build: use the linux aks for macos checkout/cache (#42447)

* build: use the linux aks for checkout/cache

* build: use latest container sha

* build: persist the AKS cache (first try)

* build (do not merge): use current branch for workflows

* build: do not check for existing cache

* build: try to move src into /var/portal

* build: add AZURE_AKS_CACHE_SHARE_NAME & AZURE_AKS_CACHE_STORAGE_ACCOUNT

* build: add volumes: /mnt/cross-instance-cache

* build: temporarily skip cache exists checks

* build: reset to aks-linux-large, upload/download tar

* build: pass detailed credentials into download

* build: be better

* build: add skip if cache exists, declare env vars earlier

* build: add quotes

* build: change to connection-string

* build: remove connection string

* build: migrate to azcopy

* build: lol

* build: revert ref to @main
This commit is contained in:
Keeley Hammond 2024-06-12 14:21:19 -05:00 committed by GitHub
parent ffe1d70f1d
commit 1cb63b4d77
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 149 additions and 35 deletions

View file

@ -34,10 +34,17 @@ concurrency:
cancel-in-progress: true
env:
# Old Azure Storage Variables
AZURE_STORAGE_ACCOUNT: ${{ secrets.AZURE_STORAGE_ACCOUNT }}
AZURE_STORAGE_KEY: ${{ secrets.AZURE_STORAGE_KEY }}
AZURE_STORAGE_CONTAINER_NAME: ${{ secrets.AZURE_STORAGE_CONTAINER_NAME }}
ELECTRON_ARTIFACTS_BLOB_STORAGE: ${{ secrets.ELECTRON_ARTIFACTS_BLOB_STORAGE }}
# New Azure Storage Variables
AZURE_AKS_CACHE_STORAGE_KEY: ${{ secrets.AZURE_AKS_CACHE_STORAGE_KEY }}
AZURE_AKS_CACHE_STORAGE_CONNECTION_STRING: ${{ secrets.AZURE_AKS_CACHE_STORAGE_CONNECTION_STRING }}
AZURE_AKS_CACHE_STORAGE_ACCOUNT: ${{ secrets.AZURE_AKS_CACHE_STORAGE_ACCOUNT }}
AZURE_AKS_CACHE_SHARE_NAME: ${{ secrets.AZURE_AKS_CACHE_SHARE_NAME }}
AZURE_AKS_CACHE_SAS_TOKEN: ${{ secrets.AZURE_AKS_CACHE_SAS_TOKEN }}
ELECTRON_RBE_JWT: ${{ secrets.ELECTRON_RBE_JWT }}
ELECTRON_GITHUB_TOKEN: ${{ secrets.ELECTRON_GITHUB_TOKEN }}
GN_CONFIG: ${{ inputs.gn-config }}
@ -50,7 +57,13 @@ env:
jobs:
checkout:
runs-on: LargeLinuxRunner
runs-on: aks-linux-large
container:
image: ghcr.io/electron/build:latest
options: --user root
volumes:
- /mnt/cross-instance-cache:/mnt/cross-instance-cache
- /var/run/sas:/var/run/sas
steps:
- name: Checkout Electron
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
@ -60,12 +73,8 @@ jobs:
- name: Set GIT_CACHE_PATH to make gclient to use the cache
run: |
echo "GIT_CACHE_PATH=$(pwd)/git-cache" >> $GITHUB_ENV
- name: Setup Node.js/npm
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8
with:
node-version: 20.11.x
cache: yarn
cache-dependency-path: src/electron/yarn.lock
- name: Install Azure CLI
run: sudo bash ./src/electron/script/azure_cli_deb_install.sh
- name: Install Dependencies
run: |
cd src/electron
@ -95,19 +104,14 @@ jobs:
- name: Check If Cache Exists
id: check-cache
run: |
exists_json=$(az storage blob exists \
--account-name $AZURE_STORAGE_ACCOUNT \
--account-key $AZURE_STORAGE_KEY \
--container-name $AZURE_STORAGE_CONTAINER_NAME \
--name $DEPSHASH)
cache_exists=$(echo $exists_json | jq -r '.exists')
echo "cache_exists=$cache_exists" >> $GITHUB_OUTPUT
if (test "$cache_exists" = "true"); then
echo "Cache Exists for $DEPSHASH"
else
cache_key=$DEPSHASH
cache_path=/mnt/cross-instance-cache/${cache_key}.tar
echo "Using cache key: $cache_key"
echo "Checking for cache in: $cache_path"
if [ ! -f "$cache_path" ]; then
echo "Cache Does Not Exist for $DEPSHASH"
else
echo "Cache Already Exists for $DEPSHASH, Skipping.."
fi
- name: Gclient Sync
if: steps.check-cache.outputs.cache_exists == 'false'
@ -179,16 +183,36 @@ jobs:
echo "Uncompressed src size: $(du -sh src | cut -f1 -d' ')"
tar -cvf $DEPSHASH.tar src
echo "Compressed src to $(du -sh $DEPSHASH.tar | cut -f1 -d' ')"
- name: Upload Compressed Src Cache to Azure
- name: Move src folder to cross-OS portal
if: steps.check-cache.outputs.cache_exists == 'false'
run: |
az storage blob upload \
--account-name $AZURE_STORAGE_ACCOUNT \
--account-key $AZURE_STORAGE_KEY \
--container-name $AZURE_STORAGE_CONTAINER_NAME \
--file $DEPSHASH.tar \
--name $DEPSHASH \
--debug
cp ./$DEPSHASH.tar /mnt/cross-instance-cache/
sudo mkdir -p /var/portal
sudo chown -R $(id -u):$(id -g) /var/portal
mv ./src /var/portal
- name: Persist Src Cache
if: steps.check-cache.outputs.cache_exists == 'false'
run: |
cache_key=$DEPSHASH
backup_cache_path=/var/portal
final_cache_path=/mnt/cross-instance-cache/${cache_key}.tar
echo "Using cache key: $cache_key"
echo "Checking path: $final_cache_path"
if [ ! -f "$final_cache_path" ]; then
echo "Cache key not found, storing tarball"
tmp_container=/mnt/cross-instance-cache/tmp/${{ github.sha }}
tmp_cache_path=$tmp_container/${cache_key}.tar
mkdir -p $tmp_container
if [ -f "$backup_cache_path" ]; then
tar -cf $tmp_cache_path -C $(dirname $backup_cache_path) ./$(basename $backup_cache_path)
else
tar -cf $tmp_cache_path -C $backup_cache_path/ ./
fi
mv -vn $tmp_cache_path $final_cache_path
rm -rf $tmp_container
else
echo "Cache key already exists, skipping.."
fi
build:
strategy:
fail-fast: false
@ -221,6 +245,7 @@ jobs:
run: |
cd src/electron
node script/yarn install
brew install azcopy
- name: Load Target Arch & CPU
run: |
echo "TARGET_ARCH=${{ matrix.build-arch }}" >> $GITHUB_ENV
@ -247,8 +272,10 @@ jobs:
- name: Generate DEPS Hash
run: |
node src/electron/script/generate-deps-hash.js && cat src/electron/.depshash-target
echo "DEPSHASH=v1-src-cache-$(shasum src/electron/.depshash | cut -f1 -d' ')" >> $GITHUB_ENV
- name: Download Src Cache
DEPSHASH=v1-src-cache-$(shasum src/electron/.depshash | cut -f1 -d' ')
echo "DEPSHASH=$DEPSHASH" >> $GITHUB_ENV
echo "CACHE_PATH=$DEPSHASH.tar" >> $GITHUB_ENV
- name: Download Src Cache from AKS
# The cache will always exist here as a result of the checkout job
# Either it was uploaded to Azure in the checkout job for this commit
# or it was uploaded in the checkout job for a previous commit.
@ -258,12 +285,8 @@ jobs:
max_attempts: 3
retry_on: error
command: |
az storage blob download \
--account-name $AZURE_STORAGE_ACCOUNT \
--account-key $AZURE_STORAGE_KEY \
--container-name $AZURE_STORAGE_CONTAINER_NAME \
--name $DEPSHASH \
--file $DEPSHASH.tar \
azcopy copy \
"https://${AZURE_AKS_CACHE_STORAGE_ACCOUNT}.file.core.windows.net/${AZURE_AKS_CACHE_SHARE_NAME}/${{ env.CACHE_PATH}}?${AZURE_AKS_CACHE_SAS_TOKEN}" $DEPSHASH.tar
- name: Unzip and Ensure Src Cache
run: |
echo "Downloaded cache is $(du -sh $DEPSHASH.tar | cut -f1)"

91
script/azure_cli_deb_install.sh Executable file
View file

@ -0,0 +1,91 @@
#!/usr/bin/env bash
#######################################################################################################################
# This script does three fundamental things: #
# 1. Add Microsoft's GPG Key has a trusted source of apt packages. #
# 2. Add Microsoft's repositories as a source for apt packages. #
# 3. Installs the Azure CLI from those repositories. #
# Given the nature of this script, it must be executed with elevated privileges, i.e. with `sudo`. #
# #
# Copied from https://azurecliprod.blob.core.windows.net/$root/deb_install.sh #
#######################################################################################################################
set -e
if [[ $# -ge 1 && $1 == "-y" ]]; then
global_consent=0
else
global_consent=1
fi
function assert_consent {
if [[ $2 -eq 0 ]]; then
return 0
fi
echo -n "$1 [Y/n] "
read consent
if [[ ! "${consent}" == "y" && ! "${consent}" == "Y" && ! "${consent}" == "" ]]; then
echo "'${consent}'"
exit 1
fi
}
global_consent=0 # Artificially giving global consent after review-feedback. Remove this line to enable interactive mode
setup() {
assert_consent "Add packages necessary to modify your apt-package sources?" ${global_consent}
set -v
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get install -y apt-transport-https lsb-release gnupg curl
set +v
assert_consent "Add Microsoft as a trusted package signer?" ${global_consent}
set -v
curl -sL https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > /etc/apt/trusted.gpg.d/microsoft.gpg
set +v
assert_consent "Add the Azure CLI Repository to your apt sources?" ${global_consent}
set -v
# Use env var DIST_CODE for the package dist name if provided
if [[ -z $DIST_CODE ]]; then
CLI_REPO=$(lsb_release -cs)
shopt -s nocasematch
ERROR_MSG="Unable to find a package for your system. Please check if an existing package in https://packages.microsoft.com/repos/azure-cli/dists/ can be used in your system and install with the dist name: 'curl -sL https://aka.ms/InstallAzureCLIDeb | sudo DIST_CODE=<dist_code_name> bash'"
if [[ ! $(curl -sL https://packages.microsoft.com/repos/azure-cli/dists/) =~ $CLI_REPO ]]; then
DIST=$(lsb_release -is)
if [[ $DIST =~ "Ubuntu" ]]; then
CLI_REPO="jammy"
elif [[ $DIST =~ "Debian" ]]; then
CLI_REPO="bookworm"
elif [[ $DIST =~ "LinuxMint" ]]; then
CLI_REPO=$(cat /etc/os-release | grep -Po 'UBUNTU_CODENAME=\K.*') || true
if [[ -z $CLI_REPO ]]; then
echo $ERROR_MSG
exit 1
fi
else
echo $ERROR_MSG
exit 1
fi
fi
else
CLI_REPO=$DIST_CODE
if [[ ! $(curl -sL https://packages.microsoft.com/repos/azure-cli/dists/) =~ $CLI_REPO ]]; then
echo "Unable to find an azure-cli package with DIST_CODE=$CLI_REPO in https://packages.microsoft.com/repos/azure-cli/dists/."
exit 1
fi
fi
echo "deb [arch=$(dpkg --print-architecture)] https://packages.microsoft.com/repos/azure-cli/ ${CLI_REPO} main" \
> /etc/apt/sources.list.d/azure-cli.list
apt-get update
set +v
assert_consent "Install the Azure CLI?" ${global_consent}
apt-get install -y azure-cli
}
setup # ensure the whole file is downloaded before executing