logo

drewdevault.com

[mirror] blog and personal website of Drew DeVault git clone https://hacktivis.me/git/mirror/drewdevault.com.git

Introducing-shell-access-for-builds.md (3432B)

    

  1. ---
  2. date: 2019-08-19
  3. layout: post
  4. title: Shell access for builds.sr.ht CI
  5. tags: ["announcement", "sourcehut"]
  6. ---
  8. Have you ever found yourself staring at a failed CI build, wondering desperately
  9. what happened? Or, have you ever needed a fresh machine on-demand to test out an
  10. idea in? Have you been working on Linux, but need to test something on OpenBSD?
  11. Starting this week, builds.sr.ht can help with all of these problems, because
  12. you can now SSH into the build environment.
  14. <small class="text-muted">
  15.   If you didn't know, <a href="https://sourcehut.org">Sourcehut</a> is the 100%
  16.   open/libre software forge for hackers, complete with git and Mercurial
  17.   hosting, CI, mailing lists, and more - with no JavaScript. Try it out!
  18. </small>
  20. The next time your build fails on builds.sr.ht, you'll probably notice the
  21. following message:
  23. ![Screenshot of builds.sr.ht showing a prompt to SSH into the failed build
  24. VM and examine it](https://sr.ht/thL-.png)
  26. After the build fails, we process everything normally - sending emails,
  27. webhooks, and so on - but keep the VM booted for an additional 10 minutes. If
  28. you do log in during this window, we keep the VM alive until you log out or
  29. until your normal build time limit has elapsed. Once you've logged in, you get a
  30. shell and can do anything you like, such as examining the build artifacts or
  31. tweaking the source and trying again.
  33. ```
  34. $ ssh -t builds@azusa.runners.sr.ht connect 81809
  35. Connected to build job #81809 (failed):
  36. https://builds.sr.ht/jobs/~sircmpwn/81809
  37. Your VM will be terminated 4 hours from now, or when you log out.
  39. bash-5.0 $
  40. ```
  42. You can also connect to any build over SSH by adding `shell: true` to your build
  43. manifest. When you do, the VM will be kept alive after all of the tasks have
  44. finished (even if it doesn't fail) so you can SSH in. You can also SSH in before
  45. the tasks have finished, and tail the output of the build in your terminal. An
  46. example use case might be getting a fresh Alpine environment to test build your
  47. package on:
  49. <script
  50.   id="asciicast-wnLYZwDuvkbIHwgTdmnqtQpXh"
  51.   src="https://asciinema.org/a/pafXXANiWHY9MOH2yXdVHHJRd.js" async
  52. ></script>
  53. <noscript><i>This article includes third-party JavaScript content from
  54. asciinema.org, a free- and open-source platform that I trust.</i></noscript>
  56. This was accomplished with a simple build manifest:
  58. ```
  59. image: alpine/edge
  60. shell: true
  61. sources:
  62. - https://git.alpinelinux.org/aports
  63. tasks:
  64. - "prep-abuild": |
  65.     abuild-keygen -an
  66. ```
  68. Since build manifests run normally in advance of your shell login, you can do
  69. things like install your preferred editor and dotfiles, pull down your SSH keys
  70. through [build
  71. secrets](https://man.sr.ht/tutorials/builds.sr.ht/using-build-secrets.md), or
  72. anything else you desire to set up a comfortable working environment.
  74. Furthermore, by leveraging the [builds.sr.ht
  75. API](https://man.sr.ht/builds.sr.ht/api.md), you can write scripts which take
  76. advantage of the shell features. Need a NetBSD shell? With a little scripting
  77. you can get something like this working:
  79. <script
  80.   id="asciicast-8etTNE7Ptgmu6hO3cVDlvrAal"
  81.   src="https://asciinema.org/a/pafXXANiWHY9MOH2yXdVHHJRd.js" async
  82. ></script>
  84. With experimental multiarch support being rolled out, soon you'll be just a few
  85. keystrokes away from an ARM or PowerPC shell, too.
  87. I want to expand more on SSH access in the future. Stay tuned and [let me
  88. know](mailto:sir@cmpwn.com) if you have any cool ideas!