Skip to content

Commit

Permalink
add tests
Browse files Browse the repository at this point in the history
Signed-off-by: Kohei Tokunaga <[email protected]>
  • Loading branch information
ktock committed May 22, 2024
1 parent 5ca4c7e commit 4e6b699
Show file tree
Hide file tree
Showing 4 changed files with 53 additions and 8 deletions.
16 changes: 9 additions & 7 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,8 @@ ARG RUNC_VERSION=v1.1.12
ARG CNI_PLUGINS_VERSION=v1.4.1
ARG NERDCTL_VERSION=1.7.6

ARG PODMAN_VERSION=v5.0.2
ARG CRIO_VERSION=v1.30.0
ARG PODMAN_VERSION=main
ARG CRIO_VERSION=main
ARG CONMON_VERSION=v2.1.11
ARG COMMON_VERSION=v0.58.2
ARG CRIO_TEST_PAUSE_IMAGE_NAME=registry.k8s.io/pause:3.6
Expand Down Expand Up @@ -107,7 +107,7 @@ ARG CTR_REMOTE_BUILD_FLAGS
COPY . $GOPATH/src/github.com/containerd/stargz-snapshotter
ARG CGO_ENABLED
RUN cd $GOPATH/src/github.com/containerd/stargz-snapshotter && \
PREFIX=/out/ GOARCH=${TARGETARCH:-amd64} GO_BUILD_FLAGS=${SNAPSHOTTER_BUILD_FLAGS} make stargz-store
PREFIX=/out/ GOARCH=${TARGETARCH:-amd64} GO_BUILD_FLAGS=${SNAPSHOTTER_BUILD_FLAGS} make stargz-store stargz-store-helper

# Build podman
FROM golang-base AS podman-dev
Expand All @@ -123,10 +123,12 @@ RUN apt-get update -y && apt-get install -y libseccomp-dev libgpgme-dev && \
FROM golang:1.22-bullseye AS cri-o-dev
ARG CRIO_VERSION
RUN apt-get update -y && apt-get install -y libseccomp-dev libgpgme-dev && \
git clone https://github.com/cri-o/cri-o $GOPATH/src/github.com/cri-o/cri-o && \
cd $GOPATH/src/github.com/cri-o/cri-o && \
git checkout ${CRIO_VERSION} && \
make && make install PREFIX=/out/ && \
git clone https://github.com/cri-o/cri-o $GOPATH/src/github.com/cri-o/cri-o

WORKDIR $GOPATH/src/github.com/cri-o/cri-o
RUN git checkout ${CRIO_VERSION}
RUN echo 'replace github.com/containers/image/v5 => github.com/ktock/image/v5 55844d4e5315fb91b4e96b84fd8b2c53fa3613d0' >> go.mod
RUN make vendor && make && make install PREFIX=/out/ && \
curl -sSL --output /out/crio.service https://raw.githubusercontent.com/cri-o/cri-o/${CRIO_VERSION}/contrib/systemd/crio.service

# Build conmon
Expand Down
1 change: 1 addition & 0 deletions script/config-cri-o/etc/containers/registries.conf
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
unqualified-search-registries = ['docker.io']
additional-layer-store-auth-helper = "stargz-store-helper"
42 changes: 42 additions & 0 deletions script/cri-o/test-stargz.sh
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ CONTEXT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )/"
REPO="${CONTEXT}../../"

REGISTRY_HOST="cri-registry"
REGISTRY_HOST_AUTH="cri-registry-auth"
TEST_NODE_NAME="cri-testenv-container"
CRIO_SOCK=unix:///run/crio/crio.sock
PREPARE_NODE_NAME="cri-prepare-node"
Expand All @@ -36,6 +37,9 @@ STORE_CONFIG=$(mktemp)
TMPFILE=$(mktemp)
LOG_FILE=$(mktemp)
MIRROR_TMP=$(mktemp -d)
AUTH_DIR=$(mktemp -d)
DOCKERCONFIG=$(mktemp)
echo "${DOCKER_COMPOSE_YAML}"
function cleanup {
ORG_EXIT_CODE="${1}"
docker-compose -f "${DOCKER_COMPOSE_YAML}" down -v || true
Expand All @@ -46,6 +50,8 @@ function cleanup {
rm "${TMPFILE}" || true
rm "${LOG_FILE}" || true
rm -rf "${MIRROR_TMP}" || true
rm -rf "${AUTH_DIR}" || true
rm "${DOCKERCONFIG}" || true
exit "${ORG_EXIT_CODE}"
}
trap 'cleanup "$?"' EXIT SIGHUP SIGINT SIGQUIT SIGTERM
Expand All @@ -70,6 +76,12 @@ function retry {
fi
}

DUMMYUSER=dummyuser
DUMMYPASS=dummypass
echo "Preparing creds..."
prepare_creds "${AUTH_DIR}" "${REGISTRY_HOST_AUTH}" "${DUMMYUSER}" "${DUMMYPASS}"
echo -n '{"auths":{"'"${REGISTRY_HOST_AUTH}"':5000":{"auth":"'$(echo -n "${DUMMYUSER}:${DUMMYPASS}" | base64 -i -w 0)'"}}}' > "${DOCKERCONFIG}"

# Prepare the testing node and registry
cat <<EOF > "${DOCKER_COMPOSE_YAML}"
version: "3.3"
Expand All @@ -84,6 +96,7 @@ services:
- /dev/fuse:/dev/fuse
- "critest-crio-data:/var/lib/containers"
- "critest-crio-stargz-store-data:/var/lib/stargz-store"
- ${AUTH_DIR}:/auth
image-prepare:
image: "${PREPARE_NODE_IMAGE}"
container_name: "${PREPARE_NODE_NAME}"
Expand All @@ -100,9 +113,21 @@ services:
- "critest-prepare-containerd-stargz-grpc-data:/var/lib/containerd-stargz-grpc"
- "${REPO}:/go/src/github.com/containerd/stargz-snapshotter:ro"
- "${MIRROR_TMP}:/tools/"
- ${AUTH_DIR}:/auth
registry:
image: registry:2
container_name: ${REGISTRY_HOST}
registryauth:
image: registry:2
container_name: ${REGISTRY_HOST_AUTH}
environment:
- REGISTRY_AUTH=htpasswd
- REGISTRY_AUTH_HTPASSWD_REALM="Registry Realm"
- REGISTRY_AUTH_HTPASSWD_PATH=/auth/auth/htpasswd
- REGISTRY_HTTP_TLS_CERTIFICATE=/auth/certs/domain.crt
- REGISTRY_HTTP_TLS_KEY=/auth/certs/domain.key
volumes:
- ${AUTH_DIR}:/auth
volumes:
critest-crio-data:
critest-crio-stargz-store-data:
Expand All @@ -113,6 +138,18 @@ docker-compose -f "${DOCKER_COMPOSE_YAML}" up -d --force-recreate

retry docker exec "${PREPARE_NODE_NAME}" curl -k --head "http://${REGISTRY_HOST}:5000/v2/"

# Mirror images used for auth test
docker exec "${PREPARE_NODE_NAME}" cp /auth/certs/domain.crt /usr/local/share/ca-certificates
docker exec "${PREPARE_NODE_NAME}" update-ca-certificates
docker exec "${PREPARE_NODE_NAME}" go install github.com/google/go-containerregistry/cmd/crane@latest
docker exec "${PREPARE_NODE_NAME}" mkdir /root/.docker/
docker cp "${DOCKERCONFIG}" "${PREPARE_NODE_NAME}:/root/.docker/config.json"
docker exec "${PREPARE_NODE_NAME}" crane copy ghcr.io/stargz-containers/ubuntu:22.04-esgz "${REGISTRY_HOST_AUTH}":5000/ubuntu:22.04-esgz

# Configure registry cert
docker exec "${TEST_NODE_NAME}" cp /auth/certs/domain.crt /usr/local/share/ca-certificates
docker exec "${TEST_NODE_NAME}" update-ca-certificates

# Mirror and optimize all images used in tests
echo "${REGISTRY_HOST}:5000" > "${MIRROR_TMP}/host"
cp "${IMAGE_LIST}" "${MIRROR_TMP}/list"
Expand Down Expand Up @@ -183,6 +220,11 @@ echo "===== VERSION INFORMATION ====="
docker exec "${TEST_NODE_NAME}" runc --version
docker exec "${TEST_NODE_NAME}" crio --version
echo "==============================="

# Do auth test
docker exec "${TEST_NODE_NAME}" /go/bin/crictl --runtime-endpoint=${CRIO_SOCK} pull --creds "${DUMMYUSER}:${DUMMYPASS}" "${REGISTRY_HOST_AUTH}":5000/ubuntu:22.04-esgz

# Do CRI Validation test
docker exec "${TEST_NODE_NAME}" /go/bin/critest --runtime-endpoint=${CRIO_SOCK}

echo "Check all remote snapshots are created successfully"
Expand Down
2 changes: 1 addition & 1 deletion script/podman/config/podman-rootless-stargz-store.service
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ Description=Stargz Store service for Podman
[Service]
# This pipes stargz-store's IO to the shell otherwise they are lost and can't be managed by systemd.
# TODO: fix this and do not use pipe
ExecStart=/bin/bash -c "podman unshare stargz-store --log-level=debug --root %h/.local/share/stargz-store/data %h/.local/share/stargz-store/store 2>&1 | cat"
ExecStart=/bin/bash -c "podman unshare stargz-store --log-level=debug --root %h/.local/share/stargz-store/data --addr %h/.local/share/stargz-store/store.sock %h/.local/share/stargz-store/store 2>&1 | cat"
ExecStopPost=podman unshare umount %h/.local/share/stargz-store/store

[Install]
Expand Down

0 comments on commit 4e6b699

Please sign in to comment.