Skip to content

feat(ci): publish the quirk-library matrix to GitHub Pages weekly#71

Merged
ErenAri merged 1 commit into
mainfrom
feat/public-quirk-matrix
Jul 1, 2026
Merged

feat(ci): publish the quirk-library matrix to GitHub Pages weekly#71
ErenAri merged 1 commit into
mainfrom
feat/public-quirk-matrix

Conversation

@ErenAri

@ErenAri ErenAri commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Makes the library of known-tricky vendor kernels a public, self-refreshing artifact — the "publish a public matrix" step all three strategy reviews converged on.

What changes

compatibility-matrix-publish.yml goes from a manual, self-hosted lane validating a dev fixture to:

  • Hosted runner — stock ubuntu-latest (exposes /dev/kvm; TCG fallback otherwise). No self-hosted infra.
  • Weekly schedule (Tue 06:00 UTC) + manual dispatch.
  • Real contentmatrices/quirk-library.yaml (11 vendor kernels) × a contrast pair:
    • ringbuf-modern — the headline: ❌ upstream 5.4, ✅ RHEL-backported 4.18, ❌ Amazon 4.14 (backports aren't uniform);
    • simple-pass — proves those failures are feature gaps, not broken kernels.
  • GitHub Pages deploy on every scheduled run → https://kernel-guard.github.io/bpfcompat/ (Pages enabled with build_type: workflow).
  • README + docs/kernel-quirk-library.md link the public matrix.

Evidence upload keeps the allowlist-only policy (never .bpfcompat/runs/** wholesale — per-run SSH keys live there).

Verification

  • YAML validated; artifact paths match make examples outputs (simple_pass.bpf.o, ringbuf_modern.bpf.o).
  • Will trigger a manual workflow_dispatch run after merge to prove the full lane end-to-end (VM matrix → site → Pages deploy).

🤖 Generated with Claude Code

Turn compatibility-matrix-publish from a manual self-hosted lane that
validated a dev fixture into the public compatibility matrix:

- runs on a stock GitHub-hosted runner (hosted ubuntu-latest exposes
  /dev/kvm; TCG fallback otherwise) — no self-hosted runner needed;
- weekly schedule (Tue 06:00 UTC) + manual dispatch;
- validates matrices/quirk-library.yaml against a contrast pair:
  ringbuf-modern (shows the version-lies story: fails upstream <5.8,
  passes RHEL's backported 4.18, fails Amazon's 4.14) and simple-pass
  (proves the failures are feature gaps, not broken kernels);
- deploys the generated static site to GitHub Pages on every scheduled
  run (Pages enabled, build_type=workflow):
  https://kernel-guard.github.io/bpfcompat/
- README + quirk-library doc link the public matrix.

Evidence upload keeps the allowlist-only path policy (never
.bpfcompat/runs/** wholesale — per-run SSH keys live there).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings July 1, 2026 23:36

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot was unable to review this pull request because the user who requested the review has reached their quota limit.

@ErenAri ErenAri merged commit 1d75677 into main Jul 1, 2026
7 checks passed
@ErenAri ErenAri deleted the feat/public-quirk-matrix branch July 1, 2026 23:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants