Skip to content

policy: Do not store policy reference in Cilium socket option #1528

policy: Do not store policy reference in Cilium socket option

policy: Do not store policy reference in Cilium socket option #1528

Workflow file for this run

name: CI run integration tests
on:
pull_request_target:
types: [opened, synchronize, reopened]
# By specifying the access of one of the scopes, all of those that are not specified are set to 'none'.
permissions:
# To be able to access the repository with actions/checkout
contents: read
jobs:
proxylib:
timeout-minutes: 360
name: Run unit tests for proxylib
runs-on: ubuntu-latest
steps:
- name: Install Go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
# renovate: datasource=golang-version depName=go
go-version: 1.23.3
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Check module vendoring
run: |
go mod tidy
go mod vendor
test -z "$(git status --porcelain)" || (echo "please run 'go mod tidy && go mod vendor', and submit your changes"; exit 1)
- name: Run unit tests
run: |
make -C proxylib test
tests:
timeout-minutes: 360
name: Run integration tests on amd64
runs-on: ubuntu-latest-64-cores-256gb
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
- name: Login to quay.io
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: quay.io
username: ${{ secrets.QUAY_ENVOY_USERNAME_DEV }}
password: ${{ secrets.QUAY_ENVOY_PASSWORD_DEV }}
- name: Cache Docker layers
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: /tmp/buildx-cache
key: docker-cache-tests
restore-keys: docker-cache-main
- name: Checkout PR Source Code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Prep for build
run: |
echo "${{ github.event.pull_request.head.sha }}" >SOURCE_VERSION
echo "ENVOY_VERSION=$(cat ENVOY_VERSION)" >> $GITHUB_ENV
echo "BUILDER_DOCKER_HASH=$(git ls-tree --full-tree HEAD -- ./Dockerfile.builder.tests | awk '{ print $3 }')" >> $GITHUB_ENV
- name: Checking if cilium-envoy-builder image exists
id: cilium-builder-tests-tag-in-repositories
shell: bash
run: |
if docker buildx imagetools inspect quay.io/${{ github.repository_owner }}/cilium-envoy-builder-dev:test-${{ env.BUILDER_DOCKER_HASH }} &>/dev/null; then
echo exists="true" >> $GITHUB_OUTPUT
else
echo exists="false" >> $GITHUB_OUTPUT
fi
- name: PR Multi-arch build & push of Builder image (dev)
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
if: steps.cilium-builder-tests-tag-in-repositories.outputs.exists == 'false'
id: docker_build_builder_tests_ci
with:
provenance: false
context: .
file: ./Dockerfile.builder.tests
platforms: linux/amd64,linux/arm64
push: true
tags: quay.io/${{ github.repository_owner }}/cilium-envoy-builder-dev:test-${{ env.BUILDER_DOCKER_HASH }}
- name: Run integration tests on amd64
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
id: docker_tests_ci
with:
provenance: false
context: .
file: ./Dockerfile.tests
platforms: linux/amd64
build-args: |
BUILDER_BASE=quay.io/${{ github.repository_owner }}/cilium-envoy-builder-dev:test-${{ env.BUILDER_DOCKER_HASH }}
ARCHIVE_IMAGE=quay.io/${{ github.repository_owner }}/cilium-envoy-builder:test-main-archive-latest
BAZEL_BUILD_OPTS=--remote_upload_local_results=false
BAZEL_TEST_OPTS=--test_timeout=300 --local_test_jobs=1 --flaky_test_attempts=3
cache-from: type=local,src=/tmp/buildx-cache
push: false