diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 000000000..906f74913 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,322 @@ +name: LinuxKit CI +on: [push, pull_request] + +jobs: + build: + name: Build & Test + strategy: + matrix: + arch: + - amd64-linux + - arm64-linux + - s390x-linux + - amd64-darwin + - amd64-windows.exe + + runs-on: ubuntu-latest + steps: + + - name: Set up Go 1.11 + uses: actions/setup-go@v1 + with: + go-version: 1.11 + id: go + + - name: Check out code + uses: actions/checkout@v1 + with: + path: ./src/github.com/linuxkit/linuxkit + + - name: Get pre-requisites + run: | + echo "::set-env name=PATH::$PATH:$(go env GOPATH)/bin" + go get -u golang.org/x/lint/golint + go get -u github.com/gordonklaus/ineffassign + env: + GOPATH: ${{runner.workspace}} + + - name: Lint + run: | + make local-check + env: + GOPATH: ${{runner.workspace}} + + - name: Build + run: | + make LOCAL_TARGET=bin/linuxkit-${{matrix.arch}} local-build + env: + GOPATH: ${{runner.workspace}} + + - name: Checksum + run: cd bin && sha256sum linuxkit-${{matrix.arch}} > linuxkit-${{matrix.arch}}.SHA256SUM + + - name: Test + run: make local-test + env: + GOPATH: ${{runner.workspace}} + + - name: Cache binary + uses: actions/cache@v1 + with: + path: bin + key: linuxkit-${{matrix.arch}}-${{hashFiles('src/**')}} + + - name: Upload binary + uses: actions/upload-artifact@v1.0.0 + with: + name: linuxkit-${{matrix.arch}} + path: bin + + build_packages: + name: Build Packages + needs: build + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v1 + with: + path: ./src/github.com/linuxkit/linuxkit + + - name: Restore LinuxKit From Cache + uses: actions/cache@v1 + with: + path: lkt + key: linuxkit-amd64-linux-${{hashFiles('src/**')}} + + - name: Symlink Linuxkit + run: | + sudo ln -s `pwd`/lkt/linuxkit-amd64-linux /bin/linuxkit + + - name: Build Packages + run: | + make -C pkg build + + test_packages: + name: Packages Tests + needs: [ build_packages, build ] + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v1 + with: + path: ./src/github.com/linuxkit/linuxkit + + - name: Install Pre-Requisites + run: | + export DEBIAN_FRONTEND=noninteractive + sudo apt-get update + sudo apt-get install -qy qemu-utils qemu-system-x86 expect + + - name: Restore RTF From Cache + id: cache-rtf + uses: actions/cache@v1 + with: + path: bin + key: rtf-${{hashFiles('Makefile')}} + + - name: Build RTF + if: steps.cache-rtf.outputs.cache-hit != 'true' + run: make bin/rtf + + - name: Symlink RTF + run: | + sudo ln -s `pwd`/bin/rtf /usr/local/bin/rtf + + - name: Restore LinuxKit From Cache + uses: actions/cache@v1 + with: + path: lkt + key: linuxkit-amd64-linux-${{hashFiles('src/**')}} + + - name: Symlink Linuxkit + run: | + sudo ln -s `pwd`/lkt/linuxkit-amd64-linux /bin/linuxkit + + - name: Run Tests + run: | + cd test + rtf -l build -v run -x linuxkit.packages + + test_kernel: + name: Kernel Tests + needs: build + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v1 + with: + path: ./src/github.com/linuxkit/linuxkit + + - name: Install Pre-Requisites + run: | + export DEBIAN_FRONTEND=noninteractive + sudo apt-get update + sudo apt-get install -qy qemu-utils qemu-system-x86 expect + + - name: Restore RTF From Cache + id: cache-rtf + uses: actions/cache@v1 + with: + path: bin + key: rtf-${{hashFiles('Makefile')}} + + - name: Build RTF + if: steps.cache-rtf.outputs.cache-hit != 'true' + run: make bin/rtf + + - name: Symlink RTF + run: | + sudo ln -s `pwd`/bin/rtf /usr/local/bin/rtf + + - name: Restore LinuxKit From Cache + uses: actions/cache@v1 + with: + path: lkt + key: linuxkit-amd64-linux-${{hashFiles('src/**')}} + + - name: Symlink Linuxkit + run: | + sudo ln -s `pwd`/lkt/linuxkit-amd64-linux /bin/linuxkit + + - name: Run Tests + run: | + cd test + rtf -l build -v run -x linuxkit.kernel + + test_linuxkit: + name: LinuxKit Build Tests + needs: build + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v1 + with: + path: ./src/github.com/linuxkit/linuxkit + + - name: Install Pre-Requisites + run: | + export DEBIAN_FRONTEND=noninteractive + sudo apt-get update + sudo apt-get install -qy qemu-utils qemu-system-x86 expect + + - name: Restore RTF From Cache + id: cache-rtf + uses: actions/cache@v1 + with: + path: bin + key: rtf-${{hashFiles('Makefile')}} + + - name: Build RTF + if: steps.cache-rtf.outputs.cache-hit != 'true' + run: make bin/rtf + + - name: Symlink RTF + run: | + sudo ln -s `pwd`/bin/rtf /usr/local/bin/rtf + + - name: Restore LinuxKit From Cache + uses: actions/cache@v1 + with: + path: lkt + key: linuxkit-amd64-linux-${{hashFiles('src/**')}} + + - name: Symlink Linuxkit + run: | + sudo ln -s `pwd`/lkt/linuxkit-amd64-linux /bin/linuxkit + + - name: Run Tests + run: | + cd test + rtf -l build -v run -x linuxkit.build + + test_platforms: + name: Platform Tests + needs: build + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v1 + with: + path: ./src/github.com/linuxkit/linuxkit + + - name: Install Pre-Requisites + run: | + export DEBIAN_FRONTEND=noninteractive + sudo apt-get update + sudo apt-get install -qy qemu-utils qemu-system-x86 expect + + - name: Restore RTF From Cache + id: cache-rtf + uses: actions/cache@v1 + with: + path: bin + key: rtf-${{hashFiles('Makefile')}} + + - name: Build RTF + if: steps.cache-rtf.outputs.cache-hit != 'true' + run: make bin/rtf + + - name: Symlink RTF + run: | + sudo ln -s `pwd`/bin/rtf /usr/local/bin/rtf + + - name: Restore LinuxKit From Cache + uses: actions/cache@v1 + with: + path: lkt + key: linuxkit-amd64-linux-${{hashFiles('src/**')}} + + - name: Symlink Linuxkit + run: | + sudo ln -s `pwd`/lkt/linuxkit-amd64-linux /bin/linuxkit + + - name: Run Tests + run: | + cd test + rtf -l build -v run -x linuxkit.platforms + + test_security: + name: Security Tests + needs: build + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v1 + with: + path: ./src/github.com/linuxkit/linuxkit + + - name: Install Pre-Requisites + run: | + export DEBIAN_FRONTEND=noninteractive + sudo apt-get update + sudo apt-get install -qy qemu-utils qemu-system-x86 expect + + - name: Restore RTF From Cache + id: cache-rtf + uses: actions/cache@v1 + with: + path: bin + key: rtf-${{hashFiles('Makefile')}} + + - name: Build RTF + if: steps.cache-rtf.outputs.cache-hit != 'true' + run: make bin/rtf + + - name: Symlink RTF + run: | + sudo ln -s `pwd`/bin/rtf /usr/local/bin/rtf + + - name: Restore LinuxKit From Cache + uses: actions/cache@v1 + with: + path: lkt + key: linuxkit-amd64-linux-${{hashFiles('src/**')}} + + - name: Symlink Linuxkit + run: | + sudo ln -s `pwd`/lkt/linuxkit-amd64-linux /bin/linuxkit + + - name: Run Tests + run: | + cd test + rtf -l build -v run -x linuxkit.security \ No newline at end of file diff --git a/test/cases/010_platforms/110_gcp/000_run/test.sh b/test/cases/010_platforms/110_gcp/000_run/test.sh new file mode 100644 index 000000000..8a16bbcc4 --- /dev/null +++ b/test/cases/010_platforms/110_gcp/000_run/test.sh @@ -0,0 +1,40 @@ +#!/bin/sh +# SUMMARY: Check that gcp image boots in gcp +# LABELS: skip + +set -e + +# Source libraries. Uncomment if needed/defined +#. "${RT_LIB}" +. "${RT_PROJECT_ROOT}/_lib/lib.sh" + +NAME=gcp-$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 8 | head -n 1) +export CLOUDSDK_CORE_PROJECT="moby-datakit-ci" +export CLOUDSDK_COMPUTE_ZONE="europe-west1-d" +export CLOUDSDK_IMAGE_BUCKET="linuxkit-gcp-test-bucket" + +clean_up() { + rm -rf ${NAME}* + docker run -i --rm \ + -e CLOUDSDK_CORE_PROJECT \ + -v `pwd`/certs:/certs \ + google/cloud-sdk \ + sh -c "gcloud auth activate-service-account --key-file /certs/svc_account.json; \ + gsutil rm gs://${CLOUDSDK_IMAGE_BUCKET}/${NAME}.img.tar.gz" || true + rm -rf certs +} +trap clean_up EXIT + +[ -n "$GCLOUD_CREDENTIALS" ] || exit 1 +mkdir -p certs +printf '%s' "$GCLOUD_CREDENTIALS" > certs/svc_account.json + +linuxkit build -format gcp -name "${NAME}" test.yml +[ -f "${NAME}.img.tar.gz" ] || exit 1 +linuxkit push gcp -keys certs/svc_account.json -bucket linuxkit-gcp-test-bucket ${NAME}.img.tar.gz +# tee output of lk run to file as grep hides failures and doesn't +# always allow the vm to be cleaned up +linuxkit run gcp -keys certs/svc_account.json ${NAME} | tee ${NAME}.log +grep -q "Welcome to LinuxKit" ${NAME}.log + +exit 0 \ No newline at end of file diff --git a/test/cases/010_platforms/110_gcp/000_run/test.yml b/test/cases/010_platforms/110_gcp/000_run/test.yml new file mode 100644 index 000000000..741c0f220 --- /dev/null +++ b/test/cases/010_platforms/110_gcp/000_run/test.yml @@ -0,0 +1,13 @@ +kernel: + image: linuxkit/kernel:4.19.76 + cmdline: "console=ttyS0" +init: + - linuxkit/init:1d8e0532ca588c5ad0d9ca6038349a70bb7ac626 + - linuxkit/runc:c1f0db27e71d948f3134b31ce76276f843849b0a +onboot: + - name: poweroff + image: linuxkit/poweroff:b498d30dd9660090565537fceb9e757618737a85 + command: ["/bin/sh", "/poweroff.sh", "10"] +trust: + org: + - linuxkit