1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
---
name: Regression Tests
on:
push:
paths:
- 'rules/**'
- 'tests/**'
- '.github/**'
pull_request:
paths:
- 'rules/**'
- 'tests/**'
- '.github/**'
jobs:
regression:
runs-on: ubuntu-latest
strategy:
matrix:
modsec_version: [modsec2-apache]
steps:
- name: "Checkout repo"
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # ratchet:actions/checkout@v6
- name: "Install dependencies"
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GO_FTW_VERSION: '1.3.0'
run: |
gh release download -R coreruleset/go-ftw v${GO_FTW_VERSION} -p "ftw_${GO_FTW_VERSION}_linux_amd64.tar.gz" -O - | tar -xzvf - ftw
- name: "Run tests for ${{ matrix.modsec_version }}"
env:
FTW_LOGFILE: './tests/logs/${{ matrix.modsec_version }}/error.log'
run: |
mkdir -p "tests/logs/${{ matrix.modsec_version }}"
docker compose -f ./tests/docker-compose.yml up -d "${{ matrix.modsec_version }}"
docker compose -f ./tests/docker-compose.yml logs
[ $(docker inspect ${{ matrix.modsec_version }} --format='{{.State.Running}}') = 'true' ]
./ftw check -d tests/regression/tests
./ftw run -d tests/regression/tests --show-failures-only
- name: "Change permissions if failed"
if: failure()
run: |
# we want to get the audit log, so change permissions (file is only for root on docker)
sudo chmod 644 tests/logs/${{ matrix.modsec_version }}/modsec_audit.log
- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # ratchet:actions/upload-artifact@v6
if: failure()
with:
name: waf-logs
path: tests/logs/${{ matrix.modsec_version }}
- name: Clean docker-compose
run: |
docker compose -f ./tests/docker-compose.yml down -t 0
|
