summaryrefslogtreecommitdiff
path: root/.cirrus.yml
diff options
context:
space:
mode:
Diffstat (limited to '.cirrus.yml')
-rw-r--r--.cirrus.yml123
1 files changed, 106 insertions, 17 deletions
diff --git a/.cirrus.yml b/.cirrus.yml
index c33ed9c0c..77e024a14 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -7,6 +7,10 @@ env:
####
# Name of the ultimate destination branch for this CI run, PR or post-merge.
DEST_BRANCH: "main"
+ # Netavark branch to use when TEST_ENVIRON=host-netavark
+ NETAVARK_BRANCH: "main"
+ # Aardvark branch to use
+ AARDVARK_BRANCH: "main"
# Overrides default location (/tmp/cirrus) for repo clone
GOPATH: &gopath "/var/tmp/go"
GOBIN: "${GOPATH}/bin"
@@ -20,6 +24,11 @@ env:
# Runner statistics log file path/name
STATS_LOGFILE_SFX: 'runner_stats.log'
STATS_LOGFILE: '$GOSRC/${CIRRUS_TASK_NAME}-${STATS_LOGFILE_SFX}'
+ # Netavark/aardvark location/options when TEST_ENVIRON=host-netavark
+ NETAVARK_URL: "https://api.cirrus-ci.com/v1/artifact/github/containers/netavark/success/binary.zip?branch=${NETAVARK_BRANCH}"
+ NETAVARK_DEBUG: 0 # set non-zero to use the debug-mode binary
+ AARDVARK_URL: "https://api.cirrus-ci.com/v1/artifact/github/containers/aardvark-dns/success/binary.zip?branch=${AARDVARK_BRANCH}"
+ AARDVARK_DEBUG: 0 # set non-zero to use the debug-mode binary
####
#### Cache-image names to test with (double-quotes around names are critical)
@@ -44,7 +53,7 @@ env:
#### N/B: Required ALL of these are set for every single task.
####
TEST_FLAVOR: # int, sys, ext_svc, validate, automation, etc.
- TEST_ENVIRON: host # 'host' or 'container'
+ TEST_ENVIRON: host # 'host', 'host-netavark', or 'container'
PODBIN_NAME: podman # 'podman' or 'remote'
PRIV_NAME: root # 'root' or 'rootless'
DISTRO_NV: # any {PRIOR_,}{FEDORA,UBUNTU}_NAME value
@@ -218,7 +227,8 @@ validate_task:
bindings_task:
name: "Test Bindings"
alias: bindings
- only_if: &not_docs $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*'
+ # Don't run for [CI:DOCS] or [CI:BUILD]
+ only_if: &not_build $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' && $CIRRUS_CHANGE_TITLE !=~ '.*CI:BUILD.*'
skip: *branches_and_tags
depends_on:
- build
@@ -298,7 +308,8 @@ consistency_task:
alt_build_task:
name: "$ALT_NAME"
alias: alt_build
- only_if: *not_docs
+ # Don't run for [CI:DOCS]; DO run for [CI:BUILD]
+ only_if: &not_docs $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*'
depends_on:
- build
env:
@@ -327,6 +338,7 @@ alt_build_task:
osx_alt_build_task:
name: "OSX Cross"
alias: osx_alt_build
+ only_if: *not_docs
depends_on:
- build
env:
@@ -352,7 +364,7 @@ docker-py_test_task:
name: Docker-py Compat.
alias: docker-py_test
skip: *tags
- only_if: *not_docs
+ only_if: *not_build
depends_on:
- build
gce_instance: *standardvm
@@ -373,7 +385,7 @@ unit_test_task:
name: "Unit tests on $DISTRO_NV"
alias: unit_test
skip: *tags
- only_if: *not_docs
+ only_if: *not_build
depends_on:
- validate
matrix:
@@ -398,7 +410,7 @@ unit_test_task:
apiv2_test_task:
name: "APIv2 test on $DISTRO_NV"
alias: apiv2_test
- only_if: *not_docs
+ only_if: *not_build
skip: *tags
depends_on:
- validate
@@ -419,7 +431,7 @@ apiv2_test_task:
compose_test_task:
name: "compose test on $DISTRO_NV ($PRIV_NAME)"
alias: compose_test
- only_if: *not_docs
+ only_if: *not_build
skip: *tags
depends_on:
- validate
@@ -446,7 +458,7 @@ local_integration_test_task: &local_integration_test_task
# <int.|sys.> <podman|remote> <Distro NV> <root|rootless>
name: &std_name_fmt "$TEST_FLAVOR $PODBIN_NAME $DISTRO_NV $PRIV_NAME $TEST_ENVIRON"
alias: local_integration_test
- only_if: *not_docs
+ only_if: *not_build
skip: *branches_and_tags
depends_on:
- unit_test
@@ -482,7 +494,7 @@ remote_integration_test_task:
container_integration_test_task:
name: *std_name_fmt
alias: container_integration_test
- only_if: *not_docs
+ only_if: *not_build
skip: *branches_and_tags
depends_on:
- unit_test
@@ -509,11 +521,56 @@ container_integration_test_task:
always: *int_logs_artifacts
+# Run the integration tests using the latest upstream build of netavark.
+netavark_integration_test_task:
+ name: "Netavark integration" # using *std_name_fmt here is unreadable
+ alias: netavark_integration_test
+ only_if: *not_build
+ skip: *branches_and_tags
+ depends_on:
+ - unit_test
+ gce_instance: *standardvm
+ env:
+ DISTRO_NV: ${FEDORA_NAME}
+ _BUILD_CACHE_HANDLE: ${FEDORA_NAME}-build-${CIRRUS_BUILD_ID}
+ VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME}
+ CTR_FQIN: ${FEDORA_CONTAINER_FQIN}
+ TEST_FLAVOR: int
+ TEST_ENVIRON: host-netavark
+ clone_script: *noop # Comes from cache
+ gopath_cache: *ro_gopath_cache
+ setup_script: *setup
+ main_script: *main
+ always: *int_logs_artifacts
+
+
+netavark_system_test_task:
+ name: "Netavark system"
+ alias: netavark_system_test
+ skip: *tags
+ only_if: *not_build
+ depends_on:
+ - netavark_integration_test
+ gce_instance: *standardvm
+ env:
+ DISTRO_NV: ${FEDORA_NAME}
+ _BUILD_CACHE_HANDLE: ${FEDORA_NAME}-build-${CIRRUS_BUILD_ID}
+ VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME}
+ CTR_FQIN: ${FEDORA_CONTAINER_FQIN}
+ TEST_ENVIRON: host-netavark
+ TEST_FLAVOR: sys
+ clone_script: *noop # Comes from cache
+ gopath_cache: *ro_gopath_cache
+ setup_script: *setup
+ main_script: *main
+ always: *logs_artifacts
+
+
# Execute most integration tests as a regular (non-root) user.
rootless_integration_test_task:
name: *std_name_fmt
alias: rootless_integration_test
- only_if: *not_docs
+ only_if: *not_build
skip: *branches_and_tags
depends_on:
- unit_test
@@ -538,7 +595,7 @@ local_system_test_task: &local_system_test_task
name: *std_name_fmt
alias: local_system_test
skip: *tags
- only_if: *not_docs
+ only_if: *not_build
depends_on:
- local_integration_test
matrix: *platform_axis
@@ -561,11 +618,33 @@ remote_system_test_task:
TEST_FLAVOR: sys
PODBIN_NAME: remote
+
+rootless_remote_system_test_task:
+ <<: *local_system_test_task
+ alias: rootless_remote_system_test
+ depends_on:
+ - remote_integration_test
+ matrix:
+ # Minimal sanity testing: only the latest Fedora
+ - env:
+ DISTRO_NV: ${FEDORA_NAME}
+ # Not used here, is used in other tasks
+ VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME}
+ CTR_FQIN: ${FEDORA_CONTAINER_FQIN}
+ # ID for re-use of build output
+ _BUILD_CACHE_HANDLE: ${FEDORA_NAME}-build-${CIRRUS_BUILD_ID}
+ gce_instance: *standardvm
+ env:
+ TEST_FLAVOR: sys
+ PODBIN_NAME: remote
+ PRIV_NAME: rootless
+
+
buildah_bud_test_task:
name: *std_name_fmt
alias: buildah_bud_test
skip: *tags
- only_if: *not_docs
+ only_if: *not_build
depends_on:
- local_integration_test
env:
@@ -589,11 +668,12 @@ buildah_bud_test_task:
main_script: *main
always: *int_logs_artifacts
+
rootless_system_test_task:
name: *std_name_fmt
alias: rootless_system_test
skip: *tags
- only_if: *not_docs
+ only_if: *not_build
depends_on:
- rootless_integration_test
matrix: *platform_axis
@@ -607,11 +687,12 @@ rootless_system_test_task:
main_script: *main
always: *logs_artifacts
+
rootless_gitlab_test_task:
name: *std_name_fmt
alias: rootless_gitlab_test
skip: *tags
- only_if: *not_docs
+ only_if: *not_build
# Community-maintained downstream test may fail unexpectedly.
# Ref. repository: https://gitlab.com/gitlab-org/gitlab-runner
# If necessary, uncomment the next line and file issue(s) with details.
@@ -634,11 +715,12 @@ rootless_gitlab_test_task:
type: text/xml
format: junit
+
upgrade_test_task:
name: "Upgrade test: from $PODMAN_UPGRADE_FROM"
alias: upgrade_test
skip: *tags
- only_if: $CIRRUS_CHANGE_TITLE !=~ '.*CI:DOCS.*' || $CIRRUS_CRON != ''
+ only_if: *not_build
depends_on:
- local_system_test
matrix:
@@ -663,6 +745,7 @@ upgrade_test_task:
main_script: *main
always: *logs_artifacts
+
# This task is critical. It updates the "last-used by" timestamp stored
# in metadata for all VM images. This mechanism functions in tandem with
# an out-of-band pruning operation to remove disused VM images.
@@ -711,11 +794,14 @@ success_task:
- compose_test
- local_integration_test
- remote_integration_test
- - rootless_integration_test
- container_integration_test
+ - netavark_integration_test
+ - netavark_system_test
+ - rootless_integration_test
- local_system_test
- remote_system_test
- rootless_system_test
+ - rootless_remote_system_test
- rootless_gitlab_test
- upgrade_test
- buildah_bud_test
@@ -756,7 +842,10 @@ release_task:
release_test_task:
name: "Optional Release Test"
alias: release_test
- only_if: $CIRRUS_PR != ''
+ # Release-PRs always include "release" or "Bump" in the title
+ only_if: $CIRRUS_CHANGE_TITLE =~ '.*((release)|(bump)).*'
+ # Allow running manually only as part of release-related builds
+ # see RELEASE_PROCESS.md
trigger_type: manual
depends_on:
- success