Previously the project-checks action was failing sometimes due to
hitting GitHub API rate limits. Since no token was supplied, the rate
limits were only 60 requests/hour keyed off the IP address of the
runner.
Now, passing GITHUB_TOKEN secret through to project-checks, we have a
limit of 1000 requests/hour for the whole repo. This should alleviate
the rate limits that were being seen.
I believe it is safe to pass this secret as project-checks is also owned
by the containerd organization. The secret is also scoped to the actions
run, and is invalidated upon completion.
project-checks version is also updated to the version that supports
repo-access-token input.
Signed-off-by: Kevin Parsons <kevpar@microsoft.com>
This adds in a simple flag to control what platform the spec it generates
is for. Useful to easily get a glance at whats the default across platforms.
Signed-off-by: Danny Canter <danny@dcantah.dev>
For ease of running the entire tests locally
```
cd contrib
docker build -t containerd-test -f Dockerfile.test --target integration ..
docker run --privileged containerd-test
docker build -t containerd-test -f Dockerfile.test --target cri-integration ..
docker run --privileged --sysctl net.ipv6.conf.all.disable_ipv6=0 containerd-test
docker build -t containerd-test -f Dockerfile.test --target critest ..
docker run --privileged --sysctl net.ipv6.conf.all.disable_ipv6=0 containerd-test
```
Tested on Ubuntu 22.10 (amd64, cgroup v2).
Known issues:
- cri-integration and critest: require `--sysctl net.ipv6.conf.all.disable_ipv6=0` to avoid
errors like `failed to set bridge addr: could not add IP address to "cni0": permission denied`
- critest: Often fails due to Docker Hub rate limits. Fix is coming in kubernetes-sigs/cri-tools PR 1053
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Fix the following error with VirtualBox:
```
VirtualBox Provider:
* The following settings shouldn't exist: disk
```
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Comments in initPlatform for Windows states that the options were
Linux specific. Additionally properly wrap an error after trying
to setup CDI on Linux.
Signed-off-by: Danny Canter <danny@dcantah.dev>
The sandbox and container both have the userns config. Lets make sure
they are the same, therefore consistent.
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
Currently we require that c.containerSpec() does not return an error
if test.err is not set.
However, if the require fails (i.e. it indeed returned an error) the
rest of the code is executed anyways. The rest of the code assumes it
did not return an error (so code assumes spec is not nil). This fails
miserably if it indeed returned an error, as spec is nil and go crashes
while running the unit tests.
Let's require it is not an error, so code does not continue to execute
if that fails and go doesn't crash.
In the test.err case is not harmful the bug of using assert, but let's
switch it to require too as that is what we really want.
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
This function was added in ae22854e2b, but never
returned an error, and the error-return was not handled on the callsite. This
patch removes the unused error return, and moves it to a file related to mounts,
which allowed for some of the stubs to be removed and shared between non-FreeBSD
platforms.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
