github-actions: bump actions/checkout from 2 to 4 #5

Workflow file for this run

	name: builds

	on:
	- push
	- pull_request

	permissions: read-all

	env:
	DEFAULT_LIBHTP_REPO: https://github.com/OISF/libhtp
	DEFAULT_LIBHTP_BRANCH: 0.5.x
	DEFAULT_LIBHTP_PR:

	DEFAULT_SU_REPO: https://github.com/OISF/suricata-update
	DEFAULT_SU_BRANCH: master
	DEFAULT_SU_PR:

	DEFAULT_SV_REPO: https://github.com/OISF/suricata-verify
	DEFAULT_SV_BRANCH: master
	DEFAULT_SV_PR:

	DEFAULT_CFLAGS: "-Wall -Wextra -Werror -Wno-unused-parameter -Wno-unused-function"

	# Apt sometimes likes to ask for user input, this will prevent that.
	DEBIAN_FRONTEND: "noninteractive"

	# A recent version of stable Rust that is known to pass build, test and other
	# verification steps in this workflow. This was added because using "stable"
	# could cause some steps to fail.
	RUST_VERSION_KNOWN: "1.58.1"

	# The minimum version of Rust supported.
	RUST_VERSION_MIN: "1.48"

	jobs:

	prepare-deps:
	name: Prepare dependencies
	runs-on: ubuntu-latest
	steps:
	- name: Cache ~/.cargo
	uses: actions/cache@f4278025ab0f432ce369118909e46deec636f50c
	with:
	path: ~/.cargo
	key: cargo
	- run: sudo apt update && sudo apt -y install jq curl
	- name: Parse repo and branch information
	env:
	# We fetch the actual pull request to get the latest body as
	# github.event.pull_request.body has the body from the
	# initial pull request.
	PR_HREF: ${{ github.event.pull_request._links.self.href }}
	run: \|
	if test "${PR_HREF}"; then
	body=$(curl -s "${PR_HREF}" \| jq -r .body \| tr -d '\r')

	libhtp_repo=$(echo "${body}" \| awk '/^libhtp-repo/ { print $2 }')
	libhtp_branch=$(echo "${body}" \| awk '/^libhtp-branch/ { print $2 }')
	libhtp_pr=$(echo "${body}" \| awk '/^libhtp-pr/ { print $2 }')

	su_repo=$(echo "${body}" \| awk '/^suricata-update-repo/ { print $2 }')
	su_branch=$(echo "${body}" \| awk '/^suricata-update-branch/ { print $2 }')
	su_pr=$(echo "${body}" \| awk '/^suricata-update-pr/ { print $2 }')

	sv_repo=$(echo "${body}" \| awk '/^suricata-verify-repo/ { print $2 }')
	sv_branch=$(echo "${body}" \| awk '/^suricata-verify-branch/ { print $2 }')
	sv_pr=$(echo "${body}" \| awk '/^suricata-verify-pr/ { print $2 }')
	fi
	echo "libhtp_repo=${libhtp_repo:-${DEFAULT_LIBHTP_REPO}}" >> $GITHUB_ENV
	echo "libhtp_branch=${libhtp_branch:-${DEFAULT_LIBHTP_BRANCH}}" >> $GITHUB_ENV
	echo "libhtp_pr=${libhtp_pr:-${DEFAULT_LIBHTP_PR}}" >> $GITHUB_ENV

	echo "su_repo=${su_repo:-${DEFAULT_SU_REPO}}" >> $GITHUB_ENV
	echo "su_branch=${su_branch:-${DEFAULT_SU_BRANCH}}" >> $GITHUB_ENV
	echo "su_pr=${su_pr:-${DEFAULT_SU_PR}}" >> $GITHUB_ENV

	echo "sv_repo=${sv_repo:-${DEFAULT_SV_REPO}}" >> $GITHUB_ENV
	echo "sv_branch=${sv_branch:-${DEFAULT_SV_BRANCH}}" >> $GITHUB_ENV
	echo "sv_pr=${sv_pr:-${DEFAULT_SV_PR}}" >> $GITHUB_ENV
	- name: Fetching libhtp
	run: \|
	git clone --depth 1 ${libhtp_repo} -b ${libhtp_branch} libhtp
	if [[ "${libhtp_pr}" != "" ]]; then
	cd libhtp
	git fetch origin pull/${libhtp_pr}/head:prep
	git checkout prep
	cd ..
	fi
	tar zcf libhtp.tar.gz libhtp
	- name: Fetching suricata-update
	run: \|
	git clone --depth 1 ${su_repo} -b ${su_branch} suricata-update
	if [[ "${su_pr}" != "" ]]; then
	cd suricata-update
	git fetch origin pull/${su_pr}/head:prep
	git checkout prep
	cd ..
	fi
	tar zcf suricata-update.tar.gz suricata-update
	- name: Fetching suricata-verify
	run: \|
	git clone ${sv_repo} -b ${sv_branch} suricata-verify
	if [[ "${sv_pr}" != "" ]]; then
	cd suricata-verify
	git fetch origin pull/${sv_pr}/head:prep
	git checkout prep
	git config --global user.email you@example.com
	git config --global user.name You
	git rebase ${DEFAULT_SV_BRANCH}
	cd ..
	fi
	tar zcf suricata-verify.tar.gz suricata-verify
	- name: Cleaning up
	run: rm -rf libhtp suricata-update suricata-verify
	- name: Uploading prep archive
	uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8
	with:
	name: prep
	path: .

	prepare-cbindgen:
	name: Prepare cbindgen
	runs-on: ubuntu-latest
	steps:
	- name: Cache ~/.cargo
	uses: actions/cache@f4278025ab0f432ce369118909e46deec636f50c
	with:
	path: ~/.cargo
	key: cbindgen
	- name: Installing Rust
	run: \|
	curl https://sh.rustup.rs -sSf \| sh -s -- -y
	echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	rustup target add x86_64-unknown-linux-musl
	- name: Buliding static cbindgen for Linux
	run: \|
	cargo install --target x86_64-unknown-linux-musl --debug cbindgen
	cp $HOME/.cargo/bin/cbindgen .
	- name: Uploading prep archive
	uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8
	with:
	name: prep
	path: .

	almalinux-9:
	name: AlmaLinux 9
	runs-on: ubuntu-latest
	container: almalinux:9
	needs: [prepare-deps, prepare-cbindgen]
	steps:
	# Cache Rust stuff.
	- name: Cache cargo registry
	uses: actions/cache@0865c47f36e68161719c5b124609996bb5c40129
	with:
	path: ~/.cargo/registry
	key: cargo-registry

	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac

	# Download and extract dependency archives created during prep
	# job.
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xvf prep/libhtp.tar.gz
	- run: tar xvf prep/suricata-update.tar.gz
	- run: tar xvf prep/suricata-verify.tar.gz
	- name: Setup cbindgen
	run: \|
	mkdir -p $HOME/.cargo/bin
	cp prep/cbindgen $HOME/.cargo/bin
	chmod 755 $HOME/.cargo/bin/cbindgen
	echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- name: Install system packages
	run: \|
	dnf -y install dnf-plugins-core
	dnf config-manager --set-enabled crb
	dnf -y install \
	autoconf \
	automake \
	cargo-vendor \
	diffutils \
	numactl-devel \
	dpdk-devel \
	file-devel \
	gcc \
	gcc-c++ \
	git \
	jansson-devel \
	jq \
	lua-devel \
	libtool \
	libyaml-devel \
	libnfnetlink-devel \
	libnetfilter_queue-devel \
	libnet-devel \
	libcap-ng-devel \
	libevent-devel \
	libmaxminddb-devel \
	libpcap-devel \
	libtool \
	lz4-devel \
	make \
	nss-devel \
	pcre2-devel \
	pkgconfig \
	python3-devel \
	python3-sphinx \
	python3-yaml \
	rust-toolset \
	sudo \
	which \
	zlib-devel
	# These packages required to build the PDF.
	dnf -y install \
	texlive-latex \
	texlive-cmap \
	texlive-collection-latexrecommended \
	texlive-fncychap \
	texlive-titlesec \
	texlive-tabulary \
	texlive-framed \
	texlive-wrapfig \
	texlive-upquote \
	texlive-capt-of \
	texlive-needspace
	- name: Setup cppclean
	run: \|
	git clone --depth 1 --branch suricata https://github.com/catenacyber/cppclean
	cd cppclean
	python3 setup.py install
	- name: Configuring
	run: \|
	./autogen.sh
	CFLAGS="${DEFAULT_CFLAGS}" ./configure
	- run: make -j2 distcheck
	env:
	DISTCHECK_CONFIGURE_FLAGS: "--enable-unittests --enable-debug --enable-lua --enable-geoip --enable-profiling --enable-profiling-locks --enable-dpdk"
	- run: test -e doc/userguide/suricata.1
	- name: Checking includes
	run: \|
	cppclean src/*.h \| grep "does not need to be #included" \| python3 scripts/cppclean_check.py
	- name: Building Rust documentation
	run: make doc
	working-directory: rust
	- run: make install
	- run: suricatasc -h
	- run: suricata-update -V

	# This build also creates the distribution package that some other builds
	# depend on.
	alma-8:
	name: AlmaLinux 8
	runs-on: ubuntu-latest
	container: almalinux:8.4
	needs: [prepare-deps, prepare-cbindgen]
	steps:
	# Cache Rust stuff.
	- name: Cache cargo registry
	uses: actions/cache@f4278025ab0f432ce369118909e46deec636f50c
	with:
	path: ~/.cargo/registry
	key: cargo-registry

	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac

	# Prebuild check for duplicat SIDs
	- name: Check for duplicate SIDs
	run: \|
	dups=$(sed -n 's/^alert.sid:$[[:digit:]]$;./\1/p' ./rules/.rules\|sort\|uniq -d\|tr '\n' ' ')
	if [[ "${dups}" != "" ]]; then
	echo "::error::Duplicate SIDs found:${dups}"
	exit 1
	fi

	# Download and extract dependency archives created during prep
	# job.
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xvf prep/libhtp.tar.gz
	- run: tar xvf prep/suricata-update.tar.gz
	- run: tar xvf prep/suricata-verify.tar.gz
	- name: Setup cbindgen
	run: \|
	mkdir -p $HOME/.cargo/bin
	cp prep/cbindgen $HOME/.cargo/bin
	chmod 755 $HOME/.cargo/bin/cbindgen
	echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- name: Install system packages
	run: \|
	yum -y install dnf-plugins-core
	yum config-manager --set-enabled powertools
	yum -y install \
	autoconf \
	automake \
	cargo-vendor \
	diffutils \
	numactl-devel \
	dpdk-devel \
	file-devel \
	gcc \
	gcc-c++ \
	git \
	jansson-devel \
	jq \
	lua-devel \
	libtool \
	libyaml-devel \
	libnfnetlink-devel \
	libnetfilter_queue-devel \
	libnet-devel \
	libcap-ng-devel \
	libevent-devel \
	libmaxminddb-devel \
	libpcap-devel \
	libtool \
	lz4-devel \
	make \
	nss-devel \
	pcre2-devel \
	pkgconfig \
	python3-devel \
	python3-sphinx \
	python3-yaml \
	rust-toolset \
	sudo \
	which \
	zlib-devel
	# These packages required to build the PDF.
	yum -y install \
	texlive-latex \
	texlive-cmap \
	texlive-collection-latexrecommended \
	texlive-fncychap \
	texlive-titlesec \
	texlive-tabulary \
	texlive-framed \
	texlive-wrapfig \
	texlive-upquote \
	texlive-capt-of \
	texlive-needspace
	- name: Setup cppclean
	run: \|
	git clone --depth 1 --branch suricata https://github.com/catenacyber/cppclean
	cd cppclean
	python3 setup.py install
	- name: Configuring
	run: \|
	./autogen.sh
	CFLAGS="${DEFAULT_CFLAGS}" ./configure
	- run: make -j2 distcheck
	env:
	DISTCHECK_CONFIGURE_FLAGS: "--enable-unittests --enable-debug --enable-lua --enable-geoip --enable-profiling --enable-profiling-locks --enable-dpdk"
	- run: test -e doc/userguide/suricata.1
	- name: Checking includes
	run: \|
	cppclean src/*.h \| grep "does not need to be #included" \| python3 scripts/cppclean_check.py
	- name: Building Rust documentation
	run: make doc
	working-directory: rust
	- run: make install
	- run: suricatasc -h
	- run: suricata-update -V
	- name: Preparing distribution
	run: \|
	mkdir dist
	mv suricata-*.tar.gz dist
	- uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8
	name: Uploading distribution
	with:
	name: dist
	path: dist

	centos-7:
	name: CentOS 7
	runs-on: ubuntu-latest
	container: centos:7
	needs: [prepare-deps, alma-8]
	steps:
	- name: Install system dependencies
	run: \|
	yum -y install epel-release
	yum -y install \
	autoconf \
	automake \
	cargo \
	diffutils \
	file-devel \
	gcc \
	gcc-c++ \
	jansson-devel \
	jq \
	lua-devel \
	libtool \
	libyaml-devel \
	libnfnetlink-devel \
	libnetfilter_queue-devel \
	libnet-devel \
	libcap-ng-devel \
	libevent-devel \
	libmaxminddb-devel \
	libpcap-devel \
	lz4-devel \
	make \
	nss-devel \
	pcre2-devel \
	pkgconfig \
	python36-PyYAML \
	rust \
	sudo \
	which \
	zlib-devel
	- name: Download suricata.tar.gz
	uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: dist
	- run: tar zxvf suricata-*.tar.gz --strip-components=1
	# This isn't really needed as we are building from a prepared
	# package, but some package managers like RPM and Debian like to
	# run this command even on prepared packages, so make sure it
	# works.
	- name: Test autoreconf
	run: autoreconf -fv --install
	- run: CFLAGS="${DEFAULT_CFLAGS}" ./configure
	- run: make -j2
	- run: make install
	- run: make install-conf
	- run: make distcheck
	- run: make clean
	- run: make -j2
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xf prep/suricata-verify.tar.gz
	- run: python3 ./suricata-verify/run.py -q
	- run: suricata-update -V
	- run: suricatasc -h

	fedora-36:
	name: Fedora 36 (debug, clang, asan, wshadow, rust-strict)
	runs-on: ubuntu-latest
	container: fedora:36
	needs: [prepare-deps, prepare-cbindgen]
	steps:

	# Cache Rust stuff.
	- name: Cache cargo registry
	uses: actions/cache@f4278025ab0f432ce369118909e46deec636f50c
	with:
	path: ~/.cargo/registry
	key: cargo-registry

	- run: \|
	dnf -y install \
	autoconf \
	automake \
	cargo \
	ccache \
	clang \
	diffutils \
	file-devel \
	gcc \
	gcc-c++ \
	git \
	hiredis-devel \
	jansson-devel \
	jq \
	lua-devel \
	libasan \
	libtool \
	libyaml-devel \
	libnfnetlink-devel \
	libnetfilter_queue-devel \
	libnet-devel \
	libcap-ng-devel \
	libevent-devel \
	libmaxminddb-devel \
	libpcap-devel \
	libtool \
	lz4-devel \
	make \
	nss-softokn-devel \
	pcre2-devel \
	pkgconfig \
	python3-yaml \
	sudo \
	which \
	zlib-devel
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xf prep/libhtp.tar.gz
	- run: tar xf prep/suricata-update.tar.gz
	- name: Setup cbindgen
	run: \|
	mkdir -p $HOME/.cargo/bin
	cp prep/cbindgen $HOME/.cargo/bin
	chmod 755 $HOME/.cargo/bin/cbindgen
	echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- run: ./autogen.sh
	- run: CC="clang" CFLAGS="$DEFAULT_CFLAGS -Wshadow -fsanitize=address -fno-omit-frame-pointer" ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis --enable-nfqueue
	env:
	LDFLAGS: "-fsanitize=address"
	ac_cv_func_realloc_0_nonnull: "yes"
	ac_cv_func_malloc_0_nonnull: "yes"
	- run: make -j2
	- run: ASAN_OPTIONS="detect_leaks=0" ./src/suricata -u -l .
	- name: Extracting suricata-verify
	run: tar xf prep/suricata-verify.tar.gz
	- name: Running suricata-verify
	run: python3 ./suricata-verify/run.py -q
	# Now install and make sure headers and libraries aren't install
	# until requested.
	- run: make install
	- run: test ! -e /usr/local/lib/libsuricata_c.a
	- run: test ! -e /usr/local/include/suricata
	- run: make install-headers
	- run: test -e /usr/local/include/suricata/suricata.h
	- run: make install-library
	- run: test -e /usr/local/lib/libsuricata_c.a
	- run: test -e /usr/local/lib/libsuricata_rust.a
	- run: test -e /usr/local/bin/libsuricata-config
	- run: test ! -e /usr/local/lib/libsuricata.so
	- run: make install
	- run: suricata-update -V
	- run: suricatasc -h

	fedora-35:
	name: Fedora 35 (debug, clang, asan, wshadow, rust-strict)
	runs-on: ubuntu-latest
	container: fedora:35
	needs: [prepare-deps, prepare-cbindgen]
	steps:

	# Cache Rust stuff.
	- name: Cache cargo registry
	uses: actions/cache@f4278025ab0f432ce369118909e46deec636f50c
	with:
	path: ~/.cargo/registry
	key: cargo-registry

	- run: \|
	dnf -y install \
	autoconf \
	automake \
	cargo \
	ccache \
	clang \
	diffutils \
	file-devel \
	gcc \
	gcc-c++ \
	git \
	hiredis-devel \
	jansson-devel \
	jq \
	lua-devel \
	libasan \
	libtool \
	libyaml-devel \
	libnfnetlink-devel \
	libnetfilter_queue-devel \
	libnet-devel \
	libcap-ng-devel \
	libevent-devel \
	libmaxminddb-devel \
	libpcap-devel \
	libtool \
	lz4-devel \
	make \
	nss-softokn-devel \
	pcre2-devel \
	pkgconfig \
	python3-yaml \
	sudo \
	which \
	zlib-devel
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xf prep/libhtp.tar.gz
	- run: tar xf prep/suricata-update.tar.gz
	- name: Setup cbindgen
	run: \|
	mkdir -p $HOME/.cargo/bin
	cp prep/cbindgen $HOME/.cargo/bin
	chmod 755 $HOME/.cargo/bin/cbindgen
	echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- run: ./autogen.sh
	- run: CC="clang" CFLAGS="$DEFAULT_CFLAGS -Wshadow -fsanitize=address -fno-omit-frame-pointer -Wimplicit-int-float-conversion" ./configure --enable-debug --enable-unittests --disable-shared --enable-rust-strict --enable-hiredis
	env:
	LDFLAGS: "-fsanitize=address"
	ac_cv_func_realloc_0_nonnull: "yes"
	ac_cv_func_malloc_0_nonnull: "yes"
	- run: make -j2
	- run: ASAN_OPTIONS="detect_leaks=0" ./src/suricata -u -l .
	- name: Extracting suricata-verify
	run: tar xf prep/suricata-verify.tar.gz
	- name: Running suricata-verify
	run: python3 ./suricata-verify/run.py -q
	# Now install and make sure headers and libraries aren't install
	# until requested.
	- run: make install
	- run: test ! -e /usr/local/lib/libsuricata_c.a
	- run: test ! -e /usr/local/include/suricata
	- run: make install-headers
	- run: test -e /usr/local/include/suricata/suricata.h
	- run: make install-library
	- run: test -e /usr/local/lib/libsuricata_c.a
	- run: test -e /usr/local/lib/libsuricata_rust.a
	- run: test -e /usr/local/bin/libsuricata-config
	- run: test ! -e /usr/local/lib/libsuricata.so
	- run: make install
	- run: suricata-update -V
	- run: suricatasc -h

	fedora-35-no-jansson:
	name: Fedora 35 (no jansson)
	runs-on: ubuntu-latest
	container: fedora:35
	needs: [prepare-deps, prepare-cbindgen]
	steps:

	# Cache Rust stuff.
	- name: Cache cargo registry
	uses: actions/cache@f4278025ab0f432ce369118909e46deec636f50c
	with:
	path: ~/.cargo/registry
	key: cargo-registry

	- run: \|
	dnf -y install \
	autoconf \
	automake \
	cargo \
	ccache \
	clang \
	diffutils \
	file-devel \
	gcc \
	gcc-c++ \
	git \
	lua-devel \
	libasan \
	libtool \
	libyaml-devel \
	libnfnetlink-devel \
	libnetfilter_queue-devel \
	libnet-devel \
	libcap-ng-devel \
	libevent-devel \
	libmaxminddb-devel \
	libpcap-devel \
	libtool \
	lz4-devel \
	make \
	nss-softokn-devel \
	pcre2-devel \
	pkgconfig \
	python3-yaml \
	sudo \
	which \
	zlib-devel
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xf prep/libhtp.tar.gz
	- name: Setup cbindgen
	run: \|
	mkdir -p $HOME/.cargo/bin
	cp prep/cbindgen $HOME/.cargo/bin
	chmod 755 $HOME/.cargo/bin/cbindgen
	echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- run: ./autogen.sh
	- run: \|
	if ./configure; then
	echo "error: configure should have failed"
	exit 1
	else
	exit 0
	fi

	ubuntu-20-04-cov-sv:
	name: Ubuntu 20.04 (suricata verify coverage)
	runs-on: ubuntu-latest
	container: ubuntu:20.04
	needs: [prepare-deps, prepare-cbindgen]
	steps:
	- name: Install dependencies
	run: \|
	apt update
	apt -y install \
	libpcre2-dev \
	build-essential \
	autoconf \
	automake \
	cargo \
	gcc-9 \
	git \
	jq \
	libtool \
	libpcap-dev \
	libnet1-dev \
	libyaml-0-2 \
	libyaml-dev \
	libcap-ng-dev \
	libcap-ng0 \
	libmagic-dev \
	libnet1-dev \
	libnetfilter-queue-dev \
	libnetfilter-queue1 \
	libnfnetlink-dev \
	libnfnetlink0 \
	libnuma-dev \
	libhiredis-dev \
	liblua5.1-dev \
	libjansson-dev \
	libevent-dev \
	libevent-pthreads-2.1-7 \
	libjansson-dev \
	libpython2.7 \
	make \
	parallel \
	python3-yaml \
	rustc \
	software-properties-common \
	zlib1g \
	zlib1g-dev \
	exuberant-ctags \
	curl \
	dpdk-dev
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xf prep/libhtp.tar.gz
	- name: Setup cbindgen
	run: \|
	mkdir -p $HOME/.cargo/bin
	cp prep/cbindgen $HOME/.cargo/bin
	chmod 755 $HOME/.cargo/bin/cbindgen
	echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- run: ./autogen.sh
	- run: CFLAGS="${DEFAULT_CFLAGS} -fprofile-arcs -ftest-coverage -O0 -ggdb" ./configure
	- run: make -j2
	- name: Extracting suricata-verify
	run: tar xf prep/suricata-verify.tar.gz
	- name: Running suricata-verify
	run: python3 ./suricata-verify/run.py -q
	- name: Gcov
	run: \|
	cd src
	gcov-9 -p *.[ch]
	cd ../libhtp/htp
	gcov-9 -p *.[ch]
	- name: Upload coverage to Codecov
	uses: codecov/codecov-action@81cd2dc8148241f03f5839d295e000b8f761e378
	with:
	fail_ci_if_error: false
	flags: suricata-verify

	ubuntu-20-04-cov-ut:
	name: Ubuntu 20.04 (unittests coverage)
	runs-on: ubuntu-latest
	container: ubuntu:20.04
	needs: [prepare-deps, prepare-cbindgen]
	steps:
	- name: Install dependencies
	run: \|
	apt update
	apt -y install \
	libpcre2-dev \
	build-essential \
	autoconf \
	automake \
	cargo \
	gcc-9 \
	git \
	jq \
	libtool \
	libpcap-dev \
	libnet1-dev \
	libyaml-0-2 \
	libyaml-dev \
	libcap-ng-dev \
	libcap-ng0 \
	libmagic-dev \
	libnetfilter-queue-dev \
	libnetfilter-queue1 \
	libnfnetlink-dev \
	libnfnetlink0 \
	libnuma-dev \
	libhiredis-dev \
	liblua5.1-dev \
	libjansson-dev \
	libevent-dev \
	libevent-pthreads-2.1-7 \
	libjansson-dev \
	libpython2.7 \
	make \
	parallel \
	python3-yaml \
	rustc \
	software-properties-common \
	zlib1g \
	zlib1g-dev \
	exuberant-ctags \
	curl \
	dpdk-dev
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xf prep/libhtp.tar.gz
	- name: Setup cbindgen
	run: \|
	mkdir -p $HOME/.cargo/bin
	cp prep/cbindgen $HOME/.cargo/bin
	chmod 755 $HOME/.cargo/bin/cbindgen
	echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- run: ./autogen.sh
	- run: CFLAGS="${DEFAULT_CFLAGS} -fprofile-arcs -ftest-coverage -O0 -ggdb" ./configure --enable-unittests
	- run: make -j2
	- run: ./src/suricata -u -l /tmp/
	- name: Gcov
	run: \|
	cd src
	gcov-9 -p *.[ch]
	cd ../libhtp/htp
	gcov-9 -p *.[ch]
	- name: Upload coverage to Codecov
	uses: codecov/codecov-action@81cd2dc8148241f03f5839d295e000b8f761e378
	with:
	fail_ci_if_error: false
	flags: unittests

	ubuntu-20-04-cov-fuzz:
	name: Ubuntu 20.04 (fuzz corpus coverage)
	runs-on: ubuntu-latest
	container: ubuntu:20.04
	needs: [prepare-deps, prepare-cbindgen]
	steps:
	- name: Install dependencies
	run: \|
	apt update
	apt -y install \
	libpcre2-dev \
	build-essential \
	autoconf \
	automake \
	llvm-10 \
	cargo \
	clang-10 \
	git \
	jq \
	libc++-dev \
	libc++abi-dev \
	libtool \
	libpcap-dev \
	libnet1-dev \
	libyaml-0-2 \
	libyaml-dev \
	libcap-ng-dev \
	libcap-ng0 \
	libmagic-dev \
	libnetfilter-queue-dev \
	libnetfilter-queue1 \
	libnfnetlink-dev \
	libnfnetlink0 \
	libnuma-dev \
	libhiredis-dev \
	liblua5.1-dev \
	libjansson-dev \
	libevent-dev \
	libevent-pthreads-2.1-7 \
	libjansson-dev \
	libpython2.7 \
	make \
	parallel \
	python3-yaml \
	rustc \
	software-properties-common \
	zlib1g \
	zlib1g-dev \
	exuberant-ctags \
	unzip \
	curl \
	time \
	wget \
	dpdk-dev
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xf prep/libhtp.tar.gz
	- name: Setup cbindgen
	run: \|
	mkdir -p $HOME/.cargo/bin
	cp prep/cbindgen $HOME/.cargo/bin
	chmod 755 $HOME/.cargo/bin/cbindgen
	echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- run: ./autogen.sh
	- run: LIB_FUZZING_ENGINE="fail_to_onefile_driver" CC=clang-10 CXX=clang++-10 CFLAGS="-fprofile-arcs -ftest-coverage -g -fno-strict-aliasing -fsanitize=address -fno-omit-frame-pointer -fPIC -Wno-unused-parameter -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION=1" CXXFLAGS="-fprofile-arcs -ftest-coverage -g -fno-strict-aliasing -fsanitize=address -fno-omit-frame-pointer -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION=1 -stdlib=libc++ -Wimplicit-int-float-conversion -Wimplicit-int-conversion" ac_cv_func_malloc_0_nonnull=yes ac_cv_func_realloc_0_nonnull=yes ./configure --with-gnu-ld --enable-fuzztargets --disable-shared --enable-gccprotect
	- run: make -j2
	- run: ./qa/run-ossfuzz-corpus.sh
	- name: Gcov
	run: \|
	cd src
	llvm-cov-10 gcov -p *.c
	- name: Upload coverage to Codecov
	uses: codecov/codecov-action@81cd2dc8148241f03f5839d295e000b8f761e378
	with:
	fail_ci_if_error: false
	flags: fuzzcorpus

	ubuntu-20-04-ndebug:
	name: Ubuntu 20.04 (-DNDEBUG)
	runs-on: ubuntu-latest
	container: ubuntu:20.04
	needs: [prepare-deps, prepare-cbindgen]
	steps:

	- name: Install dependencies
	run: \|
	apt update
	apt -y install \
	build-essential \
	autoconf \
	automake \
	cargo \
	git \
	jq \
	libtool \
	libpcap-dev \
	libnet1-dev \
	libyaml-0-2 \
	libyaml-dev \
	libcap-ng-dev \
	libcap-ng0 \
	libmagic-dev \
	libnetfilter-queue-dev \
	libnetfilter-queue1 \
	libnfnetlink-dev \
	libnfnetlink0 \
	libnuma-dev \
	libhiredis-dev \
	libjansson-dev \
	libevent-dev \
	libevent-pthreads-2.1-7 \
	libjansson-dev \
	libpython2.7 \
	libpcre2-dev \
	make \
	parallel \
	python3-yaml \
	rustc \
	software-properties-common \
	zlib1g \
	zlib1g-dev \
	exuberant-ctags \
	dpdk-dev
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xf prep/libhtp.tar.gz
	- run: tar xf prep/suricata-update.tar.gz
	- name: Setup cbindgen
	run: \|
	mkdir -p $HOME/.cargo/bin
	cp prep/cbindgen $HOME/.cargo/bin
	chmod 755 $HOME/.cargo/bin/cbindgen
	echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- run: ./autogen.sh
	- run: CFLAGS="$DEFAULT_CFLAGS -DNDEBUG" ./configure --enable-unittests
	- run: make -j2
	- run: make check
	- run: make dist
	- name: Extracting suricata-verify
	run: tar xf prep/suricata-verify.tar.gz
	- name: Running suricata-verify
	run: python3 ./suricata-verify/run.py -q
	# Now install and make sure headers and libraries aren't install
	# until requested.
	- run: make install
	- run: test ! -e /usr/local/lib/libsuricata_c.a
	- run: test ! -e /usr/local/include/suricata
	- run: make install-headers
	- run: test -e /usr/local/include/suricata/suricata.h
	- run: make install-library
	- run: test -e /usr/local/lib/libsuricata_c.a
	- run: test -e /usr/local/lib/libsuricata_rust.a
	- run: test -e /usr/local/bin/libsuricata-config
	- run: test -e /usr/local/lib/libsuricata.so
	- run: test -e /usr/local/lib/$(readlink /usr/local/lib/libsuricata.so)
	- run: suricata-update -V
	- run: suricatasc -h

	ubuntu-20-04-too-old-rust:
	name: Ubuntu 20.04 (unsupported rust)
	runs-on: ubuntu-latest
	container: ubuntu:20.04
	needs: alma-8
	steps:
	- name: Install dependencies
	run: \|
	apt update
	apt -y install \
	build-essential \
	curl \
	libtool \
	libpcap-dev \
	libnet1-dev \
	libyaml-0-2 \
	libyaml-dev \
	libcap-ng-dev \
	libcap-ng0 \
	libmagic-dev \
	libnetfilter-queue-dev \
	libnetfilter-queue1 \
	libnfnetlink-dev \
	libnfnetlink0 \
	libnuma-dev \
	libhiredis-dev \
	libjansson-dev \
	libevent-dev \
	libevent-pthreads-2.1-7 \
	libjansson-dev \
	libpython2.7 \
	libpcre2-dev \
	make \
	python3-yaml \
	software-properties-common \
	zlib1g \
	zlib1g-dev \
	dpdk-dev
	- run: curl https://sh.rustup.rs -sSf \| sh -s -- --default-toolchain 1.33.0 -y
	- run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- name: Download suricata.tar.gz
	uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: dist
	- run: tar zxvf suricata-*.tar.gz --strip-components=1
	- run: \|
	if ./configure; then
	echo "error: configure should have failed"
	exit 1
	else
	exit 0
	fi

	ubuntu-18-04-debug-validation:
	name: Ubuntu 18.04 (Debug Validation)
	runs-on: ubuntu-18.04
	container: ubuntu:18.04
	needs: [prepare-deps, prepare-cbindgen]
	steps:

	# Cache Rust stuff.
	- name: Cache cargo registry
	uses: actions/cache@f4278025ab0f432ce369118909e46deec636f50c
	with:
	path: ~/.cargo/registry
	key: cargo-registry

	- name: Install dependencies
	run: \|
	apt update
	apt -y install \
	libpcre2-dev \
	build-essential \
	autoconf \
	automake \
	cargo \
	git \
	jq \
	libtool \
	libpcap-dev \
	libnet1-dev \
	libyaml-0-2 \
	libyaml-dev \
	libcap-ng-dev \
	libcap-ng0 \
	libmagic-dev \
	libnetfilter-queue-dev \
	libnetfilter-queue1 \
	libnfnetlink-dev \
	libnfnetlink0 \
	libhiredis-dev \
	libjansson-dev \
	libevent-dev \
	libevent-pthreads-2.1.6 \
	libjansson-dev \
	libpython2.7 \
	make \
	parallel \
	python3-yaml \
	rustc \
	software-properties-common \
	zlib1g \
	zlib1g-dev \
	exuberant-ctags
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xf prep/libhtp.tar.gz
	- name: Setup cbindgen
	run: \|
	mkdir -p $HOME/.cargo/bin
	cp prep/cbindgen $HOME/.cargo/bin
	chmod 755 $HOME/.cargo/bin/cbindgen
	echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- run: ./autogen.sh
	- run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-debug-validation
	- run: make -j2
	- run: make check
	- name: Extracting suricata-verify
	run: tar xf prep/suricata-verify.tar.gz
	- name: Running suricata-verify
	run: python3 ./suricata-verify/run.py -q

	ubuntu-18-04:
	name: Ubuntu 18.04 (Cocci)
	runs-on: ubuntu-18.04
	container: ubuntu:18.04
	needs: [prepare-deps, prepare-cbindgen]
	steps:

	# Cache Rust stuff.
	- name: Cache cargo registry
	uses: actions/cache@f4278025ab0f432ce369118909e46deec636f50c
	with:
	path: ~/.cargo/registry
	key: cargo-registry

	- name: Install dependencies
	run: \|
	apt update
	apt -y install \
	libpcre2-dev \
	build-essential \
	autoconf \
	automake \
	cargo \
	git \
	jq \
	libtool \
	libpcap-dev \
	libnet1-dev \
	libyaml-0-2 \
	libyaml-dev \
	libcap-ng-dev \
	libcap-ng0 \
	libmagic-dev \
	libnetfilter-queue-dev \
	libnetfilter-queue1 \
	libnfnetlink-dev \
	libnfnetlink0 \
	libhiredis-dev \
	libjansson-dev \
	libevent-dev \
	libevent-pthreads-2.1.6 \
	libjansson-dev \
	libpython2.7 \
	make \
	parallel \
	python3-yaml \
	rustc \
	software-properties-common \
	zlib1g \
	zlib1g-dev \
	exuberant-ctags
	- name: Install packages for generating documentation
	run: \|
	DEBIAN_FRONTEND=noninteractive apt -y install \
	sphinx-doc \
	sphinx-common \
	texlive-latex-base \
	texlive-fonts-recommended \
	texlive-fonts-extra \
	texlive-latex-extra
	- name: Install Coccinelle
	run: \|
	apt -y install coccinelle
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xf prep/libhtp.tar.gz
	- name: Setup cbindgen
	run: \|
	mkdir -p $HOME/.cargo/bin
	cp prep/cbindgen $HOME/.cargo/bin
	chmod 755 $HOME/.cargo/bin/cbindgen
	echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- run: ./autogen.sh
	- run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests --enable-coccinelle
	- run: make -j2
	- run: make tags
	- name: Running unit tests and cocci checks
	# Set the concurrency level for cocci.
	run: CONCURRENCY_LEVEL=2 make check
	- run: make dist
	- name: Checking that documentation was built
	run: \|
	test -e doc/userguide/userguide.pdf
	test -e doc/userguide/suricata.1
	- name: Extracting suricata-verify
	run: tar xf prep/suricata-verify.tar.gz
	- name: Running suricata-verify
	run: python3 ./suricata-verify/run.py -q

	# test build with afl and fuzztargets
	ubuntu-18-04-fuzz:
	name: Ubuntu 18.04 (Fuzz)
	runs-on: ubuntu-18.04
	container: ubuntu:18.04
	needs: [prepare-deps, prepare-cbindgen]
	steps:

	# Cache Rust stuff.
	- name: Cache cargo registry
	uses: actions/cache@f4278025ab0f432ce369118909e46deec636f50c
	with:
	path: ~/.cargo/registry
	key: cargo-registry

	- name: Install dependencies
	run: \|
	apt update
	apt -y install \
	afl \
	afl-clang \
	libpcre2-dev \
	build-essential \
	autoconf \
	automake \
	cargo \
	git \
	libtool \
	libpcap-dev \
	libnet1-dev \
	libyaml-0-2 \
	libyaml-dev \
	libcap-ng-dev \
	libcap-ng0 \
	libmagic-dev \
	libnetfilter-queue-dev \
	libnetfilter-queue1 \
	libnfnetlink-dev \
	libnfnetlink0 \
	libhiredis-dev \
	libjansson-dev \
	libjansson-dev \
	libpython2.7 \
	make \
	rustc \
	software-properties-common \
	zlib1g \
	zlib1g-dev
	- run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xf prep/libhtp.tar.gz
	- name: Setup cbindgen
	run: \|
	mkdir -p $HOME/.cargo/bin
	cp prep/cbindgen $HOME/.cargo/bin
	chmod 755 $HOME/.cargo/bin/cbindgen
	echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- run: ./autogen.sh
	- run: AFL_HARDEN=1 ac_cv_func_realloc_0_nonnull=yes ac_cv_func_malloc_0_nonnull=yes CFLAGS="-fsanitize=address -fno-omit-frame-pointer" CXXFLAGS=$CFLAGS CC=afl-clang-fast CXX=afl-clang-fast++ LDFLAGS="-fsanitize=address" ./configure --enable-fuzztargets --disable-shared
	- run: AFL_HARDEN=1 make -j2

	debian-10:
	name: Debian 10
	runs-on: ubuntu-latest
	container: debian:10
	needs: [prepare-deps, prepare-cbindgen]
	steps:
	# Cache Rust stuff.
	- name: Cache cargo registry
	uses: actions/cache@f4278025ab0f432ce369118909e46deec636f50c
	with:
	path: ~/.cargo/registry
	key: cargo-registry

	- run: \|
	apt update
	apt -y install \
	automake \
	autoconf \
	build-essential \
	ccache \
	curl \
	git \
	gosu \
	jq \
	libpcre2-dev \
	libpcap-dev \
	libnet1-dev \
	libyaml-0-2 \
	libyaml-dev \
	libcap-ng-dev \
	libcap-ng0 \
	libmagic-dev \
	libjansson-dev \
	libgeoip-dev \
	liblua5.1-dev \
	libhiredis-dev \
	libevent-dev \
	libtool \
	m4 \
	make \
	python3-yaml \
	pkg-config \
	sudo \
	zlib1g \
	zlib1g-dev \
	clang \
	libbpf-dev \
	libelf-dev
	- name: Install Rust
	run: curl https://sh.rustup.rs -sSf \| sh -s -- --default-toolchain $RUST_VERSION_KNOWN -y
	- run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xf prep/libhtp.tar.gz
	- run: tar xf prep/suricata-update.tar.gz
	- name: Setup cbindgen
	run: \|
	mkdir -p $HOME/.cargo/bin
	cp prep/cbindgen $HOME/.cargo/bin
	chmod 755 $HOME/.cargo/bin/cbindgen
	- run: ./autogen.sh
	- run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests --enable-fuzztargets --enable-ebpf --enable-ebpf-build
	- run: make -j2
	- run: make check
	- run: tar xf prep/suricata-verify.tar.gz
	- name: Running suricata-verify
	run: python3 ./suricata-verify/run.py -q
	- run: make install
	- run: suricata-update -V
	- run: suricatasc -h

	debian-9:
	name: Debian 9
	runs-on: ubuntu-latest
	container: debian:9
	needs: [prepare-deps, prepare-cbindgen]
	steps:
	- run: \|
	apt update
	apt -y install \
	automake \
	autoconf \
	build-essential \
	ccache \
	curl \
	git-core \
	gosu \
	jq \
	libpcre2-dev \
	libpcap-dev \
	libnet1-dev \
	libyaml-0-2 \
	libyaml-dev \
	libcap-ng-dev \
	libcap-ng0 \
	libmagic-dev \
	libjansson-dev \
	libgeoip-dev \
	liblua5.1-dev \
	libhiredis-dev \
	libevent-dev \
	libtool \
	m4 \
	make \
	python3-yaml \
	pkg-config \
	sudo \
	zlib1g \
	zlib1g-dev
	- name: Install Rust
	run: curl https://sh.rustup.rs -sSf \| sh -s -- --default-toolchain $RUST_VERSION_MIN -y
	- run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xf prep/libhtp.tar.gz
	- run: tar xf prep/suricata-update.tar.gz
	- name: Setup cbindgen
	run: \|
	mkdir -p $HOME/.cargo/bin
	cp prep/cbindgen $HOME/.cargo/bin
	chmod 755 $HOME/.cargo/bin/cbindgen
	- run: ./autogen.sh
	- run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests
	- run: make -j2
	- run: make check
	- run: tar xf prep/suricata-verify.tar.gz
	- name: Running suricata-verify
	run: python3 ./suricata-verify/run.py -q
	- run: make install
	- run: suricata-update -V
	- run: suricatasc -h

	macos-latest:
	name: MacOS Latest
	runs-on: macos-latest
	needs: [prepare-deps]
	steps:
	# Cache Rust stuff.
	- name: Cache cargo registry
	uses: actions/cache@f4278025ab0f432ce369118909e46deec636f50c
	with:
	path: ~/.cargo/registry
	key: cargo-registry
	- run: \|
	brew install \
	autoconf \
	automake \
	curl \
	hiredis \
	jansson \
	jq \
	libmagic \
	libnet \
	libtool \
	libyaml \
	lua \
	pkg-config \
	python \
	rust \
	xz
	- name: Install cbindgen
	run: cargo install --force --debug --version 0.14.1 cbindgen
	- run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
	- run: pip3 install PyYAML
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- name: Downloading prep archive
	uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xvf prep/libhtp.tar.gz
	- run: tar xvf prep/suricata-update.tar.gz
	- run: ./autogen.sh
	- run: CFLAGS="${DEFAULT_CFLAGS}" ./configure --enable-unittests
	- run: make -j2
	# somehow it gets included by some C++ stdlib header (case unsensitive)
	- run: rm libhtp/VERSION && make check
	- run: tar xf prep/suricata-verify.tar.gz
	- name: Running suricata-verify
	run: python3 ./suricata-verify/run.py -q
	- run: make install
	- run: suricata-update -V
	- run: suricatasc -h

	windows-msys2-mingw64-npcap:
	name: Windows MSYS2 MINGW64 (NPcap)
	runs-on: windows-latest
	needs: [prepare-deps]
	defaults:
	run:
	shell: msys2 {0}
	steps:
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- uses: msys2/setup-msys2@fa138fa56e2558760b9f2205135313c7345c5f3f
	with:
	msystem: MINGW64
	update: true
	install: git mingw-w64-x86_64-toolchain automake1.16 automake-wrapper autoconf libtool libyaml-devel pcre2-devel jansson-devel make mingw-w64-x86_64-libyaml mingw-w64-x86_64-pcre2 mingw-w64-x86_64-rust mingw-w64-x86_64-jansson unzip p7zip python-setuptools mingw-w64-x86_64-python-yaml mingw-w64-x86_64-jq mingw-w64-x86_64-libxml2
	# hack: install our own cbindgen system wide as we can't get the
	# preinstalled one to be picked up by configure
	- name: cbindgen
	run: cargo install --root /usr --force --debug --version 0.14.1 cbindgen
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xf prep/libhtp.tar.gz
	- run: tar xf prep/suricata-update.tar.gz
	- name: Npcap DLL
	run: \|
	curl -sL -O https://nmap.org/npcap/dist/npcap-1.00.exe
	7z -y x -o/npcap-bin npcap-1.00.exe
	# hack: place dlls in cwd
	cp /npcap-bin/*.dll .
	- name: Npcap SDK
	run: \|
	curl -sL -O https://nmap.org/npcap/dist/npcap-sdk-1.06.zip
	unzip npcap-sdk-1.06.zip -d /npcap
	cp /npcap/Lib/x64/* /usr/lib/
	- run: tar xf prep/suricata-verify.tar.gz
	- name: Build
	run: \|
	./autogen.sh
	CFLAGS="-ggdb -Werror" ./configure --enable-unittests --enable-gccprotect --disable-gccmarch-native --disable-shared --with-libpcap-includes=/npcap/Include --with-libpcap-libraries=/npcap/Lib/x64
	make -j3
	- name: Run
	run: \|
	./src/suricata --build-info
	./src/suricata -u -l /tmp/
	# need cwd in path due to npcap dlls (see above)
	PATH="$PATH:$(pwd)" python3 ./suricata-verify/run.py -q
	- run: make install
	- run: suricata-update -V

	windows-msys2-mingw64-libpcap:
	name: Windows MSYS2 MINGW64 (libpcap)
	runs-on: windows-latest
	needs: [prepare-deps]
	defaults:
	run:
	shell: msys2 {0}
	steps:
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- uses: msys2/setup-msys2@v2
	with:
	msystem: MINGW64
	update: true
	install: git mingw-w64-x86_64-toolchain automake1.16 automake-wrapper autoconf libtool libyaml-devel pcre2-devel jansson-devel make mingw-w64-x86_64-libyaml mingw-w64-x86_64-pcre2 mingw-w64-x86_64-rust mingw-w64-x86_64-jansson unzip p7zip python-setuptools mingw-w64-x86_64-python-yaml mingw-w64-x86_64-jq mingw-w64-x86_64-libxml2 libpcap-devel mingw-w64-x86_64-libpcap
	# hack: install our own cbindgen system wide as we can't get the
	# preinstalled one to be picked up by configure
	- name: cbindgen
	run: cargo install --root /usr --force --debug --version 0.14.1 cbindgen
	- uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
	- uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
	with:
	name: prep
	path: prep
	- run: tar xf prep/libhtp.tar.gz
	- run: tar xf prep/suricata-update.tar.gz
	- run: tar xf prep/suricata-verify.tar.gz
	- name: Build
	run: \|
	./autogen.sh
	CFLAGS="-ggdb -Werror" ./configure --enable-unittests --enable-gccprotect --disable-gccmarch-native --disable-shared --with-libpcap-includes=/npcap/Include --with-libpcap-libraries=/npcap/Lib/x64
	make -j3
	- name: Run
	run: \|
	./src/suricata --build-info
	./src/suricata -u -l /tmp/
	python3 ./suricata-verify/run.py -q
	- run: make install
	- run: suricata-update -V

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

github-actions: bump actions/checkout from 2 to 4 #5

Workflow file

github-actions: bump actions/checkout from 2 to 4 #5

Jobs

Run details

Workflow file for this run