dependabot[bot]
fdf38c0f1f
build(deps): bump actions/setup-node from 3.3.0 to 3.4.1
...
Bumps [actions/setup-node](https://github.com/actions/setup-node ) from 3.3.0 to 3.4.1.
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](eeb10cff27...2fddd8803e
)
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-08-01 10:06:54 +00:00
Daan De Meyer
a41940ed0e
mkosi: Update to latest commit
...
Fixes an issue with Arch builds failing by updating the archlinux
keyring package.
2022-07-26 21:13:40 +00:00
Daan De Meyer
2d62579570
mkosi: Build against Fedora rawhide as well
2022-07-26 23:42:45 +09:00
Daan De Meyer
73897d4f3c
Add systemd-hwdb to bug/RFE templates
2022-07-15 08:05:41 +09:00
Daan De Meyer
8ce1a3033f
Add coredump daemons to bug/RFE template component options
2022-07-13 12:31:01 +01:00
Frantisek Sumsal
d46e7c7cfd
ci: limit which env variables we pass through sudo
...
to work around #23987 .
2022-07-13 10:56:37 +00:00
Luca Boccassi
3a883d36eb
mkosi: update to latest main
...
Fix build failure on SUSE Tumbleweed due to config changes
2022-07-11 13:29:28 +01:00
Daan De Meyer
13f4f0fd81
mkosi: Update to latest release
...
This fixes the mkosi github action to unbreak the mkosi CI
2022-07-06 15:57:12 +02:00
dependabot[bot]
71562f5174
build(deps): bump meson from 0.62.0 to 0.62.2 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 0.62.0 to 0.62.2.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/0.62.0...0.62.2 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-01 14:36:52 +03:00
dependabot[bot]
573fb26ca2
build(deps): bump github/codeql-action from 2.1.6 to 2.1.15
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.6 to 2.1.15.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](28eead2408...3f62b754e2
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-01 14:34:01 +03:00
Jan Macku
f0390fa034
github: add more components to RFE issue template
...
Follow-up to: #23838
2022-06-28 02:18:42 +09:00
Yu Watanabe
aec2f54b30
github: add more components to issue template
2022-06-27 16:58:59 +09:00
Daan De Meyer
c024a6ac96
mkosi: Pull in fix that solves action mirror issue
2022-06-24 16:00:18 +03:00
Evgeny Vereshchagin
f3bd663faf
ci: set top-level permissions as well
...
It should turn on the "restricted" mode by default regardless of
whether the global setting is on or not. New jobs in this action
should have to overwrite it explicitly to gain write access in any
way.
It should also make the action consistent with the other actions
writing various stuff like 'labeler' and 'codeql'.
2022-06-24 20:08:30 +09:00
Evgeny Vereshchagin
1a2620e8bd
ci: remove links to "codeless contribution" actions
...
They refer to actions with script injections running with full
access to repositories.
2022-06-23 20:43:57 +00:00
Jan Macku
6cacdb3985
github: Issue forms - fix GA SHA1
ref
...
Fix `SHA1` reference for github action `stefanbuck/github-issue-parser` to
point to correct commit.
Follow-up to: #23811
2022-06-23 17:58:25 +03:00
Jan Macku
632372bcbc
github: Issue forms templates follow-up
...
- Use `SHA1` for actions versioning
- Fix typo: `github-issue-praser` -> `github-issue-parser`
- Define exact permissions
Follow-up to: #23693
2022-06-23 17:22:47 +03:00
Jan Macku
6b16539879
github: Update issue templates to issue forms
...
Issue forms templates allow us to add automation in place.
This patch replaces old markdown issue templates with new issue forms.
It also adds workflow to automatically mark issues by component label
based on reported data.
This change could help with initial triaging of issues.
2022-06-23 09:47:42 +02:00
Daan De Meyer
f304d03884
mkosi: Update CI to mkosi 13
2022-06-22 01:30:39 +01:00
Evgeny Vereshchagin
4f62dc3e92
cifuzz: build fuzzers on i386 as well
...
It's a follow-up to https://github.com/systemd/systemd/pull/23550 .
2022-06-08 21:32:38 +00:00
Evgeny Vereshchagin
36cb69fc43
ci: build systemd with clang with -Dmode=release --optimization=2
...
This is what's most likely used to build systemd with clang in
practice so let's test it as well.
Preparation for reverting 0bd292567a
(which replaced bogus buffer overflow found with _FORTIFY_SOURCE=3
with actual segfaults).
2022-06-05 16:26:54 +00:00
dependabot[bot]
2f9e3d5f50
build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.0
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 2.3.1 to 3.1.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](82c141cc51...3cea537223
)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-01 15:32:03 +03:00
dependabot[bot]
db361cdabd
build(deps): bump github/super-linter from 4.9.3 to 4.9.4
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 4.9.3 to 4.9.4.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md )
- [Commits](431ee7836e...a320804d31
)
---
updated-dependencies:
- dependency-name: github/super-linter
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-01 11:09:45 +00:00
Frantisek Sumsal
9e03f48d21
ci: reenable validation of GH Actions files
2022-05-25 04:49:05 +09:00
Frantisek Sumsal
40bc68cf21
Merge pull request #23475 from nabijaczleweli/certified-lint.1-moment
...
Actually run shellcheck on CI
2022-05-23 19:16:22 +00:00
Evgeny Vereshchagin
af72115412
ci: bump gcc in the "build test" workflow
...
gcc-12 has been released
2022-05-23 14:30:48 +00:00
наб
32c99bc86e
Don't ignore kernel-install for shellcheck
2022-05-23 12:52:52 +02:00
Frantisek Sumsal
6c0259e502
ci: temporarily disable validation of GH Action files
...
since the current version of super-linter doesn't recognize
ubuntu-22.04 as a valid runner specification. This should
be fixed once https://github.com/github/super-linter/pull/2897
is merged, which includes
09a60b0f57
2022-05-21 23:28:18 +02:00
Frantisek Sumsal
50b2b52004
ci: prefer the distro llvm version if available
2022-05-21 20:23:48 +02:00
Frantisek Sumsal
aa1bf7e61d
ci: bump GH Actions to Ubuntu Jammy where applicable
2022-05-21 20:23:48 +02:00
наб
b32217e8d0
Don't not lint kernel-install
2022-05-14 15:21:34 +02:00
Yu Watanabe
e2c99d3b5c
CI: use Fedora 36
2022-05-13 02:46:13 +09:00
dependabot[bot]
9c96c89bb3
build(deps): bump github/super-linter from 4.9.1 to 4.9.2
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 4.9.1 to 4.9.2.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md )
- [Commits](3792fe5373...ae4e373c56
)
---
updated-dependencies:
- dependency-name: github/super-linter
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-03 05:51:41 +03:00
dependabot[bot]
5f994fffb9
build(deps): bump actions/checkout from 3.0.0 to 3.0.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.0 to 3.0.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a12a3943b4...2541b1294d
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-03 05:50:11 +03:00
Evgeny Vereshchagin
2d14ec9b8a
ci: actually turn on fatal-meson-warnings in the "build" workflow
...
It's a follow-up to https://github.com/systemd/systemd/pull/23211
2022-04-29 13:58:27 +09:00
Evgeny Vereshchagin
67b9732f1b
ci: bring fatal-meson-warnings back
...
It's a follow-up to https://github.com/systemd/systemd/pull/23204
v2: replaced xargs with exec as suggested by Jan Janssen
2022-04-28 21:21:59 +03:00
Luca Boccassi
0a5e638cc7
meson: add install_tag to sd-boot, libsystemd and libudev
...
Allows to 'meson install --tags systemd-boot --no-rebuild' to install only the EFI
binaries, skipping the rest, for a very quick build:
$ ninja src/boot/efi/linuxx64.efi.stub
[21/21] Generating src/boot/efi/linuxx64.efi.stub with a custom command
$ ninja src/boot/efi/systemd-bootx64.efi
[10/10] Generating src/boot/efi/systemd-bootx64.efi with a custom command
$ DESTDIR=/tmp/foo meson install --tags systemd-boot --no-rebuild
Installing src/boot/efi/systemd-bootx64.efi to /tmp/foo/usr/lib/systemd/boot/efi
Requires Meson 0.60 to be used, prints a warning for unknown keyword
in earlier versions, but there's no failure
https://mesonbuild.com/Installing.html#installation-tags
2022-04-27 22:24:53 +01:00
Evgeny Vereshchagin
c84fc00b37
ci: unpin CFLite
...
The idea was to catch CFLite regressions but since the action itself
pulls the latest docker images it can't be pinned properly and issues
like https://github.com/google/clusterfuzzlite/issues/91 are going to
pop up anyway. Let's unpin it by analogy with CIFuzz and hope it doesn't
break very often.
2022-04-26 09:13:57 +00:00
Daan De Meyer
041456246c
mkosi: Update to latest commit
...
We recently added caching for the dependencies we build from source
in mkosi's github action which speeds up builds by +-10 minutes. Let's
update to the latest commit so we benefit from this in systemd's mkosi
CI as well.
2022-04-22 09:09:13 +09:00
Jan Janssen
7fc60c071f
ci: Add ia32 EFI multilib test
...
This makes sure that building ia32 EFI binaries on x86_64 works.
We force gnu-efi support to ensure it's not skipped by accident
and provide the lib32 dir manually, because clang does not support
'--print-multi-os-directory', which is used to auto-detect it.
2022-04-07 18:45:21 +02:00
dependabot[bot]
64c843d12d
build(deps): bump meson from 0.61.2 to 0.62.0 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 0.61.2 to 0.62.0.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/0.61.2...0.62.0 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-01 21:41:37 +00:00
dependabot[bot]
b6ab9d7ade
build(deps): bump actions/labeler from 3.1.0 to 4
...
Bumps [actions/labeler](https://github.com/actions/labeler ) from 3.1.0 to 4.
- [Release notes](https://github.com/actions/labeler/releases )
- [Commits](3d612d72e6...9fd24f1f9d
)
---
updated-dependencies:
- dependency-name: actions/labeler
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-01 21:41:06 +00:00
dependabot[bot]
a2b107c86c
build(deps): bump actions/checkout from 2.4.0 to 3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2.4.0 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](ec3a7ce113...a12a3943b4
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-01 21:40:52 +00:00
dependabot[bot]
a1a1e0b79f
build(deps): bump github/codeql-action from 1.1.3 to 2.1.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.1.3 to 2.1.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](75f07e7ab2...28eead2408
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-01 21:39:20 +00:00
dependabot[bot]
5f82d58bb0
build(deps): bump github/super-linter from 4.8.5 to 4.9.1
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 4.8.5 to 4.9.1.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md )
- [Commits](b8641364ca...3792fe5373
)
---
updated-dependencies:
- dependency-name: github/super-linter
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-01 21:37:14 +00:00
Frantisek Sumsal
5efefcdcff
ci: drop clang 11 & add clang 14
2022-03-30 21:11:57 +09:00
Frantisek Sumsal
3a2f1d19d4
ci: make the concurrency group identifier unique once again
...
Otherwise we end up randomly cancelling once of the two centos_epel
jobs.
Follow-up to da637c8fca
.
2022-03-07 19:42:14 +00:00
Daan De Meyer
da637c8fca
mkosi: Add CentOS Stream 9
...
The blocker causing Stream 9 builds to fail was fixed
(https://bugzilla.redhat.com/show_bug.cgi?id=2056276 ) so we can add
CentOS Stream 9 builds as well now.
2022-03-07 14:30:49 +00:00
Frantisek Sumsal
55c09511e1
test: check systemd RPM macros
...
Make sure our RPM macros work as intended. Based on the original PR
(#16464 ) by Mikhail Novosyolov.
Co-authored-by: Mikhail Novosyolov <m.novosyolov@rosalinux.ru>
2022-03-06 13:07:20 +09:00
dependabot[bot]
82e4b0305b
build(deps): bump meson from 0.60.3 to 0.61.2 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 0.60.3 to 0.61.2.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/0.60.3...0.61.2 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-02 11:57:21 +00:00
dependabot[bot]
fd4747d924
build(deps): bump github/codeql-action from 1.0.29 to 1.1.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.29 to 1.1.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](384cfc42b2...75f07e7ab2
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-02 11:56:44 +00:00
dependabot[bot]
8b94bcbd04
build(deps): bump actions/labeler from 3.0.2 to 3.1.0
...
Bumps [actions/labeler](https://github.com/actions/labeler ) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/actions/labeler/releases )
- [Commits](69da01b8e0...3d612d72e6
)
---
updated-dependencies:
- dependency-name: actions/labeler
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-02 11:56:24 +00:00
Daan De Meyer
24a0df5c3c
mkosi: Add centos_epel config
...
Now that mkosi has centos-stream 9 support, let's add a config in
the repo so that the mkosi CI tests that configuration as well.
Centos doesn't support btrfs so we use xfs instead. For some reason,
building --hostonly-initrd centos images breaks the qemu boot so I
disabled that option for centos.
We update the mkosi commit hash to 0dd39c20a4
which adds the PowerTools repo to CentOS Stream 8 which is required
to make all the necessary packages required to build systemd on
CentOS Stream 8 available.
2022-02-25 16:17:29 +00:00
Daan De Meyer
6b2ab8fc5c
mkosi: Remove Arch nspawn workaround
...
This has been fixed so the workaround can be removed.
2022-02-25 14:54:03 +00:00
Frantisek Sumsal
80ff956704
Merge pull request #22591 from evverx/no-deps
...
ci: build systemd without optional dependencies
2022-02-23 09:27:41 +00:00
Frantisek Sumsal
b491d74064
ci: fix clang-13 installation
...
For some reason Ubuntu Focal repositories now have `llvm-13` virtual
package which can't be installed, but successfully fools our check,
resulting in no clang/llvm being installed...
```
$ apt show llvm-13
Package: llvm-13
State: not a real package (virtual)
N: Can't select candidate version from package llvm-13 as it has no candidate
N: Can't select versions from package 'llvm-13' as it is purely virtual
N: No packages found
$ apt install --dry-run llvm-13
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package llvm-13 is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Package 'llvm-13' has no installation candidate
```
2022-02-22 17:57:25 +01:00
Evgeny Vereshchagin
ca57d11652
ci: build systemd without optional dependencies
...
to catch issues like https://github.com/systemd/systemd/pull/22585#issuecomment-1047640155
2022-02-22 15:46:15 +00:00
Luca Boccassi
21838f36a6
mkosi CI: mask isc-dhcp-server units
...
The packages are installed to provide the dhcpd binary, used by
test/test-network/systemd-networkd-tests.py, but we don't need the units
to run, and in fact in some cases the image fails to boot because of
them:
Spawning container image on /home/runner/work/systemd/systemd/image.raw.
Press ^] three times within 1s to kill container.
● isc-dhcp-server.service loaded failed failed ISC DHCP IPv4 server
● isc-dhcp-server6.service loaded failed failed ISC DHCP IPv6 server
Container image failed with error code 1.
Error: Process completed with exit code 1.
Mask the units with an --extra-tree.
2022-02-19 14:01:17 +00:00
Frantisek Sumsal
23a830e46e
ci: explicitly disable multi-status for Super-Linter
...
to, hopefully, get rid of the following error:
```
2022-02-13 13:32:12 [ERROR] Failed to get [GITHUB_TOKEN]!
2022-02-13 13:32:12 [ERROR] []
2022-02-13 13:32:12 [ERROR] Please set a [GITHUB_TOKEN] from the main workflow environment to take advantage of multiple status reports!
```
2022-02-13 14:59:08 +01:00
Frantisek Sumsal
f94b33803f
ci: use the 'slim' version of Super-Linter
...
The 'slim' version drops certain storage-heavy linters[0] which we don't
use anyway, so let's make the job a bit faster by downloading and using
a smaller image.
[0] https://github.com/github/super-linter#slim-image
2022-02-13 14:54:51 +01:00
Evgeny Vereshchagin
d6b99a4a48
ci: run all fuzz targets on CIFuzz
...
CIFuzz has been kind of broken for a couple months because
coverage reports downloaded from OSS-Fuzz contain absolute
paths while paths to files changed in PRs are relative and they
don't match. It makes it kind of hard for CIFuzz to figure out
what it should run so it runs either all fuzz targets or just new
fuzz targets. Until that issue is fixed let's just always predictably run
all fuzz targets.
2022-02-11 13:21:24 +00:00
Evgeny Vereshchagin
a5e6986ac0
ci: remove MULTI_STATUS from superlinter
...
Judging by
ERROR! Failed to call GitHub Status API!
it doesn't seem to work. Even if it did it would just clutter the status
checks I think so let's just remove MULTI_STATUS along with
GITHUB_TOKEN.
2022-02-09 13:04:06 +00:00
Evgeny Vereshchagin
10139b4e3c
ci: validate actions and fix actionlint warnings
...
some actions like Coverity and CFLite aren't run on every PR so to make
sure they are more or less fine when they are changed it makes sense to
at least check them with superlinter/actionlint: https://github.com/rhysd/actionlint
The following warnings were fixed along the way:
```
.github/workflows/mkosi.yml:55:7: shellcheck reported issue in this script: SC2086:info:6:14: Double quote to prevent globbing and word splitting [shellcheck]
|
55 | run: |
| ^~~~
.github/workflows/mkosi.yml:55:7: shellcheck reported issue in this script: SC2046⚠️ 6:40: Quote this to prevent word splitting [shellcheck]
|
55 | run: |
| ^~~~
.github/workflows/mkosi.yml:55:7: shellcheck reported issue in this script: SC2006:style:6:40: Use $(...) notation instead of legacy backticked `...` [shellcheck]
|
55 | run: |
| ^~~~
```
```
.github/workflows/coverity.yml:31:9: shellcheck reported issue in this script: SC2086:info:1:93: Double quote to prevent globbing and word splitting [shellcheck]
|
31 | run: echo "COVERITY_SCAN_NOTIFICATION_EMAIL=$(git log -1 ${{ github.sha }} --pretty=\"%aE\")" >> $GITHUB_ENV
| ^~~~
```
2022-02-09 17:32:41 +09:00
Evgeny Vereshchagin
d38363b96b
ci: no longer upload the latest builds on commits
...
The idea behind this action is to make it possible to compare the
latest fuzz targets with PRs to figure out whether bugs are really
reproducible in PRs only. Since forks (including systemd-stable) are
usually based on the upstream repository where almost all the bugs
are fixed before releases are cut it should be safe to assume that
if CFLite finds bugs in PRs they are most likely introduced in those
PRs.
It should probably be brought back once https://github.com/google/clusterfuzzlite/issues/84
is fixed.
2022-01-30 10:17:25 +00:00
Evgeny Vereshchagin
e46c743a57
ci: update GHActions once a month
...
Apparently some actions like CodeQL are released a few times a week so let's
just update them once a month in one fell swoop.
2022-01-29 19:26:14 +00:00
Evgeny Vereshchagin
81f84a2c0b
ci: use CFLite to test forks (including systemd-stable)
...
It's like CIFuzz but unlike CIFuzz it's compatible with forks and
it should make it possible to run the fuzzers to make sure that
patches backported to them are backported correctly without introducing
new bugs and regressions.
2022-01-29 18:37:17 +00:00
dependabot[bot]
da9be066cb
build(deps): bump github/codeql-action from 1.0.27 to 1.0.29
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.27 to 1.0.29.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](cd783c8a29...384cfc42b2
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-24 11:18:48 +03:00
Frantisek Sumsal
ab9760b846
github: point to "tags" instead of "releases" in systemd-stable
...
since we don't do releases there.
Mentioned in https://github.com/systemd/systemd/issues/22230#issue-1111991271 .
2022-01-24 06:53:43 +09:00
Evgeny Vereshchagin
881b152660
ci: point mkosi to commit where "testing" is fixed
...
https://github.com/systemd/mkosi/pull/886
2022-01-18 10:30:33 +00:00
Evgeny Vereshchagin
cd7b60a7ed
Merge pull request #22142 from evverx/libxkbcommon-dev
...
ci: get Coverity and CodeQL to analyze the "libxkbcommon" part
2022-01-18 00:15:56 +03:00
dependabot[bot]
a68b244399
build(deps): bump github/codeql-action from 1.0.26 to 1.0.27
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.26 to 1.0.27.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](5f53256358...cd783c8a29
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-17 09:12:55 +03:00
Evgeny Vereshchagin
992d7f341f
ci: trigger CodeQL on PRs when its dependencies change
2022-01-17 01:59:55 +00:00
Evgeny Vereshchagin
54ed8884d3
ci: get Coverity and CodeQL to analyze the "libxkbcommon" part
...
By analogy with https://github.com/systemd/systemd/pull/22138 , to get
the static analyzers to analyze that part of code that package should
be installed there as well.
2022-01-16 15:33:07 +00:00
Evgeny Vereshchagin
e8f93a60a2
ci: install libbpf-dev in the unit_tests workflow
...
Those dependencies are also used by Coverity and Codeql so
it should be installed there to get them to analyze that code.
Judging by https://github.com/systemd/systemd/pull/22137 it seems
to be working.
2022-01-16 13:13:34 +00:00
Evgeny Vereshchagin
9e360c6bf1
ci: switch to requirements.txt in the unit tests workflow
2022-01-14 10:29:23 +00:00
Evgeny Vereshchagin
007721e939
ci: turn meson warnings into errors
2022-01-14 01:53:37 +03:00
Evgeny Vereshchagin
4e1ab496ae
{build|unit}-test: show meson-log.txt when meson fails
...
to make it easier to figure out why it fails.
For example in https://github.com/systemd/systemd/runs/4799774735?check_suite_focus=true
it failed with
```
meson.build:1003:8: ERROR: Command "/usr/bin/clang -print-targets" failed with status 1.
A full log can be found at /home/runner/work/systemd/systemd/build/meson-logs/meson-log.txt
Error: Process completed with exit code 1.
```
and it wasn't clear what exactly happened there.
2022-01-13 20:27:25 +09:00
Luca Boccassi
c9b1efdf14
Merge pull request #21990 from keszybz/indentation-and-comments
...
Indentation and comments
2022-01-04 00:18:10 +00:00
Zbigniew Jędrzejewski-Szmek
b36c5e9587
various: fix three spelling issues found by fossies
2022-01-03 21:16:06 +01:00
Frantisek Sumsal
3fd864aea7
ci: bump mkosi to v12 with libsolv workaround
...
Replaces: https://github.com/systemd/systemd/pull/21574
Related:
* https://github.com/systemd/mkosi/issues/861
* https://github.com/systemd/mkosi/pull/878
2022-01-03 15:56:22 +03:00
Jan Janssen
bbbf1c3d32
ci: Test efi binaries for section table gaps
2022-01-02 20:05:58 +01:00
dependabot[bot]
b774de1883
build(deps): bump meson from 0.60.2 to 0.60.3 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 0.60.2 to 0.60.3.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/0.60.2...0.60.3 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-01 17:40:39 +03:00
dependabot[bot]
987202b2c1
build(deps): bump github/super-linter from 4.8.4 to 4.8.5
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 4.8.4 to 4.8.5.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md )
- [Commits](563be7dc55...b8641364ca
)
---
updated-dependencies:
- dependency-name: github/super-linter
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-27 12:33:34 +03:00
Evgeny Vereshchagin
bfa6bd1be0
ci: replace apt-key with signed-by
...
to limit the scope of the key to apt.llvm.org only.
This is mostly inspired by https://blog.cloudflare.com/dont-use-apt-key/
2021-12-26 15:38:42 +00:00
Frantisek Sumsal
298cff6171
ci: test build with supported cryptolibs to some degree
...
Let's assign a specific -Dcryptolib= value to each job to have at least
some coverage for all supported cryptolibs without unnecessarily
multiplying the test matrix.
Should provide coverage for #21880 .
2021-12-24 16:24:16 +01:00
Frantisek Sumsal
7b55f29797
ci: drop build test with -O2, since it's covered by -O3 tests
2021-12-24 16:24:16 +01:00
dependabot[bot]
219c1dc780
build(deps): bump actions/upload-artifact from 2.3.0 to 2.3.1
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](da838ae959...82c141cc51
)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-20 13:14:23 +03:00
dependabot[bot]
fdae4504c7
build(deps): bump actions/upload-artifact from 2.2.4 to 2.3.0
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 2.2.4 to 2.3.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](27121b0bdf...da838ae959
)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-13 14:45:19 +03:00
Luca Boccassi
a0630d46a5
Merge pull request #21749 from nabijaczleweli/bashpsko
...
Shebang bash via env
2021-12-13 11:11:39 +00:00
dependabot[bot]
1805759ea0
build(deps): bump github/codeql-action from 1.0.25 to 1.0.26
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.25 to 1.0.26.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](546b30f35a...5f53256358
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-13 13:18:55 +03:00
наб
f1e6f93372
Change all fixed-path bash shebangs to /u/b/env bash outside test/
2021-12-12 21:13:50 +01:00
Jan Janssen
aa22e69856
ci: Build test with different linkers
2021-12-11 11:03:29 +01:00
Frantisek Sumsal
f7e3951d41
ci: run mkosi in a wrapper
...
So we can mitigate (to some degree) the reoccurring "dissect timeout"
issue:
```
Run sudo python3 -m mkosi boot systemd.unit=mkosi-check-and-shutdown.service !quiet systemd.log_level=debug systemd.log_target=console udev.log_level=info systemd.default_standard_output=journal+console
Failed to dissect image '/home/runner/work/systemd/systemd/image.raw': Connection timed out
Error: Process completed with exit code 1.
```
2021-12-10 10:25:45 +01:00
Frantisek Sumsal
24acd4064e
ci: check for failed services after boot
...
This should, hopefully, catch issues like systemd/systemd#21671
automagically.
2021-12-10 10:25:43 +01:00
Frantisek Sumsal
efea45f19c
ci: ignore FIXME alerts in the CodeQL Action
...
We already track them in LGTM and it unnecessarily clutters the Security
page.
2021-12-08 12:42:28 +00:00
Frantisek Sumsal
72af88f231
github: mention the systemd-devel ML in the new issue tab
2021-12-07 16:28:56 +01:00
Frantisek Sumsal
a3f0533ffc
ci: pack-ify our custom CodeQL queries and enable them in Actions
...
Unlike LGTM, the CodeQL Action requires the custom queries to have their
own qlpack.yml file, so let's provide one.
2021-12-07 14:57:09 +01:00
Frantisek Sumsal
a6319961c9
ci: run the CodeQL action also when its configuration changes
...
Just to make sure we didn't break anything.
2021-12-07 14:45:06 +01:00
Frantisek Sumsal
64f625a212
ci: sync the list of CodeQL queries with LGTM
2021-12-07 14:45:04 +01:00
Evgeny Vereshchagin
4997d1b965
ci: pin python dependencies and let Dependabot keep track of them
2021-12-07 09:08:26 +00:00
dependabot[bot]
7285145dfc
build(deps): bump github/codeql-action from 1.0.24 to 1.0.25
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.24 to 1.0.25.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](e095058bfa...546b30f35a
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-12-07 02:20:53 +03:00
Frantisek Sumsal
ab9e3bfef6
ci: consider cryptolib
in the group identifier
...
otherwise we end up with more than one job with the same identifier in
one run, causing some of them to get cancelled unexpectedly.
A quick follow-up to 85bd394df5
.
2021-12-03 20:25:06 +00:00
Frantisek Sumsal
9371d44afe
ci: install libbpf
2021-12-03 16:30:56 +01:00
Zbigniew Jędrzejewski-Szmek
85bd394df5
ci: expand the test framework to cover openssl
2021-12-02 11:31:20 +01:00
dependabot[bot]
68181cf8a7
build(deps): bump github/codeql-action from 1.0.23 to 1.0.24
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.23 to 1.0.24.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](a627e9fa50...e095058bfa
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-25 05:13:11 +03:00
dependabot[bot]
d59d6cc154
build(deps): bump github/codeql-action from 1.0.22 to 1.0.23
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.0.22 to 1.0.23.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](5581e08a65...a627e9fa50
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-18 01:17:19 +03:00
Evgeny Vereshchagin
0da6973c17
ci: switch to weekly dependabot updates
...
Apparently some dependencies get updated much more often
than I would have exepected.
It can always be triggered manually at https://github.com/systemd/systemd/network/dependencies
if there are any urgent updates
2021-11-17 12:16:57 +00:00
dependabot[bot]
eb37ed701b
build(deps): bump github/super-linter from 4.8.3 to 4.8.4
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 4.8.3 to 4.8.4.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md )
- [Commits](7d5dc989c5...563be7dc55
)
---
updated-dependencies:
- dependency-name: github/super-linter
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-17 10:59:41 +00:00
Evgeny Vereshchagin
7e7e31521a
ci: run codeql on PRs from Dependabot
...
To make sure PRs like https://github.com/systemd/systemd/pull/21409
don't break anything.
2021-11-17 10:14:33 +00:00
Evgeny Vereshchagin
e6ace91eb7
ci: pin mkosi to SHAs as well
2021-11-15 20:52:51 +00:00
dependabot[bot]
f356ad7cf8
build(deps): bump github/super-linter from 4.8.1 to 4.8.3
...
Bumps [github/super-linter](https://github.com/github/super-linter ) from 4.8.1 to 4.8.3.
- [Release notes](https://github.com/github/super-linter/releases )
- [Changelog](https://github.com/github/super-linter/blob/main/docs/release-process.md )
- [Commits](fd9c4286d3...7d5dc989c5
)
---
updated-dependencies:
- dependency-name: github/super-linter
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-15 18:20:56 +00:00
Evgeny Vereshchagin
510afa460a
ci: tighten codeql and labeler even more
...
by moving the read permissions to the top level and
granting additional permissions to the specific jobs.
It should help to prevent new jobs that could be added
there eventually from having write access to resources they
most likely would never need.
2021-11-14 10:51:07 +00:00
Evgeny Vereshchagin
b3a1fb795a
ci: LGPLv2+ify dependapot config and codeql action
2021-11-14 09:48:22 +00:00
Evgeny Vereshchagin
e44a47d186
ci: pin the codeql action to SHAs
...
It's a follow-up to https://github.com/systemd/systemd/pull/21316 .
Judging by https://github.com/evverx/systemd/pull/36 , Dependabot
supports their release cycle
2021-11-14 10:42:04 +00:00
Evgeny Vereshchagin
e7a966915d
ci: mimic the "restricted" mode
...
Judging by https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
it should be enough to grant the "read contents" permission to
most of our actions. The "read metadata" permission is set impliciclty
somewhere and can't be set via the "permissions" setting:
```
The workflow is not valid. .github/workflows/linter.yml (Line: 14, Col: 3): Unexpected value 'metadata'
```
2021-11-14 10:41:06 +00:00
Evgeny Vereshchagin
311956ccd9
ci: tighten several GHActions a bit more
...
with https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions#permissions
2021-11-13 22:17:21 +03:00
dependabot[bot]
5ae4964028
build(deps): bump actions/checkout from 2 to 2.4.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 2.4.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...ec3a7ce113134d7a93b817d10a8272cb61118579 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-13 16:45:32 +03:00
Frantisek Sumsal
66a41360b4
Merge pull request #21342 from evverx/dependabot-error
...
ci: try to fix a Dependabot error
2021-11-13 09:35:51 +00:00
Frantisek Sumsal
c76a838589
ci: run the unit_tests and mkosi jobs on stable branches as well
...
To provide more coverage for the systemd-stable repo.
See: https://github.com/systemd/systemd-stable/issues/24
2021-11-13 09:09:54 +09:00
Evgeny Vereshchagin
38ac3ab10a
ci: allow Dependabot to open up to 2 PRs
...
Apparently version updates aren't always disabled on old forks,
which leads to new PRs opened there. To somewhat mitigate the
issue let's limit the number of PRs Dependabot can create.
It was reported in https://github.com/yuwata/systemd/pull/2#issuecomment-967737195
2021-11-11 17:20:30 +00:00
Evgeny Vereshchagin
4e296232e4
try to fix a Dependabot error
...
```
updater | ERROR <job_232492775> Error processing actions/checkout (RuntimeError)
updater | ERROR <job_232492775> No files changed!
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/vendor/ruby/2.7.0/gems/dependabot-github_actions-0.166.0/lib/dependabot/github_actions/file_updater.rb:28:in `updated_dependency_files'
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/lib/dependabot/updater.rb:676:in `generate_dependency_files_for'
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/lib/dependabot/updater.rb:274:in `check_and_create_pull_request'
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/lib/dependabot/updater.rb:82:in `check_and_create_pr_with_error_handling'
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/lib/dependabot/updater.rb:56:in `block in run'
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/lib/dependabot/updater.rb:56:in `each'
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/lib/dependabot/updater.rb:56:in `run'
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/lib/dependabot/update_files_job.rb:17:in `perform_job'
updater | ERROR <job_232492775> /home/dependabot/dependabot-updater/lib/dependabot/base_job.rb:28:in `run'
updater | ERROR <job_232492775> bin/update_files.rb:21:in `<main>`
```
2021-11-11 16:08:17 +00:00
Evgeny Vereshchagin
3fec0e6cbf
ci: pin some workflows to SHAs
...
to let Dependabot keep track of them using SHAs
codeql-actions doesn't point to SHAs because it isn't clear
whether Dependabot supports their release cycle mentioned
at https://github.com/github/codeql-action/issues/307
2021-11-11 10:32:02 +00:00
Evgeny Vereshchagin
5570313421
ci: pin labeler
...
Turns out GHActions where `pull_request_target` is used are capable
of pwning repositories: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
labeler doesn't check out the source code or build anything so
it's safe in its current form but to avoid surprises let's just pin
it to the latest version. It's annoying to manage dependencies like this
manually so additionally dependabot.yml is introduced to make it
easier to keep GHActions up to date more or less automatically:
https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/keeping-your-actions-up-to-date-with-dependabot
2021-11-11 10:19:06 +00:00
Evgeny Vereshchagin
33796123bc
ci: run codeql-analysis daily
...
https://github.com/github/codeql-action
Apparently to judge from a couple of warnings I haven't seen
before it's a bit different from LGTM.
2021-11-12 15:47:15 +00:00
Frantisek Sumsal
8b212f3596
ci: take CIFuzz's matrix into consideration
...
Otherwise the jobs will try to cancel each other out.
Follow-up to 3884837610
.
2021-11-10 20:44:24 +00:00
Frantisek Sumsal
3884837610
ci: cancel previous jobs on ref update
...
Let's save the environment (and reduce the number of jobs in GH Actions
queues) by cancelling old jobs on a ref update (force push).
See: https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions#concurrency
2021-11-10 17:15:35 +01:00
Frantisek Sumsal
46573ee131
ci: fix indentation
2021-11-10 17:15:35 +01:00
Frantisek Sumsal
b8c94ee372
Revert "CI: run GCC unit test job on push to main"
...
This reverts commit c1036042f5
.
Follow-up to 0ad536c16a
.
2021-11-10 17:15:35 +01:00
Michal Koutný
7a0895c2eb
Revert "CI: disable opensuse mkosi CI"
...
This reverts commit ab6df52083
.
The image build failed during kernel RPM installation (bug in %post
scriptlet). This has been fixed in the package suse-module-tools 16.0.13
[1]. The fix is in openSUSE Tumbleweed repos so the tests can be enabled
again.
[1] https://github.com/openSUSE/suse-module-tools/pull/53
Fixes : #21019
2021-11-09 10:57:03 +00:00
Luca Boccassi
0ad536c16a
CI: disable code coverage in GH Action
...
It is now ran on the nightly CentOS build, so that it can cover
integration tests too, and not just unit tests. It's nightly as
it considerably increases the integration test runtime, so it's
not appropriate for all PRs.
2021-10-21 00:10:52 +01:00
Daan De Meyer
ab6df52083
CI: disable opensuse mkosi CI
...
Until https://github.com/systemd/systemd/issues/21019 is fixed,
there's no point in running the opensuse CI job so let's disable
it for now.
2021-10-19 17:21:29 +01:00
Frantisek Sumsal
1c71302f70
ci: use the system llvm-11 package on Focal
...
ATTOW llvm-11 got into focal-updates, which conflicts with llvm-11
provided by the apt.llvm.org repositories. Let's use the system
llvm package if available in such cases to avoid that.
2021-10-12 08:17:56 +02:00
Zbigniew Jędrzejewski-Szmek
186b9041ae
ci: use LGPLv2+ for all our ci configuration
2021-10-01 14:45:00 +02:00
Zbigniew Jędrzejewski-Szmek
43d6fcc09f
github: use the same headers on yaml files
...
Also adjust the mention of location of mkosi files,
follow-up for d55ad7fe96
.
2021-10-01 14:45:00 +02:00
Zbigniew Jędrzejewski-Szmek
d8aaa71699
licensing: say that our github docs are LGPLv2.1+
...
This mirros what 0aff7b7584
did for docs/.
2021-10-01 14:45:00 +02:00
Frantisek Sumsal
1c46b3c24d
ci: introduce Super-Linter for shell scripts
...
See: https://github.com/marketplace/actions/super-linter
2021-09-30 12:27:08 +02:00
Frantisek Sumsal
8370da9ea6
ci: shellcheck-ify CI scripts
2021-09-29 22:24:12 +02:00
Yu Watanabe
6d350f7d82
Revert "CI: run unit tests in a network namespace"
...
This reverts commit 8b036b223a
.
2021-09-29 20:50:37 +09:00
Luca Boccassi
c1036042f5
CI: run GCC unit test job on push to main
...
Allows to get coverage data on coveralls.io
2021-09-29 14:10:42 +03:00
Luca Boccassi
3bf94dac91
CI: do manpages build only on the clang unit test run
...
It's slow and unaffected by compiler/flags, so no point in repeating it
2021-09-27 12:24:48 +01:00
Luca Boccassi
1f1d48f96e
CI: add code coverage reports via lcov and coveralls.io
2021-09-27 12:22:22 +01:00
Luca Boccassi
8b036b223a
CI: run unit tests in a network namespace
...
It seems some of the tests break network connectivity on the host,
as the code coverage upload fails to establish a connection.
Run them in a network namespace with 'unshare -n'.
2021-09-27 12:22:22 +01:00
Daan De Meyer
7e99216c1d
mkosi: Fix CI
...
\#20629 moved the mkosi configs to mkosi.default.d/ so we were building
for the host distro (Ubuntu) in each CI configuration. To fix it, we
write the distro we want to test to a mkosi.default file and mkosi
will apply the other necessary configs automatically from mkosi.default.d/<distro>
This commit also removes unnecessary CLI options that are already handled
by the config files.
2021-09-21 17:39:00 +01:00
Frantisek Sumsal
bd8ea741a4
ci: build with clang-13
...
Also, drop clang-10 builds to conserve resources.
2021-09-14 19:06:01 +02:00
Michal Koutný
3ec4fccb37
ci: Add openSUSE Tumbleweed among tested distros
2021-08-04 11:16:48 +02:00
Michal Koutný
7e5e604393
ci: Detect shell prompt with higher specificity
...
The current pattern '#' triggers on the openSUSE kernel version that is
printed early during boot when no actual prompt is ready
> [ 0.000000] Linux version 5.12.10-1-default (geeko@buildhost) (gcc (SUSE Linux) 11.1.1 20210510 [revision 23855a176609fe8dda6abaf2b21846b4517966eb], GNU ld (GNU Binutils; openSUSE Tumbleweed) 2.36.1.20210326-4) #1 SMP Fri Jun 11 05:05:06 UTC 2021 (b92eaf7)
Instead wait for pattern that: a) should have fewer false positives, b)
still be with working on distro shells:
openSUSE (red color)
^[[1m^[[31mimage:~ #^[[m^O
arch
[root@image ~]#
debian
root@image:~#
ubuntu
root@image:~#
fedora
[root@image ~]#
2021-08-04 11:16:48 +02:00
Michal Koutný
2e9055ab6a
ci: Do not require network in test images
...
The current boot test relies on terminal login, therefore network setup
inside image is unnecessary. This opens up possibility to test images
that don't support the network setup via veth devices.
2021-08-04 11:16:48 +02:00
Michal Koutný
7c87fb219e
ci: Bump mkosi version to v10
...
Use mkosi GH action that includes fixes for openSUSE builds. This
enables testing openSUSE builds in CI.
2021-08-04 11:16:48 +02:00
Frantisek Sumsal
df4161d878
Revert "ci: work around #19442 to make CI happy again"
...
The fix/workaround from #18851 should, hopefully, make this redundant.
This reverts commit 48a3cf58d5
.
2021-06-18 14:51:33 +01:00
Luca Boccassi
f144f6faa9
Merge pull request #19669 from mrc0mmand/ci-mkosi-arch
...
ci: work around #19442 to make CI happy again
2021-05-20 10:14:30 +01:00
Luca Boccassi
2d4efd1dba
build tests: check that Github pages can be built successfully
2021-05-19 23:25:34 +02:00
Frantisek Sumsal
27b4d60678
ci: skip root tty login
...
We use the `autologin` mkosi option (see
mkosi.default.d/10-systemd.conf), so the pexpect root login throws
a (harmless) error:
```
Arch Linux (built from systemd tree)
Kernel 5.4.0-1047-azure on an x86_64 (console)
image login: root (automatic login)
root
root
[root@image ~]# systemctl poweroff
root
-bash: root: command not found
[root@image ~]# systemctl poweroff
```
2021-05-19 23:07:25 +02:00
Frantisek Sumsal
715a273b10
ci: show image summary
2021-05-19 23:07:25 +02:00
Frantisek Sumsal
48a3cf58d5
ci: work around #19442 to make CI happy again
...
Let's introduce a somewhat ugly workaround for #19442 and retry
the systemd-nspawn image boot test up to three times in case it dies
with the dissect timeout. Since this issue occurs only in the Arch job,
limit the workaround to this job only.
2021-05-19 23:07:19 +02:00
Zbigniew Jędrzejewski-Szmek
392ed18542
ci: drop py2 lxml, pull in jinja2
2021-05-19 10:25:26 +09:00
Frantisek Sumsal
35a48d4b9a
ci: build with gcc-11 as well
...
Focal builds for gcc-11 are finally available, so let's put them into
some use.
2021-05-16 21:28:04 +01:00
Frantisek Sumsal
c191e09230
ci: cover standalone/static binaries in build test
2021-05-06 11:52:58 +09:00
Zbigniew Jędrzejewski-Szmek
b240c08d09
docs: link to stable releases in the bug template
...
Also, ask people to use a recent stable release and provide useful version information.
Inspired by #19118 .
2021-03-25 20:38:45 +00:00
Frantisek Sumsal
d227b6a7c0
ci: build an upstream version of systemd-nspawn
...
Ubuntu's systemd-nspawn doesn't support faccessat2() syscall, which is
required, since current Arch's glibc implements faccessat() via
faccessat2().
2021-02-26 17:06:25 +01:00
Frantisek Sumsal
b12dba35d1
Revert "ci: temporarily pin Arch repositories to glibc 2.32-5"
...
This reverts commit 67c972c610
.
2021-02-26 16:46:35 +01:00
Evgeny Vereshchagin
8e32f20d13
Revert "ci: switch back to meson-0.56.2"
...
This reverts commit c39e36203f
.
Now that meson-0.57.1 (where https://github.com/mesonbuild/meson/issues/8347
is fixed) is out it should be safe to keep rolling forward.
2021-02-20 20:20:04 +01:00
Jameer Pathan
63f48ab3fa
GH Actions: Fix labeler bot
2021-02-19 14:51:59 +09:00
Frantisek Sumsal
98f6d5769f
ci: enable DNS over TLS using OpenSSL in the build test
...
Prompted by:
* https://github.com/systemd/systemd/pull/18641#issuecomment-780371055
* https://github.com/systemd/systemd/issues/18639
2021-02-17 16:41:23 +01:00
Evgeny Vereshchagin
c39e36203f
ci: switch back to meson-0.56.2
...
It seems there is another meson (0.57.0) regression preventing clang from
building systemd with --optimization=3 -Db_lto=true
By analogy with https://github.com/google/oss-fuzz/pull/5199 let's just switch
to 0.56.2 for the time being
2021-02-15 15:38:27 +09:00
Lennart Poettering
8dfc2beb57
github: expressly ask for logs in github issue template
...
Apparently it's not obvious that logs are a good thing to provide, hence
let's explicitly ask for them.
2021-02-10 14:43:16 +01:00
Luca Boccassi
0f15cb2243
Merge pull request #18470 from mrc0mmand/ci-clang-12
...
ci: run build test with clang-12 as well
2021-02-09 13:06:40 +00:00
Frantisek Sumsal
67c972c610
ci: temporarily pin Arch repositories to glibc 2.32-5
...
glibc 2.33-3 shipped on 2021-02-06 breaks running Arch containers on
systems with older kernels (like Ubuntu Focal). Until the issue is
resolved, let's pin the Arch repositories to glibc 2.32-5 to mitigate
the annoying CI fails.
See: https://bugs.archlinux.org/task/69563
2021-02-09 13:57:28 +01:00
Lennart Poettering
5055b51ee1
github: ask for systemd version in RFE form
...
It happens too often that what people ask for already is implemented.
Let's help cut the noise a bit, and make people check things first
hopefully, and at least make it either for us to detect such cases.
2021-02-05 23:42:47 +00:00
Frantisek Sumsal
19db2f4258
ci: run build test with clang-12 as well
...
Ubuntu repositories for clang 12 are finally up, so let's use it
in our CI.
2021-02-04 15:54:14 +01:00
Frantisek Sumsal
54cf684f5f
ci: use the recommended meson syntax
...
See: docs/HACKING.md
2021-01-25 16:01:56 +01:00
Frantisek Sumsal
753803a66c
ci: drop an unnecessary sudo
2021-01-25 15:49:27 +01:00
Frantisek Sumsal
c0c6809663
ci: make the script names a bit more consistent
2021-01-25 15:45:36 +01:00
Evgeny Vereshchagin
9b25429cb4
GH Actions: switch to main
...
It's just a follow-up to https://github.com/systemd/systemd/issues/16834
2021-01-21 16:28:02 +01:00
Lennart Poettering
e327382877
markdown: fix comment
...
Follow-up for 2d816c9804
2021-01-19 22:26:35 +01:00
Lennart Poettering
2d816c9804
markdown: suggest backticks around uname -a output
...
Fixes : #18238
2021-01-19 22:24:05 +01:00
Yu Watanabe
cf2423503b
time-wait-sync: move time-wait-sync.c -> src/timesync/wait-sync.c
...
As wait-online is located under src/network.
2021-01-19 07:04:19 +09:00
Frantisek Sumsal
e8fd7c9ed4
ci: introduce a watchdog for the sanitized unit test run
2021-01-13 22:32:30 +01:00
Frantisek Sumsal
56a017cb0d
ci: optimize the sanitized build under gcc as well
2021-01-13 21:51:44 +01:00
Frantisek Sumsal
b5a9b601c3
ci: drop the unbuffer
workaround
...
It actually didn't do anything, the issue was somewhere else.
2021-01-12 22:13:33 +01:00
Frantisek Sumsal
86660d160b
ci: move the Coverity job to GitHub Actions
2021-01-11 15:50:25 +01:00
Frantisek Sumsal
0506d05ab2
ci: drop a forgotten empty line
2021-01-11 15:50:25 +01:00
Luca Boccassi
ca0f86d16a
ci: do not build with --optimization=1 with Clang
2021-01-10 21:16:38 +00:00
Frantisek Sumsal
a74be22cd6
ci: move Travis CI unit test jobs to GH Actions
2021-01-08 11:36:59 +01:00
Daan De Meyer
6242cda99d
Move shared mkosi settings to a single file in mkosi.default.d/
2021-01-06 12:10:58 +00:00
Daan De Meyer
a869f5aaa4
CI: Update to mkosi github action to v9
2021-01-01 15:30:09 +00:00
Frantisek Sumsal
a3abdea13a
github: add the missing tpm2 optional dependency
2020-12-20 22:27:36 +01:00
Luca Boccassi
d9107e16f2
Add more matching rules to GA labeler bot for subcomponents
2020-12-19 21:56:57 +00:00
Luca Boccassi
d78911e9f7
False positives in GA labeler bot
...
Don't automatically match on man/* and **/meson.build, since we change those
files as part of larger changes that we usually don't mark that way
2020-12-19 21:56:57 +00:00
Jameer Pathan
292420ce4b
Add Pull Request Labeler
2020-12-14 09:43:38 +09:00
Daan De Meyer
448d3462b0
CI: Add mkosi boot tests
...
Using the new mkosi Github Action, we can add some simple boot tests
for the systemd mkosi configs. This makes sure these keep working
as expected.
2020-12-04 22:24:12 +00:00
Yu Watanabe
85a03fda7d
ci: also set -Dfuzz-tests=true if -Dslow-tests=true
2020-11-13 18:15:41 +09:00
Frantisek Sumsal
5310fc624e
ci: add the libfido2 dependency for better coverage
2020-10-21 16:28:22 +02:00
Frantisek Sumsal
0273f6e7f2
ci: build with clang-11 as well
...
The LLVM nightly repositories now have a separate branch for clang-11,
so let's build with it as well.
2020-10-21 16:24:01 +02:00
Frantisek Sumsal
f1150eddf6
ci: bump the 'build test' image to Ubuntu Focal
2020-10-21 16:23:59 +02:00
Lennart Poettering
278c13431b
github: ask for arch+kernel in bug report form
...
Quite often we see kernel and arch specific issues, let's ask for the
version right-away when people file the issue.
Other tweaks.
2020-10-02 12:38:28 +02:00
Evgeny Vereshchagin
d3e0662c7d
Revert "ci: turn off the "upstream-systemd-ci" ppa"
...
This reverts commit d4ff79bbe1
.
2020-07-15 08:59:25 +02:00
Evgeny Vereshchagin
d4ff79bbe1
ci: turn off the "upstream-systemd-ci" ppa
...
Judging by https://launchpad.net/~upstream-systemd-ci/+archive/ubuntu/systemd-ci/+packages ,
it got updated about 15 hours ago and the "build check" action has been
failing with
```
The following packages have unmet dependencies:
kbd : Depends: console-setup but it is not going to be installed or
E: Unable to correct problems, you have held broken packages.
console-setup-mini but it is not going to be installed
```
since then
2020-07-14 21:35:33 +03:00
Evgeny Vereshchagin
e6175fbe45
ci: pass -Werror using CFLAGS
...
Judging by https://github.com/systemd/systemd/issues/16224 , it seems
`--werror` doesn't work with `-Db_lto=true`
2020-06-22 12:15:08 +09:00
Evgeny Vereshchagin
a2c7035976
cifuzz: build fuzz target with UBsan and MSan as well
2020-06-12 10:17:57 +02:00
Frantisek Sumsal
86a23f38ab
ci: tweak the dependency installation
2020-06-11 16:11:26 +02:00