-
Notifications
You must be signed in to change notification settings - Fork 198
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Running CI/CD on org-runners. Refactor for GH workflow #2193
Conversation
Coverage from tests in coverage: 45.8% of statements across all listed packagescoverage: 57.2% of statements in consensus/istanbul coverage: 23.7% of statements in consensus/istanbul/announce coverage: 54.3% of statements in consensus/istanbul/backend coverage: 0.0% of statements in consensus/istanbul/backend/backendtest coverage: 24.3% of statements in consensus/istanbul/backend/internal/replica coverage: 61.1% of statements in consensus/istanbul/core coverage: 45.0% of statements in consensus/istanbul/db coverage: 0.0% of statements in consensus/istanbul/proxy coverage: 64.2% of statements in consensus/istanbul/uptime coverage: 51.8% of statements in consensus/istanbul/validator coverage: 79.2% of statements in consensus/istanbul/validator/random |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #2193 +/- ##
==========================================
- Coverage 55.16% 55.10% -0.07%
==========================================
Files 682 682
Lines 114447 114447
==========================================
- Hits 63136 63062 -74
- Misses 47432 47492 +60
- Partials 3879 3893 +14 ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks for the explanation in the PR description, it really outlines why + how things work :)
Description
Run the workflow on org-runners instead of repo-runners. This help on faster scale and easier management. This requires specifying the container image at job level.
Advantages:
Disadvantages:
About the
git config --global --add safe.directory '*'
step: we're disabling a git warning when the user (uid) is not the owner of the files. The reason to this to happen is because when using the job.*.container field together with actions-runner-controller, the runner (pod) starts first with a generic image, authorizes with GitHub and fetches the files, and then starts the container inside this runner pod with a command like (you can check the command on the stepInitialize containers
on any job):The workdir for the steps are inside a shared folder between the runner and the container, and because there is a mismatch between the uid owner of the folder in the runner and the user in the container (run as root, uid=1), this cause that we need to disable the warning from git about ownership of files. Personally I don't see any impact of doing this, as the workspace is ephemeral and there is not risk of breaking the permissions of the files for future usages or other users.
More info.