CI - build eBPF modules #49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is a basic workflow to help you get started with Actions | |
| name: CI - build eBPF modules | |
| # Controls when the workflow will run | |
| on: | |
| # Triggers the workflow on push or pull request events but only for the "master" branch | |
| push: | |
| paths: | |
| - 'ebpf_prog/*' | |
| - '.github/workflows/build_ebpf_modules.yml' | |
| pull_request: | |
| paths: | |
| - 'ebpf_prog/*' | |
| - '.github/workflows/build_ebpf_modules.yml' | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| # A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
| jobs: | |
| # This workflow contains a single job called "build" | |
| # The matrix configuration will execute the steps, once per dimension defined: | |
| # kernel 5.8 + tag 1.5.0 | |
| # kernel 5.8 + tag master | |
| # kernel 6.0 + tag 1.5.0, etc | |
| build: | |
| strategy: | |
| matrix: | |
| kernel: ["6.0"] | |
| tag: ["1.6.0"] | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Check out code into the Go module directory | |
| uses: actions/checkout@v3 | |
| with: | |
| # ref: can be a branch name, tag, commit, etc | |
| ref: ${{ matrix.tag }} | |
| - name: Get dependencies | |
| run: | | |
| sudo apt-get install git dpkg-dev rpm flex bison ca-certificates wget python3 rsync bc libssl-dev clang llvm libelf-dev libzip-dev git libnetfilter-queue-dev libpcap-dev protobuf-compiler python3-pip dh-golang golang-any golang-golang-x-net-dev golang-google-grpc-dev golang-goprotobuf-dev libmnl-dev golang-github-vishvananda-netlink-dev golang-github-evilsocket-ftrace-dev golang-github-google-gopacket-dev golang-github-fsnotify-fsnotify-dev linux-headers-$(uname -r) | |
| - name: Download kernel sources and compile eBPF modules | |
| run: | | |
| kernel_version="${{ matrix.kernel }}" | |
| if [ ! -d utils/packaging/ ]; then | |
| mkdir -p utils/packaging/ | |
| fi | |
| wget https://raw.githubusercontent.com/evilsocket/opensnitch/master/utils/packaging/build_modules.sh -O utils/packaging/build_modules.sh | |
| bash utils/packaging/build_modules.sh $kernel_version | |
| sha1sum ebpf_prog/modules/opensnitch*o > ebpf_prog/modules/checksums.txt | |
| - uses: actions/upload-artifact@v3 | |
| with: | |
| name: opensnitch-ebpf-modules-${{ matrix.kernel }}-${{ matrix.tag }} | |
| path: ebpf_prog/modules/* |