Artifacts and how to get them #5585
Conversation
ShadowCurse
requested review from
Manciukic,
kalyazin,
pb8o and
xmarcalx
as code owners
ShadowCurse
force-pushed
the
pull_latest_s3_artifacts
branch
from
7682ec8 to
24326d6
Compare
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #5585 +/- ##
=======================================
Coverage 83.23% 83.23%
=======================================
Files 277 277
Lines 29263 29263
=======================================
Hits 24358 24358
Misses 4905 4905
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
ShadowCurse
force-pushed
the
pull_latest_s3_artifacts
branch
7 times, most recently
from
1de4267 to
59fb38f
Compare
ShadowCurse
added
Status: Awaiting review
| current_artifacts_dir = ( | ||
| open(Path(LOCAL_BUILD_PATH) / "current_artifacts", "r", encoding="utf-8") | ||
| .read() | ||
| .strip() | ||
| ) |
There was a problem hiding this comment.
why don't we just use the directory (which I'm assuming it's a link) directly?
There was a problem hiding this comment.
links do not work because of docker
There was a problem hiding this comment.
why not? if they are relative they will work
tests/conftest.py
Outdated
| utils.run_cmd(["dmesg", "-dPx"]).stdout | ||
| ) | ||
| shutil.copy(f"/firecracker/build/img/{platform.machine()}/id_rsa", uvm_data) | ||
| shutil.copy("/srv/current_artifacts/id_rsa", uvm_data) |
There was a problem hiding this comment.
shouldn't this be /firecracker/build/current_artifacts? Why can't we use the constants defined in defs?
There was a problem hiding this comment.
you are correct, switch to using ARTIFACT_DIR
| # File with a single line specifing the name of the | ||
| # currently used artifacts | ||
| LOCAL_ARTIFACTS_CURRENT_DIR_FILE="build/current_artifacts" |
There was a problem hiding this comment.
also, why not in build/artifacts/current ?
There was a problem hiding this comment.
- I had this idea initially, but as it turns out symlinks will not work because we will create symlinks outside docker, but tests are run inside, so links will be broken
- no particular reason, I just happened to choose
current_artifacts, can change if you prefer the other version
There was a problem hiding this comment.
I had this idea initially, but as it turns out symlinks will not work because we will create symlinks outside docker, but tests are run inside, so links will be broken
relative symbolic links will always work: ie cd build/artifacts; ln -s 20251217_abcde current.
no particular reason, I just happened to choose current_artifacts, can change if you prefer the other version
I think it makes it clearer
tools/devtool
Outdated
| # Query default S3 bucket with artifacts and return the most recient path | ||
| get_newest_s3_artifacts() { | ||
| echo $(aws s3 ls $DEFAULT_ARTIFACTS_S3_BUCKET/ --no-sign-request | grep "PRE" | sort -k2 | tail -1 | awk -v bucket="$DEFAULT_ARTIFACTS_S3_BUCKET" '{print bucket "/" $2}') | ||
| # echo "s3://spec.ccfc.min/firecracker-ci/v1.15" |
tools/devtool
Outdated
| cmd_download_ci_artifacts() { | ||
| if [ "$1" = "--force" ]; then | ||
| rm -rf $FC_BUILD_DIR/img | ||
| rm -rf $ARTIFACTS_DIR |
There was a problem hiding this comment.
I can't find where this is defined. Also, the action of --force should be to override that specific artifacts if present, not to delete all of them (rm -rf artifacts_local_path)
There was a problem hiding this comment.
Added a commit where --force is removed. I think it is pretty simple to just delete build/artifacts/... if you need to.
There was a problem hiding this comment.
I was using it because I often mess with artifacts to ensure I get the upstream version :/
| ensure_ci_artifacts() { | ||
| if ! command -v aws >/dev/null; then | ||
| die "AWS CLI not installed, which is required for downloading artifacts for integration tests." | ||
| local artifacts=$1 |
There was a problem hiding this comment.
nit: please use singular and plural consistently. Also, it's not clear whether this is an S3 key, a URI, or something else
| done | ||
| } | ||
|
|
||
| cmd_set_current_artifacts() { |
There was a problem hiding this comment.
why do we need a separate command when the download one would just do the same when they're already downloaded?
There was a problem hiding this comment.
Change the logic a bit. Now downloading is separate from setting current artifacts.
There was a problem hiding this comment.
will this break existing uses and runbooks?
tools/devtool
Outdated
| fi | ||
|
|
||
| for artifact in "${artifacts[@]}"; do | ||
| ensure_ci_artifacts $artifact |
There was a problem hiding this comment.
I think we need a way to specify which ones we want to be set as the current, or to be explicit that the last one will be set as current
There was a problem hiding this comment.
don't think download command should mess with current artifacts. There is a separate command to set it.
There was a problem hiding this comment.
well, that's the existing behaviour. It may be referenced by pipelines, scripts, or runbooks, so we should check existing uses before changing it.
There was a problem hiding this comment.
The existing behavior is that we download and use a single version of artifacts. This behavior is preserved with ensure_current_artifacts_are_set_up.
ShadowCurse
force-pushed
the
pull_latest_s3_artifacts
branch
5 times, most recently
from
46a7c58 to
80e3f2d
Compare
The snapshot version check was iterating over last several FC versions pulled from S3, but it was unnecessary since there were no cross FC checks. Remove checks of old FC versions and only test the current version. Signed-off-by: Egor Lazarchuk <yegorlz@amazon.co.uk>
Instead of using fixed artifact path for a current FC version pull newest artifacts from S3. This way we can update them independently while keeping old versions around. Unfortunately there is no simple way to query newest added directory in S3, so do the next best thing of looking through all files in all directories and determining the `newest` directory be the `LastModified` status of files inside. Signed-off-by: Egor Lazarchuk <yegorlz@amazon.co.uk>
The old setup used `build/img` as the base directory for artifacts pulled from S3. In S3 the artifacts directory contains 1 subdirectory per architecture (x86_64 and aarch64). This was causing final local artifacts path to be `build/img/x86_64` or `build/img/aarch64`. This commit changes the structure a to have a separate `build/artifacts` directory with subdirectories containing different versions of artifacts. The path to currently used artifacts will be placed in `build/current_artifacts` file. This make is easy to switch between multiple versions of artifacts without a need to delete/download them. This also opens a door for A/B testing of artifacts. Signed-off-by: Egor Lazarchuk <yegorlz@amazon.co.uk>
Downloading artifacts is a separate step that should not mess with currently selected artifacts. Signed-off-by: Egor Lazarchuk <yegorlz@amazon.co.uk>
ShadowCurse
force-pushed
the
pull_latest_s3_artifacts
branch
from
80e3f2d to
075b628
Compare
Modify `download_ci_artifacts` to accept artifacts paths as input and download by passing these paths to `ensure_ci_artifacts`. `ensure_ci_artifacts` will default to latest s3 artifacts if no args were provided. `--force` still works and only deletes specified artifacts. Signed-off-by: Egor Lazarchuk <yegorlz@amazon.co.uk>
Add arguments names for binary paths for ab_test.py Signed-off-by: Egor Lazarchuk <yegorlz@amazon.co.uk>
Update `ab_test.py` with ability to accept custom artifacts for A and B runs. Additionally update `pipeline_perf.py` as well. Now REVISION_A_ARTIFACTS and REVISION_B_ARTIFACTS environment variables specify custom artifacts which will be used in A/B test Signed-off-by: Egor Lazarchuk <yegorlz@amazon.co.uk>
Some tests like style checks do not require artifacts to be present. Signed-off-by: Egor Lazarchuk <yegorlz@amazon.co.uk>
There is no reason for style check to download artifacts Signed-off-by: Egor Lazarchuk <yegorlz@amazon.co.uk>
Add missing descriptions for additional arguments Signed-off-by: Egor Lazarchuk <yegorlz@amazon.co.uk>
ShadowCurse
force-pushed
the
pull_latest_s3_artifacts
branch
from
075b628 to
2b3c8b9
Compare
The command is used internally in the `devtool` to make sure there are at lest some current artifacts set up. This behaviour is also required in the popular docker test, so convert it to a callable command. Signed-off-by: Egor Lazarchuk <yegorlz@amazon.co.uk>
2 participants
Changes
devtoolpull latest artifacts from s3Reason
Artifacts are rebuilt periodically now, so update our tools to be able to pull latest ones.
Additionally, while we are at it, add ability to download and switch between multiple
artifacts. This also opened a path for A/B tests of artifacts as well.
License Acceptance
By submitting this pull request, I confirm that my contribution is made under
the terms of the Apache 2.0 license. For more information on following Developer
Certificate of Origin and signing off your commits, please check
CONTRIBUTING.md.PR Checklist
tools/devtool checkbuild --allto verify that the PR passesbuild checks on all supported architectures.
tools/devtool checkstyleto verify that the PR passes theautomated style checks.
how they are solving the problem in a clear and encompassing way.
in the PR.
CHANGELOG.md.Runbook for Firecracker API changes.
integration tests.
TODO.rust-vmm.