Merge branch 'main-software-layer-scripts' of /tmp/software-layer

Author: boegel

.github/workflows/modules/fake_module.lua

@@ -0,0 +1,3 @@
+setenv("INSIDE_GITHUB_ACTIONS", "true")
+-- Interfere with PATH so Lmod keeps a record
+prepend_path("PATH", "/snap/bin")

.github/workflows/scorecards.yml

@@ -0,0 +1,71 @@
+# This workflow uses actions that are not certified by GitHub. They are provided
+# by a third-party and are governed by separate terms of service, privacy
+# policy, and support documentation.
+
+name: Scorecards supply-chain security
+on:
+  # To guarantee Maintained check is occasionally updated. See
+  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
+  schedule:
+    - cron: '25 15 * * 3'
+  push:
+    branches:
+      - '*-software.eessi.io'
+
+# Declare default permissions as read only.
+permissions: read-all
+
+jobs:
+  analysis:
+    if: github.repository_owner == 'EESSI'   # Prevent running on forks
+    name: Scorecards analysis
+    runs-on: ubuntu-24.04
+    permissions:
+      # Needed to upload the results to code-scanning dashboard.
+      security-events: write
+      # Needed to publish results and get a badge (see publish_results below).
+      id-token: write
+      # Uncomment the permissions below if installing in a private repository.
+      # contents: read
+      # actions: read
+
+    steps:
+      - name: "Checkout code"
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+        with:
+          persist-credentials: false
+
+      - name: "Run analysis"
+        uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
+        with:
+          results_file: results.sarif
+          results_format: sarif
+          # (Optional) "write" PAT token. Uncomment the `repo_token` line below if:
+          # - you want to enable the Branch-Protection check on a *public* repository, or
+          # - you are installing Scorecards on a *private* repository
+          # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat.
+          # repo_token: ${{ secrets.SCORECARD_TOKEN }}
+
+          # Public repositories:
+          #   - Publish results to OpenSSF REST API for easy access by consumers
+          #   - Allows the repository to include the Scorecard badge.
+          #   - See https://github.com/ossf/scorecard-action#publishing-results.
+          # For private repositories:
+          #   - `publish_results` will always be set to `false`, regardless
+          #     of the value entered here.
+          publish_results: true
+
+      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
+      # format to the repository Actions tab.
+      - name: "Upload artifact"
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
+        with:
+          name: SARIF file
+          path: results.sarif
+          retention-days: 5
+
+      # Upload the results to GitHub's code scanning dashboard.
+      - name: "Upload to code-scanning"
+        uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6
+        with:
+          sarif_file: results.sarif

.github/workflows/scripts/compare_stacks.py

@@ -0,0 +1,131 @@
+import argparse
+import os
+import re
+import glob
+import json
+
+
+def parse_module_file(module_file_path):
+    """
+    Extracts module name, version, and extensions from a module file.
+    """
+    module_name = os.path.basename(os.path.dirname(module_file_path))
+    version = os.path.basename(module_file_path)
+
+    try:
+        with open(module_file_path, "r") as file:
+            content = file.read()
+
+        # Extract extensions from content using regex
+        match = re.search(r'extensions\("(.+)"\)', content)
+        extensions = []
+
+        if match:
+            # Split the list of packages by commas
+            packages = match.group(1)
+            for pkg in packages.split(","):
+                parts = pkg.split("/")
+
+                # Check if the package is in the name/version format
+                if len(parts) == 2:
+                    extensions.append((parts[0], parts[1]))
+                elif len(parts) == 1:
+                    extensions.append((parts[0], "none"))
+                else:
+                    print(f"Warning: Skipping invalid package format: {pkg}")
+
+        return {(module_name, version): tuple(extensions)}
+
+    except Exception as e:
+        print(f"Error parsing module file {module_file_path}: {e}")
+        return {(module_name, version): ()}
+
+
+def get_available_modules(base_dir):
+    """
+    Get the list of modules from all subdirectories inside the specified base directory.
+    """
+    try:
+        modules = {}
+        # Only look for .lua files
+        for module_path in glob.glob(os.path.join(base_dir, "*/*.lua")):
+            modules.update(parse_module_file(module_path))
+        return modules
+
+    except Exception as e:
+        print(f"Error retrieving modules from {base_dir}: {e}")
+        return {}
+
+
+def compare_stacks(dir1, dir2):
+    """
+    Compare two sets of Lmod module files, including versions and extensions.
+    """
+    modules1 = get_available_modules(dir1)
+    modules2 = get_available_modules(dir2)
+
+    # Find differences between the two dictionaries
+    modules_removed = set(modules1.keys()) - set(modules2.keys())
+    modules_added = set(modules2.keys()) - set(modules1.keys())
+    matching_keys = set(modules1.keys()) & set(modules2.keys())
+
+    diff_results = {
+        "module_differences": {
+            "missing": list("/".join(module) for module in modules_removed),
+            "added": list("/".join(module) for module in modules_added),
+        },
+        "extension_differences": [],
+    }
+
+    # Compare extensions for matching keys
+    for key in matching_keys:
+        if modules1[key] != modules2[key]:
+            diff_results["extension_differences"].append(
+                {
+                    "/".join(key): {
+                        "missing": list(
+                            "/".join(key)
+                            for key in list(set(modules1[key]) - set(modules2[key]))
+                        ),
+                        "added": list(
+                            "/".join(key)
+                            for key in list(set(modules2[key]) - set(modules1[key]))
+                        ),
+                    }
+                }
+            )
+
+    return diff_results
+
+
+def main():
+    # Set up argument parser
+    parser = argparse.ArgumentParser(description="Compare two Lmod module directories")
+    parser.add_argument("path1", type=str, help="The first directory path")
+    parser.add_argument("path2", type=str, help="The second directory path")
+
+    # Parse the arguments
+    args = parser.parse_args()
+
+    # Validate the paths
+    for path in [args.path1, args.path2]:
+        if not os.path.exists(path):
+            print(f"Warning: Path does not exist: {path}")
+
+    # Compare the stacks
+    diff_results = compare_stacks(args.path1, args.path2)
+
+    # Print the differences
+    if any(
+        [
+            diff_results["module_differences"]["missing"],
+            diff_results["module_differences"]["added"],
+            diff_results["extension_differences"],
+        ]
+    ):
+        print(json.dumps(diff_results, indent=2))
+        exit(1)
+
+
+if __name__ == "__main__":
+    main()

.github/workflows/scripts/compare_to_generic.sh

@@ -0,0 +1,26 @@
+#!/usr/bin/env bash
+script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+# Take the arguments
+base_dir=$1
+target_arch=$2
+modules_subdir="modules/all"
+# Decide if we want x86_64 or aarch64
+arch=$(echo $target_arch | cut -d"/" -f1)
+# Get the generic directory
+source_of_truth="$arch/generic"
+case $arch in
+    "x86_64")
+        echo "Using $source_of_truth as source of truth"
+        ;;
+    "aarch64")
+        echo "Using $source_of_truth as source of truth"
+        ;;
+    *)
+        echo "I don't understand the base architecture: $arch"
+        exit 1
+        ;;
+esac
+source_of_truth_modules="$base_dir/$source_of_truth/$modules_subdir"
+arch_modules="$base_dir/$target_arch/$modules_subdir"
+echo "Comparing $arch_modules to $source_of_truth_modules"
+python3 $script_dir/compare_stacks.py $source_of_truth_modules $arch_modules

.github/workflows/scripts/only_latest_easystacks.sh

@@ -0,0 +1,58 @@
+#!/bin/bash
+#
+# This script figures out the latest version of EasyBuild being used for the installation of easystack
+# files.
+#
+# This file is part of the EESSI software layer, see
+# https://github.com/EESSI/software-layer.git
+#
+# author: Alan O'Cais (CECAM)
+#
+# license: GPLv2
+#
+
+EESSI_VERSION=${EESSI_VERSION:-"2023.06"}
+
+directory="easystacks/software.eessi.io/${EESSI_VERSION}"
+# List of example filenames
+files=($(find "$directory" -name "*.yml" | grep -e '-eb-'))
+[ -n "$DEBUG" ] && echo "${files[@]}"
+
+versions=()
+# Loop over each filename
+for filename in "${files[@]}"; do
+    # Extract the semantic version using grep
+    version=$(echo "$filename" | grep -oP '(?<=eb-)\d+\.\d+\.\d+?(?=-)')
+    
+    # Output the result
+    [ -n "$DEBUG" ] && echo "Filename: $filename"
+    [ -n "$DEBUG" ] && echo "Extracted version: $version"
+    [ -n "$DEBUG" ] && echo
+    versions+=("$version")
+done
+highest_version=$(printf "%s\n" "${versions[@]}" | sort -V | tail -n 1)
+
+[ -n "$DEBUG" ] && echo "Highest version: $highest_version"
+[ -n "$DEBUG" ] && echo
+[ -n "$DEBUG" ] && echo "Matching files:"
+all_latest_easystacks=($(find $directory -type f -name "*eb-$highest_version*.yml"))
+
+accel_latest_easystacks=()
+cpu_latest_easystacks=()
+
+# Loop through the array and split based on partial matching of string
+accel="/accel/"
+for item in "${all_latest_easystacks[@]}"; do
+  if [[ "$item" == *"$accel"* ]]; then
+    accel_latest_easystacks+=("$item")
+  else
+    cpu_latest_easystacks+=("$item")
+  fi
+done
+
+# Output the results
+if [ -n "$ACCEL_EASYSTACKS" ]; then
+    echo "${accel_latest_easystacks[@]}"
+else
+    echo "${cpu_latest_easystacks[@]}"
+fi

.github/workflows/scripts/test_init_scripts.sh

@@ -0,0 +1,50 @@
+#!/bin/bash
+EESSI_VERSION="2023.06"
+export LMOD_PAGER=cat
+
+# initialize assert framework
+if [ ! -d assert.sh ]; then
+	echo "assert.sh not cloned."
+	echo ""
+	echo "run \`git clone https://github.com/lehmannro/assert.sh.git\`"
+	exit 1
+fi
+. assert.sh/assert.sh
+
+TEST_SHELLS=("bash" "zsh" "fish" "ksh")
+SHELLS=$@
+
+for shell in ${SHELLS[@]}; do
+	echo = | awk 'NF += (OFS = $_) + 100'
+	echo  RUNNING TESTS FOR SHELL: $shell
+	echo = | awk 'NF += (OFS = $_) + 100'
+  if [[ ! " ${TEST_SHELLS[*]} " =~ [[:space:]]${shell}[[:space:]] ]]; then
+		### EXCEPTION FOR CSH ###
+		echo -e "\033[33mWe don't now how to test the shell '$shell', PRs are Welcome.\033[0m" 
+  else
+		# TEST 1: Source Script and check Module Output
+		assert "$shell -c 'source init/lmod/$shell' 2>&1 " "EESSI/$EESSI_VERSION loaded successfully"
+		# TEST 2: Check if module overviews first section is the loaded EESSI module
+		MODULE_SECTIONS=($($shell -c "source init/lmod/$shell 2>/dev/null; module ov 2>&1 | grep -e '---'"))
+		PATTERN="/cvmfs/software\.eessi\.io/versions/$EESSI_VERSION/software/linux/x86_64/(intel/haswell|amd/zen3)/modules/all"
+		assert_raises 'echo "${MODULE_SECTIONS[1]}" | grep -E "$PATTERN"'
+		# TEST 3: Check if module overviews second section is the EESSI init module
+		assert "echo ${MODULE_SECTIONS[4]}" "/cvmfs/software.eessi.io/versions/$EESSI_VERSION/init/modules"
+		# Test 4: Load Python module and check version
+		command="$shell -c 'source init/lmod/$shell 2>/dev/null; module load Python/3.10.8-GCCcore-12.2.0; python --version'"
+		expected="Python 3.10.8"
+		assert "$command" "$expected"
+		# Test 5: Load Python module and check path
+		PYTHON_PATH=$($shell -c "source init/lmod/$shell 2>/dev/null; module load Python/3.10.8-GCCcore-12.2.0; which python")
+		PATTERN="/cvmfs/software\.eessi\.io/versions/$EESSI_VERSION/software/linux/x86_64/(intel/haswell|amd/zen3)/software/Python/3\.10\.8-GCCcore-12\.2\.0/bin/python"
+		echo "$PYTHON_PATH" | grep -E "$PATTERN"
+		assert_raises 'echo "$PYTHON_PATH" | grep -E "$PATTERN"'
+		
+		#End Test Suite
+		assert_end "source_eessi_$shell"
+	fi
+done
+
+
+# RESET PAGER
+export LMOD_PAGER=