From 174111fbf8891e6efe6892452b6fc12222372e8f Mon Sep 17 00:00:00 2001 From: Gabriela Cervantes Date: Wed, 28 Nov 2018 10:17:25 -0600 Subject: [PATCH 01/22] metrics: Add sleep before gathering memory inside the container We need a sleep before taking the measurement of the memory inside of a container. This change is necessary as the kernel takes time to hotplug the memory. Fixes #931 Signed-off-by: Gabriela Cervantes --- metrics/density/memory_usage_inside_container.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/metrics/density/memory_usage_inside_container.sh b/metrics/density/memory_usage_inside_container.sh index 41b177a2d..d51172dc4 100755 --- a/metrics/density/memory_usage_inside_container.sh +++ b/metrics/density/memory_usage_inside_container.sh @@ -18,7 +18,7 @@ TEST_NAME="memory footprint inside container" VERSIONS_FILE="${SCRIPT_PATH}/../../versions.yaml" ALPINE_VERSION=$("${GOPATH}/bin/yq" read "$VERSIONS_FILE" "docker_images.alpine.version") IMAGE="alpine:$ALPINE_VERSION" -CMD="cat /proc/meminfo" +CMD="sleep 10; cat /proc/meminfo" # We specify here in 'k', as that then matches the results we get from the meminfo, # which makes later direct comparison easier. MEMSIZE=${MEMSIZE:-$((2048*1024))} @@ -32,7 +32,7 @@ function main() { metrics_json_init - local output=$(docker run -m ${MEMSIZE}k --rm --runtime=$RUNTIME $IMAGE $CMD) + local output=$(docker run -m ${MEMSIZE}k --rm --runtime=$RUNTIME $IMAGE sh -c "$CMD") # Save configuration metrics_json_start_array From 5ab9f580647205fea13fe7513145ce9a81d6a128 Mon Sep 17 00:00:00 2001 From: Sebastien Boeuf Date: Thu, 29 Nov 2018 12:36:15 -0800 Subject: [PATCH 02/22] functional: The terminal needs to be disabled When we use the default spec config options with terminal being enabled, the shim errors right after it's been started. The reason being it cannot set the terminal properly since ginkgo functional tests never create any terminal. With this patch, the kata-shim process runs as long as the container workload is running, which is the expected behavior. Signed-off-by: Sebastien Boeuf --- bundle.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/bundle.go b/bundle.go index 6769a889c..5f23e0a6d 100644 --- a/bundle.go +++ b/bundle.go @@ -60,6 +60,9 @@ func NewBundle(workload []string) (*Bundle, error) { return nil, err } + // By default, let's not create a terminal + config.Process.Terminal = false + config.Process.Args = workload bundle := &Bundle{ From 70cfc431e127d94220f279d29739d18578b7ce31 Mon Sep 17 00:00:00 2001 From: Sebastien Boeuf Date: Thu, 29 Nov 2018 12:41:07 -0800 Subject: [PATCH 03/22] functional: Add test checking for container state Following an issue that we found with the kata-runtime regarding a wrong state being reported after the container workload terminated, this patch introduces a test that runs a simple container workload and validate that the value obtained after a few seconds is "stopped". Previously, this test would have failed as we would have retrieved "running", which is a wrong value in this case. Fixes #956 Signed-off-by: Sebastien Boeuf --- container.go | 16 +++++++++++ functional/state_test.go | 58 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 74 insertions(+) create mode 100644 functional/state_test.go diff --git a/container.go b/container.go index 2e682ae20..704cfca23 100644 --- a/container.go +++ b/container.go @@ -185,6 +185,22 @@ func (c *Container) Exec(process Process) (string, string, int) { return cmd.Run() } +// State returns the state of the container +// calls into state command returning its stdout, stderr and exit code +func (c *Container) State() (string, string, int) { + args := []string{} + + args = append(args, "state") + + if c.ID != nil { + args = append(args, *c.ID) + } + + cmd := NewCommand(Runtime, args...) + + return cmd.Run() +} + // List the containers // calls to list command returning its stdout, stderr and exit code func (c *Container) List(format string, quiet bool, all bool) (string, string, int) { diff --git a/functional/state_test.go b/functional/state_test.go new file mode 100644 index 000000000..6d4d9e3f0 --- /dev/null +++ b/functional/state_test.go @@ -0,0 +1,58 @@ +// Copyright (c) 2018 Intel Corporation +// +// SPDX-License-Identifier: Apache-2.0 + +package functional + +import ( + "fmt" + "time" + + . "github.com/kata-containers/tests" + . "github.com/onsi/ginkgo" + . "github.com/onsi/ginkgo/extensions/table" + . "github.com/onsi/gomega" +) + +var ( + stateWorkload = []string{"true"} +) + +const ( + stateStopped = "stopped" + stateWaitTime = 5 +) + +var _ = Describe("state", func() { + var ( + container *Container + err error + ) + + BeforeEach(func() { + container, err = NewContainer(stateWorkload, true) + Expect(err).NotTo(HaveOccurred()) + Expect(container).NotTo(BeNil()) + }) + + AfterEach(func() { + Expect(container.Teardown()).To(Succeed()) + }) + + DescribeTable("container", + func(status string, waitTime int) { + _, stderr, exitCode := container.Run() + Expect(exitCode).To(Equal(0)) + Expect(stderr).To(BeEmpty()) + + time.Sleep(time.Second * time.Duration(waitTime)) + + stdout, stderr, exitCode := container.State() + Expect(exitCode).To(Equal(0)) + Expect(stderr).To(BeEmpty()) + subString := fmt.Sprintf("\"status\": \"%s\"", status) + Expect(stdout).To(ContainSubstring(subString)) + }, + Entry(fmt.Sprintf("with workload %s, timeWait %d", stateWorkload, stateWaitTime), stateStopped, stateWaitTime), + ) +}) From f1205d3f2521dbffdad9faa37e05a7f47ec117ce Mon Sep 17 00:00:00 2001 From: Julio Montes Date: Tue, 4 Dec 2018 13:22:10 -0600 Subject: [PATCH 04/22] integration/docker: fix memory test Fix "hotplug memory when create containers" test, define variables before running the tests and use the right types to compare the values, for example int64 with int64. fixes #830 Signed-off-by: Julio Montes --- integration/docker/mem_test.go | 54 +++++++++++++++++----------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/integration/docker/mem_test.go b/integration/docker/mem_test.go index b61be6514..8fa41f755 100644 --- a/integration/docker/mem_test.go +++ b/integration/docker/mem_test.go @@ -6,14 +6,15 @@ package docker import ( "fmt" - . "github.com/kata-containers/tests" - . "github.com/onsi/ginkgo" - . "github.com/onsi/ginkgo/extensions/table" - . "github.com/onsi/gomega" "math" "os" "strconv" "strings" + + . "github.com/kata-containers/tests" + . "github.com/onsi/ginkgo" + . "github.com/onsi/ginkgo/extensions/table" + . "github.com/onsi/gomega" ) const ( @@ -26,16 +27,9 @@ const ( sysfsMemPath = "/sys/devices/system/memory/" ) -func withDockerMemory(dockerMem int64, fail bool) TableEntry { - var msg string - - if fail { - msg = "hotplug memory when create containers should fail" - } else { - msg = "hotplug memory when create containers should not fail" - } - - return Entry(msg, dockerMem, fail) +func withDockerMemory(dockerMem int64) TableEntry { + msg := "hotplug memory when create containers should not fail" + return Entry(msg, dockerMem) } func withUpdateMemoryConstraints(dockerMem int64, updateMem int64, fail bool) TableEntry { @@ -55,12 +49,18 @@ var _ = Describe("Hotplug memory when create containers", func() { args []string id string defaultMemSz int64 + memBlockSize int64 + exitCode int + stdout string + err error + data string + memBlockNum int ) BeforeEach(func() { id = randomDockerName() defaultMemSz = int64(KataConfig.Hypervisor[DefaultHypervisor].DefaultMemSz) << 20 - Expect(defaultMemSz).To(BeNumerically(">", 0)) + Expect(defaultMemSz).To(BeNumerically(">", int64(0))) }) AfterEach(func() { @@ -68,21 +68,21 @@ var _ = Describe("Hotplug memory when create containers", func() { }) DescribeTable("Hotplug memory when create containers", - func(dockerMem int64, fail bool) { + func(dockerMem int64) { args = []string{"--name", id, "-tid", "--rm", "-m", fmt.Sprintf("%d", dockerMem), Image} - _, _, exitCode := dockerRun(args...) + _, _, exitCode = dockerRun(args...) Expect(exitCode).To(BeZero()) - stdout, _, exitCode := dockerExec(id, "cat", memBlockSizePath) + stdout, _, exitCode = dockerExec(id, "cat", memBlockSizePath) Expect(exitCode).To(BeZero()) - data := strings.Trim(stdout, "\n\t ") - memBlockSize, err := strconv.ParseInt(data, 16, 64) - Expect(err).To(BeNil()) + data = strings.Trim(stdout, "\n\t ") + memBlockSize, err = strconv.ParseInt(data, 16, 64) + Expect(err).ToNot(HaveOccurred()) stdout, _, exitCode = dockerExec(id, "sh", "-c", fmt.Sprintf("find %v -name memory* | wc -l", sysfsMemPath)) Expect(exitCode).To(BeZero()) - memBlockNum, err := strconv.Atoi(strings.Trim(stdout, "\n\t ")) - Expect(err).To(BeNil()) + memBlockNum, err = strconv.Atoi(strings.Trim(stdout, "\n\t ")) + Expect(err).ToNot(HaveOccurred()) memBlockNum-- mem := int64(math.Ceil(float64(dockerMem)/float64(memBlockSize))) * memBlockSize @@ -90,10 +90,10 @@ var _ = Describe("Hotplug memory when create containers", func() { Expect(RemoveDockerContainer(id)).To(BeTrue()) }, - withDockerMemory(100*1024*1024, shouldNotFail), - withDockerMemory(200*1024*1024, shouldNotFail), - withDockerMemory(500*1024*1024, shouldNotFail), - withDockerMemory(1024*1024*1024, shouldNotFail), + withDockerMemory(100*1024*1024), + withDockerMemory(200*1024*1024), + withDockerMemory(500*1024*1024), + withDockerMemory(1024*1024*1024), ) }) From 0153f285ff1165620ba601a6616689bee9f3406e Mon Sep 17 00:00:00 2001 From: Gabriela Cervantes Date: Thu, 29 Nov 2018 07:59:38 -0600 Subject: [PATCH 05/22] test: Check OCI calls Check OCI calls while running a docker run, docker stop and docker run ..true in order to compare the arguments that we get while running the containers with the OCI calls. Fixes #941 Signed-off-by: Gabriela Cervantes --- Makefile | 8 +- integration/oci_calls/oci_call_test.sh | 162 +++++++++++++++++++++++++ 2 files changed, 169 insertions(+), 1 deletion(-) create mode 100755 integration/oci_calls/oci_call_test.sh diff --git a/Makefile b/Makefile index 05891410d..8e82f4423 100644 --- a/Makefile +++ b/Makefile @@ -8,7 +8,7 @@ TIMEOUT := 60 # union for 'make test' -UNION := functional docker crio docker-compose network netmon docker-stability openshift kubernetes swarm vm-factory entropy ramdisk +UNION := functional docker crio docker-compose network netmon docker-stability oci openshift kubernetes swarm vm-factory entropy ramdisk # skipped test suites for docker integration tests SKIP := @@ -81,6 +81,11 @@ cri-containerd: log-parser: make -C cmd/log-parser +oci: + systemctl is-active --quiet docker || sudo systemctl start docker + cd integration/oci_calls && \ + bash -f oci_call_test.sh + openshift: bash -f .ci/install_bats.sh bash -f integration/openshift/run_openshift_tests.sh @@ -128,6 +133,7 @@ check: checkcommits log-parser ginkgo \ kubernetes \ log-parser \ + oci \ openshift \ pentest \ swarm \ diff --git a/integration/oci_calls/oci_call_test.sh b/integration/oci_calls/oci_call_test.sh new file mode 100755 index 000000000..f7aa5b925 --- /dev/null +++ b/integration/oci_calls/oci_call_test.sh @@ -0,0 +1,162 @@ +#!/bin/bash +# +# Copyright (c) 2018 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 +# +# This test will verify the arguments of +# running or stopping a container matches +# with the OCI calls + +set -e + +dir_path=$(dirname "$0") +source "${dir_path}/../../lib/common.bash" + +# Save logs +TMP_FILE=$(mktemp runtimelogs.XXXXX) +# Environment variables +IMAGE="busybox" +PAYLOAD="tail -f /dev/null" +NAME="testoci" + +function remove_tmp_file { + rm -rf $TMP_FILE +} + +trap remove_tmp_file EXIT + +# Get time to filter the logs +function get_time() { + start_time=$(date "+%F %H:%M:%S") +} + +# Get log for a specific time +function get_debug_logs() { + sudo journalctl -q --since "$start_time" -o cat -a -t ${RUNTIME} > ${TMP_FILE} +} + +# Find the arguments or oci calls for a specific command +function check_arguments() { + list_arguments=$(grep -o "arguments=[^ ]*" ${TMP_FILE} --color|cut -d= -f2-|tr -d '"'|tr -d "\\\\") + + [ -n "$list_arguments" ] || die "List of arguments missing" + + # Check arguments vs oci calls + for i in "${oci_call[@]}"; do + echo "$list_arguments" | grep -w "$i" > /dev/null + done +} + +# Find the order of the arguments is equal to the order of the oci call +function order_arguments() { + # Remove all duplicated arguments, remove `state` argument (as it is + # not defined with a specific order and we already checked that is part + # of the oci arguments) and remove an empty space. + local -a final_arguments=$(echo ${list_arguments//state/} | \ + awk '{for (i=1;i<=NF;i++) if (!a[$i]++) printf("%s%s",$i,FS)}' | \ + sed 's/ *$//') + final_oci=$(echo ${oci_call[@]//state/}) + + [[ "${final_oci}" == "${final_arguments}" ]] +} + +function setup() { + clean_env + + check_processes + + extract_kata_env + + # Enable full debug + sudo sed -i 's/#enable_debug = true/enable_debug = true/g' ${RUNTIME_CONFIG_PATH} +} + +function run_oci_call() { + local -a oci_call=( "create" "start" "state" ) + + # This sleep is necessary to gather the correct logs + sleep 10 + + get_time + + # Start a container + docker run -d --runtime=${RUNTIME} --name=${NAME} ${IMAGE} ${PAYLOAD} + + get_debug_logs + + check_arguments + + order_arguments +} + +function stop_oci_call() { + local -a oci_call=( "kill" "delete" "state" ) + + # This sleep is necessary to gather the correct logs + sleep 10 + + get_time + + # Stop a container + docker stop ${NAME} + + get_debug_logs + + docker rm -f ${NAME} + + check_arguments + + order_arguments +} + +function run_oci_call_true() { + # Find docker version + version=$(docker version --format '{{.Server.Version}}' | cut -d '.' -f1-2) + result=$(echo "$version>=18.06" | bc) + if [ ${result} -ne 1 ]; then + local -a oci_call=( "create" "start" "delete" "state" ) + else + local -a oci_call=( "create" "start" "kill" "delete" "state" ) + fi + + # This sleep is necessary to gather the correct logs + sleep 10 + + get_time + + # Run a container with true + docker run --rm --runtime=${RUNTIME} ${IMAGE} true + + get_debug_logs + + check_arguments + + order_arguments +} + +function teardown() { + clean_env + + check_processes + + extract_kata_env + + # Disable full debug + sudo sed -i 's/enable_debug = true/#enable_debug = true/g' ${RUNTIME_CONFIG_PATH} +} + +echo "Running setup" +setup + +echo "Check oci calls for run" +run_oci_call + +echo "Check oci calls for stop" +stop_oci_call + +echo "Check oci calls for run with true" +run_oci_call_true + +echo "Teardown" +teardown From 194b3d5834c0e0082b1e3133867755dbef89312e Mon Sep 17 00:00:00 2001 From: Graham Whaley Date: Thu, 6 Dec 2018 14:23:22 +0000 Subject: [PATCH 06/22] ci: cleanup: fix process kill for multiple processes When trying to kill off stale processes with a combination of pgrep and kill, a mix of line separator and quotations meant the kill only worked if we found a single process. Fix by using a separator of ' '(space) for the pgrep and don't quote the pid expansion - a pid list is just a plain list of numbers with spaces between them. Fixes: #974 Signed-off-by: Graham Whaley --- .ci/lib.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.ci/lib.sh b/.ci/lib.sh index 1e9940cdb..cb0d031f7 100755 --- a/.ci/lib.sh +++ b/.ci/lib.sh @@ -198,8 +198,9 @@ kill_stale_process() extract_kata_env stale_process_union=( "${stale_process_union[@]}" "${PROXY_PATH}" "${HYPERVISOR_PATH}" "${SHIM_PATH}" ) for stale_process in "${stale_process_union[@]}"; do - if pgrep -f "${stale_process}"; then - sudo killall -9 "${stale_process}" || true + local pids=$(pgrep -d ' ' -f "${stale_process}") + if [ -n "$pids" ]; then + sudo kill -9 ${pids} || true fi done } From 7604264d34a3f24f94a569d583b2b3321bda462c Mon Sep 17 00:00:00 2001 From: Peng Tao Date: Wed, 5 Dec 2018 10:06:28 +0800 Subject: [PATCH 07/22] vm_factory: add tests to check new vm time Make sure it is not affected by being created from vm template. Fixes: #968 Signed-off-by: Peng Tao --- integration/vm_factory/vm_templating_test.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/integration/vm_factory/vm_templating_test.sh b/integration/vm_factory/vm_templating_test.sh index 950501d20..740d3268d 100755 --- a/integration/vm_factory/vm_templating_test.sh +++ b/integration/vm_factory/vm_templating_test.sh @@ -70,10 +70,19 @@ check_vm_template_network_setup() { [[ ${IPADDR} =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]] || die "vm eth0 ip is ${IPADDR}" } +check_new_guest_date_time() { + HOSTTIME=$(date +%s) + GUESTTIME=$(sudo docker exec $CONTAINER_NAME date +%s) + [[ ${HOSTTIME} -le ${GUESTTIME} ]] || die "hosttime ${HOSTTIME} guesttime ${GUESTTIME}" +} + test_create_container_with_vm_template() { + # sleep a bit so that template VM time is in the past + sleep 2 sudo docker run --runtime=$RUNTIME -d --name $CONTAINER_NAME $IMAGE $PAYLOAD_ARGS check_qemu_for_vm_template check_vm_template_network_setup + check_new_guest_date_time sudo docker rm -f $CONTAINER_NAME } From a55705559f8e68f53064c8261c0a6b2f28b56c5a Mon Sep 17 00:00:00 2001 From: Graham Whaley Date: Wed, 12 Dec 2018 11:20:36 +0000 Subject: [PATCH 08/22] CI: If runtime config is not found, set sane defaults If we cannot extract path and version information from the runtime for some reason (possibly the runtime is not installed, or the config file is missing for instance), then do not make that a hard failure, but issue an INFO message in the logs and set some sane defaults. This prevents the bare metal cleanup scripts from dying if run on a machine where the runtime is not correctly setup. Fixes: #995 Signed-off-by: Graham Whaley --- lib/common.bash | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/lib/common.bash b/lib/common.bash index b0789c91f..fd84a6926 100755 --- a/lib/common.bash +++ b/lib/common.bash @@ -16,12 +16,38 @@ die(){ exit 1 } +info() { + echo -e "INFO: $*" +} + # Gets versions and paths of all the components # list in kata-env extract_kata_env(){ local toml - toml="$(kata-runtime kata-env)" + # If we cannot find the runtime, or it fails to run for some reason, do not die + # on the error, but set some sane defaults + toml="$(set +e; kata-runtime kata-env)" + if [ $? != 0 ]; then + # We could be more diligent here and search for each individual component, + # but if the runtime cannot tell us the exact details it is configured for then + # we would be guessing anyway - so, set some defaults that may be true and give + # strong hints that we 'made them up'. + info "Runtime environment not found - setting defaults" + RUNTIME_CONFIG_PATH="/usr/share/defaults/kata-containers/configuration.toml" + RUNTIME_VERSION="0.0.0" + RUNTIME_COMMIT="unknown" + RUNTIME_PATH="/usr/local/bin/kata-runtime" + SHIM_PATH="/usr/libexec/kata-containers/kata-shim" + SHIM_VERSION="0.0.0" + PROXY_PATH="/usr/libexec/kata-containers/kata-proxy" + PROXY_VERSION="0.0.0" + HYPERVISOR_PATH="/usr/bin/qemu-system-x86_64" + HYPERVISOR_VERSION="0.0.0" + INITRD_PATH="" + NETMON_PATH="/usr/libexec/kata-containers/kata-netmon" + return 0 + fi # The runtime path itself, for kata-runtime, will be contained in the `kata-env` # section. For other runtimes we do not know where the runtime Docker is using lives. From 53b931bc23d1ef2839229bf069f9bdb23360f759 Mon Sep 17 00:00:00 2001 From: Graham Whaley Date: Wed, 12 Dec 2018 11:23:52 +0000 Subject: [PATCH 09/22] CI: bare metal cleanup should never fail Calling the bare metal cleanup scripts should never result in a hard failure, even if the cleanup fails. We should continue to try and re-install and test the machine. Signed-off-by: Graham Whaley --- .ci/jenkins_job_build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ci/jenkins_job_build.sh b/.ci/jenkins_job_build.sh index 005b47036..865545ffd 100755 --- a/.ci/jenkins_job_build.sh +++ b/.ci/jenkins_job_build.sh @@ -54,7 +54,7 @@ mkdir -p $(dirname "${kata_repo_dir}") if [ "${BAREMETAL}" == true ]; then arch=$("${tests_repo_dir}/.ci/kata-arch.sh") echo "Looking for baremetal cleanup script for arch ${arch}" - clean_up_script="${tests_repo_dir}/.ci/${arch}/clean_up_${arch}.sh" + clean_up_script=("${tests_repo_dir}/.ci/${arch}/clean_up_${arch}.sh") || true if [ -f "${clean_up_script}" ]; then echo "Running baremetal cleanup script for arch ${arch}" tests_repo="${tests_repo}" "${clean_up_script}" From c59e35cffae418213f1026539ee74b7964d06503 Mon Sep 17 00:00:00 2001 From: "James O. D. Hunt" Date: Thu, 13 Dec 2018 09:37:52 +0000 Subject: [PATCH 10/22] CI: Fix static checker test with '--all' Fixed a typo in `check_files()` that was stopping the static analysis script from working correctly when run with `--all`. Fixes #998. Signed-off-by: James O. D. Hunt --- .ci/static-checks.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ci/static-checks.sh b/.ci/static-checks.sh index 2d259c764..6fae70ba6 100755 --- a/.ci/static-checks.sh +++ b/.ci/static-checks.sh @@ -540,7 +540,7 @@ check_files() info "Checking files" - if [ "$specifc_branch" = "true" ] + if [ "$specific_branch" = "true" ] then info "Checking all files in $branch branch" From bd205afc0398d28f76b5a0129676d72a342c4a74 Mon Sep 17 00:00:00 2001 From: Graham Whaley Date: Thu, 13 Dec 2018 11:48:13 +0000 Subject: [PATCH 11/22] CI: logs: reduce the log output upon error Rather than dump the error line found and all its 'freinds', which can result in massive log dumps, let's just dump the log line we found. If somebody does need to look at the complete log, the CI keeps them as artifact attachments to the build run anyway. Fixes: #1000 Signed-off-by: Graham Whaley --- .ci/teardown.sh | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) diff --git a/.ci/teardown.sh b/.ci/teardown.sh index ab258644c..211e31b6b 100755 --- a/.ci/teardown.sh +++ b/.ci/teardown.sh @@ -236,22 +236,11 @@ check_log_files() # Display *all* errors caused by runtime exceptions and fatal # signals. - for pattern in "fatal error" "fatal signal" + for pattern in "fatal error" "fatal signal" "segfault at [0-9]" do # Search for pattern and print all subsequent lines with specified log # level. - results=$(sed -ne "/\<${pattern}\>/,\$ p" "$log" || true | grep "level=\"*error\"*") - if [ -n "$results" ] - then - errors=1 - echo >&2 -e "ERROR: detected ${pattern} in '${log}'\n${results}" - fi - done - - for pattern in "segfault at [0-9]" - do - results=$(sed -ne "/\<${pattern}\>/,\$ p" "$log" || true) - + results=$(grep "${pattern}" "$log" || true ) if [ -n "$results" ] then errors=1 From 9c3327f9033ae1a498e42adfb62ee09dafb26ea4 Mon Sep 17 00:00:00 2001 From: Salvador Fuentes Date: Thu, 13 Dec 2018 12:02:03 -0600 Subject: [PATCH 12/22] test: remove chronic from the soak_parallel_rm test this test started timing out after 5 minutes of inactivity. Seems like this test sometimes takes more minutes than before as we started to see this issue this week. removing chronic here would let the test avoid the timeout. Fixes: #997. Signed-off-by: Salvador Fuentes --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 8e82f4423..37ee8b39a 100644 --- a/Makefile +++ b/Makefile @@ -63,7 +63,7 @@ docker-compose: docker-stability: systemctl is-active --quiet docker || sudo systemctl start docker cd integration/stability && \ - export ITERATIONS=2 && export MAX_CONTAINERS=20 && chronic ./soak_parallel_rm.sh + export ITERATIONS=2 && export MAX_CONTAINERS=20 && ./soak_parallel_rm.sh kubernetes: bash -f .ci/install_bats.sh From c9fa3ace675aeb4879afa342c4b6a51134261a17 Mon Sep 17 00:00:00 2001 From: Hui Zhu Date: Tue, 18 Dec 2018 10:16:42 +0800 Subject: [PATCH 13/22] qemu: Insert Eric Auger's latest PCDIMM/NVDIMM patches for aarch64 Insert Eric Auger's latest PCDIMM/NVDIMM patches for supporting nvdimm on aarch64. Fixes: #961 Signed-off-by: Hui Zhu --- .ci/aarch64/lib_install_qemu_aarch64.sh | 24 +++++++++++++++++++++--- .ci/install_qemu.sh | 2 +- 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/.ci/aarch64/lib_install_qemu_aarch64.sh b/.ci/aarch64/lib_install_qemu_aarch64.sh index 53b6f76a9..ea8691a1d 100755 --- a/.ci/aarch64/lib_install_qemu_aarch64.sh +++ b/.ci/aarch64/lib_install_qemu_aarch64.sh @@ -8,6 +8,8 @@ set -e CURRENT_QEMU_VERSION=$(get_version "assets.hypervisor.qemu.version") PACKAGED_QEMU="qemu" +CURRENT_QEMU_PATCHES_BRANCH=$(get_version "assets.hypervisor.qemu.architecture.aarch64.branch") +CURRENT_QEMU_COMMIT=$(get_version "assets.hypervisor.qemu.architecture.aarch64.commit") get_packaged_qemu_version() { if [ "$ID" == "ubuntu" ]; then @@ -54,7 +56,20 @@ build_and_install_qemu() { pushd "${GOPATH}/src/${QEMU_REPO}" git fetch - git checkout "$CURRENT_QEMU_VERSION" + # if extra patches exist + if [ -n "${CURRENT_QEMU_COMMIT}" ]; then + git checkout "$CURRENT_QEMU_PATCHES_BRANCH" + git checkout "$CURRENT_QEMU_COMMIT" + # Apply required patches + QEMU_PATCHES_PATH="${GOPATH}/src/${PACKAGING_REPO}/obs-packaging/qemu-aarch64/patches" + for patch in ${QEMU_PATCHES_PATH}/*.patch; do + echo "Applying patch: $patch" + patch -p1 <"$patch" + done + else + git checkout "$CURRENT_QEMU_VERSION" + fi + [ -d "capstone" ] || git clone https://github.com/qemu/capstone.git capstone [ -d "ui/keycodemapdb" ] || git clone https://github.com/qemu/keycodemapdb.git ui/keycodemapdb @@ -65,8 +80,11 @@ build_and_install_qemu() { echo "Install Qemu" sudo -E make install - # Add link from /usr/local/bin to /usr/bin - sudo ln -sf $(command -v qemu-system-${QEMU_ARCH}) "/usr/bin/qemu-system-${QEMU_ARCH}" + local qemu_bin=$(command -v qemu-system-${QEMU_ARCH}) + if [ $(dirname ${qemu_bin}) == "/usr/local/bin" ]; then + # Add link from /usr/local/bin to /usr/bin + sudo ln -sf $(command -v qemu-system-${QEMU_ARCH}) "/usr/bin/qemu-system-${QEMU_ARCH}" + fi popd } diff --git a/.ci/install_qemu.sh b/.ci/install_qemu.sh index 0b11d363f..c0bab5704 100755 --- a/.ci/install_qemu.sh +++ b/.ci/install_qemu.sh @@ -104,7 +104,7 @@ main() { elif [ "$QEMU_ARCH" == "aarch64" ]; then packaged_qemu_version=$(get_packaged_qemu_version) short_current_qemu_version=${CURRENT_QEMU_VERSION#*-} - if [ "$packaged_qemu_version" == "$short_current_qemu_version" ]; then + if [ "$packaged_qemu_version" == "$short_current_qemu_version" ] && [ -z "${CURRENT_QEMU_COMMIT}" ]; then install_packaged_qemu || build_and_install_qemu else build_and_install_qemu From 20c4db4fff5e4ed39115ad6dcd08038e436e4806 Mon Sep 17 00:00:00 2001 From: Xu Wang Date: Sat, 29 Dec 2018 16:46:35 +0800 Subject: [PATCH 14/22] static-checks.sh: skip svg figures Fixes: #1018 Signed-off-by: Xu Wang --- .ci/static-checks.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/.ci/static-checks.sh b/.ci/static-checks.sh index 6fae70ba6..a280a30ce 100755 --- a/.ci/static-checks.sh +++ b/.ci/static-checks.sh @@ -360,6 +360,7 @@ check_license_headers() --exclude="*.png" \ --exclude="*.pub" \ --exclude="*.service" \ + --exclude="*.svg" \ --exclude="*.toml" \ --exclude="*.txt" \ --exclude="*.yaml" \ From 7f2287aa57db01502520e5704f4d9c2698eeed26 Mon Sep 17 00:00:00 2001 From: Gabriela Cervantes Date: Fri, 4 Jan 2019 07:09:36 -0600 Subject: [PATCH 15/22] ci: Add packaging repo for kata dependencies We need to add the packaging repo as a repository needed for building the kata containers project. Fixes #1024 Signed-off-by: Gabriela Cervantes --- .ci/resolve-kata-dependencies.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.ci/resolve-kata-dependencies.sh b/.ci/resolve-kata-dependencies.sh index da51e80e7..f2dffd61e 100755 --- a/.ci/resolve-kata-dependencies.sh +++ b/.ci/resolve-kata-dependencies.sh @@ -13,6 +13,7 @@ proxy_repo="${proxy_repo:-github.com/kata-containers/proxy}" runtime_repo="${runtime_repo:-github.com/kata-containers/runtime}" shim_repo="${shim_repo:-github.com/kata-containers/shim}" tests_repo="${tests_repo:-github.com/kata-containers/tests}" +packaging_repo="${tests_repo:-github.com/kata-containers/packaging}" apply_depends_on() { # kata_repo variable is set by the jenkins_job_build.sh @@ -58,7 +59,7 @@ apply_depends_on() { } clone_repos() { - local kata_repos=( "${agent_repo}" "${proxy_repo}" "${runtime_repo}" "${shim_repo}" "${tests_repo}" ) + local kata_repos=( "${agent_repo}" "${proxy_repo}" "${runtime_repo}" "${shim_repo}" "${tests_repo}" "${packaging_repo}" ) for repo in "${kata_repos[@]}" do echo "Cloning ${repo}" From bc043e108e80e9dd64d98a2e32d954a73c61473d Mon Sep 17 00:00:00 2001 From: Jose Carlos Venegas Munoz Date: Tue, 8 Jan 2019 17:17:32 -0600 Subject: [PATCH 16/22] CI: Fix CI testing for packaging Packaging repository variable is incorrect. Fixes: #1024 Signed-off-by: Jose Carlos Venegas Munoz --- .ci/resolve-kata-dependencies.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ci/resolve-kata-dependencies.sh b/.ci/resolve-kata-dependencies.sh index f2dffd61e..0afd89432 100755 --- a/.ci/resolve-kata-dependencies.sh +++ b/.ci/resolve-kata-dependencies.sh @@ -13,7 +13,7 @@ proxy_repo="${proxy_repo:-github.com/kata-containers/proxy}" runtime_repo="${runtime_repo:-github.com/kata-containers/runtime}" shim_repo="${shim_repo:-github.com/kata-containers/shim}" tests_repo="${tests_repo:-github.com/kata-containers/tests}" -packaging_repo="${tests_repo:-github.com/kata-containers/packaging}" +packaging_repo="${packaging_repo:-github.com/kata-containers/packaging}" apply_depends_on() { # kata_repo variable is set by the jenkins_job_build.sh From 7ebe102d82ea88ef0def6e30ebb1238b266ede33 Mon Sep 17 00:00:00 2001 From: Salvador Fuentes Date: Wed, 9 Jan 2019 09:07:20 -0600 Subject: [PATCH 17/22] ci: don't checkout to different branch on packaging repo Packaging repo only has the master branch, so we cannot checkout to a different branch when running tests for stable branches. Fixes: #1034. Signed-off-by: Salvador Fuentes --- .ci/resolve-kata-dependencies.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/.ci/resolve-kata-dependencies.sh b/.ci/resolve-kata-dependencies.sh index 0afd89432..33c1ede81 100755 --- a/.ci/resolve-kata-dependencies.sh +++ b/.ci/resolve-kata-dependencies.sh @@ -90,8 +90,13 @@ clone_repos() { echo "... and rebasing with origin/${branch}" git rebase "origin/${branch}" else - echo "Checking out to ${branch}" - git fetch origin && git checkout "$branch" + # Packaging repo only has master branch, so we + # cannot checkout to a different branch. + if [ "${repo}" != "${packaging_repo}" ] + then + echo "Checking out to ${branch}" + git fetch origin && git checkout "$branch" + fi fi popd done From ab0f0574bd02c379c7501fb8dc4e2bb9053a0500 Mon Sep 17 00:00:00 2001 From: Salvador Fuentes Date: Wed, 9 Jan 2019 14:39:03 -0600 Subject: [PATCH 18/22] travis: add retry for bash install on osx For an unknown reason travis started failing when installing bash on osx, but this is fixed when a second attempt is run. Fixes: #1041. Signed-off-by: Salvador Fuentes --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 9b13cc70c..3edf0657d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -28,7 +28,7 @@ env: before_install: - if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then sudo apt-get update -qq ; fi - if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then sudo apt-get install -y -qq automake ; fi - - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew install bash; fi + - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then travis_retry brew install bash; fi script: - bash .ci/static-checks.sh github.com/kata-containers/tests From d011b0c146b3631f75fce6651a7218ae59ea361d Mon Sep 17 00:00:00 2001 From: Nitesh Konkar Date: Mon, 21 Jan 2019 17:11:43 +0530 Subject: [PATCH 19/22] CI: install qemu as part of CI scripts on ppc64le Add scripts to install qemu as part of the CI. Fixes: #1068 Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com --- .ci/install_qemu.sh | 2 +- .ci/ppc64le/lib_install_qemu_ppc64le.sh | 72 +++++++++++++++++++++++++ 2 files changed, 73 insertions(+), 1 deletion(-) create mode 100755 .ci/ppc64le/lib_install_qemu_ppc64le.sh diff --git a/.ci/install_qemu.sh b/.ci/install_qemu.sh index c0bab5704..2488e23d5 100755 --- a/.ci/install_qemu.sh +++ b/.ci/install_qemu.sh @@ -101,7 +101,7 @@ main() { else build_and_install_qemu fi - elif [ "$QEMU_ARCH" == "aarch64" ]; then + elif [ "$QEMU_ARCH" == "aarch64" ] || [ "$QEMU_ARCH" == "ppc64le" ]; then packaged_qemu_version=$(get_packaged_qemu_version) short_current_qemu_version=${CURRENT_QEMU_VERSION#*-} if [ "$packaged_qemu_version" == "$short_current_qemu_version" ] && [ -z "${CURRENT_QEMU_COMMIT}" ]; then diff --git a/.ci/ppc64le/lib_install_qemu_ppc64le.sh b/.ci/ppc64le/lib_install_qemu_ppc64le.sh new file mode 100755 index 000000000..4316e1e21 --- /dev/null +++ b/.ci/ppc64le/lib_install_qemu_ppc64le.sh @@ -0,0 +1,72 @@ +#!/bin/bash +# +# Copyright (c) 2019 IBM Limited +# +# SPDX-License-Identifier: Apache-2.0 + +set -e + +CURRENT_QEMU_VERSION=$(get_version "assets.hypervisor.qemu.version") +PACKAGED_QEMU="qemu" + +get_packaged_qemu_version() { + if [ "$ID" == "ubuntu" ]; then + #output redirected to /dev/null + sudo apt-get update > /dev/null + qemu_version=$(apt-cache madison $PACKAGED_QEMU \ + | awk '{print $3}' | cut -d':' -f2 | cut -d'+' -f1 | head -n 1 ) + elif [ "$ID" == "fedora" ]; then + qemu_version=$(sudo dnf --showduplicate list ${PACKAGED_QEMU}.${QEMU_ARCH} \ + | awk '/'$PACKAGED_QEMU'/ {print $2}' | cut -d':' -f2 | cut -d'-' -f1 | head -n 1) + qemu_version=${qemu_version%.*} + elif [ "$ID" == "centos" ]; then + qemu_version=$(sudo dnf --showduplicate list ${PACKAGED_QEMU}.${QEMU_ARCH} \ + | awk '/'$PACKAGED_QEMU'/ {print $2}' | cut -d':' -f2 | cut -d'-' -f1 | head -n 1) + fi + + if [ -z "$qemu_version" ]; then + die "unknown qemu version" + else + echo "${qemu_version}" + fi +} + +install_packaged_qemu() { + if [ "$ID" == "ubuntu" ]; then + sudo apt install -y "$PACKAGED_QEMU" + elif [ "$ID" == "fedora" ]; then + sudo dnf install -y "$PACKAGED_QEMU" + elif [ "$ID" == "centos" ]; then + sudo yum install -y "$PACKAGED_QEMU" + else + die "Unrecognized distro" + fi +} + +build_and_install_qemu() { + QEMU_REPO=$(get_version "assets.hypervisor.qemu.url") + # Remove 'https://' from the repo url to be able to clone the repo using 'go get' + QEMU_REPO=${QEMU_REPO/https:\/\//} + PACKAGING_REPO="github.com/kata-containers/packaging" + QEMU_CONFIG_SCRIPT="${GOPATH}/src/${PACKAGING_REPO}/scripts/configure-hypervisor.sh" + + go get -d "${QEMU_REPO}" || true + go get -d "$PACKAGING_REPO" || true + + pushd "${GOPATH}/src/${QEMU_REPO}" + git fetch + git checkout "$CURRENT_QEMU_VERSION" + [ -d "capstone" ] || git clone https://github.com/qemu/capstone.git capstone + [ -d "ui/keycodemapdb" ] || git clone https://github.com/qemu/keycodemapdb.git ui/keycodemapdb + + echo "Build Qemu" + "${QEMU_CONFIG_SCRIPT}" "qemu" | xargs ./configure + make -j $(nproc) + + echo "Install Qemu" + sudo -E make install + + # Add link from /usr/local/bin to /usr/bin + sudo ln -sf $(command -v qemu-system-${QEMU_ARCH}) "/usr/bin/qemu-system-${QEMU_ARCH}" + popd +} From 6463b73c234d218c4ea230876bc84658b0849032 Mon Sep 17 00:00:00 2001 From: "James O. D. Hunt" Date: Thu, 24 Jan 2019 10:32:41 +0000 Subject: [PATCH 20/22] CI: Fix new URL check logic in static check script Fix a big in the static check script `check_docs()` function where regex anchoring was being used with `grep`. That command doesn't understand anchors so it needs to be `egrep` instead. Fixes #1085. Signed-off-by: James O. D. Hunt --- .ci/static-checks.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.ci/static-checks.sh b/.ci/static-checks.sh index a280a30ce..2dea07fb7 100755 --- a/.ci/static-checks.sh +++ b/.ci/static-checks.sh @@ -473,7 +473,7 @@ check_docs() if [ "$specific_branch" != "true" ] then # If the URL is new on this PR, it cannot be checked. - echo "$new_urls" | grep -q "\<${url}\>" && \ + echo "$new_urls" | egrep -q "\<${url}\>" && \ info "ignoring new (but correct) URL: $url" && continue fi From 83276d31c73a5d3cd85febaef9438965db541a98 Mon Sep 17 00:00:00 2001 From: Nitesh Konkar Date: Fri, 25 Jan 2019 11:56:30 +0530 Subject: [PATCH 21/22] CI: fix qemu install from build/package Fix qemu installation which is part of the CI irrespective of the installation being from source or package. Fixes: #1093 Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com --- .ci/ppc64le/lib_install_qemu_ppc64le.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.ci/ppc64le/lib_install_qemu_ppc64le.sh b/.ci/ppc64le/lib_install_qemu_ppc64le.sh index 4316e1e21..66c332dea 100755 --- a/.ci/ppc64le/lib_install_qemu_ppc64le.sh +++ b/.ci/ppc64le/lib_install_qemu_ppc64le.sh @@ -7,7 +7,8 @@ set -e CURRENT_QEMU_VERSION=$(get_version "assets.hypervisor.qemu.version") -PACKAGED_QEMU="qemu" +PACKAGED_QEMU="qemu-system-ppc" +BUILT_QEMU="qemu-system-ppc64" get_packaged_qemu_version() { if [ "$ID" == "ubuntu" ]; then @@ -66,7 +67,6 @@ build_and_install_qemu() { echo "Install Qemu" sudo -E make install - # Add link from /usr/local/bin to /usr/bin - sudo ln -sf $(command -v qemu-system-${QEMU_ARCH}) "/usr/bin/qemu-system-${QEMU_ARCH}" + sudo ln -sf $(command -v ${BUILT_QEMU}) "/usr/bin/qemu-system-${QEMU_ARCH}" popd } From df00e9e09298c7d120271e87f4d4ed9bd406811b Mon Sep 17 00:00:00 2001 From: Graham Whaley Date: Wed, 30 Jan 2019 11:04:45 +0000 Subject: [PATCH 22/22] ci: Add a CODEOWNERS file for github ack checks Add a CODEOWNERS file so we can get github to automatically request reviews. In this instance, specifically the docs team for markdown documents. Fixes: #1102 Signed-off-by: Graham Whaley --- CODEOWNERS | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 CODEOWNERS diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 000000000..e48c094af --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1,13 @@ +# Copyright 2019 Intel Corporation. +# +# SPDX-License-Identifier: Apache-2.0 +# +# Define any code owners for this repository. +# The code owners lists are used to help automatically enforce +# reviews and acks of the right groups on the right PRs. + +# Order in this file is important. Only the last match will be +# used. See https://help.github.com/articles/about-code-owners/ + +*.md @kata-containers/documentation +