github-actions: add dpdk ids live test script

diff --git a/.github/workflows/builds.yml b/.github/workflows/builds.yml
index 1fe713eac86ca014b9ec33ab2ca24e04a6d32594..aace4cf5330da44f6e9ff94e60f3f12709d2bbbc 100644 (file)
--- a/.github/workflows/builds.yml
+++ b/.github/workflows/builds.yml
@@ -1648,23 +1648,15 @@ jobs:
           CXX: "clang++-14"
           RUSTFLAGS: "-C instrument-coverage"
       # IDS config
-      - run: rm -f ./eve.json
       - run: |
-          timeout --kill-after=30 --preserve-status 10 \
-            ./src/suricata -c .github/workflows/dpdk/suricata-null-ids.yaml -S /dev/null -l ./ --dpdk -vvvv
+          ./.github/workflows/live/dpdk.sh ".github/workflows/dpdk/suricata-null-ids.yaml"
         env:
           LLVM_PROFILE_FILE: "/tmp/dpdk-ids.profraw"
-      - run: |
-          test $(jq -c 'select(.event_type == "stats")' ./eve.json | tail -n1 | jq '.stats.capture.packets > 0')  = true
       # IPS config
-      - run: rm -f ./eve.json
       - run: |
-          timeout --kill-after=30 --preserve-status 10 \
-            ./src/suricata -c .github/workflows/dpdk/suricata-null-ips.yaml -S /dev/null -l ./ --dpdk -vvvv
+          ./.github/workflows/live/dpdk.sh ".github/workflows/dpdk/suricata-null-ips.yaml"
         env:
           LLVM_PROFILE_FILE: "/tmp/dpdk-ips.profraw"
-      - run: |
-          test $(jq -c 'select(.event_type == "stats")' ./eve.json | tail -n1 | jq '.stats.capture.packets > 0')  = true
       # AF_PACKET tests
       - run: |
           ./.github/workflows/live/afp-ids.sh "2" "autofp"

diff --git a/.github/workflows/live/dpdk.sh b/.github/workflows/live/dpdk.sh
new file mode 100755 (executable)
index 0000000..fab36cb
--- /dev/null
+++ b/.github/workflows/live/dpdk.sh
@@ -0,0 +1,66 @@
+#!/bin/bash
+
+# Script to test live IDS capabilities for DPDK using DPDK's null interface.
+# Connects over unix socket. Issues a reload. Then shuts suricata down.
+
+#set -e
+set -x
+
+if [ $# -ne "1" ]; then
+    echo "ERROR call with 1 args: path to yaml to use"
+    exit 1;
+fi
+
+YAML=$1
+
+# dump some info
+uname -a
+
+# remove eve.json from previous run
+if [ -f eve.json ]; then
+    rm eve.json
+fi
+
+RES=0
+
+# set first rule file
+cp .github/workflows/live/icmp.rules suricata.rules
+
+# Start Suricata, SIGINT after 120 secords. Will close it earlier through
+# the unix socket.
+timeout --kill-after=240 --preserve-status 120 \
+    ./src/suricata -c $YAML -l ./ --dpdk -v --set default-rule-path=. &
+SURIPID=$!
+
+sleep 15
+
+# check stats and alerts
+STATSCHECK=$(jq -c 'select(.event_type == "stats")' ./eve.json | tail -n1 | jq '.stats.capture.packets > 0')
+if [ $STATSCHECK = false ]; then
+    echo "ERROR no packets captured"
+    RES=1
+fi
+
+echo "SURIPID $SURIPID"
+
+# set second rule file for the reload
+cp .github/workflows/live/icmp2.rules suricata.rules
+
+# trigger the reload
+export PYTHONPATH=python/
+python3 python/bin/suricatasc -c "reload-rules" /var/run/suricata/suricata-command.socket
+
+sleep 15
+
+# check stats and alerts
+STATSCHECK=$(jq -c 'select(.event_type == "stats")' ./eve.json | tail -n1 | jq '.stats.capture.packets > 0')
+if [ $STATSCHECK = false ]; then
+    echo "ERROR no packets captured"
+    RES=1
+fi
+
+python3 python/bin/suricatasc -c "shutdown" /var/run/suricata/suricata-command.socket
+wait $SURIPID
+
+echo "done: $RES"
+exit $RES