CI: split verdict modes into separate jobs

89f2bbfd · François De Keersmaeker · 9ac54ba7 · 9ac54ba7 · 89f2bbfd
--- a/.ci_scripts/firewall-test/translate_and_build.sh
+++ b/.ci_scripts/firewall-test/translate_and_build.sh
-#!/bin/bash
-## CONSTANTS
-CI_SCRIPTS_DIR="$GITHUB_WORKSPACE/.ci_scripts/firewall-test"
-## COMMAND LINE ARGUMENTS
-MODE=""
-ARG=""
-while getopts "r:p:" opt;
-do
-    case "${opt}" in
-        r|p)
-            # Rate limit / stochastic verdict
-            MODE="${opt}"
-            ARG="${OPTARG}"
-            ;;
-        *)
-            # Default: binary verdict (ACCEPT or DROP)
-            ;;
-    esac
-done
-shift $((OPTIND-1))
-########
-# MAIN #
-########
-# 1. Translate profiles with given verdict mode
-$CI_SCRIPTS_DIR/translate_profiles.sh $MODE $ARG
-# 2. Build project with CMake
-$GITHUB_WORKSPACE/build.sh -d $GITHUB_WORKSPACE
-# 3. Run CUnit tests
-$CI_SCRIPTS_DIR/run_tests.sh
-# 4. Run Valgrind on CUnit tests
-$CI_SCRIPTS_DIR/run_tests.sh valgrind
-# 5. Run cppcheck on source files
-$CI_SCRIPTS_DIR/run_cppcheck.sh
-# 6. Add NFTables rules
-$CI_SCRIPTS_DIR/add_nft_rules.sh
-# 7. Run NFQueue executables
-$CI_SCRIPTS_DIR/run_exec.sh
--- a/.github/workflows/test-firewall.yaml
+++ b/.github/workflows/test-firewall.yaml
-name: Test the firewall
+name: Test the whole system
 on: [push]
 jobs:
-  # Compile project
+  binary-verdict:
-  build:
    runs-on: ubuntu-latest
    steps:
@@ -20,11 +19,88 @@ jobs:
      - name: Install Python packages
        run: pip install -r $GITHUB_WORKSPACE/requirements.txt
-      - name: Translate and build profiles, with binary verdict
+      - name: Translate profiles
-        run: $GITHUB_WORKSPACE/.ci_scripts/firewall-test/translate_and_build.sh
+        run: $GITHUB_WORKSPACE/.ci_scripts/firewall-test/translate_profiles.sh
-      - name: Translate and build profiles, with rate limiting verdict
+      - name: Build project with CMake
-        run: $GITHUB_WORKSPACE/.ci_scripts/firewall-test/translate_and_build.sh -r 50
+        run: $GITHUB_WORKSPACE/build.sh -d $GITHUB_WORKSPACE
-      - name: Translate and build profiles, with stochastic verdict
+      - name: Run CUnit tests
-        run: $GITHUB_WORKSPACE/.ci_scripts/firewall-test/translate_and_build.sh -p 0.5
+        run: $GITHUB_WORKSPACE/.ci_scripts/firewall-test/run_tests.sh
+      - name: Run Valgrind on CUnit tests
+        run: $GITHUB_WORKSPACE/.ci_scripts/firewall-test/run_tests.sh valgrind
+      - name: Run cppcheck on source files
+        run: $GITHUB_WORKSPACE/.ci_scripts/firewall-test/run_cppcheck.sh
+      - name: Add nftables rules
+        run:  $GITHUB_WORKSPACE/.ci_scripts/firewall-test/add_nft_rules.sh
+  rate-limit-verdict:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+        with:
+          submodules: recursive
+      - name: Install required packages
+        run: sudo $GITHUB_WORKSPACE/.ci_scripts/firewall-test/install_packages.sh
+      - name: Install Python packages
+        run: pip install -r $GITHUB_WORKSPACE/requirements.txt
+      - name: Translate profiles
+        run: $GITHUB_WORKSPACE/.ci_scripts/firewall-test/translate_profiles.sh -r 50
+      - name: Build project with CMake
+        run: $GITHUB_WORKSPACE/build.sh -d $GITHUB_WORKSPACE
+      - name: Run CUnit tests
+        run: $GITHUB_WORKSPACE/.ci_scripts/firewall-test/run_tests.sh
+      - name: Run Valgrind on CUnit tests
+        run: $GITHUB_WORKSPACE/.ci_scripts/firewall-test/run_tests.sh valgrind
+      - name: Run cppcheck on source files
+        run: $GITHUB_WORKSPACE/.ci_scripts/firewall-test/run_cppcheck.sh
+      - name: Add nftables rules
+        run:  $GITHUB_WORKSPACE/.ci_scripts/firewall-test/add_nft_rules.sh
+  random-verdict:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+        with:
+          submodules: recursive
+      - name: Install required packages
+        run: sudo $GITHUB_WORKSPACE/.ci_scripts/firewall-test/install_packages.sh
+      - name: Install Python packages
+        run: pip install -r $GITHUB_WORKSPACE/requirements.txt
+      - name: Translate profiles
+        run: $GITHUB_WORKSPACE/.ci_scripts/firewall-test/translate_profiles.sh -p 0.5
+      - name: Build project with CMake
+        run: $GITHUB_WORKSPACE/build.sh -d $GITHUB_WORKSPACE
+      - name: Run CUnit tests
+        run: $GITHUB_WORKSPACE/.ci_scripts/firewall-test/run_tests.sh
+      - name: Run Valgrind on CUnit tests
+        run: $GITHUB_WORKSPACE/.ci_scripts/firewall-test/run_tests.sh valgrind
+      - name: Run cppcheck on source files
+        run: $GITHUB_WORKSPACE/.ci_scripts/firewall-test/run_cppcheck.sh
+      - name: Add nftables rules
+        run:  $GITHUB_WORKSPACE/.ci_scripts/firewall-test/add_nft_rules.sh