MOD-13779 | MOD-13574 | MOD-13811 Dockerize CI, add AL2023 and macos-…#1501
MOD-13779 | MOD-13574 | MOD-13811 Dockerize CI, add AL2023 and macos-…#1501AvivDavid23 merged 2 commits into2.8from
Conversation
…26 (#1494) * MOD-13779 Dockerize CI * MOD-13574 AL2023 * MOD-13811 MACOS-26
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
| needs: [prepare-values] | ||
| with: | ||
| os: jammy rocky9 amazonlinux2 azurelinux3 | ||
| arch: x64 |
There was a problem hiding this comment.
CI builds missing os parameter, testing all platforms
High Severity
The os parameter was accidentally dropped from both build-linux-x64 and build-linux-arm64 CI jobs. Previously, CI specified os: jammy rocky9 amazonlinux2 azurelinux3 (4 platforms). Without os, the jobs fall through to the full defaults in flow-linux.yml — 11 platforms for x64 and 7 for arm64 — turning every PR build from ~5 jobs into ~18. The weekly and tag events both explicitly specify os lists, confirming this omission is unintentional.
Additional Locations (1)
| arch: x64 | ||
| # os: jammy rocky9 amazonlinux2 | ||
| os: bionic focal jammy rocky8 rocky9 bullseye amazonlinux2 mariner2 azurelinux3 | ||
| os: bionic focal jammy rocky8 rocky9 bullseye amazonlinux2 mariner2 azurelinux3 alpine |
There was a problem hiding this comment.
Weekly builds omit amazonlinux2023 from OS lists
Medium Severity
The weekly x64 os list and arm64 os list both omit amazonlinux2023, despite this PR specifically adding AL2023 support. The tag event includes amazonlinux2023 in its x64 list, and the default lists in flow-linux.yml include it for both architectures, making this inconsistency look like an oversight.
Additional Locations (1)
|
|
||
| # Install git and build tools first | ||
| RUN dnf install -y git make wget openssl openssl-devel which \ | ||
| rsync unzip clang tar |
There was a problem hiding this comment.
AL2023 Dockerfile missing gcc, Redis build will fail
High Severity
Dockerfile.amazonlinux2023 installs clang but not gcc. Every other Dockerfile installs gcc or an equivalent (e.g. build-essential, devtoolset-*-gcc). On the amazonlinux:2023 base image, gcc and cc are not available by default, and installing clang does not create a cc symlink. The install_redis.sh script runs make which invokes cc, so the Redis build step will fail during Docker image construction.
| --cap-add=SYS_PTRACE \ | ||
| --security-opt seccomp=unconfined \ | ||
| ${{ env.DOCKER_IMAGE }} \ | ||
| bash -c "cargo test && MODULE=\$(realpath ./target/release/rejson.so) RLTEST_ARGS='--no-progress' \$(realpath ./tests/pytest/tests.sh) VG=${{ inputs.run_valgrind && '1' || '0' }}" |
There was a problem hiding this comment.
Valgrind flag passed as argument, not environment variable
High Severity
In the test step's bash -c command, VG=${{ inputs.run_valgrind && '1' || '0' }} is placed after the script path (tests.sh), making it a positional argument instead of an environment variable. The script checks if [[ $VG == 1 ]] to enable valgrind, but VG will never be set. The value becomes part of $@ and gets appended to RLTEST_ARGS as a garbage argument. VG=... needs to be placed before the command, alongside MODULE= and RLTEST_ARGS=.
2 participants
…26 (#1494)
MOD-13779 Dockerize CI
MOD-13574 AL2023
MOD-13811 MACOS-26
Note
Medium Risk
CI execution is substantially refactored (new Docker-based Linux workflow, new OS/arch matrices, and new artifact upload path), so failures could block releases despite no runtime code changes.
Overview
Refactors GitHub Actions Linux CI to run builds/tests inside per-distro Docker images via a new reusable
flow-linux.yml, replacing the previous per-arch/per-distro workflows (flow-linux-x86.yml,flow-linux-arm.yml,flow-alpine.yml,flow-azurelinux3-arm.yml). Event workflows (event-ci,event-nightly,event-tag,event-weekly) are updated to call the new workflow for bothx64andarm64, with expanded distro coverage (notably addingamazonlinux2023andalpine) and updated nightlyredis-refhandling.Adds Dockerfiles for each supported distro and a shared
.install/install_redis.shused during image builds, plus a Docker-orientedsbin/upload-artifacts-s3wrapper to push artifacts from inside containers (including optional beta uploads). Separately tightens Python tooling by pinningsetuptools<81in install scripts and test requirements, and updates macOS CI to build arm64 acrossmacos-14/15/26(dropping the previous macOS x64 job).Written by Cursor Bugbot for commit 5e1ad49. This will update automatically on new commits. Configure here.