diff --git a/.cirrus.yml b/.cirrus.yml index bf1bf67179..6d580bd485 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -65,16 +65,16 @@ env: #### Credentials and other secret-sauces, decrypted at runtime when authorized. #### # Freenode IRC credentials for posting status messages - IRCID: ENCRYPTED[1913f8a4572b6a6d2036232327789c4f6c0d98cde53f0336d860cd219b4cbd83863eefd93471aef8fa1079d4698e382d] + IRCID: disabled # Needed to build GCE images, within a GCE VM - SERVICE_ACCOUNT: ENCRYPTED[99e9a0b1c23f8dd29e83dfdf164f064cfd17afd9b895ca3b5e4c41170bd4290a8366fe2ad8e7a210b9f751711d1d002a] + SERVICE_ACCOUNT: ENCRYPTED[a28959877b2c9c36f151781b0a05407218cda646c7d047fc556e42f55e097e897ab63ee78369dae141dcf0b46a9d0cdd] # User ID for cirrus to ssh into VMs GCE_SSH_USERNAME: cirrus-ci # Name where this repositories cloud resources are located - GCP_PROJECT_ID: ENCRYPTED[7c80e728e046b1c76147afd156a32c1c57d4a1ac1eab93b7e68e718c61ca8564fc61fef815952b8ae0a64e7034b8fe4f] - RELEASE_GCPJSON: ENCRYPTED[789d8f7e9a5972ce350fd8e60f1032ccbf4a35c3938b604774b711aad280e12c21faf10e25af1e0ba33597ffb9e39e46] - RELEASE_GCPNAME: ENCRYPTED[417d50488a4bd197bcc925ba6574de5823b97e68db1a17e3a5fde4bcf26576987345e75f8d9ea1c15a156b4612c072a1] - RELEASE_GCPROJECT: ENCRYPTED[7c80e728e046b1c76147afd156a32c1c57d4a1ac1eab93b7e68e718c61ca8564fc61fef815952b8ae0a64e7034b8fe4f] + GCP_PROJECT_ID: libpod-218412 + RELEASE_GCPJSON: disabled + RELEASE_GCPNAME: disabled + RELEASE_GCPROJECT: disabled @@ -153,173 +153,9 @@ gating_task: failed_branch_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_branch_failure.sh' -# This task checks to make sure that we can still build an rpm from the -# source code using contrib/rpm/podman.spec.in -rpmbuild_task: - - only_if: >- - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:IMG.*' && - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:DOCS.*' && - $CIRRUS_BRANCH != $DEST_BRANCH - - depends_on: - - "gating" - env: - CIRRUS_WORKING_DIR: "/usr/src/libpod" - - container: - image: quay.io/libpod/rpmbuild:$DEST_BRANCH - cpu: 2 - memory: 4 - - rpmbuild_script: - - 'make -C ${CIRRUS_WORKING_DIR} -f ${CIRRUS_WORKING_DIR}/.copr/Makefile' - - 'rpmbuild --rebuild ${CIRRUS_WORKING_DIR}/podman-*.src.rpm' - - on_failure: - failed_branch_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_branch_failure.sh |& ${TIMESTAMP}' - -# This task runs `make vendor` followed by ./hack/tree_status.sh to check -# whether the git tree is clean. The reasoning for that is to make sure -# that the vendor.conf, the code and the vendored packages in ./vendor are -# in sync at all times. -vendor_task: - - only_if: >- - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:IMG.*' && - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:DOCS.*' - - depends_on: - - "gating" - - env: - CIRRUS_WORKING_DIR: "/var/tmp/go/src/github.com/containers/libpod" - GOPATH: "/var/tmp/go" - GOSRC: "$CIRRUS_WORKING_DIR" - - # Runs within Cirrus's "community cluster" - container: - image: docker.io/library/golang:1.13 - cpu: 4 - memory: 12 - - timeout_in: 30m - - vendor_script: - - 'cd ${CIRRUS_WORKING_DIR} && make vendor' - - 'cd ${CIRRUS_WORKING_DIR} && ./hack/tree_status.sh' - - on_failure: - failed_branch_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_branch_failure.sh |& ${TIMESTAMP}' - - -# This task runs `make varlink_api_generate` followed by ./hack/tree_status.sh to check -# whether the git tree is clean. -varlink_api_task: - - only_if: >- - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:IMG.*' && - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:DOCS.*' - - depends_on: - - "gating" - - env: - CIRRUS_WORKING_DIR: "/usr/src/libpod" - SRCPATH: "$CIRRUS_WORKING_DIR" - EPOCH_TEST_COMMIT: "${CIRRUS_BASE_SHA}" # repo clone missing this data - # Used by tree_status.sh - SUGGESTION: 'remove API.md, then "make varlink_api_generate" and commit changes.' - - # Runs within Cirrus's "community cluster" - container: - # Note: Image has dual purpose, see contrib/gate/README.md - image: "quay.io/libpod/gate:v1.9" - cpu: 4 - memory: 12 - - timeout_in: 10m - - api_md_script: - - '/usr/local/bin/entrypoint.sh varlink_api_generate |& ${TIMESTAMP}' - - 'cd ${GOSRC} && ./hack/tree_status.sh |& ${TIMESTAMP}' - - on_failure: - failed_branch_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_branch_failure.sh' - - -build_each_commit_task: - - depends_on: - - "gating" - - "vendor" - - "varlink_api" - - only_if: >- - $CIRRUS_BRANCH != $DEST_BRANCH && - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:IMG.*' && - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:DOCS.*' - - gce_instance: - cpu: 8 - memory: "8Gb" - - env: - MOD_LIBPOD_CONF: 'false' - - timeout_in: 30m - - setup_environment_script: '$SCRIPT_BASE/setup_environment.sh |& ${TIMESTAMP}' - build_each_commit_script: - # set -x by default, no need to spew contents of lib.sh - - 'source $SCRIPT_BASE/lib.sh &> /dev/null' - - 'git fetch --depth 50 origin $DEST_BRANCH |& ${TIMESTAMP}' - - 'make build-all-new-commits GIT_BASE_BRANCH=origin/$DEST_BRANCH |& ${TIMESTAMP}' - - on_failure: - failed_branch_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_branch_failure.sh' - - -build_without_cgo_task: - - depends_on: - - "gating" - - "vendor" - - "varlink_api" - - only_if: >- - $CIRRUS_BRANCH != $DEST_BRANCH && - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:IMG.*' && - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:DOCS.*' - - gce_instance: - cpu: 8 - memory: "8Gb" - - env: - MOD_LIBPOD_CONF: 'false' - - timeout_in: 30m - - setup_environment_script: '$SCRIPT_BASE/setup_environment.sh |& ${TIMESTAMP}' - build_without_cgo_script: - - 'source $SCRIPT_BASE/lib.sh' - - 'make build-no-cgo' - - on_failure: - failed_branch_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_branch_failure.sh' - - # Update metadata on VM images referenced by this repository state meta_task: - depends_on: - - "gating" - - "vendor" - - "varlink_api" - - "build_each_commit" - - "build_without_cgo" - container: image: "quay.io/libpod/imgts:v1.9" # see contrib/imgts cpu: 1 @@ -335,10 +171,10 @@ meta_task: ${IMAGE_BUILDER_CACHE_IMAGE_NAME} BUILDID: "${CIRRUS_BUILD_ID}" REPOREF: "${CIRRUS_CHANGE_IN_REPO}" - GCPJSON: ENCRYPTED[950d9c64ad78f7b1f0c7e499b42dc058d2b23aa67e38b315e68f557f2aba0bf83068d4734f7b1e1bdd22deabe99629df] + GCPJSON: ENCRYPTED[3a198350077849c8df14b723c0f4c9fece9ebe6408d35982e7adf2105a33f8e0e166ed3ed614875a0887e1af2b8775f4] # needed for output-masking purposes - GCPNAME: ENCRYPTED[b05d469a0dba8cb479cb00cc7c1f6747c91d17622fba260a986b976aa6c817d4077eacffd4613d6d5f23afc4084fab1d] - GCPPROJECT: ENCRYPTED[7c80e728e046b1c76147afd156a32c1c57d4a1ac1eab93b7e68e718c61ca8564fc61fef815952b8ae0a64e7034b8fe4f] + GCPNAME: ENCRYPTED[2f9738ef295a706f66a13891b40e8eaa92a89e0e87faf8bed66c41eca72bf76cfd190a6f2d0e8444c631fdf15ed32ef6] + GCPPROJECT: libpod-218412 timeout_in: 10m @@ -346,359 +182,6 @@ meta_task: script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/update_meta.sh |& ${TIMESTAMP}' -# This task does the unit and integration testing for every platform -testing_task: - alias: "testing" - depends_on: - - "gating" - - "vendor" - - "varlink_api" - - "build_each_commit" - - "build_without_cgo" - - # Only test build cache-images, if that's what's requested - only_if: >- - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:IMG.*' && - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:DOCS.*' - - matrix: - - name: "test ${FEDORA_NAME}" - gce_instance: - image_name: "${FEDORA_CACHE_IMAGE_NAME}" - - name: "test ${PRIOR_FEDORA_NAME}" - gce_instance: - image_name: "${PRIOR_FEDORA_CACHE_IMAGE_NAME}" - # Multiple test failures on Ubuntu 19 - Fixes TBD in future PR - # TODO: image_name: "${UBUNTU_CACHE_IMAGE_NAME}" - - name: "test ${PRIOR_UBUNTU_NAME}" - gce_instance: - image_name: "${PRIOR_UBUNTU_CACHE_IMAGE_NAME}" - - timeout_in: 120m - - env: - ADD_SECOND_PARTITION: 'true' - matrix: - - name: remote - env: - TEST_REMOTE_CLIENT: 'true' - - name: local - env: - TEST_REMOTE_CLIENT: 'false' - - networking_script: '${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/networking.sh' - setup_environment_script: '$SCRIPT_BASE/setup_environment.sh |& ${TIMESTAMP}' - unit_test_script: '$SCRIPT_BASE/unit_test.sh |& ${TIMESTAMP}' - integration_test_script: '$SCRIPT_BASE/integration_test.sh |& ${TIMESTAMP} | ${LOGFORMAT} integration_test' - system_test_script: '$SCRIPT_BASE/system_test.sh |& ${TIMESTAMP} | ${LOGFORMAT} system_test' - apiv2_test_script: '$SCRIPT_BASE/apiv2_test.sh |& ${TIMESTAMP} | ${LOGFORMAT} apiv2_test' - - # When examining a particular run, provide convenient access to release files. - tar_artifacts: - path: "*.tar.gz" - type: "application/x-tar" - - on_failure: - failed_branch_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_branch_failure.sh' - - always: &standardlogs - package_versions_script: '$SCRIPT_BASE/logcollector.sh packages' - ginkgo_node_logs_script: '$SCRIPT_BASE/logcollector.sh ginkgo' - df_script: '$SCRIPT_BASE/logcollector.sh df' - audit_log_script: '$SCRIPT_BASE/logcollector.sh audit' - journal_script: '$SCRIPT_BASE/logcollector.sh journal' - varlink_script: '$SCRIPT_BASE/logcollector.sh varlink' - podman_system_info_script: '$SCRIPT_BASE/logcollector.sh podman' - html_artifacts: - path: "*.log.html" - type: "text/html" - - -# This task executes tests under unique environments/conditions -special_testing_rootless_task: - - depends_on: - - "gating" - - "varlink_api" - - "vendor" - - "build_each_commit" - - "build_without_cgo" - - only_if: >- - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:IMG.*' && - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:DOCS.*' - - env: - ADD_SECOND_PARTITION: 'true' - SPECIALMODE: 'rootless' # See docs - matrix: - - name: remote - env: - TEST_REMOTE_CLIENT: 'true' - - name: local - env: - TEST_REMOTE_CLIENT: 'false' - - timeout_in: 60m - - networking_script: '${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/networking.sh' - setup_environment_script: '$SCRIPT_BASE/setup_environment.sh |& ${TIMESTAMP}' - integration_test_script: '$SCRIPT_BASE/integration_test.sh |& ${TIMESTAMP} | ${LOGFORMAT} integration_test' - system_test_script: '$SCRIPT_BASE/system_test.sh |& ${TIMESTAMP} | ${LOGFORMAT} system_test' - apiv2_test_script: '$SCRIPT_BASE/apiv2_test.sh |& ${TIMESTAMP} | ${LOGFORMAT} apiv2_test' - - on_failure: - failed_branch_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_branch_failure.sh' - - always: - <<: *standardlogs - - -special_testing_in_podman_task: - alias: "special_testing_in_podman" - depends_on: - - "gating" - - "varlink_api" - - "vendor" - - "build_each_commit" - - "build_without_cgo" - - only_if: >- - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:IMG.*' && - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:DOCS.*' - - matrix: - # FIXME: Integration testing currently broken for F31 hosts - # Error: container_linux.go:345: starting container process caused "process_linux.go:281: applying cgroup configuration for process caused \"mountpoint for cgroup not found\"": OCI runtime error - # image_name: "${FEDORA_CACHE_IMAGE_NAME}" - - name: "in-podman ${PRIOR_FEDORA_NAME}" - gce_instance: - image_name: "${PRIOR_FEDORA_CACHE_IMAGE_NAME}" - - env: - ADD_SECOND_PARTITION: 'true' - MOD_LIBPOD_CONF: 'false' # Use existing/native setup - SPECIALMODE: 'in_podman' # See docs - # TODO: Support both runc and crun (cgroups v1 and v2 container images) - # matrix: - # IN_PODMAN_IMAGE: "quay.io/libpod/in_podman:latest" - # IN_PODMAN_IMAGE: "quay.io/libpod/in_podman_cgv2:latest" - - timeout_in: 60m - - networking_script: '${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/networking.sh' - setup_environment_script: '$SCRIPT_BASE/setup_environment.sh |& ${TIMESTAMP}' - integration_test_script: '$SCRIPT_BASE/integration_test.sh |& ${TIMESTAMP} | ${LOGFORMAT} integration_test' - - on_failure: - failed_branch_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_branch_failure.sh' - - always: - <<: *standardlogs - - -special_testing_cross_task: - alias: "special_testing_cross" - depends_on: - - "gating" - - "varlink_api" - - "vendor" - - only_if: >- - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:IMG.*' && - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:DOCS.*' - - matrix: - - name: 'cross-platform: windows' - env: - CROSS_PLATFORM: 'windows' - - name: 'cross-platform: darwin' - env: - CROSS_PLATFORM: 'darwin' - - timeout_in: 20m - - networking_script: '${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/networking.sh' - setup_environment_script: '$SCRIPT_BASE/setup_environment.sh |& ${TIMESTAMP}' - build_release_script: '$SCRIPT_BASE/build_release.sh |& ${TIMESTAMP}' - - on_failure: - failed_branch_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_branch_failure.sh' - - # When examining a particular run, provide convenient access to release files. - zip_artifacts: - path: "*.zip" - type: "application/zip" - - msi_artifacts: - path: "*.msi" - type: "application/octet-stream" - - -special_testing_endpoint_task: - - depends_on: - - "gating" - - "varlink_api" - - "vendor" - - only_if: >- - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:IMG.*' && - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:DOCS.*' - - env: - SPECIALMODE: 'endpoint' # See docs - - timeout_in: 20m - - setup_environment_script: '$SCRIPT_BASE/setup_environment.sh |& ${TIMESTAMP}' - integration_test_script: '$SCRIPT_BASE/integration_test.sh |& ${TIMESTAMP} | ${LOGFORMAT} integration_test' - - on_failure: - failed_branch_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_branch_failure.sh' - - always: - <<: *standardlogs - - -# Test building of new cache-images for future PR testing, in this PR. -test_build_cache_images_task: - - only_if: >- - $CIRRUS_BRANCH != $DEST_BRANCH && - $CIRRUS_CHANGE_MESSAGE =~ '.*CI:IMG.*' && - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:DOCS.*' - - depends_on: - - "gating" - - # VMs created by packer are not cleaned up by cirrus, must allow task to complete - auto_cancellation: $CI != "true" - - gce_instance: - image_project: "libpod-218412" - zone: "us-central1-a" - cpu: 4 - memory: "4Gb" - disk: 200 - image_name: "${IMAGE_BUILDER_CACHE_IMAGE_NAME}" - scopes: # required for image building - - compute - - devstorage.full_control - - networking_script: '${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/networking.sh' - build_vm_images_script: '$SCRIPT_BASE/build_vm_images.sh |& ${TIMESTAMP}' - - on_failure: - failed_df_script: '${DFCMD}' - failed_journalctl_b_script: 'journalctl -b || echo "Uh oh, journalctl -b failed"' - - -# Test building of new cache-images for future PR testing, in this PR. -verify_test_built_images_task: - - only_if: >- - $CIRRUS_BRANCH != $DEST_BRANCH && - $CIRRUS_CHANGE_MESSAGE =~ '.*CI:IMG.*' && - $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:DOCS.*' - - - depends_on: - - "gating" - - "test_build_cache_images" - - gce_instance: - # Images generated by test_build_cache_images_task (above) - image_name: "${PACKER_BUILDER_NAME}${BUILT_IMAGE_SUFFIX}" - - env: - ADD_SECOND_PARTITION: 'true' - matrix: - - name: remote - env: - TEST_REMOTE_CLIENT: 'true' - - name: local - env: - TEST_REMOTE_CLIENT: 'false' - matrix: - # Required env. var. by check_image_script - PACKER_BUILDER_NAME: "${FEDORA_NAME}" - PACKER_BUILDER_NAME: "${PRIOR_FEDORA_NAME}" - PACKER_BUILDER_NAME: "${PRIOR_UBUNTU_NAME}" - # Multiple test failures on ${UBUNTU_CACHE_IMAGE_NAME} - # PACKER_BUILDER_NAME: "${UBUNTU_NAME}" - - networking_script: '${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/networking.sh' - installed_packages_script: '$SCRIPT_BASE/logcollector.sh packages' - environment_script: '$SCRIPT_BASE/setup_environment.sh |& ${TIMESTAMP}' - # Verify expectations once per image - check_image_script: >- - [[ "$TEST_REMOTE_CLIENT" == "false" ]] || \ - $SCRIPT_BASE/check_image.sh |& ${TIMESTAMP} - # Note: A truncated form of normal testing. It only needs to confirm new images - # "probably" work. A full round of testing will happen again after $*_CACHE_IMAGE_NAME - # are updated in this or another PR (w/o '***CIRRUS: TEST IMAGES***'). - integration_test_script: '$SCRIPT_BASE/integration_test.sh |& ${TIMESTAMP}' - system_test_script: '$SCRIPT_BASE/system_test.sh |& ${TIMESTAMP}' - - always: - <<: *standardlogs - - -#test_building_snap_task: -# -# depends_on: -# - "gating" -# -# only_if: >- -# $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:IMG.*' && -# $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:DOCS.*' -# -# container: -# image: yakshaveinc/snapcraft:core18 -# snapcraft_script: -# - 'apt-get -y update' -# - 'cd contrib/snapcraft && snapcraft' -# -# -#upload_snap_task: -# only_if: >- -# $CIRRUS_BRANCH != $DEST_BRANCH && -# $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:IMG.*' && -# $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:DOCS.*' -# -# # Only when PR or branch is merged into master -# -# depends_on: -# - "test_building_snap" -# -# container: -# image: yakshaveinc/snapcraft:core18 -# -# env: -# SNAPCRAFT_LOGIN: ENCRYPTED[d8e82eb31c6372fec07f405f413d57806026b1a9f8400033531ebcd54d6750a5e4a8b1f68e3ec65c98c65e0d9b2a6a75] -# snapcraft_login_file: -# path: /root/.snapcraft/login.cfg -# variable_name: SNAPCRAFT_LOGIN -# snapcraft_script: -# - 'apt-get -y update' -# - 'snapcraft login --with "/root/.snapcraft/login.cfg"' -# - 'cd contrib/snapcraft && snapcraft && snapcraft push *.snap --release edge' - - -docs_task: - - # Don't run this when building/testing new VM images - only_if: $CIRRUS_CHANGE_MESSAGE !=~ '.*CI:IMG.*' - - depends_on: - - "gating" - - script: - - "$SCRIPT_BASE/build_swagger.sh |& ${TIMESTAMP}" - - "$SCRIPT_BASE/upload_release_archive.sh |& ${TIMESTAMP}" - - # Post message to IRC if everything passed PR testing success_task: @@ -709,20 +192,7 @@ success_task: # ignores any dependent task conditions depends_on: - "gating" - - "vendor" - - "varlink_api" - - "build_each_commit" - - "build_without_cgo" - "meta" - - "testing" - - "rpmbuild" - - "special_testing_rootless" - - "special_testing_in_podman" - - "special_testing_cross" - - "special_testing_endpoint" - - "test_build_cache_images" - - "verify_test_built_images" - - "docs" env: CIRRUS_WORKING_DIR: "/usr/src/libpod"