On 2025-10-28 00:58, Stefano Stabellini wrote:
On Fri, 24 Oct 2025, Nicola Vetrini wrote:
The following analysis jobs are performed:
- eclair-{x86_64,ARM64}: analyze Xen using the default configuration
for
that architecture; runs on runners tagged `eclair-analysis'.
- eclair-{x86-64,ARM64}-safety: analyze Xen using the configuration
for
safety, which is more restricted; runs on runners tagged
`eclair-analysis-safety`.
- eclair-{x86_64,ARM64}-testing: analyze Xen using the default
configuration for the purposes of testing new runner updates; runs
on
runners tagged `eclair-analysis-testing`.
Signed-off-by: Nicola Vetrini <[email protected]>
Do you have a link to a successful pipeline?
Just making sure we are not breaking things.
No; not yet, at least [1]. Without the right tags the safety runner
can't pick up jobs.
[1]
https://gitlab.com/xen-project/people/bugseng/xen/-/pipelines/2117835680
---
Changes in v2:
- rebased to current staging;
- fixed regex path issue.
---
automation/gitlab-ci/analyze.yaml | 38
+++++++++++++++++++++++++++++++
1 file changed, 38 insertions(+)
diff --git a/automation/gitlab-ci/analyze.yaml
b/automation/gitlab-ci/analyze.yaml
index d50721006740..7bd644d75074 100644
--- a/automation/gitlab-ci/analyze.yaml
+++ b/automation/gitlab-ci/analyze.yaml
@@ -45,6 +45,21 @@ eclair-x86_64:
LOGFILE: "eclair-x86_64.log"
VARIANT: "X86_64"
RULESET: "monitored"
+
+eclair-x86_64-testing:
+ extends: eclair-x86_64
+ tags:
+ - eclair-analysis-testing
+ rules:
+ - if: $CI_PROJECT_PATH =~ /^xen-project\/people\/bugseng.*$/
+ when: always
+ - !reference [.eclair-analysis:triggered, rules]
given that everyone can change this yaml file when pushing to their own
branch, I think we should remove this, or (probably better) use a
separate env variable to set the default
it is better not to use the path, I think
That is a fair concern. One option would be to just use a project runner
assigned to the people/bugseng/xen subproject, but that might be a bit
inconvenient if we want to swap runners around. Another option, as you
said, is keeping the regex in a variable, but this wont't prevent rogue
modifications of the YAML. I might have found something runner-side with
[2], but I need to dig deeper on that one.
[2] pre_build_script at
https://docs.gitlab.com/runner/configuration/advanced-configuration/#the-runners-section
+eclair-x86_64-safety:
+ extends: eclair-x86_64
+ tags:
+ - eclair-analysis-safety
+ variables:
EXTRA_XEN_CONFIG: |
CONFIG_AMD=y
CONFIG_INTEL=n
@@ -75,6 +90,10 @@ eclair-x86_64:
CONFIG_DEBUG_LOCKS=n
CONFIG_SCRUB_DEBUG=n
CONFIG_XMEM_POOL_POISON=n
+ rules:
+ - if: $CI_PROJECT_PATH =~ /^xen-project\/hardware\/xen$/ &&
$CI_COMMIT_BRANCH =~ /^staging$/
+ when: always
+ - !reference [.eclair-analysis:triggered, rules]
same here
eclair-ARM64:
extends: .eclair-analysis:triggered
@@ -82,6 +101,21 @@ eclair-ARM64:
LOGFILE: "eclair-ARM64.log"
VARIANT: "ARM64"
RULESET: "monitored"
+
+eclair-ARM64-testing:
+ extends: eclair-ARM64
+ tags:
+ - eclair-analysis-testing
+ rules:
+ - if: $CI_PROJECT_PATH =~ /^xen-project\/people\/bugseng.*$/
+ when: always
+ - !reference [.eclair-analysis:triggered, rules]
and here
+eclair-ARM64-safety:
+ extends: eclair-ARM64
+ tags:
+ - eclair-analysis-safety
+ variables:
EXTRA_XEN_CONFIG: |
CONFIG_NR_CPUS=16
CONFIG_GICV2=n
@@ -120,6 +154,10 @@ eclair-ARM64:
CONFIG_DEBUG_LOCKS=n
CONFIG_SCRUB_DEBUG=n
CONFIG_XMEM_POOL_POISON=n
+ rules:
+ - if: $CI_PROJECT_PATH =~ /^xen-project\/hardware\/xen$/ &&
$CI_COMMIT_BRANCH =~ /^staging$/
+ when: always
+ - !reference [.eclair-analysis, rules]
and here
--
Nicola Vetrini, B.Sc.
Software Engineer
BUGSENG (https://bugseng.com)
LinkedIn: https://www.linkedin.com/in/nicola-vetrini-a42471253
