Skip to content

ROX-21022 Bumps falco and module version for RHEL 9.3 fix #3641

ROX-21022 Bumps falco and module version for RHEL 9.3 fix

ROX-21022 Bumps falco and module version for RHEL 9.3 fix #3641

Workflow file for this run

name: Main collector CI
on:
push:
branches:
- master
- release-*
tags:
- 3.*.*
pull_request:
types:
- labeled
- unlabeled
- synchronize
- opened
- reopened
permissions:
pull-requests: write
concurrency:
group: ${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
init:
uses: ./.github/workflows/init.yml
secrets: inherit
with:
cpaas-workflow: false
build-drivers:
uses: ./.github/workflows/drivers.yml
with:
drivers-bucket: ${{ needs.init.outputs.drivers-bucket }}
bundles-bucket: ${{ needs.init.outputs.bundles-bucket }}
branch-name: ${{ needs.init.outputs.branch-name }}
needs: init
secrets: inherit
upload-drivers:
uses: ./.github/workflows/upload-drivers.yml
with:
gcp-bucket: ${{ needs.init.outputs.push-drivers-bucket }}
merged-drivers-bucket: ${{ needs.init.outputs.merged-drivers-bucket }}
if: ${{ needs.build-drivers.outputs.parallel-jobs > 0 }}
needs:
- init
- build-drivers
secrets: inherit
check-drivers-build:
uses: ./.github/workflows/check-drivers-failures.yml
needs: build-drivers
if: ${{ needs.build-drivers.outputs.parallel-jobs > 0 }}
secrets: inherit
with:
logs-artifact: driver-build-failures
build-builder-image:
uses: ./.github/workflows/collector-builder.yml
needs: init
with:
collector-tag: ${{ needs.init.outputs.collector-tag }}
secrets: inherit
build-collector-slim:
uses: ./.github/workflows/collector-slim.yml
needs:
- init
- build-builder-image
with:
collector-tag: ${{ needs.init.outputs.collector-tag }}
collector-image: ${{ needs.init.outputs.collector-image }}
collector-builder-tag: ${{ needs.build-builder-image.outputs.collector-builder-tag }}
secrets: inherit
build-collector-full:
uses: ./.github/workflows/collector-full.yml
with:
collector-tag: ${{ needs.init.outputs.collector-tag }}
drivers-bucket: ${{ needs.init.outputs.drivers-bucket }}
arch-drivers-bucket: ${{ needs.init.outputs.cpaas-drivers-bucket }}
skip-built-drivers: ${{ needs.build-drivers.outputs.parallel-jobs == 0 }}
archs: amd64 ppc64le s390x arm64
secrets: inherit
needs:
- init
- build-collector-slim
- build-drivers
build-test-containers:
uses: ./.github/workflows/integration-test-containers.yml
needs:
- init
with:
collector-tag: ${{ needs.init.outputs.collector-tag }}
collector-qa-tag: ${{ needs.init.outputs.collector-qa-tag }}
rebuild-qa-containers: ${{ needs.init.outputs.rebuild-qa-containers == 'true' }}
secrets: inherit
memory-checked-unit-tests:
runs-on: ubuntu-latest
container:
image: quay.io/stackrox-io/collector-builder:${{ needs.build-builder-image.outputs.collector-builder-tag }}
needs:
- build-builder-image
strategy:
fail-fast: false
matrix:
config-args:
- -DADDRESS_SANITIZER=ON
- -DUSE_VALGRIND=ON
steps:
- uses: actions/checkout@v3
with:
submodules: true
- name: Build collector
run: |
cmake -S . -B cmake-build \
${{ matrix.config-args }} \
-DCMAKE_BUILD_TYPE=Debug
make -C cmake-build "-j$(nproc)"
- name: Run unit tests
run: |
ctest -V --test-dir cmake-build
integration-tests:
uses: ./.github/workflows/integration-tests.yml
with:
collector-tag: ${{ needs.init.outputs.collector-tag }}
collector-qa-tag: ${{ needs.init.outputs.collector-qa-tag }}
if: ${{ !contains(github.event.pull_request.labels.*.name, 'skip-integration-tests') }}
needs:
- init
- build-collector-slim
- build-collector-full
- build-test-containers
secrets: inherit
benchmarks:
uses: ./.github/workflows/benchmarks.yml
with:
collector-tag: ${{ needs.init.outputs.collector-tag }}
collector-qa-tag: ${{ needs.init.outputs.collector-qa-tag }}
# Temporarily disable benchmarks due to baseline calculation
# inconsistencies. This will be fixed and re-enabled in the future.
if: false # ${{ !contains(github.event.pull_request.labels.*.name, 'skip-integration-tests') }}
needs:
- init
- build-collector-slim
- build-collector-full
- build-test-containers
secrets: inherit
build-support-packages:
uses: ./.github/workflows/support-packages.yml
with:
branch-name: ${{ needs.init.outputs.branch-name }}
upstream-drivers-bucket: ${{ needs.init.outputs.drivers-bucket }}
downstream-drivers-bucket: ${{ needs.init.outputs.cpaas-drivers-bucket }}/x86_64
support-packages-bucket: ${{ needs.init.outputs.support-packages-bucket }}
support-packages-index-bucket: ${{ needs.init.outputs.support-packages-index-bucket }}
public-support-packages-bucket: ${{ needs.init.outputs.public-support-packages-bucket }}
if: |
always() &&
((github.event_name == 'push' && github.ref_name == 'master') ||
contains(github.event.pull_request.labels.*.name, 'test-support-packages'))
needs:
- init
- build-drivers
- upload-drivers
secrets: inherit