diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 6fe3ca5f08..8253d3d4e8 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -18,6 +18,7 @@ jobs: runs-on: ubuntu-latest env: TEST_TAG: zeek:latest + CONFFLAGS: --generator=Ninja --build-type=Release steps: - uses: actions/checkout@v2 with: @@ -31,7 +32,8 @@ jobs: with: context: ./ file: docker/Dockerfile - # Load and tag the image so it can be used by the test job below. + build-args: | + CONFFLAGS=${{ env.CONFFLAGS }} load: true tags: ${{ env.TEST_TAG }} @@ -76,6 +78,8 @@ jobs: with: context: ./ file: docker/Dockerfile + build-args: | + CONFFLAGS=${{ env.CONFFLAGS }} push: true tags: | zeekurity/${{ steps.target.outputs.tag }} diff --git a/CHANGES b/CHANGES index 0f425b65fa..565aa3dc88 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,14 @@ +4.2.0-dev.245 | 2021-10-01 14:19:19 -0700 + + * Enable customization of the Docker image's configure invocation (Christian Kreibich, Corelight) + + * Add Python Broker module load test to Docker image btests (Christian Kreibich, Corelight) + + * Set PYTHONPATH in Docker to automatically find Zeek's modules (Christian Kreibich, Corelight) + + * Docker image fix: libpython needs to be 3.9 on Debian Bullseye (Christian Kreibich, Corelight) + 4.2.0-dev.240 | 2021-10-01 13:28:39 -0700 * Bump highwayhash submodule to pull in another FreeBSD header fix (Christian Kreibich, Corelight) diff --git a/VERSION b/VERSION index f736e8a24d..b4b9bb78a0 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -4.2.0-dev.240 +4.2.0-dev.245 diff --git a/docker/Dockerfile b/docker/Dockerfile index 4ee11c65d4..5957575213 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -18,7 +18,7 @@ RUN apt-get -q update \ libz-dev \ make \ python3-minimal \ - python3-dev \ + python3.9-dev \ swig \ ninja-build \ python3-pip \ @@ -31,11 +31,10 @@ RUN apt-get -q update \ COPY . /src/zeek RUN make -C /src/zeek distclean +ARG CONFFLAGS="--generator=Ninja --build-type=Release" + WORKDIR /src/zeek -RUN ./configure \ - --generator=Ninja \ - --build-type=Release \ - && ninja -C build install +RUN ./configure $CONFFLAGS && ninja -C build install # Final layer containing all artifacts. FROM debian:bullseye-slim AS final @@ -45,7 +44,7 @@ RUN apt-get -q update \ ca-certificates \ git \ libmaxminddb0 \ - libpython3.7 \ + libpython3.9 \ libpcap0.8 \ libssl1.1 \ libz1 \ @@ -58,3 +57,4 @@ RUN apt-get -q update \ # Copy over Zeek installation. COPY --from=build /usr/local/zeek /usr/local/zeek ENV PATH "/usr/local/zeek/bin:${PATH}" +ENV PYTHONPATH "/usr/local/zeek/lib/zeek/python:${PYTHONPATH}" diff --git a/docker/btest/btest.cfg b/docker/btest/btest.cfg index 69b30b9184..bf1b17fec7 100644 --- a/docker/btest/btest.cfg +++ b/docker/btest/btest.cfg @@ -9,5 +9,4 @@ MinVersion = 0.63 [environment] LC_ALL=C PATH=%(testbase)s/../../auxil/btest:%(default_path)s -TEST_IMAGE=${TEST_TAG:-zeek:latest} TZ=UTC diff --git a/docker/btest/docker/structure_tests.sh b/docker/btest/docker/structure_tests.sh index cb6cd2e6f0..ba20fec05a 100644 --- a/docker/btest/docker/structure_tests.sh +++ b/docker/btest/docker/structure_tests.sh @@ -18,3 +18,6 @@ docker run --rm "${TEST_TAG}" zkg config # Check that a plugin can be installed. We pick any plugin with minimal deps here. docker run --rm "${TEST_TAG}" zkg install --force sethhall/domain-tld | sed 's/(.*)/(XXX)/' + +# Check that the Broker Python module loads +docker run --rm "${TEST_TAG}" python3 -c "import broker"