diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index bc375bc9637..55511ebfdf1 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2024-11-28T14:18:12Z by kres 232fe63. +# Generated on 2024-12-03T22:25:05Z by kres 232fe63. name: default concurrency: @@ -1609,6 +1609,99 @@ jobs: TF_SCRIPT_DIR: _out/contrib run: | make e2e-cloud-tf + integration-image-cache: + permissions: + actions: read + contents: write + issues: read + packages: write + pull-requests: read + runs-on: + - self-hosted + - talos + if: contains(fromJSON(needs.default.outputs.labels), 'integration/image-cache') + needs: + - default + steps: + - name: gather-system-info + id: system-info + uses: kenchan0130/actions-system-info@v1.3.0 + continue-on-error: true + - name: print-system-info + run: | + MEMORY_GB=$((${{ steps.system-info.outputs.totalmem }}/1024/1024/1024)) + + OUTPUTS=( + "CPU Core: ${{ steps.system-info.outputs.cpu-core }}" + "CPU Model: ${{ steps.system-info.outputs.cpu-model }}" + "Hostname: ${{ steps.system-info.outputs.hostname }}" + "NodeName: ${NODE_NAME}" + "Kernel release: ${{ steps.system-info.outputs.kernel-release }}" + "Kernel version: ${{ steps.system-info.outputs.kernel-version }}" + "Name: ${{ steps.system-info.outputs.name }}" + "Platform: ${{ steps.system-info.outputs.platform }}" + "Release: ${{ steps.system-info.outputs.release }}" + "Total memory: ${MEMORY_GB} GB" + ) + + for OUTPUT in "${OUTPUTS[@]}";do + echo "${OUTPUT}" + done + continue-on-error: true + - name: checkout + uses: actions/checkout@v4 + - name: Unshallow + run: | + git fetch --prune --unshallow + - name: Set up Docker Buildx + id: setup-buildx + uses: docker/setup-buildx-action@v3 + with: + driver: remote + endpoint: tcp://buildkit-amd64.ci.svc.cluster.local:1234 + timeout-minutes: 10 + - name: Download artifacts + if: github.event_name != 'schedule' + uses: actions/download-artifact@v4 + with: + name: talos-artifacts + path: _out + - name: Fix artifact permissions + if: github.event_name != 'schedule' + run: | + xargs -a _out/executable-artifacts -I {} chmod +x {} + - name: ci-temp-release-tag + if: github.event_name != 'schedule' + run: | + make ci-temp-release-tag + - name: uki-certs + if: github.event_name == 'schedule' + env: + PLATFORM: linux/amd64 + run: | + make uki-certs + - name: image-cache + env: + IMAGE_REGISTRY: registry.dev.siderolabs.io + PLATFORM: linux/amd64,linux/arm64 + PUSH: "true" + run: | + make cache-create + - name: use-image-cache + env: + GITHUB_STEP_NAME: ${{ github.job}}-e2e-image-cache + IMAGE_REGISTRY: registry.dev.siderolabs.io + run: | + sudo -E make e2e-image-cache + - name: save artifacts + if: always() + uses: actions/upload-artifact@v4 + with: + name: talos-logs-integration-image-cache + path: |- + /tmp/logs-*.tar.gz + /tmp/support-*.zip + retention-days: "5" integration-image-factory: permissions: actions: read diff --git a/.kres.yaml b/.kres.yaml index 3e82eebbfcd..3a7a7486b54 100644 --- a/.kres.yaml +++ b/.kres.yaml @@ -72,6 +72,7 @@ spec: - integration-images - integration-reproducibility-test - integration-cloud-images + - integration-image-cache - integration-image-factory - integration-aws - integration-aws-nvidia-oss @@ -1509,6 +1510,54 @@ spec: PLATFORM: linux/amd64,linux/arm64 IMAGE_REGISTRY: registry.dev.siderolabs.io - name: cloud-images + - name: integration-image-cache + buildxOptions: + enabled: true + depends: + - default + runners: + - self-hosted + - talos + triggerLabels: + - integration/image-cache + steps: + - name: download-artifacts + conditions: + - not-on-schedule + artifactStep: + type: download + artifactName: talos-artifacts + artifactPath: _out + - name: ci-temp-release-tag + conditions: + - not-on-schedule + - name: uki-certs + conditions: + - only-on-schedule + environment: + PLATFORM: linux/amd64 + - name: image-cache + command: cache-create + environment: + PLATFORM: linux/amd64,linux/arm64 + IMAGE_REGISTRY: registry.dev.siderolabs.io + PUSH: true + - name: use-image-cache + command: e2e-image-cache + withSudo: true + environment: + IMAGE_REGISTRY: registry.dev.siderolabs.io + GITHUB_STEP_NAME: ${{ github.job}}-e2e-image-cache + - name: save-talos-logs + conditions: + - always + artifactStep: + type: upload + artifactName: talos-logs-integration-image-cache + disableExecutableListGeneration: true + artifactPath: /tmp/logs-*.tar.gz + additionalArtifacts: + - "/tmp/support-*.zip" - name: integration-image-factory buildxOptions: enabled: true diff --git a/Makefile b/Makefile index 97d6c2186f5..88dc942c479 100644 --- a/Makefile +++ b/Makefile @@ -459,6 +459,12 @@ uki-certs: talosctl ## Generate test certificates for SecureBoot/PCR Signing @$(TALOSCTL_EXECUTABLE) gen secureboot pcr @$(TALOSCTL_EXECUTABLE) gen secureboot database +.PHONY: cache-create +cache-create: installer imager ## Generate image cache. + @$(TALOSCTL_EXECUTABLE) images default | $(TALOSCTL_EXECUTABLE) images cache-create --image-cache-path=/tmp/cache.tar --images=- --force + @crane push /tmp/cache.tar $(REGISTRY_AND_USERNAME)/image-cache + @$(MAKE) image-iso IMAGER_ARGS="--image-cache=$(REGISTRY_AND_USERNAME)/image-cache:latest --extra-kernel-arg='console=ttyS0'" + # Code Quality api-descriptors: ## Generates API descriptors used to detect breaking API changes. diff --git a/hack/test/e2e-image-cache.sh b/hack/test/e2e-image-cache.sh new file mode 100755 index 00000000000..1109186da5f --- /dev/null +++ b/hack/test/e2e-image-cache.sh @@ -0,0 +1,58 @@ +#!/usr/bin/env bash + +set -eoux pipefail + +source ./hack/test/e2e.sh + +PROVISIONER=qemu +CLUSTER_NAME=e2e-image-cache + +NODE="172.20.2.2" + +function build_special_mirrors { + REGISTRY_MIRROR_FLAGS=() + + for registry in docker.io quay.io ghcr.io; do + local service="registry-${registry//./-}.ci.svc" + addr=$(python3 -c "import socket; print(socket.gethostbyname('${service}'))") + + REGISTRY_MIRROR_FLAGS+=("--registry-mirror=${registry}=http://${addr}:5000") + done +} + +function create_cluster { + build_special_mirrors + + "${TALOSCTL}" cluster create \ + --provisioner="${PROVISIONER}" \ + --name="${CLUSTER_NAME}" \ + --kubernetes-version=${KUBERNETES_VERSION} \ + --iso-path=${ARTIFACTS}/metal-amd64.iso \ + --controlplanes=1 \ + --workers=0 \ + --mtu=1430 \ + --memory=2048 \ + --cpus=2.0 \ + --cidr=172.20.2.0/24 \ + --with-apply-config \ + --config-patch=@hack/test/patches/image-cache.yaml \ + --install-image=${REGISTRY:-ghcr.io}/siderolabs/installer:${TAG} \ + --cni-bundle-url=${ARTIFACTS}/talosctl-cni-bundle-'${ARCH}'.tar.gz \ + "${REGISTRY_MIRROR_FLAGS[@]}" \ + "${QEMU_FLAGS[@]}" + + "${TALOSCTL}" config node "${NODE}" +} + +function destroy_cluster() { + "${TALOSCTL}" cluster destroy \ + --name "${CLUSTER_NAME}" \ + --provisioner "${PROVISIONER}" \ + --save-cluster-logs-archive-path="/tmp/logs-${CLUSTER_NAME}.tar.gz" \ + --save-support-archive-path="/tmp/support-${CLUSTER_NAME}.zip" +} + +trap destroy_cluster SIGINT EXIT + +create_cluster +sleep 5 diff --git a/hack/test/patches/image-cache.yaml b/hack/test/patches/image-cache.yaml new file mode 100644 index 00000000000..80ba0113ea9 --- /dev/null +++ b/hack/test/patches/image-cache.yaml @@ -0,0 +1,25 @@ +machine: + features: + imageCache: + localEnabled: true + registries: + mirrors: + gcr.io: + skipFallback: true + endpoints: + - http://172.20.0.250:65000 + k8s.gcr.io: + skipFallback: true + endpoints: + - http://172.20.0.250:65000 + registry.k8s.io: + skipFallback: true + endpoints: + - http://172.20.0.250:65000 +--- +apiVersion: v1alpha1 +kind: VolumeConfig +name: IMAGECACHE +provisioning: + diskSelector: + match: 'system_disk'