group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
steps:
- - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
-
- - name: Install
- run: |
- # This is added by default, and it is often broken, but we don't need anything from it
- sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
- sudo apt-get update
- sudo apt-get install pandoc python3-pytest
- python3 -m pip install --break-system-packages --upgrade setuptools wheel pip
- python3 -m pip install --break-system-packages mypy ruff
- npm install -g pyright
-
- - name: Run ruff
- run: |
- ruff --version
- ruff check mkosi/ tests/ kernel-install/50-mkosi.install
-
- - name: Check that tabs are not used in code
- run: sh -c '! git grep -P "\\t" "*.py"'
-
- - name: Type Checking (mypy)
- run: |
- python3 -m mypy --version
- python3 -m mypy mkosi/ tests/ kernel-install/50-mkosi.install
-
- - name: Type Checking (pyright)
- run: |
- pyright --version
- pyright mkosi/ tests/ kernel-install/50-mkosi.install
-
- - name: Unit Tests
- run: |
- python3 -m pytest --version
- python3 -m pytest -sv tests/
-
- - name: Test execution from current working directory
- run: python3 -m mkosi -h
-
- - name: Test execution from current working directory (sudo call)
- run: sudo python3 -m mkosi -h
-
- - name: Test venv installation
- run: |
- python3 -m venv testvenv
- testvenv/bin/python3 -m pip install --upgrade setuptools wheel pip
- testvenv/bin/python3 -m pip install .
- testvenv/bin/mkosi -h
- rm -rf testvenv
-
- - name: Test editable venv installation
- run: |
- python3 -m venv testvenv
- testvenv/bin/python3 -m pip install --upgrade setuptools wheel pip
- testvenv/bin/python3 -m pip install --editable .
- testvenv/bin/mkosi -h
- rm -rf testvenv
-
- - name: Test zipapp creation
- run: |
- ./tools/generate-zipapp.sh
- ./builddir/mkosi -h
- ./builddir/mkosi documentation
-
- - name: Run shellcheck on scripts
- run: |
- sudo apt-get update && sudo apt-get install --no-install-recommends shellcheck
- bash -c 'shopt -s globstar; shellcheck bin/mkosi tools/*.sh'
- bin/mkosi completion bash | shellcheck -
-
- - name: Test man page generation
- run: pandoc -s mkosi.md -o mkosi.1
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+
+ - name: Install
+ run: |
+ # This is added by default, and it is often broken, but we don't need anything from it
+ sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
+ sudo apt-get update
+ sudo apt-get install pandoc python3-pytest
+ python3 -m pip install --break-system-packages --upgrade setuptools wheel pip
+ python3 -m pip install --break-system-packages mypy ruff
+ npm install -g pyright
+
+ - name: Run ruff
+ run: |
+ ruff --version
+ ruff check mkosi/ tests/ kernel-install/50-mkosi.install
+
+ - name: Check that tabs are not used in code
+ run: sh -c '! git grep -P "\\t" "*.py"'
+
+ - name: Type Checking (mypy)
+ run: |
+ python3 -m mypy --version
+ python3 -m mypy mkosi/ tests/ kernel-install/50-mkosi.install
+
+ - name: Type Checking (pyright)
+ run: |
+ pyright --version
+ pyright mkosi/ tests/ kernel-install/50-mkosi.install
+
+ - name: Unit Tests
+ run: |
+ python3 -m pytest --version
+ python3 -m pytest -sv tests/
+
+ - name: Test execution from current working directory
+ run: python3 -m mkosi -h
+
+ - name: Test execution from current working directory (sudo call)
+ run: sudo python3 -m mkosi -h
+
+ - name: Test venv installation
+ run: |
+ python3 -m venv testvenv
+ testvenv/bin/python3 -m pip install --upgrade setuptools wheel pip
+ testvenv/bin/python3 -m pip install .
+ testvenv/bin/mkosi -h
+ rm -rf testvenv
+
+ - name: Test editable venv installation
+ run: |
+ python3 -m venv testvenv
+ testvenv/bin/python3 -m pip install --upgrade setuptools wheel pip
+ testvenv/bin/python3 -m pip install --editable .
+ testvenv/bin/mkosi -h
+ rm -rf testvenv
+
+ - name: Test zipapp creation
+ run: |
+ ./tools/generate-zipapp.sh
+ ./builddir/mkosi -h
+ ./builddir/mkosi documentation
+
+ - name: Run shellcheck on scripts
+ run: |
+ sudo apt-get update && sudo apt-get install --no-install-recommends shellcheck
+ bash -c 'shopt -s globstar; shellcheck bin/mkosi tools/*.sh'
+ bin/mkosi completion bash | shellcheck -
+
+ - name: Test man page generation
+ run: pandoc -s mkosi.md -o mkosi.1
integration-test:
runs-on: ubuntu-24.04
tools: opensuse
steps:
- - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- - uses: ./
-
- # Freeing up disk space with rm -rf can take multiple minutes. Since we don't need the extra free space
- # immediately, we remove the files in the background. However, we first move them to a different location so that
- # nothing tries to use anything in these directories anymore while we're busy deleting them.
- - name: Free disk space
- run: |
- sudo mv /usr/local /usr/local.trash
- sudo mv /opt/hostedtoolcache /opt/hostedtoolcache.trash
- sudo systemd-run rm -rf /usr/local.trash /opt/hostedtoolcache.trash
-
- - name: Install
- run: |
- sudo apt-get update
- sudo apt-get install python3-pytest lvm2 cryptsetup-bin btrfs-progs
- # Make sure the latest changes from the pull request are used.
- sudo ln -svf $PWD/bin/mkosi /usr/bin/mkosi
- working-directory: ./
-
- - name: Configure
- run: |
- tee mkosi.local.conf <<EOF
- [Output]
- ManifestFormat=json
-
- [Content]
- KernelCommandLine=systemd.default_device_timeout_sec=180
- Environment=SYSTEMD_REPART_MKFS_OPTIONS_EROFS="--quiet"
-
- [Host]
- QemuKvm=yes
- EOF
-
- # TODO: Remove once all distros have recent enough systemd that knows systemd.default_device_timeout_sec.
- mkdir -p mkosi-initrd/mkosi.extra/usr/lib/systemd/system.conf.d
- tee mkosi-initrd/mkosi.extra/usr/lib/systemd/system.conf.d/device-timeout.conf <<EOF
- [Manager]
- DefaultDeviceTimeoutSec=180
- EOF
-
- # fail if the script already exists, to avoid hard to debug CI errors
- [[ -f mkosi.configure ]] && exit 1
- tee mkosi.configure <<EOF
- echo "Hello from inside mkosi.configure!" >&2
- cat
- EOF
- chmod +x mkosi.configure
-
- # prepare and postinst are already used in CI
- for script in sync build finalize postoutput clean
- do
- [[ -f "mkosi.${script}" ]] && exit 1
- tee "mkosi.${script}" <<TOK
- echo "Hello from inside mkosi.${script}" >&2
- TOK
- chmod +x "mkosi.${script}"
- done
-
- - name: Run integration tests
- run: |
- sudo --preserve-env \
- timeout -k 30 1h python3 -m pytest \
- --tb=no \
- --capture=no \
- --verbose \
- -m integration \
- --distribution ${{ matrix.distro }} \
- --tools-tree-distribution ${{ matrix.tools }} \
- tests/
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+ - uses: ./
+
+ # Freeing up disk space with rm -rf can take multiple minutes. Since we don't need the extra free space
+ # immediately, we remove the files in the background. However, we first move them to a different location so that
+ # nothing tries to use anything in these directories anymore while we're busy deleting them.
+ - name: Free disk space
+ run: |
+ sudo mv /usr/local /usr/local.trash
+ sudo mv /opt/hostedtoolcache /opt/hostedtoolcache.trash
+ sudo systemd-run rm -rf /usr/local.trash /opt/hostedtoolcache.trash
+
+ - name: Install
+ run: |
+ sudo apt-get update
+ sudo apt-get install python3-pytest lvm2 cryptsetup-bin btrfs-progs
+ # Make sure the latest changes from the pull request are used.
+ sudo ln -svf $PWD/bin/mkosi /usr/bin/mkosi
+ working-directory: ./
+
+ - name: Configure
+ run: |
+ tee mkosi.local.conf <<EOF
+ [Output]
+ ManifestFormat=json
+
+ [Content]
+ KernelCommandLine=systemd.default_device_timeout_sec=180
+ Environment=SYSTEMD_REPART_MKFS_OPTIONS_EROFS="--quiet"
+
+ [Host]
+ QemuKvm=yes
+ EOF
+
+ # TODO: Remove once all distros have recent enough systemd that knows systemd.default_device_timeout_sec.
+ mkdir -p mkosi-initrd/mkosi.extra/usr/lib/systemd/system.conf.d
+ tee mkosi-initrd/mkosi.extra/usr/lib/systemd/system.conf.d/device-timeout.conf <<EOF
+ [Manager]
+ DefaultDeviceTimeoutSec=180
+ EOF
+
+ # fail if the script already exists, to avoid hard to debug CI errors
+ [[ -f mkosi.configure ]] && exit 1
+ tee mkosi.configure <<EOF
+ echo "Hello from inside mkosi.configure!" >&2
+ cat
+ EOF
+ chmod +x mkosi.configure
+
+ # prepare and postinst are already used in CI
+ for script in sync build finalize postoutput clean
+ do
+ [[ -f "mkosi.${script}" ]] && exit 1
+ tee "mkosi.${script}" <<TOK
+ echo "Hello from inside mkosi.${script}" >&2
+ TOK
+ chmod +x "mkosi.${script}"
+ done
+
+ - name: Run integration tests
+ run: |
+ sudo --preserve-env \
+ timeout -k 30 1h python3 -m pytest \
+ --tb=no \
+ --capture=no \
+ --verbose \
+ -m integration \
+ --distribution ${{ matrix.distro }} \
+ --tools-tree-distribution ${{ matrix.tools }} \
+ tests/
runs:
using: composite
steps:
+ - name: Permit unprivileged access to kvm, vhost-vsock and vhost-net devices
+ shell: bash
+ run: |
+ sudo mkdir -p /etc/tmpfiles.d
+ sudo cp /usr/lib/tmpfiles.d/static-nodes-permissions.conf /etc/tmpfiles.d/
+ sudo sed -i '/kvm/s/0660/0666/g' /etc/tmpfiles.d/static-nodes-permissions.conf
+ sudo sed -i '/vhost/s/0660/0666/g' /etc/tmpfiles.d/static-nodes-permissions.conf
+ sudo tee /etc/udev/rules.d/99-kvm4all.rules <<- EOF
+ KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"
+ KERNEL=="vhost-vsock", GROUP="kvm", MODE="0666", OPTIONS+="static_node=vhost-vsock"
+ KERNEL=="vhost-net", GROUP="kvm", MODE="0666", OPTIONS+="static_node=vhost-net"
+ EOF
+ sudo udevadm control --reload-rules
+ sudo modprobe kvm
+ sudo modprobe vhost_vsock
+ sudo modprobe vhost_net
+ [[ -e /dev/kvm ]] && sudo udevadm trigger --name-match=kvm
+ sudo udevadm trigger --name-match=vhost-vsock
+ sudo udevadm trigger --name-match=vhost-net
+ [[ -e /dev/kvm ]] && sudo chmod 666 /dev/kvm
+ sudo chmod 666 /dev/vhost-vsock
+ sudo chmod 666 /dev/vhost-net
+ lsmod
+ [[ -e /dev/kvm ]] && ls -l /dev/kvm
+ ls -l /dev/vhost-*
+ id
- - name: Permit unprivileged access to kvm, vhost-vsock and vhost-net devices
- shell: bash
- run: |
- sudo mkdir -p /etc/tmpfiles.d
- sudo cp /usr/lib/tmpfiles.d/static-nodes-permissions.conf /etc/tmpfiles.d/
- sudo sed -i '/kvm/s/0660/0666/g' /etc/tmpfiles.d/static-nodes-permissions.conf
- sudo sed -i '/vhost/s/0660/0666/g' /etc/tmpfiles.d/static-nodes-permissions.conf
- sudo tee /etc/udev/rules.d/99-kvm4all.rules <<- EOF
- KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"
- KERNEL=="vhost-vsock", GROUP="kvm", MODE="0666", OPTIONS+="static_node=vhost-vsock"
- KERNEL=="vhost-net", GROUP="kvm", MODE="0666", OPTIONS+="static_node=vhost-net"
- EOF
- sudo udevadm control --reload-rules
- sudo modprobe kvm
- sudo modprobe vhost_vsock
- sudo modprobe vhost_net
- [[ -e /dev/kvm ]] && sudo udevadm trigger --name-match=kvm
- sudo udevadm trigger --name-match=vhost-vsock
- sudo udevadm trigger --name-match=vhost-net
- [[ -e /dev/kvm ]] && sudo chmod 666 /dev/kvm
- sudo chmod 666 /dev/vhost-vsock
- sudo chmod 666 /dev/vhost-net
- lsmod
- [[ -e /dev/kvm ]] && ls -l /dev/kvm
- ls -l /dev/vhost-*
- id
+ - name: Check clock source
+ shell: bash
+ run: cat /sys/devices/system/clocksource/clocksource0/current_clocksource
- - name: Check clock source
- shell: bash
- run: cat /sys/devices/system/clocksource/clocksource0/current_clocksource
+ - name: Show environment
+ shell: bash
+ run: env
- - name: Show environment
- shell: bash
- run: env
-
- - name: Enable unprivileged user namespaces
- shell: bash
- run: |
+ - name: Enable unprivileged user namespaces
+ shell: bash
+ run: |
sudo sysctl --ignore --write kernel.apparmor_restrict_unprivileged_unconfined=0
sudo sysctl --ignore --write kernel.apparmor_restrict_unprivileged_userns=0
- # Both the unix-chkpwd and swtpm profiles are broken (https://gitlab.com/apparmor/apparmor/-/issues/402) so let's
- # just disable and remove apparmor completely. It's not relevant in this context anyway.
- # TODO: Remove if https://github.com/actions/runner-images/issues/10015 is ever fixed.
- - name: Disable and mask apparmor service
- shell: bash
- run: |
+ # Both the unix-chkpwd and swtpm profiles are broken (https://gitlab.com/apparmor/apparmor/-/issues/402) so let's
+ # just disable and remove apparmor completely. It's not relevant in this context anyway.
+ # TODO: Remove if https://github.com/actions/runner-images/issues/10015 is ever fixed.
+ - name: Disable and mask apparmor service
+ shell: bash
+ run: |
# This command fails with a non-zero error code even though it unloads the apparmor profiles.
# https://gitlab.com/apparmor/apparmor/-/issues/403
sudo aa-teardown || true
sudo apt-get remove apparmor
- - name: Dependencies
- shell: bash
- run: |
- # This is added by default, and it is often broken, but we don't need anything from it
- sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
- # For archlinux-keyring and pacman
- sudo add-apt-repository ppa:michel-slm/kernel-utils
- sudo apt-get update
- sudo apt-get install --assume-yes --no-install-recommends \
- archlinux-keyring \
- bubblewrap \
- debian-archive-keyring \
- dnf \
- makepkg \
- pacman-package-manager \
- systemd-container \
- zypper
+ - name: Dependencies
+ shell: bash
+ run: |
+ # This is added by default, and it is often broken, but we don't need anything from it
+ sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
+ # For archlinux-keyring and pacman
+ sudo add-apt-repository ppa:michel-slm/kernel-utils
+ sudo apt-get update
+ sudo apt-get install --assume-yes --no-install-recommends \
+ archlinux-keyring \
+ bubblewrap \
+ debian-archive-keyring \
+ dnf \
+ makepkg \
+ pacman-package-manager \
+ systemd-container \
+ zypper
- sudo pacman-key --init
- sudo pacman-key --populate archlinux
+ sudo pacman-key --init
+ sudo pacman-key --populate archlinux
- - name: Install
- shell: bash
- run: sudo ln -svf ${{ github.action_path }}/bin/mkosi /usr/bin/mkosi
+ - name: Install
+ shell: bash
+ run: sudo ln -svf ${{ github.action_path }}/bin/mkosi /usr/bin/mkosi
projects / thirdparty / mkosi.git / commitdiff
