[libcxx] Install runner last when building CI containers #148072
Conversation
Created using spr 1.3.4
llvmbot
added
the
libc++
|
This is a prereq of #148073. |
|
@llvm/pr-subscribers-libcxx Author: Aiden Grossman (boomanaiden154) ChangesThis patch changes when we install the GHA runner in the CI containers. Instead Full diff: https://github.com/llvm/llvm-project/pull/148072.diff 2 Files Affected:
diff --git a/libcxx/utils/ci/Dockerfile b/libcxx/utils/ci/Dockerfile
index 0a1985b02807b..316e9c7490991 100644
--- a/libcxx/utils/ci/Dockerfile
+++ b/libcxx/utils/ci/Dockerfile
@@ -312,5 +312,18 @@ CMD /opt/android/container-setup.sh && buildkite-agent start
#
FROM builder-base AS actions-builder
-WORKDIR /home/runner
-USER runner
+ARG GITHUB_RUNNER_VERSION
+
+RUN useradd gha -u 1001 -m -s /bin/bash
+RUN adduser gha sudo
+RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
+WORKDIR /home/gha
+USER gha
+
+ENV RUNNER_MANUALLY_TRAP_SIG=1
+ENV ACTIONS_RUNNER_PRINT_LOG_TO_STDOUT=1
+RUN mkdir actions-runner && \
+ cd actions-runner && \
+ curl -O -L https://github.com/actions/runner/releases/download/v$GITHUB_RUNNER_VERSION/actions-runner-linux-x64-$GITHUB_RUNNER_VERSION.tar.gz && \
+ tar xzf ./actions-runner-linux-x64-$GITHUB_RUNNER_VERSION.tar.gz && \
+ rm ./actions-runner-linux-x64-$GITHUB_RUNNER_VERSION.tar.gz
diff --git a/libcxx/utils/ci/docker-compose.yml b/libcxx/utils/ci/docker-compose.yml
index 2189a41555c2f..20536bc32fa65 100644
--- a/libcxx/utils/ci/docker-compose.yml
+++ b/libcxx/utils/ci/docker-compose.yml
@@ -10,7 +10,8 @@ services:
dockerfile: Dockerfile
target: actions-builder
args:
- BASE_IMAGE: ghcr.io/actions/actions-runner:2.326.0
+ BASE_IMAGE: ubuntu:jammy
+ GITHUB_RUNNER_VERSION: "2.326.0"
<<: *compiler_versions
android-buildkite-builder:
|
There was a problem hiding this comment.
Does ./libcxx/utils/ci/run-buildbot-container still work after this change? LGTM assuming it does.
Also, we'll need to test this change before we switch to this image: that can be done by building this image, associating it to the -next GH runner group inside llvm-zorg, and then creating a PR that changes our workflows to target the -next runners. Kinda complicated, but that's the simplest we have until we can specify an image directly inside the GH workflow file.
Yeah, this doesn't change the functionality of that script at all.
Yep. I'll look at getting that done at least once probably once #148073 (a review there would be helpful) lands so everything is set up to upgrade the runner binary without the rest of the container.
We're meeting with someone today to discuss kubernetes-sigs/apiserver-network-proxy#748, so we'll see what we can do. |
That will continue to work. It's the same container image with the same contents, just with a swapped build order. Although we might want to swap the script to use the base image after #148073 because running locally doesn't require the actions runner binary, but that's a minor optimization and it will work fine either way. |
This patch changes when we install the GHA runner in the CI containers. Instead of having it in the base image, we install it last. This will enable a follow up patch that will do some setup enabling building the full container image with an existing base image, thus enabling updating the GHA runner without modifying the important bits. Pull Request: llvm#148072
boomanaiden154
deleted the
users/boomanaiden154/libcxx-install-runner-last-when-building-ci-containers
branch
This patch changes when we install the GHA runner in the CI containers. Instead of having it in the base image, we install it last. This will enable a follow up patch that will do some setup enabling building the full container image with an existing base image, thus enabling updating the GHA runner without modifying the important bits. Reviewers: EricWF, ldionne Reviewed By: ldionne Pull Request: llvm/llvm-project#148072
This patch changes when we install the GHA runner in the CI containers. Instead of having it in the base image, we install it last. This will enable a follow up patch that will do some setup enabling building the full container image with an existing base image, thus enabling updating the GHA runner without modifying the important bits. Reviewers: EricWF, ldionne Reviewed By: ldionne Pull Request: #148072
This patch changes when we install the GHA runner in the CI containers. Instead
of having it in the base image, we install it last. This will enable a follow up
patch that will do some setup enabling building the full container image with an
existing base image, thus enabling updating the GHA runner without modifying the
important bits.