Skip to content

drop both IPv4 and IPv6 traffic in networkpolicy drop acl (#3940) #7057

drop both IPv4 and IPv6 traffic in networkpolicy drop acl (#3940)

drop both IPv4 and IPv6 traffic in networkpolicy drop acl (#3940) #7057

name: Build Windows
on:
workflow_dispatch:
release:
pull_request:
branches:
- master
paths-ignore:
- 'docs/**'
- '**.md'
push:
branches:
- master
- release-*
paths-ignore:
- 'docs/**'
- '**.md'
concurrency:
group: "${{ github.workflow }}-${{ github.ref }}"
cancel-in-progress: true
env:
GO_VERSION: ''
GOSEC_VERSION: '2.18.2'
jobs:
filter:
name: Path Filter
runs-on: ubuntu-22.04
outputs:
build-ovs-ovn: ${{ steps.filter.outputs.windows-ovs-ovn }}
build-kube-ovn: ${{ steps.filter.outputs.windows-kube-ovn }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION || '' }}
go-version-file: go.mod
check-latest: true
cache: false
- name: Generate path filter
env:
GOOS: windows
run: |
filter=".github/path-filters.yaml"
workflow=$(echo ${{ github.workflow_ref }} | awk -F@ '{print $1}' | sed 's@^${{ github.repository }}/@@')
cat > $filter <<EOF
windows-ovs-ovn:
- $workflow
windows-kube-ovn:
- $workflow
- go.mod
- go.sum
EOF
sh hack/go-list.sh cmd/cni | while read f; do
echo "- $f" | tee -a $filter
done
sh hack/go-list.sh cmd/windows | while read f; do
echo "- $f" | tee -a $filter
done
- uses: dorny/paths-filter@v3
id: filter
with:
base: ${{ github.base_ref || github.ref_name }}
filters: .github/path-filters.yaml
list-files: csv
build-ovs-and-ovn:
name: Build OVS and OVN
needs: filter
runs-on: windows-2019
if: github.event_name == 'release' || github.event_name == 'workflow_dispatch' || needs.filter.outputs.build-ovs-ovn == 'true'
steps:
- name: Check out PTHREADS4W
run: |
New-Item -ItemType directory -Path pthreads4w
git clone https://git.code.sf.net/p/pthreads4w/code pthreads4w\code
- name: Check out OVS
uses: actions/checkout@v4
with:
repository: openvswitch/ovs
ref: branch-3.1
path: ovs
- name: Check out OVN
uses: actions/checkout@v4
with:
repository: ovn-org/ovn
ref: branch-22.12
path: ovn
- name: Apply OVS patches
working-directory: ovs
run: |
# fix kernel crash
Invoke-WebRequest -Uri "https://github.com/kubeovn/ovs/commit/64383c14a9c25e9e0ca53c6758d9499c60132536.patch" -OutFile ..\ovs-01.patch
# support for building in github actions
Invoke-WebRequest -Uri "https://github.com/kubeovn/ovs/commit/d170c6237cb6a7bbe16f916ab2286c3c942a852c.patch" -OutFile ..\ovs-02.patch
# listen on tcp 127.0.0.1:6643 by default
Invoke-WebRequest -Uri "https://github.com/kubeovn/ovs/commit/680e77a190ae7df3086bc35bb6150238e97f9020.patch" -OutFile ..\ovs-03.patch
git apply ..\ovs-01.patch
git apply ..\ovs-02.patch
git apply ..\ovs-03.patch
- name: Apply OVN patches
working-directory: ovn
run: |
# change hash type from dp_hash to hash with field src_ip
Invoke-WebRequest -Uri "https://github.com/kubeovn/ovn/commit/75876f75203bbf06a8f5ffb5628eca98bef03407.patch" -OutFile ..\ovn-01.patch
# add support for windows
Invoke-WebRequest -Uri "https://github.com/kubeovn/ovn/commit/e27cd770e5f5bffb884483546564ce6f286545c2.patch" -OutFile ..\ovn-02.patch
# set br-int controller to TCP 127.0.0.1:6653
Invoke-WebRequest -Uri "https://github.com/kubeovn/ovn/commit/24dcd9485ebb0f6c962250684fae512850cd9210.patch" -OutFile ..\ovn-03.patch
# ovn-controller: do not send GARP on localnet for Kube-OVN ports
Invoke-WebRequest -Uri "https://github.com/kubeovn/ovn/commit/30ff0ba51745f5ea1b38ed63e8cd8e0479d0f916.patch" -OutFile ..\ovn-04.patch
git apply ..\ovn-01.patch
git apply ..\ovn-02.patch
git apply ..\ovn-03.patch
git apply ..\ovn-04.patch
- name: Build PTHREADS4W
working-directory: pthreads4w\code
shell: cmd
run: |
call "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Auxiliary\Build\vcvars64.bat"
nmake all install
- name: Build OVS and OVN
shell: cmd
env:
MSYS2_PATH_TYPE: inherit
run: |
SETLOCAL ENABLEDELAYEDEXPANSION
SET _p4w_dir=%CD:\=/%/pthreads4w/PTHREADS-BUILT
FOR /F "tokens=* USEBACKQ" %%F IN (`C:\msys64\usr\bin\cygpath.exe -u "%CD%\ovs"`) DO (
SET _ovs_dir=%%F
)
FOR /F "tokens=* USEBACKQ" %%F IN (`C:\msys64\usr\bin\cygpath.exe -u "%CD%\ovn"`) DO (
SET _ovn_dir=%%F
)
CALL "C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Auxiliary\Build\vcvars64.bat"
SET _vs_path=
FOR %%d IN ("%PATH:;=";"%") DO (
echo %%~d | findstr /C:"C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise" > nul && set _vs_path=!_vs_path!;%%~d
)
SET PATH="%_vs_path%;%PATH%"
C:\msys64\usr\bin\bash.exe -lc "pacman -S --noconfirm python-pip libtool autoconf automake-wrapper"
C:\msys64\usr\bin\bash.exe -lc "python3 -m pip install pypiwin32"
C:\msys64\usr\bin\bash.exe -lc "rm -f `which link`"
C:\msys64\usr\bin\bash.exe -lc "cd '%_ovs_dir%' && ./boot.sh"
C:\msys64\usr\bin\bash.exe -lc "cd '%_ovs_dir%' && ./configure CC=./build-aux/cccl LD='`which link`' LIBS='-lws2_32 -lShlwapi -liphlpapi -lwbemuuid -lole32 -loleaut32' --prefix='C:/openvswitch/usr' --localstatedir='C:/openvswitch/var' --sysconfdir='C:/openvswitch/etc' --with-pthread='%_p4w_dir%' --disable-ssl"
C:\msys64\usr\bin\bash.exe -lc "cd '%_ovs_dir%' && make -j"
C:\msys64\usr\bin\bash.exe -lc "cd '%_ovs_dir%' && make windows_installer"
C:\msys64\usr\bin\bash.exe -lc "cd '%_ovn_dir%' && ./boot.sh"
C:\msys64\usr\bin\bash.exe -lc "cd '%_ovn_dir%' && ./configure CC=./build-aux/cccl LD='`which link`' LIBS='-lws2_32 -lShlwapi -liphlpapi -lwbemuuid -lole32 -loleaut32' --prefix='C:/ovn/usr' --localstatedir='C:/ovn/var' --sysconfdir='C:/ovn/etc' --with-pthread='%_p4w_dir%' --disable-ssl --with-ovs-source='../ovs'"
C:\msys64\usr\bin\bash.exe -lc "cd '%_ovn_dir%' && make -j"
C:\msys64\usr\bin\bash.exe -lc "cd '%_ovn_dir%' && make install"
- name: Upload OVS
uses: actions/upload-artifact@v4
with:
name: ovs-win64
path: ovs\windows\ovs-windows-installer\bin\x64\Release\OpenvSwitch.msi
- name: Upload OVN
uses: actions/upload-artifact@v4
with:
name: ovn-win64
path: C:\ovn
build-kube-ovn:
name: Build Kube-OVN
needs: filter
runs-on: windows-2019
if: github.event_name == 'release' || github.event_name == 'workflow_dispatch' || needs.filter.outputs.build-kube-ovn == 'true'
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION || '' }}
go-version-file: go.mod
check-latest: true
cache: false
- name: Export Go full version
run: |
$goVersion = (go version).Split()[2]
$entry = [string]::Format("GO_FULL_VER={0}", $goVersion)
Add-Content -Path $env:GITHUB_ENV -Value $entry
- name: Go Cache
uses: actions/cache@v4
with:
path: |
~\AppData\Local\go-build
~\go\pkg\mod
key: ${{ runner.os }}-${{ env.GO_FULL_VER }}-${{ hashFiles('**/go.sum') }}
restore-keys: ${{ runner.os }}-${{ env.GO_FULL_VER }}-
- name: Install gosec
run: |
Invoke-WebRequest https://github.com/securego/gosec/releases/download/v${{ env.GOSEC_VERSION }}/gosec_${{ env.GOSEC_VERSION }}_windows_amd64.tar.gz -OutFile gosec.tar.gz
mkdir gosec
tar -xzvf gosec.tar.gz -C gosec
Copy-Item gosec/gosec.exe -Destination C:\Windows\system32
- name: Build
run: |
go mod tidy
make lint-windows
make build-go-windows
- name: Upload Binaries
uses: actions/upload-artifact@v4
with:
name: kube-ovn-bin
path: |
dist/windows/kube-ovn.exe
dist/windows/kube-ovn-daemon.exe
package:
name: Pack Windows Files
needs:
- build-ovs-and-ovn
- build-kube-ovn
runs-on: windows-2019
steps:
- uses: actions/checkout@v4
- name: Download Kube-OVN binaries
uses: actions/download-artifact@v4
with:
name: kube-ovn-bin
path: dist/windows
- name: Download OVS
uses: actions/download-artifact@v4
with:
name: ovs-win64
path: dist/windows
- name: Download OVN
uses: actions/download-artifact@v4
with:
name: ovn-win64
path: dist/windows/ovn
- name: Pack files
working-directory: dist/windows
run: |
# ovn
New-Item -ItemType directory -Path ovn/etc
Copy-Item ovn-controller.conf -Destination ovn/etc
Copy-Item start-ovn-controller.ps1 -Destination ovn
# kube-ovn
New-Item -ItemType directory -Path "kube-ovn/etc", "kube-ovn/bin"
Copy-Item 01-kube-ovn.conflist -Destination kube-ovn
Copy-Item kube-ovn.conf -Destination kube-ovn/etc
Copy-Item start-kube-ovn.ps1 -Destination kube-ovn/bin
Copy-Item kube-ovn.exe -Destination kube-ovn/bin
Copy-Item kube-ovn-daemon.exe -Destination kube-ovn/bin
- name: Upload package
uses: actions/upload-artifact@v4
with:
name: kube-ovn-win64
path: |
dist/windows/OpenvSwitch.msi
dist/windows/ovn
dist/windows/kube-ovn
dist/windows/install.ps1