From 8385230ff933444ed41904d477b2bd3ee9605f40 Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Wed, 24 Jan 2024 14:30:45 -0500 Subject: [PATCH] [v4.7] Disable CI This branch is no longer maintained, therefore no CI will ever be needed on it ever again. Signed-off-by: Chris Evich --- .cirrus.yml | 1175 ------------------ .github/workflows/check_cirrus_cron.yml | 92 -- .github/workflows/discussion_lock.yml | 68 - .github/workflows/fcos-podman-next-build.yml | 52 - .github/workflows/issue-labeler.yml | 21 - .github/workflows/labeler.yml | 15 - .github/workflows/mac-pkg.yml | 154 --- .github/workflows/pr-title.yml | 24 - .github/workflows/rerun_cirrus_cron.yml | 78 -- .github/workflows/stale.yml | 31 - .github/workflows/upload-win-installer.yml | 151 --- .packit.sh | 38 - .packit.yaml | 77 -- 13 files changed, 1976 deletions(-) delete mode 100644 .cirrus.yml delete mode 100644 .github/workflows/check_cirrus_cron.yml delete mode 100644 .github/workflows/discussion_lock.yml delete mode 100644 .github/workflows/fcos-podman-next-build.yml delete mode 100644 .github/workflows/issue-labeler.yml delete mode 100644 .github/workflows/labeler.yml delete mode 100644 .github/workflows/mac-pkg.yml delete mode 100644 .github/workflows/pr-title.yml delete mode 100644 .github/workflows/rerun_cirrus_cron.yml delete mode 100644 .github/workflows/stale.yml delete mode 100644 .github/workflows/upload-win-installer.yml delete mode 100644 .packit.sh delete mode 100644 .packit.yaml diff --git a/.cirrus.yml b/.cirrus.yml deleted file mode 100644 index 2f6ebe10bd..0000000000 --- a/.cirrus.yml +++ /dev/null @@ -1,1175 +0,0 @@ ---- - -# Main collection of env. vars to set for all tasks and scripts. -env: - #### - #### Global variables used for all tasks - #### - # Name of the ultimate destination branch for this CI run, PR or post-merge. - DEST_BRANCH: "v4.7" - # Sane (default) value for GOPROXY and GOSUMDB. - GOPROXY: "https://proxy.golang.org,direct" - GOSUMDB: "sum.golang.org" - # Overrides default location (/tmp/cirrus) for repo clone - GOPATH: &gopath "/var/tmp/go" - GOCACHE: "${GOPATH}/cache" - GOSRC: &gosrc "/var/tmp/go/src/github.com/containers/podman" - CIRRUS_WORKING_DIR: *gosrc - # The default is 'sh' if unspecified - CIRRUS_SHELL: "/bin/bash" - # Save a little typing (path relative to $CIRRUS_WORKING_DIR) - SCRIPT_BASE: "./contrib/cirrus" - # Runner statistics log file path/name - STATS_LOGFILE_SFX: 'runner_stats.log' - STATS_LOGFILE: '$GOSRC/${CIRRUS_TASK_NAME}-${STATS_LOGFILE_SFX}' - - #### - #### Cache-image names to test with (double-quotes around names are critical) - #### - FEDORA_NAME: "fedora-38" - FEDORA_AARCH64_NAME: "${FEDORA_NAME}-aarch64" - PRIOR_FEDORA_NAME: "fedora-37" - RAWHIDE_NAME: "rawhide" - DEBIAN_NAME: "debian-13" - - # Image identifiers - IMAGE_SUFFIX: "c20230816t191118z-f38f37d13" - - # EC2 images - FEDORA_AMI: "fedora-aws-${IMAGE_SUFFIX}" - FEDORA_AARCH64_AMI: "fedora-podman-aws-arm64-${IMAGE_SUFFIX}" - # GCP Images - FEDORA_CACHE_IMAGE_NAME: "fedora-${IMAGE_SUFFIX}" - PRIOR_FEDORA_CACHE_IMAGE_NAME: "prior-fedora-${IMAGE_SUFFIX}" - RAWHIDE_CACHE_IMAGE_NAME: "rawhide-${IMAGE_SUFFIX}" - DEBIAN_CACHE_IMAGE_NAME: "debian-${IMAGE_SUFFIX}" - # Container FQIN's - FEDORA_CONTAINER_FQIN: "quay.io/libpod/fedora_podman:${IMAGE_SUFFIX}" - PRIOR_FEDORA_CONTAINER_FQIN: "quay.io/libpod/prior-fedora_podman:${IMAGE_SUFFIX}" - WINDOWS_AMI: "win-server-wsl-${IMAGE_SUFFIX}" - #### - #### Control variables that determine what to run and how to run it. - #### N/B: Required ALL of these are set for every single task. - #### - TEST_FLAVOR: # int, sys, ext_svc, validate, automation, etc. - TEST_ENVIRON: host # 'host', or 'container' - PODBIN_NAME: podman # 'podman' or 'remote' - PRIV_NAME: root # 'root' or 'rootless' - DISTRO_NV: # any {PRIOR_,}{FEDORA,DEBIAN}_NAME value - VM_IMAGE_NAME: # One of the "Google-cloud VM Images" (above) - CTR_FQIN: # One of the "Container FQIN's" (above) - CI_DESIRED_DATABASE: boltdb # One of "", "sqlite", "boltdb" - - # Curl-command prefix for downloading task artifacts, simply add the - # the url-encoded task name, artifact name, and path as a suffix. - ART_URL: https://api.cirrus-ci.com/v1/artifact/build/${CIRRUS_BUILD_ID} - ARTCURL: >- - curl --retry 5 --retry-delay 8 --fail --location -O - --url ${ART_URL} - - -# Default timeout for each task -timeout_in: 60m - - -gcp_credentials: ENCRYPTED[a28959877b2c9c36f151781b0a05407218cda646c7d047fc556e42f55e097e897ab63ee78369dae141dcf0b46a9d0cdd] - -aws_credentials: ENCRYPTED[4ca070bffe28eb9b27d63c568b52970dd46f119c3a83b8e443241e895dbf1737580b4d84eed27a311a2b74287ef9f79f] - - -# N/B: This matrix of build tasks are critical to CI, along with the following -# aarch64 task. They build binaries for all CI platforms, and versions. On -# success, the contents of the repository are preserved as an artifact for -# consumption by most subsequent CI tasks. This saves about 3-5 minutes of -# otherwise duplicative effort in most tasks. -build_task: - alias: 'build' - name: 'Build for $DISTRO_NV' - gce_instance: &standardvm - image_project: libpod-218412 - zone: "us-central1-a" - cpu: 2 - memory: "4Gb" - # Required to be 200gig, do not modify - has i/o performance impact - # according to gcloud CLI tool warning messages. - disk: 200 - image_name: "${VM_IMAGE_NAME}" # from stdenvars - matrix: &platform_axis - # Ref: https://cirrus-ci.org/guide/writing-tasks/#matrix-modification - - env: &stdenvars - DISTRO_NV: ${FEDORA_NAME} - # Not used here, is used in other tasks - VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME} - CTR_FQIN: ${FEDORA_CONTAINER_FQIN} - # ID for re-use of build output - CI_DESIRED_RUNTIME: crun - CI_DESIRED_NETWORK: netavark - CI_DESIRED_DATABASE: boltdb - - env: &sqliteenvvars - DISTRO_NV: ${FEDORA_NAME} - # Not used here, is used in other tasks - VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME} - CTR_FQIN: ${FEDORA_CONTAINER_FQIN} - # ID for re-use of build output - CI_DESIRED_RUNTIME: crun - CI_DESIRED_NETWORK: netavark - CI_DESIRED_DATABASE: sqlite - - env: &priorfedora_envvars - DISTRO_NV: ${PRIOR_FEDORA_NAME} - VM_IMAGE_NAME: ${PRIOR_FEDORA_CACHE_IMAGE_NAME} - CTR_FQIN: ${PRIOR_FEDORA_CONTAINER_FQIN} - CI_DESIRED_RUNTIME: crun - CI_DESIRED_NETWORK: cni - # Catch invalid "TMPDIR == /tmp" assumptions; PR #19281 - TMPDIR: /var/tmp - - env: - <<: *sqliteenvvars - DISTRO_NV: ${RAWHIDE_NAME} - VM_IMAGE_NAME: ${RAWHIDE_CACHE_IMAGE_NAME} - CTR_FQIN: "" - - env: &debian_envvars - DISTRO_NV: ${DEBIAN_NAME} - VM_IMAGE_NAME: ${DEBIAN_CACHE_IMAGE_NAME} - CI_DESIRED_RUNTIME: runc - CI_DESIRED_NETWORK: netavark - env: - TEST_FLAVOR: build - # NOTE: The default way Cirrus-CI clones is *NOT* compatible with - # environment expectations in contrib/cirrus/lib.sh. Specifically - # the 'origin' remote must be defined, and all remote branches/tags - # must be available for reference from CI scripts. - clone_script: &full_clone | - cd / - rm -rf $CIRRUS_WORKING_DIR - mkdir -p $CIRRUS_WORKING_DIR - git clone --recursive --branch=$DEST_BRANCH https://x-access-token:${CIRRUS_REPO_CLONE_TOKEN}@github.com/${CIRRUS_REPO_FULL_NAME}.git $CIRRUS_WORKING_DIR - cd $CIRRUS_WORKING_DIR - git remote update origin - if [[ -n "$CIRRUS_PR" ]]; then # running for a PR - git fetch origin pull/$CIRRUS_PR/head:pull/$CIRRUS_PR - git checkout pull/$CIRRUS_PR - else - git reset --hard $CIRRUS_CHANGE_IN_REPO - fi - # Some test operations & checks require a git "identity" - _gc='git config --file /root/.gitconfig' - $_gc user.email "TMcTestFace@example.com" - $_gc user.name "Testy McTestface" - # Attempt to prevent flakes by confirming basic environment expectations, - # network service connectivity and essential container image availability. - prebuild_script: &prebuild $SCRIPT_BASE/prebuild.sh - # Standard setup stage call, used by nearly every task in CI. - setup_script: &setup '$GOSRC/$SCRIPT_BASE/setup_environment.sh' - # Attempt to prevent flakes by confirming automation environment and - # all required external/3rd-party services are available and functional. - # Standard main execution stage call, used by nearly every task in CI. - main_script: &main '/usr/bin/time --verbose --output="$STATS_LOGFILE" $GOSRC/$SCRIPT_BASE/runner.sh' - # Attempt to catch code-quality and vendoring problems early. - postbuild_script: &postbuild $SCRIPT_BASE/postbuild.sh - # Cirrus-CI is very slow uploading one file at time, and the repo contains - # thousands of files. Speed this up by archiving into tarball first. - repo_prep_script: &repo_prep >- - tar cjf /tmp/repo.tbz -C $GOSRC . && mv /tmp/repo.tbz $GOSRC/ - repo_artifacts: &repo_artifacts - path: ./repo.tbz - type: application/octet-stream - always: &runner_stats - runner_stats_artifacts: - path: ./*-${STATS_LOGFILE_SFX} - type: text/plain - -build_aarch64_task: - alias: 'build_aarch64' - name: 'Build for $DISTRO_NV' - ec2_instance: &standard_build_ec2_aarch64 - image: ${VM_IMAGE_NAME} - type: ${EC2_INST_TYPE} - region: us-east-1 - architecture: arm64 # CAUTION: This has to be "arm64", not "aarch64". - env: &stdenvars_aarch64 - EC2_INST_TYPE: "t4g.xlarge" - DISTRO_NV: ${FEDORA_AARCH64_NAME} - VM_IMAGE_NAME: ${FEDORA_AARCH64_AMI} - CTR_FQIN: ${FEDORA_CONTAINER_FQIN} - CI_DESIRED_RUNTIME: crun - CI_DESIRED_NETWORK: netavark - TEST_FLAVOR: build - clone_script: *full_clone - prebuild_script: *prebuild - setup_script: *setup - postbuild_script: *postbuild - main_script: *main - # Cirrus-CI is very slow uploading one file at time, and the repo contains - # thousands of files. Speed this up by archiving into tarball first. - repo_prep_script: &repo_prep_aarch64 >- - tar cjf /tmp/repo.tbz -C $GOSRC . && mv /tmp/repo.tbz $GOSRC/ - repo_artifacts: &repo_artifacts_aarch64 - path: ./repo.tbz - type: application/octet-stream - always: *runner_stats - - -# Confirm the result of building on at least one platform appears sane. -# This confirms the binaries can be executed, checks --help vs docs, and -# other essential post-build validation checks. -validate_task: - name: "Validate ${DISTRO_NV} Build" - alias: validate - # This task is primarily intended to catch human-errors early on, in a - # PR. Skip it for branch-push, branch-create, and tag-push to improve - # automation reliability/speed in those contexts. Any missed errors due - # to nonsequential PR merging practices, will be caught on a future PR, - # build or test task failures. - # Docs: ./contrib/cirrus/CIModes.md - only_if: &is_pr "$CIRRUS_PR != ''" - depends_on: - - build - # golangci-lint is a very, very hungry beast. - gce_instance: &bigvm - <<: *standardvm - cpu: 8 - memory: "16Gb" - matrix: - - env: - <<: *stdenvars - VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME} - DISTRO_NV: ${FEDORA_NAME} - - env: - <<: *stdenvars - VM_IMAGE_NAME: ${RAWHIDE_CACHE_IMAGE_NAME} - DISTRO_NV: ${RAWHIDE_NAME} - env: - TEST_FLAVOR: validate - # N/B: This script depends on ${DISTRO_NV} being defined for the task. - clone_script: &get_gosrc | - cd /tmp - echo "$ARTCURL/Build%20for%20${DISTRO_NV}/repo/repo.tbz" - time $ARTCURL/Build%20for%20${DISTRO_NV}/repo/repo.tbz - time tar xjf /tmp/repo.tbz -C $GOSRC - setup_script: *setup - main_script: *main - always: *runner_stats - - -# Confirm the result of building on at least one platform appears sane. -# This confirms the binaries can be executed, checks --help vs docs, and -# other essential post-build validation checks. -validate_aarch64_task: - name: "Validate $DISTRO_NV Build" - alias: validate_aarch64 - # This task is primarily intended to catch human-errors early on, in a - # PR. Skip it for branch-push, branch-create, and tag-push to improve - # automation reliability/speed in those contexts. Any missed errors due - # to nonsequential PR merging practices, will be caught on a future PR, - # build or test task failures. - # Docs: ./contrib/cirrus/CIModes.md - only_if: *is_pr - depends_on: - - build_aarch64 - ec2_instance: *standard_build_ec2_aarch64 - env: - <<: *stdenvars_aarch64 - TEST_FLAVOR: validate - DISTRO_NV: ${FEDORA_AARCH64_NAME} - # N/B: This script depends on ${DISTRO_NV} being defined for the task. - clone_script: &get_gosrc_aarch64 | - cd /tmp - echo "$ARTCURL/build_aarch64/repo/repo.tbz" - time $ARTCURL/build_aarch64/repo/repo.tbz - time tar xjf /tmp/repo.tbz -C $GOSRC - setup_script: *setup - main_script: *main - always: *runner_stats - - -# Exercise the "libpod" API with a small set of common -# operations to ensure they are functional. -bindings_task: - name: "Test Bindings" - alias: bindings - # Don't create task for PRs using [CI:DOCS] or [CI:BUILD] - # Docs: ./contrib/cirrus/CIModes.md - only_if: >- - $CIRRUS_PR != '' && - $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' && - $CIRRUS_CHANGE_TITLE !=~ '.*CI:BUILD.*' - depends_on: - - build - gce_instance: *standardvm - env: - <<: *stdenvars - TEST_FLAVOR: bindings - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: &logs_artifacts - <<: *runner_stats - # Required for `contrib/cirrus/logformatter` to work properly - html_artifacts: - path: ./*.html - type: text/html - server_log_artifacts: - path: ./podman-server.log - type: text/plain - df_script: '$SCRIPT_BASE/logcollector.sh df' - audit_log_script: '$SCRIPT_BASE/logcollector.sh audit' - journal_script: '$SCRIPT_BASE/logcollector.sh journal' - podman_system_info_script: '$SCRIPT_BASE/logcollector.sh podman' - time_script: '$SCRIPT_BASE/logcollector.sh time' - - -# Build the "libpod" API documentation `swagger.yaml` and -# publish it to google-cloud-storage (GCS). -swagger_task: - name: "Test Swagger" - alias: swagger - # Don't create task for [CI:BUILD] - # Docs: ./contrib/cirrus/CIModes.md - only_if: $CIRRUS_CHANGE_TITLE !=~ '.*CI:BUILD.*' - depends_on: - - build - gce_instance: *standardvm - env: - <<: *stdenvars - TEST_FLAVOR: swagger - CTR_FQIN: 'quay.io/libpod/gcsupld:${IMAGE_SUFFIX}' - GCPJSON: ENCRYPTED[927dc01e755eaddb4242b0845cf86c9098d1e3dffac38c70aefb1487fd8b4fe6dd6ae627b3bffafaba70e2c63172664e] - GCPNAME: ENCRYPTED[c145e9c16b6fb88d476944a454bf4c1ccc84bb4ecaca73bdd28bdacef0dfa7959ebc8171a27b2e4064d66093b2cdba49] - GCPPROJECT: 'libpod-218412' - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: - <<: *runner_stats - swagger_artifacts: - path: ./swagger.yaml - type: text/plain - - -# There are several other important variations of podman which -# must always build successfully. Most of them are handled in -# this task, though a few need dedicated tasks which follow. -alt_build_task: - name: "$ALT_NAME" - alias: alt_build - # Don't create task for [CI:DOCS], or rhel-release builds - # Docs: ./contrib/cirrus/CIModes.md - only_if: &no_rhel_release | - $CIRRUS_BRANCH !=~ 'v[0-9\.]+-rhel' && - $CIRRUS_BASE_BRANCH !=~ 'v[0-9\.]+-rhel' - depends_on: - - build - env: - <<: *stdenvars - TEST_FLAVOR: "altbuild" - gce_instance: *standardvm - matrix: - - env: - ALT_NAME: 'Build Each Commit' - - env: - ALT_NAME: 'Windows Cross' - - env: - ALT_NAME: 'Alt Arch. x86 Cross' - - env: - ALT_NAME: 'Alt Arch. ARM Cross' - - env: - ALT_NAME: 'Alt Arch. MIPS Cross' - - env: - ALT_NAME: 'Alt Arch. MIPS64 Cross' - - env: - ALT_NAME: 'Alt Arch. Other Cross' - # This task cannot make use of the shared repo.tbz artifact. - clone_script: *full_clone - setup_script: *setup - main_script: *main - # Produce a new repo.tbz artifact for consumption by 'artifacts' task. - repo_prep_script: *repo_prep - repo_artifacts: *repo_artifacts - always: *runner_stats - - -win_installer_task: - name: "Verify Win Installer Build" - alias: win_installer - only_if: - $CIRRUS_TAG == '' && - $CIRRUS_BRANCH !=~ 'v[0-9\.]+-rhel' && - $CIRRUS_BASE_BRANCH !=~ 'v[0-9\.]+-rhel' - depends_on: - - alt_build - ec2_instance: - image: "${WINDOWS_AMI}" - type: m5.large - region: us-east-1 - platform: windows - env: - PATH: "${PATH};C:\\ProgramData\\chocolatey\\bin" - CIRRUS_SHELL: powershell - # Fake version, we are only testing the installer functions, so version doesn't matter - WIN_INST_VER: 9.9.9 - CIRRUS_WORKING_DIR: "${LOCALAPPDATA}\\cirrus-ci-build" - install_script: '.\contrib\cirrus\win-installer-install.ps1' - main_script: '.\contrib\cirrus\win-installer-main.ps1' - - -# Confirm building the remote client, natively on a Mac OS-X VM. -osx_alt_build_task: - name: "OSX Cross" - alias: osx_alt_build - # Docs: ./contrib/cirrus/CIModes.md - only_if: *no_rhel_release - depends_on: - - build - env: - DISTRO_NV: macos-ventura - VM_IMAGE_NAME: ghcr.io/cirruslabs/${DISTRO_NV}-base:latest - CTR_FQIN: notused - # OSX platform variation prevents this being included in alt_build_task - TEST_FLAVOR: "altbuild" - ALT_NAME: 'OSX Cross' - osx_instance: - image: $VM_IMAGE_NAME - setup_script: - - brew install go - - brew install go-md2man - - go version - build_amd64_script: - - make podman-remote-release-darwin_amd64.zip - build_arm64_script: - - make podman-remote-release-darwin_arm64.zip - build_pkginstaller_script: - - cd contrib/pkginstaller - - make ARCH=amd64 NO_CODESIGN=1 pkginstaller - - make ARCH=aarch64 NO_CODESIGN=1 pkginstaller - # This task cannot make use of the shared repo.tbz artifact and must - # produce a new repo.tbz artifact for consumption by 'artifacts' task. - repo_prep_script: *repo_prep - repo_artifacts: *repo_artifacts - always: *runner_stats - - -# Build freebsd release natively on a FreeBSD VM. -freebsd_alt_build_task: - name: "FreeBSD Cross" - alias: freebsd_alt_build - # Only run on 'main' and PRs against 'main' - # Docs: ./contrib/cirrus/CIModes.md - only_if: | - $CIRRUS_BRANCH == 'main' || $CIRRUS_BASE_BRANCH == 'main' - depends_on: - - build - env: - <<: *stdenvars - # Functional FreeBSD builds must be built natively since they depend on CGO - DISTRO_NV: freebsd-13 - VM_IMAGE_NAME: notyet - CTR_FQIN: notyet - CIRRUS_SHELL: "/bin/sh" - TEST_FLAVOR: "altbuild" - ALT_NAME: 'FreeBSD Cross' - freebsd_instance: - image_family: freebsd-13-2 - setup_script: - - pkg install -y gpgme bash go-md2man gmake gsed gnugrep go pkgconf - build_amd64_script: - - gmake podman-release - # This task cannot make use of the shared repo.tbz artifact and must - # produce a new repo.tbz artifact for consumption by 'artifacts' task. - repo_prep_script: *repo_prep - repo_artifacts: *repo_artifacts - - -# Verify podman is compatible with the docker python-module. -docker-py_test_task: - name: Docker-py Compat. - alias: docker-py_test - # Don't create task for tags, branches, or PRs w/ [CI:DOCS] or [CI:BUILD] - # N/B: for PRs $CIRRUS_BRANCH == 'pull/' - # Docs: ./contrib/cirrus/CIModes.md - only_if: ¬_tag_branch_build_docs >- - $CIRRUS_PR != '' && - $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' && - $CIRRUS_CHANGE_TITLE !=~ '.*CI:BUILD.*' - - depends_on: - - build - gce_instance: *standardvm - env: - <<: *stdenvars - TEST_FLAVOR: docker-py - TEST_ENVIRON: container - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: *runner_stats - - -# Does exactly what it says, execute the podman unit-tests on Fedora. -unit_test_task: - name: "Unit tests on $DISTRO_NV" - alias: unit_test - # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_branch_build_docs - depends_on: - - build - - validate - matrix: - - env: *stdenvars - # Special-case: Rootless on latest Fedora (standard) VM - - name: "Rootless unit on $DISTRO_NV" - env: - <<: *stdenvars - PRIV_NAME: rootless - gce_instance: *standardvm - env: - TEST_FLAVOR: unit - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: *logs_artifacts - - -apiv2_test_task: - name: "APIv2 test on $DISTRO_NV ($PRIV_NAME)" - alias: apiv2_test - # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_branch_build_docs - depends_on: - - build - - validate - gce_instance: *standardvm - # Test is normally pretty quick, about 10-minutes. If it hangs, - # don't make developers wait the full 1-hour timeout. - timeout_in: 20m - env: - <<: *stdenvars - TEST_FLAVOR: apiv2 - matrix: - - env: - PRIV_NAME: root - - env: - PRIV_NAME: rootless - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: *logs_artifacts - - -compose_test_task: - name: "$TEST_FLAVOR test on $DISTRO_NV ($PRIV_NAME)" - alias: compose_test - # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_branch_build_docs - depends_on: - - build - - validate - gce_instance: *standardvm - matrix: - - env: - TEST_FLAVOR: compose - PRIV_NAME: root - - env: - TEST_FLAVOR: compose - PRIV_NAME: rootless - - env: - TEST_FLAVOR: compose_v2 - PRIV_NAME: root - - env: - TEST_FLAVOR: compose_v2 - PRIV_NAME: rootless - env: - <<: *stdenvars - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: *logs_artifacts - - -# Execute the podman integration tests on all primary platforms and release -windows_smoke_test_task: - name: "Windows Smoke Test" - alias: windows_smoke_test - # Only run for non-docs/copr PRs and non-release branch builds - # and never for tags. Docs: ./contrib/cirrus/CIModes.md - only_if: >- - $CIRRUS_TAG == '' && - $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' && - $CIRRUS_BRANCH !=~ 'v[0-9\.]+-rhel' && - $CIRRUS_BASE_BRANCH !=~ 'v[0-9\.]+-rhel' - depends_on: - - alt_build - ec2_instance: - image: "${WINDOWS_AMI}" - type: m5zn.metal - region: us-east-1 - platform: windows - env: - PATH: "${PATH};C:\\ProgramData\\chocolatey\\bin" - CIRRUS_SHELL: powershell - # Fake version, we are only testing the installer functions, so version doesn't matter - CIRRUS_WORKING_DIR: "${LOCALAPPDATA}\\Temp\\cirrus-ci-build" - main_script: 'contrib/cirrus/win-podman-machine-main.ps1' - - -# versions, as root, without involving the podman-remote client. -local_integration_test_task: &local_integration_test_task - # Integration-test task name convention: - # - name: &std_name_fmt "$TEST_FLAVOR $PODBIN_NAME $DISTRO_NV $PRIV_NAME $TEST_ENVIRON ${CI_DESIRED_DATABASE}" - alias: local_integration_test - # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_branch_build_docs - depends_on: &build_unit - - build - - unit_test - matrix: *platform_axis - gce_instance: *standardvm - timeout_in: 50m - env: - TEST_FLAVOR: int - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: &int_logs_artifacts - <<: *logs_artifacts - ginkgo_node_logs_artifacts: - path: ./test/e2e/ginkgo-node-*.log - type: text/plain - ginkgo_json_artifacts: - path: ./ginkgo-e2e.json - type: application/json - - -# Nearly identical to `local_integration_test` except all operations -# are performed through the podman-remote client vs a podman "server" -# running on the same host. -remote_integration_test_task: - <<: *local_integration_test_task - alias: remote_integration_test - env: - TEST_FLAVOR: int - PODBIN_NAME: remote - - -# Run the complete set of integration tests from inside a container. -# This verifies all/most operations function with "podman-in-podman". -container_integration_test_task: - name: *std_name_fmt - alias: container_integration_test - # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_branch_build_docs - depends_on: *build_unit - matrix: &fedora_vm_axis - - env: - DISTRO_NV: ${FEDORA_NAME} - VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME} - CTR_FQIN: ${FEDORA_CONTAINER_FQIN} - CI_DESIRED_RUNTIME: crun - CI_DESIRED_NETWORK: netavark - - env: - DISTRO_NV: ${PRIOR_FEDORA_NAME} - VM_IMAGE_NAME: ${PRIOR_FEDORA_CACHE_IMAGE_NAME} - CTR_FQIN: ${PRIOR_FEDORA_CONTAINER_FQIN} - CI_DESIRED_RUNTIME: crun - CI_DESIRED_NETWORK: cni - gce_instance: *standardvm - timeout_in: 50m - env: - TEST_FLAVOR: int - TEST_ENVIRON: container - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: *int_logs_artifacts - - -# Execute most integration tests as a regular (non-root) user. -rootless_integration_test_task: - name: *std_name_fmt - alias: rootless_integration_test - # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_branch_build_docs - depends_on: *build_unit - matrix: *platform_axis - gce_instance: *standardvm - timeout_in: 50m - env: - TEST_FLAVOR: int - PRIV_NAME: rootless - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: *int_logs_artifacts - - -podman_machine_task: - name: *std_name_fmt - alias: podman_machine - # Don't create task for tags, or if using [CI:DOCS], [CI:BUILD] - # Docs: ./contrib/cirrus/CIModes.md - only_if: ¬_tag_build_docs >- - $CIRRUS_TAG == '' && - $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' && - $CIRRUS_CHANGE_TITLE !=~ '.*CI:BUILD.*' - depends_on: - - build - - local_integration_test - - remote_integration_test - - container_integration_test - - rootless_integration_test - ec2_instance: - image: "${VM_IMAGE_NAME}" - type: "${EC2_INST_TYPE}" - region: us-east-1 - env: - EC2_INST_TYPE: "m5zn.metal" # Bare-metal instance is required - TEST_FLAVOR: "machine" - PRIV_NAME: "rootless" # intended use-case - DISTRO_NV: "${FEDORA_NAME}" - VM_IMAGE_NAME: "${FEDORA_AMI}" - CI_DESIRED_NETWORK: netavark - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: *int_logs_artifacts - - -podman_machine_aarch64_task: - name: *std_name_fmt - alias: podman_machine_aarch64 - only_if: *not_tag_build_docs - depends_on: - - build_aarch64 - - validate_aarch64 - - local_integration_test - - remote_integration_test - - container_integration_test - - rootless_integration_test - ec2_instance: - <<: *standard_build_ec2_aarch64 - env: - TEST_FLAVOR: "machine" - EC2_INST_TYPE: c6g.metal - PRIV_NAME: "rootless" # intended use-case - DISTRO_NV: "${FEDORA_AARCH64_NAME}" - VM_IMAGE_NAME: "${FEDORA_AARCH64_AMI}" - CI_DESIRED_NETWORK: netavark - clone_script: *get_gosrc_aarch64 - setup_script: *setup - main_script: *main - always: *int_logs_artifacts - - -# Always run subsequent to integration tests. While parallelism is lost -# with runtime, debugging system-test failures can be more challenging -# for some golang developers. Otherwise the following tasks run across -# the same matrix as the integration-tests (above). -local_system_test_task: &local_system_test_task - name: *std_name_fmt - alias: local_system_test - only_if: *not_tag_build_docs - depends_on: *build_unit - matrix: *platform_axis - gce_instance: *standardvm - env: - TEST_FLAVOR: sys - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: *logs_artifacts - - -local_system_test_aarch64_task: &local_system_test_task_aarch64 - name: *std_name_fmt - alias: local_system_test_aarch64 - # Don't create task for tags, or if using [CI:DOCS], [CI:BUILD] - # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_build_docs - depends_on: - - build_aarch64 - - unit_test - ec2_instance: *standard_build_ec2_aarch64 - env: - <<: *stdenvars_aarch64 - TEST_FLAVOR: sys - DISTRO_NV: ${FEDORA_AARCH64_NAME} - clone_script: *get_gosrc_aarch64 - setup_script: *setup - main_script: *main - always: *logs_artifacts - - -remote_system_test_task: - <<: *local_system_test_task - alias: remote_system_test - env: - TEST_FLAVOR: sys - PODBIN_NAME: remote - - -remote_system_test_aarch64_task: - <<: *local_system_test_task_aarch64 - alias: remote_system_test_aarch64 - env: - TEST_FLAVOR: sys - PODBIN_NAME: remote - - -rootless_remote_system_test_task: - matrix: - # Minimal sanity testing: only the latest Fedora - - env: - DISTRO_NV: ${FEDORA_NAME} - # Not used here, is used in other tasks - VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME} - CTR_FQIN: ${FEDORA_CONTAINER_FQIN} - CI_DESIRED_RUNTIME: crun - CI_DESIRED_NETWORK: netavark - <<: *local_system_test_task - alias: rootless_remote_system_test - gce_instance: *standardvm - env: - TEST_FLAVOR: sys - PODBIN_NAME: remote - PRIV_NAME: rootless - - -rootless_system_test_task: - name: *std_name_fmt - alias: rootless_system_test - # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_build_docs - depends_on: *build_unit - matrix: *platform_axis - gce_instance: *standardvm - env: - TEST_FLAVOR: sys - PRIV_NAME: rootless - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: *logs_artifacts - -minikube_test_task: - name: *std_name_fmt - alias: minikube_test - # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_build_docs - depends_on: - - build - - rootless_system_test - gce_instance: *standardvm - env: - <<: *stdenvars - TEST_FLAVOR: minikube - PRIV_NAME: rootless - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: *logs_artifacts - -buildah_bud_test_task: - name: *std_name_fmt - alias: buildah_bud_test - # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_branch_build_docs - depends_on: - - build - - local_integration_test - env: - <<: *stdenvars - TEST_FLAVOR: bud - matrix: - - env: - PODBIN_NAME: podman - - env: - PODBIN_NAME: remote - gce_instance: *standardvm - timeout_in: 45m - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: *int_logs_artifacts - -rootless_buildah_bud_test_task: - name: *std_name_fmt - alias: rootless_buildah_bud_test - # Please keep this as-is: the buildah treadmill (#13808) relies on it. - only_if: $CIRRUS_CRON == 'treadmill' - depends_on: - - build - - rootless_integration_test - env: - <<: *stdenvars - TEST_FLAVOR: bud - PRIV_NAME: rootless - matrix: - - env: - PODBIN_NAME: podman - - env: - PODBIN_NAME: remote - gce_instance: *standardvm - timeout_in: 45m - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: *int_logs_artifacts - -upgrade_test_task: - name: "Upgrade test: from $PODMAN_UPGRADE_FROM" - alias: upgrade_test - # Docs: ./contrib/cirrus/CIModes.md - only_if: *not_tag_branch_build_docs - depends_on: - - build - - local_system_test - matrix: - - env: - PODMAN_UPGRADE_FROM: v2.1.1 - CI_DESIRED_NETWORK: cni - - env: - PODMAN_UPGRADE_FROM: v3.1.2 - CI_DESIRED_NETWORK: cni - - env: - PODMAN_UPGRADE_FROM: v3.4.4 - CI_DESIRED_NETWORK: cni - gce_instance: *standardvm - env: - TEST_FLAVOR: upgrade_test - DISTRO_NV: ${FEDORA_NAME} - VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME} - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - always: *logs_artifacts - - - #fcos_image_build_task: - # Only a test. Does not push built images. - # Image push to quay will be handled by GHA in - # .github/workflows/fcos-podman-next-build.yml - #name: "Test Build FCOS image $CTXDIR" - #alias: fcos_image_build - #only_if: $CIRRUS_PR != '' && $CIRRUS_BASE_BRANCH == 'main' && $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' - #env: - # <<: *stdenvars - # CTXDIR: contrib/podman-next/fcos-podmanimage - # TEST_FLAVOR: "fcos_image_build" - #gce_instance: *standardvm - #setup_script: *setup - #main_script: *main - - -# This task is critical. It updates the "last-used by" timestamp stored -# in metadata for all VM images. This mechanism functions in tandem with -# an out-of-band pruning operation to remove disused VM images. -meta_task: - name: "VM img. keepalive" - alias: meta - container: - cpu: 2 - memory: 2 - image: quay.io/libpod/imgts:latest - env: - # Space-separated list of images used by this repository state - IMGNAMES: >- - ${FEDORA_CACHE_IMAGE_NAME} - ${PRIOR_FEDORA_CACHE_IMAGE_NAME} - ${RAWHIDE_CACHE_IMAGE_NAME} - ${DEBIAN_CACHE_IMAGE_NAME} - build-push-${IMAGE_SUFFIX} - EC2IMGNAMES: >- - ${FEDORA_AARCH64_AMI} - ${FEDORA_AMI} - ${WINDOWS_AMI} - BUILDID: "${CIRRUS_BUILD_ID}" - REPOREF: "${CIRRUS_REPO_NAME}" - AWSINI: ENCRYPTED[21b2db557171b11eb5abdbccae593f48c9caeba86dfcc4d4ff109edee9b4656ab6720a110dadfcd51e88cc59a71cc7af] - GCPJSON: ENCRYPTED[3a198350077849c8df14b723c0f4c9fece9ebe6408d35982e7adf2105a33f8e0e166ed3ed614875a0887e1af2b8775f4] - GCPNAME: ENCRYPTED[2f9738ef295a706f66a13891b40e8eaa92a89e0e87faf8bed66c41eca72bf76cfd190a6f2d0e8444c631fdf15ed32ef6] - GCPPROJECT: libpod-218412 - clone_script: &noop mkdir -p "$CIRRUS_WORKING_DIR" - script: /usr/local/bin/entrypoint.sh - - -# Status aggregator for all tests. This task simply ensures a defined -# set of tasks all passed, and allows confirming that based on the status -# of this task. -success_task: - name: "Total Success" - alias: success - # N/B: ALL tasks must be listed here, minus their '_task' suffix. - depends_on: - - build - - build_aarch64 - - validate - - validate_aarch64 - - bindings - - swagger - - alt_build - - osx_alt_build - - freebsd_alt_build - - win_installer - - windows_smoke_test - - docker-py_test - - unit_test - - apiv2_test - - compose_test - - local_integration_test - - remote_integration_test - - container_integration_test - - rootless_integration_test - - podman_machine - - podman_machine_aarch64 - - local_system_test - - local_system_test_aarch64 - - remote_system_test - - remote_system_test_aarch64 - - rootless_system_test - - rootless_remote_system_test - - minikube_test - - buildah_bud_test - - rootless_buildah_bud_test - - upgrade_test - #- fcos_image_build - - meta - container: &smallcontainer - image: ${CTR_FQIN} - # Resources are limited across ALL currently executing tasks - # ref: https://cirrus-ci.org/guide/linux/#linux-containers - cpu: 2 - memory: 2 - env: - CTR_FQIN: ${FEDORA_CONTAINER_FQIN} - TEST_ENVIRON: container - clone_script: *noop - script: *noop - -# WARNING: Most of the artifacts captured here are also have their -# permalinks present in the `DOWNLOADS.md` file. Any changes made -# here, should probably be reflected in that document. -artifacts_task: - name: "Artifacts" - alias: artifacts - # Docs: ./contrib/cirrus/CIModes.md - only_if: >- - $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' && - $CIRRUS_BRANCH !=~ 'v[0-9\.]+-rhel' && - $CIRRUS_BASE_BRANCH !=~ 'v[0-9\.]+-rhel' - depends_on: - - success - # This task is a secondary/convenience for downstream consumers, don't - # block development progress if there is a failure in a PR, only break - # when running on branches or tags. - allow_failures: $CIRRUS_PR != '' - container: *smallcontainer - env: - CTR_FQIN: ${FEDORA_CONTAINER_FQIN} - TEST_ENVIRON: container - # In order to keep the download URL and Cirrus-CI artifact.zip contents - # simple, nothing should exist in $CIRRUS_WORKING_DIR except for artifacts. - clone_script: *noop - fedora_binaries_script: - - mkdir -p /tmp/fed - - cd /tmp/fed - - $ARTCURL/Build%20for%20${FEDORA_NAME}/repo/repo.tbz - - tar xjf repo.tbz - - cp ./bin/* $CIRRUS_WORKING_DIR/ - alt_binaries_intel_script: - - mkdir -p /tmp/alt - - cd /tmp/alt - - $ARTCURL/Alt%20Arch.%20x86%20Cross/repo/repo.tbz - - tar xjf repo.tbz - - mv ./*.tar.gz $CIRRUS_WORKING_DIR/ - alt_binaries_arm_script: - - mkdir -p /tmp/alt - - cd /tmp/alt - - $ARTCURL/Alt%20Arch.%20ARM%20Cross/repo/repo.tbz - - tar xjf repo.tbz - - mv ./*.tar.gz $CIRRUS_WORKING_DIR/ - alt_binaries_mips_script: - - mkdir -p /tmp/alt - - cd /tmp/alt - - $ARTCURL/Alt%20Arch.%20MIPS%20Cross/repo/repo.tbz - - tar xjf repo.tbz - - mv ./*.tar.gz $CIRRUS_WORKING_DIR/ - alt_binaries_mips64_script: - - mkdir -p /tmp/alt - - cd /tmp/alt - - $ARTCURL/Alt%20Arch.%20MIPS64%20Cross/repo/repo.tbz - - tar xjf repo.tbz - - mv ./*.tar.gz $CIRRUS_WORKING_DIR/ - alt_binaries_other_script: - - mkdir -p /tmp/alt - - cd /tmp/alt - - $ARTCURL/Alt%20Arch.%20Other%20Cross/repo/repo.tbz - - tar xjf repo.tbz - - mv ./*.tar.gz $CIRRUS_WORKING_DIR/ - win_binaries_script: - - mkdir -p /tmp/win - - cd /tmp/win - - $ARTCURL/Windows%20Cross/repo/repo.tbz - - tar xjf repo.tbz - - mv ./podman-remote*.zip $CIRRUS_WORKING_DIR/ - osx_binaries_script: - - mkdir -p /tmp/osx - - cd /tmp/osx - - $ARTCURL/OSX%20Cross/repo/repo.tbz - - tar xjf repo.tbz - - mv ./podman-remote-release-darwin_*.zip $CIRRUS_WORKING_DIR/ - - mv ./contrib/pkginstaller/out/podman-installer-macos-*.pkg $CIRRUS_WORKING_DIR/ - always: - contents_script: ls -la $CIRRUS_WORKING_DIR - # Produce downloadable files and an automatic zip-file accessible - # by a consistent URL, based on contents of $CIRRUS_WORKING_DIR - # Ref: https://cirrus-ci.org/guide/writing-tasks/#latest-build-artifacts - binary_artifacts: - path: ./* - type: application/octet-stream - - -# When a new tag is pushed, confirm that the code and commits -# meet criteria for an official release. -release_task: - name: "Verify Release" - alias: release - # This should _only_ run for new tags - # Docs: ./contrib/cirrus/CIModes.md - only_if: $CIRRUS_TAG != '' - depends_on: - - build - - success - gce_instance: *standardvm - env: - <<: *stdenvars - TEST_FLAVOR: release - clone_script: *get_gosrc - setup_script: *setup - main_script: *main - - -# When preparing to release a new version, this task may be manually -# activated at the PR stage to verify the build is proper for a potential -# podman release. -# -# Note: This cannot use a YAML alias on 'release_task' as of this -# comment, it is incompatible with 'trigger_type: manual' -release_test_task: - name: "Optional Release Test" - alias: release_test - # Release-PRs always include "release" or "Bump" in the title - # Docs: ./contrib/cirrus/CIModes.md - only_if: $CIRRUS_CHANGE_TITLE =~ '.*((release)|(bump)).*' - # Allow running manually only as part of release-related builds - # see RELEASE_PROCESS.md - trigger_type: manual - depends_on: - - build - - success - gce_instance: *standardvm - env: - <<: *stdenvars - TEST_FLAVOR: release - clone_script: *get_gosrc - setup_script: *setup - main_script: *main diff --git a/.github/workflows/check_cirrus_cron.yml b/.github/workflows/check_cirrus_cron.yml deleted file mode 100644 index 2f40b8ddcf..0000000000 --- a/.github/workflows/check_cirrus_cron.yml +++ /dev/null @@ -1,92 +0,0 @@ ---- - -# Format Ref: https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions - -# Required to un-FUBAR default ${{github.workflow}} value -name: check_cirrus_cron - -on: - # Note: This only applies to the main branch. - schedule: - # N/B: This should correspond to a period slightly after - # the last job finishes running. See job defs. at: - # https://cirrus-ci.com/settings/repository/6707778565701632 - - cron: '03 03 * * 1-5' - # Debug: Allow triggering job manually in github-actions WebUI - workflow_dispatch: {} - # Allow re-use of this workflow by other repositories - # Ref: https://docs.github.com/en/actions/using-workflows/reusing-workflows - workflow_call: - secrets: - SECRET_CIRRUS_API_KEY: - required : true - ACTION_MAIL_SERVER: - required: true - ACTION_MAIL_USERNAME: - required: true - ACTION_MAIL_PASSWORD: - required: true - ACTION_MAIL_SENDER: - required: true - -env: - # CSV listing of e-mail addresses for delivery failure or error notices - RCPTCSV: podman-monitor@lists.podman.io - # Filename for table of build-id to cron-name data - # (must be in $GITHUB_WORKSPACE/artifacts/) - ID_NAME_FILEPATH: './artifacts/id_name.txt' - -permissions: - contents: read - -jobs: - cron_failures: - runs-on: ubuntu-latest - steps: - # This is where the scripts live - - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 - with: - repository: containers/podman - ref: 'main' - persist-credentials: false - - - name: Get failed cron names and Build IDs - id: cron - run: './.github/actions/check_cirrus_cron/cron_failures.sh' - - - if: steps.cron.outputs.failures > 0 - shell: bash - run: './.github/actions/check_cirrus_cron/make_email_body.sh' - - - if: steps.cron.outputs.failures > 0 - name: Send failure notification e-mail - # Ref: https://github.com/dawidd6/action-send-mail - uses: dawidd6/action-send-mail@v3.8.0 - with: - server_address: ${{secrets.ACTION_MAIL_SERVER}} - server_port: 465 - username: ${{secrets.ACTION_MAIL_USERNAME}} - password: ${{secrets.ACTION_MAIL_PASSWORD}} - subject: Cirrus-CI cron build failures on ${{github.repository}} - to: ${{env.RCPTCSV}} - from: ${{secrets.ACTION_MAIL_SENDER}} - body: file://./artifacts/email_body.txt - - - if: always() - uses: actions/upload-artifact@v3 - with: - name: ${{ github.job }}_artifacts - path: artifacts/* - - - if: failure() - name: Send error notification e-mail - uses: dawidd6/action-send-mail@v3.8.0 - with: - server_address: ${{secrets.ACTION_MAIL_SERVER}} - server_port: 465 - username: ${{secrets.ACTION_MAIL_USERNAME}} - password: ${{secrets.ACTION_MAIL_PASSWORD}} - subject: Github workflow error on ${{github.repository}} - to: ${{env.RCPTCSV}} - from: ${{secrets.ACTION_MAIL_SENDER}} - body: "Job failed: https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}" diff --git a/.github/workflows/discussion_lock.yml b/.github/workflows/discussion_lock.yml deleted file mode 100644 index a0b3e1c7dc..0000000000 --- a/.github/workflows/discussion_lock.yml +++ /dev/null @@ -1,68 +0,0 @@ ---- - -# Format ref: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions - -name: "Lock closed Issue/PR discussions" - -on: - schedule: - - cron: '0 0 * * *' - # Allow re-use of this workflow by other repositories - # Ref: https://docs.github.com/en/actions/using-workflows/reusing-workflows - workflow_call: - secrets: - ACTION_MAIL_SERVER: - required: true - ACTION_MAIL_USERNAME: - required: true - ACTION_MAIL_PASSWORD: - required: true - ACTION_MAIL_SENDER: - required: true - # Debug: Allow triggering job manually in github-actions WebUI - workflow_dispatch: {} - -permissions: - contents: read - -concurrency: - group: lock - -env: - # Number of days before a closed issue/PR is be comment-locked. - # Note: dessant/lock-threads will only process a max. of - # 50 issues/PRs at a time. - CLOSED_DAYS: 90 - # Pre-created issue/PR label to add (preferably a bright color). - # This is intended to direct a would-be commenter's actions. - LOCKED_LABEL: 'locked - please file new issue/PR' - -jobs: - closed_issue_discussion_lock: - name: "Lock closed Issue/PR discussions" - runs-on: ubuntu-latest - permissions: - issues: write - pull-requests: write - steps: - # Ref: https://github.com/dessant/lock-threads#usage - - uses: dessant/lock-threads@v4 - with: - issue-inactive-days: '${{env.CLOSED_DAYS}}' - pr-inactive-days: '${{env.CLOSED_DAYS}}' - add-issue-labels: '${{env.LOCKED_LABEL}}' - add-pr-labels: '${{env.LOCKED_LABEL}}' - pr-lock-reason: 'resolved' - log-output: true - - if: failure() - name: Send job failure notification e-mail - uses: dawidd6/action-send-mail@v3.8.0 - with: - server_address: ${{secrets.ACTION_MAIL_SERVER}} - server_port: 465 - username: ${{secrets.ACTION_MAIL_USERNAME}} - password: ${{secrets.ACTION_MAIL_PASSWORD}} - subject: Github workflow error on ${{github.repository}} - to: podman-monitor@lists.podman.io - from: ${{secrets.ACTION_MAIL_SENDER}} - body: "Job failed: https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}" diff --git a/.github/workflows/fcos-podman-next-build.yml b/.github/workflows/fcos-podman-next-build.yml deleted file mode 100644 index 4416a3f460..0000000000 --- a/.github/workflows/fcos-podman-next-build.yml +++ /dev/null @@ -1,52 +0,0 @@ -name: Build FCOS image with packages from rhcontainerbot/podman-next - -on: - push: - branches: - - main - -env: - IMAGE_NAME: fcos - IMAGE_TAGS: latest next podman-next ${{ github.sha }} - IMAGE_REGISTRY: quay.io/podman - COPR_OWNER: rhcontainerbot - COPR_PROJECT: podman-next - -jobs: - fcos-podman-next-image-build: - runs-on: ubuntu-latest - - steps: - - name: Set up wait-for-copr - run: | - pip3 install git+https://github.com/packit/wait-for-copr.git@main - - - name: Wait for successful podman-next build with the latest commit - run: | - # TODO: add this in the Containerfile itself or as a --build-arg - wait-for-copr --owner ${{ env.COPR_OWNER }} --project ${{ env.COPR_PROJECT }} podman $(git rev-parse --short ${{ github.sha }}) - echo "podman-next build successful." - - - name: Check out code - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 - - - name: Build FCOS Image - id: build_image - # Ref: https://github.com/redhat-actions/buildah-build - uses: redhat-actions/buildah-build@v2 - with: - image: ${{ env.IMAGE_REGISTRY }}/${{ env.IMAGE_NAME }} - tags: ${{env.IMAGE_TAGS }} - containerfiles: | - ./contrib/podman-next/fcos-podmanimage/Containerfile . - - - name: Push to Quay - id: push-to-quay - # Ref: https://github.com/redhat-actions/push-to-registry - uses: redhat-actions/push-to-registry@v2 - with: - image: ${{ steps.build-image.outputs.image }} - tags: ${{ steps.build-image.outputs.tags }} - registry: ${{ env.IMAGE_REGISTRY }} - username: ${{ secrets.QUAY_PODMAN_USERNAME }} - password: ${{ secrets.QUAY_PODMAN_PASSWORD }} diff --git a/.github/workflows/issue-labeler.yml b/.github/workflows/issue-labeler.yml deleted file mode 100644 index 0e41f876f3..0000000000 --- a/.github/workflows/issue-labeler.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: "Issue Labeler" -on: - issues: - types: [opened, edited] - -permissions: - contents: read - -jobs: - triage: - permissions: - contents: read # for github/issue-labeler to get repo contents - issues: write # for github/issue-labeler to create or remove labels - runs-on: ubuntu-latest - steps: - - uses: github/issue-labeler@v3.2 - with: - repo-token: "${{ secrets.GITHUB_TOKEN }}" - configuration-path: .github/issue-labeler.yml - not-before: 2022-01-27T00:00:00Z - enable-versioned-regex: 0 diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml deleted file mode 100644 index 64505bbfee..0000000000 --- a/.github/workflows/labeler.yml +++ /dev/null @@ -1,15 +0,0 @@ -# https://github.com/actions/labeler -name: "Pull Request Labeler" -on: -- pull_request_target - -jobs: - triage: - permissions: - contents: read - pull-requests: write - runs-on: ubuntu-latest - steps: - - uses: actions/labeler@v4 - with: - repo-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/mac-pkg.yml b/.github/workflows/mac-pkg.yml deleted file mode 100644 index 2df19b04dd..0000000000 --- a/.github/workflows/mac-pkg.yml +++ /dev/null @@ -1,154 +0,0 @@ -name: Sign and Upload Mac Installer - -on: - release: - types: [created, published] - workflow_dispatch: - inputs: - version: - description: 'Release version to build and upload (e.g. "v9.8.7")' - required: true - dryrun: - description: 'Perform all the steps except uploading to the release page' - required: true - default: "true" # 'choice' type requires string value - type: choice - options: - - "true" # Must be quoted string, boolean value not supported. - - "false" - -permissions: - contents: write - -jobs: - build: - runs-on: macos-latest - env: - APPLICATION_CERTIFICATE: ${{ secrets.MACOS_APPLICATION_CERT }} - CODESIGN_IDENTITY: ${{ secrets.MACOS_APPLICATION_IDENTITY }} - INSTALLER_CERTIFICATE: ${{ secrets.MACOS_INSTALLER_CERT }} - PRODUCTSIGN_IDENTITY: ${{ secrets.MACOS_INSTALLER_IDENTITY }} - CERTIFICATE_PWD: ${{ secrets.MACOS_CERTIFICATE_PWD }} - - NOTARIZE_TEAM: ${{ secrets.MACOS_NOTARIZATION_TEAM_ID }} - NOTARIZE_USERNAME: ${{ secrets.MACOS_NOTARIZATION_APPLE_ID }} - NOTARIZE_PASSWORD: ${{ secrets.MACOS_NOTARIZATION_PWD }} - - KEYCHAIN_PWD: ${{ secrets.MACOS_CI_KEYCHAIN_PWD }} - steps: - - name: Consolidate dryrun setting to always be true or false - id: actual_dryrun - run: | - # The 'release' trigger will not have a 'dryrun' input set. Handle - # this case in a readable/maintainable way. - if [[ -z "${{ inputs.dryrun }}" ]] - then - echo "dryrun=false" >> $GITHUB_OUTPUT - else - echo "dryrun=${{ inputs.dryrun }}" >> $GITHUB_OUTPUT - fi - - name: Dry Run Status - run: | - echo "::notice::This workflow execution will be a dry-run: ${{ steps.actual_dryrun.outputs.dryrun }}" - - name: Determine Version - id: getversion - run: | - if [[ -z "${{ inputs.version }}" ]] - then - VERSION=${{ github.event.release.tag_name }} - else - VERSION=${{ inputs.version }} - fi - echo - echo "version=$VERSION" >> $GITHUB_OUTPUT - - name: Check uploads - id: check - run: | - URI="https://github.com/containers/podman/releases/download/${{steps.getversion.outputs.version}}" - ARM_FILE="podman-installer-macos-arm64.pkg" - AMD_FILE="podman-installer-macos-amd64.pkg" - - status=$(curl -s -o /dev/null -w "%{http_code}" "${URI}/${ARM_FILE}") - if [[ "$status" == "404" ]] ; then - echo "buildarm=true" >> $GITHUB_OUTPUT - else - echo "::warning::ARM installer already exists, skipping" - echo "buildarm=false" >> $GITHUB_OUTPUT - fi - - status=$(curl -s -o /dev/null -w "%{http_code}" "${URI}/${AMD_FILE}") - if [[ "$status" == "404" ]] ; then - echo "buildamd=true" >> $GITHUB_OUTPUT - else - echo "::warning::AMD installer already exists, skipping" - echo "buildamd=false" >> $GITHUB_OUTPUT - fi - - name: Checkout Version - if: >- - steps.check.outputs.buildamd == 'true' || - steps.check.outputs.buildarm == 'true' || - steps.actual_dryrun.outputs.dryrun == 'true' - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 - with: - ref: ${{steps.getversion.outputs.version}} - - name: Set up Go - # Conditional duplication sucks - GHA doesn't grok YAML anchors/aliases - if: >- - steps.check.outputs.buildamd == 'true' || - steps.check.outputs.buildarm == 'true' || - steps.actual_dryrun.outputs.dryrun == 'true' - uses: actions/setup-go@v4 - with: - go-version: stable - - name: Create Keychain - if: >- - steps.check.outputs.buildamd == 'true' || - steps.check.outputs.buildarm == 'true' || - steps.actual_dryrun.outputs.dryrun == 'true' - run: | - echo $APPLICATION_CERTIFICATE | base64 --decode -o appcert.p12 - echo $INSTALLER_CERTIFICATE | base64 --decode -o instcert.p12 - - security create-keychain -p "$KEYCHAIN_PWD" build.keychain - security default-keychain -s build.keychain - security unlock-keychain -p "$KEYCHAIN_PWD" build.keychain - security import appcert.p12 -k build.keychain -P "$CERTIFICATE_PWD" -T /usr/bin/codesign - security import instcert.p12 -k build.keychain -P "$CERTIFICATE_PWD" -T /usr/bin/productsign - security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "$KEYCHAIN_PWD" build.keychain &> /dev/null - - xcrun notarytool store-credentials "notarytool-profile" --apple-id "$NOTARIZE_USERNAME" --team-id "$NOTARIZE_TEAM" --password "$NOTARIZE_PASSWORD" &> /dev/null - - name: Build and Sign ARM - if: steps.check.outputs.buildarm == 'true' || steps.actual_dryrun.outputs.dryrun == 'true' - working-directory: contrib/pkginstaller - run: | - make ARCH=aarch64 notarize &> /dev/null - cd out && shasum -a 256 podman-installer-macos-arm64.pkg >> shasums - - name: Build and Sign AMD - if: steps.check.outputs.buildamd == 'true' || steps.actual_dryrun.outputs.dryrun == 'true' - working-directory: contrib/pkginstaller - run: | - make ARCH=amd64 notarize &> /dev/null - cd out && shasum -a 256 podman-installer-macos-amd64.pkg >> shasums - - name: Artifact - if: >- - steps.check.outputs.buildamd == 'true' || - steps.check.outputs.buildarm == 'true' || - steps.actual_dryrun.outputs.dryrun == 'true' - uses: actions/upload-artifact@v3 - with: - name: installers - path: | - contrib/pkginstaller/out/podman-installer-macos-*.pkg - contrib/pkginstaller/out/shasums - - name: Upload to Release - if: >- - steps.actual_dryrun.outputs.dryrun == 'false' && - (steps.check.outputs.buildamd == 'true' || - steps.check.outputs.buildarm == 'true') - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - (gh release download ${{steps.getversion.outputs.version}} -p "shasums" || exit 0) - cat contrib/pkginstaller/out/shasums >> shasums - gh release upload ${{steps.getversion.outputs.version}} contrib/pkginstaller/out/podman-installer-macos-*.pkg - gh release upload ${{steps.getversion.outputs.version}} --clobber shasums diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml deleted file mode 100644 index 66599a86df..0000000000 --- a/.github/workflows/pr-title.yml +++ /dev/null @@ -1,24 +0,0 @@ -# Upstream: github.com/tzkhan/pr-update-action - -name: "PR title check" - -on: - pull_request_target: - branches: - - "!master" # causes errors; reason unknown - -permissions: - contents: read - -jobs: - update_pr: - permissions: - pull-requests: write # for tzkhan/pr-update-action to update PRs - runs-on: ubuntu-latest - steps: - - uses: tzkhan/pr-update-action@bbd4c9395df8a9c4ef075b8b7fe29f2ca76cdca9 # v2 - with: - repo-token: "${{ secrets.GITHUB_TOKEN }}" - base-branch-regex: '^(?!master).*$' - title-template: '[%basebranch%]' - title-prefix-space: true diff --git a/.github/workflows/rerun_cirrus_cron.yml b/.github/workflows/rerun_cirrus_cron.yml deleted file mode 100644 index 61efad1492..0000000000 --- a/.github/workflows/rerun_cirrus_cron.yml +++ /dev/null @@ -1,78 +0,0 @@ ---- - -# Format Ref: https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions - -# Required to un-FUBAR default ${{github.workflow}} value -name: rerun_cirrus_cron - -on: - # Note: This only applies to the main branch. - schedule: - # N/B: This should fire about an hour prior to check_cirrus_cron - # so the re-runs have a chance to complete. - - cron: '01 01 * * 1-5' - # Debug: Allow triggering job manually in github-actions WebUI - workflow_dispatch: {} - # Allow re-use of this workflow by other repositories - # Ref: https://docs.github.com/en/actions/using-workflows/reusing-workflows - workflow_call: - secrets: - SECRET_CIRRUS_API_KEY: - required : true - ACTION_MAIL_SERVER: - required: true - ACTION_MAIL_USERNAME: - required: true - ACTION_MAIL_PASSWORD: - required: true - ACTION_MAIL_SENDER: - required: true - -env: - # CSV listing of e-mail addresses for delivery failure or error notices - RCPTCSV: podman-monitor@lists.podman.io - # Filename for table of build-id to cron-name data - # (must be in $GITHUB_WORKSPACE/artifacts/) - ID_NAME_FILEPATH: './artifacts/id_name.txt' - -permissions: - contents: read - -jobs: - cron_rerun: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 - with: - # All scripts used by this workflow live in podman repo. - repository: "containers/podman" - ref: "main" - persist-credentials: false - - - name: Get failed cron names and Build IDs - id: cron - run: './.github/actions/check_cirrus_cron/cron_failures.sh' - - - if: steps.cron.outputs.failures > 0 - shell: bash - env: - SECRET_CIRRUS_API_KEY: ${{ secrets.SECRET_CIRRUS_API_KEY }} - run: './.github/actions/check_cirrus_cron/rerun_failed_tasks.sh' - - - uses: actions/upload-artifact@v3 - with: - name: ${{ github.job }}_artifacts - path: artifacts/* - - - if: failure() - name: Send error notification e-mail - uses: dawidd6/action-send-mail@v3.8.0 - with: - server_address: ${{secrets.ACTION_MAIL_SERVER}} - server_port: 465 - username: ${{secrets.ACTION_MAIL_USERNAME}} - password: ${{secrets.ACTION_MAIL_PASSWORD}} - subject: Github workflow error on ${{github.repository}} - to: ${{env.RCPTCSV}} - from: ${{secrets.ACTION_MAIL_SENDER}} - body: "Job failed: https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}" diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml deleted file mode 100644 index 14f36fc234..0000000000 --- a/.github/workflows/stale.yml +++ /dev/null @@ -1,31 +0,0 @@ -name: Mark stale issues and pull requests - -# Please refer to https://github.com/actions/stale/blob/master/action.yml -# to see all config knobs of the stale action. - -on: - schedule: - - cron: "0 0 * * *" - -permissions: - contents: read - -jobs: - stale: - - permissions: - issues: write # for actions/stale to close stale issues - pull-requests: write # for actions/stale to close stale PRs - runs-on: ubuntu-latest - - steps: - - uses: actions/stale@v8 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - stale-issue-message: 'A friendly reminder that this issue had no activity for 30 days.' - stale-pr-message: 'A friendly reminder that this PR had no activity for 30 days.' - stale-issue-label: 'stale-issue' - stale-pr-label: 'stale-pr' - days-before-stale: 30 - days-before-close: 365 - remove-stale-when-updated: true diff --git a/.github/workflows/upload-win-installer.yml b/.github/workflows/upload-win-installer.yml deleted file mode 100644 index b26be2df14..0000000000 --- a/.github/workflows/upload-win-installer.yml +++ /dev/null @@ -1,151 +0,0 @@ -name: Upload Windows Installer - -on: - release: - types: [created, published, edited] - workflow_dispatch: - inputs: - version: - description: 'Release version to build and upload (e.g. "v9.8.7")' - required: true - dryrun: - description: 'Perform all the steps except uploading to the release page' - required: true - default: "true" # 'choice' type requires string value - type: choice - options: - - "true" # Must be quoted string, boolean value not supported. - - "false" - -permissions: - contents: write - -jobs: - build: - runs-on: windows-latest - env: - FETCH_BASE_URL: ${{ github.server_url }}/${{ github.repository }} - steps: - - name: Consolidate dryrun setting to always be true or false - id: actual_dryrun - run: | - # The 'release' trigger will not have a 'dryrun' input set. Handle - # this case in a readable/maintainable way. - $inputs_dryrun = "${{ inputs.dryrun }}" - if ($inputs_dryrun.Length -lt 1) { - Write-Output "dryrun=false" | Out-File -FilePath $env:GITHUB_OUTPUT -Append - } else { - Write-Output "dryrun=${{ inputs.dryrun }}" | Out-File -FilePath $env:GITHUB_OUTPUT -Append - } - - name: Dry Run Status - run: | - Write-Output "::notice::This workflow execution will be a dry-run: ${{ steps.actual_dryrun.outputs.dryrun }}" - - name: Determine version - id: getversion - run: | - $version = "${{ inputs.version }}" - if ($version.Length -lt 1) { - $version = "${{ github.event.release.tag_name }}" - if ($version.Length -lt 1) { - Write-Host "::error::Could not determine version!" - Exit 1 - } - } - Write-Output "version=$version" | Out-File -FilePath $env:GITHUB_OUTPUT -Append - - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4 - with: - ref: ${{steps.getversion.outputs.version}} - # This step is super-duper critical for the built/signed windows installer .exe file. - # It ensures the referenced $version github release page does NOT already contain - # this file. Windows assigns a UUID to the installer at build time, it's assumed - # by windows that one release version == one UUID (always). Breaking this assumption - # has some rather nasty side-effects in windows, such as possibly breaking 'uninstall' - # functionality. For dry-runs, the .exe is saved in the workflow artifacts for a human - # to judge w/n (i.e. in some extreme case) it should be uploaded to the release page. - - name: Check - id: check - run: | - Push-Location contrib\win-installer - .\check.ps1 ${{steps.getversion.outputs.version}} - $code = $LASTEXITCODE - if ($code -eq 2) { - Write-Output "already-exists=true" | Out-File -FilePath $env:GITHUB_OUTPUT -Append - Pop-Location - Exit 0 - } - Write-Output "upload_asset_name=$env:UPLOAD_ASSET_NAME" | Out-File -FilePath $env:GITHUB_OUTPUT -Append - Pop-Location - Exit $code - # The podman release process requires a cross-compile of the windows binaries be uploaded to - # the release page as a hard-coded filename. If non-existent, this workflow will fail in - # non-obvious ways with a non-obvious error message. Address that here. - - name: Confirm upload_asset_name is non-empty - if: ${{ steps.check.outputs.upload_asset_name == '' }} - run: | - Write-Output "::error::check.ps1 script failed to find manually uploaded podman-remote-release-windows_md64.zip github release asset for version ${{steps.getversion.outputs.version}}." - Exit 1 - - name: Set up Go - uses: actions/setup-go@v4 - # N/B: already-exists may be an empty-string or "false", handle both cases. - if: steps.check.outputs.already-exists != 'true' || steps.actual_dryrun.outputs.dryrun == 'true' - with: - go-version: stable - - name: Setup Signature Tooling - if: steps.Check.outputs.already-exists != 'true' || steps.actual_dryrun.outputs.dryrun == 'true' - run: | - dotnet tool install --global AzureSignTool --version 3.0.0 - echo "CERT_NAME=${{secrets.AZ_CERT_NAME}}" | Out-File -FilePath $env:GITHUB_ENV -Append - echo "VAULT_ID=${{secrets.AZ_VAULT_ID}}" | Out-File -FilePath $env:GITHUB_ENV -Append - echo "APP_ID=${{secrets.AZ_APP_ID}}" | Out-File -FilePath $env:GITHUB_ENV -Append - echo "TENANT_ID=${{secrets.AZ_TENANT_ID}}" | Out-File -FilePath $env:GITHUB_ENV -Append - echo "CLIENT_SECRET=${{secrets.AZ_CLIENT_SECRET}}" | Out-File -FilePath $env:GITHUB_ENV -Append - - name: Build - id: build - if: steps.check.outputs.already-exists != 'true' || steps.actual_dryrun.outputs.dryrun == 'true' - run: | - Push-Location contrib\win-installer - .\build.ps1 ${{steps.getversion.outputs.version}} prod - $code = $LASTEXITCODE - if ($code -eq 2) { - Write-Output "artifact-missing=true" | Out-File -FilePath $env:GITHUB_OUTPUT -Append - Pop-Location - Exit 0 - } - Pop-Location - Exit $code - - name: Artifact - if: steps.check.outputs.already-exists != 'true' || steps.actual_dryrun.outputs.dryrun == 'true' - uses: actions/upload-artifact@v3 - with: - name: installer - path: | - ${{ steps.check.outputs.upload_asset_name }} - .\contrib\win-installer\shasums - - name: Upload - if: >- - steps.actual_dryrun.outputs.dryrun == 'false' && - steps.check.outputs.already-exists != 'true' && - steps.build.outputs.artifact-missing != 'true' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - Push-Location contrib\win-installer - $version = "${{ steps.getversion.outputs.version }}" - if ($version[0] -ne "v") { - $version = "v$version" - } - gh release upload $version ${{ steps.check.outputs.upload_asset_name }} - if ($LASTEXITCODE -ne 0) { - .\check.ps1 $version - if ($LASTEXITCODE -eq 2) { - Write-Host "Another job uploaded before us, skipping" - Pop-Location - Exit 0 - } - Pop-Location - Exit 1 - } - if (Test-Path -Path shasums) { - gh release upload --clobber $version shasums - } - Pop-Location diff --git a/.packit.sh b/.packit.sh deleted file mode 100644 index 85a0d6f520..0000000000 --- a/.packit.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/usr/bin/env bash - -# This script handles any custom processing of the spec file using the `fix-spec-file` -# action in .packit.yaml. - -set -eox pipefail - -PACKAGE=podman - -# Set path to rpm spec file -SPEC_FILE=rpm/$PACKAGE.spec - -# Get Version from HEAD -VERSION=$(grep '^const RawVersion' version/rawversion/version.go | cut -d\" -f2) - -# RPM Version can't take "-" -RPM_VERSION=$(echo $VERSION | sed -e 's/-/~/') - -# Generate source tarball from HEAD -git-archive-all -C $(git rev-parse --show-toplevel) --prefix=$PACKAGE-$VERSION/ rpm/$PACKAGE-$VERSION.tar.gz - -# RPM Spec modifications - -# Use the Version from HEAD in rpm spec -sed -i "s/^Version:.*/Version: $RPM_VERSION/" $SPEC_FILE - -# Use Packit's supplied variable in the Release field in rpm spec. -sed -i "s/^Release:.*/Release: $PACKIT_RPMSPEC_RELEASE%{?dist}/" $SPEC_FILE - -# Ensure last part of the release string is the git shortcommit without a -# prepended "g" -sed -i "/^Release: $PACKIT_RPMSPEC_RELEASE%{?dist}/ s/\(.*\)g/\1/" $SPEC_FILE - -# Use above generated tarball as Source in rpm spec -sed -i "s/^Source0:.*.tar.gz/Source0: $PACKAGE-$VERSION.tar.gz/" $SPEC_FILE - -# Update setup macro to use the correct build dir -sed -i "s/^%autosetup.*/%autosetup -Sgit -n %{name}-$VERSION/" $SPEC_FILE diff --git a/.packit.yaml b/.packit.yaml deleted file mode 100644 index 3044626c5b..0000000000 --- a/.packit.yaml +++ /dev/null @@ -1,77 +0,0 @@ ---- -# See the documentation for more information: -# https://packit.dev/docs/configuration/ - -specfile_path: rpm/podman.spec -upstream_tag_template: v{version} - -srpm_build_deps: - - git-archive-all - - make - -actions: - fix-spec-file: - - "bash .packit.sh" - -jobs: - - job: copr_build - trigger: pull_request - notifications: - failure_comment: - message: "Ephemeral COPR build failed. @containers/packit-build please check." - enable_net: true - targets: - - fedora-all-x86_64 - - fedora-all-aarch64 - - fedora-eln-x86_64 - - fedora-eln-aarch64 - - centos-stream+epel-next-8-x86_64 - - centos-stream+epel-next-8-aarch64 - - centos-stream+epel-next-9-x86_64 - - centos-stream+epel-next-9-aarch64 - additional_repos: - - "copr://rhcontainerbot/podman-next" - - # Run on commit to main branch - - job: copr_build - trigger: commit - notifications: - failure_comment: - message: "podman-next COPR build failed. @containers/packit-build please check." - branch: main - owner: rhcontainerbot - project: podman-next - enable_net: true - - - job: tests - identifier: cockpit-revdeps - trigger: pull_request - targets: - - fedora-latest-stable - - fedora-development - tf_extra_params: - environments: - - artifacts: - - type: repository-file - id: https://copr.fedorainfracloud.org/coprs/g/cockpit/main-builds/repo/fedora-$releasever/group_cockpit-main-builds-fedora-$releasever.repo - - type: repository-file - id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/fedora-$releasever/rhcontainerbot-podman-next-fedora-$releasever.repo - tmt: - context: - revdeps: "yes" - - - job: propose_downstream - trigger: release - update_release: false - dist_git_branches: - - fedora-all - - - job: koji_build - trigger: commit - dist_git_branches: - - fedora-all - - - job: bodhi_update - trigger: commit - dist_git_branches: - - fedora-branched # rawhide updates are created automatically