From fc71e3f9304ed51f3fd7ca544f38a30a590c8ba5 Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Tue, 13 Apr 2021 09:15:12 +0200 Subject: migrate travis ci to github actions --- .github/NPTest.cache | 54 +++++++++++++++++++++++++ .github/prepare_debian.sh | 99 ++++++++++++++++++++++++++++++++++++++++++++++ .github/workflows/test.yml | 77 ++++++++++++++++++++++++++++++++++++ 3 files changed, 230 insertions(+) create mode 100644 .github/NPTest.cache create mode 100755 .github/prepare_debian.sh create mode 100644 .github/workflows/test.yml (limited to '.github') diff --git a/.github/NPTest.cache b/.github/NPTest.cache new file mode 100644 index 00000000..232305a7 --- /dev/null +++ b/.github/NPTest.cache @@ -0,0 +1,54 @@ +{ + 'NP_ALLOW_SUDO' => 'yes', + 'NP_DNS_SERVER' => '8.8.8.8', + 'NP_GOOD_NTP_SERVICE' => '', + 'NP_HOST_DHCP_RESPONSIVE' => '', + 'NP_HOST_HPJD_PORT_INVALID' => '161', + 'NP_HOST_HPJD_PORT_VALID' => '', + 'NP_HOSTNAME_INVALID_CIDR' => '130.133.8.39/30', + 'NP_HOSTNAME_INVALID' => 'nosuchhost', + 'NP_HOSTNAME_VALID_CIDR' => '130.133.8.41/30', + 'NP_HOSTNAME_VALID_IP' => '130.133.8.40', + 'NP_HOSTNAME_VALID' => 'monitoring-plugins.org', + 'NP_HOSTNAME_VALID_REVERSE' => 'orwell.monitoring-plugins.org.', + 'NP_HOST_NONRESPONSIVE' => '192.168.1.2', + 'NP_HOST_RESPONSIVE' => 'localhost', + 'NP_HOST_SMB' => '', + 'NP_HOST_SNMP' => '', + 'NP_HOST_TCP_FTP' => '', + 'NP_HOST_TCP_HPJD' => '', + 'NP_HOST_TCP_HTTP2' => 'test.monitoring-plugins.org', + 'NP_HOST_TCP_HTTP' => 'localhost', + 'NP_HOST_TCP_IMAP' => 'imap.web.de', + 'NP_HOST_TCP_JABBER' => 'jabber.org', + 'NP_HOST_TCP_LDAP' => 'localhost', + 'NP_HOST_TCP_POP' => 'pop.web.de', + 'NP_HOST_TCP_PROXY' => 'localhost', + 'NP_HOST_TCP_SMTP' => 'localhost', + 'NP_HOST_TCP_SMTP_NOTLS' => '', + 'NP_HOST_TCP_SMTP_TLS' => '', + 'NP_HOST_TLS_CERT' => 'localhost', + 'NP_HOST_TLS_HTTP' => 'localhost', + 'NP_HOST_UDP_TIME' => 'none', + 'NP_INTERNET_ACCESS' => 'yes', + 'NP_LDAP_BASE_DN' => 'dc=nodomain', + 'NP_MOUNTPOINT2_VALID' => '/media/ramdisk1', + 'NP_MOUNTPOINT_VALID' => '/', + 'NP_MYSQL_LOGIN_DETAILS' => '-u root -d test', + 'NP_MYSQL_SERVER' => 'localhost', + 'NP_MYSQL_SOCKET' => '/var/run/mysqld/mysqld.sock', + 'NP_MYSQL_WITH_SLAVE' => '', + 'NP_MYSQL_WITH_SLAVE_LOGIN' => '', + 'NP_NO_NTP_SERVICE' => 'localhost', + 'NP_PORT_TCP_PROXY' => '3128', + 'NP_SMB_SHARE' => '', + 'NP_SMB_SHARE_DENY' => '', + 'NP_SMB_SHARE_SPC' => '', + 'NP_SMB_VALID_USER' => '', + 'NP_SMB_VALID_USER_PASS' => '', + 'NP_SNMP_COMMUNITY' => '', + 'NP_SNMP_USER' => '', + 'NP_SSH_CONFIGFILE' => '~/.ssh/config', + 'NP_SSH_HOST' => 'localhost', + 'NP_SSH_IDENTITY' => '~/.ssh/id_rsa' +} diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh new file mode 100755 index 00000000..40053206 --- /dev/null +++ b/.github/prepare_debian.sh @@ -0,0 +1,99 @@ +#!/bin/bash + +set -x +set -e + +export DEBIAN_FRONTEND=noninteractive + +apt-get update +apt-get -y install software-properties-common +if [ $(lsb_release -is) = "Debian" ]; then + apt-add-repository non-free + apt-get update +fi +apt-get -y install perl autotools-dev libdbi-dev libldap2-dev libpq-dev libradcli-dev libnet-snmp-perl procps +apt-get -y install libdbi0-dev libdbd-sqlite3 libssl-dev dnsutils snmp-mibs-downloader libsnmp-perl snmpd +apt-get -y install fping snmp netcat smbclient vsftpd apache2 ssl-cert postfix libhttp-daemon-ssl-perl +apt-get -y install libdbd-sybase-perl libnet-dns-perl +apt-get -y install slapd ldap-utils +apt-get -y install gcc make autoconf automake gettext +apt-get -y install faketime +apt-get -y install libmonitoring-plugin-perl +apt-get -y install libcurl4-openssl-dev +apt-get -y install liburiparser-dev +apt-get -y install squid +apt-get -y install openssh-server +apt-get -y install mariadb-server mariadb-client libmariadb-dev +apt-get -y install cron iputils-ping +apt-get -y install iproute2 + +# remove ipv6 interface from hosts +if [ $(ip addr show | grep "inet6 ::1" | wc -l) -eq "0" ]; then + sed '/^::1/d' /etc/hosts > /tmp/hosts + cp -f /tmp/hosts /etc/hosts +fi + +ip addr show + +cat /etc/hosts + + +# apache +a2enmod ssl +a2ensite default-ssl +make-ssl-cert generate-default-snakeoil --force-overwrite +service apache2 start + +# squid +cp tools/squid.conf /etc/squid/squid.conf +service squid start + +# mariadb +service mariadb start +mysql -e "create database IF NOT EXISTS test;" -uroot + +# ldap +sed -e 's/cn=admin,dc=nodomain/'$(/usr/sbin/slapcat|grep ^dn:|awk '{print $2}')'/' -i .github/NPTest.cache +service slapd start + +# sshd +ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa +cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys +service ssh start +sleep 1 +ssh-keyscan localhost >> ~/.ssh/known_hosts +touch ~/.ssh/config + +# start one login session, required for check_users +( ssh -n -tt root@localhost "top" < /dev/null >/dev/null 2>&1 & ) +sleep 1 +who +ssh root@localhost "top -b -n 1" + +# snmpd +for DIR in /usr/share/snmp/mibs /usr/share/mibs; do + rm -f $DIR/ietf/SNMPv2-PDU \ + $DIR/ietf/IPSEC-SPD-MIB \ + $DIR/ietf/IPATM-IPMC-MIB \ + $DIR/iana/IANA-IPPM-METRICS-REGISTRY-MIB +done +mkdir -p /var/lib/snmp/mib_indexes +sed -e 's/^agentaddress.*/agentaddress 127.0.0.1/' -i /etc/snmp/snmpd.conf +service snmpd start + +# start cron, will be used by check_nagios +cron + +# start postfix +service postfix start + +# start ftpd +service vsftpd start + +# hostname +sed "/NP_HOST_TLS_CERT/s/.*/'NP_HOST_TLS_CERT' => '$(hostname)',/" -i /src/.github/NPTest.cache + +# create some test files to lower inodes +for i in $(seq 10); do + touch /media/ramdisk2/test.$1 +done diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 00000000..4c3497d0 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,77 @@ +name: Test + +on: + push: + branches: + - '*' + pull_request: + +jobs: +# macos: +# name: Running tests on ${{ matrix.os }} +# strategy: +# fail-fast: false +# matrix: +# os: +# - macos-10.15 +# runs-on: ${{ matrix.os }} +# steps: +# +# - name: Git clone repository +# uses: actions/checkout@v2 +# #- name: Setup tmate session, see https://github.com/marketplace/actions/debugging-with-tmate +# # uses: mxschmitt/action-tmate@v3 +# - name: Prepare machine +# run: | +# brew install automake +# - name: Run the tests +# run: | +# tools/setup \ +# && ./configure --enable-libtap \ +# && make \ +# && make test + + linux: + runs-on: ubuntu-latest + name: Running tests on ${{ matrix.distro }} + strategy: + fail-fast: false + matrix: + distro: + #- 'debian:10' + - 'debian:testing' + #- 'ubuntu:20.10' + #- 'centos:7' + #- 'centos:8' + include: + #- distro: 'debian:10' + # prepare: .github/prepare_debian.sh + - distro: 'debian:testing' + prepare: .github/prepare_debian.sh + #- distro: 'ubuntu:20.10' + # prepare: .github/prepare_debian.sh + #- distro: 'centos:7' + # prepare: .github/prepare_centos.sh + #- distro: 'centos:8' + # prepare: .github/prepare_centos.sh + steps: + - name: Git clone repository + uses: actions/checkout@v2 + #- name: Setup tmate session, see https://github.com/marketplace/actions/debugging-with-tmate + # uses: mxschmitt/action-tmate@v3 + - name: Run the tests on ${{ matrix.distro }} + run: | + docker volume create --driver local --opt type=tmpfs --opt device=tmpfs --opt o=size=100m,uid=1000 tmp-vol + docker run \ + -e NPTEST_ACCEPTDEFAULT=1 \ + -e NPTEST_CACHE="/src/.github/NPTest.cache" \ + -w /src -v ${PWD}:/src \ + --tmpfs /media/ramdisk1 \ + --mount source=tmp-vol,destination=/src,target=/media/ramdisk2 \ + ${{ matrix.distro }} \ + /bin/sh -c '${{ matrix.prepare }} && \ + tools/setup && \ + ./configure --enable-libtap && \ + make && \ + make test' + docker volume rm tmp-vol -- cgit v1.2.3-74-g34f1 From 40e171b7cdb2262398728aa9b84e747a856d9c1f Mon Sep 17 00:00:00 2001 From: Jacob Hansen Date: Fri, 30 Apr 2021 09:38:19 +0200 Subject: Attempt to fix check_users Signed-off-by: Jacob Hansen --- .github/prepare_debian.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to '.github') diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh index 40053206..3693accf 100755 --- a/.github/prepare_debian.sh +++ b/.github/prepare_debian.sh @@ -65,10 +65,12 @@ ssh-keyscan localhost >> ~/.ssh/known_hosts touch ~/.ssh/config # start one login session, required for check_users -( ssh -n -tt root@localhost "top" < /dev/null >/dev/null 2>&1 & ) -sleep 1 -who -ssh root@localhost "top -b -n 1" +#( ssh -n -tt root@localhost "top" < /dev/null >/dev/null 2>&1 & ) +ssh -tt localhost /dev/null 2>/dev/null & +disown %1 +#sleep 1 +#who +#ssh root@localhost "top -b -n 1" # snmpd for DIR in /usr/share/snmp/mibs /usr/share/mibs; do -- cgit v1.2.3-74-g34f1 From de9f85c916db4515bd81f2a000d7fb57f8e0f46a Mon Sep 17 00:00:00 2001 From: Jacob Hansen Date: Fri, 30 Apr 2021 12:33:52 +0200 Subject: Use openssl generated cert The SSL certificate generate using make-ssl-cert seems to not work well with a our plugins. Causing a "CN could not be found" error to be shown. Using an OpenSSL generated certifiticate, seems to work better. Signed-off-by: Jacob Hansen --- .github/prepare_debian.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to '.github') diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh index 3693accf..a74f3464 100755 --- a/.github/prepare_debian.sh +++ b/.github/prepare_debian.sh @@ -41,8 +41,12 @@ cat /etc/hosts # apache a2enmod ssl a2ensite default-ssl -make-ssl-cert generate-default-snakeoil --force-overwrite -service apache2 start +# replace snakeoil certs with openssl generated ones as the make-ssl-cert ones +# seems to cause problems with our plugins +rm /etc/ssl/certs/ssl-cert-snakeoil.pem +rm /etc/ssl/private/ssl-cert-snakeoil.key +openssl req -nodes -newkey rsa:2048 -x509 -sha256 -days 365 -nodes -keyout /etc/ssl/private/ssl-cert-snakeoil.key -out /etc/ssl/certs/ssl-cert-snakeoil.pem -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=$(hostname)" +service apache2 restart # squid cp tools/squid.conf /etc/squid/squid.conf -- cgit v1.2.3-74-g34f1 From 227369bb3bec2a44ebece952a9085bfb032a7a0e Mon Sep 17 00:00:00 2001 From: Jacob Hansen Date: Wed, 19 May 2021 13:12:29 +0200 Subject: Disable IPv6 in tests Docker doesn't seem to have a working IPv6 stack by default. For now disable IPv6 tests. Signed-off-by: Jacob Hansen --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '.github') diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 4c3497d0..06cc4419 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -71,7 +71,7 @@ jobs: ${{ matrix.distro }} \ /bin/sh -c '${{ matrix.prepare }} && \ tools/setup && \ - ./configure --enable-libtap && \ + ./configure --enable-libtap --with-ipv6=no && \ make && \ make test' docker volume rm tmp-vol -- cgit v1.2.3-74-g34f1 From 226469f970568340d27d90499199823b67b9e3dc Mon Sep 17 00:00:00 2001 From: Jacob Hansen Date: Wed, 19 May 2021 13:59:52 +0200 Subject: Prune container and volumes Rather than manully removing the tmpfs volume. Signed-off-by: Jacob Hansen --- .github/workflows/test.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to '.github') diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 06cc4419..3e467957 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -74,4 +74,5 @@ jobs: ./configure --enable-libtap --with-ipv6=no && \ make && \ make test' - docker volume rm tmp-vol + docker container prune -f + docker volume prune -f -- cgit v1.2.3-74-g34f1 From 6344d29143bfd80d511e6c2d4bd39b9f58e03f14 Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Thu, 20 May 2021 17:49:46 +0200 Subject: remove useless comments Signed-off-by: Sven Nierlein --- .github/prepare_debian.sh | 4 ---- .github/workflows/test.yml | 38 +++----------------------------------- 2 files changed, 3 insertions(+), 39 deletions(-) (limited to '.github') diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh index a74f3464..c68b9f5d 100755 --- a/.github/prepare_debian.sh +++ b/.github/prepare_debian.sh @@ -69,12 +69,8 @@ ssh-keyscan localhost >> ~/.ssh/known_hosts touch ~/.ssh/config # start one login session, required for check_users -#( ssh -n -tt root@localhost "top" < /dev/null >/dev/null 2>&1 & ) ssh -tt localhost /dev/null 2>/dev/null & disown %1 -#sleep 1 -#who -#ssh root@localhost "top -b -n 1" # snmpd for DIR in /usr/share/snmp/mibs /usr/share/mibs; do diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3e467957..512d28e6 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -8,29 +8,7 @@ on: jobs: # macos: -# name: Running tests on ${{ matrix.os }} -# strategy: -# fail-fast: false -# matrix: -# os: -# - macos-10.15 -# runs-on: ${{ matrix.os }} -# steps: -# -# - name: Git clone repository -# uses: actions/checkout@v2 -# #- name: Setup tmate session, see https://github.com/marketplace/actions/debugging-with-tmate -# # uses: mxschmitt/action-tmate@v3 -# - name: Prepare machine -# run: | -# brew install automake -# - name: Run the tests -# run: | -# tools/setup \ -# && ./configure --enable-libtap \ -# && make \ -# && make test - +# ... linux: runs-on: ubuntu-latest name: Running tests on ${{ matrix.distro }} @@ -38,22 +16,12 @@ jobs: fail-fast: false matrix: distro: - #- 'debian:10' - 'debian:testing' - #- 'ubuntu:20.10' - #- 'centos:7' - #- 'centos:8' + #... include: - #- distro: 'debian:10' - # prepare: .github/prepare_debian.sh - distro: 'debian:testing' prepare: .github/prepare_debian.sh - #- distro: 'ubuntu:20.10' - # prepare: .github/prepare_debian.sh - #- distro: 'centos:7' - # prepare: .github/prepare_centos.sh - #- distro: 'centos:8' - # prepare: .github/prepare_centos.sh + #... steps: - name: Git clone repository uses: actions/checkout@v2 -- cgit v1.2.3-74-g34f1