From f76fa3475d247bb60f7d1fd40eecc487b97b9c18 Mon Sep 17 00:00:00 2001
From: Chris Evich <cevich@redhat.com>
Date: Wed, 15 Sep 2021 13:45:08 -0400
Subject: Cirrus: Add gitlab podman runner test

Add execution of the downstream gitlab-runner tests using
rootless podman through the magic of socket-level
docker compatibility.  Include a comment suggesting how
to temporarily disable the test in case it fails beyond
podman code scope.

Signed-off-by: Chris Evich <cevich@redhat.com>
---
 .cirrus.yml                         | 28 +++++++++++++++++++++++++++
 contrib/cirrus/runner.sh            | 17 +++++++++++++++++
 contrib/cirrus/setup_environment.sh | 38 +++++++++++++++++++++++++++++++++++++
 3 files changed, 83 insertions(+)

diff --git a/.cirrus.yml b/.cirrus.yml
index 968854771..9897a9f7f 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -637,6 +637,33 @@ rootless_system_test_task:
     main_script: *main
     always: *logs_artifacts
 
+rootless_gitlab_test_task:
+    name: *std_name_fmt
+    alias: rootless_gitlab_test
+    skip: *tags
+    only_if: *not_docs
+    # Community-maintained downstream test may fail unexpectedly.
+    # Ref. repository: https://gitlab.com/gitlab-org/gitlab-runner
+    # If necessary, uncomment the next line and file issue(s) with details.
+    # allow_failures: $CI == $CI
+    depends_on:
+      - rootless_integration_test
+    gce_instance: *standardvm
+    env:
+        <<: *ubuntu_envvars
+        TEST_FLAVOR: 'gitlab'
+        PRIV_NAME: rootless
+    clone_script: *noop  # Comes from cache
+    gopath_cache: *ro_gopath_cache
+    setup_script: *setup
+    main_script: *main
+    always:
+        <<: *logs_artifacts
+        junit_artifacts:
+            path: gitlab-runner-podman.xml
+            type: text/xml
+            format: junit
+
 upgrade_test_task:
     name: "Upgrade test: from $PODMAN_UPGRADE_FROM"
     alias: upgrade_test
@@ -720,6 +747,7 @@ success_task:
         - local_system_test
         - remote_system_test
         - rootless_system_test
+        - rootless_gitlab_test
         - upgrade_test
         - buildah_bud_test
         - meta
diff --git a/contrib/cirrus/runner.sh b/contrib/cirrus/runner.sh
index 128398c38..22a66dd08 100755
--- a/contrib/cirrus/runner.sh
+++ b/contrib/cirrus/runner.sh
@@ -286,6 +286,23 @@ function _run_release() {
     msg "All OK"
 }
 
+
+function _run_gitlab() {
+    rootless_uid=$(id -u)
+    systemctl enable --now --user podman.socket
+    export DOCKER_HOST=unix:///run/user/${rootless_uid}/podman/podman.sock
+    export CONTAINER_HOST=$DOCKER_HOST
+    cd $GOPATH/src/gitlab.com/gitlab-org/gitlab-runner
+    set +e
+    go test -v ./executors/docker |& tee $GOSRC/gitlab-runner-podman.log
+    ret=$?
+    set -e
+    # This file is collected and parsed by Cirrus-CI so must be in $GOSRC
+    cat $GOSRC/gitlab-runner-podman.log | \
+        go-junit-report > $GOSRC/gitlab-runner-podman.xml
+    return $ret
+}
+
 logformatter() {
     if [[ "$CI" == "true" ]]; then
         # Use similar format as human-friendly task name from .cirrus.yml
diff --git a/contrib/cirrus/setup_environment.sh b/contrib/cirrus/setup_environment.sh
index 41b155943..ef1f83024 100755
--- a/contrib/cirrus/setup_environment.sh
+++ b/contrib/cirrus/setup_environment.sh
@@ -243,6 +243,44 @@ case "$TEST_FLAVOR" in
 
         install_test_configs
         ;;
+    gitlab)
+        # This only runs on Ubuntu for now
+        if [[ "$OS_RELEASE_ID" != "ubuntu" ]]; then
+            die "This test only runs on Ubuntu due to sheer laziness"
+        fi
+
+        # Ref: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/27270#note_499585550
+
+        remove_packaged_podman_files
+        make install PREFIX=/usr ETCDIR=/etc
+
+        # Need to re-build lists (removed during image production)
+        ooe.sh apt-get -qq -y update
+        msg "Installing previously downloaded/cached packages"
+        # N/B: Tests check/expect `docker info` output, and this `!= podman info`
+        ooe.sh apt-get install --yes --no-download --ignore-missing containerd.io docker-ce docker-ce-cli
+
+        msg "Disabling docker service and socket activation"
+        systemctl stop docker.service docker.socket
+        systemctl disable docker.service docker.socket
+        rm -rf /run/docker*
+        # Guarantee the docker daemon can't be started, even by accident
+        rm -vf $(type -P dockerd)
+
+        msg "Obtaining necessary gitlab-runner testing bits"
+        slug="gitlab.com/gitlab-org/gitlab-runner"
+        helper_fqin="registry.gitlab.com/gitlab-org/gitlab-runner/gitlab-runner-helper:x86_64-latest-pwsh"
+        ssh="ssh $ROOTLESS_USER@localhost -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no env GOPATH=$GOPATH"
+        showrun $ssh go get -u github.com/jstemmer/go-junit-report
+        showrun $ssh git clone https://$slug $GOPATH/src/$slug
+        showrun $ssh make -C $GOPATH/src/$slug development_setup
+        showrun $ssh bash -c "'cd $GOPATH/src/$slug && GOPATH=$GOPATH go get .'"
+
+        showrun $ssh podman pull $helper_fqin
+        # Tests expect image with this exact name
+        showrun $ssh podman tag $helper_fqin \
+            docker.io/gitlab/gitlab-runner-helper:x86_64-latest-pwsh
+        ;;
     swagger) ;&  # use next item
     consistency) make clean ;;
     release) ;;
-- 
cgit v1.2.3-54-g00ecf