Commit Graph

21 Commits

Author SHA1 Message Date
Dan Nicholson
de1870df8c github: Workaround glib/seccomp issue on Ubuntu impish
The ubuntu-latest VMs are currently based on 20.04 (focal). In focal,
libseccomp2 doesn't know about the close_range syscall[1], but
g_spawn_sync in impish tries to use close_range since it's defined in
glibc. That causes libseccomp2 to return EPERM as it does for any
unknown syscalls. g_spawn_sync carries on silently instead of falling
back to other means of setting CLOEXEC on open FDs. Eventually it causes
some tests to hang since once side of a pipe is never closed. Remove
this when libseccomp2 in focal is updated or glib in impish handles the
EPERM better.

1. https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1944436

Fixes: #2495
2022-01-12 21:59:23 -07:00
Luca BRUNO
2bfdcea2c5
github: add dependabot config
This adds a configuration file for dependabot, taking care of automatic
updates for all git submodules.
2022-01-04 10:34:30 +00:00
Simon McVittie
43859b58f6
rofiles-fuse: Build using FUSE 3 if possible, falling back to FUSE 2
This adds build-time configuration logic to automatically detect
and switch between libfuse 2.x and 3.x.

Signed-off-by: Simon McVittie <smcv@collabora.com>
Co-authored-by: Luca BRUNO <luca.bruno@coreos.com>
2022-01-04 09:41:38 +00:00
Colin Walters
fdeee165f6 ci: Run main GH action CI build+test as non-root
This is really the standard best practice, matching how
e.g. dpkg/rpm work, as well as most local development
environments (including mine) with e.g. `toolbox`.
2021-08-26 14:40:34 -04:00
Benjamin Gilbert
d9483f89ad workflows: limit permissions to reading repo contents
Move the existing docs permissions stanza to the top of the workflow for
consistency.
2021-07-28 18:32:04 -04:00
Benjamin Gilbert
079528971c workflows: bump lint toolchain 2021-07-28 18:30:33 -04:00
Dan Nicholson
dfe3bdc13f ci: Use Debian and Ubuntu release stage tags
Rather than use the release codename tags, use the release stage tags.
This way the configuration (theoretically) doesn't need to be updated
when new Debian and Ubuntu releases are made.

For Debian stable is used instead of buster and a testing (bullseye)
build is added. For Ubuntu, latest is used instead of focal for the
current LTS and rolling is used instead of groovy for the latest
release. This actually changes the Ubuntu build from groovy to hirsute.
2021-06-21 13:47:00 -06:00
Dan Nicholson
f1b900340f ci: Disable fail-fast in GitHub Tests workflow
Don't cancel all the jobs if one distro config fails. The jobs are
mostly independent, so we do want to let the others continue in case
the failure is isolated to that particular distro configuration.
2021-06-21 12:27:01 -06:00
Dan Nicholson
a0012ae0ee ci: Add GitHub Actions workflow for test suite
This runs the test suite in various distros. The intention is to use
this to replace the Travis CI setup since it often has rate limit
failures.

Each configuration in the matrix runs in a Docker container, installs
system dependencies and then builds and tests ostree. The scripts are
basically copy and paste of the travis ones with some of the lesser used
features pruned out.

Some differences from the travis setup:

* OS details are gathered from `/etc/os-release` instead of being passed
  in as environment variables.

* The scripts always assume the user is root and don't try to use
  `sudo`.

* The `installcheck` test has been removed since ostree doesn't actually
  use that. It could be added to run the installed tests or
  `gnome-desktop-testing-runner` could just be called directly.

There should be enough flexibility to run other distros like Fedora,
Arch or Alpine. Another option would be to use the other build scripts
in ci/.
2021-06-18 15:30:06 -06:00
Dan Nicholson
9ff141fe80 ci: Rename GitHub Actions rust workflow metadata file
This workflow is specific to using rust and not just the general test
suite.
2021-06-18 15:24:47 -06:00
Dan Nicholson
bd42df4c9b workflow/docs: Give token write permission to push gh-pages
The ostree repo has read permissions set for workflows, which prevents
the documentation job from pushing the built docs to the gh-pages
branch. Raise the job's permissions to write for repo contents to allow
that.
2021-05-25 14:25:28 -06:00
Dan Nicholson
e19840a252 docs: Copy in API docs and add link
Make a copy of `apidoc/html` to `docs/reference` and then tell Jekyll to
include it verbatim. This will include the gtk-doc API docs on the
static site. A link is added to the main index.

A script is added to do the copy (a symlink won't do) and is setup to
run before Jekyll in the GitHub workflow. Ideally this would be a local
Jekyll plugin to make the process automatic, but the github-pages gem
doesn't allow that.
2021-05-21 10:46:49 -06:00
Dan Nicholson
19a306ecef docs: Add github workflow for building and publishing docs
This uses the Jekyll Actions GitHub action to push the rendered docs to
the gh-pages branch rather than GitHub's automated docs flow. That will
allow greater control over how the docs are generated. Pushing to the
gh-pages branch only happens on pushes to main. For pull requests, the
docs are only built.
2021-05-21 10:45:08 -06:00
Timothée Ravier
b8cca6cef1 *: rename master branch to main 2021-05-07 16:55:03 +02:00
Colin Walters
73a896e62c ci: Fix GH action for rustfmt
Since we now have a toplevel workspace, just use that.
2021-04-27 13:10:07 -04:00
Colin Walters
26166bb8e3 ci: Add a Github Action for Rust for tests/inst
Let's dip our toes in GH Actions (specifically aiming to migrate
away from Travis).
2021-03-17 19:37:21 +00:00
OpenShift Merge Robot
024b169aef
Merge pull request #2244 from lucab/ups/docs-release-guide
templates: add release-checklist
2020-11-19 15:40:33 +01:00
Luca BRUNO
8ece70b207
templates: add release-checklist
This collects all release steps in a release-checklist template.
2020-11-18 13:05:07 +00:00
Luca BRUNO
9567a0e91c
workflow/release: further refinements
This tweaks the release GH workflow further so that it only triggers
when the `configure.ac` file (which owns the version) changes.
Plus it properly checkouts the PR branch to avoid wrongly looking
at a synthetic merge commit.
2020-11-18 10:24:32 +00:00
Luca BRUNO
ee57fe2821
workflows/release: pattern-match on PR title
This adds an additional condition in order to run sanity check all
PRs starting with `Release` (case-insensitive).
2020-11-16 17:13:47 +00:00
Luca BRUNO
0d0eb4715b
ci: run ci-release-build.sh on GitHub
This adds a GitHub action in order to run ci-release-build.sh on
release PRs (detected via the `kind/release` label).
2020-11-16 11:14:40 +00:00