diff --git a/.github/workflows/cron.yml b/.github/workflows/cron.yml index 7adc73b9..c045dc8e 100644 --- a/.github/workflows/cron.yml +++ b/.github/workflows/cron.yml @@ -1,21 +1,99 @@ name: Update BTFHub Archive on: + push: {} schedule: - cron: "0 1 * * *" workflow_dispatch: {} jobs: - build: + archive-checkout: + name: Checkout BTFHub Archive + runs-on: ubuntu-latest + steps: + - name: Checkout BTFHub Archive + uses: actions/checkout@v4 + with: + repository: aquasecurity/btfhub-archive + path: archive + # token: ${{ secrets.PAT_RAFAEL }} + + commit-changes: + name: Commit archive changes + needs: [amazon-update, host-update] + runs-on: ubuntu-latest + steps: + - name: Check Status + run: | + cd archive + git status +# - name: Commit and Push to BTFHub Archive +# run: | +# cd archive +# git config --local user.name "Rafael David Tinoco" +# git config --local user.email "rafaeldtinoco@gmail.com" +# git add -A +# git diff-index --quiet HEAD || git commit -m "Update BTFHUB Archive from BTFHUB" +# git push + + amazon-update: + name: Update Amazon 2 BTF Archive + needs: archive-checkout + runs-on: ubuntu-latest + container: + image: amazonlinux:2 + volumes: + - archive:/root/archive + steps: + - name: Install needed amazon packages + run: | + yum install -y yum-utils tar gzip xz clang make cmake git libdwarf-devel elfutils-libelf-devel elfutils-devel + yum-config-manager -y --enable amzn2-core-debuginfo + shell: bash + +# - name: Authenticate +# run: | +# gh auth login --with-token <<<'${{ secrets.PAT_RAFAEL }}' + + - uses: actions/setup-go@v4 + with: + go-version: '1.20' + + - name: Check out BTFHub + uses: actions/checkout@v4 + with: + submodules: 'recursive' +# token: ${{ secrets.PAT_RAFAEL }} + + - run: git config --system --add safe.directory $(pwd) + shell: bash + + - name: build pahole + run: | + cd ./3rdparty/dwarves + mkdir build + cd build + cmake -D__LIB=lib -DDWARF_INCLUDE_DIR=/usr/include .. + make install + echo "/usr/local/lib" >> /etc/ld.so.conf.d/pahole.conf + ldconfig + shell: bash + + - name: Compile BTFHub Tool + run: | + make + shell: bash + + - name: Fetch and Generate new BTFs (AMAZON 2) + run: | + ./btfhub -workers 6 -d amzn -r 2 + + host-update: name: Update BTF Archive - env: - HOME: "/tmp/root" - GOPATH: "/tmp/go" - GOCACHE: "/tmp/go-cache" - GOROOT: "/usr/local/go" - runs-on: - [ - "github-self-hosted_ami-0f4881c8d69684001_${{ github.event.number }}-${{ github.run_id }}", - ] + needs: archive-checkout + runs-on: ubuntu-latest steps: + - uses: actions/setup-go@v4 + with: + go-version: '1.20' # - name: Setup Swap File run: | @@ -73,89 +151,41 @@ jobs: --slave /usr/bin/cc cc /usr/bin/clang-14 shell: bash # - - name: Authenticate - run: | - gh auth login --with-token <<<'${{ secrets.PAT_RAFAEL }}' +# - name: Authenticate +# run: | +# gh auth login --with-token <<<'${{ secrets.PAT_RAFAEL }}' # - name: Check out BTFHub - uses: actions/checkout@v3 - with: - repository: aquasecurity/btfhub - path: ./btfhub - token: ${{ secrets.PAT_RAFAEL }} - # Authenticate - - name: Checkout BTFHub Archive - uses: actions/checkout@v3 - with: - repository: aquasecurity/btfhub-archive - path: ./btfhub-archive - token: ${{ secrets.PAT_RAFAEL }} + uses: actions/checkout@v4 +# token: ${{ secrets.PAT_RAFAEL }} # - name: Install pahole run: | - cd btfhub ./3rdparty/pahole.sh shell: bash # - - name: Install bpftool - run: | - cd btfhub - ./3rdparty/bpftool.sh - shell: bash - # - - name: Bring current BTFHub Archive - run: | - cd btfhub - make bring - shell: bash - # - name: Compile BTFHub Tool run: | - cd btfhub make shell: bash # - name: Fetch and Generate new BTFs (UBUNTU) run: | - cd btfhub ./btfhub -workers 6 -d ubuntu # debian stretch seems to be gone, updates for buster and bullseye only - name: Fetch and Generate new BTFs (DEBIAN) run: | - cd btfhub ./btfhub -workers 6 -d debian -r buster ./btfhub -workers 6 -d debian -r bullseye # - name: Fetch and Generate new BTFs (CENTOS) run: | - cd btfhub ./btfhub -workers 6 -d centos # - name: Fetch and Generate new BTFs (FEDORA) run: | - cd btfhub ./btfhub -workers 6 -d fedora # - name: Fetch and Generate new BTFs (ORACLE) run: | - cd btfhub ./btfhub -workers 6 -d ol - # - - name: Take new BTFs to BTFHub Archive - run: | - cd btfhub - make take - # - - name: Check Status - run: | - cd btfhub-archive - git status - # - - name: Commit and Push to BTFHub Archive - run: | - cd btfhub-archive - git config --local user.name "Rafael David Tinoco" - git config --local user.email "rafaeldtinoco@gmail.com" - git add -A - git diff-index --quiet HEAD || git commit -m "Update BTFHUB Archive from BTFHUB" - git push diff --git a/.gitignore b/.gitignore index d888caa2..0fe79fff 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,8 @@ +# binary btfhub -# arvhices -archive/* -custom-archive/* +# archives +archive/ # makefile leftovers .check* -# binary +# JetBrains +.idea/ diff --git a/archive/.gitignore b/archive/.gitignore deleted file mode 100644 index 72e8ffc0..00000000 --- a/archive/.gitignore +++ /dev/null @@ -1 +0,0 @@ -* diff --git a/custom-archive/.gitignore b/custom-archive/.gitignore deleted file mode 100644 index 72e8ffc0..00000000 --- a/custom-archive/.gitignore +++ /dev/null @@ -1 +0,0 @@ -* diff --git a/pkg/pkg/utils.go b/pkg/pkg/utils.go index 6760300c..0f3eb566 100644 --- a/pkg/pkg/utils.go +++ b/pkg/pkg/utils.go @@ -31,9 +31,8 @@ func yumDownload(ctx context.Context, pkg string, destdir string) error { destDirParam := fmt.Sprintf("--downloaddir=%s", destdir) - cmd := exec.CommandContext(ctx, - "sudo", "yum", "install", "-y", "--downloadonly", destDirParam, pkg, - ) + binary, args := utils.SudoCMD("yum", "install", "-y", "--downloadonly", destDirParam, pkg) + cmd := exec.CommandContext(ctx, binary, args...) cmd.Stdout = os.Stdout cmd.Stderr = stderr diff --git a/pkg/repo/rhel.go b/pkg/repo/rhel.go index 9b6833df..098af1fd 100644 --- a/pkg/repo/rhel.go +++ b/pkg/repo/rhel.go @@ -45,7 +45,8 @@ func (d *RHELRepo) GetKernelPackages( ) error { altArch := d.archs[arch] rver := d.releaseVersions[release+":"+altArch] - if err := utils.RunCMD(ctx, "", "sudo", "subscription-manager", "release", fmt.Sprintf("--set=%s", rver)); err != nil { + binary, args := utils.SudoCMD("subscription-manager", "release", fmt.Sprintf("--set=%s", rver)) + if err := utils.RunCMD(ctx, "", binary, args...); err != nil { return err } diff --git a/pkg/repo/utils.go b/pkg/repo/utils.go index 25149fe9..8c679705 100644 --- a/pkg/repo/utils.go +++ b/pkg/repo/utils.go @@ -12,11 +12,12 @@ import ( "path/filepath" "strings" + "golang.org/x/exp/maps" + "github.com/aquasecurity/btfhub/pkg/job" "github.com/aquasecurity/btfhub/pkg/kernel" "github.com/aquasecurity/btfhub/pkg/pkg" "github.com/aquasecurity/btfhub/pkg/utils" - "golang.org/x/exp/maps" ) func parseYumPackages(rdr io.Reader, minVersion kernel.Version) ([]pkg.Package, error) { @@ -62,7 +63,8 @@ func parseYumPackages(rdr io.Reader, minVersion kernel.Version) ([]pkg.Package, func yumSearch(ctx context.Context, pkg string) (*bytes.Buffer, error) { stdout := &bytes.Buffer{} stderr := &bytes.Buffer{} - cmd := exec.CommandContext(ctx, "sudo", "yum", "search", "--showduplicates", pkg) + binary, args := utils.SudoCMD("yum", "search", "--showduplicates", pkg) + cmd := exec.CommandContext(ctx, binary, args...) cmd.Stdout = stdout cmd.Stderr = stderr if err := cmd.Run(); err != nil { diff --git a/pkg/utils/btf.go b/pkg/utils/btf.go index 07dd7801..07f8b0b8 100644 --- a/pkg/utils/btf.go +++ b/pkg/utils/btf.go @@ -34,3 +34,11 @@ func RunCMD(ctx context.Context, cwd string, binary string, args ...string) erro return nil } + +func SudoCMD(binary string, args ...string) (string, []string) { + _, err := exec.LookPath("sudo") + if err == nil { + return "sudo", append([]string{binary}, args...) + } + return binary, args +}