Jan Janssen
43abc59a27
meson: Use feature options
...
By using meson features we can replace the handcrafted dependency
auto-detection by just passing the value from get_option directly to the
required arg for dependency, find_library etc.
'auto' features make the dependency optional, 'enabled' requires it
while 'disabled' features will skip detection entirely.
Any skipped or not found dependency will just be a no-op when passed to
build steps and therefore we can also skip the creation of empty vars.
The use of skip_deps for these is dropped here as meson provides a way
to disable all optional features in one go by passing
'-Dauto_features=disabled'.
2023-08-23 14:45:02 +02:00
Daan De Meyer
c3e83f09ea
mkosi: Update to v15.1 release
2023-08-15 12:32:39 +02:00
Daan De Meyer
1f035c91bb
mkosi: Update to latest
...
This update introduces the explicit Dependencies= setting, instead
of relying on implicit dependencies via alphanumerical ordering.
We also take the opportunity to rename the "final" preset to the
"system" preset, which seems like a better name.
2023-08-09 18:56:51 +02:00
Jan Macku
97eb826821
ci(lint): exclude .in files from ShellCheck lint
...
Exclude all `.in` files because they may contain unsupported syntax, and
they have to be preprocessed first. For example:
```sh
Error: SHELLCHECK_WARNING:
./src/rpm/systemd-update-helper.in:130:37: warning[SC1083]: This { is literal. Check expression (missing ;/\n?) or quote it.
```
Related to: https://github.com/systemd/systemd/pull/28521
2023-08-07 19:28:23 +02:00
Daan De Meyer
f2f8ed193c
mkosi: Update to latest
2023-08-04 16:48:58 +02:00
Daan De Meyer
0f4259bcf2
mkosi: Update to latest
...
We modify all our scripts to execute in the image instead of on the
hosts. In the future we can adapt them to run on the host.
2023-08-03 17:03:05 +02:00
dependabot[bot]
f3d812baf7
build(deps): bump systemd/mkosi
...
Bumps [systemd/mkosi](https://github.com/systemd/mkosi ) from 5866c0ff3b36d350c943016e5a3b115f7a95d37f to c6dd95b6eae0386579071cbf44fd838ce28b7237.
- [Release notes](https://github.com/systemd/mkosi/releases )
- [Changelog](https://github.com/systemd/mkosi/blob/main/NEWS.md )
- [Commits](5866c0ff3b...c6dd95b6ea
2023-08-01 20:27:17 +00:00
dependabot[bot]
1ce2075fde
build(deps): bump actions/labeler from 4.2.0 to 4.3.0
...
Bumps [actions/labeler](https://github.com/actions/labeler ) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/actions/labeler/releases )
- [Commits](0967ca812e...ac9175f8a1
2023-08-01 14:18:15 +00:00
dependabot[bot]
8fa2da7ad1
build(deps): bump meson from 1.1.1 to 1.2.0 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/1.1.1...1.2.0 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-08-01 14:16:16 +00:00
dependabot[bot]
d8c7d6d4fe
build(deps): bump github/codeql-action from 2.20.1 to 2.21.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.20.1 to 2.21.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f6e388ebf0...0ba4244466
2023-08-01 10:14:58 +00:00
Zbigniew Jędrzejewski-Szmek
79ce5f940e
labeller: add build-system label
2023-07-29 14:11:14 +02:00
Frantisek Sumsal
c5afbac31b
ci: explicitly install python3-lldb-$COMPILER_VERSION
...
To avoid apt complaining:
+ apt-get -y install clang-15 lldb-15 lld-15 clangd-15
Reading package lists...
Building dependency tree...
Reading state information...
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:
The following packages have unmet dependencies:
python3-lldb-14 : Conflicts: python3-lldb-x.y
python3-lldb-15 : Conflicts: python3-lldb-x.y
E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages.
2023-07-27 13:45:00 +01:00
Luca Boccassi
4cf5b343c9
mkosi: add drop-in to make emergency.service shut down the system
...
When the mkosi CI fails to boot, it just sits there waiting at the emergency
console until the job times out. Add a drop-in for emergency.service in the
CI configuration so that instead it exists immediately.
2023-07-26 14:07:13 +01:00
Frantisek Sumsal
c4b167f857
ci: drop super-linter's shellcheck
...
It's been a while since we introduced Differential ShellCheck and it
proved to be quite useful (and in some ways even better than the shellcheck
run by super-linter). So, to have only one linter scream at us for not
knowing how to write bash properly, let's drop the super-linter's one in
favor of Differential ShellCheck.
Follow-up for https://github.com/systemd/systemd/pull/24328#pullrequestreview-1074127504
2023-07-17 20:12:57 +01:00
Daan De Meyer
5b79e9d7a9
mkosi: Update to latest
...
mkosi now supports CentOS SIGs natively so we drop our own definition
of that and use the mkosi builtin one. We also enable hyperscale for
both CentOS 8 and CentOS 9 for consistency and add epel-next as well
which is a requirement for Hyperscale.
2023-07-14 14:47:45 +02:00
dependabot[bot]
1cdaba52a5
build(deps): bump github/codeql-action from 2.3.5 to 2.20.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.5 to 2.20.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0225834cc5...f6e388ebf0
2023-07-01 14:05:22 +00:00
dependabot[bot]
6cc0fd0044
build(deps): bump actions/labeler from 4.0.4 to 4.2.0
...
Bumps [actions/labeler](https://github.com/actions/labeler ) from 4.0.4 to 4.2.0.
- [Release notes](https://github.com/actions/labeler/releases )
- [Commits](0776a67936...0967ca812e
2023-07-01 10:37:11 +00:00
dependabot[bot]
a2c9096790
build(deps): bump actions/checkout from 3.5.2 to 3.5.3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e5e7e5ab8...c85c95e3d7
2023-07-01 10:36:23 +00:00
dependabot[bot]
479f9f3004
build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](80e868c13c...08b4669551
2023-07-01 10:35:10 +00:00
Daan De Meyer
12ab9ae8c6
mkosi: Update to latest
...
mkosi now prebuilds the hwdb during image build which should hopefully
get rid of the CentOS 8 failures we're seeing in CI.
2023-06-26 14:14:40 +01:00
Daan De Meyer
94c357ca23
mkosi: Update to latest
...
We now run repart before starting systemd-nspawn to make sure that
the root partition is also generated when we boot the image in a
container instead of a VM.
To make sure we start from scratch for both the container boot and
the VM boot, we also enable Ephemeral to make sure all changes to
the image are ephemeral.
2023-06-19 10:30:39 +02:00
Evgeny Vereshchagin
83dda3d28b
ci: drop the "find" kludge
...
meson no longer complains about install_tag
2023-06-16 10:43:06 +09:00
Joyce Brum
2b3211c836
Squashed commit of the following:
...
commit ef2fc83647f69c172c11e0dea318bf6ecf79a4aa
Author: Joyce <joycebrum@google.com>
Date: Wed Jun 14 12:18:23 2023 -0300
Update scorecards.yml
Signed-off-by: Joyce <joycebrum@google.com>
commit c59c05c6ab156b20249e8056d8cbaafbe0c495f8
Merge: 7431a54568 f66d040d95
2023-06-14 20:22:50 +01:00
Joyce
3f2ff79763
Fix scorecard version comment format ( #28027 )
...
* Update scorecards.yml version comments
Signed-off-by: Joyce <joycebrum@google.com>
2023-06-13 22:36:32 +01:00
Daan De Meyer
6aca147f82
mkosi: Remove explicit /testok check
...
vsock should work properly after the latest release of mkosi. But
to make sure it works, let's exit with 123 in case of success and
check for that in Github Actions.
2023-06-13 16:04:10 +02:00
Daan De Meyer
abeecde242
mkosi: Update to latest
...
We update our configuration to replace the removed
RepositoryDirectories= option with the new PackageManagerTrees=
option.
2023-06-13 16:04:08 +02:00
Daan De Meyer
9f89c2d420
mkosi: Update to latest
...
mkosi's match syntax was changed so we update our config files to
use the new match syntax which mimicks the systemd condition syntax.
2023-06-07 15:59:03 +02:00
jonathanmetzman
56595a3730
ci: Report results from CIFuzz using SARIF
...
Upload results from CIFuzz using SARIF.
This will allow CIFuzz to report issues in the security tab.
This is a better UI than having to look through logs.
TODO(google/oss-fuzz#10452 ): Add proper descriptions of UBSAN bugs.
2023-06-05 07:37:34 +02:00
Daan De Meyer
8f9a307fec
Merge pull request #27849 from DaanDeMeyer/sign-pcr
...
mkosi: Sign expected PCRs
2023-06-02 16:16:41 +02:00
Daan De Meyer
a47c48cbb2
mkosi: Only lower device timeout instead of all timeouts
...
We only really care about lowering the device timeout so we get to
a shell faster when the root device doesn't appear so let's only
lower that timeout instead of lowering all default timeouts.
2023-06-02 15:43:28 +02:00
Daan De Meyer
2af9d5dc0e
mkosi: Update to latest
2023-06-02 13:32:53 +02:00
dependabot[bot]
7cd4f577e8
build(deps): bump github/codeql-action from 2.2.9 to 2.3.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.9 to 2.3.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](04df1262e6...0225834cc5
2023-06-01 21:57:36 +08:00
dependabot[bot]
da92fd4612
build(deps): bump meson from 1.1.0 to 1.1.1 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/1.1.0...1.1.1 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-01 21:15:21 +09:00
dependabot[bot]
9a1ac3a019
build(deps): bump redhat-plumbers-in-action/advanced-issue-labeler
...
Bumps [redhat-plumbers-in-action/advanced-issue-labeler](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler ) from 2.0.4 to 2.0.6.
- [Release notes](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler/releases )
- [Commits](25a1e41826...71bcf99aef
2023-06-01 12:22:14 +02:00
dependabot[bot]
c9401e6c6d
build(deps): bump actions/labeler from 4.0.3 to 4.0.4
...
Bumps [actions/labeler](https://github.com/actions/labeler ) from 4.0.3 to 4.0.4.
- [Release notes](https://github.com/actions/labeler/releases )
- [Commits](ba790c862c...0776a67936
2023-06-01 12:21:34 +02:00
dependabot[bot]
6138a85d10
build(deps): bump redhat-plumbers-in-action/differential-shellcheck
...
Bumps [redhat-plumbers-in-action/differential-shellcheck](https://github.com/redhat-plumbers-in-action/differential-shellcheck ) from 4.0.2 to 4.2.2.
- [Release notes](https://github.com/redhat-plumbers-in-action/differential-shellcheck/releases )
- [Changelog](https://github.com/redhat-plumbers-in-action/differential-shellcheck/blob/main/docs/CHANGELOG.md )
- [Commits](d24099b9f3...ac4483d8c6
2023-06-01 12:20:55 +02:00
Daan De Meyer
edabe6fc11
Merge pull request #27806 from DaanDeMeyer/fix-mkosi-check
...
mkosi: Use proper check to detect whether we're in a VM
2023-05-31 15:26:05 +02:00
Daan De Meyer
df4835c897
mkosi: Check for failures by mounting again
...
We rely on vsock to communicate the exit status back to us from the
VM but vsock in Github Actions is broken so let's switch back to
mounting for now.
2023-05-31 14:22:58 +02:00
Daan De Meyer
86605eed9a
mkosi: Enforce usage of vsock with qemu in CI
2023-05-31 14:19:25 +02:00
Daan De Meyer
401027075a
mkosi: Update to latest
2023-05-31 14:19:25 +02:00
Frantisek Sumsal
4189d009ae
ci: add gcc-13, drop gcc-12
2023-05-30 16:23:40 +02:00
Daan De Meyer
a27f253276
mkosi: Bump default timeout to 180s
...
Hopefully fixes #27778 where waiting for the root device to appear
times out before systemd-repart has a chance to run and create it.
2023-05-25 12:09:13 +02:00
Daan De Meyer
47e5e12866
mkosi: Package a erofs usr partition with signed verity
...
Let's start moving towards a more involved partitioning setup to
test our stuff more when using mkosi.
The root partition is generated on boot with systemd-repart.
CentOS supports neither erofs nor btrfs so we use squashfs and xfs
instead.
We also enable SecureBoot= locally for additional coverage. This
and the use of verity means users need to run `mkosi genkey` once
to generate the keys necessary to do secure boot and verity.
2023-05-13 10:49:17 +02:00
Daan De Meyer
059c961135
mkosi: Update to latest
2023-05-12 11:38:02 +02:00
Daan De Meyer
93a948865c
mkosi: Run in debug mode
...
Let's make sure we log more of what mkosi's doing so we can debug
issues better. Note this also makes mkosi set SYSTEMD_LOG_LEVEL=debug
when running programs so we'll get all the systemd debug logging as
well.
2023-05-11 12:18:50 +02:00
Daan De Meyer
4bfcb6ba27
mkosi: Don't run slow tests by default
...
Instead, allow enabling it via an environment variable and do so
in CI.
2023-05-11 12:16:47 +02:00
dependabot[bot]
43a221473c
build(deps): bump actions/checkout from 3.3.0 to 3.5.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.3.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](ac59398561...8e5e7e5ab8
2023-05-11 09:34:08 +02:00
dependabot[bot]
93b2175a87
build(deps): bump meson from 1.0.1 to 1.1.0 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 1.0.1 to 1.1.0.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/1.0.1...1.1.0 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-11 09:33:21 +02:00
dependabot[bot]
c07aa178b3
build(deps): bump actions/upload-artifact from 3.1.1 to 3.1.2
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v3.1.1...0b7f8abb1508181956e8e162db84b466c27e18ce )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-11 09:31:55 +02:00
dependabot[bot]
6a3ba07bfb
build(deps): bump github/super-linter from 4.10.1 to 5.0.0
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 4.10.1 to 5.0.0.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md )
- [Commits](454ba4482c...45fc0d8828
2023-05-11 09:31:22 +02:00
dependabot[bot]
882235d581
build(deps): bump actions/github-script from 6.4.0 to 6.4.1
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.4.0 to 6.4.1.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](98814c53be...d7906e4ad0
2023-05-11 09:30:48 +02:00
Zbigniew Jędrzejewski-Szmek
98e2089f1b
mkosi,ci: do not install perl
2023-05-09 08:11:10 +02:00
Daan De Meyer
d052cc8893
mkosi: Switch to use mkosi presets with prebuilt initrds
...
Instead of building the initrds for the mkosi images with dracut,
let's switch to using mkosi presets to build the initrd with mkosi
as well.
This commit splits up our single image build into three separate
mkosi presets:
1. The "base" preset. This image contains systemd and all its runtime
dependencies. The sole purpose of this image is to serve as a base image
for the initrd and the final image. It's also responsible for building
systemd from source with the build script. The results are installed into
the base image. Note that we install the systemd and udev packages into this
image as well to prevent package managers from overriding the systemd we built
from source with the distro packaged systemd if it's pulled in as a dependency
by another package from the initrd or final profiles.
2. The "initrd" preset. This image provides the initrd. It's trivial and does
nothing more than packaging the base image up as a zstd compressed initramfs and
adds /init and /etc/initrd-release symlinks to the image.
3. The "final" preset. This image builds on top of the base image and adds
a kernel and extra packages that are useful for testing and debugging.
We also split out the optional kernel build into a separate set of config files
that are only included if a kernel to build is actually provided.
Note that this commit doesn't really change anything about how mkosi is used.
The commands remain the same, except that mkosi will now build all the presets
in order. "mkosi summary" will show the summary of all the presets. "mkosi qemu,
boot, shell" will always boot the final preset. With "-f", all presets will be
built and the final one is booted. "-i" makes a cache of each preset.
The only thing to keep in mind is that specifying config via the mkosi CLI will
apply to each of the presets. e.g. any extra packages added with "-p" will be
installed in both the initrd and the final image. To apply local configuration
to a single preset, create a file 00-local.conf in
mkosi.presets/<profile>/mkosi.conf.d and put all the preset specific configuration
in there.
2023-05-01 15:39:50 +02:00
Daan De Meyer
d280bb7e43
mkosi: Update fedora to release 38
2023-04-25 11:25:36 +02:00
Daan De Meyer
13d9669980
mkosi: Update to latest
...
This pulls in a fix for Debian rpmdb locations, which results in a
substantial speedup for centos/fedora builds.
2023-04-24 20:08:51 +02:00
Daan De Meyer
f997f91d7d
mkosi: Update to latest
...
Let's use the new support for matching against any distribution in
a list of distributions to start sharing most things between the
ubuntu/debian configs and centos/fedora configs.
2023-04-24 10:56:55 +02:00
Daan De Meyer
6b7e774b5d
mkosi: Update to latest
2023-04-19 10:13:06 +02:00
Daan De Meyer
5739271000
mkosi: Update to latest
...
mkosi now installs a "ignore *" default preset on Debian. We also
switch Debian to dbus-broker now that preset doesn't disable it
anymore.
2023-04-15 19:04:25 +08:00
Daan De Meyer
fde55f3a32
mkosi: Update to latest
...
The Bootable= option was removed and mkosi installs less packages
by default now, so let's adapt our configs to those changes.
2023-04-13 13:49:30 +01:00
Jan Macku
19cdda7c3a
ci: drop checkout from release workflow
...
It's not required as per comment - https://github.com/systemd/systemd/pull/27110#issuecomment-1499653913
2023-04-11 16:59:18 +02:00
Jan Macku
9718afd194
ci: don't run release wf on systemd-security
2023-04-11 16:59:18 +02:00
Дамјан Георгиевски
7b411cf842
ci: add permissions to make a release
...
follow-up to https://github.com/systemd/systemd/pull/27071
in order to create Github Releases, the job needs permissions to write
contents
also:
- pinned the `softprops/action-gh-release` action to a specific commit
- made it only active on the `systemd` organization repos (so not on
forks)
2023-04-10 17:23:32 +08:00
Daan De Meyer
3267fc3885
mkosi: Update to latest
...
This contains the recently merged fixes to config parsing ordering
and overrides.
2023-04-07 21:56:22 +09:00
Daan De Meyer
af6c5c7025
mkosi: Update to latest
...
This also migrates the configuration to the new format that was
just merged in mkosi. Specifically, we make use of the new [Match]
sections to only include specific config snippets per distro.
2023-04-07 08:13:42 +09:00
Luca Boccassi
b7b48b389c
ci: do one build with no tpm/p11kit/fido2
...
We have some missing coverage in the CI, all builds enable these features,
but there are often changes and they cover a lot of code. Do one build
without them to ensure we don't break builds.
2023-04-04 22:38:08 +01:00
dependabot[bot]
ca0a1a3107
build(deps): bump github/codeql-action from 2.2.5 to 2.2.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.5 to 2.2.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](32dc499307...04df1262e6
2023-04-01 19:11:42 +02:00
dependabot[bot]
6e57813113
build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](e38b1902ae...80e868c13c
2023-04-01 18:08:20 +02:00
dependabot[bot]
ca8444d471
build(deps): bump actions/labeler from 4.0.2 to 4.0.3
...
Bumps [actions/labeler](https://github.com/actions/labeler ) from 4.0.2 to 4.0.3.
- [Release notes](https://github.com/actions/labeler/releases )
- [Commits](5c7539237e...ba790c862c
2023-04-01 18:07:58 +02:00
dependabot[bot]
4a0c9b60b2
build(deps): bump github/super-linter from 4.9.7 to 4.10.1
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 4.9.7 to 4.10.1.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md )
- [Commits](bb2d833b08...454ba4482c
2023-04-01 18:07:43 +02:00
Дамјан Георгиевски
86c20937c2
add a github workflow action to make a release from tags
...
make a github release for every tag that starts with `v*`,
and a pre-release if the tag contains "-rc".
on the 'systemd/systemd' repo, the "Release" will be draft, so that the
release manager can fill up the notes manually.
on 'systemd/systemd-stable' the release will be created immediately.
info about the action used:
https://github.com/softprops/action-gh-release
2023-04-01 00:44:50 +01:00
Daan De Meyer
94c9855a18
mkosi: Update to latest
...
- Drop Netdev= as it was removed in mkosi
- Always install python-psutil in the final image (required for networkd tests)
- Always Install python-pytest in the final image (required for ukify tests)
- Use the narrow glob for all centos python packages
- Drop the networkd mkosi config files (the default image can be used instead)
- Use ".conf" as the mkosi config file suffix everywhere
- Copy src/ to /root/src in the final image and set gdb substitute path in
.gdbinit to make gdb work properly
2023-03-29 13:27:19 +02:00
Daan De Meyer
0beb2a95a4
mkosi: Update to latest
...
- ACLs are not set on generated directories anymore by default, so
we enable them explictly now so that when running unprivileged mkosi,
the user running mkosi can remove all generated files and directories.
- We don't explicitly set QemuHeadless= anymore as the option was removed
and made the default.
- We set the loglevel= kernel cmdline argument explicitly now as mkosi
doesn't set it by default anymore.
2023-03-29 11:13:33 +01:00
David Tardon
8d0747abb7
labeler: add journal label also for sd-journal stuff
2023-03-22 13:18:55 +01:00
Jan Macku
a33d7c4cc9
ci: limit permissions for differential-shellcheck
2023-03-22 06:56:34 +01:00
Jan Macku
50ba79710e
ci: trigger differential-shellcheck workflow on push
...
Also update `differential-shellcheck` to latest version - https://github.com/redhat-plumbers-in-action/differential-shellcheck/releases
Fixes: https://github.com/redhat-plumbers-in-action/differential-shellcheck/issues/215
2023-03-22 06:56:34 +01:00
Daan De Meyer
26f51ae430
mkosi: Default to debug log level for udev as well
...
Unlike CI, the debug output just goes to the journal, so there's no
harm in enabling it, even if it's noisy.
2023-03-21 11:01:34 +01:00
Frantisek Sumsal
7af15421e3
ci: drop clang-13, add clang-16
2023-03-20 13:58:58 +09:00
Daan De Meyer
58caedadbb
mkosi: Enable some debugging options by default
2023-03-17 12:13:26 +09:00
Daan De Meyer
9f94d2741f
mkosi: Use default timeout of 10s
...
Let's override the default timeout to something more reasonable for
mkosi builds.
2023-03-16 18:19:37 +01:00
Yu Watanabe
b2b5a95227
github: update default and example in template
2023-03-15 20:31:34 +01:00
Cornelius Hoffmann
2ff7856e1e
Update github issue template to include systemd-dissect
2023-03-15 16:52:32 +01:00
Daan De Meyer
9c34405241
mkosi: Update to latest
2023-03-11 13:55:41 +01:00
Jan Janssen
e8509329d7
ci: Adjust for new EFI build
2023-03-10 11:41:08 +01:00
Jan Janssen
dfca5587cf
tree-wide: Drop gnu-efi
...
This drops all mentions of gnu-efi and its manual build machinery. A
future commit will bring bootloader builds back. A new bootloader meson
option is now used to control whether to build sd-boot and its userspace
tooling.
2023-03-10 11:41:03 +01:00
Luca Boccassi
e079120505
Merge pull request #26706 from jengelh/master
...
doc: various orthographic fixes
2023-03-07 21:34:03 +00:00
Daan De Meyer
925bb83ea5
mkosi: Drop debug logging
...
The spurious "connection timed out" errors from nspawn should be
fixed now that we're running the latest version.
2023-03-07 15:25:19 +01:00
Daan De Meyer
8d29e401ce
mkosi: Drop kernel command line masking in CI
...
These services should be disabled by default and not need explicit
masking anymore.
2023-03-07 15:25:19 +01:00
Daan De Meyer
523d71076d
mkosi: Update to latest
...
So that we don't enable services by default anymore on Debian.
2023-03-07 15:25:02 +01:00
Jan Engelhardt
18fe76eba5
doc: correct wrong use "'s" contractions
2023-03-07 13:39:31 +01:00
Daan De Meyer
9cc018fa93
mkosi: Update to latest
...
Latest version builds nspawn from source which hopefully gets rid of
the spurious "Connection timed out" errors we've been seeing in CI.
2023-03-06 19:30:40 +01:00
dependabot[bot]
1016c8ad94
build(deps): bump systemd/mkosi
...
Bumps [systemd/mkosi](https://github.com/systemd/mkosi ) from 1d131062066fe7b5a83b87319b4464b186adbb1c to d13ff85610c6fb01a2fff0a8187729ebe4a05595.
- [Release notes](https://github.com/systemd/mkosi/releases )
- [Changelog](https://github.com/systemd/mkosi/blob/main/NEWS.md )
- [Commits](1d13106206...d13ff85610
2023-03-01 14:58:47 +00:00
dependabot[bot]
ef1e3104a6
build(deps): bump github/codeql-action from 2.1.29 to 2.2.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.29 to 2.2.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ec3cf9c605...32dc499307
2023-03-01 14:58:18 +00:00
dependabot[bot]
17d4646ed8
build(deps): bump actions/labeler from 4.0.1 to 4.0.2
...
Bumps [actions/labeler](https://github.com/actions/labeler ) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/actions/labeler/releases )
- [Commits](e54e5b338f...5c7539237e
2023-03-01 13:14:53 +00:00
dependabot[bot]
31a14e4d3e
build(deps): bump meson from 1.0.0 to 1.0.1 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/1.0.0...1.0.1 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-01 13:14:26 +00:00
dependabot[bot]
7afcf8b193
build(deps): bump actions/checkout from 3.2.0 to 3.3.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](755da8c3cf...ac59398561
2023-03-01 13:13:04 +00:00
Daan De Meyer
6c53840958
Merge pull request #26518 from DaanDeMeyer/mkosi-stuff
...
mkosi: Drop build script workarounds
2023-02-21 18:23:06 +01:00
Daan De Meyer
03d319a45f
mkosi: Add more debugging
2023-02-21 13:51:59 +00:00
Daan De Meyer
8d8337da5e
mkosi: Update to latest
2023-02-21 13:01:22 +01:00
Daan De Meyer
7f3e4c9489
mkosi: Enable debug logging in CI
...
"Failed to dissect image: connection timed out" messages have been
appearing sporadically in mkosi CI. Let's enable debug logging to
help figure out why.
2023-02-15 20:02:54 +00:00
Jan Macku
96893d0937
ci(labeler): fix missing emoji in dont-merge label
2023-02-11 20:23:46 +09:00
Jan Macku
f8b7d483f5
ci(labeler): fix missing emoji in quick-review label
2023-02-11 20:23:46 +09:00
Daan De Meyer
c9853672a0
mkosi: Update to latest
...
Let's make sure we're testing unprivileged builds properly. Usage
of SourceFileTransfer= and SourceFileTransferFinal= are removed as
they were dropped by mkosi. SourceFileTransfer=mount is now the
default in mkosi so behavior for the build script is unchanged. We
stop copying sources in the final image until mkosi adds support
for virtiofs.
2023-02-10 18:16:54 +09:00
Jan Macku
9779079b53
ci: Add names to steps in labeler workflow
...
This makes it easier to see what step failed/was skipped in the GitHub
Actions UI. It also makes future debugging easier.
2023-02-08 22:37:10 +09:00
Jan Macku
de95bb2a98
ci: remove if: github.event.issue.pull_request from labeler.yml
...
`github.event.issue.pull_request` is an object, not a boolean.
This is the root cause of why the step that is supposed to remove labels
is always skipped. Having this condition in place is not necessary since
the workflow is run on the `pull_request_target` event.
2023-02-07 16:00:49 +01:00
Jan Macku
d709b92ef1
ci: fix missing quotes in labeler.yml
2023-02-07 15:39:37 +01:00
Zbigniew Jędrzejewski-Szmek
7a17e41dcf
test: drop whitespace after shell redirection operators
...
(The one case that is left unchanged is '< <(subcommand)'.)
This way, the style with no gap was already dominant. This way, the reader
immediately knows that ' < ' is a comparison operator and ' << ' is a shift.
In a few cases, replace custom EOF replacement by just EOF. There is no point
in using someting like "_EOL" unless "EOF" appears in the text.
2023-02-06 09:19:04 +01:00
Jan Macku
4dab1eb952
ci: Fix Development Freeze Automation
...
Due to the limitation of `GITHUB_TOKEN` when running workflows from forks,
it's required to split the `development_freeze` workflow in two.
* First workflow will run on the `pull_request` trigger and save the PR
number in the artifact. This workflow is running with read-only permissions
on `GITHUB_TOKEN`.
* Second workflow will get triggered on `workflow_run`. It will be run
directly in the `systemd/systemd` context and can get permission to be
able to create comments on PR.
GITHUB_TOKEN limitations:
* https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
GitHub Security Labs Article - How to correctly and safely overcome GITHUB_TOKEN limitations:
* https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
2023-02-03 14:03:39 +00:00
Jan Janssen
2de6cc18f9
ci: Test with secure boot enabled under mkosi
...
This gives us some nice test coverage for secure boot enrolling and the
stub secure boot workound. The authenticated EFI variables are already
created by mkosi, all we need to do is request secure boot to be used.
2023-02-01 17:16:03 +01:00
dependabot[bot]
15796f28ea
build(deps): bump systemd/mkosi
...
Bumps [systemd/mkosi](https://github.com/systemd/mkosi ) from f36983f552a197faf9e36361cc68a297e68bee73 to 500f93a36cc3d5bf1d06848a0a8870bf1424625f.
- [Release notes](https://github.com/systemd/mkosi/releases )
- [Changelog](https://github.com/systemd/mkosi/blob/main/NEWS.md )
- [Commits](f36983f552...500f93a36c
2023-02-01 09:48:30 +00:00
dependabot[bot]
b8565f93e9
build(deps): bump actions/github-script from 6.3.3 to 6.4.0
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.3.3 to 6.4.0.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](d556feaca3...98814c53be
2023-02-01 09:15:44 +00:00
dependabot[bot]
b0126d1e8e
build(deps): bump redhat-plumbers-in-action/advanced-issue-labeler
...
Bumps [redhat-plumbers-in-action/advanced-issue-labeler](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler ) from 2.0.1 to 2.0.4.
- [Release notes](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler/releases )
- [Commits](88209aef58...25a1e41826
2023-02-01 09:14:38 +00:00
Daan De Meyer
3d4fa9aaa0
mkosi: Disable auditd when running with nspawn in CI
...
auditd fails to start in CentOS Stream 9 causing CI failures so let's
disable it when running with nspawn in CI.
2023-01-29 17:34:21 +01:00
Daan De Meyer
868c318ba3
mkosi: Add back CentOS Stream 8 to CI
...
It's still useful to test the EFI handover logic in systemd-boot.
We use a mkosi.prepare script to install a newer python and update
the system to use it.
2023-01-29 17:05:23 +01:00
Daan De Meyer
c8943ce884
mkosi: Update and enable ukify in mkosi builds
...
We also add the necessary deps for ukify to the mkosi configs.
CentOS Stream 8 is dropped from CI because its python version is too
old (3.6) to be able to run ukify.
2023-01-27 15:05:04 +01:00
Zbigniew Jędrzejewski-Szmek
c26662b241
github/labeller: fix yaml syntax
2023-01-26 10:42:05 +01:00
Zbigniew Jędrzejewski-Szmek
58634a2989
github/labeller: add more match patterns
2023-01-26 10:04:58 +01:00
Daan De Meyer
9d2e4ceee5
ci: Update mkosi action to latest commit
...
Let's make sure we're testing with the latest changes in mkosi. This
includes both the switch to systemd-repart and ukify, making sure we
get extra testing coverage for those components.
This also drops options from the centos config that have been removed
in the newer mkosi.
For some reason idmapping runs into some issues so we disable it for
now.
2023-01-15 20:44:53 +01:00
Daan De Meyer
da2a4f6a2e
ci: Fix PR labeling
...
Make sure we only add labels to open pull request and remove labels
from closed pull requests.
2023-01-12 11:42:16 +01:00
Zbigniew Jędrzejewski-Szmek
8112c91e48
github: use 'meson setup'
...
Meson started warning when 'setup' is not used:
WARNING: Running the setup command as `meson [options]` instead of `meson setup [options]` is ambiguous and deprecated.
Also add more quoting in output to make the message clearer.
2023-01-11 16:46:24 +01:00
Daan De Meyer
81315baa68
ci: Remove a bunch of labels when a PR is merged
2023-01-10 14:52:53 +01:00
Jan Janssen
3f92dc2fd4
boot: Simplify object erasure
...
This erase_obj() machinery looks like voodoo and creates an awful lot of
noise as soon as we get back to building with -O0. We can do this in a
more simple way by introducing a struct that holds the information we
need on cleanup. When building with optimization enabled, all this gets
inlined and the eraser vanishes.
2023-01-09 18:58:54 +01:00
dependabot[bot]
9826037476
build(deps): bump stefanbuck/github-issue-parser from 2.0.4 to 3.0.1
...
Bumps [stefanbuck/github-issue-parser](https://github.com/stefanbuck/github-issue-parser ) from 2.0.4 to 3.0.1.
- [Release notes](https://github.com/stefanbuck/github-issue-parser/releases )
- [Commits](f80b14f788...c1a559d78b
2023-01-06 19:18:30 +00:00
dependabot[bot]
4371496fa9
build(deps): bump ossf/scorecard-action from 2.0.6 to 2.1.2
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.0.6 to 2.1.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](99c53751e0...e38b1902ae
2023-01-06 18:49:21 +00:00
dependabot[bot]
df242320e5
build(deps): bump github/super-linter from 4.9.6 to 4.9.7
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 4.9.6 to 4.9.7.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md )
- [Commits](01d3218744...bb2d833b08
2023-01-06 18:48:30 +00:00
dependabot[bot]
5afe9a300a
build(deps): bump actions/checkout from 3.0.2 to 3.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.2 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3.0.2...755da8c3cf115ac066823e79a1e1788f8940201b )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-06 18:47:52 +00:00
dependabot[bot]
c129b184c9
build(deps): bump meson from 0.64.1 to 1.0.0 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 0.64.1 to 1.0.0.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/0.64.1...1.0.0 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-01-06 18:47:20 +00:00
Zbigniew Jędrzejewski-Szmek
616b8101b7
github: update version in bug templates
2022-12-20 15:12:41 +01:00
Frantisek Sumsal
a32831ae1d
mkosi: work around a file conflict between systemd and systemd-boot
2022-12-15 16:04:28 +01:00
Daan De Meyer
52c602d4c6
ci: Labeler improvements
...
- Mention "/please-review" in the contributing guide
- Remove "needs-rebase" on push
- Don't add "please-review" if a green label is set
- Don't add please-review label to draft PRs
- Add please-review when a PR moves out of draft
2022-12-09 15:37:43 +01:00
Daan De Meyer
8fc78e6845
ci: Add/Drop labels on pull request activity and comment
...
When a pull request is opened/updated, add "please-review" and
remove a few other labels.
When a comment is made with /please-review on a PR. Add the
"please-review" label to the PR.
2022-12-09 04:50:13 +09:00
Lennart Poettering
a579990277
Merge pull request #25180 from keszybz/ukify
...
ukify: add helper to create UKIs
2022-12-08 15:11:18 +01:00
Zbigniew Jędrzejewski-Szmek
1f6da5d902
ci: install pefile
2022-12-07 15:53:47 +01:00
dependabot[bot]
054f47defc
build(deps): bump ninja from 1.10.2.4 to 1.11.1 in /.github/workflows
...
Bumps [ninja](https://github.com/ninja-build/ninja ) from 1.10.2.4 to 1.11.1.
- [Release notes](https://github.com/ninja-build/ninja/releases )
- [Commits](https://github.com/ninja-build/ninja/commits/v1.11.1 )
---
updated-dependencies:
- dependency-name: ninja
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-01 11:59:45 +00:00
dependabot[bot]
80dd9e2de7
build(deps): bump meson from 0.63.3 to 0.64.1 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 0.63.3 to 0.64.1.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/0.63.3...0.64.1 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-01 10:28:47 +00:00
dependabot[bot]
58a1485fa9
build(deps): bump redhat-plumbers-in-action/differential-shellcheck
...
Bumps [redhat-plumbers-in-action/differential-shellcheck](https://github.com/redhat-plumbers-in-action/differential-shellcheck ) from 3.1.1 to 3.2.1.
- [Release notes](https://github.com/redhat-plumbers-in-action/differential-shellcheck/releases )
- [Changelog](https://github.com/redhat-plumbers-in-action/differential-shellcheck/blob/main/CHANGELOG.md )
- [Commits](1b1b75e42f...f3cd08fcf1
2022-12-01 10:03:09 +00:00
dependabot[bot]
690e7bfe8f
build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.1
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v3.1.0...83fd05a356d7e2593de66fc9913b3002723633cb )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-01 10:02:00 +00:00
dependabot[bot]
073747028b
build(deps): bump redhat-plumbers-in-action/advanced-issue-labeler
...
Bumps [redhat-plumbers-in-action/advanced-issue-labeler](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler ) from 2.0.0 to 2.0.1.
- [Release notes](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler/releases )
- [Commits](fe9c43b7d7...88209aef58
2022-12-01 10:01:10 +00:00
Luca Boccassi
c1fb3319ce
GA: do not run codeql on systemd-security
...
Scanning is not available on private repositories
2022-11-30 10:59:03 +00:00
Luca Boccassi
77e6166679
GA: run development_freeze only on main repository
...
No point in running this checker on other forks
2022-11-30 10:59:03 +00:00
Luca Boccassi
39a306ba34
Merge pull request #25319 from zx2c4-forks/krngseed
...
boot: implement kernel EFI RNG seed protocol with proper hashing
2022-11-16 15:07:54 +01:00
Jason A. Donenfeld
0be72218f1
boot: implement kernel EFI RNG seed protocol with proper hashing
...
Rather than passing seeds up to userspace via EFI variables, pass seeds
directly to the kernel's EFI stub loader, via LINUX_EFI_RANDOM_SEED_TABLE_GUID.
EFI variables can potentially leak and suffer from forward secrecy
issues, and processing these with userspace means that they are
initialized much too late in boot to be useful. In contrast,
LINUX_EFI_RANDOM_SEED_TABLE_GUID uses EFI configuration tables, and so
is hidden from userspace entirely, and is parsed extremely early on by
the kernel, so that every single call to get_random_bytes() by the
kernel is seeded.
In order to do this properly, we use a bit more robust hashing scheme,
and make sure that each input is properly memzeroed out after use. The
scheme is:
key = HASH(LABEL || sizeof(input1) || input1 || ... || sizeof(inputN) || inputN)
new_disk_seed = HASH(key || 0)
seed_for_linux = HASH(key || 1)
The various inputs are:
- LINUX_EFI_RANDOM_SEED_TABLE_GUID from prior bootloaders
- 256 bits of seed from EFI's RNG
- The (immutable) system token, from its EFI variable
- The prior on-disk seed
- The UEFI monotonic counter
- A timestamp
This also adjusts the secure boot semantics, so that the operation is
only aborted if it's not possible to get random bytes from EFI's RNG or
a prior boot stage. With the proper hashing scheme, this should make
boot seeds safe even on secure boot.
There is currently a bug in Linux's EFI stub in which if the EFI stub
manages to generate random bytes on its own using EFI's RNG, it will
ignore what the bootloader passes. That's annoying, but it means that
either way, via systemd-boot or via EFI stub's mechanism, the RNG *does*
get initialized in a good safe way. And this bug is now fixed in the
efi.git tree, and will hopefully be backported to older kernels.
As the kernel recommends, the resultant seeds are 256 bits and are
allocated using pool memory of type EfiACPIReclaimMemory, so that it
gets freed at the right moment in boot.
2022-11-14 15:21:58 +01:00
Zbigniew Jędrzejewski-Szmek
e642816b65
ci: use mkosi executable directly
2022-11-14 11:59:30 +01:00
Zbigniew Jędrzejewski-Szmek
976ceafe1b
ci: skip running on docs-only changes
...
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#example-including-and-excluding-paths
> If you define a path with the ! character, you must also define at least one
> path without the ! character. If you only want to exclude paths, use
> paths-ignore instead.
>
> The order that you define patterns matters:
> A matching negative pattern (prefixed with !) after a positive match will
> exclude the path.
> A matching positive pattern after a negative match will include the path
> again.
Even if some of the exluded paths *could* impact the build, generally it's a
waste of time to do mkosi builds on them. Let's skip to releave the builders a
bit.
2022-11-11 11:27:35 +01:00
Jan Macku
b6a23ad642
ci(dev-freeze): Use GitHub Action for PR comments
...
GitHub Action `devel-freezer` helps with development freeze notifications
during the RC phase. It will create comments using predefined messages on
newly created and updated PRs when the RC tag has been released.
Also, it will update comments once a new major version has been released.
Documentation available at: https://github.com/redhat-plumbers-in-action/devel-freezer
2022-11-05 14:10:01 +01:00
Samuel Thibault
ede5a78f50
shutdown: Add Xen kexec support
...
In the Xen case, it's the hypervisor which manages kexec. We thus
have to ask it whether a kernel is loaded, instead of relying on
/sys/kernel/kexec_loaded.
2022-11-02 20:47:41 +01:00
dependabot[bot]
cd00185881
build(deps): bump github/codeql-action from 2.1.17 to 2.1.29
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.17 to 2.1.29.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.1.17...ec3cf9c605b848da5f1e41e8452719eb1ccfb9a6 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-01 11:20:30 +00:00
dependabot[bot]
65444c9cba
build(deps): bump meson from 0.63.2 to 0.63.3 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 0.63.2 to 0.63.3.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/0.63.2...0.63.3 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-01 11:19:52 +00:00
dependabot[bot]
a61119e299
build(deps): bump systemd/mkosi
...
Bumps [systemd/mkosi](https://github.com/systemd/mkosi ) from 792cbc60eb2dc4a58d66bb3c212bf92f8d50f6ea to 14. This release includes the previously tagged commit.
- [Release notes](https://github.com/systemd/mkosi/releases )
- [Changelog](https://github.com/systemd/mkosi/blob/main/NEWS.md )
- [Commits](792cbc60eb...c9772ec920
2022-11-01 10:26:17 +00:00
dependabot[bot]
ed770fc10a
build(deps): bump ossf/scorecard-action from 2.0.4 to 2.0.6
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.0.4 to 2.0.6.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](e363bfca00...99c53751e0
2022-11-01 10:25:31 +00:00
Luca Boccassi
6f96359dfc
Disable code freeze banner
2022-10-31 18:57:13 +00:00
Luca Boccassi
035dc08bea
gh actions: run a unit test iteration without machine-id
2022-10-25 16:00:26 +01:00
Frantisek Sumsal
b3ea9cf13b
ci: run the Scorecards action in PRs only on config update
...
Also, unify the string quotation a bit and drop one unnecessary
expression syntax (as everything in `if` statements is automatically
evaluated as an expression).
2022-10-20 17:10:50 +02:00
Frantisek Sumsal
3e35a3302c
ci: add a missing SPDX line
2022-10-20 17:03:37 +02:00
Joyce
b7a279f9ef
ci: Enable Scorecard Github Action and Badge ( #25054 )
...
* chore: enable scorecard action
* chore: add badge to the README file
* chore: enable on config file update
* chore: update scorecard to 2.0.4
* chore: run scorecard on PR at main branch
* chore: add condition to publish_result key
* chore: skip upload to code scanning if PR
* chore: only runs scorecard in the main repo
Resolves : #25042
2022-10-19 09:05:39 +00:00
Daan De Meyer
0aa1d40649
mkosi: Switch to Fedora 37
...
Official release date is close so let's switch mkosi CI to it already.
2022-10-17 16:02:16 +02:00
Daan De Meyer
71205f972b
mkosi: Add Centos Stream 8 back to CI
...
We can build all of systemd's features again on CentOS Stream 8, so
let's add it back to CI.
2022-10-17 08:45:57 +02:00
Luca Boccassi
da60182759
Merge pull request #24933 from keszybz/erradicate-strerror
...
Erradicate strerror
2022-10-11 21:47:38 +02:00
Zbigniew Jędrzejewski-Szmek
0cf1a4b3a7
Get rid of strerror_safe()
2022-10-11 16:59:00 +02:00
Luca Boccassi
dcf1bf3b6d
mkosi: update to latest commit
...
Require dto fix Debian testing/unstable builds, as the initrd is
versioned
2022-10-10 13:19:41 +02:00
Luca Boccassi
47819da972
Enable PR template for RC phase
2022-10-07 16:37:36 +02:00
dependabot[bot]
8ef866ace4
build(deps): bump ninja from 1.10.2.3 to 1.10.2.4 in /.github/workflows
...
Bumps [ninja](https://github.com/ninja-build/ninja ) from 1.10.2.3 to 1.10.2.4.
- [Release notes](https://github.com/ninja-build/ninja/releases )
- [Commits](https://github.com/ninja-build/ninja/commits )
---
updated-dependencies:
- dependency-name: ninja
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-01 14:36:48 +02:00
Frantisek Sumsal
f00fe51b9c
ci: pin stefanbuck/github-issue-parser to a tagged release
...
Since [0] got resolved ([1]) we can finally pin the action to a tagged
release (v2.0.4 ATTOW) and let Dependabot to do its job by updating it
to the latest tagged release when it becomes available.
Replaces: #24886
[0] https://github.com/stefanbuck/github-issue-parser/issues/23
[1] https://github.com/stefanbuck/github-issue-parser/pull/39
2022-10-01 14:35:41 +02:00
dependabot[bot]
e316ab5747
build(deps): bump actions/labeler from 4.0.0 to 4.0.1
...
Bumps [actions/labeler](https://github.com/actions/labeler ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/labeler/releases )
- [Commits](9fd24f1f9d...e54e5b338f
2022-10-01 13:04:34 +02:00
dependabot[bot]
254c049ccb
build(deps): bump redhat-plumbers-in-action/differential-shellcheck
...
Bumps [redhat-plumbers-in-action/differential-shellcheck](https://github.com/redhat-plumbers-in-action/differential-shellcheck ) from 3.0.1 to 3.1.1.
- [Release notes](https://github.com/redhat-plumbers-in-action/differential-shellcheck/releases )
- [Changelog](https://github.com/redhat-plumbers-in-action/differential-shellcheck/blob/main/CHANGELOG.md )
- [Commits](a14889568f...1b1b75e42f
2022-10-01 13:04:15 +02:00
dependabot[bot]
5d4ba4e534
build(deps): bump meson from 0.63.1 to 0.63.2 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 0.63.1 to 0.63.2.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/0.63.1...0.63.2 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-01 13:00:45 +02:00
Frantisek Sumsal
9fe61660ba
ci: fix a couple of typos
2022-09-14 22:09:19 +02:00
Frantisek Sumsal
5e781e07db
ci: enable a couple more possibly useful CodeQL queries
2022-09-14 22:09:19 +02:00
Frantisek Sumsal
d97733908b
ci: rename codeql-analysis.yml to codeql.yml
...
Just to be consistent with other repos under the systemd umbrella.
2022-09-14 19:13:49 +02:00
Frantisek Sumsal
736a1df747
ci: limit scope for the CodeQL scan
...
Don't run the workflow unnecessarily for non-{cpp,python} related changes.
2022-09-13 21:32:15 +02:00
Frantisek Sumsal
774cf0d8fd
ci: drop LGTM stuff and move remaining bits into a new location
2022-09-13 21:32:15 +02:00
Frantisek Sumsal
27d6281158
ci: run CodeQL on push to main/stable branches as well
...
Since we need results for the base branches as well in order to have
something to compare against.
Follow-up to cbe25d0dcc
2022-09-13 21:18:44 +02:00
Frantisek Sumsal
cbe25d0dcc
ci: run CodeQL on every PR
...
Since LGTM is no longer enabled for the systemd repo (as it's going to
be discontinued by the EOY), let's run CodeQL on every PR instead to
replace it.
2022-09-14 03:55:16 +09:00
Jan Macku
500ca79f22
issue-templates: Add note about updating labeling policy
2022-09-07 10:51:48 +02:00
Jan Macku
a4965366ec
ci(issue-labeler): Update to advanced-issue-labeler@v2
...
The new version of `advanced-issue-labeler` GitHub Action introduces new
structure of policy that requires adjustments to systemd issue labeling
policy.
Changes introduced in v2.0.0 - https://github.com/redhat-plumbers-in-action/advanced-issue-labeler/releases/tag/v2.0.0
2022-09-07 10:43:48 +02:00
Jan Macku
3a8352cbf3
ci(issue-labeler): Add missing policy for coredump label
2022-09-06 14:59:00 +00:00
Luca Boccassi
31ed4b9147
mkosi: update to latest commit
...
Required to fix Debian testing/unstable builds, as resolved is
now in its own package
2022-09-02 19:46:54 +01:00
Yu Watanabe
0a3e413516
github: update differential shellcheck to v3.0.1
...
v3 supports external sources. Yey!
2022-09-01 17:27:09 +00:00
dependabot[bot]
c19053e657
build(deps): bump meson from 0.63.0 to 0.63.1 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 0.63.0 to 0.63.1.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/0.63.0...0.63.1 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-09-01 10:31:30 +00:00
dependabot[bot]
d1cc2654fd
build(deps): bump github/super-linter from 4.9.5 to 4.9.6
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 4.9.5 to 4.9.6.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md )
- [Commits](2d64ac1c06...01d3218744
2022-09-01 09:21:53 +00:00
dependabot[bot]
42907767bd
build(deps): bump redhat-plumbers-in-action/advanced-issue-labeler
...
Bumps [redhat-plumbers-in-action/advanced-issue-labeler](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler ) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler/releases )
- [Commits](b89eb39b97...d12b782ff9
2022-09-01 09:08:19 +00:00
Luca Boccassi
df16869660
shellcheck/labeler: disable on systemd-security
2022-09-01 00:53:46 +09:00
Luca Boccassi
255963ec3a
mkosi: disable isc-dhcp-server again
...
It's still failing in Ubuntu:
● isc-dhcp-server.service loaded failed failed ISC DHCP IPv4 server
● isc-dhcp-server6.service loaded failed failed ISC DHCP IPv6 server
Just disable them via the kernel command line masking.
2022-08-25 23:02:29 +01:00
Luca Boccassi
5e98346220
Merge pull request #24254 from medhefgo/mold
...
ci: Add mold to build tests
2022-08-23 19:33:47 +01:00
Daan De Meyer
37d35150cb
mkosi: Ensure we build all features/components in mkosi
...
Explicitly enable all features/components in the mkosi build to
ensure they all get built and we get an error if they can't be built.
We also rework the packages sections of all mkosi configs to reduce
duplication and cover all the dependencies necessary to build/use all
systemd features.
Note that for the final image, since systemd is installed by default
in base images, we rely on that to install the base library dependencies
and we only list extra optional dependencies and tools that aren't already
installed by default into the base image.
We also drop the centos stream 8 mkosi build as dependencies on that
distro are too out-of-date to be able to build all systemd features.
Since centos stream 9 has been out for a while, let's focus on that
and leave it to downstream to keep systemd building on centos stream 8.
Finally, there's a few additions to the mkosi scripts to make sure
services don't start by default on boot.
2022-08-23 15:19:26 +02:00
Zbigniew Jędrzejewski-Szmek
00616643de
Merge pull request #24352 from DaanDeMeyer/mkosi-opensuse
...
mkosi: Update to latest commit
2022-08-23 11:05:02 +02:00
Jan Janssen
4fb6506deb
meson: Downgrade efi-ld warning
...
The warning isn't that serious and mostly there to inform the user that
lld/mold cannot build efi binaries. It is also better to build test with
fatal meson warnings.
2022-08-23 10:26:02 +02:00
Jan Janssen
ed862b95b2
ci: Add mold to build tests
2022-08-23 10:25:30 +02:00
Jan Macku
3d59b0470a
ci: Drop actions/setup-node - unused
...
In `issue_labeler.yml` is no need for node.js runtime (`actions/setup-node`). It was accidentally added by `copy & paste` from another workflow.
2022-08-22 21:21:08 +09:00
Frantisek Sumsal
d7c1024b6b
ci: build with clang-15; drop clang-12
2022-08-20 20:12:03 +02:00
Daan De Meyer
0e961391c1
mkosi: Drop workarounds
...
None of these should be necessary anymore with recent versions of
mkosi.
2022-08-19 16:50:17 +02:00
Daan De Meyer
2dddae253b
mkosi: Update to latest commit
...
Fixes #1128
2022-08-19 16:49:57 +02:00
Jan Macku
3f3c718e79
ci(lint): add shell linter - Differential ShellCheck
...
It performs differential ShellCheck scans and report results directly in
pull request.
documentation:
https://github.com/redhat-plumbers-in-action/differential-shellcheck
2022-08-16 13:33:57 +00:00
Daan De Meyer
599884bd9a
mkosi: Update to latest commit
...
Introduces a more reliable mirror for Arch which should reduce the
number of mkosi Arch CI failures due to unreliable mirror selection.
2022-08-16 08:59:15 +09:00
Jan Janssen
8ea086c894
Use correct label for boot related issues
2022-08-14 05:35:55 +09:00
Frantisek Sumsal
34a2f39b37
ci: lint the Coverity script
...
as we now use our own custom script for it.
2022-08-11 10:57:25 +02:00
Frantisek Sumsal
176086a2ec
ci: simplify the Coverity script a bit
...
Also, address https://github.com/systemd/systemd/pull/24252#issuecomment-1208747320
by using a pre-defined e-mail address stored in the GH Action secrets.
2022-08-11 10:57:25 +02:00
Frantisek Sumsal
578355684d
ci: set a timeout for each mkosi stage
...
Work around #24202 so we don't wait ~6 hours for a stuck QEMU job.
2022-08-05 12:12:13 +00:00
Luca Boccassi
c1178baacd
docs: add disabled PR template for code freeze
...
To be enabled on rc1, and disabled again after the final release.
Gives contributors a clear warning that new features/APIs will be
postponed.
2022-08-04 11:10:28 +02:00
Daan De Meyer
a268e7f402
mkosi: Update to latest
...
Fixed centos stream 8 builds that were hitting a nonexisting mirror
url
2022-08-02 20:19:21 +01:00
Daan De Meyer
859614439a
mkosi: Update to latest commit
...
With this update, Arch Linux keyring updates will be automatically
pulled in instead of having to update to a new mkosi commit every
time the keyring gets outdated.
2022-08-02 12:58:31 +02:00
dependabot[bot]
bc4b9a7117
build(deps): bump meson from 0.62.2 to 0.63.0 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 0.62.2 to 0.63.0.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/0.62.2...0.63.0 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-08-01 14:06:32 +00:00
dependabot[bot]
c3ebbcf7cb
build(deps): bump github/codeql-action from 2.1.15 to 2.1.17
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.15 to 2.1.17.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3f62b754e2...0c670bbf04
2022-08-01 11:17:18 +00:00
dependabot[bot]
cc7f5ac478
build(deps): bump github/super-linter from 4.9.4 to 4.9.5
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 4.9.4 to 4.9.5.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md )
- [Commits](a320804d31...2d64ac1c06
2022-08-01 11:10:08 +00:00
dependabot[bot]
fdf38c0f1f
build(deps): bump actions/setup-node from 3.3.0 to 3.4.1
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3.3.0 to 3.4.1.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](eeb10cff27...2fddd8803e
2022-08-01 10:06:54 +00:00
Daan De Meyer
a41940ed0e
mkosi: Update to latest commit
...
Fixes an issue with Arch builds failing by updating the archlinux
keyring package.
2022-07-26 21:13:40 +00:00
Daan De Meyer
2d62579570
mkosi: Build against Fedora rawhide as well
2022-07-26 23:42:45 +09:00
Daan De Meyer
73897d4f3c
Add systemd-hwdb to bug/RFE templates
2022-07-15 08:05:41 +09:00
Daan De Meyer
8ce1a3033f
Add coredump daemons to bug/RFE template component options
2022-07-13 12:31:01 +01:00
Frantisek Sumsal
d46e7c7cfd
ci: limit which env variables we pass through sudo
...
to work around #23987 .
2022-07-13 10:56:37 +00:00
Luca Boccassi
3a883d36eb
mkosi: update to latest main
...
Fix build failure on SUSE Tumbleweed due to config changes
2022-07-11 13:29:28 +01:00
Daan De Meyer
13f4f0fd81
mkosi: Update to latest release
...
This fixes the mkosi github action to unbreak the mkosi CI
2022-07-06 15:57:12 +02:00
dependabot[bot]
71562f5174
build(deps): bump meson from 0.62.0 to 0.62.2 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 0.62.0 to 0.62.2.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/0.62.0...0.62.2 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-01 14:36:52 +03:00
dependabot[bot]
573fb26ca2
build(deps): bump github/codeql-action from 2.1.6 to 2.1.15
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.6 to 2.1.15.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](28eead2408...3f62b754e2
2022-07-01 14:34:01 +03:00
Jan Macku
f0390fa034
github: add more components to RFE issue template
...
Follow-up to: #23838
2022-06-28 02:18:42 +09:00
Yu Watanabe
aec2f54b30
github: add more components to issue template
2022-06-27 16:58:59 +09:00
Daan De Meyer
c024a6ac96
mkosi: Pull in fix that solves action mirror issue
2022-06-24 16:00:18 +03:00
Evgeny Vereshchagin
f3bd663faf
ci: set top-level permissions as well
...
It should turn on the "restricted" mode by default regardless of
whether the global setting is on or not. New jobs in this action
should have to overwrite it explicitly to gain write access in any
way.
It should also make the action consistent with the other actions
writing various stuff like 'labeler' and 'codeql'.
2022-06-24 20:08:30 +09:00
Evgeny Vereshchagin
1a2620e8bd
ci: remove links to "codeless contribution" actions
...
They refer to actions with script injections running with full
access to repositories.
2022-06-23 20:43:57 +00:00
Jan Macku
6cacdb3985
github: Issue forms - fix GA SHA1 ref
...
Fix `SHA1` reference for github action `stefanbuck/github-issue-parser` to
point to correct commit.
Follow-up to: #23811
2022-06-23 17:58:25 +03:00
Jan Macku
632372bcbc
github: Issue forms templates follow-up
...
- Use `SHA1` for actions versioning
- Fix typo: `github-issue-praser` -> `github-issue-parser`
- Define exact permissions
Follow-up to: #23693
2022-06-23 17:22:47 +03:00
Jan Macku
6b16539879
github: Update issue templates to issue forms
...
Issue forms templates allow us to add automation in place.
This patch replaces old markdown issue templates with new issue forms.
It also adds workflow to automatically mark issues by component label
based on reported data.
This change could help with initial triaging of issues.
2022-06-23 09:47:42 +02:00
Daan De Meyer
f304d03884
mkosi: Update CI to mkosi 13
2022-06-22 01:30:39 +01:00
Evgeny Vereshchagin
4f62dc3e92
cifuzz: build fuzzers on i386 as well
...
It's a follow-up to https://github.com/systemd/systemd/pull/23550 .
2022-06-08 21:32:38 +00:00
Evgeny Vereshchagin
36cb69fc43
ci: build systemd with clang with -Dmode=release --optimization=2
...
This is what's most likely used to build systemd with clang in
practice so let's test it as well.
Preparation for reverting 0bd292567a
2022-06-05 16:26:54 +00:00
dependabot[bot]
2f9e3d5f50
build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.0
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 2.3.1 to 3.1.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](82c141cc51...3cea537223
2022-06-01 15:32:03 +03:00
dependabot[bot]
db361cdabd
build(deps): bump github/super-linter from 4.9.3 to 4.9.4
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 4.9.3 to 4.9.4.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md )
- [Commits](431ee7836e...a320804d31
2022-06-01 11:09:45 +00:00
Frantisek Sumsal
9e03f48d21
ci: reenable validation of GH Actions files
2022-05-25 04:49:05 +09:00
Frantisek Sumsal
40bc68cf21
Merge pull request #23475 from nabijaczleweli/certified-lint.1-moment
...
Actually run shellcheck on CI
2022-05-23 19:16:22 +00:00
Evgeny Vereshchagin
af72115412
ci: bump gcc in the "build test" workflow
...
gcc-12 has been released
2022-05-23 14:30:48 +00:00
наб
32c99bc86e
Don't ignore kernel-install for shellcheck
2022-05-23 12:52:52 +02:00
Frantisek Sumsal
6c0259e502
ci: temporarily disable validation of GH Action files
...
since the current version of super-linter doesn't recognize
ubuntu-22.04 as a valid runner specification. This should
be fixed once https://github.com/github/super-linter/pull/2897
is merged, which includes
09a60b0f57
2022-05-21 23:28:18 +02:00
Frantisek Sumsal
50b2b52004
ci: prefer the distro llvm version if available
2022-05-21 20:23:48 +02:00
Frantisek Sumsal
aa1bf7e61d
ci: bump GH Actions to Ubuntu Jammy where applicable
2022-05-21 20:23:48 +02:00
наб
b32217e8d0
Don't not lint kernel-install
2022-05-14 15:21:34 +02:00
Yu Watanabe
e2c99d3b5c
CI: use Fedora 36
2022-05-13 02:46:13 +09:00
dependabot[bot]
9c96c89bb3
build(deps): bump github/super-linter from 4.9.1 to 4.9.2
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 4.9.1 to 4.9.2.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md )
- [Commits](3792fe5373...ae4e373c56
2022-05-03 05:51:41 +03:00
dependabot[bot]
5f994fffb9
build(deps): bump actions/checkout from 3.0.0 to 3.0.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.0 to 3.0.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a12a3943b4...2541b1294d
2022-05-03 05:50:11 +03:00
Evgeny Vereshchagin
2d14ec9b8a
ci: actually turn on fatal-meson-warnings in the "build" workflow
...
It's a follow-up to https://github.com/systemd/systemd/pull/23211
2022-04-29 13:58:27 +09:00
Evgeny Vereshchagin
67b9732f1b
ci: bring fatal-meson-warnings back
...
It's a follow-up to https://github.com/systemd/systemd/pull/23204
v2: replaced xargs with exec as suggested by Jan Janssen
2022-04-28 21:21:59 +03:00
Luca Boccassi
0a5e638cc7
meson: add install_tag to sd-boot, libsystemd and libudev
...
Allows to 'meson install --tags systemd-boot --no-rebuild' to install only the EFI
binaries, skipping the rest, for a very quick build:
$ ninja src/boot/efi/linuxx64.efi.stub
[21/21] Generating src/boot/efi/linuxx64.efi.stub with a custom command
$ ninja src/boot/efi/systemd-bootx64.efi
[10/10] Generating src/boot/efi/systemd-bootx64.efi with a custom command
$ DESTDIR=/tmp/foo meson install --tags systemd-boot --no-rebuild
Installing src/boot/efi/systemd-bootx64.efi to /tmp/foo/usr/lib/systemd/boot/efi
Requires Meson 0.60 to be used, prints a warning for unknown keyword
in earlier versions, but there's no failure
https://mesonbuild.com/Installing.html#installation-tags
2022-04-27 22:24:53 +01:00
Evgeny Vereshchagin
c84fc00b37
ci: unpin CFLite
...
The idea was to catch CFLite regressions but since the action itself
pulls the latest docker images it can't be pinned properly and issues
like https://github.com/google/clusterfuzzlite/issues/91 are going to
pop up anyway. Let's unpin it by analogy with CIFuzz and hope it doesn't
break very often.
2022-04-26 09:13:57 +00:00
Daan De Meyer
041456246c
mkosi: Update to latest commit
...
We recently added caching for the dependencies we build from source
in mkosi's github action which speeds up builds by +-10 minutes. Let's
update to the latest commit so we benefit from this in systemd's mkosi
CI as well.
2022-04-22 09:09:13 +09:00
Jan Janssen
7fc60c071f
ci: Add ia32 EFI multilib test
...
This makes sure that building ia32 EFI binaries on x86_64 works.
We force gnu-efi support to ensure it's not skipped by accident
and provide the lib32 dir manually, because clang does not support
'--print-multi-os-directory', which is used to auto-detect it.
2022-04-07 18:45:21 +02:00
dependabot[bot]
64c843d12d
build(deps): bump meson from 0.61.2 to 0.62.0 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 0.61.2 to 0.62.0.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/0.61.2...0.62.0 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-01 21:41:37 +00:00
dependabot[bot]
b6ab9d7ade
build(deps): bump actions/labeler from 3.1.0 to 4
...
Bumps [actions/labeler](https://github.com/actions/labeler ) from 3.1.0 to 4.
- [Release notes](https://github.com/actions/labeler/releases )
- [Commits](3d612d72e6...9fd24f1f9d
2022-04-01 21:41:06 +00:00
dependabot[bot]
a2b107c86c
build(deps): bump actions/checkout from 2.4.0 to 3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2.4.0 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](ec3a7ce113...a12a3943b4
2022-04-01 21:40:52 +00:00
dependabot[bot]
a1a1e0b79f
build(deps): bump github/codeql-action from 1.1.3 to 2.1.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.1.3 to 2.1.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](75f07e7ab2...28eead2408
2022-04-01 21:39:20 +00:00
dependabot[bot]
5f82d58bb0
build(deps): bump github/super-linter from 4.8.5 to 4.9.1
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 4.8.5 to 4.9.1.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md )
- [Commits](b8641364ca...3792fe5373
2022-04-01 21:37:14 +00:00
Frantisek Sumsal
5efefcdcff
ci: drop clang 11 & add clang 14
2022-03-30 21:11:57 +09:00
Frantisek Sumsal
3a2f1d19d4
ci: make the concurrency group identifier unique once again
...
Otherwise we end up randomly cancelling once of the two centos_epel
jobs.
Follow-up to da637c8fca
2022-03-07 19:42:14 +00:00
