Motivation: code coverage reports were incomplete. This lays a better
base for consistent reporting via GitHub Actions, with room for follow-ups.
It also removes a test flake source in Kafka jobs.
Impact: CI/tests only; no runtime behavior or ABI changes expected.
Before: Coverage uploads were inconsistent; Kafka tests could hang while
reading from /dev/urandom to generate topic names.
After: Coverage is collected with lcov and uploaded via a dedicated GH
Action; Kafka topics use fast $RANDOM-based hex, avoiding early-boot
entropy stalls.
Technical details:
- Add two workflows: "codecov base" and "codecov kafka" on Ubuntu 24.04.
Use lcov capture with unexecuted blocks and prune common noise; upload
with token for same-repo PRs and tokenless for forks.
- Update .codecov.yml: add path fixes for container (/rsyslog) and
runner layouts; explicitly set comment: false and patch: false.
- Bump actions/checkout to v4 in existing workflows; add an actionlint
job to catch YAML problems early.
- Switch codecov jobs in container matrix to 24.04 images.
- Improve run-ci.sh lcov invocation to be more tolerant of line/macro
mismatches.
- Testbench: replace /dev/urandom topic generation with 8-char hex from
$RANDOM; adjust diag.sh path/quoting for zookeeper helper.
The civetweb library is not packaged in a thread-safe way and as such
TSAN always fails due to a civetweb data race by calling gmtime.
Nothing to do so far against that.
We try sid to gain early access to new compiler versions. It needs
to be show if sid causes too many false positives (due to its own
instability) and if we manage to regenerate the compiler frequently
enough.
Replace deprecated bash uploader with Codecov's official uploader.
The script now downloads the uploader binary, verifies its SHA256
checksum, and runs it to submit coverage results.
The change keeps run-ci.sh CI-agnostic.
With the help of AI-Agent: ChatGPT
Add concurrency groups with cancel-in-progress to all pull request
workflows so new pushes abort outdated jobs.
Most importantly this saves ressources and also makes follow-up
PR runs much quicker.
with the help of ChatGPT
Add a GitHub Actions job using codespell to check Sphinx docs in doc/source.
This helps catch spelling errors early and improves documentation quality.
With help from AI-Agent: ChatGPT
- fixed typos, corrected small text issues, and adjusted minor wording in messageparser.rst and multi_ruleset.rst.
- removing second 'be' & changing the verb form from activate to activates.
Only updates to documentation files (.rst, .md, .txt) for minor fixes. No source code or runtime behavior is affected.
* CI: fix welcome message activation mode to make it really work
We need to run the repo-provided script to have sufficient acces rights.
Otherwise, it will not work with PRs from forked repos (which is the
norm).
Plus some robustness amendments.
* Update .github/workflows/contributor-welcome.yml
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
intent is two-fold:
- act welcoming and provide some guidance for PR contributors
- do a bit of checking so maintainer get's an idea if this might
be a spammy account (the world is a bad place...). Also
prevent rsyslog from being used for social engineering other
repos.
This method will be improved in the future and is work in progress.
Note: rsyslog welcomes small PRs, even single typo fixes, when
they are useful to the project. We shall, however, reject frequent
single typo fixes from same account and ask them to combine the
commits. Reason is this might be a social engineering tactic to
make rsyslog itself or other repos build unrooted trust in the
account.
Multiple intermediate CAs were not honored because strtok() modified
the original config value at the first comma. This led to only the
first file being considered. This change preserves the original value
and validates files using a duplicate buffer.
Impact: Users can reliably specify multiple CA intermediates via
NetstreamDriverCAExtraFiles; TLS chains that require intermediates
now validate as expected. Tests added.
Before: parsing mutated the stored string, effectively truncating at
the first comma and ignoring subsequent CA files.
After: we strdup() for validation, leave the original string intact,
and set it only if all files are accessible. Error handling follows
existing RS_RET patterns; temporary buffer is freed on all paths.
Additionally, add a test (OpenSSL backend) that generates a root,
two intermediates, and leaf certs on both client and server. The test
verifies chains with openssl, aligns CN/PermittedPeer, and exercises
a full send/receive path to guard against regressions. Makefile is
updated to include the new test in TESTS and EXTRA_DIST.
Fixes: https://github.com/rsyslog/rsyslog/issues/5207
This replaces the former clang static analyzer check via buildbot, which needed quite some baby-sitting due to environment constraints. For the next time, run it via github action.
Note that we use the same core script to run the analyzer like we did previously. This means we can also switch back with ease.
Modernize our dev/CI matrix to match current distro lines and reduce
toolchain drift. This keeps project-provided images aligned with what
contributors run locally and moves us toward “project-supported” bases.
Impact: CI matrix refresh only; no runtime behavior change intended.
Before: CI used Fedora 35/36 and Debian 10/11 dev-base images.
After: CI uses Fedora 41/42 and Debian 11/13 dev-base images.
Update run_checks.yml to use new container tags and pass consistent
configure extras (incl. enabling dtls in relevant jobs). Add Dockerfiles
and helper scripts for debian:13 and fedora:{41,42}. Bump the cached
ZooKeeper tarball to 3.9.3 across legacy images. Debian 13 adds a small
libgcrypt-config wrapper that defers to pkg-config to keep builds working.
Fedora images refresh toolchains (clang18 et al.) and re-sync module flags.
No API/ABI changes; this is build/CI plumbing only.
closes: https://github.com/rsyslog/rsyslog/issues/5989
This adds repository-level instructions to guide GitHub Copilot in
producing higher quality and safer pull requests. It is part of the
"AI First" approach, aiming to improve contributor experience and
reduce review friction.
Impact: no change to runtime or user-facing behavior.
The new files under `.github/` provide scoped rules for Copilot across
documentation, plugins, and contrib modules. They emphasize alignment
with AGENTS.md, developer checklists, and module maps. Guardrails cover
quoting, doc structure, config conventions, and mandatory source
citations. The intent is to ensure AI-assisted edits follow existing
rsyslog patterns and remain minimal and test-backed.
These changes are additive only and have no effect on rsyslog code,
APIs, or operational semantics. They prepare the repo for more
consistent AI-assisted contributions.
This modernizes contributor experience by simplifying PR templates and
removing the lengthy GDPR disclaimer that often discouraged or confused
new contributors. The update encourages more participation and shows how
responsible AI can be used to improve open source workflows.
Impact: none on runtime behavior; contributor workflow improved.
Before: PR template included long GDPR block; commit message rules were
scattered and partly implicit.
After: PR template is concise, GDPR text removed, and commit assistant
usage is documented across README, CONTRIBUTING, and AGENTS.md.
Technical changes include:
- PR template: drop GDPR notice, add commit-assistant references.
- CONTRIBUTING.md: add explicit commit rules and workflow guidance.
- AGENTS.md: require canonical base prompt and commit-first workflow.
- README.md: point to assistant and updated guidance.
- base_prompt.txt: enforce "Findings:" colon format.
- Minor formatting corrections in comments.
Introduce a GitHub Actions workflow that automatically runs
devtools/format-code.sh on every pull request touching source files.
If formatting changes are detected, the check fails and provides clear
instructions for contributors—run the formatter locally and enable
“Allow edits from maintainers” so fixes can be applied.
This prevents code‑style drift and eliminates style‑only update noise.
This patch improves the GitHub Actions PR validation workflow:
- Added comprehensive inline documentation for clarity.
- Corrected branch reference from 'master' to 'main'
in `tests/CI/PR_validation.sh`.
These changes enhance CI/CD clarity and maintainability.
With support from AI Agents: Gemini
- Consolidate change detection into a single “Check for doc changes” step
- Remove separate determine_changes_type and doc_only_success_check jobs
- Ensure the CI job always returns an exit status (satisfies branch protection)
- Update checkout action version and file‐pattern list for code changes
- Bump copyright year to 2025
Create doc_build.yml for GitHub Actions. The workflow builds
Sphinx docs when *.rst files under doc/ change. It still runs for
other pull requests but exits early so branch protection succeeds
without running make.
AI-Agent: Codex
AI tools and newcomers often execute test scripts
without running autoreconf, configure or make. This
causes missing binaries and confusing failures.
The diag.sh stub now self-bootstraps when needed:
- Run autoreconf -fi if configure is missing.
- Run configure with testbench flags if Makefile is
missing.
- Build tests/tcpflood and tools/rsyslogd via
make check TESTS="".
This makes tests more robust against improper
environment setup.
