projects / kconfig-hardened-check.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge remote-tracking branch 'origin/pylint'
[kconfig-hardened-check.git] / .woodpecker / functional_test.yml
diff --git a/.woodpecker/functional_test.yml b/.woodpecker/functional_test.yml
index ebd631ac6a0bc7f317ade3ca062794e670d17541..6eab6a51c58dedfd46c56df4db34588fa3cb2808 100644 (file)
--- a/.woodpecker/functional_test.yml
+++ b/.woodpecker/functional_test.yml
@@ -1,5 +1,5 @@
 # .woodpecker.yml
-pipeline:
+steps:
   installation-test:
     image: python:3
     pull: true
@@ -10,13 +10,42 @@ pipeline:
       - ls -la
       - python --version
       - echo "Install the package via pip..."
-      - pip --verbose install --no-cache-dir git+https://github.com/a13xp0p0v/kconfig-hardened-check
+      - pip --verbose install --no-cache-dir git+https://github.com/a13xp0p0v/kernel-hardening-checker
       - echo "Run the installed tool..."
-      - which kconfig-hardened-check
-      - kconfig-hardened-check
+      - which kernel-hardening-checker
+      - kernel-hardening-checker
       - echo "Check all configs with the installed tool..."
+      - sysctl -a > /tmp/sysctls
       - CONFIG_DIR=`find /usr/local/lib/ -name config_files`
-      - KCONFIGS=`find $CONFIG_DIR -type f | grep "\.config"`
+      - KCONFIGS=`find $CONFIG_DIR -type f | grep -e "\.config" -e "\.gz"`
       - COUNT=0
-      - for C in $KCONFIGS; do COUNT=$(expr $COUNT + 1); echo ">>>>> checking kconfig number $COUNT <<<<<"; kconfig-hardened-check -c $C -l /proc/cmdline; done
-      - echo ">>>>> have checked $COUNT kconfigs <<<<<"
+      - for C in $KCONFIGS; do COUNT=$(expr $COUNT + 1); echo ">>>>> checking kconfig number $COUNT <<<<<"; kernel-hardening-checker -c $C -l /proc/cmdline -s /tmp/sysctls; done
+      - echo "Have checked $COUNT kconfigs"
+  static-typing-checking:
+    image: python:3
+    pull: true
+    commands:
+      - echo "Install the mypy tool..."
+      - python --version
+      - pip install --no-cache-dir mypy
+      - mypy kernel_hardening_checker/ --show-error-context --pretty --no-incremental --check-untyped-defs --disallow-untyped-defs --strict-equality
+  pylint-checking:
+    image: python:3
+    pull: true
+    commands:
+      - echo "Install the pylint tool..."
+      - python --version
+      - pip install --no-cache-dir pylint
+      - pip install --no-cache-dir setuptools
+      - pylint --recursive=y kernel_hardening_checker setup.py
+  functional-test-with-coverage:
+    image: python:3
+    pull: true
+    commands:
+      - echo "Install the coverage tool..."
+      - python --version
+      - pip install --no-cache-dir coverage
+      - echo "Run the functional tests and collect the coverage..."
+      - sh .github/workflows/functional_test.sh
+      - echo "Show the coverage report..."
+      - coverage report
kconfig-hardened-check