Static workflow #107
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
pull_request: | |
types: | |
- opened | |
- edited | |
- reopened | |
- synchronize | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
name: Static checks | |
jobs: | |
check-kernel-config-version: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout the code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Ensure the kernel config version has been updated | |
run: | | |
kernel_dir="tools/packaging/kernel/" | |
kernel_version_file="${kernel_dir}kata_config_version" | |
modified_files=$(git diff --name-only origin/$GITHUB_BASE_REF..HEAD) | |
if git diff --name-only origin/$GITHUB_BASE_REF..HEAD "${kernel_dir}" | grep "${kernel_dir}"; then | |
echo "Kernel directory has changed, checking if $kernel_version_file has been updated" | |
if echo "$modified_files" | grep -v "README.md" | grep "${kernel_dir}" >>"/dev/null"; then | |
echo "$modified_files" | grep "$kernel_version_file" >>/dev/null || ( echo "Please bump version in $kernel_version_file" && exit 1) | |
else | |
echo "Readme file changed, no need for kernel config version update." | |
fi | |
echo "Check passed" | |
fi | |
build-checks: | |
strategy: | |
fail-fast: false | |
matrix: | |
component: | |
- agent | |
- dragonball | |
- runtime | |
- runtime-rs | |
- agent-ctl | |
- kata-ctl | |
- runk | |
- trace-forwarder | |
command: | |
- "make vendor" | |
- "make check" | |
- "make test" | |
- "sudo -E PATH=\"$PATH\" make test" | |
include: | |
- component: agent | |
component-path: src/agent | |
- component: dragonball | |
component-path: src/dragonball | |
- component: runtime | |
component-path: src/runtime | |
- component: runtime-rs | |
component-path: src/runtime-rs | |
- component: agent-ctl | |
component-path: src/tools/agent-ctl | |
- component: kata-ctl | |
component-path: src/tools/kata-ctl | |
- component: runk | |
component-path: src/tools/runk | |
- component: trace-forwarder | |
component-path: src/tools/trace-forwarder | |
- install-libseccomp: no | |
- component: agent | |
install-libseccomp: yes | |
- component: runk | |
install-libseccomp: yes | |
instance: | |
- "ubuntu-20.04" | |
- "arm-no-k8s" | |
- "s390x" | |
- "ppc64le" | |
runs-on: ${{ matrix.instance }} | |
steps: | |
- name: Adjust a permission for repo | |
run: | | |
sudo chown -R $USER:$USER $GITHUB_WORKSPACE $HOME | |
sudo rm -f /tmp/kata_hybrid* # Sometime we got leftover from test_setup_hvsock_failed() | |
if: ${{ matrix.instance != 'ubuntu-20.04' }} | |
- name: Checkout the code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Install yq | |
run: | | |
./ci/install_yq.sh | |
env: | |
INSTALL_IN_GOPATH: false | |
- name: Install golang | |
if: ${{ matrix.component == 'runtime' }} | |
run: | | |
./tests/install_go.sh -f -p | |
echo "/usr/local/go/bin" >> $GITHUB_PATH | |
- name: Install rust | |
if: ${{ matrix.component != 'runtime' }} | |
run: | | |
./tests/install_rust.sh | |
echo "${HOME}/.cargo/bin" >> $GITHUB_PATH | |
- name: Install musl-tools | |
if: ${{ matrix.component != 'runtime' }} | |
run: sudo apt-get -y install musl-tools | |
- name: Install devicemapper | |
if: ${{ matrix.command == 'make check' && matrix.component == 'agent' }} | |
run: sudo apt-get -y install libdevmapper-dev | |
- name: Install libseccomp | |
if: ${{ matrix.command != 'make vendor' && matrix.command != 'make check' && matrix.install-libseccomp == 'yes' }} | |
run: | | |
libseccomp_install_dir=$(mktemp -d -t libseccomp.XXXXXXXXXX) | |
gperf_install_dir=$(mktemp -d -t gperf.XXXXXXXXXX) | |
./ci/install_libseccomp.sh "${libseccomp_install_dir}" "${gperf_install_dir}" | |
echo "Set environment variables for the libseccomp crate to link the libseccomp library statically" | |
echo "LIBSECCOMP_LINK_TYPE=static" >> $GITHUB_ENV | |
echo "LIBSECCOMP_LIB_PATH=${libseccomp_install_dir}/lib" >> $GITHUB_ENV | |
- name: Install protobuf-compiler | |
if: ${{ matrix.command == 'make check' && matrix.component == 'agent' }} | |
run: sudo apt-get -y install protobuf-compiler | |
- name: Setup XDG_RUNTIME_DIR for the `runtime` tests | |
if: ${{ matrix.command != 'make vendor' && matrix.command != 'make check' && matrix.component == 'runtime' }} | |
run: | | |
XDG_RUNTIME_DIR=$(mktemp -d /tmp/kata-tests-$USER.XXX | tee >(xargs chmod 0700)) | |
echo "XDG_RUNTIME_DIR=${XDG_RUNTIME_DIR}" >> $GITHUB_ENV | |
- name: Running `${{ matrix.command }}` for ${{ matrix.component }} | |
if: ${{ !( matrix.instance == 'ppc64le' && matrix.command == 'make sudo -E PATH=\"$PATH\" make test' && matrix.component == 'agent' ) != 'false' }} | |
run: | | |
cd ${{ matrix.component-path }} | |
${{ matrix.command }} | |
env: | |
RUST_BACKTRACE: "1" | |
build-checks-depending-on-kvm: | |
runs-on: garm-ubuntu-2004-smaller | |
strategy: | |
fail-fast: false | |
matrix: | |
component: | |
- runtime-rs | |
include: | |
- component: runtime-rs | |
command: "sudo -E env PATH=$PATH LIBC=gnu SUPPORT_VIRTUALIZATION=true make test" | |
- component: runtime-rs | |
component-path: src/dragonball | |
steps: | |
- name: Checkout the code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Install system deps | |
run: | | |
sudo apt-get install -y build-essential musl-tools | |
- name: Install yq | |
run: | | |
sudo -E ./ci/install_yq.sh | |
env: | |
INSTALL_IN_GOPATH: false | |
- name: Install rust | |
run: | | |
export PATH="$PATH:/usr/local/bin" | |
./tests/install_rust.sh | |
- name: Running `${{ matrix.command }}` for ${{ matrix.component }} | |
run: | | |
export PATH="$PATH:${HOME}/.cargo/bin" | |
cd ${{ matrix.component-path }} | |
${{ matrix.command }} | |
env: | |
RUST_BACKTRACE: "1" | |
static-checks: | |
runs-on: ubuntu-20.04 | |
strategy: | |
fail-fast: false | |
matrix: | |
cmd: | |
- "make static-checks" | |
env: | |
GOPATH: ${{ github.workspace }} | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
path: ./src/github.com/${{ github.repository }} | |
- name: Install yq | |
run: | | |
cd ${GOPATH}/src/github.com/${{ github.repository }} | |
./ci/install_yq.sh | |
env: | |
INSTALL_IN_GOPATH: false | |
- name: Install golang | |
run: | | |
cd ${GOPATH}/src/github.com/${{ github.repository }} | |
./tests/install_go.sh -f -p | |
echo "/usr/local/go/bin" >> $GITHUB_PATH | |
- name: Install system dependencies | |
run: | | |
sudo apt-get -y install moreutils hunspell hunspell-en-gb hunspell-en-us pandoc | |
- name: Run check | |
run: | | |
export PATH=${PATH}:${GOPATH}/bin | |
cd ${GOPATH}/src/github.com/${{ github.repository }} && ${{ matrix.cmd }} |