Skip to content

policylibrary: consolidate privileges raising operations into privileges-raise.yaml single policy #6819

policylibrary: consolidate privileges raising operations into privileges-raise.yaml single policy

policylibrary: consolidate privileges raising operations into privileges-raise.yaml single policy #6819

Workflow file for this run

name: Run static checks
on:
push:
branches:
- main
- v*
paths-ignore:
- 'docs/**'
- '**.md'
pull_request:
paths-ignore:
- 'docs/**'
- '**.md'
permissions:
# For golangci/golangci-lint to have read access to pull request for `only-new-issues` option.
contents: read
jobs:
golangci-lint:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Install Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
# renovate: datasource=golang-version depName=go
go-version: '1.21.6'
# using golangci-lint cache instead
cache: false
- name: Run golangci-lint
uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v3.7.0
with:
# renovate: datasource=docker depName=docker.io/golangci/golangci-lint
version: v1.55.2
args: --config=.golangci.yml --verbose
format:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Install Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
# renovate: datasource=golang-version depName=go
go-version: '1.21.6'
- name: Check gofmt formatting
run: |
go fmt ./...
git diff --exit-code || (echo "gofmt checks failed. Please run 'go -w fmt ./...', and submit your changes"; exit 1)
- name: Build clang-format Docker image
run: docker build -f Dockerfile.clang-format -t "isovalent/clang-format:latest" .
- name: Verify clang-format on BPF code
run: |
set -o pipefail
find bpf -name '*.c' -o -name '*.h' -not -path 'bpf/include/vmlinux.h' \
-not -path 'bpf/include/api.h' -not -path 'bpf/libbpf/*' | xargs -n 1000 \
docker run -v $(realpath .):/tetragon "isovalent/clang-format:latest" --Werror -n -style=file
if [ $? != 0 ]; then
echo "clang-format checks failed. Please run 'make format' and submit your changes."; exit 1
fi
vendoring:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Install Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
# renovate: datasource=golang-version depName=go
go-version: '1.21.6'
- name: Check module vendoring
run: |
make vendor
echo "git status --porcelain:" `git status --porcelain`
test -z "$(git status --porcelain)" || (echo "Module vendoring checks failed. Please run 'make vendor', and submit your changes"; exit 1)
build-cli:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Build CLI release binaries
run: make cli-release