From d8032a5eda86c477f42bd27d55604b60deb4a911 Mon Sep 17 00:00:00 2001 From: "Mark A. Grondona" Date: Mon, 2 Oct 2023 16:59:01 -0700 Subject: [PATCH 1/6] ci: add build of flux-pmix to github workflow Problem: Changes proposed in a flux-core PR could break flux-pmix and this could go undetected for some time. Add a build and test of flux-pmix to the flux-core github workflow so that PRs that might break flux-pmix are discovered when proposed. --- .github/workflows/main.yml | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index bed84df5ed46..d04b4d81b583 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -71,7 +71,29 @@ jobs: --tag=fluxrm/flux-core:el8 - run: > cd .. && git clone https://github.com/flux-framework/flux-accounting && - cd flux-accounting && src/test/docker/docker-run-checks.sh -j 4 + cd flux-accounting && src/test/docker/docker-run-checks.sh -j 4 + + check-pmix: + needs: [python-lint] + name: flux-pmix check + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.sha }} + fetch-depth: 0 + - run: > + src/test/docker/docker-run-checks.sh + --image=el8 + --install-only + --tag=fluxrm/flux-core:el8 + - run: > + cd .. && + git clone https://github.com/flux-framework/flux-pmix && + cd flux-pmix && + src/test/docker/docker-run-checks.sh -j 4 -i el8 + --build-arg OMPI_BRANCH=v5.0.0rc12 + --build-arg OPENPMIX_BRANCH=v4.2.3 generate-matrix: # https://stackoverflow.com/questions/59977364 From 026613443b47e73dd47876c9792f42fb70c65c6b Mon Sep 17 00:00:00 2001 From: "Mark A. Grondona" Date: Thu, 5 Oct 2023 11:48:35 -0700 Subject: [PATCH 2/6] ci: add build for flux-pam to ci checks Problem: A change that breaks flux-pam could be proposed in a flux-core PR and go undetected. Add a build of flux-pam to the flux-core github workflow so these issues are discovered immediately. --- .github/workflows/main.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d04b4d81b583..64ff4dc5b014 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -95,6 +95,26 @@ jobs: --build-arg OMPI_BRANCH=v5.0.0rc12 --build-arg OPENPMIX_BRANCH=v4.2.3 + check-pam: + needs: [python-lint] + name: flux-pam check + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.sha }} + fetch-depth: 0 + - run: > + src/test/docker/docker-run-checks.sh + --image=el8 + --install-only + --tag=fluxrm/flux-core:el8 + - run: > + cd .. && + git clone https://github.com/flux-framework/flux-pam && + cd flux-pam && + src/test/docker/docker-run-checks.sh -j 4 -i el8 + generate-matrix: # https://stackoverflow.com/questions/59977364 name: Generate build matrix From 5e282f809652ef8e4f6b0a9545ac8fa76b8b1987 Mon Sep 17 00:00:00 2001 From: "Mark A. Grondona" Date: Thu, 5 Oct 2023 13:10:18 -0700 Subject: [PATCH 3/6] codecov: fix after_n_builds Problem: `after_n_builds: 2` is set for the codecov `comment` section, but to be truly effective it may have to also be set in `codecov.notify`. Add an `after_n_builds: 2` setting in the `codecov.notify` section of `codecov.yml` in hopes this will get the feature working properly. --- codecov.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/codecov.yml b/codecov.yml index e0fed33bd8e9..d6dd3d6e1da8 100644 --- a/codecov.yml +++ b/codecov.yml @@ -27,3 +27,7 @@ comment: layout: "header, diff, changes, tree" behavior: new after_n_builds: 2 + +codecov: + notify: + after_n_builds: 2 From 74297701e1e717da80d98dbae2e815ee0ca14801 Mon Sep 17 00:00:00 2001 From: "Mark A. Grondona" Date: Thu, 5 Oct 2023 19:17:05 -0700 Subject: [PATCH 4/6] codeql: run apt update in codeql action Problem: codeql action is having trouble with ubuntu repos. Try running apt-get update before installing deps. --- .github/workflows/codeql.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 68cef8712779..8ee423f0dbff 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -54,7 +54,9 @@ jobs: # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs # queries: security-extended,security-and-quality - name: Install ubuntu dependencies - run: sudo scripts/install-deps-deb.sh + run: | + sudo apt update + sudo scripts/install-deps-deb.sh - name: Install python dependencies run: | python3 -m pip install --upgrade pip From 171f33fffa099f72eace3b7709b8347cac151b2c Mon Sep 17 00:00:00 2001 From: "Mark A. Grondona" Date: Mon, 9 Oct 2023 08:04:59 -0700 Subject: [PATCH 5/6] doc: update doc/requirements.txt Problem: The readthedocs build is failing with ImportError: cannot import name 'environmentfilter' from 'jinja2' As suggested on the internets, pin jinja2<3.1.0 to fix this issue. --- doc/requirements.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/doc/requirements.txt b/doc/requirements.txt index 14521361e29a..e91a94e049fc 100644 --- a/doc/requirements.txt +++ b/doc/requirements.txt @@ -1,4 +1,5 @@ -sphinx==3.4.3 +sphinx<6.0.0 sphinx-rtd-theme>=0.5.2 docutils>=0.14,<0.18 urllib3<2 +jinja2<3.1.0 From d3c1a6d00f859c85b47ac00f26e6dea517590994 Mon Sep 17 00:00:00 2001 From: "Mark A. Grondona" Date: Mon, 9 Oct 2023 08:06:51 -0700 Subject: [PATCH 6/6] docker: update default flux-security version Problem: The default flux-security version used in ci is v0.9.0, but the latest is v0.10.0. Update the default FLUX_SECURITY_VERSION in docker-run-check.sh to v0.10.0. --- src/test/docker/docker-run-checks.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/test/docker/docker-run-checks.sh b/src/test/docker/docker-run-checks.sh index e39830ca6dc4..404241fb0abd 100755 --- a/src/test/docker/docker-run-checks.sh +++ b/src/test/docker/docker-run-checks.sh @@ -16,7 +16,7 @@ JOBS=2 MOUNT_HOME_ARGS="--volume=$HOME:/home/$USER -e HOME" if test "$PROJECT" = "flux-core"; then - FLUX_SECURITY_VERSION=0.9.0 + FLUX_SECURITY_VERSION=0.10.0 POISON=t fi