Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cirrus: Update CI VM images to F37beta #15760

Merged
merged 3 commits into from
Nov 2, 2022
Merged

Cirrus: Update CI VM images to F37beta #15760

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ecd1927
Cirrus: Update to F37beta
cevich Sep 15, 2022
fd9de87
Cirrus: temp. disable all Ubuntu testing
cevich Oct 13, 2022
8530724
Cirrus: Guarantee CNI testing w/o nv/av present
cevich Nov 2, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
101 changes: 51 additions & 50 deletions .cirrus.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,24 +27,23 @@ env:
#### Cache-image names to test with (double-quotes around names are critical)
#### Comment out fedora-35 for podman 4.x branches.
####
FEDORA_NAME: "fedora-36"
FEDORA_NAME: "fedora-37"
FEDORA_AARCH64_NAME: "${FEDORA_NAME}-aarch64"
#PRIOR_FEDORA_NAME: "fedora-35"
PRIOR_FEDORA_NAME: "fedora-36"
UBUNTU_NAME: "ubuntu-2204"

# Image identifiers
IMAGE_SUFFIX: "c4678746211876864"
IMAGE_SUFFIX: "c5178639502278656"
# EC2 images
FEDORA_AMI: "fedora-aws-${IMAGE_SUFFIX}"
FEDORA_AARCH64_AMI: "fedora-podman-aws-arm64-${IMAGE_SUFFIX}"
# GCP Images
FEDORA_CACHE_IMAGE_NAME: "fedora-${IMAGE_SUFFIX}"
#PRIOR_FEDORA_CACHE_IMAGE_NAME: "prior-fedora-${IMAGE_SUFFIX}"
UBUNTU_CACHE_IMAGE_NAME: "ubuntu-${IMAGE_SUFFIX}"
PRIOR_FEDORA_CACHE_IMAGE_NAME: "prior-fedora-${IMAGE_SUFFIX}"
#UBUNTU_CACHE_IMAGE_NAME: "ubuntu-${IMAGE_SUFFIX}"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's a hecka lot of commented-out stuff here. Some day someone will need to add them back, and will miss one even if they do a git log -1 -p of this commit to make sure.

Could you add # FIXME: reenable once <BUGID> is resolved to each commented-out section?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep I can/should add a summary comment. No problem. I thought I made this a separate commit so it can just be reverted, no?

I'm hoping to get the debian stuff rolling before too long, so hopefully that can replace Ubuntu entirely.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

revert assumes an unchanging .cirrus.yml, and that will be void within (I hope) one day of this PR merging.

# Container FQIN's
FEDORA_CONTAINER_FQIN: "quay.io/libpod/fedora_podman:${IMAGE_SUFFIX}"
#PRIOR_FEDORA_CONTAINER_FQIN: "quay.io/libpod/prior-fedora_podman:${IMAGE_SUFFIX}"
UBUNTU_CONTAINER_FQIN: "quay.io/libpod/ubuntu_podman:${IMAGE_SUFFIX}"
PRIOR_FEDORA_CONTAINER_FQIN: "quay.io/libpod/prior-fedora_podman:${IMAGE_SUFFIX}"
WINDOWS_AMI: "win-server-wsl-c5138587457421312" # Replace with IMAGE_SUFFIX when aligned
####
#### Control variables that determine what to run and how to run it.
Expand Down Expand Up @@ -104,16 +103,16 @@ build_task:
CTR_FQIN: ${FEDORA_CONTAINER_FQIN}
# ID for re-use of build output
CI_DESIRED_RUNTIME: crun
#- env: &priorfedora_envvars
# DISTRO_NV: ${PRIOR_FEDORA_NAME}
# VM_IMAGE_NAME: ${PRIOR_FEDORA_CACHE_IMAGE_NAME}
# CTR_FQIN: ${PRIOR_FEDORA_CONTAINER_FQIN}
# CI_DESIRED_RUNTIME: crun
- env: &ubuntu_envvars
DISTRO_NV: ${UBUNTU_NAME}
VM_IMAGE_NAME: ${UBUNTU_CACHE_IMAGE_NAME}
CTR_FQIN: ${UBUNTU_CONTAINER_FQIN}
CI_DESIRED_RUNTIME: runc
- env: &priorfedora_envvars
DISTRO_NV: ${PRIOR_FEDORA_NAME}
VM_IMAGE_NAME: ${PRIOR_FEDORA_CACHE_IMAGE_NAME}
CTR_FQIN: ${PRIOR_FEDORA_CONTAINER_FQIN}
CI_DESIRED_RUNTIME: crun
#- env: &ubuntu_envvars
# DISTRO_NV: ${UBUNTU_NAME}
# VM_IMAGE_NAME: ${UBUNTU_CACHE_IMAGE_NAME}
# CTR_FQIN: ${UBUNTU_CONTAINER_FQIN}
# CI_DESIRED_RUNTIME: runc
env:
TEST_FLAVOR: build
# NOTE: The default way Cirrus-CI clones is *NOT* compatible with
Expand Down Expand Up @@ -592,10 +591,11 @@ container_integration_test_task:
VM_IMAGE_NAME: ${FEDORA_CACHE_IMAGE_NAME}
CTR_FQIN: ${FEDORA_CONTAINER_FQIN}
CI_DESIRED_RUNTIME: crun
#- env:
# DISTRO_NV: ${PRIOR_FEDORA_NAME}
# VM_IMAGE_NAME: ${PRIOR_FEDORA_CACHE_IMAGE_NAME}
# CTR_FQIN: ${PRIOR_FEDORA_CONTAINER_FQIN}
- env:
DISTRO_NV: ${PRIOR_FEDORA_NAME}
VM_IMAGE_NAME: ${PRIOR_FEDORA_CACHE_IMAGE_NAME}
CTR_FQIN: ${PRIOR_FEDORA_CONTAINER_FQIN}
CI_DESIRED_RUNTIME: crun
gce_instance: *standardvm
timeout_in: 90m
env:
Expand Down Expand Up @@ -835,32 +835,32 @@ buildah_bud_test_task:
always: *int_logs_artifacts


rootless_gitlab_test_task:
name: *std_name_fmt
alias: rootless_gitlab_test
# Docs: ./contrib/cirrus/CIModes.md
only_if: &cirrus_cron "${CIRRUS_CRON} == 'main'"
# Community-maintained downstream test may fail unexpectedly.
# Ref. repository: https://gitlab.com/gitlab-org/gitlab-runner
# If necessary, uncomment the next line and file issue(s) with details.
# allow_failures: $CI == $CI
depends_on:
- build
- rootless_integration_test
gce_instance: *standardvm
env:
<<: *ubuntu_envvars
TEST_FLAVOR: 'gitlab'
PRIV_NAME: rootless
clone_script: *get_gosrc
setup_script: *setup
main_script: *main
always:
<<: *logs_artifacts
junit_artifacts:
path: gitlab-runner-podman.xml
type: text/xml
format: junit
#rootless_gitlab_test_task:
# name: *std_name_fmt
# alias: rootless_gitlab_test
# # Docs: ./contrib/cirrus/CIModes.md
# only_if: &cirrus_cron "${CIRRUS_CRON} == 'main'"
# # Community-maintained downstream test may fail unexpectedly.
# # Ref. repository: https://gitlab.com/gitlab-org/gitlab-runner
# # If necessary, uncomment the next line and file issue(s) with details.
# # allow_failures: $CI == $CI
# depends_on:
# - build
# - rootless_integration_test
# gce_instance: *standardvm
# env:
# <<: *ubuntu_envvars
# TEST_FLAVOR: 'gitlab'
# PRIV_NAME: rootless
# clone_script: *get_gosrc
# setup_script: *setup
# main_script: *main
# always:
# <<: *logs_artifacts
# junit_artifacts:
# path: gitlab-runner-podman.xml
# type: text/xml
# format: junit


upgrade_test_task:
Expand Down Expand Up @@ -949,10 +949,11 @@ meta_task:
image: quay.io/libpod/imgts:latest
env:
# Space-separated list of images used by this repository state
# Disabled ${PRIOR_FEDORA_CACHE_IMAGE_NAME} for Fedora 35
# DISABLED:
# ${UBUNTU_CACHE_IMAGE_NAME}
IMGNAMES: >-
${FEDORA_CACHE_IMAGE_NAME}
${UBUNTU_CACHE_IMAGE_NAME}
${PRIOR_FEDORA_CACHE_IMAGE_NAME}
build-push-${IMAGE_SUFFIX}
EC2IMGNAMES: >-
${FEDORA_AARCH64_AMI}
Expand Down Expand Up @@ -1003,7 +1004,7 @@ success_task:
- rootless_remote_system_test
- minikube_test
- buildah_bud_test
- rootless_gitlab_test
#- rootless_gitlab_test
- upgrade_test
- image_build
- meta
Expand Down
12 changes: 12 additions & 0 deletions contrib/cirrus/lib.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -207,7 +207,16 @@ use_cni() {
echo "unset NETWORK_BACKEND" >> /etc/ci_environment
export -n NETWORK_BACKEND
unset NETWORK_BACKEND
# While it's possible a user may want both installed, for CNI CI testing
# purposes we only care about backward-compatibility, not forward.
# If both CNI & netavark are present, in some situations where --root
# is used it's possible for podman to pick the "wrong" networking stack.
msg "Force-removing netavark and aardvark-dns"
# Other packages depend on nv/av, but we're testing with podman
# binaries built from source, so it's safe to ignore these deps.
rpm -e --nodeps netavark aardvark-dns
msg "Installing default CNI configuration"
dnf install -y $PACKAGE_DOWNLOAD_DIR/podman-plugins*
cd $GOSRC || exit 1
rm -rvf /etc/cni/net.d
mkdir -p /etc/cni/net.d
Expand All @@ -227,6 +236,9 @@ use_netavark() {
export NETWORK_BACKEND=netavark # needed for install_test_configs()
msg "Removing any/all CNI configuration"
rm -rvf /etc/cni/net.d/*
# N/B: The netavark/aardvark-dns packages are still installed and
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you mean CNI packages?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh woops, yes I did mean CNI. I'll fix it, thanks.

# available. This is on purpose, since CI needs to verify the
# selection mechanisms are functional when both are available.
}

# Remove all files provided by the distro version of podman.
Expand Down
14 changes: 7 additions & 7 deletions contrib/cirrus/setup_environment.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -126,19 +126,19 @@ case "$OS_RELEASE_ID" in
setsebool container_manage_cgroup true
fi

# For release 36 and later, netavark/aardvark is the default
# networking stack for podman. All previous releases only have
# CNI networking available. Upgrading from one to the other is
# not supported at this time. Support execution of the upgrade
# tests in F36 and later, by disabling Netavark and enabling CNI.
# For the latest Fedora CI VM images, netavark/aardvark is the
# intended networking stack for podman. All previous VM images
# should use CNI networking. Upgrading from one to the other is
# not supported at this time. The only exception in CI is
# the "upgrade tests" which must always use CNI.
#
# OS_RELEASE_VER is defined by automation-library
# shellcheck disable=SC2154
if [[ "$OS_RELEASE_VER" -ge 36 ]] && \
if [[ "$DISTRO_NV" != "$PRIOR_FEDORA_NAME" ]] && \
[[ "$TEST_FLAVOR" != "upgrade_test" ]];
then
use_netavark
else # Fedora < 36, or upgrade testing.
else # Fedora N-1 or upgrade testing.
use_cni
fi
;;
Expand Down