Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[skip-ci] TMT: run system tests on Fedora and CentOS Stream #24369

Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .github/labeler.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,5 @@ kind/api-change:
machine:
- changed-files:
- any-glob-to-any-file: pkg/machine/**
release:
- base-branch: [^v?(0|[1-9]\d*).(0|[1-9]\d*)$]
71 changes: 69 additions & 2 deletions .packit.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,27 @@
downstream_package_name: podman
upstream_tag_template: v{version}

# These files get synced from upstream to downstream (Fedora / CentOS Stream) on every
# propose-downstream job. This is done so tests maintained upstream can be run
# downstream in Zuul CI and Bodhi.
# Ref: https://packit.dev/docs/configuration#files_to_sync
files_to_sync:
- src: rpm/gating.yaml
dest: gating.yaml
delete: true
- src: plans/
dest: plans/
delete: true
mkpath: true
- src: test/tmt/
dest: test/tmt/
delete: true
mkpath: true
- src: .fmf/
dest: .fmf/
delete: true
- .packit.yaml

packages:
podman-fedora:
pkg_tool: fedpkg
Expand All @@ -31,7 +52,7 @@ jobs:
failure_comment:
message: "Ephemeral COPR build failed. @containers/packit-build please check."
enable_net: true
targets:
targets: &fedora_copr_targets
- fedora-all-x86_64
- fedora-all-aarch64

Expand All @@ -53,7 +74,7 @@ jobs:
packages: [podman-centos]
notifications: *packit_build_failure_notification
enable_net: true
targets:
targets: &centos_copr_targets
- centos-stream-9-x86_64
- centos-stream-9-aarch64
- centos-stream-10-x86_64
Expand All @@ -71,6 +92,52 @@ jobs:
project: podman-next
enable_net: true

- job: tests
trigger: pull_request
packages: [podman-fedora]
targets: *fedora_copr_targets
require: &dev_tests
label:
absent:
- release
tf_extra_params:
environments:
- artifacts:
- type: repository-file
id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/fedora-$releasever/rhcontainerbot-podman-next-fedora-$releasever.repo
identifier: "dev"

- job: tests
trigger: pull_request
packages: [podman-fedora]
targets: *fedora_copr_targets
require: &release_tests
label:
present:
- release
preserve_project: true
identifier: "release"

- job: tests
trigger: pull_request
packages: [podman-centos]
targets: *centos_copr_targets
require: *dev_tests
tf_extra_params:
environments:
- artifacts:
- type: repository-file
id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/centos-stream-$releasever/rhcontainerbot-podman-next-centos-stream-$releasever.repo
identifier: "dev"

- job: tests
trigger: pull_request
packages: [podman-centos]
targets: *centos_copr_targets
require: *release_tests
preserve_project: true
identifier: "release"

- job: tests
identifier: cockpit-revdeps
trigger: pull_request
Expand Down
37 changes: 37 additions & 0 deletions plans/podman.fmf
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
discover:
how: fmf
execute:
how: tmt
prepare:
- how: feature
epel: enabled
- when: initiator == packit
how: shell
script: |
sed -i -n '/^priority=/!p;$apriority=1' /etc/yum.repos.d/*podman-next*.repo
dnf -y upgrade --allowerasing
if [[ $(rpm --eval '%{?rhel}') == 10 ]]; then
dnf -y copr enable rhcontainerbot/bats-el10
fi
- how: install
package:
- bats
- podman-remote
- podman-tests
- slirp4netns

/upstream:
summary: Run tests on upstream PRs
discover+:
filter: tag:upstream
adjust+:
- enabled: false
when: revdeps == yes or initiator is not defined or initiator != packit

/downstream:
summary: Run tests on bodhi / errata and dist-git PRs
discover+:
filter: tag:downstream
adjust+:
- enabled: false
when: initiator == packit
17 changes: 17 additions & 0 deletions rpm/gating.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
--- !Policy
product_versions:
- fedora-*
decision_contexts:
- bodhi_update_push_stable
- bodhi_update_push_testing
subject_type: koji_build
rules:
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}

# recipients: jnovy, lsm5, santiago
--- !Policy
product_versions:
- rhel-*
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}
33 changes: 19 additions & 14 deletions rpm/podman.spec
Original file line number Diff line number Diff line change
Expand Up @@ -7,23 +7,12 @@
%global debug_package %{nil}
%endif

# RHEL's default %%gobuild macro doesn't account for the BUILDTAGS variable, so we
# set it separately here and do not depend on RHEL's go-[s]rpm-macros package
# until that's fixed.
# c9s bz: https://bugzilla.redhat.com/show_bug.cgi?id=2227328
%if %{defined rhel} && 0%{?rhel} < 10
%define gobuild(o:) go build -buildmode pie -compiler gc -tags="rpm_crashtraceback libtrust_openssl ${BUILDTAGS:-}" -ldflags "-linkmode=external -compressdwarf=false ${LDFLAGS:-} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags'" -a -v -x %{?**};
%endif

%global gomodulesmode GO111MODULE=on

%if %{defined rhel}
# _user_tmpfiles.d currently undefined on rhel
%global _user_tmpfilesdir %{_datadir}/user-tmpfiles.d
%endif

%if %{defined fedora}
%define build_with_btrfs 1
# No machine stuff for rhel
%define machine 1
%endif

%if %{defined copr_username}
Expand All @@ -43,6 +32,16 @@
# podman-machine subpackage will be present only on these architectures
%global machine_arches x86_64 aarch64

%if %{defined fedora}
%define qemu 1
%endif

# Adjust/Remove after epel10 gets bats
# Ref: https://bugzilla.redhat.com/show_bug.cgi?id=2329315
%if %{defined fedora} || %{defined rhel} && 0%{?rhel} == 9
%define bats_epel 1
%endif

Name: podman
%if %{defined copr_build}
Epoch: 102
Expand Down Expand Up @@ -139,8 +138,10 @@ pages and %{name}.
Summary: Tests for %{name}

Requires: %{name} = %{epoch}:%{version}-%{release}
%if %{defined fedora}
%if %{defined bats_epel}
Requires: bats
%else
Recommends: bats
%endif
Requires: jq
Requires: skopeo
Expand Down Expand Up @@ -187,7 +188,11 @@ when `%{_bindir}/%{name}sh` is set as a login shell or set as os.Args[0].
Summary: Metapackage for setting up %{name} machine
Requires: %{name} = %{epoch}:%{version}-%{release}
Requires: gvisor-tap-vsock
%if %{defined qemu}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps you want qemu-kvm? Publishing podman-machine in RHEL without QEMU otherwise feels rather moot?

Requires: qemu
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note that "qemu" is a really awkward dependency - it pulls in tons of emulators, spice-server, GTK, vte291 etc. -- all stuff that you really don't want on servers. qemu-system-x86-core or qemu-kvm-core exist everywhere and aren't so heavyweight.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We do not use emulation, AFAICT we call qemu-system-x86_64 on x86_64 and qemu-system-aarch64 on aarch64.
Then we also need qemu-img to resize the disk so whatever proves what we need should be fine.

$ rpm -q --whatprovides /usr/bin/qemu-img 
qemu-img-8.2.8-2.fc40.x86_64
$ rpm -q --whatprovides /usr/bin/qemu-system-x86_64
qemu-system-x86-core-8.2.8-2.fc40.x86_64
$ rpm -q --whatprovides /usr/bin/qemu-system-aarch64 
qemu-system-aarch64-core-8.2.8-2.fc40.x86_64

%else
Requires: qemu-kvm
%endif
Requires: virtiofsd
ExclusiveArch: x86_64 aarch64

Expand Down
24 changes: 24 additions & 0 deletions test/tmt/setup.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
#!/usr/bin/env bash

set -exo pipefail

uname -r

loginctl enable-linger "$ROOTLESS_USER"

rm -rf /home/$ROOTLESS_USER/.local/share/containers

rpm -q \
aardvark-dns \
buildah \
conmon \
container-selinux \
containers-common \
crun \
netavark \
passt \
podman \
podman-tests \
skopeo \
slirp4netns \
systemd
46 changes: 46 additions & 0 deletions test/tmt/system.fmf
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
require:
- bats
- podman-remote
- podman-tests
- slirp4netns

environment:
PODMAN: /usr/bin/podman
PODMAN_TESTING: /usr/bin/podman-testing
QUADLET: /usr/libexec/podman/quadlet
ROOTLESS_USER: "fedora"
adjust+:
- when: distro == centos-stream
environment+:
ROOTLESS_USER: "ec2-user"
- when: distro == rhel
environment+:
ROOTLESS_USER: "cloud-user"

/local/root:
tag: [ downstream, upstream, local, root ]
summary: local rootful test
test: bash ./system.sh
duration: 60m

/local/rootless:
tag: [ downstream, upstream, local, rootless ]
summary: rootless test
test: bash ./system.sh rootless
duration: 60m

/remote/root:
tag: [ downstream, upstream, remote, root ]
summary: remote rootful test
test: bash ./system.sh
duration: 60m
environment+:
PODMAN: /usr/bin/podman-remote

/remote/rootless:
tag: [ downstream, upstream, remote, rootless ]
summary: remote rootless test
test: bash ./system.sh rootless
duration: 60m
environment+:
PODMAN: /usr/bin/podman-remote
14 changes: 14 additions & 0 deletions test/tmt/system.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
#!/usr/bin/env bash

set -exo pipefail

. setup.sh

export test_cmd="whoami && cd /usr/share/podman/test/system && bats ."

if [[ -z $1 ]]; then
eval $test_cmd
elif [[ $1 == "rootless" ]]; then
su --whitelist-environment=$(cat ./tmt-envvars | tr '\n' ',') - "$ROOTLESS_USER" -c "eval $test_cmd"
fi
exit 0
20 changes: 20 additions & 0 deletions test/tmt/tmt-envvars
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
TMT_TREE
TMT_PLAN_DATA
TMT_VERSION
TMT_TEST_NAME
TMT_TEST_DATA
TMT_TEST_SERIAL_NUMBER
TMT_TEST_ITERATION_ID
TMT_TEST_METADATA
TMT_SOURCE_DIR
TMT_REBOOT_COUNT
TMT_TEST_RESTART_COUNT
TMT_TOPOLOGY_BASH
TMT_TOPOLOGY_YAML
TMT_TEST_PIDFILE
TMT_TEST_PIDFILE_LOCK
TMT_TEST_PIDFILE_ROOT
PODMAN
PODMAN_TESTING
QUADLET
ROOTLESS_USER
13 changes: 13 additions & 0 deletions test/tmt/tmt.fmf
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
enabled: false
adjust:
enabled: true
when: distro == centos-strema-9
summary: Make sure that TMT container provision works
tag: [downstream]
require:
- tmt+provision-container
test:
tmt run --verbose --remove
provision --how container --image fedora
login --command 'cat /etc/os-release'
finish
23 changes: 23 additions & 0 deletions test/tmt/toolbox.fmf
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# TODO: Maintain this in the toolbox project
# For podman, this only needs to run on downstream tests

enabled: false
adjust:
enabled: true
when: initiator != packit && distro == fedora

require:
- toolbox-tests

environment:
ROOTLESS_USER: "fedora"
adjust+:
environment+:
ROOTLESS_USER: "ec2-user"
when: distro == centos-stream

/rootless:
tag: [ downstream ]
summary: rootless test
test: bash ./toolbox.sh
duration: 60m
9 changes: 9 additions & 0 deletions test/tmt/toolbox.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
#!/usr/bin/env bash

set -exo pipefail

. setup.sh

rpm -q containers-common-extra podman toolbox

su --whitelist-environment=$(cat ./tmt-envvars | tr '\n' ',') - "$ROOTLESS_USER" -c "whoami && cd /usr/share/toolbox/test/system && bats ."
Loading