Skip to content

Commit bbb092e

Browse files
ci: arm64 runner for test workflow
The commit refactors test workflow to use an ephemeral GitHub self-hosted runner for the ARM64 architecture. Signed-off-by: viktor-kurchenko <[email protected]>
1 parent 56534e7 commit bbb092e

File tree

1 file changed

+146
-4
lines changed

1 file changed

+146
-4
lines changed

.github/workflows/test.yml

Lines changed: 146 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -6,10 +6,29 @@ on:
66
pull_request:
77
branches: [ main ]
88

9+
permissions:
10+
contents: read
11+
# To be able to request the JWT from GitHub's OIDC provider
12+
id-token: write
13+
14+
env:
15+
arm64-runner-state-bucket: cilium-pwru-runner
16+
arm64-runner-state-region: us-east-2
17+
arm64-runner-region: us-east-2
18+
arm64-runner-zone: us-east-2b
19+
arm64-runner-role-arn: arn:aws:iam::478566851380:role/CuTE_CIAccessRole
20+
arm64-runner-infra-dir: infra/arm64-runner
21+
arm64-runner-ec2-type: c6g.metal # 64 vCPU x 128 GB
22+
arm64-runner-ec2-ami: ami-0ae6f07ad3a8ef182
23+
arm64-runner-group: cilium-pwru-runners
24+
arm64-runner-label: cilium-pwru-runners-arm64-${{ github.run_id }}
25+
arm64-runner-count: 7
26+
927
jobs:
1028

1129
build:
1230
runs-on: ubuntu-latest
31+
name: Build
1332
steps:
1433
- uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
1534

@@ -47,18 +66,83 @@ jobs:
4766
name: test-app
4867
path: test-app/test-app
4968

50-
test:
69+
arm64-runner-provision:
70+
needs: [build]
5171
runs-on: ubuntu-latest
72+
name: Provision ARM64 runner
73+
timeout-minutes: 30
74+
steps:
75+
- name: Checkout Git Repo
76+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
77+
with:
78+
persist-credentials: false
79+
80+
- name: Provision ARM64 runner
81+
uses: ./.github/actions/arm64-runner
82+
with:
83+
state-bucket: ${{ env.arm64-runner-state-bucket }}
84+
state-region: ${{ env.arm64-runner-state-region }}
85+
role-arn: ${{ env.arm64-runner-role-arn }}
86+
region: ${{ env.arm64-runner-region }}
87+
zone: ${{ env.arm64-runner-zone }}
88+
infra-dir: ${{ env.arm64-runner-infra-dir }}
89+
action: apply
90+
ec2-type: ${{ env.arm64-runner-ec2-type }}
91+
ec2-ami: ${{ env.arm64-runner-ec2-ami }}
92+
label: ${{ env.arm64-runner-label }}
93+
gh-org: ${{ github.repository_owner }}
94+
gh-app-id: ${{ secrets.ARM64_RUNNER_GH_APP_ID }}
95+
gh-app-install-id: ${{ secrets.ARM64_RUNNER_GH_APP_INSTALL_ID }}
96+
gh-app-pem: ${{ secrets.ARM64_RUNNER_GH_APP_PRIVATE_KEY }}
97+
gh-runners-group: ${{ env.arm64-runner-group }}
98+
gh-runners-count: ${{ env.arm64-runner-count }}
99+
ssh-private-key: ${{ secrets.ARM64_RUNNER_SSH_PRIVATE_KEY }}
100+
ssh-public-key: ${{ secrets.ARM64_RUNNER_SSH_PUBLIC_KEY }}
101+
102+
test:
52103
name: Test
53-
needs: build
104+
needs: [build, arm64-runner-provision]
54105
strategy:
55106
fail-fast: false
56107
matrix:
108+
os: ['ubuntu-latest', 'cilium-pwru-runners-arm64-${{ github.run_id }}']
57109
kernel: [ '5.4-20241218.004849', '5.10-20241218.004849', '5.15-20241218.004849', '6.1-20241218.004849', '6.6-20241218.004849', '6.12-20241218.004849', 'bpf-next-20250105.013256' ]
58-
timeout-minutes: 10
110+
timeout-minutes: 30
111+
runs-on: cilium-pwru-runners-arm64-${{ github.run_id }}
59112
steps:
60113
- uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
61114

115+
- name: Set up job variables
116+
id: vars
117+
run: |
118+
if [[ "${{ matrix.os }}" == "cilium-pwru-runners-arm64-${{ github.run_id }}" ]]
119+
then
120+
# this is racy but it should be fine
121+
ssh_port=$(python3 -c 'import socket; s=socket.socket(); s.bind(("", 0)); print(s.getsockname()[1]); s.close()')
122+
echo metal_arm64=true >> $GITHUB_OUTPUT
123+
echo lvh_install_deps=false >> $GITHUB_OUTPUT
124+
echo ssh_port=$ssh_port >> $GITHUB_OUTPUT
125+
echo shared_folder="/home/runners" >> $GITHUB_OUTPUT
126+
else
127+
echo metal_arm64=false >> $GITHUB_OUTPUT
128+
echo lvh_install_deps=true >> $GITHUB_OUTPUT
129+
echo ssh_port=2222 >> $GITHUB_OUTPUT
130+
echo shared_folder="" >> $GITHUB_OUTPUT
131+
fi
132+
133+
- name: Install GO
134+
if: steps.vars.outputs.metal_arm64 == 'true'
135+
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
136+
with:
137+
go-version: '1.23.2'
138+
139+
- name: Install LVH CLI
140+
if: steps.vars.outputs.metal_arm64 == 'true'
141+
run: |
142+
go install github.com/cilium/little-vm-helper/cmd/lvh@latest
143+
# Move it into /bin folder, so that LVH action can detect it further
144+
sudo mv $(which lvh) /bin/lvh
145+
62146
- name: Retrieve stored pwru executable
63147
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e
64148
with:
@@ -88,17 +172,41 @@ jobs:
88172
89173
echo "vsn=${major}${minor}" >> "$GITHUB_OUTPUT"
90174
175+
- name: Download the kernel
176+
if: steps.vars.outputs.metal_arm64 == 'true'
177+
run: |
178+
if [ ! -e "${{ steps.vars.outputs.shared_folder }}/vmlinuz-${{ matrix.kernel }}" ]; then
179+
lvh kernel pull ${{ matrix.kernel }}
180+
mkdir -p ${{ steps.vars.outputs.shared_folder }}
181+
mv ${{ matrix.kernel }}/boot/vmlinuz* ${{ steps.vars.outputs.shared_folder }}/vmlinuz-${{ matrix.kernel }}
182+
rm -rf ${{ matrix.kernel }}
183+
fi
184+
91185
- name: Provision LVH VMs
92186
uses: cilium/little-vm-helper@e87948476ca97050b1f149ab2aec379d0de19b84 # v0.0.23
93187
with:
188+
install-dependencies: ${{ steps.vars.outputs.lvh_install_deps }}
189+
images-folder-parent: ${{ steps.vars.outputs.shared_folder }}
190+
ssh-port: ${{ steps.vars.outputs.ssh_port }}
191+
mem: 4G
192+
cpu: 2
94193
test-name: pwru-test
95194
image-version: ${{ matrix.kernel }}
96195
host-mount: ./
97-
install-dependencies: 'true'
98196
cmd: |
99197
chmod +x /host/pwru/pwru
100198
chmod +x /host/test-app/test-app
101199
200+
# wait for network to be available
201+
while true;
202+
do
203+
wget --spider -q -T 10 http://google.com && break
204+
sleep 10
205+
done
206+
207+
# restart ssh server
208+
service ssh restart
209+
102210
- name: Test basic IPv4
103211
uses: ./.github/actions/pwru-test
104212
with:
@@ -233,3 +341,37 @@ jobs:
233341
echo "--- \$i ---"
234342
cat \$i || true
235343
done
344+
345+
arm64-runner-destroy:
346+
needs: [arm64-runner-provision, test]
347+
if: always() && needs.arm64-runner-provision.result != 'skipped'
348+
runs-on: ubuntu-latest
349+
name: Destroy ARM64 runner
350+
timeout-minutes: 60
351+
steps:
352+
- name: Checkout Git Repo
353+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
354+
with:
355+
persist-credentials: false
356+
357+
- name: Destroy ARM64 runner
358+
uses: ./.github/actions/arm64-runner
359+
with:
360+
state-bucket: ${{ env.arm64-runner-state-bucket }}
361+
state-region: ${{ env.arm64-runner-state-region }}
362+
role-arn: ${{ env.arm64-runner-role-arn }}
363+
region: ${{ env.arm64-runner-region }}
364+
zone: ${{ env.arm64-runner-zone }}
365+
infra-dir: ${{ env.arm64-runner-infra-dir }}
366+
action: destroy
367+
ec2-type: ${{ env.arm64-runner-ec2-type }}
368+
ec2-ami: ${{ env.arm64-runner-ec2-ami }}
369+
label: ${{ env.arm64-runner-label }}
370+
gh-org: ${{ github.repository_owner }}
371+
gh-app-id: ${{ secrets.ARM64_RUNNER_GH_APP_ID }}
372+
gh-app-install-id: ${{ secrets.ARM64_RUNNER_GH_APP_INSTALL_ID }}
373+
gh-app-pem: ${{ secrets.ARM64_RUNNER_GH_APP_PRIVATE_KEY }}
374+
gh-runners-group: ${{ env.arm64-runner-group }}
375+
gh-runners-count: ${{ env.arm64-runner-count }}
376+
ssh-private-key: ${{ secrets.ARM64_RUNNER_SSH_PRIVATE_KEY }}
377+
ssh-public-key: ${{ secrets.ARM64_RUNNER_SSH_PUBLIC_KEY }}

0 commit comments

Comments
 (0)