#!/usr/bin/env bats # End-to-end integration tests for complete workflows # Add bats library to BATS_LIB_PATH export BATS_LIB_PATH="/usr/lib/bats-core" load 'bats-support/load' load 'bats-assert/load' load 'bats-file/load' load '../test_helper/common.bash' setup() { export TEST_ROOT="${TEST_TEMP_DIR}/integration" mkdir -p "${TEST_ROOT}" } @test "E2E: All shell scripts are executable" { local scripts=( "run.sh" "test-iso.sh" "src/security-hardening.sh" "src/firewall-setup.sh" "src/build-iso.sh" "src/run.sh" "src/run-new.sh" "config/hooks/installed/encryption-setup.sh" "config/hooks/installed/encryption-validation.sh" "config/hooks/installed/install-scripts.sh" "config/hooks/installed/disable-package-management.sh" "config/hooks/live/desktop-environment.sh" "config/hooks/live/firewall-setup.sh" "config/hooks/live/qr-code-import.sh" "config/hooks/live/security-hardening.sh" "config/hooks/live/usb-automount.sh" ) for script in "${scripts[@]}"; do local script_path="${PROJECT_ROOT}/${script}" assert_file_exists "$script_path" assert [ -x "$script_path" ] done } @test "E2E: All shell scripts are valid bash syntax" { local scripts=( "run.sh" "test-iso.sh" "src/security-hardening.sh" "src/firewall-setup.sh" "src/build-iso.sh" "src/run.sh" "src/run-new.sh" "config/hooks/installed/encryption-setup.sh" "config/hooks/installed/encryption-validation.sh" "config/hooks/installed/install-scripts.sh" "config/hooks/installed/disable-package-management.sh" "config/hooks/live/desktop-environment.sh" "config/hooks/live/firewall-setup.sh" "config/hooks/live/qr-code-import.sh" "config/hooks/live/security-hardening.sh" "config/hooks/live/usb-automount.sh" ) for script in "${scripts[@]}"; do local script_path="${PROJECT_ROOT}/${script}" run bash -n "$script_path" assert_success "Script $script has syntax errors" done } @test "E2E: Dockerfile contains all required packages" { assert_file_contains "${PROJECT_ROOT}/Dockerfile" "live-build" assert_file_contains "${PROJECT_ROOT}/Dockerfile" "debootstrap" assert_file_contains "${PROJECT_ROOT}/Dockerfile" "squashfs-tools" assert_file_contains "${PROJECT_ROOT}/Dockerfile" "xorriso" assert_file_contains "${PROJECT_ROOT}/Dockerfile" "bats" assert_file_contains "${PROJECT_ROOT}/Dockerfile" "shellcheck" assert_file_contains "${PROJECT_ROOT}/Dockerfile" "nftables" } @test "E2E: Preseed configuration contains mandatory encryption settings" { assert_file_contains "${PROJECT_ROOT}/config/preseed.cfg" "crypto" assert_file_contains "${PROJECT_ROOT}/config/preseed.cfg" "LUKS" assert_file_contains "${PROJECT_ROOT}/config/preseed.cfg" "AES" } @test "E2E: Package list includes all required packages" { local pkg_list="${PROJECT_ROOT}/config/package-lists/knel-football.list.chroot" assert_file_contains "$pkg_list" "icewm" assert_file_contains "$pkg_list" "lightdm" assert_file_contains "$pkg_list" "wireguard" assert_file_contains "$pkg_list" "nftables" assert_file_contains "$pkg_list" "cryptsetup" assert_file_contains "$pkg_list" "libpam-pwquality" } @test "E2E: Security hardening script enforces password complexity" { source "${PROJECT_ROOT}/src/security-hardening.sh" local test_output="${TEST_ROOT}/pwquality.conf" configure_password_policy "$test_output" assert_file_contains "$test_output" "minlen = 14" assert_file_contains "$test_output" "enforcing = 1" } @test "E2E: Firewall setup blocks inbound by default" { source "${PROJECT_ROOT}/src/firewall-setup.sh" local test_output="${TEST_ROOT}/firewall.rules" configure_nftables "$test_output" assert_file_contains "$test_output" "policy input drop" } @test "E2E: Encryption setup hook creates key management scripts" { source "${PROJECT_ROOT}/config/hooks/installed/encryption-setup.sh" local script_dir="${TEST_ROOT}/bin" mkdir -p "$script_dir" create_check_encryption_script "$script_dir/check-encryption.sh" create_manage_keys_script "$script_dir/manage-encryption-keys.sh" assert_file_exists "$script_dir/check-encryption.sh" assert_file_exists "$script_dir/manage-encryption-keys.sh" } @test "E2E: All documentation files exist and are readable" { local docs=( "README.md" "AGENTS.md" "PRD.md" "RESUME.md" "JOURNAL.md" "QUICK_START.md" "BUILD-COMPLETE.md" "BUILD-SUMMARY.md" "VERIFICATION-REPORT.md" ) for doc in "${docs[@]}"; do local doc_path="${PROJECT_ROOT}/${doc}" assert_file_exists "$doc_path" run cat "$doc_path" assert_success "Documentation file $doc is not readable" done } @test "E2E: Test suite directory structure is complete" { assert [ -d "${PROJECT_ROOT}/tests/unit" ] assert [ -d "${PROJECT_ROOT}/tests/integration" ] assert [ -d "${PROJECT_ROOT}/tests/security" ] assert [ -d "${PROJECT_ROOT}/tests/test_helper" ] # Test helper files exist assert_file_exists "${PROJECT_ROOT}/tests/test_helper/common.bash" } @test "E2E: .gitignore excludes build artifacts" { assert_file_contains "${PROJECT_ROOT}/.gitignore" "*.iso" assert_file_contains "${PROJECT_ROOT}/.gitignore" "*.sha256" assert_file_contains "${PROJECT_ROOT}/.gitignore" "*.md5" assert_file_contains "${PROJECT_ROOT}/.gitignore" "output/" } @test "E2E: Output directory structure is correct" { assert [ -d "${PROJECT_ROOT}/output" ] || mkdir -p "${PROJECT_ROOT}/output" assert [ -d "${PROJECT_ROOT}/output" ] } @test "E2E: Config directory structure is complete" { assert [ -d "${PROJECT_ROOT}/config" ] assert [ -d "${PROJECT_ROOT}/config/hooks/live" ] assert [ -d "${PROJECT_ROOT}/config/hooks/installed" ] assert [ -d "${PROJECT_ROOT}/config/package-lists" ] # Key config files exist assert_file_exists "${PROJECT_ROOT}/config/preseed.cfg" assert_file_exists "${PROJECT_ROOT}/config/package-lists/knel-football.list.chroot" }