[21/12] CI: Refresh and upgrade the Fedora container

Message ID	20240713181005.3363912-1-andrew.cooper3@citrix.com (mailing list archive)
State	New
Headers	show Return-Path: <xen-devel-bounces@lists.xenproject.org> Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org> From: Andrew Cooper <andrew.cooper3@citrix.com> To: Xen-devel <xen-devel@lists.xenproject.org> Cc: Andrew Cooper <andrew.cooper3@citrix.com>, Anthony PERARD <anthony.perard@vates.tech>, Juergen Gross <jgross@suse.com>, =?utf-8?q?Roger_Pau_Monn=C3=A9?= <roger.pau@citrix.com>, Jan Beulich <JBeulich@suse.com>, Stefano Stabellini <sstabellini@kernel.org>, Julien Grall <julien@xen.org>, Oleksii Kurochko <oleksii.kurochko@gmail.com> Subject: [PATCH 21/12] CI: Refresh and upgrade the Fedora container Date: Sat, 13 Jul 2024 19:10:05 +0100 Message-Id: <20240713181005.3363912-1-andrew.cooper3@citrix.com> In-Reply-To: <20240711111517.3064810-1-andrew.cooper3@citrix.com> References: <20240711111517.3064810-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit
Series	CI: part 3 (slimline, and PPC/RISCV fixes) \| expand [for-4.19,v2,00/12] CI: part 3 (slimline, and PPC/RISCV fixes) [01/12] CI: Fix CONTAINER_UID0=1 scripts/containerize [02/12] CI: Remove useless/misleading randconfig jobs [03/12] CI: Drop Debian Jessie dockerfiles [04/12] CI: Drop Debian Stretch testing [05/12] CI: Drop Ubuntu Trusty testing [06/12] CI: Mark Archlinux/x86 as allowing failures [07/12] CI: Introduce a debian:12-ppc64le container [08/12] CI: Use debian:12-ppc64le for both build and test [09/12] CI: Refresh bullseye-ppc64le as debian:11-ppc64le [10/12] CI: Introduce debian:11/12-riscv64 containers [11/12] CI: Swap to debian for riscv64 build and test [12/12] CI: Refresh and upgrade the GCC-IBT container [13/12] CI: Refresh OpenSUSE Tumbleweed container [14/12] CI: Refresh OpenSUSE Leap container [15/12] CI: Refresh Ubuntu Xenial container as 16.04-x86_64 [16/12] CI: Refresh Ubuntu Bionic container as 18.04-x86_64 [17/12] CI: Refresh Ubuntu Focal container as 20.04-x86_64 [18/12] CI: Add Ubuntu 22.04 (Jammy) and 24.04 (Noble) testing [19/12] docs: Fix install-man$(1)-pages if no manpages are generated [20/12] CI: Swap from perl to perl-base in build containers [21/12] CI: Refresh and upgrade the Fedora container [22/12] tools/examples: Remove more obsolete content

Message ID

20240713181005.3363912-1-andrew.cooper3@citrix.com (mailing list archive)

State

New

Headers

Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Xen-devel <xen-devel@lists.xenproject.org>
Cc: Andrew Cooper <andrew.cooper3@citrix.com>,
 Anthony PERARD <anthony.perard@vates.tech>, Juergen Gross <jgross@suse.com>,
	=?utf-8?q?Roger_Pau_Monn=C3=A9?= <roger.pau@citrix.com>,
 Jan Beulich <JBeulich@suse.com>, Stefano Stabellini <sstabellini@kernel.org>,
 Julien Grall <julien@xen.org>, Oleksii Kurochko <oleksii.kurochko@gmail.com>
Subject: [PATCH 21/12] CI: Refresh and upgrade the Fedora container
Date: Sat, 13 Jul 2024 19:10:05 +0100
Message-Id: <20240713181005.3363912-1-andrew.cooper3@citrix.com>
In-Reply-To: <20240711111517.3064810-1-andrew.cooper3@citrix.com>
References: <20240711111517.3064810-1-andrew.cooper3@citrix.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Series

CI: part 3 (slimline, and PPC/RISCV fixes) | expand

Commit Message

Andrew Cooper July 13, 2024, 6:10 p.m. UTC

Fedora 29 is long out of date.  Move forward 5 years to Fedora 39.

Inlcude all the usual improvements.  Rework the container to be non-root, use
heredocs for legibility, and switch to the new naming scheme.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Anthony PERARD <anthony.perard@vates.tech>
CC: Juergen Gross <jgross@suse.com>
CC: Roger Pau Monné <roger.pau@citrix.com>
CC: Jan Beulich <JBeulich@suse.com>
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: Julien Grall <julien@xen.org>
CC: Oleksii Kurochko <oleksii.kurochko@gmail.com>

I know Fedora 40 the latest release, but it suffers from the same stubdom
failure as Archlinux currently does.  Fedora 39 builds fine.

Fedora is (correctly) blocking, so adding 40 would be bad move at this point
in the 4.19 release.

https://gitlab.com/xen-project/people/andyhhp/xen/-/pipelines/1372042761 is a
run with both 39 and 40, showing the failure.
---
 automation/build/fedora/29.dockerfile        | 46 ------------
 automation/build/fedora/39-x86_64.dockerfile | 74 ++++++++++++++++++++
 automation/gitlab-ci/build.yaml              |  8 +--
 3 files changed, 78 insertions(+), 50 deletions(-)
 delete mode 100644 automation/build/fedora/29.dockerfile
 create mode 100644 automation/build/fedora/39-x86_64.dockerfile

Comments

Anthony PERARD July 15, 2024, 1:39 p.m. UTC | #1

On Sat, Jul 13, 2024 at 07:10:05PM +0100, Andrew Cooper wrote:
> Fedora 29 is long out of date.  Move forward 5 years to Fedora 39.
> 
> Inlcude all the usual improvements.  Rework the container to be non-root, use
> heredocs for legibility, and switch to the new naming scheme.

"clang" as been removed, but it's not mention in the commit message. The
other changes are kind of "the usual improvement" yes, as been done to
other containers (libaio, nasm, ...).

The patch is missing an update of the "containerize" script.

> diff --git a/automation/build/fedora/39-x86_64.dockerfile b/automation/build/fedora/39-x86_64.dockerfile
> new file mode 100644
> index 000000000000..e2048a437581
> --- /dev/null
> +++ b/automation/build/fedora/39-x86_64.dockerfile
...
> +
> +    dnf -y install "${DEPS[@]}"

You might want to add --setopt=install_weak_deps=False to avoid
installing "git" for example.
When running the original command by hand, `dnf` want to install those weak deps:
    Installing weak dependencies:
     apr-util-bdb
     apr-util-openssl
     cryptsetup-libs
     diffutils
     git
     libbpf
     libxkbcommon
     mercurial
     perl-NDBM_File
     python3-fb-re2
     python3-pip
     qrencode-libs
     subversion
     systemd-networkd
     systemd-resolved
And comparring the list of deps, these extra pkgs are installed because
of weak deps:
    apr
    apr-util
    dbus
    dbus-broker
    dbus-common
    device-mapper
    device-mapper-libs
    git-core-doc
    kmod-libs
    libargon2
    libseccomp
    libserf
    perl-Error
    perl-File-Find
    perl-Git
    perl-TermReadKey
    perl-lib
    python3-zombie-imp
    re2
    subversion-libs
    systemd
    systemd-pam
    utf8proc
    xkeyboard-config

So, probably only "perl-File-Find" (can be written "perl(File::Find)" I
think as well) might be needed, but only for docs/ I think, from the
previous email.

It seems I go from 1.26GB to 1.18GB without those weak deps.

Cheers,

Andrew Cooper July 15, 2024, 2:39 p.m. UTC | #2

On 15/07/2024 2:39 pm, Anthony PERARD wrote:
> On Sat, Jul 13, 2024 at 07:10:05PM +0100, Andrew Cooper wrote:
>> Fedora 29 is long out of date.  Move forward 5 years to Fedora 39.
>>
>> Inlcude all the usual improvements.  Rework the container to be non-root, use
>> heredocs for legibility, and switch to the new naming scheme.
> "clang" as been removed, but it's not mention in the commit message.

Oops - I meant to mention that.  We don't do any clang builds with this
container, so I though I'd keep it slimer until we change that.

>  The
> other changes are kind of "the usual improvement" yes, as been done to
> other containers (libaio, nasm, ...).
>
> The patch is missing an update of the "containerize" script.

Ah - I found the hunk in a different patch.  I'll fix.

>
>> diff --git a/automation/build/fedora/39-x86_64.dockerfile b/automation/build/fedora/39-x86_64.dockerfile
>> new file mode 100644
>> index 000000000000..e2048a437581
>> --- /dev/null
>> +++ b/automation/build/fedora/39-x86_64.dockerfile
> ...
>> +
>> +    dnf -y install "${DEPS[@]}"
> You might want to add --setopt=install_weak_deps=False to avoid
> installing "git" for example.

Well, git-core is installed explicitly, but point taken.

> When running the original command by hand, `dnf` want to install those weak deps:
>     Installing weak dependencies:
>      apr-util-bdb
>      apr-util-openssl
>      cryptsetup-libs
>      diffutils
>      git
>      libbpf
>      libxkbcommon
>      mercurial
>      perl-NDBM_File
>      python3-fb-re2
>      python3-pip
>      qrencode-libs
>      subversion
>      systemd-networkd
>      systemd-resolved
> And comparring the list of deps, these extra pkgs are installed because
> of weak deps:
>     apr
>     apr-util
>     dbus
>     dbus-broker
>     dbus-common
>     device-mapper
>     device-mapper-libs
>     git-core-doc
>     kmod-libs
>     libargon2
>     libseccomp
>     libserf
>     perl-Error
>     perl-File-Find
>     perl-Git
>     perl-TermReadKey
>     perl-lib
>     python3-zombie-imp
>     re2
>     subversion-libs
>     systemd
>     systemd-pam
>     utf8proc
>     xkeyboard-config
>
> So, probably only "perl-File-Find" (can be written "perl(File::Find)" I
> think as well) might be needed, but only for docs/ I think, from the
> previous email.
>
> It seems I go from 1.26GB to 1.18GB without those weak deps.

Thanks.  I'll rework.

I have a specific plan for testing docs and it's going to be a dedicated
container and job, as well as things being a bit more -Werror-like.

~Andrew

diff --git a/automation/build/fedora/29.dockerfile b/automation/build/fedora/29.dockerfile
deleted file mode 100644
index d5f017ac723d..000000000000
--- a/automation/build/fedora/29.dockerfile
+++ /dev/null
@@ -1,46 +0,0 @@ 
-# syntax=docker/dockerfile:1
-FROM --platform=linux/amd64 fedora:29
-LABEL maintainer.name="The Xen Project" \
-      maintainer.email="xen-devel@lists.xenproject.org"
-
-# install Xen depends
-RUN dnf -y install \
-        clang \
-        gcc \
-        gcc-c++ \
-        ncurses-devel \
-        zlib-devel \
-        python-devel \
-        python3-devel \
-        libuuid-devel \
-        pkgconfig \
-        flex \
-        bison \
-        libaio-devel \
-        glib2-devel \
-        yajl-devel \
-        pixman-devel \
-        glibc-devel \
-        make \
-        binutils \
-        git \
-        wget \
-        acpica-tools \
-        python-markdown \
-        patch \
-        checkpolicy \
-        dev86 \
-        xz-devel \
-        bzip2 \
-        nasm \
-        ocaml \
-        ocaml-findlib \
-        golang \
-        # QEMU
-        ninja-build \
-    && dnf clean all && \
-    rm -rf /var/cache/dnf
-
-RUN useradd --create-home user
-USER user
-WORKDIR /build
diff --git a/automation/build/fedora/39-x86_64.dockerfile b/automation/build/fedora/39-x86_64.dockerfile
new file mode 100644
index 000000000000..e2048a437581
--- /dev/null
+++ b/automation/build/fedora/39-x86_64.dockerfile
@@ -0,0 +1,74 @@ 
+# syntax=docker/dockerfile:1
+FROM --platform=linux/amd64 fedora:39
+LABEL maintainer.name="The Xen Project"
+LABEL maintainer.email="xen-devel@lists.xenproject.org"
+
+RUN <<EOF
+    set -e
+
+    useradd --create-home user
+
+    dnf -y update
+
+    DEPS=(
+        # Xen
+        binutils
+        gcc
+        make
+        python3
+        # Kconfig
+        bison
+        flex
+        # Flask
+        checkpolicy
+
+        # Tools (general)
+        git-core
+        gzip
+        patch
+        perl-interpreter
+        pkgconfig
+        wget
+        # libxenguest dombuilder
+        bzip2-devel
+        libzstd-devel
+        lzo-devel
+        xz-devel
+        zlib-devel
+        # libacpi
+        acpica-tools
+        # libxl
+        libuuid-devel
+        yajl-devel
+        # RomBIOS
+        dev86
+        # Header Check
+        gcc-c++
+        # xentop
+        ncurses-devel
+        # Python bindings
+        python3-devel
+        python3-setuptools
+        # Ocaml bindings/oxenstored
+        ocaml
+        ocaml-findlib
+        # Golang bindings
+        golang
+
+        # Stubdom download/extract
+        bzip2
+
+        # Qemu build
+        glib2-devel
+        pixman-devel
+        ninja-build
+    )
+
+    dnf -y install "${DEPS[@]}"
+
+    dnf clean all
+    rm -rf /var/cache/dnf
+EOF
+
+USER user
+WORKDIR /build
diff --git a/automation/gitlab-ci/build.yaml b/automation/gitlab-ci/build.yaml
index 7ce88d38e7c7..3d35871d64f5 100644
--- a/automation/gitlab-ci/build.yaml
+++ b/automation/gitlab-ci/build.yaml
@@ -575,15 +575,15 @@  debian-bookworm-32-gcc-debug:
   variables:
     CONTAINER: debian:bookworm-i386
 
-fedora-gcc:
+fedora-39-x86_64-gcc:
   extends: .gcc-x86-64-build
   variables:
-    CONTAINER: fedora:29
+    CONTAINER: fedora:39-x86_64
 
-fedora-gcc-debug:
+fedora-39-x86_64-gcc-debug:
   extends: .gcc-x86-64-build-debug
   variables:
-    CONTAINER: fedora:29
+    CONTAINER: fedora:39-x86_64
 
 ubuntu-16.04-x86_64-clang:
   extends: .clang-x86-64-build

[21/12] CI: Refresh and upgrade the Fedora container

Commit Message

Comments

Patch