Gemfile bump #117
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Verify | |
| # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions | |
| permissions: | |
| actions: none | |
| checks: none | |
| contents: read | |
| deployments: none | |
| id-token: none | |
| issues: none | |
| discussions: none | |
| packages: none | |
| pages: none | |
| pull-requests: none | |
| repository-projects: none | |
| security-events: none | |
| statuses: none | |
| on: | |
| push: | |
| branches: | |
| - '*' | |
| pull_request: | |
| branches: | |
| - '*' | |
| jobs: | |
| # The job checkout structure is: | |
| # . | |
| # ├── metasploit-omnibus | |
| # └── metasploit-framework (Only if ARM/Windows builds) | |
| # For windows we additionally move metasploit-framework into the omnibus local cache | |
| # | |
| docker_arm: | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 600 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: | |
| - ubuntu-latest | |
| # From: 'ls ./docker/' | |
| docker: | |
| # Skipped as not working | |
| # - { dockerfile: 'debian-aarch64', previousImage: '' } | |
| - { name: 'debian-armv7', previousDockerhubImage: 'rapid7/msf-debian-armv7-omnibus:2020_03' } | |
| name: ${{ matrix.os }} - ${{ matrix.docker.name }} | |
| steps: | |
| - name: Checkout omnibus | |
| uses: actions/checkout@v4 | |
| with: | |
| path: metasploit-omnibus | |
| - uses: dorny/paths-filter@4067d885736b84de7c414f582ac45897079b0a78 | |
| id: changes | |
| with: | |
| filters: | | |
| docker: | |
| - 'docker/**' | |
| working-directory: metasploit-omnibus | |
| # Set the env vars for either a new build, or a previously successful build | |
| - name: Set docker build metadata | |
| run: | | |
| export BUILD_DATE=$(date "+%Y_%m") | |
| echo "BUILD_DATE=$BUILD_DATE" >> "$GITHUB_ENV" | |
| if test "${HAS_MODIFIED_DOCKERFILES}" = 'true'; then | |
| echo 'New build required' | |
| echo "DOCKER_IMAGE=rapid7/${DOCKER_NAME}-omnibus:${BUILD_DATE}" >> "$GITHUB_ENV" | |
| else | |
| echo 'Reusing old image' | |
| echo "DOCKER_IMAGE=${PREVIOUS_DOCKERHUB_IMAGE}" >> "$GITHUB_ENV" | |
| fi | |
| env: | |
| HAS_MODIFIED_DOCKERFILES: ${{ steps.changes.outputs.docker }} | |
| DOCKER_NAME: ${{ matrix.docker.name }} | |
| PREVIOUS_DOCKERHUB_IMAGE: ${{ matrix.docker.previousDockerhubImage }} | |
| - name: Build Docker image | |
| if: steps.changes.outputs.docker == 'true' | |
| run: | | |
| /bin/bash -x -c "cd metasploit-omnibus && docker build --tag ${DOCKER_IMAGE} -f ./docker/${DOCKER_NAME}/Dockerfile ./docker/${DOCKER_NAME}" | |
| env: | |
| DOCKER_NAME: ${{ matrix.docker.name }} | |
| # Checkout again - but with the submodules enabled to start a real build | |
| - name: Checkout omnibus and submodules | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| path: metasploit-omnibus | |
| # Checkout framework | |
| - name: Checkout metasploit-framework code | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: rapid7/metasploit-framework | |
| path: metasploit-framework | |
| - name: Run omnibus | |
| run: | | |
| echo "Building new image from ${DOCKER_IMAGE}" | |
| mkdir -p metasploit-omnibus/certs | |
| curl -L -o metasploit-omnibus/certs/ca-certificates.crt https://curl.haxx.se/ca/cacert.pem | |
| cat > Dockerfile_temp <<EOF | |
| FROM ${DOCKER_IMAGE} | |
| RUN ["cross-build-start"] | |
| COPY metasploit-omnibus /metasploit-omnibus | |
| COPY metasploit-framework /metasploit-framework | |
| RUN bash -l -c "cd /metasploit-omnibus && make" | |
| RUN ["cross-build-end"] | |
| EOF | |
| cat > Dockerfile_temp.dockerignore <<EOF | |
| * | |
| !metasploit-omnibus | |
| !metasploit-framework | |
| EOF | |
| export TEMP_DOCKER_IMAGE=${DOCKER_IMAGE}-build-artifacts | |
| docker build --no-cache --rm --tag ${TEMP_DOCKER_IMAGE} --file Dockerfile_temp . | |
| # Create the temp image and copy out the build assets | |
| id=$(docker create ${TEMP_DOCKER_IMAGE}) | |
| docker cp $id:/metasploit-omnibus/pkg metasploit-omnibus | |
| docker rm -v $id | |
| docker rmi ${TEMP_DOCKER_IMAGE} | |
| docker_intel: | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 180 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: | |
| - ubuntu-latest | |
| # From: 'ls ./docker/' | |
| docker: | |
| - name: 'centos6-x64' | |
| previousDockerhubImage: 'rapid7/msf-centos6-x64-omnibus:2020_03' | |
| # Currently fails as it uses an older Ruby version: | |
| - name: 'fedora30-x64' | |
| # XXX: Previous dockerhub image fails as using Ruby 2.5.3 still | |
| previousDockerhubImage: 'rapid7/msf-fedora30-x64-omnibus:2019_09' | |
| # Currently fails on rate limiting on Kali's side: | |
| # - name: 'kali109-x64' | |
| # previousDockerhubImage: 'rapid7/msf-kali109-x64-omnibus:2020_03' | |
| - name: 'ubuntu1204-x64' | |
| previousDockerhubImage: 'rapid7/msf-ubuntu1204-x86-omnibus:2021_11' | |
| - name: 'ubuntu1204-x86' | |
| previousDockerhubImage: 'rapid7/msf-ubuntu1204-x64-omnibus:2019_01' | |
| linux32: true | |
| - name: 'ubuntu1804-x64' | |
| previousDockerhubImage: 'rapid7/msf-ubuntu1804-x64-omnibus:2019_09' | |
| name: ${{ matrix.os }} - ${{ matrix.docker.name }} | |
| steps: | |
| - name: Checkout omnibus | |
| uses: actions/checkout@v4 | |
| with: | |
| path: metasploit-omnibus | |
| - uses: dorny/paths-filter@4067d885736b84de7c414f582ac45897079b0a78 | |
| id: changes | |
| with: | |
| filters: | | |
| docker: | |
| - 'docker/**' | |
| working-directory: metasploit-omnibus | |
| # Set the env vars for either a new build, or a previously successful build | |
| - name: Set docker build metadata | |
| run: | | |
| export BUILD_DATE=$(date "+%Y_%m") | |
| echo "BUILD_DATE=$BUILD_DATE" >> "$GITHUB_ENV" | |
| if test "${HAS_MODIFIED_DOCKERFILES}" = 'true'; then | |
| echo 'New build required' | |
| echo "DOCKER_IMAGE=rapid7/${DOCKER_NAME}-omnibus:${BUILD_DATE}" >> "$GITHUB_ENV" | |
| else | |
| echo 'Reusing old image' | |
| echo "DOCKER_IMAGE=${PREVIOUS_DOCKERHUB_IMAGE}" >> "$GITHUB_ENV" | |
| fi | |
| env: | |
| HAS_MODIFIED_DOCKERFILES: ${{ steps.changes.outputs.docker }} | |
| DOCKER_NAME: ${{ matrix.docker.name }} | |
| PREVIOUS_DOCKERHUB_IMAGE: ${{ matrix.docker.previousDockerhubImage }} | |
| - name: Build Docker image | |
| if: steps.changes.outputs.docker == 'true' | |
| run: | | |
| /bin/bash -x -c "cd metasploit-omnibus && docker build --tag ${DOCKER_IMAGE} -f ./docker/${IMAGE_NAME}/Dockerfile ./docker/${IMAGE_NAME}" | |
| env: | |
| IMAGE_NAME: ${{ matrix.docker.name }} | |
| # Checkout again - but with the submodules enabled to start a real build | |
| - name: Checkout omnibus and submodules | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| path: metasploit-omnibus | |
| - name: Run omnibus | |
| run: | | |
| mkdir -p metasploit-omnibus/certs | |
| curl -L -o metasploit-omnibus/certs/ca-certificates.crt https://curl.haxx.se/ca/cacert.pem | |
| # If required, change reported architecture in new program environment and set personality flags | |
| if [ ! -z "${LINUX32}" ] ; then | |
| echo 'setting linux32' | |
| architecturePrefix='linux32' | |
| else | |
| echo 'no arch prefix supplied' | |
| architecturePrefix='' | |
| fi | |
| /bin/bash -x -c "docker run --rm --volume $(pwd):$(pwd) --workdir $(pwd) --user jenkins ${DOCKER_IMAGE} ${architecturePrefix} /bin/bash -l -c 'cd metasploit-omnibus && make'" | |
| env: | |
| LINUX32: ${{ matrix.docker.linux32 }} | |
| osx: | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 180 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: | |
| - macos-11 | |
| ruby: | |
| - 2.6 | |
| name: ${{ matrix.os }} | |
| steps: | |
| - name: Checkout omnibus | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| path: metasploit-omnibus | |
| - name: Setup Ruby | |
| env: | |
| BUNDLE_FORCE_RUBY_PLATFORM: true | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: ${{ matrix.ruby }} | |
| bundler-cache: true | |
| cache-version: 4 | |
| working-directory: metasploit-omnibus | |
| - name: Run omnibus | |
| run: | | |
| sudo mkdir -p /var/cache/omnibus | |
| sudo mkdir -p /opt/metasploit-framework | |
| sudo chown `whoami` /var/cache/omnibus | |
| sudo chown `whoami` /opt/metasploit-framework | |
| cd metasploit-omnibus | |
| make | |
| windows: | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 180 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: | |
| - windows-2019 | |
| ruby: | |
| - 2.6 | |
| name: ${{ matrix.os }} | |
| steps: | |
| - name: Checkout omnibus | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| path: metasploit-omnibus | |
| - name: Setup Ruby | |
| env: | |
| BUNDLE_FORCE_RUBY_PLATFORM: true | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: ${{ matrix.ruby }} | |
| bundler-cache: false | |
| cache-version: 4 | |
| working-directory: metasploit-omnibus | |
| # Github actions with Ruby requires Bundler 2.2.18+ | |
| # https://github.com/ruby/setup-ruby/tree/d2b39ad0b52eca07d23f3aa14fdf2a3fcc1f411c#windows | |
| bundler: 2.2.33 | |
| # Checkout framework | |
| - name: Checkout metasploit-framework code | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: rapid7/metasploit-framework | |
| path: metasploit-framework | |
| - name: Extract xz files | |
| run: | | |
| cd metasploit-omnibus | |
| xz -d local/cache/*.xz | |
| - name: Run omnibus | |
| run: | | |
| # mkdir -p metasploit-omnibus/local/cache/git_cache/c | |
| # mv metasploit-framework/ metasploit-omnibus/local/cache/git_cache/c | |
| # dir metasploit-omnibus/local/cache/git_cache/c | |
| # dir metasploit-omnibus/local/cache/git_cache/c/metasploit-framework | |
| cd metasploit-omnibus | |
| make |