Skip to content

Create PublishDocker.yml #1

Create PublishDocker.yml

Create PublishDocker.yml #1

Workflow file for this run

# This is a basic workflow to help you get started with Actions
name: Compile module
# Controls when the action will run. Triggers the workflow on push or pull request
# events but only for the master branch
on: [push, pull_request]
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "compile"
compile:
name: Compile on ${{ matrix.os }} for nginx ${{ matrix.nginx_version }}
runs-on: ${{ matrix.os }}
env:
module_version: 1.26
libcoraza_version: master
strategy:
matrix:
nginx_version: ['1.24.0']
# The type of runner that the job will run on
os: [ubuntu-22.04]
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: "Checkout repo"
uses: actions/checkout@v4
# Grab nginx source, from cache if possible, or from web
- name: Grab nginx-${{ matrix.nginx_version }} cache
uses: actions/cache@v3
id: cache-nginx
with:
path: nginx-${{ matrix.nginx_version }}
key: nginx-${{ matrix.nginx_version }}
- name: Download nginx
if: steps.cache-nginx.outputs.cache-hit != 'true'
run: |
cd ${{ github.workspace }}
wget https://nginx.org/download/nginx-${{ matrix.nginx_version }}.tar.gz
tar -xzvf nginx-${{ matrix.nginx_version }}.tar.gz
# Grab libcoraza
- name: Grab libcoraza-${{ env.libcoraza_version }} cache
uses: actions/cache@v3
id: cache-pcre
with:
path: libcoraza-${{ env.libcoraza_version }}
key: libcoraza-${{ env.libcoraza_version }}
- name: Download libcoraza
if: steps.cache-libcoraza.outputs.cache-hit != 'true'
run: |
cd ${{ github.workspace }}
wget https://github.com/corazawaf/libcoraza/archive/refs/heads/${{ env.libcoraza_version }}.zip
unzip -o ${{ env.libcoraza_version }}.zip
# Grab prebuilts from apt
- name: Install dependencies with apt
run: |
sudo add-apt-repository universe
sudo apt-get -qq update
sudo apt-get -y -qq \
--fix-missing --no-install-recommends install \
gcc make \
libxml2-dev \
libxslt-dev \
libgd-dev \
libgeoip-dev
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: ^1.21.x
- name: Configure environment
run: |
export LD_LIBRARY_PATH=/usr/local/lib
export LIBRARY_PATH=/usr/local/lib
export C_INCLUDE_PATH=/usr/local/include
# Build libcoraza
- name: Build libcoraza
run: |
cd libcoraza-${{ env.libcoraza_version }}
./build.sh
./configure
make
sudo make install
- name: Configure compilation of dynamic module
run: |
cd ${{ github.workspace }}/nginx-${{ matrix.nginx_version }}
./configure \
--with-compat \
--add-dynamic-module=${{ github.workspace }}/ \
--with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' \
--with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -fPIC' \
--prefix=/etc/nginx \
--sbin-path=/usr/sbin/nginx \
--conf-path=/etc/nginx/nginx.conf \
--http-log-path=/var/log/nginx/access.log \
--error-log-path=/var/log/nginx/error.log \
--lock-path=/var/lock/nginx.lock \
--pid-path=/run/nginx.pid \
--modules-path=/usr/lib/nginx/modules \
--http-client-body-temp-path=/var/cache/nginx/client_temp \
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
--with-debug \
--with-file-aio \
--with-threads \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_realip_module \
--with-http_auth_request_module \
--with-http_v2_module \
--with-http_dav_module \
--with-http_slice_module \
--with-threads \
--with-http_addition_module \
--with-http_geoip_module=dynamic \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_image_filter_module=dynamic \
--with-http_sub_module \
--with-http_xslt_module=dynamic \
--with-stream=dynamic
- name: Compile dynamic module and install nginx
run: |
cd ${{ github.workspace }}/nginx-${{ matrix.nginx_version }}
make modules
make
sudo make install
- name: Run tests
run: |
wget http://hg.nginx.org/nginx-tests/archive/tip.tar.gz
tar xzf tip.tar.gz
cd nginx-tests-*
cp ../t/* .
export TEST_NGINX_BINARY=/usr/sbin/nginx
export TEST_NGINX_GLOBALS="load_module \"/usr/lib/nginx/modules/ngx_http_coraza_module.so\";"
prove . -t coraza*.t
- name: Upload a Build Artifact
uses: actions/upload-artifact@v2
with:
# Artifact name
name: nginx-coraza-module-nginx-${{ matrix.nginx_version }}-${{ matrix.os }}
# A file, directory or wildcard pattern that describes what to upload
path: |
${{ github.workspace }}/nginx-${{ matrix.nginx_version }}/objs/ngx_http_coraza_module.so