Skip to content

Add self-hosted macOS HVF runtime job to CI#91

Open
Max042004 wants to merge 1 commit into
sysprog21:mainfrom
Max042004:ci/macos-hvf
Open

Add self-hosted macOS HVF runtime job to CI#91
Max042004 wants to merge 1 commit into
sysprog21:mainfrom
Max042004:ci/macos-hvf

Conversation

@Max042004

@Max042004 Max042004 commented Jun 9, 2026

Copy link
Copy Markdown
Collaborator

GitHub-hosted macOS runners do not expose Apple's Hypervisor.framework (HVF):
the hosted runner OS itself runs inside a virtualization layer that withholds
HVF, so hv_vm_create() returns HV_UNSUPPORTED. Because of this, the existing
build-macos job can only compile elfuse and verify the HVF entitlement — it
can never actually boot a guest.

This PR adds a runtime-macos job that runs on a self-hosted Apple Silicon
runner
(an M4 machine) where HVF is available, so the real runtime path —
booting a Linux guest under HVF + Rosetta — is exercised in CI for the first
time. The hosted build-macos job is unchanged and keeps gating builds as
before; this job runs after it (needs: build-macos).

Closes #51.

Note

Known failure: the runtime-macos job currently fails in the
make check. Once #76 lands (or is merged into / rebased onto this branch),
it is expected to go green.

What the runtime-macos job does

  • runs-on: [self-hosted, macOS, arm64], needs: build-macos, 20-minute
    timeout.
  • Per-ref concurrency: cancels in-progress runs for the same PR, but lets
    main runs finish.

Where it runs (trigger gating)

  • PR targeting main — runs. A pull_request from any fork is evaluated
    in the upstream (sysprog21/elfuse) Actions context, so a collaborator who
    pushes a branch to their own fork and opens a PR against upstream gets the
    full runtime suite. This is the normal contributor flow and must work.
  • Push to main — runs. Post-merge validation on the mainline.
  • **Activity in a fork's own context — skipped.

Failing fast on superseded re-runs

There is only one self-hosted runner, so a wasted run on it blocks every other
PR. Per-ref concurrency already cancels an in-progress run when a newer commit
is pushed to the same PR, but it does not cover a manual Re-run jobs on an
old run: a re-run replays the original (now stale) commit and would otherwise
occupy the runner for the full timeout re-testing code that is no longer HEAD.

The job's first step compares the run's frozen head.sha against the PR's live
HEAD (via the REST API) and, when they differ, prints a ::error:: saying the
commit is no longer the latest
and exit 1, end up failed.

cubic-dev-ai[bot]

This comment was marked as resolved.

@Max042004 Max042004 changed the title ci: test macOS HVF runtime on fork ci: test macOS HVF runtime Jun 9, 2026
@jserv jserv self-assigned this Jun 9, 2026
@Max042004 Max042004 force-pushed the ci/macos-hvf branch 2 times, most recently from b18134f to 5186357 Compare June 16, 2026 04:45
jserv

This comment was marked as outdated.

@jserv

jserv commented Jun 17, 2026

Copy link
Copy Markdown
Contributor

Refine the descriptions of both pull request body and commit message to address the close of #51 .

@Max042004 Max042004 force-pushed the ci/macos-hvf branch 2 times, most recently from 2e06673 to a30de42 Compare June 23, 2026 11:39
@Max042004 Max042004 changed the title ci: test macOS HVF runtime ci: add self-hosted macOS HVF runtime job Jun 23, 2026
@Max042004 Max042004 force-pushed the ci/macos-hvf branch 5 times, most recently from 4ec266d to 64ff85b Compare June 27, 2026 14:28
@jserv

jserv commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Explain the blocking issues to proceed.

Hypervisor.framework needs real Apple Silicon hardware, so the hosted
build-macos job can only compile elfuse and check the entitlement, never
boot a guest. Add a runtime-macos job on a self-hosted Apple Silicon
runner ([self-hosted, macOS, arm64]) that actually exercises the VM
under HVF.

The job is scoped to the upstream repository with
github.repository == 'sysprog21/elfuse', so it runs for pushes to main
and for pull_requests targeting main -- including PRs opened from a
collaborator's fork -- but never inside a fork's own Actions context, so
a branch pushed to a fork without an upstream PR triggers nothing.
Untrusted outside fork PRs are held by the repository's "require
approval for outside collaborators" setting, so a maintainer still gates
every outside run without needing a head-ref guard or a label. The job
runs after build-macos, serializes per ref through a concurrency group,
and cancels in-progress runs only for pull requests.

It asserts the host is arm64, reports kern.hv_support, caches and
installs just the missing Homebrew packages (binutils, qemu), and fails
early with install guidance when Rosetta for Linux is absent. After make
elfuse it confirms the com.apple.security.hypervisor entitlement is
codesigned into build/elfuse, then runs test-hello, test-multi-vcpu,
make check, and tests/test-matrix.sh all.
@jserv jserv changed the title ci: add self-hosted macOS HVF runtime job Add self-hosted macOS HVF runtime job to CI Jul 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Provision self-hosted Apple Silicon runner to exercise HVF runtime tests

2 participants