Merged
Conversation
Continue addressing the reproducibility issues in the CI by switching to the Nix built kernel. This kernel has been building and working for some time, but we need a specific kernel header for `process_runqlat.bt`. Add a derivation for the kernel headers and build that too. Use cachix to store the Nix built artifacts. This requires a little bit of setup and was a tad fiddly on the self-hosted runners, but it appears to be working well now. Forks will not be able to upload to our cache but will be able to restore from it, so as long as they're hitting one of our recently locked kernels they'll get hits. In the future we should employ an alternative like magic-nix-cache too if that ever gets revived. Requires adding the cache to our self-hosted runner as it doesn't have root[0]. The kernel build in CI will then be reproducible and accessible to anyone on their local machine. Anyone running the kernel `nix build` command with `--accept-flake-config` will pull the cachix cached version, or alternatively can build it themselves reproducibly. Test plan: - CI, twice. Once to build the cache, once to test the restore. [0] JakeHillion/scx-nixos-deployments#18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Continue addressing the reproducibility issues in the CI by switching to the Nix built kernel. This kernel has been building and working for some time, but we need a specific kernel header for
process_runqlat.bt. Add a derivation for the kernel headers and build that too.Use cachix to store the Nix built artifacts. This requires a little bit of setup and was a tad fiddly on the self-hosted runners, but it appears to be working well now. Forks will not be able to upload to our cache but will be able to restore from it, so as long as they're hitting one of our recently locked kernels they'll get hits. In the future we should employ an alternative like magic-nix-cache too if that ever gets revived. Requires adding the cache to our self-hosted runner as it doesn't have root[0].
The kernel build in CI will then be reproducible and accessible to anyone on their local machine. Anyone running the kernel
nix buildcommand with--accept-flake-configwill pull the cachix cached version, or alternatively can build it themselves reproducibly.Test plan:
[0] JakeHillion/scx-nixos-deployments#18