github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Merge pull request #8919 from AkihiroSuda/vagrant-on-gha-larger

Browse Source 
CI: move Vagrant tests to GitHub Actions (larger runners)
This commit is contained in:
Akihiro Suda 2023-08-08 01:07:12 +09:00 committed by GitHub
commit ce22387b8f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 69 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
.cirrus.yml
View File

@ -1,82 +0,0 @@
# Cirrus CI gives open-source projects free 16.0 CPUs,
# we use 4 CPUs x 3 tasks = 12 CPUs.
# https://cirrus-ci.org/faq/#are-there-any-limits
#
# Undocumented constraints;
# - The maximum memory limit is 4G times the number of CPUs.
# - The number of CPUs should be multiple of 2.
task:
name: Vagrant
compute_engine_instance:
image_project: cirrus-images
image: family/docker-kvm
platform: linux
nested_virtualization: true
cpu: 4
memory: 16G
env:
GOTEST: gotestsum --
# By default, Cirrus CI doesn't have HOME defined
HOME: /root
matrix:
BOX: fedora/37-cloud-base
# v7.0.0 does not boot. v6.0.0 was not released.
BOX: rockylinux/8@5.0.0
install_libvirt_vagrant_script: |
# if another process is keeping a lock, wait for 60 seconds for it to release the lock.
apt-get -o DPkg::Lock::Timeout=60 update
apt-get -o DPkg::Lock::Timeout=60 install -y libvirt-daemon libvirt-daemon-system vagrant vagrant-libvirt
systemctl enable --now libvirtd
vagrant_cache:
folder: /root/.vagrant.d
fingerprint_script: uname --kernel-release --kernel-version && cat Vagrantfile
vagrant_up_script: |
vagrant up --no-tty
integration_script: |
vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-integration
cri_integration_script: |
vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-cri-integration
cri_test_script: |
vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-cri
task:
name: CGroupsV2 - rootless CRI test
env:
HOME: /root
compute_engine_instance:
image_project: cirrus-images
image: family/docker-kvm
platform: linux
nested_virtualization: true
cpu: 4
memory: 16G
install_libvirt_vagrant_script: |
# if another process is keeping a lock, wait for 60 seconds for it to release the lock.
apt-get -o DPkg::Lock::Timeout=60 update
apt-get -o DPkg::Lock::Timeout=60 install -y libvirt-daemon libvirt-daemon-system vagrant vagrant-libvirt
systemctl enable --now libvirtd
vagrant_cache:
folder: /root/.vagrant.d
fingerprint_script: uname -a; cat Vagrantfile
vagrant_up_script: |
vagrant up --provision-with=install-rootless-podman --no-tty
podman_build_script: |
# Execute rootless podman to create the UserNS env
vagrant ssh -- podman build --target cri-in-userns -t cri-in-userns -f /vagrant/contrib/Dockerfile.test /vagrant
test_script: |
vagrant ssh -- podman run --rm --privileged cri-in-userns

69
.github/workflows/ci.yml vendored
View File

@ -518,6 +518,75 @@ jobs:
${{github.workspace}}/report/*.xml ${{github.workspace}}/report/*.xml
${{github.workspace}}/report/*.log ${{github.workspace}}/report/*.log
integration-vagrant:
name: Vagrant integration
# "Larger" runner is needed for nested virtualization
# https://github.com/organizations/containerd/settings/actions/runners
runs-on: ubuntu-latest-4-cores
timeout-minutes: 60
needs: [project, linters, protos, man]
strategy:
fail-fast: false
matrix:
box:
- fedora/37-cloud-base
# v7.0.0 does not boot. v6.0.0 was not released.
- rockylinux/8@5.0.0
env:
BOX: ${{ matrix.box }}
steps:
- name: Show the host info
run: |
set -x
uname -a
cat /etc/os-release
cat /proc/cpuinfo
free -mt
- uses: actions/checkout@v3
- uses: actions/cache@v3
with:
path: /root/.vagrant.d
key: vagrant-${{ matrix.box }}
- name: Set up vagrant
run: |
sudo apt-get update
sudo apt-get install -y libvirt-daemon libvirt-daemon-system vagrant vagrant-libvirt
sudo systemctl enable --now libvirtd
- name: Boot VM
run: sudo BOX=$BOX vagrant up --no-tty
- name: test-integration
run: sudo BOX=$BOX vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-integration
- name: test-cri-integration
run: sudo BOX=$BOX vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-cri-integration
- name: test-cri
run: sudo BOX=$BOX vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-cri
tests-cri-in-userns:
name: "CRI-in-UserNS"
runs-on: ubuntu-22.04
timeout-minutes: 40
needs: [project, linters, protos, man]
steps:
- uses: actions/checkout@v3
- name: Set up cgroup v2 delegation
run: |
sudo mkdir -p /etc/systemd/system/user@.service.d
cat <<EOF | sudo tee /etc/systemd/system/user@.service.d/delegate.conf
[Service]
Delegate=cpu cpuset io memory pids
EOF
sudo systemctl daemon-reload
- name: Build cri-in-userns image
run: podman build --target cri-in-userns -t cri-in-userns -f ./contrib/Dockerfile.test .
- name: Run cri-in-userns image
# Rootless Podman is used for testing CRI-in-UserNS
# (We could use rootless Docker or rootless nerdctl, but we are using Podman here because it is preinstalled)
run: podman run --rm --privileged cri-in-userns
tests-mac-os: tests-mac-os:
name: MacOS unit tests name: MacOS unit tests
runs-on: macos-12 runs-on: macos-12

25
Vagrantfile vendored
View File

@ -325,29 +325,4 @@ EOF
SHELL SHELL
end end
# Rootless Podman is used for testing CRI-in-UserNS
# (We could use rootless nerdctl, but we are using Podman here because it is available in dnf)
config.vm.provision "install-rootless-podman", type: "shell", run: "never" do |sh|
sh.upload_path = "/tmp/vagrant-install-rootless-podman"
sh.inline = <<~SHELL
#!/usr/bin/env bash
set -eux -o pipefail
# Delegate cgroup v2 controllers to rootless
mkdir -p /etc/systemd/system/user@.service.d
cat > /etc/systemd/system/user@.service.d/delegate.conf << EOF
[Service]
Delegate=yes
EOF
systemctl daemon-reload
# Install Podman
dnf install -y podman
# Configure Podman to resolve `golang` to `docker.io/library/golang`
mkdir -p /etc/containers
cat > /etc/containers/registries.conf <<EOF
[registries.search]
registries = ['docker.io']
EOF
SHELL
end
end end