add ci coverage for example bytecode images #123
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build | |
| on: | |
| push: | |
| branches: [main] | |
| tags: | |
| - "v*" | |
| pull_request: | |
| branches: | |
| - main | |
| env: | |
| CARGO_TERM_COLOR: always | |
| jobs: | |
| check-license: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 3 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Check License Header | |
| uses: apache/skywalking-eyes@f461a46e74e5fa22e9f9599a355ab4f0ac265469 | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Install dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -qy \ | |
| git \ | |
| clang \ | |
| llvm \ | |
| protobuf-compiler \ | |
| cmake \ | |
| perl \ | |
| libssl-dev \ | |
| gcc-multilib \ | |
| libelf-dev | |
| - uses: actions/checkout@v4 | |
| - uses: actions/checkout@v4 | |
| with: | |
| repository: libbpf/libbpf | |
| path: libbpf | |
| - uses: actions-rs/toolchain@v1 | |
| with: | |
| toolchain: stable | |
| override: true | |
| - uses: actions-rs/toolchain@v1 | |
| with: | |
| toolchain: nightly | |
| components: rustfmt, clippy, rust-src | |
| override: false | |
| - uses: Swatinem/rust-cache@v2 | |
| - name: Install cargo-llvm-cov | |
| uses: taiki-e/install-action@cargo-llvm-cov | |
| - uses: taiki-e/install-action@v2 | |
| with: | |
| tool: taplo-cli | |
| - run: taplo fmt --check | |
| - name: Check C formatting | |
| run: git ls-files -- '*.c' '*.h' | xargs clang-format --dry-run --Werror | |
| - name: Build eBPF | |
| run: | | |
| cargo xtask build-ebpf --libbpf-dir ./libbpf | |
| - name: Check formatting | |
| run: | | |
| cargo +nightly fmt --all -- --check | |
| - name: Run clippy | |
| run: | | |
| cargo +nightly clippy --all -- --deny warnings | |
| - name: Build | |
| run: cargo build --verbose | |
| ## If the push is a tag....build and upload the release bpfd and bpfctl binaries to an archive | |
| - name: Build-Release | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| run: | | |
| rustup target add x86_64-unknown-linux-musl | |
| cargo build --release --target x86_64-unknown-linux-musl | |
| - name: Package-Binaries | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| run: | | |
| tar -czvf bpfctl-linux-x86_64.tar.gz ./target/x86_64-unknown-linux-musl/release/bpfctl | |
| tar -czvf bpfd-linux-x86_64.tar.gz ./target/x86_64-unknown-linux-musl/release/bpfd | |
| - name: Archive bpfd and bpfctl Release Binaries | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: bpfd-release | |
| path: | | |
| ./bpfctl-linux-x86_64.tar.gz | |
| ./bpfd-linux-x86_64.tar.gz | |
| - name: Run tests | |
| run: cargo llvm-cov test --all-features -p bpfd -p bpfd-api -p bpfctl --lcov --output-path lcov.info | |
| env: | |
| RUST_BACKTRACE: full | |
| - name: Archive Rust code coverage results | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: coverage | |
| path: lcov.info | |
| if-no-files-found: error | |
| ## Build go modules | |
| build-go: | |
| runs-on: ubuntu-latest | |
| # k8s codegen requires this to be set | |
| env: | |
| GOPATH: ${{ github.workspace }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| path: ${{ env.GOPATH }}/src/github.com/bpfd-dev/bpfd | |
| - uses: actions/setup-go@v4 | |
| with: | |
| go-version: "1.20" | |
| - name: Go mod check | |
| working-directory: ${{ env.GOPATH }}/src/github.com/bpfd-dev/bpfd | |
| run: | | |
| go mod tidy | |
| git diff --exit-code go.mod go.sum | |
| - name: Lint | |
| uses: golangci/golangci-lint-action@v3 | |
| with: | |
| # Keep this version synced with /bpfd/scripts/verify-golint.sh | |
| working-directory: ${{ env.GOPATH }}/src/github.com/bpfd-dev/bpfd | |
| version: v1.54.2 | |
| skip-cache: true | |
| skip-pkg-cache: true | |
| skip-build-cache: true | |
| args: -v --timeout 5m --enable=gofmt | |
| - name: Build Examples | |
| working-directory: ${{ env.GOPATH }}/src/github.com/bpfd-dev/bpfd/examples | |
| run: | | |
| go build ./... | |
| - name: Build Operator | |
| working-directory: ${{ env.GOPATH }}/src/github.com/bpfd-dev/bpfd/bpfd-operator | |
| run: make build | |
| - name: Verify Operator | |
| working-directory: ${{ env.GOPATH }}/src/github.com/bpfd-dev/bpfd/bpfd-operator | |
| run: make verify | |
| - name: Run Tests | |
| working-directory: ${{ env.GOPATH }}/src/github.com/bpfd-dev/bpfd/bpfd-operator | |
| run: make test | |
| - name: Archive Go code coverage results | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: coverage | |
| path: ${{ env.GOPATH }}/src/github.com/bpfd-dev/bpfd/bpfd-operator/cover.out | |
| if-no-files-found: error | |
| basic-integration-tests: | |
| runs-on: ubuntu-latest | |
| needs: ["build", "build-go"] | |
| env: | |
| CARGO_TERM_COLOR: always | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install deps | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y git clang llvm protobuf-compiler cmake perl acl openssl pkgconf gcc-multilib | |
| - uses: actions/checkout@v4 | |
| with: | |
| repository: libbpf/libbpf | |
| path: libbpf | |
| - uses: actions-rs/toolchain@v1 | |
| with: | |
| toolchain: nightly | |
| components: rust-src | |
| override: true | |
| - name: Build eBPF | |
| run: cargo xtask build-ebpf --libbpf-dir ./libbpf | |
| - name: Build bpfd | |
| run: cargo build --verbose | |
| - name: Run the bpfd installer | |
| run: sudo ./scripts/setup.sh install | |
| - name: Give certs time to be created | |
| run: sleep 5 | |
| - name: Verify the bpfd systemd service is active | |
| run: systemctl is-active bpfd | |
| - name: Verify the bpfctl can reach bpfd | |
| run: sudo bpfctl list | |
| - name: Stop the bpfd systemd service | |
| run: sudo systemctl stop bpfd | |
| - name: Run integration tests | |
| run: cargo xtask integration-test | |
| kubernetes-integration-tests: | |
| needs: ["build", "build-go"] | |
| runs-on: ubuntu-latest | |
| env: | |
| BPFD_IMG: "quay.io/bpfd/bpfd:int-test" | |
| BPFD_AGENT_IMG: "quay.io/bpfd/bpfd-agent:int-test" | |
| BPFD_OPERATOR_IMG: "quay.io/bpfd/bpfd-operator:int-test" | |
| ## This should match what's found in bpfd/bpfd-operator/config/certmanager/kustomization.yaml | |
| CERTMANAGER_VERSION: "v1.10.1" | |
| steps: | |
| - name: setup golang | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version: "^1.19" | |
| - name: cache go modules | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/go/pkg/mod | |
| key: ${{ runner.os }}-build-codegen-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-build-codegen- | |
| - name: checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: build images | |
| run: cd bpfd-operator && make build-images | |
| - name: build example images | |
| run: cd examples && make build-us-images | |
| ## TODO(astoycos) Currently this is just done to ensure we have coverage | |
| ## on all image builds. Ultimately we should be running the integration | |
| ## tests with these locally built bytecode images. | |
| - name: build example images | |
| run: cd examples && make build-bc-images | |
| - name: run integration tests | |
| run: cd bpfd-operator && make test-integration | |
| ## Upload diagnostics if integration test step failed. | |
| - name: upload diagnostics | |
| if: ${{ failure() }} | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: kubernetes-integration-test-diag | |
| path: /tmp/ktf-diag* | |
| if-no-files-found: ignore | |
| coverage: | |
| needs: ["build", "build-go"] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download coverage artifacts | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: coverage | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| fail_ci_if_error: true | |
| files: ./cover.out,./lcov.info | |
| verbose: true | |
| # Creates Release | |
| # Copies built bpfctl + bpfd binaries to release artifacts | |
| # Publish's bpfd, bpfctl, and bpfd-api crates to crates.io | |
| release: | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| needs: ["build"] | |
| environment: crates.io | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set env | |
| run: | | |
| echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| name: bpfd-release | |
| - name: release | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| body_path: ./changelogs/CHANGELOG-${{ env.RELEASE_VERSION }}.md | |
| files: | | |
| bpfd-linux-x86_64.tar.gz | |
| bpfctl-linux-x86_64.tar.gz | |
| ## TODO once we're using an aya mainline version | |
| # - name: publish bpfd crate | |
| # run: cargo publish -p bpfd --token ${{ secrets.BPFD_DEV_TOKEN }} | |
| - name: publish bpfd-api crate | |
| run: cargo publish -p bpfd-api --token ${{ secrets.BPFD_DEV_TOKEN }} | |
| - name: publish bpfctl crate | |
| run: cargo publish -p bpfctl --token ${{ secrets.BPFD_DEV_TOKEN }} | |
| build-workflow-complete: | |
| needs: | |
| [ | |
| "check-license", | |
| "build", | |
| "build-go", | |
| "coverage", | |
| "basic-integration-tests", | |
| "kubernetes-integration-tests", | |
| ] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Build Complete | |
| run: echo "Build Complete" |