-
Notifications
You must be signed in to change notification settings - Fork 164
115 lines (104 loc) · 4.41 KB
/
latest-kernel.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
name: Test drivers build against latest mainline kernel in archlinux
on:
workflow_dispatch:
inputs:
linux-version:
description: 'Archlinux kernel version to build a driver against, eg: 6.2.arch1-1 or empty to build latest mainline'
required: false
type: string
schedule:
- cron: '0 8 * * *' # every day at 8am
jobs:
compute-latest-version:
outputs:
latest_vers: ${{ steps.latest-version.outputs.latest_vers }}
runs-on: 'ubuntu-latest'
steps:
- name: Checkout Archlinux mainline package ⤵️
run: |
git clone https://aur.archlinux.org/linux-mainline.git linux/
- name: Generate driverkit config
id: latest-version
# Note: in case we are building latest mainline,
# we grep the linux-mainline aur PKGBUILD "_tag" line, that is made like: "_tag=v6.4-rc1"
# We then need to extract the part after the "=" and finally remove the starting "v".
run: |
cd linux/
echo "kernelversion: 1" > dk.yaml
echo "driverversion: ${{ github.sha }}" >> dk.yaml
echo "output:" >> dk.yaml
echo " module: mod.ko" >> dk.yaml
echo " probe: probe.o" >> dk.yaml
if [ "${{ inputs.linux-version }}" = "" ]; then
krel=$(grep "_tag" PKGBUILD | head -n1 | awk -F"=" '{print $2}')
echo "kernelrelease: ${krel:1}" >> dk.yaml
echo "target: vanilla" >> dk.yaml
echo "kernelconfigdata: \"$(cat config | base64 | tr -d '\n')\"" >> dk.yaml
else
echo "kernelrelease: ${{ inputs.linux-version }}" >> dk.yaml
echo "target: arch" >> dk.yaml
fi
echo "latest_vers=$(grep kernelrelease dk.yaml | awk -F": " '{print $2}')" >> $GITHUB_OUTPUT
- name: Upload driverkit config
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: driverkit_config.yaml
path: linux/dk.yaml
build-latest-kernel-amd64:
needs: 'compute-latest-version'
outputs:
build: ${{ steps.build.outcome }}
runs-on: 'ubuntu-latest'
steps:
- name: Download driverkit config
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: driverkit_config.yaml
- name: Download latest driverkit artifact
uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6
with:
name: driverkit-amd64
workflow: release.yml
repo: falcosecurity/driverkit
- name: Test drivers build
id: build
run: |
echo "Testing build of drivers against: ${{ needs.compute-latest-version.outputs.latest_vers }}"
chmod +x driverkit
./driverkit docker -c dk.yaml -l debug --timeout 300
build-latest-kernel-arm64:
needs: 'compute-latest-version'
outputs:
build: ${{ steps.build.outcome }}
runs-on: 'github-arm64-2c-8gb'
steps:
- name: Download driverkit config
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: driverkit_config.yaml
- name: Download latest driverkit artifact
uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6
with:
name: driverkit-arm64
workflow: release.yml
repo: falcosecurity/driverkit
- name: Test drivers build
id: build
run: |
echo "Testing build of drivers against: ${{ needs.compute-latest-version.outputs.latest_vers }}"
chmod +x driverkit
./driverkit docker -c dk.yaml -l debug --timeout 300
badge-latest-kernel:
if: always() && github.event_name == 'schedule'
runs-on: 'ubuntu-latest'
needs: [compute-latest-version,build-latest-kernel-amd64,build-latest-kernel-arm64]
steps:
- name: Update README badge
uses: schneegans/dynamic-badges-action@e9a478b16159b4d31420099ba146cdc50f134483 # v1.7.0
with:
auth: ${{ secrets.FEDEDP_GIST_SECRET }}
gistID: 1cbc5d42edf8e3a02fb75e76625f1072
filename: kernel.json
label: Drivers build
message: ${{ needs.compute-latest-version.outputs.latest_vers }}
color: ${{ (needs.build-latest-kernel-amd64.outputs.build != 'success' || needs.build-latest-kernel-arm64.outputs.build != 'success') && 'red' || 'brightgreen' }}