josh/Vetting
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
28918bad153dce1c809114729b177bf9629a2a44
Vetting/.gitea/workflows/e2e.yml
T
josh 28918bad15
CI / Lint + build + test (push) Successful in 1m35s
Details
Release / release (push) Failing after 22s
Details
live-image: fix firmware so i915 actually loads at boot 
Previous attempt (c962d6d) added firmware-linux-nonfree to mkosi.conf,
but the CI bundle was still 63 MB and Tiger Lake wedged on tgl_guc.
Two reasons: (1) firmware-linux-nonfree on bookworm is a thin
metapackage that doesn't include firmware-misc-nonfree, which is where
i915 GuC/HuC blobs actually live; (2) Ubuntu's apt-packaged mkosi is
old enough that Repositories=non-free-firmware shorthand likely isn't
wired through to the debootstrap invocation, so firmware packages
silently miss the bootstrap step entirely.

Changes:
- Enumerate firmware packages explicitly in mkosi.conf (firmware-
  misc-nonfree, firmware-iwlwifi, firmware-realtek, firmware-amd-
  graphics, firmware-intel-sound, intel/amd64-microcode).
- Ship mkosi.sources.d/debian.sources with explicit deb822 so the
  non-free-firmware component is unambiguously available.
- Install mkosi 24.3 via pip in CI instead of apt's older build.
- Pin MODULES=most and COMPRESS=zstd via a tracked initramfs-tools
  config under mkosi.extra/.
- Narrow .gitignore so only the generated agent binary is ignored,
  not the whole mkosi.extra/ tree.
- New check-initrd Makefile target asserts both size (>=150 MB) and
  actual presence of i915/tgl_guc_*.bin inside the built initrd, so
  a silent firmware-drop regression fails the build loudly.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-18 13:38:40 -04:00

67 lines
2.1 KiB
YAML
Raw Blame History

name: E2E (manual)
# The E2E job builds the live image (mkosi, requires apt package
# updates) and boots a QEMU VM against a running orchestrator. It's
# slow and needs a Linux runner with nested virtualization + loop
# devices, so it runs only on workflow_dispatch against the privileged
# self-hosted runner.
on:
workflow_dispatch:
inputs:
ref:
description: "Git ref to test (default: main)"
required: false
default: main
permissions:
contents: read
jobs:
e2e:
runs-on: ubuntu-latest
timeout-minutes: 45
steps:
- uses: actions/checkout@v4
with:
ref: ${{ inputs.ref }}
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: "1.26.x"
cache: false
- name: Install live-image build dependencies
run: |
sudo apt-get update
sudo apt-get install -y --no-install-recommends \
debootstrap squashfs-tools \
systemd-ukify systemd-boot kmod \
debian-archive-keyring python3-pip zstd \
qemu-system-x86 qemu-utils \
dnsmasq iperf3 ipxe-qemu
# See release.yml for rationale — Ubuntu's apt mkosi is too old
# to handle bookworm's non-free-firmware component correctly.
sudo pip install --break-system-packages mkosi==24.3
- name: Install templ
run: go install github.com/a-h/templ/cmd/templ@v0.3.1001
- name: Build orchestrator + agent
run: |
templ generate
make orchestrator-linux agent-linux
- name: Build live image
run: make live-image
- name: Run E2E suite
# The E2E test expects a registered host + queued run; in CI we
# don't have an operator, so it's skipped unless VETTING_E2E_RUN_ID
# is supplied. When someone stands up the orchestrator for a
# dispatch, they can set it via a workflow_dispatch secret.
env:
VETTING_E2E_RUN_ID: ${{ vars.VETTING_E2E_RUN_ID }}
run: sudo -E go test -tags=e2e -count=1 -v ./test/e2e/...
Reference in New Issue View Git Blame Copy Permalink