Skip to content

tetragon: Make sure lsm programs return bounded value #9914

tetragon: Make sure lsm programs return bounded value

tetragon: Make sure lsm programs return bounded value #9914

Workflow file for this run

name: Tetragon Go Test
on:
pull_request:
paths-ignore:
- 'docs/**'
push:
branches:
- main
paths-ignore:
- 'docs/**'
jobs:
build:
runs-on: ${{ matrix.os }}
timeout-minutes: 40
strategy:
fail-fast: false
matrix:
os: [ ubuntu-20.04, actuated-arm64-4cpu-8gb ]
steps:
- name: Checkout code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
path: go/src/github.com/cilium/tetragon/
- name: Install Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
# renovate: datasource=golang-version depName=go
go-version: '1.23.2'
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get -y install libelf-dev netcat-traditional libcap-dev gcc
sudo sed -i '/secure_path/d' /etc/sudoers
sudo sed -i '/env_reset/d' /etc/sudoers
echo `which clang`
echo `which llc`
echo `clang --version`
- name: Install dependencies x86
run: |
sudo apt-get -y install libc6-dev-i386
if: ${{ matrix.os == 'ubuntu-20.04' }}
- name: Install dependencies ARM
run: |
sudo apt-get -y install gcc-arm-linux-gnueabihf
if: ${{ matrix.os == 'actuated-arm64-4cpu-8gb' }}
- name: Install bpftool
uses: mtardy/setup-bpftool@adeab4f9332cc28db56064a93911860d0775665b # v1.0.3
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Ensure BPF programs pass verifier
run: |
cd go/src/github.com/cilium/tetragon/
make verify
- name: Run go tests
env:
GOPATH: ${{ env.GITHUB_WORKSPACE }}/go
SUDO: sudo -E
run: |
go clean -cache -modcache -testcache -fuzzcache
cd go/src/github.com/cilium/tetragon/
sudo -E echo "run go tests: " `uname -a`
sudo -E go mod verify
export TETRAGON_LIB=$(realpath "bpf/objs/")
make test GO_TEST_TIMEOUT=40m
- name: Upload Tetragon logs
if: failure()
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: tetragon-json
path: /tmp/tetragon.gotest*
retention-days: 5
- name: Upload bugtool dumps
if: failure()
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: tetragon-bugtool
path: /tmp/tetragon-bugtool*
retention-days: 5