tetragon: Allow persistent enforcement during tetragon restart #8460
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Tetragon Go Test | |
on: | |
pull_request: | |
paths-ignore: | |
- 'docs/**' | |
push: | |
branches: | |
- main | |
paths-ignore: | |
- 'docs/**' | |
jobs: | |
build: | |
runs-on: ${{ matrix.os }} | |
timeout-minutes: 40 | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ ubuntu-20.04, actuated-arm64-4cpu-8gb ] | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
with: | |
path: go/src/github.com/cilium/tetragon/ | |
- name: Install Go | |
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 | |
with: | |
# renovate: datasource=golang-version depName=go | |
go-version: '1.22.4' | |
- name: Install dependencies x86 | |
run: | | |
sudo apt-get update | |
sudo apt-get -y install libc6-dev-i386 | |
if: ${{ matrix.os == 'ubuntu-20.04' }} | |
- name: Install dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get -y install libelf-dev netcat-openbsd netcat-traditional libcap-dev gcc | |
sudo sed -i '/secure_path/d' /etc/sudoers | |
sudo sed -i '/env_reset/d' /etc/sudoers | |
echo `which clang` | |
echo `which llc` | |
echo `clang --version` | |
- name: Install bpftool | |
uses: mtardy/setup-bpftool@adeab4f9332cc28db56064a93911860d0775665b # v1.0.3 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Ensure BPF programs pass verifier | |
run: | | |
cd go/src/github.com/cilium/tetragon/ | |
make verify | |
- name: Run go tests | |
env: | |
GOPATH: ${{ env.GITHUB_WORKSPACE }}/go | |
SUDO: sudo -E | |
run: | | |
go clean -cache -modcache -testcache -fuzzcache | |
cd go/src/github.com/cilium/tetragon/ | |
make check-copyright | |
sudo -E echo "run go tests: " `uname -a` | |
sudo -E go mod verify | |
export TETRAGON_LIB=$(realpath "bpf/objs/") | |
make test GO_TEST_TIMEOUT=40m | |
- name: Upload Tetragon logs | |
if: failure() | |
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
with: | |
name: tetragon-json | |
path: /tmp/tetragon.gotest* | |
retention-days: 5 | |
- name: Upload bugtool dumps | |
if: failure() | |
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
with: | |
name: tetragon-bugtool | |
path: /tmp/tetragon-bugtool* | |
retention-days: 5 |