Merge pull request #23465 from mrc0mmand/bump-actions-to-ubuntu-2204

ci: bump GH Actions to Ubuntu Jammy where applicable
2025-03-09 12:58:26 +03:00 · 2022-05-22 02:29:59 +01:00 · 2022-05-22 02:29:59 +01:00 · a17ebc687b
commit a17ebc687b
parent ae00bafdf8 6c0259e502
9 changed files with 20 additions and 13 deletions
--- a/.github/workflows/build_test.sh
+++ b/.github/workflows/build_test.sh
@ -76,17 +76,16 @@ if [[ "$COMPILER" == clang ]]; then
    CXX="clang++-$COMPILER_VERSION"
    AR="llvm-ar-$COMPILER_VERSION"

-    # ATTOW llvm-11 got into focal-updates, which conflicts with llvm-11
-    # provided by the apt.llvm.org repositories. Let's use the system
-    # llvm package if available in such cases to avoid that.
+    # Prefer the distro version if available
    if ! apt install --dry-run "llvm-$COMPILER_VERSION" >/dev/null; then
        # Latest LLVM stack deb packages provided by https://apt.llvm.org/
        # Following snippet was partly borrowed from https://apt.llvm.org/llvm.sh
        wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | gpg --yes --dearmor --output /usr/share/keyrings/apt-llvm-org.gpg
        printf "deb [signed-by=/usr/share/keyrings/apt-llvm-org.gpg] http://apt.llvm.org/%s/   llvm-toolchain-%s-%s  main\n" \
               "$RELEASE" "$RELEASE" "$COMPILER_VERSION" >/etc/apt/sources.list.d/llvm-toolchain.list
-        PACKAGES+=("clang-$COMPILER_VERSION" "lldb-$COMPILER_VERSION" "lld-$COMPILER_VERSION" "clangd-$COMPILER_VERSION")
    fi
+
+    PACKAGES+=("clang-$COMPILER_VERSION" "lldb-$COMPILER_VERSION" "lld-$COMPILER_VERSION" "clangd-$COMPILER_VERSION")
 elif [[ "$COMPILER" == gcc ]]; then
    CC="gcc-$COMPILER_VERSION"
    CXX="g++-$COMPILER_VERSION"
--- a/.github/workflows/build_test.yml
+++ b/.github/workflows/build_test.yml
@ -17,7 +17,7 @@ permissions:

 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    concurrency:
      group: ${{ github.workflow }}-${{ toJSON(matrix.env) }}-${{ github.ref }}
      cancel-in-progress: true
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@ -25,7 +25,7 @@ permissions:
 jobs:
  analyze:
    name: Analyze
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
    concurrency:
      group: ${{ github.workflow }}-${{ matrix.language }}-${{ github.ref }}
      cancel-in-progress: true
--- a/.github/workflows/coverity.yml
+++ b/.github/workflows/coverity.yml
@ -14,7 +14,7 @@ permissions:

 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    if: github.repository == 'systemd/systemd'
    env:
      COVERITY_SCAN_BRANCH_PATTERN:     "${{ github.ref}}"
--- a/.github/workflows/linter.yml
+++ b/.github/workflows/linter.yml
@ -41,4 +41,10 @@ jobs:
          FILTER_REGEX_EXCLUDE: .*/(man/.*|.*\.(in|SKELETON)|tools/coverity\.sh)$
          VALIDATE_ALL_CODEBASE: false
          VALIDATE_BASH: true
-          VALIDATE_GITHUB_ACTIONS: true
+          # FIXME: temporarily disable validation of GH Action files, since
+          #        the current version of super-linter doesn't recognize
+          #        ubuntu-22.04 as a valid runner specification. This should
+          #        be fixed once https://github.com/github/super-linter/pull/2897
+          #        is merged, which includes
+          #        https://github.com/rhysd/actionlint/commit/09a60b0f5761c2d066def294e541c25a89756eea
+          #VALIDATE_GITHUB_ACTIONS: true
--- a/.github/workflows/mkosi.yml
+++ b/.github/workflows/mkosi.yml
@ -24,7 +24,7 @@ env:

 jobs:
  ci:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
    concurrency:
      group: ${{ github.workflow }}-${{ matrix.distro }}-${{ matrix.release }}-${{ github.ref }}
      cancel-in-progress: true
@ -37,7 +37,7 @@ jobs:
          - distro: debian
            release: testing
          - distro: ubuntu
-            release: focal
+            release: jammy
          - distro: fedora
            release: "36"
          - distro: opensuse
--- a/.github/workflows/unit_tests.yml
+++ b/.github/workflows/unit_tests.yml
@ -14,7 +14,7 @@ permissions:

 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    concurrency:
      group: ${{ github.workflow }}-${{ matrix.run_phase }}-${{ matrix.cryptolib }}-${{ github.ref }}
      cancel-in-progress: true
--- a/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-fido2.c
+++ b/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-fido2.c
@ -39,7 +39,8 @@ _public_ int cryptsetup_token_open_pin(

        /* This must not fail at this moment (internal error) */
        r = crypt_token_json_get(cd, token, &json);
-        assert(token == r);
+        /* Use assert_se() here to avoid emitting warning with -DNDEBUG */
+        assert_se(token == r);
        assert(json);

        if (pin && memchr(pin, 0, pin_size - 1))
--- a/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-pkcs11.c
+++ b/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-pkcs11.c
@ -38,7 +38,8 @@ _public_ int cryptsetup_token_open_pin(

        /* This must not fail at this moment (internal error) */
        r = crypt_token_json_get(cd, token, &json);
-        assert(token == r);
+        /* Use assert_se() here to avoid emitting warning with -DNDEBUG */
+        assert_se(token == r);
        assert(json);

        return acquire_luks2_key(cd, json, usrptr, pin, pin_size, password, password_len);