ci: untangle getting test images #2741
Conversation
kolyshkin
force-pushed
the
test-images
branch
9 times, most recently
from
5e0a376
to
f0e75fc
Compare
| // init makes sure the container images are downloaded, | ||
| // and initializes busyboxTar. If images can't be downloaded, | ||
| // we are unable to run any tests, so panic. | ||
| func init() { |
There was a problem hiding this comment.
This function looks a tad complicated, but all it does is calls get-images.sh
and parses its output to get the value of BUSYBOX_IMAGE. This way we
don't have to worry about doing some extra steps before running go test.
|
@tianon could you please review this (at least the shell part, i.e. get-images.sh)? |
kolyshkin
force-pushed
the
test-images
branch
2 times, most recently
from
0f0d424
to
88ee3cf
Compare
kolyshkin
force-pushed
the
test-images
branch
from
88ee3cf
to
e23fc24
Compare
|
@AkihiroSuda @mrunalp PTAL |
kolyshkin
force-pushed
the
test-images
branch
from
e23fc24
to
9eb474f
Compare
|
Rebased; addressed review comment. |
It is not used anywhere since commit 30601ef. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
kolyshkin
force-pushed
the
test-images
branch
2 times, most recently
from
5cb591b
to
96b29fa
Compare
This simplifies and optimizes getting container images used for tests. Currently, we have three different ways of getting images: 1. (for hello-world) the image is in this repo under tests/integration/testdata. 2. (for busybox) download it from github (the repo that is used for preparing official Docker image) using curl. 3. (for debian) download from Docker hub, using skopeo and umoci. To further complicate things, we have to do this downloading in multiple scenarios (at least 4): locally, in github CI, from Dockefile, inside a Vagrant VM. For each scenario, we have to install skopeo and umoci, and those two are not yet universally available for all the distros that we use. Yet another complication is those images are used for tests/integration (bats-driven tests) as well as for libcontainer/integration (go tests). The tests in libcontainer/integration rely on busybox being available from /busybox, and the bats tests just download the images to a temporary location during every run. It is also hard to support CI for other architectures, because all the machinery for preparing images is so complicated. This commit is an attempt to simplify and optimize getting images, mostly by getting rid of skopeo and umoci dependencies, but also by moving the download logic into one small shell script, which is used from all the places. Benefits: - images (if not present) are only downloaded once; - same images are used for both kind of tests (go and bats); - same images are used for local and inside-docker tests (because source directory is mounted into container); - the download logic is located within 1 simple shell script. [v2: fix eval; more doc to get-images; print URL if curl failed] [v3: use "slim" debian, twice as small] [v4: fix not using $image in setup_bundle] [v5: don't remove TESTDATA from helpers.bash] [v6: add i386 support] Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Currently, set -e ("exit on error") is only set before running tests.
The bad consequence is the script may fail to set up test environment
but will still run the tests.
Use "set -e -u -o pipefail" for the whole script to catch potential
issues with test setup and/or the script itself.
A few caveats:
1. We have to set RUNC_USE_SYSTEMD to an empty value if it is unset, so
that the subsequent checks like [ -z "$RUNC_USE_SYSTEMD" ] won't
trigger a "unbound variable" error. Same for ROOTLESS_TESTPATH.
2. Functions that have code like [ -f $file ] && do_something towards
the end may return 1 in case $file does not exist (as test aka [
was the last operation performed, and its exit code is returned.
This is why we had to add return 0.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
kolyshkin
force-pushed
the
test-images
branch
from
96b29fa
to
c348b98
Compare
|
I would prefer that we kept using umoci+skopeo for this, since having our own scripts for fetching images (especially tying it to GitHub blob URLs) makes me a little bit nervous, but if this does fix CI issues then I guess it's a net positive. Hopefully umoci works its way into more distributions so we don't have to do this forever. |
|
@cyphar note we are only using umoci+skopeo for fetching Debian, busybox is (and was always) done by curl. I agree using proper tools (rather than relying on some URLs) is better in theory, but practically that this PR does simplifies things a lot from a perspective of CI maintainer, makes the code smaller, and solves a few dangling issues (like inability to run Once skopeo and umoci are universally available we'll modify the |
|
Yeah, agreed. Sorry the above was intended to be an LGTM. Lemme do that now. |
| _, ex, _, _ := runtime.Caller(0) | ||
| getImages, err := filepath.Abs(filepath.Join(filepath.Dir(ex), "..", "..", "tests", "integration", "get-images.sh")) | ||
| if err != nil { | ||
| panic(err) |
There was a problem hiding this comment.
Shouldn't this cause t.Skip rather than panic ?
There was a problem hiding this comment.
You can't cause t.Skip because it's done in init().
There was a problem hiding this comment.
We can, by defining a global variable
There was a problem hiding this comment.
You would want it to be t.Fatal because the images are needed for tests (and skipping them would hide test failures), and t.Fatal will kill the test anyway. I guess it is slightly nicer to do that than panic, but this really shouldn't happen often enough to be an issue (not to mention you'd need to add t.Fatal to some helper function and I can't see an obvious candidate in utils_test.go -- none of the functions take *testing.T).
TL;DR: this optimizes, simplifies and unifies the process of getting container images
used for tests, resulting in less code, less chances to have broken CI, easier way to
run libcontainer/integration tests, and easier way to support more architectures.
Currently, we have three different ways of getting images:
(for hello-world) the image is in this repo under tests/integration/testdata.
(for busybox) download it from github (the repo that is used for
preparing official Docker image) using curl.
(for debian) download from Docker hub, using skopeo and umoci.
To further complicate things, we have to do this downloading in multiple
scenarios (at least 4): locally, in github CI, from Dockefile, inside a
Vagrant VM. For each scenario, we have to install skopeo and umoci, and
those two are not yet universally available for all the distros that we
use.
Yet another complication is those images are used for tests/integration
(bats-driven tests) as well as for libcontainer/integration (go tests).
The tests in libcontainer/integration rely on busybox being available
from /busybox, and the bats tests just download the images to a
temporary location during every run.
It is also hard to support CI for other architectures, because all
the machinery for preparing images is so complicated.
This commit is an attempt to simplify and optimize getting images,
mostly by getting rid of skopeo and umoci dependencies, but also
by moving the download logic into one small shell script, which
is used from all the places.
Benefits:
(because source directory is mounted into container);
Side benefits:
(except for hello-world but it is trivial to fix);
/busyboxdirectory from my laptop(
cd libcontainer/integration && go testwill download images if needed);Caveats:
While at it:
set -e -u -o pipefail) and shellcheck-valid.This does not really belong here but I don't want to have too many small PRs.
Previous work related to this: