5 files changed, 314 insertions, 0 deletions
diff --git a/.github/NPTest.cache b/.github/NPTest.cache
new file mode 100644
index 0000000..232305a
--- /dev/null
+++ b/.github/NPTest.cache
@@ -0,0 +1,54 @@
+{
+  'NP_ALLOW_SUDO' => 'yes',
+  'NP_DNS_SERVER' => '8.8.8.8',
+  'NP_GOOD_NTP_SERVICE' => '',
+  'NP_HOST_DHCP_RESPONSIVE' => '',
+  'NP_HOST_HPJD_PORT_INVALID' => '161',
+  'NP_HOST_HPJD_PORT_VALID' => '',
+  'NP_HOSTNAME_INVALID_CIDR' => '130.133.8.39/30',
+  'NP_HOSTNAME_INVALID' => 'nosuchhost',
+  'NP_HOSTNAME_VALID_CIDR' => '130.133.8.41/30',
+  'NP_HOSTNAME_VALID_IP' => '130.133.8.40',
+  'NP_HOSTNAME_VALID' => 'monitoring-plugins.org',
+  'NP_HOSTNAME_VALID_REVERSE' => 'orwell.monitoring-plugins.org.',
+  'NP_HOST_NONRESPONSIVE' => '192.168.1.2',
+  'NP_HOST_RESPONSIVE' => 'localhost',
+  'NP_HOST_SMB' => '',
+  'NP_HOST_SNMP' => '',
+  'NP_HOST_TCP_FTP' => '',
+  'NP_HOST_TCP_HPJD' => '',
+  'NP_HOST_TCP_HTTP2' => 'test.monitoring-plugins.org',
+  'NP_HOST_TCP_HTTP' => 'localhost',
+  'NP_HOST_TCP_IMAP' => 'imap.web.de',
+  'NP_HOST_TCP_JABBER' => 'jabber.org',
+  'NP_HOST_TCP_LDAP' => 'localhost',
+  'NP_HOST_TCP_POP' => 'pop.web.de',
+  'NP_HOST_TCP_PROXY' => 'localhost',
+  'NP_HOST_TCP_SMTP' => 'localhost',
+  'NP_HOST_TCP_SMTP_NOTLS' => '',
+  'NP_HOST_TCP_SMTP_TLS' => '',
+  'NP_HOST_TLS_CERT' => 'localhost',
+  'NP_HOST_TLS_HTTP' => 'localhost',
+  'NP_HOST_UDP_TIME' => 'none',
+  'NP_INTERNET_ACCESS' => 'yes',
+  'NP_LDAP_BASE_DN' => 'dc=nodomain',
+  'NP_MOUNTPOINT2_VALID' => '/media/ramdisk1',
+  'NP_MOUNTPOINT_VALID' => '/',
+  'NP_MYSQL_LOGIN_DETAILS' => '-u root -d test',
+  'NP_MYSQL_SERVER' => 'localhost',
+  'NP_MYSQL_SOCKET' => '/var/run/mysqld/mysqld.sock',
+  'NP_MYSQL_WITH_SLAVE' => '',
+  'NP_MYSQL_WITH_SLAVE_LOGIN' => '',
+  'NP_NO_NTP_SERVICE' => 'localhost',
+  'NP_PORT_TCP_PROXY' => '3128',
+  'NP_SMB_SHARE' => '',
+  'NP_SMB_SHARE_DENY' => '',
+  'NP_SMB_SHARE_SPC' => '',
+  'NP_SMB_VALID_USER' => '',
+  'NP_SMB_VALID_USER_PASS' => '',
+  'NP_SNMP_COMMUNITY' => '',
+  'NP_SNMP_USER' => '',
+  'NP_SSH_CONFIGFILE' => '~/.ssh/config',
+  'NP_SSH_HOST' => 'localhost',
+  'NP_SSH_IDENTITY' => '~/.ssh/id_rsa'
+}
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..282063c
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,10 @@
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: daily
+      time: "04:00"
+    pull-request-branch-name:
+      separator: "-"
+    open-pull-requests-limit: 10
diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh
new file mode 100755
index 0000000..5222659
--- /dev/null
+++ b/.github/prepare_debian.sh
@@ -0,0 +1,131 @@
+#!/bin/bash
+set -x
+set -e
+export DEBIAN_FRONTEND=noninteractive
+sed "s/main/non-free contrib/g" /etc/apt/sources.list.d/debian.sources > /etc/apt/sources.list.d/debian-nonfree.sources
+apt-get update
+apt-get -y install software-properties-common
+if [ $(lsb_release -is) = "Debian" ]; then
+  apt-add-repository non-free
+  apt-get update
+fi
+apt-get -y install perl \
+        autotools-dev \
+        libdbi-dev \
+        libldap2-dev \
+        libpq-dev \
+        libradcli-dev \
+        libnet-snmp-perl \
+        procps \
+        libdbi0-dev \
+        libdbd-sqlite3 \
+        libssl-dev \
+        dnsutils \
+        snmp-mibs-downloader \
+        libsnmp-perl \
+        snmpd \
+        fping \
+        snmp \
+        netcat-openbsd \
+        smbclient \
+        vsftpd \
+        apache2 \
+        ssl-cert \
+        postfix \
+        libhttp-daemon-ssl-perl \
+        libdbd-sybase-perl \
+        libnet-dns-perl \
+        slapd \
+        ldap-utils \
+        gcc \
+        make \
+        autoconf \
+        automake \
+        gettext \
+        faketime \
+        libmonitoring-plugin-perl \
+        libcurl4-openssl-dev \
+        liburiparser-dev \
+        squid \
+        openssh-server \
+        mariadb-server \
+        mariadb-client \
+        libmariadb-dev \
+        cron \
+        iputils-ping \
+        iproute2
+# remove ipv6 interface from hosts
+if [ $(ip addr show | grep "inet6 ::1" | wc -l) -eq "0" ]; then
+    sed '/^::1/d' /etc/hosts > /tmp/hosts
+    cp -f /tmp/hosts /etc/hosts
+fi
+ip addr show
+cat /etc/hosts
+# apache
+a2enmod ssl
+a2ensite default-ssl
+# replace snakeoil certs with openssl generated ones as the make-ssl-cert ones
+# seems to cause problems with our plugins
+rm /etc/ssl/certs/ssl-cert-snakeoil.pem
+rm /etc/ssl/private/ssl-cert-snakeoil.key
+openssl req -nodes -newkey rsa:2048 -x509 -sha256 -days 365 -nodes -keyout /etc/ssl/private/ssl-cert-snakeoil.key -out /etc/ssl/certs/ssl-cert-snakeoil.pem -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=$(hostname)"
+service apache2 restart
+# squid
+cp tools/squid.conf /etc/squid/squid.conf
+service squid start
+# mariadb
+service mariadb start
+mysql -e "create database IF NOT EXISTS test;" -uroot
+# ldap
+sed -e 's/cn=admin,dc=nodomain/'$(/usr/sbin/slapcat|grep ^dn:|awk '{print $2}')'/' -i .github/NPTest.cache
+service slapd start
+# sshd
+ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
+cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
+service ssh start
+sleep 1
+ssh-keyscan localhost >> ~/.ssh/known_hosts
+touch ~/.ssh/config
+# start one login session, required for check_users
+ssh -tt localhost </dev/null >/dev/null 2>/dev/null &
+disown %1
+# snmpd
+for DIR in /usr/share/snmp/mibs /usr/share/mibs; do
+    rm -f $DIR/ietf/SNMPv2-PDU \
+          $DIR/ietf/IPSEC-SPD-MIB \
+          $DIR/ietf/IPATM-IPMC-MIB \
+          $DIR/iana/IANA-IPPM-METRICS-REGISTRY-MIB
+done
+mkdir -p /var/lib/snmp/mib_indexes
+sed -e 's/^agentaddress.*/agentaddress 127.0.0.1/' -i /etc/snmp/snmpd.conf
+service snmpd start
+# start cron, will be used by check_nagios
+cron
+# start postfix
+service postfix start
+# start ftpd
+service vsftpd start
+# hostname
+sed "/NP_HOST_TLS_CERT/s/.*/'NP_HOST_TLS_CERT' => '$(hostname)',/" -i /src/.github/NPTest.cache
+# create some test files to lower inodes
+for i in $(seq 10); do
+    touch /media/ramdisk2/test.$1
+done
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 0000000..ab8bfaa
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,72 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '15 18 * * 0'
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'cpp' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
+        # Learn more:
+        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+    - name: Install packages
+      run: |
+        sudo apt update
+        sudo apt-get install -y --no-install-recommends m4 gettext automake autoconf make build-essential
+        sudo apt-get install -y --no-install-recommends perl autotools-dev libdbi-dev libldap2-dev libpq-dev \
+                                                        libmysqlclient-dev libradcli-dev libkrb5-dev libdbi0-dev \
+                                                        libdbd-sqlite3 libssl-dev libcurl4-openssl-dev liburiparser-dev
+    - name: Configure build
+      run: |
+        ./tools/setup
+        ./configure --enable-libtap
+    - name: Build
+      run: |
+        make
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
new file mode 100644
index 0000000..80d49f7
--- /dev/null
+++ b/.github/workflows/test.yml
@@ -0,0 +1,47 @@
+name: Test
+on:
+  push:
+    branches:
+      - '*'
+  pull_request:
+jobs:
+#  macos:
+#    ...
+  linux:
+    runs-on: ubuntu-latest
+    name: Running tests on ${{ matrix.distro }}
+    strategy:
+      fail-fast: false
+      matrix:
+        distro:
+          - 'debian:testing'
+          #...
+        include:
+          - distro: 'debian:testing'
+            prepare: .github/prepare_debian.sh
+          #...
+    steps:
+      - name: Git clone repository
+        uses: actions/checkout@v3
+      #- name: Setup tmate session, see https://github.com/marketplace/actions/debugging-with-tmate
+      #  uses: mxschmitt/action-tmate@v3
+      - name: Run the tests on ${{ matrix.distro }}
+        run: |
+          docker volume create --driver local --opt type=tmpfs --opt device=tmpfs --opt o=size=100m,uid=1000 tmp-vol
+          docker run \
+              -e NPTEST_ACCEPTDEFAULT=1 \
+              -e NPTEST_CACHE="/src/.github/NPTest.cache" \
+              -w /src -v ${PWD}:/src \
+              --tmpfs /media/ramdisk1 \
+              -v /var/run/utmp:/var/run/utmp \
+              --mount source=tmp-vol,destination=/src,target=/media/ramdisk2 \
+              ${{ matrix.distro }} \
+              /bin/sh -c '${{ matrix.prepare }} && \
+                tools/setup && \
+                ./configure --enable-libtap  --with-ipv6=no && \
+                make && \
+                make test'
+          docker container prune -f
+          docker volume prune -f

diff --git a/.github/NPTest.cache b/.github/NPTest.cache new file mode 100644 index 0000000..232305a --- /dev/null +++ b/.github/NPTest.cache
@@ -0,0 +1,54 @@
	1	{
	2	'NP_ALLOW_SUDO' => 'yes',
	3	'NP_DNS_SERVER' => '8.8.8.8',
	4	'NP_GOOD_NTP_SERVICE' => '',
	5	'NP_HOST_DHCP_RESPONSIVE' => '',
	6	'NP_HOST_HPJD_PORT_INVALID' => '161',
	7	'NP_HOST_HPJD_PORT_VALID' => '',
	8	'NP_HOSTNAME_INVALID_CIDR' => '130.133.8.39/30',
	9	'NP_HOSTNAME_INVALID' => 'nosuchhost',
	10	'NP_HOSTNAME_VALID_CIDR' => '130.133.8.41/30',
	11	'NP_HOSTNAME_VALID_IP' => '130.133.8.40',
	12	'NP_HOSTNAME_VALID' => 'monitoring-plugins.org',
	13	'NP_HOSTNAME_VALID_REVERSE' => 'orwell.monitoring-plugins.org.',
	14	'NP_HOST_NONRESPONSIVE' => '192.168.1.2',
	15	'NP_HOST_RESPONSIVE' => 'localhost',
	16	'NP_HOST_SMB' => '',
	17	'NP_HOST_SNMP' => '',
	18	'NP_HOST_TCP_FTP' => '',
	19	'NP_HOST_TCP_HPJD' => '',
	20	'NP_HOST_TCP_HTTP2' => 'test.monitoring-plugins.org',
	21	'NP_HOST_TCP_HTTP' => 'localhost',
	22	'NP_HOST_TCP_IMAP' => 'imap.web.de',
	23	'NP_HOST_TCP_JABBER' => 'jabber.org',
	24	'NP_HOST_TCP_LDAP' => 'localhost',
	25	'NP_HOST_TCP_POP' => 'pop.web.de',
	26	'NP_HOST_TCP_PROXY' => 'localhost',
	27	'NP_HOST_TCP_SMTP' => 'localhost',
	28	'NP_HOST_TCP_SMTP_NOTLS' => '',
	29	'NP_HOST_TCP_SMTP_TLS' => '',
	30	'NP_HOST_TLS_CERT' => 'localhost',
	31	'NP_HOST_TLS_HTTP' => 'localhost',
	32	'NP_HOST_UDP_TIME' => 'none',
	33	'NP_INTERNET_ACCESS' => 'yes',
	34	'NP_LDAP_BASE_DN' => 'dc=nodomain',
	35	'NP_MOUNTPOINT2_VALID' => '/media/ramdisk1',
	36	'NP_MOUNTPOINT_VALID' => '/',
	37	'NP_MYSQL_LOGIN_DETAILS' => '-u root -d test',
	38	'NP_MYSQL_SERVER' => 'localhost',
	39	'NP_MYSQL_SOCKET' => '/var/run/mysqld/mysqld.sock',
	40	'NP_MYSQL_WITH_SLAVE' => '',
	41	'NP_MYSQL_WITH_SLAVE_LOGIN' => '',
	42	'NP_NO_NTP_SERVICE' => 'localhost',
	43	'NP_PORT_TCP_PROXY' => '3128',
	44	'NP_SMB_SHARE' => '',
	45	'NP_SMB_SHARE_DENY' => '',
	46	'NP_SMB_SHARE_SPC' => '',
	47	'NP_SMB_VALID_USER' => '',
	48	'NP_SMB_VALID_USER_PASS' => '',
	49	'NP_SNMP_COMMUNITY' => '',
	50	'NP_SNMP_USER' => '',
	51	'NP_SSH_CONFIGFILE' => '~/.ssh/config',
	52	'NP_SSH_HOST' => 'localhost',
	53	'NP_SSH_IDENTITY' => '~/.ssh/id_rsa'
	54	}


diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..282063c --- /dev/null +++ b/.github/dependabot.yml
@@ -0,0 +1,10 @@
	1	version: 2
	2	updates:
	3	- package-ecosystem: github-actions
	4	directory: "/"
	5	schedule:
	6	interval: daily
	7	time: "04:00"
	8	pull-request-branch-name:
	9	separator: "-"
	10	open-pull-requests-limit: 10


diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh new file mode 100755 index 0000000..5222659 --- /dev/null +++ b/.github/prepare_debian.sh
@@ -0,0 +1,131 @@
	1	#!/bin/bash
	2
	3	set -x
	4	set -e
	5
	6	export DEBIAN_FRONTEND=noninteractive
	7
	8	sed "s/main/non-free contrib/g" /etc/apt/sources.list.d/debian.sources > /etc/apt/sources.list.d/debian-nonfree.sources
	9	apt-get update
	10	apt-get -y install software-properties-common
	11	if [ $(lsb_release -is) = "Debian" ]; then
	12	apt-add-repository non-free
	13	apt-get update
	14	fi
	15	apt-get -y install perl \
	16	autotools-dev \
	17	libdbi-dev \
	18	libldap2-dev \
	19	libpq-dev \
	20	libradcli-dev \
	21	libnet-snmp-perl \
	22	procps \
	23	libdbi0-dev \
	24	libdbd-sqlite3 \
	25	libssl-dev \
	26	dnsutils \
	27	snmp-mibs-downloader \
	28	libsnmp-perl \
	29	snmpd \
	30	fping \
	31	snmp \
	32	netcat-openbsd \
	33	smbclient \
	34	vsftpd \
	35	apache2 \
	36	ssl-cert \
	37	postfix \
	38	libhttp-daemon-ssl-perl \
	39	libdbd-sybase-perl \
	40	libnet-dns-perl \
	41	slapd \
	42	ldap-utils \
	43	gcc \
	44	make \
	45	autoconf \
	46	automake \
	47	gettext \
	48	faketime \
	49	libmonitoring-plugin-perl \
	50	libcurl4-openssl-dev \
	51	liburiparser-dev \
	52	squid \
	53	openssh-server \
	54	mariadb-server \
	55	mariadb-client \
	56	libmariadb-dev \
	57	cron \
	58	iputils-ping \
	59	iproute2
	60
	61	# remove ipv6 interface from hosts
	62	if [ $(ip addr show \| grep "inet6 ::1" \| wc -l) -eq "0" ]; then
	63	sed '/^::1/d' /etc/hosts > /tmp/hosts
	64	cp -f /tmp/hosts /etc/hosts
	65	fi
	66
	67	ip addr show
	68
	69	cat /etc/hosts
	70
	71	# apache
	72	a2enmod ssl
	73	a2ensite default-ssl
	74	# replace snakeoil certs with openssl generated ones as the make-ssl-cert ones
	75	# seems to cause problems with our plugins
	76	rm /etc/ssl/certs/ssl-cert-snakeoil.pem
	77	rm /etc/ssl/private/ssl-cert-snakeoil.key
	78	openssl req -nodes -newkey rsa:2048 -x509 -sha256 -days 365 -nodes -keyout /etc/ssl/private/ssl-cert-snakeoil.key -out /etc/ssl/certs/ssl-cert-snakeoil.pem -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=$(hostname)"
	79	service apache2 restart
	80
	81	# squid
	82	cp tools/squid.conf /etc/squid/squid.conf
	83	service squid start
	84
	85	# mariadb
	86	service mariadb start
	87	mysql -e "create database IF NOT EXISTS test;" -uroot
	88
	89	# ldap
	90	sed -e 's/cn=admin,dc=nodomain/'$(/usr/sbin/slapcat\|grep ^dn:\|awk '{print $2}')'/' -i .github/NPTest.cache
	91	service slapd start
	92
	93	# sshd
	94	ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
	95	cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
	96	service ssh start
	97	sleep 1
	98	ssh-keyscan localhost >> ~/.ssh/known_hosts
	99	touch ~/.ssh/config
	100
	101	# start one login session, required for check_users
	102	ssh -tt localhost </dev/null >/dev/null 2>/dev/null &
	103	disown %1
	104
	105	# snmpd
	106	for DIR in /usr/share/snmp/mibs /usr/share/mibs; do
	107	rm -f $DIR/ietf/SNMPv2-PDU \
	108	$DIR/ietf/IPSEC-SPD-MIB \
	109	$DIR/ietf/IPATM-IPMC-MIB \
	110	$DIR/iana/IANA-IPPM-METRICS-REGISTRY-MIB
	111	done
	112	mkdir -p /var/lib/snmp/mib_indexes
	113	sed -e 's/^agentaddress.*/agentaddress 127.0.0.1/' -i /etc/snmp/snmpd.conf
	114	service snmpd start
	115
	116	# start cron, will be used by check_nagios
	117	cron
	118
	119	# start postfix
	120	service postfix start
	121
	122	# start ftpd
	123	service vsftpd start
	124
	125	# hostname
	126	sed "/NP_HOST_TLS_CERT/s/.*/'NP_HOST_TLS_CERT' => '$(hostname)',/" -i /src/.github/NPTest.cache
	127
	128	# create some test files to lower inodes
	129	for i in $(seq 10); do
	130	touch /media/ramdisk2/test.$1
	131	done


diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000..ab8bfaa --- /dev/null +++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,72 @@
	1	# For most projects, this workflow file will not need changing; you simply need
	2	# to commit it to your repository.
	3	#
	4	# You may wish to alter this file to override the set of languages analyzed,
	5	# or to provide custom queries or build logic.
	6	#
	7	# ****** NOTE ******
	8	# We have attempted to detect the languages in your repository. Please check
	9	# the `language` matrix defined below to confirm you have the correct set of
	10	# supported CodeQL languages.
	11	#
	12	name: "CodeQL"
	13
	14	on:
	15	push:
	16	branches: [ master ]
	17	pull_request:
	18	# The branches below must be a subset of the branches above
	19	branches: [ master ]
	20	schedule:
	21	- cron: '15 18 * * 0'
	22
	23	jobs:
	24	analyze:
	25	name: Analyze
	26	runs-on: ubuntu-latest
	27	permissions:
	28	actions: read
	29	contents: read
	30	security-events: write
	31
	32	strategy:
	33	fail-fast: false
	34	matrix:
	35	language: [ 'cpp' ]
	36	# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
	37	# Learn more:
	38	# https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
	39
	40	steps:
	41	- name: Checkout repository
	42	uses: actions/checkout@v3
	43
	44	# Initializes the CodeQL tools for scanning.
	45	- name: Initialize CodeQL
	46	uses: github/codeql-action/init@v2
	47	with:
	48	languages: ${{ matrix.language }}
	49	# If you wish to specify custom queries, you can do so here or in a config file.
	50	# By default, queries listed here will override any specified in a config file.
	51	# Prefix the list here with "+" to use these queries and those in the config file.
	52	# queries: ./path/to/local/query, your-org/your-repo/queries@main
	53
	54	- name: Install packages
	55	run: \|
	56	sudo apt update
	57	sudo apt-get install -y --no-install-recommends m4 gettext automake autoconf make build-essential
	58	sudo apt-get install -y --no-install-recommends perl autotools-dev libdbi-dev libldap2-dev libpq-dev \
	59	libmysqlclient-dev libradcli-dev libkrb5-dev libdbi0-dev \
	60	libdbd-sqlite3 libssl-dev libcurl4-openssl-dev liburiparser-dev
	61
	62	- name: Configure build
	63	run: \|
	64	./tools/setup
	65	./configure --enable-libtap
	66
	67	- name: Build
	68	run: \|
	69	make
	70
	71	- name: Perform CodeQL Analysis
	72	uses: github/codeql-action/analyze@v2


diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..80d49f7 --- /dev/null +++ b/.github/workflows/test.yml
@@ -0,0 +1,47 @@
	1	name: Test
	2
	3	on:
	4	push:
	5	branches:
	6	- '*'
	7	pull_request:
	8
	9	jobs:
	10	# macos:
	11	# ...
	12	linux:
	13	runs-on: ubuntu-latest
	14	name: Running tests on ${{ matrix.distro }}
	15	strategy:
	16	fail-fast: false
	17	matrix:
	18	distro:
	19	- 'debian:testing'
	20	#...
	21	include:
	22	- distro: 'debian:testing'
	23	prepare: .github/prepare_debian.sh
	24	#...
	25	steps:
	26	- name: Git clone repository
	27	uses: actions/checkout@v3
	28	#- name: Setup tmate session, see https://github.com/marketplace/actions/debugging-with-tmate
	29	# uses: mxschmitt/action-tmate@v3
	30	- name: Run the tests on ${{ matrix.distro }}
	31	run: \|
	32	docker volume create --driver local --opt type=tmpfs --opt device=tmpfs --opt o=size=100m,uid=1000 tmp-vol
	33	docker run \
	34	-e NPTEST_ACCEPTDEFAULT=1 \
	35	-e NPTEST_CACHE="/src/.github/NPTest.cache" \
	36	-w /src -v ${PWD}:/src \
	37	--tmpfs /media/ramdisk1 \
	38	-v /var/run/utmp:/var/run/utmp \
	39	--mount source=tmp-vol,destination=/src,target=/media/ramdisk2 \
	40	${{ matrix.distro }} \
	41	/bin/sh -c '${{ matrix.prepare }} && \
	42	tools/setup && \
	43	./configure --enable-libtap --with-ipv6=no && \
	44	make && \
	45	make test'
	46	docker container prune -f
	47	docker volume prune -f