diff --git a/.github/workflows/test-pr.yml b/.github/workflows/test-pr.yml new file mode 100644 index 00000000..7f3fe3fd --- /dev/null +++ b/.github/workflows/test-pr.yml @@ -0,0 +1,60 @@ +name: Sysbox Tests + +on: + pull_request: + branches: + - master + - main + paths-ignore: + - '**.md' + - 'docs/**' + - 'LICENSE' + - 'MAINTAINERS' + - 'OSS_DISCLOSURES.md' + +jobs: + test: + name: Run Sysbox Tests + runs-on: ubuntu-22.04 + timeout-minutes: 120 + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + submodules: recursive + fetch-depth: 0 + + - name: Free up disk space + run: | + sudo rm -rf /usr/share/dotnet + sudo rm -rf /opt/ghc + sudo rm -rf /usr/local/share/boost + sudo docker system prune -af + df -h + + - name: Build test container image + run: | + make test-img + + - name: Prepare test volumes + run: | + sudo mkdir -p /var/tmp/sysbox-test-var-lib + sudo mkdir -p /var/tmp/sysbox-test-scratch + sudo mkdir -p /var/tmp/sysbox-test-run-sysbox + + - name: Run Sysbox CI tests in container + run: | + make test-sysbox-ci + + - name: Collect logs on failure + if: failure() + run: | + docker logs sysbox-test 2>&1 | tail -n 1000 || true + docker ps -a + + - name: Cleanup + if: always() + run: | + make test-cleanup || true + docker system prune -a -f || true diff --git a/tests/kind/kind-custom-net.bats b/tests/kind/kind-custom-net.bats index 3b05eea2..a4259103 100644 --- a/tests/kind/kind-custom-net.bats +++ b/tests/kind/kind-custom-net.bats @@ -28,7 +28,7 @@ export num_workers=2 export KUBECONFIG=${HOME}/.kube/${cluster}-config # Cluster's node image. -export k8s_version="v1.21.12" +export k8s_version="v1.32.9" export node_image="${CTR_IMG_REPO}/k8s-node-test:${k8s_version}" function teardown() { diff --git a/tests/pods/k8s-in-pod.bats b/tests/pods/k8s-in-pod.bats index 83b6b311..10947516 100644 --- a/tests/pods/k8s-in-pod.bats +++ b/tests/pods/k8s-in-pod.bats @@ -50,7 +50,7 @@ function teardown() { crictl exec $k8s_worker_syscont sh -c 'echo "127.0.0.1 localhost" > /etc/hosts' # Initialize the K8s master pod - crictl exec $k8s_master_syscont sh -c "kubeadm init --kubernetes-version=v1.21.12 --pod-network-cidr=10.244.0.0/16" + crictl exec $k8s_master_syscont sh -c "kubeadm init --kubernetes-version=v1.32.9 --pod-network-cidr=10.244.0.0/16" # Configure kubectl to talk to inner K8s cluster crictl_kubectl_config $k8s_master_syscont "inner-cluster" diff --git a/tests/pods/manifests/k8s-master-container.json b/tests/pods/manifests/k8s-master-container.json index e641e13d..e2ca6087 100644 --- a/tests/pods/manifests/k8s-master-container.json +++ b/tests/pods/manifests/k8s-master-container.json @@ -3,7 +3,7 @@ "name": "k8s-master" }, "image":{ - "image": "ghcr.io/nestybox/k8s-node-test:v1.21.12" + "image": "ghcr.io/nestybox/k8s-node-test:v1.32.9" }, "command": [ "/sbin/init" diff --git a/tests/pods/manifests/k8s-worker-container.json b/tests/pods/manifests/k8s-worker-container.json index 72a1975c..b7a5c1dd 100644 --- a/tests/pods/manifests/k8s-worker-container.json +++ b/tests/pods/manifests/k8s-worker-container.json @@ -3,7 +3,7 @@ "name": "k8s-worker" }, "image":{ - "image": "ghcr.io/nestybox/k8s-node-test:v1.21.12" + "image": "ghcr.io/nestybox/k8s-node-test:v1.32.9" }, "command": [ "/sbin/init" diff --git a/tests/scr/kindbox b/tests/scr/kindbox index 438d6f66..ef5389eb 100755 --- a/tests/scr/kindbox +++ b/tests/scr/kindbox @@ -173,6 +173,29 @@ function flannel_unconfig() { fi } +function coredns_fix_loop() { + local node=$1 + local output + + # Fix CoreDNS loop detection issue by forwarding to external DNS (8.8.8.8) instead + # of /etc/resolv.conf. This is specific to running Kubernetes inside containers (like + # our kindbox setup) because the container's /etc/resolv.conf doesn't point to real + # external nameservers; instead, it points to Docker's internal DNS or localhost, which + # eventually loops back to CoreDNS itself. + output=$(sh -c "docker exec ${node} sh -c 'kubectl get configmap coredns -n kube-system -o yaml | sed \"s|forward . /etc/resolv.conf|forward . 8.8.8.8 8.8.4.4|g\" | kubectl apply -f -'" 2>&1) + if [[ $? -ne 0 ]]; then + echo "$output" + return 1 + fi + + # Restart CoreDNS pods to apply the new configuration. + output=$(sh -c "docker exec ${node} sh -c 'kubectl delete pods -n kube-system -l k8s-app=kube-dns'" 2>&1) + if [[ $? -ne 0 ]]; then + echo "$output" + return 1 + fi +} + function weave_config() { local node=$1 local output @@ -339,6 +362,15 @@ function k8s_master_init() { return 1 fi + [[ $VERBOSE ]] && printf " - Fixing CoreDNS loop detection on $node ...\n" + + # Required to fix DNS forwarding loop + output=$(coredns_fix_loop ${node}) + if [[ $? -ne 0 ]]; then + ERR="coredns fix failed on ${node}: ${output}" + return 1 + fi + [[ $VERBOSE ]] && printf " - Waiting for $node to be ready ...\n" output=$(wait_for_node_ready ${node}) diff --git a/tests/scr/testSysbox b/tests/scr/testSysbox index 52f28d78..af4c1508 100755 --- a/tests/scr/testSysbox +++ b/tests/scr/testSysbox @@ -89,7 +89,7 @@ function run_ci_tests() { printf "\nExecuting multi-arch tests ... \n" bats --tap tests/multi-arch printf "\nExecuting buildx + buildkit tests ... \n" - bats --tap tests/buildx/basic.bats + bats --tap tests/buildx/build.bats printf "\nExecuting xattr syscall tests ... \n" bats --tap tests/syscall/xattr printf "\nExecuting basic mount syscall-interception tests ... \n" @@ -358,14 +358,19 @@ function main() { fi test_with_idmapped_and_shiftfs - test_with_idmapped_only - test_with_shiftfs_only - test_with_rootfs_cloning - test_with_containerd_image_store - test_with_docker_userns_remap + + # Skip all this scenarios when running CI workflows to keep execution time + # under 1h. + if [ -z "$TEST_SYSBOX_CI" ]; then + test_with_idmapped_only + test_with_shiftfs_only + test_with_rootfs_cloning + test_with_containerd_image_store + test_with_docker_userns_remap + fi + test_sysbox_config test_sysbox_lifecycle - fi }