We had a number of references, mostly in docs, to the word master that
can now be changed to main. This PR does that and makes the project a
bit more inclusive.
[NO NEW TESTS NEEDED]
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
Output from podman system service, on system tests, is
being saved... it just hasn't been collected as an artifact.
Start collecting it. And, remove obsolete-unused-misleading
code that made me think it _was_ being collected.
Also: log system-service output for bud tests, and set
log-level to info per suggestion from @Luap99
Signed-off-by: Ed Santiago <santiago@redhat.com>
The latest Windows image from containers/automation_image@327d8799 auto-creates
an interactive session through winlogon autologon on boot. Additionally it
includes the PsTools psexec command on the system.
This change utilizes both aspects to launch the verification portion of the
smoke task under the interactive session, away from the session 0 execution
environment that the Cirrus agent runs in.
Since creating a new process under the interactive session requires a new token,
and by extension a clear text password, a new crypto random password is
generated to replace the ec2 boot generated one.
These changes allow WSL to once again function after its move to a store based
delivery stream (which is incompatible with session 0 execution).
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
On occasion, developers need to run the latest or bleeding-edge
netavark/aardvark-dns in the podman CI environment. Enable this through
use of magic strings in the PR title, but only if the PR is marked as a
draft. The intent being, when the PR is ready for review, the current
CI VM package versions will be used. Hopefully also reminding the PR
author to remove the magic strings from the title, remove draft status,
and push the final set of changes to be merged.
Also, add documentation about this new magic PR title string and CI's
behaviors.
Signed-off-by: Chris Evich <cevich@redhat.com>
This is to help me in my flake analysis.
Scenario: I'm looking at recent flakes, and see Flake X. I know
that Flake X was "fixed" two weeks ago. Did the fix not work?
Or is this just one of those PRs that was created three weeks
ago (or three months ago) and never rebased to pick up the fix?
This adds a one-click way for me to tell.
Signed-off-by: Ed Santiago <santiago@redhat.com>
add a new failblock style, with light red background all across
the entire page, and use it for bats "FAIL" blocks.
Also highlight logrus level=(debug|info|warning|error|fatal)
messages in increasingly prominent styles
Signed-off-by: Ed Santiago <santiago@redhat.com>
This is a unit that can be enabled when using transient store mode
to clean up potential leftovers from previous boots. All it does is
run "podman system prune --external" once each boot.
Signed-off-by: Alexander Larsson <alexl@redhat.com>
Use the new `podman kube {down,play}` commands.
[NO NEW TESTS NEEDED] as this is a purely cosmetic change.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
The hardware used for podman-machine testing is fairly
stable/predictable because it's bare-metal. This is a nearly ideal
environment for collection of benchmarking data. Arrange for that to
happen, and the resulting data to be collected.
Also keep track of the benchmark-basis details in a machine-readable
`env` file along side the raw and parsed benchmarks.
Signed-off-by: Chris Evich <cevich@redhat.com>
The passthrough_env function was unnecessarily complicated,
hence fragile. Clean it up, and add regression tests.
For future reference: CI broke horribly because of this.
Rootless tests all failed with missing CI_DESIRED_NETWORK.
Root cause was that CIRRUS_CHANGE_TITLE had a trailing
space which, because of shell indirection, passthrough_env()
wrote as trailing backslash (not backslash-space) in the
/etc/ci_environment file, which then caused the next line
in the file to get glommed onto CIRRUS_CHANGE_TITLE.
Signed-off-by: Ed Santiago <santiago@redhat.com>
This is more consistent with the name of the other released files, and
makes identification of the binaries easier among the Windows/macOS
ones.
Related: https://github.com/containers/podman/issues/16612
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Looking at https://github.com/containers/podman/releases/tag/v4.3.1,
it's not explicit which arch the podman-remote-static binary is built
for, so this commit adds an -$(goarch) suffix to it. It builds both
arm64 and amd64 binaries as I need both for crc.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Also reuse install location for previous installs if present
Example Usage: .\podman-4.3.2-setup.exe InstallFolder=C:\Other\Loc
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
...not as a separate post-main step. Reasons:
1) If main test times out, Cirrus won't run subsequent steps
2) It really belongs in the main log anyway, because when
looking at test results, you want to have instant access
to versions, you don't want to have to clickety-click
ten steps.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Intended to be run from nightly Cirrus cron job.
1) Queries github for highest-sorting (not necessarily "latest") tag
2) Checks that the Windows MSI exists, fails if not
3) Cross-checks markdown files to ensure they have up-to-date links
When run interactively, it will auto-update the .md files
to show and link to the latest version. This makes it easy
for anyone to then submit an update PR.
And, it turns out that MSI is obsolete, the new thing is EXE.
Update the tutorials to reflect that.
Signed-off-by: Ed Santiago <santiago@redhat.com>
All the other Windows tasks depend on access to a podman-remote build
from the Alt. Arch. `Windows Cross` task. Re-arrange the test-skipping
call to never skip here only.
Signed-off-by: Chris Evich <cevich@redhat.com>
We have CI tests running in netavark mode when CNI is desired.
Add a new .cirrus.yml envariable, CI_DESIRED_NETWORK, which
we then force-check in e2e and system tests. Simple copy/paste
of #14912 (the RUNTIME check) with manual s/RUNTIME/NETWORK/
and other minor changes.
Signed-off-by: Ed Santiago <santiago@redhat.com>
We've had some oopsies in system tests:
podman foo bar
run podman foo bar
...all of which should be run_podman with underscore. Those
have been passing because /usr/bin/podman is the fallback
from $PATH. In those (few) cases, we haven't actually been
testing the podman we should be testing.
Solution: nuke /usr/bin/podman and podman-remote before
invoking system and unit tests. As an extra level of
paranoia, check for other podmans in $PATH - if any
exist, bail out with a fatal error.
Also: in a few cases where runner.sh invokes podman for
containerized something-something, run bin/podman instead
of podman from $PATH.
Also: fix existing dependencies on /usr/bin/podman
Signed-off-by: Ed Santiago <santiago@redhat.com>
Support swagger testing and optional runtime updates similar to
the current golangci-lint tool. This allows developers to update the
version of swagger at runtime if needed. Otherwise new CI VM images
will pick up the prescribed version at image build-time via
`make install.tools`.
Signed-off-by: Chris Evich <cevich@redhat.com>
When running on a branch or tag, `req_env_vars()` will call `exit(1)`
because `$CIRRUS_PR` is empty (as expected). The original intention was
to simply skip language checks on non-PRs. Fix the condition to match.
Signed-off-by: Chris Evich <cevich@redhat.com>
It's conceivable for CI to spend a lot of time testing code which
otherwise should be rejected due to quality problems. Previously this
was validated in a dedicated task, however a failure would still fail
the CI run. Simplify the number of CI tasks by combining the consistency
check at the tail-end of the build task.
Signed-off-by: Chris Evich <cevich@redhat.com>
Previously, two tasks always ran first, prior to anything else. One to
verify network and external-service connectivity. Another to verify
certain important `.cirrus.yml` standards are met. However, as the
total number of tasks continues to grow, the need to keep these basic
checks as dedicated prerequisites is of decreasing value/importance.
Fold these two checks into a new `pretesting_script` component of the
Fedora `build` task, on both `x86_64` and `aarch64`.
Signed-off-by: Chris Evich <cevich@redhat.com>
Reintroduce .install.foo targets into Makefile, and invoke
only the bare-minimum ones needed for each individual CI
step in setup_environment.sh.
Also add a retry to the golangci-lint curl, in hopes of
dealing with network flakes. And remove the -f (fail)
because it produces unhelpful logs.
Reason: saw about 25% CI flakes yesterday due to the golangci-lint
fetch, something about a timeout, and this was especially frustrating
because none of the steps actually needed lint. Quick reminder:
avoid network fetches unless absolutely necessary.
Fixes: #15892
Signed-off-by: Ed Santiago <santiago@redhat.com>
At the time of this commit, there's no easier way to detect this using
`golangci-lint` or the go tool (that I could find). A future update
to the `go list` command may support detection, for now use a CI script.
Signed-off-by: Chris Evich <cevich@redhat.com>
Allow the pkginstaller makefile target to take advantage of Podman's version binary, alleviating the need to manually set Podman's version (and inevitably forgetting to do so). This means the pkginstaller Makefile will automatically detect what version of Podman we're packaging.
Signed-off-by: Ashley Cui <acui@redhat.com>
Rootless Docker daemon exposes its API socket on
`$XDG_RUNTIME_DIR/docker.sock`. On tmpfiles.d, `%t` is same as
`$XDG_RUNTIME_DIR` in `--user` mode, and `/run` otherwise.
We can reuse the same config file for both mode with this change.
Signed-off-by: SeongChan Lee <foriequal@gmail.com>
Run machine tests on every PR as label-driven machine test
triggering is currently hard to predict and debug.
Co-authored-by: Ed Santiago <santiago@redhat.com>
Co-authored-by: Miloslav Trmač <mitr@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
systemd expects the value of the option to be `no` instead, but this is
already the default behavior. This fixes the following warning when
running `systemctl status` on the unit:
Failed to parse service restart specifier, ignoring: never
Signed-off-by: Andrew Gunnerson <chillermillerlong@hotmail.com>
to compile arm bits the GOARCH should be set to amd64 script
was wrongly using aarch64 instead
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
EL8 builds are failing because hack/markdown-preprocess needs python3
which AFAICT isn't included by default in EL8 build environments.
This commit also includes an additional `[CI:COPR]` mode which is
currently runs the same tests as `[CI:DOCS]` but could differ in future.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
we were not using the correct GOARCH to build the podman remote
and podman-mac-helper binaries, this uses the ARCH value passed
to the make invocation to set the GORACH
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
this updates downloading of gvproxy and qemu using a standard
makefile rule which will avoid downloading them again if its
already downloaded
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
add file hvf.entitlements which has the com.apple.security.hypervisor
entitlement needed for qemu
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
new file: test/e2e/config_arm64.go
Tests that fail on aarch64 have been skipped with
`skip_if_aarch64`.
Co-authored-by: Chris Evich <cevich@redhat.com>
Co-authored-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
it installs podman and supporting binaries along with
qemu to have a functioning podman install using a pkg
podman and podman-mac-helper is compiled from source
gvproxy binary is downloaded from its github releases
and qemu from github release of containers/podman-machine-qemu
[NO NEW TESTS NEEDED]
Signed-off-by: Anjan Nath <kaludios@gmail.com>
...and enable the at-test-time confirmation, the one that
double-checks that if CI requests runc we actually use runc.
This exposed a nasty surprise in our setup: there are steps to
define $OCI_RUNTIME, but that's actually a total fakeout!
OCI_RUNTIME is used only in e2e tests, it has no effect
whatsoever on actual podman itself as invoked via command
line such as in system tests. Solution: use containers.conf
Given how fragile all this runtime stuff is, I've also added
new tests (e2e and system) that will check $CI_DESIRED_RUNTIME.
Image source: https://github.com/containers/automation_images/pull/146
Since we haven't actually been testing with runc, we need
to fix a few tests:
- handle an error-message change (make it work in both crun and runc)
- skip one system test, "survive service stop", that doesn't
work with runc and I don't think we care.
...and skip a bunch, filing issues for each:
- #15013 pod create --share-parent
- #15014 timeout in dd
- #15015 checkpoint tests time out under $CONTAINER
- #15017 networking timeout with registry
- #15018 restore --pod gripes about missing --pod
- #15025 run --uidmap broken
- #15027 pod inspect cgrouppath broken
- ...and a bunch more ("podman pause") that probably don't
even merit filing an issue.
Also, use /dev/urandom in one test (was: /dev/random) because
the test is timing out and /dev/urandom does not block. (But
the test is still timing out anyway, even with this change)
Also, as part of the VM switch we are now using go 1.18 (up
from 1.17) and this broke the gitlab tests. Thanks to @Luap99
for a quick fix.
Also, slight tweak to #15021: include the timeout value, and
reword message so command string is at end.
Also, fixed a misspelling in a test name.
Fixes: #14833
Signed-off-by: Ed Santiago <santiago@redhat.com>
It was not obvious enough in the scripts how much of a snowflake this
environment is. Fix that with lots of capitalized words and asterisks.
Signed-off-by: Chris Evich <cevich@redhat.com>
We're still not testing runc in CI (#14833), and it may be weeks
or months before we can, due to criu/glibc nightmare, but one day
we'll be back on track, then later on we'll update VMs again,
and screw it up, and lose runc, and not notice, and RHEL will
break, and oh noes headless chicken again, repeat repeat.
We can do better. Use .cirrus.yml to explicitly define which
VMs should use which runtimes, and enforce it early in the
CI build step. This should never fail (uh huh) in a PR,
only in one of the update-VM PRs.
Signed-off-by: Ed Santiago <santiago@redhat.com>
* Correct spelling and typos.
* Improve language.
Co-authored-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
Reason: task IDs are unique and permanent; linking by
build ID and task name is non-unique, because Re-run.
Fixes: #14863
Signed-off-by: Ed Santiago <santiago@redhat.com>
The podman-machine integration tests are designed to execute on
bare-metal, since they perform significant work with virtual-machines.
This test is costly to run at scale, so it is limited to being manually
triggered by developers (for now). A 'trigger' button will appear in the
task status page of the Github WebUI once all test dependencies are met.
In the Cirrus-CI WebUI, there is also a 'pre-trigger' button that may be
pressed if a developer doesn't wish to wait. Also:
* Add a `localmachine` target in the `Makefile` on the off-chance
developers wish to execute locally. Update the `ginkgo-run` target
to accommodate re-use by the new `localmachine` target.
* Exclude `podman_machine` task from `success` dependency verification.
This also involves adding an exception to `cirrus_yaml_test.py`
otherwise it will complain loudly.
* ***NOTE*** Inclusion of `ec2_instance` in *any* task will cause
`hack/get_ci_vm.sh` to barf and be non-functional. Future updates will
be made to restore functionality. Before then, simply comment out
the `ec2_instance` section as a temporarily workaround.
Signed-off-by: Chris Evich <cevich@redhat.com>
In order to support execution on various non-GCP cloud environments, the
BFQ scheduler workaround needs updating. Previously it assumed the root
disk was always `/dev/sda`. With the addition of new clouds (AWS) and
different environment types, the assumption is not always valid. Update
the workaround to take care in looking up the block device where '/'
comes from.
Also update the scheduler to 'none', as all modern clouds already have
highly optimized underlying storage configurations. There's no reason
to complicate I/O paths further by hard-coding specific scheduler(s) for
all environment types.
Signed-off-by: Chris Evich <cevich@redhat.com>
With the upcoming plans of introducing a podman-kube command with
various subcommands, rename the podman-play-kube systemd template
to podman-kube before releasing it.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
OpenShift Merge Robot
tomsweeneyredhat
Lokesh Mandvekar
Paul Holzinger
Ed Santiago
Daniel J Walsh
Stéphane Bidoul
Jason T. Greene
Chris Evich
Jason T. Greene
Alexander Larsson
Valentin Rothberg
Doug Rabson
Christophe Fergeau
Anjan Nath
Urvashi Mohnani
Joakim Nohlgård
Praveen Kumar
Ashley Cui
SeongChan Lee
Andrew Gunnerson
William Entriken
unknowndevQwQ
openshift-ci[bot]
Erik Sjölund