Compare commits

...

5 Commits

Author SHA1 Message Date
Johannes Altmanninger
a0e73a8721 build_docker_images: use shell script instead of reusable github actions
We already want to use the Docker CLI in docker/docker_run_tests.sh,
so it seems wrong to also use the github-specific wrappers.

Let the CI use shell scripts too.
2026-06-23 11:08:52 +02:00
Johannes Altmanninger
ddc52eb5c1 Cache docker images used by CI
The alpine docker images builds quickly but if we want to use this
approach for all the ubuntu configurations as well, we might want to
cache it.

Do this by reverting dc9668c8a4 (Remove unused workflow to build
docker images, 2026-05-30), except:
- Remove "attestations" and "id-token" permissions; I'm not sure if these are necessary
- Given that our CI uses docker/docker_run_tests.sh which will always
  rebuild if necessary (i.e. only use the registry as cache), run on
  all branches, not just on master, for correctness.
- Let the builder use caching as well, I guess.

Part of #12626
2026-06-23 11:08:52 +02:00
Johannes Altmanninger
234fda7a0b Add FreeBSD to github CI
Reintroduces more of ff0afd14c2 (Remove Cirrus CI, 2026-05-28).
Don't pin the FreeBSD version, though we could do that in future.

While at it, remove some stale expected failures.

Closes #12626
2026-06-23 11:08:52 +02:00
Johannes Altmanninger
3f89550e51 Add Ubuntu arm64 to github CI
Not sure if this adds meaningful coverage but this is one of the things
that .cirrus.yml used to have (also: armv7-32bit).  Github seems
to provide arm64 natively, so maybe use that for now.

Part of #12626
2026-06-23 11:05:56 +02:00
Johannes Altmanninger
e02e11ba69 Add Alpine to github actions CI
Restores Alpine CI as removed in these commits:

- ff0afd14c2 (Remove Cirrus CI, 2026-05-28)
- f48166ff36 (update-dependencies: remove things used for Cirrus, 2026-05-29)
- dc9668c8a4 (Remove unused workflow to build docker images, 2026-05-30)

See following commits for the rest.

Part of #12626
2026-06-23 11:04:55 +02:00
11 changed files with 200 additions and 21 deletions

View File

@@ -0,0 +1,33 @@
name: Build Docker test images
on:
push:
paths:
- 'docker/**'
workflow_dispatch:
concurrency:
group: docker-builds
jobs:
docker-build:
if: github.repository_owner == 'fish-shell'
permissions:
contents: read
packages: write
strategy:
fail-fast: false
matrix:
include:
- os: ubuntu-latest
target: alpine
runs-on: ${{ matrix.os }}
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2, build_tools/update-dependencies.sh
- run: |
printf %s "${{ secrets.GITHUB_TOKEN }}" |
docker login ghcr.io --username=${{ github.actor }} --password-stdin
docker/push.sh docker/${{ matrix.target }}.Dockerfile

View File

@@ -10,10 +10,58 @@ permissions:
contents: read
jobs:
ubuntu:
alpine:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2, build_tools/update-dependencies.sh
- run:
docker/docker_run_tests.sh docker/alpine.Dockerfile
freebsd:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2, build_tools/update-dependencies.sh
- uses: vmactions/freebsd-vm@21de0c823079bc57bd8fcf25fb60193f36887e3d # v1, build_tools/update-dependencies.sh
with:
# # See https://github.com/vmactions/.github/wiki/debug%E2%80%90on%E2%80%90error
# debug-on-error: true
# vnc-password: fish
usesh: true
run: |
pkg update
# TODO This should be shared with .github/actions/install-dependencies/action.yml
pkg install -y \
cmake-core \
devel/ninja \
devel/pcre2 \
gettext \
git-lite \
lang/rust \
misc/py-pexpect \
python \
sudo \
;
# BSDs have the following behavior: root may open or access files even if
# the mode bits would otherwise disallow it. For example root may open()
# a file with write privileges even if the file has mode 400. This breaks
# our tests for e.g. cd and path. So create a new unprivileged user to run tests.
pw user add -n fish-user -s /bin/csh -d /home/fish-user
mkdir -p /home/fish-user
chown -R fish-user /home/fish-user
mkdir build && cd build
chown -R fish-user ..
sudo -u fish-user -s whoami
sudo -u fish-user -s FISH_TEST_MAX_CONCURRENCY=1 cmake -G Ninja -DCMAKE_BUILD_TYPE=Debug ..
sudo -u fish-user -s ninja fish
sudo -u fish-user -s env CI=1 ninja fish_run_tests
ubuntu:
strategy:
matrix:
os: [ubuntu-latest, ubuntu-latest-arm64]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2, build_tools/update-dependencies.sh
- uses: ./.github/actions/rust-toolchain@oldest-supported
- name: Install deps
uses: ./.github/actions/install-dependencies

View File

@@ -35,6 +35,7 @@ update_gh_action dessant/lock-threads
update_gh_action EmbarkStudios/cargo-deny-action
update_gh_action msys2/setup-msys2
update_gh_action softprops/action-gh-release
update_gh_action vmactions/freebsd-vm
updatecli "${@:-apply}"

45
docker/alpine.Dockerfile Normal file
View File

@@ -0,0 +1,45 @@
# Version set by updatecli.d/docker.yml
FROM alpine:3.23
LABEL org.opencontainers.image.source=https://github.com/fish-shell/fish-shell
ENV LANG=C.UTF-8
ENV LC_ALL=C.UTF-8
RUN apk add --no-cache \
bash \
cargo \
g++ \
gettext-dev \
git \
libintl \
musl-dev \
pcre2-dev \
py3-pexpect \
py3-pip \
python3 \
rust \
sudo \
tmux
RUN addgroup -g 1000 fishuser
RUN adduser \
--disabled-password \
--gecos "" \
--home "/home/fishuser" \
--ingroup fishuser \
--uid 1000 \
fishuser
RUN mkdir -p /home/fishuser/fish-build \
&& mkdir /fish-source \
&& chown -R fishuser:fishuser /home/fishuser /fish-source
USER fishuser
WORKDIR /home/fishuser
COPY fish_run_tests.sh /
ENV FISH_CHECK_LINT=false
CMD /fish_run_tests.sh

View File

@@ -11,15 +11,9 @@ EOF
exit 1
}
DOCKER_EXTRA_ARGS=""
export DOCKER_BUILDKIT=1
# Exit on failure.
set -e
# Get fish source directory.
workspace_root=$(cd "$( dirname "$0" )"/.. >/dev/null && pwd)
DOCKER_EXTRA_ARGS=""
# Parse args.
while [ $# -gt 1 ]; do
@@ -43,19 +37,19 @@ while [ $# -gt 1 ]; do
shift
done
DOCKERFILE="$1"
test -n "$DOCKERFILE" || usage
dockerfile=$1
test -n "$dockerfile" || usage
# Construct a docker image.
IMG_TAGNAME="ghcr.io/fish-shell/fish-ci/$(basename -s .Dockerfile "$DOCKERFILE"):latest"
docker build \
-t "$IMG_TAGNAME" \
-f "$DOCKERFILE" \
"$workspace_root"/docker/context/
workspace_root=$(cd "$( dirname "$0" )"/.. >/dev/null && pwd)
. "$workspace_root"/docker/lib.sh
docker_build "$dockerfile"
# Run tests in it, allowing them to fail without failing this script.
# shellcheck disable=SC2046 # for the isatty snippet
# shellcheck disable=SC2086 # $DOCKER_EXTRA_ARGS should have globbing and splitting applied.
docker run -it \
docker run -i $(isatty 0 && printf %s -t) \
--mount type=bind,source="$workspace_root",target=/fish-source,readonly \
$DOCKER_EXTRA_ARGS \
"$IMG_TAGNAME"
"$(image_tagname "$dockerfile")"

24
docker/lib.sh Normal file
View File

@@ -0,0 +1,24 @@
#!/bin/sh
# Get fish source directory.
set -e
# shellcheck disable=SC2154
test -n "$workspace_root"
image_tagname() {
printf %s "ghcr.io/fish-shell/fish-ci/$(basename -s .Dockerfile "$1"):latest"
}
docker_build() {
dockerfile=$1
shift
tagname=$(image_tagname "$dockerfile")
docker pull "$tagname" || true
DOCKER_BUILDKIT=1 \
docker build \
--cache-from "$tagname" \
-t "$tagname" \
-f "$dockerfile" \
"$workspace_root"/docker/context/ \
"$@"
}

19
docker/push.sh Executable file
View File

@@ -0,0 +1,19 @@
#!/bin/sh
usage() {
cat << EOF
Usage: $(basename "$0") DOCKERFILE
EOF
exit 1
}
set -e
dockerfile=$1
test -n "$dockerfile" || usage
workspace_root=$(cd "$( dirname "$0" )"/.. >/dev/null && pwd)
. "$workspace_root"/docker/lib.sh
docker_build "$dockerfile" --cache-to=type=inline
docker push "$(image_tagname "$dockerfile")"

View File

@@ -5,7 +5,7 @@ import sys
import signal
import platform
if "CI" in os.environ and platform.system() in ["Darwin", "FreeBSD"]:
if "CI" in os.environ and platform.system() == "Darwin":
sys.exit(127)
sp = SpawnedProc()

View File

@@ -6,7 +6,7 @@ import sys
import time
import platform
if "CI" in os.environ and platform.system() in ["Darwin", "FreeBSD"]:
if "CI" in os.environ and platform.system() == "Darwin":
sys.exit(127)
sp = SpawnedProc()

View File

@@ -5,7 +5,7 @@ import signal
import sys
from pexpect_helper import SpawnedProc
if "CI" in os.environ and platform.system() in ["Darwin", "FreeBSD"]:
if "CI" in os.environ and platform.system() == "Darwin":
sys.exit(127)
sp = SpawnedProc()

View File

@@ -1,6 +1,13 @@
name: "Update Linux docker images"
sources:
alpine_latest_version:
kind: dockerimage
spec:
image: alpine
tagfilter: "^[0-9]+\\.[0-9]+$"
versionfilter:
kind: semver
ubuntu_latest_lts_version:
kind: shell
spec:
@@ -17,6 +24,14 @@ sources:
tail -1
targets:
update_alpine_dockerfile:
name: "Update Alpine Linux version"
sourceid: alpine_latest_version
kind: file
spec:
file: docker/alpine.Dockerfile
matchpattern: "FROM alpine:.*"
replacepattern: 'FROM alpine:{{ source "alpine_latest_version" }}'
ubuntu_latest_version_dockerfile:
name: "Update oldest non-EOL Ubuntu Linux version"
sourceid: ubuntu_latest_lts_version