From fd59df07de66a3e20038f2949ad760b77f9999b4 Mon Sep 17 00:00:00 2001 From: "Kelvin M. Klann" Date: Mon, 10 Apr 2023 20:36:31 -0300 Subject: ci: line-wrap and split/join some commands For increased readability. Note: `>` basically turns each newline into a space while `|` keeps newlines as is. Both remove leading indentation. Note2: On jobs using `apt-get install`, this commit moves package names to their own line, to make it easier to compare which packages are being installed across such jobs. --- .github/workflows/build-extra.yml | 16 ++++++++++----- .github/workflows/build.yml | 9 +++++++-- .github/workflows/profile-checks.yml | 18 ++++++++++++----- .gitlab-ci.yml | 39 +++++++++++++++++++++++++++--------- 4 files changed, 61 insertions(+), 21 deletions(-) diff --git a/.github/workflows/build-extra.yml b/.github/workflows/build-extra.yml index 9db2ec41f..13c575c8b 100644 --- a/.github/workflows/build-extra.yml +++ b/.github/workflows/build-extra.yml @@ -68,7 +68,9 @@ jobs: - name: install dependencies run: sudo apt-get install libapparmor-dev libselinux1-dev - name: configure - run: CC=clang-14 ./configure --enable-fatal-warnings --enable-apparmor --enable-selinux + run: > + CC=clang-14 ./configure --enable-fatal-warnings --enable-apparmor + --enable-selinux - name: make run: make - name: make install @@ -91,7 +93,9 @@ jobs: - name: install clang-tools-14 and dependencies run: sudo apt-get install clang-tools-14 libapparmor-dev libselinux1-dev - name: configure - run: CC=clang-14 ./configure --enable-fatal-warnings --enable-apparmor --enable-selinux + run: > + CC=clang-14 ./configure --enable-fatal-warnings --enable-apparmor + --enable-selinux - name: scan-build run: NO_EXTRA_CFLAGS="yes" scan-build-14 --status-bugs make cppcheck: @@ -110,9 +114,11 @@ jobs: - name: install cppcheck run: sudo apt-get install cppcheck - name: cppcheck - run: cppcheck -q --force --error-exitcode=1 --enable=warning,performance -i src/firejail/checkcfg.c -i src/firejail/main.c . - # new cppcheck version currently chokes on checkcfg.c and main.c, therefore scan all files also - # with older cppcheck version from ubuntu 20.04. + run: > + cppcheck -q --force --error-exitcode=1 --enable=warning,performance + -i src/firejail/checkcfg.c -i src/firejail/main.c . + # new cppcheck version currently chokes on checkcfg.c and main.c, therefore + # scan all files also with older cppcheck version from ubuntu 20.04. cppcheck_old: runs-on: ubuntu-20.04 steps: diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 429fb5807..4af788044 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -64,9 +64,14 @@ jobs: - name: update package information run: sudo apt-get update - name: install dependencies - run: sudo apt-get install gcc-12 libapparmor-dev libselinux1-dev expect xzdec whois bridge-utils + run: > + sudo apt-get install + gcc-12 libapparmor-dev libselinux1-dev expect xzdec whois + bridge-utils - name: configure - run: CC=gcc-12 ./configure --prefix=/usr --enable-fatal-warnings --enable-analyzer --enable-apparmor --enable-selinux + run: > + CC=gcc-12 ./configure --prefix=/usr --enable-fatal-warnings + --enable-analyzer --enable-apparmor --enable-selinux - name: make run: make - name: make install diff --git a/.github/workflows/profile-checks.yml b/.github/workflows/profile-checks.yml index 64069f917..4981b3c69 100644 --- a/.github/workflows/profile-checks.yml +++ b/.github/workflows/profile-checks.yml @@ -35,11 +35,19 @@ jobs: - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # - name: sort.py -# run: ./ci/check/profiles/sort.py etc/inc/*.inc etc/{profile-a-l,profile-m-z}/*.profile +# run: > +# ./ci/check/profiles/sort.py +# etc/inc/*.inc etc/{profile-a-l,profile-m-z}/*.profile # Currently broken (see #5610) -# - name: private-etc-always-required.sh -# run: ./ci/check/profiles/private-etc-always-required.sh etc/inc/*.inc etc/{profile-a-l,profile-m-z}/*.profile +# - name: private-etc-always-required.sh +# run: > +# ./ci/check/profiles/private-etc-always-required.sh +# etc/inc/*.inc etc/{profile-a-l,profile-m-z}/*.profile - name: sort-disable-programs.sh - run: ./ci/check/profiles/sort-disable-programs.sh etc/inc/disable-programs.inc + run: > + ./ci/check/profiles/sort-disable-programs.sh + etc/inc/disable-programs.inc - name: sort-firecfg.config.sh - run: ./ci/check/profiles/sort-firecfg.config.sh src/firecfg/firecfg.config + run: > + ./ci/check/profiles/sort-firecfg.config.sh + src/firecfg/firecfg.config diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index fe07b5b93..bfad57c08 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -5,11 +5,14 @@ # and fedora:latest for new setups # 3. Alpine for installing directly from source # Also builds apparmor package for Ubuntu LTS + build_ubuntu_package: image: ubuntu:rolling script: - apt-get update -qq - - DEBIAN_FRONTEND=noninteractive apt-get install -y -qq build-essential lintian libapparmor-dev pkg-config python3 gawk + - > + DEBIAN_FRONTEND=noninteractive apt-get install -y -qq + build-essential lintian libapparmor-dev pkg-config python3 gawk - ./configure - make deb - dpkg -i firejail*.deb @@ -20,7 +23,9 @@ build_debian_package: image: debian:stretch script: - apt-get update -qq - - apt-get install -y -qq build-essential lintian libapparmor-dev pkg-config gawk + - > + apt-get install -y -qq + build-essential lintian libapparmor-dev pkg-config gawk - ./configure - make deb - dpkg -i firejail*.deb @@ -63,7 +68,9 @@ build_no_apparmor: image: ubuntu:latest script: - apt-get update -qq - - DEBIAN_FRONTEND=noninteractive apt-get install -y -qq build-essential lintian pkg-config gawk + - > + DEBIAN_FRONTEND=noninteractive apt-get install -y -qq + build-essential lintian pkg-config gawk - ./configure - make dist - ./mkdeb.sh --disable-apparmor @@ -80,16 +87,30 @@ debian_ci: - git checkout -B ci_build $CI_COMMIT_SHA - gitlab-ci-enable-sid - gitlab-ci-enable-experimental - - echo "deb-src http://deb.debian.org/debian sid main" >> /etc/apt/sources.list - - echo "deb-src http://deb.debian.org/debian experimental main" >> /etc/apt/sources.list + - | + cat >>/etc/apt/sources.list <