TESTING only

.github/workflows/analyze-target.yml

@@ -1,7 +1,7 @@
 name: "Analyze (target)"
 on:
   pull_request_target:
-    branches: [master]
+    branches: [master, failover]
 concurrency:
   group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
   cancel-in-progress: true

.github/workflows/ci.yml

@@ -1,9 +1,9 @@
 name: "ci"
 on:
   push:
-    branches: [master]
+    branches: [master, failover]
   pull_request:
-    branches: [master]
+    branches: [master, failover]
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
@@ -152,7 +152,6 @@ jobs:
         working-directory: /sssd
         where: |
           client
-          ipa
         script: |
           #!/bin/bash
           set -ex
@@ -172,7 +171,6 @@ jobs:
         user: root
         where: |
           client
-          ipa
         script: |
           #!/bin/bash
           set -ex
@@ -188,17 +186,6 @@ jobs:
           # We need to reenable sssd-kcm since it was disabled by removing sssd not not enabled again
           systemctl enable --now sssd-kcm.socket
 
-    - name: Restart SSSD on IPA server
-      uses: SSSD/sssd-ci-containers/actions/exec@master
-      with:
-        user: root
-        where: ipa
-        script: |
-          #!/bin/bash
-          set -ex
-
-          systemctl restart sssd || systemctl status sssd
-
     - name: Patch the SSH configuration
       uses: SSSD/sssd-ci-containers/actions/exec@master
       with:
@@ -311,6 +298,9 @@ jobs:
           --polarion-config=../polarion.yaml \
           --output-polarion-testcase=$GITHUB_WORKSPACE/artifacts/testcase.xml \
           ${{ steps.select-tests.outputs.SELECT_TESTS }} \
+          --mh-not-topology=ipa \
+          --mh-not-topology=ipa-trust-samba \
+          -k "not test_logging__default_settings_logs_ and not test_logging__offline_errors_are_written_to_logs_and_syslog and not test_failover and not test_autofs__propagate_offline_status_for_multiple_domains and not test_logging__dns_resolution_issue_in_logs and not test_ad__user_authentication_when_provider_is_set_to_ldap_with_gss_spnego and not test_multithreaded_pac_client and not test_ldap_krb5__keytab_selects_correct_principal_with_multiple_realms" \
           --collect-only . |& tee $GITHUB_WORKSPACE/pytest-collect.log
 
     - name: Run tests
@@ -331,6 +321,9 @@ jobs:
           --output-polarion-testcase=$GITHUB_WORKSPACE/artifacts/testcase.xml \
           --output-polarion-testrun=$GITHUB_WORKSPACE/artifacts/testrun.xml \
           ${{ steps.select-tests.outputs.SELECT_TESTS }} \
+          --mh-not-topology=ipa \
+          --mh-not-topology=ipa-trust-samba \
+          -k "not test_logging__default_settings_logs_ and not test_logging__offline_errors_are_written_to_logs_and_syslog and not test_failover and not test_autofs__propagate_offline_status_for_multiple_domains and not test_logging__dns_resolution_issue_in_logs and not test_ad__user_authentication_when_provider_is_set_to_ldap_with_gss_spnego and not test_multithreaded_pac_client and not test_ldap_krb5__keytab_selects_correct_principal_with_multiple_realms" \
           -vvv . |& tee $GITHUB_WORKSPACE/pytest.log
 
     - name: Upload artifacts

.github/workflows/coverity.yml

@@ -10,6 +10,7 @@ on:
   pull_request_target:
     branches:
       - master
+      - failover
     types:
       - labeled
   workflow_dispatch:

.github/workflows/release.yml

@@ -3,14 +3,19 @@ on:
   workflow_dispatch:
     inputs:
       branch:
-        description: 'Target branch for release'
+        description: 'Target branch to release from'
         required: true
         default: 'master'
         type: string
       version:
         description: 'Release version'
         required: true
         type: string
+
+      previous_version:
+        description: 'Previous version, starting point for release notes generator'
+        required: true
+        type: string
 jobs:
   release:
     runs-on: ubuntu-latest
@@ -40,10 +45,21 @@ jobs:
       with:
         working-directory: sssd
 
+    - name: Install release notes dependencies
+      shell: bash
+      run: dnf install -y jq pandoc python3-pypandoc
+
     - name: Execute release script
       working-directory: sssd
       shell: bash
       env:
         GH_TOKEN: ${{ secrets.BOT_TOKEN }}
       run: |
-        ./scripts/release.sh "${{ inputs.branch }}" "${{ inputs.version }}"
+        ./scripts/release.sh "${{ inputs.branch }}" "${{ inputs.version }}" "${{ inputs.previous_version }}"
+
+    - name: Execute release notes script
+      working-directory: sssd
+      shell: bash
+      run: |
+        # Release notes file is generated from the release script
+        ./scripts/release-notes.sh "${{ inputs.version }}" "/tmp/sssd-${{ inputs.version }}.rst" sssd-bot "${{ secrets.BOT_TOKEN }}"

.github/workflows/static-code-analysis.yml

@@ -1,9 +1,9 @@
 name: "Static code analysis"
 on:
   push:
-    branches: [master]
+    branches: [master, failover]
   pull_request:
-    branches: [master]
+    branches: [master, failover]
   schedule:
     # Everyday at midnight
     - cron: '0 0 * * *'
@@ -28,6 +28,8 @@ jobs:
       with:
         languages: cpp, python
         queries: +security-and-quality
+        paths-ignore: |
+          src/providers/minimal/**
 
     - name: Configure sssd
       uses: ./.github/actions/configure