Mirror of git.yoctoproject.org/meta-virtualization https://git.enea.com/cgit/linux/meta-virtualization.git/atom?h=master-next 2026-04-28T11:27:58+00:00 2026-04-28T11:27:58+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-04-28T02:03:43+00:00 urn:sha1:5424160c491edbda215095da99d81a941bcfc5c5 The entire file is conditional, we don't need protections on the SRC_URI entries. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-04-28T11:27:58+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2026-04-24T08:38:55+00:00 urn:sha1:e94ddc214b795688fe70535aec900ff37a24b40d This fixes yocto-check-layer failures: ca-certificates:do_recipe_qa: 4d7b7adb7436eeb5714c354f3c590e7e69294ea044452343d24e64c92d5c040f -> c1676ce811efe714731b666ccd683586477f7a1b52ad7597148bd9d709291220 List of dependencies for variable SRC_URI changed from 'frozenset({'PV', 'SRC_URI[sha256sum]', 'BPN'})' to 'frozenset({'SRC_URI[le-r11.sha256sum]', 'BPN', 'SRC_URI[le-e8.sha256sum]', 'PV', 'SRC_URI[sha256sum]'})' Variable SRC_URI value changed: @@ -1 +1,2 @@ -${DEBIAN_MIRROR}/main/c/ca-certificates/${BPN}_${PV}.tar.xz file://0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch file://0003-update-ca-certificates-use-relative-symlinks-from-ET.patch file://0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch +${DEBIAN_MIRROR}/main/c/ca-certificates/${BPN}_${PV}.tar.xz file://0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch file://0003-update-ca-certificates-use-relative-symlinks-from-ET.patch file://0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch ${@bb.utils.contains('DISTRO_FEATURES', 'virtualization', 'https://letsencrypt.org/certs/2024/e8.pem;name=le-e8;unpack=0 https://letsencrypt.org/certs/2024/r11.pem;name=le-r11;unpack=0', '', d)} +DISTRO_FEATURES{virtualization} = Unset Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-04-14T11:26:00+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-04-14T11:22:30+00:00 urn:sha1:47e3829101321fa694627c1b3cf19a28092d1b73 The unconditional bbappend to ca-certificates breaks yocto-check-layer compatibility when the layer is included without 'virtualization' in DISTRO_FEATURES. Guard both the SRC_URI additions and the do_install append with a bb.utils.contains check, matching the pattern used by other bbappends in the layer (busybox, qemu, etc.). Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2026-04-13T01:08:31+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2026-04-12T23:53:20+00:00 urn:sha1:4e6c583591c1da7e898254dd33eca5cc04c739a9 vcontainer-common.sh: - Fix docker/podman login hanging silently in daemon mode. The login command requires interactive stdin for the password prompt, which the non-interactive daemon-send channel cannot provide. Use daemon-interactive mode (same as vshell/exec -it) which provides TTY passthrough via the virtio-serial + socat + expect channel. ca-certificates bbappend: - Add Let's Encrypt E8 (ECDSA) and R11 (RSA) intermediate certificates via a ca-certificates bbappend. Certs are fetched at build time from letsencrypt.org and installed into the standard CA certificate path. update-ca-certificates incorporates them into the system CA bundle. - Some registries (e.g., registry.yocto.io) don't send the full certificate chain, causing TLS verification to fail with Go programs (Docker, skopeo, podman) even though the root CAs are present. vdkr-rootfs-image.bb: - Add ca-certificates to IMAGE_INSTALL Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>