diff options
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/bazel-0.24.0.bazelrc | 106 | ||||
| -rwxr-xr-x | tools/image_build.sh | 98 | ||||
| -rwxr-xr-x | tools/run_tests.sh | 17 |
3 files changed, 107 insertions, 114 deletions
diff --git a/tools/bazel-0.24.0.bazelrc b/tools/bazel-0.24.0.bazelrc deleted file mode 100644 index a8348faab..000000000 --- a/tools/bazel-0.24.0.bazelrc +++ /dev/null @@ -1,106 +0,0 @@ -# Copyright 2016 The Bazel Authors. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# This file is auto-generated from release/bazelrc.tpl and should not be -# modified directly. - -# This .bazelrc file contains all of the flags required for the provided -# toolchain with Remote Build Execution. -# -# This .bazelrc file also contains all of the flags required for the local -# docker sandboxing. - -# Depending on how many machines are in the remote execution instance, setting -# this higher can make builds faster by allowing more jobs to run in parallel. -# Setting it too high can result in jobs that timeout, however, while waiting -# for a remote machine to execute them. -build:remote --jobs=50 - -# Set several flags related to specifying the platform, toolchain and java -# properties. -# These flags are duplicated rather than imported from (for example) -# %workspace%/configs/ubuntu16_04_clang/1.2/toolchain.bazelrc to make this -# bazelrc a standalone file that can be copied more easily. -# These flags should only be used as is for the rbe-ubuntu16-04 container -# and need to be adapted to work with other toolchain containers. -build:remote --host_javabase=@bazel_toolchains//configs/ubuntu16_04_clang/1.2:jdk8 -build:remote --javabase=@bazel_toolchains//configs/ubuntu16_04_clang/1.2:jdk8 -build:remote --host_java_toolchain=@bazel_tools//tools/jdk:toolchain_hostjdk8 -build:remote --java_toolchain=@bazel_tools//tools/jdk:toolchain_hostjdk8 -build:remote --crosstool_top=@bazel_toolchains//configs/ubuntu16_04_clang/1.2/bazel_0.24.0/default:toolchain -build:remote --action_env=BAZEL_DO_NOT_DETECT_CPP_TOOLCHAIN=1 -# Platform flags: -# The toolchain container used for execution is defined in the target indicated -# by "extra_execution_platforms", "host_platform" and "platforms". -# If you are using your own toolchain container, you need to create a platform -# target with "constraint_values" that allow for the toolchain specified with -# "extra_toolchains" to be selected (given constraints defined in -# "exec_compatible_with"). -# More about platforms: https://docs.bazel.build/versions/master/platforms.html -build:remote --extra_toolchains=@bazel_toolchains//configs/ubuntu16_04_clang/1.2/bazel_0.24.0/cpp:cc-toolchain-clang-x86_64-default -build:remote --extra_execution_platforms=@bazel_toolchains//configs/ubuntu16_04_clang/1.2:rbe_ubuntu1604 -build:remote --host_platform=@bazel_toolchains//configs/ubuntu16_04_clang/1.2:rbe_ubuntu1604 -build:remote --platforms=@bazel_toolchains//configs/ubuntu16_04_clang/1.2:rbe_ubuntu1604 - -# Set various strategies so that all actions execute remotely. Mixing remote -# and local execution will lead to errors unless the toolchain and remote -# machine exactly match the host machine. -build:remote --spawn_strategy=remote -build:remote --strategy=Javac=remote -build:remote --strategy=Closure=remote -build:remote --strategy=Genrule=remote -build:remote --define=EXECUTOR=remote - -# Enable the remote cache so action results can be shared across machines, -# developers, and workspaces. -build:remote --remote_cache=remotebuildexecution.googleapis.com - -# Enable remote execution so actions are performed on the remote systems. -build:remote --remote_executor=remotebuildexecution.googleapis.com - -# Enable encryption. -build:remote --tls_enabled=true - -# Set a higher timeout value, just in case. -build:remote --remote_timeout=3600 - -# Enable authentication. This will pick up application default credentials by -# default. You can use --auth_credentials=some_file.json to use a service -# account credential instead. -build:remote --auth_enabled=true - -# The following flags are only necessary for local docker sandboxing -# with the rbe-ubuntu16-04 container. Use of these flags is still experimental. -build:docker-sandbox --host_javabase=@bazel_toolchains//configs/ubuntu16_04_clang/1.2:jdk8 -build:docker-sandbox --javabase=@bazel_toolchains//configs/ubuntu16_04_clang/1.2:jdk8 -build:docker-sandbox --crosstool_top=@bazel_toolchains//configs/ubuntu16_04_clang/1.2/bazel_0.24.0/default:toolchain -build:docker-sandbox --experimental_docker_image=gcr.io/cloud-marketplace/google/rbe-ubuntu16-04@sha256:da0f21c71abce3bbb92c3a0c44c3737f007a82b60f8bd2930abc55fe64fc2729 -build:docker-sandbox --spawn_strategy=docker -build:docker-sandbox --strategy=Javac=docker -build:docker-sandbox --strategy=Closure=docker -build:docker-sandbox --strategy=Genrule=docker -build:docker-sandbox --define=EXECUTOR=remote -build:docker-sandbox --experimental_docker_verbose -build:docker-sandbox --experimental_enable_docker_sandbox - -# The following flags enable the remote cache so action results can be shared -# across machines, developers, and workspaces. -build:remote-cache --remote_cache=remotebuildexecution.googleapis.com -build:remote-cache --tls_enabled=true -build:remote-cache --remote_timeout=3600 -build:remote-cache --auth_enabled=true -build:remote-cache --spawn_strategy=standalone -build:remote-cache --strategy=Javac=standalone -build:remote-cache --strategy=Closure=standalone -build:remote-cache --strategy=Genrule=standalone diff --git a/tools/image_build.sh b/tools/image_build.sh new file mode 100755 index 000000000..9b20a740d --- /dev/null +++ b/tools/image_build.sh @@ -0,0 +1,98 @@ +#!/bin/bash + +# Copyright 2019 The gVisor Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This script is responsible for building a new GCP image that: 1) has nested +# virtualization enabled, and 2) has been completely set up with the +# image_setup.sh script. This script should be idempotent, as we memoize the +# setup script with a hash and check for that name. +# +# The GCP project name should be defined via a gcloud config. + +set -xeo pipefail + +# Parameters. +declare -r ZONE=${ZONE:-us-central1-f} +declare -r USERNAME=${USERNAME:-test} +declare -r IMAGE_PROJECT=${IMAGE_PROJECT:-ubuntu-os-cloud} +declare -r IMAGE_FAMILY=${IMAGE_FAMILY:-ubuntu-1604-lts} + +# Random names. +declare -r DISK_NAME=$(mktemp -u disk-XXXXXX | tr A-Z a-z) +declare -r SNAPSHOT_NAME=$(mktemp -u snapshot-XXXXXX | tr A-Z a-z) +declare -r INSTANCE_NAME=$(mktemp -u build-XXXXXX | tr A-Z a-z) + +# Hashes inputs. +declare -r SETUP_BLOB=$(echo ${ZONE} ${USERNAME} ${IMAGE_PROJECT} ${IMAGE_FAMILY} && sha256sum "$@") +declare -r SETUP_HASH=$(echo ${SETUP_BLOB} | sha256sum - | cut -d' ' -f1 | cut -c 1-16) +declare -r IMAGE_NAME=${IMAGE_NAME:-image-}${SETUP_HASH} + +# Does the image already exist? Skip the build. +declare -r existing=$(gcloud compute images list --filter="name=(${IMAGE_NAME})" --format="value(name)") +if ! [[ -z "${existing}" ]]; then + echo "${existing}" + exit 0 +fi + +# Set the zone for all actions. +gcloud config set compute/zone "${ZONE}" + +# Start a unique instance. Note that this instance will have a unique persistent +# disk as it's boot disk with the same name as the instance. +gcloud compute instances create \ + --quiet \ + --image-project "${IMAGE_PROJECT}" \ + --image-family "${IMAGE_FAMILY}" \ + --boot-disk-size "200GB" \ + "${INSTANCE_NAME}" +function cleanup { + gcloud compute instances delete --quiet "${INSTANCE_NAME}" +} +trap cleanup EXIT + +# Wait for the instance to become available. +declare attempts=0 +while [[ "${attempts}" -lt 30 ]]; do + attempts=$((${attempts}+1)) + if gcloud compute ssh "${USERNAME}"@"${INSTANCE_NAME}" -- true; then + break + fi +done +if [[ "${attempts}" -ge 30 ]]; then + echo "too many attempts: failed" + exit 1 +fi + +# Run the install scripts provided. +for arg; do + gcloud compute ssh "${USERNAME}"@"${INSTANCE_NAME}" -- sudo bash - <"${arg}" +done + +# Stop the instance; required before creating an image. +gcloud compute instances stop --quiet "${INSTANCE_NAME}" + +# Create a snapshot of the instance disk. +gcloud compute disks snapshot \ + --quiet \ + --zone="${ZONE}" \ + --snapshot-names="${SNAPSHOT_NAME}" \ + "${INSTANCE_NAME}" + +# Create the disk image. +gcloud compute images create \ + --quiet \ + --source-snapshot="${SNAPSHOT_NAME}" \ + --licenses="https://www.googleapis.com/compute/v1/projects/vm-options/global/licenses/enable-vmx" \ + "${IMAGE_NAME}" diff --git a/tools/run_tests.sh b/tools/run_tests.sh index 483b9cb50..6fe80a36b 100755 --- a/tools/run_tests.sh +++ b/tools/run_tests.sh @@ -45,8 +45,7 @@ readonly TEST_PACKAGES=("//pkg/..." "//runsc/..." "//tools/...") ####################### # Install the latest version of Bazel and log the version. -# FIXME(b/137285694): Unable to build runsc with bazel 0.28.0. -(which use_bazel.sh && use_bazel.sh 0.27.1) || which bazel +(which use_bazel.sh && use_bazel.sh 0.28.0) || which bazel bazel version # Load the kvm module. @@ -177,7 +176,6 @@ run_docker_tests() { bazel test \ "${BAZEL_BUILD_FLAGS[@]}" \ --test_env=RUNSC_RUNTIME="" \ - --test_output=all \ //runsc/test/image:image_test # These names are used to exclude tests not supported in certain @@ -189,9 +187,7 @@ run_docker_tests() { bazel test \ "${BAZEL_BUILD_FLAGS[@]}" \ --test_env=RUNSC_RUNTIME="${RUNTIME}" \ - --test_output=all \ --nocache_test_results \ - --test_output=streamed \ //runsc/test/integration:integration_test \ //runsc/test/integration:integration_test_hostnet \ //runsc/test/integration:integration_test_overlay \ @@ -249,8 +245,7 @@ upload_test_artifacts() { fi } -# Finish runs at exit, even in the event of an error, and uploads all test -# artifacts. +# Finish runs in the event of an error, uploading all artifacts. finish() { # Grab the last exit code, we will return it. local exit_code=${?} @@ -295,8 +290,14 @@ main() { # Build other flavors too. build_everything dbg + # We need to upload all the existing test logs and artifacts before shutting + # down and cleaning bazel, otherwise all test information is lost. After this + # point, we don't expect any logs or artifacts. + upload_test_artifacts + trap - EXIT + + # Run docker build tests. build_in_docker - # No need to call "finish" here, it will happen at exit. } # Kick it off. |