Commit Graph

70 Commits

Author SHA1 Message Date
Luiz Aoqui d3714b68e5
ci: notify on backport-assistant errors (#15203) 2022-11-10 16:11:26 -05:00
Luiz Aoqui d23203b7e4
ci: re-enable tests on main (#15204)
Now that the tests are grouped more tightly we don't use as many runners
as before, so we can re-enable these without clogging the queue.
2022-11-10 13:51:37 -05:00
Seth Hoenig a0bdc67d6a
build: update to go1.19.3 (#15099) 2022-11-01 15:54:49 -05:00
Seth Hoenig 4f3a1e6f7d
ci: use groups of tests in gha (#15018)
* [no ci] use json for grouping packages for testing

* [no ci] able to get packages in group

* [no ci] able to run groups of tests

* [no ci] more

* [no ci] try disable circle unit tests

* ci: use actions/checkout@v3

* ci: rename to quick

* ci: need make dev in mods cache step

* ci: make compile step depend on checks step

* ci: bump consul and vault versions

* ci: need make dev for group tests

* ci: update ci unit testing docs

* docs: spell plumbing correctly

Co-authored-by: Tim Gross <tgross@hashicorp.com>

Co-authored-by: Tim Gross <tgross@hashicorp.com>
2022-10-27 09:02:58 -05:00
Seth Hoenig dd2999d6af
ci: add -core suffix to mods action (#15015)
Forgot to add this line to the new mods action; without it, it
creates a cache different from the one used by the other jobs.
2022-10-24 08:49:01 -05:00
Seth Hoenig 91d29e6449
ci: use the same go mod cache across test-core jobs (#15006)
* ci: use the same go mod cache for test-core jobs

* ci: precache go modules

* ci: add a mods precache job
2022-10-21 17:38:45 -05:00
Tim Gross 6263c8b323
lock closed issues and PRs after 120 days (#14824)
When community members comment on long-closed issues, there's a number of
failure modes that make for a bad experience for them:

* Their comments are often missed entirely because notification settings make it
  impractical for most developers to read comments on inactive issues.

* In our experience, the problem is only rarely a regression; because failures
  are complex, totally different code paths can result in symptoms that initially
  appear to be the same but turn out to be completely different under close
  examination. This is particularly the case for issues fixed in very old
  versions (sometimes 2 or more years old).

The Terraform core team uses a bot that locks issues after only 30 days. But
because we typically close issues automatically on PR merge but don't have
rolling releases, it'd frequently happen that unrelease fixes will have locked
comments, which isn't a good experience either. I've looked through the pace of
releases since Nomad 0.9.0 and the longest window between releases was 3
months. Set the window for the lock bot to 120 days to give us plenty of
breathing room so it doesn't feel like we're shutting down discussion
prematurely.
2022-10-06 16:18:00 -04:00
Tim Gross a3ff23608c
deps: use install from current HEAD for `hc-install` (#14786)
The `hc-install` tool we're using needed a patch for a specific bug, but that's
since been merged. We definitely want to switch to using a standard release from
that project once one is shipped with the CLI, but pinning to HEAD should keep
us for now.
2022-10-04 08:22:30 -04:00
Seth Hoenig 3f29e59e6e
build: update go version to go1.19.1 (#14653)
minor update, no CL needed
2022-09-22 09:40:01 -05:00
Luiz Aoqui ad48401219
chore: move changelog file to the right folder (#14639) 2022-09-21 13:50:22 -04:00
Luiz Aoqui c3c8ae584f
api: provide more detail on ACL bootstrap request error (#14629) 2022-09-20 21:20:04 -04:00
Seth Hoenig bf0e83e3a0
deps: run all dependabot configs over the weekend (#14608) 2022-09-16 10:50:57 -05:00
Seth Hoenig c9bbe5230d
ci: no need to run unit tests for e2e/ui changes (#14607) 2022-09-16 09:58:06 -05:00
Seth Hoenig 91e32eec9b build: update to go1.19 2022-08-16 08:40:57 -05:00
Luiz Aoqui e91d36902f
ci: delete generated files after build (#14070)
The generated files are created as part of the final build process but
should not present in the repository afterwards.
2022-08-10 20:36:03 -04:00
Seth Hoenig 35c76098d6 build: update to go1.18.5 2022-08-02 07:36:35 -05:00
Michael Schurter adb3de7abb
deps: run dependabot weekly (#13723) 2022-07-12 12:50:09 -07:00
Seth Hoenig 8392ee8988 build: update to go1.18.3
Release Notes:
https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg

Contains 4 security fixes - the 2 related to Windows might be relevant.
2022-07-01 10:12:56 -05:00
Charlie Voiselle a5045b3f0f
Quote assignees value to fix dependabot.yaml parsing error (#13372) 2022-06-14 15:07:52 -04:00
Luiz Aoqui 5adec31cea
ci: remove step that generates GO_LDFLAGS (#13314)
These flags were not being used because GNUmakefile overwrites them with
another value. We also don't want to set `-s -w` since they remove
information that is important for production debug.

In other projects this variable is used to override the default `-dev`
prerelease that is set even if `VersionPrerelease` is empty, but in
Nomad this check is never actually done because this conditional in
`version/version.go` is always false:

```go
func GetVersion() *VersionInfo {
  // ...
  rel := VersionPrerelease
  // ...
  if GitDescribe == "" && rel == "" && VersionPrerelease != "" {
    rel = "dev"
  }
  // ...
}
```

This seems like some leftover from a previous release process, but I
decided the leave the code as is.
2022-06-14 12:36:15 -04:00
Tim Gross 141823da58
website: set dependabot assignees (#12969)
The website build code has been moved out to another repository, so
what's remaining here is local development tooling. Assign these PRs to
the web platform team, but also cut down on the noise we're sending
their way.
2022-06-01 11:40:32 -04:00
Seth Hoenig f7c0e078a9 build: update golang version to 1.18.2
This PR update to Go 1.18.2. Also update the versions of hclfmt
and go-hclogfmt which includes newer dependencies necessary for dealing
with go1.18.

The hcl v2 branch is now 'nomad-v2.9.1+tweaks2', to include a fix for
newer macOS versions: 8927e75e82
2022-05-25 10:04:04 -05:00
Seth Hoenig 626a345fb2 ci: switch to 22.04 LTS for GHA Core CI tests 2022-05-25 08:19:40 -05:00
Thomas Wunderlich ba6f81d843
Use the postinstall script
It appears that the postinstall script was created but never used.
This change is to actually use the post-install script.
2022-05-19 12:49:44 -04:00
Luiz Aoqui eb50273b32
ci: update backport assitant workflow (#12899)
Remove the step to automatically backport `backport/website` PRs to the
latest release. This will be done manually by adding the proper tags.

Also use squash backports to match the pattern we use for `main`.
2022-05-06 10:15:59 -04:00
Luiz Aoqui c502a249b9
ci: revert file changes and add some checks (#12873)
During the release there are several files that need to be modified:

  - .release/ci.hcl: the notification channel needs to be updated to a
    channel with greater team visibility during the release.
  - version/version.go: the Version and VersionPrerelease variables
    need to be set so they match the release version.

After the release these files need to be reverted.

For GA releases the following additional changes also need to happen:

  - version/version.go: the Version variable needs to be bumped to the
    next version number.
  - GNUMakefile: the LAST_RELEASE variable needs to be set to the
    version that was just released.

Since the release process will commit file changes to the branch being
used for the release, it should _never_ run on main, so the first step
is now to protect against that.

It also adds a validation to make the user input version is correct.

After looking at the different release options and steps I noticed that
automatic CHANGELOG generation is actually the exception, so it would be
better to have the default to be false.
2022-05-05 18:07:51 -04:00
Phil Renaud b67bd4c377
Percy snapshot tests (#12872)
* Sample percy test added

* Node engine up to 14.x for UI prep

* Force ui test rerun

* Updated config.yml

* Node v upgraded to 14 for docker image

* Expect length in test

* Running ember tests under percy exec

* Percy exec format

* Percy cli added

* Noop to rerun tests with updated percy_token

* Evals full list and details open snapshots

* Pretty legit use of assert so disable the warning

* Jobs list tests

* Snapshots for top-level clients, servers, ACL, topology, and storage lists

* Expect caveat for Topology test

* Stabilizing tests with faker seeded to 1

* Seed-stabilizing any tests with percySnapshots

* Faker import

* Drop unused param

* Assets and test audit using an older node version

* New strategy: avoid seeding, just use percyCSS to hide certain things
2022-05-05 16:05:13 -04:00
Luiz Aoqui 6c3473b778
ci: update the `hashicorp/actions-generate-metadata` action version (#12813) 2022-04-28 15:24:55 -04:00
Luiz Aoqui 0830e3c787
ci: fix build workflow trigger on push (#12806) 2022-04-28 11:15:54 -04:00
Luiz Aoqui cca49a054f
ci: setup release process with CRT (#12781) 2022-04-27 20:14:23 -04:00
Seth Hoenig bf54ef26be build: update golang to 1.17.9 2022-04-21 11:43:01 -05:00
Seth Hoenig 47040391bb ci: ensure package coverage of test-core 2022-04-14 19:04:06 -05:00
Luiz Aoqui 8b2ea6b61b
ci: fix backport target branch pattern (#12571) 2022-04-14 14:12:41 -04:00
claire labry d2a3fa1921
updates for backport assistant (#12311) 2022-04-12 14:01:19 -04:00
Luiz Aoqui cd15e3386c
ci: skip prerelease if triggered by the generate assets workflow (#12504) 2022-04-07 16:04:53 -04:00
claire labry 6f7f7277d5
[Main] Onboard to CRT (#12276) 2022-04-06 11:47:02 -04:00
Seth Hoenig 52aaf86f52 raw_exec: make raw exec driver work with cgroups v2
This PR adds support for the raw_exec driver on systems with only cgroups v2.

The raw exec driver is able to use cgroups to manage processes. This happens
only on Linux, when exec_driver is enabled, and the no_cgroups option is not
set. The driver uses the freezer controller to freeze processes of a task,
issue a sigkill, then unfreeze. Previously the implementation assumed cgroups
v1, and now it also supports cgroups v2.

There is a bit of refactoring in this PR, but the fundamental design remains
the same.

Closes #12351 #12348
2022-04-04 16:11:38 -05:00
Seth Hoenig 4381aa122f ci: correctly ignore subpaths in gha 2022-04-01 09:49:40 -05:00
Seth Hoenig e256afdfee ci: set test log level off in gha 2022-03-25 13:43:33 -05:00
Seth Hoenig e85fbaf0ac ci: cleanup verbose mode and enable for gha
test_checks.sh was removed in 2019 and now just breaks if VERBOSE is
set when running tests via make targets

in GHA, use verbose mode to display what tests are running
2022-03-24 15:15:05 -05:00
Seth Hoenig 2e5c6de820 client: enable support for cgroups v2
This PR introduces support for using Nomad on systems with cgroups v2 [1]
enabled as the cgroups controller mounted on /sys/fs/cgroups. Newer Linux
distros like Ubuntu 21.10 are shipping with cgroups v2 only, causing problems
for Nomad users.

Nomad mostly "just works" with cgroups v2 due to the indirection via libcontainer,
but not so for managing cpuset cgroups. Before, Nomad has been making use of
a feature in v1 where a PID could be a member of more than one cgroup. In v2
this is no longer possible, and so the logic around computing cpuset values
must be modified. When Nomad detects v2, it manages cpuset values in-process,
rather than making use of cgroup heirarchy inheritence via shared/reserved
parents.

Nomad will only activate the v2 logic when it detects cgroups2 is mounted at
/sys/fs/cgroups. This means on systems running in hybrid mode with cgroups2
mounted at /sys/fs/cgroups/unified (as is typical) Nomad will continue to
use the v1 logic, and should operate as before. Systems that do not support
cgroups v2 are also not affected.

When v2 is activated, Nomad will create a parent called nomad.slice (unless
otherwise configured in Client conifg), and create cgroups for tasks using
naming convention <allocID>-<task>.scope. These follow the naming convention
set by systemd and also used by Docker when cgroups v2 is detected.

Client nodes now export a new fingerprint attribute, unique.cgroups.version
which will be set to 'v1' or 'v2' to indicate the cgroups regime in use by
Nomad.

The new cpuset management strategy fixes #11705, where docker tasks that
spawned processes on startup would "leak". In cgroups v2, the PIDs are
started in the cgroup they will always live in, and thus the cause of
the leak is eliminated.

[1] https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v2.html

Closes #11289
Fixes #11705 #11773 #11933
2022-03-23 11:35:27 -05:00
Seth Hoenig 8eea6e3aa3 ci: scope to push, ignore more dirs, update go update script 2022-03-18 12:47:38 -05:00
Seth Hoenig 57bd480062 ci: turn on testing in github actions 2022-03-18 11:12:24 -05:00
Luiz Aoqui 5e9f4be2a1
ci: add semgrep (#11934) 2022-01-26 16:32:47 -05:00
Kevin Wang 9f9e813515
fix: backport release branch target (#11627) 2021-12-07 09:45:46 -05:00
Kevin Wang f3104cadab
feat: `backport.yml` (#11613) 2021-12-06 17:35:33 -05:00
Luiz Aoqui c80f760db7
ui: update node version in GitHub Actions 2021-11-05 20:33:40 -04:00
Luiz Aoqui 84416303b2
dependabot: set proper theme/* labels (#11154) 2021-09-10 09:41:05 -04:00
Kent 'picat' Gruber 907442656f Add configuration for `/api` using Go modules 2021-09-03 08:43:05 -04:00
Kent 'picat' Gruber b70ad3c190 Add configuration for `/website` using NPM 2021-07-29 11:03:26 -04:00