diff --git a/.gitignore b/.gitignore index 62eb9bc..2aecac4 100644 --- a/.gitignore +++ b/.gitignore @@ -89,16 +89,3 @@ crun-0.1.1.tar.gz /crun-1.15.tar.zst /crun-1.17.tar.zst /crun-1.18.tar.zst -/crun-1.18.1.tar.zst -/crun-1.18.2.tar.zst -/crun-1.19.tar.zst -/crun-1.19.1.tar.zst -/crun-1.20.tar.zst -/crun-1.21.tar.zst -/crun-1.22.tar.zst -/crun-1.23.tar.zst -/crun-1.23.1.tar.zst -/crun-1.24.tar.zst -/crun-1.25.tar.zst -/crun-1.25.1.tar.zst -/crun-1.26.tar.zst diff --git a/.packit.yaml b/.packit.yaml index b7dc6ae..363614f 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -29,6 +29,8 @@ packages: crun-centos: pkg_tool: centpkg specfile_path: rpm/crun.spec + crun-rhel: + specfile_path: rpm/crun.spec crun-eln: specfile_path: rpm/crun.spec @@ -65,11 +67,25 @@ jobs: trigger: pull_request packages: [crun-centos] notifications: *copr_build_failure_notification - targets: ¢os_copr_targets - - centos-stream-9-x86_64 - - centos-stream-9-aarch64 - - centos-stream-10-x86_64 - - centos-stream-10-aarch64 + targets: ¢os_targets + # Need epel9 repos to fetch wasmedge build dependency + centos-stream-9-x86_64: + additional_repos: + - https://dl.fedoraproject.org/pub/epel/9/Everything/x86_64/ + centos-stream-9-aarch64: + additional_repos: + - https://dl.fedoraproject.org/pub/epel/9/Everything/aarch64/ + # TODO: build on CS10 with wasmedge once epel-10 is available + centos-stream-10-x86_64: {} + centos-stream-10-aarch64: {} + + - job: copr_build + trigger: pull_request + packages: [crun-rhel] + notifications: *copr_build_failure_notification + targets: + - epel-9-x86_64 + - epel-9-aarch64 # Run on commit to main branch - job: copr_build @@ -86,9 +102,9 @@ jobs: - job: tests trigger: pull_request packages: [crun-fedora] - notifications: &test_failure_notification + notifications: &podman_system_test_fail_notification failure_comment: - message: "TMT tests failed. @containers/packit-build please check." + message: "podman system tests failed. @containers/packit-build please check." targets: *fedora_copr_targets tf_extra_params: environments: @@ -100,30 +116,42 @@ jobs: - job: tests trigger: pull_request packages: [crun-centos] - notifications: *test_failure_notification - # TODO: Re-enable centos-stream-10-x86_64 once criu issues are solved - # Ref: https://github.com/containers/crun/pull/1758#issuecomment-2901772392 - # Issue filed: https://github.com/containers/crun/issues/1759 - #targets: *centos_copr_targets - targets: - - centos-stream-9-x86_64 - - centos-stream-9-aarch64 - - centos-stream-10-aarch64 + notifications: *podman_system_test_fail_notification + targets: *centos_targets tf_extra_params: environments: - artifacts: - type: repository-file id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/centos-stream-$releasever/rhcontainerbot-podman-next-centos-stream-$releasever.repo + # Podman system tests for RHEL + - job: tests + trigger: pull_request + packages: [crun-rhel] + use_internal_tf: true + notifications: *podman_system_test_fail_notification + targets: + epel-9-x86_64: + distros: [RHEL-9.4.0-Nightly,RHEL-9-Nightly] + epel-9-aarch64: + distros: [RHEL-9.4.0-Nightly,RHEL-9-Nightly] + #TODO: Enable RHEL10 targets once epel-10 copr target is available + tf_extra_params: + environments: + - artifacts: + - type: repository-file + id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/epel-$releasever/rhcontainerbot-podman-next-epel-$releasever.repo + - type: repository-file + id: https://src.fedoraproject.org/rpms/epel-release/raw/epel9/f/epel.repo + - job: propose_downstream trigger: release packages: [crun-fedora] dist_git_branches: &fedora_targets - fedora-all - # Disabled until we're switching to Packit for CentOS Stream - job: propose_downstream - trigger: ignore + trigger: release packages: [crun-centos] dist_git_branches: - c10s diff --git a/README.packit b/README.packit index 9bb65f0..2bd3f40 100644 --- a/README.packit +++ b/README.packit @@ -1,3 +1,3 @@ This repository is maintained by packit. https://packit.dev/ -The file was generated using packit 1.13.0.post1.dev2+g84134016c. +The file was generated using packit 0.102.1.post1.dev6+g64f7460b. diff --git a/crun.spec b/crun.spec index 5cfc631..1e315b8 100644 --- a/crun.spec +++ b/crun.spec @@ -9,17 +9,20 @@ # krun and wasm support only on aarch64 and x86_64 %ifarch aarch64 || x86_64 -%if %{defined fedora} -# krun only exists on fedora -%global krun_support 1 -%global krun_opts --with-libkrun - -# Keep wasmedge enabled only on Fedora. It breaks a lot on EPEL. +# Disable wasmedge on rhel 10 until EPEL10 is in place, otherwise it causes +# build issues on copr +%if %{defined fedora} || (%{defined copr_build} && %{defined rhel} && 0%{?rhel} < 10) %global wasm_support 1 %global wasmedge_support 1 %global wasmedge_opts --with-wasmedge %endif +# krun only exists on fedora +%if %{defined fedora} +%global krun_support 1 +%global krun_opts --with-libkrun +%endif + %endif %if %{defined fedora} || (%{defined rhel} && 0%{?rhel} < 10) @@ -39,7 +42,7 @@ Epoch: 102 # If that's what you're reading, Version must be 0, and will be updated by Packit for # copr and koji builds. # If you're reading this on dist-git, the version is automatically filled in by Packit. -Version: 1.26 +Version: 1.18 Release: %autorelease URL: https://github.com/containers/%{name} Source0: %{url}/releases/download/%{version}/%{name}-%{version}.tar.zst @@ -66,14 +69,15 @@ BuildRequires: libseccomp-devel BuildRequires: python3-libmount BuildRequires: libtool BuildRequires: protobuf-c-devel +%ifnarch riscv64 BuildRequires: criu-devel >= 3.17.1-2 Recommends: criu >= 3.17.1 Recommends: criu-libs +%endif %if %{defined wasmedge_support} BuildRequires: wasmedge-devel %endif BuildRequires: python -BuildRequires: glibc-static Provides: oci-runtime %description @@ -117,9 +121,6 @@ Recommends: wasmedge %make_install prefix=%{_prefix} rm -rf %{buildroot}%{_prefix}/lib* -# Placeholder check to silence rpmlint -%check - %files %license COPYING %{_bindir}/%{name} diff --git a/gating.yaml b/gating.yaml index f86de09..dbb1d91 100644 --- a/gating.yaml +++ b/gating.yaml @@ -1,9 +1,7 @@ --- !Policy product_versions: - fedora-* -decision_contexts: - - bodhi_update_push_stable - - bodhi_update_push_testing +decision_context: bodhi_update_push_stable rules: - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} @@ -11,5 +9,4 @@ rules: product_versions: - rhel-* decision_context: osci_compose_gate -rules: - - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional} +rules: [] diff --git a/plans/main.fmf b/plans/main.fmf index 7a4ae15..b56d319 100644 --- a/plans/main.fmf +++ b/plans/main.fmf @@ -2,39 +2,19 @@ discover: how: fmf execute: how: tmt -prepare: - - when: distro == centos-stream or distro == rhel - how: shell - script: | - dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-$(rpm --eval '%{?rhel}').noarch.rpm - dnf -y config-manager --set-enabled epel - order: 10 - - when: initiator == packit - how: shell - script: | - COPR_REPO_FILE="/etc/yum.repos.d/*podman-next*.repo" - if compgen -G $COPR_REPO_FILE > /dev/null; then - sed -i -n '/^priority=/!p;$apriority=1' $COPR_REPO_FILE - fi - dnf -y upgrade --allowerasing - order: 20 - - how: install - package: - - bats - - crun - - podman-tests -/shellcheck: +/upstream: + summary: Run crun specific Podman system tests on upstream PRs discover+: - filter: 'tag:shellcheck' - enabled: true - adjust: + filter: tag:upstream + adjust+: enabled: false - when: distro == centos-stream-10 or distro == rhel-10 - prepare+: - - how: install - package: ShellCheck + when: initiator is not defined or initiator != packit -/tests: +/downstream: + summary: Run crun specific Podman system tests on bodhi / errata and dist-git PRs discover+: - filter: 'tag:podman | tag:sanity' + filter: tag:downstream + adjust+: + enabled: false + when: initiator == packit diff --git a/plans/tmt.fmf b/plans/tmt.fmf deleted file mode 100644 index 1941978..0000000 --- a/plans/tmt.fmf +++ /dev/null @@ -1,9 +0,0 @@ -/: - inherit: false - -summary: Run tmt's integration tests -plan: - import: - url: https://github.com/teemtee/tmt - path: /plans/friends - name: /podman diff --git a/sources b/sources index 233ea40..285c15f 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (crun-1.26.tar.zst) = 0785af6095a26290f433c5739bea5d98a029c3f0e8efbeed420481849ebddd70acde6c1105133c392abf26bca90d232cced5e5994da7506d66a020a02c129fb3 +SHA512 (crun-1.18.tar.zst) = a1a77a74163bcad18541c688e8006449c86ff490c98485c1294bdbf892840d1add1d5a25de75950a21255185aebdb6136490512d4c7562a53ac4052669924fad diff --git a/tests/tmt/Makefile b/tests/tmt/Makefile new file mode 100644 index 0000000..b57ba2c --- /dev/null +++ b/tests/tmt/Makefile @@ -0,0 +1,3 @@ +.PHONY: podman_system_test +podman_system_test: + bash ./podman-tests.sh diff --git a/tests/tmt/main.fmf b/tests/tmt/main.fmf new file mode 100644 index 0000000..b0db617 --- /dev/null +++ b/tests/tmt/main.fmf @@ -0,0 +1,13 @@ +# Only common dependencies that are NOT required to run podman-tests.sh are +# specified here. Everything else is in podman-tests.sh. +require: + - make + +adjust: + duration: 10m + when: arch == aarch64 + +/podman_system_test: + tag: [ upstream, downstream ] + summary: Run crun specific Podman tests + test: make podman_system_test diff --git a/tests/tmt/podman-tests.sh b/tests/tmt/podman-tests.sh new file mode 100644 index 0000000..9d091c7 --- /dev/null +++ b/tests/tmt/podman-tests.sh @@ -0,0 +1,22 @@ +#!/usr/bin/env bash + +set -exo pipefail + +if [[ "$(id -u)" -ne 0 ]];then + echo "Please run this script as superuser" + exit 1 +fi + +# Remove testing-farm repos if they exist because they interfere with the +# podman-next copr. The default distro repos will not be removed and can be +# used wherever relevant. +rm -f /etc/yum.repos.d/tag-repository.repo + +dnf -y install bats conmon podman podman-tests +dnf -y update --allowerasing + +cat /etc/redhat-release +rpm -q conmon containers-common crun podman podman-tests + +# Run crun specific podman tests +bats /usr/share/podman/test/system/030-run.bats diff --git a/tests/tmt/podman/system-test.fmf b/tests/tmt/podman/system-test.fmf deleted file mode 100644 index 8df55c2..0000000 --- a/tests/tmt/podman/system-test.fmf +++ /dev/null @@ -1,7 +0,0 @@ -adjust: - duration: 10m - when: arch == aarch64 - -summary: Run crun specific Podman tests -test: bash ./system-test.sh -tag: [ podman ] diff --git a/tests/tmt/podman/system-test.sh b/tests/tmt/podman/system-test.sh deleted file mode 100644 index 974f829..0000000 --- a/tests/tmt/podman/system-test.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/usr/bin/env bash - -set -exo pipefail - -if [[ "$(id -u)" -ne 0 ]];then - echo "Please run this script as superuser" - exit 1 -fi - -cat /etc/redhat-release -rpm -q conmon containers-common crun podman podman-tests - -# Run crun specific podman tests -bats -t /usr/share/podman/test/system/030-run.bats -bats -t /usr/share/podman/test/system/075-exec.bats -bats -t /usr/share/podman/test/system/280-update.bats -bats -t /usr/share/podman/test/system/520-checkpoint.bats diff --git a/tests/tmt/sanity/config.json b/tests/tmt/sanity/config.json deleted file mode 100644 index 3a1f225..0000000 --- a/tests/tmt/sanity/config.json +++ /dev/null @@ -1,180 +0,0 @@ -{ - "ociVersion": "1.0.0", - "process": { - "terminal": false, - "user": { - "uid": 0, - "gid": 0 - }, - "args": [ - "sleep", "10" - ], - "env": [ - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", - "TERM=xterm" - ], - "cwd": "/", - "capabilities": { - "bounding": [ - "CAP_AUDIT_WRITE", - "CAP_KILL", - "CAP_NET_BIND_SERVICE" - ], - "effective": [ - "CAP_AUDIT_WRITE", - "CAP_KILL", - "CAP_NET_BIND_SERVICE" - ], - "inheritable": [ - ], - "permitted": [ - "CAP_AUDIT_WRITE", - "CAP_KILL", - "CAP_NET_BIND_SERVICE" - ], - "ambient": [ - "CAP_AUDIT_WRITE", - "CAP_KILL", - "CAP_NET_BIND_SERVICE" - ] - }, - "rlimits": [ - { - "type": "RLIMIT_NOFILE", - "hard": 1024, - "soft": 1024 - } - ], - "noNewPrivileges": true - }, - "root": { - "path": "rootfs", - "readonly": true - }, - "hostname": "crun", - "mounts": [ - { - "destination": "/proc", - "type": "proc", - "source": "proc" - }, - { - "destination": "/dev", - "type": "tmpfs", - "source": "tmpfs", - "options": [ - "nosuid", - "strictatime", - "mode=755", - "size=65536k" - ] - }, - { - "destination": "/dev/pts", - "type": "devpts", - "source": "devpts", - "options": [ - "nosuid", - "noexec", - "newinstance", - "ptmxmode=0666", - "mode=0620", - "gid=5" - ] - }, - { - "destination": "/dev/shm", - "type": "tmpfs", - "source": "shm", - "options": [ - "nosuid", - "noexec", - "nodev", - "mode=1777", - "size=65536k" - ] - }, - { - "destination": "/dev/mqueue", - "type": "mqueue", - "source": "mqueue", - "options": [ - "nosuid", - "noexec", - "nodev" - ] - }, - { - "destination": "/sys", - "type": "sysfs", - "source": "sysfs", - "options": [ - "nosuid", - "noexec", - "nodev", - "ro" - ] - }, - { - "destination": "/sys/fs/cgroup", - "type": "cgroup", - "source": "cgroup", - "options": [ - "nosuid", - "noexec", - "nodev", - "relatime", - "ro" - ] - } - ], - "linux": { - "resources": { - "devices": [ - { - "allow": false, - "access": "rwm" - } - ] - }, - "namespaces": [ - { - "type": "pid" - }, - { - "type": "network" - }, - { - "type": "ipc" - }, - { - "type": "uts" - }, - { - "type": "cgroup" - }, - { - "type": "mount" - } - ], - "maskedPaths": [ - "/proc/acpi", - "/proc/asound", - "/proc/kcore", - "/proc/keys", - "/proc/latency_stats", - "/proc/timer_list", - "/proc/timer_stats", - "/proc/sched_debug", - "/sys/firmware", - "/proc/scsi" - ], - "readonlyPaths": [ - "/proc/bus", - "/proc/fs", - "/proc/irq", - "/proc/sys", - "/proc/sysrq-trigger" - ] - } -} diff --git a/tests/tmt/sanity/main.fmf b/tests/tmt/sanity/main.fmf deleted file mode 100644 index ccfa4ca..0000000 --- a/tests/tmt/sanity/main.fmf +++ /dev/null @@ -1,4 +0,0 @@ -summary: Sanity test for crun -test: bash ./runtest.sh -duration: 10m -tag: [ sanity ] diff --git a/tests/tmt/sanity/runtest.sh b/tests/tmt/sanity/runtest.sh deleted file mode 100644 index 3e13986..0000000 --- a/tests/tmt/sanity/runtest.sh +++ /dev/null @@ -1,113 +0,0 @@ -#!/usr/bin/env bash - -set -exo pipefail - -TEMPDIR=$(mktemp -d) -TESTIMG="quay.io/libpod/busybox" -CNAME="mycont-$RANDOM" - -cat /etc/redhat-release -uname -r -rpm -q crun criu - -if ! crun --version; then - exit 1 -fi - -if ! crun features; then - exit 1 -fi - -if ! crun list; then - exit 1 -fi - -# create the top most bundle and rootfs directory -mkdir -p "$TEMPDIR"/rootfs - -# export busybox via podman into the rootfs directory -if ! (podman export "$(podman create $TESTIMG)" | tar -C "$TEMPDIR"/rootfs -xvf -); then - exit 1 -fi - -# use existing spec -cp ./config.json "$TEMPDIR" -ls "$TEMPDIR" -cd "$TEMPDIR" - -if ! crun create $CNAME; then - exit 1 -fi - -if ! crun list; then - exit 1 -fi - -if ! crun start $CNAME; then - exit 1 -fi - -if ! crun list; then - exit 1 -fi - -if ! crun state $CNAME; then - exit 1 -fi - -if ! crun ps $CNAME; then - exit 1 -fi - -if ! ret=$(crun exec $CNAME pwd) || [[ "$ret" != '/' ]]; then - exit 1 -fi - -if ! crun pause $CNAME; then - exit 1 -fi - -if ! crun state $CNAME; then - exit 1 -fi - -if ! crun resume $CNAME; then - exit 1 -fi - -if ! crun state $CNAME; then - exit 1 -fi - -if ! ret=$(crun exec $CNAME pwd) || [[ "$ret" != '/' ]]; then - exit 1 -fi - -if ! crun delete --force $CNAME; then - exit 1 -fi - -if ! crun list; then - exit 1 -fi - -if ! (crun run $CNAME &); then - exit 1 -fi - -if ! crun list; then - exit 1 -fi - -# make sure the container is running state -sleep 2 - -if ! ret=$(crun exec $CNAME echo 'ok') || [[ "$ret" != 'ok' ]]; then - exit 1 -fi - -if ! crun kill $CNAME; then - exit 1 -fi - -exit 0 diff --git a/tests/tmt/shellcheck/main.fmf b/tests/tmt/shellcheck/main.fmf deleted file mode 100644 index 7d220b4..0000000 --- a/tests/tmt/shellcheck/main.fmf +++ /dev/null @@ -1,4 +0,0 @@ -summary: Shellcheck tests -test: find ../ -type f -name "*.sh" -exec shellcheck {} + -duration: 10m -tag: [ shellcheck ]