containers/bootc
1
0
Fork 0
mirror of https://github.com/containers/bootc.git synced 2026-02-05 15:45:53 +01:00
Code Issues Activity
Files
actions/update-generated-files
bootc/Makefile

102 lines
4.7 KiB
Makefile
Raw Permalink Normal View History

Add initial CI infrastructure designed for Prow This test will - build a container image derived from FCOS, injecting bootc-under-test into it - Schedule a separate container derived from coreos-assembler which has a reference to that container injected via https://docs.ci.openshift.org/docs/architecture/ci-operator/#referring-to-images-in-tests - Run the stable FCOS base image via kola (qemu), injecting the target oscontainer - Execute a basic test that just verifies `status --json` today However, in the future we can change the build system to generate multiple container images, and test upgrades, rollbacks, etc. Signed-off-by: Colin Walters <walters@verbum.org>
2022-12-02 11:03:50 -05:00
prefix ?= /usr
Makefile: Serialize tarballs reproducibly This ensures that when we rerun the container build without changing the source, we get the same thing. Which then further ensures we don't invalidate any cached disk images, etc. Signed-off-by: Colin Walters <walters@verbum.org>
2024-06-06 07:48:47 -04:00
SOURCE_DATE_EPOCH ?= $(shell git log -1 --pretty=%ct)
# https://reproducible-builds.org/docs/archives/
TAR_REPRODUCIBLE = tar --mtime="@${SOURCE_DATE_EPOCH}" --sort=name --owner=0 --group=0 --numeric-owner --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime
Add initial CI infrastructure designed for Prow This test will - build a container image derived from FCOS, injecting bootc-under-test into it - Schedule a separate container derived from coreos-assembler which has a reference to that container injected via https://docs.ci.openshift.org/docs/architecture/ci-operator/#referring-to-images-in-tests - Run the stable FCOS base image via kola (qemu), injecting the target oscontainer - Execute a basic test that just verifies `status --json` today However, in the future we can change the build system to generate multiple container images, and test upgrades, rollbacks, etc. Signed-off-by: Colin Walters <walters@verbum.org>
2022-12-02 11:03:50 -05:00
all:
cargo build --release
build-sys: Rework to have toplevel Dockerfile + Justfile This is aligning with what I did in https://github.com/ostreedev/ostree/pull/3439 - What gets invoked in e.g. GHA should ideally most be `just` commands that are easy to run locally too (with sudo in GHA, without sudo locally) - Move the "core build" to the toplevel so that one can just `podman build` directly too (without the Justfile) and have it do something useful - The "always build and test in a container" helps for LLM-assisted coding because what they can do is inherently sandboxed Signed-off-by: Colin Walters <walters@verbum.org>
2025-06-06 11:11:58 -04:00
Add initial CI infrastructure designed for Prow This test will - build a container image derived from FCOS, injecting bootc-under-test into it - Schedule a separate container derived from coreos-assembler which has a reference to that container injected via https://docs.ci.openshift.org/docs/architecture/ci-operator/#referring-to-images-in-tests - Run the stable FCOS base image via kola (qemu), injecting the target oscontainer - Execute a basic test that just verifies `status --json` today However, in the future we can change the build system to generate multiple container images, and test upgrades, rollbacks, etc. Signed-off-by: Colin Walters <walters@verbum.org>
2022-12-02 11:03:50 -05:00
install:
Rework build infra, add manpages into tarball - Inject pre-generated manpages into the source tarball we make - Ensure we use the git tag for version if there is one Immediate motivation is making sure man pages end up in e.g. RPM builds. Signed-off-by: Colin Walters <walters@verbum.org>
2023-10-12 15:29:31 -04:00
install -D -m 0755 -t $(DESTDIR)$(prefix)/bin target/release/bootc
cli: add `system-reinstall-bootc` binary # Background The current usage instructions for bootc involve a long podman invocation. # Issue It's hard to remember and type the long podman invocation, making the usage of bootc difficult for users. See https://issues.redhat.com/browse/BIFROST-610 and https://issues.redhat.com/browse/BIFROST-611 (Epic https://issues.redhat.com/browse/BIFROST-594) # Solution We want to make the usage of bootc easier by providing a new Fedora/RHEL subpackage that includes a new binary `system-reinstall-bootc`. This binary will simplify the usage of bootc by providing a simple command line interface (configured either through CLI flags or a configuration file) with an interactive prompt that allows users to reinstall the current system using bootc. The commandline will handle helping the user choose SSH keys / users, warn the user about the destructive nature of the operation, and eventually report issues they might run into in the various clouds (e.g. missing cloud agent on the target image) # Implementation Added new system-reinstall-bootc crate that outputs the new system-reinstall-bootc binary. This new crate depends on the existing utils crate. Refactored the tracing initialization from the bootc binary into the utils crate so that it can be reused by the new crate. The new CLI can either be configured through commandline flags or through a configuration file in a path set by the environment variable `BOOTC_REINSTALL_CONFIG`. The configuration file is a YAML file. # Limitations Only root SSH keys are supported. The multi user selection TUI is implemented, but if you choose anything other than root you will get an error. # TODO Missing docs, missing functionality. Everything is in alpha stage. User choice / SSH keys / prompt disabling should also eventually be supported to be configured through commandline arguments or the configuration file. Signed-off-by: Omer Tuchfeld <omer@tuchfeld.dev>
2025-01-25 14:20:22 +01:00
install -D -m 0755 -t $(DESTDIR)$(prefix)/bin target/release/system-reinstall-bootc
boundimages: Switch from bootc-experimental to bootc This is a stable enough feature to be included in the primary bootc directory. Signed-off-by: Chris Kyrouac <ckyrouac@redhat.com>
2024-07-22 10:57:01 -04:00
install -d -m 0755 $(DESTDIR)$(prefix)/lib/bootc/bound-images.d
build-sys: Pre-create `kargs.d` and `bound-images.d` Let's ensure these directories exist by default, because we want people to drop things there - and having to create the directory in derived images invites typos. Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-16 15:05:02 -04:00
install -d -m 0755 $(DESTDIR)$(prefix)/lib/bootc/kargs.d
Initialize a containers-storage: owned by bootc, use for bound images Closes: https://github.com/containers/bootc/issues/721 - Initialize a containers-storage: instance at install time (that defaults to empty) - Open it at the same time we open the ostree repo/sysroot - Change bound images to use this We are *NOT* yet changing the base bootc image pull to use this. That's an obvious next step (xref https://github.com/containers/bootc/pull/215 ) but will come later. Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-25 14:18:34 -04:00
ln -s /sysroot/ostree/bootc/storage $(DESTDIR)$(prefix)/lib/bootc/storage
Switch systemd generator to be a dispatcher shell script rpm can't handle hardlinked binaries with distinct labels today gracefully; ostree (and bootc) always break the hardlink which I think is generally right. Anyways, switch to a dispatcher shell script to fix this. To fix https://issues.redhat.com/browse/RHEL-76188 Signed-off-by: Colin Walters <walters@verbum.org>
2025-01-24 12:56:12 -05:00
install -D -m 0755 cli/bootc-generator-stub $(DESTDIR)$(prefix)/lib/systemd/system-generators/bootc-systemd-generator
install: Drop default config Let's require the OS/distro to inject the defaults they want. Signed-off-by: Colin Walters <walters@verbum.org>
2023-10-14 17:51:42 -04:00
install -d $(DESTDIR)$(prefix)/lib/bootc/install
systemd: New bootc-fetch-apply-updates.{timer,service} Let's ship a baseline systemd unit that can be enabled for automatic updates. Signed-off-by: Colin Walters <walters@verbum.org>
2023-11-03 16:06:57 -04:00
# Support installing pre-generated man pages shipped in source tarball, to avoid
Fix manpage for service We need `-s` for the pandoc invocation to render this right. Signed-off-by: Colin Walters <walters@verbum.org>
2024-01-17 16:23:42 -05:00
# a dependency on pandoc downstream. But in local builds these end up in target/man,
# so we honor that too.
for d in man target/man; do \
if test -d $$d; then \
install -D -m 0644 -t $(DESTDIR)$(prefix)/share/man/man5 $$d/*.5; \
install -D -m 0644 -t $(DESTDIR)$(prefix)/share/man/man8 $$d/*.8; \
fi; \
done
systemd: Add bootc-status-updated.{path,target} units This adds a new systemd path unit which activates on bootc status changing, and in turn triggers a new systemd target. This allows adding arbitrary new systemd services with `WantedBy = bootc-status-updated.target` that will be activated each time the bootc status is updated. Signed-off-by: John Eckersberg <jeckersb@redhat.com>
2024-12-16 16:38:29 -05:00
install -D -m 0644 -t $(DESTDIR)/$(prefix)/lib/systemd/system systemd/*.service systemd/*.timer systemd/*.path systemd/*.target
build-sys: Enable `bootc-status-updated.path` by default Followup to https://github.com/containers/bootc/pull/977 In chatting with John we had some agreement to statically enable the `.path` unit by default upstream here since it's a feature we want to be available by default so that tooling can react dynamically to changes. Signed-off-by: Colin Walters <walters@verbum.org>
2025-01-06 15:22:40 -05:00
install -d -m 0755 $(DESTDIR)/$(prefix)/lib/systemd/system/multi-user.target.wants
ln -s ../bootc-status-updated.path $(DESTDIR)/$(prefix)/lib/systemd/system/multi-user.target.wants/bootc-status-updated.path
Add bootc-status-updated-onboot.target The bootc-status-updated.target unit cannot directly be WantedBy=multi-user.target, because we rely on StopWhenUnneeded=true so the target will be activated each time bootc-status-updated.path triggers it. Because multi-user.target remains active, this would hold bootc-status-updated.target in an active state as well, and the path unit activating would not have the desired effect of retriggering the target unit. The new bootc-status-updated-onboot.target is intended to serve the same purpose as bootc-status-updated.target but will activate (and remain active) on boot. Any interested units should be WantedBy both targets. This updates bootc-publish-rhsm-facts.service to do just that. Signed-off-by: John Eckersberg <jeckersb@redhat.com>
2025-01-22 14:17:57 -05:00
ln -s ../bootc-status-updated-onboot.target $(DESTDIR)/$(prefix)/lib/systemd/system/multi-user.target.wants/bootc-status-updated-onboot.target
install: Add /usr/share/doc/bootc/baseimage This directory will contain expected files in the base image. That said, I may change the container import path to auto-create at least the sysroot dir and symlink at some point and these can just be dropped. And for that matter after https://github.com/ostreedev/ostree/pull/3353/commits/9a0acd7249bb0c7f55c2bf56e5073902cd60038b "libostree/deploy: enable composefs by default" we can likely just drop the prepare-root bit too. But for now this is needed. Motivated by improving base image generation from https://gitlab.com/fedora/bootc/tracker/-/issues/32 Signed-off-by: Colin Walters <walters@verbum.org>
2024-12-19 16:24:48 -05:00
install -D -m 0644 -t $(DESTDIR)/$(prefix)/share/doc/bootc/baseimage/base/usr/lib/ostree/ baseimage/base/usr/lib/ostree/prepare-root.conf
install -d -m 755 $(DESTDIR)/$(prefix)/share/doc/bootc/baseimage/base/sysroot
cp -PfT baseimage/base/ostree $(DESTDIR)/$(prefix)/share/doc/bootc/baseimage/base/ostree
install: Add `dracut` subdirectory to baseimage reference ref https://gitlab.com/fedora/bootc/tracker/-/issues/32#note_2270189835 This will keep track of the generic bootc+dracut integration glue here instead of replicating it in different base images. (Perhaps bootc actually injects code into the initramfs in the future instead of ostree, for example) Signed-off-by: Colin Walters <walters@verbum.org>
2025-01-03 10:53:47 -05:00
# Ensure we've cleaned out any possibly older files
rm -vrf $(DESTDIR)$(prefix)/share/doc/bootc/baseimage/dracut
baseimage: Add systemd configuration files Added a kernel-install configuration that enables the rpm-ostree integration. The second configuration file sets the Journal to persistent as on bootc systems /var is empty by default and systemd by default enables persistent journaling on the presence of /var/log/journal. Signed-off-by: Joseph Marrero Corchado <jmarrero@redhat.com>
2025-01-09 10:59:15 -05:00
rm -vrf $(DESTDIR)$(prefix)/share/doc/bootc/baseimage/systemd
# Copy dracut and systemd config files
install: Add `dracut` subdirectory to baseimage reference ref https://gitlab.com/fedora/bootc/tracker/-/issues/32#note_2270189835 This will keep track of the generic bootc+dracut integration glue here instead of replicating it in different base images. (Perhaps bootc actually injects code into the initramfs in the future instead of ostree, for example) Signed-off-by: Colin Walters <walters@verbum.org>
2025-01-03 10:53:47 -05:00
cp -Prf baseimage/dracut $(DESTDIR)$(prefix)/share/doc/bootc/baseimage/dracut
baseimage: Add systemd configuration files Added a kernel-install configuration that enables the rpm-ostree integration. The second configuration file sets the Journal to persistent as on bootc systems /var is empty by default and systemd by default enables persistent journaling on the presence of /var/log/journal. Signed-off-by: Joseph Marrero Corchado <jmarrero@redhat.com>
2025-01-09 10:59:15 -05:00
cp -Prf baseimage/systemd $(DESTDIR)$(prefix)/share/doc/bootc/baseimage/systemd
install: Add cleanup option to install to-existing-root When set, the bootc-destructive-cleanup flag is added to /sysroot/etc which enables the bootc-destructive-cleanup systemd service to remove the previous installation's rpm packages and podman containers/images. The service is only installed on fedora based systems. Signed-off-by: ckyrouac <ckyrouac@redhat.com>
2025-04-30 11:22:31 -04:00
# Install fedora-bootc-destructive-cleanup in fedora derivatives
ID=$$(. /usr/lib/os-release && echo $$ID); \
ID_LIKE=$$(. /usr/lib/os-release && echo $$ID_LIKE); \
if [ "$$ID" = "fedora" ] || [[ "$$ID_LIKE" == *"fedora"* ]]; then \
ln -s ../bootc-destructive-cleanup.service $(DESTDIR)/$(prefix)/lib/systemd/system/multi-user.target.wants/bootc-destructive-cleanup.service; \
install -D -m 0755 -t $(DESTDIR)/$(prefix)/lib/bootc contrib/scripts/fedora-bootc-destructive-cleanup; \
fi
systemd: New bootc-fetch-apply-updates.{timer,service} Let's ship a baseline systemd unit that can be enabled for automatic updates. Signed-off-by: Colin Walters <walters@verbum.org>
2023-11-03 16:06:57 -04:00
build: Add install-ostree-hooks This an optional bit for those that need `ostree container`. Signed-off-by: Colin Walters <walters@verbum.org>
2024-11-25 14:17:49 -05:00
# Run this to also take over the functionality of `ostree container` for example.
# Only needed for OS/distros that have callers invoking `ostree container` and not bootc.
install-ostree-hooks:
install -d $(DESTDIR)$(prefix)/libexec/libostree/ext
for x in ostree-container ostree-ima-sign ostree-provisional-repair; do \
ln -sf ../../../bin/bootc $(DESTDIR)$(prefix)/libexec/libostree/ext/$$x; \
done
build-sys: Also take over ostree hooks in our own CI builds This helps ensure our CI is covering our copy of ostree-ext, not the one currently vendored in rpm-ostree. Signed-off-by: Colin Walters <walters@verbum.org>
2024-12-06 15:52:20 -05:00
# Install the main binary, the ostree hooks, and the integration test suite.
install-all: install install-ostree-hooks
tests: Drop `internal-testing-api`, move to tests-integration Previous work started moving our tests into an external binary; this is just cleaner because it can test things how a user would test. Also, we started using `libtest-mimic` to have a "real" test scaffolding that e.g. allows selecting individual tests to run, etc. Complete the picture here by moving the remaining bits into the tests-integration binary. We now run the `tests-integration` binary in two ways in e.g. Github Actions: - It's compiled directly on the Ubuntu runner, and orchestrates things itself - It's built in our default container image (Fedora) but as an external `/usr/bin/bootc-integration-tests` binary Also while we're here, drop the kola tests. Signed-off-by: Colin Walters <walters@verbum.org>
2024-05-31 16:01:41 -04:00
install -D -m 0755 target/release/tests-integration $(DESTDIR)$(prefix)/bin/bootc-integration-tests
Add initial CI infrastructure designed for Prow This test will - build a container image derived from FCOS, injecting bootc-under-test into it - Schedule a separate container derived from coreos-assembler which has a reference to that container injected via https://docs.ci.openshift.org/docs/architecture/ci-operator/#referring-to-images-in-tests - Run the stable FCOS base image via kola (qemu), injecting the target oscontainer - Execute a basic test that just verifies `status --json` today However, in the future we can change the build system to generate multiple container images, and test upgrades, rollbacks, etc. Signed-off-by: Colin Walters <walters@verbum.org>
2022-12-02 11:03:50 -05:00
bin-archive: all
Makefile: Serialize tarballs reproducibly This ensures that when we rerun the container build without changing the source, we get the same thing. Which then further ensures we don't invalidate any cached disk images, etc. Signed-off-by: Colin Walters <walters@verbum.org>
2024-06-06 07:48:47 -04:00
$(MAKE) install DESTDIR=tmp-install && $(TAR_REPRODUCIBLE) --zstd -C tmp-install -cf target/bootc.tar.zst . && rm tmp-install -rf
Add initial CI infrastructure designed for Prow This test will - build a container image derived from FCOS, injecting bootc-under-test into it - Schedule a separate container derived from coreos-assembler which has a reference to that container injected via https://docs.ci.openshift.org/docs/architecture/ci-operator/#referring-to-images-in-tests - Run the stable FCOS base image via kola (qemu), injecting the target oscontainer - Execute a basic test that just verifies `status --json` today However, in the future we can change the build system to generate multiple container images, and test upgrades, rollbacks, etc. Signed-off-by: Colin Walters <walters@verbum.org>
2022-12-02 11:03:50 -05:00
tests: Drop `internal-testing-api`, move to tests-integration Previous work started moving our tests into an external binary; this is just cleaner because it can test things how a user would test. Also, we started using `libtest-mimic` to have a "real" test scaffolding that e.g. allows selecting individual tests to run, etc. Complete the picture here by moving the remaining bits into the tests-integration binary. We now run the `tests-integration` binary in two ways in e.g. Github Actions: - It's compiled directly on the Ubuntu runner, and orchestrates things itself - It's built in our default container image (Fedora) but as an external `/usr/bin/bootc-integration-tests` binary Also while we're here, drop the kola tests. Signed-off-by: Colin Walters <walters@verbum.org>
2024-05-31 16:01:41 -04:00
test-bin-archive: all
build-sys: Also take over ostree hooks in our own CI builds This helps ensure our CI is covering our copy of ostree-ext, not the one currently vendored in rpm-ostree. Signed-off-by: Colin Walters <walters@verbum.org>
2024-12-06 15:52:20 -05:00
$(MAKE) install-all DESTDIR=tmp-install && $(TAR_REPRODUCIBLE) --zstd -C tmp-install -cf target/bootc.tar.zst . && rm tmp-install -rf
ci: Enable all features Signed-off-by: Colin Walters <walters@verbum.org>
2023-02-04 15:55:14 -05:00
tests-integration: Add basic local tmt flow Part of https://github.com/containers/bootc/issues/543 I'm not totally happy with this, but it does demonstrate the basic wiring flow of: - `cargo xtask test-tmt` That will do a container build, make a disk image from it, and run a "hello world" tmt test. A lot more to do here including wiring up our existing tests into this, and deduplicating with the other integration tests. A key aspect too will be exploring workflows that e.g. expose a registry locally. Signed-off-by: Colin Walters <walters@verbum.org>
2024-06-10 14:07:11 -04:00
test-tmt:
cargo xtask test-tmt
Add `cargo xtask` and packaging infrastructure First, this adds `cargo xtask` following https://github.com/matklad/cargo-xtask/ We use this to write "external glue scripts" in Rust, not bash. Specifically we now have e.g. `cargo xtask vendor` which just wraps running `cargo vendor-filterer`. Then build on that and add `cargo xtask package-srpm` which generates a `.src.rpm`. And build on that by adding the requisite glue to have Fedora's COPR be able to understand it, so that we can get auto-built and shipped packages there. This will make trying out bootc a bit easier. Signed-off-by: Colin Walters <walters@verbum.org>
2023-01-18 17:39:03 -05:00
build: Tweak `make validate-rust` This took me some thinking and experimenting. Basically we want: - Hard deny some warnings (this is covered by the Cargo.toml workspace.lints.rust) - Gate merging to main in CI on an exact set of warnings we want to forbid, but *without* also using a blanket -Dwarning deny policy because that could break our build when the compiler revs. - A corollary to the previous: allow developing locally without killing the build just because you have an unused import or some dead code (for example). So we don't want to add `dead_code = deny` into the Cargo.toml. - Be able to easily reproduce locally what CI is gating on in an efficient way. We already had `make validate-rust` which was intending to navigate this, but what was missing was the "deny extended set of warnings" so we got code committed to git main which hit `unused_imports`. Clippy upstream docs recommend the `RUSTFLAGS = -Dwarnings` approach in e.g. https://doc.rust-lang.org/clippy/continuous_integration/github_actions.html but again I think this is a problem because it can break with updated Rust/clippy versions (unless you pin on those, but that becomes a pain in and of itself). The problem also with doing `RUSTFLAGS = -Dwarnings` *locally* is it blows out the cargo cache. So here's the solution I came to: We run `cargo clippy -A clippy:all`, and then deny some specific clippy lints *and* the core Rust warnings we want (`unused_imports` type things) at this stage. The advantage is this doesn't blow out the main Cargo cache, and I can easily reproduce locally exactly what CI would gate on. Also while we're here, add `make fix-rust` which is a handy way to use the existing `clippy --fix` to locally fix things like unused imports as well as other machine-applicable things that are in e.g. `clippy::suspicious`. Signed-off-by: Colin Walters <walters@verbum.org>
2025-03-01 12:51:56 -05:00
# This gates CI by default. Note that for clippy, we gate on
# only the clippy correctness and suspicious lints, plus a select
# set of default rustc warnings.
# We intentionally don't gate on this for local builds in cargo.toml
# because it impedes iteration speed.
CLIPPY_CONFIG = -A clippy::all -D clippy::correctness -D clippy::suspicious -Dunused_imports -Ddead_code
build-sys: Add `make validate-rust` The `make validate-rust` reproduces locally the same checks we run in CI as gating by default; hook it up to the existing `make validate`. Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-15 17:44:59 -04:00
validate-rust:
cargo fmt -- --check -l
Make lints stricter, apply crate wide Add `dead_code = "deny"` to our default lints; we had a compiler warning for this in main. Fix the warning by moving the human readable test code into `#[cfg(test)]`. While we're here, move the other lib.rs lints into the crate; enforcing docs for *everything* at first I thought might be heavy handed but actually is fine as it only applies to things that are `pub`, of which we don't actually have that much so it mainly forced me to add some stub docs for the modules, which is probably a good idea. Signed-off-by: Colin Walters <walters@verbum.org>
2024-09-18 11:33:00 -04:00
cargo test --no-run
ostree-ext: Squash some unused warnings In some cases rust-analyzer seems to be building without the `bootc` feature which triggers some unused variable warnings here. Signed-off-by: Colin Walters <walters@verbum.org>
2025-05-14 12:51:36 -04:00
(cd ostree-ext && cargo check --no-default-features)
build: Tweak `make validate-rust` This took me some thinking and experimenting. Basically we want: - Hard deny some warnings (this is covered by the Cargo.toml workspace.lints.rust) - Gate merging to main in CI on an exact set of warnings we want to forbid, but *without* also using a blanket -Dwarning deny policy because that could break our build when the compiler revs. - A corollary to the previous: allow developing locally without killing the build just because you have an unused import or some dead code (for example). So we don't want to add `dead_code = deny` into the Cargo.toml. - Be able to easily reproduce locally what CI is gating on in an efficient way. We already had `make validate-rust` which was intending to navigate this, but what was missing was the "deny extended set of warnings" so we got code committed to git main which hit `unused_imports`. Clippy upstream docs recommend the `RUSTFLAGS = -Dwarnings` approach in e.g. https://doc.rust-lang.org/clippy/continuous_integration/github_actions.html but again I think this is a problem because it can break with updated Rust/clippy versions (unless you pin on those, but that becomes a pain in and of itself). The problem also with doing `RUSTFLAGS = -Dwarnings` *locally* is it blows out the cargo cache. So here's the solution I came to: We run `cargo clippy -A clippy:all`, and then deny some specific clippy lints *and* the core Rust warnings we want (`unused_imports` type things) at this stage. The advantage is this doesn't blow out the main Cargo cache, and I can easily reproduce locally exactly what CI would gate on. Also while we're here, add `make fix-rust` which is a handy way to use the existing `clippy --fix` to locally fix things like unused imports as well as other machine-applicable things that are in e.g. `clippy::suspicious`. Signed-off-by: Colin Walters <walters@verbum.org>
2025-03-01 12:51:56 -05:00
(cd lib && cargo check --no-default-features)
cargo clippy -- $(CLIPPY_CONFIG)
Make lints stricter, apply crate wide Add `dead_code = "deny"` to our default lints; we had a compiler warning for this in main. Fix the warning by moving the human readable test code into `#[cfg(test)]`. While we're here, move the other lib.rs lints into the crate; enforcing docs for *everything* at first I thought might be heavy handed but actually is fine as it only applies to things that are `pub`, of which we don't actually have that much so it mainly forced me to add some stub docs for the modules, which is probably a good idea. Signed-off-by: Colin Walters <walters@verbum.org>
2024-09-18 11:33:00 -04:00
env RUSTDOCFLAGS='-D warnings' cargo doc --lib
build-sys: Add `make validate-rust` The `make validate-rust` reproduces locally the same checks we run in CI as gating by default; hook it up to the existing `make validate`. Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-15 17:44:59 -04:00
.PHONY: validate-rust
build: Tweak `make validate-rust` This took me some thinking and experimenting. Basically we want: - Hard deny some warnings (this is covered by the Cargo.toml workspace.lints.rust) - Gate merging to main in CI on an exact set of warnings we want to forbid, but *without* also using a blanket -Dwarning deny policy because that could break our build when the compiler revs. - A corollary to the previous: allow developing locally without killing the build just because you have an unused import or some dead code (for example). So we don't want to add `dead_code = deny` into the Cargo.toml. - Be able to easily reproduce locally what CI is gating on in an efficient way. We already had `make validate-rust` which was intending to navigate this, but what was missing was the "deny extended set of warnings" so we got code committed to git main which hit `unused_imports`. Clippy upstream docs recommend the `RUSTFLAGS = -Dwarnings` approach in e.g. https://doc.rust-lang.org/clippy/continuous_integration/github_actions.html but again I think this is a problem because it can break with updated Rust/clippy versions (unless you pin on those, but that becomes a pain in and of itself). The problem also with doing `RUSTFLAGS = -Dwarnings` *locally* is it blows out the cargo cache. So here's the solution I came to: We run `cargo clippy -A clippy:all`, and then deny some specific clippy lints *and* the core Rust warnings we want (`unused_imports` type things) at this stage. The advantage is this doesn't blow out the main Cargo cache, and I can easily reproduce locally exactly what CI would gate on. Also while we're here, add `make fix-rust` which is a handy way to use the existing `clippy --fix` to locally fix things like unused imports as well as other machine-applicable things that are in e.g. `clippy::suspicious`. Signed-off-by: Colin Walters <walters@verbum.org>
2025-03-01 12:51:56 -05:00
fix-rust:
cargo clippy --fix --allow-dirty -- $(CLIPPY_CONFIG)
.PHONY: fix-rust
build-sys: Add `make validate-rust` The `make validate-rust` reproduces locally the same checks we run in CI as gating by default; hook it up to the existing `make validate`. Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-15 17:44:59 -04:00
validate: validate-rust
tests: Add pytest and nushell based tests I've been trying to keep this project in "one" programming language by writing even tests in Rust...but specifically for our integration tests it's pretty painful not just to compile them but have to deal with baking them into the base image. The tmt framework is very GHA like in that it scrapes the git source tree and copies it into the target environment, which works really well with scripts. Now, if you know me you know I am not a fan of dynamic programming languages like bash and Python. I'm one of those folks that actually tries to use Rust for things that feel like "scripts" i.e. they're *mostly* about forking external processes (see the xtask/ crate which uses "xshell"). Some of our testing code is in Rust too. However...there's a giant tension here because: - Iteration speed is very important for tests and scripts - The artifact being an architecture-dependent binary pushes us to inject it into container images; having the binary part of the bootc image under test conceptually forces us to reprovision for each test change, which is super expensive Most other people when faced with the testing challenge would just write shell scripts (or Python); that's definitely what tmt expects people to do. The podman project has a mix of a "bats" suite which is all bash based, and a Go-based framework. The thing is: bash is easy to mess up and has very little ability to do static analysis. Go (and Python) are very verbose for forking external processes. I've been using https://www.nushell.sh/ for my interactive shell for quite a while; I know just enough to get by day to day (but honestly sometimes I still type "bash" and run a few things there that I know how to express in bash but not nu) Anyways though, nushell has a lot of desirable properties for tests (which are basically scripts): - Architecture independent - Running an external process requires zero ceremony; it's the default! - But it *is* easy to e.g. scrape JSON from an external binary into a rich data structure - A decently rich standard library The downside is, it's a new language. And in the end, I'm not going to say it's the only way to write tests...maybe we do end up with some more bash. It wouldn't be the end of the world. But...after playing with this, I definitely like the result. OK, and after some debate we decided to add Python too, so this demos a pytest test. Signed-off-by: Colin Walters <walters@verbum.org>
2024-06-22 09:18:49 -04:00
ruff check
make validate: add new target Add a `make validate` target to run cargo-fmt and cargo-clippy. My muscle memory from other containers/ projects is strong where I am used to run `make validate` before committing/pushing changes. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
2023-11-01 14:56:53 +01:00
.PHONY: validate
build-sys: Generalize manpage bits to `make update-generated` I plan to add more generated-from-source files, so generalize the target which is currently specialized to manpages. Signed-off-by: Colin Walters <walters@verbum.org>
2024-07-17 13:44:37 -04:00
update-generated:
cargo xtask update-generated
.PHONY: update-generated
Add `cargo xtask` and packaging infrastructure First, this adds `cargo xtask` following https://github.com/matklad/cargo-xtask/ We use this to write "external glue scripts" in Rust, not bash. Specifically we now have e.g. `cargo xtask vendor` which just wraps running `cargo vendor-filterer`. Then build on that and add `cargo xtask package-srpm` which generates a `.src.rpm`. And build on that by adding the requisite glue to have Fedora's COPR be able to understand it, so that we can get auto-built and shipped packages there. This will make trying out bootc a bit easier. Signed-off-by: Colin Walters <walters@verbum.org>
2023-01-18 17:39:03 -05:00
vendor:
cargo xtask $@
.PHONY: vendor
package-rpm:
cargo xtask $@
.PHONY: package-rpm
Copy Permalink