* 786b8fe1c8 Return false from want_efi() for UKI outputs
* fac86dbc93 mkosi-tools: add qemu/pipewire packages for gui profile for debian
* 3bb98f0e6e Add ncdu to tools tree packages
* 1332b32cb4 config: Fix type for devicetree setting
* eff03569ee initrd: Add intel_pmc_ssram_telemetry module by default
* e04305b030 Make Bootable= determine whether we build a UKI for esp images
* 7252146429 mkosi-obs: use --force also for unzstd
* f58e31e228 mkosi-obs: do not fail if there are no bootloaders in the ESP
* fac3bd4bf1 rhel: Look up entitlement keys and certificates in sandbox
* da814d9634 opensuse: Add support for RISC-V for Tumbleweed
* b1d66c88d0 fedora: Rework rawhide GPG key logic
* b9360f25df Include {sys,conf}ext info in metadata file
* 94c6db6148 Set MakeInitrd=yes in documentation for building custom initrd
* d134013ca8 mkosi-tools: add grub2-common to openSUSE tools tree
* c97d345395 mkosi-tools: virtiofsd is only available on a subset of architectures on debian/ubuntu
* 5598b7f579 fedora: be more persistent when guessing what rawhide could be
* cdd2d1570e Use apt-ftparchive instead of reprepro
* eeb4ce6302 fix dead/404 link
* 30a487d183 mkosi-tools: Drop systemd-boot-efi package
* ad4b4d2cbe Add debug logging for version reported by systemd tools
* 95f5c77fb7 mkosi-tools: move systemd-boot package to conf file matching older releases
* 7da22f33e0 README: clarify that companion tools can also be enabled from the git repo
* ec3fe91532 Drop microsecond resolution for datetime.now()
* 9f7a53b687 mkosi-initrd: install raid rule with 70 prefix
* 32c3ff4677 ci: give a hint about possible fixes for failing reuse lints
* 489c5e9ecc build(deps): bump github/codeql-action from 3.29.2 to 3.29.5
Debian provides a signed shim that trusts sdboot and can be
installed without pulling in grub automatically. Install it
in the debian mkosi CI job, and build a custom efivars with
the mkosi cert enrolled in MOK but not DB, to test those
code paths.
* cb1a3c9049 FirmwareVariables: allow generating during image build
* 6104923534 env: export $EFI_ARCHITECTURE in hook scripts on EFI arches
* fef33f96a2 mkosi-tools: ukify moved to systemd-ukify in openSUSE
* ec4475a846 ensure builds with cache over device boundaries
* 7be5159f24 Change UnifiedKernelImages to enum and accept signed/unsigned
* 071ac4a575 mkosi-vm: install systemd-boot-efi-signed where available
* 1865be628e opensuse: Install OpenSUSE-release if another release package is not installed
* 0381b17819 qemu: Disable hpet for x86 VMs
* 4f63700eb3 mkosi-tools: install systemd-boot-tools for bootctl
* 1230ed333b man: remove duplicate 'the' in FirmwareVariables description
- pass our system include directories to make generators use our libc
wrappers and latest kernel headers,
- include relevant headers in generated gperf file,
- use files() rather than find_program(), as the result of
find_program() cannot be passed to 'input' of custom_target(),
- move generate-bpf-delegate-configs.py to src/core/, as it is only used
by libcore.
* 184472f0f1 mkosi-tools: make sure p11-kit dir exists when configuring module
* 9fb807884e mkosi-tools: Explicitly install p11-kit
* 9131877d60 Support matching against architectures with uefi support
* f1eab5a783 Rename sandbox verb to box
* d609f55d98 Fix /var/tmp directory cleanup
* 4997b9495c build(deps): bump github/codeql-action from 3.28.18 to 3.29.2
Otherwise, integration-test-wrapper.py will fail.
```
Traceback (most recent call last):
File "/home/runner/work/systemd/systemd/test/integration-tests/integration-test-wrapper.py", line 693, in <module>
main()
~~~~^^
File "/home/runner/work/systemd/systemd/test/integration-tests/integration-test-wrapper.py", line 677, in main
runner = os.environ['TEST_RUNNER']
~~~~~~~~~~^^^^^^^^^^^^^^^
File "<frozen os>", line 717, in __getitem__
KeyError: 'TEST_RUNNER'
```
Follow-up for c0a5801f7b.
The slow tests have timed out at least a couple of times,
so add a multiplier
1252/1633 systemd:libsystemd / test-sd-device TIMEOUT 30.04s killed by signal 15 SIGTERM
1633/1633 systemd:libsystemd / test-journal-verify TIMEOUT 90.01s killed by signal 15 SIGTERM
Follow-up for 8a1d134144
Enable nspawn job, as there's no nested kvm so VMs are too slow. Fix
some tests that fail in a VM anyway, might add a nightly job later that
runs them.
New workers we got from IBM can be used now. The GHA linter doesn't
recognize them yet, so add a local workaround until the change is
merged in the linter.
* b2fe7ba6b1 Do not use return in finally
* b4f3088535 Ensure directories exist before running sync scripts
* e83e7036b0 mkosi-obs: also allow enrolling additional certs in KEK
* b6432fbc29 initrd: Copy /etc/pki/rpm-gpg into sandbox tree
* 44b96b93c8 Partially revert "resources: add systemd-boot-efi"
* 7a22260179 Check that keys are both in context.cli and history
* 6570b21a4b fix: Remove `erofs-utils` from initrd
* ff61c5022a mkosi-initrd: Add atkbd and i8042 modules to the default initrd modules
* eaa37f7c6c Generate initrds outside of umask context manager
* de09209520 ci: Drop differential shellcheck
* d07c6b93c9 build(deps): bump github/codeql-action from 3.28.16 to 3.28.18
* 9a12fb1bef Check that commit exists in config_parse_minimum_version()
* 9e5b4f8932 kmod: factor out comparison and also count empty directories as invalid
* 39ed5ef6c2 apt: support including additional configuration for reprepro
* 5e739ef1ed mkosi-initrd: Optionally match t64 suffix for tss2
libraries
* ec70393077 Merge pull request https://github.com/systemd/mkosi/pull/3742 from DaanDeMeyer/man
|\
| * 94cc136fbe mkosi-tools: Install man tool and pages as part of misc
profile
| * eda2ed533d Enforce C.UTF-8 locale for all commands we run
* | 9821e9a3e3 sandbox: Support using mkosi-sandbox as a library
* | 4145382edf Serialize pid in state and check if still exists on load
* | 3d119cba07 Merge pull request https://github.com/systemd/mkosi/pull/3736 from DaanDeMeyer/rpm-gpgkey
|\ \
| |/
|/|
| * 0a5d87b7bb Only pick up /etc/pki/tls and /etc/pki/ca-trust as
certificate dirs
| * c30eee187f Look for rpm gpg keys from inside the sandbox
|/
* ef2842dfea Fix version bump check if image version was passed on CLI
* 12b6251153 apt: Install apt sources if apt was installed via base tree
* a0b4e1af9a Make sure git doesn't fail when running as root
* 585a47705d repart: use --append-fstab=auto if available
* cec6ae1dda sandbox: handle case where dev node for tty doesn't exist
* a60dade823 initrd: shadow-utils removal is only necessary on old
Fedora
* ca11acbd5b Use SPDX identifier instead of file path for license in
pyproject.toml
* 4d031bc57d Revert license-files property
* c80dd09008 Merge pull request https://github.com/systemd/mkosi/pull/3722 from behrmann/versiontweaks
|\
| * c76e5dc4bc make version test more readable
| * 90ba99dde1 version: add __repr__ to GenericVersion
|/
* dd794ec832 Fix licenses path in pyproject.toml
* 7eeb749840 Merge pull request https://github.com/systemd/mkosi/pull/3702 from aafeijoo-suse/initrd-kmp
|\
| * 565b905aa1 mkosi-initrd: handle symlinks under weak-updates
| * a83ccc10c7 mkosi-initrd: perform basic checks on the kernel dir
before calling mkosi
| * 73cad79c9e mkosi-initrd: --kernel-modules-include ->
--kernel-modules
* bac76904c3 build(deps): bump github/codeql-action from 3.28.13 to
3.28.16
* 44161624a2 Supress ssh unit generation if sshd is not present
* b8758dac28 Partially revert 640000a861e9cd9a3807e4158e110a098c74d078
* 6f11937dc6 Don't use default value if optional settings are set to
none
* 640000a861 Use a default tools tree by default if mkosi.tools.conf
exists
* 63d91cc285 mkosi: Override misconfigured gitconfig HTTP/HTTPS proxy
with ProxyUrl
* a859b5eb13 Make sure we create the default workspace directory as well
Instead of using run-clang-tidy.py with its own scheduling, let's
just gather a list of source files ourselves and then use that to
add a unit test for each source file that runs clang-tidy on the
source file.
We also add a bit of logic to run clang-tidy on most header files
as well for extra coverage. This uncovered various header files that
were not standalone so this commit also includes fixes to make sure
the clang-tidy tests are all green.
We can also use this in a later commit to run clang-include-cleaner
on each source file in the same way.
meson's target has a few issues:
- Runs on all source files regardless if they're included in the
build or not
- Doesn't have any dependencies on generated sources which means we
have to do a full build first before we can run clang-tidy
- Doesn't allow us to pass any extra arguments
To work around these, let's define our own clang-tidy target instead
using llvm's run-clang-tidy script. Alongside the clang-tidy target,
let's start keeping track of all generated sources which we make the
clang-tidy target depend on. We also add a new target which will only
generate source files which is useful for setting up the source tree
for running code analysis against it.
Let's add a basic clang-tidy check to the linter workflow. This
gives us the following:
- A check so that we don't introduce any new cyclic header dependencies
- A check to make sure all of our header files are standalone, as clang-tidy
will fail to parse header files that don't include all their dependencies.
