# .woodpecker.yml
-pipeline:
+steps:
installation-test:
image: python:3
pull: true
- pwd
- ls -la
- python --version
- - echo "Install package via pip..."
- - pip --verbose install --no-cache-dir git+https://github.com/a13xp0p0v/kconfig-hardened-check
+ - echo "Install the package via pip..."
+ - pip --verbose install --no-cache-dir git+https://github.com/a13xp0p0v/kernel-hardening-checker
- echo "Run the installed tool..."
- - which kconfig-hardened-check
- - kconfig-hardened-check
+ - which kernel-hardening-checker
+ - kernel-hardening-checker
+ - echo "Check all configs with the installed tool..."
+ - sysctl -a > /tmp/sysctls
+ - CONFIG_DIR=`find /usr/local/lib/ -name config_files`
+ - KCONFIGS=`find $CONFIG_DIR -type f | grep -e "\.config" -e "\.gz"`
+ - COUNT=0
+ - for C in $KCONFIGS; do COUNT=$(expr $COUNT + 1); echo ">>>>> checking kconfig number $COUNT <<<<<"; kernel-hardening-checker -c $C -l /proc/cmdline -s /tmp/sysctls; done
+ - echo "Have checked $COUNT kconfigs"
+ functional-test-with-coverage:
+ image: python:3
+ pull: true
+ commands:
+ - echo "Install the coverage tool..."
+ - python --version
+ - pip install --no-cache-dir coverage
+ - echo "Run the functional tests and collect the coverage..."
+ - sh .github/workflows/functional_test.sh
+ - echo "Show the coverage report..."
+ - coverage report
projects / kconfig-hardened-check.git / blobdiff