Allow guest settle timeout to be configured
Falls back to 120seconds per default if the key isn't in the config
file.
Assumes startup-timeout is in seconds
e.g. 120 for 2 minutes
Allow the maximum artifact size to be configured
Falls back to 1GB if the key isn't set in the config.
This assumes that the value is set as an integer representing how many
gigabytes are allowed.
e.g. 5 for 5GB or 1 for 1GB (default)
Allow maximum artifact count to be customized
Falls back to 8 artifacts per job if the config key max-artifacts isn't
set
Allow s3 storage location to be configured
Fall back to us-east-1 when the setting key isn't found in the
config.ini file
Only allow resubmission of accessible jobs
Un-break "View manifest" link in UI
This link was using the previously unauthenticated API endpoint for
manifests. However, that now requires authentication like any other
endpoint. Instead, provide a simple UI route which displays the
manifest.
api/job_by_id_manifest_GET: require oauth
api/job_by_id_manifest_GET: fix logic grouping
api/job_by_id_manifest_GET: fix user/token
builds.sr.ht: fix /api/.../manifest for logged out user
images/archlinux: add missing mkdir
ubuntu: upgrade packages during genimg
images/archlinux: avoid GnuPG's new keyboxd
GnuPG recently made "keyboxd", an alternative keyring storage, the
default for new installs [1]. For reasons I cannot explain yet, a gpg
command will hang indefinetly trying to talk to keyboxd, if all of the
following are true:
- keyboxd is already running for the user
- it is managed by the systemd-user session (!?)
- the gpg command is run inside fakeroot
This is easily reproducible on builds.sr.ht: when building and signing a
package with `makepkg`, it will just hang forever after outputting
"Entering fakeroot environment". One can see in the process tree that it
is executing a gpg command inside a fakeroot at that time, which never
finishes.
While I have not found the cause, this issue is not isolated to
builds.sr.ht. I have reproduced this on other Arch Linux systems.
I am trying to figure out what the exact issue is, and whom to talk to
about it, but until then I think just avoiding keyboxd makes sense.
Hence, this commit disables keyboxd system-wide by adding a
configuration put forth in [2]. I verified that this is indeed
sufficient to make GnuPG fall back to the old storage format, even for
new setups.
[1] https://github.com/gpg/gnupg/blob/master/README#L119
[2] https://marc.info/?l=gnupg-users&m=170193805722787&w=2
images/archlinux: refresh pacman index before installing yay
Otherwise we get this:
+ chroot root sudo -u build -g build /bin/bash -c 'cd /home/build && cd yay && env GOCACHE=/tmp/cache makepkg -si --noconfirm --skippgpcheck'
==> Making package: yay 12.2.0-1 (Mon Dec 4 09:06:25 2023)
==> Checking runtime dependencies...
warning: database file for 'multilib' does not exist (use '-Sy' to download)
==> Checking buildtime dependencies...
warning: database file for 'multilib' does not exist (use '-Sy' to download)
==> Installing missing dependencies...
warning: database file for 'multilib' does not exist (use '-Sy' to download)
error: failed to prepare transaction (could not find database)
==> ERROR: 'pacman' failed to install missing dependencies.
==> Missing dependencies:
-> go>=1.19
==> ERROR: Could not resolve all dependencies.
images/archlinux: use yay --provides=false instead of --noprovides
Fixes this warning:
-> '--noprovides' is deprecated. Use '--provides=false' instead
images/archlinux: upgrade archlinux-keyring before other packages
Currently the Arch image is broken because the keyring has been
updated but the package is too old:
curl: signature from "Leonidas Spyropoulos <artafinde@archlinux.org>" is unknown trust
:: deleting corrupted file '/var/cache/pacman/pkg/curl-8.4.0-2-x86_64.pkg.tar.zst' (invalid or corrupted package (PGP signature))
syslinux: signature from "Leonidas Spyropoulos <artafinde@archlinux.org>" is unknown trust
:: deleting corrupted file '/var/cache/pacman/pkg/syslinux-6.04.pre2.r11.gbf6db5b4-4-x86_64.pkg.tar.zst' (invalid or corrupted package (PGP signature))
contrib/crontab: add FreeBSD 14