as issue #2702 describes, we want to make podman and podman-remote as
part of make install.
Fixes: #2702
Signed-off-by: baude <bbaude@redhat.com>
avoid `make` in `make install` in the rpmbuild process.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
This is mainly/initially to support use of Cirrus-CI
in https://github.com/containers/buildah since that setup
re-uses the VM images from this project. However, it also
opens doors here, if libpod ever needs/wants to do things
with a dedicated storage device and/or storage-drivers.
Signed-off-by: Chris Evich <cevich@redhat.com>
The release-task ***must*** always execute last, in order to guarantee a
consistent cache of release archives from dependent tasks. It
accomplishes this by verifying it's task-number matches one-less than
the total number of tasks. Previous to this commit, a YAML anchor/alias
was used to avoid duplication of the dependency list between 'success'
and 'release'
However, it's been observed that this opens the possibility for
'release' and 'success' tasks to race when running on a PR. Because
YAML anchor/aliases cannot be used to modify lists, duplication is
required to make 'release' actually depend upon 'success'.
This duplication will introduce an additional maintenance burden.
Though when adding a new task, it's already very easy to forget to
update the 'depends_on' list. Assist both cases by the addition
unit-tests to verify ``.cirrus.yml`` dependency contents and structure.
Signed-off-by: Chris Evich <cevich@redhat.com>
This task depends upon other tasks caching their binaries. If for
whatever reason the `release` task is re-run and/or is out-of-order
with it's dependents, the state of cache will be undefined. Previously
this would result in an error, and failing of the release task.
This commit alters this behavior to issue a warning instead.
Signed-off-by: Chris Evich <cevich@redhat.com>
It's somewhat hard to predict which units are certinly present
for any given base-image. Therefore, at image-build time, it's
distracting and unhelpful to see all the errors about units that
don't exist, on every platform. Simply ignore them and rely on
the `check_image.sh` test to confirm none are enabled.
Signed-off-by: Chris Evich <cevich@redhat.com>
For CI testing, it's important to remove as much variability from the
overall system as possible. This permits focusing just on problems
closely related to code-changes. To this end, and because VMs are very
short-lived (2 hours at most), disable all systemd services and timers
which perform periodic activities.
Signed-off-by: Chris Evich <cevich@redhat.com>
Various tasks and scripts behave differently depending on whether or not
the build is running against a PR or on a branch, post-merge. However,
a great number of them are hard-coded to the string 'master' as the
destination. Since this is not always the case (there are other
relevant branches), it makes sense to abstract the references with a
single definition.
Add a top-level `$DEST_BRANCH` variable to CI, and otherwise
default to 'master' when unset. This enables running CI builds on
additional branches without the overhead of updating all the static
references to 'master'. Simply update `$DEST_BRANCH` at the top-level
and all branch-conditional logic will function as intended.
Signed-off-by: Chris Evich <cevich@redhat.com>
Over time unless they're removed, the project could grow quite a large
collection of VM images. While generally cheap (less than a penny each,
per month), these will become a significant cost item if not kept
in-check.
Add a specialized container for handling image-pruning, but limit
it to only finding and printing (not actually deleting) images.
Also update the image-building workflow so that base-images used to
compose cache-images are also labeled with metadata.
N/B: As an additional safeguard, the service account which
executes the new container in production *DOES NOT*
have access to delete images. This can be enabled
by adding the GCE IAM role: CustomComputeImagePrune
Signed-off-by: Chris Evich <cevich@redhat.com>
It's desirable to make archives available of builds containing actual
tested content. While not official distro-releases, these will enable
third-party testing, experimentation, and development for both branches
(e.g. "master") and pull requests (e.g. "pr3106").
* Add a Makefile targets for archiving both regular podman binaries
and the remote-client. Encode release metadata within these
archives so that their exact source can be identified.
* Fix bug with cross-compiling remote clients for the Windows and Darwin
platforms.
* Add unit-testing of cross-compiles for Windows and Darwin platforms.
* A few small CI-script typo-fixes
* Add a script which operates in two modes:
1. Call Makefile targets which produce release archives.
Upload the archive to Cirrus-CI's built-in caching system
using reproducible cache keys.
2. Utilize reproduced cache keys to attempt download of cache
from each tasks. When successful, parse the file's
release metadata, using it to name the archive file. Upload
all recovered archives to a publicly accessible storage bucket
for future reference.
* Update the main testing task to call the script in mode #1 for
all primary platforms.
* Add a new `$SPECIALMODE` task to call the script in mode #1 for
Windows and Darwin targets.
* Add a new 'release' task to the CI system, dependent upon all other
tasks. This new tasks executes the script in mode #2.
* Update CI documentation
Signed-off-by: Chris Evich <cevich@redhat.com>
Building/installing dependencies from fixed source-version ensures
testing is reliable, but introduces a maintenance burden and
risks testing far outside of a real-world environment. The
sensible alternative is to install dependencies from distro-packaging
systems.
Install all development and testing dependencies at VM cache-image build
time, to help ensure testing remains stable. The existing cache-image
build workflow can be utilized at any future time to build/test
with updated packages.
***N/B***: This does not update any dockerfiles used by testing, that is
left up to future efforts.
Signed-off-by: Chris Evich <cevich@redhat.com>
I'm running the BATS tests manually once in a while, and
catching several problems each week that make it past
the rest of CI. Since the BATS tests run at RPM gating
time, we need to catch problems earlier. Try running
the tests from Cirrus.
Tests will be skipped on Ubuntu due to a too-ancient
version of coreutils (8.28; the 'timeout -v' we use
requires 8.29).
Tests are run *after* integration tests, even though
these take three minutes and would be nice to have
fail quickly, because running before causes bizarre
CI failures. Shrug.
UPDATE: also fix run test, broken by #3311.
Signed-off-by: Ed Santiago <santiago@redhat.com>
The original solution using --wait does not function on F30, waiting
forever. Replace it with a simple 5-minute timeout loop.
Signed-off-by: Chris Evich <cevich@redhat.com>
Remove disused `build_cache_images` task, and
update relevant dockerfiles for F30.
Fix problem of cloud-init failing to expand root-device on boot
(/var/lib/cloud/instance left in improper state).
Fix problem of cloud-init racing with google-network-daemon.service on
boot (looking for cloudconfig metadata too early). Causing
root-device to _sometimes_ fail to expand.
Fix problem of hack/get_ci_vm.sh argument passing.
Signed-off-by: Chris Evich <cevich@redhat.com>
The upstream/Dockerfile had a few issues that this
cleans up. A few files were misplaced, wrong installs
and removes. This corrects those issues.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
With multiple `containers` projects updating VM Image metadata,
it would be very difficult to discover which Cirrus-CI setup
was responsible. Add the GCE project name to the list
of metadata labels to update when this container runs. This
will give more context as to which images are currently in use.
Signed-off-by: Chris Evich <cevich@redhat.com>
...with the goal of (very soon) reusing this code, in #2947,
to run system tests in CI. This is the cleanest way I can
think of to do so without duplication or a large maintenance
burden.
Changes are:
- replace references to 'ginkgo' with 'integration'. That
target is already in Makefile, and is not only more
readable, it's also more abstract. There is no reason
for this level of code to know about ginkgo.
- allow rootless_test.sh to accept an argument,
that being the name of the test suite to run
(default: integration). #2947 will enable 'system'.
- allow integration_test.sh to serve multiple purposes,
by checking its filename. #2947 will add a symlink,
system_test.sh, which will then cascade down to
invoke system tests.
Signed-off-by: Ed Santiago <santiago@redhat.com>
The Dockerfiles necessary to create the stable, testing and upstream container images
on quay.io/user/podman. Once this is commited, I will set up those images
such that they will be built with every git commit.
stable - Latest Fedora release image
testing - Latest release on bohdi Fedora testing
upstream - Latest version in upstream podman
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Occasionally, and seemingly only on F29 the root disk fails to expand
upon boot. When this happens, any number of failures could occur if
space runs out. Until there is time to investigate the actual cause,
workaround this problem by detecting it and acting accordingly.
Signed-off-by: Chris Evich <cevich@redhat.com>
New base-image boots, a cache-image builds, but more work is needed for
it to be prime-time ready. This commit just adds some updates to the
scafolding necessary to build the base-image. Future work will make F30
more of a reality.
Also add log-collection scripts to test image verification task
Signed-off-by: Chris Evich <cevich@redhat.com>
Previously, it was quite difficult to affect changes to VM cache images
without lots of manual work. This commit adds a new optional testing
task which mirrors the official-image build task which only runs on
master. In contrast, the new task may be run at any time in a PR, but
including a magic phrase in the PR description.
Update documentation to describe the new task and inform on it's usage.
Signed-off-by: Chris Evich <cevich@redhat.com>
For people who want to install podman remote or podman
only we need to separate out the two install commands.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
There were some build issues updating cri-o to cri-o/cri-o. Since the only thing we need cri-o for is conmon, we should just build using conmon.
Signed-off-by: Peter Hunt <pehunt@redhat.com>
We want the remote tests for our distributions to be tested in a
different VM than the local tests. This allows for faster CI runs and
easier debug as well as seperation of flakes.
Signed-off-by: baude <bbaude@redhat.com>
We want to start supporting the registries.conf format.
Also start showing blocked registries in podman info
Fix sorting so all registries are listed together in podman info.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Existing code was not working due to a bash gotcha ('exit'
from a pipeline). It also had unnecessary duplication.
New version is safer; also includes unit tests run under localunit.
Existing invocations of req_env_var replaced via:
$ [ edit setup_environment.sh, move one closing quote to its own line ]
$ perl -ni -e 's/(?<=req_env_var )"(\S+)\s+\$\1"/$1/; if (/req_env_var "$/ .. /^\s*"/) { chomp; s/(?<=\S)\s.*//; if (/^\s*"/) { print "\n" } else { unless (/req_env_var/) { s/^\s+//; print " ";} print;} } else { print }' $(ack -l req_env_var)
$ [ hand-massage an incorrect instance of '@' in lib.sh:ircmsg() ]
Signed-off-by: Ed Santiago <santiago@redhat.com>
add the ability for podman to read and write events to journald instead
of just a logfile. This can be controlled in libpod.conf with the
`events_logger` attribute of `journald` or `file`. The default will be
set to `journald`.
Signed-off-by: baude <bbaude@redhat.com>
Previously libpod CI was fairly straight-forward, run unit and
integration tests in a standard set of 3 VMs. Off on the side was a
single special case of running tests as an ordinary user. There is a
desire to stop using the PAPR system to support testing inside of a
container.
Since having two special cases potentially invites more
down the road, make provisions to handle them more gracefully. This
commit introduces an environment variable: ``$SPECIALMODE``. It's
value has the following meanings within the CI scripts:
Mode 'none': Nothing special, business as usual (default)
Mode 'rootless': Rootless testing
Mode 'in_podman': Build container, run integration tests in it.
This will make adding additional special-cases later easier, as well as
extending the special cases in a Matrix across multiple OS's.
Signed-off-by: Chris Evich <cevich@redhat.com>
We have a very high performance JSON library that doesn't need to
perform code generation. Let's use it instead of our questionably
performant, reflection-dependent deep copy library.
Most changes because some functions can now return errors.
Also converts cmd/podman to use jsoniter, instead of pkg/json,
for increased performance.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Randomize the user's UID and GID
* Simplify `setup_environment.sh`
* Support new "-r" option for `hack/get_ci_vm.sh` setting up rootless
* Connect as $ROOTLESS_USER when using "-r" with `hack/get_ci_vm.sh`
Signed-off-by: Chris Evich <cevich@redhat.com>
Likely caused by rebase typos after removing test-commit. This fixes
notifications to actually get sent. Also show env. vars after setting
up the environment - helps debugging.
Signed-off-by: Chris Evich <cevich@redhat.com>
Until recently it was very difficult to execute any scripts if part of a
task failed. A new feature in Cirrus-CI makes this easy. Use it to
post a notice on IRC when any task fails.
Also: Add quotes around yaml-string values for consistency and
syntax-highlighting correctness.
Signed-off-by: Chris Evich <cevich@redhat.com>
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Replaces 'skopeo-containers' with 'containers-common' in the files that
I feel comfortable changing it in. There are a number of rpm building
related files that still have it, but I was hesitant to do so.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Weekend hack by someone who doesn't grok zsh completion
but who finds it deeply offensive that most completion
files have an unmaintainable duplication of options
and arguments. The idea behind this one is to discover
the command line using --help, with a few hardcoded
helpers for discovering containers, images, pods,
and figuring out which args take files/dirs as args.
Working remarkably well. I am using this in my daily
routine and wondering how I ever managed without it.
It's not perfect -- a future version can perhaps
show only stopped containers for podman rm, only
running ones for podman stop -- but ROI seems low
on that given my limited zsh completion skills.
Sadly, I can't figure out how to write a regression
test suite for this. It would be lovely to have a
list if partial command lines and expected completions,
because the history of this change is that (seemingly)
minor tweaks in one place cause breakage in another.
Does anyone know of such a framework?
Still... working well enough to ship, IMO.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Make use of the built imgts container image to track
VM image usage statistics for every automation run.
Also update and add small check to the gate test
that verifies expected formatting/content of the
`.cirrus.yml` file WRT VM Image names.
Signed-off-by: Chris Evich <cevich@redhat.com>
Certain integration tests require execution as a regular user.
This is acomplished by `PodmanTest.PodmanAsUserBase()` wrapping a
specialized execution environment, in `test/utils/utils.go`. However,
doing this requires passing through python, which vastly increases the
complexity of debugging low-level problems.
This commit introduces a new parallel task, run as a regular user on the
VM as set by three environment variables. All commands executed in the
``rootless_test.sh`` script, will occur as a real user with a name and
home directory, just as `$DIETY` intended. All env. vars established
during `environment_setup.sh` (for root) are available. The PR source
in `$GOSRC` and `$GOPATH` are owned by this user, and ready for use.
Signed-off-by: Chris Evich <cevich@redhat.com>
We had a regression on master where we broke the build for
non-Varlink builds. Catch this in CI in the future.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
If user specifies network namespace and the /etc/netns/XXX/resolv.conf
exists, we should use this rather then /etc/resolv.conf
Also fail cleaner if the user specifies an invalid Network Namespace.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
There is no native package for this, so the packaged version must also
be installed, otherwise all the support/dependencies would be removed
also (like go-md2man). Fix this by installing from the google released
tarball, into /usr/local/go and set $GOROOT to point there.
Also, include a small fix for hack/get_ci_vm.sh not installing
testing dependencies because of an old assumption.
***CIRRUS: REBUILD IMAGES***
Signed-off-by: Chris Evich <cevich@redhat.com>
Tests running slower than normally-slow, bump timeout to allow them to
pass until better solution (for slow Ubuntu tests) can be found.
Signed-off-by: Chris Evich <cevich@redhat.com>
`make localunit` fails on non-amd64 archs
as it unzips packer_1.3.2_linux_amd64.zip
irrespective of host arch its running on.
Signed-off-by: Nitesh Konkar <niteshkonkar@in.ibm.com>
Prior, a pod would have to be started immediately when created, leading to confusion about what a pod state should be immediately after creation. The problem was podman run --pod ... would error out if the infra container wasn't started (as it is a dependency). Fix this by allowing for recursive start, where each of the container's dependencies are started prior to the new container. This is only applied to the case where a new container is attached to a pod.
Also rework container_api Start, StartAndAttach, and Init functions, as there was some duplicated code, which made addressing the problem easier to fix.
Signed-off-by: Peter Hunt <pehunt@redhat.com>
iFix builtin volumes to work with podman volume
Currently builtin volumes are not recored in podman volumes when
they are created automatically. This patch fixes this.
Remove container volumes when requested
Currently the --volume option on podman remove does nothing.
This will implement the changes needed to remove the volumes
if the user requests it.
When removing a volume make sure that no container uses the volume.
Signed-off-by: Daniel J Walsh dwalsh@redhat.com
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Make sure that all vendored dependencies are in sync with the code and
the vendor.conf by running `make vendor` with a follow-up status check
of the git tree.
* Vendor ginkgo and gomega to include the test dependencies.
Signed-off-by: Chris Evic <cevich@redhat.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
The toolbox project would benefit from a few changes to more closely
resembe the original atomic cli project. Changes made are:
* only pull image for container runlabel if the label exists in the image
* if a container image does not have the desired label, exit with non-zero
Signed-off-by: baude <bbaude@redhat.com>
Add necessary tweaks to base-image build/import process so that image
can successfully boot with networking enabled. Build the base image and
update ``.cirrus.yml`` accordingly.
Also make a minor improvement to cache-image building to help save space in
GCP image storage. Namely, instead of storing every produced image, export
them into google storage buckets w/ life-cycle enabled. For production use,
they may be converted back into GCE images, otherwise they will expire after
a time.
Signed-off-by: Chris Evich <cevich@redhat.com>
This was specifically disabled early on in transitioning to cirrus due to
an excessive number of test failures and lack of knowledge. This commit
reverses the stance and unifies build and test commands across all
current platforms.
Signed-off-by: Chris Evich <cevich@redhat.com>
Once built, this container can be utilized by automation to help keep
track of VM images. All parameters are passed in via env. vars.
Signed-off-by: Chris Evich <cevich@redhat.com>
Previously we only reported the date/time at the beginning of a run
since it's not available in the Cirrus-CI system. This commit
generalizes the solution, recording start/end times for all major
events.
Also the timestamps are recorded into a local file on the VMs. This
is intended for future use, for example tracking execution-time
trends.
Signed-off-by: Chris Evich <cevich@redhat.com>
Add the ability to run the integration (ginkgo) suite using
the remote client.
Only the images_test.go file is run right now; all the rest are
isolated with a // +build !remotelinux. As more content is
developed for the remote client, we can unblock the files and
just block single tests as needed.
Signed-off-by: baude <bbaude@redhat.com>
For all in testing involved distribution a new enough CRIU exists as a
package.
Fedora provides CRIU packages directly. For CentOS/RHEL there is a COPR
with the latest CRIU version and for Ubuntu there is a PPA for the
latest CRIU version. Let's use these packages and fall back to building
from git if necessary.
Signed-off-by: Adrian Reber <adrian@lisas.de>
The podbot messages are becoming obnoxious as more distributions are
tested. Only call the `success.sh` script once, after all testing was
successful. Also make update the message to include more helpful text
and url.
Signed-off-by: Chris Evich <cevich@redhat.com>
Frequently debugging of CI-related problems requires going hands-on
within the environment. However, reproducing the environment by hand is
very tedious and error prone. This script permits authorized users to
produce VM's based on any available cache-image, and automatically remove
them upon logout.
Also: Bump up VM disk sizes to 200GB due to performance reasons
Signed-off-by: Chris Evich <cevich@redhat.com>
Since the most recent TWO versions of Fedora are officially supported
upstream, both need to be tested. Implement the concept of a 'prior'
Fedora release in both base-image and cache-image production. Utilize
the produced cache-image to test libpod. Remove F28 testing from PAPR.
Much thanks to @baude @giuseppe for help with this.
Signed-off-by: Chris Evich <cevich@redhat.com>
Occasionally people need to access the VM's for
troubleshooting/debugging. Having an editor pre-installed makes life
easier and doesn't cost any extra test-time.
***CIRRUS: REBUILD IMAGES***
Signed-off-by: Chris Evich <cevich@redhat.com>
A number of images required for future testing are not present in GCE.
Importing them is a long proscribed process prone to errors and
complications.
Improve this situation by documenting, and encoding the majority of the
steps required. Due to the required complexity, these are clearly
identified as 'semi-automated'. This means a discerning eye is
sometimes needed to address unforeseen problems (networking issues,
format or packaging changes, etc).
Nevertheless, having these steps in writing, will reduce current and
future maintenance burden while supporting future testing needs of
RHEL, Fedora and Fedora Atomic Host.
Also:
* Add necessary configuration, scripts, and Makefile updates needed to
prepare RHEL, Fedora, & FAH cloud images for use in GCE. This
is a complex, multi-step process where the cloud image is booted
un a local user-mod qemu-kvm instance, where it can be modified.
From there, it's converted into a specific format, and imported into
GCE. Lastly, the imported raw disk data is made available as a GCE
VM image.
Note: As of this commit, the RHEL base-image builds (CentOS has native
image), however neither RHEL or CentOS cache-images build correctly.
* Left testing on FAH disabled, the GCE/Cirrus integration needs needs more
work. Specifically, the python3-based google startup script service
throws a permission-denied (as root) when trying to create a temp.
directory. Did not investigate further, though manually running the
startup script does allow the libpod tests to start running.
* Enabled Fedora 29 image to execute tests and general use.
* Utilize the standardized F28-based container image for gating
of more the intensive unit and integration testing. Update
documentation to reflect this as the standard platform for
these checks. Rename tasks with shorter names and to better
reflect their purpose.
* Cirrus: Trim unnecessary env vars before testing since the vast
majority are only required for orchestration purposes. Since most
are defined within `.cirrus.yml`, it's a good place to store the
list of undesirables. Since each of the cirrus-scripts runs in
it's own shell, unsetting these near the end will have no
consequence. Also trim down the number of calls to show_env_vars()
Signed-off-by: Chris Evich <cevich@redhat.com>
The packer tool takes JSON as input for the details of producing VM
images to be used for PR CI-testing. JSON is not a very human-friendly
format, without support for comments and frequently containing lots of
duplicate data.
Fix this by using a Makefile + simple python one-liner to convert
from a human-friendly YAML format into packer-native JSON. This allows
use of anchors/aliases to reduce duplication, and allows inline comments
for easier maintainability. This also allows separating the 'test'
action from the 'build' action, for earlier and better syntax problem
detection.
Lastly, there are some minor ``lib.sh`` and ``integration_test.sh``
updates to support future work, and slightly improve the build and
test environments.
Signed-off-by: Chris Evich <cevich@redhat.com>
* Change all store_true or store_false to use store_bool.
New behavior documented in BooleanAction docstring.
* Remove any extraneous code identified by pylint in files from above.
Fixes#1869
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Don't try to argparse command-line arguments on the right-hand
side of the image; those are intended for the container command:
pypodman create fedora ls -l
pypodman run fedora find / -name foo
pypodman run fedora bash -c 'echo hi'
If/when `pypodman exec` gets implemented, it should use this too.
Signed-off-by: Ed Santiago <santiago@redhat.com>
The conditional + list comprehension in images.py:_split_token()
wasn't quite working as intended; in particular, when fed None,
it chokes with
TypeError: 'NoneType' object is not iterable
This is the correct behavior: comprehensions iterate first,
then apply the conditional.
Solution: special-case None, and remove the now-unnecessary
conditional.
Context: seen when trying 'pypodman run' against
docker.io/stackbrew/centos:7, which has no .ContainerConfig.Eng
Signed-off-by: Ed Santiago <santiago@redhat.com>
The environment variable wasn't set, giving 0.0.0
It is a still a problem if you use python3 to build,
rather than make. You *need* to set $PODMAN_VERSION,
or your module and packages won't have the version.
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
Also, don't use $PORT. These are too generic.
Make sure to read $LOGNAME _after_ the config.
Prefix all the remote variables with PODMAN_
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
* Improve error messages from argparse Actions
* Silence more pylint errors when supporting a given API
* Refactor BooleanAction to support lower and mixed case input
* Remove spurious print()
Signed-off-by: Jhon Honce <jhonce@redhat.com>
pypodman does not currently support the version command. We want to
have as close to the same functionality between podman and pypodman,
so adding this command.
Also had to fix some validate errors.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Previously it was required to call the verify, unit, and integration
scripts in order to build/install dependencies, and libpod. This
wastes time during the (optional) system-testing, since the
actual unit/integration testing is also happening in parallel.
Consolidate only the distribution-specific build steps into the
system-testing script. This way, only the required steps are performed
in their respective (parallel) tasks.
Signed-off-by: Chris Evich <cevich@redhat.com>
Previously, several magic strings were in place to affect cirrus-ci
operations. Two were buried within scripts. One to optionally
execute system-tests within a PR. Another to avoid re-building
cache-images upon every merge.
Move these magic strings out into the open, buy locating their
logic up-front in the ``.cirrus.yml`` file. This improves
readability and reduces surprise/astonishment at runtime.
Signed-off-by: Chris Evich <cevich@redhat.com>
Having a standardized image allows uniform application of format and
lint checking across multiple host platforms. This ensures all
contributors and disparate CI systems to play by a common set of basic
rules. It also makes it easier to maintain the common rules over-time.
Signed-off-by: Chris Evich <cevich@redhat.com>
Currently we modify the git checkout which ends up showing that the checkout is dirty. This patch sets the PYTHON_VERSION so that python code will handle
it correctly without having to modify the actual code.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
The Python podman bindings have issues around kill - specifically
attempting to make it act like stop, when it should not. We
provide no guarantee of what state a container if in after kill -
it should be stopped, but we might have sent something that's not
SIGKILL. If you want a container or pod stopped, guaranteed, use
Stop().
The Python code attempted to ensure a container was actually
stopped after kill was run, which runs counter the above. This
was holding up some PRs that caused changes in how libpod obtains
its state, so for now, change pod kill to pod stop until the
proper changes in the Python code can be made.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Fixed issue where podman printed '<none>' and pypodman
skipped the image
* Fixed issue where port was printed in place of tags
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Normally, we would not run system-tests as part of PR-level CI, they're
simply too heavy-weight and complex. However, in some instances it may
be desirable to provide a quick feedback loop, prior to release packaging
and official testing. Enable this by executing the system-tests when
a magic string is present in the PR description:
``***CIRRUS: SYSTEM TEST***``
Signed-off-by: Chris Evich <cevich@redhat.com>
Given frequent merges, it doesn't make sense to rebuild the VM testing
images every time. Instead, monitor the PR title and description for
a magic string, only triggering builds on a match:
***CIRRUS: REBUILD IMAGES***
Signed-off-by: Chris Evich <cevich@redhat.com>
Occasionally, short-term temporary connectivity problems prevent ubuntu
from updating on GCE. As a workaround, attempt these commands twice.
Signed-off-by: Chris Evich <cevich@redhat.com>
Previously this was disabled as some package was breaking networking on
GCE after updating + rebooting. This is fixed now, so we should update
packages when building the fedora test VM image.
https://pagure.io/cloud-sig/issue/292
Signed-off-by: Chris Evich <cevich@redhat.com>
* Added tox configuration to test python 3.4, 3.5 and 3.6.
Tox testing not enabled on every PR
* Updated MANIFEST.ini to support tox
* Correct comments
Fixes#1641
Signed-off-by: Jhon Honce <jhonce@redhat.com>
An invalid GCE value is being passed to packer, preventing it from
building VM images. Fix this, and centralize the definition of the
image name suffix by setting it at ``setup_environment.sh`` call-time,
rather encoding inside packer's `libpod_images.json`. This makes
the value available for use by other scripts.
Also, switch the unique component of the name, to be based on the
commit-sha being tested. This will improve traceability, since the git
history is more permanent than the `CIRRUS_BUILD_ID` env. var. The
later is subject to log-rotation, destroying evidence of the images
source state.
Signed-off-by: Chris Evich <cevich@redhat.com>
Add a naive python script that's able to connect to IRC and send a
single line of text to the #podman channel. Wrap this in a new
library function to ensure nick-name collisions are unlikely.
Signed-off-by: Chris Evich <cevich@redhat.com>
There have been some python-podman flakes observed across multiple CI
systems. Support capturing a VM for further investigation in the
event of a non-zero exit. This is done by printing a warning message
and delaying script-exit for a long time. Hopefully a human will notice
and have an opportunity to enable deletion-protection on the VM.
Signed-off-by: Chris Evich <cevich@redhat.com>
* Add support for pod -- create, inspect, kill, pause, ps, rm,
restart, start, stop, top, unpause
* Update pylintrc to better reflect pep8 code standards
* Fix various pylint reported errors
* Refactor code that determines screen width to no longer
require initializing curses. Improved start up time and
pushing data blob down ssh tunnel.
* Correct pod-create man page, cgroupparent not boolean
* Abort integration tests if podman service fails to start
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Don't waste GCE VM resources for 30-min of testing,
when verify would fail after 3-minutes. This is
the simpelest mechanism to save cloud CPU-time
while GCE is under trial-status (can not set quotas).
Signed-off-by: Chris Evich <cevich@redhat.com>
Testing podman requires exercising on a full-blown VM. The current
containerized-approach is complicated, and mostly a band-aid over
shortcomings in the other CI systems. Namely, we want:
* To pre-build environments with dependencies to reduce the
setup time needed for testing.
* The ability to verify the pre-built environments are working
before utilizing them for further testing.
* A simple, single set of flexible automation instructions to
reduce maintenance burden.
* Ease of environment reproduction across clouds or locally, for
debugging failures.
This change leverages Cirrus-CI + Packer + collection of shell scripts
to realize all of the above.
Signed-off-by: Chris Evich <cevich@redhat.com>
* Update varlink document
* Add NoContainersInPod error in go and python
* Add support for varlink pod interface
* New code passes pylint
* Fix bug in test_runner.sh
* Update integration tests for race condition on status check
* Add missing port config file support
Signed-off-by: Jhon Honce <jhonce@redhat.com>
This PR makes several key changes to our CI testing. Firstly, we now test
podman on fedora 28, fedora 29, and centos VMS (rather than containers). Any
of these that having failing tests are not marked as required yet. We
still preserve the podman in podman and podman in docker tests as well and
they are marked as required.
The lint and validate work is now done on a openshift container. We also
removed the rpm verification on papr and perform this test under the "images"
test on the openshift ci.
This PR exposes integration test fails on some of our OSs. My expectation is we
will fix those in additional PRs and as they are fixed, we should be flipping
the boolean bit to required.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1492
Approved by: mheon
* Refactor create subparser to share arguments with run subparser
* Add argparse.*Action subclasses to reduce duplicate code in parsers
* Using BooleanAction now accept True/False value as expected
* .pylintrc added to loosen variable name policing
* Update AbstractBaseAction to remove unset arguments before
transmitting to podman service
* Align logging messages to podman output
* Renamed global argument from --user to --username, to avoid conflict
with create/run podman commands
* Add new subcommands: run, create, history, import, info, push,
restart and search
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #1519
Approved by: rhatdan
There is a group of inodes that get created when running a container
if they do not exist.
containerMounts = map[string]bool{
"/dev": true,
"/etc/hostname": true,
"/etc/hosts": true,
"/etc/resolv.conf": true,
"/proc": true,
"/run": true,
"/run/.containerenv": true,
"/run/secrets": true,
"/sys": true,
}
If the destination inode does not exist, libpod/runc will create the inode.
This can cause programs like podman diff to see the image as having changed,
when actually it has not. This patch ignores changes in these inodes.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1508
Approved by: giuseppe
And pull these from the PATH by default. This way systems like CentOS
that don't have a python3 can still execute 'make clean', which
doesn't care about the Python major version.
The setup.py shebang, mode change, and ./ prefixing helps address
cases where PYTHON is empty. This could be the result of improper
user configuration:
$ make PYTHON='' clean
It could also be the state on systems with no Python installed, in
which case you'll see:
$ make PYTHON='' clean
./setup.py clean --all
/usr/bin/env: 'python': No such file or directory
make: *** [Makefile:13: clean] Error 127
I've also shifted the Python invocations to the end of the clean
recipies so that as much as possible gets cleaned up even on systems
without Python installed.
Signed-off-by: W. Trevor King <wking@tremily.us>
as of now, we do not want to build with device mapper because it cannot
handle parallel requests which would be common-place in podman.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1445
Approved by: mheon
* Add support for commit, export, inspect, kill, logs, mount, pause
port commands
* Refactored Report class to allow column lengths to be optionally
driven by data
* Refactored Ps class to truncate image names on the left vs right
* Bug fixes
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #1369
Approved by: rhatdan
On Fedora and now Centos (added), we build RPMs based on the spec in
contrib/spec to make sure we protect against regressions when creating
RPMs. Once the RPM is built, we then test actually installing the RPM
to ensure that no deps are missing for install.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1356
Approved by: rhatdan
skopeo-containers is available everywhere, but not containers-common
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Closes: #1332
Approved by: rhatdan
remove slirp4netns as hard dep as it isn't available on rhel7.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Closes: #1328
Approved by: baude
Currently if the socket was never started you get an error about
the service being started. But if the service was started and later
stopped, you get a useless error.
This change causes the error to always be the same for connection refused.
The error message was also repeating the address twice which looked bad.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1287
Approved by: baude
Need to get some small changes into libpod to pull back into buildah
to complete buildah transition.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1270
Approved by: mheon
* Rename id_ to ident, make non-PEP8'ers happier
* Fix bug where port was required on local connections
* Improve error messages for exceptions
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #1246
Approved by: rhatdan
We need to make sure we dont break the RPM spec files week-to-week. If we do, the
packagers need to have a place to look at what changes are needed to the SPEC so
they can pull the changes into the distributions.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1230
Approved by: rhatdan
In order to get a cleaner build out of the rpms we should
pass down the DESTDIR to the python Makefiles. Then we
can use them instead of hard coding other inteligence into
the spec files.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1214
Approved by: baude
* Refactor Tunnel to support selecting port for remote sshd
* Refactor ssh tunnel to support MacOS version of ssh
* Refactor Tunnel.close() to find and kill off zombie siblings
* Add psutil dependency
* Add logging setup, letting library produce debugging records
* Clean up Tunnel API
* Fix test_runner.sh to propagate returncode to caller
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #1199
Approved by: rhatdan
* Some of the pedantic errors were not corrected
* Clean up prep for porting to MacOS and PyPi hosting
* Fix broken unittest
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #1159
Approved by: rhatdan
* Some of the pedantic errors were not corrected
* Clean up prep for porting to MacOS and PyPi hosting
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #1155
Approved by: baude
podman client that is capable of:
* images
* ps
* rm
* rmi
this is only a mockup to frame out and prove python library and ssh
tunnelling usage.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #986
Approved by: rhatdan
* client currently forks ssh client pending finding a well
maintained ssh library for python. Including support for
AF_UNIX forwarding.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Now that we make the varlink .go file on the fly, we need to have the
spec call go generate on it to build properly.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #843
Approved by: baude
- Added alias 'container()' to image model for CreateContainer()
- Fixed return in containers_create.go to wrap error in varlink
exception
- Added a wait time to container.kill(), number of seconds to wait
for the container to change state
- Refactored cached_property() to use system libraries
- Refactored tests to speed up performance
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #821
Approved by: rhatdan
- Updated some tests due to slippage between tests and code
- Skipped tests will be reinstated in a separate PR
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #825
Approved by: rhatdan
on os's (like centos) where python3 might not be installed, do not attempt to build
the python3 varlink client. varlink python is only supported on python3.
also, change the conditions for f28 to match the fedora official specs.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #813
Approved by: baude
baude
Chris Evich
TomSweeneyRedHat
Peter Hunt
OpenShift Merge Robot
Matthew Heon
Ed Santiago
Daniel J Walsh
Matthew Heon
Adrian Reber
Giuseppe Scrivano
Nitesh Konkar
Valentin Rothberg
Jhon Honce
Adrian Reber
Kunal Kushwaha
Matthew Heon
Anders F Björklund
W. Trevor King
Lokesh Mandvekar
Valentin Rothberg