- 23 Nov, 2020 1 commit
-
-
Provide the base to our docker images and run with the QEMU docker support optionally.
Edward Thomson committed
-
- 18 Nov, 2020 1 commit
-
-
(And move the ci scripts into the `ci` directory.)
Edward Thomson committed
-
- 11 Jun, 2020 1 commit
-
-
The xenial image depends on ubuntu:xenial; the bionic one on ubuntu:bionic. No need for this to be a variable, that's just additional (unnecessary) state to manage in the CI setup(s).
Edward Thomson committed
-
- 06 Jun, 2020 3 commits
-
-
Edward Thomson committed
-
Edward Thomson committed
-
Edward Thomson committed
-
- 17 Mar, 2020 1 commit
-
-
mbedTLS has fixed their certificate.
Edward Thomson committed
-
- 13 Mar, 2020 2 commits
-
-
We currently hve some problems with our curl downloads when building Docker images. It's not quite obvious what the problem is and they seem to occur semi-randomly. To unblock our CI, let's add the "--insecure" flag to curl to ignore any certificate errors. This is intended as a temporary solution only.
Patrick Steinhardt committed -
We currently pass the "--silent" flag to most invocations of curl, but in fact this does not only suppress the progress meter, but also any errors. So let's also pass "--show-error", too.
Patrick Steinhardt committed
-
- 01 Mar, 2020 1 commit
-
-
tls.mbed.org has neglected to send their full certificate chain. Add their intermediate cert manually.
Edward Thomson committed
-
- 18 Feb, 2020 2 commits
-
-
Our nightly builds are currently failing due to our ARM-based jobs. These jobs crash immediately when entering the Docker container with a exception thrown by Go's language runtime. As we're able to successfully builds the Docker images in previous steps, it's unlikely to be a bug in Docker itself. Instead, this exception is thrown by gosu(1), which is a Go-based utility to drop privileges and run by our entrypoint. Fix the issue by dropping gosu(1) in favor of sudo(1).
Patrick Steinhardt committed -
Our two Docker build instructions for Xenial and Bionic have diverged a bit. Let's re-synchronize them with each other to make them as similar as possible.
Patrick Steinhardt committed
-
- 07 Feb, 2020 1 commit
-
-
When building dependencies for our Docker images, we first download the sources to disk first, unpack them and finally remove the archive again. This can be sped up by piping the downloading archive into tar(1) directly to parallelize both tasks. Furthermore, let's silence curl(1) to not print to status information to stderr, which tends to be interpreted as errors by Azure Pipelines.
Patrick Steinhardt committed
-
- 24 Jan, 2020 1 commit
-
-
Edward Thomson committed
-
- 24 Nov, 2019 5 commits
-
-
The valgrind in the PPA is broken and ignores `--exit-errorcode`. Build and install our own.
Edward Thomson committed -
Edward Thomson committed
-
Use a multi-stage docker build so that we can cache early stages and not need to download the apt-provided dependencies during every build (when only later stages change).
Edward Thomson committed -
Deleting the apt cache can be helpful for reducing the size of a container, but since we don't push it anywhere, it only hinders our ability to debug problems while working on the container. Keep it.
Edward Thomson committed -
Edward Thomson committed
-
- 21 Sep, 2019 1 commit
-
-
Right now, all tests in libgit2's CI are being executed as root user. As libgit2 will usually not run as a root user in "normal" usecases and furthermore as there are tests that rely on the ability to _not_ be able to create certain paths, let's instead create an unprivileged user "libgit2" and use that across all docker images.
Patrick Steinhardt committed
-
- 13 Sep, 2019 7 commits
-
-
While we were still supporting Trusty, using Ninja as a build tool would have required us to first setup pip and then use it to install Ninja. As a result, the speedups from using Ninja were drowned out by the time required to install Ninja. But as we have deprecated Trusty now, both Xenial and Bionic have recent versions of Ninja in their repositories and thus we can now use Ninja.
Patrick Steinhardt committed -
The Valgrind version shipped with Xenial has some bugs that keep our tests from working due to bad interactions with openssl [1]. Fix this by using the "hola-launchpad/valgrind" PPA that provides a newer version for which the bug has been fixed. [1]: https://bugs.launchpad.net/ubuntu/+source/valgrind/+bug/1574437
Patrick Steinhardt committed -
Pass the flag "--no-install-recommends" to apt-get in order to trim down the number of packages installed, both reducing build time and image size. As this also causes some required packages to not be installed anymore, add these explicitly to the set of packages installed.
Patrick Steinhardt committed -
Reformat both Xenial and Bionic's Dockerfiles to use best practices. Most importantly, we now run `apt-get update` and `apt-get install` in one step followed up by removing the package lists to speed up installation and keep down the image size.
Patrick Steinhardt committed -
While Xenial provides libssh2 in its repositories, it only has version 1.5.0 available. This version will unfortunately not be able to connect to GitHub due to their removal of weak cryptographic standards [1]. To still enable our CI to execute tests against GitHub, we thus have to update the provided libssh2 version to a newer one. Manually install libssh2 1.8.2 on Xenial. There's no need to do the same for Bionic, as it already provides libssh2 1.8.0. [1]: https://github.blog/2018-02-01-crypto-removal-notice/
Patrick Steinhardt committed -
We're about to phase out support for Trusty, but neither Bionic nor Xenial images provide the mbedTLS library that's available in Trusty. Build them for both to pull them in line with Trusty.
Patrick Steinhardt committed -
The Docker images used for our continuous integration builds currently live in the libgit2/libgit2-docker repository. To make any changes in them, one has to make a PR there, get it reviewed, re-build the images and publish them to Docker Hub. This process is slow and tedious, making it harder than necessary to perform any updates to our Docker-based build pipeline. To fix this, we include all Dockerfiles used by Azure from the mentioned repository and inline them into our own repo. Instead of having to manually push them to the CI, it will now build the required containers on each pull request, allowing much greater flexibility.
Patrick Steinhardt committed
-