Skip to content
C Integration Tests

fix the go path in the golang actions #42

Sign in to view logs

fix the go path in the golang actions

fix the go path in the golang actions #42

Workflow file for this run

.github/workflows/c-tests.yml at 02a362a
name: C Integration Tests
on:
push:
branches:
- "**"
pull_request:
jobs:
integration-subtests:
name: ${{ matrix.name }}
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
- name: "Security: Filesystem Isolation (File Privacy)"
pattern: "^TestContainerizationAPISecurityIntegration$/^file privacy across request IDs$"
- name: "Security: Disk Cleanup (Storage Exhaustion)"
pattern: "^TestContainerizationAPISecurityIntegration$/^disk spammer is terminated and data is reclaimed$"
- name: "Resource: Fork Bomb Containment"
pattern: "^TestContainerizationAPISecurityIntegration$/^fork bomb does not poison subsequent requests$"
- name: "Security: Network Namespace (Localhost Bridge)"
pattern: "^TestContainerizationAPISecurityIntegration$/^network namespace blocks localhost bridge$"
- name: "Security: Memory Limit (Hard OOM)"
pattern: "^TestContainerizationAPISecurityIntegration$/^memory hard limit triggers oom kill$"
- name: "Resilience: I/O Flood (Bounded Stderr)"
pattern: "^TestContainerizationAPISecurityIntegration$/^io flood is bounded and returns before timeout$"
- name: "Resilience: Signal Trap Uses SIGKILL Timeout"
pattern: "^TestContainerizationAPISecurityIntegration$/^signal trap cannot survive forced timeout$"
- name: "Resilience: Orphan Grandchild Reaping"
pattern: "^TestContainerizationAPISecurityIntegration$/^orphan grandchild is reaped after request exits$"
- name: "Resilience: Inode Exhaustion Safety"
pattern: "^TestContainerizationAPISecurityIntegration$/^inode bomb does not poison host temp filesystem$"
- name: "Resilience: Privileged Syscall Denial"
pattern: "^TestContainerizationAPISecurityIntegration$/^privileged reboot syscall is denied$"
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Run subtest in privileged sandbox runtime
run: |
docker run --rm --privileged --cgroupns=host \
-v /sys/fs/cgroup:/sys/fs/cgroup:rw \
-v "${{ github.workspace }}:/work" \
-w /work \
golang:1.25-bookworm bash -c '
set -euo pipefail
export PATH="/usr/local/go/bin:$PATH"
apt-get update
apt-get install -y --no-install-recommends gcc libc6-dev ca-certificates
go test -v -run "${{ matrix.pattern }}" ./...
'