# .woodpecker.yml
-pipeline:
- hello-step:
+steps:
+ installation-test:
image: python:3
+ pull: true
commands:
- - echo "Hello, this is the functional test"
- build:
- image: python:3
- commands:
- - echo "Building..."
+ - echo "Prepare for the installation..."
+ - cd ..
+ - pwd
+ - ls -la
- python --version
- a-test-step:
+ - echo "Install the package via pip..."
+ - pip --verbose install --no-cache-dir git+https://github.com/a13xp0p0v/kernel-hardening-checker
+ - echo "Run the installed tool..."
+ - which kernel-hardening-checker
+ - kernel-hardening-checker
+ - echo "Check all configs with the installed tool..."
+ - sysctl -a > /tmp/sysctls
+ - CONFIG_DIR=`find /usr/local/lib/ -name config_files`
+ - KCONFIGS=`find $CONFIG_DIR -type f | grep -e "\.config" -e "\.gz"`
+ - COUNT=0
+ - for C in $KCONFIGS; do COUNT=$(expr $COUNT + 1); echo ">>>>> checking kconfig number $COUNT <<<<<"; kernel-hardening-checker -c $C -l /proc/cmdline -s /tmp/sysctls; done
+ - echo "Have checked $COUNT kconfigs"
+ functional-test-with-coverage:
image: python:3
+ pull: true
commands:
- - echo "Testing..."
- - ./bin/kconfig-hardened-check
+ - echo "Install the coverage tool..."
+ - python --version
+ - pip install --no-cache-dir coverage
+ - echo "Run the functional tests and collect the coverage..."
+ - sh .github/workflows/functional_test.sh
+ - echo "Show the coverage report..."
+ - coverage report
projects / kconfig-hardened-check.git / blobdiff