job-runner: testing runs isolated to their own container #6017
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
job-runner
Dismissed
| await run_job(job, ctx) | ||
|
|
||
| if __name__ == '__main__': | ||
| asyncio.run(main()) |
Check warning
Code scanning / CodeQL
Use of the return value of a procedure Warning
martinpitt
added a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 5, 2024
This still needs to happen for production, but allows us to start testing cockpit-project/bots#6017.
5 tasks
allisonkarlitskaya
force-pushed
the
job-runner
branch
from
dc240da to
a50e606
Compare
allisonkarlitskaya
pushed a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 5, 2024
This still needs to happen for production, but allows us to start testing cockpit-project/bots#6017.
|
Random note: while hacking on this, despite all kinds of exceptions and irregular exits for all kinds of reasons (including many programming errors), I haven't seen a single leaked container in over two weeks (when I got the |
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
allisonkarlitskaya
pushed a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 5, 2024
This still needs to happen for production, but allows us to start testing cockpit-project/bots#6017. We can drop the CONTAINER_HOST environment variable we added in the last commit — we can provide that information via job-runner.toml instead.
This comment was marked as outdated.
This comment was marked as outdated.
martinpitt
added a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 6, 2024
This still needs to happen for production, but allows us to start testing cockpit-project/bots#6017.
martinpitt
added a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 6, 2024
This still needs to happen for production, but allows us to start testing cockpit-project/bots#6017.
martinpitt
requested changes
Mar 6, 2024
|
test_pr() failed. The inner bots tests succeeded (and the statuses bubble is green here), but the output check failed: That used to be done by the old s3-streamer: While we can of course change the string format, the node where |
martinpitt
added a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 6, 2024
This still needs to happen for production, but allows us to start testing cockpit-project/bots#6017.
|
I adjusted the expected test output in cockpit-project/cockpituous#587 and added a FIXUP commit here which adds back 'Running on:". The integration test passes now. |
martinpitt
added a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 6, 2024
This still needs to happen for production, but allows us to start testing cockpit-project/bots#6017.
martinpitt
reviewed
Mar 6, 2024
martinpitt
added a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 6, 2024
This still needs to happen for production, but allows us to start testing cockpit-project/bots#6017.
allisonkarlitskaya
pushed a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 6, 2024
This still needs to happen for production, but allows us to start testing cockpit-project/bots#6017.
allisonkarlitskaya
force-pushed
the
job-runner
branch
from
f649627 to
5d35d6f
Compare
allisonkarlitskaya
force-pushed
the
job-runner
branch
3 times, most recently
from
72caf52 to
0e1ed24
Compare
|
This failure looks very relevant: Fortunately it already happens in test_mock_pr(), and it effortlessly reproduces in This is because we are using podman-remote in that test (and will in prod), so that temp dir will indeed not exist. |
allisonkarlitskaya
force-pushed
the
job-runner
branch
3 times, most recently
from
f2edd19 to
7c23a58
Compare
allisonkarlitskaya
force-pushed
the
job-runner
branch
from
7c23a58 to
da49455
Compare
martinpitt
added a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 7, 2024
This still needs to happen for production, but allows us to start testing cockpit-project/bots#6017.
martinpitt
added a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 7, 2024
This still needs to happen for production, but allows us to start testing cockpit-project/bots#6017.
martinpitt
added a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 7, 2024
This still needs to happen for production, but allows us to start testing cockpit-project/bots#6017.
allisonkarlitskaya
pushed a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 7, 2024
This still needs to happen for production, but allows us to start testing cockpit-project/bots#6017.
martinpitt
requested changes
Mar 7, 2024
martinpitt
reviewed
Mar 7, 2024
allisonkarlitskaya
force-pushed
the
job-runner
branch
from
da49455 to
85f5244
Compare
martinpitt
added a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 7, 2024
This will allow us to enable job-runner in cockpit-project/bots#6017. Do this both for our production bots as well as our run-local.sh integration tests.
martinpitt
added a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 7, 2024
This will allow us to enable job-runner in cockpit-project/bots#6017. Do this both for our production bots as well as our run-local.sh integration tests.
allisonkarlitskaya
force-pushed
the
job-runner
branch
from
85f5244 to
543a95e
Compare
martinpitt
added a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 7, 2024
This will allow us to enable job-runner in cockpit-project/bots#6017. Do this both for our production bots as well as our run-local.sh integration tests.
allisonkarlitskaya
force-pushed
the
job-runner
branch
from
366b7bf to
f58bff5
Compare
martinpitt
added a commit
to cockpit-project/cockpituous
that referenced
this pull request
Mar 7, 2024
This will allow us to enable job-runner in cockpit-project/bots#6017. Do this both for our production bots as well as our run-local.sh integration tests.
Introduce job-runner, a new asyncio python application designed to replace a good chunk of our backend CI infra: - `tests-invoke` - `make-checkout` - `s3-streamer` - (eventually, maybe) `run-queue` and dramatically simplify others: - `issue-scan` - `tests-scan` while making it easier to play with our testing infrastructure locally. The main new feature vs. the existing stuff is that each testing job is run in its own one-time-use container. The image for that container is under control of the revision being tested, allowing for gating of task container upgrades (avoiding the usual wave of broken pixels, linting changes, etc.). Instead of running our jobs from the giant blobs of shell pasted together in `issue-scan` or `tests-scan` we consume them as the new "Job" json format, already introduced in #5932. The new approach also makes a conscious effort to reduce the amount of exposure of secrets to test runs (although we have some more work to do here). This commit introduces job-runner (along with its helper script, `checkout-and-run`) along with tests. Nothing uses this yet.
If we have a 'job' attribute in our payload, ignore the command blob and dispatch the JSON via `job-runner`.
allisonkarlitskaya
force-pushed
the
job-runner
branch
from
f58bff5 to
043aaf0
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Introduce job-runner, a new asyncio python application designed to replace a good chunk of our backend CI infra:
tests-invokemake-checkouts3-streamerrun-queueand dramatically simplify others:
issue-scantests-scanwhile making it easier to play with our testing infrastructure locally.
The main new feature vs. the existing stuff is that each testing job is run in its own one-time-use container. The image for that container is under control of the revision being tested, allowing for gating of task container upgrades (avoiding the usual wave of broken pixels, linting changes, etc.).
Instead of running our jobs from the giant blobs of shell pasted together in
issue-scanortests-scanwe consume them as the new "Job" json format, already introduced in #5932.The new approach also makes a conscious effort to reduce the amount of exposure of secrets to test runs (although we have some more work to do here).
TODO:
cidfile crash after successful runs https://paste.centos.org/view/01fcdfc8 withnot reproducible, ignorepodman-remote; this breaks attachments, thus a blocker