Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pre LXD 5.21.3 LTS (5.21-candidate) #649

Merged
merged 73 commits into from
Dec 13, 2024

Conversation

tomponline
Copy link
Member

Syncs relevant changes from 5.21-edge channel plus bumps LXD to latest commit in stable-5.21 branch.

@tomponline tomponline self-assigned this Dec 13, 2024
@tomponline tomponline changed the title Pre LXD 5.21.3 (5.21-candidate) Pre LXD 5.21.3 LTS (5.21-candidate) Dec 13, 2024
mihalicyn and others added 27 commits December 13, 2024 12:59
It's a fix for a build failure on s390:
Installing build-packages
Cannot find package listed in 'build-packages': acpica-tools
Full execution log: '/root/.local/state/snapcraft/log/snapcraft-20240621-073250.087743.log'
Build failed

Reason is that, in Ubuntu 24.04 acpica-tools package is not available for s390:
https://packages.ubuntu.com/noble/acpica-tools
compare with:
https://packages.ubuntu.com/jammy/acpica-tools

Let's workaround this by preventing build packages installation
for any architectures other than amd64/arm64. It's safe, because
we only build edk2 for these two architectures.

Signed-off-by: Alexander Mikhalitsyn <[email protected]>
(cherry picked from commit a0e011e)
(cherry picked from commit 8d8f8f4)
(cherry picked from commit 784c1e8)
snapcraft syntax a little bit unobvious, and it turned out that:
- on amd64,arm64:
means AND and not OR. Which is obviously wrong. Let's workaround this.

Fixes: a0e011e ("snapcraft: install edk2 build dependencies only when needed")

Signed-off-by: Alexander Mikhalitsyn <[email protected]>
(cherry picked from commit b57a131)
(cherry picked from commit 712aad5)
(cherry picked from commit aa86ac1)
Only for core24.

Signed-off-by: Alexander Mikhalitsyn <[email protected]>
(cherry picked from commit 5910450)
(cherry picked from commit 9c5f5f2)
(cherry picked from commit 84310da)
Signed-off-by: Alexander Mikhalitsyn <[email protected]>
(cherry picked from commit dacdab2)
(cherry picked from commit 56cebc0)
(cherry picked from commit 6cd9c43)
Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit 0eb7b80)
(cherry picked from commit ee8ea0e)
(cherry picked from commit dfd9984)
…Device Interface spec generation

Signed-off-by: Gabriel Mougard <[email protected]>
(cherry picked from commit 2b7129f)
(cherry picked from commit a787d81)
(cherry picked from commit 2346b0e)
Signed-off-by: Kadin Sayani <[email protected]>
(cherry picked from commit bf88064)
(cherry picked from commit 335da20)
(cherry picked from commit 280bba9)
This is merely cosmetic/for logical correctness as the end result is the same.

Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit f2c08e2)
(cherry picked from commit 1bb52fc)
(cherry picked from commit 60e2bf8)
Signed-off-by: Kadin Sayani <[email protected]>
(cherry picked from commit 245e9e1)
(cherry picked from commit 28a3e19)
(cherry picked from commit 431e913)
Signed-off-by: Thomas Parrott <[email protected]>
(cherry picked from commit 30a24f3)
(cherry picked from commit 7028637)
(cherry picked from commit dfced97)
Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit d320669)
(cherry picked from commit ae55cae)
(cherry picked from commit 18ff376)
Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit b3a2abe)
(cherry picked from commit 2aaa937)
(cherry picked from commit 2f587d9)
This is in preparation for it being used as a container stop hook helper to allow
it to be called across snap base changes without depending in libs from the core snaps.

Signed-off-by: Thomas Parrott <[email protected]>
(cherry picked from commit 2c18445)
(cherry picked from commit a762038)
(cherry picked from commit a292485)
Signed-off-by: Thomas Parrott <[email protected]>
(cherry picked from commit 6a1f4c2)
(cherry picked from commit 9794f7b)
(cherry picked from commit 0a15504)
Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit dec20d9)
(cherry picked from commit fc454f3)
(cherry picked from commit 63d6c74)
Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit 4632170)
(cherry picked from commit f579ab7)
(cherry picked from commit e585e1d)
Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit 9e84fc5)
(cherry picked from commit f0677f6)
(cherry picked from commit f5384b3)
Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit 236d626)
(cherry picked from commit 4af31f3)
(cherry picked from commit a2f6fa0)
(cherry picked from commit ed62bb3)
(cherry picked from commit fdc5b8f)
(cherry picked from commit 2022fe8)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@eef6144...11bd719)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
(cherry picked from commit 35ef0ce)
(cherry picked from commit 722ead6)
(cherry picked from commit 2734983)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@0a12ed9...41dfa10)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
(cherry picked from commit 2b51aa3)
(cherry picked from commit 8e42500)
(cherry picked from commit 6b3a0a7)
Also drop `g` flag as those `key = value` only occur once per line anyway.

Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit 35b74b3)
(cherry picked from commit 8be31ec)
(cherry picked from commit 90b8130)
Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit b773a48)
(cherry picked from commit f1cf00a)
(cherry picked from commit f7f37ee)
Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit 98f2c84)
(cherry picked from commit cca1852)
(cherry picked from commit ba9d698)
Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit f31dbaf)
(cherry picked from commit 878ed1f)
(cherry picked from commit fca4829)
…touched

Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit ec03f70)
(cherry picked from commit dd19380)
(cherry picked from commit 5702570)
Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit eeffd46)
(cherry picked from commit eaa6524)
(cherry picked from commit 024fa96)
tomponline and others added 24 commits December 13, 2024 12:59
Signed-off-by: Thomas Parrott <[email protected]>
Signed-off-by: Thomas Parrott <[email protected]>
Signed-off-by: Thomas Parrott <[email protected]>
Signed-off-by: Thomas Parrott <[email protected]>
Signed-off-by: Thomas Parrott <[email protected]>
Signed-off-by: Thomas Parrott <[email protected]>
Signed-off-by: Thomas Parrott <[email protected]>
Signed-off-by: Din Music <[email protected]>
(cherry picked from commit a621f7c)
Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit 17a958e)
And switch to source-commit.

Signed-off-by: Thomas Parrott <[email protected]>
(cherry picked from commit 0a1f1d5)
And switch to source-commit.

Signed-off-by: Thomas Parrott <[email protected]>
(cherry picked from commit 814a4cd)
Re-order to sync with 5.21-edge branch.

Signed-off-by: Thomas Parrott <[email protected]>
Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit 8bf3fc9)
(cherry picked from commit 2dfd4eb)
Most of the `lxc` command uses don't require escaping the Apparmor profile.
However, executing an editor (`lxc config edit`) or interacting with the VGA
console (`lxc console --type=vga`) among other things requires the escaping.

Rather than escaping at the begining and re-exec'ing the `lxc` wrapper script,
let's escape just when calling the actual command. The aim is to avoid the
overhead of calling `/bin/sh` again and rechecking the Apparmor label.

Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit 323ae72)
(cherry picked from commit e296652)
Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit d7b61f4)
(cherry picked from commit 1b3b6c1)
Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit ff81d50)
(cherry picked from commit dc91675)
Conditionally calling `aa-exec -p unconfined` was useful only when re-exec'ing
the whole wrapper script. It's not needed now that only the `${LXC}` binary is
executed unconfined.

Signed-off-by: Simon Deziel <[email protected]>
(cherry picked from commit 9bde3c0)
(cherry picked from commit cbc3961)
Signed-off-by: Thomas Parrott <[email protected]>
Signed-off-by: Thomas Parrott <[email protected]>
@tomponline tomponline marked this pull request as ready for review December 13, 2024 13:06
@tomponline tomponline merged commit 59a9517 into canonical:5.21-candidate Dec 13, 2024
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants