From 69c12dfe4198855d44fe4ce9cde34a314336b73d Mon Sep 17 00:00:00 2001 From: Philipp Eder Date: Wed, 15 Jan 2025 11:17:05 +0100 Subject: [PATCH] Add test to verify dependencies Checks if the dependencies of: - gvm-libs - openvas-smb - openvas-scanner play nicely together and double checks that openvas-smb is linked to the openvas binary. --- .docker/railguards/README.md | 20 +++++++++++++++ .docker/railguards/debian_stable.Dockerfile | 27 +++++++++++++++++++++ .github/workflows/functional.yaml | 15 ++++++++++++ 3 files changed, 62 insertions(+) create mode 100644 .docker/railguards/README.md create mode 100644 .docker/railguards/debian_stable.Dockerfile diff --git a/.docker/railguards/README.md b/.docker/railguards/README.md new file mode 100644 index 000000000..af2833365 --- /dev/null +++ b/.docker/railguards/README.md @@ -0,0 +1,20 @@ +# Railguards + +As long as openvas is a distributed monolith in +- greenbone/gvm-libs +- greenbone/openvas-smb +- greenbone/openvas-scanner + +we need to verify that the dependencies play nicely together on our target: + +- debian:stable + +as well as the mentioned examples within: + +- https://greenbone.github.io/docs/latest/22.4/source-build/index.html#openvas-scanner + +Namely: +- fedora +- centos + +**WARNING** The Dockerfiles within this folder are not meant to be used outside of this very specific test case. diff --git a/.docker/railguards/debian_stable.Dockerfile b/.docker/railguards/debian_stable.Dockerfile new file mode 100644 index 000000000..35c508bca --- /dev/null +++ b/.docker/railguards/debian_stable.Dockerfile @@ -0,0 +1,27 @@ +# This Dockerfile is not meant to be actually used, it is meant for testing +# the integrity when building: +# - gvm-libs +# - openvas-smb +# - openvas-scanner +# +# together from a main branch. +# +# If it builds without error everything is as expected. +FROM debian:stable +# CLONE gvm-libs +# CLONE openvas-smb +# Install dependencies +# check ld +COPY . /source +RUN apt update && apt install -y git +RUN bash /source/.devcontainer/github-clone.sh greenbone/gvm-libs +RUN bash /source/.devcontainer/github-clone.sh greenbone/openvas-smb +# tests implicitely if there are dependencies conflicts +RUN sh /workspaces/greenbone/gvm-libs/.github/install-dependencies.sh +RUN sh /workspaces/greenbone/openvas-smb/.github/install-openvas-smb-dependencies.sh +RUN sh /source/.github/install-openvas-dependencies.sh +# build everything +RUN sh /source/.devcontainer/build-cmake-project.sh /workspaces/greenbone/gvm-libs +RUN sh /source/.devcontainer/build-cmake-project.sh /workspaces/greenbone/openvas-smb +RUN sh /source/.devcontainer/build-cmake-project.sh /source + diff --git a/.github/workflows/functional.yaml b/.github/workflows/functional.yaml index 43ac3f9c8..46e67782f 100644 --- a/.github/workflows/functional.yaml +++ b/.github/workflows/functional.yaml @@ -7,6 +7,21 @@ on: # It depends on build.yml that is controlled via control.yml # jobs: + # Tests that gvm-libs, openvas-smb and openvas dependencies work together and + # that openvas is buildable and integrates openvas-smb when available + distributed-monolith-railguard: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + system: + - debian_stable + steps: + - uses: actions/checkout@v4 + - run: docker build -t test -f .docker/railguards/${{matrix.system}}.Dockerfile . + - run: docker run --rm test ldd /usr/local/sbin/openvas + - run: docker run --rm test ldd /usr/local/sbin/openvas | grep libopenvas_wmiclient + - run: docker rmi test || true # TESTS that are possible before pushing an image tests: runs-on: ubuntu-latest