This commit adds a GitHub Workflow to prebuild the dev container file
present at .devcontainer/devcontainer.json. This prebuilt image is
pushed to GitHub Container Registry (ghcr).
An additional devcontainer.json is added consuming that image.
This dev container can be selected in editors that process dev
containers (ie GitHub Codespaces), to speed up time to editor.
The macOS 13 runner has Xcode 14.3. which is required to compile JS
after d6b786b3fe (though we do have to
explicitly select Xcode 14.3, as 14.2 is the default).
"image" was an alias for "qemu-image".
I want to add an `image` userland utility, which clashes with that
shortname.
So remove the existing "image" target. It was just an alias for
"qemu-image".
If you use serenity.sh to build, nothing changes. This only affects you
if you run ninja manually -- you now have to say `ninja qemu-image` to
build the disk image.
Make sure that we set SERENITY_SOURCE_DIR in ctest, and make sure to
pass the test root to the CI job.
More overhaul of test-js 'test root' finding is needed however.
This reverts commit b0606d90f0.
This seems to prevent libegl-mesa0 from being installed (which for some
reason isn't failing the Azure jobs - the failure seen later is that
ccache is not installed).
The current config on GitHub Actions does not use ccache, so it takes
quite a while to build. Instead, let's just run these tests on Azure
where we already build Ladybird and have ccache enabled. This also lets
us sanitize LibWeb on both Linux and macOS.
The script changes here are to A) handle differences between Azure and
GitHub Actions and B) to support running on macOS.
This is to allow using more recent C++20 features in upcoming commits.
Version 3.1.6 is what is installed on Ubuntu 22.10 and works with the
C++20 features we want.
Dependabot cannot be configured to significantly change the way it
formats its commit message, and it currently includes a "Signed-Off-By"
tag which is not allowed by our linter.
This updates our CI commit linter to exclude bots from the checks.
Generic PR actions include opening a PR, submit review comments, adding
new commits, etc. This prevents the reviewer and PR submitter from
having to manually bounce the labels back and forth in the general
case. The reviewer also may not have permission to set labels, meaning
the reviewer won't be able to update the labels accordingly themselves.
This does not handle more subjective labels such as pr-is-blocked and
pr-unclear. Unfortunately, there does not seem to be a GitHub Actions
trigger for when a PR has merge conflicts, so the pr-has-conflicts
label cannot be automatically applied.
Co-authored-by: kleines Filmröllchen <filmroellchen@serenityos.org>
They currently reside under Build/<arch>, meaning that they would be
redownloaded for each architecture/toolchain build combo. Move them to a
location that can be re-used for all builds.
Not a huge deal because this at least would still differ from the UCD
cache due to the locale_data.cmake. But this will use the same cache key
as other CI jobs.
The two major changes noticeable on the SerenityOS codebase are:
- Much improved support for const placement, clang-format-14 ignored
our east-const configuration in various places
- Different formatting for requires clauses, now breaking them onto
their own line, which helps with readability a bit
Current versions of CLion also ship LLVM 15, so the built-in formatting
now matches CI formatting again :^)
These are used by esvu, and it is sad that we don't have macOS binaries
availble for consumption by esvu users. Add a matrix job to handle this
separately from the test262 results.
So far we've gotten away with using GCC 11 for Lagom and to compile the
toolchain, but via #15795 we discovered a compiler bug that has been
fixed in the latest version but would error the build with CI's GCC 11.
Time for an upgrade :^)
We already use ubuntu-22.04 images in most places, so this is pretty
straightforward. The only exception is Idan's self-hosted runner, which
uses Ubuntu Focal. LibJS should build fine with GCC 11, still.
To prepare for placing all CLDR generated data in a new library,
LibLocale, this moves the code generators for the CLDR data to the
LibLocale subfolder.
For safety, the PNG check doesn't run if there's no optipng installed (I
didn't want to break everyone's pre-commit hook with the introdcution of
that check). To make it run on CI, just install optipng which is
available in the standard Ubuntu package repo.
This commit upgrades Github Actions workers to ubuntu-22.04
As part of that change, we (currently) no longer need the backports
nor toolchain-r/test PPAs, because ubuntu-22.04 include
recent-enough version of QEMU and gcc
This shouldn't cause any breaking changes, so a toolchain rebuild is not
required.
As per Hendiadyoin's request, math errno is disabled by default, which
should enable some extra compiler optimizations in LibGL and LibSoftGPU
code that uses math functions heavily.
Co-Authored-By: Ali Mohammad Pur <mpfard@serenityos.org>
The LLVM patch has been broken up into smaller commits and moved to a
separate directory. CI should look at this new location to determine if
the toolchain needs to be rebuilt.
This rule seems to be confused about basic syntax of C++.
It flags with false positives such as:
```
The object was created but it is not being used. If you wish
to call constructor, 'this->set_y::set_y(....)' should be used.
```
Lets suppress it until it can be fixed.
This rule appears to be fundamentally broken for our code base, it
flags `void` functions all over the place, as well as constructors.
Lets suppress it for now.
Now that clang-format-14 ubuntu packages are available, it's time to
finally upgrade our clang-format version. This version brings with it
a bunch of useful features with const-placement being the most notable.
These will be enabled in the following commits.
This rule attempts to flag invisible Unicode characters which would
potentially be used by an attacker to hide code that humans can't see.
https://pvs-studio.com/en/docs/warnings/v1076/
AKA the "Trojan Source" attack: https://arxiv.org/abs/2111.00169
Unfortunately our `LibUnicode` source code contains these hidden
characters as they are part of the Unicode character set that the
library exposes. So we have, and will always have 100s of false
positives.
To include Serenity's LibJS on test262.report, we will need to integrate
with esvu. Create a .tar.gz with js(1) binary and the Lagom libraries it
it needs to run, and upload that package as a build artifact.
Since the build now happens in Build/$SERENITY_ARCH/ and not in Build/,
this updates check-symbols.sh to use the correct directory to check the
LibC symbols in. For some reason, the constant failures did not show
up as errors in CI.
In the last few commits, a second patch was added to the LLVM toolchain,
and it no longer uses our binutils patch. This commit changes the CI
cache keys accordingly, in order to prevent unnecessary rebuilds of both
toolchains when only one is changed.
The Clang toolchain's cache now only takes into account patches that
begin with `llvm`, and the GNU toolchain excludes those from the hash
calculation. We now also hash the two CMake cache files that we use for
building LLVM and its runtime libraries.
We often see PR's opened and then immediately closed because folks think
they did something bad, or don't know how to fix the situation. So lets
try to give them a few pointers.
We didn't initially upgrade because it started to (incorrectly) see
files as strict mode and chokes on things that then would be syntax
errors - but we're starting to fall behind a bit, so I'd rather put
these files on the ignore list instead.
Previously if a commit message contained any carriage returns it would
correctly fail the 'contains CRLF line breaks' test, but it would also
report 'Commit message lines are too long' and 'Commit title ends in a
period', even if neither is true.
This rule appears to produce a lot of noise, most of them look like
false positives (400+). Lets suppress for now to try to move the signal
to noise ratio higher for PVS-Studio.
Reference: https://pvs-studio.com/en/docs/warnings/v1047/
tim-actions/commit-message-checker-with-regex@v0.3.1 only uses the
keys 'sha' and 'commit.message'. Passing more information than that
is unnecessary and can lead to CI failures like this one:
https://github.com/SerenityOS/serenity/runs/4029269017?check_suite_focus=true#step:4:7
Instead of trying to pass data between workflow steps, we can instead
just do it all at once (plus this gives us more control over
formatting, which has also been improved).
'bootmode' now only controls which set of services are started by
SystemServer, so it is more appropriate to rename it to system_mode, and
no longer validate it in the Kernel.
Bootmode used to control framebuffers, panic behavior, and SystemServer.
This patch factors framebuffer control into a separate flag.
Note that the combination 'bootmode=self-test fbdev=on' leads to
unexpected behavior, which can only be fixed in a later commit.
Much like the sonar cloud workflow, this workflow runs pvs-studio
static analysis, and uploads the SARIF results to github. This
is the most "convenient" way to publish results, but unfortunately
users need write access to the repository to reach static analysis
results rendered in github.
As a work around folks can just look at the logs where issues are
printed during analysis, this works reasonably well.
In the future it might make sense to also render the results as HTML
and publish them using github page, much like we do with man pages.
I believe the pvs-studio plog-converter tool supports that as well.
https://pvs-studio.com/en/docs/manual/0036/
We need to exclude this file from analysis for now, as there is a bug in
the sonar-runner tool where it crashes when trying to understand the use
of AK::Variant in LibWasm/Parser/Parser.cpp
See #10122 for details + link to the bug report to Sonar Cloud.
I was experimenting with using caching while doing the initial prototype
of the Sonar Cloud workflow. However the cache size for the static
analysis data ended up being large enough that it would put us over the
git hub actions limit. Given that we currently only run this pipeline
once a day, it seems reasonable to just remove caching.
If in the future we decide to run the pipeline on every PR, caching
would become crucial as the current un-cached analysis time is around
1 hour and 50 minutes. If we did this we would need to move the pipeline
to Azure DevOps where we have effectively infinite cache available.
This requires exposing the `configure` step on the `serenity`
ExternalProject in the SuperBuild CMakeLists so that we can continue to
only build the generated sources and not the entire OS.
Replace the old logic where we would start with a host build, and swap
all the CMake compiler and target variables underneath it to trick
CMake into building for Serenity after we configured and built the Lagom
code generators.
The SuperBuild creates two ExternalProjects, one for Lagom and one for
Serenity. The Serenity project depends on the install stage for the
Lagom build. The SuperBuild also generates a CMakeToolchain file for the
Serenity build to use that replaces the old toolchain file that was only
used for Ports.
To ensure that code generators are rebuilt when core libraries such as
AK and LibCore are modified, developers will need to direct their manual
`ninja` invocations to the SuperBuild's binary directory instead of the
Serenity binary directory.
This commit includes warning coalescing and option style cleanup for the
affected CMakeLists in the Kernel, top level, and runtime support
libraries. A large part of the cleanup is replacing USE_CLANG_TOOLCHAIN
with the proper CMAKE_CXX_COMPILER_ID variable, which will no longer be
confused by a host clang compiler.
This commit snuck into the tree via a PR for some sonar cloud fixes.
Some how I cross contaminated my branches.
Unfortunately the coverity workflow isn't ready for prime time yet,
so lets remove it until we have all the issues ironed out.
The matrix variables were left over from copy/pasting the contents
of the normal CI workflow. We also should always skip saving the
cache, as the normal CI pipeliens will refresh the toolchain and
we should just be reading the cache.
The cache is saving, but by the time we run again, it looks like the
cache has been purged from other jobs consuming the cache.
This causes the cache to fail restore. Given we run nightly and there
is no time bound, we can just run without cache.
Test files were getting analyzed twice, which the tool does
not like, and causes it to exit with a fatal error.
Also make the workflow run in PRs anytime the file is edited,
so that we can get immediate feedback without waiting till the
next day.
This action executes once a day, the sonar cloud runner analyzes the
code and then uploads the results.
The current code base takes almost 3 hours of computer time to analyze.
The runner supports multi threaded executing and caching of results, so
we save that cache as part of the github action work flow to allow for
the analysis to skip unchanged files.
Moving this helper CMake file to the centralized Meta/CMake folder helps
to get a better grasp on what extra files are required for the build,
and what files are generated.
While we're at it, don't use add_compile_definitions for
ENABLE_UNICODE_DATA, which only needs to be seen by LibUnicode sources.
We were over-hashing for the GNU build on GitHub Actions by including
the LLVM patch as well. The GNU Toolchain doesn't care about our LLVM
patches.
For Azure, fix the inversion of the condition for which jobs check which
Build*.sh script, and add the Toolchain patch files to the cache
hash calculation.
Clang builds will no longer be apart of the automated CI for every Push/
Pull Request, and will instead be ran at 00:00 UTC every day, with the
results posted to the discord #clang-toolchain channel.
We need test-js for the parser tests for test262, but we don't need to
rebuild all of Lagom twice. This was missed when we did the initial
change to shared libraries. Before #9017, the Lagom build for test-js
is what built libLagom.a for the libjs-test262-runner to link against.
Now that we are building libjs.so and its dependencies in the runner's
build directory, we should build test-js there as well.
Requires linusg/libjs-test262#32 in order to properly find the built
test-js.
We already cache these files to prevent re-downloading them in the other
CI workflows, so this just brings the test262 runner up to speed with
the rest of them.
After linusg/libjs-test262/pull/30 goes into libjs-test262, we'll need
to pass SERENITY_SOURCE_DIR manually to the job to prevent it from
trying to do its own shallow clone. Also, remove the now defunct static
library build from the test262 workflow.
The WASM spec tests caused a stack overflow when generated with wat2wasm
version 1.0.23, which ships with homebrew. To give feature parity,
manually download the same version from GitHub packages for Ubuntu.
Document the dependencies of the WASM spec tests option, as well.
This should speed it up quite a bit and give us more consistent
performance. (So this workflow could eventually be used for perf
regression testing as well)
It turns out that ccache caches are highly compressible (total size is
reduced by about 65%), so we should be able to increase the cache limit
for some free speedups. :^)