Skip to content

mkosi: Install integritysetup on CentOS/Fedora #859

mkosi: Install integritysetup on CentOS/Fedora

mkosi: Install integritysetup on CentOS/Fedora #859

Workflow file for this run

---
# vi: ts=2 sw=2 et:
# SPDX-License-Identifier: LGPL-2.1-or-later
# Simple boot tests that build and boot the mkosi images generated by the mkosi config files in mkosi.conf.d/.
name: mkosi
on:
push:
branches:
- main
- v[0-9]+-stable
paths:
- '**'
- '!README*'
- '!LICENSE*'
- '!LICENSES/**'
- '!TODO'
- '!docs/**'
- '!man/**'
- '!catalog/**'
- '!shell-completion/**'
- '!po/**'
- '!.**'
- '.github/**'
pull_request:
branches:
- main
- v[0-9]+-stable
paths:
- '**'
- '!README*'
- '!LICENSE*'
- '!LICENSES/**'
- '!TODO'
- '!docs/**'
- '!man/**'
- '!catalog/**'
- '!shell-completion/**'
- '!po/**'
- '!.**'
- '.github/**'
permissions:
contents: read
jobs:
ci:
runs-on: ubuntu-22.04
concurrency:
group: ${{ github.workflow }}-${{ matrix.distro }}-${{ matrix.release }}-${{ github.ref }}
cancel-in-progress: true
strategy:
fail-fast: false
matrix:
include:
- distro: arch
release: rolling
- distro: debian
release: testing
- distro: ubuntu
release: jammy
- distro: fedora
release: "39"
- distro: fedora
release: rawhide
- distro: opensuse
release: tumbleweed
- distro: centos
release: "9"
- distro: centos
release: "8"
env:
SYSTEMD_LOG_LEVEL: debug
steps:
- name: Enable proposed-updates
run: |
sudo mkdir -p /etc/apt/sources.list.d/
echo 'deb http://azure.archive.ubuntu.com/ubuntu jammy-proposed restricted main universe' | sudo tee /etc/apt/sources.list.d/proposed.list
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- uses: systemd/mkosi@bbe715f42911f9660712377a5b39335b9391ae22
- name: Configure
run: |
tee mkosi.local.conf <<- EOF
[Distribution]
Distribution=${{ matrix.distro }}
Release=${{ matrix.release }}
EOF
tee mkosi.conf.d/99-ci.conf <<- EOF
[Content]
Environment=CI_BUILD=1
SLOW_TESTS=true
[Host]
KernelCommandLineExtra=systemd.unit=mkosi-check-and-shutdown.service
systemd.journald.max_level_console=debug
# udev's debug log output is very verbose, so up it to info in CI.
udev.log_level=info
# Root device can take a long time to appear, so let's bump the timeout.
systemd.default_device_timeout_sec=180
QemuVsock=yes
# Sometimes we run on a host with /dev/kvm, but it is broken, so explicitly disable it
QemuKvm=no
Ephemeral=yes
EOF
# For erofs, we have to install linux-modules-extra-azure, but that doesn't match the running kernel
# version, so we can't load the erofs module. squashfs is a builtin module so we use that instead.
mkdir -p mkosi.images/system/mkosi.repart/10-usr.conf.d
tee mkosi.images/system/mkosi.repart/10-usr.conf.d/squashfs.conf <<- EOF
[Partition]
Format=squashfs
EOF
# The emergency shell is not useful in the CI, as it just blocks for a long time before the job
# eventually times out. Override it to just shutdown immediately.
mkdir -p mkosi.images/initrd/mkosi.extra/usr/lib/systemd/system/emergency.service.d/
mkdir -p mkosi.images/system/mkosi.extra/usr/lib/systemd/system/emergency.service.d/
tee mkosi.images/initrd/mkosi.extra/usr/lib/systemd/system/emergency.service.d/poweroff.conf <<- EOF
[Unit]
FailureAction=exit
[Service]
ExecStartPre=
ExecStart=
ExecStart=false
EOF
cp mkosi.images/initrd/mkosi.extra/usr/lib/systemd/system/emergency.service.d/poweroff.conf mkosi.images/system/mkosi.extra/usr/lib/systemd/system/emergency.service.d/poweroff.conf
- name: Generate secure boot key
run: mkosi --debug genkey
- name: Show image summary
run: mkosi summary
- name: Build
run: mkosi --debug
- name: Boot systemd-nspawn
run: test "$(sudo mkosi --debug boot 1>&2; echo $?)" -eq 123
- name: Boot QEMU
run: timeout -k 30 10m test "$(mkosi --debug qemu 1>&2; echo $?)" -eq 123