From 8612d3d858fa108e5732a586d4e2d0227ae34422 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Mon, 16 Sep 2024 20:20:20 +0200 Subject: Merging upstream version 256.4. Signed-off-by: Daniel Baumann --- .github/workflows/build_test.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/coverity.yml | 2 +- .github/workflows/development_freeze.yml | 2 +- .github/workflows/differential-shellcheck.yml | 2 +- .github/workflows/gather-pr-metadata.yml | 2 +- .github/workflows/issue_labeler.yml | 2 +- .github/workflows/labeler.yml | 2 +- .github/workflows/linter.yml | 2 +- .github/workflows/mkosi.yml | 22 +++++++++++++++++++--- .github/workflows/scorecards.yml | 2 +- .github/workflows/unit_tests.yml | 2 +- 12 files changed, 30 insertions(+), 14 deletions(-) (limited to '.github') diff --git a/.github/workflows/build_test.yml b/.github/workflows/build_test.yml index 164b3a0..284a284 100644 --- a/.github/workflows/build_test.yml +++ b/.github/workflows/build_test.yml @@ -33,6 +33,6 @@ jobs: env: ${{ matrix.env }} steps: - name: Repository checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - name: Build check run: .github/workflows/build_test.sh diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 0d284f7..4065cae 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -42,7 +42,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - name: Initialize CodeQL uses: github/codeql-action/init@3ab4101902695724f9365a384f86c1074d94e18c diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml index ad7a5d2..06f4f5f 100644 --- a/.github/workflows/coverity.yml +++ b/.github/workflows/coverity.yml @@ -22,7 +22,7 @@ jobs: COVERITY_SCAN_NOTIFICATION_EMAIL: "${{ secrets.COVERITY_SCAN_NOTIFICATION_EMAIL }}" steps: - name: Repository checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # Reuse the setup phase of the unit test script to avoid code duplication - name: Install build dependencies run: sudo -E .github/workflows/unit_tests.sh SETUP diff --git a/.github/workflows/development_freeze.yml b/.github/workflows/development_freeze.yml index c2360a3..becbbdc 100644 --- a/.github/workflows/development_freeze.yml +++ b/.github/workflows/development_freeze.yml @@ -30,7 +30,7 @@ jobs: name: Pull Request Metadata - name: Repository checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 with: fetch-depth: 0 diff --git a/.github/workflows/differential-shellcheck.yml b/.github/workflows/differential-shellcheck.yml index 244f5d5..68c2c72 100644 --- a/.github/workflows/differential-shellcheck.yml +++ b/.github/workflows/differential-shellcheck.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Repository checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 with: fetch-depth: 0 diff --git a/.github/workflows/gather-pr-metadata.yml b/.github/workflows/gather-pr-metadata.yml index e4a0caf..633cca1 100644 --- a/.github/workflows/gather-pr-metadata.yml +++ b/.github/workflows/gather-pr-metadata.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Repository checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - id: metadata name: Gather Pull Request Metadata diff --git a/.github/workflows/issue_labeler.yml b/.github/workflows/issue_labeler.yml index 4bedf0d..fb26d4f 100644 --- a/.github/workflows/issue_labeler.yml +++ b/.github/workflows/issue_labeler.yml @@ -20,7 +20,7 @@ jobs: template: [ bug_report.yml, feature_request.yml ] steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - name: Parse issue form uses: stefanbuck/github-issue-parser@1e5bdee70d4b3e066a33aa0669ab782943825f94 diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml index 57e8c89..2058d22 100644 --- a/.github/workflows/labeler.yml +++ b/.github/workflows/labeler.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Repository checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 if: github.event_name == 'pull_request' - name: Label PR based on policy in labeler.yml diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index cf0bc09..b66720a 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Repo checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 with: # We need a full repo clone fetch-depth: 0 diff --git a/.github/workflows/mkosi.yml b/.github/workflows/mkosi.yml index 1b2f77c..7070e9c 100644 --- a/.github/workflows/mkosi.yml +++ b/.github/workflows/mkosi.yml @@ -59,40 +59,53 @@ jobs: sanitizers: "" llvm: 0 cflags: "-O2 -D_FORTIFY_SOURCE=3" + relabel: no - distro: debian release: testing sanitizers: "" llvm: 0 cflags: "-Og" + relabel: no - distro: ubuntu release: noble sanitizers: "" llvm: 0 cflags: "-Og" + relabel: no - distro: fedora release: "40" sanitizers: "" llvm: 0 cflags: "-Og" + relabel: yes - distro: fedora release: rawhide sanitizers: address,undefined llvm: 1 cflags: "-Og" + relabel: yes - distro: opensuse release: tumbleweed sanitizers: "" llvm: 0 cflags: "-Og" + relabel: no - distro: centos release: "9" sanitizers: "" llvm: 0 cflags: "-Og" + relabel: yes + - distro: centos + release: "10" + sanitizers: "" + llvm: 0 + cflags: "-Og" + relabel: yes steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 - - uses: systemd/mkosi@70aa901697f12182ccaa24e2325867d275479b55 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + - uses: systemd/mkosi@7e975957a6af65c2e70428b6cda0c163ca7e1adc # Freeing up disk space with rm -rf can take multiple minutes. Since we don't need the extra free space # immediately, we remove the files in the background. However, we first move them to a different location @@ -140,6 +153,9 @@ jobs: SANITIZERS=${{ matrix.sanitizers }} MESON_OPTIONS=--werror LLVM=${{ matrix.llvm }} + SYSEXT=1 + + SELinuxRelabel=${{ matrix.relabel }} [Host] QemuMem=4G @@ -187,7 +203,7 @@ jobs: -Dvmspawn=enabled - name: Build image - run: meson compile -C build mkosi + run: sudo meson compile -C build mkosi - name: Run integration tests run: sudo --preserve-env meson test -C build --no-rebuild --suite integration-tests --print-errorlogs --no-stdsplit --num-processes "$(($(nproc) - 1))" diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 44ee6f1..c7bd6c4 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -29,7 +29,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: persist-credentials: false diff --git a/.github/workflows/unit_tests.yml b/.github/workflows/unit_tests.yml index 895068c..a83b485 100644 --- a/.github/workflows/unit_tests.yml +++ b/.github/workflows/unit_tests.yml @@ -30,7 +30,7 @@ jobs: cryptolib: gcrypt steps: - name: Repository checkout - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - name: Install build dependencies run: | # Drop XDG_* stuff from /etc/environment, so we don't get the user -- cgit v1.2.3