forked from aquasecurity/btfhub
-
Notifications
You must be signed in to change notification settings - Fork 0
140 lines (124 loc) · 5.14 KB
/
rhel7.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
name: RHEL 7 x86_64
on:
schedule:
- cron: "0 1 * * *"
workflow_dispatch: {}
env:
BTFHUB_NO_SUDO: true
CONTAINER: registry.access.redhat.com/rhel7:latest
CONTAINER_NAME: build-container
jobs:
rhel7-update:
name: rhel 7 x86_64
runs-on: ubuntu-24.04
steps:
- name: github authenticate
run: |
gh auth login --with-token <<<'${{ secrets.DD_BTFHUB_BOT_GITHUB_TOKEN }}'
- name: checkout btfhub
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
token: ${{ secrets.DD_BTFHUB_BOT_GITHUB_TOKEN }}
submodules: 'recursive'
- name: checkout btfhub-archive
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
repository: DataDog/btfhub-archive
ref: main
token: ${{ secrets.DD_BTFHUB_BOT_GITHUB_TOKEN }}
path: archive
sparse-checkout: |
rhel/7/x86_64
# We manually start a container and execute scripts in it instead of using `jobs.build.container`,
# otherwise we couldn't use GitHub-provided actions (checkout, cache, etc.) as they rely on Node20
# which would not necessarily be available on some containers (e.g., Ubuntu 18.04).
#
# See: https://github.com/actions/checkout/issues/1590
- name: start docker container
run: |
docker pull $CONTAINER
docker run --name $CONTAINER_NAME -d -v ${{ github.workspace }}:/workspace $CONTAINER tail -f /dev/null
- name: install required packages
env:
SCRIPT: |
set -ex
rm /etc/rhsm-host
yum repolist --disablerepo=*
subscription-manager register --org=${{ secrets.DD_BTFHUB_RHEL_ORG_ID }} --activationkey="btfhub-ci"
subscription-manager repos --enable=rhel-7-server-debug-rpms --enable=rhel-7-server-rpms
yum install -y yum-utils wget bzip2 zlib-devel m4 xz gzip cmake find make
run: docker exec $CONTAINER_NAME bash -c "$SCRIPT"
- name: install clang 5 and gcc 7
env:
SCRIPT: |
set -ex
subscription-manager repos --enable rhel-7-server-optional-rpms --enable rhel-server-rhscl-7-rpms --enable rhel-7-server-devtools-rpms
cd /etc/pki/rpm-gpg
wget -O RPM-GPG-KEY-redhat-devel https://www.redhat.com/security/data/a5787476.txt
rpm --import RPM-GPG-KEY-redhat-devel
yum install -y devtoolset-7 llvm-toolset-7
echo 'export PATH=/opt/rh/devtoolset-7/root/usr/bin:${{ '$PATH' }}' >> /etc/profile
echo 'export PATH=/opt/rh/llvm-toolset-7/root/usr/sbin:${{ '$PATH' }}' >> /etc/profile
echo 'export PATH=/opt/rh/llvm-toolset-7/root/usr/bin:${{ '$PATH' }}' >> /etc/profile
subscription-manager repos --disable rhel-7-server-optional-rpms --disable rhel-server-rhscl-7-rpms --disable rhel-7-server-devtools-rpms
run: docker exec $CONTAINER_NAME bash -c "$SCRIPT"
- name: install newer git
env:
SCRIPT: |
set -ex
yum remove -y git
yum install -y https://repo.ius.io/ius-release-el7.rpm https://dl.fedoraproject.org/pub/archive/epel/7/x86_64/Packages/e/epel-release-7-14.noarch.rpm
yum install -y git236
run: docker exec $CONTAINER_NAME bash -c "$SCRIPT"
- name: setup safe git directories
env:
SCRIPT: |
set -ex
git config --system --add safe.directory /workspace
git config --system --add safe.directory /workspace/3rdparty/dwarves
git config --system --add safe.directory /workspace/3rdparty/bpftool
run: docker exec -w /workspace $CONTAINER_NAME bash -c "$SCRIPT"
- name: install go
uses: ./.github/actions/install-go
with:
container-name: $CONTAINER_NAME
- name: build elfutils
uses: ./.github/actions/build-elfutils
with:
container-name: $CONTAINER_NAME
- name: build tar
uses: ./.github/actions/build-tar
with:
container-name: $CONTAINER_NAME
- name: build pahole
uses: ./.github/actions/build-pahole
with:
container-name: $CONTAINER_NAME
- name: build bpftool
uses: ./.github/actions/build-bpftool
with:
container-name: $CONTAINER_NAME
- name: build btfhub
uses: ./.github/actions/build-btfhub
with:
container-name: $CONTAINER_NAME
go-path: /workspace/go/bin/go
- name: generate BTFs
env:
SCRIPT: |
set -ex
./btfhub -workers 6 -d rhel -r 7 -a x86_64
run: docker exec -w /workspace $CONTAINER_NAME bash -c "$SCRIPT"
- name: commit and push to btfhub-archive
uses: ./.github/actions/commit-btfs
with:
platform: "rhel 7 x86_64"
- name: unregister from RHEL
if: always()
env:
SCRIPT: |
set -ex
subscription-manager remove --all
subscription-manager unregister
subscription-manager clean
run: docker exec -w /workspace $CONTAINER_NAME bash -c "$SCRIPT"