From 76616a5dac995dbdd920aaa2f23255b3c05b46b4 Mon Sep 17 00:00:00 2001 From: Trevor Jones Date: Sat, 21 Mar 2026 00:39:36 -0700 Subject: [PATCH 1/2] use wmi to create vms --- Cargo.lock | 1 + petri/Cargo.toml | 1 + petri/src/vm/hyperv/hyperv.psm1 | 156 +++++++++++- petri/src/vm/hyperv/mod.rs | 289 ++++----------------- petri/src/vm/hyperv/powershell.rs | 407 +++++++++++++++++++++++++++++- petri/src/vm/hyperv/vm.rs | 62 +---- petri/src/vm/mod.rs | 22 +- petri/src/vm/openvmm/construct.rs | 8 +- 8 files changed, 640 insertions(+), 306 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index fc6395eabe..c310789e91 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -5831,6 +5831,7 @@ version = "0.0.0" dependencies = [ "anyhow", "async-trait", + "bitfield-struct 0.11.0", "blocking", "chipset_device_worker_defs", "chipset_resources", diff --git a/petri/Cargo.toml b/petri/Cargo.toml index 3f2a9ece5e..91805c7322 100644 --- a/petri/Cargo.toml +++ b/petri/Cargo.toml @@ -70,6 +70,7 @@ sparse_mmap.workspace = true anyhow.workspace = true async-trait.workspace = true +bitfield-struct.workspace = true blocking.workspace = true clap.workspace = true fatfs = { workspace = true, features = ["std", "alloc"] } diff --git a/petri/src/vm/hyperv/hyperv.psm1 b/petri/src/vm/hyperv/hyperv.psm1 index d0e035d856..8a5c9a32d2 100644 --- a/petri/src/vm/hyperv/hyperv.psm1 +++ b/petri/src/vm/hyperv/hyperv.psm1 @@ -120,7 +120,7 @@ function Get-DefaultRasd { [string] $ResourceSubType ) - $allocCap = Get-CimInstance -Namespace "root/virtualization/v2" -ClassName "Msvm_AllocationCapabilities" | Where-Object { $_.ResourceSubType -eq $ResourceSubType } + $allocCap = Get-CimInstance -Namespace $ROOT_HYPER_V_NAMESPACE -ClassName "Msvm_AllocationCapabilities" | Where-Object { $_.ResourceSubType -eq $ResourceSubType } $allocCap | Get-CimAssociatedInstance -ResultClassName "CIM_ResourceAllocationSettingData" -Association "Msvm_SettingsDefineCapabilities" | Where-Object { $_.InstanceId.EndsWith("Default") } } @@ -156,6 +156,160 @@ function Get-VmSasd # Hyper-V Configuration Cmdlets # +function New-CustomVM +{ + [CmdletBinding()] + Param ( + [Parameter(Position = 0, Mandatory = $true, ValueFromPipeline = $true)] + [ValidateNotNullOrEmpty()] + [string] $VMName, + + [ValidateSet(1, 2)] + [int] $Generation = 2, + + [bool] $GuestStateIsolationEnabled = $false, + + [uint16] $GuestStateIsolationType = 0, + + [uint16] $GuestStateIsolationMode = 0, + + [Nullable[uint16]] $GuestStateLifetime = $null, + + [string] $GuestStateFilePath = $null, + + [bool] $VMBusMessageRedirection = $false, + + [string] $FirmwareFile = $null, + + [string] $FirmwareParameters = $null, + + [switch] $IncreaseVtl2Memory, + + [Nullable[bool]] $DefaultBootAlwaysAttempt, + + [bool] $SecureBootEnabled = $false, + + [string] $SecureBootTemplateId = $null, + + [Nullable[uint64]] $ManagementVtlFeatureFlags = $null, + + [Nullable[uint16]] $GuestStateEncryptionPolicy = $null, + + [Nullable[uint64]] $Memory = 4GB, + + [Nullable[uint64]] $VpCount = 2, + + [uint16] $ApicMode = 0, + + [uint64] $HwThreadsPerCore = 0, + + [uint64] $MaxProcessorsPerNumaNode = 1 + ) + + $vmms = Get-Vmms + + if (-not $vmms) { throw "Failed to get the Msvm_VirtualSystemManagementService object" } + + $vssdClass = Get-CimClass -Namespace $ROOT_HYPER_V_NAMESPACE -ClassName "Msvm_VirtualSystemSettingData" + + $vssdProperties = @{ + ElementName = $VMName + VirtualSystemSubType = "Microsoft:Hyper-V:SubType:$Generation" + GuestStateIsolationEnabled = $GuestStateIsolationEnabled + GuestStateIsolationType = $GuestStateIsolationType + GuestStateIsolationMode = $GuestStateIsolationMode + VMBusMessageRedirection = $VMBusMessageRedirection + SecureBootEnabled = $SecureBootEnabled + VirtualNumaEnabled = $false + } + + if ($GuestStateFilePath) { + $vssdProperties["GuestStateDataRoot"] = Split-Path -Path $GuestStateFilePath -Parent + $vssdProperties["GuestStateFile"] = Split-Path -Path $GuestStateFilePath -Leaf + } + + if ($GuestStateLifetime -ne $null) { + $vssdProperties["GuestStateLifetime"] = $GuestStateLifetime + } + + if ($DefaultBootAlwaysAttempt -ne $null) { + $vssdProperties["DefaultBootAlwaysAttempt"] = $DefaultBootAlwaysAttempt + } + + if ($ManagementVtlFeatureFlags -ne $null) { + $vssdProperties["ManagementVtlFeatureFlags"] = $ManagementVtlFeatureFlags + } + + if ($GuestStateEncryptionPolicy -ne $null) { + $vssdProperties["GuestStateEncryptionPolicy"] = $GuestStateEncryptionPolicy + } + + if ($FirmwareFile) { + # Enable OpenHCL by feature + $vssdProperties["GuestFeatureSet"] = 0x00000201 + # Set the OpenHCL image file path + $vssdProperties["FirmwareFile"] = $FirmwareFile + } + + if ($FirmwareParameters) { + $vssdProperties["FirmwareParameters"] = [System.Text.Encoding]::UTF8.GetBytes($FirmwareParameters) + } + + if ($IncreaseVtl2Memory) { + # Configure VM for auto placement mode + $vssdProperties["Vtl2AddressSpaceConfigurationMode"] = 1 + # 1GB of OpenHCL address space + $vssdProperties["Vtl2AddressRangeSize"] = 1024 + # 512 MB of OpenHCL MMIO space. So total OpenHCL ram = Vtl2AddressRangeSize - Vtl2MmioAddressRangeSize. + $vssdProperties["Vtl2MmioAddressRangeSize"] = 512 + } + + if ($SecureBootTemplateId) { + $vssdProperties["SecureBootTemplateId"] = $SecureBootTemplateId + } + + $vssd = Get-CimClass -Namespace $ROOT_HYPER_V_NAMESPACE -ClassName "Msvm_VirtualSystemSettingData" | New-CimInstance -ClientOnly -Property $vssdProperties + + if (-not $vssd) { throw "Unable to create the Msvm_VirtualSystemSettingData object" } + + $msd = Get-CimClass -Namespace $ROOT_HYPER_V_NAMESPACE -ClassName "Msvm_MemorySettingData" | New-CimInstance -ClientOnly -Property @{ + VirtualQuantity = $Memory / (1024 * 1024) + DynamicMemoryEnabled = $false + } + + if (-not $msd) { throw "Unable to create the Msvm_MemorySettingData object" } + + $psd = Get-CimClass -Namespace $ROOT_HYPER_V_NAMESPACE -ClassName "Msvm_ProcessorSettingData" | New-CimInstance -ClientOnly -Property @{ + VirtualQuantity = $VpCount + ApicMode = $ApicMode + HwThreadsPerCore = $HwThreadsPerCore + MaxProcessorsPerNumaNode = $MaxProcessorsPerNumaNode + } + + if (-not $psd) { throw "Unable to create the Msvm_ProcessorSettingData object" } + + $vm = ($vmms | Invoke-CimMethod -Name "DefineSystem" -Arguments @{ + "SystemSettings" = ($vssd | ConvertTo-CimEmbeddedString) ; + "ResourceSettings" = @( + ($msd | ConvertTo-CimEmbeddedString), + ($psd | ConvertTo-CimEmbeddedString) + ) + } | Trace-CimMethodExecution -MethodName "DefineSystem" -CimInstance $vmms) + + if (-not $vm) { throw "Unable to DefineSystem" } + + $vmid = $vm.ResultingSystem.Name + $vm = Get-VM -Id $vmid + + $vm | Set-VM -CheckpointType Disabled + + if (@(1, 2, 3) -contains $GuestStateIsolationType) { + $vm | Disable-VMConsoleSupport + } + + $vmid +} + function Set-InitialMachineConfiguration { [CmdletBinding()] diff --git a/petri/src/vm/hyperv/mod.rs b/petri/src/vm/hyperv/mod.rs index 84f1bee7bb..8ece65d400 100644 --- a/petri/src/vm/hyperv/mod.rs +++ b/petri/src/vm/hyperv/mod.rs @@ -7,7 +7,6 @@ pub mod vm; use vmsocket::VmAddress; use vmsocket::VmSocket; -use super::ProcessorTopology; use crate::Disk; use crate::Drive; use crate::Firmware; @@ -22,15 +21,12 @@ use crate::PetriVmConfig; use crate::PetriVmResources; use crate::PetriVmRuntime; use crate::PetriVmRuntimeConfig; -use crate::PetriVmgsResource; use crate::PetriVmmBackend; -use crate::SecureBootTemplate; use crate::ShutdownKind; -use crate::TpmConfig; use crate::UefiConfig; use crate::VmbusStorageType; use crate::VmmQuirks; -use crate::hyperv::powershell::HyperVSecureBootTemplate; +use crate::hyperv::powershell::HyperVNewCustomVMArgs; use crate::kmsg_log_task; use crate::openhcl_diag::OpenHclDiagHandler; use crate::vm::PetriVmProperties; @@ -62,7 +58,6 @@ use std::time::Duration; use tempfile::TempDir; use tempfile::TempPath; use vm::HyperVVM; -use vmgs_resources::GuestStateEncryptionPolicy; use vtl2_settings_proto::Vtl2Settings; const IGVM_FILE_NAME: &str = "igvm.bin"; @@ -168,194 +163,33 @@ impl PetriVmmBackend for HyperVPetriBackend { resources: &PetriVmResources, properties: PetriVmProperties, ) -> anyhow::Result<(Self::VmRuntime, PetriVmRuntimeConfig)> { - let PetriVmConfig { - name, - arch, - host_log_levels, - firmware, - memory, - proc_topology, - vmgs, - tpm, - vmbus_storage_controllers, - } = config; - let PetriVmResources { driver, log_source } = resources; assert!(matches!( - host_log_levels, + config.host_log_levels, None | Some(OpenvmmLogConfig::TestDefault) )); // Custom host log levels not supported in HyperV backend yet. let temp_dir = tempfile::tempdir()?; - let (guest_state_isolation_type, generation, uefi_config, openhcl_config) = match &firmware - { - Firmware::LinuxDirect { .. } | Firmware::OpenhclLinuxDirect { .. } => { - todo!("linux direct not supported on hyper-v") - } - Firmware::Pcat { - guest: _, - bios_firmware: _, // TODO - svga_firmware: _, // TODO - ide_controllers: _, - } => ( - powershell::HyperVGuestStateIsolationType::Disabled, - powershell::HyperVGeneration::One, - None, - None, - ), - Firmware::OpenhclPcat { - guest: _, - igvm_path, - bios_firmware: _, // TODO - svga_firmware: _, // TODO - openhcl_config, - } => ( - powershell::HyperVGuestStateIsolationType::OpenHCL, - powershell::HyperVGeneration::One, - None, - Some((igvm_path, openhcl_config)), - ), - Firmware::Uefi { - guest: _, - uefi_firmware: _, // TODO - uefi_config, - } => ( - powershell::HyperVGuestStateIsolationType::Disabled, - powershell::HyperVGeneration::Two, - Some(uefi_config), - None, - ), - Firmware::OpenhclUefi { - guest: _, - isolation, - igvm_path, - uefi_config, - openhcl_config, - } => ( - match isolation { - Some(IsolationType::Vbs) => powershell::HyperVGuestStateIsolationType::Vbs, - Some(IsolationType::Snp) => powershell::HyperVGuestStateIsolationType::Snp, - Some(IsolationType::Tdx) => powershell::HyperVGuestStateIsolationType::Tdx, - // Older hosts don't support OpenHCL isolation, so use Trusted Launch - None => powershell::HyperVGuestStateIsolationType::TrustedLaunch, - }, - powershell::HyperVGeneration::Two, - Some(uefi_config), - Some((igvm_path, openhcl_config)), - ), - }; - - let mut openhcl_command_line = openhcl_config.as_ref().map(|(_, c)| c.command_line()); - - let vmgs_path = { - let lifetime_cli = match &vmgs { - PetriVmgsResource::Disk(_) => "DEFAULT", - PetriVmgsResource::ReprovisionOnFailure(_) => "REPROVISION_ON_FAILURE", - PetriVmgsResource::Reprovision(_) => "REPROVISION", - PetriVmgsResource::Ephemeral => "EPHEMERAL", - }; - - let (disk, encryption) = match vmgs { - PetriVmgsResource::Disk(vmgs) - | PetriVmgsResource::ReprovisionOnFailure(vmgs) - | PetriVmgsResource::Reprovision(vmgs) => (Some(vmgs.disk), vmgs.encryption_policy), - PetriVmgsResource::Ephemeral => (None, GuestStateEncryptionPolicy::None(true)), - }; + let igvm_file = properties + .is_openhcl + .then(|| temp_dir.path().join(IGVM_FILE_NAME)); - let strict = encryption.is_strict(); + let mut openhcl_command_line = config.firmware.openhcl_config().map(|c| c.command_line()); - let encryption_cli = match encryption { - GuestStateEncryptionPolicy::Auto => "AUTO", - GuestStateEncryptionPolicy::None(_) => "NONE", - GuestStateEncryptionPolicy::GspById(_) => "GSP_BY_ID", - GuestStateEncryptionPolicy::GspKey(_) => "GSP_KEY", - }; - - // TODO: Error for non-OpenHCL Hyper-V VMs if not supported - // TODO: Use WMI interfaces when possible - if properties.is_openhcl { - append_cmdline( - &mut openhcl_command_line, - format!("HCL_GUEST_STATE_LIFETIME={lifetime_cli}"), - ); - append_cmdline( - &mut openhcl_command_line, - format!("HCL_GUEST_STATE_ENCRYPTION_POLICY={encryption_cli}"), - ); - if strict { - append_cmdline(&mut openhcl_command_line, "HCL_STRICT_ENCRYPTION_POLICY=1"); - } - }; - - petri_disk_to_hyperv(disk.as_ref(), &temp_dir).await? - }; + let guest_state_path = petri_disk_to_hyperv(config.vmgs.disk(), &temp_dir).await?; let mut log_tasks = Vec::new(); - let mut vm = HyperVVM::new( - &name, - generation, - guest_state_isolation_type, - memory.startup_bytes, - vmgs_path.as_deref(), - log_source.clone(), - driver.clone(), - ) - .await?; - - { - let ProcessorTopology { - vp_count, - vps_per_socket, - enable_smt, - apic_mode, - } = proc_topology; - // TODO: fix this mapping, and/or update petri to better match - // Hyper-V's capabilities. - let apic_mode = apic_mode - .map(|m| match m { - super::ApicMode::Xapic => powershell::HyperVApicMode::Legacy, - super::ApicMode::X2apicSupported => powershell::HyperVApicMode::X2Apic, - super::ApicMode::X2apicEnabled => powershell::HyperVApicMode::X2Apic, - }) - .or((arch == MachineArch::X86_64 - && generation == powershell::HyperVGeneration::Two) - .then_some({ - // This is necessary for some tests to pass. TODO: fix. - powershell::HyperVApicMode::X2Apic - })); - vm.set_processor(&powershell::HyperVSetVMProcessorArgs { - count: Some(vp_count), - apic_mode, - hw_thread_count_per_core: enable_smt.map(|smt| if smt { 2 } else { 1 }), - maximum_count_per_numa_node: vps_per_socket, - }) - .await?; - } - if let Some(UefiConfig { - secure_boot_enabled, - secure_boot_template, disable_frontpage, - default_boot_always_attempt, enable_vpci_boot, - }) = uefi_config + secure_boot_enabled, + default_boot_always_attempt, + .. + }) = config.firmware.uefi_config() { - vm.set_secure_boot( - *secure_boot_enabled, - secure_boot_template.map(|t| match t { - SecureBootTemplate::MicrosoftWindows => { - HyperVSecureBootTemplate::MicrosoftWindows - } - SecureBootTemplate::MicrosoftUefiCertificateAuthority => { - HyperVSecureBootTemplate::MicrosoftUEFICertificateAuthority - } - }), - ) - .await?; - // TODO: Disable frontpage for non-OpenHCL Hyper-V VMs if *disable_frontpage && properties.is_openhcl { append_cmdline( @@ -364,21 +198,37 @@ impl PetriVmmBackend for HyperVPetriBackend { ); } - if properties.is_openhcl { + // For certain configurations, we need to override the override + // in new_underhill_vm. + // + // TODO: remove this (and OpenHCL override) once host changes + // are saturated. + if !properties.is_isolated + && !*secure_boot_enabled + && config.tpm.is_none() + && !*default_boot_always_attempt + { append_cmdline( &mut openhcl_command_line, - format!( - "HCL_DEFAULT_BOOT_ALWAYS_ATTEMPT={}", - if *default_boot_always_attempt { 1 } else { 0 } - ), + "HCL_DEFAULT_BOOT_ALWAYS_ATTEMPT=0", ); - }; + } if *enable_vpci_boot { todo!("hyperv nvme boot"); } } + let hyperv_args = { + let mut args = HyperVNewCustomVMArgs::from_config(&config, &properties)?; + args.firmware_file = igvm_file.clone(); + args.firmware_parameters = openhcl_command_line; + args.guest_state_path = guest_state_path; + args + }; + + let mut vm = HyperVVM::new(hyperv_args, log_source.clone(), driver.clone()).await?; + if properties.using_vtl0_pipette && matches!(properties.os_flavor, OsFlavor::Windows) && !properties.is_isolated @@ -397,16 +247,11 @@ impl PetriVmmBackend for HyperVPetriBackend { vm.set_imc(&imc_hive).await?; } - if let Some(( - src_igvm_file, - OpenHclConfig { - vmbus_redirect, - custom_command_line: _, - log_levels: _, - vtl2_base_address_type, - vtl2_settings, - }, - )) = openhcl_config + if let Some(OpenHclConfig { + vtl2_base_address_type, + vtl2_settings, + .. + }) = config.firmware.openhcl_config() { if vtl2_base_address_type.is_some() { todo!("custom VTL2 base address type not yet supported for Hyper-V") @@ -414,42 +259,22 @@ impl PetriVmmBackend for HyperVPetriBackend { // Copy the IGVM file locally, since it may not be accessible by // Hyper-V (e.g., if it is in a WSL filesystem). - let igvm_file = temp_dir.path().join(IGVM_FILE_NAME); - fs_err::copy(src_igvm_file, &igvm_file).context("failed to copy igvm file")?; - acl_read_for_vm(&igvm_file, Some(*vm.vmid())) + let local_path = igvm_file.as_ref().unwrap(); + fs_err::copy(config.firmware.openhcl_firmware().unwrap(), local_path) + .context("failed to copy igvm file")?; + acl_read_for_vm(local_path, Some(*vm.vmid())) .context("failed to set ACL for igvm file")?; - // TODO: only increase VTL2 memory on debug builds - vm.set_openhcl_firmware( - &igvm_file, - // don't increase VTL2 memory on CVMs - !matches!( - guest_state_isolation_type, - powershell::HyperVGuestStateIsolationType::Vbs - | powershell::HyperVGuestStateIsolationType::Snp - | powershell::HyperVGuestStateIsolationType::Tdx - ), - ) - .await?; - - vm.set_vm_firmware_command_line(openhcl_command_line.as_ref().unwrap()) - .await?; - - vm.set_vmbus_redirect(*vmbus_redirect).await?; - // Attempt to enable COM3 and use that to get KMSG logs, otherwise // fall back to use diag_client. let supports_com3 = { // Hyper-V VBS VMs don't work with COM3 enabled. // Hypervisor support is needed for this to work. - let is_not_vbs = !matches!( - guest_state_isolation_type, - powershell::HyperVGuestStateIsolationType::Vbs - ); + let is_not_vbs = !matches!(config.firmware.isolation(), Some(IsolationType::Vbs)); // The Hyper-V serial device for ARM doesn't support additional // serial ports yet. - let is_x86 = matches!(arch, MachineArch::X86_64); + let is_x86 = matches!(config.arch, MachineArch::X86_64); // The registry key to enable additional COM ports is only // available in newer builds of Windows. @@ -502,7 +327,7 @@ impl PetriVmmBackend for HyperVPetriBackend { )); // Add IDE storage - if let Some(ide_controllers) = firmware.ide_controllers() { + if let Some(ide_controllers) = config.firmware.ide_controllers() { for (controller_number, controller) in ide_controllers.iter().enumerate() { for (controller_location, disk) in controller.iter().enumerate() { if let Some(disk) = disk { @@ -522,7 +347,7 @@ impl PetriVmmBackend for HyperVPetriBackend { } // Add VMBus storage - for (vsid, controller) in &vmbus_storage_controllers { + for (vsid, controller) in &config.vmbus_storage_controllers { match controller.controller_type { VmbusStorageType::Scsi => { vm.add_scsi_controller(vsid, controller.target_vtl as u32) @@ -549,25 +374,11 @@ impl PetriVmmBackend for HyperVPetriBackend { } // Configure the TPM - if let Some(TpmConfig { - no_persistent_secrets, - }) = tpm - { - if generation == powershell::HyperVGeneration::One { + if config.tpm.is_some() { + if properties.is_pcat { anyhow::bail!("hyper-v gen 1 VMs do not support a TPM"); } vm.enable_tpm().await?; - - if properties.is_openhcl { - vm.set_guest_state_isolation_mode(if no_persistent_secrets { - powershell::HyperVGuestStateIsolationMode::NoPersistentSecrets - } else { - powershell::HyperVGuestStateIsolationMode::Default - }) - .await?; - } else if no_persistent_secrets { - anyhow::bail!("no persistent secrets requires an hcl"); - } } else { vm.disable_tpm().await?; } @@ -583,7 +394,9 @@ impl PetriVmmBackend for HyperVPetriBackend { driver: driver.clone(), properties, }, - firmware.into_runtime_config(vmbus_storage_controllers), + config + .firmware + .into_runtime_config(config.vmbus_storage_controllers), )) } } diff --git a/petri/src/vm/hyperv/powershell.rs b/petri/src/vm/hyperv/powershell.rs index 54ddae5dfe..742e49a0d0 100644 --- a/petri/src/vm/hyperv/powershell.rs +++ b/petri/src/vm/hyperv/powershell.rs @@ -5,8 +5,11 @@ use crate::CommandError; use crate::OpenHclServicingFlags; +use crate::PetriVmConfig; +use crate::PetriVmProperties; use crate::VmScreenshotMeta; use crate::run_host_cmd; +use crate::vm::append_cmdline; use anyhow::Context; use core::str; use guid::Guid; @@ -25,9 +28,9 @@ use std::str::FromStr; #[derive(Clone, Copy, PartialEq, Eq)] pub enum HyperVGeneration { /// Generation 1 (with emulated legacy devices and PCAT BIOS) - One, + One = 1, /// Generation 2 (synthetic devices and UEFI) - Two, + Two = 2, } impl ps::AsVal for HyperVGeneration { @@ -156,6 +159,372 @@ pub async fn run_new_vm(args: HyperVNewVMArgs<'_>) -> anyhow::Result { Guid::from_str(&vmid).context("invalid vmid") } +#[derive(Clone, Copy)] +#[expect(missing_docs)] +pub enum HyperVGuestStateLifetime { + Default = 0, + ReprovisionOnFailure = 1, + Reprovision = 2, + Ephemeral = 3, +} + +impl ps::AsVal for HyperVGuestStateLifetime { + fn as_val(&self) -> impl '_ + AsRef { + match self { + HyperVGuestStateLifetime::Default => "0", + HyperVGuestStateLifetime::ReprovisionOnFailure => "1", + HyperVGuestStateLifetime::Reprovision => "2", + HyperVGuestStateLifetime::Ephemeral => "3", + } + } +} + +#[derive(Clone, Copy, Debug)] +#[expect(missing_docs)] +pub enum HyperVGuestStateEncryptionPolicy { + Default = 0, + None = 1, + GspById = 2, + GspKey = 3, + HardwareSealedSecretsHashPolicy = 4, + HardwareSealedSecretsSignerPolicy = 5, +} + +impl ps::AsVal for HyperVGuestStateEncryptionPolicy { + fn as_val(&self) -> impl '_ + AsRef { + match self { + HyperVGuestStateEncryptionPolicy::Default => "0", + HyperVGuestStateEncryptionPolicy::None => "1", + HyperVGuestStateEncryptionPolicy::GspById => "2", + HyperVGuestStateEncryptionPolicy::GspKey => "3", + HyperVGuestStateEncryptionPolicy::HardwareSealedSecretsHashPolicy => "4", + HyperVGuestStateEncryptionPolicy::HardwareSealedSecretsSignerPolicy => "5", + } + } +} + +#[bitfield_struct::bitfield(u64)] +#[expect(missing_docs)] +pub struct HyperVManagementVtlFeatureFlags { + pub strict_encryption_policy: bool, + pub _reserved1: bool, + pub control_ak_cert_provisioning: bool, + pub attempt_ak_cert_callback: bool, + pub tx_only_serial_port: bool, + #[bits(59)] + pub _reserved2: u64, +} + +impl ps::AsVal for HyperVManagementVtlFeatureFlags { + fn as_val(&self) -> impl '_ + AsRef { + self.0.as_val() + } +} + +/// Arguments for the New-CustomVM powershell cmdlet +#[expect(missing_docs)] +pub struct HyperVNewCustomVMArgs { + pub name: String, + pub generation: Option, + pub guest_state_isolation_type: Option, + pub guest_state_isolation_mode: Option, + pub guest_state_lifetime: Option, + pub guest_state_path: Option, + pub vmbus_message_redirection: Option, + pub firmware_file: Option, + pub firmware_parameters: Option, + pub increase_vtl2_memory: Option, + pub default_boot_always_attempt: Option, + pub secure_boot_enabled: Option, + pub secure_boot_template: Option, + pub management_vtl_feature_flags: Option, + pub guest_state_encryption_policy: Option, + pub memory: Option, + pub vp_count: Option, + pub apic_mode: Option, + pub hw_threads_per_core: Option, + pub max_processors_per_numa_node: Option, +} + +impl HyperVNewCustomVMArgs { + /// Check for missing WMI properties and adjust the OpenHCL command line to compensate + /// + /// All of these settings should only be set for OpenHCL VMs, which is not verified here + pub async fn make_compatible(&mut self) -> anyhow::Result<()> { + let available_properties = run_get_vssd_properties().await?; + let property_exists = |name: &str| available_properties.iter().any(|x| x == name); + + if let Some(guest_state_lifetime) = self.guest_state_lifetime.as_ref() + && !property_exists("GuestStateLifetime") + { + let lifetime_cli = match guest_state_lifetime { + HyperVGuestStateLifetime::Default => "DEFAULT", + HyperVGuestStateLifetime::ReprovisionOnFailure => "REPROVISION_ON_FAILURE", + HyperVGuestStateLifetime::Reprovision => "REPROVISION", + HyperVGuestStateLifetime::Ephemeral => "EPHEMERAL", + }; + append_cmdline( + &mut self.firmware_parameters, + format!("HCL_GUEST_STATE_LIFETIME={lifetime_cli}"), + ); + self.guest_state_lifetime = None; + } + + if let Some(default_boot_always_attempt) = self.default_boot_always_attempt.as_ref() + && !property_exists("DefaultBootAlwaysAttempt") + { + let arg = format!( + "HCL_DEFAULT_BOOT_ALWAYS_ATTEMPT={}", + if *default_boot_always_attempt { 1 } else { 0 } + ); + // In certain cases, this one may have already been added + if !self + .firmware_parameters + .as_ref() + .is_some_and(|x| x.contains(&arg)) + { + append_cmdline(&mut self.firmware_parameters, arg); + } + self.default_boot_always_attempt = None; + } + + if let Some(management_vtl_feature_flags) = self.management_vtl_feature_flags.as_ref() + && !property_exists("ManagementVtlFeatureFlags") + { + let supported_flags = + HyperVManagementVtlFeatureFlags::new().with_strict_encryption_policy(true); + if management_vtl_feature_flags.0 & !supported_flags.0 != 0 { + anyhow::bail!( + "not all ManagementVtlFeatureFlags can be set using the command line: {}", + management_vtl_feature_flags.0 + ) + } + if management_vtl_feature_flags.strict_encryption_policy() { + append_cmdline( + &mut self.firmware_parameters, + "HCL_STRICT_ENCRYPTION_POLICY=1", + ); + } + self.management_vtl_feature_flags = None; + } + + if let Some(guest_state_encryption_policy) = self.guest_state_encryption_policy.as_ref() + && !property_exists("GuestStateEncryptionPolicy") + { + let encryption_cli = match guest_state_encryption_policy { + HyperVGuestStateEncryptionPolicy::Default => "AUTO", + HyperVGuestStateEncryptionPolicy::None => "NONE", + HyperVGuestStateEncryptionPolicy::GspById => "GSP_BY_ID", + HyperVGuestStateEncryptionPolicy::GspKey => "GSP_KEY", + policy => { + anyhow::bail!("encryption policy not supported over command line: {policy:?}") + } + }; + append_cmdline( + &mut self.firmware_parameters, + format!("HCL_GUEST_STATE_ENCRYPTION_POLICY={encryption_cli}"), + ); + self.guest_state_encryption_policy = None; + } + + Ok(()) + } + + /// Create a set of arguments for New-CustomVM from a Petri VM config + pub fn from_config( + config: &PetriVmConfig, + properties: &PetriVmProperties, + ) -> anyhow::Result { + use crate::ApicMode; + use crate::IsolationType; + use crate::PetriVmgsResource; + use crate::SecureBootTemplate; + use petri_artifacts_common::tags::MachineArch; + use vmgs_resources::GuestStateEncryptionPolicy; + + let PetriVmConfig { + name, + arch, + firmware, + memory, + proc_topology, + vmgs, + tpm, + .. + } = config; + + Ok(HyperVNewCustomVMArgs { + name: name.to_owned(), + generation: Some(if properties.is_pcat { + HyperVGeneration::One + } else { + HyperVGeneration::Two + }), + guest_state_isolation_type: match firmware.isolation() { + Some(IsolationType::Vbs) => Some(HyperVGuestStateIsolationType::Vbs), + Some(IsolationType::Snp) => Some(HyperVGuestStateIsolationType::Snp), + Some(IsolationType::Tdx) => Some(HyperVGuestStateIsolationType::Tdx), + None if properties.is_openhcl => Some(HyperVGuestStateIsolationType::OpenHCL), + None => None, + }, + guest_state_isolation_mode: { + let no_persistent_secrets = tpm + .as_ref() + .map(|c| c.no_persistent_secrets) + .unwrap_or(false); + if no_persistent_secrets && !properties.is_openhcl { + anyhow::bail!("no persistent secrets requires an hcl"); + } + properties.is_openhcl.then_some(if no_persistent_secrets { + HyperVGuestStateIsolationMode::NoPersistentSecrets + } else { + HyperVGuestStateIsolationMode::Default + }) + }, + guest_state_lifetime: properties.is_openhcl.then_some(match &vmgs { + PetriVmgsResource::Disk(_) => HyperVGuestStateLifetime::Default, + PetriVmgsResource::ReprovisionOnFailure(_) => { + HyperVGuestStateLifetime::ReprovisionOnFailure + } + PetriVmgsResource::Reprovision(_) => HyperVGuestStateLifetime::Reprovision, + PetriVmgsResource::Ephemeral => HyperVGuestStateLifetime::Ephemeral, + }), + vmbus_message_redirection: firmware.openhcl_config().map(|c| c.vmbus_redirect), + increase_vtl2_memory: properties.is_openhcl.then_some(!properties.is_isolated), + default_boot_always_attempt: firmware + .uefi_config() + .map(|c| c.default_boot_always_attempt), + secure_boot_enabled: firmware.uefi_config().map(|c| c.secure_boot_enabled), + secure_boot_template: firmware + .uefi_config() + .and_then(|c| c.secure_boot_template) + .map(|t| match t { + SecureBootTemplate::MicrosoftWindows => { + HyperVSecureBootTemplate::MicrosoftWindows + } + SecureBootTemplate::MicrosoftUefiCertificateAuthority => { + HyperVSecureBootTemplate::MicrosoftUEFICertificateAuthority + } + }), + management_vtl_feature_flags: properties.is_openhcl.then(|| { + HyperVManagementVtlFeatureFlags::new().with_strict_encryption_policy( + vmgs.encryption_policy() + .map(|p| p.is_strict()) + .unwrap_or(false), + ) + }), + guest_state_encryption_policy: firmware + .is_openhcl() + .then(|| vmgs.encryption_policy()) + .flatten() + .map(|p| match p { + GuestStateEncryptionPolicy::Auto => HyperVGuestStateEncryptionPolicy::Default, + GuestStateEncryptionPolicy::None(_) => HyperVGuestStateEncryptionPolicy::None, + GuestStateEncryptionPolicy::GspById(_) => { + HyperVGuestStateEncryptionPolicy::GspById + } + GuestStateEncryptionPolicy::GspKey(_) => { + HyperVGuestStateEncryptionPolicy::GspKey + } + }), + memory: Some(memory.startup_bytes), + vp_count: Some(proc_topology.vp_count as u64), + // TODO: fix this mapping, and/or update petri to better match + // Hyper-V's capabilities. + apic_mode: proc_topology + .apic_mode + .map(|m| match m { + ApicMode::Xapic => HyperVApicMode::Legacy, + ApicMode::X2apicSupported => HyperVApicMode::X2Apic, + ApicMode::X2apicEnabled => HyperVApicMode::X2Apic, + }) + .or( + (*arch == MachineArch::X86_64 && !properties.is_pcat).then_some({ + // This is necessary for some tests to pass. TODO: fix. + HyperVApicMode::X2Apic + }), + ), + hw_threads_per_core: proc_topology.enable_smt.map(|smt| if smt { 2 } else { 1 }), + max_processors_per_numa_node: proc_topology.vps_per_socket.map(|v| v as u64), + + // specified after creation + firmware_file: None, + firmware_parameters: None, + guest_state_path: None, + }) + } +} + +/// Runs New-VM with the given arguments. +pub async fn run_new_customvm(ps_mod: &Path, args: HyperVNewCustomVMArgs) -> anyhow::Result { + let (guest_state_isolation_enabled, guest_state_isolation_type) = args + .guest_state_isolation_type + .and_then(|isolation_type| match isolation_type { + HyperVGuestStateIsolationType::Disabled => None, + isolation_type => Some((true, isolation_type)), + }) + .unzip(); + + let secure_boot_template_id = args.secure_boot_template.map(|t| match t { + HyperVSecureBootTemplate::MicrosoftWindows => { + guid::guid!("1734c6e8-3154-4dda-ba5f-a874cc483422") + } + HyperVSecureBootTemplate::MicrosoftUEFICertificateAuthority => { + guid::guid!("272e7447-90a4-4563-a4b9-8e4ab00526ce") + } + HyperVSecureBootTemplate::OpenSourceShieldedVM => { + guid::guid!("4292ae2b-ee2c-42b5-a969-dd8f8689f6f3") + } + }); + + let vmid = run_host_cmd( + PowerShellBuilder::new() + .cmdlet("Import-Module") + .positional(ps_mod) + .next() + .cmdlet("New-CustomVM") + .arg("VMName", args.name) + .arg_opt("Generation", args.generation) + .arg_opt("GuestStateIsolationEnabled", guest_state_isolation_enabled) + .arg_opt("GuestStateIsolationType", guest_state_isolation_type) + .arg_opt("GuestStateIsolationMode", args.guest_state_isolation_mode) + .arg_opt("GuestStateLifetime", args.guest_state_lifetime) + .arg_opt("GuestStateFilePath", args.guest_state_path) + .arg_opt("VMBusMessageRedirection", args.vmbus_message_redirection) + .arg_opt("FirmwareFile", args.firmware_file) + .arg_opt("FirmwareParameters", args.firmware_parameters) + .flag_opt( + args.increase_vtl2_memory + .and_then(|v| v.then_some("IncreaseVtl2Memory")), + ) + .arg_opt("DefaultBootAlwaysAttempt", args.default_boot_always_attempt) + .arg_opt("SecureBootEnabled", args.secure_boot_enabled) + .arg_opt("SecureBootTemplateId", secure_boot_template_id) + .arg_opt( + "ManagementVtlFeatureFlags", + args.management_vtl_feature_flags, + ) + .arg_opt( + "GuestStateEncryptionPolicy", + args.guest_state_encryption_policy, + ) + .arg_opt("Memory", args.memory) + .arg_opt("VpCount", args.vp_count) + .arg_opt("ApicMode", args.apic_mode) + .arg_opt("HwThreadsPerCore", args.hw_threads_per_core) + .arg_opt( + "MaxProcessorsPerNumaNode", + args.max_processors_per_numa_node, + ) + .finish() + .build(), + ) + .await + .context("new_customvm")?; + + Guid::from_str(&vmid).context("invalid vmid") +} + /// Runs New-VM with the given arguments. pub async fn run_remove_vm(vmid: &Guid) -> anyhow::Result<()> { run_host_cmd( @@ -194,19 +563,19 @@ pub struct HyperVSetVMProcessorArgs { pub enum HyperVApicMode { /// Default APIC mode (what is this, exactly? It seems to not always include /// x2apic support). - Default, + Default = 0, /// Legacy APIC mode (no x2apic support). - Legacy, + Legacy = 1, /// x2apic mode (enabled by default? or just supported? unclear) - X2Apic, + X2Apic = 2, } impl ps::AsVal for HyperVApicMode { fn as_val(&self) -> impl '_ + AsRef { match self { - HyperVApicMode::Default => "Default", - HyperVApicMode::Legacy => "Legacy", - HyperVApicMode::X2Apic => "x2Apic", + HyperVApicMode::Default => "0", + HyperVApicMode::Legacy => "1", + HyperVApicMode::X2Apic => "2", } } } @@ -1184,6 +1553,28 @@ pub async fn run_get_vm_host() -> anyhow::Result { .map_err(|e| anyhow::anyhow!("failed to parse HyperVGetVmHost: {}", e)) } +/// Get available vssd properties +pub async fn run_get_vssd_properties() -> anyhow::Result> { + let output = run_host_cmd( + PowerShellBuilder::new() + .cmdlet("Get-CimClass") + .arg("Namespace", "root\\virtualization\\v2") + .arg("ClassName", "Msvm_VirtualSystemSettingData") + .pipeline() + .cmdlet("Select-Object") + .arg("ExpandProperty", "CimClassProperties") + .pipeline() + .cmdlet("Select-Object") + .arg("ExpandProperty", "Name") + .finish() + .build(), + ) + .await + .context("get_vssd_properties")?; + + Ok(output.lines().map(|x| x.to_owned()).collect()) +} + /// Runs Get-GuestStateFile with the given arguments. pub async fn run_get_guest_state_file(vmid: &Guid, ps_mod: &Path) -> anyhow::Result { let output = run_host_cmd( diff --git a/petri/src/vm/hyperv/vm.rs b/petri/src/vm/hyperv/vm.rs index 7f04eb6bb3..93d3b81a2d 100644 --- a/petri/src/vm/hyperv/vm.rs +++ b/petri/src/vm/hyperv/vm.rs @@ -54,17 +54,13 @@ pub struct HyperVVM { impl HyperVVM { /// Create a new Hyper-V VM pub async fn new( - name: &str, - generation: powershell::HyperVGeneration, - guest_state_isolation_type: powershell::HyperVGuestStateIsolationType, - memory: u64, - vmgs_path: Option<&Path>, + mut args: powershell::HyperVNewCustomVMArgs, logger: PetriLogSource, driver: DefaultDriver, ) -> anyhow::Result { let log_file = logger.log_file("hyperv")?; let create_time = Timestamp::now(); - let name = name.to_owned(); + let name = args.name.clone(); let temp_dir = tempfile::tempdir()?; let ps_mod = temp_dir.path().join("hyperv.psm1"); { @@ -78,8 +74,8 @@ impl HyperVVM { let is_isolated = { use powershell::HyperVGuestStateIsolationType as IsolationType; matches!( - guest_state_isolation_type, - IsolationType::Snp | IsolationType::Tdx | IsolationType::Vbs + args.guest_state_isolation_type, + Some(IsolationType::Snp | IsolationType::Tdx | IsolationType::Vbs) ) }; @@ -104,22 +100,12 @@ impl HyperVVM { } } - let vmid = powershell::run_new_vm(powershell::HyperVNewVMArgs { - name: &name, - generation: Some(generation), - guest_state_isolation_type: Some(guest_state_isolation_type), - memory_startup_bytes: Some(memory), - path: None, - vhd_path: None, - source_guest_state_path: vmgs_path, - }) - .await?; + args.make_compatible().await?; + let vmid = powershell::run_new_customvm(&ps_mod, args).await?; tracing::info!(name, vmid = vmid.to_string(), "Created Hyper-V VM"); - // Instantiate this now so that its drop runs if there's a failure - // below. - let this = Self { + Ok(Self { vmid, name, create_time, @@ -132,39 +118,7 @@ impl HyperVVM { destroyed: false, last_start_time: None, last_log_flushed: None, - }; - - // Remove the default network adapter - powershell::run_remove_vm_network_adapter(&vmid) - .await - .context("remove default network adapter")?; - - // Remove the default SCSI controller - powershell::run_remove_vm_scsi_controller(&vmid, 0) - .await - .context("remove default SCSI controller")?; - - // Disable dynamic memory - powershell::run_set_vm_memory( - &vmid, - &powershell::HyperVSetVMMemoryArgs { - dynamic_memory_enabled: Some(false), - ..Default::default() - }, - ) - .await?; - - // Disable secure boot for generation 2 VMs - if generation == powershell::HyperVGeneration::Two { - powershell::run_set_vm_firmware(powershell::HyperVSetVMFirmwareArgs { - vmid: &vmid, - secure_boot_enabled: Some(false), - secure_boot_template: None, - }) - .await?; - } - - Ok(this) + }) } /// Get the name of the VM diff --git a/petri/src/vm/mod.rs b/petri/src/vm/mod.rs index 1ea421e44e..e05406ea51 100644 --- a/petri/src/vm/mod.rs +++ b/petri/src/vm/mod.rs @@ -2594,6 +2594,16 @@ impl Firmware { } } + #[cfg_attr(not(windows), expect(dead_code))] + fn openhcl_firmware(&self) -> Option<&Path> { + match self { + Firmware::OpenhclLinuxDirect { igvm_path, .. } + | Firmware::OpenhclUefi { igvm_path, .. } + | Firmware::OpenhclPcat { igvm_path, .. } => Some(igvm_path.get()), + Firmware::LinuxDirect { .. } | Firmware::Pcat { .. } | Firmware::Uefi { .. } => None, + } + } + fn into_runtime_config( self, vmbus_storage_controllers: HashMap, @@ -2887,7 +2897,7 @@ pub enum PetriVmgsResource { impl PetriVmgsResource { /// get the inner vmgs disk if one exists - pub fn disk(&self) -> Option<&PetriVmgsDisk> { + pub fn vmgs(&self) -> Option<&PetriVmgsDisk> { match self { PetriVmgsResource::Disk(vmgs) | PetriVmgsResource::ReprovisionOnFailure(vmgs) @@ -2895,6 +2905,16 @@ impl PetriVmgsResource { PetriVmgsResource::Ephemeral => None, } } + + /// get the inner disk if one exists + pub fn disk(&self) -> Option<&Disk> { + self.vmgs().map(|vmgs| &vmgs.disk) + } + + /// get the encryption policy of the vmgs + pub fn encryption_policy(&self) -> Option { + self.vmgs().map(|vmgs| vmgs.encryption_policy) + } } /// Petri VM guest state lifetime diff --git a/petri/src/vm/openvmm/construct.rs b/petri/src/vm/openvmm/construct.rs index e2b7ea330a..aa8f7e4e47 100644 --- a/petri/src/vm/openvmm/construct.rs +++ b/petri/src/vm/openvmm/construct.rs @@ -897,10 +897,10 @@ impl PetriVmConfigSetupCore<'_> { _ => anyhow::bail!("not a supported openhcl firmware config"), }; - let test_gsp_by_id = self - .vmgs - .disk() - .is_some_and(|x| matches!(x.encryption_policy, GuestStateEncryptionPolicy::GspById(_))); + let test_gsp_by_id = matches!( + self.vmgs.encryption_policy(), + Some(GuestStateEncryptionPolicy::GspById(_)) + ); // Save the GED handle to add later after configuration is complete. let ged = get_resources::ged::GuestEmulationDeviceHandle { From 2d98efcf33202bb653a6aa6dea06ed33f2cc2208 Mon Sep 17 00:00:00 2001 From: Trevor Jones Date: Wed, 25 Mar 2026 17:03:56 -0700 Subject: [PATCH 2/2] dont use 1es runners --- .github/workflows/openvmm-ci.yaml | 195 +++++++---------- .github/workflows/openvmm-pr-release.yaml | 201 +++++++----------- .github/workflows/openvmm-pr.yaml | 177 +++++++-------- ci-flowey/openvmm-pr.yaml | 84 +++----- .../src/pipelines/checkin_gates.rs | 57 +++-- .../src/pipelines_shared/gh_pools.rs | 68 +++++- 6 files changed, 340 insertions(+), 442 deletions(-) diff --git a/.github/workflows/openvmm-ci.yaml b/.github/workflows/openvmm-ci.yaml index 976545bcb2..5aecc5de78 100644 --- a/.github/workflows/openvmm-ci.yaml +++ b/.github/workflows/openvmm-ci.yaml @@ -345,9 +345,9 @@ jobs: name: clippy [x64-windows], unit tests [x64-windows] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job10-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM permissions: contents: read id-token: write @@ -586,9 +586,9 @@ jobs: name: clippy [x64-linux, macos], unit tests [x64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job11-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -863,9 +863,9 @@ jobs: name: clippy [x64-linux-musl, misc nostd], unit tests [x64-linux-musl] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job12-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -1131,9 +1131,9 @@ jobs: name: clippy [aarch64-windows], unit tests [aarch64-windows] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-ARM64-Pool-WestUS2 - - 1ES.ImageOverride=OpenVMM-CI-Windows-ARM64 - - JobId=job13-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - ARM64 + - Baremetal permissions: contents: read id-token: write @@ -1370,11 +1370,7 @@ jobs: shell: bash job14: name: clippy [aarch64-linux], unit tests [aarch64-linux] - runs-on: - - self-hosted - - 1ES.Pool=OpenVMM-GitHub-ARM64-Pool-WestUS2 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-ARM64 - - JobId=job14-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + runs-on: ubuntu-24.04-arm permissions: contents: read id-token: write @@ -1627,11 +1623,7 @@ jobs: shell: bash job15: name: clippy [aarch64-linux-musl, misc nostd], unit tests [aarch64-linux-musl] - runs-on: - - self-hosted - - 1ES.Pool=OpenVMM-GitHub-ARM64-Pool-WestUS2 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-ARM64 - - JobId=job15-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + runs-on: ubuntu-24.04-arm permissions: contents: read id-token: write @@ -1897,9 +1889,10 @@ jobs: name: run vmm-tests [x64-windows-intel] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-Intel-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job16-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM + - Intel permissions: contents: read id-token: write @@ -2431,9 +2424,10 @@ jobs: name: run vmm-tests [x64-windows-amd] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job18-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM + - AMD permissions: contents: read id-token: write @@ -2965,9 +2959,9 @@ jobs: name: build artifacts (not for VMM tests) [aarch64-windows] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job2-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM permissions: contents: read id-token: write @@ -3045,8 +3039,6 @@ jobs: echo "${{ runner.temp }}\\publish_artifacts\\aarch64-windows-igvmfilegen" | flowey.exe v 2 'artifact_publish_from_aarch64-windows-igvmfilegen' --is-raw-string update mkdir -p "$AgentTempDirNormal/publish_artifacts/aarch64-windows-ohcldiag-dev" echo "${{ runner.temp }}\\publish_artifacts\\aarch64-windows-ohcldiag-dev" | flowey.exe v 2 'artifact_publish_from_aarch64-windows-ohcldiag-dev' --is-raw-string update - mkdir -p "$AgentTempDirNormal/publish_artifacts/aarch64-windows-vmgs_lib" - echo "${{ runner.temp }}\\publish_artifacts\\aarch64-windows-vmgs_lib" | flowey.exe v 2 'artifact_publish_from_aarch64-windows-vmgs_lib' --is-raw-string update shell: bash - name: add default cargo home to path run: flowey.exe e 2 flowey_lib_common::install_rust 0 @@ -3115,7 +3107,7 @@ jobs: - name: symlink protoc run: |- flowey.exe e 2 flowey_lib_hvlite::init_openvmm_magicpath_protoc 0 - flowey.exe e 2 flowey_lib_hvlite::init_cross_build 1 + flowey.exe e 2 flowey_lib_hvlite::init_cross_build 0 shell: bash - name: cargo build hypestv run: |- @@ -3123,31 +3115,22 @@ jobs: flowey.exe e 2 flowey_lib_hvlite::run_cargo_build 0 flowey.exe e 2 flowey_lib_hvlite::build_hypestv 0 flowey.exe e 2 flowey_core::pipeline::artifact::publish 0 - flowey.exe e 2 flowey_lib_hvlite::init_cross_build 0 - shell: bash - - name: cargo build vmgs_lib - run: |- - flowey.exe e 2 flowey_lib_common::run_cargo_build 3 - flowey.exe e 2 flowey_lib_hvlite::run_cargo_build 3 - flowey.exe e 2 flowey_lib_hvlite::build_and_test_vmgs_lib 0 - flowey.exe e 2 flowey_lib_hvlite::build_and_test_vmgs_lib 1 - flowey.exe e 2 flowey_core::pipeline::artifact::publish 1 - flowey.exe e 2 flowey_lib_hvlite::init_cross_build 2 + flowey.exe e 2 flowey_lib_hvlite::init_cross_build 1 shell: bash - name: cargo build igvmfilegen run: |- flowey.exe e 2 flowey_lib_common::run_cargo_build 1 flowey.exe e 2 flowey_lib_hvlite::run_cargo_build 1 flowey.exe e 2 flowey_lib_hvlite::build_igvmfilegen 0 - flowey.exe e 2 flowey_core::pipeline::artifact::publish 2 - flowey.exe e 2 flowey_lib_hvlite::init_cross_build 3 + flowey.exe e 2 flowey_core::pipeline::artifact::publish 1 + flowey.exe e 2 flowey_lib_hvlite::init_cross_build 2 shell: bash - name: cargo build ohcldiag-dev run: |- flowey.exe e 2 flowey_lib_common::run_cargo_build 2 flowey.exe e 2 flowey_lib_hvlite::run_cargo_build 2 flowey.exe e 2 flowey_lib_hvlite::build_ohcldiag_dev 0 - flowey.exe e 2 flowey_core::pipeline::artifact::publish 3 + flowey.exe e 2 flowey_core::pipeline::artifact::publish 2 shell: bash - name: 'validate cache entry: gh-release-download' run: flowey.exe e 2 flowey_lib_common::cache 3 @@ -3170,19 +3153,14 @@ jobs: name: aarch64-windows-ohcldiag-dev path: ${{ runner.temp }}/publish_artifacts/aarch64-windows-ohcldiag-dev/ include-hidden-files: true - - name: πŸŒΌπŸ“¦ Publish aarch64-windows-vmgs_lib - uses: actions/upload-artifact@v7 - with: - name: aarch64-windows-vmgs_lib - path: ${{ runner.temp }}/publish_artifacts/aarch64-windows-vmgs_lib/ - include-hidden-files: true job20: name: run vmm-tests [x64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job20-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM + - AMD permissions: contents: read id-token: write @@ -3224,12 +3202,12 @@ jobs: shell: bash - name: creating new test content dir run: |- - flowey e 20 flowey_core::pipeline::artifact::resolve 1 - flowey e 20 flowey_core::pipeline::artifact::resolve 0 flowey e 20 flowey_core::pipeline::artifact::resolve 2 flowey e 20 flowey_core::pipeline::artifact::resolve 5 flowey e 20 flowey_core::pipeline::artifact::resolve 3 flowey e 20 flowey_core::pipeline::artifact::resolve 6 + flowey e 20 flowey_core::pipeline::artifact::resolve 1 + flowey e 20 flowey_core::pipeline::artifact::resolve 0 flowey e 20 flowey_lib_hvlite::_jobs::consume_and_test_nextest_vmm_tests_archive 0 shell: bash - name: checking if packages need to be installed @@ -3982,9 +3960,9 @@ jobs: name: build artifacts (for VMM tests) [aarch64-windows] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job3-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM permissions: contents: read id-token: write @@ -4140,14 +4118,6 @@ jobs: - name: symlink protoc run: |- flowey.exe e 3 flowey_lib_hvlite::init_openvmm_magicpath_protoc 0 - flowey.exe e 3 flowey_lib_hvlite::init_cross_build 7 - shell: bash - - name: cargo build prep_steps - run: |- - flowey.exe e 3 flowey_lib_common::run_cargo_build 2 - flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 2 - flowey.exe e 3 flowey_lib_hvlite::build_prep_steps 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 5 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 4 shell: bash - name: cargo build vmgstool @@ -4155,7 +4125,7 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 6 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 10 flowey.exe e 3 flowey_lib_hvlite::build_vmgstool 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 6 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 5 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 3 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 7 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 8 @@ -4165,7 +4135,7 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 5 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 9 flowey.exe e 3 flowey_lib_hvlite::build_tpm_guest_tests 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 7 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 6 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 1 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 3 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 4 @@ -4175,7 +4145,7 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 3 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 5 flowey.exe e 3 flowey_lib_hvlite::build_test_igvm_agent_rpc_server 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 0 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 7 shell: bash - name: create cargo-nextest cache dir run: |- @@ -4216,7 +4186,7 @@ jobs: run: |- flowey.exe e 3 flowey_lib_common::run_cargo_nextest_archive 0 flowey.exe e 3 flowey_lib_hvlite::build_nextest_vmm_tests 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 1 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 0 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 5 shell: bash - name: cargo build openvmm @@ -4224,7 +4194,7 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 0 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 0 flowey.exe e 3 flowey_lib_hvlite::build_openvmm 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 2 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 1 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 6 shell: bash - name: cargo build pipette @@ -4232,7 +4202,7 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 1 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 1 flowey.exe e 3 flowey_lib_hvlite::build_pipette 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 3 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 2 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 2 shell: bash - name: cargo build tmk_vmm @@ -4240,6 +4210,14 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 4 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 6 flowey.exe e 3 flowey_lib_hvlite::build_tmk_vmm 0 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 3 + flowey.exe e 3 flowey_lib_hvlite::init_cross_build 7 + shell: bash + - name: cargo build prep_steps + run: |- + flowey.exe e 3 flowey_lib_common::run_cargo_build 2 + flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 2 + flowey.exe e 3 flowey_lib_hvlite::build_prep_steps 0 flowey.exe e 3 flowey_core::pipeline::artifact::publish 4 shell: bash - name: 'validate cache entry: cargo-nextest' @@ -4300,9 +4278,9 @@ jobs: name: build artifacts (not for VMM tests) [x64-windows] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job4-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM permissions: contents: read id-token: write @@ -4380,8 +4358,6 @@ jobs: echo "${{ runner.temp }}\\publish_artifacts\\x64-windows-igvmfilegen" | flowey.exe v 4 'artifact_publish_from_x64-windows-igvmfilegen' --is-raw-string update mkdir -p "$AgentTempDirNormal/publish_artifacts/x64-windows-ohcldiag-dev" echo "${{ runner.temp }}\\publish_artifacts\\x64-windows-ohcldiag-dev" | flowey.exe v 4 'artifact_publish_from_x64-windows-ohcldiag-dev' --is-raw-string update - mkdir -p "$AgentTempDirNormal/publish_artifacts/x64-windows-vmgs_lib" - echo "${{ runner.temp }}\\publish_artifacts\\x64-windows-vmgs_lib" | flowey.exe v 4 'artifact_publish_from_x64-windows-vmgs_lib' --is-raw-string update shell: bash - name: add default cargo home to path run: flowey.exe e 4 flowey_lib_common::install_rust 0 @@ -4450,7 +4426,7 @@ jobs: - name: symlink protoc run: |- flowey.exe e 4 flowey_lib_hvlite::init_openvmm_magicpath_protoc 0 - flowey.exe e 4 flowey_lib_hvlite::init_cross_build 1 + flowey.exe e 4 flowey_lib_hvlite::init_cross_build 0 shell: bash - name: cargo build hypestv run: |- @@ -4458,35 +4434,22 @@ jobs: flowey.exe e 4 flowey_lib_hvlite::run_cargo_build 0 flowey.exe e 4 flowey_lib_hvlite::build_hypestv 0 flowey.exe e 4 flowey_core::pipeline::artifact::publish 0 - flowey.exe e 4 flowey_lib_hvlite::init_cross_build 0 - shell: bash - - name: cargo build vmgs_lib - run: |- - flowey.exe e 4 flowey_lib_common::run_cargo_build 3 - flowey.exe e 4 flowey_lib_hvlite::run_cargo_build 3 - flowey.exe e 4 flowey_lib_hvlite::build_and_test_vmgs_lib 0 - shell: bash - - name: test vmgs_lib - run: |- - flowey.exe e 4 flowey_lib_hvlite::build_and_test_vmgs_lib 1 - flowey.exe e 4 flowey_lib_hvlite::build_and_test_vmgs_lib 2 - flowey.exe e 4 flowey_core::pipeline::artifact::publish 1 - flowey.exe e 4 flowey_lib_hvlite::init_cross_build 2 + flowey.exe e 4 flowey_lib_hvlite::init_cross_build 1 shell: bash - name: cargo build igvmfilegen run: |- flowey.exe e 4 flowey_lib_common::run_cargo_build 1 flowey.exe e 4 flowey_lib_hvlite::run_cargo_build 1 flowey.exe e 4 flowey_lib_hvlite::build_igvmfilegen 0 - flowey.exe e 4 flowey_core::pipeline::artifact::publish 2 - flowey.exe e 4 flowey_lib_hvlite::init_cross_build 3 + flowey.exe e 4 flowey_core::pipeline::artifact::publish 1 + flowey.exe e 4 flowey_lib_hvlite::init_cross_build 2 shell: bash - name: cargo build ohcldiag-dev run: |- flowey.exe e 4 flowey_lib_common::run_cargo_build 2 flowey.exe e 4 flowey_lib_hvlite::run_cargo_build 2 flowey.exe e 4 flowey_lib_hvlite::build_ohcldiag_dev 0 - flowey.exe e 4 flowey_core::pipeline::artifact::publish 3 + flowey.exe e 4 flowey_core::pipeline::artifact::publish 2 shell: bash - name: 'validate cache entry: gh-release-download' run: flowey.exe e 4 flowey_lib_common::cache 3 @@ -4509,19 +4472,13 @@ jobs: name: x64-windows-ohcldiag-dev path: ${{ runner.temp }}/publish_artifacts/x64-windows-ohcldiag-dev/ include-hidden-files: true - - name: πŸŒΌπŸ“¦ Publish x64-windows-vmgs_lib - uses: actions/upload-artifact@v7 - with: - name: x64-windows-vmgs_lib - path: ${{ runner.temp }}/publish_artifacts/x64-windows-vmgs_lib/ - include-hidden-files: true job5: name: build artifacts (for VMM tests) [x64-windows] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job5-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM permissions: contents: read id-token: write @@ -4845,9 +4802,9 @@ jobs: name: build artifacts [aarch64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job6-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -5165,9 +5122,9 @@ jobs: name: build artifacts [x64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job7-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -5541,9 +5498,9 @@ jobs: name: build openhcl [aarch64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job8-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -5890,9 +5847,9 @@ jobs: name: build openhcl [x64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job9-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write diff --git a/.github/workflows/openvmm-pr-release.yaml b/.github/workflows/openvmm-pr-release.yaml index 39ad4b9edb..2b880205ca 100644 --- a/.github/workflows/openvmm-pr-release.yaml +++ b/.github/workflows/openvmm-pr-release.yaml @@ -29,9 +29,9 @@ jobs: name: quick check [fmt, clippy x64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job0-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -386,9 +386,9 @@ jobs: name: clippy [x64-windows], unit tests [x64-windows] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job10-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM permissions: contents: read id-token: write @@ -629,9 +629,9 @@ jobs: name: clippy [macos], unit tests [x64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job11-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -843,9 +843,9 @@ jobs: name: clippy [x64-linux-musl, misc nostd], unit tests [x64-linux-musl] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job12-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -1069,9 +1069,9 @@ jobs: name: clippy [aarch64-windows], unit tests [aarch64-windows] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-ARM64-Pool-WestUS2 - - 1ES.ImageOverride=OpenVMM-CI-Windows-ARM64 - - JobId=job13-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - ARM64 + - Baremetal permissions: contents: read id-token: write @@ -1310,11 +1310,7 @@ jobs: shell: bash job14: name: clippy [aarch64-linux], unit tests [aarch64-linux] - runs-on: - - self-hosted - - 1ES.Pool=OpenVMM-GitHub-ARM64-Pool-WestUS2 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-ARM64 - - JobId=job14-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + runs-on: ubuntu-24.04-arm permissions: contents: read id-token: write @@ -1569,11 +1565,7 @@ jobs: shell: bash job15: name: clippy [aarch64-linux-musl, misc nostd], unit tests [aarch64-linux-musl] - runs-on: - - self-hosted - - 1ES.Pool=OpenVMM-GitHub-ARM64-Pool-WestUS2 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-ARM64 - - JobId=job15-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + runs-on: ubuntu-24.04-arm permissions: contents: read id-token: write @@ -1841,9 +1833,10 @@ jobs: name: run vmm-tests [x64-windows-intel] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-Intel-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job16-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM + - Intel permissions: contents: read id-token: write @@ -2377,9 +2370,10 @@ jobs: name: run vmm-tests [x64-windows-amd] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job18-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM + - AMD permissions: contents: read id-token: write @@ -2913,9 +2907,9 @@ jobs: name: build artifacts (not for VMM tests) [aarch64-windows] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job2-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM permissions: contents: read id-token: write @@ -2995,8 +2989,6 @@ jobs: echo "${{ runner.temp }}\\publish_artifacts\\aarch64-windows-igvmfilegen" | flowey.exe v 2 'artifact_publish_from_aarch64-windows-igvmfilegen' --is-raw-string update mkdir -p "$AgentTempDirNormal/publish_artifacts/aarch64-windows-ohcldiag-dev" echo "${{ runner.temp }}\\publish_artifacts\\aarch64-windows-ohcldiag-dev" | flowey.exe v 2 'artifact_publish_from_aarch64-windows-ohcldiag-dev' --is-raw-string update - mkdir -p "$AgentTempDirNormal/publish_artifacts/aarch64-windows-vmgs_lib" - echo "${{ runner.temp }}\\publish_artifacts\\aarch64-windows-vmgs_lib" | flowey.exe v 2 'artifact_publish_from_aarch64-windows-vmgs_lib' --is-raw-string update shell: bash - name: add default cargo home to path run: flowey.exe e 2 flowey_lib_common::install_rust 0 @@ -3065,7 +3057,7 @@ jobs: - name: symlink protoc run: |- flowey.exe e 2 flowey_lib_hvlite::init_openvmm_magicpath_protoc 0 - flowey.exe e 2 flowey_lib_hvlite::init_cross_build 1 + flowey.exe e 2 flowey_lib_hvlite::init_cross_build 0 shell: bash - name: cargo build hypestv run: |- @@ -3073,31 +3065,22 @@ jobs: flowey.exe e 2 flowey_lib_hvlite::run_cargo_build 0 flowey.exe e 2 flowey_lib_hvlite::build_hypestv 0 flowey.exe e 2 flowey_core::pipeline::artifact::publish 0 - flowey.exe e 2 flowey_lib_hvlite::init_cross_build 0 - shell: bash - - name: cargo build vmgs_lib - run: |- - flowey.exe e 2 flowey_lib_common::run_cargo_build 3 - flowey.exe e 2 flowey_lib_hvlite::run_cargo_build 3 - flowey.exe e 2 flowey_lib_hvlite::build_and_test_vmgs_lib 0 - flowey.exe e 2 flowey_lib_hvlite::build_and_test_vmgs_lib 1 - flowey.exe e 2 flowey_core::pipeline::artifact::publish 1 - flowey.exe e 2 flowey_lib_hvlite::init_cross_build 2 + flowey.exe e 2 flowey_lib_hvlite::init_cross_build 1 shell: bash - name: cargo build igvmfilegen run: |- flowey.exe e 2 flowey_lib_common::run_cargo_build 1 flowey.exe e 2 flowey_lib_hvlite::run_cargo_build 1 flowey.exe e 2 flowey_lib_hvlite::build_igvmfilegen 0 - flowey.exe e 2 flowey_core::pipeline::artifact::publish 2 - flowey.exe e 2 flowey_lib_hvlite::init_cross_build 3 + flowey.exe e 2 flowey_core::pipeline::artifact::publish 1 + flowey.exe e 2 flowey_lib_hvlite::init_cross_build 2 shell: bash - name: cargo build ohcldiag-dev run: |- flowey.exe e 2 flowey_lib_common::run_cargo_build 2 flowey.exe e 2 flowey_lib_hvlite::run_cargo_build 2 flowey.exe e 2 flowey_lib_hvlite::build_ohcldiag_dev 0 - flowey.exe e 2 flowey_core::pipeline::artifact::publish 3 + flowey.exe e 2 flowey_core::pipeline::artifact::publish 2 shell: bash - name: 'validate cache entry: gh-release-download' run: flowey.exe e 2 flowey_lib_common::cache 3 @@ -3120,19 +3103,14 @@ jobs: name: aarch64-windows-ohcldiag-dev path: ${{ runner.temp }}/publish_artifacts/aarch64-windows-ohcldiag-dev/ include-hidden-files: true - - name: πŸŒΌπŸ“¦ Publish aarch64-windows-vmgs_lib - uses: actions/upload-artifact@v7 - with: - name: aarch64-windows-vmgs_lib - path: ${{ runner.temp }}/publish_artifacts/aarch64-windows-vmgs_lib/ - include-hidden-files: true job20: name: run vmm-tests [x64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job20-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM + - AMD permissions: contents: read id-token: write @@ -3175,12 +3153,12 @@ jobs: shell: bash - name: creating new test content dir run: |- - flowey e 20 flowey_core::pipeline::artifact::resolve 1 - flowey e 20 flowey_core::pipeline::artifact::resolve 0 flowey e 20 flowey_core::pipeline::artifact::resolve 2 flowey e 20 flowey_core::pipeline::artifact::resolve 5 flowey e 20 flowey_core::pipeline::artifact::resolve 3 flowey e 20 flowey_core::pipeline::artifact::resolve 6 + flowey e 20 flowey_core::pipeline::artifact::resolve 1 + flowey e 20 flowey_core::pipeline::artifact::resolve 0 flowey e 20 flowey_lib_hvlite::_jobs::consume_and_test_nextest_vmm_tests_archive 0 shell: bash - name: checking if packages need to be installed @@ -3756,9 +3734,9 @@ jobs: name: build artifacts (for VMM tests) [aarch64-windows] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job3-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM permissions: contents: read id-token: write @@ -3916,14 +3894,6 @@ jobs: - name: symlink protoc run: |- flowey.exe e 3 flowey_lib_hvlite::init_openvmm_magicpath_protoc 0 - flowey.exe e 3 flowey_lib_hvlite::init_cross_build 2 - shell: bash - - name: cargo build tmk_vmm - run: |- - flowey.exe e 3 flowey_lib_common::run_cargo_build 4 - flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 6 - flowey.exe e 3 flowey_lib_hvlite::build_tmk_vmm 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 4 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 7 shell: bash - name: cargo build prep_steps @@ -3931,7 +3901,7 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 2 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 2 flowey.exe e 3 flowey_lib_hvlite::build_prep_steps 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 5 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 4 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 4 shell: bash - name: cargo build vmgstool @@ -3939,7 +3909,7 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 6 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 10 flowey.exe e 3 flowey_lib_hvlite::build_vmgstool 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 6 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 5 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 3 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 7 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 8 @@ -3949,7 +3919,7 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 5 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 9 flowey.exe e 3 flowey_lib_hvlite::build_tpm_guest_tests 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 7 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 6 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 1 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 3 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 4 @@ -3959,7 +3929,7 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 3 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 5 flowey.exe e 3 flowey_lib_hvlite::build_test_igvm_agent_rpc_server 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 0 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 7 shell: bash - name: create cargo-nextest cache dir run: |- @@ -4000,7 +3970,7 @@ jobs: run: |- flowey.exe e 3 flowey_lib_common::run_cargo_nextest_archive 0 flowey.exe e 3 flowey_lib_hvlite::build_nextest_vmm_tests 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 1 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 0 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 5 shell: bash - name: cargo build openvmm @@ -4008,7 +3978,7 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 0 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 0 flowey.exe e 3 flowey_lib_hvlite::build_openvmm 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 2 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 1 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 6 shell: bash - name: cargo build pipette @@ -4016,6 +3986,14 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 1 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 1 flowey.exe e 3 flowey_lib_hvlite::build_pipette 0 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 2 + flowey.exe e 3 flowey_lib_hvlite::init_cross_build 2 + shell: bash + - name: cargo build tmk_vmm + run: |- + flowey.exe e 3 flowey_lib_common::run_cargo_build 4 + flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 6 + flowey.exe e 3 flowey_lib_hvlite::build_tmk_vmm 0 flowey.exe e 3 flowey_core::pipeline::artifact::publish 3 shell: bash - name: 'validate cache entry: cargo-nextest' @@ -4076,9 +4054,9 @@ jobs: name: build artifacts (not for VMM tests) [x64-windows] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job4-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM permissions: contents: read id-token: write @@ -4158,8 +4136,6 @@ jobs: echo "${{ runner.temp }}\\publish_artifacts\\x64-windows-igvmfilegen" | flowey.exe v 4 'artifact_publish_from_x64-windows-igvmfilegen' --is-raw-string update mkdir -p "$AgentTempDirNormal/publish_artifacts/x64-windows-ohcldiag-dev" echo "${{ runner.temp }}\\publish_artifacts\\x64-windows-ohcldiag-dev" | flowey.exe v 4 'artifact_publish_from_x64-windows-ohcldiag-dev' --is-raw-string update - mkdir -p "$AgentTempDirNormal/publish_artifacts/x64-windows-vmgs_lib" - echo "${{ runner.temp }}\\publish_artifacts\\x64-windows-vmgs_lib" | flowey.exe v 4 'artifact_publish_from_x64-windows-vmgs_lib' --is-raw-string update shell: bash - name: add default cargo home to path run: flowey.exe e 4 flowey_lib_common::install_rust 0 @@ -4228,7 +4204,7 @@ jobs: - name: symlink protoc run: |- flowey.exe e 4 flowey_lib_hvlite::init_openvmm_magicpath_protoc 0 - flowey.exe e 4 flowey_lib_hvlite::init_cross_build 1 + flowey.exe e 4 flowey_lib_hvlite::init_cross_build 0 shell: bash - name: cargo build hypestv run: |- @@ -4236,35 +4212,22 @@ jobs: flowey.exe e 4 flowey_lib_hvlite::run_cargo_build 0 flowey.exe e 4 flowey_lib_hvlite::build_hypestv 0 flowey.exe e 4 flowey_core::pipeline::artifact::publish 0 - flowey.exe e 4 flowey_lib_hvlite::init_cross_build 0 - shell: bash - - name: cargo build vmgs_lib - run: |- - flowey.exe e 4 flowey_lib_common::run_cargo_build 3 - flowey.exe e 4 flowey_lib_hvlite::run_cargo_build 3 - flowey.exe e 4 flowey_lib_hvlite::build_and_test_vmgs_lib 0 - shell: bash - - name: test vmgs_lib - run: |- - flowey.exe e 4 flowey_lib_hvlite::build_and_test_vmgs_lib 1 - flowey.exe e 4 flowey_lib_hvlite::build_and_test_vmgs_lib 2 - flowey.exe e 4 flowey_core::pipeline::artifact::publish 1 - flowey.exe e 4 flowey_lib_hvlite::init_cross_build 2 + flowey.exe e 4 flowey_lib_hvlite::init_cross_build 1 shell: bash - name: cargo build igvmfilegen run: |- flowey.exe e 4 flowey_lib_common::run_cargo_build 1 flowey.exe e 4 flowey_lib_hvlite::run_cargo_build 1 flowey.exe e 4 flowey_lib_hvlite::build_igvmfilegen 0 - flowey.exe e 4 flowey_core::pipeline::artifact::publish 2 - flowey.exe e 4 flowey_lib_hvlite::init_cross_build 3 + flowey.exe e 4 flowey_core::pipeline::artifact::publish 1 + flowey.exe e 4 flowey_lib_hvlite::init_cross_build 2 shell: bash - name: cargo build ohcldiag-dev run: |- flowey.exe e 4 flowey_lib_common::run_cargo_build 2 flowey.exe e 4 flowey_lib_hvlite::run_cargo_build 2 flowey.exe e 4 flowey_lib_hvlite::build_ohcldiag_dev 0 - flowey.exe e 4 flowey_core::pipeline::artifact::publish 3 + flowey.exe e 4 flowey_core::pipeline::artifact::publish 2 shell: bash - name: 'validate cache entry: gh-release-download' run: flowey.exe e 4 flowey_lib_common::cache 3 @@ -4287,19 +4250,13 @@ jobs: name: x64-windows-ohcldiag-dev path: ${{ runner.temp }}/publish_artifacts/x64-windows-ohcldiag-dev/ include-hidden-files: true - - name: πŸŒΌπŸ“¦ Publish x64-windows-vmgs_lib - uses: actions/upload-artifact@v7 - with: - name: x64-windows-vmgs_lib - path: ${{ runner.temp }}/publish_artifacts/x64-windows-vmgs_lib/ - include-hidden-files: true job5: name: build artifacts (for VMM tests) [x64-windows] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job5-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM permissions: contents: read id-token: write @@ -4625,9 +4582,9 @@ jobs: name: build artifacts [aarch64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job6-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -4903,9 +4860,9 @@ jobs: name: build artifacts [x64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job7-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -5237,9 +5194,9 @@ jobs: name: build openhcl [aarch64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job8-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -5520,9 +5477,9 @@ jobs: name: build openhcl [x64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job9-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write diff --git a/.github/workflows/openvmm-pr.yaml b/.github/workflows/openvmm-pr.yaml index 23b04c40c6..820f374726 100644 --- a/.github/workflows/openvmm-pr.yaml +++ b/.github/workflows/openvmm-pr.yaml @@ -28,9 +28,9 @@ jobs: name: quick check [fmt, clippy x64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job0-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -385,9 +385,9 @@ jobs: name: build openhcl [x64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job10-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -1195,9 +1195,9 @@ jobs: name: clippy [macos], unit tests [x64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job13-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -1409,9 +1409,9 @@ jobs: name: clippy [x64-linux-musl, misc nostd], unit tests [x64-linux-musl] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job14-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -2395,9 +2395,10 @@ jobs: name: run vmm-tests [x64-windows-intel] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-Intel-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job18-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM + - Intel permissions: contents: read id-token: write @@ -2931,9 +2932,9 @@ jobs: name: build artifacts (not for VMM tests) [aarch64-windows] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job2-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM permissions: contents: read id-token: write @@ -3013,8 +3014,6 @@ jobs: echo "${{ runner.temp }}\\publish_artifacts\\aarch64-windows-igvmfilegen" | flowey.exe v 2 'artifact_publish_from_aarch64-windows-igvmfilegen' --is-raw-string update mkdir -p "$AgentTempDirNormal/publish_artifacts/aarch64-windows-ohcldiag-dev" echo "${{ runner.temp }}\\publish_artifacts\\aarch64-windows-ohcldiag-dev" | flowey.exe v 2 'artifact_publish_from_aarch64-windows-ohcldiag-dev' --is-raw-string update - mkdir -p "$AgentTempDirNormal/publish_artifacts/aarch64-windows-vmgs_lib" - echo "${{ runner.temp }}\\publish_artifacts\\aarch64-windows-vmgs_lib" | flowey.exe v 2 'artifact_publish_from_aarch64-windows-vmgs_lib' --is-raw-string update shell: bash - name: add default cargo home to path run: flowey.exe e 2 flowey_lib_common::install_rust 0 @@ -3083,7 +3082,7 @@ jobs: - name: symlink protoc run: |- flowey.exe e 2 flowey_lib_hvlite::init_openvmm_magicpath_protoc 0 - flowey.exe e 2 flowey_lib_hvlite::init_cross_build 1 + flowey.exe e 2 flowey_lib_hvlite::init_cross_build 0 shell: bash - name: cargo build hypestv run: |- @@ -3091,31 +3090,22 @@ jobs: flowey.exe e 2 flowey_lib_hvlite::run_cargo_build 0 flowey.exe e 2 flowey_lib_hvlite::build_hypestv 0 flowey.exe e 2 flowey_core::pipeline::artifact::publish 0 - flowey.exe e 2 flowey_lib_hvlite::init_cross_build 0 - shell: bash - - name: cargo build vmgs_lib - run: |- - flowey.exe e 2 flowey_lib_common::run_cargo_build 3 - flowey.exe e 2 flowey_lib_hvlite::run_cargo_build 3 - flowey.exe e 2 flowey_lib_hvlite::build_and_test_vmgs_lib 0 - flowey.exe e 2 flowey_lib_hvlite::build_and_test_vmgs_lib 1 - flowey.exe e 2 flowey_core::pipeline::artifact::publish 1 - flowey.exe e 2 flowey_lib_hvlite::init_cross_build 2 + flowey.exe e 2 flowey_lib_hvlite::init_cross_build 1 shell: bash - name: cargo build igvmfilegen run: |- flowey.exe e 2 flowey_lib_common::run_cargo_build 1 flowey.exe e 2 flowey_lib_hvlite::run_cargo_build 1 flowey.exe e 2 flowey_lib_hvlite::build_igvmfilegen 0 - flowey.exe e 2 flowey_core::pipeline::artifact::publish 2 - flowey.exe e 2 flowey_lib_hvlite::init_cross_build 3 + flowey.exe e 2 flowey_core::pipeline::artifact::publish 1 + flowey.exe e 2 flowey_lib_hvlite::init_cross_build 2 shell: bash - name: cargo build ohcldiag-dev run: |- flowey.exe e 2 flowey_lib_common::run_cargo_build 2 flowey.exe e 2 flowey_lib_hvlite::run_cargo_build 2 flowey.exe e 2 flowey_lib_hvlite::build_ohcldiag_dev 0 - flowey.exe e 2 flowey_core::pipeline::artifact::publish 3 + flowey.exe e 2 flowey_core::pipeline::artifact::publish 2 shell: bash - name: 'validate cache entry: gh-release-download' run: flowey.exe e 2 flowey_lib_common::cache 3 @@ -3138,19 +3128,14 @@ jobs: name: aarch64-windows-ohcldiag-dev path: ${{ runner.temp }}/publish_artifacts/aarch64-windows-ohcldiag-dev/ include-hidden-files: true - - name: πŸŒΌπŸ“¦ Publish aarch64-windows-vmgs_lib - uses: actions/upload-artifact@v7 - with: - name: aarch64-windows-vmgs_lib - path: ${{ runner.temp }}/publish_artifacts/aarch64-windows-vmgs_lib/ - include-hidden-files: true job20: name: run vmm-tests [x64-windows-amd] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job20-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM + - AMD permissions: contents: read id-token: write @@ -3684,9 +3669,10 @@ jobs: name: run vmm-tests [x64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job22-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM + - AMD permissions: contents: read id-token: write @@ -3729,12 +3715,12 @@ jobs: shell: bash - name: creating new test content dir run: |- - flowey e 22 flowey_core::pipeline::artifact::resolve 1 - flowey e 22 flowey_core::pipeline::artifact::resolve 0 flowey e 22 flowey_core::pipeline::artifact::resolve 2 flowey e 22 flowey_core::pipeline::artifact::resolve 5 flowey e 22 flowey_core::pipeline::artifact::resolve 3 flowey e 22 flowey_core::pipeline::artifact::resolve 6 + flowey e 22 flowey_core::pipeline::artifact::resolve 1 + flowey e 22 flowey_core::pipeline::artifact::resolve 0 flowey e 22 flowey_lib_hvlite::_jobs::consume_and_test_nextest_vmm_tests_archive 0 shell: bash - name: checking if packages need to be installed @@ -4372,9 +4358,9 @@ jobs: name: build artifacts (for VMM tests) [aarch64-windows] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job3-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM permissions: contents: read id-token: write @@ -4532,14 +4518,6 @@ jobs: - name: symlink protoc run: |- flowey.exe e 3 flowey_lib_hvlite::init_openvmm_magicpath_protoc 0 - flowey.exe e 3 flowey_lib_hvlite::init_cross_build 2 - shell: bash - - name: cargo build tmk_vmm - run: |- - flowey.exe e 3 flowey_lib_common::run_cargo_build 4 - flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 6 - flowey.exe e 3 flowey_lib_hvlite::build_tmk_vmm 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 4 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 7 shell: bash - name: cargo build prep_steps @@ -4547,7 +4525,7 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 2 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 2 flowey.exe e 3 flowey_lib_hvlite::build_prep_steps 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 5 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 4 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 4 shell: bash - name: cargo build vmgstool @@ -4555,7 +4533,7 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 6 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 10 flowey.exe e 3 flowey_lib_hvlite::build_vmgstool 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 6 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 5 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 3 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 7 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 8 @@ -4565,7 +4543,7 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 5 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 9 flowey.exe e 3 flowey_lib_hvlite::build_tpm_guest_tests 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 7 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 6 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 1 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 3 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 4 @@ -4575,7 +4553,7 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 3 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 5 flowey.exe e 3 flowey_lib_hvlite::build_test_igvm_agent_rpc_server 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 0 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 7 shell: bash - name: create cargo-nextest cache dir run: |- @@ -4616,7 +4594,7 @@ jobs: run: |- flowey.exe e 3 flowey_lib_common::run_cargo_nextest_archive 0 flowey.exe e 3 flowey_lib_hvlite::build_nextest_vmm_tests 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 1 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 0 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 5 shell: bash - name: cargo build openvmm @@ -4624,7 +4602,7 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 0 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 0 flowey.exe e 3 flowey_lib_hvlite::build_openvmm 0 - flowey.exe e 3 flowey_core::pipeline::artifact::publish 2 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 1 flowey.exe e 3 flowey_lib_hvlite::init_cross_build 6 shell: bash - name: cargo build pipette @@ -4632,6 +4610,14 @@ jobs: flowey.exe e 3 flowey_lib_common::run_cargo_build 1 flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 1 flowey.exe e 3 flowey_lib_hvlite::build_pipette 0 + flowey.exe e 3 flowey_core::pipeline::artifact::publish 2 + flowey.exe e 3 flowey_lib_hvlite::init_cross_build 2 + shell: bash + - name: cargo build tmk_vmm + run: |- + flowey.exe e 3 flowey_lib_common::run_cargo_build 4 + flowey.exe e 3 flowey_lib_hvlite::run_cargo_build 6 + flowey.exe e 3 flowey_lib_hvlite::build_tmk_vmm 0 flowey.exe e 3 flowey_core::pipeline::artifact::publish 3 shell: bash - name: 'validate cache entry: cargo-nextest' @@ -4692,9 +4678,9 @@ jobs: name: build artifacts (not for VMM tests) [x64-windows] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job4-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM permissions: contents: read id-token: write @@ -4774,8 +4760,6 @@ jobs: echo "${{ runner.temp }}\\publish_artifacts\\x64-windows-igvmfilegen" | flowey.exe v 4 'artifact_publish_from_x64-windows-igvmfilegen' --is-raw-string update mkdir -p "$AgentTempDirNormal/publish_artifacts/x64-windows-ohcldiag-dev" echo "${{ runner.temp }}\\publish_artifacts\\x64-windows-ohcldiag-dev" | flowey.exe v 4 'artifact_publish_from_x64-windows-ohcldiag-dev' --is-raw-string update - mkdir -p "$AgentTempDirNormal/publish_artifacts/x64-windows-vmgs_lib" - echo "${{ runner.temp }}\\publish_artifacts\\x64-windows-vmgs_lib" | flowey.exe v 4 'artifact_publish_from_x64-windows-vmgs_lib' --is-raw-string update shell: bash - name: add default cargo home to path run: flowey.exe e 4 flowey_lib_common::install_rust 0 @@ -4844,7 +4828,7 @@ jobs: - name: symlink protoc run: |- flowey.exe e 4 flowey_lib_hvlite::init_openvmm_magicpath_protoc 0 - flowey.exe e 4 flowey_lib_hvlite::init_cross_build 1 + flowey.exe e 4 flowey_lib_hvlite::init_cross_build 0 shell: bash - name: cargo build hypestv run: |- @@ -4852,35 +4836,22 @@ jobs: flowey.exe e 4 flowey_lib_hvlite::run_cargo_build 0 flowey.exe e 4 flowey_lib_hvlite::build_hypestv 0 flowey.exe e 4 flowey_core::pipeline::artifact::publish 0 - flowey.exe e 4 flowey_lib_hvlite::init_cross_build 0 - shell: bash - - name: cargo build vmgs_lib - run: |- - flowey.exe e 4 flowey_lib_common::run_cargo_build 3 - flowey.exe e 4 flowey_lib_hvlite::run_cargo_build 3 - flowey.exe e 4 flowey_lib_hvlite::build_and_test_vmgs_lib 0 - shell: bash - - name: test vmgs_lib - run: |- - flowey.exe e 4 flowey_lib_hvlite::build_and_test_vmgs_lib 1 - flowey.exe e 4 flowey_lib_hvlite::build_and_test_vmgs_lib 2 - flowey.exe e 4 flowey_core::pipeline::artifact::publish 1 - flowey.exe e 4 flowey_lib_hvlite::init_cross_build 2 + flowey.exe e 4 flowey_lib_hvlite::init_cross_build 1 shell: bash - name: cargo build igvmfilegen run: |- flowey.exe e 4 flowey_lib_common::run_cargo_build 1 flowey.exe e 4 flowey_lib_hvlite::run_cargo_build 1 flowey.exe e 4 flowey_lib_hvlite::build_igvmfilegen 0 - flowey.exe e 4 flowey_core::pipeline::artifact::publish 2 - flowey.exe e 4 flowey_lib_hvlite::init_cross_build 3 + flowey.exe e 4 flowey_core::pipeline::artifact::publish 1 + flowey.exe e 4 flowey_lib_hvlite::init_cross_build 2 shell: bash - name: cargo build ohcldiag-dev run: |- flowey.exe e 4 flowey_lib_common::run_cargo_build 2 flowey.exe e 4 flowey_lib_hvlite::run_cargo_build 2 flowey.exe e 4 flowey_lib_hvlite::build_ohcldiag_dev 0 - flowey.exe e 4 flowey_core::pipeline::artifact::publish 3 + flowey.exe e 4 flowey_core::pipeline::artifact::publish 2 shell: bash - name: 'validate cache entry: gh-release-download' run: flowey.exe e 4 flowey_lib_common::cache 3 @@ -4903,19 +4874,13 @@ jobs: name: x64-windows-ohcldiag-dev path: ${{ runner.temp }}/publish_artifacts/x64-windows-ohcldiag-dev/ include-hidden-files: true - - name: πŸŒΌπŸ“¦ Publish x64-windows-vmgs_lib - uses: actions/upload-artifact@v7 - with: - name: x64-windows-vmgs_lib - path: ${{ runner.temp }}/publish_artifacts/x64-windows-vmgs_lib/ - include-hidden-files: true job5: name: build artifacts (for VMM tests) [x64-windows] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Windows-Prerelease - - JobId=job5-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Windows + - X64 + - VM permissions: contents: read id-token: write @@ -5241,9 +5206,9 @@ jobs: name: build artifacts [aarch64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job6-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -5519,9 +5484,9 @@ jobs: name: build artifacts [x64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job7-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write @@ -5853,9 +5818,9 @@ jobs: name: build openhcl [aarch64-linux] runs-on: - self-hosted - - 1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3 - - 1ES.ImageOverride=OpenVMM-CI-Ubuntu24.04-AMD64 - - JobId=job8-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }} + - Linux + - X64 + - VM permissions: contents: read id-token: write diff --git a/ci-flowey/openvmm-pr.yaml b/ci-flowey/openvmm-pr.yaml index b8b74ed7a4..5131d35a7b 100644 --- a/ci-flowey/openvmm-pr.yaml +++ b/ci-flowey/openvmm-pr.yaml @@ -3077,8 +3077,6 @@ jobs: echo "$(FLOWEY_TEMP_DIR)/publish_artifacts/x64-windows-igvmfilegen" | $FLOWEY_BIN v 4 'artifact_publish_from_x64-windows-igvmfilegen' --is-raw-string update mkdir -p "$(AgentTempDirNormal)/publish_artifacts/x64-windows-ohcldiag-dev" echo "$(FLOWEY_TEMP_DIR)/publish_artifacts/x64-windows-ohcldiag-dev" | $FLOWEY_BIN v 4 'artifact_publish_from_x64-windows-ohcldiag-dev' --is-raw-string update - mkdir -p "$(AgentTempDirNormal)/publish_artifacts/x64-windows-vmgs_lib" - echo "$(FLOWEY_TEMP_DIR)/publish_artifacts/x64-windows-vmgs_lib" | $FLOWEY_BIN v 4 'artifact_publish_from_x64-windows-vmgs_lib' --is-raw-string update displayName: πŸŒΌπŸ›« Initialize job - bash: $(FLOWEY_BIN) e 4 flowey_lib_common::install_rust 0 displayName: install Rust @@ -3139,7 +3137,7 @@ jobs: - bash: |- set -e $(FLOWEY_BIN) e 4 flowey_lib_hvlite::init_openvmm_magicpath_protoc 0 - $(FLOWEY_BIN) e 4 flowey_lib_hvlite::init_cross_build 1 + $(FLOWEY_BIN) e 4 flowey_lib_hvlite::init_cross_build 0 displayName: symlink protoc - bash: |- set -e @@ -3147,35 +3145,22 @@ jobs: $(FLOWEY_BIN) e 4 flowey_lib_hvlite::run_cargo_build 0 $(FLOWEY_BIN) e 4 flowey_lib_hvlite::build_hypestv 0 $(FLOWEY_BIN) e 4 flowey_core::pipeline::artifact::publish 0 - $(FLOWEY_BIN) e 4 flowey_lib_hvlite::init_cross_build 0 + $(FLOWEY_BIN) e 4 flowey_lib_hvlite::init_cross_build 1 displayName: cargo build hypestv - - bash: |- - set -e - $(FLOWEY_BIN) e 4 flowey_lib_common::run_cargo_build 3 - $(FLOWEY_BIN) e 4 flowey_lib_hvlite::run_cargo_build 3 - $(FLOWEY_BIN) e 4 flowey_lib_hvlite::build_and_test_vmgs_lib 0 - displayName: cargo build vmgs_lib - - bash: |- - set -e - $(FLOWEY_BIN) e 4 flowey_lib_hvlite::build_and_test_vmgs_lib 1 - $(FLOWEY_BIN) e 4 flowey_lib_hvlite::build_and_test_vmgs_lib 2 - $(FLOWEY_BIN) e 4 flowey_core::pipeline::artifact::publish 1 - $(FLOWEY_BIN) e 4 flowey_lib_hvlite::init_cross_build 2 - displayName: test vmgs_lib - bash: |- set -e $(FLOWEY_BIN) e 4 flowey_lib_common::run_cargo_build 1 $(FLOWEY_BIN) e 4 flowey_lib_hvlite::run_cargo_build 1 $(FLOWEY_BIN) e 4 flowey_lib_hvlite::build_igvmfilegen 0 - $(FLOWEY_BIN) e 4 flowey_core::pipeline::artifact::publish 2 - $(FLOWEY_BIN) e 4 flowey_lib_hvlite::init_cross_build 3 + $(FLOWEY_BIN) e 4 flowey_core::pipeline::artifact::publish 1 + $(FLOWEY_BIN) e 4 flowey_lib_hvlite::init_cross_build 2 displayName: cargo build igvmfilegen - bash: |- set -e $(FLOWEY_BIN) e 4 flowey_lib_common::run_cargo_build 2 $(FLOWEY_BIN) e 4 flowey_lib_hvlite::run_cargo_build 2 $(FLOWEY_BIN) e 4 flowey_lib_hvlite::build_ohcldiag_dev 0 - $(FLOWEY_BIN) e 4 flowey_core::pipeline::artifact::publish 3 + $(FLOWEY_BIN) e 4 flowey_core::pipeline::artifact::publish 2 displayName: cargo build ohcldiag-dev - bash: $(FLOWEY_BIN) e 4 flowey_lib_common::cache 3 displayName: 'validate cache entry: gh-release-download' @@ -3188,9 +3173,6 @@ jobs: - publish: $(FLOWEY_TEMP_DIR)/publish_artifacts/x64-windows-ohcldiag-dev displayName: πŸŒΌπŸ“¦ Publish x64-windows-ohcldiag-dev artifact: x64-windows-ohcldiag-dev - - publish: $(FLOWEY_TEMP_DIR)/publish_artifacts/x64-windows-vmgs_lib - displayName: πŸŒΌπŸ“¦ Publish x64-windows-vmgs_lib - artifact: x64-windows-vmgs_lib - job: job3 displayName: build artifacts (for VMM tests) [aarch64-windows] pool: HvLite-CI-Win-Pool @@ -3345,22 +3327,14 @@ jobs: - bash: |- set -e $(FLOWEY_BIN) e 3 flowey_lib_hvlite::init_openvmm_magicpath_protoc 0 - $(FLOWEY_BIN) e 3 flowey_lib_hvlite::init_cross_build 2 - displayName: symlink protoc - - bash: |- - set -e - $(FLOWEY_BIN) e 3 flowey_lib_common::run_cargo_build 4 - $(FLOWEY_BIN) e 3 flowey_lib_hvlite::run_cargo_build 6 - $(FLOWEY_BIN) e 3 flowey_lib_hvlite::build_tmk_vmm 0 - $(FLOWEY_BIN) e 3 flowey_core::pipeline::artifact::publish 4 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::init_cross_build 7 - displayName: cargo build tmk_vmm + displayName: symlink protoc - bash: |- set -e $(FLOWEY_BIN) e 3 flowey_lib_common::run_cargo_build 2 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::run_cargo_build 2 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::build_prep_steps 0 - $(FLOWEY_BIN) e 3 flowey_core::pipeline::artifact::publish 5 + $(FLOWEY_BIN) e 3 flowey_core::pipeline::artifact::publish 4 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::init_cross_build 4 displayName: cargo build prep_steps - bash: |- @@ -3368,7 +3342,7 @@ jobs: $(FLOWEY_BIN) e 3 flowey_lib_common::run_cargo_build 6 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::run_cargo_build 10 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::build_vmgstool 0 - $(FLOWEY_BIN) e 3 flowey_core::pipeline::artifact::publish 6 + $(FLOWEY_BIN) e 3 flowey_core::pipeline::artifact::publish 5 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::init_cross_build 3 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::run_cargo_build 7 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::run_cargo_build 8 @@ -3378,7 +3352,7 @@ jobs: $(FLOWEY_BIN) e 3 flowey_lib_common::run_cargo_build 5 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::run_cargo_build 9 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::build_tpm_guest_tests 0 - $(FLOWEY_BIN) e 3 flowey_core::pipeline::artifact::publish 7 + $(FLOWEY_BIN) e 3 flowey_core::pipeline::artifact::publish 6 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::init_cross_build 1 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::run_cargo_build 3 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::run_cargo_build 4 @@ -3388,7 +3362,7 @@ jobs: $(FLOWEY_BIN) e 3 flowey_lib_common::run_cargo_build 3 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::run_cargo_build 5 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::build_test_igvm_agent_rpc_server 0 - $(FLOWEY_BIN) e 3 flowey_core::pipeline::artifact::publish 0 + $(FLOWEY_BIN) e 3 flowey_core::pipeline::artifact::publish 7 displayName: cargo build test_igvm_agent_rpc_server - bash: |- set -e @@ -3429,7 +3403,7 @@ jobs: set -e $(FLOWEY_BIN) e 3 flowey_lib_common::run_cargo_nextest_archive 0 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::build_nextest_vmm_tests 0 - $(FLOWEY_BIN) e 3 flowey_core::pipeline::artifact::publish 1 + $(FLOWEY_BIN) e 3 flowey_core::pipeline::artifact::publish 0 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::init_cross_build 5 displayName: build + archive 'vmm_tests' nextests - bash: |- @@ -3437,7 +3411,7 @@ jobs: $(FLOWEY_BIN) e 3 flowey_lib_common::run_cargo_build 0 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::run_cargo_build 0 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::build_openvmm 0 - $(FLOWEY_BIN) e 3 flowey_core::pipeline::artifact::publish 2 + $(FLOWEY_BIN) e 3 flowey_core::pipeline::artifact::publish 1 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::init_cross_build 6 displayName: cargo build openvmm - bash: |- @@ -3445,8 +3419,16 @@ jobs: $(FLOWEY_BIN) e 3 flowey_lib_common::run_cargo_build 1 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::run_cargo_build 1 $(FLOWEY_BIN) e 3 flowey_lib_hvlite::build_pipette 0 - $(FLOWEY_BIN) e 3 flowey_core::pipeline::artifact::publish 3 + $(FLOWEY_BIN) e 3 flowey_core::pipeline::artifact::publish 2 + $(FLOWEY_BIN) e 3 flowey_lib_hvlite::init_cross_build 2 displayName: cargo build pipette + - bash: |- + set -e + $(FLOWEY_BIN) e 3 flowey_lib_common::run_cargo_build 4 + $(FLOWEY_BIN) e 3 flowey_lib_hvlite::run_cargo_build 6 + $(FLOWEY_BIN) e 3 flowey_lib_hvlite::build_tmk_vmm 0 + $(FLOWEY_BIN) e 3 flowey_core::pipeline::artifact::publish 3 + displayName: cargo build tmk_vmm - bash: $(FLOWEY_BIN) e 3 flowey_lib_common::cache 3 displayName: 'validate cache entry: cargo-nextest' - bash: $(FLOWEY_BIN) e 3 flowey_lib_common::cache 7 @@ -3559,8 +3541,6 @@ jobs: echo "$(FLOWEY_TEMP_DIR)/publish_artifacts/aarch64-windows-igvmfilegen" | $FLOWEY_BIN v 2 'artifact_publish_from_aarch64-windows-igvmfilegen' --is-raw-string update mkdir -p "$(AgentTempDirNormal)/publish_artifacts/aarch64-windows-ohcldiag-dev" echo "$(FLOWEY_TEMP_DIR)/publish_artifacts/aarch64-windows-ohcldiag-dev" | $FLOWEY_BIN v 2 'artifact_publish_from_aarch64-windows-ohcldiag-dev' --is-raw-string update - mkdir -p "$(AgentTempDirNormal)/publish_artifacts/aarch64-windows-vmgs_lib" - echo "$(FLOWEY_TEMP_DIR)/publish_artifacts/aarch64-windows-vmgs_lib" | $FLOWEY_BIN v 2 'artifact_publish_from_aarch64-windows-vmgs_lib' --is-raw-string update displayName: πŸŒΌπŸ›« Initialize job - bash: $(FLOWEY_BIN) e 2 flowey_lib_common::install_rust 0 displayName: install Rust @@ -3621,7 +3601,7 @@ jobs: - bash: |- set -e $(FLOWEY_BIN) e 2 flowey_lib_hvlite::init_openvmm_magicpath_protoc 0 - $(FLOWEY_BIN) e 2 flowey_lib_hvlite::init_cross_build 1 + $(FLOWEY_BIN) e 2 flowey_lib_hvlite::init_cross_build 0 displayName: symlink protoc - bash: |- set -e @@ -3629,31 +3609,22 @@ jobs: $(FLOWEY_BIN) e 2 flowey_lib_hvlite::run_cargo_build 0 $(FLOWEY_BIN) e 2 flowey_lib_hvlite::build_hypestv 0 $(FLOWEY_BIN) e 2 flowey_core::pipeline::artifact::publish 0 - $(FLOWEY_BIN) e 2 flowey_lib_hvlite::init_cross_build 0 + $(FLOWEY_BIN) e 2 flowey_lib_hvlite::init_cross_build 1 displayName: cargo build hypestv - - bash: |- - set -e - $(FLOWEY_BIN) e 2 flowey_lib_common::run_cargo_build 3 - $(FLOWEY_BIN) e 2 flowey_lib_hvlite::run_cargo_build 3 - $(FLOWEY_BIN) e 2 flowey_lib_hvlite::build_and_test_vmgs_lib 0 - $(FLOWEY_BIN) e 2 flowey_lib_hvlite::build_and_test_vmgs_lib 1 - $(FLOWEY_BIN) e 2 flowey_core::pipeline::artifact::publish 1 - $(FLOWEY_BIN) e 2 flowey_lib_hvlite::init_cross_build 2 - displayName: cargo build vmgs_lib - bash: |- set -e $(FLOWEY_BIN) e 2 flowey_lib_common::run_cargo_build 1 $(FLOWEY_BIN) e 2 flowey_lib_hvlite::run_cargo_build 1 $(FLOWEY_BIN) e 2 flowey_lib_hvlite::build_igvmfilegen 0 - $(FLOWEY_BIN) e 2 flowey_core::pipeline::artifact::publish 2 - $(FLOWEY_BIN) e 2 flowey_lib_hvlite::init_cross_build 3 + $(FLOWEY_BIN) e 2 flowey_core::pipeline::artifact::publish 1 + $(FLOWEY_BIN) e 2 flowey_lib_hvlite::init_cross_build 2 displayName: cargo build igvmfilegen - bash: |- set -e $(FLOWEY_BIN) e 2 flowey_lib_common::run_cargo_build 2 $(FLOWEY_BIN) e 2 flowey_lib_hvlite::run_cargo_build 2 $(FLOWEY_BIN) e 2 flowey_lib_hvlite::build_ohcldiag_dev 0 - $(FLOWEY_BIN) e 2 flowey_core::pipeline::artifact::publish 3 + $(FLOWEY_BIN) e 2 flowey_core::pipeline::artifact::publish 2 displayName: cargo build ohcldiag-dev - bash: $(FLOWEY_BIN) e 2 flowey_lib_common::cache 3 displayName: 'validate cache entry: gh-release-download' @@ -3666,9 +3637,6 @@ jobs: - publish: $(FLOWEY_TEMP_DIR)/publish_artifacts/aarch64-windows-ohcldiag-dev displayName: πŸŒΌπŸ“¦ Publish aarch64-windows-ohcldiag-dev artifact: aarch64-windows-ohcldiag-dev - - publish: $(FLOWEY_TEMP_DIR)/publish_artifacts/aarch64-windows-vmgs_lib - displayName: πŸŒΌπŸ“¦ Publish aarch64-windows-vmgs_lib - artifact: aarch64-windows-vmgs_lib - job: job1 displayName: xtask fmt (windows) pool: HvLite-CI-Win-Pool diff --git a/flowey/flowey_hvlite/src/pipelines/checkin_gates.rs b/flowey/flowey_hvlite/src/pipelines/checkin_gates.rs index deaa2b21f3..7eda156810 100644 --- a/flowey/flowey_hvlite/src/pipelines/checkin_gates.rs +++ b/flowey/flowey_hvlite/src/pipelines/checkin_gates.rs @@ -209,7 +209,7 @@ impl IntoPipeline for CheckinGatesCli { FlowArch::X86_64, "quick check [fmt, clippy x64-linux]", ) - .gh_set_pool(crate::pipelines_shared::gh_pools::linux_self_hosted_largedisk()) + .gh_set_pool(crate::pipelines_shared::gh_pools::linux_self_hosted_vm()) .ado_set_pool(crate::pipelines_shared::ado_pools::default_x86_pool( FlowPlatform::Linux(FlowPlatformLinuxDistro::Ubuntu), )) @@ -346,8 +346,8 @@ impl IntoPipeline for CheckinGatesCli { // artifacts which _are not_ in the VMM tests "hot path" let (pub_igvmfilegen, _use_igvmfilegen) = pipeline.new_typed_artifact(format!("{arch_tag}-windows-igvmfilegen")); - let (pub_vmgs_lib, _use_vmgs_lib) = - pipeline.new_typed_artifact(format!("{arch_tag}-windows-vmgs_lib")); + // let (pub_vmgs_lib, _use_vmgs_lib) = + // pipeline.new_typed_artifact(format!("{arch_tag}-windows-vmgs_lib")); let (pub_hypestv, _use_hypestv) = pipeline.new_typed_artifact(format!("{arch_tag}-windows-hypestv")); let (pub_ohcldiag_dev, _use_ohcldiag_dev) = @@ -359,7 +359,7 @@ impl IntoPipeline for CheckinGatesCli { FlowArch::X86_64, format!("build artifacts (not for VMM tests) [{arch_tag}-windows]"), ) - .gh_set_pool(crate::pipelines_shared::gh_pools::windows_amd_self_hosted_largedisk()) + .gh_set_pool(crate::pipelines_shared::gh_pools::windows_self_hosted_vm()) .ado_set_pool(crate::pipelines_shared::ado_pools::default_x86_pool( FlowPlatform::Windows, )) @@ -371,14 +371,15 @@ impl IntoPipeline for CheckinGatesCli { profile: CommonProfile::from_release(release), hypestv: ctx.publish_typed_artifact(pub_hypestv), }) - .dep_on(|ctx| flowey_lib_hvlite::build_and_test_vmgs_lib::Request { - target: CommonTriple::Common { - arch, - platform: CommonPlatform::WindowsMsvc, - }, - profile: CommonProfile::from_release(release), - vmgs_lib: ctx.publish_typed_artifact(pub_vmgs_lib), - }) + // This was failing on the self hosted VM runners, so just skip since we don't use it anyway. + // .dep_on(|ctx| flowey_lib_hvlite::build_and_test_vmgs_lib::Request { + // target: CommonTriple::Common { + // arch, + // platform: CommonPlatform::WindowsMsvc, + // }, + // profile: CommonProfile::from_release(release), + // vmgs_lib: ctx.publish_typed_artifact(pub_vmgs_lib), + // }) .dep_on(|ctx| flowey_lib_hvlite::build_igvmfilegen::Request { build_params: flowey_lib_hvlite::build_igvmfilegen::IgvmfilegenBuildParams { target: CommonTriple::Common { @@ -418,7 +419,7 @@ impl IntoPipeline for CheckinGatesCli { FlowArch::X86_64, format!("build artifacts (for VMM tests) [{arch_tag}-windows]"), ) - .gh_set_pool(crate::pipelines_shared::gh_pools::windows_amd_self_hosted_largedisk()) + .gh_set_pool(crate::pipelines_shared::gh_pools::windows_self_hosted_vm()) .ado_set_pool(crate::pipelines_shared::ado_pools::default_x86_pool( FlowPlatform::Windows, )) @@ -591,7 +592,7 @@ impl IntoPipeline for CheckinGatesCli { FlowArch::X86_64, format!("build artifacts [{arch_tag}-linux]"), ) - .gh_set_pool(crate::pipelines_shared::gh_pools::linux_self_hosted_largedisk()) + .gh_set_pool(crate::pipelines_shared::gh_pools::linux_self_hosted_vm()) .ado_set_pool(crate::pipelines_shared::ado_pools::default_x86_pool( FlowPlatform::Linux(FlowPlatformLinuxDistro::Ubuntu), )) @@ -761,7 +762,7 @@ impl IntoPipeline for CheckinGatesCli { FlowArch::X86_64, build_openhcl_job_tag(arch_tag), ) - .gh_set_pool(crate::pipelines_shared::gh_pools::linux_self_hosted_largedisk()) + .gh_set_pool(crate::pipelines_shared::gh_pools::linux_self_hosted_vm()) .ado_set_pool(crate::pipelines_shared::ado_pools::default_x86_pool( FlowPlatform::Linux(FlowPlatformLinuxDistro::Ubuntu), )) @@ -864,7 +865,7 @@ impl IntoPipeline for CheckinGatesCli { platform: FlowPlatform::Windows, arch: FlowArch::X86_64, gh_pool: if release { - crate::pipelines_shared::gh_pools::windows_amd_self_hosted_largedisk() + crate::pipelines_shared::gh_pools::windows_self_hosted_vm() } else { crate::pipelines_shared::gh_pools::gh_hosted_x64_windows() }, @@ -882,7 +883,7 @@ impl IntoPipeline for CheckinGatesCli { arch: FlowArch::X86_64, // This job fails on github runners for an unknown reason, so // use self-hosted runners for now. - gh_pool: crate::pipelines_shared::gh_pools::linux_self_hosted_largedisk(), + gh_pool: crate::pipelines_shared::gh_pools::linux_self_hosted_vm(), clippy_targets: if quick_check_job.is_some() { // Phase 1 already ran clippy for x64-linux; // still need macos cross-clippy here. @@ -903,7 +904,7 @@ impl IntoPipeline for CheckinGatesCli { arch: FlowArch::X86_64, // This job fails on github runners due to disk space exhaustion, so // use self-hosted runners for now. - gh_pool: crate::pipelines_shared::gh_pools::linux_self_hosted_largedisk(), + gh_pool: crate::pipelines_shared::gh_pools::linux_self_hosted_vm(), clippy_targets: Some(( "x64-linux-musl, misc nostd", &[(openhcl_musl_target(CommonArch::X86_64), true)], @@ -914,7 +915,7 @@ impl IntoPipeline for CheckinGatesCli { platform: FlowPlatform::Windows, arch: FlowArch::Aarch64, gh_pool: if release { - crate::pipelines_shared::gh_pools::windows_arm_self_hosted() + crate::pipelines_shared::gh_pools::windows_arm_self_hosted_baremetal() } else { crate::pipelines_shared::gh_pools::gh_hosted_arm_windows() }, @@ -930,11 +931,7 @@ impl IntoPipeline for CheckinGatesCli { ClippyUnitTestJobParams { platform: FlowPlatform::Linux(FlowPlatformLinuxDistro::Ubuntu), arch: FlowArch::Aarch64, - gh_pool: if release { - crate::pipelines_shared::gh_pools::linux_arm_self_hosted() - } else { - crate::pipelines_shared::gh_pools::gh_hosted_arm_linux() - }, + gh_pool: crate::pipelines_shared::gh_pools::gh_hosted_arm_linux(), clippy_targets: Some(( "aarch64-linux", &[(target_lexicon::triple!("aarch64-unknown-linux-gnu"), false)], @@ -947,11 +944,7 @@ impl IntoPipeline for CheckinGatesCli { ClippyUnitTestJobParams { platform: FlowPlatform::Linux(FlowPlatformLinuxDistro::Ubuntu), arch: FlowArch::Aarch64, - gh_pool: if release { - crate::pipelines_shared::gh_pools::linux_arm_self_hosted() - } else { - crate::pipelines_shared::gh_pools::gh_hosted_arm_linux() - }, + gh_pool: crate::pipelines_shared::gh_pools::gh_hosted_arm_linux(), clippy_targets: Some(( "aarch64-linux-musl, misc nostd", &[(openhcl_musl_target(CommonArch::Aarch64), true)], @@ -1186,7 +1179,7 @@ impl IntoPipeline for CheckinGatesCli { VmmTestJobParams { platform: FlowPlatform::Windows, arch: FlowArch::X86_64, - gh_pool: crate::pipelines_shared::gh_pools::windows_intel_self_hosted_largedisk(), + gh_pool: crate::pipelines_shared::gh_pools::windows_intel_self_hosted_vm(), label: "x64-windows-intel", target: CommonTriple::X86_64_WINDOWS_MSVC, resolve_vmm_tests_artifacts: vmm_tests_artifacts_windows_intel_x86, @@ -1208,7 +1201,7 @@ impl IntoPipeline for CheckinGatesCli { VmmTestJobParams { platform: FlowPlatform::Windows, arch: FlowArch::X86_64, - gh_pool: crate::pipelines_shared::gh_pools::windows_amd_self_hosted_largedisk(), + gh_pool: crate::pipelines_shared::gh_pools::windows_amd_self_hosted_vm(), label: "x64-windows-amd", target: CommonTriple::X86_64_WINDOWS_MSVC, resolve_vmm_tests_artifacts: vmm_tests_artifacts_windows_amd_x86, @@ -1230,7 +1223,7 @@ impl IntoPipeline for CheckinGatesCli { VmmTestJobParams { platform: FlowPlatform::Linux(FlowPlatformLinuxDistro::Ubuntu), arch: FlowArch::X86_64, - gh_pool: crate::pipelines_shared::gh_pools::linux_self_hosted_largedisk(), + gh_pool: crate::pipelines_shared::gh_pools::linux_amd_self_hosted_vm(), label: "x64-linux", target: CommonTriple::X86_64_LINUX_GNU, resolve_vmm_tests_artifacts: vmm_tests_artifacts_linux_x86, diff --git a/flowey/flowey_hvlite/src/pipelines_shared/gh_pools.rs b/flowey/flowey_hvlite/src/pipelines_shared/gh_pools.rs index 74fe10a3d4..d8f8ad5c57 100644 --- a/flowey/flowey_hvlite/src/pipelines_shared/gh_pools.rs +++ b/flowey/flowey_hvlite/src/pipelines_shared/gh_pools.rs @@ -8,7 +8,7 @@ use flowey::pipeline::prelude::*; /// This overrides the default image with a larger disk image for use with /// jobs that require more than the default disk space (e.g. to ensure vmm_tests /// have enough space to download test VHDs) -pub fn windows_amd_self_hosted_largedisk() -> GhRunner { +pub fn windows_amd_1es_hosted_largedisk() -> GhRunner { GhRunner::SelfHosted(vec![ "self-hosted".to_string(), "1ES.Pool=OpenVMM-GitHub-Win-Pool-WestUS3".to_string(), @@ -19,7 +19,7 @@ pub fn windows_amd_self_hosted_largedisk() -> GhRunner { /// This overrides the default image with a larger disk image for use with /// jobs that require more than the default disk space (e.g. to ensure vmm_tests /// have enough space to download test VHDs) -pub fn windows_intel_self_hosted_largedisk() -> GhRunner { +pub fn windows_intel_1es_hosted_largedisk() -> GhRunner { GhRunner::SelfHosted(vec![ "self-hosted".to_string(), "1ES.Pool=OpenVMM-GitHub-Win-Pool-Intel-WestUS3".to_string(), @@ -27,7 +27,7 @@ pub fn windows_intel_self_hosted_largedisk() -> GhRunner { ]) } -pub fn windows_arm_self_hosted() -> GhRunner { +pub fn windows_arm_1es_hosted() -> GhRunner { GhRunner::SelfHosted(vec![ "self-hosted".to_string(), "1ES.Pool=OpenVMM-GitHub-ARM64-Pool-WestUS2".to_string(), @@ -35,7 +35,7 @@ pub fn windows_arm_self_hosted() -> GhRunner { ]) } -pub fn linux_arm_self_hosted() -> GhRunner { +pub fn linux_arm_1es_hosted() -> GhRunner { GhRunner::SelfHosted(vec![ "self-hosted".to_string(), "1ES.Pool=OpenVMM-GitHub-ARM64-Pool-WestUS2".to_string(), @@ -43,7 +43,7 @@ pub fn linux_arm_self_hosted() -> GhRunner { ]) } -pub fn linux_self_hosted_largedisk() -> GhRunner { +pub fn linux_1es_hosted_largedisk() -> GhRunner { GhRunner::SelfHosted(vec![ "self-hosted".to_string(), "1ES.Pool=OpenVMM-GitHub-Linux-Pool-WestUS3".to_string(), @@ -95,3 +95,61 @@ pub fn windows_snp_self_hosted_baremetal() -> GhRunner { "Baremetal".to_string(), ]) } + +pub fn windows_self_hosted_vm() -> GhRunner { + GhRunner::SelfHosted(vec![ + "self-hosted".to_string(), + "Windows".to_string(), + "X64".to_string(), + "VM".to_string(), + ]) +} + +pub fn windows_amd_self_hosted_vm() -> GhRunner { + GhRunner::SelfHosted(vec![ + "self-hosted".to_string(), + "Windows".to_string(), + "X64".to_string(), + "VM".to_string(), + "AMD".to_string(), + ]) +} + +pub fn windows_intel_self_hosted_vm() -> GhRunner { + GhRunner::SelfHosted(vec![ + "self-hosted".to_string(), + "Windows".to_string(), + "X64".to_string(), + "VM".to_string(), + "Intel".to_string(), + ]) +} + +pub fn linux_self_hosted_vm() -> GhRunner { + GhRunner::SelfHosted(vec![ + "self-hosted".to_string(), + "Linux".to_string(), + "X64".to_string(), + "VM".to_string(), + ]) +} + +pub fn linux_amd_self_hosted_vm() -> GhRunner { + GhRunner::SelfHosted(vec![ + "self-hosted".to_string(), + "Linux".to_string(), + "X64".to_string(), + "VM".to_string(), + "AMD".to_string(), + ]) +} + +pub fn linux_intel_self_hosted_vm() -> GhRunner { + GhRunner::SelfHosted(vec![ + "self-hosted".to_string(), + "Linux".to_string(), + "X64".to_string(), + "VM".to_string(), + "Intel".to_string(), + ]) +}