The CI automation test report library used embedded images to indicate
test success / failures. The URL these images were referenced from has
gone AWOL some time ago, resulting in ugly "missing image" references in
test reports.
This change updates the test result indicator code to only use emojis.
Signed-off-by: Thilo Fromm <thilofromm@microsoft.com>
After years of good services and sponsoring from Equinix Metal, we need
to retire those tests for AMD64 / ARM64 bare metal instances.
As Equinix Metal offering is still around until June 2026, let's
continue to produce and release Flatcar images for any users still using
those images but we won't test them as the Flatcar account won't be
covered by sponsoring.
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
this logic takes care of copying binary packages, SDK and packages
containers to cloudflare bucket in the `r2:flatcar/mirror/` location
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
We got a DNS resolution problem due to UDP packets not going to the
configured server. For now try the host network (and otherwise maybe
a custom DNS server?).
But in any case we should not block the release on that and continue.
Signed-off-by: Kai Lueke <kailuke@microsoft.com>
The wrong variable was used to set up the mapping of the rclone config
into the rclone container and it wasn't set up in the right function.
Move it into the right function and use the right variable name but also
don't rely on /proc/PID/fd/FD to be mappable into the container but
instead use a regular temp file.
Signed-off-by: Kai Lueke <kailuke@microsoft.com>
rclone was previously called from the Mantle image but it's not the
case anymore because we need some environment variables (CHANNEL, ARCH,
etc.)
Let's switch to the `rclone` Docker image.
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
The upload to R2 was added experimentally and we now want to make use of
it. The CHANNEL variable wasn't defined and it failed because of that.
Do the upload for all channels and set the variable up first. Existing
releases should get synced from the current Origin server via a FUSE
mount that we anyway want to rely on for the directory listing that
Caddy creates. Left to decide is how we manage the "current" version
but that is done manually anyway as of now.
Signed-off-by: Kai Lueke <kailuke@microsoft.com>
- Tighten the patterns used for nightly tags detection.
- Compare hashes instead of names to figure out if we are on top of a
branch (fixes the issue of no nightly tags reachable from the
release branches). Jenkins is doing `git fetch origin "${branch}";
git checkout FETCH_HEAD` and this was confusing the `git rev-parse
--abbrev-ref HEAD` code (it returned `HEAD` instead of `${branch}`).
- Account for possible multiple tags in a single commit.
- Made the tagging fail in dubious situations.
- Reindent the code, modernize a bit.
`show_changes_params` is not available in this lexical scope, we
should have been using `show_changes_params_ref`. This has worked so
far only because all the callers of the functions were passing
`show_changes_params` to be referenced by
`show_changes_params_ref`. Just a lucky happenstance.
Spotted by Chewi.
It's a recent addition - nvidia sysexts are amd64-only for now, so the
EXTRA_SYSEXTS variable got some new fields to indicate that. Make use
of them for filtering which extra sysexts changes to report.
We still perform some tests using Gen 1 on amd64. Standard_D2s_v6 does
not support this, but v5 will presumably be the last version that does,
so hardcode that case.
For Gen 2, you need to set the SKU for amd64 to work, and it has to use
the gallery like arm64 already does.
Using the gallery is possibly slightly slower, so ideally we would only
upload the image once like we do for AWS, but let's just get it working
for now.
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
It happens that we have some leftovers instances running in an "error"
state (the error comes from the OpenStack scheduled deletion). This
leads to instance creation error during the test because quota limits
are hit.
Let's clean-up everything before running the new tests.
This won't impact tests from other channels as OpenStack is limited to
one CI job at a time.
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
Hetzner is having some capacity issues[^1]:
- amd64: CPX plans (CPX11 to CPX51) - Falkenstein (FSN) and Nuremberg (NBG)
- arm64: CAX plans (CAX11 to CAX41) - Helsinki (HEL) and Nuremberg (NBG)
Let's switch the location:
* Helsinki (hel1) for amd64
* Keep Falkenstein (fsn1) for arm64
[^1]: https://status.hetzner.com/incident/aa5ce33b-faa5-4fd0-9782-fde43cd270cf
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
The update payload needs the kernel, which isn't signed during the image
job. Secure Boot is not currently enabled for update tests, but we may
as well do this properly. The production update upload is generated
manually at the end after everything has already been signed.
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
Otherwise it uses the default name, which can clash with other
concurrent jobs, especially jobs for the other arches.
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
In the test we should use the unzipped image, which is the one
documented.
This allows us to drop some modifications to our OpenStack instance.
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
We only want to do the signing in Azure, not the whole image job. This
new job downloads the unsigned image, signs it, and replaces it.
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
The new arm64 firmware supporting Secure Boot (see next commit) is in
QCOW2 format only, avoiding the extra space taken up by the 64MB
padding. Supporting both raw and QCOW2 images would be messy, so switch
entirely to QCOW2.
Only the 4MB images are in QCOW2 format on amd64, so also switch away
from the 2MB images. 4MB images are now the default for most
distributions as they are needed to apply certain Windows updates.
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
Kola's logic for choosing BIOS vs EFI isn't too smart, and not
specifying --qemu-ovmf-vars leads to it passing -bios to QEMU. This
doesn't make sense for arm64, but it did work anyway with the old
firmware in raw format. The new firmware in QCOW2 format doesn't work
this way.
Signed-off-by: James Le Cuirot <jlecuirot@microsoft.com>
No need for garbage collection since one temporary project is allocated with 1h of
lifespan for each run.
Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
Co-authored-by: Julian Tölle <julian.toelle97@gmail.com>
This adds support for providing a value for the newly introduce
--azure-kola-vnet kola parameter through the environment. This parameter is
meant to indicate that kola is running inside of a vnet in Azure and the kola
created storage account will be restricted to being accessed from that vnet.
This lets us disable public access to storage accounts.
Needs a corresponding change to jenkins jobs, because we have no way of
determining what vnet a worker node is connected to programmatically. So it
needs to be defined by the job.
Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
