The pulp client is very large and defines a lot of symbols in on
package, which causes very large memory usage on el8 aarch64 (presumably
because of 64k page sizes).
Adding a 1 GiB swapfile fixes the issue in our CI runners.
When the container with osbuild-composer gets built in our CI or by
AppSRE, we do not set the composer version to any value (as we do when
we built RPMs). As a result, the version reported by composer is always
"devel". This is not useful for debugging and determining the used
version of composer. In addition, this information now gets exposed in
Koji builds, therefore it makes sense to make it useful.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
DNF has more elaborate locking system and can wait for other instances of
itself when installing packages. Using rpm directly to install local
package is causing failures in CI due to it not being able to acquire
lock on `/var/lib/rpm/.rpm.lock`.
Using DNF should improve the situation, although there is no good
documentation to link and support this claim for sure.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Currently, we still have the issue with rogue instances. The latest commit in
the gitlab-ci-terraform repository prevents that by limiting the validity
of the spot fleet request to 4 hours which matches our maximum job duration
set in GitLab.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
We used pre-GA repositories previously. Since GA is now out, let's switch to
it. We need to do two changes:
- use the latest terraform definitions that use the GA images
- update Schutzfile to use GA repositories (and updates)
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
The new terraform runners support an extended lists of tags to get a
greater precision on the stats we can extract from AWS cost center.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Fedora-37 was using "ci-ssd" instance in RHOS-01 which does not support
nested KVM. This SHA switches them to use "ci" instances which do
support nested kvm.
This update removes all repos on the f-37 runner during provisioning
which should resolve issues with "updates-testing" repo being enabled
and not overwritten.
The checkout in the working directory is a shallow clone with gitlab as
a remote. As a result fast-forwarding failed due to not recognizing the
remote release branch as an ancestor of $CI_COMMIT_SHA.
This clones (with `--bare`) the github remote in a separate
directory. It should not be necessary to remove the release-ff-clone
directory each time, simply fetch if it already exists.
We want to be able to safely gather any artifacts without worrying about
any possible secrets leaking. Every artifacts that we want to upload
will now have to be placed in /tmp/artifacts which will then be uploaded
to S3 by the executor and link to the artifacts will be provided in the
logs. Only people with access to our AWS account can see them.
There appears to be a problem with nested virtualization on newly added
hypervisors with ssd. I believe the issue is not preset on regular
instances, so switching to those until the issues can be resolved.
RPM Spec
--------
Remove all Go dependecies
Add Start and End marker comments for bundling information
Add '-k' to goprep to preserve the vendor directory
tools
-----
Add script to update the RPM spec file to generate the indication lines
based on vendor/modules.txt
Packit
------
Run the new script as a post-upstream-clone hook
Makefile
--------
Run the new script on the generated spec file before generating the RPM
mockbuild.sh
------------
Run the new script before creating the RPM
