git: cb9d4bb1fbb9 - main - Add preliminary in-tree CI infrastructure for developers
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 18 Apr 2024 18:02:58 UTC
The branch main has been updated by bofh:
URL: https://cgit.FreeBSD.org/src/commit/?id=cb9d4bb1fbb9ac0eb9f211656e91f9d5254c166c
commit cb9d4bb1fbb9ac0eb9f211656e91f9d5254c166c
Author: Muhammad Moinur Rahman <bofh@FreeBSD.org>
AuthorDate: 2024-04-18 17:57:38 +0000
Commit: Muhammad Moinur Rahman <bofh@FreeBSD.org>
CommitDate: 2024-04-18 18:02:24 +0000
Add preliminary in-tree CI infrastructure for developers
The goal of this project is to integrate the relevant scripts from the
FreeBSD-CI project (https://github.com/freebsd/freebsd-ci) into the src
repository. This allows developers to run the test suite similar to how
it is executed on ci.freebsd.org, and eventually, have it directly used
by our CI system. This effort is also part of the workflow improvement
project, aiming to incorporate pre-merge testing.
Current Features:
* Does smoke tests using either bhyve(amd64 only) or qemu(Non x86_64 or
when defined USE_QEMU=1). Currently defined CITYPE=smoke. Once we have
added full tests we can also utilize something like CITYPE=full
* Most of the resources are dynamically allocated based on available
resources in the host
* If CPU supports POPCNT or vmm can be loaded then bhyve is used for
amd64 otherwise automatically installs and uses qemu@nox11
* When required third party applications or packages for booting non-x86
images are automatically installed
Current Limitation:
* Does not support full tests like the one in our Jenkins
* At this moment this is also not suitable to be used in our Jenkins
platform as the jobs are divided in multiple smaller tasks and
artifacts are moved here and there which are not exactly the scenario
for individual developers.
Future Works:
* Add full tests like the one in ci.freebsd.org
* Add different tests or options to disable some tests
* Add test profiles full
* Possibly add test through Cloud Providers like AWS/GCP/Azure or Cirrus
or Github Actions
* Update documentation
Test Plan:
cd /usr/src/tests/ci
make ci
make TARGET=amd64 TARGET_ARCH=amd64 ci
make TARGET=amd64 TARGET_ARCH=amd64 USE_QEMU=1 ci
make TARGET=arm64 TARGET_ARCH=aarch64 ci
make TARGET=powerpc TARGET_ARCH=powerpc64 ci
make TARGET=powerpc TARGET_ARCH=powerpc64le ci
make TARGET=riscv TARGET_ARCH=riscv64 ci
Reviewed by: lwhsu
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D43786
---
tests/ci/Makefile | 210 ++++++++++++++++++++++++++++++++++++++++++
tests/ci/Makefile.aarch64 | 29 ++++++
tests/ci/Makefile.amd64 | 26 ++++++
tests/ci/Makefile.armv7 | 29 ++++++
tests/ci/Makefile.powerpc64 | 28 ++++++
tests/ci/Makefile.powerpc64le | 28 ++++++
tests/ci/Makefile.riscv64 | 32 +++++++
tests/ci/tools/ci.conf | 96 +++++++++++++++++++
tests/ci/tools/freebsdci | 90 ++++++++++++++++++
9 files changed, 568 insertions(+)
diff --git a/tests/ci/Makefile b/tests/ci/Makefile
new file mode 100644
index 000000000000..8892b0860260
--- /dev/null
+++ b/tests/ci/Makefile
@@ -0,0 +1,210 @@
+# SPDX-License-Identifier: BSD-2-Clause
+#
+# Copyright (c) 2024 The FreeBSD Foundation
+#
+# This software was developed by Cybermancer Infosec <bofh@FreeBSD.org>
+# under sponsorship from the FreeBSD Foundation.
+#
+# Makefile for CI testing.
+#
+# User-driven targets:
+# ci: Run CI tests. Currently only smoke tests are supported.
+# ci-smokeit: Currently same as ci.
+#
+# Variables affecting the build process:
+# TARGET/TARGET_ARCH: architecture of built release (default: same as build host)
+# KERNELCONF: kernel configuration to use
+# USE_QEMU: Use QEMU for testing rather than bhyve
+#
+
+WORLDDIR?= ${.CURDIR}/../..
+RELEASEDIR= ${WORLDDIR}/release
+MAKECONF?= /dev/null
+SRCCONF?= /dev/null
+_MEMORY!=sysctl -n hw.physmem 2>/dev/null
+PARALLEL_JOBS!=sysctl -n hw.ncpu 2>/dev/null || nproc 2>/dev/null
+TOTAL_MEMORY!=expr ${_MEMORY} / 1073741824
+KERNCONF?= GENERIC
+LOCALBASE?= /usr/local
+
+.if !defined(TARGET) || empty(TARGET)
+TARGET= ${MACHINE}
+.endif
+.if !defined(TARGET_ARCH) || empty(TARGET_ARCH)
+.if ${TARGET} == ${MACHINE}
+TARGET_ARCH= ${MACHINE_ARCH}
+.else
+TARGET_ARCH= ${TARGET}
+.endif
+.endif
+IMAKE= ${MAKE} TARGET=${TARGET} TARGET_ARCH=${TARGET_ARCH}
+
+.if defined(CROSS_TOOLCHAIN) || !empty(CROSS_TOOLCHAIN)
+CROSS_TOOLCHAIN_PARAM= "CROSS_TOOLCHAIN=${CROSS_TOOLCHAIN}"
+.endif
+
+# Define OSRELEASE by using newvers.sh
+.if !defined(OSRELEASE) || empty(OSRELEASE)
+.for _V in TYPE BRANCH REVISION
+. if !defined(${_V}) || empty(${_V})
+${_V}!= eval $$(awk '/^${_V}=/{print}' ${.CURDIR}/../../sys/conf/newvers.sh); echo $$${_V}
+. endif
+.endfor
+.for _V in ${TARGET_ARCH}
+.if !empty(TARGET:M${_V})
+OSRELEASE= ${TYPE}-${REVISION}-${BRANCH}-${TARGET}
+VOLUME_LABEL= ${REVISION:C/[.-]/_/g}_${BRANCH:C/[.-]/_/g}_${TARGET}
+.else
+OSRELEASE= ${TYPE}-${REVISION}-${BRANCH}-${TARGET}-${TARGET_ARCH}
+VOLUME_LABEL= ${REVISION:C/[.-]/_/g}_${BRANCH:C/[.-]/_/g}_${TARGET_ARCH}
+.endif
+.endfor
+.endif
+
+.if exists(${.CURDIR}/tools/ci.conf) && !defined(CICONF)
+CICONF?= ${.CURDIR}/tools/ci.conf
+.endif
+SWAPSIZE?= 1g
+VMFS?= ufs
+FORMAT= raw
+CIIMAGE= ci-${OSRELEASE}-${GITREV}-${KERNCONF}.${FORMAT}
+VMSIZE?= 6g
+CITYPE?=
+TEST_VM_NAME= ci-${OSRELEASE}-${GITREV}-${KERNCONF}
+.if ${TOTAL_MEMORY} >= 16
+VM_MEM!=expr ${TOTAL_MEMORY} / 2
+.elif ${TOTAL_MEMORY} >=4
+VM_MEM=${TOTAL_MEMORY}
+.else
+echo "Please increase the memory to at least 4GB"
+exit 0
+.endif
+VM_MEM_SIZE?=${VM_MEM}g
+TIMEOUT_MS?=5400000
+TIMEOUT=$$((${TIMEOUT_MS} / 1000))
+TIMEOUT_EXPECT=$$((${TIMEOUT} - 60))
+TIMEOUT_VM=$$((${TIMEOUT_EXPECT} - 120))
+.if exists(${.CURDIR}/Makefile.${TARGET_ARCH})
+. include "${.CURDIR}/Makefile.${TARGET_ARCH}"
+.endif
+.if ${TARGET_ARCH} != ${MACHINE_ARCH}
+.if ( ${TARGET_ARCH} != "i386" ) || ( ${MACHINE_ARCH} != "amd64" )
+QEMUSTATIC=/usr/local/bin/qemu-${QEMU_ARCH}-static
+QEMUTGT=portinstall-qemu
+.endif
+.endif
+QEMUTGT?=
+QEMU_DEVICES?=-device virtio-blk,drive=hd0
+QEMU_EXTRA_PARAM?=
+QEMU_MACHINE?=virt
+QEMUBIN=/usr/local/bin/qemu-system-${QEMU_ARCH}
+.if ${PARALLEL_JOBS} >= ${QEMU_MAX_CPU_COUNT}
+QEMU_CPU_COUNT=${QEMU_MAX_CPU_COUNT}
+.else
+QEMU_CPU_COUNT=${PARALLEL_JOBS}
+.endif
+.if ${VM_MEM} >= ${QEMU_MAX_MEM_SIZE}
+VM_MEM_SIZE=${QEMU_MAX_MEM_SIZE}g
+.else
+VM_MEM_SIZE=${VM_MEM}g
+.endif
+KLDVMMISLOADED!=kldload -q -n vmm 2>/dev/null && echo "1" || echo "0"
+.if ${KLDVMMISLOADED} == "0"
+USE_QEMU?=1
+.endif
+KLDFILEMONISLOADED!=kldload -q -n filemon 2>/dev/null && echo "1" || echo "0"
+.if ${KLDFILEMONISLOADED} == "1"
+METAMODE?=-DWITH_META_MODE
+.endif
+
+CLEANFILES= ${CIIMAGE} ci.img
+CLEANDIRS= ci-buildimage
+
+portinstall: portinstall-pkg portinstall-qemu portinstall-expect portinstall-${TARGET_ARCH:tl} .PHONY
+
+portinstall-pkg: .PHONY
+.if !exists(/usr/local/sbin/pkg-static)
+ env ASSUME_ALWAYS_YES=yes pkg bootstrap
+.endif
+
+portinstall-qemu: portinstall-pkg .PHONY
+.if !exists(/usr/local/bin/qemu-${TARGET_ARCH}-static)
+ env ASSUME_ALWAYS_YES=yes pkg install emulators/qemu-user-static
+.endif
+.if !exists(/usr/local/bin/qemu-system-${QEMU_ARCH})
+ env ASSUME_ALWAYS_YES=yes pkg install emulators/qemu@nox11
+.endif
+
+portinstall-expect: portinstall-pkg .PHONY
+.if !exists(/usr/local/bin/expect)
+ env ASSUME_ALWAYS_YES=yes pkg install lang/expect
+.endif
+
+beforeclean: .PHONY
+ chflags -R noschg .
+
+.include <bsd.obj.mk>
+clean: beforeclean .PHONY
+
+ci-buildworld: .PHONY
+ ${IMAKE} -j${PARALLEL_JOBS} -C ${WORLDDIR} ${METAMODE} ${CROSS_TOOLCHAIN_PARAM} __MAKE_CONF=${MAKECONF} SRCCONF=${SRCCONF} buildworld
+
+ci-buildkernel: ci-buildworld-${TARGET_ARCH:tl} .PHONY
+ ${IMAKE} -j${PARALLEL_JOBS} -C ${WORLDDIR} ${METAMODE} ${CROSS_TOOLCHAIN_PARAM} __MAKE_CONF=${MAKECONF} SRCCONF=${SRCCONF} buildkernel
+
+ci-buildimage: ${QEMUTGT} ci-buildkernel-${TARGET_ARCH:tl} .PHONY
+ mkdir -p ${.OBJDIR}/${.TARGET}
+ env TARGET=${TARGET} TARGET_ARCH=${TARGET_ARCH} SWAPSIZE=${SWAPSIZE} \
+ QEMUSTATIC=${QEMUSTATIC} CITYPE=${CITYPE} \
+ ${RELEASEDIR}/scripts/mk-vmimage.sh \
+ -C ${RELEASEDIR}/tools/vmimage.subr -d ${.OBJDIR}/${.TARGET} -F ${VMFS} \
+ -i ${.OBJDIR}/ci.img -s ${VMSIZE} -f ${FORMAT} \
+ -S ${WORLDDIR} -o ${.OBJDIR}/${CIIMAGE} -c ${CICONF}
+ touch ${.TARGET}
+
+ci-setsmokevar: .PHONY
+CITYPE=smoke
+
+ci-runtest: ci-buildimage-${TARGET_ARCH:tl} portinstall .PHONY
+.if ${MACHINE} == "amd64" && ( ${TARGET_ARCH} == "amd64" || ${TARGET_ARCH} == "i386" ) && ( !defined(USE_QEMU) || empty(USE_QEMU) )
+ /usr/sbin/bhyvectl --vm=${TEST_VM_NAME} --destroy || true
+ /usr/sbin/bhyveload -c stdio -m ${VM_MEM_SIZE} -d ${CIIMAGE} ${TEST_VM_NAME}
+ expect -c "set timeout ${TIMEOUT_EXPECT}; \
+ spawn /usr/bin/timeout -k 60 ${TIMEOUT_VM} /usr/sbin/bhyve \
+ -c ${PARALLEL_JOBS} -m ${VM_MEM_SIZE} -A -H -P \
+ -s 0:0,hostbridge \
+ -s 1:0,lpc \
+ -s 2:0,virtio-blk,${CIIMAGE} \
+ -l com1,stdio \
+ ${TEST_VM_NAME}; \
+ expect { eof }"
+ /usr/sbin/bhyvectl --vm=${TEST_VM_NAME} --destroy
+.else
+ timeout -k 60 ${TIMEOUT_VM} ${QEMUBIN} \
+ -machine ${QEMU_MACHINE} \
+ -smp ${QEMU_CPU_COUNT} \
+ -m ${VM_MEM_SIZE} \
+ -nographic \
+ -no-reboot \
+ ${QEMU_EXTRA_PARAM} \
+ -drive if=none,file=${CIIMAGE},format=raw,id=hd0 \
+ ${QEMU_DEVICES}
+.endif
+
+ci-checktarget: .PHONY
+.if ${TARGET_ARCH} != "aarch64" && \
+ ${TARGET_ARCH} != "amd64" && \
+ ${TARGET_ARCH} != "armv7" && \
+ ${TARGET_ARCH} != "powerpc64" && \
+ ${TARGET_ARCH} != "powerpc64le" && \
+ ${TARGET_ARCH} != "riscv64"
+ @false
+.ERROR:
+ @echo "Error: ${TARGET_ARCH} is not supported on ${TYPE} ${REVISION} ${BRANCH}"
+.endif
+
+ci-smokeit: ci-setsmokevar ci-checktarget .WAIT ci-runtest-${TARGET_ARCH:tl} .PHONY
+
+ci: ci-smokeit .PHONY
+
+.include "${RELEASEDIR}/Makefile.inc1"
diff --git a/tests/ci/Makefile.aarch64 b/tests/ci/Makefile.aarch64
new file mode 100644
index 000000000000..9cbec6010a36
--- /dev/null
+++ b/tests/ci/Makefile.aarch64
@@ -0,0 +1,29 @@
+# SPDX-License-Identifier: BSD-2-Clause
+#
+# Copyright (c) 2024 The FreeBSD Foundation
+#
+# This software was developed by Cybermancer Infosec <bofh@FreeBSD.org>
+# under sponsorship from the FreeBSD Foundation.
+#
+# CI Makefile for aarch64.
+#
+QEMU_ARCH=aarch64
+QEMU_DEVICES=-device virtio-blk,drive=hd0 -device ahci,id=ahci
+QEMU_EXTRA_PARAM=-bios /usr/local/share/u-boot/u-boot-qemu-arm64/u-boot.bin -cpu cortex-a57
+QEMU_MAX_CPU_COUNT=64
+QEMU_MAX_MEM_SIZE=64
+
+portinstall-aarch64: portinstall-pkg .PHONY
+.if !exists(/usr/local/share/u-boot/u-boot-qemu-arm64/u-boot.bin)
+ env ASSUME_ALWAYS_YES=yes pkg install sysutils/u-boot-qemu-arm64
+.endif
+
+# NOTE: Nothing should be changed below this line unless explicitly required.
+
+ci-buildworld-aarch64: ci-buildworld .PHONY
+
+ci-buildkernel-aarch64: ci-buildkernel .PHONY
+
+ci-buildimage-aarch64: ci-buildimage .PHONY
+
+ci-runtest-aarch64: ci-runtest .PHONY
diff --git a/tests/ci/Makefile.amd64 b/tests/ci/Makefile.amd64
new file mode 100644
index 000000000000..2f71f3f8c371
--- /dev/null
+++ b/tests/ci/Makefile.amd64
@@ -0,0 +1,26 @@
+# SPDX-License-Identifier: BSD-2-Clause
+#
+# Copyright (c) 2024 The FreeBSD Foundation
+#
+# This software was developed by Cybermancer Infosec <bofh@FreeBSD.org>
+# under sponsorship from the FreeBSD Foundation.
+#
+# CI Makefile for amd64.
+#
+QEMU_ARCH=x86_64
+QEMU_MACHINE=q35
+QEMU_MAX_CPU_COUNT=256
+QEMU_MAX_MEM_SIZE=128
+
+portinstall-amd64: portinstall-pkg .PHONY
+ @true
+
+# NOTE: Nothing should be changed below this line unless explicitly required.
+
+ci-buildworld-amd64: ci-buildworld .PHONY
+
+ci-buildkernel-amd64: ci-buildkernel .PHONY
+
+ci-buildimage-amd64: ci-buildimage .PHONY
+
+ci-runtest-amd64: ci-runtest .PHONY
diff --git a/tests/ci/Makefile.armv7 b/tests/ci/Makefile.armv7
new file mode 100644
index 000000000000..21ee6b387b05
--- /dev/null
+++ b/tests/ci/Makefile.armv7
@@ -0,0 +1,29 @@
+# SPDX-License-Identifier: BSD-2-Clause
+#
+# Copyright (c) 2024 The FreeBSD Foundation
+#
+# This software was developed by Cybermancer Infosec <bofh@FreeBSD.org>
+# under sponsorship from the FreeBSD Foundation.
+#
+# CI Makefile for armv7.
+#
+QEMU_ARCH=arm
+QEMU_DEVICES=-device virtio-blk,drive=hd0 -device ahci,id=ahci
+QEMU_EXTRA_PARAM=-bios /usr/local/share/u-boot/u-boot-qemu-arm/u-boot.bin
+QEMU_MAX_CPU_COUNT=1
+QEMU_MAX_MEM_SIZE=3
+
+portinstall-armv7: portinstall-pkg .PHONY
+.if !exists(/usr/local/share/u-boot/u-boot-qemu-arm/u-boot.bin)
+ env ASSUME_ALWAYS_YES=yes pkg install sysutils/u-boot-qemu-arm
+.endif
+
+# NOTE: Nothing should be changed below this line unless explicitly required.
+
+ci-buildworld-armv7: ci-buildworld .PHONY
+
+ci-buildkernel-armv7: ci-buildkernel .PHONY
+
+ci-buildimage-armv7: ci-buildimage .PHONY
+
+ci-runtest-armv7: ci-runtest .PHONY
diff --git a/tests/ci/Makefile.powerpc64 b/tests/ci/Makefile.powerpc64
new file mode 100644
index 000000000000..26712b45f30b
--- /dev/null
+++ b/tests/ci/Makefile.powerpc64
@@ -0,0 +1,28 @@
+# SPDX-License-Identifier: BSD-2-Clause
+#
+# Copyright (c) 2024 The FreeBSD Foundation
+#
+# This software was developed by Cybermancer Infosec <bofh@FreeBSD.org>
+# under sponsorship from the FreeBSD Foundation.
+#
+# CI Makefile for powerpc64.
+#
+QEMU_ARCH=ppc64
+QEMU_DEVICES=-device virtio-blk,drive=hd0
+QEMU_EXTRA_PARAM=-vga none -accel tcg,thread=multi
+QEMU_MACHINE=pseries,cap-hpt-max-page-size=16M
+QEMU_MAX_CPU_COUNT=1
+QEMU_MAX_MEM_SIZE=64
+
+portinstall-powerpc64: portinstall-pkg .PHONY
+ @true
+
+# NOTE: Nothing should be changed below this line unless explicitly required.
+
+ci-buildworld-powerpc64: ci-buildworld .PHONY
+
+ci-buildkernel-powerpc64: ci-buildkernel .PHONY
+
+ci-buildimage-powerpc64: ci-buildimage .PHONY
+
+ci-runtest-powerpc64: ci-runtest .PHONY
diff --git a/tests/ci/Makefile.powerpc64le b/tests/ci/Makefile.powerpc64le
new file mode 100644
index 000000000000..974ab04b8eed
--- /dev/null
+++ b/tests/ci/Makefile.powerpc64le
@@ -0,0 +1,28 @@
+# SPDX-License-Identifier: BSD-2-Clause
+#
+# Copyright (c) 2024 The FreeBSD Foundation
+#
+# This software was developed by Cybermancer Infosec <bofh@FreeBSD.org>
+# under sponsorship from the FreeBSD Foundation.
+#
+# CI Makefile for powerpc64le.
+#
+QEMU_ARCH=ppc64
+QEMU_DEVICES=-device virtio-blk,drive=hd0
+QEMU_EXTRA_PARAM=-vga none -accel tcg,thread=multi
+QEMU_MACHINE=pseries,cap-hpt-max-page-size=16M
+QEMU_MAX_CPU_COUNT=1
+QEMU_MAX_MEM_SIZE=64
+
+portinstall-powerpc64le: portinstall-pkg .PHONY
+ @true
+
+# NOTE: Nothing should be changed below this line unless explicitly required.
+
+ci-buildworld-powerpc64le: ci-buildworld .PHONY
+
+ci-buildkernel-powerpc64le: ci-buildkernel .PHONY
+
+ci-buildimage-powerpc64le: ci-buildimage .PHONY
+
+ci-runtest-powerpc64le: ci-runtest .PHONY
diff --git a/tests/ci/Makefile.riscv64 b/tests/ci/Makefile.riscv64
new file mode 100644
index 000000000000..749df3f0b369
--- /dev/null
+++ b/tests/ci/Makefile.riscv64
@@ -0,0 +1,32 @@
+# SPDX-License-Identifier: BSD-2-Clause
+#
+# Copyright (c) 2024 The FreeBSD Foundation
+#
+# This software was developed by Cybermancer Infosec <bofh@FreeBSD.org>
+# under sponsorship from the FreeBSD Foundation.
+#
+# CI Makefile for riscv64.
+#
+QEMU_ARCH=riscv64
+QEMU_DEVICES=-device virtio-blk-device,drive=hd0
+QEMU_EXTRA_PARAM=-bios /usr/local/share/opensbi/lp64/generic/firmware/fw_jump.elf -kernel /usr/local/share/u-boot/u-boot-qemu-riscv64/u-boot.bin
+QEMU_MAX_CPU_COUNT=16
+QEMU_MAX_MEM_SIZE=64
+
+portinstall-riscv64: portinstall-pkg .PHONY
+.if !exists(/usr/local/share/opensbi/lp64/generic/firmware/fw_jump.elf)
+ env ASSUME_ALWAYS_YES=yes pkg install sysutils/opensbi
+.endif
+.if !exists(/usr/local/share/u-boot/u-boot-qemu-riscv64/u-boot.bin)
+ env ASSUME_ALWAYS_YES=yes pkg install sysutils/u-boot-qemu-riscv64
+.endif
+
+# NOTE: Nothing should be changed below this line unless explicitly required.
+
+ci-buildworld-riscv64: ci-buildworld .PHONY
+
+ci-buildkernel-riscv64: ci-buildkernel .PHONY
+
+ci-buildimage-riscv64: ci-buildimage .PHONY
+
+ci-runtest-riscv64: ci-runtest .PHONY
diff --git a/tests/ci/tools/ci.conf b/tests/ci/tools/ci.conf
new file mode 100644
index 000000000000..47001d6248c6
--- /dev/null
+++ b/tests/ci/tools/ci.conf
@@ -0,0 +1,96 @@
+#!/bin/sh
+#
+# SPDX-License-Identifier: BSD-2-Clause
+#
+# Copyright (c) 2024 The FreeBSD Foundation
+#
+# This software was developed by Cybermancer Infosec <bofh@FreeBSD.org>
+# under sponsorship from the FreeBSD Foundation.
+#
+# Set to a list of third-party software to enable in rc.conf(5).
+export VM_RC_LIST="auditd freebsdci"
+
+if [ "${CITYPE}" != "smoke" ]; then
+export VM_EXTRA_PACKAGES="coreutils devel/py-pytest gdb jq ksh93 net/py-dpkt net/scapy nist-kat nmap perl5 python python3 sudo tcptestsuite"
+
+ if [ "${TARGET}" = "amd64" ]; then
+ export VM_EXTRA_PACKAGES="${VM_EXTRA_PACKAGES} linux-c7-ltp"
+ fi
+fi
+
+vm_extra_pre_umount() {
+cat << EOF >> ${DESTDIR}/boot/loader.conf
+autoboot_delay=1
+beastie_disable="YES"
+loader_logo="none"
+console="comconsole,vidconsole"
+net.fibs=3
+net.inet.ip.fw.default_to_accept=1
+mac_bsdextended_load="YES"
+vfs.zfs.arc_max=4294967296
+kern.vty=sc
+EOF
+cat << EOF >> ${DESTDIR}/etc/kyua/kyua.conf
+test_suites.FreeBSD.ci = 'true'
+test_suites.FreeBSD.fibs = '1 2'
+test_suites.FreeBSD.allow_sysctl_side_effects = '1'
+test_suites.FreeBSD.cam_test_device = '/dev/ada0'
+test_suites.FreeBSD.disks = '/dev/vtbd2 /dev/vtbd3 /dev/vtbd4 /dev/vtbd5 /dev/vtbd6'
+EOF
+cat << EOF >> ${DESTDIR}/etc/rc.conf
+kld_list="" # Load modules needed by tests
+kld_list="${kld_list} blake2" # sys/opencrypto
+kld_list="${kld_list} cryptodev" # sys/opencrypto
+kld_list="${kld_list} fusefs" # sys/fs/fusefs
+kld_list="${kld_list} ipsec" # sys/netipsec
+kld_list="${kld_list} mac_portacl" # sys/mac/portacl
+kld_list="${kld_list} mqueuefs" # sys/kern/mqueue_test
+kld_list="${kld_list} pfsync" # sys/netpfil/pf (loads pf)
+kld_list="${kld_list} pflog" # sys/netpfil/pf
+kld_list="${kld_list} ipl" # sys/sbin/ipf (loads ipfilter)
+kld_list="${kld_list} ipfw" # sys/netpfil/ipfw (loads ipfw)
+kld_list="${kld_list} ipfw_nat" # sys/netpfil/ipfw (loads ipfw_nat)
+kld_list="${kld_list} ipdivert" # sys/netinet (loads ipdivert)
+kld_list="${kld_list} dummynet" # sys/netpfil/common
+kld_list="${kld_list} carp" # sys/netinet/carp
+kld_list="${kld_list} if_stf" # sys/net/if_stf
+background_fsck="NO"
+sendmail_enable="NONE"
+cron_enable="NO"
+syslogd_enable="NO"
+newsyslog_enable="NO"
+EOF
+if [ "${CITYPE}" = "smoke" ]; then
+cat << EOF >> ${DESTDIR}/etc/rc.conf
+freebsdci_type="smoke"
+EOF
+fi
+cat << EOF >> ${DESTDIR}/etc/sysctl.conf
+kern.cryptodevallowsoft=1
+kern.ipc.tls.enable=1
+net.add_addr_allfibs=0
+security.mac.bsdextended.enabled=0
+vfs.aio.enable_unsafe=1
+vfs.usermount=1
+EOF
+cat << EOF >> ${DESTDIR}/etc/fstab
+fdesc /dev/fd fdescfs rw 0 0
+EOF
+ mkdir -p ${DESTDIR}/usr/local/etc/rc.d
+ echo $scriptdir
+ cp -p ${scriptdir}/../../tests/ci/tools/freebsdci ${DESTDIR}/usr/local/etc/rc.d/
+ touch ${DESTDIR}/firstboot
+
+ return 0
+}
+
+vm_extra_pkg_rmcache() {
+ if [ -e ${DESTDIR}/usr/local/sbin/pkg ]; then
+ mount -t devfs devfs ${DESTDIR}/dev
+ chroot ${DESTDIR} ${EMULATOR} env ASSUME_ALWAYS_YES=yes \
+ /usr/local/sbin/pkg clean -a
+ umount_loop ${DESTDIR}/dev
+ fi
+
+ return 0
+}
diff --git a/tests/ci/tools/freebsdci b/tests/ci/tools/freebsdci
new file mode 100755
index 000000000000..c77216c9fd4d
--- /dev/null
+++ b/tests/ci/tools/freebsdci
@@ -0,0 +1,90 @@
+#!/bin/sh
+#
+# SPDX-License-Identifier: BSD-2-Clause
+#
+# Copyright (c) 2024 The FreeBSD Foundation
+#
+# This software was developed by Cybermancer Infosec <bofh@FreeBSD.org>
+# under sponsorship from the FreeBSD Foundation.
+#
+# PROVIDE: freebsdci
+# REQUIRE: LOGIN FILESYSTEMS
+# KEYWORD: firstboot
+
+# This script is used to run the firstboot CI tests on the first boot of a
+# FreeBSD image. It is automatically disabled after the first boot.
+#
+# The script will run the firstboot CI tests and then shut down the system.
+# The tests are run in the foreground so that the system can shut down
+# immediately after the tests are finished.
+#
+# Default test types are full and smoke. To run only the smoke tests, set
+# freebsdci_type="smoke" in /etc/rc.conf.local or /etc/rc.conf.
+# To run only the full tests, set freebsdci_type="full" in
+# /etc/rc.conf.local or /etc/rc.conf.
+
+. /etc/rc.subr
+
+: ${freebsdci_enable:="NO"}
+
+name="freebsdci"
+desc="Run FreeBSD CI"
+rcvar=freebsdci_enable
+start_cmd="firstboot_ci_run"
+stop_cmd=":"
+os_arch=$(uname -p)
+
+auto_shutdown()
+{
+ # XXX: Currently RISC-V kernels lack the ability to
+ # make qemu exit on shutdown. Reboot instead;
+ # it makes qemu exit too.
+ case "$os_arch" in
+ riscv64)
+ shutdown -r now
+ ;;
+ *)
+ shutdown -p now
+ ;;
+ esac
+}
+
+smoke_tests()
+{
+ echo
+ echo "--------------------------------------------------------------"
+ echo "BUILD sequence COMPLETED"
+ echo "IMAGE sequence COMPLETED"
+ echo "BOOT sequence COMPLETED"
+ echo "INITIATING system SHUTDOWN"
+ echo "--------------------------------------------------------------"
+}
+
+full_tests()
+{
+ # Currently this is a placeholder.
+ # This will be used to add the full tests scenario those are run in
+ # the CI system
+ echo
+ echo "--------------------------------------------------------------"
+ echo "BUILD sequence COMPLETED"
+ echo "IMAGE sequence COMPLETED"
+ echo "BOOT sequence COMPLETED"
+ echo "TEST sequence STARTED"
+ echo "TEST sequence COMPLETED"
+ echo "INITIATING system SHUTDOWN"
+ echo "--------------------------------------------------------------"
+}
+
+firstboot_ci_run()
+{
+ if [ "$freebsdci_type" = "smoke" ]; then
+ smoke_tests
+ elif [ "$freebsdci_type" = "full" ]; then
+ full_tests
+ fi
+ auto_shutdown
+}
+
+load_rc_config $name
+run_rc_command "$1"