X-Git-Url: https://jxself.org/git/?a=blobdiff_plain;f=.woodpecker%2Ffunctional_test.yml;h=17272f5fc4e86d8a23424cc677b0472ce3c6c3a7;hb=0adb72a5972d39a1797630cb262a8494b9ba863b;hp=a41068e50e7587af50f79b2862d006dd4f289a42;hpb=2136dcfadd96f386bc8432c963065e274b382853;p=kconfig-hardened-check.git diff --git a/.woodpecker/functional_test.yml b/.woodpecker/functional_test.yml index a41068e..17272f5 100644 --- a/.woodpecker/functional_test.yml +++ b/.woodpecker/functional_test.yml @@ -1,5 +1,5 @@ # .woodpecker.yml -pipeline: +steps: installation-test: image: python:3 pull: true @@ -10,16 +10,17 @@ pipeline: - ls -la - python --version - echo "Install the package via pip..." - - pip --verbose install --no-cache-dir git+https://github.com/a13xp0p0v/kconfig-hardened-check + - pip --verbose install --no-cache-dir git+https://github.com/a13xp0p0v/kernel-hardening-checker - echo "Run the installed tool..." - - which kconfig-hardened-check - - kconfig-hardened-check + - which kernel-hardening-checker + - kernel-hardening-checker - echo "Check all configs with the installed tool..." + - sysctl -a > /tmp/sysctls - CONFIG_DIR=`find /usr/local/lib/ -name config_files` - KCONFIGS=`find $CONFIG_DIR -type f | grep -e "\.config" -e "\.gz"` - COUNT=0 - - for C in $KCONFIGS; do COUNT=$(expr $COUNT + 1); echo ">>>>> checking kconfig number $COUNT <<<<<"; kconfig-hardened-check -c $C -l /proc/cmdline; done - - echo ">>>>> have checked $COUNT kconfigs <<<<<" + - for C in $KCONFIGS; do COUNT=$(expr $COUNT + 1); echo ">>>>> checking kconfig number $COUNT <<<<<"; kernel-hardening-checker -c $C -l /proc/cmdline -s /tmp/sysctls; done + - echo "Have checked $COUNT kconfigs" functional-test-with-coverage: image: python:3 pull: true @@ -29,4 +30,5 @@ pipeline: - pip install --no-cache-dir coverage - echo "Run the functional tests and collect the coverage..." - sh .github/workflows/functional_test.sh + - echo "Show the coverage report..." - coverage report