For a long time, this task has not been cross-compiling, it's building
natively on a Mac. Avoid any possible confusion by renaming the task.
Signed-off-by: Chris Evich <cevich@redhat.com>
With (esp. Debian) CI VM images built by
https://github.com/containers/automation_images/ pull/338 CI no-longer
tests with runc nor cgroups v1. Add logic to fail under these
conditions. Prune back high-level YAML/script envars and logic formerly
required to support these things.
Signed-off-by: Chris Evich <cevich@redhat.com>
Now that we have source based skips there might be a case where we have
to run all tests. One option is to simply change a line in one of the
danger files but having something that can be set as title might be
easier for users.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We do not have to test everything for each PR, we can know based on the
source if we changed (i.e. machine code) and only run the tests then.
This implements it as skip conditions, due to the nature of yaml files
we unfortunately cannot deduplicate everything, i.e. the is PR check and
danger files apply to everything but as skip is only a single yaml
string we cannot deduplicate parts of that string. If anyone knows a way
to achieve this I like to hear it.
For now I implemented this for int, system, bud and machine tests. Once
we are more comfortable with this I plan on adding it to other tests as
well.
This will replace the current _bail_if_test_can_be_skipped logic as it
covers more, marks tasks actually skipped in the github UI and works
even for the windows/macos machine tests.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Built in: https://github.com/containers/automation_images/pull/361
Main changes:
- lots of package bumps, see link above. Most important
is debian systemd, which should fix the XDG bug in 256-rc3
- workaround for rawhide IMA (signed rpms) issue
- rawhide now includes composefs
Signed-off-by: Ed Santiago <santiago@redhat.com>
Another new-VM import from
https://github.com/containers/automation_images/pull/338
...because the usual conflict dealio in that repo. This
should mostly be a NOP. All the major work was done in #22706.
Signed-off-by: Ed Santiago <santiago@redhat.com>
podman.msi GUI has a radio-button to select WSL or Hyper-V
The checkbox in podman.msi GUI allow the user to specify if
the machine provider installation (WSL or Hyper-V) should
be part of podman installation or not.
podman-setup.exe supports 2 new variables: MachineProvider
(valid values are `wsl` and `hyperv`) and HyperVCheckbox
(valid values are `0` and `1`)
Installation creates the configuration file
`99-podman-machine-provider.conf` under folder
`%APPDATA\containers\containers.conf.d` with the selected
machine provider
Cirrus CI `win_installer_task` tests the installation with
both `hyperv` and `wsl` and verifies the configuration.
Uninstallation is tested too.
Note that podman-setup.exe GUI doesn't allow to choose the
provider yet. See https://github.com/containers/podman/issues/22492
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
As agreed in Planning meeting of 2024-03-20, Podman 5.x will
drop support for cgroups v1 and for runc. Make it so.
CI images built in https://github.com/containers/automation_images/pull/338
Signed-off-by: Ed Santiago <santiago@redhat.com>
It's been flaking heavily since March. I don't see any new
development going on in minikube-land. If anyone decides
to care about minikube again, they can reenable this.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Use 4 core VM vompred to the standard 2 cores, integration tests scale
almost linear with extra cores, as such doubling the cores makes the
tests almost twice as fast. This brings the test time down to 15-17 min
in CI.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
First, setup a custom TMPDIR to ensure we have no special assumptions
about hard coded paths. Second, make sure it is actually on a tmpfs so
we can catch regressions in the VM setup immediately.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
TMPDIR is typically /tmp which is typically(*) a tmpfs.
This PR ignores $TMPDIR when $CI is defined, forcing all
e2e tests to set up one central working directory in /var/tmp
instead.
Also, lots of cleanup.
(*) For many years, up to and still including the time of
this PR, /tmp on Fedora CI VMs is actually NOT tmpfs,
it is just / (root). This is nonstandard and undesirable.
Efforts are underway to remove this special case.
Signed-off-by: Ed Santiago <santiago@redhat.com>
compose v1 has been deprecated for some time now, since July 2023 it no
longer receives any updates[1]. As such testing it on every PR is
pointless, it also does not provide any more coverage then compose v2.
At least I never saw only compose v1 test fails (except for flakes) so
it doesn't help us to catch regressions.
We tried to remove it before but decided against it at that time[2].
[1] https://docs.docker.com/compose/migrate/
[2] https://github.com/containers/podman/issues/18688
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Emergency update to get pasta 03-26. Also gives us crun 1.14.4.
One unexplained difference: fc39 and rawhide now create:
/run/log/journal/SOMETHING/system.journal
...and the SOMETHING is o-rwx. This triggers journalctl to spit out a warning:
Hint: You are currently not seeing messages from the system.
Users in groups 'adm', 'systemd-journal', 'wheel' can see all messages.
Pass -q to turn off this notice.
...which in turn causes ExitCleanly() to fail.
It is not clear who/what is creating this journal directory, or
why it allofasudden started just now. Workaround is to add -q
to journalctl in one test.
One more difference, another test now requires SYSLOG capability.
VM package info:
https://github.com/containers/automation_images/pull/342
Signed-off-by: Ed Santiago <santiago@redhat.com>
The container image build automation no longer lives here, it was moved
to containers/image_build.
Also strip out a few lingering comments referencing gitleaks, which was
removed from automation use.
Signed-off-by: Chris Evich <cevich@redhat.com>
Building arm podman needs to be the last thing built in the OSX cross task. The Mac tests rely this Podman binary to run, and the CI Mac is ARM-based
Signed-off-by: Ashley Cui <acui@redhat.com>
It works (verified in #17831). Imperfectly, because Macs don't
have a useful awk, so we can't get timestamps. I will, in time,
look into adding the timestamp functionality to logformatter
itself.
Also imperfect because it's not linkifying: source code paths
are dead text. I need to fix that, too, in logformatter, by
having it recognize /Users/Mac paths.
Imperfect as it may be, it was quick, and I think could provide
good bang for the buck in these Mac-intensive debugging days.
Signed-off-by: Ed Santiago <santiago@redhat.com>
We used to use ignition to perform any customization required for podman
machine because our input was a generic FCOS image. Now that we are
building our own images, some of this customization can be migrated to
the Containerfile itself and be less of a burden in our code at boot up.
At the time of this PR, the Containerfile can be found at
https://github.com/baude/podman-machine-images/tree/main. It is only
present for a so-called daily image. There is little liklihood that
this would the final location for the Containerfile so consider it a
working version only.
Split WSL and rest apart in the e2e tests so we no longer ppull the
generic FCOS image for testing.
Note: the change to the pull image name is so PRs are not immediately
broken that are already in the queue.
[NO NEW TESTS REQUIRED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
Upgrade-from-v4.1 was temporarily disabled in #21618: we brought
in new CI VMs, and v4.1 setup no longer works. Nobody quite
understands why, and we've hit diminishing returns in the
investigation (#21863). The current thinking is that it
is related to netavark, and versions < 1.3 do not work
in the current f39 VMs. (No clue why, because f39 kernel
did not change in #21618).
Anyhow, reenable the pre-4.8 upgrade test, using v4.3.1
which has netavark-1.4.0 which seems to work fine. For now.
Also, some upgrade test cleanup:
- Skip, not fail, if initial setup fails. Makes for less noisy logs.
- Remove duplicate --pid=host
- Ports: 808x -> 909x, because 8081 is used by restraint on 1mt
Signed-off-by: Ed Santiago <santiago@redhat.com>
This is needed by podman desktop CI, to ensure their 'latest' testing
jobs continuously and exactly match the podman repository state +
related binaries.
Signed-off-by: Chris Evich <cevich@redhat.com>
Source: https://github.com/containers/automation_images/pull/331#issuecomment-1966677347
Kludgy VM build, because rawhide rc6 kernel is still not stable.
I would like to merge this anyway, because the rawhide hang is
hurting us badly. (I am not guaranteeing that this fixes the hang).
Also: new Windows VM has WiX 3.14 (up from 3.11).
Signed-off-by: Ed Santiago <santiago@redhat.com>
The `Makefile` makes assumptions about git repo. clone details.
Because fixing the `Makefile` would likely be problematic, fix
the clone operation used on the Mac so that it matches what's used
on Linux.
Also, simplify git repo clone operations. At some point in the
distant past, a git identity was required for CI to function properly.
That has since changed, so remove the unnecessary complexities.
Signed-off-by: Chris Evich <cevich@redhat.com>
There's are sometimes conflicting purposes in podman CI:
1. Have the pipeline proceed in an orderly and progressive manner
to sometimes save resources and unnecessary runtime.
2. Complete all testing as quickly as possible in support of
human-developers moving on to other areas of work.
3. Ideally/hopefully, accomplish both items above safely,
preventing untested and/or unintended changes from merging.
This commit shifts the balance of these slightly more toward the second
point. It rearranges most CI tasks into essentially three buckets with
a single (new) aggregation task in-between the first two:
1. Build + Verify all the things
2. Test all the things
3. Minor/accessory things
The intention is that while we may unnecessarily spin some number of
testing tasks while others have failed, the best-case scenario
(everything passes) has a much shorter runtime. In other words, it
potentially wastes more resources in favor of a chance to have
developers wait less.
Signed-off-by: Chris Evich <cevich@redhat.com>
And, runc-1.12 broke our seccomp e2e tests (runc now calls getcwd(),
which is the dummy syscall blocked for testing seccomp). Switch
to blocking link() instead.
Also, disable v4.1.0 upgrade tests. They're hanging, and I have
no idea why, and have wasted most of a day debugging.
Fixes: #21546
Signed-off-by: Ed Santiago <santiago@redhat.com>
we were fighting a flake earlier, so the mac test was removed again and
the suspected commit was removed. this turns the test back on so we can
see if we pass cleanly.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
Chris Evich