Skip to content

Add IP address to the login audit for successful logins #2361

Add IP address to the login audit for successful logins

Add IP address to the login audit for successful logins #2361

Workflow file for this run

# +-------------------------------------------------------------------------+
# | Copyright (C) 2004-2024 The Cacti Group |
# | |
# | This program is free software; you can redistribute it and/or |
# | modify it under the terms of the GNU General Public License |
# | as published by the Free Software Foundation; either version 2 |
# | of the License, or (at your option) any later version. |
# | |
# | This program is distributed in the hope that it will be useful, |
# | but WITHOUT ANY WARRANTY; without even the implied warranty of |
# | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
# | GNU General Public License for more details. |
# +-------------------------------------------------------------------------+
# | Cacti: The Complete RRDtool-based Graphing Solution |
# +-------------------------------------------------------------------------+
# | This code is designed, written, and maintained by the Cacti Group. See |
# | about.php and/or the AUTHORS file for specific developer information. |
# +-------------------------------------------------------------------------+
# | http://www.cacti.net/ |
# +-------------------------------------------------------------------------+
name: Cacti Commit Audit
on:
push:
branches: [ 1.2.x ]
pull_request:
branches: [ 1.2.x ]
permissions:
contents: read
concurrency:
group: build-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
check:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest] #ubuntu-20.04.04 currently
php: ['5.4','7.0','7.4', '8.0', '8.1', '8.2']
experimental: [false]
services:
mysql:
image: mysql:latest
env:
MYSQL_DATABASE: cacti
MYSQL_HOST: 127.0.0.1
MYSQL_USER: cactiuser
MYSQL_PASSWORD: cactiuser
MYSQL_ROOT_PASSWORD: cactiroot
ports:
- 3306:3306
options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3
name: PHP ${{ matrix.php }} Test on ${{ matrix.os }}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Install PHP ${{ matrix.php }}
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
extensions: intl, mysql, gd, ldap, gmp, xml, curl, json, mbstring #optional
ini-values: "post_max_size=256M, max_execution_time=60, date.timezone=America/New_York" #optional
- name: Check PHP version
run: php -v
- name: Checkout Thold Plugin
uses: GuillaumeFalourd/clone-github-repo-action@v2
with:
owner: 'Cacti'
repository: 'plugin_thold'
- name: Checkout Monitor Plugin
uses: GuillaumeFalourd/clone-github-repo-action@v2
with:
owner: 'Cacti'
repository: 'plugin_monitor'
- name: Checkout MacTrack Plugin
uses: GuillaumeFalourd/clone-github-repo-action@v2
with:
owner: 'Cacti'
repository: 'plugin_mactrack'
- name: Checkout FlowView Plugin
uses: GuillaumeFalourd/clone-github-repo-action@v2
with:
owner: 'Cacti'
repository: 'plugin_flowview'
- name: Checkout Audit Plugin
uses: GuillaumeFalourd/clone-github-repo-action@v2
with:
owner: 'Cacti'
repository: 'plugin_audit'
- name: Checkout Syslog Plugin
uses: GuillaumeFalourd/clone-github-repo-action@v2
with:
owner: 'Cacti'
repository: 'plugin_syslog'
- name: Move Plugins to Plugin Directory
run: |
mv plugin_thold ${{ github.workspace }}/plugins/thold
mv plugin_monitor ${{ github.workspace }}/plugins/monitor
mv plugin_mactrack ${{ github.workspace }}/plugins/mactrack
mv plugin_audit ${{ github.workspace }}/plugins/audit
mv plugin_flowview ${{ github.workspace }}/plugins/flowview
mv plugin_syslog ${{ github.workspace }}/plugins/syslog
# With syslog we have to enable batch installs using the lines below
cd ${{ github.workspace }}/plugins/syslog
cp -p config.php.dist config.php
sed -i 's/\/\/\$syslog_install_options/\$syslog_install_options/g' config.php
- name: Check PHP syntax
run: if find ${{ github.workspace }} -name '*.php' -exec php -l {} 2>&1 \; | grep -iv 'no syntax errors detected'; then exit 1; fi
- name: Install php-fpm
if: ${{ '5.4' != matrix.php && '7.0' != matrix.php }} # removed old php from page tests
env:
version: ${{ matrix.php }}
run: |
sudo service php$version-fpm start
sudo service php$version-fpm status
- name: Test php-fpm
if: ${{ '5.4' != matrix.php && '7.0' != matrix.php }} # removed old php from page tests
env:
version: ${{ matrix.php }}
run: |
# Copy php-fpm to a directory in PATH
sudo cp /usr/sbin/php-fpm$version /usr/bin/php-fpm
php-fpm -v
- name: Install Apache and tools
if: ${{ '5.4' != matrix.php && '7.0' != matrix.php }} # removed old php from page tests
run: sudo apt-get install apache2 snmp rrdtool
- name: Enable Proxy FCGI
if: ${{ '5.4' != matrix.php && '7.0' != matrix.php }} # removed old php from page tests
run: sudo a2enmod proxy_fcgi setenvif actions alias
- name: Configure Apache Site
if: ${{ '5.4' != matrix.php && '7.0' != matrix.php }} # removed old php from page tests
run: |
cat ${{ github.workspace }}/tests/tools/cacti.conf | sed -r 's#GITHUB_WORKSPACE#${{ github.workspace }}#g' > /tmp/cacti.conf
sudo cp /tmp/cacti.conf /etc/apache2/sites-available/000-default.conf
- name: Open permissions for testing purposes
if: ${{ '5.4' != matrix.php && '7.0' != matrix.php }} # removed old php from page tests
run: sudo chmod -R 777 ${{ github.workspace}}
- name: Restart Apache2
if: ${{ '5.4' != matrix.php && '7.0' != matrix.php }} # removed old php from page tests
run: sudo systemctl restart apache2
- name: Create and Initialize Database
if: ${{ '5.4' != matrix.php && '7.0' != matrix.php }} # removed old php from page tests
env:
MYSQL_AUTH_USR: '--defaults-file=~/.my.cnf'
run: |
echo -e "[client]\nuser = root\npassword = cactiroot\nhost = 127.0.0.1\n" >> ~/.my.cnf
cat ~/.my.cnf
mysql $MYSQL_AUTH_USR -e 'CREATE DATABASE IF NOT EXISTS cacti;'
mysql $MYSQL_AUTH_USR -e "CREATE USER 'cactiuser'@'localhost' IDENTIFIED BY 'cactiuser';"
mysql $MYSQL_AUTH_USR -e "GRANT ALL PRIVILEGES ON cacti.* TO 'cactiuser'@'localhost';"
mysql $MYSQL_AUTH_USR -e "FLUSH PRIVILEGES;"
mysql $MYSQL_AUTH_USR cacti < ${{ github.workspace }}/cacti.sql
mysql $MYSQL_AUTH_USR -e "INSERT INTO settings (name, value) VALUES ('path_php_binary', '/bin/php')" cacti
- name: Prime Cacti config.php File
if: ${{ '5.4' != matrix.php && '7.0' != matrix.php }} # removed old php from page tests
run: |
cat ${{ github.workspace }}/include/config.php.dist | sed -r "s/localhost/127.0.0.1/g" > ${{ github.workspace }}/include/config.php
sudo chmod 777 ${{ github.workspace }}/include/config.php
cat ${{ github.workspace}}/include/config.php
- name: Check install code for validity
if: ${{ '5.4' != matrix.php && '7.0' != matrix.php }} # removed old php from page tests
run: |
cd ${{ github.workspace }}
sudo php -q tests/tools/check_install_code.php
- name: Check that all CLI scripts have a valid --version flag
if: ${{ '5.4' != matrix.php && '7.0' != matrix.php }} # removed old php from page tests
run: |
cd ${{ github.workspace }}
sudo bash tests/tools/check_cli_version.sh
- name: Install Cacti through the CLI
if: ${{ '5.4' != matrix.php && '7.0' != matrix.php }} # removed old php from page tests
run: |
cd ${{ github.workspace }}
sudo php cli/install_cacti.php --accept-eula --install --force
- name: Install and Enable Plugins
if: ${{ '5.4' != matrix.php && '7.0' != matrix.php }} # removed old php from page tests
run: |
cd ${{ github.workspace }}
sudo php cli/plugin_manage.php --plugin=thold --plugin=monitor --plugin=mactrack --plugin=audit --plugin=flowview --plugin=syslog --install --enable --allperms
- name: Check all pages using recursive wget
if: ${{ '5.4' != matrix.php && '7.0' != matrix.php }} # removed old php from page tests
run: |
cd ${{ github.workspace }}
echo -e "[client]\nuser = root\npassword = cactiroot\nhost = 127.0.0.1\n" > ${{ github.workspace }}/.my.cnf
sudo tests/tools/check_all_pages.sh
- name: View contents of logs
if: ${{ '5.4' != matrix.php && '7.0' != matrix.php }} # removed old php from page tests
run: sudo cat ${{ github.workspace }}/log/cacti.log
# - name: Validate composer.json and composer.lock
# run: composer validate --strict
# - name: Cache Composer packages
# id: composer-cache
# uses: actions/cache@v3
# with:
# path: vendor
# key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }}
# restore-keys: |
# ${{ runner.os }}-php-
#
# - name: Install dependencies
# run: composer install --prefer-dist --no-progress
# Add a test script to composer.json, for instance: "test": "vendor/bin/phpunit"
# Docs: https://getcomposer.org/doc/articles/scripts.md
# - name: Run test suite
# run: composer run-script test