Comments (5)
Moving release CI here seems like a good idea. It's probably gonna take some time, though.
But we can simply start by setting up the CI workflows in this repo. Doesn't need to be the full thing and it can grow gradually. Once we know it works, we can swap release builds in.
Another important aspect though is that we've had the idea to migrate the release workflow to GitHub Actions.
The main reason for this being aarch64-linux builds on our own runners (tests are already running there). The CircleCI OpenSource plan doesn't seem to allow custom runners, unfortunately.
There has already been some progress on this in #211, but I'm not sure where exactly we're standing with that. That PR is definitely quite huge and contains lots of individual changes.
We can probably take a lot of things from there, though.
from distribution-scripts.
I had wondered about this as well. However, so far only members have worked on the building setup so this wasn't an issue. Having an easy path for external contributors would certainly be nice, but it should also be put in perspective. We should not waste a considerable amount of effort to set this up if it's barely used afterwards.
It works - though not as smooth - to have someone with push rights assist external contributors. Or we could give the necessary access rights to trusted contributors so they can work on their own.
Anyway, some notes on the topic:
- The circleci runners have access to deployment secrets. We need to ensure they cannot be leaked to external contributors making pull requests to the repository.
- Instead of tweaking around the current setup's limitations, we could also consider more substantial changes. A deficiency also for internal contributors is that changes to
distribution-scripts
require a commit oncrystal
to test them. This could perhaps be automated, but maybe changing the basic setup would make this easier. For example we could swap the relationship between repos, having CI defined indistribution-scripts
and pull in the content fromcrystal
(instead of the other way around). This would make it easier to contribute todistribution-scripts
. It would still be triggered from releases oncrystal
(but also other triggers internal todistribution-scripts
).
from distribution-scripts.
@straight-shoota thank you for the clarification
TLDR: I have built prototype and would require few tweaks in both repos (#273) and (crystal-lang/crystal@master...miry:crystal:test-darwin). It is still require a script to trigger job and docs how to start testing.
It looks like this: CircleCI workflow
Security
Because all circle ci runners would be run on behalf of Contributors, it would garantie that secrets from crystal org are not shared or leaked. I see also plus compute resources would be distributed among users.
Migrate tests to distribution-scripts
It would be much better. I think it is anyway done partialy on circleci config for builds like darwin and linux - I found in scripts downloading of full crystal repo.
UPDATE: I am still think #273 would be good for this scenario as well.
Let me know if you ok with my prototype or I should check second posobility instead.
from distribution-scripts.
Because all circle ci runners would be run on behalf of Contributors, it would garantie that secrets from crystal org are not shared or leaked.
I suppose we would want CI to run on PRs (i.e. in crystal-org), though. Not just on contributor's branches.
But I expect we could manage to keep secrets limited to the release environment.
from distribution-scripts.
Introduced 2 PRs to migrate some CI functionalities from CircleCI to GithubActions:
from distribution-scripts.
Related Issues (20)
- deb: crystal package depends on crystal1.10 itself conflicting with crystal HOT 6
- [WIP] make darwin work for MacOS M1 HOT 2
- Require either pkg-config or pkgconf HOT 8
- Release Crystal 1.11.0
- Release Shards 0.17.4
- Upgrade Darwin package to build crystal against LLVM 17 HOT 1
- Stop building our own libgc HOT 1
- Release Crystal 1.11.1
- Debian crystal1.11 package's Conflicts: field is broken HOT 9
- Release Crystal 1.11.2
- CircleCI deprecation image
- Release Shards 0.18.0
- Release Crystal 1.12.0
- Release Crystal 1.12.1
- Release Crystal 1.12.2 HOT 2
- Release Crystal 1.13.0
- Return 404 HTTP status on not-found docs pages HOT 3
- Nightly build broken HOT 5
- Release Crystal 1.13.1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from distribution-scripts.