1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

537 Commits

Author SHA1 Message Date
Daan De Meyer
14fb6354f1
Merge pull request #33636 from DaanDeMeyer/ext4
Various integration test improvements
2024-07-10 21:33:23 +02:00
Daan De Meyer
dedd712dd9 TEST-06-SELINUX: Various fixes
- Stop installing the policy in the initramfs as it's not really
supported anyway (https://github.com/fedora-selinux/selinux-policy/issues/2221)
- Stop relabeling on first boot and prefer to do it at image build time
- Disable mkosi relabeling by default but enable it in CI
- Build image as root in CI so the SELinux relabeling works properly
2024-07-10 18:52:29 +02:00
Daan De Meyer
d5c3868181 mkosi: Update to latest 2024-07-10 16:52:54 +02:00
Daan De Meyer
612a98a065 mkosi: Build a sysext if SYSEXT=1 is specified 2024-07-10 10:55:33 +02:00
Daan De Meyer
c8ce41954b mkosi: Fix git commit
In https://github.com/systemd/systemd/pull/33659 the commit was
updated to point to my fork without changing it back after the mkosi
PR was merged so let's change it back to point to the official
repository.
2024-07-09 09:28:33 +02:00
Daan De Meyer
20345a86b7 mkosi: Adapt configuration to take into account configuration rework
In https://github.com/systemd/mkosi/pull/2847, the '@' specifier is
removed, CLI arguments take priority over configuration files again
and the "main" image is defined at the top level instead of in
mkosi.images/. Additionally, not every setting from the top level
configuration is inherited by the images in mkosi.images/ anymore,
only settings which make sense to be inherited are inherited.

This commit gets rid of all the usages of '@', moves the "main" image
configuration from mkosi.images/system to the top level and gets rid
of various hacks we had in place to deal with quirks of the old
configuration parsing logic.

We also remove usages of Images= and --append as these options are
removed by the mentioned PR.
2024-07-09 08:07:09 +02:00
Daan De Meyer
b494c7bcb4 mkosi: Update to latest 2024-07-05 17:07:00 +02:00
Mike Yuan
5dfc88c12f
workflows/labeler: do not set labels on stable backport PRs 2024-07-04 20:55:53 +02:00
dependabot[bot]
ba490e2281 build(deps): bump github/codeql-action from 3.24.7 to 3.25.11
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.7 to 3.25.11.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](3ab4101902...b611370bb5)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-01 22:08:28 +02:00
dependabot[bot]
502fbea8c1 build(deps): bump actions/checkout from 4.1.6 to 4.1.7
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](a5ac7e51b4...692973e3d9)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-01 13:18:45 +02:00
Luca Boccassi
ea6376d17f mkosi: bump to latest commit 2024-06-26 15:47:13 +01:00
Luca Boccassi
3001339dc5 mkosi: bump to latest 2024-06-17 17:40:48 +01:00
Luca Boccassi
bdd0b45bfd CI: disable secure boot in mkosi GHA runs
Booting a guest with secure boot is broken in Azure due to a hypervisor
bug. Disable it for now. Given there's no option, need to edit
the configuration on the fly.
2024-06-17 17:40:48 +01:00
Luca Boccassi
7f105dc1bd mkosi: update to latest 2024-06-10 14:17:15 +01:00
Daan De Meyer
60f1e44ffe mkosi: Stop using tools tree
Noble has all the tooling we need so let's stop using a tools tree
and just install the dependencies we need on the host system.
2024-06-08 12:33:32 +02:00
Daan De Meyer
d5474f78b8 ci: Switch to Ubuntu 24.04 2024-06-08 12:33:32 +02:00
Daan De Meyer
f42cb19931 mkosi: Update to latest 2024-06-08 12:33:28 +02:00
Daan De Meyer
20be62e4b9 mkosi: Update to latest 2024-06-06 16:43:58 +02:00
Daan De Meyer
d56cf40dd7 mkosi: Build Arch Linux image with -D_FORTIFY_SOURCE=3
_FORTIFY_SOURCE requires optimizations to be enabled so we set -O2
as well.
2024-06-04 12:27:29 +02:00
Daan De Meyer
cbbffa8355 mkosi: Drop $OPTIMIZATION variable
Let's instead just use $CFLAGS to override the optimization level.
2024-06-04 12:20:19 +02:00
Daan De Meyer
954019d211
Merge pull request #33146 from DaanDeMeyer/clang
mkosi: Add support for building with LLVM
2024-06-03 15:43:31 +02:00
Daan De Meyer
9ee96e7382 mkosi: Build Fedora Rawhide sanitizers job with LLVM
More coverage and clang tends to be better at sanitizers than gcc.
2024-06-03 13:47:37 +02:00
Daan De Meyer
aacf9527d6 mkosi: Build with --werror in CI 2024-06-03 13:47:37 +02:00
dependabot[bot]
988b837df8 build(deps): bump redhat-plumbers-in-action/differential-shellcheck
Bumps [redhat-plumbers-in-action/differential-shellcheck](https://github.com/redhat-plumbers-in-action/differential-shellcheck) from 5.1.2 to 5.3.0.
- [Release notes](https://github.com/redhat-plumbers-in-action/differential-shellcheck/releases)
- [Changelog](https://github.com/redhat-plumbers-in-action/differential-shellcheck/blob/main/docs/CHANGELOG.md)
- [Commits](52bab0caa5...60c9f2b924)

---
updated-dependencies:
- dependency-name: redhat-plumbers-in-action/differential-shellcheck
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-03 13:07:26 +02:00
dependabot[bot]
de5772c21d build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.1 to 2.3.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](0864cf1902...dc50aa9510)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-03 13:06:57 +02:00
dependabot[bot]
91c7d68d30 build(deps): bump softprops/action-gh-release from 2.0.4 to 2.0.5
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](9d7c94cfd0...69320dbe05)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-03 13:06:03 +02:00
dependabot[bot]
89b49c16ef build(deps): bump actions/checkout from 4.1.2 to 4.1.6
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.2 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](9bb56186c3...a5ac7e51b4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-03 13:04:50 +02:00
Daan De Meyer
ebec3c88c3 ci: Build Fedora rawhide with sanitizers in mkosi
Let's make sure one build has sanitizers enabled for extra coverage.
2024-05-31 17:26:13 +02:00
Daan De Meyer
8919f86f57 mkosi: Sanitizer improvements
- Let's set the environment on the kernel command line so it applies
to initrd and main system.
- Let's add the necessary wrappers that are also added in test-functions.
Unlike test-functions we don't use gcc/clang to get the library path as
that requires installing gcc/clang in the initrd.
- Let's drop the hack to get journald writing to the console and have
it write to kmsg instead. We'll get the output either way.
- Stop removing libstdc++ and sanitizer libraries from Arch Linux
initrds and other images as it's required by the sanitizer libraries.
- Add a workaround for specifying extra meson options for opensuse
- Add a leak sanitizer suppression file as a workaround for a false
positive leak in verify_selinuxmnt() in libselinux. We do a soname match
because the stacktrace can't be properly symbolized on Debian.
2024-05-31 17:26:13 +02:00
Luca Boccassi
87d6cedfdb
Merge pull request #33123 from DaanDeMeyer/fix
Two mkosi fixes
2024-05-31 11:38:43 +02:00
Daan De Meyer
3a8e9b4a0e mkosi: Unify device timeout for CI and local runs
Now that we use KVM and don't use repart anymore to create a root
partition on first boot, let's see if we can use the same device timeout
for both local and CI runs.
2024-05-31 10:25:08 +02:00
Daan De Meyer
e2219740f3 mkosi: Drop two unnecessary settings in CI config
We don't build erofs images anymore and the firmware to use is set
per test so no need to configure it the CI config.
2024-05-31 10:23:58 +02:00
dependabot[bot]
d4d59423b5 build(deps): bump redhat-plumbers-in-action/advanced-issue-labeler
Bumps [redhat-plumbers-in-action/advanced-issue-labeler](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler) from 3.0.0 to 3.2.0.
- [Release notes](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler/releases)
- [Commits](9e55064634...d498805e5c)

---
updated-dependencies:
- dependency-name: redhat-plumbers-in-action/advanced-issue-labeler
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-31 10:17:44 +02:00
dependabot[bot]
f47f849fad build(deps): bump redhat-plumbers-in-action/devel-freezer
Bumps [redhat-plumbers-in-action/devel-freezer](https://github.com/redhat-plumbers-in-action/devel-freezer) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/redhat-plumbers-in-action/devel-freezer/releases)
- [Commits](396c94ba8c...ad766eafd5)

---
updated-dependencies:
- dependency-name: redhat-plumbers-in-action/devel-freezer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-31 10:17:10 +02:00
dependabot[bot]
4c8858dda6 build(deps): bump meson from 1.4.0 to 1.4.1 in /.github/workflows
Bumps [meson](https://github.com/mesonbuild/meson) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/mesonbuild/meson/releases)
- [Commits](https://github.com/mesonbuild/meson/compare/1.4.0...1.4.1)

---
updated-dependencies:
- dependency-name: meson
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-31 10:16:56 +02:00
Daan De Meyer
074ac66e88 Revert "mkosi: Sanitizer improvements"
This reverts commit aef13ad029.
2024-05-30 14:50:21 +02:00
Daan De Meyer
d54d6197d5 Revert "ci: Build with sanitizers in mkosi"
This reverts commit 639403f9a8.
2024-05-30 14:50:10 +02:00
Daan De Meyer
381918edc9
Merge pull request #32866 from DaanDeMeyer/sanitizers
mkosi: Sanitizers
2024-05-30 14:49:13 +02:00
Daan De Meyer
465d302d48 mkosi: Preserve environment when running integration tests with sudo
Otherwise we won't detect we're running in Github Actions and will
show the wrong command to fetch the journal.
2024-05-30 13:50:27 +02:00
Daan De Meyer
639403f9a8 ci: Build with sanitizers in mkosi 2024-05-30 12:47:45 +02:00
Daan De Meyer
aef13ad029 mkosi: Sanitizer improvements
- Let's set the environment on the kernel command line so it applies
to initrd and main system.
- Let's add the necessary wrappers that are also added in test-functions.
Unlike test-functions we don't use gcc/clang to get the library path as
that requires installing gcc/clang in the initrd.
- Let's drop the hack to get journald writing to the console and have
it write to kmsg instead. We'll get the output either way.
- Stop removing libstdc++ and sanitizer libraries from Arch Linux
initrds and other images as it's required by the sanitizer libraries.
- Add a workaround for specifying extra meson options for opensuse
- Add a leak sanitizer suppression file as a workaround for a false
positive leak in verify_selinuxmnt() in libselinux. We do a soname match
because the stacktrace can't be properly symbolized on Debian.
2024-05-30 12:47:45 +02:00
Daan De Meyer
d12fedd25e mkosi: Run integration tests as root
This allows running integration tests that support it in nspawn
instead of qemu. This both gives extra coverage and speeds things up.
2024-05-29 14:10:50 +02:00
Daan De Meyer
09466b2a0e mkosi: update to latest 2024-05-29 14:10:47 +02:00
Luca Boccassi
0dde8adcf5 Revert "CI: add manual workflow to publish pages to fix submodule issue"
Nope, it's broken, never mind

This reverts commit b0f9c3c648.
2024-05-16 15:31:52 +01:00
Luca Boccassi
b0f9c3c648 CI: add manual workflow to publish pages to fix submodule issue
Cloning the fedora/centos submodules fails because --depth 1 is used. Fork the actions workflow and use fetch-depth: 0 to disable it.
2024-05-16 16:27:40 +02:00
Zbigniew Jędrzejewski-Szmek
f222ef107d mkosi: Restore job for F40
This partially reverts ecf8468dd4.
dist-git was made compatible again with F40.
2024-05-14 21:23:46 +02:00
Daan De Meyer
ecf8468dd4 mkosi: Update fedora to latest
We drop the Fedora 40 job as the latest rawhide spec introduced
dependencies that are not available in Fedora 40.
2024-05-14 20:44:39 +02:00
Daan De Meyer
23d79a84a4 mkosi: Update to latest 2024-05-14 12:43:28 +02:00
Daan De Meyer
5dd3657f86 ci: Optimize pull request labeler
We keep running into rate limits, so let's optimize the number of
requests we do in the pull request labeler to hopefully fix that.
2024-05-07 17:49:54 +02:00
Daan De Meyer
b1670c52ad mkosi: Switch to fedora 40
Enable updates-testing and use the most recent mirror to make sure
we get util-linux 2.40.1 which contains a crucial fix to make sure
the serial terminal in virtual machines works properly.
2024-05-07 11:51:29 +02:00