Support build attest wip #8
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: test | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - 'release/**' | |
| pull_request: | |
| env: | |
| GO_VERSION: 1.21.x | |
| jobs: | |
| # project: | |
| # name: Project Checks | |
| # runs-on: ubuntu-22.04 | |
| # timeout-minutes: 20 | |
| # steps: | |
| # - uses: actions/[email protected] | |
| # with: | |
| # path: src/github.com/containerd/nerdctl | |
| # fetch-depth: 100 | |
| # - uses: actions/setup-go@v5 | |
| # with: | |
| # go-version: ${{ env.GO_VERSION }} | |
| # cache-dependency-path: src/github.com/containerd/nerdctl | |
| # - uses: containerd/[email protected] | |
| # with: | |
| # working-directory: src/github.com/containerd/nerdctl | |
| # repo-access-token: ${{ secrets.GITHUB_TOKEN }} | |
| # - run: ./hack/verify-no-patent.sh | |
| # working-directory: src/github.com/containerd/nerdctl | |
| # - run: ./hack/verify-pkg-isolation.sh | |
| # working-directory: src/github.com/containerd/nerdctl | |
| # lint: | |
| # runs-on: ubuntu-22.04 | |
| # timeout-minutes: 20 | |
| # steps: | |
| # - uses: actions/[email protected] | |
| # with: | |
| # fetch-depth: 1 | |
| # - uses: actions/setup-go@v5 | |
| # with: | |
| # go-version: ${{ env.GO_VERSION }} | |
| # check-latest: true | |
| # cache: true | |
| # - name: golangci-lint | |
| # uses: golangci/[email protected] | |
| # with: | |
| # version: v1.55.2 | |
| # args: --verbose | |
| # - name: yamllint-lint | |
| # run: yamllint . | |
| # test-unit: | |
| # runs-on: ubuntu-22.04 | |
| # timeout-minutes: 20 | |
| # steps: | |
| # - uses: actions/[email protected] | |
| # with: | |
| # fetch-depth: 1 | |
| # - uses: actions/setup-go@v5 | |
| # with: | |
| # go-version: ${{ env.GO_VERSION }} | |
| # check-latest: true | |
| # cache: true | |
| # - name: "Run unit tests" | |
| # run: go test -v ./pkg/... | |
| # test-integration: | |
| # runs-on: "ubuntu-${{ matrix.ubuntu }}" | |
| # timeout-minutes: 40 | |
| # strategy: | |
| # fail-fast: false | |
| # matrix: | |
| # # ubuntu-20.04: cgroup v1, ubuntu-22.04: cgroup v2 | |
| # include: | |
| # - ubuntu: 20.04 | |
| # containerd: v1.6.28 | |
| # - ubuntu: 20.04 | |
| # containerd: v1.7.13 | |
| # - ubuntu: 22.04 | |
| # containerd: v1.7.13 | |
| # - ubuntu: 22.04 | |
| # containerd: main | |
| # env: | |
| # UBUNTU_VERSION: "${{ matrix.ubuntu }}" | |
| # CONTAINERD_VERSION: "${{ matrix.containerd }}" | |
| # steps: | |
| # - uses: actions/[email protected] | |
| # with: | |
| # fetch-depth: 1 | |
| # - name: "Prepare integration test environment" | |
| # run: DOCKER_BUILDKIT=1 docker build -t test-integration --target test-integration --build-arg UBUNTU_VERSION=${UBUNTU_VERSION} --build-arg CONTAINERD_VERSION=${CONTAINERD_VERSION} . | |
| # - name: "Remove snap loopback devices (conflicts with our loopback devices in TestRunDevice)" | |
| # run: | | |
| # sudo systemctl disable --now snapd.service snapd.socket | |
| # sudo apt-get purge -y snapd | |
| # sudo losetup -Dv | |
| # sudo losetup -lv | |
| # - name: "Register QEMU (tonistiigi/binfmt)" | |
| # run: docker run --privileged --rm tonistiigi/binfmt --install all | |
| # - name: "Run integration tests" | |
| # run: docker run -t --rm --privileged test-integration | |
| # test-integration-ipv6: | |
| # runs-on: "ubuntu-${{ matrix.ubuntu }}" | |
| # timeout-minutes: 40 | |
| # strategy: | |
| # fail-fast: false | |
| # matrix: | |
| # # ubuntu-20.04: cgroup v1, ubuntu-22.04: cgroup v2 | |
| # include: | |
| # - ubuntu: 22.04 | |
| # containerd: v1.7.13 | |
| # env: | |
| # UBUNTU_VERSION: "${{ matrix.ubuntu }}" | |
| # CONTAINERD_VERSION: "${{ matrix.containerd }}" | |
| # steps: | |
| # - uses: actions/[email protected] | |
| # with: | |
| # fetch-depth: 1 | |
| # - name: Enable ipv4 and ipv6 forwarding | |
| # run: | | |
| # sudo sysctl -w net.ipv6.conf.all.forwarding=1 | |
| # sudo sysctl -w net.ipv4.ip_forward=1 | |
| # - name: Enable IPv6 for Docker | |
| # run: | | |
| # sudo mkdir -p /etc/docker | |
| # echo '{"ipv6": true, "fixed-cidr-v6": "2001:db8:1::/64", "experimental": true, "ip6tables": true}' | sudo tee /etc/docker/daemon.json | |
| # sudo systemctl restart docker | |
| # - name: "Prepare integration test environment" | |
| # run: DOCKER_BUILDKIT=1 docker build -t test-integration-ipv6 --target test-integration-ipv6 --build-arg UBUNTU_VERSION=${UBUNTU_VERSION} --build-arg CONTAINERD_VERSION=${CONTAINERD_VERSION} . | |
| # - name: "Remove snap loopback devices (conflicts with our loopback devices in TestRunDevice)" | |
| # run: | | |
| # sudo systemctl disable --now snapd.service snapd.socket | |
| # sudo apt-get purge -y snapd | |
| # sudo losetup -Dv | |
| # sudo losetup -lv | |
| # - name: "Register QEMU (tonistiigi/binfmt)" | |
| # run: docker run --privileged --rm tonistiigi/binfmt --install all | |
| # - name: "Run integration tests" | |
| # # The nested IPv6 network inside docker and qemu is complex and needs a bunch of sysctl config. | |
| # # Therefore it's hard to debug why the IPv6 tests fail in such an isolation layer. | |
| # # On the other side, using the host network is easier at configuration. | |
| # # Besides, each job is running on a different instance, which means using host network here | |
| # # is safe and has no side effects on others. | |
| # run: docker run --network host -t --rm --privileged test-integration-ipv6 | |
| # test-integration-rootless: | |
| # runs-on: "ubuntu-${{ matrix.ubuntu }}" | |
| # timeout-minutes: 60 | |
| # strategy: | |
| # fail-fast: false | |
| # matrix: | |
| # # ubuntu-22.04: cgroup v1, ubuntu-22.04: cgroup v2 | |
| # include: | |
| # - ubuntu: 20.04 | |
| # containerd: v1.6.28 | |
| # rootlesskit: v1.1.1 | |
| # target: test-integration-rootless | |
| # - ubuntu: 20.04 | |
| # containerd: v1.7.13 | |
| # rootlesskit: v2.0.0 | |
| # target: test-integration-rootless | |
| # - ubuntu: 22.04 | |
| # containerd: v1.7.13 | |
| # rootlesskit: v1.1.1 | |
| # target: test-integration-rootless | |
| # - ubuntu: 22.04 | |
| # containerd: main | |
| # rootlesskit: v2.0.0 | |
| # target: test-integration-rootless | |
| # - ubuntu: 20.04 | |
| # containerd: v1.6.28 | |
| # rootlesskit: v1.1.1 | |
| # target: test-integration-rootless-port-slirp4netns | |
| # - ubuntu: 20.04 | |
| # containerd: v1.7.13 | |
| # rootlesskit: v2.0.0 | |
| # target: test-integration-rootless-port-slirp4netns | |
| # - ubuntu: 22.04 | |
| # containerd: v1.7.13 | |
| # rootlesskit: v1.1.1 | |
| # target: test-integration-rootless-port-slirp4netns | |
| # - ubuntu: 22.04 | |
| # containerd: main | |
| # rootlesskit: v2.0.0 | |
| # target: test-integration-rootless-port-slirp4netns | |
| # env: | |
| # UBUNTU_VERSION: "${{ matrix.ubuntu }}" | |
| # CONTAINERD_VERSION: "${{ matrix.containerd }}" | |
| # ROOTLESSKIT_VERSION: "${{ matrix.rootlesskit }}" | |
| # TEST_TARGET: "${{ matrix.target }}" | |
| # steps: | |
| # - uses: actions/[email protected] | |
| # with: | |
| # fetch-depth: 1 | |
| # - name: "Register QEMU (tonistiigi/binfmt)" | |
| # run: docker run --privileged --rm tonistiigi/binfmt --install all | |
| # - name: "Prepare (network driver=slirp4netns, port driver=builtin)" | |
| # run: DOCKER_BUILDKIT=1 docker build -t ${TEST_TARGET} --target ${TEST_TARGET} --build-arg UBUNTU_VERSION=${UBUNTU_VERSION} --build-arg CONTAINERD_VERSION=${CONTAINERD_VERSION} --build-arg ROOTLESSKIT_VERSION=${ROOTLESSKIT_VERSION} . | |
| # - name: "Test (network driver=slirp4netns, port driver=builtin)" | |
| # run: docker run -t --rm --privileged -e WORKAROUND_ISSUE_622=1 ${TEST_TARGET} | |
| # cross: | |
| # runs-on: ubuntu-22.04 | |
| # timeout-minutes: 40 | |
| # strategy: | |
| # matrix: | |
| # go-version: ["1.20.x", "1.21.x"] | |
| # steps: | |
| # - uses: actions/[email protected] | |
| # with: | |
| # fetch-depth: 1 | |
| # - uses: actions/setup-go@v5 | |
| # with: | |
| # go-version: ${{ matrix.go-version }} | |
| # cache: true | |
| # check-latest: true | |
| # - name: "Cross" | |
| # run: GO_VERSION="$(echo ${{ matrix.go-version }} | sed -e s/.x//)" make artifacts | |
| test-integration-docker-compatibility: | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 30 | |
| steps: | |
| - uses: actions/[email protected] | |
| with: | |
| fetch-depth: 1 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| cache: true | |
| check-latest: true | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: "Enable BuildKit" | |
| run: | | |
| set -eux -o pipefail | |
| # Enable BuildKit explicitly | |
| sudo apt-get install -y moreutils | |
| cat /etc/docker/daemon.json | |
| jq '.features.buildkit = true' </etc/docker/daemon.json | sudo sponge /etc/docker/daemon.json | |
| cat /etc/docker/daemon.json | |
| sudo systemctl restart docker | |
| # Print docker info | |
| docker info | |
| docker version | |
| docker builder ls | |
| - name: "Register QEMU (tonistiigi/binfmt)" | |
| run: docker run --privileged --rm tonistiigi/binfmt --install all | |
| - name: "Prepare integration test environment" | |
| run: | | |
| sudo apt-get install -y expect | |
| - name: "Ensure that the integration test suite is compatible with Docker" | |
| run: go test -v -timeout 20m -run ^TestBuildAttestation$ -v -exec sudo ./cmd/nerdctl/... -args -test.target=docker -test.kill-daemon | |
| - name: "Ensure that the IPv6 integration test suite is compatible with Docker" | |
| run: go test -v -timeout 20m -run ^TestBuildAttestation$ -v -exec sudo ./cmd/nerdctl/... -args -test.target=docker -test.kill-daemon -test.ipv6 | |
| # test-integration-windows: | |
| # runs-on: windows-2022 | |
| # timeout-minutes: 30 | |
| # defaults: | |
| # run: | |
| # shell: bash | |
| # steps: | |
| # - uses: actions/[email protected] | |
| # with: | |
| # fetch-depth: 1 | |
| # - uses: actions/setup-go@v5 | |
| # with: | |
| # go-version: ${{ env.GO_VERSION }} | |
| # cache: true | |
| # check-latest: true | |
| # - run: go install ./cmd/nerdctl | |
| # - uses: actions/[email protected] | |
| # with: | |
| # repository: containerd/containerd | |
| # ref: v1.7.13 | |
| # path: containerd | |
| # fetch-depth: 1 | |
| # - name: "Set up CNI" | |
| # working-directory: containerd | |
| # run: GOPATH=$(go env GOPATH) script/setup/install-cni-windows | |
| # - name: "Set up containerd" | |
| # env: | |
| # ctrdVersion: 1.7.13 | |
| # run: powershell hack/configure-windows-ci.ps1 | |
| # # TODO: Run unit tests | |
| # - name: "Run integration tests" | |
| # run: go test -v ./cmd/... | |
| # test-integration-freebsd: | |
| # name: FreeBSD | |
| # runs-on: ubuntu-22.04 | |
| # timeout-minutes: 20 | |
| # steps: | |
| # - uses: actions/[email protected] | |
| # - uses: actions/cache@v4 | |
| # with: | |
| # path: /root/.vagrant.d | |
| # key: vagrant-${{ matrix.box }} | |
| # - name: Set up vagrant | |
| # run: | | |
| # sudo apt-get update | |
| # sudo apt-get install -y libvirt-daemon libvirt-daemon-system vagrant vagrant-libvirt | |
| # sudo systemctl enable --now libvirtd | |
| # - name: Boot VM | |
| # run: | | |
| # ln -sf Vagrantfile.freebsd Vagrantfile | |
| # sudo vagrant up --no-tty | |
| # - name: test-unit | |
| # run: sudo vagrant up --provision-with=test-unit | |
| # - name: test-integration | |
| # run: sudo vagrant up --provision-with=test-integration |