[v5,4/4] Jobs based on custom runners: add job definitions for QEMU's machines

Commit Message

Cleber Rosa Feb. 19, 2021, 9:58 p.m. UTC

The QEMU project has two machines (aarch64 and s390x) that can be used
for jobs that do build and run tests.  This introduces those jobs,
which are a mapping of custom scripts used for the same purpose.

Signed-off-by: Cleber Rosa <crosa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
---
 .gitlab-ci.d/custom-runners.yml | 204 ++++++++++++++++++++++++++++++++
 1 file changed, 204 insertions(+)

Comments

Philippe Mathieu-Daudé Feb. 23, 2021, 3:17 p.m. UTC | #1

On 2/19/21 10:58 PM, Cleber Rosa wrote:
> The QEMU project has two machines (aarch64 and s390x) that can be used
> for jobs that do build and run tests.  This introduces those jobs,
> which are a mapping of custom scripts used for the same purpose.
> 
> Signed-off-by: Cleber Rosa <crosa@redhat.com>
> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
> ---
>  .gitlab-ci.d/custom-runners.yml | 204 ++++++++++++++++++++++++++++++++
>  1 file changed, 204 insertions(+)
> 
> diff --git a/.gitlab-ci.d/custom-runners.yml b/.gitlab-ci.d/custom-runners.yml
> index 3004da2bda..a9166c82a2 100644
> --- a/.gitlab-ci.d/custom-runners.yml
> +++ b/.gitlab-ci.d/custom-runners.yml
> @@ -12,3 +12,207 @@
>  # strategy.
>  variables:
>    GIT_SUBMODULE_STRATEGY: recursive
> +
> +# All ubuntu-18.04 jobs should run successfully in an environment
> +# setup by the scripts/ci/setup/build-environment.yml task
> +# "Install basic packages to build QEMU on Ubuntu 18.04/20.04"
> +ubuntu-18.04-s390x-all-linux-static:
> + allow_failure: true
> + needs: []
> + stage: build
> + tags:
> + - ubuntu_18.04
> + - s390x

Where is this tag list filled upon registration?

> + rules:
> + - if: '$CI_COMMIT_BRANCH =~ /^staging/'
> + script:
> + # --disable-libssh is needed because of https://bugs.launchpad.net/qemu/+bug/1838763
> + # --disable-glusterfs is needed because there's no static version of those libs in distro supplied packages
> + - mkdir build
> + - cd build
> + - ../configure --enable-debug --static --disable-system --disable-glusterfs --disable-libssh
> + - make --output-sync -j`nproc`
> + - make --output-sync -j`nproc` check V=1
> + - make --output-sync -j`nproc` check-tcg V=1

Also this break the rest of the tests...

The first containers job (amd64-alpine-container) got
added to the custom runner and failed (because docker-dind
isn't there?):

$ export TAG="$CI_REGISTRY_IMAGE/qemu/$NAME:latest"
$ export COMMON_TAG="$CI_REGISTRY/qemu-project/qemu/$NAME:latest"
$ apk add python3
bash: line 110: apk: command not found
Running after_script 00:01
Running after script...
$ docker logout
Removing login credentials for https://index.docker.io/v1/
ERROR: Job failed: exit status 1

Do we need to restrict the other jobs to the Gitlab public
(x86) runners? Maybe as:

diff --git a/.gitlab-ci.d/containers.yml b/.gitlab-ci.d/containers.yml
@@ -1,6 +1,6 @@
 .container_job_template: &container_job_definition
+  tags:
+    - gitlab-org-docker
   image: docker:stable
   stage: containers
   services:

Daniel, you didn't hit this problem on the previous version
of this series?

Thanks,

Phil.

Philippe Mathieu-Daudé Feb. 23, 2021, 3:27 p.m. UTC | #2

On 2/19/21 10:58 PM, Cleber Rosa wrote:
> The QEMU project has two machines (aarch64 and s390x) that can be used
> for jobs that do build and run tests.  This introduces those jobs,
> which are a mapping of custom scripts used for the same purpose.
> 
> Signed-off-by: Cleber Rosa <crosa@redhat.com>
> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
> ---
>  .gitlab-ci.d/custom-runners.yml | 204 ++++++++++++++++++++++++++++++++
>  1 file changed, 204 insertions(+)
> 
> diff --git a/.gitlab-ci.d/custom-runners.yml b/.gitlab-ci.d/custom-runners.yml
> index 3004da2bda..a9166c82a2 100644
> --- a/.gitlab-ci.d/custom-runners.yml
> +++ b/.gitlab-ci.d/custom-runners.yml
> @@ -12,3 +12,207 @@
>  # strategy.
>  variables:
>    GIT_SUBMODULE_STRATEGY: recursive
> +
> +# All ubuntu-18.04 jobs should run successfully in an environment
> +# setup by the scripts/ci/setup/build-environment.yml task
> +# "Install basic packages to build QEMU on Ubuntu 18.04/20.04"
> +ubuntu-18.04-s390x-all-linux-static:
> + allow_failure: true
> + needs: []
> + stage: build
> + tags:
> + - ubuntu_18.04
> + - s390x
> + rules:
> + - if: '$CI_COMMIT_BRANCH =~ /^staging/'

Maybe this is too restrictive, we might want to test /master too.

> + script:
> + # --disable-libssh is needed because of https://bugs.launchpad.net/qemu/+bug/1838763
> + # --disable-glusterfs is needed because there's no static version of those libs in distro supplied packages
> + - mkdir build
> + - cd build
> + - ../configure --enable-debug --static --disable-system --disable-glusterfs --disable-libssh
> + - make --output-sync -j`nproc`
> + - make --output-sync -j`nproc` check V=1
> + - make --output-sync -j`nproc` check-tcg V=1

Philippe Mathieu-Daudé Feb. 23, 2021, 3:35 p.m. UTC | #3

On 2/23/21 4:27 PM, Philippe Mathieu-Daudé wrote:
> On 2/19/21 10:58 PM, Cleber Rosa wrote:
>> The QEMU project has two machines (aarch64 and s390x) that can be used
>> for jobs that do build and run tests.  This introduces those jobs,
>> which are a mapping of custom scripts used for the same purpose.
>>
>> Signed-off-by: Cleber Rosa <crosa@redhat.com>
>> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
>> ---
>>  .gitlab-ci.d/custom-runners.yml | 204 ++++++++++++++++++++++++++++++++
>>  1 file changed, 204 insertions(+)
>>
>> diff --git a/.gitlab-ci.d/custom-runners.yml b/.gitlab-ci.d/custom-runners.yml
>> index 3004da2bda..a9166c82a2 100644
>> --- a/.gitlab-ci.d/custom-runners.yml
>> +++ b/.gitlab-ci.d/custom-runners.yml
>> @@ -12,3 +12,207 @@
>>  # strategy.
>>  variables:
>>    GIT_SUBMODULE_STRATEGY: recursive
>> +
>> +# All ubuntu-18.04 jobs should run successfully in an environment
>> +# setup by the scripts/ci/setup/build-environment.yml task
>> +# "Install basic packages to build QEMU on Ubuntu 18.04/20.04"
>> +ubuntu-18.04-s390x-all-linux-static:
>> + allow_failure: true
>> + needs: []
>> + stage: build
>> + tags:
>> + - ubuntu_18.04
>> + - s390x
>> + rules:
>> + - if: '$CI_COMMIT_BRANCH =~ /^staging/'
> 
> Maybe this is too restrictive, we might want to test /master too.

Also now all fork pipelines are stuck...

  This job is stuck because you don't have any active runners online
  or available with any of these tags assigned to them: s390x
  ubuntu_18.04
  Go to project CI settings

https://gitlab.com/philmd/qemu/-/jobs/1050123478

What about using as starter:

  rules:
    if: '$CI_PROJECT_PATH == 'qemu-project/qemu'

> 
>> + script:
>> + # --disable-libssh is needed because of https://bugs.launchpad.net/qemu/+bug/1838763
>> + # --disable-glusterfs is needed because there's no static version of those libs in distro supplied packages
>> + - mkdir build
>> + - cd build
>> + - ../configure --enable-debug --static --disable-system --disable-glusterfs --disable-libssh
>> + - make --output-sync -j`nproc`
>> + - make --output-sync -j`nproc` check V=1
>> + - make --output-sync -j`nproc` check-tcg V=1

Daniel P. Berrangé Feb. 23, 2021, 3:45 p.m. UTC | #4

On Tue, Feb 23, 2021 at 04:35:41PM +0100, Philippe Mathieu-Daudé wrote:
> On 2/23/21 4:27 PM, Philippe Mathieu-Daudé wrote:
> > On 2/19/21 10:58 PM, Cleber Rosa wrote:
> >> The QEMU project has two machines (aarch64 and s390x) that can be used
> >> for jobs that do build and run tests.  This introduces those jobs,
> >> which are a mapping of custom scripts used for the same purpose.
> >>
> >> Signed-off-by: Cleber Rosa <crosa@redhat.com>
> >> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
> >> ---
> >>  .gitlab-ci.d/custom-runners.yml | 204 ++++++++++++++++++++++++++++++++
> >>  1 file changed, 204 insertions(+)
> >>
> >> diff --git a/.gitlab-ci.d/custom-runners.yml b/.gitlab-ci.d/custom-runners.yml
> >> index 3004da2bda..a9166c82a2 100644
> >> --- a/.gitlab-ci.d/custom-runners.yml
> >> +++ b/.gitlab-ci.d/custom-runners.yml
> >> @@ -12,3 +12,207 @@
> >>  # strategy.
> >>  variables:
> >>    GIT_SUBMODULE_STRATEGY: recursive
> >> +
> >> +# All ubuntu-18.04 jobs should run successfully in an environment
> >> +# setup by the scripts/ci/setup/build-environment.yml task
> >> +# "Install basic packages to build QEMU on Ubuntu 18.04/20.04"
> >> +ubuntu-18.04-s390x-all-linux-static:
> >> + allow_failure: true
> >> + needs: []
> >> + stage: build
> >> + tags:
> >> + - ubuntu_18.04
> >> + - s390x
> >> + rules:
> >> + - if: '$CI_COMMIT_BRANCH =~ /^staging/'
> > 
> > Maybe this is too restrictive, we might want to test /master too.
> 
> Also now all fork pipelines are stuck...
> 
>   This job is stuck because you don't have any active runners online
>   or available with any of these tags assigned to them: s390x
>   ubuntu_18.04
>   Go to project CI settings
> 
> https://gitlab.com/philmd/qemu/-/jobs/1050123478
> 
> What about using as starter:
> 
>   rules:
>     if: '$CI_PROJECT_PATH == 'qemu-project/qemu'

I'm having dejavu about this exact problem previously this series was
posted. Restricting based on CI_PROJECT_PATH is not desirable, because
users should be free to bring up their own runners for this by following
the instructions earlier in the series. Having to hack the .gitlab-ci.yml
change this rule is going to be super unplesant.

If we can't make it auto-skip when no runners are available, then we
should set a rule based on a custom env variable. eg

   if "$QEMU_CI_RUNNER_S390" == "on"

then all a contributor needs todo is set the variable in their gitlab
repo preferences.


Regards,
Daniel

Daniel P. Berrangé Feb. 23, 2021, 3:56 p.m. UTC | #5

On Tue, Feb 23, 2021 at 04:17:23PM +0100, Philippe Mathieu-Daudé wrote:
> On 2/19/21 10:58 PM, Cleber Rosa wrote:
> > The QEMU project has two machines (aarch64 and s390x) that can be used
> > for jobs that do build and run tests.  This introduces those jobs,
> > which are a mapping of custom scripts used for the same purpose.
> > 
> > Signed-off-by: Cleber Rosa <crosa@redhat.com>
> > Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
> > ---
> >  .gitlab-ci.d/custom-runners.yml | 204 ++++++++++++++++++++++++++++++++
> >  1 file changed, 204 insertions(+)
> > 
> > diff --git a/.gitlab-ci.d/custom-runners.yml b/.gitlab-ci.d/custom-runners.yml
> > index 3004da2bda..a9166c82a2 100644
> > --- a/.gitlab-ci.d/custom-runners.yml
> > +++ b/.gitlab-ci.d/custom-runners.yml
> > @@ -12,3 +12,207 @@
> >  # strategy.
> >  variables:
> >    GIT_SUBMODULE_STRATEGY: recursive
> > +
> > +# All ubuntu-18.04 jobs should run successfully in an environment
> > +# setup by the scripts/ci/setup/build-environment.yml task
> > +# "Install basic packages to build QEMU on Ubuntu 18.04/20.04"
> > +ubuntu-18.04-s390x-all-linux-static:
> > + allow_failure: true
> > + needs: []
> > + stage: build
> > + tags:
> > + - ubuntu_18.04
> > + - s390x
> 
> Where is this tag list filled upon registration?
> 
> > + rules:
> > + - if: '$CI_COMMIT_BRANCH =~ /^staging/'
> > + script:
> > + # --disable-libssh is needed because of https://bugs.launchpad.net/qemu/+bug/1838763
> > + # --disable-glusterfs is needed because there's no static version of those libs in distro supplied packages
> > + - mkdir build
> > + - cd build
> > + - ../configure --enable-debug --static --disable-system --disable-glusterfs --disable-libssh
> > + - make --output-sync -j`nproc`
> > + - make --output-sync -j`nproc` check V=1
> > + - make --output-sync -j`nproc` check-tcg V=1
> 
> Also this break the rest of the tests...
> 
> The first containers job (amd64-alpine-container) got
> added to the custom runner and failed (because docker-dind
> isn't there?):

Urgh, well that's a big problem. We certainly don't want *anything* being
placed on the custom runners without explicit opt-in, otherwise jobs run
in the main repo have a different environment from when users run on their
personal forks.

IOW, we need anti-affinity against our custom runners really.

> $ export TAG="$CI_REGISTRY_IMAGE/qemu/$NAME:latest"
> $ export COMMON_TAG="$CI_REGISTRY/qemu-project/qemu/$NAME:latest"
> $ apk add python3
> bash: line 110: apk: command not found
> Running after_script 00:01
> Running after script...
> $ docker logout
> Removing login credentials for https://index.docker.io/v1/
> ERROR: Job failed: exit status 1
> 
> Do we need to restrict the other jobs to the Gitlab public
> (x86) runners? Maybe as:
> 
> diff --git a/.gitlab-ci.d/containers.yml b/.gitlab-ci.d/containers.yml
> @@ -1,6 +1,6 @@
>  .container_job_template: &container_job_definition
> +  tags:
> +    - gitlab-org-docker

Is that a real tag that exists on gitlab's shared runners, or something
you just invented ?

>    image: docker:stable
>    stage: containers
>    services:
> 
> Daniel, you didn't hit this problem on the previous version
> of this series?

I didn't try actually executing previous postings of this series.


Regards,
Daniel

Philippe Mathieu-Daudé Feb. 23, 2021, 4:41 p.m. UTC | #6

On 2/23/21 4:56 PM, Daniel P. Berrangé wrote:
> On Tue, Feb 23, 2021 at 04:17:23PM +0100, Philippe Mathieu-Daudé wrote:
>> On 2/19/21 10:58 PM, Cleber Rosa wrote:
>>> The QEMU project has two machines (aarch64 and s390x) that can be used
>>> for jobs that do build and run tests.  This introduces those jobs,
>>> which are a mapping of custom scripts used for the same purpose.
>>>
>>> Signed-off-by: Cleber Rosa <crosa@redhat.com>
>>> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
>>> ---
>>>  .gitlab-ci.d/custom-runners.yml | 204 ++++++++++++++++++++++++++++++++
>>>  1 file changed, 204 insertions(+)
>>>
>>> diff --git a/.gitlab-ci.d/custom-runners.yml b/.gitlab-ci.d/custom-runners.yml
>>> index 3004da2bda..a9166c82a2 100644
>>> --- a/.gitlab-ci.d/custom-runners.yml
>>> +++ b/.gitlab-ci.d/custom-runners.yml
>>> @@ -12,3 +12,207 @@
>>>  # strategy.
>>>  variables:
>>>    GIT_SUBMODULE_STRATEGY: recursive
>>> +
>>> +# All ubuntu-18.04 jobs should run successfully in an environment
>>> +# setup by the scripts/ci/setup/build-environment.yml task
>>> +# "Install basic packages to build QEMU on Ubuntu 18.04/20.04"
>>> +ubuntu-18.04-s390x-all-linux-static:
>>> + allow_failure: true
>>> + needs: []
>>> + stage: build
>>> + tags:
>>> + - ubuntu_18.04
>>> + - s390x
>>
>> Where is this tag list filled upon registration?
>>
>>> + rules:
>>> + - if: '$CI_COMMIT_BRANCH =~ /^staging/'
>>> + script:
>>> + # --disable-libssh is needed because of https://bugs.launchpad.net/qemu/+bug/1838763
>>> + # --disable-glusterfs is needed because there's no static version of those libs in distro supplied packages
>>> + - mkdir build
>>> + - cd build
>>> + - ../configure --enable-debug --static --disable-system --disable-glusterfs --disable-libssh
>>> + - make --output-sync -j`nproc`
>>> + - make --output-sync -j`nproc` check V=1
>>> + - make --output-sync -j`nproc` check-tcg V=1
>>
>> Also this break the rest of the tests...
>>
>> The first containers job (amd64-alpine-container) got
>> added to the custom runner and failed (because docker-dind
>> isn't there?):
> 
> Urgh, well that's a big problem. We certainly don't want *anything* being
> placed on the custom runners without explicit opt-in, otherwise jobs run
> in the main repo have a different environment from when users run on their
> personal forks.
> 
> IOW, we need anti-affinity against our custom runners really.
> 
>> $ export TAG="$CI_REGISTRY_IMAGE/qemu/$NAME:latest"
>> $ export COMMON_TAG="$CI_REGISTRY/qemu-project/qemu/$NAME:latest"
>> $ apk add python3
>> bash: line 110: apk: command not found
>> Running after_script 00:01
>> Running after script...
>> $ docker logout
>> Removing login credentials for https://index.docker.io/v1/
>> ERROR: Job failed: exit status 1
>>
>> Do we need to restrict the other jobs to the Gitlab public
>> (x86) runners? Maybe as:
>>
>> diff --git a/.gitlab-ci.d/containers.yml b/.gitlab-ci.d/containers.yml
>> @@ -1,6 +1,6 @@
>>  .container_job_template: &container_job_definition
>> +  tags:
>> +    - gitlab-org-docker
> 
> Is that a real tag that exists on gitlab's shared runners, or something
> you just invented ?

This is not standardized yet:
https://gitlab.com/gitlab-com/gl-infra/infrastructure/-/issues/5420

I checked the available runners, some have 'docker' while other have
'gitlab-org-docker'. There are more 'gitlab-org-docker' than 'docker'
runners. The tag selection is not exclusive, this is a "all or nothing"
selection, so for my testing I choose 'gitlab-org-docker' which is
the most available.

> 
>>    image: docker:stable
>>    stage: containers
>>    services:
>>
>> Daniel, you didn't hit this problem on the previous version
>> of this series?
> 
> I didn't try actually executing previous postings of this series.
> 
> 
> Regards,
> Daniel
>

Cleber Rosa Feb. 23, 2021, 6:21 p.m. UTC | #7

On Tue, Feb 23, 2021 at 04:17:23PM +0100, Philippe Mathieu-Daudé wrote:
> On 2/19/21 10:58 PM, Cleber Rosa wrote:
> > The QEMU project has two machines (aarch64 and s390x) that can be used
> > for jobs that do build and run tests.  This introduces those jobs,
> > which are a mapping of custom scripts used for the same purpose.
> > 
> > Signed-off-by: Cleber Rosa <crosa@redhat.com>
> > Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
> > ---
> >  .gitlab-ci.d/custom-runners.yml | 204 ++++++++++++++++++++++++++++++++
> >  1 file changed, 204 insertions(+)
> > 
> > diff --git a/.gitlab-ci.d/custom-runners.yml b/.gitlab-ci.d/custom-runners.yml
> > index 3004da2bda..a9166c82a2 100644
> > --- a/.gitlab-ci.d/custom-runners.yml
> > +++ b/.gitlab-ci.d/custom-runners.yml
> > @@ -12,3 +12,207 @@
> >  # strategy.
> >  variables:
> >    GIT_SUBMODULE_STRATEGY: recursive
> > +
> > +# All ubuntu-18.04 jobs should run successfully in an environment
> > +# setup by the scripts/ci/setup/build-environment.yml task
> > +# "Install basic packages to build QEMU on Ubuntu 18.04/20.04"
> > +ubuntu-18.04-s390x-all-linux-static:
> > + allow_failure: true
> > + needs: []
> > + stage: build
> > + tags:
> > + - ubuntu_18.04
> > + - s390x
> 
> Where is this tag list filled upon registration?
>

The documentation on this series (previous patch) describes how one
should go about settings the tags.  Pasting it here for easier context:

---

Following the registration, it's necessary to configure the runner tags,
and optionally other configurations on the GitLab UI.  Navigate to:

 * Settings (the gears like icon), then
 * CI/CD, then
 * Runners, and click on the "Expand" button, then
 * "Runners activated for this project", then
 * Click on the "Edit" icon (next to the "Lock" Icon)

Under tags, add values matching the jobs a runner should run.  For a
Ubuntu 20.04 aarch64 system, the tags should be set as::

  ubuntu_20.04,aarch64

Because the job definition at ``.gitlab-ci.d/custom-runners.yml``
would contain::

  ubuntu-20.04-aarch64-all:
   tags:
   - ubuntu_20.04
   - aarch64

---

Does that answer your question?

> > + rules:
> > + - if: '$CI_COMMIT_BRANCH =~ /^staging/'
> > + script:
> > + # --disable-libssh is needed because of https://bugs.launchpad.net/qemu/+bug/1838763
> > + # --disable-glusterfs is needed because there's no static version of those libs in distro supplied packages
> > + - mkdir build
> > + - cd build
> > + - ../configure --enable-debug --static --disable-system --disable-glusterfs --disable-libssh
> > + - make --output-sync -j`nproc`
> > + - make --output-sync -j`nproc` check V=1
> > + - make --output-sync -j`nproc` check-tcg V=1
> 
> Also this break the rest of the tests...
> 
> The first containers job (amd64-alpine-container) got
> added to the custom runner and failed (because docker-dind
> isn't there?):
>

The documentation explains that, saying that it's recommended to uncheck
the "Run untagged jobs" check box.

> $ export TAG="$CI_REGISTRY_IMAGE/qemu/$NAME:latest"
> $ export COMMON_TAG="$CI_REGISTRY/qemu-project/qemu/$NAME:latest"
> $ apk add python3
> bash: line 110: apk: command not found
> Running after_script 00:01
> Running after script...
> $ docker logout
> Removing login credentials for https://index.docker.io/v1/
> ERROR: Job failed: exit status 1
> 
> Do we need to restrict the other jobs to the Gitlab public
> (x86) runners? Maybe as:
>

You just need to take care of the runners you add.  All the other jobs
are assumed to be running on the shared runners.

Regards,
- Cleber.

Cleber Rosa Feb. 23, 2021, 6:25 p.m. UTC | #8

On Tue, Feb 23, 2021 at 03:56:19PM +0000, Daniel P. Berrangé wrote:
> 
> Urgh, well that's a big problem. We certainly don't want *anything* being
> placed on the custom runners without explicit opt-in, otherwise jobs run
> in the main repo have a different environment from when users run on their
> personal forks.
> 
> IOW, we need anti-affinity against our custom runners really.
>

I'm assuming Phil missed that documentation, because that's a
non-issue, really.

Just unchecking the "Run untagged jobs" check box on the runner
configuration makes sure that the custom runners won't pickup any jobs
not *specifically* tagged for them.

Regards,
- Cleber.

Philippe Mathieu-Daudé Feb. 24, 2021, noon UTC | #9

On 2/23/21 7:25 PM, Cleber Rosa wrote:
> On Tue, Feb 23, 2021 at 03:56:19PM +0000, Daniel P. Berrangé wrote:
>>
>> Urgh, well that's a big problem. We certainly don't want *anything* being
>> placed on the custom runners without explicit opt-in, otherwise jobs run
>> in the main repo have a different environment from when users run on their
>> personal forks.
>>
>> IOW, we need anti-affinity against our custom runners really.
>>
> 
> I'm assuming Phil missed that documentation, because that's a
> non-issue, really.
> 
> Just unchecking the "Run untagged jobs" check box on the runner
> configuration makes sure that the custom runners won't pickup any jobs
> not *specifically* tagged for them.

Can we explicit this when registering the runner instead of having to
access the WebUI?

$ gitlab-runner register --help

   --run-untagged
     Register to run untagged builds; defaults to 'true'
     when 'tag-list' is empty [$REGISTER_RUN_UNTAGGED]

Cleber Rosa Feb. 24, 2021, 3:54 p.m. UTC | #10

On Wed, Feb 24, 2021 at 01:00:54PM +0100, Philippe Mathieu-Daudé wrote:
> On 2/23/21 7:25 PM, Cleber Rosa wrote:
> > On Tue, Feb 23, 2021 at 03:56:19PM +0000, Daniel P. Berrangé wrote:
> >>
> >> Urgh, well that's a big problem. We certainly don't want *anything* being
> >> placed on the custom runners without explicit opt-in, otherwise jobs run
> >> in the main repo have a different environment from when users run on their
> >> personal forks.
> >>
> >> IOW, we need anti-affinity against our custom runners really.
> >>
> > 
> > I'm assuming Phil missed that documentation, because that's a
> > non-issue, really.
> > 
> > Just unchecking the "Run untagged jobs" check box on the runner
> > configuration makes sure that the custom runners won't pickup any jobs
> > not *specifically* tagged for them.
> 
> Can we explicit this when registering the runner instead of having to
> access the WebUI?
> 
> $ gitlab-runner register --help
> 
>    --run-untagged
>      Register to run untagged builds; defaults to 'true'
>      when 'tag-list' is empty [$REGISTER_RUN_UNTAGGED]
> 

Sure thing, I will change the default behavior on the next version.

Thanks,
- Cleber.

Patch

diff --git a/.gitlab-ci.d/custom-runners.yml b/.gitlab-ci.d/custom-runners.yml
index 3004da2bda..a9166c82a2 100644
--- a/.gitlab-ci.d/custom-runners.yml
+++ b/.gitlab-ci.d/custom-runners.yml
@@ -12,3 +12,207 @@ 
 # strategy.
 variables:
   GIT_SUBMODULE_STRATEGY: recursive
+
+# All ubuntu-18.04 jobs should run successfully in an environment
+# setup by the scripts/ci/setup/build-environment.yml task
+# "Install basic packages to build QEMU on Ubuntu 18.04/20.04"
+ubuntu-18.04-s390x-all-linux-static:
+ allow_failure: true
+ needs: []
+ stage: build
+ tags:
+ - ubuntu_18.04
+ - s390x
+ rules:
+ - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ script:
+ # --disable-libssh is needed because of https://bugs.launchpad.net/qemu/+bug/1838763
+ # --disable-glusterfs is needed because there's no static version of those libs in distro supplied packages
+ - mkdir build
+ - cd build
+ - ../configure --enable-debug --static --disable-system --disable-glusterfs --disable-libssh
+ - make --output-sync -j`nproc`
+ - make --output-sync -j`nproc` check V=1
+ - make --output-sync -j`nproc` check-tcg V=1
+
+ubuntu-18.04-s390x-all:
+ allow_failure: true
+ needs: []
+ stage: build
+ tags:
+ - ubuntu_18.04
+ - s390x
+ rules:
+ - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ script:
+ - mkdir build
+ - cd build
+ - ../configure --disable-libssh
+ - make --output-sync -j`nproc`
+ - make --output-sync -j`nproc` check V=1
+
+ubuntu-18.04-s390x-alldbg:
+ allow_failure: true
+ needs: []
+ stage: build
+ tags:
+ - ubuntu_18.04
+ - s390x
+ rules:
+ - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ script:
+ - mkdir build
+ - cd build
+ - ../configure --enable-debug --disable-libssh
+ - make clean
+ - make --output-sync -j`nproc`
+ - make --output-sync -j`nproc` check V=1
+
+ubuntu-18.04-s390x-clang:
+ allow_failure: true
+ needs: []
+ stage: build
+ tags:
+ - ubuntu_18.04
+ - s390x
+ rules:
+ - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ script:
+ - mkdir build
+ - cd build
+ - ../configure --disable-libssh --cc=clang --cxx=clang++ --enable-sanitizers
+ - make --output-sync -j`nproc`
+ - make --output-sync -j`nproc` check V=1
+
+ubuntu-18.04-s390x-tci:
+ allow_failure: true
+ needs: []
+ stage: build
+ tags:
+ - ubuntu_18.04
+ - s390x
+ rules:
+ - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ script:
+ - mkdir build
+ - cd build
+ - ../configure --disable-libssh --enable-tcg-interpreter
+ - make --output-sync -j`nproc`
+
+ubuntu-18.04-s390x-notcg:
+ allow_failure: true
+ needs: []
+ stage: build
+ tags:
+ - ubuntu_18.04
+ - s390x
+ rules:
+ - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ script:
+ - mkdir build
+ - cd build
+ - ../configure --disable-libssh --disable-tcg
+ - make --output-sync -j`nproc`
+ - make --output-sync -j`nproc` check V=1
+
+# All ubuntu-20.04 jobs should run successfully in an environment
+# setup by the scripts/ci/setup/qemu/build-environment.yml task
+# "Install basic packages to build QEMU on Ubuntu 18.04/20.04"
+ubuntu-20.04-aarch64-all-linux-static:
+ allow_failure: true
+ needs: []
+ stage: build
+ tags:
+ - ubuntu_20.04
+ - aarch64
+ rules:
+ - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ script:
+ # --disable-libssh is needed because of https://bugs.launchpad.net/qemu/+bug/1838763
+ # --disable-glusterfs is needed because there's no static version of those libs in distro supplied packages
+ - mkdir build
+ - cd build
+ - ../configure --enable-debug --static --disable-system --disable-glusterfs --disable-libssh
+ - make --output-sync -j`nproc`
+ - make --output-sync -j`nproc` check V=1
+ - make --output-sync -j`nproc` check-tcg V=1
+
+ubuntu-20.04-aarch64-all:
+ allow_failure: true
+ needs: []
+ stage: build
+ tags:
+ - ubuntu_20.04
+ - aarch64
+ rules:
+ - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ script:
+ - mkdir build
+ - cd build
+ - ../configure --disable-libssh
+ - make --output-sync -j`nproc`
+ - make --output-sync -j`nproc` check V=1
+
+ubuntu-20.04-aarch64-alldbg:
+ allow_failure: true
+ needs: []
+ stage: build
+ tags:
+ - ubuntu_20.04
+ - aarch64
+ rules:
+ - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ script:
+ - mkdir build
+ - cd build
+ - ../configure --enable-debug --disable-libssh
+ - make clean
+ - make --output-sync -j`nproc`
+ - make --output-sync -j`nproc` check V=1
+
+ubuntu-20.04-aarch64-clang:
+ allow_failure: true
+ needs: []
+ stage: build
+ tags:
+ - ubuntu_20.04
+ - aarch64
+ rules:
+ - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ script:
+ - mkdir build
+ - cd build
+ - ../configure --disable-libssh --cc=clang --cxx=clang++ --enable-sanitizers
+ - make --output-sync -j`nproc`
+ - make --output-sync -j`nproc` check V=1
+
+ubuntu-20.04-aarch64-tci:
+ allow_failure: true
+ needs: []
+ stage: build
+ tags:
+ - ubuntu_20.04
+ - aarch64
+ rules:
+ - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ script:
+ - mkdir build
+ - cd build
+ - ../configure --disable-libssh --enable-tcg-interpreter
+ - make --output-sync -j`nproc`
+
+ubuntu-20.04-aarch64-notcg:
+ allow_failure: true
+ needs: []
+ stage: build
+ tags:
+ - ubuntu_20.04
+ - aarch64
+ rules:
+ - if: '$CI_COMMIT_BRANCH =~ /^staging/'
+ script:
+ - mkdir build
+ - cd build
+ - ../configure --disable-libssh --disable-tcg
+ - make --output-sync -j`nproc`
+ - make --output-sync -j`nproc` check V=1