CI: use local registry #5584
CI: use local registry #5584
Conversation
|
Ephemeral COPR build failed. @containers/packit-build please check. |
edsantiago
force-pushed
the
ci-vms-with-local-registry
branch
from
78d2d8d to
206e178
Compare
| @@ -4577,9 +4577,11 @@ EOM | |||
| } | |||
|
|
|||
| @test "bud copy chown with newuser" { | |||
| _prefetch quay.io/fedora/fedora | |||
| _prefetch $SAFEIMAGE | |||
There was a problem hiding this comment.
Eliminate unused image
| skip_if_no_runtime | ||
| skip_if_in_container | ||
| _prefetch alpine debian | ||
| _prefetch alpine ubuntu |
There was a problem hiding this comment.
eliminate unused image (for all purposes here, the ubuntu image works the same as debian)
| @@ -29,35 +29,6 @@ fromreftest() { | |||
| rm -fr ${pushdir} | |||
| } | |||
|
|
|||
| @test "from-by-digest-s1" { | |||
There was a problem hiding this comment.
Welp. Docker registry image no longer supports v1 schema. Code has been excised. There is no way to push a v2s1 image to this registry. Is it OK to just remove all this v1 testing?
| # FIXME FIXME FIXME: I don't see the point of these. Any reason not to delete? | ||
| # run_buildah from --quiet --pull=true $WITH_POLICY_JSON docker.io/centos:7 | ||
| # run_buildah rm $output | ||
| # run_buildah rmi docker.io/centos:7 |
There was a problem hiding this comment.
These all look like dups of the code above.
| @@ -58,7 +58,7 @@ function mkcw_check_image() { | |||
| skip "cryptsetup not found" | |||
| fi | |||
| _prefetch busybox | |||
| _prefetch bash | |||
| _prefetch $SAFEIMAGE | |||
There was a problem hiding this comment.
If there is/was anything special about bash, it was not obvious from comments, so it gets nuked
There was a problem hiding this comment.
The bash image has three layers, compared to, say busybox, which has one. The test attempts to confirm that content from the base image and content added at conversion time both show up in the disk image that mkcw is generating.
There was a problem hiding this comment.
Thank you! $SAFEIMAGE has two layers, would that be sufficient? If not, could you suggest a three-layer image from this list? https://github.com/containers/automation_images/pull/357/files#diff-7b013edc1f5a127319d75ae1f8ae443e0bfa4d891960c27ee284bbb107ddd290R56
There was a problem hiding this comment.
One of those layers is empty, but it should be fine. The error we were attempting to avoid was causing the disk image to lose content from layers that weren't the last one (and as far as this test is concerned, for images with one layer, the only layer is also the last layer), and the presence of the second layer, empty as it is, means the image still meets the test expectations.
There was a problem hiding this comment.
Thanks. Repushed with a warning comment
openshift-merge-robot
added
the
needs-rebase
edsantiago
force-pushed
the
ci-vms-with-local-registry
branch
from
206e178 to
6880b88
Compare
openshift-merge-robot
removed
the
needs-rebase
edsantiago
force-pushed
the
ci-vms-with-local-registry
branch
3 times, most recently
from
c641c36 to
379e37b
Compare
...to minimize hiccups. RUN-2091 in Jira. Network registries are too unreliable; they cause too many flakes in CI. Here we set up a registry running on each VM, prepopulated with all container images used in podman and buildah tests. Related PRs: containers/podman#22726 containers/buildah#5584 Once those merge, podman and buildah CI tests will fetch images from this local registry. Signed-off-by: Ed Santiago <[email protected]>
...to minimize hiccups. RUN-2091 in Jira. Network registries are too unreliable; they cause too many flakes in CI. Here we set up a registry running on each VM, prepopulated with all container images used in podman and buildah tests. Related PRs: containers/podman#22726 containers/buildah#5584 Once those merge, podman and buildah CI tests will fetch images from this local registry. Signed-off-by: Ed Santiago <[email protected]>
edsantiago
force-pushed
the
ci-vms-with-local-registry
branch
from
379e37b to
9021f5e
Compare
...to minimize hiccups. RUN-2091 in Jira. Network registries are too unreliable; they cause too many flakes in CI. Here we set up a registry running on each VM, prepopulated with all container images used in podman and buildah tests. Related PRs: containers/podman#22726 containers/buildah#5584 Once those merge, podman and buildah CI tests will fetch images from this local registry. Signed-off-by: Ed Santiago <[email protected]>
edsantiago
force-pushed
the
ci-vms-with-local-registry
branch
2 times, most recently
from
bd2573a to
177edd7
Compare
...to minimize hiccups. RUN-2091 in Jira. Network registries are too unreliable; they cause too many flakes in CI. Here we set up a registry running on each VM, prepopulated with all container images used in podman and buildah tests. Related PRs: containers/podman#22726 containers/buildah#5584 Once those merge, podman and buildah CI tests will fetch images from this local registry. Signed-off-by: Ed Santiago <[email protected]>
|
Two flakes, both in what looks like network pulls (dnf, image pull from k8s.io). The k8s.io one is probably a good candidate for future caching. |
edsantiago
force-pushed
the
ci-vms-with-local-registry
branch
2 times, most recently
from
3551994 to
379d816
Compare
|
Podman PR has merged. I'm considering this ready. @containers/buildah-maintainers PTAL. |
edsantiago
force-pushed
the
ci-vms-with-local-registry
branch
from
379d816 to
e8ab724
Compare
edsantiago
force-pushed
the
ci-vms-with-local-registry
branch
from
e8ab724 to
f28b5d1
Compare
As of containers/automation_images#357 our CI VMs include a local registry preloaded with all(*) images used in tests. * where "all" means "most". This commit defines a new registries-cached.conf, used in tests, that redirects docker and quay to the new local registry. The hope is that this will reduce CI flakes. Since tests change over time, and new tests may require new images, this commit also adds a mechanism for pulling in remote images at test run time. Obviously this negates the purpose of the cache, since it introduces a flake pain point. The idea is: DO NOT DO THIS UNLESS ABSOLUTELY NECESSARY, and then, if we have to do this, hurry up and spin new CI VMs that include the new image(s). Signed-off-by: Ed Santiago <[email protected]>
edsantiago
force-pushed
the
ci-vms-with-local-registry
branch
2 times, most recently
from
b6eeba6 to
d9260e2
Compare
Make tests pass when using a local cache registry (as triggered by $CI_USE_REGISTRY_CACHE being non-empty). Mostly just change images: consolidate to a smaller set, like, replace the few instances of debian with ubuntu, use $SAFEIMAGE where we can. The most significant change was with some s1 (schema 1?) images. Those exist on quay, but cannot be mirrored locally: the local registry forbids schema 1 images. I choose to skip these tests when running against a local registry. Second most significant change is running containerized tests with --net=host. We need this to access the registry running on a localhost port. (One alternative would be to bind the registry on all interfaces, cringe, then perform sed magic on the registries-cache.conf file changing 127.0.0.1 to host.containers.internal, more cringe). Also, some cleanup. Signed-off-by: Ed Santiago <[email protected]>
edsantiago
force-pushed
the
ci-vms-with-local-registry
branch
from
d9260e2 to
3ad0fd1
Compare
|
ping, this code has been working well in podman. I'd like to get this merged so I can get working on the required treadmill changes (for vendoring into podman). |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: edsantiago, flouthoc, giuseppe, rhatdan The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/lgtm |
openshift-merge-bot
bot
merged commit 16bd9a3
into
containers:main
CI VMs now include a local registry prepopulated with all
container images needed by tests.
Signed-off-by: Ed Santiago [email protected]