chore: build deps using Bazel #1714
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: test | |
| on: | |
| pull_request: | |
| schedule: | |
| - cron: '0 0 * * SUN' | |
| workflow_dispatch: | |
| defaults: | |
| run: | |
| shell: bash | |
| # cancel previous runs if new commits are pushed to the PR, but run for each commit on master | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
| cancel-in-progress: true | |
| jobs: | |
| self-trigger: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event_name == 'schedule' }} | |
| steps: | |
| - name: Trigger | |
| run: | | |
| curl -H "Authorization: token ${{ secrets.ACCESS_TOKEN }}" \ | |
| -X POST \ | |
| -H "Accept: application/vnd.github.v3+json" \ | |
| https://api.github.com/repos/ADD-SP/ngx_waf/actions/workflows/${{ github.workflow }}.yml/dispatches \ | |
| -d '{"ref":"refs/heads/lts"}' | |
| curl -H "Authorization: token ${{ secrets.ACCESS_TOKEN }}" \ | |
| -X POST \ | |
| -H "Accept: application/vnd.github.v3+json" \ | |
| https://api.github.com/repos/ADD-SP/ngx_waf/actions/workflows/${{ github.workflow }}.yml/dispatches \ | |
| -d '{"ref":"refs/heads/current"}' | |
| native: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event_name != 'schedule' }} | |
| strategy: | |
| matrix: | |
| nginx-version: ['stable nginx', 'mainline nginx'] | |
| install-type: ['static module', 'dynamic module'] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.ref }} | |
| submodules: true | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.x' | |
| architecture: 'x64' | |
| - name: Install dependencies | |
| run: | | |
| sudo apt-get --yes update | |
| # https://github.com/actions/runner-images/issues/2139 | |
| sudo apt-get remove \ | |
| libgd3 \ | |
| nginx-core \ | |
| nginx-full \ | |
| nginx-light \ | |
| nginx-extras | |
| sudo apt-get install --yes \ | |
| build-essential \ | |
| zlib1g-dev \ | |
| libpcre3 \ | |
| libpcre3-dev \ | |
| libssl-dev \ | |
| libxslt1-dev \ | |
| libxml2-dev \ | |
| libgeoip-dev \ | |
| libgd-dev \ | |
| libperl-dev \ | |
| flex \ | |
| bison \ | |
| autoconf \ | |
| libtool \ | |
| automake | |
| sudo pip install lastversion | |
| - name: Download ${{ matrix.nginx-version }} | |
| run: | | |
| if [ '${{ matrix.nginx-version }}' = 'stable nginx' ] ; then \ | |
| version='stable' ;\ | |
| else \ | |
| version='mainline' ;\ | |
| fi | |
| lastversion download nginx:${version} | |
| mkdir nginx-src | |
| tar zxf nginx-*.tar.gz --directory nginx-src --strip-components=1 | |
| - name: Configure ${{ matrix.install-type }} | |
| run: | | |
| make parser | |
| bazel build --config release --registry=file://$(realpath ngx_waf_deps) //:deps | |
| pushd bazel-bin | |
| tar -zxf deps.tar.gz | |
| echo "$(realpath deps/libinjection/lib)" | sudo tee -a /etc/ld.so.conf.d/ngx_waf.conf | |
| echo "$(realpath deps/libsodium/lib)" | sudo tee -a /etc/ld.so.conf.d/ngx_waf.conf | |
| export LIB_INJECTION=$(realpath deps/libinjection) | |
| export LIB_SODIUM=$(realpath deps/libsodium) | |
| export LIB_UTHASH=$(realpath deps/uthash) | |
| popd | |
| cd nginx-src | |
| if [ '${{ matrix.install-type }}' = 'static module' ] ; then \ | |
| opt='--add-module' ;\ | |
| else \ | |
| opt='--add-dynamic-module' ;\ | |
| fi | |
| ./configure ${opt}=.. --with-cc-opt='-Wno-unused-but-set-variable -Wno-unused-function -fstack-protector-strong -Wno-sign-compare' --with-http_realip_module | |
| - name: Install ${{ matrix.nginx-version }} | |
| run: | | |
| cd nginx-src | |
| make | |
| sudo make install | |
| sudo useradd nginx -s /sbin/nologin -M | |
| sudo chmod 777 -R /usr/local/nginx | |
| sudo ln -s /usr/local/nginx/sbin/nginx /usr/local/bin/nginx | |
| - name: Install Test::Nginx | |
| run: | | |
| sudo cpan Test::Nginx | |
| - name: Test | |
| run: | | |
| sudo chmod 777 -R /tmp | |
| cd test/test-nginx | |
| export MODULE_TEST_PATH=/tmp/module_test | |
| sh ./init.sh | |
| exec sudo sh start.sh t/*.t | |
| docker: | |
| runs-on: ubuntu-latest | |
| if: false | |
| strategy: | |
| matrix: | |
| version: ['stable', 'mainline'] | |
| target: ['glibc', 'musl'] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.ref }} | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build module | |
| run: docker build --file docker/Dockerfile.${{ matrix.target }} --build-arg=VERSION=${{ matrix.version }} . | |
| triger: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event_name == 'workflow_dispatch' || (github.event_name == 'push' && (github.ref == 'refs/heads/lts' || github.ref == 'refs/heads/current')) }} | |
| needs: ['native', 'docker'] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.ref }} | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.x' | |
| - name: Set up lastversion | |
| run: pip3 install lastversion | |
| - name: 'Trigger workflow: docker' | |
| if: ${{ github.ref == 'refs/heads/lts' || github.ref == 'refs/heads/current' }} | |
| run: | | |
| curl -H "Authorization: token ${{ secrets.ACCESS_TOKEN }}" \ | |
| -X POST \ | |
| -H "Accept: application/vnd.github.v3+json" \ | |
| https://api.github.com/repos/ADD-SP/ngx_waf/actions/workflows/docker.yml/dispatches \ | |
| -d "{ \ | |
| \"ref\":\"${{ github.ref }}\", \ | |
| \"inputs\": { \ | |
| \"ngx_stable_version_number\": \"`lastversion https://nginx.org --major stable`\", \ | |
| \"ngx_mainline_version_number\": \"`lastversion https://nginx.org --major mainline`\", \ | |
| \"module_version_number\": \"`cat assets/version.txt`\" \ | |
| } \ | |
| }" |