- choice: &images_parameters_IMAGE_TYPE
name: 'IMAGE_TYPE'
choices:
- - 'lxd'
+ - 'incus'
- 'vm'
description: 'The type of image to create'
- choice:
- 'developer'
description: 'The ansible group to apply to the image'
required: true
- - string: &images_parameters_LXD_HOST
- name: 'LXD_HOST'
+ - string: &images_parameters_INCUS_HOST
+ name: 'INCUS_HOST'
default: 'ci-host-amd64-1a.internal.efficios.com'
- description: 'The address of the LXD cluster to publish to'
+ description: 'The address of the incus cluster to publish to'
required: true
- - string: &images_parameters_LXD_INSTANCE_PROFILE
- name: 'LXD_INSTANCE_PROFILE'
+ - string: &images_parameters_INCUS_INSTANCE_PROFILE
+ name: 'INCUS_INSTANCE_PROFILE'
default: 'ci-rootnode'
- description: 'The LXD instance profile to use for temporary instances when building images'
+ description: 'The Incus instance profile to use for temporary instances when building images'
required: true
- string: &images_parameters_GIT_URL
name: 'GIT_URL'
- choice:
<<: *images_parameters_IMAGE_TYPE
- string:
- <<: *images_parameters_LXD_HOST
+ <<: *images_parameters_INCUS_HOST
- string:
- <<: *images_parameters_LXD_INSTANCE_PROFILE
+ <<: *images_parameters_INCUS_INSTANCE_PROFILE
- string:
<<: *images_parameters_GIT_URL
- string:
name: 'DISTROBUILDER_GIT_BRANCH'
default: 'main'
- string:
- name: 'LXC_CI_GIT_URL'
+ name: 'INCUS_CI_GIT_URL'
default: 'https://github.com/lxc/lxc-ci.git'
- string:
- name: 'LXC_CI_GIT_BRANCH'
+ name: 'INCUS_CI_GIT_BRANCH'
default: 'main'
- string:
name: 'GO_VERSION'
passphrase-variable: SSH_PASSWORD
- file:
credential-id: 'f3f08275-59ef-42ff-9de5-9beafc7435b8'
- variable: LXD_CLIENT_CERT
+ variable: INCUS_CLIENT_CERT
- file:
credential-id: '0debf23b-191b-4cdf-8a25-04e9a7092a67'
- variable: LXD_CLIENT_KEY
+ variable: INCUS_CLIENT_KEY
- text:
credential-id: SLES_REGISTRATION_CODE_amd64
variable: SLES_REGISTRATION_CODE_amd64
project-type: pipeline
parameters: '{obj:parameters}'
IMAGE_TYPES:
- - lxd
+ - incus
- vm
PROFILES:
- ci-node
name: 'IMAGE_TYPE_FILTER'
choices:
- all
- - lxd
+ - incus
- vm
- choice: &images_parameters_PROFILE_FILTER
name: 'PROFILE_FILTER'
ARCHES:
- amd64
RELEASES:
- # 12.5 Doesn't currently work well with LXD either as a container or a VM
+ # 12.5 Doesn't currently work well with Incus either as a container or a VM
# * 12.5 has systemd 228, which doesn't support cgroups v2. Hosts _could_
# be configured to disable the unified cgroup hierarchy in order to have
# this version systemd work correctly.
# * Running as a QEMU VM, virtio_scsi isn't correctly able to bring the
- # virtual disks online. The version of lxd currently deployed doesn't
+ # virtual disks online. The version of incus currently deployed doesn't
# support the io.bus option to use virtio-blk instead.
# - '12.5'
- '15.4'
VARIANT
GIT_BRANCH
GIT_URL
- LXD_CLIENT_CERT
- LXD_CLIENT_KEY
+ INCUS_CLIENT_CERT
+ INCUS_CLIENT_KEY
TEST
DISTROBUILDER_GIT_URL
DISTROBUILDER_GIT_BRANCH
- LXC_CI_GIT_URL
- LXC_CI_GIT_BRANCH
+ INCUS_CI_GIT_URL
+ INCUS_CI_GIT_BRANCH
GO_VERSION
)
MISSING_VARS=0
INSTANCE_START_TIMEOUT="${INSTANCE_START_TIMEOUT:-120}"
VM_ARG=()
-# Install lxd-client
+# Install incus-client
apt-get update
-apt-get install -y lxd-client
-mkdir -p ~/.config/lxc
-cp "${LXD_CLIENT_CERT}" ~/.config/lxc/client.crt
-cp "${LXD_CLIENT_KEY}" ~/.config/lxc/client.key
+apt-get install -y incus-client
+mkdir -p ~/.config/incus
+cp "${INCUS_CLIENT_CERT}" ~/.config/incus/client.crt
+cp "${INCUS_CLIENT_KEY}" ~/.config/incus/client.key
CLEANUP+=(
- "rm -f ${HOME}/.config/lxc/client.crt"
- "rm -f ${HOME}/.config/lxc/client.key"
+ "rm -f ${HOME}/.config/incus/client.crt"
+ "rm -f ${HOME}/.config/incus/client.key"
)
-lxc remote add ci --accept-certificate --auth-type tls "${LXD_HOST}"
-lxc remote switch ci
+incus remote add ci --accept-certificate --auth-type tls "${INCUS_HOST}"
+incus remote switch ci
-# Exit gracefully if the lxc images: provides the base image
+# Exit gracefully if the incus images: provides the base image
IMAGE_NAME="${OS}/${RELEASE}/${VARIANT}/${ARCH}"
TYPE_FILTER='type=container'
if [[ "${IMAGE_TYPE}" == "vm" ]] ; then
TYPE_FILTER='type=virtual-machine'
fi
-if [[ "$(lxc image list -f csv images:"${IMAGE_NAME}" -- "${TYPE_FILTER}" | wc -l)" != "0" ]] ; then
+if [[ "$(incus image list -f csv images:"${IMAGE_NAME}" -- "${TYPE_FILTER}" | wc -l)" != "0" ]] ; then
echo "Image '${IMAGE_NAME}' provided by 'images:' remote"
exit 0
fi
cd "${WORKSPACE}"
git clone --branch="${GIT_BRANCH}" "${GIT_URL}" ci
-# Get the LXC CI repo
+# Get the INCUS CI repo
cd "${WORKSPACE}"
-git clone --branch="${LXC_CI_GIT_BRANCH}" "${LXC_CI_GIT_URL}" lxc-ci
+git clone --branch="${INCUS_CI_GIT_BRANCH}" "${INCUS_CI_GIT_URL}" incus-ci
IMAGE_DIRS=(
"${WORKSPACE}/ci/automation/images"
- "${WORKSPACE}/lxc-ci/images"
+ "${WORKSPACE}/incus-ci/images"
)
EXTENSIONS=(
'yml'
ROOTFS="${BUILD_DIR}/disk.qcow2"
fi
-# Work-around for lxd not using qemu-system-i386: set the architecture to x86_64
+# Work-around for incus not using qemu-system-i386: set the architecture to x86_64
# which will use qemu-system-x86_64 and still run 32bit userspace/kernels fine.
if [[ "${ARCH}" == "i386" ]] ; then
TMP_DIR=$(mktemp -d)
rm -rf "${TMP_DIR}"
fi
-# When using `lxc image import` two images cannot have the same alias -
+# When using `incus image import` two images cannot have the same alias -
# only the last image imported will keep the alias. Therefore, the
# image type is appended as part of the alias.
IMAGE_NAME="${IMAGE_NAME}/${IMAGE_TYPE}"
-if FINGERPRINT=$(lxc image import "${BUILD_DIR}/incus.tar.xz" "${ROOTFS}" 2>&1 | grep -E -o '[A-Fa-f0-9]{64}') ; then
+if FINGERPRINT=$(incus image import "${BUILD_DIR}/incus.tar.xz" "${ROOTFS}" 2>&1 | grep -E -o '[A-Fa-f0-9]{64}') ; then
echo "Image imported with fingerprint '${FINGERPRINT}'"
else
fail 1 "No fingerprint for imported image"
if [[ "${TEST}" == "true" ]] ; then
set +e
INSTANCE_NAME=''
- if INSTANCE_NAME="$(lxc -q launch -e ${VM_ARG[@]} -p default -p "${LXD_INSTANCE_PROFILE}" "${FINGERPRINT}")" ; then
+ if INSTANCE_NAME="$(incus -q launch -e ${VM_ARG[@]} -p default -p "${INCUS_INSTANCE_PROFILE}" "${FINGERPRINT}")" ; then
INSTANCE_NAME="$(echo "${INSTANCE_NAME}" | cut -d':' -f2 | tr -d ' ')"
CLEANUP+=(
- "lxc stop -f ${INSTANCE_NAME}"
+ "incus stop -f ${INSTANCE_NAME}"
)
else
fail 1 "Failed to launch instance using image '${FINGERPRINT}'"
TIME_REMAINING="${INSTANCE_START_TIMEOUT}"
INSTANCE_STATUS=''
while true ; do
- INSTANCE_STATUS="$(lxc exec "${INSTANCE_NAME}" hostname)"
+ INSTANCE_STATUS="$(incus exec "${INSTANCE_NAME}" hostname)"
if [[ "${INSTANCE_STATUS}" == "${INSTANCE_NAME}" ]] ; then
break
fi
sleep 1
TIME_REMAINING=$((TIME_REMAINING - 1))
if [ "${TIME_REMAINING}" -lt "0" ] ; then
- fail 1 "Timed out waiting for instance to become available via 'lxc exec'"
+ fail 1 "Timed out waiting for instance to become available via 'incus exec'"
fi
done
set -e
fi
-lxc image alias delete "${IMAGE_NAME}" || true
-lxc image alias create "${IMAGE_NAME}" "${FINGERPRINT}"
+incus image alias delete "${IMAGE_NAME}" || true
+incus image alias create "${IMAGE_NAME}" "${FINGERPRINT}"
PROFILE # The ansible group to apply to the new image
GIT_BRANCH # The git branch of the automation repo to checkout
GIT_URL # The git URL of the automation repo to checkout
- LXD_CLIENT_CERT # Path to LXD client certificate
- LXD_CLIENT_KEY # Path to LXD client certificate key
+ INCUS_CLIENT_CERT # Path to INCUS client certificate
+ INCUS_CLIENT_KEY # Path to INCUS client certificate key
SSH_PRIVATE_KEY # Path to SSH private key
TEST # 'true' to test launching published image
)
NETWORK_SLEEP="${NETWORK_SLEEP:-15}"
# Dependencies
-apt-get -y install lxd-client ansible jq
+apt-get -y install incus-client ansible jq
# Configuration
-mkdir -p ~/.config/lxc
-cp "${LXD_CLIENT_CERT}" ~/.config/lxc/client.crt
-cp "${LXD_CLIENT_KEY}" ~/.config/lxc/client.key
+mkdir -p ~/.config/incus
+cp "${INCUS_CLIENT_CERT}" ~/.config/incus/client.crt
+cp "${INCUS_CLIENT_KEY}" ~/.config/incus/client.key
CLEANUP+=(
- "rm -f ${HOME}/.config/lxc/client.crt"
- "rm -f ${HOME}/.config/lxc/client.key"
+ "rm -f ${HOME}/.config/incus/client.crt"
+ "rm -f ${HOME}/.config/incus/client.key"
)
-lxc remote add ci --accept-certificate --auth-type tls "${LXD_HOST}"
-lxc remote switch ci
+incus remote add ci --accept-certificate --auth-type tls "${INCUS_HOST}"
+incus remote switch ci
# Clone lttng-ci
git clone -b "${GIT_BRANCH}" "${GIT_URL}" ci
TRIES_MAX=3
TRIES=0
while [[ "${TRIES}" -lt "${TRIES_MAX}" ]] ; do
- if ! INSTANCE_NAME=$(lxc -q launch "${VM_ARG[@]}" -p default -p "${LXD_INSTANCE_PROFILE}" "${SOURCE_IMAGE_NAME}/${IMAGE_TYPE}") ; then
+ if ! INSTANCE_NAME=$(incus -q launch "${VM_ARG[@]}" -p default -p "${INCUS_INSTANCE_PROFILE}" "${SOURCE_IMAGE_NAME}/${IMAGE_TYPE}") ; then
# Try from images
- if ! INSTANCE_NAME=$(lxc -q launch "${VM_ARG[@]}" -p default -p "${LXD_INSTANCE_PROFILE}" images:"${SOURCE_IMAGE_NAME}") ; then
+ if ! INSTANCE_NAME=$(incus -q launch "${VM_ARG[@]}" -p default -p "${INCUS_INSTANCE_PROFILE}" images:"${SOURCE_IMAGE_NAME}") ; then
TRIES=$((TRIES + 1))
echo "Failed to deployed ephemereal instance attempt ${TRIES}/${TRIES_MAX}"
if [[ "${TRIES}" -lt "${TRIES_MAX}" ]] ; then
set -e
CLEANUP+=(
- "lxc delete -f ${INSTANCE_NAME}"
- "lxc stop ${INSTANCE_NAME}"
+ "incus delete -f ${INSTANCE_NAME}"
+ "incus stop ${INSTANCE_NAME}"
)
# VMs may take more time to start, wait until instance is running
TIME_REMAINING="${INSTANCE_START_TIMEOUT}"
while true ; do
set +e
- INSTANCE_STATUS=$(lxc exec "${INSTANCE_NAME}" hostname)
+ INSTANCE_STATUS=$(incus exec "${INSTANCE_NAME}" hostname)
set -e
if [[ "${INSTANCE_STATUS}" == "${INSTANCE_NAME}" ]] ; then
break
sleep 1
TIME_REMAINING=$((TIME_REMAINING - 1))
if [ "${TIME_REMAINING}" -lt "0" ] ; then
- fail 1 "Timed out waiting for instance to become available via 'lxc exec'"
+ fail 1 "Timed out waiting for instance to become available via 'incus exec'"
fi
done
# It's possible for cloud-init to fail, but to still be able to continue.
# Eg., a profile asks for netplan.io on a system that doesn't have that
# package available.
- lxc exec "${INSTANCE_NAME}" -- cloud-init status -w || true
+ incus exec "${INSTANCE_NAME}" -- cloud-init status -w || true
fi
# Wait for instance to have an ip address (@TODO: is there a better approach?)
# @TODO: Handle case when iputils2 is not installed
INSTANCE_IP=''
POTENTIAL_INTERFACES=(eth0 enp5s0)
-lxc exec "${INSTANCE_NAME}" -- ip a
+incus exec "${INSTANCE_NAME}" -- ip a
set +e
for interface in "${POTENTIAL_INTERFACES[@]}" ; do
- if ! DEV_INFO="$(lxc exec "${INSTANCE_NAME}" -- ip a show dev "${interface}")" ; then
+ if ! DEV_INFO="$(incus exec "${INSTANCE_NAME}" -- ip a show dev "${interface}")" ; then
continue
fi
INSTANCE_IP="$(echo "${DEV_INFO}" | grep -Eo 'inet [^ ]* ' | cut -d' ' -f2 | cut -d'/' -f1)"
fi
ssh-keyscan "${INSTANCE_IP}" >> ~/.ssh/known_hosts2
-#lxc exec "${INSTANCE_NAME}" -- bash -c 'for i in /etc/ssh/ssh_host_*_key ; do ssh-keygen -l -f "$i" ; done' >> "${HOME}/.ssh/known_hosts"
+#incus exec "${INSTANCE_NAME}" -- bash -c 'for i in /etc/ssh/ssh_host_*_key ; do ssh-keygen -l -f "$i" ; done' >> "${HOME}/.ssh/known_hosts"
CLEANUP+=(
"rm -f ${HOME}/.ssh/known_hosts2"
)
"rm -f ${HOME}/.ssh/id_rsa.pub"
"rm -f ${HOME}/.ssh/id_rsa"
)
-lxc file push ~/.ssh/id_rsa.pub "ci:${INSTANCE_NAME}/root/.ssh/authorized_keys2"
+incus file push ~/.ssh/id_rsa.pub "ci:${INSTANCE_NAME}/root/.ssh/authorized_keys2"
# Some distros, eg. Rocky Linux, don't enable the use of authorized_keys2
# by default
-lxc exec "ci:${INSTANCE_NAME}" -- bash -c 'if test -f /etc/redhat-release ; then sed -i "s#^AuthorizedKeysFile.*#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2#" /etc/ssh/sshd_config ; systemctl restart sshd ; fi'
+incus exec "ci:${INSTANCE_NAME}" -- bash -c 'if test -f /etc/redhat-release ; then sed -i "s#^AuthorizedKeysFile.*#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2#" /etc/ssh/sshd_config ; systemctl restart sshd ; fi'
# Confirm working SSH connection
-l "${INSTANCE_IP}" -i fake-inventory
# Graceful shutdown
-lxc stop "${INSTANCE_NAME}"
+incus stop "${INSTANCE_NAME}"
# Publish
-if FINGERPRINT=$(lxc publish "${INSTANCE_NAME}" 2>&1 | grep -E -o '[A-Fa-f0-9]{64}') ; then
+if FINGERPRINT=$(incus publish "${INSTANCE_NAME}" 2>&1 | grep -E -o '[A-Fa-f0-9]{64}') ; then
echo "Published instance with fingerprint '${FINGERPRINT}'"
else
fail 1 "No fingerprint for published instance"
if [[ "${TEST}" == "true" ]] ; then
set +e
while [[ "${TRIES}" -lt "${TRIES_MAX}" ]] ; do
- if ! INSTANCE_NAME=$(lxc -q launch -e "${VM_ARG[@]}" -p default -p "${LXD_INSTANCE_PROFILE}" "${FINGERPRINT}") ; then
+ if ! INSTANCE_NAME=$(incus -q launch -e "${VM_ARG[@]}" -p default -p "${INCUS_INSTANCE_PROFILE}" "${FINGERPRINT}") ; then
TRIES=$((TRIES + 1))
echo "Failed to launch instance try ${TRIES}/${TRIES_MAX}"
if [[ "${TRIES}" -lt "${TRIES_MAX}" ]] ; then
else
INSTANCE_NAME="$(echo "${INSTANCE_NAME}" | cut -d':' -f2 | tr -d ' ')"
CLEANUP+=(
- "lxc stop -f ${INSTANCE_NAME}"
+ "incus stop -f ${INSTANCE_NAME}"
)
break
fi
set -e
fi
-lxc image alias delete "${TARGET_IMAGE_NAME}" || true
-lxc image alias create "${TARGET_IMAGE_NAME}" "${FINGERPRINT}"
+incus image alias delete "${TARGET_IMAGE_NAME}" || true
+incus image alias create "${TARGET_IMAGE_NAME}" "${FINGERPRINT}"
projects / lttng-ci.git / commitdiff
