apparmor.d/.github/workflows/main.yml

59 lines
1.7 KiB
YAML
Raw Normal View History

name: Ubuntu
on: [push, pull_request, workflow_dispatch]
jobs:
build:
2024-05-08 21:10:17 +02:00
runs-on: ${{ matrix.os }}
strategy:
matrix:
2024-05-08 21:10:17 +02:00
os:
- ubuntu-24.04
2024-05-08 21:10:17 +02:00
- ubuntu-22.04
mode:
- default
2024-01-25 22:18:09 +01:00
- full-system-policy
steps:
- name: Check out repository code
2024-02-27 21:44:07 +01:00
uses: actions/checkout@v4
- name: Install Build dependencies
run: |
sudo apt-get update -q
sudo apt-get install -y \
devscripts debhelper config-package-dev \
2023-01-27 23:07:19 +01:00
auditd apparmor-profiles apparmor-utils
sudo rm /etc/apparmor.d/usr.lib.snapd.snap-confine.real
- name: Build the apparmor.d package
run: |
if [[ ${{ matrix.mode }} == full-system-policy ]]; then
echo -e "\noverride_dh_auto_build:\n\tmake full" >> debian/rules
fi
VERSION="0.$(git rev-list --count HEAD)-1"
dch --newversion="$VERSION" --urgency=medium --distribution=stable --controlmaint "Release $VERSION"
dpkg-buildpackage -b -d --no-sign
- name: Install apparmor.d
run: sudo dpkg --install ../apparmor.d_*_amd64.deb || true
- name: Reload AppArmor
run: |
sudo systemctl restart apparmor.service || true
sudo systemctl status apparmor.service
2023-09-03 21:19:53 +02:00
- name: Ensure compatibility with some AppArmor userspace tools
2024-10-06 18:44:46 +02:00
run: |
if [[ ${{ matrix.os }} != ubuntu-24.04 ]]; then
sudo aa-enforce /etc/apparmor.d/aa-notify
fi
2023-09-03 21:19:53 +02:00
- name: Show AppArmor log and rules
run: |
sudo aa-log
sudo aa-log -s
2023-09-03 21:19:53 +02:00
sudo aa-log -r
2022-10-01 19:39:20 +02:00
- name: Show Number of loaded profile
run: sudo aa-status --profiled