draklib/draksh: refactored replacement for Drakvuf utilities and draksetup #128
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Build and test Drakvuf Sandbox" | |
on: | |
push: | |
branches: | |
- master | |
pull_request: | |
branches: | |
- master | |
jobs: | |
build_docs: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up Python 3.8 | |
uses: actions/setup-python@v4 | |
with: | |
python-version: 3.8 | |
- name: Install dependencies | |
working-directory: docs | |
run: pip install -r requirements.txt | |
- name: Build docs | |
working-directory: docs | |
run: make html | |
lint_drakcore: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up Python 3.8 | |
uses: actions/setup-python@v4 | |
with: | |
python-version: 3.8 | |
- run: pip3 install black==22.6.0 isort==5.9.3 flake8 | |
- name: Check with black | |
run: black --check --diff drakcore/ | |
- name: Check with isort | |
run: isort --profile black --check drakcore/ | |
- run: pip3 install -r drakcore/requirements.txt | |
- name: Check with flake8 | |
run: flake8 --extend-ignore=E501,E203 --max-line-length=88 drakcore/ | |
lint_drakcore_frontend: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Install web dependencies | |
working-directory: drakcore/drakcore/frontend | |
run: npm ci | |
- name: Check with prettier | |
working-directory: drakcore/drakcore/frontend | |
run: npx prettier --check src/ | |
lint_drakrun: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Set up Python 3.8 | |
uses: actions/setup-python@v4 | |
with: | |
python-version: 3.8 | |
- run: pip3 install black==22.6.0 isort==5.9.3 flake8 | |
- name: Check with black | |
run: black --check --diff drakrun/ | |
- name: Check with isort | |
run: isort --profile black --check drakrun/ | |
- run: pip3 install -r drakrun/requirements.txt | |
- name: Check with flake8 | |
run: flake8 --extend-ignore=E501,E203 --max-line-length=88 drakrun/ | |
package_drakvuf_bundle: | |
needs: [ lint_drakcore, lint_drakcore_frontend, lint_drakrun ] | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- distro: debian | |
version: buster | |
- distro: debian | |
version: bullseye | |
runs-on: ubuntu-latest | |
container: "${{ matrix.distro }}:${{matrix.version}}" | |
steps: | |
- name: Install git and wget | |
run: | | |
export DEBIAN_FRONTEND=noninteractive | |
apt-get update && apt-get install -y -q git wget | |
- uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
- name: Get Drakvuf commit id | |
run: | | |
# Workaround for fatal: detected dubious ownership | |
# https://git-scm.com/docs/git-config/2.35.2#Documentation/git-config.txt-safedirectory | |
git config --global --add safe.directory "$(pwd)" | |
export DRAKVUF_COMMIT=$(git ls-tree HEAD drakvuf | awk '{ print $3 }') | |
echo "Drakvuf commit is ${DRAKVUF_COMMIT}" | |
echo "DRAKVUF_COMMIT=$DRAKVUF_COMMIT" >> $GITHUB_ENV | |
- name: Cache Drakvuf bundle | |
id: cache-drakvuf-bundle | |
uses: actions/cache@v3 | |
with: | |
path: | | |
/out/drakvuf-bundle*.deb | |
/out/xen-hypervisor*.deb | |
/opt/xtf/tests/example/test-hvm64-example | |
key: drakvuf-bundle-${{ env.DRAKVUF_COMMIT }}-${{ matrix.distro }}-${{ matrix.version }} | |
- if: ${{ steps.cache-drakvuf-bundle.outputs.cache-hit != 'true' }} | |
name: Build Drakvuf bundle | |
run: | | |
cp -ra . /build | |
cd /build | |
sh drakvuf/package/depends.sh | |
bash ci/build_bundle.sh "${{ matrix.distro }}:${{matrix.version}}" | |
- name: Install Drakvuf bundle | |
run: | | |
export DEBIAN_FRONTEND=noninteractive | |
apt install -y /out/drakvuf-bundle*.deb | |
- if: ${{ steps.cache-drakvuf-bundle.outputs.cache-hit != 'true' }} | |
name: Build Xen Test Framework | |
working-directory: /opt | |
run: | | |
git clone https://xenbits.xen.org/git-http/xtf.git | |
cd xtf | |
git checkout bf1c4eb6cb52785cf539eb83752dfcecfe66c5d1 | |
make -j4 | |
- name: Build draksetup tools | |
run: | | |
apt install -y make pkg-config gcc libglib2.0-dev | |
make -C ./drakrun/drakrun/tools | |
cp /opt/xtf/tests/example/test-hvm64-example ./drakrun/drakrun/tools/ | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: drakvuf-bundle-debs-${{ matrix.distro }}-${{ matrix.version }} | |
path: | | |
/out/drakvuf-bundle*.deb | |
/out/xen-hypervisor*.deb | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: draksetup-tools-${{ matrix.distro }}-${{ matrix.version }} | |
path: | | |
drakrun/drakrun/tools/* | |
package_drakcore: | |
needs: [lint_drakcore, lint_drakcore_frontend] | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- distro: debian | |
version: buster | |
- distro: debian | |
version: bullseye | |
runs-on: ubuntu-latest | |
container: "${{ matrix.distro }}:${{matrix.version}}" | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Build drakcore | |
run: | | |
export DEBIAN_FRONTEND=noninteractive | |
apt-get update | |
apt-get install -y wget curl python3 python3-venv python3-pip dh-virtualenv debhelper devscripts | |
curl -sL https://deb.nodesource.com/setup_14.x | bash - | |
apt-get install -y nodejs | |
cd drakcore | |
package/find-python.sh | |
dpkg-buildpackage -us -uc -b | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: drakcore-debs-${{ matrix.distro }}-${{ matrix.version }} | |
path: ./drakcore_*_amd64.deb | |
package_drakrun: | |
needs: [ package_drakvuf_bundle ] | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- distro: debian | |
version: buster | |
- distro: debian | |
version: bullseye | |
runs-on: ubuntu-latest | |
container: "${{ matrix.distro }}:${{matrix.version}}" | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Download draksetup compiled tools from artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
name: draksetup-tools-${{ matrix.distro }}-${{ matrix.version }} | |
path: drakrun/drakrun/tools | |
- name: Build drakrun | |
run: | | |
export DEBIAN_FRONTEND=noninteractive | |
apt-get update | |
apt-get install -y wget python3 python3-pip python3-venv dh-virtualenv debhelper devscripts | |
cd drakrun | |
package/find-python.sh | |
dpkg-buildpackage -us -uc -b | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: drakrun-debs-${{ matrix.distro }}-${{ matrix.version }} | |
path: ./drakrun_*_amd64.deb | |
test_e2e: | |
needs: [ package_drakcore, package_drakrun, package_drakvuf_bundle ] | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- distro: debian | |
version: buster | |
version_number: 10 | |
- distro: debian | |
version: bullseye | |
version_number: 11 | |
runs-on: self-hosted | |
container: python:3.8-buster | |
# Prevent concurrent jobs trying to reach the same VM | |
concurrency: ci-${{ github.ref }}-${{ matrix.distro }}-${{ matrix.version_number }} | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
submodules: recursive | |
- name: Download drakrun debs from artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
name: drakrun-debs-${{ matrix.distro }}-${{ matrix.version }} | |
path: /debs | |
- name: Download drakcore debs from artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
name: drakcore-debs-${{ matrix.distro }}-${{ matrix.version }} | |
path: /debs | |
- name: Download drakvuf-bundle debs from artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
name: drakvuf-bundle-debs-${{ matrix.distro }}-${{ matrix.version }} | |
path: /debs | |
- name: Install git | |
run: | | |
export DEBIAN_FRONTEND=noninteractive | |
apt-get update && apt-get install -y -q git | |
- name: Start tests | |
run: | | |
git config --global --add safe.directory "$(pwd)" | |
cd test | |
pip install -r requirements.txt | |
pytest -v --capture=no | |
python -m vm_runner_client destroy | |
env: | |
DRAKVUF_DEBS_PATH: "/debs" | |
BASE_IMAGE: "${{ matrix.distro }}-${{ matrix.version_number }}-generic-amd64" | |
SNAPSHOT_VERSION: "win7-20230213" | |
MINIO_HOST: "192.168.100.1:8181" | |
VM_RUNNER_API_URL: "http://127.0.0.1:8080" | |
VM_SUFFIX: "${{ matrix.distro }}-${{ matrix.version_number }}" | |
# It's local Minio readonly account accessible from local runner | |
# I don't really know how to make unauthenticated access so let's | |
# keep that dummy account | |
MINIO_ACCESS_KEY: "drakvuf-ci-user" | |
MINIO_SECRET_KEY: "Ectrj8GnJbfZu4J" | |
- name: Job failed - suspending VM (if possible) | |
if: ${{ failure() }} | |
run: | | |
python -m vm_runner_client suspend | |
env: | |
VM_RUNNER_API_KEY: "http://127.0.0.1:8080" | |
VM_SUFFIX: "${{ matrix.distro }}-${{ matrix.version_number }}" |