github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-06-29 08:07:24 +00:00
Code Issues Projects Releases Wiki Activity

chore(ci): added some comments.

Browse Source 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>

Co-authored-by: Luca Guerra <luca@guerra.sh>
This commit is contained in:
Federico Di Pierro 2023-04-27 10:11:30 +02:00 committed by poiana
parent 89f29e6d4b
commit d27828a0d2
5 changed files with 18 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/master.yaml vendored
View File

@ -3,7 +3,7 @@ on:
push: push:
branches: [master] branches: [master]
# Checks if any concurrent jobs under the same pull request or branch are being executed # Checks if any concurrent jobs is running for master CI and eventually cancel it
concurrency: concurrency:
group: ci-master group: ci-master
cancel-in-progress: true cancel-in-progress: true
@ -29,6 +29,7 @@ jobs:
version: ${{ needs.build-dev-packages.outputs.version }} version: ${{ needs.build-dev-packages.outputs.version }}
secrets: inherit secrets: inherit
# Both build-dev-docker and its arm64 counterpart require build-dev-packages because they use its output
build-dev-docker: build-dev-docker:
needs: [build-dev-packages, publish-dev-packages] needs: [build-dev-packages, publish-dev-packages]
uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@master uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@master

3
.github/workflows/release.yaml vendored
View File

@ -4,7 +4,7 @@ on:
tags: tags:
- '[0-9]+.[0-9]+.[0-9]+' - '[0-9]+.[0-9]+.[0-9]+'
# Checks if any concurrent jobs under the same pull request or branch are being executed # Checks if any concurrent jobs is running for release CI and eventually cancel it.
concurrency: concurrency:
group: ci-release group: ci-release
cancel-in-progress: true cancel-in-progress: true
@ -29,6 +29,7 @@ jobs:
version: ${{ needs.build-packages.outputs.version }} version: ${{ needs.build-packages.outputs.version }}
secrets: inherit secrets: inherit
# Both build-docker and its arm64 counterpart require build-packages because they use its output
build-docker: build-docker:
needs: [build-packages, publish-packages] needs: [build-packages, publish-packages]
uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@master uses: falcosecurity/falco/.github/workflows/reusable_build_docker.yaml@master

4
.github/workflows/reusable_build_docker.yaml vendored
View File

@ -16,6 +16,10 @@ on:
required: true required: true
type: string type: string
# Here we just build all docker images as tarballs,
# then we upload all the tarballs to be later downloaded by reusable_publish_docker workflow.
# In this way, we don't need to publish any arch specific image,
# and this "build" workflow is actually only building images.
jobs: jobs:
build-docker: build-docker:
# See https://github.com/actions/runner/issues/409#issuecomment-1158849936 # See https://github.com/actions/runner/issues/409#issuecomment-1158849936

3
.github/workflows/reusable_build_packages.yaml vendored
View File

@ -17,6 +17,7 @@ jobs:
runs-on: ${{ (inputs.arch == 'aarch64' && fromJSON('[ "self-hosted", "linux", "ARM64" ]')) || 'ubuntu-latest' }} runs-on: ${{ (inputs.arch == 'aarch64' && fromJSON('[ "self-hosted", "linux", "ARM64" ]')) || 'ubuntu-latest' }}
container: fedora:latest container: fedora:latest
steps: steps:
# Always install deps before invoking checkout action, to properly perform a full clone.
- name: Install build dependencies - name: Install build dependencies
run: | run: |
dnf install -y bpftool ca-certificates cmake make automake gcc gcc-c++ kernel-devel clang git pkg-config autoconf automake libbpf-devel dnf install -y bpftool ca-certificates cmake make automake gcc gcc-c++ kernel-devel clang git pkg-config autoconf automake libbpf-devel
@ -47,6 +48,7 @@ jobs:
outputs: outputs:
version: ${{ steps.store_version.outputs.version }} version: ${{ steps.store_version.outputs.version }}
steps: steps:
# Always install deps before invoking checkout action, to properly perform a full clone.
- name: Install build dependencies - name: Install build dependencies
run: | run: |
yum -y install centos-release-scl yum -y install centos-release-scl
@ -132,6 +134,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: alpine:3.17 container: alpine:3.17
steps: steps:
# Always install deps before invoking checkout action, to properly perform a full clone.
- name: Install build dependencies - name: Install build dependencies
run: | run: |
apk add g++ gcc cmake make git bash perl linux-headers autoconf automake m4 libtool elfutils-dev libelf-static patch binutils bpftool clang apk add g++ gcc cmake make git bash perl linux-headers autoconf automake m4 libtool elfutils-dev libelf-static patch binutils bpftool clang

4
.github/workflows/reusable_publish_packages.yaml vendored
View File

@ -34,6 +34,8 @@ jobs:
yum install rpm-sign expect which createrepo gpg python python-pip -y yum install rpm-sign expect which createrepo gpg python python-pip -y
pip install awscli==1.19.47 pip install awscli==1.19.47
# Configure AWS role; see https://github.com/falcosecurity/test-infra/pull/1102
# Note: master CI can only push dev packages as we have 2 different roles for master and release.
- name: Configure AWS credentials - name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2 uses: aws-actions/configure-aws-credentials@v2
with: with:
@ -92,6 +94,8 @@ jobs:
apt-get install apt-utils bzip2 gpg python python3-pip -y apt-get install apt-utils bzip2 gpg python python3-pip -y
pip install awscli pip install awscli
# Configure AWS role; see https://github.com/falcosecurity/test-infra/pull/1102
# Note: master CI can only push dev packages as we have 2 different roles for master and release.
- name: Configure AWS credentials - name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2 uses: aws-actions/configure-aws-credentials@v2
with: with: