-
Notifications
You must be signed in to change notification settings - Fork 630
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
WIP: Change: Ci: following guidelines
- Loading branch information
1 parent
daee772
commit 0db84eb
Showing
5 changed files
with
143 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| name: "Build" | ||
|
|
||
| on: | ||
| push: | ||
| branches: [ main ] | ||
| pull_request: | ||
|
|
||
| jobs: | ||
| OpenVAS: | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| matrix: | ||
| # With the upcoming changes, we require both downwards and upwards compatibility between the OpenVAS C | ||
| # code and GVM-libs. This is because, even though we will be using semantic versioning, as long as | ||
| # OpenVAS and GVM-libs remain separate repositories, we want to be notified of every change. | ||
| gvm-libs-version: | ||
| - stable | ||
| - unstable | ||
| container: greenbone/gvm-libs:${{ matrix.gvm-libs-version }} | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - name: install dependencies | ||
| run: | | ||
| sh .github/install-openvas-dependencies.sh | ||
| - name: build | ||
| run: | | ||
| cmake -Bbuild -DCMAKE_C_COMPILER=/usr/share/clang/scan-build-14/libexec/ccc-analyzer | ||
| scan-build -o ~/scan-build-report cmake --build build | ||
| - name: Upload scan-build report | ||
| uses: actions/upload-artifact@v3 | ||
| with: | ||
| name: scan-build-report | ||
| path: ~/scan-build-report/ | ||
| retention-days: 7 | ||
| OpenVAS Daemon: | ||
| uses: ./.github/workflows/build-rust.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,107 @@ | ||
| name: "Linting" | ||
|
|
||
| on: | ||
| push: | ||
| branches: [ main] | ||
| pull_request: | ||
|
|
||
| jobs: | ||
| OpenVAS: | ||
| runs-on: ubuntu-latest | ||
| container: greenbone/gvm-libs:stable | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - name: install dependencies | ||
| run: | | ||
| sh .github/install-openvas-dependencies.sh | ||
| - name: Formatting | ||
| run: | | ||
| clang-format -i -style=file {src,misc,nasl}/*.{c,h} | ||
| git diff --exit-code | ||
| - name: unit-tests | ||
| run: | | ||
| cmake -Bbuild -DCMAKE_BUILD_TYPE=Release | ||
| CTEST_OUTPUT_ON_FAILURE=1 cmake --build build -- tests test | ||
| OpenVAS Daemon: | ||
| runs-on: ubuntu-latest | ||
| defaults: | ||
| run: | ||
| working-directory: rust | ||
| - uses: actions/checkout@v4 | ||
| - run: sudo apt update && sudo apt-get install -y libpcap-dev | ||
| - run: rustup update stable && rustup default stable || rustup default stable | ||
| - run: cargo install cargo-audit | ||
| - run: cargo install typos-cli | ||
| - name: unit-tests | ||
| run: cargo test --lib --tests --workspace | ||
| - run: cargo clippy -- -D warnings | ||
| - run: cargo audit | ||
| - run: typos | ||
| formatting: | ||
| runs-on: ubuntu-latest | ||
| defaults: | ||
| run: | ||
| working-directory: rust | ||
| strategy: | ||
| matrix: | ||
| crates: | ||
| # we verify each dir separately to make it easier to verify formatting issues or even ignore | ||
| # crates we deem not important for checking (e.g. feed-verifier) | ||
| - nasl-syntax | ||
| - storage | ||
| - nasl-interpreter | ||
| - redis-storage | ||
| - json-storage | ||
| - nasl-cli | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| rs-build-binaries: | ||
| uses: ./.github/workflows/build-rust.yml | ||
| verify-syntax: | ||
| runs-on: ubuntu-latest | ||
| needs: [rs-build-binaries] | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - run: FEED_DIR="feed/" sh .github/prepare-feed.sh | ||
| - uses: actions/download-artifact@v3 | ||
| with: | ||
| name: rs-binaries | ||
| path: assets | ||
| - run: mv assets/nasl-cli-x86_64-unknown-linux-gnu ./nasl-cli | ||
| - run: chmod +x ./nasl-cli | ||
| - name: verify syntax parsing | ||
| run: ./nasl-cli syntax --quiet feed/ | ||
| verify-feed-update: | ||
| runs-on: ubuntu-latest | ||
| needs: [rs-build-binaries] | ||
| container: | ||
| # maybe better to use builder, build openvas to have | ||
| # the version of this checkout rather than a dataed official one? | ||
| image: greenbone/openvas-scanner:unstable | ||
| options: --privileged | ||
| services: | ||
| redis: | ||
| image: redis | ||
| options: >- | ||
| --health-cmd "redis-cli ping" | ||
| --health-interval 10s | ||
| --health-timeout 5s | ||
| --health-retries 5 | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - run: apt-get update && apt-get install -y docker.io | ||
| - run: FEED_DIR="feed/" sh .github/prepare-feed.sh | ||
| - uses: actions/download-artifact@v3 | ||
| with: | ||
| name: rs-binaries | ||
| path: assets | ||
| - run: mv assets/nasl-cli-x86_64-unknown-linux-gnu ./nasl-cli | ||
| - run: mv assets/feed-verifier-x86_64-unknown-linux-gnu ./feed-verifier | ||
| - name: prepare setup | ||
| run: | | ||
| install -m 755 feed-verifier /usr/local/bin/ | ||
| install -m 755 nasl-cli /usr/local/bin/ | ||
| echo "db_address = tcp://redis:6379" >> /etc/openvas/openvas.conf | ||
| mv ./feed/* "$(openvas -s | grep plugins_folder | sed 's/plugins_folder = //')/" | ||
| - run: openvas -s | ||
| - run: feed-verifier || (cat /var/log/gvm/openvas.log && false) |
File renamed without changes.
Empty file.
Empty file.