From 6a03bca75d8fd1455824cf9f396491467de54360 Mon Sep 17 00:00:00 2001 From: Maya Rashish Date: Sun, 10 Jul 2022 12:36:01 +0300 Subject: [PATCH 1/8] Remvoe unused variables. Not used anywhere. Signed-off-by: Maya Rashish --- hack/config.sh | 4 ---- hack/velero/deploy-velero.sh | 1 - hack/velero/undeploy-velero.sh | 1 - 3 files changed, 6 deletions(-) diff --git a/hack/config.sh b/hack/config.sh index fa0777fc2..019a2d82d 100755 --- a/hack/config.sh +++ b/hack/config.sh @@ -27,10 +27,6 @@ TESTS_OUT_DIR=${OUT_DIR}/tests BUILD_DIR=${PLUGIN_DIR}/hack/build CACHE_DIR=${OUT_DIR}/gocache -DOCKER_HOST_SOCK=${DOCKER_HOST_SOCK:-/run/docker.sock} -DOCKER_GUEST_SOCK=${DOCKER_GUEST_SOCK:-/run/docker.sock} -DOCKER_CMD=${DOCKER_CMD:-docker -H unix://${DOCKER_HOST_SOCK}} - if [[ $(which go 2>/dev/null) ]]; then GOOS=$(go env GOOS) GOARCH=$(go env GOARCH) diff --git a/hack/velero/deploy-velero.sh b/hack/velero/deploy-velero.sh index ac7a4cbbb..7b73e4a86 100755 --- a/hack/velero/deploy-velero.sh +++ b/hack/velero/deploy-velero.sh @@ -24,7 +24,6 @@ if [ -z "$KUBEVIRTCI_PATH" ]; then fi script_dir="$(cd "$(dirname "$0")" && pwd -P)" -DOCKER_GUEST_SOCK=/var/run/docker.sock velero_dir=${script_dir}/../velero source "${script_dir}"/../config.sh diff --git a/hack/velero/undeploy-velero.sh b/hack/velero/undeploy-velero.sh index eff5b84af..f6876b765 100755 --- a/hack/velero/undeploy-velero.sh +++ b/hack/velero/undeploy-velero.sh @@ -24,7 +24,6 @@ if [ -z "$KUBEVIRTCI_PATH" ]; then fi -DOCKER_GUEST_SOCK=/var/run/docker.sock velero_dir=./hack/velero source ./hack/config.sh From 6136ba1173581ccf9dd0e6872a9884eeb8a5c11f Mon Sep 17 00:00:00 2001 From: Maya Rashish Date: Sun, 10 Jul 2022 12:39:37 +0300 Subject: [PATCH 2/8] Don't pre-pull fedora test image We don't use it for testing. One less use of docker. Signed-off-by: Maya Rashish --- hack/cluster-deploy-prerequisites.sh | 5 ----- 1 file changed, 5 deletions(-) diff --git a/hack/cluster-deploy-prerequisites.sh b/hack/cluster-deploy-prerequisites.sh index aa16298d0..48523f27a 100755 --- a/hack/cluster-deploy-prerequisites.sh +++ b/hack/cluster-deploy-prerequisites.sh @@ -30,11 +30,6 @@ _kubectl apply -f https://github.com/kubevirt/kubevirt/releases/download/${KUBEV _kubectl apply -f https://github.com/kubevirt/containerized-data-importer/releases/download/${CDI_VERSION}/cdi-operator.yaml _kubectl apply -f https://github.com/kubevirt/containerized-data-importer/releases/download/${CDI_VERSION}/cdi-cr.yaml - -# pre fetch fedora test image -${_ssh} node01 "sudo docker pull quay.io/kubevirt/fedora-with-test-tooling-container-disk" - - _kubectl wait -n kubevirt deployment/virt-operator --for=condition=Available --timeout=${KUBEVIRT_DEPLOYMENT_TIMEOUT}s # Ensure the KubeVirt CR is created From 99bf5649b088e84146ab834228831d19307fac47 Mon Sep 17 00:00:00 2001 From: Maya Rashish Date: Sun, 10 Jul 2022 12:57:39 +0300 Subject: [PATCH 3/8] Remove outdated reference to DOCKER=0 as a way to build on the host Signed-off-by: Maya Rashish --- hack/README.md | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/hack/README.md b/hack/README.md index c7cde1531..d002fbd5a 100644 --- a/hack/README.md +++ b/hack/README.md @@ -14,10 +14,7 @@ GnuMake is used to drive a set of scripts that handle linting, testing, compilin NOTE: Standard builds require a running Docker daemon! -The standard workflow is performed inside a helper container to normalize the build and test environment for all devs. Building in the host environment is supported by the Makefile, but is not recommended. - - Docker builds may be disabled by setting DOCKER=0; e.g. - $ make all DOCKER=0 +The standard workflow is performed inside a helper container to normalize the build and test environment for all devs. `$ make all` executes the full workflow. For granular control of the workflow, several Make targets are defined: From 1205a5202dfd15d64bfad24020a70463aa50f50d Mon Sep 17 00:00:00 2001 From: Maya Rashish Date: Tue, 12 Jul 2022 14:29:34 +0300 Subject: [PATCH 4/8] Stop passing unused flag CLUSTER_PREFIX Signed-off-by: Maya Rashish --- hack/run-ci.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hack/run-ci.sh b/hack/run-ci.sh index d4ad0cdcb..05a166b6d 100755 --- a/hack/run-ci.sh +++ b/hack/run-ci.sh @@ -18,7 +18,7 @@ set -e readonly ARTIFACTS_PATH="${ARTIFACTS}" # Setup a cluster -make cluster-up cluster-push-image cluster-sync CLUSTER_PREFIX='-p pull-kvp-functional-test' +make cluster-up cluster-push-image cluster-sync # Run the tests -make test-functional CLUSTER_PREFIX='-p pull-kvp-functional-test' TEST_ARGS="--test-args=--junit-output=${ARTIFACTS_PATH}/junit.functest.xml" +make test-functional TEST_ARGS="--test-args=--junit-output=${ARTIFACTS_PATH}/junit.functest.xml" From 6f31fb715296f5f171e7e23fc722a006f223450c Mon Sep 17 00:00:00 2001 From: Maya Rashish Date: Tue, 12 Jul 2022 14:30:30 +0300 Subject: [PATCH 5/8] Switch from docker to podman Note that the kubevirtci docker is already podman, so there's no change in the ssh.sh node01 code. It's just helpful to know that we make no references to docker. We don't relabel the directory to avoid permission errors on rootless podman. We don't validate tls when pushing to local repository, as it doesn't have a valid certificate. Signed-off-by: Maya Rashish --- Makefile | 11 ++++++----- hack/build/cluster-push-image.sh | 8 +++----- 2 files changed, 9 insertions(+), 10 deletions(-) diff --git a/Makefile b/Makefile index f6a90c2ef..4a1df37e6 100644 --- a/Makefile +++ b/Makefile @@ -107,17 +107,18 @@ TTY := $(shell tty -s && echo "-t") shell: build-dirs @echo "running docker: $@" - @docker run \ + @podman run \ -e GOFLAGS \ -i $(TTY) \ --rm \ -u $$(id -u):$$(id -g) \ + --userns=keep-id \ -v "$$(pwd)/_output/bin:/output:delegated" \ -v $$(pwd)/.go/pkg:/go/pkg \ -v $$(pwd)/.go/src:/go/src \ -v $$(pwd)/.go/std:/go/std \ -v $$(pwd)/.go/bin:/go/bin \ - -v $$(pwd):/go/src/kubevirt-velero-plugin:z \ + -v $$(pwd):/go/src/kubevirt-velero-plugin \ -v $$(pwd)/.go/std/$(GOOS)_$(GOARCH):/usr/local/go/pkg/$(GOOS)_$(GOARCH)_static \ -v "$$(pwd)/.go/go-build:/.cache/go-build:delegated" \ -e CGO_ENABLED=0 \ @@ -135,11 +136,11 @@ container-name: build-image: build-all @echo -e "${GREEN}Building plugin image${WHITE}" cp Dockerfile _output/bin/$(GOOS)/$(GOARCH)/Dockerfile - docker build -t ${DOCKER_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} -f _output/bin/$(GOOS)/$(GOARCH)/Dockerfile _output/bin/$(GOOS)/$(GOARCH) + podman build -t ${DOCKER_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} -f _output/bin/$(GOOS)/$(GOARCH)/Dockerfile _output/bin/$(GOOS)/$(GOARCH) push: build-image @echo -e "${GREEN}Pushing plugin image to local registry${WHITE}" - @docker push ${DOCKER_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} + @podman push ${DOCKER_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} gomod-update: modules vendor @@ -150,7 +151,7 @@ clean-dirs: clean: clean-dirs @echo "cleaning" - docker rmi $(BUILD_IMAGE) + podman rmi $(BUILD_IMAGE) test: build-dirs @echo -e "${GREEN}Testing${WHITE}" diff --git a/hack/build/cluster-push-image.sh b/hack/build/cluster-push-image.sh index fef7ca57d..6a4266adf 100755 --- a/hack/build/cluster-push-image.sh +++ b/hack/build/cluster-push-image.sh @@ -24,10 +24,8 @@ source ${KUBEVIRTCI_PATH}cluster/$KUBEVIRT_PROVIDER/provider.sh LOCAL_CLUSTER_REGISTRY_PREFIX=localhost:${PORT}/kubevirt -docker tag ${DOCKER_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} ${LOCAL_CLUSTER_REGISTRY_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} -docker push ${LOCAL_CLUSTER_REGISTRY_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} +podman tag ${DOCKER_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} ${LOCAL_CLUSTER_REGISTRY_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} +podman push --tls-verify=false ${LOCAL_CLUSTER_REGISTRY_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} # fetch latest version so it is available when container starts -${_ssh} node01 "sudo docker pull ${KUBEVIRTCI_REGISTRY_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG}" - - +${_ssh} node01 "sudo podman pull ${KUBEVIRTCI_REGISTRY_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG}" From c6e06410e7a898a42bb676f4a5de32f8cf8d63af Mon Sep 17 00:00:00 2001 From: Maya Rashish Date: Wed, 20 Jul 2022 18:16:56 +0300 Subject: [PATCH 6/8] Keep supporting docker and not just podman Having podman on the CI has proven risky - it is breaking random other CI lanes. We will transition gradually by supporting both on all our repos & then moving CI images one by one. Signed-off-by: Maya Rashish --- Makefile | 15 ++++++++++----- hack/build/cluster-push-image.sh | 4 ++-- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/Makefile b/Makefile index 4a1df37e6..818f38c07 100644 --- a/Makefile +++ b/Makefile @@ -68,6 +68,10 @@ KUBEVIRTCI_REGISTRY_PREFIX=registry:5000/kubevirt PORT=$(shell ./cluster-up/cli.sh ports registry) BUILD_IMAGE ?= quay.io/konveyor/builder +OCI_BIN ?= $(shell if podman ps >/dev/null 2>&1; then echo podman; elif docker ps >/dev/null 2>&1; then echo docker; fi) +TLS_SETTING := $(if $(filter $(OCI_BIN),podman),--tls-verify=false,) +export OCI_BIN +export TLS_SETTING all: build-image @@ -104,15 +108,16 @@ _output/bin/$(GOOS)/$(GOARCH)/$(BIN): build-dirs ${SRC_FILES} ./hack/build/build.sh'" TTY := $(shell tty -s && echo "-t") +PODMAN_SPECIFIC_FLAG := $(if $(filter $(OCI_BIN),podman),--userns=keep-id,) shell: build-dirs @echo "running docker: $@" - @podman run \ + @${OCI_BIN} run \ -e GOFLAGS \ -i $(TTY) \ --rm \ -u $$(id -u):$$(id -g) \ - --userns=keep-id \ + $(PODMAN_SPECIFIC_FLAG) \ -v "$$(pwd)/_output/bin:/output:delegated" \ -v $$(pwd)/.go/pkg:/go/pkg \ -v $$(pwd)/.go/src:/go/src \ @@ -136,11 +141,11 @@ container-name: build-image: build-all @echo -e "${GREEN}Building plugin image${WHITE}" cp Dockerfile _output/bin/$(GOOS)/$(GOARCH)/Dockerfile - podman build -t ${DOCKER_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} -f _output/bin/$(GOOS)/$(GOARCH)/Dockerfile _output/bin/$(GOOS)/$(GOARCH) + ${OCI_BIN} build -t ${DOCKER_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} -f _output/bin/$(GOOS)/$(GOARCH)/Dockerfile _output/bin/$(GOOS)/$(GOARCH) push: build-image @echo -e "${GREEN}Pushing plugin image to local registry${WHITE}" - @podman push ${DOCKER_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} + @${OCI_BIN} push ${DOCKER_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} gomod-update: modules vendor @@ -151,7 +156,7 @@ clean-dirs: clean: clean-dirs @echo "cleaning" - podman rmi $(BUILD_IMAGE) + ${OCI_BIN} rmi $(BUILD_IMAGE) test: build-dirs @echo -e "${GREEN}Testing${WHITE}" diff --git a/hack/build/cluster-push-image.sh b/hack/build/cluster-push-image.sh index 6a4266adf..97bfd4bb4 100755 --- a/hack/build/cluster-push-image.sh +++ b/hack/build/cluster-push-image.sh @@ -24,8 +24,8 @@ source ${KUBEVIRTCI_PATH}cluster/$KUBEVIRT_PROVIDER/provider.sh LOCAL_CLUSTER_REGISTRY_PREFIX=localhost:${PORT}/kubevirt -podman tag ${DOCKER_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} ${LOCAL_CLUSTER_REGISTRY_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} -podman push --tls-verify=false ${LOCAL_CLUSTER_REGISTRY_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} +${OCI_BIN} tag ${DOCKER_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} ${LOCAL_CLUSTER_REGISTRY_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} +${OCI_BIN} push ${TLS_SETTING} ${LOCAL_CLUSTER_REGISTRY_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG} # fetch latest version so it is available when container starts ${_ssh} node01 "sudo podman pull ${KUBEVIRTCI_REGISTRY_PREFIX}/${IMAGE_NAME}:${DOCKER_TAG}" From d8044e8356ad88694a85cb6460dd8d81ecc153a5 Mon Sep 17 00:00:00 2001 From: Maya Rashish Date: Wed, 20 Jul 2022 20:55:04 +0300 Subject: [PATCH 7/8] Don't change modules when building functional tests Unclear why we do this, and it breaks the build. It might be a problem introduced by using a newer image and Go version. Signed-off-by: Maya Rashish --- hack/build/build-functest.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/hack/build/build-functest.sh b/hack/build/build-functest.sh index ad662e113..10be63582 100755 --- a/hack/build/build-functest.sh +++ b/hack/build/build-functest.sh @@ -27,7 +27,6 @@ else fi (cd $test_path; go install github.com/onsi/ginkgo/ginkgo@latest) (cd $test_path; GOFLAGS= go get github.com/onsi/gomega) -(cd $test_path; go mod tidy; go mod vendor) test_out_path=${test_path}/_out mkdir -p ${test_out_path} (cd $test_path; $ginkgo_path build .) From 0e4017dec6391e4ec46bf6decfa6e513b8e5d01e Mon Sep 17 00:00:00 2001 From: Maya Rashish Date: Tue, 26 Jul 2022 13:55:36 +0300 Subject: [PATCH 8/8] Override KUBEVIRT_MEMORY_SIZE that is set by cluster-up This previously didn't work because hack/cluster-up/common.sh is run first. Change the order so we successfully override the size. Signed-off-by: Maya Rashish --- hack/config.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hack/config.sh b/hack/config.sh index 019a2d82d..aae044f24 100755 --- a/hack/config.sh +++ b/hack/config.sh @@ -13,6 +13,8 @@ #See the License for the specific language governing permissions and #limitations under the License. +KUBEVIRT_MEMORY_SIZE=${KUBEVIRT_MEMORY_SIZE:-9216M} + if [ -f cluster-up/hack/common.sh ]; then source cluster-up/hack/common.sh fi @@ -50,6 +52,4 @@ CDI_VERSION=${CDI_VERSION:-v1.48.0} KUBEVIRT_PROVIDER=${KUBEVIRT_PROVIDER:-k8s-1.23} KUBEVIRT_DEPLOYMENT_TIMEOUT=${KUBEVIRT_DEPLOYMENT_TIMEOUT:-480} -KUBEVIRT_MEMORY_SIZE=${KUBEVIRT_MEMORY_SIZE:-9216M} - -source cluster-up/hack/config.sh \ No newline at end of file +source cluster-up/hack/config.sh