Skip to content
BPF Checks

ipsec: Safely delete Xfrm state #54665

Sign in to view logs

ipsec: Safely delete Xfrm state

ipsec: Safely delete Xfrm state #54665

Workflow file for this run

.github/workflows/lint-bpf-checks.yaml at 1eb9e26
name: BPF Checks
# Any change in triggers needs to be reflected in the concurrency group.
on:
pull_request: {}
push:
branches:
- main
- ft/main/**
merge_group:
types: [checks_requested]
permissions: read-all
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.event.after || github.event.merge_group && github.run_id }}
cancel-in-progress: ${{ !github.event.merge_group }}
jobs:
check_changes:
name: Deduce required tests from code changes
runs-on: ubuntu-latest
outputs:
bpf-tree: ${{ steps.changes.outputs.bpf-tree }}
coccinelle: ${{ steps.changes.outputs.coccinelle }}
bpf-tests-runner: ${{ steps.changes.outputs.bpf-tests-runner }}
workflow-description: ${{ steps.changes.outputs.workflow-description }}
steps:
- name: Checkout code
if: ${{ !github.event.pull_request }}
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
with:
persist-credentials: false
fetch-depth: 0
- name: Check code changes
uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
id: changes
with:
# For `push` events, compare against the `ref` base branch
# For `pull_request` events, this is ignored and will compare against the pull request base branch
base: ${{ github.ref }}
filters: |
bpf-tree:
- 'bpf/**'
- 'images/**'
coccinelle:
- 'contrib/coccinelle/**'
bpf-tests-runner:
- 'bpf/tests/bpftest/**'
- 'pkg/bpf/**'
workflow-description:
- '.github/workflows/lint-bpf-checks.yaml'
checkpatch:
name: Check Patch
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
with:
persist-credentials: false
fetch-depth: 0
- name: Run checkpatch.pl
run: |
make -C bpf checkpatch || (echo "Run 'make -C bpf checkpatch' locally to investigate reports"; exit 1)
# Runs only if code under bpf/ or contrib/coccinnelle/ is changed.
coccicheck:
needs: check_changes
if: ${{ needs.check_changes.outputs.bpf-tree == 'true' || needs.check_changes.outputs.coccinelle == 'true' || needs.check_changes.outputs.workflow-description == 'true' }}
name: Run coccicheck
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
with:
persist-credentials: false
- name: Run coccicheck
uses: docker://cilium/coccicheck:2.4@sha256:24abe3fbb8e829fa41a68a3b76cb4df84fd5a87a7d1d6254c1c1fe5effb5bd1b
with:
entrypoint: ./contrib/coccinelle/check-cocci.sh
# Note: Setting COCCINELLE_HOME can be removed, here and in the
# messages in the .cocci files, next time we upgrade coccinelle.
# The issue was fixed, after v1.1.1 that we're using, in
# https://gitlab.inria.fr/coccinelle/coccinelle/-/commit/540888ff426e.
env:
COCCINELLE_HOME: /usr/local/lib/coccinelle
# Runs only if code under bpf/ is changed.
build_all:
needs: [check_changes]
if: ${{ needs.check_changes.outputs.bpf-tree == 'true' || needs.check_changes.outputs.workflow-description == 'true' }}
name: Build Datapath
runs-on: ubuntu-22.04
steps:
- name: Checkout code
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
with:
persist-credentials: false
fetch-depth: 0
- name: Build all BPF datapath permutations
env:
V: 0
run: |
contrib/scripts/builder.sh make --quiet -C bpf build_all -j $(nproc) || (echo "Run 'make -C bpf build_all' locally to investigate build breakages"; exit 1)
bpf_tests:
needs: [check_changes]
if: ${{ needs.check_changes.outputs.bpf-tree == 'true' || needs.check_changes.outputs.bpf-tests-runner == 'true' || needs.check_changes.outputs.workflow-description == 'true' }}
name: BPF unit/integration Tests
runs-on: ubuntu-22.04
steps:
- name: Checkout code
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
with:
persist-credentials: false
fetch-depth: 0
- name: Run BPF tests
run: |
make run_bpf_tests || (echo "Run 'make run_bpf_tests' locally to investigate failures"; exit 1)