From bc339a17f4c729dbb67e3758d2bdd08dc5905984 Mon Sep 17 00:00:00 2001 From: Rich Megginson Date: Tue, 3 Jun 2025 13:30:06 -0600 Subject: [PATCH] ci: Add support for bootc end-to-end validation tests NOTE: This also requires upgrading to tox-lsr 3.10.0, and some hacks to workaround a podman issue in ubuntu. These tests run the role during a bootc container image build, deploy the container into a QEMU VM, boot that, and validate the expected configuration there. They run in two different tox environments, and thus have to be run in two steps (preparation in buildah, validation in QEMU). The preparation is expected to output a qcow2 image in `tests/tmp/TESTNAME/qcow2/disk.qcow2`, i.e. the output structure of . There are two possibilities: * Have separate bootc end-to-end tests. These are tagged with `tests::bootc-e2` and are skipped in the normal qemu-* scenarios. They run as part of the container-* ones. * Modify an existing test: These need to build a qcow2 image exactly *once* (via calling `bootc-buildah-qcow.sh`) and skip setup/cleanup and role invocations in validation mode, i.e. when `__bootc_validation` is true. In the container scenario, run the QEMU validation as a separate step in the workflow. See https://issues.redhat.com/browse/RHEL-88396 Signed-off-by: Rich Megginson --- .codespell_ignores | 1 + .github/workflows/ansible-lint.yml | 2 +- .../workflows/ansible-managed-var-comment.yml | 2 +- .github/workflows/ansible-test.yml | 2 +- .github/workflows/python-unit-test.yml | 2 +- .../workflows/qemu-kvm-integration-tests.yml | 48 ++++++++++++++++++- README.md | 2 +- contributing.md | 48 +++++++++++++++++++ 8 files changed, 100 insertions(+), 7 deletions(-) diff --git a/.codespell_ignores b/.codespell_ignores index 26f3b3d..bc53f84 100644 --- a/.codespell_ignores +++ b/.codespell_ignores @@ -1 +1,2 @@ iif +passt diff --git a/.github/workflows/ansible-lint.yml b/.github/workflows/ansible-lint.yml index 30e742d..9ada1d0 100644 --- a/.github/workflows/ansible-lint.yml +++ b/.github/workflows/ansible-lint.yml @@ -32,7 +32,7 @@ jobs: - name: Install tox, tox-lsr run: | set -euxo pipefail - pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.9.0" + pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.10.0" - name: Convert role to collection format id: collection diff --git a/.github/workflows/ansible-managed-var-comment.yml b/.github/workflows/ansible-managed-var-comment.yml index 899de6f..f38380c 100644 --- a/.github/workflows/ansible-managed-var-comment.yml +++ b/.github/workflows/ansible-managed-var-comment.yml @@ -30,7 +30,7 @@ jobs: - name: Install tox, tox-lsr run: | set -euxo pipefail - pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.9.0" + pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.10.0" - name: Run ansible-plugin-scan run: | diff --git a/.github/workflows/ansible-test.yml b/.github/workflows/ansible-test.yml index 961538c..977fc72 100644 --- a/.github/workflows/ansible-test.yml +++ b/.github/workflows/ansible-test.yml @@ -33,7 +33,7 @@ jobs: - name: Install tox, tox-lsr run: | set -euxo pipefail - pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.9.0" + pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.10.0" - name: Convert role to collection format run: | diff --git a/.github/workflows/python-unit-test.yml b/.github/workflows/python-unit-test.yml index 74a57d7..ccaf8a3 100644 --- a/.github/workflows/python-unit-test.yml +++ b/.github/workflows/python-unit-test.yml @@ -65,7 +65,7 @@ jobs: tox=tox virtualenv=virtualenv fi - pip install "$tox" "$virtualenv" "git+https://github.com/linux-system-roles/tox-lsr@3.9.0" + pip install "$tox" "$virtualenv" "git+https://github.com/linux-system-roles/tox-lsr@3.10.0" # If you have additional OS dependency packages e.g. libcairo2-dev # then put them in .github/config/ubuntu-requirements.txt, one # package per line. diff --git a/.github/workflows/qemu-kvm-integration-tests.yml b/.github/workflows/qemu-kvm-integration-tests.yml index 8d021db..4554a6c 100644 --- a/.github/workflows/qemu-kvm-integration-tests.yml +++ b/.github/workflows/qemu-kvm-integration-tests.yml @@ -105,7 +105,29 @@ jobs: python3 -m pip install --upgrade pip sudo apt update sudo apt install -y --no-install-recommends git ansible-core genisoimage qemu-system-x86 - pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.9.0" + pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.10.0" + + # HACK: Drop this when moving this workflow to 26.04 LTS + - name: Update podman to 5.x for compatibility with bootc-image-builder's podman 5 + if: steps.check_platform.outputs.supported && endsWith(matrix.scenario.image, '-bootc') + run: | + sed 's/noble/plucky/g' /etc/apt/sources.list.d/ubuntu.sources | sudo tee /etc/apt/sources.list.d/plucky.sources >/dev/null + cat </dev/null + Package: podman buildah golang-github-containers-common crun libgpgme11t64 libgpg-error0 golang-github-containers-image catatonit conmon containers-storage + Pin: release n=plucky + Pin-Priority: 991 + + Package: libsubid4 netavark passt aardvark-dns containernetworking-plugins libslirp0 slirp4netns + Pin: release n=plucky + Pin-Priority: 991 + + Package: * + Pin: release n=plucky + Pin-Priority: 400 + EOF + + sudo apt update + sudo apt install -y podman crun conmon containers-storage - name: Configure tox-lsr if: steps.check_platform.outputs.supported @@ -117,7 +139,7 @@ jobs: if: steps.check_platform.outputs.supported && startsWith(matrix.scenario.env, 'qemu') run: >- tox -e ${{ matrix.scenario.env }} -- --image-name ${{ matrix.scenario.image }} --make-batch - --log-level debug --skip-tags tests::infiniband,tests::nvme,tests::scsi + --log-level debug $TOX_ARGS --skip-tags tests::bootc-e2e --lsr-report-errors-url DEFAULT -- - name: Qemu result summary @@ -164,6 +186,28 @@ jobs: done exit $rc + - name: Run bootc validation tests in QEMU + if: steps.check_platform.outputs.supported && + startsWith(matrix.scenario.env, 'container') && + endsWith(matrix.scenario.image, '-bootc') + run: | + set -euxo pipefail + env=$(echo "${{ matrix.scenario.env }}" | sed 's/^container-/qemu-/') + + for image_file in $(ls tests/tmp/*/qcow2/disk.qcow2 2>/dev/null); do + test="tests/$(basename $(dirname $(dirname $image_file))).yml" + if tox -e "$env" -- --image-file "$(pwd)/$image_file" \ + --log-level debug $TOX_ARGS \ + --lsr-report-errors-url DEFAULT \ + -e __bootc_validation=true \ + -- "$test" >out 2>&1; then + mv out "${test}-PASS.log" + else + mv out "${test}-FAIL.log" + exit 1 + fi + done + - name: Upload test logs on failure if: failure() uses: actions/upload-artifact@v4 diff --git a/README.md b/README.md index 9f975b8..1cc54ae 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # linux-system-roles/network -[![ansible-lint.yml](https://github.com/linux-system-roles/network/actions/workflows/ansible-lint.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/ansible-lint.yml) [![ansible-test.yml](https://github.com/linux-system-roles/network/actions/workflows/ansible-test.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/ansible-test.yml) [![codeql.yml](https://github.com/linux-system-roles/network/actions/workflows/codeql.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/codeql.yml) [![codespell.yml](https://github.com/linux-system-roles/network/actions/workflows/codespell.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/codespell.yml) [![integration.yml](https://github.com/linux-system-roles/network/actions/workflows/integration.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/integration.yml) [![markdownlint.yml](https://github.com/linux-system-roles/network/actions/workflows/markdownlint.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/markdownlint.yml) [![python-unit-test.yml](https://github.com/linux-system-roles/network/actions/workflows/python-unit-test.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/python-unit-test.yml) [![qemu-kvm-integration-tests.yml](https://github.com/linux-system-roles/network/actions/workflows/qemu-kvm-integration-tests.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/qemu-kvm-integration-tests.yml) [![shellcheck.yml](https://github.com/linux-system-roles/network/actions/workflows/shellcheck.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/shellcheck.yml) [![tft.yml](https://github.com/linux-system-roles/network/actions/workflows/tft.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/tft.yml) [![tft_citest_bad.yml](https://github.com/linux-system-roles/network/actions/workflows/tft_citest_bad.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/tft_citest_bad.yml) [![woke.yml](https://github.com/linux-system-roles/network/actions/workflows/woke.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/woke.yml) [![Coverage Status](https://coveralls.io/repos/github/linux-system-roles/network/badge.svg)](https://coveralls.io/github/linux-system-roles/network) [![Code Style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/ambv/black) [![Language grade: Python](https://img.shields.io/lgtm/grade/python/g/linux-system-roles/network.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/linux-system-roles/network/context:python) +[![ansible-lint.yml](https://github.com/linux-system-roles/network/actions/workflows/ansible-lint.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/ansible-lint.yml) [![ansible-test.yml](https://github.com/linux-system-roles/network/actions/workflows/ansible-test.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/ansible-test.yml) [![codeql.yml](https://github.com/linux-system-roles/network/actions/workflows/codeql.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/codeql.yml) [![codespell.yml](https://github.com/linux-system-roles/network/actions/workflows/codespell.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/codespell.yml) [![markdownlint.yml](https://github.com/linux-system-roles/network/actions/workflows/markdownlint.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/markdownlint.yml) [![python-unit-test.yml](https://github.com/linux-system-roles/network/actions/workflows/python-unit-test.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/python-unit-test.yml) [![qemu-kvm-integration-tests.yml](https://github.com/linux-system-roles/network/actions/workflows/qemu-kvm-integration-tests.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/qemu-kvm-integration-tests.yml) [![shellcheck.yml](https://github.com/linux-system-roles/network/actions/workflows/shellcheck.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/shellcheck.yml) [![tft.yml](https://github.com/linux-system-roles/network/actions/workflows/tft.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/tft.yml) [![tft_citest_bad.yml](https://github.com/linux-system-roles/network/actions/workflows/tft_citest_bad.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/tft_citest_bad.yml) [![woke.yml](https://github.com/linux-system-roles/network/actions/workflows/woke.yml/badge.svg)](https://github.com/linux-system-roles/network/actions/workflows/woke.yml) [![Coverage Status](https://coveralls.io/repos/github/linux-system-roles/network/badge.svg)](https://coveralls.io/github/linux-system-roles/network) [![Code Style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/ambv/black) [![Language grade: Python](https://img.shields.io/lgtm/grade/python/g/linux-system-roles/network.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/linux-system-roles/network/context:python) ## Overview diff --git a/contributing.md b/contributing.md index ee945da..3866c92 100644 --- a/contributing.md +++ b/contributing.md @@ -70,3 +70,51 @@ ansible-playbook --skip-tags tests::cleanup \ [NM 1.0](https://lazka.github.io/pgi-docs/#NM-1.0), it contains a full explanation about the NetworkManager API. + +### Integration tests with podman + +1. Create `~/.ansible/collections/ansible_collections/containers/podman/` if this + directory does not exist and `cd` into this directory. + + ```bash + mkdir -p ~/.ansible/collections/ansible_collections/containers/podman/ + cd ~/.ansible/collections/ansible_collections/containers/podman/ + ``` + +2. Clone the collection plugins for Ansible-Podman into the current directory. + + ```bash + git clone https://github.com/containers/ansible-podman-collections.git . + ``` + +3. Change directory into the `tests` subdirectory. + + ```bash + cd ~/network/tests + ``` + +4. Use podman with `-d` to run in the background (daemon). Use `c7` because + `centos/systemd` is centos7. + + ```bash + podman run --name lsr-ci-c7 --rm --privileged \ + -v /sys/fs/cgroup:/sys/fs/cgroup:ro \ + -d registry.centos.org/centos/systemd + ``` + +5. Use `podman unshare` first to run "podman mount" in root mode, use `-vi` to + run ansible as inventory in verbose mode, use `-c podman` to use the podman + connection plugin. NOTE: Some of the tests do not work with podman - see + `.github/run_test.sh` for the list of tests that do not work. + + ```bash + podman unshare + ansible-playbook -vi lsr-ci-c7, -c podman tests_provider_nm.yml + ``` + +6. NOTE that this leaves the container running in the background, to kill it: + + ```bash + podman stop lsr-ci-c7 + podman rm lsr-ci-c7 + ```