forked from cilium/cilium
-
Notifications
You must be signed in to change notification settings - Fork 0
188 lines (172 loc) · 7 KB
/
tests-datapath-verifier.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
name: Datapath BPF Complexity (ci-verifier)
# Any change in triggers needs to be reflected in the concurrency group.
on:
workflow_dispatch:
inputs:
PR-number:
description: "Pull request number."
required: true
context-ref:
description: "Context in which the workflow runs. If PR is from a fork, will be the PR target branch (general case). If PR is NOT from a fork, will be the PR branch itself (this allows committers to test changes to workflows directly from PRs)."
required: true
SHA:
description: "SHA under test (head of the PR branch)."
required: true
extra-args:
description: "[JSON object] Arbitrary arguments passed from the trigger comment via regex capture group. Parse with 'fromJson(inputs.extra-args).argName' in workflow."
required: false
default: '{}'
push:
branches:
- 'renovate/main-**'
# Run every 6 hours
schedule:
- cron: '0 5/6 * * *'
# By specifying the access of one of the scopes, all of those that are not
# specified are set to 'none'.
permissions:
# To read actions state with catchpoint/workflow-telemetry-action
actions: read
# To be able to access the repository with actions/checkout
contents: read
# To allow retrieving information from the PR API
pull-requests: read
# To be able to set commit status
statuses: write
concurrency:
# Structure:
# - Workflow name
# - Event type
# - A unique identifier depending on event type:
# - schedule: SHA
# - workflow_dispatch: PR number
#
# This structure ensures a unique concurrency group name is generated for each
# type of testing, such that re-runs will cancel the previous run.
group: |
${{ github.workflow }}
${{ github.event_name }}
${{
(github.event_name == 'push' && github.sha) ||
(github.event_name == 'schedule' && github.sha) ||
(github.event_name == 'workflow_dispatch' && github.event.inputs.PR-number)
}}
cancel-in-progress: true
env:
# renovate: datasource=golang-version depName=go
go-version: 1.22.6
jobs:
echo-inputs:
if: ${{ github.event_name == 'workflow_dispatch' }}
name: Echo Workflow Dispatch Inputs
runs-on: ubuntu-22.04
steps:
- name: Echo Workflow Dispatch Inputs
run: |
echo '${{ tojson(inputs) }}'
commit-status-start:
name: Commit Status Start
runs-on: ubuntu-latest
steps:
- name: Set initial commit status
uses: myrotvorets/set-commit-status-action@3730c0a348a2ace3c110851bed53331bc6406e9f # v2.0.1
with:
sha: ${{ inputs.SHA || github.sha }}
setup-and-test:
runs-on: ${{ vars.GH_RUNNER_EXTRA_POWER }}
name: Setup & Test
strategy:
fail-fast: false
matrix:
include:
# renovate: datasource=docker depName=quay.io/lvh-images/complexity-test
- kernel: '5.4-20240710.064909'
ci-kernel: '54'
# renovate: datasource=docker depName=quay.io/lvh-images/complexity-test
- kernel: 'rhel8-20240710.064909'
ci-kernel: '54'
# renovate: datasource=docker depName=quay.io/lvh-images/complexity-test
- kernel: '5.10-20240710.064909'
ci-kernel: '510'
# renovate: datasource=docker depName=quay.io/lvh-images/complexity-test
- kernel: '5.15-20240710.064909'
ci-kernel: '510'
# renovate: datasource=docker depName=quay.io/lvh-images/complexity-test
- kernel: '6.1-20240710.064909'
ci-kernel: '61'
# renovate: datasource=docker depName=quay.io/lvh-images/complexity-test
- kernel: '6.6-20240710.064909'
ci-kernel: '61'
# renovate: datasource=docker depName=quay.io/lvh-images/complexity-test
- kernel: 'bpf-next-20240711.013133'
ci-kernel: 'netnext'
timeout-minutes: 60
steps:
- name: Collect Workflow Telemetry
uses: catchpoint/workflow-telemetry-action@94c3c3d9567a0205de6da68a76c428ce4e769af1 # v2.0.0
with:
comment_on_pr: false
# Warning: since this is a privileged workflow, subsequent workflow job
# steps must take care not to execute untrusted code.
- name: Checkout pull request branch (NOT TRUSTED)
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
ref: ${{ inputs.SHA || github.sha }}
persist-credentials: false
- name: Provision LVH VMs
uses: cilium/little-vm-helper@97c89f004bd0ab4caeacfe92ebc956e13e362e6b # v0.0.19
with:
test-name: datapath-bpf-complexity
image: 'complexity-test'
image-version: ${{ matrix.kernel }}
host-mount: ./
cpu: 4
install-dependencies: 'true'
cmd: |
for i in {1..5}; do curl "https://golang.org" > /dev/null 2>&1 && break || sleep 5; echo "Waiting for systemd-resolved to be ready..."; done
git config --global --add safe.directory /host
uname -a
# The LVH image might ship with an arbitrary Go toolchain version,
# install the same Go toolchain version as current HEAD.
CGO_ENABLED=0 GOPROXY=direct GOSUMDB= go install golang.org/dl/go${{ env.go-version }}@latest
go${{ env.go-version }} download
# The LVH image ships with LLVM taken from a release Cilium version.
# Replace it with the one extracted from the cilium-builder image.
/host/contrib/scripts/extract-llvm.sh /tmp/llvm
mv /tmp/llvm/usr/local/bin/{clang,llc} /bin/
rm -r /tmp/llvm
- name: Run verifier tests
uses: cilium/little-vm-helper@97c89f004bd0ab4caeacfe92ebc956e13e362e6b # v0.0.19
with:
provision: 'false'
cmd: |
cd /host/
# Run with cgo disabled, LVH images don't ship with gcc.
CGO_ENABLED=0 go${{ env.go-version }} test -v -parallel=1 ./test/verifier -cilium-base-path /host -ci-kernel-version ${{ matrix.ci-kernel }}
- name: Fetch artifacts
if: ${{ !success() }}
uses: cilium/little-vm-helper@97c89f004bd0ab4caeacfe92ebc956e13e362e6b # v0.0.19
with:
provision: 'false'
cmd: |
cd /host
mkdir datapath-verifier
find test/verifier \( -name "*.log" -o -name "*.o" \) -exec cp -v {} datapath-verifier/ \;
- name: Upload artifacts
if: ${{ !success() }}
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
with:
name: datapath-verifier_${{ matrix.kernel }}
path: datapath-verifier
retention-days: 5
commit-status-final:
if: ${{ always() }}
name: Commit Status Final
needs: setup-and-test
runs-on: ubuntu-latest
steps:
- name: Set final commit status
uses: myrotvorets/set-commit-status-action@3730c0a348a2ace3c110851bed53331bc6406e9f # v2.0.1
with:
sha: ${{ inputs.SHA || github.sha }}
status: ${{ needs.setup-and-test.result }}