github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3144 from eduar-hte/gh-workflow-updates

Browse Source 
GitHub build & quality assurance workflow updates
This commit is contained in:
Ervin Hegedus 2024-05-23 14:53:09 +02:00 committed by GitHub
commit 37776fd262
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
10 changed files with 114 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

117
.github/workflows/ci.yml vendored
View File

@ -6,66 +6,110 @@ on:
jobs:
build-linux:
name: Linux (${{ matrix.platform.label }}, ${{ matrix.compiler.label }}, ${{ matrix.configure.label }})
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-22.04]
platform: [x32, x64]
compiler: [gcc, clang]
platform:
- {label: "x64", arch: "amd64", configure: ""}
- {label: "x32", arch: "i386", configure: "PKG_CONFIG_PATH=/usr/lib/i386-linux-gnu/pkgconfig CFLAGS=-m32 CXXFLAGS=-m32 LDFLAGS=-m32"}
compiler:
- {label: "gcc", cc: "gcc", cxx: "g++"}
- {label: "clang", cc: "clang", cxx: "clang++"}
configure:
- {label: "with parser generation", opt: "--enable-parser-generation" }
- {label: "wo curl", opt: "--without-curl" }
- {label: "wo yajl", opt: "--without-yajl" }
- {label: "wo geoip", opt: "--without-geoip" }
- {label: "wo lmdb", opt: "--without-lmdb" }
- {label: "with pcre2", opt: "--with-pcre2" }
- {label: "wo lua", opt: "--without-lua" }
- {label: "without maxmind", opt: "--without-maxmind" }
- {label: "wo maxmind", opt: "--without-maxmind" }
- {label: "wo libxml", opt: "--without-libxml" }
- {label: "wo geoip", opt: "--without-geoip" }
- {label: "wo ssdeep", opt: "--without-ssdeep" }
- {label: "with lmdb", opt: "--with-lmdb" }
- {label: "with pcre2", opt: "--with-pcre2" }
exclude:
- platform: {label: "x32"}
configure: {label: "wo geoip"}
- platform: {label: "x32"}
configure: {label: "wo ssdeep"}
steps:
- name: Setup Dependencies
- name: Setup Dependencies (common)
run: |
sudo dpkg --add-architecture ${{ matrix.platform.arch }}
sudo apt-get update -y -qq
sudo apt-get install -y libfuzzy-dev libyajl-dev libgeoip-dev liblua5.2-dev liblmdb-dev cppcheck libmaxminddb-dev libcurl4-openssl-dev libpcre2-dev pcre2-utils
- uses: actions/checkout@v2
sudo apt-get install -y libyajl-dev:${{ matrix.platform.arch }} \
libcurl4-openssl-dev:${{ matrix.platform.arch }} \
liblmdb-dev:${{ matrix.platform.arch }} \
liblua5.2-dev:${{ matrix.platform.arch }} \
libmaxminddb-dev:${{ matrix.platform.arch }} \
libpcre2-dev:${{ matrix.platform.arch }} \
pcre2-utils:${{ matrix.platform.arch }} \
bison flex
- name: Setup Dependencies (x32)
if: ${{ matrix.platform.label == 'x32' }}
run: |
sudo apt-get install g++-multilib
sudo apt-get install -y libxml2-dev:${{ matrix.platform.arch }} \
libpcre3-dev:${{ matrix.platform.arch }}
- name: Setup Dependencies (x64)
if: ${{ matrix.platform.label == 'x64' }}
run: |
sudo apt-get install -y libgeoip-dev:${{ matrix.platform.arch }} \
libfuzzy-dev:${{ matrix.platform.arch }}
- uses: actions/checkout@v4
with:
submodules: true
- name: build.sh
run: ./build.sh
- name: configure ${{ matrix.configure.label }}
run: ./configure ${{ matrix.configure.opt }}
- name: configure
env:
CC: ${{ matrix.compiler.cc }}
CXX: ${{ matrix.compiler.cxx }}
run: ./configure ${{ matrix.platform.configure }} ${{ matrix.configure.opt }}
- uses: ammaraskar/gcc-problem-matcher@master
- name: make
run: make -j `nproc`
- name: check
run: make check
- name: check-static
run: make check-static
build-macos:
name: macOS (${{ matrix.configure.label }})
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [macos-12]
compiler: [clang]
configure:
- {label: "with parser generation", opt: "--enable-parser-generation" }
- {label: "wo curl", opt: "--without-curl" }
- {label: "wo yajl", opt: "--without-yajl" }
- {label: "wo geoip", opt: "--without-geoip" }
- {label: "wo lmdb", opt: "--without-lmdb" }
- {label: "wo ssdeep", opt: "--without-ssdeep" }
- {label: "wo lua", opt: "--without-lua" }
- {label: "wo maxmind", opt: "--without-maxmind" }
- {label: "wo libxml", opt: "--without-libxml" }
- {label: "wo geoip", opt: "--without-geoip" }
- {label: "wo ssdeep", opt: "--without-ssdeep" }
- {label: "with lmdb", opt: "--with-lmdb" }
- {label: "with pcre2", opt: "--with-pcre2" }
steps:
- name: Setup Dependencies
# autoconf, curl, pcre2 not installed because they're already
# included in the image
run: |
brew install autoconf automake cppcheck lmdb libyaml lua ssdeep libmaxminddb bison
- uses: actions/checkout@v2
brew install automake \
yajl \
lmdb \
lua \
libmaxminddb \
libxml2 \
geoip \
ssdeep \
pcre \
bison \
flex
- uses: actions/checkout@v4
with:
submodules: true
- name: build.sh
run: ./build.sh
- name: configure ${{ matrix.configure.label }}
- name: configure
run: ./configure ${{ matrix.configure.opt }}
- uses: ammaraskar/gcc-problem-matcher@master
- name: make
@ -74,18 +118,21 @@ jobs:
run: make check
build-windows:
name: Windows (${{ matrix.platform.label }}, ${{ matrix.configure.label }})
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [windows-2022]
platform: [x86_64]
platform:
- {label: "x64", arch: "x86_64"}
configuration: [Release]
configure:
- {label: "full", opt: "" }
- {label: "wo curl", opt: "-DWITHOUT_CURL=ON" }
- {label: "wo lmdb", opt: "-DWITHOUT_LMDB=ON" }
- {label: "wo lua", opt: "-DWITHOUT_LUA=ON" }
- {label: "wo maxmind", opt: "-DWITHOUT_MAXMIND=ON" }
- {label: "wo curl", opt: "-DWITHOUT_CURL=ON" }
- {label: "wo libxml", opt: "-WITHOUT_LIBXML2=ON" }
steps:
- uses: actions/checkout@v4
with:
@ -95,9 +142,9 @@ jobs:
pip3 install conan --upgrade
conan profile detect
- uses: ammaraskar/msvc-problem-matcher@master
- name: Build ${{ matrix.configuration }} ${{ matrix.platform }} ${{ matrix.configure.label }}
- name: Build ${{ matrix.configuration }} ${{ matrix.platform.arch }} ${{ matrix.configure.label }}
shell: cmd
run: vcbuild.bat ${{ matrix.configuration }} ${{ matrix.platform }} NO_ASAN "${{ matrix.configure.opt }}"
run: vcbuild.bat ${{ matrix.configuration }} ${{ matrix.platform.arch }} NO_ASAN "${{ matrix.configure.opt }}"
- name: Set up test environment
working-directory: build\win32\build\${{ matrix.configuration }}
env:
@ -124,3 +171,21 @@ jobs:
working-directory: build\win32\build
run: |
ctest -C ${{ matrix.configuration }} --output-on-failure
cppcheck:
runs-on: [ubuntu-22.04]
steps:
- name: Setup Dependencies
run: |
sudo apt-get update -y -qq
sudo apt-get install -y cppcheck
- name: Get libModSecurity v3 source
uses: actions/checkout@v4
with:
submodules: true
- name: Configure libModSecurity
run: |
./build.sh
./configure
- name: Run cppcheck on libModSecurity
run: make check-static

6
test/regression/regression.cc
View File

@ -486,15 +486,12 @@ int main(int argc, char **argv) {
#if defined(WITH_GEOIP) or defined(WITH_MAXMIND)
resources.push_back("geoip-or-maxmind");
#endif
#if defined(WITH_MAXMIND)
resources.push_back("maxmind");
#endif
#if defined(WITH_GEOIP)
resources.push_back("geoip");
#endif
#ifdef WITH_CURL
resources.push_back("curl");
#endif
@ -504,6 +501,9 @@ int main(int argc, char **argv) {
#ifdef WITH_LUA
resources.push_back("lua");
#endif
#ifdef WITH_LIBXML2
resources.push_back("libxml2");
#endif
#ifdef NO_LOGS
std::cout << "Test utility cannot work without logging support." \

3
test/test-cases/regression/action-ctl_request_body_processor.json
View File

@ -2,6 +2,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing CtlRequestBodyProcessor=XML (1)",
"expected":{
"debug_log": "Registered XML namespace href \"http://schemas.xmlsoap.org/soap/envelope/\" prefix \"soap\""
@ -71,6 +72,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing CtlRequestBodyProcessor=XML (2)",
"expected":{
"debug_log": "Rule returned 0"
@ -139,6 +141,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing CtlRequestBodyProcessor=XML (3)",
"expected":{
"debug_log": "XML: Failed parsing document."

1
test/test-cases/regression/action-xmlns.json
View File

@ -38,6 +38,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing XML request body parser (validate ok)",
"expected":{
"debug_log": "Target value: \"39.95\" \\(Variable: XML:\/bookstore\/book\/price\\[text\\(\\)\\]\\)"

2
test/test-cases/regression/config-body_limits.json
View File

@ -578,6 +578,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"SecRequestBodyNoFilesLimit - xml, limit exceeded",
"client":{
"ip":"200.249.12.31",
@ -626,6 +627,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"SecRequestBodyNoFilesLimit - xml, limit not exceeded",
"client":{
"ip":"200.249.12.31",

3
test/test-cases/regression/config-xml_external_entity.json
View File

@ -2,6 +2,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing SecXMLExternalEntity/XXE 1",
"expected":{
"debug_log": "Target value: \" jo smith\""
@ -47,6 +48,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing SecXMLExternalEntity/XXE 2",
"expected":{
"debug_log": "XML: Failed to load DTD: test-cases/data/SoapEnvelope.dtd",
@ -94,6 +96,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing SecXMLExternalEntity/XXE 3",
"expected":{
"debug_log": "XML Error: No declaration for element bookstore",

4
test/test-cases/regression/request-body-parser-xml-validade-dtd.json
View File

@ -2,6 +2,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing XML request body parser - validateDTD (validate ok)",
"expected":{
"debug_log": "XML: Successfully validated payload against DTD: test-cases/data/SoapEnvelope.dtd"
@ -47,6 +48,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing XML request body parser - validateDTD (validation failed)",
"expected":{
"debug_log": "XML Error: No declaration for element xBody",
@ -93,6 +95,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing XML request body parser - validateDTD (bad XML)",
"expected":{
"debug_log": "XML: DTD validation failed because content is not well formed",
@ -139,6 +142,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing XML request body parser - validateDTD (bad DTD)",
"expected":{
"debug_log": "Failed to load DTD: test-cases/data/SoapEnvelope-bad.dtd",

5
test/test-cases/regression/request-body-parser-xml.json
View File

@ -2,6 +2,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing XML request body parser (validate ok)",
"expected":{
"debug_log": "XML: Successfully validated payload against Schema:"
@ -51,6 +52,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing XML request body parser (validate attribute value failed)",
"expected":{
"debug_log": "'badval' is not a valid value of the local atomic type",
@ -101,6 +103,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing XML request body parser (validate failed)",
"expected":{
"debug_log": "This element is not expected. Expected is one of",
@ -151,6 +154,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing XML request body parser (bad XML)",
"expected":{
"debug_log": "XML Error: Element '{http://schemas.xmlsoap.org/soap/envelope/}xBody'",
@ -201,6 +205,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing XML request body parser (bad schema)",
"expected":{
"debug_log": "XML: Failed to load Schema: test-cases/data/SoapEnvelope-bad.xsd. XML Error: Failed to parse the XML resource 'test-cases/data/SoapEnvelope-bad.xsd",

1
test/test-cases/regression/variable-REQBODY_PROCESSOR_ERROR.json
View File

@ -2,6 +2,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing Variables :: REQBODY_PROCESSOR_ERROR_MSG (1/2)",
"client":{
"ip":"200.249.12.31",

1
test/test-cases/regression/variable-XML.json
View File

@ -2,6 +2,7 @@
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing XPath expression with equals sign",
"expected":{
"http_code": 403