CI/CD Fixes #279
Merged
CI/CD Fixes #279
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is the first of another three-part PR (faabric, cpp, faasm) to fix some issues with our CI/CD pipeline.
The first one is moving all the code-checking-out to use
actions/checkout. We were runninggitcommands manually in the actions, and this was causing spurious errors with submodules not being fetched sometimes. There is one caveat to checking out code usingactions/checkout: code is checked out under the${GITHUB_WORKSPACE}directory. Inside a container, this resolves to/w__/faasm/faasm. In most of our actions, we hard-code the directory shell scripts run in, which means that the steps would be running in the version of the code that shipped with the container, not the latest commit. The underlying question is if code can be properly built and used inside the container without being checked out to our well known paths (/code/faabric,/code/cpp, and/usr/local/code/faasm). AFAICT there's no reason why this should not work, only a couple of things:./bin/workon.shand./bin/create_venv.shneed to be updated.actions/checkoutacross (includingfaasm/conan-cache-action) then we don't need to set up anydirectory:variables in any steps (including the conan action).--cleanflag. This is because theCMakeCachewill point to a different source directory. In practice, this should not increase the tests runtime as, by compiling with sanitisers, we are effectively compiling everything from scratch already.The second one is using a very neat project I came across. It is a GH action that cancels previously running jobs for the same PR.
The third one is moving away from our bash scripts to format code, and use a python task instead:
inv format-code [--check].The fourth one is that a recent patched vulnerability in git makes it necessary to add the
safe-path's for the git command to run under certain combinations of parent-child repo ownership. As a rule of thumb I think we want to add our well-known paths where we check out code inside the containers as safe paths.