Skip to content

tetragon: Setup execve_map max entries #9813

tetragon: Setup execve_map max entries

tetragon: Setup execve_map max entries #9813

Workflow file for this run

name: vmtests
on:
pull_request:
paths-ignore:
- 'docs/**'
push:
branches:
- main
paths-ignore:
- 'docs/**'
jobs:
build:
name: Build tetragon
runs-on: ubuntu-latest
timeout-minutes: 30
concurrency:
group: ${{ github.ref }}-vmtest-build
cancel-in-progress: true
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: go/src/github.com/cilium/tetragon/
- name: Install Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
# renovate: datasource=golang-version depName=go
go-version: '1.23.4'
- name: Install build dependencies
run: |
sudo apt-get update
sudo apt-get install -y libelf-dev netcat-traditional libcap-dev gcc libc6-dev-i386
echo `which clang`
echo `which llc`
echo `clang --version`
- name: Build
env:
GOPATH: /home/runner/work/tetragon/tetragon/go
run: |
cd go/src/github.com/cilium/tetragon/
make -j3 tetragon-bpf tester-progs test-compile
make -C tests/vmtests
- name: Split tests
run: |
# see testfile below
cd go/src/github.com/cilium/tetragon/
go run ./tools/split-tetragon-gotests -ci-run 1
- name: tar build
run: |
cd go/src/github.com/cilium/
tar cz --exclude='tetragon/.git' -f /tmp/tetragon.tar ./tetragon
- name: upload build
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
with:
name: tetragon-build
path: /tmp/tetragon.tar
retention-days: 5
test:
strategy:
fail-fast: false
matrix:
kernel:
# renovate: datasource=docker depName=quay.io/lvh-images/kernel-images
- 'rhel8.9-20240806.173325'
# renovate: datasource=docker depName=quay.io/lvh-images/kernel-images
- 'bpf-next-20250110.013326'
# renovate: datasource=docker depName=quay.io/lvh-images/kernel-images
- '6.6-20241218.004849'
# renovate: datasource=docker depName=quay.io/lvh-images/kernel-images
- '6.1-20241218.004849'
# renovate: datasource=docker depName=quay.io/lvh-images/kernel-images
- '5.15-20241218.004849'
# renovate: datasource=docker depName=quay.io/lvh-images/kernel-images
- '5.10-20241218.004849'
# renovate: datasource=docker depName=quay.io/lvh-images/kernel-images
- '5.4-20241218.004849'
# renovate: datasource=docker depName=quay.io/lvh-images/kernel-images
- '4.19-20241218.004849'
group:
- 0
concurrency:
group: ${{ github.ref }}-vmtest-${{ matrix.kernel }}-${{ matrix.group }}
cancel-in-progress: true
needs: build
name: Test kernel ${{ matrix.kernel }} / test group ${{ matrix.group }}
runs-on: ubuntu-latest
timeout-minutes: 60
steps:
- name: Install VM test dependencies
run: |
sudo apt-get update
sudo apt-cache search qemu
sudo apt-get install -y mmdebstrap libguestfs-tools qemu-utils qemu-system-x86 cpu-checker qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils virtinst virt-manager isc-dhcp-client
- name: Make kernel accessible
run: |
sudo chmod go+rX -R /boot/
- name: download build data
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: tetragon-build
- name: extract build data
# NB: currently, due to how tests work, we need to extract to the same path.
run: |
mkdir -p go/src/github.com/cilium/
tar xf tetragon.tar -C go/src/github.com/cilium
- name: test kernel ${{ matrix.kernel }}
if: ${{ !startsWith(matrix.kernel, '4.19') }}
run: |
cd go/src/github.com/cilium/tetragon
./tests/vmtests/fetch-data.sh ${{ matrix.kernel }}
kimage=$(find tests/vmtests/test-data/kernels -path "*vmlinuz*" -type f)
echo "Using: kernel:$kimage"
sudo ./tests/vmtests/tetragon-vmtests-run \
--kernel ${kimage} \
--kernel-ver ${{ matrix.kernel }} \
--base tests/vmtests/test-data/images/base.qcow2 \
--enable-detailed-results \
--testsfile ./tests/vmtests/test-group-${{ matrix.group }}
- name: test kernel ${{ matrix.kernel }} with btf file
if: ${{ startsWith(matrix.kernel, '4.19') }}
run: |
cd go/src/github.com/cilium/tetragon
./tests/vmtests/fetch-data.sh ${{ matrix.kernel }}
kimage=$(find tests/vmtests/test-data/kernels -path "*vmlinuz*" -type f)
btf=$(find tests/vmtests/test-data/kernels -path "*btf*" -type f)
echo "Using: kernel:$kimage bptf:$btf"
sudo ./tests/vmtests/tetragon-vmtests-run \
--kernel ${kimage} \
--kernel-ver ${{ matrix.kernel }} \
--btf-file ${btf} \
--base tests/vmtests/test-data/images/base.qcow2 \
--enable-detailed-results \
--testsfile ./tests/vmtests/test-group-${{ matrix.group }}
- name: Chmod test results on failure or cancelation
if: failure() || cancelled()
run: |
sudo chmod -R go+rX go/src/github.com/cilium/tetragon/tests/vmtests/vmtests-results-*
- name: Upload test results on failure or cancelation
if: failure() || cancelled()
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
with:
name: tetragon-vmtests-${{ matrix.kernel }}-${{ matrix.group }}-results
path: go/src/github.com/cilium/tetragon/tests/vmtests/vmtests-results-*
retention-days: 5
post-test:
runs-on: ubuntu-latest
needs: [test]
if: success()
steps:
# delete the built binaries from the artifacts in case of overall success
- uses: geekyeggo/delete-artifact@f275313e70c08f6120db482d7a6b98377786765b # v5.1.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
name: tetragon-build