shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2024-10-26 17:25:34 +03:00
Code
62,492 Commits 36 Branches 641 Tags 224 MiB
3dd6336ad0
Commit Graph

342 Commits

Author SHA1 Message Date
Frantisek Sumsal
a3f0533ffc ci: pack-ify our custom CodeQL queries and enable them in Actions 
Unlike LGTM, the CodeQL Action requires the custom queries to have their
own qlpack.yml file, so let's provide one.
 2021-12-07 14:57:09 +01:00
Frantisek Sumsal
a6319961c9 ci: run the CodeQL action also when its configuration changes 
Just to make sure we didn't break anything.
 2021-12-07 14:45:06 +01:00
Frantisek Sumsal
64f625a212 ci: sync the list of CodeQL queries with LGTM 2021-12-07 14:45:04 +01:00
Evgeny Vereshchagin
4997d1b965 ci: pin python dependencies and let Dependabot keep track of them 2021-12-07 09:08:26 +00:00
dependabot[bot]
7285145dfc build(deps): bump github/codeql-action from 1.0.24 to 1.0.25 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.0.24 to 1.0.25.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](e095058bfa...546b30f35a)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-12-07 02:20:53 +03:00
Frantisek Sumsal
ab9e3bfef6 ci: consider cryptolib in the group identifier 
otherwise we end up with more than one job with the same identifier in
one run, causing some of them to get cancelled unexpectedly.

A quick follow-up to 85bd394df5.
 2021-12-03 20:25:06 +00:00
Frantisek Sumsal
9371d44afe ci: install libbpf 2021-12-03 16:30:56 +01:00
Zbigniew Jędrzejewski-Szmek
85bd394df5 ci: expand the test framework to cover openssl 2021-12-02 11:31:20 +01:00
dependabot[bot]
68181cf8a7 build(deps): bump github/codeql-action from 1.0.23 to 1.0.24 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.0.23 to 1.0.24.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](a627e9fa50...e095058bfa)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-11-25 05:13:11 +03:00
dependabot[bot]
d59d6cc154 build(deps): bump github/codeql-action from 1.0.22 to 1.0.23 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.0.22 to 1.0.23.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](5581e08a65...a627e9fa50)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-11-18 01:17:19 +03:00
Evgeny Vereshchagin
0da6973c17 ci: switch to weekly dependabot updates 
Apparently some dependencies get updated much more often
than I would have exepected.

It can always be triggered manually at https://github.com/systemd/systemd/network/dependencies
if there are any urgent updates
 2021-11-17 12:16:57 +00:00
dependabot[bot]
eb37ed701b build(deps): bump github/super-linter from 4.8.3 to 4.8.4 
Bumps [github/super-linter](https://github.com/github/super-linter) from 4.8.3 to 4.8.4.
- [Release notes](https://github.com/github/super-linter/releases)
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md)
- [Commits](7d5dc989c5...563be7dc55)

---
updated-dependencies:
- dependency-name: github/super-linter
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-11-17 10:59:41 +00:00
Evgeny Vereshchagin
7e7e31521a ci: run codeql on PRs from Dependabot 
To make sure PRs like https://github.com/systemd/systemd/pull/21409
don't break anything.
 2021-11-17 10:14:33 +00:00
Evgeny Vereshchagin
e6ace91eb7 ci: pin mkosi to SHAs as well 2021-11-15 20:52:51 +00:00
dependabot[bot]
f356ad7cf8 build(deps): bump github/super-linter from 4.8.1 to 4.8.3 
Bumps [github/super-linter](https://github.com/github/super-linter) from 4.8.1 to 4.8.3.
- [Release notes](https://github.com/github/super-linter/releases)
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md)
- [Commits](fd9c4286d3...7d5dc989c5)

---
updated-dependencies:
- dependency-name: github/super-linter
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-11-15 18:20:56 +00:00
Evgeny Vereshchagin
510afa460a ci: tighten codeql and labeler even more 
by moving the read permissions to the top level and
granting additional permissions to the specific jobs.
It should help to prevent new jobs that could be added
there eventually from having write access to resources they
most likely would never need.
 2021-11-14 10:51:07 +00:00
Evgeny Vereshchagin
b3a1fb795a ci: LGPLv2+ify dependapot config and codeql action 2021-11-14 09:48:22 +00:00
Evgeny Vereshchagin
e44a47d186 ci: pin the codeql action to SHAs 
It's a follow-up to https://github.com/systemd/systemd/pull/21316.

Judging by https://github.com/evverx/systemd/pull/36, Dependabot
supports their release cycle
 2021-11-14 10:42:04 +00:00
Evgeny Vereshchagin
e7a966915d ci: mimic the "restricted" mode 
Judging by https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
it should be enough to grant the "read contents" permission to
most of our actions. The "read metadata" permission is set impliciclty
somewhere and can't be set via the "permissions" setting:
```
The workflow is not valid. .github/workflows/linter.yml (Line: 14, Col: 3): Unexpected value 'metadata'
```
 2021-11-14 10:41:06 +00:00
Evgeny Vereshchagin
311956ccd9 ci: tighten several GHActions a bit more 
with https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions#permissions
 2021-11-13 22:17:21 +03:00
dependabot[bot]
5ae4964028 build(deps): bump actions/checkout from 2 to 2.4.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 2.4.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...ec3a7ce113134d7a93b817d10a8272cb61118579)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-11-13 16:45:32 +03:00
Frantisek Sumsal
66a41360b4
Merge pull request #21342 from evverx/dependabot-error 
ci: try to fix a Dependabot error
 2021-11-13 09:35:51 +00:00
Frantisek Sumsal
c76a838589 ci: run the unit_tests and mkosi jobs on stable branches as well 
To provide more coverage for the systemd-stable repo.

See: https://github.com/systemd/systemd-stable/issues/24
 2021-11-13 09:09:54 +09:00
Evgeny Vereshchagin
38ac3ab10a ci: allow Dependabot to open up to 2 PRs 
Apparently version updates aren't always disabled on old forks,
which leads to new PRs opened there. To somewhat mitigate the
issue let's limit the number of PRs Dependabot can create.

It was reported in https://github.com/yuwata/systemd/pull/2#issuecomment-967737195
 2021-11-11 17:20:30 +00:00
Evgeny Vereshchagin
4e296232e4 try to fix a Dependabot error 
```
updater | ERROR <job_232492775> Error processing actions/checkout (RuntimeError)
updater | ERROR <job_232492775> No files changed!
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/vendor/ruby/2.7.0/gems/dependabot-github_actions-0.166.0/lib/dependabot/github_actions/file_updater.rb:28:in `updated_dependency_files'
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/lib/dependabot/updater.rb:676:in `generate_dependency_files_for'
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/lib/dependabot/updater.rb:274:in `check_and_create_pull_request'
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/lib/dependabot/updater.rb:82:in `check_and_create_pr_with_error_handling'
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/lib/dependabot/updater.rb:56:in `block in run'
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/lib/dependabot/updater.rb:56:in `each'
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/lib/dependabot/updater.rb:56:in `run'
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/lib/dependabot/update_files_job.rb:17:in `perform_job'
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/lib/dependabot/base_job.rb:28:in `run'
updater | ERROR <job_232492775> bin/update_files.rb:21:in `<main>`
```
 2021-11-11 16:08:17 +00:00
Evgeny Vereshchagin
3fec0e6cbf ci: pin some workflows to SHAs 
to let Dependabot keep track of them using SHAs

codeql-actions doesn't point to SHAs because it isn't clear
whether Dependabot supports their release cycle mentioned
at https://github.com/github/codeql-action/issues/307
 2021-11-11 10:32:02 +00:00
Evgeny Vereshchagin
5570313421 ci: pin labeler 
Turns out GHActions where `pull_request_target` is used are capable
of pwning repositories: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/

labeler doesn't check out the source code or build anything so
it's safe in its current form but to avoid surprises let's just pin
it to the latest version. It's annoying to manage dependencies like this
manually so additionally dependabot.yml is introduced to make it
easier to keep GHActions up to date more or less automatically:
https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot
 2021-11-11 10:19:06 +00:00
Evgeny Vereshchagin
33796123bc ci: run codeql-analysis daily 
https://github.com/github/codeql-action

Apparently to judge from a couple of warnings I haven't seen
before it's a bit different from LGTM.
 2021-11-12 15:47:15 +00:00
Frantisek Sumsal
8b212f3596 ci: take CIFuzz's matrix into consideration 
Otherwise the jobs will try to cancel each other out.

Follow-up to 3884837610.
 2021-11-10 20:44:24 +00:00
Frantisek Sumsal
3884837610 ci: cancel previous jobs on ref update 
Let's save the environment (and reduce the number of jobs in GH Actions
queues) by cancelling old jobs on a ref update (force push).

See: https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions#concurrency
 2021-11-10 17:15:35 +01:00
Frantisek Sumsal
46573ee131 ci: fix indentation 2021-11-10 17:15:35 +01:00
Frantisek Sumsal
b8c94ee372 Revert "CI: run GCC unit test job on push to main" 
This reverts commit c1036042f5.

Follow-up to 0ad536c16a.
 2021-11-10 17:15:35 +01:00
Michal Koutný
7a0895c2eb Revert "CI: disable opensuse mkosi CI" 
This reverts commit ab6df52083.

The image build failed during kernel RPM installation (bug in %post
scriptlet). This has been fixed in the package suse-module-tools 16.0.13
[1]. The fix is in openSUSE Tumbleweed repos so the tests can be enabled
again.

[1] https://github.com/openSUSE/suse-module-tools/pull/53

Fixes: #21019
 2021-11-09 10:57:03 +00:00
Luca Boccassi
0ad536c16a CI: disable code coverage in GH Action 
It is now ran on the nightly CentOS build, so that it can cover
integration tests too, and not just unit tests. It's nightly as
it considerably increases the integration test runtime, so it's
not appropriate for all PRs.
 2021-10-21 00:10:52 +01:00
Daan De Meyer
ab6df52083 CI: disable opensuse mkosi CI 
Until https://github.com/systemd/systemd/issues/21019 is fixed,
there's no point in running the opensuse CI job so let's disable
it for now.
 2021-10-19 17:21:29 +01:00
Frantisek Sumsal
1c71302f70 ci: use the system llvm-11 package on Focal 
ATTOW llvm-11 got into focal-updates, which conflicts with llvm-11
provided by the apt.llvm.org repositories. Let's use the system
llvm package if available in such cases to avoid that.
 2021-10-12 08:17:56 +02:00
Zbigniew Jędrzejewski-Szmek
186b9041ae ci: use LGPLv2+ for all our ci configuration 2021-10-01 14:45:00 +02:00
Zbigniew Jędrzejewski-Szmek
43d6fcc09f github: use the same headers on yaml files 
Also adjust the mention of location of mkosi files,
follow-up for d55ad7fe96.
 2021-10-01 14:45:00 +02:00
Zbigniew Jędrzejewski-Szmek
d8aaa71699 licensing: say that our github docs are LGPLv2.1+ 
This mirros what 0aff7b7584 did for docs/.
 2021-10-01 14:45:00 +02:00
Frantisek Sumsal
1c46b3c24d ci: introduce Super-Linter for shell scripts 
See: https://github.com/marketplace/actions/super-linter
 2021-09-30 12:27:08 +02:00
Frantisek Sumsal
8370da9ea6 ci: shellcheck-ify CI scripts 2021-09-29 22:24:12 +02:00
Yu Watanabe
6d350f7d82 Revert "CI: run unit tests in a network namespace" 
This reverts commit 8b036b223a.
 2021-09-29 20:50:37 +09:00
Luca Boccassi
c1036042f5 CI: run GCC unit test job on push to main 
Allows to get coverage data on coveralls.io
 2021-09-29 14:10:42 +03:00
Luca Boccassi
3bf94dac91 CI: do manpages build only on the clang unit test run 
It's slow and unaffected by compiler/flags, so no point in repeating it
 2021-09-27 12:24:48 +01:00
Luca Boccassi
1f1d48f96e CI: add code coverage reports via lcov and coveralls.io 2021-09-27 12:22:22 +01:00
Luca Boccassi
8b036b223a CI: run unit tests in a network namespace 
It seems some of the tests break network connectivity on the host,
as the code coverage upload fails to establish a connection.
Run them in a network namespace with 'unshare -n'.
 2021-09-27 12:22:22 +01:00
Daan De Meyer
7e99216c1d mkosi: Fix CI 
\#20629 moved the mkosi configs to mkosi.default.d/ so we were building
for the host distro (Ubuntu) in each CI configuration. To fix it, we
write the distro we want to test to a mkosi.default file and mkosi
will apply the other necessary configs automatically from mkosi.default.d/<distro>

This commit also removes unnecessary CLI options that are already handled
by the config files.
 2021-09-21 17:39:00 +01:00
Frantisek Sumsal
bd8ea741a4 ci: build with clang-13 
Also, drop clang-10 builds to conserve resources.
 2021-09-14 19:06:01 +02:00
Michal Koutný
3ec4fccb37 ci: Add openSUSE Tumbleweed among tested distros 2021-08-04 11:16:48 +02:00
Michal Koutný
7e5e604393 ci: Detect shell prompt with higher specificity 
The current pattern '#' triggers on the openSUSE kernel version that is
printed early during boot when no actual prompt is ready
> [    0.000000] Linux version 5.12.10-1-default (geeko@buildhost) (gcc (SUSE Linux) 11.1.1 20210510 [revision 23855a176609fe8dda6abaf2b21846b4517966eb], GNU ld (GNU Binutils; openSUSE Tumbleweed) 2.36.1.20210326-4) #1 SMP Fri Jun 11 05:05:06 UTC 2021 (b92eaf7)

Instead wait for pattern that: a) should have fewer false positives, b)
still be with working on distro shells:

openSUSE (red color)
^[[1m^[[31mimage:~ #^[[m^O

arch
[root@image ~]#

debian
root@image:~#

ubuntu
root@image:~#

fedora
[root@image ~]#
 2021-08-04 11:16:48 +02:00
Michal Koutný
2e9055ab6a ci: Do not require network in test images 
The current boot test relies on terminal login, therefore network setup
inside image is unnecessary. This opens up possibility to test images
that don't support the network setup via veth devices.
 2021-08-04 11:16:48 +02:00
Michal Koutný
7c87fb219e ci: Bump mkosi version to v10 
Use mkosi GH action that includes fixes for openSUSE builds. This
enables testing openSUSE builds in CI.
 2021-08-04 11:16:48 +02:00
Frantisek Sumsal
df4161d878 Revert "ci: work around #19442 to make CI happy again" 
The fix/workaround from #18851 should, hopefully, make this redundant.

This reverts commit 48a3cf58d5.
 2021-06-18 14:51:33 +01:00
Luca Boccassi
f144f6faa9
Merge pull request #19669 from mrc0mmand/ci-mkosi-arch 
ci: work around #19442 to make CI happy again
 2021-05-20 10:14:30 +01:00
Luca Boccassi
2d4efd1dba build tests: check that Github pages can be built successfully 2021-05-19 23:25:34 +02:00
Frantisek Sumsal
27b4d60678 ci: skip root tty login 
We use the `autologin` mkosi option (see
mkosi.default.d/10-systemd.conf), so the pexpect root login throws
a (harmless) error:

```
Arch Linux (built from systemd tree)
Kernel 5.4.0-1047-azure on an x86_64 (console)

image login: root (automatic login)

root
root
[root@image ~]# systemctl poweroff
root
-bash: root: command not found
[root@image ~]# systemctl poweroff
```
 2021-05-19 23:07:25 +02:00
Frantisek Sumsal
715a273b10 ci: show image summary 2021-05-19 23:07:25 +02:00
Frantisek Sumsal
48a3cf58d5 ci: work around #19442 to make CI happy again 
Let's introduce a somewhat ugly workaround for #19442 and retry
the systemd-nspawn image boot test up to three times in case it dies
with the dissect timeout. Since this issue occurs only in the Arch job,
limit the workaround to this job only.
 2021-05-19 23:07:19 +02:00
Zbigniew Jędrzejewski-Szmek
392ed18542 ci: drop py2 lxml, pull in jinja2 2021-05-19 10:25:26 +09:00
Frantisek Sumsal
35a48d4b9a ci: build with gcc-11 as well 
Focal builds for gcc-11 are finally available, so let's put them into
some use.
 2021-05-16 21:28:04 +01:00
Frantisek Sumsal
c191e09230 ci: cover standalone/static binaries in build test 2021-05-06 11:52:58 +09:00
Zbigniew Jędrzejewski-Szmek
b240c08d09 docs: link to stable releases in the bug template 
Also, ask people to use a recent stable release and provide useful version information.
Inspired by #19118.
 2021-03-25 20:38:45 +00:00
Frantisek Sumsal
d227b6a7c0 ci: build an upstream version of systemd-nspawn 
Ubuntu's systemd-nspawn doesn't support faccessat2() syscall, which is
required, since current Arch's glibc implements faccessat() via
faccessat2().
 2021-02-26 17:06:25 +01:00
Frantisek Sumsal
b12dba35d1 Revert "ci: temporarily pin Arch repositories to glibc 2.32-5" 
This reverts commit 67c972c610.
 2021-02-26 16:46:35 +01:00
Evgeny Vereshchagin
8e32f20d13 Revert "ci: switch back to meson-0.56.2" 
This reverts commit c39e36203f.

Now that meson-0.57.1 (where https://github.com/mesonbuild/meson/issues/8347
is fixed) is out it should be safe to keep rolling forward.
 2021-02-20 20:20:04 +01:00
Jameer Pathan
63f48ab3fa GH Actions: Fix labeler bot 2021-02-19 14:51:59 +09:00
Frantisek Sumsal
98f6d5769f ci: enable DNS over TLS using OpenSSL in the build test 
Prompted by:
    * https://github.com/systemd/systemd/pull/18641#issuecomment-780371055
    * https://github.com/systemd/systemd/issues/18639
 2021-02-17 16:41:23 +01:00
Evgeny Vereshchagin
c39e36203f ci: switch back to meson-0.56.2 
It seems there is another meson (0.57.0) regression preventing clang from
building systemd with --optimization=3 -Db_lto=true

By analogy with https://github.com/google/oss-fuzz/pull/5199 let's just switch
to 0.56.2 for the time being
 2021-02-15 15:38:27 +09:00
Lennart Poettering
8dfc2beb57 github: expressly ask for logs in github issue template 
Apparently it's not obvious that logs are a good thing to provide, hence
let's explicitly ask for them.
 2021-02-10 14:43:16 +01:00
Luca Boccassi
0f15cb2243
Merge pull request #18470 from mrc0mmand/ci-clang-12 
ci: run build test with clang-12 as well
 2021-02-09 13:06:40 +00:00
Frantisek Sumsal
67c972c610 ci: temporarily pin Arch repositories to glibc 2.32-5 
glibc 2.33-3 shipped on 2021-02-06 breaks running Arch containers on
systems with older kernels (like Ubuntu Focal). Until the issue is
resolved, let's pin the Arch repositories to glibc 2.32-5 to mitigate
the annoying CI fails.

See: https://bugs.archlinux.org/task/69563
 2021-02-09 13:57:28 +01:00
Lennart Poettering
5055b51ee1 github: ask for systemd version in RFE form 
It happens too often that what people ask for already is implemented.
Let's help cut the noise a bit, and make people check things first
hopefully, and at least make it either for us to detect such cases.
 2021-02-05 23:42:47 +00:00
Frantisek Sumsal
19db2f4258 ci: run build test with clang-12 as well 
Ubuntu repositories for clang 12 are finally up, so let's use it
in our CI.
 2021-02-04 15:54:14 +01:00
Frantisek Sumsal
54cf684f5f ci: use the recommended meson syntax 
See: docs/HACKING.md
 2021-01-25 16:01:56 +01:00
Frantisek Sumsal
753803a66c ci: drop an unnecessary sudo 2021-01-25 15:49:27 +01:00
Frantisek Sumsal
c0c6809663 ci: make the script names a bit more consistent 2021-01-25 15:45:36 +01:00
Evgeny Vereshchagin
9b25429cb4 GH Actions: switch to main 
It's just a follow-up to https://github.com/systemd/systemd/issues/16834
 2021-01-21 16:28:02 +01:00
Lennart Poettering
e327382877 markdown: fix comment 
Follow-up for 2d816c9804
 2021-01-19 22:26:35 +01:00
Lennart Poettering
2d816c9804 markdown: suggest backticks around uname -a output 
Fixes: #18238
 2021-01-19 22:24:05 +01:00
Yu Watanabe
cf2423503b time-wait-sync: move time-wait-sync.c -> src/timesync/wait-sync.c 
As wait-online is located under src/network.
 2021-01-19 07:04:19 +09:00
Frantisek Sumsal
e8fd7c9ed4 ci: introduce a watchdog for the sanitized unit test run 2021-01-13 22:32:30 +01:00
Frantisek Sumsal
56a017cb0d ci: optimize the sanitized build under gcc as well 2021-01-13 21:51:44 +01:00
Frantisek Sumsal
b5a9b601c3 ci: drop the unbuffer workaround 
It actually didn't do anything, the issue was somewhere else.
 2021-01-12 22:13:33 +01:00
Frantisek Sumsal
86660d160b ci: move the Coverity job to GitHub Actions 2021-01-11 15:50:25 +01:00
Frantisek Sumsal
0506d05ab2 ci: drop a forgotten empty line 2021-01-11 15:50:25 +01:00
Luca Boccassi
ca0f86d16a ci: do not build with --optimization=1 with Clang 2021-01-10 21:16:38 +00:00
Frantisek Sumsal
a74be22cd6 ci: move Travis CI unit test jobs to GH Actions 2021-01-08 11:36:59 +01:00
Daan De Meyer
6242cda99d Move shared mkosi settings to a single file in mkosi.default.d/ 2021-01-06 12:10:58 +00:00
Daan De Meyer
a869f5aaa4 CI: Update to mkosi github action to v9 2021-01-01 15:30:09 +00:00
Frantisek Sumsal
a3abdea13a github: add the missing tpm2 optional dependency 2020-12-20 22:27:36 +01:00
Luca Boccassi
d9107e16f2 Add more matching rules to GA labeler bot for subcomponents 2020-12-19 21:56:57 +00:00
Luca Boccassi
d78911e9f7 False positives in GA labeler bot 
Don't automatically match on man/* and **/meson.build, since we change those
files as part of larger changes that we usually don't mark that way
 2020-12-19 21:56:57 +00:00
Jameer Pathan
292420ce4b Add Pull Request Labeler 2020-12-14 09:43:38 +09:00
Daan De Meyer
448d3462b0 CI: Add mkosi boot tests 
Using the new mkosi Github Action, we can add some simple boot tests
for the systemd mkosi configs. This makes sure these keep working
as expected.
 2020-12-04 22:24:12 +00:00
Yu Watanabe
85a03fda7d ci: also set -Dfuzz-tests=true if -Dslow-tests=true 2020-11-13 18:15:41 +09:00
Frantisek Sumsal
5310fc624e ci: add the libfido2 dependency for better coverage 2020-10-21 16:28:22 +02:00
Frantisek Sumsal
0273f6e7f2 ci: build with clang-11 as well 
The LLVM nightly repositories now have a separate branch for clang-11,
so let's build with it as well.
 2020-10-21 16:24:01 +02:00
Frantisek Sumsal
f1150eddf6 ci: bump the 'build test' image to Ubuntu Focal 2020-10-21 16:23:59 +02:00
Lennart Poettering
278c13431b github: ask for arch+kernel in bug report form 
Quite often we see kernel and arch specific issues, let's ask for the
version right-away when people file the issue.

Other tweaks.
 2020-10-02 12:38:28 +02:00
Evgeny Vereshchagin
d3e0662c7d Revert "ci: turn off the "upstream-systemd-ci" ppa" 
This reverts commit d4ff79bbe1.
 2020-07-15 08:59:25 +02:00
Evgeny Vereshchagin
d4ff79bbe1 ci: turn off the "upstream-systemd-ci" ppa 
Judging by https://launchpad.net/~upstream-systemd-ci/+archive/ubuntu/systemd-ci/+packages,
it got updated about 15 hours ago and the "build check" action has been
failing with
```
The following packages have unmet dependencies:
 kbd : Depends: console-setup but it is not going to be installed or
E: Unable to correct problems, you have held broken packages.
                console-setup-mini but it is not going to be installed
```
since then
 2020-07-14 21:35:33 +03:00
Evgeny Vereshchagin
e6175fbe45 ci: pass -Werror using CFLAGS 
Judging by https://github.com/systemd/systemd/issues/16224, it seems
`--werror` doesn't work with `-Db_lto=true`
 2020-06-22 12:15:08 +09:00
Evgeny Vereshchagin
a2c7035976 cifuzz: build fuzz target with UBsan and MSan as well 2020-06-12 10:17:57 +02:00
Frantisek Sumsal
86a23f38ab ci: tweak the dependency installation 2020-06-11 16:11:26 +02:00
Frantisek Sumsal
3d0a45d5da ci: tweak the compilation options 
Build each build with tests (slow tests and fuzzer tests as well), and
combine the LTO build with -O3.
 2020-06-11 16:11:19 +02:00
Frantisek Sumsal
4e1a13db89 ci: move the build check script to workflows directory 2020-06-11 14:17:40 +02:00
Frantisek Sumsal
0664249ffc ci: do the compiler-detection magic in the test script 
so we have all PPA definitions at one place.
 2020-06-11 14:17:37 +02:00
Frantisek Sumsal
aab86b12dd github: move the clang/gcc build check to GH Actions 
Travis CI is getting overloaded, so let's move some load over to GitHub
Actions.
 2020-06-11 12:15:02 +02:00
Frantisek Sumsal
48c6399ad8 github: rename CIFuzz workflow file to cifuzz.yml 2020-06-11 10:22:09 +02:00
Lennart Poettering
c85b6ff1b2 docs: point contributors to list of most recent systemd releases 
Fixes: #16083
 2020-06-10 10:30:02 +02:00
Evgeny Vereshchagin
82d7a25ee6 cifuzz: protect forks from CIFuzz 
CIFuzz isn't compatible with forks: https://github.com/google/oss-fuzz/issues/3731
 2020-05-19 08:12:07 +02:00
Evgeny Vereshchagin
4b129fba30 cifuzz: set allowed-broken-targets-percentage to 0 2020-05-14 10:33:54 +02:00
Frantisek Sumsal
a114ab6373 cifuzz: fuzz the master branch on push 
Apart from running CIFuzz for each relevant PR, let's run it
unconditionally for each push to master to detect possible issues
(caused by ignored PRs, etc.).

Followup to 94f660a8fe.
 2020-05-08 21:30:19 +03:00
Frantisek Sumsal
94f660a8fe cifuzz: run only for relevant PRs 
Fuzz only PRs with relevant changes (source code and fuzzer corpora) to
save resources.
 2020-05-08 20:58:11 +03:00
Evgeny Vereshchagin
9494b39dac cifuzz: upload artifacts only when the "run fuzzers" step fails 2020-05-02 11:20:30 +02:00
Frantisek Sumsal
3b4ea094e2 ci: introduce CIFuzz 
Per-PR fuzzing provided by OSS-Fuzz using GH workflows.

See: https://google.github.io/oss-fuzz/getting-started/continuous-integration/
 2020-04-24 14:06:21 +03:00
Zbigniew Jędrzejewski-Szmek
c450335bf7 github: remove direct paypal link 
Fixes #14786. I think it is enough if we provide the link to
SPI which sports a prominent paypal link too.
 2020-02-05 21:29:34 +09:00
Lennart Poettering
90d81ee966 github: use systemd.io links in issue template 2019-12-16 09:49:51 +01:00
Zbigniew Jędrzejewski-Szmek
ab14b802b4
FUNDING: this needs to be yaml 2019-07-08 16:55:31 +02:00
Zbigniew Jędrzejewski-Szmek
3a54c53c3c Create FUNDING.yml 2019-07-08 16:02:45 +02:00
Filipe Brandenburger
c2beadcd34 docs: move markdown docs from .github/ to docs/ 
The GitHub guide on contributing file says: "Decide whether to store your
contributing guidelines in your repository's root, docs, or .github directory."

https://help.github.com/articles/setting-guidelines-for-repository-contributors/#adding-a-contributing-file

But there's really no advantage to keeping it in the hidden .github/, since
these are public and really belong together with the other documentation.

We can still keep the issue templates under .github/, since they are not really
documentation on their own.

Updated the links pointing to CONTRIBUTING.md to refer to the one in docs/.
 2018-09-08 13:39:03 -07:00
Filipe Brandenburger
9e825ebf4f docs: move doc/ to docs/ 
The docs/ directory is special in GitHub, since it can be used to serve GitHub
Pages from, so there's a benefit to switching to it in order to expose it
directly as a website.

Updated references to it from the documentations themselves, from the
CONTRIBUTING.md file and from Meson build files.
 2018-09-08 13:39:03 -07:00
Zbigniew Jędrzejewski-Szmek
99f0d70da9 github: use multiple issue templates 
Github now has issue templates in the web interface, and allows
more than one to be specified. Let's split our single template
in two: bug report and RFE.
 2018-05-10 07:58:38 -07:00
Lennart Poettering
f09eb7688e doc: add a new doc/ directory, and move two markdown docs into them 
I figure sooneror later we'll have more of these docs, hence let's give
them a clean place to be.

This leaves NEWS and README/README.md as well as the LICENSE texts in
the root directory of the project since that appears to be customary for
Free Software projects.
 2018-02-27 19:59:09 +01:00
longersson
fc696d52b9 Docs: Fix spelling and capitalization (#7408) 2017-11-21 14:37:16 +01:00
Michael Biebl
91b8082096 CONTRIBUTING: stop mentioning "make check" 
Since the switch to meson this information is no longer valid. HACKING already documents how to run the test suite.

See #6642
 2017-08-21 09:47:07 +02:00
Lukáš Nykrýn
75d96e22d2 github: how to report bugs for older distribution versions (#6146) 2017-06-20 20:20:25 +02:00
Lennart Poettering
b1e98c643c github: tweak the issue template a bit more 2017-06-19 12:15:44 +02:00
Lennart Poettering
43311625a0 github: tweak the issue template a bit, comment more 2017-06-19 12:13:28 +02:00
Mantas Mikulėnas
582c53d785
github: comment out submitter note in ISSUE_TEMPLATE 
It's for the person filling in the form, not for people reading it later.
 2017-05-22 16:07:28 +03:00
Mantas Mikulėnas
52c2abed4b
github: remove checkboxes from ISSUE_TEMPLATE 
The issue list page thinks those are in fact todo items.
 2017-05-22 16:06:50 +03:00
AsciiWolf
dc6c3de1b6 docs: use https in the mailing list url 2017-03-07 12:33:51 -03:00
Zbigniew Jędrzejewski-Szmek
c2205a0d4f docs: add a note about reporting security vulns (#5541) 
We *do* have the occasional security issue, where it would be nice to have
non-public disclosure and time to fix the issue before it's fully public. Our
github infrastracture does not make it easy to report vulnerabilities in
confidential manner, so let's leverage the distro mechanisms for that. I
think we're better off with this solution than leaving it up to individual
reporters to discover some mechanism on their own.
 2017-03-07 14:33:27 +01:00
Zbigniew Jędrzejewski-Szmek
b0828828bb CONTRIBUTING: reword the part about unsetting the label (#4716) 
Only project members can do it.
 2016-11-23 08:52:19 +01:00
Lennart Poettering
e4a3e122b2 documentation: add a short document describing how to test your systemd build tree (#3763) 2016-07-20 22:15:54 -04:00
Zbigniew Jędrzejewski-Szmek
d11343ac79 Add RELEASE.md file which lists the steps needed for release 
I put it in .github, so it doesn't stand out too much; after all
it's not interesting to most people.
 2016-06-12 22:23:57 -04:00
Zbigniew Jędrzejewski-Szmek
476ef627af CONTRIBUTING: ask people to comment after after force-push 2016-06-12 22:21:49 -04:00
Zbigniew Jędrzejewski-Szmek
945c6e7cc0 CONTRIBUTING: remove line wrapping 
GitHub displays this file poorly, because it preserves the newlines.
Let's try how things look without any wrapping.
 2016-06-12 22:21:49 -04:00
Zbigniew Jędrzejewski-Szmek
a87c45a84b CONTRIBUTING: recommend force-push (#3273) 2016-05-16 21:44:35 +02:00
daurnimator
7f4394d2fe .github/ISSUE_TEMPLATE: Use a list for submission type so that it appears as a checkbox 2016-02-26 09:54:30 +11:00
Lennart Poettering
67b56fb29e github: add a basic issue template 
As documented here:

https://help.github.com/articles/creating-an-issue-template-for-your-repository/
 2016-02-21 21:15:17 +01:00
Lennart Poettering
67bf157f38 github: move CONTRIBUTING.md into .github subdirectory 
As suggested by:

https://github.com/blog/2111-issue-and-pull-request-templates
 2016-02-21 21:05:02 +01:00