workflows/libclang-abi-tests: Use new container#167459
Conversation
|
@llvm/pr-subscribers-github-workflow Author: Tom Stellard (tstellar) ChangesFull diff: https://github.com/llvm/llvm-project/pull/167459.diff 1 Files Affected:
diff --git a/.github/workflows/libclang-abi-tests.yml b/.github/workflows/libclang-abi-tests.yml
index 6377dd53d1f6c..b92b61de05088 100644
--- a/.github/workflows/libclang-abi-tests.yml
+++ b/.github/workflows/libclang-abi-tests.yml
@@ -84,6 +84,8 @@ jobs:
if: github.repository_owner == 'llvm'
needs: abi-dump-setup
runs-on: ubuntu-24.04
+ container:
+ image: "ghcr.io/llvm/ci-ubuntu-24.04-abi-tests@sha256:f80125c0f767e29b8616210c0fd5cea2cd1f4fb6f2ca86d89f6016b6329b8d7f" #ghcr.io/llvm/ci-ubuntu-24.04-abi-tests:9524b37c503f
strategy:
matrix:
name:
@@ -101,17 +103,6 @@ jobs:
steps:
- name: Install Ninja
uses: llvm/actions/install-ninja@42d80571b13f4599bbefbc7189728b64723c7f78 # main
- - name: Install abi-compliance-checker
- run: |
- sudo apt-get update
- sudo apt-get install -y abi-dumper autoconf pkg-config
- - name: Install universal-ctags
- run: |
- git clone https://github.com/universal-ctags/ctags.git
- cd ctags
- ./autogen.sh
- ./configure
- sudo make install
- name: Download source code
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
@@ -139,6 +130,8 @@ jobs:
abi-compare:
if: github.repository_owner == 'llvm'
runs-on: ubuntu-24.04
+ container:
+ image: "ghcr.io/llvm/ci-ubuntu-24.04-abi-tests@sha256:f80125c0f767e29b8616210c0fd5cea2cd1f4fb6f2ca86d89f6016b6329b8d7f" #ghcr.io/llvm/ci-ubuntu-24.04-abi-tests:9524b37c503f
needs:
- abi-dump-setup
- abi-dump
@@ -154,10 +147,6 @@ jobs:
name: build-latest
path: build-latest
- - name: Install abi-compliance-checker
- run: |
- sudo apt-get update
- sudo apt-get install -y abi-compliance-checker
- name: Compare ABI
run: |
for lib in ${{ needs.abi-dump-setup.outputs.ABI_LIBS }}; do
|
| needs: abi-dump-setup | ||
| runs-on: ubuntu-24.04 | ||
| container: | ||
| image: "ghcr.io/llvm/ci-ubuntu-24.04-abi-tests@sha256:f80125c0f767e29b8616210c0fd5cea2cd1f4fb6f2ca86d89f6016b6329b8d7f" #ghcr.io/llvm/ci-ubuntu-24.04-abi-tests:9524b37c503f |
There was a problem hiding this comment.
I saw you already did this in the LLVM ABI workflow, but do we want to hash pin these? We’re not doing it anywhere else currently.
Would probably be a good general practice, but it’s hard to do with some of the self hosted runners (or at least the premerge ones).
There was a problem hiding this comment.
I think in general it's good security practice,but also it makes it harder to break some of the jobs like this that are a little harder to test.
There was a problem hiding this comment.
True. Explicitly testing a container version bump is helpful. It is one more thing to keep up to date though.
I think we can probably go with this. We should probably add something to the best practices doc at some point.
3 participants
No description provided.