diff --git a/.circleci/continue_config.yml b/.circleci/continue_config.yml index 28056c3d..ec2d270e 100644 --- a/.circleci/continue_config.yml +++ b/.circleci/continue_config.yml @@ -418,134 +418,6 @@ workflows: build-and-test: jobs: - check-ci-definition - - format: - name: Verify formatting - requires: - - check-ci-definition - - shellcheck: - name: run shellcheck on shell scripts - requires: - - check-ci-definition - - build: - matrix: - parameters: - arch: - - amd64 - - arm64 - nginx-version: - - 1.22.1 - - 1.24.0 - - 1.25.4 - - 1.27.3 - waf: - - "ON" - - "OFF" - name: build << matrix.nginx-version >> on << matrix.arch >> WAF << matrix.waf >> - - build_openresty: - matrix: - parameters: - arch: - - amd64 - - arm64 - resty-version: - - 1.27.1.1 - waf: - - "ON" - - "OFF" - name: build openresty << matrix.resty-version >> on << matrix.arch >> WAF << matrix.waf >> - - build_ingress_nginx_module: - matrix: - parameters: - arch: - - amd64 - - arm64 - version: - - 1.12.0 - name: build ingress-nginx-<< matrix.version >> on << matrix.arch >> - - coverage: - name: Coverage on 1.27.0 with WAF ON - - test: - matrix: - parameters: - arch: - - amd64 - - arm64 - base-image: - - nginx:1.27.3-alpine - - nginx:1.27.3 - nginx-version: - - 1.27.3 - waf: - - "ON" - - "OFF" - name: test << matrix.nginx-version >> on << matrix.base-image >>:<< matrix.arch >> WAF << matrix.waf >> - requires: - - build << matrix.nginx-version >> on << matrix.arch >> WAF << matrix.waf >> - - test-openresty: - matrix: - parameters: - arch: - - amd64 - - arm64 - base-image: - - openresty/openresty:1.27.1.1-alpine - resty-version: - - 1.27.1.1 - waf: - - "ON" - - "OFF" - name: test openresty << matrix.resty-version >> on << matrix.base-image >>:<< matrix.arch >> WAF << matrix.waf >> - requires: - - build openresty << matrix.resty-version >> on << matrix.arch >> WAF << matrix.waf >> - - test: - matrix: - parameters: - arch: - - amd64 - - arm64 - base-image: - - amazonlinux:2.0.20230418.0 - nginx-version: - - 1.22.1 - waf: - - "ON" - - "OFF" - name: test << matrix.nginx-version >> on << matrix.base-image >>:<< matrix.arch >> WAF << matrix.waf >> - requires: - - build << matrix.nginx-version >> on << matrix.arch >> WAF << matrix.waf >> - - test: - matrix: - parameters: - arch: - - amd64 - - arm64 - base-image: - - amazonlinux:2023.3.20240219.0 - nginx-version: - - 1.24.0 - waf: - - "ON" - - "OFF" - name: test << matrix.nginx-version >> on << matrix.base-image >>:<< matrix.arch >> WAF << matrix.waf >> - requires: - - build << matrix.nginx-version >> on << matrix.arch >> WAF << matrix.waf >> - - test_ingress: - matrix: - parameters: - arch: - - amd64 - - arm64 - base-image: - - registry.k8s.io/ingress-nginx/controller - nginx-version: - - 1.12.0 - name: test ingress-nginx-<< matrix.nginx-version >> on << matrix.arch >> - requires: - - build ingress-nginx-<< matrix.nginx-version >> on << matrix.arch >> - - system_tests: - name: Run system tests - requires: - - build 1.25.4 on amd64 WAF ON when: and: - not: << pipeline.git.tag >> diff --git a/.circleci/src/workflows/build-and-test.yml b/.circleci/src/workflows/build-and-test.yml index f09f39d6..d55e02ac 100644 --- a/.circleci/src/workflows/build-and-test.yml +++ b/.circleci/src/workflows/build-and-test.yml @@ -4,135 +4,3 @@ when: - not: << pipeline.parameters.build_all >> jobs: - check-ci-definition -- format: - name: Verify formatting - requires: - - check-ci-definition -- shellcheck: - name: run shellcheck on shell scripts - requires: - - check-ci-definition -- build: - matrix: - parameters: - arch: - - amd64 - - arm64 - nginx-version: - - 1.22.1 - - 1.24.0 - - 1.25.4 - - 1.27.3 - waf: - - 'ON' - - 'OFF' - name: build << matrix.nginx-version >> on << matrix.arch >> WAF << matrix.waf >> -- build_openresty: - matrix: - parameters: - arch: - - amd64 - - arm64 - resty-version: - - 1.27.1.1 - waf: - - 'ON' - - 'OFF' - name: build openresty << matrix.resty-version >> on << matrix.arch >> WAF << matrix.waf >> -- build_ingress_nginx_module: - name: build ingress-nginx-<< matrix.version >> on << matrix.arch >> - matrix: - parameters: - arch: - - 'amd64' - - 'arm64' - version: - - 1.12.0 -- coverage: - name: Coverage on 1.27.0 with WAF ON -- test: - matrix: - parameters: - arch: - - amd64 - - arm64 - waf: - - 'ON' - - 'OFF' - base-image: - - nginx:1.27.3-alpine - - nginx:1.27.3 - nginx-version: - - 1.27.3 - name: test << matrix.nginx-version >> on << matrix.base-image >>:<< matrix.arch - >> WAF << matrix.waf >> - requires: - - build << matrix.nginx-version >> on << matrix.arch >> WAF << matrix.waf - >> -- test-openresty: - matrix: - parameters: - arch: - - amd64 - - arm64 - waf: - - 'ON' - - 'OFF' - base-image: - - openresty/openresty:1.27.1.1-alpine - resty-version: - - 1.27.1.1 - name: test openresty << matrix.resty-version >> on << matrix.base-image >>:<< matrix.arch >> WAF << matrix.waf >> - requires: - - build openresty << matrix.resty-version >> on << matrix.arch >> WAF << matrix.waf >> -- test: - matrix: - parameters: - arch: - - amd64 - - arm64 - waf: - - 'ON' - - 'OFF' - base-image: - - amazonlinux:2.0.20230418.0 - nginx-version: - - 1.22.1 - name: test << matrix.nginx-version >> on << matrix.base-image >>:<< matrix.arch - >> WAF << matrix.waf >> - requires: - - build << matrix.nginx-version >> on << matrix.arch >> WAF << matrix.waf - >> -- test: - matrix: - parameters: - arch: - - amd64 - - arm64 - waf: - - 'ON' - - 'OFF' - base-image: - - amazonlinux:2023.3.20240219.0 - nginx-version: - - 1.24.0 - name: test << matrix.nginx-version >> on << matrix.base-image >>:<< matrix.arch >> WAF << matrix.waf >> - requires: - - build << matrix.nginx-version >> on << matrix.arch >> WAF << matrix.waf >> -- test_ingress: - name: test ingress-nginx-<< matrix.nginx-version >> on << matrix.arch >> - requires: - - build ingress-nginx-<< matrix.nginx-version >> on << matrix.arch >> - matrix: - parameters: - arch: - - amd64 - - arm64 - base-image: - - registry.k8s.io/ingress-nginx/controller - nginx-version: - - 1.12.0 -- system_tests: - name: Run system tests - requires: - - build 1.25.4 on amd64 WAF ON diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 00000000..48c57a5f --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,25 @@ +name: CI + +on: + schedule: + - cron: '0 0 * * 0' # Every Sunday at midnight + workflow_dispatch: {} + pull_request: + branches: + - "**" + +jobs: + update-rules: + runs-on: ubuntu-latest + permissions: + actions: read # read secrets + contents: write # Creates a branch + pull-requests: write # Creates a PR + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + steps: + - uses: actions/checkout@v4 + with: + repository: 'DataDog/appsec-event-rules' + token: ${{ secrets.PAT_APPSEC_ACCESS }} + path: 'appsec-event-rules'