Luca Boccassi
5a13150485
ci: add coverage for builds without sd-boot
...
This should catch compilation issues such as:
https://github.com/systemd/systemd/pull/35014
(cherry picked from commit 8a3ac7afa6
)
2024-11-13 19:48:10 +00:00
Luca Boccassi
a105a9bda6
test: set nullglob to avoid failure when building without sd-boot
...
2024-11-04T20:13:17.3258095Z + for loader in build/src/boot/efi/*{.efi,.efi.stub}
2024-11-04T20:13:17.3258275Z ++ sbverify --list 'build/src/boot/efi/*.efi'
2024-11-04T20:13:17.3258525Z + [[ Error reading file build/src/boot/efi/*.efi: No such file or directory
2024-11-04T20:13:17.3258952Z Can't open image build/src/boot/efi/*.efi != \N\o\ \s\i\g\n\a\t\u\r\e\ \t\a\b\l\e\ \p\r\e\s\e\n\t ]]
(cherry picked from commit 441922336b
)
2024-11-13 19:48:10 +00:00
Yu Watanabe
d9d4cbfe5f
mkosi: fix sections for settings
...
Follow-up for 963157ca78
.
(cherry picked from commit 727dc1f23a
)
2024-11-13 19:48:10 +00:00
Daan De Meyer
8bf57b2f83
mkosi: Switch to Fedora 41
...
It's due for release soon and will fix the flakyness of TEST-58-REPART
so let's bump the Fedora 40 job to Fedora 41.
(cherry picked from commit 12a1b02b52
)
2024-10-08 16:39:12 +01:00
dependabot[bot]
915822604f
build(deps): bump systemd/mkosi
...
Bumps [systemd/mkosi](https://github.com/systemd/mkosi ) from 2c9954fa51a3a995bbdc02db6ef51f5bd27bc1ba to 3454f7bd4ef0336ec80a117d593baaef0fe53398.
- [Release notes](https://github.com/systemd/mkosi/releases )
- [Commits](2c9954fa51...3454f7bd4e
)
---
updated-dependencies:
- dependency-name: systemd/mkosi
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 6aed4876e8
)
2024-10-08 16:39:12 +01:00
dependabot[bot]
4fe2c97477
build(deps): bump systemd/mkosi
...
Bumps [systemd/mkosi](https://github.com/systemd/mkosi ) from 8c2f828701a1bdb3dc9b80d6f2ab979f0430a6b8 to 31b4e756c1484c302435653da5d3b9bdfae38518.
- [Release notes](https://github.com/systemd/mkosi/releases )
- [Changelog](https://github.com/systemd/mkosi/blob/main/NEWS.md )
- [Commits](8c2f828701...31b4e756c1
)
---
updated-dependencies:
- dependency-name: systemd/mkosi
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 0333969a40
)
2024-09-10 14:56:05 +02:00
Daan De Meyer
2725b5c01f
mkosi: Update to latest
...
(cherry picked from commit dbff64ddf0
)
2024-09-10 14:56:05 +02:00
Daan De Meyer
145f581e88
mkosi: Update to latest
...
Should fix the Fedora Rawhide CI failure.
(cherry picked from commit f134a79ff8
)
2024-09-10 14:56:05 +02:00
Daan De Meyer
cfc3c113f7
mkosi: Update to latest
...
(cherry picked from commit 2dc99fdadb
)
2024-09-10 14:56:05 +02:00
Daan De Meyer
07b2d49089
mkosi: Improve formatting
...
(cherry picked from commit bc07b026f0
)
2024-09-10 14:56:05 +02:00
dependabot[bot]
da76d7c4f5
build(deps): bump systemd/mkosi
...
Bumps [systemd/mkosi](https://github.com/systemd/mkosi ) from 4eba736412c702bbbe2c6d4a58a92fa977219249 to 63fc1fde5b1aac1abf07ac499068c2b62263dafb.
- [Release notes](https://github.com/systemd/mkosi/releases )
- [Changelog](https://github.com/systemd/mkosi/blob/main/NEWS.md )
- [Commits](4eba736412...63fc1fde5b
)
---
updated-dependencies:
- dependency-name: systemd/mkosi
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 5186b40c6f
)
2024-09-10 14:56:05 +02:00
Daan De Meyer
852be5a77f
test: Don't mount build sources into image when running non-interactively
...
(cherry picked from commit 578ee05155
)
2024-08-15 13:08:37 +01:00
Daan De Meyer
32ff025c36
mkosi: Update to latest
...
Includes the required fix to make mkosi copy NOCOW disk images properly.
(cherry picked from commit 3d6c6f9b9e
)
2024-08-15 11:06:08 +01:00
Daan De Meyer
3fc259ae25
mkosi: Add CI for CentOS Stream 10
...
We switch to the c10s-sig-hyperscale branch of the spec repository
as it will receive all the latest changes the earliest before they
end up in the c9s-sig-hyperscale branch.
(cherry picked from commit 8b32cc79ec
)
2024-07-16 15:14:21 +02:00
Daan De Meyer
748cd5a703
mkosi: Update to latest
...
(cherry picked from commit 9e8cfe5daa
)
2024-07-16 15:10:20 +02:00
Daan De Meyer
54eb9b9301
TEST-06-SELINUX: Various fixes
...
- Stop installing the policy in the initramfs as it's not really
supported anyway (https://github.com/fedora-selinux/selinux-policy/issues/2221 )
- Stop relabeling on first boot and prefer to do it at image build time
- Disable mkosi relabeling by default but enable it in CI
- Build image as root in CI so the SELinux relabeling works properly
(cherry picked from commit dedd712dd9
)
2024-07-11 12:48:41 +02:00
Daan De Meyer
5685a59371
mkosi: Update to latest
...
(cherry picked from commit d5c3868181
)
2024-07-11 12:48:04 +02:00
Daan De Meyer
370bf11ec4
mkosi: Build a sysext if SYSEXT=1 is specified
...
(cherry picked from commit 612a98a065
)
2024-07-11 12:47:55 +02:00
Daan De Meyer
c350e02631
mkosi: Fix git commit
...
In https://github.com/systemd/systemd/pull/33659 the commit was
updated to point to my fork without changing it back after the mkosi
PR was merged so let's change it back to point to the official
repository.
(cherry picked from commit c8ce41954b
)
2024-07-09 15:19:02 +02:00
Daan De Meyer
00bcc619db
mkosi: Adapt configuration to take into account configuration rework
...
In https://github.com/systemd/mkosi/pull/2847 , the '@' specifier is
removed, CLI arguments take priority over configuration files again
and the "main" image is defined at the top level instead of in
mkosi.images/. Additionally, not every setting from the top level
configuration is inherited by the images in mkosi.images/ anymore,
only settings which make sense to be inherited are inherited.
This commit gets rid of all the usages of '@', moves the "main" image
configuration from mkosi.images/system to the top level and gets rid
of various hacks we had in place to deal with quirks of the old
configuration parsing logic.
We also remove usages of Images= and --append as these options are
removed by the mentioned PR.
(cherry picked from commit 20345a86b7
)
2024-07-09 15:18:51 +02:00
Daan De Meyer
0123dbee1b
mkosi: Update to latest
...
(cherry picked from commit b494c7bcb4
)
2024-07-09 15:17:02 +02:00
dependabot[bot]
32981c454c
build(deps): bump actions/checkout from 4.1.6 to 4.1.7
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a5ac7e51b4...692973e3d9
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 502fbea8c1
)
(cherry picked from commit 01721bf2687d417a3620ce72b4598662ba7c7146)
2024-07-09 15:16:54 +02:00
Mike Yuan
e8bbe635cd
workflows/labeler: do not set labels on stable backport PRs
...
(cherry picked from commit 5dfc88c12f
)
2024-07-05 20:00:04 +02:00
Mike Yuan
aa1eb0b066
labeler: match all mkosi files
...
(cherry picked from commit a3370d5d94
)
2024-07-05 20:00:04 +02:00
Mike Yuan
32f2b9bba6
labeler: remove matches for dropped files (Makefile)
...
(cherry picked from commit 5e12de940a
)
2024-07-05 20:00:04 +02:00
Luca Boccassi
851f991b1c
mkosi: bump to latest commit
...
(cherry picked from commit ea6376d17f
)
2024-07-05 11:38:42 +02:00
Luca Boccassi
d89c99c7ad
mkosi: bump to latest
...
(cherry picked from commit 3001339dc5
)
2024-06-18 20:41:01 +02:00
Luca Boccassi
b455006ae1
CI: disable secure boot in mkosi GHA runs
...
Booting a guest with secure boot is broken in Azure due to a hypervisor
bug. Disable it for now. Given there's no option, need to edit
the configuration on the fly.
(cherry picked from commit bdd0b45bfd
)
2024-06-18 20:41:01 +02:00
Luca Boccassi
7f105dc1bd
mkosi: update to latest
2024-06-10 14:17:15 +01:00
Daan De Meyer
60f1e44ffe
mkosi: Stop using tools tree
...
Noble has all the tooling we need so let's stop using a tools tree
and just install the dependencies we need on the host system.
2024-06-08 12:33:32 +02:00
Daan De Meyer
d5474f78b8
ci: Switch to Ubuntu 24.04
2024-06-08 12:33:32 +02:00
Daan De Meyer
f42cb19931
mkosi: Update to latest
2024-06-08 12:33:28 +02:00
Daan De Meyer
20be62e4b9
mkosi: Update to latest
2024-06-06 16:43:58 +02:00
Daan De Meyer
d56cf40dd7
mkosi: Build Arch Linux image with -D_FORTIFY_SOURCE=3
...
_FORTIFY_SOURCE requires optimizations to be enabled so we set -O2
as well.
2024-06-04 12:27:29 +02:00
Daan De Meyer
cbbffa8355
mkosi: Drop $OPTIMIZATION variable
...
Let's instead just use $CFLAGS to override the optimization level.
2024-06-04 12:20:19 +02:00
Daan De Meyer
954019d211
Merge pull request #33146 from DaanDeMeyer/clang
...
mkosi: Add support for building with LLVM
2024-06-03 15:43:31 +02:00
Daan De Meyer
9ee96e7382
mkosi: Build Fedora Rawhide sanitizers job with LLVM
...
More coverage and clang tends to be better at sanitizers than gcc.
2024-06-03 13:47:37 +02:00
Daan De Meyer
aacf9527d6
mkosi: Build with --werror in CI
2024-06-03 13:47:37 +02:00
dependabot[bot]
988b837df8
build(deps): bump redhat-plumbers-in-action/differential-shellcheck
...
Bumps [redhat-plumbers-in-action/differential-shellcheck](https://github.com/redhat-plumbers-in-action/differential-shellcheck ) from 5.1.2 to 5.3.0.
- [Release notes](https://github.com/redhat-plumbers-in-action/differential-shellcheck/releases )
- [Changelog](https://github.com/redhat-plumbers-in-action/differential-shellcheck/blob/main/docs/CHANGELOG.md )
- [Commits](52bab0caa5...60c9f2b924
)
---
updated-dependencies:
- dependency-name: redhat-plumbers-in-action/differential-shellcheck
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-03 13:07:26 +02:00
dependabot[bot]
de5772c21d
build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.3.1 to 2.3.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](0864cf1902...dc50aa9510
)
---
updated-dependencies:
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-03 13:06:57 +02:00
dependabot[bot]
91c7d68d30
build(deps): bump softprops/action-gh-release from 2.0.4 to 2.0.5
...
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release ) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/softprops/action-gh-release/releases )
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md )
- [Commits](9d7c94cfd0...69320dbe05
)
---
updated-dependencies:
- dependency-name: softprops/action-gh-release
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-03 13:06:03 +02:00
dependabot[bot]
89b49c16ef
build(deps): bump actions/checkout from 4.1.2 to 4.1.6
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.2 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](9bb56186c3...a5ac7e51b4
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-03 13:04:50 +02:00
Daan De Meyer
ebec3c88c3
ci: Build Fedora rawhide with sanitizers in mkosi
...
Let's make sure one build has sanitizers enabled for extra coverage.
2024-05-31 17:26:13 +02:00
Daan De Meyer
8919f86f57
mkosi: Sanitizer improvements
...
- Let's set the environment on the kernel command line so it applies
to initrd and main system.
- Let's add the necessary wrappers that are also added in test-functions.
Unlike test-functions we don't use gcc/clang to get the library path as
that requires installing gcc/clang in the initrd.
- Let's drop the hack to get journald writing to the console and have
it write to kmsg instead. We'll get the output either way.
- Stop removing libstdc++ and sanitizer libraries from Arch Linux
initrds and other images as it's required by the sanitizer libraries.
- Add a workaround for specifying extra meson options for opensuse
- Add a leak sanitizer suppression file as a workaround for a false
positive leak in verify_selinuxmnt() in libselinux. We do a soname match
because the stacktrace can't be properly symbolized on Debian.
2024-05-31 17:26:13 +02:00
Luca Boccassi
87d6cedfdb
Merge pull request #33123 from DaanDeMeyer/fix
...
Two mkosi fixes
2024-05-31 11:38:43 +02:00
Daan De Meyer
3a8e9b4a0e
mkosi: Unify device timeout for CI and local runs
...
Now that we use KVM and don't use repart anymore to create a root
partition on first boot, let's see if we can use the same device timeout
for both local and CI runs.
2024-05-31 10:25:08 +02:00
Daan De Meyer
e2219740f3
mkosi: Drop two unnecessary settings in CI config
...
We don't build erofs images anymore and the firmware to use is set
per test so no need to configure it the CI config.
2024-05-31 10:23:58 +02:00
dependabot[bot]
d4d59423b5
build(deps): bump redhat-plumbers-in-action/advanced-issue-labeler
...
Bumps [redhat-plumbers-in-action/advanced-issue-labeler](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler ) from 3.0.0 to 3.2.0.
- [Release notes](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler/releases )
- [Commits](9e55064634...d498805e5c
)
---
updated-dependencies:
- dependency-name: redhat-plumbers-in-action/advanced-issue-labeler
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-31 10:17:44 +02:00
dependabot[bot]
f47f849fad
build(deps): bump redhat-plumbers-in-action/devel-freezer
...
Bumps [redhat-plumbers-in-action/devel-freezer](https://github.com/redhat-plumbers-in-action/devel-freezer ) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/redhat-plumbers-in-action/devel-freezer/releases )
- [Commits](396c94ba8c...ad766eafd5
)
---
updated-dependencies:
- dependency-name: redhat-plumbers-in-action/devel-freezer
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-31 10:17:10 +02:00
dependabot[bot]
4c8858dda6
build(deps): bump meson from 1.4.0 to 1.4.1 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/1.4.0...1.4.1 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-31 10:16:56 +02:00