Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Make ModSecurity CRS repositories easier to manage
See original GitHub issue_Issue originally created by user soufianebenali on date 2019-10-17 15:11:02. Link to original issue: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1600._
As discussed by csanders-git and bittner on Slack, and related to #1346 and #1420, we’re proposing to simplify the repository structure and branching model of all repositories related to ModSecurity CRS.
In a nutshell, we propose to:
- flatten the branches in the first 2 repos above into a single branch,
- placing the content of the branches in folders in that main branch, and
- move the maintenance of the owasp/modsecurity-crs Docker image to a dedicated repository.
We also think it’s worth to align the naming/wording with other popular free software projects and common best practices.
1. Refactor owasp-modsecurity-crs
Planned tasks:
- Create a new folder
testsin the root folder - Move
util/regression-tests/->tests/regression/, andutil/integration/->tests/integration - Rename folder
documentation/todocs/ - Create folder
examples/and movecrs-setup.conf.example->examples/crs-setup.conf - Inside the
rules/folder create a folder for every version of rules, e.g.rules/v3.1/,rules/v3.2/,rules/v3.3/ - Switch from branch-based versioning to folder-based versioning, on a single main branch (e.g.
master)
2. Refactor modsecurity-docker
Planned tasks:
- Switch from branch-based versioning to folder-based versioning, on a single main branch (e.g.
master) - Clean up Dockerfile implementations for all supported combinations of ModSecurity and Apache/Nginx versions (inherit from existing, stable images as much as makes sense)
- Automate building images for all supported combinations of ModSecurity and Apache/Nginx versions
3. Refactor modsecurity-crs-docker
Planned tasks:
- Move the Docker setup from owasp-modsecurity-crs to the new
modsecurity-crs-dockerrepository - Automate building images for all supported CRS versions on the various flavors of the
modsecurity-dockerimages
Final comments
In essence, this is a flattening of the branching model, moving from a version-based branching to a trunk-based branching where the various versions (and technology combinations) are in subdirectories of the repository. The resulting repository structure should make it easier to overview and manage the code base.
A simple example of how this could look like may be appuio/container-oc. Please take a look at the structure and how we try to make updates easy by fully scripting the adaptions across all supported versions.
Please, let us know your thoughts! When we agree on this approach we would attempt doing the refactoring in a very short time frame, so the disruption is minimal and we can avoid any kind of “transition phase”.
Issue Analytics
- State:
- Created 3 years ago
- Comments:23
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
User soufianebenali commented on date 2019-10-22 11:56:50:
Hi all,
I can join the Meetup in Bern Wednesday next week.
Thank you and see you there.
User bittner commented on date 2019-10-22 07:55:15:
Absolutely!
We are verifying who of us will be able to attend the Meetup. (I already have an appointment for that evening, unfortunately.)