Do not treat generic testbench files as service-family relevance signals. A normal bugfix often adds or wires a regression test, and those test file changes were causing local and CI service relevance gates to enable every external component even when the code change already identifies the relevant area.
Keep explicit service test patterns and code/plugin/runtime matches as service signals. Higher-level validation still decides how much core testbench coverage is needed for generic testbench plumbing changes.
Why: custom omclickhouse INSERT templates are easy to misconfigure when stdSQL is treated like an action parameter instead of a template option.
Impact: adds a config-validation regression test and clarifies the rendered omclickhouse template documentation.
Before/After: before, the docs did not show where custom INSERT templates enable SQL escaping; after, they show option.stdsql on the template and test that config path.
Technical Overview:
- Document that custom omclickhouse INSERT templates use the template-level option.stdsql setting.
- Clarify that stdSQL is not an omclickhouse action parameter.
- Add a config-validation-only test for a custom ClickHouse INSERT template.
- Register the test in the ClickHouse test family without requiring a live ClickHouse service.
Fixes: https://github.com/rsyslog/rsyslog/issues/6297
With the help of AI-Agents: Codex
When shutdown interrupts a transactional action's retry loop, the queued batch could remain marked committed even though actionCommit returned RS_RET_FORCE_TERM. Disk queues then deleted the dequeued record instead of persisting it for restart.
Reset transactional action-queue batch elements to ready on RS_RET_FORCE_TERM so queue cleanup re-enqueues and persists them. Add an omprog disk queue regression that negative-acks a message, restarts rsyslog, and verifies the message is retried successfully.
Re-enable low-risk inactive tests that still add CI coverage, and remove obsolete inactive tests plus dead cert-chain fixtures.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Ensure wtpShutdownAll() joins a worker that transitions to WAIT_JOIN as the active worker count reaches zero. This prevents debug builds from aborting during disk-assisted queue save-on-shutdown cleanup.
Add omhttp-based regression coverage for issue #4803.
closes https://github.com/rsyslog/rsyslog/issues/4803
Why: issue 2965 shows that disk-assisted queues and
saveOnShutdown could be read as crash-loss guarantees,
especially for OOM or power-loss cases.
Impact: Documentation now distinguishes graceful shutdown
persistence from crash durability for disk-assisted queues.
Before/After: Queue docs implied broad reliability; they now
call out when pure disk queues and sync settings are needed.
Technical Overview:
Clarify that disk queue durability depends on checkpoint and fsync
tuning.
Document that saveOnShutdown only runs during orderly shutdown.
Explain that disk-assisted queues can still hold messages in memory.
Point reliability-focused forwarding users at pure disk queues plus
durability-oriented settings when crash resistance is required.
refs https://github.com/rsyslog/rsyslog/issues/2965
With the help of AI-Agents: codex
Why:
Agents often skip the mutating format step because it is not part of the
regular deterministic local validation path. That lets formatting issues
escape to review even when the local check helper is otherwise used.
Impact:
Changed C and header files are now checked by the local validation helper
without rewriting files. Missing clang-format remains a warning, not a local
workflow blocker.
Before/After:
Before, the local helper called the mutating formatter. After, it runs a
clang-format dry-run check and keeps explicit formatting as a separate action.
Technical Overview:
Add --check and --check-if-available modes to devtools/format-code.sh.
Use clang-format's dry-run and Werror mode for read-only validation.
Extend the changed C/H file helper to include committed branch changes,
staged and unstaged edits, and untracked C/H files.
Pass the validation planner base ref into the format helper so both scripts
classify the same delta.
Document the workflow in AGENTS.md and the local validation/commit skills.
Validation:
- shellcheck devtools/format-code.sh devtools/list-git-changed-c-h-files.sh devtools/local-validation-plan.sh
- checkbashisms -p devtools/local-validation-plan.sh
- bash -n devtools/format-code.sh devtools/list-git-changed-c-h-files.sh
- sh -n devtools/local-validation-plan.sh
- devtools/local-validation-plan.sh --run
- devtools/format-code.sh --git-changed --check --check-if-available
- untracked C probe with devtools/list-git-changed-c-h-files.sh
- untracked C probe with devtools/format-code.sh --git-changed --check --check-if-available
- cubic review --print-logs --base origin/main
With the help of AI-Agents: OpenAI Codex
Why:
The Fedora 44 container build helper kept a redundant post-run status
check even though the script already exits on command failure.
Impact:
No behavior change; the helper still prints the push command only after a
successful container smoke test.
Before/After:
Before, the script carried a shellcheck suppression for an unreachable
failure branch. After, normal set -e flow controls the success path.
Technical Overview:
Remove the explicit `$?` check after the `docker run` smoke test.
Keep the READY TO PUSH output directly after the smoke test command.
This matches the existing `set -e` contract and avoids unnecessary local
lint suppression in the new Fedora 44 helper.
Validation:
- shellcheck packaging/docker/dev_env/fedora/base/44/build.sh
With the help of AI-Agents: OpenAI Codex
Why: Fedora 44 is now the useful fast feedback target for pull
requests, while Fedora 43 remains the supported compatibility check for
daily coverage.
Impact: PR CI now uses Fedora 44 and daily distro CI uses Fedora 43.
The obsolete Fedora 42 dev-container definition is removed.
Before/After: PR CI used Fedora 43 and daily CI used Fedora 42; now PR
CI uses Fedora 44 and daily CI keeps Fedora 43 coverage.
Technical Overview:
- Add a Fedora 44 dev-container definition.
- Adjust the Fedora 44 image for Java 25 package names.
- Pass the CMake compatibility policy needed by libfaup under Fedora 44.
- Point the regular run_checks Fedora lane at the Fedora 44 image.
- Move the daily distro Fedora lane from Fedora 42 to Fedora 43.
- Remove the Fedora 42 dev-container definition from git.
Validation:
- Built rsyslog/rsyslog_dev_base_fedora:44 locally.
- Ran the container build script smoke test successfully.
- Ran a full Fedora 44 all-module build with make -j80 successfully.
- actionlint .github/workflows/run_checks.yml .github/workflows/run_distro_daily.yml
- shellcheck packaging/docker/dev_env/fedora/base/44/build.sh packaging/docker/dev_env/fedora/base/44/tag-previous.sh
With the help of AI-Agents: Codex
Why: preserve trailing raw-message bytes when the helper grows an already heap-backed rawmsg buffer.
Impact: fixes corruption/data-loss risk in the helper's realloc path and extends the regression to cover that case.
Before/After: a longer replacement over a heap-backed rawmsg could overwrite the suffix; now the suffix is shifted before the new message bytes are copied.
Technical Overview:
- memmove the suffix after successful realloc in msgReplaceRawMsgSegment()
- extend the helper unit test to cover both stack-to-heap growth and heap-backed realloc growth
- keep the existing JSON path regression unchanged
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Why: keep the branch aligned with the repository's mandatory C formatting step.
Impact: no behavior change; normalizes formatting so style-check passes.
Before/After: helper and unit test used non-canonical indentation; now they match repo style.
Technical Overview:
- run the repository formatter on the changed C header and unit test
- accept the resulting indentation and line wrapping updates
- leave runtime logic and test coverage unchanged
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Why:
The Solaris Buildbot exposed that this regression test could inject the
recovery message before the helper had actually produced the oversized
first response and entered the restart path. The short downstream output
wait then measured scheduler timing rather than the mmexternal invariant.
Impact:
The test keeps the same product behavior oracle but removes a slow-runner
race from the setup sequence.
Before/After:
Before, the test used a fixed five-second output wait; after, it waits for
helper side-file milestones and then checks the downstream output.
Technical Overview:
The helper already records side-file milestones for the oversized reply,
helper starts, and recovery message handling. The test now injects the
second message only after the oversized first reply has been observed, then
waits for the recovery milestone before checking the downstream file. This
preserves the original assertions: the helper emits an oversized reply,
rsyslog restarts it, both messages continue to omfile, and exactly one
recovery happens in a later helper instance.
Evidence:
Buildbot failure analyzed at:
https://build.rsyslog.com/#/builders/77/builds/7132
With the help of AI-Agents: Codex
Why:
CI requested --enable-compile-warnings=error, but some lanes used a singular configure spelling that was never accepted by configure, and some bootstrap or package-build paths lacked the Autoconf Archive macros needed by AX_COMPILER_FLAGS. The singular typo was masked because git-tree builds already default to warning level error. Dev-container definitions also had no PR gate that validates changed container build inputs.
Impact:
Fixes CI warning-policy plumbing, package-build macro dependencies, warnings exposed by that policy across Linux and macOS builds, and a branch-protection-friendly dev-container definition build gate.
Before/After:
Before, missing macros or stale configure flags could make -Werror ineffective or leave literal AX_* macro calls in regenerated configure scripts, and container definition changes were not validated by PR CI. After, required macros are installed or declared in bootstrap and package environments, stale internal configure flags are corrected to the supported spelling, changed dev-container Dockerfiles are built by the check workflow, and runtime sources compile cleanly under the restored warning-as-error policy.
Technical Overview:
Require AX_IS_RELEASE and AX_COMPILER_FLAGS when building with a GCC-like compiler instead of silently falling back to weaker warning flags. Add an m4_pattern_forbid guard so missing AX_* macro expansion is reported during bootstrap instead of later as a confusing configure shell syntax error.
Keep the Autoconf Archive option surface unchanged: the supported option is --enable-compile-warnings. The singular --enable-compile-warning spelling was introduced in an internal dev-container definition in 2019, is reported as unrecognized on older release labels such as v8.2504.0, and is corrected here rather than promoted into a new rsyslog alias.
Install or declare autoconf-archive in direct GitHub-hosted bootstrap paths, Debian/RPM package build metadata that reruns autoreconf, and the cross-arch helper image. Update stale internal dev-container configure defaults to use --enable-compile-warnings=error.
Add a dev container definition CI job to run_checks.yml. It uses changed-files to detect devtools/ci and packaging/docker/dev_env container-definition changes, builds only the affected Dockerfiles, handles shared dev_env/common context users, and exits successfully with a skip message when no concrete container build is relevant.
Mark recovered-queue-size and non-Linux network namespace helpers as intentionally unused where their feature-specific code paths are not compiled. Keep inotify and epoll bookkeeping scoped to the feature guards that consume it, avoid deprecated raw syscall use for macOS thread-id debug output, and make the JSON escape cleanup path explicit for 32-bit compiler analysis.
With the help of AI-Agents: OpenAI Codex
