Commits · 748db419c1ea35e53b10374f012f193b60e3e187 · Romain Courteaud / slapos

12 Apr, 2021 7 commits

software/seleniumserver: add a promise to wait for all nodes to register · 748db419

Jérome Perrin authored Apr 09, 2021

We are sometimes seeing test failures when nodes can not register before the
beginning of the test, this promise make sure the grid is ready to use.

748db419

component/chromedriver: add missing libX11 in wrapper script · 2ff4cc36

Jérome Perrin authored Apr 08, 2021

This was using system library.

     ldd ./parts/chromedriver-2.41/chromedriver
             linux-vdso.so.1 (0x00007ffc4b738000)
             libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f2aa9e46000)
             libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f2aa9e25000)
             librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x00007f2aa9e1b000)
             libglib-2.0.so.0 => /lib/x86_64-linux-gnu/libglib-2.0.so.0 (0x00007f2aa9cfc000)
             libX11.so.6 => not found
             libnss3.so => not found
             libnssutil3.so => not found
             libnspr4.so => not found
             libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f2aa9b77000)
             libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007f2aa9b5d000)
             libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f2aa999c000)
             /lib64/ld-linux-x86-64.so.2 (0x00007f2aa9e53000)
             libpcre.so.3 => /lib/x86_64-linux-gnu/libpcre.so.3 (0x00007f2aa9928000)

2ff4cc36

component/proftpd: add libzstd in rpath for mod_auth_web · 10b439ba

Jérome Perrin authored Apr 12, 2021

mod_auth_web uses libcurl. Since 83f5929e (component/curl: version up 7.76.0,
including security fixes., 2021-04-07), our curl build depends on zstd.
Apply similar fix that 2f4d8cf8 (component/apache-php: fix missing libzstd, 2021-04-09),
ie. add zstd to rpath

10b439ba

Theia update to 1.12.1 · a7549af3

Jérome Perrin authored Apr 12, 2021

update theia and some dependencies, including:
 - theia-open which should no longer segfault
 - buildout language server which should not report so many false positives

See merge request nexedi/slapos!958

a7549af3

software/cloudooo: don't set buildout options in software type profile · a7cfee5d
Jérome Perrin authored Apr 08, 2021
```
These options are propagated by the switch_softwaretype recipe
```
a7cfee5d
fixup! erp5/upgrade_test: update old software release with postfix disabled · e68e2428
Jérome Perrin authored Apr 12, 2021
```
forgot to update commit old software URL to point to the tag instead of the
work-in-progress branch used to test the commit.
```
e68e2428
erp5/upgrade_test: update old software release with postfix disabled · d2d4d112
Jérome Perrin authored Apr 08, 2021
```
see bd1b1928 (component/postfix: disable build on Linux >= 5, 2021-04-08)
```
d2d4d112

09 Apr, 2021 15 commits
- component/apache-php: fix missing libzstd · 2f4d8cf8
  Lu Xu authored Apr 09, 2021
  
  2f4d8cf8
- re6stnet: the registry will do geoip location · 873a49f6
  Julien Muchembled authored Apr 09, 2021
  
  873a49f6
- re6stnet: fix backup cron · 4bbd1089
  Julien Muchembled authored Apr 08, 2021
  
  4bbd1089
- re6stnet: fix PATH of registry service · 66ab3f75
  Julien Muchembled authored Apr 08, 2021
```
supervisord unsets PATH and execvp falls back on the default value
  /bin:/usr/bin
```
  66ab3f75
- Feature/kvm whitelist firewall · 72782b62
  Łukasz Nowak authored Apr 09, 2021
```
See merge request nexedi/slapos!930
```
  72782b62
- kvm: Implement whitelist firewall · 97225683
  Łukasz Nowak authored Mar 08, 2021
```
Sources of domains and IPs are:

 * default hardcoded in template/whitelist-domains-default
 * /etc/resolv.conf
 * provided in the request
 * provided in the special downloadble repository

Then they are parsed with dnsresolver and .slapos-whitelist-firewall file is
produced with list of IPs to be whitelisted.

This allows slapos.core whitelistfirewall manager to lock-down the partition
to only whitelisted list of IPs.
```
  97225683
- stack/slapos: Version up slapos.toolbox · d6249e21
  Łukasz Nowak authored Mar 29, 2021
```
Provides dnsresolver tool.
```
  d6249e21
- stack/slapos: Version up subprocess32 · 1367059a
  Łukasz Nowak authored Mar 25, 2021
  
  1367059a
- Fix/kvm passed parameter · d77444b1
  Łukasz Nowak authored Apr 09, 2021
```
See merge request nexedi/slapos!950
```
  d77444b1
- kvm: Review test for default instance · b6abea25
  Łukasz Nowak authored Apr 06, 2021
  
  b6abea25
- kvm: Protect against buildout-unfriendly values · 49872dd2
  Łukasz Nowak authored Apr 06, 2021
```
Even if boot-image-url-select is not designed to contain bad values, they can
happen, so add protection just like with boot-image-url-list.
```
  49872dd2
- kvm: Use locally provided fake boot images · 2f2597d1
  Łukasz Nowak authored Apr 01, 2021
```
Real images are not needed, so avoid big downloads from external resources and
just provide it via local http server.
```
  2f2597d1
- kvm: Adapt boot-image-url for "kvm: Fix kvm-resilient usage" · 73e6c34c
  Łukasz Nowak authored Mar 30, 2021
  
  73e6c34c
- kvm: Protected parameters passed in buildout · 10f69193
  Łukasz Nowak authored Mar 26, 2021
```
Parameters coming from the user can result in having incorrect buildout
profile so dumps them for safety.
```
  10f69193
- kvm: Fix kvm-resilient usage · 60f31cdd
  Łukasz Nowak authored Mar 25, 2021
```
instance-kvm-export.cfg were copying parts defined in instance-kvm.cfg, but as
the latter one was evolving a lot, it was missing features.

For simplicity let instance-kvm.cfg expose the parts in a way, that
instance-kvm-export.cfg can blindly append the to list of own parts, as it has
to support resiliency exporter by itself.
```
  60f31cdd
08 Apr, 2021 1 commit

component/postfix: use openssl 1.1 again · 59a85166

Jérome Perrin authored Apr 08, 2021

Now that we updated postfix, we can use default openssl

According to http://www.postfix.org/announcements/postfix-3.1.2.html

> Fixed with Postfix 3.1.2:
> Changes to make Postfix build with OpenSSL 1.1.0.

59a85166

07 Apr, 2021 14 commits
- golang: v↑ go1.15 (1.15.10 -> 1.15.11) · 944edd5e
  Kirill Smelkov authored Apr 07, 2021
```
Going Go1.15.10 -> Go1.15.11 brings in fixes to compiler, runtime and stdlib:

https://golang.org/doc/devel/release.html#go1.15.minor

Tested on helloworld SR (by adjusting it to use go1.15 instead of go1.16).
```
  944edd5e
- golang: v↑ go1.16 (1.16.2 -> 1.16.3) · a3c2a4a0
  Kirill Smelkov authored Apr 07, 2021
```
Going Go1.16.2 -> Go1.16.3 brings in fixes to compiler, runtime and stdlib:

https://golang.org/doc/devel/release.html#go1.16.minor

Tested on helloworld SR.
```
  a3c2a4a0
- re6stnet: clean-up & backup · 6f2caaa2
  Julien Muchembled authored Apr 07, 2021
```
See merge request nexedi/slapos!940
```
  6f2caaa2
- component/gcc: workaround to compile gcc on Olimex board · b4823d48
  Léo-Paul Géneau authored Feb 22, 2021
```
Gcc fails to recognize hard-float kernel on Olimex-Lime2 board.

For that reason gcc is automatically compiled using soft-float
convention and causes a failure.
```
  b4823d48
- re6stnet: move registry conf to a more appropriate place · aad7050a
  Julien Muchembled authored Apr 07, 2021
  
  aad7050a
- re6stnet: do not let the registry listen to ipv6 · 9fc19401
  Julien Muchembled authored Apr 07, 2021
```
The only purpose of Apache is to protect the registry process
from public internet, because we don't trust Python2 HTTP layer.
```
  9fc19401
- re6stnet: add cron task to backup registry.db · 673572ef
  Julien Muchembled authored Mar 21, 2021
  
  673572ef
- re6stnet: switch to development mode · 63015188
  Julien Muchembled authored Mar 21, 2021
  
  63015188
- re6stnet: srv/res6stnet/registry -> srv/re6stnet · a1ed9c30
  Julien Muchembled authored Mar 21, 2021
  
  a1ed9c30
- re6stnet: softwaretype -> switch-softwaretype · eae6e174
  Julien Muchembled authored Mar 21, 2021
  
  eae6e174
- re6stnet: remove SSL support for registry · f3726080
  Julien Muchembled authored Mar 21, 2021
```
The re6st registry is designed to work with plain HTTP
because it does authentication & encryption internally.
```
  f3726080
- re6stnet: clean-up · 095d9a30
  Julien Muchembled authored Mar 21, 2021
  
  095d9a30
- component/curl: version up 7.76.0, including security fixes. · 83f5929e
  Kazuhiko Shiozaki authored Apr 07, 2021
  
  83f5929e
- stack/caucase: Version up caucase 0.9.10 · d4e8d9e1
  Vincent Pelletier authored Apr 07, 2021
  
  d4e8d9e1
06 Apr, 2021 3 commits
- software/theia: version up Theia 1.12.1 · 0e62f4f0
  Jérome Perrin authored Apr 06, 2021
  
  0e62f4f0
- software/theia: use more strict file permissions · 33003088
  Jérome Perrin authored Apr 06, 2021
```
Eventhough "others" can not enter the parent directory, there was no reason
to have such open permissions
```
  33003088
- software/theia: version up theia-open 0.4.2 · 312496cc
  Jérome Perrin authored Apr 06, 2021
```
The client side was reimplemented in node, to workaround segmentation faults
with python/ncurses.
```
  312496cc