Skip to content

cves:exploit: prevent cve-2023-2640 overlayfs exploit on ubuntu #4253

cves:exploit: prevent cve-2023-2640 overlayfs exploit on ubuntu

cves:exploit: prevent cve-2023-2640 overlayfs exploit on ubuntu #4253

Workflow file for this run

name: Tetragon Go Test
on:
pull_request:
paths-ignore:
- 'docs/**'
push:
branches:
- main
paths-ignore:
- 'docs/**'
jobs:
build:
runs-on: ${{ matrix.os }}
timeout-minutes: 40
strategy:
fail-fast: false
matrix:
os: [ ubuntu-20.04, buildjet-2vcpu-ubuntu-2204-arm ]
steps:
- name: Checkout code
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with:
path: go/src/github.com/cilium/tetragon/
- name: Install Go
uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with:
# renovate: datasource=golang-version depName=go
go-version: '1.20.6'
- name: Install dependencies
run: |
sudo apt-get install libelf-dev netcat-traditional libcap-dev gcc
sudo sed -i '/secure_path/d' /etc/sudoers
sudo sed -i '/env_reset/d' /etc/sudoers
echo `which clang`
echo `which llc`
echo `clang --version`
- name: Install bpftool
uses: mtardy/setup-bpftool@d21fc59a00cfc7e7de8b83a6f8f2060f0e54e2b8 # v1.0.2
- name: Ensure BPF programs pass verifier
run: |
cd go/src/github.com/cilium/tetragon/
make verify
- name: Run go tests
env:
GOPATH: ${{ env.GITHUB_WORKSPACE }}/go
SUDO: sudo -E
run: |
go clean -cache -modcache -testcache -fuzzcache
cd go/src/github.com/cilium/tetragon/
make check-copyright
sudo -E echo "run go tests: " `uname -a`
sudo -E go mod verify
sudo -E GO111MODULE=off go get -u golang.org/x/lint/golint
export TETRAGON_LIB=$(realpath "bpf/objs/")
make test GO_TEST_TIMEOUT=40m
- name: Upload Tetragon logs
if: failure()
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: tetragon-json
path: /tmp/tetragon.gotest*
retention-days: 5
- name: Upload bugtool dumps
if: failure()
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: tetragon-bugtool
path: /tmp/tetragon-bugtool*
retention-days: 5