Skip to content

v0.8.0 - Containers only

Latest
Compare
Choose a tag to compare
@aparcar aparcar released this 05 Feb 10:36
· 214 commits to main since this release

Containers only

To improve the sysupgrade security and reproducibility I decided to use containers instead of running the ImageBuilders bare-metal. The advantage is that broken or malicious packages have a harder time breaking the server itself. Previously package post-install script could modify anything on the server.

With this approach I also added the possibility to add external package feeds that are trusted. To do so a client may request extra repositories by supplying repositories and repository_keys in a request. Details are available in the OpenAPI specifications.

With all the great stuff of containers and Podman, whenever Podman acts up the server is broken so I spent quite some time restarting dead Podman sockets or cleaning left-over containers which wouldn't be cleaned up (contrary the API docs).

All in all I'm happy with the change and suggest everyone to use this release instead of the old one.

What's Changed

New Contributors

Full Changelog: v0.7.20...v0.8.0