Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[infra] Ruby 3.4.1 arm64 builds are unreliable #1602

Open
prabhu opened this issue Jan 28, 2025 · 4 comments
Open

[infra] Ruby 3.4.1 arm64 builds are unreliable #1602

prabhu opened this issue Jan 28, 2025 · 4 comments
Labels
help wanted Extra attention is needed infra

Comments

@prabhu
Copy link
Collaborator

prabhu commented Jan 28, 2025

Temporarily disabled these for Ruby 2.5 and cdxgen-secure. We need the split workflows proposed by #1601
@prabhu
Copy link
Collaborator Author

prabhu commented Feb 13, 2025
edited
Loading

Debian Ruby 26 is now unreliable for arm64.

------
 > [linux/arm64 3/3] RUN apt-get update && apt-get install -qq -y --no-install-recommends curl bash bzip2 git-core zip unzip make gawk     && apt-get install -qq -y build-essential gcc-9 g++-9 python2 libmagic-dev locales nodejs     && gem install bundler -v 1.17.3     && bundle config git.allow_insecure true     && chmod +x /tmp/install.sh     && SKIP_PYTHON=yes ./tmp/install.sh && rm /tmp/install.sh     && node -v     && npm -v     && npm install -g corepack     && apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false     && rm -rf /var/lib/apt/lists/*:
35.16 Setting up git (1:2.30.2-1+deb11u4) ...
35.84 Setting up libcurl4:arm64 (7.74.0-1.3+deb11u14) ...
35.84 Setting up curl (7.74.0-1.3+deb11u14) ...
35.85 Setting up libcurl4-openssl-dev:arm64 (7.74.0-1.3+deb11u14) ...
35.85 Processing triggers for libc-bin (2.31-13+deb11u3) ...
35.91 qemu: uncaught target signal 11 (Segmentation fault) - core dumped
36.31 Segmentation fault (core dumped)
36.33 qemu: uncaught target signal 11 (Segmentation fault) - core dumped
36.79 Segmentation fault (core dumped)
: Sub-process /usr/bin/dpkg returned an error code (1)

In general, the arm64 workflows needs some serious work or users must start building their own images.

@prabhu prabhu added the infra label Feb 14, 2025
@prabhu
Copy link
Collaborator Author

prabhu commented Feb 14, 2025
edited
Loading

I am seriously tempted to hire a DevOps and fully fund them to setup and maintain all the oss infrastructure. Send me your profile: prabhu at appthreat dot dev.

@prabhu prabhu added the help wanted Extra attention is needed label Feb 14, 2025
@prabhu prabhu mentioned this issue Feb 14, 2025
Merged
@prabhu
Copy link
Collaborator Author

prabhu commented Feb 20, 2025

My attempt to use the new macos-hosted for docker builds has been unsuccessful. It's an arm64 machine, so using buildx for linux/amd64 keeps failing with strange errors.

@prabhu
Copy link
Collaborator Author

prabhu commented Feb 22, 2025

We now have two Mac Mini M4 Pro's with the label macos-hosted. I have assigned some debian ruby images to use these builders and things are quite fast!

Some learnings:

  • Just use colima without the osxkeychain helper. This increases the need for better physical security and OS hardening
  • Only one docker build could run at a time per machine. This is due to the use of a shared docker context.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Extra attention is needed infra
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@prabhu