| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
we need to inherit this change from runc.
commit 869add33186caff4a22e3e11a7472a2d48d77889:
rootless: fix running with /proc/self/setgroups set to deny
This is a regression from 06f789cf26774dd64cb2a9cc0b3c6a6ff832733b
when the user namespace was configured without a privileged helper.
To allow a single mapping in an user namespace, it is necessary to set
/proc/self/setgroups to "deny".
For a simple reproducer, the user namespace can be created with
"unshare -r".
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
| |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
|
|
|
|
| |
The old commit points to the development branch and is not stable.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| |
|
|
| |
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Previously it was required to call the verify, unit, and integration
scripts in order to build/install dependencies, and libpod. This
wastes time during the (optional) system-testing, since the
actual unit/integration testing is also happening in parallel.
Consolidate only the distribution-specific build steps into the
system-testing script. This way, only the required steps are performed
in their respective (parallel) tasks.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, several magic strings were in place to affect cirrus-ci
operations. Two were buried within scripts. One to optionally
execute system-tests within a PR. Another to avoid re-building
cache-images upon every merge.
Move these magic strings out into the open, buy locating their
logic up-front in the ``.cirrus.yml`` file. This improves
readability and reduces surprise/astonishment at runtime.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\
| |
| | |
Cirrus-CI: Add option to run system-tests
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Normally, we would not run system-tests as part of PR-level CI, they're
simply too heavy-weight and complex. However, in some instances it may
be desirable to provide a quick feedback loop, prior to release packaging
and official testing. Enable this by executing the system-tests when
a magic string is present in the PR description:
``***CIRRUS: SYSTEM TEST***``
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \
| | |
| | | |
Cirrus: Enable updating F28 image
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously this was disabled as some package was breaking networking on
GCE after updating + rebooting. This is fixed now, so we should update
packages when building the fedora test VM image.
https://pagure.io/cloud-sig/issue/292
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |/
|
|
|
|
|
|
|
| |
Normally cirrus will abort jobs if another push is made to a branch.
However, with image builds, other VMs are created/managed by packer.
Therefor if cirrus aborts a task, it's possible some packer managed VMs
will be left behind. Disable this behavior for image-building only.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
|
|
|
|
|
| |
Use image ubuntu-1804-bionic-v20180911-libpod-63a86a18 which was built
with RUNC_COMMIT 78ef28e63bec2ee4c139b5e3e0d691eb9bdc748d.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
|
|
|
|
| |
Ref: https://github.com/containers/buildah/pull/1109
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\
| |
| | |
Add simple IRC messenger
|
| | |
| |
| |
| |
| |
| | |
This reverts commit b610913ef55ac36d0b145a7d20461649650cc5a1.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Add a naive python script that's able to connect to IRC and send a
single line of text to the #podman channel. Wrap this in a new
library function to ensure nick-name collisions are unlikely.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Just noticed this in Dockerfile.Fedora. Updated all the right
places to make this happen.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
An invalid GCE value is being passed to packer, preventing it from
building VM images. Fix this, and centralize the definition of the
image name suffix by setting it at ``setup_environment.sh`` call-time,
rather encoding inside packer's `libpod_images.json`. This makes
the value available for use by other scripts.
Also, switch the unique component of the name, to be based on the
commit-sha being tested. This will improve traceability, since the git
history is more permanent than the `CIRRUS_BUILD_ID` env. var. The
later is subject to log-rotation, destroying evidence of the images
source state.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
There have been some python-podman flakes observed across multiple CI
systems. Support capturing a VM for further investigation in the
event of a non-zero exit. This is done by printing a warning message
and delaying script-exit for a long time. Hopefully a human will notice
and have an opportunity to enable deletion-protection on the VM.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Don't waste GCE VM resources for 30-min of testing,
when verify would fail after 3-minutes. This is
the simpelest mechanism to save cloud CPU-time
while GCE is under trial-status (can not set quotas).
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
|
|
|
|
|
| |
These can increase again, once we have more control over setting quotas
in GCE. At the moment it's limited because of trial-account status.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Testing podman requires exercising on a full-blown VM. The current
containerized-approach is complicated, and mostly a band-aid over
shortcomings in the other CI systems. Namely, we want:
* To pre-build environments with dependencies to reduce the
setup time needed for testing.
* The ability to verify the pre-built environments are working
before utilizing them for further testing.
* A simple, single set of flexible automation instructions to
reduce maintenance burden.
* Ease of environment reproduction across clouds or locally, for
debugging failures.
This change leverages Cirrus-CI + Packer + collection of shell scripts
to realize all of the above.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|
|
Signed-off-by: baude <bbaude@redhat.com>
|
