| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
| |
This commit sets the CGO_CFLAGS variable for hardening the Fedora rpm
binaries.
The flags used are the same as those in the official Fedora rpms.
Setting the flags in upstream spec would provide early warnings for
flag adjustments or other hardening issues.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In rare cases, it's possible for one of the ginkgo processes to "hang".
When this occurs, the main output will contain this message:
``Ginkgo timed out waiting for all parallel nodes to report``
The only way to debug this was to look through concatenated printing
of the ginkgo node logs. This is a tedious and daunting task,
requiring special search knowledge, facing a "wall of text".
Simplify the situation by collecting the node logs separately, as
individual files in a cirrus-artifact. In this way, it's faster to
figure out which test "hung" by examining each log individually. The
log file which does not have a pass/fail summary at the end,
indicates the last test hung (for whatever reason), and includes it's
output (if any).
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\
| |
| | |
Cirrus: Fix running Validate task on branches
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Followup to dbb9943
Despite skipping the `Smoke` check, it was observed on a *new* branch,
the `validate` task (specifically `git-validation`) will fail. This
is because:
* `$CIRRUS_LAST_GREEN_CHANGE` will be empty on a new branch.
* `$CIRRUS_BASE_SHA` is always empty for runs triggered by branch-push
* `$EPOCH_TEST_COMMIT` will be set to `YOU_FOUND_A_BUG`.
Fix this by eliminating the `Smoke` task entirely, simplifying all
the `make validate` operations into the `validate` cirrus task. Ensure
this task does not run when a new branch or tag is pushed.
Also, eliminate the `$CIRRUS_BUILD_ID` value as it's confusing and not
actually used anywhere. It was formerly used for building VM images,
but this has moved to another repo entirely.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Prior to this commit, the "Static Build" task only produced a
`bin/podman`. Update this to also include a `bin/podman-remote`
binary.
Update the pr-should-include-tests checker to ignore the `nix`
directory, which isn't applicable.
Lastly, restore the static build task to 'required' for CI success.
Leaving the comment inplace in case it needs to be bypassed in the
future on short notice.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \
| | |
| | | |
Add support for rootless network-aliases and static ip/mac
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Make sure we pass the network aliases as capability args to the
cnitool in the rootless-cni-infra container. Also update the
dnsname plugin in the cni-infra container.
Fixes #8567
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |/
| |
| |
| |
| |
| |
| |
| | |
Make sure we pass the ip and mac address as CNI_ARGS to
the cnitool which is executed in the rootless-cni-infra
container.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \
| |/
|/| |
Fix static build cache by using cachix
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It looks like we always hit the caching issue in Cirrus CI described
within #8313. A solution around that is to use cachix, which has been
pre-populated from my local machine.
To push all (runtime and build) dependencies, we can leverage a
pre-populated store by:
```
> nix-store -qR --include-outputs $(nix-instantiate nix/default.nix) | cachix push podman
```
The cache can be re-used by everybody to rapidly build static Podman
binaries: https://app.cachix.org/cache/podman
[NO TESTS NEEDED]
Signed-off-by: Sascha Grunert <mail@saschagrunert.de>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The podman documentation site uses javascript to display
API documentation at:
http://docs.podman.io/en/latest/Reference.html
As input, the javascript sources from a CORS-enabled Google Cloud
Storage object. This commit ensures the storage object is present and
updated for every Cirrus-CI execution context: Tags, Branches, and PRs.
As of this commit, the documentation site only utilizes the object
uploaded by the Cirrus-CI run on the `master` branch:
`swagger-master.yaml`. The file produced and uploaded due to a PR is
intended for testing purposes: Confirm it's generation and uploading are
both functional.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Make sure that bindings are in sync with the code. The check is similar
to what's already being done with `make vendor`, so integrate the two.
[NO TESTS NEEDED]
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\
| |
| | |
CI: smoke test: insist on adding tests on PRs
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
On each PR (with a few exceptions), check the list of git-touched
files, and abort if no tests are added. Include instructions
on how to bypass the check if tests really aren't needed.
Include a hardcoded exception list for PRs that only touch a
well-known subset of "safe" files: docs, .cirrus.yml, vendor,
version, hack, contrib, or *.md. This list is likely to need
tuning over time.
Add a test suite, but not one recognized by the new script
(because it's a "*.t" file), so: [NO TESTS NEEDED]
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
| |
Release trigger script failed[1] because the entire script
runs under 'set -e'; so a 'grep -- -dev' that finds no
results will cause a nonzero exit status and hence the
entire script to fail. Work around that.
[1] https://cirrus-ci.com/task/4541290882793472
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|
|
|
|
|
|
|
| |
Since CI doesn't depend heavily on installing packages at runtime
(there is some minor use) there's no need to exhaustively check
repository mirror hosts. Remove them from the list.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's a CI check for the presence of "-dev" in podman-info output
(it should not appear). This test is unlikely to fail, but if it
ever does, the diagnostic output is unhelpful. This makes it helpful.
Tested via:
$ ln -s /bin/echo ~/bin/msg
$ ln -s /bin/echo ~/bin/die
$ TEST_FLAVOR=release ./contrib/cirrus/runner.sh
...
Releases must never contain '-dev' in output of 'podman info' ( buildahVersion: 1.19.0-dev
Version: 3.0.0-dev)
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\
| |
| | |
Cirrus: Skip most tests on tag-push
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Due to various reasons, CI results (esp. testing tasks) are completely
ignored for builds triggered by a new tag-push. Additionally, since
many of the automation scripts are in the repo., any related
failures/flakes would require code changes (therefore a new tag).
Resolve this by skipping every testing-type task for builds triggered by
tag-push. Only retain tasks which build things intended for consumption
associated with a possible official release.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|/
|
|
|
|
|
| |
Followup to https://github.com/containers/podman/pull/8907 that simply
ensures cross-compiling podman completes.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|
|
|
| |
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
|
|
|
|
| |
Signed-off-by: Thomas Montague <montague.thomas@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
Podman never notifies sytemd that it is ready to recieve connections
so systemd kills it after waiting 1.5 minutes. Changing to exec
should leave it running until podman exits or the service is stopped.
https://github.com/containers/podman/issues/8751
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously automation always dropped the minor version number for
distributions. This was intended for presentation and conditional
simplicity. Bash does not support non-integer comparison natively.
With the release of version 20.10, supporting testing with it and
the LTS release (20.04) requires scripts to consider minor version
numbers for Ubuntu VMs. This is necessary because many times in
the past, some behaviors needed to be conditional on the release
version number.
With this commit, the images and embedded scripts/tooling uses an
altered format of `$UBUNTU_NAME', `$PRIOR_UBUNTU_NAME`, and (crucially)
`$OS_RELEASE_VER` and `$OS_REL_VER`. Any `.` characters appearing
in the official version (from `/etc/os-release`) are dropped, and
the result is concatenated.
For example the current Ubuntu LTS version is `20.04`. Prior to
this commit, `$OS_RELEASE_VER` would have been `20`. With this
change, `$OS_RELEASE_VER` will now show `2004`. Similarly `20.10`
is shown as `2010`.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|
|
|
|
|
|
|
| |
remove unused mirror from list of required host/ports: the host is
unreachable due to DNS misconfiguration, and it doesn't look like we
need it for anything anyway.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\
| |
| | |
[CI:DOCS] Cleanup CNI Networks on reboot
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
CNI sometimes leaves Network information in /var/lib/cni/networks
when the system crashes or containers do not shut down properly.
This PR will cleanup these left over files, so that container engines
will get a clean enviroment when the system reboots.
Related to: https://github.com/containers/podman/issues/3759
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
| |
to prevent any regressions, we should be running regression tests using
compose.
Signed-off-by: baude <bbaude@redhat.com>
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Remove varlink support from podman
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
|
|
|
| |
* Log endpoint calls at level Info
* Ensure API server started at level Info
Fixes #8390
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This repository has a number of automaticly triggered branch-level
testing enabled. However, other than remembering to go look at a
specific WebUI, there is no way for anybody to notice if/when these jobs
fail.
This commit introduces a github-action workflow which runs periodically,
checking for failed cron-triggered Cirrus-CI jobs. When it finds any, it
formats a simple report for e-mail delivery. The list of destination
addresses is configurable at any time by merging changes to a
simple CSV file.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Remove references on contrib/gate. The gating image is currently not
maintained and was replaced in the CI rewrite. We can disable builds
in Quay once the change is merged.
Note that running `make validate` in a container is still desired.
A similar approach may be re-added in the future.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|
|
|
|
|
|
|
| |
Add a :hover style to rows in the 'integration timing results'
section. Without that, it's really hard for my eye to scan
across and match a time to a test name.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\
| |
| | |
Shell completion
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a new make target (completion) to generate the shell
completion scripts. This will generate the scripts for bash,
zsh and fish for both podman and podman-remote with `podman completion`.
The scripts are put into the completions directory and can be
installed system wide with `sudo make install.completions`.
This commit replaces the current handwritten scripts for bash and zsh.
The `validate.completion` target has been adjusted to make sure nobody
edits these scripts directly.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |
| |
| |
| | |
Signed-off-by: Vilgot Fredenberg <vilgot@fredenberg.xyz>
|
|\ \
| |/
|/| |
Cirrus: Collect runner.sh stats
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
On several occasions, there have been questions about CPU/Memory/IO
trends in testing over time. Start collecting this data for all jobs,
using a common/stable format so that trending analysis can be performed
within/across multiple Cirrus-CI builds. This PR doesn't add any related
tooling, it simply arranges for the collection of the data.
Stats generation is done at the orchestration level to guarantee they
reflect everything happening inside `runner.sh`. For example, the
container-based tests re-exec `runner.sh` inside a container, but
we're only interested in the top-level stats.
Update all tasks to include collection of the stats file.
Unfortunately, due to the way the Cirrus-CI YAML parser works,
it is *not* possible to alias the artifacts collection more clearly,
for example:
```yaml
always:
<<: *runner_stats
<<: *logs_artifacts
```
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Reason: include perl-FindBin RPM in f33 VM, needed for
hack/xref-helpmsgs-manpages
Ref: https://github.com/containers/automation_images/pull/39
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Somewhere in the CIv2 migration we lost the man page vs --help
cross-checker. Add it back, by adding it into the man-page-check
Makefile target; this is part of 'make validate', which is run
in CI even on CI:DOCS PRs.
As happens when CI doesn't run, things broke. Man pages got out
of sync with --help. This PR:
1) Fixes hack/xref-helpmsgs-manpages to deal with the new
"Options" (instead of "Flags") form of podman help. #8034
did part of that, but one of my review comments was
accidentally left out.
2) Fixes hack/xref-helpmsgs-manpages to deal with the new
option syntax in man pages, post- #8292, in which each
option is preceded by four hashes so as to make them
HTML <h4> elements with named anchors.
3) Fixes man pages that #8292 accidentally missed.
4) Adds man page entries for two flags that got added
to podman but not documented (pod create --network-alias,
play kube --log-driver)
Fixes: #8296
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
| |
* Update reference to docker-py to docker to reflect change in library
name
* Update tests to create storage sandbox
* Enable all tests that endpoints support
* Refactor containers/{id}/rename to return 404 not 500
* Refactor tests to use quay.io vs. docker.io
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\
| |
| | |
Use /tmp/podman-run-* for backup XDG_RUNTIME_DIR
|
| |
| |
| |
| |
| |
| |
| | |
We need to block systemd from cleaning up this directory
by dropping a /usr/lib/tmpfiles.d/podman.conf file in place.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
| |
Includes disk-space increase for all Fedora images to accommodate
the static-build job disk space requirements. This job substantially
leverages task-cache, which was previously failing to restore early on
in the Cirrus-CI task setup, due to disk-space limitations.
Also simplify .cirrus.yml slightly by removing an unncessary setup
and run directory change step.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|
|
|
| |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\
| |
| | |
Cirrus: Simplify setting/passing env. vars.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Test VMs by design are to be single-purpose, single-use, and
readily disposable. Therefore it's unnecessary to overcomplicate
storage of runtime environment variables. This commit makes these
points clear, and reorganizes all CI-related env. vars on the system
into a single location, `/etc/ci_environment`. This file is then
automatically loaded, and variables exported, (by `lib.sh`) from
`runner.sh` prior to executing all forms of testing.
Signed-off-by: Chris Evich <cevich@redhat.com>
|