diff --git a/changelog.d/19475.misc b/changelog.d/19475.misc new file mode 100644 index 0000000000..ea2774dcb1 --- /dev/null +++ b/changelog.d/19475.misc @@ -0,0 +1 @@ +Fix Complement CI not running against the code from our PRs. diff --git a/docker/README-testing.md b/docker/README-testing.md index 2ef8556d76..aeeba58730 100644 --- a/docker/README-testing.md +++ b/docker/README-testing.md @@ -31,23 +31,23 @@ release of Synapse, instead of your current checkout, you can skip this step. Fr root of the repository: ```sh -docker build -t matrixdotorg/synapse -f docker/Dockerfile . +docker build -t localhost/synapse -f docker/Dockerfile . ``` Next, build the workerised Synapse docker image, which is a layer over the base image. ```sh -docker build -t matrixdotorg/synapse-workers -f docker/Dockerfile-workers . +docker build -t localhost/synapse-workers --build-arg FROM=localhost/synapse -f docker/Dockerfile-workers . ``` Finally, build the multi-purpose image for Complement, which is a layer over the workers image. ```sh -docker build -t complement-synapse -f docker/complement/Dockerfile docker/complement +docker build -t localhost/complement-synapse -f docker/complement/Dockerfile --build-arg FROM=localhost/synapse-workers docker/complement ``` -This will build an image with the tag `complement-synapse`, which can be handed to +This will build an image with the tag `localhost/complement-synapse`, which can be handed to Complement for testing via the `COMPLEMENT_BASE_IMAGE` environment variable. Refer to [Complement's documentation](https://github.com/matrix-org/complement/#running) for how to run the tests, as well as the various available command line flags. diff --git a/scripts-dev/complement.sh b/scripts-dev/complement.sh index dc2262a2a3..9a18a621ee 100755 --- a/scripts-dev/complement.sh +++ b/scripts-dev/complement.sh @@ -35,6 +35,26 @@ # Exit if a line returns a non-zero exit code set -e +# Tag local builds with a dummy registry namespace so that later builds may reference +# them exactly instead of accidentally pulling from a remote registry. +# +# This is important as some storage drivers/types prefer remote images over local +# (`containerd`) which causes problems as we're testing against some remote image that +# doesn't include all of the changes that we're trying to test (be it locally or in a PR +# in CI). This is spawning from a real-world problem where the GitHub runners were +# updated to use Docker Engine 29.0.0+ which uses `containerd` by default for new +# installations. +LOCAL_IMAGE_NAMESPACE=localhost + +# The image tags for how these images will be stored in the registry +SYNAPSE_IMAGE_PATH="$LOCAL_IMAGE_NAMESPACE/synapse" +SYNAPSE_WORKERS_IMAGE_PATH="$LOCAL_IMAGE_NAMESPACE/synapse-workers" +COMPLEMENT_SYNAPSE_IMAGE_PATH="$LOCAL_IMAGE_NAMESPACE/complement-synapse" + +SYNAPSE_EDITABLE_IMAGE_PATH="$LOCAL_IMAGE_NAMESPACE/synapse-editable" +SYNAPSE_WORKERS_EDITABLE_IMAGE_PATH="$LOCAL_IMAGE_NAMESPACE/synapse-workers-editable" +COMPLEMENT_SYNAPSE_EDITABLE_IMAGE_PATH="$LOCAL_IMAGE_NAMESPACE/complement-synapse-editable" + # Helper to emit annotations that collapse portions of the log in GitHub Actions echo_if_github() { if [[ -n "$GITHUB_WORKFLOW" ]]; then @@ -53,7 +73,7 @@ Run the complement test suite on Synapse. -f, --fast Skip rebuilding the docker images, and just use the most recent - 'complement-synapse:latest' image. + 'localhost/complement-synapse:latest' image. Conflicts with --build-only. --build-only @@ -154,16 +174,16 @@ main() { editable_mount="$(realpath .):/editable-src:z" if [ -n "$rebuild_editable_synapse" ]; then unset skip_docker_build - elif $CONTAINER_RUNTIME inspect complement-synapse-editable &>/dev/null; then + elif $CONTAINER_RUNTIME inspect "$COMPLEMENT_SYNAPSE_EDITABLE_IMAGE_PATH" &>/dev/null; then # complement-synapse-editable already exists: see if we can still use it: # - The Rust module must still be importable; it will fail to import if the Rust source has changed. # - The Poetry lock file must be the same (otherwise we assume dependencies have changed) # First set up the module in the right place for an editable installation. - $CONTAINER_RUNTIME run --rm -v $editable_mount --entrypoint 'cp' complement-synapse-editable -- /synapse_rust.abi3.so.bak /editable-src/synapse/synapse_rust.abi3.so + $CONTAINER_RUNTIME run --rm -v $editable_mount --entrypoint 'cp' "$COMPLEMENT_SYNAPSE_EDITABLE_IMAGE_PATH" -- /synapse_rust.abi3.so.bak /editable-src/synapse/synapse_rust.abi3.so - if ($CONTAINER_RUNTIME run --rm -v $editable_mount --entrypoint 'python' complement-synapse-editable -c 'import synapse.synapse_rust' \ - && $CONTAINER_RUNTIME run --rm -v $editable_mount --entrypoint 'diff' complement-synapse-editable --brief /editable-src/poetry.lock /poetry.lock.bak); then + if ($CONTAINER_RUNTIME run --rm -v $editable_mount --entrypoint 'python' "$COMPLEMENT_SYNAPSE_EDITABLE_IMAGE_PATH" -c 'import synapse.synapse_rust' \ + && $CONTAINER_RUNTIME run --rm -v $editable_mount --entrypoint 'diff' "$COMPLEMENT_SYNAPSE_EDITABLE_IMAGE_PATH" --brief /editable-src/poetry.lock /poetry.lock.bak); then skip_docker_build=1 else echo "Editable Synapse image is stale. Will rebuild." @@ -177,42 +197,47 @@ main() { # Build a special image designed for use in development with editable # installs. - $CONTAINER_RUNTIME build -t synapse-editable \ + $CONTAINER_RUNTIME build \ + -t "$SYNAPSE_EDITABLE_IMAGE_PATH" \ -f "docker/editable.Dockerfile" . - $CONTAINER_RUNTIME build -t synapse-workers-editable \ - --build-arg FROM=synapse-editable \ + $CONTAINER_RUNTIME build \ + -t "$SYNAPSE_WORKERS_EDITABLE_IMAGE_PATH" \ + --build-arg FROM="$SYNAPSE_EDITABLE_IMAGE_PATH" \ -f "docker/Dockerfile-workers" . - $CONTAINER_RUNTIME build -t complement-synapse-editable \ - --build-arg FROM=synapse-workers-editable \ + $CONTAINER_RUNTIME build \ + -t "$COMPLEMENT_SYNAPSE_EDITABLE_IMAGE_PATH" \ + --build-arg FROM="$SYNAPSE_WORKERS_EDITABLE_IMAGE_PATH" \ -f "docker/complement/Dockerfile" "docker/complement" # Prepare the Rust module - $CONTAINER_RUNTIME run --rm -v $editable_mount --entrypoint 'cp' complement-synapse-editable -- /synapse_rust.abi3.so.bak /editable-src/synapse/synapse_rust.abi3.so + $CONTAINER_RUNTIME run --rm -v $editable_mount --entrypoint 'cp' "$COMPLEMENT_SYNAPSE_EDITABLE_IMAGE_PATH" -- /synapse_rust.abi3.so.bak /editable-src/synapse/synapse_rust.abi3.so else # Build the base Synapse image from the local checkout echo_if_github "::group::Build Docker image: matrixdotorg/synapse" - $CONTAINER_RUNTIME build -t matrixdotorg/synapse \ - --build-arg TEST_ONLY_SKIP_DEP_HASH_VERIFICATION \ - --build-arg TEST_ONLY_IGNORE_POETRY_LOCKFILE \ - -f "docker/Dockerfile" . + $CONTAINER_RUNTIME build \ + -t "$SYNAPSE_IMAGE_PATH" \ + --build-arg TEST_ONLY_SKIP_DEP_HASH_VERIFICATION \ + --build-arg TEST_ONLY_IGNORE_POETRY_LOCKFILE \ + -f "docker/Dockerfile" . echo_if_github "::endgroup::" # Build the workers docker image (from the base Synapse image we just built). echo_if_github "::group::Build Docker image: matrixdotorg/synapse-workers" - $CONTAINER_RUNTIME build -t matrixdotorg/synapse-workers -f "docker/Dockerfile-workers" . + $CONTAINER_RUNTIME build \ + -t "$SYNAPSE_WORKERS_IMAGE_PATH" \ + --build-arg FROM="$SYNAPSE_IMAGE_PATH" \ + -f "docker/Dockerfile-workers" . echo_if_github "::endgroup::" # Build the unified Complement image (from the worker Synapse image we just built). echo_if_github "::group::Build Docker image: complement/Dockerfile" - $CONTAINER_RUNTIME build -t complement-synapse \ - `# This is the tag we end up pushing to the registry (see` \ - `# .github/workflows/push_complement_image.yml) so let's just label it now` \ - `# so people can reference it by the same name locally.` \ - -t ghcr.io/element-hq/synapse/complement-synapse \ + $CONTAINER_RUNTIME build \ + -t "$COMPLEMENT_SYNAPSE_IMAGE_PATH" \ + --build-arg FROM="$SYNAPSE_WORKERS_IMAGE_PATH" \ -f "docker/complement/Dockerfile" "docker/complement" echo_if_github "::endgroup::" @@ -253,9 +278,9 @@ main() { ./tests/... ) - export COMPLEMENT_BASE_IMAGE=complement-synapse + export COMPLEMENT_BASE_IMAGE="$COMPLEMENT_SYNAPSE_IMAGE_PATH" if [ -n "$use_editable_synapse" ]; then - export COMPLEMENT_BASE_IMAGE=complement-synapse-editable + export COMPLEMENT_BASE_IMAGE="$COMPLEMENT_SYNAPSE_EDITABLE_IMAGE_PATH" export COMPLEMENT_HOST_MOUNTS="$editable_mount" fi