qemu-e2k/tests/docker/Makefile.include
Fam Zheng 4470749186 docker: Use unconfined security profile
Some by default blocked syscalls are required to run tests for example
userfaultfd.

Reviewed-by: Kashyap Chamarthy <kchamart@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-Id: <20170905025614.579-4-famz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Based-on: 20170905021201.25684-1-famz@redhat.com
2017-09-22 10:20:34 +08:00

173 lines
6.8 KiB
Makefile

# Makefile for Docker tests
.PHONY: docker docker-test docker-clean docker-image docker-qemu-src
DOCKER_SUFFIX := .docker
DOCKER_FILES_DIR := $(SRC_PATH)/tests/docker/dockerfiles
DOCKER_IMAGES := $(notdir $(basename $(wildcard $(DOCKER_FILES_DIR)/*.docker)))
DOCKER_TARGETS := $(patsubst %,docker-image-%,$(DOCKER_IMAGES))
# Use a global constant ccache directory to speed up repetitive builds
DOCKER_CCACHE_DIR := $$HOME/.cache/qemu-docker-ccache
DOCKER_TESTS := $(notdir $(shell \
find $(SRC_PATH)/tests/docker/ -name 'test-*' -type f))
DOCKER_TOOLS := travis
TESTS ?= %
IMAGES ?= %
# Make archive from git repo $1 to tar.gz $2
make-archive-maybe = $(if $(wildcard $1/*), \
$(call quiet-command, \
(cd $1; if git diff-index --quiet HEAD -- &>/dev/null; then \
git archive -1 HEAD --format=tar.gz; \
else \
git archive -1 $$(git stash create) --format=tar.gz; \
fi) > $2, \
"ARCHIVE","$(notdir $2)"))
CUR_TIME := $(shell date +%Y-%m-%d-%H.%M.%S.$$$$)
DOCKER_SRC_COPY := docker-src.$(CUR_TIME)
$(DOCKER_SRC_COPY):
@mkdir $@
$(call make-archive-maybe, $(SRC_PATH), $@/qemu.tgz)
$(call make-archive-maybe, $(SRC_PATH)/dtc, $@/dtc.tgz)
$(call quiet-command, cp $(SRC_PATH)/tests/docker/run $@/run, \
"COPY","RUNNER")
docker-qemu-src: $(DOCKER_SRC_COPY)
docker-image: ${DOCKER_TARGETS}
# General rule for building docker images
docker-image-%: $(DOCKER_FILES_DIR)/%.docker
@if test "$@" = docker-image-debian-bootstrap -a -z "$(EXECUTABLE)"; then \
echo WARNING: EXECUTABLE is not set, debootstrap may fail. 2>&1 ; \
fi
$(call quiet-command,\
$(SRC_PATH)/tests/docker/docker.py build qemu:$* $< \
$(if $V,,--quiet) $(if $(NOCACHE),--no-cache) \
$(if $(NOUSER),,--add-current-user) \
$(if $(EXTRA_FILES),--extra-files $(EXTRA_FILES))\
$(if $(EXECUTABLE),--include-executable=$(EXECUTABLE)),\
"BUILD","$*")
docker-image-debian-powerpc-cross: EXTRA_FILES:=tests/docker/dockerfiles/debian-apt-fake.sh
# Enforce dependancies for composite images
docker-image-debian: docker-image-debian9
docker-image-debian8-mxe: docker-image-debian8
docker-image-debian-amd64: docker-image-debian9
docker-image-debian-armel-cross: docker-image-debian9
docker-image-debian-armhf-cross: docker-image-debian9
docker-image-debian-arm64-cross: docker-image-debian9
docker-image-debian-mips-cross: docker-image-debian9
docker-image-debian-mips64el-cross: docker-image-debian9
docker-image-debian-powerpc-cross: docker-image-debian8
docker-image-debian-ppc64el-cross: docker-image-debian9
docker-image-debian-s390x-cross: docker-image-debian9
docker-image-debian-win32-cross: docker-image-debian8-mxe
docker-image-debian-win64-cross: docker-image-debian8-mxe
docker-image-travis: NOUSER=1
# Expand all the pre-requistes for each docker image and test combination
$(foreach i,$(DOCKER_IMAGES), \
$(foreach t,$(DOCKER_TESTS) $(DOCKER_TOOLS), \
$(eval .PHONY: docker-$t@$i) \
$(eval docker-$t@$i: docker-image-$i docker-run-$t@$i) \
) \
$(foreach t,$(DOCKER_TESTS), \
$(eval docker-test: docker-$t@$i) \
) \
)
docker:
@echo 'Build QEMU and run tests inside Docker containers'
@echo
@echo 'Available targets:'
@echo
@echo ' docker: Print this help.'
@echo ' docker-test: Run all image/test combinations.'
@echo ' docker-clean: Kill and remove residual docker testing containers.'
@echo ' docker-TEST@IMAGE: Run "TEST" in container "IMAGE".'
@echo ' Note: "TEST" is one of the listed test name,'
@echo ' or a script name under $$QEMU_SRC/tests/docker/;'
@echo ' "IMAGE" is one of the listed container name."'
@echo ' docker-image: Build all images.'
@echo ' docker-image-IMAGE: Build image "IMAGE".'
@echo ' docker-run: For manually running a "TEST" with "IMAGE"'
@echo
@echo 'Available container images:'
@echo ' $(DOCKER_IMAGES)'
@echo
@echo 'Available tests:'
@echo ' $(DOCKER_TESTS)'
@echo
@echo 'Available tools:'
@echo ' $(DOCKER_TOOLS)'
@echo
@echo 'Special variables:'
@echo ' TARGET_LIST=a,b,c Override target list in builds.'
@echo ' EXTRA_CONFIGURE_OPTS="..."'
@echo ' Extra configure options.'
@echo ' IMAGES="a b c ..": Filters which images to build or run.'
@echo ' TESTS="x y z .." Filters which tests to run (for docker-test).'
@echo ' J=[0..9]* Overrides the -jN parameter for make commands'
@echo ' (default is 1)'
@echo ' DEBUG=1 Stop and drop to shell in the created container'
@echo ' before running the command.'
@echo ' NETWORK=1 Enable virtual network interface with default backend.'
@echo ' NETWORK=$BACKEND Enable virtual network interface with $BACKEND.'
@echo ' NOUSER Define to disable adding current user to containers passwd.'
@echo ' NOCACHE=1 Ignore cache when build images.'
@echo ' EXECUTABLE=<path> Include executable in image.'
@echo ' EXTRA_FILES="<path> [... <path>]"'
@echo ' Include extra files in image.'
# This rule if for directly running against an arbitrary docker target.
# It is called by the expanded docker targets (e.g. make
# docker-test-foo@bar) which will do additional verification.
#
# For example: make docker-run TEST="test-quick" IMAGE="debian:arm64" EXECUTABLE=./aarch64-linux-user/qemu-aarch64
#
docker-run: docker-qemu-src
@mkdir -p "$(DOCKER_CCACHE_DIR)"
@if test -z "$(IMAGE)" || test -z "$(TEST)"; \
then echo "Invalid target $(IMAGE)/$(TEST)"; exit 1; \
fi
$(if $(EXECUTABLE), \
$(call quiet-command, \
$(SRC_PATH)/tests/docker/docker.py update \
$(IMAGE) $(EXECUTABLE), \
" COPYING $(EXECUTABLE) to $(IMAGE)"))
$(call quiet-command, \
$(SRC_PATH)/tests/docker/docker.py run \
$(if $(NOUSER),,-u $(shell id -u)) -t \
--security-opt seccomp=unconfined \
$(if $V,,--rm) \
$(if $(DEBUG),-i,) \
$(if $(NETWORK),$(if $(subst $(NETWORK),,1),--net=$(NETWORK)),--net=none) \
-e TARGET_LIST=$(TARGET_LIST) \
-e EXTRA_CONFIGURE_OPTS="$(EXTRA_CONFIGURE_OPTS)" \
-e V=$V -e J=$J -e DEBUG=$(DEBUG) \
-e SHOW_ENV=$(SHOW_ENV) \
-e CCACHE_DIR=/var/tmp/ccache \
-v $$(readlink -e $(DOCKER_SRC_COPY)):/var/tmp/qemu:z$(COMMA)ro \
-v $(DOCKER_CCACHE_DIR):/var/tmp/ccache:z \
$(IMAGE) \
/var/tmp/qemu/run \
$(TEST), " RUN $(TEST) in ${IMAGE}")
# Run targets:
#
# Of the form docker-TEST-FOO@IMAGE-BAR which will then be expanded into a call to "make docker-run"
docker-run-%: CMD = $(shell echo '$@' | sed -e 's/docker-run-\([^@]*\)@\(.*\)/\1/')
docker-run-%: IMAGE = $(shell echo '$@' | sed -e 's/docker-run-\([^@]*\)@\(.*\)/\2/')
docker-run-%:
@$(MAKE) docker-run TEST=$(CMD) IMAGE=qemu:$(IMAGE)
docker-clean:
$(call quiet-command, $(SRC_PATH)/tests/docker/docker.py clean)