diff --git a/.github/workflows/daily-e2e-tests-libvirt.yaml b/.github/workflows/daily-e2e-tests-libvirt.yaml index bb050c4e7..29437df9f 100644 --- a/.github/workflows/daily-e2e-tests-libvirt.yaml +++ b/.github/workflows/daily-e2e-tests-libvirt.yaml @@ -12,135 +12,12 @@ on: - cron: '15 4 * * *' workflow_dispatch: -env: - # cloud-api-adaptor image registry - E2E_IMG_REGISTRY: ghcr.io/${{ github.repository_owner }} - # cloud-api-adaptor: image release tag - E2E_IMG_RELEASE_TAG: latest - # cloud-api-adaptor image dev tag - E2E_IMG_DEV_TAG: latest-dev - jobs: - - # Build the podvm images. - # - podvm_builder: - uses: ./.github/workflows/podvm_builder.yaml - with: - registry: ghcr.io/${{ github.repository_owner }} - image_tag: latest - git_ref: refs/heads/main - secrets: inherit - - podvm_binaries: - needs: [podvm_builder] - uses: ./.github/workflows/podvm_binaries.yaml - with: - registry: ghcr.io/${{ github.repository_owner }} - image_tag: latest - git_ref: refs/heads/main - secrets: inherit - - podvm: - needs: [podvm_binaries] - uses: ./.github/workflows/podvm.yaml + e2e: + uses: ./.github/workflows/e2e_run_all.yaml with: - registry: ghcr.io/${{ github.repository_owner }} - image_tag: latest + caa_image_tag: latest git_ref: refs/heads/main - secrets: inherit - - # Build and push the cloud-api-adaptor image - # - # By using a reusable `workflow_call` workflow we are hitting two - # GHA limitations here: - # - # - Cannot access the `env` context from the `with` so that it cannot - # reuse the E2E_IMG_* environment variables set at this workflow level. - # - Cannot call a reusable workflow from a job's step, so the we cannot - # merge the `image` and `prep_env` into a single one (unless we create - # another reusable workflow and, well, likely hit another limitation...). - # - # Reference: https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations - # - image: - uses: ./.github/workflows/caa_build_and_push.yaml - with: + podvm_image_tag: latest registry: ghcr.io/${{ github.repository_owner }} - dev_tags: latest-dev - release_tags: latest - git_ref: main secrets: inherit - - # Edit the kustomize files under the install directory to reference the - # built cloud-api-adaptor images. The entire directory is archived so that - # downstream jobs can simply download and use the prepared installation - # files. - # - # IMPORTANT: If you are enabling e2e tests for a given provider, - # then please update the PROVIDERS list (space-separated names, e.g., - # "aws libvirt"). - prep_install: - needs: [image] - runs-on: ubuntu-latest - env: - PROVIDERS: "libvirt" - steps: - - name: Checkout Code - uses: actions/checkout@v3 - - - name: Install kustomize - run: | - command -v kustomize >/dev/null || \ - curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | \ - bash -s /usr/local/bin - - - name: Update kustomization configuration - run: | - providers=(${{ env.PROVIDERS }}) - # If there aren't providers then something is wrong - [[ ${#providers[@]} -gt 0 ]] || exit 1 - - for provider in ${providers[@]}; do - img="${E2E_IMG_REGISTRY}/cloud-api-adaptor" - tag="${E2E_IMG_RELEASE_TAG}" - [[ "$provider" = "libvirt" ]] && tag="${E2E_IMG_DEV_TAG}" - echo "::group::Update ${provider}" - pushd "install/overlays/${provider}" - kustomize edit set image "cloud-api-adaptor=${img}:${tag}" - # Print for debugging - cat kustomization.yaml - echo "::endgroup::" - # Validate the file to avoid it silently testing with a wrong image - grep "newName: ${img}" kustomization.yaml - grep "newTag: ${tag}" kustomization.yaml - popd - done - - - uses: actions/upload-artifact@v3 - with: - name: install_directory - path: install/ - retention-days: 7 - - # Run libvirt e2e tests if pull request labeled 'test_e2e_libvirt' - libvirt: - name: libvirt - needs: [podvm, image, prep_install] - strategy: - fail-fast: false - matrix: - os: - # FIXME: temporarily disable CentOS tests as the CentOS podvm builds - # are disabled due https://github.com/confidential-containers/cloud-api-adaptor/issues/1558 - # - centos - - ubuntu - provider: - - generic - arch: - - amd64 - uses: ./.github/workflows/e2e_libvirt.yaml - with: - podvm_image: ghcr.io/${{ github.repository_owner }}/podvm-${{ matrix.provider }}-${{ matrix.os }}-${{ matrix.arch }}:ci-pr${{ github.event.number }} - install_directory_artifact: install_directory - git_ref: refs/heads/main diff --git a/.github/workflows/e2e_on_pull.yaml b/.github/workflows/e2e_on_pull.yaml index be99529e8..665e8ab02 100644 --- a/.github/workflows/e2e_on_pull.yaml +++ b/.github/workflows/e2e_on_pull.yaml @@ -26,146 +26,12 @@ on: branches: - 'main' -env: - # cloud-api-adaptor image registry - E2E_IMG_REGISTRY: ghcr.io/${{ github.repository_owner }} - # cloud-api-adaptor: image release tag - E2E_IMG_RELEASE_TAG: ci-pr${{ github.event.number }} - # cloud-api-adaptor image dev tag - E2E_IMG_DEV_TAG: ci-pr${{ github.event.number }}-dev - jobs: - authorize: - runs-on: ubuntu-latest - if: ${{ contains(github.event.pull_request.labels.*.name, 'test_e2e_libvirt') }} - steps: - - run: "true" - - # Build the podvm images. - # - podvm_builder: - needs: [authorize] - uses: ./.github/workflows/podvm_builder.yaml - with: - registry: ghcr.io/${{ github.repository_owner }} - image_tag: ci-pr${{ github.event.number }} - git_ref: ${{ github.event.pull_request.head.sha }} - secrets: inherit - - podvm_binaries: - needs: [podvm_builder] - uses: ./.github/workflows/podvm_binaries.yaml - with: - registry: ghcr.io/${{ github.repository_owner }} - image_tag: ci-pr${{ github.event.number }} - git_ref: ${{ github.event.pull_request.head.sha }} - secrets: inherit - - podvm: - needs: [podvm_binaries] - uses: ./.github/workflows/podvm.yaml + e2e: + uses: ./.github/workflows/e2e_run_all.yaml with: - registry: ghcr.io/${{ github.repository_owner }} - image_tag: ci-pr${{ github.event.number }} + caa_image_tag: ci-pr${{ github.event.number }} git_ref: ${{ github.event.pull_request.head.sha }} - secrets: inherit - - # Build and push the cloud-api-adaptor image - # - # By using a reusable `workflow_call` workflow we are hitting two - # GHA limitations here: - # - # - Cannot access the `env` context from the `with` so that it cannot - # reuse the E2E_IMG_* environment variables set at this workflow level. - # - Cannot call a reusable workflow from a job's step, so the we cannot - # merge the `image` and `prep_env` into a single one (unless we create - # another reusable workflow and, well, likely hit another limitation...). - # - # Reference: https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations - # - image: - uses: ./.github/workflows/caa_build_and_push.yaml - needs: [authorize] - with: + podvm_image_tag: ci-pr${{ github.event.number }} registry: ghcr.io/${{ github.repository_owner }} - dev_tags: ci-pr${{ github.event.number }}-dev - release_tags: ci-pr${{ github.event.number }} - git_ref: ${{ github.event.pull_request.head.sha }} secrets: inherit - - # Edit the kustomize files under the install directory to reference the - # built cloud-api-adaptor images. The entire directory is archived so that - # downstream jobs can simply download and use the prepared installation - # files. - # - # IMPORTANT: If you are enabling e2e tests for a given provider, - # then please update the PROVIDERS list (space-separated names, e.g., - # "aws libvirt"). - prep_install: - needs: [image] - runs-on: ubuntu-latest - env: - PROVIDERS: "libvirt" - steps: - - name: Checkout Code - uses: actions/checkout@v3 - with: - fetch-depth: 0 - ref: ${{ github.event.pull_request.head.sha }} - - - name: Install kustomize - run: | - command -v kustomize >/dev/null || \ - curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | \ - bash -s /usr/local/bin - - - name: Update kustomization configuration - run: | - providers=(${{ env.PROVIDERS }}) - # If there aren't providers then something is wrong - [[ ${#providers[@]} -gt 0 ]] || exit 1 - - for provider in ${providers[@]}; do - img="${E2E_IMG_REGISTRY}/cloud-api-adaptor" - tag="${E2E_IMG_RELEASE_TAG}" - [[ "$provider" = "libvirt" ]] && tag="${E2E_IMG_DEV_TAG}" - echo "::group::Update ${provider}" - pushd "install/overlays/${provider}" - kustomize edit set image "cloud-api-adaptor=${img}:${tag}" - # Print for debugging - cat kustomization.yaml - echo "::endgroup::" - # Validate the file to avoid it silently testing with a wrong image - grep "newName: ${img}" kustomization.yaml - grep "newTag: ${tag}" kustomization.yaml - popd - done - - - uses: actions/upload-artifact@v3 - with: - name: install_directory - path: install/ - retention-days: 7 - - # Run libvirt e2e tests if pull request labeled 'test_e2e_libvirt' - libvirt: - name: libvirt - if: ${{ contains(github.event.pull_request.labels.*.name, 'test_e2e_libvirt') }} - needs: [podvm, image, prep_install] - strategy: - fail-fast: false - matrix: - os: - # FIXME: temporarily disable CentOS tests as the CentOS podvm builds - # are disabled due https://github.com/confidential-containers/cloud-api-adaptor/issues/1558 - #- centos - - ubuntu - provider: - - generic - arch: - - amd64 - uses: ./.github/workflows/e2e_libvirt.yaml - with: - podvm_image: ghcr.io/${{ github.repository_owner }}/podvm-${{ matrix.provider }}-${{ matrix.os }}-${{ matrix.arch }}:ci-pr${{ github.event.number }} - install_directory_artifact: install_directory - git_ref: ${{ github.event.pull_request.head.sha }} \ No newline at end of file diff --git a/.github/workflows/e2e_run_all.yaml b/.github/workflows/e2e_run_all.yaml new file mode 100644 index 000000000..b8b07fb05 --- /dev/null +++ b/.github/workflows/e2e_run_all.yaml @@ -0,0 +1,175 @@ +# (C) Copyright Confidential Containers Contributors 2023. +# SPDX-License-Identifier: Apache-2.0 +# +# Run end-to-end (e2e) tests. +--- +name: (Callable) e2e tests + +on: + workflow_call: + inputs: + authorized: + default: true + required: false + type: boolean + caa_image_tag: + required: true + type: string + git_ref: + default: 'main' + description: Git ref to checkout the cloud-api-adaptor repository. Defaults to main. + required: false + type: string + podvm_image_tag: + required: true + type: string + registry: + required: true + type: string +env: + # cloud-api-adaptor image registry + E2E_IMG_REGISTRY: ${{ inputs.registry }} + # cloud-api-adaptor: image release tag + E2E_IMG_RELEASE_TAG: ${{ inputs.caa_image_tag }} + # cloud-api-adaptor image dev tag + E2E_IMG_DEV_TAG: ${{ inputs.caa_image_tag }}-dev + +jobs: + authorize: + runs-on: ubuntu-latest + if: | + inputs.authorized == true || + contains(github.event.pull_request.labels.*.name, 'test_e2e_libvirt') + steps: + - run: "true" + + # Build the podvm images. + # + podvm_builder: + needs: [authorize] + uses: ./.github/workflows/podvm_builder.yaml + with: + registry: ${{ inputs.registry }} + image_tag: ${{ inputs.podvm_image_tag }} + git_ref: ${{ inputs.git_ref }} + secrets: inherit + + podvm_binaries: + needs: [podvm_builder] + uses: ./.github/workflows/podvm_binaries.yaml + with: + registry: ${{ inputs.registry }} + image_tag: ${{ inputs.podvm_image_tag }} + git_ref: ${{ inputs.git_ref }} + secrets: inherit + + podvm: + needs: [podvm_binaries] + uses: ./.github/workflows/podvm.yaml + with: + registry: ${{ inputs.registry }} + image_tag: ${{ inputs.podvm_image_tag }} + git_ref: ${{ inputs.git_ref }} + secrets: inherit + + # Build and push the cloud-api-adaptor image + # + # By using a reusable `workflow_call` workflow we are hitting two + # GHA limitations here: + # + # - Cannot access the `env` context from the `with` so that it cannot + # reuse the E2E_IMG_* environment variables set at this workflow level. + # - Cannot call a reusable workflow from a job's step, so the we cannot + # merge the `image` and `prep_env` into a single one (unless we create + # another reusable workflow and, well, likely hit another limitation...). + # + # Reference: https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations + # + image: + uses: ./.github/workflows/caa_build_and_push.yaml + needs: [authorize] + with: + registry: ${{ inputs.registry }} + dev_tags: ${{ inputs.caa_image_tag }}-dev + release_tags: ${{ inputs.caa_image_tag }} + git_ref: ${{ inputs.git_ref }} + secrets: inherit + + # Edit the kustomize files under the install directory to reference the + # built cloud-api-adaptor images. The entire directory is archived so that + # downstream jobs can simply download and use the prepared installation + # files. + # + # IMPORTANT: If you are enabling e2e tests for a given provider, + # then please update the PROVIDERS list (space-separated names, e.g., + # "aws libvirt"). + prep_install: + needs: [image] + runs-on: ubuntu-latest + env: + PROVIDERS: "libvirt" + steps: + - name: Checkout Code + uses: actions/checkout@v3 + with: + fetch-depth: 0 + ref: ${{ inputs.git_ref }} + + - name: Install kustomize + run: | + command -v kustomize >/dev/null || \ + curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | \ + bash -s /usr/local/bin + + - name: Update kustomization configuration + run: | + providers=(${{ env.PROVIDERS }}) + # If there aren't providers then something is wrong + [[ ${#providers[@]} -gt 0 ]] || exit 1 + + for provider in ${providers[@]}; do + img="${E2E_IMG_REGISTRY}/cloud-api-adaptor" + tag="${E2E_IMG_RELEASE_TAG}" + [[ "$provider" = "libvirt" ]] && tag="${E2E_IMG_DEV_TAG}" + echo "::group::Update ${provider}" + pushd "install/overlays/${provider}" + kustomize edit set image "cloud-api-adaptor=${img}:${tag}" + # Print for debugging + cat kustomization.yaml + echo "::endgroup::" + # Validate the file to avoid it silently testing with a wrong image + grep "newName: ${img}" kustomization.yaml + grep "newTag: ${tag}" kustomization.yaml + popd + done + + - uses: actions/upload-artifact@v3 + with: + name: install_directory + path: install/ + retention-days: 7 + + # Run libvirt e2e tests if pull request labeled 'test_e2e_libvirt' + libvirt: + name: libvirt + if: | + inputs.authorized == true || + contains(github.event.pull_request.labels.*.name, 'test_e2e_libvirt') + needs: [podvm, image, prep_install] + strategy: + fail-fast: false + matrix: + os: + # FIXME: temporarily disable CentOS tests as the CentOS podvm builds + # are disabled due https://github.com/confidential-containers/cloud-api-adaptor/issues/1558 + #- centos + - ubuntu + provider: + - generic + arch: + - amd64 + uses: ./.github/workflows/e2e_libvirt.yaml + with: + podvm_image: ${{ inputs.registry }}/podvm-${{ matrix.provider }}-${{ matrix.os }}-${{ matrix.arch }}:${{ inputs.podvm_image_tag }} + install_directory_artifact: install_directory + git_ref: ${{ inputs.git_ref }} \ No newline at end of file diff --git a/README.md b/README.md index cf16cd17a..8816e6e6b 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Introduction -This repository contains the implementation of Kata [remote hypervisor](https://github.com/kata-containers/kata-containers/tree/CCv0). +This repository contains the implementation of Kata Containers [remote hypervisor](https://github.com/kata-containers/kata-containers/tree/CCv0). Kata remote hypervisor enables creation of Kata VMs on any environment without requiring baremetal servers or nested virtualization support.