They do not add much value to users, first of it compiles podman with
cgo disabled which means the included the podman binary is unusable
either way. The only goal of the build job is to ensure we can compile
on all arches, i.e. go build tags adn types work correctly. The upload
if these artifacts alone take over 90s so let's get rid of them to speed
up the total CI time.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
It is not used by anybody so we do not have to store these and can safe
some time by not having to generate it even if it is just ~500ms.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Two weeks ago we had a weird hang in the macos build job on the
persitent worker. The task just hang for an hour wasting time.
Most tests are fast so we do not need/want such high timeouts.
Therefore drop the default timeout to 20 minutes. The integration task
also should take under 20m so we can remove the longer timeout there as
well. Some system tests need a bit over 30m currently, timeout is set to
35m. For machine tests we use 30m on linux, 45m on windows and 35m on
macos to have some extra room there as machine tests have a much higher
run to run variance.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We already exclude the build jobs this is causing the machine tasks to
fail as noticed in #23764. Given we do not need windows/macos testing
for RHEL we have to skip them there.
While we try to only use only_if the problem here is that we would need
to duplicate the big only_if_machine_test string and work the rhel
condition into it which doesn't work with the current logic either so we
would need to change the logic flow there which then doesn't work with
our cirrus_yaml_test.py selftest. Therefore I think using skip here is
easier.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Previously these tests pulled some test images from quay, opening them up
to networking-flake induced failures. As has already been done for
other tests, update to utilize the locally running registry server.
Also: Add `test/python/**` into the apiv2 task conditions as referenced
by the `Makefile` `localapiv2-python` target.
Signed-off-by: Chris Evich <cevich@redhat.com>
Previously, if anyone touched these files no extra testing would
trigger. However, basically all testing depends on them. Update the
condition and test that verifies it.
Signed-off-by: Chris Evich <cevich@redhat.com>
As of https://github.com/containers/automation_images/pull/357
our CI VMs include a local registry preloaded with all(*)
images used in tests.
* where "all" means "most".
This commit installs a new registries.conf that redirects docker
and quay to the new local registry. The hope is that this will
reduce CI flakes.
Since tests change over time, and new tests may require new
images, this commit also adds a mechanism for pulling in
remote images at test run time. Obviously this negates
the purpose of the cache, since it introduces a flake
pain point. The idea is: DO NOT DO THIS UNLESS ABSOLUTELY
NECESSARY, and then, if we have to do this, hurry up and
spin new CI VMs that include the new image(s).
Signed-off-by: Ed Santiago <santiago@redhat.com>
Run root e2e & system tests using composefs on rawhide.
Write magic settings to storage.conf. That part is easy.
e2e tests, however, ignore storage.conf. They require everything
to be specified on the command line. And "everything", in the
case of composefs, includes a long complicated --pull-options
string which in turn requires containers-storage PR 1966
which, as of this writing, is finally vendored into podman.
Signed-off-by: Ed Santiago <santiago@redhat.com>
This test flakes frequently and its status is completely ignored in CI.
At the time of this commit, nobody has stepped up to debug or fix it.
Drop the test.
Signed-off-by: Chris Evich <cevich@redhat.com>
When we check if source code was changed also include header files.
There is only one header file currently but that can change and it may
be possible that changes in this file can break things so make sure it
is considered source code so that all tests are triggered.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This directory contains important tools such as ginkgo as such updates
there should run through all testing and not skip anything.
Technically we do not need to run system tests as it doesn't use any
tool from there but that
a) might change in the future and
b) would make the only_if rules much more complicated if we try to
exclude it and
c) updates in test/tools are rare and/or automated so it does not cause
inconveniences to run all anyway
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The chocolatey tool that was fetching us wix v3 can no longer be used to
fetch wix v4+ so we had to switch to dotnet to fetch the latest wix.
This commit builds the installer with wix v5.
wix v5 is installed via the `dotnet` tool in the windows image itself
at https://github.com/containers/automation_images/pull/354.
Going forward, the `dotnet` tool will also be used to build the installer.
In the process, the wix v3 files were converted to wix v4+ using `wix
convert` followed by manual modifications along with switch to wixproj
builds with dotnet.
The GitHub Action to upload windows installer now builds the installer
using winmake.ps1.
Contributions from Mario Loriedo:
- bundle setup update to wix5
- updates to build and release process scripts
Ref: https://github.com/lsm5/podman/pull/3
- small fixes to windows installer theme
Ref: https://github.com/lsm5/podman/pull/4
- Better win-installer sidebar logo
Ref: https://github.com/lsm5/podman/pull/5
Resolves: RUN-2055
Co-authored-by: Mario Loriedo <mario.loriedo@gmail.com>
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
As we want to get rid of the special titles convert the existing skips
to the only_if condition, this makes it more readable as we do not need
to negate so much.
Then add similar conditions for all test tasks, this removes the need to
a special title such as CI:DOCS as the logic is smart enough to only
docs changes when no source code was changed.
Update the documentation for the new logic and no longer point
contributors to the CI:DOCS title as it is gone now.
There is a bunch of duplication in the rules as yaml doesn't allow us to
share only parts of a string. To prevent unwanted drift a test case in
contrib/cirrus/cirrus_yaml_test.py is added to ensure all conditions
follow the same base ruleset.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Previously it was easy for a maintainer to change a Cirrus-CI task name
w/o realizing it would (later) cause a downstream task or the `artifacts`
task to fail. This is due to duplication of task names in URLencoded
format. Worse, `artifacts` task failures are inconsequential in PRs,
and not all tasks are executed for every PR context (i.e. due to `skip`
or `only_if` exclusions). So induced name change failures may not be
noticed until after a PR merges.
Improve the visibility of the situation by adding comments to all
consequential names. That is, task names where there is a URLencoded
duplicate reference elsewhere.
Signed-off-by: Chris Evich <cevich@redhat.com>
The task got renamed but didn't fix the URL for the machine test task
only the artifacts task url was fixed.
Fixes 439fe90208 ("Minor: Rename the OSX Cross task")
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
For a long time, this task has not been cross-compiling, it's building
natively on a Mac. Avoid any possible confusion by renaming the task.
Signed-off-by: Chris Evich <cevich@redhat.com>
Linting code changes with golangci-lint is a very slow and resource
intensive process. However, it does not depend on compiling anything.
This means it may run in parallel with the build tasks for
a modest perceived runtime duration improvement.
Additionally, the former validation make targets that **do** require a
build execute faster than CI is able to provision a VM, simply tack them
onto the end of all build operations.
Signed-off-by: Chris Evich <cevich@redhat.com>
Integration tests run around 15-20 mins now. Lower the timeout to 30m,
if we hit this something is very wrong and needs to be looked at and
there is no point in waiting much longer in case of a hang.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
With (esp. Debian) CI VM images built by
https://github.com/containers/automation_images/ pull/338 CI no-longer
tests with runc nor cgroups v1. Add logic to fail under these
conditions. Prune back high-level YAML/script envars and logic formerly
required to support these things.
Signed-off-by: Chris Evich <cevich@redhat.com>
Now that we have source based skips there might be a case where we have
to run all tests. One option is to simply change a line in one of the
danger files but having something that can be set as title might be
easier for users.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We do not have to test everything for each PR, we can know based on the
source if we changed (i.e. machine code) and only run the tests then.
This implements it as skip conditions, due to the nature of yaml files
we unfortunately cannot deduplicate everything, i.e. the is PR check and
danger files apply to everything but as skip is only a single yaml
string we cannot deduplicate parts of that string. If anyone knows a way
to achieve this I like to hear it.
For now I implemented this for int, system, bud and machine tests. Once
we are more comfortable with this I plan on adding it to other tests as
well.
This will replace the current _bail_if_test_can_be_skipped logic as it
covers more, marks tasks actually skipped in the github UI and works
even for the windows/macos machine tests.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Built in: https://github.com/containers/automation_images/pull/361
Main changes:
- lots of package bumps, see link above. Most important
is debian systemd, which should fix the XDG bug in 256-rc3
- workaround for rawhide IMA (signed rpms) issue
- rawhide now includes composefs
Signed-off-by: Ed Santiago <santiago@redhat.com>
Another new-VM import from
https://github.com/containers/automation_images/pull/338
...because the usual conflict dealio in that repo. This
should mostly be a NOP. All the major work was done in #22706.
Signed-off-by: Ed Santiago <santiago@redhat.com>
podman.msi GUI has a radio-button to select WSL or Hyper-V
The checkbox in podman.msi GUI allow the user to specify if
the machine provider installation (WSL or Hyper-V) should
be part of podman installation or not.
podman-setup.exe supports 2 new variables: MachineProvider
(valid values are `wsl` and `hyperv`) and HyperVCheckbox
(valid values are `0` and `1`)
Installation creates the configuration file
`99-podman-machine-provider.conf` under folder
`%APPDATA\containers\containers.conf.d` with the selected
machine provider
Cirrus CI `win_installer_task` tests the installation with
both `hyperv` and `wsl` and verifies the configuration.
Uninstallation is tested too.
Note that podman-setup.exe GUI doesn't allow to choose the
provider yet. See https://github.com/containers/podman/issues/22492
Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
As agreed in Planning meeting of 2024-03-20, Podman 5.x will
drop support for cgroups v1 and for runc. Make it so.
CI images built in https://github.com/containers/automation_images/pull/338
Signed-off-by: Ed Santiago <santiago@redhat.com>
It's been flaking heavily since March. I don't see any new
development going on in minikube-land. If anyone decides
to care about minikube again, they can reenable this.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Use 4 core VM vompred to the standard 2 cores, integration tests scale
almost linear with extra cores, as such doubling the cores makes the
tests almost twice as fast. This brings the test time down to 15-17 min
in CI.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This reverts commit 02b8fd7156c93555b0ac1f775aa824ec04224215.
The new CI images should have a apparmor workaround.
Fixes#22625
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
First, setup a custom TMPDIR to ensure we have no special assumptions
about hard coded paths. Second, make sure it is actually on a tmpfs so
we can catch regressions in the VM setup immediately.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
TMPDIR is typically /tmp which is typically(*) a tmpfs.
This PR ignores $TMPDIR when $CI is defined, forcing all
e2e tests to set up one central working directory in /var/tmp
instead.
Also, lots of cleanup.
(*) For many years, up to and still including the time of
this PR, /tmp on Fedora CI VMs is actually NOT tmpfs,
it is just / (root). This is nonstandard and undesirable.
Efforts are underway to remove this special case.
Signed-off-by: Ed Santiago <santiago@redhat.com>
compose v1 has been deprecated for some time now, since July 2023 it no
longer receives any updates[1]. As such testing it on every PR is
pointless, it also does not provide any more coverage then compose v2.
At least I never saw only compose v1 test fails (except for flakes) so
it doesn't help us to catch regressions.
We tried to remove it before but decided against it at that time[2].
[1] https://docs.docker.com/compose/migrate/
[2] https://github.com/containers/podman/issues/18688
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Emergency update to get pasta 03-26. Also gives us crun 1.14.4.
One unexplained difference: fc39 and rawhide now create:
/run/log/journal/SOMETHING/system.journal
...and the SOMETHING is o-rwx. This triggers journalctl to spit out a warning:
Hint: You are currently not seeing messages from the system.
Users in groups 'adm', 'systemd-journal', 'wheel' can see all messages.
Pass -q to turn off this notice.
...which in turn causes ExitCleanly() to fail.
It is not clear who/what is creating this journal directory, or
why it allofasudden started just now. Workaround is to add -q
to journalctl in one test.
One more difference, another test now requires SYSLOG capability.
VM package info:
https://github.com/containers/automation_images/pull/342
Signed-off-by: Ed Santiago <santiago@redhat.com>
The container image build automation no longer lives here, it was moved
to containers/image_build.
Also strip out a few lingering comments referencing gitleaks, which was
removed from automation use.
Signed-off-by: Chris Evich <cevich@redhat.com>
Building arm podman needs to be the last thing built in the OSX cross task. The Mac tests rely this Podman binary to run, and the CI Mac is ARM-based
Signed-off-by: Ashley Cui <acui@redhat.com>
