ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-01-28 15:13:54 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

changed continue-on-error to if: always() for system_test.yml

Browse Source
This commit is contained in:
iadgovuser26 iadgovuser26@empire.eclipse.ncsc.mil 2024-07-22 15:44:41 -04:00
parent 8a3478c19e
commit c81320993a
3 changed files with 31 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
.ci/system-tests/sys_test_common.sh
View File

@ -95,17 +95,20 @@ provisionTpm2() {
if [[ $provisionOutput == *"failed"* ]]; then if [[ $provisionOutput == *"failed"* ]]; then
if [[ $expected_result == "pass" ]]; then if [[ $expected_result == "pass" ]]; then
((failedTests++)) ((failedTests++))
echo "!!! Provisioning failed, but was expected to pass" echo "!!! Provisioning failed, but was expected to pass."
else else
echo "Provisioning failed as expected." echo "Provisioning failed as expected."
fi fi
else # provisioning succeeded elif [[ $provisionOutput == *"Provisioning successful"* ]];
if [[ $expected_result == "fail" ]]; then if [[ $expected_result == "fail" ]]; then
((failedTests++)) ((failedTests++))
echo "!!! Provisioning passed, but was expected to fail" echo "!!! Provisioning passed, but was expected to fail."
else else
echo "Provisioning passed as expected." echo "Provisioning passed as expected."
fi fi
else
((failedTests++))
echo "Provisioning failed. Provisioner provided an unexpected output."
fi fi
} }

6
.ci/system-tests/tests/rim_system_tests.sh
View File

@ -3,7 +3,7 @@
# HIRS Reference Integrity Manifest System Tests # HIRS Reference Integrity Manifest System Tests
# #
######################################################################################### #########################################################################################
source ./.ci/system-tests/sys_test_common.sh
testResult=false testResult=false
totalTests=0; totalTests=0;
failedTests=0; failedTests=0;
@ -14,6 +14,8 @@ case $1 in
3) test="3" ;; 3) test="3" ;;
esac esac
source ./.ci/system-tests/sys_test_common.sh
# Start ACA Reference Integrity Manifest Tests # Start ACA Reference Integrity Manifest Tests
# provisionTpm2 takes 1 parameter (the expected result): "pass" or "fail" # provisionTpm2 takes 1 parameter (the expected result): "pass" or "fail"
# Note that the aca_policy_tests have already run several RIM system tests # Note that the aca_policy_tests have already run several RIM system tests
@ -51,9 +53,9 @@ fi
# Process Test Results, any single failure will send back a failed result. # Process Test Results, any single failure will send back a failed result.
if [[ $failedTests != 0 ]]; then if [[ $failedTests != 0 ]]; then
export TEST_STATUS=1
echo "**** $failedTests out of $totalTests ACA RIM Tests Failed! ****" echo "**** $failedTests out of $totalTests ACA RIM Tests Failed! ****"
exit 1 exit 1
else else
echo "**** $totalTests ACA RIM Tests Passed! ****" echo "**** $totalTests ACA RIM Tests Passed! ****"
exit 0
fi fi

50
.github/workflows/system_test.yml vendored
View File

@ -30,52 +30,52 @@ jobs:
echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin
.ci/system-tests/setup_system_tests.sh ${GITHUB_REF#refs/heads/} .ci/system-tests/setup_system_tests.sh ${GITHUB_REF#refs/heads/}
- name: ACA POLICY TEST 1 - Test ACA default policy - name: ACA POLICY TEST 1 - Test ACA default policy
continue-on-error: true if: always()
shell: bash shell: bash
run: | run: |
.ci/system-tests/tests/aca_policy_tests.sh 1 .ci/system-tests/tests/aca_policy_tests.sh 1
- name: ACA POLICY TEST 2 - Test EK cert Only Validation Policy without a EK Issuer Cert in the trust store - name: ACA POLICY TEST 2 - Test EK cert Only Validation Policy without a EK Issuer Cert in the trust store
continue-on-error: true if: always()
shell: bash shell: bash
run: | run: |
.ci/system-tests/tests/aca_policy_tests.sh 2 .ci/system-tests/tests/aca_policy_tests.sh 2
- name: ACA POLICY TEST 3 - Test EK Only Validation Policy - name: ACA POLICY TEST 3 - Test EK Only Validation Policy
continue-on-error: true if: always()
shell: bash shell: bash
run: | run: |
.ci/system-tests/tests/aca_policy_tests.sh 3 .ci/system-tests/tests/aca_policy_tests.sh 3
- name: ACA POLICY TEST 4 - Test PC Validation Policy with no PC - name: ACA POLICY TEST 4 - Test PC Validation Policy with no PC
continue-on-error: true if: always()
shell: bash shell: bash
run: | run: |
.ci/system-tests/tests/aca_policy_tests.sh 4 .ci/system-tests/tests/aca_policy_tests.sh 4
- name: ACA POLICY TEST 5 - Test FW and PC Validation Policy with no PC - name: ACA POLICY TEST 5 - Test FW and PC Validation Policy with no PC
continue-on-error: true if: always()
shell: bash shell: bash
run: | run: |
.ci/system-tests/tests/aca_policy_tests.sh 5 .ci/system-tests/tests/aca_policy_tests.sh 5
- name: ACA POLICY TEST 6 - Test PC Validation Policy with valid PC with no Attribute Check - name: ACA POLICY TEST 6 - Test PC Validation Policy with valid PC with no Attribute Check
continue-on-error: true if: always()
shell: bash shell: bash
run: | run: |
.ci/system-tests/tests/aca_policy_tests.sh 6 .ci/system-tests/tests/aca_policy_tests.sh 6
- name: ACA POLICY TEST 7 - Test PC Validation Policy with valid PC with Attribute Check - name: ACA POLICY TEST 7 - Test PC Validation Policy with valid PC with Attribute Check
continue-on-error: true if: always()
shell: bash shell: bash
run: | run: |
.ci/system-tests/tests/aca_policy_tests.sh 7 .ci/system-tests/tests/aca_policy_tests.sh 7
- name: ACA POLICY TEST 8 - Test PC with RIM Validation Policy with valid PC and RIM - name: ACA POLICY TEST 8 - Test PC with RIM Validation Policy with valid PC and RIM
continue-on-error: true if: always()
shell: bash shell: bash
run: | run: |
.ci/system-tests/tests/aca_policy_tests.sh 8 .ci/system-tests/tests/aca_policy_tests.sh 8
- name: ACA POLICY TEST 9 - Test valid PC and RIM with PC only uploaded - name: ACA POLICY TEST 9 - Test valid PC and RIM with PC only uploaded
continue-on-error: true if: always()
shell: bash shell: bash
run: | run: |
.ci/system-tests/tests/aca_policy_tests.sh 9 .ci/system-tests/tests/aca_policy_tests.sh 9
- name: ACA POLICY TEST 10 - Test valid PC and RIM with RIM only uploaded - name: ACA POLICY TEST 10 - Test valid PC and RIM with RIM only uploaded
continue-on-error: true cif: always()
shell: bash shell: bash
run: | run: |
.ci/system-tests/tests/aca_policy_tests.sh 10 .ci/system-tests/tests/aca_policy_tests.sh 10
@ -85,17 +85,17 @@ jobs:
# run: | # run: |
# .ci/system-tests/tests/aca_policy_tests.sh # .ci/system-tests/tests/aca_policy_tests.sh
- name: ACA PLATFORM CERTIFICATE TEST 1 - Test a delta Platform Certificate that adds a new memory component - name: ACA PLATFORM CERTIFICATE TEST 1 - Test a delta Platform Certificate that adds a new memory component
continue-on-error: true if: always()
shell: bash shell: bash
run: | run: |
.ci/system-tests/tests/platform_cert_tests.sh 1 .ci/system-tests/tests/platform_cert_tests.sh 1
- name: ACA PLATFORM CERTIFICATE TEST 2 - Test a Platform Certificate that is missing a memory component - name: ACA PLATFORM CERTIFICATE TEST 2 - Test a Platform Certificate that is missing a memory component
continue-on-error: true if: always()
shell: bash shell: bash
run: | run: |
.ci/system-tests/tests/platform_cert_tests.sh 2 .ci/system-tests/tests/platform_cert_tests.sh 2
- name: ACA PLATFORM CERTIFICATE TEST 3 - Test a Delta Platform Certificate that has a wrong a memory component - name: ACA PLATFORM CERTIFICATE TEST 3 - Test a Delta Platform Certificate that has a wrong a memory component
continue-on-error: true if: always()
shell: bash shell: bash
run: | run: |
.ci/system-tests/tests/platform_cert_tests.sh 3 .ci/system-tests/tests/platform_cert_tests.sh 3
@ -105,17 +105,17 @@ jobs:
# run: | # run: |
# .ci/system-tests/tests/platform_cert_tests.sh # .ci/system-tests/tests/platform_cert_tests.sh
- name: ACA RIM TEST 1 - Test a RIM from an OEM and a Supplemental RIM from a VAR - name: ACA RIM TEST 1 - Test a RIM from an OEM and a Supplemental RIM from a VAR
continue-on-error: true if: always()
shell: bash shell: bash
run: | run: |
.ci/system-tests/tests/rim_system_tests.sh 1 .ci/system-tests/tests/rim_system_tests.sh 1
- name: ACA RIM TEST 2 - Test a RIM from an OEM with a bad reference measurement and a Supplemental RIM from a VAR - name: ACA RIM TEST 2 - Test a RIM from an OEM with a bad reference measurement and a Supplemental RIM from a VAR
continue-on-error: true if: always()
shell: bash shell: bash
run: | run: |
.ci/system-tests/tests/rim_system_tests.sh 2 .ci/system-tests/tests/rim_system_tests.sh 2
- name: ACA RIM TEST 3 - Test a RIM from an OEM and a Supplemental RIM from a VAR with a bad reference measurement - name: ACA RIM TEST 3 - Test a RIM from an OEM and a Supplemental RIM from a VAR with a bad reference measurement
continue-on-error: true if: always()
shell: bash shell: bash
run: | run: |
.ci/system-tests/tests/rim_system_tests.sh 3 .ci/system-tests/tests/rim_system_tests.sh 3
@ -137,26 +137,10 @@ jobs:
run: | run: |
echo "*** Exiting and removing Docker containers and network ..." echo "*** Exiting and removing Docker containers and network ..."
docker compose -f .ci/docker/docker-compose-system-test.yml down -v docker compose -f .ci/docker/docker-compose-system-test.yml down -v
if [[ ${TEST_STATUS} == "0" ]]; then
echo "******** SUCCESS: System Tests for TPM 2.0 passed ********"
echo "TEST_STATUS=0" >> $GITHUB_ENV
exit 0;
else
echo "******** FAILURE: System Tests for TPM 2.0 failed ********"
echo "TEST_STATUS=1" >> $GITHUB_ENV
exit 1
fi
- name: Archive System Test Log files - name: Archive System Test Log files
uses: actions/upload-artifact@v4 uses: actions/upload-artifact@v4
with: with:
name: System_Test_Log_Files name: System_Test_Log_Files
path: logs/ path: logs/
if-no-files-found: ignore if-no-files-found: ignore
- name: Check System Test results
if: success() || failure()
run: |
if [ ${TEST_STATUS} == "0" ]; then
exit 0;
else
exit 1;
fi