dnsdist: Fix handling of proxy protocol payload outside of TLS for DoT #4353

Workflow file for this run

.github/workflows/documentation.yml at 4931fb2

	---
	name: 'Documentation'

	on:
	push:
	branches: [master]
	pull_request:
	branches: [master]

	permissions:
	contents: read

	jobs:
	build-upload-docs:
	name: Build and upload docs
	runs-on: ubuntu-22.04
	env:
	SERVICE_IP_ADDR: 127.0.0.1
	services:
	database:
	image: epicwink/proxpi
	ports:
	- 5000:5000
	options: >-
	--restart always
	outputs:
	pip-list-auth: ${{ steps.pip-logs-auth.outputs.list-auth }}
	pip-list-rec: ${{ steps.pip-logs-rec.outputs.list-rec }}
	pip-list-dnsdist: ${{ steps.pip-logs-dnsdist.outputs.list-dnsdist }}
	steps:
	- uses: PowerDNS/pdns/set-ubuntu-mirror@meta
	- uses: actions/checkout@v4
	- uses: actions/setup-python@v5
	with:
	python-version: '3.11'
	# Configure pip index-url set to proxpi
	- run: pip config set global.index-url http://${{ env.SERVICE_IP_ADDR }}:5000/index/
	- run: pip config set global.trusted-host ${{ env.SERVICE_IP_ADDR }}
	- id: proxpi-docker
	run: echo "id=$(docker ps \| grep "epicwink/proxpi" \| awk '{print $1}')" >> "$GITHUB_OUTPUT"
	- run: build-scripts/gh-actions-setup-inv-no-dist-upgrade # this runs apt update
	- run: inv install-doc-deps
	- run: inv install-doc-deps-pdf

	- id: get-version
	run: \|
	echo "pdns_version=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT

	- id: setup-ssh
	run: \|-
	inv ci-docs-add-ssh --ssh-key="$SSH_KEY" --host-key="$HOST_KEY"
	echo "have_ssh_key=yes" >> $GITHUB_OUTPUT
	env:
	SSH_KEY: ${{secrets.WEB1_DOCS_SECRET}}
	HOST_KEY: ${{vars.WEB1_HOSTKEY}}
	if: ${{github.ref_name == 'master' && env.SSH_KEY != ''}}

	# Auth
	- run: inv ci-docs-build

	- run: mv html auth-html-docs
	working-directory: ./docs/_build
	- run: tar cf auth-html-docs.tar auth-html-docs
	working-directory: ./docs/_build
	- uses: actions/upload-artifact@v4
	with:
	name: authoritative-html-docs-${{steps.get-version.outputs.pdns_version}}
	path: ./docs/_build/auth-html-docs.tar
	- run: bzip2 auth-html-docs.tar
	if: ${{github.ref_name == 'master'}}
	working-directory: ./docs/_build
	- run: inv ci-docs-build-pdf
	- uses: actions/upload-artifact@v4
	with:
	name: PowerDNS-Authoritative-${{steps.get-version.outputs.pdns_version}}.pdf
	path: ./docs/_build/latex/PowerDNS-Authoritative.pdf
	- run: inv ci-docs-upload-master --docs-host="${DOCS_HOST}" --pdf="PowerDNS-Authoritative.pdf" --username="docs_powerdns_com" --product="auth" --directory="/${AUTH_DOCS_DIR}/"
	env:
	DOCS_HOST: ${{vars.DOCS_HOST}}
	AUTH_DOCS_DIR: ${{vars.AUTH_DOCS_DIR}}
	if: ${{github.ref_name == 'master' && steps.setup-ssh.outputs.have_ssh_key != ''}}
	- run: docker logs ${{ steps.proxpi-docker.outputs.id }} 2>&1 \| grep whl \| awk '{print $8}' \| cut -d "/" -f 4 \| awk -F'-' '{print $1"=="$2}' \| sort -u --ignore-case > /tmp/proxpi-auth.log
	- id: pip-logs-auth
	run: echo "list-auth=$(cat /tmp/proxpi-auth.log \| base64 -w0)" >> "$GITHUB_OUTPUT"
	- run: sudo sh -c "truncate -s 0 /var/lib/docker/containers/${{ steps.proxpi-docker.outputs.id }}/${{ steps.proxpi-docker.outputs.id }}-json.log"

	# Rec
	- run: inv ci-docs-rec-generate
	working-directory: ./pdns/recursordist/settings
	- run: inv ci-docs-build
	working-directory: ./pdns/recursordist
	- run: mv html rec-html-docs
	working-directory: ./pdns/recursordist/docs/_build
	- run: tar cf rec-html-docs.tar rec-html-docs
	working-directory: ./pdns/recursordist/docs/_build
	- uses: actions/upload-artifact@v4
	with:
	name: recursor-html-docs-${{steps.get-version.outputs.pdns_version}}
	path: ./pdns/recursordist/docs/_build/rec-html-docs.tar
	- run: bzip2 rec-html-docs.tar
	if: ${{github.ref_name == 'master'}}
	working-directory: ./pdns/recursordist/docs/_build
	- run: inv ci-docs-build-pdf
	working-directory: ./pdns/recursordist
	- uses: actions/upload-artifact@v4
	with:
	name: PowerDNS-Recursor-${{steps.get-version.outputs.pdns_version}}.pdf
	path: ./pdns/recursordist/docs/_build/latex/PowerDNS-Recursor.pdf
	- run: inv ci-docs-upload-master --docs-host="${DOCS_HOST}" --pdf="PowerDNS-Recursor.pdf" --username="docs_powerdns_com" --product="rec" --directory="/${REC_DOCS_DIR}/"
	env:
	DOCS_HOST: ${{vars.DOCS_HOST}}
	REC_DOCS_DIR: ${{vars.REC_DOCS_DIR}}
	if: ${{github.ref_name == 'master' && steps.setup-ssh.outputs.have_ssh_key != ''}}
	working-directory: ./pdns/recursordist
	- run: docker logs ${{ steps.proxpi-docker.outputs.id }} 2>&1 \| grep whl \| awk '{print $8}' \| cut -d "/" -f 4 \| awk -F'-' '{print $1"=="$2}' \| sort -u --ignore-case > /tmp/proxpi-rec.log
	- id: pip-logs-rec
	run: echo "list-rec=$(cat /tmp/proxpi-rec.log \| base64 -w0)" >> "$GITHUB_OUTPUT"
	- run: sudo sh -c "truncate -s 0 /var/lib/docker/containers/${{ steps.proxpi-docker.outputs.id }}/${{ steps.proxpi-docker.outputs.id }}-json.log"

	# DNSdist
	- run: inv ci-docs-build
	working-directory: ./pdns/dnsdistdist
	- run: mv html dnsdist-html-docs
	working-directory: ./pdns/dnsdistdist/docs/_build
	- run: tar cf dnsdist-html-docs.tar dnsdist-html-docs
	working-directory: ./pdns/dnsdistdist/docs/_build
	- uses: actions/upload-artifact@v4
	with:
	name: dnsdist-html-docs-${{steps.get-version.outputs.pdns_version}}
	path: ./pdns/dnsdistdist/docs/_build/dnsdist-html-docs.tar
	- run: bzip2 dnsdist-html-docs.tar
	if: ${{github.ref_name == 'master'}}
	working-directory: ./pdns/dnsdistdist/docs/_build
	- run: inv ci-docs-build-pdf
	working-directory: ./pdns/dnsdistdist
	- uses: actions/upload-artifact@v4
	with:
	name: dnsdist-${{steps.get-version.outputs.pdns_version}}.pdf
	path: ./pdns/dnsdistdist/docs/_build/latex/dnsdist.pdf
	- run: inv ci-docs-upload-master --docs-host="${DOCS_HOST}" --pdf="dnsdist.pdf" --username="dnsdist_org" --product="dnsdist"
	env:
	DOCS_HOST: ${{vars.DOCS_HOST}}
	if: ${{github.ref_name == 'master' && steps.setup-ssh.outputs.have_ssh_key != ''}}
	working-directory: ./pdns/dnsdistdist
	- run: docker logs ${{ steps.proxpi-docker.outputs.id }} 2>&1 \| grep whl \| awk '{print $8}' \| cut -d "/" -f 4 \| awk -F'-' '{print $1"=="$2}' \| sort -u --ignore-case > /tmp/proxpi-dnsdist.log
	- id: pip-logs-dnsdist
	run: echo "list-dnsdist=$(cat /tmp/proxpi-dnsdist.log \| base64 -w0)" >> "$GITHUB_OUTPUT"

	validate-pip-hashes:
	name: Validate list of packages and hashes
	runs-on: ubuntu-22.04
	needs: build-upload-docs
	steps:
	- uses: actions/checkout@v4
	- run: for i in `echo "${{ needs.build-upload-docs.outputs.pip-list-auth }}" \| base64 -d \| sed 's/_/-/' \| egrep -v "pip==\|setuptools==\|wheel==\|setuptools-git=="`; do grep -qq -i $i docs/requirements.txt \|\| ( echo "$i not found" && exit 1 ); done
	- run: for i in `echo "${{ needs.build-upload-docs.outputs.pip-list-rec }}" \| base64 -d \| sed 's/_/-/' \| egrep -v "pip==\|setuptools==\|wheel==\|setuptools-git=="`; do grep -qq -i $i docs/requirements.txt \|\| ( echo "$i not found" && exit 1 ); done
	working-directory: ./pdns/recursordist
	- run: for i in `echo "${{ needs.build-upload-docs.outputs.pip-list-dnsdist }}" \| base64 -d \| sed 's/_/-/' \| egrep -v "pip==\|setuptools==\|wheel==\|setuptools-git=="`; do grep -qq -i $i docs/requirements.txt \|\| ( echo "$i not found" && exit 1 ); done
	working-directory: ./pdns/dnsdistdist

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

dnsdist: Fix handling of proxy protocol payload outside of TLS for DoT #4353

Workflow file

dnsdist: Fix handling of proxy protocol payload outside of TLS for DoT #4353

Jobs

Run details

Workflow file for this run