|
6 | 6 | pull_request:
|
7 | 7 | branches: [ main ]
|
8 | 8 |
|
| 9 | +permissions: |
| 10 | + contents: read |
| 11 | + # To be able to request the JWT from GitHub's OIDC provider |
| 12 | + id-token: write |
| 13 | + |
| 14 | +env: |
| 15 | + arm64-runner-state-bucket: cilium-pwru-runner |
| 16 | + arm64-runner-state-region: us-east-2 |
| 17 | + arm64-runner-region: us-east-2 |
| 18 | + arm64-runner-zone: us-east-2b |
| 19 | + arm64-runner-role-arn: arn:aws:iam::478566851380:role/CuTE_CIAccessRole |
| 20 | + arm64-runner-infra-dir: infra/arm64-runner |
| 21 | + arm64-runner-ec2-type: c6g.metal # 64 vCPU x 128 GB |
| 22 | + arm64-runner-ec2-ami: ami-0ae6f07ad3a8ef182 |
| 23 | + arm64-runner-group: cilium-pwru-runners |
| 24 | + arm64-runner-label: cilium-pwru-runners-arm64-${{ github.run_id }} |
| 25 | + arm64-runner-count: 7 |
| 26 | + |
9 | 27 | jobs:
|
10 | 28 |
|
11 | 29 | build:
|
12 | 30 | runs-on: ubuntu-latest
|
| 31 | + name: Build |
13 | 32 | steps:
|
14 | 33 | - uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
|
15 | 34 |
|
@@ -47,18 +66,83 @@ jobs:
|
47 | 66 | name: test-app
|
48 | 67 | path: test-app/test-app
|
49 | 68 |
|
50 |
| - test: |
| 69 | + arm64-runner-provision: |
| 70 | + needs: [build] |
51 | 71 | runs-on: ubuntu-latest
|
| 72 | + name: Provision ARM64 runner |
| 73 | + timeout-minutes: 30 |
| 74 | + steps: |
| 75 | + - name: Checkout Git Repo |
| 76 | + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 |
| 77 | + with: |
| 78 | + persist-credentials: false |
| 79 | + |
| 80 | + - name: Provision ARM64 runner |
| 81 | + uses: ./.github/actions/arm64-runner |
| 82 | + with: |
| 83 | + state-bucket: ${{ env.arm64-runner-state-bucket }} |
| 84 | + state-region: ${{ env.arm64-runner-state-region }} |
| 85 | + role-arn: ${{ env.arm64-runner-role-arn }} |
| 86 | + region: ${{ env.arm64-runner-region }} |
| 87 | + zone: ${{ env.arm64-runner-zone }} |
| 88 | + infra-dir: ${{ env.arm64-runner-infra-dir }} |
| 89 | + action: apply |
| 90 | + ec2-type: ${{ env.arm64-runner-ec2-type }} |
| 91 | + ec2-ami: ${{ env.arm64-runner-ec2-ami }} |
| 92 | + label: ${{ env.arm64-runner-label }} |
| 93 | + gh-org: ${{ github.repository_owner }} |
| 94 | + gh-app-id: ${{ secrets.ARM64_RUNNER_GH_APP_ID }} |
| 95 | + gh-app-install-id: ${{ secrets.ARM64_RUNNER_GH_APP_INSTALL_ID }} |
| 96 | + gh-app-pem: ${{ secrets.ARM64_RUNNER_GH_APP_PRIVATE_KEY }} |
| 97 | + gh-runners-group: ${{ env.arm64-runner-group }} |
| 98 | + gh-runners-count: ${{ env.arm64-runner-count }} |
| 99 | + ssh-private-key: ${{ secrets.ARM64_RUNNER_SSH_PRIVATE_KEY }} |
| 100 | + ssh-public-key: ${{ secrets.ARM64_RUNNER_SSH_PUBLIC_KEY }} |
| 101 | + |
| 102 | + test: |
52 | 103 | name: Test
|
53 |
| - needs: build |
| 104 | + needs: [build, arm64-runner-provision] |
54 | 105 | strategy:
|
55 | 106 | fail-fast: false
|
56 | 107 | matrix:
|
| 108 | + os: ['ubuntu-latest', 'cilium-pwru-runners-arm64-${{ github.run_id }}'] |
57 | 109 | kernel: [ '5.4-20241218.004849', '5.10-20241218.004849', '5.15-20241218.004849', '6.1-20241218.004849', '6.6-20241218.004849', '6.12-20241218.004849', 'bpf-next-20250105.013256' ]
|
58 |
| - timeout-minutes: 10 |
| 110 | + timeout-minutes: 30 |
| 111 | + runs-on: cilium-pwru-runners-arm64-${{ github.run_id }} |
59 | 112 | steps:
|
60 | 113 | - uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2
|
61 | 114 |
|
| 115 | + - name: Set up job variables |
| 116 | + id: vars |
| 117 | + run: | |
| 118 | + if [[ "${{ matrix.os }}" == "cilium-pwru-runners-arm64-${{ github.run_id }}" ]] |
| 119 | + then |
| 120 | + # this is racy but it should be fine |
| 121 | + ssh_port=$(python3 -c 'import socket; s=socket.socket(); s.bind(("", 0)); print(s.getsockname()[1]); s.close()') |
| 122 | + echo metal_arm64=true >> $GITHUB_OUTPUT |
| 123 | + echo lvh_install_deps=false >> $GITHUB_OUTPUT |
| 124 | + echo ssh_port=$ssh_port >> $GITHUB_OUTPUT |
| 125 | + echo shared_folder="/home/runners" >> $GITHUB_OUTPUT |
| 126 | + else |
| 127 | + echo metal_arm64=false >> $GITHUB_OUTPUT |
| 128 | + echo lvh_install_deps=true >> $GITHUB_OUTPUT |
| 129 | + echo ssh_port=2222 >> $GITHUB_OUTPUT |
| 130 | + echo shared_folder="" >> $GITHUB_OUTPUT |
| 131 | + fi |
| 132 | +
|
| 133 | + - name: Install GO |
| 134 | + if: steps.vars.outputs.metal_arm64 == 'true' |
| 135 | + uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0 |
| 136 | + with: |
| 137 | + go-version: '1.23.2' |
| 138 | + |
| 139 | + - name: Install LVH CLI |
| 140 | + if: steps.vars.outputs.metal_arm64 == 'true' |
| 141 | + run: | |
| 142 | + go install github.com/cilium/little-vm-helper/cmd/lvh@latest |
| 143 | + # Move it into /bin folder, so that LVH action can detect it further |
| 144 | + sudo mv $(which lvh) /bin/lvh |
| 145 | +
|
62 | 146 | - name: Retrieve stored pwru executable
|
63 | 147 | uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e
|
64 | 148 | with:
|
@@ -88,17 +172,41 @@ jobs:
|
88 | 172 |
|
89 | 173 | echo "vsn=${major}${minor}" >> "$GITHUB_OUTPUT"
|
90 | 174 |
|
| 175 | + - name: Download the kernel |
| 176 | + if: steps.vars.outputs.metal_arm64 == 'true' |
| 177 | + run: | |
| 178 | + if [ ! -e "${{ steps.vars.outputs.shared_folder }}/vmlinuz-${{ matrix.kernel }}" ]; then |
| 179 | + lvh kernel pull ${{ matrix.kernel }} |
| 180 | + mkdir -p ${{ steps.vars.outputs.shared_folder }} |
| 181 | + mv ${{ matrix.kernel }}/boot/vmlinuz* ${{ steps.vars.outputs.shared_folder }}/vmlinuz-${{ matrix.kernel }} |
| 182 | + rm -rf ${{ matrix.kernel }} |
| 183 | + fi |
| 184 | +
|
91 | 185 | - name: Provision LVH VMs
|
92 | 186 | uses: cilium/little-vm-helper@e87948476ca97050b1f149ab2aec379d0de19b84 # v0.0.23
|
93 | 187 | with:
|
| 188 | + install-dependencies: ${{ steps.vars.outputs.lvh_install_deps }} |
| 189 | + images-folder-parent: ${{ steps.vars.outputs.shared_folder }} |
| 190 | + ssh-port: ${{ steps.vars.outputs.ssh_port }} |
| 191 | + mem: 4G |
| 192 | + cpu: 2 |
94 | 193 | test-name: pwru-test
|
95 | 194 | image-version: ${{ matrix.kernel }}
|
96 | 195 | host-mount: ./
|
97 |
| - install-dependencies: 'true' |
98 | 196 | cmd: |
|
99 | 197 | chmod +x /host/pwru/pwru
|
100 | 198 | chmod +x /host/test-app/test-app
|
101 | 199 |
|
| 200 | + # wait for network to be available |
| 201 | + while true; |
| 202 | + do |
| 203 | + wget --spider -q -T 10 http://google.com && break |
| 204 | + sleep 10 |
| 205 | + done |
| 206 | +
|
| 207 | + # restart ssh server |
| 208 | + service ssh restart |
| 209 | +
|
102 | 210 | - name: Test basic IPv4
|
103 | 211 | uses: ./.github/actions/pwru-test
|
104 | 212 | with:
|
@@ -233,3 +341,37 @@ jobs:
|
233 | 341 | echo "--- \$i ---"
|
234 | 342 | cat \$i || true
|
235 | 343 | done
|
| 344 | +
|
| 345 | + arm64-runner-destroy: |
| 346 | + needs: [arm64-runner-provision, test] |
| 347 | + if: always() && needs.arm64-runner-provision.result != 'skipped' |
| 348 | + runs-on: ubuntu-latest |
| 349 | + name: Destroy ARM64 runner |
| 350 | + timeout-minutes: 60 |
| 351 | + steps: |
| 352 | + - name: Checkout Git Repo |
| 353 | + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 |
| 354 | + with: |
| 355 | + persist-credentials: false |
| 356 | + |
| 357 | + - name: Destroy ARM64 runner |
| 358 | + uses: ./.github/actions/arm64-runner |
| 359 | + with: |
| 360 | + state-bucket: ${{ env.arm64-runner-state-bucket }} |
| 361 | + state-region: ${{ env.arm64-runner-state-region }} |
| 362 | + role-arn: ${{ env.arm64-runner-role-arn }} |
| 363 | + region: ${{ env.arm64-runner-region }} |
| 364 | + zone: ${{ env.arm64-runner-zone }} |
| 365 | + infra-dir: ${{ env.arm64-runner-infra-dir }} |
| 366 | + action: destroy |
| 367 | + ec2-type: ${{ env.arm64-runner-ec2-type }} |
| 368 | + ec2-ami: ${{ env.arm64-runner-ec2-ami }} |
| 369 | + label: ${{ env.arm64-runner-label }} |
| 370 | + gh-org: ${{ github.repository_owner }} |
| 371 | + gh-app-id: ${{ secrets.ARM64_RUNNER_GH_APP_ID }} |
| 372 | + gh-app-install-id: ${{ secrets.ARM64_RUNNER_GH_APP_INSTALL_ID }} |
| 373 | + gh-app-pem: ${{ secrets.ARM64_RUNNER_GH_APP_PRIVATE_KEY }} |
| 374 | + gh-runners-group: ${{ env.arm64-runner-group }} |
| 375 | + gh-runners-count: ${{ env.arm64-runner-count }} |
| 376 | + ssh-private-key: ${{ secrets.ARM64_RUNNER_SSH_PRIVATE_KEY }} |
| 377 | + ssh-public-key: ${{ secrets.ARM64_RUNNER_SSH_PUBLIC_KEY }} |
0 commit comments