ci: add greenboot ci

virt-s1 · Oct 17, 2023 · 80e0fda · 80e0fda
1 parent 37d84a0
commit 80e0fda
Show file tree

Hide file tree

Showing 8 changed files with 150 additions and 174 deletions.
diff --git a/.github/workflows/greenboot.yaml → .github/workflows/greenboot-rs.yaml b/.github/workflows/greenboot.yaml → .github/workflows/greenboot-rs.yaml
@@ -29,6 +29,7 @@ jobs:
         run: |
           echo "User '${{ github.event.sender.login }}' has permission '${{ fromJson(steps.user_permission.outputs.data).permission }}' allowed values: 'admin', 'write'"
           echo "allowed_user=true" >> $GITHUB_OUTPUT
+          
       - name: Get information for pull request
         uses: octokit/[email protected]
         id: pr-api
@@ -40,6 +41,7 @@ jobs:
     outputs:
       allowed_user: ${{ steps.check_user_perm.outputs.allowed_user }}
       sha: ${{ fromJson(steps.pr-api.outputs.data).head.sha }}
+      base_ref: ${{ fromJson(steps.pr-api.outputs.data).base.ref }}
 
   comment-info:
     needs: pr-info
@@ -91,9 +93,10 @@ jobs:
 
   pre-greenboot-rs-39:
     needs: pr-info
-    if: ${{ needs.pr-info.outputs.allowed_user == 'true' }} &&
+    if: ${{ needs.pr-info.outputs.base_ref == 'greenboot-rs' &&
+            needs.pr-info.outputs.allowed_user == 'true' &&
             (startsWith(github.event.comment.body, '/greenboot-rs-test-all') ||
-            startsWith(github.event.comment.body, '/greenboot-rs-test-39'))}}
+            startsWith(github.event.comment.body, '/greenboot-rs-test-39')) }}
     runs-on: ubuntu-latest
     env:
       STATUS_NAME: greenboot-rs-39
@@ -112,9 +115,10 @@ jobs:
 
   greenboot-rs-39:
     needs: [pr-info, comment-info, pre-greenboot-rs-39]
-    if: ${{ needs.pr-info.outputs.allowed_user == 'true' }} &&
+    if: ${{ needs.pr-info.outputs.base_ref == 'greenboot-rs' &&
+            needs.pr-info.outputs.allowed_user == 'true' &&
             (startsWith(github.event.comment.body, '/greenboot-rs-test-all') ||
-            startsWith(github.event.comment.body, '/greenboot-rs-test-39'))}}
+            startsWith(github.event.comment.body, '/greenboot-rs-test-39')) }}
     runs-on: [kite, x86_64, gcp, fedora-39, large]
     env:
       STATUS_NAME: greenboot-rs-39
@@ -139,21 +143,14 @@ jobs:
           ref: ${{ needs.pr-info.outputs.sha }}
           fetch-depth: 0
 
-      - name: Checkout greenboot-rs code
-        uses: actions/checkout@v3
-        with:
-          repository: say-paul/greenboot
-          ref: greenboot-rs-continued
-          path: greenboot
-
       - name: Build greenboot PRM pakcages
         run: make rpm
         working-directory: greenboot
 
       - name: Prepare greenboot
         run: |
           sudo mkdir -p /var/www/html/source
-          sudo cp ./greenboot/rpmbuild/RPMS/x86_64/* /var/www/html/source/ 2>/dev/null || :
+          sudo cp ./rpmbuild/RPMS/x86_64/* /var/www/html/source/ 2>/dev/null || :
           sudo createrepo_c /var/www/html/source
           sudo restorecon -Rv /var/www/html/source
           sudo ls -al /var/www/html/source
@@ -217,7 +214,7 @@ jobs:
 
       - name: Run greenboot-rs.sh test
         run: ./greenboot-rs.sh
-        working-directory: greenboot-test
+        working-directory: tests
         timeout-minutes: 100
 
       - name: Set result status

diff --git a/greenboot-test/setup.sh b/greenboot-test/setup.sh
diff --git a/greenboot-test/ansible.cfg → tests/ansible.cfg b/greenboot-test/ansible.cfg → tests/ansible.cfg
diff --git a/greenboot-test/check-ostree.yaml → tests/check-ostree.yaml b/greenboot-test/check-ostree.yaml → tests/check-ostree.yaml
diff --git a/greenboot-test/files/fedora-39.json → tests/files/fedora-39.json b/greenboot-test/files/fedora-39.json → tests/files/fedora-39.json
diff --git a/greenboot-test/greenboot-rs.sh → tests/greenboot-rs.sh b/greenboot-test/greenboot-rs.sh → tests/greenboot-rs.sh
@@ -1,12 +1,149 @@
 #!/bin/bash
 set -exuo pipefail
 
-# Provision the software under test.
-./setup.sh
-
 # Get OS data.
 source /etc/os-release
+
+# Dumps details about the instance running the CI job.
+CPUS=$(nproc)
+MEM=$(free -m | grep -oP '\d+' | head -n 1)
+DISK=$(df --output=size -h / | sed '1d;s/[^0-9]//g')
+HOSTNAME=$(uname -n)
+USER=$(whoami)
 ARCH=$(uname -m)
+KERNEL=$(uname -r)
+
+echo -e "\033[0;36m"
+cat << EOF
+------------------------------------------------------------------------------
+CI MACHINE SPECS
+------------------------------------------------------------------------------
+     Hostname: ${HOSTNAME}
+         User: ${USER}
+         CPUs: ${CPUS}
+          RAM: ${MEM} MB
+         DISK: ${DISK} GB
+         ARCH: ${ARCH}
+       KERNEL: ${KERNEL}
+------------------------------------------------------------------------------
+EOF
+echo "CPU info"
+lscpu
+echo -e "\033[0m"
+
+# Colorful output.
+function greenprint {
+    echo -e "\033[1;32m${1}\033[0m"
+}
+
+# set locale to en_US.UTF-8
+sudo dnf install -y glibc-langpack-en
+sudo localectl set-locale LANG=en_US.UTF-8
+
+# Install required packages
+greenprint "Install required packages"
+sudo dnf install -y --nogpgcheck httpd composer-cli podman skopeo wget firewalld lorax xorriso curl jq expect qemu-img qemu-kvm libvirt-client libvirt-daemon-kvm libvirt-daemon virt-install rpmdevtools ansible-core
+
+# Avoid collection installation filed sometime
+for _ in $(seq 0 30); do
+    ansible-galaxy collection install community.general community.libvirt
+    install_result=$?
+    if [[ $install_result == 0 ]]; then
+        break
+    fi
+    sleep 10
+done
+
+# Customize repository
+sudo mkdir -p /etc/osbuild-composer/repositories
+
+# Set os-variant and boot location used by virt-install.
+case "${ID}-${VERSION_ID}" in
+    "fedora-"*)
+        IMAGE_TYPE=fedora-iot-commit
+        OSTREE_REF="fedora/${VERSION_ID}/${ARCH}/iot"
+        OS_VARIANT="fedora-unknown"
+        BOOT_LOCATION="https://dl.fedoraproject.org/pub/fedora/linux/development/39/Everything/x86_64/os/"
+        sudo cp files/fedora-39.json /etc/osbuild-composer/repositories/fedora-39.json
+        ;;
+    *)
+        echo "unsupported distro: ${ID}-${VERSION_ID}"
+        exit 1;;
+esac
+
+# Check ostree_key permissions
+KEY_PERMISSION_PRE=$(stat -L -c "%a %G %U" key/ostree_key | grep -oP '\d+' | head -n 1)
+echo -e "${KEY_PERMISSION_PRE}"
+if [[ "${KEY_PERMISSION_PRE}" != "600" ]]; then
+   greenprint "💡 File permissions too open...Changing to 600"
+   chmod 600 ./key/ostree_key
+fi
+
+# Start httpd server as prod ostree repo
+greenprint "Start httpd service"
+sudo systemctl enable --now httpd.service
+
+# Start osbuild-composer.socket
+greenprint "Start osbuild-composer.socket"
+sudo systemctl enable --now osbuild-composer.socket
+
+# Start firewalld
+greenprint "Start firewalld"
+sudo systemctl enable --now firewalld
+
+# Start libvirtd and test it.
+greenprint "🚀 Starting libvirt daemon"
+sudo systemctl start libvirtd
+sudo virsh list --all > /dev/null
+
+# Set a customized dnsmasq configuration for libvirt so we always get the
+# same address on bootup.
+greenprint "💡 Setup libvirt network"
+sudo tee /tmp/integration.xml > /dev/null << EOF
+<network xmlns:dnsmasq='http://libvirt.org/schemas/network/dnsmasq/1.0'>
+  <name>integration</name>
+  <uuid>1c8fe98c-b53a-4ca4-bbdb-deb0f26b3579</uuid>
+  <forward mode='nat'>
+    <nat>
+      <port start='1024' end='65535'/>
+    </nat>
+  </forward>
+  <bridge name='integration' zone='trusted' stp='on' delay='0'/>
+  <mac address='52:54:00:36:46:ef'/>
+  <ip address='192.168.100.1' netmask='255.255.255.0'>
+    <dhcp>
+      <range start='192.168.100.2' end='192.168.100.254'/>
+      <host mac='34:49:22:B0:83:30' name='vm-1' ip='192.168.100.50'/>
+    </dhcp>
+  </ip>
+</network>
+EOF
+if ! sudo virsh net-info integration > /dev/null 2>&1; then
+    sudo virsh net-define /tmp/integration.xml
+fi
+if [[ $(sudo virsh net-info integration | grep 'Active' | awk '{print $2}') == 'no' ]]; then
+    sudo virsh net-start integration
+fi
+
+# Allow anyone in the wheel group to talk to libvirt.
+greenprint "🚪 Allowing users in wheel group to talk to libvirt"
+sudo tee /etc/polkit-1/rules.d/50-libvirt.rules > /dev/null << EOF
+polkit.addRule(function(action, subject) {
+    if (action.id == "org.libvirt.unix.manage" &&
+        subject.isInGroup("adm")) {
+            return polkit.Result.YES;
+    }
+});
+EOF
+
+# Basic weldr API status checking
+sudo composer-cli status show
+
+# Source checking
+sudo composer-cli sources list
+for SOURCE in $(sudo composer-cli sources list); do
+    sudo composer-cli sources info "$SOURCE"
+done
 
 # Set up variables.
 TEST_UUID=$(uuidgen)
@@ -30,24 +167,6 @@ BOOT_ARGS="uefi"
 SSH_OPTIONS=(-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ConnectTimeout=5)
 SSH_KEY=key/ostree_key
 
-# Set os-variant and boot location used by virt-install.
-case "${ID}-${VERSION_ID}" in
-    "fedora-"*)
-        IMAGE_TYPE=fedora-iot-commit
-        OSTREE_REF="fedora/${VERSION_ID}/${ARCH}/iot"
-        OS_VARIANT="fedora-unknown"
-        BOOT_LOCATION="https://dl.fedoraproject.org/pub/fedora/linux/development/39/Everything/x86_64/os/"
-        ;;
-    *)
-        echo "unsupported distro: ${ID}-${VERSION_ID}"
-        exit 1;;
-esac
-
-# Colorful output.
-function greenprint {
-    echo -e "\033[1;32m${1}\033[0m"
-}
-
 # Get the compose log.
 get_compose_log () {
     COMPOSE_ID=$1

diff --git a/greenboot-test/key/ostree_key → tests/key/ostree_key b/greenboot-test/key/ostree_key → tests/key/ostree_key
diff --git a/greenboot-test/key/ostree_key.pub → tests/key/ostree_key.pub b/greenboot-test/key/ostree_key.pub → tests/key/ostree_key.pub