From 25af30aed57d211e51cda2549d39646119bdb8af Mon Sep 17 00:00:00 2001 From: Lutz Reinhardt Date: Tue, 4 Nov 2025 14:06:17 +0000 Subject: [PATCH 01/14] Fix setting USE_BAZEL_VERSION in /etc/profile.d bazel completions are generated for the bazel version specified with `.bazelversion`. But USE_BAZEL_VERSION was not updated accordingly. This resulted in the wrong bazel version being used and completions not working. Fixes #48 --- .../s-core-local/install_matching_bazel_version.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/s-core-devcontainer/.devcontainer/s-core-local/install_matching_bazel_version.sh b/src/s-core-devcontainer/.devcontainer/s-core-local/install_matching_bazel_version.sh index 0ffd36a..b950c2e 100755 --- a/src/s-core-devcontainer/.devcontainer/s-core-local/install_matching_bazel_version.sh +++ b/src/s-core-devcontainer/.devcontainer/s-core-local/install_matching_bazel_version.sh @@ -6,5 +6,5 @@ if [ -f .bazelversion ] && [ "$(cat .bazelversion)" != "$(bazel version | grep ' USE_BAZEL_VERSION=$(cat .bazelversion) bazel help completion > /tmp/bazel-complete.bash sudo mv /tmp/bazel-complete.bash /etc/bash_completion.d/bazel-complete.bash - sudo sed -i '/^USE_BAZEL_VERSION=/c\USE_BAZEL_VERSION=${USE_BAZEL_VERSION}' /etc/profile.d/bazel.sh || true + echo "export USE_BAZEL_VERSION=$USE_BAZEL_VERSION" | sudo tee /etc/profile.d/bazel.sh fi From 95376361b0a59dba9e646ef85a052e2ab48fd6b4 Mon Sep 17 00:00:00 2001 From: Lutz Reinhardt Date: Wed, 5 Nov 2025 07:57:06 +0000 Subject: [PATCH 02/14] avoid installing another bazel version on version mismatch --- .../s-core-local/install_matching_bazel_version.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/s-core-devcontainer/.devcontainer/s-core-local/install_matching_bazel_version.sh b/src/s-core-devcontainer/.devcontainer/s-core-local/install_matching_bazel_version.sh index b950c2e..ac5a880 100755 --- a/src/s-core-devcontainer/.devcontainer/s-core-local/install_matching_bazel_version.sh +++ b/src/s-core-devcontainer/.devcontainer/s-core-local/install_matching_bazel_version.sh @@ -1,7 +1,9 @@ #!/usr/bin/env bash set -eo pipefail -if [ -f .bazelversion ] && [ "$(cat .bazelversion)" != "$(bazel version | grep 'Build label:' | awk '{print $3}')" ]; then +. /etc/profile.d/bazel.sh || true + +if [ -f .bazelversion ] && [ "$(cat .bazelversion)" != "$USE_BAZEL_VERSION" ]; then # Pre-install the matching Bazel version, setup the bash command completion USE_BAZEL_VERSION=$(cat .bazelversion) bazel help completion > /tmp/bazel-complete.bash From ade437ff950a9302104d82c32e1ea1be1ae56278 Mon Sep 17 00:00:00 2001 From: Lutz Reinhardt Date: Fri, 7 Nov 2025 11:24:22 +0000 Subject: [PATCH 03/14] do not set USE_BAZEL_VERSION it override .bazelversion which should not happen by default --- .../.devcontainer/s-core-local/install.sh | 2 +- .../s-core-local/install_matching_bazel_version.sh | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/s-core-devcontainer/.devcontainer/s-core-local/install.sh b/src/s-core-devcontainer/.devcontainer/s-core-local/install.sh index 36ebec1..c2a8549 100755 --- a/src/s-core-devcontainer/.devcontainer/s-core-local/install.sh +++ b/src/s-core-devcontainer/.devcontainer/s-core-local/install.sh @@ -61,7 +61,7 @@ bazel help completion > /tmp/bazel-complete.bash ls -lah /tmp/bazel-complete.bash mkdir -p /etc/bash_completion.d mv /tmp/bazel-complete.bash /etc/bash_completion.d/bazel-complete.bash -sh -c "echo 'export USE_BAZEL_VERSION=${bazel_version}' >> /etc/profile.d/bazel.sh" +sh -c "echo 'INSTALLED_BAZEL_VERSION=${bazel_version}' >> /devcontainer/features/s-core-local/bazel_setup.sh" # Buildifier, directly from GitHub (apparently no APT repository available) # The version is pinned to a specific release, and the SHA256 checksum is provided by the devcontainer-features.json file. diff --git a/src/s-core-devcontainer/.devcontainer/s-core-local/install_matching_bazel_version.sh b/src/s-core-devcontainer/.devcontainer/s-core-local/install_matching_bazel_version.sh index ac5a880..2fc8bc3 100755 --- a/src/s-core-devcontainer/.devcontainer/s-core-local/install_matching_bazel_version.sh +++ b/src/s-core-devcontainer/.devcontainer/s-core-local/install_matching_bazel_version.sh @@ -1,12 +1,12 @@ #!/usr/bin/env bash set -eo pipefail -. /etc/profile.d/bazel.sh || true +. /devcontainer/features/s-core-local/bazel_setup.sh || true -if [ -f .bazelversion ] && [ "$(cat .bazelversion)" != "$USE_BAZEL_VERSION" ]; then +if [ -f .bazelversion ] && [ "$(cat .bazelversion)" != "$INSTALLED_BAZEL_VERSION" ]; then # Pre-install the matching Bazel version, setup the bash command completion USE_BAZEL_VERSION=$(cat .bazelversion) bazel help completion > /tmp/bazel-complete.bash sudo mv /tmp/bazel-complete.bash /etc/bash_completion.d/bazel-complete.bash - echo "export USE_BAZEL_VERSION=$USE_BAZEL_VERSION" | sudo tee /etc/profile.d/bazel.sh + echo "export INSTALLED_BAZEL_VERSION=$USE_BAZEL_VERSION" | sudo tee /devcontainer/features/s-core-local/bazel_setup.sh fi From bb50ddce0569097cc003f502c3f29e13ad8b2c2a Mon Sep 17 00:00:00 2001 From: Lutz Reinhardt Date: Fri, 7 Nov 2025 12:11:34 +0000 Subject: [PATCH 04/14] add bash argument if minimum bazel version is met --- .../.devcontainer/s-core-local/install.sh | 2 +- .../s-core-local/install_matching_bazel_version.sh | 11 +++++++++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/src/s-core-devcontainer/.devcontainer/s-core-local/install.sh b/src/s-core-devcontainer/.devcontainer/s-core-local/install.sh index c2a8549..1fda9d2 100755 --- a/src/s-core-devcontainer/.devcontainer/s-core-local/install.sh +++ b/src/s-core-devcontainer/.devcontainer/s-core-local/install.sh @@ -57,7 +57,7 @@ rm /tmp/bazelisk.deb # Pre-install a fixed Bazel version, setup the bash command completion export USE_BAZEL_VERSION=${bazel_version} -bazel help completion > /tmp/bazel-complete.bash +bazel help completion bash > /tmp/bazel-complete.bash ls -lah /tmp/bazel-complete.bash mkdir -p /etc/bash_completion.d mv /tmp/bazel-complete.bash /etc/bash_completion.d/bazel-complete.bash diff --git a/src/s-core-devcontainer/.devcontainer/s-core-local/install_matching_bazel_version.sh b/src/s-core-devcontainer/.devcontainer/s-core-local/install_matching_bazel_version.sh index 2fc8bc3..ecf0044 100755 --- a/src/s-core-devcontainer/.devcontainer/s-core-local/install_matching_bazel_version.sh +++ b/src/s-core-devcontainer/.devcontainer/s-core-local/install_matching_bazel_version.sh @@ -6,7 +6,14 @@ set -eo pipefail if [ -f .bazelversion ] && [ "$(cat .bazelversion)" != "$INSTALLED_BAZEL_VERSION" ]; then # Pre-install the matching Bazel version, setup the bash command completion USE_BAZEL_VERSION=$(cat .bazelversion) - bazel help completion > /tmp/bazel-complete.bash + + min_bazel_version_for_bash_option="8.4.0" + bash="" + if [ "$(printf '%s\n' "$min_bazel_version_for_bash_option" "$USE_BAZEL_VERSION" | sort -V | head -n1)" = "$min_bazel_version_for_bash_option" ]; then + bash="bash" + fi + + bazel help completion ${bash} > /tmp/bazel-complete.bash sudo mv /tmp/bazel-complete.bash /etc/bash_completion.d/bazel-complete.bash - echo "export INSTALLED_BAZEL_VERSION=$USE_BAZEL_VERSION" | sudo tee /devcontainer/features/s-core-local/bazel_setup.sh + echo "INSTALLED_BAZEL_VERSION=$USE_BAZEL_VERSION" | sudo tee /devcontainer/features/s-core-local/bazel_setup.sh fi From af690a8fe4b76f8a91b542045d77ef581a81d1ac Mon Sep 17 00:00:00 2001 From: Oliver Pajonk Date: Mon, 17 Nov 2025 10:00:43 +0000 Subject: [PATCH 05/14] fix: add missing parameters --- .github/workflows/ci.yaml | 2 +- .github/workflows/release.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 5e7c85c..af33db4 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -45,7 +45,7 @@ jobs: ./scripts/create_builder.sh # Build - ./scripts/build.sh + ./scripts/build.sh "main" # Test ./scripts/test.sh diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a3970ab..2c70f18 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -40,7 +40,7 @@ jobs: ./scripts/create_builder.sh # Build - ./scripts/build.sh + ./scripts/build.sh "${{ github.ref_name }}" "latest" # Test ./scripts/test.sh From 224cc04be8eb111089eaa3853e97cb4ecc3df852 Mon Sep 17 00:00:00 2001 From: Oliver Pajonk Date: Mon, 17 Nov 2025 10:09:08 +0000 Subject: [PATCH 06/14] ensure that bash is used, with fail-fast options According to https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepsshell, this should result in bash --noprofile --norc -eo pipefail {0} being used. --- .github/workflows/ci.yaml | 4 ++++ .github/workflows/release.yaml | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index af33db4..029fec4 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -6,6 +6,10 @@ on: branches: - main +defaults: + run: + shell: bash + concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: true diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 2c70f18..4ea91ff 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -5,6 +5,10 @@ on: tags: - '[0-9]+.[0-9]+.[0-9]+' +defaults: + run: + shell: bash + jobs: build: name: 'Check, Build, Test, Publish DevContainer' From cd237b8227f9f3267838fbc20472cfc881b19215 Mon Sep 17 00:00:00 2001 From: Oliver Pajonk Date: Mon, 17 Nov 2025 10:10:02 +0000 Subject: [PATCH 07/14] break it again to see fail-fast working --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 029fec4..6d3b70f 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -49,7 +49,7 @@ jobs: ./scripts/create_builder.sh # Build - ./scripts/build.sh "main" + ./scripts/build.sh # Test ./scripts/test.sh From 99443b9f5b6f57f3bc4092bed5e86a4512466bb7 Mon Sep 17 00:00:00 2001 From: Oliver Pajonk Date: Mon, 17 Nov 2025 10:25:50 +0000 Subject: [PATCH 08/14] make sur ebash fails fast cf. https://github.com/devcontainers/ci/issues/294 --- .github/workflows/ci.yaml | 6 ++---- .github/workflows/release.yaml | 6 ++---- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 6d3b70f..9d04aee 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -6,10 +6,6 @@ on: branches: - main -defaults: - run: - shell: bash - concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: true @@ -42,6 +38,8 @@ jobs: # We want to only use it for building and testing the actual container, which resides in src/s-core-devcontainer. push: "never" runCmd: | + set -euxo pipefail # make sure bash fails fast on errors + # Check pre-commit run --show-diff-on-failure --color=always --all-files || exit -1 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 4ea91ff..72f51ed 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -5,10 +5,6 @@ on: tags: - '[0-9]+.[0-9]+.[0-9]+' -defaults: - run: - shell: bash - jobs: build: name: 'Check, Build, Test, Publish DevContainer' @@ -37,6 +33,8 @@ jobs: # We want to only use it for building and testing the actual container, which resides in src/s-core-devcontainer. push: "never" runCmd: | + set -euxo pipefail # make sure bash fails fast on errors + # Check pre-commit run --show-diff-on-failure --color=always --all-files || exit -1 From dca1f8d1607aa5302214e48cada58bfeba4dcaee Mon Sep 17 00:00:00 2001 From: Oliver Pajonk Date: Mon, 17 Nov 2025 10:39:51 +0000 Subject: [PATCH 09/14] fix ci again --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 9d04aee..7841550 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -47,7 +47,7 @@ jobs: ./scripts/create_builder.sh # Build - ./scripts/build.sh + ./scripts/build.sh "main" # Test ./scripts/test.sh From 6342cc0627b098a9cc26f39db0862aa9a665d8b0 Mon Sep 17 00:00:00 2001 From: Lutz Reinhardt Date: Mon, 17 Nov 2025 11:49:08 +0000 Subject: [PATCH 10/14] dummy commit to retrigger github actions --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index a1f10fe..5037aaa 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,5 @@ # Common DevContainer for Eclipse S-CORE +blub This repository contains the common [development container](https://containers.dev) for [Eclipse S-CORE](https://github.com/eclipse-score). It contains all tools required to develop (modify, build, ...) Eclipse S-CORE. All tool version are well-defined, and all tools are pre-configured to work as expected for Eclipse S-CORE development. From 78d9bb57c37e6b41f03a5ee492dc06e772c52152 Mon Sep 17 00:00:00 2001 From: Lutz Reinhardt Date: Mon, 17 Nov 2025 11:49:18 +0000 Subject: [PATCH 11/14] Revert "dummy commit to retrigger github actions" This reverts commit 6342cc0627b098a9cc26f39db0862aa9a665d8b0. --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 5037aaa..a1f10fe 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,4 @@ # Common DevContainer for Eclipse S-CORE -blub This repository contains the common [development container](https://containers.dev) for [Eclipse S-CORE](https://github.com/eclipse-score). It contains all tools required to develop (modify, build, ...) Eclipse S-CORE. All tool version are well-defined, and all tools are pre-configured to work as expected for Eclipse S-CORE development. From 38dcca7035d322dbef1d4ab4c0096165b041ec08 Mon Sep 17 00:00:00 2001 From: Oliver Pajonk Date: Mon, 17 Nov 2025 12:34:13 +0000 Subject: [PATCH 12/14] Remove the separate build step Maybe caching does not work as expected, and with this, the publish step at the latest will definitely build the images. --- .github/workflows/ci.yaml | 7 ++----- .github/workflows/release.yaml | 7 ++----- 2 files changed, 4 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 7841550..8afbe4e 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -46,13 +46,10 @@ jobs: # Create builder for multi-arch builds ./scripts/create_builder.sh - # Build - ./scripts/build.sh "main" - - # Test + # Build & Test (amd64-only for tests to be fast) ./scripts/test.sh - # Optionally: Publish + # Optionally (if on main branch): Publish (multi-arch: amd64, arm64) # We do not use the push feature of devcontainers/ci here, since that would push the wrong container. # Instead, we use the publish script which pushes the correct container (residing in src/s-core-devcontainer). if [ "${{ github.ref }}" = "refs/heads/main" ]; then diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 72f51ed..d815e04 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -41,13 +41,10 @@ jobs: # Create builder for multi-arch builds ./scripts/create_builder.sh - # Build - ./scripts/build.sh "${{ github.ref_name }}" "latest" - - # Test + # Build & Test (amd64-only for tests to be fast) ./scripts/test.sh - # Publish + # Publish (multi-arch: amd64, arm64) # We do not use the push feature of devcontainers/ci here, since that would push the wrong container. # Instead, we use the publish script which pushes the correct container (residing in src/s-core-devcontainer). From 7e83324d031d5d74140f976c487000720520094a Mon Sep 17 00:00:00 2001 From: Lutz Reinhardt Date: Mon, 17 Nov 2025 13:26:29 +0000 Subject: [PATCH 13/14] Force bazel version in tests --- .../.devcontainer/s-core-local/tests/test_default.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/s-core-devcontainer/.devcontainer/s-core-local/tests/test_default.sh b/src/s-core-devcontainer/.devcontainer/s-core-local/tests/test_default.sh index 9c39f27..f11ebcc 100755 --- a/src/s-core-devcontainer/.devcontainer/s-core-local/tests/test_default.sh +++ b/src/s-core-devcontainer/.devcontainer/s-core-local/tests/test_default.sh @@ -29,7 +29,14 @@ check "validate pylint is working" bash -c "pylint --version" # Bazel-related tools check "validate bazelisk is working and has the correct version" bash -c "bazelisk version | grep '${bazelisk_version}'" + +## This is the bazel version preinstalled in the devcontainer. +## A solid test would disable the network interface first to prevent a different version from being downloaded, +## but that requires CAP_NET_ADMIN, which is not yet added. +export USE_BAZEL_VERSION=${bazel_version} check "validate bazel is working and has the correct version" bash -c "bazel version | grep '${bazel_version}'" +unset USE_BAZEL_VERSION + check "validate buildifier is working and has the correct version" bash -c "buildifier --version | grep '${buildifier_version}'" check "validate starpls is working and has the correct version" bash -c "starpls version | grep '${starpls_version}'" check "validate bazel-compile-commands is working and has the correct version" bash -c "bazel-compile-commands --version 2>&1 | grep '${bazel_compile_commands_version}'" From d722bd6096f239d5d0439457006b0bcb27da5314 Mon Sep 17 00:00:00 2001 From: Lutz Reinhardt Date: Fri, 21 Nov 2025 09:50:36 +0000 Subject: [PATCH 14/14] revert workflow changes should be fixed in separate PR --- .github/workflows/ci.yaml | 9 +++++---- .github/workflows/release.yaml | 9 +++++---- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 8afbe4e..5e7c85c 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -38,18 +38,19 @@ jobs: # We want to only use it for building and testing the actual container, which resides in src/s-core-devcontainer. push: "never" runCmd: | - set -euxo pipefail # make sure bash fails fast on errors - # Check pre-commit run --show-diff-on-failure --color=always --all-files || exit -1 # Create builder for multi-arch builds ./scripts/create_builder.sh - # Build & Test (amd64-only for tests to be fast) + # Build + ./scripts/build.sh + + # Test ./scripts/test.sh - # Optionally (if on main branch): Publish (multi-arch: amd64, arm64) + # Optionally: Publish # We do not use the push feature of devcontainers/ci here, since that would push the wrong container. # Instead, we use the publish script which pushes the correct container (residing in src/s-core-devcontainer). if [ "${{ github.ref }}" = "refs/heads/main" ]; then diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index d815e04..a3970ab 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -33,18 +33,19 @@ jobs: # We want to only use it for building and testing the actual container, which resides in src/s-core-devcontainer. push: "never" runCmd: | - set -euxo pipefail # make sure bash fails fast on errors - # Check pre-commit run --show-diff-on-failure --color=always --all-files || exit -1 # Create builder for multi-arch builds ./scripts/create_builder.sh - # Build & Test (amd64-only for tests to be fast) + # Build + ./scripts/build.sh + + # Test ./scripts/test.sh - # Publish (multi-arch: amd64, arm64) + # Publish # We do not use the push feature of devcontainers/ci here, since that would push the wrong container. # Instead, we use the publish script which pushes the correct container (residing in src/s-core-devcontainer).