--- # This workflow is actually running # tests (with localstack) but the # name is used for the badge in README.md name: Build on: push: branches: - master - releases/** paths-ignore: - 'README.md' pull_request: branches: - master - releases/** paths-ignore: - 'README.md' # these env variables are for localstack, so we can emulate aws services env: RICHGO_FORCE_COLOR: 1 AWS_HOST: localstack # these are to mimic aws config AWS_ACCESS_KEY_ID: test AWS_SECRET_ACCESS_KEY: test AWS_REGION: us-east-1 CROWDSEC_FEATURE_DISABLE_HTTP_RETRY_BACKOFF: true jobs: build: name: "Build + tests" runs-on: ubuntu-latest services: localstack: image: localstack/localstack:3.0 ports: - 4566:4566 # Localstack exposes all services on the same port env: DEBUG: "" LAMBDA_EXECUTOR: "" KINESIS_ERROR_PROBABILITY: "" DOCKER_HOST: unix:///var/run/docker.sock KINESIS_INITIALIZE_STREAMS: ${{ env.KINESIS_INITIALIZE_STREAMS }} LOCALSTACK_HOST: ${{ env.AWS_HOST }} # Required so that resource urls are provided properly # e.g sqs url will get localhost if we don't set this env to map our service options: >- --name=localstack --health-cmd="curl -sS 127.0.0.1:4566 || exit 1" --health-interval=10s --health-timeout=5s --health-retries=3 zoo1: image: confluentinc/cp-zookeeper:7.4.3 ports: - "2181:2181" env: ZOOKEEPER_CLIENT_PORT: 2181 ZOOKEEPER_SERVER_ID: 1 ZOOKEEPER_SERVERS: zoo1:2888:3888 options: >- --name=zoo1 --health-cmd "jps -l | grep zookeeper" --health-interval 10s --health-timeout 5s --health-retries 5 kafka1: image: crowdsecurity/kafka-ssl ports: - "9093:9093" - "9092:9092" - "9999:9999" env: KAFKA_ADVERTISED_LISTENERS: LISTENER_DOCKER_INTERNAL://127.0.0.1:19092,LISTENER_DOCKER_EXTERNAL://127.0.0.1:9092,LISTENER_DOCKER_EXTERNAL_SSL://127.0.0.1:9093 KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: LISTENER_DOCKER_INTERNAL:PLAINTEXT,LISTENER_DOCKER_EXTERNAL:PLAINTEXT,LISTENER_DOCKER_EXTERNAL_SSL:SSL KAFKA_INTER_BROKER_LISTENER_NAME: LISTENER_DOCKER_INTERNAL KAFKA_ZOOKEEPER_CONNECT: "zoo1:2181" KAFKA_BROKER_ID: 1 KAFKA_LOG4J_LOGGERS: "kafka.controller=INFO,kafka.producer.async.DefaultEventHandler=INFO,state.change.logger=INFO" KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1 KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: 1 KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: 1 KAFKA_JMX_PORT: 9999 KAFKA_JMX_HOSTNAME: "127.0.0.1" KAFKA_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer KAFKA_ALLOW_EVERYONE_IF_NO_ACL_FOUND: "true" KAFKA_SSL_KEYSTORE_FILENAME: kafka.kafka1.keystore.jks KAFKA_SSL_KEYSTORE_CREDENTIALS: kafka1_keystore_creds KAFKA_SSL_KEY_CREDENTIALS: kafka1_sslkey_creds KAFKA_SSL_TRUSTSTORE_FILENAME: kafka.kafka1.truststore.jks KAFKA_SSL_TRUSTSTORE_CREDENTIALS: kafka1_truststore_creds KAFKA_SSL_ENABLED_PROTOCOLS: TLSv1.2 KAFKA_SSL_PROTOCOL: TLSv1.2 KAFKA_SSL_CLIENT_AUTH: none KAFKA_AUTO_CREATE_TOPICS_ENABLE: "true" options: >- --name=kafka1 --health-cmd "kafka-broker-api-versions --version" --health-interval 10s --health-timeout 10s --health-retries 5 loki: image: grafana/loki:2.9.1 ports: - "3100:3100" options: >- --name=loki1 --health-cmd "wget -q -O - http://localhost:3100/ready | grep 'ready'" --health-interval 30s --health-timeout 10s --health-retries 5 --health-start-period 30s steps: - name: Check out CrowdSec repository uses: actions/checkout@v4 with: fetch-depth: 0 submodules: false - name: "Set up Go" uses: actions/setup-go@v5 with: go-version: "1.21.7" - name: Create localstack streams run: | aws --endpoint-url=http://127.0.0.1:4566 --region us-east-1 kinesis create-stream --stream-name stream-1-shard --shard-count 1 aws --endpoint-url=http://127.0.0.1:4566 --region us-east-1 kinesis create-stream --stream-name stream-2-shards --shard-count 2 - name: Build and run tests, static run: | sudo apt -qq -y -o=Dpkg::Use-Pty=0 install build-essential libre2-dev go install github.com/ory/go-acc@v0.2.8 go install github.com/kyoh86/richgo@v0.3.10 set -o pipefail make build BUILD_STATIC=1 make go-acc | sed 's/ *coverage:.*of statements in.*//' | richgo testfilter - name: Run tests again, dynamic run: | make clean build set -o pipefail make go-acc | sed 's/ *coverage:.*of statements in.*//' | richgo testfilter - name: Upload unit coverage to Codecov uses: codecov/codecov-action@v3 with: files: coverage.out flags: unit-linux - name: golangci-lint uses: golangci/golangci-lint-action@v3 with: version: v1.55 args: --issues-exit-code=1 --timeout 10m only-new-issues: false # the cache is already managed above, enabling it here # gives errors when extracting skip-pkg-cache: true skip-build-cache: true