github.com/hanks177/podman/v4@v4.1.3-0.20220613032544-16d90015bc83/contrib/cirrus/setup_environment.sh (about) 1 #!/usr/bin/env bash 2 3 # This script is intended to be executed early by automation before 4 # performing other substantial operations. It relies heavily on 5 # desired setup information being passed in environment variables 6 # from Cirrus-CI and/or other orchestration tooling. To that end, 7 # VM's must always be considered single-purpose, single-use, 8 # disposable entities. i.e. One setup, one test, then always discarded. 9 10 set -e 11 12 # shellcheck source=./contrib/cirrus/lib.sh 13 source $(dirname $0)/lib.sh 14 15 die_unknown() { 16 local var_name="$1" 17 req_env_vars var_name 18 local var_value="${!var_name}" 19 die "Unknown/unsupported \$$var_name '$var_value'" 20 } 21 22 msg "************************************************************" 23 msg "Setting up runtime environment" 24 msg "************************************************************" 25 show_env_vars 26 27 req_env_vars USER HOME GOSRC SCRIPT_BASE TEST_FLAVOR TEST_ENVIRON \ 28 PODBIN_NAME PRIV_NAME DISTRO_NV DEST_BRANCH 29 30 # Verify basic dependencies 31 for depbin in go rsync unzip sha256sum curl make python3 git 32 do 33 if ! type -P "$depbin" &> /dev/null 34 then 35 warn "$depbin binary not found in $PATH" 36 fi 37 done 38 39 cp hack/podman-registry /bin 40 41 # Some test operations & checks require a git "identity" 42 _gc='git config --file /root/.gitconfig' 43 $_gc user.email "TMcTestFace@example.com" 44 $_gc user.name "Testy McTestface" 45 # Bypass git safety/security checks when operating in a throwaway environment 46 git config --system --add safe.directory $GOSRC 47 48 # Ensure that all lower-level contexts and child-processes have 49 # ready access to higher level orchestration (e.g Cirrus-CI) 50 # variables. 51 echo -e "\n# Begin single-use VM global variables (${BASH_SOURCE[0]})" \ 52 > "/etc/ci_environment" 53 ( 54 while read -r env_var_val; do 55 echo "$env_var_val" 56 done <<<"$(passthrough_envars)" 57 ) >> "/etc/ci_environment" 58 59 # This is a possible manual maintenance gaff, check to be sure everything matches. 60 # shellcheck disable=SC2154 61 [[ "$DISTRO_NV" =~ $OS_REL_VER ]] || \ 62 die "Automation spec. '$DISTRO_NV'; actual host '$OS_REL_VER'" 63 64 # Only allow this script to execute once 65 if ((${SETUP_ENVIRONMENT:-0})); then 66 # Comes from automation library 67 # shellcheck disable=SC2154 68 warn "Not executing $SCRIPT_FILENAME again" 69 exit 0 70 fi 71 72 cd "${GOSRC}/" 73 74 # Defined by lib.sh: Does the host support cgroups v1 or v2 75 case "$CG_FS_TYPE" in 76 tmpfs) 77 if ((CONTAINER==0)); then 78 warn "Forcing testing with runc instead of crun" 79 if [[ "$OS_RELEASE_ID" == "ubuntu" ]]; then 80 # Need b/c using cri-o-runc package from OBS 81 echo "OCI_RUNTIME=/usr/lib/cri-o-runc/sbin/runc" \ 82 >> /etc/ci_environment 83 else 84 echo "OCI_RUNTIME=runc" >> /etc/ci_environment 85 fi 86 fi 87 ;; 88 cgroup2fs) 89 if ((CONTAINER==0)); then 90 # This is necessary since we've built/installed from source, 91 # which uses runc as the default. 92 warn "Forcing testing with crun instead of runc" 93 echo "OCI_RUNTIME=crun" >> /etc/ci_environment 94 fi 95 ;; 96 *) die_unknown CG_FS_TYPE 97 esac 98 99 if ((CONTAINER==0)); then # Not yet running inside a container 100 # Discovered reemergence of BFQ scheduler bug in kernel 5.8.12-200 101 # which causes a kernel panic when system is under heavy I/O load. 102 # Previously discovered in F32beta and confirmed fixed. It's been 103 # observed in F31 kernels as well. Deploy workaround for all VMs 104 # to ensure a more stable I/O scheduler (elevator). 105 echo "mq-deadline" > /sys/block/sda/queue/scheduler 106 warn "I/O scheduler: $(cat /sys/block/sda/queue/scheduler)" 107 fi 108 109 # Which distribution are we testing on. 110 case "$OS_RELEASE_ID" in 111 ubuntu) ;; 112 fedora) 113 if ((CONTAINER==0)); then 114 # All SELinux distros need this for systemd-in-a-container 115 msg "Enabling container_manage_cgroup" 116 setsebool container_manage_cgroup true 117 fi 118 119 # For release 36 and later, netavark/aardvark is the default 120 # networking stack for podman. All previous releases only have 121 # CNI networking available. Upgrading from one to the other is 122 # not supported at this time. Support execution of the upgrade 123 # tests in F36 and later, by disabling Netavark and enabling CNI. 124 # 125 # OS_RELEASE_VER is defined by automation-library 126 # shellcheck disable=SC2154 127 if [[ "$OS_RELEASE_VER" -ge 36 ]] && \ 128 [[ "$TEST_FLAVOR" != "upgrade_test" ]]; 129 then 130 use_netavark 131 else # Fedora < 36, or upgrade testing. 132 use_cni 133 fi 134 ;; 135 *) die_unknown OS_RELEASE_ID 136 esac 137 138 # Required to be defined by caller: The environment where primary testing happens 139 # shellcheck disable=SC2154 140 case "$TEST_ENVIRON" in 141 host) 142 # The e2e tests wrongly guess `--cgroup-manager` option 143 # shellcheck disable=SC2154 144 if [[ "$CG_FS_TYPE" == "cgroup2fs" ]] || [[ "$PRIV_NAME" == "root" ]] 145 then 146 warn "Forcing CGROUP_MANAGER=systemd" 147 echo "CGROUP_MANAGER=systemd" >> /etc/ci_environment 148 else 149 warn "Forcing CGROUP_MANAGER=cgroupfs" 150 echo "CGROUP_MANAGER=cgroupfs" >> /etc/ci_environment 151 fi 152 ;; 153 container) 154 if ((CONTAINER==0)); then # not yet inside a container 155 warn "Force loading iptables modules" 156 # Since CRIU 3.11, uses iptables to lock and unlock 157 # the network during checkpoint and restore. Needs 158 # the following two modules loaded on the host. 159 modprobe ip6table_nat || : 160 modprobe iptable_nat || : 161 else 162 warn "Forcing CGROUP_MANAGER=cgroupfs" 163 echo "CGROUP_MANAGER=cgroupfs" >> /etc/ci_environment 164 165 # There's no practical way to detect userns w/in a container 166 # affected/related tests are sensitive to this variable. 167 warn "Disabling usernamespace integration testing" 168 echo "SKIP_USERNS=1" >> /etc/ci_environment 169 170 # In F35 the hard-coded default 171 # (from containers-common-1-32.fc35.noarch) is 'journald' despite 172 # the upstream repository having this line commented-out. 173 # Containerized integration tests cannot run with 'journald' 174 # as there is no daemon/process there to receive them. 175 cconf="/usr/share/containers/containers.conf" 176 note="- commented-out by setup_environment.sh" 177 if grep -Eq '^log_driver.+journald' "$cconf"; then 178 warn "Patching out $cconf journald log_driver" 179 sed -r -i -e "s/^log_driver(.*)/# log_driver\1 $note/" "$cconf" 180 fi 181 fi 182 ;; 183 *) die_unknown TEST_ENVIRON 184 esac 185 186 # Required to be defined by caller: Are we testing as root or a regular user 187 case "$PRIV_NAME" in 188 root) 189 if [[ "$TEST_FLAVOR" = "sys" ]]; then 190 # Used in local image-scp testing 191 setup_rootless 192 echo "PODMAN_ROOTLESS_USER=$ROOTLESS_USER" >> /etc/ci_environment 193 fi 194 ;; 195 rootless) 196 # load kernel modules since the rootless user has no permission to do so 197 modprobe ip6_tables || : 198 modprobe ip6table_nat || : 199 setup_rootless 200 ;; 201 *) die_unknown PRIV_NAME 202 esac 203 204 if [[ -n "$ROOTLESS_USER" ]]; then 205 echo "ROOTLESS_USER=$ROOTLESS_USER" >> /etc/ci_environment 206 fi 207 208 # Required to be defined by caller: Are we testing podman or podman-remote client 209 # shellcheck disable=SC2154 210 case "$PODBIN_NAME" in 211 podman) ;; 212 remote) ;; 213 *) die_unknown PODBIN_NAME 214 esac 215 216 # Required to be defined by caller: The primary type of testing that will be performed 217 # shellcheck disable=SC2154 218 case "$TEST_FLAVOR" in 219 ext_svc) ;; 220 validate) 221 dnf install -y $PACKAGE_DOWNLOAD_DIR/python3*.rpm 222 # For some reason, this is also needed for validation 223 make install.tools 224 make .install.pre-commit 225 ;; 226 automation) ;; 227 altbuild) 228 # Defined in .cirrus.yml 229 # shellcheck disable=SC2154 230 if [[ "$ALT_NAME" =~ RPM ]]; then 231 bigto dnf install -y glibc-minimal-langpack go-rpm-macros rpkg rpm-build shadow-utils-subid-devel 232 fi 233 make install.tools 234 ;; 235 docker-py) 236 remove_packaged_podman_files 237 make install.tools 238 make install PREFIX=/usr ETCDIR=/etc 239 240 msg "Installing previously downloaded/cached packages" 241 dnf install -y $PACKAGE_DOWNLOAD_DIR/python3*.rpm 242 virtualenv .venv/docker-py 243 source .venv/docker-py/bin/activate 244 pip install --upgrade pip 245 pip install --requirement $GOSRC/test/python/requirements.txt 246 ;; 247 build) make clean ;; 248 unit) 249 make install.tools 250 ;; 251 compose_v2) 252 make install.tools 253 dnf -y remove docker-compose 254 curl -SL https://github.com/docker/compose/releases/download/v2.2.3/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose 255 chmod +x /usr/local/bin/docker-compose 256 ;& # Continue with next item 257 apiv2) 258 make install.tools 259 msg "Installing previously downloaded/cached packages" 260 dnf install -y $PACKAGE_DOWNLOAD_DIR/python3*.rpm 261 virtualenv .venv/requests 262 source .venv/requests/bin/activate 263 pip install --upgrade pip 264 pip install --requirement $GOSRC/test/apiv2/python/requirements.txt 265 ;& # continue with next item 266 compose) 267 make install.tools 268 rpm -ivh $PACKAGE_DOWNLOAD_DIR/podman-docker* 269 ;& # continue with next item 270 int) ;& 271 sys) ;& 272 upgrade_test) ;& 273 bud) ;& 274 bindings) ;& 275 endpoint) 276 make install.tools 277 # Use existing host bits when testing is to happen inside a container 278 # since this script will run again in that environment. 279 # shellcheck disable=SC2154 280 if [[ "$TEST_ENVIRON" =~ host ]]; then 281 if ((CONTAINER)); then 282 die "Refusing to config. host-test in container"; 283 fi 284 remove_packaged_podman_files 285 make install PREFIX=/usr ETCDIR=/etc 286 elif [[ "$TEST_ENVIRON" == "container" ]]; then 287 if ((CONTAINER)); then 288 remove_packaged_podman_files 289 make install PREFIX=/usr ETCDIR=/etc 290 fi 291 else 292 die "Invalid value for \$TEST_ENVIRON=$TEST_ENVIRON" 293 fi 294 295 install_test_configs 296 ;; 297 gitlab) 298 # This only runs on Ubuntu for now 299 if [[ "$OS_RELEASE_ID" != "ubuntu" ]]; then 300 die "This test only runs on Ubuntu due to sheer laziness" 301 fi 302 303 # Ref: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/27270#note_499585550 304 305 remove_packaged_podman_files 306 make install PREFIX=/usr ETCDIR=/etc 307 308 msg "Installing docker and containerd" 309 # N/B: Tests check/expect `docker info` output, and this `!= podman info` 310 ooe.sh dpkg -i \ 311 $PACKAGE_DOWNLOAD_DIR/containerd.io*.deb \ 312 $PACKAGE_DOWNLOAD_DIR/docker-ce*.deb 313 314 msg "Disabling docker service and socket activation" 315 systemctl stop docker.service docker.socket 316 systemctl disable docker.service docker.socket 317 rm -rf /run/docker* 318 # Guarantee the docker daemon can't be started, even by accident 319 rm -vf $(type -P dockerd) 320 321 msg "Recursively chowning source to $ROOTLESS_USER" 322 chown -R $ROOTLESS_USER:$ROOTLESS_USER "$GOPATH" "$GOSRC" 323 324 msg "Obtaining necessary gitlab-runner testing bits" 325 slug="gitlab.com/gitlab-org/gitlab-runner" 326 helper_fqin="registry.gitlab.com/gitlab-org/gitlab-runner/gitlab-runner-helper:x86_64-latest-pwsh" 327 ssh="ssh $ROOTLESS_USER@localhost -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no env GOPATH=$GOPATH" 328 showrun $ssh go get -u github.com/jstemmer/go-junit-report 329 showrun $ssh git clone https://$slug $GOPATH/src/$slug 330 showrun $ssh make -C $GOPATH/src/$slug development_setup 331 showrun $ssh bash -c "'cd $GOPATH/src/$slug && GOPATH=$GOPATH go get .'" 332 333 showrun $ssh podman pull $helper_fqin 334 # Tests expect image with this exact name 335 showrun $ssh podman tag $helper_fqin \ 336 docker.io/gitlab/gitlab-runner-helper:x86_64-latest-pwsh 337 ;; 338 swagger) ;& # use next item 339 consistency) 340 make clean 341 make install.tools 342 ;; 343 release) ;; 344 *) die_unknown TEST_FLAVOR 345 esac 346 347 # Must be the very last command. Prevents setup from running twice. 348 echo 'SETUP_ENVIRONMENT=1' >> /etc/ci_environment 349 echo -e "\n# End of global variable definitions" \ 350 >> /etc/ci_environment 351 352 msg "Global CI Environment vars.:" 353 grep -Ev '^#' /etc/ci_environment | sort | indent