CRI-O #8
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CRI-O | |
on: | |
push: | |
tags: | |
- "*" | |
branches: | |
- master | |
pull_request: | |
jobs: | |
test: | |
strategy: | |
fail-fast: false | |
matrix: | |
suite: | |
- e2e | |
- critest | |
oci-runtime: | |
- crun | |
- runc | |
monitor: | |
- conmon | |
- conmon-rs | |
name: ${{matrix.suite}} / ${{matrix.oci-runtime}} / ${{matrix.monitor}} | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout cri-tools | |
uses: actions/checkout@v4 | |
- name: Install go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: '1.22' | |
- name: Setup system | |
run: | | |
# enable necessary kernel modules | |
sudo ip6tables --list >/dev/null | |
# enable necessary sysctls | |
sudo sysctl -w net.ipv4.conf.all.route_localnet=1 | |
sudo sysctl -w net.bridge.bridge-nf-call-iptables=1 | |
sudo sysctl -w net.ipv4.ip_forward=1 | |
sudo iptables -t nat -I POSTROUTING -s 127.0.0.0/8 ! -d 127.0.0.0/8 -j MASQUERADE | |
- name: Install ginkgo | |
run: | | |
go install github.com/onsi/ginkgo/v2/ginkgo@latest | |
ginkgo version | |
sudo cp $(command -v ginkgo) /usr/local/bin | |
- name: Install CRI-O | |
run: | | |
curl https://raw.githubusercontent.com/cri-o/packaging/main/get | sudo bash | |
- name: Configure CRI-O | |
run: | | |
sudo mkdir -p /etc/crio/crio.conf.d | |
printf '[crio.runtime]\nlog_level = "debug"\n' | sudo tee /etc/crio/crio.conf.d/01-log-level.conf | |
- name: Configure CRI-O to use conmon-rs intead of the default conmon | |
if: ${{matrix.monitor == 'conmon-rs'}} | |
run: | | |
sudo sed -i -E 's;(monitor_path = ).*;\1"/usr/libexec/crio/conmonrs"\nruntime_type = "pod";g' /etc/crio/crio.conf.d/10-crio.conf | |
- name: Configure CRI-O to use runc instead of the default crun | |
if: ${{matrix.oci-runtime == 'runc'}} | |
run: | | |
sudo sed -i -E 's;(default_runtime = ).*;\1"runc";g' /etc/crio/crio.conf.d/10-crio.conf | |
- name: Show the CRI-O config drop-in | |
run: cat /etc/crio/crio.conf.d/10-crio.conf | |
- name: Start CRI-O | |
run: | | |
sudo systemctl daemon-reload | |
sudo systemctl start crio | |
sudo crio status config | |
- name: Build cri-tools | |
run: | | |
make | |
sudo -E PATH=$PATH make install | |
- name: Run critest | |
if: ${{matrix.suite == 'critest'}} | |
shell: bash | |
run: | | |
set -euox pipefail | |
ARGS=() | |
# TODO: check why these tests fail on that combination | |
if [[ "${{matrix.oci-runtime}}" == "crun" ]]; then | |
SKIP=rshared | |
if [[ "${{matrix.monitor}}" == "conmon-rs" ]]; then | |
SKIP="$SKIP|SupplementalGroups|AppArmor|RunAsUser" | |
fi | |
ARGS=(--ginkgo.skip "$SKIP") | |
fi | |
set +o errexit | |
sudo -E PATH=$PATH critest \ | |
--runtime-endpoint=unix:///var/run/crio/crio.sock \ | |
--parallel=$(nproc) \ | |
--ginkgo.flake-attempts=3 \ | |
--ginkgo.randomize-all \ | |
--ginkgo.timeout=2m \ | |
--ginkgo.trace \ | |
--ginkgo.vv \ | |
"${ARGS[@]}" | |
TEST_RC=$? | |
set -o errexit | |
sudo journalctl --no-pager > journal.log | |
test $TEST_RC -ne 0 && cat journal.log | |
exit $TEST_RC | |
- name: Run crictl e2e tests | |
if: ${{matrix.suite == 'e2e'}} | |
shell: bash | |
run: | | |
set -euox pipefail | |
set +o errexit | |
sudo -E PATH=$PATH make test-e2e \ | |
TESTFLAGS="-crictl-runtime-endpoint=unix://var/run/crio/crio.sock" | |
TEST_RC=$? | |
set -o errexit | |
sudo journalctl --no-pager > journal.log | |
test $TEST_RC -ne 0 && cat journal.log | |
exit $TEST_RC | |
- name: Upload logs | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{matrix.suite}}-${{matrix.oci-runtime}}-${{matrix.monitor}}-${{github.sha}}.log | |
path: journal.log |