forked from cilium/cilium
-
Notifications
You must be signed in to change notification settings - Fork 0
159 lines (147 loc) · 5.96 KB
/
tests-datapath-verifier.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
name: Datapath BPF Complexity (ci-verifier)
# Any change in triggers needs to be reflected in the concurrency group.
on:
workflow_dispatch:
inputs:
PR-number:
description: "Pull request number."
required: true
context-ref:
description: "Context in which the workflow runs. If PR is from a fork, will be the PR target branch (general case). If PR is NOT from a fork, will be the PR branch itself (this allows committers to test changes to workflows directly from PRs)."
required: true
SHA:
description: "SHA under test (head of the PR branch)."
required: true
extra-args:
description: "[JSON object] Arbitrary arguments passed from the trigger comment via regex capture group. Parse with 'fromJson(inputs.extra-args).argName' in workflow."
required: false
default: '{}'
# Run every 6 hours
schedule:
- cron: '0 5/6 * * *'
# By specifying the access of one of the scopes, all of those that are not
# specified are set to 'none'.
permissions:
# To be able to access the repository with actions/checkout
contents: read
# To allow retrieving information from the PR API
pull-requests: read
# To be able to set commit status
statuses: write
concurrency:
# Structure:
# - Workflow name
# - Event type
# - A unique identifier depending on event type:
# - schedule: SHA
# - workflow_dispatch: PR number
#
# This structure ensures a unique concurrency group name is generated for each
# type of testing, such that re-runs will cancel the previous run.
group: |
${{ github.workflow }}
${{ github.event_name }}
${{
(github.event_name == 'schedule' && github.sha) ||
(github.event_name == 'workflow_dispatch' && github.event.inputs.PR-number)
}}
cancel-in-progress: true
env:
check_url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
# renovate: datasource=golang-version depName=go
go-version: 1.21.5
jobs:
commit-status-start:
name: Commit Status Start
runs-on: ubuntu-latest
steps:
- name: Set initial commit status
uses: myrotvorets/set-commit-status-action@38f3f27c7d52fb381273e95542f07f0fba301307 # v2.0.0
with:
sha: ${{ inputs.SHA || github.sha }}
setup-and-test:
runs-on: ubuntu-latest-4cores-16gb
name: Setup & Test
strategy:
fail-fast: false
matrix:
include:
# renovate: datasource=docker depName=quay.io/lvh-images/kind
- kernel: '4.19-20231128.100518'
ci-kernel: '419'
# renovate: datasource=docker depName=quay.io/lvh-images/kind
- kernel: '5.4-20231128.100518'
ci-kernel: '54'
# renovate: datasource=docker depName=quay.io/lvh-images/kind
- kernel: '5.10-20231128.100518'
ci-kernel: '510'
# renovate: datasource=docker depName=quay.io/lvh-images/kind
- kernel: '5.15-20231128.100518'
ci-kernel: '510'
# renovate: datasource=docker depName=quay.io/lvh-images/kind
- kernel: '6.1-20231128.100518'
ci-kernel: '61'
# renovate: datasource=docker depName=quay.io/lvh-images/kind
- kernel: 'bpf-next-20231211.012942'
ci-kernel: 'netnext'
timeout-minutes: 60
steps:
# Warning: since this is a privileged workflow, subsequent workflow job
# steps must take care not to execute untrusted code.
- name: Checkout pull request branch (NOT TRUSTED)
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
ref: ${{ inputs.SHA || github.sha }}
persist-credentials: false
- name: Provision LVH VMs
uses: cilium/little-vm-helper@8410a93e544b7e180a2365e5fdab0724a39bc02a # v0.0.13
with:
test-name: datapath-bpf-complexity
image: 'complexity-test'
image-version: ${{ matrix.kernel }}
host-mount: ./
cpu: 4
install-dependencies: 'true'
cmd: |
for i in {1..5}; do curl "https://golang.org" > /dev/null 2>&1 && break || sleep 5; echo "Waiting for systemd-resolved to be ready..."; done
git config --global --add safe.directory /host
uname -a
# The LVH image might ship with an arbitrary Go toolchain version,
# install the same Go toolchain version as current HEAD.
CGO_ENABLED=0 GOPROXY=direct GOSUMDB= go install golang.org/dl/go${{ env.go-version }}@latest
go${{ env.go-version }} download
- name: Run verifier tests
uses: cilium/little-vm-helper@8410a93e544b7e180a2365e5fdab0724a39bc02a # v0.0.13
with:
provision: 'false'
cmd: |
cd /host/
# Run with cgo disabled, LVH images don't ship with gcc.
CGO_ENABLED=0 go${{ env.go-version }} test -v -parallel=1 ./test/verifier -cilium-base-path /host -ci-kernel-version ${{ matrix.ci-kernel }}
- name: Fetch artifacts
if: ${{ !success() }}
uses: cilium/little-vm-helper@8410a93e544b7e180a2365e5fdab0724a39bc02a # v0.0.13
with:
provision: 'false'
cmd: |
cd /host
mkdir datapath-verifier
find test/verifier \( -name "*.log" -o -name "*.o" \) -exec cp -v {} datapath-verifier/ \;
- name: Upload artifacts
if: ${{ !success() }}
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: datapath-verifier_${{ matrix.kernel }}
path: datapath-verifier
retention-days: 5
commit-status-final:
if: ${{ always() }}
name: Commit Status Final
needs: setup-and-test
runs-on: ubuntu-latest
steps:
- name: Set final commit status
uses: myrotvorets/set-commit-status-action@38f3f27c7d52fb381273e95542f07f0fba301307 # v2.0.0
with:
sha: ${{ inputs.SHA || github.sha }}
status: ${{ needs.setup-and-test.result }}