add an option to allow adding a comment to iptables rules #446
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build + tests | |
on: | |
push: | |
branches: [ main ] | |
pull_request: | |
branches: [ main ] | |
permissions: | |
contents: read | |
jobs: | |
build: | |
name: "Build + tests" | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: '1.22' | |
- name: Build | |
run: | | |
make build | |
- name: Run unit tests | |
run: | | |
go install github.com/kyoh86/[email protected] | |
set -o pipefail | |
make test | richgo testfilter | |
env: | |
RICHGO_FORCE_COLOR: 1 | |
- name: "Setup Python" | |
uses: actions/setup-python@v5 | |
with: | |
python-version: "3.x" | |
cache: 'pipenv' | |
- name: "Install python dependencies" | |
run: | | |
python -m pip install --upgrade pipenv wheel | |
pipenv install --deploy | |
# some tests need root, so we have to install pytest twice | |
sudo python3 -m pip install --upgrade pipenv wheel | |
sudo pipenv install --deploy | |
- name: Install functional test dependencies | |
run: | | |
sudo apt update | |
sudo apt install -y nftables iptables ipset | |
docker network create net-test | |
- name: Run functional tests | |
env: | |
CROWDSEC_TEST_VERSION: dev | |
CROWDSEC_TEST_FLAVORS: full | |
CROWDSEC_TEST_NETWORK: net-test | |
CROWDSEC_TEST_TIMEOUT: 60 | |
PYTEST_ADDOPTS: --durations=0 -vv --color=yes -m "not (deb or rpm)" | |
run: | | |
# everything except for | |
# - install (requires root, ignored by default) | |
# - backends (requires root, ignored by default) | |
# - deb/rpm (on their own workflows) | |
pipenv run pytest | |
# these need root | |
sudo -E pipenv run pytest ./test/backends | |
sudo -E pipenv run pytest ./test/install/no_crowdsec | |
# these need a running crowdsec | |
docker run -d --name crowdsec -e CI_TESTING=true -e DISABLE_ONLINE_API=true -ti crowdsecurity/crowdsec | |
install -m 0755 /dev/stdin /usr/local/bin/cscli <<'EOT' | |
#!/bin/sh | |
docker exec crowdsec cscli "$@" | |
EOT | |
sleep 5 | |
sudo -E pipenv run pytest ./test/install/with_crowdsec |