Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ci] Add mechanism for trust on certain CI scripts #12604

Merged
merged 1 commit into from
Aug 30, 2022
Merged

[ci] Add mechanism for trust on certain CI scripts #12604

merged 1 commit into from
Aug 30, 2022

Conversation

driazati
Copy link
Member

@driazati driazati commented Aug 25, 2022
edited
Loading

This makes it so changes to certain files from users not listed in
CONTRIBUTING.md are not tested in CI. This is necessary since these
scripts run on the baremetal EC2 instances and not inside Docker
containers, so they can affect other builds and potentially grab Jenkins
secrets. This checks out the version from the upstream for the listed
files after running git checkout. Tested in CI: positive and negative

cc @Mousius @areusch @gigiblender

@driazati driazati force-pushed the jtrust branch 6 times, most recently from eb511cc to cf114ce Compare August 25, 2022 18:46
@driazati driazati marked this pull request as ready for review August 25, 2022 19:22
@github-actions
Copy link
Contributor

Built docs for commit cf114ce can be found here.

areusch
areusch reviewed Aug 25, 2022
View reviewed changes
Copy link
Contributor

@areusch areusch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

mainly one question, which i think related to the test script refactor

ci/jenkins/Jenkinsfile.j2 Outdated Show resolved Hide resolved
@driazati driazati marked this pull request as draft August 25, 2022 22:53
@driazati driazati mentioned this pull request Aug 29, 2022
Closed
7 tasks
@github-actions github-actions bot requested a review from Mousius August 30, 2022 18:56
@driazati driazati marked this pull request as ready for review August 30, 2022 18:57
@driazati
[ci] Add mechanism for trust on certain CI scripts
0d53a25 
This makes it so changes to certain files from users not listed in
`CONTRIBUTING.md` are not tested in CI. This is necessary since these
scripts run on the baremetal EC2 instances and not inside Docker
containers, so they can affect other builds and potentially grab Jenkins
secrets. This checks out the version from the upstream for the listed
files after running `git checkout`.
@driazati driazati merged commit caf326f into apache:main Aug 30, 2022
@areusch areusch mentioned this pull request Aug 31, 2022
Closed
@driazati driazati mentioned this pull request Sep 14, 2022
Merged
driazati added a commit to driazati/tvm that referenced this pull request Sep 14, 2022
@driazati
[ci] Add retries to docker push
48c75b7 
This should mitigate failures like in
https://ci.tlcpack.ai/blue/organizations/jenkins/tvm/detail/main/4274/pipeline.
This also moves the `retry` function to a script now that we have
PR apache#12604.
driazati added a commit to driazati/tvm that referenced this pull request Sep 14, 2022
@driazati
[ci] Add retries to docker push
b7a6f14 
This should mitigate failures like in
https://ci.tlcpack.ai/blue/organizations/jenkins/tvm/detail/main/4274/pipeline.
This also moves the `retry` function to a script now that we have
PR apache#12604.
driazati added a commit to driazati/tvm that referenced this pull request Sep 14, 2022
@driazati
[ci] Add retries to docker push
9cd5918 
This should mitigate failures like in
https://ci.tlcpack.ai/blue/organizations/jenkins/tvm/detail/main/4274/pipeline.
This also moves the `retry` function to a script now that we have
PR apache#12604.
areusch pushed a commit that referenced this pull request Sep 15, 2022
@driazati
[ci] Add retries to docker push (#12773)
c00ce57 
This should mitigate failures like in
https://ci.tlcpack.ai/blue/organizations/jenkins/tvm/detail/main/4274/pipeline.
This also moves the `retry` function to a script now that we have
PR #12604.

Co-authored-by: driazati <driazati@users.noreply.github.com>
@gigiblender gigiblender mentioned this pull request Sep 29, 2022
Closed
@driazati driazati mentioned this pull request Sep 29, 2022
Closed
xinetzone pushed a commit to daobook/tvm that referenced this pull request Nov 25, 2022
@driazati @xinetzone
[ci] Add mechanism for trust on certain CI scripts (apache#12604)
9294be6 
This makes it so changes to certain files from users not listed in
`CONTRIBUTING.md` are not tested in CI. This is necessary since these
scripts run on the baremetal EC2 instances and not inside Docker
containers, so they can affect other builds and potentially grab Jenkins
secrets. This checks out the version from the upstream for the listed
files after running `git checkout`. Tested in CI: [positive](https://ci.tlcpack.ai/blue/organizations/jenkins/tvm/detail/PR-12604/6/pipeline/) and [negative](https://ci.tlcpack.ai/blue/organizations/jenkins/tvm/detail/PR-12604/9/pipeline/)
xinetzone pushed a commit to daobook/tvm that referenced this pull request Nov 25, 2022
@driazati @xinetzone
[ci] Add retries to docker push (apache#12773)
7835698 
This should mitigate failures like in
https://ci.tlcpack.ai/blue/organizations/jenkins/tvm/detail/main/4274/pipeline.
This also moves the `retry` function to a script now that we have
PR apache#12604.

Co-authored-by: driazati <driazati@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@areusch areusch areusch approved these changes

@Mousius Mousius Awaiting requested review from Mousius

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@driazati @areusch