opencontainers/runc
1
0
Fork 0
mirror of https://github.com/opencontainers/runc.git synced 2025-04-18 19:44:09 +03:00
Code
runc/.cirrus.yml
Kir Kolyshkin d31e6b87ca ci: bump bats to v0.11.0 
This is the version available from Fedora 41.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2025-03-13 10:26:11 -07:00

115 lines
4.1 KiB
YAML
Raw Permalink Blame History

---
# We use Cirrus for RHEL clones because Cirrus can directly run them
# without depending on nested virtualization.
# NOTE Cirrus execution environments lack a terminal, needed for
# some integration tests. So we use `ssh -tt` command to fake a terminal.
task:
timeout_in: 30m
env:
HOME: /root
CIRRUS_WORKING_DIR: /home/runc
GO_VER_PREFIX: "1.24."
BATS_VERSION: "v1.11.0"
RPMS: gcc git-core iptables jq glibc-static libseccomp-devel make criu fuse-sshfs container-selinux
# yamllint disable rule:key-duplicates
matrix:
DISTRO: almalinux-8
DISTRO: almalinux-9
name: ci / $DISTRO
compute_engine_instance:
image_project: almalinux-cloud
image: family/$DISTRO
platform: linux
cpu: 4
memory: 8G
install_dependencies_script: |
case $DISTRO in
*-8)
yum config-manager --set-enabled powertools # for glibc-static
;;
*-9)
dnf config-manager --set-enabled crb # for glibc-static
dnf -y install epel-release # for fuse-sshfs
# Delegate all cgroup v2 controllers to rootless user via --systemd-cgroup.
# The default (since systemd v252) is "pids memory cpu".
mkdir -p /etc/systemd/system/user@.service.d
printf "[Service]\nDelegate=yes\n" > /etc/systemd/system/user@.service.d/delegate.conf
systemctl daemon-reload
;;
esac
# Work around dnf mirror failures by retrying a few times.
for i in $(seq 0 2); do
sleep $i
yum install -y --setopt=install_weak_deps=False --setopt=tsflags=nodocs $RPMS && break
done
[ $? -eq 0 ] # fail if yum failed
# Install Go.
URL_PREFIX="https://go.dev/dl/"
# Find out the latest minor release URL.
filename=$(curl -fsSL "${URL_PREFIX}?mode=json&include=all" | jq -r --arg Ver "go$GO_VER_PREFIX" '. | map(select(.version | contains($Ver))) | first | .files[] | select(.os == "linux" and .arch == "amd64" and .kind == "archive") | .filename')
curl -fsSL "$URL_PREFIX$filename" | tar Cxz /usr/local
# install bats
cd /tmp
git clone https://github.com/bats-core/bats-core
cd bats-core
git checkout $BATS_VERSION
./install.sh /usr/local
cd -
# Add a user for rootless tests
useradd -u2000 -m -d/home/rootless -s/bin/bash rootless
# Allow root and rootless itself to execute `ssh rootless@localhost` in tests/rootless.sh
ssh-keygen -t ecdsa -N "" -f /root/rootless.key
mkdir -m 0700 -p /home/rootless/.ssh
cp /root/rootless.key /home/rootless/.ssh/id_ecdsa
cat /root/rootless.key.pub >> /home/rootless/.ssh/authorized_keys
chown -R rootless.rootless /home/rootless
# set PATH
echo 'export PATH=/usr/local/go/bin:/usr/local/bin:$PATH' >> /root/.bashrc
# Setup ssh localhost for terminal emulation (script -e did not work)
ssh-keygen -t ed25519 -f /root/.ssh/id_ed25519 -N ""
cat /root/.ssh/id_ed25519.pub >> /root/.ssh/authorized_keys
chmod 400 /root/.ssh/authorized_keys
ssh-keyscan localhost >> /root/.ssh/known_hosts
echo -e "Host localhost\n\tStrictHostKeyChecking no\t\nIdentityFile /root/.ssh/id_ed25519\n" >> /root/.ssh/config
sed -e "s,PermitRootLogin.*,PermitRootLogin prohibit-password,g" -i /etc/ssh/sshd_config
systemctl restart sshd
host_info_script: |
uname -a
# -----
/usr/local/go/bin/go version
# -----
systemctl --version
# -----
cat /etc/os-release
# -----
df -T
# -----
sestatus
# -----
cat /proc/cpuinfo
check_config_script: |
/home/runc/script/check-config.sh
unit_tests_script: |
ssh -tt localhost "make -C /home/runc localunittest"
integration_systemd_script: |
ssh -tt localhost "make -C /home/runc localintegration RUNC_USE_SYSTEMD=yes"
integration_fs_script: |
ssh -tt localhost "make -C /home/runc localintegration"
integration_systemd_rootless_script: |
case $DISTRO in
*-8)
echo "SKIP: integration_systemd_rootless_script requires cgroup v2"
;;
*)
ssh -tt localhost "make -C /home/runc localrootlessintegration RUNC_USE_SYSTEMD=yes"
esac
integration_fs_rootless_script: |
ssh -tt localhost "make -C /home/runc localrootlessintegration"
View Git Blame Copy Permalink