From db2c2141caaaf5d0348a9c3ef8c17abee34b5722 Mon Sep 17 00:00:00 2001
From: Moritz Sanft <58110325+msanft@users.noreply.github.com>
Date: Mon, 5 Aug 2024 10:07:23 +0200
Subject: [PATCH] ci: use btrfs for all Nix builds

Previously, we had to perform specific Nix builds which didn't work on ext*-fileysstems in a tmpfs. Due to the memory constraints in GH Actions runners, this is not feasible for all CI workloads. Therefore, this switches all Nix-using CI to perform Nix builds in a btrfs.
---
 .github/actions/nix_tmpfs/action.yml  | 13 -------------
 .github/actions/setup_nix/action.yml  | 11 +++++++++++
 .github/workflows/e2e_openssl.yml     |  1 -
 .github/workflows/e2e_policy.yml      |  1 -
 .github/workflows/e2e_regression.yml  |  1 -
 .github/workflows/e2e_servicemesh.yml |  1 -
 .github/workflows/static.yml          |  9 +++++++++
 7 files changed, 20 insertions(+), 17 deletions(-)
 delete mode 100644 .github/actions/nix_tmpfs/action.yml

diff --git a/.github/actions/nix_tmpfs/action.yml b/.github/actions/nix_tmpfs/action.yml
deleted file mode 100644
index 1b194cfd74..0000000000
--- a/.github/actions/nix_tmpfs/action.yml
+++ /dev/null
@@ -1,13 +0,0 @@
-name: use tmpfs for nix builds
-description: Set Nix' build directory to a tmpfs to fix builds that don't work in the runner-provisioned ext2/ext3 filesystem
-
-runs:
-  using: "composite"
-  steps:
-    - name: use tmpfs for nix builds
-      shell: bash
-      run: |
-        sudo mkdir -p /etc/systemd/system/nix-daemon.service.d
-        echo -e "[Service]\nEnvironment=TMPDIR=/dev/shm" | sudo tee /etc/systemd/system/nix-daemon.service.d/tmpfs.conf
-        sudo systemctl daemon-reload
-        sudo systemctl restart nix-daemon
diff --git a/.github/actions/setup_nix/action.yml b/.github/actions/setup_nix/action.yml
index be4d04983e..95a1fe12c7 100644
--- a/.github/actions/setup_nix/action.yml
+++ b/.github/actions/setup_nix/action.yml
@@ -19,3 +19,14 @@ runs:
       with:
         name: edgelesssys
         authToken: ${{ inputs.cachixToken }}
+    - name: use btrfs for nix builds
+      shell: bash
+      run: |
+        sudo mkdir /nixbld
+        truncate -s 3G btrfs.img
+        sudo mkfs.btrfs -f btrfs.img
+        sudo mount btrfs.img /nixbld
+        sudo mkdir -p /etc/systemd/system/nix-daemon.service.d
+        echo -e "[Service]\nEnvironment=TMPDIR=/nixbld" | sudo tee /etc/systemd/system/nix-daemon.service.d/btrfs.conf
+        sudo systemctl daemon-reload
+        sudo systemctl restart nix-daemon
diff --git a/.github/workflows/e2e_openssl.yml b/.github/workflows/e2e_openssl.yml
index 294c29457f..343e4e2a60 100644
--- a/.github/workflows/e2e_openssl.yml
+++ b/.github/workflows/e2e_openssl.yml
@@ -59,7 +59,6 @@ jobs:
           echo "SYNC_ENDPOINT=http://$sync_ip:8080" | tee -a "$GITHUB_ENV"
           sync_uuid=$(kubectl get configmap sync-server-fifo -o jsonpath='{.data.uuid}')
           echo "SYNC_FIFO_UUID=$sync_uuid" | tee -a "$GITHUB_ENV"
-      - uses: ./.github/actions/nix_tmpfs
       - name: Build and prepare deployments
         run: |
           just coordinator initializer openssl port-forwarder node-installer
diff --git a/.github/workflows/e2e_policy.yml b/.github/workflows/e2e_policy.yml
index 19a1e379b2..53990fe7c5 100644
--- a/.github/workflows/e2e_policy.yml
+++ b/.github/workflows/e2e_policy.yml
@@ -59,7 +59,6 @@ jobs:
           echo "SYNC_ENDPOINT=http://$sync_ip:8080" | tee -a "$GITHUB_ENV"
           sync_uuid=$(kubectl get configmap sync-server-fifo -o jsonpath='{.data.uuid}')
           echo "SYNC_FIFO_UUID=$sync_uuid" | tee -a "$GITHUB_ENV"
-      - uses: ./.github/actions/nix_tmpfs
       - name: Build and prepare deployments
         run: |
           just coordinator initializer openssl port-forwarder node-installer
diff --git a/.github/workflows/e2e_regression.yml b/.github/workflows/e2e_regression.yml
index 3716522f9a..741537dd2b 100644
--- a/.github/workflows/e2e_regression.yml
+++ b/.github/workflows/e2e_regression.yml
@@ -58,7 +58,6 @@ jobs:
       - name: Get credentials for CI cluster
         run: |
           just get-credentials
-      - uses: ./.github/actions/nix_tmpfs
       - name: Build and prepare deployments
         run: |
           just node-installer
diff --git a/.github/workflows/e2e_servicemesh.yml b/.github/workflows/e2e_servicemesh.yml
index 1d5b64604e..40fc3e60c6 100644
--- a/.github/workflows/e2e_servicemesh.yml
+++ b/.github/workflows/e2e_servicemesh.yml
@@ -59,7 +59,6 @@ jobs:
           echo "SYNC_ENDPOINT=http://$sync_ip:8080" | tee -a "$GITHUB_ENV"
           sync_uuid=$(kubectl get configmap sync-server-fifo -o jsonpath='{.data.uuid}')
           echo "SYNC_FIFO_UUID=$sync_uuid" | tee -a "$GITHUB_ENV"
-      - uses: ./.github/actions/nix_tmpfs
       - name: Build and prepare deployments
         run: |
           just coordinator initializer port-forwarder service-mesh-proxy node-installer
diff --git a/.github/workflows/static.yml b/.github/workflows/static.yml
index 91a694d78a..a8d9667d78 100644
--- a/.github/workflows/static.yml
+++ b/.github/workflows/static.yml
@@ -25,6 +25,15 @@ jobs:
     runs-on: ubuntu-22.04
     timeout-minutes: 25
     steps:
+      # This job needs quite some space, so we remove some unnecessary things.
+      - uses: easimon/maximize-build-space@fc881a613ad2a34aca9c9624518214ebc21dfc0c # v10
+        with:
+          root-reserve-mb: 20000
+          remove-dotnet: 'true'
+          remove-android: 'true'
+          remove-haskell: 'true'
+          remove-codeql: 'true'
+          remove-docker-images: 'true'
       - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}