Skip to content

Latest commit

 

History

History
123 lines (109 loc) · 11.3 KB

CHANGELOG.md

File metadata and controls

123 lines (109 loc) · 11.3 KB

ros_buildfarm CHANGELOG

This file is used to list changes made in each version of the ros_buildfarm cookbook.

0.5.1

  • Update plugins to resolve security issues. #94
  • Add certificate update hook script for acme.sh. #95
    • Always force the renewing of the acme certificate with extra guards.
    • Add a TODO noting when the Le_ReloadCmd guard clause can be removed.
    • Test exact reloadcmd match.
    • Use correct base64 encoded script.
  • Bump to pulp_rsync 0.0.3 #100
  • Update pulp base image to use Alma Linux. #99
  • Break out of the loop when timeout is exceeded. #103
  • Add an SSH publish endpoint for CI archives. #104
  • Update tested chef version to 17. #105
    • Update jenkins cookbook to latest.
    • Use chef 17 in CI workflows.
  • Bundle publish-over-ssh plugin. #106
  • Block potentially abusable publish-over-ssh connection test url.
  • Bump addressable from 2.7.0 to 2.8.0
  • Update structs plugin version.
  • Update seccomp profile to moby/moby 20.10.12. #109
  • Add letsencrypt support for the repository host. #110
    • Add ros_buildfarm.repo.server_name attribute.
    • Extract acme.sh installation into a recipe.
    • Add letsencrypt support for repo host.
    • As of acme 3.0 letsencrypt is no longer the default but is still selectable.
  • Build the pulp docker image in its own directory. #111
  • Switch from Pulp to createrepo-agent for RPMs #116
  • Add RHEL 9 repositories. #125
  • Only delete S.gpg-agent if it is a symlink. #128
  • Push out expiration of test keys. #131
  • Constrain python packages to the versions last successfully deployed. #130
    • Apply and use constraints file in Docker build.
    • pulp-rsync can't be listed in the constraints file.
  • Change default config for unattended upgrades. #132
  • Pin the last Jenkins package which uses sysvinit scripts. #119
    • Add a convoluted hold and runtime check to prevent Jenkins downgrade.
    • Update jenkins cookbook to fix upstream GPG key change.
    • Make this weird case a fatal error rather.
  • Use cinc for test kitchen. #133
    • Use cinc rather than chef workstation to run tests.
  • Comment out de-listed plugin for Windows agent support. #138

0.5.0

  • Update xunit and plugin dependencies for Jenkins 2.277 compatibility. #89
  • Use systemd to manage GPG vault socket directory. #92
  • Update plugins to address security advisories. #91
  • Update debug output in GitHub Actions CI. #71
  • Update Jenkins plugins for tables-to-divs changes and security advisories. #93

0.4.0

  • Support RHEL repositories in upload script. #86
  • Add pulp_rsync cotnent endpoint. #81
  • Add support for upstream RPM repositories. #83
  • Use forked systemd-docker repository. #80
  • Add documentation annotations to attributes. #44
  • Use per-environment entries for secret text credentials. #78
  • Add pulp_base_url credential. #76
  • Add optional username for Jenkins password credentials. #75
  • Add credentials-binding Jenkins plugin. #73
  • Initialize empty RPM repositories. #67
  • Restart pulp services immediately after changes. #64
  • Add group_execute resource to execute commands within the context of auxiliary groups. #54
  • Enable metadata signing in pulp. #61
  • Change the pulp user to a system user with no shell. #51
  • Force pulp to republish when signing service changes. #58
  • Grant the pulp user access to the gpg vault. #60
  • Fix the pulp repository name for debug repos. #59
  • Use gpg.conf for the gpg-vault. #53
  • Use gpg -K to initialize GNUPGHOME #52
  • Use shellescape to escape the pulp password argument. #56
  • Address yamllint warnings. #62
  • Add pulp services in Docker to repo host. #50
  • Add redirects from pulp services. #48

0.3.0

  • Add smtp server support on Jenkins role using postfix and opendkim. #9
  • Add reprepro-updater and apt repository management. #8
  • Add jenkins user to docker group for jobs run on the Jenkins master executor. #14
  • Fix Jenkins server name not being set due to non-matching attributes. #13
  • Update acme.sh resources so they are only run when needed. #10
  • Update publish-over-ssh configuration to match what Jenkins generates. #11
  • Update jenkins plugins for various security issues. #16
  • Add Heavy Job jenkins plugin. #17
  • Add rsync and rsync endpoint configuration to repo role. #20
  • Add gpg-vault user and configuration which will eventually be used for RPM repositories. #19
  • Remove deprecated plugins that have been removed from the Jenkins update center. #23
  • Update Jenkins cookbook dependency to target upstream and pin. #24 #35
  • Disable unused CRI containerd plugin #26
  • Fix typo in attribute name preventing the correct executor count. #29
  • Improve reverse proxy configuration for Jenkins. #27
  • Add ros_buildfarm_secret_text_credentials data bag and use it for the GitHub Pull Request Builder plugin. #32
  • Update ros_buildfarm_jenkins_scripts data bag to expect environment-specific keys. #25
  • Improve upload_trigger configuration. #30
  • Add container registry cache on repository role. #28
  • Update documentation for local development. #37
  • Update jenkins role-related attribute names. #31
  • Fix credential errors by purging fingerprint directory. #33
  • Check the signature of the ROS bootstrap repository on import. #36
  • Restart dockerd when containerd is restarted. #34
  • Install pulp client packages on agent role. #41
  • Add custom seccomp profile for Docker. #39
  • Add docker cleanup script. #40
  • Update private key credentials data bag to expect environment-specific keys. #42
  • Store Jenkins credentials in a file rather than in the environment. #45
  • Set HOME variable during acme.sh usage in case chef is run by non-root user. #43

0.2.0

First release with three recipes for the three different machine types.

0.1.0

Initial release.

  • Add recipe for linux agents.