[v5.4-rhel] Enable system tests on RHEL envs with TMT #26183
Conversation
openshift-ci
bot
added
do-not-merge/work-in-progress
|
Failed to load packit config file: For more info, please check out the documentation or contact the Packit team. You can also use our CLI command |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: lsm5 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
This reverts commit 64aaa45. Signed-off-by: Lokesh Mandvekar <[email protected]>
lsm5
force-pushed
the
v5.4-rhel-tmt
branch
3 times, most recently
from
f8c817f to
e823b71
Compare
|
Ephemeral COPR build failed. @containers/packit-build please check. |
|
Tests failed. @containers/packit-build please check. |
|
Ephemeral COPR build failed. @containers/packit-build please check. |
lsm5
force-pushed
the
v5.4-rhel-tmt
branch
2 times, most recently
from
85de7cb to
9bc6d8a
Compare
|
We either must reconfigure merge protection to be turned off or hard code the tasks names there to the tmt ones for all rhel branches. I guess for RHEL branches the task names don't change so setting up branch protection and for each branch will be acceptable. (And I guess long term we wanted to drop the RHEL branches from the main repo here anyway so this would not be a forever situation) Also why are we testing epel and nightly branches, would it not make much more sense to target the actual branches this version is being shipped in? I would expect to be tested against RHEL 9.6/10.0 only. That way we know the right go version is being used and the tests pass on the final version that should massively reduce any post merge surprises. |
|
Oh on other thing there is must include Jira link for RHEL CI setup via cirrus via the auto team. I am not sure what our commitment there is/was but I think we must have a way to ensure that only RHEL Jira approved changes can get merged. |
Agreed.
RE: epel, the way copr is setup, epel jobs are the most convenient for RHEL testing. The copr epel targets are RHEL + EPEL. RE: nightly compose, the current rhel-10-main and rhel-9-main have v5.4, so I've enabled them here atm.
Yup, I'll enable the other relevant targets too. Eventually, it would be good to add these jobs in the main branch along with Packit's
I'll look into that. Thanks. |
I'm also checking with the packit team about additional workflow options which could possibly help us maintain the official rpm through the rhel maint branch itself instead of having 2 separate repos. If we move hosting for rhel branches elsewhere, then of course my quoted comment won't be relevant. |
I mean we talk about a branch once every six months so I would not worry about that.
I think we must, given CNCF we cannot really have RHEL specific code in the same repo. Basic access rule would not work out. And I think that is actually a strong point in favour of tmt. Because we can easily switch to the centos gitlab or whatever and keep using the same packit/tmt config and infra I assume. And then we can have proper merge protection on such new repo for tmt based tasks. |
lsm5
force-pushed
the
v5.4-rhel-tmt
branch
3 times, most recently
from
55d7e39 to
35d5205
Compare
|
Failed to load packit config file: For more info, please check out the documentation or contact the Packit team. You can also use our CLI command |
lsm5
force-pushed
the
v5.4-rhel-tmt
branch
7 times, most recently
from
6bbec66 to
248fbd1
Compare
lsm5
force-pushed
the
v5.4-rhel-tmt
branch
10 times, most recently
from
162f195 to
7df52ad
Compare
lsm5
force-pushed
the
v5.4-rhel-tmt
branch
9 times, most recently
from
6affe67 to
7b3b842
Compare
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
|
@containers/podman-maintainers PTAL |
|
No rpms are being built here. Just makefile targets as-is. |
No rpms are built, tests are run directly on binaries built from Makefile targets. RHEL environments are provisioned on internal testing farm. Signed-off-by: Lokesh Mandvekar <[email protected]>
test/tmt/main.fmf
Outdated
| bash ./setup.sh && | ||
| make -C $TMT_TREE localsystem | ||
| duration: 40m | ||
|
|
||
| /sys-rootless-local: | ||
| test: > | ||
| bash ./setup.sh && | ||
| loginctl enable-linger $ROOTLESS_USER && | ||
| chown -R $ROOTLESS_USER $TMT_TREE && | ||
| su - "$ROOTLESS_USER" -c "CI_DESIRED_NETWORK=netavark make -C $TMT_TREE localsystem" | ||
| duration: 40m | ||
|
|
||
| /sys-root-remote: | ||
| test: > | ||
| bash ./setup.sh && | ||
| make -C $TMT_TREE remotesystem | ||
| duration: 40m | ||
|
|
||
| /sys-rootless-remote: | ||
| test: > | ||
| bash ./setup.sh && | ||
| loginctl enable-linger $ROOTLESS_USER && | ||
| chown -R $ROOTLESS_USER $TMT_TREE && | ||
| su - "$ROOTLESS_USER" -c "CI_DESIRED_NETWORK=netavark make -C $TMT_TREE remotesystem" | ||
| duration: 40m |
There was a problem hiding this comment.
Why doesn't this use the actual rpm build?
I think that is likely causing some of your testing issues. I would assume if this is using podman-tests like done on main/gating tests.
There was a problem hiding this comment.
That's because using centos stream spec causes problems, mainly centos stream moving to v5.5 etc. and rhel specs aren't accessible. Which is why my comment on the tracker issue about finding a new home and change in process for RHEL branches.
I would have ideally preferred to put this whole thing on hold until we do the process change, but this at least gets us close to cirrus independence.
Packit is not available internally, so if we are moving the rhel branches to somewhere internal, the process change would need us to write our own build rpm job, or borrow the one that's used on centos stream dist-git. So, having some rpm job here would not easily transfer to the new home. So, if we don't use rpms here, it becomes much easier to move rhel branches elsewhere, as TMT jobs get triggered with or without packit.
There was a problem hiding this comment.
ack go it, yeah it seems we are a in bit of weird spot right now.
I guess problems will get solved once we have a spec in repo + packit/tmt workflow for RHEL properly worked out, most likely means having an internal repo.
I am ok moving ahead with this but I suggest you ask QE to check all the newly skipped issues so we know if they actually test them or know how to make them pass in a RHEL env.
There was a problem hiding this comment.
I guess problems will get solved once we have a spec in repo + packit/tmt workflow for RHEL properly worked out, most likely means having an internal repo.
The in-repo spec copy was one option I had in mind, but that could suffer from rot because we don't use the packit process for RHEL and there's risk of that spec being ignored/diverging from official spec. So, ideally it should be a spec that's regularly maintained in the official RHEL process and also easily fetchable.
It would be ideal to have the official rhel sources and the podman RHEL branch be a monorepo, so everyone could work on the same repo, but that process isn't in place yet.
I am ok moving ahead with this but I suggest you ask QE to check all the newly skipped issues so we know if they actually test them or know how to make them pass in a RHEL env.
On it. I'm gonna try running these on their environment tomorrow. Yiqiao said the rootless user is added to wheel in their env, but when I add rootless user to wheel as in 3b6d20c . it skips all of 252-quadlet.bats as in https://artifacts.osci.redhat.com/testing-farm/9b8695bd-3651-45f5-80d0-7505b7b90df7/ . I'll get back to this tomorrow.
Signed-off-by: Lokesh Mandvekar <[email protected]>
openshift-ci
bot
added
the
do-not-merge/work-in-progress
Does this PR introduce a user-facing change?