refactor(userspace/libsinsp): modularize filtercheck.h/.cpp and filter.h/.cpp in many subfiles #4115
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI Build | |
on: | |
pull_request: | |
push: | |
branches: | |
- master | |
- 'release/**' | |
- 'maintainers/**' | |
workflow_dispatch: | |
# Checks if any concurrent jobs under the same pull request or branch are being executed | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
paths-filter: | |
runs-on: ubuntu-latest | |
outputs: | |
driver_changed: ${{ steps.filter.outputs.driver }} | |
libscap_changed: ${{ steps.filter.outputs.libscap }} | |
libsinsp_changed: ${{ steps.filter.outputs.libsinsp }} | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: dorny/paths-filter@v2 | |
id: filter | |
with: | |
filters: | | |
driver: | |
- 'driver/**' | |
libscap: | |
- 'userspace/libscap/**' | |
libsinsp: | |
- 'userspace/libsinsp/**' | |
build-libs-linux-amd64: | |
name: build-libs-linux-amd64 😁 | |
strategy: | |
matrix: | |
name: [system_deps, bundled_deps, system_deps_w_chisels, system_deps_minimal] | |
include: | |
- name: system_deps | |
cmake_opts: -DBUILD_WARNINGS_AS_ERRORS=On -DBUILD_BPF=On -DUSE_BUNDLED_DEPS=False | |
- name: bundled_deps | |
cmake_opts: -DBUILD_WARNINGS_AS_ERRORS=On -DBUILD_BPF=On -DUSE_BUNDLED_DEPS=True | |
- name: system_deps_w_chisels | |
cmake_opts: -DBUILD_WARNINGS_AS_ERRORS=On -DBUILD_BPF=On -DUSE_BUNDLED_DEPS=False -DWITH_CHISEL=True | |
- name: system_deps_minimal | |
cmake_opts: -DBUILD_WARNINGS_AS_ERRORS=On -DUSE_BUNDLED_DEPS=False -DMINIMAL_BUILD=True | |
runs-on: ubuntu-latest | |
container: | |
image: debian:buster | |
steps: | |
- name: Install deps ⛓️ | |
run: | | |
apt update && apt install -y --no-install-recommends ca-certificates cmake build-essential git clang llvm pkg-config autoconf automake libtool libelf-dev wget libc-ares-dev libcurl4-openssl-dev libssl-dev libtbb-dev libjq-dev libjsoncpp-dev libgrpc++-dev protobuf-compiler-grpc libgtest-dev libprotobuf-dev liblua5.1-dev linux-headers-amd64 | |
- name: Checkout Libs ⤵️ | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Install deps ⛓️ | |
run: | | |
.github/install-deps.sh | |
- name: Git safe directory | |
run: | | |
git config --global --add safe.directory $GITHUB_WORKSPACE | |
- name: Build and test 🏗️🧪 | |
run: | | |
mkdir -p build | |
cd build && cmake ${{ matrix.cmake_opts }} ../ | |
KERNELDIR=/lib/modules/$(ls /lib/modules)/build make -j4 | |
make run-unit-tests | |
build-libs-linux-amd64-asan: | |
name: build-libs-linux-amd64-asan 🧐 | |
runs-on: ubuntu-latest | |
container: | |
image: debian:buster | |
steps: | |
- name: Install deps ⛓️ | |
run: | | |
apt update && apt install -y --no-install-recommends ca-certificates cmake build-essential git clang llvm pkg-config autoconf automake libtool libelf-dev wget libc-ares-dev libcurl4-openssl-dev libssl-dev libtbb-dev libjq-dev libjsoncpp-dev libgrpc++-dev protobuf-compiler-grpc libgtest-dev libprotobuf-dev liblua5.1-dev linux-headers-amd64 | |
- name: Checkout Libs ⤵️ | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Install deps ⛓️ | |
run: | | |
.github/install-deps.sh | |
- name: Git safe directory | |
run: | | |
git config --global --add safe.directory $GITHUB_WORKSPACE | |
- name: Build and test 🏗️🧪 | |
run: | | |
mkdir -p build | |
cd build && LDFLAGS="-lpthread" cmake -DCMAKE_C_FLAGS=-fsanitize=address -DCMAKE_CXX_FLAGS=-fsanitize=address -DUSE_BUNDLED_DEPS=False ../ | |
KERNELDIR=/lib/modules/$(ls /lib/modules)/build make -j4 | |
make run-unit-tests | |
build-shared-libs-linux-amd64: | |
name: build-shared-libs-linux-amd64 🧐 | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Libs ⤵️ | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Git safe directory | |
run: | | |
git config --global --add safe.directory $GITHUB_WORKSPACE | |
- name: Install deps ⛓️ | |
run: | | |
sudo apt update | |
sudo apt install -y --no-install-recommends ca-certificates cmake build-essential git clang llvm pkg-config autoconf automake libtool libelf-dev wget libc-ares-dev libcurl4-openssl-dev libssl-dev libre2-dev libtbb-dev libjq-dev libjsoncpp-dev libgrpc++-dev protobuf-compiler-grpc libgtest-dev libprotobuf-dev liblua5.1-dev linux-headers-$(uname -r) | |
sudo .github/install-deps.sh | |
- name: Build and test 🏗️🧪 | |
run: | | |
mkdir -p build | |
cd build && cmake -DBUILD_SHARED_LIBS=True -DUSE_BUNDLED_DEPS=False -DMINIMAL_BUILD=True -DCMAKE_INSTALL_PREFIX=/tmp/libs-test ../ | |
KERNELDIR=/lib/modules/$(ls /lib/modules)/build make -j4 | |
make run-unit-tests | |
- name: Install | |
run: | | |
cd build | |
make install | |
- name: Test sinsp-example build with pkg-config | |
run: | | |
cd userspace/libsinsp/examples | |
export PKG_CONFIG_PATH=/tmp/libs-test/lib/pkgconfig | |
g++ -o sinsp-example test.cpp util.cpp $(pkg-config --cflags --libs libsinsp) | |
- name: Test sinsp-example runtime linker | |
run: | | |
cd userspace/libsinsp/examples | |
export LD_LIBRARY_PATH=/tmp/libs-test/lib/falcosecurity | |
./sinsp-example -h | |
build-libs-others-amd64: | |
name: build-libs-others-amd64 😨 | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [windows-latest, macos-latest] | |
runs-on: ${{ matrix.os }} | |
steps: | |
- name: Checkout Libs ⤵️ | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Build and test 🏗️🧪 | |
run: | | |
mkdir -p build | |
cd build && cmake -DUSE_BUNDLED_DEPS=ON -DCMAKE_BUILD_TYPE=Release -DCREATE_TEST_TARGETS=ON -DMINIMAL_BUILD=ON .. | |
cmake --build . --config Release && make run-unit-tests || libsinsp\test\Release\unit-test-libsinsp.exe | |
build-shared-libs-macos-amd64: | |
name: build-shared-libs-macos-amd64 😨 | |
strategy: | |
fail-fast: false | |
runs-on: macos-latest | |
steps: | |
- name: Checkout Libs ⤵️ | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Install deps ⛓️ | |
run: | | |
HOMEBREW_NO_AUTO_UPDATE=1 brew install c-ares re2 tbb jq jsoncpp openssl uthash | |
- name: Build 🏗️ | |
run: | | |
mkdir -p build | |
cd build && cmake -DBUILD_SHARED_LIBS=True -DUSE_BUNDLED_DEPS=False -DUSE_BUNDLED_VALIJSON=ON -DUSE_BUNDLED_TINYDIR=ON -DCMAKE_BUILD_TYPE=Release -DCREATE_TEST_TARGETS=OFF -DMINIMAL_BUILD=ON -DCMAKE_INSTALL_PREFIX=/tmp/libs-test .. | |
cmake --build . --config Release | |
- name: Install | |
run: | | |
cd build | |
make install | |
- name: Test sinsp-example build with pkg-config 🧪 | |
run: | | |
cd userspace/libsinsp/examples | |
export PKG_CONFIG_PATH=/tmp/libs-test/lib/pkgconfig | |
c++ --std=c++17 -o sinsp-example test.cpp util.cpp $(pkg-config --cflags --libs libsinsp) | |
- name: Test sinsp-example runtime linker 🧪 | |
run: | | |
cd userspace/libsinsp/examples | |
export DYLD_LIBRARY_PATH=/tmp/libs-test/lib/falcosecurity | |
./sinsp-example -h | |
# This job run all engine tests and scap-open | |
test-scap-x86: | |
name: test-scap-x86 😆 (bundled_deps) | |
runs-on: ubuntu-22.04 | |
needs: paths-filter | |
if: needs.paths-filter.outputs.driver_changed == 'true' || needs.paths-filter.outputs.libscap_changed == 'true' | |
steps: | |
- name: Checkout Libs ⤵️ | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Install deps ⛓️ | |
run: | | |
sudo apt update | |
sudo apt install -y --no-install-recommends ca-certificates cmake build-essential clang-14 llvm-14 git pkg-config autoconf automake libtool libelf-dev libcap-dev linux-headers-$(uname -r) | |
sudo update-alternatives --install /usr/bin/clang clang /usr/bin/clang-14 90 | |
sudo update-alternatives --install /usr/bin/llvm-strip llvm-strip /usr/bin/llvm-strip-14 90 | |
sudo update-alternatives --install /usr/bin/llc llc /usr/bin/llc-14 90 | |
- name: Build scap-open and drivers 🏗️ | |
run: | | |
mkdir -p build | |
cd build && cmake -DUSE_BUNDLED_DEPS=On -DBUILD_DRIVER=ON -DBUILD_LIBSCAP_MODERN_BPF=ON -DBUILD_BPF=On -DBUILD_LIBSCAP_GVISOR=On -DCREATE_TEST_TARGETS=On -DENABLE_LIBSCAP_TESTS=On ../ | |
make scap-open | |
make driver bpf | |
make libscap_test | |
- name: Run scap-open with modern bpf 🏎️ | |
run: | | |
cd build | |
sudo ./libscap/examples/01-open/scap-open --modern_bpf --num_events 0 | |
- name: Run scap-open with bpf 🏎️ | |
run: | | |
cd build | |
sudo ./libscap/examples/01-open/scap-open --bpf ./driver/bpf/probe.o --num_events 0 | |
- name: Run scap-open with kmod 🏎️ | |
run: | | |
cd build | |
sudo insmod ./driver/scap.ko | |
sudo ./libscap/examples/01-open/scap-open --kmod --num_events 0 | |
sudo rmmod scap | |
- name: Run libscap_test 🏎️ | |
run: | | |
cd build | |
sudo ./test/libscap/libscap_test | |
test-drivers-x86: | |
name: test-drivers-x86 😇 (bundled_deps) | |
runs-on: ubuntu-22.04 | |
needs: paths-filter | |
if: needs.paths-filter.outputs.driver_changed == 'true' || needs.paths-filter.outputs.libscap_changed == 'true' | |
steps: | |
- name: Checkout Libs ⤵️ | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Install deps ⛓️ | |
run: | | |
sudo apt update | |
sudo apt install -y --no-install-recommends ca-certificates cmake build-essential git pkg-config autoconf automake libelf-dev libcap-dev linux-headers-$(uname -r) clang-14 llvm-14 libtool gcc-multilib g++-multilib | |
sudo update-alternatives --install /usr/bin/clang clang /usr/bin/clang-14 90 | |
sudo update-alternatives --install /usr/bin/llvm-strip llvm-strip /usr/bin/llvm-strip-14 90 | |
sudo update-alternatives --install /usr/bin/llc llc /usr/bin/llc-14 90 | |
- name: Build drivers tests 🏗️ | |
run: | | |
mkdir -p build | |
cd build && cmake -DUSE_BUNDLED_DEPS=ON -DENABLE_DRIVERS_TESTS=ON -DBUILD_LIBSCAP_MODERN_BPF=ON -DMODERN_BPF_DEBUG_MODE=ON -DBUILD_BPF=True -DBUILD_LIBSCAP_GVISOR=OFF ../ | |
make drivers_test | |
make driver bpf | |
- name: Run drivers_test with modern bpf 🏎️ | |
run: | | |
cd build | |
sudo ./test/drivers/drivers_test -m | |
- name: Run drivers_test with bpf 🏎️ | |
run: | | |
cd build | |
sudo ./test/drivers/drivers_test -b | |
- name: Run drivers_test with kmod 🏎️ | |
run: | | |
cd build | |
sudo ./test/drivers/drivers_test -k | |
build-libs-s390x: | |
name: build-libs-s390x 😁 (system_deps) | |
runs-on: ubuntu-22.04 | |
needs: paths-filter | |
if: needs.paths-filter.outputs.driver_changed == 'true' || needs.paths-filter.outputs.libsinsp_changed == 'true' | |
steps: | |
- name: Checkout Libs ⤵️ | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- uses: uraimo/[email protected] | |
name: Run s390x build 🏗️ | |
with: | |
arch: s390x | |
distro: ubuntu22.04 | |
githubToken: ${{ github.token }} | |
install: | | |
apt update && apt install -y --no-install-recommends ca-certificates cmake build-essential clang llvm git pkg-config autoconf automake libtool libelf-dev wget libc-ares-dev libcurl4-openssl-dev libssl-dev libtbb-dev libjq-dev libjsoncpp-dev libgrpc++-dev protobuf-compiler-grpc libgtest-dev libprotobuf-dev linux-headers-generic | |
git clone https://github.com/libbpf/bpftool.git --branch v7.0.0 --single-branch | |
cd bpftool | |
git submodule update --init | |
cd src && make install | |
cd ../../ | |
git clone https://github.com/libbpf/libbpf.git --branch v1.0.1 --single-branch | |
cd libbpf/src && BUILD_STATIC_ONLY=y DESTDIR=/ make install | |
ln -s /usr/lib64/libbpf.a /usr/lib/s390x-linux-gnu/ | |
# Please note: we cannot inject the BPF probe inside QEMU, so right now, we only build it | |
run: | | |
git config --global --add safe.directory $GITHUB_WORKSPACE | |
.github/install-deps.sh | |
mkdir -p build | |
cd build && cmake -DBUILD_BPF=On -DUSE_BUNDLED_DEPS=OFF -DMODERN_PROBE_INCLUDE="-I/usr/include/s390x-linux-gnu" -DBUILD_LIBSCAP_MODERN_BPF=ON -DMODERN_BPF_DEBUG_MODE=ON -DBUILD_LIBSCAP_GVISOR=OFF ../ | |
KERNELDIR=/lib/modules/$(ls /lib/modules)/build make scap-open driver bpf unit-test-libsinsp -j6 | |
./libsinsp/test/unit-test-libsinsp | |
# This job checks that a bundled deps of libs is as static as possible | |
test-libs-static: | |
name: test-libs-static (bundled_deps) | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout Libs ⤵️ | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Install deps ⛓️ | |
run: | | |
sudo apt update | |
sudo apt install -y --no-install-recommends ca-certificates cmake build-essential clang-14 llvm-14 git pkg-config autoconf automake libtool libelf-dev libcap-dev linux-headers-$(uname -r) | |
sudo update-alternatives --install /usr/bin/clang clang /usr/bin/clang-14 90 | |
sudo update-alternatives --install /usr/bin/llvm-strip llvm-strip /usr/bin/llvm-strip-14 90 | |
sudo update-alternatives --install /usr/bin/llc llc /usr/bin/llc-14 90 | |
- name: Build sinsp-example | |
run: | | |
mkdir -p build | |
cd build && cmake -DUSE_BUNDLED_DEPS=On -DBUILD_DRIVER=ON -DBUILD_LIBSCAP_MODERN_BPF=ON -DBUILD_BPF=On -DBUILD_LIBSCAP_GVISOR=On -DCREATE_TEST_TARGETS=Off -DENABLE_LIBSCAP_TESTS=Off ../ | |
make -j$(nproc) sinsp-example | |
- name: Ensure that sinsp-example with bundled deps is as static as possible | |
run: | | |
ldd "build/libsinsp/examples/sinsp-example" | cut --fields=2 | cut --delimiter=' ' --fields=1 | rev | cut --delimiter='/' --fields=1 | rev | sort --unique --version-sort > ldd_out.txt | |
cat > expected_ldd_out.txt <<EOF | |
ld-linux-x86-64.so.2 | |
libc.so.6 | |
libgcc_s.so.1 | |
libm.so.6 | |
libstdc++.so.6 | |
linux-vdso.so.1 | |
EOF | |
diff -u expected_ldd_out.txt ldd_out.txt | |
run-e2e-tests-amd64: | |
name: run-e2e-tests-amd64 | |
strategy: | |
fail-fast: false | |
matrix: | |
name: [system_deps, bundled_deps, system_deps_w_chisels, asan] | |
include: | |
- name: system_deps | |
cmake_opts: -DUSE_BUNDLED_DEPS=False | |
- name: bundled_deps | |
cmake_opts: -DUSE_BUNDLED_DEPS=True | |
- name: system_deps_w_chisels | |
cmake_opts: -DUSE_BUNDLED_DEPS=False -DWITH_CHISEL=True | |
- name: asan | |
cmake_opts: -DUSE_BUNDLED_DEPS=True -DCMAKE_C_FLAGS=-fsanitize=address -DCMAKE_CXX_FLAGS=-fsanitize=address | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Install deps ⛓️ | |
run: | | |
sudo apt-get update && sudo apt-get install -y --no-install-recommends \ | |
ca-certificates \ | |
cmake \ | |
build-essential \ | |
clang-14 llvm-14 \ | |
git \ | |
clang \ | |
llvm \ | |
pkg-config \ | |
autoconf \ | |
automake \ | |
libtool \ | |
libelf-dev \ | |
wget \ | |
libc-ares-dev \ | |
libbpf-dev \ | |
libcap-dev \ | |
libcurl4-openssl-dev \ | |
libssl-dev \ | |
libtbb-dev \ | |
libjq-dev \ | |
libjsoncpp-dev \ | |
libgrpc++-dev \ | |
protobuf-compiler-grpc \ | |
libgtest-dev \ | |
libprotobuf-dev \ | |
liblua5.1-dev \ | |
"linux-headers-$(uname -r)" | |
sudo update-alternatives --install /usr/bin/clang clang /usr/bin/clang-14 90 | |
sudo update-alternatives --install /usr/bin/llvm-strip llvm-strip /usr/bin/llvm-strip-14 90 | |
sudo update-alternatives --install /usr/bin/llc llc /usr/bin/llc-14 90 | |
- name: Checkout Libs ⤵️ | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Install deps ⛓️ | |
run: | | |
sudo .github/install-deps.sh | |
- name: Git safe directory | |
run: | | |
git config --global --add safe.directory $GITHUB_WORKSPACE | |
- name: Build and test 🏗️🧪 | |
run: | | |
mkdir -p build && cd build | |
cmake -DBUILD_BPF=ON \ | |
-DBUILD_LIBSCAP_MODERN_BPF=ON \ | |
-DBUILD_LIBSCAP_GVISOR=OFF \ | |
${{ matrix.cmake_opts }} \ | |
-DUSE_BUNDLED_LIBBPF=ON \ | |
.. | |
make -j$(nproc) sinsp-example driver bpf | |
sudo make e2e-install-deps | |
sudo ../test/e2e/scripts/run_tests.sh | |
- name: Archive test reports | |
uses: actions/upload-artifact@v3 | |
if: failure() | |
with: | |
name: ${{ matrix.name }}_report | |
path: | | |
${{ github.workspace }}/build/report/ | |
build-libs-emscripten: | |
name: build-libs-emscripten 🧐 | |
runs-on: ubuntu-latest | |
steps: | |
- name: Install deps ⛓️ | |
run: | | |
sudo apt update | |
sudo apt install -y --no-install-recommends ca-certificates cmake build-essential clang-14 llvm-14 git pkg-config autoconf automake libtool libelf-dev libcap-dev linux-headers-$(uname -r) emscripten | |
- name: Checkout Libs ⤵️ | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Git safe directory | |
run: | | |
git config --global --add safe.directory $GITHUB_WORKSPACE | |
- name: Build and test 🏗️🧪 | |
run: | | |
mkdir -p build | |
cd build && emcmake cmake -DUSE_BUNDLED_DEPS=True ../ | |
KERNELDIR=/lib/modules/$(ls /lib/modules)/build emmake make -j4 | |
KERNELDIR=/lib/modules/$(ls /lib/modules)/build emmake make run-unit-tests -j4 |