Skip to content

Commit

Permalink
Calculate coverage for systemd
Browse files Browse the repository at this point in the history
Signed-off-by: Navin Chandra <navinchandra772@gmail.com>
  • Loading branch information
navin772 committed Aug 29, 2024
1 parent efd2916 commit dabdfe1
Show file tree
Hide file tree
Showing 2 changed files with 81 additions and 9 deletions.
22 changes: 16 additions & 6 deletions .github/workflows/ci-merge-coverage.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ name: ci-merge-coverage

on:
workflow_run:
workflows: [ci-test-ginkgo]
workflows: [ci-test-ginkgo, ci-test-systemd]
types:
- completed

Expand All @@ -12,10 +12,14 @@ jobs:
runs-on: ubuntu-latest
timeout-minutes: 60
steps:
- uses: actions/checkout@v3
with:
submodules: true

- name: Check if all required workflows completed successfully
id: check-workflows
run: |
workflows=("ci-test-ginkgo")
workflows=("ci-test-ginkgo" "ci-test-systemd")
all_completed=true
commit_sha=$(git rev-parse HEAD)
Expand Down Expand Up @@ -43,10 +47,6 @@ jobs:
fi
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- uses: actions/checkout@v3
with:
submodules: true

- uses: actions/setup-go@v5
with:
Expand All @@ -62,6 +62,16 @@ jobs:
name_is_regexp: true
search_artifacts: true

- name: Download systemd coverage files from ci-test-systemd
if: ${{ env.ci-test-systemd_status == 'success' }}
uses: dawidd6/action-download-artifact@v6
with:
workflow: ci-test-systemd.yml
name: coverage.*
path: KubeArmor/
name_is_regexp: true
search_artifacts: true

- uses: codecov/codecov-action@v4
with:
token: ${{ secrets.CODECOV_TOKEN }}
68 changes: 65 additions & 3 deletions .github/workflows/ci-test-systemd.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,11 @@ permissions: read-all
jobs:
build:
name: Test KubeArmor in Systemd Mode
runs-on: ubuntu-20.04
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, bpflsm]
timeout-minutes: 60
steps:
- uses: actions/checkout@v3
with:
Expand All @@ -44,6 +48,14 @@ jobs:
install-only: true
version: v1.25.0

- name: Install protoc-gen-go
if: ${{ matrix.os == 'bpflsm' }}
run: |
go install google.golang.org/protobuf/cmd/protoc-gen-go@latest
go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@latest
env:
GOPATH: /home/vagrant/go

- name: Build Systemd Release
run: make local-release
working-directory: KubeArmor
Expand All @@ -52,6 +64,21 @@ jobs:
run: sudo apt install -y ./dist/kubearmor*amd64.deb
working-directory: KubeArmor

- name: Compile test binary
run: go test -covermode=atomic -coverpkg=./... -c . -o kubearmor-test
working-directory: KubeArmor

- name: Replace with test binary
run: |
sudo mkdir -p /coverage
sudo rm /opt/kubearmor/kubearmor
sudo cp kubearmor-test /opt/kubearmor/
ls -l /opt/kubearmor/
sudo sed -i 's|ExecStart=/opt/kubearmor/kubearmor|ExecStart=/opt/kubearmor/kubearmor-test -test.coverprofile=/coverage/coverage_systemd.out|' /lib/systemd/system/kubearmor.service
sudo systemctl daemon-reload
sudo systemctl restart kubearmor.service
working-directory: KubeArmor

- name: Check journalctl
run: sudo journalctl -u kubearmor --no-pager

Expand All @@ -61,5 +88,40 @@ jobs:
make
working-directory: ./tests/nonk8s_env
timeout-minutes: 30



- name: Kill kubearmor process and copy coverage file
run: |
sudo systemctl stop kubearmor
sleep 15
for i in {1..24}; do
if [ -f /coverage/coverage_systemd.out ]; then
sudo cp /coverage/coverage_systemd.out coverage_systemd_${{ matrix.os }}.out
break
fi
sleep 5
done
working-directory: KubeArmor

- name: Measure code coverage
if: ${{ always() }}
run: |
ls -l
go tool cover -func coverage_systemd_${{ matrix.os }}.out
working-directory: KubeArmor
env:
GOPATH: ${{ matrix.os == 'bpflsm' && '/home/vagrant/go' || '/home/runner/go' }}

- name: Save coverage file
if: ${{ always() }}
uses: actions/upload-artifact@v4
with:
name: coverage-systemd-${{ matrix.os }}
path: KubeArmor/coverage_systemd_${{ matrix.os }}.out

- name: Run cleanup
if: ${{ always() && matrix.os == 'bpflsm' }}
run: |
sudo systemctl disable kubearmor.service
sudo rm -rf /opt/kubearmor/
sudo apt-get --purge remove -y kubearmor
sudo systemctl daemon-reload

0 comments on commit dabdfe1

Please sign in to comment.