diff options
| -rw-r--r-- | .cirrus.yml | 46 | ||||
| -rwxr-xr-x | contrib/cirrus/build_vm_images.sh | 5 | ||||
| -rwxr-xr-x | contrib/cirrus/integration_test.sh | 15 | ||||
| -rw-r--r-- | contrib/cirrus/lib.sh | 238 | ||||
| -rwxr-xr-x | contrib/cirrus/notice_master_failure.sh | 2 | ||||
| -rw-r--r-- | contrib/cirrus/packer/centos_setup.sh | 4 | ||||
| -rw-r--r-- | contrib/cirrus/packer/fedora_setup.sh | 5 | ||||
| -rw-r--r-- | contrib/cirrus/packer/rhel_setup.sh | 4 | ||||
| -rw-r--r-- | contrib/cirrus/packer/ubuntu_setup.sh | 13 | ||||
| -rwxr-xr-x | contrib/cirrus/resetup_and_run_rootless.sh | 32 | ||||
| -rwxr-xr-x | contrib/cirrus/rootless_test.sh | 3 | ||||
| -rwxr-xr-x | contrib/cirrus/setup_environment.sh | 112 | ||||
| -rwxr-xr-x | contrib/cirrus/system_test.sh | 2 | ||||
| -rwxr-xr-x | contrib/cirrus/unit_test.sh | 4 | ||||
| -rw-r--r-- | test/registries.conf | 2 |
15 files changed, 187 insertions, 300 deletions
diff --git a/.cirrus.yml b/.cirrus.yml index 08875a354..b3c6ff5a9 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -13,30 +13,22 @@ env: #### #### Global variables used for all tasks #### - # File to update in home-dir with task-specific env. var values - ENVLIB: ".bash_profile" # Overrides default location (/tmp/cirrus) for repo clone + GOPATH: "/var/tmp/go" + GOSRC: "/var/tmp/go/src/github.com/containers/libpod" CIRRUS_WORKING_DIR: "/var/tmp/go/src/github.com/containers/libpod" - # Required so $ENVLIB gets loaded + # The default is 'sh' if unspecified CIRRUS_SHELL: "/bin/bash" # Save a little typing (path relative to $CIRRUS_WORKING_DIR) SCRIPT_BASE: "./contrib/cirrus" - PACKER_BASE: "./contrib/cirrus/packer" - CIRRUS_CLONE_DEPTH: 200 # Command to prefix every output line with a timestamp # (can't do inline awk script, Cirrus-CI or YAML mangles quoting) TIMESTAMP: "awk --file ${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/timestamp.awk" - BUILT_IMAGE_SUFFIX: "-${CIRRUS_REPO_NAME}-${CIRRUS_BUILD_ID}" + CIRRUS_CLONE_DEPTH: 50 #### #### Cache-image names to test with ### - ACTIVE_CACHE_IMAGE_NAMES: >- - fedora-29-libpod-548c1c05 - fedora-28-libpod-548c1c05 - ubuntu-18-libpod-548c1c05 - rhel-7-libpod-548c1c05 - image-builder-image-1541772081 FEDORA_CACHE_IMAGE_NAME: "fedora-29-libpod-5699523102900224" PRIOR_FEDORA_CACHE_IMAGE_NAME: "fedora-28-libpod-5699523102900224" UBUNTU_CACHE_IMAGE_NAME: "ubuntu-18-libpod-5699523102900224" @@ -48,11 +40,13 @@ env: #### Variables for composing new cache-images (used in PR testing) from #### base-images (pre-existing in GCE) #### + BUILT_IMAGE_SUFFIX: "-${CIRRUS_REPO_NAME}-${CIRRUS_BUILD_ID}" # Git commits to use while building dependencies into cache-images FEDORA_CNI_COMMIT: "412b6d31280682bb4fab4446f113c22ff1886554" CNI_COMMIT: "7480240de9749f9a0a5c8614b17f1f03e0c06ab9" CRIO_COMMIT: "7a283c391abb7bd25086a8ff91dbb36ebdd24466" CRIU_COMMIT: "c74b83cd49c00589c0c0468ba5fe685b67fdbd0a" + # Only RHEL/Centos VM cache-image building needs RUNC_COMMIT RUNC_COMMIT: "029124da7af7360afa781a0234d1b083550f797c" # CSV of cache-image names to build (see $PACKER_BASE/libpod_images.json) PACKER_BUILDS: "ubuntu-18,fedora-29,fedora-28,rhel-7" # TODO: rhel-8,centos-7 @@ -60,15 +54,6 @@ env: PACKER_VER: "1.3.2" # Special image w/ nested-libvirt + tools for creating new cache and base images IMAGE_BUILDER_CACHE_IMAGE_NAME: "image-builder-image-1541772081" - # Google-maintained base-image names - UBUNTU_BASE_IMAGE: "ubuntu-1804-bionic-v20181203a" - CENTOS_BASE_IMAGE: "centos-7-v20181113" - # Manually produced base-image names (see $SCRIPT_BASE/README.md) - FEDORA_BASE_IMAGE: "fedora-cloud-base-29-1-2-1541789245" - PRIOR_FEDORA_BASE_IMAGE: "fedora-cloud-base-28-1-1-1544474897" - FAH_BASE_IMAGE: "fedora-atomichost-29-20181025-1-1541787861" - # RHEL image must be imported, google bills extra for their native image. - RHEL_BASE_IMAGE: "rhel-guest-image-7-6-210-x86-64-qcow2-1548099756" #### #### Default to NOT operating in any special-case testing mode @@ -109,6 +94,7 @@ gating_task: env: CIRRUS_WORKING_DIR: "/usr/src/libpod" + GOPATH: "/go" GOSRC: "/go/src/github.com/containers/libpod" # Runs within Cirrus's "community cluster" @@ -159,6 +145,8 @@ vendor_task: env: CIRRUS_WORKING_DIR: "/usr/src/libpod" + GOPATH: "/go" + GOSRC: "/go/src/github.com/containers/libpod" # Runs within Cirrus's "community cluster" container: @@ -171,7 +159,7 @@ vendor_task: vendor_script: - '/usr/local/bin/entrypoint.sh .install.vndr |& ${TIMESTAMP}' - '/usr/local/bin/entrypoint.sh vendor |& ${TIMESTAMP}' - - 'cd /go/src/github.com/containers/libpod && ./hack/tree_status.sh |& ${TIMESTAMP}' + - 'cd ${GOSRC} && ./hack/tree_status.sh |& ${TIMESTAMP}' on_failure: failed_master_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_master_failure.sh |& ${TIMESTAMP}' @@ -348,6 +336,9 @@ special_testing_task: # necessary to execute them within a PR to validate changes. optional_testing_task: + depends_on: + - "gating" + # Only run system tests in PRs (not on merge) if magic string is present # in the PR description. Post-merge system testing is assumed to happen # later from OS distribution's build systems. @@ -426,10 +417,11 @@ verify_test_built_images_task: TEST_REMOTE_CLIENT: true TEST_REMOTE_CLIENT: false + # Note: A truncated form of normal testing. It only needs to confirm new images + # "probably" work. A full round of testing will happen again after $*_CACHE_IMAGE_NAME + # are updated in this or another PR (w/o '***CIRRUS: TEST IMAGES***'). environment_script: '$SCRIPT_BASE/setup_environment.sh |& ${TIMESTAMP}' - unit_test_script: '$SCRIPT_BASE/unit_test.sh |& ${TIMESTAMP}' integration_test_script: '$SCRIPT_BASE/integration_test.sh |& ${TIMESTAMP}' - rootless_testing_script: '$SCRIPT_BASE/resetup_and_run_rootless.sh |& ${TIMESTAMP}' # Build new cache-images for future PR testing, but only after a PR merge. @@ -447,6 +439,7 @@ build_cache_images_task: depends_on: - "gating" - "testing" + - "rootless_testing" # VMs created by packer are not cleaned up by cirrus auto_cancellation: $CI != "true" @@ -462,6 +455,7 @@ build_cache_images_task: scopes: - compute - devstorage.full_control + environment_script: '$SCRIPT_BASE/setup_environment.sh |& ${TIMESTAMP}' build_vm_images_script: '$SCRIPT_BASE/build_vm_images.sh |& ${TIMESTAMP}' @@ -499,10 +493,12 @@ success_task: env: CIRRUS_WORKING_DIR: "/usr/src/libpod" + GOPATH: "/go" + GOSRC: "/go/src/github.com/containers/libpod" container: image: "quay.io/libpod/gate:latest" cpu: 1 memory: 1 - success_script: '$SCRIPT_BASE/success.sh |& ${TIMESTAMP}' + success_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/success.sh |& ${TIMESTAMP}' diff --git a/contrib/cirrus/build_vm_images.sh b/contrib/cirrus/build_vm_images.sh index cfdfd5d7d..773f8e486 100755 --- a/contrib/cirrus/build_vm_images.sh +++ b/contrib/cirrus/build_vm_images.sh @@ -3,7 +3,10 @@ set -e source $(dirname $0)/lib.sh -req_env_var CNI_COMMIT CRIO_COMMIT RUNC_COMMIT PACKER_BUILDS BUILT_IMAGE_SUFFIX CENTOS_BASE_IMAGE UBUNTU_BASE_IMAGE FEDORA_BASE_IMAGE FAH_BASE_IMAGE RHEL_BASE_IMAGE RHSM_COMMAND SERVICE_ACCOUNT GCE_SSH_USERNAME GCP_PROJECT_ID PACKER_VER SCRIPT_BASE PACKER_BASE +ENV_VARS='CNI_COMMIT CRIO_COMMIT RUNC_COMMIT PACKER_BUILDS BUILT_IMAGE_SUFFIX CENTOS_BASE_IMAGE UBUNTU_BASE_IMAGE FEDORA_BASE_IMAGE PRIOR_FEDORA_BASE_IMAGE FAH_BASE_IMAGE RHEL_BASE_IMAGE RHSM_COMMAND SERVICE_ACCOUNT GCE_SSH_USERNAME GCP_PROJECT_ID PACKER_VER SCRIPT_BASE PACKER_BASE' +req_env_var $ENV_VARS +# Must also be made available through make, into packer process +export $ENV_VARS show_env_vars diff --git a/contrib/cirrus/integration_test.sh b/contrib/cirrus/integration_test.sh index c7d381318..e65b3b8ec 100755 --- a/contrib/cirrus/integration_test.sh +++ b/contrib/cirrus/integration_test.sh @@ -9,7 +9,6 @@ cd "$GOSRC" if [[ "$SPECIALMODE" == "in_podman" ]] then - set -x ${CONTAINER_RUNTIME} run --rm --privileged --net=host \ -v $GOSRC:$GOSRC:Z \ --workdir $GOSRC \ @@ -32,24 +31,10 @@ then $GOSRC/$SCRIPT_BASE/rootless_test.sh exit $? else - set -x make make install PREFIX=/usr ETCDIR=/etc make test-binaries make install.tools - clean_env - - case "${OS_RELEASE_ID}-${OS_RELEASE_VER}" in - ubuntu-18) ;; - fedora-29) ;& # Continue to the next item - fedora-28) ;& - centos-7) ;& - rhel-7) - make podman-remote - install bin/podman-remote /usr/bin - ;; - *) bad_os_id_ver ;; - esac if [[ "$TEST_REMOTE_CLIENT" == "true" ]] then make remoteintegration diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh index fb1685104..7886d230b 100644 --- a/contrib/cirrus/lib.sh +++ b/contrib/cirrus/lib.sh @@ -4,22 +4,73 @@ # to be sourced by other scripts, not called directly. # Under some contexts these values are not set, make sure they are. -export USER="$(whoami)" -export HOME="$(getent passwd $USER | cut -d : -f 6)" - -# These are normally set by cirrus, but can't be for VMs setup by hack/get_ci_vm.sh -# Pick some reasonable defaults -ENVLIB=${ENVLIB:-.bash_profile} -CIRRUS_WORKING_DIR="${CIRRUS_WORKING_DIR:-/var/tmp/go/src/github.com/containers/libpod}" -GOSRC="${GOSRC:-$CIRRUS_WORKING_DIR}" +USER="$(whoami)" +HOME="$(getent passwd $USER | cut -d : -f 6)" +[[ -n "$UID" ]] || UID=$(getent passwd $USER | cut -d : -f 3) +GID=$(getent passwd $USER | cut -d : -f 4) + +# Essential default paths, many are overriden when executing under Cirrus-CI +export GOPATH="${GOPATH:-/var/tmp/go}" +if type -P go &> /dev/null +then + # required for go 1.12+ + export GOCACHE="${GOCACHE:-$HOME/.cache/go-build}" + eval "$(go env)" + # required by make and other tools + export $(go env | cut -d '=' -f 1) +fi +CIRRUS_WORKING_DIR="${CIRRUS_WORKING_DIR:-$GOPATH/src/github.com/containers/libpod}" +export GOSRC="${GOSRC:-$CIRRUS_WORKING_DIR}" +export PATH="$HOME/bin:$GOPATH/bin:/usr/local/bin:$PATH" +export LD_LIBRARY_PATH="/usr/local/lib${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}" +TIMESTAMPS_FILEPATH="${TIMESTAMPS_FILEPATH:-/var/tmp/timestamps}" +SETUP_MARKER_FILEPATH="${SETUP_MARKER_FILEPATH:-/var/tmp/.setup_environment_sh_complete}" +# Saves typing / in case location ever moves SCRIPT_BASE=${SCRIPT_BASE:-./contrib/cirrus} PACKER_BASE=${PACKER_BASE:-./contrib/cirrus/packer} -CIRRUS_BUILD_ID=${CIRRUS_BUILD_ID:-DEADBEEF} # a human -CIRRUS_BASE_SHA=${CIRRUS_BASE_SHA:-HEAD} -CIRRUS_CHANGE_IN_REPO=${CIRRUS_CHANGE_IN_REPO:-FETCH_HEAD} + +cd $GOSRC +if type -P git &> /dev/null +then + CIRRUS_CHANGE_IN_REPO=${CIRRUS_CHANGE_IN_REPO:-$(git show-ref --hash=8 HEAD || date +%s)} +else # pick something unique and obviously not from Cirrus + CIRRUS_CHANGE_IN_REPO=${CIRRUS_CHANGE_IN_REPO:-no_git_$(date +%s)} +fi + +# Defaults when not running under CI +export CI="${CI:-false}" +CIRRUS_CI="${CIRRUS_CI:-false}" +CONTINUOUS_INTEGRATION="${CONTINUOUS_INTEGRATION:-false}" +CIRRUS_REPO_NAME=${CIRRUS_REPO_NAME:-libpod} +CIRRUS_BASE_SHA=${CIRRUS_BASE_SHA:-unknown$(date +%s)} # difficult to reliably discover +CIRRUS_BUILD_ID=${CIRRUS_BUILD_ID:-$RANDOM$(date +%s)} # must be short and unique +# Vars. for image-building +PACKER_VER="1.3.5" +# CSV of cache-image names to build (see $PACKER_BASE/libpod_images.json) +PACKER_BUILDS="${PACKER_BUILDS:-ubuntu-18,fedora-29,fedora-28,rhel-7,centos-7}" + +# Base-images rarely change, define them here so they're out of the way. +# Google-maintained base-image names +UBUNTU_BASE_IMAGE="ubuntu-1804-bionic-v20181203a" +CENTOS_BASE_IMAGE="centos-7-v20181113" +# Manually produced base-image names (see $SCRIPT_BASE/README.md) +FEDORA_BASE_IMAGE="fedora-cloud-base-29-1-2-1541789245" +PRIOR_FEDORA_BASE_IMAGE="fedora-cloud-base-28-1-1-1544474897" +FAH_BASE_IMAGE="fedora-atomichost-29-20181025-1-1541787861" +# RHEL image must be imported, native image bills for subscription. +RHEL_BASE_IMAGE="rhel-guest-image-7-6-210-x86-64-qcow2-1548099756" +BUILT_IMAGE_SUFFIX="${BUILT_IMAGE_SUFFIX:--$CIRRUS_REPO_NAME-${CIRRUS_BUILD_ID}}" +RHSM_COMMAND="${RHSM_COMMAND:-/bin/true}" + +# Safe env. vars. to transfer from root -> $ROOTLESS_USER (go env handled separetly) +ROOTLESS_ENV_RE='(CIRRUS_.+)|(ROOTLESS_.+)|(.+_IMAGE.*)|(.+_BASE)|(.*DIRPATH)|(.*FILEPATH)|(SOURCE.*)|(DEPEND.*)|(.+_DEPS_.+)|(OS_REL.*)|(.+_ENV_RE)|(TRAVIS)|(CI.+)' +# Unsafe env. vars for display +SECRET_ENV_RE='(IRCID)|(RHSM)|(ACCOUNT)|(^GC[EP]..+)|(SSH)' + SPECIALMODE="${SPECIALMODE:-none}" +TEST_REMOTE_CLIENT="${TEST_REMOTE_CLIENT:-false}" export CONTAINER_RUNTIME=${CONTAINER_RUNTIME:-podman} - +# When running as root, this may be empty or not, as a user, it MUST be set. if [[ "$USER" == "root" ]] then ROOTLESS_USER="${ROOTLESS_USER:-}" @@ -27,34 +78,12 @@ else ROOTLESS_USER="${ROOTLESS_USER:-$USER}" fi -if ! [[ "$PATH" =~ "/usr/local/bin" ]] -then - export PATH="$PATH:/usr/local/bin" -fi - -# In ci/testing environment, ensure variables are always loaded -if [[ -r "$HOME/$ENVLIB" ]] && [[ -n "$CI" ]] -then - # Make sure this is always loaded - source "$HOME/$ENVLIB" -fi - -# Space separated list of environment variables to unset before testing -UNSET_ENV_VARS=' - GCP_PROJECT_ID GCE_SSH_USERNAME SERVICE_ACCOUNT RHSM_COMMAND BUILT_IMAGE_SUFFIX - IRCID RHEL_BASE_IMAGE FAH_BASE_IMAGE FEDORA_BASE_IMAGE CENTOS_BASE_IMAGE - UBUNTU_BASE_IMAGE PACKER_VER PACKER_BUILDS RUNC_COMMIT CRIU_COMMIT - CRIO_COMMIT CNI_COMMIT FEDORA_CNI_COMMIT PACKER_BASE SCRIPT_BASE - CIRRUS_SHELL CIRRUS_WORKING_DIR ENVLIB CIRRUS_CI - CI_NODE_INDEX CI_NODE_TOTAL CIRRUS_BASE_BRANCH CIRRUS_BASE_SHA - CIRRUS_BRANCH CIRRUS_BUILD_ID CIRRUS_CHANGE_IN_REPO CIRRUS_CLONE_DEPTH - CIRRUS_COMMIT_MESSAGE CIRRUS_CHANGE_MESSAGE CIRRUS_REPO_CLONE_HOST - CIRRUS_DEFAULT_BRANCH CIRRUS_PR CIRRUS_TAG CIRRUS_OS CIRRUS_TASK_NAME - CIRRUS_TASK_ID CIRRUS_REPO_NAME CIRRUS_REPO_OWNER CIRRUS_REPO_FULL_NAME - CIRRUS_REPO_CLONE_URL CIRRUS_SHELL CIRRUS_USER_COLLABORATOR CIRRUS_USER_PERMISSION - CIRRUS_WORKING_DIR CIRRUS_HTTP_CACHE_HOST PACKER_BUILDS - XDG_DATA_DIRS XDG_RUNTIME_DIR XDG_SESSION_ID ROOTLESS_USER -' +# GCE image-name compatible string representation of distribution name +OS_RELEASE_ID="$(egrep -m 1 '^ID=' /etc/os-release | cut -d = -f 2 | tr -d \' | tr -d \")" +# GCE image-name compatible string representation of distribution major version +OS_RELEASE_VER="$(egrep -m 1 '^VERSION_ID=' /etc/os-release | cut -d = -f 2 | tr -d \' | tr -d \" | cut -d '.' -f 1)" +# Combined to ease soe usage +OS_REL_VER="${OS_RELEASE_ID}-${OS_RELEASE_VER}" # Pass in a list of one or more envariable names; exit non-zero with # helpful error message if any value is empty @@ -81,81 +110,27 @@ req_env_var() { done } -# Some env. vars may contain secrets. Display values for known "safe" -# and useful variables. -# ref: https://cirrus-ci.org/guide/writing-tasks/#environment-variables show_env_vars() { - # This is almost always multi-line, print it separately - echo "export CIRRUS_CHANGE_MESSAGE=$CIRRUS_CHANGE_MESSAGE" - echo " -BUILDTAGS $BUILDTAGS -BUILT_IMAGE_SUFFIX $BUILT_IMAGE_SUFFIX -ROOTLESS_USER $ROOTLESS_USER -CI $CI -CIRRUS_CI $CIRRUS_CI -CI_NODE_INDEX $CI_NODE_INDEX -CI_NODE_TOTAL $CI_NODE_TOTAL -CONTINUOUS_INTEGRATION $CONTINUOUS_INTEGRATION -CIRRUS_BASE_BRANCH $CIRRUS_BASE_BRANCH -CIRRUS_BASE_SHA $CIRRUS_BASE_SHA -CIRRUS_BRANCH $CIRRUS_BRANCH -CIRRUS_BUILD_ID $CIRRUS_BUILD_ID -CIRRUS_CHANGE_IN_REPO $CIRRUS_CHANGE_IN_REPO -CIRRUS_CLONE_DEPTH $CIRRUS_CLONE_DEPTH -CIRRUS_DEFAULT_BRANCH $CIRRUS_DEFAULT_BRANCH -CIRRUS_PR $CIRRUS_PR -CIRRUS_TAG $CIRRUS_TAG -CIRRUS_OS $CIRRUS_OS -OS $OS -CIRRUS_TASK_NAME $CIRRUS_TASK_NAME -CIRRUS_TASK_ID $CIRRUS_TASK_ID -CIRRUS_REPO_NAME $CIRRUS_REPO_NAME -CIRRUS_REPO_OWNER $CIRRUS_REPO_OWNER -CIRRUS_REPO_FULL_NAME $CIRRUS_REPO_FULL_NAME -CIRRUS_REPO_CLONE_URL $CIRRUS_REPO_CLONE_URL -CIRRUS_SHELL $CIRRUS_SHELL -CIRRUS_USER_COLLABORATOR $CIRRUS_USER_COLLABORATOR -CIRRUS_USER_PERMISSION $CIRRUS_USER_PERMISSION -CIRRUS_WORKING_DIR $CIRRUS_WORKING_DIR -CIRRUS_HTTP_CACHE_HOST $CIRRUS_HTTP_CACHE_HOST -SPECIALMODE $SPECIALMODE -$(go env) -PACKER_BUILDS $PACKER_BUILDS - " | while read NAME VALUE + echo "Showing selection of environment variable definitions:" + _ENV_VAR_NAMES=$(awk 'BEGIN{for(v in ENVIRON) print v}' | \ + egrep -v "(^PATH$)|(^BASH_FUNC)|(^[[:punct:][:space:]]+)|$SECRET_ENV_RE" | \ + sort -u) + for _env_var_name in $_ENV_VAR_NAMES do - [[ -z "$NAME" ]] || echo "export $NAME=\"$VALUE\"" + # Supports older BASH versions + _value="$(printenv $_env_var_name)" + printf " ${_env_var_name}=%q\n" "${_value}" done echo "" echo "##### $(go version) #####" echo "" } -# Unset environment variables not needed for testing purposes -clean_env() { - req_env_var UNSET_ENV_VARS - echo "Unsetting $(echo $UNSET_ENV_VARS | wc -w) environment variables" - unset -v UNSET_ENV_VARS $UNSET_ENV_VARS || true # don't fail on read-only -} - die() { echo "${2:-FATAL ERROR (but no message given!) in ${FUNCNAME[1]}()}" exit ${1:-1} } -# Return a GCE image-name compatible string representation of distribution name -os_release_id() { - eval "$(egrep -m 1 '^ID=' /etc/os-release | tr -d \' | tr -d \")" - echo "$ID" -} -export OS_RELEASE_ID="$(os_release_id)" - -# Return a GCE image-name compatible string representation of distribution major version -os_release_ver() { - eval "$(egrep -m 1 '^VERSION_ID=' /etc/os-release | tr -d \' | tr -d \")" - echo "$VERSION_ID" | cut -d '.' -f 1 -} -export OS_RELEASE_VER="$(os_release_VER)" - bad_os_id_ver() { echo "Unknown/Unsupported distro. $OS_RELEASE_ID and/or version $OS_RELEASE_VER for $ARGS" exit 42 @@ -166,8 +141,8 @@ stub() { } ircmsg() { - req_env_var CIRRUS_TASK_ID - [[ -n "$*" ]] || die 9 "ircmsg() invoked without args" + req_env_var CIRRUS_TASK_ID MSG + [[ -n "$*" ]] || die 9 "ircmsg() invoked without message text argument" # Sometimes setup_environment.sh didn't run SCRIPT="$(dirname $0)/podbot.py" NICK="podbot_$CIRRUS_TASK_ID" @@ -179,12 +154,9 @@ ircmsg() { } setup_rootless() { - req_env_var ROOTLESS_USER GOSRC ENVLIB - - make install.catatonit - go get github.com/onsi/ginkgo/ginkgo - go get github.com/onsi/gomega/... + req_env_var ROOTLESS_USER GOSRC + # Only do this once if passwd --status $ROOTLESS_USER then echo "Updating $ROOTLESS_USER user permissions on possibly changed libpod code" @@ -192,12 +164,7 @@ setup_rootless() { return 0 fi - # Only do this once cd $GOSRC - make install.catatonit - go get github.com/onsi/ginkgo/ginkgo - go get github.com/onsi/gomega/... - # Guarantee independence from specific values ROOTLESS_UID=$[RANDOM+1000] ROOTLESS_GID=$[RANDOM+1000] @@ -223,19 +190,18 @@ setup_rootless() { echo "${ROOTLESS_USER}:$[ROOTLESS_UID * 100]:65536" | \ tee -a /etc/subuid >> /etc/subgid - echo "Copying $HOME/$ENVLIB" - install -o $ROOTLESS_USER -g $ROOTLESS_USER -m 0700 \ - "$HOME/$ENVLIB" "/home/$ROOTLESS_USER/$ENVLIB" - - # Allow the tests to run - echo "export ROOTLESS_USER=$ROOTLESS_USER" >> "/home/$ROOTLESS_USER/$ENVLIB" - - echo "Configuring user's go environment variables" - su --login --command 'go env' $ROOTLESS_USER | \ - while read envline - do - X=$(echo "export $envline" >> "/home/$ROOTLESS_USER/$ENVLIB") - done + # Env. vars set by Cirrus and setup_environment.sh must be explicitly + # transfered to the test-user. + echo "Configuring rootless user's environment variables:" + _ENV_VAR_NAMES=$(awk 'BEGIN{for(v in ENVIRON) print v}' | \ + egrep -v "(^PATH$)|(^BASH_FUNC)|(^[[:punct:][:space:]]+)|$SECRET_ENV_RE" | \ + egrep "$ROOTLESS_ENV_RE" | \ + sort -u) + for _env_var_name in $_ENV_VAR_NAMES + do + _value="$(printenv $_env_var_name)" + printf "${_env_var_name}=%q" "${_value}" | tee -a "/home/$ROOTLESS_USER/.bashrc" + done } # Helper/wrapper script to only show stderr/stdout on non-zero exit @@ -273,10 +239,7 @@ install_cni_plugins() { } install_runc_from_git(){ - req_env_var " - GOPATH $GOPATH - OS_RELEASE_ID $OS_RELEASE_ID - " + req_env_var GOPATH OS_RELEASE_ID RUNC_COMMIT wd=$(pwd) DEST="$GOPATH/src/github.com/opencontainers/runc" rm -rf "$DEST" @@ -295,7 +258,6 @@ install_runc_from_git(){ } install_runc(){ - OS_RELEASE_ID=$(os_release_id) echo "Installing RunC from commit $RUNC_COMMIT" echo "Platform is $OS_RELEASE_ID" req_env_var GOPATH RUNC_COMMIT OS_RELEASE_ID @@ -341,8 +303,6 @@ install_conmon(){ } install_criu(){ - OS_RELEASE_ID=$(os_release_id) - OS_RELEASE_VER=$(os_release_ver) echo "Installing CRIU" echo "Installing CRIU from commit $CRIU_COMMIT" echo "Platform is $OS_RELEASE_ID" @@ -381,16 +341,6 @@ EOF fi } -install_packer_copied_files(){ - # Install cni config, policy and registry config - sudo install -D -m 755 /tmp/libpod/cni/87-podman-bridge.conflist \ - /etc/cni/net.d/87-podman-bridge.conflist - sudo install -D -m 755 /tmp/libpod/test/policy.json \ - /etc/containers/policy.json - sudo install -D -m 755 /tmp/libpod/test/redhat_sigstore.yaml \ - /etc/containers/registries.d/registry.access.redhat.com.yaml -} - install_varlink() { echo "Installing varlink from the cheese-factory" ooe.sh sudo -H pip3 install varlink diff --git a/contrib/cirrus/notice_master_failure.sh b/contrib/cirrus/notice_master_failure.sh index 4b09331d3..1fc15cdf9 100755 --- a/contrib/cirrus/notice_master_failure.sh +++ b/contrib/cirrus/notice_master_failure.sh @@ -12,7 +12,7 @@ NOR="$(echo -n -e '\x0f')" if [[ "$CIRRUS_BRANCH" =~ "master" ]] then BURL="https://cirrus-ci.com/build/$CIRRUS_BUILD_ID" - ircmsg "${RED}[Action Recommended]: ${NOR}Post-merge testing ${RED}$CIRRUS_BRANCH failed${NOR} in $CIRRUS_TASK_NAME on $(os_release_id)-$(os_release_ver): $BURL. Please investigate, and re-run if appropriate." + ircmsg "${RED}[Action Recommended]: ${NOR}Post-merge testing ${RED}$CIRRUS_BRANCH failed${NOR} in $CIRRUS_TASK_NAME on $(OS_RELEASE_ID)-$(OS_RELEASE_VER): $BURL. Please investigate, and re-run if appropriate." fi # This script assumed to be executed on failure diff --git a/contrib/cirrus/packer/centos_setup.sh b/contrib/cirrus/packer/centos_setup.sh index f9728f2f7..f63625789 100644 --- a/contrib/cirrus/packer/centos_setup.sh +++ b/contrib/cirrus/packer/centos_setup.sh @@ -8,7 +8,7 @@ set -e # Load in library (copied by packer, before this script was run) source /tmp/libpod/$SCRIPT_BASE/lib.sh -req_env_var SCRIPT_BASE CNI_COMMIT CRIO_COMMIT CRIU_COMMIT +req_env_var SCRIPT_BASE CNI_COMMIT CRIO_COMMIT CRIU_COMMIT RUNC_COMMIT install_ooe @@ -77,8 +77,6 @@ install_cni_plugins install_buildah -install_packer_copied_files - sudo /tmp/libpod/hack/install_catatonit.sh rh_finalize diff --git a/contrib/cirrus/packer/fedora_setup.sh b/contrib/cirrus/packer/fedora_setup.sh index d9229c668..41d1785f9 100644 --- a/contrib/cirrus/packer/fedora_setup.sh +++ b/contrib/cirrus/packer/fedora_setup.sh @@ -60,6 +60,7 @@ ooe.sh sudo dnf install -y \ python3-dateutil \ python3-psutil \ python3-pytoml \ + runc \ skopeo-containers \ slirp4netns \ unzip \ @@ -71,15 +72,11 @@ install_varlink install_conmon -install_runc - CNI_COMMIT=$FEDORA_CNI_COMMIT install_cni_plugins install_buildah -install_packer_copied_files - sudo /tmp/libpod/hack/install_catatonit.sh rh_finalize # N/B: Halts system! diff --git a/contrib/cirrus/packer/rhel_setup.sh b/contrib/cirrus/packer/rhel_setup.sh index dee35a102..577c8721a 100644 --- a/contrib/cirrus/packer/rhel_setup.sh +++ b/contrib/cirrus/packer/rhel_setup.sh @@ -8,7 +8,7 @@ set -e # Load in library (copied by packer, before this script was run) source /tmp/libpod/$SCRIPT_BASE/lib.sh -req_env_var SCRIPT_BASE CNI_COMMIT CRIO_COMMIT CRIU_COMMIT RHSM_COMMAND +req_env_var SCRIPT_BASE CNI_COMMIT CRIO_COMMIT CRIU_COMMIT RHSM_COMMAND RUNC_COMMIT install_ooe @@ -87,8 +87,6 @@ install_cni_plugins install_buildah -install_packer_copied_files - sudo /tmp/libpod/hack/install_catatonit.sh rhel_exit_handler # release subscription! diff --git a/contrib/cirrus/packer/ubuntu_setup.sh b/contrib/cirrus/packer/ubuntu_setup.sh index d02b71e12..45a987df0 100644 --- a/contrib/cirrus/packer/ubuntu_setup.sh +++ b/contrib/cirrus/packer/ubuntu_setup.sh @@ -8,7 +8,7 @@ set -e # Load in library (copied by packer, before this script was run) source /tmp/libpod/$SCRIPT_BASE/lib.sh -req_env_var SCRIPT_BASE CNI_COMMIT CRIO_COMMIT CRIU_COMMIT RUNC_COMMIT +req_env_var SCRIPT_BASE CNI_COMMIT CRIO_COMMIT CRIU_COMMIT install_ooe @@ -26,6 +26,8 @@ ooe.sh sudo -E apt-get -qq install software-properties-common # Required to have Go 1.11 on Ubuntu 18.0.4 ooe.sh sudo -E add-apt-repository --yes ppa:longsleep/golang-backports +ooe.sh sudo -E add-apt-repository --yes ppa:projectatomic/ppa +ooe.sh sudo -E add-apt-repository --yes ppa:criu/ppa ooe.sh sudo -E apt-get -qq update || sudo -E apt-get -qq update ooe.sh sudo -E apt-get -qq install \ @@ -36,6 +38,8 @@ ooe.sh sudo -E apt-get -qq install \ bison \ btrfs-tools \ build-essential \ + cri-o-runc \ + criu \ curl \ e2fslibs-dev \ emacs-nox \ @@ -92,20 +96,15 @@ ooe.sh sudo update-grub install_conmon -install_runc - -install_criu - install_cni_plugins install_buildah -install_packer_copied_files - sudo /tmp/libpod/hack/install_catatonit.sh install_varlink +sudo mkdir -p /etc/containers sudo curl https://raw.githubusercontent.com/projectatomic/registries/master/registries.fedora\ -o /etc/containers/registries.conf diff --git a/contrib/cirrus/resetup_and_run_rootless.sh b/contrib/cirrus/resetup_and_run_rootless.sh deleted file mode 100755 index 1c387fdf5..000000000 --- a/contrib/cirrus/resetup_and_run_rootless.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash - -set -e - -# N/B: This script is only intended to be used for the special-case of -# setting up and executing the rootless tests AFTER normal tests complete -# while testing a freshly built image. - -source $(dirname $0)/lib.sh - -# must be after source lib.sh b/c it loads $ENVLIB -export ROOTLESS_USER="pilferingpirate$RANDOM" - -req_env_var " -CIRRUS_WORKING_DIR $CIRRUS_WORKING_DIR -GOSRC $GOSRC -SCRIPT_BASE $SCRIPT_BASE -ROOTLESS_USER $ROOTLESS_USER -" - -if ! run_rootless -then - die 86 "Error: Expected rootless env. var not set or empty" -fi - -cd $GOSRC -make clean -setup_rootless - -ssh $ROOTLESS_USER@localhost \ - -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no \ - $CIRRUS_WORKING_DIR/$SCRIPT_BASE/rootless_test.sh diff --git a/contrib/cirrus/rootless_test.sh b/contrib/cirrus/rootless_test.sh index d4cc6965e..5a509c101 100755 --- a/contrib/cirrus/rootless_test.sh +++ b/contrib/cirrus/rootless_test.sh @@ -15,9 +15,8 @@ fi echo "." echo "Hello, my name is $USER and I live in $PWD can I be your friend?" -show_env_vars - export PODMAN_VARLINK_ADDRESS=unix:/tmp/podman-$(id -u) +show_env_vars cd "$GOSRC" make diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh index b3319a3e1..5fc90d61d 100755 --- a/contrib/cirrus/setup_environment.sh +++ b/contrib/cirrus/setup_environment.sh @@ -4,11 +4,22 @@ set -e source $(dirname $0)/lib.sh -req_env_var USER HOME ENVLIB SCRIPT_BASE CIRRUS_BUILD_ID +req_env_var USER HOME GOSRC SCRIPT_BASE SETUP_MARKER_FILEPATH -[[ "$SHELL" =~ "bash" ]] || chsh -s /bin/bash +# Ensure this script only executes successfully once and always logs ending timestamp +[[ ! -e "$SETUP_MARKER_FILEPATH" ]] || exit 0 +exithandler() { + RET=$? + set +e + show_env_vars + record_timestamp "env. setup end" + echo "$(basename $0) exit status: $RET" + [[ "$RET" -eq "0" ]] && date +%s >> "SETUP_MARKER_FILEPATH" +} +trap exithandler EXIT -cd "$CIRRUS_WORKING_DIR" # for clarity of initial conditions +# Must be bash, always bash +[[ "$SHELL" =~ "bash" ]] || chsh -s /bin/bash # Verify basic dependencies for depbin in go rsync unzip sha256sum curl make python3 git @@ -19,61 +30,48 @@ do fi done -# Setup env. vars common to all tasks/scripts/platforms and -# ensure they return for every following script execution. -MARK="# Added by $0, manual changes will be lost." -touch "$HOME/$ENVLIB" -if ! grep -q "$MARK" "$HOME/$ENVLIB" -then - cp "$HOME/$ENVLIB" "$HOME/${ENVLIB}_original" - # N/B: Single-quote items evaluated every time, double-quotes only once (right now). - for envstr in \ - "$MARK" \ - "export EPOCH_TEST_COMMIT=\"$CIRRUS_BASE_SHA\"" \ - "export HEAD=\"$CIRRUS_CHANGE_IN_REPO\"" \ - "export TRAVIS=\"1\"" \ - "export GOSRC=\"$CIRRUS_WORKING_DIR\"" \ - "export OS_RELEASE_ID=\"$(os_release_id)\"" \ - "export OS_RELEASE_VER=\"$(os_release_ver)\"" \ - "export OS_REL_VER=\"$(os_release_id)-$(os_release_ver)\"" \ - "export TEST_REMOTE_CLIENT=\"$TEST_REMOTE_CLIENT\"" \ - "export GOPATH=\"/var/tmp/go\"" \ - 'export PATH="$HOME/bin:$GOPATH/bin:/usr/local/bin:$PATH"' \ - 'export LD_LIBRARY_PATH="/usr/local/lib${LD_LIBRARY_PATH:+:${LD_LIBRARY_PATH}}"' - do - # Make permanent in later shells, and set in current shell - X=$(echo "$envstr" | tee -a "$HOME/$ENVLIB") && eval "$X" && echo "$X" - done +# Sometimes environment setup needs to vary between distros +# Note: This should only be used for environment variables, and temporary workarounds. +# Anything externally dependent, should be made fixed-in-time by adding to +# contrib/cirrus/packer/*_setup.sh to be incorporated into VM cache-images +# (see docs). +case "${OS_REL_VER}" in + ubuntu-18) ;; + fedora-29) ;; + fedora-28) ;; + centos-7) ;; + rhel-7) ;; + *) bad_os_id_ver ;; +esac - # Some environment setup needs to vary between distros - # Note: This should only be used for environment variables, and minor details. - # Anything that could vary from one run to the next, should go into - # contrib/cirrus/packer/*_setup.sh and be incorporated into VM cache-images - # (see docs) - case "${OS_RELEASE_ID}-${OS_RELEASE_VER}" in - ubuntu-18) ;; - fedora-29) ;; - fedora-28) ;; - centos-7) ;; - rhel-7) ;; - *) bad_os_id_ver ;; - esac +cd "${GOSRC}/" +# Reload to incorporate any changes from above +source "$SCRIPT_BASE/lib.sh" - cd "${GOSRC}/" - # Reload to incorporate any changes from above - source "$SCRIPT_BASE/lib.sh" +echo "Installing cni config, policy and registry config" +req_env_var GOSRC +sudo install -D -m 755 $GOSRC/cni/87-podman-bridge.conflist \ + /etc/cni/net.d/87-podman-bridge.conflist +sudo install -D -m 755 $GOSRC/test/policy.json \ + /etc/containers/policy.json +sudo install -D -m 755 $GOSRC/test/registries.conf \ + /etc/containers/registries.conf +# cri-o if installed will mess with testing in non-obvious ways +rm -f /etc/cni/net.d/*cri* - case "$SPECIALMODE" in - rootless) - X=$(echo "export ROOTLESS_USER='some${RANDOM}dude'" | \ - tee -a "$HOME/$ENVLIB") && eval "$X" && echo "$X" - setup_rootless - ;; - in_podman) # Assumed to be Fedora - dnf install -y podman buildah - $SCRIPT_BASE/setup_container_environment.sh - ;; - esac -fi +go get github.com/onsi/ginkgo/ginkgo +go get github.com/onsi/gomega/... -show_env_vars +case "$SPECIALMODE" in + rootless) + X=$(echo "export ROOTLESS_USER='some${RANDOM}dude'" | \ + tee -a "$HOME/$ENVLIB") && eval "$X" && echo "$X" + X=$(echo "export SPECIALMODE='$SPECIALMODE'"| \ + tee -a "$HOME/$ENVLIB") && eval "$X" && echo "$X" + setup_rootless + ;; + in_podman) # Assumed to be Fedora + dnf install -y podman buildah + $SCRIPT_BASE/setup_container_environment.sh + ;; +esac diff --git a/contrib/cirrus/system_test.sh b/contrib/cirrus/system_test.sh index dd5ef511d..0da170d6c 100755 --- a/contrib/cirrus/system_test.sh +++ b/contrib/cirrus/system_test.sh @@ -5,8 +5,6 @@ source $(dirname $0)/lib.sh req_env_var GOSRC OS_RELEASE_ID OS_RELEASE_VER -clean_env - set -x cd "$GOSRC" diff --git a/contrib/cirrus/unit_test.sh b/contrib/cirrus/unit_test.sh index 0e8c9e2e2..202663fb7 100755 --- a/contrib/cirrus/unit_test.sh +++ b/contrib/cirrus/unit_test.sh @@ -3,9 +3,7 @@ set -e source $(dirname $0)/lib.sh -req_env_var GOSRC OS_RELEASE_ID OS_RELEASE_VER - -clean_env +req_env_var GOSRC set -x cd "$GOSRC" diff --git a/test/registries.conf b/test/registries.conf index 6c9d39bbc..bb7072d45 100644 --- a/test/registries.conf +++ b/test/registries.conf @@ -1,5 +1,5 @@ [registries.search] -registries = ['docker.io', 'quay.io'] +registries = ['docker.io', 'quay.io', 'registry.fedoraproject.org'] [registries.insecure] registries = [] |