Skip to content

tetragon: Setup execve_map max entries #11119

tetragon: Setup execve_map max entries

tetragon: Setup execve_map max entries #11119

name: Run static checks
on:
push:
branches:
- main
- v*
paths-ignore:
- 'docs/**'
- '**.md'
pull_request:
paths-ignore:
- 'docs/**'
- '**.md'
permissions:
# For golangci/golangci-lint to have read access to pull request for `only-new-issues` option.
contents: read
jobs:
ensure-no-binary-checkin:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Ensure No Binary Files Checked In
run: |
echo "Checking for any checked in binary files not in allowlist..."
outfile="$(mktemp)"
find . -type f -size +0 -not -wholename '**/vendor/**' -not -wholename '**/_vendor/**' -not -wholename '**/.git/**' -not -name '*.png' -not -name '*.jpg' -not -name '*.ico' | xargs -n 100 grep -IL '' | tee "$outfile"
test -z "$(cat $outfile)"
golangci-lint:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Install Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
# renovate: datasource=golang-version depName=go
go-version: '1.23.5'
# using golangci-lint cache instead
cache: false
- name: Run golangci-lint
uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1
with:
# renovate: datasource=docker depName=docker.io/golangci/golangci-lint
version: v1.63.4
args: --config=.golangci.yml --verbose
format:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Install Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
# renovate: datasource=golang-version depName=go
go-version: '1.23.5'
- name: Check gofmt formatting
run: |
go fmt ./...
git diff --exit-code || (echo "gofmt checks failed. Please run 'go -w fmt ./...', and submit your changes"; exit 1)
- name: Build clang-format Docker image
run: docker build -f Dockerfile.clang-format -t "isovalent/clang-format:latest" .
- name: Verify clang-format on BPF code
run: |
set -o pipefail
find bpf -name '*.c' -o -name '*.h' | xargs -n 1000 \
docker run -v $(realpath .):/tetragon "isovalent/clang-format:latest" --Werror -n -style=file
if [ $? != 0 ]; then
echo "clang-format checks failed. Please run 'make format' and submit your changes."; exit 1
fi
vendoring:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Install Go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
# renovate: datasource=golang-version depName=go
go-version: '1.23.5'
- name: Check module vendoring
run: |
make vendor
echo "git status --porcelain:" `git status --porcelain`
test -z "$(git status --porcelain)" || (echo "Module vendoring checks failed. Please run 'make vendor', and submit your changes"; exit 1)
build-cli:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Build CLI release binaries
run: make cli-release