ChangeLog for the Encroot scripts

2018-01-21:

• Increased the length of dotted lines to handle longer resource IDs
• Updated PV-GRUB kernels from version 1.04 to 1.05 in all supported regions
• Added PV-GRUB kernels for Seoul, Mumbai, Canada, London, and Ohio
• Added name filter to speed up selection of platform AMI during test
• Added Seoul, Mumbai, Canada, London, and Ohio to the "regions" suite
• Started building bozohttpd from source code since the package was removed
• Updated partition selection to handle Debian AMIs with files in partition 2
• Updated to use conf-hook for configuration of new cryptsetup packages
• Fixed previously incorrect test index when individual tests are skipped
• Removed code introduced as special cases for obsolete distros
• Updated the EC2_API_VERSION to 2016-11-15 in encroot and test_encroot.sh
• Removed the obsolete "newtype" and "oldtype" test suites
• Changed the default version of Debian from 8 (Jessie) to 9 (Stretch)
• Changed the default version of Ubuntu from 14.04 (Trusty) to 16.04 (Xenial)
• Added "--bootsize" option to set an explicit size for the boot partition
• Doubled default size of the boot partition to 2 GiB for "Big Boot" systems
• Added support for systemd as a replacement for init in "Big Boot" systems
• Fixed "Big Boot" when the primary network interface has not been defined
• Added code to reinstall ifupdown package since Ubuntu switched to netplan
• Changed EC2_ENDPOINT for Chinese regions to end in ".com.cn"; Thanks, Paul!
• Corrected detection of fancy terminals by handling patterns like "xterm*"
• Fixed moving of the mounted boot partition with "mount --move" on Xenial
• Updated the recommended build platform to Ubuntu 16.04 LTS (Xenial Xerus)
• Made temporary instances launch in the target subnet since some need a VPC
• Added delay after launching instances to avoid InvalidInstanceID.NotFound
• Added delay after registering images to avoid InvalidAMIID.NotFound
• Fixed a bug that caused --version to always return the current date
• Skipped tests of 32-bit Artful on t2.micro due to a Linux boot problem
• Verified for Trusty, Xenial, Artful, Wheezy, Jessie, and Stretch
• Precise, Utopic, Vivid, and Squeeze have lost upstream support

2015-05-28:

• Fixed lookup of subnets + groups when "vpc-ff068f90" is given as "ff068f90"
• Added support for hardware-based virtualization and made it the default
• Added "--paravirtual" option to keep the original virtualization type
• Started using the latest hd0 kernels instead of old hd00 AKI versions
• Added PV-GRUB kernel IDs for the eu-central-1 (Frankfurt) region
• Implemented signature version 4, needed in Frankfurt; Thank you, Chris!
• Updated the EC2_API_VERSION to 2015-03-01 in encroot and test_encroot.sh
• Added support for testing many different instance types in a test suite
• Made it possible to use ENCROOT_HOSTS instead of DNS for test addresses
• Starting testing Encroot with VPC instances in a separate test subnet
• Changed the default type of test instances from t1.micro to t2.micro
• Changed the default version of Debian from 7 (Wheezy) to 8 (Jessie)
• Added the AWSAPI_USER_AGENT environment variable to give some flexibility
• Changed "User-Agent" headers for Encroot to actually mention "Encroot"
• Made it possible to choose an alternative port for the password page
• Added "--ebs-type" and "--iops" options to simplify use of SSD volumes
• Made the "debian-" prefix optional, so "jessie" works like "debian-jessie"
• Updated awsapi to try again on temporary "Please try again shortly" errors
• Made the "debian" and "ubuntu" forms work correctly with "/i386" suffixes
• Tried to make unpacking and copying more robust by retrying on failure
• Updated and extended the release suite from 56 to 168 tested combinations
• Verified for Precise, Trusty, Utopic, Vivid, Squeeze, Wheezy, and Jessie
• Lucid, Quantal, Raring, and Saucy have lost upstream support

2014-06-07:

• Added "--dedicated" option to run VPC instances on single-tenant hardware
• Fixed incorrect zone patterns for sa-east-1 and us-gov-west-1 kernel IDs
• Updated PV-GRUB kernel IDs from version 1.03 to 1.04 in all nine regions
• Made the changes needed for Ubuntu 14.04 LTS (Trusty Tahr)
• Updated the default target to Trusty Tahr (20140528)
• Added code to decrypt boot.key if the user forgets that step
• Allowed "system" to be specified as a local file hierarchy
• Allowed "system" to be an AMI, an instance, a snapshot, or an EBS volume
• Added support for Debian as an alternative to Ubuntu
• Added "--reg-params" option for extra parameters to the RegisterImage call
• Added "--run-params" option for extra parameters to the RunInstances call
• Updated the EC2_API_VERSION to 2014-02-01 in start_encrypted_instance.sh
• Added "--fix-hook" option for more flexible handling of various distros
• Allowed "system" to be "debian" or "ubuntu" with reasonable defaults
• Made the separators fancier; use --no-lines to get the old dashed ones
• Added bold (bright) and thin (dimmed) fonts; use --no-fonts to disable
• Added a little color to the output; use --no-color to get rid of it
• Added "--no-style" option to simplify "--no-color --no-fonts --no-lines"
• Updated the README.txt file to reflect current reality and new features
• Renamed "start_encrypted_instance.sh" to "encroot" for simplicity
• Renamed "make_encrypted_ubuntu.sh" to "make_encrypted_distro.sh"
• Made it possible to install Encroot with "./configure && make install"
• Added "--version" option to easily identify the installed Encroot version
• Added "--type" option for instance types different from the build instance
• Added "--key" option for key pairs other than that of the build instance
• Verified for Precise, Quantal, Raring, Saucy, Trusty, Squeeze, and Wheezy
• Oneiric has lost upstream support; Lucid depended on bozohttpd from Natty

2013-06-20:

• Added a PATH check to avoid hiding /sbin/cryptsetup with our own script
• Added chmod to restore potentially lost executable permissions on scripts
• Updated the EC2_API_VERSION to 2013-02-01 in start_encrypted_instance.sh
• Changed groupSet; reservationSet.1.groupSet.1.groupId is not always there
• Added "--subnet" option for VPC instances; default is the build subnet
• Added "--address" option to set private IP addresses for a VPC instance
• Implemented support for multiple network interfaces in different subnets
• Allowed unlocking via a private address instead of requiring an Elastic IP
• Made it possible to repeat the --group option to configure multiple groups
• Fixed restoring of terminal echo after Ctrl-C on the password prompt
• Recommended the simpler "openssl rand -hex 16" for generation of passwords
• Added a minimal man page to document the behavior of all new script options
• Updated awsapi to allow empty default values to handle optional responses
• Changed awsapi to allow renaming to nothing; this is useful for filters
• Fixed awsapi bug where early values missing on a row were not added as '-'
• Fixed awsapi bug where object-list values would be reused in later lists
• Stopped replacing empty awsapi values with '-' in single-value expansions
• Fixed some other minor issues found in the previous awsapi implementation
• Verified for the current versions of Oneiric, Precise, Quantal, and Raring
• Natty has lost upstream support; Lucid depended on bozohttpd from Natty

2013-05-01:

• Incorporated a patch by Jeff Finucane to give udevd time to react
• Made "awsapi --man" work better on FreeBSD by setting LESS="-R"
• Fixed a bug where awsapi would interpret "0" as a missing value
• Added the AWSAPI_FAILURE_COMMAND environment variable for flexibility
• Worked around the new "(stdin)= " prefix from "openssl dgst -sha1"
• Updated scripts to reflect the current location of Ubuntu Cloud Images
• Modified curl options to handle redirects to potential future locations
• Made the changes needed for Ubuntu 12.04.2 LTS (Precise Pangolin)
• Updated the default target to Precise Pangolin (20130411.1)
• Fixed handling of the URLs for alpha and beta versions of Ubuntu
• Fixed an obvious bug in the implementation of is_slow_reject()
• Updated with kernels for the nine currently available regions
• Fixed building of 32-bit systems on 64-bit instances ("precise/i386")
• Doubled delay before deleting snapshots since it could still fail
• Added a test_encroot.sh script to simplify the release process
• Verified for Lucid, Natty, Oneiric, Precise, Quantal, and Raring
• Maverick is now unsupported; Lucid will fail when Natty support ends

2011-06-05:

• Made the scripts work outside the us-east-1 region; more thanks to drAX
• Added missing kernel IDs for the ap-northeast-1 (Tokyo) region
• Mounting with LABEL and UUID to avoid problems after a system upgrade
• Corrected the Maverick-specific entries added to sources.list on Lucid
• Added a workaround for the incorrect /initrd.img link in lucid-20110601
• Fixed problems with --big-boot for Xen block devices (major number 202)
• Adjusted incorrect progress info during boot partition copying (--big-boot)

2011-05-21:

• Corrected bug where "--group=" was not stripped from "--group=$groupName"
• New library locations in Ubuntu 11.04; thanks to drAX for pointing it out
• Adapted to reality: Ubuntu 11.04 uses /dev/xvd* instead of /dev/sd*
• Added "--size" option to set the volume size; default is 8 GiB, as before
• Added "--name" option for the instance name; default is Linux_<date>_<time>
• Added a delay before deleting the snapshot of a recently deregistered image

2011-04-18:

• Original release