code_public/ja4sentinel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: CI/CD pour packages .deb et .rpm + tests d'installation

Browse Source 
Nouveaux workflows GitHub Actions:
- .github/workflows/build-deb.yml : Build et release DEB sur Ubuntu
- .github/workflows/build-rpm.yml : Build et release RPM sur Fedora
- Déclenchement sur tags v*, push main/master, workflow_dispatch
- Upload des artifacts et création automatique de release

Système de build de packages:
- packaging/build-deb.sh : Script de build .deb avec sanitization version
- packaging/build-rpm.sh : Script de build .rpm (via Docker)
- packaging/Dockerfile.deb : Container Ubuntu 22.04 pour build DEB
- packaging/Dockerfile.rpm : Container Go 1.24 + rpm pour build RPM

Fichiers de configuration systemd:
- packaging/systemd/ja4sentinel.service : Unit avec security hardening
  * NoNewPrivileges, ProtectSystem, ProtectHome
  * CAP_NET_RAW, CAP_NET_ADMIN pour packet capture
- packaging/systemd/config.yml : Configuration par défaut

Scripts mainteneur DEB:
- packaging/deb/postinst : Création user/group, dirs, config
- packaging/deb/prerm : Stop service avant upgrade/remove
- packaging/deb/postrm : Cleanup complet en purge

Spec file RPM:
- packaging/rpm/ja4sentinel.spec : Spec complet avec dependencies
  * Requires: systemd, libpcap
  * %pre/%post/%preun/%postun scripts

Tests d'installation dans containers:
- packaging/test/test-deb.sh : Build + test Docker Ubuntu
- packaging/test/test-rpm.sh : Build + test Docker Fedora
- packaging/test/test-install-deb.sh : 11 tests automatisés
- packaging/test/test-install-rpm.sh : 11 tests automatisés
- Dockerfile.deb/rpm : Containers de test dédiés

Makefile:
- package-deb : Build .deb
- package-rpm : Build .rpm via Docker (no-cache)
- package : Build les deux
- test-package-deb : Build + test installation DEB
- test-package-rpm : Build + test installation RPM
- test-package : Test les deux packages

Tests:
-  DEB: 11/11 tests passés (binaire, config, service, user, dirs)
-  RPM: Build réussi (3.3 MB)
- Version sanitization pour git tags (ex: efd4481-dirty → 0.0.0+efd4481-dirty)

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
This commit is contained in:
Jacquin Antoine
2026-02-25 21:05:23 +01:00
parent efd4481729
commit 61bf05454e
19 changed files with 1246 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
Makefile
View File

@ -1,4 +1,4 @@
.PHONY: build build-docker test test-docker test-integration lint clean help docker-build-dev docker-build-runtime
.PHONY: build build-docker test test-docker test-integration lint clean help docker-build-dev docker-build-runtime package package-deb package-rpm
# Docker parameters
DOCKER=docker
@ -15,9 +15,13 @@ TEST_SERVER_IMAGE=ja4sentinel-test-server:latest
BINARY_NAME=ja4sentinel
BINARY_PATH=./cmd/ja4sentinel
DIST_DIR=dist
BUILD_DIR=build
# Package version (strip 'v' prefix from git tags)
PKG_VERSION=$(shell git describe --tags --always --dirty 2>/dev/null | sed 's/^v//')
# Build flags
VERSION=$(shell git describe --tags --always --dirty 2>/dev/null || echo "dev")
VERSION=$(PKG_VERSION)
BUILD_TIME=$(shell date -u '+%Y-%m-%d_%H:%M:%S')
GIT_COMMIT=$(shell git rev-parse --short HEAD 2>/dev/null || echo "unknown")
@ -83,9 +87,40 @@ lint: docker-build-dev
fmt:
gofmt -w .
## package: Build all packages (deb + rpm)
package: package-deb package-rpm
## package-deb: Build DEB package
package-deb: build-linux
./packaging/build-deb.sh "$(PKG_VERSION)" "amd64"
## package-rpm: Build RPM package (requires Docker)
package-rpm: build-linux
mkdir -p build
docker build --no-cache -t ja4sentinel-packager-rpm \
--build-arg VERSION=$(PKG_VERSION) \
--build-arg ARCH=x86_64 \
-f packaging/Dockerfile.rpm .
@echo "Extracting RPM from Docker image..."
docker run --rm ja4sentinel-packager-rpm sh -c 'cat /packages/*.rpm' > build/ja4sentinel.rpm
@echo "RPM package created: build/ja4sentinel.rpm"
ls -la build/*.rpm
## test-package-deb: Test DEB package installation in Docker
test-package-deb: package-deb
./packaging/test/test-deb.sh
## test-package-rpm: Test RPM package installation in Docker
test-package-rpm: package-rpm
./packaging/test/test-rpm.sh
## test-package: Test all packages installation
test-package: test-package-deb test-package-rpm
## clean: Clean build artifacts and Docker images
clean:
rm -rf $(DIST_DIR)/
rm -rf $(BUILD_DIR)/
rm -f coverage.out coverage.html
$(DOCKER) rmi $(DEV_IMAGE) 2>/dev/null || true
$(DOCKER) rmi $(RUNTIME_IMAGE) 2>/dev/null || true