[WORK IN PROGRESS] CI #9159
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: test | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - 'release/**' | |
| pull_request: | |
| env: | |
| GO_VERSION: 1.22.x | |
| jobs: | |
| project: | |
| name: Project Checks | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 20 | |
| steps: | |
| - uses: actions/checkout@v4.1.6 | |
| with: | |
| path: src/github.com/containerd/nerdctl | |
| fetch-depth: 100 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| cache-dependency-path: src/github.com/containerd/nerdctl | |
| - uses: containerd/project-checks@v1.1.0 | |
| with: | |
| working-directory: src/github.com/containerd/nerdctl | |
| repo-access-token: ${{ secrets.GITHUB_TOKEN }} | |
| - run: ./hack/verify-no-patent.sh | |
| working-directory: src/github.com/containerd/nerdctl | |
| - run: ./hack/verify-pkg-isolation.sh | |
| working-directory: src/github.com/containerd/nerdctl | |
| lint: | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 20 | |
| steps: | |
| - uses: actions/checkout@v4.1.6 | |
| with: | |
| fetch-depth: 1 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| check-latest: true | |
| cache: true | |
| - name: golangci-lint | |
| uses: golangci/golangci-lint-action@v6.0.1 | |
| with: | |
| version: v1.55.2 | |
| args: --verbose | |
| - name: yamllint-lint | |
| run: yamllint . | |
| test-unit: | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 20 | |
| steps: | |
| - uses: actions/checkout@v4.1.6 | |
| with: | |
| fetch-depth: 1 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| check-latest: true | |
| cache: true | |
| - name: "Run unit tests" | |
| run: go test -v ./pkg/... | |
| test-integration: | |
| runs-on: "ubuntu-${{ matrix.ubuntu }}" | |
| timeout-minutes: 40 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| # ubuntu-20.04: cgroup v1, ubuntu-22.04: cgroup v2 | |
| include: | |
| - ubuntu: 20.04 | |
| containerd: v1.6.31 | |
| - ubuntu: 20.04 | |
| containerd: v1.7.16 | |
| - ubuntu: 22.04 | |
| containerd: v1.7.16 | |
| - ubuntu: 22.04 | |
| containerd: main | |
| env: | |
| UBUNTU_VERSION: "${{ matrix.ubuntu }}" | |
| CONTAINERD_VERSION: "${{ matrix.containerd }}" | |
| steps: | |
| - uses: actions/checkout@v4.1.6 | |
| with: | |
| fetch-depth: 1 | |
| - name: "Cache for Docker Hub images proxy and buildkit" | |
| id: registry-cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| "${{ env.GITHUB_WORKSPACE }}/registry-proxy-cache" | |
| /var/lib/docker/buildkit | |
| key: "${{ env.UBUNTU_VERSION }}-${{ env.CONTAINERD_VERSION }}" | |
| - name: "Configure and start proxy cache" | |
| run: | | |
| # Configure docker to use the proxy cache | |
| mkdir -p ~/.config/docker | |
| cp .github/config/daemon.json ~/.config/docker/ | |
| sudo cp .github/config/daemon.json /etc/docker/ | |
| # Configure containerd to use the proxy cache | |
| sudo mkdir -p /etc/containerd/certs.d/docker.io | |
| sudo cp .github/config/hosts.toml /etc/containerd/certs.d/docker.io/ | |
| # Restart services | |
| sudo systemctl restart docker | |
| sudo systemctl restart containerd | |
| # Start the proxy cache (FIXME: workaround github secret protection - should be a secret - though it does not matter, it is a readonly token on a test account) | |
| docker run -d --net bridge --restart always --name registry-proxy-cache \ | |
| -e REGISTRY_PROXY_REMOTEURL=https://registry-1.docker.io \ | |
| -e REGISTRY_PROXY_USERNAME=dubogus \ | |
| -e REGISTRY_PROXY_PASSWORD="$(echo ZGNrcl9wYXRfUk8zdzV6UFdhWDdVWk1yRFh2NDRRYjU4ZVhnCg== | base64 -d)" \ | |
| --volume "$GITHUB_WORKSPACE"/registry-proxy-cache:/var/lib/registry -p 5000:5000 registry:2 >/dev/null | |
| # Get curl | |
| sudo apt-get update -qq | |
| sudo apt-get install -qq curl | |
| # Wait until it is ready | |
| attempts=0 | |
| while ! curl localhost:5000 1>/dev/null 2>&1 && [ "$attempts" -lt 10 ] ; do | |
| sleep 0.5 | |
| attempts=$((attempts + 1)) | |
| done | |
| [ "$attempts" -lt 10 ] || { | |
| >&2 printf "Failed contacting proxy server in less than five seconds. Giving up" | |
| exit 1 | |
| } | |
| # We are ready | |
| echo "===== TESTING ====" | |
| ls -lA "$GITHUB_WORKSPACE"/registry-proxy-cache | |
| echo "===== Was there some cache already? SHOULD BE ^ ====" | |
| time docker pull alpine || true | |
| docker logs registry-proxy-cache | |
| ls -lA "$GITHUB_WORKSPACE"/registry-proxy-cache | |
| - name: "Prepare integration test environment" | |
| run: DOCKER_BUILDKIT=1 docker build -t test-integration --target test-integration --build-arg UBUNTU_VERSION=${UBUNTU_VERSION} --build-arg CONTAINERD_VERSION=${CONTAINERD_VERSION} . | |
| - name: "Remove snap loopback devices (conflicts with our loopback devices in TestRunDevice)" | |
| run: | | |
| sudo systemctl disable --now snapd.service snapd.socket | |
| sudo apt-get purge -y snapd | |
| sudo losetup -Dv | |
| sudo losetup -lv | |
| - name: "Register QEMU (tonistiigi/binfmt)" | |
| run: docker run --privileged --rm tonistiigi/binfmt --install all | |
| - name: "Run integration tests" | |
| uses: nick-fields/retry@v3 | |
| with: | |
| timeout_minutes: 30 | |
| max_attempts: 2 | |
| retry_on: error | |
| command: | | |
| exit 1 | |
| docker run -t --rm --privileged test-integration | |
| test-integration-ipv6: | |
| runs-on: "ubuntu-${{ matrix.ubuntu }}" | |
| timeout-minutes: 40 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| # ubuntu-20.04: cgroup v1, ubuntu-22.04: cgroup v2 | |
| include: | |
| - ubuntu: 22.04 | |
| containerd: v1.7.16 | |
| env: | |
| UBUNTU_VERSION: "${{ matrix.ubuntu }}" | |
| CONTAINERD_VERSION: "${{ matrix.containerd }}" | |
| steps: | |
| - uses: actions/checkout@v4.1.6 | |
| with: | |
| fetch-depth: 1 | |
| - name: Enable ipv4 and ipv6 forwarding | |
| run: | | |
| sudo sysctl -w net.ipv6.conf.all.forwarding=1 | |
| sudo sysctl -w net.ipv4.ip_forward=1 | |
| - name: Enable IPv6 for Docker | |
| run: | | |
| sudo mkdir -p /etc/docker | |
| echo '{"ipv6": true, "fixed-cidr-v6": "2001:db8:1::/64", "experimental": true, "ip6tables": true}' | sudo tee /etc/docker/daemon.json | |
| sudo systemctl restart docker | |
| - name: "Prepare integration test environment" | |
| run: DOCKER_BUILDKIT=1 docker build -t test-integration-ipv6 --target test-integration-ipv6 --build-arg UBUNTU_VERSION=${UBUNTU_VERSION} --build-arg CONTAINERD_VERSION=${CONTAINERD_VERSION} . | |
| - name: "Remove snap loopback devices (conflicts with our loopback devices in TestRunDevice)" | |
| run: | | |
| sudo systemctl disable --now snapd.service snapd.socket | |
| sudo apt-get purge -y snapd | |
| sudo losetup -Dv | |
| sudo losetup -lv | |
| - name: "Register QEMU (tonistiigi/binfmt)" | |
| run: docker run --privileged --rm tonistiigi/binfmt --install all | |
| - name: "Run integration tests" | |
| # The nested IPv6 network inside docker and qemu is complex and needs a bunch of sysctl config. | |
| # Therefore it's hard to debug why the IPv6 tests fail in such an isolation layer. | |
| # On the other side, using the host network is easier at configuration. | |
| # Besides, each job is running on a different instance, which means using host network here | |
| # is safe and has no side effects on others. | |
| uses: nick-fields/retry@v3 | |
| with: | |
| timeout_minutes: 30 | |
| max_attempts: 2 | |
| retry_on: error | |
| command: docker run --network host -t --rm --privileged test-integration-ipv6 | |
| test-integration-rootless: | |
| runs-on: "ubuntu-${{ matrix.ubuntu }}" | |
| timeout-minutes: 60 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| # ubuntu-22.04: cgroup v1, ubuntu-22.04: cgroup v2 | |
| include: | |
| - ubuntu: 20.04 | |
| containerd: v1.6.31 | |
| rootlesskit: v1.1.1 | |
| target: test-integration-rootless | |
| - ubuntu: 20.04 | |
| containerd: v1.7.16 | |
| rootlesskit: v2.1.0 | |
| target: test-integration-rootless | |
| - ubuntu: 22.04 | |
| containerd: v1.7.16 | |
| rootlesskit: v1.1.1 | |
| target: test-integration-rootless | |
| - ubuntu: 22.04 | |
| containerd: main | |
| rootlesskit: v2.1.0 | |
| target: test-integration-rootless | |
| - ubuntu: 20.04 | |
| containerd: v1.6.31 | |
| rootlesskit: v1.1.1 | |
| target: test-integration-rootless-port-slirp4netns | |
| - ubuntu: 20.04 | |
| containerd: v1.7.16 | |
| rootlesskit: v2.1.0 | |
| target: test-integration-rootless-port-slirp4netns | |
| - ubuntu: 22.04 | |
| containerd: v1.7.16 | |
| rootlesskit: v1.1.1 | |
| target: test-integration-rootless-port-slirp4netns | |
| - ubuntu: 22.04 | |
| containerd: main | |
| rootlesskit: v2.1.0 | |
| target: test-integration-rootless-port-slirp4netns | |
| env: | |
| UBUNTU_VERSION: "${{ matrix.ubuntu }}" | |
| CONTAINERD_VERSION: "${{ matrix.containerd }}" | |
| ROOTLESSKIT_VERSION: "${{ matrix.rootlesskit }}" | |
| TEST_TARGET: "${{ matrix.target }}" | |
| steps: | |
| - uses: actions/checkout@v4.1.6 | |
| with: | |
| fetch-depth: 1 | |
| - name: "Register QEMU (tonistiigi/binfmt)" | |
| run: docker run --privileged --rm tonistiigi/binfmt --install all | |
| - name: "Prepare (network driver=slirp4netns, port driver=builtin)" | |
| run: DOCKER_BUILDKIT=1 docker build -t ${TEST_TARGET} --target ${TEST_TARGET} --build-arg UBUNTU_VERSION=${UBUNTU_VERSION} --build-arg CONTAINERD_VERSION=${CONTAINERD_VERSION} --build-arg ROOTLESSKIT_VERSION=${ROOTLESSKIT_VERSION} . | |
| - name: "Test (network driver=slirp4netns, port driver=builtin)" | |
| uses: nick-fields/retry@v3 | |
| with: | |
| timeout_minutes: 30 | |
| max_attempts: 2 | |
| retry_on: error | |
| command: docker run -t --rm --privileged -e WORKAROUND_ISSUE_622=1 ${TEST_TARGET} | |
| cross: | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 40 | |
| strategy: | |
| matrix: | |
| go-version: ["1.21.x", "1.22.x"] | |
| steps: | |
| - uses: actions/checkout@v4.1.6 | |
| with: | |
| fetch-depth: 1 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ matrix.go-version }} | |
| cache: true | |
| check-latest: true | |
| - name: "Cross" | |
| run: GO_VERSION="$(echo ${{ matrix.go-version }} | sed -e s/.x//)" make artifacts | |
| test-integration-docker-compatibility: | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 45 | |
| steps: | |
| - uses: actions/checkout@v4.1.6 | |
| with: | |
| fetch-depth: 1 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| cache: true | |
| check-latest: true | |
| - name: "Enable BuildKit" | |
| run: | | |
| set -eux -o pipefail | |
| # Enable BuildKit explicitly | |
| sudo apt-get install -y moreutils | |
| cat /etc/docker/daemon.json | |
| jq '.features.buildkit = true' </etc/docker/daemon.json | sudo sponge /etc/docker/daemon.json | |
| cat /etc/docker/daemon.json | |
| sudo systemctl restart docker | |
| # Print docker info | |
| docker info | |
| docker version | |
| - name: "Register QEMU (tonistiigi/binfmt)" | |
| run: docker run --privileged --rm tonistiigi/binfmt --install all | |
| - name: "Prepare integration test environment" | |
| run: | | |
| sudo apt-get install -y expect | |
| - name: "Ensure that the integration test suite is compatible with Docker" | |
| uses: nick-fields/retry@v3 | |
| with: | |
| timeout_minutes: 30 | |
| max_attempts: 2 | |
| retry_on: error | |
| command: go test -timeout 20m -v -exec sudo ./cmd/nerdctl/... -args -test.target=docker -test.kill-daemon | |
| - name: "Ensure that the IPv6 integration test suite is compatible with Docker" | |
| uses: nick-fields/retry@v3 | |
| with: | |
| timeout_minutes: 30 | |
| max_attempts: 2 | |
| retry_on: error | |
| command: go test -timeout 20m -v -exec sudo ./cmd/nerdctl/... -args -test.target=docker -test.kill-daemon -test.ipv6 | |
| test-integration-windows: | |
| runs-on: windows-2022 | |
| timeout-minutes: 30 | |
| defaults: | |
| run: | |
| shell: bash | |
| steps: | |
| - uses: actions/checkout@v4.1.6 | |
| with: | |
| fetch-depth: 1 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| cache: true | |
| check-latest: true | |
| - run: go install ./cmd/nerdctl | |
| - uses: actions/checkout@v4.1.6 | |
| with: | |
| repository: containerd/containerd | |
| ref: v1.7.16 | |
| path: containerd | |
| fetch-depth: 1 | |
| - name: "Set up CNI" | |
| working-directory: containerd | |
| run: GOPATH=$(go env GOPATH) script/setup/install-cni-windows | |
| - name: "Set up containerd" | |
| env: | |
| ctrdVersion: 1.7.16 | |
| run: powershell hack/configure-windows-ci.ps1 | |
| # TODO: Run unit tests | |
| - name: "Run integration tests" | |
| run: go test -v ./cmd/... | |
| test-integration-freebsd: | |
| name: FreeBSD | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 20 | |
| steps: | |
| - uses: actions/checkout@v4.1.6 | |
| - uses: actions/cache@v4 | |
| with: | |
| path: /root/.vagrant.d | |
| key: vagrant-${{ matrix.box }} | |
| - name: Set up vagrant | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libvirt-daemon libvirt-daemon-system vagrant vagrant-libvirt | |
| sudo systemctl enable --now libvirtd | |
| - name: Boot VM | |
| run: | | |
| ln -sf Vagrantfile.freebsd Vagrantfile | |
| sudo vagrant up --no-tty | |
| - name: test-unit | |
| run: sudo vagrant up --provision-with=test-unit | |
| - name: test-integration | |
| run: sudo vagrant up --provision-with=test-integration |