tetragon: Allow persistent enforcement during tetragon restart #3337
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PodInfo Integration Test | |
| on: | |
| pull_request: | |
| types: | |
| - opened | |
| - synchronize | |
| - reopened | |
| paths-ignore: | |
| - 'docs/**' | |
| push: | |
| branches: | |
| - main | |
| paths-ignore: | |
| - 'docs/**' | |
| jobs: | |
| build: | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 40 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
| - name: Set Up Job Variables | |
| id: vars | |
| run: | | |
| if [ ${{ github.event.issue.pull_request || github.event.pull_request }} ]; then | |
| PR_API_JSON=$(curl \ | |
| -H "Accept: application/vnd.github.v3+json" \ | |
| -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ | |
| ${{ github.event.issue.pull_request.url || github.event.pull_request.url }}) | |
| SHA=$(echo "$PR_API_JSON" | jq -r ".head.sha") | |
| else | |
| SHA=${{ github.sha }} | |
| fi | |
| echo "sha=${SHA}" >> $GITHUB_OUTPUT | |
| echo "operatorImage=quay.io/cilium/tetragon-operator-ci:${SHA}" >> $GITHUB_OUTPUT | |
| - name: Install Go | |
| uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 | |
| with: | |
| # renovate: datasource=golang-version depName=go | |
| go-version: '1.22.4' | |
| - name: Install Kind and create cluster | |
| uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 | |
| - name: Pull Tetragon Images | |
| uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0 | |
| with: | |
| timeout_minutes: 2 | |
| max_attempts: 30 | |
| retry_wait_seconds: 30 | |
| warning_on_retry: false | |
| command: | | |
| set -e | |
| docker pull ${{ steps.vars.outputs.operatorImage }} | |
| - name: Run go tests | |
| run: | | |
| helm upgrade --install tetragon ./install/kubernetes/tetragon -n kube-system \ | |
| --set tetragonOperator.podInfo.enabled=true \ | |
| --set tetragonOperator.image.override=${{ steps.vars.outputs.operatorImage }} | |
| kubectl rollout status -n kube-system deployment/tetragon-operator | |
| go test --tags=integration -v ./operator/... |