diff --git a/.github/workflows/package-smoketest.yml b/.github/workflows/package-smoketest.yml
index 6ab04ac9d..2c90fed39 100644
--- a/.github/workflows/package-smoketest.yml
+++ b/.github/workflows/package-smoketest.yml
@@ -1,259 +1,258 @@
name: VyOS ISO integration Test
on:
pull_request_target:
branches:
- current
paths:
- '**'
- '!.github/**'
- '!**/*.md'
permissions:
pull-requests: write
contents: read
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed for PR comments
BUILD_BY: autobuild@vyos.net
DEBIAN_MIRROR: http://deb.debian.org/debian/
DEBIAN_SECURITY_MIRROR: http://deb.debian.org/debian-security
VYOS_MIRROR: https://packages.vyos.net/repositories/current/
jobs:
build_iso:
runs-on: ubuntu-24.04
timeout-minutes: 45
if: github.repository == 'vyos/vyos-1x'
container:
image: vyos/vyos-build:current
options: --sysctl net.ipv6.conf.lo.disable_ipv6=0 --privileged
outputs:
build_version: ${{ steps.version.outputs.build_version }}
steps:
- name: Clone vyos-build source code
uses: actions/checkout@v4
with:
repository: vyos/vyos-build
- name: Clone vyos-1x source code
uses: actions/checkout@v4
with:
path: packages/vyos-1x
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
- name: Build vyos-1x package
run: |
- eval $(opam env --root=/opt/opam --set-root)
cd packages/vyos-1x; dpkg-buildpackage -uc -us -tc -b
- name: Generate ISO version string
id: version
run: |
echo "build_version=1.5-integration-$(date -u +%Y%m%d%H%M)" >> $GITHUB_OUTPUT
- name: Build custom ISO image
shell: bash
run: |
sudo --preserve-env ./build-vyos-image \
--architecture amd64 \
--build-by $BUILD_BY \
--build-type release \
--custom-package vyos-1x-smoketest \
--debian-mirror $DEBIAN_MIRROR \
--debian-security-mirror $DEBIAN_SECURITY_MIRROR \
--version ${{ steps.version.outputs.build_version }} \
--vyos-mirror $VYOS_MIRROR \
generic
- uses: actions/upload-artifact@v4
with:
retention-days: 2
name: vyos-${{ steps.version.outputs.build_version }}
path: |
build/live-image-amd64.hybrid.iso
build/manifest.json
test_smoketest_cli:
needs: build_iso
runs-on: ubuntu-24.04
timeout-minutes: 180
container:
image: vyos/vyos-build:current
options: --sysctl net.ipv6.conf.lo.disable_ipv6=0 --privileged
outputs:
exit_code: ${{ steps.test.outputs.exit_code }}
steps:
# We need the test script from vyos-build repo
- name: Clone vyos-build source code
uses: actions/checkout@v4
with:
repository: vyos/vyos-build
- uses: actions/download-artifact@v4
with:
name: vyos-${{ needs.build_iso.outputs.build_version }}
path: build
- name: VyOS CLI smoketests (no interfaces)
id: test
shell: bash
run: |
set -e
sudo make test-no-interfaces
if [[ $? == 0 ]]; then
echo "exit_code=success" >> $GITHUB_OUTPUT
else
echo "exit_code=fail" >> $GITHUB_OUTPUT
fi
test_interfaces_cli:
needs: build_iso
runs-on: ubuntu-24.04
timeout-minutes: 180
container:
image: vyos/vyos-build:current
options: --sysctl net.ipv6.conf.lo.disable_ipv6=0 --privileged
outputs:
exit_code: ${{ steps.test.outputs.exit_code }}
steps:
# We need the test script from vyos-build repo
- name: Clone vyos-build source code
uses: actions/checkout@v4
with:
repository: vyos/vyos-build
- uses: actions/download-artifact@v4
with:
name: vyos-${{ needs.build_iso.outputs.build_version }}
path: build
- name: VyOS CLI smoketests (interfaces only)
id: test
shell: bash
run: |
set -e
sudo make test-interfaces
if [[ $? == 0 ]]; then
echo "exit_code=success" >> $GITHUB_OUTPUT
else
echo "exit_code=fail" >> $GITHUB_OUTPUT
fi
test_config_load:
needs: build_iso
runs-on: ubuntu-24.04
timeout-minutes: 90
container:
image: vyos/vyos-build:current
options: --sysctl net.ipv6.conf.lo.disable_ipv6=0 --privileged
outputs:
exit_code: ${{ steps.test.outputs.exit_code }}
steps:
# We need the test script from vyos-build repo
- name: Clone vyos-build source code
uses: actions/checkout@v4
with:
repository: vyos/vyos-build
- uses: actions/download-artifact@v4
with:
name: vyos-${{ needs.build_iso.outputs.build_version }}
path: build
- name: VyOS config load tests
id: test
shell: bash
run: |
set -e
sudo make testc
if [[ $? == 0 ]]; then
echo "exit_code=success" >> $GITHUB_OUTPUT
else
echo "exit_code=fail" >> $GITHUB_OUTPUT
fi
test_raid1_install:
needs: build_iso
runs-on: ubuntu-24.04
timeout-minutes: 20
container:
image: vyos/vyos-build:current
options: --sysctl net.ipv6.conf.lo.disable_ipv6=0 --privileged
outputs:
exit_code: ${{ steps.test.outputs.exit_code }}
steps:
# We need the test script from vyos-build repo
- name: Clone vyos-build source code
uses: actions/checkout@v4
with:
repository: vyos/vyos-build
- uses: actions/download-artifact@v4
with:
name: vyos-${{ needs.build_iso.outputs.build_version }}
path: build
- name: VyOS RAID1 installation tests
id: test
shell: bash
run: |
set -e
sudo make testraid
if [[ $? == 0 ]]; then
echo "exit_code=success" >> $GITHUB_OUTPUT
else
echo "exit_code=fail" >> $GITHUB_OUTPUT
fi
test_encrypted_config_tpm:
needs: build_iso
runs-on: ubuntu-24.04
timeout-minutes: 30
container:
image: vyos/vyos-build:current
options: --sysctl net.ipv6.conf.lo.disable_ipv6=0 --privileged
outputs:
exit_code: ${{ steps.test.outputs.exit_code }}
steps:
# We need the test script from vyos-build repo
- name: Clone vyos-build source code
uses: actions/checkout@v4
with:
repository: vyos/vyos-build
- uses: actions/download-artifact@v4
with:
name: vyos-${{ needs.build_iso.outputs.build_version }}
path: build
- name: VyOS TPM encryption tests
id: test
shell: bash
run: |
set -e
sudo make testtpm
if [[ $? == 0 ]]; then
echo "exit_code=success" >> $GITHUB_OUTPUT
else
echo "exit_code=fail" >> $GITHUB_OUTPUT
fi
result:
needs:
- test_smoketest_cli
- test_interfaces_cli
- test_config_load
- test_raid1_install
- test_encrypted_config_tpm
runs-on: ubuntu-24.04
timeout-minutes: 5
if: always()
steps:
- name: Add PR comment
if: always()
uses: mshick/add-pr-comment@v2
with:
message: |
CI integration ${{ needs.test_smoketest_cli.outputs.exit_code == 'success' && needs.test_interfaces_cli.outputs.exit_code == 'success' && needs.test_config_load.outputs.exit_code == 'success' && needs.test_raid1_install.outputs.exit_code == 'success' && '👍 passed!' || '❌ failed!' }}
### Details
[CI logs](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})
* CLI Smoketests (no interfaces) ${{ needs.test_smoketest_cli.outputs.exit_code == 'success' && '👍 passed' || '❌ failed' }}
* CLI Smoketests (interfaces only) ${{ needs.test_interfaces_cli.outputs.exit_code == 'success' && '👍 passed' || '❌ failed' }}
* Config tests ${{ needs.test_config_load.outputs.exit_code == 'success' && '👍 passed' || '❌ failed' }}
* RAID1 tests ${{ needs.test_raid1_install.outputs.exit_code == 'success' && '👍 passed' || '❌ failed' }}
* TPM tests ${{ needs.test_encrypted_config_tpm.outputs.exit_code == 'success' && '👍 passed' || '❌ failed' }}
message-id: "SMOKETEST_RESULTS"
allow-repeats: false
refresh-message-position: true
diff --git a/Makefile b/Makefile
index 3f3ba5ba7..3ec5ed73f 100644
--- a/Makefile
+++ b/Makefile
@@ -1,135 +1,135 @@
TMPL_DIR := templates-cfg
OP_TMPL_DIR := templates-op
BUILD_DIR := build
DATA_DIR := data
SHIM_DIR := src/shim
LIBS := -lzmq
CFLAGS :=
BUILD_ARCH := $(shell dpkg-architecture -q DEB_BUILD_ARCH)
J2LINT := $(shell command -v j2lint 2> /dev/null)
PYLINT_FILES := $(shell git ls-files *.py src/migration-scripts)
LIBVYOSCONFIG_BUILD_PATH := /tmp/libvyosconfig/_build/libvyosconfig.so
config_xml_src = $(wildcard interface-definitions/*.xml.in)
config_xml_obj = $(config_xml_src:.xml.in=.xml)
op_xml_src = $(wildcard op-mode-definitions/*.xml.in)
op_xml_obj = $(op_xml_src:.xml.in=.xml)
%.xml: %.xml.in
@echo Generating $(BUILD_DIR)/$@ from $<
mkdir -p $(BUILD_DIR)/$(dir $@)
$(CURDIR)/scripts/transclude-template $< > $(BUILD_DIR)/$@
.PHONY: libvyosconfig
.ONESHELL:
libvyosconfig:
if ! [ -f $(LIBVYOSCONFIG_BUILD_PATH) ]; then
rm -rf /tmp/libvyosconfig && \
git clone https://github.com/vyos/libvyosconfig.git /tmp/libvyosconfig || exit 1
cd /tmp/libvyosconfig && \
git checkout 677d1e2bf8109b9fd4da60e20376f992b747e384 || exit 1
- ./build.sh
+ eval $$(opam env --root=/opt/opam --set-root) && ./build.sh
fi
.PHONY: interface_definitions
.ONESHELL:
interface_definitions: $(config_xml_obj) libvyosconfig
mkdir -p $(TMPL_DIR)
$(CURDIR)/scripts/override-default $(BUILD_DIR)/interface-definitions
find $(BUILD_DIR)/interface-definitions -type f -name "*.xml" | xargs -I {} $(CURDIR)/scripts/build-command-templates {} $(CURDIR)/schema/interface_definition.rng $(TMPL_DIR) || exit 1
$(CURDIR)/python/vyos/xml_ref/generate_cache.py --xml-dir $(BUILD_DIR)/interface-definitions --internal-cache $(DATA_DIR)/reftree.cache || exit 1
# XXX: delete top level node.def's that now live in other packages
# IPSec VPN EAP-RADIUS does not support source-address
rm -rf $(TMPL_DIR)/vpn/ipsec/remote-access/radius/source-address
# T2472 - EIGRP support
rm -rf $(TMPL_DIR)/protocols/eigrp
# T2773 - EIGRP support for VRF
rm -rf $(TMPL_DIR)/vrf/name/node.tag/protocols/eigrp
# XXX: test if there are empty node.def files - this is not allowed as these
# could mask help strings or mandatory priority statements
find $(TMPL_DIR) -name node.def -type f -empty -exec false {} + || sh -c 'echo "There are empty node.def files! Check your interface definitions." && exit 1'
ifeq ($(BUILD_ARCH),arm64)
# There is currently no telegraf support in VyOS for ARM64, remove CLI definitions
rm -rf $(TMPL_DIR)/service/monitoring/telegraf
endif
.PHONY: op_mode_definitions
.ONESHELL:
op_mode_definitions: $(op_xml_obj)
mkdir -p $(OP_TMPL_DIR)
find $(BUILD_DIR)/op-mode-definitions/ -type f -name "*.xml" | xargs -I {} $(CURDIR)/scripts/build-command-op-templates {} $(CURDIR)/schema/op-mode-definition.rng $(OP_TMPL_DIR) || exit 1
$(CURDIR)/python/vyos/xml_ref/generate_op_cache.py --xml-dir $(BUILD_DIR)/op-mode-definitions || exit 1
# XXX: tcpdump, ping, traceroute and mtr must be able to recursivly call themselves as the
# options are provided from the scripts themselves
ln -s ../node.tag $(OP_TMPL_DIR)/ping/node.tag/node.tag/
ln -s ../node.tag $(OP_TMPL_DIR)/traceroute/node.tag/node.tag/
ln -s ../node.tag $(OP_TMPL_DIR)/mtr/node.tag/node.tag/
ln -s ../node.tag $(OP_TMPL_DIR)/monitor/traceroute/node.tag/node.tag/
ln -s ../node.tag $(OP_TMPL_DIR)/monitor/traffic/interface/node.tag/node.tag/
ln -s ../node.tag $(OP_TMPL_DIR)/execute/port-scan/host/node.tag/node.tag/
# XXX: test if there are empty node.def files - this is not allowed as these
# could mask help strings or mandatory priority statements
find $(OP_TMPL_DIR) -name node.def -type f -empty -exec false {} + || sh -c 'echo "There are empty node.def files! Check your interface definitions." && exit 1'
.PHONY: vyshim
vyshim:
$(MAKE) -C $(SHIM_DIR)
.PHONY: all
all: clean libvyosconfig interface_definitions op_mode_definitions test j2lint vyshim generate-configd-include-json
.PHONY: clean
clean:
rm -rf $(BUILD_DIR)
rm -rf $(TMPL_DIR)
rm -rf $(OP_TMPL_DIR)
$(MAKE) -C $(SHIM_DIR) clean
.PHONY: test
test: generate-configd-include-json
set -e; python3 -m compileall -q -x '/vmware-tools/scripts/, /ppp/' .
PYTHONPATH=python/ python3 -m "nose" --with-xunit src --with-coverage --cover-erase --cover-xml --cover-package src/conf_mode,src/op_mode,src/completion,src/helpers,src/validators,src/tests --verbose
.PHONY: check_migration_scripts_executable
.ONESHELL:
check_migration_scripts_executable:
@echo "Checking if migration scripts have executable bit set..."
find src/migration-scripts -type f -not -executable -print -exec false {} + || sh -c 'echo "Found files that are not executable! Add permissions." && exit 1'
.PHONY: j2lint
j2lint:
ifndef J2LINT
$(error "j2lint binary not found, consider installing: pip install git+https://github.com/aristanetworks/j2lint.git@341b5d5db86")
endif
$(J2LINT) data/
.PHONY: sonar
sonar:
sonar-scanner -X -Dsonar.login=${SONAR_TOKEN}
.PHONY: unused-imports
unused-imports:
@pylint --disable=all --enable=W0611 $(PYLINT_FILES)
deb:
dpkg-buildpackage -uc -us -tc -b
.PHONY: generate-configd-include-json
generate-configd-include-json:
@scripts/generate-configd-include-json.py
.PHONY: schema
schema:
trang -I rnc -O rng schema/interface_definition.rnc schema/interface_definition.rng
trang -I rnc -O rng schema/op-mode-definition.rnc schema/op-mode-definition.rng