-
Notifications
You must be signed in to change notification settings - Fork 935
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Better DNS persistence solution for systemd #14572
Conversation
We can now check `can_view`, `can_edit`, and `can_delete` against the backup/snapshot itself. We should do so to more accurately reflect the authorization model. Signed-off-by: Mark Laing <[email protected]>
Signed-off-by: Mark Laing <[email protected]>
Signed-off-by: Mark Laing <[email protected]>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.1 to 3.27.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@4f3212b...ea9e4e3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps google.golang.org/protobuf from 1.35.1 to 1.35.2. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [github.com/zitadel/oidc/v3](https://github.com/zitadel/oidc) from 3.32.1 to 3.33.1. - [Release notes](https://github.com/zitadel/oidc/releases) - [Changelog](https://github.com/zitadel/oidc/blob/main/.releaserc.js) - [Commits](zitadel/oidc@v3.32.1...v3.33.1) --- updated-dependencies: - dependency-name: github.com/zitadel/oidc/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [github.com/go-acme/lego/v4](https://github.com/go-acme/lego) from 4.19.2 to 4.20.2. - [Release notes](https://github.com/go-acme/lego/releases) - [Changelog](https://github.com/go-acme/lego/blob/master/CHANGELOG.md) - [Commits](go-acme/lego@v4.19.2...v4.20.2) --- updated-dependencies: - dependency-name: github.com/go-acme/lego/v4 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
(cherry picked from commit d098f463f7538a4b332e457bbb5e6ea473ef1536) License: Apache-2.0
Signed-off-by: Mark Laing <[email protected]>
Signed-off-by: Simon Deziel <[email protected]>
…14481) Bumps google.golang.org/protobuf from 1.35.1 to 1.35.2. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/protobuf&package-manager=go_modules&previous-version=1.35.1&new-version=1.35.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.1 to 3.27.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.27.4</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>3.27.4 - 14 Nov 2024</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.27.4/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.27.3</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>3.27.3 - 12 Nov 2024</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.27.3/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.27.2</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>3.27.2 - 12 Nov 2024</h2> <ul> <li>Fixed an issue where setting up the CodeQL tools would sometimes fail with the message "Invalid value 'undefined' for header 'authorization'". <a href="https://redirect.github.com/github/codeql-action/pull/2590">#2590</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.27.2/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.27.4 - 14 Nov 2024</h2> <p>No user facing changes.</p> <h2>3.27.3 - 12 Nov 2024</h2> <p>No user facing changes.</p> <h2>3.27.2 - 12 Nov 2024</h2> <ul> <li>Fixed an issue where setting up the CodeQL tools would sometimes fail with the message "Invalid value 'undefined' for header 'authorization'". <a href="https://redirect.github.com/github/codeql-action/pull/2590">#2590</a></li> </ul> <h2>3.27.1 - 08 Nov 2024</h2> <ul> <li>The CodeQL Action now downloads bundles compressed using Zstandard on GitHub Enterprise Server when using Linux or macOS runners. This speeds up the installation of the CodeQL tools. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2573">#2573</a></li> <li>Update default CodeQL bundle version to 2.19.3. <a href="https://redirect.github.com/github/codeql-action/pull/2576">#2576</a></li> </ul> <h2>3.27.0 - 22 Oct 2024</h2> <ul> <li>Bump the minimum CodeQL bundle version to 2.14.6. <a href="https://redirect.github.com/github/codeql-action/pull/2549">#2549</a></li> <li>Fix an issue where the <code>upload-sarif</code> Action would fail with "upload-sarif post-action step failed: Input required and not supplied: token" when called in a composite Action that had a different set of inputs to the ones expected by the <code>upload-sarif</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2557">#2557</a></li> <li>Update default CodeQL bundle version to 2.19.2. <a href="https://redirect.github.com/github/codeql-action/pull/2552">#2552</a></li> </ul> <h2>3.26.13 - 14 Oct 2024</h2> <p>No user facing changes.</p> <h2>3.26.12 - 07 Oct 2024</h2> <ul> <li> <p><em>Upcoming breaking change</em>: Add a deprecation warning for customers using CodeQL version 2.14.5 and earlier. These versions of CodeQL were discontinued on 24 September 2024 alongside GitHub Enterprise Server 3.10, and will be unsupported by CodeQL Action versions 3.27.0 and later and versions 2.27.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2520">#2520</a></p> <ul> <li> <p>If you are using one of these versions, please update to CodeQL CLI version 2.14.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</p> </li> <li> <p>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.13.5 and 2.14.5, you can replace <code>github/codeql-action/*@V3</code> by <code>github/codeql-action/*@v3.26.11</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.26.11</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</p> </li> </ul> </li> </ul> <h2>3.26.11 - 03 Oct 2024</h2> <ul> <li> <p><em>Upcoming breaking change</em>: Add support for using <code>actions/download-artifact@v4</code> to programmatically consume CodeQL Action debug artifacts.</p> <p>Starting November 30, 2024, GitHub.com customers will <a href="https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/">no longer be able to use <code>actions/download-artifact@v3</code></a>. Therefore, to avoid breakage, customers who programmatically download the CodeQL Action debug artifacts should set the <code>CODEQL_ACTION_ARTIFACT_V4_UPGRADE</code> environment variable to <code>true</code> and bump <code>actions/download-artifact@v3</code> to <code>actions/download-artifact@v4</code> in their workflows. The CodeQL Action will enable this behavior by default in early November and workflows that have not yet bumped to <code>actions/download-artifact@v3</code> to <code>actions/download-artifact@v4</code> will begin failing then.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/ea9e4e37992a54ee68a9622e985e60c8e8f12d9f"><code>ea9e4e3</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2605">#2605</a> from github/update-v3.27.4-3ab67a219</li> <li><a href="https://github.com/github/codeql-action/commit/845ea9230baa1c02f895802221f61eb448caa267"><code>845ea92</code></a> Update changelog for v3.27.4</li> <li><a href="https://github.com/github/codeql-action/commit/3ab67a21932f9425e7dca53353787b8dda8e89d9"><code>3ab67a2</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2597">#2597</a> from github/mbg/caching/output-improvements</li> <li><a href="https://github.com/github/codeql-action/commit/6e3a010dfe7e41114c548b680d885bbd55b2834e"><code>6e3a010</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2583">#2583</a> from jsoref/use-artifact-4</li> <li><a href="https://github.com/github/codeql-action/commit/1c83cd12920695d0a30eb88c71a10f79f5ae22b4"><code>1c83cd1</code></a> Upgrade actions/upload-artifact to v4</li> <li><a href="https://github.com/github/codeql-action/commit/024283fcc9914a2f29343fa25558256c1799501f"><code>024283f</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2602">#2602</a> from github/mergeback/v3.27.3-to-main-396bb3e4</li> <li><a href="https://github.com/github/codeql-action/commit/613fe96926eddbad17ae49a608c6cd6fb07c4d10"><code>613fe96</code></a> Update checked-in dependencies</li> <li><a href="https://github.com/github/codeql-action/commit/e35d4aa1da5d4ef385c387ee6ad1f286494398f5"><code>e35d4aa</code></a> Update changelog and version after v3.27.3</li> <li><a href="https://github.com/github/codeql-action/commit/396bb3e45325a47dd9ef434068033c6d5bb0d11a"><code>396bb3e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2601">#2601</a> from github/update-v3.27.3-f04790367</li> <li><a href="https://github.com/github/codeql-action/commit/2b1319450a8536cc55c2629acf08b8de0d6974fc"><code>2b13194</code></a> Update changelog for v3.27.3</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/4f3212b61783c3c68e8309a0f18a699764811cda...ea9e4e37992a54ee68a9622e985e60c8e8f12d9f">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.27.1&new-version=3.27.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
…14482) Bumps [github.com/zitadel/oidc/v3](https://github.com/zitadel/oidc) from 3.32.1 to 3.33.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/zitadel/oidc/releases">github.com/zitadel/oidc/v3's releases</a>.</em></p> <blockquote> <h2>v3.33.1</h2> <h2><a href="https://github.com/zitadel/oidc/compare/v3.33.0...v3.33.1">3.33.1</a> (2024-11-13)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>op:</strong> add scope to access token scope (<a href="https://redirect.github.com/zitadel/oidc/issues/664">#664</a>) (<a href="https://github.com/zitadel/oidc/commit/897c720070c0cca82f8b898b5f8db53c73f54881">897c720</a>)</li> </ul> <h2>v3.33.0</h2> <h1><a href="https://github.com/zitadel/oidc/compare/v3.32.1...v3.33.0">3.33.0</a> (2024-11-12)</h1> <h3>Features</h3> <ul> <li><strong>pkg/op:</strong> allow custom SupportedScopes (<a href="https://redirect.github.com/zitadel/oidc/issues/675">#675</a>) (<a href="https://github.com/zitadel/oidc/commit/8afb8b8d5fb036b2688b773596d5dd992ba63cf5">8afb8b8</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/zitadel/oidc/commit/897c720070c0cca82f8b898b5f8db53c73f54881"><code>897c720</code></a> fix(op): add scope to access token scope (<a href="https://redirect.github.com/zitadel/oidc/issues/664">#664</a>)</li> <li><a href="https://github.com/zitadel/oidc/commit/8afb8b8d5fb036b2688b773596d5dd992ba63cf5"><code>8afb8b8</code></a> feat(pkg/op): allow custom SupportedScopes (<a href="https://redirect.github.com/zitadel/oidc/issues/675">#675</a>)</li> <li><a href="https://github.com/zitadel/oidc/commit/87ab01115708a2a05c20cfd26db82cc7e0e8e338"><code>87ab011</code></a> chore(deps): bump golang.org/x/oauth2 from 0.23.0 to 0.24.0 (<a href="https://redirect.github.com/zitadel/oidc/issues/676">#676</a>)</li> <li><a href="https://github.com/zitadel/oidc/commit/f194951e6194c49f643106c2cc970edbdc9e99ea"><code>f194951</code></a> chore(deps): bump golang.org/x/text from 0.19.0 to 0.20.0 (<a href="https://redirect.github.com/zitadel/oidc/issues/677">#677</a>)</li> <li>See full diff in <a href="https://github.com/zitadel/oidc/compare/v3.32.1...v3.33.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/zitadel/oidc/v3&package-manager=go_modules&previous-version=3.32.1&new-version=3.33.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
…14483) Bumps [github.com/go-acme/lego/v4](https://github.com/go-acme/lego) from 4.19.2 to 4.20.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-acme/lego/releases">github.com/go-acme/lego/v4's releases</a>.</em></p> <blockquote> <h2>v4.20.2</h2> <h2>Changelog</h2> <ul> <li>98371c46 feat: attempt to check ARI unless explicitly disabled (<a href="https://redirect.github.com/go-acme/lego/issues/2298">#2298</a>)</li> <li>faf1e0d5 docs: update least privilege instructions for Cloudflare (<a href="https://redirect.github.com/go-acme/lego/issues/2339">#2339</a>)</li> <li>06dfe51e docs: add documentation for env var only options (<a href="https://redirect.github.com/go-acme/lego/issues/2337">#2337</a>)</li> <li>2b08b83a feat: skip the TLS verification of the ACME server (<a href="https://redirect.github.com/go-acme/lego/issues/2335">#2335</a>)</li> <li>4efd1e17 Add DNS provider for Technitium (<a href="https://redirect.github.com/go-acme/lego/issues/2332">#2332</a>)</li> <li>f514292c rfc2136: add support for tsig-keygen generated file (<a href="https://redirect.github.com/go-acme/lego/issues/2330">#2330</a>)</li> <li>f8db5548 regru: update authentication method (<a href="https://redirect.github.com/go-acme/lego/issues/2325">#2325</a>)</li> <li>815c61ac docs: use homogenous examples (<a href="https://redirect.github.com/go-acme/lego/issues/2328">#2328</a>)</li> <li>67230e26 cloudxns: provider deprecation (<a href="https://redirect.github.com/go-acme/lego/issues/2324">#2324</a>)</li> <li>af7e2edd brandit: provider deprecation (<a href="https://redirect.github.com/go-acme/lego/issues/2116">#2116</a>)</li> <li>40bf2b0e selectelv2: fix non-ASCII domain (<a href="https://redirect.github.com/go-acme/lego/issues/2322">#2322</a>)</li> <li>9c876033 Add DNS provider for Regfish (<a href="https://redirect.github.com/go-acme/lego/issues/2320">#2320</a>)</li> <li>aef89706 fix: parse printf verbs in log line output (<a href="https://redirect.github.com/go-acme/lego/issues/2317">#2317</a>)</li> <li>48af0d20 chore: update readme generator (<a href="https://redirect.github.com/go-acme/lego/issues/2311">#2311</a>)</li> <li>008c817f Add DNS provider for Core-Networks (<a href="https://redirect.github.com/go-acme/lego/issues/2101">#2101</a>)</li> <li>19b535ca limacity: fix error message (<a href="https://redirect.github.com/go-acme/lego/issues/2310">#2310</a>)</li> <li>6051473f volcengine: set API information within the default configuration (<a href="https://redirect.github.com/go-acme/lego/issues/2308">#2308</a>)</li> <li>895a9535 feat: improve propagation check error messages (<a href="https://redirect.github.com/go-acme/lego/issues/2306">#2306</a>)</li> <li>ee445c0c fix: variomedia documentation (<a href="https://redirect.github.com/go-acme/lego/issues/2304">#2304</a>)</li> <li>755164c9 Add DNS provider for Timeweb Cloud (<a href="https://redirect.github.com/go-acme/lego/issues/2301">#2301</a>)</li> <li>ad96d61c Add DNS provider for Volcano Engine (<a href="https://redirect.github.com/go-acme/lego/issues/2282">#2282</a>)</li> <li>e67b8ea2 feat: generate User-Agent for DNS API clients (<a href="https://redirect.github.com/go-acme/lego/issues/2293">#2293</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/go-acme/lego/blob/master/CHANGELOG.md">github.com/go-acme/lego/v4's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/go-acme/lego/releases/tag/v4.20.2">v4.20.2</a> (2024-11-11)</h2> <h3>Added</h3> <ul> <li><strong>[dnsprovider]</strong> Add DNS provider for Technitium</li> <li><strong>[dnsprovider]</strong> Add DNS provider for Regfish</li> <li><strong>[dnsprovider]</strong> Add DNS provider for Timeweb Cloud</li> <li><strong>[dnsprovider]</strong> Add DNS provider for Volcano Engine</li> <li><strong>[dnsprovider]</strong> Add DNS provider for Core-Networks</li> <li><strong>[dnsprovider]</strong> rfc2136: add support for tsig-keygen generated file</li> <li><strong>[cli]</strong> Add option to skip the TLS verification of the ACME server</li> <li>Add documentation for env var only options</li> </ul> <h3>Changed</h3> <ul> <li><strong>[cli,ari]</strong> Attempt to check ARI unless explicitly disabled</li> <li><strong>[dnsprovider]</strong> Improve propagation check error messages</li> <li><strong>[dnsprovider]</strong> cloudxns: provider deprecation</li> <li><strong>[dnsprovider]</strong> brandit: provider deprecation</li> </ul> <h3>Fixed</h3> <ul> <li><strong>[dnsprovider]</strong> regru: update authentication method</li> <li><strong>[dnsprovider]</strong> selectelv2: fix non-ASCII domain</li> <li><strong>[dnsprovider]</strong> limacity: fix error message</li> <li><strong>[dnsprovider]</strong> volcengine: set API information within the default configuration</li> <li><strong>[log]</strong> Parse printf verbs in log line output</li> </ul> <h2>v4.20.1 (2024-11-11)</h2> <p>Cancelled due to CI failure.</p> <h2>v4.20.0 (2024-11-11)</h2> <p>Cancelled due to CI failure.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-acme/lego/commit/400c2c572cbcd413b177e61fc20ff895e6853116"><code>400c2c5</code></a> Prepare release v4.20.2</li> <li><a href="https://github.com/go-acme/lego/commit/1225d05a2b24ceeb8dd75e5e485c0a828ac2a1fd"><code>1225d05</code></a> Detach v4.20.1</li> <li><a href="https://github.com/go-acme/lego/commit/b3dc8bcedb6e2960c5c09c2bd98c6d2d00858a16"><code>b3dc8bc</code></a> Prepare release v4.20.1</li> <li><a href="https://github.com/go-acme/lego/commit/947e09824f9759b62b4cc01b50dab5298e7a1a6d"><code>947e098</code></a> Detach v4.20.0</li> <li><a href="https://github.com/go-acme/lego/commit/f999e16cd5202cde66b57840acc53fc5ebf3fc11"><code>f999e16</code></a> Prepare release v4.20.0</li> <li><a href="https://github.com/go-acme/lego/commit/c17ca37e48eacfc8f661adcc648d854cb7ee4a80"><code>c17ca37</code></a> chore: update linter (<a href="https://redirect.github.com/go-acme/lego/issues/2341">#2341</a>)</li> <li><a href="https://github.com/go-acme/lego/commit/a7aaae4abe850dce463b27010724bf899b3a7895"><code>a7aaae4</code></a> chore: domain merge simplification (<a href="https://redirect.github.com/go-acme/lego/issues/2340">#2340</a>)</li> <li><a href="https://github.com/go-acme/lego/commit/98371c4695dd4e45d7458d8ba42272f6fa0c625d"><code>98371c4</code></a> feat: attempt to check ARI unless explicitly disabled (<a href="https://redirect.github.com/go-acme/lego/issues/2298">#2298</a>)</li> <li><a href="https://github.com/go-acme/lego/commit/faf1e0d56a23a936bb515ee8811a87926c88a58c"><code>faf1e0d</code></a> docs: update least privilege instructions for Cloudflare (<a href="https://redirect.github.com/go-acme/lego/issues/2339">#2339</a>)</li> <li><a href="https://github.com/go-acme/lego/commit/06dfe51e17a17f8d9cb727ce544af2a02b860d7c"><code>06dfe51</code></a> docs: add documentation for env var only options (<a href="https://redirect.github.com/go-acme/lego/issues/2337">#2337</a>)</li> <li>Additional commits viewable in <a href="https://github.com/go-acme/lego/compare/v4.19.2...v4.20.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-acme/lego/v4&package-manager=go_modules&previous-version=4.19.2&new-version=4.20.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Two commits were identified as potential imports in #13311: The first commit adds a function `blockNodeName` which hashes block node names if they exceed 31 characters. The second commit applies the node name overflow function when adding a QEMU config to a drive. @simondeziel pointed out that we already have a function `qemuDeviceNameOrID` so this PR just adds missing node name overflow handling.
Sometimes it needs to modify them. Signed-off-by: Thomas Parrott <[email protected]>
restore-keys will get the latest cache with a key that has the specified prefix Signed-off-by: hamistao <[email protected]>
Signed-off-by: hamistao <[email protected]>
Sometimes it needs to modify them. Related to fixing tests on #14388
Signed-off-by: Thomas Parrott <[email protected]>
Signed-off-by: Thomas Parrott <[email protected]>
Requires go 1.23. Signed-off-by: Thomas Parrott <[email protected]>
This runs the panic checker against all currently running LXD daemons. Signed-off-by: Mark Laing <[email protected]>
This commit reverts any changes made to the current directory in any test suites. Signed-off-by: Mark Laing <[email protected]>
Signed-off-by: Mark Laing <[email protected]>
Signed-off-by: Mark Laing <[email protected]>
Signed-off-by: Thomas Parrott <[email protected]>
Requires Go 1.23 as min go version.
This reverts commit 5ecafb1. Signed-off-by: Thomas Parrott <[email protected]>
Mention the noble package in the virt-v2v docs section. I removed the note about `virtio-win` as the LP source package [is empty](https://launchpad.net/ubuntu/+source/virtio-win); if that package is accessible to customers or I'm missing something I'm happy to reintroduce that bit. Doclint failures are `Bare URL` warnings because of the terminal output; not sure how to silence.
…14417) Fixes the second bug raised in #14266. This PR adds a setting, `ownership.inherit` for `unix-hotplug` devices and a function `unixDeviceOwnership()` which returns device ownership. New behaviour: - The default setting for `ownership.inherit` is `false`; - When `ownership.inherit` is set to `true`, the device ownership is inherited from the host; - `ownership.inherit` cannot be set to `true` when `gid` and `uid` are set. Existing behaviour (unchanged): - When `gid` and `uid` are set, they are used for device ownership; - If `gid` and `uid` are not present in the config, root (0) ownership is used.
Signed-off-by: Kadin Sayani <[email protected]>
Signed-off-by: Kadin Sayani <[email protected]>
…amples Signed-off-by: Kadin Sayani <[email protected]>
Signed-off-by: Kadin Sayani <[email protected]>
) Resolves #14373. This PR adds a `subsystem` device option for `unix-hotplug` devices, allowing `subsystem` to be used to detect devices. Summary of changes: - Adds api extension `unix_device_hotplug_subsystem_device_option`; - Adds support for matching unix devices by `subsystem`; - Cleans up matching logic in `unixHotplugDeviceMatch` function; - Documentation updates to `devices_unix_hotplug.md.
Please may you open this against the main branch first for the current LXD series rather than stable-5.0? |
doc/howto/network_bridge_resolved.md
Outdated
|
||
You can automate the `systemd-resolved` DNS configuration, so that it is applied on system start and takes effect when LXD creates the network interface. | ||
|
||
To do so, create a `systemd` network file named `/etc/systemd/network/<network_bridge>.network` with the following content: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
While testing this, I couldn't make it work. Could it be because the lxdbr0.network
is not managed by systemd-networkd
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tested it on a fresh install, and you are right in the sense that it doesn't get automatically noticed (but works reliably after a reboot).
But of course that's an unelegant solution. Apparently doing networkctl reload
puts lxdbr0
in a managed (configured
) state, and also the systemd-resolved
config also looks correct after that, but the routing to the 10.x.x..1
IP is not working yet at that point, so it needs a bit of exploration what unholy parts of systemd need to be kicked for it to properly work.
I'll amend this when I'm re-opening the PR against the right branch, as @tomponline requested.
Follow-up from #14573 Signed-off-by: Wesley Hershberger <[email protected]>
Follow-up from #14573
…erver configuration. Signed-off-by: Mark Laing <[email protected]>
…erver configuration (#14580) This check is already performed in the `authorization` suite but isn't actually being performed in the `tls_restrictions` suite. We do already have unit tests that show that a restricted client certificate does not have `can_edit` on `server` (required for viewing server configuration), but this is a good thing to triple check.
Signed-off-by: Simon Deziel <[email protected]>
… channels Signed-off-by: Simon Deziel <[email protected]>
Signed-off-by: Simon Deziel <[email protected]>
Signed-off-by: Simon Deziel <[email protected]>
Signed-off-by: Simon Deziel <[email protected]>
Signed-off-by: Simon Deziel <[email protected]>
…al` function Signed-off-by: Kadin Sayani <[email protected]>
…hen LXD is clustered Signed-off-by: Din Music <[email protected]>
…stered (#14586) Thanks to @escabo for reporting the issue where conversion fails if LXD is clustered and supports API extension `instance_import_conversion`. Not sure how this slipped through for such a long time. Seems I have messed something up when juggling with commit order on initial implementation, as I remember configuring this. Anyway, the issue is detection of suitable architecture, where source type was not matched with any case resulting in an error: ``` Error: Unknown instance source type "conversion" ```
@kkovacs now that you want your changes to be incorporated into the main branch, you need to update the I tried doing it for you but then it tells me there are no new commit as if you had not included your new contribution in what you just pushed. |
Thanks for that, yes, something is strange, github said my branch is ~6000 commits ahead :) I'll recreate the whole branch+PR after I figure out the answer to the "what needs to be restarted" question. |
Updated documentation with a non-oneshot solution to configure systemd's resolvectl on the host machine to be able to resolve LXD containers by name.