summaryrefslogtreecommitdiff
path: root/contrib/cirrus/setup_environment.sh
Commit message (Collapse)AuthorAge
* Do not share container log driver for execMatthew Heon2020-06-17
| | | | | | | | | | | | | | | | | | | | | When the container uses journald logging, we don't want to automatically use the same driver for its exec sessions. If we do we will pollute the journal (particularly in the case of healthchecks) with large amounts of undesired logs. Instead, force exec sessions logs to file for now; we can add a log-driver flag later (we'll probably want to add a `podman logs` command that reads exec session logs at the same time). As part of this, add support for the new 'none' logs driver in Conmon. It will be the default log driver for exec sessions, and can be optionally selected for containers. Great thanks to Joe Gooch (mrwizard@dok.org) for adding support to Conmon for a null log driver, and wiring it in here. Fixes #6555 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #6193 from cevich/conmon_ci_packagesOpenShift Merge Robot2020-06-09
|\ | | | | Cirrus: Include packages for containers/conmon CI
| * Cirrus: Include packages for containers/conmon CIChris Evich2020-06-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows the containers/conmon repository to share the same VM images produced by containers/libpod. Included are several packages which are downloaded only since they might otherwise interfere with testing for some repos. This allows stable versions to be at the ready at testing runtime, avoiding any version updates surprising developers. Also, re-enable running the VM-image check test which was not working due to a logic problem in Cirrus-CI configuration. Update the neglected tests so that they pass on all distros. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Enable Ubuntu tests in CIBrent Baude2020-06-08
|/ | | | | | Add updates required for ubuntu and run integration tests Signed-off-by: Brent Baude <bbaude@redhat.com>
* Enable detached exec for remoteMatthew Heon2020-06-02
| | | | | | | | | | | | | | | | | | | | | | | The biggest obstacle here was cleanup - we needed a way to remove detached exec sessions after they exited, but there's no way to tell if an exec session will be attached or detached when it's created, and that's when we must add the exit command that would do the removal. The solution was adding a delay to the exit command (5 minutes), which gives sufficient time for attached exec sessions to retrieve the exit code of the session after it exits, but still guarantees that they will be removed, even for detached sessions. This requires Conmon 2.0.17, which has the new `--exit-delay` flag. As part of the exit command rework, we can drop the hack we were using to clean up exec sessions (remove them as part of inspect). This is a lot cleaner, and I'm a lot happier about it. Otherwise, this is just plumbing - we need a bindings call for detached exec, and that needed to be added to the tunnel mode backend for entities. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Remove libpod.conf from repoMatthew Heon2020-05-12
| | | | | | | | | | | Now that we're shipping containers.conf, we don't want to provide a libpod.conf anymore. This removes libpod.conf from the repo and as many direct uses as I can find. There are a few more mentions in the documentation, but someone more familiar with containers.conf should make those edits. Signed-off-by: Matthew Heon <mheon@redhat.com>
* set binding tests to requiredBrent Baude2020-05-08
| | | | | | | | | | | | | | | | | some small fix ups for binding tests and then make them required. update containers-common V2 bindings tests were failing because of changes introduced in commit a2ad5bb. Fix some typos. Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org> in the case where the specgen attribute for Env and Labels are nil, we should should then make the map IF we have labels and envs that need to be added. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Cirrus: Unify package installationChris Evich2020-04-24
| | | | | | | Also, test-build critical container images depended upon for CI-purposes. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Add support for Fedora 32Chris Evich2020-04-20
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Include packages for buildah CIChris Evich2020-03-19
| | | | | | Also, move some setup steps at VM image build time to save runtime. Signed-off-by: Chris Evich <cevich@redhat.com>
* fix timeout file flakeBrent Baude2020-03-17
| | | | | | this is a temporary fix for the flake that has been troubling us. once conmon is in fedora 30 and 31 stable, we can remove this fix. the images will just need to be rebuilt. Signed-off-by: Brent Baude <bbaude@redhat.com>
* add default network for apiv2 createBrent Baude2020-03-06
| | | | | | | | | | | | | during container creation, if no network is provided, we need to add a default value so the container can be later started. use apiv2 container creation for RunTopContainer instead of an exec to the system podman. RunTopContainer now also returns the container id and an error. added a libpod commit endpoint. also, changed the use of the connections and bindings slightly to make it more convenient to write tests. Fixes: 5366 Signed-off-by: Brent Baude <bbaude@redhat.com>
* Cirrus: Force runc use in F30Chris Evich2020-02-28
| | | | | | | | | | | Suspect crun might be sneaking in during VM image build via podman RPM dependency. Add it to the removal list when building, then also force use of runc at runtime in F30. Also quote all true/false vars to force them as strings instead of booleans (which will become capitalized) Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Print env. vars at end of setup.Chris Evich2020-02-28
| | | | | | | There are a number of env. vars set during the setup script. Therefore displaying them at end of the script is more helpful for debugging. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Fix not growing Fedora rootChris Evich2020-02-28
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: SELinux Enforcing for F31 w/ CGv2Chris Evich2020-02-25
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: F31: Force systemd cgroup mgrChris Evich2020-02-25
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Handle runc->crun when both are possibleChris Evich2020-02-25
| | | | | | | | | | In some distributions it's possible to have both runc and crun installed and/or for podman to be confused about which to use. In these instances, force the decision by adding `OCI_RUNTIME=/usr/bin/crun` into `/etc/environment`. Also in-place modify libpod.conf to use 'crun' instead of 'runc' Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Use deadline elevator in F31Chris Evich2020-02-25
| | | | | | | | | | | | The default scheduler is BFQ but integration tests run into https://bugzilla.redhat.com/show_bug.cgi?id=1767539 aka https://bugzilla.kernel.org/show_bug.cgi?id=205447 Using the deadline elevator as a workaround. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Support testing with F31Chris Evich2020-02-25
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* enable ci on go binding testsBrent Baude2020-02-22
| | | | Signed-off-by: Brent Baude <bbaude@redhat.com>
* Cirrus: Add latest ubuntuChris Evich2019-09-20
| | | | | | | | | | | | Add the latest Ubuntu version into the testing matrix and image-build workflow. This is also needed to support other containers projects which share use of VM images from this one. Update package lists to include needs for contianers/storage use of images. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Fix unnecessary setseboolChris Evich2019-09-11
| | | | | | | By mistake this was added to run for the image-building-VM and is not supported. Kill it. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #3710 from cevich/release_redoOpenShift Merge Robot2019-08-29
|\ | | | | Release redo
| * Cirrus: Reimplement release archive + uploadChris Evich2019-08-28
| | | | | | | | | | | | | | | | The initial implementation was far more complicated than necessary. Strip out the complexities in favor of a simpler and more direct approach. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #3892 from cevich/google_vpcOpenShift Merge Robot2019-08-28
|\ \ | | | | | | Cirrus: Block CNI use of google VPCs
| * | Cirrus: Block CNI use of google VPCsChris Evich2019-08-28
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Specifically pertaining to executing tests in google cloud, there are default, pre-allocated class-a subnetworks for each region (data-center). Each includes a gateway using a `.1` LSB and all are routable from other regions in google cloud via these gateways. Because the default CNI configuration also utilizes class-a subnetworks, this creates the possibility for IPv4 address-space clashes. Since the default regional cloud subnets are pre-defined/known, preventing clashes can be accomplished by seeding these subnets in a dummy CNI configuration. The default behavior of podman is to grab the highest priority CNI configuration. Name the dummy config. appropriate so it always loads last. Also name the bridge itself with an obvious name `do-not-use`, such that any related testing errors should be easier to debug. Also: * Minor cleanup of `install_test_configs()` * Move install_test_configs in `setup_environment.sh` to after possible run of `remove_packaged_podman_files()` because that also strips out `/etc/cni/net.d/87-podman-bridge.conflist`. Signed-off-by: Chris Evich <cevich@redhat.com>
* / Add an integration test for systemd in a containerMatthew Heon2019-08-28
|/ | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #3824 from baude/varlinkendpointtestOpenShift Merge Robot2019-08-26
|\ | | | | Create framework for varlink endpoint integration tests
| * Create framework for varlink endpoint integration testsbaude2019-08-16
| | | | | | | | | | | | | | add the ability to write integration tests similar to our e2e tests for the varlink endpoints. Signed-off-by: baude <bbaude@redhat.com>
* | Cirrus: Minor: Simplify crun test taskChris Evich2019-08-16
|/ | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #3607 from cevich/cgroup2_vmOpenShift Merge Robot2019-08-12
|\ | | | | Add another Fedora VM with cgroups v2 enabled
| * Cirrus: Add experimental fedora VM image & testChris Evich2019-08-12
| | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | cirrus: install crunGiuseppe Scrivano2019-08-12
|/ | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Cirrus: Add Second partition for storage testingChris Evich2019-08-01
| | | | | | | | | | This is mainly/initially to support use of Cirrus-CI in https://github.com/containers/buildah since that setup re-uses the VM images from this project. However, it also opens doors here, if libpod ever needs/wants to do things with a dedicated storage device and/or storage-drivers. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Ubuntu: Set + Test for $RUNC_BINARYChris Evich2019-07-25
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Fix missing removal of packaged podmanChris Evich2019-07-12
| | | | | | This was originally intended, but somehow omitted from #1936 Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #3106 from cevich/cirrus_releaseOpenShift Merge Robot2019-07-10
|\ | | | | Cirrus: Automate releasing of tested binaries
| * Cirrus: Automate releasing of tested binariesChris Evich2019-07-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It's desirable to make archives available of builds containing actual tested content. While not official distro-releases, these will enable third-party testing, experimentation, and development for both branches (e.g. "master") and pull requests (e.g. "pr3106"). * Add a Makefile targets for archiving both regular podman binaries and the remote-client. Encode release metadata within these archives so that their exact source can be identified. * Fix bug with cross-compiling remote clients for the Windows and Darwin platforms. * Add unit-testing of cross-compiles for Windows and Darwin platforms. * A few small CI-script typo-fixes * Add a script which operates in two modes: 1. Call Makefile targets which produce release archives. Upload the archive to Cirrus-CI's built-in caching system using reproducible cache keys. 2. Utilize reproduced cache keys to attempt download of cache from each tasks. When successful, parse the file's release metadata, using it to name the archive file. Upload all recovered archives to a publicly accessible storage bucket for future reference. * Update the main testing task to call the script in mode #1 for all primary platforms. * Add a new `$SPECIALMODE` task to call the script in mode #1 for Windows and Darwin targets. * Add a new 'release' task to the CI system, dependent upon all other tasks. This new tasks executes the script in mode #2. * Update CI documentation Signed-off-by: Chris Evich <cevich@redhat.com>
* | Cirrus: Use packaged dependenciesChris Evich2019-06-27
|/ | | | | | | | | | | | | | | | | | Building/installing dependencies from fixed source-version ensures testing is reliable, but introduces a maintenance burden and risks testing far outside of a real-world environment. The sensible alternative is to install dependencies from distro-packaging systems. Install all development and testing dependencies at VM cache-image build time, to help ensure testing remains stable. The existing cache-image build workflow can be utilized at any future time to build/test with updated packages. ***N/B***: This does not update any dockerfiles used by testing, that is left up to future efforts. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Add support for testing F30Chris Evich2019-06-14
| | | | | | | | | | | | | | | | Remove disused `build_cache_images` task, and update relevant dockerfiles for F30. Fix problem of cloud-init failing to expand root-device on boot (/var/lib/cloud/instance left in improper state). Fix problem of cloud-init racing with google-network-daemon.service on boot (looking for cloudconfig metadata too early). Causing root-device to _sometimes_ fail to expand. Fix problem of hack/get_ci_vm.sh argument passing. Signed-off-by: Chris Evich <cevich@redhat.com>
* split rootless local and remote testingbaude2019-05-31
| | | | Signed-off-by: baude <bbaude@redhat.com>
* Cirrus: workaround root expand failureChris Evich2019-05-21
| | | | | | | | | Occasionally, and seemingly only on F29 the root disk fails to expand upon boot. When this happens, any number of failures could occur if space runs out. Until there is time to investigate the actual cause, workaround this problem by detecting it and acting accordingly. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: fixups based on review feedbackChris Evich2019-05-21
| | | | | | Also remove disused distros (RHEL/CentOS/FAH) and fix get_ci_vm script Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Overhaul/Simplify env. var setupChris Evich2019-05-21
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Run tests on test-built cache-imagesChris Evich2019-05-21
| | | | | | Also, add jq and catatonit installs to images. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Remove "too new" runc hackChris Evich2019-05-21
| | | | | | | | | Hack was to workaround not having fix for: https://bodhi.fedoraproject.org/updates/FEDORA-2019-b4356521ba Update `RUNC_COMMIT` value to match commit id to working package. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #3089 from baude/splittestOpenShift Merge Robot2019-05-15
|\ | | | | split remote tests from distro tests
| * split remote tests from distro testsbaude2019-05-13
| | | | | | | | | | | | | | | | We want the remote tests for our distributions to be tested in a different VM than the local tests. This allows for faster CI runs and easier debug as well as seperation of flakes. Signed-off-by: baude <bbaude@redhat.com>
* | Upgrade to latest criu and selinux-policyAdrian Reber2019-05-06
|/ | | | | | This fixes all the current errors concerning checkpoint/restore. Signed-off-by: Adrian Reber <areber@redhat.com>