- run: suricata-update -V
- run: suricatasc -h
- fedora-36-clang:
- name: Fedora 36 (clang, debug, asan, wshadow, rust-strict, systemd)
- runs-on: ubuntu-latest
- container: fedora:36
- needs: [prepare-deps, prepare-cbindgen]
- steps:
-
- # Cache Rust stuff.
- - name: Cache cargo registry
- uses: actions/cache@v3.3.1
- with:
- path: ~/.cargo
- key: ${{ github.job }}-cargo
-
- - name: Cache RPMs
- uses: actions/cache@v3.3.1
- with:
- path: /var/cache/dnf
- key: ${{ github.job }}-dnf
- - run: echo "keepcache=1" >> /etc/dnf/dnf.conf
-
- - run: |
- dnf -y install \
- autoconf \
- automake \
- cargo \
- ccache \
- clang \
- diffutils \
- file-devel \
- gcc \
- gcc-c++ \
- git \
- hiredis-devel \
- jansson-devel \
- jq \
- lua-devel \
- libasan \
- libtool \
- libyaml-devel \
- libnfnetlink-devel \
- libnetfilter_queue-devel \
- libnet-devel \
- libcap-ng-devel \
- libevent-devel \
- libmaxminddb-devel \
- libpcap-devel \
- libxdp-devel \
- libbpf-devel \
- libtool \
- lz4-devel \
- make \
- nss-softokn-devel \
- pcre2-devel \
- pkgconfig \
- python3-yaml \
- sudo \
- systemd-devel \
- which \
- zlib-devel
- - uses: actions/checkout@v3.5.3
- - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a
- with:
- name: prep
- path: prep
- - run: tar xf prep/libhtp.tar.gz
- - run: tar xf prep/suricata-update.tar.gz
- - name: Setup cbindgen
- run: |
- mkdir -p $HOME/.cargo/bin
- cp prep/cbindgen $HOME/.cargo/bin
- chmod 755 $HOME/.cargo/bin/cbindgen
- echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- - run: ./autogen.sh
- - run: CC="clang" CFLAGS="$DEFAULT_CFLAGS -Wshadow -fsanitize=address -fno-omit-frame-pointer" ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue --enable-lua
- env:
- LDFLAGS: "-fsanitize=address"
- ac_cv_func_realloc_0_nonnull: "yes"
- ac_cv_func_malloc_0_nonnull: "yes"
- - run: make -j2
- - run: ASAN_OPTIONS="detect_leaks=0" ./src/suricata -u -l .
- - name: Extracting suricata-verify
- run: tar xf prep/suricata-verify.tar.gz
- - name: Running suricata-verify
- run: python3 ./suricata-verify/run.py -q
- # Now install and make sure headers and libraries aren't install
- # until requested.
- - run: make install
- - run: test ! -e /usr/local/lib/libsuricata_c.a
- - run: test ! -e /usr/local/include/suricata
- - run: make install-headers
- - run: test -e /usr/local/include/suricata/suricata.h
- - run: make install-library
- - run: test -e /usr/local/lib/libsuricata_c.a
- - run: test -e /usr/local/lib/libsuricata_rust.a
- - run: test -e /usr/local/bin/libsuricata-config
- - run: test ! -e /usr/local/lib/libsuricata.so
- - run: make install
- - run: suricata-update -V
- - run: suricatasc -h
- # Check compilation against systemd
- - run: ldd src/suricata | grep libsystemd &> /dev/null
-
- fedora-36-gcc:
- name: Fedora 36 (gcc, debug, asan, wshadow, rust-strict)
- runs-on: ubuntu-latest
- container: fedora:36
- needs: [prepare-deps, prepare-cbindgen]
- steps:
-
- # Cache Rust stuff.
- - name: Cache cargo registry
- uses: actions/cache@v3.3.1
- with:
- path: ~/.cargo/registry
- key: cargo-registry
-
- - run: |
- dnf -y install \
- autoconf \
- automake \
- cargo \
- ccache \
- diffutils \
- file-devel \
- gcc \
- gcc-c++ \
- git \
- hiredis-devel \
- jansson-devel \
- jq \
- lua-devel \
- libasan \
- libtool \
- libyaml-devel \
- libnfnetlink-devel \
- libnetfilter_queue-devel \
- libnet-devel \
- libcap-ng-devel \
- libevent-devel \
- libmaxminddb-devel \
- libpcap-devel \
- libtool \
- lz4-devel \
- make \
- nss-softokn-devel \
- pcre2-devel \
- pkgconfig \
- python3-yaml \
- sudo \
- which \
- zlib-devel
- - uses: actions/checkout@v3.5.3
- - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a
- with:
- name: prep
- path: prep
- - run: tar xf prep/libhtp.tar.gz
- - run: tar xf prep/suricata-update.tar.gz
- - name: Setup cbindgen
- run: |
- mkdir -p $HOME/.cargo/bin
- cp prep/cbindgen $HOME/.cargo/bin
- chmod 755 $HOME/.cargo/bin/cbindgen
- echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- - run: ./autogen.sh
- - run: ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue
- env:
- CFLAGS: "${{ env.DEFAULT_CFLAGS }} -Wshadow -fsanitize=address -fno-omit-frame-pointer"
- LDFLAGS: "-fsanitize=address"
- ac_cv_func_realloc_0_nonnull: "yes"
- ac_cv_func_malloc_0_nonnull: "yes"
- - run: make -j2
- - run: ASAN_OPTIONS="detect_leaks=0" ./src/suricata -u -l .
- - name: Extracting suricata-verify
- run: tar xf prep/suricata-verify.tar.gz
- - name: Running suricata-verify
- run: python3 ./suricata-verify/run.py -q
- # Now install and make sure headers and libraries aren't install
- # until requested.
- - run: make install
- - run: test ! -e /usr/local/lib/libsuricata_c.a
- - run: test ! -e /usr/local/include/suricata
- - run: make install-headers
- - run: test -e /usr/local/include/suricata/suricata.h
- - run: make install-library
- - run: test -e /usr/local/lib/libsuricata_c.a
- - run: test -e /usr/local/lib/libsuricata_rust.a
- - run: test -e /usr/local/bin/libsuricata-config
- - run: test ! -e /usr/local/lib/libsuricata.so
- - run: make install
- - run: suricata-update -V
- - run: suricatasc -h
-
# This job builds and tests Suricata as a non-root user as some
# issues only show up when not running as root, and by default all
# jobs in GitHub actions are run as root inside the container.
projects / thirdparty / suricata.git / commitdiff
