From bd81c3dedc83f9b3a95cbecd502befb68f6fe4a6 Mon Sep 17 00:00:00 2001 From: Stephen Akinyemi Date: Sun, 13 Apr 2025 14:33:15 +0100 Subject: [PATCH 1/5] refactor: re-enable CI workflows - Uncomment and enable release and test workflows - Rename packages to follow microsandbox naming convention: - monoutils-store -> microsandbox-utils - monocore -> microsandbox-core --- .github/workflows/release.yml | 126 ++++--- .github/workflows/tests_and_checks.yml | 450 ++++++++++++------------- 2 files changed, 284 insertions(+), 292 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 725cecf1..98f09436 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,75 +1,67 @@ -# name: ๐Ÿš€ Release Packages & Binaries +name: ๐Ÿš€ Release Packages & Binaries -# on: -# push: -# branches: [ main ] -# workflow_dispatch: -# inputs: -# run_publish_release: -# description: 'Publish release' -# type: boolean -# required: true -# default: false +on: + push: + branches: [ main ] + workflow_dispatch: + inputs: + run_publish_release: + description: 'Publish release' + type: boolean + required: true + default: false -# permissions: -# contents: write -# pull-requests: write +permissions: + contents: write + pull-requests: write -# jobs: -# release-please: -# runs-on: ubuntu-latest -# outputs: -# releases_created: ${{ steps.release.outputs.releases_created }} -# prs_created: ${{ steps.release.outputs.prs_created }} -# tag_name: ${{ steps.release.outputs.tag_name }} -# steps: -# - name: Setup release-please -# uses: googleapis/release-please-action@v4 -# id: release -# with: -# token: ${{ secrets.GITHUB_TOKEN }} -# config-file: release-please-config.json -# manifest-file: .release-please-manifest.json +jobs: + release-please: + runs-on: ubuntu-latest + outputs: + releases_created: ${{ steps.release.outputs.releases_created }} + prs_created: ${{ steps.release.outputs.prs_created }} + tag_name: ${{ steps.release.outputs.tag_name }} + steps: + - name: Setup release-please + uses: googleapis/release-please-action@v4 + id: release + with: + token: ${{ secrets.GITHUB_TOKEN }} + config-file: release-please-config.json + manifest-file: .release-please-manifest.json -# - name: Check release status -# run: | -# echo "Release created: ${{ steps.release.outputs.releases_created }}" -# echo "PRs created: ${{ steps.release.outputs.prs_created }}" -# echo "microsandbox created: ${{ steps.release.outputs.microsandbox--releases_created }}" -# echo "monofs created: ${{ steps.release.outputs.monofs--releases_created }}" -# echo "monoutils-store created: ${{ steps.release.outputs.monoutils-store--releases_created }}" + - name: Check release status + run: | + echo "Release created: ${{ steps.release.outputs.releases_created }}" + echo "PRs created: ${{ steps.release.outputs.prs_created }}" + echo "microsandbox-core created: ${{ steps.release.outputs.microsandbox-core-releases_created }}" + echo "microsandbox-utils created: ${{ steps.release.outputs.microsandbox-utils-releases_created }}" -# publish-release: -# needs: -# - release-please -# if: ${{ needs.release-please.outputs.releases_created == 'true' || github.event.inputs.run_publish_release }} -# runs-on: ubuntu-latest -# steps: -# - name: Checkout code -# uses: actions/checkout@v4 + publish-release: + needs: + - release-please + if: ${{ needs.release-please.outputs.releases_created == 'true' || github.event.inputs.run_publish_release }} + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 -# - name: Publish monoutils-store -# working-directory: monoutils-store -# env: -# CARGO_TOKEN: ${{ secrets.CARGO_TOKEN }} -# run: | -# cargo publish -p monoutils-store + - name: Publish microsandbox-utils + working-directory: microsandbox-utils + env: + CARGO_TOKEN: ${{ secrets.CARGO_TOKEN }} + run: | + cargo publish -p microsandbox-utils -# - name: Wait for crates.io index update -# run: | -# echo "Waiting for crates.io to update index..." -# sleep 30 + - name: Wait for crates.io index update + run: | + echo "Waiting for crates.io to update index..." + sleep 30 -# - name: Publish monofs -# working-directory: monofs -# env: -# CARGO_TOKEN: ${{ secrets.CARGO_TOKEN }} -# run: | -# cargo publish -p monofs - -# - name: Publish microsandbox -# working-directory: microsandbox -# env: -# CARGO_TOKEN: ${{ secrets.CARGO_TOKEN }} -# run: | -# cargo publish -p microsandbox + - name: Publish microsandbox + working-directory: microsandbox + env: + CARGO_TOKEN: ${{ secrets.CARGO_TOKEN }} + run: | + cargo publish -p microsandbox diff --git a/.github/workflows/tests_and_checks.yml b/.github/workflows/tests_and_checks.yml index 37ba1c43..8a57262b 100644 --- a/.github/workflows/tests_and_checks.yml +++ b/.github/workflows/tests_and_checks.yml @@ -1,225 +1,225 @@ -# name: ๐Ÿงช Tests and Checks - -# on: -# push: -# branches: [ main ] -# pull_request: -# branches: [ '**' ] -# workflow_dispatch: -# inputs: -# force_build_libkrun: -# description: 'Force build libkrun' -# required: false -# type: boolean -# default: false - -# concurrency: -# group: ${{ github.workflow }}-${{ github.ref }} -# cancel-in-progress: true - -# jobs: -# check-libkrun-cache-changes: -# runs-on: ubuntu-latest -# outputs: -# should_build: ${{ steps.check_build.outputs.should_build }} -# libkrun_hash: ${{ steps.hash_libkrun.outputs.hash }} -# steps: -# - uses: actions/checkout@v4 -# with: -# fetch-depth: 2 - -# - name: Hash build_libkrun.sh -# id: hash_libkrun -# run: | -# HASH=$(sha256sum build_libkrun.sh | awk '{ print $1 }') -# echo "hash=$HASH" >> $GITHUB_OUTPUT -# echo "Calculated hash: $HASH" - -# - name: Check if cache exists -# id: check_cache -# uses: actions/cache/restore@v4 -# with: -# path: | -# build/libkrunfw/libkrunfw*.so* -# build/libkrun/target/release/libkrun*.so* -# key: ${{ runner.os }}-libkrun-${{ steps.hash_libkrun.outputs.hash }} - -# - name: Check if build is needed -# id: check_build -# run: | -# if [ "${{ steps.check_cache.outputs.cache-hit }}" == 'true' ]; then -# echo "Cache hit, no need to build" -# echo "should_build=false" >> $GITHUB_OUTPUT -# elif [ $(git rev-list --count HEAD) -lt 2 ]; then -# echo "Only one commit in the repository, building libkrun" -# echo "should_build=true" >> $GITHUB_OUTPUT -# elif git diff --name-only HEAD^ HEAD | grep -qE 'build_libkrun.sh|.github/workflows/tests_and_checks.yml'; then -# echo "build_libkrun.sh or workflow file has changed, building libkrun" -# echo "should_build=true" >> $GITHUB_OUTPUT -# else -# echo "No relevant changes, no need to build" -# echo "should_build=false" >> $GITHUB_OUTPUT -# fi - -# build-libkrun: -# needs: check-libkrun-cache-changes -# if: needs.check-libkrun-cache-changes.outputs.should_build == 'true' || github.event.inputs.force_build_libkrun == 'true' -# runs-on: ubuntu-latest -# steps: -# - name: Checkout repository -# uses: actions/checkout@v4 - -# - name: Install Dependencies -# run: | -# sudo apt-get update -qqy -# sudo apt-get install -y jq libelf-dev build-essential flex bison libssl-dev libncurses5-dev python3-pip -# pip3 install --user pyelftools - -# - name: Install Rust -# uses: actions-rs/toolchain@v1 -# with: -# profile: minimal -# toolchain: stable -# override: true - -# - name: Build libkrun -# run: | -# ./build_libkrun.sh --no-cleanup --force-build - -# - name: Cache libkrun -# uses: actions/cache/save@v4 -# with: -# path: | -# build/libkrunfw/libkrunfw*.so* -# build/libkrun/target/release/libkrun*.so* -# key: ${{ runner.os }}-libkrun-${{ needs.check-libkrun-cache-changes.outputs.libkrun_hash }} - -# run-checks: -# needs: [check-libkrun-cache-changes, build-libkrun] -# if: always() -# runs-on: ubuntu-latest -# strategy: -# fail-fast: false -# matrix: -# rust-toolchain: -# - stable -# - nightly -# steps: -# - name: Checkout Repository -# uses: actions/checkout@v4 - -# - name: Cache Project -# uses: Swatinem/rust-cache@v2 - -# - name: Restore libkrun cache -# uses: actions/cache/restore@v4 -# with: -# path: | -# build/libkrunfw/libkrunfw*.so* -# build/libkrun/target/release/libkrun*.so* -# key: ${{ runner.os }}-libkrun-${{ needs.check-libkrun-cache-changes.outputs.libkrun_hash }} - -# - name: Install Rust Toolchain -# uses: actions-rs/toolchain@v1 -# with: -# override: true -# components: rustfmt, clippy -# toolchain: ${{ matrix.rust-toolchain }} - -# - name: Check Format -# uses: actions-rs/cargo@v1 -# with: -# args: --all -- --check -# command: fmt -# toolchain: ${{ matrix.rust-toolchain }} - -# - name: Run Linter -# uses: actions-rs/cargo@v1 -# with: -# args: --all -- -D warnings -# command: clippy -# toolchain: ${{ matrix.rust-toolchain }} - -# - name: Check Advisories -# if: ${{ matrix.rust-toolchain == 'stable' }} -# uses: EmbarkStudios/cargo-deny-action@v2 -# with: -# command: check advisories -# continue-on-error: true - -# - name: Check Bans, Licenses, and Sources -# if: ${{ matrix.rust-toolchain == 'stable' }} -# uses: EmbarkStudios/cargo-deny-action@v2 -# with: -# command: check bans licenses sources - -# # A hack to make `ld` find the libkrunfw because right now it seems to only look for libkrunfw.so.x -# # and not libkrunfw.so or libkrunfw.so.x.x.x even though their SONAME is libkrunfw.so.x -# - name: Create symlinks -# run: | -# cd build/libkrunfw -# objdump -p libkrunfw.so.4.4.2 | grep SONAME # sanity check -# ln -sf libkrunfw.so.4.4.2 libkrunfw.so.4 -# ln -sf libkrunfw.so.4 libkrunfw.so - -# - name: Test Release -# if: ${{ matrix.rust-toolchain == 'stable' && github.event_name == 'push' }} -# run: | -# LIBRARY_PATH=${{ github.workspace }}/build/libkrunfw:${{ github.workspace }}/build/libkrun/target/release:${{ env.LIBRARY_PATH }} \ -# LD_LIBRARY_PATH=${{ github.workspace }}/build/libkrunfw:${{ github.workspace }}/build/libkrun/target/release:${{ env.LD_LIBRARY_PATH }} \ -# cargo build --release - -# run-tests: -# needs: [check-libkrun-cache-changes, build-libkrun] -# if: always() -# runs-on: ubuntu-latest -# strategy: -# fail-fast: false -# matrix: -# rust-toolchain: -# - stable -# - nightly -# steps: -# - name: Checkout Repository -# uses: actions/checkout@v4 - -# - name: Install Environment Packages -# run: | -# sudo apt-get update -qqy -# sudo apt-get install jq - -# - name: Cache Project -# uses: Swatinem/rust-cache@v2 - -# - name: Restore libkrun cache -# uses: actions/cache/restore@v4 -# with: -# path: | -# build/libkrunfw/libkrunfw*.so* -# build/libkrun/target/release/libkrun*.so* -# key: ${{ runner.os }}-libkrun-${{ needs.check-libkrun-cache-changes.outputs.libkrun_hash }} - -# - name: Print Cache -# run: tree -L 2 build/ - -# - name: Install Rust Toolchain -# uses: actions-rs/toolchain@v1 -# with: -# override: true -# toolchain: ${{ matrix.rust-toolchain }} - -# # A hack to make `ld` find the libkrunfw because right now it seems to only look for libkrunfw.so.x -# # and not libkrunfw.so or libkrunfw.so.x.x.x even though their SONAME is libkrunfw.so.x -# - name: Create symlinks -# run: | -# cd build/libkrunfw -# objdump -p libkrunfw.so.4.4.2 | grep SONAME # sanity check -# ln -sf libkrunfw.so.4.4.2 libkrunfw.so.4 -# ln -sf libkrunfw.so.4 libkrunfw.so - -# - name: Run Tests -# run: | -# sudo -E bash -c 'export LIBRARY_PATH=${{ github.workspace }}/build/libkrunfw:${{ github.workspace }}/build/libkrun/target/release && \ -# export LD_LIBRARY_PATH=${{ github.workspace }}/build/libkrunfw:${{ github.workspace }}/build/libkrun/target/release && \ -# /home/runner/.cargo/bin/cargo test && \ -# /home/runner/.cargo/bin/cargo test -- --ignored' +name: ๐Ÿงช Tests and Checks + +on: + push: + branches: [ main ] + pull_request: + branches: [ '**' ] + workflow_dispatch: + inputs: + force_build_libkrun: + description: 'Force build libkrun' + required: false + type: boolean + default: false + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + check-libkrun-cache-changes: + runs-on: ubuntu-latest + outputs: + should_build: ${{ steps.check_build.outputs.should_build }} + libkrun_hash: ${{ steps.hash_libkrun.outputs.hash }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 2 + + - name: Hash build_libkrun.sh + id: hash_libkrun + run: | + HASH=$(sha256sum build_libkrun.sh | awk '{ print $1 }') + echo "hash=$HASH" >> $GITHUB_OUTPUT + echo "Calculated hash: $HASH" + + - name: Check if cache exists + id: check_cache + uses: actions/cache/restore@v4 + with: + path: | + build/libkrunfw/libkrunfw*.so* + build/libkrun/target/release/libkrun*.so* + key: ${{ runner.os }}-libkrun-${{ steps.hash_libkrun.outputs.hash }} + + - name: Check if build is needed + id: check_build + run: | + if [ "${{ steps.check_cache.outputs.cache-hit }}" == 'true' ]; then + echo "Cache hit, no need to build" + echo "should_build=false" >> $GITHUB_OUTPUT + elif [ $(git rev-list --count HEAD) -lt 2 ]; then + echo "Only one commit in the repository, building libkrun" + echo "should_build=true" >> $GITHUB_OUTPUT + elif git diff --name-only HEAD^ HEAD | grep -qE 'build_libkrun.sh|.github/workflows/tests_and_checks.yml'; then + echo "build_libkrun.sh or workflow file has changed, building libkrun" + echo "should_build=true" >> $GITHUB_OUTPUT + else + echo "No relevant changes, no need to build" + echo "should_build=false" >> $GITHUB_OUTPUT + fi + + build-libkrun: + needs: check-libkrun-cache-changes + if: needs.check-libkrun-cache-changes.outputs.should_build == 'true' || github.event.inputs.force_build_libkrun == 'true' + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Install Dependencies + run: | + sudo apt-get update -qqy + sudo apt-get install -y jq libelf-dev build-essential flex bison libssl-dev libncurses5-dev python3-pip + pip3 install --user pyelftools + + - name: Install Rust + uses: actions-rs/toolchain@v1 + with: + profile: minimal + toolchain: stable + override: true + + - name: Build libkrun + run: | + ./build_libkrun.sh --no-cleanup --force-build + + - name: Cache libkrun + uses: actions/cache/save@v4 + with: + path: | + build/libkrunfw/libkrunfw*.so* + build/libkrun/target/release/libkrun*.so* + key: ${{ runner.os }}-libkrun-${{ needs.check-libkrun-cache-changes.outputs.libkrun_hash }} + + run-checks: + needs: [check-libkrun-cache-changes, build-libkrun] + if: always() + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + rust-toolchain: + - stable + - nightly + steps: + - name: Checkout Repository + uses: actions/checkout@v4 + + - name: Cache Project + uses: Swatinem/rust-cache@v2 + + - name: Restore libkrun cache + uses: actions/cache/restore@v4 + with: + path: | + build/libkrunfw/libkrunfw*.so* + build/libkrun/target/release/libkrun*.so* + key: ${{ runner.os }}-libkrun-${{ needs.check-libkrun-cache-changes.outputs.libkrun_hash }} + + - name: Install Rust Toolchain + uses: actions-rs/toolchain@v1 + with: + override: true + components: rustfmt, clippy + toolchain: ${{ matrix.rust-toolchain }} + + - name: Check Format + uses: actions-rs/cargo@v1 + with: + args: --all -- --check + command: fmt + toolchain: ${{ matrix.rust-toolchain }} + + - name: Run Linter + uses: actions-rs/cargo@v1 + with: + args: --all -- -D warnings + command: clippy + toolchain: ${{ matrix.rust-toolchain }} + + - name: Check Advisories + if: ${{ matrix.rust-toolchain == 'stable' }} + uses: EmbarkStudios/cargo-deny-action@v2 + with: + command: check advisories + continue-on-error: true + + - name: Check Bans, Licenses, and Sources + if: ${{ matrix.rust-toolchain == 'stable' }} + uses: EmbarkStudios/cargo-deny-action@v2 + with: + command: check bans licenses sources + + # A hack to make `ld` find the libkrunfw because right now it seems to only look for libkrunfw.so.x + # and not libkrunfw.so or libkrunfw.so.x.x.x even though their SONAME is libkrunfw.so.x + - name: Create symlinks + run: | + cd build/libkrunfw + objdump -p libkrunfw.so.4.4.2 | grep SONAME # sanity check + ln -sf libkrunfw.so.4.4.2 libkrunfw.so.4 + ln -sf libkrunfw.so.4 libkrunfw.so + + - name: Test Release + if: ${{ matrix.rust-toolchain == 'stable' && github.event_name == 'push' }} + run: | + LIBRARY_PATH=${{ github.workspace }}/build/libkrunfw:${{ github.workspace }}/build/libkrun/target/release:${{ env.LIBRARY_PATH }} \ + LD_LIBRARY_PATH=${{ github.workspace }}/build/libkrunfw:${{ github.workspace }}/build/libkrun/target/release:${{ env.LD_LIBRARY_PATH }} \ + cargo build --release + + run-tests: + needs: [check-libkrun-cache-changes, build-libkrun] + if: always() + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + rust-toolchain: + - stable + - nightly + steps: + - name: Checkout Repository + uses: actions/checkout@v4 + + - name: Install Environment Packages + run: | + sudo apt-get update -qqy + sudo apt-get install jq + + - name: Cache Project + uses: Swatinem/rust-cache@v2 + + - name: Restore libkrun cache + uses: actions/cache/restore@v4 + with: + path: | + build/libkrunfw/libkrunfw*.so* + build/libkrun/target/release/libkrun*.so* + key: ${{ runner.os }}-libkrun-${{ needs.check-libkrun-cache-changes.outputs.libkrun_hash }} + + - name: Print Cache + run: tree -L 2 build/ + + - name: Install Rust Toolchain + uses: actions-rs/toolchain@v1 + with: + override: true + toolchain: ${{ matrix.rust-toolchain }} + + # A hack to make `ld` find the libkrunfw because right now it seems to only look for libkrunfw.so.x + # and not libkrunfw.so or libkrunfw.so.x.x.x even though their SONAME is libkrunfw.so.x + - name: Create symlinks + run: | + cd build/libkrunfw + objdump -p libkrunfw.so.4.4.2 | grep SONAME # sanity check + ln -sf libkrunfw.so.4.4.2 libkrunfw.so.4 + ln -sf libkrunfw.so.4 libkrunfw.so + + - name: Run Tests + run: | + sudo -E bash -c 'export LIBRARY_PATH=${{ github.workspace }}/build/libkrunfw:${{ github.workspace }}/build/libkrun/target/release && \ + export LD_LIBRARY_PATH=${{ github.workspace }}/build/libkrunfw:${{ github.workspace }}/build/libkrun/target/release && \ + /home/runner/.cargo/bin/cargo test && \ + /home/runner/.cargo/bin/cargo test -- --ignored' From 524af1938740110e586f53e390bc9b99f1682e16 Mon Sep 17 00:00:00 2001 From: Stephen Akinyemi Date: Sun, 13 Apr 2025 14:37:13 +0100 Subject: [PATCH 2/5] fix: build_libkrun.sh path --- .github/workflows/tests_and_checks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tests_and_checks.yml b/.github/workflows/tests_and_checks.yml index 8a57262b..2566ead4 100644 --- a/.github/workflows/tests_and_checks.yml +++ b/.github/workflows/tests_and_checks.yml @@ -84,7 +84,7 @@ jobs: - name: Build libkrun run: | - ./build_libkrun.sh --no-cleanup --force-build + ./scripts/build_libkrun.sh --no-cleanup --force-build - name: Cache libkrun uses: actions/cache/save@v4 From 03f092bed4c42c0a9b46e744ec655c6cd1818328 Mon Sep 17 00:00:00 2001 From: Stephen Akinyemi Date: Sun, 13 Apr 2025 15:23:35 +0100 Subject: [PATCH 3/5] fix: format --- microsandbox-core/lib/management/mod.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/microsandbox-core/lib/management/mod.rs b/microsandbox-core/lib/management/mod.rs index 31bc7a2d..55bd027d 100644 --- a/microsandbox-core/lib/management/mod.rs +++ b/microsandbox-core/lib/management/mod.rs @@ -20,10 +20,10 @@ pub mod config; pub mod db; +pub mod home; pub mod image; pub mod menv; pub mod orchestra; pub mod rootfs; pub mod sandbox; pub mod server; -pub mod home; From f362e84e7e0553d09bc9f99dd9f30f266fc38a5d Mon Sep 17 00:00:00 2001 From: Stephen Akinyemi Date: Sun, 13 Apr 2025 17:20:24 +0200 Subject: [PATCH 4/5] fix: update caching paths for libkrun shared libraries - Refine caching paths in GitHub Actions workflow to target specific shared library files. - Remove unnecessary symlink creation steps that were previously used for library resolution. --- .github/workflows/tests_and_checks.yml | 30 ++++++-------------------- 1 file changed, 6 insertions(+), 24 deletions(-) diff --git a/.github/workflows/tests_and_checks.yml b/.github/workflows/tests_and_checks.yml index 2566ead4..5ccdaf81 100644 --- a/.github/workflows/tests_and_checks.yml +++ b/.github/workflows/tests_and_checks.yml @@ -40,8 +40,8 @@ jobs: uses: actions/cache/restore@v4 with: path: | - build/libkrunfw/libkrunfw*.so* - build/libkrun/target/release/libkrun*.so* + build/libkrunfw/libkrunfw.so* + build/libkrun/target/release/libkrun.so* key: ${{ runner.os }}-libkrun-${{ steps.hash_libkrun.outputs.hash }} - name: Check if build is needed @@ -90,8 +90,8 @@ jobs: uses: actions/cache/save@v4 with: path: | - build/libkrunfw/libkrunfw*.so* - build/libkrun/target/release/libkrun*.so* + build/libkrunfw/libkrunfw.so* + build/libkrun/target/release/libkrun.so* key: ${{ runner.os }}-libkrun-${{ needs.check-libkrun-cache-changes.outputs.libkrun_hash }} run-checks: @@ -115,8 +115,8 @@ jobs: uses: actions/cache/restore@v4 with: path: | - build/libkrunfw/libkrunfw*.so* - build/libkrun/target/release/libkrun*.so* + build/libkrunfw/libkrunfw.so* + build/libkrun/target/release/libkrun.so* key: ${{ runner.os }}-libkrun-${{ needs.check-libkrun-cache-changes.outputs.libkrun_hash }} - name: Install Rust Toolchain @@ -153,15 +153,6 @@ jobs: with: command: check bans licenses sources - # A hack to make `ld` find the libkrunfw because right now it seems to only look for libkrunfw.so.x - # and not libkrunfw.so or libkrunfw.so.x.x.x even though their SONAME is libkrunfw.so.x - - name: Create symlinks - run: | - cd build/libkrunfw - objdump -p libkrunfw.so.4.4.2 | grep SONAME # sanity check - ln -sf libkrunfw.so.4.4.2 libkrunfw.so.4 - ln -sf libkrunfw.so.4 libkrunfw.so - - name: Test Release if: ${{ matrix.rust-toolchain == 'stable' && github.event_name == 'push' }} run: | @@ -208,15 +199,6 @@ jobs: override: true toolchain: ${{ matrix.rust-toolchain }} - # A hack to make `ld` find the libkrunfw because right now it seems to only look for libkrunfw.so.x - # and not libkrunfw.so or libkrunfw.so.x.x.x even though their SONAME is libkrunfw.so.x - - name: Create symlinks - run: | - cd build/libkrunfw - objdump -p libkrunfw.so.4.4.2 | grep SONAME # sanity check - ln -sf libkrunfw.so.4.4.2 libkrunfw.so.4 - ln -sf libkrunfw.so.4 libkrunfw.so - - name: Run Tests run: | sudo -E bash -c 'export LIBRARY_PATH=${{ github.workspace }}/build/libkrunfw:${{ github.workspace }}/build/libkrun/target/release && \ From c8c4cb26361f3380c20ba452271c4855ca560f1f Mon Sep 17 00:00:00 2001 From: Stephen Akinyemi Date: Sun, 13 Apr 2025 18:02:13 +0200 Subject: [PATCH 5/5] refactor: fix lint complaints - Allow clippy warnings for too many arguments in several functions to enhance readability. - Simplify script collection in `add_subcommand` by directly collecting scripts without mapping. - Update error handling in `run_subcommand` to remove unnecessary references. - Change `Into` implementation to `From` for better idiomatic usage. - Refactor various function calls to pass values directly instead of references where applicable. - Enhance error handling in `get_image_config` to streamline the process. - Introduce a new `MicroVm` module to encapsulate MicroVM-related functionality, improving organization. - Update logging and error handling for better clarity and consistency across the codebase. --- microsandbox-core/bin/msb/handlers.rs | 8 +- microsandbox-core/lib/cli/styles.rs | 2 +- .../lib/config/microsandbox/config.rs | 2 +- .../lib/config/reference_path.rs | 6 +- microsandbox-core/lib/management/config.rs | 81 +++++++++---------- microsandbox-core/lib/management/db.rs | 11 +-- microsandbox-core/lib/management/image.rs | 8 +- microsandbox-core/lib/management/menv.rs | 4 +- microsandbox-core/lib/management/orchestra.rs | 4 +- microsandbox-core/lib/management/sandbox.rs | 5 +- microsandbox-core/lib/management/server.rs | 2 +- .../lib/oci/implementations/docker.rs | 4 +- microsandbox-core/lib/oci/reference.rs | 4 +- microsandbox-core/lib/runtime/monitor.rs | 1 + microsandbox-core/lib/server/api.rs | 2 +- .../lib/vm/{vm.rs => microvm.rs} | 0 microsandbox-core/lib/vm/mod.rs | 4 +- microsandbox-utils/lib/log/rotating.rs | 6 +- microsandbox-utils/lib/runtime/supervisor.rs | 3 +- 19 files changed, 79 insertions(+), 78 deletions(-) rename microsandbox-core/lib/vm/{vm.rs => microvm.rs} (100%) diff --git a/microsandbox-core/bin/msb/handlers.rs b/microsandbox-core/bin/msb/handlers.rs index e466f91c..c09b0bbe 100644 --- a/microsandbox-core/bin/msb/handlers.rs +++ b/microsandbox-core/bin/msb/handlers.rs @@ -1,3 +1,5 @@ +#![allow(clippy::too_many_arguments)] + use clap::{error::ErrorKind, CommandFactory}; use microsandbox_core::{ cli::{AnsiStyles, MicrosandboxArgs}, @@ -59,7 +61,7 @@ pub async fn add_subcommand( depends_on, workdir, shell, - scripts: scripts.into_iter().map(|(k, v)| (k, v.into())).collect(), + scripts: scripts.into_iter().collect(), imports: imports.into_iter().map(|(k, v)| (k, v.into())).collect(), exports: exports.into_iter().map(|(k, v)| (k, v.into())).collect(), reach, @@ -173,7 +175,7 @@ pub async fn run_subcommand( } sandbox::run( - &sandbox, + sandbox, script, path.as_deref(), config.as_deref(), @@ -566,7 +568,7 @@ fn parse_duration_string(duration_str: &str) -> MicrosandboxResult 8760 { + if !(0..=8760).contains(&value) { // 8760 is the number of hours in a year return Err(MicrosandboxError::InvalidArgument(format!( "Duration value too large or negative: {}. Maximum allowed is 8760 hours (1 year)", diff --git a/microsandbox-core/lib/cli/styles.rs b/microsandbox-core/lib/cli/styles.rs index 0d63be33..cc6b112e 100644 --- a/microsandbox-core/lib/cli/styles.rs +++ b/microsandbox-core/lib/cli/styles.rs @@ -8,7 +8,7 @@ use std::fmt::Write; #[cfg(not(test))] /// Global flag indicating whether we're in an ANSI-capable interactive terminal static IS_ANSI_TERMINAL: std::sync::LazyLock = - std::sync::LazyLock::new(|| microsandbox_utils::term::is_ansi_interactive_terminal()); + std::sync::LazyLock::new(microsandbox_utils::term::is_ansi_interactive_terminal); //-------------------------------------------------------------------------------------------------- // Functions diff --git a/microsandbox-core/lib/config/microsandbox/config.rs b/microsandbox-core/lib/config/microsandbox/config.rs index 14af1171..8df9ebe7 100644 --- a/microsandbox-core/lib/config/microsandbox/config.rs +++ b/microsandbox-core/lib/config/microsandbox/config.rs @@ -540,7 +540,7 @@ impl TryFrom for NetworkScope { type Error = MicrosandboxError; fn try_from(s: String) -> Result { - Ok(NetworkScope::try_from(s.as_str())?) + NetworkScope::try_from(s.as_str()) } } diff --git a/microsandbox-core/lib/config/reference_path.rs b/microsandbox-core/lib/config/reference_path.rs index eaaeb59d..90a10908 100644 --- a/microsandbox-core/lib/config/reference_path.rs +++ b/microsandbox-core/lib/config/reference_path.rs @@ -83,9 +83,9 @@ impl TryFrom for ReferenceOrPath { } } -impl Into for ReferenceOrPath { - fn into(self) -> String { - self.to_string() +impl From for String { + fn from(value: ReferenceOrPath) -> Self { + value.to_string() } } diff --git a/microsandbox-core/lib/management/config.rs b/microsandbox-core/lib/management/config.rs index 0099c604..b362371c 100644 --- a/microsandbox-core/lib/management/config.rs +++ b/microsandbox-core/lib/management/config.rs @@ -26,6 +26,7 @@ use super::db; //-------------------------------------------------------------------------------------------------- #[derive(Debug, Clone)] +#[allow(clippy::large_enum_variant)] /// The component to add to the Microsandbox configuration. pub enum Component { /// A sandbox component. @@ -171,7 +172,7 @@ pub async fn add( .make_mapping(); // Add image field (required) - sandbox_mapping.insert_str("image", image.to_string()); + sandbox_mapping.insert_str("image", image); // Add optional fields if let Some(ram_value) = ram { @@ -179,7 +180,7 @@ pub async fn add( } if let Some(cpus_value) = cpus { - sandbox_mapping.insert_u32("cpus", *cpus_value as u32); + sandbox_mapping.insert_u32("cpus", *cpus_value); } // Add shell (default if not provided) @@ -222,7 +223,7 @@ pub async fn add( // Add env_file if provided if let Some(env_file_path) = env_file { - sandbox_mapping.insert_str("env_file", env_file_path.to_string()); + sandbox_mapping.insert_str("env_file", env_file_path); } // Add depends_on if any @@ -238,7 +239,7 @@ pub async fn add( // Add workdir if provided if let Some(workdir_path) = workdir { - sandbox_mapping.insert_str("workdir", workdir_path.to_string()); + sandbox_mapping.insert_str("workdir", workdir_path); } // Add scripts if any @@ -259,7 +260,7 @@ pub async fn add( .make_mapping(); for (import_name, import_path) in imports { - imports_mapping.insert_str(import_name, import_path.to_string()); + imports_mapping.insert_str(import_name, import_path); } } @@ -270,7 +271,7 @@ pub async fn add( .make_mapping(); for (export_name, export_path) in exports { - exports_mapping.insert_str(export_name, export_path.to_string()); + exports_mapping.insert_str(export_name, export_path); } } @@ -326,37 +327,33 @@ pub async fn remove( let mut doc = yaml::from_slice(config_contents.as_bytes()) .map_err(|e| MicrosandboxError::ConfigParseError(e.to_string()))?; - match component_type { - ComponentType::Sandbox => { - let doc_mut = doc.as_mut(); - let mut root_mapping = - doc_mut - .into_mapping_mut() - .ok_or(MicrosandboxError::ConfigParseError( - "config is not valid. expected an object".to_string(), - ))?; - - // Ensure the "sandboxes" key exists in the root mapping - let mut sandboxes_mapping = - if let Some(sandboxes_mut) = root_mapping.get_mut("sandboxes") { - // Get the existing sandboxes mapping - sandboxes_mut - .into_mapping_mut() - .ok_or(MicrosandboxError::ConfigParseError( - "sandboxes is not a valid mapping".to_string(), - ))? - } else { - // Create a new sandboxes mapping if it doesn't exist - root_mapping - .insert("sandboxes", yaml::Separator::Auto) - .make_mapping() - }; - - for name in names { - sandboxes_mapping.remove(name); - } + if let ComponentType::Sandbox = component_type { + let doc_mut = doc.as_mut(); + let mut root_mapping = + doc_mut + .into_mapping_mut() + .ok_or(MicrosandboxError::ConfigParseError( + "config is not valid. expected an object".to_string(), + ))?; + + // Ensure the "sandboxes" key exists in the root mapping + let mut sandboxes_mapping = if let Some(sandboxes_mut) = root_mapping.get_mut("sandboxes") { + // Get the existing sandboxes mapping + sandboxes_mut + .into_mapping_mut() + .ok_or(MicrosandboxError::ConfigParseError( + "sandboxes is not a valid mapping".to_string(), + ))? + } else { + // Create a new sandboxes mapping if it doesn't exist + root_mapping + .insert("sandboxes", yaml::Separator::Auto) + .make_mapping() + }; + + for name in names { + sandboxes_mapping.remove(name); } - _ => (), } // Write the modified YAML back to the file, preserving formatting @@ -390,10 +387,8 @@ pub async fn list( let (config, _, _) = load_config(project_dir, config_file).await?; match component_type { - ComponentType::Sandbox => { - return Ok(config.get_sandboxes().keys().cloned().collect()); - } - _ => return Ok(vec![]), + ComponentType::Sandbox => Ok(config.get_sandboxes().keys().cloned().collect()), + _ => Ok(vec![]), } } @@ -435,7 +430,7 @@ pub async fn load_config( let canonical_project_dir = fs::canonicalize(project_dir).await?; // Validate the config file path - let config_file = config_file.unwrap_or_else(|| MICROSANDBOX_CONFIG_FILENAME); + let config_file = config_file.unwrap_or(MICROSANDBOX_CONFIG_FILENAME); let _ = PathSegment::try_from(config_file)?; let full_config_path = canonical_project_dir.join(config_file); @@ -478,7 +473,7 @@ pub async fn resolve_config_paths( let canonical_project_dir = fs::canonicalize(project_dir).await?; // Validate the config file path - let config_file = config_file.unwrap_or_else(|| MICROSANDBOX_CONFIG_FILENAME); + let config_file = config_file.unwrap_or(MICROSANDBOX_CONFIG_FILENAME); let _ = PathSegment::try_from(config_file)?; let full_config_path = canonical_project_dir.join(config_file); @@ -524,7 +519,7 @@ pub async fn apply_image_defaults( oci_db: &Pool, ) -> MicrosandboxResult<()> { // Get the image configuration - if let Some(config) = db::get_image_config(&oci_db, &reference.to_string()).await? { + if let Some(config) = db::get_image_config(oci_db, &reference.to_string()).await? { tracing::info!("Applying defaults from image configuration"); // Apply working directory if not set in sandbox diff --git a/microsandbox-core/lib/management/db.rs b/microsandbox-core/lib/management/db.rs index 269ae092..0a6ff195 100644 --- a/microsandbox-core/lib/management/db.rs +++ b/microsandbox-core/lib/management/db.rs @@ -106,6 +106,7 @@ pub async fn get_or_create_pool( /// Saves or updates a sandbox in the database and returns its ID. /// If a sandbox with the same name and config_file exists, it will be updated. /// Otherwise, a new sandbox record will be created. +#[allow(clippy::too_many_arguments)] pub(crate) async fn save_or_update_sandbox( pool: &Pool, name: &str, @@ -122,7 +123,7 @@ pub(crate) async fn save_or_update_sandbox( id: 0, name: name.to_string(), config_file: config_file.to_string(), - config_last_modified: config_last_modified.clone(), + config_last_modified: *config_last_modified, status: status.to_string(), supervisor_pid, microvm_pid, @@ -149,12 +150,12 @@ pub(crate) async fn save_or_update_sandbox( RETURNING id "#, ) - .bind(&sandbox.config_last_modified.to_rfc3339()) + .bind(sandbox.config_last_modified.to_rfc3339()) .bind(&sandbox.status) - .bind(&sandbox.supervisor_pid) - .bind(&sandbox.microvm_pid) + .bind(sandbox.supervisor_pid) + .bind(sandbox.microvm_pid) .bind(&sandbox.rootfs_paths) - .bind(&sandbox.group_id) + .bind(sandbox.group_id) .bind(&sandbox.group_ip) .bind(&sandbox.name) .bind(&sandbox.config_file) diff --git a/microsandbox-core/lib/management/image.rs b/microsandbox-core/lib/management/image.rs index 20e3d046..a8ec01d2 100644 --- a/microsandbox-core/lib/management/image.rs +++ b/microsandbox-core/lib/management/image.rs @@ -182,9 +182,9 @@ pub async fn pull_from_docker_registry( /// Returns an error if: /// * Sandboxes registry image pull is not implemented pub async fn pull_from_sandboxes_registry(_image: &Reference) -> MicrosandboxResult<()> { - return Err(MicrosandboxError::NotImplemented( + Err(MicrosandboxError::NotImplemented( "sandboxes registry image pull is not implemented".to_string(), - )); + )) } /// Pulls an image group from the Sandboxes.io registry. @@ -197,9 +197,9 @@ pub async fn pull_from_sandboxes_registry(_image: &Reference) -> MicrosandboxRes /// Returns an error if: /// * Sandboxes registry image group pull is not implemented pub async fn pull_group_from_sandboxes_registry(_group: &Reference) -> MicrosandboxResult<()> { - return Err(MicrosandboxError::NotImplemented( + Err(MicrosandboxError::NotImplemented( "Sandboxes registry image group pull is not implemented".to_string(), - )); + )) } //-------------------------------------------------------------------------------------------------- diff --git a/microsandbox-core/lib/management/menv.rs b/microsandbox-core/lib/management/menv.rs index 72db8642..8dae63a7 100644 --- a/microsandbox-core/lib/management/menv.rs +++ b/microsandbox-core/lib/management/menv.rs @@ -68,7 +68,7 @@ pub async fn initialize(project_dir: Option) -> MicrosandboxResult<()> /// /// ## Arguments /// * `project_dir` - Optional path where the microsandbox environment should be cleaned. -/// If None, uses current directory +/// If None, uses current directory /// /// ## Example /// ```no_run @@ -111,7 +111,7 @@ pub async fn clean(project_dir: Option) -> MicrosandboxResult<()> { //-------------------------------------------------------------------------------------------------- /// Create the required directories and files for a microsandbox environment -pub(crate) async fn ensure_menv_files(menv_path: &PathBuf) -> MicrosandboxResult<()> { +pub(crate) async fn ensure_menv_files(menv_path: &Path) -> MicrosandboxResult<()> { // Create log directory if it doesn't exist fs::create_dir_all(menv_path.join(LOG_SUBDIR)).await?; diff --git a/microsandbox-core/lib/management/orchestra.rs b/microsandbox-core/lib/management/orchestra.rs index 48e8184d..cb5654f5 100644 --- a/microsandbox-core/lib/management/orchestra.rs +++ b/microsandbox-core/lib/management/orchestra.rs @@ -96,7 +96,7 @@ pub async fn apply( running_sandboxes.iter().map(|s| s.name.clone()).collect(); // Start sandboxes that are in config but not active - for (name, _) in config_sandboxes { + for name in config_sandboxes.keys() { // Should start in parallel if !running_sandbox_names.contains(name) { tracing::info!("Starting sandbox: {}", name); @@ -201,7 +201,7 @@ pub async fn up( running_sandboxes.iter().map(|s| s.name.clone()).collect(); // Start specified sandboxes that are in config but not active - for (sandbox_name, _) in config_sandboxes { + for sandbox_name in config_sandboxes.keys() { // Only start if sandbox is in the specified list and not already running if sandbox_names.contains(sandbox_name) && !running_sandbox_names.contains(sandbox_name) { tracing::info!("Starting sandbox: {}", sandbox_name); diff --git a/microsandbox-core/lib/management/sandbox.rs b/microsandbox-core/lib/management/sandbox.rs index 033e30e0..aaf329fd 100644 --- a/microsandbox-core/lib/management/sandbox.rs +++ b/microsandbox-core/lib/management/sandbox.rs @@ -87,6 +87,7 @@ const TEMPORARY_SANDBOX_NAME: &str = "tmp"; /// Ok(()) /// } /// ``` +#[allow(clippy::too_many_arguments)] pub async fn run( sandbox_name: &str, script_name: Option<&str>, @@ -188,7 +189,7 @@ pub async fn run( .arg("--config-file") .arg(&config_file) .arg("--config-last-modified") - .arg(&config_last_modified.to_rfc3339()) + .arg(config_last_modified.to_rfc3339()) .arg("--sandbox-db-path") .arg(&sandbox_db_path) .arg("--scope") @@ -378,6 +379,7 @@ pub async fn run( /// Ok(()) /// } /// ``` +#[allow(clippy::too_many_arguments)] pub async fn run_temp( image: &Reference, script: Option<&str>, @@ -467,6 +469,7 @@ pub async fn run_temp( // Functions: Helpers //-------------------------------------------------------------------------------------------------- +#[allow(clippy::too_many_arguments)] async fn setup_image_rootfs( image: &Reference, sandbox_name: &str, diff --git a/microsandbox-core/lib/management/server.rs b/microsandbox-core/lib/management/server.rs index 2b827929..530d425a 100644 --- a/microsandbox-core/lib/management/server.rs +++ b/microsandbox-core/lib/management/server.rs @@ -154,7 +154,7 @@ pub async fn start( // Wait for either child process to exit or signal to be received tokio::select! { status = child.wait() => { - if !status.as_ref().map_or(false, |s| s.success()) { + if !status.as_ref().is_ok_and(|s| s.success()) { tracing::error!( "child process โ€” sandbox server โ€” exited with status: {:?}", status diff --git a/microsandbox-core/lib/oci/implementations/docker.rs b/microsandbox-core/lib/oci/implementations/docker.rs index a0b654fa..2665eee2 100644 --- a/microsandbox-core/lib/oci/implementations/docker.rs +++ b/microsandbox-core/lib/oci/implementations/docker.rs @@ -339,8 +339,8 @@ impl OciRegistryPull for DockerRegistry { // Save layer metadata to database independently of manifests let layer_id = db::save_or_update_layer( &self.oci_db, - &layer_desc.media_type().to_string(), - &layer_desc.digest().to_string(), + layer_desc.media_type().as_ref(), + layer_desc.digest().as_ref(), layer_desc.size() as i64, diff_id, ) diff --git a/microsandbox-core/lib/oci/reference.rs b/microsandbox-core/lib/oci/reference.rs index 48808ffe..cd072f03 100644 --- a/microsandbox-core/lib/oci/reference.rs +++ b/microsandbox-core/lib/oci/reference.rs @@ -133,10 +133,10 @@ impl FromStr for Reference { selector: ReferenceSelector::tag_with_digest(tag, parsed_digest), }) } else { - return Err(MicrosandboxError::ImageReferenceError(format!( + Err(MicrosandboxError::ImageReferenceError(format!( "invalid digest: {}", potential_digest - ))); + ))) } } else { let (registry, remainder) = extract_registry_and_path(s, &default_registry); diff --git a/microsandbox-core/lib/runtime/monitor.rs b/microsandbox-core/lib/runtime/monitor.rs index 129a4bc8..eb948b6f 100644 --- a/microsandbox-core/lib/runtime/monitor.rs +++ b/microsandbox-core/lib/runtime/monitor.rs @@ -68,6 +68,7 @@ pub struct MicroVmMonitor { impl MicroVmMonitor { /// Create a new MicroVM monitor + #[allow(clippy::too_many_arguments)] pub async fn new( supervisor_pid: u32, sandbox_db_path: impl AsRef, diff --git a/microsandbox-core/lib/server/api.rs b/microsandbox-core/lib/server/api.rs index 5d1293af..d11b0bb7 100644 --- a/microsandbox-core/lib/server/api.rs +++ b/microsandbox-core/lib/server/api.rs @@ -248,7 +248,7 @@ async fn auth_middleware( ( status, Json(ErrorResponse::new( - status.as_u16() as u16, + status.as_u16(), message, ErrorType::AuthenticationError, )), diff --git a/microsandbox-core/lib/vm/vm.rs b/microsandbox-core/lib/vm/microvm.rs similarity index 100% rename from microsandbox-core/lib/vm/vm.rs rename to microsandbox-core/lib/vm/microvm.rs diff --git a/microsandbox-core/lib/vm/mod.rs b/microsandbox-core/lib/vm/mod.rs index 2560c5ab..d099cbe4 100644 --- a/microsandbox-core/lib/vm/mod.rs +++ b/microsandbox-core/lib/vm/mod.rs @@ -2,8 +2,8 @@ mod builder; mod ffi; +mod microvm; mod rlimit; -mod vm; //-------------------------------------------------------------------------------------------------- // Exports @@ -12,5 +12,5 @@ mod vm; pub use builder::*; #[allow(unused)] pub use ffi::*; +pub use microvm::*; pub use rlimit::*; -pub use vm::*; diff --git a/microsandbox-utils/lib/log/rotating.rs b/microsandbox-utils/lib/log/rotating.rs index f38d8d12..a3635a4b 100644 --- a/microsandbox-utils/lib/log/rotating.rs +++ b/microsandbox-utils/lib/log/rotating.rs @@ -327,9 +327,9 @@ impl AsyncWrite for RotatingLog { impl Write for SyncChannelWriter { fn write(&mut self, buf: &[u8]) -> io::Result { let data = buf.to_vec(); - self.tx.send(data).map_err(|_| { - io::Error::new(io::ErrorKind::Other, "failed to send log data to channel") - })?; + self.tx + .send(data) + .map_err(|_| io::Error::other("failed to send log data to channel"))?; Ok(buf.len()) } diff --git a/microsandbox-utils/lib/runtime/supervisor.rs b/microsandbox-utils/lib/runtime/supervisor.rs index 665e01b9..3fd40028 100644 --- a/microsandbox-utils/lib/runtime/supervisor.rs +++ b/microsandbox-utils/lib/runtime/supervisor.rs @@ -127,8 +127,7 @@ where // Set up child's session and controlling terminal unsafe { command.pre_exec(|| { - nix::unistd::setsid() - .map_err(|e| std::io::Error::new(std::io::ErrorKind::Other, e))?; + nix::unistd::setsid().map_err(std::io::Error::other)?; if libc::ioctl(libc::STDIN_FILENO, libc::TIOCSCTTY as _, 1 as libc::c_long) < 0 { return Err(std::io::Error::last_os_error());