Skip to content

Releases: coreos/rpm-ostree

Release 2023.11

30 Nov 01:47
8dfc819
Compare
Choose a tag to compare

This is a smaller release. Notable new features and bug fixes are:

  • rpm-ostree now supports adding generic container configs #4701
  • rpm-ostree now adds padding between dracut's initramfs and random CPIO #4683
Colin Walters (10):
      Update to ostree-ext 0.12.5
      daemon: Make one bit of C++ code compatible with f38+f39 clang-format
      ci/test-container: Drop modularity tests in F39
      ci/test-container: Update for f39
      Remove layering-modules test
      tests: Add f39 compatibility
      tests/container-build-integration: Use testing-devel
      tests: Skip tests that need the fix for https://github.com/systemd/systemd/issues/29275
      lib: Update ostree-ext
      compose: Add support for specifying image config

Hongxu Jia (2):
      correct bash completion
      src/app/libmain.cxx: correct output of rpm-ostree compose -h

Jonathan Lebon (6):
      tests/layering-fedorainfra: update bodhi/koji URLs for f39
      tests/libtest: drop BuildArch from spec file for test RPMs
      ci: bump vmcheck timeout to 1 hour
      ci: cancel previous build on PR update
      lockfile: add SRPM name in metadata field
      libpriv/kernel: Add padding between dracut initramfs and random CPIO

Joseph Marrero (1):
      Stop vendoring bootc

New Contributors

Full Changelog: v2023.10...v2023.11

Release 2023.10

26 Oct 19:43
Compare
Choose a tag to compare

This is a re-release of 2023.9 with the correct version number.

This release has a variety of smaller fixes and cleanups, plus one new opt-in new feature to ensure the SELinux labels for /usr/etc are the same as /etc, which is important for enabling "transient etc" with ostree.

Full Changelog: v2023.8...v2023.9

Release 2023.8

27 Sep 21:11
Compare
Choose a tag to compare

The biggest feature in this release is support for
rpm-ostree upgrade --check when using a container flow;
this should unblock GUI tools like Plasma Discover and gnome-software
which want to check for updates and prompt the user for downloads.

There's a variety of other smaller bugfixes and features and internal
cleanups.

Colin Walters (32):
      daemon/search: Fix memory leaks
      Bump to containers-image-proxy 0.5.5
      search: Fix a NULL ptr deref with zero terms
      packaging: Write to target/
      ci: Add autovendor flow
      sysroot: Silence clang-analyzer warning
      pkg-builtins: Add assertions to quiet clang-analyzer
      ci/autovendor: Make it work
      cxx: Regenerate
      install/uninstall: Error out with --enablerepo on booted host
      Update to ostree-ext 0.11.6
      Remove unreferenced container images in cleanup, not rebase
      core: Print total imported
      core: Include repo name in download error
      core: Add warning when we have pkgs to download in cache-only mode
      scripts: Also ignore kernel-64k scripts
      ci: Run cosa unprivileged
      docs: Add bootc
      Pin bootc to a git tag
      lib: Update to bootc 0.1.1 (ostree-ext 0.12, cap-std-ext 3.x)
      lockfile: Port away from deprecated chrono method
      composepost: Use O_TMPFILE, not memfd
      rust: Drop dependency on `memfd`
      compose-image: Add `--initialize-mode`
      Port a few things from nix to rustix
      gitmodules: Switch to github for libglnx
      container: Make `rpmostree.inputhash` optional
      Update to ostree-ext 0.12.1
      build-sys: Hard require ostree 2023.6
      core: Add composefs digest for local commits too
      Update to ostree-ext 0.12.2
      Release 2023.8

CoreOS Bot (1):
      Sync repo templates ⚙

Jonathan Lebon (5):
      Cargo.toml: specify `nix` features to use
      core: Convert path to ostree convention when deleting
      tests/libvm.sh: Support `VMIMAGE` override
      tests/vmcheck: Add container-selinux hack in selinux override test
      libpriv/core: Tolerate rpmdb vs on-disk file type mismatch

Joseph Marrero (1):
      ci: update ignition on test-container test

Luke Yang (1):
      Add `container upgrade --check` function

dependabot[bot] (29):
      build(deps): bump openssl from 0.10.56 to 0.10.57
      build(deps): bump tokio from 1.29.1 to 1.32.0
      build(deps): bump camino from 1.1.4 to 1.1.6
      build(deps): bump serde_json from 1.0.104 to 1.0.105
      build(deps): bump rustix from 0.37.20 to 0.38.3
      build(deps): bump nix from 0.26.2 to 0.26.4
      build(deps): bump regex from 1.9.3 to 1.9.5
      build(deps): bump tempfile from 3.7.1 to 3.8.0
      build(deps): bump cxx-build from 1.0.105 to 1.0.107
      build(deps): bump libglnx from `c02eb59` to `54ad67d`
      build(deps): bump libc from 0.2.146 to 0.2.147
      build(deps): bump serde from 1.0.179 to 1.0.188
      build(deps): bump clap from 4.3.21 to 4.4.2
      build(deps): bump indicatif from 0.17.5 to 0.17.6
      build(deps): bump either from 1.8.1 to 1.9.0
      build(deps): bump chrono from 0.4.26 to 0.4.30
      build(deps): bump cxx from 1.0.105 to 1.0.107
      build(deps): bump libc from 0.2.147 to 0.2.148
      build(deps): bump rustix from 0.38.3 to 0.38.13
      build(deps): bump indoc from 2.0.3 to 2.0.4
      build(deps): bump nix from 0.26.4 to 0.27.1
      build(deps): bump anyhow from 1.0.71 to 1.0.75
      build(deps): bump libglnx from `54ad67d` to `aff1eea`
      build(deps): bump rustix from 0.38.13 to 0.38.14
      build(deps): bump serde_yaml from 0.9.21 to 0.9.25
      build(deps): bump clap from 4.4.2 to 4.4.4
      build(deps): bump rayon from 1.7.0 to 1.8.0
      build(deps): bump reqwest from 0.11.18 to 0.11.20
      build(deps): bump indicatif from 0.17.6 to 0.17.7

v2023.7

26 Aug 22:01
886325b
Compare
Choose a tag to compare

Release 2023.7

This is a bugfix release that includes:

  • A bootc-lib fix for containers/bootc#112 which was breaking our builds.
  • The fix for #4508 which caused segfaults when any flag was passed between the rpm-ostree command and usroverlay option.
Colin Walters (3):
      man: Describe GPG key behavior
      main: Move usroverlay parsing back to C++ consistently
      usroverlay: Pass arguments to `ostree admin unlock`

Joseph Marrero (1):
      Update bootc-lib

Full Changelog: v2023.6...v2023.7

v2023.6

25 Aug 21:00
00a1eb6
Compare
Choose a tag to compare

v2023.6

Release 2023.6

This version of rpm-ostree contains numerous bug fixes and enhancements. Notable features are:

  • rpm-ostree now supports the "search" verb allowing users to use rpm-ostree to search for available packages. An example of this is: rpm-ostree search *kernel

  • We now generate composefs metadata if ostree was compiled with support for composefs

  • rpm-ostree now vendors bootc, and this functionality can be accessed by creating a symlink ln -sr /usr/bin/rpm-ostree /usr/bin/bootc
    This is an experimental feature for now.

Alexander Larsson (1):
      commit: Always enable generation pf composefs metadata if possible

Colin Walters (9):
      postprocess: Use --refresh now
      container: Clarify error for nonexistent previous manifest file
      client: Add an error prefix in deployment path
      main: Update ostree-ext, add provisional-repair entrypoint
      Bump to ostree-ext 0.11.4
      Revert "main: Drop deprecated `container-encapsulate` entrypoint"
      Use cap-tempfile via cap-std-ext
      status: Fix possibly uninitialized warning
      Bump to ostree-ext 0.11.5

Eric Curtin (1):
      kernel: Specify multiple kernel or initramfs in error message

Felix Yan (1):
      docs: correct a typo in Makefile.am

Huijing Hei (4):
      sysuers: fix error if running `groupadd` with `-f`
      passwd: Rename func `data_from_json` to `write_data_from_treefile` and add comment
      passwd: sync `etc/{,g}shadow` according to `etc/{passwd,group}`
      passwd: add `enum PasswdKind`

Joseph Marrero (4):
      ci/test-container.sh: use f37 ignition for replace test
      rust/src/main.rs: Add bootc entry point
      .cci.jenkinsfile: up build pod memory to 6GB
      scripts: also ignore kernel-debug-modules.posttrans

Luke Yang (2):
      Add a `search` CLI verb and DBus API
      Add `kola` tests and fix `Name & Summary` search

Timothée Ravier (2):
      docs: Document ostree native container URL format
      packaging/spec.in: Enable rpm-ostree-countme.timer following presets

New Contributors

Full Changelog: v2023.5...v2023.6

v2023.5

21 Jun 13:20
526ea97
Compare
Choose a tag to compare

New features

rpm-ostree can now directly pull container images from containers-storage (e.g. the result of podman build):
rpm-ostree rebase ostree-unverified-image:containers-storage:localhost/mytestimage

Other changes

Adam0Brien (2):
      Add --force-replacefiles to docs/administrator-handbook.md
      Add --force-replacefile to man page

Colin Walters (13):
      daemon: Never do interactive auth for RegisterClient
      Port to clap v4
      compose: Oxidize bits propagating `core.fsync`
      compose: Also propagate ex-{fsverity,composefs}
      build-sys: Use new `tier = 2` from cargo-vendor-filterer
      compose: Adapt to composefs change with `ex-integrity` group
      tests/container-image: Revert use of automatic upgrade trigger
      core: Error out instead of aborting on reinstalls
      importer: Drop non-root files in CPIO check
      tests: Use `-p qemu` for cosa
      Bump to ostree-ext 0.11.1
      Drop isolation when fetching from containers-storage:
      deploy-from-self: Add some error prefixing

Joseph Marrero (2):
      packaging/rpm-ostree.spec.in: use SPDX license identifier
      Release 2023.5

Luke Yang (2):
      Added more override examples
      Sorted builtin commands alphabetically

RishabhSaini (2):
      Update to ostree-ext 0.20, cap-std-ext 2.0
      container: Add --previous-build-manifest

New Contributors

Full Changelog: v2023.4...v2023.5

2023.4

18 May 16:21
Compare
Choose a tag to compare

Probably the biggest thing here is a fix for
#4284
which affects Fedora Silverblue users.

User visible changes

Notable bugfixes

Other changes

New Contributors

Full Changelog: v2023.3...v2023.4

v2023.3

24 Apr 18:04
07f029e
Compare
Choose a tag to compare

Notable changes this release:

Client

  • New --enablerepo, --disablerepo, --setreleasever options on the cli. These allow
    users to enable specific repositories and set releasever when installing packages.

Daemon:

  • Unconditionally authorize uid 0 first - unconditionally query the credentials via dbus-{daemon,broker} first, this should avoid errors that can occur if polkit isn't installed or running.
Colin Walters (13):
      main: Don't use timestamps and colors in tracing logs when running in systemd
      cached-sigs: Be compatible with `cosa build-fast`
      libtest: Hack around regression in journalctl
      tests/layering-fedorainfra: Bump to newer systemd
      core: Don't try to load rpm IMA sigs client side unless requested
      main: Don't write colors to non-ttys
      Bump tokio to 1.26
      daemon: Unconditionally authorize uid 0 first
      progress: Add more logging/tracing
      console: Also print which task is being overwritten
      build: Allow GLib 2.70, also `-Wno-error=deprecated-declarations`
      Cargo.lock: Bump many dependencies
      deny: Allow Unicode-DFS-2016

Jan Macku (2):
      ci: trigger `differential-shellcheck` workflow on `push`
      ci(fix): add missing permissions - `security-events`

Joseph Marrero (8):
      rust/src/scripts: ignore rt and automotive debug scripts.
      tests/vmcheck/test-override-kernel: account for kernel-modules-core
      treefile: Add enablerepo/disablerepo/setreleasever cli options
      treefile: cleanup enable_repo function
      test-container: Add test for enablerepo,disablerepo and releasever
      ci: Make sure cxx code is clang-formatted
      ci: Update tests for Fedora 38
      Release 2023.3

Timothée Ravier (1):
      docs: Use upstream theme & update to 0.4.1

Full Changelog: v2023.2...v2023.3

v2023.2

06 Mar 20:42
Compare
Choose a tag to compare

Notable changes this release:

Client

  • New --compare-with-build option on the cli Uses the ostree container library to compare OCI compliant images.

Compose

  • New --copy-retry-times option to specify the amount of times we retry when copying images fails.

Daemon:

  • Support LockLayering=true configuration option that provides an easy way for a sysadmin to disable all package layering and initramfs customizations.
  • Use a socket in /run, require non-abstract. The new glib changed to use non-abstract sockets by default, which broke us.
Colin Walters (11):
      Update ostree-ext, use version API
      compose/image: Add `--copy-retry-times`
      core: Add some more debugging and error info around repos
      treefile: Return `.` instead of `""` for parent directory
      ci: Stop using Fedora 32
      main: Drop deprecated `container-encapsulate` entrypoint
      Drop `ex-container` entrypoint
      daemon: Use a socket in `/run`, require non-abstract
      ci: Use `cosa kola` to properly set `ARTIFACT_DIR`
      spec: Add `Requires: /usr/bin/setpriv`
      Bump ostree-ext

Jonathan Lebon (1):
      Support `LockLayering=true` config knob

Joseph Marrero (1):
      rust/src/scripts.rs: ignore posttrans for kernel-rt-core

RishabhSaini (1):
      Add --compare-with-build to cli Uses the ostree container library to comapre OCI compliant images

Thorsten Leemhuis (1):
      docs: adjust to new location of kernel-vanilla-repos

Full Changelog: v2023.1...v2023.2

v2023.1

16 Jan 20:55
v2023.1
Compare
Choose a tag to compare

Client

  • Log when a client joins an existing transaction.
  • Fix local initramfs regeneration on systems composed with
    boot-location: new.
  • Fix container flow in Turkish locales ( #4237 )

Compose

  • Loosen lockfile semantics so that a missing locked package does not trigger
    an error unless the compose requires it.
  • Drop support for locking by source packages.

Internals

  • Update workflow actions to Fedora 37.
  • Replace unmaintained actions-rs/toolchain with dtolnay/rust-toolchain.
  • Add more error-prefixing in passwd, kernel, and cleanup-related paths.
  • Add container-based upgrade test via Prow.
Benjamin Gilbert (2):
      workflows: update actions to current major versions
      workflows: replace actions-rs/toolchain with dtolnay/rust-toolchain

Colin Walters (8):
      ci: Add infrastructure for use with Prow upgrade testing
      passwd: Add various error prefixing
      sysroot: Log when client joins an existing transaction
      Update to ostree-ext 0.10.4
      tests/upgrades: Disable zincati
      Add a `try_fail_point!` macro and use it in more places
      kernel: Add some error prefixing
      cleanup: Add some error prefixing

Jonathan Lebon (11):
      core: Disable modules earlier
      core: Allow lockfiles to reference missing package names
      libpriv/kernel: fix kver parsing from vmlinuz in /boot and /usr/lib/ostree-boot
      .gitignore: add clangd-related files
      compose: Drop support for `source-packages` in lockfiles
      core: Further loosen lockfile handling
      Revert ".gitignore: add clangd-related files"
      Release 2023.1