Le lun. 6 avr. 2020 à 13:31, Steve Dower firstname.lastname@example.org a écrit :
The CI configuration is loaded from the PR head, at least on GitHub Actions (where you can validate config changes in PR) and Azure Pipelines. I just validated this by re-running an old PR and watched it choose OpenSSL 1.1.1d instead of 1.1.1f (and then fail to check out a reference - see the logs at https://github.com/python/cpython/pull/18909/checks?check_run_id=564079685)
So I think it's an issue, and probably does require PRs to merge in master to get back in sync. But probably the best we can do is post a message in older PRs warning that they need to do it. Maybe we close them at the same time?
That's bad :-(
We could also move some of these CI configuration variables out of the CI files and into separate scripts - many already are. This is annoying for anyone who forks and runs their own build, but it should mean that updates like the OpenSSL version get merged in during CI even for older PRs.
That sounds like a sane plan.
The OpenSSL version is just one example of our CI flaw. Yet another example: new Sphinx breaks Python 3.8 CI. https://bugs.python.org/issue40204
The Sphinx version is not pinned in 3.8 (it is in master).
Night gathers, and now my watch begins. It shall not end until my death.