4 files changed, 323 insertions, 0 deletions

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..0a23353
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,12 @@
+# https://help.github.com/articles/about-codeowners/
+#
+# last match wins, so put more specific matches towards the end
+#
+# only ppl with push rights in the repo can be owners
+# https://github.com/isaacs/github/issues/989#issuecomment-320475904
+#
+# additionally, it seems only the directoy syntax works.
+# e.g. '/src/source-*.[ch]  @regit' seems to have no effect.
+
+*                   @jasonish @OISF/core-team
+
diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md
new file mode 100644
index 0000000..934a9d1
--- /dev/null
+++ b/.github/CONTRIBUTING.md
@@ -0,0 +1,53 @@
+Contributing to Suricata
+========================
+
+We're happily taking patches and other contributions. The process is
+documented at
+https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Contributing
+Please have a look at this document before submitting.
+
+Contribution Agreement
+----------------------
+
+Before accepting your pull requests we need you or your organization
+to sign our contribution agreement.
+
+We do this to keep the ownership of Suricata in one hand: the Open
+Information Security Foundation. See
+https://suricata-ids.org/about/open-source/ and
+https://suricata-ids.org/about/contribution-agreement/
+
+Contribution Process
+--------------------
+
+Suricata is a complex piece of software dealing with mostly untrusted
+input. Mishandling this input will have serious consequences:
+
+* in IPS mode a crash may knock a network offline;
+* in passive mode a compromise of the IDS may lead to loss of critical
+  and confidential data;
+* missed detection may lead to undetected compromise of the network.
+
+In other words, we think the stakes are pretty high, especially since
+in many common cases the IDS/IPS will be directly reachable by an
+attacker.
+
+For this reason, we have developed a QA process that is quite
+extensive. A consequence is that contributing to Suricata can be a
+somewhat lengthy process.
+
+On a high level, the steps are:
+
+1. Travis-CI based build & unit testing. This runs automatically when
+   a pull request is made.
+
+2. Review by devs from the team and community
+
+3. QA runs trigged by the team
+
+Questions
+---------
+
+If you have questions about contributing, please contact us via
+https://suricata-ids.org/support/
+
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
new file mode 100644
index 0000000..5bf7005
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,16 @@
+Make sure these boxes are signed before submitting your Pull Request
+-- thank you.
+
+- [ ] I have read the contributing guide lines at
+  https://docs.suricata.io/en/latest/devguide/codebase/contributing/contribution-process.html
+- [ ] I have signed the Open Information Security Foundation
+  contribution agreement at https://suricata.io/about/contribution-agreement/
+- [ ] I have updated the user guide (in doc/userguide/) to reflect the
+  changes made (if applicable)
+
+Link to [redmine](https://redmine.openinfosecfoundation.org/projects/suricata/issues) ticket:
+
+Describe changes:
+-
+-
+-
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
new file mode 100644
index 0000000..22a19f3
--- /dev/null
+++ b/.github/workflows/tests.yml
@@ -0,0 +1,242 @@
+name: Distribution Checks
+
+on:
+  - push
+  - pull_request
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+permissions: read-all
+
+jobs:
+
+  alma-9:
+    # At the time of adding this test, tox and pytest don't install
+    # cleanly using system packages, so just run the integration tests
+    # for now.
+    name: AlmaLinux 9
+    runs-on: ubuntu-latest
+    container: almalinux:9
+    steps:
+      - run: |
+          dnf -y install \
+            python3 \
+            python3-pyyaml
+      - uses: actions/checkout@v1
+      - name: Python 3 integration tests
+        run: PYTHONPATH=. python3 ./tests/integration_tests.py
+
+  alma-8:
+    name: AlmaLinux 8
+    runs-on: ubuntu-latest
+    container: almalinux:8
+    steps:
+      - run: |
+          yum -y install \
+            python2-pytest \
+            python2-pyyaml \
+            python3 \
+            python3-pytest \
+            python3-pyyaml
+      - uses: actions/checkout@v1
+
+      - name: Python 2 unit tests
+        run: PYTHONPATH=. pytest-2
+      - name: Python 2 integration tests
+        run: PYTHONPATH=. python2 ./tests/integration_tests.py
+
+      - name: Python 3 unit tests
+        run: PYTHONPATH=. pytest-3
+      - name: Python 3 integration tests
+        run: PYTHONPATH=. python3 ./tests/integration_tests.py
+
+  centos-7:
+    name: CentOS 7
+    runs-on: ubuntu-latest
+    container: centos:7
+    steps:
+      - run: yum -y install epel-release
+      - run: |
+          yum -y install \
+            python2-pytest \
+            python2-pyyaml \
+            python36-pytest \
+            python36-yaml
+      - uses: actions/checkout@v1
+
+      - name: Python 2 unit tests
+        run: PYTHONPATH=. py.test-2.7
+      - name: Python 2 integration tests
+        run: PYTHONPATH=. python2 ./tests/integration_tests.py
+
+      - name: Python 3 unit tests
+        run: PYTHONPATH=. py.test-3
+      - name: Python 3 integration tests
+        run: PYTHONPATH=. python3 ./tests/integration_tests.py
+
+  fedora-39:
+    name: Fedora 39
+    runs-on: ubuntu-latest
+    container: fedora:39
+    steps:
+      - run: |
+          dnf -y install \
+            python3 \
+            python3-pytest \
+            python3-pyyaml
+      - uses: actions/checkout@v4
+      - name: Python 3 unit tests
+        run: PYTHONPATH=. pytest-3
+      - name: Python 3 integration tests
+        run: PYTHONPATH=. python3 ./tests/integration_tests.py
+
+  fedora-38:
+    name: Fedora 38
+    runs-on: ubuntu-latest
+    container: fedora:38
+    steps:
+      - run: |
+          dnf -y install \
+            python3 \
+            python3-pytest \
+            python3-pyyaml
+      - uses: actions/checkout@v2
+      - name: Python 3 unit tests
+        run: PYTHONPATH=. pytest-3
+      - name: Python 3 integration tests
+        run: PYTHONPATH=. python3 ./tests/integration_tests.py
+
+  ubuntu-2204:
+    name: Ubuntu 22.04
+    runs-on: ubuntu-latest
+    container: ubuntu:22.04
+    steps:
+      - run: apt update
+      - run: |
+          apt -y install \
+            python3-pytest \
+            python3-yaml
+      - uses: actions/checkout@v1
+      - name: Python 3 unit tests
+        run: PYTHONPATH=. pytest-3
+      - name: Python 3 integration tests
+        run: PYTHONPATH=. python3 ./tests/integration_tests.py
+
+  ubuntu-2004:
+    name: Ubuntu 20.04
+    runs-on: ubuntu-latest
+    container: ubuntu:20.04
+    steps:
+      - run: apt update
+      - run: |
+          apt -y install \
+            python-pytest \
+            python-yaml \
+            python3-pytest \
+            python3-yaml
+      - uses: actions/checkout@v1
+
+      - name: Python 2 unit tests
+        run: PYTHONPATH=. pytest
+      - name: Python 2 integration tests
+        run: PYTHONPATH=. python2 ./tests/integration_tests.py
+
+      - name: Python 3 unit tests
+        run: PYTHONPATH=. pytest-3
+      - name: Python 3 integration tests
+        run: PYTHONPATH=. python3 ./tests/integration_tests.py
+
+  ubuntu-1804:
+    name: Ubuntu 18.04
+    runs-on: ubuntu-latest
+    container: ubuntu:18.04
+    steps:
+      - run: apt update
+      - run: |
+          apt -y install \
+            python-pytest \
+            python-yaml \
+            python3-pytest \
+            python3-yaml
+      - uses: actions/checkout@v1
+
+      - name: Python 2 unit tests
+        run: PYTHONPATH=. pytest
+      - name: Python 2 integration tests
+        run: PYTHONPATH=. python2 ./tests/integration_tests.py
+
+      - name: Python 3 unit tests
+        run: PYTHONPATH=. pytest-3
+      - name: Python 3 integration tests
+        run: PYTHONPATH=. python3 ./tests/integration_tests.py
+
+  debian-12:
+    name: Debian 12
+    runs-on: ubuntu-latest
+    container: debian:12
+    steps:
+      - run: apt update
+      - run: |
+          apt -y install \
+            python3-pytest \
+            python3-yaml
+      - uses: actions/checkout@v1
+
+      - name: Python 3 unit tests
+        run: PYTHONPATH=. pytest-3
+      - name: Python 3 integration tests
+        run: PYTHONPATH=. python3 ./tests/integration_tests.py
+
+  debian-11:
+    name: Debian 11
+    runs-on: ubuntu-latest
+    container: debian:11
+    steps:
+      - run: apt update
+      - run: |
+          apt -y install \
+            python3-pytest \
+            python3-yaml
+      - uses: actions/checkout@v1
+
+      - name: Python 3 unit tests
+        run: PYTHONPATH=. pytest-3
+      - name: Python 3 integration tests
+        run: PYTHONPATH=. python3 ./tests/integration_tests.py
+
+  debian-10:
+    name: Debian 10
+    runs-on: ubuntu-latest
+    container: debian:10
+    steps:
+      - run: apt update
+      - run: |
+          apt -y install \
+            python-pytest \
+            python-yaml \
+            python3-pytest \
+            python3-yaml
+      - uses: actions/checkout@v1
+
+      - name: Python 2 unit tests
+        run: PYTHONPATH=. pytest
+      - name: Python 2 integration tests
+        run: PYTHONPATH=. python2 ./tests/integration_tests.py
+
+      - name: Python 3 unit tests
+        run: PYTHONPATH=. pytest-3
+      - name: Python 3 integration tests
+        run: PYTHONPATH=. python3 ./tests/integration_tests.py
+
+  macos-latest:
+    name: MacOS Latest
+    runs-on: macos-latest
+    steps:
+      - run: brew install python
+      - run: pip3 install PyYAML
+      - run: pip3 install pytest
+      - uses: actions/checkout@v1
+      - run: PYTHONPATH=. python3 -m pytest
+      - run: PYTHONPATH=. python3 ./tests/integration_tests.py