Merge pull request #178 from microsoft/akishore/feature/ci

Add Github Action for CI

Author: tejasshah7

.github/workflows/main.yml

@@ -0,0 +1,42 @@
+name: CI
+
+# Controls when the workflow will run
+on:
+  # Triggers the workflow on push or pull request events but only for the waf_nginx branch
+  push:
+    branches: [ waf_nginx ]
+  pull_request:
+    branches: [ waf_nginx ]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+      - uses: actions/checkout@v2
+
+      # Runs a single command using the runners shell
+      - name: Run a one-line script
+        run: echo Logging into appgwreg
+      # Logs into Azure Registry
+      - name: Docker Login
+        uses: docker/[email protected]
+        with:
+          registry: appgwreg.azurecr.io
+          # Username used to log against the Docker registry
+          username: ${{ secrets.DOCKER_USERNAME }}
+          # Password or personal access token used to log against the Docker registry
+          password: ${{ secrets.DOCKER_PASSWORD }}
+          # Log out from the Docker registry at the end of a job
+          logout: true
+      # Runs make commands
+      - name: Pull Image and Compile
+        run: |
+          docker pull appgwreg.azurecr.io/modsecurity:latest
+          docker-compose run --rm autoconf
+          docker-compose run --rm configure
+          docker-compose run --rm make

.github/workflows/tests.yml

@@ -0,0 +1,86 @@
+name: IIS-tests
+
+# Controls when the workflow will run
+on:
+  # Triggers the workflow on push or pull request events but only for the waf_nginx branch
+  push:
+    branches: [ waf_nginx ]
+  pull_request:
+    branches: [ waf_nginx ]
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: windows-2019
+    steps:
+      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+      - uses: actions/checkout@v2
+      # Setup Env
+      - name: Install Modsec Dependencies
+        run: cd iis; .\getModSecurityPkgs.ps1 https://modsecurity.blob.core.windows.net/windows-artifacts
+      - name: Pre-Build Preparation
+        run: |
+          cd iis
+          #setup the python virtual env - not a must but still
+          py.exe -2 -m pip install virtualenv
+          py.exe -2 -m virtualenv --version
+          $python_proj_name = "test_crs3"
+          py.exe -2 -m virtualenv $python_proj_name
+          & ".\$python_proj_name\Scripts\activate.ps1"
+      # Build
+      - name: Build Modsec
+        run: cd iis; ./build_release_amd64.bat
+      # Test
+      - name: Pre-Test Config
+        run: |
+          $python_proj_name = "test_crs3"
+          & ".\iis\$python_proj_name\Scripts\activate.ps1"
+          $modsec_repo = "$pwd"
+          $modsec_conf = "$modsec_repo\iis\wix\modsecurity.conf"
+          $modsec_iis_conf = "$modsec_repo\iis\wix\modsecurity_iis.conf"
+          & {iisreset /stop}  #need to stop iis before copy of files that are used by it
+          #copy the xml file to the schema
+          Copy-Item "$modsec_repo\iis\ModSecurity.xml" -Destination "$env:SystemRoot\System32\inetsrv\config\schema" -Force
+          #set modsecurity in applicationhost.cofig
+          [System.Reflection.Assembly]::LoadFrom("$env:systemroot\system32\inetsrv\Microsoft.Web.Administration.dll")
+          $sm = new-object Microsoft.Web.Administration.ServerManager
+          $rootSG = $sm.GetApplicationHostConfiguration().RootSectionGroup
+          $rootSG.SectionGroups["system.webServer"].Sections.Add("ModSecurity")
+          $rootSG.SectionGroups["system.webServer"].Sections["ModSecurity"].OverrideModeDefault = "Deny"
+          $rootSG.SectionGroups["system.webServer"].Sections["ModSecurity"].AllowDefinition = "Everywhere"
+          $sm.CommitChanges()
+          & "$env:SystemRoot\System32\inetsrv\appcmd.exe" install module /name:"ModSecurity" /image:"$modsec_repo\iis\release\amd64\ModSecurityIIS.dll"
+          & "$env:SystemRoot\System32\inetsrv\appcmd.exe" set config /section:"system.webServer/ModSecurity" /"enabled:true" /"configFile:$modsec_iis_conf"
+          #setup the crs repo and the modsec config
+          $crs_path = "$modsec_repo\crs"
+          git clone -b "v3.1.0" -q https://github.com/SpiderLabs/owasp-modsecurity-crs.git $crs_path
+          cd "$modsec_repo\tests"
+          Rename-Item -Path "$crs_path\crs-setup.conf.example" -NewName "crs-setup.conf"
+          Copy-Item "$crs_path\util\regression-tests\requirements.txt" -Destination "$modsec_repo\tests" -Force
+          #setup the test env with depending python pkgs
+          pip install ftw==1.1.7
+          #configure modsec to use crs 3 and set if for the python testing
+          $dbg_file = "$modsec_repo\modsec_debug.log"
+          Add-Content $modsec_conf "SecDebugLog $dbg_file`r`nSecDebugLogLevel 3"
+          Clear-Content $modsec_iis_conf
+          #configure modsecurity_iis.conf for crs 3 and for runnig the python tests
+          Add-Content $modsec_iis_conf "Include modsecurity.conf"
+          Add-Content $modsec_iis_conf "SecAction ""id:900005,\`r`n  phase:1,\`r`n  nolog,\`r`n  pass,\`r`n  ctl:ruleEngine=DetectionOnly,\`r`n  ctl:ruleRemoveById=910000,\"
+          Add-Content $modsec_iis_conf "  setvar:tx.paranoia_level=4,\`r`n  setvar:tx.crs_validate_utf8_encoding=1,\`r`n  setvar:tx.arg_name_length=100,\`r`n  setvar:tx.arg_length=400"""
+          Add-Content $modsec_iis_conf "include $crs_path\crs-setup.conf"
+          Add-Content $modsec_iis_conf "include $crs_path/rules/*.conf"
+          & {iisreset /start}; Start-Service W3SVC # finished all the modsec config, start iis
+      - name: Run Test
+        run: |
+          $modsec_repo = "$pwd"
+          $python_proj_name = "test_crs3"
+          $crs_path = "$modsec_repo\crs"
+          & "$modsec_repo\iis\$python_proj_name\Scripts\Activate.ps1"
+          #usually the first test fail, due to i/o
+          cd tests;
+          py.test.exe -v CRS_Tests_modsec_dbg.py --rule="$crs_path\util\regression-tests\tests\test.yaml"
+          #running all the tests
+          py.test.exe -q CRS_Tests_modsec_dbg.py --ruledir_recurse="$crs_path\util\regression-tests\tests\" --result-log=res.txt --tb=no --junit-xml=res.xml
+          python Parse_test_res.py res.txt

.travis.yml

@@ -23,7 +23,7 @@
 @set CMAKE_DIR=%WORK_DIR%\%CMAKE:~0,-4%\bin
 
 :: Aditional paths.
-@set PATH=%PATH%;%CMAKE_DIR%;"c:\program files\7-zip"
+@set PATH=%PATH%;%CMAKE_DIR%
 
 
 :: @set VCARGS32="C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\bin\vcvars32.bat"

appveyor.yml

@@ -11,7 +11,8 @@ mkdir "%RELEASE_DIR%"
 
 mkdir "%AMD64%"
 
-set VCARGS64="C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\bin\x86_amd64\vcvarsx86_amd64.bat"
+set VCARGS64="C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Auxiliary\Build\vcvarsx86_amd64.bat"
+
 
 set SSDEEP_ARCH="x64"
 call build_dependencies.bat %VCARGS64%