tpm2-tools/ci.fmf

37 lines
1.0 KiB
Plaintext
Raw Normal View History

/keylime-e2e-tests-with-python-agent:
summary: run selected keylime e2e tests using Python keylime_agent
context:
swtpm: yes
agent: python
prepare:
- how: shell
script:
- dnf config-manager --set-enabled updates-testing
- systemctl disable --now dnf-makecache.service || true
- systemctl disable --now dnf-makecache.timer || true
discover:
how: fmf
url: https://github.com/RedHat-SP-Security/keylime-tests
ref: "@.tmt/dynamic_ref.fmf"
test:
- /setup/configure_tpm_emulator
- /setup/configure_kernel_ima_module/ima_policy_signing
- /setup/inject_SELinux_AVC_check
- /functional/basic-attestation-on-localhost
- /functional/measured-boot-swtpm-sanity
- /functional/ek-cert-use-ek_check_script
- /functional/ek-cert-use-ek_handle-custom-ca_certs
execute:
how: tmt
adjust:
- when: distro == fedora-rawhide
environment:
AVC_CHECK_AUSEARCH_PARAMS: "-se keylime"
because: "On Rawhide we ignore SELinux AVCs not related to keylime"