-
-
Notifications
You must be signed in to change notification settings - Fork 49
114 lines (98 loc) · 4.86 KB
/
testing-dnstap.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
name: Tests DNStap
on:
push:
paths-ignore:
- 'docs/**'
- 'README.md'
branches:
- main
pull_request:
paths-ignore:
- 'docs/**'
- 'README.md'
branches:
- main
permissions:
contents: read
env:
Q_VERSION: "0.19.2"
PYTHON_VERSION: "3.13"
GO_VERSION: "1.23"
COLLECTOR_USER: "pdns"
jobs:
build_bin:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: "${{ env.GO_VERSION }}"
- name: Build Binary
run: |
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -o go-dnscollector *.go
- name: Upload Binary Artifact
uses: actions/upload-artifact@v4
with:
name: go-dnscollector
path: go-dnscollector
tests_logging:
needs: build_bin
runs-on: ubuntu-latest
strategy:
matrix:
config:
- { service: "unbound", version: "1.20.0", mode: "tcp" }
- { service: "coredns", version: "1.11.1", mode: "tcp" }
- { service: "coredns", version: "1.11.1", mode: "tls" }
- { service: "dnsdist", version: "19", mode: "tcp" }
- { service: "dnsdist", version: "19", mode: "unix" }
- { service: "dnsdist", version: "19", mode: "doq" }
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "${{ env.PYTHON_VERSION }}"
- name: Download Binary Artifact
uses: actions/download-artifact@v4
with:
name: go-dnscollector
- name: Make Binary Executable
run: chmod +x go-dnscollector
- name: Download q test doq test
run: |
wget https://github.com/natesales/q/releases/download/v0.19.2/q_${{ env.Q_VERSION }}_linux_amd64.tar.gz
tar xvf q_${{ env.Q_VERSION }}_linux_amd64.tar.gz
- name: Generate certificate
run: |
openssl genrsa 2048 > ca.key
openssl req -days 365 -new -x509 -nodes -key ca.key -out ca.crt -config <(echo -e "[ req ]\nprompt = no\ndistinguished_name = req_distinguished_name\n[ req_distinguished_name ]\ncountryName = LU\nstateOrProvinceName = Space\nlocalityName = Moon\norganizationName = Github\norganizationalUnitName = Lab\ncommonName = dnscollector.dev\nemailAddress = [email protected]")
echo -e "[ req ]\nprompt = no\ndistinguished_name = req_distinguished_name\nreq_extensions = req_ext\n[ req_distinguished_name ]\ncountryName = LU\nstateOrProvinceName = Space\nlocalityName = Moon\norganizationName = Github\norganizationalUnitName = DNScollector\ncommonName = dnscollector.dev\nemailAddress = [email protected]\n[ req_ext ]\nsubjectAltName = DNS: dnscollector.dev, IP: 127.0.0.1" > server.conf
openssl req -newkey rsa:2048 -nodes -keyout dnscollector.key -out dnscollector.csr --config server.conf
openssl x509 -req -days 365 -in dnscollector.csr -out dnscollector.crt -CA ca.crt -CAkey ca.key -extensions req_ext -extfile server.conf
sudo chmod 644 dnscollector.key
mv dnscollector.key ./tests/testsdata/
mv dnscollector.crt ./tests/testsdata/
- name: Add pdns user for unix socket test
run: |
sudo addgroup --system --gid 953 pdns
sudo adduser --system --disabled-password --no-create-home -uid 953 --gid 953 pdns
- name: Deploy docker image for "${{ matrix.config.service }}"
run: |
case ${{ matrix.config.service }} in
"unbound")
sudo docker run -d --network="host" --name=unbound --volume=$PWD/tests/testsdata/unbound/unbound_${{ matrix.config.mode }}.conf:/opt/unbound/etc/unbound/unbound.conf:z -v /tmp/:/opt/unbound/etc/unbound/tmp/:z mvance/unbound:${{ matrix.config.version }}
;;
"coredns")
sudo docker run -d --network="host" --name=coredns -v $PWD/tests/testsdata/:$PWD/tests/testsdata/ -v /tmp/:/tmp/ coredns/coredns:${{ matrix.config.version }} -conf $PWD/tests/testsdata/coredns/coredns_${{ matrix.config.mode }}.conf
;;
"dnsdist")
sudo docker run -d --network="host" --name=dnsdist --volume=$PWD/tests/testsdata/powerdns/dnsdist_${{ matrix.config.mode }}.conf:/etc/dnsdist/conf.d/dnsdist.conf:z --volume=$PWD/server.key:/etc/dnsdist/conf.d/server.key:z --volume=$PWD/server.crt:/etc/dnsdist/conf.d/server.crt:z -v /tmp/:/tmp/ powerdns/dnsdist-${{ matrix.config.version }}
;;
esac
until (dig -p 5553 www.github.com @127.0.0.1 | grep NOERROR); do sleep 5.0; done
- name: Run Tests for ${{ matrix.config.service }} - ${{ matrix.config.mode }}
run: |
python3 -m venv venv
source venv/bin/activate
python3 -m pip install dnstap_pb fstrm dnspython protobuf
python3 -m unittest tests.dnsquery_dnstap${{ matrix.config.mode }} -v