Skip to content

CI

CI #2337

Workflow file for this run

name: CI
on:
pull_request:
push:
merge_group:
schedule:
- cron: '0 0 * * *' # Every day at midnight
jobs:
checks:
name: Checks
runs-on: ${{ matrix.os }}
timeout-minutes: 20
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
steps:
- uses: actions/checkout@v4
- run: ./scripts/install-protobuf.sh
shell: bash
- run: cargo check --examples --tests --all-targets
- run: cargo check --examples --tests --all-targets --all-features
- run: rustup toolchain install nightly --component rustfmt
- run: cargo +nightly fmt --all -- --check --files-with-diff
- run: cargo clippy --all-targets -- -D warnings
- run: cargo clippy --all-targets --all-features -- -D warnings
# the shim has sync code that is not covered when running with --all-features
- run: cargo clippy -p containerd-shim --all-targets -- -D warnings
- run: cargo doc --no-deps --features docs
env:
RUSTDOCFLAGS: -Dwarnings
- name: check unused dependencies
uses: bnjbvr/cargo-machete@v0.7.0
# TODO: Merge this with the checks job above
windows-checks:
name: Windows Checks
runs-on: windows-latest
timeout-minutes: 20
steps:
- uses: actions/checkout@v4
- run: ./scripts/install-protobuf.sh
shell: bash
- run: cargo check --examples --tests -p containerd-shim -p containerd-shim-protos -p containerd-client
- run: rustup toolchain install nightly --component rustfmt
- run: cargo +nightly fmt -p containerd-shim -p containerd-shim-protos -p containerd-client -- --check --files-with-diff
- run: cargo clippy -p containerd-shim -p containerd-shim-protos -- -D warnings
- run: cargo doc --no-deps -p containerd-shim -p containerd-shim-protos -p containerd-client
env:
RUSTDOCFLAGS: -Dwarnings
tests:
name: Tests
runs-on: ${{ matrix.os }}
timeout-minutes: 15
strategy:
matrix:
os: [ubuntu-latest, macos-latest, windows-latest]
steps:
- uses: actions/checkout@v4
- run: ./scripts/install-protobuf.sh
shell: bash
- run: |
# runc-shim::cgroup::test_add_cgroup needs root permission to set cgroup
mkdir -p /tmp/dummy-xdr
sudo -E $(command -v cargo) test
sudo -E $(command -v cargo) test --all-features
# the shim has sync code that is not covered when running with --all-features
sudo -E $(command -v cargo) test -p containerd-shim
if: ${{ !contains(matrix.os, 'windows') }}
env:
# runc::tests::test_exec needs $XDG_RUNTIME_DIR to be set
XDG_RUNTIME_DIR: /tmp/dummy-xdr
- run: cargo test -p containerd-shim -p containerd-shim-protos -p containerd-client
if: ${{ contains(matrix.os, 'windows') }}
# Collect build timings
# See https://blog.rust-lang.org/2022/04/07/Rust-1.60.0.html#cargo---timings
timings:
name: Timings
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- uses: actions/checkout@v4
- run: ./scripts/install-protobuf.sh
shell: bash
- run: cargo build --all-features --timings
- uses: actions/upload-artifact@v4
with:
name: timings
path: target/cargo-timings/cargo-timing.html
if-no-files-found: error
deny:
name: Deny
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- uses: EmbarkStudios/cargo-deny-action@v1
linux-integration:
name: Linux Integration
runs-on: ${{ matrix.os }}
timeout-minutes: 40
strategy:
matrix:
os: [ubuntu-20.04, ubuntu-22.04]
containerd: [v1.6.28, v1.7.13, v2.0.0-beta.2]
steps:
- name: Checkout extensions
uses: actions/checkout@v4
- name: Download containerd archive
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh release download ${{ matrix.containerd }} \
--repo containerd/containerd \
--pattern 'containerd-1.*-linux-amd64.tar.gz' \
--pattern 'containerd-2.*-linux-amd64.tar.gz' \
--output containerd.tar.gz
- name: Extract containerd binaries to $HOME/.local/bin
run: |
mkdir -p $HOME/.local/bin
echo "$HOME/.local/bin" >> $GITHUB_PATH
tar -xf containerd.tar.gz -C $HOME/.local
- name: Checkout containerd
uses: actions/checkout@v4
with:
repository: containerd/containerd
path: src/github.com/containerd/containerd
ref: ${{ matrix.containerd }}
- name: Install shim
run: |
cargo build --release --bin containerd-shim-runc-v2-rs
sudo install -D ./target/release/containerd-shim-runc-v2-rs /usr/local/bin/
## get latest go version for integrations tests so we can skip runnings tests
- uses: actions/setup-go@v5
with:
go-version: '1.20.12'
- name: Integration
env:
TEST_RUNTIME: "io.containerd.runc.v2-rs"
TESTFLAGS_PARALLEL: 1
EXTRA_TESTFLAGS: "-no-criu -test.skip='(TestContainerPTY|TestContainerExecLargeOutputWithTTY|TestTaskUpdate|TestTaskResize|TestContainerAttach|TestContainerAttachProcess|TestRuntimeInfo)'"
TESTFLAGS_RACE: "-race"
# Pretend crun for now, remove after https://github.com/containerd/containerd/pull/9829
RUNC_FLAVOR: "crun"
run: |
sudo -E PATH=$PATH make integration
working-directory: src/github.com/containerd/containerd
windows-integration:
name: Windows Integration
runs-on: ${{ matrix.os }}
timeout-minutes: 40
strategy:
matrix:
os: [windows-latest]
containerd: [1.7.0]
steps:
- name: Checkout extensions
uses: actions/checkout@v4
- run: ./scripts/install-protobuf.sh
shell: bash
- name: Install containerd
run: |
$ErrorActionPreference = "Stop"
# Install containerd https://github.com/containerd/containerd/blob/v1.7.0/docs/getting-started.md#installing-containerd-on-windows
# Download and extract desired containerd Windows binaries
curl.exe -L https://github.com/containerd/containerd/releases/download/v${{ matrix.containerd }}/containerd-${{ matrix.containerd }}-windows-amd64.tar.gz -o containerd-windows-amd64.tar.gz
tar.exe xvf .\containerd-windows-amd64.tar.gz
# Copy and configure
mkdir "$Env:ProgramFiles\containerd"
Copy-Item -Path ".\bin\*" -Destination "$Env:ProgramFiles\containerd" -Recurse -Force
cd $Env:ProgramFiles\containerd\
.\containerd.exe config default | Out-File config.toml -Encoding ascii
# Review the configuration. Depending on setup you may want to adjust:
# - the sandbox_image (Kubernetes pause image)
# - cni bin_dir and conf_dir locations
Get-Content config.toml
# Register and start service
.\containerd.exe --register-service
Start-Service containerd
working-directory: ${{ runner.temp }}
- name: Run integration test
run: |
$ErrorActionPreference = "Stop"
get-service containerd
$env:TTRPC_ADDRESS="\\.\pipe\containerd-containerd.ttrpc"
# run the example
cargo run -p containerd-shim --example skeleton -- -namespace default -id 1234 -address "\\.\pipe\containerd-containerd" -publish-binary ./bin/containerd start
ps skeleton
cargo run -p containerd-shim-protos --example shim-proto-connect \\.\pipe\containerd-shim-bc764c65e177434fcefe8257dc440be8b8acf7c96156320d965938f7e9ae1a35-pipe
$skeleton = get-process skeleton -ErrorAction SilentlyContinue
if ($skeleton) { exit 1 }
- name: Run client
run: |
$ErrorActionPreference = "Stop"
get-service containerd
cargo run -p containerd-client --example version
# Currently Github actions UI supports no masks to mark matrix jobs as required to pass status checks.
# This means that every time version of Go, containerd, or OS is changed, a corresponding job should
# be added to the list of required checks. Which is not very convenient.
# To workaround this, a special job is added to report statuses of all other jobs, with fixed title.
# So it needs to be added to the list of required checks only once.
#
# See https://github.com/orgs/community/discussions/26822
results:
name: Report required job statuses
runs-on: ubuntu-latest
# List job dependencies which are required to pass status checks in order to be merged via merge queue.
needs: [checks, windows-checks, tests, deny, linux-integration, windows-integration]
if: ${{ always() }}
steps:
- run: exit 1
if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}