Test drivers build against latest mainline kernel in archlinux #717
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test drivers build against latest mainline kernel in archlinux | |
on: | |
workflow_dispatch: | |
inputs: | |
linux-version: | |
description: 'Archlinux kernel version to build a driver against, eg: 6.2.arch1-1 or empty to build latest mainline' | |
required: false | |
type: string | |
schedule: | |
- cron: '0 8 * * *' # every day at 8am | |
jobs: | |
compute-latest-version: | |
outputs: | |
latest_vers: ${{ steps.latest-version.outputs.latest_vers }} | |
runs-on: 'ubuntu-latest' | |
steps: | |
- name: Checkout Archlinux mainline package ⤵️ | |
run: | | |
git clone https://aur.archlinux.org/linux-mainline.git linux/ | |
- name: Generate driverkit config | |
id: latest-version | |
# Note: in case we are building latest mainline, | |
# we grep the linux-mainline aur PKGBUILD "_tag" line, that is made like: "_tag=v6.4-rc1" | |
# We then need to extract the part after the "=" and finally remove the starting "v". | |
run: | | |
cd linux/ | |
echo "kernelversion: 1" > dk.yaml | |
echo "driverversion: ${{ github.sha }}" >> dk.yaml | |
echo "output:" >> dk.yaml | |
echo " module: mod.ko" >> dk.yaml | |
echo " probe: probe.o" >> dk.yaml | |
if [ "${{ inputs.linux-version }}" = "" ]; then | |
krel=$(grep "_tag" PKGBUILD | head -n1 | awk -F"=" '{print $2}') | |
echo "kernelrelease: ${krel:1}" >> dk.yaml | |
echo "target: vanilla" >> dk.yaml | |
echo "kernelconfigdata: \"$(cat config | base64 | tr -d '\n')\"" >> dk.yaml | |
else | |
echo "kernelrelease: ${{ inputs.linux-version }}" >> dk.yaml | |
echo "target: arch" >> dk.yaml | |
fi | |
echo "latest_vers=$(grep kernelrelease dk.yaml | awk -F": " '{print $2}')" >> $GITHUB_OUTPUT | |
- name: Upload driverkit config | |
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
with: | |
name: driverkit_config.yaml | |
path: linux/dk.yaml | |
build-latest-kernel-amd64: | |
needs: 'compute-latest-version' | |
outputs: | |
build: ${{ steps.build.outcome }} | |
runs-on: 'ubuntu-latest' | |
steps: | |
- name: Download driverkit config | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
with: | |
name: driverkit_config.yaml | |
- name: Download latest driverkit artifact | |
uses: dawidd6/action-download-artifact@80620a5d27ce0ae443b965134db88467fc607b43 # v7 | |
with: | |
name: driverkit-amd64 | |
workflow: release.yml | |
repo: falcosecurity/driverkit | |
- name: Test drivers build | |
id: build | |
run: | | |
echo "Testing build of drivers against: ${{ needs.compute-latest-version.outputs.latest_vers }}" | |
chmod +x driverkit | |
./driverkit docker -c dk.yaml -l debug --timeout 300 | |
build-latest-kernel-arm64: | |
needs: 'compute-latest-version' | |
outputs: | |
build: ${{ steps.build.outcome }} | |
runs-on: 'github-arm64-2c-8gb' | |
steps: | |
- name: Download driverkit config | |
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 | |
with: | |
name: driverkit_config.yaml | |
- name: Download latest driverkit artifact | |
uses: dawidd6/action-download-artifact@80620a5d27ce0ae443b965134db88467fc607b43 # v7 | |
with: | |
name: driverkit-arm64 | |
workflow: release.yml | |
repo: falcosecurity/driverkit | |
- name: Test drivers build | |
id: build | |
run: | | |
echo "Testing build of drivers against: ${{ needs.compute-latest-version.outputs.latest_vers }}" | |
chmod +x driverkit | |
./driverkit docker -c dk.yaml -l debug --timeout 300 | |
badge-latest-kernel: | |
if: always() && github.event_name == 'schedule' | |
runs-on: 'ubuntu-latest' | |
needs: [compute-latest-version,build-latest-kernel-amd64,build-latest-kernel-arm64] | |
steps: | |
- name: Update README badge | |
uses: schneegans/dynamic-badges-action@e9a478b16159b4d31420099ba146cdc50f134483 # v1.7.0 | |
with: | |
auth: ${{ secrets.FEDEDP_GIST_SECRET }} | |
gistID: 1cbc5d42edf8e3a02fb75e76625f1072 | |
filename: kernel.json | |
label: Drivers build | |
message: ${{ needs.compute-latest-version.outputs.latest_vers }} | |
color: ${{ (needs.build-latest-kernel-amd64.outputs.build != 'success' || needs.build-latest-kernel-arm64.outputs.build != 'success') && 'red' || 'brightgreen' }} |