Kea issueshttps://gitlab.isc.org/isc-projects/kea/-/issues2024-03-14T14:57:35Zhttps://gitlab.isc.org/isc-projects/kea/-/issues/3287enable pylint and pycodestyle on all python files in kea repo2024-03-14T14:57:35ZWlodzimierz Wencelenable pylint and pycodestyle on all python files in kea repoextend kea pipeline with similar solution to what we are using in qa repo.extend kea pipeline with similar solution to what we are using in qa repo.kea2.5.8https://gitlab.isc.org/isc-projects/kea/-/issues/2981"make coverage" doesn't work2023-08-10T13:44:47ZAndrei Pavelandrei@isc.org"make coverage" doesn't workThe coverage job in our internal Jenkins test environment started failing, when we upgraded Fedora from 36 to 38, likely because of a new gcovr version. That job uses an out-of-band set of actions to build the coverage report. While look...The coverage job in our internal Jenkins test environment started failing, when we upgraded Fedora from 36 to 38, likely because of a new gcovr version. That job uses an out-of-band set of actions to build the coverage report. While looking for alternatives, it was noticed that `make coverage` doesn't work either:
```
$ make coverage
[... goes on to run unit tests, but when the report needs to be made aka "make report-coverage" ...]
/bin/sh: -c: line 9: syntax error: unexpected end of file
make: *** [Makefile:1126: report-cpp-coverage] Error 2
```next-stable-2.6https://gitlab.isc.org/isc-projects/kea/-/issues/2872Enable MySQL, PgSQL in CodeQL2023-05-25T13:47:57ZTomek MrugalskiEnable MySQL, PgSQL in CodeQL#2760 enabled github's CodeQL checks. However, there were difficulties for MySQL, and Postgres (see [this thread](https://gitlab.isc.org/isc-projects/kea/-/merge_requests/1952#note_362168) and the links in it). It seems hammer had some d...#2760 enabled github's CodeQL checks. However, there were difficulties for MySQL, and Postgres (see [this thread](https://gitlab.isc.org/isc-projects/kea/-/merge_requests/1952#note_362168) and the links in it). It seems hammer had some difficulties installing dependencies and then accessing the database.
Note: CodeQL is only available on github. This is the first pipeline we have for our mirror on github. This ticket may cover other generic changes.
The goal of this ticket is to figure out why exactly hammer had problems, fix them and enable both MySQL and Postgres.
We have a separate [repo](https://github.com/isc-projects/kea-experiments) for experiments with github. This may come in handy.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/2671Some header files are missing header guards2023-01-12T14:49:43ZAndrei Pavelandrei@isc.orgSome header files are missing header guardsI suggest a CI step involving a python script that checks for missing header guards.
By convention, all or most header files should have a header guard to prevent including their content twice which can result in unforeseen errors that ...I suggest a CI step involving a python script that checks for missing header guards.
By convention, all or most header files should have a header guard to prevent including their content twice which can result in unforeseen errors that are difficult to figure out.
Here's a low-effort (and not entirely correct) attempt at determining which files are missing the header guards.
```
$ find . -type f -name '*.h' | xargs grep -L ifndef
./premium/src/hooks/dhcp/lease_query/tests/blq_utils.h
./premium/src/hooks/dhcp/forensic_log/subnets_user_context.h
./premium/src/hooks/dhcp/subnet_cmds/tests/subnet_cmds_unittest.h
./premium/src/hooks/dhcp/ddns_tuning/libloadtests/callout_unittests.h
./src/hooks/dhcp/lease_cmds/tests/lease_cmds_unittest.h
./src/hooks/dhcp/high_availability/tests/ha_test.h
./src/bin/dhcp6/tests/callout_library_common.h
./src/bin/dhcp4/tests/callout_library_common.h
./src/lib/util/tests/memory_segment_common_unittest.h
./src/lib/util/unittests/interprocess_util.h
./src/lib/asiodns/logger.h
./src/lib/dns/rdata/any_255/tsig_250.h
./src/lib/dns/rdata/template.h
./src/lib/dns/rdata/in_1/aaaa_28.h
./src/lib/dns/rdata/in_1/srv_33.h
./src/lib/dns/rdata/in_1/a_1.h
./src/lib/dns/rdata/in_1/dhcid_49.h
./src/lib/dns/rdata/ch_3/a_1.h
./src/lib/dns/rdata/generic/ptr_12.h
./src/lib/dns/rdata/generic/hinfo_13.h
./src/lib/dns/rdata/generic/tkey_249.h
./src/lib/dns/rdata/generic/rp_17.h
./src/lib/dns/rdata/generic/mx_15.h
./src/lib/dns/rdata/generic/spf_99.h
./src/lib/dns/rdata/generic/ns_2.h
./src/lib/dns/rdata/generic/nsec3param_51.h
./src/lib/dns/rdata/generic/dlv_32769.h
./src/lib/dns/rdata/generic/soa_6.h
./src/lib/dns/rdata/generic/caa_257.h
./src/lib/dns/rdata/generic/cname_5.h
./src/lib/dns/rdata/generic/rrsig_46.h
./src/lib/dns/rdata/generic/tlsa_52.h
./src/lib/dns/rdata/generic/dname_39.h
./src/lib/dns/rdata/generic/nsec_47.h
./src/lib/dns/rdata/generic/nsec3_50.h
./src/lib/dns/rdata/generic/ds_43.h
./src/lib/dns/rdata/generic/dnskey_48.h
./src/lib/dns/rdata/generic/naptr_35.h
./src/lib/dns/rdata/generic/txt_16.h
./src/lib/dns/rdata/generic/afsdb_18.h
./src/lib/dns/rdata/generic/opt_41.h
./src/lib/dns/rdata/generic/sshfp_44.h
./src/lib/dns/rdata/generic/minfo_14.h
./src/lib/dns/rdata/hs_4/a_1.h
./src/lib/cryptolink/openssl_common.h
./src/lib/cryptolink/botan_common.h
```outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/2628CI step missing-git-attribute doesn't detect if the .gitattribute file is mis...2023-01-26T18:25:44ZAndrei Pavelandrei@isc.orgCI step missing-git-attribute doesn't detect if the .gitattribute file is missing entirelyAt least it checks the contents correctly when the file exists.
But if the file is missing, it should be reported.
This [patch](https://gitlab.isc.org/isc-projects/kea/uploads/f8b68c012b2b1969593676e32dc51c7f/a.patch) was suggested as ...At least it checks the contents correctly when the file exists.
But if the file is missing, it should be reported.
This [patch](https://gitlab.isc.org/isc-projects/kea/uploads/f8b68c012b2b1969593676e32dc51c7f/a.patch) was suggested as a fix in another issue.outstandinghttps://gitlab.isc.org/isc-projects/kea/-/issues/2300Deploy flawfinder in CI (SAST)2022-11-02T15:10:41ZTomek MrugalskiDeploy flawfinder in CI (SAST)There's [flawfinder](https://github.com/david-a-wheeler/flawfinder) tool that supposedly is useful for C/C++ code audit. We should:
1. [ ] try it and see if the results produced are useful
2. [ ] fix the problems it reported
3. [x] depl...There's [flawfinder](https://github.com/david-a-wheeler/flawfinder) tool that supposedly is useful for C/C++ code audit. We should:
1. [ ] try it and see if the results produced are useful
2. [ ] fix the problems it reported
3. [x] deploy it on CI
Each step depends on the previous one. If at any step we decide the whole thing doesn't make sense, the ticket should be closed.
It may be integrated with gitlab. Go to Security & Compliance -> Configuration, then Static Application Security Testing (SAST).backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1996Add Gitlab pipeline buttons that regenerate messages and parsers2022-11-02T15:10:40ZAndrei Pavelandrei@isc.orgAdd Gitlab pipeline buttons that regenerate messages and parsersThe buttons would be similar to the deploy buttons in stork.
I want this mainly for parsers because people regenerate with different bison versions. And Kea sometimes reaches a state where different bison versions are used for different...The buttons would be similar to the deploy buttons in stork.
I want this mainly for parsers because people regenerate with different bison versions. And Kea sometimes reaches a state where different bison versions are used for different parser files. And I don't know if it's safe to test Kea like that throughout the development process. And maybe people feel more comfortable clicking a button in Gitlab which adds a commit that regenerates the parsers for them with the bison version that was settled to be used than to keep upgrading the bison on their machine.
But we could add one for messages as well so that we don't have to --enable-generate-messages all the time.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/1767check static analysers reports2022-11-02T15:10:18ZWlodzimierz Wencelcheck static analysers reportsRecent increased interest in security reminded me that it was some time since anyone looked into our static analysers, reports are:
* https://scan.coverity.com/projects/kea/view_defects (if you don't have an account please sign in and re...Recent increased interest in security reminded me that it was some time since anyone looked into our static analysers, reports are:
* https://scan.coverity.com/projects/kea/view_defects (if you don't have an account please sign in and request access to kea)
* https://jenkins.isc.org/view/All/job/kea-master-cppcheck-internal/
We need:
* review reports
* in coverity mark issues with correct status
* open tickets for real issues
* fix issues :)backlogRazvan BecheriuRazvan Becheriuhttps://gitlab.isc.org/isc-projects/kea/-/issues/1723CI: check for unused messages2022-11-02T15:10:19ZAndrei Pavelandrei@isc.orgCI: check for unused messagesThere are some log messages that are unused anymore like `DHCP4_CONFIG_NEW_SUBNET`. I think we shouldn't keep them around. Even if it is decided that these actions should be logged again in the future, it will probably result in a new me...There are some log messages that are unused anymore like `DHCP4_CONFIG_NEW_SUBNET`. I think we shouldn't keep them around. Even if it is decided that these actions should be logged again in the future, it will probably result in a new message being added when that time comes. I would make this part of CI.backloghttps://gitlab.isc.org/isc-projects/kea/-/issues/873Integrate CodeQL (LGTM replacement) security checker into our process2023-02-23T12:30:30ZTomek MrugalskiIntegrate CodeQL (LGTM replacement) security checker into our processThere's a tool called LGTM: https://lgtm.com/
It is advertised as a security checker and is free for open source projects.
@manu, @fdupont, @godfryd - have you ever used it? Any opinions?
UPDATE: LGTM was replaced with CodeQL.There's a tool called LGTM: https://lgtm.com/
It is advertised as a security checker and is free for open source projects.
@manu, @fdupont, @godfryd - have you ever used it? Any opinions?
UPDATE: LGTM was replaced with CodeQL.backlog