Skip to content

Commit

Permalink
CI (Buildkite): move the sanitizers builders (e.g. asan) to the e…
Browse files Browse the repository at this point in the history
…xperimental pipeline (#41606)

(cherry picked from commit c95448f)
  • Loading branch information
DilumAluthge authored and KristofferC committed Jul 26, 2021
1 parent aa9827f commit 8d49537
Show file tree
Hide file tree
Showing 4 changed files with 42 additions and 6 deletions.
18 changes: 18 additions & 0 deletions .buildkite/experimental/0_webui.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
# This file represents what is put into the webUI.
# It is purely for keeping track of the changes we make to the webUI configuration; modifying this file has no effect.
# We use the `cryptic` buildkite plugin to provide secrets management, which requires some integration into the WebUI's steps.
agents:
queue: "julia"
sandbox.jl: "true"

steps:
- label: ":unlock: Unlock secrets, launch pipelines"
plugins:
- staticfloat/cryptic:
# Our list of pipelines that should be launched (but don't require a signature)
# These pipelines can be modified by any contributor and CI will still run.
# Build secrets will not be available in these pipelines (or their children)
# but some of our signed pipelines can wait upon the completion of these unsigned
# pipelines.
unsigned_pipelines:
- .buildkite/experimental/pipeline.yml
19 changes: 19 additions & 0 deletions .buildkite/experimental/pipeline.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# This file launches all the build jobs that _don't_ require secrets access.
# These jobs can pass their output off to jobs that do require secrets access,
# but those privileged steps require signing before they can be run.
#
# Yes, this is creating another layer of indirection; the flow now looks like:
#
# [webui] -> pipeline.yml -> llvm_passes.yml
#
# when we could theoretically just have the `webui` launch `llvm_passes.yml`,
# however this raises the bar for contributors to add new (unsigned) steps to
# our CI configuration, so I'd rather live with an extra layer of indirection
# and only need to touch the webui configuration when we need to alter
# something about the privileged steps.
steps:
- label: ":buildkite: Launch unsigned pipelines"
commands: |
buildkite-agent pipeline upload .buildkite/experimental/sanitizers.yml
agents:
queue: julia
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ steps:
- JuliaCI/julia#v1:
version: 1.6
- staticfloat/sandbox#v1:
rootfs_url: https://github.com/JuliaCI/rootfs-images/releases/download/v1/llvm-passes.tar.gz
rootfs_treehash: "f3ed53f159e8f13edfba8b20ebdb8ece73c1b8a8"
rootfs_url: https://github.com/JuliaCI/rootfs-images/releases/download/v2.0/llvm_passes.tar.gz
rootfs_treehash: "0b5a80c1d0ab110a57fbdb7f4bc042a5ede310f3"
uid: 1000
gid: 1000
workspaces:
Expand All @@ -29,6 +29,6 @@ steps:
echo "--- Test that ASAN is enabled"
contrib/asan/check.jl ./tmp/test-asan/asan/usr/bin/julia-debug
timeout_in_minutes: 120
notify:
- github_commit_status:
context: "asan"
# notify:
# - github_commit_status:
# context: "asan"
1 change: 0 additions & 1 deletion .buildkite/pipeline.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,5 @@ steps:
buildkite-agent pipeline upload .buildkite/whitespace.yml
buildkite-agent pipeline upload .buildkite/embedding.yml
buildkite-agent pipeline upload .buildkite/llvm_passes.yml
buildkite-agent pipeline upload .buildkite/sanitizers.yml
agents:
queue: julia

0 comments on commit 8d49537

Please sign in to comment.