name: CI # Controls when the action will run. Triggers the workflow on push or pull request # events but only for the master branch on: push: paths-ignore: - 'doc/**' - 'files/**' - 'man/**' pull_request: paths-ignore: - 'doc/**' - 'files/**' - 'man/**' # A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: # This workflow contains a single job called "build" build: # The type of runner that the job will run on runs-on: ubuntu-latest strategy: matrix: python-version: [3.8, 3.9, '3.10', '3.11', '3.12', '3.13', '3.14', '3.15.0-alpha.5', pypy3.11] fail-fast: false # Steps represent a sequence of tasks that will be executed as part of the job steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} - name: Grant systemd-journal access run: sudo usermod -a -G systemd-journal "$USER" || echo 'no systemd-journal access' - name: Python version run: | F2B_PY=$(python -c "import sys; print(sys.version)") echo "Python: ${{ matrix.python-version }} -- ${F2B_PY/$'\n'/ }" F2B_PYV=$(echo "${F2B_PY}" | grep -oP '^\d+(?:\.\d+)') F2B_PY=${F2B_PY:0:1} echo "Set F2B_PY=$F2B_PY, F2B_PYV=$F2B_PYV" echo "F2B_PY=$F2B_PY" >> $GITHUB_ENV echo "F2B_PYV=$F2B_PYV" >> $GITHUB_ENV # for GHA we need to monitor all journals, since it cannot be found using SYSTEM_ONLY(4): echo "F2B_SYSTEMD_DEFAULT_FLAGS=0" >> $GITHUB_ENV - name: Install dependencies run: | #if [[ "$F2B_PY" = 3 ]]; then python -m pip install --upgrade pip || echo "can't upgrade pip"; fi #sudo apt-get -y install python${F2B_PY/2/}-pyinotify || echo 'inotify not available' python -m pip install pyinotify || echo 'inotify not available' sudo apt-get -y install sqlite3 || echo 'sqlite3 not available' #sudo apt-get -y install python${F2B_PY/2/}-systemd || echo 'systemd not available' sudo apt-get -y install libsystemd-dev || echo 'systemd dependencies seems to be unavailable' python -m pip install systemd-python || echo 'systemd not available' # readline if available as module: python -c 'import readline' 2> /dev/null || python -m pip install readline || echo 'readline not available' # asyncore/asynchat: if dpkg --compare-versions "$F2B_PYV" ge 3.12; then #sudo apt-get -y install python${F2B_PY/2/}-setuptools || echo 'setuptools not unavailable' python -m pip install setuptools || echo "can't install setuptools" # don't install async* modules, we need to cover bundled-in libraries: #python -m pip install pyasynchat || echo "can't install pyasynchat"; #python -m pip install pyasyncore || echo "can't install pyasyncore"; fi # aiosmtpd in test_smtp (for 3.10+, no need to test it everywhere): if dpkg --compare-versions "$F2B_PYV" ge 3.10; then #sudo apt-get -y install python${F2B_PY/2/}-aiosmtpd || echo 'aiosmtpd not available' python -m pip install aiosmtpd || echo 'aiosmtpd not available' fi - name: Before scripts run: | cd "$GITHUB_WORKSPACE" _debug() { echo -n "$1 "; err=$("${@:2}" 2>&1) && echo 'OK' || echo -e "FAIL\n$err"; } # (debug) output current preferred encoding: echo 'Encodings:' $(python -c 'import locale, sys; from fail2ban.helpers import PREFER_ENC; print(PREFER_ENC, locale.getpreferredencoding(), (sys.stdout and sys.stdout.encoding))') # (debug) backend availabilities: echo 'Backends:' _debug '- systemd:' python -c 'from fail2ban.server.filtersystemd import FilterSystemd' #_debug '- systemd (root): ' sudo python -c 'from fail2ban.server.filtersystemd import FilterSystemd' _debug '- pyinotify:' python -c 'from fail2ban.server.filterpyinotify import FilterPyinotify' - name: Test suite run: | #python setup.py test python bin/fail2ban-testcases --verbosity=2 #- name: Test suite (debug some systemd tests only) #run: python bin/fail2ban-testcases --verbosity=2 "[sS]ystemd|[jJ]ournal" #run: python bin/fail2ban-testcases --verbosity=2 -l 5 "test_WrongChar" - name: Build run: python setup.py build #- name: Test initd scripts # run: shellcheck -s bash -e SC1090,SC1091 files/debian-initd