diff --git a/.github/workflows/build_test.sh b/.github/workflows/build_test.sh index bdcb71ba9c0..57df14e2fc1 100755 --- a/.github/workflows/build_test.sh +++ b/.github/workflows/build_test.sh @@ -75,7 +75,7 @@ if [[ "$COMPILER" == clang ]]; then # Following snippet was borrowed from https://apt.llvm.org/llvm.sh wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - add-apt-repository -y "deb http://apt.llvm.org/$RELEASE/ llvm-toolchain-$RELEASE-$COMPILER_VERSION main" - PACKAGES+=(clang-$COMPILER_VERSION lldb-$COMPILER_VERSION lld-$COMPILER_VERSION clangd-$COMPILER_VERSION) + PACKAGES+=("clang-$COMPILER_VERSION" "lldb-$COMPILER_VERSION" "lld-$COMPILER_VERSION" "clangd-$COMPILER_VERSION") elif [[ "$COMPILER" == gcc ]]; then CC="gcc-$COMPILER_VERSION" CXX="g++-$COMPILER_VERSION" @@ -83,7 +83,7 @@ elif [[ "$COMPILER" == gcc ]]; then # Latest gcc stack deb packages provided by # https://launchpad.net/~ubuntu-toolchain-r/+archive/ubuntu/test add-apt-repository -y ppa:ubuntu-toolchain-r/test - PACKAGES+=(gcc-$COMPILER_VERSION) + PACKAGES+=("gcc-$COMPILER_VERSION") else fatal "Unknown compiler: $COMPILER" fi @@ -108,6 +108,7 @@ for args in "${ARGS[@]}"; do SECONDS=0 info "Checking build with $args" + # shellcheck disable=SC2086 if ! AR="$AR" CC="$CC" CXX="$CXX" CFLAGS="-Werror" CXXFLAGS="-Werror" meson -Dtests=unsafe -Dslow-tests=true -Dfuzz-tests=true --werror $args build; then fatal "meson failed with $args" fi diff --git a/.github/workflows/unit_tests.sh b/.github/workflows/unit_tests.sh index 17e73f1856c..bc5050fd1ca 100755 --- a/.github/workflows/unit_tests.sh +++ b/.github/workflows/unit_tests.sh @@ -1,5 +1,6 @@ #!/bin/bash +# shellcheck disable=SC2206 PHASES=(${@:-SETUP RUN RUN_ASAN_UBSAN CLEANUP}) RELEASE="$(lsb_release -cs)" ADDITIONAL_DEPS=( diff --git a/.semaphore/semaphore-runner.sh b/.semaphore/semaphore-runner.sh index e7dbcb2ac1a..a0a4153cde7 100755 --- a/.semaphore/semaphore-runner.sh +++ b/.semaphore/semaphore-runner.sh @@ -1,17 +1,19 @@ #!/bin/bash set -eux +set -o pipefail # default to Debian testing -DISTRO=${DISTRO:-debian} -RELEASE=${RELEASE:-bullseye} -BRANCH=${BRANCH:-upstream-ci} -ARCH=${ARCH:-amd64} -CONTAINER=${RELEASE}-${ARCH} -CACHE_DIR=${SEMAPHORE_CACHE_DIR:=/tmp} +DISTRO="${DISTRO:-debian}" +RELEASE="${RELEASE:-bullseye}" +BRANCH="${BRANCH:-upstream-ci}" +ARCH="${ARCH:-amd64}" +CONTAINER="${RELEASE}-${ARCH}" +CACHE_DIR="${SEMAPHORE_CACHE_DIR:-/tmp}" AUTOPKGTEST_DIR="${CACHE_DIR}/autopkgtest" # semaphore cannot expose these, but useful for interactive/local runs ARTIFACTS_DIR=/tmp/artifacts +# shellcheck disable=SC2206 PHASES=(${@:-SETUP RUN}) UBUNTU_RELEASE="$(lsb_release -cs)" @@ -20,18 +22,18 @@ create_container() { # GPG key from keyserver", so retry a few times with different keyservers. for keyserver in "" "keys.gnupg.net" "keys.openpgp.org" "keyserver.ubuntu.com"; do for retry in {1..5}; do - sudo lxc-create -n $CONTAINER -t download -- -d $DISTRO -r $RELEASE -a $ARCH ${keyserver:+--keyserver "$keyserver"} && break 2 + sudo lxc-create -n "$CONTAINER" -t download -- -d "$DISTRO" -r "$RELEASE" -a "$ARCH" ${keyserver:+--keyserver "$keyserver"} && break 2 sleep $((retry*retry)) done done # unconfine the container, otherwise some tests fail - echo 'lxc.apparmor.profile = unconfined' | sudo tee -a /var/lib/lxc/$CONTAINER/config + echo 'lxc.apparmor.profile = unconfined' | sudo tee -a "/var/lib/lxc/$CONTAINER/config" - sudo lxc-start -n $CONTAINER + sudo lxc-start -n "$CONTAINER" # enable source repositories so that apt-get build-dep works - sudo lxc-attach -n $CONTAINER -- sh -ex <> /etc/apt/sources.list.d/sources.list # wait until online while [ -z "\$(ip route list 0/0)" ]; do sleep 1; done @@ -44,11 +46,11 @@ apt-get purge --auto-remove -y unattended-upgrades systemctl unmask systemd-networkd systemctl enable systemd-networkd EOF - sudo lxc-stop -n $CONTAINER + sudo lxc-stop -n "$CONTAINER" } for phase in "${PHASES[@]}"; do - case $phase in + case "$phase" in SETUP) # remove semaphore repos, some of them don't work and cause error messages sudo rm -f /etc/apt/sources.list.d/* @@ -59,17 +61,17 @@ for phase in "${PHASES[@]}"; do sudo apt-get install -y -t "$UBUNTU_RELEASE-backports" lxc sudo apt-get install -y python3-debian git dpkg-dev fakeroot python3-jinja2 - [ -d $AUTOPKGTEST_DIR ] || git clone --quiet --depth=1 https://salsa.debian.org/ci-team/autopkgtest.git "$AUTOPKGTEST_DIR" + [ -d "$AUTOPKGTEST_DIR" ] || git clone --quiet --depth=1 https://salsa.debian.org/ci-team/autopkgtest.git "$AUTOPKGTEST_DIR" create_container ;; RUN) # add current debian/ packaging - git fetch --depth=1 https://salsa.debian.org/systemd-team/systemd.git $BRANCH + git fetch --depth=1 https://salsa.debian.org/systemd-team/systemd.git "$BRANCH" git checkout FETCH_HEAD debian # craft changelog - UPSTREAM_VER=$(git describe | sed 's/^v//;s/-/./g') + UPSTREAM_VER="$(git describe | sed 's/^v//;s/-/./g')" cat << EOF > debian/changelog.new systemd (${UPSTREAM_VER}.0) UNRELEASED; urgency=low @@ -78,7 +80,7 @@ systemd (${UPSTREAM_VER}.0) UNRELEASED; urgency=low -- systemd test $(date -R) EOF - cat debian/changelog >> debian/changelog.new + cat debian/changelog >>debian/changelog.new mv debian/changelog.new debian/changelog # clean out patches @@ -91,15 +93,15 @@ EOF echo '1.0' > debian/source/format # build source package - dpkg-buildpackage -S -I -I$(basename "$CACHE_DIR") -d -us -uc -nc + dpkg-buildpackage -S -I -I"$(basename "$CACHE_DIR")" -d -us -uc -nc # now build the package and run the tests rm -rf "$ARTIFACTS_DIR" # autopkgtest exits with 2 for "some tests skipped", accept that - $AUTOPKGTEST_DIR/runner/autopkgtest --env DEB_BUILD_OPTIONS=noudeb \ - --env TEST_UPSTREAM=1 ../systemd_*.dsc \ - -o "$ARTIFACTS_DIR" \ - -- lxc -s $CONTAINER \ + "$AUTOPKGTEST_DIR/runner/autopkgtest" --env DEB_BUILD_OPTIONS=noudeb \ + --env TEST_UPSTREAM=1 ../systemd_*.dsc \ + -o "$ARTIFACTS_DIR" \ + -- lxc -s "$CONTAINER" \ || [ $? -eq 2 ] ;; *) diff --git a/coccinelle/run-coccinelle.sh b/coccinelle/run-coccinelle.sh index d1af412acce..e7a6d51f499 100755 --- a/coccinelle/run-coccinelle.sh +++ b/coccinelle/run-coccinelle.sh @@ -10,19 +10,20 @@ EXCLUDED_PATHS=( "src/libsystemd/sd-journal/lookup3.c" ) -top="$(git rev-parse --show-toplevel)" -args= +TOP_DIR="$(git rev-parse --show-toplevel)" +ARGS=() # Create an array from files tracked by git... -mapfile -t files < <(git ls-files ':/*.[ch]') +mapfile -t FILES < <(git ls-files ':/*.[ch]') # ...and filter everything that matches patterns from EXCLUDED_PATHS for excl in "${EXCLUDED_PATHS[@]}"; do - files=(${files[@]//$excl}) + # shellcheck disable=SC2206 + FILES=(${FILES[@]//$excl}) done case "$1" in -i) - args="$args --in-place" + ARGS+=(--in-place) shift ;; esac @@ -32,12 +33,14 @@ if ! parallel -h >/dev/null; then exit 1 fi -for SCRIPT in ${@-$top/coccinelle/*.cocci}; do - echo "--x-- Processing $SCRIPT --x--" - TMPFILE=`mktemp` - echo "+ spatch --sp-file $SCRIPT $args ..." +[[ ${#@} -ne 0 ]] && SCRIPTS=("$@") || SCRIPTS=("$TOP_DIR"/coccinelle/*.cocci) + +for script in "${SCRIPTS[@]}"; do + echo "--x-- Processing $script --x--" + TMPFILE="$(mktemp)" + echo "+ spatch --sp-file $script ${ARGS[*]} ..." parallel --halt now,fail=1 --keep-order --noswap --max-args=20 \ - spatch --macro-file="$top/coccinelle/macros.h" --sp-file $SCRIPT $args ::: "${files[@]}" \ + spatch --macro-file="$TOP_DIR/coccinelle/macros.h" --sp-file "$script" "${ARGS[@]}" ::: "${FILES[@]}" \ 2>"$TMPFILE" || cat "$TMPFILE" - echo -e "--x-- Processed $SCRIPT --x--\n" + echo -e "--x-- Processed $script --x--\n" done