From 146af8cd59a995ec4483ceef25e7de4b81573a53 Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Thu, 15 Apr 2021 15:24:22 -0400 Subject: [PATCH 1/2] Travis -> Cirrus: validate, vendor, and test Also add some basic setup commands to hack/get_ci_vm.sh Signed-off-by: Chris Evich --- .cirrus.yml | 78 ++++++++++++++++++++++++++++++++++++++++++++++- .travis.yml | 8 ----- hack/get_ci_vm.sh | 6 +++- 3 files changed, 82 insertions(+), 10 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index 9d94fc69b4..25230078fc 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -11,7 +11,7 @@ env: GOPATH: &gopath "/var/tmp/go" GOBIN: "${GOPATH}/bin" GOCACHE: "${GOPATH}/cache" - GOSRC: &gosrc "/var/tmp/go/src/github.com/containers/podman" + GOSRC: &gosrc "/var/tmp/go/src/github.com/containers/skopeo" CIRRUS_WORKING_DIR: *gosrc # The default is 'sh' if unspecified CIRRUS_SHELL: "/bin/bash" @@ -37,6 +37,9 @@ env: UBUNTU_CONTAINER_FQIN: "quay.io/libpod/ubuntu_podman:${IMAGE_SUFFIX}" PRIOR_UBUNTU_CONTAINER_FQIN: "quay.io/libpod/prior-ubuntu_podman:${IMAGE_SUFFIX}" + # Equivilent to image produced by 'make build-container' + SKOPEO_CI_CONTAINER_FQIN: "quay.io/skopeo/ci:${DEST_BRANCH}" + # Default timeout for each task timeout_in: 30m @@ -45,6 +48,76 @@ timeout_in: 30m gcp_credentials: ENCRYPTED[52d9e807b531b37ab14e958cb5a72499460663f04c8d73e22ad608c027a31118420f1c80f0be0882fbdf96f49d8f9ac0] +validate_task: + # The git-validation tool doesn't work well on branch or tag push, + # under Cirrus-CI, due to challenges obtaining the starting commit ID. + # Only do validation for PRs. + only_if: $CIRRUS_PR != '' + container: &build_container + image: "${SKOPEO_CI_CONTAINER_FQIN}" + cpu: 4 + memory: 8 + script: make validate-local + + +vendor_task: + only_if: $CIRRUS_PR != '' + container: *build_container + script: make vendor && ./hack/tree_status.sh + + +test_task: + alias: test + depends_on: + - validate + - vendor + gce_instance: + image_project: libpod-218412 + zone: "us-central1-f" + cpu: 2 + memory: "4Gb" + # Required to be 200gig, do not modify - has i/o performance impact + # according to gcloud CLI tool warning messages. + disk: 200 + image_name: ${FEDORA_CACHE_IMAGE_NAME} + matrix: + - name: "Skopeo Test" + env: + BUILDTAGS: 'btrfs_noversion libdm_no_deferred_remove' + - name: "Skopeo Test w/ opengpg" + env: + BUILDTAGS: 'btrfs_noversion libdm_no_deferred_remove containers_image_openpgp' + env: + # TODO: Remove test technical-debt requiring integration tests to run + # inside a container and with --privileged. This is hiding bugs! + PODMANMAKE: >- + podman run -it --rm --privileged + -e GOPATH=$GOPATH + -v $GOPATH:$GOPATH:Z + -w $GOSRC + $SKOPEO_CI_CONTAINER_FQIN + make + setup_script: | + # This is required as part of the standard Fedora VM setup + growpart /dev/sda 1 + resize2fs /dev/sda1 + + # VM's come with the distro. skopeo pre-installed + dnf erase -y skopeo + + # Ensure we start with a clean-slate + podman system reset --force + # Note: We _HAVE_ to spam BUILDTAGS in this way due to how Cirrus-CI + # mangles quoted strings when performing in-line 'env' substitution. + main_script: | + set -x + $PODMANMAKE bin/skopeo BUILDTAGS="$BUILDTAGS" + $PODMANMAKE test-unit-local BUILDTAGS="$BUILDTAGS" + $PODMANMAKE test-integration-local BUILDTAGS="$BUILDTAGS" + # Do not run inside podman, uses containers internally. + make test-system-local BUILDTAGS="$BUILDTAGS" + + # This task is critical. It updates the "last-used by" timestamp stored # in metadata for all VM images. This mechanism functions in tandem with # an out-of-band pruning operation to remove disused VM images. @@ -79,6 +152,9 @@ success_task: alias: success # N/B: ALL tasks must be listed here, minus their '_task' suffix. depends_on: + - validate + - vendor + - test - meta container: *smallcontainer env: diff --git a/.travis.yml b/.travis.yml index 528371380d..e78c8f716b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -67,14 +67,6 @@ jobs: - brew update && brew unlink python@2 && brew install gpgme script: - hack/travis_osx.sh - - stage: local-build - <<: *local-build - name: local build for linux - os: linux - services: - - docker - script: - - make vendor && ./hack/tree_status.sh && make local-cross && make check # Run 3 image-build-push tasks in parallel for linux/amd64, linux/s390x and linux/ppc64le platforms (for upstream and stable) - stage: image-build-push diff --git a/hack/get_ci_vm.sh b/hack/get_ci_vm.sh index 33d6e8ae11..2744f8660f 100755 --- a/hack/get_ci_vm.sh +++ b/hack/get_ci_vm.sh @@ -44,7 +44,11 @@ elif [[ "$1" == "--setup" ]]; then # get_ci_vm container entrypoint calls us with this option on the # Cirrus-CI environment instance, to perform repo.-specific setup. cd $REPO_DIRPATH - echo "+ No further setup performed" > /dev/stderr + echo "+ Growing root filesystem" > /dev/stderr + growpart /dev/sda 1 + resize2fs /dev/sda1 + echo "+ Erasing pre-installed skopeo package" > /dev/stderr + dnf erase -y skopeo else # Create and access VM for specified Cirrus-CI task mkdir -p $HOME/.config/gcloud/ssh From 88979a6a88b56360d6057bb28b9fda003008464e Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Fri, 16 Apr 2021 11:13:26 -0400 Subject: [PATCH 2/2] Cirrus: Improve test synchronization with c/image The `test_skopeo_task` must be substantially duplicated between this repository and containers/image. Make this easier to maintain by implementing a runner script to contain any/all differences. This allows the `test_skopeo_task` definition to remain 100% identical across the two repositories. Signed-off-by: Chris Evich --- .cirrus.yml | 78 +++++++++++++++++----------------- contrib/cirrus/runner.sh | 91 ++++++++++++++++++++++++++++++++++++++++ hack/get_ci_vm.sh | 8 +--- 3 files changed, 131 insertions(+), 46 deletions(-) create mode 100755 contrib/cirrus/runner.sh diff --git a/.cirrus.yml b/.cirrus.yml index 25230078fc..d9b9e9ddb2 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -12,9 +12,13 @@ env: GOBIN: "${GOPATH}/bin" GOCACHE: "${GOPATH}/cache" GOSRC: &gosrc "/var/tmp/go/src/github.com/containers/skopeo" + # Required for consistency with containers/image CI + SKOPEO_PATH: *gosrc CIRRUS_WORKING_DIR: *gosrc # The default is 'sh' if unspecified CIRRUS_SHELL: "/bin/bash" + # Save a little typing (path relative to $CIRRUS_WORKING_DIR) + SCRIPT_BASE: "./contrib/cirrus" #### #### Cache-image names to test with (double-quotes around names are critical) @@ -60,17 +64,26 @@ validate_task: script: make validate-local -vendor_task: - only_if: $CIRRUS_PR != '' - container: *build_container - script: make vendor && ./hack/tree_status.sh - - -test_task: - alias: test +cross_task: + # TODO: hack/travis_osx.sh doesn't work under cirrus-ci + # for some unknown reason. Remove the next line when + # fixed (remember to remove from .travis.yml also). + allow_failures: $CI == $CI + macos_instance: + image: catalina-xcode-11.3.1 + brew_script: brew install gpgme go go-md2man + test_script: hack/travis_osx.sh + + +##### +##### NOTE: This task is subtantially duplicated in the containers/image +##### repository's `.cirrus.yml`. Changes made here should be fully merged +##### prior to being manually duplicated and maintained in containers/image. +##### +test_skopeo_task: + alias: test_skopeo depends_on: - validate - - vendor gce_instance: image_project: libpod-218412 zone: "us-central1-f" @@ -87,35 +100,20 @@ test_task: - name: "Skopeo Test w/ opengpg" env: BUILDTAGS: 'btrfs_noversion libdm_no_deferred_remove containers_image_openpgp' - env: - # TODO: Remove test technical-debt requiring integration tests to run - # inside a container and with --privileged. This is hiding bugs! - PODMANMAKE: >- - podman run -it --rm --privileged - -e GOPATH=$GOPATH - -v $GOPATH:$GOPATH:Z - -w $GOSRC - $SKOPEO_CI_CONTAINER_FQIN - make - setup_script: | - # This is required as part of the standard Fedora VM setup - growpart /dev/sda 1 - resize2fs /dev/sda1 - - # VM's come with the distro. skopeo pre-installed - dnf erase -y skopeo - - # Ensure we start with a clean-slate - podman system reset --force - # Note: We _HAVE_ to spam BUILDTAGS in this way due to how Cirrus-CI - # mangles quoted strings when performing in-line 'env' substitution. - main_script: | - set -x - $PODMANMAKE bin/skopeo BUILDTAGS="$BUILDTAGS" - $PODMANMAKE test-unit-local BUILDTAGS="$BUILDTAGS" - $PODMANMAKE test-integration-local BUILDTAGS="$BUILDTAGS" - # Do not run inside podman, uses containers internally. - make test-system-local BUILDTAGS="$BUILDTAGS" + setup_script: >- + "${GOSRC}/${SCRIPT_BASE}/runner.sh" setup + vendor_script: >- + "${SKOPEO_PATH}/${SCRIPT_BASE}/runner.sh" vendor + build_script: >- + "${SKOPEO_PATH}/${SCRIPT_BASE}/runner.sh" build + validate_script: >- + "${SKOPEO_PATH}/${SCRIPT_BASE}/runner.sh" validate + unit_script: >- + "${SKOPEO_PATH}/${SCRIPT_BASE}/runner.sh" unit + integration_script: >- + "${SKOPEO_PATH}/${SCRIPT_BASE}/runner.sh" integration + system_script: > + "${SKOPEO_PATH}/${SCRIPT_BASE}/runner.sh" system # This task is critical. It updates the "last-used by" timestamp stored @@ -153,8 +151,8 @@ success_task: # N/B: ALL tasks must be listed here, minus their '_task' suffix. depends_on: - validate - - vendor - - test + - cross + - test_skopeo - meta container: *smallcontainer env: diff --git a/contrib/cirrus/runner.sh b/contrib/cirrus/runner.sh new file mode 100755 index 0000000000..ab4e5be1ab --- /dev/null +++ b/contrib/cirrus/runner.sh @@ -0,0 +1,91 @@ +#!/bin/bash + +# This script is intended to be executed by automation or humans +# under a hack/get_ci_vm.sh context. Use under any other circumstances +# is unlikely to function. + +set -e + +if [[ -r "/etc/automation_environment" ]]; then + source /etc/automation_environment + source $AUTOMATION_LIB_PATH/common_lib.sh +else + ( + echo "WARNING: It does not appear that containers/automation was installed." + echo " Functionality of most of ${BASH_SOURCE[0]} will be negatively" + echo " impacted." + ) > /dev/stderr +fi + +OS_RELEASE_ID="$(source /etc/os-release; echo $ID)" +# GCE image-name compatible string representation of distribution _major_ version +OS_RELEASE_VER="$(source /etc/os-release; echo $VERSION_ID | tr -d '.')" +# Combined to ease some usage +OS_REL_VER="${OS_RELEASE_ID}-${OS_RELEASE_VER}" + +export "PATH=$PATH:$GOPATH/bin" + +podmanmake() { + req_env_vars GOPATH SKOPEO_PATH SKOPEO_CI_CONTAINER_FQIN + warn "Accumulated technical-debt requires execution inside a --privileged container. This is very likely hiding bugs!" + showrun podman run -it --rm --privileged \ + -e GOPATH=$GOPATH \ + -v $GOPATH:$GOPATH:Z \ + -w $SKOPEO_PATH \ + $SKOPEO_CI_CONTAINER_FQIN \ + make "$@" +} + +_run_setup() { + if [[ "$OS_RELEASE_ID" == "fedora" ]]; then + # This is required as part of the standard Fedora VM setup + growpart /dev/sda 1 + resize2fs /dev/sda1 + + # VM's come with the distro. skopeo pre-installed + dnf erase -y skopeo + else + die "Unknown/unsupported distro. $OS_REL_VER" + fi +} + +_run_vendor() { + podmanmake vendor BUILDTAGS="$BUILDTAGS" +} + +_run_build() { + podmanmake bin/skopeo BUILDTAGS="$BUILDTAGS" +} + +_run_validate() { + podmanmake validate-local BUILDTAGS="$BUILDTAGS" +} + +_run_unit() { + podmanmake test-integration-local BUILDTAGS="$BUILDTAGS" +} + +_run_integration() { + podmanmake test-integration-local BUILDTAGS="$BUILDTAGS" +} + +_run_system() { + # Ensure we start with a clean-slate + podman system reset --force + # Executes with containers required for testing. + showrun make test-system-local BUILDTAGS="$BUILDTAGS" +} + +req_env_vars SKOPEO_PATH BUILDTAGS + +handler="_run_${1}" +if [ "$(type -t $handler)" != "function" ]; then + die "Unknown/Unsupported command-line argument '$1'" +fi + +msg "************************************************************" +msg "Runner executing $1 on $OS_REL_VER" +msg "************************************************************" + +cd "$SKOPEO_PATH" +$handler diff --git a/hack/get_ci_vm.sh b/hack/get_ci_vm.sh index 2744f8660f..da19c1ecad 100755 --- a/hack/get_ci_vm.sh +++ b/hack/get_ci_vm.sh @@ -43,12 +43,8 @@ elif [[ "$1" == "--setup" ]]; then in_get_ci_vm "$1" # get_ci_vm container entrypoint calls us with this option on the # Cirrus-CI environment instance, to perform repo.-specific setup. - cd $REPO_DIRPATH - echo "+ Growing root filesystem" > /dev/stderr - growpart /dev/sda 1 - resize2fs /dev/sda1 - echo "+ Erasing pre-installed skopeo package" > /dev/stderr - dnf erase -y skopeo + echo "+ Executing setup" > /dev/stderr + ${GOSRC}/${SCRIPT_BASE}/runner.sh setup else # Create and access VM for specified Cirrus-CI task mkdir -p $HOME/.config/gcloud/ssh