External/patterns
1
0
Fork 0
mirror of https://github.com/fabriziosalmi/patterns.git synced 2025-12-17 17:55:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update and rename test_docker.yml to test_apache_docker.yml

Browse Source
This commit is contained in:
fab 2025-01-17 13:28:23 +01:00 committed by GitHub
parent 0d92cd36c6
commit 146335721c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 85 additions and 164 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
.github/workflows/test_apache_docker.yml vendored Normal file
View File

@ -0,0 +1,85 @@
name: Validate WAF Patterns for Apache with Docker
on:
push:
branches:
- main # Trigger on push to main branch
pull_request:
branches:
- main # Trigger on pull request to main branch
jobs:
validate-waf-patterns:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Cache Docker setup
id: cache-docker
uses: actions/cache@v3
with:
path: /var/lib/docker
key: docker-setup-${{ runner.os }}
- name: Set up Docker
run: |
sudo apt-get update
# Remove conflicting containerd package
sudo apt-get remove -y containerd
# Install Docker dependencies
sudo apt-get install -y ca-certificates curl
# Add Docker's official GPG key
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
# Add Docker's repository
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
# Install Docker
sudo apt-get update
sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
sudo docker --version
- name: Pull Docker images
run: |
echo "Pulling ApacheDocker image..."
sudo docker pull httpd:latest
- name: Validate Apache configuration
run: |
echo "Validating Apache configuration..."
for file in waf_patterns/apache/*.conf; do
echo "Validating $file..."
sudo docker run --rm -v $(pwd)/waf_patterns/apache:/usr/local/apache2/conf/extra:ro httpd httpd -t
if [ $? -ne 0 ]; then
echo "Error: Validation failed for $file"
exit 1
fi
done
- name: Start Apache container with WAF rules
run: |
echo "Starting Apache container..."
sudo docker run -d \
--name apache-waf \
-p ${{ env.APACHE_PORT }}:80 \
-v $(pwd)/waf_patterns/apache:/usr/local/apache2/conf/extra \
httpd:latest
echo "Apache is running on port ${{ env.APACHE_PORT }}."
- name: Check Apache container logs
run: |
echo "Checking Apache container logs..."
sudo docker logs apache-waf
- name: Clean up containers
if: always()
run: |
echo "Stopping and removing containers..."
sudo docker stop apache-waf || true
sudo docker rm apache-waf || true
echo "Containers stopped and removed."

164
.github/workflows/test_docker.yml vendored
View File

@ -1,164 +0,0 @@
name: Validate WAF Patterns and Configurations with Docker
on:
push:
branches:
- main # Trigger on push to main branch
pull_request:
branches:
- main # Trigger on pull request to main branch
jobs:
validate-waf-patterns:
runs-on: ubuntu-latest
env:
NGINX_PORT: 8080
APACHE_PORT: 8081
HAPROXY_PORT: 8082
TRAEFIK_PORT: 8083
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Cache Docker setup
id: cache-docker
uses: actions/cache@v3
with:
path: /var/lib/docker
key: docker-setup-${{ runner.os }}
- name: Set up Docker
run: |
sudo apt-get update
# Remove conflicting containerd package
sudo apt-get remove -y containerd
# Install Docker dependencies
sudo apt-get install -y ca-certificates curl
# Add Docker's official GPG key
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
# Add Docker's repository
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
# Install Docker
sudo apt-get update
sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
sudo docker --version
- name: Pull Docker images
run: |
echo "Pulling Docker images..."
sudo docker pull nginx:latest
sudo docker pull httpd:latest
sudo docker pull haproxy:latest
sudo docker pull traefik:latest
# - name: Validate Nginx configuration
# run: |
# echo "Validating Nginx configuration..."
# for file in waf_patterns/nginx/*.conf; do
# echo "Validating $file..."
# sudo docker run --rm -v $(pwd)/waf_patterns/nginx:/etc/nginx/conf.d:ro nginx nginx -t
# if [ $? -ne 0 ]; then
# echo "Error: Validation failed for $file"
# exit 1
# fi
# done
#
# - name: Start Nginx container with WAF rules
# run: |
# echo "Starting Nginx container..."
# sudo docker run -d \
# --name nginx-waf \
# -p ${{ env.NGINX_PORT }}:80 \
# -v $(pwd)/waf_patterns/nginx:/etc/nginx/conf.d \
# nginx:latest
# echo "Nginx is running on port ${{ env.NGINX_PORT }}."
# - name: Check Nginx container logs
# run: |
# echo "Checking Nginx container logs..."
# sudo docker logs nginx-waf
- name: Validate Apache configuration
run: |
echo "Validating Apache configuration..."
for file in waf_patterns/apache/*.conf; do
echo "Validating $file..."
sudo docker run --rm -v $(pwd)/waf_patterns/apache:/usr/local/apache2/conf/extra:ro httpd httpd -t
if [ $? -ne 0 ]; then
echo "Error: Validation failed for $file"
exit 1
fi
done
- name: Start Apache container with WAF rules
run: |
echo "Starting Apache container..."
sudo docker run -d \
--name apache-waf \
-p ${{ env.APACHE_PORT }}:80 \
-v $(pwd)/waf_patterns/apache:/usr/local/apache2/conf/extra \
httpd:latest
echo "Apache is running on port ${{ env.APACHE_PORT }}."
- name: Check Apache container logs
run: |
echo "Checking Apache container logs..."
sudo docker logs apache-waf
# - name: Validate HAProxy configuration
# run: |
# echo "Validating HAProxy configuration..."
# for file in waf_patterns/haproxy/*.acl; do
# echo "Validating $file..."
# # Create a temporary haproxy.cfg file to include the ACL
# echo "global" > temp_haproxy.cfg
# echo " log stdout format raw local0" >> temp_haproxy.cfg
# echo "defaults" >> temp_haproxy.cfg
# echo " log global" >> temp_haproxy.cfg
# echo " timeout connect 10s" >> temp_haproxy.cfg
# echo " timeout client 30s" >> temp_haproxy.cfg
# echo " timeout server 30s" >> temp_haproxy.cfg
# echo "frontend test" >> temp_haproxy.cfg
# echo " bind *:${{ env.HAPROXY_PORT }}" >> temp_haproxy.cfg
# echo " default_backend test_backend" >> temp_haproxy.cfg
# echo " $(cat "$file")" >> temp_haproxy.cfg
# echo "backend test_backend" >> temp_haproxy.cfg
# echo " server s1 127.0.0.1:${{ env.NGINX_PORT }}" >> temp_haproxy.cfg
#
# # Validate the file using haproxy -c
# sudo docker run --rm -v $(pwd)/temp_haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro haproxy haproxy -c -f /usr/local/etc/haproxy/haproxy.cfg
# if [ $? -ne 0 ]; then
# echo "Error: Validation failed for $file"
# exit 1
# fi
# done
# - name: Start HAProxy container with WAF rules
# run: |
# echo "Starting HAProxy container..."
# sudo docker run -d \
# --name haproxy-waf \
# -p ${{ env.HAPROXY_PORT }}:80 \
# -v $(pwd)/waf_patterns/haproxy:/usr/local/etc/haproxy \
# haproxy:latest
# echo "HAProxy is running on port ${{ env.HAPROXY_PORT }}."
#
# - name: Check HAProxy container logs
# run: |
# echo "Checking HAProxy container logs..."
# sudo docker logs haproxy-waf
- name: Clean up containers
if: always()
run: |
echo "Stopping and removing containers..."
sudo docker stop nginx-waf apache-waf haproxy-waf traefik-waf || true
sudo docker rm nginx-waf apache-waf haproxy-waf traefik-waf || true
echo "Containers stopped and removed."