Skip to content
test

🐛 About directives waf_captcha and waf_action. #1718

Sign in to view logs

🐛 About directives waf_captcha and waf_action.

🐛 About directives waf_captcha and waf_action. #1718

Workflow file for this run

.github/workflows/test.yml at 5341ccd
name: test
on:
push:
branches:
pull_request:
schedule:
- cron: '0 0 * * SUN'
workflow_dispatch:
defaults:
run:
shell: bash
jobs:
self-trigger:
runs-on: ubuntu-latest
if: ${{ github.event_name == 'schedule' }}
steps:
- name: Trigger
run: |
curl -H "Authorization: token ${{ secrets.ACCESS_TOKEN }}" \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/ADD-SP/ngx_waf/actions/workflows/${{ github.workflow }}.yml/dispatches \
-d '{"ref":"refs/heads/lts"}'
curl -H "Authorization: token ${{ secrets.ACCESS_TOKEN }}" \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/ADD-SP/ngx_waf/actions/workflows/${{ github.workflow }}.yml/dispatches \
-d '{"ref":"refs/heads/current"}'
native:
runs-on: ubuntu-latest
if: ${{ github.event_name != 'schedule' }}
strategy:
matrix:
nginx-version: ['stable', 'mainline']
module-type: ['static', 'dynamic']
pcre-version: ['pcre', 'pcre2']
thread-opt: [ 'with-threads', 'without-threads' ]
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.ref }}
- uses: actions/setup-python@v2
with:
python-version: '3.x'
architecture: 'x64'
- name: Install dependencies
run: |
sudo apt-get --yes update
sudo apt-get install --yes libsodium23 libsodium-dev build-essential zlib1g-dev libpcre3 libpcre3-dev libssl-dev libxslt1-dev libxml2-dev libgeoip-dev libgd-dev libperl-dev libcurl4-openssl-dev
- name: Download Nginx
run: |
sudo chmod 777 -R /usr/local/src
cd /usr/local/src
sudo pip install lastversion
lastversion download nginx:${{ matrix.nginx-version }}
mkdir nginx
tar zxf nginx-*.tar.gz --directory nginx --strip-components=1
- name: Download PCRE
if: ${{ matrix.pcre-version == 'pcre' || (matrix.pcre-version == 'pcre2' && matrix.nginx-version == 'stable') }}
run: |
sudo chmod 777 -R /usr/local/src
cd /usr/local/src
wget https://cfhcable.dl.sourceforge.net/project/pcre/pcre/8.45/pcre-8.45.tar.gz -O pcre.tar.gz
mkdir pcre
tar zxf pcre.tar.gz --directory pcre --strip-components=1
sudo chmod 777 -R /usr/local/src
- name: Download PCRE2
if: ${{ matrix.pcre-version == 'pcre2' && matrix.nginx-version == 'mainline' }}
run: |
sudo chmod 777 -R /usr/local/src
cd /usr/local/src
wget https://github.com/PhilipHazel/pcre2/releases/download/pcre2-10.39/pcre2-10.39.tar.gz -O pcre.tar.gz
mkdir pcre
tar zxf pcre.tar.gz --directory pcre --strip-components=1
sudo chmod 777 -R /usr/local/src
- name: Download and install modsecurity
run: |
sudo chmod 777 -R /usr/local/src
cd /usr/local/src
git clone https://github.com/SpiderLabs/ModSecurity.git
sudo chmod 777 -R /usr/local/src
cd ModSecurity
./build.sh
git submodule init
git submodule update
./configure --prefix=/usr/local/modsecurity
make -j$(nproc)
sudo make install
- name: Download cjson
run: |
git clone -b v1.7.15 https://github.com/DaveGamble/cJSON.git lib/cjson
- name: Download uthash
run: |
git clone -b v2.3.0 https://github.com/troydhanson/uthash.git lib/uthash
- name: Configure Nginx
run: |
cd /usr/local/src/nginx
if [ ${{ matrix.module-type }} = 'static module' ] ; then \
opt='--add-module=${{ github.workspace }}' ;\
else \
opt='--add-dynamic-module=${{ github.workspace }}' ;\
fi
if [ ${{ matrix.thread-opt }} = 'with-threads' ] ; then \
opt="${opt} --with-threads" ;\
fi
export LIB_MODSECURITY=/usr/local/modsecurity
./configure ${opt} --with-pcre=/usr/local/src/pcre --with-http_realip_module --with-cc-opt='-Wno-unused-but-set-variable -Wno-unused-function -fstack-protector-strong'
- name: Install Nginx
run: |
cd /usr/local/src/nginx
make -j$(nproc)
sudo make install
sudo useradd nginx -s /sbin/nologin -M
sudo chmod 777 -R /usr/local/nginx
sudo ln -s /usr/local/nginx/sbin/nginx /usr/local/bin/nginx
- name: Install Test::Nginx
run: |
sudo cpan Test::Nginx
- name: Test
run: |
sudo chmod 777 -R /tmp
cd test/test-nginx
export MODULE_TEST_PATH=/tmp/module_test
if [ ${{ matrix.thread-opt }} = 'without-threads' ] ; then \
export WITHOUT_THREADS=1 ;\
fi
sh ./init.sh
exec sudo sh start.sh t/*.t
docker:
runs-on: ubuntu-latest
if: ${{ github.event_name != 'schedule' }}
strategy:
matrix:
version: ['stable', 'mainline']
target: ['glibc', 'musl']
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.ref }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Build module
run: docker build --file docker/Dockerfile.${{ matrix.target }} --build-arg=NGX_VER=${{ matrix.version }} .
triger:
runs-on: ubuntu-latest
if: ${{ github.event_name == 'workflow_dispatch' || (github.event_name == 'push' && (github.ref == 'refs/heads/lts' || github.ref == 'refs/heads/current')) }}
needs: ['native', 'docker']
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.ref }}
- uses: actions/setup-python@v2
with:
python-version: '3.x'
- name: Set up lastversion
run: pip3 install lastversion
- name: 'Trigger workflow: docker'
if: ${{ github.ref == 'refs/heads/lts' || github.ref == 'refs/heads/current' }}
run: |
curl -H "Authorization: token ${{ secrets.ACCESS_TOKEN }}" \
-X POST \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/ADD-SP/ngx_waf/actions/workflows/docker.yml/dispatches \
-d "{ \
\"ref\":\"${{ github.ref }}\", \
\"inputs\": { \
\"ngx_stable_version_number\": \"`lastversion https://nginx.org --major stable`\", \
\"ngx_mainline_version_number\": \"`lastversion https://nginx.org --major mainline`\", \
\"module_version_number\": \"`cat assets/version.txt`\" \
} \
}"