Skip to content
Test Container

dwarffi updates: kffi, uprobes, and syscalls #2034

Sign in to view logs

dwarffi updates: kffi, uprobes, and syscalls

dwarffi updates: kffi, uprobes, and syscalls #2034

Workflow file for this run

.github/workflows/build.yaml at 573749d
name: Test Container
on:
pull_request:
branches:
- main
env:
REGISTRY: ${{ secrets.REHOSTING_ARC_REGISTRY || 'harbor.harbor.svc.cluster.local' }}
USER: ${{ secrets.REHOSTING_ARC_REGISTRY_USER || 'external' }}
CACHE: ${{ secrets.REHOSTING_ARC_REGISTRY && format('{0}/proxy', secrets.REHOSTING_ARC_REGISTRY) || 'docker.io' }}
TARGET: ${{ secrets.REHOSTING_ARC_REGISTRY || 'harbor.harbor.svc.cluster.local/external' }}
EXTERNAL_REGISTRY_PASS: 'PctyVGasz15Pn9M0yA9yMNwOawFaXnk3Tl4N'
jobs:
changes:
if: ${{ !github.event.pull_request.draft }}
runs-on: ubuntu-latest
outputs:
run_lint: ${{ steps.filter.outputs.python }}
run_tests: ${{ steps.filter.outputs.code }}
steps:
- uses: actions/checkout@v4
- id: filter
uses: dorny/paths-filter@v3
with:
predicate-quantifier: 'every' # require file to satisfy all positives and none of the negatives
filters: |
# Treat anything outside docs/.github/README/etc as "code"
code:
- '**'
- '!docs/**'
- '!.github/**'
- '!README.md'
- '!LICENSE'
- '!**/.gitignore'
python:
- '**/*.py'
lint:
if: ${{ !github.event.pull_request.draft }}
runs-on: rehosting-arc
needs: changes
steps:
- uses: actions/checkout@v5
if: ${{ needs.changes.outputs.run_lint == 'true' }}
with:
fetch-depth: 0
- name: Set up Python
if: ${{ needs.changes.outputs.run_lint == 'true' }}
uses: actions/setup-python@v6
with:
python-version: "3.10.12"
- name: Install dependencies
if: ${{ needs.changes.outputs.run_lint == 'true' }}
run: pip install flake8 lintly markupsafe==2.0.1
- name: Lint with flake8
if: ${{ needs.changes.outputs.run_lint == 'true' && github.event.pull_request.head.repo.full_name == github.repository }}
run: |
set -o pipefail
(flake8 | lintly) 2>lintly.err || {
if grep -q 'diff exceeded the maximum number of lines' lintly.err; then
echo "Bypassing lint failure due to large diff."
exit 0
else
cat lintly.err
exit 1
fi
}
env:
LINTLY_API_KEY: ${{ secrets.GITHUB_TOKEN }}
- name: External lint
if: ${{ needs.changes.outputs.run_lint == 'true' && github.event.pull_request.head.repo.full_name != github.repository }}
run: |
flake8
build_container:
runs-on: rehosting-arc
needs: [changes, lint]
if: ${{ !github.event.pull_request.draft }}
steps:
- name: Checkout code
if: ${{ needs.changes.outputs.run_tests == 'true' }}
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Trust Harbor's self-signed certificate
if: ${{ needs.changes.outputs.run_tests == 'true' }}
run: |
echo "Fetching certificate from ${{ env.REGISTRY }}"
openssl s_client -showcerts -connect ${{ env.REGISTRY }}:443 < /dev/null 2>/dev/null | openssl x509 -outform PEM | sudo tee /usr/local/share/ca-certificates/harbor.crt > /dev/null
sudo update-ca-certificates
- name: Set up Docker Buildx
if: ${{ needs.changes.outputs.run_tests == 'true' }}
uses: docker/setup-buildx-action@v3
with:
driver-opts: |
image=moby/buildkit:master
network=host
buildkitd-config-inline: |
[registry."${{ env.REGISTRY }}"]
insecure = true
http = true
- name: Log in to Rehosting Arc Registry
if: ${{ needs.changes.outputs.run_tests == 'true' }}
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ env.USER }}
password: ${{ secrets.REHOSTING_ARC_REGISTRY_PASSWORD || env.EXTERNAL_REGISTRY_PASS }}
- name: Build Docker image and push to Docker Hub
if: ${{ needs.changes.outputs.run_tests == 'true' }}
uses: docker/build-push-action@v6
with:
context: .
push: true
tags: ${{ env.TARGET }}/rehosting/penguin:${{ github.sha }}
build-args: |
REGISTRY=${{ env.CACHE }}
cache-from: |
type=registry,ref=${{ env.TARGET }}/rehosting/penguin:cache,mode=max
type=registry,ref=${{ env.TARGET }}/rehosting/penguin:cache-PR-${{github.event.number}},mode=max
type=registry,ref=${{ env.TARGET }}/rehosting/penguin:cache_last_published,mode=max
cache-to: |
type=registry,ref=${{ env.TARGET }}/rehosting/penguin:cache,mode=max
type=registry,ref=${{ env.TARGET }}/rehosting/penguin:cache-PR-${{ github.event.number }}
run_tests:
needs: [changes, build_container]
runs-on: rehosting-arc
if: ${{ !github.event.pull_request.draft }}
strategy:
fail-fast: false
matrix:
arch: ["armel", "mipsel", "mipseb", "mips64el", "mips64eb", "powerpc64", "loongarch64", "aarch64", "x86_64", "riscv64"]
steps:
# using the version from here https://github.com/actions/runner-images/blob/main/images/ubuntu/Ubuntu2204-Readme.md
# makes things faster
- name: Set up Python
if: ${{ needs.changes.outputs.run_tests == 'true' }}
uses: actions/setup-python@v6
with:
python-version: "3.10.12"
- name: Install dependencies
if: ${{ needs.changes.outputs.run_tests == 'true' }}
run: pip install click pyyaml
- name: Checkout code
if: ${{ needs.changes.outputs.run_tests == 'true' }}
uses: actions/checkout@v5
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha || github.ref }}
- name: Trust Harbor's self-signed certificate
if: ${{ needs.changes.outputs.run_tests == 'true' }}
run: |
echo "Fetching certificate from ${{ env.REGISTRY }}"
openssl s_client -showcerts -connect ${{ env.REGISTRY }}:443 < /dev/null 2>/dev/null | openssl x509 -outform PEM | sudo tee /usr/local/share/ca-certificates/harbor.crt > /dev/null
sudo update-ca-certificates
- name: Set up Docker Buildx
if: ${{ needs.changes.outputs.run_tests == 'true' }}
uses: docker/setup-buildx-action@v3
with:
driver-opts: |
image=moby/buildkit:master
network=host
buildkitd-config-inline: |
[registry."${{ env.REGISTRY }}"]
insecure = true
http = true
- name: Log in to Rehosting Arc Registry
if: ${{ needs.changes.outputs.run_tests == 'true' }}
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ env.USER }}
password: ${{ secrets.REHOSTING_ARC_REGISTRY_PASSWORD || env.EXTERNAL_REGISTRY_PASS }}
# Locally tag as latest, just for testing
# Instead of 'docker pull', we use 'buildx build --load'.
# This forces the configured BuildKit container to fetch the image (ignoring SSL)
# and pipe it directly into the local Docker Daemon.
- name: Pull image via Buildx and Load to Daemon
if: ${{ needs.changes.outputs.run_tests == 'true' }}
run: |
echo "FROM ${{ env.TARGET }}/rehosting/penguin:${{ github.sha }}" | \
docker buildx build -t rehosting/penguin:latest --load -
- name: Basic test for ${{ matrix.arch }}
if: ${{ needs.changes.outputs.run_tests == 'true' }}
run: timeout 10m python3 $GITHUB_WORKSPACE/tests/unit_tests/basic_target/test.py --arch ${{ matrix.arch }}
- name: Test for ${{ matrix.arch }} all kernels
if: ${{ needs.changes.outputs.run_tests == 'true' }}
run: timeout 10m python3 $GITHUB_WORKSPACE/tests/unit_tests/test_target/test.py --arch ${{ matrix.arch }}
- name: Drop latest symlink
if: ${{ needs.changes.outputs.run_tests == 'true' }}
run: |
# Remove the 'latest' symlink to ensure we do not double-count results
rm -rf $GITHUB_WORKSPACE/tests/unit_tests/test_target/results/latest
- name: Test Report
uses: dorny/test-reporter@v2.1.1
if: ${{ needs.changes.outputs.run_tests == 'true' && ((success() || failure()) && github.event.pull_request.head.repo.full_name == github.repository)}}
with:
name: ${{ matrix.arch }}-test-results
path: ${{ github.workspace }}/tests/unit_tests/test_target/results/*/verifier.xml
reporter: java-junit
- name: Get artifact path
id: artifact
if: ${{ needs.changes.outputs.run_tests == 'true' && failure() }}
run: |
artifact_path=$(realpath $GITHUB_WORKSPACE/tests/unit_tests/test_target/results/latest/)
echo "artifact_path=${artifact_path}/*" >> "$GITHUB_OUTPUT"
- name: Debug info
if: ${{ needs.changes.outputs.run_tests == 'true' && failure() }}
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.arch }}-artifacts
path: ${{ steps.artifact.outputs.artifact_path }}