Skip to content

Add support for Debian Trixie #1308

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 11 commits into from
Jul 31, 2025
Merged

Add support for Debian Trixie #1308

merged 11 commits into from
Jul 31, 2025

Conversation

Koenvh1
Copy link
Contributor

@Koenvh1 Koenvh1 commented Jul 30, 2025
edited
Loading

This PR adds support for Debian Trixie (13). It also cleans up some old references that are no longer used.

https://github.com/NLnetLabs/krill/actions/runs/16627049763/job/47047047601

@Koenvh1 Koenvh1 marked this pull request as ready for review July 30, 2025 15:55
@partim partim merged commit 835d9f6 into main Jul 31, 2025
97 of 159 checks passed
@partim partim deleted the debian-trixie branch July 31, 2025 13:04
partim added a commit that referenced this pull request Aug 5, 2025
@partim
Release 0.15.0-rc5. (#1312)
4559e5a 
Bug fixes

* Improved the message printed when the TA proxy’s signer request does not
  contain any actual requests. ([#1305])
* Fixed various migration issues. ([#1306], [#1307], [#1309])

Other changes

* Add packaging for Debian 13. ([#1308])
* Updated dependencies. ([#1311])
partim added a commit that referenced this pull request Aug 12, 2025
@partim
Release 0.15.0 ‘But I Disgress.’ (#1316)
c9dedb1 
Breaking Changes

* Refactored command line options processing for all binaries. As a
  result, options for both `krillc` and `krillta` have slightly changed.
  For `krillc`, the `--server`, `--token`, `--format`, and `--api` options
  are now before the first subcommand (since they affect all commands). For
  `krillta`, those options are now after `krillta proxy` but before the next
  subcommand, while `--format` is now after `krillta signer`. ([#1228])
* Removed support for RTA in `krillc`. Support is currently still
  present in the Krill server, though behind a (non-default) feature flag.
  ([#1228])
* Changed how authorization works with OpenID Connect and configuration
  files. Custom profiles have been replaced with a straightforward mapping
  from access permission to roles and assigning roles to users. For
  configuration file-based authentication, the file format has slightly
  changed but the current format is still accepted. If you are using
  OpenID Connect, you will have to update your configuration. Please, see
  the manual for details. ([#1232])
* Replaced downloading of RISwhois file for ROA analysis with calls to the
  [Roto API](https://github.com/NLnetLabs/roto-api). This can be
  controlled via new configuration settings `bgp_api_enabled`,
  `bgp_api_uri`, and `bgp_api_cache_seconds`. ([#1233], [#1266])

New

* Added a command to re-initialize the trust anchor signer with different
  timing values or TAL URLs. ([#1255])
* Disables the protection against early re-issuance for CA certificates that
  have the full resource set, typically TA certificates. ([#1281])

Bug Fixes

* Fixed a potential infinite recursion in PKCS11 error handling. ([#1215])
* Open ID connect: Re-initialize the connection after 60s to pick up
  configuration changes at the provider. ([#1226])
* Fixed the naming of the trust anchor timing configuration. It was
  expected to be `timing_config` for the config used by Krill and
  `ta_timing` if used by the Krill TA signer. It is now `ta_timing` in
  both cases while `timing_config` is accepted as an alias in both cases.
  ([#1241])
* Improve performance by using buffered reading and writing in the store.
  ([#1300], [#1301])

Other changes

* Refactored Prometheus metrics generation which resulted in a slightly
  different formatting but should still be syntactically correct.
  ([#1249])
* Upgraded the bundled Krill UI to
  [release 0.9.0](https://github.com/NLnetLabs/krill-ui/releases/tag/v0.9.0).
  ([#1295])
* Added packaging support for Ubuntu Noble, RHEL 10, Debian Trixie; removed
  packaging support for Ubuntu Xenial and Bionic, and Debian Stretch.
  ([#1239], [#1297], [#1308])
* The minimum supported Rust version is now 1.85. ([#1288])
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Koenvh1 @partim