Conversation
imlk0
force-pushed
the
more-ci
branch
4 times, most recently
from
fb095f6 to
029817a
Compare
|
@imlk0 ,您好,您的请求已接收,请耐心等待结果。 |
|
@imlk0 ,您好,您提交的 PR 将进行以下镜像构建:
如已确认,请回复 /build 进行构建。 |
|
@imlk0 ,您好,您的请求已接收,请耐心等待结果。 |
|
@imlk0 ,您好,未检测到有镜像需要构建,如需重新检测请评论 /start 。 |
|
@imlk0 ,您好,您的请求已接收,请耐心等待结果。 |
|
@imlk0 ,您好,未检测到有镜像需要构建,如需重新检测请评论 /start 。 |
|
@imlk0 ,您好,您的请求已接收,请耐心等待结果。 |
|
@imlk0 ,您好,未检测到有镜像需要构建,如需重新检测请评论 /start 。 |
|
@imlk0 ,您好,您的请求已接收,请耐心等待结果。 |
|
@imlk0 ,您好,未检测到有镜像需要构建,如需重新检测请评论 /start 。 |
Add integration test script that validates disk conversion workflow: - Tests 4 combinations: UKI/GRUB × encrypted/no-encryption modes - Includes cryptpilot-enhance step before conversion - Uses matrix strategy in CI for parallel test execution - Supports local testing with --input option for custom images 🤖 Generated with [Qoder][https://qoder.com]
- Install make in test container - Simplify RPM install to only cryptpilot-fde - Remove unused test wrapper functions - Add shellcheck directive for trap-registered cleanup function 🤖 Generated with [Qoder][https://qoder.com]
GitHub Actions runners don't have nbd kernel module. Skip test with success when nbd is not available. 🤖 Generated with [Qoder][https://qoder.com]
- Move nbd module loading to host runner before container starts - Use manual docker run instead of container action for better control - Remove graceful skip logic, now expects nbd to be available 🤖 Generated with [Qoder][https://qoder.com]
objcopy failed with 'No space left on device' when creating UKI. Use --tmpfs with 10GB limit to provide sufficient space. 🤖 Generated with [Qoder][https://qoder.com]
10GB insufficient for rootfs extraction (5GB image). Increase to 20GB to ensure adequate space. 🤖 Generated with [Qoder][https://qoder.com]
Add workflow to build and publish test images to GHCR for faster CI: - Create build-test-image.yml: manually triggered workflow with url/tag inputs - Create test-image.Dockerfile: minimal Dockerfile to package qcow2 images - Modify build-rpm.yml test-convert job to pull test image from ghcr.io instead of downloading from external URL on each run This change significantly speeds up CI by: - Pre-downloading test qcow2 images into GHCR containers - Extracting qcow2 from container images in CI (much faster than wget) - Passing INPUT_IMAGE to make run-convert-test-case for custom image path The test image tag is configurable via TEST_IMAGE_TAG env variable. Signed-off-by: Kun Lai <laikun@linux.alibaba.com>
Add /bin/true as placeholder command when creating container from scratch-based test image. The docker create command requires a command argument even for images without a shell, otherwise it fails with 'no command specified' error.
Update artifact download configuration to use correct artifact name: - Change from rpm-packages-x86_64 to build-output-x86_64 - Update download-artifact action from v4 to v8 for consistency - Add merge-multiple: false to prevent unwanted merging behavior Signed-off-by: Kun Lai <laikun@linux.alibaba.com>
Fix missing --package rpm specification in CI workflow and add QEMU boot testing to validate converted images. Changes: - build-rpm.yml: Export RPM path via GITHUB_OUTPUT for test step - Makefile: Pass CRYPTPILOT_FDE_RPM to test-convert.sh via --rpm flag - test-convert.sh: Add test_qemu_boot() function to verify images boot correctly using QEMU container (ghcr.io/qemus/qemu) - Tests for login prompt (success) or emergency shell (failure) - 2-minute timeout for boot completion - Full boot log output for debugging Signed-off-by: Kun Lai <laikun@linux.alibaba.com>
- Replace container_id with container_name to avoid podman stderr pollution (podman emits 'Emulate Docker CLI...' to stderr which gets captured by 2>&1) - Move verify_failed declaration before reference value check (scope fix) - Capture reference value stderr to file for better debugging
|
@imlk0 ,您好,您的请求已接收,请耐心等待结果。 |
|
@imlk0 ,您好,未检测到有镜像需要构建,如需重新检测请评论 /start 。 |
… environments When running inside a container where the in-container udevadm version is incompatible with the host udevd (e.g., alinux3 container on Ubuntu runner), `udevadm control --reload-rules` fails with a protocol error. Previously this caused `NbdDevice::connect` to hard-fail, breaking `show-reference-value` and any other operation that reads an external disk image. Changes: - `UdevRule.rule_path` is now `Option<PathBuf>`; when udevadm is not found the struct becomes a no-op and connect proceeds unblocked. - `udevadm control --reload-rules` failure is now a warning, not an error. As a fallback we attempt `udevadm settle` to drain pending udev events without requiring the daemon to accept a reload command. - If settle also fails we warn and continue; any device-mapper holders that udev auto-created will be caught by the new reactive cleanup step. - `NbdDevice::connect` now calls `remove_holder_dm_devices` immediately after the 1-second settle delay. This removes any DM devices that the host udevd may have auto-created for the nbd partitions before our rule could take effect, providing a reliable fallback when the proactive udev rule path is unavailable.
|
@imlk0 ,您好,您的请求已接收,请耐心等待结果。 |
|
@imlk0 ,您好,未检测到有镜像需要构建,如需重新检测请评论 /start 。 |
- Remove --tmpfs /tmp from the test container. The work directory created by cryptpilot-convert.sh inside /tmp can reach ~40 GB (rootfs.img + work qcow2), far exceeding the 7 GB RAM available on ubuntu-latest runners. Without the tmpfs flag /tmp uses Docker overlay storage backed by host disk, eliminating the OOM that caused encrypted test cases to fail after ~53 minutes. - Delete the pulled test docker image immediately after extracting the qcow2 file, freeing several GB of Docker layer cache. - In run_test_case, delete input.qcow2 and SOURCE_IMAGE right after conversion succeeds. output.qcow2 is a standalone image and does not reference these files, so they are safe to remove before the verify and QEMU boot steps. This reclaims ~20.5 GB of disk space during the most resource-intensive part of the test. - Add a disk/memory reporting step (df -h && free -h) before starting the test container to aid future debugging.
|
@imlk0 ,您好,您的请求已接收,请耐心等待结果。 |
|
@imlk0 ,您好,未检测到有镜像需要构建,如需重新检测请评论 /start 。 |
|
@imlk0 ,您好,您的请求已接收,请耐心等待结果。 |
|
@imlk0 ,您好,未检测到有镜像需要构建,如需重新检测请评论 /start 。 |
|
@imlk0 ,您好,您的请求已接收,请耐心等待结果。 |
|
@imlk0 ,您好,未检测到有镜像需要构建,如需重新检测请评论 /start 。 |
2 similar comments
|
@imlk0 ,您好,未检测到有镜像需要构建,如需重新检测请评论 /start 。 |
|
@imlk0 ,您好,未检测到有镜像需要构建,如需重新检测请评论 /start 。 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Test plan