morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 00:14:32 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
2fe49e8a4c07b1a8d2652f4f1e70505f63653151
systemd/.github/workflows/mkosi.yml
Daan De Meyer 2fe49e8a4c mkosi: update mkosi commit reference to 10544812b35a668d4aac9834c78ee8166e99bc78 
* 10544812b3 Don't fix up vmlinuz locations if not required
* 9baf551923 Reduce amount of packages in default image
* 9e1a2f18b8 Add support for assert sections
* c7c6e2c0b1 ubuntu: Switch to devel as the default release
* 0822deb69c Improve logging when we can not extract kernel version from filename
* 1fd7ef3db7 Do not build default initrd if Initrds= is specified
* 611c8b46c8 Don't unconditionally sync when PackageCacheDirectory=/var
* ab37f24d38 README: add link to OBS docs for mkosi builds
* 02bf256ebb completion: add reuse ignore comments
* 10ccb0b04f Make sure not all subimages depend on default-initrd subimage
* 442e1ce0f1 mkosi-tools: systemd-boot-tools is now available for all arches
* 307fc1dba3 action: make it work when used as a submodule
* c37a55f91b config: serialize dataclass instances in our JSONEncoder
* f26cb34155 log: set terminal window title in complete_step while mkosi runs
* 280c78e681 Make sure inherited settings are applied for the default initrd
* ae4f2fd718 Fix typo
* 5644f3e83e build(deps): bump github/codeql-action from 3.29.7 to 3.30.5
* 7d7b26b8c9 build(deps): bump actions/checkout from 4.2.2 to 5.0.0
* e805253447 postmarketos: implement is_kernel_package
* dd51d2e019 postmarketos: provide missing i386-vars.fd
* e23e6de66b Do not relabel files when building extension image
* ab05ead5eb Bump various systemd version checks to 258
* 382cc8b450 preset: drop systemd-networkd-wait-online.service
* 477b6b2ed5 mkosi-initrd: install systemd-container in network profile
* 1d167c0b53 mkosi-initrd: add 89-ethernet.network for network profile
* b1e81dec3a mkosi-initrd: Install libseccomp explicitly
* 3c431a141c opensuse: repository non-oss-debug is invalid
* 62ab363149 ci: add an s390x build job for additional coverage
* 62765f2d07 mailmap: deduplicate Daan
* 47f963f40b Revert "ci: Disable PPC jobs temporarily"
* 6a48f83dda dnf: Always specify --best again
* 3702368616 sandbox: Make all relative paths absolute during argparsing
* a587af0bf7 dnf: Fix /var package cache directory check in package_subdirs()
* 56cdbc25b5 Always use repository metadata from /var package cache directory
* 669d4418a3 Add note on Encrypt=yes to Passphrase= docs
* caa129edae Drop BuildSourcesEphemeral=yes from default image config
* 7edca63478 Add devicetree-auto support for UKI
* 6cb1649074 Don't add ncdu for ppc64-le on Fedora
* e019d2d2a6 ci: Disable PPC jobs temporarily
2025-11-25 11:02:34 +01:00

322 lines
9.7 KiB
YAML
Raw Blame History

---
# vi: ts=2 sw=2 et:
# SPDX-License-Identifier: LGPL-2.1-or-later
# Simple boot tests that build and boot the mkosi images generated by the mkosi config files in mkosi.conf.d/.
name: mkosi
on:
push:
branches:
- main
- v[0-9]+-stable
paths:
- "**"
- "!README*"
- "!LICENSE*"
- "!LICENSES/**"
- "!TODO"
- "!docs/**"
- "!man/**"
- "!catalog/**"
- "!shell-completion/**"
- "!po/**"
- "!.**"
- ".github/**"
pull_request:
branches:
- main
- v[0-9]+-stable
paths:
- "**"
- "!README*"
- "!LICENSE*"
- "!LICENSES/**"
- "!TODO"
- "!docs/**"
- "!man/**"
- "!catalog/**"
- "!shell-completion/**"
- "!po/**"
- "!.**"
- ".github/**"
permissions:
contents: read
jobs:
ci:
runs-on: ${{ matrix.runner }}
concurrency:
group: ${{ github.workflow }}-${{ matrix.distro }}-${{ matrix.release }}-${{ github.ref }}-${{ matrix.runner }}
cancel-in-progress: true
strategy:
fail-fast: false
matrix:
include:
- distro: arch
release: rolling
runner: ubuntu-24.04
sanitizers: ""
llvm: 0
cflags: "-O2 -D_FORTIFY_SOURCE=3"
relabel: no
vm: 1
no_qemu: 0
no_kvm: 0
shim: 0
- distro: debian
release: stable
runner: ubuntu-24.04
sanitizers: ""
llvm: 0
cflags: "-Og"
relabel: no
vm: 0
no_qemu: 0
no_kvm: 0
shim: 0
- distro: debian
release: testing
runner: ubuntu-24.04
sanitizers: ""
llvm: 0
cflags: "-Og"
relabel: no
vm: 0
no_qemu: 0
no_kvm: 0
shim: 1
- distro: debian
release: testing
runner: ubuntu-24.04-arm
sanitizers: ""
llvm: 0
cflags: "-Og"
relabel: no
vm: 0
no_qemu: 1
no_kvm: 1
shim: 0
- distro: ubuntu
release: noble
runner: ubuntu-24.04
sanitizers: ""
llvm: 0
cflags: "-Og"
relabel: no
vm: 0
no_qemu: 0
no_kvm: 0
shim: 0
- distro: fedora
release: "43"
runner: ubuntu-24.04
sanitizers: address,undefined
llvm: 1
cflags: "-Og"
relabel: yes
vm: 0
no_qemu: 0
no_kvm: 0
shim: 0
- distro: fedora
release: rawhide
runner: ubuntu-24.04
sanitizers: ""
llvm: 0
cflags: "-Og"
relabel: yes
vm: 0
no_qemu: 0
no_kvm: 0
shim: 0
- distro: opensuse
release: tumbleweed
runner: ubuntu-24.04
sanitizers: ""
llvm: 0
cflags: "-Og"
relabel: yes
vm: 0
no_qemu: 0
no_kvm: 0
shim: 0
- distro: centos
release: "9"
runner: ubuntu-24.04
sanitizers: ""
llvm: 0
cflags: "-Og"
relabel: yes
vm: 0
no_qemu: 0
no_kvm: 0
shim: 0
- distro: centos
release: "10"
runner: ubuntu-24.04
sanitizers: ""
llvm: 0
cflags: "-Og"
relabel: yes
vm: 0
no_qemu: 0
no_kvm: 0
shim: 0
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- uses: systemd/mkosi@10544812b35a668d4aac9834c78ee8166e99bc78
# Freeing up disk space with rm -rf can take multiple minutes. Since we don't need the extra free space
# immediately, we remove the files in the background. However, we first move them to a different location
# so that nothing tries to use anything in these directories anymore while we're busy deleting them.
- name: Free disk space
run: |
sudo mv /usr/local /usr/local.trash
sudo mv /opt/hostedtoolcache /opt/hostedtoolcache.trash
sudo systemd-run rm -rf /usr/local.trash /opt/hostedtoolcache.trash
- name: Btrfs
run: |
truncate --size=100G btrfs.raw
mkfs.btrfs btrfs.raw
sudo mkdir -p /mnt/mkosi
LOOP="$(sudo losetup --find --show --direct-io=on btrfs.raw)"
rm -f btrfs.raw
sudo mount "$LOOP" /mnt/mkosi --options compress=zstd:1,user_subvol_rm_allowed,noatime,discard=async,space_cache=v2
sudo chown "$(id -u):$(id -g)" /mnt/mkosi
mkdir -p /mnt/mkosi/tmp
echo "TMPDIR=/mnt/mkosi/tmp" >>"$GITHUB_ENV"
ln -sf /mnt/mkosi/build build
- name: Configure
run: |
tee mkosi/mkosi.local.conf <<EOF
[Distribution]
Distribution=${{ matrix.distro }}
Release=${{ matrix.release }}
[Output]
# Build a disk image in CI as this logic is much more prone to breakage.
Format=disk
[Build]
UseSubvolumes=yes
ToolsTreeDistribution=${{ matrix.distro }}
ToolsTreeRelease=${{ matrix.release }}
WithTests=yes
WorkspaceDirectory=$TMPDIR
PackageCacheDirectory=$TMPDIR/cache
Environment=
# Build debuginfo packages since we'll be publishing the packages as artifacts.
WITH_DEBUG=1
CFLAGS="${{ matrix.cflags }}"
SANITIZERS=${{ matrix.sanitizers }}
MESON_OPTIONS=--werror
LLVM=${{ matrix.llvm }}
SYSEXT=1
[Content]
SELinuxRelabel=${{ matrix.relabel }}
[Runtime]
RAM=4G
EOF
- name: Generate secure boot key
run: mkosi --debug genkey
- name: Show image summary
run: mkosi summary
- name: Build tools tree
run: sudo mkosi -f box -- true
- name: Configure meson
run: |
# /usr/sbin/bpftool is completely broken inside containers on Ubuntu which makes meson blow up so
# disable the bpf-framework stuff to avoid the issue.
# TODO: Drop when we move off Ubuntu Noble as this will be fixed in the next Ubuntu LTS release.
sudo mkosi box -- \
meson setup \
--buildtype=debugoptimized \
-Dbpf-framework=disabled \
build
- name: Prepare shim integration
run: |
if [ ${{ matrix.shim }} = 1 ]; then
{ printf '[Content]\nPackages=shim-signed\nShimBootloader=signed\n'; \
printf '[Runtime]\nFirmware=uefi-secure-boot\nFirmwareVariables=%%O/ovmf_vars_shim.fd\n'; } \
>>mkosi/mkosi.local.conf
sudo mkdir -p build/mkosi.output/
sudo mkosi -f box -- \
virt-fw-vars \
--secure-boot \
--enroll-cert mkosi/mkosi.crt \
--add-mok 605dab50-e046-4300-abb6-3dd810dd8b23 mkosi/mkosi.crt \
--input /usr/share/OVMF/OVMF_VARS_4M.fd \
--output build/mkosi.output/ovmf_vars_shim.fd
fi
- name: Build image
run: sudo mkosi box -- meson compile -C build mkosi
- name: Make sure sources weren't polluted by package build scripts
run: |
git status
git diff
test -z "$(git status --porcelain)"
# There will only be one subdirectory, so we don't have to know exactly which one. Also, the
# subdirectory will be owned by root since we used sudo to build the image, so use sudo here as well.
sudo git -C pkg/* status
sudo git -C pkg/* diff
test -z "$(sudo git -C pkg/* status --porcelain)"
- name: Run integration tests
run: |
if [[ "$(sudo mkosi box -- meson test --help)" == *"--max-lines"* ]]; then
MAX_LINES=(--max-lines 300)
else
MAX_LINES=()
fi
if [ "${{ matrix.no_kvm }}" = 1 ] && [ "${{ matrix.no_qemu }}" = 0 ]; then
timeout_multiplier=4
fi
# --preserve-env makes sure all the github actions environment variables are propagated which are
# used in integration-test-wrapper.py to construct the `gh` command line to download the journals
# of failed tests.
sudo --preserve-env mkosi box -- \
env \
TEST_PREFER_QEMU=${{ matrix.vm }} \
TEST_NO_QEMU=${{ matrix.no_qemu }} \
TEST_NO_KVM=${{ matrix.no_kvm }} \
TEST_RUNNER=${{ matrix.runner }} \
meson test \
-C build \
--timeout-multiplier="${timeout_multiplier:-1}" \
--no-rebuild \
--setup=integration \
--suite=integration-tests \
--print-errorlogs \
--no-stdsplit \
--num-processes "$(($(nproc) - 1))" \
"${MAX_LINES[@]}"
- name: Archive failed test journals
uses: actions/upload-artifact@v4
if: failure() && (github.repository == 'systemd/systemd' || github.repository == 'systemd/systemd-stable')
with:
name: ci-mkosi-${{ github.run_id }}-${{ github.run_attempt }}-${{ matrix.distro }}-${{ matrix.release }}-${{ matrix.runner }}-failed-test-journals
path: |
build/test/journal/*.journal
build/meson-logs/*
retention-days: 7
Reference in New Issue View Git Blame Copy Permalink