summaryrefslogtreecommitdiffstats
path: root/.github (follow)
Commit message (Collapse)AuthorAgeFilesLines
* build(deps): bump github/codeql-action from 3.24.7 to 3.25.11dependabot[bot]2024-07-012-4/+4
| | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.7 to 3.25.11. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/3ab4101902695724f9365a384f86c1074d94e18c...b611370bb5703a7efb587f9d136a52ea24c5c38c) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump actions/checkout from 4.1.6 to 4.1.7dependabot[bot]2024-07-0112-12/+12
| | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.6 to 4.1.7. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/a5ac7e51b41094c92402da3b24376905380afc29...692973e3d937129bcbf40652eb9f2f61becf3332) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* mkosi: bump to latest commitLuca Boccassi2024-06-261-1/+1
|
* mkosi: bump to latestLuca Boccassi2024-06-171-1/+1
|
* CI: disable secure boot in mkosi GHA runsLuca Boccassi2024-06-171-0/+2
| | | | | | Booting a guest with secure boot is broken in Azure due to a hypervisor bug. Disable it for now. Given there's no option, need to edit the configuration on the fly.
* mkosi: update to latestLuca Boccassi2024-06-101-1/+1
|
* mkosi: Stop using tools treeDaan De Meyer2024-06-081-16/+10
| | | | | Noble has all the tooling we need so let's stop using a tools tree and just install the dependencies we need on the host system.
* ci: Switch to Ubuntu 24.04Daan De Meyer2024-06-0817-28/+46
|
* mkosi: Update to latestDaan De Meyer2024-06-081-1/+1
|
* mkosi: Update to latestDaan De Meyer2024-06-061-1/+1
|
* mkosi: Build Arch Linux image with -D_FORTIFY_SOURCE=3Daan De Meyer2024-06-041-2/+8
| | | | | _FORTIFY_SOURCE requires optimizations to be enabled so we set -O2 as well.
* mkosi: Drop $OPTIMIZATION variableDaan De Meyer2024-06-041-1/+1
| | | | Let's instead just use $CFLAGS to override the optimization level.
* Merge pull request #33146 from DaanDeMeyer/clangDaan De Meyer2024-06-031-0/+9
|\ | | | | mkosi: Add support for building with LLVM
| * mkosi: Build Fedora Rawhide sanitizers job with LLVMDaan De Meyer2024-06-031-0/+8
| | | | | | | | More coverage and clang tends to be better at sanitizers than gcc.
| * mkosi: Build with --werror in CIDaan De Meyer2024-06-031-0/+1
| |
* | build(deps): bump redhat-plumbers-in-action/differential-shellcheckdependabot[bot]2024-06-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [redhat-plumbers-in-action/differential-shellcheck](https://github.com/redhat-plumbers-in-action/differential-shellcheck) from 5.1.2 to 5.3.0. - [Release notes](https://github.com/redhat-plumbers-in-action/differential-shellcheck/releases) - [Changelog](https://github.com/redhat-plumbers-in-action/differential-shellcheck/blob/main/docs/CHANGELOG.md) - [Commits](https://github.com/redhat-plumbers-in-action/differential-shellcheck/compare/52bab0caa5249d6acd8bcd5bc7a68e69ac9319f9...60c9f2b924a9c5a2ddbb25e7b23e8e11b56faab9) --- updated-dependencies: - dependency-name: redhat-plumbers-in-action/differential-shellcheck dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3dependabot[bot]2024-06-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.1 to 2.3.3. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/0864cf19026789058feabb7e87baa5f140aac736...dc50aa9510b46c811795eb24b2f1ba02a914e534) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | build(deps): bump softprops/action-gh-release from 2.0.4 to 2.0.5dependabot[bot]2024-06-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.0.4 to 2.0.5. - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/9d7c94cfd0a1f3ed45544c887983e9fa900f0564...69320dbe05506a9a39fc8ae11030b214ec2d1f87) --- updated-dependencies: - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* | build(deps): bump actions/checkout from 4.1.2 to 4.1.6dependabot[bot]2024-06-0312-12/+12
|/ | | | | | | | | | | | | | | Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.2 to 4.1.6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/9bb56186c3b09b4f86b1c65136769dd318469633...a5ac7e51b41094c92402da3b24376905380afc29) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* ci: Build Fedora rawhide with sanitizers in mkosiDaan De Meyer2024-05-311-0/+8
| | | | Let's make sure one build has sanitizers enabled for extra coverage.
* mkosi: Sanitizer improvementsDaan De Meyer2024-05-311-0/+1
| | | | | | | | | | | | | | | | - Let's set the environment on the kernel command line so it applies to initrd and main system. - Let's add the necessary wrappers that are also added in test-functions. Unlike test-functions we don't use gcc/clang to get the library path as that requires installing gcc/clang in the initrd. - Let's drop the hack to get journald writing to the console and have it write to kmsg instead. We'll get the output either way. - Stop removing libstdc++ and sanitizer libraries from Arch Linux initrds and other images as it's required by the sanitizer libraries. - Add a workaround for specifying extra meson options for opensuse - Add a leak sanitizer suppression file as a workaround for a false positive leak in verify_selinuxmnt() in libselinux. We do a soname match because the stacktrace can't be properly symbolized on Debian.
* Merge pull request #33123 from DaanDeMeyer/fixLuca Boccassi2024-05-311-13/+0
|\ | | | | Two mkosi fixes
| * mkosi: Unify device timeout for CI and local runsDaan De Meyer2024-05-311-9/+0
| | | | | | | | | | | | Now that we use KVM and don't use repart anymore to create a root partition on first boot, let's see if we can use the same device timeout for both local and CI runs.
| * mkosi: Drop two unnecessary settings in CI configDaan De Meyer2024-05-311-4/+0
| | | | | | | | | | We don't build erofs images anymore and the firmware to use is set per test so no need to configure it the CI config.
* | build(deps): bump redhat-plumbers-in-action/advanced-issue-labelerdependabot[bot]2024-05-311-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [redhat-plumbers-in-action/advanced-issue-labeler](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler) from 3.0.0 to 3.2.0. - [Release notes](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler/releases) - [Commits](https://github.com/redhat-plumbers-in-action/advanced-issue-labeler/compare/9e55064634b67244f7deb4211452b4a7217b93de...d498805e5c7c0658e336948b3363480bcfd68da6) --- updated-dependencies: - dependency-name: redhat-plumbers-in-action/advanced-issue-labeler dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | build(deps): bump redhat-plumbers-in-action/devel-freezerdependabot[bot]2024-05-311-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [redhat-plumbers-in-action/devel-freezer](https://github.com/redhat-plumbers-in-action/devel-freezer) from 1.1.0 to 1.2.0. - [Release notes](https://github.com/redhat-plumbers-in-action/devel-freezer/releases) - [Commits](https://github.com/redhat-plumbers-in-action/devel-freezer/compare/396c94ba8cb417474e6626c83a42addea210a403...ad766eafd555b28d2cb8e27937835983f9c3d173) --- updated-dependencies: - dependency-name: redhat-plumbers-in-action/devel-freezer dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* | build(deps): bump meson from 1.4.0 to 1.4.1 in /.github/workflowsdependabot[bot]2024-05-311-3/+3
|/ | | | | | | | | | | | | | Bumps [meson](https://github.com/mesonbuild/meson) from 1.4.0 to 1.4.1. - [Release notes](https://github.com/mesonbuild/meson/releases) - [Commits](https://github.com/mesonbuild/meson/compare/1.4.0...1.4.1) --- updated-dependencies: - dependency-name: meson dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* mkosi: Replace submodules with our own thingDaan De Meyer2024-05-301-5/+0
| | | | | | | | | | | | | | | | | | | Unfortunately, git submodules break in all sorts of ways: - Various github workflows (dependabot, github pages) try to do a shallow clone of git submodules which does not work at all when the git repository is hosted on pagure (https://pagure.io/pagure/issue/5453, https://github.com/dependabot/dependabot-core/issues/9391). - If the git forge hosting the git repository uses SHA256, then it breaks our usage of it as a submodule as SHA256 repositories cannot be used as submodules in SHA1 repositories (src.opensuse.org moved to SHA256 which broke our usage of opensuse's systemd spec as a submodule). - git submodules completely break usage of git worktrees. - ... Let's avoid all these issues by just doing our own home grown implementation of git submodules. We lose the automatic dependabot updates this way but since dependabot fails to run more often that not with submodules we don't really lose anything.
* Revert "mkosi: Sanitizer improvements"Daan De Meyer2024-05-301-1/+0
| | | | This reverts commit aef13ad0294b403993e19b424b26535fb65749f4.
* Revert "ci: Build with sanitizers in mkosi"Daan De Meyer2024-05-301-1/+0
| | | | This reverts commit 639403f9a86869984b155edda2521741950f5417.
* Merge pull request #32866 from DaanDeMeyer/sanitizersDaan De Meyer2024-05-301-0/+2
|\ | | | | mkosi: Sanitizers
| * ci: Build with sanitizers in mkosiDaan De Meyer2024-05-301-0/+1
| |
| * mkosi: Sanitizer improvementsDaan De Meyer2024-05-301-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Let's set the environment on the kernel command line so it applies to initrd and main system. - Let's add the necessary wrappers that are also added in test-functions. Unlike test-functions we don't use gcc/clang to get the library path as that requires installing gcc/clang in the initrd. - Let's drop the hack to get journald writing to the console and have it write to kmsg instead. We'll get the output either way. - Stop removing libstdc++ and sanitizer libraries from Arch Linux initrds and other images as it's required by the sanitizer libraries. - Add a workaround for specifying extra meson options for opensuse - Add a leak sanitizer suppression file as a workaround for a false positive leak in verify_selinuxmnt() in libselinux. We do a soname match because the stacktrace can't be properly symbolized on Debian.
* | mkosi: Preserve environment when running integration tests with sudoDaan De Meyer2024-05-301-1/+1
|/ | | | | Otherwise we won't detect we're running in Github Actions and will show the wrong command to fetch the journal.
* mkosi: Run integration tests as rootDaan De Meyer2024-05-291-1/+1
| | | | | This allows running integration tests that support it in nspawn instead of qemu. This both gives extra coverage and speeds things up.
* mkosi: update to latestDaan De Meyer2024-05-291-1/+1
|
* Revert "CI: add manual workflow to publish pages to fix submodule issue"Luca Boccassi2024-05-161-56/+0
| | | | | | Nope, it's broken, never mind This reverts commit b0f9c3c6483eadd630b0a6a4de23db761e8158c8.
* CI: add manual workflow to publish pages to fix submodule issueLuca Boccassi2024-05-161-0/+56
| | | Cloning the fedora/centos submodules fails because --depth 1 is used. Fork the actions workflow and use fetch-depth: 0 to disable it.
* mkosi: Restore job for F40Zbigniew Jędrzejewski-Szmek2024-05-141-0/+2
| | | | | This partially reverts ecf8468dd4abbf006cb607d023018edee51c851d. dist-git was made compatible again with F40.
* mkosi: Update fedora to latestDaan De Meyer2024-05-141-2/+0
| | | | | We drop the Fedora 40 job as the latest rawhide spec introduced dependencies that are not available in Fedora 40.
* mkosi: Update to latestDaan De Meyer2024-05-141-1/+1
|
* ci: Optimize pull request labelerDaan De Meyer2024-05-071-33/+36
| | | | | We keep running into rate limits, so let's optimize the number of requests we do in the pull request labeler to hopefully fix that.
* mkosi: Switch to fedora 40Daan De Meyer2024-05-071-1/+1
| | | | | | Enable updates-testing and use the most recent mirror to make sure we get util-linux 2.40.1 which contains a crucial fix to make sure the serial terminal in virtual machines works properly.
* ci: Disable RuntimeBuildSources=Daan De Meyer2024-05-061-0/+2
| | | | | | We build with debuginfo, so there's no point to starting virtiofsd to mount the sources and build directory into the VM, so let's disable that.
* ci: Reduce the number of integration tests we run concurrentlyDaan De Meyer2024-05-061-1/+1
| | | | | | | Since there's a bunch of CPU hungry systemd-journal-remote processes running on the host to received the forwarded logs, by running as many test as the VM has cores we overload the available resources. Let's leave use the number of cores - 1 to reduce resource contention.
* mkosi: Disable ext4's orphan_file feature for centos imagesDaan De Meyer2024-05-061-1/+1
| | | | | | | Not supported by e2fsck from centos. We also disable building repart from source in CI as running it from the build directory means repart will run mkfs.ext4 from the host which doesn't know about the orphan_file feature causing it to fail.
* mkosi: Enable udev debug logging in CIDaan De Meyer2024-05-061-2/+0
| | | | | | It's very useful to debug race conditions with loop devices, so let's enable the logging now that it goes to the journal and not to the console.
* mkosi: Insist on KVM, VSOCK and TPM by defaultDaan De Meyer2024-05-061-2/+0
| | | | | | | | By default mkosi will not run VMs with these features if they're not available, but since various stuff in systemd makes use of these, let's fail loudly if any of these are not available by default in systemd. Users can still override these defaults locally if they wish.
* mkosi: Update to latestDaan De Meyer2024-05-061-1/+1
|
* Merge pull request #32609 from ↵Frantisek Sumsal2024-05-021-1/+2
|\ | | | | | | | | systemd/dependabot/github_actions/github/super-linter-6 build(deps): bump github/super-linter from 5.0.0 to 6
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-01 23:42:34 +0100