summaryrefslogtreecommitdiff
path: root/contrib
Commit message (Collapse)AuthorAge
* hardening flags for fedora rpmbuildsLokesh Mandvekar2021-02-09
| | | | | | | | | | | This commit sets the CGO_CFLAGS variable for hardening the Fedora rpm binaries. The flags used are the same as those in the official Fedora rpms. Setting the flags in upstream spec would provide early warnings for flag adjustments or other hardening issues. Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* Cirrus: Collect ginkgo node logs artifactsChris Evich2021-02-03
| | | | | | | | | | | | | | | | | | | | In rare cases, it's possible for one of the ginkgo processes to "hang". When this occurs, the main output will contain this message: ``Ginkgo timed out waiting for all parallel nodes to report`` The only way to debug this was to look through concatenated printing of the ginkgo node logs. This is a tedious and daunting task, requiring special search knowledge, facing a "wall of text". Simplify the situation by collecting the node logs separately, as individual files in a cirrus-artifact. In this way, it's faster to figure out which test "hung" by examining each log individually. The log file which does not have a pass/fail summary at the end, indicates the last test hung (for whatever reason), and includes it's output (if any). Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #9063 from cevich/master_fix_validateOpenShift Merge Robot2021-01-30
|\ | | | | Cirrus: Fix running Validate task on branches
| * Cirrus: Fix running Validate task on branchesChris Evich2021-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Followup to dbb9943 Despite skipping the `Smoke` check, it was observed on a *new* branch, the `validate` task (specifically `git-validation`) will fail. This is because: * `$CIRRUS_LAST_GREEN_CHANGE` will be empty on a new branch. * `$CIRRUS_BASE_SHA` is always empty for runs triggered by branch-push * `$EPOCH_TEST_COMMIT` will be set to `YOU_FOUND_A_BUG`. Fix this by eliminating the `Smoke` task entirely, simplifying all the `make validate` operations into the `validate` cirrus task. Ensure this task does not run when a new branch or tag is pushed. Also, eliminate the `$CIRRUS_BUILD_ID` value as it's confusing and not actually used anywhere. It was formerly used for building VM images, but this has moved to another repo entirely. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Cirrus: Build static podman-remoteChris Evich2021-01-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prior to this commit, the "Static Build" task only produced a `bin/podman`. Update this to also include a `bin/podman-remote` binary. Update the pr-should-include-tests checker to ignore the `nix` directory, which isn't applicable. Lastly, restore the static build task to 'required' for CI success. Leaving the comment inplace in case it needs to be bypassed in the future on short notice. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #8585 from Luap99/rootless-net-aliasOpenShift Merge Robot2021-01-28
|\ \ | | | | | | Add support for rootless network-aliases and static ip/mac
| * | Add support for rootless network-aliasesPaul Holzinger2021-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure we pass the network aliases as capability args to the cnitool in the rootless-cni-infra container. Also update the dnsname plugin in the cni-infra container. Fixes #8567 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
| * | Allow static ip and mac with rootless cni networkPaul Holzinger2021-01-27
| |/ | | | | | | | | | | | | | | Make sure we pass the ip and mac address as CNI_ARGS to the cnitool which is executed in the rootless-cni-infra container. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #9082 from saschagrunert/static-buildOpenShift Merge Robot2021-01-27
|\ \ | |/ |/| Fix static build cache by using cachix
| * Fix static build cache by using cachixSascha Grunert2021-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It looks like we always hit the caching issue in Cirrus CI described within #8313. A solution around that is to use cachix, which has been pre-populated from my local machine. To push all (runtime and build) dependencies, we can leverage a pre-populated store by: ``` > nix-store -qR --include-outputs $(nix-instantiate nix/default.nix) | cachix push podman ``` The cache can be re-used by everybody to rapidly build static Podman binaries: https://app.cachix.org/cache/podman [NO TESTS NEEDED] Signed-off-by: Sascha Grunert <mail@saschagrunert.de>
* | Cirrus: Upload swagger YAML in every contextChris Evich2021-01-21
|/ | | | | | | | | | | | | | | | | | | The podman documentation site uses javascript to display API documentation at: http://docs.podman.io/en/latest/Reference.html As input, the javascript sources from a CORS-enabled Google Cloud Storage object. This commit ensures the storage object is present and updated for every Cirrus-CI execution context: Tags, Branches, and PRs. As of this commit, the documentation site only utilizes the object uploaded by the Cirrus-CI run on the `master` branch: `swagger-master.yaml`. The file produced and uploaded due to a PR is intended for testing purposes: Confirm it's generation and uploading are both functional. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: add bindings checksValentin Rothberg2021-01-20
| | | | | | | | | Make sure that bindings are in sync with the code. The check is similar to what's already being done with `make vendor`, so integrate the two. [NO TESTS NEEDED] Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #8911 from edsantiago/prs_must_include_testsOpenShift Merge Robot2021-01-20
|\ | | | | CI: smoke test: insist on adding tests on PRs
| * CI: smoke test: insist on adding tests on PRsEd Santiago2021-01-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On each PR (with a few exceptions), check the list of git-touched files, and abort if no tests are added. Include instructions on how to bypass the check if tests really aren't needed. Include a hardcoded exception list for PRs that only touch a well-known subset of "safe" files: docs, .cirrus.yml, vendor, version, hack, contrib, or *.md. This list is likely to need tuning over time. Add a test suite, but not one recognized by the new script (because it's a "*.t" file), so: [NO TESTS NEEDED] Signed-off-by: Ed Santiago <santiago@redhat.com>
* | runner.sh : deal with bash 'set -e'Ed Santiago2021-01-18
|/ | | | | | | | | | | Release trigger script failed[1] because the entire script runs under 'set -e'; so a 'grep -- -dev' that finds no results will cause a nonzero exit status and hence the entire script to fail. Work around that. [1] https://cirrus-ci.com/task/4541290882793472 Signed-off-by: Ed Santiago <santiago@redhat.com>
* Cirrus: Upd. ext. service check host listChris Evich2021-01-14
| | | | | | | | Since CI doesn't depend heavily on installing packages at runtime (there is some minor use) there's no need to exhaustively check repository mirror hosts. Remove them from the list. Signed-off-by: Chris Evich <cevich@redhat.com>
* CI: fix broken diagnostic message for -dev checkEd Santiago2021-01-13
| | | | | | | | | | | | | | | | | There's a CI check for the presence of "-dev" in podman-info output (it should not appear). This test is unlikely to fail, but if it ever does, the diagnostic output is unhelpful. This makes it helpful. Tested via: $ ln -s /bin/echo ~/bin/msg $ ln -s /bin/echo ~/bin/die $ TEST_FLAVOR=release ./contrib/cirrus/runner.sh ... Releases must never contain '-dev' in output of 'podman info' ( buildahVersion: 1.19.0-dev Version: 3.0.0-dev) Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #8900 from cevich/no_tag_testingOpenShift Merge Robot2021-01-12
|\ | | | | Cirrus: Skip most tests on tag-push
| * Cirrus: Skip most tests on tag-pushChris Evich2021-01-07
| | | | | | | | | | | | | | | | | | | | | | | | | | Due to various reasons, CI results (esp. testing tasks) are completely ignored for builds triggered by a new tag-push. Additionally, since many of the automation scripts are in the repo., any related failures/flakes would require code changes (therefore a new tag). Resolve this by skipping every testing-type task for builds triggered by tag-push. Only retain tasks which build things intended for consumption associated with a possible official release. Signed-off-by: Chris Evich <cevich@redhat.com>
* | Cirrus: Add cross-compile test for alternative archesChris Evich2021-01-11
|/ | | | | | | Followup to https://github.com/containers/podman/pull/8907 that simply ensures cross-compiling podman completes. Signed-off-by: Chris Evich <cevich@redhat.com>
* SpellingJosh Soref2020-12-22
| | | | Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* Fix support for rpmbuild < 4.12.0.Thomas Montague2020-12-18
| | | | Signed-off-by: Thomas Montague <montague.thomas@gmail.com>
* podman.service should be an exec service not a notify serviceDaniel J Walsh2020-12-16
| | | | | | | | | | Podman never notifies sytemd that it is ready to recieve connections so systemd kills it after waiting 1.5 minutes. Changing to exec should leave it running until podman exits or the service is stopped. https://github.com/containers/podman/issues/8751 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Cirrus: Add support for Ubuntu 20.xChris Evich2020-12-15
| | | | | | | | | | | | | | | | | | | | | | | | | Previously automation always dropped the minor version number for distributions. This was intended for presentation and conditional simplicity. Bash does not support non-integer comparison natively. With the release of version 20.10, supporting testing with it and the LTS release (20.04) requires scripts to consider minor version numbers for Ubuntu VMs. This is necessary because many times in the past, some behaviors needed to be conditional on the release version number. With this commit, the images and embedded scripts/tooling uses an altered format of `$UBUNTU_NAME', `$PRIOR_UBUNTU_NAME`, and (crucially) `$OS_RELEASE_VER` and `$OS_REL_VER`. Any `.` characters appearing in the official version (from `/etc/os-release`) are dropped, and the result is concatenated. For example the current Ubuntu LTS version is `20.04`. Prior to this commit, `$OS_RELEASE_VER` would have been `20`. With this change, `$OS_RELEASE_VER` will now show `2004`. Similarly `20.10` is shown as `2010`. Signed-off-by: Chris Evich <cevich@redhat.com>
* contrib: drop mirror.chpc.utah.edu:443Giuseppe Scrivano2020-12-15
| | | | | | | | remove unused mirror from list of required host/ports: the host is unreachable due to DNS misconfiguration, and it doesn't look like we need it for anything anyway. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #8692 from rhatdan/networkOpenShift Merge Robot2020-12-14
|\ | | | | [CI:DOCS] Cleanup CNI Networks on reboot
| * Cleanup CNI Networks on rebootDaniel J Walsh2020-12-11
| | | | | | | | | | | | | | | | | | | | | | | | CNI sometimes leaves Network information in /var/lib/cni/networks when the system crashes or containers do not shut down properly. This PR will cleanup these left over files, so that container engines will get a clean enviroment when the system reboots. Related to: https://github.com/containers/podman/issues/3759 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | add compose regression to cibaude2020-12-11
|/ | | | | | | to prevent any regressions, we should be running regression tests using compose. Signed-off-by: baude <bbaude@redhat.com>
* Fix storage.conf to define driver in the VMDaniel J Walsh2020-12-09
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #8400 from rhatdan/varlinkOpenShift Merge Robot2020-12-01
|\ | | | | Remove varlink support from podman
| * Remove varlink support from PodmanDaniel J Walsh2020-11-26
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Bump master to v3.0.0-devMatthew Heon2020-11-30
|/ | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* Make podman service log eventsJhon Honce2020-11-19
| | | | | | | | | * Log endpoint calls at level Info * Ensure API server started at level Info Fixes #8390 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Github-Actions: Send e-mail on Cirrus cron failureChris Evich2020-11-18
| | | | | | | | | | | | | | | This repository has a number of automaticly triggered branch-level testing enabled. However, other than remembering to go look at a specific WebUI, there is no way for anybody to notice if/when these jobs fail. This commit introduces a github-action workflow which runs periodically, checking for failed cron-triggered Cirrus-CI jobs. When it finds any, it formats a simple report for e-mail delivery. The list of destination addresses is configurable at any time by merging changes to a simple CSV file. Signed-off-by: Chris Evich <cevich@redhat.com>
* remove contrib/gateValentin Rothberg2020-11-17
| | | | | | | | | | | Remove references on contrib/gate. The gating image is currently not maintained and was replaced in the CI rewrite. We can disable builds in Quay once the change is merged. Note that running `make validate` in a container is still desired. A similar approach may be re-added in the future. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* logformatter: highlight timing resultsEd Santiago2020-11-16
| | | | | | | | Add a :hover style to rows in the 'integration timing results' section. Without that, it's really hard for my eye to scan across and match a time to a test name. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #6442 from Luap99/podman-autocompleteOpenShift Merge Robot2020-11-13
|\ | | | | Shell completion
| * Install the new shell completion logicPaul Holzinger2020-11-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new make target (completion) to generate the shell completion scripts. This will generate the scripts for bash, zsh and fish for both podman and podman-remote with `podman completion`. The scripts are put into the completions directory and can be installed system wide with `sudo make install.completions`. This commit replaces the current handwritten scripts for bash and zsh. The `validate.completion` target has been adjusted to make sure nobody edits these scripts directly. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Set podman-auto-update.service Type=oneshotVilgot Fredenberg2020-11-13
| | | | | | | | Signed-off-by: Vilgot Fredenberg <vilgot@fredenberg.xyz>
* | Merge pull request #8107 from cevich/measure_testing_statsOpenShift Merge Robot2020-11-12
|\ \ | |/ |/| Cirrus: Collect runner.sh stats
| * Cirrus: Detailed CPU/Memory/Time runner.sh statsChris Evich2020-11-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | On several occasions, there have been questions about CPU/Memory/IO trends in testing over time. Start collecting this data for all jobs, using a common/stable format so that trending analysis can be performed within/across multiple Cirrus-CI builds. This PR doesn't add any related tooling, it simply arranges for the collection of the data. Stats generation is done at the orchestration level to guarantee they reflect everything happening inside `runner.sh`. For example, the container-based tests re-exec `runner.sh` inside a container, but we're only interested in the top-level stats. Update all tasks to include collection of the stats file. Unfortunately, due to the way the Cirrus-CI YAML parser works, it is *not* possible to alias the artifacts collection more clearly, for example: ```yaml always: <<: *runner_stats <<: *logs_artifacts ``` Signed-off-by: Chris Evich <cevich@redhat.com>
* | Cirrus: update VMsEd Santiago2020-11-11
| | | | | | | | | | | | | | | | | | Reason: include perl-FindBin RPM in f33 VM, needed for hack/xref-helpmsgs-manpages Ref: https://github.com/containers/automation_images/pull/39 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | [CI:DOCS] Restore man page cross-checkerEd Santiago2020-11-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Somewhere in the CIv2 migration we lost the man page vs --help cross-checker. Add it back, by adding it into the man-page-check Makefile target; this is part of 'make validate', which is run in CI even on CI:DOCS PRs. As happens when CI doesn't run, things broke. Man pages got out of sync with --help. This PR: 1) Fixes hack/xref-helpmsgs-manpages to deal with the new "Options" (instead of "Flags") form of podman help. #8034 did part of that, but one of my review comments was accidentally left out. 2) Fixes hack/xref-helpmsgs-manpages to deal with the new option syntax in man pages, post- #8292, in which each option is preceded by four hashes so as to make them HTML <h4> elements with named anchors. 3) Fixes man pages that #8292 accidentally missed. 4) Adds man page entries for two flags that got added to podman but not documented (pod create --network-alias, play kube --log-driver) Fixes: #8296 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Update CI tests to run python docker library against APIJhon Honce2020-11-09
|/ | | | | | | | | | | * Update reference to docker-py to docker to reflect change in library name * Update tests to create storage sandbox * Enable all tests that endpoints support * Refactor containers/{id}/rename to return 404 not 500 * Refactor tests to use quay.io vs. docker.io Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #8241 from rhatdan/tmpfileOpenShift Merge Robot2020-11-06
|\ | | | | Use /tmp/podman-run-* for backup XDG_RUNTIME_DIR
| * Use /tmp/podman-run-* for backup XDG_RUNTIME_DIRDaniel J Walsh2020-11-04
| | | | | | | | | | | | | | We need to block systemd from cleaning up this directory by dropping a /usr/lib/tmpfiles.d/podman.conf file in place. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Cirrus: Use F33beta VM imageChris Evich2020-11-04
|/ | | | | | | | | | | | Includes disk-space increase for all Fedora images to accommodate the static-build job disk space requirements. This job substantially leverages task-cache, which was previously failing to restore early on in the Cirrus-CI task setup, due to disk-space limitations. Also simplify .cirrus.yml slightly by removing an unncessary setup and run directory change step. Signed-off-by: Chris Evich <cevich@redhat.com>
* Cirrus: Workaround F32 BFQ Kernel bugChris Evich2020-10-30
| | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #8046 from cevich/simplify_environmentOpenShift Merge Robot2020-10-29
|\ | | | | Cirrus: Simplify setting/passing env. vars.
| * Cirrus: Simplify setting/passing env. vars.Chris Evich2020-10-29
| | | | | | | | | | | | | | | | | | | | | | | | Test VMs by design are to be single-purpose, single-use, and readily disposable. Therefore it's unnecessary to overcomplicate storage of runtime environment variables. This commit makes these points clear, and reorganizes all CI-related env. vars on the system into a single location, `/etc/ci_environment`. This file is then automatically loaded, and variables exported, (by `lib.sh`) from `runner.sh` prior to executing all forms of testing. Signed-off-by: Chris Evich <cevich@redhat.com>