-
Notifications
You must be signed in to change notification settings - Fork 194
138 lines (117 loc) · 4.35 KB
/
test.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
name: test
on:
push:
branches:
- master
- lts
- lts-dev
- current
- current-dev
pull_request:
workflow_dispatch:
defaults:
run:
shell: bash
# cancel previous runs if new commits are pushed to the PR, but run for each commit on master
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
build_test:
name: Build & Test
runs-on: ubuntu-latest
strategy:
matrix:
nginx-version: ['stable', 'mainline']
module-type: ['static', 'dynamic']
steps:
- uses: actions/setup-python@v5
with:
python-version: '3.x'
- uses: actions/checkout@v4
with:
ref: ${{ github.ref }}
submodules: true
- name: Generate cache key
id: cache_key
run: |
bazel_registry_commit=$(git submodule status ngx_waf_deps | awk '{ print $1 }')
echo "bazel_registry_commit=$bazel_registry_commit" >> "$GITHUB_OUTPUT"
important_files=${{ hashFiles('.bazelrc') }}
important_files=${important_files}-${{ hashFiles('.bazelversion') }}
important_files=${important_files}-${{ hashFiles('BUILD') }}
important_files=${important_files}-${{ hashFiles('MODULE.bazel') }}
important_files=${important_files}-${{ hashFiles('MODULE.bazel.lock') }}
important_files=${important_files}-${{ hashFiles('.github/workflows/test.yml') }}
echo "important_files=$important_files" >> "$GITHUB_OUTPUT"
- name: Lookup build cache
id: cache
uses: actions/cache@v4
with:
key: ${{ steps.cache_key.outputs.important_files }}-${{ steps.cache_key.outputs.bazel_registry_commit }}
path: |
${{ github.workspace }}/deps.tar.gz
- name: Install dependencies
run: |
sudo apt-get --yes update
# https://github.com/actions/runner-images/issues/2139
sudo apt-get remove nginx-core \
nginx-full \
nginx-light \
nginx-extras \
libgd3
sudo apt-get install --yes \
build-essential \
zlib1g-dev \
libpcre3 \
libpcre3-dev \
libssl-dev \
libxslt1-dev \
libxml2-dev \
libgeoip-dev \
libgd-dev \
libperl-dev \
libcurl4-openssl-dev
- name: Build dependencies
if: steps.cache.outputs.cache-hit != 'true'
run: |
bazel build --registry=file://$(realpath ngx_waf_deps) //:deps
cp bazel-bin/deps.tar.gz .
- name: Apply dependencies
run: |
tar -zxf deps.tar.gz
echo "$(realpath deps/libmodsecurity/lib)" | sudo tee -a /etc/ld.so.conf.d/ngx_waf.conf
echo "$(realpath deps/libsodium/lib)" | sudo tee -a /etc/ld.so.conf.d/ngx_waf.conf
echo "$(realpath deps/libcjson/lib)" | sudo tee -a /etc/ld.so.conf.d/ngx_waf.conf
sudo ldconfig
echo "LIB_MODSECURITY=$(realpath deps/libmodsecurity)" >> "$GITHUB_ENV"
echo "LIB_SODIUM=$(realpath deps/libsodium)" >> "$GITHUB_ENV"
echo "LIB_CJSON=$(realpath deps/libcjson)" >> "$GITHUB_ENV"
echo "LIB_UTHASH=$(realpath deps/uthash)" >> "$GITHUB_ENV"
- name: Download & Build & Install nginx-${{ matrix.nginx-version }}
run: |
sudo pip install lastversion
lastversion download nginx:${{ matrix.nginx-version }}
mkdir nginx-src
tar zxf nginx-*.tar.gz --directory nginx-src --strip-components=1
cd nginx-src
if [ ${{ matrix.module-type }} = 'static module' ] ; then \
opt='--add-module' ;\
else \
opt='--add-dynamic-module' ;\
fi
./configure ${opt}=${{ github.workspace }} --with-http_realip_module --with-cc-opt='-Wno-unused-but-set-variable -Wno-unused-function -fstack-protector-strong'
make -j$(nproc)
sudo make install
sudo useradd nginx -s /sbin/nologin -M
nginx -V
- name: Install Test::Nginx
run: |
sudo cpan Test::Nginx
- name: Test
run: |
sudo chmod 777 -R /tmp
cd test/test-nginx
export MODULE_TEST_PATH=/tmp/module_test
sh ./init.sh
exec sudo sh start.sh t/*.t