Merge pull request #1150 from Billy99/billy99-multiarch-bins #75
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build | |
| on: # yamllint disable-line rule:truthy | |
| push: | |
| branches: [main] | |
| tags: | |
| - v* | |
| pull_request: | |
| branches: | |
| - main | |
| env: | |
| CARGO_TERM_COLOR: always | |
| jobs: | |
| check-license: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 3 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Check License Header | |
| uses: apache/skywalking-eyes@cd7b195c51fd3d6ad52afceb760719ddc6b3ee91 | |
| build: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: | |
| - arch: amd64 | |
| rust-target: x86_64-unknown-linux-gnu | |
| filename: linux-x86_64 | |
| command: cargo | |
| - arch: arm64 | |
| rust-target: aarch64-unknown-linux-gnu | |
| filename: linux-arm64 | |
| command: cross | |
| # - arch: ppc64le | |
| # rust-target: powerpc64le-unknown-linux-gnu | |
| # filename: linux-ppc64le | |
| # command: cross | |
| # - arch: s390x | |
| # rust-target: s390x-unknown-linux-gnu | |
| # filename: linux-s390x | |
| # command: cross | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Install dependencies | |
| # Dependencies only needed to build eBPF and used by integration-tests, only on amd64 | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -qy \ | |
| git \ | |
| clang \ | |
| llvm \ | |
| protobuf-compiler \ | |
| cmake \ | |
| perl \ | |
| libssl-dev \ | |
| gcc-multilib \ | |
| libelf-dev \ | |
| - name: Checkout bpfman | |
| uses: actions/checkout@v4 | |
| - name: Checkout libbpf | |
| # libbpf only needed to build eBPF and used by integration-tests, only on amd64 | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: libbpf/libbpf | |
| path: libbpf | |
| fetch-depth: 0 | |
| - name: Install rust toolchain - stable | |
| uses: actions-rs/toolchain@v1 | |
| with: | |
| toolchain: stable | |
| override: true | |
| target: ${{ matrix.arch.rust-target }} | |
| - name: Install rust toolchain - nightly | |
| # Only need for checks (like lint and clippy) that only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| uses: actions-rs/toolchain@v1 | |
| with: | |
| toolchain: nightly | |
| components: rustfmt, clippy, rust-src | |
| override: false | |
| # Only install cross if we need it | |
| # Install via cargo-binstall which I found faster | |
| - name: Install Cross | |
| if: ${{ matrix.arch.command == 'cross' }} | |
| shell: bash | |
| run: | | |
| cargo install cross --git https://github.com/cross-rs/cross | |
| ## TODO(astoycos) Deactivate the rust-cache action until we can determine | |
| ## why it's freezing at the end of the install. | |
| ## - uses: Swatinem/rust-cache@v2 | |
| - name: Install cargo-llvm-cov | |
| # Only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| uses: taiki-e/install-action@cargo-llvm-cov | |
| - name: Install toml linter | |
| # Only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| uses: taiki-e/install-action@v2 | |
| with: | |
| tool: taplo-cli | |
| - name: toml-lint | |
| # Only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: taplo fmt --check | |
| - name: yaml-lint | |
| # Only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: yamllint -c .yamllint.yaml --strict . | |
| - name: Check C formatting | |
| # Only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: git ls-files -- '*.c' '*.h' | xargs clang-format --dry-run --Werror | |
| - name: Build eBPF | |
| # Only need to build eBPF once and used by integration-tests, only on amd64 | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: | | |
| ${{ matrix.arch.command }} xtask build-ebpf --libbpf-dir ./libbpf | |
| - name: Package Integration Test eBPF | |
| # Only need to build eBPF once and used by integration-tests, only on amd64 | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: | | |
| tar -czvf integration-test.tar.gz tests/integration-test/bpf/.output | |
| - name: Archive Integration Test eBPF | |
| # Only need to build eBPF once and used by integration-tests, only on amd64 | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: bpfman-integration-test | |
| path: | | |
| integration-test.tar.gz | |
| - name: Check formatting | |
| # Only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: | | |
| cargo +nightly fmt --all -- --check | |
| - name: Run clippy | |
| # Only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: | | |
| cargo +nightly clippy --all -- --deny warnings | |
| - name: Check public API | |
| # Only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: cargo xtask public-api --target ${{ matrix.arch.rust-target }} | |
| - name: Build | |
| run: | | |
| ${{ matrix.arch.command }} build --verbose --target ${{ matrix.arch.rust-target }} | |
| - name: Package bpfman Binaries | |
| # Tar and archive the build for basic-integration-tests, only on amd64 | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: | | |
| cd target/${{ matrix.arch.rust-target }}/debug | |
| tar -czvf bpfman-debug-${{ matrix.arch.filename }}.tar.gz bpfman bpfman-rpc bpfman-ns bpf-metrics-exporter bpf-log-exporter | |
| - name: Archive bpfman Binaries | |
| # Tar and archive the build for basic-integration-tests, only on amd64 | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: bpfman-debug-${{ matrix.arch.filename }} | |
| path: | | |
| ./target/${{ matrix.arch.rust-target }}/debug/bpfman-debug-${{ matrix.arch.filename }}.tar.gz | |
| - name: Build manpages | |
| # Only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: cargo xtask build-man-page | |
| - name: Package manpages | |
| # Only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: | | |
| tar -czvf manpages.tar.gz .output/manpage/ | |
| - name: Archive manpages | |
| # Only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: bpfman-manpages | |
| path: | | |
| manpages.tar.gz | |
| - name: Build CLI TAB Completion | |
| # Only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: cargo xtask build-completion | |
| - name: Package CLI TAB Completion | |
| # Only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: | | |
| tar -czvf cli-tab-completion.tar.gz .output/completions/ | |
| - name: Archive CLI TAB Completion | |
| # Only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: bpfman-cli-tab-completion | |
| path: | | |
| cli-tab-completion.tar.gz | |
| ## If the push is a tag....build and upload the release bpfman binaries to an archive | |
| - name: Build Release | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| run: | | |
| cargo build --release --target ${{ matrix.arch.rust-target }} | |
| - name: Package bpfman Release Binaries | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| run: | | |
| cd target/${{ matrix.arch.rust-target }}/release | |
| tar -czvf bpfman-${{ matrix.arch.filename }}.tar.gz bpfman bpfman-rpc bpfman-ns bpf-metrics-exporter bpf-log-exporter | |
| - name: Archive bpfman Release Binaries | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: bpfman-release-${{ matrix.arch.filename }} | |
| path: ./target/${{ matrix.arch.rust-target }}/release/bpfman-${{ matrix.arch.filename }}.tar.gz | |
| - name: Run tests | |
| # Only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: cargo llvm-cov test --all-features -p bpfman -p bpfman-api --lcov --output-path lcov.info | |
| env: | |
| RUST_BACKTRACE: full | |
| - name: Archive Rust code coverage results | |
| # Only need to run once | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: coverage-rust | |
| path: lcov.info | |
| if-no-files-found: error | |
| ## Build go modules | |
| build-go: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: | |
| - arch: amd64 | |
| filename: linux-x86_64 | |
| - arch: arm64 | |
| filename: linux-arm64 | |
| # - arch: ppc64le | |
| # filename: linux-ppc64le | |
| # - arch: s390x | |
| # filename: linux-s390x | |
| runs-on: ubuntu-latest | |
| # k8s codegen requires this to be set | |
| env: | |
| GOPATH: ${{ github.workspace }} | |
| defaults: | |
| run: | |
| ## For us to run the controller-gen generate commands from within | |
| ## github actions the package name MUST match the directory layout | |
| ## (i.e `GOPATH/src/github.com/bpfman/bpfman`). Otherwise when | |
| ## running `make generate` generated code is deposited at | |
| ## `home/runner/work/bpfman/bpfman/bpfman-operator/PKG_NAME` instead | |
| ## of in `home/runner/work/bpfman/bpfman/bpfman-operator/pkg/client/...`. | |
| ## This is annoying and gross but cannot be resolved until | |
| ## https://github.com/kubernetes/kubernetes/issues/86753 is properly | |
| ## addressed. | |
| working-directory: ${{ env.GOPATH }}/src/github.com/bpfman/bpfman/bpfman-operator | |
| steps: | |
| - name: Checkout bpfman | |
| uses: actions/checkout@v4 | |
| with: | |
| path: ${{ env.GOPATH }}/src/github.com/bpfman/bpfman | |
| - name: Install go | |
| uses: actions/setup-go@v5 | |
| with: | |
| # prettier-ignore | |
| ## `make verify` failing on 1.22, so leave at 1.21 until issue determined. | |
| go-version: '1.21' # yamllint disable-line rule:quoted-strings | |
| - name: Go mod check | |
| # Only need to run go mod once, so just pick one of the arch to run on. | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: | | |
| go mod tidy | |
| git diff --exit-code ../go.mod ../go.sum | |
| - name: Lint | |
| # Only need to lint the code once, so just pick one of the arch to run on. | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| uses: golangci/golangci-lint-action@v6 | |
| with: | |
| ## https://github.com/golangci/golangci-lint-action/issues/369 | |
| working-directory: ${{ env.GOPATH }}/src/github.com/bpfman/bpfman | |
| version: v1.54.2 | |
| skip-cache: true | |
| skip-save-cache: true | |
| args: -v --timeout 5m | |
| - name: Build Examples | |
| run: | | |
| CGO_ENABLED=0 GOOS=linux GOARCH=${{ matrix.arch.arch }} go build ./... | |
| - name: Build Operator | |
| run: GOARCH=${{ matrix.arch.arch }} make build | |
| - name: Verify Autogenerated Code | |
| # Only need to run verify once, so just pick one of the arch to run on. | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| run: make verify | |
| - name: Run Tests | |
| run: make test | |
| - name: Archive Go code coverage results | |
| # Only need to run the test coverage for once, so just pick one of the arch to run on. | |
| if: ${{ matrix.arch.arch == 'amd64' }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: coverage-go | |
| path: ${{ env.GOPATH }}/src/github.com/bpfman/bpfman/bpfman-operator/cover.out | |
| if-no-files-found: error | |
| build-docs: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout bpfman | |
| uses: actions/checkout@v4 | |
| - name: Install Python3 | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: 3.x | |
| - name: Mkdocs Build | |
| run: | | |
| pip install mkdocs-material | |
| pip install -r requirements.txt | |
| mkdocs build --strict | |
| basic-integration-tests: | |
| runs-on: ubuntu-latest | |
| needs: [build, build-go, build-docs] | |
| env: | |
| CARGO_TERM_COLOR: always | |
| steps: | |
| - name: Checkout bpfman | |
| uses: actions/checkout@v4 | |
| - name: Download bpfman x86_64 build | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: bpfman-debug-linux-x86_64 | |
| merge-multiple: true | |
| - name: Unpack binaries | |
| run: | | |
| mkdir -p target/debug | |
| tar -C target/debug -xzvf bpfman-debug-linux-x86_64.tar.gz | |
| - name: Download Integration Test eBPF | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: bpfman-integration-test | |
| merge-multiple: true | |
| - name: Unpack Integration Test eBPF | |
| run: | | |
| tar -xzvf integration-test.tar.gz | |
| - name: Download manpages | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: bpfman-manpages | |
| merge-multiple: true | |
| - name: Unpack manpages | |
| run: | | |
| tar -xzvf manpages.tar.gz | |
| - name: Download CLI TAB Completion | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: bpfman-cli-tab-completion | |
| merge-multiple: true | |
| - name: Unpack CLI TAB Completion | |
| run: | | |
| tar -xzvf cli-tab-completion.tar.gz | |
| - name: Run the bpfman installer | |
| run: sudo ./scripts/setup.sh install | |
| - name: Give certs time to be created | |
| run: sleep 5 | |
| - name: Verify the bpfman systemd service is active | |
| run: systemctl is-active bpfman.socket | |
| - name: Verify the CLI can reach bpfman | |
| run: sudo bpfman list | |
| - name: Verify the manpages are installed | |
| run: man bpfman list | |
| - name: Stop the bpfman systemd service | |
| run: | | |
| sudo systemctl stop bpfman | |
| sudo ./scripts/setup.sh uninstall | |
| - name: Run integration tests | |
| run: cargo xtask integration-test | |
| kubernetes-integration-tests: | |
| needs: [build, build-go, build-docs] | |
| runs-on: ubuntu-latest | |
| env: | |
| BPFMAN_IMG: quay.io/bpfman/bpfman:int-test | |
| BPFMAN_AGENT_IMG: quay.io/bpfman/bpfman-agent:int-test | |
| BPFMAN_OPERATOR_IMG: quay.io/bpfman/bpfman-operator:int-test | |
| XDP_PASS_PRIVATE_IMAGE_CREDS: ${{ secrets.XDP_PASS_PRIVATE_IMAGE_CREDS }} | |
| steps: | |
| - name: Check disk space | |
| run: df -h | |
| - name: Free up space | |
| run: | | |
| sudo rm -rf /usr/share/dotnet | |
| sudo rm -rf /opt/ghc | |
| sudo rm -rf "/usr/local/share/boost" | |
| sudo rm -rf "$AGENT_TOOLSDIRECTORY" | |
| sudo rm -rf /usr/local/lib/android | |
| # The following are additional commands that could be run to free up | |
| # more space if necessary: | |
| # | |
| # sudo apt-get update | |
| # sudo eatmydata apt-get purge --auto-remove -y \ | |
| # azure-cli aspnetcore-* dotnet-* ghc-* firefox \ | |
| # google-chrome-stable \ | |
| # llvm-* microsoft-edge-stable mono-* \ | |
| # msbuild mysql-server-core-* php-* php7* \ | |
| # powershell temurin-* zulu-* | |
| # sudo apt-get autoremove -y | |
| # sudo apt-get autoclean -y | |
| # sudo docker system prune -a -f --volumes | |
| - name: Check disk space again | |
| run: df -h | |
| - name: Install dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -qy \ | |
| git \ | |
| clang \ | |
| llvm \ | |
| gcc-multilib \ | |
| libbpf-dev | |
| - name: setup golang | |
| uses: actions/setup-go@v5 | |
| with: | |
| # prettier-ignore | |
| go-version: '1.22' # yamllint disable-line rule:quoted-strings | |
| - name: cache go modules | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/go/pkg/mod | |
| key: ${{ runner.os }}-build-codegen-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-build-codegen- | |
| - name: checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ## TODO(astoycos) Currently this is just done to ensure we have coverage | |
| ## on all image builds. Ultimately we should be running the integration | |
| ## tests with these locally built bytecode images. | |
| - name: build example bytecode images | |
| run: | | |
| go install github.com/cilium/ebpf/cmd/[email protected] | |
| cd examples | |
| make build-all-images | |
| - name: build images | |
| run: cd bpfman-operator && make build-images | |
| - name: run integration tests | |
| run: cd bpfman-operator && make test-integration | |
| - name: Check disk space | |
| run: df -h | |
| ## Upload diagnostics if integration test step failed. | |
| - name: upload diagnostics | |
| if: ${{ failure() }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: kubernetes-integration-test-diag | |
| path: /tmp/ktf-diag* | |
| if-no-files-found: ignore | |
| coverage: | |
| needs: [build, build-go] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download golang coverage artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: coverage-go | |
| - name: Download rust coverage artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: coverage-rust | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v4 | |
| with: | |
| files: ./cover.out,./lcov.info | |
| verbose: true | |
| # Creates Release | |
| # Copies built bpfman binaries to release artifacts | |
| # Publish's bpfman and bpfman-api crates to crates.io | |
| release: | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| needs: [build] | |
| environment: crates.io | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout bpfman | |
| uses: actions/checkout@v4 | |
| - name: Set env | |
| run: | | |
| echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV | |
| if [[ ${GITHUB_REF#refs/*/} =~ "rc" ]]; then | |
| echo "PRE_RELEASE=true" >> $GITHUB_ENV | |
| else | |
| echo "PRE_RELEASE=false" >> $GITHUB_ENV | |
| fi | |
| - name: Download bpfman Release Binaries | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: bpfman-release-* | |
| merge-multiple: true | |
| - name: release | |
| uses: softprops/action-gh-release@v2 | |
| with: | |
| body_path: ./changelogs/CHANGELOG-${{ env.RELEASE_VERSION }}.md | |
| prerelease: ${{ env.PRE_RELEASE }} | |
| files: | | |
| bpfman-${{ matrix.arch.filename }}.tar.gz | |
| - name: publish bpfman crate | |
| run: cargo publish -p bpfman --token ${{ secrets.BPFMAN_DEV_TOKEN }} | |
| - name: publish bpfman-api crate | |
| run: cargo publish -p bpfman-api --token ${{ secrets.BPFMAN_DEV_TOKEN }} | |
| - name: publish bpf-log-exporter crate | |
| run: cargo publish -p bpf-log-exporter --token ${{ secrets.BPFMAN_DEV_TOKEN }} | |
| - name: publish bpf-metrics-exporter crate | |
| run: cargo publish -p bpf-metrics-exporter --token ${{ secrets.BPFMAN_DEV_TOKEN }} | |
| build-workflow-complete: | |
| needs: | |
| [ | |
| check-license, | |
| build, | |
| build-go, | |
| build-docs, | |
| coverage, | |
| basic-integration-tests, | |
| kubernetes-integration-tests, | |
| ] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Build Complete | |
| run: echo "Build Complete" |