-
Notifications
You must be signed in to change notification settings - Fork 19
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
2d3ca69
commit 3406dc7
Showing
4 changed files
with
139 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| summary: | ||
| Upgrade test used for CUT testing | ||
|
|
||
| provision: | ||
| - name: keylime | ||
| role: keylime | ||
| - name: agent | ||
| role: agent | ||
|
|
||
| discover: | ||
| - name: agent_setup | ||
| how: fmf | ||
| where: | ||
| - agent | ||
| test: | ||
| - /setup/configure_tpm_emulator | ||
| - /setup/configure_kernel_ima_module/ima_policy_signing | ||
| - name: attestation_test | ||
| how: fmf | ||
| test: | ||
| #- /setup/enable_keylime_debug_messages | ||
| - /Multihost/upgrade/basic-attestation/all | ||
|
|
||
| execute: | ||
| how: tmt | ||
|
|
||
| adjust+: | ||
| - when: target_PR_branch is defined and target_PR_branch != rhel-10-main | ||
| enabled: false | ||
| because: we want to run this plan only for PRs targeting the main branch | ||
|
|
||
| - when: multihost is not defined or multihost != yes | ||
| enabled: false | ||
| because: we want to run this plan only in the multihost pipeline |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| summary: | ||
| Multihost test used by Packit/TFT CI on Github to test against distribution keylime | ||
|
|
||
| environment+: | ||
| TPM_BINARY_MEASUREMENTS: /var/tmp/binary_bios_measurements | ||
|
|
||
| provision: | ||
| - name: verifier | ||
| role: verifier | ||
| - name: registrar | ||
| role: registrar | ||
| - name: agent | ||
| role: agent | ||
|
|
||
| discover: | ||
| - name: agent_setup | ||
| how: fmf | ||
| where: | ||
| - agent | ||
| test: | ||
| - /setup/configure_tpm_emulator | ||
| - /setup/configure_kernel_ima_module/ima_policy_signing | ||
| - name: multihost_test | ||
| how: fmf | ||
| test: | ||
| #- /setup/enable_keylime_debug_messages | ||
| - /Multihost/basic-attestation | ||
|
|
||
| execute: | ||
| how: tmt | ||
|
|
||
| adjust+: | ||
| - when: target_PR_branch is defined and target_PR_branch != rhel-10-main | ||
| enabled: false | ||
| because: we want to run this plan only for PRs targeting the main branch | ||
|
|
||
| - when: multihost is not defined or multihost != yes | ||
| enabled: false | ||
| because: we want to run this plan only in the multihost pipeline |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| summary: | ||
| Container tests from the rhel-10-main branch | ||
|
|
||
| context: | ||
| swtpm: yes | ||
| agent: rust | ||
| faked_measured_boot_log: no | ||
|
|
||
| adjust+: | ||
| - when: target_PR_branch is defined and target_PR_branch != rhel-10-main | ||
| enabled: false | ||
| because: we want to run this plan only for PRs targeting the main branch | ||
|
|
||
| environment: | ||
| AGENT_DOCKERFILE: Dockerfile.agent | ||
| VERIFIER_DOCKERFILE: Dockerfile.verifier | ||
| REGISTRAR_DOCKERFILE: Dockerfile.registrar | ||
| TENANT_DOCKERFILE: Dockerfile.tenant | ||
|
|
||
| discover: | ||
| how: fmf | ||
| test: | ||
| - /setup/apply_workarounds | ||
| # need two TPM devices | ||
| - /setup/configure_swtpm_device | ||
| - /setup/configure_swtpm_device | ||
| # change IMA policy to simple and run one attestation scenario | ||
| # this is to utilize also a different parser | ||
| - /setup/configure_kernel_ima_module/ima_policy_simple | ||
| - /functional/basic-attestation-on-localhost | ||
| - "/container/.*" | ||
|
|
||
| execute: | ||
| how: tmt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| summary: Run tests from the rhel-10-main branch on the distribution keylime | ||
|
|
||
| # unfortunately, filtering using adjust doesn't work for plan for context defined | ||
| # in the very same plan. We need to update packit.yaml | ||
| context: | ||
| swtpm: yes | ||
| agent: rust | ||
| faked_measured_boot_log: no | ||
|
|
||
| adjust+: | ||
| - when: target_PR_branch is defined and target_PR_branch != rhel-10-main | ||
| enabled: false | ||
| because: we want to run this plan only for PRs targeting the rhel branch | ||
|
|
||
| discover: | ||
| how: fmf | ||
| test: | ||
| - /setup/apply_workarounds | ||
| - /setup/configure_tpm_emulator | ||
| # change IMA policy to simple and run one attestation scenario | ||
| # this is to utilize also a different parser | ||
| - /setup/configure_kernel_ima_module/ima_policy_simple | ||
| #- /setup/enable_keylime_debug_messages | ||
| - "^/functional/basic-attestation-on-localhost" | ||
| # now change IMA policy to signing and run all tests | ||
| - /setup/configure_kernel_ima_module/ima_policy_signing | ||
| #- /setup/inject_SELinux_AVC_check | ||
| - "^/functional/.*" | ||
| - "^/regression/.*" | ||
|
|
||
| execute: | ||
| how: tmt |