Rewrite vhost module as virtualhost with native blasthttp #10375
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Tests | |
| on: | |
| push: | |
| branches: | |
| - stable | |
| - dev | |
| pull_request: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| # if one python version fails, let the others finish | |
| fail-fast: false | |
| matrix: | |
| python-version: ["3.10", "3.11", "3.12", "3.13", "3.14"] | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Set Python Version Environment Variable | |
| run: echo "PYTHON_VERSION=${{ matrix.python-version }}" | sed 's|[:/]|_|g' >> $GITHUB_ENV | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v7 | |
| - name: Install dependencies | |
| run: uv sync --group dev | |
| - name: Lint | |
| run: | | |
| uv run ruff check | |
| uv run ruff format --check | |
| - name: Run tests | |
| env: | |
| BBOT_IO_API_KEY: ${{ secrets.BBOT_IO_API_KEY }} | |
| run: | | |
| uv run pytest -vv --reruns 2 -o timeout_func_only=true --timeout 1200 --disable-warnings --log-cli-level=INFO --cov-config=bbot/test/coverage.cfg --cov-report xml:cov.xml --cov=bbot . | |
| - name: Upload Debug Logs | |
| if: always() | |
| uses: actions/upload-artifact@v7 | |
| with: | |
| name: pytest-debug-logs-${{ env.PYTHON_VERSION }} | |
| path: pytest_debug.log | |
| - name: Upload Code Coverage | |
| uses: codecov/codecov-action@v5 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| files: ./cov.xml | |
| verbose: true | |
| publish_code: | |
| needs: test | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' && (github.ref == 'refs/heads/dev' || github.ref == 'refs/heads/stable') | |
| continue-on-error: true | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: "3.x" | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v7 | |
| - name: Calculate version | |
| id: calc_version | |
| run: | | |
| # Get base version from latest stable tag (exclude rc tags, strip 'v' prefix) | |
| LATEST_STABLE_TAG=$(git describe --tags --abbrev=0 --exclude="*rc*") | |
| BASE_VERSION=$(echo "$LATEST_STABLE_TAG" | sed 's/^v//') | |
| if [[ "${{ github.ref }}" == "refs/heads/stable" ]]; then | |
| # Stable: clean version from tag | |
| VERSION="$BASE_VERSION" | |
| elif [[ "${{ github.ref }}" == "refs/heads/dev" ]]; then | |
| # Dev: version.distancerc (e.g., 3.0.0.123rc) | |
| DISTANCE=$(git rev-list ${LATEST_STABLE_TAG}..HEAD --count) | |
| VERSION="${BASE_VERSION}.${DISTANCE}rc" | |
| fi | |
| echo "VERSION=$VERSION" >> $GITHUB_OUTPUT | |
| echo "Calculated version: $VERSION" | |
| # Write version to file for hatchling to pick up | |
| echo "__version__ = \"$VERSION\"" > bbot/_version.py | |
| - name: Build Pypi package | |
| if: github.ref == 'refs/heads/stable' || github.ref == 'refs/heads/dev' | |
| run: uv build | |
| - name: Publish Pypi package | |
| if: github.ref == 'refs/heads/stable' || github.ref == 'refs/heads/dev' | |
| uses: pypa/gh-action-pypi-publish@release/v1.13 | |
| with: | |
| password: ${{ secrets.PYPI_API_TOKEN }} | |
| - name: Get BBOT version | |
| id: version | |
| run: | | |
| FULL_VERSION="${{ steps.calc_version.outputs.VERSION }}" | |
| echo "BBOT_VERSION=$FULL_VERSION" >> $GITHUB_OUTPUT | |
| # Extract major.minor (e.g., 2.7 from 2.7.1) | |
| MAJOR_MINOR=$(echo "$FULL_VERSION" | cut -d'.' -f1-2) | |
| echo "BBOT_VERSION_MAJOR_MINOR=$MAJOR_MINOR" >> $GITHUB_OUTPUT | |
| # Extract major (e.g., 2 from 2.7.1) | |
| MAJOR=$(echo "$FULL_VERSION" | cut -d'.' -f1) | |
| echo "BBOT_VERSION_MAJOR=$MAJOR" >> $GITHUB_OUTPUT | |
| - name: Publish to Docker Hub (dev) | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/dev' | |
| uses: docker/build-push-action@v6 | |
| with: | |
| push: true | |
| context: . | |
| tags: | | |
| blacklanternsecurity/bbot:latest | |
| blacklanternsecurity/bbot:dev | |
| blacklanternsecurity/bbot:${{ steps.version.outputs.BBOT_VERSION }} | |
| blacklanternsecurity/bbot:${{ steps.version.outputs.BBOT_VERSION_MAJOR_MINOR }} | |
| blacklanternsecurity/bbot:${{ steps.version.outputs.BBOT_VERSION_MAJOR }} | |
| - name: Publish to Docker Hub (stable) | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/stable' | |
| uses: docker/build-push-action@v6 | |
| with: | |
| push: true | |
| context: . | |
| tags: | | |
| blacklanternsecurity/bbot:stable | |
| blacklanternsecurity/bbot:${{ steps.version.outputs.BBOT_VERSION }} | |
| blacklanternsecurity/bbot:${{ steps.version.outputs.BBOT_VERSION_MAJOR_MINOR }} | |
| blacklanternsecurity/bbot:${{ steps.version.outputs.BBOT_VERSION_MAJOR }} | |
| - name: Publish Full Docker Image to Docker Hub (dev) | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/dev' | |
| uses: docker/build-push-action@v6 | |
| with: | |
| push: true | |
| file: Dockerfile.full | |
| context: . | |
| tags: | | |
| blacklanternsecurity/bbot:latest-full | |
| blacklanternsecurity/bbot:dev-full | |
| blacklanternsecurity/bbot:${{ steps.version.outputs.BBOT_VERSION }}-full | |
| blacklanternsecurity/bbot:${{ steps.version.outputs.BBOT_VERSION_MAJOR_MINOR }}-full | |
| blacklanternsecurity/bbot:${{ steps.version.outputs.BBOT_VERSION_MAJOR }}-full | |
| - name: Publish Full Docker Image to Docker Hub (stable) | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/stable' | |
| uses: docker/build-push-action@v6 | |
| with: | |
| push: true | |
| file: Dockerfile.full | |
| context: . | |
| tags: | | |
| blacklanternsecurity/bbot:stable-full | |
| blacklanternsecurity/bbot:${{ steps.version.outputs.BBOT_VERSION }}-full | |
| blacklanternsecurity/bbot:${{ steps.version.outputs.BBOT_VERSION_MAJOR_MINOR }}-full | |
| blacklanternsecurity/bbot:${{ steps.version.outputs.BBOT_VERSION_MAJOR }}-full | |
| - name: Docker Hub Description | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/dev' | |
| uses: peter-evans/dockerhub-description@v5 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| repository: blacklanternsecurity/bbot | |
| - name: Clean up old Docker Hub tags (up to 50 most recent tags plus 'latest') | |
| if: github.event_name == 'push' && github.ref == 'refs/heads/dev' | |
| run: | | |
| # Install jq for JSON processing | |
| sudo apt-get update && sudo apt-get install -y jq | |
| IMAGE="blacklanternsecurity/bbot" | |
| # Clean up dev tags (keep 50 most recent) | |
| for tag_pattern in "rc$" "rc-full$"; do | |
| echo "Cleaning up tags ending with $tag_pattern..." | |
| tags_response=$(curl -s -H "Authorization: Bearer ${{ secrets.DOCKER_TOKEN }}" \ | |
| "https://hub.docker.com/v2/repositories/$IMAGE/tags/?page_size=100") | |
| tags_to_delete=$(echo "$tags_response" | jq -r --arg pattern "$tag_pattern" \ | |
| '.results[] | select(.name | test($pattern)) | [.last_updated, .name] | @tsv' | \ | |
| sort -r | tail -n +51 | cut -f2) | |
| for tag in $tags_to_delete; do | |
| echo "Deleting $IMAGE tag: $tag" | |
| curl -X DELETE -H "Authorization: Bearer ${{ secrets.DOCKER_TOKEN }}" \ | |
| "https://hub.docker.com/v2/repositories/$IMAGE/tags/$tag/" | |
| done | |
| echo "Cleanup completed for tags ending with $tag_pattern. Kept 50 most recent." | |
| done | |
| outputs: | |
| BBOT_VERSION: ${{ steps.version.outputs.BBOT_VERSION }} | |
| tag_commit: | |
| needs: publish_code | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' && (github.ref == 'refs/heads/stable' || github.ref == 'refs/heads/dev') | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Configure git | |
| run: | | |
| git config --local user.email "info@blacklanternsecurity.com" | |
| git config --local user.name "GitHub Actions" | |
| - name: Tag commit | |
| run: | | |
| VERSION="v${{ needs.publish_code.outputs.BBOT_VERSION }}" | |
| if [[ "${{ github.ref }}" == "refs/heads/stable" ]]; then | |
| git tag -a "$VERSION" -m "Stable Release $VERSION" | |
| else | |
| git tag -a "$VERSION" -m "Dev Release $VERSION" | |
| fi | |
| git push origin "$VERSION" | |
| publish_docs: | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' && (github.ref == 'refs/heads/stable' || github.ref == 'refs/heads/dev') | |
| steps: | |
| - uses: actions/checkout@v6 | |
| with: | |
| token: ${{ secrets.BBOT_DOCS_UPDATER_PAT }} | |
| - uses: actions/setup-python@v6 | |
| with: | |
| python-version: "3.11" | |
| - run: echo "cache_id=$(date --utc '+%V')" >> $GITHUB_ENV | |
| - uses: actions/cache@v5 | |
| with: | |
| key: mkdocs-material-${{ env.cache_id }} | |
| path: .cache | |
| restore-keys: | | |
| mkdocs-material- | |
| - name: Install uv | |
| uses: astral-sh/setup-uv@v7 | |
| - name: Install dependencies | |
| run: uv sync --only-group docs | |
| - name: Configure Git | |
| run: | | |
| git config user.name github-actions | |
| git config user.email github-actions@github.com | |
| git fetch origin gh-pages:refs/remotes/origin/gh-pages | |
| if git show-ref --verify --quiet refs/heads/gh-pages; then | |
| git branch -f gh-pages origin/gh-pages | |
| else | |
| git branch --track gh-pages origin/gh-pages | |
| fi | |
| - name: Generate docs (stable branch) | |
| if: github.ref == 'refs/heads/stable' | |
| run: | | |
| uv run mike deploy Stable | |
| - name: Generate docs (dev branch) | |
| if: github.ref == 'refs/heads/dev' | |
| run: | | |
| uv run mike deploy Dev | |
| - name: Publish docs | |
| run: | | |
| git switch gh-pages | |
| git push |