(Callable) libvirt e2e tests #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # (C) Copyright Confidential Containers Contributors 2023. | |
| # SPDX-License-Identifier: Apache-2.0 | |
| # | |
| # Run libvirt e2e tests. | |
| name: (Callable) libvirt e2e tests | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| podvm_image: | |
| required: true | |
| type: string | |
| default: 'ghcr.io/confidential-containers/podvm-generic-ubuntu-amd64:latest' | |
| caa_image: | |
| required: true | |
| type: string | |
| default: 'ghcr.io/confidential-containers/cloud-api-adaptor:latest-dev' | |
| install_directory_artifact: | |
| description: The archive name of the install directory | |
| default: '' | |
| required: false | |
| type: string | |
| git_ref: | |
| default: 'main' | |
| description: Git ref to checkout the cloud-api-adaptor repository. Defaults to main. | |
| required: false | |
| type: string | |
| env: | |
| CLOUD_PROVIDER: libvirt | |
| DEBIAN_FRONTEND: noninteractive | |
| defaults: | |
| run: | |
| working-directory: src/cloud-api-adaptor | |
| jobs: | |
| test: | |
| runs-on: az-ubuntu-2204 | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ inputs.git_ref }} | |
| - name: Rebase the code | |
| if: github.event_name == 'pull_request_target' | |
| working-directory: ./ | |
| run: | | |
| ./hack/ci-helper.sh rebase-atop-of-the-latest-target-branch | |
| - name: Read properties from versions.yaml | |
| run: | | |
| sudo snap install yq | |
| echo "KBS_REPO=$(yq -e '.git.kbs.url' versions.yaml)" >> "$GITHUB_ENV" | |
| echo "KBS_VERSION=$(yq -e '.git.kbs.reference' versions.yaml)" >> "$GITHUB_ENV" | |
| echo "RUST_VERSION=$(yq -e '.tools.rust' versions.yaml)" >> "$GITHUB_ENV" | |
| go_version="$(yq '.tools.golang' versions.yaml)" | |
| [ -n "$go_version" ] | |
| echo "GO_VERSION=${go_version}" >> "$GITHUB_ENV" | |
| - name: Setup Golang version ${{ env.GO_VERSION }} | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GO_VERSION }} | |
| - name: Setup docker | |
| run: | | |
| sudo apt-get install -y docker.io | |
| sudo usermod -aG docker "$USER" | |
| # - name: Extract qcow2 from ${{ inputs.podvm_image }} | |
| # run: | | |
| # qcow2=$(echo ${{ inputs.podvm_image }} | sed -e "s#.*/\(.*\):.*#\1.qcow2#") | |
| # ./hack/download-image.sh ${{ inputs.podvm_image }} . -o ${qcow2} | |
| # echo "PODVM_QCOW2=$(pwd)/${qcow2}" >> "$GITHUB_ENV" | |
| # working-directory: src/cloud-api-adaptor/podvm | |
| # - name: Get the install directory | |
| # if: ${{ inputs.install_directory_artifact != '' }} | |
| # uses: actions/download-artifact@v4 | |
| # with: | |
| # name: ${{ inputs.install_directory_artifact }} | |
| # path: src/cloud-api-adaptor/install | |
| - name: Config Libvirt | |
| run: | | |
| ./libvirt/config_libvirt.sh | |
| echo "CAA_IMAGE=\"${{ inputs.caa_image }}\"" >> libvirt.properties | |
| # For debugging | |
| cat libvirt.properties | |
| - name: Install rust toolchain | |
| uses: actions-rs/toolchain@v1 | |
| with: | |
| toolchain: ${{ env.RUST_VERSION }} | |
| override: true | |
| profile: minimal | |
| - name: Install gh cli | |
| run: | | |
| sudo apt install -y gh | |
| - name: Install kustomize | |
| run: | | |
| command -v kustomize >/dev/null || \ | |
| sudo curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | \ | |
| bash -s /usr/local/bin | |
| sudo chmod a+x /usr/local/bin/kustomize | |
| - name: Checkout KBS Repository | |
| run: | | |
| test/utils/checkout_kbs.sh | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # - name: run tests | |
| # id: runTests | |
| # env: | |
| # AUTHENTICATED_REGISTRY_IMAGE: ${{ vars.AUTHENTICATED_REGISTRY_IMAGE }} | |
| # REGISTRY_CREDENTIAL_ENCODED: ${{ secrets.REGISTRY_CREDENTIAL_ENCODED }} | |
| # run: | | |
| # export CLOUD_PROVIDER=libvirt | |
| # export DEPLOY_KBS=true | |
| # export TEST_PROVISION="yes" | |
| # export TEST_TEARDOWN="no" | |
| # export TEST_PROVISION_FILE="$PWD/libvirt.properties" | |
| # export TEST_PODVM_IMAGE="${{ env.PODVM_QCOW2 }}" | |
| # export TEST_E2E_TIMEOUT="75m" | |
| # make test-e2e | |
| - name: Debug tests failure | |
| if: failure() && steps.runTests.outcome == 'failure' | |
| run: | | |
| export KUBECONFIG="${HOME}/.kcli/clusters/peer-pods/auth/kubeconfig" | |
| echo "::group::CoCo and Peer Pods installation" | |
| kubectl get pods -n confidential-containers-system | |
| echo "::endgroup::" | |
| echo "::group::cloud-api-adaptor logs" | |
| kubectl logs -l app=cloud-api-adaptor -n confidential-containers-system | |
| echo "::endgroup::" | |
| for ns in $(kubectl get ns -o name 2>/dev/null | sed 's#namespace/##' | grep "^coco-pp-"); do | |
| for pod in $(kubectl get pods -o name -n "$ns" 2>/dev/null); do | |
| echo "::group::Describe $pod (namespace/$ns)" | |
| kubectl describe "$pod" -n "$ns" | |
| echo "::endgroup::" | |
| done | |
| done | |
| for worker in $(kubectl get node -o name -l node.kubernetes.io/worker 2>/dev/null); do | |
| echo "::group::journalctl -t kata ($worker)" | |
| kubectl debug --image quay.io/prometheus/busybox -q -i \ | |
| "$worker" -- chroot /host journalctl -x -t kata --no-pager | |
| echo "::endgroup::" | |
| done | |
| echo "::group::Libvirt domains" | |
| sudo virsh list | |
| echo "::endgroup::" | |
| for podvm in $(sudo virsh list --name | grep "podvm-"); do | |
| echo "::group::podvm $podvm" | |
| sudo virsh dominfo "$podvm" | |
| sudo virsh domifaddr "$podvm" | |
| echo "::endgroup::" | |
| done | |
| echo "::group::podvm base volume" | |
| sudo virsh vol-info --pool default podvm-base.qcow2 | |
| ls -lh /var/lib/libvirt/images/podvm-base.qcow2 | |
| echo "::endgroup::" | |
| echo "::group::Check podvm base volume integrity" | |
| sudo qemu-img check /var/lib/libvirt/images/podvm-base.qcow2 | |
| echo "::endgroup::" | |
| # Avoid running with `set -e` as command fails should be allowed | |
| shell: bash {0} |