PR #277382 didn't fix just an issue with .mjs files for the `forms` app,
but an underlying, more problematic issue: for `/nix-apps` &
`/store-apps`, the fcgi config for PHP and the block for assets were
never reached.
That meant that e.g. `/nix-apps/notes/lib/AppInfo/Application.php`
returned the PHP source code as text/plain. Considering that there was
never a fundamental change to how this config's structure, I'm pretty
sure that the issue was pretty much there since the module exists.
After consulting the NixOS security team we agreed that this is most
likely harmless because you'd have to use private apps with secrets in
the raw PHP code of said app. However, this is still problematic because
one important assumption - that PHP code is never sent to the browser -
is broken which is why we decided on not mentioning this impact in the
previous PR from December 2023.
To make sure that we don't regress our nginx config, I decided to add
the reproducer which fails on 8bbbb228b4
as testcase to our integration tests.
Gitlab stays running at redis and postgresql restarts as if these
components were on a different host anyways. Handling reconnetctions is
part of the application logic.
Co-authored-by: Kim Lindberger <kim.lindberger@gmail.com>
for formatting fixes and test failure debugging.
Previously upstream was packaging this separately due to the inclusion
of lxd in the go dependencies. This has been dropped and the package
has been merged into the main go.mod file.
It can can take a few seconds for the generator to initialize in slow
environments. Switch to using systemctl is-system-running which should
reflect the system is fully booted.
The test fails when the `Target`'s parent directories don't exist. For
the purpose of this test though, we can just download it to the root
directory for simplicity.
In #283893 we realized that not only 6.7, but also testing is affected.
And with more stable kernels following, we'll probably want to test
against all of them whether Rust support is working fine. As long as
it's not the default at least, then we should probably move this to
`kernel-generic`.
Every kernel that's new enough to support `rust-out-of-tree-module` (and
`linux_testing`) is part of this text matrix.
- out-of-tree kernel driver added with version 9.2.7
- package splitted into utils.nix and driver.nix
- small deprecation fix for the package test
- Release Notes for 24.05 updated
Signed-off-by: birkb <birk@batchworks.de>
