summaryrefslogtreecommitdiff
path: root/contrib/cirrus
Commit message (Collapse)AuthorAge
* Optimization: skip tests in some circumstancesEd Santiago2022-04-21
| | | | | | | | | | | | | | | A common pattern is to submit PRs that update only tests or docs. When the only changes are to test/e2e, there is no point in running test/system or test/upgrade or test/buildah-bud. Likewise, reciprocally, and similarly for a bunch of other tests (alt, cross, apiv2, ...) And when the only changes are under docs/ , there is no point in running any of the above. Exception: if $CIRRUS_<mumble> are undefined (e.g., cron), never skip Signed-off-by: Ed Santiago <santiago@redhat.com>
* Cirrus: Allow manually running image-build taskChris Evich2022-03-31
| | | | | | | | | | Building multi-arch images in a standardized way is complex. Some of the builds themselves can take a really long time to run (over an hour). Make changes easier to test inside a PR by adding manually-triggered image-build tasks. These mirror most of the real cron-triggered task, without actually pushing the final images. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #13653 from jmontleon/fix-manifest-push-headerOpenShift Merge Robot2022-03-27
|\ | | | | Resolves #13629 Add RegistryAuthHeader to manifest push
| * Resolves #13629 Add RegistryAuthHeader to manifest pushjason2022-03-26
| | | | | | | | Signed-off-by: Jason Montleon <jmontleo@redhat.com>
* | Merge pull request #13602 from edsantiago/size_check_part2OpenShift Merge Robot2022-03-24
|\ \ | |/ |/| Binary growth check, part 2 of 2
| * Binary growth check, part 2 of 2Ed Santiago2022-03-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a CI check to prevent unwanted bloat in binary images, by building a baseline (pre-PR) binary then comparing file sizes post-PR. Part 1 (#13518) added a new script that runs multiple 'make's, comparing image sizes against an original, and failing loudly if growth is too big. An override mechanism is defined. This is part 2 of 2: adding the CI rule. We couldn't do that in part 1, because the rule would call a script that didn't exist in the pre-PR commit. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #13559 from cevich/success_artifactsOpenShift Merge Robot2022-03-23
|\ \ | |/ |/| [CI:BUILD] Cirrus: Publish binary artifacts on success
| * Cirrus: Publish binary artifacts on successChris Evich2022-03-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In general continuous-delivery (CD) tends to pair well with CI. More specifically, there is a need for some reverse-dependency CI testing in netavark/aardvark-dns. In all cases, the download URL needs to remain consistent, without elements like `Build%20for%20fedora-35`. The 'Total Success' task only ever executes when all dependencies are successful. When a non `[CI:DOCS]` build is successful, gather all binary/release artifacts in a new task which depends on 'Total Success'. This will provide a uniform name (`artifacts`) and URL for downstream users to use. For example: https://api.cirrus-ci.com/v1/artifact/github/containers/podman/artifacts/binary.zip or https://api.cirrus-ci.com/v1/artifact/github/containers/podman/artifacts/binary/FILENAME Where ***FILENAME*** is one of: * `podman` * `podman-remote` * `rootlessport` * `podman-release-386.tar.gz` * `podman-release-amd64.tar.gz` * `podman-release-arm64.tar.gz` * `podman-release-arm.tar.gz` * `podman-release-mips64le.tar.gz` * `podman-release-mips64.tar.gz` * `podman-release-mipsle.tar.gz` * `podman-release-mips.tar.gz` * `podman-release-ppc64le.tar.gz` * `podman-release-s390x.tar.gz` * `podman-remote-release-darwin_amd64.zip` * `podman-remote-release-darwin_arm64.zip` * `podman-remote-release-windows_amd64.zip` * `podman-v4.0.0-dev.msi` Signed-off-by: Chris Evich <cevich@redhat.com>
* | Fix unreadable netavark logsEd Santiago2022-03-22
|/ | | | | | | | | | | ginkgo netavark logs (and, to a lesser extent, cni logs) are unreadable because the hide-boring-opts code did not know about --network-backend. Now it does. Manually filtered an existing netavark log to confirm there are no other new options we should know about. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #13540 from mheon/fix_11822OpenShift Merge Robot2022-03-18
|\ | | | | Deduplicate between Volumes and Mounts in compat API
| * Add tests with Docker Compose v2Matthew Heon2022-03-17
| | | | | | | | | | | | | | | | | | | | | | Add a pair of new Cirrus test suites using Compose v2 instead of Compose v1 (as is currently packaged in Fedora). They work identically, and run the same tests, as the Compose v1 tests, but with the new v2 binary instead. [NO NEW TESTS NEEDED] This adds an entire Cirrus suite... Signed-off-by: Matthew Heon <mheon@redhat.com>
* | logformatter: link to bats sources on errorEd Santiago2022-03-17
|/ | | | | | | | | | | | | | | We already link to ginkgo sources, now add links to bats. Ugly, because we need to hardcode containers/podman (git repo) and test/system (test file path): those can't be determined from the log results like they can in ginkgo. Also, great suggestion from @Luap99: in addition to the 'Annotated results' link which we append to the basic log, include a short summary of failures. This should help a viewer see exactly which test(s) failed, which in turn can be helpful for diagnosing known-flake or real-problem. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Move all python tests to pytestJhon Honce2022-03-04
| | | | | | | * Add configuration to add report header for python client used in tests * Move report headers into the individual test runners vs runner.sh Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Clarify v2 API testing for podman vs docker clientsChris Evich2022-02-28
| | | | | | Fixes: #13273 Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Use updated VM imagesChris Evich2022-02-17
| | | | | | | | | | | Mainly this is to confirm some changes needed for the podman-py CI setup don't disrupt operations here. Ref: https://github.com/containers/automation_images/pull/111 Also includes a minor steup fix WRT setting up for test-rpm build. Signed-off-by: Chris Evich <cevich@redhat.com>
* [CI:DOCS] logformatter: handle python logsEd Santiago2022-02-16
| | | | | | | | | | | | | | | We've got some python tests running in CI, and they're really hard to troubleshoot. This PR: 1) colorizes python unittest lines (ok / skipped / fail), and 2) links to source files The color is nice for skimming, but it's the linking that might make it much easier to diagnose future failures. (Context: failure today in test/python/docker/compat/test_images.py) Signed-off-by: Ed Santiago <santiago@redhat.com>
* Cirrus: Add netavark/aardvark system test taskChris Evich2022-02-03
| | | | | | | Also add a system-test that verifies netavark driver is in use when magic env. var. is set. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Log netavark/aardvark binary build info.Chris Evich2022-02-03
| | | | | | | | Enabled by: * https://github.com/containers/netavark/pull/191 * https://github.com/containers/aardvark-dns/pull/36 Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #12814 from cevich/netavarkOpenShift Merge Robot2022-02-01
|\ | | | | Cirrus: Add e2e task w/ upstream netavark
| * Cirrus: Also download aardvark-dns binaryChris Evich2022-01-24
| | | | | | | | | | | | | | | | This involves a minor code-change so the download/install can run in a loop for the two different repositories and binaries. Given everything is exactly the same except the URLs and names. Signed-off-by: Chris Evich <cevich@redhat.com>
| * Cirrus: Add e2e task w/ upstream netavarkChris Evich2022-01-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR adds the CI mechanisms to obtain the latest upstream netavark binary, and set a magic env-var to indicate e2e tests should execute podman with `--network-driver=netavark`. A future commit implement this functionality within the e2e tests. Due to the way the new environment is enabled, the standard task name is too long for github to display without adding ellipsis. Force the custom task name `Netavark Integration` to workaround this. At some future point, when netavark is more mainstream/widely supported, this custom task and upstream binary install can simply be removed - i.e. netavark will simply be used by default in the normal e2e tasks. Signed-off-by: Chris Evich <cevich@redhat.com>
* | CI: fix nightly buildsLokesh Mandvekar2022-01-31
| | | | | | | | | | | | | | | | | | | | | | | | Nightly builds were failing on CI ever since the Makefile change to have install target independent of build targets. See: e4636ebdc84ca28cf378873435cc9a27c81756f8 This commit ensures everything is built before installation. [NO NEW TESTS NEEDED] Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | Makefile: install targets independent of buildLokesh Mandvekar2022-01-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Building from source would involve separate `make` and `make install` steps. This removes a lot of unnecessary `-nobuild` targets which were otherwise needed for packaging. This commit also removes spec files for unused copr jobs. [NO NEW TESTS NEEDED] Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | Github workflow: Send e-mail on job errorChris Evich2022-01-24
|/ | | | | | | | | | | | | | | This job is designed to be silent when Cirrus-cron executions pass. Unless specifically instructed, the workflow itself will also remain silent if there's an error. Fix this by catching workflow errors and sending a notification e-mail containing a link to the failed run. This also requires listing the recipient addresses directly in the workflow. Otherwise (as previouslly implemented) the value would not be retrieved if/when any previous step raised an error. **Note**: Due to the way this workflow is implemented, there is no way easy way to test it other than directly on the `main` repo. branch. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #12908 from Luap99/network-conf-dirOpenShift Merge Robot2022-01-18
|\ | | | | rename --cni-config-dir to --network-config-dir
| * rename --cni-config-dir to --network-config-dirPaul Holzinger2022-01-18
| | | | | | | | | | | | | | | | Since this option will also be used for netavark we should rename it to something more generic. It is important that --cni-config-dir still works otherwise we could break existing container cleanup commands. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | CI: rootless user: also create in some root testsEd Santiago2022-01-17
|/ | | | | | | | | | | | viz, rootful system tests. The rootless account will be used by image-scp tests. Unfortunately, having ssh available means the system-connection tests will start running, which is very bad because they will fail, because system connection doesn't actually work (long story). Add a few more checks to prevent this test from running. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Cirrus: Freshen VM imagesChris Evich2022-01-10
| | | | | | | | | Specifically, this brings in `crun 1.4-1` allowing removal of a temporary workaround. Ref: https://github.com/containers/podman/pull/12759 Signed-off-by: Chris Evich <cevich@redhat.com>
* Fix CIDaniel J Walsh2022-01-06
| | | | | | | | crun should be available in f35. [ NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #12429 from cdoern/scpOpenShift Merge Robot2022-01-05
|\ | | | | podman image scp never enter podman user NS
| * podman image scp never enter podman user NScdoern2021-12-23
| | | | | | | | | | | | | | | | | | | | | | Podman image scp should never enter the Podman UserNS unless it needs to. This allows for a sudo exec.Command to transfer images to and from rootful storage. If this command is run using sudo, the simple sudo podman save/load does not work, machinectl/su is necessary here. This modification allows for both rootful and rootless transfers, and an overall change of scp to be more of a wrapper function for different load and save calls as well as the ssh component Signed-off-by: cdoern <cdoern@redhat.com>
* | ci: force scratch build for crunGiuseppe Scrivano2021-12-21
|/ | | | | | force a version with this fix: https://github.com/containers/crun/pull/819 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Cirrus: Use cached swagger binaryChris Evich2021-12-09
| | | | | | | | | | | | An error was observed in another PR while downloading the swagger binary. The error was relating to the upstream egress quota. Obviously our downloading it every time for each CI run isn't helping. Fix this by moving the download into the image-build process, and simply re-use the already present binary here. Ref: https://github.com/containers/automation_images/pull/103 Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Remove remnants of nix-based static buildChris Evich2021-12-06
| | | | | | Simply a readme update and dead-code cleanup. Signed-off-by: Chris Evich <cevich@redhat.com>
* [CI:DOCS] logformatter: fix corner case with linksEd Santiago2021-12-02
| | | | | | | | | | | | | | | | | | | | A test name beginning with non-alpha, e.g., "--build should ...", was not being recognized and linkified: https://storage.googleapis.com/cirrus-ci-6707778565701632-fcae48/artifacts/containers/podman/6500723916537856/html/int-podman-fedora-34-rootless-host.log.html Fix that. Also fix two other cases (single/double quotes) that were resulting in weird unreliable links. While I'm at it, add a few usability enhancements: * Colorize [SKIPPING] and [SLOW TEST] * Deemphasize '[It] testname' when it appears mid-test * Replace 'Running:' with a (deemphasized) '#' or '$' prompt Add regression tests Signed-off-by: Ed Santiago <santiago@redhat.com>
* Bindings test: emit GIT_COMMIT, for links in logsEd Santiago2021-11-24
| | | | | | | | Add a magic 'echo' to runner.sh, displaying $GIT_COMMIT in a special syntax. The logformatter script, seeing this, will hyperlink error messages to the failing source file. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Cirrus: Bump Fedora to release 35Chris Evich2021-11-18
| | | | | | | | | | | The Fedora 35 cloud images have switched to UEFI boot with a GPT partition. Formerly, all Fedora images included support for runtime re-partitioning. However, the requirement to test alternate storage has since been dropped/removed. Rather than maintain a disused feature, and supporting scripts, these Fedora VM images have reverted to the default: Automatically resize to 100% on boot. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Partially revert catatonit --force installChris Evich2021-11-18
| | | | | | | | VM Images created as of this commit contain the new/required version. Remove the `--force` install, but retain the hack script's ability to support this in the future. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Workaround log_driver=journald settingChris Evich2021-11-18
| | | | | | | | | | In F35 the hard-coded default (from containers-common-1-32.fc35.noarch) is 'journald' despite the upstream repository having this line commented-out. Containerized integration tests cannot run with 'journald' as there is no daemon/process there to receive them. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Timeout bindings test after 30mChris Evich2021-11-18
| | | | | | | | | | | | | | During initial testing of Fedora 35beta VM images in CI, the bindings task was timing out. In order to allow time for collection of system details (logs), execution needs to timeout earlier than the task. Under normal conditions, the bindings test finishes in about 10-minutes. Use the ginkgo timeout option to limit execution, so it times out after 30 minutes. Also add the `-progress` option so the output more closely resembles how ginkgo runs the integration tests. Signed-off-by: Chris Evich <cevich@redhat.com>
* cirrus: force-install catatonitValentin Rothberg2021-11-15
| | | | | | A temporary workaround until the CI images are updated. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Minor test tweaksEd Santiago2021-11-08
| | | | | | | | | | - remove 'NO TESTS NEEDED' as a valid bypass string. Henceforth only 'NO NEW TESTS NEEDED' will work. - add a debugging aid for #11871, in which bodhi tests time out in nslookup. Signed-off-by: Ed Santiago <santiago@redhat.com>
* test connection addJhon Honce2021-11-08
| | | | | | | | | | * Fix connection JSON encoding * Add custom ginkgo matchers for connection testing * Cleanup code Fixes #11984 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Cirrus: Authorize rootless user self-sshChris Evich2021-11-01
| | | | | | | | | | | Future testing needs dictate rootless (in addition to root) users are able to ssh to localhost. Add ssh-key generation commands for the rootless user, and authorize their public key. Minor: Also remove update of `/etc/sub{uid,gid}` files, since this is now done automatically by `{user,group}add` commands. Signed-off-by: Chris Evich <cevich@redhat.com>
* cirrus: containers: mount directory in /var/tmp to /tmpValentin Rothberg2021-10-26
| | | | | | | | Mount a directory from /var/tmp to /tmp to make sure that /tmp is not on an overlay mount. This should make overlay mounts possible in the containerized tests which we're currently skipping. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* rootlessport: reduce memory usage of the processPaul Holzinger2021-10-12
| | | | | | | | | | | | | | | | | | | | | | Don't use reexec for the rootlessport process, instead make it a separate binary to reduce the memory usage. The problem with reexec is that it will import all packages that podman uses and therefore loads a lot of stuff into the heap. The rootlessport process however only needs the rootlesskit library. The memory usage is a concern since the rootlessport process will spawn two process per container which has ports forwarded. The processes stay until the container dies. On my laptop the current reexec version uses 47800 KB RSS. The new separate binary only uses 4540 KB RSS. This is more than a 90% improvement. The Makefile has been updated to compile the new binary and install it to the libexec directory. Fixes #10790 [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* It really should be no **NEW** tests neededEd Santiago2021-10-04
| | | | | | | | | | | | Accept both "NO TESTS NEEDED" and "NO NEW TESTS NEEDED". That was a usability mistake I made on Day One. Fixed it in Buildah but oops never got around to fixing it here. Also, fix the test suite script: remove a no-longer-working test case (changelog.txt, removed in #11467) and add a new test for commits that include the magic string. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Cirrus: Fix defunct package metadata breaking cacheChris Evich2021-10-01
| | | | | | | | | | | | | | | | | | | | | Original workaround https://github.com/containers/podman/pull/11821 During VM image build, a number of packages are downloaded but not installed, since they may interfere with some testing. Then at runtime, where required, the packages are installed from cache and used. However, between image build and runtime it's possible the repository contents change, which will invalidate the package cache. Since the `--no-download --ignore-missing` options were used, the install will fail. Ref: https://github.com/containers/automation_images/issues/95 Fortunately, when it comes to the docker packages, no other dependencies are required and so `apt-get` isn't required. Switch to using a simple dpkg install command on the necessary files. If this ever breaks due to new dependencies, the list of files may simply be updated. Signed-off-by: Chris Evich <cevich@redhat.com>
* cirrus: gitlab: download packagesValentin Rothberg2021-10-01
| | | | | | | | | | It looks like the containerd.io package is not present anymore in the package cache which ultimately breaks CI since it's a requirement for docker. Hence, download the few packages instead of relying on the cache. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Cirrus: Add gitlab podman runner testChris Evich2021-09-27
| | | | | | | | | | Add execution of the downstream gitlab-runner tests using rootless podman through the magic of socket-level docker compatibility. Include a comment suggesting how to temporarily disable the test in case it fails beyond podman code scope. Signed-off-by: Chris Evich <cevich@redhat.com>