxkit package build.yml files and were silently ignored by older linuxkit versions. The upcoming linuxkit upgrade introduces strict YAML validation that rejects unknown fields, so these must be removed first. Signed-off-by: Mikhail Malyshev <mike.malyshev@gmail.com>
Bumps [github.com/docker/cli](https://github.com/docker/cli) from 28.4.0+incompatible to 29.2.0+incompatible. - [Commits](docker/cli@v28.4.0...v29.2.0) --- updated-dependencies: - dependency-name: github.com/docker/cli dependency-version: 29.2.0+incompatible dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Modified to fetch the root file system archive for 3.22.2. `riscv64` is now a first class citizen. Cleaned up code for that reality. Built all three architectures, and used to build boot strap `alpine` containers for each supported architecture. Signed-off-by: Gerald (Bob) Lee <bob@famleehouse.net>
Updated the `Dockerfile` and scripts to reference 3.22 not 3.16. Used `tools/alpine-tools/alpine_migrate.py` to create the package lists in `mirrors` for `3.22`. Retaining the 3.16 package lists for future work on component packages. Package notes: + dhclinet package replaced with busybox `udhcpc`, package `dhcpcd`. + libacl provided by `acl` package (`libacl.so.1`) + icu-data not in list, but replaced with `icu-data-full` - full is full char set, provide `icu-data-en` english/GB only + libc-dev now is `musl-dev` + py3-pep517 replaced by `p3-gpep517` + py3-contextlib2 is now part of the standard library + pkg-config replaced by `pkgconf` + ifupdown-any replaced by `ifupdown-ng` + lsl22 (integer set lib) replaced by `isl25` + libproc replaced by libproc2 (or so it seems) + libcrypto1.1 replace by `libcrypto3` + libssl1.1 replaced by `libssl3` + ppp-passprompt removed as security problem (CVE-2024-58250) + openssh-client replaced with `openssh-client-default` + The following moved from main to community `vde2-libs` + The following packages moved from community to main `fmt` `iw` `libbpf` `libbpf-dev` `pahole` `py3-html5lib` `py3-gpep517` `py3-webencodings` `rdfind` The build process calls out a number of missing packages, and libraries. These are often false negatives. Used `https://pkgs.alpinelinux.org/contents` to determine the package providing the object. The use docker to run the alpine package (`make alpine-cache-export-docker-load`) where an `apk info <package name>` Built all three architectures. Signed-off-by: Gerald (Bob) Lee <bob@famleehouse.net>
of previous commit Signed-off-by: Christoph Ostarek <christoph@zededa.com>
Update to version of bpftrace to 0.23.3, add more llvm packages, and updated the patches for this version. The last patch file is no longer applicable (BTF_KIND_ENUM64 - function that used it was elminated). Had to add some more llvm20 packages (i.e. dev, gtest, static, and test-utils). Builds for all three architectures. Build alpine-base, alpine, storage-init, recovertpm, bpftrace -- in that order. Signed-off-by: Gerald (Bob) Lee <bob@famleehouse.net>
instead of commenting out code, code should be deleted Signed-off-by: Christoph Ostarek <christoph@zededa.com>
add necessary alpine packages needed for the cross-compilers package Signed-off-by: Christoph Ostarek <christoph@zededa.com>
Updated items built within the container, that is `muscl` version to 1.2.5, `lshw` version to 2.20, and `openssh` to 10.0p1`. We download the sources from a `Debian` mirror. This appearsd to be more trusted than `mucl.libc.org`. That assumption should be tested someday (is it still valid?). `abuild` has changed such that a step that a failed `apk add` did not "fail" the `docker` step, needed to mask that new failure. (step is repeated in the Dockerfile, with require `--allow-trusted` argument). Updated to the latest from alpine musl ABUILD file (updated patches, and such). `lshw` insured that all patches are factored in, keeping a fix by Rene. `https://ezix.org/src/pkg/lshw` appears to be the currently active git repository, continued to download tar file. `hexedit` built, so I left it alone. Need to check for fixes. `openssh` the file `/usr/src/ssh/RELEASE_KEY.asc` no longer found. Needed to ADD it from the openssh web site. Signed-off-by: Gerald (Bob) Lee <bob@famleehouse.net>
Often fails verify of the openssh source tar file trying to get a lock. Appears that the import has not completed when the verify starts (at least not released the lock). Inserting a `RUN sleep 5` between the operations passed consistently. Further, tried putting them on a single RUN line (must exit and have result examined). Build consistently work. Signed-off-by: Gerald (Bob) Lee <bob@famleehouse.net>
- fix compiling tpm2 - replace dhclient with dhcpcd as dhclient is no more available in alpine packages Signed-off-by: Christoph Ostarek <christoph@zededa.com>
to the same version we bump everything else Signed-off-by: Christoph Ostarek <christoph@zededa.com>
- add packages needed for new alpine - update aports to alpine 3.22.3 - add needed distfiles for building aports - add workaround for building for armhf Signed-off-by: Christoph Ostarek <christoph@zededa.com>
add necessary packages and cflags Signed-off-by: Christoph Ostarek <christoph@zededa.com>
newer gcc complains and errors out with: ``` 26 19.38 INSTALL out/arm/export-ta_arm64/ta/f04a0fe7-1f5d-4b9b-abf7-619b85b4ce8c.ta 26 19.40 ld.bfd: warning: out/arm/core/all_objs.o has a LOAD segment with RWX permissions 26 19.47 GEN out/arm/core/unpaged_entries.txt 26 19.47 GEN out/arm/core/init_entries.txt 26 19.47 LD out/arm/core/unpaged.o 26 19.48 UPD out/arm/core/.buildcount 26 19.49 GEN out/arm/core/version.o 26 19.50 LD out/arm/core/init.o 26 19.55 ld.bfd: warning: out/arm/core/unpaged.o has a LOAD segment with RWX permissions 26 19.56 GEN out/arm/core/text_unpaged.ld.S 26 19.56 GEN out/arm/core/rodata_unpaged.ld.S 26 19.58 ld.bfd: warning: out/arm/core/init.o has a LOAD segment with RWX permissions 26 19.59 GEN out/arm/core/text_init.ld.S 26 19.60 GEN out/arm/core/rodata_init.ld.S 26 19.63 CPP out/arm/core/kern.ld 26 19.65 LD out/arm/core/tee.elf 26 19.77 ld.bfd: warning: out/arm/core/tee.elf has a LOAD segment with RWX permissions 26 19.84 make: *** [core/arch/arm/kernel/link.mk:167: out/arm/core/tee.elf] Error 1 ``` Signed-off-by: Christoph Ostarek <christoph@zededa.com>
in order to make it compile similar to pkg/optee-os Signed-off-by: Christoph Ostarek <christoph@zededa.com>
busybox adds 'vi' Signed-off-by: Christoph Ostarek <christoph@zededa.com>
This reverts commit 4c0c966. Signed-off-by: Christoph Ostarek <christoph@zededa.com>
to save a lot of space as it brings in libLLVM Signed-off-by: Christoph Ostarek <christoph@zededa.com>
in order to save space Signed-off-by: Christoph Ostarek <christoph@zededa.com>
use `unsigned int` here to avoid compiler error Signed-off-by: Christoph Ostarek <christoph@zededa.com>
this is currently broken and probably needs updated gcc/binutils (according to https://www.mail-archive.com/grub-devel@gnu.org/msg36136.html ) Signed-off-by: Christoph Ostarek <christoph@zededa.com>
it is what it is Signed-off-by: Christoph Ostarek <christoph@zededa.com>
this has been kept for easier transition, but can go away now Signed-off-by: Christoph Ostarek <christoph@zededa.com>
this PR needs a bit more disk space will be reverted shortly before merging into master or shortly after Signed-off-by: Christoph Ostarek <christoph@zededa.com>
The eve job was rebuilding arm64 packages from scratch instead of using the ones already built by the packages job. Investigating the root cause revealed several interrelated issues. 1. Redundant 'pkgs' target in the eve build command The eve job ran 'make pkgs eve', but the packages job already builds and caches all packages. Since the eve job restores the cache first, the 'pkgs' target should be a no-op. Removed it. 2. arm64 packages were never restored from cache The cache restore logic had a conditional: if the runner arch matched the matrix arch, it skipped both clearing the linuxkit cache and restoring the target arch cache. The assumption was that the first cache restore (for tool images) already had the right packages. But that first restore always fetched the amd64 generic cache — even on arm64 runners. So arm64 jobs were left with amd64 packages in the cache, and 'make pkgs' (issue #1) was silently rebuilding everything for arm64. 3. Tool images were hardcoded to amd64 The cache key for loading tool images (mkconf, mkimage-raw-efi, mkrootfs-squash, etc.) into docker was hardcoded to amd64. On arm64 runners this is wrong — they need arm64 tool images. Since for native builds the target cache already contains these tools, we now load them directly from the target cache. The two-cache dance (load tools from one arch, then restore packages from another) is only needed for riscv64 cross-builds on amd64. 4. The 'rt' platform maps to generic packages No build-rt.yml files exist anywhere in pkg/, so PLATFORM=rt produces identical packages to PLATFORM=generic. Rather than adding a redundant amd64/rt entry to the packages matrix, we map 'rt' to 'generic' in the cache key. The fix simplifies the eve job's cache handling: - Native builds (amd64, arm64): restore target cache, load tools, build - Cross-builds (riscv64): restore amd64 cache, load tools, clear, restore riscv64 cache, build The "Arch Runner is Matrix" step is removed as it is no longer used. Signed-off-by: Paul Gaiduk <paulg@zededa.com> (cherry picked from commit e1cc105)
they use newer alpine Signed-off-by: Christoph Ostarek <christoph@zededa.com>
this updates the dependencies of the packages to use the newest version Signed-off-by: Christoph Ostarek <christoph@zededa.com>
christoph-zededa
requested review from
OhmSpectator,
europaul,
rene and
rucoder
as code owners
rene
approved these changes
Mar 11, 2026
christoph-zededa
force-pushed
the
bump_alpine-3.22
branch
from
6ab2b85 to
b2b27aa
Compare
Author
|
has to be done from a different branch |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
9 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
just for testing