summaryrefslogtreecommitdiff
path: root/.cirrus.yml
Commit message (Collapse)AuthorAge
* Revert "Switch to golangci-lint"Brent Baude2019-04-05
| | | | Signed-off-by: baude <bbaude@redhat.com>
* Increase CI resources to help avoid hitting timeoutsMatthew Heon2019-04-04
| | | | | | | | | | | | | | | The build_each_commit task builds each commit in a pull request to verify that we have a (at least minimally) functional Podman at every point, to aid in bisecting. This task is, right now, extremely slow, taking around 1m40s to build each commit - which quickly grows unreasonable as PRs grow to 10+ commits. Upping resources available to the task should decrease time spent in CI and reduce the risk of hitting timeouts. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Cirrus: Support special-case modes of testingChris Evich2019-04-03
| | | | | | | | | | | | | | | | | | | | | | Previously libpod CI was fairly straight-forward, run unit and integration tests in a standard set of 3 VMs. Off on the side was a single special case of running tests as an ordinary user. There is a desire to stop using the PAPR system to support testing inside of a container. Since having two special cases potentially invites more down the road, make provisions to handle them more gracefully. This commit introduces an environment variable: ``$SPECIALMODE``. It's value has the following meanings within the CI scripts: Mode 'none': Nothing special, business as usual (default) Mode 'rootless': Rootless testing Mode 'in_podman': Build container, run integration tests in it. This will make adding additional special-cases later easier, as well as extending the special cases in a Matrix across multiple OS's. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Verify manpages for all subcommands existChris Evich2019-03-21
| | | | | | fixes #2630 Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #2711 from cevich/parallel_vendor_checkOpenShift Merge Robot2019-03-20
|\ | | | | Cirrus: Run vendor check in parallel
| * Cirrus: Run vendor check in parallelChris Evich2019-03-19
| | | | | | | | | | | | | | | | This task is heavily network bound, and takes way too long to include along with the gating task. Separate it out and run it in parallel to everything else. Also add some reasonable timeouts. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Cirrus: Various fixes for rootless testingChris Evich2019-03-19
|/ | | | | | | | | * Randomize the user's UID and GID * Simplify `setup_environment.sh` * Support new "-r" option for `hack/get_ci_vm.sh` setting up rootless * Connect as $ROOTLESS_USER when using "-r" with `hack/get_ci_vm.sh` Signed-off-by: Chris Evich <cevich@redhat.com>
* Enable rootless integration testsbaude2019-03-19
| | | | Signed-off-by: baude <bbaude@redhat.com>
* Cirrus: Disable master-success IRC noticesChris Evich2019-03-18
| | | | | | | | | Since `on_failure` notification is working, and IRC activity is picking up, these messages mostly just get in the way. Leave the PR-testing success messages in place for now, since they're helpful when someone's waiting. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Update VM Cache imagesChris Evich2019-03-18
| | | | | | Undo short-term slirp4netns workaround (#2660) Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Notify on IRC if post-merge testing failsChris Evich2019-03-15
| | | | | | | | | | | Until recently it was very difficult to execute any scripts if part of a task failed. A new feature in Cirrus-CI makes this easy. Use it to post a notice on IRC when any task fails. Also: Add quotes around yaml-string values for consistency and syntax-highlighting correctness. Signed-off-by: Chris Evich <cevich@redhat.com>
* Add gating tasksbaude2019-03-13
| | | | | | | | | | | to protect against regressions, we need to add a few gating tasks: * build with varlink * build podman-remote * build podman-remote-darwin we already have a gating task for building without varlink Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #2531 from cevich/rootless_stubOpenShift Merge Robot2019-03-09
|\ | | | | Cirrus: Add dedicated rootless mode testing
| * Cirrus: Add dedicated rootless mode testingChris Evich2019-03-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Certain integration tests require execution as a regular user. This is acomplished by `PodmanTest.PodmanAsUserBase()` wrapping a specialized execution environment, in `test/utils/utils.go`. However, doing this requires passing through python, which vastly increases the complexity of debugging low-level problems. This commit introduces a new parallel task, run as a regular user on the VM as set by three environment variables. All commands executed in the ``rootless_test.sh`` script, will occur as a real user with a name and home directory, just as `$DIETY` intended. All env. vars established during `environment_setup.sh` (for root) are available. The PR source in `$GOSRC` and `$GOPATH` are owned by this user, and ready for use. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Cirrus: Use imgts container to record metadataChris Evich2019-03-06
|/ | | | | | | | | | | Make use of the built imgts container image to track VM image usage statistics for every automation run. Also update and add small check to the gate test that verifies expected formatting/content of the `.cirrus.yml` file WRT VM Image names. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Stop testing on RHELChris Evich2019-03-04
| | | | | | | | | | | | | It was found that after updating the cache-image for RHEL 7.6, unpredictable integration tests start failing with 'permission denied' errors. Much effort was spent trying to diagnose this, as all other platforms pass. Since running the latest/greatest podman on RHEL, will never be officially supported (by Red Hat - must use RPM podman) this matrix-item is of questionable value. Therefor, this commit disables RHEL testing. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Add BATS package for all platformsChris Evich2019-03-04
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Add a task to Cirrus gating to build w/o VarlinkMatthew Heon2019-02-27
| | | | | | | We had a regression on master where we broke the build for non-Varlink builds. Catch this in CI in the future. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Cirrus: Install Go 1.11 on Ubuntu VMsChris Evich2019-02-22
| | | | | | | | | | | | | | There is no native package for this, so the packaged version must also be installed, otherwise all the support/dependencies would be removed also (like go-md2man). Fix this by installing from the google released tarball, into /usr/local/go and set $GOROOT to point there. Also, include a small fix for hack/get_ci_vm.sh not installing testing dependencies because of an old assumption. ***CIRRUS: REBUILD IMAGES*** Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: add vendor_check_taskValentin Rothberg2019-02-06
| | | | | | | | | | | * Make sure that all vendored dependencies are in sync with the code and the vendor.conf by running `make vendor` with a follow-up status check of the git tree. * Vendor ginkgo and gomega to include the test dependencies. Signed-off-by: Chris Evic <cevich@redhat.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #2213 from cevich/cirrus_imgts_containerOpenShift Merge Robot2019-02-04
|\ | | | | [skip ci] Cirrus: Container for tracking image use
| * [skip ci] Cirrus: Container for tracking image useChris Evich2019-01-24
| | | | | | | | | | | | | | Once built, this container can be utilized by automation to help keep track of VM images. All parameters are passed in via env. vars. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Cirrus: Add RHEL-7 testingChris Evich2019-01-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Add necessary tweaks to base-image build/import process so that image can successfully boot with networking enabled. Build the base image and update ``.cirrus.yml`` accordingly. Also make a minor improvement to cache-image building to help save space in GCP image storage. Namely, instead of storing every produced image, export them into google storage buckets w/ life-cycle enabled. For production use, they may be converted back into GCE images, otherwise they will expire after a time. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Cirrus: Use freshly built imagesChris Evich2019-01-22
|/ | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Consolidate VM image names in once placeChris Evich2019-01-17
| | | | | | | | | | | | | | Previously it was not possible to specify keys from the ``env`` section in the various GCE sections. Now that features is added, consolidate all the cache image definitions into a single place, reducing maintenance burden. This also results in the names passing through into the VMs. This is useful, e.g. for future tracking of image usage statistics. Update get_ci_vm script hints for new image name definition format Signed-off-by: Chris Evich <cevich@redhat.com>
* Bump time for build_each_commit stepMatthew Heon2019-01-04
| | | | | | | The limit of build_each_commit seems to be 17 commits - any more and it times out. Give it a bit more time to work with. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* cirrus: Use updated images including new cruiChris Evich2018-12-21
| | | | | | | Also add two minor tweaks which were preventing images from building properly. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Skip build all commits test on masterChris Evich2018-12-19
| | | | | | | | | | | | | Fixes: git rebase origin/ -x make fatal: Needed a single revision invalid upstream 'origin/' make: *** [Makefile:351: build-all-new-commits] Error 1 By not running this test post-merge. Signed-off-by: Chris Evich <cevich@redhat.com>
* Makefile: validate that each commit can at least buildGiuseppe Scrivano2018-12-19
| | | | | | | | | it is very useful when using git bisect that at least the commit can build. got inspiration from: https://twitter.com/pid_eins/status/1072797993760423941 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Cirrus: One IRC notice onlyChris Evich2018-12-18
| | | | | | | | | The podbot messages are becoming obnoxious as more distributions are tested. Only call the `success.sh` script once, after all testing was successful. Also make update the message to include more helpful text and url. Signed-off-by: Chris Evich <cevich@redhat.com>
* Add script to create CI VMs for debuggingChris Evich2018-12-14
| | | | | | | | | | | | Frequently debugging of CI-related problems requires going hands-on within the environment. However, reproducing the environment by hand is very tedious and error prone. This script permits authorized users to produce VM's based on any available cache-image, and automatically remove them upon logout. Also: Bump up VM disk sizes to 200GB due to performance reasons Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Migrate PAPR testing of F28 to CirrusChris Evich2018-12-14
| | | | | | | | | | | Since the most recent TWO versions of Fedora are officially supported upstream, both need to be tested. Implement the concept of a 'prior' Fedora release in both base-image and cache-image production. Utilize the produced cache-image to test libpod. Remove F28 testing from PAPR. Much thanks to @baude @giuseppe for help with this. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Document and codify base-image productionChris Evich2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A number of images required for future testing are not present in GCE. Importing them is a long proscribed process prone to errors and complications. Improve this situation by documenting, and encoding the majority of the steps required. Due to the required complexity, these are clearly identified as 'semi-automated'. This means a discerning eye is sometimes needed to address unforeseen problems (networking issues, format or packaging changes, etc). Nevertheless, having these steps in writing, will reduce current and future maintenance burden while supporting future testing needs of RHEL, Fedora and Fedora Atomic Host. Also: * Add necessary configuration, scripts, and Makefile updates needed to prepare RHEL, Fedora, & FAH cloud images for use in GCE. This is a complex, multi-step process where the cloud image is booted un a local user-mod qemu-kvm instance, where it can be modified. From there, it's converted into a specific format, and imported into GCE. Lastly, the imported raw disk data is made available as a GCE VM image. Note: As of this commit, the RHEL base-image builds (CentOS has native image), however neither RHEL or CentOS cache-images build correctly. * Left testing on FAH disabled, the GCE/Cirrus integration needs needs more work. Specifically, the python3-based google startup script service throws a permission-denied (as root) when trying to create a temp. directory. Did not investigate further, though manually running the startup script does allow the libpod tests to start running. * Enabled Fedora 29 image to execute tests and general use. * Utilize the standardized F28-based container image for gating of more the intensive unit and integration testing. Update documentation to reflect this as the standard platform for these checks. Rename tasks with shorter names and to better reflect their purpose. * Cirrus: Trim unnecessary env vars before testing since the vast majority are only required for orchestration purposes. Since most are defined within `.cirrus.yml`, it's a good place to store the list of undesirables. Since each of the cirrus-scripts runs in it's own shell, unsetting these near the end will have no consequence. Also trim down the number of calls to show_env_vars() Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Use Makefile for image-buildingChris Evich2018-12-06
| | | | | | | | | | | | | | | | | | | | The packer tool takes JSON as input for the details of producing VM images to be used for PR CI-testing. JSON is not a very human-friendly format, without support for comments and frequently containing lots of duplicate data. Fix this by using a Makefile + simple python one-liner to convert from a human-friendly YAML format into packer-native JSON. This allows use of anchors/aliases to reduce duplication, and allows inline comments for easier maintainability. This also allows separating the 'test' action from the 'build' action, for earlier and better syntax problem detection. Lastly, there are some minor ``lib.sh`` and ``integration_test.sh`` updates to support future work, and slightly improve the build and test environments. Signed-off-by: Chris Evich <cevich@redhat.com>
* test: update runc againGiuseppe Scrivano2018-12-04
| | | | | | | | | | the regression we noticed in runc was fixed upstream: https://github.com/opencontainers/runc/pull/1943 so we can use again runc from master. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* cirrus: update ubuntu imageGiuseppe Scrivano2018-11-30
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Dockerfile, .cirrus.yml: update runc commitGiuseppe Scrivano2018-11-30
| | | | | | | | | | | | | | | | | | we need to inherit this change from runc. commit 869add33186caff4a22e3e11a7472a2d48d77889: rootless: fix running with /proc/self/setgroups set to deny This is a regression from 06f789cf26774dd64cb2a9cc0b3c6a6ff832733b when the user namespace was configured without a privileged helper. To allow a single mapping in an user namespace, it is necessary to set /proc/self/setgroups to "deny". For a simple reproducer, the user namespace can be created with "unshare -r". Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Update ubuntu VM image w/ newer runcChris Evich2018-11-30
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Point CRIU_COMMIT to CRIU release 3.11Adrian Reber2018-11-28
| | | | | | The old commit points to the development branch and is not stable. Signed-off-by: Adrian Reber <areber@redhat.com>
* Updated CRIO_COMMIT to pull in new conmon for CRIUAdrian Reber2018-11-28
| | | | Signed-off-by: Adrian Reber <areber@redhat.com>
* Cirrus: Simplify optional system-test scriptChris Evich2018-11-13
| | | | | | | | | | | | | Previously it was required to call the verify, unit, and integration scripts in order to build/install dependencies, and libpod. This wastes time during the (optional) system-testing, since the actual unit/integration testing is also happening in parallel. Consolidate only the distribution-specific build steps into the system-testing script. This way, only the required steps are performed in their respective (parallel) tasks. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Reveal magic, parallel system-testingChris Evich2018-11-13
| | | | | | | | | | | | | Previously, several magic strings were in place to affect cirrus-ci operations. Two were buried within scripts. One to optionally execute system-tests within a PR. Another to avoid re-building cache-images upon every merge. Move these magic strings out into the open, buy locating their logic up-front in the ``.cirrus.yml`` file. This improves readability and reduces surprise/astonishment at runtime. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #1616 from cevich/cirrus_add_systemtestOpenShift Merge Robot2018-11-07
|\ | | | | Cirrus-CI: Add option to run system-tests
| * Cirrus-CI: Add option to run system-testsChris Evich2018-10-31
| | | | | | | | | | | | | | | | | | | | | | | | Normally, we would not run system-tests as part of PR-level CI, they're simply too heavy-weight and complex. However, in some instances it may be desirable to provide a quick feedback loop, prior to release packaging and official testing. Enable this by executing the system-tests when a magic string is present in the PR description: ``***CIRRUS: SYSTEM TEST***`` Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #1624 from cevich/update_fedoraOpenShift Merge Robot2018-11-01
|\ \ | | | | | | Cirrus: Enable updating F28 image
| * | Cirrus: Enable updating F28 imageChris Evich2018-10-31
| |/ | | | | | | | | | | | | | | | | | | Previously this was disabled as some package was breaking networking on GCE after updating + rebooting. This is fixed now, so we should update packages when building the fedora test VM image. https://pagure.io/cloud-sig/issue/292 Signed-off-by: Chris Evich <cevich@redhat.com>
* / Cirrus: Disable image build job abort on pushChris Evich2018-10-31
|/ | | | | | | | | Normally cirrus will abort jobs if another push is made to a branch. However, with image builds, other VMs are created/managed by packer. Therefor if cirrus aborts a task, it's possible some packer managed VMs will be left behind. Disable this behavior for image-building only. Signed-off-by: Chris Evich <cevich@redhat.com>
* Update the runc commit used for testingChris Evich2018-10-29
| | | | | | | Use image ubuntu-1804-bionic-v20180911-libpod-63a86a18 which was built with RUNC_COMMIT 78ef28e63bec2ee4c139b5e3e0d691eb9bdc748d. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Use images w/ buildah fixChris Evich2018-10-23
| | | | | | Ref: https://github.com/containers/buildah/pull/1109 Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #1648 from cevich/cirrus_podbotOpenShift Merge Robot2018-10-23
|\ | | | | Add simple IRC messenger