diff --git a/.github/contributors.yaml b/.github/contributors.yaml index fce1b46..0f5189b 100644 --- a/.github/contributors.yaml +++ b/.github/contributors.yaml @@ -83,3 +83,6 @@ users: jim-junior: name: Beingana Jim Junior email: jimjunior854@gmail.com + charma7: + name: Another test user + email: test@mail.com diff --git a/.github/workflows/add-git-trailers.yml b/.github/workflows/add-git-trailers.yml index 73d5f5f..2f4c7f6 100644 --- a/.github/workflows/add-git-trailers.yml +++ b/.github/workflows/add-git-trailers.yml @@ -1,12 +1,12 @@ name: Add Git Trailers to PR commits on: - workflow_call: - secrets: - GIT_CLONE_PAT: - required: false - URUNC_BOT_PRIVATE_KEY: - required: true + pull_request_review: + types: [submitted] + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true permissions: contents: read @@ -14,37 +14,18 @@ permissions: jobs: git-trailers: name: Add Git Trailers - runs-on: ${{ matrix.runner }} - strategy: - matrix: - include: - - arch: amd64 - runner: ubuntu-22.04 - continue-on-error: true - permissions: - contents: write - pull-requests: write + if: >- + github.event.pull_request.base.ref == 'main' && + github.event.review.state == 'approved' && + (github.event.pull_request.rebaseable == null || + github.event.pull_request.rebaseable == true) + runs-on: ubuntu-22.04 steps: - name: Harden the runner (Audit all outbound calls) uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0 with: egress-policy: audit - - name: Exit if PR is not rebaseable - if: ${{ github.event.pull_request.rebaseable != null && github.event.pull_request.rebaseable == false }} - run: exit 1 - - - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - fetch-depth: 0 - ref: ${{ github.event.pull_request.head.sha }} - - - name: Append git trailers - uses: nubificus/git-trailers@8e08c91bb4c1fd9cb1ccbd9cc8029c31acf8da66 # feat_use_rebase - with: - user_info: .github/contributors.yaml - - name: Generate urunc-bot token id: generate-token uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 @@ -52,20 +33,21 @@ jobs: app-id: ${{ vars.URUNC_BOT_APP_ID }} private-key: ${{ secrets.URUNC_BOT_PRIVATE_KEY }} - - name: Set up Git - run: | - git config --global user.name "urunc-bot[bot]" - git config --global user.email "urunc-bot[bot]@users.noreply.github.com" + - name: Checkout code + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + token: ${{ steps.generate-token.outputs.token }} + fetch-depth: 0 + ref: ${{ github.event.pull_request.head.sha }} - name: Append git trailers - uses: nubificus/git-trailers@18fd322f3fbfd505b4de728974a4ac1f32f758a7 # feat_auto_merge + uses: nubificus/git-trailers@e3cefe03237a8a33f12ee41a8194bfb03a4d179b # fix_auto_merge with: user_info: .github/contributors.yaml - name: Merge PR env: GH_TOKEN: ${{ steps.generate-token.outputs.token }} + PR_URL: ${{ github.event.pull_request.html_url }} run: | - PR_URL=${{ github.event.pull_request.html_url }} - gh pr merge "$PR_URL" --rebase --admin diff --git a/.github/workflows/pr-merge.yml b/.github/workflows/pr-merge.yml index 1b57dfd..7436ba2 100644 --- a/.github/workflows/pr-merge.yml +++ b/.github/workflows/pr-merge.yml @@ -4,6 +4,8 @@ on: pull_request_target: types: - closed + branches: + - 'main-pr*' permissions: contents: read @@ -23,11 +25,6 @@ jobs: with: egress-policy: audit - - name: Set up Git - run: | - git config --global user.name "urunc-bot[bot]" - git config --global user.email "urunc-bot[bot]@users.noreply.github.com" - - name: Check out repo uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: @@ -42,21 +39,33 @@ jobs: private-key: ${{ secrets.URUNC_BOT_PRIVATE_KEY }} - name: Append git trailers - uses: nubificus/git-trailers@18fd322f3fbfd505b4de728974a4ac1f32f758a7 # feat_auto_merge + uses: nubificus/git-trailers@e3cefe03237a8a33f12ee41a8194bfb03a4d179b # fix_auto_merge with: user_info: .github/contributors.yaml - name: Create a Pull Request from PR_BRANCH to main and merge it env: GH_TOKEN: ${{ steps.generate-token.outputs.token }} + PR_BRANCH: ${{ github.event.pull_request.base.ref }} run: | - PR_BRANCH=${{ github.event.pull_request.base.ref }} - + PR_NUMBER=${PR_BRANCH#main-pr} + + # Use GitHub's API to get issues referenced with closing keywords + CLOSING_ISSUES=$(gh pr view "$PR_NUMBER" --json closingIssuesReferences \ + --jq '.closingIssuesReferences[].number' || true) + + BODY="This PR was automatically created by GitHub Actions to merge changes from $PR_BRANCH into main." + if [ -n "$CLOSING_ISSUES" ]; then + while IFS= read -r issue; do + BODY="$BODY"$'\n'"Closes #$issue" + done <<< "$CLOSING_ISSUES" + fi + # Create the pull request PR_URL=$(gh pr create \ --head "$PR_BRANCH" \ --base main \ --title "Merge External PR: Merge $PR_BRANCH into main" \ - --body "This PR was automatically created by GitHub Actions to merge changes from $PR_BRANCH into main.") + --body "$BODY") gh pr merge "$PR_URL" --rebase --admin --delete-branch diff --git a/.github/workflows/pr-trailers.yml b/.github/workflows/pr-trailers.yml deleted file mode 100644 index 82fbcde..0000000 --- a/.github/workflows/pr-trailers.yml +++ /dev/null @@ -1,16 +0,0 @@ -name: Add Git Trailers to PR commits - -on: - pull_request_review: - types: [submitted] - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - -jobs: - git-trailers: - name: Add Git Trailers to PR commits - if: ${{ github.event.pull_request.base.ref == 'main' && github.event.review.state == 'approved' }} - uses: ./.github/workflows/add-git-trailers.yml - secrets: inherit diff --git a/README.md b/README.md index 6dc4ba2..28c1904 100644 --- a/README.md +++ b/README.md @@ -145,7 +145,7 @@ supported VM/Sandbox monitors and unikernels: | Unikraft | QEMU, Firecracker | x86 | Initrd, 9pfs | | MirageOS | QEMU, Solo5-hvt, Solo5-spt | x86,aarch64 | Block/Devmapper | | Mewz | QEMU | x86 | In-memory | -| Linux | QEMU, Firecracker | x86 | Initrd, Block/Devmapper, 9pfs, Virtiofs | +| Linux | QEMU, Firecracker, clh | x86 | Initrd, Block/Devmapper, 9pfs, Virtiofs | | Hermit | QEMU | x86 | Initrd | We plan to add support for more unikernel frameworks and other platforms too. diff --git a/tests/e2e/test_functions.go b/tests/e2e/test_functions.go index 9e205c4..8045e62 100644 --- a/tests/e2e/test_functions.go +++ b/tests/e2e/test_functions.go @@ -310,9 +310,9 @@ func namespaceTest(tool testTool) error { return fmt.Errorf("cgroup: %w", err) } case specs.TimeNamespace: - err = compareNS(cntrNsMap["uts"], selfNsMap["uts"], ns.Path) + err = compareNS(cntrNsMap["time_for_children"], selfNsMap["time_for_children"], ns.Path) if err != nil { - return fmt.Errorf("uts: %w", err) + return fmt.Errorf("time: %w", err) } default: continue diff --git a/tests/e2e/utils.go b/tests/e2e/utils.go index b837255..6472323 100644 --- a/tests/e2e/utils.go +++ b/tests/e2e/utils.go @@ -191,6 +191,11 @@ func getProcNS(proc string) (map[string]string, error) { if err != nil { return nil, err } + timePath := filepath.Join(procPath, "time_for_children") + ns["time_for_children"], err = os.Readlink(timePath) + if err != nil { + return nil, err + } return ns, nil } @@ -245,6 +250,7 @@ func findLineInFile(filePath string, pattern string) (string, error) { if err != nil { return "", fmt.Errorf("Failed to open %s: %v", filePath, err) } + defer file.Close() scanner := bufio.NewScanner(file)