2023-01-10 10:02:22 +00:00
|
|
|
/keylime-e2e-tests-with-python-agent:
|
|
|
|
|
|
|
|
summary: run selected keylime e2e tests using Python keylime_agent
|
|
|
|
|
|
|
|
context:
|
|
|
|
swtpm: yes
|
|
|
|
agent: python
|
|
|
|
|
|
|
|
prepare:
|
|
|
|
- how: shell
|
|
|
|
script:
|
2023-09-27 14:50:19 +00:00
|
|
|
- dnf config-manager --set-enabled updates-testing
|
2023-01-10 10:02:22 +00:00
|
|
|
- systemctl disable --now dnf-makecache.service || true
|
|
|
|
- systemctl disable --now dnf-makecache.timer || true
|
|
|
|
|
|
|
|
discover:
|
|
|
|
how: fmf
|
|
|
|
url: https://github.com/RedHat-SP-Security/keylime-tests
|
|
|
|
ref: "@.tmt/dynamic_ref.fmf"
|
|
|
|
test:
|
|
|
|
- /setup/configure_tpm_emulator
|
|
|
|
- /setup/configure_kernel_ima_module/ima_policy_signing
|
|
|
|
- /setup/inject_SELinux_AVC_check
|
|
|
|
- /functional/basic-attestation-on-localhost
|
|
|
|
- /functional/measured-boot-swtpm-sanity
|
|
|
|
- /functional/ek-cert-use-ek_check_script
|
|
|
|
- /functional/ek-cert-use-ek_handle-custom-ca_certs
|
|
|
|
|
|
|
|
execute:
|
|
|
|
how: tmt
|
|
|
|
|
|
|
|
adjust:
|
|
|
|
- when: distro == fedora-rawhide
|
|
|
|
environment:
|
|
|
|
AVC_CHECK_AUSEARCH_PARAMS: "-se keylime"
|
|
|
|
because: "On Rawhide we ignore SELinux AVCs not related to keylime"
|