From 77413f3c7af61078c6d4f18dfeaadae1a623220f Mon Sep 17 00:00:00 2001 From: Kazuyoshi Kato Date: Mon, 25 Apr 2022 16:53:57 +0000 Subject: [PATCH] Move Vagrant-based tests from GitHub Actions to Cirrus CI Cirrus CI supports nested virtualization and free to use from open source projects. runc has been using the service since https://github.com/opencontainers/runc/pull/3088. Signed-off-by: Kazuyoshi Kato --- .cirrus.yml | 74 ++++++++++++++++++++++++++++++++++++++++ .github/workflows/ci.yml | 32 ----------------- 2 files changed, 74 insertions(+), 32 deletions(-) create mode 100644 .cirrus.yml diff --git a/.cirrus.yml b/.cirrus.yml new file mode 100644 index 0000000000000..5885b550c7169 --- /dev/null +++ b/.cirrus.yml @@ -0,0 +1,74 @@ +# Cirrus CI gives free 16.0 CPUs for open-source projects. We split that to 4:4:6. +# https://cirrus-ci.org/faq/#are-there-any-limits +# +# Undocumented constraints; +# - The maximum memory limit is 4G times the number of CPUs. +# - The number of CPUs should be mutiple of 2. + +task: + name: Vagrant + + compute_engine_instance: + image_project: cirrus-images + image: family/docker-kvm + platform: linux + nested_virtualization: true + cpu: 4 + memory: 16G + + env: + HOME: /root + matrix: + BOX: fedora/35-cloud-base + BOX: rockylinux/8 + + install_libvirt_vagrant_script: | + apt-get update + apt-get install -y libvirt-daemon libvirt-daemon-system vagrant vagrant-libvirt + systemctl enable --now libvirtd + + vagrant_cache: + folder: /root/.vagrant.d + fingerprint_script: uname -a; cat Vagrantfile + + vagrant_up_script: | + vagrant up --no-tty + + integration_script: | + vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-integration + + cri_test_script: | + vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-cri + +task: + name: CGroupsV2 - rootless CRI test + + env: + HOME: /root + + compute_engine_instance: + image_project: cirrus-images + image: family/docker-kvm + platform: linux + nested_virtualization: true + cpu: 6 + memory: 24G + + install_libvirt_vagrant_script: | + apt-get update + apt-get install -y libvirt-daemon libvirt-daemon-system vagrant vagrant-libvirt + systemctl enable --now libvirtd + + vagrant_cache: + folder: /root/.vagrant.d + fingerprint_script: uname -a; cat Vagrantfile + + vagrant_up_script: | + vagrant up --provision-with=install-rootless-podman --no-tty + + podman_build_script: | + # Execute rootless podman to create the UserNS env + vagrant ssh -- podman build --target cri-in-userns -t cri-in-userns -f /vagrant/contrib/Dockerfile.test /vagrant + + test_script: | + vagrant ssh -- podman run --rm --privileged cri-in-userns diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b9c58c8e3eca3..5fae417678591 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -579,35 +579,3 @@ jobs: path: | ${{github.workspace}}/*-junit.xml ${{github.workspace}}/critestreport/* - - cgroup2-misc: - name: CGroupsV2 - rootless CRI test - # nested virtualization is only available on macOS hosts - runs-on: macos-10.15 - timeout-minutes: 45 - needs: [project, linters, protos, man] - steps: - - uses: actions/checkout@v2 - - - name: "Cache ~/.vagrant.d/boxes" - uses: actions/cache@v2 - with: - path: ~/.vagrant.d/boxes - key: vagrant-${{ hashFiles('Vagrantfile*') }} - - - name: Vagrant start - run: | - # Retry if it fails (download.fedoraproject.org returns 404 sometimes) - vagrant up || vagrant up - - # slow, so separated from the regular cgroup2 task - - name: CRI-in-UserNS test with Rootless Podman - run: | - vagrant up --provision-with=install-rootless-podman - # Execute rootless podman to create the UserNS env - vagrant ssh -- podman build --target cri-in-userns -t cri-in-userns -f /vagrant/contrib/Dockerfile.test /vagrant - vagrant ssh -- podman run --rm --privileged cri-in-userns - - - name: Collect the VM's IP address for Docker Hub's throttling issue - if: failure() - run: vagrant ssh -- curl https://api64.ipify.org/