Skip to content

ROX-29116: (fix) Use ARM GH action workflow runners for ARM builds #2106

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 12 commits into from
May 23, 2025
Merged

ROX-29116: (fix) Use ARM GH action workflow runners for ARM builds #2106

merged 12 commits into from
May 23, 2025

Conversation

robbycochran
Copy link
Collaborator

@robbycochran robbycochran commented Apr 26, 2025
edited
Loading

Description

Undo the revert with a fix for error of using a runtime computed value within a job matrix.

Re-enable changes from #2084 which was reverted. Now with fixes to github actions on these commits

Original Description:
Utilize newly added arm64 runners for github actions.

  • Build arm64 images natively instead of using QEMU in all workflows
  • Make arm64 builds, unit-tests, and integration tests run alongside x86_64 by default on PR workflows. Build time performance is slightly faster on ARM so it shouldn't increase total time to finish PR steps.
  • Split and refactored the builder image job into a local and remote version

Checklist

  • Investigated and inspected CI test results
  • Updated documentation accordingly

Automated testing

  • Added unit tests
  • Added integration tests
  • Added regression tests

If any of these don't apply, please comment below.

Testing Performed

TODO(replace-me)
Use this space to explain how you tested your PR, or, if you didn't test it, why you did not do so. (Valid reasons include "CI is sufficient" or "No testable changes")
In addition to reviewing your code, reviewers must also review your testing instructions, and make sure they are sufficient.

For more details, ref the Confluence page about this section.

@robbycochran robbycochran added the run-multiarch-builds Run steps for non-x86 archs. label Apr 26, 2025
@robbycochran robbycochran marked this pull request as ready for review April 28, 2025 21:21
@robbycochran robbycochran requested a review from a team as a code owner April 28, 2025 21:21
sourcery-ai[bot]
sourcery-ai bot reviewed Apr 28, 2025
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @robbycochran - I've reviewed your changes - here's some feedback:

Overall Comments:

  • Consider extracting the creation of ansible/secrets.yml into a reusable component to avoid duplication between local and remote build jobs.
Here's what I looked at during the review
  • 🟡 General issues: 3 issues found
  • 🟢 Security: all looks good
  • 🟢 Testing: all looks good
  • 🟢 Complexity: all looks good
  • 🟢 Documentation: all looks good
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

@robbycochran robbycochran removed the run-multiarch-builds Run steps for non-x86 archs. label Apr 29, 2025
@codecov-commenter
Copy link

codecov-commenter commented Apr 29, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 28.51%. Comparing base (7e0101f) to head (b55bb64).
Report is 6 commits behind head on master.

✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #2106      +/-   ##
==========================================
- Coverage   28.52%   28.51%   -0.01%     
==========================================
  Files          94       94              
  Lines        5757     5759       +2     
  Branches     2547     2547              
==========================================
  Hits         1642     1642              
- Misses       3393     3395       +2     
  Partials      722      722
Flag Coverage Δ
collector-unit-tests 28.51% <ø> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Molter73
Molter73 reviewed Apr 29, 2025
View reviewed changes
Copy link
Collaborator

@Molter73 Molter73 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

a runtime computed value within a job matrix.

GHA and its tiny little corner cases...

I would recommend adding the run-multiarch-builds label before merging to make sure power and Z build correctly.

.github/workflows/collector-builder.yml Outdated
Comment on lines 73 to 76
- name: Check arches for local build
if: ${{ ! contains(inputs.architectures, 'ppc64le') }}
id: arch
run: echo "local-exclude=[{\"arch\":\"ppc64le\"}]" >> "$GITHUB_OUTPUT"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not something we need to do as part of this PR, but it might be easier to create the excludes array in the init.yml workflow, then pass it in to the workflows that need it. We could probably replace the architectures input entirely, but that might require some jq magic for us to translate the JSON to strings in the manifest script. I'll look into it after this is merged if you want to ignore this comment.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agree -- we could also do something similar to stackrox and create a single object with named matrix strategies: https://github.com/stackrox/stackrox/blob/master/.github/workflows/build.yaml#L28

Copy link
Collaborator

@Molter73 Molter73 Apr 30, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, but can we use python instead of bash? Because that thing is ungodly with all the $(jq ...) in there

https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsshell

https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#example-running-an-inline-python-script

@robbycochran robbycochran added the run-multiarch-builds Run steps for non-x86 archs. label Apr 29, 2025
@robbycochran robbycochran changed the title (fix) ppc64le exclude ROX-29116: (fix) Use ARM GH action workflow runners for ARM builds Apr 30, 2025
Molter73
Molter73 reviewed Apr 30, 2025
View reviewed changes
Molter73
Molter73 approved these changes May 21, 2025
View reviewed changes
Copy link
Collaborator

@Molter73 Molter73 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes LGTM! Just left a minor nitpick that you can ignore.

Looks like there was a CI failure creating a Z VM, I'd encourage having as green a CI as possible before merging, but the error seems unrelated to the changes.

robbycochran and others added 2 commits May 21, 2025 14:38
@robbycochran @Molter73
Update .github/workflows/collector-builder.yml
d07df97 
Co-authored-by: Mauro Ezequiel Moltrasio <[email protected]>
@robbycochran
Add arm64 Google COS integration test (#2096)
b55bb64 
adds stable, beta, and dev channels
@robbycochran robbycochran merged commit 9b09e62 into master May 23, 2025
84 of 87 checks passed
@robbycochran robbycochran deleted the rc-fix-exclude branch May 23, 2025 04:26
Molter73 added a commit that referenced this pull request May 28, 2025
@Molter73
Build arm64 test container by default
0fc094b 
After the changes introduced in #2106, we are building arm64 images by
default and trying to test them. If a change is made to the integration
tests, we are only building the amd64 version of the container and the
arm64 tests fail when trying to pull the image for that architecture.

This patch makes it so the test container is built for amd64 and arm64
by default.
@Molter73 Molter73 mentioned this pull request May 28, 2025
Merged
6 tasks
Molter73 added a commit that referenced this pull request May 28, 2025
@Molter73
Build arm64 test container by default (#2147)
f4a2d3c 
After the changes introduced in #2106, we are building arm64 images by
default and trying to test them. If a change is made to the integration
tests, we are only building the amd64 version of the container and the
arm64 tests fail when trying to pull the image for that architecture.

This patch makes it so the test container is built for amd64 and arm64
by default.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

@Molter73 Molter73 Molter73 approved these changes

Assignees
No one assigned
Labels
run-multiarch-builds Run steps for non-x86 archs.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@robbycochran @codecov-commenter @Molter73