Containers only
To improve the sysupgrade security and reproducibility I decided to use containers instead of running the ImageBuilders bare-metal. The advantage is that broken or malicious packages have a harder time breaking the server itself. Previously package post-install script could modify anything on the server.
With this approach I also added the possibility to add external package feeds that are trusted. To do so a client may request extra repositories by supplying repositories and repository_keys in a request. Details are available in the OpenAPI specifications.
With all the great stuff of containers and Podman, whenever Podman acts up the server is broken so I spent quite some time restarting dead Podman sockets or cleaning left-over containers which wouldn't be cleaned up (contrary the API docs).
All in all I'm happy with the change and suggest everyone to use this release instead of the old one.
What's Changed
- build: use podman for image creation by @aparcar in #478
- minor fixups of podman-compose by @aparcar in #510
- api: use generic images for armsr target by @mcbridematt in #519
- Multiple fixes to make Podman work and simplify the setup by @aparcar in #577
- fix: correctly handle rc container names by @aparcar in #578
- build: store request in job for easier debugging by @aparcar in #580
- drop flask-cors package by @aparcar in #582
- poetry: update by @aparcar in #583
- sign created images after build by @aparcar in #587
- janitor: don't delete old images by @aparcar in #589
- workarounds for next release by @aparcar in #602
- Add 23.05.0 stable release by @vincejv in #606
- fix package adding with diff_packages: False by @aparcar in #627
- add package_changes.py by @aparcar in #637
- branches: add 23.05.2 by @dgilman in #657
- openapi.yml: fix "defaults" maxLength documentation by @bam80 in #693
- Update README.md by @UltraHKR in #721
New Contributors
- @mcbridematt made their first contribution in #519
- @vincejv made their first contribution in #606
- @dgilman made their first contribution in #657
- @bam80 made their first contribution in #693
- @UltraHKR made their first contribution in #721
Full Changelog: v0.7.20...v0.8.0
