diff --git a/Makefile b/Makefile index 254c979e7..c80586fcf 100644 --- a/Makefile +++ b/Makefile @@ -298,15 +298,16 @@ endif cri-release: releases/$(CRIRELEASE).tar.gz @echo "$(WHALE) $@" - @cd releases && sha256sum $(CRIRELEASE).tar.gz >$(CRIRELEASE).tar.gz.sha256sum + @cd releases && sha256sum $(CRIRELEASE).tar.gz >$(CRIRELEASE).tar.gz.sha256sum && ln -sf $(CRIRELEASE).tar.gz cri-containerd.tar.gz cri-cni-release: releases/$(CRICNIRELEASE).tar.gz @echo "$(WHALE) $@" - @cd releases && sha256sum $(CRICNIRELEASE).tar.gz >$(CRICNIRELEASE).tar.gz.sha256sum + @cd releases && sha256sum $(CRICNIRELEASE).tar.gz >$(CRICNIRELEASE).tar.gz.sha256sum && ln -sf $(CRICNIRELEASE).tar.gz cri-cni-containerd.tar.gz clean: ## clean up binaries @echo "$(WHALE) $@" @rm -f $(BINARIES) + @rm -f releases/*.tar.gz* @if [[ -d $(OUTPUTDIR) ]]; then sudo rm -rf $(OUTPUTDIR); fi clean-test: ## clean up debris from previously failed tests diff --git a/test/build-utils.sh b/test/build-utils.sh index 0f859d2b7..c84b484e7 100755 --- a/test/build-utils.sh +++ b/test/build-utils.sh @@ -20,7 +20,7 @@ ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"/.. PROJECT=${PROJECT:-"k8s-cri-containerd"} # GOOGLE_APPLICATION_CREDENTIALS is the path of service account file. -if [ -z ${GOOGLE_APPLICATION_CREDENTIALS} ]; then +if [ -z ${GOOGLE_APPLICATION_CREDENTIALS:-""} ]; then echo "GOOGLE_APPLICATION_CREDENTIALS is not set" exit 1 fi @@ -28,14 +28,6 @@ fi # Activate gcloud service account. gcloud auth activate-service-account --key-file "${GOOGLE_APPLICATION_CREDENTIALS}" --project="${PROJECT}" -# Install dependent libraries. -apt-get update -if apt-cache show libbtrfs-dev > /dev/null; then - apt-get install -y libbtrfs-dev -else - apt-get install -y btrfs-tools -fi - # Kubernetes test infra uses jessie and stretch. if cat /etc/os-release | grep jessie; then sh -c "echo 'deb http://ftp.debian.org/debian jessie-backports main' > /etc/apt/sources.list.d/backports.list" @@ -43,6 +35,8 @@ if cat /etc/os-release | grep jessie; then apt-get install -y libseccomp2/jessie-backports apt-get install -y libseccomp-dev/jessie-backports else + cat /etc/os-release + apt-get update apt-get install -y libseccomp2 apt-get install -y libseccomp-dev fi diff --git a/test/build.sh b/test/build.sh index 0eac308b7..a04884dd9 100755 --- a/test/build.sh +++ b/test/build.sh @@ -25,14 +25,26 @@ set -o pipefail source $(dirname "${BASH_SOURCE[0]}")/build-utils.sh cd "${ROOT}" -# Make sure output directory is very clean. +# Make sure output directory is clean. make clean -make build -make binaries -# Build and push test tarball. -# TODO: mikebrow need to build/push a release tar similarly to: -# https://github.com/containerd/containerd/blob/master/.github/workflows/release.yml -# old script: -# PUSH_VERSION=true DEPLOY_DIR=${DEPLOY_DIR:-""} \ -# make push TARBALL_PREFIX=cri-containerd-cni INCLUDE_CNI=true CUSTOM_CONTAINERD=true +# Build CRI+CNI release +make BUILDTAGS="seccomp selinux no_aufs no_btrfs no_devmapper no_zfs" cri-cni-release + +BUILDDIR=$(mktemp -d) +cleanup() { + if [[ ${BUILDDIR} == /tmp/* ]]; then + echo "[-] REMOVING ${BUILDDIR}" + rm -rf ${BUILDDIR} + fi +} +trap cleanup EXIT + +set -x +latest=$(readlink ./releases/cri-cni-containerd.tar.gz) +cp releases/${latest} ${BUILDDIR}/cri-containerd.tar.gz +cp releases/${latest}.sha256sum ${BUILDDIR}/cri-containerd.tar.gz.sha256 + +# Push test tarball to Google cloud storage. +VERSION=$(git describe --match 'v[0-9]*' --dirty='.m' --always) +PUSH_VERSION=true VERSION=${VERSION} BUILD_DIR=${BUILDDIR} ${ROOT}/test/push.sh diff --git a/test/push.sh b/test/push.sh new file mode 100755 index 000000000..76a621711 --- /dev/null +++ b/test/push.sh @@ -0,0 +1,66 @@ +#!/bin/bash + +# Copyright The containerd Authors. + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -o errexit +set -o nounset +set -o pipefail + +source $(dirname "${BASH_SOURCE[0]}")/utils.sh + +# DEPLOY_BUCKET is the gcs bucket where the tarball should be stored in. +DEPLOY_BUCKET=${DEPLOY_BUCKET:-"cri-containerd-staging"} +# DEPLOY_DIR is the directory in the gcs bucket to store the tarball. +DEPLOY_DIR=${DEPLOY_DIR:-""} +# BUILD_DIR is the directory of the bulid out. +BUILD_DIR=${BUILD_DIR:-"_output"} +# TARBALL is the tarball name. +TARBALL=${TARBALL:-"cri-containerd.tar.gz"} +# LATEST is the name of the latest version file. +LATEST=${LATEST:-"latest"} +# PUSH_VERSION indicates whether to push version. +PUSH_VERSION=${PUSH_VERSION:-false} + +release_tar=${BUILD_DIR}/${TARBALL} +release_tar_checksum=${release_tar}.sha256 +if [[ ! -e ${release_tar} || ! -e ${release_tar_checksum} ]]; then + echo "Release tarball is not built" + exit 1 +fi + +if ! gsutil ls "gs://${DEPLOY_BUCKET}" > /dev/null; then + create_ttl_bucket ${DEPLOY_BUCKET} +fi + +if [ -z "${DEPLOY_DIR}" ]; then + DEPLOY_PATH="${DEPLOY_BUCKET}" +else + DEPLOY_PATH="${DEPLOY_BUCKET}/${DEPLOY_DIR}" +fi + +gsutil cp ${release_tar} "gs://${DEPLOY_PATH}/" +gsutil cp ${release_tar_checksum} "gs://${DEPLOY_PATH}/" +echo "Release tarball is uploaded to: + https://storage.googleapis.com/${DEPLOY_PATH}/${TARBALL}" + +if ${PUSH_VERSION}; then + if [[ -z "${VERSION}" ]]; then + echo "VERSION is not set" + exit 1 + fi + echo ${VERSION} | gsutil cp - "gs://${DEPLOY_PATH}/${LATEST}" + echo "Latest version is uploaded to: + https://storage.googleapis.com/${DEPLOY_PATH}/${LATEST}" +fi diff --git a/test/utils.sh b/test/utils.sh new file mode 100755 index 000000000..79e97f6f3 --- /dev/null +++ b/test/utils.sh @@ -0,0 +1,63 @@ +#!/bin/bash + +# Copyright The containerd Authors. + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"/.. + +# upload_logs_to_gcs uploads test logs to gcs. +# Var set: +# 1. Bucket: gcs bucket to upload logs. +# 2. Dir: directory name to upload logs. +# 3. Test Result: directory of the test result. +upload_logs_to_gcs() { + local -r bucket=$1 + local -r dir=$2 + local -r result=$3 + if ! gsutil ls "gs://${bucket}" > /dev/null; then + create_ttl_bucket ${bucket} + fi + local -r upload_log_path=${bucket}/${dir} + gsutil cp -r "${result}" "gs://${upload_log_path}" + echo "Test logs are uploaed to: + http://gcsweb.k8s.io/gcs/${upload_log_path}/" +} + +# create_ttl_bucket create a public bucket in which all objects +# have a default TTL (30 days). +# Var set: +# 1. Bucket: gcs bucket name. +create_ttl_bucket() { + local -r bucket=$1 + gsutil mb "gs://${bucket}" + local -r bucket_rule=$(mktemp) + # Set 30 day TTL for logs inside the bucket. + echo '{"rule": [{"action": {"type": "Delete"},"condition": {"age": 30}}]}' > ${bucket_rule} + gsutil lifecycle set "${bucket_rule}" "gs://${bucket}" + rm "${bucket_rule}" + + gsutil -m acl ch -g all:R "gs://${bucket}" + gsutil defacl set public-read "gs://${bucket}" +} + +# sha256 generates a sha256 checksum for a file. +# Var set: +# 1. Filename. +sha256() { + if which sha256sum >/dev/null 2>&1; then + sha256sum "$1" | awk '{ print $1 }' + else + shasum -a256 "$1" | awk '{ print $1 }' + fi +}