aboutsummaryrefslogtreecommitdiff
path: root/.cirrus.yml
blob: c5b73fdc95303af96d333234b813d1995b66bdb3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
---

# Only github users with write-access can define or use encrypted variables
# This credential represents a service account with access to manage both VMs
# and storage.
gcp_credentials: ENCRYPTED[885c6e4297dd8d6f67593c42b810353af0c505a7a670e2c6fd830c56e86bbb2debcc3c18f942d0d46ab36b63521061d4]

# Default VM to use for testing, unless values overriden by specific tasks (below)
gce_instance:
    image_project: "libpod-218412"
    zone: "us-central1-a"  # Required by Cirrus for the time being
    cpu: 2
    memory: "4Gb"
    disk: 40

# Main collection of env. varss to set for all scripts. All others
# are cooked in by $SCRIPT_BASE/setup_environment.sh
env:
    FEDORA_CNI_COMMIT: "412b6d31280682bb4fab4446f113c22ff1886554"
    CNI_COMMIT: "7480240de9749f9a0a5c8614b17f1f03e0c06ab9"
    CRIO_COMMIT: "662dbb31b5d4f5ed54511a47cde7190c61c28677"
    CRIU_COMMIT: "584cbe4643c3fc7dc901ff08bf923ca0fe7326f9"
    RUNC_COMMIT: "78ef28e63bec2ee4c139b5e3e0d691eb9bdc748d"
    # File to update in home-dir with task-specific env. var values
    ENVLIB: ".bash_profile"
    # Overrides default location (/tmp/cirrus) for repo clone
    CIRRUS_WORKING_DIR: "/go/src/github.com/containers/libpod"
    # Required so $ENVLIB gets loaded
    CIRRUS_SHELL: "/bin/bash"
    # Save a little typing (path relative to $CIRRUS_WORKING_DIR)
    SCRIPT_BASE: "./contrib/cirrus"
    PACKER_BASE: "./contrib/cirrus/packer"
    IRCID: ENCRYPTED[e87bba62a8e924dc70bdb2b66b16f6ab4a60d2870e6e5534ae9e2b0076f483c71c84091c655ca239101e6816c5ec0883]

# Every *_task runs in parallel in separate VMs. The name prefix only for reference
# in WebUI, and will be followed by matrix details.  This task does all the
# per-pr unit/integration testing.
full_vm_testing_task:

    gce_instance:
        # Generate multiple 'test' tasks, covering all possible
        # 'matrix' combinations.  All run in parallel.
        matrix:
            # Images are generated separetly, from build_images_task (below)
            image_name: "ubuntu-1804-bionic-v20180911-libpod-63a86a18"
            # TODO: Make these work (also build_images_task below)
            #image_name: "rhel-server-ec2-7-5-165-1-libpod-fce09afe"
            #image_name: "centos-7-v20180911-libpod-fce09afe"
            #image_name: "fedora-cloud-base-28-1-1-7-libpod-fce09afe"

    timeout_in: 120m

    # Every *_script runs in sequence, for each task. The name prefix is for
    # WebUI reference.  The values may be strings...
    setup_environment_script: $SCRIPT_BASE/setup_environment.sh

    # ...or lists of strings
    verify_source_script:
        - whoami  # root!
        - $SCRIPT_BASE/verify_source.sh

    unit_test_script: $SCRIPT_BASE/unit_test.sh

    integration_test_script: $SCRIPT_BASE/integration_test.sh

    success_script: $SCRIPT_BASE/success.sh


# Because system tests are stored within the repository, it is sometimes
# necessary to execute them within a PR to validate changes.

optional_system_testing_task:

    # Only run system tests in PRs (not on merge) if magic string is present
    # in the PR description.  Post-merge system testing is assumed to happen
    # later from OS distribution's build systems.
    only_if: >-
        $CIRRUS_BRANCH != 'master' &&
        $CIRRUS_CHANGE_MESSAGE =~ '.*\*\*\*\s*CIRRUS:\s*SYSTEM\s*TEST\s*\*\*\*.*'

    gce_instance:
        matrix:
            image_name: "ubuntu-1804-bionic-v20180911-libpod-63a86a18"
            # TODO: Make these work (also build_images_task below)
            #image_name: "rhel-server-ec2-7-5-165-1-libpod-fce09afe"
            #image_name: "centos-7-v20180911-libpod-fce09afe"
            #image_name: "fedora-cloud-base-28-1-1-7-libpod-fce09afe"

    timeout_in: 60m

    setup_environment_script: $SCRIPT_BASE/setup_environment.sh
    system_test_script: $SCRIPT_BASE/system_test.sh
    success_script: $SCRIPT_BASE/success.sh


# This task builds new cache-images for future PR testing.  These images save
# time installing/setting up the environment while an engineer is waiting.
# The 'active' cache-images for full_vm_testing are selected by the
# 'image_name' keys.  Updating those items requires manually modification,
# but this could be automated (see comment at end of build_vm_images_task).

build_vm_images_task:
    # Only produce new cache-images after a PR merge, and if a magic string
    # is present in the most recent commit-message.
    only_if: >-
        $CIRRUS_BRANCH == 'master' &&
        $CIRRUS_CHANGE_MESSAGE =~ '.*\*\*\*\s*CIRRUS:\s*REBUILD\s*IMAGES\s*\*\*\*.*'

    # Require tests to pass first.
    depends_on:
        - full_vm_testing  # i.e. 'full_vm_testing_task'

    env:
        # CSV of packer builder names to enable (see $PACKER_BASE/libpod_images.json)
        PACKER_BUILDS: "ubuntu-18"
        # TODO: Make these work (also full_vm_testing_task above)
        # PACKER_BUILDS: "rhel-7,centos-7,fedora-28,ubuntu-18"
        CENTOS_BASE_IMAGE: "centos-7-v20180911"
        RHEL_BASE_IMAGE: "rhel-server-ec2-7-5-165-1"
        FEDORA_BASE_IMAGE: "fedora-cloud-base-28-1-1-7"
        UBUNTU_BASE_IMAGE: "ubuntu-1804-bionic-v20180911"
        # low-level base VM image name inputs to packer

        # Command to register a RHEL VM
        RHSM_COMMAND: ENCRYPTED[5caa5ff8c5370c3d25c7a1a28168501ab0fa2e5e3b627926f6eaba02b3fed965a7638a6151657809661f8c905c7dc187]
        # Additional environment variables needed to build GCE images, within a GCE VM
        SERVICE_ACCOUNT: ENCRYPTED[99e9a0b1c23f8dd29e83dfdf164f064cfd17afd9b895ca3b5e4c41170bd4290a8366fe2ad8e7a210b9f751711d1d002a]
        GCE_SSH_USERNAME: ENCRYPTED[a7706b9e4b8bbb47f76358df7407f4fffa2e8552531190cc0b3315180c4b50588f560c4f85731e99cb5f43a396778277]
        GCP_PROJECT_ID: ENCRYPTED[7c80e728e046b1c76147afd156a32c1c57d4a1ac1eab93b7e68e718c61ca8564fc61fef815952b8ae0a64e7034b8fe4f]
        # Version of packer to use
        PACKER_VER: "1.3.1"

    # VMs created by packer are not cleaned up by cirrus
    auto_cancellation: $CI != "true"

    gce_instance:
        image_name: "image-builder-image"  # Simply CentOS 7 + packer dependencies
        # Additional permissions for building GCE images, within a GCE VM
        scopes:
            - compute
            - devstorage.full_control
        # Doesn't need many local resources to run
        cpu: 2
        memory: "2Gb"
        disk: 20
    environment_script: $SCRIPT_BASE/setup_environment.sh
    build_vm_images_script: $SCRIPT_BASE/build_vm_images.sh

    # TODO,Continuous Delivery: Automaticly open a libpod PR after using 'sed' to replace
    #                           the image_names with the new (just build) images.  That will
    #                           cause a new round of testing to happen (via the PR) using
    #                           the new images.  When all is good, the PR may be manually
    #                           merged so all PR testing uses the new images.  The script
    #                           names (below) describe their purpose in this workflow.
    # deploy_images_script:
    #   - clone_podman_release_branch.sh
    #   - modify_cirrus_yaml_image_names.sh
    #   - commit_and_create_upstream_pr.sh