From f9dd9f3087d29fcd48542694a41bf698f3057a8a Mon Sep 17 00:00:00 2001
From: Justin Cormack <justin.cormack@docker.com>
Date: Thu, 1 Jun 2017 13:49:20 +0100
Subject: [PATCH] Add development report for week to 28 May 2017

Slightly late, due to holiday, sorry!

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
---
 reports/2017-05-28.md | 154 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 154 insertions(+)
 create mode 100644 reports/2017-05-28.md

diff --git a/reports/2017-05-28.md b/reports/2017-05-28.md
new file mode 100644
index 000000000..2b6579046
--- /dev/null
+++ b/reports/2017-05-28.md
@@ -0,0 +1,154 @@
+# Weekly LinuxKit report for 2017-05-22 to 2017-05-28
+
+This report covers weekly developments in the [linuxkit], [linuxkit-ci], [virtsock], and [linuxkit/rtf] repositories.
+
+We now sign and verify LinuxKit component images, such as `linuxkit/kernel`, using [Notary](https://github.com/docker/notary) ([#1900] [@justincormack] [@ijc25] [@rneugeba]). The Alpine base was also updated to add config labels and trust ([#1909] [@rneugeba]), and the organisation key wad added to the yaml file ([#1913] [@dave-tucker] [@justincormack] [@rneugeba] [@riyazdf]).
+
+The `linuxkit` tool has had several improvements that change its syntax:
+- Output formats must be specified in the CLI not in the yaml file. ([#1908]  [@justincormack])
+- Disk command line options for local hypervisors have been unified ([#1888]  [@thebsdbox] [@justincormack] [@IJC] [@ijc25] [@rneugeba])
+- Hyperkit backends now have a `-start-vpnkit` flag ([#1891] [@rneugeba] [@MagnusS]) and a `-vpnkit-socket` flag ([#1907] [@justincormack] [@rneugeba])
+- The Qemu backend was made more consistent. For all output formats except kernel+initrd, we now require the full path of the file to run, and in return makes the default options more automatic.  It also now allows specifying a bootable disk image, so we can test disk image output formats with qemu too.  ([#1873] [@justincormack])
+
+A VMware vCenter backend was added, by using the VMware Go SDK in order to allow LinuxKit to push ISOs to VMware and run them.  ([#1882] [#1860] [@justincormack] [@thebsdbox])
+
+The Alpine base image was extended with:
+- VM integration agents ([#1887]  [@MagnusS] [@ijc25] [@rneugeba])
+- Strace ([#1922]  [@justincormack])
+- There is discussion on how to improve the Address Space Layout Randomization (ASLR) and Position Independent Executables (PIE) in the base ([#1902] [@rneugeba] [@justincormack] [@riyazdf] [@fntlnz])
+
+Other improvements were made to the packages:
+- Add a mkimage package ([#1896] [@justincormack])
+- Add a open-vm-tools package ([#1898] [@ijc25] [@justincormack] [@rneugeba])
+- Moby config labels were added to common packages ([#1884] [@rneugeba])
+
+Managing kernel configurations got easier via the [kernel-config project](projects/kernel-config/) which now has a real implementation of kernel configs ([#1877] [@tych0]).
+There is also ongoing work to update to the 4.11.2/4.10.17/4.9.29/4.4.69 kernels ([#1870] [@rneugeba]).
+
+The experimental projects area saw several changes:
+
+- Wireguard improvements ([#1915] [@tych0] [@justincormack] [@riyazdf])
+- Use kernel images for Integrity Measurement Architecture (IMA) ([#1914] [@rneugeba])
+
+The first Moby Security SIG was held, with meeting notes and PRs available in the tree.  Please continue to send any fixes to them from your participation:
+
+- 2017-05-24 meeting notes ([#1892] [@jcvenegas] [@zx2c4] [@avsm] [@tych0] [@riyazdf] [@mcastelino])
+- Draft agenda for 2017-06-07 meeting ([#1893] [@tych0] [@riyazdf])
+- Video recording of meeting notes ([#1894] [@tych0] [@riyazdf])
+- Fix link to ima-namespace project ([#1899] [@cyli] [@rneugeba])
+- Add buildchain security to agenda, proposed time allocations ([#1903] [@fntlnz] [@avsm] [@samoht]  [@rneugeba] [@riyazdf] [@SvenDowideit])
+- More detail to security SIG agenda ([#1876] [@tych0])
+
+General housekeeping activity:
+
+- Improve Makefile to rebuild `bin/moby` as necessary ([#1910] [@tych0] [@justincormack])
+- Only output qemu disk creation info in debug mode ([#1911] [@justincormack])
+- Add a few more aliases to .mailmap and re-generated AUTHORS ([#1879] [@justincormack] [@rneugeba])
+- Add a blurb about CVE-2017-1000363 ([#1885] [@justincormack])
+- Remove AUTHOR from tests ([#1890] [@justincormack])
+- Add docs on how to use external disk ([#1776] [@justincormack] [@deitch])
+- Add a docs section on custom kernel builds ([#1838] [@rneugeba] [@yankunsam])
+- Update LinuxKit YAML file for Virtsock ([virtsock#29] [@rneugeba])
+- RTF templates: Fix path To top-wevel library ([linuxkit/rtf#15] [@dave-tucker])
+- Improve fetching of CI results ([linuxkit-ci#8])
+- Add a test-containerd to CI ([#1906] [@dmcgowan] [@justincormack] [@rneugeba])
+- Continue fixing `qemu-img` in a container ([#1871])
+
+Other reports in this series can be browsed directly in the repository at [linuxkit:/reports](https://github.com/linuxkit/tree/master/reports/).
+
+[@HackToday]: https://github.com/HackToday
+[@IJC]: https://github.com/IJC
+[@MagnusS]: https://github.com/MagnusS
+[@SvenDowideit]: https://github.com/SvenDowideit
+[@alanyih]: https://github.com/alanyih
+[@avsm]: https://github.com/avsm
+[@cyli]: https://github.com/cyli
+[@dave-tucker]: https://github.com/dave-tucker
+[@deitch]: https://github.com/deitch
+[@dmcgowan]: https://github.com/dmcgowan
+[@fntlnz]: https://github.com/fntlnz
+[@ijc25]: https://github.com/ijc25
+[@jcvenegas]: https://github.com/jcvenegas
+[@justincormack]: https://github.com/justincormack
+[@majst01]: https://github.com/majst01
+[@mbruzek]: https://github.com/mbruzek
+[@mcastelino]: https://github.com/mcastelino
+[@riyazdf]: https://github.com/riyazdf
+[@rneugeba]: https://github.com/rneugeba
+[@samoht]: https://github.com/samoht
+[@thebsdbox]: https://github.com/thebsdbox
+[@tych0]: https://github.com/tych0
+[@yankunsam]: https://github.com/yankunsam
+[@zx2c4]: https://github.com/zx2c4
+[linuxkit]: https://github.com/linuxkit
+[#1247]: https://github.com/linuxkit/linuxkit/issues/1247
+[#1742]: https://github.com/linuxkit/linuxkit/issues/1742
+[#1751]: https://github.com/linuxkit/linuxkit/issues/1751
+[#1767]: https://github.com/linuxkit/linuxkit/issues/1767
+[#1768]: https://github.com/linuxkit/linuxkit/pull/1768
+[#1776]: https://github.com/linuxkit/linuxkit/pull/1776
+[#1838]: https://github.com/linuxkit/linuxkit/pull/1838
+[#1839]: https://github.com/linuxkit/linuxkit/issues/1839
+[#1848]: https://github.com/linuxkit/linuxkit/issues/1848
+[#1859]: https://github.com/linuxkit/linuxkit/issues/1859
+[#1860]: https://github.com/linuxkit/linuxkit/pull/1860
+[#1866]: https://github.com/linuxkit/linuxkit/issues/1866
+[#1867]: https://github.com/linuxkit/linuxkit/pull/1867
+[#1868]: https://github.com/linuxkit/linuxkit/pull/1868
+[#1869]: https://github.com/linuxkit/linuxkit/pull/1869
+[#1870]: https://github.com/linuxkit/linuxkit/pull/1870
+[#1871]: https://github.com/linuxkit/linuxkit/pull/1871
+[#1872]: https://github.com/linuxkit/linuxkit/issues/1872
+[#1873]: https://github.com/linuxkit/linuxkit/pull/1873
+[#1874]: https://github.com/linuxkit/linuxkit/pull/1874
+[#1876]: https://github.com/linuxkit/linuxkit/pull/1876
+[#1877]: https://github.com/linuxkit/linuxkit/pull/1877
+[#1878]: https://github.com/linuxkit/linuxkit/issues/1878
+[#1879]: https://github.com/linuxkit/linuxkit/pull/1879
+[#1880]: https://github.com/linuxkit/linuxkit/issues/1880
+[#1881]: https://github.com/linuxkit/linuxkit/pull/1881
+[#1882]: https://github.com/linuxkit/linuxkit/pull/1882
+[#1884]: https://github.com/linuxkit/linuxkit/pull/1884
+[#1885]: https://github.com/linuxkit/linuxkit/pull/1885
+[#1886]: https://github.com/linuxkit/linuxkit/issues/1886
+[#1887]: https://github.com/linuxkit/linuxkit/pull/1887
+[#1888]: https://github.com/linuxkit/linuxkit/pull/1888
+[#1889]: https://github.com/linuxkit/linuxkit/issues/1889
+[#1890]: https://github.com/linuxkit/linuxkit/pull/1890
+[#1891]: https://github.com/linuxkit/linuxkit/pull/1891
+[#1892]: https://github.com/linuxkit/linuxkit/pull/1892
+[#1893]: https://github.com/linuxkit/linuxkit/pull/1893
+[#1894]: https://github.com/linuxkit/linuxkit/pull/1894
+[#1895]: https://github.com/linuxkit/linuxkit/issues/1895
+[#1896]: https://github.com/linuxkit/linuxkit/pull/1896
+[#1897]: https://github.com/linuxkit/linuxkit/pull/1897
+[#1898]: https://github.com/linuxkit/linuxkit/pull/1898
+[#1899]: https://github.com/linuxkit/linuxkit/pull/1899
+[#1900]: https://github.com/linuxkit/linuxkit/pull/1900
+[#1901]: https://github.com/linuxkit/linuxkit/issues/1901
+[#1902]: https://github.com/linuxkit/linuxkit/issues/1902
+[#1903]: https://github.com/linuxkit/linuxkit/pull/1903
+[#1904]: https://github.com/linuxkit/linuxkit/issues/1904
+[#1905]: https://github.com/linuxkit/linuxkit/issues/1905
+[#1906]: https://github.com/linuxkit/linuxkit/pull/1906
+[#1907]: https://github.com/linuxkit/linuxkit/pull/1907
+[#1908]: https://github.com/linuxkit/linuxkit/pull/1908
+[#1909]: https://github.com/linuxkit/linuxkit/pull/1909
+[#1910]: https://github.com/linuxkit/linuxkit/pull/1910
+[#1911]: https://github.com/linuxkit/linuxkit/pull/1911
+[#1913]: https://github.com/linuxkit/linuxkit/pull/1913
+[#1914]: https://github.com/linuxkit/linuxkit/pull/1914
+[#1915]: https://github.com/linuxkit/linuxkit/pull/1915
+[#1916]: https://github.com/linuxkit/linuxkit/issues/1916
+[#1917]: https://github.com/linuxkit/linuxkit/issues/1917
+[#1918]: https://github.com/linuxkit/linuxkit/issues/1918
+[#1920]: https://github.com/linuxkit/linuxkit/issues/1920
+[#1922]: https://github.com/linuxkit/linuxkit/pull/1922
+[#1924]: https://github.com/linuxkit/linuxkit/issues/1924
+[#714]: https://github.com/linuxkit/linuxkit/issues/714
+[linuxkit-ci]: https://github.com/linuxkit-ci
+[linuxkit-ci#8]: https://github.com/linuxkit/linuxkit-ci/pull/8
+[linuxkit/rtf]: https://github.com/linuxkit/rtf
+[linuxkit/rtf#15]: https://github.com/linuxkit/rtf/pull/15
+[virtsock]: https://github.com/virtsock
+[virtsock#29]: https://github.com/linuxkit/virtsock/pull/29