mirror of
https://github.com/linuxkit/linuxkit.git
synced 2025-12-24 11:03:31 +00:00
cacc2bbb8e
* simplify sharding in package tests for CI; increase to 12 shards Signed-off-by: Avi Deitcher <avi@deitcher.net> * for CI setup-go action, determine it based on go.mod file Signed-off-by: Avi Deitcher <avi@deitcher.net> --------- Signed-off-by: Avi Deitcher <avi@deitcher.net>
467 lines
13 KiB
YAML
467 lines
13 KiB
YAML
name: LinuxKit CI
|
|
on: [push, pull_request]
|
|
|
|
env:
|
|
TOTAL_SHARDS: 12 # change here once
|
|
|
|
jobs:
|
|
build:
|
|
name: Build & Test
|
|
strategy:
|
|
matrix:
|
|
target:
|
|
- os: linux
|
|
arch: amd64
|
|
suffix: amd64-linux
|
|
runner: ubuntu-latest
|
|
- os: linux
|
|
arch: arm64
|
|
suffix: arm64-linux
|
|
runner: ubuntu-latest
|
|
- os: linux
|
|
arch: s390x
|
|
suffix: s390x-linux
|
|
runner: ubuntu-latest
|
|
- os: darwin
|
|
arch: amd64
|
|
suffix: amd64-darwin
|
|
runner: macos-latest
|
|
- os: darwin
|
|
arch: arm64
|
|
suffix: arm64-darwin
|
|
runner: macos-latest
|
|
- os: windows
|
|
arch: amd64
|
|
suffix: amd64-windows.exe
|
|
runner: ubuntu-latest
|
|
|
|
runs-on: ${{ matrix.target.runner }}
|
|
steps:
|
|
|
|
- name: Check out code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Go based on go.mod
|
|
uses: actions/setup-go@v5
|
|
with:
|
|
go-version-file: 'src/cmd/linuxkit/go.mod'
|
|
id: go
|
|
|
|
- name: Set path
|
|
run: echo "$(go env GOPATH)/bin" >> $GITHUB_PATH
|
|
env:
|
|
GOPATH: ${{runner.workspace}}
|
|
|
|
- name: golangci-lint CLI
|
|
uses: golangci/golangci-lint-action@v7
|
|
with:
|
|
version: v2.0.2
|
|
working-directory: src/cmd/linuxkit
|
|
args: --verbose --timeout=10m
|
|
- name: go vet CLI
|
|
run: |
|
|
cd src/cmd/linuxkit && go vet ./...
|
|
- name: Build
|
|
run: |
|
|
make GOARCH=${{matrix.target.arch}} GOOS=${{matrix.target.os}} LOCAL_TARGET=$(pwd)/bin/linuxkit-${{matrix.target.suffix}} local-build
|
|
file bin/linuxkit-${{matrix.target.suffix}}
|
|
env:
|
|
GOPATH: ${{runner.workspace}}
|
|
|
|
- name: Checksum
|
|
run: |
|
|
cd bin
|
|
if command -v sha256sum > /dev/null; then sha256sum linuxkit-${{matrix.target.suffix}} > linuxkit-${{matrix.target.suffix}}.SHA256SUM
|
|
else openssl sha256 -r linuxkit-${{matrix.target.suffix}} | tr -d '*' > linuxkit-${{matrix.target.suffix}}.SHA256SUM
|
|
fi
|
|
cat linuxkit-${{matrix.target.suffix}}.SHA256SUM
|
|
|
|
- name: Test
|
|
run: make local-test
|
|
env:
|
|
GOPATH: ${{runner.workspace}}
|
|
|
|
- name: Upload binary
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: linuxkit-${{matrix.target.suffix}}
|
|
path: |
|
|
bin/linuxkit-${{matrix.target.suffix}}
|
|
bin/linuxkit-${{matrix.target.suffix}}.SHA256SUM
|
|
if-no-files-found: error
|
|
|
|
build_packages:
|
|
name: Build Packages
|
|
needs: build
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Check out code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up binfmt
|
|
# Only register arm64 as we are on amd64 already. s390x is not reliable
|
|
run: docker run --privileged --rm tonistiigi/binfmt --install arm64
|
|
|
|
- name: Download linuxkit
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: linuxkit-amd64-linux
|
|
path: bin
|
|
|
|
- name: Symlink Linuxkit
|
|
run: |
|
|
chmod ugo+x bin/linuxkit-amd64-linux
|
|
sudo ln -s $(pwd)/bin/linuxkit-amd64-linux /usr/local/bin/linuxkit
|
|
/usr/local/bin/linuxkit version
|
|
|
|
- name: Cache Packages
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: ~/.linuxkit/cache/
|
|
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
|
|
restore-keys: |
|
|
${{ runner.os }}-linuxkit-
|
|
|
|
- name: Build Packages
|
|
# Skip s390x as emulation is unreliable
|
|
run: |
|
|
make OPTIONS="-v 2 --skip-platforms linux/s390x" -C pkg build
|
|
|
|
- name: Build Test Packages
|
|
# ensures that the test packages are in linuxkit cache when we need them for tests later
|
|
# Skip s390x as emulation is unreliable
|
|
run: |
|
|
make OPTIONS="-v 2 --skip-platforms linux/s390x" -C test/pkg build
|
|
|
|
- name: Check Kernel Dependencies up to date
|
|
# checks that any kernel dependencies are up to date.
|
|
# if they are, then running `make update-kernel-yamls` will not change anything
|
|
run: |
|
|
echo "checking git diff before running make update-kernel-yamls"
|
|
git diff --exit-code
|
|
echo "running make update-kernel-yamls"
|
|
make -C kernel update-kernel-yamls
|
|
echo "checking git diff again after running make update-kernel-yamls; should be no changes"
|
|
git diff --exit-code
|
|
|
|
- name: Build Kernels
|
|
# ensures that the kernel packages are in linuxkit cache when we need them for tests later
|
|
# no need for excluding s390x, as each build.yml in the kernel explicitly lists archs
|
|
run: |
|
|
make OPTIONS="-v 2" -C kernel build
|
|
|
|
- name: list cache contents
|
|
run: |
|
|
linuxkit cache ls
|
|
|
|
gen_package_test_matrix:
|
|
name: Generate Package Test Matrix
|
|
needs: [ build_packages, build ]
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
shard_list: ${{ steps.mk.outputs.list }}
|
|
steps:
|
|
- name: Generate Test Matrix
|
|
id: mk
|
|
shell: bash
|
|
run: |
|
|
set -x
|
|
N="${{ env.TOTAL_SHARDS }}"
|
|
# Priority: repo var SHARDS → event-based default (PR=6, else 10)
|
|
if [ -n "${{ vars.SHARDS }}" ]; then
|
|
N="${{ vars.SHARDS }}"
|
|
fi
|
|
|
|
# Build JSON array ["1/N","2/N",...,"N/N"]
|
|
shards=""
|
|
for i in $(seq 1 "$N"); do
|
|
if [ -z "$shards" ]; then
|
|
shards="\"$i/$N\""
|
|
else
|
|
shards="$shards,\"$i/$N\""
|
|
fi
|
|
done
|
|
echo "list=[$shards]" >> "$GITHUB_OUTPUT"
|
|
|
|
test_packages:
|
|
name: Packages Tests
|
|
needs: [ build_packages, build, gen_package_test_matrix ]
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
matrix:
|
|
shard: ${{ fromJson(needs.gen_package_test_matrix.outputs.shard_list) }}
|
|
steps:
|
|
- name: Check out code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Install Pre-Requisites
|
|
run: |
|
|
export DEBIAN_FRONTEND=noninteractive
|
|
sudo apt-get update
|
|
sudo apt-get install -qy qemu-utils qemu-system-x86 expect
|
|
|
|
- name: Restore RTF From Cache
|
|
id: cache-rtf
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: bin
|
|
key: rtf-${{hashFiles('Makefile')}}
|
|
|
|
- name: Build RTF
|
|
if: steps.cache-rtf.outputs.cache-hit != 'true'
|
|
run: make bin/rtf
|
|
|
|
- name: Symlink RTF
|
|
run: |
|
|
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
|
|
|
|
- name: Download linuxkit
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: linuxkit-amd64-linux
|
|
path: bin
|
|
|
|
- name: Symlink Linuxkit
|
|
run: |
|
|
chmod ugo+x bin/linuxkit-amd64-linux
|
|
sudo ln -s $(pwd)/bin/linuxkit-amd64-linux /usr/local/bin/linuxkit
|
|
/usr/local/bin/linuxkit version
|
|
|
|
- name: Restore Package Cache
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: ~/.linuxkit/cache/
|
|
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
|
|
restore-keys: |
|
|
${{ runner.os }}-linuxkit-
|
|
- name: list cache contents
|
|
run: |
|
|
linuxkit cache ls
|
|
|
|
- name: Run Tests
|
|
run: make test TEST_SUITE=linuxkit.packages TEST_SHARD=${{ matrix.shard }}
|
|
|
|
test_kernel:
|
|
name: Kernel Tests
|
|
needs: [ build_packages, build ]
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Check out code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Install Pre-Requisites
|
|
run: |
|
|
export DEBIAN_FRONTEND=noninteractive
|
|
sudo apt-get update
|
|
sudo apt-get install -qy qemu-utils qemu-system-x86 expect
|
|
|
|
- name: Restore RTF From Cache
|
|
id: cache-rtf
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: bin
|
|
key: rtf-${{hashFiles('Makefile')}}
|
|
|
|
- name: Build RTF
|
|
if: steps.cache-rtf.outputs.cache-hit != 'true'
|
|
run: make bin/rtf
|
|
|
|
- name: Symlink RTF
|
|
run: |
|
|
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
|
|
|
|
- name: Download linuxkit
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: linuxkit-amd64-linux
|
|
path: bin
|
|
|
|
- name: Symlink Linuxkit
|
|
run: |
|
|
chmod ugo+x bin/linuxkit-amd64-linux
|
|
sudo ln -s $(pwd)/bin/linuxkit-amd64-linux /usr/local/bin/linuxkit
|
|
/usr/local/bin/linuxkit version
|
|
|
|
- name: Restore Package Cache
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: ~/.linuxkit/cache/
|
|
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
|
|
restore-keys: |
|
|
${{ runner.os }}-linuxkit-
|
|
|
|
- name: list cache contents
|
|
run: |
|
|
linuxkit cache ls
|
|
|
|
- name: Run Tests
|
|
run: make test TEST_SUITE=linuxkit.kernel
|
|
|
|
test_linuxkit:
|
|
name: LinuxKit Build Tests
|
|
needs: [ build_packages, build ]
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Check out code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Install Pre-Requisites
|
|
run: |
|
|
export DEBIAN_FRONTEND=noninteractive
|
|
sudo apt-get update
|
|
sudo apt-get install -qy qemu-utils qemu-system-x86 expect
|
|
|
|
- name: Restore RTF From Cache
|
|
id: cache-rtf
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: bin
|
|
key: rtf-${{hashFiles('Makefile')}}
|
|
|
|
- name: Restore Package Cache
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: ~/.linuxkit/cache/
|
|
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
|
|
restore-keys: |
|
|
${{ runner.os }}-linuxkit-
|
|
|
|
- name: Build RTF
|
|
if: steps.cache-rtf.outputs.cache-hit != 'true'
|
|
run: make bin/rtf
|
|
|
|
- name: Symlink RTF
|
|
run: |
|
|
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
|
|
|
|
- name: Download linuxkit
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: linuxkit-amd64-linux
|
|
path: bin
|
|
|
|
- name: Symlink Linuxkit
|
|
run: |
|
|
chmod ugo+x bin/linuxkit-amd64-linux
|
|
sudo ln -s $(pwd)/bin/linuxkit-amd64-linux /usr/local/bin/linuxkit
|
|
/usr/local/bin/linuxkit version
|
|
|
|
- name: list cache contents
|
|
run: |
|
|
linuxkit cache ls
|
|
|
|
- name: Run Tests
|
|
run: make test TEST_SUITE=linuxkit.build
|
|
|
|
test_platforms:
|
|
name: Platform Tests
|
|
needs: [ build_packages, build ]
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Check out code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Install Pre-Requisites
|
|
run: |
|
|
export DEBIAN_FRONTEND=noninteractive
|
|
sudo apt-get update
|
|
sudo apt-get install -qy qemu-utils qemu-system-x86 expect
|
|
|
|
- name: Restore RTF From Cache
|
|
id: cache-rtf
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: bin
|
|
key: rtf-${{hashFiles('Makefile')}}
|
|
|
|
- name: Build RTF
|
|
if: steps.cache-rtf.outputs.cache-hit != 'true'
|
|
run: make bin/rtf
|
|
|
|
- name: Symlink RTF
|
|
run: |
|
|
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
|
|
|
|
- name: Download linuxkit
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: linuxkit-amd64-linux
|
|
path: bin
|
|
|
|
- name: Symlink Linuxkit
|
|
run: |
|
|
chmod ugo+x bin/linuxkit-amd64-linux
|
|
sudo ln -s $(pwd)/bin/linuxkit-amd64-linux /usr/local/bin/linuxkit
|
|
/usr/local/bin/linuxkit version
|
|
|
|
- name: Restore Package Cache
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: ~/.linuxkit/cache/
|
|
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
|
|
restore-keys: |
|
|
${{ runner.os }}-linuxkit-
|
|
|
|
- name: list cache contents
|
|
run: |
|
|
linuxkit cache ls
|
|
|
|
- name: Run Tests
|
|
run: make test TEST_SUITE=linuxkit.platforms
|
|
|
|
test_security:
|
|
name: Security Tests
|
|
needs: [ build_packages, build ]
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Check out code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Install Pre-Requisites
|
|
run: |
|
|
export DEBIAN_FRONTEND=noninteractive
|
|
sudo apt-get update
|
|
sudo apt-get install -qy qemu-utils qemu-system-x86 expect
|
|
|
|
- name: Restore RTF From Cache
|
|
id: cache-rtf
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: bin
|
|
key: rtf-${{hashFiles('Makefile')}}
|
|
|
|
- name: Build RTF
|
|
if: steps.cache-rtf.outputs.cache-hit != 'true'
|
|
run: make bin/rtf
|
|
|
|
- name: Symlink RTF
|
|
run: |
|
|
sudo ln -s $(pwd)/bin/rtf /usr/local/bin/rtf
|
|
|
|
- name: Download linuxkit
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: linuxkit-amd64-linux
|
|
path: bin
|
|
|
|
- name: Symlink Linuxkit
|
|
run: |
|
|
chmod ugo+x bin/linuxkit-amd64-linux
|
|
sudo ln -s $(pwd)/bin/linuxkit-amd64-linux /usr/local/bin/linuxkit
|
|
/usr/local/bin/linuxkit version
|
|
|
|
- name: Restore Package Cache
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: ~/.linuxkit/cache/
|
|
key: ${{ runner.os }}-linuxkit-${{ github.sha }}
|
|
restore-keys: |
|
|
${{ runner.os }}-linuxkit-
|
|
|
|
- name: list cache contents
|
|
run: |
|
|
linuxkit cache ls
|
|
|
|
- name: Run Tests
|
|
run: make test TEST_SUITE=linuxkit.security
|