mirror of
https://github.com/zeek/zeek.git
synced 2025-10-13 12:08:20 +00:00
Merge remote-tracking branch 'origin/topic/awelzel/arm64-container-follow-ups'
* origin/topic/awelzel/arm64-container-follow-ups: docker: Extend tests to run a very basic Zeek script cirrus: No broker-tests and no cpp-tests for images docker: Update Makefile/README to align with the Cirrus CI setup cirrus: Add back testing of container images
This commit is contained in:
Arne Welzel
commit
3ec602a441
8 changed files with 57 additions and 73 deletions
|
|
@ -404,7 +404,7 @@ docker_build_template: &DOCKER_BUILD_TEMPLATE
|
|||
set_image_tag_script: echo "IMAGE_TAG=zeek/zeek-multiarch:${CIRRUS_ARCH}" >> $CIRRUS_ENV
|
||||
|
||||
env:
|
||||
ZEEK_CONFIGURE_FLAGS: --ccache --generator=Ninja --build-type=Release --disable-btest-pcaps
|
||||
ZEEK_CONFIGURE_FLAGS: --ccache --generator=Ninja --build-type=Release --disable-btest-pcaps --disable-cpp-tests --disable-broker-tests
|
||||
CIRRUS_LOG_TIMESTAMP: true
|
||||
BUILDER_IMAGE_CACHE_DIR: /tmp/builder-image-cache
|
||||
ZEEK_IMAGE_CACHE_DIR: /tmp/zeek-image-cache-${CIRRUS_ARCH}
|
||||
|
|
@ -441,6 +441,9 @@ docker_build_template: &DOCKER_BUILD_TEMPLATE
|
|||
build_final_script:
|
||||
- cd docker && docker build --cache-from ${IMAGE_TAG} -t ${IMAGE_TAG} -f final.Dockerfile .
|
||||
- docker save ${IMAGE_TAG} | zstd > ${ZEEK_IMAGE_CACHE_DIR}/final.zst
|
||||
test_script:
|
||||
- docker tag ${IMAGE_TAG} zeek:latest
|
||||
- make -C docker/btest
|
||||
|
||||
arm64_container_image_docker_builder:
|
||||
env:
|
||||
|
|
|
|||
13
CHANGES
13
CHANGES
|
|
@ -1,3 +1,16 @@
|
|||
5.2.0-dev.609 | 2023-02-01 20:55:45 +0100
|
||||
|
||||
* docker: Extend tests to run a very basic Zeek script (Arne Welzel, Corelight)
|
||||
|
||||
Mostly because a `-v` shortcuts quite, while a zeek -e 'print zeek_version()'
|
||||
will also parse all base scripts, etc.
|
||||
|
||||
* cirrus: No broker-tests and no cpp-tests for images (Arne Welzel, Corelight)
|
||||
|
||||
* docker: Update Makefile/README to align with the Cirrus CI setup (Arne Welzel, Corelight)
|
||||
|
||||
* cirrus: Add back testing of container images (Arne Welzel, Corelight)
|
||||
|
||||
5.2.0-dev.604 | 2023-02-01 10:48:03 -0700
|
||||
|
||||
* Restore/rename field in SMB2::Fscontrol record type (Tim Wojtulewicz, Corelight)
|
||||
|
|
|
|||
2
VERSION
2
VERSION
|
|
@ -1 +1 @@
|
|||
5.2.0-dev.604
|
||||
5.2.0-dev.609
|
||||
|
|
|
|||
|
|
@ -1,63 +0,0 @@
|
|||
# See the file "COPYING" in the main distribution directory for copyright.
|
||||
|
||||
# Layer to build Zeek.
|
||||
FROM debian:bullseye-slim AS build
|
||||
|
||||
# Configure system for build.
|
||||
RUN apt-get -q update \
|
||||
&& apt-get install -q -y --no-install-recommends \
|
||||
bind9 \
|
||||
bison \
|
||||
cmake \
|
||||
flex \
|
||||
g++ \
|
||||
gcc \
|
||||
libfl2 \
|
||||
libfl-dev \
|
||||
libmaxminddb-dev \
|
||||
libpcap-dev \
|
||||
libssl-dev \
|
||||
libz-dev \
|
||||
make \
|
||||
python3-minimal \
|
||||
python3.9-dev \
|
||||
swig \
|
||||
ninja-build \
|
||||
python3-pip \
|
||||
&& apt-get clean \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Copy over the Zeek source tree.
|
||||
# NOTE: This assumes that we build in the context of the parent directory (the
|
||||
# Git checkout root). We e.g., ensure that in the `Makefile` in this directory.
|
||||
COPY . /src/zeek
|
||||
RUN make -C /src/zeek distclean
|
||||
|
||||
ARG CONFFLAGS="--generator=Ninja --build-type=Release"
|
||||
|
||||
WORKDIR /src/zeek
|
||||
RUN ./configure $CONFFLAGS && ninja -C build install
|
||||
|
||||
# Final layer containing all artifacts.
|
||||
FROM debian:bullseye-slim AS final
|
||||
|
||||
RUN apt-get -q update \
|
||||
&& apt-get install -q -y --no-install-recommends \
|
||||
ca-certificates \
|
||||
git \
|
||||
libmaxminddb0 \
|
||||
libpython3.9 \
|
||||
libpcap0.8 \
|
||||
libssl1.1 \
|
||||
libz1 \
|
||||
python3-minimal \
|
||||
python3-git \
|
||||
python3-semantic-version \
|
||||
python3-websocket \
|
||||
&& apt-get clean \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Copy over Zeek installation.
|
||||
COPY --from=build /usr/local/zeek /usr/local/zeek
|
||||
ENV PATH "/usr/local/zeek/bin:${PATH}"
|
||||
ENV PYTHONPATH "/usr/local/zeek/lib/zeek/python:${PYTHONPATH}"
|
||||
|
|
@ -1,12 +1,30 @@
|
|||
# See the file "COPYING" in the main distribution directory for copyright.
|
||||
|
||||
VERSION := $$(cat ../VERSION)
|
||||
VERSION := $(shell cat ../VERSION)
|
||||
DOCKER ?= docker
|
||||
BUILD_IMAGE := zeek-builder:$(VERSION)
|
||||
BUILD_CONTAINER := zeek-builder-container-$(VERSION)
|
||||
ZEEK_IMAGE ?= zeek:$(VERSION)"
|
||||
BUILD_DIR ?= build-docker
|
||||
ZEEK_CONFIGURE_FLAGS ?= \
|
||||
--build-dir=$(BUILD_DIR) \
|
||||
--generator=Ninja \
|
||||
--build-type=Release \
|
||||
--disable-btest-pcaps \
|
||||
--disable-broker-tests \
|
||||
--disable-cpp-tests
|
||||
|
||||
.PHONY: all
|
||||
|
||||
all:
|
||||
@docker build -t zeek:$(VERSION) -f Dockerfile ..
|
||||
@docker tag zeek:$(VERSION) zeek:latest
|
||||
-docker rm $(BUILD_CONTAINER)
|
||||
docker build -t $(BUILD_IMAGE) -f builder.Dockerfile .
|
||||
docker run --name $(BUILD_CONTAINER) \
|
||||
-v $(CURDIR)/../:/src/zeek -w /src/zeek \
|
||||
$(BUILD_IMAGE) bash -xeu -c "./configure $(ZEEK_CONFIGURE_FLAGS) && ninja -C $(BUILD_DIR) install"
|
||||
docker commit $(BUILD_CONTAINER) zeek-build
|
||||
docker build -t $(ZEEK_IMAGE) -f final.Dockerfile .
|
||||
docker tag $(ZEEK_IMAGE) zeek:latest
|
||||
|
||||
test:
|
||||
@TEST_TAG=zeek:$(VERSION) $(MAKE) -C btest
|
||||
|
|
|
|||
|
|
@ -1,19 +1,28 @@
|
|||
Container image for Zeek
|
||||
========================
|
||||
|
||||
This directory contains a minimal container image for Zeek. This image is
|
||||
published automatically to [DockerHub](https://hub.docker.com/u/zeekurity) for
|
||||
This directory allows building a minimal container image for Zeek. This image is
|
||||
published automatically to [DockerHub](https://hub.docker.com/u/zeek) for
|
||||
releases and for commits on the `master` branch.
|
||||
|
||||
- Images for release are published as
|
||||
[`zeekurity/zeek`](https://hub.docker.com/r/zeekurity/zeek) with the `latest`
|
||||
[`zeek/zeek`](https://hub.docker.com/r/zeek/zeek) with the `latest`
|
||||
tag pointing to the latest release.
|
||||
- Development images for the `master` branch are published as
|
||||
[`zeekurity/zeek-dev`](https://hub.docker.com/r/zeekurity/zeek-dev).
|
||||
[`zeek/zeek-dev`](https://hub.docker.com/r/zeek/zeek-dev).
|
||||
|
||||
These images are also pushed to Amazon ECR Public Gallery under
|
||||
the [Zeek Project](https://gallery.ecr.aws/zeek).
|
||||
|
||||
To run the image execute e.g.,:
|
||||
|
||||
docker run -it zeekurity/zeek
|
||||
docker run -it zeek/zeek
|
||||
|
||||
To build the image execute `make` from this directory.
|
||||
|
||||
CI
|
||||
--
|
||||
|
||||
Note, the image build process on Cirrus CI is not using the Makefile,
|
||||
but instead open-codes the invocation due to leveraging Cirrus CI caching
|
||||
and ccache heavily.
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
|
||||
zeek version xxx
|
||||
zeek version xxx
|
||||
XXX
|
||||
[sources]
|
||||
zeek = https://github.com/zeek/packages
|
||||
|
|
|
|||
|
|
@ -7,6 +7,9 @@ TEST_TAG=${TEST_TAG:-zeek:latest}
|
|||
# Check that `zeek` can be run.
|
||||
docker run --rm "${TEST_TAG}" zeek -v | sed 's/\(zeek version\) .*/\1 xxx/'
|
||||
|
||||
# ...and load and execute some basic scripts, too.
|
||||
docker run --rm "${TEST_TAG}" zeek -e 'print fmt("zeek version %s", zeek_version())' | sed 's/\(zeek version\) .*/\1 xxx/'
|
||||
|
||||
# Check that this is a release build.
|
||||
docker run --rm "${TEST_TAG}" zeek-config --build_type | grep -q 'release'
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue