Release notes from ignition

V2.20.0

2024-10-28T15:27:49Z

Features

Support partitioning disk with mounted partitions
Support Proxmox VE
Support gzipped Akamai user_data

Changes

The Dracut module now installs partx
Mark the 3.5.0 config spec as stable
No longer accept configs with version 3.5.0-experimental
Create new 3.6.0-experimental config spec from 3.5.0

Bug fixes

Fix network race when phoning home on Equinix Metal
Fix Akamai Ignition base64 decoding on padded payloads
Fix Makefile GOARCH for loongarch64 (#1942)

V2.19.0

2024-06-07T14:49:12Z

Features

Support Akamai Connected Cloud (Linode)
Support LUKS encryption using IBM CEX secure keys

v2.18.0

2024-03-11T15:22:51Z

Ignition 2.18.0

Breaking changes

Only include dracut module in initramfs if requested (see distributor notes
for details)

Features

Support Scaleway

Changes

Require Go 1.20+

v2.17.0

2023-11-24T13:14:17Z

Starting with this release, ignition-validate binaries are signed with the
Fedora 39 key.

Features

Support the native Apple Hypervisor
Support Hetzner Cloud
A GRUB configuration suitable for use with https://github.com/coreos/bootupd
can now be installed; use make install-grub-for-bootupd to install it

Changes

Require Go 1.19+

Bug fixes

Prevent races with udev after disk editing
Don't fail to wipe partition table if it's corrupted

v2.16.2

2023-07-13T17:56:43Z

Bug fixes

Fix Dracut module installation on arches other than x86 and aarch64

v2.16.1

2023-07-12T08:28:34Z

Starting with this release, ignition-validate binaries are signed with the Fedora 38 key.

Ignition v2.16.0 included a build regression on 32-bit machines and was not released. These notes include all changes since v2.15.0.

Features

Support Hyper-V platform
Automatically generate spec docs

Changes

Clarify spec terminology for contents of CA bundles, files, and key files
Improve rendering of spec docs on docs site

Bug fixes

Fix failure disabling nonexistent unit with systemd ≥ 252
Don't relabel a mount point that already exists
Document that hash fields describe decompressed data
Clarify documentation of passwordHash fields
Correctly document Tang advertisement field as optional

Test changes

Support and require xfsprogs ≥ 5.19 in blackbox tests

v2.16.0

2023-06-29T21:57:44Z

Ignition v2.16.0

v2.15.0

2023-02-23T16:09:22Z

Starting with this release, ignition-validate binaries are signed with the Fedora 37 key.

Features

Support offline Tang provisioning via pre-shared advertisement (3.4.0)
Allow enabling discard passthrough on LUKS devices (3.4.0)
Allow specifying arbitrary LUKS open options (3.4.0)
Ship aarch64 macOS ignition-validate binary in GitHub release artifacts

Changes

Mark the 3.4.0 config spec as stable
No longer accept configs with version 3.4.0-experimental
Create new 3.5.0-experimental config spec from 3.4.0
Fail if files/links/dirs conflict with systemd units or dropins
Warn if template for enabled systemd instance unit has no Install section
Warn if filesystem overwrites partitioned disk
Warn if wipeTable overwrites a filesystem that would otherwise be reused
Warn if user/group specified for hard link
Install ignition-apply in /usr/libexec
Allow distros to add Ignition command-line arguments from a unit drop-in
Convert NEWS to Markdown and move to docs site
Require Go 1.18+

Bug fixes

Don't overwrite LUKS1 volume when storage.luks.wipeVolume is false
Request network when custom Clevis config has needsNetwork set
Fix creating LUKS volume with custom Clevis config that uses TPM2
Avoid logging spurious error when a LUKS volume wasn't previously formatted
Fix version string in ignition-validate release container
Fix reproducibility of systemd preset file in ignition-apply output
Document that user/group fields aren't applied to hard links
Clarify spec docs for files/directories/links group fields

v2.14.0

2022-05-26T04:43:44Z

Starting with this release, ignition-validate binaries are signed with the Fedora 36 key.

Features:

Support KubeVirt platform
Support AWS arn: URLs for S3 objects and access points (3.4.0-exp)
Support reading configs from Azure IMDS "user data"
Support S3 fetch via IPv6
Add ignition-apply entrypoint to apply an Ignition config in a container

Changes:

Delete userdata after provisioning on VirtualBox and VMware by default (see operator notes for details) (GHSA-hj57-j5cw-2mwp, CVE-2022-1706)
Support setting setuid/setgid/sticky mode bits (3.4.0-exp)
Warn if setuid/setgid/sticky mode bits specified (3.0.0 - 3.3.0)
Support UEFI Secure Boot on VMware
Add arm64 support to ignition-validate container
Document S3 fetch semantics in operator notes
Document considerations for handling secrets in operator notes

Bug Fixes:

Fix disabling systemd units with pre-existing enablement symlinks
Fix reuse of statically keyed LUKS volumes (2.12.0 regression)
Fix gs:// fetch in GCE instances configured without a service account
Fix error reading VirtualBox guest properties that have flags
Fix infinite loop if -root command-line argument is a relative path

v2.13.0

2021-12-01T22:14:16Z

Starting with this release, ignition-validate binaries are signed with the Fedora 35 key.

Features:

Add Nutanix provider
Switch VirtualBox provider to read from /Ignition/Config guest property

Changes:

Improve QEMU fw_cfg read performance
Warn when QEMU fw_cfg config is too large for reasonable performance
Move Ignition report to /etc/.ignition-result.json
Improve resilience to filesystem unmount failures
Run mkfs.fat instead of its alias mkfs.vfat
Refresh supported platform documentation

Bug Fixes:

Make ignition.version required in JSON schema (3.4.0-exp)
Disallow null noProxy array entries in JSON schema (3.4.0-exp)