govmm: Use it from our own repo

[fidencio]

On #3468 we brought the govmm project into our own repo, now it's time to use it.

We also need to ensure CI is correctly passing and in order to do so I've:

• Changed the license header's format
• Added some //nolint to the code, as those were not being checked as part of the GoVMM repo

[fidencio]

/test

[devimc]

thanks @fidencio

[fidencio]

@Jakob-Naucke, It seems we didn't have the tests running against s390x on GoVMM before and that's the reason the issue I'm facing here was never ever caught. :-)

+++ golangci-lint run -c /home/jenkins/workspace/kata-containers-2.0-ubuntu-s390x-PR/go/src/github.com/kata-containers/tests/.ci/.golangci.yml .
qemu_test.go:528:21: undeclared name: `devicePCIBridgeStringReserved` (typecheck)
	testAppend(bridge, devicePCIBridgeStringReserved, t)
	                   ^

EDITED: #3500

[fidencio]

/test-s390x

[fidencio]

If we can make it pass on s390x, we are good to call /test and have it tested on all other arches (which already passed on a previous run).

[fidencio]

/test-s390x

[fidencio]

/test-s390x

[fidencio]

/test

[fidencio]

/test-s390x

[fidencio]

/retest-s390x

[fidencio]

/retest-s390x

[fidencio]

/test

[bergwolf]

Thanks!

[amshinde]

@fidencio s390 seems to be still failing.

[fidencio]

/retest-s390x

[fidencio]

@fidencio s390 seems to be still failing.

Yep, but the last failures were the "normal" processes being left behind, rather than something specific to GoVMM.

[fidencio]

clh-crio:

not ok 1 Security context
# (in test file k8s-security-context.bats, line 22)
#   `kubectl wait --for=condition=Ready --timeout=$timeout pod "$pod_name"' failed
# [bats-exec-test:32] INFO: k8s configured to use runtimeclass
# pod/security-context-test created
# error: timed out waiting for the condition on pods/security-context-test
# Name:         security-context-test
# Namespace:    default
# Priority:     0
# Node:         ubuntu1804-azure0bbb10/10.0.0.6
# Start Time:   Thu, 20 Jan 2022 08:11:29 +0000
# Labels:       <none>
# Annotations:  <none>
# Status:       Pending
# IP:           
# IPs:          <none>
# Containers:
#   sec-text:
#     Container ID:  
#     Image:         quay.io/prometheus/busybox:latest
#     Image ID:      
#     Port:          <none>
#     Host Port:     <none>
#     Command:
#       tail
#       -f
#       /dev/null
#     State:          Waiting
#       Reason:       ContainerCreating
#     Ready:          False
#     Restart Count:  0
#     Environment:    <none>
#     Mounts:
#       /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-d9xqn (ro)
# Conditions:
#   Type              Status
#   Initialized       True 
#   Ready             False 
#   ContainersReady   False 
#   PodScheduled      True 
# Volumes:
#   kube-api-access-d9xqn:
#     Type:                    Projected (a volume that contains injected data from multiple sources)
#     TokenExpirationSeconds:  3607
#     ConfigMapName:           kube-root-ca.crt
#     ConfigMapOptional:       <nil>
#     DownwardAPI:             true
# QoS Class:                   BestEffort
# Node-Selectors:              <none>
# Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
#                              node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
# Events:
#   Type    Reason     Age   From               Message
#   ----    ------     ----  ----               -------
#   Normal  Scheduled  90s   default-scheduler  Successfully assigned default/security-context-test to ubuntu1804-azure0bbb10
#   Normal  Pulling    87s   kubelet            Pulling image "quay.io/prometheus/busybox:latest"
#   Normal  Pulled     86s   kubelet            Successfully pulled image "quay.io/prometheus/busybox:latest" in 219.462682ms
#   Normal  Created    86s   kubelet            Created container sec-text
#   Normal  Started    86s   kubelet            Started container sec-text
# pod "security-context-test" deleted

[fidencio]

@Jakob-Naucke, s390x is constantly failing with:

[cleanup_env.sh:54] INFO: Check no kata processes are left behind after reseting kubernetes
1109985
1110230
1117531
1118679
1118680
1120687
1123381
1124330
[cleanup_env.sh:129] ERROR: Found unexpected /usr/local/bin/containerd-shim-kata-v2 present
make: *** [Makefile:57: kubernetes] Error 1

That's not related to this PR and I will go ahead as soon as the clh-crio CI passes to unblock things here.

[Bevisy]

@fidencio By the way, do we need to deal with the problem that arises here, i.e. field alignment?

[fidencio]

At some point we may need to, indeed.

One thing to keep in mind is that this specific check was never ever made on GoVMM repo. The reason we see this failure on our repo is because we, however, do check for that.

So, right now, we're not making anything worse, we're just using GoVMM as we've always been using it, without any change.

I also mentioned this in the commit itself:

govmm: Ignore govet checks, at least for now

govet checks have been ignored on govmm repo, but those are enabled on
kata-containers one.  So, in order to avoid failing our CIs let's just
keep ignoring the checks for the govmm structs and have an issue opened
for fixing it whenever someone has cycles to do it.

The important bit here is, we're not making anything worse that it
already is. :-)

Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>

Did I answer your question, @Bevisy?

Also, pleasel if that's something you'd be willing to work on, feel free to jump on it! With the caveat that with the transition to the rust shim, GoVMM may become ... dead, in the near future.

[Bevisy]

Thank you for your reply, I know what I need to do next 😄