From f382ac07761b8080c301c6789c767b715698d2ad Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Thu, 26 Mar 2026 10:25:57 -0700 Subject: [PATCH 01/10] X-Smart-Branch-Parent: main From 13fe385ced7a9575ce16147f9a40219de6876c12 Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Wed, 25 Mar 2026 19:56:35 -0700 Subject: [PATCH 02/10] Added github workflow for running unit tests with ASAN --- .github/workflows/main.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 121ffc8..2ac5f79 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -11,6 +11,30 @@ concurrency: cancel-in-progress: true jobs: + unit-tests: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + test-type: + - name: standard + command: cargo test + - name: asan + command: | + curl --proto "=https" --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain nightly && + source $HOME/.cargo/env && + rustup component add rust-src --toolchain nightly && + TARGET=$(rustc --version --verbose | grep host | cut -d" " -f2) && + RUSTFLAGS="-Z sanitizer=address" cargo +nightly test -Z build-std --target $TARGET + steps: + - uses: actions/checkout@v3 + + - name: Build test container + run: docker build -t builder -f Dockerfile.build . + + - name: Run ${{ matrix.test-type.name }} tests + run: docker run --rm builder bash -c '${{ matrix.test-type.command }}' + build-and-push: runs-on: ubuntu-latest steps: From ad796916ce4c78950a9d814bb30a0829ae7650a9 Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Wed, 25 Mar 2026 21:49:15 -0700 Subject: [PATCH 03/10] Fixed CI job name --- .github/workflows/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 2ac5f79..cb20571 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -12,6 +12,7 @@ concurrency: jobs: unit-tests: + name: unit-tests (${{ matrix.test-type.name }}) runs-on: ubuntu-latest strategy: fail-fast: false From bbcbdc67fc5b52dea4cda2821f3d60d37b6ff70d Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Thu, 26 Mar 2026 08:07:20 -0700 Subject: [PATCH 04/10] Not rebuilding builder image in unit test job --- .github/workflows/main.yml | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index cb20571..9832b4c 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -13,6 +13,7 @@ concurrency: jobs: unit-tests: name: unit-tests (${{ matrix.test-type.name }}) + needs: build-and-push runs-on: ubuntu-latest strategy: fail-fast: false @@ -28,16 +29,16 @@ jobs: TARGET=$(rustc --version --verbose | grep host | cut -d" " -f2) && RUSTFLAGS="-Z sanitizer=address" cargo +nightly test -Z build-std --target $TARGET steps: - - uses: actions/checkout@v3 - - - name: Build test container - run: docker build -t builder -f Dockerfile.build . + - name: Pull builder image + run: docker pull quay.io/rhacs-eng/qa:berserker-builder-${{ needs.build-and-push.outputs.tag }} - name: Run ${{ matrix.test-type.name }} tests - run: docker run --rm builder bash -c '${{ matrix.test-type.command }}' + run: docker run --rm quay.io/rhacs-eng/qa:berserker-builder-${{ needs.build-and-push.outputs.tag }} bash -c '${{ matrix.test-type.command }}' build-and-push: runs-on: ubuntu-latest + outputs: + tag: ${{ steps.get-tag.outputs.tag }} steps: - uses: actions/checkout@v3 with: @@ -48,15 +49,22 @@ jobs: - run: make build-berserker-network - name: Get tag - run: | - TAG="$(make tag)" - echo "TAG=$TAG" >> "$GITHUB_ENV" + id: get-tag + run: echo "tag=$(make tag)" >> "$GITHUB_OUTPUT" + + - name: Retag and push builder to rhacs-eng + uses: stackrox/actions/images/retag-and-push@v1 + with: + src-image: builder + dst-image: quay.io/rhacs-eng/qa:berserker-builder-${{ steps.get-tag.outputs.tag }} + username: ${{ secrets.QUAY_RHACS_ENG_RW_USERNAME }} + password: ${{ secrets.QUAY_RHACS_ENG_RW_PASSWORD }} - name: Retag and push berserker to rhacs-eng uses: stackrox/actions/images/retag-and-push@v1 with: src-image: berserker - dst-image: quay.io/rhacs-eng/qa:berserker-${{ env.TAG }} + dst-image: quay.io/rhacs-eng/qa:berserker-${{ steps.get-tag.outputs.tag }} username: ${{ secrets.QUAY_RHACS_ENG_RW_USERNAME }} password: ${{ secrets.QUAY_RHACS_ENG_RW_PASSWORD }} @@ -64,7 +72,7 @@ jobs: uses: stackrox/actions/images/retag-and-push@v1 with: src-image: berserker - dst-image: quay.io/stackrox-io/berserker:${{ env.TAG }} + dst-image: quay.io/stackrox-io/berserker:${{ steps.get-tag.outputs.tag }} username: ${{ secrets.QUAY_STACKROX_IO_RW_USERNAME }} password: ${{ secrets.QUAY_STACKROX_IO_RW_PASSWORD }} @@ -72,7 +80,7 @@ jobs: uses: stackrox/actions/images/retag-and-push@v1 with: src-image: berserker-network - dst-image: quay.io/rhacs-eng/qa:berserker-network-${{ env.TAG }} + dst-image: quay.io/rhacs-eng/qa:berserker-network-${{ steps.get-tag.outputs.tag }} username: ${{ secrets.QUAY_RHACS_ENG_RW_USERNAME }} password: ${{ secrets.QUAY_RHACS_ENG_RW_PASSWORD }} @@ -80,7 +88,7 @@ jobs: uses: stackrox/actions/images/retag-and-push@v1 with: src-image: berserker-network - dst-image: quay.io/stackrox-io/berserker:network-${{ env.TAG }} + dst-image: quay.io/stackrox-io/berserker:network-${{ steps.get-tag.outputs.tag }} username: ${{ secrets.QUAY_STACKROX_IO_RW_USERNAME }} password: ${{ secrets.QUAY_STACKROX_IO_RW_PASSWORD }} From 0f8092e3f8ee1d54e8e45edd00a1961cf8ce6c2e Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Thu, 26 Mar 2026 08:10:04 -0700 Subject: [PATCH 05/10] Shellcheck fixes --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 9832b4c..8386f40 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -24,10 +24,10 @@ jobs: - name: asan command: | curl --proto "=https" --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain nightly && - source $HOME/.cargo/env && + source "${HOME}"/.cargo/env && rustup component add rust-src --toolchain nightly && TARGET=$(rustc --version --verbose | grep host | cut -d" " -f2) && - RUSTFLAGS="-Z sanitizer=address" cargo +nightly test -Z build-std --target $TARGET + RUSTFLAGS="-Z sanitizer=address" cargo +nightly test -Z build-std --target "$TARGET" steps: - name: Pull builder image run: docker pull quay.io/rhacs-eng/qa:berserker-builder-${{ needs.build-and-push.outputs.tag }} From d0c9a100492c2ba262bbe47db296986f5edf5fb4 Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Thu, 26 Mar 2026 08:13:36 -0700 Subject: [PATCH 06/10] Reordered jobs --- .github/workflows/main.yml | 48 +++++++++++++++++++------------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 8386f40..988a075 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -11,30 +11,6 @@ concurrency: cancel-in-progress: true jobs: - unit-tests: - name: unit-tests (${{ matrix.test-type.name }}) - needs: build-and-push - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - test-type: - - name: standard - command: cargo test - - name: asan - command: | - curl --proto "=https" --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain nightly && - source "${HOME}"/.cargo/env && - rustup component add rust-src --toolchain nightly && - TARGET=$(rustc --version --verbose | grep host | cut -d" " -f2) && - RUSTFLAGS="-Z sanitizer=address" cargo +nightly test -Z build-std --target "$TARGET" - steps: - - name: Pull builder image - run: docker pull quay.io/rhacs-eng/qa:berserker-builder-${{ needs.build-and-push.outputs.tag }} - - - name: Run ${{ matrix.test-type.name }} tests - run: docker run --rm quay.io/rhacs-eng/qa:berserker-builder-${{ needs.build-and-push.outputs.tag }} bash -c '${{ matrix.test-type.command }}' - build-and-push: runs-on: ubuntu-latest outputs: @@ -92,3 +68,27 @@ jobs: username: ${{ secrets.QUAY_STACKROX_IO_RW_USERNAME }} password: ${{ secrets.QUAY_STACKROX_IO_RW_PASSWORD }} + unit-tests: + name: unit-tests (${{ matrix.test-type.name }}) + needs: build-and-push + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + test-type: + - name: standard + command: cargo test + - name: asan + command: | + curl --proto "=https" --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain nightly && + source "${HOME}"/.cargo/env && + rustup component add rust-src --toolchain nightly && + TARGET=$(rustc --version --verbose | grep host | cut -d" " -f2) && + RUSTFLAGS="-Z sanitizer=address" cargo +nightly test -Z build-std --target "$TARGET" + steps: + - name: Pull builder image + run: docker pull quay.io/rhacs-eng/qa:berserker-builder-${{ needs.build-and-push.outputs.tag }} + + - name: Run ${{ matrix.test-type.name }} tests + run: docker run --rm quay.io/rhacs-eng/qa:berserker-builder-${{ needs.build-and-push.outputs.tag }} bash -c '${{ matrix.test-type.command }}' + From d4361de9d80fbf29362be2890f8be0e4bfcd5a6b Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Thu, 26 Mar 2026 08:36:26 -0700 Subject: [PATCH 07/10] Pulling stackrox-io image --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 988a075..d042c10 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -87,7 +87,7 @@ jobs: RUSTFLAGS="-Z sanitizer=address" cargo +nightly test -Z build-std --target "$TARGET" steps: - name: Pull builder image - run: docker pull quay.io/rhacs-eng/qa:berserker-builder-${{ needs.build-and-push.outputs.tag }} + run: docker pull quay.io/stackrox-io/qa:berserker-builder-${{ needs.build-and-push.outputs.tag }} - name: Run ${{ matrix.test-type.name }} tests run: docker run --rm quay.io/rhacs-eng/qa:berserker-builder-${{ needs.build-and-push.outputs.tag }} bash -c '${{ matrix.test-type.command }}' From 8ae600934da58f6f8d4fef9bfd3d4856abefd13d Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Thu, 26 Mar 2026 08:48:40 -0700 Subject: [PATCH 08/10] Push builder to stackrox-io --- .github/workflows/main.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d042c10..0d10eb0 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -36,6 +36,14 @@ jobs: username: ${{ secrets.QUAY_RHACS_ENG_RW_USERNAME }} password: ${{ secrets.QUAY_RHACS_ENG_RW_PASSWORD }} + - name: Retag and push builder to stackrox-io + uses: stackrox/actions/images/retag-and-push@v1 + with: + src-image: builder + dst-image: quay.io/stackrox-io/qa:berserker-builder-${{ steps.get-tag.outputs.tag }} + username: ${{ secrets.QUAY_RHACS_ENG_RW_USERNAME }} + password: ${{ secrets.QUAY_RHACS_ENG_RW_PASSWORD }} + - name: Retag and push berserker to rhacs-eng uses: stackrox/actions/images/retag-and-push@v1 with: From 24702de8c2ef915d76fa0bf65257ec38701a04b6 Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Thu, 26 Mar 2026 08:58:44 -0700 Subject: [PATCH 09/10] Should be using the correct images --- .github/workflows/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 0d10eb0..f4d5351 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -40,7 +40,7 @@ jobs: uses: stackrox/actions/images/retag-and-push@v1 with: src-image: builder - dst-image: quay.io/stackrox-io/qa:berserker-builder-${{ steps.get-tag.outputs.tag }} + dst-image: quay.io/stackrox-io/berserker:builder-${{ steps.get-tag.outputs.tag }} username: ${{ secrets.QUAY_RHACS_ENG_RW_USERNAME }} password: ${{ secrets.QUAY_RHACS_ENG_RW_PASSWORD }} @@ -95,8 +95,8 @@ jobs: RUSTFLAGS="-Z sanitizer=address" cargo +nightly test -Z build-std --target "$TARGET" steps: - name: Pull builder image - run: docker pull quay.io/stackrox-io/qa:berserker-builder-${{ needs.build-and-push.outputs.tag }} + run: docker pull quay.io/stackrox-io/berserker:builder-${{ needs.build-and-push.outputs.tag }} - name: Run ${{ matrix.test-type.name }} tests - run: docker run --rm quay.io/rhacs-eng/qa:berserker-builder-${{ needs.build-and-push.outputs.tag }} bash -c '${{ matrix.test-type.command }}' + run: docker run --rm quay.io/stackrox-io/berserker:builder-${{ needs.build-and-push.outputs.tag }} bash -c '${{ matrix.test-type.command }}' From 65725333e01044e33decea9e603f0f6b085bf46a Mon Sep 17 00:00:00 2001 From: JoukoVirtanen Date: Thu, 26 Mar 2026 09:55:53 -0700 Subject: [PATCH 10/10] Using the correct credentials --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index f4d5351..f226b09 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -41,8 +41,8 @@ jobs: with: src-image: builder dst-image: quay.io/stackrox-io/berserker:builder-${{ steps.get-tag.outputs.tag }} - username: ${{ secrets.QUAY_RHACS_ENG_RW_USERNAME }} - password: ${{ secrets.QUAY_RHACS_ENG_RW_PASSWORD }} + username: ${{ secrets.QUAY_STACKROX_IO_RW_USERNAME }} + password: ${{ secrets.QUAY_STACKROX_IO_RW_PASSWORD }} - name: Retag and push berserker to rhacs-eng uses: stackrox/actions/images/retag-and-push@v1