[release-0.0.99.4] Prepare stable branch (part 2) #1750
Conversation
Summary of ChangesHello @debarshiray, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request is part of the ongoing effort to prepare a stable branch for an upcoming release, potentially addressing security vulnerabilities. It enhances the continuous integration pipeline by introducing system tests for Fedora 40, thereby expanding test coverage and ensuring the project's stability and compatibility with newer operating system versions. This proactive measure helps maintain the quality and reliability of the codebase. Highlights
🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console. Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
debarshiray
force-pushed
the
wip/rishi/prepare-release-0.0.99.4-part-2
branch
from
78c171a to
8003413
Compare
containers#1468 containers#1740 containers#1750 (cherry picked from commit 9ea8967) (cherry picked from commit ec3553b)
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request successfully introduces a new system test job for Fedora 40 into the Zuul CI/CD configuration. The new job definition is consistent with existing Fedora system tests, and its inclusion in the periodic, check, and gate sections ensures comprehensive testing coverage for the new environment. The changes are well-structured and align with the project's existing CI practices.
|
Build failed. ✔️ unit-test SUCCESS in 1m 52s |
Any image or container that has APT or systemd may have /etc/kernel. eg., the arch-toolbox and ubuntu-toolbox images. containers#1409 containers#1750 Signed-off-by: Penn Bauman <me@pennbauman.com> (backported from commit 2f3ee0e)
containers#1468 containers#1740 containers#1750 (cherry picked from commit 9ea8967) (cherry picked from commit ec3553b)
The working directory from which bats(1) is invoked might not be part of
the Toolbx container. eg., Podman's downstream Fedora CI invokes the
tests as:
$ cd /path/to/toolbox/test/system
$ bats .
... and it led to [1]:
not ok 110 run: Smoke test with true(1)
# (from function `assert_output' in file
./libs/bats-assert/src/assert.bash, line 255,
# in test file ./104-run.bats, line 38)
# `assert_output ""' failed
#
# -- output differs --
# expected (0 lines):
#
# actual (3 lines):
# Error: crun: chdir to `/usr/share/toolbox/test/system`: No such
file or directory: OCI runtime attempted to invoke a command that
was not found
# Error: directory /usr/share/toolbox/test/system not found in
container fedora-toolbox-41
# Using /home/testuser instead.
# --
#
[1] https://bugzilla.redhat.com/show_bug.cgi?id=2263968
containers#1457
containers#1740
containers#1750
(cherry picked from commit 9d3ae61)
(backported from commit c0fb8f3)
Fedora 38 reached End of Life on 21st May 2024: https://docs.fedoraproject.org/en-US/releases/eol/ containers#1527 containers#1741 containers#1750 (cherry picked from commit b684b19) (cherry picked from commit 4e54402)
debarshiray
force-pushed
the
wip/rishi/prepare-release-0.0.99.4-part-2
branch
from
8003413 to
acae699
Compare
|
Build failed. ✔️ unit-test SUCCESS in 1m 43s |
This was due to: ... which was fixed in commit 2f3ee0e in the |
|
Build failed. ✔️ unit-test SUCCESS in 1m 45s |
|
Build failed. ❌ unit-test RETRY_LIMIT in 47s |
|
recheck |
|
Build failed. ❌ unit-test RETRY_LIMIT in 50s |
|
recheck |
|
Build failed. ✔️ unit-test SUCCESS in 1m 41s |
This was due to: It looks like a breakage in Fedora Rawhide that eventually got fixed. |
It's far more consistent and understandable if all tests start with a clean state without any containers or images present. Otherwise, the subtle side-effects of having some image left behind from a previous test can lead to surprises, and there's no need to spend time wondering whether some tests should only clean up the containers or both containers and images. This additional work of cleaning up the images for all tests makes it necessary to increase the timeout for all Fedora nodes to prevent the CI from timing out. containers#1526 containers#1741 containers#1750 (backported from commits 67d4002 and 55c0e63) (backported from commit 23b4a34)
|
Build succeeded. ✔️ unit-test SUCCESS in 1m 48s |
Currently, the CI has been frequently timing out on stable Fedora nodes. So, increase the timeout from 1 hour 50 minutes to 2 hours to avoid that. For what it's worth, the timeout for Fedora Rawhide nodes is 2 hours 10 minutes and it seems enough. containers#1546 containers#1741 containers#1750 (backported from commit f2dc3b8) (cherry picked from commit 316a3b1)
This keeps the timeout for the Fedora nodes synchronized with the main branch. containers#1548 containers#1741 containers#1750 (backported from commit 83f28c5) (cherry picked from commit c09ef38)
The system tests download several images when setting up the test suite,
and cache them for later use by the tests [1]. This saves time and
avoids hitting rate limits imposed by OCI registries by not downloading
the same images repeatedly for several tests, but at the cost of
increased use of storage space to cache the images.
The images are cached under BATS_TMPDIR. It defaults to the TMPDIR
environment variable, and if that's not set then to /tmp [2]. Normally,
TMPDIR isn't set, and the images end up getting cached under /tmp. Now,
/tmp is typically on tmpfs backed by RAM or swap, which means that it
should be used for smaller size-bounded files only, and /var/tmp should
be used for everything else [3].
The images are big enough that a collection of them can't be described
as smaller and size-bounded, and it led to:
1..306
# test suite: Set up
# test suite: Tear down
not ok 1 setup_suite
# (from function `setup_suite' in test file ./setup_suite.bash, line
55)
# `_pull_and_cache_distro_image fedora "$((system_version-1))" ||
false' failed
# Failed to cache image registry.fedoraproject.org/fedora-toolbox:40
to /tmp/bats-run-IPz4Cn/image-cache/fedora-toolbox-40
# time="2024-02-19T11:41:43Z" level=fatal msg="copying system image
from manifest list: writing blob: write
/tmp/bats-run-IPz4Cn/image-cache/fedora-toolbox-40/dir-put-blob607392514:
no space left on device"
# bats warning: Executed 1 instead of expected 306 tests
So, change the default location of the BATS_TMPDIR environment variable
to /var/tmp by setting TMPDIR.
[1] Commit 50683c9
containers@50683c9d9a78adc9
containers#375
[2] https://bats-core.readthedocs.io/en/stable/writing-tests.html
[3] https://systemd.io/TEMPORARY_DIRECTORIES/
containers#1462
containers#1742
containers#1750
(backported from commit 571dc97)
(cherry picked from commit dc8a35d)
containers#1550 containers#1742 containers#1750 (cherry picked from commit 679bf87) (cherry picked from commit 1062e24)
|
Build succeeded. ✔️ unit-test SUCCESS in 1m 54s |
|
Build succeeded. ✔️ unit-test SUCCESS in 1m 50s |
|
Build succeeded. ✔️ unit-test SUCCESS in 1m 44s |
|
Build succeeded. ✔️ unit-test SUCCESS in 1m 44s |
|
Build failed. ✔️ unit-test SUCCESS in 1m 43s |
|
recheck |
The working directory from which bats(1) is invoked might not be part of
the Toolbx container. eg., the downstream Fedora CI invokes the tests
as:
$ cd /path/to/toolbox/test/system
$ bats .
... and it led to:
not ok 8 help: Try unknown command (forwarded to host)
# tags: commands-options
# (from function `assert_line' in file
./libs/bats-assert/src/assert.bash, line 488,
# in test file ./002-help.bats, line 135)
# `assert_line --index 0
"Error: unknown command \"foo\" for \"toolbox\""' failed
#
# -- line differs --
# index : 0
# expected : Error: unknown command "foo" for "toolbox"
# actual : Error: crun: chdir to `/usr/share/toolbox/test/system`:
No such file or directory: OCI runtime attempted to invoke a
command that was not found
# --
#
containers#1560
containers#1745
containers#1750
(backported from commit 1e90c72)
(cherry picked from commit acdafef)
Fedora 39 reached End of Life on 26th November 2024: https://docs.fedoraproject.org/en-US/releases/eol/ containers#1602 containers#1745 containers#1750 (backported from commit 0bb4ff8) (cherry picked from commit 23a9850)
|
Build failed. ✔️ unit-test SUCCESS in 1m 39s |
|
recheck |
|
Build failed. ✔️ unit-test SUCCESS in 1m 41s |
2 participants
... for CVE-2025-65637 or GHSA-4f99-4q7p-p3gh.
https://github.com/containers/toolbox/security/dependabot/26