Skip to content

Testing ‐‐ tcrypt in Github Action (locally)

Jump to bottom
Armando Faz edited this page Dec 2, 2023 · 2 revisions

Goal: Running tcrypt as a Github Action but locally.

Why: Helps to iterate locally on changes before submitting a Pull Request

Pre-requisites

  1. Read the Testing ‐‐ tcrypt in Github Action (remotely) page first.
  2. Install act tool, which allows to run a Github action locally.
  3. Similar execution as in the cloud, but some minor issues need to be addressed.

Act

The act tool uses docker to perform the CI execution locally.

  1. Install act shown in the readme. I opted for install the binary provided: See manual installation at https://github.com/nektos/act#manual-download
  2. Install docker: https://docs.docker.com/engine/install/
  3. Test act is working, go to the root of the Linux project and run
$ act -l 
Stage  Job ID  Job name  Workflow name  Workflow file            Events                        
0      tcrypt  tcrypt    Linux          crypto-test-harness.yml  pull_request,workflow_dispatch

The job ID will be used later.

Invoking Act

The main command is the following

$ act -j tcrypt -P ubuntu-22.04=catthehacker/ubuntu:act-22.04 --artifact-server-path ./zeta

the options are as follow:

  • -j tcrypt: This chooses the job ID to run.
  • -P <XXX>/<YYY>: Replaces the image of XXX (ubuntu-22) with the image called YYY (here we use the catthehacker/ubuntu:act-22.04 image according to act documentation.
  • --artifact-server-path <path>: Indicates which path is used to drop the artifacts generated, i.e., the output of running tcrypt. It could be any temporal path.

Execution: The first time it will take long time, since it requires to download the docker image.

Then, it always compiles the kernel. Depending on the number of cores this can run faster (we always set make -j<numprocs>).

The output of act should be similar to what the Github action does in the cloud. The file that is produced as an artifact is saved in the path indicated. Note that the file could be GZIP compressed.

Known Issues

Docker Image

The catthehacker/ubuntu:act-22.04 image does not have the basic compiling tools (flex, bison, etc.) required by the kernel, so the github workflow starts by installing them. No issue so far, unless the kernel requires a different tool in the future.

Issue with /dev/shm

Since behind the scenes everything is running in docker, the linux image didn't run ok and reported: /dev/shm is mounted with noexec. One solution is to tell docker to mount an specific file tmpfs filesystem with the right permissions.

$ sudo mkdir /mnt/dockershm
$ sudo mount -t tmpfs -o size=1G tmpfs /mnt/dockershm

Thus, one can tell to docker to mount the volume for /dev/shm, which is usually done as

// this is an example of how to invoke docker, see below
docker -v /mnt/dockershm:/dev/shm

Since act is the one calling docker, we need to pass this option to act as follows"

$ act --container-options "-v /mnt/dockershm:/dev/shm" <PLUS THE OTHER OPTIONS LISTED ABOVE>

If you are really curious, the full explanation of this error is at link.

Clone this wiki locally