-
Notifications
You must be signed in to change notification settings - Fork 7
/
.cirrus.yml
192 lines (172 loc) · 6.41 KB
/
.cirrus.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
---
# Main collection of env. vars to set for all tasks and scripts.
env:
####
#### Cache-image names to test with (double-quotes around names are critical)
####
FEDORA_NAME: "fedora-40"
FEDORA_AARCH64_NAME: "${FEDORA_NAME}-aarch64"
# Image identifiers
IMAGE_SUFFIX: "c20241205t124648z-f41f40d13"
# EC2 images
FEDORA_AMI: "fedora-aws-${IMAGE_SUFFIX}"
FEDORA_AARCH64_AMI: "fedora-podman-aws-arm64-${IMAGE_SUFFIX}"
WINDOWS_AMI: "win-server-wsl-${IMAGE_SUFFIX}"
# Container
FEDORA_CONTAINER_FQIN: "quay.io/libpod/fedora_podman:${IMAGE_SUFFIX}"
# directory where the images will be placed
OUTDIR: "outdir"
CIRRUS_WORKING_DIR: /var/tmp/podman-machine-os
# Vars used for the macos and windows testing
MACHINE_IMAGE_BASE_URL: "https://api.cirrus-ci.com/v1/artifact/build/${CIRRUS_BUILD_ID}/image_build/image/"
# podman version used by windows/macos verify suite
PODMAN_INSTALL_VERSION: 5.3.1
gcp_credentials: ENCRYPTED[b06ef3490b73469d9da1402568d6f3e46a852955a4ab0807689d50352ecf2852cb5903e8d3b7603eaab9d1c7c7d851a5]
aws_credentials: ENCRYPTED[b01991b35fe3f81eed974cf47b5541ed518eacfee4e430e9fb50fba31090f557ea86b0b79b5f5b4a712218206e0f3f58]
# Default timeout
timeout_in: 30m
image_build_task:
name: "Image Build ${ARCH}"
alias: "image_build"
ec2_instance:
image: "${VM_IMAGE}"
type: "${EC2_INST_TYPE}"
region: us-east-1
architecture: "${GO_ARCH}"
env:
HOME: /root
matrix:
- env:
ARCH: "x86_64"
GO_ARCH: "amd64"
VM_IMAGE: "${FEDORA_AMI}"
EC2_INST_TYPE: "m5zn.metal" # Bare-metal instance is required
- env:
ARCH: "aarch64"
GO_ARCH: "arm64"
VM_IMAGE: "${FEDORA_AARCH64_AMI}"
EC2_INST_TYPE: "c6g.metal" # Bare-metal instance is required
setup_script: ./contrib/cirrus/setup.sh
build_script: ./build.sh
verify_script: ./contrib/cirrus/verify.sh
image_prep_script: |
mv $OUTDIR/*.zst .
mv $OUTDIR/podman-machine podman-machine.${ARCH}.tar
image_artifacts: &image_artifacts
path: "*.{zst,tar}"
type: application/octet-stream
verify_windows_task:
name: "Verify hyperv"
alias: "verify_windows"
depends_on:
- image_build
ec2_instance: &windows
image: "${WINDOWS_AMI}"
type: m5zn.metal
region: us-east-1
platform: windows
env:
ARCH: "x86_64"
CIRRUS_WORKING_DIR: "${LOCALAPPDATA}\\cirrus-ci-build"
CIRRUS_SHELL: powershell
PATH: "${PATH};C:\\Program Files\\RedHat\\Podman"
MACHINE_IMAGE: "podman-machine.${ARCH}.hyperv.vhdx.zst"
setup_script: .\contrib\cirrus\windows_setup.ps1
main_script: |
$Env:CONTAINERS_MACHINE_PROVIDER = "hyperv"
$Env:MACHINE_IMAGE_PATH="..\${ENV:MACHINE_IMAGE}"
.\bin\ginkgo -v .\verify
if ( ($LASTEXITCODE -ne $null) -and ($LASTEXITCODE -ne 0) ) {
throw "Exit code = '$LASTEXITCODE' running ginkgo"
}
verify_macos_task:
name: "Verify $CONTAINERS_MACHINE_PROVIDER"
alias: "verify_macos"
depends_on:
- image_build
persistent_worker: &mac_pw
labels:
os: darwin
arch: arm64
purpose: prod
env: &mac_env
ARCH: "aarch64"
CIRRUS_SHELL: "/bin/bash" # sh is the default
CIRRUS_WORKING_DIR: "$HOME/ci/task-${CIRRUS_TASK_ID}" # Isolation: $HOME will be set to "ci" dir.
# Prevent cache-pollution fron one task to the next.
GOPATH: "$CIRRUS_WORKING_DIR/.go"
GOCACHE: "$CIRRUS_WORKING_DIR/.go/cache"
GOENV: "$CIRRUS_WORKING_DIR/.go/support"
GOSRC: "$HOME/ci/task-${CIRRUS_TASK_ID}"
MACHINE_IMAGE: "podman-machine.${ARCH}.applehv.raw.zst"
matrix:
- env:
CONTAINERS_MACHINE_PROVIDER: applehv
- env:
CONTAINERS_MACHINE_PROVIDER: libkrun
prep_script: &mac_cleanup "contrib/cirrus/mac_cleanup.sh"
setup_script: |
curl --retry 5 --retry-delay 8 --fail --location -O --url "${MACHINE_IMAGE_BASE_URL}${MACHINE_IMAGE}"
git clone --depth 1 --branch v${PODMAN_INSTALL_VERSION} https://github.com/containers/podman.git
make -C podman podman-remote
./podman/bin/darwin/podman --version
mkdir bin
cd verify
go build -o ../bin/ginkgo ./vendor/github.com/onsi/ginkgo/v2/ginkgo
main_script: |
export MACHINE_IMAGE_PATH="../${MACHINE_IMAGE}"
export PODMAN_BINARY=../podman/bin/darwin/podman
source ./podman-rpm-info-vars.sh
./bin/ginkgo -v ./verify
# This host is/was shared with potentially many other CI tasks.
# Ensure nothing is left running while waiting for the next task.
always:
task_cleanup_script: *mac_cleanup
image_push_task:
name: "Image Push"
alias: "image_push"
# Make sure that there are not two push running at the same time.
execution_lock: $CIRRUS_BRANCH
# Less likely the task is canceled.
stateful: true
# Only push new images when not run on a PR.
only_if: $CIRRUS_PR == ""
depends_on:
- verify_windows
- verify_macos
- image_build
ec2_instance:
image: "${VM_IMAGE}"
type: "${EC2_INST_TYPE}"
region: us-east-1
env:
HOME: /root
VM_IMAGE: "${FEDORA_AMI}"
EC2_INST_TYPE: "m5.large"
QUAY_USER: ENCRYPTED[53d23fbd39a3b8b0daf015edac296b56964da0b523767f79d3a8131a4871523b90c5a7554c91172c1ca0066e492853e3]
QUAY_PASSWORD: ENCRYPTED[3cfabb0f7fa6a36dc6af433f5a0291d87b38402c922b662e9647931a635f20ca33401aa91b29745b7af252538406a292]
main_script: |
mkdir $OUTDIR
for end in applehv.raw.zst hyperv.vhdx.zst qemu.qcow2.zst tar; do
for arch in x86_64 aarch64; do
name="podman-machine.$arch.$end"
curl --retry 5 --retry-delay 8 --fail --location -O --output-dir $OUTDIR --url "${MACHINE_IMAGE_BASE_URL}$name"
done
done
source ./gather.sh
podman images
podman login -u "$QUAY_USER" --password-stdin quay.io <<<"$QUAY_PASSWORD"
time podman manifest push --all "$FULL_IMAGE_NAME"
test_task:
name: "Total Success"
alias: success
depends_on:
- image_build
- image_push
- verify_windows
- verify_macos
container:
image: "${FEDORA_CONTAINER_FQIN}"
cpu: 1
memory: 1
noop_script: true