Jan Janssen
43abc59a27
meson: Use feature options
...
By using meson features we can replace the handcrafted dependency
auto-detection by just passing the value from get_option directly to the
required arg for dependency, find_library etc.
'auto' features make the dependency optional, 'enabled' requires it
while 'disabled' features will skip detection entirely.
Any skipped or not found dependency will just be a no-op when passed to
build steps and therefore we can also skip the creation of empty vars.
The use of skip_deps for these is dropped here as meson provides a way
to disable all optional features in one go by passing
'-Dauto_features=disabled'.
2023-08-23 14:45:02 +02:00
Daan De Meyer
c3e83f09ea
mkosi: Update to v15.1 release
2023-08-15 12:32:39 +02:00
Daan De Meyer
1f035c91bb
mkosi: Update to latest
...
This update introduces the explicit Dependencies= setting, instead
of relying on implicit dependencies via alphanumerical ordering.
We also take the opportunity to rename the "final" preset to the
"system" preset, which seems like a better name.
2023-08-09 18:56:51 +02:00
Jan Macku
97eb826821
ci(lint): exclude .in
files from ShellCheck lint
...
Exclude all `.in` files because they may contain unsupported syntax, and
they have to be preprocessed first. For example:
```sh
Error: SHELLCHECK_WARNING:
./src/rpm/systemd-update-helper.in:130:37: warning[SC1083]: This { is literal. Check expression (missing ;/\n?) or quote it.
```
Related to: https://github.com/systemd/systemd/pull/28521
2023-08-07 19:28:23 +02:00
Daan De Meyer
f2f8ed193c
mkosi: Update to latest
2023-08-04 16:48:58 +02:00
Daan De Meyer
0f4259bcf2
mkosi: Update to latest
...
We modify all our scripts to execute in the image instead of on the
hosts. In the future we can adapt them to run on the host.
2023-08-03 17:03:05 +02:00
dependabot[bot]
f3d812baf7
build(deps): bump systemd/mkosi
...
Bumps [systemd/mkosi](https://github.com/systemd/mkosi ) from 5866c0ff3b36d350c943016e5a3b115f7a95d37f to c6dd95b6eae0386579071cbf44fd838ce28b7237.
- [Release notes](https://github.com/systemd/mkosi/releases )
- [Changelog](https://github.com/systemd/mkosi/blob/main/NEWS.md )
- [Commits](5866c0ff3b...c6dd95b6ea
)
---
updated-dependencies:
- dependency-name: systemd/mkosi
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-08-01 20:27:17 +00:00
dependabot[bot]
1ce2075fde
build(deps): bump actions/labeler from 4.2.0 to 4.3.0
...
Bumps [actions/labeler](https://github.com/actions/labeler ) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/actions/labeler/releases )
- [Commits](0967ca812e...ac9175f8a1
)
---
updated-dependencies:
- dependency-name: actions/labeler
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-08-01 14:18:15 +00:00
dependabot[bot]
8fa2da7ad1
build(deps): bump meson from 1.1.1 to 1.2.0 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/1.1.1...1.2.0 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-08-01 14:16:16 +00:00
dependabot[bot]
d8c7d6d4fe
build(deps): bump github/codeql-action from 2.20.1 to 2.21.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.20.1 to 2.21.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f6e388ebf0...0ba4244466
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-08-01 10:14:58 +00:00
Frantisek Sumsal
c5afbac31b
ci: explicitly install python3-lldb-$COMPILER_VERSION
...
To avoid apt complaining:
+ apt-get -y install clang-15 lldb-15 lld-15 clangd-15
Reading package lists...
Building dependency tree...
Reading state information...
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:
The following packages have unmet dependencies:
python3-lldb-14 : Conflicts: python3-lldb-x.y
python3-lldb-15 : Conflicts: python3-lldb-x.y
E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages.
2023-07-27 13:45:00 +01:00
Luca Boccassi
4cf5b343c9
mkosi: add drop-in to make emergency.service shut down the system
...
When the mkosi CI fails to boot, it just sits there waiting at the emergency
console until the job times out. Add a drop-in for emergency.service in the
CI configuration so that instead it exists immediately.
2023-07-26 14:07:13 +01:00
Frantisek Sumsal
c4b167f857
ci: drop super-linter's shellcheck
...
It's been a while since we introduced Differential ShellCheck and it
proved to be quite useful (and in some ways even better than the shellcheck
run by super-linter). So, to have only one linter scream at us for not
knowing how to write bash properly, let's drop the super-linter's one in
favor of Differential ShellCheck.
Follow-up for https://github.com/systemd/systemd/pull/24328#pullrequestreview-1074127504
2023-07-17 20:12:57 +01:00
Daan De Meyer
5b79e9d7a9
mkosi: Update to latest
...
mkosi now supports CentOS SIGs natively so we drop our own definition
of that and use the mkosi builtin one. We also enable hyperscale for
both CentOS 8 and CentOS 9 for consistency and add epel-next as well
which is a requirement for Hyperscale.
2023-07-14 14:47:45 +02:00
dependabot[bot]
1cdaba52a5
build(deps): bump github/codeql-action from 2.3.5 to 2.20.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.5 to 2.20.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0225834cc5...f6e388ebf0
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-07-01 14:05:22 +00:00
dependabot[bot]
6cc0fd0044
build(deps): bump actions/labeler from 4.0.4 to 4.2.0
...
Bumps [actions/labeler](https://github.com/actions/labeler ) from 4.0.4 to 4.2.0.
- [Release notes](https://github.com/actions/labeler/releases )
- [Commits](0776a67936...0967ca812e
)
---
updated-dependencies:
- dependency-name: actions/labeler
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-07-01 10:37:11 +00:00
dependabot[bot]
a2c9096790
build(deps): bump actions/checkout from 3.5.2 to 3.5.3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e5e7e5ab8...c85c95e3d7
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-07-01 10:36:23 +00:00
dependabot[bot]
479f9f3004
build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](80e868c13c...08b4669551
)
---
updated-dependencies:
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-07-01 10:35:10 +00:00
Daan De Meyer
12ab9ae8c6
mkosi: Update to latest
...
mkosi now prebuilds the hwdb during image build which should hopefully
get rid of the CentOS 8 failures we're seeing in CI.
2023-06-26 14:14:40 +01:00
Daan De Meyer
94c357ca23
mkosi: Update to latest
...
We now run repart before starting systemd-nspawn to make sure that
the root partition is also generated when we boot the image in a
container instead of a VM.
To make sure we start from scratch for both the container boot and
the VM boot, we also enable Ephemeral to make sure all changes to
the image are ephemeral.
2023-06-19 10:30:39 +02:00
Evgeny Vereshchagin
83dda3d28b
ci: drop the "find" kludge
...
meson no longer complains about install_tag
2023-06-16 10:43:06 +09:00
Joyce Brum
2b3211c836
Squashed commit of the following:
...
commit ef2fc83647f69c172c11e0dea318bf6ecf79a4aa
Author: Joyce <joycebrum@google.com>
Date: Wed Jun 14 12:18:23 2023 -0300
Update scorecards.yml
Signed-off-by: Joyce <joycebrum@google.com>
commit c59c05c6ab156b20249e8056d8cbaafbe0c495f8
Merge: 7431a54568 f66d040d95
Author: Joyce <joycebrum@google.com>
Date: Wed Jun 14 10:22:28 2023 -0300
Merge branch 'main' into fix/disable-code-scanning-alerts
commit 7431a54568746a2fa4db1b23e1359984335df41e
Author: Joyce <joycebrum@google.com>
Date: Tue Jun 13 18:15:21 2023 -0300
Remove code scanning alerts scorecards.yml
Signed-off-by: Joyce <joycebrum@google.com>
Signed-off-by: Joyce Brum <joycebrum@google.com>
2023-06-14 20:22:50 +01:00
Joyce
3f2ff79763
Fix scorecard version comment format ( #28027 )
...
* Update scorecards.yml version comments
Signed-off-by: Joyce <joycebrum@google.com>
2023-06-13 22:36:32 +01:00
Daan De Meyer
6aca147f82
mkosi: Remove explicit /testok check
...
vsock should work properly after the latest release of mkosi. But
to make sure it works, let's exit with 123 in case of success and
check for that in Github Actions.
2023-06-13 16:04:10 +02:00
Daan De Meyer
abeecde242
mkosi: Update to latest
...
We update our configuration to replace the removed
RepositoryDirectories= option with the new PackageManagerTrees=
option.
2023-06-13 16:04:08 +02:00
Daan De Meyer
9f89c2d420
mkosi: Update to latest
...
mkosi's match syntax was changed so we update our config files to
use the new match syntax which mimicks the systemd condition syntax.
2023-06-07 15:59:03 +02:00
jonathanmetzman
56595a3730
ci: Report results from CIFuzz using SARIF
...
Upload results from CIFuzz using SARIF.
This will allow CIFuzz to report issues in the security tab.
This is a better UI than having to look through logs.
TODO(google/oss-fuzz#10452 ): Add proper descriptions of UBSAN bugs.
2023-06-05 07:37:34 +02:00
Daan De Meyer
8f9a307fec
Merge pull request #27849 from DaanDeMeyer/sign-pcr
...
mkosi: Sign expected PCRs
2023-06-02 16:16:41 +02:00
Daan De Meyer
a47c48cbb2
mkosi: Only lower device timeout instead of all timeouts
...
We only really care about lowering the device timeout so we get to
a shell faster when the root device doesn't appear so let's only
lower that timeout instead of lowering all default timeouts.
2023-06-02 15:43:28 +02:00
Daan De Meyer
2af9d5dc0e
mkosi: Update to latest
2023-06-02 13:32:53 +02:00
dependabot[bot]
7cd4f577e8
build(deps): bump github/codeql-action from 2.2.9 to 2.3.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.9 to 2.3.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](04df1262e6...0225834cc5
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-01 21:57:36 +08:00
dependabot[bot]
da92fd4612
build(deps): bump meson from 1.1.0 to 1.1.1 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/1.1.0...1.1.1 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-01 21:15:21 +09:00
dependabot[bot]
9a1ac3a019
build(deps): bump redhat-plumbers-in-action/advanced-issue-labeler
...
Bumps [redhat-plumbers-in-action/advanced-issue-labeler](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler ) from 2.0.4 to 2.0.6.
- [Release notes](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler/releases )
- [Commits](25a1e41826...71bcf99aef
)
---
updated-dependencies:
- dependency-name: redhat-plumbers-in-action/advanced-issue-labeler
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-01 12:22:14 +02:00
dependabot[bot]
c9401e6c6d
build(deps): bump actions/labeler from 4.0.3 to 4.0.4
...
Bumps [actions/labeler](https://github.com/actions/labeler ) from 4.0.3 to 4.0.4.
- [Release notes](https://github.com/actions/labeler/releases )
- [Commits](ba790c862c...0776a67936
)
---
updated-dependencies:
- dependency-name: actions/labeler
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-01 12:21:34 +02:00
dependabot[bot]
6138a85d10
build(deps): bump redhat-plumbers-in-action/differential-shellcheck
...
Bumps [redhat-plumbers-in-action/differential-shellcheck](https://github.com/redhat-plumbers-in-action/differential-shellcheck ) from 4.0.2 to 4.2.2.
- [Release notes](https://github.com/redhat-plumbers-in-action/differential-shellcheck/releases )
- [Changelog](https://github.com/redhat-plumbers-in-action/differential-shellcheck/blob/main/docs/CHANGELOG.md )
- [Commits](d24099b9f3...ac4483d8c6
)
---
updated-dependencies:
- dependency-name: redhat-plumbers-in-action/differential-shellcheck
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-01 12:20:55 +02:00
Daan De Meyer
edabe6fc11
Merge pull request #27806 from DaanDeMeyer/fix-mkosi-check
...
mkosi: Use proper check to detect whether we're in a VM
2023-05-31 15:26:05 +02:00
Daan De Meyer
df4835c897
mkosi: Check for failures by mounting again
...
We rely on vsock to communicate the exit status back to us from the
VM but vsock in Github Actions is broken so let's switch back to
mounting for now.
2023-05-31 14:22:58 +02:00
Daan De Meyer
86605eed9a
mkosi: Enforce usage of vsock with qemu in CI
2023-05-31 14:19:25 +02:00
Daan De Meyer
401027075a
mkosi: Update to latest
2023-05-31 14:19:25 +02:00
Frantisek Sumsal
4189d009ae
ci: add gcc-13, drop gcc-12
2023-05-30 16:23:40 +02:00
Daan De Meyer
a27f253276
mkosi: Bump default timeout to 180s
...
Hopefully fixes #27778 where waiting for the root device to appear
times out before systemd-repart has a chance to run and create it.
2023-05-25 12:09:13 +02:00
Daan De Meyer
47e5e12866
mkosi: Package a erofs usr partition with signed verity
...
Let's start moving towards a more involved partitioning setup to
test our stuff more when using mkosi.
The root partition is generated on boot with systemd-repart.
CentOS supports neither erofs nor btrfs so we use squashfs and xfs
instead.
We also enable SecureBoot= locally for additional coverage. This
and the use of verity means users need to run `mkosi genkey` once
to generate the keys necessary to do secure boot and verity.
2023-05-13 10:49:17 +02:00
Daan De Meyer
059c961135
mkosi: Update to latest
2023-05-12 11:38:02 +02:00
Daan De Meyer
93a948865c
mkosi: Run in debug mode
...
Let's make sure we log more of what mkosi's doing so we can debug
issues better. Note this also makes mkosi set SYSTEMD_LOG_LEVEL=debug
when running programs so we'll get all the systemd debug logging as
well.
2023-05-11 12:18:50 +02:00
Daan De Meyer
4bfcb6ba27
mkosi: Don't run slow tests by default
...
Instead, allow enabling it via an environment variable and do so
in CI.
2023-05-11 12:16:47 +02:00
dependabot[bot]
43a221473c
build(deps): bump actions/checkout from 3.3.0 to 3.5.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.3.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](ac59398561...8e5e7e5ab8
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-11 09:34:08 +02:00
dependabot[bot]
93b2175a87
build(deps): bump meson from 1.0.1 to 1.1.0 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 1.0.1 to 1.1.0.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/1.0.1...1.1.0 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-11 09:33:21 +02:00
dependabot[bot]
c07aa178b3
build(deps): bump actions/upload-artifact from 3.1.1 to 3.1.2
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v3.1.1...0b7f8abb1508181956e8e162db84b466c27e18ce )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-11 09:31:55 +02:00
dependabot[bot]
6a3ba07bfb
build(deps): bump github/super-linter from 4.10.1 to 5.0.0
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 4.10.1 to 5.0.0.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md )
- [Commits](454ba4482c...45fc0d8828
)
---
updated-dependencies:
- dependency-name: github/super-linter
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-11 09:31:22 +02:00
dependabot[bot]
882235d581
build(deps): bump actions/github-script from 6.4.0 to 6.4.1
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.4.0 to 6.4.1.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](98814c53be...d7906e4ad0
)
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-11 09:30:48 +02:00