As noted in #65, when I was making the last round of fixes in the build system, I unsuccessfully tried to get things working on the macos-11 Actions runner. This PR now covers that.
My failed attempts were all with the Python 3.10 which is the default on the macos-11 runner. Seeing that the the macos-10.15 runner has been using Python 3.9 and that's worked all this time, here I took a shot at forcing the use of Python 3.9 on the macos-11 runner and sure enough that did the trick. The only other changes were just to some library versions referenced in /usr/local/Cellar, and to address those I re-used an existing pattern that fills in the versions dynamically, so that should cover us well for possible future builds.
Just to archive my hacking experience Python 3.10, I suspect that the problems are related to the deprecation of Python distutils. The problems I kept having were all during the use of the setup.py to install suricata-update. For instance, it got installed into the wrong directory despite the use of a --prefix parameter, which seemed to be now ignored whereas it was obeyed previously. As I tried to look at Python docs to further debug, the heading on every page effectively kept telling me "don't use this tooling anymore", hence my reason for taking the Python 3.9 shortcut. After the fact I also found https://redmine.openinfosecfoundation.org/issues/5313 and https://github.com/OISF/suricata-update/commit/4920cf317c75160a62b6ce667da8132bf2a3db76 that seem to indicate the Suricata people are starting to address things in this area, but it's surely not a good investment in our time to try to backport. I'd guess that if we one day want to improve our security dependencies we could invest in someone's time to re-port our Suricata and Zeek to current releases and knock out this class of issues all at once.
In addition to my own successful smoke test, here's successful Actions CI runs for both Brimcap and Brim that use a draft Suricata artifact from this branch.
As noted in #65, when I was making the last round of fixes in the build system, I unsuccessfully tried to get things working on the
macos-11Actions runner. This PR now covers that.My failed attempts were all with the Python 3.10 which is the default on the
macos-11runner. Seeing that the themacos-10.15runner has been using Python 3.9 and that's worked all this time, here I took a shot at forcing the use of Python 3.9 on themacos-11runner and sure enough that did the trick. The only other changes were just to some library versions referenced in/usr/local/Cellar, and to address those I re-used an existing pattern that fills in the versions dynamically, so that should cover us well for possible future builds.Just to archive my hacking experience Python 3.10, I suspect that the problems are related to the deprecation of Python distutils. The problems I kept having were all during the use of the
setup.pyto installsuricata-update. For instance, it got installed into the wrong directory despite the use of a--prefixparameter, which seemed to be now ignored whereas it was obeyed previously. As I tried to look at Python docs to further debug, the heading on every page effectively kept telling me "don't use this tooling anymore", hence my reason for taking the Python 3.9 shortcut. After the fact I also found https://redmine.openinfosecfoundation.org/issues/5313 and https://github.com/OISF/suricata-update/commit/4920cf317c75160a62b6ce667da8132bf2a3db76 that seem to indicate the Suricata people are starting to address things in this area, but it's surely not a good investment in our time to try to backport. I'd guess that if we one day want to improve our security dependencies we could invest in someone's time to re-port our Suricata and Zeek to current releases and knock out this class of issues all at once.In addition to my own successful smoke test, here's successful Actions CI runs for both Brimcap and Brim that use a draft Suricata artifact from this branch.