ci: use intel-provided github runners

intel / cve-bin-tool

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

https://cve-bin-tool.readthedocs.io/en/latest/

GNU General Public License v3.0

1.19k stars 457 forks source link

ci: use intel-provided github runners #4293

Closed terriko closed 2 months ago

terriko commented 2 months ago

Apparently there's a pool of github runners available to us that should work better, so I'm switching to use them.

terriko commented 2 months ago

These run significantly slower in the new runners: currently a bit more than twice as long to run the "short" tests which puts them at an hour each, and in this run that actually makes them longer than the windows test (our previous slowest). I've upped the timeouts so that they actually pass but may need to do more investigation and tuning to make these runners work better for us.

terriko commented 2 months ago

Merging now. It sounds like we may get some faster runners in the future, but I'll leave the long limits on for now.