Osquery uses basic SQL commands to leverage a relational data-model to describe a device.

osquery

I should have gone to bed an hour ago, but I got an example `ec2-github-runner` integration working with a test-fork of osquery: <https://github.com/theopolis/osquery-ci-test/runs/2136674997?check_suite_focus=true> this approach wont work for pull requests because of GitHub properly limiting access to secrets from non-collaborators. We might be able to get up and running with this by having these workflow jobs run on the main branch and tags. And we can find a solution for pull requests in the future.

To have this work for master is a matter of copying and pasting that PR into `osquery/osquery` and setting the proper secrets.

nice! does it limit secrets for hosted runners from non-collaborators no matter what?

That's what I understand from the GitHub documentation.

If you or someone else has a moment, you can test by opening a PR against <https://github.com/theopolis/osquery-ci-test> and if it's vulnerable to leaking secrets to non-contributors then the EC2 instance will start, otherwise workflow job will fail.

&gt; We might be able to get up and running with this by having these workflow jobs run on the main branch and tags.
What I mean here is I consider building aarch64 on master to be the MVP for what we need to consider support official. If we implement testing on master then we at least know before we tag a release that aarch64 is working. We'll also have packages built and ready as artifacts for the release process.

&gt;  And we can find a solution for pull requests in the future.
Longer term the Envoy or CB approach is ideal so that we give PRs the confidence they are not breaking aarach64.

I proposed the `ec2-github-runner` as a quick stop-gap solution. But I'd like to give <@U7QP20JQH> more time to continue to investigate the Envoy approach.

I tried a PR and the start EC2 runner failed because it wasn’t specified  which matches what i expected would happen from the above. No access to secrets from PRs