2023-03-09 07:06:39 +00:00
|
|
|
# define context to filter out all test requiring TPM device
|
|
|
|
context:
|
2023-08-17 08:29:41 +00:00
|
|
|
swtpm: yes
|
|
|
|
agent: rust
|
2023-03-09 07:06:39 +00:00
|
|
|
|
|
|
|
execute:
|
|
|
|
how: tmt
|
2023-08-17 08:29:41 +00:00
|
|
|
|
|
|
|
/functional:
|
|
|
|
summary: run keylime e2e tests
|
|
|
|
|
|
|
|
discover:
|
|
|
|
how: fmf
|
|
|
|
url: https://github.com/RedHat-SP-Security/keylime-tests
|
|
|
|
ref: "@.tmt/dynamic_ref.fmf"
|
|
|
|
test:
|
|
|
|
- /setup/configure_tpm_emulator
|
|
|
|
- /setup/inject_SELinux_AVC_check
|
|
|
|
# change IMA policy to simple and run one attestation scenario
|
|
|
|
# this is to utilize also a different parser
|
|
|
|
- /setup/configure_kernel_ima_module/ima_policy_simple
|
|
|
|
- /functional/basic-attestation-on-localhost
|
|
|
|
# now change IMA policy to signing and run all tests
|
|
|
|
- /setup/configure_kernel_ima_module/ima_policy_signing
|
|
|
|
- "^/functional/.*"
|
|
|
|
- "^/compatibility/.*"
|
|
|
|
|
|
|
|
/package-update:
|
|
|
|
summary: package update scenario
|
|
|
|
|
|
|
|
prepare:
|
|
|
|
- how: shell
|
|
|
|
order: 90
|
|
|
|
script:
|
|
|
|
# remove installed (tested) keylime and any leftovers
|
|
|
|
- dnf -y remove '*keylime*'
|
|
|
|
- rm -rf /var/lib/keylime /etc/keylime
|
|
|
|
# install older keylime
|
|
|
|
- dnf -y install keylime --disablerepo test-artifacts
|
|
|
|
|
|
|
|
discover:
|
|
|
|
|
|
|
|
- name: Update_scenario_setup
|
|
|
|
how: fmf
|
|
|
|
url: https://github.com/RedHat-SP-Security/keylime-tests
|
|
|
|
ref: "@.tmt/dynamic_ref.fmf"
|
|
|
|
test:
|
|
|
|
- /setup/configure_tpm_emulator
|
|
|
|
- /setup/inject_SELinux_AVC_check
|
|
|
|
- /setup/enable_keylime_debug_messages
|
|
|
|
- /setup/configure_kernel_ima_module/ima_policy_signing
|
|
|
|
# do the actual keylime test setup
|
|
|
|
- /update/basic-attestation-on-localhost/setup
|
|
|
|
|
|
|
|
- name: Update_keylime_package
|
|
|
|
how: shell
|
|
|
|
tests:
|
|
|
|
- name: keylime_update
|
|
|
|
test: dnf -y update '*keylime*'
|
|
|
|
duration: 2m
|
2023-08-22 15:10:56 +00:00
|
|
|
- name: rpmverify
|
|
|
|
test: 'rpmverify $(rpm -qa | grep keylime)'
|
|
|
|
duration: 2m
|
2023-08-17 08:29:41 +00:00
|
|
|
|
|
|
|
- name: Test_scenario_post-update
|
|
|
|
how: fmf
|
|
|
|
url: https://github.com/RedHat-SP-Security/keylime-tests
|
|
|
|
ref: "@.tmt/dynamic_ref.fmf"
|
|
|
|
test:
|
|
|
|
# run the post-update test scenario
|
|
|
|
- /update/basic-attestation-on-localhost/test
|