Skip to content

Releases: kairos-io/kairos

v3.2.4

17 Dec 11:07
Compare
Choose a tag to compare

What's Changed

Highlights:

  • Bumps kairos-agent to v2.15.5
  • Processes datasources in all cases except UKI normal boot to prevent malicious actors from pluging USB sticks with additional configuration after installation (#3035)
  • Fixes machine-id in alpine (#3066)
  • Bumps k3s patch versions
  • Various dependency version bumps (see below)

More:

v3.2.3

14 Nov 10:29
068f9c3
Compare
Choose a tag to compare

✨ Improvements

  • Mainly bugfixes and dependency bumps across the aisle
  • Upgrading to v3.2.3 from Kubernetes was fixed #3010
  • Updated Yip across all packages to v1.12.0 which brings some nice improvements
    • Timesyncd now writes the config to an override instead of removing the default config file
    • User recreation now tries to get more info about the UID if the user previously existed in order to use the same UID
    • Stages that take too long to execute now will log every 10 seconds to let the user now that the stage is stillbeing executed

⬆️ Dependencies

kairos-framewok was updated from v2.15.3 to v2.15.4 which brought the following updates (only showing updated packages):

Package Old version New version
suc-upgrade 0.3.0 0.3.1
immucore 0.6.0 0.6.1
kairos-agent 2.15.3 2.15.4

Notables changes in the packages:

  • suc-upgrade:
    • Fixes a wrong path when checking for kairos-release/os-release on kubernetes upgrade #3010
  • immucore:
  • kairos-agent:
    • Respect user defined/default sizes on upgrade instead of defaulting to the image size
    • Fix partitioner on disks with sector size other than 512
    • Fix and validate schema for disk devices
    • Enable debug logs asap, so yip calls via the agent also have the debug level if requested
    • Dependency bumps, including yip from v1.11.0 to v1.12.0

Full Changelog: v3.2.2...v3.2.3

v3.2.2

12 Nov 15:15
a0c3578
Compare
Choose a tag to compare

Caution

We have identified a potential issue when upgrading from older versions into 3.2.2 via Kubernetes with suc-upgrade
If your upgrade scenario is via Kubernetes, we recommend NOT upgrading to this version and waiting for v3.2.3 which should be release between the 13th and 14th of November as a follow up to this release.
If you still need to upgrade, check #3010 for a workaround

✨ Improvements

  • Move kairos vars to their own file by @Itxaka in #2908
    • Now all the kairos vars are stored into /etc/kairos-release to not contaminate the system os-release
  • Add ubuntu 24.10 flavor by @mauromorales in #2930
    • Now you can enjoy the latest 24.10 ubuntu released in Kairos fashion
  • Build Ubuntu 24.04 Standard Image UKI on Github by @bencorrado in #2940
    • Now the released UKI base images provide a standard image that contains K3S for ease of consuming and generating Trusted Boot images.
  • Yip was updated across the system to version v1.11.0 which brings:
    • New trace level log output for extra logs
    • Move some logs from debug to trace to make debug logs clearer
    • Add missing name to stages that didnt have names for easy identification of the steps
    • Dont log empty command output
    • Do not duplicate errors when logging out
    • Nicer steps dump when running on debug
    • On failures print the source file for the errored step
  • Kairos-agent now allows installing a system with no users.
    • Can be enabled by setting the install.nousers to true
    • This will install a system with no users, thus blocked from sshing into it or login via physical methods
  • Kairos-agent now checks the system configurations to validate user+admin
    • At least one user needs to be added to the configs
    • At least one user needs to be in the admin group
    • Our configs set a Kairos user by default but this might change int he future and no users may be shipped by default, so we may consider the default kairos user bundled with our configs deprecated
    • This check can be skipped by the new setting install.nousers

⬆️ Dependencies

kairos-framewok was updated from v2.12.4 to v2.14.3 which brought the following updates (only showing updated packages):

Package Old version New version
suc-upgrade 0.2.3 0.3.0
kairos-overlay-files 1.1.58 1.5.1
immucore 0.5.1 0.6.0
kairos-agent 2.14.7 2.15.3

Notables changes in the packages:

  • suc-upgrade:
    • Will try to read the current release from /etc/kairos-release instead of /etc/os-release
  • immucore:
    • Dependency bumps, including yip from v1.10.0 to v1.11.0 which includes a nicer log output and mentioning the sources for stages on failures.
  • kairos-overlay-files:
    • Use /etc/kairos-release instead of /etc/os-release
    • Drop duplicated entries in defautl cmdlines
    • Drop duplicated filesystem expansion step
    • Pull datasources only during Install
  • kairos-agent:
    • Use /etc/kairos-release instead of /etc/os-release
    • Allow to install with no users by setting the install.nousers key to true in the config file. This allows to install a system with zero default users.
    • Validate that we have users in the config files and at least 1 is admin during install and upgrade to avoid installing/upgrading a system with no users and being locked out of the system. Can be override witht he above install.nousers key.
    • Read actual system configs during k8s upgrade. During k8s upgrade we were scanning the upgraded container for cloud config files, which skipped the actual system files.
    • Dependency bumps, including yip from v1.10.0 to v1.11.0 which includes a nicer log output and mentioning the sources for stages on failures.

New Contributors

Full Changelog: v3.2.1...v3.2.2

v3.2.1

07 Oct 08:11
Compare
Choose a tag to compare

What's Changed

✨ Improvements

  • Show sources in config string by @jimmykarily in kairos-io/kairos-agent#550
    • Now when checking the configs you will see the sources uses to generate them
  • Expose the Analize method of kairos-agent run-stage by @Itxaka in kairos-io/kairos-agent#548
    • now kairos-agent runstage can be run with the flag --analyze or -a to only show what steps would be run from a given stage and in the order they will be run.
  • Accept more paths to devices for install by @Itxaka in kairos-io/kairos-agent#552
    • Now the install target accepts devices identified by /dev/disk/by-{uuid,label,path,diskseq}

⬆️ Dependencies

🐛 Fixed bugs

🤖 CI related

Full Changelog: v3.2.0...v3.2.1

v3.2.1-rc1

04 Oct 13:46
0afe9dc
Compare
Choose a tag to compare
v3.2.1-rc1 Pre-release
Pre-release

What's Changed

Full Changelog: v3.2.0...v3.2.1-rc1

v3.2.0

30 Sep 14:09
9e0d3c8
Compare
Choose a tag to compare

This is a "milestone" release as is signifies the completeness of a set of planned stories. You can see what was planned for the v3.2.0 release in the relevant ticket: #2052

What's Changed

Full Changelog: v3.1.3...v3.2.0

v3.2.0-rc1

27 Sep 21:09
Compare
Choose a tag to compare
v3.2.0-rc1 Pre-release
Pre-release

See the v3.2.0 release notes - This was an rc

v3.1.3

16 Sep 14:32
b5ded86
Compare
Choose a tag to compare

Release highlights:

  • In the previous release, we introduced a fix for the broken permissions of the user's home directory. It turned out that the fix only applied to users created by the top level users: key in the Kairos configuration file. In this release, users created in various stages will also get their home directory permissions fixed. If for some reason, you don't want the script to recursively fix the home directory permissions, you can create a sentinel file to skip the fix and apply it on your own as you see fit.
  • Fixed an issue where we didn't calculate the upgrade image size and the always created an image with the default size (#2818)
  • Fixed an issue in Kairos upgrades through Kuberentes, where various host directories were also used in image size calculation (kairos-io/kairos-agent#537)
  • We now display the webui url below the QR code to avoid people having to plug a keyboard just to find the IP address of the node (#2826)
  • Fixed a bug in Alpine flavors where we passed the edgevpn arguments in the openrc service file wrongly (#2789)
  • Lots of version bumps on dependencies (mostly automated).

Known Issues

  • [Carry over from previous releases] RPi EFI booting no longer supported on kernels shipped with Ubuntu 24.04+ #2249

What's Changed

New Contributors

Full Changelog: v3.1.2...v3.1.3

v3.1.2

29 Aug 20:06
e0d89bc
Compare
Choose a tag to compare

⚠️ The following issues have been resolved, so it is safe to upgrade again:

Kairos user ids change on upgrade, breaking ssh login #2797
Long duration hang during boot #2802

What's Changed

  • 🤖 Check that install/recovery services are off during active boot by @Itxaka in #2775
  • 🐧 Disable pcrlock for all systemd distros by @Itxaka in #2778
  • 🐛 Empty machine-id instead of removing it by @Itxaka in #2784
  • 🐛 Fix +base-image for Remote Execution by @sdwilsh in #2808

Full Changelog: v3.1.1...v3.1.2

v3.1.2-rc1

29 Aug 07:35
Compare
Choose a tag to compare
v3.1.2-rc1 Pre-release
Pre-release

What's Changed

Full Changelog: v3.1.1...v3.1.2-rc1