From 9214e84299b3fbba2328c3f1c996de837b123ac9 Mon Sep 17 00:00:00 2001 From: Vincent Haupert Date: Tue, 7 Sep 2021 15:52:29 +0200 Subject: [PATCH 1/7] github-runner: make derivation easier to override (cherry picked from commit 0d1e42786e6bc5249248e50793f9f8537aaad857) --- .../github-runner/default.nix | 97 +++++++++---------- 1 file changed, 47 insertions(+), 50 deletions(-) diff --git a/pkgs/development/tools/continuous-integration/github-runner/default.nix b/pkgs/development/tools/continuous-integration/github-runner/default.nix index e2d40630905..459b68fa6b2 100644 --- a/pkgs/development/tools/continuous-integration/github-runner/default.nix +++ b/pkgs/development/tools/continuous-integration/github-runner/default.nix @@ -19,9 +19,6 @@ , zlib }: let - pname = "github-actions-runner"; - version = "2.279.0"; - deps = (import ./deps.nix { inherit fetchurl; }); nugetPackages = map (x: { @@ -29,57 +26,14 @@ let path = "${x}"; }) deps; - nugetSource = linkFarm "${pname}-${version}-packages" nugetPackages; + nugetSource = linkFarm "nuget-packages" nugetPackages; dotnetSdk = dotnetCorePackages.sdk_3_1; runtimeId = "linux-x64"; - - disabledTest = [ - # Self-updating is patched out, hence this test will fail - "FullyQualifiedName!=GitHub.Runner.Common.Tests.Listener.RunnerL0.TestRunOnceHandleUpdateMessage" - ] ++ map - # Online tests - (x: "FullyQualifiedName!=GitHub.Runner.Common.Tests.Worker.ActionManagerL0.PrepareActions_${x}") - [ - "CompositeActionWithActionfile_CompositeContainerNested" - "CompositeActionWithActionfile_CompositePrestepNested" - "CompositeActionWithActionfile_MaxLimit" - "CompositeActionWithActionfile_Node" - "DownloadActionFromGraph" - "DownloadActionFromGraph_Legacy" - "NotPullOrBuildImagesMultipleTimes" - "NotPullOrBuildImagesMultipleTimes_Legacy" - "RepositoryActionWithActionYamlFile_DockerHubImage" - "RepositoryActionWithActionYamlFile_DockerHubImage_Legacy" - "RepositoryActionWithActionfileAndDockerfile" - "RepositoryActionWithActionfileAndDockerfile_Legacy" - "RepositoryActionWithActionfile_DockerHubImage" - "RepositoryActionWithActionfile_DockerHubImage_Legacy" - "RepositoryActionWithActionfile_Dockerfile" - "RepositoryActionWithActionfile_Dockerfile_Legacy" - "RepositoryActionWithActionfile_DockerfileRelativePath" - "RepositoryActionWithActionfile_DockerfileRelativePath_Legacy" - "RepositoryActionWithActionfile_Node" - "RepositoryActionWithActionfile_Node_Legacy" - "RepositoryActionWithDockerfile" - "RepositoryActionWithDockerfile_Legacy" - "RepositoryActionWithDockerfileInRelativePath" - "RepositoryActionWithDockerfileInRelativePath_Legacy" - "RepositoryActionWithDockerfilePrepareActions_Repository" - "RepositoryActionWithInvalidWrapperActionfile_Node" - "RepositoryActionWithInvalidWrapperActionfile_Node_Legacy" - "RepositoryActionWithWrapperActionfile_PreSteps" - "RepositoryActionWithWrapperActionfile_PreSteps_Legacy" - ] ++ map - (x: "FullyQualifiedName!=GitHub.Runner.Common.Tests.DotnetsdkDownloadScriptL0.${x}") - [ - "EnsureDotnetsdkBashDownloadScriptUpToDate" - "EnsureDotnetsdkPowershellDownloadScriptUpToDate" - ]; - testFilterXml = lib.concatStringsSep "&" disabledTest; in stdenv.mkDerivation rec { - inherit pname version; + pname = "github-runner"; + version = "2.279.0"; src = fetchFromGitHub { owner = "actions"; @@ -125,7 +79,7 @@ stdenv.mkDerivation rec { # Disable specific tests substituteInPlace src/dir.proj \ --replace 'dotnet test Test/Test.csproj' \ - "dotnet test Test/Test.csproj --filter '${testFilterXml}'" + "dotnet test Test/Test.csproj --filter '${lib.concatStringsSep "&" disabledTests}'" # We don't use a Git checkout substituteInPlace src/dir.proj \ @@ -180,6 +134,49 @@ stdenv.mkDerivation rec { doCheck = true; + disabledTests = [ + # Self-updating is patched out, hence this test will fail + "FullyQualifiedName!=GitHub.Runner.Common.Tests.Listener.RunnerL0.TestRunOnceHandleUpdateMessage" + ] ++ map + # Online tests + (x: "FullyQualifiedName!=GitHub.Runner.Common.Tests.Worker.ActionManagerL0.PrepareActions_${x}") + [ + "CompositeActionWithActionfile_CompositeContainerNested" + "CompositeActionWithActionfile_CompositePrestepNested" + "CompositeActionWithActionfile_MaxLimit" + "CompositeActionWithActionfile_Node" + "DownloadActionFromGraph" + "DownloadActionFromGraph_Legacy" + "NotPullOrBuildImagesMultipleTimes" + "NotPullOrBuildImagesMultipleTimes_Legacy" + "RepositoryActionWithActionYamlFile_DockerHubImage" + "RepositoryActionWithActionYamlFile_DockerHubImage_Legacy" + "RepositoryActionWithActionfileAndDockerfile" + "RepositoryActionWithActionfileAndDockerfile_Legacy" + "RepositoryActionWithActionfile_DockerHubImage" + "RepositoryActionWithActionfile_DockerHubImage_Legacy" + "RepositoryActionWithActionfile_Dockerfile" + "RepositoryActionWithActionfile_Dockerfile_Legacy" + "RepositoryActionWithActionfile_DockerfileRelativePath" + "RepositoryActionWithActionfile_DockerfileRelativePath_Legacy" + "RepositoryActionWithActionfile_Node" + "RepositoryActionWithActionfile_Node_Legacy" + "RepositoryActionWithDockerfile" + "RepositoryActionWithDockerfile_Legacy" + "RepositoryActionWithDockerfileInRelativePath" + "RepositoryActionWithDockerfileInRelativePath_Legacy" + "RepositoryActionWithDockerfilePrepareActions_Repository" + "RepositoryActionWithInvalidWrapperActionfile_Node" + "RepositoryActionWithInvalidWrapperActionfile_Node_Legacy" + "RepositoryActionWithWrapperActionfile_PreSteps" + "RepositoryActionWithWrapperActionfile_PreSteps_Legacy" + ] ++ map + (x: "FullyQualifiedName!=GitHub.Runner.Common.Tests.DotnetsdkDownloadScriptL0.${x}") + [ + "EnsureDotnetsdkBashDownloadScriptUpToDate" + "EnsureDotnetsdkPowershellDownloadScriptUpToDate" + ]; + checkInputs = [ git ]; checkPhase = '' From ae4d181d6a870bb2c2ed37440adcc4056b01f2a2 Mon Sep 17 00:00:00 2001 From: Vincent Haupert Date: Tue, 7 Sep 2021 16:03:38 +0200 Subject: [PATCH 2/7] github-runner: 2.279.0 -> 2.281.1 (cherry picked from commit ebcf2468ac67b473821946a6d5539c001861b465) --- .../tools/continuous-integration/github-runner/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/continuous-integration/github-runner/default.nix b/pkgs/development/tools/continuous-integration/github-runner/default.nix index 459b68fa6b2..3cfd7d6015a 100644 --- a/pkgs/development/tools/continuous-integration/github-runner/default.nix +++ b/pkgs/development/tools/continuous-integration/github-runner/default.nix @@ -33,13 +33,13 @@ let in stdenv.mkDerivation rec { pname = "github-runner"; - version = "2.279.0"; + version = "2.281.1"; src = fetchFromGitHub { owner = "actions"; repo = "runner"; - rev = "6b75179ec79e2041b3b5b4e9206b73db2d206aac"; # v${version} - sha256 = "sha256-d7LAHL8Ff7R++d1HuLxWjtiBZRogySe7xHY/xJAcFms="; + rev = "c8caf59bb7adaa87c4cf8f61372670d338a13f2d"; # v${version} + sha256 = "sha256-Nl1FSjwweVqdQEVhqt4PEcqZbF7htNT279yx1nGuAe0="; }; nativeBuildInputs = [ From 364426a01d22acab4734ffb2914552298a35c954 Mon Sep 17 00:00:00 2001 From: Vincent Haupert Date: Tue, 7 Sep 2021 16:16:29 +0200 Subject: [PATCH 3/7] github-runner: adapt to latest lttng-ust ref: ab2501bd171f2c930ebd3f3bf6b6a1a228477a08 (cherry picked from commit 1614fc6eb63d012b704cbb34b9c53c823d51c32c) --- .../tools/continuous-integration/github-runner/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkgs/development/tools/continuous-integration/github-runner/default.nix b/pkgs/development/tools/continuous-integration/github-runner/default.nix index 3cfd7d6015a..b7da1970da2 100644 --- a/pkgs/development/tools/continuous-integration/github-runner/default.nix +++ b/pkgs/development/tools/continuous-integration/github-runner/default.nix @@ -237,6 +237,10 @@ stdenv.mkDerivation rec { # Stripping breaks the binaries dontStrip = true; + preFixup = '' + patchelf --replace-needed liblttng-ust.so.0 liblttng-ust.so $out/lib/libcoreclrtraceptprovider.so + ''; + postFixup = '' fix_rpath() { patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" $out/lib/$1 From 224196a6614540e12decee24efde76a33dc4e4e3 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Tue, 14 Sep 2021 06:47:40 +0000 Subject: [PATCH 4/7] signal-desktop: 5.17.0 -> 5.17.1 (cherry picked from commit e3c0374da4ff8c9a0ad65a429c6ab030e4ae8cc3) --- .../networking/instant-messengers/signal-desktop/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix index 016d95e3d65..2add742bf7c 100644 --- a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix +++ b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix @@ -25,7 +25,7 @@ let else ""); in stdenv.mkDerivation rec { pname = "signal-desktop"; - version = "5.17.0"; # Please backport all updates to the stable channel. + version = "5.17.1"; # Please backport all updates to the stable channel. # All releases have a limited lifetime and "expire" 90 days after the release. # When releases "expire" the application becomes unusable until an update is # applied. The expiration date for the current release can be extracted with: @@ -35,7 +35,7 @@ in stdenv.mkDerivation rec { src = fetchurl { url = "https://updates.signal.org/desktop/apt/pool/main/s/signal-desktop/signal-desktop_${version}_amd64.deb"; - sha256 = "1m3bkrshlipxlbf4xr7gpw3zn1k39cdysrqmw705hy2cwf7pw7yy"; + sha256 = "sha256-gJ5jDMdEx2YSmPtNfv2gKKAgPfRJcb3Aabti/DgHaIU="; }; nativeBuildInputs = [ From 04e8a8cd561e28a86560be211404cd0d431402f9 Mon Sep 17 00:00:00 2001 From: Vincent Haupert Date: Sun, 12 Sep 2021 20:03:35 +0200 Subject: [PATCH 5/7] github-runner: use dummy SHA-1 as `GitInfoCommitHash` The runner only references `GitInfoCommitHash`/`CommitHash` to print informational log entries. To allow for just referencing the tag of a version instead of the commit hash, this commit sets the value of the `GitInfoCommitHash` to a static dummy value. (cherry picked from commit cc5c902fdf94b798c3b68e55ebb7e1a1185113a1) --- .../tools/continuous-integration/github-runner/default.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/continuous-integration/github-runner/default.nix b/pkgs/development/tools/continuous-integration/github-runner/default.nix index b7da1970da2..2d7df078f8c 100644 --- a/pkgs/development/tools/continuous-integration/github-runner/default.nix +++ b/pkgs/development/tools/continuous-integration/github-runner/default.nix @@ -30,6 +30,7 @@ let dotnetSdk = dotnetCorePackages.sdk_3_1; runtimeId = "linux-x64"; + fakeSha1 = "0000000000000000000000000000000000000000"; in stdenv.mkDerivation rec { pname = "github-runner"; @@ -38,7 +39,7 @@ stdenv.mkDerivation rec { src = fetchFromGitHub { owner = "actions"; repo = "runner"; - rev = "c8caf59bb7adaa87c4cf8f61372670d338a13f2d"; # v${version} + rev = "v${version}"; sha256 = "sha256-Nl1FSjwweVqdQEVhqt4PEcqZbF7htNT279yx1nGuAe0="; }; @@ -126,7 +127,7 @@ stdenv.mkDerivation rec { -p:PackageRuntime="${runtimeId}" \ -p:BUILDCONFIG="Release" \ -p:RunnerVersion="${version}" \ - -p:GitInfoCommitHash="${src.rev}" \ + -p:GitInfoCommitHash="${fakeSha1}" \ src/dir.proj runHook postBuild @@ -191,7 +192,7 @@ stdenv.mkDerivation rec { -p:PackageRuntime="${runtimeId}" \ -p:BUILDCONFIG="Debug" \ -p:RunnerVersion="${version}" \ - -p:GitInfoCommitHash="${src.rev}" \ + -p:GitInfoCommitHash="${fakeSha1}" \ src/dir.proj runHook postCheck From ca41e07801f719188a035e918e623a5be61fb6ca Mon Sep 17 00:00:00 2001 From: Vincent Haupert Date: Mon, 13 Sep 2021 18:32:38 +0200 Subject: [PATCH 6/7] github-runner: prevent self-updates As of yet, a patch caused the runner to discard update messages. Unfortunately, GitHub keeps sending update messages to outdated runners causing them to no longer pick up jobs. This commit causes the runner to send a high version to GitHub which should be more recent for quite a time. That way, GitHub does not send update message and keeps scheduling jobs even for outdated runners. Naturally, an oudated runner can still break at any time as GitHub's current approach assumes that all runners are always up-to-date. We should still strive for quick nixpkgs updates but this patch should give us some time. (cherry picked from commit e8bbcc79fd07014b146835dfd7f5eba2079d9a55) --- .../github-runner/default.nix | 5 ++-- .../patches/ignore-self-update.patch | 24 ------------------ .../patches/prevent-self-update.patch | 25 +++++++++++++++++++ 3 files changed, 28 insertions(+), 26 deletions(-) delete mode 100644 pkgs/development/tools/continuous-integration/github-runner/patches/ignore-self-update.patch create mode 100644 pkgs/development/tools/continuous-integration/github-runner/patches/prevent-self-update.patch diff --git a/pkgs/development/tools/continuous-integration/github-runner/default.nix b/pkgs/development/tools/continuous-integration/github-runner/default.nix index 2d7df078f8c..711148c530a 100644 --- a/pkgs/development/tools/continuous-integration/github-runner/default.nix +++ b/pkgs/development/tools/continuous-integration/github-runner/default.nix @@ -68,8 +68,9 @@ stdenv.mkDerivation rec { ./patches/use-get-directory-for-diag.patch # Don't try to install systemd service ./patches/dont-install-systemd-service.patch - # Don't try to self-update runner (cannot be disabled, see https://github.com/actions/runner/issues/485) - ./patches/ignore-self-update.patch + # Prevent the runner from starting a self-update for new versions + # (upstream issue: https://github.com/actions/runner/issues/485) + ./patches/prevent-self-update.patch ]; postPatch = '' diff --git a/pkgs/development/tools/continuous-integration/github-runner/patches/ignore-self-update.patch b/pkgs/development/tools/continuous-integration/github-runner/patches/ignore-self-update.patch deleted file mode 100644 index b505bbc7503..00000000000 --- a/pkgs/development/tools/continuous-integration/github-runner/patches/ignore-self-update.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff --git a/src/Runner.Listener/Runner.cs b/src/Runner.Listener/Runner.cs -index 68b0b4e..5da21fe 100644 ---- a/src/Runner.Listener/Runner.cs -+++ b/src/Runner.Listener/Runner.cs -@@ -391,18 +391,7 @@ namespace GitHub.Runner.Listener - HostContext.WritePerfCounter($"MessageReceived_{message.MessageType}"); - if (string.Equals(message.MessageType, AgentRefreshMessage.MessageType, StringComparison.OrdinalIgnoreCase)) - { -- if (autoUpdateInProgress == false) -- { -- autoUpdateInProgress = true; -- var runnerUpdateMessage = JsonUtility.FromString(message.Body); -- var selfUpdater = HostContext.GetService(); -- selfUpdateTask = selfUpdater.SelfUpdate(runnerUpdateMessage, jobDispatcher, !runOnce && HostContext.StartupType != StartupType.Service, HostContext.RunnerShutdownToken); -- Trace.Info("Refresh message received, kick-off selfupdate background process."); -- } -- else -- { -- Trace.Info("Refresh message received, skip autoupdate since a previous autoupdate is already running."); -- } -+ Trace.Info("Ignoring received refresh message (would trigger self-update)."); - } - else if (string.Equals(message.MessageType, JobRequestMessageTypes.PipelineAgentJobRequest, StringComparison.OrdinalIgnoreCase)) - { diff --git a/pkgs/development/tools/continuous-integration/github-runner/patches/prevent-self-update.patch b/pkgs/development/tools/continuous-integration/github-runner/patches/prevent-self-update.patch new file mode 100644 index 00000000000..da73cd75a09 --- /dev/null +++ b/pkgs/development/tools/continuous-integration/github-runner/patches/prevent-self-update.patch @@ -0,0 +1,25 @@ +From 8b77c9c61058842e031dd176df2b9c79bc2c0e28 Mon Sep 17 00:00:00 2001 +From: Vincent Haupert +Date: Sun, 12 Sep 2021 19:52:21 +0200 +Subject: [PATCH] Use a fake version to prevent self-update + +--- + src/Runner.Listener/MessageListener.cs | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/Runner.Listener/MessageListener.cs b/src/Runner.Listener/MessageListener.cs +index 71e5e43..29945e0 100644 +--- a/src/Runner.Listener/MessageListener.cs ++++ b/src/Runner.Listener/MessageListener.cs +@@ -65,7 +65,7 @@ namespace GitHub.Runner.Listener + { + Id = _settings.AgentId, + Name = _settings.AgentName, +- Version = BuildConstants.RunnerPackage.Version, ++ Version = "2.999.9", + OSDescription = RuntimeInformation.OSDescription, + }; + string sessionName = $"{Environment.MachineName ?? "RUNNER"}"; +-- +2.32.0 + From d58baa249be5bcde1c8fd714cee4aa3287ab4187 Mon Sep 17 00:00:00 2001 From: Vincent Haupert Date: Tue, 14 Sep 2021 15:46:20 +0200 Subject: [PATCH 7/7] github-runner: 2.281.1 -> 2.282.0 (cherry picked from commit cd641476cfcf8d5494e661debac9a3fe40f4cf32) --- .../tools/continuous-integration/github-runner/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/continuous-integration/github-runner/default.nix b/pkgs/development/tools/continuous-integration/github-runner/default.nix index 711148c530a..56dfe62042f 100644 --- a/pkgs/development/tools/continuous-integration/github-runner/default.nix +++ b/pkgs/development/tools/continuous-integration/github-runner/default.nix @@ -34,13 +34,13 @@ let in stdenv.mkDerivation rec { pname = "github-runner"; - version = "2.281.1"; + version = "2.282.0"; src = fetchFromGitHub { owner = "actions"; repo = "runner"; rev = "v${version}"; - sha256 = "sha256-Nl1FSjwweVqdQEVhqt4PEcqZbF7htNT279yx1nGuAe0="; + sha256 = "sha256-381xqBuysT5OR+SDhtSNCz0fOsDM7zC50EatAiXmpHU="; }; nativeBuildInputs = [