From 32a126d3c32e9d095d3f720e25f6166840d4a222 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Lesimple?= Date: Tue, 15 Dec 2020 16:01:21 +0000 Subject: [PATCH] chore: tests: remove OpenSUSE Leap 15.0 We're hitting this bug: https://bugzilla.opensuse.org/show_bug.cgi?id=1146027 Hence the tests randomly fail because of that. The workaround is not really clean (installing a custom-built package), so we're pulling OpenSUSE Leap 15.0 from our automated tests workflow. Note that it's still supported, the tests can be launched manually, and bugs under OpenSUSE Leap 15.0 will still be fixed. --- .github/workflows/tests.yml | 2 +- README.md | 8 +++++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 997a02c..1f0fe50 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -20,7 +20,7 @@ jobs: name: Full strategy: matrix: - platform: ['centos7@centos:7.7.1908', 'centos7@centos:7.8.2003', 'centos7@centos:7.9.2009', 'centos8@centos:8.1.1911', 'centos8@centos:8.2.2004', 'centos8@centos:8.3.2011', debian10, debian8, debian9, opensuse150, opensuse151, opensuse152, ubuntu1404, ubuntu1604, ubuntu1804, ubuntu2004] + platform: ['centos7@centos:7.7.1908', 'centos7@centos:7.8.2003', 'centos7@centos:7.9.2009', 'centos8@centos:8.1.1911', 'centos8@centos:8.2.2004', 'centos8@centos:8.3.2011', debian10, debian8, debian9, opensuse151, opensuse152, ubuntu1404, ubuntu1604, ubuntu1804, ubuntu2004] runs-on: ubuntu-latest if: contains(github.event.pull_request.labels.*.name, 'tests:full') steps: diff --git a/README.md b/README.md index 19744c5..ce53398 100644 --- a/README.md +++ b/README.md @@ -75,16 +75,18 @@ Linux distros below are tested with each release, but as this is a security prod - Debian 10 (Buster), 9 (Stretch), 8 (Jessie) - RHEL/CentOS 8.x (8.3.2011, 8.2.2004, 8.1.1911), 7.x (7.9.2009, 7.8.2003, 7.7.1908) - Ubuntu LTS 20.04, 18.04, 16.04, 14.04\* -- OpenSUSE Leap 15.2\*, 15.1\*, 15.0\* +- OpenSUSE Leap 15.2\*, 15.1\*, 15.0\*\* \*: Note that these versions have no out-of-the-box MFA support, as they lack packaged versions of `pamtester`, `pam-google-authenticator`, or both. Of course, you may compile those yourself. Any other so-called "modern" Linux version are not tested with each release, but should work with no or minor adjustments. +\*\*: OpenSUSE Leap 15.0 randomly hits a segfault when [updating system packages](https://bugzilla.opensuse.org/show_bug.cgi?id=1146027), we had to remove it from our automated tests workflow. + The following OS are also tested with each release: -- FreeBSD/HardenedBSD 12.1\*\* +- FreeBSD/HardenedBSD 12.1\*\*\* -\*\*: Note that these have partial MFA support, due to their reduced set of available `pam` plugins. Support for either an additional password or TOTP factor can be configured, but not both at the same time. The code is actually known to work on FreeBSD/HardenedBSD 10+, but it's only regularly tested under 12.1. +\*\*\*: Note that these have partial MFA support, due to their reduced set of available `pam` plugins. Support for either an additional password or TOTP factor can be configured, but not both at the same time. The code is actually known to work on FreeBSD/HardenedBSD 10+, but it's only regularly tested under 12.1. Other BSD variants partially work but are unsupported and discouraged as they have a severe limitation over the maximum number of supplementary groups (causing problems for group membership and restricted commands checks), no filesystem-level ACL support and missing MFA: