new: added a composite action + documentation.

Signed-off-by: Federico Di Pierro <[email protected]>
falcosecurity · Mar 7, 2024 · 1a3742e · 1a3742e
1 parent 834577f
commit 1a3742e
Show file tree

Hide file tree

Showing 4 changed files with 91 additions and 39 deletions.
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -14,7 +14,7 @@ jobs:
     outputs:
       crawler_changed: ${{ steps.filter.outputs.crawler }}
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: dorny/paths-filter@v2
         id: filter
         with:
@@ -29,25 +29,12 @@ jobs:
     if: needs.paths-filter.outputs.crawler_changed == 'true'
     steps:
       - name: Checkout repo ⤵️
-        uses: actions/checkout@v3
-
-      - name: Install deps
-        run: |
-          sudo apt update
-          sudo apt install python3 python3-pip python3-pygit2 jq
-
-      - name: Install crawler
-        run: |
-          pip3 install .
+        uses: actions/checkout@v4
 
       - name: Run crawler
-        run: |
-          kernel-crawler crawl --distro "*" > kernels.json
-
-      - name: Validate json
-        run: |
-          cat kernels.json | jq empty
+        id: crawler
+        uses: ./
 
       - uses: actions/upload-artifact@v3
         with:
-          path: kernels.json
+          path: ${{ steps.crawler.outputs.json }}
diff --git a/.github/workflows/update-kernels.yml b/.github/workflows/update-kernels.yml
@@ -14,36 +14,29 @@ concurrency:
 jobs:
   update-kernels:
     runs-on: ubuntu-latest
-    container:
-      image: falcosecurity/kernel-crawler:latest
-      options: -u root
     permissions:
       contents: read
       pages: write
       id-token: write
     steps:
-      - name: Checkout crawler
-        uses: actions/checkout@v3
-
       - name: Run crawler for x86_64
-        run: |
-          mkdir site/x86_64
-          kernel-crawler crawl --distro="*" > site/x86_64/list.json
+        id: crawler_x86_64
+        uses: falcosecurity/kernel-crawler@main
+        with:
+          arch: 'x86_64'
 
       - name: Run crawler for aarch64
-        run: |
-          mkdir site/aarch64
-          kernel-crawler crawl --distro="*" --arch=aarch64 > site/aarch64/list.json
-
-      - name: Install deps
-        run: |
-          apt update
-          apt install -y jq
+        id: crawler_aarch64
+        uses: falcosecurity/kernel-crawler@main
+        with:
+          arch: 'aarch64'
 
-      - name: Validate jsons
+      - name: Move generated files to site folder
         run: |
-          cat site/x86_64/list.json | jq empty
-          cat site/aarch64/list.json | jq empty
+          mkdir site/x86_64
+          mv ${{ steps.crawler_x86_64.outputs.json }} site/x86_64/list.json
+          mkdir site/aarch64
+          mv ${{ steps.crawler_aarch64.outputs.json }} site/aarch64/list.json
 
       - uses: actions/upload-pages-artifact@v1
         with:

diff --git a/README.md b/README.md
@@ -13,6 +13,8 @@ Output json can be found, for each supported architecture, on gh pages: https://
 A weekly [github action workflow](https://github.com/falcosecurity/kernel-crawler/actions/workflows/update-kernels.yml) will open a PR on this repo to update the json.  
 As soon as the PR is merged and the json updated, a [prow job](https://github.com/falcosecurity/test-infra/blob/master/config/jobs/update-dbg/update-dbg.yaml) will create a PR on [test-infra](https://github.com/falcosecurity/test-infra) to generate the new Driverkit configs from the updated json.
 
+## Usage
+
 Helper text and options:
 
 Main:
@@ -32,13 +34,33 @@ Crawl command:
 Usage: kernel-crawler crawl [OPTIONS]
 
 Options:
-    --distro [AmazonLinux|AmazonLinux2|AmazonLinux2022|AmazonLinux2023|BottleRocket|CentOS|Debian|Fedora|Flatcar|Minikube|OracleLinux|PhotonOS|Redhat|Talos|Ubuntu|*]
+    --distro [alinux|almalinux|amazonlinux|amazonlinux2|amazonlinux2022|amazonlinux2023|arch|bottlerocket|centos|debian|fedora|flatcar|minikube|ol|opensuse|photon|redhat|rocky|talos|ubuntu|*]
     --version TEXT
     --arch [x86_64|aarch64]
     --image TEXT                    Option is required when distro is Redhat.
     --help                          Show this message and exit.
 ```
 
+## CI Usage
+
+To better suit the CI usage, a [Github composite action](https://docs.github.com/en/actions/creating-actions/creating-a-composite-action) has been developed.  
+Therefore, running kernel-crawler in your Github workflow is as easy as adding this step:
+```
+- name: Crawl kernels
+  uses: falcosecurity/kernel-crawler@main
+  with:
+    # Desired architecture. Either x86_64 or aarch64.
+    # Default: 'x86_64'.
+    arch: 'aarch64'
+    
+    # Desired distro.
+    # Refer to crawl command helper message (above) to check supported distros.
+    # Default: '*'.
+    distro: 'ubuntu'
+```
+
+> __NOTE:__ Since we don't use annotated tags, one cannot use eg: falcosecurity/kernel-crawler@v0, but only either exact tag name, branch name or commit hash.
+
 ## Docker image
 
 A docker image is provided for releases, by a GitHub Actions workflow: `falcosecurity/kernel-crawler:latest`.

diff --git a/action.yml b/action.yml
@@ -0,0 +1,50 @@
+name: 'kernel-crawler'
+description: 'A tool to crawl existing Linux kernel versions from multiple distros'
+
+inputs:
+  arch:
+    description: 'Architecture to run against. x86_64 or aarch64.'
+    required: false
+    default: 'x86_64'
+  distro:
+    description: 'Distro to run against. Defaults to all.'
+    required: false
+    default: '*'
+
+outputs:
+  json:
+    description: "Generated json"
+    value: ${{ steps.store-outputs.outputs.json }} 
+
+runs:
+  using: "composite"
+  steps:
+    - name: Install deps
+      shell: bash
+      run: |
+        sudo apt update -y
+        sudo apt install -y --no-install-recommends python3 python3-pip python3-pygit2 jq
+
+    - name: Install crawler
+      shell: bash
+      working-directory: ${{ github.action_path }}
+      run: |
+        pip3 install .
+
+    - name: Run crawler
+      shell: bash
+      working-directory: ${{ github.action_path }}
+      run: |
+        kernel-crawler crawl --distro=${{ inputs.distro }} --arch=${{ inputs.arch }} > kernels_${{ inputs.arch }}.json
+
+    - name: Validate json
+      shell: bash
+      working-directory: ${{ github.action_path }}
+      run: |
+        cat kernels_${{ inputs.arch }}.json | jq empty
+          
+    - name: Set output
+      id: store-outputs
+      shell: bash
+      run: |
+        echo "json=${{ github.action_path }}/kernels_${{ inputs.arch }}.json" >> $GITHUB_OUTPUT