Skip to content

Add CAP_BPF capability for non-root usage #189

Add CAP_BPF capability for non-root usage

Add CAP_BPF capability for non-root usage #189

Workflow file for this run

name: Go CI/CD
on:
push:
branches: [ master, main ]
pull_request:
branches: [ master, main ]
env:
REGISTRY: ghcr.io
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Go
uses: actions/[email protected]
with:
go-version: 1.21
- name: Libraries
run: sudo apt-get install -y libpcap-dev libluajit-5.1-dev
- name: LuaJIT
run: git clone https://luajit.org/git/luajit-2.0.git && cd luajit-2.0 && git checkout v2.1 && make CCOPT="-static -fPIC" BUILDMODE="static" && sudo make install
- name: Build
run: go build -ldflags "-s -w" -o heplify *.go
docker-push:
if: github.event_name != 'pull_request'
runs-on: ubuntu-latest
needs: build
permissions:
packages: write
contents: read
steps:
- uses: actions/checkout@v4
- id: tag_bump
name: Bump version and push tag
uses: anothrNick/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
DEFAULT_BUMP: none
BRANCH: master
- name: Log in to the Container registry
uses: docker/[email protected]
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker meta
id: meta
uses: docker/[email protected]
with:
images: |
ghcr.io/${{ github.repository }}
tags: |
latest
${{ steps.tag_bump.outputs.tag }}
- name: Build and push
uses: docker/[email protected]
with:
context: .
file: ./docker/heplify/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}