12:30 p.m.
I've tested this on our hosts that are using for gitlab integration
tests and everything seems to be working now.
There were multiple issues I've encountered:
- on Fedora 41 current selinux policy silently blocks virtnwfilterd
to create_socket_perms for packet_socket resulting in this error:
internal error: setup of pcap handle failed: can't mmap rx ring: Permission
denied
I've created temporary selinux module to allow this permission, need
to post a patch to fedora selinux policy to fix this.
- libvirt-tck uses for some tests sleep(30) to wait for VM to boot
but on our hosts it sometimes took a bit longer resulting in
random failures, posted patches to libvirt-tck to fix this issue
- lcitool is not able to prepare Fedora 41 vm as there is no
python3-libdnf5 by default installed and ansible fails with error
Pavel Hrdina (3):
ci: use iptables to run libvirt-tck
ci: use Fedora 41 to run integration tests
ci: refresh with 'lcitool manifest'
ci/buildenv/{alpine-319.sh => alpine-321.sh} | 0
...e-319.Dockerfile => alpine-321.Dockerfile} | 2 +-
ci/gitlab/builds.yml | 8 ++++----
ci/gitlab/containers.yml | 4 ++--
ci/integration.yml | 20 +++++++++----------
ci/jobs.sh | 3 +++
ci/manifest.yml | 2 +-
7 files changed, 21 insertions(+), 18 deletions(-)
rename ci/buildenv/{alpine-319.sh => alpine-321.sh} (100%)
rename ci/containers/{alpine-319.Dockerfile => alpine-321.Dockerfile} (98%)
--
2.48.1
12:30 p.m.
New subject: [libvirt PATCH 1/3] ci: use iptables to run libvirt-tck
On current Fedora libvirt uses nftables by default but the libvirt-tck
tests are not ready for it and most of the nwfilter tests fail. We need
to keep using iptables for now.
Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
---
ci/jobs.sh | 3 +++
1 file changed, 3 insertions(+)
diff --git a/ci/jobs.sh b/ci/jobs.sh
index 9a1c668d2e..6ded80af34 100644
--- a/ci/jobs.sh
+++ b/ci/jobs.sh
@@ -124,6 +124,9 @@ run_integration() {
DAEMONS="virtinterfaced virtlockd virtlogd virtnetworkd virtnodedevd
virtnwfilterd virtproxyd virtqemud virtsecretd virtstoraged"
fi
+ # Force libvirt to use iptables to make sure libvirt-tck tests don't fail
+ run_cmd_quiet sudo augtool set /files/etc/libvirt/network.conf/firewall_backend
"'iptables'"
+
echo "DAEMONS=$DAEMONS"
for daemon in $DAEMONS
do
--
2.48.1
12:30 p.m.
New subject: [libvirt PATCH 2/3] ci: use Fedora 41 to run integration tests
Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
---
ci/integration.yml | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/ci/integration.yml b/ci/integration.yml
index ced3fbc3c2..2c5e5a65bc 100644
--- a/ci/integration.yml
+++ b/ci/integration.yml
@@ -29,23 +29,23 @@ centos-stream-9-tests:
# and libvirt-python CI jobs, so the new target needs to be introduced
# there before it can be used here. The VM template for the target
# also needs to be created on the runner host.
-fedora-40-tests:
+fedora-41-tests:
extends: .integration_tests
variables:
# needed by libvirt-gitlab-executor
- DISTRO: fedora-40
+ DISTRO: fedora-41
# can be overridden in forks to set a different runner tag
LIBVIRT_CI_INTEGRATION_RUNNER_TAG: redhat-vm-host
tags:
- $LIBVIRT_CI_INTEGRATION_RUNNER_TAG
needs:
- - x86_64-fedora-40
+ - x86_64-fedora-41
- project: libvirt/libvirt-perl
- job: x86_64-fedora-40
+ job: x86_64-fedora-41
ref: master
artifacts: true
- project: libvirt/libvirt-python
- job: x86_64-fedora-40
+ job: x86_64-fedora-41
ref: master
artifacts: true
@@ -53,22 +53,22 @@ fedora-40-tests:
# and libvirt-python CI jobs, so the new target needs to be introduced
# there before it can be used here. The VM template for the target
# also needs to be created on the runner host.
-.fedora-40-upstream-qemu-tests:
+.fedora-41-upstream-qemu-tests:
extends: .integration_tests
variables:
# needed by libvirt-gitlab-executor
- DISTRO: fedora-40
+ DISTRO: fedora-41
# can be overridden in forks to set a different runner tag
LIBVIRT_CI_INTEGRATION_RUNNER_TAG: redhat-vm-host
tags:
- $LIBVIRT_CI_INTEGRATION_RUNNER_TAG
needs:
- - x86_64-fedora-40
+ - x86_64-fedora-41
- project: libvirt/libvirt-perl
- job: x86_64-fedora-40
+ job: x86_64-fedora-41
ref: master
artifacts: true
- project: libvirt/libvirt-python
- job: x86_64-fedora-40
+ job: x86_64-fedora-41
ref: master
artifacts: true
--
2.48.1
12:30 p.m.
New subject: [libvirt PATCH 3/3] ci: refresh with 'lcitool manifest'
Replace Alpine Linux v3.19 with v3.21.
Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
---
ci/buildenv/{alpine-319.sh => alpine-321.sh} | 0
.../{alpine-319.Dockerfile => alpine-321.Dockerfile} | 2 +-
ci/gitlab/builds.yml | 8 ++++----
ci/gitlab/containers.yml | 4 ++--
ci/manifest.yml | 2 +-
5 files changed, 8 insertions(+), 8 deletions(-)
rename ci/buildenv/{alpine-319.sh => alpine-321.sh} (100%)
rename ci/containers/{alpine-319.Dockerfile => alpine-321.Dockerfile} (98%)
diff --git a/ci/buildenv/alpine-319.sh b/ci/buildenv/alpine-321.sh
similarity index 100%
rename from ci/buildenv/alpine-319.sh
rename to ci/buildenv/alpine-321.sh
diff --git a/ci/containers/alpine-319.Dockerfile b/ci/containers/alpine-321.Dockerfile
similarity index 98%
rename from ci/containers/alpine-319.Dockerfile
rename to ci/containers/alpine-321.Dockerfile
index 2e4842ef3e..2351b03653 100644
--- a/ci/containers/alpine-319.Dockerfile
+++ b/ci/containers/alpine-321.Dockerfile
@@ -4,7 +4,7 @@
#
# https://gitlab.com/libvirt/libvirt-ci
-FROM docker.io/library/alpine:3.19
+FROM docker.io/library/alpine:3.21
RUN apk update && \
apk upgrade && \
diff --git a/ci/gitlab/builds.yml b/ci/gitlab/builds.yml
index 9c2f0ecad8..0534a2278d 100644
--- a/ci/gitlab/builds.yml
+++ b/ci/gitlab/builds.yml
@@ -33,15 +33,15 @@ x86_64-almalinux-9-clang:
TARGET_BASE_IMAGE: docker.io/library/almalinux:9
-x86_64-alpine-319:
+x86_64-alpine-321:
extends: .native_build_job
needs:
- - job: x86_64-alpine-319-container
+ - job: x86_64-alpine-321-container
optional: true
allow_failure: false
variables:
- NAME: alpine-319
- TARGET_BASE_IMAGE: docker.io/library/alpine:3.19
+ NAME: alpine-321
+ TARGET_BASE_IMAGE: docker.io/library/alpine:3.21
x86_64-alpine-edge:
diff --git a/ci/gitlab/containers.yml b/ci/gitlab/containers.yml
index 0cfc8ca952..0e86062652 100644
--- a/ci/gitlab/containers.yml
+++ b/ci/gitlab/containers.yml
@@ -14,11 +14,11 @@ x86_64-almalinux-9-container:
NAME: almalinux-9
-x86_64-alpine-319-container:
+x86_64-alpine-321-container:
extends: .container_job
allow_failure: false
variables:
- NAME: alpine-319
+ NAME: alpine-321
x86_64-alpine-edge-container:
diff --git a/ci/manifest.yml b/ci/manifest.yml
index 2c036aaa39..3bfebed96c 100644
--- a/ci/manifest.yml
+++ b/ci/manifest.yml
@@ -19,7 +19,7 @@ targets:
RPM: skip
CC: clang
- alpine-319: x86_64
+ alpine-321: x86_64
alpine-edge:
jobs:
--
2.48.1
6:46 p.m.
On Tue, Feb 25, 2025 at 10:30:46AM +0100, Pavel Hrdina wrote:
I've tested this on our hosts that are using for gitlab
integration
tests and everything seems to be working now.
There were multiple issues I've encountered:
- on Fedora 41 current selinux policy silently blocks virtnwfilterd
to create_socket_perms for packet_socket resulting in this error:
internal error: setup of pcap handle failed: can't mmap rx ring: Permission
denied
I've created temporary selinux module to allow this permission, need
to post a patch to fedora selinux policy to fix this.
- libvirt-tck uses for some tests sleep(30) to wait for VM to boot
but on our hosts it sometimes took a bit longer resulting in
random failures, posted patches to libvirt-tck to fix this issue
- lcitool is not able to prepare Fedora 41 vm as there is no
python3-libdnf5 by default installed and ansible fails with error
Pavel Hrdina (3):
ci: use iptables to run libvirt-tck
With this one we'll stop checking some parts and if this continues it'll
just be an integration test suite which we run just for the sake of
running it. That's not anything against you or this patch series, just
a sigh from my side.
ci: use Fedora 41 to run integration tests
ci: refresh with 'lcitool manifest'
Series:
Reviewed-by: Martin Kletzander <mkletzan(a)redhat.com>
ci/buildenv/{alpine-319.sh => alpine-321.sh} | 0
...e-319.Dockerfile => alpine-321.Dockerfile} | 2 +-
ci/gitlab/builds.yml | 8 ++++----
ci/gitlab/containers.yml | 4 ++--
ci/integration.yml | 20 +++++++++----------
ci/jobs.sh | 3 +++
ci/manifest.yml | 2 +-
7 files changed, 21 insertions(+), 18 deletions(-)
rename ci/buildenv/{alpine-319.sh => alpine-321.sh} (100%)
rename ci/containers/{alpine-319.Dockerfile => alpine-321.Dockerfile} (98%)
--
2.48.1
16
days inactive
16
days old
4 comments
2 participants
participants (2)
-
Martin Kletzander -
Pavel Hrdina