dependabot[bot]
f211277934
build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.1
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.2.0 to 2.3.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](08b4669551...0864cf1902
2023-11-01 12:26:57 +00:00
Luca Boccassi
64ec2d073f
CI: add a build job with TPM but without OpenSSL
...
We keep introducing build failures with this combination due to the
high amount of changes, add a combination that covers it
2023-10-27 14:03:23 +01:00
Daan De Meyer
6e24a9dc7f
mkosi: Update to latest
...
We have to set the image runtime size explicitly now so that's it's
grown a bit when we boot in nspawn or qemu.
2023-10-05 16:57:10 +02:00
dependabot[bot]
273aca8b62
build(deps): bump systemd/mkosi
...
Bumps [systemd/mkosi](https://github.com/systemd/mkosi ) from adaa41512aa30c952daae5ba0abcf2622d66b93b to a8ecff0defa132d729dcdab38380dcae31138e7e.
- [Release notes](https://github.com/systemd/mkosi/releases )
- [Changelog](https://github.com/systemd/mkosi/blob/main/NEWS.md )
- [Commits](adaa41512a...a8ecff0def
2023-10-02 16:54:01 +00:00
dependabot[bot]
b503c76689
build(deps): bump meson from 1.2.1 to 1.2.2 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/1.2.1...1.2.2 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-01 18:16:06 +00:00
dependabot[bot]
8ee09da6e8
build(deps): bump actions/checkout from 3.6.0 to 4.1.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.6.0 to 4.1.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](f43a0e5ff2...8ade135a41
2023-10-01 18:15:04 +00:00
dependabot[bot]
a14438a85c
build(deps): bump github/codeql-action from 2.21.5 to 2.21.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.21.5 to 2.21.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](00e563ead9...ddccb87388
2023-10-01 18:14:32 +00:00
Jan Janssen
79ae0d0b3e
ci: Update compiler build matrix
...
Given that gold is pretty much unmaintained and does not support
`-static-pie` for bootloader components it should be safe to drop.
Also switch to clang-17 while we're at it.
2023-09-29 16:56:30 +02:00
Daan De Meyer
755012d37d
mkosi: Bump Fedora CI to Fedora 39
2023-09-19 11:47:41 +02:00
Daan De Meyer
bcc911a7d7
mkosi: Conditionally use tools tree
...
If the systemd version on the host is too old and there's no local
build directory, use the default tools tree which will build an
image containing all the tooling required to build systemd and use
that to build the other presets.
2023-09-09 15:53:26 +02:00
Daan De Meyer
aa72f856a1
mkosi: Update to latest
2023-09-09 15:45:41 +02:00
Daan De Meyer
6ec74f916a
mkosi: Drop arch workaround
...
archlinux-keyring was updated in Michel's PPA so let's drop the
workaround.
2023-09-08 09:20:46 +01:00
Jan Janssen
690db0c80f
ci: Do not run build test as root
...
Although, this is CI, we can still do better. It also ensures that any
env var changes make it into the script, as things like PATH would not
survive a `sudo -E`.
2023-09-06 11:01:53 +02:00
Jan Janssen
ce2c01789c
ci: Don't produce debug output for build tests
...
These binaries are never used, so generating debug symbols just
slows down build time.
2023-09-06 11:01:53 +02:00
Jan Janssen
051ec23ce2
ci: Use apt-get in favor of apt
...
Apparently, apt does not have a stable CLI interface and warns about it.
2023-09-06 11:01:53 +02:00
Jan Janssen
592ee08f3b
ci: Use add-apt-repository to enable sources
...
This should also ensure that consistent mirrors are selected.
2023-09-06 11:01:53 +02:00
Jan Janssen
bc763971ef
ci: Remove custom build step names
...
Putting build matrix details into a build step name is rather useless as
the jobs themselves already contain the needed information.
2023-09-06 10:40:51 +02:00
Daan De Meyer
35356d7f3f
mkosi: Update to latest
...
Configuration now takes priority over CLI options so we have to
configure the defaults for settings that we want to allow overriding
from the CLI. We also explicitly set some other settings so that they
can't be overridden from the CLI anymore. For example the base and
initrd image should never be made bootable so we set Bootable=no
explicitly for both.
2023-09-05 15:28:23 +02:00
Daan De Meyer
16173ab1aa
mkosi: Re-enable arch but disable keyring checking
...
No need to disable arch completely, let's just disable keyring checking
to get CI working again for now.
2023-09-04 13:53:16 +02:00
Luca Boccassi
f7f842f888
mkosi: temporarily disable Arch
...
The mkosi Arch CI doesn't work as the keyring package is out
of date and cannot be built due to various build toolchain
issues. Disable the job as it always fails and confuses
submitters.
2023-09-03 14:40:24 +01:00
dependabot[bot]
475974eb5b
build(deps): bump actions/checkout from 3.5.3 to 3.6.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.3 to 3.6.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](c85c95e3d7...f43a0e5ff2
2023-09-02 19:13:09 +00:00
dependabot[bot]
c5de4ee02b
build(deps): bump meson from 1.2.0 to 1.2.1 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/1.2.0...1.2.1 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-02 19:12:43 +00:00
dependabot[bot]
3bb5656ff1
build(deps): bump github/codeql-action from 2.21.2 to 2.21.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.21.2 to 2.21.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0ba4244466...00e563ead9
2023-09-02 19:12:34 +00:00
Jan Janssen
7f9a0d6d74
meson: Drop skip-deps option
...
Now that we use meson feature options for our dependencies, we can just
rely on '--auto-features=disabled' to do the same. One benefit of this
is that specific features can still be force-enabled by overriding it
with the appropriate '-Dfeature=enabled' flag.
The two remaining uses for skip-deps can simply rely on their default
logic that sets the value to 'no' when the dependency is disabled.
2023-08-23 14:57:49 +02:00
Jan Janssen
1e73a64a7a
meson: Convert more options to meson features
...
The semantics for libidn2 and pwquality have changed slightly: We will
pick a preferred one if both are enabled instead of making it an error.
2023-08-23 14:45:02 +02:00
Jan Janssen
40e9c4e45d
meson: Convert options to meson features (require)
...
These options use requre() to conveniently express their dependency
requirements.
2023-08-23 14:45:02 +02:00
Jan Janssen
43abc59a27
meson: Use feature options
...
By using meson features we can replace the handcrafted dependency
auto-detection by just passing the value from get_option directly to the
required arg for dependency, find_library etc.
'auto' features make the dependency optional, 'enabled' requires it
while 'disabled' features will skip detection entirely.
Any skipped or not found dependency will just be a no-op when passed to
build steps and therefore we can also skip the creation of empty vars.
The use of skip_deps for these is dropped here as meson provides a way
to disable all optional features in one go by passing
'-Dauto_features=disabled'.
2023-08-23 14:45:02 +02:00
Daan De Meyer
c3e83f09ea
mkosi: Update to v15.1 release
2023-08-15 12:32:39 +02:00
Daan De Meyer
1f035c91bb
mkosi: Update to latest
...
This update introduces the explicit Dependencies= setting, instead
of relying on implicit dependencies via alphanumerical ordering.
We also take the opportunity to rename the "final" preset to the
"system" preset, which seems like a better name.
2023-08-09 18:56:51 +02:00
Jan Macku
97eb826821
ci(lint): exclude .in files from ShellCheck lint
...
Exclude all `.in` files because they may contain unsupported syntax, and
they have to be preprocessed first. For example:
```sh
Error: SHELLCHECK_WARNING:
./src/rpm/systemd-update-helper.in:130:37: warning[SC1083]: This { is literal. Check expression (missing ;/\n?) or quote it.
```
Related to: https://github.com/systemd/systemd/pull/28521
2023-08-07 19:28:23 +02:00
Daan De Meyer
f2f8ed193c
mkosi: Update to latest
2023-08-04 16:48:58 +02:00
Daan De Meyer
0f4259bcf2
mkosi: Update to latest
...
We modify all our scripts to execute in the image instead of on the
hosts. In the future we can adapt them to run on the host.
2023-08-03 17:03:05 +02:00
dependabot[bot]
f3d812baf7
build(deps): bump systemd/mkosi
...
Bumps [systemd/mkosi](https://github.com/systemd/mkosi ) from 5866c0ff3b36d350c943016e5a3b115f7a95d37f to c6dd95b6eae0386579071cbf44fd838ce28b7237.
- [Release notes](https://github.com/systemd/mkosi/releases )
- [Changelog](https://github.com/systemd/mkosi/blob/main/NEWS.md )
- [Commits](5866c0ff3b...c6dd95b6ea
2023-08-01 20:27:17 +00:00
dependabot[bot]
1ce2075fde
build(deps): bump actions/labeler from 4.2.0 to 4.3.0
...
Bumps [actions/labeler](https://github.com/actions/labeler ) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/actions/labeler/releases )
- [Commits](0967ca812e...ac9175f8a1
2023-08-01 14:18:15 +00:00
dependabot[bot]
8fa2da7ad1
build(deps): bump meson from 1.1.1 to 1.2.0 in /.github/workflows
...
Bumps [meson](https://github.com/mesonbuild/meson ) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/mesonbuild/meson/releases )
- [Commits](https://github.com/mesonbuild/meson/compare/1.1.1...1.2.0 )
---
updated-dependencies:
- dependency-name: meson
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-08-01 14:16:16 +00:00
dependabot[bot]
d8c7d6d4fe
build(deps): bump github/codeql-action from 2.20.1 to 2.21.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.20.1 to 2.21.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f6e388ebf0...0ba4244466
2023-08-01 10:14:58 +00:00
Zbigniew Jędrzejewski-Szmek
79ce5f940e
labeller: add build-system label
2023-07-29 14:11:14 +02:00
Frantisek Sumsal
c5afbac31b
ci: explicitly install python3-lldb-$COMPILER_VERSION
...
To avoid apt complaining:
+ apt-get -y install clang-15 lldb-15 lld-15 clangd-15
Reading package lists...
Building dependency tree...
Reading state information...
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:
The following packages have unmet dependencies:
python3-lldb-14 : Conflicts: python3-lldb-x.y
python3-lldb-15 : Conflicts: python3-lldb-x.y
E: Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages.
2023-07-27 13:45:00 +01:00
Luca Boccassi
4cf5b343c9
mkosi: add drop-in to make emergency.service shut down the system
...
When the mkosi CI fails to boot, it just sits there waiting at the emergency
console until the job times out. Add a drop-in for emergency.service in the
CI configuration so that instead it exists immediately.
2023-07-26 14:07:13 +01:00
Frantisek Sumsal
c4b167f857
ci: drop super-linter's shellcheck
...
It's been a while since we introduced Differential ShellCheck and it
proved to be quite useful (and in some ways even better than the shellcheck
run by super-linter). So, to have only one linter scream at us for not
knowing how to write bash properly, let's drop the super-linter's one in
favor of Differential ShellCheck.
Follow-up for https://github.com/systemd/systemd/pull/24328#pullrequestreview-1074127504
2023-07-17 20:12:57 +01:00
Daan De Meyer
5b79e9d7a9
mkosi: Update to latest
...
mkosi now supports CentOS SIGs natively so we drop our own definition
of that and use the mkosi builtin one. We also enable hyperscale for
both CentOS 8 and CentOS 9 for consistency and add epel-next as well
which is a requirement for Hyperscale.
2023-07-14 14:47:45 +02:00
dependabot[bot]
1cdaba52a5
build(deps): bump github/codeql-action from 2.3.5 to 2.20.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.5 to 2.20.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0225834cc5...f6e388ebf0
2023-07-01 14:05:22 +00:00
dependabot[bot]
6cc0fd0044
build(deps): bump actions/labeler from 4.0.4 to 4.2.0
...
Bumps [actions/labeler](https://github.com/actions/labeler ) from 4.0.4 to 4.2.0.
- [Release notes](https://github.com/actions/labeler/releases )
- [Commits](0776a67936...0967ca812e
2023-07-01 10:37:11 +00:00
dependabot[bot]
a2c9096790
build(deps): bump actions/checkout from 3.5.2 to 3.5.3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e5e7e5ab8...c85c95e3d7
2023-07-01 10:36:23 +00:00
dependabot[bot]
479f9f3004
build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](80e868c13c...08b4669551
2023-07-01 10:35:10 +00:00
Daan De Meyer
12ab9ae8c6
mkosi: Update to latest
...
mkosi now prebuilds the hwdb during image build which should hopefully
get rid of the CentOS 8 failures we're seeing in CI.
2023-06-26 14:14:40 +01:00
Daan De Meyer
94c357ca23
mkosi: Update to latest
...
We now run repart before starting systemd-nspawn to make sure that
the root partition is also generated when we boot the image in a
container instead of a VM.
To make sure we start from scratch for both the container boot and
the VM boot, we also enable Ephemeral to make sure all changes to
the image are ephemeral.
2023-06-19 10:30:39 +02:00
Evgeny Vereshchagin
83dda3d28b
ci: drop the "find" kludge
...
meson no longer complains about install_tag
2023-06-16 10:43:06 +09:00
Joyce Brum
2b3211c836
Squashed commit of the following:
...
commit ef2fc83647f69c172c11e0dea318bf6ecf79a4aa
Author: Joyce <joycebrum@google.com>
Date: Wed Jun 14 12:18:23 2023 -0300
Update scorecards.yml
Signed-off-by: Joyce <joycebrum@google.com>
commit c59c05c6ab156b20249e8056d8cbaafbe0c495f8
Merge: 7431a54568 f66d040d95
2023-06-14 20:22:50 +01:00
Joyce
3f2ff79763
Fix scorecard version comment format ( #28027 )
...
* Update scorecards.yml version comments
Signed-off-by: Joyce <joycebrum@google.com>
2023-06-13 22:36:32 +01:00
