summaryrefslogtreecommitdiff
path: root/.cirrus.yml
Commit message (Collapse)AuthorAge
* Cirrus: Fix artifact passing when dep. skippedChris Evich2022-06-08
| | | | | | | | | | | When passing artifacts from one task to another, if a direct dependency was not created due to `only_if`, a race condition can occur: The descendent task may start running prior to the indirect (but required) dependency (`build` in this case) completing and uploading artifacts. Fix this by spamming a `build` dependency into all tasks which require it (basically everything). Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Simplify only_if/skip + optimize multiarchChris Evich2022-06-07
| | | | | | | | | | | | | | | | | | Using both the 'skip' and 'only_if' features at the same time may be hard for maintainers to decipher. Consolidate them into `only_if` since that bypasses creation of the task all together - meaning there are potentially fewer tasks for a developer to scroll through. Since the `multiarch` Cirrus-Cron build no-longer depends on the direct "build-ability" from the current repo. state, it can be further optimized. When operating in this context, avoid running many/most other tasks, depending instead only on `ext_svc_check`. Finally, add a simple document describing the various runtime contexts along with the list of expected tasks. Reference this prominently right in front of every `only_if` so it's impossible for a maintainer to miss. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #14240 from cevich/fix_multiarch_buildOpenShift Merge Robot2022-05-23
|\ | | | | [CI:BUILD] Cirrus: Fix building multiarch images
| * Cirrus: Fix building multiarch imagesChris Evich2022-05-23
| | | | | | | | | | | | | | | | | | | | | | | | The caching update made in https://github.com/containers/podman/pull/14016 neglected to attend to the "git repo." needs of this task. Fix this so images can build. Also, make this optional task only appear when the `[CI:BUILD]` magic string is used. No reason to tempt every PR author to press a mysterious button labeled 'trigger'. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Move GOPROXY from Makefile to cirrus.ymlKir Kolyshkin2022-05-17
| | | | | | | | | | | | | | | | | | | | | | GOPROXY's default value is "https://proxy.golang.org,direct" since go 1.13, so it is redundant to set it explicitly. For some reason though, GOPROXY in Cirrus CI is set to direct, which makes things such as go mod tidy very slow. So, set the proper (default) value for in in .cirrus.yml. Do the same for GOSUMDB. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* | Makefile, podman.spec.rpkg: rm GOBIN and GOPATHKir Kolyshkin2022-05-17
|/ | | | | | | | | | | | | | | | | | | Remove GOPATH setting as since Go 1.9 it defaults to $HOME/go (for earlier versions it had to be specified explicitly). Remove GOPATH-related code from the spec, using relative paths when compiling packages, and enable Go modules, simplifying the spec. Remove support for multiple paths in GOPATH (which is rarely used and doesn't really work with modules). Remove setting GOBIN, rely on $GOPATH/bin instead. In case GOBIN is explicitly set (which is highly unlikely), forcefully ignore by unsetting it. Remove GOBIN from tools invocation since we added GOPATH/bin to PATH. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* Cirrus: Update images + new automation libraryChris Evich2022-05-10
| | | | | | | | Add support for new automation library version w/ `$DEBUG` fix (ref: containers/automation_images#128) and added definitions for commonly used Distro/version variables. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Simplify use of cache in automationChris Evich2022-05-10
| | | | | | | | | | | | | | | | | With the increasingly complex `.cirrus.yml` task relationships, build cache wasn't always working as intended. Recently, non-build tasks were observed assuming authority over `gopath_cache`. Ref.: https://github.com/containers/podman/pull/13998#issuecomment-1108834538 Address this by an overall simplification using artifacts instead of cache. Using artifacts allows establishing concrete authorship/authority over cached repo. content. In this way, dependent tasks may simply consume the artifact with `curl` instead of relying on complex caching algorithms. Also/Minor: Add YAML checking to the pre-commit configuration. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Test w/ netavark/aardvark-dns in F36+Chris Evich2022-04-27
| | | | | | | | | | | | | | | | | | | | Now that netavark and aardvark are packaged and default in F36, support CNI-based testing in F35 and Ubuntu. * Remove the temporary/special `$TEST_ENVIRON=host-netavark` construct. * Remove dedicated/special integration and system testing tasks. * Update test-config setup to properly handle CNI vs netavark/aardvark environments. * Update package-version logging to operate based on installed packages (along with some other minor script cleanups). * Update global environment setup to force `$NETWORK_BACKEND=netavark` in F36 and later. Except when `upgrade_test` task runs. * Discontinue installing netavark and aardvark-dns binaries from upstream build artifacts. * Drop CGV1-vs-2 policy check. Ubuntu VMs now exclusively test CGv1, Fedora VMs test CGv2, with F35 testing CNI and F36 testing Netavark. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Update to F36 CI VM ImagesChris Evich2022-04-27
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Revert "Cirrus: Disable F34 aka prior-fedora testing"Chris Evich2022-04-27
| | | | | | This reverts commit 7b55ab4426712277774da8bf31d78ca66beb2421. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Fix missing git-enforced runtime identityChris Evich2022-04-21
| | | | | | | | | Newer versions of git (like `2.35`) fail on certain operations (like `rebase` and `am`) without a local identity. Add a fake one from the start, with a clearly identifiable test-value to avoid problems at runtime. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #13828 from cevich/fix_cron_checkOpenShift Merge Robot2022-04-12
|\ | | | | [CI:BUILD] Cirrus: Fix unsupported cirrus-cron build status
| * Cirrus: Fix unsupported cirrus-cron build statusChris Evich2022-04-11
| | | | | | | | | | | | | | | | | | | | | | | | Every weekday when the `check_cirrus_cron` github-actions workflow runs. It checks the status of all cirrus-cron jobs. If a build is found with a 'FAILED' status, it triggers an alert e-mail to be sent. However, the `test_image_build` is marked as a manually-triggered, resulting in a perpetual status of 'EXECUTING', even if there were failures. Fix this by only allowing the problematic task to run in pull requests without the `[CI:DOCS]` magic keyword. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Cirrus: Multi-arch build auto-update + tagging updateChris Evich2022-04-07
|/ | | | | | | | | | | | | | | | This new VM image brings in two important updates to multi-arch image build operations: 1. Future operational changes will no-longer require also updating VM images. Updates to build-push made in `containers/automation_images` will automatically be picked up at runtime. ref: https://github.com/containers/automation_images/pull/123 2. On the next run, both `vX` and `vX.Y` tagged manifest-lists will be pushed. This is now also reflected in the README. ref: https://github.com/containers/automation_images/pull/125 Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Allow manually running image-build taskChris Evich2022-03-31
| | | | | | | | | | Building multi-arch images in a standardized way is complex. Some of the builds themselves can take a really long time to run (over an hour). Make changes easier to test inside a PR by adding manually-triggered image-build tasks. These mirror most of the real cron-triggered task, without actually pushing the final images. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Upd VM images to fix multi-arch build bugChris Evich2022-03-31
| | | | | | Ref: https://github.com/containers/automation_images/pull/122 Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #13697 from edsantiago/upgrade_test_matrixOpenShift Merge Robot2022-03-30
|\ | | | | Upgrade tests: reexamine cross-testing matrix
| * Upgrade tests: reexamine cross-testing matrixEd Santiago2022-03-29
| | | | | | | | | | | | | | | | | | | | | | | | - removed: v1.9.0, v2.0.6 + added: v3.4.0 (Cannot add v4 because there's no such image on quay. As soon as one appears, we should add it.) Add a workaround for a UTS namespace conflict new in v3.4 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Cirrus: Build multi-arch images + manifestsChris Evich2022-03-28
|/ | | | | | | | | | | Github-actions for large/complex tasks is hard to read and maintain. Reimplement the multi-arch image build workflow into a set of bash scripts that use all native contrainer-org tooling. This requires a special VM image setup with emulation to build foreign architectures. It also requires renaming the `helloimage` directory, because the build script uses the directory name in the image FQIN. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Publish binary artifacts on successChris Evich2022-03-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In general continuous-delivery (CD) tends to pair well with CI. More specifically, there is a need for some reverse-dependency CI testing in netavark/aardvark-dns. In all cases, the download URL needs to remain consistent, without elements like `Build%20for%20fedora-35`. The 'Total Success' task only ever executes when all dependencies are successful. When a non `[CI:DOCS]` build is successful, gather all binary/release artifacts in a new task which depends on 'Total Success'. This will provide a uniform name (`artifacts`) and URL for downstream users to use. For example: https://api.cirrus-ci.com/v1/artifact/github/containers/podman/artifacts/binary.zip or https://api.cirrus-ci.com/v1/artifact/github/containers/podman/artifacts/binary/FILENAME Where ***FILENAME*** is one of: * `podman` * `podman-remote` * `rootlessport` * `podman-release-386.tar.gz` * `podman-release-amd64.tar.gz` * `podman-release-arm64.tar.gz` * `podman-release-arm.tar.gz` * `podman-release-mips64le.tar.gz` * `podman-release-mips64.tar.gz` * `podman-release-mipsle.tar.gz` * `podman-release-mips.tar.gz` * `podman-release-ppc64le.tar.gz` * `podman-release-s390x.tar.gz` * `podman-remote-release-darwin_amd64.zip` * `podman-remote-release-darwin_arm64.zip` * `podman-remote-release-windows_amd64.zip` * `podman-v4.0.0-dev.msi` Signed-off-by: Chris Evich <cevich@redhat.com>
* Add tests with Docker Compose v2Matthew Heon2022-03-17
| | | | | | | | | | | Add a pair of new Cirrus test suites using Compose v2 instead of Compose v1 (as is currently packaged in Fedora). They work identically, and run the same tests, as the Compose v1 tests, but with the new v2 binary instead. [NO NEW TESTS NEEDED] This adds an entire Cirrus suite... Signed-off-by: Matthew Heon <mheon@redhat.com>
* Cirrus: Disable F34 aka prior-fedora testingChris Evich2022-02-17
| | | | | | | | | | Podman 4.0 will never be supported in F34, and the use of F35 in CI is temporary until F36 is brought up to speed. Rather than fight with testing issues that will never be fixed/supported, simply disable it. This commit may be reverted at a future date when F36 VM support is added. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Use updated VM imagesChris Evich2022-02-17
| | | | | | | | | | | Mainly this is to confirm some changes needed for the podman-py CI setup don't disrupt operations here. Ref: https://github.com/containers/automation_images/pull/111 Also includes a minor steup fix WRT setting up for test-rpm build. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Expand netavark testing to include rootlessChris Evich2022-02-04
| | | | | | | | | | The list of netavark/aardvark-dns tasks is likely to be ever-growing for the near-term. Consolidate them into a single task entry with a matrix attribute to make future expansions less YAML-duplicative. Also, re-arrange it to fall in-between the CNI integration and system task sections. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Add netavark/aardvark system test taskChris Evich2022-02-03
| | | | | | | Also add a system-test that verifies netavark driver is in use when magic env. var. is set. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Minor - limit release task applicabilityChris Evich2022-02-02
| | | | | | | | | | | | This task/test is guaranteed to fail on non-release PRs. Upon reviewing actual practice and the release docs, this task should be limited to PRs with a title containing `release` or `bump` keywords. Also fix a minor comment typo. Ref: https://github.com/containers/podman/pull/13106#pullrequestreview-869855449 Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Add [CI:BUILD] magic that only buildsChris Evich2022-02-01
| | | | | | | | This is intended for cases where no code changes were made in this repo. but something did change which could affect the toolchain. For example, `Makefile` or packaging changes. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #12814 from cevich/netavarkOpenShift Merge Robot2022-02-01
|\ | | | | Cirrus: Add e2e task w/ upstream netavark
| * Cirrus: Also download aardvark-dns binaryChris Evich2022-01-24
| | | | | | | | | | | | | | | | This involves a minor code-change so the download/install can run in a loop for the two different repositories and binaries. Given everything is exactly the same except the URLs and names. Signed-off-by: Chris Evich <cevich@redhat.com>
| * Cirrus: Add e2e task w/ upstream netavarkChris Evich2022-01-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR adds the CI mechanisms to obtain the latest upstream netavark binary, and set a magic env-var to indicate e2e tests should execute podman with `--network-driver=netavark`. A future commit implement this functionality within the e2e tests. Due to the way the new environment is enabled, the standard task name is too long for github to display without adding ellipsis. Force the custom task name `Netavark Integration` to workaround this. At some future point, when netavark is more mainstream/widely supported, this custom task and upstream binary install can simply be removed - i.e. netavark will simply be used by default in the normal e2e tasks. Signed-off-by: Chris Evich <cevich@redhat.com>
* | CI: enable rootless-remote system testsEd Santiago2022-01-24
|/ | | | | | | | | | | | Minimal: only test Fedora.Latest. Reason: podman 4.0.0-0.2.rc2 broke bodhi gating tests: https://github.com/containers/podman/issues/12989 Requires skipping two recently-added tests that use 'podman unshare', which doesn't work on remote. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Revert "Cirrus: Temporarily disable OSX Cross task"Chris Evich2022-01-18
| | | | | | This reverts commit 860463d97eb3a006f2c608165d9e657be86080ec. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Temporarily disable OSX Cross taskChris Evich2022-01-17
| | | | | | | | | | At the time of this commit, something is broken within Cirrus-CI or dependent infrastructure. This appears to be causing all OSX tasks to hang in the scheduling queue indefinitely. Workaround this by disabling the task to allow development work to proceed while a fix is realized. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Freshen VM imagesChris Evich2022-01-10
| | | | | | | | | Specifically, this brings in `crun 1.4-1` allowing removal of a temporary workaround. Ref: https://github.com/containers/podman/pull/12759 Signed-off-by: Chris Evich <cevich@redhat.com>
* Revert "Cirrus: Temp. ignore gitlab task failures"Chris Evich2022-01-10
| | | | | | | | Ref: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/28766 This reverts commit 8cb93ac1035b8966b03a87ea58366fe9f3fc7887. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Temp. ignore gitlab task failuresChris Evich2021-12-13
| | | | | | | | | Appears related to https://gitlab.com/gitlab-org/gitlab-runner/-/issues/28732 Log: https://cirrus-ci.com/task/5708221852680192?logs=setup#L433 Marking test to be ignored until I can figure out where/how to fix it. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Use cached swagger binaryChris Evich2021-12-09
| | | | | | | | | | | | An error was observed in another PR while downloading the swagger binary. The error was relating to the upstream egress quota. Obviously our downloading it every time for each CI run isn't helping. Fix this by moving the download into the image-build process, and simply re-use the already present binary here. Ref: https://github.com/containers/automation_images/pull/103 Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Strip out static nix buildChris Evich2021-11-22
| | | | | | Unfortunately the maintainer of this is no longer available Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Bump Fedora to release 35Chris Evich2021-11-18
| | | | | | | | | | | The Fedora 35 cloud images have switched to UEFI boot with a GPT partition. Formerly, all Fedora images included support for runtime re-partitioning. However, the requirement to test alternate storage has since been dropped/removed. Rather than maintain a disused feature, and supporting scripts, these Fedora VM images have reverted to the default: Automatically resize to 100% on boot. Signed-off-by: Chris Evich <cevich@redhat.com>
* Revert "Cirrus: Temp. disable prior-fedora testing"Chris Evich2021-11-18
| | | | | | This reverts commit f35d7f4dc76ca02b741e37f31ddc68c1d3ca9331. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Log more things in bindings and unit testsChris Evich2021-11-18
| | | | | | | These tasks run earlier on, so it's useful to have more detail about the test VM (in general) in case something goes terribly wrong. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Temp. disable prior-fedora testingChris Evich2021-11-11
| | | | | | | With F35 released, F33 is officially dead. Move it out of the way temporarily until F35 VM images are ready. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Update to Ubuntu 21.10Chris Evich2021-11-11
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Add gitlab podman runner testChris Evich2021-09-27
| | | | | | | | | | Add execution of the downstream gitlab-runner tests using rootless podman through the magic of socket-level docker compatibility. Include a comment suggesting how to temporarily disable the test in case it fails beyond podman code scope. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cross-build release-archives w/ arch in filenameChris Evich2021-09-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #11417 Cross-building the podman-remote documentation requires a functional native architecture executable. However `make` only deals with files/timestamps, it doesn't understand if an existing binary will function on the system or not. This makes building cross-platform releases incredibly accident-prone and fragile. A practical way to deal with this, is via multiple conditional (nested) `make` calls along with careful manipulation of `$GOOS` and `$GOARCH`. Also, when cross-building releases be kind to humans and cleanup any non-native binaries left behind. Update the `Alt Arch. Cross` Cirrus-CI task to build release archives for all Linux architectures supported by golang and podman. Update the `OSX Cross` task to additionally build for the M1 (arm64) architecture. Finally, update the release process documentation to reflect the new locations (Cirrus-CI task names) for the release archives. Include a note about additional manual work being required to produce the signed `.dmg` file for MacOS. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: NM/CNI workaround + Remove prior-UbuntuChris Evich2021-09-13
| | | | | | Ref: https://github.com/containers/automation_images/pull/88 Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Run unit-tests rootlessChris Evich2021-09-09
| | | | | | | | | | Previously (for various reasons) the unittests were limited by the Makefile to root-only. However, experimentation via PR #11490 shows they will actually execute and pass when run as a regular user. Enable this for only the latest Fedora VMs, so as to only add one new task to the (already large) set. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Reduce APIv2 task timeoutChris Evich2021-08-31
| | | | | | | | | | | | At the time of this commit, a significant problem has been identified (introduced in f5ce02b227f4). The effect is, `podman pull` has a chance of hanging, especially when re-pulling an existing image. While a fix is in the works, there's no reason to make developers wait the full (default) 1-hour timeout for the APIv2 task. Reduce it to 2x nominal test runtime, so if the hang/flake is hit, the task can be re-run more quickly. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #11374 from cevich/no_api2_cidocsOpenShift Merge Robot2021-08-31
|\ | | | | Cirrus: Skip APIv2 tests for [CI:DOCS]