Skip to content
Build and test Caddy with WAF (all branches except main)

Merge pull request #37 from fabriziosalmi/alert-autofix-42 #9

Sign in to view logs

Merge pull request #37 from fabriziosalmi/alert-autofix-42

Merge pull request #37 from fabriziosalmi/alert-autofix-42 #9

Workflow file for this run

.github/workflows/build-test.yml at b503785
name: Build and test Caddy with WAF (all branches except main)
permissions:
contents: read
pull-requests: write
on:
push:
branches-ignore:
- main
pull_request:
branches-ignore:
- main
workflow_dispatch:
jobs:
build-and-test:
name: Build and Test Caddy WAF
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v3
- name: Install Dependencies
run: |
sudo apt update
sudo apt install -y wget git build-essential
- name: Install Go 1.23.4
uses: actions/setup-go@v4
with:
go-version: '1.23.4'
- name: Validate Go Installation
run: |
go version
if ! go version | grep -q "go1.23.4"; then
echo "Go installation failed or incorrect version"
exit 1
fi
- name: Clone caddy-waf Repository
run: |
git clone --branch ${{ github.ref_name }} https://github.com/fabriziosalmi/caddy-waf.git
cd caddy-waf
- name: Validate Repository Cloning
run: |
if [ ! -d "caddy-waf" ]; then
echo "Repository cloning failed"
exit 1
fi
- name: Install Go Dependencies
run: |
cd caddy-waf
go mod tidy
go get -v github.com/fabriziosalmi/caddy-waf github.com/caddyserver/caddy/v2 github.com/oschwald/maxminddb-golang
- name: Download GeoLite2 Country Database
run: |
cd caddy-waf
wget https://git.io/GeoLite2-Country.mmdb
- name: Validate GeoLite2 Download
run: |
cd caddy-waf
if [ ! -f "GeoLite2-Country.mmdb" ]; then
echo "GeoLite2 database download failed"
exit 1
fi
- name: Build Caddy with caddy-waf
run: |
cd caddy-waf
go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
xcaddy build --with github.com/fabriziosalmi/caddy-waf=./
- name: Validate Build
run: |
cd caddy-waf
if [ ! -f "caddy" ]; then
echo "Caddy build failed"
exit 1
fi
- name: Test Caddy Run and Validate WAF Provisioning
run: |
cd caddy-waf
chmod +x caddy
./caddy run > caddy_output.log 2>&1 &
sleep 10 # Increased sleep time to ensure Caddy fully initializes
if ! pgrep -f "caddy run"; then
echo "Caddy run failed"
cat caddy_output.log
exit 1
fi
# Validate logs in caddy_output.log
if [ ! -f "caddy_output.log" ]; then
echo "caddy_output.log file not found"
exit 1
fi
# Check for critical log messages in stdout
if ! grep -q '"msg":"WAF middleware provisioned successfully"' caddy_output.log; then
echo "WAF middleware provisioning log not found in stdout"
cat caddy_output.log
exit 1
fi
if ! grep -q '"msg":"GeoIP database loaded successfully"' caddy_output.log; then
echo "GeoIP database loading log not found in stdout"
cat caddy_output.log
exit 1
fi
if ! grep -q '"msg":"IP blacklist loaded successfully"' caddy_output.log; then
echo "IP blacklist loading log not found in stdout"
cat caddy_output.log
exit 1
fi
if ! grep -q '"msg":"DNS blacklist loaded successfully"' caddy_output.log; then
echo "DNS blacklist loading log not found in stdout"
cat caddy_output.log
exit 1
fi
if ! grep -q '"msg":"Rules loaded"' caddy_output.log; then
echo "Rules loading log not found in stdout"
cat caddy_output.log
exit 1
fi
if ! grep -q '"msg":"WAF middleware provisioned successfully"' caddy_output.log; then
echo "WAF middleware provisioning success log not found in stdout"
cat caddy_output.log
exit 1
fi
echo "Caddy WAF build and run successful with all components provisioned"
- name: Run Additional Tests
run: |
cd caddy-waf
# Test WAF functionality with a simple HTTP request
curl -s http://localhost:8080 -o /dev/null -w "%{http_code}"
if [ $? -ne 0 ]; then
echo "HTTP request to Caddy failed"
exit 1
fi
- name: Clean Up
if: always()
run: |
pkill -f "caddy run" || true
echo "Cleaned up running Caddy instances"