gha: add tetragon-rthooks workflow

This workflow builds and tests tetragon-rthooks. Currently, the test check the output of the hook against the pod information. Signed-off-by: Kornilios Kourtis <[email protected]>
cilium · Aug 7, 2024 · e7c1d61 · e7c1d61
1 parent c044e6f
commit e7c1d61
Show file tree

Hide file tree

Showing 2 changed files with 84 additions and 1 deletion.
diff --git a/.github/workflows/tetragon-rthook-pr.yaml b/.github/workflows/tetragon-rthook-pr.yaml
@@ -0,0 +1,83 @@
+name: tetragon-rthooks test
+on:
+  pull_request:
+    paths:
+      - 'contrib/tetragon-rthooks/**'
+  push:
+    branches:
+      - main
+    paths:
+      - 'contrib/tetragon-rthooks/**'
+
+jobs:
+  build:
+    name: Build tetragon-rthooks
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    concurrency:
+      group: ${{ github.ref }}-rthooks-build
+      cancel-in-progress: true
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+      with:
+        path: go/src/github.com/cilium/tetragon/
+
+    - name: Install Go
+      uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
+      with:
+        # renovate: datasource=golang-version depName=go
+        go-version: '1.22.5'
+
+    - name: Build
+      env:
+        GOPATH: /home/runner/work/tetragon/tetragon/go
+      run: |
+        cd go/src/github.com/cilium/tetragon/contrib/tetragon-rthooks
+        make
+
+    - name: tar build
+      run: |
+        cd go/src/github.com/cilium/tetragon/contrib
+        tar cz -f /tmp/tetragon-rthooks.tar ./tetragon-rthooks
+
+    - name: upload build
+      uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
+      with:
+         name: tetragon-rthooks-build
+         path: /tmp/tetragon-rthooks.tar
+         retention-days: 1
+  test:
+    needs: build
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+    strategy:
+        fail-fast: false
+        matrix:
+           cri:
+            - "containerd"
+            - "crio"
+    concurrency:
+      group: ${{ github.ref }}-rthooks-test-${{ matrix.cri }}
+      cancel-in-progress: true
+    steps:
+    - name: start minikube
+      uses: medyagh/setup-minikube@latest
+      with:
+        driver: docker
+        container-runtime: ${{ matrix.cri }}
+
+    - name: download build data
+      uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
+      with:
+         name: tetragon-rthooks-build
+
+    - name: extract build data
+      run: |
+        tar xf tetragon-rthooks.tar
+
+    - name: run test
+      run: |
+        cd tetragon-rthooks
+        ./scripts/minikube-install-hook.sh
+        ./scripts/minikube-test-hook.sh
diff --git a/contrib/tetragon-rthooks/scripts/minikube-test-hook.sh b/contrib/tetragon-rthooks/scripts/minikube-test-hook.sh
@@ -50,7 +50,7 @@ declare -A logJqExpr=(
 	[podName]='.["req-podName"]'
 )
 
-kubectl wait --timeout=5m -n $ns --for=condition=ready pod $pod_name
+kubectl wait -n $ns --for=condition=ready pod $pod_name || kubectl describe pod/$pod_name && false
 
 pod=$(mktemp --tmpdir pod-XXXX)
 kubectl -n $ns get pods/$pod_name -o json > $pod