Edns certs stage2 w initramfs r10 #10166
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ====================================== | |
# WARNING! | |
# THIS FILE IS GENERATED FROM A TEMPLATE | |
# DO NOT EDIT THIS FILE MANUALLY! | |
# ====================================== | |
# The template is located in: kickstart-tests.yml.j2 | |
# Run kickstart tests in a PR triggered by a comment from an organization member. | |
# | |
# /kickstart-test keyboard lang | |
# ... run the tests specified by names (space separated) | |
# | |
# /kickstart-test --skip-testtypes gh123,gh765 keyboard lang | |
# ... run the tests specified by names while skipping tests with given types (comma separated) | |
# | |
# /kickstart-test --testtype network | |
# ... run all the tests of type network | |
# | |
# /kickstart-test --testtype network --skip-testtypes gh123,gh765 | |
# ... run all the tests of type network while skipping tests with given types (comma separated) | |
# | |
# /kickstart-test --skip-testtypes gh123,gh765 | |
# ... run all the tests while skipping tests with given types (comma separated) | |
# | |
# By default all disabled tests are skipped. | |
# To force running disabled tests use --force option. | |
# | |
# /kickstart-test --force rpm-ostree | |
# ... run rpm-ostree test even if it is disabled | |
# | |
# | |
# It is possible to run updated tests via a PR in kickstart-tests repository | |
# | |
# /kickstart-test --kstest-pr 1233 --testtype harddrive | |
# ... run the tests of type harddrive with | |
# https://github.com/rhinstaller/kickstart-tests/pull/1233 update of kickstart tests | |
name: kickstart-tests | |
on: | |
issue_comment: | |
types: [created] | |
permissions: | |
contents: read | |
statuses: write | |
jobs: | |
pr-info: | |
if: startsWith(github.event.comment.body, '/kickstart-test') | |
runs-on: ubuntu-latest | |
steps: | |
- name: Query comment author repository permissions | |
uses: octokit/[email protected] | |
id: user_permission | |
with: | |
route: GET /repos/${{ github.repository }}/collaborators/${{ github.event.sender.login }}/permission | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# restrict running of tests to users with admin or write permission for the repository | |
# see https://docs.github.com/en/free-pro-team@latest/rest/reference/repos#get-repository-permissions-for-a-user | |
# store output if user is allowed in allowed_user job output so it has to be checked in downstream job | |
- name: Check if user does have correct permissions | |
if: contains('admin write', fromJson(steps.user_permission.outputs.data).permission) | |
id: check_user_perm | |
run: | | |
echo "User '${{ github.event.sender.login }}' has permission '${{ fromJson(steps.user_permission.outputs.data).permission }}' allowed values: 'admin', 'write'" | |
echo "allowed_user=true" >> $GITHUB_OUTPUT | |
- name: Get information for pull request | |
uses: octokit/[email protected] | |
id: pr_api | |
with: | |
route: GET /repos/${{ github.repository }}/pulls/${{ github.event.issue.number }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Parse comment arguments | |
id: parse_comment_args | |
# Do not use comment body directly in the shell command to avoid possible code injection. | |
env: | |
BODY: ${{ github.event.comment.body }} | |
run: | | |
# extract first line and cut out the "/kickstart-tests" first word | |
ARGS=$(echo "$BODY" | sed -n '1 s/^[^ ]* *//p' | sed 's/[[:space:]]*$//') | |
# parse --kstest-pr option | |
OPTS="$(getopt -q -o "" --long kstest-pr: -- $ARGS)" || true | |
PR=${OPTS#" --kstest-pr '"} | |
PR=$(echo $PR | cut -d " " -f1) | |
PR=${PR%"'"} | |
PR=${PR%"--"} | |
# remove --kstest-pr option | |
ARGS=$(echo "$ARGS" | sed -r -e "s#--kstest-pr( +|=)$PR ##" | sed 's/[[:space:]]*$//') | |
echo "test selection arguments are: $ARGS" | |
echo "comment_args=${ARGS}" >> $GITHUB_OUTPUT | |
echo "kickstart-tests PR: $PR" | |
echo "kstest_pr=${PR}" >> $GITHUB_OUTPUT | |
outputs: | |
allowed_user: ${{ steps.check_user_perm.outputs.allowed_user }} | |
base_ref: ${{ fromJson(steps.pr_api.outputs.data).base.ref }} | |
sha: ${{ fromJson(steps.pr_api.outputs.data).head.sha }} | |
comment_args: ${{ steps.parse_comment_args.outputs.comment_args }} | |
target_branch: ${{ fromJson(steps.pr_api.outputs.data).base.ref }} | |
kstest_pr: ${{ steps.parse_comment_args.outputs.kstest_pr }} | |
run: | |
needs: pr-info | |
# only do this for Fedora for now; once we have RHEL 8/9 boot.iso builds working, also support these | |
if: needs.pr-info.outputs.allowed_user == 'true' && needs.pr-info.outputs.comment_args != '' && ! contains(github.event.comment.body, '--waive') | |
runs-on: [self-hosted, kstest] | |
timeout-minutes: 300 | |
env: | |
STATUS_NAME: kickstart-test | |
TARGET_BRANCH: ${{ needs.pr-info.outputs.base_ref }} | |
CONTAINER_TAG: 'lorax' | |
ISO_BUILD_CONTAINER_NAME: 'quay.io/rhinstaller/anaconda-iso-creator' | |
RPM_BUILD_CONTAINER_NAME: 'quay.io/rhinstaller/anaconda-rpm' | |
TEST_JOBS: 16 | |
steps: | |
# we post statuses manually as this does not run from a pull_request event | |
# https://developer.github.com/v3/repos/statuses/#create-a-status | |
- name: Create in-progress status | |
uses: octokit/[email protected] | |
with: | |
route: 'POST /repos/${{ github.repository }}/statuses/${{ needs.pr-info.outputs.sha }}' | |
context: '${{ env.STATUS_NAME }} ${{ needs.pr-info.outputs.comment_args }}' | |
description: 'gathering repositories [${{ runner.name }}]' | |
state: pending | |
target_url: 'https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# self-hosted runners don't do this automatically; also useful to keep stuff around for debugging | |
# need to run sudo as the launch script and the container create root/other user owned files | |
- name: Clean up previous run | |
run: | | |
sudo podman ps -q --all --filter='ancestor=kstest-runner' | xargs -tr sudo podman rm -f | |
sudo podman volume rm --all || true | |
sudo rm -rf * .git | |
- name: Clone repository | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ needs.pr-info.outputs.sha }} | |
fetch-depth: 0 | |
path: anaconda | |
- name: Rebase to current ${{ env.TARGET_BRANCH }} | |
working-directory: ./anaconda | |
run: | | |
git config user.name github-actions | |
git config user.email [email protected] | |
git log --oneline -1 origin/${{ env.TARGET_BRANCH }} | |
git rebase origin/${{ env.TARGET_BRANCH }} | |
- name: Check out kickstart-tests | |
uses: actions/checkout@v4 | |
with: | |
repository: rhinstaller/kickstart-tests | |
fetch-depth: 0 | |
path: kickstart-tests | |
- name: Pull the request and rebase to the upstream target | |
working-directory: ./kickstart-tests | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
if [ -n "${{ needs.pr-info.outputs.kstest_pr }}" ]; then | |
gh pr checkout ${{ needs.pr-info.outputs.kstest_pr }} | |
BASE_REF=$(gh pr view --json baseRefName --template '{{.baseRefName}}' ${{ needs.pr-info.outputs.kstest_pr }}) | |
git config user.name github-actions | |
git config user.email [email protected] | |
git log --oneline -1 $BASE_REF | |
git rebase $BASE_REF | |
echo "Rebasing PR ${{ needs.pr-info.outputs.kstest_pr }} to upstream $BASE_REF" | |
fi | |
- name: Generate test cases | |
working-directory: ./kickstart-tests | |
run: scripts/generate-testcases.py -t ./testlib/test_cases/kstest-template.tc.yaml.j2 . -o ./testlib/test_cases | |
- name: Clone Permian repository | |
uses: actions/checkout@v4 | |
with: | |
repository: rhinstaller/permian | |
path: permian | |
ref: main | |
- name: Clone tplib repository | |
uses: actions/checkout@v4 | |
with: | |
repository: rhinstaller/tplib | |
path: tplib | |
- name: Generate test selection for branch "${{ needs.pr-info.outputs.target_branch }}" | |
id: generate_query | |
working-directory: ./kickstart-tests | |
run: | | |
LAUNCH_ARGS=$(scripts/generate-launch-args.py ${{ needs.pr-info.outputs.comment_args }} \ | |
--branch ${{ needs.pr-info.outputs.target_branch }} ) || RC=$? | |
if [ -z ${RC} ] || [ ${RC} == 0 ]; then | |
echo "Generated launch arguments: $LAUNCH_ARGS" | |
else | |
echo "Generating of the arguments failed. See the workflow file for usage." | |
exit 1 | |
fi | |
PERMIAN_QUERY=$(scripts/generate-permian-query.py $LAUNCH_ARGS) | |
echo "Generated permian query: $PERMIAN_QUERY" | |
echo "query=$PERMIAN_QUERY" >> $GITHUB_OUTPUT | |
PLATFORM=$(scripts/generate-permian-query.py --print-platform $LAUNCH_ARGS) | |
echo "Generated platform: $PLATFORM" | |
echo "platform=$PLATFORM" >> $GITHUB_OUTPUT | |
- name: Ensure http proxy is running | |
run: sudo kickstart-tests/containers/squid.sh start | |
# This is really fast, but does not catch file removals or dracut changes | |
# maybe this becomes opt-in via a magic comment for efficiency reasons? | |
# if you use this, add `--updates ../updates.img` to the launch command line below | |
#- name: Build updates.img | |
# run: | | |
# scripts/makeupdates | |
# gzip -cd updates.img | cpio -tv | |
- name: Update container images used here | |
run: | | |
sudo podman pull quay.io/rhinstaller/kstest-runner:latest | |
- name: Post status building artifacts | |
uses: octokit/[email protected] | |
with: | |
route: 'POST /repos/${{ github.repository }}/statuses/${{ needs.pr-info.outputs.sha }}' | |
context: '${{ env.STATUS_NAME }} ${{ needs.pr-info.outputs.comment_args }}' | |
description: 'building artifacts [${{ runner.name }}]' | |
state: pending | |
target_url: 'https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build anaconda-iso-creator container image | |
working-directory: ./anaconda | |
run: | | |
# set static tag to avoid complications when looking what tag is used | |
sudo make -f ./Makefile.am anaconda-iso-creator-build CI_TAG=$CONTAINER_TAG | |
- name: Build anaconda-rpm container (for RPM build) | |
working-directory: ./anaconda | |
run: | | |
# set static tag to avoid complications when looking what tag is used | |
make -f ./Makefile.am anaconda-rpm-build CI_TAG=$CONTAINER_TAG | |
- name: Build Anaconda RPM files | |
working-directory: ./anaconda | |
run: | | |
# output of the build will be stored in ./result/build/01-rpm-build/*.rpm | |
make -f ./Makefile.am container-rpms-scratch CI_TAG=$CONTAINER_TAG | |
mkdir -p ${{ github.workspace }}/kickstart-tests/data/additional_repo/ | |
cp -av ./result/build/01-rpm-build/*.rpm ${{ github.workspace }}/kickstart-tests/data/additional_repo/ | |
- name: Build boot.iso | |
run: | | |
mkdir -p images | |
# /var/tmp tmpfs speeds up lorax and avoids https://bugzilla.redhat.com/show_bug.cgi?id=1906364 | |
sudo podman run -i --rm --privileged \ | |
--tmpfs /var/tmp:rw,mode=1777 \ | |
-v ${{ github.workspace }}/kickstart-tests/data/additional_repo:/anaconda-rpms:ro \ | |
-v ${{ github.workspace }}/images:/images:z \ | |
$ISO_BUILD_CONTAINER_NAME:$CONTAINER_TAG | |
- name: Clean up after lorax | |
if: always() | |
run: | | |
# remove container images together with the container | |
sudo podman rmi -f $ISO_BUILD_CONTAINER_NAME:$CONTAINER_TAG || true | |
sudo podman rmi -f $RPM_BUILD_CONTAINER_NAME:$CONTAINER_TAG || true | |
- name: Create Permian settings file | |
working-directory: ./permian | |
run: | | |
cat <<EOF > settings.ini | |
[kickstart_test] | |
retry_on_failure=True | |
kstest_local_repo=${{ github.workspace }}/kickstart-tests | |
[library] | |
directPath=${{ github.workspace }}/kickstart-tests/testlib | |
EOF | |
- name: Post status running tests | |
uses: octokit/[email protected] | |
with: | |
route: 'POST /repos/${{ github.repository }}/statuses/${{ needs.pr-info.outputs.sha }}' | |
context: '${{ env.STATUS_NAME }} ${{ needs.pr-info.outputs.comment_args }}' | |
description: 'running tests [${{ runner.name }}]' | |
state: pending | |
target_url: 'https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Run kickstart tests in container | |
working-directory: ./permian | |
run: | | |
sudo --preserve-env=TEST_JOBS \ | |
PYTHONPATH=${PYTHONPATH:-}:${{ github.workspace }}/tplib \ | |
./run_subset --debug-log permian.log \ | |
--settings settings.ini \ | |
--override workflows.dry_run=False \ | |
--testcase-query '${{ steps.generate_query.outputs.query }}' \ | |
run_event '{ | |
"type":"everything", | |
"everything_testplan":{ | |
"configurations":[{"architecture":"x86_64"}], | |
"point_person":"[email protected]" | |
}, | |
"bootIso":{"x86_64":"file://${{ github.workspace }}/images/boot.iso"}, | |
"kstestParams":{"platform":"${{ steps.generate_query.outputs.platform }}"} | |
}' | |
# Permian hides the exit code of launcher, so error out this step manually based on logs | |
rc=$( awk '/Runner return code: /{ print $4 }' permian.log) | |
if [ -n "$rc" ]; then | |
exit $rc | |
else | |
exit 111 | |
fi | |
# Needed so that other jobs are able to clean the working dir | |
# FIXME: we should investigate running permian/launch sudo-less | |
- name: Make artefacts created by sudo cleanable | |
if: always() | |
run: | |
sudo chown -R github:github . | |
- name: Collect logs | |
if: always() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: 'logs' | |
# skip the /anaconda subdirectories, too large | |
path: | | |
kickstart-tests/data/logs/kstest*.log | |
kickstart-tests/data/logs/kstest-*/*.log | |
kickstart-tests/data/logs/kstest-*/original-ks.cfg | |
kickstart-tests/data/logs/kstest-list-substituted/ | |
kickstart-tests/data/additional_repo/*.rpm | |
permian/permian.log | |
- name: Set result status | |
if: always() | |
uses: octokit/[email protected] | |
with: | |
route: 'POST /repos/${{ github.repository }}/statuses/${{ needs.pr-info.outputs.sha }}' | |
context: '${{ env.STATUS_NAME }} ${{ needs.pr-info.outputs.comment_args }}' | |
description: 'finished [${{ runner.name }}]' | |
state: ${{ job.status }} | |
target_url: 'https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
waive: | |
runs-on: ubuntu-latest | |
needs: pr-info | |
if: needs.pr-info.outputs.allowed_user == 'true' && contains(github.event.comment.body, '--waive') | |
steps: | |
- name: Get the waiving reason | |
id: get_reason | |
env: | |
BODY: ${{ github.event.comment.body }} | |
run: | | |
REASON=$(echo "$BODY" | sed -e "s#/kickstart-test --waive ##" | sed 's/[[:space:]]*$//') | |
echo "reason=Waived, $REASON" >> $GITHUB_OUTPUT | |
- name: Set status | |
uses: octokit/[email protected] | |
with: | |
route: 'POST /repos/${{ github.repository }}/statuses/${{ needs.pr-info.outputs.sha }}' | |
context: 'kickstart-test --testtype smoke' | |
description: '${{ steps.get_reason.outputs.reason }}' | |
state: ${{ job.status }} | |
target_url: 'https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |