Skip to content

Update LVH kernel images #8111

Update LVH kernel images

Update LVH kernel images #8111

name: OATS tests
on:
push:
branches: [main, release-*]
pull_request:
branches: [main, release-*]
paths:
- ".github/workflows/pull_request_oats_test.yml"
- "**.go"
- "go.mod"
- "go.sum"
- "bpf/**"
- "cmd/**"
- "configs/**"
- "internal/**"
- "pkg/**"
- "scripts/**"
workflow_call:
inputs:
ref:
description: "Git ref (commit, branch, or tag) to check out"
required: false
type: string
secrets:
DOCKER_TOKEN_EBPF_INSTRUMENTATION:
description: "Docker Hub token for pulling images (optional)"
required: false
concurrency:
group: pr-oats-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
permissions:
contents: read
jobs:
generate-bpf:
name: Generate BPF
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
with:
ref: ${{ inputs.ref || github.sha }}
persist-credentials: false
- uses: ./.github/actions/generate-bpf
with:
cache-key-prefix: go-build-oats
test-matrix:
name: "Build matrix"
runs-on: ubuntu-latest
timeout-minutes: 45
outputs:
matrix: ${{ steps.build-matrix.outputs.matrix }}
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
with:
ref: ${{ inputs.ref || github.sha }}
persist-credentials: false
- name: Build test matrix
id: build-matrix
run: |
echo -n "matrix=" >> $GITHUB_OUTPUT
make oats-integration-test-matrix-json >> $GITHUB_OUTPUT
test:
name: ${{ matrix.basename }}
needs: [test-matrix, generate-bpf]
permissions:
checks: write
pull-requests: write
runs-on: ubuntu-latest
timeout-minutes: 45
strategy:
fail-fast: false
matrix: ${{ fromJson(needs.test-matrix.outputs.matrix) }}
steps:
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
with:
ref: ${{ inputs.ref || github.sha }}
persist-credentials: false
- uses: ./.github/actions/free-disk
- name: Check for Docker Hub token
id: check-docker-token
run: |
if [ -n "${DOCKER_TOKEN}" ]; then
echo "has_token=true" >> "$GITHUB_OUTPUT"
else
echo "has_token=false" >> "$GITHUB_OUTPUT"
fi
env:
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN_EBPF_INSTRUMENTATION }}
- name: Log in to Docker Hub
if: steps.check-docker-token.outputs.has_token == 'true'
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
with:
username: ${{ vars.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN_EBPF_INSTRUMENTATION }}
- name: Set up Go
uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.5.0 # zizmor: ignore[cache-poisoning] go.sum verifies module integrity
with:
go-version-file: "go.mod"
cache: true
- name: Go build cache
uses: actions/cache@2c8a9bd7457de244a408f35966fab2fb45fda9c8 # v6.0.0 # zizmor: ignore[cache-poisoning] go build cache is content-addressable and self-verifying
with:
path: ~/.cache/go-build
key: go-build-oats-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('**/*.go', 'go.sum') }}
restore-keys: |
go-build-oats-${{ runner.os }}-${{ runner.arch }}-
- name: Download generated BPF files
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: bpf-generated-${{ github.run_id }}
- name: Build test tools
run: make prereqs
- name: Verify OBI compiles
run: docker build -f internal/test/integration/components/obi/Dockerfile .
- name: Run oats tests
env:
MATRIX_BASENAME: ${{ matrix.basename }}
TESTCASE_TIMEOUT: 5m
run: make "oats-test-$MATRIX_BASENAME"
- name: Upload oats test logs
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
if: always()
with:
name: oats-logs-${{ matrix.basename }}-${{ github.run_number }}
path: internal/test/oats/${{ matrix.basename }}/build/*
- name: Process coverage data
run: make itest-coverage-data
- name: Report coverage
uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
with:
files: ./testoutput/itest-covdata.txt
flags: oats-test
name: oats-coverage-${{ matrix.basename }}-${{ github.run_number }}