-
Notifications
You must be signed in to change notification settings - Fork 30
/
spread.yaml
142 lines (124 loc) · 4.36 KB
/
spread.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
project: core-initrd
environment:
SETUPDIR: /home/core-initrd
PROJECT_PATH: $SETUPDIR
PATH: $PATH:$PROJECT_PATH/tests/bin
TESTSLIB: $PROJECT_PATH/tests/lib
SNAP_BRANCH: "edge" # stable/edge/beta
# TODO: are these vars needed still?
LANG: "C.UTF-8"
LANGUAGE: "en"
UBUNTU_IMAGE_CHANNEL: "latest/edge"
backends:
google-nested:
type: google
key: '$(HOST: echo "$SPREAD_GOOGLE_KEY")'
location: snapd-spread/us-east1-b
plan: n2-standard-2
halt-timeout: 2h
systems:
- ubuntu-24.10-64:
image: ubuntu-24.10-64
storage: 20G
qemu-nested:
type: qemu
# TODO:UC22: uc22 needs 2G or grub will not loopback the kernel snap
# we use nested VM's, so use 4G for the host until we can boot
# uc22 with less RAM
memory: 4G
systems:
- ubuntu-24.10-64:
username: ubuntu
password: ubuntu
lxd-nested:
type: lxd
container-profiles: coreinitrd
systems:
- ubuntu-24.10:
image: ucspread26
path: /home/core-initrd
exclude:
- .git
- "*.o"
- "*.a"
- "*.snap"
- "*.img"
prepare: |
# NOTE: This part of the code needs to be in spread.yaml as it runs before
# the rest of the source code (including the tests/lib directory) is
# around. The purpose of this code is to fix some connectivity issues setup
# spread functions to be more usable outside of the explicit task.yaml
# sections.
# apt update is hanging on security.ubuntu.com with IPv6, prefer IPv4 over IPv6
cat <<EOF > gai.conf
precedence ::1/128 50
precedence ::/0 40
precedence 2002::/16 30
precedence ::/96 20
precedence ::ffff:0:0/96 100
EOF
if ! mv gai.conf /etc/gai.conf; then
echo "/etc/gai.conf is not writable, ubuntu-core system? apt update won't be affected in that case"
rm -f gai.conf
fi
# Take the MATCH and REBOOT functions from spread and allow our shell
# scripts to use them as shell commands. The replacements are real
# executables in tests/lib/bin (which is on PATH) but they source
# spread-funcs.sh written here, base on the definitions provided by SPREAD.
# This ensures that 1) spread functions define the code 2) both MATCH and
# REBOOT are executables and not functions, and can be called from any
# context.
type MATCH | tail -n +2 > "$TESTSLIB"/spread-funcs.sh
unset MATCH
type REBOOT | tail -n +2 >> "$TESTSLIB"/spread-funcs.sh
unset REBOOT
# it takes a while to build everything while preparing the project
warn-timeout: 40m
# but it shouldn't take _too_ long...
kill-timeout: 50m
suites:
tests/spread/build/:
summary: Build task for the core snap.
manual: true
tests/spread/ci/:
summary: CI specific tasks for core-base.
manual: true
tests/spread/main/:
summary: Main spread tests
environment:
# since we are only testing uc22 here, disable kvm unless the env
# specifically knows kvm works and sets this to true
# kvm specifically does not work on GCE with focal L1 VM and focal (UC22)
# L2 VM's because the L2 VM intermittently and randomly hangs and GCE's
# hypervisor will restart the VM, there is not currently a known
# workaround
ENABLE_KVM: '$(HOST: echo "${SPREAD_ENABLE_KVM:-false}")'
# variants of various system setup below, turning on/off secure boot and
# enabling/disabling tpm, this ensures that all tests we write will be run
# against all variants
# TODO: are there other variants/knobs the initramfs we want to support
# testing?
# full encryption has TPM and secure boot
ENABLE_TPM/fullenc: true
ENABLE_SECURE_BOOT/fullenc: true
# only secboot does not have a TPM
ENABLE_TPM/onlysecboot: false
ENABLE_SECURE_BOOT/onlysecboot: true
# only tpm does not have secure boot
ENABLE_TPM/onlytpm: true
ENABLE_SECURE_BOOT/onlytpm: false
# no enc does not have secure boot or tpm
ENABLE_TPM/noenc: false
ENABLE_SECURE_BOOT/noenc: false
prepare: |
# prepare common uc image setup by repacking snaps, etc
"$TESTSLIB"/prepare-uc.sh
restore-each: |
# delete the nested VM image after each task finishes so we don't use too much
# disk space
. "$TESTSLIB/nested.sh"
cleanup_nested_core_vm
debug-each: |
. "$TESTSLIB/nested.sh"
print_nested_status
# vim:ts=4:sw=4:et