Skip to content

changecrd

changecrd #40

name: Packages e2e Tests
on:
pull_request:
paths-ignore:
- "**.md"
- 'docs/**'
jobs:
standalone-tests:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
include:
# We use the native arch build
- os: ubuntu-22.04
arch: amd64
match_arch: x86-64
- os: buildjet-2vcpu-ubuntu-2204-arm
arch: arm64
match_arch: arm64
steps:
# https://github.com/docker/setup-buildx-action
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
- name: Checkout Source Code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
persist-credentials: false
fetch-depth: 0
submodules: true
- name: Getting version tag
id: tag
run: echo "tag=$(make version)" >> $GITHUB_OUTPUT
# Logging into Docker Hub makes the job less flaky, but it relies on repo secrets so
# does not work for external contributors. Let's compromise and do this for internal
# PRs at least (for now). We can always improve the situation later.
- name: Login to Docker Hub
if: ${{ github.event.pull_request.head.repo.full_name == 'cilium/tetragon' }}
uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
with:
username: ${{ secrets.DOCKER_HUB_USERNAME_CI }}
password: ${{ secrets.DOCKER_HUB_PASSWORD_CI }}
- name: Generate Tetragon Tarball
id: tetragon-tarball
run: make tarball
- name: Copy bpf.yaml tracing policy to /etc/tetragon/tetragon.tp.d/
run: |
sudo mkdir -p /etc/tetragon/tetragon.tp.d/
sudo cp examples/tracingpolicy/bpf.yaml /etc/tetragon/tetragon.tp.d/bpf.yaml
- name: Install Tetragon Tarball
run: |
tar zxvf tetragon-${{ steps.tag.outputs.tag }}-${{ matrix.arch }}.tar.gz
sudo ./tetragon-${{ steps.tag.outputs.tag }}-${{ matrix.arch }}/install.sh
working-directory: ./build/${{ matrix.arch }}/linux-tarball/
- name: Wait for Tetragon service
uses: nick-fields/retry@14672906e672a08bd6eeb15720e9ed3ce869cdd4 # v2
with:
timeout_seconds: 30
max_attempts: 5
retry_wait_seconds: 5
retry_on: error
command: |
# Ensure that default native builds work
file /usr/local/bin/tetragon | grep ${{ matrix.match_arch }} -
sudo systemctl is-active tetragon
sudo tetra status
- name: Check Tetragon startup logs
run: sudo journalctl -b -u tetragon --no-pager
- name: Test Tetragon
run: |
sudo tetra status
sudo grep "tetra" /var/log/tetragon/tetragon.log
sudo tetra tracingpolicy list | grep bpf -
sudo tetra bugtool
test $(stat -c %a /var/run/tetragon/tetragon.sock) -eq "660"
- name: Uninstall Tetragon Tarball
run: |
sudo ./tetragon-${{ steps.tag.outputs.tag }}-${{ matrix.arch }}/uninstall.sh
working-directory: ./build/${{ matrix.arch }}/linux-tarball/