Skip to content

chore(CI): build deps using Bazel #1772

chore(CI): build deps using Bazel

chore(CI): build deps using Bazel #1772

Workflow file for this run

name: test
on:
push:
branches:
- master
- lts
- lts-dev
- current
- current-dev
pull_request:
workflow_dispatch:
defaults:
run:
shell: bash
# cancel previous runs if new commits are pushed to the PR, but run for each commit on master
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
buld_deps:
name: Build dependencies
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.ref }}
submodules: true
- name: Generate cache key
id: cache_key
uses: ./.github/workflows/reusable_actions/build_cache_key
- name: Lookup build cache
id: cache
uses: actions/cache@v4
with:
key: ${{ steps.cache_key.outputs.cache_key }}
path: |
${{ github.workspace }}/deps.tar.gz
- name: Install pre-requirements
run: |
sudo apt-get --yes update
# https://github.com/actions/runner-images/issues/2139
sudo apt-get remove nginx-core \
nginx-full \
nginx-light \
nginx-extras \
libgd3
sudo apt-get install --yes \
build-essential \
zlib1g-dev \
libpcre3 \
libpcre3-dev \
libssl-dev \
libxslt1-dev \
libxml2-dev \
libgeoip-dev \
libgd-dev \
libperl-dev \
libcurl4-openssl-dev
- name: Build dependencies
if: steps.cache.outputs.cache-hit != 'true'
run: |
bazel build --registry=file://$(realpath ngx_waf_deps) //:deps
cp bazel-bin/deps.tar.gz .
build_test:
name: Build & Test
runs-on: ubuntu-latest
needs: [buld_deps]
strategy:
matrix:
nginx-version: ['stable', 'mainline']
module-type: ['static', 'dynamic']
steps:
- uses: actions/setup-python@v5
with:
python-version: '3.x'
- uses: actions/checkout@v4
with:
ref: ${{ github.ref }}
submodules: true
- name: Generate cache key
id: cache_key
uses: ./.github/workflows/reusable_actions/build_cache_key
- name: Lookup build cache
id: cache
uses: actions/cache@v4
with:
key: ${{ steps.cache_key.outputs.cache_key }}
path: |
${{ github.workspace }}/deps.tar.gz
- name: Assert build dependencies cache found
if: steps.cache.outputs.cache-hit != 'true'
run: |
echo "Build dependencies cache not found, this step should be unreachable."
exit 1
- name: Install pre-requirements
run: |
sudo apt-get --yes update
# https://github.com/actions/runner-images/issues/2139
sudo apt-get remove nginx-core \
nginx-full \
nginx-light \
nginx-extras \
libgd3
sudo apt-get install --yes \
build-essential \
zlib1g-dev \
libpcre3 \
libpcre3-dev \
libssl-dev \
libxslt1-dev \
libxml2-dev \
libgeoip-dev \
libgd-dev \
libperl-dev \
libcurl4-openssl-dev
- name: Apply dependencies
run: |
tar -zxf deps.tar.gz
echo "$(realpath deps/libmodsecurity/lib)" | sudo tee -a /etc/ld.so.conf.d/ngx_waf.conf
echo "$(realpath deps/libsodium/lib)" | sudo tee -a /etc/ld.so.conf.d/ngx_waf.conf
echo "$(realpath deps/libcjson/lib)" | sudo tee -a /etc/ld.so.conf.d/ngx_waf.conf
sudo ldconfig
echo "LIB_MODSECURITY=$(realpath deps/libmodsecurity)" >> "$GITHUB_ENV"
echo "LIB_SODIUM=$(realpath deps/libsodium)" >> "$GITHUB_ENV"
echo "LIB_CJSON=$(realpath deps/libcjson)" >> "$GITHUB_ENV"
echo "LIB_UTHASH=$(realpath deps/uthash)" >> "$GITHUB_ENV"
- name: Download & Build & Install nginx-${{ matrix.nginx-version }}
run: |
sudo pip install lastversion
lastversion download nginx:${{ matrix.nginx-version }}
mkdir nginx-src
tar zxf nginx-*.tar.gz --directory nginx-src --strip-components=1
cd nginx-src
if [ ${{ matrix.module-type }} = 'static module' ] ; then \
opt='--add-module' ;\
else \
opt='--add-dynamic-module' ;\
fi
./configure ${opt}=${{ github.workspace }} --with-http_realip_module --with-cc-opt='-Wno-unused-but-set-variable -Wno-unused-function -fstack-protector-strong'
make -j$(nproc)
sudo make install
sudo useradd nginx -s /sbin/nologin -M
sudo ln -s /usr/local/nginx/sbin/nginx /usr/local/bin/nginx
nginx -V
- name: Install Test::Nginx
run: |
sudo cpan Test::Nginx
- name: Test
run: |
sudo chmod 777 -R /tmp
cd test/test-nginx
export MODULE_TEST_PATH=/tmp/module_test
sh ./init.sh
exec sudo sh start.sh t/*.t