From f8ecf2597520a4ffd4c765371162eabc4468a731 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Fri, 18 Oct 2024 12:08:08 +0100 Subject: [PATCH 1/4] run-docker.sh: Document options Signed-off-by: Simon McVittie --- .gitlab-ci/run-docker.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.gitlab-ci/run-docker.sh b/.gitlab-ci/run-docker.sh index 625f13ee7..f3776d9a7 100755 --- a/.gitlab-ci/run-docker.sh +++ b/.gitlab-ci/run-docker.sh @@ -67,6 +67,11 @@ if [ $print_help == 1 ]; then echo " list - List available images" echo " help - This help message" echo "" + echo "Options" + echo "" + echo " --base-version NUM - Image is version NUM" + echo " --no-login - Don't log in to registry" + echo "" exit 0 fi From 630930a60b64dd735a10accb0894cf6fb6b2b903 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Fri, 18 Oct 2024 12:10:46 +0100 Subject: [PATCH 2/4] CI: Add a debian-stable-i386 CI image This is identical to the debian-stable image, except that it uses packages from the i386 dpkg architecture (i686-linux-gnu) instead of amd64 (x86_64-linux-gnu). x86_64 Docker hosts with x86_64 kernels can run i386 Docker images, so we can use our existing CI workers. Instead of duplicating the content of the Dockerfile, add a layer of architecture-switching so we can build essentially the same image from a different base. Signed-off-by: Simon McVittie --- .gitlab-ci/debian-stable.Dockerfile | 3 ++- .gitlab-ci/run-docker.sh | 28 +++++++++++++++++++++++++--- 2 files changed, 27 insertions(+), 4 deletions(-) diff --git a/.gitlab-ci/debian-stable.Dockerfile b/.gitlab-ci/debian-stable.Dockerfile index 81b5b4762..572e3bea6 100644 --- a/.gitlab-ci/debian-stable.Dockerfile +++ b/.gitlab-ci/debian-stable.Dockerfile @@ -1,4 +1,5 @@ -FROM debian:bookworm +ARG ARCHITECTURE_PREFIX= +FROM ${ARCHITECTURE_PREFIX}debian:bookworm RUN apt-get update -qq && apt-get install --no-install-recommends -qq -y \ bindfs \ diff --git a/.gitlab-ci/run-docker.sh b/.gitlab-ci/run-docker.sh index f3776d9a7..03e176446 100755 --- a/.gitlab-ci/run-docker.sh +++ b/.gitlab-ci/run-docker.sh @@ -85,6 +85,8 @@ if [ $list == 1 ]; then echo -e " \\e[1;39m$basename\\e[0m" done + # Special cases that don't have their own Dockerfile + echo -e " \\e[1;39mdebian-stable-i386\\e[0m" exit 0 fi @@ -94,8 +96,25 @@ if [ -z "${base}" ]; then exit 1 fi -if [ ! -f "$base.Dockerfile" ]; then - echo -e "\\e[1;31mERROR\\e[0m: Dockerfile for '$base' not found" +case "$base" in + (debian-stable-i386) + dockerfile=debian-stable + arch=386 + if [ "$DOCKER_CMD" = "podman" ]; then + arch_prefix=docker.io/i386/ + else + arch_prefix=i386/ + fi + ;; + (*) + dockerfile="$base" + arch="" + arch_prefix="" + ;; +esac + +if [ ! -f "$dockerfile.Dockerfile" ]; then + echo -e "\\e[1;31mERROR\\e[0m: Dockerfile for '$dockerfile' not found" exit 1 fi @@ -113,8 +132,10 @@ if [ $build == 1 ]; then --build-arg HOST_USER_ID="$UID" \ --build-arg COVERITY_SCAN_PROJECT_NAME="${COVERITY_SCAN_PROJECT_NAME}" \ --build-arg COVERITY_SCAN_TOKEN="${COVERITY_SCAN_TOKEN}" \ + ${arch_prefix+--build-arg ARCHITECTURE_PREFIX="${arch_prefix}"} \ + ${arch+--arch="$arch"} \ --tag "${TAG}" \ - --file "${base}.Dockerfile" . + --file "${dockerfile}.Dockerfile" . exit $? fi @@ -132,6 +153,7 @@ fi if [ $run == 1 ]; then echo -e "\\e[1;32mRUNNING\\e[0m: ${base} as ${TAG}" $DOCKER_CMD run \ + ${arch+--arch="$arch"} \ --rm \ --volume "$(pwd)/..:/home/user/app" \ --workdir "/home/user/app" \ From 20d54ba5f1c20877853b7374dc3a8a8b51b5daba Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Fri, 18 Oct 2024 12:14:44 +0100 Subject: [PATCH 3/4] CI: Add a job that runs on 32-bit Debian stable This is enough to detect most ILP32-specific issues. We previously relied on 32-bit Windows to catch those, but the toolchains we're using have increasingly minimal support for 32-bit Windows. The combination of fedora-x86_64 and debian-stable-i386 between them should cover nearly everything that debian-stable-x86_64 does, so demote debian-stable-x86_64 to be run on a schedule or manually. Helps: https://gitlab.gnome.org/GNOME/glib/-/issues/3477 Signed-off-by: Simon McVittie --- .gitlab-ci.yml | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index e055f83e3..e95c9bda4 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -14,6 +14,7 @@ variables: FEDORA_IMAGE: "registry.gitlab.gnome.org/gnome/glib/fedora:v39.5" COVERITY_IMAGE: "registry.gitlab.gnome.org/gnome/glib/coverity:v7" DEBIAN_IMAGE: "registry.gitlab.gnome.org/gnome/glib/debian-stable:v23" + DEBIAN_I386_IMAGE: "registry.gitlab.gnome.org/gnome/glib/debian-stable-i386:v1" ALPINE_IMAGE: "registry.gitlab.gnome.org/gnome/glib/alpine:v7" MINGW_IMAGE: "registry.gitlab.gnome.org/gnome/glib/mingw:v39.5" GOBJECT_INTROSPECTION_TAG: "1.80.1" @@ -245,12 +246,10 @@ fedora-x86_64: - "_coverage" - "_reference" -debian-stable-x86_64: +.build-debian: extends: - .build-linux - - .only-default - .with-git - image: $DEBIAN_IMAGE stage: build needs: [] before_script: @@ -281,6 +280,21 @@ debian-stable-x86_64: - "_build/glib/glibconfig.h" - "_build/meson-logs" +debian-stable-x86_64: + extends: + - .build-debian + # We don't need to run this job too often, because the combination of + # fedora-x86_64 and debian-stable-i386 should cover more or less + # everything that this job does + - .only-schedules-or-manual + image: $DEBIAN_IMAGE + +debian-stable-i386: + extends: + - .build-debian + - .only-default + image: $DEBIAN_I386_IMAGE + hurd-i386: extends: - .only-schedules-or-manual From dbd7280c5e1ff582868ce3eae2879c7eedb5c263 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Sat, 19 Oct 2024 17:45:51 +0100 Subject: [PATCH 4/4] CI: Rebuild a slightly newer version of ninja for debian-stable-i386 The version of ninja-build in Debian 12 isn't built with large file support, and therefore is not compatible with filesystems with large inode numbers. Unfortunately, that includes the overlay mounts used by Docker. I've suggested a stable update for this as part of the next Debian 12 point release. Until/unless that happens, we can build our own. Signed-off-by: Simon McVittie --- .gitlab-ci.yml | 2 +- .gitlab-ci/debian-stable.Dockerfile | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index e95c9bda4..f59642391 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -14,7 +14,7 @@ variables: FEDORA_IMAGE: "registry.gitlab.gnome.org/gnome/glib/fedora:v39.5" COVERITY_IMAGE: "registry.gitlab.gnome.org/gnome/glib/coverity:v7" DEBIAN_IMAGE: "registry.gitlab.gnome.org/gnome/glib/debian-stable:v23" - DEBIAN_I386_IMAGE: "registry.gitlab.gnome.org/gnome/glib/debian-stable-i386:v1" + DEBIAN_I386_IMAGE: "registry.gitlab.gnome.org/gnome/glib/debian-stable-i386:v2" ALPINE_IMAGE: "registry.gitlab.gnome.org/gnome/glib/alpine:v7" MINGW_IMAGE: "registry.gitlab.gnome.org/gnome/glib/mingw:v39.5" GOBJECT_INTROSPECTION_TAG: "1.80.1" diff --git a/.gitlab-ci/debian-stable.Dockerfile b/.gitlab-ci/debian-stable.Dockerfile index 572e3bea6..bb4788baa 100644 --- a/.gitlab-ci/debian-stable.Dockerfile +++ b/.gitlab-ci/debian-stable.Dockerfile @@ -74,6 +74,24 @@ ENV LANG=C.UTF-8 LANGUAGE=C.UTF-8 LC_ALL=C.UTF-8 RUN pip3 install --break-system-packages meson==1.4.2 +# ninja-build 1.11.1 didn't build with large file support on 32-bit, +# breaking the i386 image when used with overlayfs. +# The fix from upstream 1.12.0 was backported to Debian in 1.11.1-2, +# but too late for Debian 12. https://bugs.debian.org/1041897 +RUN if [ "$(dpkg --print-architecture)" = i386 ]; then \ + apt-get install --no-install-recommends -qq -y \ + debhelper \ + re2c \ + && mkdir /run/build \ + && git clone --depth=1 -b debian/1.11.1-2 https://salsa.debian.org/debian/ninja-build.git /run/build/ninja-build \ + && cd /run/build/ninja-build \ + && git checkout e39b5f01229311916302300449d951735e4a3e3f \ + && dpkg-buildpackage -B -Pnodoc \ + && dpkg -i ../*.deb \ + && cd / \ + && rm -fr /run/build; \ +fi + ARG HOST_USER_ID=5555 ENV HOST_USER_ID ${HOST_USER_ID} RUN useradd -u $HOST_USER_ID -ms /bin/bash user