Skip to content

gitlab-runner: Add main program, version check hook, and Nix update script. Fix Darwin builds.#395906

Merged
GaetanLepage merged 1 commit intoNixOS:masterfrom
commiterate:gitlab_runner_cleanup
Apr 7, 2025
Merged

gitlab-runner: Add main program, version check hook, and Nix update script. Fix Darwin builds.#395906
GaetanLepage merged 1 commit intoNixOS:masterfrom
commiterate:gitlab_runner_cleanup

Conversation

@commiterate
Copy link
Contributor

@commiterate commiterate commented Apr 4, 2025
edited
Loading

  • Add main program.
  • Add version check hook.
  • Add Nix update script.
  • Fix Darwin builds.
    • Allow local networking.
    • Remove X.509 tests.
  • Minor cleanup.
    • Switch from rec to finalAttrs.
    • Switch fetcher from rev to tag.
    • Reorder attributes according to stdenv phase ordering.
    • Remove meta.platforms to use the one included with buildGoModule.

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 25.05 Release Notes (or backporting 24.11 and 25.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

@github-actions github-actions bot added 10.rebuild-darwin: 1 This PR causes 1 package to rebuild on Darwin. 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-linux: 1 This PR causes 1 package to rebuild on Linux. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. labels Apr 4, 2025
drupol
drupol reviewed Apr 6, 2025
View reviewed changes
@drupol drupol requested a review from GaetanLepage April 6, 2025 20:06
commiterate
commiterate commented Apr 6, 2025
View reviewed changes
@commiterate commiterate force-pushed the gitlab_runner_cleanup branch from e3273f8 to 7908489 Compare April 6, 2025 20:33
@github-actions github-actions bot removed 10.rebuild-darwin: 1 This PR causes 1 package to rebuild on Darwin. 10.rebuild-linux: 1 This PR causes 1 package to rebuild on Linux. labels Apr 6, 2025
@commiterate commiterate force-pushed the gitlab_runner_cleanup branch 3 times, most recently from 6c84c4a to 2bcb660 Compare April 6, 2025 20:50
GaetanLepage
GaetanLepage reviewed Apr 6, 2025
View reviewed changes
Copy link
Contributor

@GaetanLepage GaetanLepage left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not a huge deal, but I think that it's more common not to put ending periods at the end of comments.

@commiterate commiterate force-pushed the gitlab_runner_cleanup branch from 2bcb660 to b3976c2 Compare April 6, 2025 21:05
@GaetanLepage
Copy link
Contributor

GaetanLepage commented Apr 6, 2025

nixpkgs-review result

Generated using nixpkgs-review.

Command: nixpkgs-review pr 395906

x86_64-linux

✅ 2 packages built:
  • gclient2nix
  • gitlab-runner

aarch64-linux

✅ 2 packages built:
  • gclient2nix
  • gitlab-runner

x86_64-darwin

❌ 1 package failed to build:
  • gitlab-runner
✅ 1 package built:
  • gclient2nix

aarch64-darwin

❌ 1 package failed to build:
  • gitlab-runner
✅ 1 package built:
  • gclient2nix

@commiterate
Copy link
Contributor Author

commiterate commented Apr 6, 2025

Hmm testing build on my aarch64-darwin machine.

@commiterate
Copy link
Contributor Author

commiterate commented Apr 6, 2025
edited
Loading

Some unit tests are attempting to bind to a port which is not allowed in the build sandbox on macOS (I have sandboxing turned on).

nix-build -A gitlab-runner 
this derivation will be built:
  /nix/store/8gdxv2ircgfim23sl0ix465jwkr8mm36-gitlab-runner-17.2.0.drv
these 4 paths will be fetched (8.60 MiB download, 79.90 MiB unpacked):
  /nix/store/fqk7sya4w9n58q0xar7qc9d34i2smfzm-bash-interactive-5.2p37-dev
  /nix/store/npfch9pm9v39y3syy9rf0igahfmspj83-gitlab-runner-17.2.0-go-modules
  /nix/store/izl8h2jykg3fqndg0crs56xm9qgf9nwr-source
  /nix/store/58cj3q6r4k3ivqddg91lhzlvvcb349x3-version-check-hook
copying path '/nix/store/npfch9pm9v39y3syy9rf0igahfmspj83-gitlab-runner-17.2.0-go-modules' from 'https://cache.nixos.org'...
copying path '/nix/store/izl8h2jykg3fqndg0crs56xm9qgf9nwr-source' from 'https://cache.nixos.org'...
copying path '/nix/store/58cj3q6r4k3ivqddg91lhzlvvcb349x3-version-check-hook' from 'https://cache.nixos.org'...
copying path '/nix/store/fqk7sya4w9n58q0xar7qc9d34i2smfzm-bash-interactive-5.2p37-dev' from 'https://cache.nixos.org'...
building '/nix/store/8gdxv2ircgfim23sl0ix465jwkr8mm36-gitlab-runner-17.2.0.drv'...
Using versionCheckHook
Running phase: unpackPhase
unpacking source archive /nix/store/izl8h2jykg3fqndg0crs56xm9qgf9nwr-source
source root is source
Running phase: patchPhase
applying patch /nix/store/mqqh7daxi18gd1xmhd2p89zbf8l473mp-fix-shell-path.patch
patching file shells/bash.go
Hunk #1 succeeded at 4 with fuzz 2 (offset 1 line).
Hunk #2 succeeded at 377 (offset 69 lines).
applying patch /nix/store/5i5rm5zdnay1xlnqbqfsfnwvfk2b8cf4-remove-bash-test.patch
patching file shells/bash_test.go
Hunk #2 succeeded at 74 (offset -14 lines).
Running phase: updateAutotoolsGnuConfigScriptsPhase
Running phase: configurePhase
Running phase: buildPhase
Building subPackage .
Building subPackage ./apps/gitlab-runner-helper
Building subPackage ./cache
Building subPackage ./cache/azure
Building subPackage ./cache/gcs
Building subPackage ./cache/gcsv2
Building subPackage ./cache/s3
Building subPackage ./cache/test
Building subPackage ./commands
Building subPackage ./commands/fleeting
Building subPackage ./commands/helpers
Building subPackage ./commands/helpers/archive
Building subPackage ./commands/helpers/archive/fastzip
Building subPackage ./commands/helpers/archive/gziplegacy
Building subPackage ./commands/helpers/archive/raw
Building subPackage ./commands/helpers/archive/tarzstd
Building subPackage ./commands/helpers/archive/ziplegacy
Building subPackage ./commands/helpers/meter
Building subPackage ./common
Building subPackage ./common/buildlogger
Building subPackage ./common/buildlogger/internal
Building subPackage ./common/buildlogger/internal/masker
Building subPackage ./common/buildlogger/internal/timestamper
Building subPackage ./common/buildlogger/internal/tokensanitizer
Building subPackage ./common/buildlogger/internal/urlsanitizer
Building subPackage ./common/buildtest
Building subPackage ./common/config/runner
Building subPackage ./common/config/runner/monitoring
Building subPackage ./executors
Building subPackage ./executors/custom
Building subPackage ./executors/custom/api
Building subPackage ./executors/custom/command
Building subPackage ./executors/docker
Building subPackage ./executors/docker/autoscaler
Building subPackage ./executors/docker/internal/exec
Building subPackage ./executors/docker/internal/labels
Building subPackage ./executors/docker/internal/networks
Building subPackage ./executors/docker/internal/pull
Building subPackage ./executors/docker/internal/user
Building subPackage ./executors/docker/internal/volumes
Building subPackage ./executors/docker/internal/volumes/parser
Building subPackage ./executors/docker/internal/volumes/permission
Building subPackage ./executors/docker/internal/wait
Building subPackage ./executors/docker/machine
Building subPackage ./executors/instance
Building subPackage ./executors/internal/autoscaler
Building subPackage ./executors/internal/autoscaler/logger
Building subPackage ./executors/kubernetes
Building subPackage ./executors/kubernetes/internal/pull
Building subPackage ./executors/parallels
Building subPackage ./executors/shell
Building subPackage ./executors/ssh
Building subPackage ./executors/virtualbox
Building subPackage ./executors/vm
Building subPackage ./helpers
Building subPackage ./helpers/archives
Building subPackage ./helpers/azure_key_vault/service
Building subPackage ./helpers/certificate
Building subPackage ./helpers/cli
Building subPackage ./helpers/container/helperimage
Building subPackage ./helpers/container/services
Building subPackage ./helpers/container/services/test
Building subPackage ./helpers/container/windows
Building subPackage ./helpers/dns
Building subPackage ./helpers/dns/test
Building subPackage ./helpers/docker
Building subPackage ./helpers/docker/auth
Building subPackage ./helpers/docker/errors
Building subPackage ./helpers/docker/test
Building subPackage ./helpers/featureflags
Building subPackage ./helpers/gcp_secret_manager/service
Building subPackage ./helpers/limitwriter
Building subPackage ./helpers/parallels
Building subPackage ./helpers/path
Building subPackage ./helpers/process
Building subPackage ./helpers/prometheus
Building subPackage ./helpers/retry
Building subPackage ./helpers/secrets
Building subPackage ./helpers/secrets/resolvers/azure_key_vault
Building subPackage ./helpers/secrets/resolvers/gcp_secret_manager
Building subPackage ./helpers/secrets/resolvers/vault
Building subPackage ./helpers/sentry
Building subPackage ./helpers/service
Building subPackage ./helpers/ssh
Building subPackage ./helpers/test
Building subPackage ./helpers/timeperiod
Building subPackage ./helpers/tls
Building subPackage ./helpers/tls/ca_chain
Building subPackage ./helpers/trace
Building subPackage ./helpers/url
Building subPackage ./helpers/vault
Building subPackage ./helpers/vault/auth_methods
Building subPackage ./helpers/vault/auth_methods/jwt
Building subPackage ./helpers/vault/internal/registry
Building subPackage ./helpers/vault/secret_engines
Building subPackage ./helpers/vault/secret_engines/generic
Building subPackage ./helpers/vault/secret_engines/kv_v2
Building subPackage ./helpers/vault/service
Building subPackage ./helpers/virtualbox
Building subPackage ./log
Building subPackage ./log/test
Building subPackage ./magefiles
package gitlab.com/gitlab-org/gitlab-runner/magefiles: build constraints exclude all Go files in /private/tmp/nix-build-gitlab-runner-17.2.0.drv-0/source/magefiles
Building subPackage ./magefiles/build
Building subPackage ./magefiles/ci
Building subPackage ./magefiles/docker
Building subPackage ./magefiles/env
Building subPackage ./magefiles/images
Building subPackage ./magefiles/kubernetes
Building subPackage ./magefiles/mageutils
Building subPackage ./magefiles/packagecloud
Building subPackage ./magefiles/packages
Building subPackage ./network
Building subPackage ./referees
Building subPackage ./scripts/check-test-directives
Building subPackage ./scripts/pull-images-for-tests
Building subPackage ./scripts/update-feature-flags-docs
Building subPackage ./session
Building subPackage ./session/proxy
Building subPackage ./session/terminal
Building subPackage ./shells
Building subPackage ./shells/shellstest
buildPhase completed in 1 minutes 8 seconds
Running phase: checkPhase
ok      gitlab.com/gitlab-org/gitlab-runner     0.666s
ok      gitlab.com/gitlab-org/gitlab-runner/cache       0.336s
ok      gitlab.com/gitlab-org/gitlab-runner/cache/azure 0.337s
ok      gitlab.com/gitlab-org/gitlab-runner/cache/gcs   0.393s
ok      gitlab.com/gitlab-org/gitlab-runner/cache/gcsv2 0.388s
ok      gitlab.com/gitlab-org/gitlab-runner/cache/s3    0.348s
time="2025-04-06T21:46:29Z" level=info msg="Created missing unique system ID" system_id=r_6opzTb0pOf5n
time="2025-04-06T21:46:29Z" level=info msg="Created missing unique system ID" system_id=r_d2tlDPwHTcEr
time="2025-04-06T21:46:29Z" level=info msg="Created missing unique system ID" system_id=r_9WqrYUE73LrL
time="2025-04-06T21:46:29Z" level=info msg="Created missing unique system ID" system_id=r_HPCw4TS6H8DR
time="2025-04-06T21:46:29Z" level=info msg="Created missing unique system ID" system_id=r_RiYIhWUkFOFL
time="2025-04-06T21:46:29Z" level=info msg="Created missing unique system ID" system_id=r_Rwct3f0UMf94
--- FAIL: TestRestrictHTTPMethods (0.00s)
    --- FAIL: TestRestrictHTTPMethods/HEAD (0.00s)
panic: httptest: failed to listen on a port: listen tcp6 [::1]:0: bind: operation not permitted [recovered]
        panic: httptest: failed to listen on a port: listen tcp6 [::1]:0: bind: operation not permitted

goroutine 52 [running]:
testing.tRunner.func1.2({0x1024c1c80, 0x14000980720})
        /nix/store/jp3z5jp9gaxsw7fdzbqn29aabmrxq62j-go-1.24.1/share/go/src/testing/testing.go:1734 +0x1ac
testing.tRunner.func1()
        /nix/store/jp3z5jp9gaxsw7fdzbqn29aabmrxq62j-go-1.24.1/share/go/src/testing/testing.go:1737 +0x334
panic({0x1024c1c80?, 0x14000980720?})
        /nix/store/jp3z5jp9gaxsw7fdzbqn29aabmrxq62j-go-1.24.1/share/go/src/runtime/panic.go:792 +0x124
net/http/httptest.newLocalListener()
        /nix/store/jp3z5jp9gaxsw7fdzbqn29aabmrxq62j-go-1.24.1/share/go/src/net/http/httptest/server.go:71 +0xdc
net/http/httptest.NewUnstartedServer(...)
        /nix/store/jp3z5jp9gaxsw7fdzbqn29aabmrxq62j-go-1.24.1/share/go/src/net/http/httptest/server.go:119
net/http/httptest.NewServer({0x1028aaaa0, 0x140000b5500})
        /nix/store/jp3z5jp9gaxsw7fdzbqn29aabmrxq62j-go-1.24.1/share/go/src/net/http/httptest/server.go:106 +0x28
gitlab.com/gitlab-org/gitlab-runner/commands.TestRestrictHTTPMethods.func1(0x14000623dc0)
        /private/tmp/nix-build-gitlab-runner-17.2.0.drv-0/source/commands/builds_helper_test.go:228 +0x150
testing.tRunner(0x14000623dc0, 0x140000b54c0)
        /nix/store/jp3z5jp9gaxsw7fdzbqn29aabmrxq62j-go-1.24.1/share/go/src/testing/testing.go:1792 +0xe4
created by testing.(*T).Run in goroutine 51
        /nix/store/jp3z5jp9gaxsw7fdzbqn29aabmrxq62j-go-1.24.1/share/go/src/testing/testing.go:1851 +0x374
FAIL    gitlab.com/gitlab-org/gitlab-runner/commands    0.536s
FAIL
error: builder for '/nix/store/8gdxv2ircgfim23sl0ix465jwkr8mm36-gitlab-runner-17.2.0.drv' failed with exit code 1;
       last 25 log lines:
       >     --- FAIL: TestRestrictHTTPMethods/HEAD (0.00s)
       > panic: httptest: failed to listen on a port: listen tcp6 [::1]:0: bind: operation not permitted [recovered]
       >  panic: httptest: failed to listen on a port: listen tcp6 [::1]:0: bind: operation not permitted
       >
       > goroutine 52 [running]:
       > testing.tRunner.func1.2({0x1024c1c80, 0x14000980720})
       >       /nix/store/jp3z5jp9gaxsw7fdzbqn29aabmrxq62j-go-1.24.1/share/go/src/testing/testing.go:1734 +0x1ac
       > testing.tRunner.func1()
       >     /nix/store/jp3z5jp9gaxsw7fdzbqn29aabmrxq62j-go-1.24.1/share/go/src/testing/testing.go:1737 +0x334
       > panic({0x1024c1c80?, 0x14000980720?})
       >       /nix/store/jp3z5jp9gaxsw7fdzbqn29aabmrxq62j-go-1.24.1/share/go/src/runtime/panic.go:792 +0x124
       > net/http/httptest.newLocalListener()
       >   /nix/store/jp3z5jp9gaxsw7fdzbqn29aabmrxq62j-go-1.24.1/share/go/src/net/http/httptest/server.go:71 +0xdc
       > net/http/httptest.NewUnstartedServer(...)
       >     /nix/store/jp3z5jp9gaxsw7fdzbqn29aabmrxq62j-go-1.24.1/share/go/src/net/http/httptest/server.go:119
       > net/http/httptest.NewServer({0x1028aaaa0, 0x140000b5500})
       >  /nix/store/jp3z5jp9gaxsw7fdzbqn29aabmrxq62j-go-1.24.1/share/go/src/net/http/httptest/server.go:106 +0x28
       > gitlab.com/gitlab-org/gitlab-runner/commands.TestRestrictHTTPMethods.func1(0x14000623dc0)
       >    /private/tmp/nix-build-gitlab-runner-17.2.0.drv-0/source/commands/builds_helper_test.go:228 +0x150
       > testing.tRunner(0x14000623dc0, 0x140000b54c0)
       >      /nix/store/jp3z5jp9gaxsw7fdzbqn29aabmrxq62j-go-1.24.1/share/go/src/testing/testing.go:1792 +0xe4
       > created by testing.(*T).Run in goroutine 51
       >  /nix/store/jp3z5jp9gaxsw7fdzbqn29aabmrxq62j-go-1.24.1/share/go/src/testing/testing.go:1851 +0x374
       > FAIL gitlab.com/gitlab-org/gitlab-runner/commands    0.536s
       > FAIL
       For full logs, run 'nix log /nix/store/8gdxv2ircgfim23sl0ix465jwkr8mm36-gitlab-runner-17.2.0.drv'.

I don't see any successful existing builds in Hydra either.

It seems like Darwin builds have been broken for awhile now.

GaetanLepage
GaetanLepage reviewed Apr 6, 2025
View reviewed changes
@commiterate commiterate force-pushed the gitlab_runner_cleanup branch from b3976c2 to b128b03 Compare April 6, 2025 23:24
@commiterate commiterate changed the title gitlab-runner: Add main program, version check hook, and Nix update script. gitlab-runner: Add main program, version check hook, and Nix update script. Fix Darwin builds. Apr 6, 2025
drupol
drupol reviewed Apr 6, 2025
View reviewed changes
@commiterate commiterate force-pushed the gitlab_runner_cleanup branch from b128b03 to 89933df Compare April 6, 2025 23:33
@ofborg ofborg bot added the 6.topic: darwin Running or building packages on Darwin label Apr 6, 2025
@GaetanLepage
Copy link
Contributor

GaetanLepage commented Apr 7, 2025

nixpkgs-review result

Generated using nixpkgs-review.

Command: nixpkgs-review pr 395906

x86_64-linux

✅ 2 packages built:
  • gclient2nix
  • gitlab-runner

aarch64-linux

✅ 2 packages built:
  • gclient2nix
  • gitlab-runner

x86_64-darwin

✅ 2 packages built:
  • gclient2nix
  • gitlab-runner

aarch64-darwin

✅ 2 packages built:
  • gclient2nix
  • gitlab-runner

GaetanLepage
GaetanLepage approved these changes Apr 7, 2025
View reviewed changes
Copy link
Contributor

@GaetanLepage GaetanLepage left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks!

@GaetanLepage GaetanLepage requested a review from drupol April 7, 2025 06:45
@leona-ya
Copy link
Member

leona-ya commented Apr 7, 2025

I think we want a part of this change. Personally I'd like to switch to make as build system (as in #392089, that has still problems with 17.9.2 versions). But happy to discuss this. I think we can merge this for now and then discuss in the other change.

@GaetanLepage GaetanLepage merged commit e3a3c72 into NixOS:master Apr 7, 2025
58 of 60 checks passed
@commiterate commiterate deleted the gitlab_runner_cleanup branch April 7, 2025 16:08
@commiterate commiterate mentioned this pull request Apr 8, 2025
Closed
13 tasks
@nixpkgs-ci
Copy link
Contributor

nixpkgs-ci bot commented Apr 8, 2025

Successfully created backport PR for release-24.11:

@nixpkgs-ci nixpkgs-ci bot mentioned this pull request Apr 8, 2025
Merged
1 task
@commiterate commiterate mentioned this pull request May 20, 2025
Merged
13 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@GaetanLepage GaetanLepage GaetanLepage approved these changes

@zimbatm zimbatm Awaiting requested review from zimbatm

@talyz talyz Awaiting requested review from talyz

@globin globin Awaiting requested review from globin

@leona-ya leona-ya Awaiting requested review from leona-ya

@krav krav Awaiting requested review from krav

@yayayayaka yayayayaka Awaiting requested review from yayayayaka

@drupol drupol Awaiting requested review from drupol

+1 more reviewer

@helsinki-Jo helsinki-Jo helsinki-Jo left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

6.topic: darwin Running or building packages on Darwin 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@commiterate @GaetanLepage @leona-ya @drupol @helsinki-Jo