Merge pull request #595 from cloudflare/dependabot/go_modules/opentel… #1356
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| tags: | |
| - v* | |
| branches: | |
| - master | |
| pull_request: | |
| jobs: | |
| build-libbpf: | |
| strategy: | |
| matrix: | |
| arch: &arch-matrix | |
| - name: x86_64 | |
| image: &ubuntu-x86_64 ubuntu-24.04 | |
| docker_platform: linux/amd64 | |
| - name: aarch64 | |
| image: ubuntu-24.04-arm | |
| docker_platform: linux/arm64 | |
| name: Build libbpf in Docker (${{ matrix.arch.name }}) | |
| runs-on: ${{ matrix.arch.image }} | |
| steps: | |
| - uses: &checkout actions/checkout@v4 | |
| - name: Build libbpf | |
| run: | | |
| docker buildx build --progress plain --tag libbpf --target libbpf_builder . | |
| id=$(docker create libbpf) | |
| docker cp $id:/build/libbpf.tar.gz libbpf.${{ matrix.arch.name }}.tar.gz | |
| - name: Upload libbpf.tar.gz | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: libbpf.${{ matrix.arch.name }}.tar.gz | |
| path: libbpf.${{ matrix.arch.name }}.tar.gz | |
| if-no-files-found: error | |
| build-ebpf-exporter-docker: | |
| strategy: | |
| matrix: | |
| arch: *arch-matrix | |
| name: Build ebpf_exporter in Docker (${{ matrix.arch.name }}, built-in libbpf) | |
| runs-on: ${{ matrix.arch.image }} | |
| steps: | |
| - uses: *checkout | |
| with: | |
| fetch-depth: 0 # Fetch with tags to have the build version attached | |
| - name: Build ebpf_exporter and examples | |
| run: | | |
| docker buildx build --progress plain --tag ebpf_exporter . | |
| docker create --name ebpf_exporter ebpf_exporter | |
| - name: Extract ebpf_exporter.${{ matrix.arch.name }} | |
| run: | | |
| docker cp ebpf_exporter:/ebpf_exporter ebpf_exporter | |
| - name: Upload ebpf_exporter | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ebpf_exporter.${{ matrix.arch.name }} | |
| path: ebpf_exporter | |
| if-no-files-found: error | |
| - name: Extract examples.${{ matrix.arch.name }}.tar.gz | |
| run: | | |
| docker cp ebpf_exporter:/examples ./ | |
| tar -cvzf examples.${{ matrix.arch.name }}.tar.gz -T <(find examples | grep -E "\.(yaml|bpf.o)$") | |
| - name: Upload examples.${{ matrix.arch.name }}.tar.gz | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: examples.${{ matrix.arch.name }}.tar.gz | |
| path: examples.${{ matrix.arch.name }}.tar.gz | |
| if-no-files-found: error | |
| - name: Extract ebpf_exporter_with_examples.${{ matrix.arch.name }}.tar.gz | |
| run: | | |
| tar -cvzf ebpf_exporter_with_examples.${{ matrix.arch.name }}.tar.gz --transform "s,\(.*\),ebpf_exporter-$(git describe --tags)/\1," -T <(echo ebpf_exporter; find examples | grep -E "\.(yaml|bpf.o)$" | sort) | |
| - name: Upload ebpf_exporter_with_examples.${{ matrix.arch.name }}.tar.gz | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ebpf_exporter_with_examples.${{ matrix.arch.name }}.tar.gz | |
| path: ebpf_exporter_with_examples.${{ matrix.arch.name }}.tar.gz | |
| if-no-files-found: error | |
| build-ebpf-exporter: | |
| strategy: | |
| matrix: | |
| arch: *arch-matrix | |
| linkage: | |
| - name: static | |
| make_target: build | |
| - name: dynamic | |
| make_target: build-dynamic | |
| libbpf: &libbpf-matrix | |
| - name: system | |
| make_flag: BUILD_LIBBPF=0 | |
| ld_library_path: '' | |
| - name: built-in | |
| make_flag: BUILD_LIBBPF=1 | |
| ld_library_path: libbpf/dest/usr/lib | |
| name: Build ebpf_exporter (${{ matrix.arch.name }}, ${{ matrix.linkage.name }} linkage, ${{ matrix.libbpf.name }} libbpf) | |
| needs: build-libbpf | |
| runs-on: ${{ matrix.arch.image }} | |
| steps: | |
| - uses: *checkout | |
| - &setup-go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ^1.25 | |
| - &download-libbpf | |
| name: Download libbpf.tar.gz | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: libbpf.${{ matrix.arch.name }}.tar.gz | |
| if: matrix.libbpf.name == 'system' | |
| - &install-libbpf | |
| name: Install libbpf as a system one for system libbpf builds | |
| run: sudo tar -C / -xvvf libbpf.${{ matrix.arch.name }}.tar.gz | |
| if: matrix.libbpf.name == 'system' | |
| - &apt-get-update | |
| name: Run apt-get update | |
| run: sudo apt-get update | |
| - &install-libelf-dev | |
| name: Install libelf-dev | |
| run: sudo apt-get install -y libelf-dev | |
| - name: Build | |
| run: make -j $(nproc) ${{ matrix.linkage.make_target }} ${{ matrix.libbpf.make_flag }} | |
| - name: Check for nss presence for static linkage | |
| run: if [[ $(objdump -tT ebpf_exporter | grep 'hidden _nss') ]]; then echo "unexpected nss symbols found"; exit 1; fi | |
| if: matrix.linkage.name == 'static' | |
| - name: Check ldd for static linkage | |
| run: ldd --verbose ./ebpf_exporter | |
| if: matrix.linkage.name == 'dynamic' | |
| - name: Check that it runs | |
| run: LD_LIBRARY_PATH=${{ matrix.libbpf.ld_library_path }} ./ebpf_exporter --version | |
| test-ebpf-exporter: | |
| strategy: | |
| matrix: | |
| arch: *arch-matrix | |
| libbpf: *libbpf-matrix | |
| name: Test ebpf_exporter (${{ matrix.arch.name }}, ${{ matrix.libbpf.name }} libbpf) | |
| needs: build-libbpf | |
| runs-on: ${{ matrix.arch.image }} | |
| steps: | |
| - uses: *checkout | |
| - *setup-go | |
| - *apt-get-update | |
| - &install-systemtap-sdt-dev | |
| name: Install systemtap-sdt-dev | |
| run: sudo apt-get install -y systemtap-sdt-dev | |
| - *install-libelf-dev | |
| - *download-libbpf | |
| - *install-libbpf | |
| - name: Update pci.ids | |
| run: | | |
| curl -o /tmp/pci.ids https://raw.githubusercontent.com/pciutils/pciids/master/pci.ids | |
| sudo mv /tmp/pci.ids /usr/share/misc/pci.ids | |
| - name: Test | |
| run: make -j $(nproc) test ${{ matrix.libbpf.make_flag }} | |
| - name: Test privileged | |
| run: make -j $(nproc) test-privileged ${{ matrix.libbpf.make_flag }} | |
| lint-ebpf-exporter: | |
| strategy: | |
| matrix: | |
| arch: *arch-matrix | |
| name: Lint ebpf_exporter (${{ matrix.arch.name }}, built-in libbpf) | |
| runs-on: ${{ matrix.arch.image }} | |
| steps: | |
| - uses: *checkout | |
| - *setup-go | |
| - *apt-get-update | |
| - *install-systemtap-sdt-dev | |
| - *install-libelf-dev | |
| - name: Build libbpf | |
| run: make -j $(nproc) libbpf.a | |
| - name: Check vendored dependencies | |
| run: go mod verify | |
| - name: Run golangci-lint | |
| uses: golangci/golangci-lint-action@v6 | |
| with: | |
| version: latest | |
| env: | |
| CGO_CFLAGS: "-I${{ github.workspace }}/libbpf/dest/usr/include" | |
| build-examples: | |
| strategy: | |
| matrix: | |
| arch: *arch-matrix | |
| libbpf: *libbpf-matrix | |
| name: Build examples (${{ matrix.arch.name }}, ${{ matrix.libbpf.name }} libbpf) | |
| needs: build-libbpf | |
| runs-on: ${{ matrix.arch.image }} | |
| steps: | |
| - uses: *checkout | |
| - *download-libbpf | |
| - *install-libbpf | |
| - *apt-get-update | |
| - *install-libelf-dev | |
| - name: Install clang | |
| run: sudo apt-get install -y clang | |
| - name: Build benchmark bpf probes | |
| run: make -j $(nproc) -C benchmark build ${{ matrix.libbpf.make_flag }} | |
| - name: Build example bpf probes | |
| run: make -j $(nproc) -C examples build ${{ matrix.libbpf.make_flag }} | |
| build-tracing-demos: | |
| strategy: | |
| matrix: | |
| arch: *arch-matrix | |
| name: Build tracing demos (${{ matrix.arch.name }}) | |
| runs-on: ${{ matrix.arch.image }} | |
| steps: | |
| - uses: *checkout | |
| - *setup-go | |
| - *apt-get-update | |
| - *install-systemtap-sdt-dev | |
| - name: Build | |
| run: make -j $(nproc) tracing-demos | |
| - name: Extract tracing-demos.${{ matrix.arch.name }}.tar.gz | |
| run: | | |
| tar -cvzf tracing-demos.${{ matrix.arch.name }}.tar.gz tracing/demos/*/demo | |
| - name: Upload tracing-demos.${{ matrix.arch.name }}.tar.gz | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: tracing-demos.${{ matrix.arch.name }}.tar.gz | |
| path: tracing-demos.${{ matrix.arch.name }}.tar.gz | |
| if-no-files-found: error | |
| check-configs: | |
| strategy: | |
| matrix: | |
| arch: *arch-matrix | |
| name: Check examples (${{ matrix.arch.name }}) | |
| runs-on: ${{ matrix.arch.image }} | |
| needs: | |
| - build-ebpf-exporter-docker | |
| - build-tracing-demos | |
| steps: | |
| - uses: *checkout | |
| - name: Download ebpf_exporter_with_examples.${{ matrix.arch.name }}.tar.gz | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ebpf_exporter_with_examples.${{ matrix.arch.name }}.tar.gz | |
| - name: Extract ebpf_exporter_with_examples.${{ matrix.arch.name }}.tar.gz | |
| run: tar --strip-components 1 -xzvf ebpf_exporter_with_examples.${{ matrix.arch.name }}.tar.gz | |
| - name: Download tracing-demos.${{ matrix.arch.name }}.tar.gz | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: tracing-demos.${{ matrix.arch.name }}.tar.gz | |
| - name: Extract tracing-demos.${{ matrix.arch.name }}.tar.gz | |
| run: tar -xzvf tracing-demos.${{ matrix.arch.name }}.tar.gz | |
| - name: Print kernel version | |
| run: uname -a | |
| - name: Install dependencies for ceph fs exporter | |
| run: | | |
| sudo apt update | |
| sudo apt install -y ceph-common | |
| # Some programs expect to attach to symbols in modules | |
| - name: Load expected kernel modules | |
| run: | | |
| sudo modprobe xfs | |
| sudo modprobe ceph | |
| - name: Run configuration check | |
| run: make config-check | |
| clang-format: | |
| name: Run clang-format check | |
| runs-on: *ubuntu-x86_64 | |
| steps: | |
| - uses: *checkout | |
| - *apt-get-update | |
| - name: Install clang-format | |
| run: sudo apt-get install -y clang-format make | |
| - name: Run clang-format check | |
| run: make clang-format-check | |
| markdown-links: | |
| name: Run markdown-links-check | |
| runs-on: *ubuntu-x86_64 | |
| steps: | |
| - uses: *checkout | |
| - name: Run markdown-links-check | |
| run: make markdown-link-check | |
| jsonschema: | |
| name: Run jsonschema checks | |
| runs-on: *ubuntu-x86_64 | |
| steps: | |
| - uses: *checkout | |
| - *apt-get-update | |
| - name: Install jsonschema dependencies | |
| run: sudo apt-get install -y python3-jsonschema make | |
| - name: Install yq | |
| run: sudo curl -Lo /usr/bin/yq https://github.com/mikefarah/yq/releases/download/v4.35.2/yq_linux_amd64 && sudo chmod +x /usr/bin/yq | |
| - name: Run jsonschema check | |
| run: make jsonschema | |
| publish-docker-images: | |
| strategy: | |
| matrix: | |
| arch: *arch-matrix | |
| name: Publish Docker images (${{ matrix.arch.name }}) | |
| runs-on: ${{ matrix.arch.image }} | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - uses: *checkout | |
| with: | |
| fetch-depth: 0 # Fetch with tags to have the build version attached | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Docker Metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ github.repository }} | |
| - name: Docker Login | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push | |
| id: build | |
| uses: docker/build-push-action@v6 | |
| with: | |
| platforms: ${{ matrix.arch.docker_platform }} | |
| outputs: type=image,"name=ghcr.io/${{ github.repository }}",push-by-digest=true,name-canonical=true,push=${{ github.event_name != 'pull_request' }} | |
| - name: Export digest | |
| run: | | |
| mkdir -p ${{ runner.temp }}/digests | |
| digest="${{ steps.build.outputs.digest }}" | |
| touch "${{ runner.temp }}/digests/${digest#sha256:}" | |
| - name: Adjust digest | |
| run: | | |
| platform=${{ matrix.arch.docker_platform }} | |
| echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV | |
| - name: Upload digest | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: docker-digests-${{ env.PLATFORM_PAIR }} | |
| path: ${{ runner.temp }}/digests/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| publish-docker-images-digest: | |
| name: Publish Docker image digest | |
| runs-on: *ubuntu-x86_64 | |
| needs: | |
| - publish-docker-images | |
| steps: | |
| - name: Download digests | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: ${{ runner.temp }}/digests | |
| pattern: docker-digests-* | |
| merge-multiple: true | |
| - name: Docker Login | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Docker Metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/${{ github.repository }} | |
| tags: | | |
| type=raw,value=latest,enable={{is_default_branch}} | |
| type=ref,event=branch | |
| type=ref,event=tag | |
| type=ref,event=pr | |
| type=sha | |
| - name: Create manifest list and push | |
| working-directory: ${{ runner.temp }}/digests | |
| if: github.event_name != 'pull_request' | |
| run: | | |
| docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") $(printf 'ghcr.io/${{ github.repository }}@sha256:%s ' *) | |
| - name: Inspect image | |
| if: github.event_name != 'pull_request' | |
| run: | | |
| docker buildx imagetools inspect ghcr.io/${{ github.repository }}:${{ steps.meta.outputs.version }} | |
| release-archive: | |
| name: Release archive | |
| runs-on: ubuntu-24.04 | |
| needs: | |
| - build-ebpf-exporter-docker | |
| steps: | |
| - name: Download ebpf_exporter.aarch64 | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ebpf_exporter.aarch64 | |
| - name: Rename ebpf_exporter.aarch64 | |
| run: mv ebpf_exporter ebpf_exporter.aarch64 | |
| - name: Download ebpf_exporter.x86_64 | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ebpf_exporter.x86_64 | |
| - name: Rename ebpf_exporter.x86_64 | |
| run: mv ebpf_exporter ebpf_exporter.x86_64 | |
| - name: Download examples.aarch64.tar.gz | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: examples.aarch64.tar.gz | |
| - name: Download examples.x86_64.tar.gz | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: examples.x86_64.tar.gz | |
| - name: Download ebpf_exporter_with_examples.aarch64.tar.gz | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ebpf_exporter_with_examples.aarch64.tar.gz | |
| - name: Download ebpf_exporter_with_examples.x86_64.tar.gz | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ebpf_exporter_with_examples.x86_64.tar.gz | |
| - name: Mark ebpf_exporter binaries as executable | |
| run: chmod +x ebpf_exporter.aarch64 ebpf_exporter.x86_64 | |
| - name: Create sha256sums.txt | |
| run: shasum -a 256 * > sha256sums.txt | |
| - name: Create release archive | |
| run: tar -czf release.tar.gz --transform "s,\(.*\),ebpf_exporter-${GITHUB_SHA}/\1," * | |
| - name: Upload release.tar.gz | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: release.tar.gz | |
| path: release.tar.gz | |
| if-no-files-found: error |