Skip tests on aarch64 where nested KVM is not available

We don't have any ARM64 GitHub VM runners with KVM, as nested KVM is currently only available on x86_64. Previously we were testing with containerized runners so they had access to the host kernel, but it is insecure to use self-hosted runners on public repositories such as this. Signed-off-by: Kyle Harding <kyle@balena.io>
balena-io-experimental · Apr 18, 2024 · 57db12f · 57db12f
1 parent 9911f13
commit 57db12f
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 2 deletions.
diff --git a/.github/workflows/flowzone.yml b/.github/workflows/flowzone.yml
@@ -26,8 +26,8 @@ jobs:
     with:
       docker_runs_on: >
         {
-          "linux/amd64": ["self-hosted","runtime:container","X64"],
-          "linux/arm64": ["self-hosted","runtime:container","ARM64"]
+          "linux/amd64": ["self-hosted","X64"],
+          "linux/arm64": ["self-hosted","ARM64"]
         }
       docker_images: >
         ghcr.io/balena-io-experimental/container-jail
diff --git a/docker-compose.test.yml b/docker-compose.test.yml
@@ -19,6 +19,11 @@ services:
       - /bin/sh
       - -c
       - |
+        if [[ "$(uname -m)" != "x86_64" ]] && [[ -z "$(ls /dev/kvm)" ]]; then
+          echo "Nested KVM unavailable on this architecture!"
+          exit 0
+        fi
+
         set -ex
         apk add --no-cache docker-cli-compose