Skip to content

Commit

Permalink
Move Vagrant-based tests from GitHub Actions to Cirrus CI
Browse files Browse the repository at this point in the history 
Cirrus CI supports nested virtualization and free to use from open
source projects. runc has been using the service since
opencontainers/runc#3088.

Signed-off-by: Kazuyoshi Kato <[email protected]>
  • Loading branch information
@kzys
kzys committed Apr 26, 2022
1 parent 0d696d2 commit 5f43118
Show file tree
Hide file tree
Showing 4 changed files with 123 additions and 103 deletions.
77 changes: 77 additions & 0 deletions .cirrus.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
# While Cirrus CI gives open-source projects free 16.0 CPUs,
# we use only 2 CPUs x 3 tasks = 6 CPUs since the tests here aren't fully
# utilizing multiple CPUs.
# https://cirrus-ci.org/faq/#are-there-any-limits
#
# Undocumented constraints;
# - The maximum memory limit is 4G times the number of CPUs.
# - The number of CPUs should be multiple of 2.

task:
name: Vagrant

compute_engine_instance:
image_project: cirrus-images
image: family/docker-kvm
platform: linux
nested_virtualization: true
cpu: 2
memory: 8G

env:
GOTEST: gotestsum --
# By default, Cirrus CI doesn't have HOME defined
HOME: /root
matrix:
BOX: fedora/35-cloud-base
BOX: rockylinux/8
install_libvirt_vagrant_script: |
apt-get update
apt-get install -y libvirt-daemon libvirt-daemon-system vagrant vagrant-libvirt
systemctl enable --now libvirtd
vagrant_cache:
folder: /root/.vagrant.d
fingerprint_script: uname -a; cat Vagrantfile

vagrant_up_script: |
vagrant up --no-tty
integration_script: |
vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-integration
cri_test_script: |
vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-cri
task:
name: CGroupsV2 - rootless CRI test

env:
HOME: /root

compute_engine_instance:
image_project: cirrus-images
image: family/docker-kvm
platform: linux
nested_virtualization: true
cpu: 2
memory: 8G

install_libvirt_vagrant_script: |
apt-get update
apt-get install -y libvirt-daemon libvirt-daemon-system vagrant vagrant-libvirt
systemctl enable --now libvirtd
vagrant_cache:
folder: /root/.vagrant.d
fingerprint_script: uname -a; cat Vagrantfile

vagrant_up_script: |
vagrant up --provision-with=install-rootless-podman --no-tty
podman_build_script: |
# Execute rootless podman to create the UserNS env
vagrant ssh -- podman build --target cri-in-userns -t cri-in-userns -f /vagrant/contrib/Dockerfile.test /vagrant
test_script: |
vagrant ssh -- podman run --rm --privileged cri-in-userns
103 changes: 0 additions & 103 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -508,106 +508,3 @@ jobs:
name: TestResults MacOS
path: |
*-junit.xml
vagrant:
name: Vagrant
# nested virtualization is only available on macOS hosts
runs-on: macos-10.15
timeout-minutes: 45
needs: [project, linters, protos, man]
strategy:
fail-fast: false
matrix:
# Currently crun is disabled to decrease CI flakiness.
# We can enable crun again when we get a better CI infra.
runc: [runc]
# Fedora is for testing cgroup v2 functionality, Rocky Linux is for testing on an enterprise-grade environment
box: ["fedora/35-cloud-base", "rockylinux/8"]
env:
GOTEST: gotestsum --
steps:
- uses: actions/checkout@v2

- name: "Cache ~/.vagrant.d/boxes"
uses: actions/cache@v2
with:
path: ~/.vagrant.d/boxes
key: vagrant-${{ hashFiles('Vagrantfile*') }}

- name: Vagrant start
env:
BOX: ${{ matrix.box }}
run: |
if [ "$BOX" = "rockylinux/8" ]; then
# The latest version 5.0.0 seems 404 (as of March 30, 2022)
export BOX_VERSION="4.0.0"
fi
# Retry if it fails (download.fedoraproject.org returns 404 sometimes)
vagrant up || vagrant up
- name: Integration
env:
RUNC_FLAVOR: ${{ matrix.runc }}
SELINUX: Enforcing
GOTESTSUM_JUNITFILE: /tmp/test-integration-junit.xml
run: vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-integration

- name: CRI test
env:
RUNC_FLAVOR: ${{ matrix.runc }}
SELINUX: Enforcing
REPORT_DIR: /tmp/critestreport
run: vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-cri

- name: Collect the VM's IP address for Docker Hub's throttling issue
if: failure()
run: vagrant ssh -- curl https://api64.ipify.org/

- name: Get test reports
if: always()
run: |
set -e
vagrant plugin install vagrant-vbguest
vagrant plugin install vagrant-scp
vagrant scp :/tmp/test-integration-junit.xml "${{ github.workspace }}/"
vagrant scp :/tmp/critestreport "${{ github.workspace }}/critestreport"
- uses: actions/upload-artifact@v2
if: always()
with:
# ${{ matrix.box }} cannot be used here due to character limitation
name: TestResults vagrant ${{ github.run_id }} ${{ matrix.runtime }} ${{matrix.runc}}
path: |
${{github.workspace}}/*-junit.xml
${{github.workspace}}/critestreport/*
cgroup2-misc:
name: CGroupsV2 - rootless CRI test
# nested virtualization is only available on macOS hosts
runs-on: macos-10.15
timeout-minutes: 45
needs: [project, linters, protos, man]
steps:
- uses: actions/checkout@v2

- name: "Cache ~/.vagrant.d/boxes"
uses: actions/cache@v2
with:
path: ~/.vagrant.d/boxes
key: vagrant-${{ hashFiles('Vagrantfile*') }}

- name: Vagrant start
run: |
# Retry if it fails (download.fedoraproject.org returns 404 sometimes)
vagrant up || vagrant up
# slow, so separated from the regular cgroup2 task
- name: CRI-in-UserNS test with Rootless Podman
run: |
vagrant up --provision-with=install-rootless-podman
# Execute rootless podman to create the UserNS env
vagrant ssh -- podman build --target cri-in-userns -t cri-in-userns -f /vagrant/contrib/Dockerfile.test /vagrant
vagrant ssh -- podman run --rm --privileged cri-in-userns
- name: Collect the VM's IP address for Docker Hub's throttling issue
if: failure()
run: vagrant ssh -- curl https://api64.ipify.org/
6 changes: 6 additions & 0 deletions Vagrantfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,17 +19,23 @@
Vagrant.configure("2") do |config|
config.vm.box = ENV["BOX"] || "fedora/35-cloud-base"
config.vm.box_version = ENV["BOX_VERSION"]

memory = 4096
cpus = 2
disk_size = 60
config.vm.provider :virtualbox do |v|
v.memory = memory
v.cpus = cpus
v.disk :disk, size: "#{disk_size}GB", primary: true
end
config.vm.provider :libvirt do |v|
v.memory = memory
v.cpus = cpus
v.machine_virtual_size = disk_size
end

config.vm.provision 'shell', path: 'script/resize-vagrant-root.sh'

# Disabled by default. To run:
# vagrant up --provision-with=upgrade-packages
# To upgrade only specific packages:
Expand Down
40 changes: 40 additions & 0 deletions script/resize-vagrant-root.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
#!/usr/bin/env bash

# Copyright The containerd Authors.

# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at

# http://www.apache.org/licenses/LICENSE-2.0

# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

set -eu -o pipefail

# Rocky Linux doesn't have growpart by default.
(growpart -h > /dev/null) || dnf -y install cloud-utils-growpart

df_line=$(df -T / | grep '^/dev/')
if [[ "$df_line" =~ ^/dev/([a-z]+)([0-9+]) ]]; then
dev="${BASH_REMATCH[1]}"
part="${BASH_REMATCH[2]}"
growpart "/dev/$dev" "$part"

fstype=$(echo "$df_line" | awk '{print $2}')
if [[ "$fstype" = 'btrfs' ]]; then
btrfs filesystem resize max /
elif [[ "$fstype" = 'xfs' ]]; then
xfs_growfs -d /
else
echo "Unknown filesystem: $df_line"
exit 1
fi
else
echo "Failed to parse: $df_line"
exit 1
fi

0 comments on commit 5f43118

Please sign in to comment.