- test
- respdiff
- deploy
- - pkgtest
+ - obs
+ - pkg
# https://docs.gitlab.com/ce/ci/jobs/job_control.html#select-different-runner-tags-for-each-parallel-matrix-job
.multi_platform: &multi_platform
- ${MESON_TEST} --suite unit --suite config --no-suite snowflake --wrap="valgrind --leak-check=full --trace-children=yes --quiet --suppressions=/lj.supp"
- MESON_TESTTHREADS=1 ${MESON_TEST} --wrap="valgrind --leak-check=full --trace-children=yes --quiet --suppressions=/lj.supp" --suite snowflake
-pkgtest:
- stage: test
- trigger:
- include: ci/pkgtest.yaml
- strategy: depend
- needs:
- - build-stable
- variables: # https://gitlab.nic.cz/help/ci/yaml/README.md#artifact-downloads-to-child-pipelines
- PARENT_PIPELINE_ID: $CI_PIPELINE_ID
- except:
- refs:
- - master@knot/knot-resolver
- - master@knot/security/knot-resolver
- - tags
- variables:
- - $SKIP_CI == "1"
-
pytests:
<<: *test_flaky
needs:
obs:odvr:
<<: *obs_trigger
- stage: pkgtest # last stage to ensure it doesn't block anything
+ stage: obs # last stage to ensure it doesn't block anything
only:
- tags
variables:
when: manual
# }}}
-# pkgtest {{{
+# obs {{{
.deploytest: &deploytest
- stage: pkgtest
+ stage: obs
only:
variables:
- $OBS_REPO =~ /^knot-resolver-devel|knot-dns-devel|knot-resolver-testing$/
DISTROTEST_NAME: ubuntu2204
DISTROTEST_REPO: xUbuntu_22.04
-.packagingtest: &packagingtest
- stage: pkgtest
- only:
- refs:
- - nightly@knot/knot-resolver
- needs: []
+# }}}
+
+# pkg {{{
+.pkg_deb_extras: &pkg_deb_extras
+ before_script:
+ - apt update
+
+.enable_repo_build: &enable_repo_build
+ before_script:
+ - ./scripts/enable-repo-cznic-labs.sh knot-dns
+
+.pkg_test: &pkg_test
+ stage: pkg
+ needs:
+ - pkg:make-archive
tags:
- - dind
+ - lxc
- amd64
- variables:
- DISTRO: debian_10
script:
- - pytest -r fEsxX tests/packaging -k $DISTRO
-
-packaging:centos_8:
- <<: *packagingtest
- variables:
- DISTRO: centos_8
-
-packaging:fedora_31:
- <<: *packagingtest
- variables:
- DISTRO: fedora_31
+ # make sure the archive from pkg:make-archive is available
+ - apkg info cache | grep archive/dev
+ - apkg install --build-dep
+ - apkg test --test-dep
+ artifacts:
+ expire_in: 1 week
+ paths:
+ - pkg/pkgs/
-packaging:fedora_32:
- <<: *packagingtest
- variables:
- DISTRO: fedora_32
+.pkg_test_user: &pkg_test_user
+ <<: *pkg_test
+ script:
+ - apkg info cache | grep archive/dev
+ - apkg build-dep --test-dep
+ - apkg make-archive
+ - chgrp -R test .
+ - chmod -R g+rwX .
+ - find -type d -exec chmod g+s {} +
+ - git config core.sharedRepository group
+ - sudo -u test git config --global --add safe.directory '*'
+ - sudo -u test apkg build
+ - apkg install
+ - apkg test
+
+.pkg_test_deb: &pkg_test_deb
+ <<: *pkg_test
+ <<: *pkg_deb_extras
+
+pkg:make-archive:
+ # archive is created once and reused in other pkg jobs
+ <<: *pkg_deb_extras
+ stage: pkg
+ image: $CI_REGISTRY/packaging/apkg/full/ubuntu-24.04
+ tags:
+ - lxc
+ - amd64
+ needs: []
+ artifacts:
+ paths:
+ - pkg/
+ script:
+ - apkg build-dep
+ - apkg make-archive
+pkg:debian-12:
+ <<: *pkg_test_deb
+ <<: *enable_repo_build
+ image: $CI_REGISTRY/packaging/apkg/full/debian-12
+
+pkg:debian-11:
+ <<: *pkg_test_deb
+ <<: *enable_repo_build
+ image: $CI_REGISTRY/packaging/apkg/full/debian-11
+
+pkg:ubuntu-24.04:
+ <<: *pkg_test_deb
+ image: $CI_REGISTRY/packaging/apkg/full/ubuntu-24.04
+
+pkg:ubuntu-22.04:
+ <<: *pkg_test_deb
+ <<: *enable_repo_build
+ image: $CI_REGISTRY/packaging/apkg/full/ubuntu-22.04
+
+pkg:ubuntu-20.04:
+ <<: *pkg_test_deb
+ <<: *enable_repo_build
+ image: $CI_REGISTRY/packaging/apkg/full/ubuntu-20.04
+
+pkg:fedora-39:
+ <<: *pkg_test
+ image: $CI_REGISTRY/packaging/apkg/full/fedora-39
+
+pkg:fedora-38:
+ <<: *pkg_test
+ image: $CI_REGISTRY/packaging/apkg/full/fedora-38
+
+pkg:alma-9:
+ <<: *pkg_test
+ image: $CI_REGISTRY/packaging/apkg/full/alma-9
+
+pkg:arch:
+ <<: *pkg_test_user
+ image: $CI_REGISTRY/packaging/apkg/full/arch
+ before_script:
+ - pacman -Syy
+
+# RHEL 8 derivatives would need more work due to *default* python being old
+#pkg:rocky-8:
+# <<: *pkg_test
+# image: $CI_REGISTRY/packaging/apkg/full/rocky-8
+
+# Leap 15.4 would need more work due to *default* python being old
+#pkg:opensuse-15.4:
+# <<: *pkg_test
+# <<: *enable_repo_build
+# image: $CI_REGISTRY/packaging/apkg/full/opensuse-15.4
+# allow_failure: true # SUSE is always special
# }}}
# docs: {{{
--- /dev/null
+{# Tests that kresd can be started with default config and it resolves some domains #}
+Tests: systemd_service.sh
+Tests-Directory: distro/tests/
+Restrictions: needs-root
+{% if distro.match('fedora') -%}
+Depends: knot-utils
+{% elif distro.match('debian') or distro.match('ubuntu') -%}
+Depends: knot-dnsutils
+{% elif distro.match('arch') -%}
+Depends: knot
+{% elif distro.match('rocky', 'centos') -%}
+Depends: knot-utils
+{% elif distro.match('almalinux') -%}
+Depends: knot-utils
+{% elif distro.match('opensuse') -%}
+Depends: knot-utils
+{% else -%}
+Depends: unsupported-distro-this-package-does-not-exist-and-the-test-should-fail
+{%- endif %}
--- /dev/null
+#!/bin/bash
+
+# fail fast
+set -e
+
+# check for root
+if test "$(id -u)" -ne 0; then
+ echo "Must be run as root"
+ exit 1
+fi
+
+# We will be starting a systemd service, but another tests might do the same
+# so this makes sure there is nothing left after we exit
+trap "systemctl stop kresd@1.service" EXIT
+
+
+if ! systemctl start kresd@1.service; then
+ echo
+ echo "Failed to start service, here is its status:"
+ systemctl status kresd@1.service || true
+ echo
+ echo "kresd@1.service:"
+ systemctl cat kresd@1.service || true
+ echo
+ echo "Checking service user using \`id knot-resolver\`:"
+ id knot-resolver
+ exit 1
+else
+ set +e
+
+ # check that the resolvers are actually running
+ kdig @127.0.0.1 +edns nic.cz | tee /dev/stderr | grep -qi 'status: NOERROR'
+ if [ "$?" -ne "0" ]; then
+ echo "Could not 'kdig' the resolver - is it running?"
+ exit 1
+ fi
+fi
--- /dev/null
+#!/bin/bash
+# enable CZ.NIC Labs Debian/Ubuntu repos - see https://pkg.labs.nic.cz/doc/
+set -e
+
+REPO=$1
+if [ -z "${REPO}" ]; then
+ echo "usage: $0 REPOSITORY"
+ echo -e "\nPlease see: https://pkg.labs.nic.cz/doc/"
+ exit 1
+fi
+if [ "$(whoami)" != "root" ]; then
+ echo "ERROR: this script must be run as ROOT"
+ echo -e "\nTry running with sudo:\n\n sudo $0\n"
+ exit 2
+fi
+
+# update apt metadata and install requirements
+apt-get update
+apt-get install -y apt-transport-https ca-certificates lsb-release wget
+
+DISTRO=$(lsb_release -si | tr '[:upper:]' '[:lower:]')
+CODENAME=$(lsb_release -sc)
+
+echo "Enabling $REPO repo on $DISTRO $CODENAME..."
+# get repo signing key
+wget -O /usr/share/keyrings/cznic-labs-pkg.gpg https://pkg.labs.nic.cz/gpg
+# create repo entry
+echo "deb [signed-by=/usr/share/keyrings/cznic-labs-pkg.gpg] https://pkg.labs.nic.cz/$REPO $CODENAME main" > /etc/apt/sources.list.d/cznic-labs-$REPO.list
+# update apt metadata from the new repo
+apt-get update
projects / thirdparty / knot-resolver.git / commitdiff
