tetragon: Make sure lsm programs return bounded value #9914
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Tetragon Go Test | |
on: | |
pull_request: | |
paths-ignore: | |
- 'docs/**' | |
push: | |
branches: | |
- main | |
paths-ignore: | |
- 'docs/**' | |
jobs: | |
build: | |
runs-on: ${{ matrix.os }} | |
timeout-minutes: 40 | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ ubuntu-20.04, actuated-arm64-4cpu-8gb ] | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
with: | |
path: go/src/github.com/cilium/tetragon/ | |
- name: Install Go | |
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 | |
with: | |
# renovate: datasource=golang-version depName=go | |
go-version: '1.23.2' | |
- name: Install dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get -y install libelf-dev netcat-traditional libcap-dev gcc | |
sudo sed -i '/secure_path/d' /etc/sudoers | |
sudo sed -i '/env_reset/d' /etc/sudoers | |
echo `which clang` | |
echo `which llc` | |
echo `clang --version` | |
- name: Install dependencies x86 | |
run: | | |
sudo apt-get -y install libc6-dev-i386 | |
if: ${{ matrix.os == 'ubuntu-20.04' }} | |
- name: Install dependencies ARM | |
run: | | |
sudo apt-get -y install gcc-arm-linux-gnueabihf | |
if: ${{ matrix.os == 'actuated-arm64-4cpu-8gb' }} | |
- name: Install bpftool | |
uses: mtardy/setup-bpftool@adeab4f9332cc28db56064a93911860d0775665b # v1.0.3 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Ensure BPF programs pass verifier | |
run: | | |
cd go/src/github.com/cilium/tetragon/ | |
make verify | |
- name: Run go tests | |
env: | |
GOPATH: ${{ env.GITHUB_WORKSPACE }}/go | |
SUDO: sudo -E | |
run: | | |
go clean -cache -modcache -testcache -fuzzcache | |
cd go/src/github.com/cilium/tetragon/ | |
sudo -E echo "run go tests: " `uname -a` | |
sudo -E go mod verify | |
export TETRAGON_LIB=$(realpath "bpf/objs/") | |
make test GO_TEST_TIMEOUT=40m | |
- name: Upload Tetragon logs | |
if: failure() | |
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 | |
with: | |
name: tetragon-json | |
path: /tmp/tetragon.gotest* | |
retention-days: 5 | |
- name: Upload bugtool dumps | |
if: failure() | |
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 | |
with: | |
name: tetragon-bugtool | |
path: /tmp/tetragon-bugtool* | |
retention-days: 5 |