search

kata-containers / ci

Kata Containers CI
http://jenkins.katacontainers.io/view/CI%20Status/
Apache License 2.0
13 stars 34 forks source link

jobs-builder: introduce the confidential-containers-ci job #535

Closed wainersm closed 1 year ago

wainersm commented 1 year ago

This introduces the confidential-containers-ci job which is going to monitor the kata-containers, kata-containers/tests and confidential-containers/operator for changes. Once any change is detected it will wait the runtime-payload-ci image for the kata-containers latest commit be built. Afterwards it triggers in parallel the Operator CI jobs which will leverage the new payload.

Currently it triggers only the non-TEE jobs for kata-qemu and kata-clh

I published the job manually yesterday (http://jenkins.katacontainers.io/job/confidential-containers-ci/). It seems to be working fine, at least the triggering, as the job 11 (http://jenkins.katacontainers.io/job/confidential-containers-ci/11/) ran on response to the changes merged on the kata-containers/tests repository.

Cc @fidencio @stevenhorsman

wainersm commented 1 year ago

Hi @stevenhorsman !

Thanks for this Wainer, it looks like a great start to get some ci/cd. Some general thoughts (not blockers to merging this, just general observations on how we might extend/enhance this in future):

* As mentioned in [confidential-containers/operator#169 (comment)](https://github.com/confidential-containers/operator/pull/169#issuecomment-1462115900) - maybe we could 'promote' the kata-runtime image that passes these tests to a new `latest-tested` tag, or similar, so we can always point to what we believe is a good payload image in the operator code base

That's an interesting idea. Added an issue to track it: https://github.com/kata-containers/ci/issues/537

* Expand this to run different architectures/configurations when we get more capacity on machines

It's on my roadmap for this job. I didn't add for sev and s390x yet because I am monitoring the job to see if it is stable. Added an issue too: https://github.com/kata-containers/ci/issues/538

* Work on the results - at the moment the clh & qemu tests are interleaved which is a bit tricky to follow but doable, if we expanded to add the sev, s390x then we might have more of a challenge

Click on "Open Blue Ocean" link at left panel at http://jenkins.katacontainers.io/job/confidential-containers-ci/ . The blue ocean is like a revamp of Jenkins for pipeline jobs, it will have a much better view of the job. For example, http://jenkins.katacontainers.io/blue/organizations/jenkins/confidential-containers-ci/detail/confidential-containers-ci/15/pipeline , clicking on any step it will show the logs of only that step.