5 files changed, 358 insertions, 0 deletions
diff --git a/.github/NPTest.cache b/.github/NPTest.cache
new file mode 100644
index 0000000..d488d1b
--- /dev/null
+++ b/.github/NPTest.cache
@@ -0,0 +1,55 @@
+{
+  'NP_ALLOW_SUDO' => 'yes',
+  'NP_DNS_SERVER' => '8.8.8.8',
+  'NP_GOOD_NTP_SERVICE' => '',
+  'NP_HOST_DHCP_RESPONSIVE' => '',
+  'NP_HOST_HPJD_PORT_INVALID' => '161',
+  'NP_HOST_HPJD_PORT_VALID' => '',
+  'NP_HOSTNAME_INVALID_CIDR' => '130.133.8.39/30',
+  'NP_HOSTNAME_INVALID' => 'nosuchhost',
+  'NP_HOSTNAME_VALID_CIDR' => '130.133.8.41/30',
+  'NP_HOSTNAME_VALID_IP' => '130.133.8.40',
+  'NP_HOSTNAME_VALID' => 'monitoring-plugins.org',
+  'NP_HOSTNAME_VALID_REVERSE' => 'orwell.monitoring-plugins.org.',
+  'NP_HOST_NONRESPONSIVE' => '192.168.1.2',
+  'NP_HOST_RESPONSIVE' => 'localhost',
+  'NP_HOST_SMB' => '',
+  'NP_HOST_SNMP' => '',
+  'NP_HOST_TCP_FTP' => '',
+  'NP_HOST_TCP_HPJD' => '',
+  'NP_HOST_TCP_HTTP2' => 'test.monitoring-plugins.org',
+  'NP_HOST_TCP_HTTP' => 'localhost',
+  'NP_HOST_TCP_IMAP' => 'imap.web.de',
+  'NP_HOST_TCP_JABBER' => 'jabber.org',
+  'NP_HOST_TCP_LDAP' => 'localhost',
+  'NP_HOST_TCP_POP' => 'pop.web.de',
+  'NP_HOST_TCP_PROXY' => 'localhost',
+  'NP_HOST_TCP_SMTP' => 'localhost',
+  'NP_HOST_TCP_SMTP_NOSTARTTLS' => '',
+  'NP_HOST_TCP_SMTP_STARTTLS' => 'localhost',
+  'NP_HOST_TCP_SMTP_TLS' => 'localhost',
+  'NP_HOST_TLS_CERT' => 'localhost',
+  'NP_HOST_TLS_HTTP' => 'localhost',
+  'NP_HOST_UDP_TIME' => 'none',
+  'NP_INTERNET_ACCESS' => 'yes',
+  'NP_LDAP_BASE_DN' => 'dc=nodomain',
+  'NP_MOUNTPOINT2_VALID' => '/media/ramdisk1',
+  'NP_MOUNTPOINT_VALID' => '/',
+  'NP_MYSQL_LOGIN_DETAILS' => '-u root -d test',
+  'NP_MYSQL_SERVER' => 'localhost',
+  'NP_MYSQL_SOCKET' => '/var/run/mysqld/mysqld.sock',
+  'NP_MYSQL_WITH_SLAVE' => '',
+  'NP_MYSQL_WITH_SLAVE_LOGIN' => '',
+  'NP_NO_NTP_SERVICE' => 'localhost',
+  'NP_PORT_TCP_PROXY' => '3128',
+  'NP_SMB_SHARE' => '',
+  'NP_SMB_SHARE_DENY' => '',
+  'NP_SMB_SHARE_SPC' => '',
+  'NP_SMB_VALID_USER' => '',
+  'NP_SMB_VALID_USER_PASS' => '',
+  'NP_SNMP_COMMUNITY' => '',
+  'NP_SNMP_USER' => '',
+  'NP_SSH_CONFIGFILE' => '~/.ssh/config',
+  'NP_SSH_HOST' => 'localhost',
+  'NP_SSH_IDENTITY' => '~/.ssh/id_rsa'
+}
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..0707364
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,11 @@
+---
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: daily
+      time: "04:00"
+    pull-request-branch-name:
+      separator: "-"
+    open-pull-requests-limit: 10
diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh
new file mode 100755
index 0000000..dcf778b
--- /dev/null
+++ b/.github/prepare_debian.sh
@@ -0,0 +1,135 @@
+#!/bin/bash
+set -x
+set -e
+export DEBIAN_FRONTEND=noninteractive
+source /etc/os-release
+if [ ${ID} = "debian" ]; then
+        if [ -f /etc/apt/sources.list.d/debian.sources  ]; then
+                sed "s/main/non-free contrib/g" /etc/apt/sources.list.d/debian.sources > /etc/apt/sources.list.d/debian-nonfree.sources
+        else
+                apt-get update
+                apt-get -y install software-properties-common
+                apt-add-repository non-free
+        fi
+fi
+apt-get update
+apt-get -y install perl \
+        autotools-dev \
+        libdbi-dev \
+        libldap2-dev \
+        libpq-dev \
+        libradcli-dev \
+        libnet-snmp-perl \
+        procps \
+        libdbi0-dev \
+        libdbd-sqlite3 \
+        libssl-dev \
+        dnsutils \
+        snmp-mibs-downloader \
+        libsnmp-perl \
+        snmpd \
+        fping \
+        snmp \
+        netcat-openbsd \
+        smbclient \
+        vsftpd \
+        apache2 \
+        ssl-cert \
+        postfix \
+        libhttp-daemon-ssl-perl \
+        libdbd-sybase-perl \
+        libnet-dns-perl \
+        slapd \
+        ldap-utils \
+        gcc \
+        make \
+        autoconf \
+        automake \
+        gettext \
+        faketime \
+        libmonitoring-plugin-perl \
+        libcurl4-openssl-dev \
+        liburiparser-dev \
+        squid \
+        openssh-server \
+        mariadb-server \
+        mariadb-client \
+        libmariadb-dev \
+        cron \
+        iputils-ping \
+        iproute2
+# remove ipv6 interface from hosts
+if [ $(ip addr show | grep "inet6 ::1" | wc -l) -eq "0" ]; then
+    sed '/^::1/d' /etc/hosts > /tmp/hosts
+    cp -f /tmp/hosts /etc/hosts
+fi
+ip addr show
+cat /etc/hosts
+# apache
+a2enmod ssl
+a2ensite default-ssl
+# replace snakeoil certs with openssl generated ones as the make-ssl-cert ones
+# seems to cause problems with our plugins
+rm /etc/ssl/certs/ssl-cert-snakeoil.pem
+rm /etc/ssl/private/ssl-cert-snakeoil.key
+openssl req -nodes -newkey rsa:2048 -x509 -sha256 -days 365 -nodes -keyout /etc/ssl/private/ssl-cert-snakeoil.key -out /etc/ssl/certs/ssl-cert-snakeoil.pem -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=$(hostname)"
+service apache2 restart
+# squid
+cp tools/squid.conf /etc/squid/squid.conf
+service squid start
+# mariadb
+service mariadb start || service mysql start
+mysql -e "create database IF NOT EXISTS test;" -uroot
+# ldap
+sed -e 's/cn=admin,dc=nodomain/'$(/usr/sbin/slapcat|grep ^dn:|awk '{print $2}')'/' -i .github/NPTest.cache
+service slapd start
+# sshd
+ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
+cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
+service ssh start
+sleep 1
+ssh-keyscan localhost >> ~/.ssh/known_hosts
+touch ~/.ssh/config
+# start one login session, required for check_users
+ssh -tt localhost </dev/null >/dev/null 2>/dev/null &
+disown %1
+# snmpd
+service snmpd stop
+mkdir -p /var/lib/snmp/mib_indexes
+sed -e 's/^agentaddress.*/agentaddress 127.0.0.1/' -i /etc/snmp/snmpd.conf
+service snmpd start
+# start cron, will be used by check_nagios
+cron
+# postfix
+cat <<EOD >> /etc/postfix/master.cf
+smtps     inet  n       -       n       -       -       smtpd
+  -o smtpd_tls_wrappermode=yes
+EOD
+service postfix start
+# start ftpd
+service vsftpd start
+# hostname
+sed "/NP_HOST_TLS_CERT/s/.*/'NP_HOST_TLS_CERT' => '$(hostname)',/" -i /src/.github/NPTest.cache
+# create some test files to lower inodes
+for i in $(seq 10); do
+    touch /media/ramdisk2/test.$1
+done
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 0000000..0317c8c
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,73 @@
+---
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+on:
+  push:
+    branches: [master]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [master]
+  schedule:
+    - cron: '15 18 * * 0'
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ['cpp']
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
+        # Learn more:
+        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+          # queries: ./path/to/local/query, your-org/your-repo/queries@main
+      - name: Install packages
+        run: |
+          sudo apt update
+          sudo apt-get install -y --no-install-recommends m4 gettext automake autoconf make build-essential
+          sudo apt-get install -y --no-install-recommends perl autotools-dev libdbi-dev libldap2-dev libpq-dev \
+                                                          libmysqlclient-dev libradcli-dev libkrb5-dev libdbi0-dev \
+                                                          libdbd-sqlite3 libssl-dev libcurl4-openssl-dev liburiparser-dev
+      - name: Configure build
+        run: |
+          ./tools/setup
+          ./configure --enable-libtap
+      - name: Build
+        run: |
+          make
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
new file mode 100644
index 0000000..0f845de
--- /dev/null
+++ b/.github/workflows/test.yml
@@ -0,0 +1,84 @@
+---
+name: Test
+on:
+  push:
+    branches:
+      - '*'
+  # Run test for any PRs
+  pull_request:
+jobs:
+  codespell:
+    name: codespell
+    strategy:
+      fail-fast: false
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Codespell
+        uses: codespell-project/actions-codespell@v2
+        with:
+          skip: "./.git,./.gitignore,./ABOUT-NLS,*.po,./gl,./po,./tools/squid.conf,./build-aux/ltmain.sh"
+          ignore_words_list: allright,gord,didi,hda,nd,alis,clen,scrit,ser,fot,te,parm,isnt,consol,oneliners,esponse
+          check_filenames: true
+          check_hidden: true
+#  super-linter:
+#    name: super-linter
+#    strategy:
+#      fail-fast: false
+#    runs-on: ubuntu-latest
+#    steps:
+#      - name: Checkout
+#        uses: actions/checkout@v4
+#      - name: Lint Code Base
+#        uses: github/super-linter@v5.0.0
+#        env:
+#          DEFAULT_BRANCH: master
+#          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+#  macos:
+#    ...
+  linux:
+    needs:
+      - codespell
+#      - super-linter
+    runs-on: ubuntu-latest
+    name: Running tests on ${{ matrix.distro }}
+    strategy:
+      fail-fast: false
+      matrix:
+        distro:
+          - 'debian:stable'
+          #...
+        include:
+          - distro: 'debian:stable'
+            prepare: .github/prepare_debian.sh
+          #...
+    steps:
+      - name: Git clone repository
+        uses: actions/checkout@v4
+      #- name: Setup tmate session, see https://github.com/marketplace/actions/debugging-with-tmate
+      #  uses: mxschmitt/action-tmate@v3
+      - name: Run the tests on ${{ matrix.distro }}
+        run: |
+          docker volume create --driver local --opt type=tmpfs --opt device=tmpfs --opt o=size=100m,uid=1000 tmp-vol
+          docker run \
+              -e NPTEST_ACCEPTDEFAULT=1 \
+              -e NPTEST_CACHE="/src/.github/NPTest.cache" \
+              -w /src -v ${PWD}:/src \
+              --tmpfs /media/ramdisk1 \
+              -v /var/run/utmp:/var/run/utmp \
+              --mount source=tmp-vol,destination=/src,target=/media/ramdisk2 \
+              ${{ matrix.distro }} \
+              /bin/sh -c '${{ matrix.prepare }} && \
+                tools/setup && \
+                ./configure --enable-libtap  --with-ipv6=no && \
+                set -x && \
+                tmp_dir=$(mktemp -d -t test-XXXX) && cp -a po/ $tmp_dir/  && \
+                cd po && make update-po && cd .. && \
+                diff -Nur $tmp_dir/po/*.po po/*.po | tee -a /tmp/po.diff && diff -Nur $tmp_dir/po/*.pot po/*.pot | tee -a /tmp/po.diff && if [ $(wc -l /tmp/po.diff | cut -f 1 -d" ") -gt 0 ]; then echo "Error: Translations needs to be updated with make update-po!" && exit 1; fi && \ 
+                make && \
+                make test'
+          docker container prune -f
+          docker volume prune -f

diff --git a/.github/NPTest.cache b/.github/NPTest.cache new file mode 100644 index 0000000..d488d1b --- /dev/null +++ b/.github/NPTest.cache
@@ -0,0 +1,55 @@
	1	{
	2	'NP_ALLOW_SUDO' => 'yes',
	3	'NP_DNS_SERVER' => '8.8.8.8',
	4	'NP_GOOD_NTP_SERVICE' => '',
	5	'NP_HOST_DHCP_RESPONSIVE' => '',
	6	'NP_HOST_HPJD_PORT_INVALID' => '161',
	7	'NP_HOST_HPJD_PORT_VALID' => '',
	8	'NP_HOSTNAME_INVALID_CIDR' => '130.133.8.39/30',
	9	'NP_HOSTNAME_INVALID' => 'nosuchhost',
	10	'NP_HOSTNAME_VALID_CIDR' => '130.133.8.41/30',
	11	'NP_HOSTNAME_VALID_IP' => '130.133.8.40',
	12	'NP_HOSTNAME_VALID' => 'monitoring-plugins.org',
	13	'NP_HOSTNAME_VALID_REVERSE' => 'orwell.monitoring-plugins.org.',
	14	'NP_HOST_NONRESPONSIVE' => '192.168.1.2',
	15	'NP_HOST_RESPONSIVE' => 'localhost',
	16	'NP_HOST_SMB' => '',
	17	'NP_HOST_SNMP' => '',
	18	'NP_HOST_TCP_FTP' => '',
	19	'NP_HOST_TCP_HPJD' => '',
	20	'NP_HOST_TCP_HTTP2' => 'test.monitoring-plugins.org',
	21	'NP_HOST_TCP_HTTP' => 'localhost',
	22	'NP_HOST_TCP_IMAP' => 'imap.web.de',
	23	'NP_HOST_TCP_JABBER' => 'jabber.org',
	24	'NP_HOST_TCP_LDAP' => 'localhost',
	25	'NP_HOST_TCP_POP' => 'pop.web.de',
	26	'NP_HOST_TCP_PROXY' => 'localhost',
	27	'NP_HOST_TCP_SMTP' => 'localhost',
	28	'NP_HOST_TCP_SMTP_NOSTARTTLS' => '',
	29	'NP_HOST_TCP_SMTP_STARTTLS' => 'localhost',
	30	'NP_HOST_TCP_SMTP_TLS' => 'localhost',
	31	'NP_HOST_TLS_CERT' => 'localhost',
	32	'NP_HOST_TLS_HTTP' => 'localhost',
	33	'NP_HOST_UDP_TIME' => 'none',
	34	'NP_INTERNET_ACCESS' => 'yes',
	35	'NP_LDAP_BASE_DN' => 'dc=nodomain',
	36	'NP_MOUNTPOINT2_VALID' => '/media/ramdisk1',
	37	'NP_MOUNTPOINT_VALID' => '/',
	38	'NP_MYSQL_LOGIN_DETAILS' => '-u root -d test',
	39	'NP_MYSQL_SERVER' => 'localhost',
	40	'NP_MYSQL_SOCKET' => '/var/run/mysqld/mysqld.sock',
	41	'NP_MYSQL_WITH_SLAVE' => '',
	42	'NP_MYSQL_WITH_SLAVE_LOGIN' => '',
	43	'NP_NO_NTP_SERVICE' => 'localhost',
	44	'NP_PORT_TCP_PROXY' => '3128',
	45	'NP_SMB_SHARE' => '',
	46	'NP_SMB_SHARE_DENY' => '',
	47	'NP_SMB_SHARE_SPC' => '',
	48	'NP_SMB_VALID_USER' => '',
	49	'NP_SMB_VALID_USER_PASS' => '',
	50	'NP_SNMP_COMMUNITY' => '',
	51	'NP_SNMP_USER' => '',
	52	'NP_SSH_CONFIGFILE' => '~/.ssh/config',
	53	'NP_SSH_HOST' => 'localhost',
	54	'NP_SSH_IDENTITY' => '~/.ssh/id_rsa'
	55	}


diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..0707364 --- /dev/null +++ b/.github/dependabot.yml
@@ -0,0 +1,11 @@
	1	---
	2	version: 2
	3	updates:
	4	- package-ecosystem: github-actions
	5	directory: "/"
	6	schedule:
	7	interval: daily
	8	time: "04:00"
	9	pull-request-branch-name:
	10	separator: "-"
	11	open-pull-requests-limit: 10


diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh new file mode 100755 index 0000000..dcf778b --- /dev/null +++ b/.github/prepare_debian.sh
@@ -0,0 +1,135 @@
	1	#!/bin/bash
	2
	3	set -x
	4	set -e
	5
	6	export DEBIAN_FRONTEND=noninteractive
	7
	8	source /etc/os-release
	9
	10	if [ ${ID} = "debian" ]; then
	11	if [ -f /etc/apt/sources.list.d/debian.sources ]; then
	12	sed "s/main/non-free contrib/g" /etc/apt/sources.list.d/debian.sources > /etc/apt/sources.list.d/debian-nonfree.sources
	13	else
	14	apt-get update
	15	apt-get -y install software-properties-common
	16	apt-add-repository non-free
	17	fi
	18	fi
	19	apt-get update
	20	apt-get -y install perl \
	21	autotools-dev \
	22	libdbi-dev \
	23	libldap2-dev \
	24	libpq-dev \
	25	libradcli-dev \
	26	libnet-snmp-perl \
	27	procps \
	28	libdbi0-dev \
	29	libdbd-sqlite3 \
	30	libssl-dev \
	31	dnsutils \
	32	snmp-mibs-downloader \
	33	libsnmp-perl \
	34	snmpd \
	35	fping \
	36	snmp \
	37	netcat-openbsd \
	38	smbclient \
	39	vsftpd \
	40	apache2 \
	41	ssl-cert \
	42	postfix \
	43	libhttp-daemon-ssl-perl \
	44	libdbd-sybase-perl \
	45	libnet-dns-perl \
	46	slapd \
	47	ldap-utils \
	48	gcc \
	49	make \
	50	autoconf \
	51	automake \
	52	gettext \
	53	faketime \
	54	libmonitoring-plugin-perl \
	55	libcurl4-openssl-dev \
	56	liburiparser-dev \
	57	squid \
	58	openssh-server \
	59	mariadb-server \
	60	mariadb-client \
	61	libmariadb-dev \
	62	cron \
	63	iputils-ping \
	64	iproute2
	65
	66	# remove ipv6 interface from hosts
	67	if [ $(ip addr show \| grep "inet6 ::1" \| wc -l) -eq "0" ]; then
	68	sed '/^::1/d' /etc/hosts > /tmp/hosts
	69	cp -f /tmp/hosts /etc/hosts
	70	fi
	71
	72	ip addr show
	73
	74	cat /etc/hosts
	75
	76	# apache
	77	a2enmod ssl
	78	a2ensite default-ssl
	79	# replace snakeoil certs with openssl generated ones as the make-ssl-cert ones
	80	# seems to cause problems with our plugins
	81	rm /etc/ssl/certs/ssl-cert-snakeoil.pem
	82	rm /etc/ssl/private/ssl-cert-snakeoil.key
	83	openssl req -nodes -newkey rsa:2048 -x509 -sha256 -days 365 -nodes -keyout /etc/ssl/private/ssl-cert-snakeoil.key -out /etc/ssl/certs/ssl-cert-snakeoil.pem -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=$(hostname)"
	84	service apache2 restart
	85
	86	# squid
	87	cp tools/squid.conf /etc/squid/squid.conf
	88	service squid start
	89
	90	# mariadb
	91	service mariadb start \|\| service mysql start
	92	mysql -e "create database IF NOT EXISTS test;" -uroot
	93
	94	# ldap
	95	sed -e 's/cn=admin,dc=nodomain/'$(/usr/sbin/slapcat\|grep ^dn:\|awk '{print $2}')'/' -i .github/NPTest.cache
	96	service slapd start
	97
	98	# sshd
	99	ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
	100	cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
	101	service ssh start
	102	sleep 1
	103	ssh-keyscan localhost >> ~/.ssh/known_hosts
	104	touch ~/.ssh/config
	105
	106	# start one login session, required for check_users
	107	ssh -tt localhost </dev/null >/dev/null 2>/dev/null &
	108	disown %1
	109
	110	# snmpd
	111	service snmpd stop
	112	mkdir -p /var/lib/snmp/mib_indexes
	113	sed -e 's/^agentaddress.*/agentaddress 127.0.0.1/' -i /etc/snmp/snmpd.conf
	114	service snmpd start
	115
	116	# start cron, will be used by check_nagios
	117	cron
	118
	119	# postfix
	120	cat <<EOD >> /etc/postfix/master.cf
	121	smtps inet n - n - - smtpd
	122	-o smtpd_tls_wrappermode=yes
	123	EOD
	124	service postfix start
	125
	126	# start ftpd
	127	service vsftpd start
	128
	129	# hostname
	130	sed "/NP_HOST_TLS_CERT/s/.*/'NP_HOST_TLS_CERT' => '$(hostname)',/" -i /src/.github/NPTest.cache
	131
	132	# create some test files to lower inodes
	133	for i in $(seq 10); do
	134	touch /media/ramdisk2/test.$1
	135	done


diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000..0317c8c --- /dev/null +++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,73 @@
	1	---
	2	# For most projects, this workflow file will not need changing; you simply need
	3	# to commit it to your repository.
	4	#
	5	# You may wish to alter this file to override the set of languages analyzed,
	6	# or to provide custom queries or build logic.
	7	#
	8	# ****** NOTE ******
	9	# We have attempted to detect the languages in your repository. Please check
	10	# the `language` matrix defined below to confirm you have the correct set of
	11	# supported CodeQL languages.
	12	#
	13	name: "CodeQL"
	14
	15	on:
	16	push:
	17	branches: [master]
	18	pull_request:
	19	# The branches below must be a subset of the branches above
	20	branches: [master]
	21	schedule:
	22	- cron: '15 18 * * 0'
	23
	24	jobs:
	25	analyze:
	26	name: Analyze
	27	runs-on: ubuntu-latest
	28	permissions:
	29	actions: read
	30	contents: read
	31	security-events: write
	32
	33	strategy:
	34	fail-fast: false
	35	matrix:
	36	language: ['cpp']
	37	# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
	38	# Learn more:
	39	# https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
	40
	41	steps:
	42	- name: Checkout repository
	43	uses: actions/checkout@v4
	44
	45	# Initializes the CodeQL tools for scanning.
	46	- name: Initialize CodeQL
	47	uses: github/codeql-action/init@v2
	48	with:
	49	languages: ${{ matrix.language }}
	50	# If you wish to specify custom queries, you can do so here or in a config file.
	51	# By default, queries listed here will override any specified in a config file.
	52	# Prefix the list here with "+" to use these queries and those in the config file.
	53	# queries: ./path/to/local/query, your-org/your-repo/queries@main
	54
	55	- name: Install packages
	56	run: \|
	57	sudo apt update
	58	sudo apt-get install -y --no-install-recommends m4 gettext automake autoconf make build-essential
	59	sudo apt-get install -y --no-install-recommends perl autotools-dev libdbi-dev libldap2-dev libpq-dev \
	60	libmysqlclient-dev libradcli-dev libkrb5-dev libdbi0-dev \
	61	libdbd-sqlite3 libssl-dev libcurl4-openssl-dev liburiparser-dev
	62
	63	- name: Configure build
	64	run: \|
	65	./tools/setup
	66	./configure --enable-libtap
	67
	68	- name: Build
	69	run: \|
	70	make
	71
	72	- name: Perform CodeQL Analysis
	73	uses: github/codeql-action/analyze@v2


diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..0f845de --- /dev/null +++ b/.github/workflows/test.yml
@@ -0,0 +1,84 @@
	1	---
	2	name: Test
	3
	4	on:
	5	push:
	6	branches:
	7	- '*'
	8	# Run test for any PRs
	9	pull_request:
	10
	11	jobs:
	12	codespell:
	13	name: codespell
	14	strategy:
	15	fail-fast: false
	16	runs-on: ubuntu-latest
	17	steps:
	18	- name: Checkout
	19	uses: actions/checkout@v4
	20	- name: Codespell
	21	uses: codespell-project/actions-codespell@v2
	22	with:
	23	skip: "./.git,./.gitignore,./ABOUT-NLS,*.po,./gl,./po,./tools/squid.conf,./build-aux/ltmain.sh"
	24	ignore_words_list: allright,gord,didi,hda,nd,alis,clen,scrit,ser,fot,te,parm,isnt,consol,oneliners,esponse
	25	check_filenames: true
	26	check_hidden: true
	27	# super-linter:
	28	# name: super-linter
	29	# strategy:
	30	# fail-fast: false
	31	# runs-on: ubuntu-latest
	32	# steps:
	33	# - name: Checkout
	34	# uses: actions/checkout@v4
	35	# - name: Lint Code Base
	36	# uses: github/super-linter@v5.0.0
	37	# env:
	38	# DEFAULT_BRANCH: master
	39	# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	40	# macos:
	41	# ...
	42	linux:
	43	needs:
	44	- codespell
	45	# - super-linter
	46	runs-on: ubuntu-latest
	47	name: Running tests on ${{ matrix.distro }}
	48	strategy:
	49	fail-fast: false
	50	matrix:
	51	distro:
	52	- 'debian:stable'
	53	#...
	54	include:
	55	- distro: 'debian:stable'
	56	prepare: .github/prepare_debian.sh
	57	#...
	58	steps:
	59	- name: Git clone repository
	60	uses: actions/checkout@v4
	61	#- name: Setup tmate session, see https://github.com/marketplace/actions/debugging-with-tmate
	62	# uses: mxschmitt/action-tmate@v3
	63	- name: Run the tests on ${{ matrix.distro }}
	64	run: \|
	65	docker volume create --driver local --opt type=tmpfs --opt device=tmpfs --opt o=size=100m,uid=1000 tmp-vol
	66	docker run \
	67	-e NPTEST_ACCEPTDEFAULT=1 \
	68	-e NPTEST_CACHE="/src/.github/NPTest.cache" \
	69	-w /src -v ${PWD}:/src \
	70	--tmpfs /media/ramdisk1 \
	71	-v /var/run/utmp:/var/run/utmp \
	72	--mount source=tmp-vol,destination=/src,target=/media/ramdisk2 \
	73	${{ matrix.distro }} \
	74	/bin/sh -c '${{ matrix.prepare }} && \
	75	tools/setup && \
	76	./configure --enable-libtap --with-ipv6=no && \
	77	set -x && \
	78	tmp_dir=$(mktemp -d -t test-XXXX) && cp -a po/ $tmp_dir/ && \
	79	cd po && make update-po && cd .. && \
	80	diff -Nur $tmp_dir/po/.po po/.po \| tee -a /tmp/po.diff && diff -Nur $tmp_dir/po/.pot po/.pot \| tee -a /tmp/po.diff && if [ $(wc -l /tmp/po.diff \| cut -f 1 -d" ") -gt 0 ]; then echo "Error: Translations needs to be updated with make update-po!" && exit 1; fi && \
	81	make && \
	82	make test'
	83	docker container prune -f
	84	docker volume prune -f