From 4e514e5081f9fafca1b1af318e38faf6a6cdef95 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Fri, 20 Sep 2024 16:05:44 +0200 Subject: [PATCH 1/5] new(ci): add a zig build job plus a composite action to setup zig. Signed-off-by: Federico Di Pierro --- .github/actions/install-zig/action.yml | 47 ++++++++++++++++++++++++++ .github/workflows/ci.yml | 10 +++++- 2 files changed, 56 insertions(+), 1 deletion(-) create mode 100644 .github/actions/install-zig/action.yml diff --git a/.github/actions/install-zig/action.yml b/.github/actions/install-zig/action.yml new file mode 100644 index 0000000000..e7eb11f98b --- /dev/null +++ b/.github/actions/install-zig/action.yml @@ -0,0 +1,47 @@ +name: 'install-zig' +description: 'Install zig compiler and make it available in PATH.' + +inputs: + sudo: + description: 'Specify a sudo command. Put it empty when sudo is not available.' + required: false + default: 'sudo' + +outputs: + zig_path: + description: "Path of installed zig, automatically added to GITHUB_PATH" + value: ${{ steps.zig.outputs.zig-path }} + +runs: + using: "composite" + steps: + - name: Install zig + shell: bash + id: zig + env: + ZIG_VERSION: '0.14.0-dev.1588+2111f4c38' + run: | + curl -L -o zig.tar.xz https://ziglang.org/builds/zig-linux-$(uname -m)-${ZIG_VERSION}.tar.xz + tar -xvf zig.tar.xz + + cat > zig-linux-$(uname -m)-${ZIG_VERSION}/zig-cc < zig-linux-$(uname -m)-${ZIG_VERSION}/zig-c++ <> $GITHUB_PATH + echo "CC=zig-cc" >> $GITHUB_ENV + echo "CXX=zig-c++" >> $GITHUB_ENV + echo "AR=zig ar" >> $GITHUB_ENV + echo "RANLIB=zig ranlib" >> $GITHUB_ENV + + echo "zig-path=/usr/local/zig/zig-linux-$(uname -m)-${ZIG_VERSION}" >> $GITHUB_OUTPUT diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2957148a63..f94455db46 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,7 +21,7 @@ jobs: fail-fast: false matrix: arch: [amd64, arm64] - name: [system_deps, bundled_deps, system_deps_minimal, sanitizers] + name: [system_deps, bundled_deps, system_deps_minimal, sanitizers, zig] include: - name: system_deps cmake_opts: -DBUILD_WARNINGS_AS_ERRORS=On -DBUILD_BPF=On -DUSE_BUNDLED_DEPS=False @@ -31,6 +31,8 @@ jobs: cmake_opts: -DBUILD_WARNINGS_AS_ERRORS=On -DUSE_BUNDLED_DEPS=False -DMINIMAL_BUILD=True - name: sanitizers cmake_opts: -DUSE_ASAN=On -DUSE_UBSAN=On -DUSE_BUNDLED_DEPS=False + - name: zig + cmake_opts: -DUSE_BUNDLED_DEPS=True container: image: debian:buster steps: @@ -59,6 +61,12 @@ jobs: run: | git config --global --add safe.directory $GITHUB_WORKSPACE + - name: Install zig + if: matrix.name == 'zig' + uses: ./.github/actions/install-zig + with: + sudo: '' + - name: Build and test ๐Ÿ—๏ธ๐Ÿงช env: UBSAN_OPTIONS: print_stacktrace=1 From 0b6cc6ad19c7a75dbba2adc5676afa81bf68732d Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Fri, 20 Sep 2024 17:36:28 +0200 Subject: [PATCH 2/5] chore(ci): keep zig development version alive by using actions/cache. Signed-off-by: Federico Di Pierro --- .github/actions/install-zig/action.yml | 29 +++++++++++++++++--------- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/.github/actions/install-zig/action.yml b/.github/actions/install-zig/action.yml index e7eb11f98b..6c4b7dca30 100644 --- a/.github/actions/install-zig/action.yml +++ b/.github/actions/install-zig/action.yml @@ -7,17 +7,23 @@ inputs: required: false default: 'sudo' -outputs: - zig_path: - description: "Path of installed zig, automatically added to GITHUB_PATH" - value: ${{ steps.zig.outputs.zig-path }} - runs: using: "composite" steps: - - name: Install zig + # TODO: this is only needed because we are using a development version of zig, + # since we need https://github.com/ziglang/zig/pull/21253 to be included. + # Development versions of zig are not kept alive forever, but get overridden. + # We cache it to keep it alive. + - name: Download zig (cached) + id: cache-zig + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 + with: + path: /usr/local/zig + key: zig-${{ runner.os }}-${{ runner.arch }} + + - name: Download zig + if: steps.cache-zig.outputs.cache-hit != 'true' shell: bash - id: zig env: ZIG_VERSION: '0.14.0-dev.1588+2111f4c38' run: | @@ -38,10 +44,13 @@ runs: ${{ inputs.sudo }} mkdir -p /usr/local/zig/ ${{ inputs.sudo }} cp -R zig-linux-$(uname -m)-${ZIG_VERSION}/* /usr/local/zig/ + + - name: Setup zig + shell: bash + id: zig + run: | echo "/usr/local/zig" >> $GITHUB_PATH echo "CC=zig-cc" >> $GITHUB_ENV echo "CXX=zig-c++" >> $GITHUB_ENV echo "AR=zig ar" >> $GITHUB_ENV - echo "RANLIB=zig ranlib" >> $GITHUB_ENV - - echo "zig-path=/usr/local/zig/zig-linux-$(uname -m)-${ZIG_VERSION}" >> $GITHUB_OUTPUT + echo "RANLIB=zig ranlib" >> $GITHUB_ENV \ No newline at end of file From b4a2497460c7376edf64d9499358982a16b8c071 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Mon, 23 Sep 2024 09:46:39 +0200 Subject: [PATCH 3/5] chore(ci): bump the zig version to latest. Moreover, use zig version as cache key too. Signed-off-by: Federico Di Pierro --- .github/actions/install-zig/action.yml | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/.github/actions/install-zig/action.yml b/.github/actions/install-zig/action.yml index 6c4b7dca30..75d937baeb 100644 --- a/.github/actions/install-zig/action.yml +++ b/.github/actions/install-zig/action.yml @@ -10,6 +10,14 @@ inputs: runs: using: "composite" steps: + - name: Store zig version as local output + shell: bash + id: store + env: + ZIG_VERSION: '0.14.0-dev.1632+d83a3f174' + run: | + echo "zig_version=${ZIG_VERSION}" >> "$GITHUB_OUTPUT" + # TODO: this is only needed because we are using a development version of zig, # since we need https://github.com/ziglang/zig/pull/21253 to be included. # Development versions of zig are not kept alive forever, but get overridden. @@ -19,31 +27,29 @@ runs: uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: /usr/local/zig - key: zig-${{ runner.os }}-${{ runner.arch }} + key: zig-${{ runner.os }}-${{ runner.arch }}-${{ steps.store.outputs.zig_version }} - name: Download zig if: steps.cache-zig.outputs.cache-hit != 'true' shell: bash - env: - ZIG_VERSION: '0.14.0-dev.1588+2111f4c38' run: | - curl -L -o zig.tar.xz https://ziglang.org/builds/zig-linux-$(uname -m)-${ZIG_VERSION}.tar.xz + curl -L -o zig.tar.xz https://ziglang.org/builds/zig-linux-$(uname -m)-${{ steps.store.outputs.zig_version }}.tar.xz tar -xvf zig.tar.xz - cat > zig-linux-$(uname -m)-${ZIG_VERSION}/zig-cc < zig-linux-$(uname -m)-${{ steps.store.outputs.zig_version }}/zig-cc < zig-linux-$(uname -m)-${ZIG_VERSION}/zig-c++ < zig-linux-$(uname -m)-${{ steps.store.outputs.zig_version }}/zig-c++ < Date: Mon, 23 Sep 2024 11:01:06 +0200 Subject: [PATCH 4/5] chore(ci): check linked glibc version on zig. Signed-off-by: Federico Di Pierro --- .github/workflows/ci.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f94455db46..beea94ccc3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -76,6 +76,19 @@ jobs: KERNELDIR=/lib/modules/$(ls /lib/modules)/build make -j4 make run-unit-tests + # On zig, build also sinsp-example and check the glibc linked versions + # to make sure we are actually using the correct glibc version. + - name: Test zig build glibc version + if: matrix.name == 'zig' + run: | + cd build + objdump -T libsinsp/test/unit-test-libsinsp | grep -Eo 'GLIBC_\S+' | sort -u -t "." -k1,1n -k2,2n -k3,3n + linked_glibc=$(objdump -T libsinsp/test/unit-test-libsinsp | grep -Eo 'GLIBC_\S+' | sort -u -t "." -k1,1n -k2,2n -k3,3n | tail -n1 | tr -d ')') + if [ "$linked_glibc" != "GLIBC_2.17" ]; then + echo "Expected glibc 2.17; found $linked_glibc" + exit 1 + fi + build-libs-linux-amd64-static: name: build-libs-linux-amd64-static ๐ŸŽƒ runs-on: ubuntu-latest From 5abb3dbdfa937d04133421a116f4aa97d289ccd1 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Mon, 23 Sep 2024 15:05:07 +0200 Subject: [PATCH 5/5] chore(userspace/libsinsp): bypass scarf when downloading test fixtures. Signed-off-by: Federico Di Pierro --- userspace/libsinsp/test/CMakeLists.txt | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/userspace/libsinsp/test/CMakeLists.txt b/userspace/libsinsp/test/CMakeLists.txt index 44e50efa2f..8a95ce67c2 100644 --- a/userspace/libsinsp/test/CMakeLists.txt +++ b/userspace/libsinsp/test/CMakeLists.txt @@ -58,7 +58,9 @@ if((NOT ${CMAKE_HOST_SYSTEM_PROCESSOR} STREQUAL "s390x") AND ${SCAP_FILES_SUITE_ file(MAKE_DIRECTORY "${CMAKE_BINARY_DIR}/scap_files") # Add here the name for new scap-files set(SCAP_FILE_NAMES "kexec_arm64.scap" "kexec_x86.scap" "sample.scap") - set(SCAP_FILE_DOWNLOAD_PREFIX "https://download.falco.org/fixtures/libs/scap_files") + set(SCAP_FILE_DOWNLOAD_PREFIX + "https://falco-distribution.s3.eu-west-1.amazonaws.com/fixtures/libs/scap_files" + ) message(STATUS "Download all scap-files from: ${SCAP_FILE_DOWNLOAD_PREFIX}") foreach(FILE_NAME ${SCAP_FILE_NAMES}) message(STATUS "Downloading scap-file: ${SCAP_FILE_DOWNLOAD_PREFIX}/${FILE_NAME}")