build(deps): bump github.com/containerd/containerd/v2 #229
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and test container plugin | |
| on: | |
| pull_request: | |
| branches: [ main ] | |
| paths: | |
| - 'plugins/container/**' | |
| push: | |
| branches: [ main ] | |
| paths: | |
| - 'plugins/container/**' | |
| workflow_dispatch: | |
| jobs: | |
| build-others: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ windows-latest, macos-latest ] | |
| include: | |
| - os: windows-latest | |
| artifact-name: 'libcontainer-win' | |
| artifact-path: 'plugins/container/container.dll' | |
| - os: macos-latest | |
| artifact-name: 'libcontainer-osx' | |
| artifact-path: 'plugins/container/libcontainer.dylib' | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| fetch-depth: 0 | |
| submodules: 'recursive' | |
| - name: Setup Go | |
| uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 | |
| with: | |
| go-version-file: plugins/container/go-worker/go.mod | |
| cache-dependency-path: plugins/container/go-worker/go.sum | |
| - name: Build plugin library | |
| working-directory: plugins/container | |
| run: make | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 | |
| with: | |
| name: ${{ matrix.artifact-name }} | |
| path: ${{ matrix.artifact-path }} | |
| build-linux: | |
| name: build-linux-${{ matrix.arch }} | |
| runs-on: ${{ (matrix.arch == 'arm64' && 'ubuntu-22.04-arm') || 'ubuntu-22.04' }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: [ amd64, arm64 ] | |
| container: golang:1.23-bullseye | |
| steps: | |
| - name: Install plugin deps | |
| run: apt-get update && apt-get install -y --no-install-recommends zip unzip ninja-build | |
| - name: Install updated cmake version ⛓️ | |
| run: | | |
| curl -L -o /tmp/cmake.tar.gz https://github.com/Kitware/CMake/releases/download/v3.31.4/cmake-3.31.4-linux-$(uname -m).tar.gz | |
| gzip -d /tmp/cmake.tar.gz | |
| tar -xpf /tmp/cmake.tar --directory=/tmp | |
| cp -R /tmp/cmake-3.31.4-linux-$(uname -m)/* /usr | |
| rm -rf /tmp/cmake-3.31.4-linux-$(uname -m) | |
| - name: Checkout | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| fetch-depth: 0 | |
| submodules: 'recursive' | |
| - name: Safe directory | |
| run: git config --global --add safe.directory $GITHUB_WORKSPACE | |
| - name: Build plugin library | |
| working-directory: plugins/container | |
| run: make | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 | |
| with: | |
| name: libcontainer-${{ matrix.arch }} | |
| path: 'plugins/container/libcontainer.so' | |
| test: | |
| name: test-${{ matrix.arch }} | |
| needs: [build-linux] | |
| runs-on: ${{ (matrix.arch == 'arm64' && 'ubuntu-24.04-arm') || 'ubuntu-24.04' }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: [ amd64, arm64 ] | |
| steps: | |
| # libbtrfs: needed by podman package - build dep. | |
| - name: Install go test deps | |
| run: sudo apt-get install -y --no-install-recommends libbtrfs-dev | |
| - name: Checkout repo | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| fetch-depth: 0 | |
| submodules: 'recursive' | |
| - name: Setup Go | |
| uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 | |
| with: | |
| go-version-file: plugins/container/go-worker/go.mod | |
| cache-dependency-path: plugins/container/go-worker/go.sum | |
| - name: Build go-worker executable | |
| working-directory: plugins/container | |
| run: make -C go-worker exe | |
| - name: Run tests | |
| working-directory: plugins/container | |
| run: | | |
| systemctl --user start podman | |
| make test | |
| falco-tests: | |
| needs: [build-linux] | |
| name: falco-tests-${{ matrix.arch }} | |
| runs-on: ${{ (matrix.arch == 'arm64' && 'ubuntu-22.04-arm') || 'ubuntu-22.04' }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: [ amd64, arm64 ] | |
| container: | |
| image: falcosecurity/falco:master-debian | |
| steps: | |
| - name: Download library | |
| uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 | |
| with: | |
| name: libcontainer-${{ matrix.arch }} | |
| path: /usr/share/falco/plugins/ | |
| - name: Run falcosecurity/testing Falco tests | |
| uses: falcosecurity/testing@main | |
| with: | |
| test-falco: 'true' | |
| test-falcoctl: 'false' | |
| test-k8saudit: 'false' | |
| test-dummy: 'false' | |
| static: 'false' | |
| test-drivers: 'false' | |
| show-all: 'true' | |
| sudo: '' | |
| libs-tests: | |
| needs: [build-linux] | |
| uses: falcosecurity/libs/.github/workflows/reusable_e2e_tests.yaml@master | |
| with: | |
| container_plugin_artifact_name: 'libcontainer-amd64' | |
| secrets: inherit | |
| formatting-check: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| - name: Run clang-format style check | |
| uses: jidicula/clang-format-action@6cd220de46c89139a0365edae93eee8eb30ca8fe #v4.16.0 | |
| with: | |
| clang-format-version: '18' | |
| check-path: plugins/container | |
| exclude-regex: 'plugin_config_schema.h' |