SPEC: build minimal / container oriented SSSD

.github/workflows/ci.yml

@@ -136,194 +136,14 @@ jobs:
         path: |
           ./sssd/ci-build-debug/*.valgrind.log
 
-  system:
-    needs: [prepare, build]
-    strategy:
-      fail-fast: false
-      matrix:
-        tag: ${{ fromJson(needs.prepare.outputs.matrix).multihost }}
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    steps:
-    - uses: actions/setup-python@v5
-      with:
-        python-version: 3.11
-
-    - name: Checkout sssd repository
-      uses: actions/checkout@v4
-      with:
-        path: sssd
-
-    - name: Setup containers
-      uses: SSSD/sssd-ci-containers/actions/setup@master
-      with:
-        path: sssd-ci-containers
-        tag: ${{ matrix.tag }}
-        override: |
-          services:
-            client:
-              image: ${REGISTRY}/ci-client-devel:${TAG}
-              shm_size: 4G
-              tmpfs:
-              - /dev/shm
-              volumes:
-              - ../sssd:/sssd:rw
-            ipa:
-              image: ${REGISTRY}/ci-ipa-devel:${TAG}
-              shm_size: 4G
-              tmpfs:
-              - /dev/shm
-              volumes:
-              - ../sssd:/sssd:rw
-
-    - name: Build SSSD on the client and IPA
-      uses: SSSD/sssd-ci-containers/actions/exec@master
-      with:
-        log-file: build.log
-        working-directory: /sssd
-        where: |
-          client
-          ipa
-        script: |
-          #!/bin/bash
-          set -ex
-
-          ./contrib/ci/run --deps-only
-          autoreconf -if
-
-          mkdir -p /dev/shm/sssd
-          pushd /dev/shm/sssd
-          /sssd/configure --enable-silent-rules
-          make rpms
-
-    - name: Install SSSD on the client and IPA
-      uses: SSSD/sssd-ci-containers/actions/exec@master
-      with:
-        log-file: install.log
-        user: root
-        where: |
-          client
-          ipa
-        script: |
-          #!/bin/bash
-          set -ex
-
-          dnf install -y /dev/shm/sssd/rpmbuild/RPMS/*/*.rpm
-          rm -fr /dev/shm/sssd
-
-          # We need to reenable sssd-kcm since it was disabled by removing sssd not not enabled again
-          systemctl enable --now sssd-kcm.socket
-
-    - name: Restart SSSD on IPA server
-      uses: SSSD/sssd-ci-containers/actions/exec@master
-      with:
-        user: root
-        where: ipa
-        script: |
-          #!/bin/bash
-          set -ex
-
-          systemctl restart sssd || systemctl status sssd
-
-    - name: Patch the SSH configuration
-      uses: SSSD/sssd-ci-containers/actions/exec@master
-      with:
-        user: root
-        script: |
-          #!/bin/bash
-          test -x /usr/bin/sss_ssh_knownhosts && \
-              sed -e 's/GlobalKnownHostsFile/#GlobalKnownHostsFile/' \
-                  -e 's/ProxyCommand \/usr\/bin\/sss_ssh_knownhostsproxy -p %p %h/KnownHostsCommand \/usr\/bin\/sss_ssh_knownhosts %H/' \
-                  -i /etc/ssh/ssh_config.d/04-ipa.conf
-
-    - name: Install system tests dependencies
-      shell: bash
-      working-directory: ./sssd/src/tests/system
-      run: |
-        set -ex
-
-        sudo apt-get update
-
-        # Install dependencies for python-ldap
-        sudo apt-get install -y libsasl2-dev python3-dev libldap2-dev libssl-dev
-
-        # Virtualenv
-        pip3 install virtualenv
-        python3 -m venv .venv
-        source .venv/bin/activate
-
-        # Install system tests requirements
-        pip3 install -r ./requirements.txt
-
-        # Install yq to parse yaml files
-        sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
-        sudo chmod a+x /usr/local/bin/yq
-
-    - name: Remove ad from mhc.yaml
-      shell: bash
-      working-directory: ./sssd/src/tests/system
-      run: |
-        yq -i 'del(.domains[0].hosts.[] | select(.role == "ad"))' mhc.yaml
-
-    - name: Check polarion metadata
-      shell: bash
-      working-directory: ./sssd/src/tests/system
-      run: |
-        # Run pytest in collect only mode to quickly catch issues in Polarion metadata.
-        set -ex -o pipefail
-
-        mkdir -p $GITHUB_WORKSPACE/artifacts
-        source .venv/bin/activate
-        pytest \
-          --color=yes \
-          --mh-config=./mhc.yaml \
-          --mh-artifacts-dir=$GITHUB_WORKSPACE/artifacts \
-          --polarion-config=../polarion.yaml \
-          --output-polarion-testcase=$GITHUB_WORKSPACE/artifacts/testcase.xml \
-          --collect-only . |& tee $GITHUB_WORKSPACE/pytest-collect.log
-
-    - name: Run tests
-      shell: bash
-      working-directory: ./sssd/src/tests/system
-      run: |
-        set -ex -o pipefail
-
-        mkdir -p $GITHUB_WORKSPACE/artifacts
-        source .venv/bin/activate
-        pytest \
-          --color=yes \
-          --show-capture=no \
-          --mh-config=./mhc.yaml \
-          --mh-artifacts-dir=$GITHUB_WORKSPACE/artifacts \
-          --polarion-config=../polarion.yaml \
-          --output-polarion-testcase=$GITHUB_WORKSPACE/artifacts/testcase.xml \
-          --output-polarion-testrun=$GITHUB_WORKSPACE/artifacts/testrun.xml \
-          -vvv . |& tee $GITHUB_WORKSPACE/pytest.log
-
-    - name: Upload artifacts
-      if: always()
-      uses: actions/upload-artifact@v4
-      with:
-        if-no-files-found: ignore
-        name: ${{ matrix.tag }}-system
-        path: |
-          sssd/ci-install-deps.log
-          artifacts
-          build.log
-          install.log
-          pytest.log
-          pytest-collect.log
-
   result:
     name: All tests are successful
     if: ${{ always() }}
     runs-on: ubuntu-latest
-    needs: [build, intgcheck, system]
+    needs: [build, intgcheck]
     steps:
       - name: Fail on failure
         if: |
           needs.build.result != 'success'
           || needs.intgcheck.result != 'success'
-          || needs.system.result != 'success'
         run: exit 1

Makefile.am

@@ -8,6 +8,10 @@ if WITH_JOURNALD
     extra_distcheck_flags += --with-syslog=journald
 endif
 
+if WITH_STDERR_SYSLOG
+    extra_distcheck_flags += --with-syslog=stderr
+endif
+
 DISTCHECK_CONFIGURE_FLAGS = --with-ldb-lib-dir="$$dc_install_base"/lib/ldb \
                             $(extra_distcheck_flags) \
                             $(AUX_DISTCHECK_CONFIGURE_FLAGS)
@@ -5268,15 +5272,6 @@ if BUILD_KCM
         src/sysv/systemd/sssd-kcm.service \
         $(NULL)
 endif
-else
-if HAVE_GENTOO
-    init_SCRIPTS += \
-        src/sysv/gentoo/sssd \
-        src/sysv/gentoo/sssd-kcm
-else
-    init_SCRIPTS += \
-        src/sysv/sssd
-endif
 endif
 
 

contrib/ci/configure.sh

@@ -28,7 +28,7 @@ declare -a CONFIGURE_ARG_LIST=(
     "--disable-static"
     "--enable-ldb-version-check"
     "--with-initscript=sysv"
-    "--with-syslog=syslog"
+    "--with-syslog=stderr"
     "--enable-systemtap"
 )
 

contrib/fedora/bashrc_sssd

@@ -47,7 +47,7 @@ fedconfig()
         --enable-systemtap \
         --with-krb5-rcache-dir=/var/cache/krb5rcache \
         --with-initscript=systemd \
-        --with-syslog=journald \
+        --with-syslog=stderr \
         --with-test-dir=/dev/shm \
         --cache-file=/tmp/fedconfig.cache \
         --with-passkey \