MOD-13779 | MOD-13574 | MOD-13811 Dockerize CI, add AL2023 and macos-…#1498
MOD-13779 | MOD-13574 | MOD-13811 Dockerize CI, add AL2023 and macos-…#1498AvivDavid23 merged 2 commits into8.4from
Conversation
…26 (#1494) * MOD-13779 Dockerize CI * MOD-13574 AL2023 * MOD-13811 MACOS-26
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## 8.4 #1498 +/- ##
==========================================
- Coverage 77.56% 76.97% -0.60%
==========================================
Files 16 15 -1
Lines 3945 3756 -189
==========================================
- Hits 3060 2891 -169
+ Misses 885 865 -20 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
| needs: [prepare-values] | ||
| with: | ||
| os: bionic focal jammy rocky8 rocky9 bullseye amazonlinux2 mariner2 azurelinux3 | ||
| arch: x64 |
There was a problem hiding this comment.
Nightly workflow references deleted workflow files
High Severity
The ubuntu-arm64 and azurelinux3-arm64 jobs in event-nightly.yml still reference flow-linux-arm.yml and flow-azurelinux3-arm.yml, both of which are deleted in this commit. All other event workflow files (event-ci.yml, event-tag.yml, event-weekly.yml) were properly updated to use flow-linux.yml with the new arch parameter, but event-nightly.yml was missed. The nightly build will fail because the referenced workflow files no longer exist.
| --cap-add=SYS_PTRACE \ | ||
| --security-opt seccomp=unconfined \ | ||
| ${{ env.DOCKER_IMAGE }} \ | ||
| bash -c "cargo test && MODULE=\$(realpath ./target/release/rejson.so) RLTEST_ARGS='--no-progress' \$(realpath ./tests/pytest/tests.sh) VG=${{ inputs.run_valgrind && '1' || '0' }}" |
There was a problem hiding this comment.
Valgrind flag passed as argument not environment variable
High Severity
In the test step, VG=... is placed after the tests.sh command invocation, making it a positional argument instead of an environment variable. The script reads $VG as an env var (line 600 of tests.sh: if [[ $VG == 1 ]]) to trigger setup_valgrind. Since VG is never set as an env var, valgrind tests silently run without valgrind enabled. The VG=... assignment needs to go before the command, alongside MODULE and RLTEST_ARGS.
|
|
||
| # Install git and build tools first | ||
| RUN dnf install -y git make wget openssl openssl-devel which \ | ||
| rsync unzip clang tar |
There was a problem hiding this comment.
Missing gcc in amazonlinux2023 Dockerfile breaks build
High Severity
Dockerfile.amazonlinux2023 installs clang but not gcc or gcc-c++. Every other Dockerfile in this commit installs gcc (e.g., build-essential, build-base, gcc-toolset-*). The install_redis.sh script runs make -j$(nproc) which uses Redis's default compiler (gcc). Without gcc on the PATH, the Redis build during docker build will fail, making the entire amazonlinux2023 platform non-functional.
| RUN yum install -y wget git which devtoolset-11-gcc devtoolset-11-gcc-c++ devtoolset-11-make \ | ||
| rsync unzip tar awscli clang curl openssl11 openssl11-devel | ||
|
|
||
| RUN source /opt/rh/devtoolset-11/enable |
There was a problem hiding this comment.
Devtoolset environment lost across Docker layers breaks build
High Severity
RUN source /opt/rh/devtoolset-11/enable on line 19 has no effect on subsequent RUN layers because each Docker RUN creates a new shell. The devtoolset-11-* packages install make and gcc only under /opt/rh/devtoolset-11/root/usr/bin/, and no system make or gcc is installed. When install_redis.sh runs make -j$(nproc) on line 29, it will fail because make is not on the PATH. The enable script needs to be sourced in the same RUN command that needs the tools, or the devtoolset PATH needs to be set via ENV.
Additional Locations (1)
2 participants
…26 (#1494)
MOD-13779 Dockerize CI
MOD-13574 AL2023
MOD-13811 MACOS-26
Note
Medium Risk
CI/build infrastructure is significantly refactored (new Docker images, new workflow orchestration, and changes to artifact uploading), which can easily break platform coverage or release packaging if any container or workflow assumptions are off.
Overview
Moves Linux CI to a single Docker-driven workflow (
flow-linux.yml) used by PR, nightly, weekly, and tag pipelines, parameterized byarchand an OS matrix (including Alpine and Amazon Linux 2023) and running build/test/pack/S3-upload inside the container.Removes the legacy Linux workflows (
flow-linux-x86.yml,flow-linux-arm.yml,flow-alpine.yml,flow-azurelinux3-arm.yml) and adds a set ofDockerfile.*images plus a shared.install/install_redis.shand a Docker-orientedsbin/upload-artifacts-s3wrapper for S3 publishing.Updates macOS CI to drop the separate x64 job and instead run arm64 builds across multiple macOS runner versions (including macOS-26), and pins Python
setuptoolsto<81in both CI installs and test requirements to stabilize builds.Written by Cursor Bugbot for commit 3374abf. This will update automatically on new commits. Configure here.