From: Daan De Meyer Date: Fri, 16 Aug 2024 22:47:17 +0000 (+0200) Subject: ci: Improve formatting a bit X-Git-Tag: v25~357^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d48fa5846121805e389075579a9a4d2bec3a5990;p=thirdparty%2Fmkosi.git ci: Improve formatting a bit --- diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 19ae998a7..a2f053f24 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -15,77 +15,77 @@ jobs: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - - - name: Install - run: | - # This is added by default, and it is often broken, but we don't need anything from it - sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list - sudo apt-get update - sudo apt-get install pandoc python3-pytest - python3 -m pip install --break-system-packages --upgrade setuptools wheel pip - python3 -m pip install --break-system-packages mypy ruff - npm install -g pyright - - - name: Run ruff - run: | - ruff --version - ruff check mkosi/ tests/ kernel-install/50-mkosi.install - - - name: Check that tabs are not used in code - run: sh -c '! git grep -P "\\t" "*.py"' - - - name: Type Checking (mypy) - run: | - python3 -m mypy --version - python3 -m mypy mkosi/ tests/ kernel-install/50-mkosi.install - - - name: Type Checking (pyright) - run: | - pyright --version - pyright mkosi/ tests/ kernel-install/50-mkosi.install - - - name: Unit Tests - run: | - python3 -m pytest --version - python3 -m pytest -sv tests/ - - - name: Test execution from current working directory - run: python3 -m mkosi -h - - - name: Test execution from current working directory (sudo call) - run: sudo python3 -m mkosi -h - - - name: Test venv installation - run: | - python3 -m venv testvenv - testvenv/bin/python3 -m pip install --upgrade setuptools wheel pip - testvenv/bin/python3 -m pip install . - testvenv/bin/mkosi -h - rm -rf testvenv - - - name: Test editable venv installation - run: | - python3 -m venv testvenv - testvenv/bin/python3 -m pip install --upgrade setuptools wheel pip - testvenv/bin/python3 -m pip install --editable . - testvenv/bin/mkosi -h - rm -rf testvenv - - - name: Test zipapp creation - run: | - ./tools/generate-zipapp.sh - ./builddir/mkosi -h - ./builddir/mkosi documentation - - - name: Run shellcheck on scripts - run: | - sudo apt-get update && sudo apt-get install --no-install-recommends shellcheck - bash -c 'shopt -s globstar; shellcheck bin/mkosi tools/*.sh' - bin/mkosi completion bash | shellcheck - - - - name: Test man page generation - run: pandoc -s mkosi.md -o mkosi.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + + - name: Install + run: | + # This is added by default, and it is often broken, but we don't need anything from it + sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list + sudo apt-get update + sudo apt-get install pandoc python3-pytest + python3 -m pip install --break-system-packages --upgrade setuptools wheel pip + python3 -m pip install --break-system-packages mypy ruff + npm install -g pyright + + - name: Run ruff + run: | + ruff --version + ruff check mkosi/ tests/ kernel-install/50-mkosi.install + + - name: Check that tabs are not used in code + run: sh -c '! git grep -P "\\t" "*.py"' + + - name: Type Checking (mypy) + run: | + python3 -m mypy --version + python3 -m mypy mkosi/ tests/ kernel-install/50-mkosi.install + + - name: Type Checking (pyright) + run: | + pyright --version + pyright mkosi/ tests/ kernel-install/50-mkosi.install + + - name: Unit Tests + run: | + python3 -m pytest --version + python3 -m pytest -sv tests/ + + - name: Test execution from current working directory + run: python3 -m mkosi -h + + - name: Test execution from current working directory (sudo call) + run: sudo python3 -m mkosi -h + + - name: Test venv installation + run: | + python3 -m venv testvenv + testvenv/bin/python3 -m pip install --upgrade setuptools wheel pip + testvenv/bin/python3 -m pip install . + testvenv/bin/mkosi -h + rm -rf testvenv + + - name: Test editable venv installation + run: | + python3 -m venv testvenv + testvenv/bin/python3 -m pip install --upgrade setuptools wheel pip + testvenv/bin/python3 -m pip install --editable . + testvenv/bin/mkosi -h + rm -rf testvenv + + - name: Test zipapp creation + run: | + ./tools/generate-zipapp.sh + ./builddir/mkosi -h + ./builddir/mkosi documentation + + - name: Run shellcheck on scripts + run: | + sudo apt-get update && sudo apt-get install --no-install-recommends shellcheck + bash -c 'shopt -s globstar; shellcheck bin/mkosi tools/*.sh' + bin/mkosi completion bash | shellcheck - + + - name: Test man page generation + run: pandoc -s mkosi.md -o mkosi.1 integration-test: runs-on: ubuntu-24.04 @@ -121,73 +121,73 @@ jobs: tools: opensuse steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - - uses: ./ - - # Freeing up disk space with rm -rf can take multiple minutes. Since we don't need the extra free space - # immediately, we remove the files in the background. However, we first move them to a different location so that - # nothing tries to use anything in these directories anymore while we're busy deleting them. - - name: Free disk space - run: | - sudo mv /usr/local /usr/local.trash - sudo mv /opt/hostedtoolcache /opt/hostedtoolcache.trash - sudo systemd-run rm -rf /usr/local.trash /opt/hostedtoolcache.trash - - - name: Install - run: | - sudo apt-get update - sudo apt-get install python3-pytest lvm2 cryptsetup-bin btrfs-progs - # Make sure the latest changes from the pull request are used. - sudo ln -svf $PWD/bin/mkosi /usr/bin/mkosi - working-directory: ./ - - - name: Configure - run: | - tee mkosi.local.conf <&2 - cat - EOF - chmod +x mkosi.configure - - # prepare and postinst are already used in CI - for script in sync build finalize postoutput clean - do - [[ -f "mkosi.${script}" ]] && exit 1 - tee "mkosi.${script}" <&2 - TOK - chmod +x "mkosi.${script}" - done - - - name: Run integration tests - run: | - sudo --preserve-env \ - timeout -k 30 1h python3 -m pytest \ - --tb=no \ - --capture=no \ - --verbose \ - -m integration \ - --distribution ${{ matrix.distro }} \ - --tools-tree-distribution ${{ matrix.tools }} \ - tests/ + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + - uses: ./ + + # Freeing up disk space with rm -rf can take multiple minutes. Since we don't need the extra free space + # immediately, we remove the files in the background. However, we first move them to a different location so that + # nothing tries to use anything in these directories anymore while we're busy deleting them. + - name: Free disk space + run: | + sudo mv /usr/local /usr/local.trash + sudo mv /opt/hostedtoolcache /opt/hostedtoolcache.trash + sudo systemd-run rm -rf /usr/local.trash /opt/hostedtoolcache.trash + + - name: Install + run: | + sudo apt-get update + sudo apt-get install python3-pytest lvm2 cryptsetup-bin btrfs-progs + # Make sure the latest changes from the pull request are used. + sudo ln -svf $PWD/bin/mkosi /usr/bin/mkosi + working-directory: ./ + + - name: Configure + run: | + tee mkosi.local.conf <&2 + cat + EOF + chmod +x mkosi.configure + + # prepare and postinst are already used in CI + for script in sync build finalize postoutput clean + do + [[ -f "mkosi.${script}" ]] && exit 1 + tee "mkosi.${script}" <&2 + TOK + chmod +x "mkosi.${script}" + done + + - name: Run integration tests + run: | + sudo --preserve-env \ + timeout -k 30 1h python3 -m pytest \ + --tb=no \ + --capture=no \ + --verbose \ + -m integration \ + --distribution ${{ matrix.distro }} \ + --tools-tree-distribution ${{ matrix.tools }} \ + tests/ diff --git a/action.yaml b/action.yaml index 64489d1c0..fbcb92662 100644 --- a/action.yaml +++ b/action.yaml @@ -4,80 +4,79 @@ description: Install mkosi runs: using: composite steps: + - name: Permit unprivileged access to kvm, vhost-vsock and vhost-net devices + shell: bash + run: | + sudo mkdir -p /etc/tmpfiles.d + sudo cp /usr/lib/tmpfiles.d/static-nodes-permissions.conf /etc/tmpfiles.d/ + sudo sed -i '/kvm/s/0660/0666/g' /etc/tmpfiles.d/static-nodes-permissions.conf + sudo sed -i '/vhost/s/0660/0666/g' /etc/tmpfiles.d/static-nodes-permissions.conf + sudo tee /etc/udev/rules.d/99-kvm4all.rules <<- EOF + KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm" + KERNEL=="vhost-vsock", GROUP="kvm", MODE="0666", OPTIONS+="static_node=vhost-vsock" + KERNEL=="vhost-net", GROUP="kvm", MODE="0666", OPTIONS+="static_node=vhost-net" + EOF + sudo udevadm control --reload-rules + sudo modprobe kvm + sudo modprobe vhost_vsock + sudo modprobe vhost_net + [[ -e /dev/kvm ]] && sudo udevadm trigger --name-match=kvm + sudo udevadm trigger --name-match=vhost-vsock + sudo udevadm trigger --name-match=vhost-net + [[ -e /dev/kvm ]] && sudo chmod 666 /dev/kvm + sudo chmod 666 /dev/vhost-vsock + sudo chmod 666 /dev/vhost-net + lsmod + [[ -e /dev/kvm ]] && ls -l /dev/kvm + ls -l /dev/vhost-* + id - - name: Permit unprivileged access to kvm, vhost-vsock and vhost-net devices - shell: bash - run: | - sudo mkdir -p /etc/tmpfiles.d - sudo cp /usr/lib/tmpfiles.d/static-nodes-permissions.conf /etc/tmpfiles.d/ - sudo sed -i '/kvm/s/0660/0666/g' /etc/tmpfiles.d/static-nodes-permissions.conf - sudo sed -i '/vhost/s/0660/0666/g' /etc/tmpfiles.d/static-nodes-permissions.conf - sudo tee /etc/udev/rules.d/99-kvm4all.rules <<- EOF - KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm" - KERNEL=="vhost-vsock", GROUP="kvm", MODE="0666", OPTIONS+="static_node=vhost-vsock" - KERNEL=="vhost-net", GROUP="kvm", MODE="0666", OPTIONS+="static_node=vhost-net" - EOF - sudo udevadm control --reload-rules - sudo modprobe kvm - sudo modprobe vhost_vsock - sudo modprobe vhost_net - [[ -e /dev/kvm ]] && sudo udevadm trigger --name-match=kvm - sudo udevadm trigger --name-match=vhost-vsock - sudo udevadm trigger --name-match=vhost-net - [[ -e /dev/kvm ]] && sudo chmod 666 /dev/kvm - sudo chmod 666 /dev/vhost-vsock - sudo chmod 666 /dev/vhost-net - lsmod - [[ -e /dev/kvm ]] && ls -l /dev/kvm - ls -l /dev/vhost-* - id + - name: Check clock source + shell: bash + run: cat /sys/devices/system/clocksource/clocksource0/current_clocksource - - name: Check clock source - shell: bash - run: cat /sys/devices/system/clocksource/clocksource0/current_clocksource + - name: Show environment + shell: bash + run: env - - name: Show environment - shell: bash - run: env - - - name: Enable unprivileged user namespaces - shell: bash - run: | + - name: Enable unprivileged user namespaces + shell: bash + run: | sudo sysctl --ignore --write kernel.apparmor_restrict_unprivileged_unconfined=0 sudo sysctl --ignore --write kernel.apparmor_restrict_unprivileged_userns=0 - # Both the unix-chkpwd and swtpm profiles are broken (https://gitlab.com/apparmor/apparmor/-/issues/402) so let's - # just disable and remove apparmor completely. It's not relevant in this context anyway. - # TODO: Remove if https://github.com/actions/runner-images/issues/10015 is ever fixed. - - name: Disable and mask apparmor service - shell: bash - run: | + # Both the unix-chkpwd and swtpm profiles are broken (https://gitlab.com/apparmor/apparmor/-/issues/402) so let's + # just disable and remove apparmor completely. It's not relevant in this context anyway. + # TODO: Remove if https://github.com/actions/runner-images/issues/10015 is ever fixed. + - name: Disable and mask apparmor service + shell: bash + run: | # This command fails with a non-zero error code even though it unloads the apparmor profiles. # https://gitlab.com/apparmor/apparmor/-/issues/403 sudo aa-teardown || true sudo apt-get remove apparmor - - name: Dependencies - shell: bash - run: | - # This is added by default, and it is often broken, but we don't need anything from it - sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list - # For archlinux-keyring and pacman - sudo add-apt-repository ppa:michel-slm/kernel-utils - sudo apt-get update - sudo apt-get install --assume-yes --no-install-recommends \ - archlinux-keyring \ - bubblewrap \ - debian-archive-keyring \ - dnf \ - makepkg \ - pacman-package-manager \ - systemd-container \ - zypper + - name: Dependencies + shell: bash + run: | + # This is added by default, and it is often broken, but we don't need anything from it + sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list + # For archlinux-keyring and pacman + sudo add-apt-repository ppa:michel-slm/kernel-utils + sudo apt-get update + sudo apt-get install --assume-yes --no-install-recommends \ + archlinux-keyring \ + bubblewrap \ + debian-archive-keyring \ + dnf \ + makepkg \ + pacman-package-manager \ + systemd-container \ + zypper - sudo pacman-key --init - sudo pacman-key --populate archlinux + sudo pacman-key --init + sudo pacman-key --populate archlinux - - name: Install - shell: bash - run: sudo ln -svf ${{ github.action_path }}/bin/mkosi /usr/bin/mkosi + - name: Install + shell: bash + run: sudo ln -svf ${{ github.action_path }}/bin/mkosi /usr/bin/mkosi