diff --git a/.github/workflows/builds.yml b/.github/workflows/builds.yml index 8b2fd2c9174c..d21b128d90a2 100644 --- a/.github/workflows/builds.yml +++ b/.github/workflows/builds.yml @@ -1317,9 +1317,6 @@ jobs: name: dist - run: tar xf suricata-*.tar.gz --strip-components=1 - - name: Update packages and install sudo - run: dnf -y update && dnf install -y sudo - - name: Install AlmaLinux 9 extra repositories run: | dnf -y update @@ -1338,6 +1335,8 @@ jobs: runs-on: ubuntu-latest container: ubuntu:24.04 needs: [prepare-deps] + env: + RV: "1.89" steps: - name: Cache ~/.cargo uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb @@ -1355,7 +1354,7 @@ jobs: autoconf \ automake \ build-essential \ - cargo \ + cargo-${RV} \ cbindgen \ clang-14 \ coccinelle \ @@ -1387,10 +1386,10 @@ jobs: parallel \ python-is-python3 \ python3-yaml \ - rustc \ software-properties-common \ zlib1g \ zlib1g-dev + - run: echo "/usr/lib/rust-${RV}/bin" >> $GITHUB_PATH - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c @@ -1434,7 +1433,7 @@ jobs: autoconf \ automake \ build-essential \ - cargo-1.82 \ + cargo-1.85 \ cbindgen \ clang-14 \ dpdk-dev \ @@ -1478,7 +1477,7 @@ jobs: - run: tar xf prep/suricata-update.tar.gz - run: tar xf prep/suricata-verify.tar.gz - run: ./autogen.sh - - run: CARGO=cargo-1.82 RUSTC=rustc-1.82 RUSTDOC=rustdoc-1.82 ./configure --enable-unittests + - run: CARGO=cargo-1.85 RUSTC=rustc-1.85 RUSTDOC=rustdoc-1.85 ./configure --enable-unittests - run: make -j ${{ env.CPUS }} - run: make check - run: python3 ./suricata-verify/run.py -q --debug-failed @@ -1701,6 +1700,7 @@ jobs: # specific version to match up to the llvm version in ubuntu below - name: Install Rust run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain 1.85.1 -y + - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c @@ -1905,6 +1905,8 @@ jobs: image: ubuntu:24.04 options: --privileged needs: [prepare-deps, prepare-cbindgen] + env: + RV: "1.89" steps: - name: Cache ~/.cargo uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb @@ -1923,7 +1925,7 @@ jobs: autoconf \ automake \ llvm-18-dev \ - cargo \ + cargo-${RV} \ cbindgen \ clang-18 \ git \ @@ -1952,7 +1954,6 @@ jobs: make \ parallel \ python3-yaml \ - rustc \ software-properties-common \ sudo \ zlib1g \ @@ -1963,6 +1964,7 @@ jobs: time \ wget \ dpdk-dev + - run: echo "/usr/lib/rust-${RV}/bin" >> $GITHUB_PATH - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c @@ -2150,6 +2152,8 @@ jobs: image: ubuntu:24.04 options: --privileged needs: [prepare-deps, prepare-cbindgen] + env: + RV: "1.89" steps: - name: Cache ~/.cargo uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb @@ -2168,7 +2172,7 @@ jobs: autoconf \ automake \ llvm-18-dev \ - cargo \ + cargo-${RV} \ cbindgen \ clang-18 \ git \ @@ -2198,7 +2202,6 @@ jobs: make \ parallel \ python3-yaml \ - rustc \ software-properties-common \ sudo \ zlib1g \ @@ -2209,6 +2212,7 @@ jobs: time \ wget \ dpdk-dev + - run: echo "/usr/lib/rust-${RV}/bin" >> $GITHUB_PATH - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c @@ -2360,11 +2364,13 @@ jobs: files: coverage.lcov flags: fuzzcorpus - ubuntu-20-04-ndebug: - name: Ubuntu 20.04 (-DNDEBUG) + ubuntu-24-04-ndebug: + name: Ubuntu 24.04 (-DNDEBUG) runs-on: ubuntu-latest - container: ubuntu:20.04 + container: ubuntu:24.04 needs: [prepare-deps, prepare-cbindgen] + env: + RV: "1.89" steps: - name: Cache ~/.cargo uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb @@ -2382,7 +2388,7 @@ jobs: build-essential \ autoconf \ automake \ - cargo \ + cargo-${RV} \ git \ hwloc \ libhwloc-dev \ @@ -2404,17 +2410,16 @@ jobs: libjansson-dev \ libevent-dev \ libevent-pthreads-2.1-7 \ - libpython2.7 \ libpcre2-dev \ make \ parallel \ python3-yaml \ - rustc \ software-properties-common \ zlib1g \ zlib1g-dev \ exuberant-ctags \ dpdk-dev + - run: echo "/usr/lib/rust-${RV}/bin" >> $GITHUB_PATH - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c @@ -2517,6 +2522,8 @@ jobs: image: ubuntu:22.04 options: --privileged needs: [prepare-deps, prepare-cbindgen] + env: + RV: "1.89" steps: # Cache Rust stuff. @@ -2537,7 +2544,7 @@ jobs: build-essential \ autoconf \ automake \ - cargo \ + cargo-${RV} \ git \ hwloc \ libhwloc-dev \ @@ -2562,12 +2569,12 @@ jobs: make \ parallel \ python3-yaml \ - rustc \ software-properties-common \ sudo \ zlib1g \ zlib1g-dev \ exuberant-ctags + - run: echo "/usr/lib/rust-${RV}/bin" >> $GITHUB_PATH - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c @@ -2600,6 +2607,8 @@ jobs: runs-on: ubuntu-22.04 container: ubuntu:22.04 needs: [prepare-deps, prepare-cbindgen] + env: + RV: "1.89" steps: # Cache Rust stuff. @@ -2622,7 +2631,7 @@ jobs: build-essential \ autoconf \ automake \ - cargo \ + cargo-${RV} \ git \ hwloc \ libhwloc-dev \ @@ -2646,7 +2655,7 @@ jobs: software-properties-common \ zlib1g \ zlib1g-dev - - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH + - run: echo "/usr/lib/rust-${RV}/bin:$HOME/.cargo/bin" >> $GITHUB_PATH - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c @@ -2782,7 +2791,43 @@ jobs: - run: apt update -y && apt install -y sudo - name: Install minimal dependencies - run: ./scripts/docs-ubuntu-debian-minimal-build.sh + run: ./scripts/docs-ubuntu-minimal-build.sh + + # Set the path, the export in the example script does not work + # in GitHub actions. + - run: echo "/usr/lib/rust-1.89/bin:$PATH" >> $GITHUB_PATH + + - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure + - run: make -j ${{ env.CPUS }} + - run: ./src/suricata --build-info # check if we can run Suricata + + debian-13-minimal-recommended-build: + name: Debian 13 (Minimal/Recommended Build) + needs: [ubuntu-22-04-dist] + runs-on: ubuntu-latest + container: debian:13 + steps: + # Cache Rust stuff. + - name: Cache cargo registry + uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb + with: + path: ~/.cargo/registry + key: cargo-registry + + - name: Determine number of CPUs + run: echo CPUS=$(nproc --all) >> $GITHUB_ENV + + - name: Download suricata.tar.gz + uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 + with: + name: dist + - run: tar xvf suricata-*.tar.gz --strip-components=1 + + # Install packages required by the install script. + - run: apt update -y && apt install -y sudo + + - name: Install minimal dependencies + run: ./scripts/docs-debian-minimal-build.sh - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure - run: make -j ${{ env.CPUS }} @@ -2796,6 +2841,8 @@ jobs: strategy: matrix: dpdk_version: [ 24.11.3, 23.11.5, 22.11.10, 21.11.9 ] + env: + RV: "1.89" steps: # Cache Rust stuff. @@ -2816,7 +2863,7 @@ jobs: build-essential \ autoconf \ automake \ - cargo \ + cargo-${RV} \ git \ hwloc \ libhwloc-dev \ @@ -2841,7 +2888,6 @@ jobs: make \ parallel \ python3-yaml \ - rustc \ software-properties-common \ zlib1g \ zlib1g-dev \ @@ -2873,6 +2919,7 @@ jobs: ninja -C build install ldconfig cd $HOME + - run: echo "/usr/lib/rust-${RV}/bin" >> $GITHUB_PATH - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c @@ -3081,6 +3128,8 @@ jobs: runs-on: ubuntu-latest container: ubuntu:22.04 needs: [prepare-deps, prepare-cbindgen] + env: + RV: "1.89" steps: # Cache Rust stuff. - name: Cache cargo registry @@ -3098,7 +3147,7 @@ jobs: autoconf \ automake \ build-essential \ - cargo \ + cargo-${RV} \ cmake \ curl \ git \ @@ -3126,7 +3175,6 @@ jobs: pkg-config \ python3 \ python3-yaml \ - rustc \ sphinx-doc \ sphinx-common \ texlive-latex-base \ @@ -3135,6 +3183,7 @@ jobs: texlive-latex-extra \ zlib1g \ zlib1g-dev + - run: echo "/usr/lib/rust-${RV}/bin" >> $GITHUB_PATH - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c diff --git a/.github/workflows/commits.yml b/.github/workflows/commits.yml index 5eb994b625f3..e312391720cd 100644 --- a/.github/workflows/commits.yml +++ b/.github/workflows/commits.yml @@ -17,7 +17,7 @@ jobs: check-commits: name: Commit Check runs-on: ubuntu-latest - container: ubuntu:20.04 + container: ubuntu:24.04 steps: - name: Caching ~/.cargo uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb @@ -32,7 +32,7 @@ jobs: build-essential \ autoconf \ automake \ - cargo \ + cargo-1.89 \ curl \ git \ jq \ @@ -52,17 +52,16 @@ jobs: libjansson-dev \ libevent-dev \ libevent-pthreads-2.1-7 \ - libpython2.7 \ libssl-dev \ make \ parallel \ pkg-config \ python3-yaml \ - rustc \ software-properties-common \ zlib1g \ zlib1g-dev - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH + - run: echo "/usr/lib/rust-1.89/bin" >> $GITHUB_PATH - name: Installing sccache run: | (cd /tmp && curl -OL https://github.com/mozilla/sccache/releases/download/0.2.13/sccache-0.2.13-x86_64-unknown-linux-musl.tar.gz) diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index e72bf0f656bf..a6896d28622b 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -78,7 +78,7 @@ jobs: autoconf \ automake \ build-essential \ - cargo \ + cargo-1.89 \ cmake \ curl \ git \ @@ -104,7 +104,6 @@ jobs: pkg-config \ python3 \ python3-yaml \ - rustc \ sphinx-doc \ sphinx-common \ texlive-latex-base \ @@ -129,6 +128,8 @@ jobs: cp prep/cbindgen $HOME/.cargo/bin chmod 755 $HOME/.cargo/bin/cbindgen echo "$HOME/.cargo/bin" >> $GITHUB_PATH + - name: Add Rust 1.89 to path + run: echo "/usr/lib/rust-1.89/bin" >> $GITHUB_PATH - run: tar xf prep/suricata-update.tar.gz - run: ./autogen.sh - run: CFLAGS="${DEFAULT_CFLAGS}" ./configure diff --git a/.github/workflows/formatting.yml b/.github/workflows/formatting.yml index 734bb9f665f1..a3c2bb731666 100644 --- a/.github/workflows/formatting.yml +++ b/.github/workflows/formatting.yml @@ -31,6 +31,8 @@ jobs: runs-on: ubuntu-22.04 container: ubuntu:22.04 continue-on-error: false + env: + RV: "1.89" steps: # Cache Rust stuff. @@ -48,7 +50,7 @@ jobs: build-essential \ autoconf \ automake \ - cargo \ + cargo-${RV} \ cbindgen \ clang-format-14 \ git \ @@ -131,7 +133,7 @@ jobs: fi shell: bash {0} - run: ./autogen.sh - - run: ./configure --enable-warnings --enable-unittests + - run: PATH="/usr/lib/rust-${RV}/bin:$PATH" ./configure --enable-warnings --enable-unittests - name: Check formatting run: | ./scripts/clang-format.sh check-branch --diffstat --show-commits >> check_formatting_log.txt 2>&1 diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml index 5f97dd17e1bc..a121d50b99cc 100644 --- a/.github/workflows/nix.yml +++ b/.github/workflows/nix.yml @@ -9,7 +9,7 @@ jobs: - uses: actions/checkout@v6.0.2 - uses: cachix/install-nix-action@v31 with: - nix_path: nixpkgs=channel:nixos-24.11 + nix_path: nixpkgs=channel:nixos-25.11 - run: nix-shell --run ./scripts/bundle.sh - run: nix-shell --run ./autogen.sh - run: nix-shell --run "./configure CC=clang" diff --git a/.github/workflows/scan-build.yml b/.github/workflows/scan-build.yml index ef6e0e2109a5..7c4a59de9d15 100644 --- a/.github/workflows/scan-build.yml +++ b/.github/workflows/scan-build.yml @@ -21,6 +21,8 @@ jobs: name: Scan-build runs-on: ubuntu-latest container: ubuntu:25.04 + env: + RV: "1.85" steps: - name: Cache scan-build uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb @@ -36,7 +38,7 @@ jobs: build-essential \ autoconf \ automake \ - cargo \ + cargo-${RV} \ cbindgen \ clang-20 \ clang-tools-20 \ @@ -65,7 +67,6 @@ jobs: llvm-20-dev \ make \ python3-yaml \ - rustc \ software-properties-common \ zlib1g \ zlib1g-dev @@ -73,7 +74,7 @@ jobs: - run: git config --global --add safe.directory /__w/suricata/suricata - run: ./scripts/bundle.sh - run: ./autogen.sh - - run: scan-build-20 ./configure --enable-warnings --enable-dpdk --enable-nfqueue --enable-nflog + - run: PATH="/usr/lib/rust-${RV}/bin:$PATH" scan-build-20 ./configure --enable-warnings --enable-dpdk --enable-nfqueue --enable-nflog env: CC: clang-20 # disable security.insecureAPI.DeprecatedOrUnsafeBufferHandling explicitly as diff --git a/Makefile.am b/Makefile.am index e99cea855b29..6333994c1494 100644 --- a/Makefile.am +++ b/Makefile.am @@ -9,7 +9,8 @@ EXTRA_DIST = ChangeLog COPYING LICENSE suricata.yaml.in \ acsite.m4 \ scripts/generate-images.sh \ scripts/docs-almalinux9-minimal-build.sh \ - scripts/docs-ubuntu-debian-minimal-build.sh \ + scripts/docs-debian-minimal-build.sh \ + scripts/docs-ubuntu-minimal-build.sh \ scripts/evedoc.py \ examples/plugins SUBDIRS = rust src plugins qa rules doc etc python ebpf \ diff --git a/configure.ac b/configure.ac index 7f430ef4710c..85416b18fcd8 100644 --- a/configure.ac +++ b/configure.ac @@ -2097,7 +2097,7 @@ fi cargo_version_output=$($CARGO --version) cargo_version=$(echo "$cargo_version_output" | sed 's/^.*[[^0-9]]\([[0-9]]*\.[[0-9]]*\.[[0-9]]*\).*$/\1/') - MIN_RUSTC_VERSION="1.75.0" # MSRV + MIN_RUSTC_VERSION="1.85.0" # MSRV AC_MSG_CHECKING(for Rust version $MIN_RUSTC_VERSION or newer) AS_VERSION_COMPARE([$rustc_version], [$MIN_RUSTC_VERSION], [ diff --git a/doc/userguide/install.rst b/doc/userguide/install.rst index 10dc0f847c0b..f5c99fc4633a 100644 --- a/doc/userguide/install.rst +++ b/doc/userguide/install.rst @@ -63,13 +63,24 @@ Common configure options Dependencies and compilation ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -Ubuntu/Debian -""""""""""""" +Debian 13+ +"""""""""" .. note:: The following instructions require ``sudo`` to be installed. -.. literalinclude:: ../../scripts/docs-ubuntu-debian-minimal-build.sh - :caption: Minimal dependencies for Ubuntu/Debian +.. literalinclude:: ../../scripts/docs-debian-minimal-build.sh + :caption: Minimal dependencies for Debian + :language: bash + :start-after: # install-guide-documentation tag start: Minimal dependencies + :end-before: # install-guide-documentation tag end: Minimal dependencies + +Ubuntu +"""""" + +.. note:: The following instructions require ``sudo`` to be installed. + +.. literalinclude:: ../../scripts/docs-ubuntu-minimal-build.sh + :caption: Minimal dependencies for Ubuntu :language: bash :start-after: # install-guide-documentation tag start: Minimal dependencies :end-before: # install-guide-documentation tag end: Minimal dependencies diff --git a/rust/Cargo.toml.in b/rust/Cargo.toml.in index 92b3daff6ab3..930f5dfe1694 100644 --- a/rust/Cargo.toml.in +++ b/rust/Cargo.toml.in @@ -4,7 +4,7 @@ version = "@PACKAGE_VERSION@" license = "GPL-2.0-only" description = "Suricata Rust components" edition = "2021" -rust-version = "1.75.0" +rust-version = "1.85.0" [workspace] members = [ diff --git a/rust/Makefile.am b/rust/Makefile.am index 42cb143e037f..949dcf9ce773 100644 --- a/rust/Makefile.am +++ b/rust/Makefile.am @@ -192,7 +192,7 @@ endif if HAVE_CBINDGEN gen/rust-ffi.h: $(RUST_SURICATA_LIB) ffi/cbindgen.toml cd $(abs_top_srcdir)/rust/ffi && \ - CARGO=$(CARGO) $(CBINDGEN) --config $(abs_top_srcdir)/rust/ffi/cbindgen.toml \ + $(CARGO_ENV) CARGO=$(CARGO) $(CBINDGEN) --config $(abs_top_srcdir)/rust/ffi/cbindgen.toml \ --quiet --verify --output $(abs_top_builddir)/rust/gen/rust-ffi.h || true else gen/rust-ffi.h: diff --git a/rust/src/lib.rs b/rust/src/lib.rs index b0ff6c1c5724..51a1260a344a 100644 --- a/rust/src/lib.rs +++ b/rust/src/lib.rs @@ -49,6 +49,13 @@ // just due to FFI. #![allow(clippy::missing_safety_doc)] +// Disable the clippy warning for not using modern C string +// literals. Ubuntu 24.04 still ships cbindgen 0.26.0 that doesn't +// support these, so migrating to modern C string literals would +// require Ubuntu 24.04 users wishing to build from git to install +// cbindgen with cargo. +#![allow(clippy::manual_c_str_literals)] + // Allow unknown lints, our MSRV doesn't know them all, for // example static_mut_refs. #![allow(unknown_lints)] diff --git a/scripts/docs-almalinux9-minimal-build.sh b/scripts/docs-almalinux9-minimal-build.sh index 565cd4c2ea9f..546c7e447a67 100755 --- a/scripts/docs-almalinux9-minimal-build.sh +++ b/scripts/docs-almalinux9-minimal-build.sh @@ -3,7 +3,6 @@ # Serves for RPM-based docs and is verified by Github Actions # install-guide-documentation tag start: Minimal RPM-based dependencies -sudo dnf install -y dnf-plugins-core epel-release sudo dnf install -y cargo gcc jansson-devel libpcap-devel \ libyaml-devel make pcre2-devel zlib-devel # install-guide-documentation tag end: Minimal RPM-based dependencies diff --git a/scripts/docs-ubuntu-debian-minimal-build.sh b/scripts/docs-debian-minimal-build.sh similarity index 100% rename from scripts/docs-ubuntu-debian-minimal-build.sh rename to scripts/docs-debian-minimal-build.sh diff --git a/scripts/docs-ubuntu-minimal-build.sh b/scripts/docs-ubuntu-minimal-build.sh new file mode 100755 index 000000000000..3733cae99ebf --- /dev/null +++ b/scripts/docs-ubuntu-minimal-build.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +# Serves for Ubuntu/Debian docs and is verified by Github Actions + +# install-guide-documentation tag start: Minimal dependencies +sudo apt -y install autoconf automake build-essential cargo-1.89 \ + libjansson-dev libpcap-dev libpcre2-dev libtool \ + libyaml-dev make pkg-config zlib1g-dev +export PATH=/usr/lib/rust-1.89/bin:$PATH +# install-guide-documentation tag end: Minimal dependencies