Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

linter: update usrmerge and make it required #1839

Merged
merged 4 commits into from
Mar 11, 2025
Merged

linter: update usrmerge and make it required #1839

merged 4 commits into from
Mar 11, 2025
+63 −18

Conversation

justinvreeland
Copy link
Contributor

@justinvreeland justinvreeland commented Mar 6, 2025
edited
Loading

Melange Pull Request Template

Notes:

Linter

  • The new check is clean across Wolfi

I don't have a just newest copy of wolf packages locally but the failures I see are all packages we've replaced.

❯ melange lint packages/aarch64/wolfi-baselayout-20230201-r18.apk 
2025/03/10 14:48:58 INFO Required checks: [dev infodir tempdir usrmerge varempty]
2025/03/10 14:48:58 INFO Warning checks: [lddcheck object opt pkgconf python/docs python/multiple python/test setuidgid srv strip usrlocal worldwrite]
2025/03/10 14:48:58 INFO linting apk: wolfi-baselayout (size: 14 kB)
2025/03/10 14:48:58 WARN linter "usrlocal" failed on package "wolfi-baselayout": /usr/local path found in non-compat package: usr/local/lib64; suggest: This package should be a -compat package

❯ melange lint packages/aarch64/util-linux-misc-2.40.1-r0.apk 
2025/03/10 15:09:37 INFO Required checks: [dev infodir tempdir usrmerge varempty]
2025/03/10 15:09:37 INFO Warning checks: [lddcheck object opt pkgconf python/docs python/multiple python/test setuidgid srv strip usrlocal worldwrite]
2025/03/10 15:09:37 WARN parsing .melange.yaml: could not open .melange.yaml file: file does not exist
2025/03/10 15:09:37 INFO linting apk: util-linux-misc (size: 3.7 MB)
2025/03/10 15:09:37 WARN linter "setuidgid" failed on package "util-linux-misc": file is setgid; suggest: Unset the setuid/setgid bit on the relevant files, or remove this linter
2025/03/10 15:09:37 ERRO linter "usrmerge" failed on package "util-linux-misc": package contains non-symlink file at /sbin or /bin in violation of usrmerge; suggest: Move binary to /usr/{bin,sbin}


~/work/wolfi main ≡
❯ melange lint packages/aarch64/util-linux-misc-2.40.4-r31.apk 
2025/03/10 15:10:02 INFO Required checks: [dev infodir tempdir usrmerge varempty]
2025/03/10 15:10:02 INFO Warning checks: [lddcheck object opt pkgconf python/docs python/multiple python/test setuidgid srv strip usrlocal worldwrite]
2025/03/10 15:10:02 INFO linting apk: util-linux-misc (size: 8.8 MB)

@justinvreeland justinvreeland force-pushed the jvreeland/fixup-linter branch 4 times, most recently from 533c530 to 22368f8 Compare March 7, 2025 21:48
@justinvreeland justinvreeland force-pushed the jvreeland/fixup-linter branch from 22368f8 to 3a1f704 Compare March 10, 2025 17:26
@justinvreeland justinvreeland requested a review from a team March 11, 2025 14:55
@justinvreeland justinvreeland marked this pull request as ready for review March 11, 2025 14:55
a-crate
a-crate previously approved these changes Mar 11, 2025
View reviewed changes
Copy link
Member

@a-crate a-crate left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ideally we should still warn about writing to paths we will usrmerge later (/usr/sbin,/lib) imo.

murraybd
murraybd previously approved these changes Mar 11, 2025
View reviewed changes
@murraybd
Copy link
Contributor

Ideally we should still warn about writing to paths we will usrmerge later (/usr/sbin,/lib) imo.

While I agree we were just warning which I suspect nobody looks at.

@justinvreeland
Copy link
Contributor Author

I can do a follow up change to add a new warning linter for those.

@justinvreeland justinvreeland dismissed stale reviews from murraybd and a-crate via 18f7053 March 11, 2025 21:45
xnox
xnox approved these changes Mar 11, 2025
View reviewed changes
Copy link
Contributor

@xnox xnox left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

one can ignore build failures, as those are failing due to out of date remediations in wolfi, and not due to the proposed melange change.

@justinvreeland justinvreeland merged commit 09ae0e6 into chainguard-dev:main Mar 11, 2025
34 of 38 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@xnox xnox xnox approved these changes

@murraybd murraybd murraybd approved these changes

@a-crate a-crate a-crate left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@justinvreeland @murraybd @xnox @a-crate