-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cirrus: Use F33 VM image #8074
Cirrus: Use F33 VM image #8074
Conversation
ab876ff
to
c321ff8
Compare
Tests don't look too hip @cevich |
7eea153
to
8863e86
Compare
Sorry...converted to a draft. |
I'm hitting a major snafu with the latest Fedora 33beta container images from containers/automation_images. The VM images don't exhibit this problem, and I was able to narrow the issue down to a call in https://cirrus-ci.com/task/5765609151528960?command=setup#L18 If I run this manually, the error message returned is even more concerning:
For F32 and prior, |
8863e86
to
436a65d
Compare
436a65d
to
d957389
Compare
91fca95
to
0ec95a7
Compare
1137514
to
089b679
Compare
df0ee96
to
3738c79
Compare
cc5bc21
to
11f4016
Compare
As of this commit, in Fedora 33, without without `CAP_NET_ADMIN` and `CAP_NET_RAW`, require setting `net.ipv3.ping_group_range` in order for the `ping` command to work inside a container. However, not all images `ping` are created equal. For whatever reason, the busybox version in the busybox container image, does not function. Switch to the Alpine image's busybox ping, which seems to work fine. Signed-off-by: Chris Evich <[email protected]>
On several occasions, fatal task failures were observed during the upload of artifacts after a otherwise successful testing. Prior to this commit, most tasks were storing both logs and binary artifacts. Avoid possible major inconveniences of upload failures, by only collecting binary artifacts when necessary. Signed-off-by: Chris Evich <[email protected]>
Includes disk-space increase for all Fedora images to accommodate the static-build job disk space requirements. This job substantially leverages task-cache, which was previously failing to restore early on in the Cirrus-CI task setup, due to disk-space limitations. Also simplify .cirrus.yml slightly by removing an unncessary setup and run directory change step. Signed-off-by: Chris Evich <[email protected]>
11f4016
to
4649833
Compare
@@ -383,12 +383,14 @@ var _ = Describe("Podman pod create", func() { | |||
podID := session.OutputToString() | |||
|
|||
// verify we can add a host to the infra's /etc/hosts | |||
session = podmanTest.Podman([]string{"run", "--pod", podID, "--add-host", "foobar:127.0.0.1", BB, "ping", "-c", "1", "foobar"}) | |||
// N/B: Using alpine for ping, since BB ping throws | |||
// permission denied error as of Fedora 33. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
blah, that's kinda confusing. Should say "...as of Fedora 33 seccomp and sysctl changes"
/approve |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: cevich, rhatdan The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
LGTM |
Is it absolutely necessary to cram the artifacts change into this PR? |
LGTM |
1 similar comment
LGTM |
/lgtm |
It was a "while I'm at it" thing, having hit two "failure to upload" flakes today. So we'd want to get it in ASAP anyway. |
"while I'm at it" things are great; but when they're longer and more complex than the PR itself (at least what the PR title and git commit message show), a future maintainer will appreciate having them split out into separate PRs. Just a recommendation for next time. |
Depends on #8231