aboutsummaryrefslogtreecommitdiff
path: root/.cirrus.yml
Commit message (Collapse)AuthorAge
* Cirrus: Document and codify base-image productionChris Evich2018-12-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A number of images required for future testing are not present in GCE. Importing them is a long proscribed process prone to errors and complications. Improve this situation by documenting, and encoding the majority of the steps required. Due to the required complexity, these are clearly identified as 'semi-automated'. This means a discerning eye is sometimes needed to address unforeseen problems (networking issues, format or packaging changes, etc). Nevertheless, having these steps in writing, will reduce current and future maintenance burden while supporting future testing needs of RHEL, Fedora and Fedora Atomic Host. Also: * Add necessary configuration, scripts, and Makefile updates needed to prepare RHEL, Fedora, & FAH cloud images for use in GCE. This is a complex, multi-step process where the cloud image is booted un a local user-mod qemu-kvm instance, where it can be modified. From there, it's converted into a specific format, and imported into GCE. Lastly, the imported raw disk data is made available as a GCE VM image. Note: As of this commit, the RHEL base-image builds (CentOS has native image), however neither RHEL or CentOS cache-images build correctly. * Left testing on FAH disabled, the GCE/Cirrus integration needs needs more work. Specifically, the python3-based google startup script service throws a permission-denied (as root) when trying to create a temp. directory. Did not investigate further, though manually running the startup script does allow the libpod tests to start running. * Enabled Fedora 29 image to execute tests and general use. * Utilize the standardized F28-based container image for gating of more the intensive unit and integration testing. Update documentation to reflect this as the standard platform for these checks. Rename tasks with shorter names and to better reflect their purpose. * Cirrus: Trim unnecessary env vars before testing since the vast majority are only required for orchestration purposes. Since most are defined within `.cirrus.yml`, it's a good place to store the list of undesirables. Since each of the cirrus-scripts runs in it's own shell, unsetting these near the end will have no consequence. Also trim down the number of calls to show_env_vars() Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Use Makefile for image-buildingChris Evich2018-12-06
| | | | | | | | | | | | | | | | | | | | The packer tool takes JSON as input for the details of producing VM images to be used for PR CI-testing. JSON is not a very human-friendly format, without support for comments and frequently containing lots of duplicate data. Fix this by using a Makefile + simple python one-liner to convert from a human-friendly YAML format into packer-native JSON. This allows use of anchors/aliases to reduce duplication, and allows inline comments for easier maintainability. This also allows separating the 'test' action from the 'build' action, for earlier and better syntax problem detection. Lastly, there are some minor ``lib.sh`` and ``integration_test.sh`` updates to support future work, and slightly improve the build and test environments. Signed-off-by: Chris Evich <cevich@redhat.com>
* test: update runc againGiuseppe Scrivano2018-12-04
| | | | | | | | | | the regression we noticed in runc was fixed upstream: https://github.com/opencontainers/runc/pull/1943 so we can use again runc from master. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* cirrus: update ubuntu imageGiuseppe Scrivano2018-11-30
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Dockerfile, .cirrus.yml: update runc commitGiuseppe Scrivano2018-11-30
| | | | | | | | | | | | | | | | | | we need to inherit this change from runc. commit 869add33186caff4a22e3e11a7472a2d48d77889: rootless: fix running with /proc/self/setgroups set to deny This is a regression from 06f789cf26774dd64cb2a9cc0b3c6a6ff832733b when the user namespace was configured without a privileged helper. To allow a single mapping in an user namespace, it is necessary to set /proc/self/setgroups to "deny". For a simple reproducer, the user namespace can be created with "unshare -r". Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Update ubuntu VM image w/ newer runcChris Evich2018-11-30
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Point CRIU_COMMIT to CRIU release 3.11Adrian Reber2018-11-28
| | | | | | The old commit points to the development branch and is not stable. Signed-off-by: Adrian Reber <areber@redhat.com>
* Updated CRIO_COMMIT to pull in new conmon for CRIUAdrian Reber2018-11-28
| | | | Signed-off-by: Adrian Reber <areber@redhat.com>
* Cirrus: Simplify optional system-test scriptChris Evich2018-11-13
| | | | | | | | | | | | | Previously it was required to call the verify, unit, and integration scripts in order to build/install dependencies, and libpod. This wastes time during the (optional) system-testing, since the actual unit/integration testing is also happening in parallel. Consolidate only the distribution-specific build steps into the system-testing script. This way, only the required steps are performed in their respective (parallel) tasks. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Reveal magic, parallel system-testingChris Evich2018-11-13
| | | | | | | | | | | | | Previously, several magic strings were in place to affect cirrus-ci operations. Two were buried within scripts. One to optionally execute system-tests within a PR. Another to avoid re-building cache-images upon every merge. Move these magic strings out into the open, buy locating their logic up-front in the ``.cirrus.yml`` file. This improves readability and reduces surprise/astonishment at runtime. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #1616 from cevich/cirrus_add_systemtestOpenShift Merge Robot2018-11-07
|\ | | | | Cirrus-CI: Add option to run system-tests
| * Cirrus-CI: Add option to run system-testsChris Evich2018-10-31
| | | | | | | | | | | | | | | | | | | | | | | | Normally, we would not run system-tests as part of PR-level CI, they're simply too heavy-weight and complex. However, in some instances it may be desirable to provide a quick feedback loop, prior to release packaging and official testing. Enable this by executing the system-tests when a magic string is present in the PR description: ``***CIRRUS: SYSTEM TEST***`` Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #1624 from cevich/update_fedoraOpenShift Merge Robot2018-11-01
|\ \ | | | | | | Cirrus: Enable updating F28 image
| * | Cirrus: Enable updating F28 imageChris Evich2018-10-31
| |/ | | | | | | | | | | | | | | | | | | Previously this was disabled as some package was breaking networking on GCE after updating + rebooting. This is fixed now, so we should update packages when building the fedora test VM image. https://pagure.io/cloud-sig/issue/292 Signed-off-by: Chris Evich <cevich@redhat.com>
* / Cirrus: Disable image build job abort on pushChris Evich2018-10-31
|/ | | | | | | | | Normally cirrus will abort jobs if another push is made to a branch. However, with image builds, other VMs are created/managed by packer. Therefor if cirrus aborts a task, it's possible some packer managed VMs will be left behind. Disable this behavior for image-building only. Signed-off-by: Chris Evich <cevich@redhat.com>
* Update the runc commit used for testingChris Evich2018-10-29
| | | | | | | Use image ubuntu-1804-bionic-v20180911-libpod-63a86a18 which was built with RUNC_COMMIT 78ef28e63bec2ee4c139b5e3e0d691eb9bdc748d. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Use images w/ buildah fixChris Evich2018-10-23
| | | | | | Ref: https://github.com/containers/buildah/pull/1109 Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #1648 from cevich/cirrus_podbotOpenShift Merge Robot2018-10-23
|\ | | | | Add simple IRC messenger
| * Revert "Cirrus: Enable debugging delay on non-zero exit"Chris Evich2018-10-18
| | | | | | | | | | | | This reverts commit b610913ef55ac36d0b145a7d20461649650cc5a1. Signed-off-by: Chris Evich <cevich@redhat.com>
| * Cirrus: IRC message when cirrus testing successfulChris Evich2018-10-18
| | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
| * cirrus: Add simple IRC messengerChris Evich2018-10-18
| | | | | | | | | | | | | | | | Add a naive python script that's able to connect to IRC and send a single line of text to the #podman channel. Wrap this in a new library function to ensure nick-name collisions are unlikely. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Cirrus: Install CRIU in test imagesChris Evich2018-10-18
| | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | Cirrus: Use different CNI_COMMIT for FedoraChris Evich2018-10-18
| | | | | | | | | | | | | | Just noticed this in Dockerfile.Fedora. Updated all the right places to make this happen. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Fix Cirrus/Packer VM image buildingChris Evich2018-10-18
|/ | | | | | | | | | | | | | | | An invalid GCE value is being passed to packer, preventing it from building VM images. Fix this, and centralize the definition of the image name suffix by setting it at ``setup_environment.sh`` call-time, rather encoding inside packer's `libpod_images.json`. This makes the value available for use by other scripts. Also, switch the unique component of the name, to be based on the commit-sha being tested. This will improve traceability, since the git history is more permanent than the `CIRRUS_BUILD_ID` env. var. The later is subject to log-rotation, destroying evidence of the images source state. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Enable debugging delay on non-zero exitChris Evich2018-10-15
| | | | | | | | | | There have been some python-podman flakes observed across multiple CI systems. Support capturing a VM for further investigation in the event of a non-zero exit. This is done by printing a warning message and delaying script-exit for a long time. Hopefully a human will notice and have an opportunity to enable deletion-protection on the VM. Signed-off-by: Chris Evich <cevich@redhat.com>
* Re-add source-verify in cirrus-ciChris Evich2018-10-05
| | | | | | | | | Don't waste GCE VM resources for 30-min of testing, when verify would fail after 3-minutes. This is the simpelest mechanism to save cloud CPU-time while GCE is under trial-status (can not set quotas). Signed-off-by: Chris Evich <cevich@redhat.com>
* Lower CPU/Memory usage by cirrus VMsChris Evich2018-10-05
| | | | | | | These can increase again, once we have more control over setting quotas in GCE. At the moment it's limited because of trial-account status. Signed-off-by: Chris Evich <cevich@redhat.com>
* Add configuration for Cirrus-CIChris Evich2018-10-04
| | | | | | | | | | | | | | | | | | | | Testing podman requires exercising on a full-blown VM. The current containerized-approach is complicated, and mostly a band-aid over shortcomings in the other CI systems. Namely, we want: * To pre-build environments with dependencies to reduce the setup time needed for testing. * The ability to verify the pre-built environments are working before utilizing them for further testing. * A simple, single set of flexible automation instructions to reduce maintenance burden. * Ease of environment reproduction across clouds or locally, for debugging failures. This change leverages Cirrus-CI + Packer + collection of shell scripts to realize all of the above. Signed-off-by: Chris Evich <cevich@redhat.com>
* disable gce building of imagesbaude2018-10-04
Signed-off-by: baude <bbaude@redhat.com>