Merge branch 'main' into 38-add-syslog-capabilities

exein-io · Nov 4, 2023 · 1752faa · 1752faa
2 parents 63f18fd + 7c48535
commit 1752faa
Show file tree

Hide file tree

Showing 46 changed files with 600 additions and 379 deletions.
diff --git a/.github/actions/install-cross/README.md b/.github/actions/install-cross/README.md
@@ -0,0 +1,5 @@
+# install-cross
+
+A small github action to install [cross](https://github.com/cross-rs/cross) from its latest release.
+
+This action uses the `musl` variant.
diff --git a/.github/actions/install-cross/action.yaml b/.github/actions/install-cross/action.yaml
@@ -0,0 +1,18 @@
+name: 'Install cross'
+description: 'Install cross-rs from its latest release'
+
+runs:
+  using: composite
+  steps:
+    - name: Install cross
+      shell: bash
+      run: |
+        cross_release_archive=cross-x86_64-unknown-linux-musl.tar.gz
+        wget https://github.com/cross-rs/cross/releases/latest/download/${cross_release_archive}
+        tar -xf ${cross_release_archive}
+        rm ${cross_release_archive}
+        mkdir -p /home/runner/.local/bin
+        mv cross* /home/runner/.local/bin
+
+    - run: cross --version --verbose
+      shell: bash
diff --git a/.github/docker/Dockerfile b/.github/docker/Dockerfile
@@ -0,0 +1,17 @@
+ARG BASE_IMAGE
+
+FROM ${BASE_IMAGE}
+
+ARG ARCH
+
+RUN apt update && apt upgrade -y && apt install -y ca-certificates
+
+COPY ./target/${ARCH}/release/pulsar-exec /usr/sbin/pulsar-exec
+
+COPY .github/docker/pulsar.ini /var/lib/pulsar/pulsar.ini
+
+COPY ./rules/basic-rules.yaml /var/lib/pulsar/rules/basic-rules.yaml
+
+ENTRYPOINT [ "pulsar-exec" ]
+
+CMD [ "pulsard" ] 
diff --git a/.github/docker/Dockerfile.dockerignore b/.github/docker/Dockerfile.dockerignore
@@ -0,0 +1,7 @@
+# Exclude everything
+**
+
+# # Include essential files
+!**/pulsar-exec
+!**/pulsar.ini
+!**/basic-rules.yaml
diff --git a/.github/docker/pulsar.ini b/.github/docker/pulsar.ini
@@ -0,0 +1,5 @@
+[desktop-notifier]
+enabled=false
+
+[smtp-notifier]
+enabled=false
diff --git a/.github/workflows/audit.yaml b/.github/workflows/audit.yaml
@@ -1,20 +1,30 @@
-name: Dependency Audit
-# there is a problem with a dependency of a dependency : `time`. so for now I'm keeping it manual
-on: workflow_dispatch
-# on:
-#   pull_request:
-#     paths: 
-#       - '**/Cargo.toml'
-#       - '**/Cargo.lock'
+name: "Audit Dependencies"
+on:
+  # Run manually
+  workflow_dispatch:
+  # push:
+  #   paths:
+  #     # Run if workflow changes
+  #     - '.github/workflows/audit.yml'
+  #     # Run on changed dependencies
+  #     - '**/Cargo.toml'
+  #     - '**/Cargo.lock'
+  #     # Run if the configuration file changes
+  #     - '**/audit.toml'
+  # # Rerun periodicly to pick up new advisories
+  # schedule:
+  #   - cron: '0 0 * * *'
+
+permissions: read-all
+
 jobs:
-  security_audit:
-    name: Audit
+  audit:
     runs-on: ubuntu-latest
+    permissions:
+      issues: write
     steps:
       - name: Code checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
-      - name: Dependencies audit
-        uses: actions-rs/audit-check@v1
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
+      - uses: actions-rust-lang/audit@v1
+        name: Audit Rust Dependencies
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -5,14 +5,15 @@ on:
       - main
 
 jobs:
-  debug:
-    name: Build debug
+  build:
+    name: Build
     runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
-        rust:
-          - stable
+        profile:
+          - debug
+          - release
 
         platform:
           - target: x86_64-unknown-linux-gnu
@@ -35,72 +36,23 @@ jobs:
 
     steps:
       - name: Code checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
-      - name: Install Rust toolchain (${{ matrix.rust }})
-        uses: actions-rs/toolchain@v1
+      - name: Install Rust toolchain (stable)
+        uses: dtolnay/rust-toolchain@stable
         with:
-          toolchain: ${{ matrix.rust }}
           target: ${{ matrix.platform.target }}
-          override: true
-          components: clippy
 
-      - name: Build (all crates)
-        uses: actions-rs/cargo@v1
-        with:
-          use-cross: true
-          command: build
-          args: --locked --target=${{ matrix.platform.target }} --workspace --all-targets ${{ matrix.platform.args }}
-
-      - name: Check build did not modify any files
-        run: test -z "$(git status --porcelain)"
-
-  release:
-    name: Build release
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        rust:
-          - stable
-
-        platform:
-          - target: x86_64-unknown-linux-gnu
-            args: "--features full"
-
-          # For `musl` builds openssl must be vendored
-          - target: x86_64-unknown-linux-musl
-            args: "--features full --features openssl-vendored"
+      - name: Install cross
+        uses: ./.github/actions/install-cross
 
-          - target: aarch64-unknown-linux-gnu
-            args: "--features full"
+      - name: Build Debug
+        if: ${{ matrix.profile == 'debug' }} 
+        run: cross build --locked --target=${{ matrix.platform.target }} --workspace --all-targets ${{ matrix.platform.args }}
 
-          # For `musl` builds openssl must be vendored
-          - target: aarch64-unknown-linux-musl
-            args: "--features full --features openssl-vendored"
-
-          # Dependencies of `xtask` might fail to build on riscv64.
-          - target: riscv64gc-unknown-linux-gnu
-            args: "--features full --exclude xtask"
-
-    steps:
-      - name: Code checkout
-        uses: actions/checkout@v2
-
-      - name: Install Rust toolchain (${{ matrix.rust }})
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: ${{ matrix.rust }}
-          target: ${{ matrix.platform.target }}
-          override: true
-          components: clippy
-
-      - name: Build (all crates)
-        uses: actions-rs/cargo@v1
-        with:
-          use-cross: true
-          command: build
-          args: --locked --target=${{ matrix.platform.target }} --workspace --all-targets ${{ matrix.platform.args }} --release
+      - name: Build Release
+        if: ${{ matrix.profile == 'release' }} 
+        run: cross build --locked --target=${{ matrix.platform.target }} --workspace --all-targets ${{ matrix.platform.args }} --release
 
       - name: Check build did not modify any files
         run: test -z "$(git status --porcelain)"
diff --git a/.github/workflows/quality.yaml b/.github/workflows/quality.yaml
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Code checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - name: Run link check
         uses: gaurav-nelson/github-action-markdown-link-check@v1
@@ -26,22 +26,17 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        rust:
-          - stable
-
         platform:
           - target: x86_64-unknown-linux-gnu
 
     steps:
       - name: Code checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
-      - name: Install Rust toolchain (${{ matrix.rust }})
-        uses: actions-rs/toolchain@v1
+      - name: Install Rust toolchain (stable)
+        uses: dtolnay/rust-toolchain@stable
         with:
-          toolchain: ${{ matrix.rust }}
           target: ${{ matrix.platform.target }}
-          override: true
           components: rustfmt
 
       - name: Formatting (rustfmt)
@@ -53,9 +48,6 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        rust:
-          - stable
-
         platform:
           - target: x86_64-unknown-linux-gnu
             args: "--features full"
@@ -77,22 +69,19 @@ jobs:
 
     steps:
       - name: Code checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
-      - name: Install Rust toolchain (${{ matrix.rust }})
-        uses: actions-rs/toolchain@v1
+      - name: Install Rust toolchain (stable)
+        uses: dtolnay/rust-toolchain@stable
         with:
-          toolchain: ${{ matrix.rust }}
           target: ${{ matrix.platform.target }}
-          override: true
           components: clippy
 
+      - name: Install cross
+        uses: ./.github/actions/install-cross
+
       - name: Clippy (all crates)
-        uses: actions-rs/cargo@v1
-        with:
-          use-cross: true
-          command: clippy
-          args: --locked --target=${{ matrix.platform.target }} --workspace --all-targets ${{ matrix.platform.args }} -- -D warnings
+        run: cross clippy --locked --target=${{ matrix.platform.target }} --workspace --all-targets ${{ matrix.platform.args }} -- -D warnings
 
       - name: Check build did not modify any files
         run: test -z "$(git status --porcelain)"