Skip to content

next/72/20230707/v1 #9168

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
victorjulien merged 5 commits into from
Jul 7, 2023
Merged

next/72/20230707/v1 #9168

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
4f4651e
output/file: http2 metdata is logged in http object
catenacyber Jun 16, 2023
b6f8f5e
doc/http: use "sticky buffer" where applicable
inashivb Jun 30, 2023
401d895
configure: set minimum rust version to 1.63.0
jasonish Jul 6, 2023
84674f4
github-ci: update rust versions
jasonish Jul 6, 2023
4ccc9ae
github-ci: remove fedora 36 builds
jasonish Jul 6, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
289 changes: 91 additions & 198 deletions .github/workflows/builds.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,10 +26,10 @@ env:
# A recent version of stable Rust that is known to pass build, test and other
# verification steps in this workflow. This was added because using "stable"
# could cause some steps to fail.
RUST_VERSION_KNOWN: "1.62.0"
RUST_VERSION_KNOWN: "1.70.0"

# The minimum version of Rust supported.
RUST_VERSION_MIN: "1.58.1"
RUST_VERSION_MIN: "1.63.0"

jobs:

Expand Down Expand Up @@ -1242,200 +1242,6 @@ jobs:
- run: suricata-update -V
- run: suricatasc -h

fedora-36-clang:
name: Fedora 36 (clang, debug, asan, wshadow, rust-strict, systemd)
runs-on: ubuntu-latest
container: fedora:36
needs: [prepare-deps, prepare-cbindgen]
steps:

# Cache Rust stuff.
- name: Cache cargo registry
uses: actions/cache@v3.3.1
with:
path: ~/.cargo
key: ${{ github.job }}-cargo

- name: Cache RPMs
uses: actions/cache@v3.3.1
with:
path: /var/cache/dnf
key: ${{ github.job }}-dnf
- run: echo "keepcache=1" >> /etc/dnf/dnf.conf

- run: |
dnf -y install \
autoconf \
automake \
cargo \
ccache \
clang \
diffutils \
file-devel \
gcc \
gcc-c++ \
git \
hiredis-devel \
jansson-devel \
jq \
lua-devel \
libasan \
libtool \
libyaml-devel \
libnfnetlink-devel \
libnetfilter_queue-devel \
libnet-devel \
libcap-ng-devel \
libevent-devel \
libmaxminddb-devel \
libpcap-devel \
libxdp-devel \
libbpf-devel \
libtool \
lz4-devel \
make \
nss-softokn-devel \
pcre2-devel \
pkgconfig \
python3-yaml \
sudo \
systemd-devel \
which \
zlib-devel
- uses: actions/checkout@v3.5.3
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a
with:
name: prep
path: prep
- run: tar xf prep/libhtp.tar.gz
- run: tar xf prep/suricata-update.tar.gz
- name: Setup cbindgen
run: |
mkdir -p $HOME/.cargo/bin
cp prep/cbindgen $HOME/.cargo/bin
chmod 755 $HOME/.cargo/bin/cbindgen
echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- run: ./autogen.sh
- run: CC="clang" CFLAGS="$DEFAULT_CFLAGS -Wshadow -fsanitize=address -fno-omit-frame-pointer" ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue --enable-lua
env:
LDFLAGS: "-fsanitize=address"
ac_cv_func_realloc_0_nonnull: "yes"
ac_cv_func_malloc_0_nonnull: "yes"
- run: make -j2
- run: ASAN_OPTIONS="detect_leaks=0" ./src/suricata -u -l .
- name: Extracting suricata-verify
run: tar xf prep/suricata-verify.tar.gz
- name: Running suricata-verify
run: python3 ./suricata-verify/run.py -q
# Now install and make sure headers and libraries aren't install
# until requested.
- run: make install
- run: test ! -e /usr/local/lib/libsuricata_c.a
- run: test ! -e /usr/local/include/suricata
- run: make install-headers
- run: test -e /usr/local/include/suricata/suricata.h
- run: make install-library
- run: test -e /usr/local/lib/libsuricata_c.a
- run: test -e /usr/local/lib/libsuricata_rust.a
- run: test -e /usr/local/bin/libsuricata-config
- run: test ! -e /usr/local/lib/libsuricata.so
- run: make install
- run: suricata-update -V
- run: suricatasc -h
# Check compilation against systemd
- run: ldd src/suricata | grep libsystemd &> /dev/null

fedora-36-gcc:
name: Fedora 36 (gcc, debug, asan, wshadow, rust-strict)
runs-on: ubuntu-latest
container: fedora:36
needs: [prepare-deps, prepare-cbindgen]
steps:

# Cache Rust stuff.
- name: Cache cargo registry
uses: actions/cache@v3.3.1
with:
path: ~/.cargo/registry
key: cargo-registry

- run: |
dnf -y install \
autoconf \
automake \
cargo \
ccache \
diffutils \
file-devel \
gcc \
gcc-c++ \
git \
hiredis-devel \
jansson-devel \
jq \
lua-devel \
libasan \
libtool \
libyaml-devel \
libnfnetlink-devel \
libnetfilter_queue-devel \
libnet-devel \
libcap-ng-devel \
libevent-devel \
libmaxminddb-devel \
libpcap-devel \
libtool \
lz4-devel \
make \
nss-softokn-devel \
pcre2-devel \
pkgconfig \
python3-yaml \
sudo \
which \
zlib-devel
- uses: actions/checkout@v3.5.3
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a
with:
name: prep
path: prep
- run: tar xf prep/libhtp.tar.gz
- run: tar xf prep/suricata-update.tar.gz
- name: Setup cbindgen
run: |
mkdir -p $HOME/.cargo/bin
cp prep/cbindgen $HOME/.cargo/bin
chmod 755 $HOME/.cargo/bin/cbindgen
echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- run: ./autogen.sh
- run: ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue
env:
CFLAGS: "${{ env.DEFAULT_CFLAGS }} -Wshadow -fsanitize=address -fno-omit-frame-pointer"
LDFLAGS: "-fsanitize=address"
ac_cv_func_realloc_0_nonnull: "yes"
ac_cv_func_malloc_0_nonnull: "yes"
- run: make -j2
- run: ASAN_OPTIONS="detect_leaks=0" ./src/suricata -u -l .
- name: Extracting suricata-verify
run: tar xf prep/suricata-verify.tar.gz
- name: Running suricata-verify
run: python3 ./suricata-verify/run.py -q
# Now install and make sure headers and libraries aren't install
# until requested.
- run: make install
- run: test ! -e /usr/local/lib/libsuricata_c.a
- run: test ! -e /usr/local/include/suricata
- run: make install-headers
- run: test -e /usr/local/include/suricata/suricata.h
- run: make install-library
- run: test -e /usr/local/lib/libsuricata_c.a
- run: test -e /usr/local/lib/libsuricata_rust.a
- run: test -e /usr/local/bin/libsuricata-config
- run: test ! -e /usr/local/lib/libsuricata.so
- run: make install
- run: suricata-update -V
- run: suricatasc -h

# This job builds and tests Suricata as a non-root user as some
# issues only show up when not running as root, and by default all
# jobs in GitHub actions are run as root inside the container.
Expand Down Expand Up @@ -1896,7 +1702,7 @@ jobs:
name: Ubuntu 20.04 (unsupported rust)
runs-on: ubuntu-latest
container: ubuntu:20.04
needs: almalinux-8
needs: debian-12-dist
steps:
- name: Cache ~/.cargo
uses: actions/cache@v3.3.1
Expand Down Expand Up @@ -1935,7 +1741,7 @@ jobs:
zlib1g \
zlib1g-dev \
dpdk-dev
- run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain 1.33.0 -y
- run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain 1.62.0 -y
- run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- name: Download suricata.tar.gz
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a
Expand Down Expand Up @@ -2538,6 +2344,93 @@ jobs:
name: dist
path: dist

debian-12-msrv:
name: Debian 12 MSRV
runs-on: ubuntu-latest
container: debian:12
needs: [prepare-deps, prepare-cbindgen]
steps:
# Cache Rust stuff.
- name: Cache cargo registry
uses: actions/cache@v3.3.1
with:
path: ~/.cargo
key: ${{ github.job }}-cargo

- run: apt update
- run: |
apt -y install \
autoconf \
automake \
build-essential \
cmake \
curl \
dpdk-dev \
git \
jq \
make \
libpcre3 \
libpcre3-dbg \
libpcre3-dev \
libpcre2-dev \
libtool \
libpcap-dev \
libnet1-dev \
libyaml-0-2 \
libyaml-dev \
libcap-ng-dev \
libcap-ng0 \
libmagic-dev \
libmaxminddb-dev \
libjansson-dev \
libjansson4 \
liblua5.1-dev \
libnss3-dev \
libnspr4-dev \
libnuma-dev \
liblz4-dev \
libssl-dev \
liblzma-dev \
pkg-config \
python3 \
python3-yaml \
sphinx-doc \
sphinx-common \
texlive-latex-base \
texlive-fonts-recommended \
texlive-fonts-extra \
texlive-latex-extra \
zlib1g \
zlib1g-dev
- name: Install Rust
run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain ${RUST_VERSION_MIN} -y
- run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- uses: actions/checkout@v3.5.3
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a
with:
name: prep
path: prep
- name: Setup cbindgen
run: |
mkdir -p $HOME/.cargo/bin
cp prep/cbindgen $HOME/.cargo/bin
chmod 755 $HOME/.cargo/bin/cbindgen
- run: tar xf prep/libhtp.tar.gz
- run: tar xf prep/suricata-update.tar.gz
- run: tar xf prep/suricata-verify.tar.gz
- run: ./autogen.sh
- run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests --enable-debug --enable-lua --enable-geoip --enable-profiling --enable-profiling-locks --enable-dpdk
- run: make -j2
- run: make check
- name: Building Rust documentation
run: make doc
working-directory: rust
- name: Running suricata-verify
run: python3 ./suricata-verify/run.py -q
- run: make install
- run: suricata-update -V
- run: suricatasc -h

debian-11:
name: Debian 11 (xdp)
runs-on: ubuntu-latest
Expand Down
2 changes: 1 addition & 1 deletion configure.ac
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2277,7 +2277,7 @@ fi
cargo_version_output=$($CARGO --version)
cargo_version=$(echo "$cargo_version_output" | sed 's/^.*[[^0-9]]\([[0-9]]*\.[[0-9]]*\.[[0-9]]*\).*$/\1/')

MIN_RUSTC_VERSION="1.58.1" # MSRV
MIN_RUSTC_VERSION="1.63.0" # MSRV
AC_MSG_CHECKING(for Rust version $MIN_RUSTC_VERSION or newer)
AS_VERSION_COMPARE([$rustc_version], [$MIN_RUSTC_VERSION],
[
Expand Down
Loading