Merge pull request #3442 from dave-tucker/actions

Add GitHub Actions

.github/workflows/ci.yml

@@ -0,0 +1,322 @@
+name: LinuxKit CI
+on: [push, pull_request]
+
+jobs:
+  build:
+    name: Build & Test
+    strategy:
+      matrix:
+        arch:
+          - amd64-linux
+          - arm64-linux
+          - s390x-linux
+          - amd64-darwin
+          - amd64-windows.exe
+
+    runs-on: ubuntu-latest
+    steps:
+
+    - name: Set up Go 1.11
+      uses: actions/setup-go@v1
+      with:
+        go-version: 1.11
+      id: go
+
+    - name: Check out code
+      uses: actions/checkout@v1
+      with:
+        path: ./src/github.com/linuxkit/linuxkit
+
+    - name: Get pre-requisites
+      run: |
+            echo "::set-env name=PATH::$PATH:$(go env GOPATH)/bin"
+            go get -u golang.org/x/lint/golint
+            go get -u github.com/gordonklaus/ineffassign
+      env:
+        GOPATH: ${{runner.workspace}}
+
+    - name: Lint
+      run: |
+        make local-check
+      env:
+        GOPATH: ${{runner.workspace}}
+
+    - name: Build
+      run: |
+        make LOCAL_TARGET=bin/linuxkit-${{matrix.arch}} local-build
+      env:
+        GOPATH: ${{runner.workspace}}
+
+    - name: Checksum
+      run: cd bin && sha256sum linuxkit-${{matrix.arch}} > linuxkit-${{matrix.arch}}.SHA256SUM
+
+    - name: Test
+      run: make local-test
+      env:
+        GOPATH: ${{runner.workspace}}
+
+    - name: Cache binary
+      uses: actions/cache@v1
+      with:
+        path: bin
+        key: linuxkit-${{matrix.arch}}-${{hashFiles('src/**')}}
+
+    - name: Upload binary
+      uses: actions/upload-artifact@v1.0.0
+      with:
+        name: linuxkit-${{matrix.arch}}
+        path: bin
+
+  build_packages:
+    name: Build Packages
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v1
+      with:
+        path: ./src/github.com/linuxkit/linuxkit
+
+    - name: Restore LinuxKit From Cache
+      uses: actions/cache@v1
+      with:
+        path: lkt
+        key: linuxkit-amd64-linux-${{hashFiles('src/**')}}
+
+    - name: Symlink Linuxkit
+      run: |
+        sudo ln -s `pwd`/lkt/linuxkit-amd64-linux /bin/linuxkit
+
+    - name: Build Packages
+      run: |
+        make -C pkg build
+
+  test_packages:
+    name: Packages Tests
+    needs: [ build_packages, build ]
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v1
+      with:
+        path: ./src/github.com/linuxkit/linuxkit
+    
+    - name: Install Pre-Requisites
+      run: |
+        export DEBIAN_FRONTEND=noninteractive
+        sudo apt-get update 
+        sudo apt-get install -qy qemu-utils qemu-system-x86 expect
+    
+    - name: Restore RTF From Cache
+      id: cache-rtf
+      uses: actions/cache@v1
+      with:
+        path: bin
+        key: rtf-${{hashFiles('Makefile')}}
+    
+    - name: Build RTF
+      if: steps.cache-rtf.outputs.cache-hit != 'true' 
+      run: make bin/rtf
+    
+    - name: Symlink RTF
+      run: |
+        sudo ln -s `pwd`/bin/rtf /usr/local/bin/rtf
+
+    - name: Restore LinuxKit From Cache
+      uses: actions/cache@v1
+      with:
+        path: lkt
+        key: linuxkit-amd64-linux-${{hashFiles('src/**')}}
+  
+    - name: Symlink Linuxkit
+      run: |
+        sudo ln -s `pwd`/lkt/linuxkit-amd64-linux /bin/linuxkit
+
+    - name: Run Tests
+      run: |
+          cd test
+          rtf -l build -v run -x linuxkit.packages
+
+  test_kernel:
+    name: Kernel Tests
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v1
+      with:
+        path: ./src/github.com/linuxkit/linuxkit
+   
+    - name: Install Pre-Requisites
+      run: |
+        export DEBIAN_FRONTEND=noninteractive
+        sudo apt-get update 
+        sudo apt-get install -qy qemu-utils qemu-system-x86 expect
+
+    - name: Restore RTF From Cache
+      id: cache-rtf
+      uses: actions/cache@v1
+      with:
+        path: bin
+        key: rtf-${{hashFiles('Makefile')}}
+    
+    - name: Build RTF
+      if: steps.cache-rtf.outputs.cache-hit != 'true' 
+      run: make bin/rtf
+    
+    - name: Symlink RTF
+      run: |
+        sudo ln -s `pwd`/bin/rtf /usr/local/bin/rtf
+
+    - name: Restore LinuxKit From Cache
+      uses: actions/cache@v1
+      with:
+        path: lkt
+        key: linuxkit-amd64-linux-${{hashFiles('src/**')}}
+
+    - name: Symlink Linuxkit
+      run: |
+        sudo ln -s `pwd`/lkt/linuxkit-amd64-linux /bin/linuxkit
+
+    - name: Run Tests
+      run: |
+          cd test
+          rtf -l build -v run -x linuxkit.kernel
+
+  test_linuxkit:
+    name: LinuxKit Build Tests
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v1
+      with:
+        path: ./src/github.com/linuxkit/linuxkit
+    
+    - name: Install Pre-Requisites
+      run: |
+        export DEBIAN_FRONTEND=noninteractive
+        sudo apt-get update 
+        sudo apt-get install -qy qemu-utils qemu-system-x86 expect    
+    
+    - name: Restore RTF From Cache
+      id: cache-rtf
+      uses: actions/cache@v1
+      with:
+        path: bin
+        key: rtf-${{hashFiles('Makefile')}}
+    
+    - name: Build RTF
+      if: steps.cache-rtf.outputs.cache-hit != 'true' 
+      run: make bin/rtf
+    
+    - name: Symlink RTF
+      run: |
+        sudo ln -s `pwd`/bin/rtf /usr/local/bin/rtf
+  
+    - name: Restore LinuxKit From Cache
+      uses: actions/cache@v1
+      with:
+        path: lkt
+        key: linuxkit-amd64-linux-${{hashFiles('src/**')}}
+    
+    - name: Symlink Linuxkit
+      run: |
+        sudo ln -s `pwd`/lkt/linuxkit-amd64-linux /bin/linuxkit
+
+    - name: Run Tests
+      run: |
+          cd test
+          rtf -l build -v run -x linuxkit.build
+
+  test_platforms:
+    name: Platform Tests
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v1
+      with:
+        path: ./src/github.com/linuxkit/linuxkit
+
+    - name: Install Pre-Requisites
+      run: |
+        export DEBIAN_FRONTEND=noninteractive
+        sudo apt-get update 
+        sudo apt-get install -qy qemu-utils qemu-system-x86 expect
+   
+    - name: Restore RTF From Cache
+      id: cache-rtf
+      uses: actions/cache@v1
+      with:
+        path: bin
+        key: rtf-${{hashFiles('Makefile')}}
+    
+    - name: Build RTF
+      if: steps.cache-rtf.outputs.cache-hit != 'true' 
+      run: make bin/rtf
+    
+    - name: Symlink RTF
+      run: |
+        sudo ln -s `pwd`/bin/rtf /usr/local/bin/rtf
+    
+    - name: Restore LinuxKit From Cache
+      uses: actions/cache@v1
+      with:
+        path: lkt
+        key: linuxkit-amd64-linux-${{hashFiles('src/**')}}
+    
+    - name: Symlink Linuxkit
+      run: |
+        sudo ln -s `pwd`/lkt/linuxkit-amd64-linux /bin/linuxkit
+
+    - name: Run Tests
+      run: |
+          cd test
+          rtf -l build -v run -x linuxkit.platforms
+
+  test_security:
+    name: Security Tests
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v1
+      with:
+        path: ./src/github.com/linuxkit/linuxkit
+    
+    - name: Install Pre-Requisites
+      run: |
+        export DEBIAN_FRONTEND=noninteractive
+        sudo apt-get update 
+        sudo apt-get install -qy qemu-utils qemu-system-x86 expect
+
+    - name: Restore RTF From Cache
+      id: cache-rtf
+      uses: actions/cache@v1
+      with:
+        path: bin
+        key: rtf-${{hashFiles('Makefile')}}
+    
+    - name: Build RTF
+      if: steps.cache-rtf.outputs.cache-hit != 'true' 
+      run: make bin/rtf
+    
+    - name: Symlink RTF
+      run: |
+        sudo ln -s `pwd`/bin/rtf /usr/local/bin/rtf
+
+    - name: Restore LinuxKit From Cache
+      uses: actions/cache@v1
+      with:
+        path: lkt
+        key: linuxkit-amd64-linux-${{hashFiles('src/**')}}
+    
+    - name: Symlink Linuxkit
+      run: |
+        sudo ln -s `pwd`/lkt/linuxkit-amd64-linux /bin/linuxkit
+
+    - name: Run Tests
+      run: |
+          cd test
+          rtf -l build -v run -x linuxkit.security

test/cases/010_platforms/110_gcp/000_run/test.sh

@@ -0,0 +1,40 @@
+#!/bin/sh
+# SUMMARY: Check that gcp image boots in gcp
+# LABELS: skip
+
+set -e
+
+# Source libraries. Uncomment if needed/defined
+#. "${RT_LIB}"
+. "${RT_PROJECT_ROOT}/_lib/lib.sh"
+
+NAME=gcp-$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 8 | head -n 1)
+export CLOUDSDK_CORE_PROJECT="moby-datakit-ci"
+export CLOUDSDK_COMPUTE_ZONE="europe-west1-d"
+export CLOUDSDK_IMAGE_BUCKET="linuxkit-gcp-test-bucket"
+
+clean_up() {
+	rm -rf ${NAME}*
+    docker run -i --rm \
+        -e CLOUDSDK_CORE_PROJECT \
+        -v `pwd`/certs:/certs \
+        google/cloud-sdk \
+        sh -c "gcloud auth activate-service-account --key-file /certs/svc_account.json; \
+        gsutil rm gs://${CLOUDSDK_IMAGE_BUCKET}/${NAME}.img.tar.gz" || true
+    rm -rf certs
+}
+trap clean_up EXIT
+
+[ -n "$GCLOUD_CREDENTIALS" ] || exit 1
+mkdir -p certs
+printf '%s' "$GCLOUD_CREDENTIALS" > certs/svc_account.json
+
+linuxkit build -format gcp -name "${NAME}" test.yml
+[ -f "${NAME}.img.tar.gz" ] || exit 1
+linuxkit push gcp -keys certs/svc_account.json -bucket linuxkit-gcp-test-bucket ${NAME}.img.tar.gz
+# tee output of lk run to file as grep hides failures and doesn't 
+# always allow the vm to be cleaned up
+linuxkit run gcp -keys certs/svc_account.json ${NAME} | tee ${NAME}.log
+grep -q "Welcome to LinuxKit" ${NAME}.log
+
+exit 0

test/cases/010_platforms/110_gcp/000_run/test.yml

@@ -0,0 +1,13 @@
+kernel:
+  image: linuxkit/kernel:4.19.76
+  cmdline: "console=ttyS0"
+init:
+  - linuxkit/init:1d8e0532ca588c5ad0d9ca6038349a70bb7ac626
+  - linuxkit/runc:c1f0db27e71d948f3134b31ce76276f843849b0a
+onboot:
+  - name: poweroff
+    image: linuxkit/poweroff:b498d30dd9660090565537fceb9e757618737a85
+    command: ["/bin/sh", "/poweroff.sh", "10"]
+trust:
+  org:
+    - linuxkit