File google-guest-agent.changes of Package google-guest-agent.38113
-------------------------------------------------------------------
Mon Mar 31 11:11:30 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20250327.01 (bsc#1239763, bsc#1239866)
  * Remove error messages from gce_workload_cert_refresh and
    metadata script runner (#527)
- from version 20250327.00
  * Update guest-logging-go dependency (#526)
  * Add 'created-by' metadata, and pass it as option to logging library (#508)
  * Revert "oslogin: Correctly handle newlines at the end of
    modified files (#520)" (#523)
  * Re-enable disabled services if the core plugin was enabled (#522)
  * Enable guest services on package upgrade (#519)
  * oslogin: Correctly handle newlines at the end of modified files (#520)
  * Fix core plugin path (#518)
  * Fix package build issues (#517)
  * Fix dependencies ran go mod tidy -v (#515)
  * Fix debian build path (#514)
  * Bundle compat metadata script runner binary in package (#513)
  * Bump golang.org/x/net from 0.27.0 to 0.36.0 (#512)
  * Update startup/shutdown services to launch compat manager (#503)
  * Bundle new gce metadata script runner binary in agent package (#502)
  * Revert "Revert bundling new binaries in the package (#509)" (#511)
- from version 20250326.00
  * Re-enable disabled services if the core plugin was enabled (#521)
- from version 20250324.00
  * Enable guest services on package upgrade (#519)
  * oslogin: Correctly handle newlines at the end of modified files (#520)
  * Fix core plugin path (#518)
  * Fix package build issues (#517)
  * Fix dependencies ran go mod tidy -v (#515)
  * Fix debian build path (#514)
  * Bundle compat metadata script runner binary in package (#513)
  * Bump golang.org/x/net from 0.27.0 to 0.36.0 (#512)
  * Update startup/shutdown services to launch compat manager (#503)
  * Bundle new gce metadata script runner binary in agent package (#502)
  * Revert "Revert bundling new binaries in the package (#509)" (#511)
  * Revert bundling new binaries in the package (#509)
  * Fix typo in windows build script (#501)
  * Include core plugin binary for all packages (#500)
  * Update crypto library to fix  CVE-2024-45337 (#499)
  * Start packaging compat manager (#498)
  * Start bundling ggactl_plugin_cleanup binary in all agent packages (#492)
  * scripts: introduce a wrapper to locally build deb package (#490)
  * Introduce compat-manager systemd unit (#497)
- from version 20250317.00
  * Revert "Revert bundling new binaries in the package (#509)" (#511)
  * Revert bundling new binaries in the package (#509)
  * Fix typo in windows build script (#501)
  * Include core plugin binary for all packages (#500)
  * Update crypto library to fix  CVE-2024-45337 (#499)
  * Start packaging compat manager (#498)
  * Start bundling ggactl_plugin_cleanup binary in all agent packages (#492)
  * scripts: introduce a wrapper to locally build deb package (#490)
  * Introduce compat-manager systemd unit (#497)
- from version 20250312.00
  * Revert bundling new binaries in the package (#509)
  * Fix typo in windows build script (#501)
  * Include core plugin binary for all packages (#500)
  * Update crypto library to fix  CVE-2024-45337 (#499)
  * Start packaging compat manager (#498)
  * Start bundling ggactl_plugin_cleanup binary in all agent packages (#492)
  * scripts: introduce a wrapper to locally build deb package (#490)
  * Introduce compat-manager systemd unit (#497)
- from version 20250305.00
  * Revert bundling new binaries in the package (#509)
  * Fix typo in windows build script (#501)
  * Include core plugin binary for all packages (#500)
  * Update crypto library to fix  CVE-2024-45337 (#499)
  * Start packaging compat manager (#498)
  * Start bundling ggactl_plugin_cleanup binary in all agent packages (#492)
  * scripts: introduce a wrapper to locally build deb package (#490)
  * Introduce compat-manager systemd unit (#497)
- from version 20250304.01
  * Fix typo in windows build script (#501)
- from version 20250214.01
  * Include core plugin binary for all packages (#500)
- from version 20250214.00
  * Update crypto library to fix  CVE-2024-45337 (#499)
- from version 20250212.00
  * Start packaging compat manager (#498)
  * Start bundling ggactl_plugin_cleanup binary in all agent packages (#492)
- from version 20250211.00
  * scripts: introduce a wrapper to locally build deb package (#490)
  * Introduce compat-manager systemd unit (#497)
- from version 20250207.00
  * vlan: toggle vlan configuration in debian packaging (#495)
  * vlan: move config out of unstable section (#494)
  * Add clarification to comments regarding invalid NICs and the
    `invalid` tag. (#493)
  * Include interfaces in lists even if it has an invalid MAC. (#489)
  * Fix windows package build failures (#491)
  * vlan: don't index based on the vlan ID (#486)
  * Revert PR #482 (#488)
  * Remove Amy and Zach from OWNERS (#487)
  * Skip interfaces in interfaceNames() instead of erroring if there is an (#482)
  * Fix Debian packaging if guest agent manager is not checked out (#485)
- from version 20250204.02
  * force concourse to move version forward.
- from version 20250204.01
  * vlan: toggle vlan configuration in debian packaging (#495)
- from version 20250204.00
  * vlan: move config out of unstable section (#494)
  * Add clarification to comments regarding invalid NICs and the
    `invalid` tag. (#493)
- from version 20250203.01
  * Include interfaces in lists even if it has an invalid MAC. (#489)
- from version 20250203.00
  * Fix windows package build failures (#491)
  * vlan: don't index based on the vlan ID (#486)
  * Revert PR #482 (#488)
  * Remove Amy and Zach from OWNERS (#487)
  * Skip interfaces in interfaceNames() instead of erroring if there is an (#482)
  * Fix Debian packaging if guest agent manager is not checked out (#485)
- from version 20250122.00
  * networkd(vlan): remove the interface in addition to config (#468)
  * Implement support for vlan dynamic removal, update dhclient to
    remove only if configured (#465)
  * Update logging library (#479)
  * Remove Pat from owners file. (#478)
-------------------------------------------------------------------
Tue Mar 11 11:25:07 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Add patch to fix unexpected memory consumption during token
  parsing in golang.org/x/oauth2 (bsc#1239197, CVE-2025-22868)
  * CVE-2025-22868.patch
-------------------------------------------------------------------
Wed Feb 05 12:58:23 UTC 2025 - rjschwei@suse.com
- Update to version 20250116.00: (bsc#1236403)
  * networkd(vlan): remove the interface in addition to config (#468)
  * Implement support for vlan dynamic removal, update dhclient to remove
    only if configured (#465)
  * Update logging library (#479)
  * Remove Pat from owners file. (#478)
-------------------------------------------------------------------
Mon Jan 13 19:33:18 UTC 2025 - rjschwei@suse.com
- Update to version 20241209.01: (bsc#1235664)
  * readme: add notes about plugin manager (#476)
  * Update metadata script runner to honor cloud logging config flag (#475)
  * Fixing fallback from systemd-networkd to dhclient (#471)
  * network: fix nmcli check pattern (#472)
  * Update readme with guest agent manager (#469)
  * Add missing packaging spec (#466)
  * Bring back side-by-side packaging (#464)
  * Avoid changing permissions of directory if parent is / (#463)
  * network: force NetworkManager to connect to primary nic (#461)
  * Revert plugin manager packaging (#460)
  * Add GOPATH to PATH in debian build (#459)
  * Add plugin manager to debian build (#457)
  * rpm packaging: fix plugin manager assumptions (#458)
  * packaging: add plugin manager to rhel packaging (#454)
-------------------------------------------------------------------
Tue Oct 22 06:30:47 UTC 2024 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20241018.01 (bsc#1231775, bsc#1231776)
  * Add support for including agent manager in guest-agent package (#456)
  * plugin manager: Introduce the systemd service file (#455)
  * documentation: Update metadata script runner details (#453)
- from version 20241013.00
  * Update OWNERS (#452)
- from version 20241011.01
  * SUSE no overwrite bug fix, Ubuntu 18.04 exception (#451)
- from version 20241011.00
  * Skip MDS setup by default for this release (#450)
- from version 20241010.01
  * Revert "network/netplan: Adjust link-local accordingly (#443)" (#448)
  * Set enable regardless of previous check failed or not (#447)
- from version 20241009.03
  * Avoid unnecessary reloads, check before overwriting configs (#446)
- from version 20241009.02
  * network/netplan: Do generate instead of apply (#445)
- from version 20241009.01
  * Skip SetupInterfaces if configs are already applied (#444)
  * network/netplan: Adjust link-local accordingly (#443)
  * Repeated logging could be mistaken for a recurring issue,
    log mds mtls endpoint error only once (#439)
  * Retry MDS PUT operation, reload netplan/networkctl
    only if configs are changed (#438)
  * Log interface state after setting up network (#437)
  * network: Debian 12 rollback only if default netplan is ok (#436)
- from version 20240930.01
  * Change mtls mds defaults, update log message to assure error is harmless (#434)
- from version 20240930.00
  * network: Restore Debian 12 netplan configuration. (#433)
  * network: Remove primary NIC left over configs. (#432)
  * Update VLAN interfaces format to match with MDS (#431)
  * Fix panics in agent when setting up VLAN with netplan (#430)
  * Add VLAN NIC support for NetworkManager (#429)
  * Fix debian12 netplan config issue, use ptr receiver (#428)
  * Update README to reflect new network manager changes (#427)
  * Introduce a configuration toggle for enabling/disabling cloud logging (#413)
  * Adapt and update config key to be consistent with MDS (#426)
  * Allow users to enable/disable the mds mtls via metadata key (#423)
  * Make primary nic management config consistent across all network managers (#422)
  * Document disabling account manager on AD (#421)
  * Update README with MDS MTLS docs (#418)
  * Avoid writing configuration files when they already exist on wicked and (#410)
  * Update golang.org/x/net dependencies to catch up on CVEs (#412)
  * Get rid of deperecated dependencies in snapshot service generate code (#411)
  * Fix where agent panics on nil event (#409)
  * Configure primary nic if only set in cfg file (#408)
  * Update NIC management strategy (#402)
  * Only release dhclient leases for an interface if the
    respective dhclient is still running (#407)
  * Disable OS Login without pruning off any extra suffix. (#400)
  * Skip root cert rotation if installed once (#405)
  * Add ipv6 support to guest agent (#404)
  * Update Accounts documentation (#403)
  * Update google-startup-scripts.service to enable logging (#399)
  * Network subsystem remove os rules (#396)
  * oslogin: Don't remove sshca watcher when oslogin is disabled (#398)
  * Update dependencies to catch up on CVE fixes (#397)
  * Network manager netplan implementation (#386)
  * Update dependencies to catch up on CVE fixes (#391)
  * Log current available routes on error (#388)
  * Fix command monitor bugs (#389)
  * windows account: Ignore "user already belogs to group" error (#387)
  * Add more error logging in snapshot handling requests, use common retry util (#384)
  * All non-200 status code from MDS should raise error (#383)
  * Change metadata key to enable-oslogin-certificates (#382)
  * Update dhclient pid/lease file directory to abide apparmor rules (#381)
  * Add COS homedir-gid patch to upstream. (#365)
  * Add require-oslogin-certificates logic to disable keys (#368)
  * systemd-networkd: Support Debian 12's version (#372)
  * Minor update typo in comment (#380)
  * NetworkManager: Only set secondary interfaces as up (#378)
  * address manager: Make sure we check for oldMetadata (#375)
  * network: Early setup network (#374)
  * NetworkManager: Fix ipv6 and ipv4 mode attribute (#373)
  * Network Manager: Make sure we clean up ifcfg files (#371)
  * metadata script runner: Fix script download (#370)
  * oslogin: Avoid adding extra empty line at the end of /etc/security/group.conf (#369)
  * Dynamic vlan (#361)
  * Check for nil response (#366)
  * Create NetworkManager implementation (#362)
  * Skip interface manager on Windows (#363)
  * network: Remove ignore setup (#360)
  * Create wicked network service implementation and its respective unit (#356)
  * Update metadata script runner, add tests (#357)
  * Refactor guest-agent to use common retry util (#355)
  * Flush logs before exiting #358 (#359)
  * Create systemd-networkd unit tests. (#354)
  * Update network manager unit tests (#351)
  * Implement retry util (#350)
  * Refactor utils package to not dump everything unrelated into one file (#352)
  * Set version on metadata script runner (#353)
  * Implement cleanup of deprecated configuration directives (#348)
  * Ignore DHCP offered routes only for secondary nics (#347)
  * Deprecate DHClient in favor of systemd-networkd (#342)
  * Generate windows and linux licenses (#346)
  * Remove quintonamore from OWNERS (#345)
  * Delete integration tests (#343)
-------------------------------------------------------------------
Wed Aug 28 11:02:37 UTC 2024 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20240816.00
  * Add configuration toggle to enable/disable use
    of OS native certificate stores (#419)
  * Fix dependencies in stable branch #412 (#415)
  * Update dep: golang.org/x/crypto to v0.17.0
  * Update dep: google.golang.org/protobuf to 1.33.0
  * Update dep: golang.org/x/net to 0.17.0
  * Update dep: google.golang.org/grpc to v1.57.1
- from version 20240813.00
  * Update README with MDS MTLS docs (#418)
- from version 20240808.01
  * Avoid writing configuration files when they already
    exist on wicked and NetworkManager (#410)
- from version 20240808.00
  * Update golang.org/x/net dependencies
    to catch up on CVEs (#412)
- from version 20240805.00
  * Get rid of deperecated dependencies in
    snapshot service generate code (#411)
- Drop dont_overwrite_ifcfg.patch, fixed upstream
-------------------------------------------------------------------
Mon Aug  5 07:26:29 UTC 2024 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20240802.00
  * Fix where agent panics on nil event (#409)
- from version 20240801.00
  * Configure primary nic if only set in cfg file (#408)
  * Update NIC management strategy (#402)
  * Only release dhclient leases for an interface if the respective dhclient is still running (#407)
  * Disable OS Login without pruning off any extra suffix. (#400)
  * Skip root cert rotation if installed once (#405)
  * Add ipv6 support to guest agent (#404)
  * Update Accounts documentation (#403)
  * Update google-startup-scripts.service to enable logging (#399)
  * Network subsystem remove os rules (#396)
  * oslogin: don't remove sshca watcher when oslogin is disabled (#398)
  * Update dependencies to catch up on CVE fixes (#397)
  * Network manager netplan implementation (#386)
  * Update dependencies to catch up on CVE fixes (#391)
  * Log current available routes on error (#388)
  * Fix command monitor bugs (#389)
  * Windows account: ignore "user already belogs to group" error (#387)
  * Add more error logging in snapshot handling requests, use common retry util (#384)
  * All non-200 status code from MDS should raise error (#383)
  * Change metadata key to enable-oslogin-certificates (#382)
  * Update dhclient pid/lease file directory to abide apparmor rules (#381)
  * Add COS homedir-gid patch to upstream. (#365)
  * Add require-oslogin-certificates logic to disable keys (#368)
  * systemd-networkd: support debian 12's version (#372)
  * Minor update typo in comment (#380)
  * NetworkManager: only set secondary interfaces as up (#378)
  * address manager: make sure we check for oldMetadata (#375)
  * network: early setup network (#374)
  * NetworkManager: fix ipv6 and ipv4 mode attribute (#373)
  * Network Manager: make sure we clean up ifcfg files (#371)
  * metadata script runner: fix script download (#370)
  * oslogin: avoid adding extra empty line at the end of /etc/security/group.conf (#369)
  * Dynamic vlan (#361)
  * Check for nil response (#366)
  * Create NetworkManager implementation (#362)
  * Skip interface manager on Windows (#363)
  * network: remove ignore setup (#360)
  * Create wicked network service implementation and its respective unit (#356)
  * Update metadata script runner, add tests (#357)
  * Refactor guest-agent to use common retry util (#355)
  * Flush logs before exiting #358 (#359)
  * Create systemd-networkd unit tests. (#354)
  * Update network manager unit tests (#351)
  * Implement retry util (#350)
  * Refactor utils package to not dump everything unrelated into one file (#352)
  * Set version on metadata script runner (#353)
  * Implement cleanup of deprecated configuration directives (#348)
  * Ignore DHCP offered routes only for secondary nics (#347)
  * Deprecate DHClient in favor of systemd-networkd (#342)
  * Generate windows and linux licenses (#346)
  * Remove quintonamore from OWNERS (#345)
  * Delete integration tests (#343)
- from version 20240716.00
  * Update dep: golang.org/x/crypto to v0.17.0
  * Update dep: google.golang.org/protobuf to 1.33.0
  * Update dep: golang.org/x/net to 0.17.0
  * Update dep: google.golang.org/grpc to v1.57.1
-------------------------------------------------------------------
Tue Jul  2 13:00:54 UTC 2024 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20240701.00
  * Update google-startup-scripts.service to enable logging (#399)
-------------------------------------------------------------------
Fri Jun 14 09:27:31 UTC 2024 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20240611.01
  * Network subsystem remove os rules (#396)
  * oslogin: don't remove sshca watcher when oslogin is disabled (#398)
  * update dependencies to catch up on CVE fixes (#397)
  * Network manager netplan implementation (#386)
  * update dependencies to catch up on CVE fixes (#391)
  * Log current available routes on error (#388)
  * Fix command monitor bugs (#389)
  * windows account: ignore "user already belogs to group" error (#387)
  * Add more error logging in snapshot handling requests, use common retry util (#384)
  * All non-200 status code from MDS should raise error (#383)
  * change metadata key to enable-oslogin-certificates (#382)
  * Update dhclient pid/lease file directory to abide apparmor rules (#381)
  * Add COS homedir-gid patch to upstream. (#365)
  * Add require-oslogin-certificates logic to disable keys (#368)
  * systemd-networkd: support debian 12's version (#372)
  * Minor update typo in comment (#380)
  * NetworkManager: only set secondary interfaces as up (#378)
  * address manager: make sure we check for oldMetadata (#375)
  * network: early setup network (#374)
  * NetworkManager: fix ipv6 and ipv4 mode attribute (#373)
  * Network Manager: make sure we clean up ifcfg files (#371)
  * metadata script runner: fix script download (#370)
  * oslogin: avoid adding extra empty line at the end of /etc/security/group.conf (#369)
  * Dynamic vlan (#361)
  * Check for nil response (#366)
  * Create NetworkManager implementation (#362)
  * Skip interface manager on Windows (#363)
  * network: remove ignore setup (#360)
  * Create wicked network service implementation and its respective unit (#356)
  * Update metadata script runner, add tests (#357)
  * Refactor guest-agent to use common retry util (#355)
  * Flush logs before exiting #358 (#359)
  * Create systemd-networkd unit tests. (#354)
  * Update network manager unit tests (#351)
  * Implement retry util (#350)
  * Refactor utils package to not dump everything unrelated into one file (#352)
  * Set version on metadata script runner (#353)
  * Implement cleanup of deprecated configuration directives (#348)
  * ignore DHCP offered routes only for secondary nics (#347)
  * Deprecate DHClient in favor of systemd-networkd (#342)
  * Generate windows and linux licenses (#346)
  * Remove quintonamore from OWNERS (#345)
  * Delete integration tests (#343)
- from version 20240528.00
  * update dep: golang.org/x/crypto to v0.17.0
  * update dep: google.golang.org/protobuf to 1.33.0
  * update dep: golang.org/x/net to 0.17.0
  * update dep: google.golang.org/grpc to v1.57.1
-------------------------------------------------------------------
Fri Mar 22 12:00:11 UTC 2024 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20240314.00 (bsc#1221900, bsc#1221901)
  * NetworkManager: only set secondary interfaces as up (#378)
  * address manager: make sure we check for oldMetadata (#375)
  * network: early setup network (#374)
  * NetworkManager: fix ipv6 and ipv4 mode attribute (#373)
  * Network Manager: make sure we clean up ifcfg files (#371)
  * metadata script runner: fix script download (#370)
  * oslogin: avoid adding extra empty line at the end of /etc/security/group.conf (#369)
  * Dynamic vlan (#361)
  * Check for nil response (#366)
  * Create NetworkManager implementation (#362)
  * Skip interface manager on Windows (#363)
  * network: remove ignore setup (#360)
  * Create wicked network service implementation and its respective unit (#356)
  * Update metadata script runner, add tests (#357)
  * Refactor guest-agent to use common retry util (#355)
  * Flush logs before exiting #358 (#359)
- Refresh patches for new version
  * dont_overwrite_ifcfg.patch
-------------------------------------------------------------------
Tue Feb 27 13:23:01 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
- No need for double %setup.
-------------------------------------------------------------------
Tue Feb 27 11:13:20 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
- Use %patch -P N instead of deprecated %patchN.
-------------------------------------------------------------------
Mon Feb 26 13:06:16 UTC 2024 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20240213.00
  * Create systemd-networkd unit tests (#354)
- from version 20240209.00
  * Update network manager unit tests (#351)
- from version 20240207.02
  * Implement retry util (#350)
- from version 20240207.01
  * Refactor utils package to not dump everything unrelated into one file (#352)
- from version 20240207.00
  * Set version on metadata script runner (#353)
  * Implement cleanup of deprecated configuration directives (#348)
  * Ignore DHCP offered routes only for secondary nics (#347)
  * Deprecate DHClient in favor of systemd-networkd (#342)
  * Generate windows and linux licenses (#346)
- from version 20240122.00
  * Remove quintonamore from OWNERS (#345)
- from version 20240111.00
  * Delete integration tests (#343)
- from version 20240109.00
  * Update licenses with dependencies of go-winio (#339)
  * Add github.com/Microsoft/go-winio to third party licensing (#337)
- Add explicit versioned dependency on google-guest-oslogin (bsc#1219642)
- Refresh patches for new version
  * dont_overwrite_ifcfg.patch
-------------------------------------------------------------------
Thu Jan  4 11:32:21 UTC 2024 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20231214.00
  * Fix snapshot test failure (#336)
- from version 20231212.00
  * Implement json-based command messaging system for guest-agent (#326)
- from version 20231118.00
  * sshca: Remove certificate caching (#334)
- from version 20231115.00
  * revert: 3ddd9d4a496f7a9c591ded58c3f541fd9cc7e317 (#333)
  * Update script runner to use common cfg package (#331)
-------------------------------------------------------------------
Tue Nov 14 12:13:32 UTC 2023 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20231110.00
  * Update Google UEFI variable (#329)
  * Update owners (#328)
- from version 20231103.00
  * Make config parsing order consistent (#327)
-------------------------------------------------------------------
Wed Nov  1 14:05:15 UTC 2023 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20231031.01 (bsc#1216547, bsc#1216751)
  * Add prefix to scheduler logs (#325)
- from version 20231030.00
  * Test configuration files are loaded in the documented
    order. Fix initial integration test. (#324)
  * Enable mTLS by default (#323)
- from version 20231026.00
  * Rotate MDS root certificate (#322)
- from version 20231020.00
  * Update response struct, add tests (#315)
  * Don't try to schedule mTLS job twice (#317)
- from version 20231019.00
  * snapshot: Add context cancellation handling (#318)
-------------------------------------------------------------------
Fri Oct 20 06:49:31 UTC 2023 - Robert Schweikert <rjschwei@suse.com>
- Bump the golang compiler version to 1.21 (bsc#1216546)
-------------------------------------------------------------------
Thu Oct 19 12:12:35 UTC 2023 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20231016.00
  * instance setup: trust/rely on metadata package's retry (#316)
- from version 20231013.01
  * Update known cert dirs for updaters (#314)
- from version 20231011.00
  * Verify cert refresher is enabled before running (#312)
- from version 20231009.00
  * Add support for the SSH key options (#296)
- from version 20231006.01
  * Events interface improvement (#290)
- from version 20231006.00
  * Refactor script runner to use common metadata package (#311)
  * Schedule MTLS job before notifying systemd (#310)
  * Refactor authorized keys to use metadata package (#300)
- from version 20231005.00
  * docs update: add configuration and event manager's docs. (#309)
- from version 20231004.01
  * Fix license header (#301)
  * packaging(deb): add epoch to oslogin dep declaration (#308)
- from version 20231004.00
  * packaging(deb): ignore suffix of version (#306)
  * packaging: force epoch and ignore suffix of version (#305)
- from version 20231003.01
  * oslogin: declare explicitly dependency (#304)
  * oslogin: remove Unstable.pamless_auth_stack feature flag (#303)
- from version 20231003.00
  * oslogin: resort ssh configuration keys (#299)
- from version 20230925.00
  * oslogin: introduce a feature flag to cert auth (#298)
- from version 20230923.00
  * gitignore: unify ignore in the root dir (#297)
- from version 20230921.01
  * managers: we accidentally disabled addressMgr, bring it back (#295)
  * cfg: fix typos (#294)
  * cfg: config typos (#293)
  * cfg: introduce a configuration management package (#288)
- from version 20230921.00
  * mtls: bring it back (#292)
- from version 20230920.01
  * Fix permissions on file created by SaferWriteFile() (#291)
- from version 20230920.00
  * sshca: re-enable the event watcher & handler (#289)
- from version 20230919.01
  * oslogin: add PAMless Authorization Stack configuration (#285)
- from version 20230919.00
  * Preparing it for review (#287)
  * sshca: make sure to restore SELinux context of the pipe (#286)
  * remove deprecated usage, fix warnings (#282)
  * Update system store (#278)
  * Update workload certificate endpoints, use metadata package (#275)
  * metadata: use url package to form metadata URLs (#284)
- from version 20230913.00
  * release prep: disable ssh trusted ca module (#281)
- from version 20230912.00
  * New Guest Agent Release (#280)
- from version 20230909.00
  * Revert "service: remove the use of the service library (#273)" (#276)
  * service: remove the use of the service library (#273)
- from version 20230906.01
  * Store keys to machine keyset (#272)
- from version 20230905.00
  * restorecon: first try to determine if it's installed (#271)
  * run: change all commands to use CommandContext (#268)
  * Notify systemd after scheduling required jobs (#270)
  * Store certs in ProgramData instead of Program Files (#269)
  * metadata watcher: remove local retry & implement unit tests (#267)
  * run: split command running utilities into its own package (#265)
-------------------------------------------------------------------
Thu Aug 31 10:05:11 UTC 2023 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20230828.00
  * snapshot: Use main context rather than create its own (#266)
- from version 20230825.01
  * Verify if cert was successfully added to certpool (#264)
- from version 20230825.00
  * Find previous cert for cleanup using one stored on disk (#263)
- from version 20230823.00
  * Revert "sshtrustedca: configure selinux context
    for sshtrustedca pipe (#256)" (#262)
  * Update credentials directory on Linux (#260)
- from version 20230821.00
  * Update owners (#261)
- from version 20230819.00
  * Revert "guest-agent: prepare for public release (#258)" (#259)
- from version 20230817.00
  * guest-agent: prepare for public release (#258)
- from version 20230816.01
  * Enable telemetry collection by default (#253)
- from version 20230816.00
  * Add pkcs12 license and update retry logic (#257)
  * sshtrustedca: Configure selinux context for sshtrustedca pipe (#256)
  * Store windows certs in certstore (#255)
  * events: Multiplex event watchers (#250)
  * Scheduler fixes (#254)
  * Update license files (#251)
  * Run telemetry every 24 hours, record pretty name on linux (#248)
-------------------------------------------------------------------
Tue Aug 15 13:44:27 UTC 2023 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20230811.00
  * sshca: move the event handler to its own package (#247)
- from version 20230809.02
  * Move scheduler package to google_guest_agent (#249)
- from version 20230809.01
  * Add scheduler utility to run jobs at interval (#244)
- from version 20230809.00
  * sshca: transform the format from json to openssh (#246)
- from version 20230803.00
  * Add support for reading UEFI variables on windows (#243)
- from version 20230801.03
  * sshtrustedca watcher: fix concurrency error (#242)
- from version 20230801.02
  * metadata: add a delta between http client timeout and hang (#241)
- from version 20230801.00
  * metadata: properly set request config (#240)
  * main: bring back the mds client initialization (#239)
  * metadata: don't try to use metadata before agentInit() is done (#238)
  * Add (disabled) telemetry logic to GuestAgent (#219)
  * metadata event handler: updates and bug fixes (#235)
  * Verify client credentials are signed by root CA before writing on disk (#236)
  * metadata: properly handle context cancelation (#234)
  * metadata: fix context cancelation error check (#233)
  * metadata: remove the sleep around metadata in instance setup (#232)
  * metadata: implement backoff strategy (#231)
  * Decrypt and store client credentials on disk (#230)
  * Upgrade Go version 1.20 (#228)
  * Fetch guest credentials and add MDS response proto (#226)
  * metadata: pass main context to WriteGuestAttributes() (#227)
  * Support for reading & writing Root CA cert from UEFI variable (#225)
  * ssh_trusted_ca: enable the feature (#224)
  * sshTrustedCA: add pipe event handler (#222)
  * events: start using events layer (#223)
- from version 20230726.00
  * events: introducing a events handling subsystem (#221)
- from version 20230725.00
  * metadata: add metadata client interface (#220)
- from version 20230711.00
  * metadata: moving to its own package (#218)
- from version 20230707.00
  * snapshot: fix request handling error (#217)
- Bump Go API version to 1.20
-------------------------------------------------------------------
Tue Jun  6 08:44:31 UTC 2023 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20230601.00 (bsc#1212418, bsc#1212759)
  * Revert "Avoid conflict with automated package updates (#212)" (#214)
  * Don't block google-osconfig-agent (#213)
- from version 20230531.00
  * Avoid conflict with automated package updates (#212)
  * Add a support of TrustedUserCAKeys into sshd configuration (#206)
-------------------------------------------------------------------
Thu May 11 07:04:49 UTC 2023 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20230510.00
  * Fix dependencies after updating go ver to 1.17 (#211)
  * Update Go version (#210)
- from version 20230426.00
  * Fix compilation directives (#207)
- from version 20230403.00
  * Mod update (#205)
  * Update mod: update golang.org/x/net to
    0.8.0 and its dependencies (#204)
-------------------------------------------------------------------
Mon Feb 27 20:03:53 UTC 2023 - Robert Schweikert <rjschwei@suse.com>
- Bump go API version to 1.18 (bsc#1208723)
  + Address CVE-2021-38297 and CVE-2022-23806
-------------------------------------------------------------------
Mon Feb 27 10:30:35 UTC 2023 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20230221.00
  * Allow a comment part of a pub ssh key to have an arbitrary format (#198)
    + Split GetUserKey() into two functions: get and validate
    + Correct the name of ValidateUser func as it validates only users
    + Update tests
  * Update OWNERS (#201)
- from version  20230207.00
  * Update OWNERS file (#199)
-------------------------------------------------------------------
Wed Jan 18 09:37:52 UTC 2023 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20230112.00
  * Updating logging module so cloud logs are flushed prior to exit (#196)
  * Windows: retry adding MDS route (#194)
-------------------------------------------------------------------
Wed Nov 16 15:51:28 UTC 2022 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20221109.00
  * Validate user key for whitespace chars (#188)
- from version 20221107.00
  * Fix typo with wsfc agent (#189)
- from version 20221104.00
  * Updates to gce-workload-cert-refresh (#186)
- from version 20221025.00
  * Add workload cert refresh to preset (#185)
-------------------------------------------------------------------
Fri Oct 21 11:21:06 UTC 2022 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20221018.00
  * Write workload cert status file (#184)
- from version 20221017.00
  * Update workload_cert permissions (#180)
-------------------------------------------------------------------
Mon Oct 10 12:57:39 UTC 2022 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20220927.00
  * Workload certificate refresh (#182)
-------------------------------------------------------------------
Fri Sep 16 15:27:23 UTC 2022 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20220824.00
  * Workload certs (#177)
- from version 20220823.00
  * add members to OWNERS (#178)
  * Expired key tests (#176)
  * correct expired key handling (#175)
-------------------------------------------------------------------
Mon Aug 15 19:21:21 UTC 2022 - Dirk Müller <dmueller@suse.com>
- avoid bashism in post-install scripts (bsc#1195391)
-------------------------------------------------------------------
Wed Aug  3 10:24:30 UTC 2022 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20220713.00 (bsc#1202100, bsc#1202101)
  * try restoring module mode (#172)
  * update for golang 1.16 (#171)
- from version 20220614.00
  * Remove log that can break startup scripts (#170)
- from version 20220603.00
  * repeat fix for arm (#169)
  * no authorized keys on debian (#168)
- from version 20220527.00
  * Add authorized keys command to the Windows agent package. (#167)
  * Support for Windows SSH (#164)
- from version 20220523.00
  * restore double slash metadata url (#166)
- from version 20220520.00
  * Support .exe as an option for scripts and refactor runScript (#165)
-------------------------------------------------------------------
Thu May  5 12:37:36 UTC 2022 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20220429.00
  * Move some functionality to a utils module (#162)
-------------------------------------------------------------------
Wed Apr 13 12:40:04 UTC 2022 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20220412.00
  * enable goproxy during build (#163)
- from version 20220321.00
  * enable routes for ipv6 (#160)
-------------------------------------------------------------------
Tue Feb  8 15:46:09 UTC 2022 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20220204.00 (bsc#1195437, bsc#1195438)
  * remove han from owners (#154)
  * Remove extra slash from metadata URL. (#151)
- from version 20220104.00
  * List IPv6 routes (#150)
- from version 20211228.00
  * add add or remove route integration test, utils (#147)
- from version 20211214.00
  * add malformed ssh key unit test  (#142)
-------------------------------------------------------------------
Thu Nov 18 13:33:12 UTC 2021 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20211116.00 (bsc#1193257, bsc#1193258)
  * dont duplicate logs (#146)
  * Add WantedBy network dependencies to google-guest-agent service (#136)
  * dont try dhcpv6 when not needed (#145)
  * Integration tests: instance setup (#143)
  * Integration test: test create and remove google user (#128)
  * handle comm errors in script runner (#140)
  * enforce script ordering (#138)
  * enable ipv6 on secondary interfaces (#133)
- from version 20211103.00
  * Integration tests: instance setup (#143)
- from version 20211027.00
  * Integration test: test create and remove google user (#128)
-------------------------------------------------------------------
Fri Oct 22 09:38:42 UTC 2021 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20211019.00
  * handle comm errors in script runner (#140)
- from version 20211015.00
  * enforce script ordering (#138)
- from version 20211014.00
  * enable ipv6 on secondary interfaces (#133)
- from version 20211013.00
  * dont open ssh tempfile exclusively (#137)
- from version 20211011.00
  * correct linux startup script order (#135)
  * Emit sshable attribute (#123)
- from version 20210908.1
  * restore line (#127)
- from version 20210908.00
  * New integ test (#124)
- from version 20210901.00
  * support enable-oslogin-sk key (#120)
  * match script logging to guest agent (#125)
- from version 20210804.00
  * Debug logging (#122)
- Refresh patches for new version
  * dont_overwrite_ifcfg.patch
-------------------------------------------------------------------
Tue Jul 27 10:00:06 UTC 2021 - Bernhard Wiedemann <bwiedemann@suse.com>
- Build with go1.15 for reproducible build results (boo#1102408)
-------------------------------------------------------------------
Mon Jul 19 12:15:35 UTC 2021 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20210707.00
  * Use IP address for calling the metadata server. (#116)
- from version 20210629.00
  * use IP for MDS (#115)
-------------------------------------------------------------------
Wed Jun 23 11:25:59 UTC 2021 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20210603.00
  * systemd-notify in agentInit (#113)
  * dont check status (#112)
- from version 20210524.00
  * more granular service restarts (#111)
- from version 20210414.00
  * (no functional changes)
-------------------------------------------------------------------
Tue May 11 08:08:42 UTC 2021 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20210414.00 (bsc#1185848, bsc#1185849)
  * start sshd (#106)
  * Add systemd-networkd.service restart dependency. (#104)
  * Update error message for handleHealthCheckRequest. (#105)
-------------------------------------------------------------------
Wed Mar 31 12:53:34 UTC 2021 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20210223.01 (bsc#1183414, bsc#1183415)
  * add a match block to sshd_config for SAs (#99)
  * add ipv6 forwarded ip support (#101)
  * call restorecon on ssh host keys (#98)
  * Include startup and shutdown in preset (#96)
  * set metadata URL earlier (#94)
- Fix activation logic of systemd services (bsc#1182793)
-------------------------------------------------------------------
Tue Jan 12 01:16:48 UTC 2021 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20201211.00
  * Require snapshot scripts to live under /etc/google/snapshots (#90)
  * Adding support for Windows user account password lengths
    between 15 and 255 characters. (#91)
  * Adding bkatyl to OWNERS (#92)
-------------------------------------------------------------------
Tue Nov 24 13:05:17 UTC 2020 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20201102.00 (bsc#1179031, bsc#1179032)
  * Only attempt to connect to snapshot service once (#88)
-------------------------------------------------------------------
Thu Oct 29 13:49:55 UTC 2020 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20201026.00
  * remove old unused workflow files (#86)
  * fallback to IP for metadata (#82)
  * getPasswd: Check full prefix of line for username (#81)
-------------------------------------------------------------------
Fri Oct 23 14:09:16 UTC 2020 - Joachim Gleissner <jgleissner@suse.com>
- dont_overwrite_ifcfg.patch: Do not overwrite existing ifcfg files
  to allow manual configuration and compatibility with
  cloud-netconfig (bsc#1159460, bsc#1178486)
-------------------------------------------------------------------
Thu Oct  1 13:32:08 UTC 2020 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20200929.00
  * correct varname (#75)
  * don't call dhclient -x on network setup (#77)
  * add instance id dir override (#78)
  * update agent systemd service file (#73)
  * typo, change to noadjfile (#79)
  * add gaohannk to OWNERS
  * remove illfelder from OWNERS
  * Add all license files to packages (#71)
-------------------------------------------------------------------
Tue Aug 25 15:25:20 UTC 2020 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to version 20200819.00 (bsc#1175740, bsc#1175741)
  * handle oslogin enable/disable cases (#70) (bsc#1175173)
  * add README (#69)
  * Fix metric for addIPForwardEntry (#68)
  * Correctly determine default route index (#67)
  * oslogin: dont add entry to pam.d/su (#66)
  * end group.conf with newline (#64)
  * Add source field in googet spec (#59)
  * Set route to metadata on interface with default route (#47)
  * fix typo in boto.cfg (#62)
- Properly handle enabling of systemd services when upgrading
  from the old google-compute-engine-init package (bsc#1174745)
-------------------------------------------------------------------
Wed Jul 22 10:46:57 UTC 2020 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Initial build (bsc#1174304, bsc#1174306, jsc#ECO-2099, jsc#PM-1945)
  + Version 20200630.00
  + Replaces google-compute-engine-init package