1. 29 Apr, 2020 5 commits
    • Michał Kępień's avatar
      Adjust Python packages installed on Debian · c1b933c6
      Michał Kępień authored
      The python-dnspython package was dropped from Debian "sid" and thus can
      no longer be installed on that system.  Since this move is a part of a
      larger initiative to remove Python 2 from Debian, there is little sense
      in trying to implement Dockerfile workarounds for this specific package.
      Instead, remove Python 2 packages from all our Debian Docker images
      except the "buster" one (to retain some Python 2 test coverage for BIND
      branches other than "master").
      c1b933c6
    • Michał Kępień's avatar
      Fix SoftHSM installation on Debian · 61101ba1
      Michał Kępień authored
      61101ba1
    • Michał Kępień's avatar
      Fix Clang installation on Debian · 342e5ffb
      Michał Kępień authored
      342e5ffb
    • Michał Kępień's avatar
      Fix trigger for Ubuntu CI jobs · bc59efa4
      Michał Kępień authored
      docker/bind9/ubuntu-template symlinks to docker/bind9/debian-template,
      so GitLab CI will never trigger any Ubuntu jobs automatically unless the
      symlink itself changes.  Ensure Ubuntu jobs are triggered when
      docker/bind9/debian-template is modified, to reflect actual Dockerfile
      dependencies.
      bc59efa4
    • Michał Kępień's avatar
      Remove unused i386 images · 9b7eb1a0
      Michał Kępień authored
      Out of all i386 Docker images we are currently building, only the "sid"
      one is actively being used in GitLab CI.  Remove all other i386 images.
      9b7eb1a0
  2. 27 Apr, 2020 5 commits
    • Michał Kępień's avatar
      Improve CI job triggering rules · 361e1aab
      Michał Kępień authored
        - Automatically start jobs for all images potentially affected by a
          Dockerfile template change or a Packer source file modification.
          The rationale here is that most meaningful changes to image contents
          happen through modifications to Dockerfile templates and Packer
          source files while Makefile updates are rare (and starting all
          relevant jobs when a Makefile is modified would be reckless).
      
        - Allow all jobs to be run (on demand) for pipelines created through
          the web interface.  This allows any build job to be tested before
          merging a branch which modifies Makefile(s) but does not touch any
          Dockerfile templates or Packer source files (since Makefile changes
          alone do not trigger build jobs).
      
        - Automatically push rebuilt images to the production Docker registry
          when a branch is merged into "master".  Propagating changes
          introduced by branches which only touch Makefile(s) will require
          creating a pipeline for the "master" branch using the web interface,
          but that is expected to be needed rarely.
      
        - Ensure scheduled build jobs are still run automatically.
      361e1aab
    • Michał Kępień's avatar
      Enable parallel compilation for FreeBSD QCOW2 jobs · 8ddcd2cb
      Michał Kępień authored
      Packer jobs should also benefit from parallel compilation the way Docker
      jobs do.  This only applies to FreeBSD jobs for the time being (since we
      do not compile any source code while building other QCOW2 images), but
      make the necessary adjustments on a "global" level (in packer/Makefile)
      anyway, so that further platforms can be tweaked more conveniently if
      the need arises in the future.  While packer/freebsd/packer.json only
      allocates 2 vCPUs to the VM building the QCOW2 image and the default
      number of parallel build jobs is set to 6, we do not care much about
      that discrepancy.
      8ddcd2cb
    • Michał Kępień's avatar
      Only push "production" QCOW2 images from master · 543773f3
      Michał Kępień authored
      Use a "staging" registry for QCOW2 images in a similar spirit as for its
      Docker counterpart - only update QCOW2 images in the main registry when
      a CI job is run for the "master" branch.  This allows us to experiment
      freely with the build process using custom branches, merge requests,
      etc., without any risk of affecting GitLab CI results.
      543773f3
    • Michal Nowak's avatar
      Build custom software in parallel · 494a7c88
      Michal Nowak authored
      Number of make jobs is the same as in the BIND repository.
      494a7c88
    • Michal Nowak's avatar
      Cache Kyua · de0f7f2a
      Michal Nowak authored
      Since image building happens in special Docker-in-Docker container, we
      can't use GitLab cache as-is but we need to get the extracted cache
      content first to the root/context directory where Docker build will take
      place and then to the image itself during the Docker build. After that
      updated content is copied out of the published image to a place where it
      can be cached by GitLab.
      de0f7f2a
  3. 24 Apr, 2020 1 commit
    • Michal Nowak's avatar
      Rebuild Tumbleweed and sid images periodically · 58711bba
      Michal Nowak authored
      'when:manual' for all Docker (and KVM) jobs prevents us from executing
      them via Scheduler (a pipeline with 'skipped' jobs is created). As we
      nearly never intend to execute all jobs at once, and thus removing
      'when:manual' is not an option, special 'REBUILD_PERIODICALLY' variable
      is added for jobs which should rather have 'when:always' set and thus
      start automatically in Schedule.
      
      'only_if_XXX_changed' templates were removed as 'only' is not compatible
      with 'rules' (and is deprecated anyway) and because they are not working
      as intended in most situations.
      58711bba
  4. 21 Apr, 2020 1 commit
  5. 01 Apr, 2020 1 commit
  6. 27 Mar, 2020 2 commits
    • Michał Kępień's avatar
      Fix dnstap installation conditions · c517bfea
      Michał Kępień authored
      dnstap dependencies are currently unconditionally included in Alpine
      Linux images.  Only install them if the relevant Makefile variable is
      set.
      
      Tweak the condition for installing dnstap dependencies on CentOS so that
      it matches its Debian counterpart.
      c517bfea
    • Michał Kępień's avatar
      Include vendor in optional installation variables · 0be3b668
      Michał Kępień authored
      Some Linux distributions (e.g. Alpine Linux) neither use release
      codenames nor include the distribution name in their Docker tags.  Since
      variable names like "dnstap_3.11_amd64" would cause confusion, include
      distribution names in the names of Makefile variables controlling
      conditional installations.
      0be3b668
  7. 26 Mar, 2020 5 commits
  8. 25 Mar, 2020 7 commits
    • Michal Nowak's avatar
      Drop Fedora 30 · 7ec026e7
      Michal Nowak authored
      7ec026e7
    • Michal Nowak's avatar
      Drop Alpine Linux 3.10 · e1efd647
      Michal Nowak authored
      e1efd647
    • Michał Kępień's avatar
      39bdcd30
    • Ondřej Surý's avatar
      ffdab6a5
    • Ondřej Surý's avatar
      Rework the way we build and use Debian/Ubuntu images · 8a94d972
      Ondřej Surý authored
      Following changes have been made to the Makefile and Dockerfile for
      Debian/Ubuntu images:
      
      * With introduction of arm64 builder, we needed more fine grained
        switches that define whether to install specific software bundle into
        the image.  The switches are now defined as a tripplets:
        <software>_<version>_<architecture>, e.g. dnstap_buster_amd64
      
      * Change the install/no-install logic for abi-compliance-checker,
        shellcheck, and compiledb from Dockerfile to the Makefile
      
      * It was hard to test whether the images build correctly and not mess
        with production environment.  Now, the images are pushed only if the
        pipeline is run on the default repository branch (e.g. master).
      
      * Install only a single LLVM/Clang version - 10 at the time of this
        commit.  This has to match with bind9's .gitlab-ci.yml.
      
      * Don't install the LLVM/Clang to Debian sid, this is more often broken
        than it's not.
      
      * Pick a "base_image" in the bind9's .gitlab-ci.yml that will have the
        extra software.  At the time of writing this, The Debian amd64 buster
        image was picked.  This means needs to get the latest version of the
        clang, coccinelle, abicc, cppcheck and others.
      
      * If `@FOO@` in the `if [ -n "@FOO@" ]` construct didn't get replaced it
        would default to true.  Change this to `if [ "@FOO@" = "yes" ]` that
        defaults to false.
      
      * Install the abi-compliance-checker and it's dependencies from the git
        repository instead from the Debian buster repository.
      8a94d972
    • Ondřej Surý's avatar
      e071c7b5
    • Ondřej Surý's avatar
      bcc828c9
  9. 24 Mar, 2020 1 commit
  10. 23 Mar, 2020 1 commit
  11. 19 Mar, 2020 1 commit
  12. 18 Mar, 2020 2 commits
  13. 17 Mar, 2020 3 commits
    • Michal Nowak's avatar
      Use custom kyua · 13885225
      Michal Nowak authored
      Kyua has it's own expectations on where to find core file generated by
      a broken test. They do not suit us well as the common Linux core
      pattern setup places the core alongside the crashed binary with a
      'core.PID' pattern.
      
      Following Kyua fork adds the above mentioned expectation to the Kyua
      source code.
      13885225
    • Michał Kępień's avatar
      Fix broken @CLANG@ token · 2ce221b1
      Michał Kępień authored
      2ce221b1
    • Michał Kępień's avatar
      Enable use of HTTPS Clang repositories on Debian · 6cdeb04c
      Michał Kępień authored
      The apt.llvm.org package repository seems to have moved to HTTPS-only.
      Without the apt-transport-https package installed, apt appears to hang
      during routine operations (e.g. "apt-get update") when a repository like
      this is enabled in its configuration.  Fix by installing the
      apt-transport-https package whenever Clang repositories are to be used.
      6cdeb04c
  14. 16 Mar, 2020 1 commit
  15. 06 Mar, 2020 1 commit
  16. 05 Mar, 2020 3 commits