build icon indicating copy to clipboard operation
build copied to clipboard

Published 20 hours ago verified publisher icon nodejs

Ability to run build-release-windows-arm64 job for people working on arm support

Open mhdawson opened this issue 3 years ago • 14 comments

Based on the discussion in https://github.com/nodejs/build/issues/2540 on arm support for windows I think giving access to the

build-release-windows-arm64 - https://ci.nodejs.org/view/All/job/build-release-windows-arm64/ makese sense.

I think the build team governance allows us to do this as part of https://github.com/nodejs/build/blob/master/GOVERNANCE.md#jenkins-job-configuration-access

Are people ok if we create a new team, add @nsait-linaro and @pbo-linaro to that team and then configure jenkins so that they can run that job?

I think that in particular since we don't ship windows on arm binaries the risk of giving them access is even lower than would normally be the case.

mhdawson avatar Apr 07 '22 20:04 mhdawson

I have no objection in principal to getting more help with the Windows side of things (even if just the arm flavor).

@mhdawson Why this job and not the test CI job? https://github.com/nodejs/build/issues/2540#issuecomment-1030991902

FWIW https://ci.nodejs.org/view/All/job/build-release-windows-arm64/ doesn't run any tests (it builds a set of "release" binaries but does not upload them anywhere (I believe @joaocgreis was manually putting the binaries on the unofficial downloads server) -- I have no idea why the job is in the test CI and not release). It also doesn't run natively on arm64 -- it's cross compiling on x64 machines (all six machines with the win-vs2019-arm64 label are x64).

richardlau avatar Apr 07 '22 20:04 richardlau

I did think I might have the wrong job, if https://ci.nodejs.org/job/node-test-commit-windows-fanned/ is the right one, then that's the one we should give access to.

mhdawson avatar Apr 07 '22 21:04 mhdawson

+1 for giving access to both jobs.

The build-release job is in the test CI because it is experimental. It doesn't use the release parameters of vcbuild, it's just something I put together to help with the unofficial releases. If anyone else from the build WG with access to the unofficial releases server wants to publish a release, this is what I do: https://gist.github.com/joaocgreis/1500cfa995cc17d48f6f47ce7283714d . I know it could be much better documented and there's plenty to improve in the process...

joaocgreis avatar Apr 07 '22 21:04 joaocgreis

@nodejs/build any concerns with the proposal? We have a few +1s and I'd plan to move ahead next week unless there are concerns.

mhdawson avatar Apr 08 '22 18:04 mhdawson

No objections for me but if we're going to create a platform team for this can you add me as well in case it gets mentioned as I'm one of the few people who has a Windows/aarch64 laptop :-)

sxa avatar Apr 11 '22 15:04 sxa

@mhdawson Any update on this ?

niyas-sait avatar May 04 '22 09:05 niyas-sait

I've add the team and sent invites but I'm not sure if enabling project based security for that job make sense. @joaocgreis would ilt be possibly to have a clone that just runs on arm by default?

mhdawson avatar May 04 '22 18:05 mhdawson

Thanks, @mhdawson. I got an invitation to join node.js organization and accepted it. Is there anything else needed to be done? I still don't see relevant permission in Jenkins to retrigger those jobs

niyas-sait avatar May 06 '22 09:05 niyas-sait

@nsait-linaro I'm waiting on an answer to my question on https://github.com/nodejs/build/issues/2918#issuecomment-1117650825. Given that the existing job is part of the regular CI tree and tests more than just windows ARM it's not obvious how I add priviledges fro thet eam without possibly breaking the regular flow.

I'm hopin @joaocgreis could make a clone that just runs the ARM part which I could then give the team access to.

mhdawson avatar May 06 '22 21:05 mhdawson

It seems Jenkins supports that kind of thing out of the box through Project-based Matrix Authorization Strategy that allows to restrict access to jobs per user. See this example.

This could be a way to give us access to this particular job, without giving the keys of the whole CI.

pbo-linaro avatar May 07 '22 07:05 pbo-linaro

@pbo-linaro yes, but will it break the authentication that is inherited from the parent? I'd prefer if @joaocgreis could create a separate job which I'd then be comfortable enabling access through the project-based matrix as I've done that in the past. If we want to use the existing job more time would need to be spent to figure out if its safe and I won't have time to do that in the near future. If somebody else does and then is comfortable enabling access then that is an alternative but not sure who might volunteer for that.

mhdawson avatar May 10 '22 19:05 mhdawson

Thanks, @mhdawson. If sorting out access is going to take longer, Can I suggest re-enabling the Windows Arm64 specific testing in https://ci.nodejs.org/job/node-test-commit-windows-fanned/ ? We could monitor and will try to replicate things on our end for debugging.

niyas-sait avatar May 11 '22 10:05 niyas-sait

To help a bit, we reproduced CI on our side, for this recent commit.

log | run script (build and test x64 + arm64 variants, and compare test results)

As you can see, arm64 variant has no specific failure at this point (same as x64). That would be nice if we could find a way to reenable it on your jenkins instance.

pbo-linaro avatar May 25 '22 15:05 pbo-linaro

We are very keen on supporting node.js for Windows/Arm64 platforms. If we can sort out the CI access that would really help to take this forward.

niyas-sait avatar Jun 15 '22 13:06 niyas-sait

@mhdawson Is there anything else we need to do on this? I believe @nsait-linaro @pbo-linaro have the access to do everything they need now.

sxa avatar Feb 06 '23 11:02 sxa

Closing if all is done.

mhdawson avatar Feb 06 '23 22:02 mhdawson