From b9fc67d6189cc2c0921eb67e4b61401eb96832e2 Mon Sep 17 00:00:00 2001 From: Jie Chen Date: Tue, 11 Feb 2025 09:49:23 -0800 Subject: [PATCH] Revert "Enabled Linux UVM tests to run on 1ES github runner pool" This reverts commit e5c83a121b980b1b85f4df0813cfba2d83572bac. The OIDC authentication is failing for PRs from external contributors because the id-token write permission is not granted to forked repos. Disabling the Linux UVM tests for now until it is fixed. Signed-off-by: Jie Chen --- .github/workflows/ci.yml | 140 +-------------------------- test/functional/uvm_plannine_test.go | 1 - 2 files changed, 5 insertions(+), 136 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3ffb9d99c9..52de7009c9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -12,12 +12,6 @@ env: GOTESTSUM_CMD: "gotestsum --format standard-verbose --debug --" GOTESTSUM_CMD_RAW: "gotestsum --format standard-verbose --debug --raw-command -- go tool test2json -t" - LCOW_ARTIFACT_PROJECT: "ContainerPlatform" - LCOW_ARTIFACT_FEED: "ContainerPlat-Dev" - LCOW_ARTIFACT_NAME: "azurelinux-uvm" - LCOW_ARTIFACT_VERSION: "*.*.*" - LINUX_BOOT_FILES_PATH: ${{ github.workspace }}/LinuxBootFiles - jobs: lint: runs-on: "windows-2022" @@ -238,100 +232,6 @@ jobs: exit $LASTEXITCODE } - # This job downloads the Linux boot files from the Azure Artifact feed and - # create the rootfs containing the local Linux-GCS. It needs to be run on - # the 1ES github runner pool in order to access the Azure Artifact feed. - create-linux-boot-files: - runs-on: - - self-hosted - - 1ES.Pool=containerplat-github-runner-pool-east-us-2 - - 1ES.ImageOverride=github-mms-ubuntu-22 - permissions: - id-token: write # This is required for OIDC login (azure/login) to succeed - contents: read # This is required for actions/checkout to succeed - steps: - - name: Checkout hcsshim - uses: actions/checkout@v4 - with: - show-progress: false - - - name: Azure OIDC Login - uses: azure/login@v2 - with: - client-id: "930a0428-2b45-4cf9-9afe-b81bde516504" - tenant-id: "72f988bf-86f1-41af-91ab-2d7cd011db47" - allow-no-subscriptions: true - - - name: Download artifact from feed - uses: azure/cli@v2 - with: - azcliversion: latest - inlineScript: | - az extension add --name azure-devops - export DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=1 - - az artifacts universal download \ - --organization "https://msazure.visualstudio.com/" \ - --project ${{ env.LCOW_ARTIFACT_PROJECT }} \ - --scope project \ - --feed ${{ env.LCOW_ARTIFACT_FEED }} \ - --name ${{ env.LCOW_ARTIFACT_NAME }} \ - --version ${{ env.LCOW_ARTIFACT_VERSION }} \ - --path ./downloaded_artifacts - - - name: Show downloaded lcow artifacts - run: find ./downloaded_artifacts -maxdepth 3 -ls - - - name: Create directory for storing linux boot files - run: | - mkdir -p ${{ env.LINUX_BOOT_FILES_PATH }}/ - mkdir -p ./temp_rootfs/ - - - name: Copy Linux kernel and rootfs tar files - run: | - mv ./downloaded_artifacts/LinuxBootFiles/kernel ${{ env.LINUX_BOOT_FILES_PATH }}/ - mv ./downloaded_artifacts/LinuxBootFiles/vmlinux ${{ env.LINUX_BOOT_FILES_PATH }}/ - mv ./downloaded_artifacts/rootfs-*.tar.gz ./temp_rootfs/ - - - name: Install dependencies - run: | - sudo apt-get update - sudo apt-get install -y make gcc binutils linux-headers-generic \ - libarchive-tools btrfs-progs libseccomp-dev pkg-config cpio libkmod-dev - - - name: Create rootfs containing the local Linux-GCS - run: | - chmod a+x ${{ github.workspace }}/hack/catcpio.sh - - # Find the full file name for rootfs tar - ROOTFS_TAR=$(ls temp_rootfs/rootfs-*.tar.gz | head -n 1) - echo "The full file name is $ROOTFS_TAR" - - make clean - sudo make KMOD=1 BASE=${{ github.workspace }}/$ROOTFS_TAR rootfs - - - name: Move newly created rootfs.vhd and initrd.img - run: | - mv out/rootfs.vhd ${{ env.LINUX_BOOT_FILES_PATH }}/ - mv out/initrd.img ${{ env.LINUX_BOOT_FILES_PATH }}/ - - # This is a workaround to overcome the limitation of actions/upload-artifact@v4 used in later jobs. - # See https://github.com/actions/upload-artifact/tree/v4/?tab=readme-ov-file#permission-loss. - - name: Tar the files to preserve file permissions prior to upload - run: | - cd ${{ env.LINUX_BOOT_FILES_PATH }} - tar -cvf ../linux_boot_files.tar . - - # Upload the Linux boot files so that they can be used in later jobs. - - name: Upload Linux boot files to artifact - uses: actions/upload-artifact@v4 - with: - name: linux_artifact - path: linux_boot_files.tar - if-no-files-found: error - overwrite: true - retention-days: 1 - test-linux: needs: [lint, protos, verify-vendor, go-gen] runs-on: ubuntu-latest @@ -367,7 +267,7 @@ jobs: test-windows: name: test-windows (${{ matrix.name }}) - needs: [lint, protos, verify-vendor, go-gen, create-linux-boot-files] + needs: [lint, protos, verify-vendor, go-gen] runs-on: ${{ matrix.runner }} strategy: fail-fast: false @@ -376,15 +276,9 @@ jobs: [windows-2022, windows-2019] include: - name: "windows-2019" - runner: - - self-hosted - - 1ES.Pool=containerplat-github-runner-pool-east-us-2 - - 1ES.ImageOverride=github-mms-ws2019-containers-enabled + runner: [self-hosted, 1ES.Pool=containerplat-github-runner-pool-east-us-2, 1ES.ImageOverride=github-mms-ws2019-containers-enabled] - name: "windows-2022" - runner: - - self-hosted - - 1ES.Pool=containerplat-github-runner-pool-east-us-2 - - 1ES.ImageOverride=github-mms-ws2022-containers-enabled + runner: [self-hosted, 1ES.Pool=containerplat-github-runner-pool-east-us-2, 1ES.ImageOverride=github-mms-ws2022-containers-enabled] steps: - name: Checkout uses: actions/checkout@v4 @@ -450,26 +344,6 @@ jobs: ${{ env.GOTESTSUM_CMD_RAW }} ./containerd-shim-runhcs-v1.test.exe '-test.v' working-directory: test - - name: Create directory for Linux boot files - shell: pwsh - run: mkdir -p ${{ env.LINUX_BOOT_FILES_PATH }}/ - - # Download Linux kernel files and newly created rootfs containing the Linux-GCS under testing. - - name: Download Linux boot files from artifact - uses: actions/download-artifact@v4 - with: - name: linux_artifact - - - name: Extract Linux boot files - shell: pwsh - run: | - tar -xvf linux_boot_files.tar -C ${{ env.LINUX_BOOT_FILES_PATH }}/ - - - name: Display downloaded Linux boot files - shell: pwsh - run: | - Get-ChildItem -Recurse -Force -Path ${{ env.LINUX_BOOT_FILES_PATH }}/ - - name: Build and run functional testing binary run: | ${{ env.GO_BUILD_TEST_CMD }} ./functional @@ -486,12 +360,8 @@ jobs: exit $LASTEXITCODE } - # Don't run LCOW integrity tests. - # Windows/Linux uVM tests will be run on 1ES Github Runner Pool. - $cmd = '${{ env.GOTESTSUM_CMD_RAW }} ./functional.test.exe ' + - '-exclude=LCOWIntegrity ' + - '-linux-bootfiles=${{ env.LINUX_BOOT_FILES_PATH }} ' + - '-test.timeout=1h -test.v -log-level=info' + # Don't run Linux uVM (ie, nested virt) or LCOW integrity tests. Windows uVM tests will be run on 1ES runner pool. + $cmd = '${{ env.GOTESTSUM_CMD_RAW }} ./functional.test.exe -exclude=LCOW,LCOWIntegrity -test.timeout=1h -test.v -log-level=info' $cmd = $cmd -replace 'gotestsum', $gotestsum Write-Host "gotestsum command: $cmd" diff --git a/test/functional/uvm_plannine_test.go b/test/functional/uvm_plannine_test.go index 5d21ef1afa..3b0b3d582d 100644 --- a/test/functional/uvm_plannine_test.go +++ b/test/functional/uvm_plannine_test.go @@ -52,7 +52,6 @@ func TestPlan9(t *testing.T) { } func TestPlan9_Writable(t *testing.T) { - t.Skip("not yet working on the azurelinux rootfs") require.Build(t, osversion.RS5) requireFeatures(t, featureLCOW, featureUVM, featurePlan9) ctx := util.Context(context.Background(), t)