github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-09-09 04:39:17 +00:00
Code Issues Projects Releases Wiki Activity
13,731 Commits 41 Branches 137 Tags
44df674232b6fc3d6f51192a5a028ecb1aa9b5e9
Commit Graph

13731 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Fabiano Fidêncio
44df674232 Merge pull request #9757 from fidencio/topic/ci-tdx-skip-empty-dir-tests 
ci: k8s: Skip empty dir tests also for TDX
 2024-05-31 13:18:35 +02:00
Zvonko Kaiser
0321a3adcc Merge pull request #8944 from zvonkok/update-threat-model 
threat-model: Add VFIO, ACPI and KVM/VMM threat-model descriptions
 2024-05-31 10:38:27 +02:00
Fabiano Fidêncio
03a7cf4b02 ci: k8s: Skip empty dir tests also for TDX 
Wainer noticed this is failing for the coco-qemu-dev case, and decided
to skip it, notifying me that he didn't fully understand why it was not
failing on TDX.

Turns out, though, this is also failing on TDX, and we need to skip it
there as well.

Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
 2024-05-31 09:59:46 +02:00
Fabiano Fidêncio
72a71ff2bf Merge pull request #9737 from zvonkok/kata-deploy-no-sudo 
ci: kata-deploy no sudo
 2024-05-31 09:55:24 +02:00
Zvonko Kaiser
dd89d35b75 Merge pull request #9747 from zvonkok/remove-git-config 
ci: Remove all git config safe.directory
 2024-05-31 07:25:28 +02:00
Wainer Moschetta
83fa813700 Merge pull request #9694 from wainersm/qemu_coco_dev-k8s-guest-pull 
tests: enable guest-pull on all k8s tests for the qemu-coco-dev configuration
 2024-05-30 21:48:11 -03:00
Wainer Moschetta
66e3b88694 Merge pull request #9746 from wainersm/nydus_snapshotter_pin 
ci: pin the nydus-snapshotter image version
 2024-05-30 16:49:10 -03:00
Wainer dos Santos Moschetta
3e18fe7805 tests/k8s: skip file volume tests for qemu-coco-dev 
This test fails with qemu-coco-dev configuration and guest-pull image pull.

Issue: #9667
Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
 2024-05-30 14:50:59 -03:00
Zvonko Kaiser
063db516f2 ci: Remove all git config safe.directory 
Now with the sudo less build we should be good
to remove those hacks.

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
 2024-05-30 15:12:28 +00:00
Zvonko Kaiser
d8889684f0 ci: kata-deploy no sudo 
Build/push/manage aritfacts without sudo

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
 2024-05-30 15:07:27 +00:00
Wainer dos Santos Moschetta
5faf9ca344 ci: pin the nydus-snapshotter image version 
It's cloning the nydus-snapshotter repo from the version specified in
versions.yaml, however, the deployment files are set to pull in the
latest version of the snapshotter image. With this version we are
pinning the image version too.

This is a temporary fix as it should be better worked out at nydus-snapshotter
project side.

Fixes: #9742
Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
 2024-05-30 11:21:16 -03:00
Greg Kurz
b3cb19b6a7 Merge pull request #9639 from emanuellima1/rng-impl 
runtime-rs: Add RNG to QEMU cmdline
 2024-05-30 12:00:11 +02:00
Zvonko Kaiser
7cc0ebe75e Merge pull request #9743 from zvonkok/tools-fix 
ci: Fix tools builder images
 2024-05-30 11:53:34 +02:00
Zvonko Kaiser
02a7f8c852 ci: Fix tools builder images 
We weren't considering changes of the tools script dir
adding a fourth hash to accomodate this

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
 2024-05-30 08:10:42 +00:00
Fabiano Fidêncio
97806dbdaa Merge pull request #9732 from zvonkok/shim-v2-no-sudo 
ci: shim-v2 no sudo
 2024-05-30 07:01:04 +02:00
Wainer dos Santos Moschetta
37894923c1 tests/k8s: skip empty dir volumes tests for qemu-coco-dev 
This test fails with qemu-coco-dev configuration and guest-pull image pull.

Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
 2024-05-29 18:37:24 -03:00
Wainer dos Santos Moschetta
79a8b31ec5 tests/k8s: skip shared volume tests for qemu-coco-dev 
This test fails with qemu-coco-dev configuration and guest-pull image pull.

Issue: #9668
Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
 2024-05-29 18:37:24 -03:00
Wainer dos Santos Moschetta
aa1a37081e tests/k8s: skip sysctls tests for qemu-coco-dev 
This test fails with qemu-coco-dev configuration and guest-pull image pull.

Issue: #9666
Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
 2024-05-29 18:37:24 -03:00
Wainer dos Santos Moschetta
0e81ced9f1 tests/k8s: skip kill-all-process tests for qemu-coco-dev 
This test fails with qemu-coco-dev configuration and guest-pull image pull.

Issue: #9664
Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
 2024-05-29 18:37:24 -03:00
Wainer dos Santos Moschetta
18896efa3c tests/k8s: skip seccomp tests for qemu-coco-dev 
This test fails with qemu-coco-dev configuration and guest-pull image pull.
Unlike other tests that I've seen failing on this scenario, k8s-seccomp.bats
fails after a couple of consecutive executions, so it's that kind of failure
that happens once in a while.

Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
 2024-05-29 18:37:24 -03:00
Wainer dos Santos Moschetta
b62ad71c43 tests/k8s: add runtime handler annotation for qemu-coco-dev 
This will enable the k8s tests to leverage guest pulling when
PULL_TYPE=guest-pull for qemu-coco-dev runtimeclass.

Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
 2024-05-29 18:37:24 -03:00
Wainer dos Santos Moschetta
089c7ad84a tests/k8s: add runtime handler annotation only for guest-pull 
The runtime handler annotation is required for Kubernetes <= 1.28 and
guest-pull pull type. So leverage $PULL_TYPE (which is exported by CI jobs)
to conditionally apply the annotation.

Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
 2024-05-29 18:37:24 -03:00
GabyCT
0eddfdc74f Merge pull request #9731 from zvonkok/pause-no-sudo 
ci: pause-image no sudo
 2024-05-29 11:48:41 -06:00
Zvonko Kaiser
7354c427f9 Merge pull request #9734 from zvonkok/virtiofsd-no-sudo 
ci: virtiofsd no sudo
 2024-05-29 19:31:25 +02:00
GabyCT
3c91aa0475 Merge pull request #9739 from zvonkok/initramfs-no-sudo 
ci: initramfs no sudo
 2024-05-29 11:28:59 -06:00
Hyounggyu Choi
40d2306f95 Merge pull request #9729 from zvonkok/agent-no-sudo-build 
ci: build agent without sudo
 2024-05-29 19:27:56 +02:00
GabyCT
03be220482 Merge pull request #9730 from zvonkok/kernel-no-sudo 
ci: kernel no sudo
 2024-05-29 10:23:31 -06:00
GabyCT
a32058913a Merge pull request #9679 from amshinde/kata-manager-install-cni 
kata-manager: Copy cni files under /opt/cni
 2024-05-29 10:20:34 -06:00
GabyCT
a5808a556d Merge pull request #9733 from zvonkok/tools-no-sudo 
ci: tools no sudo
 2024-05-29 10:19:17 -06:00
GabyCT
e94b09839d Merge pull request #9736 from zvonkok/qemu-no-sudo 
ci: qemu no sudo
 2024-05-29 10:18:34 -06:00
GabyCT
6d58fce4a9 Merge pull request #9677 from GabyCT/topic/memoryusags 
metrics: Improve variable definition in memory usage script
 2024-05-29 10:16:56 -06:00
Emanuel Lima
138d985c64 runtime-rs: Add RNG to QEMU cmdline 
It creates this line, as the Golang runtime does:
-object rng-random,id=rng0,filename=/dev/urandom -device virtio-rng-pci,rng=rng0

Signed-off-by: Emanuel Lima <emlima@redhat.com>
 2024-05-29 13:11:00 -03:00
Hyounggyu Choi
6ba2461404 Merge pull request #9728 from zvonkok/coco-guest-comp-no-sudo 
ci: guest-components without sudo
 2024-05-29 17:55:43 +02:00
Xuewei Niu
c297a7891c Merge pull request #9723 from zvonkok/hotunplug-fix 
vfio: Fix hot-unplug
 2024-05-29 22:02:05 +08:00
Zvonko Kaiser
25c784c568 ci: shim-v2 no sudo 
Build shim-v2 without sudo docker this is not needed. This is part 6 of N

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
 2024-05-29 09:24:54 +00:00
Zvonko Kaiser
84a9773cec ci: initramfs no sudo 
BUild initramfs  without sudo docker this is not needed. This is part 10 of N

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
 2024-05-29 09:20:39 +00:00
Zvonko Kaiser
7dc47c8150 ci: qemu no sudo 
Build qemu without sudo docker this is not needed. This is part 9 of N

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
 2024-05-28 16:12:06 +00:00
Zvonko Kaiser
4a455bf24a ci: virtiofsd no sudo 
build virtiofsd without sudo docker this is not needed. This is part 8 of N

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
 2024-05-28 14:19:58 +00:00
Wainer Moschetta
9896f69827 Merge pull request #9414 from ldoktor/ci-bisection 
ci.ocp: Document openshift pipeline and manual bisection
 2024-05-28 11:17:09 -03:00
Zvonko Kaiser
dd04d26cb0 ci: tools no sudo 
Build tools without sudo docker this is not needed. This is part 7 of N

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
 2024-05-28 13:57:20 +00:00
Zvonko Kaiser
6c9c0306ac ci: pause-image no sudo 
Build pause-image without sudo docker this is not needed. This is part 5 of N

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
 2024-05-28 11:31:59 +00:00
Hyounggyu Choi
e8c06301d7 Merge pull request #9727 from zvonkok/ovmf-no-sudo 
ci: ovmf without sudo
 2024-05-28 13:29:00 +02:00
Zvonko Kaiser
c95ae5a502 ci: kernel no sudo 
Build kernel without sudo docker this is not needed. This is part 4 of N

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
 2024-05-28 11:19:08 +00:00
Zvonko Kaiser
8fab5dd584 ci: build agent without sudo 
Build agent without sudo docker this is not needed. This is part 3 of N

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
 2024-05-28 09:55:32 +00:00
Zvonko Kaiser
1e4cbc4fcd ci: guest-components wihout sudo 
Build guest-components without sudo docker this is not needed. This is part 2 of N

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
 2024-05-28 09:03:14 +00:00
Zvonko Kaiser
b76938b922 ci: ovmf without sudo 
Build ovmf without sudo docker this is not needed. This is part 1 of N

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
 2024-05-28 08:25:27 +00:00
Zvonko Kaiser
c6c20ac253 docs: Format the threat-model to 80 chars 
Truncate long lines to reasonable 80 characters

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
 2024-05-28 07:39:26 +00:00
Zvonko Kaiser
d4832b3b74 vfio: Fix hotpunplug 
We need to remove the device from the tracking map, a container
restart will increment the bus index and we will get out of root-ports
and crash the machine.

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
 2024-05-28 07:37:30 +00:00
Zvonko Kaiser
a7931115a0 Merge pull request #8861 from zvonkok/config-pcie-root-switch-port 
gpu: reintroduce pcie_root_port and add pcie_switch_port
 2024-05-27 13:17:57 +02:00
Fabiano Fidêncio
3276bb52b6 Merge pull request #9721 from fidencio/topic/ci-kata-deploy-improvements-and-fixes 
kata-deploy / kata-cleanup / ci: Fixes and improvements to kata-deploy / kata-cleanup and its usage in the CI
 2024-05-27 12:29:40 +02:00