apparmor.d/docs/development/integration.md

149 lines
3.9 KiB
Markdown
Raw Normal View History

2023-04-16 23:38:20 +02:00
---
title: Integration Tests
---
!!! danger "Work in Progress"
The purpose of integration testing in apparmor.d is to ensure the profiles are not going to break programs found in Linux distributions and Desktop Environment that we support.
2023-04-16 23:38:20 +02:00
**Workflow**
1. Create a testing VM
2023-04-16 23:38:20 +02:00
2. Start the VM, do some dev
3. Run the integration tests against the testing VM
2023-04-16 23:38:20 +02:00
4. Ensure no new logs have been raised
## Test Virtual Machines
2023-05-07 21:55:13 +02:00
The test VMs are built using [`cloud-init`][cloud-init] (when available), [`packer`][packer], and [`vagrant`][vagrant] on Qemu/KVM using Libvirt. No other hypervisor will be targeted for these tests. The files that generate these images can be found in the **[tests/packer](https://github.com/roddhjav/apparmor.d/tree/main/tests/packer)** directory.
2023-04-16 23:38:20 +02:00
[cloud-init]: https://cloud-init.io/
[packer]: https://www.packer.io/
[vagrant]: https://www.vagrantup.com/
### Requirements
2023-04-16 23:38:20 +02:00
* docker
* [packer]
* [vagrant]
* vagrant plugin install vagrant-libvirt
2023-04-16 23:38:20 +02:00
!!! note
You may need to edit some settings to fit your setup:
2023-04-16 23:38:20 +02:00
- The libvirt configuration in `tests/Vagrantfile`
- The default ssh key and ISO directory in `tests/packer/variables.pkr.hcl`
### Build
2023-04-16 23:38:20 +02:00
**Build an image**
To build a VM image for development purpose, run the following from the `tests` directory:
| Distribution | Flavor | Build command | VM name |
|:------------:|:------:|:-------------:|:-------:|
| Arch Linux | Gnome | `make archlinux flavor=gnome` | `arch-gnome` |
| Arch Linux | KDE | `make archlinux flavor=kde` | `arch-kde` |
2023-05-07 21:55:13 +02:00
| Debian | Server | `make debian flavor=server` | `debian-server` |
2024-06-08 03:48:52 +02:00
| openSUSE | KDE | `make opensuse flavor=kde` | `opensuse-kde` |
2023-04-16 23:38:20 +02:00
| Ubuntu | Server | `make ubuntu flavor=server` | `ubuntu-server` |
| Ubuntu | Desktop | `make ubuntu falvor=desktop` | `ubuntu-desktop` |
**VM management**
The development workflow is done through vagrant:
* Star a VM: `vagran up <name>`
* Shutdown a VM: `vagrant halt <name>`
* Reboot a VM: `vagrant reload <name>`
The available VM `name` is defined in the `tests/boxes.yml` file
2023-04-16 23:38:20 +02:00
### Develop
**Credentials**
The admin user is: `user`, its password is: `user`. It has passwordless sudo access. Automatic login is **not** enabled on DE. The root user is not locked.
**Directories**
All the images come pre-configured with the latest version of `apparmor.d` installed and running in the VM. apparmor.d is mounted as `/home/user/Projects/apparmor.d`
2023-04-16 23:38:20 +02:00
**Usage**
2024-10-02 02:08:06 +02:00
On all images, `aa-update` can be used to rebuild and install the latest version of the profiles. `p`, `pf`, and `pu` are two pre-configured aliases of `ps` that show the security status of processes. `htop` is also configured to show this status.
2023-05-07 21:55:13 +02:00
## Tests
!!! warning
2023-09-19 20:48:02 +02:00
The test suite is expected to be run in a [VM](#test-virtual-machines)
2023-05-07 21:55:13 +02:00
### Getting started
2023-09-19 20:48:02 +02:00
Prepare the test environment:
2023-05-07 21:55:13 +02:00
```sh
2023-09-19 20:48:02 +02:00
cd tests
make <dist> falvor=<flavor>
AA_INTEGRATION=true vagrant up <name>
2023-05-07 21:55:13 +02:00
```
2023-09-19 20:48:02 +02:00
Run the integration tests on the test VM:
```sh
make integration box=<dist> IP=<ip>
```
### Create integration tests
**Test suite usage**
2023-05-07 21:55:13 +02:00
Initialise the tests with:
```sh
./aa-test --bootstrap
```
List the tests scenarios to be run
2023-05-07 21:55:13 +02:00
```sh
./aa-test --list
```
Start the tests and collect the results
```sh
./aa-test --run
```
2023-09-19 20:48:02 +02:00
**Tests manifest**
2023-05-07 21:55:13 +02:00
2024-10-02 02:08:06 +02:00
A basic set of test is generated on initialization. More tests can be manually written in yaml file. They must have the following structure:
2023-05-07 21:55:13 +02:00
```yaml
- name: acpi
profiled: true
root: false
require: []
arguments: {}
tests:
- dsc: Show battery information
cmd: acpi
stdin: []
- dsc: Show thermal information
cmd: acpi -t
stdin: []
- dsc: Show cooling device information
cmd: acpi -c
stdin: []
- dsc: Show thermal information in Fahrenheit
cmd: acpi -tf
stdin: []
- dsc: Show all information
cmd: acpi -V
stdin: []
- dsc: Extract information from `/proc` instead of `/sys`
cmd: acpi -p
stdin: []
```