Because the podman machine tests normally run at the end of the chain,
it's time consuming for developers to validate machine-only changes.
Support a special CI runtime mode, only when a PR is marked as a draft.
Update related documentation
Also: Only run machine tests on PRs, never for branches or new tags.
Signed-off-by: Chris Evich <cevich@redhat.com>
A simple regression was introduced to the test suite that overrode the
default image for hyperv testing.
Signed-off-by: Brent Baude <bbaude@redhat.com>
- Modified Check-Exit to take a relative stack postition so that reusing
functions like Run-Command report on their callers as opposed to the source
position of the wrapper.
- Record and print the last command executed as it likely scrolled off with
test output.
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
Issue Ref: #20853
Allow the tests to fail, but don't block merging PRs.
This commit should be reverted when #20853 is resolved.
Signed-off-by: Chris Evich <cevich@redhat.com>
Setup and execute podman machine testing on bare-metal M1 Macs
using a pool of shared and semi-persistent hosts. Automated
and manual processes outside this repository are responsible
for providing and maintaining all hosts. Ref.
https://github.com/containers/automation/tree/main/mac_pw_pool
Update the `localmachine` make target to standardize execution
across platforms. Update/simplify podman-machine e2e README to
reflect current reality.
Warning: This CI setup and supporting infrastructure was developed
in favor of expediency vs reliability and stability. There are
many possible failure-modes (known and unknown) which may lead
to undefined test behaviors. Future work may address some of
these as they are encountered or discovered.
[NO NEW TESTS NEEDED]
Signed-off-by: Chris Evich <cevich@redhat.com>
For whatever reason (I don't understand this stuff well) the
`win-podman-machine-main.ps1` script exits successfully despite the
final `Check-Exit` showing a non-zero exit code was detected. Attempt
to fix this by throwing an exception instead of calling `Exit`.
Signed-off-by: Chris Evich <cevich@redhat.com>
Intended to serve as motivation to fix them. Removed from status
aggregator so the failures don't block PR merging. Updated comment text
to reference related open issue, #20548.
Signed-off-by: Chris Evich <cevich@redhat.com>
We're only testing vfs in CI. That's bad. #18822 tried to
remedy that but that only worked on system tests, not e2e.
Here we introduce CI_DESIRED_STORAGE, to be set in .cirrus.yml
in the same vein as all the other CI_DESIRED_X. Since it's 2023
we default to overlay, testing vfs only in priorfedora.
Fixes required:
- e2e tests:
- in cleanup, umount ROOT/overlay to avoid leaking mounts
- system tests:
- fix a few badly-written tests that assumed/hardcoded overlay
- buildx test: add weird exception to device-number test
- mount tests: add special case code for vfs
- unprivileged test: disable one section that is N/A on vfs
Signed-off-by: Ed Santiago <santiago@redhat.com>
Followup to #20318: now that sqlite is the podman default,
enforce that in CI as well. Test boltdb only in Prior Fedora.
In the process, discovered & cleaned up some duplication
and unused YAML anchors.
Signed-off-by: Ed Santiago <santiago@redhat.com>
The podman in `ubuntu-latest` environment apparently is too old to
support `--userns=keep-id:uid=1000,gid=1000`. Employ workaround in GHA
workflow and in `prebuild.sh` check.
Signed-off-by: Chris Evich <cevich@redhat.com>
As an effort to catch potential secrets and/or credential leaks, add a
github-actions workflow which is untouchable in a PR context.
To additionally guard against accidents, also check recent branch
history. This is especially important on newly created
release-branches, which may begin with content from who-knows-where.
Finally, since the new workflow bypasses PR-level changes to the scanner
config and base-line. Add a Cirrus-CI invocation of the scanning tool
to help catch tool-breaking changes from being merged.
Signed-off-by: Chris Evich <cevich@redhat.com>
Also, de-duplicate power-shell variables and functions as they're
beginning to sprawl. This does not completely address all duplicates,
mainly those involved in the podman-machine CI workflow. So,
nothing under `contrib/win-installer` has been touched.
[NO NEW TESTS NEEDED]
Signed-off-by: Chris Evich <cevich@redhat.com>
The `v4.3.1` version of the library defines a common
`passthrough_envars()` so it doesn't need to be duplicated in podman and
buildah CI. It also includes an update to build-push which should make
debugging easier.
Finally, these images include setting of the en_US.UTF-8 locale to enable
removal of a workaroud in a future commit.
Signed-off-by: Chris Evich <cevich@redhat.com>
When you run e2e tests locally they use CNI unless the NETWORK_BACKEND
env was set to netavark. Because our main focus is on netavark we should
test it by default.
For local tests this should help to prevent CNI/netavark conflicts as I
assume most systems where people run tests on are on netavark by now.
For CI testing we hardcode NETWORK_BACKEND there to test both netavark
(on current fedora) and CNI (prior fedora). MAke sure to switch the
logic in the CI setup to reflect that.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Followup on #19477
Remove commented out cirrus task for fcos image build with podman-next
and add 2 github actions: 1 for running a simple uni-arch image build
on every PR and another to actually build multiarch images and push to
quay after merge.
`podman --version` will also include git short sha for clarity.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Every few months we get a new CI failure that requires
scanning through logs that give no indication of what
is happening or where. Tracking down the error can
cost many hours.
Solution: pepper cirrus scripts with showrun(), which echoes
the command _and_ displays the source filename + lineno.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Prevent future occurrences of #19894, by making upgrade tests
run any time there's a change to system tests. That's overly
broad: upgrade tests only rely on test/system/helpers.bash,
not test/system/anything-else. IMHO the cost of CI breaking
is higher than the cost of running unnecessary jobs.
Signed-off-by: Ed Santiago <santiago@redhat.com>
These jobs have been failing since early August due to
technical/scripting problems. Disable/remove entirely since a fix is
unlikely to be implemented anytime soon.
Ref: Abandoned recent attempt at debugging
https://github.com/containers/podman/pull/19720
Signed-off-by: Chris Evich <cevich@redhat.com>
Make sure the en_US.UTF-8 locale is available so that we can use it in
tests, namely "podman logs with non ASCII log tag succeeds with env".
It is already there in fedora (except container image but we cannot use
journald there anyway) so only do this for debian. I think it makes
most sense to move this into the image build process in the future to
only do it once at build time.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The socket can already exist and is not removed by disabling the systemd unit,
hence it needs to be deleted to get a "vanilla" system. This is a temporary
workaround suggested in:
https://github.com/containers/podman/pull/19478#issuecomment-1665350945
[NO NEW TESTS NEEDED] - this is a CI fix
Signed-off-by: Dan Čermák <dcermak@suse.com>
This was replaced by the setup.exe burn installer several releases ago,
and only kept around as a fallback. Remove it since it is no longer
maintained and not recommended for use.
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
Podman is basically unusable without cgo, checking if it compiles
without adds no value and just tricks people into thinking it works when
it does not.
This means we do not need extra to NOP out a lot of cgo calls with
functions that just return an error like `XXX is not supported without
cgo`.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Using a FreeBSD VM allows building a functioning binary via 'make
podman-release'. This uses Cirrus' freebsd_instance which provisions VMs
on Google Compute Engine.
I attempted to add FreeBSD binaries to the artifacts task but this
failed, apparently because the extra 50Mb of space exceeded a 1Gb limit
in Cirrus.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
When an e2e test fails in AfterEach, ginkgo "helpfully" adds
a heading in that test log block:
TOP-LEVEL [AfterEach]
/path/to/source.go
Podman Desc Blah
That TOP-LEVEL line screws up our in-page links. Ignore it
both in the heading and in the bottom failure-summary lines.
Add test, including tests for bottom-summary.
Signed-off-by: Ed Santiago <santiago@redhat.com>
In debian environment we are hitting an edge-case where older buildah
version is not compatible with newer podman version because both of them
are using different storage driver.
I.e
* Podmand defaults to native `overlay`.
* Older buildah version defaults to `vfs`.
See discussions below for more details
* containers#18510 (comment)
Co-authored-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Aditya R <arajan@redhat.com>
Ginkgo test names can have more than two levels: there can be
a nested series of Describes() before the final It(). (e.g.,
quadlet_test.go). Handle that.
Before: we just assumed that the third-or-maybe-fourth line
after a "-----" divider was the test name.
Now: examine every line after the "-----" divider, until the
first empty line. Lines with /path/to/source/file are ignored,
lines with text strings are assembled together to make anchors.
This is still imperfect but it's much better than before.
SPECIAL NOTE: in order to allow linking to timing results
in the AfterSuite, I've changed the test name from Leaf to Full.
This will now be a much longer string, and hence much less
readable, but I'm inclined to think it's more correct. Please
review carefully and lmk if I should revert.
Finally, as an unrelated add-on, add links (at top) to original
log, journal, and (if applicable) podman-remote server logs.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Fix an oops in my ginkgo-v2 handling: subtest-status was
getting re-reset back to "passed", resulting in incorrect
and misleading green titles on failed tests.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Instrument system tests in hopes of tracking down #17216,
the unlinkat-ebusy-hosed flake.
Oh, also, timestamp.awk: timestamps have always been UTC, but
add a 'Z' to make it unambiguous.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Rather than supporting a special-mode *just* for netavark/aardvark
testing [in podman CI], support testing with all the latest
`podman-next` COPR packages.
The idea here is very similar to the netavark/aardvark special mode it
replaces. Most podman-dependencies do not have the level of
comprehensive CI as exist here. This new CI-mode allows testing
upstream updates to podman-dependencies without needing to roll out
a whole new package/release for them.
Also update documentation for this new mode.
Signed-off-by: Chris Evich <cevich@redhat.com>
This magic string isn't often used and may cause confusion with future
magic-string additions. Remove it.
Signed-off-by: Chris Evich <cevich@redhat.com>
openshift-merge-bot[bot]
Chris Evich
Daniel J Walsh
Brent Baude
Jason T. Greene
Ed Santiago
Chris Evich
Urvashi Mohnani
Paul Holzinger
Lokesh Mandvekar
Peter Hunt
Dan Čermák
Doug Rabson
Aditya R
OpenShift Merge Robot