a935ed1641
ci: migrate to GitLab CI with multi-distribution RPM builds
...
- Replace GitHub Actions with GitLab CI using Docker-in-Docker
- Build 3 RPMs (el7, el8, el9) + 1 DEB from Dockerfile.package
- Add verify jobs for each target distribution
- Remove obsolete files:
- Dockerfile, Dockerfile.test-socket (replaced by Dockerfile.package)
- scripts/socket_consumer.py, scripts/socket_listener.py
- scripts/test_unix_socket.sh, scripts/run_integration_tests.sh
- Update README.md with new package targets
- Update architecture.yml for GitLab CI workflow
Breaks: Single RPM no longer supported (glibc incompatibility)
Replaced by: Distribution-specific RPMs (el7, el8, el9)
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com >
2026-02-28 16:06:57 +01:00
395635ab36
docs: update architecture.yml with unified packaging section
...
- Update CI package stage to use Dockerfile.package with fpm
- Replace rpmbuild and debhelper with unified fpm approach
- Document multi-stage build pipeline (builder, package_builder, output)
- Add file mappings, dependencies, and verification commands
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com >
2026-02-27 15:41:29 +01:00
b5d093f8cb
Docs: update security documentation and hardening notes
...
architecture.yml:
- Update header_handling: document built-in sensitive headers blacklist
- Expand security section with hardening measures
- Add socket permissions, path recommendations, environment variable
README.md:
- Add new 'Built-in Sensitive Headers Blacklist' section
- Document all blocked headers (Authorization, Cookie, X-Api-Key, etc.)
- Update socket security: permissions 0o660, /var/run path, group membership
- Add hardening features: path validation, JSON size limit, NULL checks, mutex
- Fix JSON example (remove extra closing brace)
- Update socket consumer example with secure permissions (0o660)
- Add MOD_REQIN_LOG_SOCKET environment variable to example
- Update Fields table: header_<Name> flat structure description
- Add note about automatic sensitive header exclusion
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com >
2026-02-26 23:41:51 +01:00
070c2a7bd2
Refactor: thread-safe per-process state and add tests
...
Major changes:
- Move child state from global variable to server config (reqin_log_server_conf_t)
- Add reqin_log_create_server_conf() for proper per-server initialization
- Fix thread safety for worker/event MPMs
- Add cmocka unit tests (test_module_real.c)
- Add Python integration tests (test_integration.py)
- Update CI workflow and Dockerfiles for test execution
- Fix: Remove child_exit hook (not in architecture.yml)
Tests:
- Unit tests: JSON escaping, ISO8601 formatting, header truncation
- Integration tests: basic_logging, header_limits, socket_unavailable, socket_loss
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com >
2026-02-26 23:28:45 +01:00
66549acf5c
Initial commit: mod_reqin_log Apache module
...
Features:
- JSON logging of HTTP requests to Unix domain socket
- Configurable HTTP headers logging (flat JSON structure)
- Header value truncation and count limits
- Automatic reconnect on socket disconnection
- Error reporting with throttling
Configuration directives:
- JsonSockLogEnabled: Enable/disable logging
- JsonSockLogSocket: Unix socket path
- JsonSockLogHeaders: List of headers to log
- JsonSockLogMaxHeaders: Maximum headers to log
- JsonSockLogMaxHeaderValueLen: Max header value length
- JsonSockLogReconnectInterval: Reconnect delay
- JsonSockLogErrorReportInterval: Error log throttle
Includes:
- Module source code (src/)
- Unit and integration tests (tests/, scripts/)
- Documentation (README.md, architecture.yml)
- Build configuration (CMakeLists.txt, Makefile)
- Packaging (deb/rpm)
Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com >
2026-02-26 13:55:07 +01:00
