diff --git a/.fmf/version b/.fmf/version deleted file mode 100644 index d00491f..0000000 --- a/.fmf/version +++ /dev/null @@ -1 +0,0 @@ -1 diff --git a/.gitignore b/.gitignore index 62eb9bc..573ee2f 100644 --- a/.gitignore +++ b/.gitignore @@ -87,18 +87,3 @@ crun-0.1.1.tar.gz /crun-1.14.3.tar.xz /crun-1.14.4.tar.xz /crun-1.15.tar.zst -/crun-1.17.tar.zst -/crun-1.18.tar.zst -/crun-1.18.1.tar.zst -/crun-1.18.2.tar.zst -/crun-1.19.tar.zst -/crun-1.19.1.tar.zst -/crun-1.20.tar.zst -/crun-1.21.tar.zst -/crun-1.22.tar.zst -/crun-1.23.tar.zst -/crun-1.23.1.tar.zst -/crun-1.24.tar.zst -/crun-1.25.tar.zst -/crun-1.25.1.tar.zst -/crun-1.26.tar.zst diff --git a/.packit.yaml b/.packit.yaml index b7dc6ae..734d5a6 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -4,24 +4,6 @@ downstream_package_name: crun -# Ref: https://packit.dev/docs/configuration#files_to_sync -files_to_sync: - - src: rpm/gating.yaml - dest: gating.yaml - - src: plans/ - dest: plans/ - delete: true - mkpath: true - - src: tests/tmt/ - dest: tests/tmt/ - delete: true - mkpath: true - - src: .fmf/ - dest: .fmf/ - delete: true - mkpath: true - - .packit.yaml - packages: crun-fedora: pkg_tool: fedpkg @@ -29,8 +11,6 @@ packages: crun-centos: pkg_tool: centpkg specfile_path: rpm/crun.spec - crun-eln: - specfile_path: rpm/crun.spec srpm_build_deps: - git-archive-all @@ -49,15 +29,9 @@ jobs: notifications: &copr_build_failure_notification failure_comment: message: "Ephemeral COPR build failed. @containers/packit-build please check." - targets: &fedora_copr_targets + targets: - fedora-all-x86_64 - fedora-all-aarch64 - - - job: copr_build - trigger: pull_request - packages: [crun-eln] - notifications: *copr_build_failure_notification - targets: - fedora-eln-x86_64 - fedora-eln-aarch64 @@ -65,7 +39,9 @@ jobs: trigger: pull_request packages: [crun-centos] notifications: *copr_build_failure_notification - targets: ¢os_copr_targets + targets: + - epel-9-x86_64 + - epel-9-aarch64 - centos-stream-9-x86_64 - centos-stream-9-aarch64 - centos-stream-10-x86_64 @@ -74,7 +50,6 @@ jobs: # Run on commit to main branch - job: copr_build trigger: commit - packages: [crun-fedora] notifications: failure_comment: message: "podman-next COPR build failed. @containers/packit-build please check." @@ -86,55 +61,70 @@ jobs: - job: tests trigger: pull_request packages: [crun-fedora] - notifications: &test_failure_notification + notifications: &podman_system_test_fail_notification failure_comment: - message: "TMT tests failed. @containers/packit-build please check." - targets: *fedora_copr_targets - tf_extra_params: - environments: - - artifacts: - - type: repository-file - id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/fedora-$releasever/rhcontainerbot-podman-next-fedora-$releasever.repo + message: "podman system tests failed. @containers/packit-build please check." + targets: + - fedora-all-x86_64 + - fedora-all-aarch64 + identifier: podman_system_test_fedora + tmt_plan: "/plans/podman_system_test" - # Podman system tests for CentOS Stream + # Podman system tests for Fedora and CentOS Stream - job: tests trigger: pull_request packages: [crun-centos] - notifications: *test_failure_notification - # TODO: Re-enable centos-stream-10-x86_64 once criu issues are solved - # Ref: https://github.com/containers/crun/pull/1758#issuecomment-2901772392 - # Issue filed: https://github.com/containers/crun/issues/1759 - #targets: *centos_copr_targets + notifications: *podman_system_test_fail_notification targets: - centos-stream-9-x86_64 - centos-stream-9-aarch64 - - centos-stream-10-aarch64 - tf_extra_params: - environments: - - artifacts: - - type: repository-file - id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/centos-stream-$releasever/rhcontainerbot-podman-next-centos-stream-$releasever.repo + # TODO: Enable cs10 tests after netavark has finished defaulting to + # nftables + #- centos-stream-10-x86_64 + #- centos-stream-10-aarch64 + identifier: podman_system_test_centos + tmt_plan: "/plans/podman_system_test" + + # Podman system tests for RHEL + - job: tests + trigger: pull_request + packages: [crun-centos] + use_internal_tf: true + notifications: *podman_system_test_fail_notification + targets: + epel-9-x86_64: + distros: [RHEL-9.4.0-Nightly,RHEL-9-Nightly] + epel-9-aarch64: + distros: [RHEL-9.4.0-Nightly,RHEL-9-Nightly] + # TODO: Enable cs10 tests after netavark has finished defaulting to + # nftables + #centos-stream-10-x86_64: + # distros: [RHEL-10-Beta-Nightly] + #centos-stream-10-aarch64: + # distros: [RHEL-10-Beta-Nightly] + identifier: podman_system_test_internal + tmt_plan: "/plans/podman_system_test" - job: propose_downstream trigger: release packages: [crun-fedora] - dist_git_branches: &fedora_targets + update_release: false + dist_git_branches: - fedora-all - # Disabled until we're switching to Packit for CentOS Stream - job: propose_downstream - trigger: ignore + trigger: release packages: [crun-centos] + update_release: false dist_git_branches: - c10s - job: koji_build trigger: commit - packages: [crun-fedora] - dist_git_branches: *fedora_targets + dist_git_branches: + - fedora-all - job: bodhi_update trigger: commit - packages: [crun-fedora] dist_git_branches: - fedora-branched # rawhide updates are created automatically diff --git a/README.packit b/README.packit index 9bb65f0..066b312 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 1.13.0.post1.dev2+g84134016c. +The file was generated using packit 0.95.0.post1.dev8+gce6bd577. diff --git a/crun.spec b/crun.spec index 5cfc631..f8f06c4 100644 --- a/crun.spec +++ b/crun.spec @@ -1,31 +1,32 @@ %global krun_opts %{nil} %global wasmedge_opts %{nil} -%global yajl_opts %{nil} +%global wasmtime_opts %{nil} -%if %{defined copr_username} +# krun and wasm[edge,time] support only on aarch64 and x86_64 +%ifarch aarch64 || x86_64 +%global wasm_support 1 + +%if %{defined copr_project} %define copr_build 1 %endif -# krun and wasm support only on aarch64 and x86_64 -%ifarch aarch64 || x86_64 - -%if %{defined fedora} -# krun only exists on fedora -%global krun_support 1 -%global krun_opts --with-libkrun - -# Keep wasmedge enabled only on Fedora. It breaks a lot on EPEL. -%global wasm_support 1 +%if %{defined fedora} || %{defined copr_build} %global wasmedge_support 1 %global wasmedge_opts --with-wasmedge %endif +# krun only exists on fedora +%if %{defined fedora} +%global krun_support 1 +%global krun_opts --with-libkrun +%endif + +# wasmtime exists only on podman-next copr for now +%if %{defined copr_project} && "%{?copr_project}" == "podman-next" +%global wasmtime_support 1 +%global wasmtime_opts --with-wasmtime %endif -%if %{defined fedora} || (%{defined rhel} && 0%{?rhel} < 10) -%global system_yajl 1 -%else -%global yajl_opts --enable-embedded-yajl %endif Summary: OCI runtime written in C @@ -39,7 +40,7 @@ Epoch: 102 # If that's what you're reading, Version must be 0, and will be updated by Packit for # copr and koji builds. # If you're reading this on dist-git, the version is automatically filled in by Packit. -Version: 1.26 +Version: 1.15 Release: %autorelease URL: https://github.com/containers/%{name} Source0: %{url}/releases/download/%{version}/%{name}-%{version}.tar.zst @@ -59,9 +60,7 @@ BuildRequires: libcap-devel BuildRequires: libkrun-devel %endif BuildRequires: systemd-devel -%if %{defined system_yajl} BuildRequires: yajl-devel -%endif BuildRequires: libseccomp-devel BuildRequires: python3-libmount BuildRequires: libtool @@ -72,8 +71,10 @@ Recommends: criu-libs %if %{defined wasmedge_support} BuildRequires: wasmedge-devel %endif +%if %{defined wasmtime_support} +BuildRequires: wasmtime-c-api-devel +%endif BuildRequires: python -BuildRequires: glibc-static Provides: oci-runtime %description @@ -94,10 +95,12 @@ krun is a symlink to the %{name} binary, with libkrun as an additional dependenc %package wasm Summary: %{name} with wasm support Requires: %{name} = %{?epoch:%{epoch}:}%{version}-%{release} -# wasm packages are not present on RHEL yet and are currently a PITA to test -# Best to only include wasmedge as weak dep on rhel +# The hard dep on wasm-library is causing trouble in internal testing farm +# with RHEL. %if %{defined fedora} Requires: wasm-library +%else +Recommends: wasm-library %endif Recommends: wasmedge @@ -110,15 +113,20 @@ Recommends: wasmedge %build ./autogen.sh -./configure --disable-silent-rules %{krun_opts} %{wasmedge_opts} %{yajl_opts} +./configure --disable-silent-rules %{krun_opts} %{wasmedge_opts} %{wasmtime_opts} %make_build %install %make_install prefix=%{_prefix} rm -rf %{buildroot}%{_prefix}/lib* -# Placeholder check to silence rpmlint -%check +%if %{defined krun_support} +ln -s %{name} %{buildroot}%{_bindir}/krun +%endif + +%if %{defined wasm_support} +ln -s %{name} %{buildroot}%{_bindir}/%{name}-wasm +%endif %files %license COPYING diff --git a/gating.yaml b/gating.yaml deleted file mode 100644 index f86de09..0000000 --- a/gating.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- !Policy -product_versions: - - fedora-* -decision_contexts: - - bodhi_update_push_stable - - bodhi_update_push_testing -rules: - - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} - ---- !Policy -product_versions: - - rhel-* -decision_context: osci_compose_gate -rules: - - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional} diff --git a/plans/main.fmf b/plans/main.fmf deleted file mode 100644 index 7a4ae15..0000000 --- a/plans/main.fmf +++ /dev/null @@ -1,40 +0,0 @@ -discover: - how: fmf -execute: - how: tmt -prepare: - - when: distro == centos-stream or distro == rhel - how: shell - script: | - dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-$(rpm --eval '%{?rhel}').noarch.rpm - dnf -y config-manager --set-enabled epel - order: 10 - - when: initiator == packit - how: shell - script: | - COPR_REPO_FILE="/etc/yum.repos.d/*podman-next*.repo" - if compgen -G $COPR_REPO_FILE > /dev/null; then - sed -i -n '/^priority=/!p;$apriority=1' $COPR_REPO_FILE - fi - dnf -y upgrade --allowerasing - order: 20 - - how: install - package: - - bats - - crun - - podman-tests - -/shellcheck: - discover+: - filter: 'tag:shellcheck' - enabled: true - adjust: - enabled: false - when: distro == centos-stream-10 or distro == rhel-10 - prepare+: - - how: install - package: ShellCheck - -/tests: - discover+: - filter: 'tag:podman | tag:sanity' diff --git a/plans/tmt.fmf b/plans/tmt.fmf deleted file mode 100644 index 1941978..0000000 --- a/plans/tmt.fmf +++ /dev/null @@ -1,9 +0,0 @@ -/: - inherit: false - -summary: Run tmt's integration tests -plan: - import: - url: https://github.com/teemtee/tmt - path: /plans/friends - name: /podman diff --git a/sources b/sources index 233ea40..7bf880b 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (crun-1.26.tar.zst) = 0785af6095a26290f433c5739bea5d98a029c3f0e8efbeed420481849ebddd70acde6c1105133c392abf26bca90d232cced5e5994da7506d66a020a02c129fb3 +SHA512 (crun-1.15.tar.zst) = a6e141f372817ed8ad1776c3ee272f68fa69680ef4d51b56643c0e4985016a5a6a415cc8623aa211c511916f2c61a417864c24c8d35fde594b624c666a9cca32 diff --git a/tests/tmt/podman/system-test.fmf b/tests/tmt/podman/system-test.fmf deleted file mode 100644 index 8df55c2..0000000 --- a/tests/tmt/podman/system-test.fmf +++ /dev/null @@ -1,7 +0,0 @@ -adjust: - duration: 10m - when: arch == aarch64 - -summary: Run crun specific Podman tests -test: bash ./system-test.sh -tag: [ podman ] diff --git a/tests/tmt/podman/system-test.sh b/tests/tmt/podman/system-test.sh deleted file mode 100644 index 974f829..0000000 --- a/tests/tmt/podman/system-test.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/usr/bin/env bash - -set -exo pipefail - -if [[ "$(id -u)" -ne 0 ]];then - echo "Please run this script as superuser" - exit 1 -fi - -cat /etc/redhat-release -rpm -q conmon containers-common crun podman podman-tests - -# Run crun specific podman tests -bats -t /usr/share/podman/test/system/030-run.bats -bats -t /usr/share/podman/test/system/075-exec.bats -bats -t /usr/share/podman/test/system/280-update.bats -bats -t /usr/share/podman/test/system/520-checkpoint.bats diff --git a/tests/tmt/sanity/config.json b/tests/tmt/sanity/config.json deleted file mode 100644 index 3a1f225..0000000 --- a/tests/tmt/sanity/config.json +++ /dev/null @@ -1,180 +0,0 @@ -{ - "ociVersion": "1.0.0", - "process": { - "terminal": false, - "user": { - "uid": 0, - "gid": 0 - }, - "args": [ - "sleep", "10" - ], - "env": [ - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", - "TERM=xterm" - ], - "cwd": "/", - "capabilities": { - "bounding": [ - "CAP_AUDIT_WRITE", - "CAP_KILL", - "CAP_NET_BIND_SERVICE" - ], - "effective": [ - "CAP_AUDIT_WRITE", - "CAP_KILL", - "CAP_NET_BIND_SERVICE" - ], - "inheritable": [ - ], - "permitted": [ - "CAP_AUDIT_WRITE", - "CAP_KILL", - "CAP_NET_BIND_SERVICE" - ], - "ambient": [ - "CAP_AUDIT_WRITE", - "CAP_KILL", - "CAP_NET_BIND_SERVICE" - ] - }, - "rlimits": [ - { - "type": "RLIMIT_NOFILE", - "hard": 1024, - "soft": 1024 - } - ], - "noNewPrivileges": true - }, - "root": { - "path": "rootfs", - "readonly": true - }, - "hostname": "crun", - "mounts": [ - { - "destination": "/proc", - "type": "proc", - "source": "proc" - }, - { - "destination": "/dev", - "type": "tmpfs", - "source": "tmpfs", - "options": [ - "nosuid", - "strictatime", - "mode=755", - "size=65536k" - ] - }, - { - "destination": "/dev/pts", - "type": "devpts", - "source": "devpts", - "options": [ - "nosuid", - "noexec", - "newinstance", - "ptmxmode=0666", - "mode=0620", - "gid=5" - ] - }, - { - "destination": "/dev/shm", - "type": "tmpfs", - "source": "shm", - "options": [ - "nosuid", - "noexec", - "nodev", - "mode=1777", - "size=65536k" - ] - }, - { - "destination": "/dev/mqueue", - "type": "mqueue", - "source": "mqueue", - "options": [ - "nosuid", - "noexec", - "nodev" - ] - }, - { - "destination": "/sys", - "type": "sysfs", - "source": "sysfs", - "options": [ - "nosuid", - "noexec", - "nodev", - "ro" - ] - }, - { - "destination": "/sys/fs/cgroup", - "type": "cgroup", - "source": "cgroup", - "options": [ - "nosuid", - "noexec", - "nodev", - "relatime", - "ro" - ] - } - ], - "linux": { - "resources": { - "devices": [ - { - "allow": false, - "access": "rwm" - } - ] - }, - "namespaces": [ - { - "type": "pid" - }, - { - "type": "network" - }, - { - "type": "ipc" - }, - { - "type": "uts" - }, - { - "type": "cgroup" - }, - { - "type": "mount" - } - ], - "maskedPaths": [ - "/proc/acpi", - "/proc/asound", - "/proc/kcore", - "/proc/keys", - "/proc/latency_stats", - "/proc/timer_list", - "/proc/timer_stats", - "/proc/sched_debug", - "/sys/firmware", - "/proc/scsi" - ], - "readonlyPaths": [ - "/proc/bus", - "/proc/fs", - "/proc/irq", - "/proc/sys", - "/proc/sysrq-trigger" - ] - } -} diff --git a/tests/tmt/sanity/main.fmf b/tests/tmt/sanity/main.fmf deleted file mode 100644 index ccfa4ca..0000000 --- a/tests/tmt/sanity/main.fmf +++ /dev/null @@ -1,4 +0,0 @@ -summary: Sanity test for crun -test: bash ./runtest.sh -duration: 10m -tag: [ sanity ] diff --git a/tests/tmt/sanity/runtest.sh b/tests/tmt/sanity/runtest.sh deleted file mode 100644 index 3e13986..0000000 --- a/tests/tmt/sanity/runtest.sh +++ /dev/null @@ -1,113 +0,0 @@ -#!/usr/bin/env bash - -set -exo pipefail - -TEMPDIR=$(mktemp -d) -TESTIMG="quay.io/libpod/busybox" -CNAME="mycont-$RANDOM" - -cat /etc/redhat-release -uname -r -rpm -q crun criu - -if ! crun --version; then - exit 1 -fi - -if ! crun features; then - exit 1 -fi - -if ! crun list; then - exit 1 -fi - -# create the top most bundle and rootfs directory -mkdir -p "$TEMPDIR"/rootfs - -# export busybox via podman into the rootfs directory -if ! (podman export "$(podman create $TESTIMG)" | tar -C "$TEMPDIR"/rootfs -xvf -); then - exit 1 -fi - -# use existing spec -cp ./config.json "$TEMPDIR" -ls "$TEMPDIR" -cd "$TEMPDIR" - -if ! crun create $CNAME; then - exit 1 -fi - -if ! crun list; then - exit 1 -fi - -if ! crun start $CNAME; then - exit 1 -fi - -if ! crun list; then - exit 1 -fi - -if ! crun state $CNAME; then - exit 1 -fi - -if ! crun ps $CNAME; then - exit 1 -fi - -if ! ret=$(crun exec $CNAME pwd) || [[ "$ret" != '/' ]]; then - exit 1 -fi - -if ! crun pause $CNAME; then - exit 1 -fi - -if ! crun state $CNAME; then - exit 1 -fi - -if ! crun resume $CNAME; then - exit 1 -fi - -if ! crun state $CNAME; then - exit 1 -fi - -if ! ret=$(crun exec $CNAME pwd) || [[ "$ret" != '/' ]]; then - exit 1 -fi - -if ! crun delete --force $CNAME; then - exit 1 -fi - -if ! crun list; then - exit 1 -fi - -if ! (crun run $CNAME &); then - exit 1 -fi - -if ! crun list; then - exit 1 -fi - -# make sure the container is running state -sleep 2 - -if ! ret=$(crun exec $CNAME echo 'ok') || [[ "$ret" != 'ok' ]]; then - exit 1 -fi - -if ! crun kill $CNAME; then - exit 1 -fi - -exit 0 diff --git a/tests/tmt/shellcheck/main.fmf b/tests/tmt/shellcheck/main.fmf deleted file mode 100644 index 7d220b4..0000000 --- a/tests/tmt/shellcheck/main.fmf +++ /dev/null @@ -1,4 +0,0 @@ -summary: Shellcheck tests -test: find ../ -type f -name "*.sh" -exec shellcheck {} + -duration: 10m -tag: [ shellcheck ]