From 9bd4c348f39ea8cd8f78f1675b843da189ca42b0 Mon Sep 17 00:00:00 2001 From: Pavel Valena Date: Fri, 22 Mar 2024 20:43:40 +0100 Subject: [PATCH] ci: update .github configs - sync with packit branch (PR#10) - also remove tests from .distro --- .distro/newdracut.sh | 82 ----------------- .distro/source-git.yaml | 1 + .distro/tests/add-luks-keys/Makefile | 52 ----------- .distro/tests/add-luks-keys/PURPOSE | 3 - .distro/tests/add-luks-keys/runtest.sh | 59 ------------ .distro/tests/tests.yml | 11 --- .github/pull_request_template.md | 11 +-- .github/workflows/codeql.yml | 8 +- .github/workflows/container.yml | 25 +++--- .github/workflows/differential-shellcheck.yml | 19 ++++ .github/workflows/integration.yml | 90 ++++++++++++------- .github/workflows/lint.yml | 36 ++++---- .github/workflows/manualtest.yml | 2 +- .github/workflows/pr.yml | 2 +- .github/workflows/release.yml | 2 +- .packit.yml | 1 + 16 files changed, 118 insertions(+), 286 deletions(-) delete mode 100755 .distro/newdracut.sh delete mode 100644 .distro/tests/add-luks-keys/Makefile delete mode 100644 .distro/tests/add-luks-keys/PURPOSE delete mode 100644 .distro/tests/add-luks-keys/runtest.sh delete mode 100644 .distro/tests/tests.yml create mode 100644 .github/workflows/differential-shellcheck.yml diff --git a/.distro/newdracut.sh b/.distro/newdracut.sh deleted file mode 100755 index 381fba5f3..000000000 --- a/.distro/newdracut.sh +++ /dev/null @@ -1,82 +0,0 @@ -#!/usr/bin/bash - -bash -n "$0" || exit 1 -shopt -s extglob - -patchnr() { - local nr - while [[ -n "$1" ]]; do - nr=$(cut -d'.' -f1 <<< "$1") - shift - [[ $((10#$nr)) -gt 0 ]] || echo "Invalid patch number: $nr" >&2 - echo "$nr" - done -} - -if [[ -e "$HOME/git/dracut/$1" ]]; then - srcrpm="$HOME/git/dracut/$1" -elif [[ -e "$HOME/dev/upstream/dracut/$1" ]]; then - srcrpm="$HOME/dev/upstream/dracut/$1" -else - srcrpm="$1" -fi - -[[ -f $srcrpm ]] || exit 3 - -old_release=$(rpmspec -D "_sourcedir $(pwd)" -q --srpm --qf '%{release}' dracut.spec) -old_release=${old_release%%.*} - -cp dracut.spec dracut.spec.old - -rm *.patch; git reset --hard HEAD -last_patch_nr=$(patchnr *.patch | sort -n | tail -n 1) -last_patch_nr=${last_patch_nr:-0000} -#for i in *.patch; do git rm -f $i;done - -if rpm -ivh --define "_srcrpmdir $PWD" --define "_specdir $PWD" --define "_sourcedir $PWD" "$srcrpm"; then - for nr in $(patchnr *.patch); do - [[ $((10#$nr)) -gt $((10#$last_patch_nr)) ]] && git add "${nr}.patch" - done - - new_version=$(rpmspec -D "_sourcedir $(pwd)" -q --srpm --qf '%{version}' dracut.spec) - new_release=$(rpmspec -D "_sourcedir $(pwd)" -q --srpm --qf '%{release}' dracut.spec) - new_release_full=${new_release%.*} - new_release=${new_release%%.*} - - do_print="" - while IFS=$'\n' read -r line - do - if [ -z "$do_print" ] && [ "$line" = "%changelog" ]; then - do_print="yes" - echo "* $(LANG='C' date '+%a %b %d %Y') $(git config user.name) <$(git config user.email)> - ${new_version}-${new_release_full}" - - for ((i=old_release; i> dracut.spec - - # Patch list: - # ls *.patch | tr -s ' ' '\n' | cut -d'.' -f1 | xargs -i zsh -c "nr=\$((10#{})); echo \"Patch\${nr}: {}.patch\"" - - git add dracut.spec - - msg="Resolves: $( - for ((i=old_release; i -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2016 Red Hat, Inc. All rights reserved. -# Red Hat Internal -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -export TEST=/dracut/add-luks-keys -export TESTVERSION=1.0 -export DESCRIPTION="Create and add a luks key to all luks devices to allow booting of a system without entering a passphrase" - -BUILT_FILES= - -FILES=$(METADATA) runtest.sh Makefile PURPOSE - -.PHONY: all install download clean - -run: $(FILES) build - ./runtest.sh - -build: $(BUILT_FILES) - test -x runtest.sh || chmod a+x runtest.sh - -clean: - rm -f *~ $(BUILT_FILES) - - -include /usr/share/rhts/lib/rhts-make.include - -$(METADATA): Makefile - @echo "Owner: Jan Stodola " > $(METADATA) - @echo "Name: $(TEST)" >> $(METADATA) - @echo "TestVersion: $(TESTVERSION)" >> $(METADATA) - @echo "Path: $(TEST_DIR)" >> $(METADATA) - @echo "Description: $(DESCRIPTION)" >> $(METADATA) - @echo "Type: Install" >> $(METADATA) - @echo "TestTime: 10m" >> $(METADATA) - @echo "RunFor: dracut" >> $(METADATA) - @echo "Requires: dracut" >> $(METADATA) - @echo "Priority: Normal" >> $(METADATA) - @echo "License: Red Hat Internal" >> $(METADATA) - @echo "Confidential: no" >> $(METADATA) - @echo "Destructive: no" >> $(METADATA) - @echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA) - - rhts-lint $(METADATA) diff --git a/.distro/tests/add-luks-keys/PURPOSE b/.distro/tests/add-luks-keys/PURPOSE deleted file mode 100644 index a7c606363..000000000 --- a/.distro/tests/add-luks-keys/PURPOSE +++ /dev/null @@ -1,3 +0,0 @@ -PURPOSE of /dracut/add-luks-keys -Description: Create and add a luks key to all luks devices to allow booting of a system without entering a passphrase. -Author: Jan Stodola diff --git a/.distro/tests/add-luks-keys/runtest.sh b/.distro/tests/add-luks-keys/runtest.sh deleted file mode 100644 index 7ef652b08..000000000 --- a/.distro/tests/add-luks-keys/runtest.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/bash -# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# runtest.sh of /dracut/add-luks-keys -# Description: Create and add a luks key to all luks devices to allow booting of a system without entering a passphrase -# Author: Jan Stodola -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -# -# Copyright (c) 2016 Red Hat, Inc. All rights reserved. -# Red Hat Internal -# -# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -# Include Beaker environment -. /usr/bin/rhts-environment.sh || exit 1 -. /usr/share/beakerlib/beakerlib.sh || exit 1 - -PACKAGE="dracut" - -keyfile="/root/keyfile" -kernel_file=`grubby --default-kernel` -initrd_file=`grubby --info=$kernel_file | grep ^initrd= | sed 's/^initrd=//' | head -n1` -kernel_version=`rpm -qf $kernel_file --qf '%{VERSION}-%{RELEASE}.%{ARCH}\n'` - -rlJournalStart - rlPhaseStartTest "Add luks keys to initramfs" - - if [ ! -e "$keyfile" ]; then - rlLog "Creating new key file: $keyfile" - rlRun "dd if=/dev/urandom bs=1 count=32 of=$keyfile" - rlRun "chmod 0400 $keyfile" - else - rlLog "Using existing key file: $keyfile" - fi - - rlAssertExists "/etc/crypttab" - rlFileSubmit "/etc/crypttab" - UUIDS=`cat /etc/crypttab | cut -d' ' -f2 | cut -d'=' -f2` - for UUID in $UUIDS; do - rlRun "echo 'redhat' | /sbin/cryptsetup luksAddKey /dev/disk/by-uuid/$UUID $keyfile" - done; - - # modify /etc/crypttab, set key file in the thirth column of the file - rlRun "awk -v \"KEY_FILE=$keyfile\" '{\$3=KEY_FILE; print \$0}' /etc/crypttab > crypttab_mod" - rlRun "mv -Z crypttab_mod /etc/crypttab" - rlRun "chmod 0600 /etc/crypttab" - - rlRun "dracut -f -I $keyfile $initrd_file $kernel_version" - - # zipl has to be executed on s390x - if [ -x /sbin/zipl ]; then - rlRun "/sbin/zipl" - fi - - rlPhaseEnd -rlJournalEnd - diff --git a/.distro/tests/tests.yml b/.distro/tests/tests.yml deleted file mode 100644 index 60a098dca..000000000 --- a/.distro/tests/tests.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -# This first play always runs on the local staging system -- hosts: localhost - roles: - - role: standard-test-beakerlib - tags: - - classic - tests: - - add-luks-keys - required_packages: - - dracut # Required for add-luks-keys diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index ef281c3da..1bf967228 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,10 +1,5 @@ -This pull request changes... + -## Changes +(cherry picked from commit ... ) -## Checklist -- [ ] I have tested it locally -- [ ] I have reviewed and updated any documentation if relevant -- [ ] I am providing new code and test(s) for it - -Fixes # +Resolves: RHEL- diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e6f8e42e7..89a30b868 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -33,10 +33,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} queries: +security-extended,security-and-quality @@ -47,7 +47,7 @@ jobs: sudo apt -y install asciidoc gcc libkmod-dev libsystemd-dev pkg-config - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml index d8c88089f..b5edbde43 100644 --- a/.github/workflows/container.yml +++ b/.github/workflows/container.yml @@ -1,14 +1,14 @@ name: Container on: schedule: - - cron: '30 11 * * *' # every day at 11:30 UTC + - cron: '30 11 * * *' # every day at 4:40 push: - branches: [ master ] + branches: [ main ] paths: - 'test/container/**' - '.github/workflows/container.yml' pull_request: - branches: [ master ] + branches: [ main ] paths: - 'test/container/**' - '.github/workflows/container.yml' @@ -30,27 +30,22 @@ jobs: matrix: config: - { dockerfile: 'Dockerfile-Fedora-latest', tag: 'fedora:latest' } - - { dockerfile: 'Dockerfile-OpenSuse-latest', tag: 'opensuse:latest' } - - { dockerfile: 'Dockerfile-Arch', tag: 'arch:latest' } - - { dockerfile: 'Dockerfile-Debian', tag: 'debian:latest' } - - { dockerfile: 'Dockerfile-Gentoo', tag: 'gentoo:latest' } - - { dockerfile: 'Dockerfile-Ubuntu', tag: 'ubuntu:latest' } steps: - name: Check out the repo - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 +# with: +# buildkitd-flags: --debug - name: Login to GitHub Container Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Set up env - run: echo "repository_owner=${GITHUB_REPOSITORY_OWNER,,}" >>${GITHUB_ENV} - name: Build and Push Container - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: file: test/container/${{ matrix.config.dockerfile }} - tags: ghcr.io/${{env.repository_owner}}/${{ matrix.config.tag }} + tags: ghcr.io/${{ github.repository_owner }}/${{ matrix.config.tag }} push: ${{ github.event_name == 'push' || github.event_name == 'schedule' }} diff --git a/.github/workflows/differential-shellcheck.yml b/.github/workflows/differential-shellcheck.yml new file mode 100644 index 000000000..4cfbba6e1 --- /dev/null +++ b/.github/workflows/differential-shellcheck.yml @@ -0,0 +1,19 @@ +name: Differential ShellCheck +on: + pull_request: + branches: [ main ] + +jobs: + test: + runs-on: ubuntu-20.04 + + steps: + - name: Repository checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Differential ShellCheck + uses: redhat-plumbers-in-action/differential-shellcheck@v5 + with: + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml index ab075b045..ae493617f 100644 --- a/.github/workflows/integration.yml +++ b/.github/workflows/integration.yml @@ -2,33 +2,50 @@ name: Integration Test on: pull_request: - branches: [ master ] - -env: - DEBUGFAIL: "${{ secrets.ACTIONS_STEP_DEBUG && 'rd.debug' }}" + branches: [ main ] jobs: + basic: + runs-on: ubuntu-latest + timeout-minutes: 45 + concurrency: + group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.container }}-${{ matrix.test }} + cancel-in-progress: true + strategy: + matrix: + container: [ + "fedora:latest", + ] + test: [ + "04", + ] + fail-fast: false + container: + image: ghcr.io/${{ github.repository_owner }}/${{ matrix.container }} + options: "--privileged -v /dev:/dev" + steps: + - name: "Checkout Repository" + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: "${{ matrix.container }} TEST-${{ matrix.test }}" + run: ./tools/test-github.sh "TEST-${{ matrix.test }}" ${{ matrix.test }} test: runs-on: ubuntu-latest - timeout-minutes: 30 + timeout-minutes: 45 concurrency: group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.container }}-${{ matrix.test }} cancel-in-progress: true strategy: matrix: container: [ - "arch:latest", - "debian:latest", "fedora:latest", - "gentoo:latest", - "opensuse:latest", - "ubuntu:latest", ] test: [ "01", "02", "03", - "04", "10", "11", "12", @@ -37,56 +54,67 @@ jobs: "15", "16", "17", - "18", - "62", + "20", + "21", + "30", + "31", + "35", + "36", + "40", + "41", "98", ] fail-fast: false container: - image: ghcr.io/dracutdevs/${{ matrix.container }} + image: ghcr.io/${{ github.repository_owner }}/${{ matrix.container }} options: "--privileged -v /dev:/dev" steps: - name: "Checkout Repository" - uses: actions/checkout@v1 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: "${{ matrix.container }} TEST-${{ matrix.test }}" run: ./tools/test-github.sh "TEST-${{ matrix.test }}" ${{ matrix.test }} - network: + centos-9-stream: runs-on: ubuntu-latest timeout-minutes: 45 concurrency: - group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.container }}-${{ matrix.test }}-${{ matrix.network }} + group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.container }}-${{ matrix.test }} cancel-in-progress: true strategy: matrix: container: [ - "fedora:latest", - ] - network: [ - "network-manager", - "network-legacy", - #"systemd-networkd", - #"connman", + "centos:stream9", ] + # Disabled tests (due to dropped packages in RHEL/CentOS): + # 03, 04, 15: requires btrfs + # 14: requires dmraid + # 30, 31, 35, 36: requires scsi-target-utils test: [ + "01", + "02", + "10", + "11", + "12", + "13", + "16", + "17", "20", - "30", - "35", + "21", "40", - "60", - # "50", # times out + "41", + "98", ] fail-fast: false container: - image: ghcr.io/dracutdevs/${{ matrix.container }} + image: ghcr.io/${{ github.repository_owner }}/${{ matrix.container }} options: "--privileged -v /dev:/dev" steps: - name: "Checkout Repository" - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: "${{ matrix.container }} TEST-${{ matrix.test }}" - run: USE_NETWORK=${{ matrix.network }} ./tools/test-github.sh "TEST-${{ matrix.test }}" ${{ matrix.test }} + run: ./tools/test-github.sh "TEST-${{ matrix.test }}" ${{ matrix.test }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index d02b33276..b2d192fe0 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -2,31 +2,16 @@ name: Lint on: push: - branches: [ master ] + branches: [ main ] pull_request: - branches: [ master ] + branches: [ main ] jobs: - lint-shell: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v3 - - - name: shfmt - uses: luizm/action-sh-checker@v0.6.0 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - SHFMT_OPTS: -s # arguments to shfmt. - with: - sh_checker_shellcheck_disable: false - sh_checker_comment: true - lint-c: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: install tools run: sudo apt-get install astyle @@ -36,3 +21,18 @@ jobs: - name: check formatting run: git diff --exit-code + + lint-shell: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + + - name: shfmt + uses: luizm/action-sh-checker@v0.8.0 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SHFMT_OPTS: -s # arguments to shfmt. + with: + sh_checker_shellcheck_disable: false + sh_checker_comment: true diff --git a/.github/workflows/manualtest.yml b/.github/workflows/manualtest.yml index b790dcf7c..0607f97e6 100644 --- a/.github/workflows/manualtest.yml +++ b/.github/workflows/manualtest.yml @@ -31,7 +31,7 @@ jobs: options: "--privileged -v /dev:/dev" steps: - name: "Checkout Repository" - uses: actions/checkout@v1 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: "${{ inputs.container }} ${{ matrix.test }}" diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 60ca1db75..03a6f31cc 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check-out the repo under $GITHUB_WORKSPACE - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Commisery uses: dracutdevs/commisery-action@master diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7497d6ec3..b363bf59c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 diff --git a/.packit.yml b/.packit.yml index 7bb2a0d96..04dda4078 100644 --- a/.packit.yml +++ b/.packit.yml @@ -8,6 +8,7 @@ files_to_sync: patch_generation_ignore_paths: - .distro/ - .packit.yml +- .github/ patch_generation_patch_id_digits: 1 sync_changelog: true