From 444bbc3a5d99712bfd9472a159b6e07ead14c0c4 Mon Sep 17 00:00:00 2001 From: Ludvig Liljenberg Date: Tue, 5 Nov 2024 19:09:14 +0000 Subject: [PATCH 1/7] Update runner pool --- .github/workflows/Benchmarks.yml | 6 +++--- .github/workflows/CargoPublish.yml | 2 +- .github/workflows/CreateRelease.yml | 2 +- .github/workflows/ValidatePullRequest.yml | 12 ++++++------ .github/workflows/custom_dependabot.yml | 2 +- .github/workflows/dep_fuzzing.yml | 2 +- .github/workflows/dep_rust.yml | 12 ++++++------ 7 files changed, 19 insertions(+), 19 deletions(-) diff --git a/.github/workflows/Benchmarks.yml b/.github/workflows/Benchmarks.yml index 8b2d56e8f..634ca18fe 100644 --- a/.github/workflows/Benchmarks.yml +++ b/.github/workflows/Benchmarks.yml @@ -30,13 +30,13 @@ jobs: build: [windows-2022-release, linux-kvm-release, linux-hyperv-release] include: - build: windows-2022-release - os: [self-hosted, Windows, X64, "1ES.Pool=HL-win-2022-amd"] + os: [self-hosted, Windows, X64, "1ES.Pool=hld-win2022-amd"] hypervisor: none - build: linux-kvm-release - os: [self-hosted, Linux, X64, "1ES.Pool=HL-Ubuntu-22.04-KVM"] + os: [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd"] hypervisor: kvm - build: linux-hyperv-release - os: [self-hosted, Linux, X64, "1ES.Pool=HL-mshv-dev"] + os: [self-hosted, Linux, X64, "1ES.Pool=hld-mshv-amd"] hypervisor: hyperv runs-on: ${{ matrix.os }} diff --git a/.github/workflows/CargoPublish.yml b/.github/workflows/CargoPublish.yml index 61f2357fa..4f39892c8 100644 --- a/.github/workflows/CargoPublish.yml +++ b/.github/workflows/CargoPublish.yml @@ -18,7 +18,7 @@ permissions: jobs: publish-hyperlight-packages: environment: release - runs-on: [self-hosted, Linux, X64, "1ES.Pool=HL-Ubuntu-22.04-KVM"] + runs-on: [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd"] # We should only publish from dev if minver contains `-preview` if: ${{ contains(github.ref, 'refs/heads/release/') }} || ${{ github.ref=='refs/heads/dev' }} diff --git a/.github/workflows/CreateRelease.yml b/.github/workflows/CreateRelease.yml index f3d91638a..2ddb4eb33 100644 --- a/.github/workflows/CreateRelease.yml +++ b/.github/workflows/CreateRelease.yml @@ -18,7 +18,7 @@ jobs: build-rust-ubuntu: # see https://github.com/orgs/community/discussions/26286#discussioncomment-3251208 for why we need to check the ref if: ${{ contains(github.ref, 'refs/heads/release/') }} || ${{ github.ref=='refs/heads/dev' }} - runs-on: [self-hosted, Linux, X64, "1ES.Pool=HL-Ubuntu-22.04-KVM"] + runs-on: [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd"] environment: release steps: diff --git a/.github/workflows/ValidatePullRequest.yml b/.github/workflows/ValidatePullRequest.yml index e5d29dbc1..0191582b3 100644 --- a/.github/workflows/ValidatePullRequest.yml +++ b/.github/workflows/ValidatePullRequest.yml @@ -33,11 +33,11 @@ jobs: build: [windows-debug, windows-release] include: - build: windows-debug - os: [self-hosted, Windows, X64, "1ES.Pool=HL-win-2022-amd"] + os: [self-hosted, Windows, X64, "1ES.Pool=hld-win2022-amd"] config: debug platform: x64 - build: windows-release - os: [self-hosted, Windows, X64, "1ES.Pool=HL-win-2022-amd"] + os: [self-hosted, Windows, X64, "1ES.Pool=hld-win2022-amd"] config: release platform: x64 env: @@ -82,22 +82,22 @@ jobs: ] include: - build: linux-kvm-debug - os: [self-hosted, Linux, X64, "1ES.Pool=HL-Ubuntu-22.04-KVM"] + os: [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd"] config: debug platform: x64 hypervisor: kvm - build: linux-kvm-release - os: [self-hosted, Linux, X64, "1ES.Pool=HL-Ubuntu-22.04-KVM"] + os: [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd"] config: release platform: x64 hypervisor: kvm - build: linux-hyperv-debug - os: [self-hosted, Linux, X64, "1ES.Pool=HL-mshv-dev"] + os: [self-hosted, Linux, X64, "1ES.Pool=hld-mshv-amd"] config: debug platform: x64 hypervisor: hyperv - build: linux-hyperv-release - os: [self-hosted, Linux, X64, "1ES.Pool=HL-mshv-dev"] + os: [self-hosted, Linux, X64, "1ES.Pool=hld-mshv-amd"] config: release platform: x64 hypervisor: hyperv diff --git a/.github/workflows/custom_dependabot.yml b/.github/workflows/custom_dependabot.yml index c3f81cc8e..b820bd060 100644 --- a/.github/workflows/custom_dependabot.yml +++ b/.github/workflows/custom_dependabot.yml @@ -34,7 +34,7 @@ jobs: contents: write # for Git to git push id-token: write pull-requests: write # for repo-sync/pull-request to create pull requests - runs-on: [self-hosted, Linux, X64, "1ES.Pool=HL-Ubuntu-22.04-KVM"] + runs-on: [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd"] steps: - name: Checkout repo diff --git a/.github/workflows/dep_fuzzing.yml b/.github/workflows/dep_fuzzing.yml index 9097ef99a..258fe7c57 100644 --- a/.github/workflows/dep_fuzzing.yml +++ b/.github/workflows/dep_fuzzing.yml @@ -18,7 +18,7 @@ permissions: jobs: fuzz: environment: ${{ inputs.environment }} - runs-on: [ self-hosted, Linux, X64, "1ES.Pool=HL-Ubuntu-22.04-KVM" ] + runs-on: [ self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd" ] steps: - name: Checkout code uses: actions/checkout@v4 diff --git a/.github/workflows/dep_rust.yml b/.github/workflows/dep_rust.yml index 957f86858..9b966013b 100644 --- a/.github/workflows/dep_rust.yml +++ b/.github/workflows/dep_rust.yml @@ -35,27 +35,27 @@ jobs: ] include: - build: windows-2022-debug - os: [self-hosted, Windows, X64, "1ES.Pool=HL-win-2022-amd"] + os: [self-hosted, Windows, X64, "1ES.Pool=hld-win2022-amd"] hypervisor: none config: debug - build: linux-kvm-debug - os: [self-hosted, Linux, X64, "1ES.Pool=HL-Ubuntu-22.04-KVM"] + os: [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd"] hypervisor: kvm config: debug - build: linux-hyperv-debug - os: [self-hosted, Linux, X64, "1ES.Pool=HL-mshv-dev"] + os: [self-hosted, Linux, X64, "1ES.Pool=hld-mshv-amd"] hypervisor: hyperv config: debug - build: windows-2022-release - os: [self-hosted, Windows, X64, "1ES.Pool=HL-win-2022-amd"] + os: [self-hosted, Windows, X64, "1ES.Pool=hld-win2022-amd"] hypervisor: none config: release - build: linux-kvm-release - os: [self-hosted, Linux, X64, "1ES.Pool=HL-Ubuntu-22.04-KVM"] + os: [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd"] hypervisor: kvm config: release - build: linux-hyperv-release - os: [self-hosted, Linux, X64, "1ES.Pool=HL-mshv-dev"] + os: [self-hosted, Linux, X64, "1ES.Pool=hld-mshv-amd"] hypervisor: hyperv config: release From de766da949d4c6e1872bf33f23cb32b763ee618a Mon Sep 17 00:00:00 2001 From: Ludvig Liljenberg Date: Tue, 5 Nov 2024 19:14:23 +0000 Subject: [PATCH 2/7] remove secrets --- .github/workflows/Benchmarks.yml | 5 ----- .github/workflows/CargoPublish.yml | 5 ----- .github/workflows/dep_build_guest_binaries.yml | 5 ----- .github/workflows/dep_rust.yml | 5 ----- 4 files changed, 20 deletions(-) diff --git a/.github/workflows/Benchmarks.yml b/.github/workflows/Benchmarks.yml index 634ca18fe..516ac2ea2 100644 --- a/.github/workflows/Benchmarks.yml +++ b/.github/workflows/Benchmarks.yml @@ -4,11 +4,6 @@ name: Benchmarks on: workflow_call: # This is called from CreateRelease.yml - secrets: - ADO_HYPERLIGHT_CARGO_RO_AZURE_CLIENT_ID: - required: true - AZURE_TENANT_ID: - required: true inputs: environment: required: false diff --git a/.github/workflows/CargoPublish.yml b/.github/workflows/CargoPublish.yml index 4f39892c8..ec0903a2a 100644 --- a/.github/workflows/CargoPublish.yml +++ b/.github/workflows/CargoPublish.yml @@ -5,11 +5,6 @@ name: Publish crates to intenral cargo registry on: workflow_dispatch: workflow_call: - secrets: - ADO_HYPERLIGHT_CARGO_RW_AZURE_CLIENT_ID: - required: true - AZURE_TENANT_ID: - required: true permissions: contents: read diff --git a/.github/workflows/dep_build_guest_binaries.yml b/.github/workflows/dep_build_guest_binaries.yml index 4aeffb461..cdcafe2bb 100644 --- a/.github/workflows/dep_build_guest_binaries.yml +++ b/.github/workflows/dep_build_guest_binaries.yml @@ -4,11 +4,6 @@ name: Build Guest Binaries on: workflow_call: - secrets: - ADO_HYPERLIGHT_CARGO_RO_AZURE_CLIENT_ID: - required: true - AZURE_TENANT_ID: - required: true inputs: environment: required: false diff --git a/.github/workflows/dep_rust.yml b/.github/workflows/dep_rust.yml index 9b966013b..b3ab57a4e 100644 --- a/.github/workflows/dep_rust.yml +++ b/.github/workflows/dep_rust.yml @@ -5,11 +5,6 @@ name: Rust Tests and Lints # See README.md in this directory for more information about workflow_call on: workflow_call: - secrets: - ADO_HYPERLIGHT_CARGO_RO_AZURE_CLIENT_ID: - required: true - AZURE_TENANT_ID: - required: true env: CARGO_TERM_COLOR: always From b1ca8720ecd6dc2f4f6311264bfb5b4e184e45fe Mon Sep 17 00:00:00 2001 From: Ludvig Liljenberg Date: Tue, 5 Nov 2024 19:18:56 +0000 Subject: [PATCH 3/7] remove environment --- .github/workflows/Benchmarks.yml | 4 ---- .github/workflows/CargoPublish.yml | 1 - .github/workflows/CreateRelease.yml | 8 -------- .github/workflows/dep_build_guest_binaries.yml | 5 ----- .github/workflows/dep_fuzzing.yml | 4 ---- 5 files changed, 22 deletions(-) diff --git a/.github/workflows/Benchmarks.yml b/.github/workflows/Benchmarks.yml index 516ac2ea2..f19cf604a 100644 --- a/.github/workflows/Benchmarks.yml +++ b/.github/workflows/Benchmarks.yml @@ -5,9 +5,6 @@ name: Benchmarks on: workflow_call: # This is called from CreateRelease.yml inputs: - environment: - required: false - type: string permissions: id-token: write @@ -18,7 +15,6 @@ jobs: # its execution. this dependency should be expressed in the dependent # workflow benchmark: - environment: ${{ inputs.environment }} strategy: fail-fast: true matrix: diff --git a/.github/workflows/CargoPublish.yml b/.github/workflows/CargoPublish.yml index ec0903a2a..3620d31b5 100644 --- a/.github/workflows/CargoPublish.yml +++ b/.github/workflows/CargoPublish.yml @@ -12,7 +12,6 @@ permissions: jobs: publish-hyperlight-packages: - environment: release runs-on: [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd"] # We should only publish from dev if minver contains `-preview` diff --git a/.github/workflows/CreateRelease.yml b/.github/workflows/CreateRelease.yml index 2ddb4eb33..990036dbb 100644 --- a/.github/workflows/CreateRelease.yml +++ b/.github/workflows/CreateRelease.yml @@ -19,7 +19,6 @@ jobs: # see https://github.com/orgs/community/discussions/26286#discussioncomment-3251208 for why we need to check the ref if: ${{ contains(github.ref, 'refs/heads/release/') }} || ${{ github.ref=='refs/heads/dev' }} runs-on: [self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd"] - environment: release steps: - uses: actions/checkout@v4 @@ -49,7 +48,6 @@ jobs: # see https://github.com/orgs/community/discussions/26286#discussioncomment-3251208 for why we need to check the ref if: ${{ contains(github.ref, 'refs/heads/release/') }} || ${{ github.ref=='refs/heads/dev' }} runs-on: windows-2022 - environment: release steps: - uses: actions/checkout@v4 @@ -69,22 +67,17 @@ jobs: build-guest-binaries: uses: ./.github/workflows/dep_build_guest_binaries.yml secrets: inherit - with: - environment: release fuzzing: uses: ./.github/workflows/dep_fuzzing.yml with: max_total_time: 3600 # 1 hour in seconds - environment: release secrets: inherit benchmarks: needs: [build-guest-binaries] uses: ./.github/workflows/Benchmarks.yml secrets: inherit - with: - environment: release permissions: id-token: write contents: read @@ -98,7 +91,6 @@ jobs: contents: read publish: - environment: release # see https://github.com/orgs/community/discussions/26286#discussioncomment-3251208 for why we need to check the ref if: ${{ contains(github.ref, 'refs/heads/release/') }} || ${{ github.ref=='refs/heads/dev' }} runs-on: windows-2022 diff --git a/.github/workflows/dep_build_guest_binaries.yml b/.github/workflows/dep_build_guest_binaries.yml index cdcafe2bb..220e529a4 100644 --- a/.github/workflows/dep_build_guest_binaries.yml +++ b/.github/workflows/dep_build_guest_binaries.yml @@ -4,10 +4,6 @@ name: Build Guest Binaries on: workflow_call: - inputs: - environment: - required: false - type: string env: CARGO_TERM_COLOR: always @@ -19,7 +15,6 @@ permissions: jobs: # this job has no dependencies build-guest-binaries: - environment: ${{ inputs.environment }} runs-on: ${{ matrix.os }} strategy: fail-fast: true diff --git a/.github/workflows/dep_fuzzing.yml b/.github/workflows/dep_fuzzing.yml index 258fe7c57..03c874e68 100644 --- a/.github/workflows/dep_fuzzing.yml +++ b/.github/workflows/dep_fuzzing.yml @@ -7,9 +7,6 @@ on: description: Maximum total time for the fuzz run in seconds required: true type: number - environment: - required: false - type: string permissions: id-token: write @@ -17,7 +14,6 @@ permissions: jobs: fuzz: - environment: ${{ inputs.environment }} runs-on: [ self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd" ] steps: - name: Checkout code From ad51b9f6a1a6cda6894a9ba7aeba0914e3aae4c1 Mon Sep 17 00:00:00 2001 From: Ludvig Liljenberg Date: Tue, 5 Nov 2024 19:42:18 +0000 Subject: [PATCH 4/7] fix git ignore --- .gitignore | 12 +++++++----- src/tests/c_guests/bin/.gitkeep | 0 src/tests/c_guests/bin/debug/.gitkeep | 0 src/tests/c_guests/bin/release/.gitkeep | 0 src/tests/rust_guests/bin/.gitkeep | 0 src/tests/rust_guests/bin/debug/.gitkeep | 0 src/tests/rust_guests/bin/release/.gitkeep | 0 7 files changed, 7 insertions(+), 5 deletions(-) create mode 100644 src/tests/c_guests/bin/.gitkeep create mode 100644 src/tests/c_guests/bin/debug/.gitkeep create mode 100644 src/tests/c_guests/bin/release/.gitkeep create mode 100644 src/tests/rust_guests/bin/.gitkeep create mode 100644 src/tests/rust_guests/bin/debug/.gitkeep create mode 100644 src/tests/rust_guests/bin/release/.gitkeep diff --git a/.gitignore b/.gitignore index df528c62d..3a2238eef 100644 --- a/.gitignore +++ b/.gitignore @@ -17,9 +17,9 @@ mono_crash.* # Build results -[Dd]ebug/ -[Dd]ebugPublic/ -[Rr]elease/ +**/[Dd]ebug/* +/[Dd]ebugPublic/ +**/[Rr]elease/* [Rr]eleases/ x64/ x86/ @@ -27,7 +27,7 @@ x86/ [Aa][Rr][Mm]/ [Aa][Rr][Mm]64/ bld/ -[Bb]in/ +[Bb]in/* [Oo]bj/ [Ll]og/ [Ll]ogs/ @@ -472,4 +472,6 @@ hyperlight_guest.h .pem # created by vs code c# extension -.mono \ No newline at end of file +.mono + +!.gitkeep \ No newline at end of file diff --git a/src/tests/c_guests/bin/.gitkeep b/src/tests/c_guests/bin/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/src/tests/c_guests/bin/debug/.gitkeep b/src/tests/c_guests/bin/debug/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/src/tests/c_guests/bin/release/.gitkeep b/src/tests/c_guests/bin/release/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/src/tests/rust_guests/bin/.gitkeep b/src/tests/rust_guests/bin/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/src/tests/rust_guests/bin/debug/.gitkeep b/src/tests/rust_guests/bin/debug/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/src/tests/rust_guests/bin/release/.gitkeep b/src/tests/rust_guests/bin/release/.gitkeep new file mode 100644 index 000000000..e69de29bb From 8e8f04c5dd7409a83b1b53151d8596f514a32182 Mon Sep 17 00:00:00 2001 From: Ludvig Liljenberg Date: Tue, 5 Nov 2024 19:53:27 +0000 Subject: [PATCH 5/7] chmod +x on scriotp --- dev/verify-msrv.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 dev/verify-msrv.sh diff --git a/dev/verify-msrv.sh b/dev/verify-msrv.sh old mode 100644 new mode 100755 From cc2b1b1eabcf0668f840f49418882e7be35dd72a Mon Sep 17 00:00:00 2001 From: Simon Davies Date: Tue, 5 Nov 2024 20:01:30 +0000 Subject: [PATCH 6/7] change perms Signed-off-by: Simon Davies --- dev/clean-github-artifacts.sh | 0 dev/sync-project-board.sh | 0 dev/verify-msrv.sh | 0 3 files changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 dev/clean-github-artifacts.sh mode change 100644 => 100755 dev/sync-project-board.sh mode change 100644 => 100755 dev/verify-msrv.sh diff --git a/dev/clean-github-artifacts.sh b/dev/clean-github-artifacts.sh old mode 100644 new mode 100755 diff --git a/dev/sync-project-board.sh b/dev/sync-project-board.sh old mode 100644 new mode 100755 diff --git a/dev/verify-msrv.sh b/dev/verify-msrv.sh old mode 100644 new mode 100755 From 20f405017367ce02dc640f22aee5b6cb2ade3d8c Mon Sep 17 00:00:00 2001 From: Simon Davies Date: Tue, 5 Nov 2024 20:01:30 +0000 Subject: [PATCH 7/7] change perms Signed-off-by: Simon Davies --- dev/clean-github-artifacts.sh | 0 dev/sync-project-board.sh | 0 2 files changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 dev/clean-github-artifacts.sh mode change 100644 => 100755 dev/sync-project-board.sh diff --git a/dev/clean-github-artifacts.sh b/dev/clean-github-artifacts.sh old mode 100644 new mode 100755 diff --git a/dev/sync-project-board.sh b/dev/sync-project-board.sh old mode 100644 new mode 100755