From 56fad25776a652e143175a22676a1f909476c880 Mon Sep 17 00:00:00 2001 From: bb-cat Date: Wed, 2 Mar 2022 14:57:16 +0800 Subject: [PATCH 08/16] ci: add Fedora Rawhide based test on Cirrus We have ability to use nested virtualization on Cirrus, and already have "Vagrant Fedora based test (no VDSO)" test, let's do analogical for Fedora Rawhide to get fresh kernel. Suggested-by: Adrian Reber Signed-off-by: Alexander Mikhalitsyn --- .cirrus.yml | 21 +++++++++++++++++++++ scripts/ci/Makefile | 7 +++++-- scripts/ci/run-ci-tests.sh | 5 +++++ scripts/ci/vagrant.sh | 21 +++++++++++++++++++++ 4 files changed, 52 insertions(+), 2 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index 671178d..9716e58 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -19,6 +19,27 @@ task: build_script: | make -C scripts/ci vagrant-fedora-no-vdso +task: + name: Vagrant Fedora Rawhide based test + environment: + HOME: "/root" + CIRRUS_WORKING_DIR: "/tmp/criu" + + compute_engine_instance: + image_project: cirrus-images + image: family/docker-kvm + platform: linux + cpu: 4 + memory: 16G + nested_virtualization: true + + setup_script: | + scripts/ci/apt-install make gcc pkg-config git perl-modules iproute2 kmod wget cpu-checker + sudo kvm-ok + ln -sf /usr/include/google/protobuf/descriptor.proto images/google/protobuf/descriptor.proto + build_script: | + make -C scripts/ci vagrant-fedora-rawhide + task: name: CentOS 8 based test environment: diff --git a/scripts/ci/Makefile b/scripts/ci/Makefile index 02b4d87..9c9264d 100644 --- a/scripts/ci/Makefile +++ b/scripts/ci/Makefile @@ -41,7 +41,7 @@ export CONTAINER_TERMINAL ifeq ($(UNAME),x86_64) # On anything besides x86_64 Travis is running unprivileged LXD # containers which do not support running docker with '--privileged'. - CONTAINER_OPTS := --rm $(CONTAINER_TERMINAL) --privileged -v /lib/modules:/lib/modules --tmpfs /run + CONTAINER_OPTS := --rm $(CONTAINER_TERMINAL) --privileged --userns=host --cgroupns=host -v /lib/modules:/lib/modules --tmpfs /run else CONTAINER_OPTS := --rm -v /lib/modules:/lib/modules --tmpfs /run endif @@ -92,7 +92,10 @@ setup-vagrant: vagrant-fedora-no-vdso: setup-vagrant ./vagrant.sh fedora-no-vdso -.PHONY: setup-vagrant vagrant-fedora-no-vdso +vagrant-fedora-rawhide: setup-vagrant + ./vagrant.sh fedora-rawhide + +.PHONY: setup-vagrant vagrant-fedora-no-vdso vagrant-fedora-rawhide %: $(MAKE) -C ../build $@$(target-suffix) diff --git a/scripts/ci/run-ci-tests.sh b/scripts/ci/run-ci-tests.sh index 7c66e68..95b4ec7 100755 --- a/scripts/ci/run-ci-tests.sh +++ b/scripts/ci/run-ci-tests.sh @@ -194,6 +194,11 @@ if [ "${STREAM_TEST}" = "1" ]; then exit 0 fi +# print some useful debug info +cat /proc/self/status +ls -la /proc/self/ns +cat /proc/self/cgroup + # shellcheck disable=SC2086 ./test/zdtm.py run -a -p 2 --keep-going $ZDTM_OPTS diff --git a/scripts/ci/vagrant.sh b/scripts/ci/vagrant.sh index 839b100..f961b8d 100755 --- a/scripts/ci/vagrant.sh +++ b/scripts/ci/vagrant.sh @@ -58,4 +58,25 @@ fedora-no-vdso() { ssh default 'cd /vagrant/criu/test; sudo ./zdtm.py run -t zdtm/transition/pidfd_store_sk --rpc --pre 2' } +fedora-rawhide() { + #ssh default sudo grubby --update-kernel ALL --args="selinux=0 systemd.unified_cgroup_hierarchy=0" + ssh default sudo grubby --update-kernel ALL + # + # Workaround the problem: + # error running container: error from /usr/bin/crun creating container for [...]: sd-bus call: Transport endpoint is not connected + # Let's just use runc instead of crun + # see also https://github.com/kata-containers/tests/issues/4283 + # + ssh default 'sudo dnf remove -y crun || true' + ssh default sudo dnf install -y podman runc + vagrant reload + #ssh default sudo setenforce 0 + ssh default cat /proc/cmdline + ssh default ls -la /proc/self/ns + ssh default sudo cat /proc/self/status + ssh default sudo cat /proc/self/cgroup + #ssh default sudo capsh --print + ssh default 'cd /vagrant; tar xf criu.tar; cd criu; sudo -E make -C scripts/ci fedora-rawhide CONTAINER_RUNTIME=podman BUILD_OPTIONS="--security-opt seccomp=unconfined"' +} + $1 -- 2.30.0