]> git.ipfire.org Git - thirdparty/pdns.git/blame - tasks.py
projects / thirdparty / pdns.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
dnsdist: Add initial support for TCP/DoT -> DoH
[thirdparty/pdns.git] / tasks.py
CommitLineData
99bb3530
PD		 1from invoke import task
2from invoke.exceptions import Failure, UnexpectedExit
3
7ec6fb65 4import os
99bb3530
PD		 5import sys
6import time
7
8all_build_deps = [
d3cb00f9 9 'ccache',
99bb3530
PD		 10 'libboost-all-dev',
11 'libluajit-5.1-dev',
12 'libsodium-dev',
13 'libssl-dev',
14 'libsystemd-dev',
15 'libtool',
16 'make',
17 'pkg-config',
18 'python3-venv',
19 'systemd',
20]
21git_build_deps = [
22 'autoconf',
23 'automake',
24 'bison',
25 'bzip2',
26 'curl',
27 'flex',
28 'git',
29 'ragel'
30]
31auth_build_deps = [ # FIXME: perhaps we should be stealing these from the debian (Ubuntu) control file
32 'default-libmysqlclient-dev',
33 'libcdb-dev',
34 'libcurl4-openssl-dev',
35 'libgeoip-dev',
36 'libkrb5-dev',
37 'libldap2-dev',
38 'liblmdb-dev',
39 'libmaxminddb-dev',
40 'libp11-kit-dev',
41 'libpq-dev',
42 'libsqlite3-dev',
43 'libyaml-cpp-dev',
44 'libzmq3-dev',
45 'ruby-bundler',
46 'ruby-dev',
47 'sqlite3',
48]
49rec_build_deps = [
50 'libcap-dev',
51 'libfstrm-dev',
52 'libsnmp-dev',
53]
54dnsdist_build_deps = [
55 'libcap-dev',
56 'libcdb-dev',
57 'libedit-dev',
58 'libfstrm-dev',
79e3404d 59 'libgnutls28-dev',
99bb3530
PD		 60 'libh2o-evloop-dev',
61 'liblmdb-dev',
62 'libre2-dev',
63 'libsnmp-dev',
64]
65auth_test_deps = [ # FIXME: we should be generating some of these from shlibdeps in build
66 'authbind',
67 'bc',
68 'bind9utils',
69 'curl',
70 'default-jre-headless',
71 'dnsutils',
72 'gawk',
73 'ldnsutils',
74 'libboost-serialization1.71.0',
75 'libcdb1',
76 'libcurl4',
77 'libgeoip1',
78 'libkrb5-3',
79 'libldap-2.4-2',
80 'liblmdb0',
81 'libluajit-5.1-2',
82 'libmaxminddb0',
83 'libnet-dns-perl',
84 'libp11-kit0',
85 'libpq5',
86 'libsodium23',
87 'libsqlite3-dev',
88 'libssl1.1',
89 'libsystemd0',
90 'libyaml-cpp0.6',
91 'libzmq3-dev',
92 'pdns-recursor',
0e77de07
PD		 93 'ruby-bundler',
94 'ruby-dev',
99bb3530
PD		 95 'socat',
96 'softhsm2',
97 'unbound-host',
98 'unixodbc',
99 'wget'
100]
101
102@task
103def apt_fresh(c):
104 c.sudo('apt-get update')
105 c.sudo('apt-get dist-upgrade')
106
107@task
108def install_clang(c):
109 """
110 install clang-11 and llvm-11
111 """
112 c.sudo('apt-get -qq -y --no-install-recommends install clang-11 llvm-11')
113
114@task
115def install_clang_runtime(c):
116 # this gives us the symbolizer, for symbols in asan/ubsan traces
117 c.sudo('apt-get -qq -y --no-install-recommends install clang-11')
118
119@task
120def install_auth_build_deps(c):
121 c.sudo('apt-get install -qq -y --no-install-recommends ' + ' '.join(all_build_deps + git_build_deps + auth_build_deps))
122
123def setup_authbind(c):
124 c.sudo('touch /etc/authbind/byport/53')
125 c.sudo('chmod 755 /etc/authbind/byport/53')
126
127auth_backend_test_deps = dict(
128 gsqlite3=['sqlite3'],
129 gmysql=['default-libmysqlclient-dev'],
130 gpgsql=['libpq-dev'],
0e77de07
PD		 131 lmdb=[],
132 remote=[]
99bb3530
PD		 133)
134
135@task(help={'backend': 'Backend to install test deps for, e.g. gsqlite3; can be repeated'}, iterable=['backend'], optional=['backend'])
136def install_auth_test_deps(c, backend): # FIXME: rename this, we do way more than apt-get
137 extra=[]
138 for b in backend:
139 extra.extend(auth_backend_test_deps[b])
140 c.sudo('apt-get -y -qq install ' + ' '.join(extra+auth_test_deps))
141
142 c.run('chmod +x /opt/pdns-auth/bin/* /opt/pdns-auth/sbin/*')
143 # c.run('''if [ ! -e $HOME/bin/jdnssec-verifyzone ]; then
144 # wget https://github.com/dblacka/jdnssec-tools/releases/download/0.14/jdnssec-tools-0.14.tar.gz
145 # tar xfz jdnssec-tools-0.14.tar.gz -C $HOME
146 # rm jdnssec-tools-0.14.tar.gz
147 # fi
148 # echo 'export PATH=$HOME/jdnssec-tools-0.14/bin:$PATH' >> $BASH_ENV''') # FIXME: why did this fail with no error?
149 c.run('touch regression-tests/tests/verify-dnssec-zone/allow-missing') # FIXME: can this go?
150 # FIXME we need to start a background recursor here for some tests
151 setup_authbind(c)
152
153@task
154def install_rec_test_deps(c): # FIXME: rename this, we do way more than apt-get
155 c.sudo('apt-get --no-install-recommends install -qq -y authbind python3-venv python3-dev default-libmysqlclient-dev libpq-dev pdns-tools libluajit-5.1-2 \
156 libboost-all-dev \
157 libcap2 \
158 libssl1.1 \
159 libsystemd0 \
160 libsodium23 \
161 libfstrm0 \
162 libsnmp35')
163
164 c.run('chmod +x /opt/pdns-recursor/bin/* /opt/pdns-recursor/sbin/*')
165
166 setup_authbind(c)
167
168@task
169def install_dnsdist_test_deps(c): # FIXME: rename this, we do way more than apt-get
170 c.sudo('apt-get install -qq -y \
171 libluajit-5.1-2 \
172 libboost-all-dev \
173 libcap2 \
174 libcdb1 \
175 libcurl4-openssl-dev \
176 libfstrm0 \
79e3404d 177 libgnutls30 \
99bb3530
PD		 178 libh2o-evloop0.13 \
179 liblmdb0 \
180 libre2-5 \
181 libssl-dev \
182 libsystemd0 \
183 libsodium23 \
184 patch \
185 protobuf-compiler \
186 python3-venv snmpd prometheus')
187 c.run('sed "s/agentxperms 0700 0755 dnsdist/agentxperms 0777 0755/g" regression-tests.dnsdist/snmpd.conf | sudo tee /etc/snmp/snmpd.conf')
188 c.sudo('systemctl restart snmpd')
189 time.sleep(5)
190 c.sudo('chmod 755 /var/agentx')
191
192@task
193def install_rec_build_deps(c):
194 c.sudo('apt-get install -qq -y --no-install-recommends ' + ' '.join(all_build_deps + git_build_deps + rec_build_deps))
195
196@task
197def install_dnsdist_build_deps(c):
198 c.sudo('apt-get install -qq -y --no-install-recommends ' + ' '.join(all_build_deps + git_build_deps + dnsdist_build_deps))
199
200@task
201def ci_autoconf(c):
202 c.run('BUILDER_VERSION=0.0.0-git1 autoreconf -vfi')
203
204@task
205def ci_auth_configure(c):
206 res = c.run('''CFLAGS="-O1 -Werror=vla -Werror=shadow -Wformat=2 -Werror=format-security -Werror=string-plus-int" \
207 CXXFLAGS="-O1 -Werror=vla -Werror=shadow -Wformat=2 -Werror=format-security -Werror=string-plus-int -Wp,-D_GLIBCXX_ASSERTIONS" \
208 ./configure \
209 CC='clang-11' \
210 CXX='clang++-11' \
211 --enable-option-checking=fatal \
9a205757 212 --with-modules='bind geoip gmysql godbc gpgsql gsqlite3 ldap lmdb lua2 pipe remote tinydns' \
99bb3530
PD		 213 --enable-systemd \
214 --enable-tools \
215 --enable-unit-tests \
216 --enable-backend-unit-tests \
217 --enable-fuzz-targets \
218 --enable-experimental-pkcs11 \
219 --enable-remotebackend-zeromq \
220 --with-lmdb=/usr \
221 --with-libsodium \
222 --prefix=/opt/pdns-auth \
223 --enable-ixfrdist \
224 --enable-asan \
225 --enable-ubsan''', warn=True)
226 if res.exited != 0:
227 c.run('cat config.log')
228 raise UnexpectedExit(res)
229@task
230def ci_rec_configure(c):
231 res = c.run(''' CFLAGS="-O1 -Werror=vla -Werror=shadow -Wformat=2 -Werror=format-security -Werror=string-plus-int" \
232 CXXFLAGS="-O1 -Werror=vla -Werror=shadow -Wformat=2 -Werror=format-security -Werror=string-plus-int -Wp,-D_GLIBCXX_ASSERTIONS" \
233 ./configure \
234 CC='clang-11' \
235 CXX='clang++-11' \
236 --enable-option-checking=fatal \
237 --enable-unit-tests \
238 --enable-nod \
239 --enable-systemd \
240 --prefix=/opt/pdns-recursor \
241 --with-libsodium \
242 --with-lua=luajit \
243 --with-libcap \
244 --with-net-snmp \
245 --enable-dns-over-tls \
246 --enable-asan \
247 --enable-ubsan''', warn=True)
248 if res.exited != 0:
249 c.run('cat config.log')
250 raise UnexpectedExit(res)
251
252@task
253def ci_dnsdist_configure(c):
7ec6fb65 254 sanitizers = ' '.join('--enable-'+x for x in os.getenv('SANITIZERS').split('+'))
99bb3530
PD		 255 res = c.run('''CFLAGS="-O1 -Werror=vla -Werror=shadow -Wformat=2 -Werror=format-security -Werror=string-plus-int" \
256 CXXFLAGS="-O1 -Werror=vla -Werror=shadow -Wformat=2 -Werror=format-security -Werror=string-plus-int -Wp,-D_GLIBCXX_ASSERTIONS" \
257 ./configure \
258 CC='clang-11' \
259 CXX='clang++-11' \
260 --enable-option-checking=fatal \
261 --enable-unit-tests \
262 --enable-dnstap \
263 --enable-dnscrypt \
264 --enable-dns-over-tls \
265 --enable-dns-over-https \
266 --enable-systemd \
267 --prefix=/opt/dnsdist \
79e3404d 268 --with-gnutls \
99bb3530
PD		 269 --with-libsodium \
270 --with-lua=luajit \
271 --with-libcap \
7ec6fb65 272 --with-re2 ''' + sanitizers, warn=True)
99bb3530
PD		 273 if res.exited != 0:
274 c.run('cat config.log')
275 raise UnexpectedExit(res)
276
277@task
278def ci_auth_make(c):
279 c.run('make -j8 -k V=1')
280
281@task
282def ci_rec_make(c):
283 c.run('make -j8 -k V=1')
284
285@task
286def ci_dnsdist_make(c):
287 c.run('make -j4 -k V=1')
288
289@task
290def ci_auth_install_remotebackend_ruby_deps(c):
291 with c.cd('modules/remotebackend'):
0e77de07
PD		 292 # c.run('bundle config set path vendor/bundle')
293 c.run('sudo ruby -S bundle install')
99bb3530
PD		 294
295@task
296def ci_auth_run_unit_tests(c):
297 res = c.run('make check', warn=True)
298 if res.exited != 0:
299 c.run('cat pdns/test-suite.log')
300 raise UnexpectedExit(res)
301
302@task
303def ci_rec_run_unit_tests(c):
304 res = c.run('make check', warn=True)
305 if res.exited != 0:
306 c.run('cat test-suite.log')
307 raise UnexpectedExit(res)
308
309@task
310def ci_dnsdist_run_unit_tests(c):
311 res = c.run('make check', warn=True)
312 if res.exited != 0:
313 c.run('cat test-suite.log')
314 raise UnexpectedExit(res)
315
316@task
317def ci_make_install(c):
318 res = c.run('make install') # FIXME: this builds auth docs - again
319
320@task
321def add_auth_repo(c):
322 dist = 'ubuntu' # FIXME take these from the caller?
323 release = 'focal'
324 version = '44'
325
326 c.sudo('apt-get install -qq -y curl gnupg2')
327 if version == 'master':
328 c.sudo('curl -s -o /etc/apt/trusted.gpg.d/pdns-repo.asc https://repo.powerdns.com/CBC8B383-pub.asc')
329 else:
330 c.sudo('curl -s -o /etc/apt/trusted.gpg.d/pdns-repo.asc https://repo.powerdns.com/FD380FBB-pub.asc')
331 c.run(f"echo 'deb [arch=amd64] http://repo.powerdns.com/{dist} {release}-auth-{version} main' | sudo tee /etc/apt/sources.list.d/pdns.list")
332 c.run("echo 'Package: pdns-*' | sudo tee /etc/apt/preferences.d/pdns")
333 c.run("echo 'Pin: origin repo.powerdns.com' | sudo tee -a /etc/apt/preferences.d/pdns")
334 c.run("echo 'Pin-Priority: 600' | sudo tee -a /etc/apt/preferences.d/pdns")
335 c.sudo('apt-get update')
336
337@task
338def test_api(c, product, backend=''):
339 if product == 'recursor':
340 with c.cd('regression-tests.api'):
341 c.run(f'PDNSRECURSOR=/opt/pdns-recursor/sbin/pdns_recursor ./runtests recursor {backend}')
342 elif product == 'auth':
343 with c.cd('regression-tests.api'):
344 c.run(f'PDNSSERVER=/opt/pdns-auth/sbin/pdns_server PDNSUTIL=/opt/pdns-auth/bin/pdnsutil SDIG=/opt/pdns-auth/bin/sdig MYSQL_HOST="127.0.0.1" PGHOST="127.0.0.1" PGPORT="5432" ./runtests authoritative {backend}')
345 else:
346 raise Failure('unknown product')
347
0e77de07
PD		 348backend_regress_tests = dict(
349 remote = ['pipe', 'unix', 'http', 'zeromq', 'pipe-dnssec', 'unix-dnssec', 'http-dnssec', 'zeromq-dnssec']
350)
351
352@task
353def test_auth_backend(c, backend):
354 if backend == 'remote':
355 ci_auth_install_remotebackend_ruby_deps(c)
356
357 with c.cd('regression-tests'):
358 for t in backend_regress_tests[backend]:
359 # FIXME this long line is terrible
360 # FIXME this appends 'backend' but that's only correct for 'remote'
361 c.run(f'PDNS=/opt/pdns-auth/sbin/pdns_server PDNS2=/opt/pdns-auth/sbin/pdns_server SDIG=/opt/pdns-auth/bin/sdig NOTIFY=/opt/pdns-auth/bin/pdns_notify NSEC3DIG=/opt/pdns-auth/bin/nsec3dig SAXFR=/opt/pdns-auth/bin/saxfr ZONE2SQL=/opt/pdns-auth/bin/zone2sql ZONE2LDAP=/opt/pdns-auth/bin/zone2ldap PDNSUTIL=/opt/pdns-auth/bin/pdnsutil PDNSCONTROL=/opt/pdns-auth/bin/pdns_control PDNSSERVER=/opt/pdns-auth/sbin/pdns_server SDIG=/opt/pdns-auth/bin/sdig MYSQL_HOST="127.0.0.1" PGHOST="127.0.0.1" PGPORT="5432" ./start-test-stop 5300 {backend}backend-{t}')
362
99bb3530
PD		 363@task
364def test_dnsdist(c):
365 c.run('chmod +x /opt/dnsdist/bin/*')
366 c.run('ls -ald /var /var/agentx /var/agentx/master')
367 c.run('ls -al /var/agentx/master')
368 with c.cd('regression-tests.dnsdist'):
369 c.run('DNSDISTBIN=/opt/dnsdist/bin/dnsdist ./runtests')
d3cb00f9
PD		 370
371# this is run always
372def setup():
373 if '/usr/lib/ccache' not in os.environ['PATH']:
374 os.environ['PATH']='/usr/lib/ccache:'+os.environ['PATH']
375
376setup()
Unnamed repository; edit this file 'description' to name the repository.