mirror of
https://github.com/containers/aardvark-dns.git
synced 2026-02-05 09:45:32 +01:00
264 lines
9.0 KiB
YAML
264 lines
9.0 KiB
YAML
---
|
|
|
|
# Format Ref: https://cirrus-ci.org/guide/writing-tasks/
|
|
|
|
# Main collection of env. vars to set for all tasks and scripts.
|
|
env:
|
|
# Actual|intended branch for this run
|
|
DEST_BRANCH: "main"
|
|
# The default is 'sh' if unspecified
|
|
CIRRUS_SHELL: "/bin/bash"
|
|
# Location where source repo. will be cloned
|
|
CIRRUS_WORKING_DIR: "/var/tmp/aardvark-dns"
|
|
# Rust package cache also lives here
|
|
CARGO_HOME: "/var/cache/cargo"
|
|
# Rust compiler output lives here (see Makefile)
|
|
CARGO_TARGET_DIR: "$CIRRUS_WORKING_DIR/targets"
|
|
# Testing depends on the latest netavark binary from upstream CI
|
|
NETAVARK_BRANCH: "main"
|
|
NETAVARK_URL: "https://api.cirrus-ci.com/v1/artifact/github/containers/netavark/success/binary.zip?branch=${NETAVARK_BRANCH}"
|
|
# Save a little typing (path relative to $CIRRUS_WORKING_DIR)
|
|
SCRIPT_BASE: "./contrib/cirrus"
|
|
IMAGE_SUFFIX: "c20251211t152018z-f43f42d14"
|
|
FEDORA_NETAVARK_IMAGE: "fedora-netavark-${IMAGE_SUFFIX}"
|
|
FEDORA_NETAVARK_AMI: "fedora-netavark-aws-arm64-${IMAGE_SUFFIX}"
|
|
EC2_INST_TYPE: "t4g.xlarge"
|
|
|
|
|
|
gcp_credentials: ENCRYPTED[f6a0e4101418bec8180783b208721fc990772817364fed0346f5fd126bf0cfca03738dd8c7fb867944637a1eac7cec37]
|
|
|
|
aws_credentials: ENCRYPTED[db54f7f642877c68cc64fb78468ef99170d387ef6ece5172b2d6fbbb8095d4d276909468c339fe3b38234340bae2189d]
|
|
|
|
build_task:
|
|
alias: "build"
|
|
# Compiling is very CPU intensive, make it chooch quicker for this task only
|
|
gce_instance: &standard_build_gce_x86_64
|
|
image_project: "libpod-218412"
|
|
zone: "us-central1-c"
|
|
disk: 200 # GB, do not set <200 per gcloud warning re: I/O performance
|
|
cpu: 8
|
|
memory: "8Gb"
|
|
image_name: "${FEDORA_NETAVARK_IMAGE}"
|
|
cargo_cache: &cargo_cache
|
|
folder: "$CARGO_HOME"
|
|
fingerprint_script: echo -e "cargo_v3_${DEST_BRANCH}_amd64\n---\n$(<Cargo.lock)\n---\n$(<Cargo.toml)"
|
|
reupload_on_changes: true
|
|
targets_cache: &targets_cache
|
|
folder: "$CARGO_TARGET_DIR"
|
|
fingerprint_script: echo -e "targets_v3_${CIRRUS_TAG}${DEST_BRANCH}${CIRRUS_PR}_amd64\n---\n$(<Cargo.lock)\n---\n$(<Cargo.toml)"
|
|
reupload_on_changes: true
|
|
bin_cache: &bin_cache
|
|
# This simply prevents rebuilding bin/aardvark-dns* or every subsequent task.
|
|
folder: "$CIRRUS_WORKING_DIR/bin"
|
|
fingerprint_key: "bin_v1_${CIRRUS_BUILD_ID}" # Cache only within same build
|
|
reupload_on_changes: true
|
|
setup_script: &setup "$SCRIPT_BASE/setup.sh $CIRRUS_TASK_NAME"
|
|
main_script: &main "$SCRIPT_BASE/runner.sh $CIRRUS_TASK_NAME"
|
|
postbuild_script: &postbuild hack/tree_status.sh
|
|
# N/B: This script comes from `main` on the netavark repo
|
|
cache_grooming_script: &groom bash "$SCRIPT_BASE/netavark_cache_groom.sh"
|
|
upload_caches: [ "cargo", "targets", "bin" ]
|
|
|
|
|
|
build_aarch64_task:
|
|
alias: "build_aarch64"
|
|
# Compiling is very CPU intensive, make it chooch quicker for this task only
|
|
ec2_instance: &standard_build_ec2_aarch64
|
|
image: "$FEDORA_NETAVARK_AMI"
|
|
type: $EC2_INST_TYPE
|
|
region: us-east-1
|
|
architecture: arm64 # CAUTION: This has to be "arm64", not aarch64.
|
|
cargo_cache: &cargo_cache_aarch64
|
|
<<: *cargo_cache
|
|
fingerprint_script: echo -e "cargo_v3_${DEST_BRANCH}_aarch64\n---\n$(<Cargo.lock)\n---\n$(<Cargo.toml)"
|
|
targets_cache: &targets_cache_aarch64
|
|
<<: *targets_cache
|
|
fingerprint_script: echo -e "targets_v3_${CIRRUS_TAG}${DEST_BRANCH}${CIRRUS_PR}_aarch64\n---\n$(<Cargo.lock)\n---\n$(<Cargo.toml)"
|
|
bin_cache: &bin_cache_aarch64
|
|
<<: *bin_cache
|
|
fingerprint_key: "cargo_v1_${DEST_BRANCH}_aarch64"
|
|
setup_script: *setup
|
|
main_script: *main
|
|
postbuild_script: *postbuild
|
|
cache_grooming_script: *groom
|
|
upload_caches: [ "cargo", "targets", "bin" ]
|
|
# Downstream CI needs the aarch64 binaries from this CI system.
|
|
# However, we don't want to confuse architectures.
|
|
art_prep_script:
|
|
- cd bin
|
|
- ls -la
|
|
- mv aardvark-dns aardvark-dns.$(uname -m)-unknown-linux-gnu
|
|
- mv aardvark-dns.debug aardvark-dns.debug.$(uname -m)-unknown-linux-gnu
|
|
- mv aardvark-dns.info aardvark-dns.info.$(uname -m)-unknown-linux-gnu
|
|
armbinary_artifacts: # See success_task
|
|
path: ./bin/aardvark-dns*
|
|
|
|
|
|
validate_task:
|
|
alias: "validate"
|
|
depends_on:
|
|
- "build"
|
|
gce_instance: &standard_gce_x86_64
|
|
<<: *standard_build_gce_x86_64
|
|
cpu: 2
|
|
memory: "4Gb"
|
|
# From this point forward, all cache's become read-only for this run.
|
|
cargo_cache: &ro_cargo_cache
|
|
<<: *cargo_cache
|
|
reupload_on_changes: false
|
|
targets_cache: &ro_targets_cache
|
|
<<: *targets_cache
|
|
reupload_on_changes: false
|
|
bin_cache: &ro_bin_cache
|
|
<<: *bin_cache
|
|
reupload_on_changes: false
|
|
setup_script: *setup
|
|
main_script: *main
|
|
|
|
|
|
validate_aarch64_task:
|
|
alias: "validate_aarch64"
|
|
depends_on:
|
|
- "build_aarch64"
|
|
ec2_instance: *standard_build_ec2_aarch64
|
|
# From this point forward, all cache's become read-only for this run.
|
|
cargo_cache: &ro_cargo_cache_aarch64
|
|
<<: *cargo_cache_aarch64
|
|
reupload_on_changes: false
|
|
targets_cache: &ro_targets_cache_aarch64
|
|
<<: *targets_cache_aarch64
|
|
reupload_on_changes: false
|
|
bin_cache: &ro_bin_cache_aarch64
|
|
<<: *bin_cache_aarch64
|
|
reupload_on_changes: false
|
|
setup_script: *setup
|
|
main_script: *main
|
|
|
|
unit_task:
|
|
alias: "unit"
|
|
depends_on:
|
|
- "build" # Run in parallel with validate to save some time
|
|
gce_instance: *standard_gce_x86_64
|
|
cargo_cache: *ro_cargo_cache
|
|
targets_cache: *ro_targets_cache
|
|
bin_cache: *ro_bin_cache
|
|
setup_script: *setup
|
|
main_script: *main
|
|
|
|
|
|
unit_aarch64_task:
|
|
alias: "unit_aarch64"
|
|
depends_on:
|
|
- "build_aarch64" # Run in parallel with validate to save some time
|
|
ec2_instance: *standard_build_ec2_aarch64
|
|
cargo_cache: *ro_cargo_cache_aarch64
|
|
targets_cache: *ro_targets_cache_aarch64
|
|
bin_cache: *ro_bin_cache_aarch64
|
|
setup_script: *setup
|
|
main_script: *main
|
|
|
|
|
|
integration_task:
|
|
alias: "integration"
|
|
depends_on:
|
|
- "unit"
|
|
gce_instance: *standard_gce_x86_64
|
|
cargo_cache: *ro_cargo_cache
|
|
targets_cache: *ro_targets_cache
|
|
bin_cache: *ro_bin_cache
|
|
setup_script: *setup
|
|
main_script: *main
|
|
|
|
|
|
integration_aarch64_task:
|
|
alias: "integration_aarch64"
|
|
depends_on:
|
|
- "unit_aarch64"
|
|
ec2_instance: *standard_build_ec2_aarch64
|
|
cargo_cache: *ro_cargo_cache_aarch64
|
|
targets_cache: *ro_targets_cache_aarch64
|
|
bin_cache: *ro_bin_cache_aarch64
|
|
setup_script: *setup
|
|
main_script: *main
|
|
|
|
|
|
# This task is critical. It updates the "last-used by" timestamp stored
|
|
# in metadata for all VM images. This mechanism functions in tandem with
|
|
# an out-of-band pruning operation to remove disused VM images.
|
|
meta_task:
|
|
alias: meta
|
|
name: "VM img. keepalive"
|
|
container:
|
|
cpu: 2
|
|
memory: 2
|
|
image: quay.io/libpod/imgts:latest
|
|
env:
|
|
# Space-separated list of images used by this repository state
|
|
IMGNAMES: "${FEDORA_NETAVARK_IMAGE}"
|
|
EC2IMGNAMES: "$FEDORA_NETAVARK_AMI"
|
|
BUILDID: "${CIRRUS_BUILD_ID}"
|
|
REPOREF: "${CIRRUS_REPO_NAME}"
|
|
AWSINI: ENCRYPTED[25d8a9c59ca344fc3b6f1f4a1781392ecd31d36c3aee9b8131855e07784bcd4637f25270bf23d0c2a709d17c6fb6e1d0]
|
|
GCPJSON: ENCRYPTED[4c8f37db84c8afb3d67932ebbf1f062e5e7e54b64e9f99624d96d828d2b8677624fb1470a9b12c097e06afeb11fb8c4e]
|
|
GCPNAME: ENCRYPTED[1d96b7a11a12abe142a2e6f5a97ff6cca2bdcbe73724d560d9a2d339b7323b911c814d814057e19932f9d339e9a4c929]
|
|
GCPPROJECT: libpod-218412
|
|
clone_script: &noop mkdir -p $CIRRUS_WORKING_DIR # source not needed
|
|
script: /usr/local/bin/entrypoint.sh
|
|
|
|
msrv_build_task:
|
|
alias: msrv_build
|
|
depends_on:
|
|
- "build"
|
|
gce_instance: *standard_gce_x86_64
|
|
container:
|
|
cpu: 2
|
|
memory: 2
|
|
# When bumping the image always remember to update the README MSRV as well.
|
|
image: quay.io/libpod/nv-rust:1.86
|
|
script:
|
|
- make build
|
|
|
|
|
|
success_task:
|
|
alias: "success"
|
|
gce_instance: *standard_gce_x86_64
|
|
name: "Total success"
|
|
depends_on:
|
|
- "build"
|
|
- "build_aarch64"
|
|
- "validate"
|
|
- "validate_aarch64"
|
|
- "unit"
|
|
- "unit_aarch64"
|
|
- "integration"
|
|
- "integration_aarch64"
|
|
- "meta"
|
|
- "msrv_build"
|
|
env:
|
|
API_URL_BASE: "https://api.cirrus-ci.com/v1/artifact/build/${CIRRUS_BUILD_ID}"
|
|
# FAIL task if all expected binary flavors are not present
|
|
EXP_BINS: >-
|
|
aardvark-dns
|
|
aardvark-dns.debug
|
|
aardvark-dns.info
|
|
aardvark-dns.aarch64-unknown-linux-gnu
|
|
aardvark-dns.debug.aarch64-unknown-linux-gnu
|
|
aardvark-dns.info.aarch64-unknown-linux-gnu
|
|
bin_cache: *ro_bin_cache
|
|
clone_script: *noop
|
|
# The paths used for uploaded artifacts are relative here and in Cirrus
|
|
artifacts_prep_script:
|
|
- set -x
|
|
- curl --fail --location -o /tmp/armbinary.zip ${API_URL_BASE}/build_aarch64/armbinary.zip
|
|
- unzip /tmp/armbinary.zip
|
|
- mv bin/* ./
|
|
- rm -rf bin
|
|
artifacts_test_script: # Other CI systems depend on all files being present
|
|
- ls -la
|
|
# If there's a missing file, show what it was in the output
|
|
- for fn in $EXP_BINS; do [[ -r "$(echo $fn|tee /dev/stderr)" ]] || exit 1; done
|
|
# Upload tested binary for consumption downstream
|
|
# https://cirrus-ci.org/guide/writing-tasks/#artifacts-instruction
|
|
binary_artifacts:
|
|
path: ./aardvark-dns*
|