- Sets default search location to always be the peer directory
+ make podman-remote now creates binaries that work the same as release zips
- Updates release zip to match expected search location
- Updates win installer to include the file if present in the repo cross-build
archive
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
Lots of small special-case tweaks to logformatter because Macs
have to be different.
Also fix:
- Wrong slash in printf-newline, leading to gray [It] blocks
- echo gitCommit, so we can link to sources
- --image-path is deprecated
Signed-off-by: Ed Santiago <santiago@redhat.com>
Old way: edit commit message, add magic string, re-push
New way: repo maintainer adds a Github label to PR, hits Rerun
I've looked and looked for the history behind this script
and why I didn't do it this way in the first place. I've
concluded that I just never thought of it.
Signed-off-by: Ed Santiago <santiago@redhat.com>
It works (verified in #17831). Imperfectly, because Macs don't
have a useful awk, so we can't get timestamps. I will, in time,
look into adding the timestamp functionality to logformatter
itself.
Also imperfect because it's not linkifying: source code paths
are dead text. I need to fix that, too, in logformatter, by
having it recognize /Users/Mac paths.
Imperfect as it may be, it was quick, and I think could provide
good bang for the buck in these Mac-intensive debugging days.
Signed-off-by: Ed Santiago <santiago@redhat.com>
We used to use ignition to perform any customization required for podman
machine because our input was a generic FCOS image. Now that we are
building our own images, some of this customization can be migrated to
the Containerfile itself and be less of a burden in our code at boot up.
At the time of this PR, the Containerfile can be found at
https://github.com/baude/podman-machine-images/tree/main. It is only
present for a so-called daily image. There is little liklihood that
this would the final location for the Containerfile so consider it a
working version only.
Split WSL and rest apart in the e2e tests so we no longer ppull the
generic FCOS image for testing.
Note: the change to the pull image name is so PRs are not immediately
broken that are already in the queue.
[NO NEW TESTS REQUIRED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
vfkit needs the com.apple.security.virtualization entitlement or it
wont' be able to start virtual machines:
Error: Error Domain=VZErrorDomain Code=2 Description="Invalid virtual machine configuration. The process doesn’t have the “com.apple.security.virtualization” entitlement." UserInfo={
NSLocalizedFailure = "Invalid virtual machine configuration.";
NSLocalizedFailureReason = "The process doesn\U2019t have the \U201ccom.apple.security.virtualization\U201d entitlement.";
}
This fixes https://github.com/containers/podman/issues/21842
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
When there is no signing identity to pass to the macOS `codesign` tool,
we can use `-` instead as the identity to perform ad-hoc signing.
From `man codesign`:
> If identity is the single letter "-" (dash), ad-hoc signing is
> performed. Ad-hoc signing does not use an identity at all
This makes it easier to test the sign() code-path in package.sh as
we'll run the same code regardless of `NO_CODESIGN` being set or not.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Source: https://github.com/containers/automation_images/pull/331#issuecomment-1966677347
Kludgy VM build, because rawhide rc6 kernel is still not stable.
I would like to merge this anyway, because the rawhide hang is
hurting us badly. (I am not guaranteeing that this fixes the hang).
Also: new Windows VM has WiX 3.14 (up from 3.11).
Signed-off-by: Ed Santiago <santiago@redhat.com>
The `Makefile` makes assumptions about git repo. clone details.
Because fixing the `Makefile` would likely be problematic, fix
the clone operation used on the Mac so that it matches what's used
on Linux.
Also, simplify git repo clone operations. At some point in the
distant past, a git identity was required for CI to function properly.
That has since changed, so remove the unnecessary complexities.
Signed-off-by: Chris Evich <cevich@redhat.com>
There's are sometimes conflicting purposes in podman CI:
1. Have the pipeline proceed in an orderly and progressive manner
to sometimes save resources and unnecessary runtime.
2. Complete all testing as quickly as possible in support of
human-developers moving on to other areas of work.
3. Ideally/hopefully, accomplish both items above safely,
preventing untested and/or unintended changes from merging.
This commit shifts the balance of these slightly more toward the second
point. It rearranges most CI tasks into essentially three buckets with
a single (new) aggregation task in-between the first two:
1. Build + Verify all the things
2. Test all the things
3. Minor/accessory things
The intention is that while we may unnecessarily spin some number of
testing tasks while others have failed, the best-case scenario
(everything passes) has a much shorter runtime. In other words, it
potentially wastes more resources in favor of a chance to have
developers wait less.
Signed-off-by: Chris Evich <cevich@redhat.com>
aardvark-dns, netavark and passt are installed on both debian and
fedora. cri-o-runc is not installed anymore and it just uses the normal
runc package on debian. containers-common is called
golang-github-containers-common on debian and also uses
golang-github-containers-image for further config files from c/image.
This makes sure we correctly log all the package versions on debian
correctly.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
According to https://go.dev/ref/mod#module-cache golang will leave
behind read-only bits. It was observed that these cause the find/rm
cleanup operations to fail fail with `permission denied` on thousands
of files. This is preventing cleanup of cruft from unrelated Cirrus-tasks
leading to unnecessary occupation of critical, local-ssd storage space.
Fix this by ensuring the user has at least write access to the entire
contents of `$TMPDIR` and `$HOME`, `ci` subdirs.
Signed-off-by: Chris Evich <cevich@redhat.com>
Ref:
https://github.com/containers/podman/pull/21570#issuecomment-1935709148
This tool is really intended/best used from git pre-commit on developers
local machines, to prevent addition of secret leaks. When used as a
check against PRs, it tends to turn up more false-positives than helpful
warnings. There's no good way to fix this, and maintaining the scanner
is an additional burden. Rather than continue struggling to improve/fix
the situation, let's just remove the tool entirely.
Signed-off-by: Chris Evich <cevich@redhat.com>
Fixes: #21574
The documentation for this image references a quay repository that
doesn't exist. It doesn't appear any of these files have been touched
since late 2022. Instead of updating the docs, let's just remove the
source. It's trivial to recreate if anybody actually needs it for
something.
Users needing to access remote podman can simply use the `podman` binary
present in existing images `quay.io/containers/podman`,
`quay.io/podman/stable`, etc.
Signed-off-by: Chris Evich <cevich@redhat.com>
No longer bother testing any 2.x or 3.x. Only 4.1 and above.
Remove all CNI-related code. CNI is gone.
Add DatabaseBackend tests, confirming that we can handle
both boltdb and sqlite.
Require BATS >= 1.8.0, and use "run -0" to do exit-status checks.
Update docs.
Signed-off-by: Ed Santiago <santiago@redhat.com>
As of this commit, there are several pages worth of lint findings for
windows. Once they're all addressed, this commit may be reverted to
enable continuous checking.
Signed-off-by: Chris Evich <cevich@redhat.com>
Podman v5 will not support cgroups-v1. This commit will print a warning
if it detects a cgroups-v1 system. The warning can be hidden by setting
envvar `PODMAN_CGROUPSV1_WARNING`.
This warning is patched out for RHEL 9 builds as cgroups-v1 will still
be supported on RHEL 9 systems.
Resolves: https://issues.redhat.com/browse/RUN-1957
[NO NEW TESTS NEEDED]
Co-authored-by: Ed Santiago <santiago@redhat.com>
Co-authored-by: Sascha Grunert <sgrunert@redhat.com>
Co-authored-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
CNI is deprecated and is build tagged out for 5.0. Don't test it in our CI.
This commit also disables upgrade tests for now - those need more work since the old version of Podman only uses CNI. Upgrade tests will be re-vamped in a later commit.
Signed-off-by: Ashley Cui <acui@redhat.com>
From https://github.com/containers/automation_images/pull/325
Major change: netavark and aardvark are now included in prior-fedora,
so CNI can be fully eliminated from CI (#21410)
FIXME FIXME FIXME: skip two e2e tests, waiting for new netavark
Signed-off-by: Ed Santiago <santiago@redhat.com>
This updates the Windows installer and macOS installer to ship the newer
binaries, as well as the vendored gvisor-tap-vsock code.
[NO NEW TESTS NEEDED]
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Because the podman machine tests normally run at the end of the chain,
it's time consuming for developers to validate machine-only changes.
Support a special CI runtime mode, only when a PR is marked as a draft.
Update related documentation
Also: Only run machine tests on PRs, never for branches or new tags.
Signed-off-by: Chris Evich <cevich@redhat.com>
crun-wasm depends on the same epoch:version-release as crun so
overriding `crun` but not `crun-wasm` will cause installation issues
like:
```
error: Could not depsolve transaction; 1 problem detected:
Problem: package crun-wasm-1.11.1-1.fc39.x86_64 from @System requires crun = 1.11.1-1.fc39, but none of the providers can be installed
- cannot install both crun-102:1.12-1.20231205201336970037.main.19.g90b21dd.fc39.x86_64 from @commandline and crun-1.11.1-1.fc39.x86_64 from @System
- cannot install both crun-102:1.12-1.20231205201336970037.main.19.g90b21dd.fc39.x86_64 from @commandline and crun-1.11.1-1.fc39.x86_64 from updates-archive
- conflicting requests
```
This commit overrides both crun and crun-wasm from what's found in
podman-next.
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
A simple regression was introduced to the test suite that overrode the
default image for hyperv testing.
Signed-off-by: Brent Baude <bbaude@redhat.com>
- Modified Check-Exit to take a relative stack postition so that reusing
functions like Run-Command report on their callers as opposed to the source
position of the wrapper.
- Record and print the last command executed as it likely scrolled off with
test output.
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
Issue Ref: #20853
Allow the tests to fail, but don't block merging PRs.
This commit should be reverted when #20853 is resolved.
Signed-off-by: Chris Evich <cevich@redhat.com>
Setup and execute podman machine testing on bare-metal M1 Macs
using a pool of shared and semi-persistent hosts. Automated
and manual processes outside this repository are responsible
for providing and maintaining all hosts. Ref.
https://github.com/containers/automation/tree/main/mac_pw_pool
Update the `localmachine` make target to standardize execution
across platforms. Update/simplify podman-machine e2e README to
reflect current reality.
Warning: This CI setup and supporting infrastructure was developed
in favor of expediency vs reliability and stability. There are
many possible failure-modes (known and unknown) which may lead
to undefined test behaviors. Future work may address some of
these as they are encountered or discovered.
[NO NEW TESTS NEEDED]
Signed-off-by: Chris Evich <cevich@redhat.com>
For whatever reason (I don't understand this stuff well) the
`win-podman-machine-main.ps1` script exits successfully despite the
final `Check-Exit` showing a non-zero exit code was detected. Attempt
to fix this by throwing an exception instead of calling `Exit`.
Signed-off-by: Chris Evich <cevich@redhat.com>
Intended to serve as motivation to fix them. Removed from status
aggregator so the failures don't block PR merging. Updated comment text
to reference related open issue, #20548.
Signed-off-by: Chris Evich <cevich@redhat.com>
We're only testing vfs in CI. That's bad. #18822 tried to
remedy that but that only worked on system tests, not e2e.
Here we introduce CI_DESIRED_STORAGE, to be set in .cirrus.yml
in the same vein as all the other CI_DESIRED_X. Since it's 2023
we default to overlay, testing vfs only in priorfedora.
Fixes required:
- e2e tests:
- in cleanup, umount ROOT/overlay to avoid leaking mounts
- system tests:
- fix a few badly-written tests that assumed/hardcoded overlay
- buildx test: add weird exception to device-number test
- mount tests: add special case code for vfs
- unprivileged test: disable one section that is N/A on vfs
Signed-off-by: Ed Santiago <santiago@redhat.com>
This change will allow RHEL subscriptions from the host to flow
to internal containers.
Fixes: https://github.com/containers/common/issues/1735
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Followup to #20318: now that sqlite is the podman default,
enforce that in CI as well. Test boltdb only in Prior Fedora.
In the process, discovered & cleaned up some duplication
and unused YAML anchors.
Signed-off-by: Ed Santiago <santiago@redhat.com>
The podman in `ubuntu-latest` environment apparently is too old to
support `--userns=keep-id:uid=1000,gid=1000`. Employ workaround in GHA
workflow and in `prebuild.sh` check.
Signed-off-by: Chris Evich <cevich@redhat.com>
As an effort to catch potential secrets and/or credential leaks, add a
github-actions workflow which is untouchable in a PR context.
To additionally guard against accidents, also check recent branch
history. This is especially important on newly created
release-branches, which may begin with content from who-knows-where.
Finally, since the new workflow bypasses PR-level changes to the scanner
config and base-line. Add a Cirrus-CI invocation of the scanning tool
to help catch tool-breaking changes from being merged.
Signed-off-by: Chris Evich <cevich@redhat.com>
Also, de-duplicate power-shell variables and functions as they're
beginning to sprawl. This does not completely address all duplicates,
mainly those involved in the podman-machine CI workflow. So,
nothing under `contrib/win-installer` has been touched.
[NO NEW TESTS NEEDED]
Signed-off-by: Chris Evich <cevich@redhat.com>
The `v4.3.1` version of the library defines a common
`passthrough_envars()` so it doesn't need to be duplicated in podman and
buildah CI. It also includes an update to build-push which should make
debugging easier.
Finally, these images include setting of the en_US.UTF-8 locale to enable
removal of a workaroud in a future commit.
Signed-off-by: Chris Evich <cevich@redhat.com>
When you run e2e tests locally they use CNI unless the NETWORK_BACKEND
env was set to netavark. Because our main focus is on netavark we should
test it by default.
For local tests this should help to prevent CNI/netavark conflicts as I
assume most systems where people run tests on are on netavark by now.
For CI testing we hardcode NETWORK_BACKEND there to test both netavark
(on current fedora) and CNI (prior fedora). MAke sure to switch the
logic in the CI setup to reflect that.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This commit installs `crun-wasm` and `wasmedge-rt` in the FCOS image at
https://quay.io/repository/podman/fcos .
- crun-wasm is installed from rhcontainerbot/podman-next
- wasmedge-rt is installed from the official Fedora repos
Packages in Containerfile have also been rearranged in alphabetical
order.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Followup on #19477
Remove commented out cirrus task for fcos image build with podman-next
and add 2 github actions: 1 for running a simple uni-arch image build
on every PR and another to actually build multiarch images and push to
quay after merge.
`podman --version` will also include git short sha for clarity.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Every few months we get a new CI failure that requires
scanning through logs that give no indication of what
is happening or where. Tracking down the error can
cost many hours.
Solution: pepper cirrus scripts with showrun(), which echoes
the command _and_ displays the source filename + lineno.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Prevent future occurrences of #19894, by making upgrade tests
run any time there's a change to system tests. That's overly
broad: upgrade tests only rely on test/system/helpers.bash,
not test/system/anything-else. IMHO the cost of CI breaking
is higher than the cost of running unnecessary jobs.
Signed-off-by: Ed Santiago <santiago@redhat.com>
These jobs have been failing since early August due to
technical/scripting problems. Disable/remove entirely since a fix is
unlikely to be implemented anytime soon.
Ref: Abandoned recent attempt at debugging
https://github.com/containers/podman/pull/19720
Signed-off-by: Chris Evich <cevich@redhat.com>
The `contrib/hello` directory is needed for some CI tests here and in
buildah. Further, the build job that produces images from this
directory are currently broken. Disable the build job, and updte
the README.md to point people at the replacement repo. for this content.
Ref: https://github.com/containers/podman/pull/19730
Signed-off-by: Chris Evich <cevich@redhat.com>
This reverts commit 7e0130f75c.
It broke CI, not just on podman but on Buildah too. Buildah bud
tests require the hello subdirectory.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Make sure the en_US.UTF-8 locale is available so that we can use it in
tests, namely "podman logs with non ASCII log tag succeeds with env".
It is already there in fedora (except container image but we cannot use
journald there anyway) so only do this for debian. I think it makes
most sense to move this into the image build process in the future to
only do it once at build time.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The socket can already exist and is not removed by disabling the systemd unit,
hence it needs to be deleted to get a "vanilla" system. This is a temporary
workaround suggested in:
https://github.com/containers/podman/pull/19478#issuecomment-1665350945
[NO NEW TESTS NEEDED] - this is a CI fix
Signed-off-by: Dan Čermák <dcermak@suse.com>
This was replaced by the setup.exe burn installer several releases ago,
and only kept around as a fallback. Remove it since it is no longer
maintained and not recommended for use.
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
containers
We need to remove /var/tmp/container_images_* and
/var/tmp/container_images_* which are podman temporary directories on each
boot which are created when creating containers from oci-archive tarballs
or other pull operations.
Signed-off-by: Joe Doss <joe@solidadmin.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Podman is basically unusable without cgo, checking if it compiles
without adds no value and just tricks people into thinking it works when
it does not.
This means we do not need extra to NOP out a lot of cgo calls with
functions that just return an error like `XXX is not supported without
cgo`.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Using a FreeBSD VM allows building a functioning binary via 'make
podman-release'. This uses Cirrus' freebsd_instance which provisions VMs
on Google Compute Engine.
I attempted to add FreeBSD binaries to the artifacts task but this
failed, apparently because the extra 50Mb of space exceeded a 1Gb limit
in Cirrus.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
When an e2e test fails in AfterEach, ginkgo "helpfully" adds
a heading in that test log block:
TOP-LEVEL [AfterEach]
/path/to/source.go
Podman Desc Blah
That TOP-LEVEL line screws up our in-page links. Ignore it
both in the heading and in the bottom failure-summary lines.
Add test, including tests for bottom-summary.
Signed-off-by: Ed Santiago <santiago@redhat.com>
In debian environment we are hitting an edge-case where older buildah
version is not compatible with newer podman version because both of them
are using different storage driver.
I.e
* Podmand defaults to native `overlay`.
* Older buildah version defaults to `vfs`.
See discussions below for more details
* containers#18510 (comment)
Co-authored-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Aditya R <arajan@redhat.com>
Ginkgo test names can have more than two levels: there can be
a nested series of Describes() before the final It(). (e.g.,
quadlet_test.go). Handle that.
Before: we just assumed that the third-or-maybe-fourth line
after a "-----" divider was the test name.
Now: examine every line after the "-----" divider, until the
first empty line. Lines with /path/to/source/file are ignored,
lines with text strings are assembled together to make anchors.
This is still imperfect but it's much better than before.
SPECIAL NOTE: in order to allow linking to timing results
in the AfterSuite, I've changed the test name from Leaf to Full.
This will now be a much longer string, and hence much less
readable, but I'm inclined to think it's more correct. Please
review carefully and lmk if I should revert.
Finally, as an unrelated add-on, add links (at top) to original
log, journal, and (if applicable) podman-remote server logs.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Fix an oops in my ginkgo-v2 handling: subtest-status was
getting re-reset back to "passed", resulting in incorrect
and misleading green titles on failed tests.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Instrument system tests in hopes of tracking down #17216,
the unlinkat-ebusy-hosed flake.
Oh, also, timestamp.awk: timestamps have always been UTC, but
add a 'Z' to make it unambiguous.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Rather than supporting a special-mode *just* for netavark/aardvark
testing [in podman CI], support testing with all the latest
`podman-next` COPR packages.
The idea here is very similar to the netavark/aardvark special mode it
replaces. Most podman-dependencies do not have the level of
comprehensive CI as exist here. This new CI-mode allows testing
upstream updates to podman-dependencies without needing to roll out
a whole new package/release for them.
Also update documentation for this new mode.
Signed-off-by: Chris Evich <cevich@redhat.com>
This magic string isn't often used and may cause confusion with future
magic-string additions. Remove it.
Signed-off-by: Chris Evich <cevich@redhat.com>
In run_podman(), display a nanosecond-level timestamp next to
each command and its output.
Because this clutters the results, teach logformatter to grok
these new timestamps, strip them, and display a more human-readable
time delta in the left-hand timestamp column. logformatter started off
as a mess and is now, well, 🤮. I'm sorry. I just hope its results
make it worthwhile.
Signed-off-by: Ed Santiago <santiago@redhat.com>
With -p, ginkgo emits timing information on the first line
after dashes. Without -p, it's at the end.
Most tests use -p. Podman-machine does not. Deal with that.
Signed-off-by: Ed Santiago <santiago@redhat.com>
There are days when I really, really, really hate GNU. Remember
when someone decided that 'head -1' would no longer work, and
that it was OK to break an infinite number of legacy production
scripts? Someone now decided that egrep/fgrep are deprecated,
and our CI logs (especially pr-should-include-tests) are now
filled with hundreds of warning lines, making it difficult
to find actual errors.
I expect that those warnings will be removed quickly after
furious community backlash, just like the 'head -1' fiasco
was quietly reverted, but ITM the warnings are annoying
so I capitulate.
Signed-off-by: Ed Santiago <santiago@redhat.com>
It looks like tell/seek don't work in CI-land: important test log
information is being lost. Revert this commit, maybe some day I'll
come up with a better solution.
This reverts commit 1bff0108f6.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Super-complicated and ugly code merely to make in-page anchors
link three lines above the subtest name, to the subtest status
and timing line.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Checkpoint as of Thursday April 13 afternoon.
Please do not merge with this; the .t file (tests) needs to
be updated, and there are probably many more fixes/improvements
I still need to make.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Porting them over to v2 requires a full rewrite.
IT is not clear who actually uses these benchmarks, Valentin who wrote
them originally is in favor of removing them. He recommends to use
script from hack/perf instead.
This commit also drop the CI integration, it is not clear who actually
uses this data. If it is needed for something please speak up.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
In setup, write a containers.conf.d file with db_backend
as specified in .cirrus.yml.
This is actually much scarier and more achy-breaky than
merely "sqlite system tests": it enables sqlite in e2e
tests. ("But wait, we already do that!" -- no, not really.
sqlite in e2e is being done via --db-backend option, and
some podman commands in e2e do not use the standard options.
See #17904.
This is unlikely to get merged any time soon (March, maybe
even April) because sqlite is still too fragile; this will
trigger more flakes than are currently acceptable. Also,
the nasty auto-update flake seems to trigger much more
reliably with sqlite. We need that one fixed.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Debian system tests failing due to unwanted warning:
skipping device /dev/char/10:200 for systemd:
stat /sys/dev/char/10:200: no such file or directory
Let's see if modprobing tun will eliminate the warning.
Add loud comments requesting removal once runc bug is fixed.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Principally because 'make completion' fails if we transitively
bring in a new cobra, but also, none of the other tests are
meaningful under the treadmill.
Signed-off-by: Ed Santiago <santiago@redhat.com>
MSI Validation will fail if the process env is > 32k chars
Remove CIRRUS_COMMIT_MESSAGE and CIRRUS_PR_BODY which can easily exceed this limit
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
The os.IsNotExist() function comment mentions that new code should use
`errors.Is(err, fs.ErrNotExist)` instead.
The check was already in CI but used the wrong function name (extra s.)
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Make sure we can install podman even when the podman-mac-helper install
command fails. This used to be the behavior but commit bae07b6ea2 caused
the regression because the binary now returns 1 as exit code on errors.
[NO NEW TESTS NEEDED] I am not sure if we can test the install step in
CI.
Fixes#17910
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* There's a new --db-backend option. Hide it, and actually
just assume that any new --foo-backend option will
have an arg that needs to be hidden.
* Friendly-ize "Running: quadlet ..." because those messages
include a "with QUADLET_FOO=bar" string that looks like
it's part of the command line but is not, and it's really
hard for a human eye to see what's command line and what's
extra comment.
Add tests.
Signed-off-by: Ed Santiago <santiago@redhat.com>
"Just this once", I thought, adding an obscure unmaintainable
duplication to the CI code. When will I learn?
This fixes the logformatter output filename to handle boltdb/sqlite.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Future work will present podman-machine benchmark data in some useful
format for analysis. However, this data is currently only stored as CI
artifacts. When CI runs on the main branch, after a PR merges, utilize
a pair of purpose-built containers to retrieve then upload the data into
a GCE firestore database. This operation should not be critical, such
that any faults will not cause the entire CI build to be marked as a
failure.
Signed-off-by: Chris Evich <cevich@redhat.com>
Transient mode means the DB should not persist, so instead of
using the GraphRoot we should use the RunRoot instead.
Signed-off-by: Matt Heon <mheon@redhat.com>
As suggested by @edsantiago, the complex script and direct-link in the
docs are adding little value while increasing the CI maintenance burden.
Simply retire the script and strip the direct (versioned) links from the
docs.
Signed-off-by: Chris Evich <cevich@redhat.com>
The script is broken and the maintainer temporarily unavailable to help
fix it. Disable it for now, w/ reference to possible fix.
Signed-off-by: Chris Evich <cevich@redhat.com>
Also remove disused `gitlab` test setup. This test was disabled a
while ago and is unlikely to ever be revived.
Signed-off-by: Chris Evich <cevich@redhat.com>
I can't find instances of the "lookup cdn03.quay.io" flake
in RHEL gating tests. RHEL does not use systemd-resolved.
Maybe pure coincidence. Maybe not.
Let's try disabling systemd-resolved and see how things go.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Replace existing tab indentations with spaces, and add
a test to CI to prevent new ones from sneaking in.
Signed-off-by: Ed Santiago <santiago@redhat.com>
The `benchmarks.env` file is intended for machine consumption.
Including things like a `kB` unit label (like `$MEMTOTAL`) make items
difficult to parse. Additionally, multi-value keys (like `$UNAME_RM`)
make extra/unnecessary work for the interpreter. Simplify these items
and include a data-schema version marker so an interpreter can be made
aware/support future format changes.
Signed-off-by: Chris Evich <cevich@redhat.com>
The `localbenchmarks()` function stores a `.env` file containing current
environment variables for benchmark-classification purposes. However its
naked use of `printenv` means it was logging the contents of library
functions and (worse) trying to stort all the lines. This results in an
unusable mess inside `benchmarks.env`. Fix this by re-using the
purpose-built passthrough_envars() which is designed to only print
useful, safe, env. vars.
Signed-off-by: Chris Evich <cevich@redhat.com>
A semantic change to a Cirrus-CI GraphQL API parameter caused a
unit-test to fail (as it should have) with the error:
```
Query result did not pass filter '.data.ownerRepository.cronSettings':
'{"data":{"ownerRepository":null}}'
```
As per Cirrus-support, a change was introduced in schema affecting certain
fields that were incorrectly marked Nullable. They indicated the `platform`
field was set incorrectly, and should use the value `github`.
* Fix the platform field's value to `github` instead of `LINUX`.
* Change the unit-test to only execute as part of the 'main' cirrus-cron
job so it cannot impact PRs.
Signed-off-by: Chris Evich <cevich@redhat.com>
All PRs are broken because this test fails, presumably due to a GraphQL
API change. Disable the test temporarily until a permanent solution
can be found.
Signed-off-by: Chris Evich <cevich@redhat.com>
Image content hasn't changed much, the biggest thing here is the
$IMAGE_SUFFIX value. This new schema is also fully manageable by
renovate. Allowing a tag-push to c/automation_images to create image
update PRs in all repos automatically.
ref: https://github.com/containers/automation_images/pull/247
Also, cleanup a few comments and remove a disused testing task.
Signed-off-by: Chris Evich <cevich@redhat.com>
Updated build scripts and installer build scripts to include gvproxy.exe.
Includes tutorial on setting up a Podman VM with QEMU and gvproxy on Windows.
Signed-off-by: Arthur Sengileyev <arthur.sengileyev@gmail.com>
We had a number of references, mostly in docs, to the word master that
can now be changed to main. This PR does that and makes the project a
bit more inclusive.
[NO NEW TESTS NEEDED]
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
Output from podman system service, on system tests, is
being saved... it just hasn't been collected as an artifact.
Start collecting it. And, remove obsolete-unused-misleading
code that made me think it _was_ being collected.
Also: log system-service output for bud tests, and set
log-level to info per suggestion from @Luap99
Signed-off-by: Ed Santiago <santiago@redhat.com>
The latest Windows image from containers/automation_image@327d8799 auto-creates
an interactive session through winlogon autologon on boot. Additionally it
includes the PsTools psexec command on the system.
This change utilizes both aspects to launch the verification portion of the
smoke task under the interactive session, away from the session 0 execution
environment that the Cirrus agent runs in.
Since creating a new process under the interactive session requires a new token,
and by extension a clear text password, a new crypto random password is
generated to replace the ec2 boot generated one.
These changes allow WSL to once again function after its move to a store based
delivery stream (which is incompatible with session 0 execution).
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
On occasion, developers need to run the latest or bleeding-edge
netavark/aardvark-dns in the podman CI environment. Enable this through
use of magic strings in the PR title, but only if the PR is marked as a
draft. The intent being, when the PR is ready for review, the current
CI VM package versions will be used. Hopefully also reminding the PR
author to remove the magic strings from the title, remove draft status,
and push the final set of changes to be merged.
Also, add documentation about this new magic PR title string and CI's
behaviors.
Signed-off-by: Chris Evich <cevich@redhat.com>
This is to help me in my flake analysis.
Scenario: I'm looking at recent flakes, and see Flake X. I know
that Flake X was "fixed" two weeks ago. Did the fix not work?
Or is this just one of those PRs that was created three weeks
ago (or three months ago) and never rebased to pick up the fix?
This adds a one-click way for me to tell.
Signed-off-by: Ed Santiago <santiago@redhat.com>
add a new failblock style, with light red background all across
the entire page, and use it for bats "FAIL" blocks.
Also highlight logrus level=(debug|info|warning|error|fatal)
messages in increasingly prominent styles
Signed-off-by: Ed Santiago <santiago@redhat.com>
This is a unit that can be enabled when using transient store mode
to clean up potential leftovers from previous boots. All it does is
run "podman system prune --external" once each boot.
Signed-off-by: Alexander Larsson <alexl@redhat.com>
Use the new `podman kube {down,play}` commands.
[NO NEW TESTS NEEDED] as this is a purely cosmetic change.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
The hardware used for podman-machine testing is fairly
stable/predictable because it's bare-metal. This is a nearly ideal
environment for collection of benchmarking data. Arrange for that to
happen, and the resulting data to be collected.
Also keep track of the benchmark-basis details in a machine-readable
`env` file along side the raw and parsed benchmarks.
Signed-off-by: Chris Evich <cevich@redhat.com>
The passthrough_env function was unnecessarily complicated,
hence fragile. Clean it up, and add regression tests.
For future reference: CI broke horribly because of this.
Rootless tests all failed with missing CI_DESIRED_NETWORK.
Root cause was that CIRRUS_CHANGE_TITLE had a trailing
space which, because of shell indirection, passthrough_env()
wrote as trailing backslash (not backslash-space) in the
/etc/ci_environment file, which then caused the next line
in the file to get glommed onto CIRRUS_CHANGE_TITLE.
Signed-off-by: Ed Santiago <santiago@redhat.com>
This is more consistent with the name of the other released files, and
makes identification of the binaries easier among the Windows/macOS
ones.
Related: https://github.com/containers/podman/issues/16612
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Looking at https://github.com/containers/podman/releases/tag/v4.3.1,
it's not explicit which arch the podman-remote-static binary is built
for, so this commit adds an -$(goarch) suffix to it. It builds both
arm64 and amd64 binaries as I need both for crc.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Also reuse install location for previous installs if present
Example Usage: .\podman-4.3.2-setup.exe InstallFolder=C:\Other\Loc
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
...not as a separate post-main step. Reasons:
1) If main test times out, Cirrus won't run subsequent steps
2) It really belongs in the main log anyway, because when
looking at test results, you want to have instant access
to versions, you don't want to have to clickety-click
ten steps.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Intended to be run from nightly Cirrus cron job.
1) Queries github for highest-sorting (not necessarily "latest") tag
2) Checks that the Windows MSI exists, fails if not
3) Cross-checks markdown files to ensure they have up-to-date links
When run interactively, it will auto-update the .md files
to show and link to the latest version. This makes it easy
for anyone to then submit an update PR.
And, it turns out that MSI is obsolete, the new thing is EXE.
Update the tutorials to reflect that.
Signed-off-by: Ed Santiago <santiago@redhat.com>
All the other Windows tasks depend on access to a podman-remote build
from the Alt. Arch. `Windows Cross` task. Re-arrange the test-skipping
call to never skip here only.
Signed-off-by: Chris Evich <cevich@redhat.com>
We have CI tests running in netavark mode when CNI is desired.
Add a new .cirrus.yml envariable, CI_DESIRED_NETWORK, which
we then force-check in e2e and system tests. Simple copy/paste
of #14912 (the RUNTIME check) with manual s/RUNTIME/NETWORK/
and other minor changes.
Signed-off-by: Ed Santiago <santiago@redhat.com>
We've had some oopsies in system tests:
podman foo bar
run podman foo bar
...all of which should be run_podman with underscore. Those
have been passing because /usr/bin/podman is the fallback
from $PATH. In those (few) cases, we haven't actually been
testing the podman we should be testing.
Solution: nuke /usr/bin/podman and podman-remote before
invoking system and unit tests. As an extra level of
paranoia, check for other podmans in $PATH - if any
exist, bail out with a fatal error.
Also: in a few cases where runner.sh invokes podman for
containerized something-something, run bin/podman instead
of podman from $PATH.
Also: fix existing dependencies on /usr/bin/podman
Signed-off-by: Ed Santiago <santiago@redhat.com>
openshift-merge-bot[bot]
Jason T. Greene
Ashley Cui
Chris Evich
Ed Santiago
Brent Baude
Christophe Fergeau
Paul Holzinger
Matt Heon
Jake Correnti
Lokesh Mandvekar
Anjan Nath
Daniel J Walsh
Łukasz Stolcman
Sander Maijers
Giuseppe Scrivano
Chris Evich
Urvashi Mohnani
OpenShift Merge Robot
Lokesh Mandvekar
Peter Hunt
Dan Čermák
Doug Rabson
Aditya R
Erik Sjölund
Arthur Sengileyev
tomsweeneyredhat
Stéphane Bidoul
Jason T. Greene
Alexander Larsson
Valentin Rothberg
Joakim Nohlgård