diff --git a/.cirrus.yml b/.cirrus.yml deleted file mode 100644 index 979328493..000000000 --- a/.cirrus.yml +++ /dev/null @@ -1,99 +0,0 @@ ---- - -# Main collection of env. vars to set for all tasks and scripts. -env: - #### - #### Global variables used for all tasks - #### - # Overrides default location (/tmp/cirrus) for repo clone - GOPATH: &gopath "/var/tmp/go" - GOBIN: "${GOPATH}/bin" - GOCACHE: "${GOPATH}/cache" - GOSRC: &gosrc "${GOPATH}/src/github.com/containers/common" - CIRRUS_WORKING_DIR: *gosrc - # The default is 'sh' if unspecified - CIRRUS_SHELL: "/bin/bash" - - #### - #### image names to test with (double-quotes around names are critical) - #### - FEDORA_NAME: "fedora-42" - IMAGE_SUFFIX: "c20250422t130822z-f42f41d13" - FEDORA_CACHE_IMAGE_NAME: "fedora-${IMAGE_SUFFIX}" - FEDORA_CONTAINER_FQIN: "quay.io/libpod/fedora_podman:${IMAGE_SUFFIX}" - - -# Default, hard-coded max timeout is 2-hours. -timeout_in: 60m # no need to wait 2-hours before timing out - -gcp_credentials: ENCRYPTED[dd6a042d1805167e38d8b79494f691b86637e68f072eba24220901435afd8d71c63f9006803142447326319102f68b7f] - -# Default VM for tasks, unless otherwise specified -gce_instance: - image_project: libpod-218412 - zone: "us-central1-a" - cpu: 8 - memory: "16Gb" - # Required to be 200gig, do not modify - has i/o performance impact - # according to gcloud CLI tool warning messages. - disk: 200 - image_name: "${FEDORA_CACHE_IMAGE_NAME}" # from stdenvars - - -testing_task: - alias: testing - name: "Testing on $FEDORA_NAME" - env: - NETAVARK_BINARY: "/usr/libexec/podman/netavark" - test_script: - - export PATH="$PATH:$GOPATH/bin" - - gpg --batch --passphrase '' --quick-gen-key tester@localhost default default never - - make vendor - - hack/tree_status.sh - - make build - - make build-cross - - make test - - -# This task is critical. It updates the "last-used by" timestamp stored -# in metadata for all VM images. This mechanism functions in tandem with -# an out-of-band pruning operation to remove disused VM images. -meta_task: - name: "VM img. keepalive" - alias: meta - container: - cpu: 2 - memory: 2 - image: quay.io/libpod/imgts:latest - env: - # Space-separated list of images used by this repository state - IMGNAMES: >- - ${FEDORA_CACHE_IMAGE_NAME} - BUILDID: "${CIRRUS_BUILD_ID}" - REPOREF: "${CIRRUS_REPO_NAME}" - GCPJSON: ENCRYPTED[0543d694d609dc873cabc00eca59269497918419351b692f4b587db8ac2c0a1b29692a9a03a22aa3af45398d3da6c045] - GCPNAME: ENCRYPTED[772577bdd866247038baf5ae5c43a4189401a4860fa8d8959f1eb01f835756af882ec7c5e5a8f0a8af4075ec8a2f56f9] - GCPPROJECT: libpod-218412 - clone_script: &noop mkdir -p "$CIRRUS_WORKING_DIR" - script: /usr/local/bin/entrypoint.sh - - - -# Status aggregator for all tests. This task simply ensures a defined -# set of tasks all passed, and allows confirming that based on the status -# of this task. -success_task: - # N/B: The prow merge-bot (tide) is sensitized to this exact name, DO NOT CHANGE IT. - # Ref: https://github.com/openshift/release/pull/49820 - name: "Total Success" - alias: success - - depends_on: - - "testing" - - "meta" - - container: - image: "${FEDORA_CONTAINER_FQIN}" - - clone_script: *noop - script: *noop diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 000000000..646de9413 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,132 @@ +name: test + +# Mirrors the PR-blocking tasks from the old .cirrus.yml + +on: + push: + branches: + - main + pull_request: + branches: + - main + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +permissions: read-all + +env: + LINT_VERSION: v2.4.0 + +jobs: + codespell: + runs-on: ubuntu-24.04 + steps: + - uses: actions/checkout@v5 + - name: install deps + # Version of codespell bundled with Ubuntu is way old, so use pip. + run: pip install --break-system-packages codespell==v2.3.0 + - name: run codespell + run: codespell --dictionary=- + + lint: + runs-on: ubuntu-24.04 + steps: + - uses: actions/checkout@v5 + with: + fetch-depth: 2 + - uses: actions/setup-go@v5 + with: + go-version: 1.25.x + - name: install deps + run: | + sudo apt-get -qq update + sudo apt-get -qq install libseccomp-dev + - name: lint + uses: golangci/golangci-lint-action@v8 + with: + version: "${{ env.LINT_VERSION }}" + args: --verbose + # Extra linters, only checking new code from a pull request. + - name: lint-extra + uses: golangci/golangci-lint-action@v8 + with: + args: --config=.golangci-extra.yml + version: "${{ env.LINT_VERSION }}" + only-new-issues: true + - name: validate seccomp + run: ./tools/validate_seccomp.sh ./pkg/seccomp + + vendor: + runs-on: ubuntu-24.04 + steps: + - uses: actions/checkout@v5 + - uses: actions/setup-go@v5 + with: + go-version: 1.25.x + - name: install deps + run: | + sudo apt-get -qq update + sudo apt-get -qq install libseccomp-dev + - name: check vendor + run: | + make vendor + hack/tree_status.sh + + build: + runs-on: ubuntu-24.04 + needs: vendor + steps: + - uses: actions/checkout@v5 + - uses: actions/setup-go@v5 + with: + go-version: 1.25.x + - name: install deps + run: | + sudo apt-get -qq update + sudo apt-get -qq install libseccomp-dev + - name: build + run: make build + + cross: + runs-on: ubuntu-24.04 + needs: vendor + steps: + - uses: actions/checkout@v5 + - uses: actions/setup-go@v5 + with: + go-version: 1.25.x + - name: install deps + run: | + sudo apt-get -qq update + sudo apt-get -qq install libseccomp-dev + - name: build-cross + run: make build-cross + + unit-test: + runs-on: ubuntu-24.04 + needs: build + steps: + - uses: actions/checkout@v5 + - uses: actions/setup-go@v5 + with: + go-version: 1.25.x + - name: install deps + run: | + sudo apt-get -qq update + sudo apt-get -qq install libseccomp-dev netavark + - name: generate GPG key + run: gpg --batch --passphrase '' --quick-gen-key tester@localhost default default never + - name: test + env: + NETAVARK_BINARY: /usr/libexec/podman/netavark + run: make test + + success: + name: Total Success + needs: [codespell, lint, vendor, build, cross, unit-test] + runs-on: ubuntu-24.04 + steps: + - name: success + run: echo "All CI jobs passed" diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml deleted file mode 100644 index c14bb0b89..000000000 --- a/.github/workflows/validate.yml +++ /dev/null @@ -1,53 +0,0 @@ -name: validate - -on: - push: - branches: - - main - pull_request: - branches: - - main - -permissions: read-all - -env: - LINT_VERSION: v2.4.0 - -jobs: - codespell: - runs-on: ubuntu-24.04 - steps: - - uses: actions/checkout@v5 - - name: install deps - # Version of codespell bundled with Ubuntu is way old, so use pip. - run: pip install --break-system-packages codespell==v2.3.0 - - name: run codespell - run: codespell --dictionary=- - lint: - runs-on: ubuntu-24.04 - steps: - - uses: actions/checkout@v5 - with: - fetch-depth: 2 - - uses: actions/setup-go@v5 - with: - go-version: 1.25.x - - name: install deps - run: | - sudo apt-get -qq update - sudo apt-get -qq install libseccomp-dev - - name: lint - uses: golangci/golangci-lint-action@v8 - with: - version: "${{ env.LINT_VERSION }}" - args: --verbose - # Extra linters, only checking new code from a pull request. - - name: lint-extra - uses: golangci/golangci-lint-action@v8 - with: - args: --config=.golangci-extra.yml - version: "${{ env.LINT_VERSION }}" - only-new-issues: true - - - name: validate seccomp - run: ./tools/validate_seccomp.sh ./pkg/seccomp