I've been in touch with many other people working in the CI industry and this has become a massive problem for all of us over the past few months. Entire industry working groups have been set up for knowledge sharing to combat the crypto mining epidemic.
In hindsight, cryptocurrency is an abject disaster and one of the worst inventions of the tech industry in the last few decades. I am absolutely ashamed to share an ecosystem with such an obscene, exploitative grift. In addition to entirely failing to meet its basic objectives as a useful currency, it has introduced perverse incentives into the entire technology sphere, reduced the integrity of the entire industry, been the subject of hundreds, if not thousands, of scams and ponzi schemes, has created shortages for consumer and server hardware, and is hugely wasteful and harmful to the environment. Fuck cryptocurrency.
That's the biggest problem, and it should be like IOTA where you "proof" when you do an transfer and just then, and not by "printing" coins, it's a massive waste of energy.
As for build scripts that require a network connection, just make the connection painfully slow.
Any computation not explicitly provisioned in a way that guarantees pre-empting a cryptocurrency generating process never has a chance to happen.
Monero is quite hard to trade directly to actual money - you usually have to go via BTC or ETH.
So a systemic fix basically involves crashing the price of crypto in general, to take away the financial motivation.
(This is also one obvious solution to bitcoin's CO2 production - it's all about the US dollars, so hit those gateways.)
I guess I’ll have to have another look at activating the CI on my home gitlab install
* Cryptocurrency can't really be confiscated
* These malicious miners likely live in a country with a dubiously competent legal system.
* Lastly, it's not worth the money to try to collect.
For private/small open source projects I would highly welcome such a pricing tier from travis-ci but 69USD is just not in my pocket (not saying its unjustified though!).
For larger open-source projects that rely on many builds throughout the day/month, this might be a bigger problem.
So while its "free" marketing, it might be much more crucial to our open-source structure than we think it is (which might be a problem as well).
And I think we can all agree: open source software is an important part not only for the industry but our lives :)
Containers are a solution for this right? If I was open source I’d run CI in docker or similar so you can easily run it locally or on a server.
The assumption is people doing FOSS can’t afford maybe $20 a year to spend on some kind of elastic compute to run this or don’t have a computer powerful enough to run it. I doubt this is the case and if it is just do without CI - just run your tests from IDE before pushing to master.