Skip to content
CI

1.6 backport update grpc #33

Sign in to view logs

1.6 backport update grpc

1.6 backport update grpc #33

Workflow file for this run

.github/workflows/ci.yml at ac90bad
name: CI
on:
push:
branches:
- main
- 'release/**'
pull_request:
branches:
- main
- 'release/**'
env:
# Go version we currently use to build containerd across all CI.
# Note: don't forget to update `Binaries` step, as it contains the matrix of all supported Go versions.
GO_VERSION: "1.20.8"
permissions: # added using https://github.com/step-security/secure-workflows
contents: read
jobs:
#
# golangci-lint
#
linters:
permissions:
contents: read # for actions/checkout to fetch code
pull-requests: read # for golangci/golangci-lint-action to fetch pull requests
name: Linters
runs-on: ${{ matrix.os }}
timeout-minutes: 10
strategy:
matrix:
os: [ubuntu-20.04, macos-12, windows-2019]
steps:
- name: Install dependencies
if: matrix.os == 'ubuntu-20.04'
run: |
sudo apt-get update
sudo apt-get install -y libbtrfs-dev
- uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/checkout@v3
- uses: golangci/golangci-lint-action@v3
with:
version: v1.51.1
skip-cache: true
args: --timeout=8m
#
# Project checks
#
project:
name: Project Checks
if: github.repository == 'containerd/containerd'
runs-on: ubuntu-20.04
timeout-minutes: 5
steps:
- uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/checkout@v3
with:
path: src/github.com/containerd/containerd
fetch-depth: 100
- uses: containerd/project-checks@v1.1.0
with:
working-directory: src/github.com/containerd/containerd
repo-access-token: ${{ secrets.GITHUB_TOKEN }}
- name: verify go modules and vendor directory
run: |
sudo apt-get install -y jq
make verify-vendor
working-directory: src/github.com/containerd/containerd
#
# Protobuf checks
#
protos:
name: Protobuf
runs-on: ubuntu-20.04
timeout-minutes: 5
defaults:
run:
working-directory: src/github.com/containerd/containerd
steps:
- uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/checkout@v3
with:
path: src/github.com/containerd/containerd
- name: Set env
shell: bash
run: |
echo "GOPATH=${{ github.workspace }}" >> $GITHUB_ENV
echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
- name: Install protobuf
run: |
sudo -E PATH=$PATH script/setup/install-protobuf
sudo chmod +x /usr/local/bin/protoc
sudo chmod og+rx /usr/local/include/google /usr/local/include/google/protobuf /usr/local/include/google/protobuf/compiler
sudo chmod -R og+r /usr/local/include/google/protobuf/
protoc --version
- run: script/setup/install-dev-tools
- run: make proto-fmt
- run: make check-protos check-api-descriptors
man:
name: Manpages
runs-on: ubuntu-20.04
timeout-minutes: 5
steps:
- uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/checkout@v3
- run: go install github.com/cpuguy83/go-md2man/v2@v2.0.1
- run: make man
# Make sure binaries compile with other platforms
crossbuild:
name: Crossbuild Binaries
needs: [linters, protos, man]
runs-on: ubuntu-20.04
timeout-minutes: 10
strategy:
fail-fast: false
matrix:
include:
- goos: linux
goarch: arm64
- goos: linux
goarch: arm
goarm: "7"
- goos: linux
goarch: arm
goarm: "5"
- goos: linux
goarch: ppc64le
- goos: linux
goarch: riscv64
- goos: freebsd
goarch: amd64
- goos: freebsd
goarch: arm64
- goos: windows
goarch: arm
goarm: "7"
steps:
- uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/checkout@v3
- run: |
set -e -x
packages="libbtrfs-dev"
platform="${{matrix.goos}}/${{matrix.goarch}}"
if [ -n "${{matrix.goarm}}" ]; then
platform+="/v${{matrix.goarm}}"
fi
case "${platform}" in
linux/arm/v5)
packages+=" crossbuild-essential-armel"
echo "CGO_ENABLED=1" >> $GITHUB_ENV
echo "CC=arm-linux-gnueabi-gcc" >> $GITHUB_ENV
;;
linux/arm/v7)
packages+=" crossbuild-essential-armhf"
echo "CGO_ENABLED=1" >> $GITHUB_ENV
echo "CC=arm-linux-gnueabihf-gcc" >> $GITHUB_ENV
;;
linux/arm64)
packages+=" crossbuild-essential-arm64"
echo "CGO_ENABLED=1" >> $GITHUB_ENV
echo "CC=aarch64-linux-gnu-gcc" >> $GITHUB_ENV
;;
linux/ppc64le)
packages+=" crossbuild-essential-ppc64el"
echo "CGO_ENABLED=1" >> $GITHUB_ENV
echo "CC=powerpc64le-linux-gnu-gcc" >> $GITHUB_ENV
;;
linux/riscv64)
packages+=" crossbuild-essential-riscv64"
echo "CGO_ENABLED=1" >> $GITHUB_ENV
echo "CC=riscv64-linux-gnu-gcc" >> $GITHUB_ENV
;;
windows/arm/v7)
echo "CGO_ENABLED=0" >> $GITHUB_ENV
;;
esac
if [ -n "${packages}" ]; then
sudo apt-get update && sudo apt-get install -y ${packages}
fi
name: Install deps
- name: Build
env:
GOOS: ${{matrix.goos}}
GOARCH: ${{matrix.goarch}}
GOARM: ${{matrix.goarm}}
run: |
make build
make binaries
#
# Build containerd binaries
#
binaries:
name: Binaries
runs-on: ${{ matrix.os }}
timeout-minutes: 10
needs: [linters, protos, man]
strategy:
matrix:
os: [ubuntu-20.04, macos-12, windows-2019, windows-2022]
go-version: ["1.20.8", "1.21.1"]
steps:
- name: Install dependencies
if: matrix.os == 'ubuntu-20.04'
run: |
sudo apt-get update
sudo apt-get install -y libbtrfs-dev
- uses: actions/setup-go@v3
with:
go-version: ${{ matrix.go-version }}
- name: Set env
shell: bash
run: |
echo "GOPATH=${{ github.workspace }}" >> $GITHUB_ENV
echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
- uses: actions/checkout@v3
with:
path: src/github.com/containerd/containerd
- name: Make
run: |
make build
make binaries
working-directory: src/github.com/containerd/containerd
#
# Integration and CRI tests
#
integration-windows:
name: Windows Integration
runs-on: ${{ matrix.os }}
timeout-minutes: 35
needs: [linters, protos, man]
env:
GOTEST: gotestsum --
strategy:
fail-fast: false
matrix:
os: [windows-2019, windows-2022]
defaults:
run:
shell: bash
working-directory: src/github.com/containerd/containerd
steps:
- uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/checkout@v3
with:
path: src/github.com/containerd/containerd
- uses: actions/checkout@v3
with:
repository: Microsoft/hcsshim
path: src/github.com/Microsoft/hcsshim
- name: Set env
run: |
echo "GOPATH=${{ github.workspace }}" >> $GITHUB_ENV
echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
echo "${{ github.workspace }}/src/github.com/containerd/containerd/bin" >> $GITHUB_PATH
- run: script/setup/install-dev-tools
- name: Binaries
env:
CGO_ENABLED: 1
run: |
set -o xtrace
mingw32-make.exe binaries
bindir="$(pwd)"
SHIM_COMMIT=$(grep 'Microsoft/hcsshim ' go.mod | awk '{print $2}')
cd ../../Microsoft/hcsshim
git fetch --tags origin "${SHIM_COMMIT}"
git checkout "${SHIM_COMMIT}"
GO111MODULE=on go build -mod=vendor -o "${bindir}/integration/client/containerd-shim-runhcs-v1.exe" ./cmd/containerd-shim-runhcs-v1
- run: script/setup/install-gotestsum
- name: Tests
env:
CGO_ENABLED: 1
GOTESTSUM_JUNITFILE: ${{github.workspace}}/test-unit-root.xml
run: mingw32-make.exe test root-test
- name: Integration 1
env:
CGO_ENABLED: 1
GOTESTSUM_JUNITFILE: ${{github.workspace}}/test-integration-serial-junit.xml
run: mingw32-make.exe integration
# Run the integration suite a second time. See discussion in github.com/containerd/containerd/pull/1759
- name: Integration 2
env:
TESTFLAGS_PARALLEL: 1
EXTRA_TESTFLAGS: "-short"
CGO_ENABLED: 1
GOTESTSUM_JUNITFILE: ${{github.workspace}}/test-integration-parallel-junit.xml
run: mingw32-make.exe integration
- uses: actions/upload-artifact@v3
if: always()
with:
name: TestResults Windows
path: |
${{github.workspace}}/*-junit.xml
integration-linux:
name: Linux Integration
runs-on: ubuntu-20.04
timeout-minutes: 40
needs: [linters, protos, man]
strategy:
fail-fast: false
matrix:
runtime: [io.containerd.runtime.v1.linux, io.containerd.runc.v1, io.containerd.runc.v2]
runc: [runc, crun]
exclude:
- runtime: io.containerd.runc.v1
runc: crun
- runtime: io.containerd.runtime.v1.linux
runc: crun
env:
GOTEST: gotestsum --
steps:
- uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/checkout@v3
- name: Install containerd dependencies
env:
RUNC_FLAVOR: ${{ matrix.runc }}
run: |
sudo apt-get install -y gperf libbtrfs-dev
script/setup/install-seccomp
script/setup/install-runc
script/setup/install-cni $(grep containernetworking/plugins go.mod | awk '{print $2}')
script/setup/install-critools
script/setup/install-failpoint-binaries
- name: Install criu
run: |
sudo add-apt-repository ppa:criu/ppa
sudo apt-get update
sudo apt-get install -y criu
- name: Install containerd
env:
CGO_ENABLED: 1
run: |
make binaries GO_BUILD_FLAGS="-mod=vendor"
sudo -E PATH=$PATH make install
- run: script/setup/install-gotestsum
- name: Tests
env:
GOTESTSUM_JUNITFILE: ${{github.workspace}}/test-unit-root-junit.xml
run: |
make test
sudo -E PATH=$PATH make root-test
- name: Integration 1
env:
TEST_RUNTIME: ${{ matrix.runtime }}
RUNC_FLAVOR: ${{ matrix.runc }}
GOTESTSUM_JUNITFILE: ${{github.workspace}}/test-integration-serial-junit.xml
run: |
extraflags=""
[ "${RUNC_FLAVOR}" == "crun" ] && {
extraflags="EXTRA_TESTFLAGS=-no-criu";
}
sudo -E PATH=$PATH make integration ${extraflags} TESTFLAGS_RACE=-race
# Run the integration suite a second time. See discussion in github.com/containerd/containerd/pull/1759
- name: Integration 2
env:
TEST_RUNTIME: ${{ matrix.runtime }}
RUNC_FLAVOR: ${{ matrix.runc }}
GOTESTSUM_JUNITFILE: ${{github.workspace}}/test-integration-parallel-junit.xml
run: |
extraflags=""
[ "${RUNC_FLAVOR}" == "crun" ] && {
extraflags="EXTRA_TESTFLAGS=-no-criu";
}
sudo -E PATH=$PATH TESTFLAGS_PARALLEL=1 make integration ${extraflags}
- name: CRI Integration Test
env:
TEST_RUNTIME: ${{ matrix.runtime }}
run: |
CONTAINERD_RUNTIME=$TEST_RUNTIME make cri-integration
- name: cri-tools critest
env:
TEST_RUNTIME: ${{ matrix.runtime }}
run: |
BDIR="$(mktemp -d -p $PWD)"
function cleanup() {
sudo pkill containerd || true
cat ${BDIR}/containerd-cri.log
sudo -E rm -rf ${BDIR}
}
trap cleanup EXIT
mkdir -p ${BDIR}/{root,state}
cat > ${BDIR}/config.toml <<EOF
version = 2
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
runtime_type = "${TEST_RUNTIME}"
EOF
sudo ls /etc/cni/net.d
sudo -E PATH=$PATH /usr/local/bin/containerd -a ${BDIR}/c.sock --config ${BDIR}/config.toml --root ${BDIR}/root --state ${BDIR}/state --log-level debug &> ${BDIR}/containerd-cri.log &
sudo -E PATH=$PATH /usr/local/bin/ctr -a ${BDIR}/c.sock version
sudo -E PATH=$PATH critest --report-dir "${{github.workspace}}/critestreport" --runtime-endpoint=unix:///${BDIR}/c.sock --parallel=8
# Log the status of this VM to investigate issues like
# https://github.com/containerd/containerd/issues/4969
- name: Host Status
if: always()
run: |
set -x
mount
df
losetup -l
- uses: actions/upload-artifact@v3
if: always()
with:
name: TestResults ${{ matrix.runtime }} ${{matrix.runc}}
path: |
*-junit.xml
${{github.workspace}}/critestreport/*.xml
tests-mac-os:
name: MacOS unit tests
runs-on: macos-12
timeout-minutes: 10
needs: [linters, protos, man]
env:
GOTEST: gotestsum --
steps:
- uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/checkout@v3
- run: script/setup/install-gotestsum
- name: Tests
env:
GOTESTSUM_JUNITFILE: "${{ github.workspace }}/macos-test-junit.xml"
run: make test
- uses: actions/upload-artifact@v3
if: always()
with:
name: TestResults MacOS
path: |
*-junit.xml
vagrant:
name: Vagrant
# nested virtualization is only available on macOS hosts
runs-on: macos-12
timeout-minutes: 45
needs: [linters, protos, man]
strategy:
fail-fast: false
matrix:
# Currently crun is disabled to decrease CI flakiness.
# We can enable crun again when we get a better CI infra.
runc: [runc]
# Fedora is for testing cgroup v2 functionality, Rocky Linux is for testing on an enterprise-grade environment
box: ["fedora/37-cloud-base", "rockylinux/8"]
env:
GOTEST: gotestsum --
steps:
- uses: actions/checkout@v3
- name: "Cache ~/.vagrant.d/boxes"
uses: actions/cache@v3
with:
path: ~/.vagrant.d/boxes
key: vagrant-${{ hashFiles('Vagrantfile*') }}
- name: Vagrant start
env:
BOX: ${{ matrix.box }}
run: |
if [ "$BOX" = "rockylinux/8" ]; then
# The latest version 5.0.0 seems 404 (as of March 30, 2022)
export BOX_VERSION="4.0.0"
fi
# Retry if it fails (download.fedoraproject.org returns 404 sometimes)
vagrant up || vagrant up
- name: Integration
env:
RUNC_FLAVOR: ${{ matrix.runc }}
SELINUX: Enforcing
GOTESTSUM_JUNITFILE: /tmp/test-integration-junit.xml
run: vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-integration
- name: CRI test
env:
RUNC_FLAVOR: ${{ matrix.runc }}
SELINUX: Enforcing
REPORT_DIR: /tmp/critestreport
run: vagrant up --provision-with=selinux,install-runc,install-gotestsum,test-cri
- name: Collect the VM's IP address for Docker Hub's throttling issue
if: failure()
run: vagrant ssh -- curl https://api64.ipify.org/
- name: Get test reports
if: always()
run: |
set -e
vagrant plugin install vagrant-vbguest
vagrant plugin install vagrant-scp
vagrant scp :/tmp/test-integration-junit.xml "${{ github.workspace }}/"
vagrant scp :/tmp/critestreport "${{ github.workspace }}/critestreport"
- uses: actions/upload-artifact@v3
if: always()
with:
# ${{ matrix.box }} cannot be used here due to character limitation
name: TestResults vagrant ${{ github.run_id }} ${{ matrix.runtime }} ${{matrix.runc}}
path: |
${{github.workspace}}/*-junit.xml
${{github.workspace}}/critestreport/*
cgroup2-misc:
name: CGroupsV2 - rootless CRI test
# nested virtualization is only available on macOS hosts
runs-on: macos-12
timeout-minutes: 45
needs: [linters, protos, man]
steps:
- uses: actions/checkout@v3
- name: "Cache ~/.vagrant.d/boxes"
uses: actions/cache@v3
with:
path: ~/.vagrant.d/boxes
key: vagrant-${{ hashFiles('Vagrantfile*') }}
- name: Vagrant start
run: |
# Retry if it fails (download.fedoraproject.org returns 404 sometimes)
vagrant up || vagrant up
# slow, so separated from the regular cgroup2 task
- name: CRI-in-UserNS test with Rootless Podman
run: |
vagrant up --provision-with=install-rootless-podman
# Execute rootless podman to create the UserNS env
vagrant ssh -- podman build --target cri-in-userns -t cri-in-userns -f /vagrant/contrib/Dockerfile.test /vagrant
vagrant ssh -- podman run --rm --privileged cri-in-userns
- name: Collect the VM's IP address for Docker Hub's throttling issue
if: failure()
run: vagrant ssh -- curl https://api64.ipify.org/