highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-04-15 23:51:35 +02:00
Code Issues Packages Projects Releases Wiki Activity
bitcoin/ci
History
Andrew Chow caff95a023
Merge bitcoin/bitcoin#27896: Remove the syscall sandbox 
32e2ffc39374f61bb2435da507f285459985df9e Remove the syscall sandbox (fanquake)

Pull request description:

  After initially being merged in #20487, it's no-longer clear that an internal syscall sandboxing mechanism is something that Bitcoin Core should have/maintain, especially when compared to better maintained/supported alterantives, i.e [firejail](https://github.com/netblue30/firejail).

  There is more related discussion in #24771.

  Note that given where it's used, the sandbox also gets dragged into the kernel.

  If it's removed, this should not require any sort of deprecation, as this was only ever an opt-in, experimental feature.

  Closes #24771.

ACKs for top commit:
  davidgumberg:
     crACK 32e2ffc393
  achow101:
    ACK 32e2ffc39374f61bb2435da507f285459985df9e
  dergoegge:
    ACK 32e2ffc39374f61bb2435da507f285459985df9e

Tree-SHA512: 8cf71c5623bb642cb515531d4a2545d806e503b9d57bfc15a996597632b06103d60d985fd7f843a3c1da6528bc38d0298d6b8bcf0be6f851795a8040d71faf16
2023-06-27 18:19:21 -04:00
..
lint
lint: stop ignoring LIEF imports
2023-05-29 10:23:52 +01:00
retry
test
Merge bitcoin/bitcoin#27896: Remove the syscall sandbox
2023-06-27 18:19:21 -04:00
lint_run_all.sh
scripted-diff: Bump copyright headers
2020-12-31 09:45:41 +01:00
README.md
ci: Remove "default" test env
2023-05-29 09:16:21 +02:00
test_imagefile
ci: Cache package manager install step
2023-01-28 17:59:07 +01:00
test_run_all.sh
move-only: Move almost all CI_EXEC code to 06_script_b.sh
2023-05-10 14:10:38 +02:00

README.md

CI Scripts

This directory contains scripts for each build step in each build stage.

Running a Stage Locally

Be aware that the tests will be built and run in-place, so please run at your own risk. If the repository is not a fresh git clone, you might have to clean files from previous builds or test runs first.

The ci needs to perform various sysadmin tasks such as installing packages or writing to the user's home directory. While it should be fine to run the ci system locally on you development box, the ci scripts can generally be assumed to have received less review and testing compared to other parts of the codebase. If you want to keep the work tree clean, you might want to run the ci system in a virtual machine with a Linux operating system of your choice.

To allow for a wide range of tested environments, but also ensure reproducibility to some extent, the test stage requires bash, docker, and python3 to be installed. To install all requirements on Ubuntu, run

sudo apt install bash docker.io python3

To run the test stage with a specific configuration,

FILE_ENV="./ci/test/00_setup_env_arm.sh" ./ci/test_run_all.sh

Configurations

The test files (FILE_ENV) are constructed to test a wide range of configurations, rather than a single pass/fail. This helps to catch build failures and logic errors that present on platforms other than the ones the author has tested.

Some builders use the dependency-generator in ./depends, rather than using the system package manager to install build dependencies. This guarantees that the tester is using the same versions as the release builds, which also use ./depends.

If no FILE_ENV has been specified or values are left out, 00_setup_env.sh is used as the default configuration with fallback values.

It is also possible to force a specific configuration without modifying the file. For example,

MAKEJOBS="-j1" FILE_ENV="./ci/test/00_setup_env_arm.sh" ./ci/test_run_all.sh

The files starting with 0n (n greater than 0) are the scripts that are run in order.

Cache

In order to avoid rebuilding all dependencies for each build, the binaries are cached and re-used when possible. Changes in the dependency-generator will trigger cache-invalidation and rebuilds as necessary.