-
Notifications
You must be signed in to change notification settings - Fork 351
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add M1 pipeline on Buildkite #672
base: master
Are you sure you want to change the base?
Conversation
af26a60
to
c3d1cba
Compare
Looks good from my end @igor-makarov! Since this adds support for testing on the M1, is there any reason to not introduce these changes in the branch that aims to make this repo support M1? It might make more sense than merging this into master and expecting that most branches will fail for now.. if its introduced along with #669 then this would get merged and from there on you would expect PR's to be green for M1. |
@dcvz The idea behind it is having small, granular PRs and separating concerns between them. #669 is motivated by Apple Silicon - but isn't directly scoped to it, as the HTTP2 client replacement happens for all architectures. Additionally, having the pipeline fail on M1 right now provides us with more certainty that #669 actually resolves the problem. |
c7285b6
to
8b6961a
Compare
I'm not sure of the default settings, but we might want to make sure that these builds won't run on forked PRs. Buildkite's security model (mixed with us running these directly on the host), means we can't safely allow 3rd party jobs to run without at least some manual verification. The issues mostly being:
|
@endocrimes thanks for the input! the BK settings are already not building 3rd party forks (recommended already by BK). I also found this issue on BuildKite for a feature to support this need, but no activity there 😢 @igor-makarov does this repo make use of a bot? Apart from manually triggering builds for 3rd party PR's, one way would be to ask a bot via a comment from an org member to trigger a CI run on a particular fork. This would allow a maintainer to only trigger a build after review, where no malicious code has been detected. although perhaps that's overkill for just getting an M1 testing environment... :( EDIT: |
@dcvz There's no bot running on the M1 - I think the bot credentials are a secret kept in GH Actions only. |
@dcvz @endocrimes I've tried running an M1 pipeline manually on a PR commit and it ran. I think in most PRs we won't need it and if we do, we'll be able to invoke it (albeit in a complicated way). |
5506d26
to
d939af2
Compare
@endocrimes @dcvz @jasl I ended up disabling M1 runs for now as they keep running on all PRs (and failing). We should enable it once #669 is merged as @dcvz suggested. |
d939af2
to
eb5660f
Compare
Update: Buildkite have approved our free account. |
Following discussions in #669, @dcvz has volunteered a Buildkite agent running on an M1 Mac.
This PR adds the pipeline that runs tests on it (currently failing because of Typhoeus).
Things to figure out before merge:
vendor/bundle
to minimize interference.