Skip to content

mkosi-tools: Only install pkcs11-provider where available #9915

mkosi-tools: Only install pkcs11-provider where available

mkosi-tools: Only install pkcs11-provider where available #9915

Workflow file for this run

name: CI
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
unit-test:
runs-on: ubuntu-24.04
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Install
run: |
# This is added by default, and it is often broken, but we don't need anything from it
sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
sudo apt-get update
sudo apt-get install pandoc python3-pytest
python3 -m pip install --break-system-packages --upgrade setuptools wheel pip
python3 -m pip install --break-system-packages codespell mypy reuse ruff
npm install -g pyright
- name: Run ruff check
run: |
ruff --version
ruff check mkosi/ tests/ kernel-install/50-mkosi.install
- name: Run ruff format
run: |
ruff --version
if ! ruff format --check --quiet mkosi/ tests/ kernel-install/50-mkosi.install
then
echo "Please run 'ruff format' on the above files or apply the diffs below manually"
ruff format --check --quiet --diff mkosi/ tests/ kernel-install/50-mkosi.install
fi
- name: Check that tabs are not used in code
run: sh -c '! git grep -P "\\t" "*.py"'
- name: Spell Checking (codespell)
run: |
codespell --version
codespell
- name: License Checking (reuse)
run: |
reuse --version
reuse lint
- name: Type Checking (mypy)
run: |
python3 -m mypy --version
python3 -m mypy mkosi/ tests/ kernel-install/50-mkosi.install
- name: Type Checking (pyright)
run: |
pyright --version
pyright mkosi/ tests/ kernel-install/50-mkosi.install
- name: Unit Tests
run: |
python3 -m pytest --version
python3 -m pytest -sv tests/
- name: Test execution from current working directory
run: python3 -m mkosi -h
- name: Test execution from current working directory (sudo call)
run: sudo python3 -m mkosi -h
- name: Test venv installation
run: |
python3 -m venv testvenv
testvenv/bin/python3 -m pip install --upgrade setuptools wheel pip
testvenv/bin/python3 -m pip install .
testvenv/bin/mkosi -h
rm -rf testvenv
- name: Test editable venv installation
run: |
python3 -m venv testvenv
testvenv/bin/python3 -m pip install --upgrade setuptools wheel pip
testvenv/bin/python3 -m pip install --editable .
testvenv/bin/mkosi -h
rm -rf testvenv
- name: Test zipapp creation
run: |
./tools/generate-zipapp.sh
./builddir/mkosi -h
./builddir/mkosi documentation
- name: Run shellcheck on scripts
run: |
sudo apt-get update && sudo apt-get install --no-install-recommends shellcheck
bash -c 'shopt -s globstar; shellcheck bin/mkosi tools/*.sh'
bin/mkosi completion bash | shellcheck -
- name: Test man page generation
run: tools/make-man-page.sh
integration-test:
runs-on: ubuntu-24.04
needs: unit-test
concurrency:
group: ${{ github.workflow }}-${{ matrix.distro }}-${{ matrix.tools }}-${{ github.ref }}
cancel-in-progress: true
strategy:
fail-fast: false
matrix:
distro:
- arch
- centos
- debian
- fedora
- opensuse
- ubuntu
- azure
tools:
- arch
- debian
- fedora
- opensuse
- ubuntu
# TODO: Add CentOS once they have systemd v254 or newer.
exclude:
# pacman and archlinux-keyring are not packaged in openSUSE.
- distro: arch
tools: opensuse
# apt, debian-keyring and ubuntu-keyring are not packaged in openSUSE.
- distro: debian
tools: opensuse
- distro: ubuntu
tools: opensuse
# archlinux-keyring on Ubuntu is too old
# TODO: Re-enable if https://bugs.launchpad.net/ubuntu/+source/archlinux-keyring/+bug/2076416/ is resolved.
- distro: arch
tools: ubuntu
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- uses: ./
# Freeing up disk space with rm -rf can take multiple minutes. Since we don't need the extra free space
# immediately, we remove the files in the background. However, we first move them to a different location so that
# nothing tries to use anything in these directories anymore while we're busy deleting them.
- name: Free disk space
run: |
sudo mv /usr/local /usr/local.trash
sudo mv /opt/hostedtoolcache /opt/hostedtoolcache.trash
sudo systemd-run rm -rf /usr/local.trash /opt/hostedtoolcache.trash
- name: Install
run: |
sudo apt-get update
sudo apt-get install python3-pytest lvm2 cryptsetup-bin btrfs-progs sqop
# Make sure the latest changes from the pull request are used.
sudo ln -svf $PWD/bin/mkosi /usr/bin/mkosi
working-directory: ./
- name: Configure
run: |
tee mkosi.local.conf <<EOF
[Output]
ManifestFormat=json
[Content]
KernelCommandLine=systemd.default_device_timeout_sec=180
[Build]
Environment=SYSTEMD_REPART_MKFS_OPTIONS_EROFS="--quiet"
[Host]
QemuKvm=yes
EOF
# TODO: Remove once all distros have recent enough systemd that knows systemd.default_device_timeout_sec.
mkdir -p mkosi-initrd/mkosi.extra/usr/lib/systemd/system.conf.d
tee mkosi-initrd/mkosi.extra/usr/lib/systemd/system.conf.d/device-timeout.conf <<EOF
[Manager]
DefaultDeviceTimeoutSec=180
EOF
# fail if the script already exists, to avoid hard to debug CI errors
[[ -f mkosi.configure ]] && exit 1
tee mkosi.configure <<EOF
#!/bin/bash
echo "Hello from inside mkosi.configure!" >&2
cat
EOF
chmod +x mkosi.configure
# prepare and postinst are already used in CI
for script in sync build finalize postoutput clean
do
[[ -f "mkosi.${script}" ]] && exit 1
tee "mkosi.${script}" <<TOK
#!/bin/bash
echo "Hello from inside mkosi.${script}" >&2
TOK
chmod +x "mkosi.${script}"
done
- name: Build tools tree
run: |
# TODO: Remove grub2 hack when https://bugzilla.opensuse.org/show_bug.cgi?id=1227464 is resolved.
sudo --preserve-env \
mkosi \
--directory "" \
--distribution ${{ matrix.tools }} \
--include mkosi-tools \
$( [[ ${{ matrix.tools }} == opensuse ]] && echo --package=grub2)
- name: Run integration tests
run: |
sudo --preserve-env \
timeout -k 30 1h python3 -m pytest \
--tb=no \
--capture=no \
--verbose \
-m integration \
--distribution ${{ matrix.distro }} \
tests/