forked from opencontainers/runc
-
Notifications
You must be signed in to change notification settings - Fork 0
164 lines (143 loc) · 5.46 KB
/
test.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
# NOTE Github Actions execution environments lack a terminal, needed for
# some integration tests. So we use `script` command to fake a terminal.
name: ci
on:
push:
tags:
- v*
branches:
- main
- release-*
pull_request:
permissions:
contents: read
env:
# Don't ignore C warnings. Note that the output of "go env CGO_CFLAGS" by default is "-g -O2", so we keep them.
CGO_CFLAGS: -g -O2 -Werror
jobs:
test:
timeout-minutes: 30
strategy:
fail-fast: false
matrix:
os: [ubuntu-20.04, ubuntu-22.04]
go-version: [1.20.x, 1.21.x]
rootless: ["rootless", ""]
race: ["-race", ""]
criu: ["", "criu-dev"]
dmz: ["", "runc_nodmz"]
exclude:
# Disable most of criu-dev jobs, as they are expensive
# (need to compile criu) and don't add much value/coverage.
- criu: criu-dev
go-version: 1.20.x
- criu: criu-dev
rootless: rootless
- criu: criu-dev
race: -race
- criu: criu-dev
dmz: runc_nodmz
# Disable most of runc_nodmz jobs, as they don't add much value
# (as dmz is disabled by default anyway).
- dmz: runc_nodmz
os: ubuntu-20.04
- dmz: runc_nodmz
go-version: 1.20.x
- dmz: runc_nodmz
rootless: rootless
- dmz: runc_nodmz
race: -race
runs-on: ${{ matrix.os }}
steps:
- name: checkout
uses: actions/checkout@v4
- name: install deps
if: matrix.criu == ''
env:
PREFIX: https://download.opensuse.org/repositories/devel:/tools:/criu/xUbuntu
run: |
# criu repo
REPO=${PREFIX}_$(echo ${{ matrix.os }} | sed 's/.*-//')
curl -fSsLl $REPO/Release.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/devel_tools_criu.gpg > /dev/null
echo "deb $REPO/ /" | sudo tee /etc/apt/sources.list.d/criu.list
sudo apt update
sudo apt install libseccomp-dev criu sshfs
- name: install deps (criu ${{ matrix.criu }})
if: matrix.criu != ''
run: |
sudo apt -q update
sudo apt -q install libseccomp-dev sshfs \
libcap-dev libnet1-dev libnl-3-dev \
libprotobuf-c-dev libprotobuf-dev protobuf-c-compiler protobuf-compiler
git clone https://github.com/checkpoint-restore/criu.git ~/criu
(cd ~/criu && git checkout ${{ matrix.criu }} && sudo make install-criu)
rm -rf ~/criu
- name: install go ${{ matrix.go-version }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
- name: build
env:
EXTRA_BUILDTAGS: ${{ matrix.dmz }}
run: sudo -E PATH="$PATH" make EXTRA_FLAGS="${{ matrix.race }}" all
- name: install bats
uses: mig4/setup-bats@v1
with:
bats-version: 1.9.0
- name: unit test
if: matrix.rootless != 'rootless'
env:
EXTRA_BUILDTAGS: ${{ matrix.dmz }}
run: sudo -E PATH="$PATH" -- make TESTFLAGS="${{ matrix.race }}" localunittest
- name: add rootless user
if: matrix.rootless == 'rootless'
run: |
sudo useradd -u2000 -m -d/home/rootless -s/bin/bash rootless
# Allow root and rootless itself to execute `ssh rootless@localhost` in tests/rootless.sh
ssh-keygen -t ecdsa -N "" -f $HOME/rootless.key
sudo mkdir -m 0700 -p /home/rootless/.ssh
sudo cp $HOME/rootless.key /home/rootless/.ssh/id_ecdsa
sudo cp $HOME/rootless.key.pub /home/rootless/.ssh/authorized_keys
sudo chown -R rootless.rootless /home/rootless
sudo chmod a+X $HOME # for Ubuntu 22.04
- name: integration test (fs driver)
run: sudo -E PATH="$PATH" script -e -c 'make local${{ matrix.rootless }}integration'
- name: integration test (systemd driver)
# Skip rootless+systemd for ubuntu 20.04 because of cgroup v1.
if: ${{ !(matrix.os == 'ubuntu-20.04' && matrix.rootless == 'rootless') }}
run: |
# Delegate all cgroup v2 controllers to rootless user via --systemd-cgroup.
# The default (since systemd v252) is "pids memory cpu".
sudo mkdir -p /etc/systemd/system/user@.service.d
printf "[Service]\nDelegate=yes\n" | sudo tee /etc/systemd/system/user@.service.d/delegate.conf
sudo systemctl daemon-reload
# Run the tests.
sudo -E PATH="$PATH" script -e -c 'make RUNC_USE_SYSTEMD=yes local${{ matrix.rootless }}integration'
# We need to continue support for 32-bit ARM.
# However, we do not have 32-bit ARM CI, so we use i386 for testing 32bit stuff.
# We are not interested in providing official support for i386.
cross-i386:
timeout-minutes: 15
strategy:
fail-fast: false
matrix:
dmz: ["", "runc_nodmz"]
runs-on: ubuntu-22.04
steps:
- name: checkout
uses: actions/checkout@v4
- name: install deps
run: |
sudo dpkg --add-architecture i386
# add criu repo
sudo add-apt-repository -y ppa:criu/ppa
# apt-add-repository runs apt update so we don't have to.
sudo apt -q install libseccomp-dev libseccomp-dev:i386 gcc-multilib libgcc-s1:i386 criu
- name: install go
uses: actions/setup-go@v5
with:
go-version: 1.21.x # TODO: switch to 1.x (latest stable) once Go 1.22 vs glibc issue is fixed.
- name: unit test
env:
EXTRA_BUILDTAGS: ${{ matrix.dmz }}
run: sudo -E PATH="$PATH" -- make GOARCH=386 localunittest