Backports (stable-5.0) #27789
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Tests | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - stable-* | |
| pull_request: | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }} | |
| cancel-in-progress: true | |
| defaults: | |
| run: | |
| # Make sure bash is always invoked with `-eo pipefail` | |
| # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsshell | |
| shell: bash | |
| jobs: | |
| code-tests: | |
| env: | |
| CGO_CFLAGS: "-I/home/runner/work/lxd/lxd-test/vendor/dqlite/include/" | |
| CGO_LDFLAGS: "-L/home/runner/work/lxd/lxd-test/vendor/dqlite/.libs/" | |
| LD_LIBRARY_PATH: "/home/runner/work/lxd/lxd-test/vendor/dqlite/.libs/" | |
| CGO_LDFLAGS_ALLOW: "(-Wl,-wrap,pthread_create)|(-Wl,-z,now)" | |
| name: Code | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6.0.2 | |
| with: | |
| # A non-shallow clone is needed for the Differential ShellCheck | |
| fetch-depth: 0 | |
| - name: Dependency Review | |
| uses: actions/dependency-review-action@v4 | |
| if: github.event_name == 'pull_request' | |
| # XXX: `make static-analysis` also run shellcheck but this one provides | |
| # useful feedback in the PR through github-code-scanning bot | |
| - id: ShellCheck | |
| name: Differential ShellCheck | |
| uses: redhat-plumbers-in-action/differential-shellcheck@v5 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| strict-check-on-push: true | |
| if: github.event_name == 'pull_request' | |
| - name: Upload artifact with ShellCheck defects in SARIF format | |
| uses: actions/upload-artifact@v7 | |
| with: | |
| name: Differential ShellCheck SARIF | |
| path: ${{ steps.ShellCheck.outputs.sarif }} | |
| if: github.event_name == 'pull_request' | |
| - name: Install Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Install dependencies | |
| run: | | |
| set -eux | |
| sudo add-apt-repository ppa:ubuntu-lxc/daily -y --no-update | |
| sudo apt-get update | |
| sudo apt-get install --no-install-recommends -y \ | |
| build-essential \ | |
| curl \ | |
| gettext \ | |
| git \ | |
| libacl1-dev \ | |
| libcap-dev \ | |
| libdbus-1-dev \ | |
| liblxc-dev \ | |
| lxc-templates \ | |
| libseccomp-dev \ | |
| libselinux-dev \ | |
| libsqlite3-dev \ | |
| libtool \ | |
| libudev-dev \ | |
| libuv1-dev \ | |
| make \ | |
| pkg-config \ | |
| shellcheck | |
| python3 -m pip install flake8 | |
| - name: Download go dependencies | |
| run: | | |
| set -eux | |
| go mod download | |
| - name: Make LXD tarball and unpack it | |
| env: | |
| CUSTOM_VERSION: "test" | |
| run: | | |
| set -eux | |
| make dist | |
| tar -xzf lxd-test.tar.gz -C ~/work/lxd/ | |
| rm lxd-test.tar.gz | |
| - name: Build LXD dependencies | |
| run: | | |
| set -eux | |
| cd ~/work/lxd/lxd-test | |
| make deps | |
| - name: Run LXD build | |
| run: | | |
| set -eux | |
| make | |
| - name: Check lxc/lxd-agent binary sizes | |
| run: | | |
| set -eux | |
| # Build lxc/lxd-agent the same way as done in the snap | |
| go build -trimpath -o "/tmp/bin/lxc" github.com/canonical/lxd/lxc | |
| CGO_ENABLED=0 go build -trimpath -o "/tmp/bin/lxd-agent" -tags=agent,netgo github.com/canonical/lxd/lxd-agent | |
| strip -s /tmp/bin/* | |
| # bin/min/max (sizes are in MiB) | |
| SIZES="lxc 16 18 | |
| lxd-agent 14 16" | |
| MIB="$((1024 * 1024))" | |
| while read -r bin min max; do | |
| cur="$(stat --format=%s "/tmp/bin/${bin}")" | |
| min_mib="$((min * MIB))" | |
| max_mib="$((max * MIB))" | |
| rm -f "/tmp/bin/${bin}" | |
| if [ "${cur}" -gt "${max_mib}" ]; then | |
| echo "FAIL: ${bin} binary size exceeds ${max}MiB" | |
| exit 1 | |
| fi | |
| # XXX: check for when we need to lower the min/max sizes | |
| if [ "${cur}" -lt "${min_mib}" ]; then | |
| echo "Congratulations: ${bin} binary size reduced below ${min}MiB" | |
| echo "It is now time to edit the workflow job to use smaller min/max sizes for ${bin}" | |
| exit 1 | |
| fi | |
| echo "OK: ${bin} is between ${min} and ${max}MiB" | |
| done <<< ${SIZES} | |
| - name: Run static analysis | |
| env: | |
| GITHUB_BEFORE: ${{ github.event.before }} | |
| run: | | |
| set -eux | |
| make static-analysis | |
| - name: Unit tests (all) | |
| run: | | |
| set -eux | |
| sudo --preserve-env=CGO_CFLAGS,CGO_LDFLAGS,CGO_LDFLAGS_ALLOW,LD_LIBRARY_PATH LD_LIBRARY_PATH=${LD_LIBRARY_PATH} env "PATH=${PATH}" go test -v ./... | |
| system-tests: | |
| env: | |
| CGO_LDFLAGS_ALLOW: "(-Wl,-wrap,pthread_create)|(-Wl,-z,now)" | |
| LXD_SHIFTFS_DISABLE: "true" | |
| LXD_CEPH_CLUSTER: "ceph" | |
| LXD_CEPH_CEPHFS: "cephfs" | |
| LXD_CONCURRENT: "1" | |
| LXD_VERBOSE: "1" | |
| LXD_OFFLINE: "1" | |
| LXD_TMPFS: "1" | |
| name: System | |
| runs-on: ubuntu-22.04 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| suite: ["cluster", "standalone"] | |
| backend: ["dir", "btrfs", "lvm", "zfs", "ceph", "random"] | |
| steps: | |
| - name: Performance tuning | |
| run: | | |
| set -eux | |
| # optimize ext4 FSes for performance, not reliability | |
| for fs in $(findmnt --noheading --type ext4 --list --uniq | awk '{print $1}'); do | |
| # nombcache and data=writeback cannot be changed on remount | |
| sudo mount -o remount,noatime,barrier=0,commit=6000 "${fs}" || true | |
| done | |
| # disable dpkg from calling sync() | |
| echo "force-unsafe-io" | sudo tee /etc/dpkg/dpkg.cfg.d/force-unsafe-io | |
| - name: Reclaim some space | |
| run: | | |
| set -eux | |
| sudo snap remove lxd --purge | |
| # Purge older snap revisions that are disabled/superseded by newer revisions of the same snap | |
| snap list --all | while read -r name _ rev _ _ notes _; do | |
| [[ "${notes}" =~ disabled$ ]] && snap remove "${name}" --revision "${rev}" --purge | |
| done || true | |
| # This was inspired from https://github.com/easimon/maximize-build-space | |
| df -h / | |
| # dotnet | |
| sudo rm -rf /usr/share/dotnet | |
| # android | |
| sudo rm -rf /usr/local/lib/android | |
| # haskell | |
| sudo rm -rf /opt/ghc | |
| df -h / | |
| - name: Remove docker | |
| run: | | |
| set -eux | |
| sudo apt-get autopurge -y moby-containerd docker uidmap | |
| sudo ip link delete docker0 | |
| sudo nft flush ruleset | |
| - name: Checkout | |
| uses: actions/checkout@v6.0.2 | |
| - name: Install Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Check compatibility with min Go version | |
| run: | | |
| set -eux | |
| GOMIN="$(sed -n 's/^GOMIN=\([0-9.]\+\)$/\1/p' Makefile)" | |
| go mod tidy -go="${GOMIN}" | |
| DOC_GOMIN="$(sed -n 's/^LXD requires Go \([0-9.]\+\) .*/\1/p' doc/requirements.md)" | |
| [ "${GOMIN}" = "${DOC_GOMIN}" ] | |
| - name: Install dependencies | |
| run: | | |
| set -eux | |
| sudo add-apt-repository ppa:ubuntu-lxc/daily -y --no-update | |
| sudo add-apt-repository ppa:dqlite/dev -y --no-update | |
| sudo apt-get update | |
| sudo systemctl mask lxc.service lxc-net.service | |
| sudo apt-get install --no-install-recommends -y \ | |
| curl \ | |
| git \ | |
| libacl1-dev \ | |
| libcap-dev \ | |
| libdbus-1-dev \ | |
| libdqlite1.17-dev \ | |
| liblxc-dev \ | |
| libseccomp-dev \ | |
| libselinux-dev \ | |
| libsqlite3-dev \ | |
| libtool \ | |
| libudev-dev \ | |
| make \ | |
| pkg-config\ | |
| acl \ | |
| attr \ | |
| bind9-dnsutils \ | |
| btrfs-progs \ | |
| busybox-static \ | |
| dnsmasq-base \ | |
| easy-rsa \ | |
| gettext \ | |
| jq \ | |
| lxc-utils \ | |
| lvm2 \ | |
| nftables \ | |
| quota \ | |
| rsync \ | |
| s3cmd \ | |
| socat \ | |
| sqlite3 \ | |
| squashfs-tools \ | |
| tar \ | |
| tcl \ | |
| thin-provisioning-tools \ | |
| uuid-runtime \ | |
| xfsprogs \ | |
| xz-utils \ | |
| zfsutils-linux | |
| # reclaim some space | |
| sudo apt-get clean | |
| mkdir -p "$(go env GOPATH)/bin" | |
| - name: Download go dependencies | |
| run: | | |
| set -eux | |
| go mod download | |
| - name: Run LXD build | |
| run: | | |
| set -eux | |
| make | |
| - name: Setup MicroCeph | |
| if: ${{ matrix.backend == 'ceph' }} | |
| uses: ./.github/actions/setup-microceph | |
| with: | |
| osd-count: 3 | |
| microceph-channel: "squid/edge" | |
| - name: "Run system tests (${{ matrix.suite }}, ${{ matrix.backend }})" | |
| run: | | |
| echo '|/bin/sh -c $@ -- eval exec gzip --fast > /var/crash/core-%e.%p.gz' | sudo tee /proc/sys/kernel/core_pattern | |
| set -eux | |
| chmod +x ~ | |
| echo "root:1000000:1000000000" | sudo tee /etc/subuid /etc/subgid | |
| cd test | |
| sudo --preserve-env=PATH,GOPATH,GITHUB_ACTIONS,LXD_VERBOSE,LXD_BACKEND,LXD_CEPH_CLUSTER,LXD_CEPH_CEPHFS,LXD_CEPH_CEPHOBJECT_RADOSGW,LXD_OFFLINE,LXD_SKIP_TESTS,LXD_REQUIRED_TESTS,LXD_SHIFTFS_DISABLE LXD_BACKEND=${{ matrix.backend }} ./main.sh ${{ matrix.suite }} | |
| client: | |
| name: Client | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: | |
| - ubuntu-latest | |
| - macos-latest | |
| - windows-latest | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6.0.2 | |
| - name: Install Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Create build directory | |
| run: | | |
| mkdir bin | |
| - name: Build static lxc (x86_64) | |
| env: | |
| CGO_ENABLED: 0 | |
| GOARCH: amd64 | |
| run: | | |
| go build -ldflags "-s -w" -o trimpath -o bin/lxc.x86_64 ./lxc | |
| - name: Build static lxc (aarch64) | |
| env: | |
| CGO_ENABLED: 0 | |
| GOARCH: arm64 | |
| run: | | |
| go build -ldflags "-s -w" -o trimpath -o bin/lxc.aarch64 ./lxc | |
| - name: Build static lxd-benchmark | |
| if: runner.os == 'Linux' | |
| env: | |
| CGO_ENABLED: 0 | |
| run: | | |
| set -eux | |
| GOARCH=amd64 go build -ldflags "-s -w" -o trimpath -o bin/lxd-benchmark.x86_64 ./lxd-benchmark | |
| GOARCH=arm64 go build -ldflags "-s -w" -o trimpath -o bin/lxd-benchmark.aarch64 ./lxd-benchmark | |
| - name: Build static lxd-migrate | |
| if: runner.os == 'Linux' | |
| env: | |
| CGO_ENABLED: 0 | |
| run: | | |
| set -eux | |
| GOARCH=amd64 go build -ldflags "-s -w" -o trimpath -o bin/lxd-migrate.x86_64 ./lxd-migrate | |
| GOARCH=arm64 go build -ldflags "-s -w" -o trimpath -o bin/lxd-migrate.aarch64 ./lxd-migrate | |
| - name: Unit tests (client) | |
| env: | |
| CGO_ENABLED: 0 | |
| run: go test -v ./client/... | |
| - name: Unit tests (lxc) | |
| env: | |
| CGO_ENABLED: 0 | |
| run: go test -v ./lxc/... | |
| - name: Unit tests (shared) | |
| env: | |
| CGO_ENABLED: 0 | |
| run: go test -v ./shared/... | |
| - name: Upload lxc client artifacts | |
| uses: actions/upload-artifact@v7 | |
| continue-on-error: true | |
| with: | |
| name: ${{ runner.os }} | |
| path: bin/ | |
| documentation: | |
| name: Documentation | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6.0.2 | |
| with: | |
| # A non-shallow clone is needed for the sitemap generation | |
| fetch-depth: 0 | |
| - name: Install Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Install dependencies | |
| run: | | |
| set -eux | |
| sudo apt-get install aspell aspell-en | |
| sudo snap install mdl | |
| - name: Run markdown linter | |
| run: | | |
| set -eux | |
| make doc-lint | |
| - name: Run spell checker | |
| run: | | |
| set -eux | |
| make doc-spellcheck | |
| - name: Run inclusive naming checker | |
| uses: get-woke/woke-action@v0 | |
| with: | |
| fail-on-error: true | |
| woke-args: "*.md **/*.md -c https://github.com/canonical/Inclusive-naming/raw/main/config.yml" | |
| - name: Run link checker | |
| run: | | |
| set -eux | |
| make doc-linkcheck | |
| - name: Build docs (Sphinx) | |
| run: | | |
| set -eux | |
| make doc | |
| if [ -s doc/.sphinx/warnings.txt ]; then cat doc/.sphinx/warnings.txt; exit 1; fi | |
| - name: Upload documentation artifacts | |
| if: always() | |
| uses: actions/upload-artifact@v7 | |
| with: | |
| name: documentation | |
| path: doc/html | |
| snap: | |
| name: Trigger snap edge build | |
| runs-on: ubuntu-24.04 | |
| needs: [code-tests, system-tests, client, documentation] | |
| if: ${{ github.repository == 'canonical/lxd' && github.event_name == 'push' && github.actor != 'dependabot[bot]' }} | |
| env: | |
| SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
| PACKAGE: "lxd" | |
| REPO: "git+ssh://lxdbot@git.launchpad.net/~lxd-snap/lxd" | |
| BRANCH: >- | |
| ${{ fromJson('{ | |
| "main": "latest-edge", | |
| "stable-5.0": "5.0-edge", | |
| }')[github.ref_name] }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 # v5.0.1 | |
| - uses: ./.github/actions/lp-snap-build | |
| with: | |
| ssh-key: "${{ secrets.LAUNCHPAD_LXD_BOT_KEY}}" | |
| - name: Trigger Launchpad snap build | |
| run: | | |
| set -eux | |
| echo "${PATH}" | |
| localRev="$(git rev-parse HEAD)" | |
| cd ~/"${PACKAGE}-pkg-snap-lp" | |
| lxd-snapcraft -package "${PACKAGE}" -set-version "git-${localRev:0:7}" -set-source-commit "${localRev}" | |
| git add --all | |
| git commit --all --quiet -s --allow-empty -m "Automatic upstream build (${BRANCH})" -m "Upstream commit: ${localRev}" | |
| git show | |
| git push --quiet |