github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2026-05-17 04:52:23 +00:00
Code Issues Projects Releases Wiki Activity
Files
topic/fix-sb-api
kata-containers/tests/hypervisor_helpers.sh
Fabiano Fidêncio 19c194aa94 ci: Add runtime-rs GPU shims to NVIDIA GPU CI workflow 
Add qemu-nvidia-gpu-runtime-rs and qemu-nvidia-gpu-snp-runtime-rs to
the NVIDIA GPU test matrix so CI covers the new runtime-rs shims.

Introduce a `coco` boolean field in each matrix entry and use it for
all CoCo-related conditionals (KBS, snapshotter, KBS deploy/cleanup
steps). This replaces fragile name-string comparisons that were already
broken for the runtime-rs variants: `nvidia-gpu (runtime-rs)` was
incorrectly getting KBS steps, and `nvidia-gpu-snp (runtime-rs)` was
not getting the right env vars.

Signed-off-by: Fabiano Fidêncio <ffidencio@nvidia.com>
Signed-off-by: Alex Lyn <alex.lyn@antgroup.com>
2026-05-07 10:33:26 +02:00

98 lines
3.3 KiB
Bash
Raw Permalink Blame History

#!/usr/bin/env bash
# Copyright 2026 IBM Corporation
#
# SPDX-License-Identifier: Apache-2.0
#
SNP_HYPERVISORS=("qemu-snp" "qemu-snp-runtime-rs")
TDX_HYPERVISORS=("qemu-tdx" "qemu-tdx-runtime-rs")
SE_HYPERVISORS=("qemu-se" "qemu-se-runtime-rs")
CCA_HYPERVISORS=("qemu-cca")
GPU_TEE_HYPERVISORS=("qemu-nvidia-gpu-snp" "qemu-nvidia-gpu-tdx" "qemu-nvidia-gpu-snp-runtime-rs" "qemu-nvidia-gpu-tdx-runtime-rs")
TEE_HYPERVISORS=("${SNP_HYPERVISORS[@]}" "${TDX_HYPERVISORS[@]}" "${SE_HYPERVISORS[@]}" "${CCA_HYPERVISORS[@]}" "${GPU_TEE_HYPERVISORS[@]}")
NON_TEE_HYPERVISORS=("qemu-coco-dev" "qemu-coco-dev-runtime-rs")
FIRECRACKER_HYPERVISORS=("firecracker" "fc")
function is_snp_hypervisor() {
local hypervisor="${1:-${KATA_HYPERVISOR}}"
# shellcheck disable=SC2076 # intentionally use literal string matching
[[ " ${SNP_HYPERVISORS[*]} " =~ " ${hypervisor} " ]] && return 0
return 1
}
function is_tdx_hypervisor() {
local hypervisor="${1:-${KATA_HYPERVISOR}}"
# shellcheck disable=SC2076 # intentionally use literal string matching
[[ " ${TDX_HYPERVISORS[*]} " =~ " ${hypervisor} " ]] && return 0
return 1
}
function is_se_hypervisor() {
local hypervisor="${1:-${KATA_HYPERVISOR}}"
# shellcheck disable=SC2076 # intentionally use literal string matching
[[ " ${SE_HYPERVISORS[*]} " =~ " ${hypervisor} " ]] && return 0
return 1
}
function is_cca_hypervisor() {
local hypervisor="${1:-${KATA_HYPERVISOR}}"
# shellcheck disable=SC2076 # intentionally use literal string matching
[[ " ${CCA_HYPERVISORS[*]} " =~ " ${hypervisor} " ]] && return 0
return 1
}
function is_non_tee_hypervisor() {
local hypervisor="${1:-${KATA_HYPERVISOR}}"
# shellcheck disable=SC2076 # intentionally use literal string matching
[[ " ${NON_TEE_HYPERVISORS[*]} " =~ " ${hypervisor} " ]] && return 0
return 1
}
function is_confidential_gpu_hypervisor() {
local hypervisor="${1:-${KATA_HYPERVISOR}}"
# shellcheck disable=SC2076 # intentionally use literal string matching
[[ " ${GPU_TEE_HYPERVISORS[*]} " =~ " ${hypervisor} " ]] && return 0
return 1
}
function is_firecracker_hypervisor() {
local hypervisor="${1:-${KATA_HYPERVISOR}}"
# shellcheck disable=SC2076 # intentionally use literal string matching
[[ " ${FIRECRACKER_HYPERVISORS[*]} " =~ " ${hypervisor} " ]] && return 0
return 1
}
# Common check for confidential hardware (TEE) runtime class.
function is_confidential_hardware() {
local hypervisor="${1:-${KATA_HYPERVISOR}}"
# This check must be done with "<SPACE>${KATA_HYPERVISOR}<SPACE>" to avoid
# having substrings, like qemu, being matched with qemu-$something.
# shellcheck disable=SC2076 # intentionally use literal string matching
if [[ " ${TEE_HYPERVISORS[*]} " =~ " ${hypervisor} " ]]; then
return 0
fi
return 1
}
# Common check for confidential runtime class.
function is_confidential_runtime_class() {
local hypervisor="${1:-${KATA_HYPERVISOR}}"
if is_confidential_hardware "${hypervisor}" || is_non_tee_hypervisor "${hypervisor}"; then
return 0
else
return 1
fi
}
is_hotplug_supported() {
local hypervisor="${1:-${KATA_HYPERVISOR}}"
if is_confidential_runtime_class "${hypervisor}"; then
echo "Confidential computing hypervisors don't support hotplug" >&2
return 1
elif is_firecracker_hypervisor "${hypervisor}"; then
echo "FC doesn't support hotplug" >&2
return 1
fi
return 0
}
Reference in New Issue View Git Blame Copy Permalink