285113a1e5
github-actions: bump actions/checkout from 4.2.0 to 4.2.1
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](d632683dd7...eef61447b9
11 months ago
9e0151cce5
github-actions: bump github/codeql-action from 3.26.10 to 3.26.12
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.10 to 3.26.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v3.26.10...v3.26.12 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
11 months ago
4ad45fc8d0
github-actions: bump actions/upload-artifact from 4.4.0 to 4.4.3
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.4.0 to 4.4.3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](50769540e7...b4b15b8c7c
11 months ago
97d525d18d
github-action: share cargo registry cache
11 months ago
d574d88bca
github-action: share cargo cache for windows jobs
11 months ago
9b6a1355ac
github-actions: cache netmap checkout
...
To avoid build failures due to rate limiting, cache the netmap checkout.
Explicitly restore and save to avoid the checkout action cleaning the
checkout up before it can be stored in the cache.
11 months ago
09d604f7c3
github-ci: install prepared cbindgen on rpm distros
...
Currently cbindgen from system packages is broken, for now use the
cbindgen artifact we build.
11 months ago
a5e13d0dee
github-ci: break out cbindgen installation to action
11 months ago
2b16369071
github-ci: run macos python jobs in virtualenv
...
With the latest brew changes, a virtualenv is required to install
pyyaml.
12 months ago
75b760b450
github-ci: add rpm build job
...
Build RPMs for Fedora 40 and EPEL 9 (using AlmaLinux).
12 months ago
9816a795dd
github-ci: cache deb packages on Ubuntu dist builder
...
Should speed up setup a little.
12 months ago
06dd6bacb0
github-actions: bump actions/checkout from 4.1.7 to 4.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](692973e3d9...d632683dd7
12 months ago
0ffd33ab92
github-actions: bump codecov/codecov-action from 4.5.0 to 4.6.0
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](e28ff129e5...b9fd7d16f6
12 months ago
908ff2faa3
github-actions: bump github/codeql-action from 3.26.6 to 3.26.10
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.26.6 to 3.26.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v3.26.6...v3.26.10 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
12 months ago
b3bd57246f
ci: mov from cifuzz to clusterfuzzlite
...
To better support main7 CI fuzzing
Ticket: 7253
1 year ago
0037f1e0f4
github-actions: bump github/codeql-action from 3.25.15 to 3.26.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.15 to 3.26.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v3.25.15...v3.26.6 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
aef10c735c
github-actions: bump actions/upload-artifact from 4.3.4 to 4.4.0
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.4 to 4.4.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](0b2256b8c0...50769540e7
1 year ago
cdcb395142
examples: add custom logging plugin
...
Add an example custom logger that hooks into the low level packet and
flow logging callbacks.
Ticket: #7227
1 year ago
629873c2bc
datasets: test unix socket ipv6 operations
...
Ticket: 6969
1 year ago
6d8fbf364a
github-actions: bump ossf/scorecard-action from 2.3.3 to 2.4.0
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.3.3 to 2.4.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](dc50aa9510...62b2cac7ed
1 year ago
9436631f33
github-actions: bump github/codeql-action from 3.25.11 to 3.25.15
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.11 to 3.25.15.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v3.25.11...v3.25.15 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
e480938724
github-actions: switch dist builders to ubuntu 22.04
...
Part of bumping MSRV.
22.04 is the first Ubuntu release to ship a new enough Sphinx.
1 year ago
f94988d050
github-actions: update for MSRV 1.67.1
1 year ago
6d5022cd1e
github-ci: pf-ring build
1 year ago
a28666db4e
github-actions: bump actions/download-artifact from 4.1.4 to 4.1.8
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 4.1.4 to 4.1.8.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](https://github.com/actions/download-artifact/compare/v4.1.4...fa0a91b85d4f404e444e00e005971372dc801d16 )
---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
e83a1cf34c
github-actions: bump actions/upload-artifact from 4.3.3 to 4.3.4
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.3 to 4.3.4.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](65462800fd...0b2256b8c0
1 year ago
efbf627dbd
github-actions: bump actions/checkout from 3.6.0 to 4.1.7
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.6.0 to 4.1.7.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3.6.0...692973e3d937129bcbf40652eb9f2f61becf3332 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
5530fd34b8
github-ci: add non-bundled libhtp build
1 year ago
a0cb7b21f4
github-ci/builds: don't run if only doc changes
...
A new workflow, "docs" has been created for only doc changes.
Factor out prepare-deps into a reusable action.
1 year ago
653e702aa7
github-actions: bump github/codeql-action from 3.25.7 to 3.25.11
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.7 to 3.25.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v3.25.7...v3.25.11 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
54b63f896d
github-actions: bump codecov/codecov-action from 4.4.1 to 4.5.0
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.4.1 to 4.5.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](125fc84a9a...e28ff129e5
1 year ago
6767694b39
github-actions: remove centos:7 build due to EOL
1 year ago
6256391408
github-ci: run cargo update test on pull requests
...
Previously it was run once a week, hiding some issues until
Monday's. Instead run on pull requests, but still not every push.
1 year ago
cd7c35eb5a
github-ci: add minimal build for Ubuntu and AlmaLinux
1 year ago
6d663ec885
github-ci: remove gosu from installed packages
1 year ago
130d75f025
github-action: remove end of life CentOS 8 stream
1 year ago
4040ae10d1
github-actions: bump codecov/codecov-action from 4.1.1 to 4.4.1
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.1.1 to 4.4.1.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/codecov/codecov-action/compare/v4.1.1...125fc84a9a348dbcf27191600683ec096ec9021c )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
1c5661673f
github-actions: bump ossf/scorecard-action from 2.3.1 to 2.3.3
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.3.1 to 2.3.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](0864cf1902...dc50aa9510
1 year ago
0b4652f4cc
github-actions: bump github/codeql-action from 3.25.3 to 3.25.7
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.3 to 3.25.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v3.25.3...v3.25.7 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
daa6f6f7f3
github-ci: re-add --disable-lua to commit check
...
This is required for some older versions in the pull request to build
as the commits change some compile time options with respect to Lua.
1 year ago
7897043144
github-ci/scan-build: exclude rust (lua)
...
The vendored Lua code triggers some scan-build failures, so exclude
the rust/ directory for now. Might want to look at these separately
though.
1 year ago
4788d684da
github-ci: test make after clean without cbindgen
...
Modify the CentOS 9 Stream build to not have cbdingen available, as
its already building from the dist. But add a "make clean" followed
by a "make" to test that it still builds after a clean.
1 year ago
2e440169d6
lua: remove lua as a compile time feature
...
Its always built-in. However, can be disabled at runtime.
1 year ago
bc011f2205
lua: use rust crate to vendor (bundle) lua
...
Remove lua-dev(el) from all CI tests.
1 year ago
d5c6c3a21c
lua: build lua by default
...
Ticket: #4776
[Edits by Jason Ish]
- Add Lua in CI where needed
- Disable Lua for builds that don't have Lua 5.4
1 year ago
586c92d9d5
lua: require lua 5.4
...
github-ci: Disable lua on debian 10 as it doesn't have Lua 5.4.
Ticket: #4776
1 year ago
e0411878fc
github-actions: bump scan-build to Ubuntu 24.04 / clang 18
1 year ago
ce9bfba76a
ci: fix and test with Wunused-macros
...
Ticket: 6937
1 year ago
d401082bba
github-actions: set bpf to icmp for af-packet
1 year ago
1240bdd914
github-actions: add pcap live test script and jobs
...
Asan and coverage jobs.
1 year ago
27b6a31a0c
github-actions: unix pcap coverage run
...
To increase code coverage.
1 year ago
ea95aac022
github-actions: add unix socket runmode script and job
...
Runs with ASAN.
1 year ago
40b87bfd04
github-actions: add ASAN enabled Ubuntu 24.04 build of live tests
1 year ago
4c33e64d56
github-actions: make sure unix socket is created in dpdk tests
1 year ago
8e320449f6
github-actions: expand af-packet live test with more unix commands
1 year ago
1297d96592
github-actions: bump actions/upload-artifact from 4.3.1 to 4.3.3
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.1 to 4.3.3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](5d5d22a312...65462800fd
1 year ago
f14a4a1bf8
github-actions: bump github/codeql-action from 3.24.9 to 3.25.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.9 to 3.25.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v3.24.9...v3.25.3 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
b9fbc5749d
github-actions: bump actions/download-artifact from 4.1.4 to 4.1.7
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 4.1.4 to 4.1.7.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](c850b930e6...65a9edc588
1 year ago
76314cc00e
github-actions: bump codecov/codecov-action from 4.1.1 to 4.3.1
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.1.1 to 4.3.1.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](c16abc29c9...5ecb98a3c6
1 year ago
2b80689ee4
github-actions: convert dpdk tests to use script
1 year ago
6edf05cdaa
github-actions: add dpdk ids live test script
1 year ago
ed9ad0048d
github-ci: add af-packet and dpdk codecov builds
...
Adds live tests for DPDK and AF_PACKET, with support for code coverage.
1 year ago
4fedba1140
github-ci: remove cocci from fedora 39 build
...
Cocci on Fedora 39+ gets stuck for some reason. Cocci has been moved
to a new Ubuntu 24.04 build.
1 year ago
1c2402f5e7
github-ci: add ubuntu 24.04 build with cocci
...
Rather basic 24.04 build for now, but use Cocci as Cocci is working
properly here, but not working in the latest Fedora releases.
1 year ago
47a1502dbb
ci: fix macos build
...
use brew instead of pip
limit the number of jobs for make
set a prefix where we can install
use brew flags for library finding
1 year ago
480955b1f8
github-ci: update fedora builds
...
f39 -> f40
f38 -> f39
1 year ago
3a27cfd7be
dpdk: increase timeout for DPDK test runs
1 year ago
365a66ac1c
ci: clean some disk space to run CIFuzz again
1 year ago
e54084fa87
dpdk: implement DPDK SW tests
...
Implement Github CI tests to run DPDK Suri with the minimal
configuration to verify that Suricata can start in both IDS
and IPS configuration.
1 year ago
78313100a4
ci: bump up the DPDK versions
1 year ago
34f53f85bc
systemd: reimplement sd_notify logic using UNIX socket
...
One of the lessons of the XZ backdoor story was that just linking to
libsystemd to call sd_notify is discouraged by the systemd project:
Lennart Poettering:
"PSA: In context of the xzpocalypse we now added an example reimplementation
of sd_notify() to our man page:
https://www.freedesktop.org/software/systemd/man/devel/sd_notify.html#Notes
It's pretty comprehensive (i.e. uses it for reload notification too), but
still relatively short.
In the past, I have been telling anyone who wanted to listen that if all you
want is sd_notify() then don't bother linking to libsystemd, since the
protocol is stable and should be considered the API, not our C wrapper
around it. After all, the protocol is so trivial"
From: https://mastodon.social/@pid_eins/112202687764571433
This commit takes the example code and uses it to reimplement the notify
logic.
The code is enabled if Linux is detected in configure. Since the code
won't do anything if the NOTIFY_SOCKET env var isn't set, this should
also work fine on systems w/o systemd.
Ticket: #6913 .
1 year ago
d310d00eb0
github-actions: bump github/codeql-action from 3.24.6 to 3.24.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.6 to 3.24.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v3.24.6...v3.24.9 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 year ago
6035a8a2b6
github-ci: set checkout directory as safe before running git commands
...
While the checkout job appears to do this, it is done with a different
version of git which seems to be the cause for it not having an effect
when doing manual git operations from within a job.
Also removes duplicate checkout statements in Windows builds.
1 year ago
23463b9814
github-actions: bump codecov/codecov-action from 4.1.0 to 4.1.1
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](54bcd8715e...c16abc29c9
1 year ago
a2c817243f
rust: add MSRV as rust-version
...
Update github-actions to use it for the MSRV check.
2 years ago
632e52ca2b
ci: update ubuntu22.04 builds with clang14+asan
...
using a workround about ASLR
2 years ago
c6c1eac301
github-actions: bump actions/download-artifact from 4.1.3 to 4.1.4
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](87c55149d9...c850b930e6
2 years ago
f1b0f7c46b
github-actions: bump github/codeql-action from 3.24.5 to 3.24.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.5 to 3.24.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v3.24.5...v3.24.6 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
0dc3de332a
examples: minimal example capture plugin for ci
...
Create a mininal capture plugin that injects one packet. While it can
also be a template, we should be able to run this in CI to test the
loading and registration of the capture plugin mechanisms.
2 years ago
c283e8565a
github-actions: bump codecov/codecov-action from 4.0.1 to 4.1.0
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.0.1 to 4.1.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](e0b68c6749...54bcd8715e
2 years ago
13da6498b5
github-actions: bump actions/download-artifact from 4.1.2 to 4.1.3
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 4.1.2 to 4.1.3.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](eaceaf801f...87c55149d9
2 years ago
07ec8b202e
github-actions: bump github/codeql-action from 3.24.3 to 3.24.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.3 to 3.24.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v3.24.3...v3.24.5 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
92980a11a3
github-actions: bump github/codeql-action from 3.24.1 to 3.24.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.1 to 3.24.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v3.24.1...v3.24.3 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
2421b024f2
examples: program linking against library
...
Provide an example of an extremely simple application that links
against Suricata. This provides a Makefile integrated with the
Suricata build system for in-tree building, as well as an example
Makefile for building out of tree.
Currently this application just wraps SuricataMain and does nothing
else.
2 years ago
6d792f017b
examples/plugin: simplify Makefile
...
Simplify the Makefile by avoiding automake and providing our own
Makefile.in that is suitable for in-tree builds of the plugin and can
also serve as an example for standalone plugins.
But the bigger benefit of this is to allow building the example plugin
even with --disable-shared provided to configure, as this is just a
phony limitation imposed by automake/libtool.
2 years ago
6198ea5a91
github-ci: use all cpus for coccinelle checks
...
Also put "cocci" in the job name and install parallel so the script can
actually run with concurrency.
2 years ago
41a621178f
ci: right sha for authors check
2 years ago
fa98c48e65
github-actions: bump github/codeql-action from 2.24.0 to 3.24.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.24.0 to 3.24.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v2.24.0...v3.24.1 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
2242d10fa0
github-ci: fix authors check with special characters
...
Dependabot is always getting flagged as a new author even tho it uses
a consistent author of:
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
But this doesn't work with plain grep. Fix by telling grep to treat
the value as a fixed string instead of a regular expression.
2 years ago
a87943d9bf
github-ci: apply read-only permissions to more workflows
...
- authors.yml
- codeql.yml
- scan-build.yml
2 years ago
f9a4e9c588
codeql: add security-extended query suite
...
Add the CodeQL security-extended suite to
the CodeQL workflow configuration.
2 years ago
7881e85088
github-actions: bump github/codeql-action from 2 to 3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
be07d96c3d
github-actions: bump codecov/codecov-action from 3.1.1 to 4.0.1
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 3.1.1 to 4.0.1.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](d9f34f8cd5...e0b68c6749
2 years ago
7c98134624
github-ci: cancel previous job for all workflows
...
Previously only enabled in build.yml, apply cancen-in-progress to all
workflow files.
2 years ago
d5a3bfcab6
github-ci: don't depend on cbindgen when installed from package
2 years ago
49834eabf1
github-ci: update actions/github-script
2 years ago
e786297497
github-ci: update actions/checkout
2 years ago
32d55febed
github-ci: update actions/cache
2 years ago
5bfaeb3bf5
github-ci: update {download,upload} artifact actions
...
Multiple uploads can no longer use the same name, so give the cbindgen
artifact its own name of "cbindgen". Requires an additional download
for each build depending on this cbindgen artifact.
2 years ago
8522256aaa
github-ci: use all cores available
...
GitHub action Linux runners now have 4 cores, instead of hardcoding
the number, use nproc to determine how many cores are available and
use them.
2 years ago
6922fef4ab
github-ci: move centos-7 build to its own workflow
...
CentOS 7 requires older actions due to newer GitHub actions depending
on a newer glibc. So move to its own workflow file so the main builds
can move forward to newer versions of actions.
2 years ago
edfda9f69f
rust: weekly cargo audit and update
...
Add GitHub actions to perform:
- cargo audit: catch new warnings in dependendent packages
- cargo update: catch updated dependencies that depend on a new MSRV
than we use
2 years ago
9fe00ff710
config/jansson: Remove excess libjansson mentions
...
Issue: 6712
Remove multiple occurrences of libjansson installation packages.
2 years ago
ee6208be9d
config/nss: Remove libnspr/libnss traces
...
Issue: 6712
2 years ago
7f5e98e6df
ci: authors check using OISF repo
...
As flagged critical by codescan
2 years ago
6de885c603
ci: update scorecard analysis workflow
2 years ago
d73ccd0f52
ci: run clippy without all features
2 years ago
bedd48596f
ci: run clippy on test code as well
2 years ago
93071501b5
github-ci/formatting: update to Ubuntu 22.04
...
Update the formatting CI job to Ubuntu 22.04 to get a newer version of
clang-format, in this case clang-format-14.
2 years ago
c82d93490c
github/action: fix Debian 12 intermittent failures
...
Parallel builds caused issues during `cargo vendor`. So do just a single
thread build.
make[4]: Entering directory '/__w/suricata/suricata/rust'
cbindgen --config /__w/suricata/suricata/rust/cbindgen.toml \
--quiet --output /__w/suricata/suricata/rust/dist/rust-bindings.h
CARGO_HOME="/github/home/.cargo" /usr/bin/cargo vendor
Blocking waiting for file lock on package cache
Blocking waiting for file lock on package cache
ERROR: Couldn't execute `cargo metadata` with manifest "/__w/suricata/suricata/rust/Cargo.toml": Metadata(Output { status: ExitStatus(unix_wait_status(25856)), stdout: "", stderr: " Blocking waiting for file lock on package cache\n Blocking waiting for file lock on package cache\nerror: failed to download `adler v1.0.2`\n\nCaused by:\n unable to get packages from source\n\nCaused by:\n failed to parse manifest at `/github/home/.cargo/registry/src/github.com-1ecc6299db9ec823/adler-1.0.2/Cargo.toml`\n\nCaused by:\n no targets specified in the manifest\n either src/lib.rs, src/main.rs, a [lib] section, or [[bin]] section must be present\n" })
ERROR: Couldn't generate bindings for /__w/suricata/suricata/rust.
make[4]: *** [Makefile:597: dist/rust-bindings.h] Error 1
make[4]: *** Waiting for unfinished jobs....
2 years ago
64d12aacc8
ebpf: Update eBPF map to BTF defined map
...
legacy map definition is removed from libbpf1.0+.
update the legacy map definition to BTF defined map.
Distros with < libbpf1.0 (0.5, 0.6, 0.7, 0.8) bpf_helpers.h
support BTF map definition, this change does not break
old libbpf and support new libpbf1.0+.
Bug: #6250
Signed-off-by: Vincent Li <vincent.mc.li@gmail.com>
Co-authored-by: Victor Julien <vjulien@oisf.net>
2 years ago
d2b25af3f4
examples: add an example plugin of an eve filetype
...
This is an example of what adding plugin examples to the Suricata repo
could look like.
This plugin is an example plugin for an EVE filetype. It could be
extended to support outputs like Redis, syslog, etc.
There is one issue with adding plugins like this to an autotools
project, the project can't be built with --disable-shared, which is
more of an autotools limitation, and not really a Suricata issue.
Suricata built with --disable-shared will load plugins just fine.
Note that the examples directory was added as DIST_SUBDIRS as we don't
want normal builds to recurse into it and attempt to build the plugin,
its just an example, but we still need to keep distcheck happy.
2 years ago
bec1d8ca9f
github-ci: don't add author names/emails to new author comment
...
The new author details will still be available in the artifact, we're
just not calling them out in a nighly visible pull request comment.
2 years ago
2b9603d94d
github-ci: cancel previous builds workflow for branch
...
On a push of the same branch, cancel the previous running builds.yml
workflow.
2 years ago
741ba51c1e
github-ci: Fedora 37 to 39; use packaged cbindgen
2 years ago
c53086575a
dpdk: update DPDK builder versions
2 years ago
e65c052414
build/nss: Remove libnss from CI
2 years ago
a4f670622e
workflows: use s-v --debug-failed
2 years ago
ae5c65fb49
github-ci: disable some workflows on doc only changes
...
Don't run the following GitHub workflows on documentation only
changes:
- cifuzz
- codeql
- formatting
- rust
- scan-build
2 years ago
f511b176bf
github-ci: don't build docs in almalinux:8, centos:8
...
Our docs require a newer version of Sphinx.
2 years ago
7f822ba053
github-ci: run cocci in fedora 38
2 years ago
4ccc9aed01
github-ci: remove fedora 36 builds
...
Fedora 36 is now EOL.
2 years ago
84674f4205
github-ci: update rust versions
...
New minimum Rust version: 1.63.0.
Current latest known good version: 1.70.0.
Add test specifically for MSRV as we didn't have one.
Ticket: #4163
2 years ago
ebdf482580
github-ci: add CentOS Stream builders
...
Builders for CentOS Stream 8 and 9.
2 years ago
ca68b6b994
github-ci: replace dist builder with Debian 12
...
Add new dist builder job based on Debian 12. Debian 12 gives us news
Sphinx that AlmaLinux 8, plus avoids any potential disruption in the
RHEL rebuild ecosystem.
Also make dist building its own job so it finishes quicker, allowing
other jobs to proceed. The new non-dist building Debian 12 job will
still do a complete distcheck, as do other jobs.
2 years ago
96dd6a7ca0
github-ci: add Debian 12 builder
2 years ago
f870dcd4cc
github-ci: allow pull request URL in SV_BRANCH
...
Allow the SV_BRANCH variable to contain the full link to an
OISF/suricata-verify pull request. This will cause GitHub to create a
cross-link for us.
2 years ago
83afccd932
github-ci: update action: setup-msys2
...
Use @v2, hopefully the dependency bot will keep it up to date now.
2 years ago
37d68230f8
github-ci: use latest version of actions/upload-artifact
2 years ago
d576be2452
github-ci: update actions/cache to v3.3.1
2 years ago
3dfd5ddaed
github-ci: use same version (3.0.2) for actions/download-artifact
2 years ago
04ba1a7ef6
github-ci: update actions/checkout to v3.5.3
2 years ago
6d7923c80b
github-ci: check for suricata-update example configuration files
...
Check that the Suricata-Update example configuration files are
installed.
2 years ago
f8c54bc7a4
github-ci: add workflow_dispatch
...
A workflow dispatch allows us to manually a trigger a workflow with
arguments. This dispatch allows us to use the "gh" cli command to
trigger a workflow run with our libhtp/su/sv branch and repo variables
set. For example:
gh run builds.yml -f SV_REPO=jasonish/suricata-verify -f SV_BRANCH=pr/10
2 years ago
af5a0e11e8
github-ci: check for new authors in pull-request
...
On pull request, get a list of commit authors for the pull request and
compare to the list of authors in git master. If any differ, save to
new-authors.txt and upload this as an artifact.
As a workflow-run, download this artifact and if non-empty, add a
comment to the pull-request that new authors may be part of the pull
request.
This 2 step approach is because GitHub actions running in pull-request
context are not allowed to comment on the pull request, instead a
post-workflow workflow has been added that runs in the context of the
repo which can then comment on the pull request.
2 years ago
cc3f3a0a72
github-ci: fix rust check by fixing git directory permissions
...
Due to the update to AlmaLinux 9.2, a new version of git with stricter
permissions was introduced. Mark the directory as safe as we have
done in other builds with newer versions of it.
2 years ago
60902236e4
build: harden rust.yml permissions
...
Signed-off-by: Alex <aleksandrosansan@gmail.com>
2 years ago
74326a43e7
github-ci: add windivert build
2 years ago
fb7ff5b61c
github-ci: spelling
2 years ago
cb66a1e636
github-ci: add padding check to scan-build
2 years ago
d0d6ca4c6e
github-ci: add more scan-build checks
...
Explicitly disable:
security.insecureAPI.DeprecatedOrUnsafeBufferHandling
optin.performance.Padding
2 years ago
fb237e8de3
github-ci: add dpdk, nfqueue, nflog to scan-build
2 years ago
e717c2e0ec
github-ci: remove debian 9 as it is EOL
2 years ago
915f487a1c
github-ci: update Fedora 36 cov build to Fedora 38
...
As Fedora 36 will be EOL in a month.
2 years ago
bcbceb13f8
github-ci: update non-root build to Fedora 37
...
As Fedora 36 will be EOL in a month.
2 years ago
b0bc95d7c1
github-ci: add Fedora 38 builds
2 years ago
3974142b41
github-ci: use cbindgen from packages on almalinux:9
...
AlmaLinux 9 has cbindgen available from the package repositories.
2 years ago
fa651606a0
github-ci: add Fedora 37 builders
2 years ago
4105ac436e
github-ci: add Fedora 36 gcc builder
...
The existing Fedora 36 builder used clang. Add a gcc builder as it can
show different errors.
2 years ago
04fb0189a7
github-ci: replace Fedora no-jansson build with AlmaLinux
...
Use AlmaLinux 9 for the no-jansson test instead of Fedora as it will
need to be updated much less.
2 years ago
dependabot[bot]
Victor Julien
Jason Ish
Philippe Antoine
Lukas Sismis
Jo Johnson
Lukas Sismis
Daniel Olatunji
Jeff Lucovsky
Vincent Li
Shivani Bhardwaj
Alex