-
Notifications
You must be signed in to change notification settings - Fork 453
139 lines (118 loc) · 4.01 KB
/
crio.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
name: CRI-O
on:
push:
tags:
- "*"
branches:
- master
pull_request:
jobs:
test:
strategy:
fail-fast: false
matrix:
suite:
- e2e
- critest
oci-runtime:
- crun
- runc
monitor:
- conmon
- conmon-rs
name: ${{matrix.suite}} / ${{matrix.oci-runtime}} / ${{matrix.monitor}}
runs-on: ubuntu-22.04
steps:
- name: Checkout cri-tools
uses: actions/checkout@v4
- name: Install go
uses: actions/setup-go@v5
with:
go-version: '1.22'
- name: Setup system
run: |
# enable necessary kernel modules
sudo ip6tables --list >/dev/null
# enable necessary sysctls
sudo sysctl -w net.ipv4.conf.all.route_localnet=1
sudo sysctl -w net.bridge.bridge-nf-call-iptables=1
sudo sysctl -w net.ipv4.ip_forward=1
sudo iptables -t nat -I POSTROUTING -s 127.0.0.0/8 ! -d 127.0.0.0/8 -j MASQUERADE
- name: Install ginkgo
run: |
go install github.com/onsi/ginkgo/v2/ginkgo@latest
ginkgo version
sudo cp $(command -v ginkgo) /usr/local/bin
- name: Install CRI-O
run: |
curl https://raw.githubusercontent.com/cri-o/packaging/main/get | sudo bash
- name: Configure CRI-O
run: |
sudo mkdir -p /etc/crio/crio.conf.d
printf '[crio.runtime]\nlog_level = "debug"\n' | sudo tee /etc/crio/crio.conf.d/01-log-level.conf
- name: Configure CRI-O to use conmon-rs intead of the default conmon
if: ${{matrix.monitor == 'conmon-rs'}}
run: |
sudo sed -i -E 's;(monitor_path = ).*;\1"/usr/libexec/crio/conmonrs"\nruntime_type = "pod";g' /etc/crio/crio.conf.d/10-crio.conf
- name: Configure CRI-O to use runc instead of the default crun
if: ${{matrix.oci-runtime == 'runc'}}
run: |
sudo sed -i -E 's;(default_runtime = ).*;\1"runc";g' /etc/crio/crio.conf.d/10-crio.conf
- name: Show the CRI-O config drop-in
run: cat /etc/crio/crio.conf.d/10-crio.conf
- name: Start CRI-O
run: |
sudo systemctl daemon-reload
sudo systemctl start crio
sudo crio status config
- name: Build cri-tools
run: |
make
sudo -E PATH=$PATH make install
- name: Run critest
if: ${{matrix.suite == 'critest'}}
shell: bash
run: |
set -euox pipefail
ARGS=()
# TODO: check why these tests fail on that combination
if [[ "${{matrix.oci-runtime}}" == "crun" ]]; then
SKIP=rshared
if [[ "${{matrix.monitor}}" == "conmon-rs" ]]; then
SKIP="$SKIP|SupplementalGroups|AppArmor|RunAsUser"
fi
ARGS=(--ginkgo.skip "$SKIP")
fi
set +o errexit
sudo -E PATH=$PATH critest \
--runtime-endpoint=unix:///var/run/crio/crio.sock \
--parallel=$(nproc) \
--ginkgo.flake-attempts=3 \
--ginkgo.randomize-all \
--ginkgo.timeout=2m \
--ginkgo.trace \
--ginkgo.vv \
"${ARGS[@]}"
TEST_RC=$?
set -o errexit
sudo journalctl --no-pager > journal.log
test $TEST_RC -ne 0 && cat journal.log
exit $TEST_RC
- name: Run crictl e2e tests
if: ${{matrix.suite == 'e2e'}}
shell: bash
run: |
set -euox pipefail
set +o errexit
sudo -E PATH=$PATH make test-e2e \
TESTFLAGS="-crictl-runtime-endpoint=unix://var/run/crio/crio.sock"
TEST_RC=$?
set -o errexit
sudo journalctl --no-pager > journal.log
test $TEST_RC -ne 0 && cat journal.log
exit $TEST_RC
- name: Upload logs
uses: actions/upload-artifact@v4
with:
name: ${{matrix.suite}}-${{matrix.oci-runtime}}-${{matrix.monitor}}-${{github.sha}}.log
path: journal.log