From a4b9679334ee4a5b353962260fa72e6a7d245e2d Mon Sep 17 00:00:00 2001 From: Justin Date: Thu, 19 Sep 2024 19:21:34 -0400 Subject: [PATCH 1/2] build(deps): update nerdctl-full and soci versions (#1097) * deps: update nerdctl-full and soci versions Signed-off-by: Justin Alvarez * fix file path in archive Signed-off-by: Justin Alvarez --------- Signed-off-by: Justin Alvarez --- e2e/vm/version_remote_test.go | 8 ++++---- finch.yaml.d/common.yaml | 14 +++++++------- pkg/config/lima_config_applier.go | 8 ++++---- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/e2e/vm/version_remote_test.go b/e2e/vm/version_remote_test.go index 6c9ccf833..07265a598 100644 --- a/e2e/vm/version_remote_test.go +++ b/e2e/vm/version_remote_test.go @@ -19,10 +19,10 @@ import ( ) const ( - nerdctlVersion = "v1.7.6" - buildKitVersion = "v0.12.5" - containerdVersion = "v1.7.16" - runcVersion = "1.1.12" + nerdctlVersion = "v1.7.7" + buildKitVersion = "v0.15.2" + containerdVersion = "v1.7.22" + runcVersion = "1.1.14" ) type Versions struct { diff --git a/finch.yaml.d/common.yaml b/finch.yaml.d/common.yaml index 40d844be8..52335af41 100644 --- a/finch.yaml.d/common.yaml +++ b/finch.yaml.d/common.yaml @@ -8,13 +8,13 @@ containerd: user: false # Override containerd archive # 🟢 Builtin default: hard-coded URL with hard-coded digest (see the output of `limactl info | jq .defaultTemplate.containerd.archives`) - # archives: - # - location: "https://deps.runfinch.com/x86-64/nerdctl-full-1.7.2-1-linux-amd64.tar.gz" - # arch: "x86_64" - # digest: "sha256:90851068e58417551384dafb3fced8165cbfa2799b51849f85f44c0ebef2c37a" - # - location: "https://deps.runfinch.com/aarch64/nerdctl-full-1.7.2-1-linux-arm64.tar.gz" - # arch: "aarch64" - # digest: "sha256:f354541e6234235f2ea32d6ed64e9d59a7cc4e0b7f15e63deef9cd5e90a298ef" + archives: + - location: "https://deps.runfinch.com/x86-64/nerdctl-full-1.7.7-linux-amd64.tar.gz" + arch: "x86_64" + digest: "sha256:a731eac93e8e9dda1a0d76dc1606438deb0668ea7d6bd5c5af436353ed9f65c5" + - location: "https://deps.runfinch.com/aarch64/nerdctl-full-1.7.7-linux-arm64.tar.gz" + arch: "aarch64" + digest: "sha256:b161a20c0e41f9ad999e8411e23c58ece4b3e584ae90b4252b76a39eee4a0c31" provision: - mode: system diff --git a/pkg/config/lima_config_applier.go b/pkg/config/lima_config_applier.go index 40dc15da5..93c626f35 100644 --- a/pkg/config/lima_config_applier.go +++ b/pkg/config/lima_config_applier.go @@ -20,9 +20,9 @@ import ( ) const ( - sociVersion = "0.5.0" - sociAMD64Sha256Sum = "768f73dbd2c772386df1d12d0a371e9cbcefebea4856623335a2e8ea5170691c" - sociARM64Sha256Sum = "9238e00426ec67a725d511e232476248f2379d66a4ccab224a50ad4c56a0292e" + sociVersion = "0.7.0" + sociAMD64Sha256Sum = "8766cdd479272dcc86299e70a0f7a9343f940c98285c1491bb3c3cdc05b26f47" + sociARM64Sha256Sum = "731d846b0884840feeba5dcc0f10d0b326d843d991b2ba1bee7ad2c90c225032" snapshotterProvisioningScriptHeader = "# snapshotter provisioning script" sociInstallationProvisioningScriptHeader = snapshotterProvisioningScriptHeader + ": soci" sociFileNameFormat = "soci-snapshotter-%s-linux-%s.tar.gz" @@ -43,7 +43,7 @@ if [ ! -f /usr/local/bin/soci ]; then (echo "error: shasum verification failed for SOCI release tarball" && rm -f "${release_tarball}" && exit 1) # move to usr/local/bin - tar -C /usr/local/bin -xvf ${release_tarball} ./soci ./soci-snapshotter-grpc + tar -C /usr/local/bin -xvf ${release_tarball} soci soci-snapshotter-grpc # install as a systemd service curl --retry 2 --retry-max-time 120 -OL "%s" From d3ab32a999634e89bec287dc3fb4eb44c974884f Mon Sep 17 00:00:00 2001 From: Justin Date: Fri, 20 Sep 2024 15:12:51 -0400 Subject: [PATCH 2/2] ci(fix): update conditions (#1099) * ci: update conditions Signed-off-by: Justin Alvarez * properly match conditions Signed-off-by: Justin Alvarez * match the "runs-on" field Signed-off-by: Justin Alvarez * update linux testing matrix to run all tests at once Signed-off-by: Justin Alvarez --------- Signed-off-by: Justin Alvarez --- .github/workflows/ci-docs.yaml | 61 +++++++++++++++++++++----------- .github/workflows/ci.yaml | 51 ++++++++++++++------------ .github/workflows/e2e-docs.yaml | 14 ++++++++ .github/workflows/e2e-linux.yaml | 5 +-- 4 files changed, 84 insertions(+), 47 deletions(-) create mode 100644 .github/workflows/e2e-docs.yaml diff --git a/.github/workflows/ci-docs.yaml b/.github/workflows/ci-docs.yaml index 9255f1afb..00c08990b 100644 --- a/.github/workflows/ci-docs.yaml +++ b/.github/workflows/ci-docs.yaml @@ -15,7 +15,10 @@ on: paths: - '**.md' - 'contrib/**' - - '.github/CODEOWNERS' + - '!contrib/packaging/**' + - '.github/**' + - '!.github/workflows/ci.yaml' + - '!.github/workflows/e2e-*.yaml' pull_request: branches: - main @@ -23,7 +26,9 @@ on: - '**.md' - 'contrib/**' - '!contrib/packaging/**' - - '.github/CODEOWNERS' + - '.github/**' + - '!.github/workflows/ci.yaml' + - '!.github/workflows/e2e-*.yaml' jobs: git-secrets: @@ -32,10 +37,10 @@ jobs: - name: Pull latest awslabs/git-secrets repo uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: - repository: awslabs/git-secrets - ref: 1.3.0 - fetch-tags: true - path: git-secrets + repository: awslabs/git-secrets + ref: 1.3.0 + fetch-tags: true + path: git-secrets - name: Install git secrets from source run: sudo make install working-directory: git-secrets @@ -72,28 +77,44 @@ jobs: runs-on: ubuntu-latest steps: - run: echo "Skipping CI for docs & contrib files" - e2e-tests: + macos-e2e-tests: strategy: matrix: os: [ - [self-hosted, macos, amd64, 13, test], - [self-hosted, macos, amd64, 14, test], - [self-hosted, macos, arm64, 13, test], - [self-hosted, macos, arm64, 14, test], + [13, test-e2e-container, X64, test], + [13, test-e2e-container, arm64, test], + [13, test-e2e-vm-serial, X64, test], + [13, test-e2e-vm-serial, arm64, test], + [14, test-e2e-container, X64, test], + [14, test-e2e-container, arm64, test], + [14, test-e2e-vm-serial, X64, test], + [14, test-e2e-vm-serial, arm64, test], ] - test-command: ['test-e2e-vm-serial', 'test-e2e-container'] - runs-on: ${{ matrix.os }} - steps: - - run: echo "Skipping CI for docs & contrib files" + uses: ./.github/workflows/e2e-docs.yaml + with: + os: ${{ matrix.os }} windows-e2e-tests: strategy: matrix: - os: [[self-hosted, windows, amd64, test]] - test-command: ['test-e2e-vm-serial', 'test-e2e-container'] - runs-on: ${{ matrix.os }} - steps: - - run: echo "Skipping CI for docs & contrib files" + os: + [[test-e2e-container, amd64, test], [test-e2e-vm-serial, amd64, test]] + uses: ./.github/workflows/e2e-docs.yaml + with: + os: ${{ matrix.os }} + linux-e2e-tests: + strategy: + matrix: + os: + [ + [amazonlinux, X64, 2, test], + [amazonlinux, X64, 2023, test], + [amazonlinux, arm64, 2, test], + [amazonlinux, arm64, 2023, test], + ] + uses: ./.github/workflows/e2e-docs.yaml + with: + os: ${{ matrix.os }} mdlint: runs-on: ubuntu-latest steps: diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 73469b8f4..140b82ea5 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -5,18 +5,25 @@ on: push: branches: - main - paths-ignore: - - "**.md" - - "contrib/**" - - ".github/CODEOWNERS" + paths: + - '**.go' + - 'go.mod' + - 'go.sum' + - '.github/workflows/ci.yaml' + - '.github/workflows/e2e-*.yaml' + - 'contrib/packaging/**' + - '!contrib/hello-finch/**' pull_request: branches: - main paths: - - "**.go" - - "contrib/packaging/**" - - "!contrib/hello-finch/**" - - "!.github/CODEOWNERS" + - '**.go' + - 'go.mod' + - 'go.sum' + - '.github/workflows/ci.yaml' + - '.github/workflows/e2e-*.yaml' + - 'contrib/packaging/**' + - '!contrib/hello-finch/**' workflow_dispatch: permissions: id-token: write @@ -147,10 +154,10 @@ jobs: strategy: fail-fast: false matrix: - version: ["13", "14"] - test-command: ["test-e2e-vm-serial", "test-e2e-container"] - arch: ["X64", "arm64"] - runner-type: ["test"] + version: ['13', '14'] + test-command: ['test-e2e-vm-serial', 'test-e2e-container'] + arch: ['X64', 'arm64'] + runner-type: ['test'] uses: ./.github/workflows/e2e-macos.yaml secrets: inherit with: @@ -162,9 +169,9 @@ jobs: strategy: fail-fast: false matrix: - test-command: ["test-e2e-vm-serial", "test-e2e-container"] - arch: ["amd64"] - runner-type: ["test"] + test-command: ['test-e2e-vm-serial', 'test-e2e-container'] + arch: ['amd64'] + runner-type: ['test'] uses: ./.github/workflows/e2e-windows.yaml secrets: inherit with: @@ -175,11 +182,10 @@ jobs: strategy: fail-fast: false matrix: - os: ["amazonlinux"] - arch: ["X64", "arm64"] - version: ["2023", "2"] - test-command: ["test-e2e-container"] - runner-type: ["test"] + os: ['amazonlinux'] + arch: ['X64', 'arm64'] + version: ['2023', '2'] + runner-type: ['test'] uses: ./.github/workflows/e2e-linux.yaml secrets: inherit with: @@ -187,7 +193,6 @@ jobs: arch: ${{ matrix.arch }} version: ${{ matrix.version }} runner-type: ${{ matrix.runner-type }} - test-command: ${{ matrix.test-command }} mdlint: runs-on: ubuntu-latest @@ -195,6 +200,6 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: avto-dev/markdown-lint@04d43ee9191307b50935a753da3b775ab695eceb # v1.5.0 with: - args: "**/*.md" + args: '**/*.md' # CHANGELOG.md is only updated by release-please bot. - ignore: "CHANGELOG.md" + ignore: 'CHANGELOG.md' diff --git a/.github/workflows/e2e-docs.yaml b/.github/workflows/e2e-docs.yaml new file mode 100644 index 000000000..8582de22d --- /dev/null +++ b/.github/workflows/e2e-docs.yaml @@ -0,0 +1,14 @@ +name: e2e-docs +on: + workflow_call: + inputs: + os: + type: string + required: true +jobs: + test: + runs-on: ['self-hosted', '${{ fromJson(inputs.os) }}'] + steps: + - name: Skip + run: | + echo "Skipping CI for docs & contrib files" diff --git a/.github/workflows/e2e-linux.yaml b/.github/workflows/e2e-linux.yaml index 1cec72d08..6b7fdf1ab 100644 --- a/.github/workflows/e2e-linux.yaml +++ b/.github/workflows/e2e-linux.yaml @@ -14,9 +14,6 @@ on: runner-type: type: string required: true - test-command: - type: string - required: true permissions: # This is required for configure-aws-credentials to request an OIDC JWT ID token to access AWS resources later on. @@ -96,7 +93,7 @@ jobs: git clean -f -d # required by one of the tests which uses SSH_AUTH_SOCK eval "$(ssh-agent -s)" - INSTALLED=true REGISTRY=${{ steps.vars.outputs.has_creds == true && env.REGISTRY || '' }} sudo -E make ${{ inputs.test-command }} + INSTALLED=true REGISTRY=${{ steps.vars.outputs.has_creds == true && env.REGISTRY || '' }} sudo -E make test-e2e-container - name: Clean up repo AL2 if: ${{ (startsWith(inputs.os, 'amazon') && inputs.version == '2' && always() ) }} run: |