Docker QA for Suricata Development

prscript with docker support

PRSCript is a script that run a series of builds and tests on a given branch. It was reserved to some developers so they can check on OISF buildbot the quality of their work before submission.

It is now possible to use the prscript locally via Docker. Installation had been made simple so you should just have a few commands to run before being ready.

The buildbot will run various builds and run suricata on some pcaps to check against possible crash.


You need to have docker and python-docker installed on your system. Optionally you can install pynotify on your system to get desktop notification capability. On recent debian based distribution you can use:

sudo apt-get install docker python-docker python-notify

On Ubuntu:
sudo apt-get install docker python-docker python-notify

Create the container

This operation has only to be done once. From the root of
Suricata sources, run:

sudo qa/ -C

It will take some times as the download is several hundred Mo. The result will
be a docker container named 'suri-buildbot'.

Start and use the buildbot

When you need to use the buildbot, you can start it from the command line:

sudo qa/ -s

You can check it is running via:

sudo docker ps

And you can connect to the buildbot web interface via http://localhost:8010

Once the buildbot is active, you can then start a build:

qa/ -d -l YOUR_BRANCH

This will start a build of the local branch YOUR_BRANCH without doing any
external check. So it does not require connectivity to be run.

To get warned of the result of the builds via a desktop notification:

qa/ -d -l YOUR_BRANCH -n

Stop the buildbot

When you don't need the buildbot anymore, you can stop it from the command line:

sudo qa/ -S

Advanced usage

Connect via ssh

The docker instance can be accessed via SSH using the admin account (password being 'admin' too).
To get the port to use for ssh run the following command to get the port to use:

$ sudo docker port suri-buildbot
22/tcp ->
8010/tcp ->

and then connect:
ssh admin@localhost -p 49156

Customize your builder

Buildbot will make suricata read all the pcap files available in qa/docker/pcaps/. So you can use this directory to add your own test pcaps.

You can change the buildbot configuration by editing the file qa/docker/buildbot.cfg. Then stop and start the docker container to get the new version running.

For instance if you are introducing a new library in Suricata, you may have to install the library in the docker instance, then edit the buildbot.cfg to add the flag to the configure command to activate the feature.