feat: specify an ovn underlay network through MicroOVN #1364

Workflow file for this run

	name: Tests
	on:
	schedule:
	- cron: '0 0 * * 0' # Weekly on Sunday at 00:00 UTC
	push:
	branches:
	- main
	pull_request:

	permissions:
	contents: read

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	defaults:
	run:
	# Make sure bash is always invoked with `-eo pipefail`
	# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsshell
	shell: bash

	jobs:
	code-tests:
	name: Code
	runs-on: ubuntu-22.04
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	# A non-shallow clone is needed for the Differential ShellCheck
	fetch-depth: 0

	- name: Install Go
	uses: actions/setup-go@v5
	with:
	go-version: 1.22.x

	- name: Check compatibility with min Go version
	run: \|
	set -eux
	GOMIN="$(sed -n 's/^GOMIN=$[0-9.]\+$$/\1/p' Makefile)"
	go mod tidy -go="${GOMIN}"

	- name: Dependency Review
	uses: actions/dependency-review-action@v4
	if: github.event_name == 'pull_request'

	- id: ShellCheck
	name: Differential ShellCheck
	uses: redhat-plumbers-in-action/differential-shellcheck@v5
	with:
	token: ${{ secrets.GITHUB_TOKEN }}
	strict-check-on-push: true
	if: github.event_name == 'pull_request'

	- name: Upload artifact with ShellCheck defects in SARIF format
	uses: actions/upload-artifact@v4
	with:
	name: Differential ShellCheck SARIF
	path: ${{ steps.ShellCheck.outputs.sarif }}
	if: github.event_name == 'pull_request'

	- name: Install dependencies
	run: \|
	sudo add-apt-repository ppa:dqlite/dev -y --no-update
	sudo apt-get update
	sudo apt-get install --no-install-recommends -y libdqlite-dev pkg-config

	- name: Build
	run: make

	- name: Run static analysis
	run: make check-static

	- name: Unit tests
	run: make check-unit

	system-tests:
	env:
	DEBUG: "1"
	SKIP_VM_LAUNCH: "1"
	SNAPSHOT_RESTORE: "1"
	name: System
	runs-on: GitHubMicrocloud
	strategy:
	fail-fast: false
	matrix:
	go: ["1.22.x"]
	suite:
	- "add"
	- "instances"
	- "basic"
	- "recover"
	- "interactive"
	- "mismatch"
	- "preseed"

	steps:
	- name: Performance tuning
	run: \|
	set -eux
	# optimize ext4 FSes for performance, not reliability
	for fs in $(findmnt --noheading --type ext4 --list --uniq \| awk '{print $1}'); do
	# nombcache and data=writeback cannot be changed on remount
	sudo mount -o remount,noatime,barrier=0,commit=6000 "${fs}" \|\| true
	done

	# disable dpkg from calling sync()
	echo "force-unsafe-io" \| sudo tee /etc/dpkg/dpkg.cfg.d/force-unsafe-io

	- name: Reclaim some space
	run: \|
	set -eux

	sudo snap remove lxd --purge
	# Purge older snap revisions that are disabled/superseded by newer revisions of the same snap
	snap list --all \| while read -r name _ rev _ _ notes _; do
	[[ "${notes}" =~ disabled$ ]] && sudo snap remove "${name}" --revision "${rev}" --purge
	done \|\| true

	# This was inspired from https://github.com/easimon/maximize-build-space
	df -h /
	# dotnet
	sudo rm -rf /usr/share/dotnet
	# android
	sudo rm -rf /usr/local/lib/android
	# haskell
	sudo rm -rf /opt/ghc
	df -h /

	- name: Reclaim some memory
	run: \|
	set -eux

	free -mt
	sudo systemctl stop dpkg-db-backup.timer e2scrub_all.timer fstrim.timer logrotate.timer man-db.timer motd-news.timer phpsessionclean.timer update-notifier-download.timer update-notifier-motd.timer
	sudo systemctl stop iscsid.socket multipathd.socket
	sudo systemctl stop cron.service irqbalance.service mono-xsp4.service multipathd.service networkd-dispatcher.service php8.1-fpm.service
	free -mt

	- name: Remove docker
	run: \|
	set -eux
	sudo apt-get autopurge -y containerd.io moby-containerd docker docker-ce podman uidmap
	sudo ip link delete docker0
	sudo nft flush ruleset

	- name: Checkout
	uses: actions/checkout@v4

	- name: Install Go (${{ matrix.go }})
	uses: actions/setup-go@v5
	with:
	go-version: ${{ matrix.go }}

	- name: Install dependencies
	run: \|
	sudo add-apt-repository ppa:dqlite/dev -y --no-update
	sudo apt-get update
	sudo apt-get install --no-install-recommends -y libdqlite-dev pkg-config

	- name: Build
	run: \|
	set -eux

	make

	# Binaries to sideload
	export MICROCLOUD_DEBUG_PATH=~/go/bin/microcloud
	export MICROCLOUDD_DEBUG_PATH=~/go/bin/microcloudd

	# strip debug binaries
	strip -s "${MICROCLOUD_DEBUG_PATH}" "${MICROCLOUDD_DEBUG_PATH}"

	echo "MICROCLOUD_DEBUG_PATH=${MICROCLOUD_DEBUG_PATH}" >> "${GITHUB_ENV}"
	echo "MICROCLOUDD_DEBUG_PATH=${MICROCLOUDD_DEBUG_PATH}" >> "${GITHUB_ENV}"

	- name: "Free up the ephemeral disk"
	run: \|
	set -eux

	if ! mountpoint --quiet /mnt; then
	echo "INFO: no ephemeral disk mounted on /mnt"
	mount
	exit 0
	fi

	# If the rootfs and the ephemeral part are on the same physical disk, giving the whole
	# disk to microceph would wipe our rootfs. Since it is pretty rare for GitHub Action
	# runners to have a single disk, we immediately bail rather than trying to gracefully
	# handle it. Once snapd releases with https://github.com/snapcore/snapd/pull/13150,
	# we will be able to stop worrying about that special case.
	if [ "$(stat -c '%d' /)" = "$(stat -c '%d' /mnt)" ]; then
	echo "FAIL: rootfs and ephemeral part on the same disk, aborting"
	lsblk
	blkid
	sudo fdisk -l
	exit 1
	fi

	# Free-up the ephemeral disk to use it as storage device for LXD.
	sudo swapoff /mnt/swapfile
	ephemeral_disk="$(findmnt --noheadings --output SOURCE --target /mnt \| sed 's/[0-9]\+$//')"
	sudo umount /mnt
	sudo wipefs -a "${ephemeral_disk}"
	export TEST_STORAGE_SOURCE="${ephemeral_disk}"

	echo "TEST_STORAGE_SOURCE=${TEST_STORAGE_SOURCE}" >> "${GITHUB_ENV}"

	- name: "Setup host LXD"
	run: \|
	set -eux
	sudo snap install lxd --channel latest/edge \|\| sudo snap refresh lxd --channel latest/edge
	sudo lxd init --auto

	- name: Build MicroOVN from commit 803dc03ea847d214941330c74cc0ae0027550dc0
	run: \|
	set -eux

	sudo snap refresh
	sudo snap set lxd daemon.group=adm
	sudo snap install snapcraft --classic
	git clone https://github.com/canonical/microovn
	cd microovn
	git checkout 803dc03ea847d214941330c74cc0ae0027550dc0
	# disable golangci-lint as the latest version is not happy with this commit.
	sed -e "s/golangci-lint run/# &/" -i snap/snapcraft.yaml
	make microovn.snap
	export MICROOVN_SNAP_PATH="$(readlink -f microovn.snap)"
	echo "MICROOVN_SNAP_PATH=${MICROOVN_SNAP_PATH}" >> "${GITHUB_ENV}"
	cd -

	- name: "Prepare for system tests"
	run: \|
	set -eux
	chmod +x ~
	cd test
	sudo --preserve-env=DEBUG,GITHUB_ACTIONS,MICROCLOUD_DEBUG_PATH,MICROCLOUDD_DEBUG_PATH,SKIP_VM_LAUNCH,SNAPSHOT_RESTORE,TEST_STORAGE_SOURCE,TESTBED_READY,MICROOVN_SNAP_PATH ./main.sh setup
	echo "TESTBED_READY=1" >> "${GITHUB_ENV}"

	- name: "Run system tests (${{ matrix.go }}, ${{ matrix.suite }})"
	run: \|
	set -eux
	chmod +x ~
	cd test
	sudo --preserve-env=DEBUG,GITHUB_ACTIONS,MICROCLOUD_DEBUG_PATH,MICROCLOUDD_DEBUG_PATH,SKIP_VM_LAUNCH,SNAPSHOT_RESTORE,TEST_STORAGE_SOURCE,TESTBED_READY ./main.sh ${{ matrix.suite }}

	documentation-checks:
	uses: canonical/documentation-workflows/.github/workflows/documentation-checks.yaml@main
	with:
	working-directory: './doc'
	makefile: 'Makefile'

	snap:
	name: Trigger snap edge build
	runs-on: ubuntu-22.04
	needs: [code-tests, system-tests, documentation-checks]
	if: ${{ github.repository == 'canonical/microcloud' && github.event_name == 'push' && github.actor != 'dependabot[bot]' }}
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Setup Launchpad SSH access
	env:
	SSH_AUTH_SOCK: /tmp/ssh_agent.sock
	LAUNCHPAD_LXD_BOT_KEY: ${{ secrets.LAUNCHPAD_LXD_BOT_KEY }}
	run: \|
	set -eux
	mkdir -m 0700 -p ~/.ssh/
	ssh-agent -a "${SSH_AUTH_SOCK}" > /dev/null
	ssh-add - <<< "${{ secrets.LAUNCHPAD_LXD_BOT_KEY }}"
	ssh-add -L > ~/.ssh/id_ed25519.pub
	# In ephemeral environments like GitHub Action runners, relying on TOFU isn't providing any security
	# so require the key obtained by `ssh-keyscan` to match the expected hash from https://help.launchpad.net/SSHFingerprints
	ssh-keyscan git.launchpad.net >> ~/.ssh/known_hosts
	ssh-keygen -qlF git.launchpad.net \| grep -xF 'git.launchpad.net RSA SHA256:UNOzlP66WpDuEo34Wgs8mewypV0UzqHLsIFoqwe8dYo'

	- name: Install Go (${{ matrix.go }})
	uses: actions/setup-go@v5
	with:
	go-version: 1.22.x

	- name: Trigger Launchpad snap build
	env:
	SSH_AUTH_SOCK: /tmp/ssh_agent.sock
	TARGET: >-
	${{ fromJson('{
	"main": "latest-edge",
	"stable-5.0": "5.0-edge",
	}')[github.ref_name] }}
	run: \|
	set -eux
	git config --global transfer.fsckobjects true
	git config --global user.name "Canonical LXD Bot"
	git config --global user.email "[email protected]"
	git config --global commit.gpgsign true
	git config --global gpg.format "ssh"
	git config --global user.signingkey ~/.ssh/id_ed25519.pub
	localRev="$(git rev-parse HEAD)"
	GOPROXY=direct go install github.com/canonical/lxd-ci/lxd-snapcraft@latest
	git clone -b "${TARGET}" git+ssh://[email protected]/~canonical-lxd/microcloud ~/microcloud-pkg-snap-lp
	cd ~/microcloud-pkg-snap-lp
	lxd-snapcraft -package microcloud -set-version "git-${localRev:0:7}" -set-source-commit "${localRev}"
	git add --all
	git commit --all --quiet -s --allow-empty -m "Automatic upstream build (${TARGET})" -m "Upstream commit: ${localRev}"
	git show
	git push --quiet

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: specify an ovn underlay network through MicroOVN #1364

Workflow file

feat: specify an ovn underlay network through MicroOVN #1364

Jobs

Run details

Workflow file for this run