Commit Graph

40 Commits

Author SHA1 Message Date
Seth Hoenig bf54ef26be build: update golang to 1.17.9 2022-04-21 11:43:01 -05:00
Seth Hoenig 47040391bb ci: ensure package coverage of test-core 2022-04-14 19:04:06 -05:00
Luiz Aoqui 8b2ea6b61b
ci: fix backport target branch pattern (#12571) 2022-04-14 14:12:41 -04:00
claire labry d2a3fa1921
updates for backport assistant (#12311) 2022-04-12 14:01:19 -04:00
Luiz Aoqui cd15e3386c
ci: skip prerelease if triggered by the generate assets workflow (#12504) 2022-04-07 16:04:53 -04:00
claire labry 6f7f7277d5
[Main] Onboard to CRT (#12276) 2022-04-06 11:47:02 -04:00
Seth Hoenig 52aaf86f52 raw_exec: make raw exec driver work with cgroups v2
This PR adds support for the raw_exec driver on systems with only cgroups v2.

The raw exec driver is able to use cgroups to manage processes. This happens
only on Linux, when exec_driver is enabled, and the no_cgroups option is not
set. The driver uses the freezer controller to freeze processes of a task,
issue a sigkill, then unfreeze. Previously the implementation assumed cgroups
v1, and now it also supports cgroups v2.

There is a bit of refactoring in this PR, but the fundamental design remains
the same.

Closes #12351 #12348
2022-04-04 16:11:38 -05:00
Seth Hoenig 4381aa122f ci: correctly ignore subpaths in gha 2022-04-01 09:49:40 -05:00
Seth Hoenig e256afdfee ci: set test log level off in gha 2022-03-25 13:43:33 -05:00
Seth Hoenig e85fbaf0ac ci: cleanup verbose mode and enable for gha
test_checks.sh was removed in 2019 and now just breaks if VERBOSE is
set when running tests via make targets

in GHA, use verbose mode to display what tests are running
2022-03-24 15:15:05 -05:00
Seth Hoenig 2e5c6de820 client: enable support for cgroups v2
This PR introduces support for using Nomad on systems with cgroups v2 [1]
enabled as the cgroups controller mounted on /sys/fs/cgroups. Newer Linux
distros like Ubuntu 21.10 are shipping with cgroups v2 only, causing problems
for Nomad users.

Nomad mostly "just works" with cgroups v2 due to the indirection via libcontainer,
but not so for managing cpuset cgroups. Before, Nomad has been making use of
a feature in v1 where a PID could be a member of more than one cgroup. In v2
this is no longer possible, and so the logic around computing cpuset values
must be modified. When Nomad detects v2, it manages cpuset values in-process,
rather than making use of cgroup heirarchy inheritence via shared/reserved
parents.

Nomad will only activate the v2 logic when it detects cgroups2 is mounted at
/sys/fs/cgroups. This means on systems running in hybrid mode with cgroups2
mounted at /sys/fs/cgroups/unified (as is typical) Nomad will continue to
use the v1 logic, and should operate as before. Systems that do not support
cgroups v2 are also not affected.

When v2 is activated, Nomad will create a parent called nomad.slice (unless
otherwise configured in Client conifg), and create cgroups for tasks using
naming convention <allocID>-<task>.scope. These follow the naming convention
set by systemd and also used by Docker when cgroups v2 is detected.

Client nodes now export a new fingerprint attribute, unique.cgroups.version
which will be set to 'v1' or 'v2' to indicate the cgroups regime in use by
Nomad.

The new cpuset management strategy fixes #11705, where docker tasks that
spawned processes on startup would "leak". In cgroups v2, the PIDs are
started in the cgroup they will always live in, and thus the cause of
the leak is eliminated.

[1] https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v2.html

Closes #11289
Fixes #11705 #11773 #11933
2022-03-23 11:35:27 -05:00
Seth Hoenig 8eea6e3aa3 ci: scope to push, ignore more dirs, update go update script 2022-03-18 12:47:38 -05:00
Seth Hoenig 57bd480062 ci: turn on testing in github actions 2022-03-18 11:12:24 -05:00
Luiz Aoqui 5e9f4be2a1
ci: add semgrep (#11934) 2022-01-26 16:32:47 -05:00
Kevin Wang 9f9e813515
fix: backport release branch target (#11627) 2021-12-07 09:45:46 -05:00
Kevin Wang f3104cadab
feat: `backport.yml` (#11613) 2021-12-06 17:35:33 -05:00
Luiz Aoqui c80f760db7
ui: update node version in GitHub Actions 2021-11-05 20:33:40 -04:00
Luiz Aoqui 84416303b2
dependabot: set proper theme/* labels (#11154) 2021-09-10 09:41:05 -04:00
Kent 'picat' Gruber 907442656f Add configuration for `/api` using Go modules 2021-09-03 08:43:05 -04:00
Kent 'picat' Gruber b70ad3c190 Add configuration for `/website` using NPM 2021-07-29 11:03:26 -04:00
Kent 'picat' Gruber ec69a71c63 Add initial Dependabot configuration 2021-07-29 10:52:25 -04:00
Zachary Shilton 9f14bb2c67
website: support hidden pages in nav-data (#10510)
* website: bump to docs-page prerelease with hidden page support

* website: remove temp check for hidden pages, covered by docs-page

* website: bump to stable docs-page, w next-mdx-remote bump
2021-05-06 13:20:03 -04:00
Zachary Shilton b1bd139c3c
website: add check for unlinked content (#10425)
* website: add unlinked content check

* website: remove unused guides-navigation.js
2021-04-23 11:11:09 -04:00
Drew Bailey 08f02ecf3b
fix typo (#10112) 2021-03-03 15:16:57 -05:00
Drew Bailey e5a854017c
adds issue templates for bugs and features, links to discuss, learn guides (#10111)
* adds issue templates for bugs and features, links to discuss and learn guides

* fix smart quotes
2021-03-03 14:59:57 -05:00
Buck Doyle 528b13f69d
Fix audit workflow action versions (#9877)
This fixes the version reference error seen in this workflow failure:
https://github.com/hashicorp/nomad/actions/runs/504695096

I’ve also included an update to the sticky comment action version to address this warning in the above link:

marocchino/sticky-pull-request-comment@33a6cfb looks like the shortened version of a commit SHA. Referencing actions by the short SHA will be disabled soon. Please see https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions.

We were previously using 33a6cfb after the maintainer merged my PR to allow the comment to be read from a file, there was no released version with that, but it’s now included in v2.0.0.
2021-01-26 09:06:22 -06:00
Buck Doyle 27f73f2b7b
Change to fork of audit to log flaky tests (#9518)
This will report the names of flaky tests instead of just counting them.
2021-01-21 08:25:16 -06:00
Jamie Finnigan a70dbe9a6a remove local SECURITY.md in favor of org-wide policy 2020-08-24 15:41:28 -07:00
Tim Gross b56b0a1c8e
remove stalebot (#8466)
Bring Nomad in line with other HashiCorp projects and remove stalebot. We get
little value in cleaning up issues automatically this way, it adds extra work
for maintainers when we have issues waiting on the backlog that we intend to
do, and it presents an unkind experience to issue contributors who get their
issues closed by an impersonal bot.
2020-07-20 14:50:32 -04:00
Buck Doyle 14e540cf46
Remove minor version from audit comparison action (#8048)
Making this less specific means we can benefit from updates
to the action without needing to change the workflow, such
as the bug fix in backspace/ember-test-audit-comparison-action@a87d252,
which addresses the incorrect duration delta here:
https://github.com/hashicorp/nomad/pull/7964#issuecomment-632351171
2020-05-26 15:34:12 -05:00
Buck Doyle b3164e50f7
Add test-timing comparison for UI PRs (#7929)
This runs ember-test-audit for UI PRs to compare how long
the tests take for the base vs the PR. It posts or updates
a comparison of times and test count.

It’s somewhat slow to report back as it runs the test suite
three times to even out variability in a shared environment.
If we end up being unhappy with that slowness, we could try
running the repetitions in parallel as well, but that would
involve more changes to ember-test-audit.
2020-05-21 11:41:13 -05:00
Buck Doyle 111edc35d0
Add asset size workflow (#7864)
This uses a fork of the Ember Asset Size Action to report on changes to
the filesizes of the production UI build as a comment to the PR. The
fork includes fixes to make it work with a subdirectory (ui/ in our
case) and to make it update the PR comment if it exists vs posting
repeatedly to the thread.
2020-05-14 12:45:36 -05:00
Mahmood Ali d539052f68
Revert "Add the digital marketing team as the code owners for the website dir" 2020-02-19 12:25:42 -06:00
Michael Lange 1e9b62cf0c Add the digital marketing team as the code owners for the website dir 2020-01-23 13:37:37 -08:00
Michael Schurter f731284cea docs: link to security page on website
Add link to https://www.nomadproject.io/security.html
2019-10-15 12:56:48 -07:00
Danielle 79ced20e20 stalebot: Add 'thinking' as an exempt label (#5684) 2019-05-10 11:00:35 -04:00
Danielle d529023040
Merge pull request #5375 from hashicorp/dani/stale-issues
Setup probot/stale
2019-05-10 16:53:05 +02:00
Michael Schurter ebaaf5e212 Mention nomad-oss-debug in issue template
Also reordered the sections to put the logs at the end.
2019-04-02 10:07:06 -07:00
Danielle Tomlinson bc13478d73 chore: Setup probot/stale 2019-03-01 13:30:19 +01:00
Charlie Voiselle 42718cd9f5 Created .github; Added CoC 2019-02-22 10:49:05 -08:00