mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-14 23:43:56 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

test(integration): update the test suite.

Browse Source
This commit is contained in:
Alexandre Pujol 2023-09-30 18:15:55 +01:00
parent 0068c1b9a3
commit 2cc7627879
No known key found for this signature in database
GPG Key ID: C5469996F0DF68EC
3 changed files with 55 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
pkg/integration/scenario.go
View File

@ -12,19 +12,25 @@
package integration package integration
import ( import (
"os" "bytes"
"fmt"
"io"
"os/exec" "os/exec"
"strings" "strings"
"github.com/arduino/go-paths-helper" "github.com/arduino/go-paths-helper"
"github.com/roddhjav/apparmor.d/pkg/logging" "github.com/roddhjav/apparmor.d/pkg/logging"
"golang.org/x/exp/slices" )
var (
Ignore []string // Do not run some scenarios
Arguments map[string]string // Common arguments used across all scenarios
Profiles paths.PathList // List of profiles in apparmor.d
) )
// Test represents of a list of tests for a given program // Test represents of a list of tests for a given program
type Test struct { type Test struct {
Name string `yaml:"name"` Name string `yaml:"name"`
Profiled bool `yaml:"profiled"` // The program is profiled in apparmor.d
Root bool `yaml:"root"` // Run the test as user or as root Root bool `yaml:"root"` // Run the test as user or as root
Dependencies []string `yaml:"require"` // Packages required for the tests to run "$(pacman -Qqo Scenario.Name)" Dependencies []string `yaml:"require"` // Packages required for the tests to run "$(pacman -Qqo Scenario.Name)"
Arguments map[string]string `yaml:"arguments"` // Arguments to pass to the program, specific to this scenario Arguments map[string]string `yaml:"arguments"` // Arguments to pass to the program, specific to this scenario
@ -41,7 +47,6 @@ type Command struct {
func NewTest() *Test { func NewTest() *Test {
return &Test{ return &Test{
Name: "", Name: "",
Profiled: false,
Root: false, Root: false,
Dependencies: []string{}, Dependencies: []string{},
Arguments: map[string]string{}, Arguments: map[string]string{},
@ -50,8 +55,8 @@ func NewTest() *Test {
} }
// HasProfile returns true if the program in the scenario is profiled in apparmor.d // HasProfile returns true if the program in the scenario is profiled in apparmor.d
func (t *Test) hasProfile(profiles paths.PathList) bool { func (t *Test) HasProfile() bool {
for _, path := range profiles { for _, path := range Profiles {
if t.Name == path.Base() { if t.Name == path.Base() {
return true return true
} }
@ -59,7 +64,8 @@ func (t *Test) hasProfile(profiles paths.PathList) bool {
return false return false
} }
func (t *Test) installed() bool { // IsInstalled returns true if the program in the scenario is installed on the system
func (t *Test) IsInstalled() bool {
if _, err := exec.LookPath(t.Name); err != nil { if _, err := exec.LookPath(t.Name); err != nil {
return false return false
} }
@ -77,6 +83,9 @@ func (t *Test) resolve(in string) string {
// mergeArguments merge the arguments of the scenario with the global arguments // mergeArguments merge the arguments of the scenario with the global arguments
// Test arguments have priority over global arguments // Test arguments have priority over global arguments
func (t *Test) mergeArguments(args map[string]string) { func (t *Test) mergeArguments(args map[string]string) {
if len(t.Arguments) == 0 {
t.Arguments = map[string]string{}
}
for key, value := range args { for key, value := range args {
t.Arguments[key] = value t.Arguments[key] = value
} }
@ -85,10 +94,7 @@ func (t *Test) mergeArguments(args map[string]string) {
// Run the scenarios tests // Run the scenarios tests
func (t *Test) Run(dryRun bool) (ran int, nb int, err error) { func (t *Test) Run(dryRun bool) (ran int, nb int, err error) {
nb = 0 nb = 0
if t.Profiled && t.installed() { if t.HasProfile() && t.IsInstalled() {
if slices.Contains(Ignore, t.Name) {
return 0, nb, err
}
logging.Step("%s", t.Name) logging.Step("%s", t.Name)
t.mergeArguments(Arguments) t.mergeArguments(Arguments)
for _, test := range t.Commands { for _, test := range t.Commands {
@ -100,7 +106,6 @@ func (t *Test) Run(dryRun bool) (ran int, nb int, err error) {
} else { } else {
cmdErr := t.run(cmd, strings.Join(test.Stdin, "\n")) cmdErr := t.run(cmd, strings.Join(test.Stdin, "\n"))
if cmdErr != nil { if cmdErr != nil {
// TODO: log the error
logging.Error("%v", cmdErr) logging.Error("%v", cmdErr)
} else { } else {
logging.Success(cmd) logging.Success(cmd)
@ -114,6 +119,8 @@ func (t *Test) Run(dryRun bool) (ran int, nb int, err error) {
} }
func (t *Test) run(cmdline string, in string) error { func (t *Test) run(cmdline string, in string) error {
var testErr bytes.Buffer
// Running the command in a shell ensure it does not run confined under the sudo profile. // Running the command in a shell ensure it does not run confined under the sudo profile.
// The shell is run unconfined and therefore the cmdline can be confined without no-new-privs issue. // The shell is run unconfined and therefore the cmdline can be confined without no-new-privs issue.
sufix := " &" // TODO: we need a goroutine here sufix := " &" // TODO: we need a goroutine here
@ -121,8 +128,15 @@ func (t *Test) run(cmdline string, in string) error {
if t.Root { if t.Root {
cmd = exec.Command("sudo", "sh", "-c", cmdline+sufix) cmd = exec.Command("sudo", "sh", "-c", cmdline+sufix)
} }
stderr := io.MultiWriter(Stderr, &testErr)
cmd.Stdin = strings.NewReader(in) cmd.Stdin = strings.NewReader(in)
cmd.Stdout = os.Stdout cmd.Stdout = Stdout
cmd.Stderr = os.Stderr cmd.Stderr = stderr
return cmd.Run() err := cmd.Run()
if testErr.Len() > 0 {
return fmt.Errorf("%s", testErr.String())
}
return err
}
} }

28
pkg/integration/suite.go
View File

@ -5,12 +5,25 @@
package integration package integration
import ( import (
"os"
"github.com/arduino/go-paths-helper" "github.com/arduino/go-paths-helper"
"github.com/roddhjav/apparmor.d/pkg/logs" "github.com/roddhjav/apparmor.d/pkg/logs"
"github.com/roddhjav/apparmor.d/pkg/util" "github.com/roddhjav/apparmor.d/pkg/util"
"gopkg.in/yaml.v2" "gopkg.in/yaml.v2"
) )
var (
// Integration tests standard output
Stdout *os.File
// Integration tests standard error output
Stderr *os.File
stdoutPath = paths.New("tests/out.log")
stderrPath = paths.New("tests/err.log")
)
// TestSuite is the apparmod.d integration tests to run // TestSuite is the apparmod.d integration tests to run
type TestSuite struct { type TestSuite struct {
Tests []Test // List of tests to run Tests []Test // List of tests to run
@ -20,6 +33,15 @@ type TestSuite struct {
// NewScenarios returns a new list of scenarios // NewScenarios returns a new list of scenarios
func NewTestSuite() *TestSuite { func NewTestSuite() *TestSuite {
var err error
Stdout, err = stdoutPath.Create()
if err != nil {
panic(err)
}
Stderr, err = stderrPath.Create()
if err != nil {
panic(err)
}
return &TestSuite{ return &TestSuite{
Tests: []Test{}, Tests: []Test{},
Ignore: []string{}, Ignore: []string{},
@ -56,8 +78,8 @@ func (t *TestSuite) Write(path *paths.Path) error {
return err return err
} }
// ReadScenarios import the scenarios from a file // ReadTests import the tests from a file
func (t *TestSuite) ReadScenarios(path *paths.Path) error { func (t *TestSuite) ReadTests(path *paths.Path) error {
content, _ := path.ReadFile() content, _ := path.ReadFile()
return yaml.Unmarshal(content, &t.Tests) return yaml.Unmarshal(content, &t.Tests)
} }
@ -65,7 +87,7 @@ func (t *TestSuite) ReadScenarios(path *paths.Path) error {
// ReadSettings import the common argument and ignore list from a file // ReadSettings import the common argument and ignore list from a file
func (t *TestSuite) ReadSettings(path *paths.Path) error { func (t *TestSuite) ReadSettings(path *paths.Path) error {
type temp struct { type temp struct {
Arguments map[string]string `yaml:"args"` Arguments map[string]string `yaml:"arguments"`
Ignore []string `yaml:"ignore"` Ignore []string `yaml:"ignore"`
} }
tmp := temp{} tmp := temp{}

9
pkg/integration/tldr.go
View File

@ -14,11 +14,6 @@ import (
"github.com/roddhjav/apparmor.d/pkg/util" "github.com/roddhjav/apparmor.d/pkg/util"
) )
var (
Ignore []string // Do not run some scenarios
Arguments map[string]string // Common arguments used across all scenarios
)
type Tldr struct { type Tldr struct {
Url string // Tldr download url Url string // Tldr download url
Dir *paths.Path // Tldr cache directory Dir *paths.Path // Tldr cache directory
@ -58,7 +53,7 @@ func (t Tldr) Download() error {
} }
// Parse the tldr pages and return a list of scenarios // Parse the tldr pages and return a list of scenarios
func (t Tldr) Parse(profiles paths.PathList) (*TestSuite, error) { func (t Tldr) Parse() (*TestSuite, error) {
testSuite := NewTestSuite() testSuite := NewTestSuite()
files, _ := t.Dir.ReadDirRecursiveFiltered(nil, paths.FilterOutDirectories()) files, _ := t.Dir.ReadDirRecursiveFiltered(nil, paths.FilterOutDirectories())
for _, path := range files { for _, path := range files {
@ -69,12 +64,10 @@ func (t Tldr) Parse(profiles paths.PathList) (*TestSuite, error) {
raw := string(content) raw := string(content)
t := &Test{ t := &Test{
Name: strings.TrimSuffix(path.Base(), ".md"), Name: strings.TrimSuffix(path.Base(), ".md"),
Profiled: false,
Root: false, Root: false,
Arguments: map[string]string{}, Arguments: map[string]string{},
Commands: []Command{}, Commands: []Command{},
} }
t.Profiled = t.hasProfile(profiles)
if strings.Contains(raw, "sudo") { if strings.Contains(raw, "sudo") {
t.Root = true t.Root = true
} }