From 6d5944bb7e56a5ce921fad6f47b78a9815ef9cb8 Mon Sep 17 00:00:00 2001 From: Martin Pitt Date: Wed, 28 May 2025 14:05:03 +0200 Subject: [PATCH 1/6] ci: Ignore "passt" codespell complaint This *is* the correct name for our test dependency. The most recent codespell version started to complain about it. --- .codespell_ignores | 1 + 1 file changed, 1 insertion(+) diff --git a/.codespell_ignores b/.codespell_ignores index e69de29..c25ef20 100644 --- a/.codespell_ignores +++ b/.codespell_ignores @@ -0,0 +1 @@ +passt From 505f439f7cbf5f5f00653cc02a15a6b35ba7155b Mon Sep 17 00:00:00 2001 From: Martin Pitt Date: Mon, 2 Jun 2025 23:20:18 +0200 Subject: [PATCH 2/6] ci: Bump tox-lsr to 3.10.0 --- .github/workflows/ansible-lint.yml | 2 +- .github/workflows/ansible-managed-var-comment.yml | 2 +- .github/workflows/ansible-test.yml | 2 +- .github/workflows/python-unit-test.yml | 2 +- .github/workflows/qemu-kvm-integration-tests.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ansible-lint.yml b/.github/workflows/ansible-lint.yml index 30e742d..9ada1d0 100644 --- a/.github/workflows/ansible-lint.yml +++ b/.github/workflows/ansible-lint.yml @@ -32,7 +32,7 @@ jobs: - name: Install tox, tox-lsr run: | set -euxo pipefail - pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.9.0" + pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.10.0" - name: Convert role to collection format id: collection diff --git a/.github/workflows/ansible-managed-var-comment.yml b/.github/workflows/ansible-managed-var-comment.yml index 899de6f..f38380c 100644 --- a/.github/workflows/ansible-managed-var-comment.yml +++ b/.github/workflows/ansible-managed-var-comment.yml @@ -30,7 +30,7 @@ jobs: - name: Install tox, tox-lsr run: | set -euxo pipefail - pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.9.0" + pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.10.0" - name: Run ansible-plugin-scan run: | diff --git a/.github/workflows/ansible-test.yml b/.github/workflows/ansible-test.yml index 961538c..977fc72 100644 --- a/.github/workflows/ansible-test.yml +++ b/.github/workflows/ansible-test.yml @@ -33,7 +33,7 @@ jobs: - name: Install tox, tox-lsr run: | set -euxo pipefail - pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.9.0" + pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.10.0" - name: Convert role to collection format run: | diff --git a/.github/workflows/python-unit-test.yml b/.github/workflows/python-unit-test.yml index 4d4315b..48e50a1 100644 --- a/.github/workflows/python-unit-test.yml +++ b/.github/workflows/python-unit-test.yml @@ -65,7 +65,7 @@ jobs: tox=tox virtualenv=virtualenv fi - pip install "$tox" "$virtualenv" "git+https://github.com/linux-system-roles/tox-lsr@3.9.0" + pip install "$tox" "$virtualenv" "git+https://github.com/linux-system-roles/tox-lsr@3.10.0" # If you have additional OS dependency packages e.g. libcairo2-dev # then put them in .github/config/ubuntu-requirements.txt, one # package per line. diff --git a/.github/workflows/qemu-kvm-integration-tests.yml b/.github/workflows/qemu-kvm-integration-tests.yml index 8d021db..8625158 100644 --- a/.github/workflows/qemu-kvm-integration-tests.yml +++ b/.github/workflows/qemu-kvm-integration-tests.yml @@ -105,7 +105,7 @@ jobs: python3 -m pip install --upgrade pip sudo apt update sudo apt install -y --no-install-recommends git ansible-core genisoimage qemu-system-x86 - pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.9.0" + pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.10.0" - name: Configure tox-lsr if: steps.check_platform.outputs.supported From d6b1ece6a751a0b406e3785693f561692e0bfefb Mon Sep 17 00:00:00 2001 From: Martin Pitt Date: Tue, 27 May 2025 08:04:02 +0200 Subject: [PATCH 3/6] ci: Use defined $TOX_ARGS in qemu-kvm-integration-tests --- .github/workflows/qemu-kvm-integration-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/qemu-kvm-integration-tests.yml b/.github/workflows/qemu-kvm-integration-tests.yml index 8625158..a818191 100644 --- a/.github/workflows/qemu-kvm-integration-tests.yml +++ b/.github/workflows/qemu-kvm-integration-tests.yml @@ -117,7 +117,7 @@ jobs: if: steps.check_platform.outputs.supported && startsWith(matrix.scenario.env, 'qemu') run: >- tox -e ${{ matrix.scenario.env }} -- --image-name ${{ matrix.scenario.image }} --make-batch - --log-level debug --skip-tags tests::infiniband,tests::nvme,tests::scsi + --log-level debug $TOX_ARGS --lsr-report-errors-url DEFAULT -- - name: Qemu result summary From 8e008d339b6fc3905e01bb188ef7e3be798e6f5e Mon Sep 17 00:00:00 2001 From: Martin Pitt Date: Tue, 27 May 2025 10:15:49 +0200 Subject: [PATCH 4/6] ci: Update to podman 5.x in qemu-kvm-integration-tests bootc tests Ubuntu 24.04's podman 4.9.3 does not work with the bootc-image-builder container: Bind-mounting the container storage into it makes the container's podman 5 fail with a storage error. Thus install podman 5.4 from Ubuntu 25.04 to regain compatibility. This is rather hackish, but as that is a stable release, it should not break in the future (wrt. library dependencies and such). --- .../workflows/qemu-kvm-integration-tests.yml | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/.github/workflows/qemu-kvm-integration-tests.yml b/.github/workflows/qemu-kvm-integration-tests.yml index a818191..4e71f4d 100644 --- a/.github/workflows/qemu-kvm-integration-tests.yml +++ b/.github/workflows/qemu-kvm-integration-tests.yml @@ -107,6 +107,28 @@ jobs: sudo apt install -y --no-install-recommends git ansible-core genisoimage qemu-system-x86 pip3 install "git+https://github.com/linux-system-roles/tox-lsr@3.10.0" + # HACK: Drop this when moving this workflow to 26.04 LTS + - name: Update podman to 5.x for compatibility with bootc-image-builder's podman 5 + if: steps.check_platform.outputs.supported && endsWith(matrix.scenario.image, '-bootc') + run: | + sed 's/noble/plucky/g' /etc/apt/sources.list.d/ubuntu.sources | sudo tee /etc/apt/sources.list.d/plucky.sources >/dev/null + cat </dev/null + Package: podman buildah golang-github-containers-common crun libgpgme11t64 libgpg-error0 golang-github-containers-image catatonit conmon containers-storage + Pin: release n=plucky + Pin-Priority: 991 + + Package: libsubid4 netavark passt aardvark-dns containernetworking-plugins libslirp0 slirp4netns + Pin: release n=plucky + Pin-Priority: 991 + + Package: * + Pin: release n=plucky + Pin-Priority: 400 + EOF + + sudo apt update + sudo apt install -y podman crun conmon containers-storage + - name: Configure tox-lsr if: steps.check_platform.outputs.supported run: >- From 28579c02aeaddc49e7d49db15f7e1b7a41ea4eb3 Mon Sep 17 00:00:00 2001 From: Martin Pitt Date: Wed, 28 May 2025 11:45:54 +0200 Subject: [PATCH 5/6] ci: Add support for bootc end-to-end validation tests These tests run the role during a bootc container image build, deploy the container into a QEMU VM, boot that, and validate the expected configuration there. They run in two different tox environments, and thus have to be run in two steps (preparation in buildah, validation in QEMU). The preparation is expected to output a qcow2 image in `tests/tmp/TESTNAME/qcow2/disk.qcow2`, i.e. the output structure of . There are two possibilities: * Have separate bootc end-to-end tests. These are tagged with `tests::bootc-e2` and are skipped in the normal qemu-* scenarios. They run as part of the container-* ones. * Modify an existing test: These need to build a qcow2 image exactly *once* (via calling `bootc-buildah-qcow.sh`) and skip setup/cleanup and role invocations in validation mode, i.e. when `__bootc_validation` is true. In the container scenario, run the QEMU validation as a separate step in the workflow. See https://issues.redhat.com/browse/RHEL-88396 --- .../workflows/qemu-kvm-integration-tests.yml | 24 ++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/.github/workflows/qemu-kvm-integration-tests.yml b/.github/workflows/qemu-kvm-integration-tests.yml index 4e71f4d..4554a6c 100644 --- a/.github/workflows/qemu-kvm-integration-tests.yml +++ b/.github/workflows/qemu-kvm-integration-tests.yml @@ -139,7 +139,7 @@ jobs: if: steps.check_platform.outputs.supported && startsWith(matrix.scenario.env, 'qemu') run: >- tox -e ${{ matrix.scenario.env }} -- --image-name ${{ matrix.scenario.image }} --make-batch - --log-level debug $TOX_ARGS + --log-level debug $TOX_ARGS --skip-tags tests::bootc-e2e --lsr-report-errors-url DEFAULT -- - name: Qemu result summary @@ -186,6 +186,28 @@ jobs: done exit $rc + - name: Run bootc validation tests in QEMU + if: steps.check_platform.outputs.supported && + startsWith(matrix.scenario.env, 'container') && + endsWith(matrix.scenario.image, '-bootc') + run: | + set -euxo pipefail + env=$(echo "${{ matrix.scenario.env }}" | sed 's/^container-/qemu-/') + + for image_file in $(ls tests/tmp/*/qcow2/disk.qcow2 2>/dev/null); do + test="tests/$(basename $(dirname $(dirname $image_file))).yml" + if tox -e "$env" -- --image-file "$(pwd)/$image_file" \ + --log-level debug $TOX_ARGS \ + --lsr-report-errors-url DEFAULT \ + -e __bootc_validation=true \ + -- "$test" >out 2>&1; then + mv out "${test}-PASS.log" + else + mv out "${test}-FAIL.log" + exit 1 + fi + done + - name: Upload test logs on failure if: failure() uses: actions/upload-artifact@v4 From 42df7f14e54813e4d6d97bbc9d388f59cc25e09d Mon Sep 17 00:00:00 2001 From: Martin Pitt Date: Wed, 28 May 2025 11:50:34 +0200 Subject: [PATCH 6/6] tests: Add bootc end-to-end validation test --- tests/tests_bootc_e2e.yml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 tests/tests_bootc_e2e.yml diff --git a/tests/tests_bootc_e2e.yml b/tests/tests_bootc_e2e.yml new file mode 100644 index 0000000..d13175b --- /dev/null +++ b/tests/tests_bootc_e2e.yml @@ -0,0 +1,30 @@ +# SPDX-License-Identifier: MIT +--- +- name: Bootc end-to-end test + hosts: all + tags: + - tests::bootc-e2e + gather_facts: false # test that role works in this case + tasks: + - name: Bootc image build preparation + when: ansible_connection == "buildah" + block: + - name: Run the role + include_role: + name: linux-system-roles.sudo + vars: + sudo_check_if_configured: false + + - name: Create QEMU deployment + delegate_to: localhost + command: "{{ lsr_scriptdir }}/bootc-buildah-qcow.sh {{ ansible_host }}" + changed_when: true + + - name: Validation of deployed image + when: ansible_connection != "buildah" + block: + - name: Check header for ansible_managed, fingerprint + include_tasks: tasks/check_present_header.yml + vars: + __file: /etc/sudoers + __fingerprint: system_role:sudo