Merge pull request #3 from vpidatala94/user/vpidatala/POC/8

User/vpidatala/poc/8
vpidatala94 · Feb 20, 2025 · f8ec0dd · f8ec0dd
2 parents 2e6cc33 + 9a0d89f
commit f8ec0dd
Show file tree

Hide file tree

Showing 30 changed files with 1,302 additions and 237 deletions.
diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml
@@ -13,7 +13,6 @@ permissions:
 
 jobs:
   e2e:
-    if: ${{ github.event_name == 'merge_group' }}
     name: E2E
     runs-on: ubuntu-latest
 
@@ -29,7 +28,6 @@ jobs:
 
       - name: Az CLI login
         uses: azure/login@v2
-        if: ${{ github.event_name == 'merge_group' }}
         with:
           client-id: ${{ secrets.AZURE_CLIENT_ID }}
           tenant-id: ${{ secrets.AZURE_TENANT_ID }}
@@ -42,4 +40,4 @@ jobs:
         shell: bash
         run: |
           set -euo pipefail
-          go test -v ./test/e2e/. -timeout 60m -tags=e2e -count=1  -args -image-tag=$(make version) -image-registry=${{vars.ACR_NAME}} -image-namespace=${{github.repository}}
+          go test -v ./test/e2e/. -timeout 60m -tags=e2e -count=1  -args -image-tag=$(make version) -image-registry=${{vars.ACR_NAME}} -image-namespace=${{github.repository}}
diff --git a/.github/workflows/images.yaml b/.github/workflows/images.yaml
@@ -23,9 +23,9 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v4.2.2
 
-      - uses: actions/setup-go@v5
+      - uses: actions/setup-go@v5.3.0
         with:
           go-version-file: go.mod
       - run: go version
@@ -35,7 +35,6 @@ jobs:
 
       - name: Az CLI login
         uses: azure/login@v2
-        if: ${{ github.event_name == 'merge_group' }}
         with:
           client-id: ${{ secrets.AZURE_CLIENT_ID }}
           tenant-id: ${{ secrets.AZURE_TENANT_ID }}
@@ -46,18 +45,13 @@ jobs:
         run: |
           set -euo pipefail
           echo "TAG=$(make version)" >> $GITHUB_ENV
-          if [ "$IS_MERGE_GROUP" == "true" ]; then
-            az acr login -n ${{ vars.ACR_NAME }}
-            make retina-image \
-              IMAGE_NAMESPACE=${{ github.repository }} \
-              PLATFORM=${{ matrix.platform }}/${{ matrix.arch }} \
-              IMAGE_REGISTRY=${{ vars.ACR_NAME }}  \
-              BUILDX_ACTION=--push
-          else
-            make retina-image \
-              IMAGE_NAMESPACE=${{ github.repository }} \
-              PLATFORM=${{ matrix.platform }}/${{ matrix.arch }}
-          fi
+          az acr login -n ${{ vars.ACR_NAME }}
+          make retina-image \
+            IMAGE_NAMESPACE=${{ github.repository }} \
+            PLATFORM=${{ matrix.platform }}/${{ matrix.arch }} \
+            IMAGE_REGISTRY=${{ vars.ACR_NAME }}  \
+            APP_INSIGHTS_ID=${{ secrets.AZURE_APP_INSIGHTS_KEY }} \
+            BUILDX_ACTION=--push
         env:
           IS_MERGE_GROUP: ${{ github.event_name == 'merge_group' }}
 
@@ -73,9 +67,9 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v4.2.2
 
-      - uses: actions/setup-go@v5
+      - uses: actions/setup-go@v5.3.0
         with:
           go-version-file: go.mod
       - run: go version
@@ -85,7 +79,6 @@ jobs:
 
       - name: Az CLI login
         uses: azure/login@v2
-        if: ${{ github.event_name == 'merge_group' }}
         with:
           client-id: ${{ secrets.AZURE_CLIENT_ID }}
           tenant-id: ${{ secrets.AZURE_TENANT_ID }}
@@ -96,20 +89,14 @@ jobs:
         run: |
           set -euo pipefail
           echo "TAG=$(make version)" >> $GITHUB_ENV
-          if [ "$IS_MERGE_GROUP" == "true" ]; then
-            az acr login -n ${{ vars.ACR_NAME }}
-            make retina-image-win \
-              IMAGE_NAMESPACE=${{ github.repository }} \
-              PLATFORM=${{ matrix.platform }}/${{ matrix.arch }} \
-              IMAGE_REGISTRY=${{ vars.ACR_NAME }}  \
-              WINDOWS_YEARS=${{ matrix.year }} \
-              BUILDX_ACTION=--push
-          else
-            make retina-image-win \
-              IMAGE_NAMESPACE=${{ github.repository }} \
-              PLATFORM=${{ matrix.platform }}/${{ matrix.arch }} \
-              WINDOWS_YEARS=${{ matrix.year }}
-          fi
+          az acr login -n ${{ vars.ACR_NAME }}
+          make retina-image-win \
+            IMAGE_NAMESPACE=${{ github.repository }} \
+            PLATFORM=${{ matrix.platform }}/${{ matrix.arch }} \
+            IMAGE_REGISTRY=${{ vars.ACR_NAME }}  \
+            APP_INSIGHTS_ID=${{ secrets.AZURE_APP_INSIGHTS_KEY }} \
+            WINDOWS_YEARS=${{ matrix.year }} \
+            BUILDX_ACTION=--push
         env:
           IS_MERGE_GROUP: ${{ github.event_name == 'merge_group' }}
 
@@ -124,9 +111,9 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v4.2.2
 
-      - uses: actions/setup-go@v5
+      - uses: actions/setup-go@v5.3.0
         with:
           go-version-file: go.mod
       - run: go version
@@ -136,7 +123,6 @@ jobs:
 
       - name: Az CLI login
         uses: azure/login@v2
-        if: ${{ github.event_name == 'merge_group' }}
         with:
           client-id: ${{ secrets.AZURE_CLIENT_ID }}
           tenant-id: ${{ secrets.AZURE_TENANT_ID }}
@@ -147,18 +133,13 @@ jobs:
         run: |
           set -euo pipefail
           echo "TAG=$(make version)" >> $GITHUB_ENV
-          if [ "$IS_MERGE_GROUP" == "true" ]; then
-            az acr login -n ${{ vars.ACR_NAME }}
-            make retina-operator-image \
-              IMAGE_NAMESPACE=${{ github.repository }} \
-              PLATFORM=${{ matrix.platform }}/${{ matrix.arch }} \
-              IMAGE_REGISTRY=${{ vars.ACR_NAME }} \
-              BUILDX_ACTION=--push
-          else
-            make retina-operator-image \
-              IMAGE_NAMESPACE=${{ github.repository }} \
-              PLATFORM=${{ matrix.platform }}/${{ matrix.arch }}
-          fi
+          az acr login -n ${{ vars.ACR_NAME }}
+          make retina-operator-image \
+            IMAGE_NAMESPACE=${{ github.repository }} \
+            PLATFORM=${{ matrix.platform }}/${{ matrix.arch }} \
+            IMAGE_REGISTRY=${{ vars.ACR_NAME }} \
+            APP_INSIGHTS_ID=${{ secrets.AZURE_APP_INSIGHTS_KEY }} \
+            BUILDX_ACTION=--push
         env:
           IS_MERGE_GROUP: ${{ github.event_name == 'merge_group' }}
 
@@ -173,9 +154,9 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v4.2.2
 
-      - uses: actions/setup-go@v5
+      - uses: actions/setup-go@v5.3.0
         with:
           go-version-file: go.mod
       - run: go version
@@ -185,7 +166,6 @@ jobs:
 
       - name: Az CLI login
         uses: azure/login@v2
-        if: ${{ github.event_name == 'merge_group' }}
         with:
           client-id: ${{ secrets.AZURE_CLIENT_ID }}
           tenant-id: ${{ secrets.AZURE_TENANT_ID }}
@@ -196,18 +176,12 @@ jobs:
         run: |
           set -euo pipefail
           echo "TAG=$(make version)" >> $GITHUB_ENV
-          if [ "$IS_MERGE_GROUP" == "true" ]; then
-            az acr login -n ${{ vars.ACR_NAME }}
-            make retina-shell-image \
-              IMAGE_NAMESPACE=${{ github.repository }} \
-              PLATFORM=${{ matrix.platform }}/${{ matrix.arch }} \
-              IMAGE_REGISTRY=${{ vars.ACR_NAME }}  \
-              BUILDX_ACTION=--push
-          else
-            make retina-shell-image \
-              IMAGE_NAMESPACE=${{ github.repository }} \
-              PLATFORM=${{ matrix.platform }}/${{ matrix.arch }}
-          fi
+          az acr login -n ${{ vars.ACR_NAME }}
+          make retina-shell-image \
+            IMAGE_NAMESPACE=${{ github.repository }} \
+            PLATFORM=${{ matrix.platform }}/${{ matrix.arch }} \
+            IMAGE_REGISTRY=${{ vars.ACR_NAME }}  \
+            BUILDX_ACTION=--push
         env:
           IS_MERGE_GROUP: ${{ github.event_name == 'merge_group' }}
 
@@ -222,9 +196,9 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v4.2.2
 
-      - uses: actions/setup-go@v5
+      - uses: actions/setup-go@v5.3.0
         with:
           go-version-file: go.mod
       - run: go version
@@ -234,7 +208,6 @@ jobs:
 
       - name: Az CLI login
         uses: azure/login@v2
-        if: ${{ github.event_name == 'merge_group' }}
         with:
           client-id: ${{ secrets.AZURE_CLIENT_ID }}
           tenant-id: ${{ secrets.AZURE_TENANT_ID }}
@@ -245,23 +218,17 @@ jobs:
         run: |
           set -euo pipefail
           echo "TAG=$(make version)" >> $GITHUB_ENV
-          if [ "$IS_MERGE_GROUP" == "true" ]; then
-            az acr login -n ${{ vars.ACR_NAME }}
-            make kubectl-retina-image \
-              IMAGE_NAMESPACE=${{ github.repository }} \
-              PLATFORM=${{ matrix.platform }}/${{ matrix.arch }} \
-              IMAGE_REGISTRY=${{ vars.ACR_NAME }}  \
-              BUILDX_ACTION=--push
-          else
-            make kubectl-retina-image \
-              IMAGE_NAMESPACE=${{ github.repository }} \
-              PLATFORM=${{ matrix.platform }}/${{ matrix.arch }}
-          fi
+          az acr login -n ${{ vars.ACR_NAME }}
+          make kubectl-retina-image \
+            IMAGE_NAMESPACE=${{ github.repository }} \
+            PLATFORM=${{ matrix.platform }}/${{ matrix.arch }} \
+            IMAGE_REGISTRY=${{ vars.ACR_NAME }}  \
+            BUILDX_ACTION=--push
         env:
           IS_MERGE_GROUP: ${{ github.event_name == 'merge_group' }}
 
   manifests:
-    if: ${{ github.event_name == 'merge_group' && success('retina-images') && success('retina-win-images') && success('operator-images') && success('retina-shell-images')}}
+    if: ${{ success('retina-images') && success('retina-win-images') && success('operator-images') && success('retina-shell-images') && success('kubectl-retina-images') }}
     name: Generate Manifests
     runs-on: ubuntu-latest
     needs:
@@ -279,7 +246,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v4.2.2
 
       - name: Setup QEMU
         uses: docker/setup-qemu-action@v3
@@ -297,26 +264,26 @@ jobs:
           set -euo pipefail
           az acr login -n ${{ vars.ACR_NAME }}
           make manifest COMPONENT=${{ matrix.components }} \
-          IMAGE_REGISTRY=${{ vars.ACR_NAME }}  \
+          IMAGE_REGISTRY=${{ vars.ACR_NAME }}
 
   e2e:
+    if: ${{ success('manifests') }}
     name: Run E2E Tests
     runs-on: ubuntu-latest
     needs: [manifests]
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v4.2.2
 
       - name: Setup go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@v5.3.0
         with:
           go-version-file: go.mod
       - run: go version
 
       - name: Az CLI login
         uses: azure/login@v2
-        if: ${{ github.event_name == 'merge_group' }}
         with:
           client-id: ${{ secrets.AZURE_CLIENT_ID }}
           tenant-id: ${{ secrets.AZURE_TENANT_ID }}
@@ -329,38 +296,4 @@ jobs:
         shell: bash
         run: |
           set -euo pipefail
-          go test -v ./test/e2e/. -timeout 60m -tags=e2e -count=1  -args -image-tag=$(make version) -image-registry=${{ vars.ACR_NAME }}  -image-namespace=${{ github.repository}}
-
-  perf:
-    if: ${{ github.event_name == 'merge_group' && success('manifests')}}
-    name: Retina Performance Test
-    runs-on: ubuntu-latest
-    needs: [manifests]
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Setup go
-        uses: actions/setup-go@v5
-        with:
-          go-version-file: go.mod
-      - run: go version
-
-      - name: Az CLI login
-        uses: azure/login@v2
-        if: ${{ github.event_name == 'merge_group' }}
-        with:
-          client-id: ${{ secrets.AZURE_CLIENT_ID }}
-          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
-          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION }}
-
-      - name: Run Perf Tests
-        env:
-          AZURE_APP_INSIGHTS_KEY: ${{ secrets.AZURE_APP_INSIGHTS_KEY }}
-          AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION }}
-          AZURE_LOCATION: ${{ vars.AZURE_LOCATION }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          go test -v ./test/e2e/. -timeout 2h -tags=perf -count=1 -args -image-tag=$(make version) -image-registry=${{ vars.ACR_NAME }} -image-namespace=${{ github.repository }}
+          go test -v ./test/e2e/. -timeout 60m -tags=e2e -count=1  -args -image-tag=$(make version) -image-registry=${{ vars.ACR_NAME }}  -image-namespace=${{ github.repository}}
diff --git a/controller/Dockerfile b/controller/Dockerfile
@@ -11,7 +11,7 @@ FROM --platform=$TARGETPLATFORM mcr.microsoft.com/cbl-mariner/base/core@sha256:7
 # mcr.microsoft.com/cbl-mariner/distroless/minimal:2.0
 FROM --platform=$TARGETPLATFORM mcr.microsoft.com/cbl-mariner/distroless/minimal@sha256:db87903c5d4d9d6760e86a274914efd6a3bb5914c0b5a6c6b35350ec297fea4f AS mariner-distroless
 
-# mcr.microsoft.com/windows/servercore:ltsc2019 
+# mcr.microsoft.com/windows/servercore:ltsc2019
 FROM --platform=$TARGETPLATFORM mcr.microsoft.com/windows/servercore@sha256:6fdf140282a2f809dae9b13fe441635867f0a27c33a438771673b8da8f3348a4 AS ltsc2019
 
 # mcr.microsoft.com/windows/servercore:ltsc2022
@@ -21,7 +21,7 @@ FROM --platform=$TARGETPLATFORM mcr.microsoft.com/windows/servercore@sha256:4595
 # build stages
 
 # intermediate go generate stage
-FROM golang AS intermediate 
+FROM golang AS intermediate
 ARG APP_INSIGHTS_ID # set to enable AI telemetry
 ARG GOARCH=amd64 # default to amd64
 ARG GOOS=linux # default to linux
@@ -32,6 +32,7 @@ RUN if [ "$GOOS" = "linux" ] ; then \
     fi
 COPY ./pkg/plugin /go/src/github.com/microsoft/retina/pkg/plugin
 WORKDIR /go/src/github.com/microsoft/retina
+RUN dir /go/src/github.com/microsoft/retina/pkg/plugin/ebpfwindows
 RUN if [ "$GOOS" = "linux" ] ; then \
       go mod init github.com/microsoft/retina; \
       go generate -skip "mockgen" -x /go/src/github.com/microsoft/retina/pkg/plugin/...; \
@@ -64,7 +65,7 @@ ARG GOOS=linux # default to linux
 ARG VERSION
 ENV GOARCH=${GOARCH}
 ENV GOOS=${GOOS}
-RUN --mount=type=cache,target="/root/.cache/go-build" go build -v -o /go/bin/retina/controller -ldflags "-X github.com/microsoft/retina/internal/buildinfo.Version="$VERSION" -X github.com/microsoft/retina/internal/buildinfo.ApplicationInsightsID="$APP_INSIGHTS_ID"" controller/main.go 
+RUN --mount=type=cache,target="/root/.cache/go-build" go build -v -o /go/bin/retina/controller -ldflags "-X github.com/microsoft/retina/internal/buildinfo.Version="$VERSION" -X github.com/microsoft/retina/internal/buildinfo.ApplicationInsightsID="$APP_INSIGHTS_ID"" controller/main.go
 
 
 # init binary
@@ -115,7 +116,6 @@ COPY --from=tools /lib/ /lib
 COPY --from=tools /usr/lib/ /usr/lib
 ENTRYPOINT ["./retina/initretina"]
 
-
 # agent final image
 # mcr.microsoft.com/cbl-mariner/distroless/minimal:2.0
 # mcr.microsoft.com/cbl-mariner/distroless/minimal@sha256:63a0a70ceaa1320bc6eb98b81106667d43e46b674731ea8d28e4de1b87e0747f
@@ -133,7 +133,7 @@ ENV HUBBLE_SERVER=unix:///var/run/cilium/hubble.sock
 ENTRYPOINT ["./retina/controller"]
 
 
-# agent final image for windows 
+# agent final image for windows
 FROM ${OS_VERSION} AS agent-win
 COPY --from=controller-bin /go/src/github.com/microsoft/retina/windows/kubeconfigtemplate.yaml kubeconfigtemplate.yaml
 COPY --from=controller-bin /go/src/github.com/microsoft/retina/windows/setkubeconfigpath.ps1 setkubeconfigpath.ps1