Initial public release of retina

Signed-off-by: Vamsi Kalapala <[email protected]> Co-authored-by: Qingchuan Hao <[email protected]> Co-authored-by: Camryn Lee <[email protected]> Co-authored-by: Steven Nguyen <[email protected]> Co-authored-by: Jacques I Massa <[email protected]> Co-authored-by: Anubhab Majumdar <[email protected]> Co-authored-by: Mathew Merrick <[email protected]> Co-authored-by: Tamilmana Manoharan <[email protected]> Co-authored-by: Quang Nguyen <[email protected]> Co-authored-by: Hunter Gregory <[email protected]> Co-authored-by: Anson Qian <[email protected]> Co-authored-by: Evan Baker <[email protected]> Co-authored-by: Isaiah Raya <[email protected]> Co-authored-by: Tatsinnit <[email protected]> Co-authored-by: Pengfei Ni <[email protected]> Co-authored-by: David Schott <[email protected]> Co-authored-by: Jaeryn <[email protected]> Co-authored-by: Spencer McKee <[email protected]> Co-authored-by: Khushbu-Parekh <[email protected]> Co-authored-by: Prabhakaran S <[email protected]> Co-authored-by: Will Daly <[email protected]> Co-authored-by: Tim Raymond <[email protected]> Co-authored-by: Neha Aggarwal <[email protected]>
microsoft · Mar 11, 2024 · d3ae11d · d3ae11d
commit d3ae11d
Show file tree

Hide file tree

Showing 560 changed files with 364,269 additions and 0 deletions.
diff --git a/.github/.markdownlint.json b/.github/.markdownlint.json
@@ -0,0 +1,7 @@
+{
+ "MD013": false,
+ "MD010": false,
+ "MD024": {
+ "siblings_only": true
+ }
+}
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -0,0 +1 @@
+* @microsoft/retina
diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
@@ -0,0 +1,33 @@
+version: 2
+updates:
+ - package-ecosystem: "docker"
+ directory: "/"
+ schedule:
+ interval: "daily"
+ reviewers:
+ - "microsoft/retina"
+ commit-message:
+ prefix: "ci"
+ labels: [ "ci", "dependencies" ]
+ open-pull-requests-limit: 10
+ - package-ecosystem: "github-actions"
+ directory: "/"
+ schedule:
+ interval: "daily"
+ reviewers:
+ - "microsoft/retina"
+ commit-message:
+ prefix: "ci"
+ labels: [ "ci", "dependencies" ]
+ open-pull-requests-limit: 10
+ - package-ecosystem: "gomod"
+ directory: "/"
+ schedule:
+ interval: "daily"
+ reviewers:
+ - "microsoft/retina"
+ commit-message:
+ prefix: "deps"
+ ignore:
+ - dependency-name: "github.com/inspektor-gadget/inspektor-gadget"
+ open-pull-requests-limit: 10
diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
@@ -0,0 +1,39 @@
+name: "CodeQL"
+on:
+ workflow_dispatch:
+ push:
+ branches: [ main ]
+ pull_request:
+ branches: [ main ]
+jobs:
+ analyze:
+ name: Analyze
+ strategy:
+ fail-fast: false
+ matrix:
+ os: [ubuntu-latest, windows-latest]
+ language: [go]
+ go-version: ["1.21"]
+ runs-on: ${{ matrix.os }}
+ timeout-minutes: 60
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+ steps:
+ - name: Setup go
+ uses: actions/setup-go@v5
+ with:
+ go-version: ${{ matrix.go-version }}
+ - name: Checkout repository
+ uses: actions/checkout@v4
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v3
+ with:
+ languages: ${{ matrix.language }}
+ - name: Autobuild
+ uses: github/codeql-action/autobuild@v3
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v3
+ with:
+ category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/commit-message.yaml b/.github/workflows/commit-message.yaml
@@ -0,0 +1,45 @@
+name: commit-message
+on:
+ push:
+ branches: [ main ]
+ pull_request:
+ branches: [ main ]
+ types:
+ - opened
+ - synchronize
+ - edited
+ - reopened
+jobs:
+ commit-message:
+ runs-on: ubuntu-20.04
+ steps:
+ - name: verify_commit_message
+ run: |
+ if [[ "${{ github.event_name }}" == pull_request ]]; then
+ commit_msg_header="${{ github.event.pull_request.title }}"
+ else
+ # get first line of commit message
+ commit_msg_header=`echo "${{ github.event.head_commit.message }}" | head -n 1`
+ fi
+
+ commit_msg_type_regex='feat|fix|refactor|style|test|docs|build|tool|chore|deps'
+ commit_msg_scope_regex='.{1,20}'
+ commit_msg_subject_regex='.{1,150}'
+ commit_msg_regex="^(${commit_msg_type_regex})(\(${commit_msg_scope_regex}\))?: (${commit_msg_subject_regex})\$"
+ merge_msg_regex="^Merge branch '.+' into .+\$"
+ full_regex="(${commit_msg_regex})|(${merge_msg_regex})"
+
+ echo $commit_msg_header | grep -qP "$full_regex" || {
+ echo "ERROR: Invalid commit message header. Please fix format of your PR title or the commit pushed to main."
+ echo "Current value:"
+ echo "$commit_msg_header"
+ echo
+ echo "Examples of valid commits:"
+ echo 'example 1: "feat(cli): new feature"'
+ echo 'example 2: "fix(advanced-metrics): bug fix"'
+ echo 'example 3: "docs: update readme"'
+ echo
+ echo "Valid types are: $commit_msg_type_regex"
+ echo "For more details, see .github/workflows/commit-message.yaml"
+ exit 1
+ }
diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml
@@ -0,0 +1,38 @@
+# Simple workflow for deploying static content to GitHub Pages
+name: Build and Deploy Retina.sh
+on:
+ push:
+ branches: ["docs", "main", "ghpages"]
+ workflow_dispatch:
+permissions:
+ contents: read
+ pages: write
+ id-token: write
+concurrency:
+ group: "pages"
+ cancel-in-progress: false
+jobs:
+ deploy:
+ environment:
+ name: retina.sh 
+ url: ${{ steps.deployment.outputs.page_url }}
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ - name: Setup Pages
+ uses: actions/configure-pages@v3
+ - uses: actions/setup-node@v3
+ with:
+ node-version: 20
+ - name: build
+ run: |
+ npm install --prefix site/
+ npm run build --prefix site/
+ - name: Upload artifact
+ uses: actions/upload-pages-artifact@v1
+ with:
+ path: "./site/build"
+ - name: Deploy to GitHub Pages
+ id: deployment
+ uses: actions/deploy-pages@v1
diff --git a/.github/workflows/golangci-lint.yaml b/.github/workflows/golangci-lint.yaml
@@ -0,0 +1,30 @@
+name: golangci-lint
+on:
+ workflow_dispatch:
+ push:
+ branches: [ main ]
+ pull_request:
+ branches: [ main ]
+jobs:
+ golangci:
+ strategy:
+ fail-fast: false
+ matrix:
+ go-version: ['1.21.x']
+ os: [ubuntu-latest, windows-latest]
+ name: Lint
+ runs-on: ${{ matrix.os }}
+ steps:
+ - uses: actions/setup-go@v5
+ with:
+ go-version: ${{ matrix.go-version }}
+ - uses: actions/checkout@v4
+ with:
+ fetch-depth: 0
+ - name: golangci-lint
+ uses: golangci/golangci-lint-action@v4
+ with:
+ version: v1.55
+ args: --concurrency 4 --verbose --new-from-rev=origin/master --config=.golangci.yml --timeout=25m 
+ only-new-issues: true
+ skip-cache: true
diff --git a/.github/workflows/images.yaml b/.github/workflows/images.yaml
@@ -0,0 +1,86 @@
+name: Build and Publish Retina Container Images
+
+on:
+ push:
+ branches: [ main ]
+ pull_request:
+ branches: [ main ]
+
+jobs:
+ images:
+ name: Build Images
+ runs-on: ubuntu-latest
+
+ strategy:
+ matrix:
+ platform: ["linux"]
+ arch: ["amd64", "arm64"]
+ component: ["agent", "operator"]
+
+ # required for AZ login/SP
+ permissions:
+ id-token: write
+ contents: read
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - uses: actions/setup-go@v4
+ with:
+ go-version: ">=1.21.0"
+ - run: go version
+
+ - name: Set up QEMU
+ uses: docker/setup-qemu-action@v3
+
+ - name: Az CLI login
+ uses: azure/login@v1
+ with:
+ client-id: ${{ secrets.AZURE_CLIENT_ID }}
+ tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+ subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+ - name: Build/Push Images
+ shell: bash
+ run: |
+ set -euo pipefail
+ az acr login -n ${{ secrets.ACR_NAME }}
+ echo "TAG=$(make version)" >> $GITHUB_ENV
+ make build PLATFORMS=${{ matrix.platform }}/${{ matrix.arch }} COMPONENT=${{ matrix.component }}
+
+
+ manifests:
+ name: Generate Manifests
+ runs-on: ubuntu-latest
+ needs: images
+
+ strategy:
+ matrix:
+ component: ["agent", "operator"]
+
+ # required for AZ login/SP
+ permissions:
+ id-token: write
+ contents: read
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Set up QEMU
+ uses: docker/setup-qemu-action@v3
+
+ - name: Az CLI login
+ uses: azure/login@v1
+ with:
+ client-id: ${{ secrets.AZURE_CLIENT_ID }}
+ tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+ subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+
+ - name: Generate Manifests
+ shell: bash
+ run: |
+ set -euo pipefail
+ az acr login -n ${{ secrets.ACR_NAME }}
+ make manifest COMPONENT=${{ matrix.component }}
diff --git a/.github/workflows/integration.yaml b/.github/workflows/integration.yaml
@@ -0,0 +1,74 @@
+name: Integration Tests For Retina
+on:
+ workflow_dispatch:
+jobs:
+ integ-test:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Free up disk space
+ run: |
+ # https://github.com/actions/runner-images/issues/2840#issuecomment-790492173
+ # du -sh /* 2> /dev/null | sort -rh 2> /dev/null | head
+ # du -h -d2 /usr 2> /dev/null | sort -rh 2> /dev/null | head
+ echo "Check free disk space before cleanup."
+ df -h
+ echo "Removing non-essential tools and libraries."
+ sudo rm -rf "$AGENT_TOOLSDIRECTORY"
+ sudo rm -rf /opt/ghc
+ sudo rm -rf /usr/share/dotnet
+ sudo rm -rf /usr/local/share/boost
+ # delete libraries for Android (12G), PowerShell (1.3G), Swift (1.7G)
+ sudo rm -rf /usr/local/lib/android
+ sudo rm -rf /usr/local/share/powershell
+ sudo rm -rf /usr/share/swift
+ echo "Check free disk space after cleanup."
+ df -h
+
+ - name: Checkout
+ uses: actions/checkout@v3
+
+ - uses: actions/setup-go@v2
+ with:
+ go-version: "^1.18"
+
+ - name: Make retina image
+ run: |
+ export CONTAINER_BUILDER=docker
+ export CONTAINER_RUNTIME=docker
+ make all-images-local
+ make install-kubectl-retina
+ make base-images-remove
+ curl -LO https://github.com/kvaps/kubectl-node-shell/raw/master/kubectl-node_shell
+ chmod +x ./kubectl-node_shell
+ sudo mv ./kubectl-node_shell /usr/local/bin/kubectl-node_shell
+ docker system prune -f
+
+ - name: Deploy Kind
+ run: make kind-setup
+
+ - name: Install retina
+ run: make kind-install
+
+ - name: Run tests
+ run: make retina-integration
+
+ - name: Export Kubernetes logs
+ if: failure()
+ run: make retina-export-logs
+
+ - name: Archive Kubernetes logs
+ if: failure()
+ uses: actions/upload-artifact@v3
+ with:
+ name: kubernetes-node-logs
+ path: kubernetes-logs
+
+ - name: Archive iptable and ipset
+ if: failure()
+ uses: actions/upload-artifact@v3
+ with:
+ name: iptable-ipset-snapshot
+ path: ./test/integration/plugin-simulations/npm-iptables
+ - name: Cleanup
+ if: always()
+ run: make kind-clean
diff --git a/.github/workflows/markdownlint.yaml b/.github/workflows/markdownlint.yaml
@@ -0,0 +1,19 @@
+name: Markdown Lint
+on:
+ push:
+ branches: [main]
+ pull_request:
+ branches: [main]
+jobs:
+ markdownlint:
+ name: markdownlint
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v2
+ - uses: DavidAnson/markdownlint-cli2-action@v9
+ with:
+ command: config
+ globs: |
+ .github/.markdownlint.json
+ **/*.md