From b381d7565a17a939bfe5ba3e650729b5cfd76a24 Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Tue, 11 Jan 2022 13:53:53 -0500 Subject: Cirrus: Add e2e task w/ upstream netavark This PR adds the CI mechanisms to obtain the latest upstream netavark binary, and set a magic env-var to indicate e2e tests should execute podman with `--network-driver=netavark`. A future commit implement this functionality within the e2e tests. Due to the way the new environment is enabled, the standard task name is too long for github to display without adding ellipsis. Force the custom task name `Netavark Integration` to workaround this. At some future point, when netavark is more mainstream/widely supported, this custom task and upstream binary install can simply be removed - i.e. netavark will simply be used by default in the normal e2e tasks. Signed-off-by: Chris Evich --- .cirrus.yml | 29 ++++++++++++++++++++++++++++- contrib/cirrus/runner.sh | 2 +- contrib/cirrus/setup_environment.sh | 35 ++++++++++++++++++++++++++++++++--- 3 files changed, 61 insertions(+), 5 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index c33ed9c0c..a1615b54a 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -7,6 +7,8 @@ env: #### # Name of the ultimate destination branch for this CI run, PR or post-merge. DEST_BRANCH: "main" + # Netavark branch to use when TEST_ENVIRON=host-netavark + NETAVARK_BRANCH: "main" # Overrides default location (/tmp/cirrus) for repo clone GOPATH: &gopath "/var/tmp/go" GOBIN: "${GOPATH}/bin" @@ -44,7 +46,7 @@ env: #### N/B: Required ALL of these are set for every single task. #### TEST_FLAVOR: # int, sys, ext_svc, validate, automation, etc. - TEST_ENVIRON: host # 'host' or 'container' + TEST_ENVIRON: host # 'host', 'host-netavark', or 'container' PODBIN_NAME: podman # 'podman' or 'remote' PRIV_NAME: root # 'root' or 'rootless' DISTRO_NV: # any {PRIOR_,}{FEDORA,UBUNTU}_NAME value @@ -508,6 +510,30 @@ container_integration_test_task: main_script: *main always: *int_logs_artifacts +# Run the integration tests using the latest upstream build of netavark. +netavark_integration_test_task: + name: "Netavark integration" # using *std_name_fmt here is unreadable + alias: netavark_integration_test + only_if: *not_docs + skip: *branches_and_tags + depends_on: + - unit_test + gce_instance: *standardvm + env: + DISTRO_NV: ${FEDORA_NAME} + _BUILD_CACHE_HANDLE: ${FEDORA_NAME}-build-${CIRRUS_BUILD_ID} + VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME} + CTR_FQIN: ${FEDORA_CONTAINER_FQIN} + TEST_FLAVOR: int + TEST_ENVIRON: host-netavark + NETAVARK_URL: "https://api.cirrus-ci.com/v1/artifact/github/containers/netavark/success/binary.zip?branch=${NETAVARK_BRANCH}" + NETAVARK_DEBUG: 0 # set non-zero to use the debug-mode binary + clone_script: *noop # Comes from cache + gopath_cache: *ro_gopath_cache + setup_script: *setup + main_script: *main + always: *int_logs_artifacts + # Execute most integration tests as a regular (non-root) user. rootless_integration_test_task: @@ -713,6 +739,7 @@ success_task: - remote_integration_test - rootless_integration_test - container_integration_test + - netavark_integration_test - local_system_test - remote_system_test - rootless_system_test diff --git a/contrib/cirrus/runner.sh b/contrib/cirrus/runner.sh index c52fd9216..b709129c8 100755 --- a/contrib/cirrus/runner.sh +++ b/contrib/cirrus/runner.sh @@ -12,7 +12,7 @@ set -eo pipefail # most notably: # # PODBIN_NAME : "podman" (i.e. local) or "remote" -# TEST_ENVIRON : 'host' or 'container'; desired environment in which to run +# TEST_ENVIRON : 'host', 'host-netavark', or 'container'; desired environment in which to run # CONTAINER : 1 if *currently* running inside a container, 0 if host # diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh index 03b954a5b..15cf8805b 100755 --- a/contrib/cirrus/setup_environment.sh +++ b/contrib/cirrus/setup_environment.sh @@ -130,7 +130,7 @@ esac # Required to be defined by caller: The environment where primary testing happens # shellcheck disable=SC2154 case "$TEST_ENVIRON" in - host) + host*) # The e2e tests wrongly guess `--cgroup-manager` option # shellcheck disable=SC2154 if [[ "$CG_FS_TYPE" == "cgroup2fs" ]] || [[ "$PRIV_NAME" == "root" ]] @@ -141,6 +141,35 @@ case "$TEST_ENVIRON" in warn "Forcing CGROUP_MANAGER=cgroupfs" echo "CGROUP_MANAGER=cgroupfs" >> /etc/ci_environment fi + # TODO: For the foreseeable future, need to support running tests + # with and without the latest netavark. Once netavark is more + # stable and widely supported in Fedora, it can be pre-installed + # from its RPM at VM image build-time. + if [[ "$TEST_ENVIRON" =~ netavark ]]; then + req_env_vars NETAVARK_BRANCH NETAVARK_URL NETAVARK_DEBUG + msg "Downloading latest netavark from upstream branch '$NETAVARK_BRANCH'" + curl --fail --location -o /tmp/netavark.zip "${NETAVARK_URL}" + + # Needs to be in a specific location + # ref: https://github.com/containers/common/blob/main/pkg/config/config_linux.go#L39 + _nvdir=/usr/local/libexec/podman + mkdir -p $_nvdir + cd $_nvdir + msg "$PWD" + unzip /tmp/netavark.zip + if ((NETAVARK_DEBUG)); then + warn "Using debug netavark binary" + mv netavark.debug netavark + else + rm netavark.debug + fi + cd - + + chmod 0755 $_nvdir/netavark + restorecon -F -v $_nvdir + msg "Forcing NETWORK_BACKEND=netavark in all subsequent environments." + echo "NETWORK_BACKEND=netavark" >> /etc/ci_environment + fi ;; container) if ((CONTAINER==0)); then # not yet inside a container @@ -247,7 +276,7 @@ case "$TEST_FLAVOR" in # Use existing host bits when testing is to happen inside a container # since this script will run again in that environment. # shellcheck disable=SC2154 - if [[ "$TEST_ENVIRON" == "host" ]]; then + if [[ "$TEST_ENVIRON" =~ host ]]; then if ((CONTAINER)); then die "Refusing to config. host-test in container"; fi @@ -259,7 +288,7 @@ case "$TEST_FLAVOR" in make install PREFIX=/usr ETCDIR=/etc fi else - die "Invalid value for $$TEST_ENVIRON=$TEST_ENVIRON" + die "Invalid value for \$TEST_ENVIRON=$TEST_ENVIRON" fi install_test_configs -- cgit v1.2.3-54-g00ecf From 8842dab68642dedbbaa6c724ae235ba41e9cd3bb Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Tue, 18 Jan 2022 16:58:04 -0500 Subject: Cirrus: Also download aardvark-dns binary This involves a minor code-change so the download/install can run in a loop for the two different repositories and binaries. Given everything is exactly the same except the URLs and names. Signed-off-by: Chris Evich --- .cirrus.yml | 4 ++++ contrib/cirrus/setup_environment.sh | 48 +++++++++++++++++++++---------------- 2 files changed, 31 insertions(+), 21 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index a1615b54a..6b2b60d86 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -9,6 +9,8 @@ env: DEST_BRANCH: "main" # Netavark branch to use when TEST_ENVIRON=host-netavark NETAVARK_BRANCH: "main" + # Aardvark branch to use + AARDVARK_BRANCH: "main" # Overrides default location (/tmp/cirrus) for repo clone GOPATH: &gopath "/var/tmp/go" GOBIN: "${GOPATH}/bin" @@ -528,6 +530,8 @@ netavark_integration_test_task: TEST_ENVIRON: host-netavark NETAVARK_URL: "https://api.cirrus-ci.com/v1/artifact/github/containers/netavark/success/binary.zip?branch=${NETAVARK_BRANCH}" NETAVARK_DEBUG: 0 # set non-zero to use the debug-mode binary + AARDVARK_URL: "https://api.cirrus-ci.com/v1/artifact/github/containers/aardvark-dns/success/binary.zip?branch=${AARDVARK_BRANCH}" + AARDVARK_DEBUG: 0 # set non-zero to use the debug-mode binary clone_script: *noop # Comes from cache gopath_cache: *ro_gopath_cache setup_script: *setup diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh index 15cf8805b..465f2bc19 100755 --- a/contrib/cirrus/setup_environment.sh +++ b/contrib/cirrus/setup_environment.sh @@ -142,30 +142,36 @@ case "$TEST_ENVIRON" in echo "CGROUP_MANAGER=cgroupfs" >> /etc/ci_environment fi # TODO: For the foreseeable future, need to support running tests - # with and without the latest netavark. Once netavark is more - # stable and widely supported in Fedora, it can be pre-installed + # with and without the latest netavark/aardvark. Once they're more + # stable and widely supported in Fedora, they can be pre-installed # from its RPM at VM image build-time. if [[ "$TEST_ENVIRON" =~ netavark ]]; then - req_env_vars NETAVARK_BRANCH NETAVARK_URL NETAVARK_DEBUG - msg "Downloading latest netavark from upstream branch '$NETAVARK_BRANCH'" - curl --fail --location -o /tmp/netavark.zip "${NETAVARK_URL}" - - # Needs to be in a specific location - # ref: https://github.com/containers/common/blob/main/pkg/config/config_linux.go#L39 - _nvdir=/usr/local/libexec/podman - mkdir -p $_nvdir - cd $_nvdir - msg "$PWD" - unzip /tmp/netavark.zip - if ((NETAVARK_DEBUG)); then - warn "Using debug netavark binary" - mv netavark.debug netavark - else - rm netavark.debug - fi - cd - + for info in "netavark $NETAVARK_BRANCH $NETAVARK_URL $NETAVARK_DEBUG" \ + "aardvark-dns $AARDVARK_BRANCH $AARDVARK_URL $AARDVARK_DEBUG"; do + + read _name _branch _url _debug <<<"$info" + req_env_vars _name _branch _url _debug + msg "Downloading latest $_name from upstream branch '$_branch'" + # Use identifiable archive filename in of a get_ci_env.sh environment + curl --fail --location -o /tmp/$_name.zip "$_url" + + # Needs to be in a specific location + # ref: https://github.com/containers/common/blob/main/pkg/config/config_linux.go#L39 + _pdir=/usr/local/libexec/podman + mkdir -p $_pdir + cd $_pdir + msg "$PWD" + unzip /tmp/$_name.zip + if ((_debug)); then + warn "Using debug $_name binary" + mv $_name.debug $_name + else + rm $_name.debug + fi + chmod 0755 $_pdir/$_name + cd - + done - chmod 0755 $_nvdir/netavark restorecon -F -v $_nvdir msg "Forcing NETWORK_BACKEND=netavark in all subsequent environments." echo "NETWORK_BACKEND=netavark" >> /etc/ci_environment -- cgit v1.2.3-54-g00ecf