MOD-13779 | MOD-13574 | MOD-13811 Dockerize CI, add AL2023 and macos-…#1499
MOD-13779 | MOD-13574 | MOD-13811 Dockerize CI, add AL2023 and macos-…#1499AvivDavid23 merged 2 commits into8.2from
Conversation
…26 (#1494) * MOD-13779 Dockerize CI * MOD-13574 AL2023 * MOD-13811 MACOS-26
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## 8.2 #1499 +/- ##
==========================================
- Coverage 79.20% 78.79% -0.42%
==========================================
Files 15 14 -1
Lines 3707 3541 -166
==========================================
- Hits 2936 2790 -146
+ Misses 771 751 -20 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
|
|
||
| # Install git and build tools first | ||
| RUN dnf install -y git make wget openssl openssl-devel which \ | ||
| rsync unzip clang tar |
There was a problem hiding this comment.
Missing gcc in amazonlinux2023 Dockerfile breaks build
High Severity
Dockerfile.amazonlinux2023 installs clang but not gcc or any package providing cc. The install_redis.sh script runs make which defaults to using cc (via Redis's CC ?= cc). On Amazon Linux 2023, installing clang does not create a cc symlink, and gcc is not in the base Docker image. This will cause the Docker build to fail during Redis compilation. Every other Dockerfile in this PR explicitly installs gcc (or build-essential or a gcc-toolset).
| with: | ||
| arch: arm64 | ||
| redis-ref: ${{needs.prepare-values.outputs.redis-ref}} | ||
| secrets: inherit |
There was a problem hiding this comment.
CI workflow missing os parameter builds all platforms
Medium Severity
The build-linux-x64 and build-linux-arm64 jobs in event-ci.yml don't pass the os parameter, so flow-linux.yml defaults to the full platform matrix (11 x64 + 7 arm64 = 18 builds). The old CI specified os: jammy rocky9 amazonlinux2 azurelinux3 (4 platforms + 1 arm64 = 5 builds). By contrast, event-weekly.yml explicitly passes os lists. This ~3.6× increase in per-PR builds appears unintentional.
| RUN yum install -y wget git which devtoolset-11-gcc devtoolset-11-gcc-c++ devtoolset-11-make \ | ||
| rsync unzip tar awscli clang curl openssl11 openssl11-devel | ||
|
|
||
| RUN source /opt/rh/devtoolset-11/enable |
There was a problem hiding this comment.
Devtoolset PATH not persisted across Docker RUN layers
High Severity
RUN source /opt/rh/devtoolset-11/enable is a no-op in Docker — environment changes from source are lost when the RUN layer's shell exits. Since devtoolset-11-gcc and devtoolset-11-make install binaries only at /opt/rh/devtoolset-11/root/usr/bin/ (not /usr/bin/), and no system make or gcc is installed, both make and cc are missing from PATH in all subsequent RUN commands. The install_redis.sh step will fail with "command not found." An ENV PATH directive is needed to persist the devtoolset paths.
Additional Locations (1)
| --cap-add=SYS_PTRACE \ | ||
| --security-opt seccomp=unconfined \ | ||
| ${{ env.DOCKER_IMAGE }} \ | ||
| bash -c "cargo test && MODULE=\$(realpath ./target/release/rejson.so) RLTEST_ARGS='--no-progress' \$(realpath ./tests/pytest/tests.sh) VG=${{ inputs.run_valgrind && '1' || '0' }}" |
There was a problem hiding this comment.
VG passed as argument instead of environment variable
High Severity
In the test command, VG=... is placed after the tests.sh command path, making it a positional argument ($1) instead of an environment variable. In bash, VAR=value command sets an env var, but command VAR=value passes a literal string argument. The tests.sh script checks $VG as an environment variable at line 600 to enable Valgrind — since VG is never set as an env var, Valgrind will silently never run even when run_valgrind: true is passed. The VG=... assignment needs to be placed before \$(realpath ./tests/pytest/tests.sh).
2 participants
…26 (#1494)
MOD-13779 Dockerize CI
MOD-13574 AL2023
MOD-13811 MACOS-26
Note
Medium Risk
Large CI/infrastructure refactor that changes how builds/tests and artifact uploads run (Docker + new OS/arch matrices), which can cause unexpected build or release pipeline failures if any image/setup step diverges from the prior runner-based flow.
Overview
CI is reworked to run Linux builds/tests inside per-distro Docker images via a new reusable workflow
flow-linux.yml, replacing the previousflow-linux-x86.yml,flow-linux-arm.yml,flow-alpine.yml, andflow-azurelinux3-arm.ymlpaths and updatingevent-ci,event-nightly,event-weekly, andevent-tagto call it for bothx64andarm64(including valgrind onjammy).The Linux matrix is expanded/standardized (notably adding
amazonlinux2023andalpinein several events), and newDockerfile.*images plus.install/install_redis.shandsbin/upload-artifacts-s3implement Redis builds and S3 uploads from inside containers (with optional beta uploads). Separately, macOS CI drops the old x64 job and runs arm64 builds acrossmacos-14,macos-15, andmacos-26, and Python packaging is pinned tosetuptools<81(added to test and Docker requirements).Written by Cursor Bugbot for commit 7daf73d. This will update automatically on new commits. Configure here.