- run: suricata-update -V
- run: suricatasc -h
- # Fedora 40 build using Clang.
- fedora-40-clang:
- name: Fedora 40 (clang, debug, asan, wshadow, rust-strict, systemd)
- runs-on: ubuntu-latest
- container: fedora:40
- needs: [prepare-deps, prepare-cbindgen]
- steps:
-
- # Cache Rust stuff.
- - name: Cache cargo registry
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57
- with:
- path: ~/.cargo/registry
- key: cargo-registry
-
- - name: Cache RPMs
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57
- with:
- path: /var/cache/dnf
- key: ${{ github.job }}-dnf
- - run: echo "keepcache=1" >> /etc/dnf/dnf.conf
-
- - name: Determine number of CPUs
- run: echo CPUS=$(nproc --all) >> $GITHUB_ENV
-
- - run: |
- dnf -y install \
- autoconf \
- automake \
- cargo \
- cbindgen \
- ccache \
- clang \
- diffutils \
- file-devel \
- gcc \
- gcc-c++ \
- git \
- hiredis-devel \
- jansson-devel \
- jq \
- libasan \
- libtool \
- libyaml-devel \
- libnfnetlink-devel \
- libnetfilter_queue-devel \
- libnet-devel \
- libcap-ng-devel \
- libevent-devel \
- libmaxminddb-devel \
- libpcap-devel \
- libxdp-devel \
- libbpf-devel \
- libtool \
- lz4-devel \
- make \
- pcre2-devel \
- pkgconfig \
- python3-yaml \
- sudo \
- which \
- zlib-devel
- - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- - run: git config --global --add safe.directory /__w/suricata/suricata
- - uses: ./.github/actions/install-cbindgen
- - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806
- with:
- name: prep
- path: prep
- - run: tar xf prep/libhtp.tar.gz
- - run: tar xf prep/suricata-update.tar.gz
- - run: ./autogen.sh
- - run: CC="clang" CFLAGS="$DEFAULT_CFLAGS -Wshadow -fsanitize=address -fno-omit-frame-pointer" ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue
- env:
- LDFLAGS: "-fsanitize=address"
- ac_cv_func_realloc_0_nonnull: "yes"
- ac_cv_func_malloc_0_nonnull: "yes"
- - run: make -j ${{ env.CPUS }}
- - run: ASAN_OPTIONS="detect_leaks=0" ./src/suricata -u -l .
- - name: Extracting suricata-verify
- run: tar xf prep/suricata-verify.tar.gz
- - name: Running suricata-verify
- run: python3 ./suricata-verify/run.py -q --debug-failed
- # Now install and make sure headers and libraries aren't install
- # until requested.
- - run: make install
- - run: test ! -e /usr/local/lib/libsuricata_c.a
- - run: test ! -e /usr/local/include/suricata
- - run: make install-headers
- - run: test -e /usr/local/include/suricata/suricata.h
- - run: make install-library
- - run: test -e /usr/local/lib/libsuricata_c.a
- - run: test -e /usr/local/lib/libsuricata_rust.a
- - run: test -e /usr/local/bin/libsuricata-config
- - run: test ! -e /usr/local/lib/libsuricata.so
- - run: make install
- - run: suricata-update -V
- - run: suricatasc -h
- # Check compilation against systemd
- - run: src/suricata --build-info | grep -E "Systemd support:\s+yes" &> /dev/null
-
- # Fedora 40 build using GCC.
- fedora-40-gcc:
- name: Fedora 40 (gcc, debug, asan, wshadow, rust-strict)
- runs-on: ubuntu-latest
- container: fedora:40
- needs: [prepare-deps, prepare-cbindgen]
- steps:
-
- # Cache Rust stuff.
- - name: Cache cargo registry
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57
- with:
- path: ~/.cargo/registry
- key: cargo-registry
-
- - name: Determine number of CPUs
- run: echo CPUS=$(nproc --all) >> $GITHUB_ENV
-
- - run: |
- dnf -y install \
- autoconf \
- automake \
- cargo \
- cbindgen \
- ccache \
- diffutils \
- file-devel \
- gcc \
- gcc-c++ \
- git \
- hiredis-devel \
- jansson-devel \
- jq \
- libasan \
- libtool \
- libyaml-devel \
- libnfnetlink-devel \
- libnetfilter_queue-devel \
- libnet-devel \
- libcap-ng-devel \
- libevent-devel \
- libmaxminddb-devel \
- libpcap-devel \
- libtool \
- lz4-devel \
- make \
- pcre2-devel \
- pkgconfig \
- python3-yaml \
- sudo \
- which \
- zlib-devel
- - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- - uses: ./.github/actions/install-cbindgen
- - run: git config --global --add safe.directory /__w/suricata/suricata
- - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806
- with:
- name: prep
- path: prep
- - run: tar xf prep/libhtp.tar.gz
- - run: tar xf prep/suricata-update.tar.gz
- - run: ./autogen.sh
- - run: ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue
- env:
- CFLAGS: "${{ env.DEFAULT_CFLAGS }} -Wshadow -fsanitize=address -fno-omit-frame-pointer"
- LDFLAGS: "-fsanitize=address"
- ac_cv_func_realloc_0_nonnull: "yes"
- ac_cv_func_malloc_0_nonnull: "yes"
- - run: make -j ${{ env.CPUS }}
- - run: ASAN_OPTIONS="detect_leaks=0" ./src/suricata -u -l .
- - name: Extracting suricata-verify
- run: tar xf prep/suricata-verify.tar.gz
- - name: Running suricata-verify
- run: python3 ./suricata-verify/run.py -q --debug-failed
- # Now install and make sure headers and libraries aren't install
- # until requested.
- - run: make install
- - run: test ! -e /usr/local/lib/libsuricata_c.a
- - run: test ! -e /usr/local/include/suricata
- - run: make install-headers
- - run: test -e /usr/local/include/suricata/suricata.h
- - run: make install-library
- - run: test -e /usr/local/lib/libsuricata_c.a
- - run: test -e /usr/local/lib/libsuricata_rust.a
- - run: test -e /usr/local/bin/libsuricata-config
- - run: test ! -e /usr/local/lib/libsuricata.so
- - run: make install
- - run: suricata-update -V
- - run: suricatasc -h
-
# This job builds and tests Suricata as a non-root user as some
# issues only show up when not running as root, and by default all
# jobs in GitHub actions are run as root inside the container.
projects / thirdparty / suricata.git / commitdiff
