server: ensure CNI teardown prevents IP leaks with missing netns #44

Workflow file for this run

.github/workflows/integration.yml at 22063cf

	name: integration
	on:
	workflow_dispatch:
	push:
	tags:
	- v*
	branches:
	- main
	- release-*
	- update-nixpkgs-*
	pull_request:
	env:
	GO_VERSION: '1.23'
	CONMON_BINARY: /usr/local/bin/conmon # from: scripts/github-actions-setup
	permissions:
	contents: read

	jobs:
	test-binaries:
	strategy:
	fail-fast: false
	matrix:
	run:
	- runner: ubuntu-latest
	arch: amd64
	name: binaries / ${{ matrix.run.arch }}
	runs-on: ${{ matrix.run.runner }}
	steps:
	- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
	- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
	with:
	go-version: ${{ env.GO_VERSION }}
	- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
	with:
	path: \|
	~/.cache/go-build
	~/go/pkg/mod
	key: go-test-binaries-${{ matrix.run.arch }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('test') }}
	- run: scripts/github-actions-packages
	- run: make all test-binaries
	- uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: test-binaries-${{ matrix.run.arch }}
	path: \|
	bin/crio
	bin/pinns
	test/checkcriu/checkcriu
	test/checkseccomp/checkseccomp
	test/copyimg/copyimg
	test/nri/nri.test

	integration:
	needs: test-binaries
	strategy:
	fail-fast: false
	matrix:
	run:
	- name: critest / conmon
	arch: amd64
	runner: ubuntu-latest
	runtimeType: oci
	critest: 1
	userns: 0
	jobs: 1
	- name: critest / conmon-rs
	arch: amd64
	runner: ubuntu-latest
	runtimeType: pod
	critest: 1
	userns: 0
	jobs: 1
	- name: integration / conmon
	arch: amd64
	runner: ubuntu-latest
	runtimeType: oci
	critest: 0
	userns: 0
	jobs: 2
	- name: integration / conmon-rs
	arch: amd64
	runner: ubuntu-latest
	runtimeType: pod
	critest: 0
	userns: 1
	jobs: 2
	- name: integration / userns
	arch: amd64
	runner: ubuntu-latest
	runtimeType: oci
	critest: 0
	userns: 1
	jobs: 2
	name: ${{ matrix.run.name }} / ${{ matrix.run.arch }}
	runs-on: ${{ matrix.run.runner }}
	steps:
	- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
	- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
	with:
	go-version: ${{ env.GO_VERSION }}
	- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
	with:
	path: \|
	~/.cache/go-build
	~/go/pkg/mod
	key: go-${{ matrix.run.name }}-${{ matrix.run.arch }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('scripts/versions') }}
	- uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
	- uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
	with:
	name: test-binaries-${{ matrix.run.arch }}
	- name: Fix artifact permissions
	run: \|
	chmod +x \
	bin/crio \
	bin/pinns \
	test/checkcriu/checkcriu \
	test/checkseccomp/checkseccomp \
	test/copyimg/copyimg \
	test/nri/nri.test
	- run: scripts/github-actions-packages
	- run: scripts/github-actions-setup
	- run: sudo -E test/test_runner.sh
	env:
	JOBS: ${{ matrix.run.jobs }}
	RUN_CRITEST: ${{ matrix.run.critest }}
	RUNTIME_TYPE: ${{ matrix.run.runtimeType }}
	TEST_USERNS: ${{ matrix.run.userns }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

server: ensure CNI teardown prevents IP leaks with missing netns #44

Workflow file

server: ensure CNI teardown prevents IP leaks with missing netns #44

Uh oh!

Workflow file for this run