Task #7884
closedMove the pulp_installer Vagrant tests off Travis
100%
Description
The current plan: Use Qemu emulation on GHA. This is due to us discovering that the performance is tolerable. The advantages of simple security on ephemeral public CI and maintenance outweigh the performance advantage. As a related implication, users' forks/PRs can run on GHA.
Related issues
Updated by mdepaulo@redhat.com about 4 years ago
- Sprint set to Sprint 86
I submitted the ticket: https://pagure.io/centos-infra/issue/158
Updated by mdepaulo@redhat.com about 4 years ago
- Status changed from NEW to ASSIGNED
- % Done changed from 0 to 10
Updated by mdepaulo@redhat.com almost 4 years ago
- Related to Task #7960: FIPS and support for ALLOWED_CONTENT_CHECKSUMS added
Updated by mdepaulo@redhat.com almost 4 years ago
- Description updated (diff)
This was the previous plan: To use CentOS CI. Largely because Foreman / forklift (Vagrant) is already using it. Work will involve:
- Finishing the onboarding process with the CentOS/Fedora infra team
- hooking CentOS CI's Jenkins into GitHub
- migrating from the Travis yml file to a Jenkinsfile
- Migrating scripts from Ubuntu to CentOS 7 or 8
The current plan: Use Qemu emulation on GHA. This is due to us discovering that the performance is tolerable. The advantages of simple security on ephemeral public CI and maintenance outweigh the performance advantage. As a related implication, users' forks/PRs can run on GHA.
Work is ongoing on this branch: https://github.com/pulp/pulp_installer/pull/503/files
Updated by mdepaulo@redhat.com almost 4 years ago
- Related to Issue #8095: geerlingguy.postgresql role (pulp_installer) now errors under FIPS mode added
Updated by daviddavis almost 4 years ago
- Blocks Task #3800: Add FIPS to the CI matrix in the plugin_template added
Updated by mdepaulo@redhat.com almost 4 years ago
FYI: Reference on using Qemu emulation: https://github.com/fort-nix/nix-bitcoin/pull/272#issuecomment-736655102 "The runtime increases by factor ~2.5 on x86-64, which is acceptable."
It takes longer for us than that, but still.
Updated by mdepaulo@redhat.com almost 4 years ago
From the 1/26 open floor:
- Which pulp_installer FIPS/Vagrant tests, which take ~90 min, to run for PRs vs cronjobs vs tagged jobs?
- Mike's proposal:
- PRs:
- pulp3-source-centos7-fips
- pulp3-source-centos8-fips
- cron:
- pulp3-source-centos7-fips
- pulp3-source-centos8-fips
- pulp3-sandbox-centos7-fips
- pulp3-sandbox-centos8-fips
- pulp3-source-fedora32
- pulp3-source-debian10
- tagged:
- pulp3-sandbox-centos7-fips
- pulp3-sandbox-centos8-fips
- branches:
- None
- We'd sometimes merge PRs while the 2 jobs are still running
- Will re-evaluate once SELinux CI is finished
- PRs:
- Mike's proposal:
Added by Mike DePaulo almost 4 years ago
Added by Mike DePaulo almost 4 years ago
Revision 13db1da1 | View on GitHub
Use Qemu emulation on GHA for Vagrant tests
Adapted from: https://github.com/pulp/pulplift/pull/66 "RFC: Testing nested Virtualization"
Implementation Includes:
- Upgrade Qemu from 4.4 to 5.2 from our PPA to address a severe bug affecting CentOS 7 guests, they could not even validate SSL certs with curl / yum or create the Pulp postgres database.
- Upgrade the rest of the virtualization stack on Ubuntu
- Address the EL8 vagrant-sshfs workaround task failing due to a GPG signature mismatch.
- Workaround a bug with VM storage on the newer virtualization stack.
- Switch the boxes used on CentOS 7 for more recent updates.
- Reducing how long the pulp health check may take, particularly when there is a connection timed out.
workaround #8095: FIPS failure in geerlingguy.postgresql by using an old version. https://pulp.plan.io/issues/8095
workaround #7993: pulp_installer fails to create the database on EL7 when LANG=C.UTF-8 https://pulp.plan.io/issues/7993
fixes: #7884 Move the pulp_installer Vagrant tests off Travis https://pulp.plan.io/issues/7884
Updated by pulpbot almost 4 years ago
- Status changed from ASSIGNED to POST
Updated by Anonymous almost 4 years ago
- Status changed from POST to MODIFIED
Applied in changeset ansible-pulp|13db1da189b33b66631871ee690098909d9df110.
Updated by ipanova@redhat.com almost 4 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
Use Qemu emulation on GHA for Vagrant tests
Adapted from: https://github.com/pulp/pulplift/pull/66 "RFC: Testing nested Virtualization"
Implementation Includes:
workaround #8095: FIPS failure in geerlingguy.postgresql by using an old version. https://pulp.plan.io/issues/8095
workaround #7993: pulp_installer fails to create the database on EL7 when LANG=C.UTF-8 https://pulp.plan.io/issues/7993
fixes: #7884 Move the pulp_installer Vagrant tests off Travis https://pulp.plan.io/issues/7884