Put sonic image directy into container. (#164)

.github/workflows/integration.yaml

@@ -21,6 +21,14 @@ jobs:
       run: |
         [ -d "${GITHUB_WORKSPACE}" ] && sudo chown -R $USER:$USER ${GITHUB_WORKSPACE}
 
+    - name: Setup Containerlab
+      run: |
+        bash -c "$(curl -sL https://get.containerlab.dev)"
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        # we can remove desired version again after this fix was released: https://github.com/srl-labs/containerlab/pull/2000
+        DESIRED_VERSION: v0.52.0
+
     - name: Log in to the container registry
       uses: docker/login-action@v3
       with:
@@ -38,31 +46,24 @@ jobs:
         echo "MINI_LAB_VM_IMAGE=ghcr.io/metal-stack/mini-lab-vms:${IMAGE_TAG}" >> $GITHUB_ENV
         echo "MINI_LAB_SONIC_IMAGE=ghcr.io/metal-stack/mini-lab-sonic:${IMAGE_TAG}" >> $GITHUB_ENV
 
-        SONIC_IMAGE_HASH=$(grep 'SONIC_REMOTE_IMG :=' Makefile | awk '{ print $3 }' | sha256sum | awk '{ print $1 }')
-
-        echo "SONIC_IMAGE_HASH=${SONIC_IMAGE_HASH}" >> $GITHUB_ENV
-
     - name: Build and push mini-lab-vms container
       uses: docker/build-push-action@v5
       with:
         context: ./images
         file: ./images/Dockerfile.vms
         push: true
         tags: ${{ env.MINI_LAB_VM_IMAGE }}
+        cache-from: type=registry,ref=${{ env.MINI_LAB_VM_IMAGE }}
+        cache-to: type=inline
 
     - name: Build and push mini-lab-sonic container
       uses: docker/build-push-action@v5
       with:
         context: ./images/sonic
         push: true
         tags: ${{ env.MINI_LAB_SONIC_IMAGE }}
-
-    - name: Cache
-      uses: actions/cache@v4
-      with:
-        path: |
-          ./sonic-vs.img
-        key: ${{ env.SONIC_IMAGE_HASH }}
+        cache-from: type=registry,ref=${{ env.MINI_LAB_SONIC_IMAGE }}
+        cache-to: type=inline
 
     - name: Run integration tests
       shell: bash
@@ -72,3 +73,4 @@ jobs:
       env:
         DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }}
         DOCKER_HUB_TOKEN: ${{ secrets.DOCKER_HUB_TOKEN }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Makefile

@@ -20,9 +20,6 @@ MINI_LAB_SONIC_IMAGE := $(or $(MINI_LAB_SONIC_IMAGE),ghcr.io/metal-stack/mini-la
 
 MACHINE_OS=ubuntu-22.04
 
-# Check: https://sonic-build.azurewebsites.net/ui/sonic/pipelines
-SONIC_REMOTE_IMG := https://sonic-build.azurewebsites.net/api/sonic/artifacts?branchName=202211&platform=vs&target=target%2Fsonic-vs.img.gz
-
 # Machine flavors
 ifeq ($(MINI_LAB_FLAVOR),cumulus)
 LAB_MACHINES=machine01,machine02
@@ -82,12 +79,6 @@ partition: partition-bake
 
 .PHONY: partition-bake
 partition-bake:
-ifeq ($(MINI_LAB_FLAVOR),sonic)
-ifeq ("$(wildcard sonic-vs.img)","")
-	$(MAKE)	sonic-vs.img
-endif
-endif
-
 	docker pull $(MINI_LAB_VM_IMAGE)
 
 	@if ! sudo $(CONTAINERLAB) --topo $(LAB_TOPOLOGY) inspect | grep -i leaf01 > /dev/null; then \
@@ -131,13 +122,8 @@ cleanup-control-plane:
 .PHONY: cleanup-partition
 cleanup-partition:
 	mkdir -p clab-mini-lab
-
 	sudo $(CONTAINERLAB) destroy --topo mini-lab.cumulus.yaml
-
-# destroying the sonic lab requires the image to exist, otherwise it fails with bind path verification
-	touch sonic-vs.img
 	sudo $(CONTAINERLAB) destroy --topo mini-lab.sonic.yaml
-	rm -f sonic-vs.img
 
 .PHONY: _privatenet
 _privatenet: env
@@ -242,6 +228,3 @@ dev-env:
 	@echo "export METALCTL_API_URL=http://api.172.17.0.1.nip.io:8080/metal"
 	@echo "export METALCTL_HMAC=metal-admin"
 	@echo "export KUBECONFIG=$(KUBECONFIG)"
-
-sonic-vs.img:
-	curl --location --output - "${SONIC_REMOTE_IMG}" | gunzip > sonic-vs.img

images/sonic/Dockerfile

@@ -1,17 +1,21 @@
 FROM ubuntu:22.04
 
 ENV LIBGUESTFS_BACKEND=direct
+# Check: https://sonic-build.azurewebsites.net/ui/sonic/pipelines
+ENV SONIC_REMOTE_IMG=https://sonic-build.azurewebsites.net/api/sonic/artifacts?branchName=202211&platform=vs&target=target%2Fsonic-vs.img.gz
 
 RUN apt-get update && \
     apt-get --no-install-recommends install --yes \
+        curl \
         linux-image-5.15.0-102-generic \
         net-tools \
         ovmf \
         python3 \
         python3-guestfs \
         qemu-system-x86 \
         telnet \
-        tini
+        tini && \
+    curl --location --output - "${SONIC_REMOTE_IMG}" | gunzip > sonic-vs.img
 
 ENTRYPOINT ["/usr/bin/tini", "--"]
 

inventories/group_vars/all/ci.yaml

@@ -2,3 +2,5 @@
 metal_registry_auth_enabled: "{{ lookup('env', 'CI') | default(false, true) | bool }}"
 metal_registry_auth_user: "{{ lookup('env', 'DOCKER_HUB_USER') | default('', true) }}"
 metal_registry_auth_password: "{{ lookup('env', 'DOCKER_HUB_TOKEN') | default('', true) }}"
+
+github_runner_token: "{{ lookup('env', 'GITHUB_TOKEN') | default('', true) }}"

inventories/group_vars/control-plane/metal.yml

@@ -11,18 +11,18 @@ metal_api_admin_key: metal-admin
 
 metal_api_nsq_tcp_address: nsqd:4150
 
-metal_api_latest_os_image_release_name: "{{ (lookup('url', 'https://api.github.com/repos/metal-stack/metal-images/releases/latest') | from_json).get('name') }}"
+metal_api_latest_os_image_release_name: "{{ (lookup('url', 'https://api.github.com/repos/metal-stack/metal-images/releases/latest', headers=({'authorization': 'Bearer ' + github_runner_token} if github_runner_token else {})) | from_json).get('name') }}"
 
 metal_api_images:
-- id: firewall-ubuntu-3.0.{{ metal_api_latest_os_image_release_name }}
-  name: Firewall 3 Ubuntu {{ metal_api_latest_os_image_release_name }}
-  description: Firewall 3 Ubuntu {{ metal_api_latest_os_image_release_name }}
+- id: firewall-ubuntu-3.0
+  name: Firewall 3 Ubuntu
+  description: Firewall 3 Ubuntu Latest Release
   url: https://images.metal-stack.io/metal-os/{{ metal_api_latest_os_image_release_name }}/firewall/3.0-ubuntu/img.tar.lz4
   features:
     - firewall
-- id: ubuntu-22.04.{{ metal_api_latest_os_image_release_name }}
-  name: Ubuntu 22.04 {{ metal_api_latest_os_image_release_name }}
-  description: Ubuntu 22.04 {{ metal_api_latest_os_image_release_name }}
+- id: ubuntu-22.04
+  name: Ubuntu 22.04
+  description: Ubuntu 22.04 Latest Release
   url: https://images.metal-stack.io/metal-os/{{ metal_api_latest_os_image_release_name }}/ubuntu/22.04/img.tar.lz4
   features:
     - machine

mini-lab.sonic.yaml

@@ -14,7 +14,6 @@ topology:
       binds:
         - /dev:/dev
         - files/ssh/id_rsa.pub:/authorized_keys
-        - sonic-vs.img:/sonic-vs.img
     leaf02:
       kind: linux
       image: ${MINI_LAB_SONIC_IMAGE}
@@ -23,7 +22,6 @@ topology:
       binds:
         - /dev:/dev
         - files/ssh/id_rsa.pub:/authorized_keys
-        - sonic-vs.img:/sonic-vs.img
     inet:
       kind: linux
       image: quay.io/frrouting/frr:9.1.0

test/ci-cleanup.sh

@@ -8,8 +8,6 @@ previous_topos=$(docker inspect -f '{{ index .Config.Labels "clab-topo-file" }}'
 for topo in previous_topos; do
     previous_lab_dir=$(dirname $topo)
     mkdir -p "${previous_lab_dir}/clab-mini-lab"
-    # destroying the sonic lab requires the image to exist, otherwise it fails with bind path verification
-    touch "${previous_lab_dir}/sonic-vs.img"
 done
 
 make cleanup