Jacamar CI v0.13.0

• Release: v0.13.0

• Date: 12/22/2022

User Changes

• Job command notification for all batch executors (!406)

  • Executing "step_script" stage of the job script
    Slurm job command: sbatch --wait --job-name=ci-456_1671728223
      --output=/home/user/.jacamar-ci/scripts/abc123/000/user/test/456/slurm-ci-456.out
      -N1 -A account1 -t 00:30:00
      /home/user/.jacamar-ci/scripts/abc123/000/user/test/456/build_script.bash
    ...
    

  • These notifications will appear in your CI job logs and are meant to assist in troubleshooting failed sbatch submissions.

Admin Changes

• New executor option for the Flux resource manager (!396) - (Thanks @alecbcs)

  • An exciting contribution that offers a new Supported Executor for deployment leveraging the Flux scheduler by submitting jobs using flux mini alloc.

  • [general]
    executor = "flux"
    

• Additional logging for RunAs validation scripts (!401)

  • When system logging is enabled these additional details are meant to assist in troubleshooting errors that may be associated with a RunAs User validation_script.

• Optional group permission (750) configuration for data_dir: (!372, !386, !414)

  • When enabled this will create all standard directories with group read/execute permission. This is based upon the default GID for the job user and is meant to ideally be used in conjunction with RunAs. Please note that any files/folders created during the CI job will have permissions that align with the users’ default umask.

  • [general]
    group_permissions = true
    

• Feature flag for additional sacct check for the Slurm executor (!409)

  • In limited cases external event that cause the cancellation of a Slurm job will not results in a non-zero exit code that can be observed by sbatch --wait .... This can lead to unexpectedly passing CI/CD jobs.

  • [batch]
    ff_slurm_sacct = true
    

  • Note

    This option will remain behind a feature flag until more testing can be accomplished across target deployments. Please notify us of any issues encountered if testing this feature.

Bug & Development Fixes

• Upgraded to Go version 1.19.3 and dependencies (!404, !410, !391)

• Updated Slurm test image (!407)

• Job status reporting updated to align with documented examples (!403)

  • For details please see the Report Build Status to GitLab/GitHub guide.

• Add Go vulnerability checking (!395)

  • Leverages the newly released govulncheck in conjunction with a local application to enforce rules and allow for ignoring unrelated vulnerabilities.

  • # Defined in: tools/vulnerability-check/ignored-vulns.json
    "ignored-vulns": [ {
      "id": "GO-2022-1143",
      "aliases": ["CVE-2022-41720"],
      "reason": "We do no support Windows deployments.",
      "references": [
        {"type": "FIX","url": "https://go.dev/cl/455716"}
      ]
    }]
    

• Improvements to supported Pavilion test series (!397, !400, !410)

• Relocated AbstractExecutor and related packages to allow imports (!385)