Add VM infrastructure smoke test
This adds an E2E test which exercises the VM infrastructure (Kubernetes, KVM device plugin and QEMU).
This test should ensure that nobody breaks the core infrastructure Metropolis VMs rely on.
Test Plan: This is a test
X-Origin-Diff: phab/D740
GitOrigin-RevId: ddf629725dfb664ace5a50efee9ed9442962d6f7
diff --git a/build/static_binary_tarball/BUILD.bazel b/build/static_binary_tarball/BUILD.bazel
new file mode 100644
index 0000000..7308262
--- /dev/null
+++ b/build/static_binary_tarball/BUILD.bazel
@@ -0,0 +1,18 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
+
+go_library(
+ name = "go_default_library",
+ srcs = ["main.go"],
+ importpath = "source.monogon.dev/build/static_binary_tarball",
+ visibility = ["//visibility:private"],
+ deps = [
+ "//build/static_binary_tarball/spec:go_default_library",
+ "@org_golang_google_protobuf//encoding/prototext:go_default_library",
+ ],
+)
+
+go_binary(
+ name = "static_binary_tarball",
+ embed = [":go_default_library"],
+ visibility = ["//visibility:public"],
+)
diff --git a/build/static_binary_tarball/def.bzl b/build/static_binary_tarball/def.bzl
new file mode 100644
index 0000000..1b24b18
--- /dev/null
+++ b/build/static_binary_tarball/def.bzl
@@ -0,0 +1,77 @@
+# Copyright 2020 The Monogon Project Authors.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+load("//metropolis/node/build:def.bzl", "build_static_transition")
+
+def _static_binary_tarball_impl(ctx):
+ layer_spec = ctx.actions.declare_file(ctx.label.name + ".prototxt")
+ if len(ctx.attr.executable) != 1:
+ fail("executable arg can only contain one file/label")
+ executable_label = ctx.attr.executable[0]
+ executable = executable_label[DefaultInfo].files_to_run.executable
+ runfiles = executable_label[DefaultInfo].default_runfiles
+ files = []
+ for file in runfiles.files.to_list():
+ layer_path = file.short_path
+
+ # Weird shenanigans with external repos
+ if layer_path.startswith("../"):
+ layer_path = "external/" + layer_path[3:]
+ files.append(struct(
+ path = layer_path,
+ src = file.path,
+ ))
+ ctx.actions.write(layer_spec, proto.encode_text(struct(file = files)))
+
+ layer_out = ctx.actions.declare_file(ctx.label.name + ".tar")
+ ctx.actions.run(
+ outputs = [layer_out],
+ inputs = [layer_spec, executable] + runfiles.files.to_list(),
+ tools = [ctx.executable._container_binary],
+ executable = ctx.executable._container_binary,
+ arguments = ["-out", layer_out.path, "-spec", layer_spec.path],
+ )
+
+ return [DefaultInfo(files = depset([layer_out]), runfiles = ctx.runfiles(files = [layer_out]))]
+
+static_binary_tarball = rule(
+ implementation = _static_binary_tarball_impl,
+ doc = """
+ Build a tarball from a binary given in `executable` and its runfiles. Everything will be put under
+ /app with the same filesystem layout as if run under `bazel run`. So if your executable works under bazel run,
+ it will work when packaged with this rule with the exception of runfile manifests, which this rule currently
+ doesn't support.
+ """,
+ attrs = {
+ "executable": attr.label(
+ mandatory = True,
+ executable = True,
+ allow_single_file = True,
+ cfg = build_static_transition,
+ ),
+ "_container_binary": attr.label(
+ default = Label("//build/static_binary_tarball"),
+ cfg = "exec",
+ executable = True,
+ allow_files = True,
+ ),
+
+ # Allow for transitions to be attached to this rule.
+ "_whitelist_function_transition": attr.label(
+ default = "@bazel_tools//tools/whitelists/function_transition_whitelist",
+ ),
+ },
+)
diff --git a/build/static_binary_tarball/main.go b/build/static_binary_tarball/main.go
new file mode 100644
index 0000000..4d72f0e
--- /dev/null
+++ b/build/static_binary_tarball/main.go
@@ -0,0 +1,96 @@
+// Copyright 2020 The Monogon Project Authors.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package main
+
+import (
+ "archive/tar"
+ "flag"
+ "io"
+ "io/ioutil"
+ "log"
+ "os"
+ "path"
+ "strings"
+
+ "google.golang.org/protobuf/encoding/prototext"
+ "source.monogon.dev/build/static_binary_tarball/spec"
+)
+
+var (
+ specPath = flag.String("spec", "", "Path to the layer specification (spec.Spec)")
+ outPath = flag.String("out", "", "Output file path")
+)
+
+func main() {
+ flag.Parse()
+ var spec spec.Spec
+ specRaw, err := ioutil.ReadFile(*specPath)
+ if err != nil {
+ log.Fatalf("failed to open spec file: %v", err)
+ }
+ if err := prototext.Unmarshal(specRaw, &spec); err != nil {
+ log.Fatalf("failed to unmarshal spec: %v", err)
+ }
+ outFile, err := os.Create(*outPath)
+ if err != nil {
+ log.Fatalf("failed to open output: %v", err)
+ }
+ defer outFile.Close()
+ outTar := tar.NewWriter(outFile)
+ defer outTar.Close()
+ createdDirs := make(map[string]bool)
+ for _, file := range spec.File {
+ srcFile, err := os.Open(file.Src)
+ if err != nil {
+ log.Fatalf("failed to open input file: %v", err)
+ }
+ info, err := srcFile.Stat()
+ if err != nil {
+ log.Fatalf("cannot stat input file: %v", err)
+ }
+ var mode int64 = 0644
+ if info.Mode()&0111 != 0 {
+ mode = 0755
+ }
+ targetPath := path.Join("app", file.Path)
+ targetDirParts := strings.Split(path.Dir(targetPath), "/")
+ var partialDir string
+ for _, part := range targetDirParts {
+ partialDir = path.Join(partialDir, part)
+ if !createdDirs[partialDir] {
+ if err := outTar.WriteHeader(&tar.Header{
+ Typeflag: tar.TypeDir,
+ Name: partialDir,
+ Mode: 0755,
+ }); err != nil {
+ log.Fatalf("failed to write directory: %v", err)
+ }
+ createdDirs[partialDir] = true
+ }
+ }
+ if err := outTar.WriteHeader(&tar.Header{
+ Name: targetPath,
+ Size: info.Size(),
+ Mode: mode,
+ }); err != nil {
+ log.Fatalf("failed to write header: %v", err)
+ }
+ if _, err := io.Copy(outTar, srcFile); err != nil {
+ log.Fatalf("failed to copy file into tar: %v", err)
+ }
+ }
+}
diff --git a/build/static_binary_tarball/spec/BUILD.bazel b/build/static_binary_tarball/spec/BUILD.bazel
new file mode 100644
index 0000000..e79a202
--- /dev/null
+++ b/build/static_binary_tarball/spec/BUILD.bazel
@@ -0,0 +1,23 @@
+load("@rules_proto//proto:defs.bzl", "proto_library")
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
+
+proto_library(
+ name = "spec_proto",
+ srcs = ["spec.proto"],
+ visibility = ["//visibility:public"],
+)
+
+go_proto_library(
+ name = "spec_go_proto",
+ importpath = "source.monogon.dev/build/static_binary_tarball/spec",
+ proto = ":spec_proto",
+ visibility = ["//visibility:public"],
+)
+
+go_library(
+ name = "go_default_library",
+ embed = [":spec_go_proto"],
+ importpath = "source.monogon.dev/build/static_binary_tarball/spec",
+ visibility = ["//visibility:public"],
+)
diff --git a/build/static_binary_tarball/spec/spec.proto b/build/static_binary_tarball/spec/spec.proto
new file mode 100644
index 0000000..b47d137
--- /dev/null
+++ b/build/static_binary_tarball/spec/spec.proto
@@ -0,0 +1,32 @@
+// Copyright 2020 The Monogon Project Authors.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package spec;
+
+// Spec is a spec of what goes into a static_binary_tarball
+message Spec {
+ repeated File file = 1;
+}
+
+// File is a single file in the tarball
+message File {
+ // src contains the path of the file on the build host
+ string src = 1;
+ // path contains the path in the tarball
+ string path = 2;
+}
\ No newline at end of file