diff --git a/.github/docker/Dockerfile.centreon-collect-alma8 b/.github/docker/Dockerfile.centreon-collect-alma8 index 9395f9fa346..8a9118228db 100644 --- a/.github/docker/Dockerfile.centreon-collect-alma8 +++ b/.github/docker/Dockerfile.centreon-collect-alma8 @@ -55,7 +55,7 @@ dnf --best install -y cmake \ dnf update libarchive -pip3 install conan==1.57.0 --prefix=/usr --upgrade +pip3 install conan==1.62.0 --prefix=/usr --upgrade rm -rf ~/.conan/profiles/default EOF diff --git a/.github/docker/Dockerfile.centreon-collect-alma9 b/.github/docker/Dockerfile.centreon-collect-alma9 index e6377245b0f..8c4b56de45c 100644 --- a/.github/docker/Dockerfile.centreon-collect-alma9 +++ b/.github/docker/Dockerfile.centreon-collect-alma9 @@ -48,7 +48,7 @@ dnf --best install -y cmake \ nfpm \ sudo -pip3 install conan==1.57.0 --prefix=/usr --upgrade +pip3 install conan==1.62.0 --prefix=/usr --upgrade rm -rf ~/.conan/profiles/default EOF diff --git a/.github/docker/Dockerfile.centreon-collect-debian-bullseye b/.github/docker/Dockerfile.centreon-collect-debian-bullseye index ad95f983c5f..bb56109f483 100644 --- a/.github/docker/Dockerfile.centreon-collect-debian-bullseye +++ b/.github/docker/Dockerfile.centreon-collect-debian-bullseye @@ -49,7 +49,7 @@ localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py python3 get-pip.py -pip3 install conan==1.57.0 +pip3 install conan==1.62.0 ln -s /usr/local/bin/conan /usr/bin/conan rm -rf ~/.conan/profiles/default diff --git a/.github/docker/Dockerfile.centreon-collect-mysql-alma9 b/.github/docker/Dockerfile.centreon-collect-mysql-alma9 index d5759de514e..5a8c0d53c73 100644 --- a/.github/docker/Dockerfile.centreon-collect-mysql-alma9 +++ b/.github/docker/Dockerfile.centreon-collect-mysql-alma9 @@ -48,7 +48,7 @@ dnf --best install -y cmake \ nfpm \ sudo -pip3 install conan==1.57.0 --prefix=/usr --upgrade +pip3 install conan==1.62.0 --prefix=/usr --upgrade rm -rf ~/.conan/profiles/default EOF diff --git a/.github/workflows/libzmq.yml b/.github/workflows/libzmq.yml new file mode 100644 index 00000000000..a7308862b55 --- /dev/null +++ b/.github/workflows/libzmq.yml @@ -0,0 +1,214 @@ +name: libzmq + +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +on: + workflow_dispatch: + pull_request: + paths: + - '.github/workflows/libzmq.yml' + push: + branches: + - develop + - dev-[2-9][0-9].[0-9][0-9].x + - master + - "[2-9][0-9].[0-9][0-9].x" + paths: + - '.github/workflows/libzmq.yml' + +jobs: + get-version: + uses: ./.github/workflows/get-version.yml + + package-rpm: + needs: [get-version] + + strategy: + fail-fast: false + matrix: + include: + - image: packaging-alma8 + distrib: el8 + arch: amd64 + - image: packaging-alma9 + distrib: el9 + arch: amd64 + + runs-on: ubuntu-22.04 + + container: + image: ${{ vars.DOCKER_INTERNAL_REGISTRY_URL }}/${{ matrix.image }}:${{ needs.get-version.outputs.version }} + credentials: + username: ${{ secrets.DOCKER_REGISTRY_ID }} + password: ${{ secrets.DOCKER_REGISTRY_PASSWD }} + + name: package ${{ matrix.distrib }} + + steps: + - name: package rpm + run: | + dnf install -y wget rpmdevtools rpmlint epel-release + if [ "${{ matrix.distrib }}" = "el8" ]; then + dnf config-manager --set-enabled powertools + rpm --import https://repo.almalinux.org/almalinux/RPM-GPG-KEY-AlmaLinux + else + dnf config-manager --set-enabled crb + fi + dnf install -y asciidoc autoconf automake gcc gcc-c++ glib2-devel libbsd-devel libtool make rpm-build xmlto + + cd /github/home + wget -O - https://github.com/zeromq/libzmq/archive/refs/tags/v4.3.5.tar.gz | tar zxvf - + mkdir -p /github/home/rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS} + cp libzmq-4.3.5/packaging/redhat/zeromq.spec /github/home/rpmbuild/SPECS/ + wget https://github.com/zeromq/libzmq/releases/download/v4.3.5/zeromq-4.3.5.tar.gz -O /github/home/rpmbuild/SOURCES/zeromq-4.3.5.tar.gz + rpmbuild -bb /github/home/rpmbuild/SPECS/zeromq.spec + cd - + + mv /github/home/rpmbuild/RPMS/x86_64/*.rpm ./ + rm -f zeromq-debugsource-*.rpm libzmq5-debuginfo-*.rpm + shell: bash + + - name: cache rpm + uses: actions/cache/save@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + with: + path: ./*.rpm + key: ${{ github.run_id }}-${{ github.sha }}-rpm-libzmq-${{ matrix.distrib }}-${{ matrix.arch }} + + package-deb: + needs: [get-version] + + strategy: + fail-fast: false + matrix: + include: + - image: packaging-bullseye + distrib: bullseye + runner: ubuntu-22.04 + arch: amd64 + - image: packaging-bullseye-arm64 + distrib: bullseye + runner: ["self-hosted", "collect-arm64"] + arch: arm64 + + runs-on: ${{ matrix.runner }} + + container: + image: ${{ vars.DOCKER_INTERNAL_REGISTRY_URL }}/${{ matrix.image }}:${{ needs.get-version.outputs.version }} + credentials: + username: ${{ secrets.DOCKER_REGISTRY_ID }} + password: ${{ secrets.DOCKER_REGISTRY_PASSWD }} + + name: package ${{ matrix.distrib }} ${{ matrix.arch }} + + steps: + - name: package deb + run: | + apt-get update + apt-get install -y debhelper dh-autoreconf dpkg-dev libkrb5-dev libnorm-dev libpgm-dev libsodium-dev libunwind8-dev libnss3-dev libgnutls28-dev libbsd-dev pkg-config asciidoc wget xmlto + wget -O - https://github.com/zeromq/libzmq/releases/download/v4.3.5/zeromq-4.3.5.tar.gz | tar zxvf - + + cd zeromq-4.3.5 + ./configure + make + make install + cd .. + + wget -O - https://github.com/zeromq/libzmq/archive/refs/tags/v4.3.5.tar.gz | tar zxvf - + cd libzmq-4.3.5 + ln -s packaging/debian + sed -Ei 's/([0-9]+.[0-9]+.[0-9]+-[0-9]+.[0-9]+)/\1~${{ matrix.distrib }}/' debian/changelog + sed -Ei 's/UNRELEASED/${{ matrix.distrib }}/' debian/changelog + dpkg-buildpackage -us -uc -nc + cd .. + + rm -f libzmq5-dbg_*.deb + shell: bash + + - name: cache deb + uses: actions/cache/save@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + with: + path: ./*.deb + key: ${{ github.run_id }}-${{ github.sha }}-deb-libzmq-${{ matrix.distrib }}-${{ matrix.arch }} + + deliver-rpm: + if: ${{ contains(fromJson('["testing", "unstable"]'), needs.get-version.outputs.stability) }} + needs: [get-version, package-rpm] + environment: ${{ needs.get-version.outputs.environment }} + runs-on: [self-hosted, common] + strategy: + matrix: + include: + - distrib: el8 + arch: amd64 + - distrib: el9 + arch: amd64 + + name: deliver ${{ matrix.distrib }} + + steps: + - name: Checkout sources + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Publish RPM packages + uses: ./.github/actions/delivery + with: + module_name: libzmq + distrib: ${{ matrix.distrib }} + version: ${{ needs.get-version.outputs.version }} + artifactory_token: ${{ secrets.ARTIFACTORY_ACCESS_TOKEN }} + cache_key: ${{ github.run_id }}-${{ github.sha }}-rpm-libzmq-${{ matrix.distrib }}-${{ matrix.arch }} + stability: ${{ needs.get-version.outputs.stability }} + + deliver-deb: + if: ${{ contains(fromJson('["testing", "unstable"]'), needs.get-version.outputs.stability) }} + needs: [get-version, package-deb] + environment: ${{ needs.get-version.outputs.environment }} + runs-on: [self-hosted, common] + strategy: + matrix: + include: + - distrib: bullseye + arch: amd64 + - distrib: bullseye + arch: arm64 + + name: deliver ${{ matrix.distrib }} ${{ matrix.arch }} + + steps: + - name: Checkout sources + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Publish DEB packages + uses: ./.github/actions/delivery + with: + module_name: libzmq + distrib: ${{ matrix.distrib }} + version: ${{ needs.get-version.outputs.version }} + artifactory_token: ${{ secrets.ARTIFACTORY_ACCESS_TOKEN }} + cache_key: ${{ github.run_id }}-${{ github.sha }}-deb-libzmq-${{ matrix.distrib }}-${{ matrix.arch }} + stability: ${{ needs.get-version.outputs.stability }} + + promote: + needs: [get-version] + if: ${{ contains(fromJson('["stable"]'), needs.get-version.outputs.stability) && github.event_name != 'workflow_dispatch' }} + runs-on: [self-hosted, common] + strategy: + matrix: + distrib: [el8, el9, bullseye] + + steps: + - name: Checkout sources + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Promote ${{ matrix.distrib }} to stable + uses: ./.github/actions/promote-to-stable + with: + artifactory_token: ${{ secrets.ARTIFACTORY_ACCESS_TOKEN }} + module_name: libzmq + distrib: ${{ matrix.distrib }} + major_version: ${{ needs.get-version.outputs.version }} + minor_version: ${{ needs.get-version.outputs.patch }} + stability: ${{ needs.get-version.outputs.stability }} + repository_name: standard diff --git a/.github/workflows/package-collect.yml b/.github/workflows/package-collect.yml index 13428da5c6e..e30c867ba59 100644 --- a/.github/workflows/package-collect.yml +++ b/.github/workflows/package-collect.yml @@ -76,7 +76,7 @@ jobs: - name: Compile sources run: | - sudo pip3 install conan==1.57.0 --prefix=/usr --upgrade + sudo pip3 install conan==1.62.0 --prefix=/usr --upgrade sudo conan install . -s compiler.cppstd=17 -s compiler.libcxx=libstdc++11 --build=missing diff --git a/CMakeLists.txt b/CMakeLists.txt index 5af72d09b83..d5155001edf 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -120,7 +120,7 @@ endif() # Version. set(COLLECT_MAJOR 23) set(COLLECT_MINOR 10) -set(COLLECT_PATCH 2) +set(COLLECT_PATCH 3) set(COLLECT_VERSION "${COLLECT_MAJOR}.${COLLECT_MINOR}.${COLLECT_PATCH}") add_definitions(-DCENTREON_CONNECTOR_VERSION=\"${COLLECT_VERSION}\") diff --git a/engine/doc/engine-doc.md b/engine/doc/engine-doc.md index e2bb897b269..d3aa94b0ede 100644 --- a/engine/doc/engine-doc.md +++ b/engine/doc/engine-doc.md @@ -3,7 +3,7 @@ ## Whitelist (since 23.10) In order to enforce security, user can add a whitelist to centreon-engine. -When the user add a file in /etc/centreon-engine-whitelist or in /usr/share/centreon-engine-whitelist, centengine only executes commands that match to the expressions given in these files. +When the user add a file in /etc/centreon-engine-whitelist or in /usr/share/centreon-engine/whitelist.conf.d, centengine only executes commands that match to the expressions given in these files. Beware, Commands are checked after macros replacement by values, the entire line is checked, the script and his arguments. ### whitelist format diff --git a/engine/src/configuration/whitelist.cc b/engine/src/configuration/whitelist.cc index 14d9efead79..bedbb2d39e4 100644 --- a/engine/src/configuration/whitelist.cc +++ b/engine/src/configuration/whitelist.cc @@ -310,6 +310,6 @@ whitelist& whitelist::instance() { void whitelist::reload() { static constexpr std::string_view directories[] = { - "/etc/centreon-engine-whitelist", "/usr/share/centreon-engine-whitelist"}; + "/etc/centreon-engine-whitelist", "/usr/share/centreon-engine/whitelist.conf.d"}; _instance = std::make_unique(directories, directories + 2); }