]> git.ipfire.org Git - people/ms/suricata.git/blame - .github/workflows/builds.yml
projects / people / ms / suricata.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ci: adds default warning flag about float conversions
[people/ms/suricata.git] / .github / workflows / builds.yml
CommitLineData
3887f8d1
JI		 1name: builds
2
3on:
4 - push
5 - pull_request
6
ced66563
JI		 7env:
8 DEFAULT_LIBHTP_REPO: https://github.com/OISF/libhtp
9 DEFAULT_LIBHTP_BRANCH: 0.5.x
7d22993a
JI		 10 DEFAULT_LIBHTP_PR:
11
ced66563
JI		 12 DEFAULT_SU_REPO: https://github.com/OISF/suricata-update
13 DEFAULT_SU_BRANCH: master
7d22993a
JI		 14 DEFAULT_SU_PR:
15
ced66563
JI		 16 DEFAULT_SV_REPO: https://github.com/OISF/suricata-verify
17 DEFAULT_SV_BRANCH: master
7d22993a 18 DEFAULT_SV_PR:
ced66563 19
1ec6307d
JI		 20 DEFAULT_CFLAGS: "-Wall -Wextra -Werror -Wno-unused-parameter -Wno-unused-function"
21
dfbd38e8
JI		 22 # Apt sometimes likes to ask for user input, this will prevent that.
23 DEBIAN_FRONTEND: "noninteractive"
24
f629321d
SD		 25 # A recent version of stable Rust that is known to pass build, test and other
26 # verification steps in this workflow. This was added because using "stable"
27 # could cause some steps to fail.
28 RUST_VERSION_KNOWN: "1.49.0"
cb963f86 29
37eff69a
JI		 30 # The minimum version of Rust supported.
31 RUST_VERSION_MIN: "1.41.1"
32
3887f8d1
JI		 33jobs:
34
1f1a7651
JI		 35 prepare-deps:
36 name: Prepare dependencies
ced66563
JI		 37 runs-on: ubuntu-latest
38 steps:
1f1a7651
JI		 39 - name: Cache ~/.cargo
40 uses: actions/cache@v1
41 with:
42 path: ~/.cargo
43 key: cargo
ced66563
JI		 44 - run: sudo apt update && sudo apt -y install jq curl
45 - name: Parse repo and branch information
46 env:
47 # We fetch the actual pull request to get the latest body as
48 # github.event.pull_request.body has the body from the
49 # initial pull request.
50 PR_HREF: ${{ github.event.pull_request._links.self.href }}
51 run: |
52 if test "${PR_HREF}"; then
d2c8c9f5
JL		 53 body=$(curl -s "${PR_HREF}" | jq -r .body | tr -d '\r')
54
ced66563
JI		 55 libhtp_repo=$(echo "${body}" | awk '/^libhtp-repo/ { print $2 }')
56 libhtp_branch=$(echo "${body}" | awk '/^libhtp-branch/ { print $2 }')
7d22993a
JI		 57 libhtp_pr=$(echo "${body}" | awk '/^libhtp-pr/ { print $2 }')
58
ced66563
JI		 59 su_repo=$(echo "${body}" | awk '/^suricata-update-repo/ { print $2 }')
60 su_branch=$(echo "${body}" | awk '/^suricata-update-branch/ { print $2 }')
7d22993a
JI		 61 su_pr=$(echo "${body}" | awk '/^suricata-update-pr/ { print $2 }')
62
ced66563
JI		 63 sv_repo=$(echo "${body}" | awk '/^suricata-verify-repo/ { print $2 }')
64 sv_branch=$(echo "${body}" | awk '/^suricata-verify-branch/ { print $2 }')
7d22993a 65 sv_pr=$(echo "${body}" | awk '/^suricata-verify-pr/ { print $2 }')
ced66563 66 fi
2ede7361
JI		 67 echo "libhtp_repo=${libhtp_repo:-${DEFAULT_LIBHTP_REPO}}" >> $GITHUB_ENV
68 echo "libhtp_branch=${libhtp_branch:-${DEFAULT_LIBHTP_BRANCH}}" >> $GITHUB_ENV
69 echo "libhtp_pr=${libhtp_pr:-${DEFAULT_LIBHTP_PR}}" >> $GITHUB_ENV
7d22993a 70
2ede7361
JI		 71 echo "su_repo=${su_repo:-${DEFAULT_SU_REPO}}" >> $GITHUB_ENV
72 echo "su_branch=${su_branch:-${DEFAULT_SU_BRANCH}}" >> $GITHUB_ENV
73 echo "su_pr=${su_pr:-${DEFAULT_SU_PR}}" >> $GITHUB_ENV
7d22993a 74
2ede7361
JI		 75 echo "sv_repo=${sv_repo:-${DEFAULT_SV_REPO}}" >> $GITHUB_ENV
76 echo "sv_branch=${sv_branch:-${DEFAULT_SV_BRANCH}}" >> $GITHUB_ENV
77 echo "sv_pr=${sv_pr:-${DEFAULT_SV_PR}}" >> $GITHUB_ENV
ced66563
JI		 78 - name: Fetching libhtp
79 run: |
7d22993a
JI		 80 git clone --depth 1 ${libhtp_repo} -b ${libhtp_branch} libhtp
81 if [[ "${libhtp_pr}" != "" ]]; then
82 cd libhtp
3a3a9e13 83 git fetch origin pull/${libhtp_pr}/head:prep
7d22993a
JI		 84 git checkout prep
85 cd ..
86 fi
ced66563 87 tar zcf libhtp.tar.gz libhtp
ced66563
JI		 88 - name: Fetching suricata-update
89 run: |
7d22993a
JI		 90 git clone --depth 1 ${su_repo} -b ${su_branch} suricata-update
91 if [[ "${su_pr}" != "" ]]; then
92 cd suricata-update
93 git fetch origin pull/${su_pr}/head:prep
94 git checkout prep
95 cd ..
96 fi
ced66563 97 tar zcf suricata-update.tar.gz suricata-update
ced66563
JI		 98 - name: Fetching suricata-verify
99 run: |
3e81d20a 100 git clone ${sv_repo} -b ${sv_branch} suricata-verify
7d22993a
JI		 101 if [[ "${sv_pr}" != "" ]]; then
102 cd suricata-verify
103 git fetch origin pull/${sv_pr}/head:prep
104 git checkout prep
7fa3e8df
PA		 105 git config --global user.email you@example.com
106 git config --global user.name You
3e81d20a 107 git rebase ${DEFAULT_SV_BRANCH}
7d22993a
JI		 108 cd ..
109 fi
ced66563 110 tar zcf suricata-verify.tar.gz suricata-verify
1f1a7651
JI		 111 - name: Cleaning up
112 run: rm -rf libhtp suricata-update suricata-verify
113 - name: Uploading prep archive
114 uses: actions/upload-artifact@v2
115 with:
116 name: prep
117 path: .
118
119 prepare-cbindgen:
120 name: Prepare cbindgen
121 runs-on: ubuntu-latest
122 steps:
123 - name: Cache ~/.cargo
124 uses: actions/cache@v1
125 with:
126 path: ~/.cargo
127 key: cbindgen
128 - name: Installing Rust
129 run: |
130 curl https://sh.rustup.rs -sSf | sh -s -- -y
131 echo "$HOME/.cargo/bin" >> $GITHUB_PATH
132 rustup target add x86_64-unknown-linux-musl
133 - name: Buliding static cbindgen for Linux
134 run: |
135 cargo install --target x86_64-unknown-linux-musl --debug cbindgen
136 cp $HOME/.cargo/bin/cbindgen .
137 - name: Uploading prep archive
138 uses: actions/upload-artifact@v2
ced66563
JI		 139 with:
140 name: prep
141 path: .
142
3887f8d1
JI		 143 centos-8:
144 name: CentOS 8
145 runs-on: ubuntu-latest
146 container: centos:8
1f1a7651 147 needs: [prepare-deps, prepare-cbindgen]
3887f8d1 148 steps:
3887f8d1
JI		 149 # Cache Rust stuff.
150 - name: Cache cargo registry
151 uses: actions/cache@v1
152 with:
153 path: ~/.cargo/registry
154 key: cargo-registry
155
ced66563
JI		 156 - uses: actions/checkout@v2
157
bb7f80ef
JI		 158 # Prebuild check for duplicat SIDs
159 - name: Check for duplicate SIDs
160 run: |
161 dups=$(sed -n 's/^alert.*sid:\([[:digit:]]*\);.*/\1/p' ./rules/*.rules|sort|uniq -d|tr '\n' ' ')
162 if [[ "${dups}" != "" ]]; then
163 echo "::error::Duplicate SIDs found:${dups}"
164 exit 1
165 fi
166
ced66563
JI		 167 # Download and extract dependency archives created during prep
168 # job.
169 - uses: actions/download-artifact@v2
170 with:
171 name: prep
172 path: prep
173 - run: tar xvf prep/libhtp.tar.gz
174 - run: tar xvf prep/suricata-update.tar.gz
175 - run: tar xvf prep/suricata-verify.tar.gz
1f1a7651
JI		 176 - name: Setup cbindgen
177 run: |
178 mkdir -p $HOME/.cargo/bin
179 cp prep/cbindgen $HOME/.cargo/bin
180 chmod 755 $HOME/.cargo/bin/cbindgen
181 echo "$HOME/.cargo/bin" >> $GITHUB_PATH
3887f8d1
JI		 182 - name: Install system packages
183 run: |
184 yum -y install dnf-plugins-core
f09536a9 185 yum config-manager --set-enabled powertools
3887f8d1
JI		 186 yum -y install \
187 autoconf \
188 automake \
189 cargo-vendor \
190 diffutils \
191 file-devel \
192 gcc \
193 gcc-c++ \
194 git \
195 jansson-devel \
196 jq \
197 lua-devel \
198 libtool \
199 libyaml-devel \
200 libnfnetlink-devel \
201 libnetfilter_queue-devel \
202 libnet-devel \
203 libcap-ng-devel \
204 libevent-devel \
205 libmaxminddb-devel \
206 libpcap-devel \
207 libtool \
208 lz4-devel \
209 make \
210 nss-devel \
acb1ab08 211 pcre2-devel \
3887f8d1
JI		 212 pkgconfig \
213 python3-devel \
214 python3-sphinx \
215 python3-yaml \
216 rust-toolset \
217 sudo \
218 which \
219 zlib-devel
220 # These packages required to build the PDF.
221 yum -y install \
222 texlive-latex \
223 texlive-cmap \
224 texlive-collection-latexrecommended \
225 texlive-fncychap \
226 texlive-titlesec \
227 texlive-tabulary \
228 texlive-framed \
229 texlive-wrapfig \
230 texlive-upquote \
231 texlive-capt-of \
232 texlive-needspace \
3887f8d1
JI		 233 - name: Configuring
234 run: |
235 ./autogen.sh
8b38db4a 236 CFLAGS="${DEFAULT_CFLAGS}" ./configure
211b193e
JI		 237 - run: make -j2 distcheck
238 env:
239 DISTCHECK_CONFIGURE_FLAGS: "--enable-unittests --enable-debug --enable-lua --enable-geoip --enable-profiling --enable-profiling-locks"
240 - run: test -e doc/userguide/suricata.1
5d0d6302
JI		 241 - name: Building Rust documentation
242 run: make doc
243 working-directory: rust
211b193e 244 - name: Preparing distribution
3887f8d1 245 run: |
3887f8d1
JI		 246 mkdir dist
247 mv suricata-*.tar.gz dist
248 - uses: actions/upload-artifact@v1
249 name: Uploading distribution
250 with:
251 name: dist
252 path: dist
253
254 centos-7:
255 name: CentOS 7
256 runs-on: ubuntu-latest
257 container: centos:7
82ecf64f 258 needs: [prepare-deps, centos-8]
3887f8d1
JI		 259 steps:
260 - name: Install system dependencies
261 run: |
262 yum -y install epel-release
263 yum -y install \
0de0c60c
JI		 264 autoconf \
265 automake \
3887f8d1
JI		 266 cargo \
267 diffutils \
268 file-devel \
269 gcc \
270 gcc-c++ \
271 jansson-devel \
272 jq \
273 lua-devel \
274 libtool \
275 libyaml-devel \
276 libnfnetlink-devel \
277 libnetfilter_queue-devel \
278 libnet-devel \
279 libcap-ng-devel \
280 libevent-devel \
281 libmaxminddb-devel \
282 libpcap-devel \
283 lz4-devel \
284 make \
285 nss-devel \
acb1ab08 286 pcre2-devel \
3887f8d1 287 pkgconfig \
82ecf64f 288 python36-PyYAML \
3887f8d1
JI		 289 rust \
290 sudo \
291 which \
292 zlib-devel
293 - name: Download suricata.tar.gz
ced66563 294 uses: actions/download-artifact@v2
3887f8d1
JI		 295 with:
296 name: dist
ced66563 297 - run: tar zxvf suricata-*.tar.gz --strip-components=1
0de0c60c
JI		 298 # This isn't really needed as we are building from a prepared
299 # package, but some package managers like RPM and Debian like to
300 # run this command even on prepared packages, so make sure it
301 # works.
302 - name: Test autoreconf
303 run: autoreconf -fv --install
8b38db4a 304 - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure
83630015
JI		 305 - run: make -j2
306 - run: make install
307 - run: make install-conf
308 - run: make distcheck
0a1d2fce
JI		 309 - run: make clean
310 - run: make -j2
82ecf64f
JI		 311 - uses: actions/download-artifact@v2
312 with:
313 name: prep
314 path: prep
315 - run: tar xf prep/suricata-verify.tar.gz
bfac4ff4 316 - run: python3 ./suricata-verify/run.py -q
3887f8d1 317
7be793f7
CT		 318 fedora-35:
319 name: Fedora 35 (debug, clang, asan, wshadow, rust-strict)
320 runs-on: ubuntu-latest
321 container: fedora:35
322 needs: [prepare-deps, prepare-cbindgen]
323 steps:
324
325 # Cache Rust stuff.
326 - name: Cache cargo registry
327 uses: actions/cache@v1
328 with:
329 path: ~/.cargo/registry
330 key: cargo-registry
331
332 - run: |
333 dnf -y install \
334 autoconf \
335 automake \
336 cargo \
337 ccache \
338 clang \
339 diffutils \
340 file-devel \
341 gcc \
342 gcc-c++ \
343 git \
344 hiredis-devel \
345 jansson-devel \
346 jq \
347 lua-devel \
348 libasan \
349 libtool \
350 libyaml-devel \
351 libnfnetlink-devel \
352 libnetfilter_queue-devel \
353 libnet-devel \
354 libcap-ng-devel \
355 libevent-devel \
356 libmaxminddb-devel \
357 libpcap-devel \
358 libtool \
359 lz4-devel \
360 make \
361 nss-softokn-devel \
362 pcre2-devel \
363 pkgconfig \
364 python3-yaml \
365 sudo \
366 which \
367 zlib-devel
368 - uses: actions/checkout@v2
369 - uses: actions/download-artifact@v2
370 with:
371 name: prep
372 path: prep
373 - run: tar xf prep/libhtp.tar.gz
374 - name: Setup cbindgen
375 run: |
376 mkdir -p $HOME/.cargo/bin
377 cp prep/cbindgen $HOME/.cargo/bin
378 chmod 755 $HOME/.cargo/bin/cbindgen
379 echo "$HOME/.cargo/bin" >> $GITHUB_PATH
380 - run: ./autogen.sh
381 - run: CC="clang" CFLAGS="$DEFAULT_CFLAGS -Wshadow -fsanitize=address -fno-omit-frame-pointer" ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis
382 env:
383 LDFLAGS: "-fsanitize=address"
384 ac_cv_func_realloc_0_nonnull: "yes"
385 ac_cv_func_malloc_0_nonnull: "yes"
386 - run: make -j2
387 - run: ASAN_OPTIONS="detect_leaks=0" ./src/suricata -u -l .
388 - name: Extracting suricata-verify
389 run: tar xf prep/suricata-verify.tar.gz
390 - name: Running suricata-verify
391 run: python3 ./suricata-verify/run.py -q
392 # Now install and make sure headers and libraries aren't install
393 # until requested.
394 - run: make install
395 - run: test ! -e /usr/local/lib/libsuricata_c.a
396 - run: test ! -e /usr/local/include/suricata
397 - run: make install-headers
398 - run: test -e /usr/local/include/suricata/suricata.h
399 - run: make install-library
400 - run: test -e /usr/local/lib/libsuricata_c.a
401 - run: test -e /usr/local/lib/libsuricata_rust.a
402 - run: test -e /usr/local/bin/libsuricata-config
403 - run: test ! -e /usr/local/lib/libsuricata.so
404
a480ec2b
JI		 405 fedora-34:
406 name: Fedora 34 (debug, clang, asan, wshadow, rust-strict)
42196e93 407 runs-on: ubuntu-latest
a480ec2b 408 container: fedora:34
1f1a7651 409 needs: [prepare-deps, prepare-cbindgen]
42196e93
JI		 410 steps:
411
412 # Cache Rust stuff.
413 - name: Cache cargo registry
414 uses: actions/cache@v1
415 with:
416 path: ~/.cargo/registry
417 key: cargo-registry
418
419 - run: |
420 dnf -y install \
421 autoconf \
422 automake \
423 cargo \
424 ccache \
425 clang \
426 diffutils \
427 file-devel \
428 gcc \
429 gcc-c++ \
430 git \
def63638 431 hiredis-devel \
42196e93
JI		 432 jansson-devel \
433 jq \
434 lua-devel \
435 libasan \
436 libtool \
437 libyaml-devel \
438 libnfnetlink-devel \
439 libnetfilter_queue-devel \
440 libnet-devel \
441 libcap-ng-devel \
442 libevent-devel \
443 libmaxminddb-devel \
444 libpcap-devel \
445 libtool \
446 lz4-devel \
447 make \
42196e93 448 nss-softokn-devel \
acb1ab08 449 pcre2-devel \
42196e93
JI		 450 pkgconfig \
451 python3-yaml \
452 sudo \
453 which \
454 zlib-devel
42196e93
JI		 455 - uses: actions/checkout@v2
456 - uses: actions/download-artifact@v2
457 with:
458 name: prep
459 path: prep
460 - run: tar xf prep/libhtp.tar.gz
1f1a7651
JI		 461 - name: Setup cbindgen
462 run: |
463 mkdir -p $HOME/.cargo/bin
464 cp prep/cbindgen $HOME/.cargo/bin
465 chmod 755 $HOME/.cargo/bin/cbindgen
466 echo "$HOME/.cargo/bin" >> $GITHUB_PATH
42196e93 467 - run: ./autogen.sh
743fb12a 468 - run: CC="clang" CFLAGS="$DEFAULT_CFLAGS -Wshadow -fsanitize=address -fno-omit-frame-pointer -Wimplicit-int-float-conversion" ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis
42196e93 469 env:
325096a0 470 LDFLAGS: "-fsanitize=address"
42196e93
JI		 471 ac_cv_func_realloc_0_nonnull: "yes"
472 ac_cv_func_malloc_0_nonnull: "yes"
473 - run: make -j2
474 - run: ASAN_OPTIONS="detect_leaks=0" ./src/suricata -u -l .
475 - name: Extracting suricata-verify
476 run: tar xf prep/suricata-verify.tar.gz
477 - name: Running suricata-verify
bfac4ff4 478 run: python3 ./suricata-verify/run.py -q
93ce39d4
JI		 479 # Now install and make sure headers and libraries aren't install
480 # until requested.
481 - run: make install
482 - run: test ! -e /usr/local/lib/libsuricata_c.a
483 - run: test ! -e /usr/local/include/suricata
484 - run: make install-headers
485 - run: test -e /usr/local/include/suricata/suricata.h
486 - run: make install-library
487 - run: test -e /usr/local/lib/libsuricata_c.a
488 - run: test -e /usr/local/lib/libsuricata_rust.a
489 - run: test -e /usr/local/bin/libsuricata-config
490 - run: test ! -e /usr/local/lib/libsuricata.so
42196e93 491
a480ec2b
JI		 492 fedora-33:
493 name: Fedora 33 (debug, clang, asan, wshadow, rust-strict)
1ec6307d 494 runs-on: ubuntu-latest
a480ec2b 495 container: fedora:33
1f1a7651 496 needs: [prepare-deps, prepare-cbindgen]
1ec6307d
JI		 497 steps:
498
499 # Cache Rust stuff.
500 - name: Cache cargo registry
501 uses: actions/cache@v1
502 with:
503 path: ~/.cargo/registry
504 key: cargo-registry
505
506 - run: |
507 dnf -y install \
508 autoconf \
509 automake \
510 cargo \
511 ccache \
512 clang \
513 diffutils \
514 file-devel \
515 gcc \
516 gcc-c++ \
517 git \
518 jansson-devel \
519 jq \
520 lua-devel \
521 libasan \
522 libtool \
523 libyaml-devel \
524 libnfnetlink-devel \
525 libnetfilter_queue-devel \
526 libnet-devel \
527 libcap-ng-devel \
528 libevent-devel \
529 libmaxminddb-devel \
530 libpcap-devel \
531 libtool \
532 lz4-devel \
533 make \
1ec6307d 534 nss-softokn-devel \
acb1ab08 535 pcre2-devel \
1ec6307d
JI		 536 pkgconfig \
537 python3-yaml \
538 sudo \
539 which \
540 zlib-devel
1ec6307d
JI		 541 - uses: actions/checkout@v2
542 - uses: actions/download-artifact@v2
543 with:
544 name: prep
545 path: prep
1f1a7651
JI		 546 - name: Setup cbindgen
547 run: |
548 mkdir -p $HOME/.cargo/bin
549 cp prep/cbindgen $HOME/.cargo/bin
550 chmod 755 $HOME/.cargo/bin/cbindgen
551 echo "$HOME/.cargo/bin" >> $GITHUB_PATH
1ec6307d
JI		 552 - run: tar xf prep/libhtp.tar.gz
553 - run: ./autogen.sh
b698f66c 554 - run: CC="clang" CFLAGS="$DEFAULT_CFLAGS -Wshadow -fsanitize=address -fno-omit-frame-pointer" ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict
1ec6307d 555 env:
325096a0 556 LDFLAGS: "-fsanitize=address"
1ec6307d
JI		 557 ac_cv_func_realloc_0_nonnull: "yes"
558 ac_cv_func_malloc_0_nonnull: "yes"
559 - run: make -j2
560 - run: ASAN_OPTIONS="detect_leaks=0" ./src/suricata -u -l .
561 - name: Extracting suricata-verify
562 run: tar xf prep/suricata-verify.tar.gz
563 - name: Running suricata-verify
bfac4ff4 564 run: python3 ./suricata-verify/run.py -q
1ec6307d 565
a480ec2b
JI		 566 fedora-34-no-jansson:
567 name: Fedora 34 (no jansson)
280ab657 568 runs-on: ubuntu-latest
a480ec2b 569 container: fedora:34
1f1a7651 570 needs: [prepare-deps, prepare-cbindgen]
280ab657
JI		 571 steps:
572
573 # Cache Rust stuff.
574 - name: Cache cargo registry
575 uses: actions/cache@v1
576 with:
577 path: ~/.cargo/registry
578 key: cargo-registry
579
580 - run: |
581 dnf -y install \
582 autoconf \
583 automake \
584 cargo \
585 ccache \
586 clang \
587 diffutils \
588 file-devel \
589 gcc \
590 gcc-c++ \
591 git \
592 lua-devel \
593 libasan \
594 libtool \
595 libyaml-devel \
596 libnfnetlink-devel \
597 libnetfilter_queue-devel \
598 libnet-devel \
599 libcap-ng-devel \
600 libevent-devel \
601 libmaxminddb-devel \
602 libpcap-devel \
603 libtool \
604 lz4-devel \
605 make \
280ab657 606 nss-softokn-devel \
acb1ab08 607 pcre2-devel \
280ab657
JI		 608 pkgconfig \
609 python3-yaml \
610 sudo \
611 which \
612 zlib-devel
280ab657
JI		 613 - uses: actions/checkout@v2
614 - uses: actions/download-artifact@v2
615 with:
616 name: prep
617 path: prep
618 - run: tar xf prep/libhtp.tar.gz
1f1a7651
JI		 619 - name: Setup cbindgen
620 run: |
621 mkdir -p $HOME/.cargo/bin
622 cp prep/cbindgen $HOME/.cargo/bin
623 chmod 755 $HOME/.cargo/bin/cbindgen
624 echo "$HOME/.cargo/bin" >> $GITHUB_PATH
280ab657
JI		 625 - run: ./autogen.sh
626 - run: |
627 if ./configure; then
628 echo "error: configure should have failed"
629 exit 1
630 else
631 exit 0
632 fi
633
f0f57844
VJ		 634 ubuntu-20-04-cov-sv:
635 name: Ubuntu 20.04 (suricata verify coverage)
dfbd38e8
JI		 636 runs-on: ubuntu-latest
637 container: ubuntu:20.04
1f1a7651 638 needs: [prepare-deps, prepare-cbindgen]
dfbd38e8
JI		 639 steps:
640 - name: Install dependencies
641 run: |
642 apt update
643 apt -y install \
acb1ab08 644 libpcre2-dev \
dfbd38e8
JI		 645 build-essential \
646 autoconf \
647 automake \
f0f57844 648 gcc-9 \
dfbd38e8
JI		 649 git \
650 jq \
651 libtool \
652 libpcap-dev \
653 libnet1-dev \
654 libyaml-0-2 \
655 libyaml-dev \
656 libcap-ng-dev \
657 libcap-ng0 \
658 libmagic-dev \
ae29804a 659 libnet1-dev \
dfbd38e8
JI		 660 libnetfilter-queue-dev \
661 libnetfilter-queue1 \
662 libnfnetlink-dev \
663 libnfnetlink0 \
664 libhiredis-dev \
f0f57844 665 liblua5.1-dev \
dfbd38e8
JI		 666 libjansson-dev \
667 libevent-dev \
668 libevent-pthreads-2.1-7 \
669 libjansson-dev \
670 libpython2.7 \
671 make \
672 parallel \
673 python3-yaml \
674 rustc \
675 software-properties-common \
676 zlib1g \
677 zlib1g-dev \
f0f57844
VJ		 678 exuberant-ctags \
679 curl
dfbd38e8
JI		 680 - uses: actions/checkout@v2
681 - uses: actions/download-artifact@v2
682 with:
683 name: prep
684 path: prep
685 - run: tar xf prep/libhtp.tar.gz
1f1a7651
JI		 686 - name: Setup cbindgen
687 run: |
688 mkdir -p $HOME/.cargo/bin
689 cp prep/cbindgen $HOME/.cargo/bin
690 chmod 755 $HOME/.cargo/bin/cbindgen
691 echo "$HOME/.cargo/bin" >> $GITHUB_PATH
dfbd38e8 692 - run: ./autogen.sh
f2e95174 693 - run: CFLAGS="${DEFAULT_CFLAGS} -fprofile-arcs -ftest-coverage -O0 -ggdb" ./configure
dfbd38e8 694 - run: make -j2
dfbd38e8
JI		 695 - name: Extracting suricata-verify
696 run: tar xf prep/suricata-verify.tar.gz
697 - name: Running suricata-verify
bfac4ff4 698 run: python3 ./suricata-verify/run.py -q
f0f57844
VJ		 699 - name: Gcov
700 run: |
701 cd src
711cfe56 702 gcov-9 -p *.[ch]
f0f57844 703 cd ../libhtp/htp
711cfe56 704 gcov-9 -p *.[ch]
f0f57844
VJ		 705 - name: Upload coverage to Codecov
706 uses: codecov/codecov-action@v1
707 with:
708 flags: suricata-verify
709
710 ubuntu-20-04-cov-ut:
711 name: Ubuntu 20.04 (unittests coverage)
712 runs-on: ubuntu-latest
713 container: ubuntu:20.04
714 needs: [prepare-deps, prepare-cbindgen]
715 steps:
716 - name: Install dependencies
717 run: |
718 apt update
719 apt -y install \
acb1ab08 720 libpcre2-dev \
f0f57844
VJ		 721 build-essential \
722 autoconf \
723 automake \
724 gcc-9 \
725 git \
726 jq \
727 libtool \
728 libpcap-dev \
729 libnet1-dev \
730 libyaml-0-2 \
731 libyaml-dev \
732 libcap-ng-dev \
733 libcap-ng0 \
734 libmagic-dev \
735 libnetfilter-queue-dev \
736 libnetfilter-queue1 \
737 libnfnetlink-dev \
738 libnfnetlink0 \
739 libhiredis-dev \
740 liblua5.1-dev \
741 libjansson-dev \
742 libevent-dev \
743 libevent-pthreads-2.1-7 \
744 libjansson-dev \
745 libpython2.7 \
746 make \
747 parallel \
748 python3-yaml \
749 rustc \
750 software-properties-common \
751 zlib1g \
752 zlib1g-dev \
753 exuberant-ctags \
754 curl
755 - uses: actions/checkout@v2
756 - uses: actions/download-artifact@v2
757 with:
758 name: prep
759 path: prep
760 - run: tar xf prep/libhtp.tar.gz
761 - name: Setup cbindgen
762 run: |
763 mkdir -p $HOME/.cargo/bin
764 cp prep/cbindgen $HOME/.cargo/bin
765 chmod 755 $HOME/.cargo/bin/cbindgen
766 echo "$HOME/.cargo/bin" >> $GITHUB_PATH
767 - run: ./autogen.sh
f2e95174 768 - run: CFLAGS="${DEFAULT_CFLAGS} -fprofile-arcs -ftest-coverage -O0 -ggdb" ./configure --enable-unittests
f0f57844
VJ		 769 - run: make -j2
770 - run: ./src/suricata -u -l /tmp/
771 - name: Gcov
772 run: |
773 cd src
711cfe56 774 gcov-9 -p *.[ch]
f0f57844 775 cd ../libhtp/htp
711cfe56 776 gcov-9 -p *.[ch]
f0f57844
VJ		 777 - name: Upload coverage to Codecov
778 uses: codecov/codecov-action@v1
779 with:
780 flags: unittests
dfbd38e8 781
3ce05a35
VJ		 782 ubuntu-20-04-cov-fuzz:
783 name: Ubuntu 20.04 (fuzz corpus coverage)
784 runs-on: ubuntu-latest
785 container: ubuntu:20.04
786 needs: [prepare-deps, prepare-cbindgen]
787 steps:
788 - name: Install dependencies
789 run: |
790 apt update
791 apt -y install \
acb1ab08 792 libpcre2-dev \
3ce05a35
VJ		 793 build-essential \
794 autoconf \
795 automake \
796 llvm-10 \
797 clang-10 \
798 git \
799 jq \
800 libc++-dev \
801 libc++abi-dev \
802 libtool \
803 libpcap-dev \
804 libnet1-dev \
805 libyaml-0-2 \
806 libyaml-dev \
807 libcap-ng-dev \
808 libcap-ng0 \
809 libmagic-dev \
810 libnetfilter-queue-dev \
811 libnetfilter-queue1 \
812 libnfnetlink-dev \
813 libnfnetlink0 \
814 libhiredis-dev \
815 liblua5.1-dev \
816 libjansson-dev \
817 libevent-dev \
818 libevent-pthreads-2.1-7 \
819 libjansson-dev \
820 libpython2.7 \
821 make \
822 parallel \
823 python3-yaml \
824 rustc \
825 software-properties-common \
826 zlib1g \
827 zlib1g-dev \
828 exuberant-ctags \
829 unzip \
830 curl \
7ca4b135 831 time \
3ce05a35
VJ		 832 wget
833 - uses: actions/checkout@v2
834 - uses: actions/download-artifact@v2
835 with:
836 name: prep
837 path: prep
838 - run: tar xf prep/libhtp.tar.gz
839 - name: Setup cbindgen
840 run: |
841 mkdir -p $HOME/.cargo/bin
842 cp prep/cbindgen $HOME/.cargo/bin
843 chmod 755 $HOME/.cargo/bin/cbindgen
844 echo "$HOME/.cargo/bin" >> $GITHUB_PATH
845 - run: ./autogen.sh
846 - run: LIB_FUZZING_ENGINE="fail_to_onefile_driver" CC=clang-10 CXX=clang++-10 CFLAGS="-fprofile-arcs -ftest-coverage -g -fno-strict-aliasing -fsanitize=address -fno-omit-frame-pointer -fPIC -Wno-unused-parameter -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION=1" CXXFLAGS="-fprofile-arcs -ftest-coverage -g -fno-strict-aliasing -fsanitize=address -fno-omit-frame-pointer -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION=1 -stdlib=libc++" ac_cv_func_malloc_0_nonnull=yes ac_cv_func_realloc_0_nonnull=yes ./configure --with-gnu-ld --enable-fuzztargets --disable-shared --enable-gccprotect
847 - run: make -j2
848 - run: ./qa/run-ossfuzz-corpus.sh
849 - name: Gcov
850 run: |
851 cd src
852 llvm-cov-10 gcov -p *.c
853 - name: Upload coverage to Codecov
854 uses: codecov/codecov-action@v1
855 with:
856 flags: fuzzcorpus
857
975b58c0
JI		 858 ubuntu-20-04-ndebug:
859 name: Ubuntu 20.04 (-DNDEBUG)
860 runs-on: ubuntu-latest
861 container: ubuntu:20.04
1f1a7651 862 needs: [prepare-deps, prepare-cbindgen]
975b58c0
JI		 863 steps:
864
865 - name: Install dependencies
866 run: |
867 apt update
868 apt -y install \
869 build-essential \
870 autoconf \
871 automake \
872 git \
873 jq \
874 libtool \
875 libpcap-dev \
876 libnet1-dev \
877 libyaml-0-2 \
878 libyaml-dev \
879 libcap-ng-dev \
880 libcap-ng0 \
881 libmagic-dev \
882 libnetfilter-queue-dev \
883 libnetfilter-queue1 \
884 libnfnetlink-dev \
885 libnfnetlink0 \
886 libhiredis-dev \
887 libjansson-dev \
888 libevent-dev \
889 libevent-pthreads-2.1-7 \
890 libjansson-dev \
891 libpython2.7 \
acb1ab08 892 libpcre2-dev \
975b58c0
JI		 893 make \
894 parallel \
895 python3-yaml \
896 rustc \
897 software-properties-common \
898 zlib1g \
899 zlib1g-dev \
900 exuberant-ctags
975b58c0
JI		 901 - uses: actions/checkout@v2
902 - uses: actions/download-artifact@v2
903 with:
904 name: prep
905 path: prep
906 - run: tar xf prep/libhtp.tar.gz
1f1a7651
JI		 907 - name: Setup cbindgen
908 run: |
909 mkdir -p $HOME/.cargo/bin
910 cp prep/cbindgen $HOME/.cargo/bin
911 chmod 755 $HOME/.cargo/bin/cbindgen
912 echo "$HOME/.cargo/bin" >> $GITHUB_PATH
975b58c0
JI		 913 - run: ./autogen.sh
914 - run: CFLAGS="$DEFAULT_CFLAGS -DNDEBUG" ./configure --enable-unittests
915 - run: make -j2
916 - run: make check
917 - run: make dist
918 - name: Extracting suricata-verify
919 run: tar xf prep/suricata-verify.tar.gz
920 - name: Running suricata-verify
bfac4ff4 921 run: python3 ./suricata-verify/run.py -q
93ce39d4
JI		 922 # Now install and make sure headers and libraries aren't install
923 # until requested.
924 - run: make install
925 - run: test ! -e /usr/local/lib/libsuricata_c.a
926 - run: test ! -e /usr/local/include/suricata
927 - run: make install-headers
928 - run: test -e /usr/local/include/suricata/suricata.h
929 - run: make install-library
930 - run: test -e /usr/local/lib/libsuricata_c.a
931 - run: test -e /usr/local/lib/libsuricata_rust.a
932 - run: test -e /usr/local/bin/libsuricata-config
933 - run: test -e /usr/local/lib/libsuricata.so
934 - run: test -e /usr/local/lib/$(readlink /usr/local/lib/libsuricata.so)
975b58c0 935
146a1ee1
JI		 936 ubuntu-20-04-too-old-rust:
937 name: Ubuntu 20.04 (unsupported rust)
938 runs-on: ubuntu-latest
939 container: ubuntu:20.04
940 needs: centos-8
941 steps:
942 - name: Install dependencies
943 run: |
944 apt update
945 apt -y install \
946 build-essential \
947 curl \
948 libtool \
949 libpcap-dev \
950 libnet1-dev \
951 libyaml-0-2 \
952 libyaml-dev \
953 libcap-ng-dev \
954 libcap-ng0 \
955 libmagic-dev \
956 libnetfilter-queue-dev \
957 libnetfilter-queue1 \
958 libnfnetlink-dev \
959 libnfnetlink0 \
960 libhiredis-dev \
961 libjansson-dev \
962 libevent-dev \
963 libevent-pthreads-2.1-7 \
964 libjansson-dev \
965 libpython2.7 \
acb1ab08 966 libpcre2-dev \
146a1ee1
JI		 967 make \
968 python3-yaml \
969 software-properties-common \
970 zlib1g \
971 zlib1g-dev \
972 - run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain 1.33.0 -y
2ede7361 973 - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
146a1ee1
JI		 974 - name: Download suricata.tar.gz
975 uses: actions/download-artifact@v2
976 with:
977 name: dist
978 - run: tar zxvf suricata-*.tar.gz --strip-components=1
979 - run: |
980 if ./configure; then
981 echo "error: configure should have failed"
982 exit 1
983 else
984 exit 0
985 fi
986
0ae63e85
SB		 987 ubuntu-18-04-debug-validation:
988 name: Ubuntu 18.04 (Debug Validation)
989 runs-on: ubuntu-18.04
990 container: ubuntu:18.04
1f1a7651 991 needs: [prepare-deps, prepare-cbindgen]
0ae63e85
SB		 992 steps:
993
994 # Cache Rust stuff.
995 - name: Cache cargo registry
996 uses: actions/cache@v1
997 with:
998 path: ~/.cargo/registry
999 key: cargo-registry
1000
1001 - name: Install dependencies
1002 run: |
1003 apt update
1004 apt -y install \
acb1ab08 1005 libpcre2-dev \
0ae63e85
SB		 1006 build-essential \
1007 autoconf \
1008 automake \
1009 git \
1010 jq \
1011 libtool \
1012 libpcap-dev \
1013 libnet1-dev \
1014 libyaml-0-2 \
1015 libyaml-dev \
1016 libcap-ng-dev \
1017 libcap-ng0 \
1018 libmagic-dev \
1019 libnetfilter-queue-dev \
1020 libnetfilter-queue1 \
1021 libnfnetlink-dev \
1022 libnfnetlink0 \
1023 libhiredis-dev \
1024 libjansson-dev \
1025 libevent-dev \
1026 libevent-pthreads-2.1.6 \
1027 libjansson-dev \
1028 libpython2.7 \
1029 make \
1030 parallel \
1031 python3-yaml \
1032 rustc \
1033 software-properties-common \
1034 zlib1g \
1035 zlib1g-dev \
1036 exuberant-ctags
0ae63e85
SB		 1037 - uses: actions/checkout@v2
1038 - uses: actions/download-artifact@v2
1039 with:
1040 name: prep
1041 path: prep
1042 - run: tar xf prep/libhtp.tar.gz
1f1a7651
JI		 1043 - name: Setup cbindgen
1044 run: |
1045 mkdir -p $HOME/.cargo/bin
1046 cp prep/cbindgen $HOME/.cargo/bin
1047 chmod 755 $HOME/.cargo/bin/cbindgen
1048 echo "$HOME/.cargo/bin" >> $GITHUB_PATH
0ae63e85 1049 - run: ./autogen.sh
8b38db4a 1050 - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-debug-validation
0ae63e85
SB		 1051 - run: make -j2
1052 - run: make check
1053 - name: Extracting suricata-verify
1054 run: tar xf prep/suricata-verify.tar.gz
1055 - name: Running suricata-verify
bfac4ff4 1056 run: python3 ./suricata-verify/run.py -q
0ae63e85 1057
3887f8d1
JI		 1058 ubuntu-18-04:
1059 name: Ubuntu 18.04 (Cocci)
1060 runs-on: ubuntu-18.04
b9515671 1061 container: ubuntu:18.04
1f1a7651 1062 needs: [prepare-deps, prepare-cbindgen]
3887f8d1
JI		 1063 steps:
1064
1065 # Cache Rust stuff.
1066 - name: Cache cargo registry
1067 uses: actions/cache@v1
1068 with:
1069 path: ~/.cargo/registry
1070 key: cargo-registry
1071
1072 - name: Install dependencies
1073 run: |
b9515671
JI		 1074 apt update
1075 apt -y install \
acb1ab08 1076 libpcre2-dev \
3887f8d1
JI		 1077 build-essential \
1078 autoconf \
1079 automake \
b9515671
JI		 1080 git \
1081 jq \
3887f8d1
JI		 1082 libtool \
1083 libpcap-dev \
1084 libnet1-dev \
1085 libyaml-0-2 \
1086 libyaml-dev \
1087 libcap-ng-dev \
1088 libcap-ng0 \
1089 libmagic-dev \
1090 libnetfilter-queue-dev \
1091 libnetfilter-queue1 \
1092 libnfnetlink-dev \
1093 libnfnetlink0 \
1094 libhiredis-dev \
1095 libjansson-dev \
1096 libevent-dev \
1097 libevent-pthreads-2.1.6 \
1098 libjansson-dev \
b9515671 1099 libpython2.7 \
3887f8d1 1100 make \
6c7f06b0 1101 mscgen \
3887f8d1 1102 parallel \
b9515671
JI		 1103 python3-yaml \
1104 rustc \
3887f8d1
JI		 1105 software-properties-common \
1106 zlib1g \
9b5ccbe4
PA		 1107 zlib1g-dev \
1108 exuberant-ctags
bcbd8c2a
JI		 1109 - name: Install packages for generating documentation
1110 run: |
1111 DEBIAN_FRONTEND=noninteractive apt -y install \
1112 sphinx-doc \
1113 sphinx-common \
1114 texlive-latex-base \
1115 texlive-fonts-recommended \
1116 texlive-fonts-extra \
1117 texlive-latex-extra
3887f8d1
JI		 1118 - name: Install Coccinelle
1119 run: |
b9515671
JI		 1120 add-apt-repository -y ppa:npalix/coccinelle
1121 apt -y install coccinelle
ced66563
JI		 1122 - uses: actions/checkout@v2
1123 - uses: actions/download-artifact@v2
1124 with:
1125 name: prep
1126 path: prep
1127 - run: tar xf prep/libhtp.tar.gz
1f1a7651
JI		 1128 - name: Setup cbindgen
1129 run: |
1130 mkdir -p $HOME/.cargo/bin
1131 cp prep/cbindgen $HOME/.cargo/bin
1132 chmod 755 $HOME/.cargo/bin/cbindgen
1133 echo "$HOME/.cargo/bin" >> $GITHUB_PATH
3887f8d1 1134 - run: ./autogen.sh
8b38db4a 1135 - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests --enable-coccinelle
3887f8d1 1136 - run: make -j2
9b5ccbe4 1137 - run: make tags
3887f8d1
JI		 1138 - name: Running unit tests and cocci checks
1139 # Set the concurrency level for cocci.
1140 run: CONCURRENCY_LEVEL=2 make check
bcbd8c2a
JI		 1141 - run: make dist
1142 - name: Checking that documentation was built
1143 run: |
1144 test -e doc/devguide/devguide.pdf
1145 test -e doc/userguide/userguide.pdf
1146 test -e doc/userguide/suricata.1
ced66563
JI		 1147 - name: Extracting suricata-verify
1148 run: tar xf prep/suricata-verify.tar.gz
3887f8d1 1149 - name: Running suricata-verify
bfac4ff4 1150 run: python3 ./suricata-verify/run.py -q
3887f8d1 1151
19fe8d98
VJ		 1152 # test build with afl and fuzztargets
1153 ubuntu-18-04-fuzz:
1154 name: Ubuntu 18.04 (Fuzz)
1155 runs-on: ubuntu-18.04
1156 container: ubuntu:18.04
1f1a7651 1157 needs: [prepare-deps, prepare-cbindgen]
19fe8d98
VJ		 1158 steps:
1159
1160 # Cache Rust stuff.
1161 - name: Cache cargo registry
1162 uses: actions/cache@v1
1163 with:
1164 path: ~/.cargo/registry
1165 key: cargo-registry
1166
1167 - name: Install dependencies
1168 run: |
1169 apt update
1170 apt -y install \
1171 afl \
1172 afl-clang \
acb1ab08 1173 libpcre2-dev \
19fe8d98
VJ		 1174 build-essential \
1175 autoconf \
1176 automake \
1177 git \
1178 libtool \
1179 libpcap-dev \
1180 libnet1-dev \
1181 libyaml-0-2 \
1182 libyaml-dev \
1183 libcap-ng-dev \
1184 libcap-ng0 \
1185 libmagic-dev \
1186 libnetfilter-queue-dev \
1187 libnetfilter-queue1 \
1188 libnfnetlink-dev \
1189 libnfnetlink0 \
1190 libhiredis-dev \
1191 libjansson-dev \
1192 libjansson-dev \
1193 libpython2.7 \
1194 make \
1195 rustc \
1196 software-properties-common \
1197 zlib1g \
1198 zlib1g-dev
2ede7361 1199 - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
ced66563
JI		 1200 - uses: actions/checkout@v2
1201 - uses: actions/download-artifact@v2
1202 with:
1203 name: prep
1204 path: prep
1205 - run: tar xf prep/libhtp.tar.gz
1f1a7651
JI		 1206 - name: Setup cbindgen
1207 run: |
1208 mkdir -p $HOME/.cargo/bin
1209 cp prep/cbindgen $HOME/.cargo/bin
1210 chmod 755 $HOME/.cargo/bin/cbindgen
325096a0 1211 echo "$HOME/.cargo/bin" >> $GITHUB_PATH
19fe8d98 1212 - run: ./autogen.sh
325096a0 1213 - run: AFL_HARDEN=1 ac_cv_func_realloc_0_nonnull=yes ac_cv_func_malloc_0_nonnull=yes CFLAGS="-fsanitize=address -fno-omit-frame-pointer" CXXFLAGS=$CFLAGS CC=afl-clang-fast CXX=afl-clang-fast++ LDFLAGS="-fsanitize=address" ./configure --enable-fuzztargets --disable-shared
19fe8d98
VJ		 1214 - run: AFL_HARDEN=1 make -j2
1215
3887f8d1
JI		 1216 # An Ubuntu 16.04 build using the tarball generated in the CentOS 8
1217 # build above.
1218 ubuntu-16-04:
1219 name: Ubuntu 16.04
1220 runs-on: ubuntu-latest
1221 container: ubuntu:16.04
1222 needs: centos-8
1223 steps:
1224 - name: Install dependencies
1225 run: |
1226 apt update
1227 apt -y install \
1228 build-essential \
1229 curl \
1230 libcap-ng-dev \
1231 libcap-ng0 \
1232 libevent-dev \
1233 libhiredis-dev \
1234 libjansson-dev \
1235 libmagic-dev \
1236 libnet1-dev \
1237 libnetfilter-queue-dev \
1238 libnetfilter-queue1 \
1239 libnfnetlink-dev \
1240 libnfnetlink0 \
acb1ab08 1241 libpcre2-dev \
3887f8d1
JI		 1242 libpcap-dev \
1243 libyaml-0-2 \
1244 libyaml-dev \
1245 make \
1246 python3-yaml \
1247 zlib1g \
1248 zlib1g-dev
1249 - name: Install Rust
37eff69a 1250 run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain ${RUST_VERSION_MIN} -y
2ede7361 1251 - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
3887f8d1 1252 - name: Download suricata.tar.gz
ced66563 1253 uses: actions/download-artifact@v2
3887f8d1
JI		 1254 with:
1255 name: dist
3887f8d1 1256 - name: Extract
ced66563 1257 run: tar zxvf suricata-*.tar.gz --strip-components=1
3887f8d1 1258 - name: Configure
8b38db4a 1259 run: CFLAGS="${DEFAULT_CFLAGS}" ./configure
3887f8d1 1260 - name: Build
3887f8d1
JI		 1261 run: make -j2
1262 - name: Testing
3887f8d1 1263 run: make check
ced66563
JI		 1264 - run: make install
1265 - run: make install-conf
1266 - run: make install-rules
3887f8d1
JI		 1267
1268 debian-10:
1269 name: Debian 10
1270 runs-on: ubuntu-latest
1271 container: debian:10
1f1a7651 1272 needs: [prepare-deps, prepare-cbindgen]
3887f8d1
JI		 1273 steps:
1274 # Cache Rust stuff.
1275 - name: Cache cargo registry
1276 uses: actions/cache@v1
1277 with:
1278 path: ~/.cargo/registry
1279 key: cargo-registry
1280
1281 - run: |
1282 apt update
1283 apt -y install \
1284 automake \
1285 autoconf \
1286 build-essential \
1287 ccache \
1288 curl \
1289 git \
1290 gosu \
1291 jq \
acb1ab08 1292 libpcre2-dev \
3887f8d1
JI		 1293 libpcap-dev \
1294 libnet1-dev \
1295 libyaml-0-2 \
1296 libyaml-dev \
1297 libcap-ng-dev \
1298 libcap-ng0 \
1299 libmagic-dev \
1300 libjansson-dev \
3887f8d1
JI		 1301 libgeoip-dev \
1302 liblua5.1-dev \
1303 libhiredis-dev \
1304 libevent-dev \
1305 libtool \
1306 m4 \
1307 make \
18a1fd22 1308 python3-yaml \
3887f8d1 1309 pkg-config \
3887f8d1
JI		 1310 sudo \
1311 zlib1g \
23b1607d
EL		 1312 zlib1g-dev \
1313 clang \
1314 libbpf-dev \
1315 libelf-dev
a9249cb2
VJ		 1316 - name: Install Rust
1317 run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain $RUST_VERSION_KNOWN -y
1318 - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
ced66563
JI		 1319 - uses: actions/checkout@v2
1320 - uses: actions/download-artifact@v2
1321 with:
1322 name: prep
1323 path: prep
1324 - run: tar xf prep/libhtp.tar.gz
1325 - run: tar xf prep/suricata-update.tar.gz
1f1a7651
JI		 1326 - name: Setup cbindgen
1327 run: |
1328 mkdir -p $HOME/.cargo/bin
1329 cp prep/cbindgen $HOME/.cargo/bin
1330 chmod 755 $HOME/.cargo/bin/cbindgen
3887f8d1 1331 - run: ./autogen.sh
23b1607d 1332 - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests --enable-fuzztargets --enable-ebpf --enable-ebpf-build
3887f8d1
JI		 1333 - run: make -j2
1334 - run: make check
ced66563 1335 - run: tar xf prep/suricata-verify.tar.gz
3887f8d1 1336 - name: Running suricata-verify
bfac4ff4 1337 run: python3 ./suricata-verify/run.py -q
3887f8d1
JI		 1338
1339 debian-9:
1340 name: Debian 9
1341 runs-on: ubuntu-latest
1342 container: debian:9
1f1a7651 1343 needs: [prepare-deps, prepare-cbindgen]
3887f8d1
JI		 1344 steps:
1345 - run: |
1346 apt update
1347 apt -y install \
1348 automake \
1349 autoconf \
1350 build-essential \
1351 ccache \
1352 curl \
1353 git-core \
1354 gosu \
1355 jq \
acb1ab08 1356 libpcre2-dev \
3887f8d1
JI		 1357 libpcap-dev \
1358 libnet1-dev \
1359 libyaml-0-2 \
1360 libyaml-dev \
1361 libcap-ng-dev \
1362 libcap-ng0 \
1363 libmagic-dev \
1364 libjansson-dev \
3887f8d1
JI		 1365 libgeoip-dev \
1366 liblua5.1-dev \
1367 libhiredis-dev \
1368 libevent-dev \
1369 libtool \
1370 m4 \
1371 make \
18a1fd22 1372 python3-yaml \
3887f8d1
JI		 1373 pkg-config \
1374 sudo \
1375 zlib1g \
1376 zlib1g-dev
1377 - name: Install Rust
cb963f86 1378 run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain $RUST_VERSION_KNOWN -y
2ede7361 1379 - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
ced66563
JI		 1380 - uses: actions/checkout@v2
1381 - uses: actions/download-artifact@v2
1382 with:
1383 name: prep
1384 path: prep
1385 - run: tar xf prep/libhtp.tar.gz
1386 - run: tar xf prep/suricata-update.tar.gz
1f1a7651
JI		 1387 - name: Setup cbindgen
1388 run: |
1389 mkdir -p $HOME/.cargo/bin
1390 cp prep/cbindgen $HOME/.cargo/bin
1391 chmod 755 $HOME/.cargo/bin/cbindgen
3887f8d1 1392 - run: ./autogen.sh
8b38db4a 1393 - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests
3887f8d1
JI		 1394 - run: make -j2
1395 - run: make check
ced66563 1396 - run: tar xf prep/suricata-verify.tar.gz
3887f8d1 1397 - name: Running suricata-verify
bfac4ff4 1398 run: python3 ./suricata-verify/run.py -q
3887f8d1
JI		 1399
1400 macos-latest:
1401 name: MacOS Latest
8b9721b2
JI		 1402 # use 10.15 for now. Build fails on macos-11 (aka macos-latest)
1403 runs-on: macos-10.15
1f1a7651 1404 needs: [prepare-deps]
3887f8d1
JI		 1405 steps:
1406 # Cache Rust stuff.
1407 - name: Cache cargo registry
1408 uses: actions/cache@v1
1409 with:
1410 path: ~/.cargo/registry
1411 key: cargo-registry
1412 - run: |
1413 brew install \
1414 autoconf \
1415 automake \
1416 curl \
1417 hiredis \
1418 jansson \
1419 jq \
1420 libmagic \
1421 libnet \
1422 libtool \
1423 libyaml \
1424 lua \
3887f8d1 1425 pkg-config \
7904ef82 1426 python \
3887f8d1
JI		 1427 rust \
1428 xz
b573c16d 1429 - name: Install cbindgen
4318c1de 1430 run: cargo install --force --debug --version 0.14.1 cbindgen
2ede7361 1431 - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
7904ef82 1432 - run: pip3 install PyYAML
ced66563
JI		 1433 - uses: actions/checkout@v2
1434 - name: Downloading prep archive
1435 uses: actions/download-artifact@v2
1436 with:
1437 name: prep
1438 path: prep
1439 - run: tar xvf prep/libhtp.tar.gz
3887f8d1 1440 - run: ./autogen.sh
8b38db4a 1441 - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests
3887f8d1
JI		 1442 - run: make -j2
1443 - run: make check
ced66563 1444 - run: tar xf prep/suricata-verify.tar.gz
3887f8d1 1445 - name: Running suricata-verify
bfac4ff4 1446 run: python3 ./suricata-verify/run.py -q
75c0f9bd
VJ		 1447
1448 windows-msys2-mingw64:
1449 name: Windows MSYS2 MINGW64
1450 runs-on: windows-latest
1f1a7651 1451 needs: [prepare-deps]
75c0f9bd
VJ		 1452 defaults:
1453 run:
1454 shell: msys2 {0}
1455 steps:
1456 - uses: actions/checkout@v2
1457 - uses: msys2/setup-msys2@v2
1458 with:
1459 msystem: MINGW64
1460 update: true
1dc98cad 1461 install: git mingw-w64-x86_64-toolchain automake1.16 automake-wrapper autoconf libtool libyaml-devel pcre2-devel jansson-devel make mingw-w64-x86_64-libyaml mingw-w64-x86_64-pcre2 mingw-w64-x86_64-rust mingw-w64-x86_64-jansson unzip p7zip python-setuptools mingw-w64-x86_64-python-yaml mingw-w64-x86_64-jq mingw-w64-x86_64-libxml2
75c0f9bd
VJ		 1462 # hack: install our own cbindgen system wide as we can't get the
1463 # preinstalled one to be picked up by configure
1464 - name: cbindgen
1465 run: cargo install --root /usr --force --debug --version 0.14.1 cbindgen
1466 - uses: actions/checkout@v2
1467 - uses: actions/download-artifact@v2
1468 with:
1469 name: prep
1470 path: prep
1471 - run: tar xf prep/libhtp.tar.gz
1472 - run: tar xf prep/suricata-update.tar.gz
1473 - name: Npcap DLL
1474 run: |
1475 curl -s -O https://nmap.org/npcap/dist/npcap-1.00.exe
1476 7z -y x -o/npcap-bin npcap-1.00.exe
1477 # hack: place dlls in cwd
1478 cp /npcap-bin/*.dll .
1479 - name: Npcap SDK
1480 run: |
1481 curl -s -O https://nmap.org/npcap/dist/npcap-sdk-1.06.zip
1482 unzip npcap-sdk-1.06.zip -d /npcap
1483 cp /npcap/Lib/x64/* /usr/lib/
1484 - run: tar xf prep/suricata-verify.tar.gz
1485 - name: Build
1486 run: |
1487 ./autogen.sh
1488 CFLAGS="-ggdb -Werror" ./configure --enable-unittests --enable-gccprotect --disable-gccmarch-native --disable-shared --with-libpcap-includes=/npcap/Include --with-libpcap-libraries=/npcap/Lib/x64
1489 make -j3
1490 - name: Run
1491 run: |
1492 ./src/suricata --build-info
1493 ./src/suricata -u -l /tmp/
1494 # need cwd in path due to npcap dlls (see above)
bfac4ff4 1495 PATH="$PATH:$(pwd)" python3 ./suricata-verify/run.py -q
Michael's tree of suricata